-
Decreased type-checking time by ~50%
-
Decreased the size of generated verification plan files by 75%
-
Improved the ordering of constraints in generated query files.
- Added functions
minandmaxover rationals.
-
Removed
Explicitas a command line compilation target option as it never worked. -
Fixed bug where generated Agda files sometimes incorrectly said
Unable to read the verification cache from file.
-
Fixed spurious "Unnecessary resources provided" warning when exporting to ITPs.
-
Drastically reduced memory consumption when compiling verification queries.
-
Removed
Intfrom the VCL language as not currently needed.
-
Allow
@parameters to be used as network sizes. -
More powerful index solver:
iis now a valid index for vectors of sizen + 1 + i. -
Fixed compilation bugs when using network outputs as inputs to higher order functions.
-
More accurate error messages when the verifier is killed during verification.
-
If during verification the verifier throws an error, Vehicle will now create a reproducer automatically.
-
Added new command-line option
--verifier-argstoverifymode that allows extra arguments to be passed directly to the verifier. -
Fixed bug when reconstructing witnesses using Fourier-Motzkin elimination.
-
Fixed bug properties involving the comparison of abstract
Indexvalues would throw aSomething went wrong in query compilationerror. -
Added warnings to
compilecommand when you hit Marabou bug NeuralNetworkVerification/Marabou#670 -
Added warnings to
compilecommand when not all input variables are well-constrained.
-
In order to better follow the kebab-case conventions for command line arguments the following command-line arguments have been renamed as follows:
outputFile->outputmoduleName->module-nameverifierLocation->verifier-location
-
Fixed bug where using
forall ... inandexists ... inwould sometimes throwunification of lambdas not implementederror. -
When compiling a non-linear specification to verify queries, fixed the following bugs with the non-linearity analysis:
- The presence of type-synonyms would cause the analysis to error.
- Using a linear quantity as the denominator of a division would sometimes cause the analysis to error.
- Using a linear quantity as the denominator of a division would sometimes display an erroneous error referencing a non-existent multiplication.
-
Added warnings to
compilecommand when unneeded resources are passed. -
Added warnings to
verifycommand when properties are found to be trivial (i.e. there was no need to call a verifier). -
Added warnings to
verifycommand when properties require the mildly unsound conversion of strict to non-strict inequalities.
-
Fixed bug in display of progress bar when verification counter-example found.
-
Fixed bug where
forall ... inandexists ... indidn't evaluate properly during verification (introduced in v0.9.0). -
Improved precision of constants in the verifier queries generated.
-
Removed the notion of a distinct notion of a "proof cache". Instead, the folder of verification queries generated by Vehicle serves as the proof cache. As part of this, the
--proofCacheargument for the command-line modesexportandverifyhas been renamed--cache. -
After performing verification, Vehicle now writes out the witnesses and counter-examples found by the verifier to
.idxformat files within the verification cache. -
Exposed
verifymode functionality in Python via theverifyfunction in thevehicle_langmodule (however, counter-examples are not yet provided.) -
Loss functions no longer generated via the
to_pythonfunction fromvehicle_lang.compilemodule, but instead can be created via theload_loss_functionfunction from thevehicle_langfile. -
Fixed bug where Vehicle would run out of memory when compiling a specification with many individual sub-properties (e.g. robustness).
-
Fixed bug in
verifymode where disjunctions in properties without top-level quantifiers were being incorrectly translated. -
Fixed bug in
verifymode where incorrect equations were generated if quantified variables had non-unit coefficients when expressed in terms of network inputs.
-
Fix various bugs in the loss function backend.
-
Expose
LOSS_VEHICLElogic in the tensorflow loss function bindings. -
When calling loss functions, no longer need to have individual
()call for each argument. Instead can use named arguments, e.g. for mnist spec:lossFn( n=1, classifier=classifier, epsilon=0.001, trainingImages=(ZEROES_28X28,), trainingLabels=(0,), )
- Undocumented release of tensorflow loss function bindings.
-
Shadowing of declaration names by local variables is no longer allowed.
-
Added JSON backend target to command-line interface
-
Fixed bug when compiling to verification queries where
ifstatements that when lifted reduced to trivial assertions were causing a crash. -
Fixed bug when compiling to verification queries where the error "Could not eliminate variable X" was occasionally thrown.
-
Fixed bug where reconstructing counter-examples from Marabou would sometimes crash.
-
Improved command-line output from the
vehicle verifycommand. -
Added warnings when quantified variables aren't related by equalities to network input and outputs.
- Asymptotically significant speedup when compiling specifications with very large
tensors in them and a corresponding reduction in size of the
.vcl-planfiles being generated.
- Fixed bug where disjunctions were being evaluated incorrectly.
-
The
compileAndVerifycommand has been merged into theverifycommand. If thespecificationargument for theverifycommand is a folder containing a.vclpfile then the behaviour remains identical to theverifycommand of the previous version. If it points to.vclfile then the behaviour is that of the removedcompileAndVerifycommand. -
The names of the loss function values for the
verifycommand'stargetargument have changed from the formatLossFunction-Xto the formatXLoss, e.g.LossFunction-GodeltoGodelLoss.
-
Fixed bug where
vehicle compile --helpgave the wrong list of available values for thetargetargument. -
Fixed bug where sometimes using literal numbers on one side of an inequality would fail to type-check (e.g.
forall (i : Index 5) . i <= 1). -
Fixed issue where compiling an expression with an
ifin to Marabou would fail if one of the branches was trivial.
-
Improved informativeness of error messages thrown when attempting to verify properties with multiple network applications.
-
Improved error reporting when Marabou is automatically terminated by the OS (e.g. runs out of memory)
-
The verification plan files generated by
vehicle compile -t MarabouQueriescommand have been changed fromverificationPlan.vcleto the more readable.vcl-plan. -
The proof cache files generated by
vehicle verifycommand have been changed fromX.vclpto the more readable.vcl-cache.
-
The command
vehicle verifynow requires you to point at the folder generated by the previousvehicle compilecommand, rather than the verification plan file within it, and therefore the parameter--verificationPlanhas been changed to--queryFolder.i.e. an old command
vehicle verify --verificationPlan=my/project/queries/verificationPlan.vclenow becomesvehicle verify --queryFolder=my/project/queries.
- Added additional overload for division operator
/. Dividing twoNats together now results in aRat.
-
Fixed erroneous error message generated when giving inferable parameters an unsupported type.
-
Fixed erroneous evaluation of when dividing two rationals together.
-
Fixed bug where the compiler would sometimes hang when reading
.vclofiles created with an older version of Vehicle.
-
Added support for building Vehicle with GHC 8.10, 9.2 and 9.4.
-
Vehicle now generates interface files with the
.vcloextension that cache the results of type-checking. If the interface file exists and the hash matches then it won't re-type check the original file. -
Drastically improved the performance of type-checking (e.g. AcasXu down from 20 seconds to 0.5 seconds).
-
Drastically improved the performance of compilation to Marabou (e.g. mnist-robustness now takes 1.5 seconds per image as opposed to ~50 years!).
-
Logs now print out in real-time instead of at the end of compilation.
-
Improved error messages which involve type declarations. The messages now display both the original and the expanded form of the type.
-
After verification, witnesses returned by the verifier are now translated and printed out.
-
Decoupled the compilation and verification of verifier queries in the command-line interface. The
compilecommand will now generate averificationPlanfile that stores all the state needed to reconstruct the truth value of the original property from the query results. Theverifycommand now has been altered to now take in theverificationPlanfile and run it. The old behaviour of theverifycommand which performed both compilation and verification has been retained in the newcompileAndVerifycommand. -
The existing
checkcommand has been renamedvalidate. -
The new
checkcommand now type-checks the specification. -
The verify command now prints out progress to the command line.
-
Removed the
--redirect-outputand--redirect-errorcommand line options from all modes. This functionality can be replicated via pipes.
- Added
Typeto the frontend language for the type of types.
-
Fixed parsing error where unbound type arguments were being generalised over in the opposite order that they occur.
-
Fixed parsing error when partially applying
maporfold. -
Fixed typing error for
map. -
Fixed typing error for higher-order function arguments without explicit annotations.
-
Fixed typing error for let-bound expressions at the top-level scope of a declaration.
-
Fixed problem with properties with no infinite quantifiers getting incorrectly negated when compiling to Marabou queries.
-
Fixed problem where properties with
forall .. inand ``exists .. in` were causing compilation to Marabou to get stuck.
Initial alpha release for testing.