Selective modelling of volatile variables #5374
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| #include <assert.h> | ||
|
|
||
| volatile int x; | ||
| int y; | ||
|
|
||
| void main() | ||
| { | ||
| y = x; | ||
| assert(x == y); | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile | ||
| ^\[main.assertion.1\] line \d+ assertion x == y: FAILURE$ | ||
| ^EXIT=10$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Check interaction between a volatile and a non-volatile variable |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| #include <assert.h> | ||
|
|
||
| volatile int a; | ||
| volatile int b; | ||
|
|
||
| int model() | ||
| { | ||
| int value; | ||
| __CPROVER_assume(value >= 0); | ||
| return value; | ||
| } | ||
|
|
||
| void main() | ||
| { | ||
| assert(a == 0); | ||
|
|
||
| assert(b >= 0); | ||
| assert(b == 0); | ||
| assert(b != 0); | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-model b:model | ||
| \[main.assertion.1\] line \d+ assertion a == 0: SUCCESS | ||
| \[main.assertion.2\] line \d+ assertion b >= 0: SUCCESS | ||
| \[main.assertion.3\] line \d+ assertion b == 0: FAILURE | ||
| \[main.assertion.4\] line \d+ assertion b != 0: FAILURE | ||
| ^EXIT=10$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Checks that the read from b is modelled via the given model |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| #include <assert.h> | ||
|
|
||
| volatile int a; | ||
| volatile int b; | ||
| volatile int c; | ||
|
|
||
| int model() | ||
| { | ||
| int value; | ||
| __CPROVER_assume(value >= 0); | ||
| return value; | ||
| } | ||
|
|
||
| void main() | ||
| { | ||
| assert(a == 0); | ||
|
|
||
| assert(b >= 0); | ||
| assert(b == 0); | ||
| assert(b != 0); | ||
|
|
||
| assert(c >= 0); | ||
| assert(c == 0); | ||
| assert(c != 0); | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-variable b --nondet-volatile-model c:model | ||
| \[main.assertion.1\] line \d+ assertion a == 0: SUCCESS | ||
| \[main.assertion.2\] line \d+ assertion b >= 0: FAILURE | ||
| \[main.assertion.3\] line \d+ assertion b == 0: FAILURE | ||
| \[main.assertion.4\] line \d+ assertion b != 0: FAILURE | ||
| \[main.assertion.5\] line \d+ assertion c >= 0: SUCCESS | ||
| \[main.assertion.6\] line \d+ assertion c == 0: FAILURE | ||
| \[main.assertion.7\] line \d+ assertion c != 0: FAILURE | ||
| ^EXIT=10$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Checks that both options for selectively havocking/modelling volatile reads can | ||
| be used together |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| #include <assert.h> | ||
|
|
||
| volatile int a; | ||
| volatile int b; | ||
|
|
||
| int model_a() | ||
| { | ||
| return 1; | ||
| } | ||
|
|
||
| int model_b() | ||
| { | ||
| return 2; | ||
| } | ||
|
|
||
| void main() | ||
| { | ||
| int result = a + b; | ||
|
There was a problem hiding this comment. Also, does this work if the global is read via volatile pointer? (I'm assuming no, just for clarification). There was a problem hiding this comment. Yes that's right, it currently only works for direct variable reads. (One could also mark a pointer as nondet, in which case the pointer dereferences would be nondet as well. Though when |
||
| assert(result == 3); | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-model a:model_a --nondet-volatile-model b:model_b | ||
| \[main.assertion.1\] line \d+ assertion result == 3: SUCCESS | ||
| ^EXIT=0$ | ||
| ^SIGNAL=0$ | ||
| VERIFICATION SUCCESSFUL | ||
| -- | ||
| -- | ||
| Checks that two volatile reads in the same expression can both be modelled by | ||
| given functions |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| #include <assert.h> | ||
|
|
||
| volatile int a; | ||
|
|
||
| float model() | ||
| { | ||
| return 1; | ||
| } | ||
|
|
||
| void main() | ||
| { | ||
| a; | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-model a:model | ||
| ^Invalid User Input$ | ||
| return type of model .* is not compatible with the type of the modelled variable | ||
| ^EXIT=1$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Check that the command line typechecking reports when a model with a return type | ||
| that is incompatible with the type of the modelled variable is given |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-model a:non_existing_model | ||
| ^Invalid User Input$ | ||
| given model name .* not found in symbol table | ||
| ^EXIT=1$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Check that the command line typechecking reports when a given model for a | ||
| variable cannot be found |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #include <assert.h> | ||
|
|
||
| volatile int a; | ||
|
|
||
| int model_a() | ||
| { | ||
| return 1; | ||
| } | ||
|
|
||
| int model_b() | ||
| { | ||
| return 2; | ||
| } | ||
|
|
||
| void main() | ||
| { | ||
| a; | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-model a:model_a --nondet-volatile-model a:model_b | ||
| ^Invalid User Input$ | ||
| conflicting models for variable | ||
| ^EXIT=1$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Check that the command line typechecking reports when two conflicting models are | ||
| given for a variable |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| CORE | ||
| test.c | ||
| --nondet-volatile-model a:model_a --nondet-volatile-variable a | ||
| ^Invalid User Input$ | ||
| conflicting options for variable | ||
| ^EXIT=1$ | ||
| ^SIGNAL=0$ | ||
| -- | ||
| -- | ||
| Check that the command line typechecking reports when conflicting options are | ||
| given for a variable |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think one of these should have a regression test involving the interaction with non-volatile variables; E.g.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added