Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generalizing crucible_points_to beyond equality testing #220

Open
AndrewTolmach opened this issue Aug 10, 2017 · 3 comments
Open

Generalizing crucible_points_to beyond equality testing #220

AndrewTolmach opened this issue Aug 10, 2017 · 3 comments
Labels
easy Issues that are expected to be easy to resolve and might therefore be good for new contributors needs test Issues for which we should add a regression test subsystem: crucible-llvm Issues related to LLVM bitcode verification with crucible-llvm test assets Issues involving test programs or other test assets type: enhancement Issues describing an improvement to an existing feature or capability
Milestone

Comments

@AndrewTolmach
Copy link

Currently, there seems to be no way to characterize a post-state LLVM location except by giving its value precisely using crucible_points_to. But sometimes this is quite inconvenient, because we may not know an exact characterization of the value. This is particularly problematic when we have a Cryptol model using types that are not isomorphic to the corresponding C types. So it would be nice to have a more general mechanism for specifying the desired post-state.

Here's an example of the problem:
C treats any non-zero value as True. We'd like to show that f() always sets y to a True value, but we can only check whether it sets y to a particular value (here 1). This doesn't work if the initial value of y is any non-zero value other than 1.

f.c:

typedef char bool;
bool y;
void f() {
  if (y == 0)
    y = 1;
}

f.saw:

m <- llvm_load_module "f.bc";
print m;
load_crucible_llvm_module "f.bc";
crucible_llvm_verify "f" [] false 
           do { y <- crucible_fresh_var "y" (llvm_int 8); 
                crucible_points_to (crucible_global "y") (crucible_term y); 
                crucible_execute_func []; 
                crucible_points_to (crucible_global "y") (crucible_term {{(zero #[True]) : [8]}});
	      }
           abc;

Results:

Loading module Cryptol
Loading file "/Users/andrewtolmach/experiments/f.saw"
Module: f.bc
Types:

Globals:
  @y = common global i8

External references:

Definitions:
  void @f()

Subgoal failed: @f points-to assertion
SolverStats {solverStatsSolvers = fromList ["ABC"], solverStatsGoalSize = 57}
("y",128)
saw: user error ("crucible_llvm_verify" (/Users/andrewtolmach/experiments/f.saw:4:1):
Proof failed.)
@brianhuffman
Copy link
Contributor

Once we implement support for crucible_fresh_var in the post-state section of a spec (#182) then we'll be able to write something like this:

crucible_llvm_verify "f" [] false 
           do {
                y <- crucible_fresh_var "y" (llvm_int 8); 
                crucible_points_to (crucible_global "y") (crucible_term y); 
                crucible_execute_func [];
                y_new <- crucible_fresh_var "y_new" (llvm_int 8);
                crucible_points_to (crucible_global "y") (crucible_term y_new);
                crucible_postcond {{ y_new > 0 }};
	      }
           abc;

@langston-barrett langston-barrett added subsystem: crucible-llvm Issues related to LLVM bitcode verification with crucible-llvm maybe fixed Issues where there's reason to think they might be fixed but that still requires confirmation labels Sep 23, 2019
@robdockins robdockins added the needs test Issues for which we should add a regression test label Jul 16, 2021
@brianhuffman brianhuffman self-assigned this Jul 16, 2021
@brianhuffman brianhuffman added the easy Issues that are expected to be easy to resolve and might therefore be good for new contributors label Jul 16, 2021
@brianhuffman
Copy link
Contributor

We should be able to close this once we add the above example as a regression test.

@sauclovian-g sauclovian-g added this to the 2024T3 milestone Oct 29, 2024
@sauclovian-g sauclovian-g added type: enhancement Issues describing an improvement to an existing feature or capability test assets Issues involving test programs or other test assets and removed maybe fixed Issues where there's reason to think they might be fixed but that still requires confirmation labels Oct 29, 2024
@sauclovian-g
Copy link
Contributor

This is fixed, we just need to add the test and that should get done already.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
easy Issues that are expected to be easy to resolve and might therefore be good for new contributors needs test Issues for which we should add a regression test subsystem: crucible-llvm Issues related to LLVM bitcode verification with crucible-llvm test assets Issues involving test programs or other test assets type: enhancement Issues describing an improvement to an existing feature or capability
Projects
None yet
Development

No branches or pull requests

5 participants