Skip to content

Refactor writing to pointers #1531

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 9 commits into
base: master
Choose a base branch
from
Draft

Refactor writing to pointers #1531

wants to merge 9 commits into from

Conversation

karoliineh
Copy link
Member

@karoliineh karoliineh commented Jul 1, 2024
edited by sim642
Loading

TODO

This was linked to issues Jul 1, 2024
Reconsider not writing to known addresses if a pointer contains an unknown element #1461
Open
BaseAnalysis: Investigate why join over alternatives for non-definite AD target does not work #1465
Open
@karoliineh karoliineh added cleanup Refactoring, clean-up bug labels Jul 1, 2024
@karoliineh
Copy link
Member Author

Decisions from GobCon on 09.07:

What should happen when we write to a pointer that is either known or NullPtr?

  • a) Should we keep the NullPtr and join the known values
  • b) Or should we assume that if it is null, the program crashes anyways, and if it continues, the known value can only be the one that was written
  • Add b) as default behavior, make it configurable (for now), with option called sem.abort-on-null-deref

@sim642
Copy link
Member

sim642 commented Jul 16, 2024

We already have the option sem.null-pointer.dereference (for reading) and I think we decided to reuse that for writing. Its name and values might need to be changed though to match both reading and writing.

@sim642 sim642 mentioned this pull request Aug 16, 2024
Merged
@michael-schwarz
Copy link
Member

This seems to have gotten stuck. Are there plans here?

@sim642
Copy link
Member

sim642 commented Mar 3, 2025

There was the matter of naming/describing the option but we discussed it and something seems to have been implemented. Not sure about the test failures though.

I think it makes sense to do this though.

@sim642 sim642 mentioned this pull request Jul 7, 2025
Merged
sim642
sim642 reviewed Jul 7, 2025
View reviewed changes
src/analyses/base.ml
Comment on lines +1733 to +1738
| NullPtr ->
begin match get_string "sem.null-pointer.dereference" with
| "assume_none" -> D.bot ()
| "assume_top" -> store
| _ -> assert false
end
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regarding something I noticed in #1777 (comment): this now makes writing to NULL more explicit, but somehow there's still no warning.
I'm now wondering if we're actually missing a warning here or we actually emit one from somewhere else already. Should probably figure this out while we're at it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sim642 sim642 sim642 left review comments

Assignees
No one assigned
Labels
bug cleanup Refactoring, clean-up
Projects
None yet
Milestone
No milestone
3 participants
@karoliineh @sim642 @michael-schwarz