Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem with inequality of sequences #629

Closed
PBHTasche opened this issue Jul 6, 2022 · 2 comments
Closed

Problem with inequality of sequences #629

PBHTasche opened this issue Jul 6, 2022 · 2 comments
Labels
incompleteness

Comments

@PBHTasche
Copy link

PBHTasche commented Jul 6, 2022
edited
Loading

Silicon seems to not be able to prove inequality of sequences if the first elements are equal. If I first reason about the elements individually, then the reasoning about the sequences passes as well. This is similar to issue #601, but still seems to be a problem. Like with that issue, Carbon does verify the example.

// This passes
method test_seq_unequal()
{
  assert Seq(false, false) != Seq(true, true)
}

// This fails
method test_seq_semiequal()
{
  assert Seq(true, false) != Seq(true, true)
}

// This passes
method test_seq_elemwise()
{
  var s1: Seq[Bool] := Seq(true, true)
  var s2: Seq[Bool] := Seq(true, false)

  assert s1[0] != s2[0] || s1[1] != s2[1]
  assert s1 != s2
}

The Silicon version I use is Silicon 1.1-SNAPSHOT (4c705143).

Update: From what we can tell, it seems to be an issue with the axiomatisation of sequence equality, specifically the triggers in the extensional_seq_equality axiom. Accessing the unequal item in one of the sequences allows verification to pass:

// This passes
method test_seq_semiequal()
{
  var b: Bool
  b := Seq(true, false)[1]
  assert Seq(true, false) != Seq(true, true)
}
@mschwerhoff
Copy link
Contributor

I won't have time to look at this any time soon. If you can see a difference between the axiom triggers used by Carbon and Silicon, you could adjust the latter to see if this resolves the incompleteness. I would be much obliged :-)

pieter-bos pushed a commit to pieter-bos/silicon that referenced this issue Sep 15, 2022
Bring sequence axiomatization more in line with carbon to fix viperpr…
a49f768 
…oject#629

- Weakened triggers for singleton
- Placed append empty left/right in one quantifier
- Split index_over_append into left/right version, and used separate arithmetic functions
- Phrase disequality with skolem function for differing index
@marcoeilers
Copy link
Contributor

This example verifies since we integrated Carbon's sequence axiomatization into Silicon (PR #642).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
incompleteness
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mschwerhoff @marcoeilers @PBHTasche