Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Value mismatch between CBMC's console log and GraphML witness #70

Open
Po-Chun-Chien opened this issue Jan 24, 2024 · 0 comments
Open

Value mismatch between CBMC's console log and GraphML witness #70

Po-Chun-Chien opened this issue Jan 24, 2024 · 0 comments

Comments

@Po-Chun-Chien
Copy link

CBMC prints the values for __VERIFIER_nondet in both its console logs and GraphML witnesses when an error path is found.
However, sometimes these values do not match.

Here is an example.

  • Program: cambridge.2.prop1-back-serstep.c
  • Property: unreach-call.prp
  • CBMC version: 5.70.0-121-g4f69955d00 (binaries and wrapper script downloaded from tool archive of SV-COMP 2023)
  • Command line: 
    ./cbmc --graphml-witness witness.graphml --propertyfile unreach-call.prp --64 cambridge.2.prop1-back-serstep.c > exe.log

The input and output files are also available here: example.zip

The values for input_149 = __VERIFIER_nondet_ushort() at line 181 of the program in exe.log and witness.graphml mismatch, as shown by

$ grep "input_149=" exe.log 
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=0 (00000000 00000000)
  input_149=65535 (11111111 11111111)
  input_149=65535 (11111111 11111111)
  input_149=65535 (11111111 11111111)
$ grep -A 2 '<data key="startline">181</data>' witness.graphml 
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>
--
      <data key="startline">181</data>
      <data key="threadId">0</data>
      <data key="assumption">\result = 0;</data>

Both files contain 11 occurrences of input_149.
However, the values are different in the last 3 loop iterations (65535 vs. 0).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Po-Chun-Chien