-
Notifications
You must be signed in to change notification settings - Fork 128
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
division by zero false-report #211
Comments
The query can be simplified further: x : BITVECTOR(4);
%----------------------------------------------------
ASSERT( NOT(0x0 = x) );
ASSERT( NOT(0x0 = SBVREM(4, 0x1, x)) );
%----------------------------------------------------
QUERY( NOT(0x0 = x) ); |
First of all, thanks for the bugreport! What's even more interesting:
then:
which probably makes this much more understandable. What is happening is that the x is the divisor, so if it's 0, STP goes upside down. The issue is that by having the query "NOT(0x0x = x)" STP tries to prove that this query is false by setting x to 0 and trying to find a solution. So it sets x to 0 and propagates this fact. It then hits the wall. Yes, this is an issue and wrong behaviour. And it is exactly the same issue as before with division by zero :( We are thinking about how to resolve this. It's non-trivial, actually. |
As per #223 , this no longer crashes, but dividing by zero might not behave like you expect. |
This may be a duplicate of #206 . In fact the query under consideration is the Klee query, simplified for readability and fed to STP CLI. To this query:
STP responds with:
Why is it the case? As I understand the first
ASSERT
ensures thatx[0x0]
is never even, so it is definitely not 0.The text was updated successfully, but these errors were encountered: