Summary: Slicing static arrays should be considered unsafe
           Product: D
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: DMD

--- Comment #0 from Jonathan M Davis <> 2012-10-17 13:45:53 
PDT ---
This code compiles just fine

int[] foo() @safe
    int[5] a;
    return a[];

void main()

It really shouldn't. What it's doing is _not_ memory safe. And while
implementing issue# 7087 would fix this particular case, it doesn't fix the
problem in general, because all it takes is adding another function to the mix,
and the compiler can't catch it:

int[] foo() @safe
    int[5] a;
    return bar(a);

int[] bar(int[] a) @safe
    return a;

void main()

Taking the slice of a static array is really no different from taking the
address of a local variable, and that's already @system, so slicing a static
array should be as well.

Honestly, I wish that static arrays didn't implicitly slice when being passed
to functions taking dynamic arrays precisely because of how dangerous it is,
and the fact that the implicit conversion makes it really easy to miss, but at
least if it were marked @system, then it couldn't happen in @safe code, and it
would be harder to have bugs like in the code above.

Configure issuemail:
------- You are receiving this mail because: -------

Reply via email to