Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Heapster rust string lits #1504

Merged
merged 122 commits into from
Nov 11, 2021
Merged

Heapster rust string lits #1504

merged 122 commits into from
Nov 11, 2021

Conversation

eddywestbrook
Copy link
Contributor

More work trying to support Rust string literals, though this PR does not quite get it all the way there... :(

This PR changes the interpretation of string literals, as defined by the translateLLVMValue function, to generate equality permissions for string literals. This was needed for Rust string literals because the lengths of LLVM globals for Rust slices seem to be stored as strings; e.g., the length of a 4-element slice is stored as the string literal "\04\00\00\00", and the Heapster type system needs to know this value in the permissions. Thus, this PR causes Heapster to translate every string literal of some size N to a pointer permission to an N-byte field whose contents are an equality permission to an N-byte word. E.g., a symbol "foo" that is defined to be a string literal for the string "bar" is now translated under this PR to have permission ptr((W,0,24) |-> eq(6713199)), where 6713199 is the decimal value of 0x666f6f, 0x66 is the ASCII code for "f", and 0x6f is the ASCII code for "o".

Most of the time, however, string literals are just used as arrays of bytes. This requires these large, N-byte pointer permissions to be split up into N individual byte pointer permissions. Implementing this is most of the work of this PR. Specifically, this PR adds the following implication rules:

  • SImpl_SplitLLVMWordField splits a pointer permission to a single word w into two consecutive pointer permissions to words w1 and w2 such that concatenating w1++w2 equals w;

  • SImpl_ConcatLLVMWordFields goes the other way, concatenating two consecutive pointer permissions to words w1 and w2 into a single pointer to their concatenation w1++w2;

  • SImpl_SplitLLVMTrueField splits a pointer to a true permission into two smaller consecutive pointers to true; and

  • SImpl_ConcatLLVMTrueFields concatenates two consecutive pointer permissions to true into a single pointer to true.

Eddy Westbrook added 30 commits August 31, 2021 12:27
…made the translation of bitvector permissions to just be bitvectors
… be converted to unit, not to the empty struct
…a HeapsterEnv into a single function which iterates through the globals and adds those it can handle
…macro, because that seems to be the proper way to do things
…ons with different fields using the SImpl_LLVMArrayContents rule; to get the translation of the SImpl_LLVMArrayContents to work correctly, I had to change local implications to not use strict tuples, which in turn required changing the translation of lowned permissions (which are themselves local implications) to not use strict tuples as well
Eddy Westbrook and others added 21 commits October 19, 2021 13:24
…(bv) permissions, since they seem to be used to lengths of arrays, which Heapster needs to know at type-checking time
… by the array shape length when it should not (thanks to MattY for finding this!)
@eddywestbrook eddywestbrook requested a review from m-yac November 10, 2021 22:16
@eddywestbrook eddywestbrook added the subsystem: heapster Issues specifically related to memory verification using Heapster label Nov 10, 2021
Copy link
Contributor

@m-yac m-yac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything looks good to me! I left a few comments, but there's nothing super important.

@@ -91,6 +93,13 @@ import Debug.Trace
-- * Utility Functions and Definitions
----------------------------------------------------------------------

-- | FIXME: put this somewhere more appropriate
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any objections to me making an issue in GaloisInc/parameterized-utils asking if they would be interested in adding this function?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, that makes sense. Let's leave it here for now and remove it if they accept the change there.

heapster-saw/src/Verifier/SAW/Heapster/Permissions.hs Outdated Show resolved Hide resolved
heapster-saw/src/Verifier/SAW/Heapster/Permissions.hs Outdated Show resolved Hide resolved
[w_term, elem_tp, transTerm1 ptrans_cell] in
[w_tm, elem_tp, transTerm1 ptrans_cell]
-}
applyOpenTermMulti (globalOpenTerm "Prelude.repeatBVVec")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we remove singletonBVVec from the Prelude now since it's no longer used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I dunno, I feel like we should leave it there as I guess a sort of documentation...?

heapster-saw/src/Verifier/SAW/Heapster/Implication.hs Outdated Show resolved Hide resolved
@eddywestbrook eddywestbrook added the PR: ready to merge Magic flag for pull requests to ask Mergify to merge given an approval and a successful CI run label Nov 11, 2021
@mergify mergify bot merged commit 99b783a into master Nov 11, 2021
@mergify mergify bot deleted the heapster-rust-string-lits branch November 11, 2021 04:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
PR: ready to merge Magic flag for pull requests to ask Mergify to merge given an approval and a successful CI run subsystem: heapster Issues specifically related to memory verification using Heapster
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants