Constant propagator: improve GOTO condition propagation

[smowton]

This improves two-way propagation to also account for many other common patterns that imply an equality (e.g. x != y -> x == !y when the operands are of boolean types, or !x --> x == TRUE). I also fix a case where the fixpoint loop around the && case would loop forever because assign_rec can both enlarge and shrink its value-set -- for example, the condition x == 5 && **unknown == (void*)also_unknown would result in repeatedly adding x -> 5 and the clobbering the entire value set. I fix that by noting that in the context of two-way propagation, since there's no write operation taking place we should never shrink the value set.

[allredj]

Passed Diffblue compatibility checks (cbmc commit: d61ce78).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/78115950

[hannes-steffenhagen-diffblue]

I don't completely understand the two way propagation, but this looks reasonable to me.

[hannes-steffenhagen-diffblue]

I'm not a fan of this being a public member. IMHO would be better to have this private. If this needs to be called from the outside, we could just call it should_track_value_handler and have a method should_track_value call this. It being public just invites shenanigans with people manually overwriting it.

[hannes-steffenhagen-diffblue]

I think it'd be clearer to expand the not here: lhs.is_constant() || !rhs.is_constant().

[hannes-steffenhagen-diffblue]

rhs.id() == ID_constant should always be true at this point.

[hannes-steffenhagen-diffblue]

Would it be possible / reasonable to break this up into multiple smaller examples? Something this big is a bit difficult to follow.

[hannes-steffenhagen-diffblue]

Marking do not merge as it's based on another commit that should go in first

[peterschrammel]

This constructor is deprecated.

[peterschrammel]

This constructor is deprecated.

[smowton]

Comments mostly applied-- but this is parked for now pending #2132 landing.

[allredj]

Passed Diffblue compatibility checks (cbmc commit: bf3d12c).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/78301619

[danpoe]

Looks good to me

[danpoe]

Could we use assign_rec() here?

[smowton]

Noting this is still blocked on 2132 as noted above, I believe action @tautschnig

[tautschnig]

Noting this is still blocked on 2132 as noted above, I believe action @tautschnig

... which in turn is blocked by #2221 - @kroening @peterschrammel @smowton ;-)

[tautschnig]

In light of #2132 let me dare and go for high-level comments first:

1. It may be worth removing the changes to two-way-propagation from Improvements to goto-analyzer's constant propagator and simplifier [blocks: #2522] #2132, and instead put this in to this PR here. Notably, that commit introduces a regression test that I'd like to have in place before any of the changes go in.
2. There are simple improvements in this PR that help readability a lot but don't even change behaviour, such as removing the return value. Maybe that could go in a commit of its own? No tests needed as it would be covered by the regression test.
3. Then there are strict extensions of functionality, such as dealing with negation or plain Booleans. Again, might be worth a commit of its own. That commit could nicely include tests showcasing the improvement.
4. Finally, there is the refactoring of existing functionality, which is probably the part that requires the most care. As such it would be really nice to have all the other parts factored out so that one can very easily read that bit of code/that particular change.
5. And then there's the test: unit tests are good, because they very selectively test functionality. But also they can be very hard to read, because they have to do a lot of work that is done by other components. As such I'd prefer to also have plain C examples. Now throwing away all the work that has gone into the unit test would also seem like a bad idea. Can we maybe have both?

[tautschnig]

@smowton #2132 is in, so this one should be ready to be rebased.

[smowton]

@tautschnig rebased and improved somewhat, and described the new state of affairs in the PR description -- please re-review

[tautschnig]

@smowton clang-format demands more work :-)

[tautschnig]

Could do with a bunch of cleanup as indicated in comments, but otherwise ok.

[tautschnig]

How about changing the above else to else if(is_assignment) and then even simplifying the comment a bit?

[tautschnig]

Unrelated change?

[tautschnig]

Use the new code_ifthenelset constructor.

[tautschnig]

There is a global one defined for the unit tests.

[tautschnig]

Might use the initializer-list constructor

[tautschnig]

Use recently added constructor

[tautschnig]

move_to_operands is deprecated

[tautschnig]

Use global one

[smowton]

@tautschnig @chrisr-diffblue @peterschrammel this is updated and ready for re-review.

[allredj]

✔️
Passed Diffblue compatibility checks (cbmc commit: 06e6573).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/96099635

[tautschnig]

I'd use expr.type().id() == ID_bool to be consistent with what you're using above.

[tautschnig]

I'd rewrite this code a bit to do an early if(lhs.id() != ID_typecast) return; and then use to_typecast_expr instead of using the generic .op0().

[tautschnig]

Does this function actually still add value? Doing this one-liner inline might aid clarity.

[smowton]

Updated as requested (except comparison with bool_typet, which I think is better than checking for ID_bool). Will merge when CI passes.

[tautschnig]

(except comparison with bool_typet, which I think is better than checking for ID_bool)

I'm not disputing that, but I'm unhappy about mixing both approaches in a single commit. But this is a very minor issue indeed.

[smowton]

Ah sure, switched to use full type comparison everywhere.

[allredj]

✔️
Passed Diffblue compatibility checks (cbmc commit: 897ffda).
Build URL: https://travis-ci.com/diffblue/test-gen/builds/96195386

[chrisr-diffblue]

LGTM