Compile time Array Bounds Analysis in LLVM


I am working on analyzing arrays for dimensions and inferring iteration space.

While going through this i found example

int funct(){
int a[6][6][6];
return a[8][0][0];

Compiler did not warn about extended index in first dimension. Considering arrays are decayed

into pointer, Will issuing this as error be false positive?

By looking at this it looks like easy problem to solve at AST level. What is challenge in this analysis?



No; a[8] is equivalent to *(a+8), and “a+8” is undefined behavior because it points outside the array. -fsanitize=undefined will catch this at runtime. Probably just an oversight in the checking code. Briefly looking at it, it looks like there’s a missing call to Sema::CheckArrayAccess? -Eli