invar-tools 1.0.0__py3-none-any.whl → 1.3.0__py3-none-any.whl

invar/shell/{prove.py → prove/crosshair.py}

@@ -18,23 +18,22 @@ from typing import TYPE_CHECKING
 from returns.result import Failure, Result, Success
 from rich.console import Console
 
-# DX-13: Cache module extracted for file size compliance
-from invar.shell.prove_cache import ProveCache  # noqa: TC001 - runtime usage
+from invar.shell.prove.cache import ProveCache  # noqa: TC001 - runtime usage
 
-# DX-12: Hypothesis fallback (extracted to prove_fallback.py for file size compliance)
-from invar.shell.prove_fallback import (
+# DX-12: Hypothesis fallback
+from invar.shell.prove.hypothesis import (
     run_hypothesis_fallback as run_hypothesis_fallback,
 )
-from invar.shell.prove_fallback import (
+from invar.shell.prove.hypothesis import (
     run_prove_with_fallback as run_prove_with_fallback,
 )
+from invar.shell.subprocess_env import build_subprocess_env  # DX-52
 
 if TYPE_CHECKING:
     from typing import Any
 
 console = Console()
 
-
 # ============================================================
 # CrossHair Status Codes
 # ============================================================
@@ -56,18 +55,10 @@ class CrossHairStatus:
 # ============================================================
 
 
+# @shell_orchestration: Contract detection for CrossHair prove module
+# @shell_complexity: AST traversal for contract detection
 def has_verifiable_contracts(source: str) -> bool:
-    """
-    Check if source has verifiable contracts.
-
-    DX-13: Hybrid detection - fast string check + AST validation.
-
-    Args:
-        source: Python source code
-
-    Returns:
-        True if file has @pre/@post contracts worth verifying
-    """
+    """Check if source has @pre/@post contracts (DX-13: fast string + AST check)."""
     # Fast path: no contract keywords at all
     if "@pre" not in source and "@post" not in source:
         return False
@@ -105,9 +96,12 @@ def has_verifiable_contracts(source: str) -> bool:
 # ============================================================
 
 
+# @shell_complexity: CrossHair subprocess with error classification
 def _verify_single_file(
     file_path: str,
     max_iterations: int = 5,
+    timeout: int = 300,
+    per_condition_timeout: int = 30,
 ) -> dict[str, Any]:
     """
     Verify a single file with CrossHair.
@@ -117,6 +111,8 @@ def _verify_single_file(
     Args:
         file_path: Path to Python file
         max_iterations: Maximum uninteresting iterations (default: 5)
+        timeout: Max time per file in seconds (default: 300)
+        per_condition_timeout: Max time per contract in seconds (default: 30)
 
     Returns:
         Verification result dict
@@ -132,15 +128,18 @@ def _verify_single_file(
         "check",
         file_path,
         f"--max_uninteresting_iterations={max_iterations}",
+        f"--per_condition_timeout={per_condition_timeout}",
         "--analysis_kind=deal",
     ]
 
     try:
+        # DX-52: Inject project venv site-packages for uvx compatibility
         result = subprocess.run(
             cmd,
             capture_output=True,
             text=True,
-            timeout=300,  # 5 minute max per file
+            timeout=timeout,
+            env=build_subprocess_env(),
         )
 
         elapsed_ms = int((time.time() - start_time) * 1000)
@@ -153,24 +152,51 @@ def _verify_single_file(
                 "stdout": result.stdout,
             }
         else:
+            # Check if this is an execution error vs actual counterexample
+            # CrossHair reports TypeError/AttributeError when it can't
+            # symbolically execute C extensions like ast.parse()
+            # Check both stdout and stderr for error patterns
+            output = result.stdout + "\n" + result.stderr
+            execution_errors = [
+                "TypeError:",
+                "AttributeError:",
+                "NotImplementedError:",
+                "compile() arg 1 must be",  # ast.parse limitation
+                "ValueError: wrong parameter order",  # CrossHair signature bug
+                "ValueError: cannot determine truth",  # Symbolic execution limit
+            ]
+            is_execution_error = any(err in output for err in execution_errors)
+
+            if is_execution_error:
+                # Treat as skipped - function uses unsupported operations
+                return {
+                    "file": file_path,
+                    "status": CrossHairStatus.SKIPPED,
+                    "time_ms": elapsed_ms,
+                    "reason": "uses unsupported operations (ast/compile/signature)",
+                    "stdout": output,
+                }
+
+            # Extract counterexample lines - CrossHair format: "file:line: error: Err when calling func(...)"
+            # Include lines with "error:" as they contain the actual counterexamples
             counterexamples = [
                 line.strip()
-                for line in result.stdout.split("\n")
-                if line.strip() and "error" not in line.lower()
+                for line in output.split("\n")
+                if line.strip() and ": error:" in line.lower()
             ]
             return {
                 "file": file_path,
                 "status": CrossHairStatus.COUNTEREXAMPLE,
                 "time_ms": elapsed_ms,
                 "counterexamples": counterexamples,
-                "stdout": result.stdout,
+                "stdout": output,
             }
 
     except subprocess.TimeoutExpired:
         return {
             "file": file_path,
             "status": CrossHairStatus.TIMEOUT,
-            "time_ms": 300000,
+            "time_ms": timeout * 1000,
         }
     except Exception as e:
         return {
@@ -185,22 +211,24 @@ def _verify_single_file(
 # ============================================================
 
 
+# @shell_complexity: Parallel verification with caching and filtering
 def run_crosshair_parallel(
     files: list[Path],
     max_iterations: int = 5,
     max_workers: int | None = None,
     cache: ProveCache | None = None,
+    timeout: int = 300,
+    per_condition_timeout: int = 30,
 ) -> Result[dict, str]:
-    """
-    Run CrossHair on multiple files in parallel.
-
-    DX-13: Parallel execution with caching support.
+    """Run CrossHair on multiple files in parallel (DX-13).
 
     Args:
         files: List of Python file paths to verify
         max_iterations: Maximum uninteresting iterations per condition
         max_workers: Number of parallel workers (default: CPU count)
         cache: Optional verification cache
+        timeout: Max time per file in seconds (default: 300)
+        per_condition_timeout: Max time per contract in seconds (default: 30)
 
     Returns:
         Success with verification results or Failure with error message
@@ -299,7 +327,9 @@ def run_crosshair_parallel(
         # Parallel execution
         with ProcessPoolExecutor(max_workers=max_workers) as executor:
             futures = {
-                executor.submit(_verify_single_file, str(f), max_iterations): f
+                executor.submit(
+                    _verify_single_file, str(f), max_iterations, timeout, per_condition_timeout
+                ): f
                 for f in files_to_verify
             }
 
@@ -321,7 +351,9 @@ def run_crosshair_parallel(
     else:
         # Sequential execution (single file or max_workers=1)
         for py_file in files_to_verify:
-            result = _verify_single_file(str(py_file), max_iterations)
+            result = _verify_single_file(
+                str(py_file), max_iterations, timeout, per_condition_timeout
+            )
             _process_verification_result(
                 result,
                 py_file,
@@ -354,6 +386,8 @@ def run_crosshair_parallel(
     )
 
 
+# @shell_orchestration: Result aggregation helper for parallel verification
+# @shell_complexity: Result classification with cache update
 def _process_verification_result(
     result: dict,
     file_path: Path,
@@ -389,7 +423,7 @@ def _process_verification_result(
 
 
 def run_crosshair_on_files(
-    files: list[Path], timeout: int = 10
+    files: list[Path], timeout: int = 300, per_condition_timeout: int = 30
 ) -> Result[dict, str]:
     """
     Run CrossHair symbolic verification on a list of Python files.
@@ -398,7 +432,8 @@ def run_crosshair_on_files(
 
     Args:
         files: List of Python file paths to verify
-        timeout: Ignored (kept for backwards compatibility)
+        timeout: Max time per file in seconds (default: 300)
+        per_condition_timeout: Max time per contract in seconds (default: 30)
 
     Returns:
         Success with verification results or Failure with error message
@@ -409,6 +444,8 @@ def run_crosshair_on_files(
         max_iterations=5,  # Fast mode
         max_workers=None,  # Auto-detect
         cache=None,  # No cache for basic API
+        timeout=timeout,
+        per_condition_timeout=per_condition_timeout,
     )
 
 
@@ -417,6 +454,8 @@ def run_crosshair_on_files(
 # ============================================================
 
 
+# @shell_orchestration: File selection for incremental verification
+# @shell_complexity: Git integration for incremental verification
 def get_files_to_prove(
     path: Path,
     all_core_files: list[Path],

invar/shell/prove/hypothesis.py

@@ -0,0 +1,293 @@
+"""
+Hypothesis fallback for proof verification.
+
+DX-12: Provides Hypothesis as automatic fallback when CrossHair
+is unavailable, times out, or skips files.
+
+DX-22: Smart routing - detects C extension imports and routes
+directly to Hypothesis without wasting time on CrossHair.
+"""
+
+from __future__ import annotations
+
+import subprocess
+import sys
+from dataclasses import dataclass, field
+from pathlib import Path
+
+from returns.result import Failure, Result, Success
+
+from invar.core.verification_routing import get_incompatible_imports
+from invar.shell.subprocess_env import build_subprocess_env
+
+
+@dataclass
+class FileRouting:
+    """DX-22: Classification of files for smart verification routing."""
+
+    crosshair_files: list[Path] = field(default_factory=list)
+    hypothesis_files: list[Path] = field(default_factory=list)
+    skip_files: list[Path] = field(default_factory=list)
+    incompatible_reasons: dict[str, set[str]] = field(default_factory=dict)
+
+
+# @shell_complexity: File I/O with error handling for import detection
+def classify_files_for_verification(files: list[Path]) -> FileRouting:
+    """
+    Classify files for smart verification routing.
+
+    DX-22: Detects C extension imports and routes files appropriately:
+    - Pure Python with contracts -> CrossHair (can prove)
+    - C extensions (numpy, pandas, etc.) -> Hypothesis (cannot prove)
+    - No contracts -> Skip
+
+    Returns FileRouting with classified files.
+    """
+    routing = FileRouting()
+
+    for file_path in files:
+        if not file_path.exists() or file_path.suffix != ".py":
+            routing.skip_files.append(file_path)
+            continue
+
+        try:
+            source = file_path.read_text()
+        except Exception:
+            routing.skip_files.append(file_path)
+            continue
+
+        # Check for incompatible imports
+        incompatible = get_incompatible_imports(source)
+        if incompatible:
+            routing.hypothesis_files.append(file_path)
+            routing.incompatible_reasons[str(file_path)] = incompatible
+        else:
+            routing.crosshair_files.append(file_path)
+
+    return routing
+
+
+# @shell_complexity: Fallback verification with hypothesis availability check
+def run_hypothesis_fallback(
+    files: list[Path],
+    max_examples: int = 100,
+) -> Result[dict, str]:
+    """
+    Run Hypothesis property tests as fallback when CrossHair skips/times out.
+
+    DX-12: Uses inferred strategies from type hints and @pre contracts.
+
+    Args:
+        files: List of Python file paths to test
+        max_examples: Maximum examples per test
+
+    Returns:
+        Success with test results or Failure with error message
+    """
+    # Import CrossHairStatus here to avoid circular import
+    from invar.shell.prove.crosshair import CrossHairStatus
+
+    # Check if hypothesis is available
+    try:
+        import hypothesis  # noqa: F401
+    except ImportError:
+        return Success(
+            {
+                "status": CrossHairStatus.SKIPPED,
+                "reason": "Hypothesis not installed (pip install hypothesis)",
+                "files": [],
+                "tool": "hypothesis",
+            }
+        )
+
+    if not files:
+        return Success(
+            {
+                "status": CrossHairStatus.SKIPPED,
+                "reason": "no files",
+                "files": [],
+                "tool": "hypothesis",
+            }
+        )
+
+    # Filter to Python files only
+    py_files = [f for f in files if f.suffix == ".py" and f.exists()]
+    if not py_files:
+        return Success(
+            {
+                "status": CrossHairStatus.SKIPPED,
+                "reason": "no Python files",
+                "files": [],
+                "tool": "hypothesis",
+            }
+        )
+
+    # Use pytest with hypothesis
+    cmd = [
+        sys.executable,
+        "-m",
+        "pytest",
+        "--hypothesis-show-statistics",
+        "--hypothesis-seed=0",  # Reproducible
+        "-x",  # Stop on first failure
+        "--tb=short",
+    ]
+    cmd.extend(str(f) for f in py_files)
+
+    try:
+        # DX-52: Inject project venv site-packages for uvx compatibility
+        result = subprocess.run(
+            cmd,
+            capture_output=True,
+            text=True,
+            timeout=300,
+            env=build_subprocess_env(),
+        )
+        # Pytest exit codes: 0=passed, 5=no tests collected
+        is_passed = result.returncode in (0, 5)
+        return Success(
+            {
+                "status": "passed" if is_passed else "failed",
+                "files": [str(f) for f in py_files],
+                "exit_code": result.returncode,
+                "stdout": result.stdout,
+                "stderr": result.stderr,
+                "tool": "hypothesis",
+                "note": "Fallback from CrossHair",
+            }
+        )
+    except subprocess.TimeoutExpired:
+        return Failure("Hypothesis timeout (300s)")
+    except Exception as e:
+        return Failure(f"Hypothesis error: {e}")
+
+
+# @shell_orchestration: DX-22 smart routing + DX-12/13 fallback chain
+# @shell_complexity: Multiple verification phases with error handling paths
+def run_prove_with_fallback(
+    files: list[Path],
+    crosshair_timeout: int = 10,
+    hypothesis_max_examples: int = 100,
+    use_cache: bool = True,
+    cache_dir: Path | None = None,
+) -> Result[dict, str]:
+    """
+    Run proof verification with smart routing and automatic fallback.
+
+    DX-22: Smart routing - routes C extension code directly to Hypothesis.
+    DX-12 + DX-13: CrossHair with caching, falls back to Hypothesis on failure.
+
+    Flow:
+        1. Classify files (CrossHair-compatible vs C-extension)
+        2. Run CrossHair on compatible files only
+        3. Run Hypothesis on incompatible files (no wasted CrossHair attempt)
+        4. Merge results with de-duplicated statistics
+
+    Args:
+        files: List of Python file paths to verify
+        crosshair_timeout: Ignored (kept for backwards compatibility)
+        hypothesis_max_examples: Maximum Hypothesis examples
+        use_cache: Whether to use verification cache (DX-13)
+        cache_dir: Cache directory (default: .invar/cache/prove)
+
+    Returns:
+        Success with verification results including routing statistics
+    """
+    # Import here to avoid circular import
+    from invar.shell.prove.cache import ProveCache
+    from invar.shell.prove.crosshair import CrossHairStatus, run_crosshair_parallel
+
+    # DX-22: Smart routing - classify files before verification
+    routing = classify_files_for_verification(files)
+
+    # Initialize result structure with DX-22 routing stats
+    result = {
+        "status": "passed",
+        "routing": {
+            "crosshair_files": len(routing.crosshair_files),
+            "hypothesis_files": len(routing.hypothesis_files),
+            "skip_files": len(routing.skip_files),
+            "incompatible_reasons": {
+                k: list(v) for k, v in routing.incompatible_reasons.items()
+            },
+        },
+        "crosshair": None,
+        "hypothesis": None,
+        "files": [str(f) for f in files],
+    }
+
+    # DX-13: Initialize cache for CrossHair
+    cache = None
+    if use_cache:
+        if cache_dir is None:
+            cache_dir = Path(".invar/cache/prove")
+        cache = ProveCache(cache_dir=cache_dir)
+
+    # Phase 1: Run CrossHair on compatible files
+    if routing.crosshair_files:
+        crosshair_result = run_crosshair_parallel(
+            routing.crosshair_files,
+            max_iterations=5,  # Fast mode
+            max_workers=None,  # Auto-detect
+            cache=cache,
+        )
+
+        if isinstance(crosshair_result, Success):
+            xh_data = crosshair_result.unwrap()
+            result["crosshair"] = xh_data
+
+            # Check if CrossHair needs fallback for any files
+            xh_status = xh_data.get("status", "")
+            needs_fallback = (
+                xh_status == CrossHairStatus.SKIPPED
+                or xh_status == CrossHairStatus.TIMEOUT
+                or "not installed" in xh_data.get("reason", "")
+            )
+
+            if needs_fallback:
+                # CrossHair failed, add these files to Hypothesis batch
+                routing.hypothesis_files.extend(routing.crosshair_files)
+                result["crosshair"]["fallback_triggered"] = True
+        else:
+            # CrossHair error, fallback all to Hypothesis
+            routing.hypothesis_files.extend(routing.crosshair_files)
+            result["crosshair"] = {
+                "status": "error",
+                "error": str(crosshair_result.failure()),
+                "fallback_triggered": True,
+            }
+
+    # Phase 2: Run Hypothesis on incompatible files + fallback files
+    if routing.hypothesis_files:
+        hypothesis_result = run_hypothesis_fallback(
+            routing.hypothesis_files, max_examples=hypothesis_max_examples
+        )
+
+        if isinstance(hypothesis_result, Success):
+            result["hypothesis"] = hypothesis_result.unwrap()
+        else:
+            result["hypothesis"] = {
+                "status": "error",
+                "error": str(hypothesis_result.failure()),
+            }
+            result["status"] = "failed"
+
+    # Determine overall status
+    xh_status = result.get("crosshair", {}).get("status", "passed")
+    hyp_status = result.get("hypothesis", {}).get("status", "passed")
+
+    if xh_status == "counterexample_found" or hyp_status == "failed":
+        result["status"] = "failed"
+    elif xh_status in ("error",) or hyp_status in ("error",):
+        result["status"] = "error"
+
+    # DX-22: Add de-duplicated statistics
+    result["stats"] = {
+        "crosshair_proven": len(
+            result.get("crosshair", {}).get("verified", [])
+        ),
+        "hypothesis_tested": len(routing.hypothesis_files),
+        "total_verified": len(files) - len(routing.skip_files),
+    }
+
+    return Success(result)