[Issue 8838] New: Slicing static arrays should be considered unsafe (@system)
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Wed Oct 17 13:45:54 PDT 2012
http://d.puremagic.com/issues/show_bug.cgi?id=8838
Summary: Slicing static arrays should be considered unsafe
(@system)
Product: D
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: DMD
AssignedTo: nobody at puremagic.com
ReportedBy: jmdavisProg at gmx.com
--- Comment #0 from Jonathan M Davis <jmdavisProg at gmx.com> 2012-10-17 13:45:53 PDT ---
This code compiles just fine
int[] foo() @safe
{
int[5] a;
return a[];
}
void main()
{}
It really shouldn't. What it's doing is _not_ memory safe. And while
implementing issue# 7087 would fix this particular case, it doesn't fix the
problem in general, because all it takes is adding another function to the mix,
and the compiler can't catch it:
int[] foo() @safe
{
int[5] a;
return bar(a);
}
int[] bar(int[] a) @safe
{
return a;
}
void main()
{}
Taking the slice of a static array is really no different from taking the
address of a local variable, and that's already @system, so slicing a static
array should be as well.
Honestly, I wish that static arrays didn't implicitly slice when being passed
to functions taking dynamic arrays precisely because of how dangerous it is,
and the fact that the implicit conversion makes it really easy to miss, but at
least if it were marked @system, then it couldn't happen in @safe code, and it
would be harder to have bugs like in the code above.
--
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
More information about the Digitalmars-d-bugs
mailing list