Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CONTRACTS: refactor DFCC code for loop contracts #7551

Merged
merged 5 commits into from
Feb 22, 2023
Merged

CONTRACTS: refactor DFCC code for loop contracts #7551

merged 5 commits into from
Feb 22, 2023

Conversation

remi-delmas-3000
Copy link
Collaborator

@remi-delmas-3000 remi-delmas-3000 commented Feb 16, 2023
edited
Loading

This PR refactors the DFCC code to make it possible to handle loop assigns clauses in #7541.

We now have a standalone class dfcc_contract_clauses_codegent which provides methods to generate GOTO programs that initialize a dynamic frame instance from an assigns clause specification or havoc the targets of an assigns clause.

Before, these code generation methods were encapsulated inside the class dfcc_contract_functionst which exclusively handles function contracts. This makes them available for loop contracts as well.

  • Each commit message has a non-empty body, explaining why the change was made.
  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@remi-delmas-3000 remi-delmas-3000 added aws Bugs or features of importance to AWS CBMC users Code Contracts Function and loop contracts labels Feb 16, 2023
@remi-delmas-3000 remi-delmas-3000 self-assigned this Feb 16, 2023
martin-cs
martin-cs approved these changes Feb 17, 2023
View reviewed changes
Copy link
Collaborator

@martin-cs martin-cs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have not reviewed the contracts/dynamic-frames part. @remi-delmas-3000 I can if you want. The rest looks good but I notice the overlap with #7550 so it would be good to have this rebased when it is merged.

@remi-delmas-3000 remi-delmas-3000 force-pushed the contracts-codegen-loop-assigns branch 3 times, most recently from c78a3cc to bb8e8e8 Compare February 17, 2023 15:31
@remi-delmas-3000 remi-delmas-3000 force-pushed the contracts-codegen-loop-assigns branch 3 times, most recently from ed8ac89 to ad9e93f Compare February 17, 2023 17:33
feliperodri
feliperodri approved these changes Feb 17, 2023
View reviewed changes
Copy link
Collaborator

@feliperodri feliperodri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

src/goto-instrument/contracts/dynamic-frames/dfcc.cpp
Comment on lines +493 to +494
// TODO specialise the library functions for the max size of
// loop and function contracts
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we create a GitHub issue about this and add the link here? It might be better to track this later.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is still work in progress this will already be addressed in the final version

Copy link
Collaborator Author

@remi-delmas-3000 remi-delmas-3000 Feb 21, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DELETED

Copy link
Collaborator

@tautschnig tautschnig Feb 22, 2023
edited by remi-delmas-3000
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But then ... haven't you resolved the "TODO" and should remove this comment?

This has to be implemented in the forthcoming loop contracts PR, this TODO is just a marker that tells you where to do it

Copy link
Collaborator Author

@remi-delmas-3000 remi-delmas-3000 Feb 22, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry this one is a TODO for @qinheping , my comment above applied to two other TODOs I've turned into reqs.

src/goto-instrument/contracts/dynamic-frames/dfcc_contract_clauses_codegen.cpp Outdated Show resolved Hide resolved
src/goto-instrument/contracts/dynamic-frames/dfcc_contract_clauses_codegen.cpp Show resolved Hide resolved
src/goto-instrument/contracts/dynamic-frames/dfcc_spec_functions.cpp Outdated Show resolved Hide resolved
@remi-delmas-3000 remi-delmas-3000 marked this pull request as draft February 17, 2023 21:56
@remi-delmas-3000 remi-delmas-3000 force-pushed the contracts-codegen-loop-assigns branch 3 times, most recently from bc8071e to 961bc8c Compare February 20, 2023 15:42
@remi-delmas-3000 remi-delmas-3000 marked this pull request as ready for review February 21, 2023 16:31
tautschnig
tautschnig approved these changes Feb 22, 2023
View reviewed changes
Copy link
Collaborator

@tautschnig tautschnig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving with a couple of comments that really need to be addressed.

src/goto-instrument/contracts/dynamic-frames/dfcc_contract_clauses_codegen.cpp Outdated Show resolved Hide resolved
src/goto-instrument/contracts/dynamic-frames/dfcc.cpp
Comment on lines +493 to +494
// TODO specialise the library functions for the max size of
// loop and function contracts
Copy link
Collaborator

@tautschnig tautschnig Feb 22, 2023
edited by remi-delmas-3000
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But then ... haven't you resolved the "TODO" and should remove this comment?

This has to be implemented in the forthcoming loop contracts PR, this TODO is just a marker that tells you where to do it

src/goto-instrument/contracts/dynamic-frames/dfcc_spec_functions.cpp Outdated
std::set<irep_idt> function_pointer_contracts;
instrument.instrument_function(function_id, function_pointer_contracts);
INVARIANT(
function_pointer_contracts.size() == 0,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You might want to use .empty() instead of .size() == 0.

src/goto-instrument/contracts/dynamic-frames/dfcc_spec_functions.cpp Outdated Show resolved Hide resolved
src/goto-instrument/contracts/dynamic-frames/dfcc_spec_functions.cpp Outdated Show resolved Hide resolved
src/goto-instrument/contracts/dynamic-frames/dfcc_spec_functions.cpp Outdated Show resolved Hide resolved
src/goto-instrument/contracts/dynamic-frames/dfcc_wrapper_program.cpp Outdated Show resolved Hide resolved
Remi Delmas added 5 commits February 22, 2023 16:28
CONTRACTS: new inlining and loop detection methods
1ad6ecc 
Allows to to inlining and loop detection directly on a goto program
instead of a goto function
CONTRACTS: rearchitecture code for loop contracts
8427b1f 
- Factor out some methods in dfcc_spec_functionst
- Move the code generation methods from dfcc_contract_functionst
  to dfcc_contract_clauses_codegent.
- Update Makefile with new class.
- Propagate interface changes to top level class
CONTRACTS: new context tracking flags in write set
6c5b2a6 
Enable checking for the presence of dynamic
allocations or deallocations in loop bodies
and transitively in the functions called from
loop bodies.

- Adds `allow_allocate` and `allow_deallocate`
  flags in the write set struct
- Modify `add_allocated` to fail an assertion when
  called on a write set with `allow_allocate`
  set to false.
- Modify `check_deallocate` to return false when
  called on a write set with `allow_deallocate`
  set to false.
- Don't treat replacement mode specially anymore,
  always store freeable targets in both the object
  map (for lookups) and in the append list
  (for inclusion checks).
CONTRACTS: new c++ methods to build calls to cprover_contracts library
da85771
address review comments
fb35a17
@remi-delmas-3000 remi-delmas-3000 merged commit b04cbf3 into diffblue:develop Feb 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martin-cs martin-cs martin-cs approved these changes

@feliperodri feliperodri feliperodri approved these changes

@tautschnig tautschnig tautschnig approved these changes

@chris-ryder chris-ryder Awaiting requested review from chris-ryder

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel is a code owner

@kroening kroening Awaiting requested review from kroening kroening is a code owner

@qinheping qinheping Awaiting requested review from qinheping

Assignees

@remi-delmas-3000 remi-delmas-3000

Labels
aws Bugs or features of importance to AWS CBMC users aws-high Code Contracts Function and loop contracts
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@remi-delmas-3000 @tautschnig @feliperodri @martin-cs @qinheping