Re: [fpc-devel] Data flow analysis (dfa) and "case ... of"

Wed, 07 Jun 2017 17:22:41 -0700 

On 07/06/2017 15:18, Juha Manninen wrote:

The compiler trusts that data in an enum variable is legal, within the range.
It should trust the same way when doing DFA. It is logical and consistent.



I understand your reasons now and agree that DFA should cover only 
logical (according to the compiler) scenarios.


Juha Manninen wrote:

What you must do is add sanity checks for code that initializes enum
data based on some other data.
.....
The same way if you get integer data from I/O, you must verify the
integer is within range _before_ typecasting it.



Sanity checks is exactly what I do, but in both directions (see example 
below).



I can't control what values other users/developers may supply, nor I 
restrict the use of different compiler versions and build flags. It is 
because "TConvertType(-1)" and the likes are an acceptable statement for 
compiler, I make it my responsibility to handle all possible input 
values, no matter how illogical and invalid they may be. This is a 
design pattern that I follow.



If the 'else' condition is optimized away in certain compiler versions 
and/or by certain complier optimization flags, that is no problem, at 
least not for me. Then, as Martin highlighted, "unreachable code" 
warning may be appropriate.



Currently, TConvertType(X) doesn't produce any errors where X is out of 
declared range of TConvertType. So I shall continue to account for 
potential invalid values, even if my attempts may be optimized away in 
some circumstances. I might be trying to account for an illegal or 
undefined behaviour, but I do nonetheless, if it improves the chances of 
catching errors earlier.


type
  TConvertType = (ctA, ctB);

function StrToConvert(const Value: String): TConvertType;
begin
  case Value of
    'A': Result := ctA;
    'B': Result := ctB;

    else raise Exception.CreateFmt('Invalid convert value string (%s)', 
[Value]);

  end;
end;

function Convert(Value: TConvertType): Integer;
begin
  case Value of
    ctA: Result := 1;
    ctB: Result := 2;

    else raise Exception.CreateFmt('Invalid convert value (%d)', 
[Ord(Value)]);

  end;
end;
_______________________________________________
fpc-devel maillist  -  fpc-devel@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-devel























					Reply via email to