<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi Kaelyn,<div><br></div><div>I was reviewing this patch (which I think is a great step), and I had a high-level comment about the following test case:</div><div><br></div><div><div><div>+void swallow (const char *x) { (void)x; }</div><div>+void test_pointer_arithmetic() {</div><div>+ const char hello[] = "Hello world!"; // expected-note 2 {{declared here}}</div><div>+ const char *helloptr = hello;</div><div>+</div><div>+ swallow("Hello world!" + 6); // no-warning</div><div>+ swallow("Hello world!" - 6); // expected-warning {{refers before the beginning of the array}}</div><div>+ swallow("Hello world!" + 14); // expected-warning {{refers past the end of the array}}</div></div><div><br></div><div>Do we really want this to be a warning? There are plenty of examples where an out-of-bounds pointer is computed for legit reasons. As long as that address is not dereferenced, there isn't necessarily a problem. I'm fearful this may generate a fair amount of noise on codebases that do elaborate tricks with pointer offsets. Indeed this very example doesn't actually exhibit a "bug".</div><div><br></div><div>Ted</div><div><br></div><div><div>On Jul 11, 2011, at 4:25 PM, Kaelyn Uhrain wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">Here's the updated patch that includes the changes Nick suggested and rebased against the current TOT.<br><br><div class="gmail_quote">On Mon, Jul 11, 2011 at 3:30 PM, Ted Kremenek <span dir="ltr"><<a href="mailto:kremenek@apple.com">kremenek@apple.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div style="word-wrap:break-word">Hi Kaelyn,<div><br></div><div>This looks great. Nick already made some great comments on the code. If you could address the last couple review comments I think this is ready to push back to mainline.</div>
<div><br></div><div>Cheers,</div><div>Ted</div><div><br><div><div><div></div><div class="h5"><div>On Jul 8, 2011, at 5:03 PM, Kaelyn Uhrain wrote:</div><br></div></div><blockquote type="cite"><div><div></div><div class="h5">
The attached patch enhances the existing array bounds checking to include support for bounds checking on pointer arithmetic when possible (e.g. "Foo" + 5 or somearray - 7 when the size of somearray is known). It also fixes the bounds checking to work with unary operators like & and *; without this patch, for "char foo[4]", foo[15] would trigger the warning but &foo[15] wouldn't.<br>
<br>You can also view and comment on the changes at: <a href="http://codereview.appspot.com/4675068" target="_blank">http://codereview.appspot.com/4675068</a><br><br>Cheers,<br>Kaelyn<br></div></div>
_______________________________________________<br>cfe-commits mailing list<br><a href="mailto:cfe-commits@cs.uiuc.edu" target="_blank">cfe-commits@cs.uiuc.edu</a><br><a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br>
</blockquote></div><br></div></div>
</blockquote></div><br>
<span><array-bounds-enhancement.diff></span></blockquote></div><br></div></body></html>