Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error TODO: implement copySlice with a symbolically sized region reached by Echidna #492

Closed
rappie opened this issue May 3, 2024 · 7 comments
Labels

Comments

@rappie
Copy link

rappie commented May 3, 2024

For more info, see this issue in the Echidna repository: crytic/echidna#1247

@d-xo
Copy link
Collaborator

d-xo commented May 27, 2024

This is a known limitation. The core issue is that smt-lib does not provide primitives for copying slices between arrays. At the moment we unroll concretely sized copySlice's into a sequence of byte read/writes.

In order to handle symbolic slices, we would need to implement one of the strategies from this paper: https://link.springer.com/chapter/10.1007/978-3-642-54108-7_6. This is not a small change, but I think relatively achievable (we should have most of the required machinery to implement their rewriting approach).

@msooseth msooseth added the enhancement New feature or request label Jul 15, 2024
@msooseth
Copy link
Collaborator

This is being worked on by the developers of Bitwuzla, so currently, I'd like to not work on this on our end, to reduce duplication of work. Hopefully, in a few months this will be fixed :) Yay!

@msooseth msooseth added blocked and removed enhancement New feature or request labels Aug 28, 2024
@ggrieco-tob
Copy link
Contributor

Is #591 related to this issue?

@msooseth
Copy link
Collaborator

msooseth commented Oct 9, 2024

#591 is related indeed, thanks! But it doesn't actually solve it :( Instead, it makes sure that when an error is encountered, we don't abandon the whole operation, only the ones we cannot deal with :)

@ggrieco-tob
Copy link
Contributor

Great, this is good step forward, since currently the symbolic worker will crash and that's not good 😄

@msooseth
Copy link
Collaborator

@ggrieco-tob Exactly! It actually should work now. Let me know what your experience is with it. If you wanna review, that'd also be nice :)

@msooseth
Copy link
Collaborator

msooseth commented Dec 4, 2024

OK, this is in some sense solved: we don't crash, we just report an incomplete result. So it's a lot better user experience, and it's a well-known limitation for the moment in terms of capability. So I'm pretty happy with this for the moment. Closing.

@msooseth msooseth closed this as completed Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

4 participants