http://d.puremagic.com/issues/show_bug.cgi?id=8838

           Summary: Slicing static arrays should be considered unsafe
                    (@system)
           Product: D
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: DMD
        AssignedTo: nob...@puremagic.com
        ReportedBy: jmdavisp...@gmx.com


--- Comment #0 from Jonathan M Davis <jmdavisp...@gmx.com> 2012-10-17 13:45:53 
PDT ---
This code compiles just fine

int[] foo() @safe
{
    int[5] a;
    return a[];
}

void main()
{}

It really shouldn't. What it's doing is _not_ memory safe. And while
implementing issue# 7087 would fix this particular case, it doesn't fix the
problem in general, because all it takes is adding another function to the mix,
and the compiler can't catch it:

int[] foo() @safe
{
    int[5] a;
    return bar(a);
}

int[] bar(int[] a) @safe
{
    return a;
}

void main()
{}

Taking the slice of a static array is really no different from taking the
address of a local variable, and that's already @system, so slicing a static
array should be as well.

Honestly, I wish that static arrays didn't implicitly slice when being passed
to functions taking dynamic arrays precisely because of how dangerous it is,
and the fact that the implicit conversion makes it really easy to miss, but at
least if it were marked @system, then it couldn't happen in @safe code, and it
would be harder to have bugs like in the code above.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------

Reply via email to