Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Heapster type-checking bugs for Rust #1519

Merged
merged 18 commits into from
Nov 23, 2021
Merged

Fix Heapster type-checking bugs for Rust #1519

merged 18 commits into from
Nov 23, 2021

Conversation

eddywestbrook
Copy link
Contributor

This PR fixes some bugs and adds some features in order to progress Heapster type-checking for Rust programs. The changes include:

  • changed how memblock permisisons with variable shapes are proved, so that they look for permissions on the left that contain the offsets on the right, not just those that precisely line up with them

  • performance enhancement: changed a number of fmaps and mbMap2s in Implication.hs to use mbMapCl, to avoid the performance overhead of changing fresh pairs to fresh functions

  • added support for proving sub-byte-sized fields using a truncation rule

  • switched the pretty-printer to use layoutPretty instead of layoutSmart to avoid exponential behavior; also switched ppCommaSep to use the built-in library function punctuate

  • changed SImpl_SplitLLVMWordField, SImpl_TruncateLLVMWordField, and SImpl_ConcatLLVMWordFields to PermImpl1 rules that generate fresh variables for the splitting, truncation, and concatenation of bitvector values, respectively, in order to handle symbolic values in these rules

Eddy Westbrook added 18 commits November 16, 2021 14:05
whoops, fixed the translation of slices to include their lifetimes
014d919
added clone functions as test cases to rust_data
61b9fe5
changed how memblock permisisons with variable shapes are proved, so …
e17bcbf 
…that they look for permissions on the left that contain the offsets on the right, not just those that precisely line up with them
added mux3_mut_refs_u64 and two functions that call it to rust_lifetimes
c352d91
performance enhancement: changed a number of fmaps and mbMap2s in Imp…
966d32c 
…lication.hs to use mbMapCl, to avoid the performance overhead of changing fresh pairs to fresh functions
continued changing fmaps and mbMap2s in Implication.hs to use mbMapCl…
9fbc4d4 
…, to avoid the performance overhead of changing fresh pairs to fresh functions
added support for proving sub-byte-sized fields using a truncation rule
f8ee7ef
whoops, forgot to update the Hobbits dependency!
3bf1f80
switched the pretty-printer to use layoutPretty instead of layoutSmar…
5089d68 
…t to avoid exponential behavior; also switched ppCommaSep to use the built-in library function punctuate
all bits-to-bytes conversions need to round up!
6afc917
changed SImpl_SplitLLVMWordField, SImpl_TruncateLLVMWordField, and SI…
1e1208e 
…mpl_ConcatLLVMWordFields to PermImpl1 rules that generate fresh variables for the splitting, truncation, and concatenation of bitvector values, respectively, in order to handle symbolic values
added the structs example to test out C structs with padding
304aa52
renamed structs example to c_data
45853fd
added the incr_u64_ptr_byte example to c_data to test out the new fie…
38d6d85 
…ld split and truncate rules
whoops, fixed a bug in implLLVMFieldTryProveWordEq2 and removed the i…
0762a7f 
…ncorrect check in implLLVMFieldConcat
whoops, forgot to coerce the output pointer permission to have the pr…
6a2bafc 
…oper output contents after concatenating
whoops, incorrect arguments to Prelude.append in the translation
f01247c
added no-errors proof for the new incr_u64_ptr_byte example
e2b68b6
m-yac
m-yac approved these changes Nov 23, 2021
View reviewed changes
Copy link
Contributor

@m-yac m-yac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, though I can't say I reviewed most of the changes in Implication.hs much beyond just Haskell style, both due to the large number of changes and and due to my unfamiliarity with that part of the codebase. But since all the existing and new tests pass that gives me a good amount of confidence this all works.

@eddywestbrook eddywestbrook added subsystem: heapster Issues specifically related to memory verification using Heapster PR: ready to merge Magic flag for pull requests to ask Mergify to merge given an approval and a successful CI run labels Nov 23, 2021
@mergify mergify bot merged commit e53ddb8 into master Nov 23, 2021
@mergify mergify bot deleted the heapster/rust-typechecking-bugs-pr branch November 23, 2021 00:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@m-yac m-yac m-yac approved these changes

Assignees
No one assigned
Labels
PR: ready to merge Magic flag for pull requests to ask Mergify to merge given an approval and a successful CI run subsystem: heapster Issues specifically related to memory verification using Heapster
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eddywestbrook @m-yac