← Back to index | Original Bugzilla link

Bug 20505 – [DIP1000] Static array allows to escape references to stack variables

Status: RESOLVED
Resolution: FIXED
Severity: normal
Priority: P1
Component: dmd
Product: D
Version: D2
Platform: All
OS: All
Creation time: 2020-01-15T08:26:31Z
Last change time: 2021-08-27T14:20:15Z
Keywords: accepts-invalid, safe
Assigned to: No Owner
Creator: Mathias LANG
See also: https://issues.dlang.org/show_bug.cgi?id=17764

Comments

Comment #0 by pro.mathias.lang — 2020-01-15T08:26:31Z

For me this is similar to 17764, but the test case is much more simple. ``` import std.stdio; void main () @safe { auto x = bar(); writeln(x); } char[] bar() @safe @nogc { char[128] a; char[][2] arr = [a, a]; return foo(arr); } char[] foo(scope char[][] arr) @safe @nogc { return arr[0]; } ``` Compiled with: path/to/dmd -preview=dip1000 -run foo.d Will print garbage. Tested with v2.090.0 and HEAD (v2.090.0-beta.1-51-g49dfbe54f, commit of 2020-01-08).

Comment #1 by bugzilla — 2020-03-21T07:02:09Z

The problem is the line `foo(arr)` where `scope char[][2] arr` is converted to `scope char[][]`. This conversion should not be allowed, as it loses the scope-ness of the second level of indirection.

Comment #2 by bugzilla — 2020-03-21T07:05:35Z

This is illustrated by the following code: @safe void bar() { char[128] a; char[][2] arr = [a, a]; char[][] a2 = arr; // should be error return a2[0]; // oops }

Comment #3 by pro.mathias.lang — 2020-03-21T08:57:57Z

*** Issue 20691 has been marked as a duplicate of this issue. ***

Comment #4 by bugzilla — 2020-03-22T06:15:38Z

https://github.com/dlang/dmd/pull/10951

Comment #5 by pro.mathias.lang — 2021-02-18T00:55:57Z

*** Issue 21220 has been marked as a duplicate of this issue. ***

Comment #6 by dkorpel — 2021-08-27T14:20:15Z

Fixed by https://github.com/dlang/dmd/pull/10951 which targeted duplicate issue 21220 instead of this one