Allow static attribute to be stripped from symbols
#4409
Conversation
karkhaz
requested review from
cesaro,
chrisr-diffblue,
cristina-david,
danpoe,
hannes-steffenhagen-diffblue,
kroening,
NathanJPhillips,
peterschrammel,
pkesseli and
thk123
as code owners
karkhaz
force-pushed
the
kk-strip-statics
branch
from
295bcc0 to
82a83e6
Compare
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 82a83e6).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/105034698
|
On Tue, 2019-03-26 at 07:14 -0700, Kareem Khazem wrote:
Thanks for all these comments. I'll need a few days to get this done.
I am in two minds about using an existing GCC option. Those options
are obviously very appropriate. However, people may already have that
option set in their existing build system, so adding behaviour to
goto-cc that uses of that flag might break something...however, I am
still inclined to use those flags, thanks for the suggestion.
I think you are right in that we should only use the gcc flags if we do
exactly the same thing.
Just to be clear, I wasn't proposing to make the C front-end
disregard `static` entirely, I think it's better to export particular
functions that the user requests only.
OK. I'm just not immediately seeing the need for only exporting some.
Exporting all; you've convinced me of the use-case. Some ... I remain
open minded and it seems like extra hassle if there isn't a use-case.
I'll implement name-mangling (and everything else) in goto-cc. This
is because I will not only have to fix up the symbol table; I'll need
to walk over the entire goto-program, mangling every call to the
exported function too. It seems like a good idea to do this in goto-
cc, which only ever sees one translation unit at a time, so I can
safely rename every function I find without worrying what file it
came from.
Yes. Sorry to ask for large changes but it will need to be done at
some point and it is better that it is now, with you giving it your
attention, than as a bug report.
Question: it seems like I will need to recursively walk over irepts
to do the name-mangling in the program. Is there an existing way of
doing this, i.e. some sort of visitor-pattern thing in the CBMC
codebase, or do I just do it manually?
There is `expr_visitort` in `util/expr.h` but `util/replace_symbol.h`
might suit your needs better.
Asking because I did a similar thing for the linker script work
(where I had to match multi-level nested irepts to change their
type)...I remember having a conversation with @tautschnig long ago
about having a tool called goto-grep to find particular shapes in
irepts, and the natural extension of that would be to have goto-sed
;-)
I tried to write something like goto-grep as one of my first CPROVER
projects. It turns out to be much harder than you might think. Maybe
I should try again at some point...
|
Maybe |
This commit allows remove_internal_symbols() to take a message_handlert object for logging in preparation for a commit where this function will emit debugging information.
karkhaz
force-pushed
the
kk-strip-statics
branch
8 times, most recently
from
00b1797 to
067a665
Compare
|
I'm going to leave the tests to run overnight, but I think I'm ready for review. Summary
Name manglingI've included two implementations. The active one mangles function which should be good enough almost all of the time. To deal with having the same-named function in a same-named file in a different part of the codebase, you can pass an argument to this way, users decide whether they need a suffix. They can then pass a different suffix to each invocation of goto-cc. That way, all functions in the same file will be mangled with the same suffix, but different files will have different suffixes. there is another implementation that hashes the pathname using Daniel J. Bernstein's hash, but it's not currently used. The implementation is chosen using templates, so there's no runtime cost to keeping both. The idea with that implementation is that it takes the entire file path into account, so there's no need for a suffix (but you can still provide one if you like). I turned it off because it's not really readable, I'd like harnesses to be readable. Misc
|
|
(assigning folks for re-review because I've changed the approach significantly. Thank you!) |
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 067a665).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/106670075
This is to avoid breaking the API while introducing a new parameter, symbols_to_keep. This parameter will be used in a later commit that will prevent the typecheck method from stripping out user-requested symbols.
This switch makes goto-cc do three things: - retain the implementations of all static functions. - mangle the names of all static functions. - unset the file_local flag on all static function symbols. This feature is intended to help users writing CBMC checks for file-local functions (i.e., those declared as `static` in the C language). The intended workflow is: compile the code under test with the -fkeep-static-functions flag. Then link the code under test with the 'harness' file, again using the flag. This allows the harness to call into static functions in the codebase under test.
karkhaz
force-pushed
the
kk-strip-statics
branch
from
067a665 to
4438e77
Compare
|
Thanks @smowton, I've resolved all your suggestions. |
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: 4438e77).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/106771499
This PR is intended to help users that want to write CBMC proofs for individual functions. The typical way to do this is to write a 'harness' in a different file, which calls the function under test with unconstrained values. However, CBMC cannot see the definition of that function if it is marked
static(in the C language.staticin Java means something else). We would like to enable writing harnesses even forstaticfunctions, or functions that callstaticfunctions.There are two issues solved in this PR.
goto-ccremoves symbols from the symbol table if it determines that those symbols are not externally visible. This PR adds the--keep-implementationsflag togoto-cc, which prevents it from removing those symbols from the symbol table.statichave thefile_localflag set. This PR adds the--strip-staticflag togoto-instrument, which unsets thefile_localflag on all symbols whose name is given as an argument.So the intended workflow is: compile the file under test with goto-cc, passing in a list of functions that should be exposed. Then pass that same list of functions to goto-instrument so that it can unset the flag. This goto binary can then be successfully linked with a harness that calls the static function.