Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix Cryptol to SAW newtype translation #1597

Merged
merged 8 commits into from
Apr 15, 2022
Merged

Conversation

pnwamk
Copy link
Contributor

@pnwamk pnwamk commented Feb 23, 2022

Initial attempt to fix translation of Cryptol newtypes to SAW (e.g., see #1494).

Essentially, as we are translating Cryptol to SAW, for each newtype Foo = { bar : Bar }, we add a binding for Foo in the SAW term environment to an identity function of type { bar : Bar } -> { bar : Bar }, and when we're comparing types for equality we throw away the newtype wrapper just as we do for user-defined type aliases (see helper here).

Should we test this more? Are there some examples already using newtypes we can throw in CI somewhere?

Main technical component I'm still not sure about is what (if anything) to do with a Cryptol Newtype's ntConstraints (i.e., this note). The reference interpreter doesn't do anything with them (which makes sense to me in that context)... but should we do something here?

@pnwamk pnwamk requested a review from robdockins February 23, 2022 00:19
@robdockins
Copy link
Contributor

robdockins commented Feb 23, 2022

First thought: I don't think we should discard TNewtype the same way as for type aliases. That might cause the SAW translation to select typeclass instances for newtypes when it shouldn't. Did you find it necessary to do that on your test cases?

EDIT: looking closer, I see this is in a different context than I was originally thinking, so maybe this is OK actually.

@robdockins
Copy link
Contributor

I do think we should have a few more involved tests here, to make sure the infrastructure actually works all the way through proofs.

@pnwamk
Copy link
Contributor Author

pnwamk commented Feb 23, 2022

First thought: I don't think we should discard TNewtype the same way as for type aliases. That might cause the SAW translation to select typeclass instances for newtypes when it shouldn't.

Ah, right. That does seem potentially important.

Did you find it necessary to do that on your test cases?

Without the code that drops the TNewtype the little example program I had raised the following panic:

%< --------------------------------------------------- 
  Revision:  81287fb74cbdac3bb3f75b984f1125deb3055e64
  Branch:    master
  Location:  proveEq
  Message:   Internal type error:
             {myT1 : {value : [2]}}
             Main::MyNewT2
CallStack (from HasCallStack):
  panic, called at src/Verifier/SAW/Cryptol/Panic.hs:13:9 in cryptol-saw-core-0.1-inplace:Verifier.SAW.Cryptol.Panic
  panic, called at src/Verifier/SAW/Cryptol.hs:1476:9 in cryptol-saw-core-0.1-inplace:Verifier.SAW.Cryptol
%< --------------------------------------------------- 

This made me think if we only create these "identity constructors" for newtypes that take and return the underlying record, we're going to end up with code that expects the newtype but now instead has the underlying record type. Getting rid of the newtypes seemed like one way to avoid that... but perhaps there are others that allow us to still have custom typeclass instances? (Do we need to generate a trivial inductive type or similar for newtypes? That would mean we're not using those identity functions, though...)

@robdockins
Copy link
Contributor

In the particular context of proveEq, I think you've done the right thing to unfold the newtypes. I was under the mistaken impression that was to do with selecting Eq typeclass instances, but it is actually about constructing equality coersions. In that context, it makes sense to look through the newtype definition.

Andrew Kent added 3 commits March 11, 2022 13:24
Per robdockins: I think we can safely ignore the ntConstraints here.
They arise from the "well formed" side conditions on types mentioned
in the newtype fields.
@pnwamk pnwamk force-pushed the fix-newtype-translation branch from 30b8a46 to c94fd5b Compare March 17, 2022 23:01
@pnwamk pnwamk marked this pull request as ready for review March 17, 2022 23:02
@pnwamk
Copy link
Contributor Author

pnwamk commented Mar 17, 2022

@robdockins added an integration tests that imports and proves some basic properties about newtype-related functions, deleted the unwanted comment on constraints that was not relevant. If we have some additional tests in mind or specs using newtypes we want to import as well let me know and I'll see what I can do =)

@robdockins robdockins self-assigned this Apr 14, 2022
@robdockins robdockins added the PR: ready to merge Magic flag for pull requests to ask Mergify to merge given an approval and a successful CI run label Apr 15, 2022
@mergify mergify bot merged commit c08a5ea into master Apr 15, 2022
@mergify mergify bot deleted the fix-newtype-translation branch April 15, 2022 19:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
PR: ready to merge Magic flag for pull requests to ask Mergify to merge given an approval and a successful CI run
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants