Enable some math tests to be run by halmos (#5824)

daejunpark · ernestognw · web-flow · commit 3790c59623e9 · 2025-07-31T09:58:01.000-06:00
Co-authored-by: ernestognw &lt;ernestognw@gmail.com&gt;
diff --git a/.github/workflows/formal-verification.yml b/.github/workflows/formal-verification.yml
@@ -84,3 +84,5 @@ jobs:
         run: pip install -r fv-requirements.txt
       - name: Run Halmos
         run: halmos --match-test '^symbolic|^testSymbolic' -vv
+        env:
+          HALMOS_ALLOW_DOWNLOAD: 1
diff --git a/test/utils/Bytes.t.sol b/test/utils/Bytes.t.sol
@@ -14,7 +14,7 @@ contract BytesTest is Test {
     }
 
     // INDEX OF
-    function testIndexOf(bytes memory buffer, bytes1 s) public pure {
+    function testSymbolicIndexOf(bytes memory buffer, bytes1 s) public pure {
         uint256 result = Bytes.indexOf(buffer, s);
 
         if (buffer.length == 0) {
@@ -48,7 +48,7 @@ contract BytesTest is Test {
         }
     }
 
-    function testLastIndexOf(bytes memory buffer, bytes1 s) public pure {
+    function testSymbolicLastIndexOf(bytes memory buffer, bytes1 s) public pure {
         uint256 result = Bytes.lastIndexOf(buffer, s);
 
         if (buffer.length == 0) {
diff --git a/test/utils/math/Math.t.sol b/test/utils/math/Math.t.sol
@@ -12,7 +12,7 @@ contract MathTest is Test {
     }
 
     // ADD512 & MUL512
-    function testAdd512(uint256 a, uint256 b) public pure {
+    function testSymbolicAdd512(uint256 a, uint256 b) public pure {
         (uint256 high, uint256 low) = Math.add512(a, b);
 
         // test against tryAdd
@@ -60,7 +60,8 @@ contract MathTest is Test {
     }
 
     // CEILDIV
-    function testCeilDiv(uint256 a, uint256 b) public pure {
+    /// @custom:halmos --solver cvc5-int
+    function testSymbolicCeilDiv(uint256 a, uint256 b) public pure {
         vm.assume(b > 0);
 
         uint256 result = Math.ceilDiv(a, b);
@@ -112,17 +113,18 @@ contract MathTest is Test {
         _testInvMod(value, p, true);
     }
 
-    function testInvMod2(uint256 seed) public pure {
+    function testSymbolicInvMod2(uint256 seed) public pure {
         uint256 p = 2; // prime
         _testInvMod(bound(seed, 1, p - 1), p, false);
     }
 
-    function testInvMod17(uint256 seed) public pure {
+    function testSymbolicInvMod17(uint256 seed) public pure {
         uint256 p = 17; // prime
         _testInvMod(bound(seed, 1, p - 1), p, false);
     }
 
-    function testInvMod65537(uint256 seed) public pure {
+    /// @custom:halmos --solver bitwuzla-abs
+    function testSymbolicInvMod65537(uint256 seed) public pure {
         uint256 p = 65537; // prime
         _testInvMod(bound(seed, 1, p - 1), p, false);
     }
diff --git a/test/utils/math/SignedMath.t.sol b/test/utils/math/SignedMath.t.sol
@@ -47,8 +47,9 @@ contract SignedMathTest is Test {
         assertEq(result, (a + b) / 2);
     }
 
-    // 2. more complex test, full int256 range
-    function testAverage2(int256 a, int256 b) public pure {
+    // 2. more complex test, full int256 range (solver timeout 0 = no timeout)
+    /// @custom:halmos --solver-timeout-assertion 0
+    function testSymbolicAverage2(int256 a, int256 b) public pure {
         (int256 result, int256 min, int256 max) = (
             SignedMath.average(a, b),
             SignedMath.min(a, b),

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ contract BytesTest is Test {`
`14`	`14`	`}`
`15`	`15`
`16`	`16`	`// INDEX OF`
`17`		`- function testIndexOf(bytes memory buffer, bytes1 s) public pure {`
	`17`	`+ function testSymbolicIndexOf(bytes memory buffer, bytes1 s) public pure {`
`18`	`18`	`uint256 result = Bytes.indexOf(buffer, s);`
`19`	`19`
`20`	`20`	`if (buffer.length == 0) {`
`@@ -48,7 +48,7 @@ contract BytesTest is Test {`
`48`	`48`	`}`
`49`	`49`	`}`
`50`	`50`
`51`		`- function testLastIndexOf(bytes memory buffer, bytes1 s) public pure {`
	`51`	`+ function testSymbolicLastIndexOf(bytes memory buffer, bytes1 s) public pure {`
`52`	`52`	`uint256 result = Bytes.lastIndexOf(buffer, s);`
`53`	`53`
`54`	`54`	`if (buffer.length == 0) {`
Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ contract MathTest is Test {`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`// ADD512 & MUL512`
`15`		`- function testAdd512(uint256 a, uint256 b) public pure {`
	`15`	`+ function testSymbolicAdd512(uint256 a, uint256 b) public pure {`
`16`	`16`	`(uint256 high, uint256 low) = Math.add512(a, b);`
`17`	`17`
`18`	`18`	`// test against tryAdd`
`@@ -60,7 +60,8 @@ contract MathTest is Test {`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`// CEILDIV`
`63`		`- function testCeilDiv(uint256 a, uint256 b) public pure {`
	`63`	`+ /// @custom:halmos --solver cvc5-int`
	`64`	`+ function testSymbolicCeilDiv(uint256 a, uint256 b) public pure {`
`64`	`65`	`vm.assume(b > 0);`
`65`	`66`
`66`	`67`	`uint256 result = Math.ceilDiv(a, b);`
`@@ -112,17 +113,18 @@ contract MathTest is Test {`
`112`	`113`	`_testInvMod(value, p, true);`
`113`	`114`	`}`
`114`	`115`
`115`		`- function testInvMod2(uint256 seed) public pure {`
	`116`	`+ function testSymbolicInvMod2(uint256 seed) public pure {`
`116`	`117`	`uint256 p = 2; // prime`
`117`	`118`	`_testInvMod(bound(seed, 1, p - 1), p, false);`
`118`	`119`	`}`
`119`	`120`
`120`		`- function testInvMod17(uint256 seed) public pure {`
	`121`	`+ function testSymbolicInvMod17(uint256 seed) public pure {`
`121`	`122`	`uint256 p = 17; // prime`
`122`	`123`	`_testInvMod(bound(seed, 1, p - 1), p, false);`
`123`	`124`	`}`
`124`	`125`
`125`		`- function testInvMod65537(uint256 seed) public pure {`
	`126`	`+ /// @custom:halmos --solver bitwuzla-abs`
	`127`	`+ function testSymbolicInvMod65537(uint256 seed) public pure {`
`126`	`128`	`uint256 p = 65537; // prime`
`127`	`129`	`_testInvMod(bound(seed, 1, p - 1), p, false);`
`128`	`130`	`}`