Skip to content

Package invariants#810

Merged
jcp19 merged 82 commits intomasterfrom
continue-msinit
May 9, 2025
Merged

Package invariants#810
jcp19 merged 82 commits intomasterfrom
continue-msinit

Conversation

@jcp19
Copy link
Contributor

@jcp19 jcp19 commented Dec 17, 2024
edited
Loading

Changelog:

  • we introduce the notion of package invariants to describe the contents of global state (we distinguish between non-duplicable and duplicable invariants - more details to follow soon). We introduce the statement openDupPkgInv to open the duplicable invariants of the current package if initialization is guaranteed to be finished, and we introduce all necessary proof obligations for the init functions and main function.
  • we introduce a notion of a friendPkg, i.e., a package to which we may send resources after initialization is finished. These resources are made available as a precondition to the initializer of the selected package (no other package may access these resources). Due to some challenges with resolving paths to imported packages in imported packages, this feature is still heavily configuration dependent and may break easily, and thus, it is still experimental (I opened an issue to keep track of its evolution - Stabilize support for friend package invariants #830)
  • we introduce the notion of functions that may be called during initialization (marked with mayInit) to make sure we never open invariants that might not hold yet - more details on this soon
  • we deprecate initEnsures clauses to allow for modularly checking a package. We also deprecate the --lazyImports flag, as it is no longer necessary: If the package under verification does not declare any package invariants nor initRequires clauses, then nothing is checked for that package. Because our methodology is now modular, we do not have to re-check initialization of all imported packages.
  • we make the Desugarer sequential again to fix the regression reported in Regression same_package/import-fail01/main fails non-deterministically #762

Minor TODOs:

  • protect the use of friend clauses under a feature flag --enableFriendClauses
  • add more tests

@jcp19 jcp19 mentioned this pull request Dec 17, 2024
Closed
@jcp19 jcp19 changed the title Package invariants [WIP] Package invariants Dec 17, 2024
@jcp19 jcp19 linked an issue Jan 6, 2025 that may be closed by this pull request
Add support for initialization invariants #683
Closed
@jcp19 jcp19 linked an issue Jan 19, 2025 that may be closed by this pull request
Regression same_package/import-fail01/main fails non-deterministically #762
Closed
@jcp19 jcp19 requested a review from ArquintL March 1, 2025 19:31
@jcp19
Copy link
Contributor Author

jcp19 commented Mar 5, 2025

@ArquintL I have addressed your comments, please take a look at this when you find the time

ArquintL
ArquintL reviewed Apr 3, 2025
View reviewed changes
Copy link
Member

@ArquintL ArquintL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made a pass over all unresolved comments. Please let me know if I should look at anything else

@jcp19 jcp19 requested a review from ArquintL May 9, 2025 13:31
@jcp19
Copy link
Contributor Author

jcp19 commented May 9, 2025

@ArquintL I have incorporated your feedback. This should be ready for a last look if you want to do so

ArquintL
ArquintL approved these changes May 9, 2025
View reviewed changes
Copy link
Member

@ArquintL ArquintL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I only went over the commits since my last review and have a few tiny final comments

jcp19 and others added 4 commits May 9, 2025 18:08
@jcp19 @ArquintL
Update src/main/scala/viper/gobra/frontend/info/implementation/typing…
9626426 
…/ProgramTyping.scala

Co-authored-by: Linard Arquint <ArquintL@users.noreply.github.com>
@jcp19 @ArquintL
Update src/main/scala/viper/gobra/frontend/info/implementation/typing…
b329d7e 
…/ProgramTyping.scala

Co-authored-by: Linard Arquint <ArquintL@users.noreply.github.com>
@jcp19 @ArquintL
Update src/main/scala/viper/gobra/frontend/Desugar.scala
29fd40f 
Co-authored-by: Linard Arquint <ArquintL@users.noreply.github.com>
@jcp19
incorporate feedback from Linard
5ad7924
@jcp19 jcp19 merged commit fddbd86 into master May 9, 2025
2 of 3 checks passed
@jcp19 jcp19 deleted the continue-msinit branch May 9, 2025 17:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ArquintL ArquintL ArquintL approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Regression same_package/import-fail01/main fails non-deterministically Add support for initialization invariants

2 participants

@jcp19 @ArquintL