VCExpr LetVC(Block block,
Dictionary <int, Absy> label2absy,
Hashtable /*<Block, VCExprVar!>*/ blockVariables,
List <VCExprLetBinding> bindings,
ProverContext proverCtxt,
out int assertionCount)
{
Contract.Requires(label2absy != null);
Contract.Requires(blockVariables != null);
Contract.Requires(proverCtxt != null);
Contract.Requires(cce.NonNullElements(bindings));
Contract.Ensures(Contract.Result <VCExpr>() != null);
assertionCount = 0;
VCExpressionGenerator gen = proverCtxt.ExprGen;
Contract.Assert(gen != null);
VCExprVar v = (VCExprVar)blockVariables[block];
if (v == null)
{
/*
* For block A (= block), generate:
* LET_binding A_correct = wp(A_body, (/\ S \in Successors(A) :: S_correct))
* with the side effect of adding the let bindings to "bindings" for any
* successor not yet visited.
*/
VCExpr SuccCorrect;
GotoCmd gotocmd = block.TransferCmd as GotoCmd;
if (gotocmd == null)
{
if (CommandLineOptions.Clo.vcVariety == CommandLineOptions.VCVariety.Doomed)
{
SuccCorrect = VCExpressionGenerator.False;
}
else
{
SuccCorrect = VCExpressionGenerator.True;
}
}
else
{
Contract.Assert(gotocmd.labelTargets != null);
List <VCExpr> SuccCorrectVars = new List <VCExpr>(gotocmd.labelTargets.Count);
foreach (Block successor in gotocmd.labelTargets)
{
Contract.Assert(successor != null);
int ac;
VCExpr s = LetVC(successor, label2absy, blockVariables, bindings, proverCtxt, out ac);
assertionCount += ac;
SuccCorrectVars.Add(s);
}
SuccCorrect = gen.NAry(VCExpressionGenerator.AndOp, SuccCorrectVars);
}
VCContext context = new VCContext(label2absy, proverCtxt);
// m_Context = context;
VCExpr vc = Wlp.Block(block, SuccCorrect, context);
assertionCount += context.AssertionCount;
v = gen.Variable(block.Label + "_correct", Microsoft.Boogie.Type.Bool);
bindings.Add(gen.LetBinding(v, vc));
blockVariables.Add(block, v);
}
return(v);
}
/// <summary>
/// As a side effect, updates "this.parent.CumulativeAssertionCount".
/// </summary>
public void BeginCheck(Checker checker, VerifierCallback callback, ModelViewInfo mvInfo, int no, int timeout, int rlimit)
{
Contract.Requires(checker != null);
Contract.Requires(callback != null);
splitNo = no;
impl.Blocks = blocks;
this.checker = checker;
Dictionary <int, Absy> label2absy = new Dictionary <int, Absy>();
ProverContext ctx = checker.TheoremProver.Context;
Boogie2VCExprTranslator bet = ctx.BoogieExprTranslator;
var cc = new VCGen.CodeExprConversionClosure(label2absy, ctx);
bet.SetCodeExprConverter(cc.CodeExprToVerificationCondition);
var exprGen = ctx.ExprGen;
VCExpr controlFlowVariableExpr = exprGen.Integer(BigNum.ZERO);
#region proofgen
TypePremiseEraserFactory typePremiseEraserFactory;
switch (CommandLineOptions.Clo.TypeEncodingMethod)
{
case CommandLineOptions.TypeEncoding.Predicates:
typePremiseEraserFactory = new TypePremiseEraserFactory(checker.VCExprGen, bet, true);
break;
case CommandLineOptions.TypeEncoding.Monomorphic:
typePremiseEraserFactory = new TypePremiseEraserFactory(checker.VCExprGen, bet, false);
break;
default:
throw new NotImplementedException();
}
ProofGenerationLayer.SetTypeEraserFactory(typePremiseEraserFactory);
#endregion
/* PROOF GEN: we pass "null" as the control flow variable expression, such that labels are not produced as they are
* not relevant for proof generation of programs that verify */
VCExpr vc = parent.GenerateVCAux(impl, null, label2absy, checker.TheoremProver.Context);
Contract.Assert(vc != null);
#region proofgen
if (!(ctx is DeclFreeProverContext))
{
throw new NotImplementedException("Proof Generation only supports DeclFreeProverContext as context.");
}
var declFreeProverContext = ctx as DeclFreeProverContext;
var premiseEraserProvider = typePremiseEraserFactory?.NewEraser();
VCExpr eraseVC(VCExpr vc, int polarity)
{
return(!premiseEraserProvider.ProgramIsPolymorphic ? vc : premiseEraserProvider.EraseAndSortLet(vc, polarity));
}
VCExpr erasedVC = eraseVC(vc, 1);
VCExpr erasedAxioms = eraseVC(declFreeProverContext.Axioms, -1);
VCExpr typeAxioms = null;
List <VCAxiomInfo> vcAxiomsInfo = null;
if (premiseEraserProvider.ProgramIsPolymorphic)
{
typeAxioms = premiseEraserProvider.AxiomBuilder.GetNewAxiomsAndInfo(out vcAxiomsInfo);
}
ProofGenerationLayer.VCGenerateAllProofs(
erasedVC,
erasedAxioms,
typeAxioms,
vcAxiomsInfo,
checker.TheoremProver.VCExprGen,
checker.TheoremProver.Context.BoogieExprTranslator,
premiseEraserProvider?.AxiomBuilder);
#endregion
/* PROOF GEN: comment out label specific parts
* VCExpr controlFlowFunctionAppl =
* exprGen.ControlFlowFunctionApplication(exprGen.Integer(BigNum.ZERO), exprGen.Integer(BigNum.ZERO));
* VCExpr eqExpr = exprGen.Eq(controlFlowFunctionAppl, exprGen.Integer(BigNum.FromInt(impl.Blocks[0].UniqueId)));
* vc = exprGen.Implies(eqExpr, vc);
*/
reporter = new VCGen.ErrorReporter(gotoCmdOrigins, label2absy, impl.Blocks, parent.debugInfos, callback,
mvInfo, this.Checker.TheoremProver.Context, parent.program);
if (CommandLineOptions.Clo.TraceVerify && no >= 0)
{
Console.WriteLine("-- after split #{0}", no);
Print();
}
string desc = cce.NonNull(impl.Name);
if (no >= 0)
{
desc += "_split" + no;
}
checker.BeginCheck(desc, vc, reporter, timeout, rlimit, impl.RandomSeed);
}
