Description
CBMC version: 5.12 (cbmc-5.12.2-3-g9b5f761d5)
Operating system: Linux x86_64
Exact command line resulting in the issue: cbmc --program-only access.c
What behaviour did you expect: field sensitivity is applied for the assignment to s.n[i]
What happened instead: field sensitivity is not applied
Test case:
access.c.txt
I have encountered an example where field sensitivity is not applied, although as far as I can see it could be applied. I have attached the full test case above. The relevant code is as follows:
Good case:
struct st s;
s.n[i] = k;
Here field sensitivity works as expected and the assignment to s.n[i] becomes the equation
(37) s!0@1#1..n == { s!0@1#1..n[[0]], s!0@1#1..n[[1]], s!0@1#1..n[[2]], s!0@1#1..n[[3]] } WITH [(signed long int)i!0@1#2:=k!0@1#1]
However, with an intermediate pointer field sensitivity is no longer applied:
struct st s;
int *p = s.n;
p[i] = k;
Now the assignment updates the whole struct:
(37) s!0@1#1 == byte_update_little_endian({ .c=s!0@1#1..c, .$pad1=s!0@1#1..$pad1, .n={ s!0@1#1..n[[0]], s!0@1#1..n[[1]], s!0@1#1..n[[2]], s!0@1#1..n[[3]] } }, 4l * (signed long int)i!0@1#2 + 4l, k!0@1#1, signed int)
There is also the dual case of reading from an index of the array s.n. The situation is similar in that field sensitivity is applied if the access happens directly ( s.n[i] ), but not if an intermediate pointer is inserted ( p = s.n, p[i] ). In this case a simplification rule can get the same effect as field sensitivity, but having a solution involving field sensitivity would be preferable.