This was a fork of Checked C clang used from 2021-2024. The changes have been merged into the original Checked C clang repo, which is now at https://github.com/checkedc/checkedc-clang.
In the future, we may want to consider warning the user if we can detect that the user of a pointer with a bounds-safe interface does not satisfy its bounds-safe interface. For example:
void f(int *p : itype(_Array_ptr<int>),
int *q : bounds(unknown),
int *r : count(2),
int *s : count(1),
int *t : itype(_Ptr<int>)) {
// p has implicit declared bounds of bounds(unknown). p should not be dereferenced.
*p;
// q has explicit declared bounds of bounds(unknown). This is ok.
*q;
// The bounds of s are too small for the declared bounds of r.
// This could be a bug in the user's chosen itype bounds.
r = s;
// Pointer arithmetic is not allowed on _Ptrs. The could be a bug in the user's chosen itype.
t = t + 1;
}
This issue was copied from https://github.com/microsoft/checkedc-clang/issues/1159
In the future, we may want to consider warning the user if we can detect that the user of a pointer with a bounds-safe interface does not satisfy its bounds-safe interface. For example: