digitalmars.D.bugs - [Issue 2412] New: Hole in type system: array conversion to supertypes
- d-bugmail puremagic.com (31/31) Oct 10 2008 http://d.puremagic.com/issues/show_bug.cgi?id=2412
- d-bugmail puremagic.com (7/7) Oct 10 2008 http://d.puremagic.com/issues/show_bug.cgi?id=2412
- d-bugmail puremagic.com (8/8) Oct 10 2008 http://d.puremagic.com/issues/show_bug.cgi?id=2412
- d-bugmail puremagic.com (32/32) Oct 10 2008 http://d.puremagic.com/issues/show_bug.cgi?id=2412
- d-bugmail puremagic.com (9/9) Oct 10 2008 http://d.puremagic.com/issues/show_bug.cgi?id=2412
http://d.puremagic.com/issues/show_bug.cgi?id=2412
Summary: Hole in type system: array conversion to supertypes
Product: D
Version: 1.035
Platform: PC
OS/Version: Windows
Status: NEW
Keywords: accepts-invalid, spec
Severity: major
Priority: P2
Component: DMD
AssignedTo: bugzilla digitalmars.com
ReportedBy: fraserofthenight gmail.com
Automatic conversion of an array of a subtype to an array of its supertype
creates a hole in the type system (that is, you can get an invalid type without
doing any casting). Consider the following legal D code:
module bug;
class A { }
class X : A { void hello() { } }
class Y : A { }
void main()
{
X[] xArray = new X[1];
A[] aArray = xArray;
aArray[0] = new Y();
X x = xArray[0]; // Automatic conversion of Y -> X without cast
x.hello(); // Likely segfault
}
The solution is to require an explicit cast from X[] to A[] (that is, any
subtype array to its supertype).
--
Oct 10 2008
d-bugmail puremagic.com http://d.puremagic.com/issues/show_bug.cgi?id=2412 It was previously discussed in newsgroups and rejected as invalid, IIRC. I.e. bug is on your side. However, I totally agree that explicit cast is needed in this situation, as it violates SafeD otherwise. --
Oct 10 2008
http://d.puremagic.com/issues/show_bug.cgi?id=2412 IIRC, in the most recent discussion, Walter/Andrei never commented. This is a dangerous situation because it could easily crop up in a large codebase and be _very_ hard to track down. It's also dangerous because the user would never know they're doing something wrong (i.e. there's no indication of danger and no uses of "unsafe" code like direct pointer use). --
Oct 10 2008
http://d.puremagic.com/issues/show_bug.cgi?id=2412
schveiguy yahoo.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |schveiguy yahoo.com
I'd agree with this. It is inconsistent with how a pointer to a class is
treated, which is essentially what an array of classes references is.
i.e.:
X x = new x;
A* a = &x; // fails to compile, requires cast.
Similarly, if I look at an array, it is a struct:
struct ArrayOfX
{
X *ptr;
uint length;
}
Casting this to:
struct ArrayOfA
{
A *ptr;
uint length;
}
Seems like you would theoretically have to go through the same cast as the code
I wrote above, casting an X* to an A*.
The only drawback of this is you cannot return covariant arrays, or allow a
subtype array to be used as the base type for a function call. I would guess
this is a rare requirement.
One thing that should probably be allowed though in D2 is implicitly casting to
a const(A)[]. This would prevent such mistakes as you have outlined. You can
still explicitly cast if needed.
--
Oct 10 2008
http://d.puremagic.com/issues/show_bug.cgi?id=2412
terranium yandex.ru changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
*** This bug has been marked as a duplicate of 2095 ***
--
Oct 10 2008