Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CN] _Noreturn function specifier does not work as expected #906

Open
peterohanley opened this issue Mar 4, 2025 · 0 comments
Open

[CN] _Noreturn function specifier does not work as expected #906

peterohanley opened this issue Mar 4, 2025 · 0 comments

Comments

@peterohanley
Copy link 

void _Noreturn exit(int status);
/*@
spec exit(i32 status);
requires true;
ensures true;
@*/
void _Noreturn exit1(int status)
{
}
void _Noreturn exit2(int status)
{
    exit(status);
}

% cn verify noreturn.c
[1/2]: exit1 -- fail
[2/2]: exit2 -- fail
noreturn.c:8:1: error: Undefined behaviour
void _Noreturn exit1(int status)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~ 
(UB missing short message): UB071_noreturn
State file: ...
noreturn.c:11:1: error: Undefined behaviour
void _Noreturn exit2(int status)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~ 
(UB missing short message): UB071_noreturn
State file: ...

Ok, both fail. exit1 is reasonable, it returns and it's marked _Noreturn. I think this is right and it matches the definition in undefined.lem.

In the state file for exit2 I see this:
Terms

term value
call_exit0 { .return = void }

This indicates exit has returned, even though it was marked _Noreturn. The UB happens in exit2 and not in exit as described in undefined.lem.

Is this happening because cerberus supports _Noreturn but CN doesn't?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@peterohanley