-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Emit dead
goto-instructions on MIR StatementDead
#3063
Conversation
62ebeaa
to
d4a82ab
Compare
This instruction corresponds to the cprover language's code_deadt and marks the point where a variable goes out of scope. This new statement type is needed in a future commit where MIR StorageDead statements get codegenned into these new Dead statements.
Kani now codegens goto-program Dead instructions when it sees MIR StatementDead statements. This commit fixes model-checking#3061.
This turns off a MIR pass that drops StatementLive and StatementDead nodes. These nodes are needed for us to detect when local variables go out of scope.
This is because new Dead instructions are being generated.
d4a82ab
to
d77ac68
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks good. Can you also please add a cargo test to ensure dependencies also contains these statements?
For that, you will have to create 2 crates. You add the defective code in one crate, and the harness in the other crate. Thanks!
These are the original release notes for the reference: ## What's Changed * Automatic cargo update to 2024-02-26 by @github-actions in #3043 * Upgrade rust toolchain to 2024-02-17 by @celinval in #3040 * Upgrade `windows-targets` crate to version 0.52.4 by @adpaco-aws in #3049 * Fix `codegen_atomic_binop` for `atomic_ptr` by @qinheping in #3047 * Upgrade Rust toolchain to `nightly-2024-02-25` by @adpaco-aws in #3048 * Update s2n-quic submodule by @zhassan-aws in #3050 * Update s2n-quic submodule weekly through dependabot by @zhassan-aws in #3053 * Retrieve info for recursion tracker reliably by @feliperodri in #3045 * Automatic cargo update to 2024-03-04 by @github-actions in #3055 * Upgrade Rust toolchain to `nightly-2024-03-01` by @adpaco-aws in #3052 * Add `--use-local-toolchain` to Kani setup by @jaisnan in #3056 * Replace internal reverse_postorder by a stable one by @celinval in #3064 * Add option to override `--crate-name` from `kani` by @adpaco-aws in #3054 * cargo update and fix macos CI by @zhassan-aws in #3067 * Bump tests/perf/s2n-quic from `d103836` to `1a7faa8` by @dependabot in #3066 * Upgrade toolchain to 2024-03-11 by @zhassan-aws in #3071 * Emit `dead` goto-instructions on MIR StatementDead by @karkhaz in #3063 **Full Changelog**: kani-0.47.0...kani-0.48.0
I confirmed that these scenario is correctly captured by the fix. I'll open a PR that integrates that test. |
This is a follow-up on #3063 that adds a test with multiple crates to make sure this scenario is correctly handled and that Kani reports the bug. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.
This commit adds a new
Dead
goto-instruction that gets codegenedwhenever Kani sees a MIR
StatementDead
statement. This newgoto instruction corresponds to the CBMC code_deadt statement
that marks the point where a local variable goes out of scope.
This new instruction is needed to detect invalid accesses of dead local
variables.
The commit also codegens a CBMC
Decl
instruction upon seeing a MIRStatementLive. This ensures that variables that go out of scope at the
end of a loop are not falsely marked as having a dead dereference when
they are accessed on the next loop iteration.
Resolves #3061
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.