Skip to content

Default fall-through for function pointer removal #4646

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 12, 2019
Merged

Default fall-through for function pointer removal #4646

merged 1 commit into from
May 12, 2019

Conversation

xbauch
Copy link
Contributor

@xbauch xbauch commented May 10, 2019
edited
Loading

When the pointer points to neither of the candidates we shouldn't just call the
first one (which does happen if the user does not request pointer-check). This
PR inserts an ASSUME (false) which makes all subsequent assertions
unreachable (and thus reported as not being violated).

A small regression test is included.

  • Each commit message has a non-empty body, explaining why the change was made.
  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@xbauch xbauch force-pushed the fix/function-pointer-removal-invalid branch 2 times, most recently from 9a94418 to 00f4b18 Compare May 10, 2019 14:46
hannes-steffenhagen-diffblue
hannes-steffenhagen-diffblue approved these changes May 10, 2019
View reviewed changes
src/goto-programs/remove_function_pointers.cpp Outdated
// fall-through
if(add_safety_assertion)
{
goto_programt::targett t =
new_code_gotos.add(goto_programt::make_assertion(false_exprt()));
t = new_code_gotos.add(goto_programt::make_assertion(false_exprt()));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW there should probably be an assume(false) after this as well.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do agree with this as it would be consistent with what happens with loop-unwinding assertions (where we add the negated loop condition to the path condition). This would effectively simplify the change here as you'd just unconditionally add the assumption below.

tautschnig
tautschnig approved these changes May 11, 2019
View reviewed changes
Copy link
Collaborator

@tautschnig tautschnig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a very good catch, but I'd agree with what @hannes-steffenhagen-diffblue said, so please fix this before merging the change.

src/goto-programs/remove_function_pointers.cpp Outdated
// fall-through
if(add_safety_assertion)
{
goto_programt::targett t =
new_code_gotos.add(goto_programt::make_assertion(false_exprt()));
t = new_code_gotos.add(goto_programt::make_assertion(false_exprt()));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do agree with this as it would be consistent with what happens with loop-unwinding assertions (where we add the negated loop condition to the path condition). This would effectively simplify the change here as you'd just unconditionally add the assumption below.

martin-cs
martin-cs approved these changes May 11, 2019
View reviewed changes
Copy link
Collaborator

@martin-cs martin-cs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No changes needed other than the ones already requested.

@petr-bauch
Default fall-through for function pointer removal
eaa73cb 
When the pointer points to neither of the candidates we shouldn't just call the
first one (which does happen if the user does not request pointer-check). This
PR inserts an ASSUME (false) which makes all subsequent assertions
unreachable (and thus reported as not being violated).

A small regression test is included.
@xbauch xbauch force-pushed the fix/function-pointer-removal-invalid branch from 00f4b18 to eaa73cb Compare May 11, 2019 15:30
@xbauch xbauch merged commit df5144d into diffblue:develop May 12, 2019
@xbauch xbauch deleted the fix/function-pointer-removal-invalid branch June 10, 2019 12:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smowton smowton smowton approved these changes

@tautschnig tautschnig tautschnig approved these changes

@martin-cs martin-cs martin-cs approved these changes

@hannes-steffenhagen-diffblue hannes-steffenhagen-diffblue hannes-steffenhagen-diffblue approved these changes

@kroening kroening Awaiting requested review from kroening kroening is a code owner

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel is a code owner

@pkesseli pkesseli Awaiting requested review from pkesseli

Assignees

@xbauch xbauch

Labels
bugfix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@xbauch @smowton @tautschnig @martin-cs @hannes-steffenhagen-diffblue @petr-bauch