[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [csmith-dev] --max-pointer-depth not honored?

Is there a workaround Xuejun?


On 10/20/15 10:33 PM, Xuejun Yang wrote:
It’s obviously a bug in Csmith. Your understanding is correct.
"--max-pointer-depth"should be the one to limit indirection level for
pointer deference and other usages.

[mailto:csmith-dev-bounces@flux.utah.edu] *On Behalf Of *Tahina Ramananandro
*Sent:* Tuesday, October 20, 2015 12:59 PM
*To:* csmith-dev@flux.utah.edu
*Subject:* [csmith-dev] --max-pointer-depth not honored?

Dear Csmith developers,

I have been testing Csmith 2.2.0 (Git version dcef523), and I am trying
to understand the meaning of the --max-pointer-depth option.

If I understood well, Csmith with --max-pointer-depth N should produce a
program with pointer-dereferencing expressions of length at most N+1
(i.e. without pointer dereferences of the form *..*x with N+2 stars or

However, with --max-pointer-depth 0, I still managed to produce the
attached C program with a depth-2 pointer dereference  (and similarly,
with --max-pointer-depth 1 and a depth-3 pointer dereference, although
in the latter case, it is hard to generate such programs if shorter than
400 lines).

Moreover, massive tests show that, with --no-checksum --no-argc
  --no-arrays --no-bitfields --no-structs --no-unions
--max-pointer-depth 1, more than 70% of all programs generated by Csmith
(regardless of their sizes) reach pointer dereference level 3 or more
(sometimes up to 8).

So, is my understanding correct?

- If so, is there a bug in Csmith that makes --max-pointer-depth not
properly honored?

- Otherwise, what should be the exact meaning of this option, and which
use cases were intended? How could I control the maximum pointer
dereference level in Csmith-generated programs?

And then, a final question too: even though it might be possible to
limit the level of pointer dereference expressions, is there a way to
limit the depth of pointer types?

Thank you in advance for your help.

Best regards,


Tahina Oliver Ramananandro, Ph. D.

Senior Engineer, Advanced Compilers and Formal Verification

Reservoir Labs, Inc.

632 Broadway, Suite 803

New York, NY 10012


Phone: +1 (212) 780-0527 ext. 157

E-mail: ramananandro@reservoir.com <mailto:ramananandro@reservoir.com>,
tahina@ramananandro.org <mailto:tahina@ramananandro.org>

Web: http://tahina.ramananandro.org


[#] Here I consider that --max-pointer-depth 0 does not prevent Csmith
from producing pointers at large, by contrast to --no-pointers