Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Concretization #259

Open
langston-barrett opened this issue Apr 17, 2024 · 2 comments · May be fixed by #264
Open

Concretization #259

langston-barrett opened this issue Apr 17, 2024 · 2 comments · May be fixed by #264
Assignees
Labels
enhancement New feature or request

Comments

@langston-barrett
Copy link
Contributor

langston-barrett commented Apr 17, 2024

The What4.Utils.ResolveBounds.BV.resolveSymBv function can be applied to a symbolic bitvector to (1) check if it is actually only equal to a single value or (2) get upper and lower bounds for it otherwise. There are reasonable use-cases that only require (1), which also has a much more reasonable upper bound on the number of SMT queries it issues.

Furthermore, we can probably easily generalize (1) to other base types. Here's the code:

-- First check, if the SymBV can be trivially resolved as concrete. If so,
-- this can avoid the need to call out to the solver at all.
case WI.asBV symBV of
Just bv -> pure $ BVConcrete bv
-- Otherwise, we need to consult the solver.
Nothing -> do
-- First, ask for a particular model of the SymBV...
modelForBV <- WPO.inNewFrame proc $ do
msat <- WPO.checkAndGetModel proc "resolveSymBV (check with initial assumptions)"
model <- case msat of
WSat.Unknown -> failUnknown
WSat.Unsat{} -> fail "resolveSymBV: Initial assumptions are unsatisfiable"
WSat.Sat model -> pure model
WEG.groundEval model symBV
-- ...next, check if this is the only possible model for this SymBV. We
-- do this by adding a blocking clause that assumes the SymBV is /not/
-- equal to the model we found in the previous step. If this is
-- unsatisfiable, the SymBV can only be equal to that model, so we can
-- conclude it is concrete. If it is satisfiable, on the other hand, the
-- SymBV can be multiple values, so it is truly symbolic.
isSymbolic <- WPO.inNewFrame proc $ do
block <- WI.notPred sym =<< WI.bvEq sym symBV =<< WI.bvLit sym w modelForBV
WPS.assume conn block
msat <- WPO.check proc "resolveSymBV (check under assumption that model cannot happen)"
case msat of
WSat.Unknown -> failUnknown
WSat.Sat{} -> pure True -- Truly symbolic
WSat.Unsat{} -> pure False -- Concrete

To generalize, we can replace:

  • asBV -> asConcrete
  • bvLit -> concreteToSym
  • bvEq -> isEq

In summary, it'd be nice to write a function with the signature

-- | Use an 'WPO.OnlineSolver' to attempt to resolve a 'WI.SymExpr' as concrete.
concretize ::
     forall w sym solver scope st fs
   . ( 1 PN.<= w
     , sym ~ WEB.ExprBuilder scope st fs
     , WPO.OnlineSolver solver
     )
  => sym
  -> WPO.SolverProcess scope solver
     -- ^ The online solver process to use to search for lower and upper
     --   bounds.
  -> WI.SymExpr tp
     -- ^ The expression to concretize.
  -> IO (Maybe (ConcreteVal tp))

and use it in the implementation of resolveSymBv.

@langston-barrett langston-barrett added the enhancement New feature or request label Apr 17, 2024
@RyanGlScott
Copy link
Contributor

See also the Concretize machinery in Data.Macaw.Symbolic.Concretize, which attempts to provide a more generic concretization interface akin to what you describe above as (1). (Despite living in macaw-symbolic, none of the code in that module is Macaw-specific.)

@langston-barrett langston-barrett self-assigned this Apr 17, 2024
@langston-barrett langston-barrett linked a pull request May 24, 2024 that will close this issue
@langston-barrett
Copy link
Contributor Author

See also Pate.Verification.Concretize

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants