dip1000 and preview in combine to cause extra safety errors
Dukc
ajieskola at gmail.com
Sat Nov 12 19:35:17 UTC 2022
On Wednesday, 8 June 2022 at 14:52:53 UTC, Steven Schveighoffer
wrote:
> ```d
> string foo(in string s)
> {
> return s;
> }
>
> void main()
> {
> import std.stdio;
> string[] result;
> foreach(c; "hello")
> {
> result ~= foo([c]);
> }
> writeln(result);
> }
> ```
>
> With no previews, preview=dip1000, or preview=in, this outputs:
> `["h", "e", "l", "l", "o"]`
>
> With both preview=dip1000 and preview=in, this outputs: `["o",
> "o", "o", "o", "o"]`
>
> What is happening is the compiler is somehow convinced that it
> can allocate the array literal on the stack (and overwrites
> that literal each loop).
>
> I know this isn't `@safe` code, but `@system` code shouldn't be
> made less safe by the preview switches!
>
> I know people write `in` instead of `const` all the time
> *simply because it's shorter*.
>
> Thoughts?
>
> -Steve
Sorry to wake up an old thread, but I have a request. May I use
this as an example of what can go wrong in `@system` code for the
"Memory safety in modern systems programming language" series in
the D blog? And if, is a direct link here okay?
More information about the Digitalmars-d
mailing list