forked from rust-lang/rust
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Introduce rmc::proof function attribute (rust-lang#668)
* Introduce rmc::proof function attribute * add no_mangle as temporary measure to force function codegen
- Loading branch information
Showing
17 changed files
with
226 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
// SPDX-License-Identifier: Apache-2.0 OR MIT | ||
|
||
//! This module should be factored out into its own separate crate eventually, | ||
//! but leaving it here for now... | ||
|
||
use serde::Serialize; | ||
|
||
/// We emit this structure for each annotated proof harness we find | ||
#[derive(Serialize)] | ||
pub struct HarnessMetadata { | ||
/// The name the user gave to the function | ||
pub pretty_name: String, | ||
/// The name of the function in the CBMC symbol table | ||
pub mangled_name: String, | ||
/// The (currently full-) path to the file this proof harness was declared within | ||
pub original_file: String, | ||
/// The line in that file where the proof harness begins | ||
pub original_line: String, | ||
} | ||
|
||
/// The structure of `.rmc-metadata.json` files, which are emitted for each crate | ||
#[derive(Serialize)] | ||
pub struct RmcMetadata { | ||
pub proof_harnesses: Vec<HarnessMetadata>, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,6 +8,7 @@ | |
|
||
mod current_fn; | ||
mod goto_ctx; | ||
pub mod metadata; | ||
mod vtable_ctx; | ||
|
||
pub use goto_ctx::GotocCtx; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,3 +8,4 @@ edition = "2018" | |
license = "MIT OR Apache-2.0" | ||
|
||
[dependencies] | ||
rmc_macros = { path = "../rmc_macros" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0 OR MIT | ||
|
||
[package] | ||
name = "rmc_macros" | ||
version = "0.1.0" | ||
edition = "2018" | ||
license = "MIT OR Apache-2.0" | ||
|
||
[lib] | ||
proc-macro = true | ||
|
||
[dependencies] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
// SPDX-License-Identifier: Apache-2.0 OR MIT | ||
|
||
// #![feature(register_tool)] | ||
// #![register_tool(rmctool)] | ||
// Frustratingly, it's not enough for our crate to enable these features, because we need all | ||
// downstream crates to enable these features as well. | ||
// So we have to enable this on the commandline (see rmc-rustc) with: | ||
// RUSTFLAGS="-Zcrate-attr=feature(register_tool) -Zcrate-attr=register_tool(rmctool)" | ||
|
||
// proc_macro::quote is nightly-only, so we'll cobble things together instead | ||
use proc_macro::TokenStream; | ||
|
||
#[cfg(all(not(rmc), not(test)))] | ||
#[proc_macro_attribute] | ||
pub fn proof(_attr: TokenStream, item: TokenStream) -> TokenStream { | ||
// Not-RMC, Not-Test means this code shouldn't exist, return nothing. | ||
TokenStream::new() | ||
} | ||
|
||
#[cfg(all(not(rmc), test))] | ||
#[proc_macro_attribute] | ||
pub fn proof(_attr: TokenStream, item: TokenStream) -> TokenStream { | ||
// Leave the code intact, so it can be easily be edited in an IDE, | ||
// but outside RMC, this code is likely never called. | ||
let mut result = TokenStream::new(); | ||
|
||
result.extend("#[allow(dead_code)]".parse::<TokenStream>().unwrap()); | ||
result.extend(item); | ||
result | ||
// quote!( | ||
// #[allow(dead_code)] | ||
// $item | ||
// ) | ||
} | ||
|
||
#[cfg(rmc)] | ||
#[proc_macro_attribute] | ||
pub fn proof(_attr: TokenStream, item: TokenStream) -> TokenStream { | ||
let mut result = TokenStream::new(); | ||
|
||
result.extend("#[rmctool::proof]".parse::<TokenStream>().unwrap()); | ||
// no_mangle is a temporary hack to make the function "public" so it gets codegen'd | ||
result.extend("#[no_mangle]".parse::<TokenStream>().unwrap()); | ||
result.extend(item); | ||
result | ||
// quote!( | ||
// #[rmctool::proof] | ||
// $item | ||
// ) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0 OR MIT | ||
|
||
[package] | ||
name = "simple-proof-annotation" | ||
version = "0.1.0" | ||
edition = "2021" | ||
|
||
[dependencies] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
line 5 assertion failed: 1 == 2: FAILURE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
// SPDX-License-Identifier: Apache-2.0 OR MIT | ||
|
||
fn main() { | ||
assert!(1 == 2); | ||
} | ||
|
||
// NOTE: Currently the below is not detected or run by this test! | ||
|
||
// The expected file presently looks for "1 == 2" above. | ||
// But eventually this test may start to fail as we might stop regarding 'main' | ||
// as a valid proof harness, since it isn't annotated as such. | ||
// This test should be updated if we go that route. | ||
|
||
#[rmc::proof] | ||
fn harness() { | ||
assert!(3 == 4); | ||
} |