Add documentation for memory primitives #5333
Conversation
| variable would correspond to an object of size 4, and memory allocated via | ||
| `malloc(10)` would correspond to an object of size 10. | ||
|
|
||
| A pointer then consists of two parts: the upper n bits form the object ID, and |
There was a problem hiding this comment.
could this be changed to n?
There was a problem hiding this comment.
Here the n doesn't refer to code or commandline text or something like that so I think it shouldn't be highlighted that way.
danpoe
force-pushed
the
docs/memory-primitives
branch
from
9f4cac8 to
ff21d95
Compare
danpoe
requested review from
chrisr-diffblue,
kroening,
peterschrammel,
smowton and
tautschnig
as code owners
| \page memory-primitives Memory Primitives | ||
|
|
||
| This document describes the semantics and usage of memory-related and | ||
| pointer-related primitives in cbmc. |
There was a problem hiding this comment.
| pointer-related primitives in cbmc. | |
| pointer-related primitives in CBMC. |
| # Background | ||
|
|
||
|
|
||
| ## Memory and pointers in cbmc |
There was a problem hiding this comment.
| ## Memory and pointers in cbmc | |
| ## Memory and Pointers in CBMC |
| ## Memory and pointers in cbmc | ||
|
|
||
| When cbmc analyzes a program, by default it uses the architectural parameters of | ||
| the platform it is running on. That is, on a 64-bit system, cbmc will treat |
There was a problem hiding this comment.
| the platform it is running on. That is, on a 64-bit system, cbmc will treat | |
| the platform it is running on. That is, on a 64-bit system, CBMC will treat |
etc
| integer values, and then constrained to negative values via the assumption. | ||
| In cbmc, like uninitialized integers, uninitialized pointers are treated as | ||
| having a nondeterministic value. That is, the value of the pointer itself is | ||
| nondeterministically chosen, though **no memory is allocated**. |
There was a problem hiding this comment.
Maybe say that you are going to describe what can be expected from an intitialized pointer below.
There was a problem hiding this comment.
Added a sentence saying that pointers should be explicitely initialized
| allocated memory, or is out of bounds of the memory object it points to (i.e., | ||
| the memory object identified by `__CPROVER_POINTER_OBJECT(p)`). | ||
|
|
||
|
|
There was a problem hiding this comment.
Maybe say upfront that some operations, particularly on invalid pointers, are unspecified. Say how I can detect that I have something with unspecified semantics in my harness.
danpoe
force-pushed
the
docs/memory-primitives
branch
from
ff21d95 to
62a4b55
Compare
Uh oh!
There was an error while loading. Please reload this page.