Block function command line option#1566
Conversation
thk123
left a comment
There was a problem hiding this comment.
Seems good (pending the clang-format and doxygen changes).
There was a problem hiding this comment.
Consider adding (may be repeated) as above to indicate it can be used more than once.
|
Seems reasonable enough on first glance. Ping me when the other comments have been applied and the "do not merge" has been removed. |
49ae8f9 to
7ba26cf
Compare
There was a problem hiding this comment.
It would be nice to have some Doxygen comments for this function, as @peterschrammel mentioned.
There was a problem hiding this comment.
I've now moved the doxygen from the .h file to the .cpp file now, although I understood that in general the rule was to put it in the header file?
smowton
left a comment
There was a problem hiding this comment.
Looks reasonable, some nitpicks on style. @peterschrammel @martin-cs do either of you know of standard terminology for this? "Block" made me think of "basic block" first and foremost. --mark-function-unreachable perhaps?
There was a problem hiding this comment.
return values or side-effects
There was a problem hiding this comment.
Braces around multi-line forall
There was a problem hiding this comment.
That's an odd comment. How about "...was explicitly marked unusable by command-line option --block-function"?
There was a problem hiding this comment.
How about simply replacing the function body, rather than every callsite?
There was a problem hiding this comment.
So, originally I did that (have a look at 8708282), but I got into difficulties when it started violating the asset at line 320 of local_bitvector_analysis.cpp:
assert(succ<loc_infos.size())
I attempted to find a solution to this, and ended up deciding to mirror the code in undefined_function_abort_path (which is, in principle, doing a very similar thing)
Do you know how to solve the assertion violation? I assume that loc_infos needs updating somehow, but I wasn't able to work out how
There was a problem hiding this comment.
loc_infos is created when local-bitvector-analysis is run, after you've messed with the GOTO programs, so it won't need updating, but this does suggest the alteration somehow left the GOTO program in an inconsistent state. Couldn't say how without some deeper debugging though. I'd be happy to keep this as-is in the meantime, but it'd be a good cleanup to do if time permits.
|
Oh one more thing, should make the name of the cpp / h file consistent with the eventually chosen name for the pass |
|
is "block-calls-to-function" more descriptive? I don't like "mark-function-unreachable" as to me that sounds too similar to "mark-unreachable-functions", I think "make-function-unreachable" might be better, but it's not clear how it is being made unreachable. The equivalent command for doing this for an undefined function is just "undefined-function-is-assume-false", so we could make this "make-function-assume-false" |
|
make-function-assume-false is fine with me |
c0cb108 to
dd63f78
Compare
|
Rather than merge develop into this, please rebase this branch on current develop |
c105a90 to
7343adb
Compare
|
Yeah, I'm on it. The last rebase was awful, some of the changes to the regression tests for java strings created conflicts in basically every single test.desc. In the end I gave up and checked out develop and cherry-picked my changes on it. |
|
I rebased this on the current branch when I made the last comment, what else is left for me to do? |
|
I was just confused by the "I'm on it" I guess. Re-assigning to @peterschrammel to evaluate the "Do not merge" and possibly actually approve and merge. |
|
Sorry, I think I posted the comment slightly before I pushed the rebase and then just forgot to post an update |
| " --remove-function-body <f> remove the implementation of function <f> (may be repeated)\n" | ||
| " --make-function-assume-false <f>\n" | ||
| " replace calls to function <f> with assume(false) (may be repeated)\n" // NOLINT(*) | ||
| " through function (may be repeated).\n" |
smowton
left a comment
There was a problem hiding this comment.
Think the help text has got mangled, otherwise lgtm
Blocks all paths through a function by replacing the function calls with assume_false. This is similar to --undefined-function-is-assume-false, but gives the flexibility to havoc undefined functions and block specific functions without needing multiple calls to goto-instrument. Needed for aggressive slicer work
7343adb to
7d80a52
Compare
|
help text is fixed |
|
I don't want to be That Guy but ... would this be best addressed as part of a comprehensive solution to : #1585 ? |
|
I think the suggested solution to #1585 was to create stub bodies for the functions and insert the changes into the stub bodies. Originally that is what I did for this PR and there is a discussion with @smowton about this in the comments above. I created stub bodies for the functions and inserted "assume(false)" into the stub bodies. This change was fine when I applied it to the version of CBMC I was using at the time. When I applied it to develop it caused violation of the assert at line 320 of local_bitvector_analysis.cpp: I couldn't fix this and decided it made sense to mirror the code in undefined_function_abort_path instead (which is doing a very similar thing). So, the options are:
|
|
Assorted thoughts...
I'm certainly happy to review, probably to help program even but it will have to be late January at the earliest. |
Blocks a function by replacing the function body with assume_false.
This is similar to --undefined-function-is-assume-false, but gives the flexibility to havoc undefined functions and block specific functions in one go without needing multiple calls to goto-instrument.
I still need to create a unit test and add it to this pull request, but any early feedback welcome