|
| From: | grischka |
| Subject: | Re: [Tinycc-devel] Fixes to bcheck and how it works correctly |
| Date: | Wed, 12 Dec 2012 20:49:34 +0100 |
| User-agent: | Thunderbird 2.0.0.23 (Windows/20090812) |
Kirill Smelkov wrote:
Let's imagine that bcheck checks pointers only on dereference. Then
let's consider following:
int a[10], b[10];
If we have p=&b[0], then do p--, how do we know whether there is no
bounds error for p? p points to correct memory &a[9], but it is out of
bounds - it started from b and crossed the limit.
That's why in lib/bcheck pointers are checked not only on indir, but
also on add. And that's why we have to pay the price. Btw - maybe "not
ansi" comment was there for a reason...
Actually in bcheck.c:__bound_ptr_add there appears to be a special case
for code such as
int a[10], *p;
for (p = a; p < a + 10; ++p)
*p = p - a;
to ignore the off by one pointer addition at end of region. Now what
about the also not so uncommon reverse case
int a[10], *p;
for (p = a + 10; --p >= a;)
*p = p - a;
I don't think I would like to change that just for bcheck. Then again
if that were allowed, the vtop stuff in TCC could stay as it was, I
suppose?
--- grischka
| [Prev in Thread] | Current Thread | [Next in Thread] |