search

correctcomputation / checkedc-clang

This is the primary development repository for 3C, a tool for automatically converting legacy C code to the Checked C extension of C, which aims to enforce spatial memory safety. This repository is a fork of Checked C's.
14 stars 5 forks source link

Constant expressions should not be reduced #173

Closed dopelsunce closed 3 years ago

dopelsunce commented 4 years ago

Hi, here is the issue we talked about briefly in the meeting.

foo.c

char a[10 - 1];
char b[128 - sizeof(long)];
cconv-standalone -alltypes foo.c

Returns:

char a _Checked[9];
char b _Checked[120];

Wanted:

char a _Checked[10 - 1];
char b _Checked[128 - sizeof(long)];

It might be best to keep the constant expression as is.

john-h-kastner commented 4 years ago

We definitely don't want to be rewriting those.

It looks like clang is folding constants before we even get our hands on the AST, so all we see is

|-VarDecl 0x55da5b541ee8 <h.c:1:1, col:14> col:6 a 'char [9]'
`-VarDecl 0x55da5b5420b8 <line:2:1, col:26> col:6 b 'char [120]'

This means the fix will be some finicky rewriting logic. Instead of clobbering the declaration, we'll need to carefully insert Checked where it's needed.

Here's a more general example that shows what's happening.

char c[1 /*a very important comment*/];

is rewritten to

char c _Checked[1];
mwhicks1 commented 4 years ago

Wow this a big one. Seems like this is pushing for a larger re-do of rewriting ...