C library: make sleep() branch free

tautschnig · tautschnig · commit eb763ffc1a53 · 2021-05-09T14:43:24.000Z
The if(...) assignment can be replaced by an assume statement, which
avoids a branch.

Also, enable the regression test of the sleep function.
diff --git a/regression/cbmc-library/sleep-01/main.c b/regression/cbmc-library/sleep-01/main.c
@@ -3,7 +3,6 @@
 
 int main()
 {
-  sleep();
-  assert(0);
+  assert(sleep(42) <= 42);
   return 0;
 }
diff --git a/regression/cbmc-library/sleep-01/test.desc b/regression/cbmc-library/sleep-01/test.desc
@@ -1,4 +1,4 @@
-KNOWNBUG
+CORE
 main.c
 --pointer-check --bounds-check
 ^EXIT=0$
diff --git a/src/ansi-c/library/unistd.c b/src/ansi-c/library/unistd.c
@@ -7,8 +7,7 @@ unsigned int sleep(unsigned int seconds)
   __CPROVER_HIDE:;
   // do nothing, but return nondet value
   unsigned remaining_time=__VERIFIER_nondet_unsigned();
-
-  if(remaining_time>seconds) remaining_time=seconds;
+  __CPROVER_assume(remaining_time <= seconds);
 
   return remaining_time;
 }

Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,7 @@ unsigned int sleep(unsigned int seconds)`
`7`	`7`	`__CPROVER_HIDE:;`
`8`	`8`	`// do nothing, but return nondet value`
`9`	`9`	`unsigned remaining_time=__VERIFIER_nondet_unsigned();`
`10`		`-`
`11`		`- if(remaining_time>seconds) remaining_time=seconds;`
	`10`	`+ __CPROVER_assume(remaining_time <= seconds);`
`12`	`11`
`13`	`12`	`return remaining_time;`
`14`	`13`	`}`