Skip to content

Commit c40ea7e

Browse files
NlightNFotistautschnig
NlightNFotis
authored and
tautschnig
committedFeb 28, 2023
Issue warnings when options may yield unsound verification results
Also warn about options that aren't unsound by design, but are experimental in nature.
·
cbmc-6.6.0cbmc-5.78.0
1 parent 23b7037 commit c40ea7e

File tree

3 files changed

+86
-3
lines changed

3 files changed

+86
-3
lines changed
 

‎jbmc/src/jbmc/jbmc_parse_options.cpp

+40-3
Original file line numberDiff line numberDiff line change
@@ -187,25 +187,54 @@ void jbmc_parse_optionst::get_command_line_options(optionst &options)
187187
{
188188
options.set_option(
189189
"symex-complexity-limit", cmdline.get_value("symex-complexity-limit"));
190+
log.warning() << "**** WARNING: Complexity-limited analysis may yield "
191+
"unsound verification results"
192+
<< messaget::eom;
190193
}
191194

192195
if(cmdline.isset("symex-complexity-failed-child-loops-limit"))
193196
{
194197
options.set_option(
195198
"symex-complexity-failed-child-loops-limit",
196199
cmdline.get_value("symex-complexity-failed-child-loops-limit"));
200+
if(!cmdline.isset("symex-complexity-limit"))
201+
{
202+
log.warning() << "**** WARNING: Complexity-limited analysis may yield "
203+
"unsound verification results"
204+
<< messaget::eom;
205+
}
197206
}
198207

199208
if(cmdline.isset("unwind"))
209+
{
200210
options.set_option("unwind", cmdline.get_value("unwind"));
211+
if(!cmdline.isset("unwinding-assertions"))
212+
{
213+
log.warning() << "**** WARNING: Use --unwinding-assertions to obtain "
214+
"sound verification results"
215+
<< messaget::eom;
216+
}
217+
}
201218

202219
if(cmdline.isset("depth"))
220+
{
203221
options.set_option("depth", cmdline.get_value("depth"));
222+
log.warning()
223+
<< "**** WARNING: Depth-bounded analysis may yield unsound verification "
224+
"results"
225+
<< messaget::eom;
226+
}
204227

205228
if(cmdline.isset("unwindset"))
206229
{
207230
options.set_option(
208231
"unwindset", cmdline.get_comma_separated_values("unwindset"));
232+
if(!cmdline.isset("unwinding-assertions"))
233+
{
234+
log.warning() << "**** WARNING: Use --unwinding-assertions to obtain "
235+
"sound verification results"
236+
<< messaget::eom;
237+
}
209238
}
210239

211240
// constant propagation
@@ -234,9 +263,13 @@ void jbmc_parse_optionst::get_command_line_options(optionst &options)
234263
options.set_option("unwinding-assertions", true);
235264

236265
// generate unwinding assumptions otherwise
237-
options.set_option(
238-
"partial-loops",
239-
cmdline.isset("partial-loops"));
266+
if(cmdline.isset("partial-loops"))
267+
{
268+
options.set_option("partial-loops", true);
269+
log.warning()
270+
<< "**** WARNING: --partial-loops may yield unsound verification results"
271+
<< messaget::eom;
272+
}
240273

241274
// remove unused equations
242275
options.set_option(
@@ -858,6 +891,10 @@ bool jbmc_parse_optionst::process_goto_functions(
858891
// full slice?
859892
if(cmdline.isset("full-slice"))
860893
{
894+
log.warning() << "**** WARNING: Experimental option --full-slice, "
895+
<< "analysis results may be unsound. See "
896+
<< "https://github.com/diffblue/cbmc/issues/260"
897+
<< messaget::eom;
861898
log.status() << "Performing a full slice" << messaget::eom;
862899
if(cmdline.isset("property"))
863900
property_slicer(goto_model, cmdline.get_values("property"));

‎src/cbmc/cbmc_parse_options.cpp

+42
Original file line numberDiff line numberDiff line change
@@ -193,13 +193,26 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
193193
options.set_option("mm", cmdline.get_value("mm"));
194194

195195
if(cmdline.isset("symex-complexity-limit"))
196+
{
196197
options.set_option(
197198
"symex-complexity-limit", cmdline.get_value("symex-complexity-limit"));
199+
log.warning() << "**** WARNING: Complexity-limited analysis may yield "
200+
"unsound verification results"
201+
<< messaget::eom;
202+
}
198203

199204
if(cmdline.isset("symex-complexity-failed-child-loops-limit"))
205+
{
200206
options.set_option(
201207
"symex-complexity-failed-child-loops-limit",
202208
cmdline.get_value("symex-complexity-failed-child-loops-limit"));
209+
if(!cmdline.isset("symex-complexity-limit"))
210+
{
211+
log.warning() << "**** WARNING: Complexity-limited analysis may yield "
212+
"unsound verification results"
213+
<< messaget::eom;
214+
}
215+
}
203216

204217
if(cmdline.isset("property"))
205218
options.set_option("property", cmdline.get_values("property"));
@@ -243,10 +256,24 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
243256
options.set_option("localize-faults", true);
244257

245258
if(cmdline.isset("unwind"))
259+
{
246260
options.set_option("unwind", cmdline.get_value("unwind"));
261+
if(!cmdline.isset("unwinding-assertions"))
262+
{
263+
log.warning() << "**** WARNING: Use --unwinding-assertions to obtain "
264+
"sound verification results"
265+
<< messaget::eom;
266+
}
267+
}
247268

248269
if(cmdline.isset("depth"))
270+
{
249271
options.set_option("depth", cmdline.get_value("depth"));
272+
log.warning()
273+
<< "**** WARNING: Depth-bounded analysis may yield unsound verification "
274+
"results"
275+
<< messaget::eom;
276+
}
250277

251278
if(cmdline.isset("slice-by-trace"))
252279
{
@@ -258,6 +285,12 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
258285
{
259286
options.set_option(
260287
"unwindset", cmdline.get_comma_separated_values("unwindset"));
288+
if(!cmdline.isset("unwinding-assertions"))
289+
{
290+
log.warning() << "**** WARNING: Use --unwinding-assertions to obtain "
291+
"sound verification results"
292+
<< messaget::eom;
293+
}
261294
}
262295

263296
// constant propagation
@@ -280,7 +313,12 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
280313
}
281314

282315
if(cmdline.isset("partial-loops"))
316+
{
283317
options.set_option("partial-loops", true);
318+
log.warning()
319+
<< "**** WARNING: --partial-loops may yield unsound verification results"
320+
<< messaget::eom;
321+
}
284322

285323
// remove unused equations
286324
if(cmdline.isset("slice-formula"))
@@ -840,6 +878,10 @@ bool cbmc_parse_optionst::process_goto_program(
840878
// full slice?
841879
if(options.get_bool_option("full-slice"))
842880
{
881+
log.warning() << "**** WARNING: Experimental option --full-slice, "
882+
<< "analysis results may be unsound. See "
883+
<< "https://github.com/diffblue/cbmc/issues/260"
884+
<< messaget::eom;
843885
log.status() << "Performing a full slice" << messaget::eom;
844886
if(options.is_set("property"))
845887
property_slicer(goto_model, options.get_list_option("property"));

‎src/goto-instrument/goto_instrument_parse_options.cpp

+4
Original file line numberDiff line numberDiff line change
@@ -1742,6 +1742,10 @@ void goto_instrument_parse_optionst::instrument_goto_program()
17421742
do_indirect_call_and_rtti_removal();
17431743
do_remove_returns();
17441744

1745+
log.warning() << "**** WARNING: Experimental option --full-slice, "
1746+
<< "analysis results may be unsound. See "
1747+
<< "https://github.com/diffblue/cbmc/issues/260"
1748+
<< messaget::eom;
17451749
log.status() << "Performing a full slice" << messaget::eom;
17461750
if(cmdline.isset("property"))
17471751
property_slicer(goto_model, cmdline.get_values("property"));

0 commit comments

Comments
 (0)
Please sign in to comment.