digitalmars.D.bugs - [Issue 24212] New: [DIP1000] Scope pointer can escape via non-scope
- d-bugmail puremagic.com (49/49) Oct 30 2023 https://issues.dlang.org/show_bug.cgi?id=24212
https://issues.dlang.org/show_bug.cgi?id=24212 Issue ID: 24212 Summary: [DIP1000] Scope pointer can escape via non-scope parameter of pure virtual function Product: D Version: D2 Hardware: All OS: All Status: NEW Severity: normal Priority: P1 Component: dmd Assignee: nobody puremagic.com Reporter: snarwin+bugzilla gmail.com As of DMD 2.105.2, the following invalid program compiles and runs without errors: --- interface I { safe pure nothrow void fun(int* p); } int* global; void main() safe { int* escaped; class Escaper : I { safe pure nothrow override void fun(int* p) { escaped = p; } } int n; I i = new Escaper; i.fun(&n); } --- This program is invalid because, in safe code, it assigns the address of the variable `n` to the variable `escaped`, which has a longer lifetime than `n`. The expression `I.fun(&n)` should cause a compile-time error, because it assigns the scope pointer value `&n` to the non-scope parameter `p`. The compiler allows this because, due to the rules laid out in "Inferred scope parameters in pure functions" [1], it believes that the parameter of `I.fun` cannot escape. However, these rules do not account for the possibility that a nested derived class may escape a non-scope parameter via its nested context. [1]: https://dlang.org/spec/function.html#pure-scope-inference --
Oct 30 2023