Open spernsteiner opened 1 year ago
@fw-immunant @kkysen just wanted to check to see if anything else should be crossed off this list given your work in this area
@fw-immunant @kkysen just wanted to check to see if anything else should be crossed off this list given your work in this area
Just the string literals, which I've checked the box for now.
On lighttpd, our second-largest source of panics is the
Operand::Constant
case oftype_of
, which currently doesn't allow any pointers or references to appear in the type of the constant. Constants of reference type are used for accessing statics - here is an example:Here,
alloc1
is the static allocation used to store the value ofMY_STATIC
. The value assigned to_2
is anOperand::Constant
of type&i32
, which currently causes a panic in our static analysis.There are several different cases observed in lighttpd that we'd eventually like to handle:
stderr
infprintf(stderr, "some message\n")
fprintf(stderr, ...)
toeprintln!(...)
.static mut
of primitive type, like lighttpd'sclockid_mono_coarse
andlog_monotonic_secs
i32
toAtomicI32
. We don't have to be too specific beyond that because evenOrdering::Relaxed
would provide more guarantees than the program was previously getting.static mut
containing pointers, likegraceful_sockets
andlog_con_jqueue
thread_local!
Cell<Box<T>>
or similar, instead of needing more complicatedMutex
+Arc
machinery.mut
, likename2id
,static_table
, andyy_shift_ofst
c2rust-transpile
already generates safe indexing operations for some of these, so all that's needed is to identifystatic mut
s that are never mutated and convert them to non-mut
.expect
call inconnection_write_cq
Operand::Constant
of reference type.Lookup tables are probably the easiest, but the handling of that case is entirely separate from the main analysis. Aside from that, strings and bytestrings also seem relatively simple, and adding support for these to the dataflow analysis could provide some ideas on how to handle the more complex cases.