[Prover] Fix bug in loop unrolling

[rahxephon89]

Description

Currently, loop analysis collects bytecode for unrolling loops and returns a vector of basic blocks, which will be directly flatten later. This implementation will lead to incorrect boogie code if a block in the vector falls through to its successor in the original CFG but the next element in the vector is actually not its successor. The bug leads to verification failure shown in #15044 when CFG simplification is turned on. This PR fixes the issue by inserting the explicit jump instruction.

Close #15044

How Has This Been Tested?

1. existing tests pass;
2. a new test;

Key Areas to Review

The code change will only influence bounded verification with unroll pragma. Need to make sure this change will not affect other part of the prover.

Type of Change

• New feature
• Bug fix
• Breaking change
• Performance improvement
• Refactoring
• Dependency update
• Documentation update
• Tests

Which Components or Systems Does This Change Impact?

• Validator Node
• Full Node (API, Indexer, etc.)
• Move/Aptos Virtual Machine
• Aptos Framework
• Aptos CLI/SDK
• Developer Infrastructure
• Move Compiler
• Prover

Checklist

• I have read and followed the CONTRIBUTING doc
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I identified and added all stakeholders and component owners affected by this change as reviewers
• I tested both happy and unhappy path of the functionality
• I have made corresponding changes to the documentation

[trunk-io]

⏱️ 1h 52m total CI duration on this PR

Slowest 15 Jobs	Cumulative Duration	Recent Runs
execution-performance / single-node-performance	23m	🟩
rust-move-tests	10m	🟩
rust-move-tests	9m	🟩
rust-move-tests	9m	🟩
rust-move-tests	9m	🟩
rust-cargo-deny	9m	🟩 🟩 🟩 🟩 🟩
rust-move-tests	9m	🟩
check-dynamic-deps	5m	🟩 🟩 🟩 🟩 🟩 (+1 more)
rust-doc-tests	5m	🟩
execution-performance / test-target-determinator	4m	🟩
test-target-determinator	4m	🟩
check	4m	🟩
permission-check	3m	🟩 🟩 🟩 🟩 🟩 (+1 more)
general-lints	2m	🟩 🟩 🟩 🟩 🟩
semgrep/ci	2m	🟩 🟩 🟩 🟩 🟩 (+1 more)

🚨 1 job on the last run was significantly faster/slower than expected

Job	Duration	vs 7d avg	Delta
permission-check	3m	2s

_{settings ⋅ feedback ⋅ docs ⋅ learn more about trunk.io}

[rahxephon89]

This is due to cfg simplification

[brmataptos]

Do we have an issue to track the expression attribution being so wrong in V2 here? V1 shows the abort at the abort expression.

[rahxephon89]

will file one once it is landed

[rahxephon89]

This is due to cfg simplification

[rahxephon89]

• [Prover] Fix bug in loop unrolling #15136 👈
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

Join @rahxephon89 and the rest of your teammates on Graphite

[rahxephon89]

change of exp files in this crate is due to cfg simplification.

[rahxephon89]

change of exp files in this crate is due to cfg simplification.

[brmataptos]

PR looks ok. Existing tests and error outputs look like they could be improved.

[brmataptos]

Do we have an issue to track the expression attribution being so wrong in V2 here? V1 shows the abort at the abort expression.

[brmataptos]

Should we have a test that includes a spec which passes? This is an oddly specific spec to be the only test of its kind.

[fEst1ck]

LGTM

[rahxephon89]

change of exp files in this crate is due to cfg simplification.

[wrwg]

"If this is a fall-through block (block has one successor...)" we need to remove it by ...
The fatloop algorithm doesn't support fallthrough.

[github-actions]

✅ Forge suite realistic_env_max_load success on b7acb475991b4161323e13eb191e13a0f82d8a39

two traffics test: inner traffic : committed: 14468.94 txn/s, latency: 2747.06 ms, (p50: 2700 ms, p70: 2700, p90: 2900 ms, p99: 3300 ms), latency samples: 5501420
two traffics test : committed: 99.89 txn/s, latency: 1483.96 ms, (p50: 1400 ms, p70: 1400, p90: 1600 ms, p99: 6900 ms), latency samples: 1860
Latency breakdown for phase 0: ["MempoolToBlockCreation: max: 2.030, avg: 1.575", "ConsensusProposalToOrdered: max: 0.315, avg: 0.291", "ConsensusOrderedToCommit: max: 0.373, avg: 0.360", "ConsensusProposalToCommit: max: 0.662, avg: 0.652"]
Max non-epoch-change gap was: 0 rounds at version 0 (avg 0.00) [limit 4], 0.90s no progress at version 2962755 (avg 0.20s) [limit 15].
Max epoch-change gap was: 0 rounds at version 0 (avg 0.00) [limit 4], 8.62s no progress at version 2962753 (avg 8.62s) [limit 15].
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Validator CPU Profile
• Fullnode CPU Profile
• Test runner output
• Test run is land-blocking

[github-actions]

✅ Forge suite framework_upgrade success on 1086a5e00d773704731ab84fb4ed3538613b2250 ==> b7acb475991b4161323e13eb191e13a0f82d8a39

Compatibility test results for 1086a5e00d773704731ab84fb4ed3538613b2250 ==> b7acb475991b4161323e13eb191e13a0f82d8a39 (PR)
Upgrade the nodes to version: b7acb475991b4161323e13eb191e13a0f82d8a39
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1358.10 txn/s, submitted: 1360.97 txn/s, failed submission: 2.87 txn/s, expired: 2.87 txn/s, latency: 2165.22 ms, (p50: 2100 ms, p70: 2400, p90: 3000 ms, p99: 4500 ms), latency samples: 123220
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1440.52 txn/s, submitted: 1444.25 txn/s, failed submission: 3.74 txn/s, expired: 3.74 txn/s, latency: 2157.91 ms, (p50: 2100 ms, p70: 2100, p90: 3300 ms, p99: 4800 ms), latency samples: 131100
5. check swarm health
Compatibility test for 1086a5e00d773704731ab84fb4ed3538613b2250 ==> b7acb475991b4161323e13eb191e13a0f82d8a39 passed
Upgrade the remaining nodes to version: b7acb475991b4161323e13eb191e13a0f82d8a39
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1217.12 txn/s, submitted: 1219.82 txn/s, failed submission: 2.70 txn/s, expired: 2.70 txn/s, latency: 2467.99 ms, (p50: 2100 ms, p70: 2700, p90: 3900 ms, p99: 6000 ms), latency samples: 108160
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Validator CPU Profile
• Fullnode CPU Profile
• Test runner output
• Test run is land-blocking

[github-actions]

✅ Forge suite compat success on 1086a5e00d773704731ab84fb4ed3538613b2250 ==> b7acb475991b4161323e13eb191e13a0f82d8a39

Compatibility test results for 1086a5e00d773704731ab84fb4ed3538613b2250 ==> b7acb475991b4161323e13eb191e13a0f82d8a39 (PR)
1. Check liveness of validators at old version: 1086a5e00d773704731ab84fb4ed3538613b2250
compatibility::simple-validator-upgrade::liveness-check : committed: 14149.61 txn/s, latency: 1966.89 ms, (p50: 1800 ms, p70: 1900, p90: 2400 ms, p99: 6300 ms), latency samples: 549420
2. Upgrading first Validator to new version: b7acb475991b4161323e13eb191e13a0f82d8a39
compatibility::simple-validator-upgrade::single-validator-upgrading : committed: 6845.30 txn/s, latency: 4176.82 ms, (p50: 4900 ms, p70: 5000, p90: 5100 ms, p99: 5200 ms), latency samples: 125080
compatibility::simple-validator-upgrade::single-validator-upgrade : committed: 6207.93 txn/s, latency: 5117.14 ms, (p50: 5200 ms, p70: 5200, p90: 7200 ms, p99: 7400 ms), latency samples: 232200
3. Upgrading rest of first batch to new version: b7acb475991b4161323e13eb191e13a0f82d8a39
compatibility::simple-validator-upgrade::half-validator-upgrading : committed: 6421.47 txn/s, latency: 4265.88 ms, (p50: 4900 ms, p70: 5200, p90: 5700 ms, p99: 5900 ms), latency samples: 115500
compatibility::simple-validator-upgrade::half-validator-upgrade : committed: 6502.52 txn/s, latency: 4955.84 ms, (p50: 5400 ms, p70: 5500, p90: 6700 ms, p99: 6900 ms), latency samples: 214820
4. upgrading second batch to new version: b7acb475991b4161323e13eb191e13a0f82d8a39
compatibility::simple-validator-upgrade::rest-validator-upgrading : committed: 10006.47 txn/s, latency: 2750.44 ms, (p50: 2900 ms, p70: 3400, p90: 3700 ms, p99: 3900 ms), latency samples: 179300
compatibility::simple-validator-upgrade::rest-validator-upgrade : committed: 9475.83 txn/s, latency: 3360.41 ms, (p50: 3200 ms, p70: 3600, p90: 5500 ms, p99: 6000 ms), latency samples: 307760
5. check swarm health
Compatibility test for 1086a5e00d773704731ab84fb4ed3538613b2250 ==> b7acb475991b4161323e13eb191e13a0f82d8a39 passed
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Validator CPU Profile
• Fullnode CPU Profile
• Test runner output
• Test run is land-blocking