Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Codegen storage markers as assignments to __CPROVER_dead_object #3164

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Codegen storage markers as assignments to __CPROVER_dead_object #3164

wants to merge 4 commits into from

Conversation

tautschnig
Copy link
Member

This changes our handling of storage markers to be marking is-alive only rather than treating StorageLive as creating a new object. That is, object instances are now tied to their Mir-provided declarations (which, at present, only appear once per function). To still account for when Rust scopes deem an object to be alive, we use StorageLive and StorageDead to update __CPROVER_dead_object. This (global) variable is used by CBMC's pointer checks to track when a pointer may not be safe to dereference for it could be pointing to an object that no longer is in scope.

Resolves: #3099

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.

@tautschnig
Debugging storage markers
5a1d28a
@tautschnig
WIP
e15fec4
@tautschnig
Codegen storage markers as assignments to __CPROVER_dead_object
f3e2053 
This changes our handling of storage markers to be marking is-alive
only rather than treating StorageLive as creating a new object. That is,
object instances are now tied to their Mir-provided declarations (which,
at present, only appear once per function). To still account for when
Rust scopes deem an object to be alive, we use StorageLive and
StorageDead to update `__CPROVER_dead_object`. This (global) variable is
used by CBMC's pointer checks to track when a pointer may not be safe to
dereference for it could be pointing to an object that no longer is in
scope.

Resolves: model-checking#3099
@tautschnig
Revert model-checking#3080 except for std enablement
e3d1568
@github-actions github-actions bot added the Z-BenchCI Tag a PR to run benchmark CI label Apr 26, 2024
@tautschnig
Copy link
Member Author

tautschnig commented Apr 26, 2024
edited

This still requires a fix on the CBMC side for contracts instrumentation not to fail, which is in diffblue/cbmc#8261.

celinval
celinval reviewed Apr 26, 2024
View reviewed changes
kani-compiler/src/codegen_cprover_gotoc/codegen/statement.rs
Stmt::skip(location)
} else {
Stmt::decl(self.codegen_local(*var_id), None, location)
let global_dead_object = self.ensure_global_var(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please encapsulate this declaration inside the goto bindings create?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@celinval celinval celinval left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
Z-BenchCI Tag a PR to run benchmark CI
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Spurious failures caused by handling of storage markers
2 participants
@tautschnig @celinval