Commit Graph

5229 Commits

Author SHA1 Message Date
Nikola Matić
64427412c4
Merge pull request #14347 from ethereum/fixTypeCheckingAbiDecode
Disallow the use of `TypeType` in complex expressions
2023-07-18 18:14:45 +02:00
Nikola Matic
82cb5338a9 Relax delegatecall type restriction plus test 2023-07-18 17:07:13 +02:00
Daniel Kirchner
110e2a656d Restrict mobile types of function types.
Move ternary tests to semanticTests
2023-07-18 14:13:36 +02:00
Matheus Aguiar
4fd5bbf50b Restrict mobileType of TypeType 2023-07-18 12:58:11 +02:00
Matheus Aguiar
f3fc19080a Override mobileType of MagicType to null 2023-07-18 10:56:02 +02:00
Daniel Kirchner
0ab0842c29 Disallow conversions between declaration function types. 2023-07-17 18:33:07 +02:00
Kamil Śliwak
dad2bf6472 Relax restrictions on immutable initialization 2023-07-14 15:29:32 +02:00
Kamil Śliwak
490b90d0ab Implement ImmutableItem::setToZero() to make delete work with immutables 2023-07-14 15:29:32 +02:00
Kamil Śliwak
5b70830a64 IRGeneratorForStatements: Small refactor in endVisit(IndexAccess) for readability 2023-07-13 11:07:40 +02:00
Kamil Śliwak
16220db759 IRGeneratorForStatements: Fix undefined order of functions when generating code for index expressions 2023-07-13 11:06:11 +02:00
Martin Blicha
3599c8c6b9 SMTChecker: Fix generation of smtlib scripts
When both CHC and BMC engines are used, the type of state variable
changes when trusted mode for external calls is used. This is because in
CHC engine, trusted mode means we pack more information into the
symbolic state. In BMC this type is always simple.

However, if BMC is run after CHC, in the current code state variables
are reset (and their declaration dumped into SMT-LIB script) before BMC
resets the type of the state variable.

The proposed solution is to simply reset the variable type before the
first variable of this type is created.
2023-06-30 15:57:51 +02:00
Pawel Gebal
826fd90dcf Fix error in SMTChecker: Use rich indentifier instead of external identifier to ecnode member access to functions 2023-06-23 15:24:55 +02:00
Kamil Śliwak
3ecf968001
Merge pull request #14328 from ethereum/fix-incomplete-ast-in-standard-json-on-analysis-fail
Fix incomplete AST in standard json on analysis fail
2023-06-19 18:26:33 +02:00
Pawel Gebal
d4be1d9c2f Add --print-smt flag to output SMTChecker SMTLIB code 2023-06-16 14:04:07 +02:00
Kamil Śliwak
712229a5c6 Fix StandardCompiler returning an incomplete AST in Standard JSON in case of an early exit during analysis 2023-06-15 10:50:04 +02:00
Kamil Śliwak
b1a773be2f IRGenerator: Leave IR optimization up to the caller to avoid unnecessarily doing it twice 2023-06-07 19:44:40 +02:00
Kamil Śliwak
25be38905f YulStack: When Yul optimization is not requested, run Yul optimizer with a minimal sequence instead of disabling it 2023-06-07 12:13:38 +02:00
Nikola Matic
47969adf91 Experimental standard library
Change import syntax and cover with tests
2023-06-06 17:16:23 +02:00
Pawel Gebal
f15b826431 Add optional bounds to unroll loops in BMC model checker 2023-06-02 18:32:38 +02:00
Leo
a0933fa80a
Merge pull request #14276 from ethereum/smtchecker-fix-ice
SMTChecker: External function call with struct member is not getter
2023-05-30 13:46:35 +02:00
Leo
ceab4dfee5
Merge pull request #14269 from blishko/smtchecker-fix-analysis-external-calls
[SMTChecker] Remember verification targets from trusted external calls
2023-05-30 13:45:37 +02:00
Martin Blicha
8ca453f82e SMTChecker: External function call with struct member is not getter
if a struct has a member that is a function pointer with `external`
attribute, and such a member is called, it is currently incorrectly
treated as a public getter in SMTEncoder.

The proposed fix is to make SMTEncoder::publicGetter more strict in
deciding whether an expression is a public getter.
The added condition, that the access happens on a state variable, is
exactly what is checked later with an assertion that is currently
failing.
2023-05-26 14:23:45 +02:00
Nikola Matić
477b621f2e
Merge pull request #14274 from ethereum/enable-access-to-foreign-events 2023-05-26 13:49:13 +02:00
Martin Blicha
b0419da654 [SMTChecker] Remember verification targets from trusted external calls
Previously, we did not remember trusted external calls for later phase
when we compute possible verification targets for each function.
This led to false negative in cases where verification target can be
violated, but not by calling a public function directly, but only when
it is called as an external function from other function.

The added test cases witnesses this behaviour. The underflow in
`dec` cannot happen in any other way except what the `dec` is called
from `f`.

The same problem did not occur when the functions are called internally,
because for such cases, we have already been remembering these calls in
the callgraph in the CHC engine.
2023-05-26 13:03:44 +02:00
Nikola Matic
5893e099fe Allow qualified access to events from other contracts 2023-05-26 12:52:52 +02:00
GiokaMarkella
28a1abf89a Yul AST output on the CLI and in Standard JSON 2023-05-26 12:35:31 +02:00
Nikola Matic
7a34d34045 Restrict experimental solidity to constantinople and above 2023-05-17 17:03:43 +02:00
Nikola Matic
8a41f4ac7e Introduce solidity-next pragma
Exclude pragma experimental error from ANTLR tests

Test for first pragma after non-pragma declaration

Resolve import pragmas

Change pragma name from next to solidity

Add Changelog entries

Address review comments
2023-05-15 19:25:13 +02:00
Daniel
9804085934
Merge pull request #14216 from ethereum/fix_bmc_side_effects_in_statement
Fix encoding of side-effects inside if and ternary in BMC
2023-05-15 13:34:22 +02:00
Alexander Arlt
c5673278a7 Remove EWASM backend. 2023-05-11 10:56:55 -05:00
Leo Alt
678461e828 Fix encoding of side-effects inside if and conditional statements in the BMC engine 2023-05-11 16:44:09 +02:00
Daniel
44a30e47ca
Merge pull request #14171 from ethereum/ast-import-via-standard-json
Add support to import AST via Standard JSON.
2023-05-09 22:22:31 +02:00
Alexander Arlt
4837d42361 Add experimental support to import AST via Standard JSON. 2023-05-09 14:07:38 -05:00
Nikola Matic
3bab14747e Fix hidden-overload in Types and remove CMake hack 2023-05-09 19:33:23 +02:00
Nikola Matic
9a87b587d5 Disallow immutable initialization in try catch statements
Trigger github
2023-05-09 14:48:14 +02:00
Rodrigo Q. Saramago
a29f77369a
Move AST annotation of internal function dispatch IDs to ContractDefinition
Co-authored-by: Daniel <daniel@ekpyron.org>
Co-authored-by: Nikola Matić <nikola.matic@ethereum.org>
2023-05-06 20:31:27 +02:00
chriseth
1e63615206 Export all events.
Update tests.

Additional tests

Revert changes to the Natspec
2023-05-03 14:08:27 -03:00
Leo
4a8d6618f5
Merge pull request #13974 from blishko/chc-path-condition
[SMTChecker] Use path condition in CHC engine
2023-04-24 16:24:53 +02:00
Daniel
cd5ae26e34
Merge pull request #14143 from ethereum/remove-type-categoryname
Remove the inaccurate `Type::categoryName()`
2023-04-23 22:05:35 +02:00
Martin Blicha
12bca24774 [SMTChecker] Use path condition when creating CHC targets
Without path condition, verification targets created inside ternary
operator ignore the condition of the operator inside the branches.
This led to false positives.

Further updates:

- Function calls should consider the conditions under which they are
called, otherwise the analysis may report false positives.
The fix proposed here is to add the current path condition to the edge
that propagates error from a function call.

- Increment error index after function call

This is necessary for the analysis of the ternary operator to work
correctly. No information should leak from a function call inside a
ternary operator in the first branch to the second branch, including
whether or not an error would have occured in the first branch.

However, for the execution that continues after the function call,
we still need to ensure that under the current path condition
the error has not occurred in that function call.

It would be better to isolate the analysis of the branches to separate
clauses, but I do not see an easy way for that now. In this way, even
though the function call in first branch is included in the clause of
the second branch, no information leaks.

- Additonal test for ternary operator

This tests the behaviour of SMTChecker on ternary operator with function
calls inside both branches. Specifically, it tests that SMTChecker
successfully detects a violation of a verification target in the second
branch when the same target is present also in the first branch, but
there it cannot be triggered because of the operator's condition.
2023-04-21 18:56:34 +02:00
Kamil Śliwak
f5b2044ed1 Remove unused CompilerStack::m_sourceJsons 2023-04-20 20:01:45 +02:00
Alexander Arlt
611e02c038 Rename assemble() to assembleYul() in CompilerStack and CommandLineInterface 2023-04-20 20:01:45 +02:00
Kamil Śliwak
ded9ef17e8 Misc small refactors: Use ranges::views::keys and fmt::format() 2023-04-20 20:01:45 +02:00
Alexander Arlt
2f78e9549a Misc small refactors: Superfluous std::, trailing commas in lists, whitespace, missing breaks, import order 2023-04-20 19:53:48 +02:00
Kamil Śliwak
34da6c8811 Remove the inaccurate Type::categoryName() and change the error message for invalid calls to one independent of the category 2023-04-20 13:50:22 +02:00
Daniel
a77d4e281f
Merge pull request #14139 from ethereum/make-plus-binary-only
Make plus binary only (second attempt)
2023-04-18 21:20:31 +02:00
Matheus Aguiar
64f57ac3c7 Fix null dereference in using for directive when operator name is empty 2023-04-18 14:23:58 -03:00
Kamil Śliwak
b85a95f52d Refactor TokenTraits::isUnaryOp() not to treat + as a unary operator 2023-04-18 16:49:31 +02:00
Kamil Śliwak
8a14680851 Disallow unary plus at the parsing stage 2023-04-18 16:47:00 +02:00
Nikola Matić
8194acb3b7
Merge pull request #14119 from veniger/natspec-struct
Adds NatSpec to AST for struct definitions.
2023-04-18 16:05:20 +02:00