Bug 18283 – -dip1000 doesn't catch invalid local reference

import std.stdio; void main() @safe { string foo = "foo"; string* ls0; string* p1, p2; ls0 = &foo; p1 = ls0; ls0.destroy(); p2 = ls0; writeln(p2.length); } Compile with `-dip1000` Error: program killed by signal 11 https://run.dlang.io/is/6L6zcH ======================================== Compiling the same example without `-dip1000`, I get: onlineapp.d(9): Error: cannot take address of local foo in @safe function main https://run.dlang.io/is/rHpuf1 Though this could be an issue with `destroy()`. Not sure.

Interestingly, `destroy` is an unsafe operation for classes. import std.stdio; class A { void hello() @safe { writeln("hello"); } } void main() @safe { A a = new A(); a.hello(); destroy(a); // onlineapp.d(12): Error: @safe function 'D main' cannot call // @system function 'object.destroy!(A).destroy' a.hello(); } https://run.dlang.io/is/AwKBc3 But it's not an unsafe operation for pointers import std.stdio; struct A { int i; void print() @safe { writeln(i); } } void main() @safe { A* a = new A(); a.print(); // OK a.destroy(); a.print(); // Error! } https://run.dlang.io/is/Fm7qBR I'm not sure what the language authors' intentions are, so I can't say whether the bug is in SafeD, or in the implementation of `destroy`.

destroy for pointer assigns null to it, it's safe. Dereferencing null pointer is safe too, because it doesn't lead to memory corruption in protected memory environment.