Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reject proof harnesses with arguments #2132

Merged
merged 5 commits into from
Jan 19, 2023
Merged

Reject proof harnesses with arguments #2132

merged 5 commits into from
Jan 19, 2023

Conversation

celinval
Copy link
Contributor

Description of changes:

Resolved issues:

Fixes #661
Fixes #689
Fixes #1919

Related RFC:

Call-outs:

Testing:

  • How is this change tested? New test

  • Is this a refactor change?

Checklist

  • Each commit message has a non-empty body, explaining why the change was made
  • Methods or procedures are documented
  • Regression or unit tests are included, or existing tests cover the modified code
  • My PR is restricted to a single feature or bugfix

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.

@celinval
Improve #[kani::proof] handling
6fa684a 
- Change `#[kani::proof]` expansion so it doesn't include `#[no_mangle]`
but includes `[allow(dead_code)]`. Fixes model-checking#661 and fixes model-checking#689.

- Add a check for harnesses with arguments and merge the checks into one
  function. Fixes model-checking#1919
@celinval celinval requested a review from a team as a code owner January 17, 2023 21:23
@tedinski
Copy link
Contributor

One other thing: Can we change the PR title? Want to ensure that whoever write the release notes will notice that this is a possible "breaking" change.

Maybe:

Properly reject proof harnesses with arguments, and don't change harness symbol names

zhassan-aws
zhassan-aws reviewed Jan 17, 2023
View reviewed changes
kani-compiler/src/codegen_cprover_gotoc/codegen/function.rs Outdated
let all_attributes = self.tcx.get_attrs_unchecked(def_id);
let (proof_attributes, _) = partition_kanitool_attributes(all_attributes);
/// Check that if an item is tagged with a proof_attribute, it is a valid harness.
fn check_proof_attribute(&self, def_id: DefId, proof_attributes: Vec<&Attribute>) {
if !proof_attributes.is_empty() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This condition is also checked by the callers. Should we remove it and turn it into an assert?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure

kani-compiler/src/codegen_cprover_gotoc/codegen/function.rs Outdated Show resolved Hide resolved
celinval and others added 3 commits January 17, 2023 13:58
@celinval @zhassan-aws
Update kani-compiler/src/codegen_cprover_gotoc/codegen/function.rs
4cb3ec3 
Co-authored-by: Zyad Hassan <88045115+zhassan-aws@users.noreply.github.com>
@celinval
Address PR feedback + fix tests
f9188ef
@celinval
Add test + fix tests after message fix
ce69be3 
I had forgotten to add the tests before. Sorry!
@celinval celinval changed the title Improve #[kani::proof] handling Reject proof harnesses with arguments Jan 19, 2023
@celinval celinval merged commit 0eb1fe8 into model-checking:main Jan 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhassan-aws zhassan-aws zhassan-aws approved these changes

@tedinski tedinski tedinski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@celinval @tedinski @zhassan-aws