Simple Stubbing with Contracts

[JustusAdam]

Description of changes:

Expands the contract features introduced in #2655 by completing the checking with stubbing/replacement capabilities.

Resolved issues:

Resolves #2621

Related RFC: 0009 Function Contracts

Tracking issue: #2652

Optional #ISSUE-NUMBER.

Call-outs:

This makes the internal state machine in the macro expansion more explicit. Previously it was a single, long function it is now a struct and an enum that hold the state and the generation is split into multiple methods on those. While technically a refactoring change to some degree it really only made sense to do this now, as now there are two dimensions along which the macro codegen operates.

1. Type of attribute (requires/ensures). This one was present before also.
2. Type of generated function (checking/replacement). This is new.

Testing:

• How is this change tested? New expected test cases

• Is this a refactor change? No

Checklist

• Each commit message has a non-empty body, explaining why the change was made
• Methods or procedures are documented
• Regression or unit tests are included, or existing tests cover the modified code
• My PR is restricted to a single feature or bugfix

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.

[celinval]

It looks good so far! I still need to review the proc_macro logic.

[JustusAdam]

I've made a bit of a major change and added a "module-level" contract documentation as kani::contracts that provides a general overview and a central place for information about contracts and also how the various attributes interact.

I would appreciate any feedback you ahve on this new "module-level" documentation. I think at this point it doesn't have to be perfect as it will expand with future contract PRs anyway but whether it's good in broad strokes. Also if you have the time, download it and build the docs for the kani library and let me know if it works.

This now offers also the possibility of grouping all contract attributes in this module. I haven't done that here, I just reexport them, but I could if people want.

[celinval]

I'm impressed with all this macro magic. Thanks!

[celinval]

Amazing! Thanks @JustusAdam

[JustusAdam]

Resolving the last conversation (the obscure paragraph) was quite tricky and lead to a major expansion in the docs. You may want to give them a read and see if they make sense @celinval and also it now has the diagram you wanted @feliperodri.

You may want to read the rendered version which you can get with cargo rustdoc -p kani_macros -- --cfg kani --document-private-items

[feliperodri]

Thank you, Justus! Only small nitpicks (feel free to merge) and the state machine looks very clear!