<div dir="ltr"><div>Hi,</div><div><br></div><div>I got this Coverity "Out-of_bounds access" warning for this snippet in clang/include/AST/ExprCXX.h:</div><div><br></div><div><div id="gmail-main-source-line-4048" class="gmail-source-line" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4048</span>  <span id="gmail-xref-401808888-38-2" class="gmail-xref gmail-xref-116679163" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">child_range</span> <span id="gmail-xref-401808345-0-1" class="gmail-xref gmail-xref-116683174 gmail-xref-defn" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">children</span>() {</div><div class="event-wrapper" style="white-space:nowrap;color:rgb(71,71,71);font-family:"Helvetica Neue",Helvetica,Arial,"Lucida Grande",sans-serif;font-size:12px;font-variant-ligatures:normal"><div class="event-row" style="display:table-row"><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:table-cell;font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace">    </span><div id="gmail-defect-event-25226928-0" class="event-header gmail-with-event gmail-path-event gmail-branch-true" style="background-color:rgb(245,255,245);color:rgb(136,153,51);overflow:hidden;padding:2px 2px 2px 25px;white-space:normal;display:table-cell;border:1px solid transparent;background-image:none;background-position:1px 2px"><span class="event-order">1.</span> <span class="gmail-description">Condition <span class="gmail-code" style="font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace,serif;font-size:1em;white-space:pre-line;word-wrap:break-word;color:inherit;padding-left:3px;padding-right:3px"><span class="gmail-keyword" style="color:inherit;font-style:inherit">this</span>->State.is()</span>, taking false branch.</span></div></div></div><div id="gmail-main-source-line-4049" class="gmail-source-line gmail-with-event gmail-path-event gmail-branch-true" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-scm" style="background-color:rgb(238,238,238);color:rgb(191,191,191);vertical-align:top;display:inline-block"></span><span class="gmail-impact-date"></span><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4049</span>    <span class="gmail-keyword" style="font-weight:700">if</span> (<span id="gmail-xref-L-3211414-1507-7" class="gmail-xref gmail-xref-L-3211414-11" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">State</span>.<span id="gmail-xref-401808300-3-4" class="gmail-xref gmail-xref-116654463" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">is</span><<span id="gmail-xref-401809257-54-2" class="gmail-xref gmail-xref-116621749" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">Stmt</span> *>())</div><div id="gmail-main-source-line-4050" class="gmail-source-line" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-scm" style="background-color:rgb(238,238,238);color:rgb(191,191,191);vertical-align:top;display:inline-block"></span><span class="gmail-impact-date"></span><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4050</span>      <span class="gmail-keyword" style="font-weight:700">return</span> <span id="gmail-xref-401808888-73-2" class="gmail-xref gmail-xref-116679163" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">child_range</span>(<span id="gmail-xref-L-3211414-731-7" class="gmail-xref gmail-xref-L-3211414-11" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">State</span>.<span id="gmail-xref-401808606-0-2" class="gmail-xref gmail-xref-116654946" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">getAddrOfPtr1</span>(), <span id="gmail-xref-L-3211414-1689-7" class="gmail-xref gmail-xref-L-3211414-11" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">State</span>.<span id="gmail-xref-401808606-1-2" class="gmail-xref gmail-xref-116654946" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">getAddrOfPtr1</span>() + <span class="gmail-literal" style="color:rgb(63,78,222)">1</span>);</div><div id="gmail-main-source-line-4051" class="gmail-source-line" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-scm" style="background-color:rgb(238,238,238);color:rgb(191,191,191);vertical-align:top;display:inline-block"></span><span class="gmail-impact-date"></span><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4051</span></div><div id="gmail-main-source-line-4052" class="gmail-source-line" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-scm" style="background-color:rgb(238,238,238);color:rgb(191,191,191);vertical-align:top;display:inline-block"></span><span class="gmail-impact-date"></span><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4052</span>    <span class="gmail-keyword" style="font-weight:700">auto</span> <span id="gmail-xref-L-3211414-1783-1" class="gmail-xref gmail-xref-L-3211414-584 gmail-xref-defn" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">ES</span> = <span id="gmail-xref-L-3211414-1819-7" class="gmail-xref gmail-xref-L-3211414-11" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">State</span>.<span id="gmail-xref-401808399-2-4" class="gmail-xref gmail-xref-116654508" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">get</span><<span id="gmail-xref-L-3211414-1709-2" class="gmail-xref gmail-xref-L-3211414-10" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">ExtraState</span> *>();</div><div class="event-wrapper" style="white-space:nowrap;color:rgb(71,71,71);font-family:"Helvetica Neue",Helvetica,Arial,"Lucida Grande",sans-serif;font-size:12px;font-variant-ligatures:normal"><div class="event-row" style="display:table-row"><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:table-cell;font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace">    </span><div id="gmail-defect-event-25226928-2" class="event-header gmail-with-event gmail-code-event event-set-0 gmail-address_of gmail-grouped-event" style="background-color:rgb(252,242,238);color:rgb(221,68,34);overflow:hidden;padding:2px 2px 2px 25px;white-space:normal;display:table-cell;border:1px solid transparent;background-image:none;background-position:1px 2px"><span class="event-order">2.</span> <span class="event-tag" style="font-weight:700">address_of:</span> <span class="gmail-description">Taking address with <span class="gmail-code" style="font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace,serif;font-size:1em;white-space:pre-line;word-wrap:break-word;color:rgb(0,0,0);padding-left:3px;padding-right:3px">&ES->Temporary</span> yields a singleton pointer.</span></div></div></div><div class="event-wrapper" style="white-space:nowrap;color:rgb(71,71,71);font-family:"Helvetica Neue",Helvetica,Arial,"Lucida Grande",sans-serif;font-size:12px;font-variant-ligatures:normal"><div class="event-row" style="display:table-row"><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:table-cell;font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace">    </span><div id="gmail-defect-event-25226928-3" class="event-header gmail-with-event gmail-main-event gmail-code-event event-set-0 gmail-ptr_arith gmail-selected-event gmail-grouped-event" style="background-color:rgb(252,242,238);color:rgb(221,68,34);overflow:hidden;padding:2px 2px 2px 25px;white-space:normal;display:table-cell;border:1px solid rgb(125,154,170);background-image:url(https://mail.google.com/images/sourcebrowser/marker-code-main-event.png);background-position:1px 2px"><span class="gmail-defect-text" style="display:block;margin-bottom:2px">CID 71050 (#1 of 1): Out-of-bounds access (ARRAY_VS_SINGLETON)</span><span class="event-order">3.</span> <span class="event-tag" style="font-weight:700">ptr_arith:</span> <span class="gmail-description">Using <span class="gmail-code" style="font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace,serif;font-size:1em;white-space:pre-line;word-wrap:break-word;color:rgb(0,0,0);padding-left:3px;padding-right:3px">&ES->Temporary</span> as an array. This might corrupt or misinterpret adjacent memory locations.</span></div></div></div><div id="gmail-main-source-line-4053" class="gmail-source-line gmail-with-event gmail-code-event event-set-0 gmail-address_of gmail-main-event gmail-ptr_arith gmail-grouped-event" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-scm" style="background-color:rgb(238,238,238);color:rgb(191,191,191);vertical-align:top;display:inline-block"></span><span class="gmail-impact-date"></span><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4053</span>    <span class="gmail-keyword" style="font-weight:700">return</span> <span id="gmail-xref-401808888-57-2" class="gmail-xref gmail-xref-116679163" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">child_range</span>(<span id="gmail-xref-401808776-13-4" class="gmail-xref gmail-xref-116673074" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">&</span><span id="gmail-xref-L-3211414-1094-2" class="gmail-xref gmail-xref-L-3211414-584" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">ES</span>-><span id="gmail-xref-L-3211414-1870-7" class="gmail-xref gmail-xref-L-3211414-585" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">Temporary</span>, <span id="gmail-xref-401808776-45-4" class="gmail-xref gmail-xref-116673074" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">&</span><span id="gmail-xref-L-3211414-528-2" class="gmail-xref gmail-xref-L-3211414-584" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">ES</span>-><span id="gmail-xref-L-3211414-1343-7" class="gmail-xref gmail-xref-L-3211414-585" style="border-width:1px;border-style:solid;border-color:transparent transparent rgb(204,204,204)">Temporary</span> + <span class="gmail-literal" style="color:rgb(63,78,222)">1</span>);</div><div id="gmail-main-source-line-4054" class="gmail-source-line" style="color:rgb(0,0,0);font-family:Consolas,"Andale Mono WT","Andale Mono","Lucida Console","Lucida Sans Typewriter","DejaVu Sans Mono","Bitstream Vera Sans Mono","Liberation Mono","Nimbus Mono L",Monaco,"Courier New",Courier,monospace;height:1.3em;white-space:nowrap;font-size:12px;font-variant-ligatures:normal"><span class="gmail-scm" style="background-color:rgb(238,238,238);color:rgb(191,191,191);vertical-align:top;display:inline-block"></span><span class="gmail-impact-date"></span><span class="gmail-source-line-number" style="background-color:rgb(238,238,238);color:rgb(153,153,153);text-align:right;padding-left:0.3em;padding-right:0.2em;display:inline-block">4054</span>  }</div></div><div><br></div><div>Since</div><div><br></div><div><div>  struct ExtraState {</div><div>    /// \brief The temporary-generating expression whose value will be</div><div>    /// materialized.</div><div>    Stmt *Temporary;</div><div><br></div><div>    /// \brief The declaration which lifetime-extended this reference, if any.</div><div>    /// Either a VarDecl, or (for a ctor-initializer) a FieldDecl.</div><div>    const ValueDecl *ExtendingDecl;</div><div><br></div><div>    unsigned ManglingNumber;</div><div>  };</div></div><div><br></div><div><br></div><div>So &ES->Temporary get the address of the "Temporary", and &ES->Temporary+1 is like the "end()" for a list container?</div><div><br></div><div><br></div><div>-- <br></div><div class="gmail_signature"><div dir="ltr">- Welson<br><div><div><div><br></div></div></div></div></div>
</div>