Skip to content

Take the LUB of constraints when multiple constraints exist and they might differ #59

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
awruef opened this issue Sep 23, 2016 · 1 comment
Closed

Take the LUB of constraints when multiple constraints exist and they might differ #59

awruef opened this issue Sep 23, 2016 · 1 comment
Assignees
@awruef

Comments

@awruef
Copy link
Collaborator

awruef commented Sep 23, 2016

In FunctionVariableConstraint::mkString we take the first constraint in a set for the return and parameters and use them. Right now this should be okay because they should all be constrained to be equal, so whatever one is resolved to should be the same as the others. However, maybe in the future that won't be true, so we should instead be more generic and take the LUB of all the ConstraintVariables in the set.
@awruef awruef mentioned this issue Sep 23, 2016
Merged
@dtarditi
Copy link
Member

dtarditi commented Sep 2, 2019

This work item is stale, so closing it. The convert tool has been mostly rewritten (see PR #642).

@dtarditi dtarditi closed this as completed Sep 2, 2019
dopelsunce pushed a commit to dopelsunce/checkedc-clang that referenced this issue Sep 28, 2020
@dtarditi
Feature tests for bounds-safe interface implicit type conversions. (c…
c6efb65 
…heckedc#59)

This change adds feature tests for implicit type conversions at bounds-safe interfaces.   It includes three sets of tests, corresponding to each language construct that can have a bounds-safe interface: a set for parameters with bounds-safe interfaces, a set for non-locally scoped variables with bounds-safe interfaces, and a set for members with bounds-safe interfaces.  These tests match corresponding compiler changes for Checked C clang repo issue 31.

For each set of tests, there are
- tests for assigning (or passing) checked pointers to unchecked pointers with bounds-safe interfaces (where the referent types match)
- tests for assigning or passing checked pointers to void * pointers with bounds-safe interfaces
- tests for passing checked void pointers to non void * pointers with bounds-safe interfaces.  These tests are expected to cause errors.
- There are also tests for types involving type qualifiers, making sure that the qualifier restrictions are enforced (a pointer to  non-const type can be assigned to a pointer to a const-type, but not the reverse).

There are additional tests for parameters with array types.  During type checking, the array types are adjusted to be pointer types.  For Checked C, the bounds-safe interface types are checked array types and they are adjusted during type checking to be checked pointer types.    For multi-dimensional arrays, this ends up being a little subtle.  The multi-dimensional array has a bounds-safe interface type that is a checked multi-dimensional array.   The checkedness propagates to the nested array types.  
When the checked multi-dimensional array type is adjusted to be a pointer, the result is a "checked pointer to a checked array type."

There are tests for both 1-dimensional and 2-dimensional array parameters.  The 2-dimensional array parameter tests check the subtleties of multi-dimensional arrays.  Each multi-dimensional argument is typed as a "checked pointer to a checked array type", so if the appropriate adjustments did not happen for the bounds-safe interface type for the parameter, a type mismatch would occur.
@secure-sw-dev-bot secure-sw-dev-bot mentioned this issue Jan 16, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@awruef awruef

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@awruef @dtarditi