Re: [csmith-dev] --max-pointer-depth not honored?

[Xuejun Yang <xuyang@microsoft.com>]

It’s obviously a bug in Csmith. Your understanding is correct. "--max-pointer-depth" should be the one to limit indirection level for pointer deference and other usages.

 

From: csmith-dev-bounces@flux.utah.edu [mailto:csmith-dev-bounces@flux.utah.edu] On Behalf Of Tahina Ramananandro
Sent: Tuesday, October 20, 2015 12:59 PM
To: csmith-dev@flux.utah.edu
Subject: [csmith-dev] --max-pointer-depth not honored?

 

Dear Csmith developers,

 

I have been testing Csmith 2.2.0 (Git version dcef523), and I am trying to understand the meaning of the --max-pointer-depth option.

 

If I understood well, Csmith with --max-pointer-depth N should produce a program with pointer-dereferencing expressions of length at most N+1 (i.e. without pointer dereferences of the form *..*x with N+2 stars or more.)

 

However, with --max-pointer-depth 0, I still managed to produce the attached C program with a depth-2 pointer dereference  (and similarly, with --max-pointer-depth 1 and a depth-3 pointer dereference, although in the latter case, it is hard to generate such programs if shorter than 400 lines).

 

Moreover, massive tests show that, with --no-checksum --no-argc  --no-arrays --no-bitfields --no-structs --no-unions --max-pointer-depth 1, more than 70% of all programs generated by Csmith (regardless of their sizes) reach pointer dereference level 3 or more (sometimes up to 8).

 

So, is my understanding correct?

- If so, is there a bug in Csmith that makes --max-pointer-depth not properly honored? 

- Otherwise, what should be the exact meaning of this option, and which use cases were intended? How could I control the maximum pointer dereference level in Csmith-generated programs?

 

And then, a final question too: even though it might be possible to limit the level of pointer dereference expressions, is there a way to limit the depth of pointer types?

 

Thank you in advance for your help.

 

Best regards,

 

--

Tahina Oliver Ramananandro, Ph. D.

Senior Engineer, Advanced Compilers and Formal Verification

Reservoir Labs, Inc.

632 Broadway, Suite 803

New York, NY 10012

USA

Phone: +1 (212) 780-0527 ext. 157

E-mail: ramananandro@reservoir.com, tahina@ramananandro.org

Web: http://tahina.ramananandro.org

 

Notes:

[#] Here I consider that --max-pointer-depth 0 does not prevent Csmith from producing pointers at large, by contrast to --no-pointers