creusot icon indicating copy to clipboard operation
creusot copied to clipboard

Published 20 hours ago verified publisher icon creusot-rs

A model for `char`

Open suhr opened this issue 1 year ago • 5 comments

Essential for leftpad verification. I guess it makes sense to interpret it as an integer from 0 to 0x10FFFF. This allows for char ranges, for example.

suhr avatar Jul 15 '22 14:07 suhr

Essential for leftpad verification. I guess it makes sense to interpret it as an integer from 0 to 0x10FFFF. This allows for char ranges, for example.

You can define leftpad in a generic manner over any slice of type T.

I think char will require a new abstract mathematical type since we don't want to allow things like addition of characters which is ill-defined.

xldenis avatar Jul 15 '22 17:07 xldenis

Since we already compile char to why3 char.Char I believe the suitable model here is just the identity.

xldenis avatar Jul 15 '22 18:07 xldenis

Why3's char is unicode?

jhjourdan avatar Jul 17 '22 19:07 jhjourdan

No, it isn't so we won't actually be able to use it. The SMT Char is though. It's defined in SMT as a unicode string of length 1

xldenis avatar Jul 17 '22 19:07 xldenis

I hit two char related panics. They're both just unimplemented branches, but since they asked me to report them and I don't see any direct mentions in the issue I thought I'd make a note here - it seems to be the relevant issue for replacing implementing them.

use creusot_contracts::trusted;

#[trusted]
fn foo() -> char {
    'a'
}

fn main() {
    // Panic 1: thread 'rustc' panicked at 'not implemented', creusot/src/translation/function/terminator.rs:313:14
    match foo() {
        'a' => (),
        _ => (),
    }

    // Panic 2: thread 'rustc' panicked at 'internal error: entered unreachable code', creusot/src/translation/fmir.rs:170:26
    22 as char;
}

gmorenz avatar Sep 06 '22 03:09 gmorenz