Skip to content
/ ivy-to-mypyvy Public

Convert an Ivy liveness problem to a mypyvy input file

License

MIT license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tchajed/ivy-to-mypyvy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

122 Commits
.github/workflows
.github/workflows
 
 
scripts
scripts
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Ivy to mypyvy

CI

Convert an Ivy transition system (after its liveness-to-safety reduction) to a mypyvy input file, as a first step towards applying invariant inference.

Usage

To get an input file suitable for ivy-to-mypyvy, run ivy_check l2s_debug=true mutex.ivy > l2s.out.

Run with cargo run -- l2s.out. Currently for the mutex and better_mutex examples the required cleanup is the following:

cargo run -- tests/mutex.l2s.out | sed -e 's/\?/thread/g' -e '2aimmutable constant t0: thread' > mutex.pyv
cargo run -- tests/better_mutex.l2s.out | sed -e 's/\?/thread/g' -e '2aimmutable constant t0: thread' > better_mutex.pyv

For ticket.ivy, we start with the example in the Ivy repo, then manually simplify it (removing fancy Ivy features) to ticket.ivy. There is still some manual work which is more involved than above, so it's wrapped up in a script: Run ./scripts/ticket.sh > ticket.pyv to generate that file.

The ticket example is tricky to support because in Ivy it uses actions with return values, and after manually implementing that it's still tricky because the liveness-to-safety reduction uses relations l2s_d and l2s_a over arbitrary values rather than values from just one of the two sorts (thread and ticket). In the other examples there's only one sort so this isn't an issue.

You can then verify the liveness property using the hand-written invariants, for example:

mypyvy verify mutex.pyv
mypyvy verify better_mutex.pyv
mypyvy verify ticket.pyv

(I have an alias for mypyvy, without that you'd pass the path to mypyvy.sh.)

For debugging purposes, cargo run -- --ivy tests/mutex.l2s.out will parse and then print back the Ivy input.

Development notes

We use cargo-insta for snapshot testing, which records the expected output in a file. This helps monitor changes in the output while automatically managing the output.

Install with cargo install cargo-insta and then run cargo insta test --review, which will prompt to accept changes if the output has changed. The tests still run as usual with cargo test.

The Ivy grammar is written using rust-peg as an embedded DSL in ivy_l2s.rs. The grammar is a PEG grammar. PEGs are pretty cool. You can debug the parser using pegviz; after installing the pegviz tool, run cargo run --release --features trace -- tests/l2s.out | pegviz --output pegviz.html and then look at the generated pegviz.html file. On the Rust side this just traces the grammar, and then outside the trace is visualized into a parse trace.

About

Convert an Ivy liveness problem to a mypyvy input file

Topics

verification liveness

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

1 fork
Report repository

Languages