You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR introduces a temporary solution for an issue with bounds validation: the bounds checker should be able to prove that bounds(p, p + ((len + 1) - 1)) imply bounds(p, p + len).
The solution involves performing constant folding for a limited set of expressions. If the upper offset of a range is of the form (e +/- a) +/ b, where a and b are integer constants and e is an expression, we extract the variable part as e and the constant part as a + b (or a + -b, -a + b, or -a + -b).
This is intended to be a temporary fix until we can solve issues with constant folding, commutativity, and associativity in bounds expressions in a more general way.
This fix addresses +1/-1 situations that can arise from passing arguments to functions with declared parameter bounds (see checkedc/450). However, it does not fix +1/-1 situations that can occur as a result of bounds widening, e.g.
void f(_Nt_array_ptr<char> p : count(len), unsigned int len) {
if (*(p + len)) {
++len;
}
}
The bounds checker is unable to create a base range for the inferred bounds bounds(p, (p + (len - 1)) + 1). We need further work to address associativity issues with bounds expressions.
The text was updated successfully, but these errors were encountered:
This issue was copied from microsoft/checkedc-clang#1095
This PR introduces a temporary solution for an issue with bounds validation: the bounds checker should be able to prove that
bounds(p, p + ((len + 1) - 1))
implybounds(p, p + len)
.The solution involves performing constant folding for a limited set of expressions. If the upper offset of a range is of the form
(e +/- a) +/ b
, wherea
andb
are integer constants ande
is an expression, we extract the variable part ase
and the constant part asa + b
(ora + -b
,-a + b
, or-a + -b
).This is intended to be a temporary fix until we can solve issues with constant folding, commutativity, and associativity in bounds expressions in a more general way.
This fix addresses +1/-1 situations that can arise from passing arguments to functions with declared parameter bounds (see checkedc/450). However, it does not fix +1/-1 situations that can occur as a result of bounds widening, e.g.
The bounds checker is unable to create a base range for the inferred bounds
bounds(p, (p + (len - 1)) + 1)
. We need further work to address associativity issues with bounds expressions.The text was updated successfully, but these errors were encountered: