SCT: wrong handling of while loops #887

vbgl · 2024-09-03T14:20:59Z

The following program is secure but the S-CT checker rejects in with an incorrect argument.

bug_887.jazz", line 8 (32-35):
speculative constant type checker: the variable msf is not known to be a msf, only ∅ are

fn test(reg u64 msf x) {
  while {
    msf = #init_msf();
  } (x != 0) {
    msf = #update_msf(x != 0, msf);
    x = 0;
  }
  msf = #update_msf(! (x != 0), msf);
}

Based on a report by Santiago (@sarranz).

The text was updated successfully, but these errors were encountered:

vbgl · 2024-09-04T04:14:49Z

In fact, it is not only the MSF that is wrongly handled. The following program is accepted by the SCT checker (but fortunately rejected by the CT checker).

fn test_venv(#secret reg u64 s) {
  reg u64 i r;
  r = 0;
  i = 0;
  while {
    r = s;
  } (i < 10) {
    r = 0;
    i += 1;
  }
  [r] = 0;
}

vbgl added bug SCT checker labels Sep 3, 2024

vbgl self-assigned this Sep 3, 2024

vbgl changed the title ~~SCT: wrong handling of MSF in while loops~~ SCT: wrong handling of ~MSF in~ while loops Sep 4, 2024

vbgl changed the title ~~SCT: wrong handling of ~MSF in~ while loops~~ SCT: wrong handling of while loops Sep 4, 2024

vbgl mentioned this issue Sep 4, 2024

SCT: fix checking of while loops #888

Merged

bgregoir closed this as completed in #888 Sep 4, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SCT: wrong handling of while loops #887

SCT: wrong handling of while loops #887

vbgl commented Sep 3, 2024

vbgl commented Sep 4, 2024

SCT: wrong handling of while loops #887

SCT: wrong handling of while loops #887

Comments

vbgl commented Sep 3, 2024

vbgl commented Sep 4, 2024