Very nice PR :-)

@XLiZHI you worked on the CUDA OMs in the past. Could I ask whether you have an insight into why the CUDA tests are failing here or how to produce a reduced version of a failing test case? As these are C++-frontend changes I don't expect interleavings to play any role, so ideally a failing CUDA test case with just a single thread would be great to have.

Could I ask whether you have an insight into why the CUDA tests are failing here

Hi @fbrausse ,

The counterexample seem to be array out of bounds problem, I suggest that we can start from the TCs of C++, such as regression/esbmc - cpp11 / constructors/MoveConstructor and regression/esbmc-cpp11/reference/Reference4

I think maybe fixing these TCs will solve the problems in the CUDA TCs.

OK, I'm reasonably happy so far, but 3 issues remain with this PR, as far as I can see:

1. The cuda (and string_view1) tests fail, because the pointer to the symbol being constructed is not passed as first argument to the constructor (__dim3 here).
2. The init_anon_symbol() call added for converting the clang::MaterializeTemporaryExpr does fix a bunch of cases with references (since we can now properly take the address of that symbol), but it causes the control flow generated by the conversion to go haywire, also in cuda, see the --goto-functions-only for assignIndexes(), that's where the wrong out-of-bounds comes from. Edit: I briefly tried using the new make_temporary() instead, but it didn't work. Don't know why, might be worth investigating as it has a very similar purpose.
3. In one of the tests we're running into an infinite recursion. That's why the CI is failing now. Here are the results for a local ctest run as of now (0cf6492): ctest8.txt

Besides that, the changes (mainly: treating conversions between references (modelled as pointers) and the actual values as implicit via gen_typecast()) do introduce a lot of *&var and &*ptr constructs, which ideally should be removed somewhere, probably in the GOTO processing.

As I've got to turn my attention to other things, I would be happy if someone could give me a hand in fixing these remaining issues.

Update: this is the current list of failing tests: ctest8.1.txt

@fbrausse: try to liaise with @XLiZHI to check whether he can continue working on this PR; otherwise, IMHO, we should break this PR into smaller PRs; for the bit you need help, we could open an issue for someone else to work on it.

@fbrausse: try to liaise with @XLiZHI to check whether he can continue working on this PR; otherwise, IMHO, we should break this PR into smaller PRs; for the bit you need help, we could open an issue for someone else to work on it.

Thanks, Lucas. It's not clear to me how to split this PR into smaller parts right now, except for the OMs. I believe the above mentioned issues are fixed now. Let's see what the CI says.

For some reason symbolic types now arrive in the dereference module. Might be because of the temporary_object expressions, not sure, yet. It's easy to work-around via ns.follow(), though.

That's great. Thanks, @fbrausse.

I think @XLiZHI is in Shangai to apply for his visa to come to the UK; he should be back soon to work with you on this PR if needed.

Thanks, as a note of caution though: I had to disable one of @kunjsong01's optimizations, which means we now create more symbols for temporary values (such as the C++ constructors are using). This may lead to a slow-down for C++/Solidity, but I gathered it's better to be more correct than fast here.

This may lead to a slow-down for C++/Solidity, but I gathered it's better to be more correct than fast here.

Yes, I fully support this.

BTW, can I ask you to start an SV-COMP run here, @fbrausse?

Master:

Statistics:          23805 Files
  correct:           13965
    correct true:     7709
    correct false:    6256
  incorrect:            31
    incorrect true:     13
    incorrect false:    18
  unknown:            9809
  Score:             20970 (max: 38482)

https://github.com/esbmc/esbmc/actions/runs/8102075164

This PR:

Statistics:          23805 Files
  correct:           13955
    correct true:     7681
    correct false:    6274
  incorrect:            33
    incorrect true:     13
    incorrect false:    20
  unknown:            9817
  Score:             20900 (max: 38482)

https://github.com/esbmc/esbmc/actions/runs/81015176924

The 2 new incorrect are in no-data-race:

• timeout -> incorrect (is also incorrect on master), timeout noise
• unknown -> incorrect on master fails with

  ERROR: Symbolic type id in size_typet::size_bits
  symbol
  * symbol_name : tag-struct s
  

  This got fixed by adding the ns.follow() in dereference(). Seems like we had symbolic types arriving in dereference already before this PR.

Interestingly, there are also unknown -> correct (and unknown -> timeout) ones in no-data-race, that had the same problem on master.

Besides that, there are 6 timeout -> out-of-memory ones in unreach-call (while all the other benchmarks don't seem to have significantly different memory usage):

• c/loops/heavy-1.c
• c/loops-crafted-1/nested3-1.c
• c/loops-crafted-1/nested3-1_abstracted.c
• c/loops-crafted-1/nested3-2.c
• c/loops-crafted-1/nested3-2_abstracted.c
• c/loops-crafted-1/nested5-2.c

I'll check whether those are noise.

Many thanks, @fbrausse. This PR is a great addition to the ESBMC project.

These results are great! If there are still further improvements, we could write small PRs.