[array] Invalid data: accessing 'elems'
Hi, I compile a small test program using Visual C++ 10.0 (Visual Studio 2010 Premium) with static code analysis turned on (option /analyze): #include <boost/array.hpp> int main() { typedef int T; // short, char, etc. boost::array<T, 2> x; T a = x[0]; } and whichever integer type I use for T, the analyser throws similar reports every time: 1>------ Build started: Project: boost_array_test, Configuration: Debug Win32 ------ 1> boost_array_test.cpp 1>g:\workshop\boost\boost_test\array\boost_array_test.cpp(5): warning C4189: 'a' : local variable is initialized but not referenced 1>g:\dev\boost\_svn\trunk\boost\array.hpp(111): warning C6385: Invalid data: accessing 'elems', the readable size is '8' bytes, but '12' bytes might be read: Lines: 110, 111 1> G:\dev\boost\_svn\trunk\boost/array.hpp(109) : while compiling class template member function 'int &boost::array<T,N>::operator [](boost::array<T,N>::size_type)' 1> with 1> [ 1> T=int, 1> N=0x2 1> ] 1> boost_array_test.cpp(4) : see reference to class template instantiation 'boost::array<T,N>' being compiled 1> with 1> [ 1> T=int, 1> N=0x2 1> ] 1> boost_array_test.vcxproj -> G:\workshop\boost\boost_test\array\Debug\boost_array_test.exe ========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ========== Shall I report a ticket? No warnings are reported for the std::array provided with Visaul C++ 10.0. Best regards, -- Mateusz Loskot, http://mateusz.loskot.net
On 2010-08-02-Mon 18:29, Mateusz Loskot wrote:
I compile a small test program using Visual C++ 10.0 (Visual Studio 2010 Premium) with static code analysis turned on (option /analyze):
#include <boost/array.hpp> int main() { typedef int T; // short, char, etc. boost::array<T, 2> x; T a = x[0]; }
and whichever integer type I use for T, the analyser throws similar reports every time: ... 1>g:\dev\boost\_svn\trunk\boost\array.hpp(111): warning C6385: Invalid data: accessing 'elems', the readable size is '8' bytes, but '12' bytes might be read: Lines: 110, 111
FYI, I get the very same warning on Visual Studio 2008. Interestingly, the warning doesn't appear when the array size is 1. Note also that the warning is also gone when BOOST_ASSERT call inside boost::array::operator[] is commented out: reference operator[](size_type i) { // Skipped: BOOST_ASSERT( i < N && "out of range" ); return elems[i]; }
Shall I report a ticket?
Do you have a proposed fix? I can think of a few possible options: * Add #pragma warning(disable: 6385) to boost/array.hpp * Or add an __analysis_assume call to boost::array::operator[]: reference operator[](size_type i) { BOOST_ASSERT( i < N && "out of range" ); __analysis_assume(i < N); return elems[i]; } * Or add __analysis_assume(expr) to the BOOST_ASSERT(expr) macro itself... (boost/assert.hpp)? What do you think? BTW, the following compiler bug report seems related: Microsoft Visual Studio bug report ID 281033, "False warning C6385 when a function result is used as an array index", http://connect.microsoft.com/VisualStudio/feedback/details/281033/ HTH, Niels -- Niels Dekker http://www.xs4all.nl/~nd/dekkerware Scientific programmer at LKEB, Leiden University Medical Center
On 04/08/10 08:51, Niels Dekker - address until 2010-10-10 wrote:
On 2010-08-02-Mon 18:29, Mateusz Loskot wrote:
Shall I report a ticket?
Do you have a proposed fix?
Actually, I'm asking for suggestions :-)
I can think of a few possible options:
* Add #pragma warning(disable: 6385) to boost/array.hpp
* Or add an __analysis_assume call to boost::array::operator[]:
reference operator[](size_type i) { BOOST_ASSERT( i < N && "out of range" ); __analysis_assume(i < N); return elems[i]; }
* Or add __analysis_assume(expr) to the BOOST_ASSERT(expr) macro itself... (boost/assert.hpp)?
What do you think?
I'd second the first or the second option as they are more explicit, thus self-documenting. The third option would hide this issue behind BOOST_ASSERT.
BTW, the following compiler bug report seems related: Microsoft Visual Studio bug report ID 281033, "False warning C6385 when a function result is used as an array index", http://connect.microsoft.com/VisualStudio/feedback/details/281033/
Thanks. Best regards, -- Mateusz Loskot, http://mateusz.loskot.net Charter Member of OSGeo, http://osgeo.org
Mateusz Loskot wrote:
On 04/08/10 08:51, Niels Dekker wrote:
I can think of a few possible options:
* Add #pragma warning(disable: 6385) to boost/array.hpp
* Or add an __analysis_assume call to boost::array::operator[]:
reference operator[](size_type i) { BOOST_ASSERT( i < N && "out of range" ); __analysis_assume(i < N); return elems[i]; }
* Or add __analysis_assume(expr) to the BOOST_ASSERT(expr) macro itself... (boost/assert.hpp)?
I'd second the first or the second option as they are more explicit, thus self-documenting. The third option would hide this issue behind BOOST_ASSERT.
I think all three options are okay. What do you mean by "the third option would hide this issue"? The BOOST_ASSERT already states explicitly that operator[](i) *assumes* i < N, right? I guess a modification of BOOST_ASSERT might need some more discussion, though. Kind regards, Niels -- Niels Dekker http://www.xs4all.nl/~nd/dekkerware Scientific programmer at LKEB, Leiden University Medical Center
participants (2)
-
Mateusz Loskot -
Niels Dekker - address until 2010-10-10