Closed
Description
In checked scopes , we rewrite function types with bounds-safe interfaces to be fully checked. We need to rewrite declarations of parameters and uses of parameters that have bounds-safe interfaces.
The following example illustrates the problem. We define 3 C typedefs:
- one that defines a function pointer with a bounds-safe interface on a parameter.
- one that defines the bounds-safe interface type the first one.
- one that defined a fully checked version.
We define a function that returns 1, with a bounds-safe interface of 2. We try to assign the result to 3 and get a compiler error that makes no sense on the face of it:
#include <stdchecked.h>
#pragma CHECKED_SCOPE ON
typedef int (*callback_fn3)(int *a : count(n), int n);
typedef ptr<int (int *a : bounds(a, a + n), int n)> bsi_callback_fn3;
typedef ptr<int (array_ptr<int> a : bounds(a, a + n), int n)> checked_callback_fn3;
checked callback_fn3 return_function_pointer(void) : itype(bsi_callback_fn3);
checked void test_function_pointer_return(void) {
checked_callback_fn3 fn = 0;
fn = return_function_pointer();
}
Here is the compiler error:
tmp.c:13:6: error: assigning to 'checked_callback_fn3' (aka '_Ptr<int (_Array_ptr<int> : bounds(arg #0, arg #0 + arg
#1), int)>') from incompatible type '_Ptr<int (_Array_ptr<int> : bounds(arg #0, arg #0 + arg #1), int)>'
fn = return_function_pointer();
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
My guess is that the uses of a in bsi_callback_fn3 weren't rewritten, causing the types to differ for reasons that aren't apparent in the error message.
Metadata
Metadata
Assignees
Labels
No labels