Skip to content

Simple normalizations for +1/-1 bounds scenarios #1128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 22 commits into from
Jul 20, 2021
Merged

Simple normalizations for +1/-1 bounds scenarios #1128

merged 22 commits into from
Jul 20, 2021

Conversation

kkjeer
Copy link
Contributor

@kkjeer kkjeer commented Jul 13, 2021

This PR implements some transformation functions to enable the bounds checker to validate some additional bounds.

These normalization functions attempt to express a given upper bound expression as ((E1 + E2) +/- A) +/- B, where E1 has pointer type and A and B are integer constants. The bounds checker can use the variable part E1 + E2 and the constant part A + B to compare bounds expressions.

This enables the bounds checker to validate certain bounds that can arise in bounds widening scenarios. For example:

void f(_Nt_array_ptr<char> p : count(len), unsigned int len) {
  if (*(p + len)) {
    ++len;
  }
}

The bounds checker can express the inferred upper bound (p + (len - 1)) + 1) as ((p + len) - 1) + 1and extract the variable partp + lenand the constant part-1 + 1 == 0. The bounds checker can then use these to prove that the inferred upper bound is equivalent to the declared upper bound p + len`.

kakje added 21 commits July 7, 2021 15:53
Add NormalizeUtils.h and NormalizeUtils.cpp
f60113f
Add NormalizeUtil::AddExprs helper method
4e0ab90
Add NormalizeUtil::TransformAdditiveOp method
de4c40e
Fix typos
db8a01e
Add ExprCreatorUtil::CreateUnaryOperator method
f0c0b14
Add NormalizeUtil::GetAdditionOperands helper method
f8faae2
Rename variable in NormalizeUtil::TransformSingleAdditiveOp
24d6c66
Add ExprUtil::EnsureEqualBitWidths method
2b4b9c9
Add NormalizeUtil::GetRHSConstant helper method
f6443fd
Add NormalizeUtil::TransformAssocLeft method
e1a9630
Add NormalizeUtil::ConstantFold method
7ee773e
Remove ConstantFoldUpperOffsets, GetRHSConstant, and EnsureEqualBitWi…
d6b25a6 
…dths methods from BaseRange and call utility methods instead
Fix typos
b99804d
Avoid creating an unnecessary binary operator in TransformAdditiveOp
fc09e82
Return argument expression from TransformAssocLeft if the argument is…
5ca588b 
… already in the output form
Add NormalizeUpperBound method to CheckBoundsDeclarations
0ddfa57
Add CompareNormalizeBounds method to CheckBoundsDeclarations
0078abd
Remove expected warning from bounds widening test in bounds-context.c
b50dc1f
Add tests for comparing normalized bounds to bounds-decl-checking.c
ced9e4f
Merge branch 'master' of https://github.com/microsoft/checkedc-clang
cdd7b58 
…into plus-one-minus-one-bounds-widening
Move declaration of PointerAndConst
a375cae
sulekhark
sulekhark approved these changes Jul 14, 2021
View reviewed changes
Copy link
Contributor

@sulekhark sulekhark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thank you!

@kkjeer kkjeer mentioned this pull request Jul 14, 2021
Closed
mgrang
mgrang approved these changes Jul 20, 2021
View reviewed changes
Copy link

@mgrang mgrang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@kkjeer kkjeer merged commit 446a9be into master Jul 20, 2021
@kkjeer kkjeer deleted the plus-one-minus-one-bounds-widening branch July 20, 2021 22:51
@secure-sw-dev-bot secure-sw-dev-bot mentioned this pull request Jan 17, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mgrang mgrang mgrang approved these changes

@sulekhark sulekhark sulekhark approved these changes

@arbipher arbipher Awaiting requested review from arbipher

@dtarditi dtarditi Awaiting requested review from dtarditi

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kkjeer @mgrang @sulekhark