Skip to content

Fix havocing of arrays when enforcing invariants #6026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 14, 2021
Merged

Fix havocing of arrays when enforcing invariants #6026

merged 3 commits into from
Apr 14, 2021

Conversation

SaswatPadhi
Copy link
Contributor

Fixes #6020.

As reported in #6020, only the first element of an array was being havoced earlier. In this change, we fix this behavior using havoc_object.

  • Each commit message has a non-empty body, explaining why the change was made.
  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • NA The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • NA My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • NA White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@SaswatPadhi SaswatPadhi self-assigned this Apr 13, 2021
@SaswatPadhi SaswatPadhi added aws Bugs or features of importance to AWS CBMC users bugfix Code Contracts Function and loop contracts labels Apr 13, 2021
@codecov
Copy link

codecov bot commented Apr 13, 2021
edited
Loading

Codecov Report

Merging #6026 (9c7f6f7) into develop (1c32785) will increase coverage by 0.01%.
The diff coverage is 100.00%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #6026      +/-   ##
===========================================
+ Coverage    74.11%   74.12%   +0.01%     
===========================================
  Files         1444     1444              
  Lines       157389   157401      +12     
===========================================
+ Hits        116646   116676      +30     
+ Misses       40743    40725      -18
Impacted Files Coverage Δ
src/goto-instrument/loop_utils.cpp 94.54% <100.00%> (+1.52%) ⬆️
src/ansi-c/c_typecheck_expr.cpp 60.09% <0.00%> (+0.29%) ⬆️
src/solvers/flattening/boolbv_typecast.cpp 49.82% <0.00%> (+0.34%) ⬆️
src/analyses/local_may_alias.cpp 65.29% <0.00%> (+1.36%) ⬆️
src/ansi-c/literals/convert_character_literal.cpp 51.21% <0.00%> (+19.51%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a341c11...9c7f6f7. Read the comment docs.

@tautschnig
Copy link
Collaborator

@SaswatPadhi Please update scripts/expected_doxygen_warnings.txt to silence the doxygen warning.

tautschnig
tautschnig approved these changes Apr 13, 2021
View reviewed changes
@SaswatPadhi SaswatPadhi force-pushed the invariant_deref_fix branch 2 times, most recently from 2a67069 to b5ad550 Compare April 13, 2021 15:31
@SaswatPadhi
Fix havocing of arrays when enforcing invariants
1d7618c 
As reported in diffblue#6020, only the first element of an array was being
havoced earlier.

In this change, we fix this behavior using `havoc_object`.
@SaswatPadhi
Update expected_doxygen_warnings.txt
ff38add
@SaswatPadhi
More regression tests for havocing dynamic arrays
9c7f6f7 
These regression tests currently fail due to imprecision in alias
analysis (see: diffblue#6021).

In future, we could either improve the alias analysis, or add manual
assigns clause annotations on these loops and make sure that the arrays
are correctly havoced.
@SaswatPadhi SaswatPadhi force-pushed the invariant_deref_fix branch from b5ad550 to 9c7f6f7 Compare April 14, 2021 14:23
chrisr-diffblue
chrisr-diffblue reviewed Apr 14, 2021
View reviewed changes
chrisr-diffblue
chrisr-diffblue approved these changes Apr 14, 2021
View reviewed changes
Copy link
Contributor

@chrisr-diffblue chrisr-diffblue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, and happy for it to go in - just a minor query about naming, which you can feel free to ignore if it gets too complicated.

@SaswatPadhi SaswatPadhi merged commit a8cfa6f into diffblue:develop Apr 14, 2021
@SaswatPadhi SaswatPadhi deleted the invariant_deref_fix branch April 14, 2021 16:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisr-diffblue chrisr-diffblue chrisr-diffblue approved these changes

@tautschnig tautschnig tautschnig approved these changes

@TGWDB TGWDB TGWDB approved these changes

@kroening kroening Awaiting requested review from kroening kroening is a code owner

@martin-cs martin-cs Awaiting requested review from martin-cs martin-cs is a code owner

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel is a code owner

@smowton smowton Awaiting requested review from smowton

Assignees

@SaswatPadhi SaswatPadhi

Labels
aws Bugs or features of importance to AWS CBMC users bugfix Code Contracts Function and loop contracts
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Soundness bug with array havocing in loop contracts
4 participants
@SaswatPadhi @tautschnig @chrisr-diffblue @TGWDB