xazax.hun added inline comments.
================
Comment at: clang/lib/Analysis/UnsafeBufferUsage.cpp:168-169
+ static Matcher matcher() {
+ // FIXME: What if the index is integer literal 0? Should this be
+ // a safe gadget in this case?
+ return stmt(
----------------
As per some of the discussions, in the future the compiler might be able to
recognize certain safe patterns, e.g., when there is a simple for loop with
known bounds, or when both the index and the array size is statically known.
I think here we need to make a very important design decision: Do we want the
gadgets to have the right "safety" category when it is created (e.g., we have
to be able to decide if a gadget is safe or not using matchers), or do we want
some mechanisms to be able to promote an unsafe gadget to be a safe one? (E.g.,
do we want to be able to prove some unsafe gadgets safe using dataflow analysis
in a later pass?)
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D137379/new/
https://reviews.llvm.org/D137379
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
