Create Arbitrary::any_array()
#2199
Conversation
|
I'm curious, how does that work? |
feliperodri
force-pushed
the
nondet-anyslice
branch
from
3b5eca4 to
5fe9490
Compare
feliperodri
force-pushed
the
nondet-anyslice
branch
from
5fe9490 to
c510651
Compare
feliperodri
changed the title
feliperodri
changed the title
feliperodri
changed the title
Arbitrary::any_array()
feliperodri
added
the
[C] Feature / Enhancement
|
Can you clarify what the new version of the PR is doing? Is it providing a new way to create non-det arrays: let arr: [u8; 10] = kani::Arbitrary::any_array();? If so, how does it compare to the existing one: let arr: [u8; 10] = kani::any();and are there any advantages to the new approach? |
celinval
left a comment
celinval
left a comment
There was a problem hiding this comment.
Weren't you planning to also make changes to any_slice?
With the new approach, we can directly assign a nondet array without initializing each element individually for types where this operation is safe. |
Can you clarify how this is achieved? The [(); MAX_ARRAY_LENGTH].map(|_| Self::any())seems to be doing the same thing that the [(); N].map(|_| T::any()) |
feliperodri
force-pushed
the
nondet-anyslice
branch
2 times, most recently
from
cf3a0ee to
d956867
Compare
@celinval no changes to |
@zhassan-aws you could see this is a refactoring, yes. Maybe I should update the description of this PR to make it more clear. |
The difference is in the implementation of fn any_array<const MAX_ARRAY_LENGTH: usize>() -> [Self; MAX_ARRAY_LENGTH]
where
[(); { std::mem::size_of::<[$type; MAX_ARRAY_LENGTH]>() }]:,
{
unsafe {
crate::any_raw_internal::<
[Self; MAX_ARRAY_LENGTH],
{ std::mem::size_of::<[Self; MAX_ARRAY_LENGTH]>() },
>()
}Note that we directly call |
zhassan-aws
left a comment
zhassan-aws
left a comment
There was a problem hiding this comment.
I see. Can you point out how any_slice will use it?
celinval
left a comment
celinval
left a comment
There was a problem hiding this comment.
It looks good to me. Please address @zhassan-aws comments before merging.
zhassan-aws
left a comment
zhassan-aws
left a comment
There was a problem hiding this comment.
Thanks. Please update the PR description as well.
feliperodri
force-pushed
the
nondet-anyslice
branch
from
d956867 to
a371ab6
Compare
feliperodri
force-pushed
the
nondet-anyslice
branch
from
a371ab6 to
b3363b0
Compare
zhassan-aws
left a comment
zhassan-aws
left a comment
There was a problem hiding this comment.
Looks good. Thanks @feliperodri!
|
It would be useful to add a test (perhaps in a follow-up PR) that makes sure that a program involving an array of a primitive type does not involve loops. This can be verified by adding a |
We can take advantage of `any_raw_internal` to set all values in an array to nondet. Kani users may now use `any_array()` with a loop-free operation for trivial types, which improves performance. Signed-off-by: Felipe R. Monteiro <[email protected]>
feliperodri
force-pushed
the
nondet-anyslice
branch
from
b3363b0 to
7e1a16f
Compare
4 participants
We can take advantage of
any_raw_internalto set all values in an array to nondet.Kani users may now use
any_array()with a loop-free operation for trivial types,which improves performance.
Signed-off-by: Felipe R. Monteiro [email protected]
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.