Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Towards Proving Memory Initialization #3264

Merged
merged 99 commits into from
Jul 2, 2024
Merged

Towards Proving Memory Initialization #3264

merged 99 commits into from
Jul 2, 2024

Conversation

artemagvanian
Copy link
Contributor

@artemagvanian artemagvanian commented Jun 12, 2024
edited
Loading

This PR enables automatic memory initialization proofs for raw pointers in Kani. This is done without any extra instrumentation from the user.

Currently, due to high memory consumption and only partial support of pointee types for which memory initialization proofs work, this feature is gated behind -Z uninit-checks flag. Note that because it uses shadow memory under the hood, programs using this feature need to pass -Z ghost-state flag as well.

This PR is a part of working towards #3300.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.

@github-actions github-actions bot added the Z-BenchCI Tag a PR to run benchmark CI label Jun 12, 2024
celinval
celinval reviewed Jun 13, 2024
View reviewed changes
Copy link
Contributor

@celinval celinval left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please double check that invoking methods through the vtable works well? You can for example test drop of Box<dyn Debug> for cases where it is a valid value or it is an uninitialized value.

@artemagvanian artemagvanian marked this pull request as ready for review June 18, 2024 01:37
@artemagvanian artemagvanian requested a review from a team as a code owner June 18, 2024 01:37
@artemagvanian artemagvanian mentioned this pull request Jun 27, 2024
Open
14 tasks
celinval
celinval reviewed Jun 28, 2024
View reviewed changes
Copy link
Contributor

@celinval celinval left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So close!! Can you please add a few tests for catching intrinsics misuse?

kani-compiler/src/kani_middle/transform/check_uninit/ty_layout.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Outdated Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Outdated Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Outdated Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Outdated Show resolved Hide resolved
@artemagvanian artemagvanian mentioned this pull request Jul 1, 2024
Merged
celinval
celinval approved these changes Jul 2, 2024
View reviewed changes
Copy link
Contributor

@celinval celinval left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you

kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Outdated Show resolved Hide resolved
kani-compiler/src/kani_middle/transform/check_uninit/uninit_visitor.rs Show resolved Hide resolved
@artemagvanian artemagvanian merged commit d926482 into model-checking:main Jul 2, 2024
24 of 25 checks passed
@zhassan-aws zhassan-aws mentioned this pull request Jul 10, 2024
Merged
artemagvanian added a commit that referenced this pull request Jul 12, 2024
@artemagvanian @zhassan-aws
Improve performance and language support of memory initialization che…
068f63c 
…cks (#3313)

This is a follow-up PR for #3264, a part of the larger work towards
#3300.

This PR introduces:

- Use of demonic non-determinism (prophecy variables) to improve memory
initialization checks performance;
- Instead of keeping track of memory initialization of each possibly
uninitialized byte pointed to by some pointer, one is chosen
non-deterministically;
- Tests for proper memory initialization checks injection for compiler
intrinsics;
- Separate functions for checking memory initialization of slice chunks.

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 and MIT licenses.

---------

Co-authored-by: Zyad Hassan <88045115+zhassan-aws@users.noreply.github.com>
@zhassan-aws zhassan-aws mentioned this pull request Oct 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@remi-delmas-3000 remi-delmas-3000 remi-delmas-3000 left review comments

@celinval celinval celinval approved these changes

Assignees

@artemagvanian artemagvanian

Labels
Z-BenchCI Tag a PR to run benchmark CI
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@artemagvanian @remi-delmas-3000 @celinval