Make return type of set_l*_indices be a renamedt [blocks: #4333] #3986
Conversation
romainbrenguier
requested review from
chrisr-diffblue,
kroening,
martin-cs,
peterschrammel,
pkesseli,
smowton and
tautschnig
as code owners
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
a1c6c4d to
8784834
Compare
src/goto-symex/goto_symex_state.cpp
Outdated
| @@ -237,11 +237,13 @@ void goto_symex_statet::assignment( | |||
| #endif | |||
| } | |||
|
|
|||
| void goto_symex_statet::set_l0_indices( | |||
| static void set_l0_indices( | |||
| symex_level0t level0, | |||
There was a problem hiding this comment.
Should probably be by-ref?
src/goto-symex/goto_symex_state.cpp
Outdated
| } | ||
| } | ||
|
|
||
| ssa_exprt | ||
| goto_symex_statet::rename_level0(const symbol_exprt &expr, const namespacet &ns) |
There was a problem hiding this comment.
Shouldn't that be specifically an ssa_exprt, considering we still explicitly convert symbol_exprt -> ssa_exprt in rename_*?
|
I think the template argument for |
|
@martin-cs these would presumably render such invariants unnecessary when we can enforce with the type system, similar to how we would pass a |
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
8784834 to
14e6432
Compare
The argument sometimes needs to be exprt because for instance we have |
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
14e6432 to
192d01e
Compare
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
192d01e to
9beb633
Compare
romainbrenguier
requested review from
danpoe and
hannes-steffenhagen-diffblue
as code owners
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
9beb633 to
a445e5a
Compare
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
a445e5a to
caa3289
Compare
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
caa3289 to
9a0f990
Compare
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
2 times, most recently
from
6ebefbb to
f13a946
Compare
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: f13a946).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/103232156
Status will be re-evaluated on next push.
Common spurious failures:
-
the cbmc commit has disappeared in the mean time (e.g. in a force-push)
-
the author is not in the list of contributors (e.g. first-time contributors).
-
the compatibility was already broken by an earlier merge.
romainbrenguier
changed the title
src/goto-symex/goto_symex_state.cpp
Outdated
|
|
||
| // in case we happen to be multi-threaded, record the memory access | ||
| bool is_shared=l2_thread_write_encoding(lhs, ns); | ||
| bool is_shared = l2_thread_write_encoding(l2_lhs.get(), ns); |
There was a problem hiding this comment.
It seems lhs == l2_lhs.get(), so why can't you just keep using lhs here (and below)?
src/goto-symex/renaming_level.cpp
Outdated
| !l0_expr.get().get_level_2().empty()) | ||
| { | ||
| // TODO reaching here means the information that l0_expr was L1 or L2 has | ||
| // TODO been lost somewhere during execution, which should be avoided |
There was a problem hiding this comment.
Use UNREACHABLE (here and below)?
There was a problem hiding this comment.
Unfortunately it is reachable. There are even cases where level 2 is set but not level 1.
There was a problem hiding this comment.
Level 2 being set without level 1 is expected for objects with static lifetime, but maybe there are also actually buggy cases?
There was a problem hiding this comment.
That's good to know. I think it will be easier to see if something is done wrong once the renamedt type is used everywhere in goto_symex_state. (just to be clear, we do not change the behaviour here, the ignoring of the non-empty case was just done in the caller of this function).
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
f13a946 to
d723b64
Compare
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: d723b64).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/103247786
Status will be re-evaluated on next push.
Common spurious failures:
-
the cbmc commit has disappeared in the mean time (e.g. in a force-push)
-
the author is not in the list of contributors (e.g. first-time contributors).
-
the compatibility was already broken by an earlier merge.
|
tautschnig
changed the title
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
d723b64 to
5162021
Compare
|
@tautschnig I squashed three commits, the order looks fine for me now. I removed the TODOs since it seems there is nothing wrong there. |
src/goto-symex/goto_symex_state.cpp
Outdated
| set_l0_indices(ssa, ns); | ||
| { | ||
| const renamedt<ssa_exprt, L0> ssa_l0 = set_l0_indices(std::move(ssa), ns); | ||
| ssa = ssa_l0.get(); |
There was a problem hiding this comment.
Does the temporary really add value? I think it's pretty clear what set_l0_indices does. Therefore I'd prefer ssa = set_l0_indices(std::move(ssa), ns).get();
src/goto-symex/goto_symex_state.cpp
Outdated
| set_l1_indices(ssa, ns); | ||
| { | ||
| const renamedt<ssa_exprt, L1> ssa_l1 = set_l1_indices(std::move(ssa), ns); | ||
| ssa = ssa_l1.get(); |
There was a problem hiding this comment.
Like for the level-0 case, I'd prefer ssa = set_l1_indices(std::move(ssa), ns).get();
src/goto-symex/goto_symex_state.cpp
Outdated
| @@ -312,7 +308,8 @@ exprt goto_symex_statet::rename(exprt expr, const namespacet &ns) | |||
| } | |||
| else if(level==L2) | |||
| { | |||
| set_l1_indices(ssa, ns); | |||
| const renamedt<ssa_exprt, L1> ssa_l1 = set_l1_indices(std::move(ssa), ns); | |||
| ssa = ssa_l1.get(); | |||
There was a problem hiding this comment.
As above, ssa_l1 is not necessary.
src/goto-symex/goto_symex_state.cpp
Outdated
| set_l1_indices(ssa, ns); | ||
|
|
||
| const renamedt<ssa_exprt, L1> ssa_l1 = set_l1_indices(std::move(ssa), ns); | ||
| ssa = ssa_l1.get(); |
| if(!l0_expr.get().get_level_1().empty()) | ||
| if( | ||
| !l0_expr.get().get_level_1().empty() || | ||
| !l0_expr.get().get_level_2().empty()) |
There was a problem hiding this comment.
To make sure there is no change in behaviour this will require an INVARIANT that !l0_expr.get().get_level_2().empty() implies !l0_expr.get().get_level_1().empty(). And I'm not convinced that holds, because a global variable would not need L1 renaming, even when L2 is non-empty.
There was a problem hiding this comment.
Yes this does not hold, so we can't add an invariant. The reason this does not change the behaviour is that it is only called from set_l1_indices which had the same check until this commit.
src/goto-symex/goto_symex_state.cpp
Outdated
|
|
||
| to_ssa_expr(tmp.false_case()).set_level_2(a_s_read.first); | ||
| if_exprt tmp{cond.as_expr(), l2_true_case.get(), l2_false_case.get()}; |
There was a problem hiding this comment.
Maybe we can delay the construction even further and just use l2_true_case, l2_false_case in the branches below? Overall your changes here indeed make the code much nicer!
src/goto-symex/goto_symex_state.cpp
Outdated
| expr=ssa_l1; | ||
| const renamedt<ssa_exprt, L2> ssa_l2 = | ||
| set_l2_indices(std::move(ssa_l1), ns); | ||
| expr = ssa_l2.get(); |
There was a problem hiding this comment.
As above: get rid of ssa_l2.
src/goto-symex/goto_symex_state.cpp
Outdated
| expr=ssa_l1; | ||
| const renamedt<ssa_exprt, L2> ssa_l2 = | ||
| set_l2_indices(std::move(ssa_l1), ns); | ||
| expr = ssa_l2.get(); |
src/goto-symex/goto_symex_state.cpp
Outdated
| set_l2_indices(ssa_l1, ns); | ||
| expr=ssa_l1; | ||
| const renamedt<ssa_exprt, L2> ssa_l2 = set_l2_indices(std::move(ssa_l1), ns); | ||
| expr = ssa_l2.get(); |
| @@ -67,6 +67,8 @@ operator()(renamedt<ssa_exprt, L0> l0_expr) const | |||
| renamedt<ssa_exprt, L2> symex_level2t:: | |||
| operator()(renamedt<ssa_exprt, L1> l1_expr) const | |||
| { | |||
| if(!l1_expr.get().get_level_2().empty()) | |||
| return renamedt<ssa_exprt, L2>{std::move(l1_expr.value)}; | |||
There was a problem hiding this comment.
This change seems surprising to me, but I'm likely just missing something. Would you mind explaining?
There was a problem hiding this comment.
As for the symex_level1t case, it does not change the behaviour because it is only called from set_l2_indices which had the same check until this commit. We need the check to be here and not in set_l2_indices, because set_l2_indices cannot create renamedt expression, the constructor is private, this ensures we cannot make a renamedt without checking it has the right indices set.
This makes explicit that the result is a renamed expression and can be propagated in through other functions.
This carries the information about which renaming the expression has been through. This requires a change in symex_level1t::operator() so that it takes care of the non-empty level 2 case.
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
5162021 to
c91db70
Compare
This captures the information of which renaming the expression has been through. This requires making symex_level2t::operator() handle non-empty L2. This was handled by set_l2_indices, but it is neccessary to handle it in symex_level2t for making set_l2_indices return a renamedt.
romainbrenguier
force-pushed
the
refactor/symex-rename
branch
from
c91db70 to
1bb05b6
Compare
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: 1bb05b6).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/103359871
Status will be re-evaluated on next push.
Common spurious failures:
-
the cbmc commit has disappeared in the mean time (e.g. in a force-push)
-
the author is not in the list of contributors (e.g. first-time contributors).
-
the compatibility was already broken by an earlier merge.
This makes it easier to track through which kind of renaming the symbols have been through.
This is an intermediary step, for getting all renamed expression use this types (the next step would be to do the same for all the
rename_*functions)Edit: I have changed the title of the PR to better reflect its content now that it has been rebased on the preliminary PR introducing the renamedt type