On the Irving example, 65% of GEPs have all-constant indices. On Jackson, it's 93%. With information about type sizes, these GEPs can be translated into byte-offsets. Given information about allocation sizes, we can then discard points-to facts that would involve adding offsets that go beyond the end of allocations, or even go so far as #36. This would improve both performance and precision. This would require work upstream in the llvm-ir crate to reproduce LLVM's type-size computations.

Requires #5, #15.

If it takes much longer than the normal build, perhaps we could run it just on the main branch.

yapall> error: Opaque pointers are only supported in -opaque-pointers mode (Producer: 'LLVM15.0.7' Reader: 'LLVM 14.0.6')
yapall> error: test failed, to rerun pass `--test pointer`

(See https://github.com/GaloisInc/yapall/actions/runs/6029699696/job/16359835202?pr=47#step:5:950 or https://github.com/GaloisInc/yapall/actions/runs/6030069826/job/16361088971?pr=50)

This is a specific instance of the general issues noted by #46

Requires #1.

Waiting on s-arash/ascent#17

Here's a simpler implementation of NanoCountLayer:

use std::time::{Duration, SystemTime};

use tracing::{debug, Id, Subscriber};
use tracing_subscriber::{layer::Context, registry::LookupSpan, Layer};

#[derive(Debug, Default)]
pub(crate) struct MilliCountLayer;

impl<S> Layer<S> for MilliCountLayer
where
    S: Subscriber + for<'lookup> LookupSpan<'lookup>,
{
    fn on_enter(&self, id: &Id, ctx: Context<'_, S>) {
        if let Some(span) = ctx.span(id) {
            span.extensions_mut().insert(SystemTime::now());
        }
    }

    fn on_exit(&self, id: &Id, ctx: Context<'_, S>) {
        if let Some(span) = ctx.span(id) {
            if let Some(time) = span.extensions().get::<SystemTime>() {
                let elapsed = time.elapsed().unwrap_or(Duration::ZERO);
                debug!("{}: {}ms", span.name(), elapsed.as_millis())
            }
        }
    }
}

... as a way to achieve soundness without writing many signatures. Crux does this, we can take inspiration from them.

This test was used to demonstrate proper handling of the undef constant, but it no longer seems to generate one.

It's my impression that the Nix flake can't yet successfully run the test suite. We should investigate this further.

With dependabot, or cargo update.

As described here.

The irving_precision test is failing (see https://github.com/GaloisInc/yapall/actions/runs/6029699696/job/16359835202?pr=47#step:5:960). This is a specific instance of the general failures noted in #46.

Right now, a pointer stored to a single, concrete field of a struct or index in an array will be retrieved in a load from any field or index. We should instead adopt a memory model that separates these. This would involve:

• For each GEP expression and instruction with all concrete indices, calculating the offset added to the base pointer
• For each (basic) allocation a, a new allocation a[*] which represents loads/stores at an unknown offset
• "Sub-allocations" a[n] for concrete offsets n that have been calculated via GEPs - though care must be taken such that there is only a bounded number of such suballocations.
• Rules relating loads and stores from the a[n] and a[*]

This would be a significant undertaking, and would require #37.

What are the intentions for supporting versions of rustc (i.e. what version range is intended)? I'm asking because the CI here uses nixpkgs-unstable, but I have another project which includes yapall and builds against nixos-23.05, and the latter provides rustc 1.69.0. The latest dependabot changes caused updates that are no longer compatible with that version of rustc:

yapall> configuring
yapall> building
yapall> Executing cargoBuildHook
yapall> ++ env CC_x86_64-unknown-linux-gnu=/nix/store/7wkshj58fcsl1f3zyi67qsxgl1p8nki1-gcc-wrapper-12.2.0/bin/cc CXX_x86_64-unknown-linux-gnu=/nix/store/7wkshj58fcsl1f3zyi67qsxgl1p8nki1-gcc-wrapper-12.2.0/bin/c++ CC_x86_64-unknown-linux-gnu=/nix/store/7wkshj58fcsl1f3zyi67qsxgl1p8nki1-gcc-wrapper-12.2.0/bin/cc CXX_x86_64-unknown-linux-gnu=/nix/store/7wkshj58fcsl1f3zyi67qsxgl1p8nki1-gcc-wrapper-12.2.0/bin/c++ cargo build -j 8 --target x86_64-unknown-linux-gnu --frozen --release
yapall> error: package `clap_derive v4.4.0` cannot be built because it requires rustc 1.70.0 or newer, while the currently active rustc version is 1.69.0
yapall> Either upgrade to rustc 1.70.0 or newer, or use
yapall> cargo update -p [email protected] --precise ver
yapall> where `ver` is the latest version of `clap_derive` supporting rustc 1.69.0
error: builder for '/nix/store/q9wlw6i02ms08p57i9bapg5l9l8rzblh-yapall-0.0.0.drv' failed with exit code 101

For that project, I am not building other rust packages so I can update, but it would be good to be intentional about which versions of rustc are intended to be supported and ensure the CI validates that version range.

Requires #2.

This should be documented.

The yapall binary should (by default) export analysis results in CSV format using the csv crate.

Requires #1.

Requires #5.

Should build binaries. Note to self: remove -march=native from rustc-flags.

As described here.