[TG-7648] Constant propagation of substring operations #4941
Conversation
danpoe
requested review from
kroening,
martin-cs,
peterschrammel,
pkesseli,
romainbrenguier,
smowton and
tautschnig
as code owners
danpoe
changed the title
danpoe
force-pushed
the
feature/constant-propagate-string-substring
branch
from
9c03585 to
eaeadb6
Compare
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: eaeadb6).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/120411659
danpoe
changed the title
…g-concatenation [TG-8293] Constant propagation for empty strings and string concatenation [blocks: #4941]
danpoe
force-pushed
the
feature/constant-propagate-string-substring
branch
from
eaeadb6 to
a006aae
Compare
danpoe
changed the title
danpoe
force-pushed
the
feature/constant-propagate-string-substring
branch
6 times, most recently
from
4b31584 to
415535e
Compare
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: 415535e).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/122582457
Status will be re-evaluated on next push.
Common spurious failures include: the cbmc commit has disappeared in the mean time (e.g. in a force-push); the author is not in the list of contributors (e.g. first-time contributors); compatibility was already broken by an earlier merge.
| String s5 = sb.substring(0, 1); | ||
| assert s5.length() == 1; | ||
| assert s5.startsWith("a"); | ||
| } |
There was a problem hiding this comment.
Additionally check that out-of-range begin- or end-indices still throw as expected?
There was a problem hiding this comment.
@smowton Exceptions are a thing of the model library. There are already a couple of tests there:
https://github.com/diffblue/models-library/blob/develop/modelTests/maven/java/lang/String/src/main/java/L1Substring_int.java
https://github.com/diffblue/models-library/blob/develop/modelTests/maven/java/lang/String/src/main/java/L1Substring_int_int.java
which seem sufficient to me.
Of course these would only fail when the test-gen bump is updated, but I don't see how they coiuld.
There was a problem hiding this comment.
I think @smowton is referring to the case where all the arguments to substring() are constant, but the indices are out of bounds. In this case the constant propagator should not simplify anything and the statement should just be symex'd normally. Whether that then later leads to an exception is a thing of the models library. I'll add a test to check that no simplification occurs for out of bounds indices.
| @@ -0,0 +1,9 @@ | |||
| CORE symex-driven-lazy-loading-expected-failure | |||
There was a problem hiding this comment.
When using symex driven lazy loading it seems that jbmc does not fully honor the --property option as several additional VCCs are generated (e.g. null pointer checks). Those regression tests though check that a specific VCC is not simplified. This is currently done by selecting that VCC via --property and then checking that jbmc prints Generated 1 VCC(s), 1 remaining after simplification. If there would be more VCCs we could not check that this one VCC is the one that is not simplified.
| @@ -310,6 +314,26 @@ goto_symext::try_evaluate_constant_string( | |||
| return try_get_string_data_array(s_pointer_opt->get(), ns); | |||
| } | |||
|
|
|||
| optionalt<std::reference_wrapper<const constant_exprt>> | |||
There was a problem hiding this comment.
optionalt<reference_wrapper<T>> -> T*
There was a problem hiding this comment.
It was suggested in a previous PR to use optional references as they provide some additional semantic information. I don't really mind either way but we should be consistent about it.
There was a problem hiding this comment.
I don't think there is a semantic difference, a reference wrapper is basically a pointer that can't be null, by making it optional you can get the empty optional which is basically equivalent to a null pointer, so it's just a verbose way of saying the same thing.
There was a problem hiding this comment.
Yes, I agree that they behave the same. What I meant was that when using an optionalt it's clear from the signature of the method that it returns an optional value, whereas when using a plain pointer that's not necessarily clear.
There was a problem hiding this comment.
I suppose I would always assume a pointer might be null, otherwise you'd use a reference
There was a problem hiding this comment.
Sure, though a nullpointer return value could suggest that some kind of error has occured, whereas optionalt would suggest that this is part of normal and expected behavior.
| String s5 = sb.substring(0, 1); | ||
| assert s5.length() == 1; | ||
| assert s5.startsWith("a"); | ||
| } |
There was a problem hiding this comment.
@smowton Exceptions are a thing of the model library. There are already a couple of tests there:
https://github.com/diffblue/models-library/blob/develop/modelTests/maven/java/lang/String/src/main/java/L1Substring_int.java
https://github.com/diffblue/models-library/blob/develop/modelTests/maven/java/lang/String/src/main/java/L1Substring_int_int.java
which seem sufficient to me.
Of course these would only fail when the test-gen bump is updated, but I don't see how they coiuld.
danpoe
force-pushed
the
feature/constant-propagate-string-substring
branch
from
415535e to
e0ef78e
Compare
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: e0ef78e).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/123016840
danpoe
force-pushed
the
feature/constant-propagate-string-substring
branch
from
e0ef78e to
7da4f78
Compare
This implements constant propagation of ID_cprover_string_substring_func function application expressions. These are in turn used by the various substring operations of String and StringBuilder.
danpoe
force-pushed
the
feature/constant-propagate-string-substring
branch
from
7da4f78 to
e56041f
Compare
… tests Add regression tests that check that the constant propagator does not simplify substring() invocations with only constant arguments when the indices are out of bounds.
There was a problem hiding this comment.
This PR failed Diffblue compatibility checks (cbmc commit: 7da4f78).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/123397270
Status will be re-evaluated on next push.
Common spurious failures include: the cbmc commit has disappeared in the mean time (e.g. in a force-push); the author is not in the list of contributors (e.g. first-time contributors); compatibility was already broken by an earlier merge.
There was a problem hiding this comment.
✔️
Passed Diffblue compatibility checks (cbmc commit: e56041f).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/123399979
Uh oh!
There was an error while loading. Please reload this page.