[Issue 17927] [scope] `scope inout` parameter value can be escaped via return

d-bugmail at puremagic.com d-bugmail at puremagic.com
Thu Aug 16 18:29:16 UTC 2018


https://issues.dlang.org/show_bug.cgi?id=17927

Atila Neves <atila.neves at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |atila.neves at gmail.com

--- Comment #11 from Atila Neves <atila.neves at gmail.com> ---
I don't understand how it's possible that making it `inout` is correct
inference. This allows for code that looks @safe but isn't. This really
shouldn't compile:

@safe:

const(int)* gInt;

void main() {
    auto s = Struct();
    gInt = s.ptr;  // ARGH!
}

struct Struct {

    int* ints;

    this(int size) {
        import core.stdc.stdlib;
        ints = () @trusted { return cast(int*) malloc(size); }();
    }

    ~this() {
        import core.stdc.stdlib;
        () @trusted { free(ints); }();
    }

    scope inout(int)* ptr() inout {
        return ints;
    }
}



And yet it does. I guess I'll have to define 3 methods for mutable, const and
immutable if I want to not crash.

--


More information about the Digitalmars-d-bugs mailing list