Giter VIP home page Giter VIP logo

Comments (5)

zvonimir avatar zvonimir commented on June 5, 2024

I investigated this a little bit. And as I expected, LLVM's mem2reg pass optimizes this code so that it completely forgets about a and introduces two fresh undef values. Which is probably fine based on C semantics, which most likely says that if a variable is uninitialized, anything can be used as its value. The problem is that __SMACK_assume is "special" function call in SMACK, which LLVM does not understand.

One solution would be to do this:

int main(void) {
  int a = __SMACK_nondet();
  __SMACK_assume(a == 1);
  __SMACK_assert(a == 1);
  return 0;
}

Unfortunately, currently no other brilliant fixes come to my mind. I am not even sure if this should be fixed...

from smack.

zvonimir avatar zvonimir commented on June 5, 2024

Now I am leaning towards not trying to fix this. Users simply shouldn't use uninitialized variables and you even get a warning about that from clang.

from smack.

zvonimir avatar zvonimir commented on June 5, 2024

Mike, please confirm that you are ok if we do not fix this. Given what C standard says, this assertion should in fact fail.

from smack.

michael-emmi avatar michael-emmi commented on June 5, 2024

I agree that we have nothing to fix here; our current handling is compliant with both C and LLVM semantics, as noted here: http://llvm.org/docs/LangRef.html#undefined-values

However, I slightly disagree with your assessment, that the problem is that "__SMACK_assume is a special function call ... which LLVM does not understand." Even if LLVM did have an assume statement, the result would be the same: the assume a == 1 need not have any impact since a is undefined, and according to the aforementioned URL:

An undef "variable" can arbitrarily change its value over its "live range".
This is true because the variable doesnโ€™t actually have a live range.
Instead, the value is logically read from arbitrary registers that happen to be
around when needed, so the value is not necessarily consistent over time.

In other words, the value of a in the first (assume) statement need not have anything to do with the value of a in the second (assert) statement.

from smack.

zvonimir avatar zvonimir commented on June 5, 2024

Yes, I absolutely agree with you Mike. What I wrote before was not completely correct, as I learned several weeks ago after a lengthy discussion with several people on social networks.

from smack.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.