Skip to content

datatype support for smtvcs#1273

Draft
kondylidou wants to merge 2 commits into
strata-org:main2from
kondylidou:pr/smt-vcs-datatypes-main2
Draft

datatype support for smtvcs#1273
kondylidou wants to merge 2 commits into
strata-org:main2from
kondylidou:pr/smt-vcs-datatypes-main2

Conversation

@kondylidou

@kondylidou kondylidou commented May 28, 2026

Copy link
Copy Markdown
Contributor

Summary

Programs with user-defined datatypes (constructors, selectors, testers) previously caused
smtVCsCorrect to silently reduce to False and gen_smt_vcs to throw a runtime error.
This PR fixes three coordinated gaps:

  1. SanitizedContext.ofCore (MetaVerifier.lean) stripped all datatype UFs/sorts, so
    neither the translate nor the denote path could see constructor/selector/tester functions.

  2. translateTerm (Translate.lean) had no datatype_op case, so gen_smt_vcs threw
    "datatype function not found in context" for any VC containing a selector or constructor.

  3. denoteTerm (Denote.lean) had no datatype_op case, so denoteQuery returned
    none for any VC containing a datatype operation, causing smtVCsCorrect to reduce to
    False.

Test

StrataTest/Languages/Boole/datatype_selector_vcs.lean — a minimal Box { Box_mk(val : int) }
program whose inc_val procedure uses Box..val in both requires and ensures. All 4
generated VCs pass cvc5 and smtVCsCorrect boxSelectorSeed is fully proved by gen_smt_vcs

  • grind.

@kondylidou kondylidou requested a review from a team as a code owner May 28, 2026 09:02
@kondylidou

kondylidou commented May 28, 2026

Copy link
Copy Markdown
Contributor Author

@joscoh following the discussion in the meeting yesterday could you check if this would be the right fix?

@kondylidou

kondylidou commented May 28, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

@joscoh following the discussion in the meeting yesterday could you check if this would be the right fix?

@abdoo8080 fyi too

@kondylidou kondylidou marked this pull request as draft May 28, 2026 14:29
@abdoo8080

abdoo8080 commented May 28, 2026

Copy link
Copy Markdown
Contributor

A few notes from an offline discussion:

  • Elimination passes should be implemented as core-to-core transformations where possible. This makes it easier to verify their correctness against Josh's denotational semantics and lets us reuse them in other verification pipelines.
  • This pass is missing several datatype axioms: that constructors are exhaustive, that they're injective, that they can't be confused (e.g., foo(x) != bar(y) for constructors foo and bar), and the acyclicity and induction principles for inductive datatypes. Those principles can't be stated in FOL, so you won't be able to express them in the SMT IR. You may be able to state them in Core's IR, but then lowering to the SMT IR will probably fail.
  • Model construction issues similar to the ones we have with nat.

@shigoel shigoel added the CSLib PRs and issues marked with this label indicate contributions from/for the CSLib community. label Jun 5, 2026
@aqjune-aws aqjune-aws mentioned this pull request Jun 6, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

CSLib PRs and issues marked with this label indicate contributions from/for the CSLib community. SMT

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kondylidou @abdoo8080 @shigoel