Skip to content

A predicate to validate all pointer derefs in an expression AST #6365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 30, 2021
Merged

A predicate to validate all pointer derefs in an expression AST #6365

merged 2 commits into from
Sep 30, 2021

Conversation

SaswatPadhi
Copy link
Contributor

@SaswatPadhi SaswatPadhi commented Sep 25, 2021
edited
Loading

This is useful for:

  • checking containment in assigns clause verification
  • havocing only valid memory locations in assigns clause replacement
  • havocing only valid memory locations in loop contracts application
  • creating history snapshots only for valid old expressions
  • Each commit message has a non-empty body, explaining why the change was made.
  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • n/a The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • n/a My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@SaswatPadhi SaswatPadhi added aws Bugs or features of importance to AWS CBMC users aws-high labels Sep 25, 2021
@SaswatPadhi SaswatPadhi self-assigned this Sep 25, 2021
@SaswatPadhi SaswatPadhi changed the title Validate all pointer derefs in an expression AST A predicate to validate all pointer derefs in an expression AST Sep 25, 2021
@codecov
Copy link

codecov bot commented Sep 25, 2021
edited
Loading

Codecov Report

Merging #6365 (fcca0e5) into develop (790ad51) will increase coverage by 0.01%.
The diff coverage is 94.95%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #6365      +/-   ##
===========================================
+ Coverage    75.90%   75.91%   +0.01%     
===========================================
  Files         1515     1517       +2     
  Lines       164005   164024      +19     
===========================================
+ Hits        124484   124515      +31     
+ Misses       39521    39509      -12
Impacted Files Coverage Δ
src/goto-instrument/contracts/assigns.h 100.00% <ø> (ø)
src/goto-instrument/contracts/contracts.h 100.00% <ø> (ø)
src/goto-instrument/havoc_loops.cpp 0.00% <0.00%> (ø)
src/goto-instrument/contracts/utils.cpp 91.11% <91.11%> (ø)
src/goto-instrument/contracts/assigns.cpp 96.59% <100.00%> (-0.08%) ⬇️
src/goto-instrument/contracts/contracts.cpp 94.74% <100.00%> (+0.57%) ⬆️
src/goto-instrument/contracts/utils.h 100.00% <100.00%> (ø)
src/goto-instrument/havoc_utils.cpp 100.00% <100.00%> (ø)
src/goto-instrument/havoc_utils.h 100.00% <100.00%> (ø)
src/goto-instrument/k_induction.cpp 96.29% <100.00%> (+0.06%) ⬆️
... and 6 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c3d7235...fcca0e5. Read the comment docs.

@kroening
Copy link
Member

This should not go into util/ until there is prospect for at least 3 users.

feliperodri
feliperodri requested changes Sep 27, 2021
View reviewed changes
Copy link
Collaborator

@feliperodri feliperodri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only minor comments.

jimgrundy
jimgrundy reviewed Sep 27, 2021
View reviewed changes
src/goto-instrument/contracts/utils.cpp
{
binary_relation_exprt component_i_equality{lhs[i], ID_equal, rhs[i]};
equality_conjunctions[i] =
and_exprt(equality_conjunctions[i - 1], component_i_equality);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The lack of test coverage reported for this loop body seems concerning.

src/goto-instrument/havoc_utils.cpp Outdated
append_safe_havoc_code_for_expr(source_location, ns, expr, dest, [&]() {
append_object_havoc_code_for_expr(source_location, expr, dest);
});
continue;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lack of test coverage on this conditional is a concern

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. We do have a test case for multi-dimensional decreases clauses, and it seems to be working as expected. I can take a closer look at it, but I will probably split any fixes (if needed) into a separate PR, and keep this one only about validity checking.

@SaswatPadhi
Refactor code contracts utility functions
a6dc2cf 
In this change, we move two of the "static" functions within
contracts.cpp to utils.cpp (a new file in contracts module).

We also fix the #include dependence -- assigns should not #include
contracts.h, it should be the other way round.
@SaswatPadhi SaswatPadhi force-pushed the chain-validate branch 4 times, most recently from 76babcb to 59bfc73 Compare September 27, 2021 20:50
feliperodri
feliperodri approved these changes Sep 28, 2021
View reviewed changes
Copy link
Collaborator

@feliperodri feliperodri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

peterschrammel
peterschrammel approved these changes Sep 29, 2021
View reviewed changes
@SaswatPadhi
This is useful for:
fcca0e5 
+ checking containment in assigns clause verification
+ havocing only valid memory locations in assigns clause replacement
+ havocing only valid memory locations in loop contract application
+ creating history snapshots only for valid `old` expressions
@SaswatPadhi SaswatPadhi merged commit 556187d into diffblue:develop Sep 30, 2021
@SaswatPadhi SaswatPadhi mentioned this pull request Sep 30, 2021
Closed
4 tasks
@SaswatPadhi SaswatPadhi mentioned this pull request Nov 11, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@feliperodri feliperodri feliperodri approved these changes

@peterschrammel peterschrammel peterschrammel approved these changes

@kroening kroening Awaiting requested review from kroening kroening is a code owner

@remi-delmas-3000 remi-delmas-3000 Awaiting requested review from remi-delmas-3000 remi-delmas-3000 is a code owner

@chrisr-diffblue chrisr-diffblue Awaiting requested review from chrisr-diffblue

@martin-cs martin-cs Awaiting requested review from martin-cs martin-cs is a code owner

@tautschnig tautschnig Awaiting requested review from tautschnig tautschnig is a code owner

@jimgrundy jimgrundy Awaiting requested review from jimgrundy

Assignees

@SaswatPadhi SaswatPadhi

Labels
aws Bugs or features of importance to AWS CBMC users aws-high
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@SaswatPadhi @kroening @peterschrammel @feliperodri @jimgrundy