EasyCrypt Circuit Based Reasoning Extension #752
Conversation
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
3 times, most recently
from
1b12249 to
66efdd7
Compare
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
from
fdefb72 to
7ec289f
Compare
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
2 times, most recently
from
aef3a2b to
01f21ac
Compare
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
from
58c193f to
433cbb4
Compare
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
3 times, most recently
from
d7c187a to
f433cb0
Compare
Gustavo2622
changed the title
Gustavo2622
changed the title
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
from
8288caf to
57a2e2b
Compare
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
from
5b0ce21 to
d299f15
Compare
Gustavo2622
force-pushed
the
bdep_ecCircuitsRefactor
branch
from
a828b25 to
bada5a0
Compare
| "why3" {>= "1.8.0" & < "1.9"} | ||
| "ppx_deriving" | ||
| "ppx_deriving_yojson" | ||
| "hex" |
There was a problem hiding this comment.
Do we really need these 4 last dependencies?
There was a problem hiding this comment.
Both ppx_derivings were for the printing of spec language ASTs, we can add a custom printing method to replace it. Hex was for the parsing of hexadecimal integers in the spec language, so that one seems wise to keep instead of rolling our own
| @@ -1,4 +1,9 @@ | |||
| (dirs 3rdparty src etc theories examples assets scripts) | |||
| (env | |||
There was a problem hiding this comment.
Move the OCaml flags from src so that we use the same flags everywhere.
| [test-examples] | ||
| okdirs = !examples | ||
| exclude = examples/MEE-CBC examples/old examples/old/list-ddh !examples/incomplete examples/to-port | ||
| exclude = examples/MEE-CBC examples/exclude examples/old examples/old/list-ddh !examples/incomplete examples/to-port |
There was a problem hiding this comment.
What the point of adding examples that are directly excluded?
There was a problem hiding this comment.
No point, that line was changed in a commit that was removing examples dependent on JWord, so ideally we remove both
| @@ -4,22 +4,23 @@ | |||
|
|
|||
There was a problem hiding this comment.
Why this file is modified at all?
There was a problem hiding this comment.
These are change I made locally to make it actually work, it should not be part of this PR (but it is rather useful, so we can think about if we want to propagate some version of them)
src/ecCircuits.ml
Outdated
| in | ||
| doit {level = 0; subst = EcSubst.empty} f | ||
|
|
||
| (* FIXME: Check that this does not incur false positives *) |
| val f_pr : memory -> xpath -> form -> ss_inv -> form | ||
|
|
||
| (* FIXME: Check this V *) | ||
| (* FIXME CIRCUIT PR: do we want to keep this? *) |
| val ty_chunk : ty -> ty | ||
| val ty_all : ty -> ty | ||
|
|
||
| (* FIXME CIRCUIT PR: if keeping, maybe change names *) |
| ; size : binding_size | ||
| ; theory : EcPath.path } | ||
|
|
||
| type bv_opkind = [ |
There was a problem hiding this comment.
Should we use a non-variant-polymorphic datatype?
There was a problem hiding this comment.
Non-polymorphic variant?
| sp_params : int * (EcIdent.t * module_type) list; | ||
| } | ||
|
|
||
|
|
There was a problem hiding this comment.
This file as a lot of modifications that are not related to bdep. Problem with merge?
There was a problem hiding this comment.
Might be, but there was a reordering of the file contents needed by bdep, so that might be confusing the diff (or might have confused the merge algo)
| FApi.t_try (process1_core ttenv t) tc | ||
|
|
||
| (* -------------------------------------------------------------------- *) | ||
| (* FIXME: Maybe move the extens tactic to this file as well? *) |
There was a problem hiding this comment.
Was creating a dependency loop when I first tried to put it there, but might have been because of some debugging instructions, we can move before the merge
| EcEnv.notify ~immediate:true env `Info "[W] %s, took %f s@." msg (new_t -. t); | ||
| new_t | ||
|
|
||
| (* FIXME: move? V *) |
There was a problem hiding this comment.
Do we want this here or should it be moved?
| end | ||
|
|
||
| let t_bdep_simplify (tc: tcenv1) = | ||
| let time (env: env) (t: float) (msg: string) : float = |
There was a problem hiding this comment.
Do we want to keep this timing information?
| Why3.Hashcons.combine (doit st tp) i | ||
| | FhoareF _hF -> | ||
| assert false | ||
| (* FIXME: do we want this case and the one below? |
There was a problem hiding this comment.
Do we want to handle this?
| end | ||
| | Fapp (f, fs) -> | ||
| (* TODO: Maybe add cache statistics? *) | ||
| (* TODO: Maybe cache all forms *) |
There was a problem hiding this comment.
Do we want to cache all forms or just function applications?
| end | ||
|
|
||
| | Fquant (qnt, binds, f) -> | ||
| (* FIXME Does this type conversion make sense? *) |
There was a problem hiding this comment.
Is this okay? (using gty_as_ty here)
| | Lforall | ||
| | Llambda -> circ_lambda_oneshot st binds (fun st -> doit st f) (* FIXME: look at this interaction *) | ||
| | Lexists -> circ_error (CantConvertToCirc (`Quantif qnt)) | ||
| (* FIXME: Do we want to handle existentials? *) |
There was a problem hiding this comment.
Do we want to do the usual Exists f => not Forall not f conversion here or just not handle it?
| | Fpvar (pv, mem) -> | ||
| let v = match pv with | ||
| | PVloc v -> v | ||
| (* FIXME: Should globals be supported? *) |
There was a problem hiding this comment.
Do we want to support globals for this merge?
| | FequivS _ | ||
| | FeagerF _ | ||
| | Fpr _ -> circ_error (CantConvertToCirc `Hoare) | ||
| (* FIXME: do we want to allow conversion of hoare statements? |
There was a problem hiding this comment.
Do we want to be able to generate a circuit from these things?
| false | ||
| end | ||
|
|
||
| (* FIXME: add support for spec bindings for abstract/opaque operators |
There was a problem hiding this comment.
Not used currently, but do we want this for the merge? Should not be too hard to do
| | CircError e -> | ||
| propagate_circ_error (`Instr inst) e | ||
|
|
||
| (* FIXME: check if memory is the right one in calls to state *) |
There was a problem hiding this comment.
This is assuming a single memory for both sets of instructions, is this what we want?
|
|
||
| let st1 = close_circ_lambda st1 in | ||
| let st2 = close_circ_lambda st2 in | ||
| (* FIXME: what was the intended behaviour for keep? *) |
| circ_equiv circ1 circ2 | ||
| ) | ||
|
|
||
| (* FIXME: change memory -> memenv Why? *) |
There was a problem hiding this comment.
Not needed, remove this (the comment)
| in check f | ||
|
|
||
|
|
||
| (* Mli stuff needed: *) |
There was a problem hiding this comment.
Redo these exports
| EcEnv.notify env `Debug "Assigning %a to %a@." EcPrinting.(pp_form ppe) f EcIdent.pp_ident id; | ||
| begin try | ||
| update_state st id (circuit_of_form st hyps f) | ||
| (* FIXME PR: Should only catch circuit translation errors, hack *) |
There was a problem hiding this comment.
This is fixed, remove the comment
| EcEnv.notify env `Debug "Failed to translate hypothesis for var %s with error %a, skipping@." (tostring_internal id) (pp_circ_error ppe) e; | ||
| try | ||
| open_circ_lambda st [(id, ctype_of_ty env t)] | ||
| (* FIXME PR: Should only catch circuit translation errors, hack *) |
There was a problem hiding this comment.
Fixed, remove the comment
| | {f_node=Fapp ({f_node = Fop (p, _); _}, [fv; {f_node = Fpvar (PVloc pv, m); _}])} when EcFol.op_kind p = Some `Eq -> | ||
| begin try | ||
| update_state_pv st m pv (circuit_of_form st hyps fv) | ||
| (* FIXME PR: Should only catch circuit translation errors, hack *) |
There was a problem hiding this comment.
Fixed, remove the comment
2 participants
Adds circuit based reasoning to EasyCrypt in the form of a module for converting EC constructs into circuits and reasoning over said circuits.
Adds various tactics to use the added functionality in proofs.
Depends on external SMT solver BitWutzla and on external circuit library Lospecs.