Skip to content

havoc call return value when replacing a call by its contract #6502

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 4, 2021
Merged

havoc call return value when replacing a call by its contract #6502

merged 1 commit into from
Dec 4, 2021

Conversation

remi-delmas-3000
Copy link
Collaborator

This PR adds havoc instructions for the return value of function call when it gets replaced by the function's contract.

This havocking was missing previously and could result in vacuous instances when a same function was replaced more than once in a same scope (e.g. in loops), and the same return value variable was subjected to a superposition of post-conditions that can be contradicting each other.

  • [ x] Each commit message has a non-empty body, explaining why the change was made.
  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • [ x] Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • My commit message includes data points confirming performance improvements (if claimed).
  • [ x] My PR is restricted to a single feature or bugfix.
  • [ x] White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@remi-delmas-3000 remi-delmas-3000 self-assigned this Dec 3, 2021
@remi-delmas-3000 remi-delmas-3000 force-pushed the contract-replacement-havoc-return-value branch 2 times, most recently from af08b3f to cbc1f68 Compare December 3, 2021 23:47
Havoc the function call's return value when replacing it by its contr…
320a9f8 
…act.

This was not done previously and could result in vacuous proofs when multiple calls
to a same function were replaced in a same scope.
@remi-delmas-3000 remi-delmas-3000 force-pushed the contract-replacement-havoc-return-value branch from cbc1f68 to 320a9f8 Compare December 3, 2021 23:49
@codecov
Copy link

codecov bot commented Dec 4, 2021
edited
Loading

Codecov Report

Merging #6502 (cbc1f68) into develop (e2f4fec) will increase coverage by 0.00%.
The diff coverage is 100.00%.

❗ Current head cbc1f68 differs from pull request most recent head 320a9f8. Consider uploading reports for the commit 320a9f8 to get more accurate results
Impacted file tree graph

@@           Coverage Diff            @@
##           develop    #6502   +/-   ##
========================================
  Coverage    76.08%   76.08%           
========================================
  Files         1548     1548           
  Lines       166387   166399   +12     
========================================
+ Hits        126591   126603   +12     
  Misses       39796    39796
Impacted Files Coverage Δ
src/goto-instrument/contracts/contracts.cpp 95.52% <100.00%> (+0.08%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1e8e495...320a9f8. Read the comment docs.

@remi-delmas-3000 remi-delmas-3000 added aws Bugs or features of importance to AWS CBMC users aws-high labels Dec 4, 2021
tautschnig
tautschnig approved these changes Dec 4, 2021
View reviewed changes
regression/contracts/replace-nondet-return-value/main.c
@@ -0,0 +1,23 @@
int cmp(int i1, int i2)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Random place for comment: can you please add "Fixes: #6483" to the commit message so that the issue is auto-resolved once this PR is merged?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll go ahead and merge anyway, so this is just for future reference.

src/goto-instrument/contracts/contracts.cpp
@@ -23,6 +23,7 @@ Date: February 2016
#include <goto-instrument/havoc_utils.h>

#include <goto-programs/goto_inline.h>
#include <goto-programs/goto_program.h>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is strictly necessary? (Even the remove_skip.h will already drag in this header.)

@tautschnig tautschnig merged commit d4f9c45 into diffblue:develop Dec 4, 2021
@tautschnig tautschnig mentioned this pull request Dec 4, 2021
Closed
@feliperodri feliperodri added the Code Contracts Function and loop contracts label Feb 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tautschnig tautschnig tautschnig approved these changes

@feliperodri feliperodri Awaiting requested review from feliperodri feliperodri is a code owner

@SaswatPadhi SaswatPadhi Awaiting requested review from SaswatPadhi

Assignees

@remi-delmas-3000 remi-delmas-3000

Labels
aws Bugs or features of importance to AWS CBMC users aws-high Code Contracts Function and loop contracts
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@remi-delmas-3000 @tautschnig @feliperodri