Skip to content

Commit 3ef1233

Browse files
karoliinehsim642
karoliineh
authored and
sim642
committed
Disable array bounds checks for reachability
1 parent daaa916 commit 3ef1233

2 files changed

Lines changed: 9 additions & 1 deletion

File tree

src/analyses/base.ml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -613,10 +613,15 @@ struct
613613
| JmpBuf _ -> empty (* Jump buffers are abstract and nothing known can be reached from them *)
614614
| Mutex -> empty (* mutexes are abstract and nothing known can be reached from them *)
615615

616+
let reachable_from_value ask (value: value) (t: typ) (description: string) =
617+
let@ () = GobRef.wrap AnalysisState.executing_speculative_computations true in
618+
reachable_from_value ask value t description
619+
616620
(* Get the list of addresses accessible immediately from a given address, thus
617621
* all pointers within a structure should be considered, but we don't follow
618622
* pointers. We return a flattend representation, thus simply an address (set). *)
619623
let reachable_from_addr ~man st (addr: Addr.t): address =
624+
let@ () = GobRef.wrap AnalysisState.executing_speculative_computations true in
620625
if M.tracing then M.tracei "reachability" "Checking for %a" Addr.pretty addr;
621626
let res = reachable_from_value (Analyses.ask_of_man man) (get_addr ~man st addr None) (Addr.type_of addr) (Addr.show addr) in
622627
if M.tracing then M.traceu "reachability" "Reachable addresses: %a" AD.pretty res;
@@ -696,6 +701,7 @@ struct
696701

697702

698703
let reachable_top_pointers_types man (ps: AD.t) : Queries.TS.t =
704+
let@ () = GobRef.wrap AnalysisState.executing_speculative_computations true in
699705
let module TS = Queries.TS in
700706
let empty = AD.empty () in
701707
let reachable_from_address (adr: address) =

src/cdomain/value/cdomains/arrayDomain.ml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -802,7 +802,9 @@ end
802802

803803
(* This is the main array out of bounds check *)
804804
let array_oob_check ( type a ) (module Idx: IntDomain.Z with type t = a) (x, l) (e, v) =
805-
if GobConfig.get_bool "ana.arrayoob" then (* The purpose of the following 2 lines is to give the user extra info about the array oob *)
805+
if !AnalysisState.executing_speculative_computations then
806+
()
807+
else if GobConfig.get_bool "ana.arrayoob" then (* The purpose of the following 2 lines is to give the user extra info about the array oob *)
806808
let idx_before_end = Idx.lt v l in (* check whether index is before the end of the array *)
807809
let idx_after_start = Idx.ge v (Idx.of_int (Cilfacade.ptrdiff_ikind ()) Z.zero) in (* check whether the index is non-negative *)
808810
(* For an explanation of the warning types check the Pull Request #255 *)

0 commit comments

Comments
 (0)