Make pointer encoding sound wrt integer address translation (and lift object limits) #1086
Conversation
445790a to
16d81cb
Compare
16d81cb to
a029209
Compare
a029209 to
078e2f5
Compare
|
We would then no longer have any limit on the number of objects or the particular addresses that pointers take. |
6fdf7d2 to
11bd809
Compare
11bd809 to
fb32812
Compare
fb32812 to
0932597
Compare
0932597 to
f8328fb
Compare
|
Another "how alive / urgent is this one" type question? |
|
It has been among the top elements on my stack for the last couple of weeks; realistically it will stay there until Christmas... |
56fb5c9 to
1d2a052
Compare
|
This should be ready for review now. I am aware that possible feedback includes "please refactor into multiple, smaller PRs." All feedback appreciated (including that one). A known point of concern, voiced by @kroening earlier: the pointer flattening is not amenable to incremental use. Ideas to fix that are most welcome! |
src/analyses/goto_check.cpp
Outdated
| expr.id()==ID_minus) | ||
| if(expr.id()!=ID_plus && | ||
| expr.id()!=ID_minus) | ||
| return; |
There was a problem hiding this comment.
Nit: since condition is multiple lines can you wrap the return in braces
src/analyses/goto_check.cpp
Outdated
| // The overflow checks are binary! | ||
| // We break these up. | ||
|
|
||
| for(unsigned i=1; i<expr.operands().size(); i++) |
There was a problem hiding this comment.
I needed a pen and paper to fully get what was going on here. I wonder if a comment with an example explaining the calls to pointer_overflow_check would help?
// an operand with 4 children, a, b, c, d we:
// first check (a, b)
// then c with a temporary expression with two children: (a, b)
// then d with a temporary expression with three children: (a, b, c)
src/analyses/goto_check.cpp
Outdated
| else | ||
| { | ||
| tmp=expr; | ||
| tmp.operands().resize(i); |
There was a problem hiding this comment.
You may want to make it explicit here that you are chopping off the last nodes for now to do an intermediate check
|
I've created a TG PR to verify this doesn't break anything, but TBH looks like it won't be a problem: diffblue/test-gen#1322 |
|
TG PR fails, but for what looks like rebase reasons, can I ask for this PR to be rebased on to current head of develop? |
|
Guessing this needs @kroening's opinion? |
|
This mainly needs work on my end to enable incremental use. |
1d2a052 to
89bd8d5
Compare
89bd8d5 to
d53377b
Compare
The tests exercise the way the back-end encodes pointers. Upcoming encoding changes will ensure that these can soundly be handled.
Rather than handling the object/offset bit width in multiple places, make boolbv_widtht the only place to provide this information.
This is in preparation of the flattened bit width of pointers not necessarily matching the width claimed by the front-end.
This keeps configurable aspects out of bv_pointerst.
d53377b to
1b0e0cf
Compare
1b0e0cf to
dc0b605
Compare
Instead of encoding pointers with the same bit width a pointer on a given platform has, just widen the bit-blasted encoding to include both the previous object/offset encoding as well as an (integer) address. The encoding is thus also trivially extended to handle larger numbers of objects and offsets of the same width as the address. Furthermore clean up the code to encapsulate encoding properly, and make in-code layout of pointer encoding more natural (it's now object, offset, integer-address). Fixes: diffblue#436 Fixes: diffblue#311 Fixes: diffblue#94
dc0b605 to
bb9c198
Compare
Codecov Report
@@ Coverage Diff @@
## develop #1086 +/- ##
============================================
- Coverage 69.08% 32.25% -36.83%
============================================
Files 1242 984 -258
Lines 100842 83944 -16898
============================================
- Hits 69667 27080 -42587
- Misses 31175 56864 +25689
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
|
@tautschnig This looks interesting but very out of date now. I notice it was close to the top of your stack a few years ago, does that still hold, or has this fallen too far down to keep open? Generally we'd like to close old PRs that are not going to happen. |
|
Closing due to age and not being actively worked on. Please reopen if you believe this is erroneous and new work towards merging this PR has progressed. |
Instead of encoding pointers with the same bit width a pointer on a given
platform has, just widen the bit-blasted encoding to include both the previous
object/offset encoding as well as an (integer) address. The encoding is thus
also trivially be extended to handle larger numbers of objects and offsets of
the same width as the address.
Furthermore clean up the code to encapsulate encoding properly, and make in-code
layout of pointer encoding more natural (it's now object, offset,
integer-address).
Fixes: #436
Fixes: #311
Fixes: #94