Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable Boogie variables to be monotonic #951

Closed
wants to merge 7 commits into from
Closed

Enable Boogie variables to be monotonic #951

wants to merge 7 commits into from

Conversation

keyboardDrummer
Copy link
Collaborator

@keyboardDrummer keyboardDrummer commented Sep 23, 2024
edited
Loading

Changes

Add the following field to Variable:

    /// <summary>
    /// Prevents this variable from being havoc'd. Useful in situation where havoc commands are generated,
    /// such as after WhileCmds
    ///
    /// One use-case is the definite assignment tracking variables in Dafny, that only go from false to true,
    /// And can return an error if they're still false at the wrong point.
    /// </summary>
    public bool Monotonic { get; set;  }

Testing

Added a CLI test

@keyboardDrummer keyboardDrummer enabled auto-merge (squash) September 23, 2024 15:39
@shazqadeer
Copy link
Contributor

I didn't quite understand this feature. Could you provide more background on the Dafny feature motivating this change? Perhaps provide a concrete Dafny example.

@shazqadeer shazqadeer self-requested a review September 23, 2024 19:12
@keyboardDrummer
Copy link
Collaborator Author

keyboardDrummer commented Sep 24, 2024
edited
Loading

I didn't quite understand this feature. Could you provide more background on the Dafny feature motivating this change? Perhaps provide a concrete Dafny example.

Dafny has assignment tracking variables. Whenever a variable is assigned, it's associated tracking variable is set to true. Whenever a variable is used, we assert that its tracking variable is true. When a loop modifies a variable, then its associated tracking variable is set to true inside the loop, making Boogie consider this tracking variable one of the loop targets, and havoc'ing it after the loop. If the tracking variable was already set to true before the loop, this information is lost.

To counteract that information loss, Dafny will, before the loop, assign the values of tracking variables (all of them, since it does not know what the loop targets are) to temporary storage variables, and after the loop assume tempStorage_i ==> trackingVariable_i. This trick works but introduces unnecessary SMT, and requires unnecessary bookkeeping on the Dafny side. Code is here: https://github.com/dafny-lang/dafny/blob/0597aba89a5ca027fcb148bbbaa7048d863f60ca/Source/DafnyCore/Verifier/BoogieGenerator.TrStatement.cs#L1391

With the change in this PR, Dafny can mark all tracking variables as monotonic, so that they won't be havoc'ed by loops, and then it doesn't need the above mechanism. However, I can't think of any other use-cases than what Dafny does. It only works because Dafny only ever asserts that tracking variables are true, so the effect of the solver knowing a tracking variable is false, versus it not knowing the value, is the same: both give an assertion error.

@keyboardDrummer
Copy link
Collaborator Author

Closing since I felt this was too much of a hack

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MikaelMayer MikaelMayer Awaiting requested review from MikaelMayer

@shazqadeer shazqadeer Awaiting requested review from shazqadeer

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@keyboardDrummer @shazqadeer