Do not simplify (T)bv-typed when T has smaller bit width #7428
Conversation
tautschnig
force-pushed
the
bugfixes/7426-bv-tc
branch
from
ee358f8 to
27dcf96
Compare
|
BTW, why is the simplification wrong? |
https://github.com/diffblue/cbmc/blob/develop/src/solvers/flattening/boolbv_typecast.cpp#L429..L433 claims it is. But then maybe the typecast flattening code is wrong? |
Codecov ReportBase: 78.49% // Head: 78.49% // Decreases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## develop #7428 +/- ##
===========================================
- Coverage 78.49% 78.49% -0.01%
===========================================
Files 1663 1663
Lines 191331 191330 -1
===========================================
- Hits 150180 150176 -4
- Misses 41151 41154 +3
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
|
I don't think that the invariant is claiming that the cast would necessarily be unsound. A question is what semantics to give it. I'd say it's straight forward when casting to something smaller. You drop the extra bits. There is certainly ambiguity when casting to something bigger, since it's not obvious whether to zero extend or sign extend. |
tautschnig
force-pushed
the
bugfixes/7426-bv-tc
branch
from
27dcf96 to
a47a88f
Compare
The nested `switch` statements had indentation mixed up, making it very difficult to understand which `switch` statement a `case` actually belonged to.
We can safely reduce the number of bits of a bv (and not just signed/unsigned bv) typed expression by just cutting off more-significant bits. Fixes: diffblue#7426
tautschnig
force-pushed
the
bugfixes/7426-bv-tc
branch
from
a47a88f to
b4def86
Compare
We must not modify the bit width of bv (and not signed/unsigned bv) typed expressions via type casts. Make sure simplification doesn't given rise to such expressions.
Fixes: #7426