feat: Switch to using bv_decide to decide memory goals instead of bv_omega #197

bollu · 2024-09-26T20:11:34Z

Description:

In facing scaling issues with omega, we've taken a step back, and are considering using a SAT solver via bv_omega to discharge our memory goals. This branch will try an experiment, where we will replace the core definitions of mem_legal', mem_subset', mem_separate' to be SAT solver friendly, and will rewrite the surrounding tactics to use these theorems instead.

Testing:

What tests have been run? Did make all succeed for your changes? Was
conformance testing successful on an Aarch64 machine?

License:

By submitting this pull request, I confirm that my contribution is
made under the terms of the Apache 2.0 license.

This simproc simplifies expressions by attempting to constant fold using `omega` to make sure we never see modulos, and moves all arithmetic constants to the left. The goal is for this to be upstreamed sooner rather than later.

Co-authored-by: Alex Keizer <[email protected]>

… directly invoke `omega`

…-tactic

…c on nats I'm considering switching the `n` in `mem_legal' a n` to a `BitVec 64`, but it maybe possible to write preprocessing to write the proof state purely in terms of bitvectors; Let's first get enough to try to push `memcpy` proof through.

…g on??

…in SHA-512 case

This one is particularly interesting, since we see where bitvec theory limits us: we can't reason about the fact that the length = 80!.

…h stuff is messed up

…' that takes bitvec as argument

bollu and others added 21 commits September 26, 2024 10:12

feat: bitvector constant folding simprocs

878735e

This simproc simplifies expressions by attempting to constant fold using `omega` to make sure we never see modulos, and moves all arithmetic constants to the left. The goal is for this to be upstreamed sooner rather than later.

chore: delete bv_omega', reuse bv_omega

16301d4

chore: BitVec.le_def already has bv_toNat tag

6719e45

Apply suggestions from code review

50ee21b

Co-authored-by: Alex Keizer <[email protected]>

chore: reword docstring

22cbb4c

chore: move files around to have tests in tests/

2380071

chore: add more docstring

2c6b28d

chore: cleanup

1bef14e

chore: try to get 'simp only [bv_toNat] at *' working

0ac3b69

chore: directly invoke simp instead of using evalTactic. Next step:…

3eab45f

… directly invoke `omega`

Merge remote-tracking branch 'origin/main' into replace-simp-mem-eval…

d5dbe2b

…-tactic

chore: cleanup

b818e0c

chore: inline omega, and don't use so we can return the model back

954d0d7

chore: cleanup code around omega

f22c0f6

chore: don't enable tracing in memory aliasing tests.

4d0181a

Merge branch 'address-normalization-simproc' into simp-mem-v2

8c7edfc

chore: don't call simproc

d3bbd3c

chore: add failed experiment with address normalization timing out

e67134d

chore: nuke all old theory, and rewrite things in terms of bitvectors

3db1ded

chore: fine-tune tactic a bit

83d0e6d

bollu mentioned this pull request Sep 26, 2024

fix: handling BitVec.ofNat with Nat fvars in bv_decide leanprover/lean4#5484

Merged

bollu added 8 commits September 26, 2024 16:53

bv_decide fails mysteriously?? when used as evalTactic?? what is goin…

f2cc13c

…g on??

I'm going crazy x(

5822a39

chore: indeed bv_decide is confused.

1672dff

chore: hunt down inconsistency.

920a1c6

chore: create abstraction to bridge bitvec/nat

f0ede47

chore: get memory aliasing file working

67c25c8

chore: show how bitvector theory can fail us, and what the remedy is …

610147d

…in SHA-512 case

chore: rewrite to use bitvectors.

92d0290

This one is particularly interesting, since we see where bitvec theory limits us: we can't reason about the fact that the length = 80!.

bollu added 16 commits September 27, 2024 10:48

chore: delete axiom that was used in place of a hypothesis

5a9846b

chore: add notes in the other files

8b37715

chore: time bv_decide, 11 seconds

9e41f03

chore: fixup simp_mem some more

1014266

chore: checkpoint

31a63df

chore: be careful with withMainContext

436765c

chore: checkpoint state

c027175

chore: give up on calling bv_decide and simp programatically, too muc…

b2ce27d

…h stuff is messed up

chore: document totally bonkers popcount failure

dfb0309

chore: update memcpy proof

2a81df4

chore: start adding linters and related constructs

dcc5a95

chore: add linting to help spot weird BV expressions

fea3c6e

chore: show what's needed for popcount

966473d

chore: get SHA512Prelude working

057237e

chore: bump up toolchain 29/9/2024

301a4cd

bugfixes in pairing with @shilgoel, @alexkeizer

1a996fc

bollu force-pushed the simp-mem-v2 branch from 80e8c0d to 1a996fc Compare October 1, 2024 17:15

bollu added 13 commits October 1, 2024 12:44

chore: regenerate LRAT proofs

bbf03e7

chore: add or_self, was somehow lost?

8eecc1e

chore: fixup paths

747f9cd

chore: update SHA512_block_armv8_rules

988ca19

chore: fixup proof

65b4bb5

chore: update popcount32

f70432b

chre: fixup MemCpyVCG

b092887

chore: CSE changed

24546b6

Merge branch 'toolchain-bump-29-9-2024' into simp-mem-v2

c6c15a0

chore: clenup AddLoop

1c9b15c

chore: Henrik's fix worked

c5c7379

chore: merge conflict resolved

6deed7e

chore: write alternative for read/write_bytes called read/write_bytes…

421619e

…' that takes bitvec as argument

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Switch to using bv_decide to decide memory goals instead of bv_omega #197

feat: Switch to using bv_decide to decide memory goals instead of bv_omega #197

bollu commented Sep 26, 2024

feat: Switch to using bv_decide to decide memory goals instead of bv_omega #197

Are you sure you want to change the base?

feat: Switch to using bv_decide to decide memory goals instead of bv_omega #197

Conversation

bollu commented Sep 26, 2024

Description:

Testing:

License: