Skip to content

Remove 'rewritingSharedContext' and related code. #2684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 22 commits into from
Oct 27, 2025
Merged

Remove 'rewritingSharedContext' and related code. #2684

merged 22 commits into from
Oct 27, 2025

Conversation

@brianhuffman
Copy link
Contributor

@brianhuffman brianhuffman commented Oct 7, 2025

Fixes #2676.

@sauclovian-g
Copy link
Contributor

sauclovian-g commented Oct 7, 2025

Not looking super promising :-(

@brianhuffman brianhuffman force-pushed the bh/no-rewriting-shared-context branch from 6a38e31 to 3e21b62 Compare October 13, 2025 20:17
@brianhuffman
Copy link
Contributor Author

brianhuffman commented Oct 13, 2025

I just force-pushed to 3e21b62: Instead of removing everything all at once, I'm now going to try removing a few rules at a time. I'm starting with the rules to remove coerce, since these are not (and should not be) part of the type system's convertibility relation.

@brianhuffman
Copy link
Contributor Author

brianhuffman commented Oct 14, 2025

Removing the coerce rewrites causes test_hash_table to time out; all other integration tests pass. Investigating test_hash_table has revealed multiple other problems, including #2708 and #2709.

@brianhuffman brianhuffman force-pushed the bh/no-rewriting-shared-context branch from 3e21b62 to 3f428c2 Compare October 22, 2025 23:12
@brianhuffman
Remove ident_coerce conversions from rewritingSharedContext.
3ae94ec
@brianhuffman
saw-core: Remove remove_coerce rewriter conversions.
a1fab4e 
Both of the rewriter conversions `remove_coerce` and
`remove_unsafeCoerce` were blatantly type-unsafe.
Fortunately neither was ever used.
@brianhuffman
saw-core: Remove remove_ident_coerce rewriter conversions.
7e477d3 
Neither of the conversions `remove_ident_coerce` and
`remove_ident_unsafeCoerce` needed to be a conversion:
Both of these are expressible as ordinary rewrite rules,
so we don't need either of them as conversions.
@brianhuffman
cryptol-saw-core: Add coerce_same to cryptol simpset.
32b55dc
@brianhuffman
Remove Cryptol.seq rewrites from default rewritingSharedContext.
60559c1
@brianhuffman
Update expected output for test2049.
f68409e
@brianhuffman
Update expected output for test_llvm_errors.
36d9999
@brianhuffman
Update expected output for test_sawscript_builtins.
adcb05f
@brianhuffman
saw-core: Skip extra WHNF step in SCTypeCheck.applyPiTyped.
c138999 
Such reductions can cause types on Pi binders to be rewritten,
so that they no longer match the types annotated on occurrences
of the bound variable.

This in turn can cause type checking to fail, as one of the
enforced invariants is that all 'Variable' subterms in the scope
of a lambda or Pi should have a type that matches exactly.
@brianhuffman brianhuffman force-pushed the bh/no-rewriting-shared-context branch from 4a7252f to c138999 Compare October 24, 2025 15:16
@brianhuffman brianhuffman force-pushed the bh/no-rewriting-shared-context branch from 08050c7 to 5854c65 Compare October 24, 2025 17:54
@brianhuffman
Copy link
Contributor Author

brianhuffman commented Oct 24, 2025

Removing bvConversions has caused test0001 to start timing out. (Previously it took around 8 seconds on CI.) I'll have to try to debug this.

@brianhuffman
Copy link
Contributor Author

brianhuffman commented Oct 25, 2025

Remove vecConversions has caused test_sawscript_builtins to fail. The problem is with eval_list:

sawscript> print (eval_list {{ [True, False] }})
[at 2 Bool 0b10 0,at 2 Bool 0b10 1]

The test expects it to print out [True, False].

@brianhuffman
saw-central: Add special case to 'eval_list' for array literals.
38f4aaa 
Now it will immediately return the list of elements instead of
applying the SAWCore 'at' function to the whole list. Previously
this relied on a rewritingSharedContext with vecConversions
to simplify; this is no longer necessary.
@brianhuffman
Remove natConversions from default rewritingSharedContext.
95d55df
@sauclovian-g
Copy link
Contributor

sauclovian-g commented Oct 25, 2025

Woo, it ran!

@brianhuffman
Copy link
Contributor Author

brianhuffman commented Oct 25, 2025
edited
Loading

Removing the rewritingSharedContext from buildTopLevelEnv, even with an empty simpset, seems to have broken test_yosys_compositional. This is probably because rewritingSharedContext also reduces pair and record redexes no matter what, even with no rewrite rules. I probably just need to add a call to scWhnf in one of the Yosys commands.

EDIT: It turns out scWhnf is not what we want, because it unfolds constant definitions. We at least need to evaluate record redexes.

@brianhuffman
saw-central/yosys: Reduce selectors in 'buildTheorem'.
4557435 
This is an adaptation to the removal of rewritingSharedContext,
which used to perform tuple and record reductions as terms
were built.
@brianhuffman brianhuffman force-pushed the bh/no-rewriting-shared-context branch from 01c6aa6 to 66ef819 Compare October 25, 2025 14:59
@brianhuffman brianhuffman marked this pull request as ready for review October 25, 2025 15:23
RyanGlScott
RyanGlScott reviewed Oct 25, 2025
View reviewed changes
cryptol-saw-core/src/CryptolSAWCore/Simpset.hs
case nameInfo (defName d) of
ModuleIdentifier ident -> ident `elem` excludedNames
ImportedName{} -> True
idents = ["Prelude.coerce_same", "Prelude.unsafeCoerce_same"]
Copy link
Contributor

@RyanGlScott RyanGlScott Oct 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know that cryptol_ss is already a bit ad hoc, but it is interesting that we need to specifically add identifiers from the SAWCore prelude, not cryptol-saw-core's prelude, in order to make things work. This raises a number of questions when I read it:

  • What determines which identifiers to add to cryptol_ss? The SAW user manual entry gives the impression that it contains primarily Cryptol-specific rules, but clearly there's more to it than that.
  • Would these be better suited for basic_ss than cryptol_ss? I'm not actually sure if cryptol_ss is a superset of basic_ss, however.
  • Would it be worth documenting in more detail what cryptol_ss/basic_ss contain in the SAW user manual?

Copy link
Contributor Author

@brianhuffman brianhuffman Oct 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The purpose of cryptol_ss is to be able to take a SAWCore term translated from Cryptol, and reduce it down to basic SAWCore operations and types from the SAWCore prelude. One of the things that cryptol-saw-core does is to insert coercions to handle situations where e.g. symbolic array size types are equal (according to the Cryptol type checker) but not syntactically identical. We rely on coerce_same and unsafeCoerce_same to eliminate such coercions once the size types have been instantiated and reduced to literals.

I'll add some comments to that effect.

Copy link
Contributor Author

@brianhuffman brianhuffman Oct 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See d035e7c.

otherTests/saw-core/Tests/Rewriter.hs Outdated
let sc = rewritingSharedContext sc0 ss
natType <- scNatType sc0
ss <- scSimpset sc [] eqs [] :: IO (Simpset ())
-- let sc = rewritingSharedContext sc0 ss
Copy link
Contributor

@RyanGlScott RyanGlScott Oct 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove this comment?

saw-core/src/SAWCore/SharedTerm.hs Outdated
emptyAppCache :: AppCache
emptyAppCache = emptyTFM

-- | Return term for application using existing term in cache if it is available.
Copy link
Contributor

@RyanGlScott RyanGlScott Oct 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This isn't your fault (the comment was like this before the PR), but I have a hard time parsing this sentence. I think some extra speech articles would help. Should this say something like "Return a term for an application, using an existing term in the cache if it is available"?

Copy link
Contributor Author

@brianhuffman brianhuffman Oct 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See new haddocks in a1aa91c.

@brianhuffman brianhuffman force-pushed the bh/no-rewriting-shared-context branch from 81a605e to 4bce8d3 Compare October 26, 2025 15:56
@brianhuffman brianhuffman merged commit b6ad666 into master Oct 27, 2025
37 checks passed
@brianhuffman brianhuffman deleted the bh/no-rewriting-shared-context branch October 27, 2025 12:20
This was referenced Oct 27, 2025
Merged
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RyanGlScott RyanGlScott RyanGlScott approved these changes

@sauclovian-g sauclovian-g Awaiting requested review from sauclovian-g

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

rewritingSharedContext can break type safety

4 participants

@brianhuffman @sauclovian-g @RyanGlScott