source: etc/campbell/dev-notes/2012-10-10-pointer-off-the-end.txt

Last change on this file was 2434, checked in by campbell, 7 years ago

Misc notes.

File size: 1.6 KB
1Another, more serious, consequence of allowing a pointer just after an object:
2When we coalesce memory blocks to form stack frames the pointer comparison
3must be careful.  At the moment, we break in this kind of situation:
5  ┌───────┐    ┌───────┐
6  │ int x │    │ int y │
7  └───────┘    └───────┘
8          ↑    ↑
9     &x + 1 != &y
11these pointers are different in Clight.  But in Cminor:
13  ┌───────┬───────┐
14  │ int x │ int y │
15  └───────┴───────┘
16          ↑
17    &x + 1 == &y
19So we break pointer comparison.  We can't possibly preserve pointer comparison
20without putting restrictions on the ordering of stack frames, or adding extra
21padding, so the best solution is to consider the original comparison to have
22undefined behaviour because it is comparing a pointer-off-the-end with a pointer
23from another block.
25It gets a little worse: we're currently missing range checks in common/  Or is it?  We've already formed stack frames for the variables,
27although we could get into trouble with global variables.
29[6th Nov:]
31And another problem that Ilias noticed: when a block is free it is made invalid
32by changing the bounds to make it impossible to have a valid pointer; but the
33definition I wrote for the off-the-end pointers in response to the above only
34checks the pointer w.r.t the upper bound, so fails to spot an invalid block.
35We're just going to drop these now - the back end doesn't have any specific
36support for them (and is broken for inter-block comparisons at the moment, too).
Note: See TracBrowser for help on using the repository browser.