Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Import null pointer information from PDG into static analysis #1086

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Import null pointer information from PDG into static analysis #1086

wants to merge 6 commits into from

Conversation

ahomescu
Copy link
Contributor

No description provided.

@ahomescu ahomescu self-assigned this Apr 25, 2024
@ahomescu
Copy link
Contributor Author

I still need to test this on some actual code (maybe lighttpd?)

@kkysen kkysen changed the title Import null pointer information from PDF into static analysis Import null pointer information from PDG into static analysis Apr 25, 2024
spernsteiner
spernsteiner approved these changes Apr 26, 2024
View reviewed changes
c2rust-analyze/src/analyze.rs Show resolved Hide resolved
c2rust-analyze/src/analyze.rs Outdated Show resolved Hide resolved
pdg/src/builder.rs Outdated Show resolved Hide resolved
ahomescu
ahomescu commented Apr 30, 2024
View reviewed changes
c2rust-analyze/src/analyze.rs
if g.is_null {
// TODO: is this enough?
perms.remove(PermissionSet::NON_NULL);
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@spernsteiner If I'm understanding #1088 correctly, the other thing we need to do here is add NON_NULL to updates_forbidden?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Roughly, yes. Though we might want to experiment a bit - for example, it might be easier to understand the results if we set updates_forbidden only on function signatures, or only on named variables and not on temporaries.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there can be two nodes with the same dest (either in different Graphs or in the same one), representing two different observations of that dest during the execution. We want to set NON_NULL in perms (and in updates_forbidden) only if all observations with the same dest show it containing a non-null pointer. So we need some additional logic beyond just doing perms.insert(NON_NULL); updates_forbidden.insert(NON_NULL); here.

@ahomescu
Add is_null flag to PDG graphs
56d4804 
Mark each PDG graph with a boolean flag that
represents whether that graph corresponds to the
null pointer or not. The PDG construction algorithm
seems to build one unique graph for all null pointers
in the entire program.
@ahomescu
Add an extra null pointer test to analysis example
86b0a9c 
Add one test where a function argument can be either
null or non-null in the recur() function of the
analysis/tests/misc example code.
@ahomescu
Use PDG to remove NON_NULL from pointers in static analysis
36123be 
Remove the NON_NULL permission from all nodes in
the null graph from the PDG.
@ahomescu
Keep track of fields of locals in a projection tree
3ace528 
Introduce a ProjectionTree data structure in the
PDG construction algorithm which keeps track of assignments
into projections of locals. This lets us reconstruct the
correct source of some events where the direct source is
missing.
@ahomescu
Add extra debugging information to non-null assertion
d9b3be9
@ahomescu
Disable broken Field event construction
2b30b48 
The Field event instrumentation is broken because
it does not distinguish between identical field indices
at different depths, e.g., x.1.2 and x.2 will emit an
identical Field(&x, 2) event.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spernsteiner spernsteiner spernsteiner approved these changes

@fw-immunant fw-immunant Awaiting requested review from fw-immunant

Assignees

@ahomescu ahomescu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ahomescu @spernsteiner