goto_checkt: keep same-assertion for different expressions #5845
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
martin-cs
approved these changes
Feb 19, 2021
There was a problem hiding this comment.
I'm going with a tentative 'yes'. Assorted thoughts:
- When doing work on how to QA / evaluate / certify program analysis tools, I came to the conclusion that omitting VCs was actually quite a bit worse than simply getting them wrong. If you have a VC and a status then you have a reasonable chance of being able to check that it is correct; there are a bunch of techniques. If you don't have the VC there are many fewer ways of finding that it is missing. As such I am suspicious of anything that removes VCs, even the ones that are "obviously" safe or redundant.
- I am working with a colleague on tracking down missing VCs. This is a much more tedious and harder process than it should be. Let's not have concealed cracks where VCs can just vanish.
- If a VC is trivial then we should still report it, we just need to make sure that it is minimal overhead.
|
@martin-cs Thank you very much for your elaboration, I fully concur. It seems a further fix is in order: d974aa3 introduced a "retain-trivial" option, but this option was never made available in any command-line parser... |
Purging redundant assertions results in surprising user output as it would seem that certain properties aren't being checked.
tautschnig
force-pushed
the
keep-redundant-checks
branch
2 times, most recently
from
7aeee35 to
572a00d
Compare
Such a fix is now included as well. |
tautschnig
changed the title
tautschnig
requested review from
chrisr-diffblue,
peterschrammel and
smowton
as code owners
In some settings it is desirable to obtain a report of all properties being checked, including those that are trivially true. There used to be an option "all-claims", then renamed to "retain-trivial", but the latter was never made available in command-line front-ends. The option is now renamed to retain-trivial-checks, and made available in all front-ends.
tautschnig
force-pushed
the
keep-redundant-checks
branch
from
572a00d to
93bd022
Compare
Codecov Report
@@ Coverage Diff @@
## develop #5845 +/- ##
========================================
Coverage 72.87% 72.88%
========================================
Files 1421 1421
Lines 154181 154217 +36
========================================
+ Hits 112359 112395 +36
Misses 41822 41822
Continue to review full report at Codecov.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[Only the second commit is relevant, the first one is #5844 and only required to have the necessary test in place.]Purging redundant assertions results in surprising user output as it would seem that certain properties aren't being checked.