C library/free: distinguish invalid pointer from invalid free
This makes counterexamples easier to understand when an invalid pointer is being passed to free(), and also supports SV-COMP, where we previously only distinguished these cases via a hack in the wrapper script.
This commit is contained in:
parent
482de57840
commit
98a3ea9540
|
@ -1,9 +1,8 @@
|
|||
#include <assert.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
int main()
|
||||
{
|
||||
free();
|
||||
assert(0);
|
||||
int *ptr;
|
||||
free(ptr);
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
KNOWNBUG
|
||||
CORE
|
||||
main.c
|
||||
--pointer-check --bounds-check
|
||||
^EXIT=0$
|
||||
--pointer-check --bounds-check --stop-on-fail
|
||||
free argument must be NULL or valid pointer
|
||||
^EXIT=10$
|
||||
^SIGNAL=0$
|
||||
^VERIFICATION SUCCESSFUL$
|
||||
^VERIFICATION FAILED$
|
||||
--
|
||||
^warning: ignoring
|
||||
|
|
|
@ -5,6 +5,6 @@ main.c
|
|||
^SIGNAL=0$
|
||||
^VERIFICATION FAILED$
|
||||
free called for stack-allocated object: FAILURE$
|
||||
^\*\* 1 of 12 failed
|
||||
^\*\* 1 of 13 failed
|
||||
--
|
||||
^warning: ignoring
|
||||
|
|
|
@ -184,6 +184,9 @@ inline void free(void *ptr)
|
|||
{
|
||||
__CPROVER_HIDE:;
|
||||
// If ptr is NULL, no operation is performed.
|
||||
__CPROVER_precondition(
|
||||
ptr == 0 || __CPROVER_r_ok(ptr, 0),
|
||||
"free argument must be NULL or valid pointer");
|
||||
__CPROVER_precondition(ptr==0 || __CPROVER_DYNAMIC_OBJECT(ptr),
|
||||
"free argument must be dynamic object");
|
||||
__CPROVER_precondition(ptr==0 || __CPROVER_POINTER_OFFSET(ptr)==0,
|
||||
|
|
Loading…
Reference in New Issue