|
From: | grischka |
Subject: | Re: [Tinycc-devel] Fixes to bcheck and how it works correctly |
Date: | Wed, 12 Dec 2012 20:49:34 +0100 |
User-agent: | Thunderbird 2.0.0.23 (Windows/20090812) |
Kirill Smelkov wrote:
Let's imagine that bcheck checks pointers only on dereference. Then let's consider following: int a[10], b[10]; If we have p=&b[0], then do p--, how do we know whether there is no bounds error for p? p points to correct memory &a[9], but it is out of bounds - it started from b and crossed the limit. That's why in lib/bcheck pointers are checked not only on indir, but also on add. And that's why we have to pay the price. Btw - maybe "not ansi" comment was there for a reason...
Actually in bcheck.c:__bound_ptr_add there appears to be a special case for code such as int a[10], *p; for (p = a; p < a + 10; ++p) *p = p - a; to ignore the off by one pointer addition at end of region. Now what about the also not so uncommon reverse case int a[10], *p; for (p = a + 10; --p >= a;) *p = p - a; I don't think I would like to change that just for bcheck. Then again if that were allowed, the vtop stuff in TCC could stay as it was, I suppose? --- grischka
[Prev in Thread] | Current Thread | [Next in Thread] |