Skip to content

Avoid crash in linking conflict report by providing correct type for … #4522

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 12, 2019
Merged

Avoid crash in linking conflict report by providing correct type for … #4522

merged 1 commit into from
Apr 12, 2019

Conversation

andreast271
Copy link
Contributor

@andreast271 andreast271 commented Apr 12, 2019
edited
Loading

…dereference expression

CBMC currently crashes with an invariant check failure if there is a conflict discovered during linking.
Test case:
file one.c:

int f(char *i) { return  *i; }

file two.c:

int f(int *i) { return  *i; }

cbmc command:

cbmc one.c two.c

cbmc message without this commit:

--- begin invariant violation report ---
Invariant check failed
File: ../util/std_expr.h:3041 function: dereference_exprt
Condition: op.type().id()==ID_pointer
Reason: Precondition

cbmc message with this commit:

file two.c line 1: 
reason for conflict at *#this: conflict on POD

char
signed int
error: conflicting function declarations f
old definition in module one file one.c line 1
signed int (char *i)
new definition in module two file two.c line 1
signed int (signed int *i$link1)
CONVERSION ERROR

xbauch
xbauch reviewed Apr 12, 2019
View reviewed changes
src/linking/linking.cpp Outdated
@@ -143,7 +143,7 @@ void linkingt::detailed_conflict_report_rec(
if(depth>0 &&
!base_type_eq(t1.subtype(), t2.subtype(), ns))
{
conflict_path=dereference_exprt(conflict_path);
conflict_path=dereference_exprt(conflict_path, t1.subtype());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clang-format would prefer spaces around =.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also assigning it the subtype of the first expression seems a bit random. Conditioning it works as well:

      if(conflict_path.type().id() == ID_pointer)
        conflict_path = dereference_exprt(conflict_path);

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with your comments / suggestions and have updated the commit accordingly. I also added a regression test case for this defect.

@andreast271 andreast271 force-pushed the link_conflict_crash branch from 2bcc55a to 578ba08 Compare April 12, 2019 10:16
allredj
allredj reviewed Apr 12, 2019
View reviewed changes
Copy link
Contributor

@allredj allredj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️
Passed Diffblue compatibility checks (cbmc commit: 578ba08).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/108103779

@tautschnig tautschnig merged commit 1c231bb into diffblue:develop Apr 12, 2019
@andreast271 andreast271 deleted the link_conflict_crash branch March 21, 2021 17:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xbauch xbauch xbauch left review comments

@allredj allredj allredj left review comments

@tautschnig tautschnig tautschnig approved these changes

@kroening kroening Awaiting requested review from kroening kroening is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@andreast271 @tautschnig @xbauch @allredj