Memory safe in D - cppfront/C++
Nick Treleaven
nick at geany.org
Thu Apr 18 19:35:06 UTC 2024
On Tuesday, 16 April 2024 at 18:25:29 UTC, Walter Bright wrote:
> ```
> @safe
> void foo()
> {
> int* p;
> {
> int x;
> p = &x;
> }
> }
> ```
>
> The compiler gives:
>
> test.d(8): Error: address of variable `x` assigned to `p` with
> longer lifetime
-dip1000 is good at detecting possible dangling pointers to scope
data, but it does it when the pointer is assigned. The difference
with the C++ paper is it only tells you *when you try to
dereference* a pointer which may point to data which is now
invalid because the dereference happens in a higher scope. There
are cases where -dip1000 would give a false positive which are
still useful that the paper would allow (e.g. involving loops or
where the pointer is written to later before the dereference,
overwriting the invalid pointer).
Anyway, I was just trying to describe what the C++ paper is
supposed to do. My main point was about D detecting uninitialized
variable use (which is a prerequisite for non-nullable types).
More information about the Digitalmars-d
mailing list