Variable sensitivity domain #5472
Conversation
martin-cs
requested review from
chrisr-diffblue,
danpoe,
hannes-steffenhagen-diffblue,
kroening,
peterschrammel,
pkesseli,
smowton and
tautschnig
as code owners
|
The unit tests currently don't compile (oops!). I note that "AWS CodeBuild us-east-1 (cbmc-windows-cmake)" passes; is it supposed to skip / ignore the unit tests? |
|
Happy to review if you make the monster pass CI first. |
It probably isn't. @hannes-steffenhagen-diffblue ? |
|
@peterschrammel Thank you, I think it is just the unit tests which are outstanding. All the regression tests and linting, formatting, etc. all pass. I will update the usage of |
|
@martin-cs @peterschrammel The cmake windows build is currently not running any tests actually. This is a long outstanding bug which is one of the things we're hoping to "fix" with our "move CI to github actions" work. |
martin-cs
force-pushed
the
refactor/VSD-with-history-2
branch
from
9a99b5b to
df1b79c
Compare
|
@hannes-steffenhagen-diffblue cool, as long as this isn't news to you! |
|
@hannes-steffenhagen-diffblue you probably already know this but it looks like "AWS CodeBuild us-east-1 (cbmc-clang-3-8)" doesn't run any tests either. |
martin-cs
force-pushed
the
refactor/VSD-with-history-2
branch
from
ed13b18 to
f6dacb0
Compare
Codecov Report
@@ Coverage Diff @@
## develop #5472 +/- ##
===========================================
+ Coverage 68.53% 68.82% +0.28%
===========================================
Files 1187 1241 +54
Lines 98263 100447 +2184
===========================================
+ Hits 67347 69128 +1781
- Misses 30916 31319 +403
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
|
@peterschrammel All of CI now passes, any kind of review would be most appreciated. |
There was a problem hiding this comment.
A shallow review of 20KLOC to scan for red flags. The PR is in pretty good state code quality-wise - ie acceptable to be merged. The main concern are outdated documentation formats that need to be fixed so that the doxygen documentation is produced correctly. Also, some copyright headers don't follow the guidelines and must be fixed before merge.
|
|
||
| // TODO: Currently writing to an offset pointer sets the domain to top | ||
| // so recreate the variables to reign the domain back in | ||
| // This will be addressed by diffblue/cbmc-toyota#118 |
There was a problem hiding this comment.
⛏️ I don't think this reference is publically accessible.
|
|
||
| Purpose: Evaluate the value of an expression relative to the current domain | ||
|
|
||
| \*******************************************************************/ |
There was a problem hiding this comment.
❗ Outdated comment headers. This needs replacing - if not in this PR than immediately as a follow-up.
There was a problem hiding this comment.
I have reformatted all of them.
| what kind of array abstraction it is). So, as we find the variable | ||
| ('a' in this case) we build a stack of which part of it is accessed. | ||
|
|
||
| As abstractions may split the assignment into multiple write (for |
There was a problem hiding this comment.
⛏️
| As abstractions may split the assignment into multiple write (for | |
| As abstractions may split the assignment into multiple writes (for |
| // to be none of that. | ||
| if(s.id() != ID_symbol) | ||
| { | ||
| throw "invalid l-value"; |
There was a problem hiding this comment.
? Is this a font issue? The source says l-value as in https://en.wikipedia.org/wiki/Value_(computer_science)#lrvalue
|
|
||
| /* TODO : full implementation here | ||
| * Note that this is *very* syntax dependent so some normalisation would help | ||
| * 1. split up conjucts, handle each part separately |
There was a problem hiding this comment.
| * 1. split up conjucts, handle each part separately | |
| * 1. split up conjuncts, handle each part separately |
| @@ -129,7 +130,17 @@ class optionst; | |||
| "(intervals)" \ | |||
| "(non-null)" \ | |||
| "(constants)" \ | |||
| "(dependence-graph)" | |||
| "(dependence-graph)" \ | |||
There was a problem hiding this comment.
💡 dependency-graph seems to be more common.
There was a problem hiding this comment.
Yes but this is what the class in question is called and it has been a command-line option for some time. I'm happy to change it but I don't think it should be part of this PR.
|
|
||
| Module: Unit tests for variable/sensitivity/abstract_object::merge | ||
|
|
||
| Author: DiffBlue Limited. All rights reserved. |
There was a problem hiding this comment.
❗
| Author: DiffBlue Limited. All rights reserved. | |
| Author: Diffblue Limited. |
|
|
||
| Module: Unit tests for constant_abstract_valuet::merge | ||
|
|
||
| Author: DiffBlue Limited. All rights reserved. |
|
|
||
| Module: Unit tests for constant_array_abstract_object::merge | ||
|
|
||
| Author: DiffBlue Limited. All rights reserved. |
| @@ -0,0 +1,100 @@ | |||
| // Copyright 2016-2020 Diffblue Limited. All Rights Reserved. | |||
martin-cs
force-pushed
the
refactor/VSD-with-history-2
branch
from
8595305 to
f0e5f58
Compare
|
@peterschrammel I need to move various doxygen comments into the headers but otherwise I should be done with the requested changes. Let me know if there are more. @chrisr-diffblue, @danpoe, @hannes-steffenhagen-diffblue : you know this code, any chance of a review? |
martin-cs
force-pushed
the
refactor/VSD-with-history-2
branch
from
f0e5f58 to
3f7ed08
Compare
|
@peterschrammel I have moved the doxygen comments to the headers. Modulo fixing any issues doxygen has, I think I'm done. |
|
@peterschrammel Are the changes OK? @danpoe @hannes-steffenhagen-diffblue @smowton you are owners for this area, please can you say something about this. I don't think an in-depth review is appropriate but some kind of comment would help. @owen-mc-diffblue If I understand correctly, you were an owner under a different name that hasn't been updated in CODEOWNERS. Please can you comment? |
|
@martin-cs, lgtm modulo the doxygen issues: https://travis-ci.org/github/diffblue/cbmc/jobs/725557168 |
|
Thanks @peterschrammel I will work through the doxygen issues once I have it set up on my machine. |
|
The doxygen issues should be finished. I think it's just waiting on a stalled CI job. |
martin-cs
force-pushed
the
refactor/VSD-with-history-2
branch
from
6bd0bb2 to
17c9d8f
Compare
This requires a few legacy contortions similar to the ones done in dependency graph.
These are due to new global variables being added to __CPROVER_initialise
The N_CATCH_TESTS check in the Makefile found this!
In a previous commit I fixed a bug where the default state of a constructed abstract_environment was top rather than bottom. Correcting this meant this unit test fails as the environment will only return objects which are bottom. Also improve the tagging of the test.
Thankfully the names of the variables and the description of the tests makes it clear that this was a typo. Documentation FTW!
A recent PR has removed a couple of the in-built global variables that are used for modelling the C standard library. This has a knock on effect for the line numbers in the tests of dependency graphs.
This was inefficient but now causes build failures on OS X as it uses -Werror -Wrange-loop-analysis
martin-cs
force-pushed
the
refactor/VSD-with-history-2
branch
from
edbdc4f to
22f775c
Compare
|
This PR looks to be in a good state, and it's mergeable. Is there anything outstanding on it? If not, I can merge it now. |
|
@NlightNFotis Thanks. There are still quite a few refactorings, fixes, improvements, etc. that we will be making but TBH I would rather merge this and have these as separate PRs so they are easier to review. The code in this PR works, has been deployed, has a higher test coverage than the rest of the project -- let's get it merged. Plus it would be good to acknowledge everyone's hard work on this. While we are on the subject, do you / @hannes-steffenhagen-diffblue / @chrisr-diffblue / @peterschrammel want / need any of the rest of the code from this branch? I have a branch with it in, partially ready to be converted into PRs and I'm happy to work with people to do that but it is not a high priority if it is just me. |
|
@martin-cs, it's favourable to get any (valuable) code that is lying around in branches in various forks into the shape of PRs eventually. It's shame when a lot of work has been done and then it rots and dies... and someone else starts reimplementing something similar... |
|
@peterschrammel agreed it is a question of priorities and time. I could make them into draft PRs but they are unlikely to make mergable without someone else getting involved. |
|
@martin-cs I think there is value for the draft PRs to be made - if we can find some time we can shape them up to be more mergeable. Obviously, I cannot give guarantees for when that is, as it depends on a lot of things, but if the PRs are there, they are much more likely to be picked up by someone. |
|
😮 Never thought I'd see the day - can't let it go without commenting! 🎉 🎉 🎉 Hope you're all well |
|
Signs of the end times: |
|
This really should have been merged on 1st April.... |
|
@chrisr-diffblue ... I should have thought of that ... sigh |
|
11/11 11:11 is the beginning of carnival... |
This PR merges in several years of work on a new domain for the abstract interpreter. It should solve a number of the long-standing problems with soundness and precision. The key feature of the domain is that the abstraction used for each type can be selected at run-time, allowing a wide range of scalability / precision trade-offs and easy specialisation without having to re-write all of the array, field, pointer sensitivity, etc.
This is the work of a lot of people, notably @thk123 @chrisr-diffblue @hannes-steffenhagen-diffblue @danpoe @NlightNFotis and others. I have tried to preserve authorship where-ever possible.
I don't think it is reasonable to try to review this in the normal way, nor do I think it is viable to split it up further. Whether it gets merged or not has to be a policy question really. Over the years this has been going on I have asked @peterschrammel and @tautschnig about this as an approach and they seemed supportive because...
The PR should have very little impact on existing functionality, it is enabled with an option in goto-analyzer. It has also been deployed in at least two industrial applications.
There is still work to be done in tidying up the code but I think it can be and would be best done as PRs to it after merging. I will try to do some during the discussion / review.
This includes Changes to sharing-map needed to merge VSD #5202 and String container stats from the VSD branch #5204 which were previous attempts at splitting this out a bit.
I don't know who is currently looking after
https://github.com/diffblue/cbmc/tree/variable-sensitivity-domain
and
https://github.com/diffblue/cbmc/tree/variable-sensitivity-with-get-function-pointers
( @chrisr-diffblue ? @danpoe ? @hannes-steffenhagen-diffblue ? )
but this PR includes the majority of the content of these. I have a branch of the remainder and am happy to work with people to rebase that on top of this PR.
Let me know what you think!