/// <summary> /// Initializes a new instance of the <see cref="MembershipLemmaManager"/> class. /// Generated instance only has information about global data. /// </summary> public MembershipLemmaManager( IsaGlobalProgramRepr globalProgRepr, int globalsMax, IVariableTranslationFactory factory, string theoryName) { containsLocalInformation = false; this.factory = factory; this.theoryName = theoryName; typeIsaVisitor = new TypeIsaVisitor(factory.CreateTranslation().TypeVarTranslation); basicCmdIsaVisitor = new BasicCmdIsaVisitor(factory); isaProgramRepr = new IsaProgramRepr(globalProgRepr, null, null, null, null, null, null); config = new IsaProgramGeneratorConfig(null, true, true, true, false, SpecsConfig.None, false); consts = QualifyAccessName(isaProgramRepr.GlobalProgramRepr.constantsDeclDef); globals = QualifyAccessName(isaProgramRepr.GlobalProgramRepr.globalsDeclDef); constsAndGlobalsDefs = new[] { consts + "_def", globals + "_def" }; constsAndGlobalsList = IsaCommonTerms.AppendList(IsaCommonTerms.TermIdentFromName(consts), IsaCommonTerms.TermIdentFromName(globals)); AddMinOrMaxLemma(true, globalsMax, VariableNames(constsAndGlobalsList)); AddWellFormednessLemmas(); }
public static IDictionary <NamedDeclaration, Term> DeclToTerm( IEnumerable <NamedDeclaration> decls, IEnumerable <Function> vcTypeDecls, VCTypeDeclTranslation typeDeclTranslation, IsaUniqueNamer namer) { var dict = new Dictionary <NamedDeclaration, Term>(); foreach (var decl in decls) { dict.Add(decl, IsaCommonTerms.TermIdentFromName(namer.GetName(decl, "vc_" + decl.Name))); } foreach (var f in vcTypeDecls) { if (typeDeclTranslation.TryTranslateTypeDecl(f, out var result)) { dict.Add(f, result); } else { throw new ProofGenUnexpectedStateException(typeof(LemmaHelper), "Could not find vc function instantiation"); } } return(dict); }
public VcAxiomLemmaManager( VCInstantiation <VCExpr> vcAxiomInst, BoogieMethodData methodData, IEnumerable <Function> vcFunctions, VcRewriteLemmaGen vcRewriteLemmaGen, IVariableTranslationFactory variableFactory) { this.vcAxiomInst = vcAxiomInst; this.methodData = methodData; this.vcRewriteLemmaGen = vcRewriteLemmaGen; this.variableFactory = variableFactory; basicCmdIsaVisitor = new BasicCmdIsaVisitor(variableFactory); boogieContext = new BoogieContextIsa(IsaCommonTerms.TermIdentFromName("A"), IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName("\\<Lambda>"), IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.TermIdentFromName("\\<Omega>")); var typeDeclTranslation = new ConcreteTypeDeclTranslation(boogieContext); declToVCMapping = LemmaHelper.DeclToTerm( ((IEnumerable <NamedDeclaration>)methodData.Functions).Union(methodData.Constants), vcFunctions, typeDeclTranslation, uniqueNamer); //separate unique namer for function interpretations (since they already have a name in uniqueNamer): possible clashes funToInterpMapping = LemmaHelper.FunToTerm(methodData.Functions, new IsaUniqueNamer()); assmManager = new AssumptionManager(methodData.Functions, methodData.Constants, variableFactory); }
public VcPhaseLemmaManager(VCInstantiation <Block> vcinst, BoogieMethodData methodData, IEnumerable <Function> vcFunctions, IsaBlockInfo isaBlockInfo, IVariableTranslationFactory variableFactory) { this.vcinst = vcinst; this.methodData = methodData; programVariables = methodData.AllVariables(); initState = IsaBoogieTerm.Normal(normalInitState); this.isaBlockInfo = isaBlockInfo; this.variableFactory = variableFactory; boogieContext = new BoogieContextIsa( IsaCommonTerms.TermIdentFromName("A"), IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName("\\<Lambda>"), IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.TermIdentFromName("\\<Omega>") ); var typeDeclTranslation = new ConcreteTypeDeclTranslation(boogieContext); declToVCMapping = LemmaHelper.DeclToTerm( ((IEnumerable <NamedDeclaration>)methodData.Functions).Union(programVariables), vcFunctions, typeDeclTranslation, uniqueNamer); //separate unique namer for function interpretations (since they already have a name in uniqueNamer): possible clashes funToInterpMapping = LemmaHelper.FunToTerm(methodData.Functions, new IsaUniqueNamer()); assmManager = new AssumptionManager(methodData.Functions, programVariables, variableFactory); }
public LemmaDecl GenerateEmptyBlockLemma(Block block, IEnumerable <Block> finalCfgSuccessors, string lemmaName) { //Term cmds = new TermList(cmdIsaVisitor.Translate(block.Cmds)); var blockDefName = isaBlockInfo.CmdsQualifiedName(block); Term blockDefTerm = IsaCommonTerms.TermIdentFromName(blockDefName); var cmdsReduce = IsaBoogieTerm.RedCmdList(boogieContext, blockDefTerm, initState, finalState); var assumptions = new List <Term> { cmdsReduce }; if (finalCfgSuccessors.Any()) { assumptions.Add(LemmaHelper.ConjunctionOfSuccessorBlocks(finalCfgSuccessors, declToVCMapping, vcinst)); } var conclusion = ConclusionBlock(finalCfgSuccessors, normalInitState, finalState, declToVCMapping, vcinst); var proof = new Proof( new List <string> { "using assms", "unfolding " + blockDefName + "_def", "apply cases", "by auto" } ); return(new LemmaDecl(lemmaName, ContextElem.CreateWithAssumptions(assumptions), conclusion, proof)); }
public PassificationLemmaManager( CFGRepr cfg, IDictionary <Block, Block> origToPassiveBlock, IProgramAccessor programAccessor, IProgramAccessor passiveProgramAccessor, Tuple <string, string> varContextNonPassivePassive, StateRelationData oldStateRelationData, PassiveRelationGen relationGen, IVariableTranslationFactory varTranslationFactory, IVariableTranslationFactory passiveTranslationFactory) { this.cfg = cfg; this.origToPassiveBlock = origToPassiveBlock; this.programAccessor = programAccessor; this.passiveProgramAccessor = passiveProgramAccessor; _oldStateRelationData = oldStateRelationData; _relationGen = relationGen; initState = IsaBoogieTerm.Normal(normalInitState); varTranslation = varTranslationFactory.CreateTranslation().VarTranslation; passiveVarTranslation = passiveTranslationFactory.CreateTranslation().VarTranslation; //separate unique namer for function interpretations (since they already have a name in uniqueNamer): possible clashes boogieContext = new BoogieContextIsa( IsaCommonTerms.TermIdentFromName("A"), IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item1), IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.TermIdentFromName("\\<Omega>") ); passiveVarContext = IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item2); }
public Term GetVCObjRef(T block, bool qualified = true) { Contract.Requires(block != null); Contract.Requires(objToDef.ContainsKey(block)); return(IsaCommonTerms.TermIdentFromName(GetVCObjNameRef(block, qualified))); }
public static Term Var(string v) { Term stringConst = new StringConst(v); return(new TermApp(IsaCommonTerms.TermIdentFromName("Var"), new List <Term> { stringConst })); }
public static Term LeftInvLemmaName(int projIdx, int constrArity) { if (projIdx > 4 || constrArity > 5) { throw new ArgumentException("only support type constructors with at most 5 arguments"); } return(IsaCommonTerms.TermIdentFromName("vc_inv_constr_" + constrArity + projIdx)); }
public static Term Program(Term fdecls, Term constantDecls, Term globalDecls, Term axioms, List <Term> mdecls) { Term mdeclsTerm = new TermList(mdecls); return(new TermApp(IsaCommonTerms.TermIdentFromName("Program"), new List <Term> { new TermList(new List <Term>()), fdecls, constantDecls, globalDecls, axioms, mdeclsTerm })); }
public void AddFunctionMembershipLemmas(IEnumerable <Function> functions) { AddNamedDeclsMembershipLemmas(functions, IsaCommonTerms.TermIdentFromName(isaProgramRepr.GlobalProgramRepr.funcsDeclDef), new[] { isaProgramRepr.GlobalProgramRepr.funcsDeclDef + "_def" }, d => new StringConst(d.Name), d => IsaBoogieTerm.FunDecl((Function)d, factory, false), false ); }
public static IDictionary <Function, TermIdent> FunToTerm(IEnumerable <Function> funcs, IsaUniqueNamer namer) { var dict = new Dictionary <Function, TermIdent>(); foreach (var fun in funcs) { dict.Add(fun, IsaCommonTerms.TermIdentFromName(namer.GetName(fun, fun.Name))); } return(dict); }
public VCExprOpIsaVisitor(IsaUniqueNamer functionNamer) { _uniqueNamer = functionNamer; var boogieContext = new BoogieContextIsa( IsaCommonTerms.TermIdentFromName("A"), IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName("\\<Lambda>"), IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.TermIdentFromName("\\<Omega>")); _concreteTypeTranslation = new ConcreteTypeDeclTranslation(boogieContext); }
public static Term AxiomAssumption(BoogieContextIsa boogieContext, IProgramAccessor programAccessor, Term normalState) { return (IsaBoogieTerm.AxiomAssm( boogieContext.absValTyMap, boogieContext.funContext, IsaCommonTerms.TermIdentFromName(programAccessor.ConstsDecl()), normalState, programAccessor.AxiomsDecl() )); }
public static Term VCTypeConstructor(string constrName, int nArgs) { //TODO: do not limit number of arguments if (nArgs > 5) { throw new NotImplementedException("Do not support more than 5 type constructor arguments currently."); } var id = IsaCommonTerms.TermIdentFromName("vc_type_constr" + nArgs); return(new TermApp(id, new StringConst(constrName))); }
private static IList <Tuple <TermIdent, TypeIsa> > GetVarsInVC(IEnumerable <Function> functions, IsaUniqueNamer uniqueNamer) { var pureTyIsaTransformer = new PureTyIsaTransformer(); var result = new List <Tuple <TermIdent, TypeIsa> >(); foreach (var f in functions) { var funType = pureTyIsaTransformer.Translate(f); result.Add(Tuple.Create(IsaCommonTerms.TermIdentFromName(uniqueNamer.GetName(f, f.Name)), funType)); } return(result); }
//must be called in a topological backwards order public Tuple <LemmaDecl, LemmaDecl> GenerateBlockLemma(Block block, string localLemmaName, Func <Block, string> cfgLemmaNameFunc) { var cmdsDefName = programAccessor.BlockInfo().CmdsQualifiedName(block); Term cmds = IsaCommonTerms.TermIdentFromName(cmdsDefName); var passiveBlock = origToPassiveBlock[block]; var passiveCmdsDefName = passiveProgramAccessor.BlockInfo().CmdsQualifiedName(passiveBlock); Term passiveCmds = IsaCommonTerms.TermIdentFromName(passiveCmdsDefName); #region compute variable relation update information var successors = cfg.GetSuccessorBlocks(block); var varRelUpdates = _relationGen.GenerateVariableRelUpdates(block, out _); var constrainedPassiveVars = new List <Term>(); var modifiedVarRelTerm = new List <Term>(); var lookupTyUpdatesLemmas = new List <Tuple <string, string> >(); foreach (var tuple in varRelUpdates) { var origVar = tuple.Item1; if (varTranslation.TryTranslateVariableId(origVar, out var origVarTerm, out _)) { if (tuple.Item2 is IdentifierExpr ie) { var passiveVar = ie.Decl; if (passiveVarTranslation.TryTranslateVariableId(passiveVar, out var passiveVarTerm, out _)) { modifiedVarRelTerm.Add(new TermTuple(origVarTerm, IsaCommonTerms.Inl(passiveVarTerm))); /* don't add variable to newly constrained variables if update is associated with constant propagation * in which case the variable is not newly constrained */ if (!tuple.Item3) { constrainedPassiveVars.Add(passiveVarTerm); } lookupTyUpdatesLemmas.Add( Tuple.Create(programAccessor.LookupVarTyLemma(origVar), passiveProgramAccessor.LookupVarTyLemma(passiveVar)) ); } else { throw new ProofGenUnexpectedStateException(GetType(), "Could not translate variables."); } }
private static Term ConclusionBlock( IEnumerable <Block> b_successors, Term normalInitState, Term finalState, IDictionary <NamedDeclaration, Term> declToVCMapping, VCInstantiation <Block> vcinst, bool useMagicFinalState = false) { if (useMagicFinalState) { return(new TermBinary(finalState, IsaBoogieTerm.Magic(), TermBinary.BinaryOpCode.Eq)); } Term nonFailureConclusion = new TermBinary(finalState, IsaBoogieTerm.Failure(), TermBinary.BinaryOpCode.Neq); var normalFinalState = IsaCommonTerms.TermIdentFromName("n_s'"); Term ifNormalConclusionLhs = new TermBinary(finalState, IsaBoogieTerm.Normal(normalFinalState), TermBinary.BinaryOpCode.Eq); Term ifNormalConclusionRhs1 = new TermBinary(normalFinalState, normalInitState, TermBinary.BinaryOpCode.Eq); var ifNormalConclusionRhs = !b_successors.Any() ? ifNormalConclusionRhs1 : new TermBinary( ifNormalConclusionRhs1, LemmaHelper.ConjunctionOfSuccessorBlocks(b_successors, declToVCMapping, vcinst), TermBinary.BinaryOpCode.And); Term ifNormalConclusion = new TermQuantifier( TermQuantifier.QuantifierKind.ALL, new List <Identifier> { normalFinalState.Id }, new TermBinary( ifNormalConclusionLhs, ifNormalConclusionRhs, TermBinary.BinaryOpCode.Implies) ); return(new TermBinary(nonFailureConclusion, ifNormalConclusion, TermBinary.BinaryOpCode.And)); }
public MembershipLemmaManager( IsaProgramGeneratorConfig config, IsaProgramRepr isaProgramRepr, IsaBlockInfo isaBlockInfo, Tuple <int, int> GlobalsMaxLocalsMin, IVariableTranslationFactory factory, string theoryName ) { parent = config.parentAccessor; this.isaProgramRepr = isaProgramRepr; this.factory = factory; this.theoryName = theoryName; this.config = config; this.isaBlockInfo = isaBlockInfo; typeIsaVisitor = new TypeIsaVisitor(factory.CreateTranslation().TypeVarTranslation); basicCmdIsaVisitor = new BasicCmdIsaVisitor(factory); paramsAndLocalsDefs = new[] { isaProgramRepr.paramsDeclDef + "_def", isaProgramRepr.localVarsDeclDef + "_def" }; parameters = config.generateParamsAndLocals ? QualifyAccessName(isaProgramRepr.paramsDeclDef) : parent.ParamsDecl(); locals = config.generateParamsAndLocals ? QualifyAccessName(isaProgramRepr.localVarsDeclDef) : parent.LocalsDecl(); paramsAndLocalsList = IsaCommonTerms.AppendList(IsaCommonTerms.TermIdentFromName(parameters), IsaCommonTerms.TermIdentFromName(locals)); consts = config.generateGlobalsAndConstants ? QualifyAccessName(isaProgramRepr.GlobalProgramRepr.constantsDeclDef) : parent.ConstsDecl(); globals = config.generateGlobalsAndConstants ? QualifyAccessName(isaProgramRepr.GlobalProgramRepr.globalsDeclDef) : parent.GlobalsDecl(); constsAndGlobalsDefs = new[] { consts + "_def", globals + "_def" }; constsAndGlobalsList = IsaCommonTerms.AppendList(IsaCommonTerms.TermIdentFromName(consts), IsaCommonTerms.TermIdentFromName(globals)); AddDisjointnessLemmas(GlobalsMaxLocalsMin.Item1, GlobalsMaxLocalsMin.Item2); AddWellFormednessLemmas(); }
public static Term Assign(IList <Term> lhsTerms, IList <Term> rhsTerms) { if (lhsTerms.Count != rhsTerms.Count) { throw new ProofGenUnexpectedStateException(typeof(BasicCmdIsaVisitor), "different number of lhs and rhs"); } IList <Term> results = new List <Term>(); lhsTerms.ZipDo(rhsTerms, (lhs, rhs) => results.Add(new TermTuple(new List <Term> { lhs, rhs }))); return(new TermApp(IsaCommonTerms.TermIdentFromName("Assign"), new List <Term> { new TermList(results) })); }
public Term VisitBoogieFunctionOp(VCExprNAry node, List <Term> arg) { if (node.Op is VCExprBoogieFunctionOp funOp) { var name = funOp.Func.Name; if (_tryInstantiatingTypes && _concreteTypeTranslation.TryTranslateTypeDecl(funOp.Func, out var funTermResult)) { return(new TermApp(funTermResult, arg)); } return(new TermApp( IsaCommonTerms.TermIdentFromName(_uniqueNamer.GetName(funOp.Func.Name, funOp.Func.Name)), arg)); } //should never reach this code Contract.Assert(false); return(null); }
public LemmaDecl GenerateBlockLemma(Block block, Block finalCfgBlock, IEnumerable <Block> finalCfgSuccessors, string lemmaName, string vcHintsName) { var cmdsReduce = IsaBoogieTerm.RedCmdList(boogieContext, IsaCommonTerms.TermIdentFromName(isaBlockInfo.CmdsQualifiedName(block)), initState, finalState); var vcAssm = vcinst.GetVCObjInstantiation(finalCfgBlock, declToVCMapping); //do not use separate assumption, leads to issues var conclusion = ConclusionBlock(finalCfgSuccessors, normalInitState, finalState, declToVCMapping, vcinst, LemmaHelper.FinalStateIsMagic(block)); Term statement = TermBinary.MetaImplies(cmdsReduce, TermBinary.MetaImplies(vcAssm, conclusion)); var proof = BlockCorrectProof(block, finalCfgBlock, vcHintsName); return(new LemmaDecl(lemmaName, ContextElem.CreateEmptyContext(), statement, proof)); }
public static IList <Tuple <TermIdent, TypeIsa> > GlobalFixedVariables( BoogieContextIsa boogieContext, IEnumerable <Function> functions, IEnumerable <Variable> variables, TermIdent normalInitState, IDictionary <Function, TermIdent> funToInterpMapping, IsaUniqueNamer uniqueNamer) { var absValType = new VarType("a"); var pureTyIsaTransformer = LemmaHelper.ConretePureTyIsaTransformer(absValType); var result = new List <Tuple <TermIdent, TypeIsa> > { Tuple.Create((TermIdent)boogieContext.absValTyMap, IsaBoogieType.AbstractValueTyFunType(absValType)), Tuple.Create((TermIdent)boogieContext.varContext, IsaBoogieType.VarContextType()), Tuple.Create((TermIdent)boogieContext.funContext, IsaBoogieType.FunInterpType(absValType)), Tuple.Create(normalInitState, IsaBoogieType.NormalStateType(absValType)) }; foreach (var kv in funToInterpMapping) { result.Add(Tuple.Create(kv.Value, IsaBoogieType.BoogieFuncInterpType(absValType))); var boogieFun = kv.Key; //get untyped version, maybe should precompute this somewhere and re-use or get the data from the VC TypeUtil.SplitTypeParams(boogieFun.TypeParameters, boogieFun.InParams.Select(v => v.TypedIdent.Type), out var explicitTypeVars, out _); var typeIsa = pureTyIsaTransformer.Translate(new Function(null, boogieFun.Name, explicitTypeVars, boogieFun.InParams, boogieFun.OutParams[0])); result.Add(Tuple.Create( IsaCommonTerms.TermIdentFromName(uniqueNamer.GetName(boogieFun, boogieFun.Name)), typeIsa)); } foreach (var v in variables) { var typeIsa = pureTyIsaTransformer.Translate(v); result.Add(Tuple.Create(IsaCommonTerms.TermIdentFromName(uniqueNamer.GetName(v, v.Name)), typeIsa)); } return(result); }
public static Term ProcedureIsCorrect(Term funDecls, Term constantDecls, Term globalDecls, Term axioms, Term procedure) { var typeInterpId = new SimpleIdentifier("A"); return (TermQuantifier.MetaAll( new List <Identifier> { typeInterpId }, null, new TermApp( IsaCommonTerms.TermIdentFromName("proc_is_correct"), //TODO: here assuming that we use "'a" for the abstract value type carrier t --> make t a parameter somewhere new TermWithExplicitType(new TermIdent(typeInterpId), IsaBoogieType.AbstractValueTyFunType(new VarType("a"))), funDecls, constantDecls, globalDecls, axioms, procedure))); }
public IEnumerable <OuterDecl> EndToEndProof( string entryCfgLemma, string boogieToVcLemma, Term vcAssm, IProgramAccessor programAccessor, IProgramAccessor passiveProgramAccessor, Tuple <string, string> varContextNonPassivePassive, StateRelationData oldRelationData, CFGRepr cfg, IEnumerable <Variable> liveEntryVars, IVariableTranslation <Variable> varTranslation) { this.entryCfgLemma = entryCfgLemma; this.boogieToVcLemma = boogieToVcLemma; this.vcAssm = vcAssm; this.programAccessor = programAccessor; this.passiveProgramAccessor = passiveProgramAccessor; boogieContext = new BoogieContextIsa( IsaCommonTerms.TermIdentFromName("A"), IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item1), IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.EmptyList ); passiveVarContext = IsaCommonTerms.TermIdentFromName(varContextNonPassivePassive.Item2); this.oldRelationData = oldRelationData; this.cfg = cfg; this.liveEntryVars = liveEntryVars; this.varTranslation = varTranslation; var locale = new LocaleDecl("glue_proof", Context(), GenerateLemma() ); return(new List <OuterDecl> { locale }); }
public static Term Unop(UnaryOperator.Opcode opcode, Term arg) { string uopIsa; switch (opcode) { case UnaryOperator.Opcode.Not: uopIsa = "Not"; break; case UnaryOperator.Opcode.Neg: uopIsa = "UMinus"; break; default: throw new NotImplementedException(); } var list = new List <Term> { IsaCommonTerms.TermIdentFromName(uopIsa), arg }; return(new TermApp(IsaCommonTerms.TermIdentFromName("UnOp"), list)); }
public PassificationEndToEnd() { stateRelList = IsaCommonTerms.TermIdentFromName(stateRelListDefName); stateRel = IsaCommonTerms.TermIdentFromName(stateRelDefName); }
public Term VisitDivOp(VCExprNAry node, List <Term> arg) { Contract.Assert(arg.Count == 2); return(new TermApp(IsaCommonTerms.TermIdentFromName("smt_div"), arg[0], arg[1])); }
public IEnumerable <OuterDecl> EndToEndProof( string entryCfgLemma, string passificationEndToEndLemma, Term vcAssm, IProgramAccessor programAccessor, CFGRepr cfg) { this.programAccessor = programAccessor; boogieContext = new BoogieContextIsa( IsaCommonTerms.TermIdentFromName("A"), IsaCommonTerms.TermIdentFromName("M"), IsaCommonTerms.TermIdentFromName(varContextName), IsaCommonTerms.TermIdentFromName("\\<Gamma>"), IsaCommonTerms.EmptyList ); var abbrev = new AbbreviationDecl( varContextName, new Tuple <IList <Term>, Term>(new List <Term>(), new TermTuple(programAccessor.ConstsAndGlobalsDecl(), programAccessor.ParamsAndLocalsDecl())) ); var result = new List <OuterDecl> { abbrev }; var kStepRed = IsaBoogieTerm.RedCFGKStep( BoogieContextIsa.CreateWithNewVarContext( boogieContext, new TermTuple(programAccessor.ConstsAndGlobalsDecl(), programAccessor.ParamsAndLocalsDecl()) ), programAccessor.CfgDecl(), IsaBoogieTerm.CFGConfigNode(new NatConst(cfg.GetUniqueIntLabel(cfg.entry)), IsaBoogieTerm.Normal(normalInitState)), IsaCommonTerms.TermIdentFromName("j"), IsaBoogieTerm.CFGConfig(finalNodeOrReturn, finalState) ); var proofSb = new StringBuilder(); proofSb.AppendLine("proof -"); proofSb.AppendLine("from " + redAssmName + " obtain j where Aux:" + "\"" + kStepRed + "\""); proofSb.AppendLine("by (meson rtranclp_imp_relpowp)"); proofSb.AppendLine("show ?thesis"); proofSb.AppendLine(ProofUtil.Apply("rule " + entryCfgLemma)); //TODO: don't hardcode this proofSb.AppendLine("unfolding cfg_to_dag_lemmas_def"); proofSb.AppendLine(ProofUtil.Apply("rule " + finterpAssmName)); proofSb.AppendLine("apply (rule Aux)"); proofSb.AppendLine("apply (rule dag_lemma_assms_same)"); proofSb.AppendLine("unfolding state_well_typed_def"); proofSb.AppendLine("apply (intro conjI)"); proofSb.AppendLine("using " + paramsLocalsAssmName + " apply simp"); proofSb.AppendLine("using " + constsGlobalsAssmName + " apply simp"); proofSb.AppendLine("using " + constsGlobalsAssmName + " " + oldGlobalAssmName + " apply simp"); proofSb.AppendLine("using " + binderEmptyAssmName + " apply simp"); proofSb.AppendLine(ProofUtil.Apply("rule " + passificationEndToEndLemma)); //TODO: don't hardcode this proofSb.AppendLine("unfolding glue_proof_def"); proofSb.AppendLine("apply (intro conjI)"); proofSb.AppendLine("apply assumption"); proofSb.AppendLine("using " + vcAssmName + " apply simp"); proofSb.AppendLine("using " + closedAssmName + " apply simp"); proofSb.AppendLine("using " + nonEmptyTypesAssmName + " apply simp"); proofSb.AppendLine(ProofUtil.Apply("rule " + finterpAssmName)); proofSb.AppendLine("using " + axiomAssmName + " apply simp"); proofSb.AppendLine("using " + paramsLocalsAssmName + " apply simp"); proofSb.AppendLine("using " + constsGlobalsAssmName + " apply simp"); proofSb.AppendLine("using " + binderEmptyAssmName + " apply simp"); proofSb.AppendLine("using " + oldGlobalAssmName + " apply simp"); proofSb.AppendLine("using " + preconditionsAssmName + " apply simp"); proofSb.AppendLine("done"); proofSb.AppendLine("qed"); var helperLemmaName = "end_to_end_theorem_aux"; var helperLemma = new LemmaDecl( helperLemmaName, LemmaContext(cfg, vcAssm), CfgToDagLemmaManager.CfgLemmaConclusion(boogieContext, programAccessor.PostconditionsDecl(), finalNodeOrReturn, finalState), new Proof(new List <string> { proofSb.ToString() }) ); result.Add(helperLemma); //transform end to end theorem to a compact representation var endToEndLemma = new LemmaDecl( "end_to_end_theorem", ContextElem.CreateWithAssumptions(new List <Term> { vcAssm }, new List <string> { "VC" }), ProcedureIsCorrect( programAccessor.FunctionsDecl(), IsaCommonTerms.TermIdentFromName(programAccessor.ConstsDecl()), IsaCommonTerms.TermIdentFromName(programAccessor.GlobalsDecl()), programAccessor.AxiomsDecl(), programAccessor.ProcDecl()), new Proof( new List <string> { ProofUtil.Apply(ProofUtil.Rule(ProofUtil.OF("end_to_end_util", helperLemmaName))), "apply assumption " + "using VC apply simp " + " apply assumption+", ProofUtil.By("simp_all add: exprs_to_only_checked_spec_1 exprs_to_only_checked_spec_2 " + programAccessor.ProcDeclName() + "_def " + programAccessor.CfgDeclName() + "_def") } )); result.Add(endToEndLemma); return(result); }
private Term QualifyAccessTerm(string name) { return(IsaCommonTerms.TermIdentFromName(QualifyAccessName(name))); }