Skip to content

Fixes to pointer handling in goto_rw [depends-on: #2646] #748

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

Fixes to pointer handling in goto_rw [depends-on: #2646] #748

wants to merge 3 commits into from

Conversation

tautschnig
Copy link
Collaborator

@tautschnig tautschnig commented Mar 31, 2017
edited
Loading

  1. This reverts commit 55d1297. Pointers require dereferencing, and taking an address of an object does not induce any reads on the object.
  2. goto_rw tries to be over-approximating in its set of read/written objects, but had previously failed to do so in case of pointers. With the new fallback to __CPROVER_memory this ought to be resolved (albeit in a very coarse manner).

@tautschnig
Copy link
Collaborator Author

@lucasccordeiro This will affect the slicer - hopefully in a positive way.

@tautschnig tautschnig self-assigned this Apr 3, 2017
@tautschnig
Copy link
Collaborator Author

While the changes would seem to be the right thing to do(TM) they break 3 slicing tests. I will investigate.

@lucasccordeiro
Copy link
Contributor

@tautschnig: Thanks for letting me know. If you have doubts about the slicing tests, I'll be happy to clarify.

@tautschnig tautschnig changed the base branch from master to develop August 22, 2017 12:30
@tautschnig
Test actually works fine, no bug known here
55d45a0
@tautschnig
Revert "Fixed some array and pointer reads\writes not appearing"
1b65ef9 
This reverts commit 55d1297.

Pointers require dereferencing, and taking an address of an object does
not induce any reads on the object.
@tautschnig
goto_rw: treat dereference failure as a read/write of __CPROVER_memory
33c9f89 
Treating any such access as an access to the single, global memory object will
enable sound overapproximation, and thus helps slicing soundness.
@tautschnig tautschnig changed the title Revert "Fixed some array and pointer reads\writes not appearing" Fixes to pointer handling in goto_rw Feb 27, 2018
@tautschnig tautschnig assigned smowton and unassigned tautschnig Feb 27, 2018
martin-cs
martin-cs approved these changes Mar 1, 2018
View reviewed changes
Copy link
Collaborator

@martin-cs martin-cs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with this although I note that @lucasccordeiro (i|wa)s the keeper of the slicer.

@tautschnig
Copy link
Collaborator Author

While I'm of course very much convinced that my changes are the right-thing-to-do(TM), it would be great to have input from @smowton and @lucasccordeiro.

thk123
thk123 reviewed Mar 1, 2018
View reviewed changes
Copy link
Contributor

@thk123 thk123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't really know enough about what is going on here to provide meaningful comment, though it is surprising to be reverting such an old commit. Unfortunately, the original PR did not include any tests so hard to know whether what this was originally trying to fix remains fixed...

@tautschnig
Copy link
Collaborator Author

I don't really know enough about what is going on here to provide meaningful comment, though it is surprising to be reverting such an old commit.

I think the first time I committed this revert to some local branch was the day that I noticed its existence :-)

Unfortunately, the original PR did not include any tests so hard to know whether what this was originally trying to fix remains fixed...

Would @AnnaTrost be available (I heard rumors this might be the case) and be able to contribute some tests?

@smowton
Copy link
Contributor

smowton commented Mar 3, 2018
edited
Loading

We may follow this up with upstreaming a patch from the security product, which identifies dynamic objects per allocation site (i.e. the same granularity as value_sett's dynamic_object* identifiers). However this is clearly a step in the right direction which we should take for now.

One concern: does goto-rw have any concept of a strong write (for example, x = 0; x = 1; return x; reading the second but not the first write to x)? If so, is there any danger it will think *heap_ptr1 = 0; *heap_ptr2 = 1; return *dynamic_ptr1; isn't using the first write, since both the derefs will resolve to __CPROVER_memory?

@tautschnig tautschnig self-assigned this Mar 4, 2018
@qaphla qaphla mentioned this pull request Jul 31, 2018
Closed
@tautschnig tautschnig changed the title Fixes to pointer handling in goto_rw Fixes to pointer handling in goto_rw [depends-on: #2646] Mar 2, 2019
@TGWDB
Copy link
Contributor

TGWDB commented Aug 5, 2021

@tautschnig This PR seems to be in limbo, do you think you may update this and try to merge it, or should we close it due to age?

@TGWDB
Copy link
Contributor

TGWDB commented Sep 13, 2021

Closing this PR due to age and lack of clear direction. Please reopen if you believe this closure is erroneous and this will be updated/fixed.

@TGWDB TGWDB closed this Sep 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thk123 thk123 thk123 left review comments

@martin-cs martin-cs martin-cs approved these changes

@chrisr-diffblue chrisr-diffblue Awaiting requested review from chrisr-diffblue

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel is a code owner

@smowton smowton Awaiting requested review from smowton

Assignees

@tautschnig tautschnig

Labels
dependent - do not merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@tautschnig @lucasccordeiro @smowton @TGWDB @thk123 @martin-cs