[cfe-commits] PATCH: Enhance array bounds checking

Ted Kremenek kremenek at apple.com
Thu Jul 14 10:28:52 PDT 2011 

Hi Kaelyn,

I was reviewing this patch (which I think is a great step), and I had a high-level comment about the following test case:

+void swallow (const char *x) { (void)x; }
+void test_pointer_arithmetic() {
+  const char hello[] = "Hello world!"; // expected-note 2 {{declared here}}
+  const char *helloptr = hello;
+
+  swallow("Hello world!" + 6); // no-warning
+  swallow("Hello world!" - 6); // expected-warning {{refers before the beginning of the array}}
+  swallow("Hello world!" + 14); // expected-warning {{refers past the end of the array}}

Do we really want this to be a warning?  There are plenty of examples where an out-of-bounds pointer is computed for legit reasons.  As long as that address is not dereferenced, there isn't necessarily a problem.  I'm fearful this may generate a fair amount of noise on codebases that do elaborate tricks with pointer offsets.  Indeed this very example doesn't actually exhibit a "bug".

Ted

On Jul 11, 2011, at 4:25 PM, Kaelyn Uhrain wrote:

> Here's the updated patch that includes the changes Nick suggested and rebased against the current TOT.
> 
> On Mon, Jul 11, 2011 at 3:30 PM, Ted Kremenek <kremenek at apple.com> wrote:
> Hi Kaelyn,
> 
> This looks great.  Nick already made some great comments on the code. If you could address the last couple review comments I think this is ready to push back to mainline.
> 
> Cheers,
> Ted
> 
> On Jul 8, 2011, at 5:03 PM, Kaelyn Uhrain wrote:
> 
>> The attached patch enhances the existing array bounds checking to include support for bounds checking on pointer arithmetic when possible (e.g. "Foo" + 5 or somearray - 7 when the size of somearray is known). It also fixes the bounds checking to work with unary operators like & and *; without this patch, for "char foo[4]", foo[15] would trigger the warning but &foo[15] wouldn't.
>> 
>> You can also view and comment on the changes at: http://codereview.appspot.com/4675068
>> 
>> Cheers,
>> Kaelyn
>> _______________________________________________
>> cfe-commits mailing list
>> cfe-commits at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
> 
> 
> <array-bounds-enhancement.diff>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20110714/9c035d71/attachment.html>

More information about the cfe-commits mailing list