Skip to content

Add CSE verification script with KCFG minimization and K module generation #668

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Stevengre wants to merge 15 commits into
base: master
Choose a base branch
from
Draft

Add CSE verification script with KCFG minimization and K module generation #668

Stevengre wants to merge 15 commits into from

Conversation

@Stevengre
Copy link
Contributor

@Stevengre Stevengre commented Aug 29, 2025

Summary

This PR adds a Python script for verifying Rust functions using KMIR, with support for KCFG minimization and K module generation.

Features

  • Flexible verification entry point: Can verify any function, not just main
  • KCFG minimization: Reduces redundant nodes in the proof graph
  • K module generation: Exports reusable K modules from proofs
  • Comprehensive reporting: Generates proof shows, summaries, and statistics

Test Results

Tested with cse_call_add1_1time.rs:

  • add1 function:
    • Verification result: Failed (expected - has stuck branch for potential overflow)
    • KCFG minimization: 7 nodes/3 edges → 6 nodes/2 edges
    • Generated 80KB K module
  • main function:
    • Verification result: Passed
    • KCFG minimization: 3 nodes/1 edge (already optimal)
    • Generated 53KB K module

Usage

# Verify add1 function
uv --directory kmir run python verify_add1.py add1

# Verify main function  
uv --directory kmir run python verify_add1.py main

Output Files

The script generates the following in add1_proof/:

  • .show - Original proof show output
  • .minimized.show - Minimized proof show output
  • .k - K module for reuse
  • .summary - Verification statistics
  • Proof data in subdirectories

Implementation Details

  1. Uses APRProof.minimize_kcfg() to reduce proof complexity
  2. Generates K modules via KCFG.to_module() with proper defunctionalization
  3. Tracks minimization statistics for optimization analysis

🤖 Generated with Claude Code

Stevengre and others added 13 commits August 29, 2025 01:18
@Stevengre @claude
Add composable symbolic execution test suite
87d7d77 
- Add 5 tests with varying function call counts (1, 10, 100, 1000, 10000)
- Tests evaluate composable symbolic execution with repeated function calls
- All tests use loop-based implementation for scalability
- Set depth limit to 50 for controlled symbolic execution

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@Stevengre @claude
Add timeout support for integration tests
90e8c19 
- Added pytest-timeout dependency to dev requirements
- Set default 300s timeout for test-integration target in Makefile
- Allows overriding timeout via TEST_ARGS parameter

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@Stevengre
updated expected
9e9502f
@Stevengre @claude
Add Python script for verifying add1 function with KMIR
5d6c91d 
This script demonstrates how to:
- Use KMIR to verify Rust functions with arbitrary entry points
- Generate and save APRProof objects
- Create proof show output for visualization
- Support both add1 and main function verification

The script correctly handles both passing (main with assertions) and
failing/stuck (add1 with potential overflow) verification cases.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@Stevengre @claude
Enhance verify_add1.py with KCFG minimization and K module generation
1322910 
Added new features to the verification script:
- KCFG minimization using apr_proof.minimize_kcfg() to reduce redundant nodes
- K module generation from minimized KCFG using to_module()
- Save both original and minimized proof show outputs
- Track minimization statistics in summary file

Results show:
- add1 function: reduced from 7 nodes/3 edges to 6 nodes/2 edges
- main function: already optimal at 3 nodes/1 edge (no reduction)
- Generated K modules saved as .k files for reuse

This enhancement enables more efficient proof representation and
provides reusable K modules for future verification work.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@Stevengre @claude
Fix K module output to use proper K syntax formatting
1a2b83a 
Changed from Python object string representation to proper K syntax:
- Use kmir.pretty_print() to format KFlatModule as valid K code
- Reduced file sizes significantly (80KB→19KB, 53KB→13KB)
- Generated modules now follow K language syntax with proper formatting
- Modules can be directly imported/used in other K specifications

The generated .k files now contain valid K module definitions with:
- Proper module/endmodule structure
- Correctly formatted rules with labels and priorities
- K cell structure with proper XML-like notation
- Valid K term syntax instead of Python repr strings

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@Stevengre
add original generated summary
f526873
@Stevengre
Update kmir.md
b0ba4b0
@Stevengre
Abstract <start-symbol>. This can be different for different program
ad6ee22 
execution
@Stevengre
depth where the summary rule should match for add1_1time.state
4f83e0d
@Stevengre
Create add1-original for comparison
b23815e
@Stevengre
hard to manage the file dependency, give up
8b187ce
@Stevengre
save all the files
72a771c
@Stevengre
Copy link
Contributor Author

Stevengre commented Aug 29, 2025
edited
Loading

run with main summary. !!!!!!

(kmir) ➜  mir-semantics git:(jh/cse) ✗ time python3 sum.py 1000 --start-symbol main
python3 sum.py 1000 --start-symbol main  4.50s user 0.16s system 99% cpu 4.668 total

@Stevengre
Copy link
Contributor Author

Stevengre commented Aug 29, 2025

run without main summary:

(kmir) ➜  mir-semantics git:(jh/cse) ✗ time python3 sum.py 1000 --start-symbol main
python3 sum.py 1000 --start-symbol main  1309.30s user 269.67s system 64% cpu 40:38.26 total

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Stevengre