Possibly excessive functions in `Printable.S`

[sim642]

The Printable.S signature has some functions whose necessity isn't clear to me. I want to know which of these do we really need and which we could get rid of. The signature is massive and thus super annoying to implement. So the fewer functions it contains, the better.

---

isSimple

There are only two actual (non-delegating) calls of this function and both just use it to determine whether to avoid printing an extra \n:

analyzer/src/domains/mapDomain.ml

Lines 155 to 156 in 08b4336

	dok ++ (if Range.isSimple st then dprintf "%a -> %a\n" else
	dprintf "%a -> \n @[%a@]\n") Domain.pretty key Range.pretty st

analyzer/src/util/hash.ml

Lines 118 to 119 in 08b4336

	dok ++ (if Range.isSimple st then dprintf "%a -> @[%a@]\n" else
	dprintf "%a -> \n @[%a@]\n") Domain.pretty key Range.pretty st

pretty_f

This seems to be only used for defining pretty. Might as well define pretty directly.

short

This seems to just be used for debug printing and warning without Pretty. The massive downside of this function is its "width" argument:

• Many definitions outright ignore it and can produce longer string.
• Every call of short passes some completely random and different number as width, making the code full of weird magic constants.
• Often you find ridiculously high constants like 800 because there's actually no need to trim the large textual representation but instead we care about some information it may contain. It'd argue it's even harmful for debugging to see truncated strings because you can't tell if <foo, ...> and <foo, ...> are the same thing or not.
• Some calls even use width 0, which total nonsense and a sign that the width is meaningless.
• Many of these calls are also in commented out debugging code that tries to use Printf not Pretty or tracing.
• Mutex, symbolic locks and thread ID analyses use short to construct our fabulous string-based access partitions and lock sets, which are used to determine races:

  analyzer/src/analyses/mutexAnalysis.ml

  Lines 92 to 93 in 08b4336

  	let ls = Lockset.Lock.short 80 l in
  	LSSet.add ("lock",ls)

  analyzer/src/analyses/symbLocks.ml

  Line 178 in 08b4336

  LSSet.add ("i-lock",ValueDomain.Addr.short 80 lock) xs

  analyzer/src/analyses/threadId.ml

  Lines 76 to 77 in 08b4336

  	let tid = ThreadLifted.short 20 tid in
  	(Access.LSSSet.singleton es, Access.LSSet.add ("thread",tid) es)

  
  What if two different locks have insanely long names but share the 80-character prefix?

to_yojson

This is just needed for "json" value for "result". What actually consumes these JSON results? If I understand correctly from git history, this was added to save results into MongoDB: 8a4c722. The MongoDB related code now is just around commented out.

Not that this is completely separate from our JSON configuration, which we have our own from-scratch JSON implementation for anyway.

[michael-schwarz]

For the Js_of_Ocaml frontend that @keremc is developing, we are thinking of adding a further function val represent : t -> representation to Printable.

type t =
  [ `Nothing
  | `Value of string
  | `Pair of t * t
  | `List of t list
  | `Assoc of (string * t) list
  | `Tagged of string * t ]

Rationale:
In the Js_of_Ocaml application, we need a way to display states at program points to the user.
To avoid having to touch the jsoo-react component that does this all the time when we add new domains, it should be able to display anything of type printable.

• In the first prototype, we used the XML result for this, but loading and parsing a potentially large XML file when you want to display the results for one program point and have the marshaled state available is ugly and performance is poor because the entire XML document needs to be parsed.
• An alternative would be to create the XML for only that state on demand, and then parse that. But still, that doesn't seem very clean.
• We also considered using the YoJson output for it, but that still makes the code of the jsoo-react component somewhat more convoluted than it needs to be.

How does this represent relate to YoJson and XML:

• From this represent, one can obtain json in YoJson format very easily, allowing us to potentially remove to_yojson. The downside is that this does not provide a clear path to implementing a of_yojson in the same manner as would be possible with to_yojson (which we currently don't have and probably don't plan on having either?)

let rec to_yojson (r : t) : Yojson.Safe.t = match r with
  | `Nothing -> `Null
  | `Value s -> `String s
  | `Pair (a, b) -> `List [ to_yojson a; to_yojson b ]
  | `List [ r ] -> to_yojson r
  | `List l -> `List (BatList.map to_yojson l)
  | `Assoc l -> `Assoc (BatList.map (fun (k, v) -> k, to_yojson v) l)
  | `Tagged (n, r) -> `List [ `String n; to_yojson r ]

• For HTML output, the XML output then becomes obsolete. Probably, one still wants to keep it around though to be able to do diffs etc, so the XML output should stay. Potentially, however, one could look at doing the XML generation via this represent mechanism as well?

A first draft of the diffs that this entails (with removing either yojson or XML) is here: master...keremc:represent-domains

@keremc please correct me if I am wrong anywhere, you are the one who thought all of this up and implemented it!

[sim642]

It's very tempting to have such represent, but I don't think it's a good idea for multiple reasons:

1. It's structurally extremely similar to JSON. We already have YoJson, which is a standard OCaml library, not yet another thing we invent.
2. Implementing these represent functions introduces tons of boilerplate we currently don't have for YoJson. Almost all of to_yojson is derived automatically via ppx, which is why I have the least problem with keeping to_yojson. I've found it the least annoying to implement. I've thought about use ppx to reduce boilerplate code #31 many times, but when I looked into it, I realized we'd have to significantly refactor our build structure, because from all Dune documentation that I see, ppx derivers must be separate objects (like libraries) in Dune and since we would want them to derive some of our own type, the type we're deriving must be even another library in Dune for the deriver to depend on.
3. The whole reason why printXml was added and to_XML removed was because to_XML constructed similar structural objects in memory and only serialized them in their entirety. Apparently this was extremely slow and that's why printXml was added to directly output text from the already existing Printable element structure (it already has structure by virtue of definition in OCaml!) with no intermediate representation.

Since we already have YoJson, which potentially has the same performance overhead (it constructs the representation in memory), we should just keep it and make use of it where necessary.

We also considered using the YoJson output for it, but that still makes the code of the jsoo-react component somewhat more convoluted than it needs to be.

Given the nearly one-to-one mapping of the proposed represent, how is using YoJson's directly more convoluted that our own would be?

---

Anyway, I'd like to keep this issue about removing unnecessary things from Printable.S rather than finding new ones to add.

For example, while reading through all the documentation for Pretty I realized it already has built-in functionality for automatically inserting newlines if necessary and that could be used to replace the single isSimple use case. But then I went on further and found out OCaml itself has a far more modern and flexible Format module, which allows that and much more. And not just that but also much more efficiently: just like to_XML did, Pretty returns doc objects which construct an intermediate representation of the output in memory, whereas Format doesn't and works a la printXml.

I am super tempted to even replace Pretty with Format, but that's such a massive undertaking (rewriting every single pretty function and every single Pretty.printf and every single trace) that it's not worth attempting right now.

[michael-schwarz]

Given the nearly one-to-one mapping of the proposed represent, how using YoJson's directly more convoluted that our own would be?

The goal of these are different: YoJson serializes deep into things such as types defined by CIL, MyCFG nodes, ...
Figuring out what part of all this information to display to the user and in which manner is a major overhead:
E.g., if I have an expression in the domain, I certainly do not want to display its AST which the YoJson serialization would contain. I don't want this logic to be in the jsoo application, because this makes it very fragile and likely to break or become unsupported in the long run.

So arguably, YoJson output as we have it now it is a different level of representation than the XML output, which simply serializes such data structures as strings. The level of representation that such a represent function would provide would be the same as XML.

So also a YoJson representation based on this represent would be quite different from what we have now. If that representation is enough for the use case we have for json output, I don't really know.

The whole reason why printXml was added and to_XML removed was because to_XML constructed similar structural objects in memory and only serialized them in their entirety

Iirc to_XML used some fancy XML library that constructed the XML DOM in memory. I doubt whether a printXML defined in terms of represent would have the same performance issues. But this is something one could easily test.

Implementing these represent functions introduces tons of boilerplate we currently don't have for YoJson

If you look at the PR, I don't think it is that much overhead, it is mostly defined in terms of functions that already exist.

---

If you want, we can split this into a separate issue?

[sim642]

The goal of these are different: YoJson serializes deep into things such as types defined by CIL, MyCFG nodes, ...
Figuring out what part of all this information to display to the user and in which manner is a major overhead:
E.g., if I have an expression in the domain, I certainly do not want to display its AST which the YoJson serialization would contain. I don't want this logic to be in the jsoo application, because this makes it very fragile and likely to break or become unsupported in the long run.

This is just the matter of redefining exp_to_yojson to return a JSON string representation of the expression rather than letting the ppx deriver recurse into CIL's internal structure. We are defining this behavior, not CIL – it doesn't come with any inherent notion of what its to_yojson should return. This is exactly what you'd do with represent to fix this problem too.

And if no other tooling depends on the current behavior which returns JSON for exp AST, then there's no harm in changing it to be something more reasonable. Especially since resaonable JSON output could be used by some other future tooling too.

Iirc to_XML used some fancy XML library that constructed the XML DOM in memory. I doubt whether a printXML defined in terms of represent would have the same performance issues. But this is something one could easily test.

XML DOM is nothing but the XML document structure defined via OCaml ADTs. YoJson, Pretty and this represent do the same thing, the only differences are what the variants are (e.g. is there a special variant for pairs etc).

EDIT: https://github.com/ncannasse/xml-light/blob/ab6b4d5851edaa2c2bab553eb9d5f48e68dbbd4f/xml.ml#L26-L28.

If you look at the PR, I don't think it is that much overhead, it is mostly defined in terms of functions that already exist.

But it's extra code for information which already could be gotten via to_yojson.

[vesalvojdani]

I think this combination of pretty_f /pretty/ short was introduced to simulate overriding via module include. It is very clumsy and this width thing is really stupid to handle in each domain. I was wondering if it would be possible to have just to_yojson (and/or represent) for each domain, but then have independent pretty-printers that translate this to whatever format we need?

[sim642]

I was wondering if it would be possible to have just to_yojson (and/or represent) for each domain, but then have independent pretty-printers that translate this to whatever format we need?

Potentially, but I wouldn't try to immediately jump that far. It would make all debug printing, logging and tracing more annoying as is. I mean, instead of

Pretty.printf "Stuff: %a\n" D.pretty d

you'd have to do

Pretty.printf "Stuff: %a\n" DebugFormat.pretty (D.to_yojson d)

Unless we write our own printf family which can work with those intermediate representations seamlessly.

[michael-schwarz]

This is just the matter of redefining exp_to_yojson to return a JSON string representation of the expression rather than letting the ppx deriver recurse into CIL's internal structure.

Yes, but having to do this almost anywhere where we now simply do an [@@deriving to_yojson] sort of does away with the benefit of having to write less boilerplate.

The other related issue is that from YoJson json it is, e.g. impossible to tell whether something is a list of two elements or a variant type, so if this jsoo thing is to consume that, it would need to somehow also inspect the type to distinguish these cases, which I am not sure is possible in a generic way (sounds a bit like this would require first class types or some PPX magic?)

[sim642]

Yes, but having to do this almost anywhere where we now simply do an [@@deriving to_yojson] sort of does away with the benefit of having to write less boilerplate.

Why almost everywhere? My understanding is that to_yojson deriver will just call the explicitly to_yojson function if it is defined for the type. So whichever more complicated ADT an exp is used in, it would use the same exp_to_yojson to convert it. We just have to do it once for all the CIL types that we don't want a recursively derived JSON structure for and that should be it.

My point is that having an additional represent doesn't solve that in any way. The reason most represent implementations there are so short is because they call short (with some random width), which does the work. There's no fundamental reason why you can't implement to_yojson in the same way if you really want to.

So the whole difference is whether you use YoJson's polymorphic variants or represent's polymorphic variants and they're almost identical. I simply don't see the point of reinventing the wheel if we can just adjust our to_yojson implementations to be more suitable where we don't like their current form.

The other related issue is that from YoJson json it is, e.g. impossible to tell whether something is a list of two elements or a variant type, so if this jsoo thing is to consume that, it would need to somehow also inspect the type to distinguish these cases, which I am not sure is possible in a generic way (sounds a bit like this would require first class types or some PPX magic?)

Nor is it from this represent, which just uses the in JSON equivalence just uses an object with a single key with the variant name:
master...keremc:represent-domains#diff-07d12ebad40bbdbec08af13595a6f444b4f696ec1d9304694ee6d56d5b61f389R301-R303
You could almost rename that function to_yojson and it'd do the same thing. Using YoJson for it wouldn't be adding more boilerplate compared to represent, it would just mean manually defining some to_yojson instead of doing it all via ppx. So far nobody has really cared about the JSON structure so the default derived implementations have been fine, but it might just be a good time to refine some.

---

Hell, printXml and the current HTML generator basically just have <map> and represent all of the domain structures we currently have with those for HTML display. And that has been able to clearly indicate variants using the same exact representation that the proposed represent does above (singleton map with variant name as key):

analyzer/src/domains/printable.ml

Lines 336 to 338 in 08b4336

	let printXml f = function
	| `Left x -> BatPrintf.fprintf f "<value><map>\n<key>\nLeft\n</key>\n%a</map>\n</value>\n" Base1.printXml x
	| `Right x -> BatPrintf.fprintf f "<value><map>\n<key>\nRight\n</key>\n%a</map>\n</value>\n" Base2.printXml x

So I really don't see how represent would do anything different here. Even the polymoprhic variant for it and YoJson are both called Assoc!

So it seems to me that to_yojson is the sort of thing worth keeping out of the functions I listed in the issue. Especially since it's now being reinvented as represent.

[sim642]

Also, turns out YoJson has a polymorphic variant for explicitly representing OCaml variants: https://ocaml-community.github.io/yojson/yojson/Yojson/Safe/index.html#type-t.Variant. It's just that the ppx deriver doesn't use that since YoJson probably doesn't output standard JSON for it.

But technically there's no reason we could make use of that in our overridden to_yojson definitions. Then jsoo could still manipulate the structural representation containing Variant, which are different from lists, tuples and singleton maps. And if we want to output valid JSON as text, then we can have a function which converts those Variant variants into whichever construct (two element lists or singleton maps) seems better. But that's less of a question right now, since AFAIK nothing cares about the format of actual JSON result.

[sim642]

I think this combination of pretty_f /pretty/ short was introduced to simulate overriding via module include.

There's a lot of code like this:

analyzer/src/cdomains/listDomain.ml

Lines 51 to 56 in 4feae9f

	let short w x =
	if is_bot x
	then "Empty List"
	else "List: " ^ short w x
	let pretty () x = pretty_f short () x

where short is overridden and pretty overridden to use the new short, but pretty_f isn't. This implicitly assumes that the previously included pretty_f always uses the argument function, because if it doesn't, then the output isn't overridden at all to include those custom names for lists. And roughly half of pretty_f definitions completely ignore the argument function. So this overriding mechanism seems hardly useful.

It would be more straightforward to now have the pretty_f and just override pretty via the new short right there instead, e.g.

let pretty () x = text (short 123 x)

which is very common in our codebase anyway. But it also ensures that the new output format is definitely used.

[vogler]

Late to the party, but basically I agree with all that @sim642 wrote.
IMO we should:

• not add represent since to_yojson can be used which is derived
• use [@@deriving show, to_yojson] and get rid of all the other functions - overrides are most likely only needed for imported types (see Deriving.Cil) or functors we don't want to represent
• switch from CIL's old Pretty to Format
  • CIL's implementation is probably this Obj.magic run-time repr., whereas the new OCaml format is GADT-based and thereby faster: https://ocaml.org/meetings/ocaml/2013/slides/vaugon.pdf
  • could also get rid of Tracing.mygprintf?

Maybe also switch from https://github.com/ocaml-ppx/ppx_deriving_yojson to https://github.com/janestreet/ppx_yojson_conv since it's recommended for new projects?

show also derives a formatting function for https://ocaml.org/api/Format.html:

# #require "ppx_deriving.std"
# type t = A of int | B of string [@@deriving show]
type t = A of int | B of string
val pp : Format.formatter -> t -> unit = <fun>
val show : t -> string = <fun>
# Format.printf "%a <> %a\n" pp (A 1) pp (B "two")
(A 1) <> (B "two")

The only thing that's not that great is that you have to annotate every type instead of only some root and it generating for all reachable types, but I guess that'd be hard to implement and/or slow (find all applications of a functor, generate for all possible modules in module expressions etc.).
However, having [@@deriving show, to_yojson] across the codebase is much better than the current inhomogeneous boilerplate.

[vogler]

I've thought about #31 many times, but when I looked into it, I realized we'd have to significantly refactor our build structure, because from all Dune documentation that I see, ppx derivers must be separate objects (like libraries) in Dune and since we would want them to derive some of our own type, the type we're deriving must be even another library in Dune for the deriver to depend on.

I don't get what you mean. What do you want to derive?
Is this specific to ppx_deriving and/or types?

We currently use the following:

  (preprocess
    (staged_pps ppx_import ppx_deriving.std ppx_deriving_yojson
      ppx_distr_guards ocaml-monadic))

https://github.com/vogler/ppx_distr_guards doesn't do anything on types, but it's fairly small and still works.

[michael-schwarz]

@keremc Can you try to switch the jsoo-Application from `represent` to the derived `YoJson` (adding custom `to_yojson` where needed) on a separate branch, so we can compare what that would look like? What I would want to avoid is having (too much) custom display code for different domains in the jsoo-Application because this exactly the sort of code to become outdated. If we can do without too much such code and still get reasonable things being shown to the user, I'm all for using the deriver. (My long-term vision is for this jsoo-based output to completely replace the current HTML output (and it's dependency on g2html and Java).)

[sim642]

The switch from Pretty to Format would be good maintenance, but requires lots of changes everywhere in Goblint where we output anything. So for the time being I'm not in a rush to do it, but we might leave it as a separate issue.

I tried to so some of this cleanup already and will open a draft PR. One of the thoughts I had was to first just remove the width argument from short and let it have the type t -> string, which addresses the many criticisms I had about this function. I suppose it might make sense to also rename it show then, but maybe not try to completely remove it yet. Since many pretty implementations are done recursively via short, they'd have to be rewritten to be recursively via pretty, which is also a bunch of manual work.

And if some future goal would be to make use of deriving show and Format, then keeping such show around wouldn't be too much inconvenient baggage but potentially useful for when we actually need something as a string internally, not simply for printing. Otherwise one would have to do the Format stuff into a string explicitly in those places.