Support null-pointer without operand in interpreter #2917
Conversation
mgudemann
requested review from
kroening,
peterschrammel,
pkesseli,
smowton and
tautschnig
as code owners
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: 624d1aa).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84141522
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
624d1aa to
8b3bfaa
Compare
| @@ -339,11 +339,19 @@ void interpretert::evaluate( | |||
| evaluate(expr.op0(), dest); | |||
| return; | |||
| } | |||
| if(expr.has_operands() && !to_integer(expr.op0(), i)) | |||
| else if( | |||
There was a problem hiding this comment.
Sorry, not being changed here, but as I'm trying to understand the code: line 334 suggests there is a type ID_address_of?
There was a problem hiding this comment.
That surely must be in error!
There was a problem hiding this comment.
I removed this (and one other occurrence) I don't think those can be types
| @@ -339,11 +339,19 @@ void interpretert::evaluate( | |||
| evaluate(expr.op0(), dest); | |||
| return; | |||
| } | |||
| if(expr.has_operands() && !to_integer(expr.op0(), i)) | |||
| else if( | |||
| expr.has_operands() && !to_integer(to_constant_expr(expr.op0()), i)) | |||
There was a problem hiding this comment.
What does a pointer-typed constant (mind the test in line 300) with operands even look like?
There was a problem hiding this comment.
Constant memory offset? void *x = 0x100? Don't know if that is ever what you want
There was a problem hiding this comment.
@tautschnig this for example
java::@inflight_exception
constant
* type: pointer
* width: 64
* #no_nondet_initialization: 1
0: empty
* value: 0000000000000000000000000000000000000000000000000000000000000000
0: constant
* type: pointer
* width: 64
* #no_nondet_initialization: 1
0: empty
* value: NULL
effectively this here was the culprit for the failed to evaluate expression: null:
cprover_string_content::cprover_string_content
constant
* type: pointer
* width: 64
0: unsignedbv
* width: 16
* value: NULL
* #source_location:
* file: org/apache/tika/parser/prt/PRTParser.java
* line: 222
* function: java::org.apache.tika.parser.prt.PRTParser.extractText:([BZ)Ljava/lang/String;
* java_bytecode_index: 22
!! failed to evaluate expression: null
(both first name then .pretty output)
There was a problem hiding this comment.
That is definitely wrong (!) Could you raise a ticket either on issues here or on Jira to track this down. @LAJW I bet this is why you had some weird edge case handling code for null pointers!
| // check if expression is constant null pointer without operands | ||
| else if( | ||
| !expr.has_operands() && !to_integer(to_constant_expr(expr), i) && | ||
| i == 0) |
There was a problem hiding this comment.
You might just do expr.is_zero(), although config.ansi_c.NULL_is_zero should actually be considered.
There was a problem hiding this comment.
made it i.is_zero() I am not sure that java correctly sets the NULL_is_zero in any case
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: 8b3bfaa).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84148025
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
8b3bfaa to
56ef1d4
Compare
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: 56ef1d4).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84153742
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
56ef1d4 to
55a1dfe
Compare
|
@thk123 this fixes an error message from the interpreter. It should be possible to call the |
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: 55a1dfe).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84304603
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
4524b08 to
d7b43f2
Compare
|
I don't have a strong opinion which one we want, but surely there should be one correct form of a null pointer constant, and the interpreter should understand that one form? @tautschnig the "operand" form is I believe inspired by the constant object pointers produced by prop_convt::get, which will make something like 0x100 (operand &obj_xyz), thus providing both the address and the meaning of that address. The null with operands is giving the numerical representation (0) and the symbolic one (null). |
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
2 times, most recently
from
b684a94 to
bce73d4
Compare
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: bce73d4).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84403064
Status will be re-evaluated on next push.
Please contact @peterschrammel, @thk123, or @allredj for support.
Common spurious failures:
- the cbmc commit has disappeared in the mean time (e.g. in a force-push)
- the author is not in the list of contributors (e.g. first-time contributors).
|
@smowton - thanks for this that makes sense. But |
| @@ -306,6 +306,14 @@ class interpretert:public messaget | |||
|
|
|||
| void initialize(bool init); | |||
| void show_state(); | |||
|
|
|||
| friend mp_vectort | |||
There was a problem hiding this comment.
🚫 This is required for the unit test right? I think it is cleaner to declare friend class interpreter_testt and then put this into the unit folder 0 as it stands you might as well make evaluate public no?
There was a problem hiding this comment.
will go with the friend class, that is hopefully less controversial
unit/interpreter/interpreter.cpp
Outdated
| interpretert::mp_vectort mp_vector = | ||
| interpreter_evaluate(interpreter, constant_expr); | ||
|
|
||
| REQUIRE(mp_vector.size() == 1); |
There was a problem hiding this comment.
⛏️ You can use
REQUIRE_THAT(mp_vector, Catch::Matchers::Vector::Equals<mp_integer>{{0}});To check that the array is exactly {0}
|
It might be better to say there is a correct format in a particular place. The interpreter operates over traces, which have been produced by prop_convt::get'ing all the symbols in a particular equation. My guess is it's behaving differently for constants given in the input equation vs. symbols that have been solved for a zero / null value. |
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
bce73d4 to
d4f9fb0
Compare
|
@thk123 addressed your comments |
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: d4f9fb0).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84421606
Status will be re-evaluated on next push.
Please contact @peterschrammel, @thk123, or @allredj for support.
Common spurious failures:
- the cbmc commit has disappeared in the mean time (e.g. in a force-push)
- the author is not in the list of contributors (e.g. first-time contributors).
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
d4f9fb0 to
d22f26a
Compare
| @@ -339,7 +339,16 @@ void interpretert::evaluate( | |||
| evaluate(expr.op0(), dest); | |||
| return; | |||
| } | |||
| if(expr.has_operands() && !to_integer(expr.op0(), i)) | |||
| else if( | |||
There was a problem hiding this comment.
Since all of the if/else if return, you can make them all ifs.
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: d22f26a).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84449831
Result was moved twice instead of initializing `input` field with the given `input`.
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
d22f26a to
7bc468d
Compare
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: 7bc468d).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84545908
mgudemann
force-pushed
the
fix/interpreter/null_pointer_no_operand
branch
from
7bc468d to
f7e9715
Compare
mgudemann
requested review from
martin-cs and
romainbrenguier
as code owners
|
based on #2935 |
There was a problem hiding this comment.
Passed Diffblue compatibility checks (cbmc commit: f7e9715).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/84558263
Before the interpreter evaluate function always expected a pointer type to have an operand, but we can have NULL pointers without operand, in the example it was from
cprover_string_content