goto_symex: rename type symbols only when needed [blocks: #3652] #3633
Conversation
kroening
commented
Dec 28, 2018
kroening
commented
- Each commit message has a non-empty body, explaining why the change was made.
- n/a Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
- n/a The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
- n/a Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
- n/a My commit message includes data points confirming performance improvements (if claimed).
- My PR is restricted to a single feature or bugfix.
- n/a White-space or formatting changes outside the feature-related changed lines are in commits of their own.
kroening
requested review from
allredj,
martin-cs,
peterschrammel,
romainbrenguier and
tautschnig
as code owners
kroening
changed the title
kroening
changed the title
|
This fails on jbmc regressions -- apparently types created by the Java object factory are sometimes expanded to ID_struct. |
This might as well be something that the simplifier does. See some of the commits in #2064. |
| !array_type.size().is_constant(); | ||
| } | ||
| else if( | ||
| type.id() == ID_struct || type.id() == ID_union || type.id() == ID_class) |
There was a problem hiding this comment.
I don't think type.id() == ID_class should ever evaluate to true. A class is represented as ID_struct with ID_C_class set to true. If I'm wrong in saying this then we've got a lot more work to do elsewhere.
There was a problem hiding this comment.
Yes, these should be cleaned out.
|
Note #3634 -- the assertion there catches this problem. |
|
I think it would be good to factor out the individual commits into PRs of their own. They need proper justifications, but seem to be useful in their own right. And also at least the first one also appears in another PR. |
kroening
force-pushed
the
symex-type-renaming3
branch
from
64c7d39 to
db3ebcb
Compare
|
The bugfixes are now in separate PRs. |
|
@kroening Are all the depended-on changes now PR'ed, or is there more work necessary? |
tautschnig
changed the title
kroening
force-pushed
the
symex-type-renaming3
branch
from
db3ebcb to
649abde
Compare
kroening
force-pushed
the
symex-type-renaming3
branch
from
649abde to
41c7d83
Compare
tautschnig
force-pushed
the
symex-type-renaming3
branch
from
41c7d83 to
4949535
Compare
kroening
requested review from
chrisr-diffblue,
pkesseli and
smowton
as code owners
There was a problem hiding this comment.
Approving, but this PR now includes commits of my own so @kroening (and other reviewers as other code is now being touched) should please comment as well.
tautschnig
force-pushed
the
symex-type-renaming3
branch
from
4949535 to
abd6508
Compare
|
Any chance of unifying the make-change and check-if-change-needed paths? For example, by passing a |
Just like symbol or enum tags, we need to look into the expanded tags.
The regular expressions now accept both the tag names as well as the expanded types/class names.
Until we have resolved partial tag expansion everywhere we need to use base_type_eq for cases where both tags and expanded types may occur.
struct tags need to be expanded.
Renaming a type is rarely needed: this is necessary only if the type contains a struct that contains a variable-sized member, which is a gcc extension. The key benefit of not renaming in all other cases is that struct and union tag types no longer get expanded.
tautschnig
force-pushed
the
symex-type-renaming3
branch
from
abd6508 to
74d1548
Compare
Good point, but I'm a bit hesitant here: not doing the renaming also spares us putting anything in |
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 74d1548).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/98362464
| { | ||
| // be careful, or it might get cyclic | ||
| if(component.type().id() != ID_pointer) | ||
| return requires_renaming(component.type(), ns); |
There was a problem hiding this comment.
This only looks at the first non-pointer component of the struct, which is strange, but I cannot say whether this is correct because the function is not documented, so please document.
There was a problem hiding this comment.
Oooh, I missed that, @kroening pretty sure this is a real bug
There was a problem hiding this comment.
(suggests a new test -- AFAIK GCC allows such variable-size structs?)
There was a problem hiding this comment.
I think I've found a way to construct a failing test, I'll post a follow-up PR to include a test, a fix, and the suggested documentation.
There was a problem hiding this comment.
The failure I thought I had found was one caused by integer overflow - I haven't actually managed to produce a proper failure. See #3918 for my attempt and the cleanup.
|
The base_type_eq shouldn't be needed; however, this is a step in the right direction. |
Yes, it shouldn't be, but thus far it strictly is needed for Java input programs (as regression tests confirm). |
