goto-instrument --unwind: unwinding assertions do not disable unwinding assumptions

tautschnig · tautschnig · commit e3d1b3258cb3 · 2022-02-02T14:22:32.000Z
In keeping with CBMC's behaviour, generate unwinding assumptions even
when unwinding assertions are generated for (failing) assertions are not
considered fatal in GOTO programs. Unwinding assumptions should only be
skipped when partial loops are requested.
diff --git a/regression/goto-instrument/unwind-assert2/main.c b/regression/goto-instrument/unwind-assert2/main.c
@@ -3,4 +3,5 @@ int main()
 {
   int i;
   for(i = 0; i < 10; i++) {}
+  __CPROVER_assert(0, "fails when fully unwinding the loop");
 }
diff --git a/regression/goto-instrument/unwind-assert2/test.desc b/regression/goto-instrument/unwind-assert2/test.desc
@@ -1,6 +1,8 @@
 CORE
 main.c
 --unwind 9 --unwinding-assertions
+^\[main.assertion.1\] line 6 fails when fully unwinding the loop: SUCCESS$
+^\*\* 1 of 2 failed
 ^EXIT=10$
 ^SIGNAL=0$
 ^VERIFICATION FAILED$
diff --git a/src/goto-instrument/goto_instrument_parse_options.cpp b/src/goto-instrument/goto_instrument_parse_options.cpp
@@ -194,7 +194,7 @@ int goto_instrument_parse_optionst::doit()
 
         if(unwinding_assertions)
         {
-          unwind_strategy=goto_unwindt::unwind_strategyt::ASSERT;
+          unwind_strategy = goto_unwindt::unwind_strategyt::ASSERT_ASSUME;
         }
         else if(partial_loops)
         {
diff --git a/src/goto-instrument/unwind.cpp b/src/goto-instrument/unwind.cpp
@@ -128,6 +128,10 @@ void goto_unwindt::unwind(
   }
   else
   {
+    PRECONDITION(
+      unwind_strategy == unwind_strategyt::ASSERT_ASSUME ||
+      unwind_strategy == unwind_strategyt::ASSUME);
+
     goto_programt::const_targett t=loop_exit;
     t--;
     assert(t->is_backwards_goto());
@@ -144,22 +148,23 @@ void goto_unwindt::unwind(
         exit_cond = loop_head->get_condition();
     }
 
-    goto_programt::targett new_t;
-
-    if(unwind_strategy==unwind_strategyt::ASSERT)
+    if(unwind_strategy == unwind_strategyt::ASSERT_ASSUME)
     {
-      new_t = rest_program.add(goto_programt::make_assertion(exit_cond));
+      goto_programt::targett assertion = rest_program.add(
+        goto_programt::make_assertion(exit_cond, loop_head->source_location()));
+      unwind_log.insert(assertion, loop_head->location_number);
     }
-    else if(unwind_strategy==unwind_strategyt::ASSUME)
+
+    if(
+      unwind_strategy == unwind_strategyt::ASSUME ||
+      unwind_strategy == unwind_strategyt::ASSERT_ASSUME)
     {
-      new_t = rest_program.add(goto_programt::make_assumption(exit_cond));
+      goto_programt::targett assumption =
+        rest_program.add(goto_programt::make_assumption(
+          exit_cond, loop_head->source_location()));
+      unwind_log.insert(assumption, loop_head->location_number);
     }
-    else
-      UNREACHABLE;
 
-    new_t->source_location_nonconst() = loop_head->source_location();
-    new_t->location_number=loop_head->location_number;
-    unwind_log.insert(new_t, loop_head->location_number);
   }
 
   assert(!rest_program.empty());
diff --git a/src/goto-instrument/unwind.h b/src/goto-instrument/unwind.h
@@ -21,7 +21,13 @@ class unwindsett;
 class goto_unwindt
 {
 public:
-  enum class unwind_strategyt { CONTINUE, PARTIAL, ASSERT, ASSUME };
+  enum class unwind_strategyt
+  {
+    CONTINUE,
+    PARTIAL,
+    ASSERT_ASSUME,
+    ASSUME
+  };
 
   // unwind loop
 

Original file line number	Diff line number	Diff line change
`@@ -3,4 +3,5 @@ int main()`
`3`	`3`	`{`
`4`	`4`	`int i;`
`5`	`5`	`for(i = 0; i < 10; i++) {}`
	`6`	`+ __CPROVER_assert(0, "fails when fully unwinding the loop");`
`6`	`7`	`}`
Original file line number	Diff line number	Diff line change
`@@ -194,7 +194,7 @@ int goto_instrument_parse_optionst::doit()`
`194`	`194`
`195`	`195`	`if(unwinding_assertions)`
`196`	`196`	`{`
`197`		`- unwind_strategy=goto_unwindt::unwind_strategyt::ASSERT;`
	`197`	`+ unwind_strategy = goto_unwindt::unwind_strategyt::ASSERT_ASSUME;`
`198`	`198`	`}`
`199`	`199`	`else if(partial_loops)`
`200`	`200`	`{`
Original file line number	Diff line number	Diff line change
`@@ -128,6 +128,10 @@ void goto_unwindt::unwind(`
`128`	`128`	`}`
`129`	`129`	`else`
`130`	`130`	`{`
	`131`	`+ PRECONDITION(`
	`132`	`+ unwind_strategy == unwind_strategyt::ASSERT_ASSUME \|\|`
	`133`	`+ unwind_strategy == unwind_strategyt::ASSUME);`
	`134`	`+`
`131`	`135`	`goto_programt::const_targett t=loop_exit;`
`132`	`136`	`t--;`
`133`	`137`	`assert(t->is_backwards_goto());`
`@@ -144,22 +148,23 @@ void goto_unwindt::unwind(`
`144`	`148`	`exit_cond = loop_head->get_condition();`
`145`	`149`	`}`
`146`	`150`
`147`		`- goto_programt::targett new_t;`
`148`		`-`
`149`		`- if(unwind_strategy==unwind_strategyt::ASSERT)`
	`151`	`+ if(unwind_strategy == unwind_strategyt::ASSERT_ASSUME)`
`150`	`152`	`{`
`151`		`- new_t = rest_program.add(goto_programt::make_assertion(exit_cond));`
	`153`	`+ goto_programt::targett assertion = rest_program.add(`
	`154`	`+ goto_programt::make_assertion(exit_cond, loop_head->source_location()));`
	`155`	`+ unwind_log.insert(assertion, loop_head->location_number);`
`152`	`156`	`}`
`153`		`- else if(unwind_strategy==unwind_strategyt::ASSUME)`
	`157`	`+`
	`158`	`+ if(`
	`159`	`+ unwind_strategy == unwind_strategyt::ASSUME \|\|`
	`160`	`+ unwind_strategy == unwind_strategyt::ASSERT_ASSUME)`
`154`	`161`	`{`
`155`		`- new_t = rest_program.add(goto_programt::make_assumption(exit_cond));`
	`162`	`+ goto_programt::targett assumption =`
	`163`	`+ rest_program.add(goto_programt::make_assumption(`
	`164`	`+ exit_cond, loop_head->source_location()));`
	`165`	`+ unwind_log.insert(assumption, loop_head->location_number);`
`156`	`166`	`}`
`157`		`- else`
`158`		`- UNREACHABLE;`
`159`	`167`
`160`		`- new_t->source_location_nonconst() = loop_head->source_location();`
`161`		`- new_t->location_number=loop_head->location_number;`
`162`		`- unwind_log.insert(new_t, loop_head->location_number);`
`163`	`168`	`}`
`164`	`169`
`165`	`170`	`assert(!rest_program.empty());`