Casts should be excluded from checked region?

[Arslan8]

Hi, I have the following code:

typedef struct {
        ptr<int> a;
        ptr<int> b;
} STRUCT;

void break(void) {
    char temp checked[1000];
    ptr<STRUCT> s  = NULL;
    s  = dynamic_bounds_cast<ptr<STRUCT>> (&temp[20]);
    int a;
    s->a = (ptr<int>)&a;
    temp[20] = 0xAB;
    temp[21] = 0xCD;
    temp[22] = 0xEF;
}

As you can figure that *s->a can be used to access any memory in the system breaking spatial memory safety. Moreover, this entire code can be written in a checked scope, prompting whether we should exclude casts from checked regions? Thanks, Arslan

[mwhicks1]

I'm not sure why the dynamic bounds cast to ptr<STRUCT> is allowed. We can tell that ptr<STRUCT> and ptr<char> (the type of &temp[20]) are not compatible. If it fails at run-time, then this code is fine, but I don't see why it shouldn't fail at compile-time.

[Arslan8]

@mwhicks1 I agree with you, the cast should fail at compile-time... however, just to add on this, the code doesn't fail on run-time as well even after I add the line before returning from the function: *(s->a) = 100;