Issue 24394 - const(ubyte)[] array argument can be returned as string, mislabeling mutable data as immutable
Summary: const(ubyte)[] array argument can be returned as string, mislabeling mutable ...
Status: REOPENED
Alias: None
Product: D
Classification: Unclassified
Component: dmd (show other issues)
Version: D2
Hardware: x86 All
: P1 normal
Assignee: No Owner
URL:
Keywords: safe
Depends on:
Blocks:
 
Reported: 2024-02-14 02:06 UTC by Forest
Modified: 2024-02-24 03:57 UTC (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description Forest 2024-02-14 02:06:12 UTC 
Originally reported in the forum:

https://forum.dlang.org/thread/gkoqjxixfiwftivjkxqp@forum.dlang.org

I'm now reporting it here, since more experienced D users seem to agree it's a bug.
I was surprised to find that this code compiles with no complaints:


@safe:

string test(ubyte[] arr)
{
    import std.string;
    return arr.assumeUTF; // why does this compile?
}

void main()
{
    import std.stdio;
    ubyte[] buf = ['g', 'o', 'o', 'd'];
    string dodgy = buf.test; // this string points to mutable data

    buf[] = ['b', 'a', 'd', '!'];
    writeln(typeof(dodgy).stringof);
    writeln(dodgy);
}
Comment 1 RazvanN 2024-02-14 10:58:25 UTC 
This is fixed in master but the fix is behind a preview switch (-preview=fixImmutableConv).
Comment 2 Forest 2024-02-14 11:49:53 UTC 
The above example does indeed trigger an error with -preview=fixImmutableConv on run.dlang.org. However, changing the test function's argument to const(ubyte)[] slips right past with no complaint.

Shouldn't that be rejected as well?


string test(const(ubyte)[] arr)
{
    import std.string;
    return arr.assumeUTF; // why does this compile?
}