Add failing MakeInterface test case #200
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is a part of #188.
This PR adds a failing test showing incorrect propagation for
MakeInterface
instructions in some cases:The incorrect behavior here is similar to what is happening with
Store
instructions (see #199): we are propagating to theValue
that is being made into an interface. In the above test case, that does not make sense:str
cannot become tainted as a result of theinterface{}
value holdingstr
being tainted.A small tweak (changing
str
to be of*string
type) to the above test case makes it less clear what the correct behavior would be:In this case,
colocate
could conceivably type assert the pointer out of the interface and change the string, so this code may not be safe. One mitigation against spurious reports like the one in this test case would therefore be to only propagate to theValue
in aMakeInterface
if it has a pointer-like type (like we are considering for calls in #185). We already have a case covering this behavior:In the above case, the
MakeInterface
instruction is implicit. It is added by the ssa builder becausetaintColocatedEface
takesinterface{}
type arguments.