Description
If we have an lvalue expression (e.g. a parameter variable) whose declared bounds are specified via a bounds-safe interface
void(int *p : count(4)) {
...
}
If an assignment that modifies the bounds of p occurs within an unchecked scope and:
- The RHS of the assignment has unchecked pointer type, or:
- The RHS of the assignment has a bounds-safe interface, or:
- The RHS of the assignment has integral type, then:
The compiler should not emit any errors or warnings that would otherwise result from checking that the inferred bounds of p imply the declared bounds of p.
For example, in the function below, p = q should not result in any errors even though the bounds of q are bounds(unknown). p = r should not result in any errors even though the bounds of r (bounds(r, r + 3)) are too narrow for the declared bounds of p (bounds(p, p + 4)).
void f(int *p : count(4), int *q, int *r : count(3)) : _Unchecked {
p = q;
p = r;
}
In the function below, len = 2 should not result in an error since 2 has integer type. len++ should not result in an warning since len + 1 has integer type.
void f(int *p : count(len), unsigned int len) {
len = 2;
len++;
}
However, an assignment that modifies the bounds of p occurs within an unchecked scope and the RHS of the assignment has checked pointer type, the compiler should emit any errors or warnings that result from checking that the bounds of the RHS imply the declared bounds of p.
For example, in the function below, p = s should result in an error since the bounds of s are unknown. p = t should result in an error since the bounds of t (bounds(t, t + 3)) are too narrow for the declared bounds of p (bounds(p, p + 4)).
void f(int *p : count(4), _Array_ptr<int> s : bounds(unknown), _Array_ptr<int> t : count(3)) : _Unchecked {
p = s;
p = t;
}