Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unhelpful empty counterexample #2144

Open
sauclovian-g opened this issue Nov 7, 2024 · 1 comment
Open

Unhelpful empty counterexample #2144

sauclovian-g opened this issue Nov 7, 2024 · 1 comment
Labels
easy Issues that are expected to be easy to resolve and might therefore be good for new contributors topics: error-handling Issues involving the way SAW responds to an error condition topics: error-messages Issues involving the messages SAW produces on error type: bug Issues reporting bugs or unexpected/unwanted behavior usability An issue that impedes efficient understanding and use
Milestone
2024T3

Comments

@sauclovian-g
Copy link
Contributor

sauclovian-g commented Nov 7, 2024
edited
Loading

foo.rs:

static X: u32 = 1;

pub fn f() -> u32 {
   X
}

foo.saw, which is incorrect:

enable_experimental;
m <- mir_load_module "foo.linked-mir.json";

let f_spec = do {
    mir_execute_func [];
    mir_return (mir_term {{ 0 : [32] }});
};
mir_verify m "foo::f" [] false f_spec z3;

Running this produces:

[23:36:45.964] Loading file ".../foo.saw"
[23:36:45.996] Verifying foo/b6dd46cd::f[0] ...
[23:36:46.004] Simulating foo/b6dd46cd::f[0] ...
[23:36:46.006] Checking proof obligations foo/b6dd46cd::f[0] ...
[23:36:46.016] Subgoal failed: foo/b6dd46cd::f[0] Literal equality postcondition

[23:36:46.016] SolverStats {solverStatsSolvers = fromList ["SBV->Z3"], solverStatsGoalSize = 227}
[23:36:46.016] ----------Counterexample----------
[23:36:46.016] Stack trace:
"mir_verify" (.../foo.saw:8:1-8:11)
Proof failed.

which sort of tells you what went wrong (though that part could be much clearer) but also prints a 0-line counterexample that will readily confuse the user. If the counterexample is empty we should say something else, like "No counterexample, execution is unconditional".
@sauclovian-g sauclovian-g added type: bug Issues reporting bugs or unexpected/unwanted behavior easy Issues that are expected to be easy to resolve and might therefore be good for new contributors topics: error-messages Issues involving the messages SAW produces on error usability An issue that impedes efficient understanding and use topics: error-handling Issues involving the way SAW responds to an error condition labels Nov 7, 2024
@sauclovian-g sauclovian-g added this to the 2024T3 milestone Nov 7, 2024
@RyanGlScott
Copy link
Contributor

We could also be more precise: instead of saying "Literal equality postcondition", we could just say something like "Return value", since that is the specific type of postcondition involved. That make it far more obvious where to look.

Even better would be to say that the expected return value is 0, but the actual return value is 1 (see also #2051).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
easy Issues that are expected to be easy to resolve and might therefore be good for new contributors topics: error-handling Issues involving the way SAW responds to an error condition topics: error-messages Issues involving the messages SAW produces on error type: bug Issues reporting bugs or unexpected/unwanted behavior usability An issue that impedes efficient understanding and use
Projects
None yet
Milestone
2024T3
Development

No branches or pull requests
2 participants
@RyanGlScott @sauclovian-g