File: test.desc

package info (click to toggle)
cbmc 6.6.0-4
  • links: PTS
  • area: main
  • in suites: forky, sid, trixie
  • size: 153,852 kB
  • sloc: cpp: 386,459; ansic: 114,466; java: 28,405; python: 6,003; yacc: 4,552; makefile: 4,041; lex: 2,487; xml: 2,388; sh: 2,050; perl: 557; pascal: 184; javascript: 163; ada: 36
file content (18 lines) | stat: -rw-r--r-- 794 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 
CORE
main.c
--enforce-contract f1 --enforce-contract f2 _ --malloc-may-fail --malloc-fail-null --pointer-check
^EXIT=10$
^SIGNAL=0$
^\[f1.assigns.\d+\].*line 16 Check that \*p->buf is valid: FAILURE$
^\[f1.assigns.\d+\].*line 18 Check that p->buf\[(\(.*\))?0\] is assignable: FAILURE$
^\[f2.assigns.\d+\].*line 21 Check that \*pp->p->buf is valid: FAILURE$
^\[f2.assigns.\d+\].*line 23 Check that pp->p->buf\[(\(.*\))?0\] is assignable: FAILURE$
^VERIFICATION FAILED$
--
--
In f1, the assigns clause specifies `*(p->buf)` as target (which can be invalid)
and assigns `p->buf[0]` unconditionally. When both target and lhs are invalid,
its inclusion check can be trivially satisfied (or not) but we expect the target
validity check to fail.

In f2 tests this behaviour with chained dereferences.