Recursive nondet init of pointers to structs [blocks: #3443] #3251
Conversation
danpoe
commented
Oct 31, 2018
•
danpoe
commented
- Each commit message has a non-empty body, explaining why the change was made.
- Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
- Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
- n/a My commit message includes data points confirming performance improvements (if claimed).
- My PR is restricted to a single feature or bugfix.
- White-space or formatting changes outside the feature-related changed lines are in commits of their own.
danpoe
requested review from
cesaro,
chrisr-diffblue,
cristina-david,
kroening,
NathanJPhillips,
peterschrammel,
pkesseli,
smowton,
tautschnig and
thk123
as code owners
danpoe
force-pushed
the
feature/nondet-init-structs
branch
9 times, most recently
from
60395ea to
2b31997
Compare
|
|
||
| #include <util/object_factory_parameters.h> | ||
|
|
||
| struct java_object_factory_parameterst final : public object_factory_parameterst |
There was a problem hiding this comment.
Why this if they are the same?
There was a problem hiding this comment.
This would be a place to add options in the future that are not common to both the C and Java object factory. For C at least we expect some special options (e.g., to indicate which length function argument corresponds to which array function arguments).
| @@ -51,6 +30,13 @@ class symbol_factoryt | |||
| const bool assume_non_null; | |||
| namespacet ns; | |||
|
|
|||
| const symbolt &c_new_tmp_symbol( | |||
There was a problem hiding this comment.
Why can't this use util/fresh_symbol?
There was a problem hiding this comment.
Yes, this should probably be replaced by a call to get_fresh_aux_symbol() since it's called in one place only.
|
|
||
| \*******************************************************************/ | ||
|
|
||
| #include "java_object_factory_parameters.h" |
There was a problem hiding this comment.
Why is this in a commit called "move object factory parameters to util"?
There was a problem hiding this comment.
Ok, renamed the commit to "Move object factory parameters to util and add java object factory parameters" (plus a body with some more details).
src/cbmc/cbmc_parse_options.cpp
Outdated
| @@ -922,6 +923,8 @@ void cbmc_parse_optionst::help() | |||
| " --round-to-plus-inf rounding towards plus infinity\n" | |||
| " --round-to-minus-inf rounding towards minus infinity\n" | |||
| " --round-to-zero rounding towards zero\n" | |||
| " --max-nondet-tree-depth N limit size of nondet (e.g. input) object tree;\n" /* NOLINT(*) */ \ | |||
There was a problem hiding this comment.
We should have some more detailed description of how this behaves in our docs
There was a problem hiding this comment.
I've updated the documentation in object_factory_parameters.h for the max_nondet_tree_depth parameter.
There was a problem hiding this comment.
That helps, but it's not user visible, and even for us it's going to take some digging to find out that this parameter does end up there if we ever need to find out
(This is a reply to one of @danpoe 's other comments, but doesn't show up as such in github. Thanks github).
There was a problem hiding this comment.
Definitely agree that this could do with some user documentation and not just source code documentation.
| @@ -0,0 +1,17 @@ | |||
| #include <assert.h> | |||
There was a problem hiding this comment.
Could the tests get better names than "pointer-function-parameters-{3,4,5,6}"?
danpoe
force-pushed
the
feature/nondet-init-structs
branch
5 times, most recently
from
114a027 to
102199d
Compare
|
|
||
| if( | ||
| recursion_set.find(struct_tag) != recursion_set.end() && | ||
| depth >= object_factory_params.max_nondet_tree_depth) |
There was a problem hiding this comment.
So the depth is the minimal length of dereference-chain before null-pointer initialisation? And every chain longer than depth will have pointers initialised to null but only when they point to a struct that appeared somewhere before on this chain?
There was a problem hiding this comment.
Yes, max_nondet_tree_depth gives the depth of a chain such that a pointer to a struct will be initialised to null if the depth of the chain exceeds it and the struct appeared already before somewhere on the chain. If there is no recursion the chains can have any depth.
There was a problem hiding this comment.
I see. So it may turn out to be non-terminating but it would have nothing to do with this new code. I was just thinking if there is a more accurate way to describe the input option.
There was a problem hiding this comment.
I think if there's no recursion then the chains would always have finite length thus it can never be non-terminating. The current behaviour is similar to that of the java object factory.
danpoe
force-pushed
the
feature/nondet-init-structs
branch
2 times, most recently
from
3244d70 to
199bfd9
Compare
|
@tautschnig @peterschrammel @thk123 This still requires code owner approval if you get a chance. |
There was a problem hiding this comment.
🚫
This PR failed Diffblue compatibility checks (cbmc commit: 9049aff).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/92377593
Status will be re-evaluated on next push.
Please contact @peterschrammel, @thk123, or @allredj for support.
Common spurious failures:
- the cbmc commit has disappeared in the mean time (e.g. in a force-push)
- the author is not in the list of contributors (e.g. first-time contributors).
The incompatibility may have been introduced by an earlier PR. In that case merging this
PR should be avoided unless it fixes the current incompatibility.
There was a problem hiding this comment.
This is ready to go. @allredj confirmed that there is a passing bump.
|
(bump is here: https://github.com/diffblue/test-gen/pull/2444) |
tautschnig
changed the title
There was a problem hiding this comment.
Some smaller requests remain, otherwise looks good. In future, I would really appreciate if such PRs could 1) be broken into several smaller PRs to make sure reviewing is also possible other than on weekends (where longer consecutive stretches of time may be available) and 2) each commit message has a body.
src/util/object_factory_parameters.h
Outdated
| set(options); | ||
| } | ||
|
|
||
| virtual ~object_factory_parameterst() |
src/util/nondet_bool.h
Outdated
| inline exprt get_nondet_bool(const typet &type) | ||
| inline exprt get_nondet_bool( | ||
| const typet &type, | ||
| const source_locationt &source_location = source_locationt()) |
There was a problem hiding this comment.
Let's not make this optional: there is a single call site (and the next commit adds a second one), which could trivially pass in a proper source location.
src/cbmc/cbmc_parse_options.cpp
Outdated
| @@ -933,6 +934,10 @@ void cbmc_parse_optionst::help() | |||
| " --round-to-plus-inf rounding towards plus infinity\n" | |||
| " --round-to-minus-inf rounding towards minus infinity\n" | |||
| " --round-to-zero rounding towards zero\n" | |||
| " --max-nondet-tree-depth N limit size of nondet (e.g. input) object tree;\n" /* NOLINT(*) */ \ | |||
| " at level N pointers are set to null\n" /* NOLINT(*) */ \ | |||
| " --min-null-tree-depth N minimum level at which a pointer can first be\n" /* NOLINT(*) */ \ | |||
There was a problem hiding this comment.
This option is not added in the header file.
src/cbmc/cbmc_parse_options.h
Outdated
| @@ -75,6 +77,7 @@ class optionst; | |||
| "(localize-faults)(localize-faults-method):" \ | |||
| OPT_GOTO_TRACE \ | |||
| OPT_VALIDATE \ | |||
| "(max-nondet-tree-depth):" \ | |||
There was a problem hiding this comment.
Use OPT... instead of the raw string in here.
src/cbmc/cbmc_parse_options.cpp
Outdated
| @@ -933,6 +934,10 @@ void cbmc_parse_optionst::help() | |||
| " --round-to-plus-inf rounding towards plus infinity\n" | |||
| " --round-to-minus-inf rounding towards minus infinity\n" | |||
| " --round-to-zero rounding towards zero\n" | |||
| " --max-nondet-tree-depth N limit size of nondet (e.g. input) object tree;\n" /* NOLINT(*) */ \ | |||
There was a problem hiding this comment.
Define a HELP_... macro.
src/langapi/language.h
Outdated
| @@ -70,8 +70,7 @@ class languaget:public messaget | |||
| /// complete. Functions introduced here are visible to lazy loading and | |||
| /// can influence its decisions (e.g. picking the types of input parameters | |||
| /// and globals), whereas anything introduced during `final` cannot. | |||
| virtual bool generate_support_functions( | |||
| symbol_tablet &symbol_table)=0; | |||
| virtual bool generate_support_functions(symbol_tablet &symbol_table) = 0; | |||
There was a problem hiding this comment.
Whitespace change only?
|
|
||
| class ansi_c_languaget:public languaget | ||
| { | ||
| public: | ||
| void set_language_options(const optionst &options) override |
There was a problem hiding this comment.
Added but never invoked?
There was a problem hiding this comment.
This would e.g. be called by initialize_goto_model() where languaget & might reference ansi_c_languaget.
| @@ -46,7 +46,7 @@ SCENARIO( | |||
| symbol_typet java_string_type("java::java.lang.String"); | |||
| symbol_exprt expr("arg", java_string_type); | |||
|
|
|||
| object_factory_parameterst object_factory_parameters; | |||
| java_object_factory_parameterst object_factory_parameters; | |||
There was a problem hiding this comment.
Should be merged into the earlier commit introducing java_object_factory_parameterst.
| rm pointer-function-parameters-struct-non-recursive/test.desc | ||
| rm pointer-function-parameters-struct-simple-recursion/test.desc | ||
| rm pointer-function-parameters-struct-simple-recursion-2/test.desc | ||
| rm pointer-function-parameters-struct-simple-recursion-3/test.desc |
There was a problem hiding this comment.
Please merge into the commit introducing them.
| CORE | ||
| main.c | ||
| --function func --min-null-tree-depth 10 | ||
| ^SIGNAL=0$ |
…rameters This moves object_factory_parameterst to util, and creates a new class derived from it called java_object_factory_parameterst in java_bytecode. This is to separate out common object factory options in preparation of adding c object factory parameters.
danpoe
force-pushed
the
feature/nondet-init-structs
branch
2 times, most recently
from
3fbc8e2 to
be40ff5
Compare
danpoe
force-pushed
the
feature/nondet-init-structs
branch
from
be40ff5 to
0b605ea
Compare
There was a problem hiding this comment.
🚫
This PR failed Diffblue compatibility checks (cbmc commit: 0b605ea).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/92589920
Status will be re-evaluated on next push.
Please contact @peterschrammel, @thk123, or @allredj for support.
Common spurious failures:
- the cbmc commit has disappeared in the mean time (e.g. in a force-push)
- the author is not in the list of contributors (e.g. first-time contributors).
The incompatibility may have been introduced by an earlier PR. In that case merging this
PR should be avoided unless it fixes the current incompatibility.
