[Issue 24212] New: [DIP1000] Scope pointer can escape via non-scope parameter of pure virtual function
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Mon Oct 30 18:05:37 UTC 2023
https://issues.dlang.org/show_bug.cgi?id=24212
Issue ID: 24212
Summary: [DIP1000] Scope pointer can escape via non-scope
parameter of pure virtual function
Product: D
Version: D2
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P1
Component: dmd
Assignee: nobody at puremagic.com
Reporter: snarwin+bugzilla at gmail.com
As of DMD 2.105.2, the following invalid program compiles and runs without
errors:
---
interface I
{
@safe pure nothrow
void fun(int* p);
}
int* global;
void main() @safe
{
int* escaped;
class Escaper : I
{
@safe pure nothrow
override void fun(int* p)
{
escaped = p;
}
}
int n;
I i = new Escaper;
i.fun(&n);
}
---
This program is invalid because, in @safe code, it assigns the address of the
variable `n` to the variable `escaped`, which has a longer lifetime than `n`.
The expression `I.fun(&n)` should cause a compile-time error, because it
assigns the scope pointer value `&n` to the non-scope parameter `p`.
The compiler allows this because, due to the rules laid out in "Inferred scope
parameters in pure functions" [1], it believes that the parameter of `I.fun`
cannot escape. However, these rules do not account for the possibility that a
nested derived class may escape a non-scope parameter via its nested context.
[1]: https://dlang.org/spec/function.html#pure-scope-inference
--
More information about the Digitalmars-d-bugs
mailing list