New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for explicit sliceable assumes #1668
base: master
Are you sure you want to change the base?
Conversation
554d4a4
to
d4583b7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In general looks fine, but I have a couple of comments.
-
I think there is a discrepancy for the defaults assigned to
sliceable
.- instructiont::clear() sets it to false, same as the constructor of that class.
- SSA_stept constructor sets it to false as well, so that's consistent.
But:
- do_function_call_symbol() sets the flag to true for only certain assumptions, in particular, assertions will get
sliceable == false
. - symex_target_equationt::assertion() sets the flag to true for ASSERT SSA-steps.
As setting this flag to true is an opt-out of the default (--slice-assumes not given on the cmdline), I believe symex_target_equationt::assertion() should not set it to true.
-
What does
sliceable == false
actually mean for both, instructiont and SSA_stept? For assumptions: nothing, use the default, which is that assumptions are not sliced. For any other kind of statement it has no influence on the operation. But this is not intuitive with the default valuefalse
: The slicer does operate on these other kinds of statements, so the default should betrue
. -
Also, I feel that instructiont::make_assumption() should get this new flag as a parameter.
@@ -139,6 +139,9 @@ class goto_programt | |||
|
|||
bool inductive_assertion; | |||
|
|||
// for slicer | |||
bool sliceable; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The comment here should state that this flag is only relevant for assumptions.
PS: I might have stated points 1. and 2. clearer, as they might read contradictory. What I meant: maybe this flag should be called |
I see your point. I think that the confusion will happen due to the flag not having an explicit relation with assumptions. I guess we could rename it to |
Should it? We could make it more general in the future, that's why the default should match the current semantics for all instruction/SSA-step types and a comment could mention that the implementation currently just supports ASSUME. |
Then I feel like the correct approach is to keep |
I agree. |
I moved to draft while I fix the latest changes
|
Hm apparently, the issue is that this constructor is being used and manipulated without a proper call to
|
d21c22a
to
a8521b8
Compare
Latest version:
@fbrausse it seems that the instruction in ESBMC are quite inconsistent. May I revert back the latest changes? |
The score changes aren't huge. Keep in mind that the current sv-comp runs are also less stable. Having said that, I would prefer to have consistent defaults. Appearently with the current modification patterns of instructions it's hard to do, so I'm fine with going back to "the inconsistent default", though maybe it's best to take a look at the actual diff of the sv-comp results before that - just so we know we're not chasing noise. |
d5ae03f
to
5a0d013
Compare
5a0d013
to
eeded09
Compare
eeded09
to
0ec4d2c
Compare
Closes #1634
This adds the concept of an sliceable assumption, which differs from the common assumptions as it is an invariant instead of a precondition. This mostly affects the Interval Analysis (specially the more aggressive instrumentation modes) as adding complex invariants made the program difficult to slice. This results in the invariant assumption affecting falsification of programs, leading us to use weaker instrumentations mode (i.e., guard local).
Master - 120s, Action 797
PR - 120s, Action 809