Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Loop conditons with boolean short-circuit #23

Open
mcopik opened this issue Apr 26, 2020 · 0 comments
Open

Loop conditons with boolean short-circuit #23

mcopik opened this issue Apr 26, 2020 · 0 comments
Assignees
@mcopik
Labels
bug Something isn't working

Comments

@mcopik
Copy link
Collaborator

mcopik commented Apr 26, 2020
edited
Loading

We noticed on LULESH that logical conditions are incorrectly tainted when short-circuiting of boolean expressions is applied. It is unknown whether optimizations play role here, this needs to be investigated.

In that case, the condition a && b can be rewritten into a CFG where the final phi node has 'false' constant for the case where a is false and the path evaluating p is omitted. As a constant unrelated to the value of a, there's no taint label associated.

The problem appears in LULESH main loop and can be fixed with the help of simplifycfg pass, at least for the cases we saw (false evaluation of a leads to a direct jump outside of the loop). It is unknown if this can lead to other misses taint propagations.
@mcopik mcopik self-assigned this Apr 26, 2020
@mcopik mcopik added the bug Something isn't working label Apr 26, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mcopik mcopik

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mcopik