memory safety checks and trust

Sat Apr 11 22:22:59 UTC 2020

On Saturday, 11 April 2020 at 02:57:03 UTC, Walter Bright wrote:
> On 4/10/2020 6:21 PM, Adam D. Ruppe wrote:
>> ```
>> void main() {
>>          int a;
>>          b ~= &a;
>> }
>> 
>> int*[] b;
>> ```
>> 
>> trust.d(3): Error: copying & a into allocated memory escapes a 
>> reference to local variable a
>> 
>> 
>> (Interestingly, `b = [&a]` instead of ~= passes muster. What's 
>> the difference? Just another bug in this?)
>
> You will get the error with -preview=dip1000. Since that will 
> eventually be the default, it's not a bug.
>
> You can get it to pass without error with the following:
>
>   @system int* foo(int* p) { return p; }
>
>   @system void test() {
>         int a;
>         b ~= &a;
>         b ~= [foo(&a)];
>   }
>
>   int*[] b;
>
> The compiler will inline foo(). I highly recommend annotating 
> such code with &system.

FYI, you don't have to put @system. You can save yourself some 
time as @system is the default. This is equivalent:

    int* foo(int* p) { return p; }

    void test() {
          int a;
          b ~= &a;
          b ~= [foo(&a)];
    }

    int*[] b;