On 04/14/2014 08:50 AM, Chet Ramey wrote: > On 4/14/14, 5:34 AM, David Binderman wrote: >> Hello there, >> >> [bind.c:2238]: (style) Array index 'j' is used before limits check. >> >> Source code is >> >> for (j = 0; invokers[j] && j < 5; j++) >> >> Suggest new code >> >> for (j = 0; (j < 5) && (invokers[j] != NULL); j++) > > Can you give me a use case for which this makes a difference?
It silences static code checkers and avoids undefined C behavior. Also, if invokers[] is allocated such that it ends on the end of a page boundary (such as might be the case under certain malloc debuggers), then doing the bounds check first will avoid an out-of-bounds access causing a SEGFAULT. But in the normal case, when invokers[] is NOT at the end of the page, the out-of-bounds access will read unspecified memory, but the result of that read will either be 0 (short-circuiting the bounds check) or non-zero where the bounds check fails, so even if you leave the undefined behavior in place, in practice you will usually get the same result as the defined behavior achieved by swapping things to do the bounds check first. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
