Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not emit return bounds checking warnings or errors in certain contexts for bounds-safe interfaces #1157

Open
kkjeer opened this issue Aug 14, 2021 · 0 comments
Open

Do not emit return bounds checking warnings or errors in certain contexts for bounds-safe interfaces #1157

kkjeer opened this issue Aug 14, 2021 · 0 comments
Assignees
@kkjeer
Labels
work item This labels issues that are not exactly bugs but are about improvements.

Comments

@kkjeer
Copy link
Contributor

kkjeer commented Aug 14, 2021
edited
Loading

If we have a function whose return bounds are specified via a bounds-safe interface, e.g.

int *f(int *p, int *q : count(3), int test) : count(4) {
  ...
}

If a return statement within the body of f occurs within an unchecked scope and:

  1. The return value has unchecked pointer type, or:
  2. The return value has a bounds-safe interface, then:

The compiler should not emit any errors or warnings that would otherwise result from checking that the bounds of the return value imply the declared bounds of f.

For example, in the function below, return p should not result in any errors even though the bounds of p are bounds(unknown). return q should not result in any errors even though the bounds of q (bounds(q, q + 3)) are too narrow for the declared bounds of f (bounds(_Return_value, _Return_value + 4)).

int *f(int *p, int *q : count(3), int test) : count(4) _Unchecked {
  if (test > 0)
    return p;
  else
    return q;
}

However, if a return statement within the body of f occurs within an unchecked scope and the return value has checked pointer type, the compiler should emit any errors or warnings that result from checking that the bounds of the return value imply the declared bounds of f.

For example, in the function below, return r should result in an error since the bounds of r are unknown. return s should result in an error since the bounds of s (bounds(s, s + 3)) are too narrow for the declared bounds of f (bounds(_Return_value, _Return_value + 4)).

int *f(_Array_ptr<int> r : bounds(unknown), _Array_ptr<int> s : count(3), int test) : count(4) _Unchecked {
  if (test > 0)
    return r;
  else
    return s;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkjeer kkjeer

Labels
work item This labels issues that are not exactly bugs but are about improvements.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kkjeer