Skip to content

Correct nondet init of function pointer arguments #5209

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Correct nondet init of function pointer arguments #5209

wants to merge 2 commits into from

Conversation

xbauch
Copy link
Contributor

@xbauch xbauch commented Jan 3, 2020

At least until handling of function pointers is transferred to symex.

  1. The nondet symbol factory only assigns nondet to function pointers, i.e. does
    not build the depth deep pointer tree.
  2. The function pointer removal checks if the pointer is an argument to the
    entry point and if so, skips adding the assume(false) for cutting short the
    execution in case on function target was found.

add 2: On the GOTO level, the function call is replaced with return_value
which is never assigned to.

Notes:

  • this is an alternative/extension to Stop generating nondet pointees for function pointers #4940 which only changed the factory.

  • both PRs try to fix Non-deterministic initialisation of function pointers is broken #4937.

  • Each commit message has a non-empty body, explaining why the change was made.

  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.

  • The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/

  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).

  • My commit message includes data points confirming performance improvements (if claimed).

  • My PR is restricted to a single feature or bugfix.

  • White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@petr-bauch
Correct nondet init of function pointer arguments
6b3f7c5 
At least until handling of function pointers is transferred to symex.

1. The nondet symbol factory only assigns nondet to function pointers, i.e. does
not build the `depth` deep pointer tree
2. The function pointer removal checks if the pointer is an argument to the
entry point and if so, skips adding the `assume(false)` for cutting short the
execution in case on function target was found.

add 2: On the GOTO level, the function call is replaced with `return_value`
which is never assigned to.
@petr-bauch
Testing commit
99d46a5
@hannes-steffenhagen-diffblue
Copy link
Contributor

Can you explain here why this is better than #4940, which seems to be the more intuitive way to do this on the surface level at least? I guess this doesn’t handle functions where we don’t have functions with matching signatures, so you’re adding a new one here that can be called instead? That doesn’t seem like an unreasonable thing to do here either, but I suspect that the behaviour may be surprising for some people (it’s a bit hard to say what the correct behaviour for an arbitrary function pointer should be, and this makes this happen silently).

Does the function pointer removal currently add assertions to check that it can resolve the function pointer? If not, this could be one thing to “fix” to alert users to such a problem and maybe tell them to just write a function implementing the behaviour they want to test for themselves.

@xbauch
Copy link
Contributor Author

xbauch commented Jan 29, 2020

Superseded by #4940 and to be closed, eventually.

@tautschnig tautschnig mentioned this pull request Feb 4, 2020
Closed
@xbauch
Copy link
Contributor Author

xbauch commented Feb 5, 2020

#4940 was merged, and solved the issue.

@xbauch xbauch closed this Feb 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kroening kroening Awaiting requested review from kroening kroening will be requested when the pull request is marked ready for review kroening is a code owner

@tautschnig tautschnig Awaiting requested review from tautschnig tautschnig will be requested when the pull request is marked ready for review tautschnig is a code owner

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel will be requested when the pull request is marked ready for review peterschrammel is a code owner

@remi-delmas-3000 remi-delmas-3000 Awaiting requested review from remi-delmas-3000 remi-delmas-3000 will be requested when the pull request is marked ready for review remi-delmas-3000 is a code owner

Assignees
No one assigned
Labels
do not review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Non-deterministic initialisation of function pointers is broken
3 participants
@xbauch @hannes-steffenhagen-diffblue @petr-bauch