Improve this page Quickly fork, edit online, and submit a pull request for this page. Requires a signed-in GitHub account. This works well for small changes. If you'd like to make larger changes you may want to consider using local clone. Page wiki View or edit the community-maintained wiki page associated with this page.

Memory-Safe-D-Spec

Memory Safety for a program is defined as it being impossible for the program to corrupt memory. Therefore, the Safe D consists only of programming language features that are guaranteed to never result in memory corruption.

Safe D is enabled on a per-module basis by compiling with the -safe compiler switch.

Proscribed Forms

Inline assembler.
Casting away const or immutable attributes.
Casting away shared attributes.
Casting from one pointer type to another pointer type, except for:
- casting to void* is allowed
- casting from a pointer to an arithmetic type to a pointer to another arithmetic type of the same or smaller size is allowed
Casting from a non-pointer type to a pointer type.

A safe module can import and use the public interface of a system module.

Limitations

Safe D does not imply that code is portable, uses only sound programming practices, is free of byte order dependencies, or other bugs. It is focussed only on eliminating memory corruption possibilities.

D Home

Documentation

Community

Memory-Safe-D-Spec

Proscribed Forms

Limitations