/////////////////////////////////////////////////////////////////////////// // Versions of the propositional operators that automatically simplify in // certain cases (for example, if one of the operators is True or False) public VCExpr NotSimp(VCExpr e0) { Contract.Requires(e0 != null); Contract.Ensures(Contract.Result <VCExpr>() != null); if (e0.Equals(True)) { return(False); } if (e0.Equals(False)) { return(True); } return(Not(e0)); }
public VCExpr OrSimp(VCExpr e0, VCExpr e1) { Contract.Requires(e1 != null); Contract.Requires(e0 != null); Contract.Ensures(Contract.Result <VCExpr>() != null); if (e0.Equals(False)) { return(e1); } if (e1.Equals(False)) { return(e0); } if (e0.Equals(True) || e1.Equals(True)) { return(True); } return(Or(e0, e1)); }
//////////////////////////////////////////////////////////////////////////// private void AddAxiom(VCExpr axiom) { Contract.Requires(axiom != null); if (axiom.Equals(VCExpressionGenerator.True)) { return; } AllAxioms.Add(axiom); IncAxioms.Add(axiom); }
/// <summary> /// check whether assumeCmd is special with respect to VC and if so, store hint in out parameter, otherwise /// store null in <paramref name="hint" /> /// </summary> /// <returns>true, if is a special case <paramref name="hint" />, false otherwise</returns> private bool IsSpecialAssumeStmt(AssumeCmd assumeCmd, VCExpr exprVC, VCExpr postVC, out VCHint hint) { if (exprVC.Equals(VCExpressionGenerator.False)) { hint = new AssumeSimpleHint(AssumeSimpleHint.AssumeSimpleType.ASSUME_FALSE); return(true); } if (postVC.Equals(VCExpressionGenerator.False)) { hint = new AssumeSimpleHint(AssumeSimpleHint.AssumeSimpleType.ASSUME_NOT); return(true); } if (exprVC.Equals(VCExpressionGenerator.True) || postVC.Equals(VCExpressionGenerator.True)) { hint = new AssumeSimpleHint(AssumeSimpleHint.AssumeSimpleType.ASSUME_TRUE); return(true); } hint = null; return(false); }
public VCExpr ImpliesSimp(VCExpr e0, VCExpr e1, bool aggressive = true) { Contract.Requires(e1 != null); Contract.Requires(e0 != null); Contract.Ensures(Contract.Result <VCExpr>() != null); if (e0.Equals(True)) { return(e1); } if (e1.Equals(False)) { return(NotSimp(e0)); } if (e0.Equals(False) || e1.Equals(True)) { return(True); } // attempt to save on the depth of expressions (to reduce chances of stack overflows) while (aggressive && e1 is VCExprBinary) { VCExprBinary n = (VCExprBinary)e1; if (n.Op == ImpliesOp) { if (AndSize(n[0]) <= AndSize(e0)) { // combine the antecedents e0 = And(e0, n[0]); e1 = n[1]; continue; } } break; } return(Implies(e0, e1)); }
/// <summary> /// If no lemma is required for the proof, then <paramref name="decl" /> is null. /// </summary> private VCHint AssertStmtHint( AssertCmd cmd, VCExpr exprVC, VCExpr postVC, CommandLineOptions.SubsumptionOption subsumption, out List <LemmaDecl> requiredDecls) { requiredDecls = null; if (exprVC.Equals(VCExpressionGenerator.False) || postVC.Equals(VCExpressionGenerator.False)) { return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.ASSERT_FALSE)); } if (exprVC.Equals(VCExpressionGenerator.True)) { return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.ASSERT_TRUE)); } if (postVC.Equals(VCExpressionGenerator.True)) { _vcRewriteLemmaGen.RequiredVcRewrite(cmd.Expr, false, out requiredDecls); return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.NO_CONJ, new VCExprHint(requiredDecls))); } _vcRewriteLemmaGen.RequiredVcRewrite(cmd.Expr, false, out requiredDecls); if ( subsumption == CommandLineOptions.SubsumptionOption.Always || subsumption == CommandLineOptions.SubsumptionOption.NotForQuantifiers && !(exprVC is VCExprQuantifier) ) { return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.SUBSUMPTION, new VCExprHint(requiredDecls))); } return(new AssertSimpleHint(AssertSimpleHint.AssertSimpleType.CONJ, new VCExprHint(requiredDecls))); }
private static IEnumerable <VCExpr> DeconstructAxioms(IEnumerable <Axiom> axioms, VCExpr vcAxioms) { var numAxioms = axioms.Count(); /* Simplifying assumption: vcAxioms of the form (((Ax1 /\ Ax2) /\ Ax3) /\ Ax4) /\ ... * This is not true in general due to simplifications made by Boogie such as True /\ True -> True * Also, I don't know yet how type axioms are handled. */ var result = new List <VCExpr>(); if (numAxioms > 1) { var vcAxiomsTemp = vcAxioms; while (vcAxiomsTemp is VCExprNAry vcNAry && vcNAry.Op == VCExpressionGenerator.AndOp && vcNAry.Length == 2) { result.Add(vcNAry[1]); vcAxiomsTemp = vcNAry[0]; } result.Add(vcAxiomsTemp); if (result.Count != numAxioms) { throw new ProofGenUnexpectedStateException(typeof(ProofGenerationLayer), "Not supported: vcAxioms not in -sync with Boogie axioms(could be due to optimizations / type axioms)"); } result.Reverse(); return(result); } if (numAxioms == 1 || numAxioms == 0 && vcAxioms.Equals(VCExpressionGenerator.True)) { return new List <VCExpr> { vcAxioms } } ; throw new ProofGenUnexpectedStateException(typeof(ProofGenUnexpectedStateException), "Not supported: vcAxioms not in-sync with Boogie axioms (could be due to optimizations/type axioms)"); }
// these optimisations should maybe be moved into a separate // visitor (peep-hole optimisations) private bool IsTriviallyTrue(VCExpr expr) { Contract.Requires(expr != null); if (expr.Equals(VCExpressionGenerator.True)) return true; if (expr is VCExprNAry) { VCExprNAry/*!*/ naryExpr = (VCExprNAry)expr; Contract.Assert(naryExpr != null); if (naryExpr.Op.Equals(VCExpressionGenerator.EqOp) && naryExpr[0].Equals(naryExpr[1])) return true; } return false; }
//////////////////////////////////////////////////////////////////////////// private void AddAxiom(VCExpr axiom) { Contract.Requires(axiom != null); if (axiom.Equals(VCExpressionGenerator.True)) return; AllAxioms.Add(axiom); IncAxioms.Add(axiom); }