///////////////////////////////////////////////////////////////////////////
// Versions of the propositional operators that automatically simplify in
// certain cases (for example, if one of the operators is True or False)
public VCExpr NotSimp(VCExpr e0)
{
Contract.Requires(e0 != null);
Contract.Ensures(Contract.Result <VCExpr>() != null);
if (e0.Equals(True))
{
return(False);
}
if (e0.Equals(False))
{
return(True);
}
return(Not(e0));
}
public VCExpr OrSimp(VCExpr e0, VCExpr e1)
{
Contract.Requires(e1 != null);
Contract.Requires(e0 != null);
Contract.Ensures(Contract.Result <VCExpr>() != null);
if (e0.Equals(False))
{
return(e1);
}
if (e1.Equals(False))
{
return(e0);
}
if (e0.Equals(True) || e1.Equals(True))
{
return(True);
}
return(Or(e0, e1));
}
////////////////////////////////////////////////////////////////////////////
private void AddAxiom(VCExpr axiom)
{
Contract.Requires(axiom != null);
if (axiom.Equals(VCExpressionGenerator.True))
{
return;
}
AllAxioms.Add(axiom);
IncAxioms.Add(axiom);
}
/// <summary>
/// check whether assumeCmd is special with respect to VC and if so, store hint in out parameter, otherwise
/// store null in <paramref name="hint" />
/// </summary>
/// <returns>true, if is a special case <paramref name="hint" />, false otherwise</returns>
private bool IsSpecialAssumeStmt(AssumeCmd assumeCmd, VCExpr exprVC, VCExpr postVC, out VCHint hint)
{
if (exprVC.Equals(VCExpressionGenerator.False))
{
hint = new AssumeSimpleHint(AssumeSimpleHint.AssumeSimpleType.ASSUME_FALSE);
return(true);
}
if (postVC.Equals(VCExpressionGenerator.False))
{
hint = new AssumeSimpleHint(AssumeSimpleHint.AssumeSimpleType.ASSUME_NOT);
return(true);
}
if (exprVC.Equals(VCExpressionGenerator.True) || postVC.Equals(VCExpressionGenerator.True))
{
hint = new AssumeSimpleHint(AssumeSimpleHint.AssumeSimpleType.ASSUME_TRUE);
return(true);
}
hint = null;
return(false);
}
public VCExpr ImpliesSimp(VCExpr e0, VCExpr e1, bool aggressive = true)
{
Contract.Requires(e1 != null);
Contract.Requires(e0 != null);
Contract.Ensures(Contract.Result <VCExpr>() != null);
if (e0.Equals(True))
{
return(e1);
}
if (e1.Equals(False))
{
return(NotSimp(e0));
}
if (e0.Equals(False) || e1.Equals(True))
{
return(True);
}
// attempt to save on the depth of expressions (to reduce chances of stack overflows)
while (aggressive && e1 is VCExprBinary)
{
VCExprBinary n = (VCExprBinary)e1;
if (n.Op == ImpliesOp)
{
if (AndSize(n[0]) <= AndSize(e0))
{
// combine the antecedents
e0 = And(e0, n[0]);
e1 = n[1];
continue;
}
}
break;
}
return(Implies(e0, e1));
}
/// <summary>
/// If no lemma is required for the proof, then <paramref name="decl" /> is null.
/// </summary>
private VCHint AssertStmtHint(
AssertCmd cmd,
VCExpr exprVC,
VCExpr postVC,
CommandLineOptions.SubsumptionOption subsumption,
out List <LemmaDecl> requiredDecls)
{
requiredDecls = null;
if (exprVC.Equals(VCExpressionGenerator.False) || postVC.Equals(VCExpressionGenerator.False))
{
return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.ASSERT_FALSE));
}
if (exprVC.Equals(VCExpressionGenerator.True))
{
return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.ASSERT_TRUE));
}
if (postVC.Equals(VCExpressionGenerator.True))
{
_vcRewriteLemmaGen.RequiredVcRewrite(cmd.Expr, false, out requiredDecls);
return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.NO_CONJ, new VCExprHint(requiredDecls)));
}
_vcRewriteLemmaGen.RequiredVcRewrite(cmd.Expr, false, out requiredDecls);
if (
subsumption == CommandLineOptions.SubsumptionOption.Always ||
subsumption == CommandLineOptions.SubsumptionOption.NotForQuantifiers && !(exprVC is VCExprQuantifier)
)
{
return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.SUBSUMPTION,
new VCExprHint(requiredDecls)));
}
return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.CONJ, new VCExprHint(requiredDecls)));
}
private static IEnumerable <VCExpr> DeconstructAxioms(IEnumerable <Axiom> axioms, VCExpr vcAxioms)
{
var numAxioms = axioms.Count();
/* Simplifying assumption: vcAxioms of the form (((Ax1 /\ Ax2) /\ Ax3) /\ Ax4) /\ ...
* This is not true in general due to simplifications made by Boogie such as True /\ True -> True
* Also, I don't know yet how type axioms are handled. */
var result = new List <VCExpr>();
if (numAxioms > 1)
{
var vcAxiomsTemp = vcAxioms;
while (vcAxiomsTemp is VCExprNAry vcNAry && vcNAry.Op == VCExpressionGenerator.AndOp &&
vcNAry.Length == 2)
{
result.Add(vcNAry[1]);
vcAxiomsTemp = vcNAry[0];
}
result.Add(vcAxiomsTemp);
if (result.Count != numAxioms)
{
throw new ProofGenUnexpectedStateException(typeof(ProofGenerationLayer),
"Not supported: vcAxioms not in -sync with Boogie axioms(could be due to optimizations / type axioms)");
}
result.Reverse();
return(result);
}
if (numAxioms == 1 || numAxioms == 0 && vcAxioms.Equals(VCExpressionGenerator.True))
{
return new List <VCExpr> {
vcAxioms
}
}
;
throw new ProofGenUnexpectedStateException(typeof(ProofGenUnexpectedStateException),
"Not supported: vcAxioms not in-sync with Boogie axioms (could be due to optimizations/type axioms)");
}
// these optimisations should maybe be moved into a separate
// visitor (peep-hole optimisations)
private bool IsTriviallyTrue(VCExpr expr)
{
Contract.Requires(expr != null);
if (expr.Equals(VCExpressionGenerator.True))
return true;
if (expr is VCExprNAry) {
VCExprNAry/*!*/ naryExpr = (VCExprNAry)expr;
Contract.Assert(naryExpr != null);
if (naryExpr.Op.Equals(VCExpressionGenerator.EqOp) &&
naryExpr[0].Equals(naryExpr[1]))
return true;
}
return false;
}
////////////////////////////////////////////////////////////////////////////
private void AddAxiom(VCExpr axiom) {
Contract.Requires(axiom != null);
if (axiom.Equals(VCExpressionGenerator.True))
return;
AllAxioms.Add(axiom);
IncAxioms.Add(axiom);
}
