[PATCH] D32199: [TBAASan] A TBAA Sanitizer (Clang)
Hal Finkel via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Apr 20 11:34:09 PDT 2017
hfinkel added a comment.
In https://reviews.llvm.org/D32199#732382, @rjmccall wrote:
> If you're going to try to enforce the declared type of memory, you'll also need something like the C effective type rule to handle char buffers in C++. As far as I can tell, it's not actually legal under the spec to cast an array of chars to an arbitrary type and access it that way — you have to do something to establish that there's an object of that type there first.
> If you memcpy'ed into that buffer from an object of the right type, that would be sufficient to create a new formal object of that type, but I don't see any way to sensibly apply that rule to e.g. the POSIX "read" function. It seems to me that you at least need to have a rule saying that it's okay to access a formal object of type char/char[] using an arbitrarily-typed l-value.
I agree. That's exactly what the current implementation does (I get that for free from our TBAA setup). I get this for free from the TBAA scheme because the current checks are symmetric (just like the TBAA checks in the optimizer). I had wondered whether this symmetry was an over-approximation in some cases, but perhaps it is not.
https://reviews.llvm.org/D32199
More information about the cfe-commits
mailing list