Improve testing of null-terminated types, checked scopes

[dtarditi]

There have been some simple bugs that we've found or that have been reported by users. We also implemented some features in the compiler in a hurry in October/November to hit a paper deadline, with limited testing. This leads me to believe that we have a testing deficit.

Here are the results of auditing our tests.

Checked C repo tests.

These tests are in the repo under the test directory:

Parsing

• checked_array_types.c: looks good.
• declaration_bounds.c: needs some tests for null-terminated checked arrays and pointers.
• interop_types.c: needs some tests for null-terminated checked arrays and pointers.
• member_bounds.c: needs some tests for null-terminated checked arrays and pointers.
• parameter_bounds.c: needs some tests for null-terminated checked arrays and pointers.
• pointer_bounds_cast.c: should be updated after addressing Checked C issue Infer bounds for struct member accesses. #258.
• pointer_types.c: looks good.
• rel_align.c: need some tests with null-terminated array pointer types.
• return_types.c: ditto

Typechecking

• bounds.c:
  • missing tests of null-terminated pointer types.
  • missing tests that nt_array_ptrs of functions type are not allowed.
  • test arrays of function types?
• checked_arrays.c: looks good.
• checked_scope_basic.c: missing tests of null-terminated pointer types (++ open bug)
• checked_scope_interfaces.c
  • missing tests of interface types implied by a "bounds" bounds declarations: int *x : bounds(x, x + 5)(++ open bug) [DONE]
  • for function parameters [DONE]
  • for struct members. [DONE]
  • missing tests of interface types with nt_array_ptr type [DONE]
  • missing tests of more complex constructed interface types (array of pointers, pointers to arrays, pointers to functions that takes types and arrays as arguments).
  • this is the place to add tests of typechecking local variables with bounds-safe interfaces.
  • need some tests where definitions and uses are in different checked scopes.
• checked_scope_pragma:
  • missing positive tests of nt_array_ptr.
  • missing tests of more complex constructed types (array of pointers, pointers to arrays, and so on).
  • for local variables
    *for itypes.
• function_casts.c:
  • missing tests of function_casts in checked scopes/unchecked scopes involving interface types.
  • missing tests of assignments of arrays of function pointers where there are implicit casts of the array types.
• interop.c:
  • rename this file or checked_scope_interfaces.c for symmetry in naming? Also rename so it is clear this is for bounds declarations
  • missing tests of itypes with null-terminated pointers/arrays.
• interop_type_annotations.c: missing tests of itypes with null-terminated array and pointer types [DONE]
• malloc_free.c: need to add tests for malloc/free of nt_array_ptr. Note that malloc needs to be done in unchecked code.
• no_prototype_functions.c: need tests for null-terminated array and pointer types
• pointer-types.c: looks good
• redeclaration.c:
  • test redeclarations involving nt_array_ptr types (both parameters and as interface types). Should check conflicting nt_checked vs. checked declarations.
  • test declarations involving nt_checked array types. Should check conflicting nt_checked vs. checked declarations.
  • test redeclarations inside/outside of checked scopes
• redeclare_libraries.cL audit to make sure all checked header files are included.

Static_checking

We need to create some Checked C repo tests for bounds declaration checking based on the
Checked C clang repo tests for bounds declaration checking. The clang repo tests included detailed tests of notes and error messages. We just want to indicate tests that should pass/fail in the Checked C repo.

Other things we need to do:

• Need to check more complex bounds declarations for variables declared with initializers.
• Need to check bounds declarations for static_casts.

Here is a detailed list of files:

• bounds_decl_checking.c: Add testing of bounds declarations of
• uses of variables with bounds-safe interfaces in checked scopes.
• uses of variables with range bounds expressions.
• calls to functions with parameters/returns with range bounds expressions.
• calls in checked scopes to functions with bounds-safe interfaces.
• bounds declarations with more complex expressions than variables.
• initializers.c:
  • f1: test initializers for nt_array_ptr varaibles. This is also a no params function - that needs to be corrected.
  • Make it clear in comments that this is testing simple properties:

• that checked variables should have initializers
• that initialized arrays and array literals meet size requirements.
• that initializers for null-terminated arrays have null terminators.

• lexical equality.c: need tests for null-terminated pointers and arrays.
• assignments.c: should check assignments with different types and different bounds expressions.

Dynamic-checking

• bounds\bounds-safe-interfaces.c:
  • Need tests of null-terminated pointers, range expressions, and ptr types.
  • Check vs. unchecked scopes
• bounds\nullterm_pointers.c: need tests of uses of parameters with null-terminated pointer and
  array types.

Checked C clang repo tests

These tests are in the repo under test\CheckedC. Here is some preliminary analysis.

Top-level files

• dump_bounds.c: need some dumps involving nt_array_ptr

Inferred_bounds

• Calsl.c:
  • Need tests for calls with bounds-safe interface conversion (checked -> unchecked pointers)
• Need tests for calls with void pointer conversions.
• Need cross-product of the prior two.
• Other files: need tests for uses of variables with bounds-safe interfaces, in/out of checked scope.

Dynamic checks

We need need tests involving variables with bounds-safe interfaces, an variables defined/used across unchecked and checked scopes.