From: Greg McGary <gkm@eng.ascend.com>
To: Tristan Gingold <tgi@netgem.com>
Cc: gcc@gcc.gnu.org
Subject: Re: Bounds checking
Date: Mon, 15 Nov 1999 09:19:00 -0000 [thread overview]
Message-ID: <msbt8vvfj0.fsf@tucson-net-82.eng.ascend.com> (raw)
In-Reply-To: <19991115164037.E12709@tgi2.netgem>
Tristan Gingold <tgi@netgem.com> writes:
> > Checked and unchecked code may be mixed to the extent that checked and
> > unchecked code don't share aggregates (structs & arrays) containing
> > pointers whose size & layout change based on the size of pointers.
>
> Just a question (as the author of Checker): how will you manage stdio
> (for example) ?
You definitely put your finger on a problem area. stdio is tough for
a couple reasons:
1) Layout of FILE is visible in getc & putc for some implemenations of stdio.
2) Printf & scanf accept varargs having pointer type.
The only ways I know to handle this is to
1) provide hand-written thunks (not the best way)
2) explicitly qualify the stdio interfaces as having unbounded
pointers using the __unbounded cv-qualifier & attribute.
(a better way, but requires hacking header files)
3) build stdio with bounded pointers (best if you have stdio source)
Greg
WARNING: multiple messages have this Message-ID
From: Greg McGary <gkm@eng.ascend.com>
To: Tristan Gingold <tgi@netgem.com>
Cc: gcc@gcc.gnu.org
Subject: Re: Bounds checking
Date: Tue, 30 Nov 1999 23:37:00 -0000 [thread overview]
Message-ID: <msbt8vvfj0.fsf@tucson-net-82.eng.ascend.com> (raw)
Message-ID: <19991130233700.0tRjkCN-N4nWcgcw2jJAmdWITXT6NBtTjnnXJl8oJuI@z> (raw)
In-Reply-To: <19991115164037.E12709@tgi2.netgem>
Tristan Gingold <tgi@netgem.com> writes:
> > Checked and unchecked code may be mixed to the extent that checked and
> > unchecked code don't share aggregates (structs & arrays) containing
> > pointers whose size & layout change based on the size of pointers.
>
> Just a question (as the author of Checker): how will you manage stdio
> (for example) ?
You definitely put your finger on a problem area. stdio is tough for
a couple reasons:
1) Layout of FILE is visible in getc & putc for some implemenations of stdio.
2) Printf & scanf accept varargs having pointer type.
The only ways I know to handle this is to
1) provide hand-written thunks (not the best way)
2) explicitly qualify the stdio interfaces as having unbounded
pointers using the __unbounded cv-qualifier & attribute.
(a better way, but requires hacking header files)
3) build stdio with bounded pointers (best if you have stdio source)
Greg
next prev parent reply other threads:[~1999-11-15 9:19 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <80256825.00430EDF.00@marconicomms.com>
1999-11-10 13:25 ` Greg McGary
[not found] ` <19991115164037.E12709@tgi2.netgem>
1999-11-15 9:19 ` Greg McGary [this message]
1999-11-30 23:37 ` Greg McGary
1999-11-30 23:37 ` Greg McGary
1999-08-17 16:24 Bounds Checking Sebastien Loisel
1999-08-22 11:46 ` Philipp Thomas
1999-08-31 23:20 ` Philipp Thomas
1999-08-31 23:20 ` Sebastien Loisel
[not found] <34d325a50.5f8@htbrug.net.HCC.nl>
1998-05-15 23:45 ` bounds checking Jeffrey A Law
1998-05-16 1:18 ` Greg McGary
1998-05-16 19:47 ` Joe Buck
1998-05-17 8:57 ` Toon Moene
1998-05-22 1:32 ` Greg McGary
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=msbt8vvfj0.fsf@tucson-net-82.eng.ascend.com \
--to=gkm@eng.ascend.com \
--cc=gcc@gcc.gnu.org \
--cc=tgi@netgem.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).