Opened 4 years ago
Closed 4 years ago
#189 closed defect (fixed)
Reference and pointer types allow unsound initialization
| Reported by: | mlbrooks | Owned by: | |
|---|---|---|---|
| Priority: | major | Component: | cfa-cc |
| Version: | 1.0 | Keywords: | |
| Cc: |
Description (last modified by )
This code implies a reinterpret pointer cast. But the code does not do a cast.
int main() {
float x = 3.14;
float & xx = x;
int & yy = xx; // not sound
int y = yy;
printf("%d\n", y);
}
Expected: Compiler error at "not sound" line, saying cannot initialize int & from float &.
Actual: Compiler success; program prints 1078523331 which is the decimal value of 0x4048f5c3, which is the IEEE 754 representation of 3.14.
Note that this unsoundness also happens at function return.
This allows for:
forall (dtype T, dtype S)
T & anycvt( S & s ) {
return s; // not sound
}
int main() {
float x = 3.14;
int y = anycvt(x);
printf("%d\n", y);
}
Expected: Compiler error at "not sound" line, saying cannot initialize T & from S &.
Actual: Compiler success; program prints 1078523331.
This behaviour also occurs with pointers. Furthermore, this example is trimmed such that it can run with -n (no prelude).
struct A {};
struct B {};
void f() {
A * ap;
B * bp = ap; // not sound
}
Expected: Compiler error at "not sound" line, saying cannot initialize B* from A*.
Actual: cfa-cpp -n -P astexpr -P ascodegen produces output in which the "unsound" line is B *_X2bpPS1B_2 = ((B *)_X2apPS1A_2);.
Change History (2)
comment:1 Changed 4 years ago by
| Description: | modified (diff) |
|---|---|
| Summary: | Reference types allow unsound assignment → Reference and pointer types allow unsound initialization |
comment:2 Changed 4 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
