[cfe-commits] r59232 - /cfe/trunk/lib/Analysis/GRExprEngine.cpp
Ted Kremenek
kremenek at apple.com
Fri Nov 14 13:17:27 PST 2008
On Nov 14, 2008, at 12:03 PM, Mike Stump wrote:
> On Nov 14, 2008, at 9:49 AM, Ted Kremenek wrote:
>> Also consider:
>>
>> void* p = alloca(...);
>> ...
>> char *q = (char*) p;
>> *q = 'c';
>> ...
>> double *d = (double*) p;
>> *d = 1.0;
>> ...
>> char ch = *q; // we should be able to flag this as an error, since
>> that chunk of memory now binds to 'd'
>
> If the intent of the code is to access the first character of the
> double 1.0, the code is fine. Certainly it is safe and portable
> according to the language standard.
Hi Mike,
I wasn't referring to whether or not it was safe according to the
language standard. I was talking about whether or not this should be
flagged as a potential bug. I'm not arguing that we do so in this
particular case, but the idea is that we want to be able to catch path-
sensitive type violations.
Ted
More information about the cfe-commits
mailing list