/// <summary>
/// Initializes a new instance of the <see cref="MembershipLemmaManager"/> class.
/// Generated instance only has information about global data.
/// </summary>
public MembershipLemmaManager(
IsaGlobalProgramRepr globalProgRepr,
int globalsMax,
IVariableTranslationFactory factory,
string theoryName)
{
containsLocalInformation = false;
this.factory = factory;
this.theoryName = theoryName;
typeIsaVisitor = new TypeIsaVisitor(factory.CreateTranslation().TypeVarTranslation);
basicCmdIsaVisitor = new BasicCmdIsaVisitor(factory);
isaProgramRepr = new IsaProgramRepr(globalProgRepr, null, null, null, null, null, null);
config = new IsaProgramGeneratorConfig(null, true, true, true, false, SpecsConfig.None, false);
consts = QualifyAccessName(isaProgramRepr.GlobalProgramRepr.constantsDeclDef);
globals = QualifyAccessName(isaProgramRepr.GlobalProgramRepr.globalsDeclDef);
constsAndGlobalsDefs =
new[] { consts + "_def", globals + "_def" };
constsAndGlobalsList =
IsaCommonTerms.AppendList(IsaCommonTerms.TermIdentFromName(consts),
IsaCommonTerms.TermIdentFromName(globals));
AddMinOrMaxLemma(true, globalsMax, VariableNames(constsAndGlobalsList));
AddWellFormednessLemmas();
}
public static IDictionary <NamedDeclaration, Term> DeclToTerm(
IEnumerable <NamedDeclaration> decls,
IEnumerable <Function> vcTypeDecls,
VCTypeDeclTranslation typeDeclTranslation,
IsaUniqueNamer namer)
{
var dict = new Dictionary <NamedDeclaration, Term>();
foreach (var decl in decls)
{
dict.Add(decl, IsaCommonTerms.TermIdentFromName(namer.GetName(decl, "vc_" + decl.Name)));
}
foreach (var f in vcTypeDecls)
{
if (typeDeclTranslation.TryTranslateTypeDecl(f, out var result))
{
dict.Add(f, result);
}
else
{
throw new ProofGenUnexpectedStateException(typeof(LemmaHelper),
"Could not find vc function instantiation");
}
}
return(dict);
}
public VcAxiomLemmaManager(
VCInstantiation <VCExpr> vcAxiomInst,
BoogieMethodData methodData,
IEnumerable <Function> vcFunctions,
VcRewriteLemmaGen vcRewriteLemmaGen,
IVariableTranslationFactory variableFactory)
{
this.vcAxiomInst = vcAxiomInst;
this.methodData = methodData;
this.vcRewriteLemmaGen = vcRewriteLemmaGen;
this.variableFactory = variableFactory;
basicCmdIsaVisitor = new BasicCmdIsaVisitor(variableFactory);
boogieContext = new BoogieContextIsa(IsaCommonTerms.TermIdentFromName("A"),
IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName("\\<Lambda>"),
IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.TermIdentFromName("\\<Omega>"));
var typeDeclTranslation = new ConcreteTypeDeclTranslation(boogieContext);
declToVCMapping =
LemmaHelper.DeclToTerm(
((IEnumerable <NamedDeclaration>)methodData.Functions).Union(methodData.Constants), vcFunctions,
typeDeclTranslation, uniqueNamer);
//separate unique namer for function interpretations (since they already have a name in uniqueNamer): possible clashes
funToInterpMapping = LemmaHelper.FunToTerm(methodData.Functions, new IsaUniqueNamer());
assmManager = new AssumptionManager(methodData.Functions, methodData.Constants, variableFactory);
}
public VcPhaseLemmaManager(VCInstantiation <Block> vcinst,
BoogieMethodData methodData,
IEnumerable <Function> vcFunctions,
IsaBlockInfo isaBlockInfo,
IVariableTranslationFactory variableFactory)
{
this.vcinst = vcinst;
this.methodData = methodData;
programVariables = methodData.AllVariables();
initState = IsaBoogieTerm.Normal(normalInitState);
this.isaBlockInfo = isaBlockInfo;
this.variableFactory = variableFactory;
boogieContext = new BoogieContextIsa(
IsaCommonTerms.TermIdentFromName("A"),
IsaCommonTerms.TermIdentFromName("M"),
IsaCommonTerms.TermIdentFromName("\\<Lambda>"),
IsaCommonTerms.TermIdentFromName("\\<Gamma>"),
IsaCommonTerms.TermIdentFromName("\\<Omega>")
);
var typeDeclTranslation = new ConcreteTypeDeclTranslation(boogieContext);
declToVCMapping = LemmaHelper.DeclToTerm(
((IEnumerable <NamedDeclaration>)methodData.Functions).Union(programVariables),
vcFunctions,
typeDeclTranslation,
uniqueNamer);
//separate unique namer for function interpretations (since they already have a name in uniqueNamer): possible clashes
funToInterpMapping = LemmaHelper.FunToTerm(methodData.Functions, new IsaUniqueNamer());
assmManager = new AssumptionManager(methodData.Functions, programVariables, variableFactory);
}
public LemmaDecl GenerateEmptyBlockLemma(Block block, IEnumerable <Block> finalCfgSuccessors, string lemmaName)
{
//Term cmds = new TermList(cmdIsaVisitor.Translate(block.Cmds));
var blockDefName = isaBlockInfo.CmdsQualifiedName(block);
Term blockDefTerm = IsaCommonTerms.TermIdentFromName(blockDefName);
var cmdsReduce = IsaBoogieTerm.RedCmdList(boogieContext, blockDefTerm, initState, finalState);
var assumptions = new List <Term> {
cmdsReduce
};
if (finalCfgSuccessors.Any())
{
assumptions.Add(LemmaHelper.ConjunctionOfSuccessorBlocks(finalCfgSuccessors, declToVCMapping, vcinst));
}
var conclusion = ConclusionBlock(finalCfgSuccessors, normalInitState, finalState, declToVCMapping, vcinst);
var proof = new Proof(
new List <string>
{
"using assms",
"unfolding " + blockDefName + "_def",
"apply cases",
"by auto"
}
);
return(new LemmaDecl(lemmaName, ContextElem.CreateWithAssumptions(assumptions), conclusion, proof));
}
public PassificationLemmaManager(
CFGRepr cfg,
IDictionary <Block, Block> origToPassiveBlock,
IProgramAccessor programAccessor,
IProgramAccessor passiveProgramAccessor,
Tuple <string, string> varContextNonPassivePassive,
StateRelationData oldStateRelationData,
PassiveRelationGen relationGen,
IVariableTranslationFactory varTranslationFactory,
IVariableTranslationFactory passiveTranslationFactory)
{
this.cfg = cfg;
this.origToPassiveBlock = origToPassiveBlock;
this.programAccessor = programAccessor;
this.passiveProgramAccessor = passiveProgramAccessor;
_oldStateRelationData = oldStateRelationData;
_relationGen = relationGen;
initState = IsaBoogieTerm.Normal(normalInitState);
varTranslation = varTranslationFactory.CreateTranslation().VarTranslation;
passiveVarTranslation = passiveTranslationFactory.CreateTranslation().VarTranslation;
//separate unique namer for function interpretations (since they already have a name in uniqueNamer): possible clashes
boogieContext = new BoogieContextIsa(
IsaCommonTerms.TermIdentFromName("A"),
IsaCommonTerms.TermIdentFromName("M"),
IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item1),
IsaCommonTerms.TermIdentFromName("\\<Gamma>"),
IsaCommonTerms.TermIdentFromName("\\<Omega>")
);
passiveVarContext = IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item2);
}
public Term GetVCObjRef(T block, bool qualified = true)
{
Contract.Requires(block != null);
Contract.Requires(objToDef.ContainsKey(block));
return(IsaCommonTerms.TermIdentFromName(GetVCObjNameRef(block, qualified)));
}
public static Term Var(string v)
{
Term stringConst = new StringConst(v);
return(new TermApp(IsaCommonTerms.TermIdentFromName("Var"), new List <Term> {
stringConst
}));
}
public static Term LeftInvLemmaName(int projIdx, int constrArity)
{
if (projIdx > 4 || constrArity > 5)
{
throw new ArgumentException("only support type constructors with at most 5 arguments");
}
return(IsaCommonTerms.TermIdentFromName("vc_inv_constr_" + constrArity + projIdx));
}
public static Term Program(Term fdecls, Term constantDecls, Term globalDecls, Term axioms, List <Term> mdecls)
{
Term mdeclsTerm = new TermList(mdecls);
return(new TermApp(IsaCommonTerms.TermIdentFromName("Program"),
new List <Term>
{
new TermList(new List <Term>()), fdecls, constantDecls, globalDecls, axioms, mdeclsTerm
}));
}
public void AddFunctionMembershipLemmas(IEnumerable <Function> functions)
{
AddNamedDeclsMembershipLemmas(functions,
IsaCommonTerms.TermIdentFromName(isaProgramRepr.GlobalProgramRepr.funcsDeclDef),
new[] { isaProgramRepr.GlobalProgramRepr.funcsDeclDef + "_def" },
d => new StringConst(d.Name),
d => IsaBoogieTerm.FunDecl((Function)d, factory, false),
false
);
}
public static IDictionary <Function, TermIdent> FunToTerm(IEnumerable <Function> funcs, IsaUniqueNamer namer)
{
var dict = new Dictionary <Function, TermIdent>();
foreach (var fun in funcs)
{
dict.Add(fun, IsaCommonTerms.TermIdentFromName(namer.GetName(fun, fun.Name)));
}
return(dict);
}
public VCExprOpIsaVisitor(IsaUniqueNamer functionNamer)
{
_uniqueNamer = functionNamer;
var boogieContext = new BoogieContextIsa(
IsaCommonTerms.TermIdentFromName("A"),
IsaCommonTerms.TermIdentFromName("M"),
IsaCommonTerms.TermIdentFromName("\\<Lambda>"),
IsaCommonTerms.TermIdentFromName("\\<Gamma>"),
IsaCommonTerms.TermIdentFromName("\\<Omega>"));
_concreteTypeTranslation = new ConcreteTypeDeclTranslation(boogieContext);
}
public static Term AxiomAssumption(BoogieContextIsa boogieContext, IProgramAccessor programAccessor,
Term normalState)
{
return
(IsaBoogieTerm.AxiomAssm(
boogieContext.absValTyMap,
boogieContext.funContext,
IsaCommonTerms.TermIdentFromName(programAccessor.ConstsDecl()),
normalState,
programAccessor.AxiomsDecl()
));
}
public static Term VCTypeConstructor(string constrName, int nArgs)
{
//TODO: do not limit number of arguments
if (nArgs > 5)
{
throw new NotImplementedException("Do not support more than 5 type constructor arguments currently.");
}
var id = IsaCommonTerms.TermIdentFromName("vc_type_constr" + nArgs);
return(new TermApp(id, new StringConst(constrName)));
}
private static IList <Tuple <TermIdent, TypeIsa> > GetVarsInVC(IEnumerable <Function> functions,
IsaUniqueNamer uniqueNamer)
{
var pureTyIsaTransformer = new PureTyIsaTransformer();
var result = new List <Tuple <TermIdent, TypeIsa> >();
foreach (var f in functions)
{
var funType = pureTyIsaTransformer.Translate(f);
result.Add(Tuple.Create(IsaCommonTerms.TermIdentFromName(uniqueNamer.GetName(f, f.Name)), funType));
}
return(result);
}
//must be called in a topological backwards order
public Tuple <LemmaDecl, LemmaDecl> GenerateBlockLemma(Block block, string localLemmaName,
Func <Block, string> cfgLemmaNameFunc)
{
var cmdsDefName = programAccessor.BlockInfo().CmdsQualifiedName(block);
Term cmds = IsaCommonTerms.TermIdentFromName(cmdsDefName);
var passiveBlock = origToPassiveBlock[block];
var passiveCmdsDefName = passiveProgramAccessor.BlockInfo().CmdsQualifiedName(passiveBlock);
Term passiveCmds = IsaCommonTerms.TermIdentFromName(passiveCmdsDefName);
#region compute variable relation update information
var successors = cfg.GetSuccessorBlocks(block);
var varRelUpdates = _relationGen.GenerateVariableRelUpdates(block, out _);
var constrainedPassiveVars = new List <Term>();
var modifiedVarRelTerm = new List <Term>();
var lookupTyUpdatesLemmas = new List <Tuple <string, string> >();
foreach (var tuple in varRelUpdates)
{
var origVar = tuple.Item1;
if (varTranslation.TryTranslateVariableId(origVar, out var origVarTerm, out _))
{
if (tuple.Item2 is IdentifierExpr ie)
{
var passiveVar = ie.Decl;
if (passiveVarTranslation.TryTranslateVariableId(passiveVar, out var passiveVarTerm, out _))
{
modifiedVarRelTerm.Add(new TermTuple(origVarTerm, IsaCommonTerms.Inl(passiveVarTerm)));
/* don't add variable to newly constrained variables if update is associated with constant propagation
* in which case the variable is not newly constrained */
if (!tuple.Item3)
{
constrainedPassiveVars.Add(passiveVarTerm);
}
lookupTyUpdatesLemmas.Add(
Tuple.Create(programAccessor.LookupVarTyLemma(origVar),
passiveProgramAccessor.LookupVarTyLemma(passiveVar))
);
}
else
{
throw new ProofGenUnexpectedStateException(GetType(), "Could not translate variables.");
}
}
private static Term ConclusionBlock(
IEnumerable <Block> b_successors,
Term normalInitState,
Term finalState,
IDictionary <NamedDeclaration, Term> declToVCMapping,
VCInstantiation <Block> vcinst,
bool useMagicFinalState = false)
{
if (useMagicFinalState)
{
return(new TermBinary(finalState, IsaBoogieTerm.Magic(), TermBinary.BinaryOpCode.Eq));
}
Term nonFailureConclusion =
new TermBinary(finalState, IsaBoogieTerm.Failure(), TermBinary.BinaryOpCode.Neq);
var normalFinalState = IsaCommonTerms.TermIdentFromName("n_s'");
Term ifNormalConclusionLhs = new TermBinary(finalState, IsaBoogieTerm.Normal(normalFinalState),
TermBinary.BinaryOpCode.Eq);
Term ifNormalConclusionRhs1 = new TermBinary(normalFinalState, normalInitState, TermBinary.BinaryOpCode.Eq);
var ifNormalConclusionRhs =
!b_successors.Any()
? ifNormalConclusionRhs1
: new TermBinary(
ifNormalConclusionRhs1,
LemmaHelper.ConjunctionOfSuccessorBlocks(b_successors, declToVCMapping, vcinst),
TermBinary.BinaryOpCode.And);
Term ifNormalConclusion =
new TermQuantifier(
TermQuantifier.QuantifierKind.ALL,
new List <Identifier> {
normalFinalState.Id
},
new TermBinary(
ifNormalConclusionLhs,
ifNormalConclusionRhs,
TermBinary.BinaryOpCode.Implies)
);
return(new TermBinary(nonFailureConclusion, ifNormalConclusion, TermBinary.BinaryOpCode.And));
}
public MembershipLemmaManager(
IsaProgramGeneratorConfig config,
IsaProgramRepr isaProgramRepr,
IsaBlockInfo isaBlockInfo,
Tuple <int, int> GlobalsMaxLocalsMin,
IVariableTranslationFactory factory,
string theoryName
)
{
parent = config.parentAccessor;
this.isaProgramRepr = isaProgramRepr;
this.factory = factory;
this.theoryName = theoryName;
this.config = config;
this.isaBlockInfo = isaBlockInfo;
typeIsaVisitor = new TypeIsaVisitor(factory.CreateTranslation().TypeVarTranslation);
basicCmdIsaVisitor = new BasicCmdIsaVisitor(factory);
paramsAndLocalsDefs =
new[] { isaProgramRepr.paramsDeclDef + "_def", isaProgramRepr.localVarsDeclDef + "_def" };
parameters = config.generateParamsAndLocals
? QualifyAccessName(isaProgramRepr.paramsDeclDef)
: parent.ParamsDecl();
locals = config.generateParamsAndLocals
? QualifyAccessName(isaProgramRepr.localVarsDeclDef)
: parent.LocalsDecl();
paramsAndLocalsList =
IsaCommonTerms.AppendList(IsaCommonTerms.TermIdentFromName(parameters),
IsaCommonTerms.TermIdentFromName(locals));
consts = config.generateGlobalsAndConstants
? QualifyAccessName(isaProgramRepr.GlobalProgramRepr.constantsDeclDef)
: parent.ConstsDecl();
globals = config.generateGlobalsAndConstants
? QualifyAccessName(isaProgramRepr.GlobalProgramRepr.globalsDeclDef)
: parent.GlobalsDecl();
constsAndGlobalsDefs =
new[] { consts + "_def", globals + "_def" };
constsAndGlobalsList =
IsaCommonTerms.AppendList(IsaCommonTerms.TermIdentFromName(consts),
IsaCommonTerms.TermIdentFromName(globals));
AddDisjointnessLemmas(GlobalsMaxLocalsMin.Item1, GlobalsMaxLocalsMin.Item2);
AddWellFormednessLemmas();
}
public static Term Assign(IList <Term> lhsTerms, IList <Term> rhsTerms)
{
if (lhsTerms.Count != rhsTerms.Count)
{
throw new ProofGenUnexpectedStateException(typeof(BasicCmdIsaVisitor),
"different number of lhs and rhs");
}
IList <Term> results = new List <Term>();
lhsTerms.ZipDo(rhsTerms, (lhs, rhs) => results.Add(new TermTuple(new List <Term> {
lhs, rhs
})));
return(new TermApp(IsaCommonTerms.TermIdentFromName("Assign"), new List <Term> {
new TermList(results)
}));
}
public Term VisitBoogieFunctionOp(VCExprNAry node, List <Term> arg)
{
if (node.Op is VCExprBoogieFunctionOp funOp)
{
var name = funOp.Func.Name;
if (_tryInstantiatingTypes &&
_concreteTypeTranslation.TryTranslateTypeDecl(funOp.Func, out var funTermResult))
{
return(new TermApp(funTermResult, arg));
}
return(new TermApp(
IsaCommonTerms.TermIdentFromName(_uniqueNamer.GetName(funOp.Func.Name, funOp.Func.Name)), arg));
}
//should never reach this code
Contract.Assert(false);
return(null);
}
public LemmaDecl GenerateBlockLemma(Block block, Block finalCfgBlock, IEnumerable <Block> finalCfgSuccessors,
string lemmaName, string vcHintsName)
{
var cmdsReduce = IsaBoogieTerm.RedCmdList(boogieContext,
IsaCommonTerms.TermIdentFromName(isaBlockInfo.CmdsQualifiedName(block)),
initState, finalState);
var vcAssm = vcinst.GetVCObjInstantiation(finalCfgBlock, declToVCMapping);
//do not use separate assumption, leads to issues
var conclusion = ConclusionBlock(finalCfgSuccessors, normalInitState, finalState, declToVCMapping, vcinst,
LemmaHelper.FinalStateIsMagic(block));
Term statement = TermBinary.MetaImplies(cmdsReduce, TermBinary.MetaImplies(vcAssm, conclusion));
var proof = BlockCorrectProof(block, finalCfgBlock, vcHintsName);
return(new LemmaDecl(lemmaName, ContextElem.CreateEmptyContext(), statement, proof));
}
public static IList <Tuple <TermIdent, TypeIsa> > GlobalFixedVariables(
BoogieContextIsa boogieContext,
IEnumerable <Function> functions,
IEnumerable <Variable> variables,
TermIdent normalInitState,
IDictionary <Function, TermIdent> funToInterpMapping,
IsaUniqueNamer uniqueNamer)
{
var absValType = new VarType("a");
var pureTyIsaTransformer = LemmaHelper.ConretePureTyIsaTransformer(absValType);
var result = new List <Tuple <TermIdent, TypeIsa> >
{
Tuple.Create((TermIdent)boogieContext.absValTyMap, IsaBoogieType.AbstractValueTyFunType(absValType)),
Tuple.Create((TermIdent)boogieContext.varContext, IsaBoogieType.VarContextType()),
Tuple.Create((TermIdent)boogieContext.funContext, IsaBoogieType.FunInterpType(absValType)),
Tuple.Create(normalInitState, IsaBoogieType.NormalStateType(absValType))
};
foreach (var kv in funToInterpMapping)
{
result.Add(Tuple.Create(kv.Value, IsaBoogieType.BoogieFuncInterpType(absValType)));
var boogieFun = kv.Key;
//get untyped version, maybe should precompute this somewhere and re-use or get the data from the VC
TypeUtil.SplitTypeParams(boogieFun.TypeParameters, boogieFun.InParams.Select(v => v.TypedIdent.Type),
out var explicitTypeVars, out _);
var typeIsa = pureTyIsaTransformer.Translate(new Function(null, boogieFun.Name,
explicitTypeVars, boogieFun.InParams, boogieFun.OutParams[0]));
result.Add(Tuple.Create(
IsaCommonTerms.TermIdentFromName(uniqueNamer.GetName(boogieFun, boogieFun.Name)), typeIsa));
}
foreach (var v in variables)
{
var typeIsa = pureTyIsaTransformer.Translate(v);
result.Add(Tuple.Create(IsaCommonTerms.TermIdentFromName(uniqueNamer.GetName(v, v.Name)), typeIsa));
}
return(result);
}
public static Term ProcedureIsCorrect(Term funDecls, Term constantDecls, Term globalDecls, Term axioms,
Term procedure)
{
var typeInterpId = new SimpleIdentifier("A");
return
(TermQuantifier.MetaAll(
new List <Identifier> {
typeInterpId
},
null,
new TermApp(
IsaCommonTerms.TermIdentFromName("proc_is_correct"),
//TODO: here assuming that we use "'a" for the abstract value type carrier t --> make t a parameter somewhere
new TermWithExplicitType(new TermIdent(typeInterpId), IsaBoogieType.AbstractValueTyFunType(new VarType("a"))),
funDecls,
constantDecls,
globalDecls,
axioms,
procedure)));
}
public IEnumerable <OuterDecl> EndToEndProof(
string entryCfgLemma,
string boogieToVcLemma,
Term vcAssm,
IProgramAccessor programAccessor,
IProgramAccessor passiveProgramAccessor,
Tuple <string, string> varContextNonPassivePassive,
StateRelationData oldRelationData,
CFGRepr cfg,
IEnumerable <Variable> liveEntryVars,
IVariableTranslation <Variable> varTranslation)
{
this.entryCfgLemma = entryCfgLemma;
this.boogieToVcLemma = boogieToVcLemma;
this.vcAssm = vcAssm;
this.programAccessor = programAccessor;
this.passiveProgramAccessor = passiveProgramAccessor;
boogieContext = new BoogieContextIsa(
IsaCommonTerms.TermIdentFromName("A"),
IsaCommonTerms.TermIdentFromName("M"),
IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item1),
IsaCommonTerms.TermIdentFromName("\\<Gamma>"),
IsaCommonTerms.EmptyList
);
passiveVarContext = IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item2);
this.oldRelationData = oldRelationData;
this.cfg = cfg;
this.liveEntryVars = liveEntryVars;
this.varTranslation = varTranslation;
var locale = new LocaleDecl("glue_proof",
Context(),
GenerateLemma()
);
return(new List <OuterDecl>
{
locale
});
}
public static Term Unop(UnaryOperator.Opcode opcode, Term arg)
{
string uopIsa;
switch (opcode)
{
case UnaryOperator.Opcode.Not:
uopIsa = "Not";
break;
case UnaryOperator.Opcode.Neg:
uopIsa = "UMinus";
break;
default:
throw new NotImplementedException();
}
var list = new List <Term> {
IsaCommonTerms.TermIdentFromName(uopIsa), arg
};
return(new TermApp(IsaCommonTerms.TermIdentFromName("UnOp"), list));
}
public PassificationEndToEnd()
{
stateRelList = IsaCommonTerms.TermIdentFromName(stateRelListDefName);
stateRel = IsaCommonTerms.TermIdentFromName(stateRelDefName);
}
public Term VisitDivOp(VCExprNAry node, List <Term> arg)
{
Contract.Assert(arg.Count == 2);
return(new TermApp(IsaCommonTerms.TermIdentFromName("smt_div"), arg[0], arg[1]));
}
public IEnumerable <OuterDecl> EndToEndProof(
string entryCfgLemma,
string passificationEndToEndLemma,
Term vcAssm,
IProgramAccessor programAccessor,
CFGRepr cfg)
{
this.programAccessor = programAccessor;
boogieContext = new BoogieContextIsa(
IsaCommonTerms.TermIdentFromName("A"),
IsaCommonTerms.TermIdentFromName("M"),
IsaCommonTerms.TermIdentFromName(varContextName),
IsaCommonTerms.TermIdentFromName("\\<Gamma>"),
IsaCommonTerms.EmptyList
);
var abbrev = new AbbreviationDecl(
varContextName,
new Tuple <IList <Term>, Term>(new List <Term>(),
new TermTuple(programAccessor.ConstsAndGlobalsDecl(), programAccessor.ParamsAndLocalsDecl()))
);
var result = new List <OuterDecl> {
abbrev
};
var kStepRed = IsaBoogieTerm.RedCFGKStep(
BoogieContextIsa.CreateWithNewVarContext(
boogieContext,
new TermTuple(programAccessor.ConstsAndGlobalsDecl(), programAccessor.ParamsAndLocalsDecl())
),
programAccessor.CfgDecl(),
IsaBoogieTerm.CFGConfigNode(new NatConst(cfg.GetUniqueIntLabel(cfg.entry)),
IsaBoogieTerm.Normal(normalInitState)),
IsaCommonTerms.TermIdentFromName("j"),
IsaBoogieTerm.CFGConfig(finalNodeOrReturn, finalState)
);
var proofSb = new StringBuilder();
proofSb.AppendLine("proof -");
proofSb.AppendLine("from " + redAssmName + " obtain j where Aux:" + "\"" + kStepRed + "\"");
proofSb.AppendLine("by (meson rtranclp_imp_relpowp)");
proofSb.AppendLine("show ?thesis");
proofSb.AppendLine(ProofUtil.Apply("rule " + entryCfgLemma));
//TODO: don't hardcode this
proofSb.AppendLine("unfolding cfg_to_dag_lemmas_def");
proofSb.AppendLine(ProofUtil.Apply("rule " + finterpAssmName));
proofSb.AppendLine("apply (rule Aux)");
proofSb.AppendLine("apply (rule dag_lemma_assms_same)");
proofSb.AppendLine("unfolding state_well_typed_def");
proofSb.AppendLine("apply (intro conjI)");
proofSb.AppendLine("using " + paramsLocalsAssmName + " apply simp");
proofSb.AppendLine("using " + constsGlobalsAssmName + " apply simp");
proofSb.AppendLine("using " + constsGlobalsAssmName + " " + oldGlobalAssmName + " apply simp");
proofSb.AppendLine("using " + binderEmptyAssmName + " apply simp");
proofSb.AppendLine(ProofUtil.Apply("rule " + passificationEndToEndLemma));
//TODO: don't hardcode this
proofSb.AppendLine("unfolding glue_proof_def");
proofSb.AppendLine("apply (intro conjI)");
proofSb.AppendLine("apply assumption");
proofSb.AppendLine("using " + vcAssmName + " apply simp");
proofSb.AppendLine("using " + closedAssmName + " apply simp");
proofSb.AppendLine("using " + nonEmptyTypesAssmName + " apply simp");
proofSb.AppendLine(ProofUtil.Apply("rule " + finterpAssmName));
proofSb.AppendLine("using " + axiomAssmName + " apply simp");
proofSb.AppendLine("using " + paramsLocalsAssmName + " apply simp");
proofSb.AppendLine("using " + constsGlobalsAssmName + " apply simp");
proofSb.AppendLine("using " + binderEmptyAssmName + " apply simp");
proofSb.AppendLine("using " + oldGlobalAssmName + " apply simp");
proofSb.AppendLine("using " + preconditionsAssmName + " apply simp");
proofSb.AppendLine("done");
proofSb.AppendLine("qed");
var helperLemmaName = "end_to_end_theorem_aux";
var helperLemma =
new LemmaDecl(
helperLemmaName,
LemmaContext(cfg, vcAssm),
CfgToDagLemmaManager.CfgLemmaConclusion(boogieContext, programAccessor.PostconditionsDecl(),
finalNodeOrReturn, finalState),
new Proof(new List <string> {
proofSb.ToString()
})
);
result.Add(helperLemma);
//transform end to end theorem to a compact representation
var endToEndLemma =
new LemmaDecl(
"end_to_end_theorem",
ContextElem.CreateWithAssumptions(new List <Term> {
vcAssm
}, new List <string> {
"VC"
}),
ProcedureIsCorrect(
programAccessor.FunctionsDecl(),
IsaCommonTerms.TermIdentFromName(programAccessor.ConstsDecl()),
IsaCommonTerms.TermIdentFromName(programAccessor.GlobalsDecl()),
programAccessor.AxiomsDecl(),
programAccessor.ProcDecl()),
new Proof(
new List <string>
{
ProofUtil.Apply(ProofUtil.Rule(ProofUtil.OF("end_to_end_util", helperLemmaName))),
"apply assumption " + "using VC apply simp " + " apply assumption+",
ProofUtil.By("simp_all add: exprs_to_only_checked_spec_1 exprs_to_only_checked_spec_2 " +
programAccessor.ProcDeclName() + "_def " + programAccessor.CfgDeclName() + "_def")
}
));
result.Add(endToEndLemma);
return(result);
}
private Term QualifyAccessTerm(string name)
{
return(IsaCommonTerms.TermIdentFromName(QualifyAccessName(name)));
}
