-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
:safe is not safe #1044
Comments
Here's the place in source code where the failed pattern match is happening: cryptol/src/Cryptol/Symbolic/SBV.hs Lines 420 to 427 in 70442e4
Basically what's going on here is that in the SBV query, the quantified variables in the Cryptol predicate may have been split up into a larger number of SBV variables with simpler types. SBV returns a counterexample in the form of a list of values with simple types, and then Usually this parsing process completes with nothing leftover. But it looks like if you use cryptol/src/Cryptol/Backend/SBV.hs Lines 393 to 401 in 70442e4
The extra junk in the counterexample is probably the values for these variables that were introduced for the result of recip . I modified Cryptol to print out the full list of leftover values if the list is non-null; in your example the extra value is the integer 1 . I also found that for each additional occurrence of recip you add to the proposition, you get one additional value in that list.
|
Looks like the same issue as #986 I thought that was related to records, but it seems clear that it is actually related to finite field inverses. I'll see what we can do to fix the counterexample parsing code. |
Fixed via #1067 |
Using SBV-backed
:safe
(and:prove
) on an unsafe term containingrecip
will crash:What4 catches the division by 0, though:
The text was updated successfully, but these errors were encountered: