Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Command-line flag to change model target or environment #2402

Open
DianaNites opened this issue Apr 23, 2023 · 2 comments
Open

Command-line flag to change model target or environment #2402

DianaNites opened this issue Apr 23, 2023 · 2 comments
Assignees
@adpaco-aws
Labels
[C] Feature / Enhancement A new feature request or enhancement to an existing feature. T-User Tag user issues / requests

Comments

@DianaNites
Copy link

DianaNites commented Apr 23, 2023
edited
Loading

Requested feature: Command-line flag to change model target or environment

Use case: Proving certain errors don't happen on non-host targets

I have code that does some operations done that I believe could overflow, but only with a 16-bit usize. I wish to support this case, and use kani to check whether it does occur, and when I expect it to. The covered condition is reported UNREACHABLE on my 64-bit host, as expected.

Link to relevant documentation (Rust reference, Nomicon, RFC):
@DianaNites DianaNites added the [C] Feature / Enhancement A new feature request or enhancement to an existing feature. label Apr 23, 2023
@zhassan-aws zhassan-aws added the T-User Tag user issues / requests label Apr 23, 2023
@jswrenn
Copy link
Contributor

jswrenn commented Sep 19, 2023

Our use-cases:

Verifying Endian-Dependent Code

The zerocopy crate provides byte-order aware abstractions over the numeric types. Kani is used to prove that these abstractions are correct on little endian targets. With this feature, Kani could be used to verify that these abstractions are also correct for big endian targets.

Verify Complex Harnesses By Reducing Pointer Width

The zerocopy crate hopes to expand its use of Kani to verify the correctness of critical routines that operate over usizes. Unfortunately, the most natural ways to express proofs for these routines encounters catastrophically bad verification performance. However, these harnesses complete in reasonable time when usize is replaced with u16. Unfortunately, cannot make the routine-under-verification generic over numeric type (because these are const functions, and such functions cannot have bounded generics) --- we would need to duplicate-and-modify the routine-under-verification.

If Kani permitted verification on alternative targets, we could leave our routine and harness as-is, and merely run verification using a target with reduced pointer size.

@jswrenn jswrenn mentioned this issue Sep 19, 2023
Open
@rahulku
Copy link
Contributor

rahulku commented Sep 22, 2023

We need to update our documentation for supported architectures.
Please see https://model-checking.github.io/kani/install-guide.html for a list of supported architectures.

@jswrenn jswrenn mentioned this issue Sep 26, 2023
Draft
@adpaco-aws adpaco-aws mentioned this issue Oct 4, 2023
Closed
@zhassan-aws zhassan-aws mentioned this issue Nov 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adpaco-aws adpaco-aws

Labels
[C] Feature / Enhancement A new feature request or enhancement to an existing feature. T-User Tag user issues / requests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jswrenn @DianaNites @rahulku @adpaco-aws @zhassan-aws