Path: csiph.com!3.us.feeder.erje.net!feeder.erje.net!news.linkpendium.com!news.linkpendium.com!news.iecc.com!.POSTED.news.iecc.com!nerds-end From: Hans-Peter Diettrich Newsgroups: comp.compilers Subject: Re: Bounds checking, Optimization techniques and undefined behavior Date: Mon, 6 May 2019 10:15:23 +0200 Organization: Compilers Central Lines: 32 Sender: news@iecc.com Approved: comp.compilers@iecc.com Message-ID: <19-05-034@comp.compilers> References: <19-04-021@comp.compilers> <19-04-023@comp.compilers> <19-04-037@comp.compilers> <19-04-039@comp.compilers> <19-04-042@comp.compilers> <19-04-044@comp.compilers> <19-04-047@comp.compilers> <19-05-004@comp.compilers> <19-05-006@comp.compilers> <19-05-016@comp.compilers> <19-05-020@comp.compilers> <19-05-024@comp.compilers> <19-05-025@comp.compilers> <19-05-028@comp.compilers> <19-05-029@comp.compilers> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970"; logging-data="33450"; mail-complaints-to="abuse@iecc.com" Keywords: errors, debug Posted-Date: 06 May 2019 10:37:49 EDT X-submission-address: compilers@iecc.com X-moderator-address: compilers-request@iecc.com X-FAQ-and-archives: http://compilers.iecc.com Xref: csiph.com comp.compilers:2269 Am 05.05.2019 um 20:44 schrieb Hans-Peter Diettrich: > Am 05.05.2019 um 12:14 schrieb Bart: > >> But how do they get there? Take this: >> >> int A[10], *p; >> p = &A[3]; >> >> You intend p to refer to the 4-element slice A[3..6], but how does the >> language know that? How can it stop code from writing to p[5]? > > Not pointers are bad, but pointer arithmetic is. It should be allowed > only with objects of known bounds. > > DoDi > [In this case the bounds look known to me. -John] The bounds are known for the array, so that the pointer is guaranteed valid by compile time check. But p[x] or p+x can not be guaranteed valid without considerable runtime and bounds storage overhead. Also simple p++ operation or the like requires an update of the bounds information. That's what I consider pointer arithmetic, not above &A[3]. I learned to love the Pascal indexing instead of pointers, because a loop like for i := 1 to 10 do sum := sum + A[i]; can be optimized safely by the Pascal/Delphi compiler into pointer and auto increment, so that no speed penalty exists vs. explicit pointer usage. But in a C for loop the index variable can be changed in code, so that even above code would execute slower with bounds checks. DoDi