Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Statically check parts of the RTS code with Frama-C #588

Closed
wants to merge 12 commits into from
Closed

Statically check parts of the RTS code with Frama-C #588

wants to merge 12 commits into from

Conversation

nomeata
Copy link
Collaborator

@nomeata nomeata commented Jul 22, 2019

In particular, that all IDL memory access is within bounds.

Also splits rts.c into several files.

@nomeata nomeata requested a review from crusso July 22, 2019 10:43
nomeata added a commit that referenced this pull request Jul 22, 2019
@nomeata
Split RTS into multiple files
2517bbc 
cherry-picked from #588
@nomeata nomeata mentioned this pull request Jul 22, 2019
Merged
crusso
crusso reviewed Jul 22, 2019
View reviewed changes
crusso
crusso approved these changes Jul 22, 2019
View reviewed changes
Copy link
Contributor

@crusso crusso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A pro-forma LGTM

nomeata added a commit that referenced this pull request Jul 22, 2019
@nomeata
Split RTS into multiple files (#589)
73717df 
cherry-picked from #588.
@nomeata
Copy link
Collaborator Author

nomeata commented Jul 22, 2019

Thanks for the approval. I should at least add a section to the README explaining the setup and what is checked etc.

@nomeata
Copy link
Collaborator Author

nomeata commented Jul 23, 2019

Hmm, might not actually work for dynamic arrays the way I would want it to… (asked question at https://stackoverflow.com/q/57168439/946226). I should look into the other options too.

@nomeata
Make Frama-C check work with various array lengths
2ade036 
unfortunately only by splitting the work for various fixed lenghts, as
explained in https://stackoverflow.com/a/57178643/946226. Not sure how
that scales.

Add a missing check in the parser.
@chenyan-dfinity
Copy link
Contributor

Can we use Rust for RTS code for IDL? Most of the memory issues will be gone with rust's type system.

@nomeata
Copy link
Collaborator Author

nomeata commented Aug 3, 2019

Can we use Rust for RTS code for IDL? Most of the memory issues will be gone with rust's type system.

I tried that first, but the toolchain wasn’t up to creating dynamic Wasm modules yet.

And I don’t think the memory issues will go away: We’d still be interfacing with the completely unsafe RTS parts written in WebAssembly directly, and thus can’t use the the Rust type checker for most stuff at the interface.

That said, I would still prefer to be able to write this in Rust… Eventually, I guess.

@nomeata
Copy link
Collaborator Author

nomeata commented Nov 26, 2019

Probably not master material

@nomeata nomeata closed this Nov 26, 2019
@nomeata nomeata deleted the joachim/rts-frama-c branch April 30, 2021 16:50
dfinity-bot added a commit that referenced this pull request Dec 11, 2024
@dfinity-bot
niv candid: update c2419ac6 -> 067025a8
eb64d4e 
## Changelog for candid:
Branch: master
Commits: [dfinity/candid@c2419ac6...067025a8](dfinity/candid@c2419ac...067025a)

* [`7758917b`](dfinity/candid@7758917) chore: elide needless lifetimes for rust 1.83.0 update to stable ([dfinity/candid⁠#587](https://github.com/dfinity/candid/issues/587))
* [`5ee6538e`](dfinity/candid@5ee6538) feat: IDLBuilder.try_reserve_value_serializer_capacity ([dfinity/candid⁠#586](https://github.com/dfinity/candid/issues/586))
* [`067025a8`](dfinity/candid@067025a) chore: release candid 0.10.11 ([dfinity/candid⁠#588](https://github.com/dfinity/candid/issues/588))
mergify bot pushed a commit that referenced this pull request Dec 11, 2024
@dfinity-bot
niv candid: update c2419ac6 -> 067025a8 (#4816)
107980b 
## Changelog for candid:
Branch: master
Commits: [dfinity/candid@c2419ac6...067025a8](dfinity/candid@c2419ac...067025a)

* [`7758917b`](dfinity/candid@7758917) chore: elide needless lifetimes for rust 1.83.0 update to stable ([dfinity/candid⁠#587](https://github.com/dfinity/candid/issues/587))
* [`5ee6538e`](dfinity/candid@5ee6538) feat: IDLBuilder.try_reserve_value_serializer_capacity ([dfinity/candid⁠#586](https://github.com/dfinity/candid/issues/586))
* [`067025a8`](dfinity/candid@067025a) chore: release candid 0.10.11 ([dfinity/candid⁠#588](https://github.com/dfinity/candid/issues/588))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crusso crusso crusso approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nomeata @chenyan-dfinity @crusso