www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 16266] New: safe functions may dereference


          Issue ID: 16266
           Summary:  safe functions may dereference non-dereferenceable
           Product: D
           Version: D2
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P1
         Component: dmd
          Assignee: nobody puremagic.com
          Reporter: andrei erdani.com


int foo(int *iPtr) {
    return *iPtr;

int bar(int[] iSlice) {
    return foo(iSlice.ptr);

 safe int[] baz(int[] a) {
    return bar(a[$ .. $]; 

Calling baz with any array will end up passing a non-dereferenceable pointer to
foo. This corner case needs to be addressed. There are a few possibilities:

1. Simply disallow taking .ptr for any array in  safe code.

2. Insert a runtime check whenever array.ptr is passed into a  safe function
(array must be non-empty). 

3. Require flow, for example this could be made legal:

int bar(int[] iSlice) {
    return iSlice.empty ? 42 : foo(iSlice.ptr);

Probably (2) would be the best all things considered.

Jul 11 2016