• d-bugmail puremagic.com (33/33) Jan 27 2022 https://issues.dlang.org/show_bug.cgi?id=22709

d-bugmail puremagic.com writes:

https://issues.dlang.org/show_bug.cgi?id=22709

          Issue ID: 22709
           Summary: [dip1000] slice of static array can be escaped in
                     safe using ref arguments
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: major
          Priority: P1
         Component: dmd
          Assignee: nobody puremagic.com
          Reporter: Ajieskola gmail.com

This compiles both with and without -dip1000:

------
 safe:

void escape(ref ubyte[] arr, ref ubyte[64] local)
{ arr = local;
}

ubyte[] getArr()
{ ubyte[64] blob;
  ubyte[] arr;
  escape(arr, blob);
  return arr; // Use this at your peril.
}
------

I believe the compiler should figure out with -dip1000 that:

1: Non-return ref "local" in "escape" is being assigned to another ref
variable, so an error should result.

2: Even if "escape" was correctly annotated, "arr" in "getArr" is scope and
thus cannot be returned.

--