Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle loop statement comparison between two variables in loop unrolling #1590

Merged
merged 3 commits into from
Oct 11, 2024
Merged

Handle loop statement comparison between two variables in loop unrolling #1590

merged 3 commits into from
Oct 11, 2024

Conversation

karoliineh
Copy link
Member

Previously, we only detected fixed-sized loops when the loop comparison was between a variable and a constant. However, we already found the last assignment to the variable being changed in the loop body, and thus, we have a function for finding the last assigned value.

This PR adds the functionality also to detect fixed loops when the loop condition compares variables by finding the last assignment for the other compared variable.

This PR was inspired by the following loop from the SV-COMP task loops/invert_string-3.c, which we were lucky to solve based on the old heuristics but cannot solve anymore due to the new, more conservative heuristic.

unsigned int max = 5;
char str1[max], str2[max];
int i, j;

for (i=0; i<max; i++) {
    str1[i]=__VERIFIER_nondet_char();
}

This task has the case including a cast. I added another case that would handle similar conditions without a cast as a precaution.

@karoliineh karoliineh added sv-comp SV-COMP (analyses, results), witnesses precision labels Oct 2, 2024
@karoliineh karoliineh added this to the SV-COMP 2025 milestone Oct 2, 2024
@karoliineh karoliineh self-assigned this Oct 2, 2024
@karoliineh karoliineh marked this pull request as ready for review October 2, 2024 19:55
sim642
sim642 reviewed Oct 3, 2024
View reviewed changes
src/util/loopUnrolling.ml
Comment on lines +230 to +231
(* When loop condition has a comparison between variables, we assume that the left one is the counter and right one is the bound.
TODO: can we do something more meaningful instead of this assumption? *)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Theoretically it would be possible to lift this from the option monad to the list monad for non-determinism and return both here. Then the following checks getsPointedAt, constBefore, etc would filter it down to the one that meets all the conditions (although I guess both could still pass all of them).
It would automatically achieve backtracking instead of what currently happens: if the first one doesn't pass getPointedAt, we don't retry everything with the second variable.

I don't know if it would be worth the trouble though.

@sim642 sim642 merged commit bf76679 into master Oct 11, 2024
21 checks passed
@sim642 sim642 deleted the loopUnroll-loop-cond-vars branch October 11, 2024 07:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sim642 sim642 sim642 approved these changes

@michael-schwarz michael-schwarz Awaiting requested review from michael-schwarz

Assignees

@karoliineh karoliineh

Labels
precision sv-comp SV-COMP (analyses, results), witnesses
Projects
None yet
Milestone
SV-COMP 2025
Development

Successfully merging this pull request may close these issues.
2 participants
@karoliineh @sim642