Skip to content

[smt2_convt] Fix invalid and NULL pointer handling #6040

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 16, 2021
Merged

[smt2_convt] Fix invalid and NULL pointer handling #6040

merged 2 commits into from
Apr 16, 2021

Conversation

SaswatPadhi
Copy link
Contributor

Fixes #6022.

Several SMT2 conversion functions used to crash on NULL pointers and other kinds of invalid pointers. This change fixes the handling of NULL pointers at several locations.

  • Each commit message has a non-empty body, explaining why the change was made.
  • NA Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • NA The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • NA My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • NA White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@SaswatPadhi SaswatPadhi added SMT Backend Interface bugfix aws Bugs or features of importance to AWS CBMC users labels Apr 15, 2021
@SaswatPadhi SaswatPadhi requested a review from tautschnig April 15, 2021 22:04
@SaswatPadhi SaswatPadhi self-assigned this Apr 15, 2021
@SaswatPadhi SaswatPadhi force-pushed the memset_null_fix branch 4 times, most recently from 171876f to 1bedd70 Compare April 15, 2021 23:17
@codecov
Copy link

codecov bot commented Apr 16, 2021
edited
Loading

Codecov Report

Merging #6040 (1bedd70) into develop (211b539) will increase coverage by 0.00%.
The diff coverage is 100.00%.

❗ Current head 1bedd70 differs from pull request most recent head 7663a57. Consider uploading reports for the commit 7663a57 to get more accurate results
Impacted file tree graph

@@           Coverage Diff            @@
##           develop    #6040   +/-   ##
========================================
  Coverage    74.13%   74.13%           
========================================
  Files         1444     1444           
  Lines       157442   157418   -24     
========================================
- Hits        116720   116707   -13     
+ Misses       40722    40711   -11
Impacted Files Coverage Δ
src/solvers/smt2/smt2_conv.cpp 60.45% <100.00%> (+0.08%) ⬆️
src/solvers/smt2/smt2_solver.cpp 85.35% <0.00%> (+2.24%) ⬆️
src/solvers/flattening/boolbv_if.cpp 100.00% <0.00%> (+12.50%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5914d75...7663a57. Read the comment docs.

tautschnig
tautschnig reviewed Apr 16, 2021
View reviewed changes
@SaswatPadhi
[smt2_convt] Fix arithmetic on invalid pointers
0edf9a5 
CBMC crashed on SMT2 conversion of pointer arithmetic on NULL and other kinds
of invalid pointers.
This change fixes the encoding of pointer arithmetic on invalid pointers.
@SaswatPadhi SaswatPadhi requested a review from tautschnig April 16, 2021 20:45
tautschnig
tautschnig approved these changes Apr 16, 2021
View reviewed changes
@SaswatPadhi
[smt_convt] Fix comparison of invalid pointers
7663a57 
The SMT conversion routines crashed on encoding of comparisons over invalid
pointers.
This change fixes this behavior by ignoring comparisons against invalid
pointers.
@SaswatPadhi SaswatPadhi merged commit 1b95f9b into diffblue:develop Apr 16, 2021
@SaswatPadhi SaswatPadhi deleted the memset_null_fix branch April 16, 2021 22:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tautschnig tautschnig tautschnig approved these changes

@allredj allredj Awaiting requested review from allredj

@kroening kroening Awaiting requested review from kroening kroening is a code owner

@martin-cs martin-cs Awaiting requested review from martin-cs martin-cs is a code owner

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel is a code owner

@romainbrenguier romainbrenguier Awaiting requested review from romainbrenguier

Assignees

@SaswatPadhi SaswatPadhi

Labels
aws Bugs or features of importance to AWS CBMC users bugfix SMT Backend Interface
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Crash during SMT translation of NULL pointers
2 participants
@SaswatPadhi @tautschnig