search

correctcomputation / checkedc-clang

This is the primary development repository for 3C, a tool for automatically converting legacy C code to the Checked C extension of C, which aims to enforce spatial memory safety. This repository is a fork of Checked C's.
14 stars 5 forks source link

Prioritize root-cause diagnostics #271

Closed mwhicks1 closed 3 years ago

mwhicks1 commented 4 years ago

The --warn-root-cause and --warn-all-root-cause flags output diagnostics that indicate the root cause for making a pointer non-checked ("WILD"). Consider this example:

int foo(void *q) {
  int *x = (int *)q;
  return *x;
}
void bar(int *p, int len, int c) {
  for (int i = 0; i<len; i++) {
    p[i] += c; 
  }
}
void baz(int *s) {
  int a[2] = {1,2};
  bar(a,2,foo(s));
  bar(s,1,0);
}

When we run cconv-standalone -alltypes --warn-root-cause on this file, we get these two diagnostics:

a.c:1:15: warning: Root cause of unchecked pointers:
      Default void* type
int foo(void *q) {
              ^
a.c:10:15: warning: Root cause of unchecked pointers:
      Cast from int * to void *
void baz(int *s) {
              ^

At present, these two warnings come out in a random order. But as it turns out, the first warning is "more important" because it's an indication that q is made unchecked by being a void * but also because, as a result, x is made so. In general, a root cause will induce potentially very many pointers, downstream, to be made unchecked, too. We should order these according to influence, with the highest influence problems coming first.

Influence should not just be about how many pointers are affected, but also whether a region of code is forced to be _Unchecked just because of the use of a unchecked pointer influenced by a particular root cause.

kyleheadley commented 3 years ago

This particular example now returns a single "Root cause for 3 unchecked pointers: ...". Was the work so far enough to satisfy this issue?

john-h-kastner commented 3 years ago

I think this issue can de declared resolved. As Kyle noted back in December, the -warn-root-cause output now includes affected pointers counts, allowing the user to prioritize root causes this way. This feature was more recently integrated into the root cause regression tests in PR #578.

We have also developed a python script around the root cause analysis 3c-wrap root_cause which can be used to view root causes ordered either by pointers affected or the weighted pointer score.