Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a few intrinsics contracts #37

Merged
merged 18 commits into from
Dec 7, 2024
Merged

Add a few intrinsics contracts #37

merged 18 commits into from
Dec 7, 2024

Conversation

celinval
Copy link

@celinval celinval commented Jul 16, 2024
edited
Loading

Here are a few limitations:

  1. Harness forwrite_bytes was disabled due to:
  2. The harnesses explicitly disable cases where a pointer is dangling.
  3. Actual intrinsics are very hard to verify with Kani. The cases we can verify are those that have wrappers around the actual intrinsic.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.

@celinval celinval force-pushed the verify-intrinsics branch from c6f96e3 to ee88552 Compare July 17, 2024 19:53
celinval added 4 commits July 22, 2024 20:29
@celinval
Add a few intrinsics contracts
aa1b9c2 
- This is not working due to a Kani limitation
@celinval
Fix copy* contract to make it untyped
1ad91c8 
The intrinsics `copy` and `copy_nonoverlapping` are untyped copies,
so they don't respect the validity requirements of `T`.
@celinval
Fix Rust build and make MetadataPredicates public
898f08f
@celinval
Add a few ensure clauses
79c6536
@rahulku
Copy link

rahulku commented Sep 13, 2024

is this waiting for something?

@celinval
Copy link
Author

Yes, I need to update the branch and tests.

@celinval
Merge remote-tracking branch 'origin/main' into verify-intrinsics
0182ea1 
# Conflicts:
#	library/core/src/intrinsics.rs
@celinval
Copy link
Author

celinval commented Oct 1, 2024

FYI, this is blocked until we merge the PointerGenerator into Kani: model-checking/kani#3538

@celinval celinval marked this pull request as ready for review October 16, 2024 23:41
@celinval celinval requested a review from a team as a code owner October 16, 2024 23:41
@celinval
Copy link
Author

celinval commented Nov 4, 2024

Just an update. I haven't been able to figure out yet why the copy_nonoverlapping harness is failing yet. The error is:

Checking harness intrinsics::verify::check_copy_nonoverlapping...

VERIFICATION RESULT:
 ** 1 of 856 failed (3 unreachable)
Failed Checks: Only a single top-level call to function _RNCNCINvNtCsf4mLL5B4Lhf_4core10intrinsics19copy_nonoverlappinghEs0_0s_0B8_ when checking contract _RNCNCINvNtCsf4mLL5B4Lhf_4core10intrinsics19copy_nonoverlappinghEs0_0s_0B8_
2024-11-02T01:43:52.2508870Z  File: "/Users/runner/work/verify-rust-std/verify-rust-std/head/library/core/src/intrinsics.rs", line 3311, in _RNCNCINvNtCsf4mLL5B4Lhf_4core10intrinsics19copy_nonoverlappinghEs0_0s_0B8_

VERIFICATION:- FAILED

which doesn't make sense to me. The harness structure is exactly the same as copy, and so is the function implementation. 🤷‍♀️

@celinval celinval mentioned this pull request Nov 4, 2024
Open
@qinheping qinheping self-requested a review November 6, 2024 18:03
@celinval celinval requested a review from feliperodri November 6, 2024 18:03
qinheping
qinheping reviewed Nov 6, 2024
View reviewed changes
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
qinheping
qinheping approved these changes Nov 7, 2024
View reviewed changes
Copy link

@qinheping qinheping left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you!

@tautschnig
Copy link
Member

Just an update. I haven't been able to figure out yet why the copy_nonoverlapping harness is failing yet. The error is:

Checking harness intrinsics::verify::check_copy_nonoverlapping...

VERIFICATION RESULT:
 ** 1 of 856 failed (3 unreachable)
Failed Checks: Only a single top-level call to function _RNCNCINvNtCsf4mLL5B4Lhf_4core10intrinsics19copy_nonoverlappinghEs0_0s_0B8_ when checking contract _RNCNCINvNtCsf4mLL5B4Lhf_4core10intrinsics19copy_nonoverlappinghEs0_0s_0B8_
2024-11-02T01:43:52.2508870Z  File: "/Users/runner/work/verify-rust-std/verify-rust-std/head/library/core/src/intrinsics.rs", line 3311, in _RNCNCINvNtCsf4mLL5B4Lhf_4core10intrinsics19copy_nonoverlappinghEs0_0s_0B8_

VERIFICATION:- FAILED

which doesn't make sense to me. The harness structure is exactly the same as copy, and so is the function implementation. 🤷‍♀️

I have seen the very same problem on #120, and I haven't yet managed to understand why.

@tautschnig
Copy link
Member

Here are a few problems that I bumped into: [...]

Before merning, would you mind adding to the PR description also what actually does work?

tautschnig
tautschnig approved these changes Nov 8, 2024
View reviewed changes
doc/src/challenges/0002-intrinsics-memory.md Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
library/core/src/intrinsics.rs Outdated Show resolved Hide resolved
@celinval
Copy link
Author

@tautschnig can you please see my answer to your comments? Is it OK if I move ahead and merge these changes?

@celinval celinval assigned tautschnig and unassigned celinval Nov 13, 2024
@zhassan-aws zhassan-aws mentioned this pull request Nov 15, 2024
Merged
@tautschnig tautschnig assigned celinval and unassigned tautschnig Nov 27, 2024
@celinval
Copy link
Author

I need to solve the new conflicts. After that, I'll merge this PR

@celinval
Merge remote-tracking branch 'origin/main' into verify-intrinsics
1926ee3 
Since intrinsics file has been deleted, we will have to reapply the
patch.

Conflicts:
 - library/core/src/intrinsics.rs
@celinval
Apply the changes to intrinsics module file
7415c26
@celinval @tautschnig
Update doc/src/challenges/0002-intrinsics-memory.md
e7f1e66 
Co-authored-by: Michael Tautschnig <mt@debian.org>
@celinval
Copy link
Author

celinval commented Dec 6, 2024

I updated this PR to account to the fact that the intrinsics.rs file was moved to intrinsics/mod.rs. I have also disabled the write_bytes harness because of model-checking/kani#90.

@tautschnig can you please take a look and see if this is good to go?

@celinval celinval assigned tautschnig and unassigned celinval Dec 6, 2024
@celinval celinval enabled auto-merge (squash) December 6, 2024 23:45
@celinval celinval merged commit d92a7ea into model-checking:main Dec 7, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qinheping qinheping qinheping approved these changes

@tautschnig tautschnig tautschnig approved these changes

@feliperodri feliperodri Awaiting requested review from feliperodri

Assignees

@tautschnig tautschnig

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@celinval @rahulku @tautschnig @qinheping