Add an LLBC backend #3514
Add an LLBC backend #3514
Conversation
zhassan-aws
force-pushed
the
llbc4
branch
4 times, most recently
from
c56066c
to
69840fb
Compare
| @@ -10,6 +10,7 @@ publish = false | |||
|
|
|||
| [dependencies] | |||
| cbmc = { path = "../cprover_bindings", package = "cprover_bindings", optional = true } | |||
| charon = { git = "https://github.com/AeneasVerif/charon", optional = true, default-features = false, rev = "cdc1dcde447a50cbc20336c79b21b42ac977b7fd" } | |||
There was a problem hiding this comment.
Do we need some way to automatically update this commit id? Something akin to the CBMC update job?
There was a problem hiding this comment.
That's a good idea. Currently, there are a lot of breaking changes though, so most updates will need to be handled manually.
| ## Charon/Aeneas LLBC files | ||
| *.llbc |
There was a problem hiding this comment.
How would those even come about?
There was a problem hiding this comment.
These are emitted by the Kani compiler for the Aeneas backend. They're the equivalent of goto binaries for the CBMC backend. Kani makes sure to delete the goto binaries, but in the current PR, it doesn't yet delete the llbc ones.
| info!("# LLBC resulting from control-flow reconstruction:\n\n{}\n", ccx); | ||
|
|
||
| // Run the micro-passes that clean up bodies. | ||
| for pass in charon_lib::transform::LLBC_PASSES.iter() { | ||
| pass.transform_ctx(&mut ccx) | ||
| } | ||
|
|
||
| println!("# Final LLBC before serialization:\n\n{}\n", ccx); | ||
|
|
||
| // Display an error report about the external dependencies, if necessary | ||
| ccx.errors.report_external_deps_errors(); | ||
|
|
||
| trace!("Done"); |
There was a problem hiding this comment.
That's info, println, trace - seems a bit mixed up? Should there be any use of println at all? (Also applies elsewhere.)
There was a problem hiding this comment.
Removed this one
There was a problem hiding this comment.
I made the printing of the final LLBC dependent on a new option (--print-llbc) that is used in the current expected tests. Now, by default, nothing will get printed except the name of the LLBC file.
| parents.into_iter().rev().collect() | ||
| }; | ||
|
|
||
| // Rk.: below we try to be as tight as possible with regards to sanity |
There was a problem hiding this comment.
(Charon dev here) That's a comment copied from Charon, "Rk" is short for @R1kM I believe
There was a problem hiding this comment.
Hah that makes a lot more sense x)
There was a problem hiding this comment.
Fun conversation :)
I was hesitant to remove the comments because we may need to import any future upstream changes to this function, so I wanted to minimize the diff. @tautschnig Let me know if you think the comments create confusion, and I'll remove them.
| } | ||
| DefPathData::Impl => todo!(), | ||
| DefPathData::OpaqueTy => { | ||
| // TODO: do nothing for now |
There was a problem hiding this comment.
When does this need to be changed?
There was a problem hiding this comment.
This is copied over from Charon, I think the answer was "whenever we understand why we'd need the name of an opaque type". We could probably make this an error, I haven't tested if this can ever occur.
There was a problem hiding this comment.
Same comment here @tautschnig
There was a problem hiding this comment.
I haven't reviewed the backend code yet, but I'm curious about how this affects our released software. Are we shipping the new backend?
That was the plan (it's under an unstable feature). If we prefer to not include it in the release at this point, we can disable the feature by default and have a separate set of regressions for this feature.
This PR adds a new codegen backend that generates low-level borrow calculus (LLBC), which is the format defined by Charon and Aeneas.
The backend can be invoked using
-Zaeneas, and will generate a.llbcfile. This file can then be passed to Aeneas to generate Lean for example. Currently, Aeneas needs to be manually run on the generated LLBC.The PR translates stable MIR to unstructured LLBC (ULLBC) and then uses the Charon library to apply transformations that reconstruct the control flow to regain some of the high-level structure (loops, if statements, etc.).
In this PR, very few MIR constructs are handled, but the PR is already pretty big. More support to come in subsequent PRs.
Call-outs:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.