Constant propagation of nondet-symbol [blocks: #35] #3619
Conversation
tautschnig
commented
Dec 21, 2018
tautschnig
commented
- Each commit message has a non-empty body, explaining why the change was made.
- n/a Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
- n/a The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
- Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
- n/a My commit message includes data points confirming performance improvements (if claimed).
- My PR is restricted to a single feature or bugfix.
- n/a White-space or formatting changes outside the feature-related changed lines are in commits of their own.
tautschnig
requested review from
kroening,
martin-cs,
peterschrammel,
pkesseli,
romainbrenguier and
smowton
as code owners
|
@smowton I'd be curious whether this can do some of what otherwise might only be achievable via field sensitivity for Java. |
tautschnig
changed the title
|
Propagating a nondet symbol? I don't see how, could you elaborate what you think it might do? |
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 3714d25).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/95553013
A nondet symbol is a constant, we just don't know its value. The gain is that it does not interfere with structs that are otherwise constants (those of the kind that we know their value), see also the regression test that's included. |
|
We should probably rename is_constantt to something like "forward_substitution". |
|
Specifically on Java: in principle, Java objects should get zero initialised -- this should enable the propagation without this PR. It may be worth checking whether that actually works. |
|
@kroening they do get zero-init'd; this would catch a case such as |
tautschnig
force-pushed
the
nondet-prop
branch
from
3714d25 to
6d92174
Compare
tautschnig
force-pushed
the
nondet-prop
branch
from
6d92174 to
f241b8b
Compare
tautschnig
assigned smowton, kroening, peterschrammel, martin-cs and chrisr-diffblue and unassigned tautschnig
There was a problem hiding this comment.
🚫
This PR failed Diffblue compatibility checks (cbmc commit: f241b8b).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/98502213
Status will be re-evaluated on next push.
Please contact @peterschrammel, @thk123, or @allredj for support.
Common spurious failures:
- the cbmc commit has disappeared in the mean time (e.g. in a force-push)
- the author is not in the list of contributors (e.g. first-time contributors).
The incompatibility may have been introduced by an earlier PR. In that case merging this
PR should be avoided unless it fixes the current incompatibility.
|
My inclination is this is a bad thing (propagating not just |
I would have liked to believe this, but in fact these are very much complementary. On one of our verification tasks field sensitivity works as expected, but in order to handle a call to |
src/goto-symex/goto_symex_state.cpp
Outdated
| else if(expr.id() == ID_if) | ||
| { | ||
| const if_exprt &if_expr = to_if_expr(expr); | ||
| if( |
There was a problem hiding this comment.
Seems oddly specific, add a comment saying why this particular restriction?
src/goto-symex/goto_symex_state.cpp
Outdated
| return true; | ||
| else if(expr.id() == ID_symbol) | ||
| { | ||
| const irep_idt &obj_identifier = to_ssa_expr(expr).get_object_name(); |
There was a problem hiding this comment.
Similarly could use a comment: why this policy for guards only?
There was a problem hiding this comment.
Suggest to take the guard prefix from a single place of definition.
There was a problem hiding this comment.
Comment added and a refactoring commit added that makes all users use a single definition.
tautschnig
changed the title
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 69012b3).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/105668394
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: ef4b9bb).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/105797178
tautschnig
changed the title
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 5caef74).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/105812275
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: 90c4a75).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/105987217
Status will be re-evaluated on next push.
Common spurious failures include: the cbmc commit has disappeared in the mean time (e.g. in a force-push); the author is not in the list of contributors (e.g. first-time contributors); compatibility was already broken by an earlier merge.
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: bcb894d).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/107052342
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: 77f93e9).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/107328775
Status will be re-evaluated on next push.
Common spurious failures include: the cbmc commit has disappeared in the mean time (e.g. in a force-push); the author is not in the list of contributors (e.g. first-time contributors); compatibility was already broken by an earlier merge.
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 0c848d6).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/107800556
1) Within goto-symex, propagation of nondet_symbol_exprt is actually safe, as they are instantiations of side_effect_expr_nondett and the value of these instantiations cannot change. 2) This highlights that we also need to consider further expressions as possibly being constant in is_constantt which we would otherwise simplify away when they are constant (but cannot any longer do so when nondet_symbol_exprt are contained in there). 3) Constant propagation now yields different right-hand sides in a test, and makes another test trivial. 4) goto-symex applies filters on what is considered "constant" to keep the size of expressions contained as (repeated) simplification of large expressions is expensive. We may revisit this in future as we improve the simplifier.
In order to generate a trace value for an unbounded LHS we may need to look at its RHS as (string) refinement may have constructed values for the RHS.
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 85c963c).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/108226898
|
Closing due to age. If you believe this is erroneous please reopen and update the PR. |
