Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

powif64 intrinsic is not currently supported by Kani #2763

Closed
acgetchell opened this issue Sep 14, 2023 · 8 comments · Fixed by #2999
Closed

powif64 intrinsic is not currently supported by Kani #2763

acgetchell opened this issue Sep 14, 2023 · 8 comments · Fixed by #2999
Labels
[C] Feature / Enhancement A new feature request or enhancement to an existing feature. T-CBMC Issue related to an existing CBMC issue T-User Tag user issues / requests

Comments

@acgetchell
Copy link

Requested feature:

Support powif64.

Use case:

https://github.com/acgetchell/cdt-rs/blob/main/src/lib.rs#L161

Test case:

https://github.com/acgetchell/cdt-rs/actions/runs/6180157100/job/16776172095#step:3:4374
@acgetchell acgetchell added the [C] Feature / Enhancement A new feature request or enhancement to an existing feature. label Sep 14, 2023
@zhassan-aws zhassan-aws added the T-User Tag user issues / requests label Sep 14, 2023
@zhassan-aws
Copy link
Contributor

Thanks @acgetchell for the feature request.

@adpaco-aws I see that the support for powif64 was removed in #1081 because it was unaudited. Are you aware of any missing checks for it that need to be instrumented?

@adpaco-aws
Copy link
Contributor

No, I'm not aware of any checks. I believe that testing correctness, and maybe check what's the output for NaN values, would suffice to add it back.

@zhassan-aws
Copy link
Contributor

It seems that CBMC is missing the power functions, e.g.

#include <stdio.h>
#include <math.h>

int main() {
    double a, b, c;

    a = 1.0;
    b = 1.0;
    c = pow(a, b);
    printf("%f\n", c);

    return 0;
}

$ goto-cc pow.c
$ goto-instrument --add-library ./a.out ./b.out
$ cbmc b.out
Starting Bounded Model Checking
**** WARNING: no body for function pow

@tautschnig are these not supported in CBMC?

I tried __builtin_pow, but these didn't work either.

@tautschnig
Copy link
Member

Yes, CBMC does not ship library models for these: it’s not obvious how to come up with an implementation that works without doing a series of multiplications. Doing those would likely have prohibitive cost.

@zhassan-aws zhassan-aws added the T-CBMC Issue related to an existing CBMC issue label Sep 18, 2023
@zhassan-aws
Copy link
Contributor

I see. Would it make sense to use an over-approximating model that bails out and returns non-det in some cases (e.g. similar to sqrt)?

@acgetchell as far as I could see, the code only uses powi(2):

https://github.com/acgetchell/cdt-rs/blob/main/src/triangulation.rs#L32
?

If this is the case, a workaround would be to replace the powi with a multiplication operation.

@tautschnig
Copy link
Member

Yes, CBMC does not ship library models for these: it’s not obvious how to come up with an implementation that works without doing a series of multiplications. Doing those would likely have prohibitive cost.

It seems there actually are efficient approximations, though we'd have to be careful how we could argue soundness. See https://schraudolph.org/pubs/Schraudolph99.pdf and https://martin.ankerl.com/2007/10/04/optimized-pow-approximation-for-java-and-c-c/.

@tautschnig
Copy link
Member

Yes, CBMC does not ship library models for these: it’s not obvious how to come up with an implementation that works without doing a series of multiplications. Doing those would likely have prohibitive cost.

It seems there actually are efficient approximations, though we'd have to be careful how we could argue soundness. See https://schraudolph.org/pubs/Schraudolph99.pdf and https://martin.ankerl.com/2007/10/04/optimized-pow-approximation-for-java-and-c-c/.

diffblue/cbmc#7906 proposes to add these approximations to CBMC.

@zhassan-aws
Copy link
Contributor

Nice, thanks!

@zhassan-aws zhassan-aws mentioned this issue Jan 3, 2024
Closed
tautschnig added a commit to tautschnig/kani that referenced this issue Feb 6, 2024
@tautschnig
Enable powf*, exp*, sqrt* intrinsics
f6af818 
CBMC provides approximating implementations of these.

Resolves: model-checking#2763, model-checking#2966
@tautschnig tautschnig mentioned this issue Feb 6, 2024
Merged
tautschnig added a commit to tautschnig/kani that referenced this issue Feb 7, 2024
@tautschnig
Enable powif* intrinsics
ea28adf 
These are supported by CBMC with
diffblue/cbmc#8192 merged.

Resolves: model-checking#2763
@tautschnig tautschnig mentioned this issue Feb 7, 2024
Merged
@tautschnig tautschnig removed their assignment Aug 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
[C] Feature / Enhancement A new feature request or enhancement to an existing feature. T-CBMC Issue related to an existing CBMC issue T-User Tag user issues / requests
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enable powif* intrinsics tautschnig/kani
4 participants
@acgetchell @tautschnig @adpaco-aws @zhassan-aws