Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[compiler-v2][prover] Move prover blows up for emojicoin arena package even without any specs #15605

Open
alnoki opened this issue Dec 15, 2024 · 5 comments
Labels
bug Something isn't working

Comments

@alnoki
Copy link
Contributor

alnoki commented Dec 15, 2024

@brmataptos @fEst1ck @georgemitenkov @gregnazario @rahxephon89 @runtian-zhou @vineethk @wrwg

I originally though that maybe I had an issue with a global invariant as per econia-labs/emojicoin-dot-fun#408 (comment), however it turns out that even without any specs whatsoever the prover blows up for the given package. To reproduce:

  1. Check out this package directory at this commit
  2. Run aptos move prove --dev --move-2
  3. Observe this error, even without a single specification provided:
[INFO] preparing module 0xaaa::pseudo_randomness
[INFO] preparing module 0xaaa::emojicoin_arena
[INFO] transforming bytecode
[INFO] generating verification conditions
[INFO] 50 verification conditions
[INFO] running solver
{
  "Error": "Move Prover failed: [internal] boogie exited with compilation errors:\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32395,288): Error: cannot refer to a global variable in this context: #1_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32395,300): Error: cannot refer to a global variable in this context: #1_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32395,312): Error: cannot refer to a global variable in this context: #1_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32395,462): Error: cannot refer to a global variable in this context: #1_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32395,474): Error: cannot refer to a global variable in this context: #1_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32395,486): Error: cannot refer to a global variable in this context: #1_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32400,288): Error: cannot refer to a global variable in this context: #2_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32400,300): Error: cannot refer to a global variable in this context: #2_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32400,312): Error: cannot refer to a global variable in this context: #2_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32400,462): Error: cannot refer to a global variable in this context: #2_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32400,474): Error: cannot refer to a global variable in this context: #2_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32400,486): Error: cannot refer to a global variable in this context: #2_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32405,288): Error: cannot refer to a global variable in this context: #3_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32405,300): Error: cannot refer to a global variable in this context: #3_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32405,312): Error: cannot refer to a global variable in this context: #3_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32405,462): Error: cannot refer to a global variable in this context: #3_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32405,474): Error: cannot refer to a global variable in this context: #3_info\n/Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl(32405,486): Error: cannot refer to a global variable in this context: #3_info\n18 name resolution errors detected in /Users/yours-truly/repos/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl\n"
}
@alnoki alnoki added the bug Something isn't working label Dec 15, 2024
@wrwg
Copy link
Contributor

wrwg commented Dec 15, 2024

This might be an instance of #14205, which we thought was fixed. I can reduce this back to the use of TypeParamInfo in specification functions. This is done by aptos move prove --dev --move-2 --dump, then navigate to the boogie source which produces the error at the dumped ./boogie.bpl.

// spec fun at /Users/wrwg/.move/https___github.com_aptos-labs_aptos-core_git_mainnet/aptos-move/framework/aptos-framework/sources/coin.spec.move:148:10+559

function {:inline} $1_coin_spec_paired_metadata'#1'(#0_info: $TypeParamInfo, $1_coin_CoinConversionMap_$memory: $Memory $1_coin_CoinConversionMap): $1_option_Option'$1_object_Object'$1_fungible_asset_Metadata'' {
    ... #1_info->a, #1_info->m, #1_info->...

wrwg added a commit that referenced this issue Dec 15, 2024
When calling a generic function in a specification expression which transitively uses type reflection, the function call type instantiation wasn't correctly treated for the type info parameters. The refined test generates this situation and failed before but passes now.

Removes the boogie compilation error in #15605, but after this the example in this bug times out, even though the package does not contain any specs. I verified that all verification conditions belong to functions in this package, but this does not change this. Should be fixed in subsequent PR before closing the bug.
wrwg added a commit that referenced this issue Dec 15, 2024
When calling a generic function in a specification expression which transitively uses type reflection, the function call type instantiation wasn't correctly treated for the type info parameters. The refined test generates this situation and failed before but passes now.

Removes the boogie compilation error in #15605, but after this the example in this bug times out, even though the package does not contain any specs. I verified that all verification conditions belong to functions in this package, but this does not change this. Should be fixed in subsequent PR before closing the bug.
wrwg added a commit that referenced this issue Dec 16, 2024
…15606)

When calling a generic function in a specification expression which transitively uses type reflection, the function call type instantiation wasn't correctly treated for the type info parameters. The refined test generates this situation and failed before but passes now.

Removes the boogie compilation error in #15605, but after this the example in this bug times out, even though the package does not contain any specs. I verified that all verification conditions belong to functions in this package, but this does not change this. Should be fixed in subsequent PR before closing the bug.
@wrwg
Copy link
Contributor

wrwg commented Dec 16, 2024

I added some more tracing output to identify the functions which are actually verified and it appears we are hitting a Boogie bug. In an upcoming PR, one can see with aptos move prove -v debug --dump the following output:

[INFO] generating verification conditions
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::swap`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<aptos_coin::AptosCoin, LP0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, aptos_coin::AptosCoin, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, Coin0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, aptos_coin::AptosCoin, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, Coin0, LP0>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, Coin0, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, LP0, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, Coin1, aptos_coin::AptosCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, Coin1, Coin0>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, Coin1, LP0>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, Coin1, Coin1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP0, LP1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, Coin1, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin0, LP1, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<LP0, LP0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin1, LP0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<Coin1, LP1, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::swap`<LP1, LP0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::init_module`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::enter`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<aptos_coin::AptosCoin, LP0, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, aptos_coin::AptosCoin, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, Coin0, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, aptos_coin::AptosCoin, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, Coin0, LP0, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, Coin0, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, LP0, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, Coin1, aptos_coin::AptosCoin, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, Coin1, Coin0, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, Coin1, LP0, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, Coin1, Coin1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP0, LP1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, Coin1, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin0, LP1, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<LP0, LP0, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin1, LP0, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<Coin1, LP1, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::enter`<LP1, LP0, Coin1, LP1, EscrowCoin>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::exit`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::exit`<aptos_coin::AptosCoin, LP0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::exit`<Coin0, LP0, aptos_coin::AptosCoin, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::exit`<Coin0, LP0, Coin0, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify function instantiation `emojicoin_arena::exit`<Coin1, LP0, Coin1, LP1>
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::fund_vault`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::set_new_melee_available_rewards`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::set_new_melee_duration`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::set_new_melee_max_match_amount`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::set_new_melee_max_match_percentage`
04:41:06 [DEBUG] (26) move_prover_boogie_backend::bytecode_translator: will verify primary function `emojicoin_arena::withdraw_from_vault`
[INFO] 50 verification conditions
04:41:06 [DEBUG] (26) move_prover: writing boogie to `/Users/wrwg/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl`
[INFO] running solver
04:41:06 [DEBUG] (26) move_prover_boogie_backend::boogie_wrapper: command line: /Users/wrwg/.dotnet/tools/boogie -doModSetAnalysis -printVerifiedProceduresCount:0 -printModel:1 -enhancedErrorMessages:1 -proverOpt:O:model_validate=true -proverOpt:PROVER_PATH=/Users/wrwg/bin/z3 -useArrayAxioms -proverOpt:O:smt.QI.EAGER_THRESHOLD=100 -proverOpt:O:smt.QI.LAZY_THRESHOLD=100 -vcsCores:4 -proverOpt:O:trace=true -proverOpt:O:trace_file_name=z3.trace -proverLog:@[email protected] /Users/wrwg/emojicoin-dot-fun/src/move/emojicoin_arena/boogie.bpl
04:41:06 [DEBUG] (42) move_prover_boogie_backend::prover_task_runner: running Boogie command with seed 1

The many variants via type instantiations are a result of the provers monormphization technique. In order to prove the properties of a generic function to universally hold in the current known program, it proves it for a number of instantiations. This makes the code here explode a bit.

However, the problem is truly in boogie. After the boogie command is launched above, the process hangs, and no z3 process ever comes up, it appears.

wrwg added a commit that referenced this issue Dec 19, 2024
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
@wrwg
Copy link
Contributor

wrwg commented Dec 19, 2024

In PR #15636 benchmarking functionality is added to aptos move prove to further analyze the problem here. The output looks as in the attached graphic for two runs
prover_benchmark

Raw data:

# config: /Users/wrwg/emojicoin-dot-fun/src/move/emojicoin_arena/prover_benchmark.toml
# time  : 2024-12-19 02:16:28.008524 UTC
pseudo_randomness::next_32_bytes                               936              ok
pseudo_randomness::u256_integer                                945              ok
pseudo_randomness::u64_range                                   953              ok
emojicoin_arena::swap                                        60008         timeout
emojicoin_arena::init_module                                  2320              ok
emojicoin_arena::last_period_boundary                          941              ok
emojicoin_arena::borrow_registry_ref_checked                   945              ok
emojicoin_arena::borrow_registry_ref_mut_checked               942              ok
emojicoin_arena::crank_schedule                                939              ok
emojicoin_arena::ensure_contains                               940              ok
emojicoin_arena::ensure_not_contains                           950              ok
emojicoin_arena::enter                                       60016         timeout
emojicoin_arena::exit                                        60008         timeout
emojicoin_arena::exit_inner                                   1017              ok
emojicoin_arena::fund_vault                                   4187              ok
emojicoin_arena::get_n_registered_markets                      944              ok
emojicoin_arena::match_amount                                  945              ok
emojicoin_arena::next_melee_market_ids                         952              ok
emojicoin_arena::pseudo_random_market_id                       941              ok
emojicoin_arena::random_market_id                              931              ok

The problem isn't solved but now we have at least better indication for this and future examples what goes wrong.

wrwg added a commit that referenced this issue Dec 19, 2024
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
@rahxephon89
Copy link
Contributor

Filed an issue on boogie github repo: boogie-org/boogie#993

@wrwg
Copy link
Contributor

wrwg commented Dec 19, 2024

I now also connected verification scoping to the Aptos CLI in #15636.

Now with aptos move prove --dev --move-2 --skip-instance-check --dump --only swap, there is exactly one verification condition in the generated boogie.bpl and one verification target for boogie, and clearly, z3 is never even started, indicating its a hang in boogie.

wrwg added a commit that referenced this issue Dec 19, 2024
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
wrwg added a commit that referenced this issue Dec 19, 2024
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
wrwg added a commit that referenced this issue Dec 19, 2024
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
wrwg added a commit that referenced this issue Dec 20, 2024
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
georgemitenkov pushed a commit that referenced this issue Jan 6, 2025
…15606)

When calling a generic function in a specification expression which transitively uses type reflection, the function call type instantiation wasn't correctly treated for the type info parameters. The refined test generates this situation and failed before but passes now.

Removes the boogie compilation error in #15605, but after this the example in this bug times out, even though the package does not contain any specs. I verified that all verification conditions belong to functions in this package, but this does not change this. Should be fixed in subsequent PR before closing the bug.
georgemitenkov pushed a commit that referenced this issue Jan 6, 2025
This adds a new option `aptos move prove --benchmark` which lets verification run in the benchmark framework of the `move-prover/lab` tool. This tool verifies function by function and detects timeouts as well as measure verification time.

The result of the benchmark will be stored in `<move-package>/prover_benchmark.fun_data`. A graphic representation will be stored as well in `prover_benchmark.svg`.

The PR fixes also some other things on the way which came apparent when working on it, namely trying to identify the reasons for #15605:

- Adds new debug print for which verification targets are generated. This is reachable via `move prove -v debug`
- Reduces unnecessary verification of symmetric type instantiations `f<#1, #2>` and `f<#2, #1>`
- Adds an option `--skip-instance-check` to completely turn off verification of type instantiations.
- Removed legacy verification_analysis_v2 and global_invariant_instrumentation_v2. These are dead code since long  and confusing when trying to understand what functions are verified
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants