search

checkedc / checkedc-llvm-project

This repo contains a version of clang that is modified to support Checked C. Checked C is an extension to C that lets programmers write C code with bounds checking and improved type-safety.
13 stars 19 forks source link

Bounds macro #1199

Closed arunkumarbhattar closed 1 year ago

arunkumarbhattar commented 1 year ago

Title: Implement Alternate Syntax and Macros for Backward Compatibility

Description: In this PR, we implement alternate syntax and macros to enhance the backward compatibility of Checked C code with non-Checked C compilers. The technical details of the changes are based on the proposal documented in this wiki page. The key changes include:

Pointer types: Introduce _Array, _Nt_array, and _Single qualifiers for pointer types, which can be defined as empty strings when Checked C is not supported. Arrays: Define the keyword _Checked/_Nt_checked as an empty string when a compiler does not support Checked C. Generic types: Introduce the _TyArg macro to wrap type arguments, and the _TyVar macro for type variables. Also, provide a two-part approach for generic function definitions and generic struct definitions. Bounds annotations: Introduce new keywords _Any, _Bounds, _Byte_count, and _Count for bounds expressions, and allow a declarator to be followed by a bounds expression. Dynamic check expressions: Implement a macro that evaluates the argument but does nothing with it, or alternatively, make use of the assert macro. Bounds cast expressions: Introduce variadic macros for _Dynamic_bounds_cast and _Assume_bounds_cast expressions, which map to their corresponding syntax forms when Checked C is supported or to a C-style cast when it is not. Where clauses: Allow optional parentheses to surround the where clause, and implement a macro that discards the body of the where clause, when Checked C, is not supported. These changes enable Checked C code to be compiled and executed on non-Checked C compilers while preserving the benefits and safety guarantees when using a Checked C compiler. This improves code portability and broadens the range of platforms on which Checked C code can run.

Evaluation:

CheckedC-Tests: -- Testing: 150 tests, 2 workers --

Testing Time: 10.68s Unsupported: 4 Passed : 146 [100%] Built target check-checkedc

Clang Tests -- Testing: 27774 tests, 2 workers --

Testing Time: 1077.88s Unsupported : 118 Passed : 27622 Expectedly Failed: 34 [100%] Built target check-clang

ALL TESTS

Failed Tests (14): Clang :: 3C/b_tests/b8_allsafestructnp.c Clang :: 3C/cli_errors.c Clang :: 3C/generated_tests/fptrinstructcallee.c Clang :: 3C/generated_tests/fptrsafeboth.c Clang :: 3C/gvar.c Clang :: 3C/json_formatting.c Clang :: 3C/json_formatting_backslash.c Clang :: 3C/k_and_r.c Clang :: 3C/multiple_tu.c Clang :: 3C/multipledecls.c Clang :: 3C/prototype_success1.c Clang :: 3C/statstest.c Clang :: 3C/stdout_mode_write_other.c LLVM :: Bindings/Go/go.test

Testing Time: 2197.68s Unsupported : 1536 Passed : 68718 Expectedly Failed: 183 Failed : 14

dtarditi commented 1 year ago

@arunkumarbhattar I am investigating the failures when running all tests. These failures happen without these changes. See issue #1202.

dtarditi commented 1 year ago

I fixed the failing 3C tests with PR #1203. With that change, there are no more failing 3C tests on either 64-bit Ubuntu 20.03 or 64-bit Windows 11. I did see one failure when running check-all on either platform, but those appear totally unrelated to this change.