├── ml2fol
├── arc
│ ├── build.obuild
│ ├── ml2fol
│ ├── example.match
│ ├── example.smt2
│ ├── main.ml
│ ├── experiments
│ ├── build
│ ├── lexer.mll
│ └── parser.mly
├── pat2pattern_test.ml
├── examples
│ ├── cvc4test.smt2
│ ├── z3failure.smt2
│ └── sl
│ │ └── 001.match
├── mlprover
├── ml2fol
├── tests
├── parser_test.ml
├── pat.ml
├── main.ml
├── lexer.mll
├── parser.mly
└── README.md
├── prover
├── t
│ ├── unit
│ │ ├── unit-tests
│ │ ├── subst.k
│ │ ├── smt.k
│ │ ├── visitor.k
│ │ └── syntactic-match.k
│ ├── non-function.kore.expected
│ ├── trivial.smt2
│ ├── trivial-var.smt2
│ ├── introduce-lemma.kore
│ ├── axiom-equals-top.kore
│ ├── inst-exists.kore
│ ├── duplicate.kore
│ ├── use-local-axiom.kore
│ ├── simplify-flatten-ands.kore
│ ├── propagate-exists-through-application.kore
│ ├── pythagoras.smt2
│ ├── replace-evar-with-func-constant.kore
│ ├── fermat-3.smt2
│ ├── zero-iszero.smt2
│ ├── propagate-conjunct-through-exists.kore
│ ├── apply-equation-in-context.kore
│ ├── propagate-predicate-through-application.kore
│ ├── non-function.kore.disabled
│ ├── apply.kore
│ ├── instantiate-universals.kore
│ ├── use-proven-claims.kore
│ ├── emptyset-implies-isempty.kore
│ ├── introduce-lemma.kore.expected
│ ├── apply-equation.kore
│ ├── trivial-var.smt2.expected
│ ├── definitions
│ │ ├── find-find.kore
│ │ ├── find-list.kore
│ │ ├── list.kore
│ │ ├── listSorted.kore
│ │ ├── listSegmentLeft.kore
│ │ ├── listLength.kore
│ │ ├── find-list-seg.kore
│ │ ├── dll.kore
│ │ ├── listSegmentRight.kore
│ │ ├── bt.kore
│ │ ├── dllLength.kore
│ │ ├── dllSegmentLeft.kore
│ │ ├── listSortedLength.kore
│ │ ├── listSegmentRightLength.kore
│ │ ├── dllSegmentRightLength.kore
│ │ ├── dllSegmentLeftLength.kore
│ │ ├── listSegmentLeftSorted.kore
│ │ └── bst.kore
│ ├── inst-exists.kore.expected
│ ├── use-local-axiom.kore.expected
│ ├── disabled
│ │ ├── find-after-loop1.prover
│ │ ├── dllSegmentLeft-dll-implies-dll.prover.expected
│ │ ├── listSegmentRight-list-implies-list.prover.expected
│ │ ├── dllSegmentLeftLength-dllLength-implies-dllLength.prover.expected
│ │ ├── dllSegmentRightLength-dllSegmentRightLength-implies-dllSegmentRightLength.prover.expected
│ │ ├── listSegmentRightLength-listSegmentRightLength-implies-listSegmentRightLength.prover.expected
│ │ ├── dllSegmentLeft-dll-implies-dll.prover
│ │ ├── listSegmentRight-list-implies-list.prover
│ │ ├── find-in-loop.prover
│ │ ├── dllSegmentLeftLength-dllLength-implies-dllLength.prover
│ │ ├── dllSegmentRightLength-dllSegmentRightLength-implies-dllSegmentRightLength.prover
│ │ ├── listSegmentRightLength-listSegmentRightLength-implies-listSegmentRightLength.prover
│ │ └── find-in-loop.prover.expected
│ ├── duplicate.kore.expected
│ ├── axiom-equals-top.kore.expected
│ ├── simplify-flatten-ands.kore.expected
│ ├── sortedlist-implies-list.kore
│ ├── test-lists
│ │ ├── qf_shid_entl.unsat.8
│ │ ├── passing-5-12-40
│ │ ├── qf_shid_entl.unsat.5
│ │ └── qf_shlid_entl.unsat
│ ├── use-proven-claims.kore.expected
│ ├── bst-implies-bt.kore
│ ├── replace-evar-with-func-constant.kore.expected
│ ├── apply-equation-in-context.kore.expected
│ ├── listSortedLength-implies-listLength.kore
│ ├── propagate-exists-through-application.kore.expected
│ ├── emptyset-implies-isempty.kore.expected
│ ├── instantiate-universals.kore.expected
│ ├── listSortedLength-implies-listSorted.kore
│ ├── zero-iszero.smt2.expected
│ ├── propagate-conjunct-through-exists.kore.expected
│ ├── propagate-predicate-through-application.kore.expected
│ ├── apply-equation.kore.expected
│ ├── apply.kore.expected
│ ├── avl-implies-bst.kore
│ ├── isMod4-implies-isEven.smt2
│ ├── listSegmentLeft-implies-listSegmentRight.kore
│ ├── listSegmentRightLength-appendone-implies-listSegmentRightLength.kore
│ ├── qf_shid_entl-06.tst.smt2
│ ├── listSegmentLeft-list-implies-list.kore
│ ├── qf_shid_entl-03.tst.smt2
│ ├── qf_shid_entl-01.tst.smt2
│ ├── qf_shid_entl-02.tst.smt2
│ ├── qf_shid_entl-04.tst.smt2
│ ├── listSegmentRight-implies-listSegmentLeft.kore
│ ├── qf_shid_entl-05.tst.smt2
│ ├── trivial.smt2.expected
│ ├── isMod4-implies-isEven.smt2.expected
│ ├── pto-set.smt2.disabled
│ ├── listSegmentLeftsorted-sortedlist-implies-sortedlist.kore
│ ├── pythagoras.smt2.expected
│ ├── qf_shid_entl-06.tst.smt2.expected
│ ├── qf_shid_entl-05.tst.smt2.expected
│ ├── listSegmentRightLength-appendone-implies-listSegmentRightLength.kore.expected
│ ├── qf_shid_entl-04.tst.smt2.expected
│ ├── qf_shid_entl-02.tst.smt2.expected
│ ├── qf_shid_entl-03.tst.smt2.expected
│ ├── qf_shid_entl-01.tst.smt2.expected
│ ├── fermat-3.smt2.expected
│ ├── listSegmentLeft-implies-listSegmentRight.kore.expected
│ ├── listSegmentRight-implies-listSegmentLeft.kore.expected
│ ├── sortedlist-implies-list.kore.expected
│ ├── listSegmentLeft-list-implies-list.kore.expected
│ ├── listSortedLength-implies-listLength.kore.expected
│ └── listSortedLength-implies-listSorted.kore.expected
├── .gitignore
├── lib
│ ├── __init__.py
│ └── next-tests.py
├── utils
│ └── error.md
├── prover-kore
├── strategies
│ ├── intros.md
│ ├── duplicate.md
│ ├── reflexivity.md
│ ├── inst-exists.md
│ ├── introduce-lemma.md
│ ├── apply.md
│ ├── replace-evar-with-func-constant.md
│ └── instantiate-universals.md
├── prover
├── include
│ ├── prelude.smt2
│ └── prelude.kore
├── drivers
│ └── unit-tests.md
├── matching
├── README.md
├── analysis.txt
├── notes.md
└── LICENSE
├── tableaux-old
├── test-basic
├── test-succ
├── test-2
├── test-half-gwmc.1
├── test-half-gwmc.2
├── test-3
└── test-games-with-mu-calculus
├── checker
├── README.md
└── metamath
│ └── README.md
├── README.md
├── tableaux
├── t
│ └── games-with-mu-calculus-reached-states.maude
└── test
├── .travis.yml
├── .gitmodules
├── Jenkinsfile
└── Dockerfile
/ml2fol/arc/build.obuild:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/prover/t/unit/unit-tests:
--------------------------------------------------------------------------------
1 | test
2 |
--------------------------------------------------------------------------------
/prover/t/non-function.kore.expected:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/tableaux-old/test-basic:
--------------------------------------------------------------------------------
1 | \mu X . X
2 |
--------------------------------------------------------------------------------
/prover/.gitignore:
--------------------------------------------------------------------------------
1 | /.build/
2 | /tmp/
3 | __pycache__/
4 |
--------------------------------------------------------------------------------
/prover/lib/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 |
3 |
--------------------------------------------------------------------------------
/tableaux-old/test-succ:
--------------------------------------------------------------------------------
1 | \mu X . \or( $z , < $x X > )
2 |
--------------------------------------------------------------------------------
/ml2fol/pat2pattern_test.ml:
--------------------------------------------------------------------------------
1 | open OUnit2
2 | open Pat2pattern
3 |
--------------------------------------------------------------------------------
/tableaux-old/test-2:
--------------------------------------------------------------------------------
1 | \mu Z . \nu X . \and(< $a Z >, [ $a X ] )
2 |
--------------------------------------------------------------------------------
/ml2fol/examples/cvc4test.smt2:
--------------------------------------------------------------------------------
1 | (set-logic UF)
2 |
3 | (declare-sort Nat 0)
4 |
--------------------------------------------------------------------------------
/tableaux-old/test-half-gwmc.1:
--------------------------------------------------------------------------------
1 | \mu X . \or([$a X], \nu Y . \and([ $a Y ], $c))
2 |
--------------------------------------------------------------------------------
/tableaux-old/test-half-gwmc.2:
--------------------------------------------------------------------------------
1 | \nu X . \and(<$a X>, \mu Y . \or(<$a Y>, \not $c))
2 |
--------------------------------------------------------------------------------
/ml2fol/arc/ml2fol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kframework/matching-logic-prover/HEAD/ml2fol/arc/ml2fol
--------------------------------------------------------------------------------
/prover/t/trivial.smt2:
--------------------------------------------------------------------------------
1 | (assert ( = 1 1 ))
2 | (assert (not ( = 2 2 )))
3 | (set-info :mlprover-strategy smt)
4 | (check-sat)
5 |
--------------------------------------------------------------------------------
/prover/t/trivial-var.smt2:
--------------------------------------------------------------------------------
1 | (declare-const x Int)
2 | (assert (not ( = x x)))
3 | (set-info :mlprover-strategy smt-cvc4)
4 | (check-sat)
5 |
--------------------------------------------------------------------------------
/prover/utils/error.md:
--------------------------------------------------------------------------------
1 | ```k
2 | module ERROR
3 |
4 | syntax K
5 | syntax Error ::= "#error" "(" K ")"
6 |
7 | endmodule
8 | ```
9 |
--------------------------------------------------------------------------------
/tableaux-old/test-3:
--------------------------------------------------------------------------------
1 | \and (\nu X1 . \and( \mu Z . \or($p, <$a Z>) , < $a X1 >) , \mu Y . \nu X2 . \or(\and (\not $p, [a X2]), [a Y]))
2 |
--------------------------------------------------------------------------------
/prover/t/introduce-lemma.kore:
--------------------------------------------------------------------------------
1 | claim \equals(1, 1)
2 | strategy introduce-lemma(H: \equals(1,1), by: reflexivity)
3 | . apply(H, fail)
4 |
--------------------------------------------------------------------------------
/prover/t/axiom-equals-top.kore:
--------------------------------------------------------------------------------
1 | symbol f() : Int
2 | axiom a: \equals(f(), 1)
3 | claim \equals(\equals(f(), 1), \top())
4 | strategy axiom-equals-top(a)
5 |
--------------------------------------------------------------------------------
/tableaux-old/test-games-with-mu-calculus:
--------------------------------------------------------------------------------
1 | \and( \mu X . \or([$a X], \nu Y . \and([ $a Y ], $c))
2 | , \nu X . \and(<$a X>, \mu Y . \or(<$a Y>, \not $c))
3 | )
4 |
--------------------------------------------------------------------------------
/prover/t/inst-exists.kore:
--------------------------------------------------------------------------------
1 | axiom f5: \functionalPattern(5)
2 |
3 | claim \exists{I{Int}} gte(I{Int}, 3)
4 | strategy inst-exists(I{Int}, 5, apply(f5, fail))
5 | . smt-cvc4
6 |
--------------------------------------------------------------------------------
/prover/t/duplicate.kore:
--------------------------------------------------------------------------------
1 | symbol f() : Int
2 | axiom f-is-3 : \equals(f(), 3)
3 | claim \equals(3, f())
4 | strategy duplicate f-is-3 as H
5 | . apply-equation -> H at 0 by []
6 | . reflexivity
7 |
--------------------------------------------------------------------------------
/prover/t/use-local-axiom.kore:
--------------------------------------------------------------------------------
1 | // Tests that we can use local axioms.
2 | symbol f(Int) : Int
3 | claim \implies(\equals(f(1), 1), \equals(f(1), 1))
4 | strategy intros H . apply-equation -> H at 0 by [] . reflexivity
5 |
--------------------------------------------------------------------------------
/prover/t/simplify-flatten-ands.kore:
--------------------------------------------------------------------------------
1 | symbol f(Int) : Int
2 | axiom a: \equals(f(1), 1)
3 | claim \equals(f(\and(1, \and())), 1)
4 | strategy simplify.flatten-ands
5 | . apply-equation -> a at 0 by []
6 | . reflexivity
7 |
--------------------------------------------------------------------------------
/checker/README.md:
--------------------------------------------------------------------------------
1 | # Matching Logic Proof Checker
2 |
3 | Directories:
4 |
5 | * [metamath](metamath): A 250-line proof checker implemented in metamath.
6 | * [maude](maude): A matching logic proof checker implemented in Maude with 100 statements.
7 |
--------------------------------------------------------------------------------
/ml2fol/mlprover:
--------------------------------------------------------------------------------
1 | if [ "$#" -ne 1 ]
2 | then echo "Error: input file was not specified."
3 | else
4 | ocamlbuild -quiet main.byte
5 | rm -f $1".smt2"
6 | ./main.byte $1
7 | if [ $? -eq 0 ]
8 | then
9 | z3 -v:4 $1".smt2"
10 | fi
11 | fi
12 |
13 |
--------------------------------------------------------------------------------
/ml2fol/ml2fol:
--------------------------------------------------------------------------------
1 | if [ "$#" -ne 1 ]
2 | then echo "Error: input file was not specified."
3 | else
4 | ocamlbuild -quiet main.byte
5 | rm -f $1".smt2"
6 | ./main.byte $1
7 | if [ $? -eq 0 ]
8 | then cat $1".smt2"
9 | fi
10 | rm -f main.byte.
11 | fi
12 |
13 |
14 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Matching Logic Prover
2 |
3 | * `prover` contains the matching logic prover, implemented in the K framework.
4 | * `checker` contains the proof checkers of matching logic.
5 | * `ml2fol` contains a prototype translation from matching logic to first-order logic in smt2lib format.
6 |
--------------------------------------------------------------------------------
/prover/prover-kore:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | prover_dir=$(cd $(dirname $0); pwd -P)
3 |
4 | if [ $# -ne 1 ]; then
5 | echo "Usage: $0 file.kore"
6 | exit 1
7 | fi
8 |
9 | file="$1"
10 |
11 | "$prover_dir/prover" run --definition prover-kore "$file" -cCOMMANDLINE=.CommandLine -cPROVERDIR="\"$prover_dir\""
12 |
--------------------------------------------------------------------------------
/ml2fol/arc/example.match:
--------------------------------------------------------------------------------
1 | (declare-sort N)
2 |
3 | (declare-func zero () N)
4 | (declare-func succ (N) N)
5 | (declare-symb div (N N) N)
6 |
7 | (assert (forall ((X N) (Y N))
8 | (or (exists ((Z N)) (= Z (div X Y)))
9 | (= (div X Y) bottom))))
10 |
11 | (assert (forall ((X N))
12 | (not (div X zero))))
13 |
--------------------------------------------------------------------------------
/prover/t/propagate-exists-through-application.kore:
--------------------------------------------------------------------------------
1 | symbol foo(Int, Int) : Int
2 |
3 | axiom a: foo(foo(1, \exists{X{Int}} X{Int}), \exists{X{Int}} foo(X{Int}, 3))
4 |
5 | claim foo(foo(1, \exists{X{Int}} X{Int}), foo(\exists{X{Int}} X{Int}, 3))
6 | strategy propagate-exists-through-application 1
7 | . apply(a, fail)
8 |
--------------------------------------------------------------------------------
/prover/t/pythagoras.smt2:
--------------------------------------------------------------------------------
1 | (set-info :status sat)
2 |
3 | (declare-const x Int)
4 | (declare-const y Int)
5 | (declare-const z Int)
6 |
7 | (assert (> x 0))
8 | (assert (> y 0))
9 | (assert (> z 0))
10 |
11 | (assert (= (+ (* x x) (* y y)) (* z z)))
12 |
13 | (set-info :mlprover-strategy smt-cvc4)
14 | (check-sat)
15 |
--------------------------------------------------------------------------------
/prover/t/replace-evar-with-func-constant.kore:
--------------------------------------------------------------------------------
1 | symbol X() : Int
2 | symbol X0() : Int
3 | symbol X1(Int) : Int
4 | symbol X2(Int, Int) : Int
5 |
6 | claim \implies(gte(X{Int}, 2), gte(X{Int}, 1))
7 | strategy
8 | // replaces X{Int} with X3()
9 | replace-evar-with-func-constant X{Int}
10 | . smt-cvc4
11 |
12 |
13 |
--------------------------------------------------------------------------------
/prover/t/fermat-3.smt2:
--------------------------------------------------------------------------------
1 | (set-info :status unknown)
2 |
3 | (declare-const x Int)
4 | (declare-const y Int)
5 | (declare-const z Int)
6 |
7 | (assert (> x 0))
8 | (assert (> y 0))
9 | (assert (> z 0))
10 |
11 | (assert (= (+ (* x (* x x)) (* y (* y y))) (* z (* z z))))
12 |
13 | (set-info :mlprover-strategy smt)
14 | (check-sat)
15 |
--------------------------------------------------------------------------------
/prover/t/zero-iszero.smt2:
--------------------------------------------------------------------------------
1 | (define-fun-rec
2 | iszero ((x Int)) Bool
3 | (
4 | ite (= x 0)
5 | (= 0 0)
6 | (= 0 1)
7 | )
8 | )
9 |
10 | (assert (not (iszero 0)))
11 |
12 | (set-info :mlprover-strategy
13 | normalize . or-split-rhs
14 | . right-unfold . smt-cvc4
15 | )
16 | (check-sat)
17 |
--------------------------------------------------------------------------------
/prover/t/propagate-conjunct-through-exists.kore:
--------------------------------------------------------------------------------
1 | axiom a: \or(\exists{A{Int}} \and(A{Int}), \exists{X{Int}} \and(gte(X{Int}, 2), \exists{Y{Int}} gte(Y{Int}, 1)))
2 |
3 | claim \or(\exists{A{Int}} \and(A{Int}), \exists{X{Int},Y{Int}} \and(gte(Y{Int}, 1), gte(X{Int}, 2)))
4 | strategy propagate-conjunct-through-exists(1, 1)
5 | . apply(a, fail)
6 |
--------------------------------------------------------------------------------
/prover/t/apply-equation-in-context.kore:
--------------------------------------------------------------------------------
1 | symbol foo(Int, Int) : Int
2 |
3 | axiom a: \exists{X{Int}} foo(\and(X{Int}, \equals(X{Int}, 3), 2, \equals(X{Int}, 2)))
4 |
5 | claim \exists{X{Int}} foo(\and(X{Int}, \equals(X{Int}, 3), X{Int}, \equals(X{Int}, 2)))
6 | strategy apply-equation(eq: \equals(X{Int}, #Y), idx: 1, direction: ->, at: 2)
7 | . apply(a, fail)
8 |
--------------------------------------------------------------------------------
/tableaux/t/games-with-mu-calculus-reached-states.maude:
--------------------------------------------------------------------------------
1 | in "../tableaux.maude" .
2 |
3 | search tableaux( \and( \mu X . \or ([ a ] X {0}, \nu Y . \and([ a ] Y{0}, c))
4 | , \nu X . \and(< a > X{0}, \mu Y . \or (< a > Y{0}, \not c))
5 | ) )
6 | =>* Sequent:Sequent
7 | .
8 |
9 | show search graph .
10 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: java
2 | services:
3 | docker
4 | git:
5 | depth: 3
6 | jobs:
7 | include:
8 | - stage: Build Docker Image
9 | script:
10 | - "travis_wait 60 docker build --build-arg K_COMMIT=$(cd prover/ext/k && git rev-parse --short=7 HEAD) --build-arg USER_ID=$(id -u) --build-arg GROUP_ID=$(id -g) --tag matching-logic-prover ."
11 |
--------------------------------------------------------------------------------
/prover/t/propagate-predicate-through-application.kore:
--------------------------------------------------------------------------------
1 | symbol foo(Int, Int) : Int
2 |
3 | axiom a: \exists{X{Int}} \and(gte(X{Int}, 1), foo(\and(X{Int}, gte(X{Int}, 0)), X{Int}))
4 |
5 | claim \exists{X{Int}} foo(\and(X{Int}, gte(X{Int}, 0)), \and(gte(X{Int}, 1), X{Int}))
6 | strategy propagate-predicate-through-application(gte(#A, #B), 1)
7 | . apply(a, fail)
8 |
--------------------------------------------------------------------------------
/prover/t/non-function.kore.disabled:
--------------------------------------------------------------------------------
1 | // non-functional symbol r
2 | symbol topBool() : Bool
3 |
4 | // not (true \in topBool and false \in topBool)
5 | // will return success (valid) if topBool is functional, but fail (satisfiable) if topBool is not necessarily functional
6 | claim \not(\and(\implies(true, topBool()), \implies(false, topBool())))
7 |
8 | strategy smt-cvc4
9 |
--------------------------------------------------------------------------------
/prover/t/apply.kore:
--------------------------------------------------------------------------------
1 | symbol foo() : Bool
2 | symbol goo() : Bool
3 | symbol bar() : Bool
4 |
5 | axiom foo_holds: foo()
6 | axiom goo_holds: goo()
7 | axiom foo_and_goo_implies_bar:
8 | \implies(foo(), \implies(goo(), bar()))
9 |
10 | claim bar()
11 | strategy
12 | apply(
13 | foo_and_goo_implies_bar,
14 | apply(foo_holds, fail) | apply(goo_holds, fail)
15 | )
16 |
--------------------------------------------------------------------------------
/prover/t/instantiate-universals.kore:
--------------------------------------------------------------------------------
1 | sort A
2 | symbol a() : A
3 | axiom functional(a)
4 | symbol f(Int,Int) : Int
5 | claim \implies(
6 | \forall{} \forall{X{Int}, Y{A}} \equals(f(X{Int},Y{A}), 0),
7 | \equals(f(3, a()), 0)
8 | )
9 | strategy intros H
10 | . instantiate-universals(in: H, vars: X,Y, with: 3,a())
11 | . apply-equation -> H at 0 by []
12 | . reflexivity
13 |
--------------------------------------------------------------------------------
/ml2fol/arc/example.smt2:
--------------------------------------------------------------------------------
1 | (declare-sort N)
2 |
3 | (declare-fun pi_div (N N N) Bool)
4 | (declare-fun zero () N)
5 | (declare-fun succ (N) N)
6 |
7 | (assert (forall ((X N) (Y N)) (or (exists ((Z N)) (forall (($5 N)) (= (= Z $5) (pi_div X Y $5)))) (forall (($8 N)) (not (pi_div X Y $8) )))))
8 |
9 | (assert (forall (($2 N) (X N)) (not (pi_div X zero $2) )))
10 |
11 | (check-sat)
12 | (get-model)
13 |
14 |
--------------------------------------------------------------------------------
/prover/lib/next-tests.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 |
3 | from testlists import *
4 |
5 | passing_tests = []
6 | for list in test_lists:
7 | (_, _, _, _, tests) = list
8 | passing_tests += tests
9 |
10 | remaining_tests = [t for t in qf_shid_entl_unsat_tests if t not in passing_tests]
11 |
12 | print("Remaining qf_shid_entl_unsat tests")
13 | print("==================================\n")
14 | print(*remaining_tests, sep="\n")
15 |
--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "prover/k/ext/kninja"]
2 | path = prover/ext/kninja
3 | url = https://github.com/nishantjr/kninja
4 | [submodule "prover/k/ext/k"]
5 | path = prover/ext/k
6 | url = https://github.com/kframework/k
7 | [submodule "prover/k/ext/pandoc-tangle"]
8 | path = prover/ext/pandoc-tangle
9 | url = https://github.com/ehildenb/pandoc-tangle
10 | [submodule "prover/t/SL-COMP18"]
11 | path = prover/t/SL-COMP18
12 | url = https://github.com/sl-comp/SL-COMP18/
13 |
--------------------------------------------------------------------------------
/prover/t/use-proven-claims.kore:
--------------------------------------------------------------------------------
1 | // Tests that we can reuse proven claims
2 |
3 | symbol f(Int) : Int
4 |
5 | axiom a1: \equals(f(1), 1)
6 |
7 | claim a2: \equals(f(f(1)), 1)
8 |
9 | strategy apply-equation -> a1 at 0 by []
10 | . apply-equation -> a1 at 0 by []
11 | . reflexivity
12 |
13 |
14 | claim a3: \equals(f(f(f(1))), 1)
15 | strategy apply-equation -> a1 at 0 by []
16 | . apply-equation -> a2 at 0 by [] // <- HERE
17 | . reflexivity
18 |
19 |
--------------------------------------------------------------------------------
/prover/t/emptyset-implies-isempty.kore:
--------------------------------------------------------------------------------
1 | symbol isEmpty ( SetInt ) : Bool
2 | axiom functional(isEmpty)
3 | axiom \forall { S { SetInt } }
4 | \iff-lfp( isEmpty( S { SetInt })
5 | , \or( \exists { } \and(\equals(S { SetInt } , emptyset)))
6 | )
7 |
8 | claim \implies( \and(\equals(S { SetInt }, emptyset))
9 | , \and(isEmpty(S { SetInt }))
10 | )
11 |
12 | strategy normalize . right-unfold . simplify . instantiate-existentials . smt-cvc4
13 |
--------------------------------------------------------------------------------
/ml2fol/tests:
--------------------------------------------------------------------------------
1 | ocamlbuild -quiet -package oUnit prelude_test.byte
2 | ./prelude_test.byte
3 | rm prelude_test.byte
4 |
5 | ocamlbuild -quiet -package oUnit logic_test.byte
6 | ./logic_test.byte
7 | rm logic_test.byte
8 |
9 | ocamlbuild -quiet -package oUnit conversion_test.byte
10 | ./conversion_test.byte
11 | rm conversion_test.byte
12 |
13 | ocamlbuild -quiet -package oUnit parser_test.byte
14 | ./parser_test.byte
15 | rm parser_test.byte
16 |
17 | ocamlbuild -quiet -package oUnit pat2pattern_test.byte
18 | ./pat2pattern_test.byte
19 | rm pat2pattern_test.byte
20 |
21 |
22 |
--------------------------------------------------------------------------------
/prover/strategies/intros.md:
--------------------------------------------------------------------------------
1 | ```
2 | Gamma U {H} |- G where H closed predicate
3 | ---------------------
4 | Gamma |- H -> G
5 | ```
6 |
7 | ```k
8 | module STRATEGY-INTROS
9 | imports PROVER-CORE
10 | imports STRATEGIES-EXPORTED-SYNTAX
11 | imports KORE-HELPERS
12 |
13 | rule intros Name => noop ...
14 | \implies(H, G) => G
15 | (.Bag =>
16 | axiom Name : H
17 | ) ...
18 |
19 | requires isClosed(H) andBool isPredicatePattern(H)
20 |
21 | endmodule
22 | ```
23 |
--------------------------------------------------------------------------------
/prover/t/introduce-lemma.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : \equals ( 1 , 1 )
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/prover/t/apply-equation.kore:
--------------------------------------------------------------------------------
1 | symbol f(Int, Int) : Int
2 |
3 | axiom f_X_Y: \forall{X{Int}, Y{Int}}
4 | \implies(
5 | \or(\equals(X{Int}, 0), \equals(X{Int}, 3)),
6 | \implies(
7 | gte(Y{Int}, 0),
8 | \equals(f(X{Int}, Y{Int}), Y{Int})
9 | )
10 | )
11 |
12 | claim \equals(1,1)
13 | strategy reflexivity
14 |
15 | //claim \equals(f(0,1), 1)
16 | claim \equals(f(0,1),f(3,f(0,1)))
17 | strategy apply-equation -> f_X_Y at 2 by [smt-cvc4, smt-cvc4]
18 | . apply-equation -> f_X_Y at 1 by [smt-cvc4, smt-cvc4]
19 | . apply-equation -> f_X_Y at 0 by [smt-cvc4, smt-cvc4]
20 | . reflexivity
21 |
--------------------------------------------------------------------------------
/prover/t/trivial-var.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( .Patterns ) , \and ( \or ( \equals ( Vx { Int } , Vx { Int } ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | smt-cvc4
22 |
23 |
24 |
25 | .DeclarationCellSet
26 |
27 |
28 |
--------------------------------------------------------------------------------
/checker/metamath/README.md:
--------------------------------------------------------------------------------
1 | # Matching Logic Proof Checker (Metamath)
2 |
3 | ## Instructions
4 |
5 | 1. Download and install `metamath` from http://us.metamath.org/#downloads.
6 | 2. In the current directory, run `metamath`.
7 | 3. After the prompt `MM>`, type `read checker.mm` to load the definition.
8 | 4. After loading the definition, type `verify proof *` to verify all the proofs.
9 | 5. Run `exit` to exit `metamath`.
10 |
11 | ## FAQ
12 |
13 | Q: What is Metamath?
14 |
15 | A: See http://us.metamath.org/. In short, Metamath is a very simple program that allows one to define the metalevel of any formal systems and logics.
16 |
17 |
--------------------------------------------------------------------------------
/prover/t/definitions/find-find.kore:
--------------------------------------------------------------------------------
1 | symbol find-find(Int, Int, SetInt) : Bool
2 | axiom \forall { DATA : Int, RET : Int, F : SetInt }
3 | \iff-lfp( find-find(DATA, RET, F)
4 | , \or( \and( gt(RET, 0)
5 | , \equals(RET, DATA)
6 | , isMember(DATA, F)
7 | , .Patterns
8 | )
9 | , \and( \equals(RET, 0)
10 | , \not(isMember(DATA, F))
11 | , .Patterns
12 | )
13 | , .Patterns
14 | )
15 | )
16 |
--------------------------------------------------------------------------------
/ml2fol/arc/main.ml:
--------------------------------------------------------------------------------
1 | open Convert
2 | open Printf
3 |
4 | let file_in = "example.match";;
5 | let input_channel = open_in file_in;;
6 |
7 | let file_out = "example.smt2";;
8 | let output_channel = open_out file_out;;
9 |
10 | let lexbuf = Lexing.from_channel input_channel in
11 | let sys = Parser.system Lexer.token lexbuf in
12 | let patoutput = system2string sys in
13 | let smtoutput = theory2string (convert_system sys) in
14 | fprintf output_channel "%s\n" smtoutput;
15 | flush output_channel;
16 | fprintf stdout "%s\n" (patoutput ^ "\n" ^ smtoutput);
17 | flush stdout
18 | ;;
19 |
20 | close_in input_channel;;
21 | close_out output_channel;;
22 |
23 |
--------------------------------------------------------------------------------
/prover/t/inst-exists.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : \exists { I { Int } , .Patterns } gte ( I { Int } , 3 , .Patterns )
26 |
27 | axiom f5 : \functionalPattern ( 5 )
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/ml2fol/arc/experiments:
--------------------------------------------------------------------------------
1 | "<>" means "not equal".
2 | "^" is the concat of two sequences (its midfix form)
3 |
4 | Example: ((((((1^2)^3)^4)^5)^6)^7) = (1^(2^(3^(4^(5^(6^7)))))).
5 | Proof found!
6 |
7 | Example: ((((((1^2)^3)^4)^5)^6)^7) <> (1^(2^(3^(4^(5^(5^7)))))).
8 | Proof found!
9 |
10 | Example: ((1^2)^3) = (1^(3^2)).
11 | Timeout!
12 |
13 | Example: ((1^2)^3) <> (1^(3^2)).
14 | Proof found!
15 |
16 | Example: 5 is in ((((((1^2)^3)^4)^5)^6)^7)
17 | Proof found!
18 |
19 | Example: 5 is not in ((((((1^2)^3)^4)^5)^6)^7)
20 | Proof found!
21 |
22 | Example: (1 |-> 2 * (3 |-> 4 * 5 |-> 6))
23 | = ((3 |-> 4 * 1 |-> 2) * 5 |-> 6)
24 | Proof found! (After I manually added :pattern annotations, and it takes 2 seconds.
25 |
26 |
27 |
--------------------------------------------------------------------------------
/prover/strategies/duplicate.md:
--------------------------------------------------------------------------------
1 | # duplicate
2 |
3 | This strategy is useful in combination with strategies that modify
4 | the proof context.
5 |
6 | ```
7 | Gamma, Phi, Phi |- Psi
8 | -----------------
9 | Gamma, Phi |- Psi
10 | ```
11 |
12 | ```k
13 | module STRATEGY-DUPLICATE
14 | imports PROVER-CORE
15 | imports STRATEGIES-EXPORTED-SYNTAX
16 |
17 | rule duplicate H as H'
18 | => loadNamed(H) ~> #nameAs(H')
19 | ...
20 |
21 |
22 | syntax KItem ::= #nameAs(AxiomName)
23 |
24 | rule P ~> #nameAs(H') => noop ...
25 | (.Bag =>
26 | axiom H' : P
27 | ) ...
28 |
29 |
30 | endmodule
31 | ```
32 |
--------------------------------------------------------------------------------
/prover/t/use-local-axiom.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : \implies ( \equals ( f ( 1 , .Patterns ) , 1 ) , \equals ( f ( 1 , .Patterns ) , 1 ) )
26 |
27 | symbol f ( Int , .Sorts ) : Int
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/prover/t/disabled/find-after-loop1.prover:
--------------------------------------------------------------------------------
1 | claim
2 | \implies( \and( find-list-seg( H0
3 | , OLDX
4 | , X
5 | , F1
6 | )
7 | , find-list(H0, X, F2)
8 | , disjoint(F1, F2)
9 | , \equals(F3, union(F1, F2))
10 |
11 | )
12 | , \and( find-list( H0
13 | , OLDX
14 | , F3
15 | )
16 | )
17 | )
18 |
19 | strategy search-bound(3)
20 | // strategy simplify ; kt(find-list-seg) ; simplify
21 | // ; ( direct-proof
22 | // | right-unfold-Nth(0,1)
23 | // )
24 |
--------------------------------------------------------------------------------
/prover/prover:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | extdir = 'ext'
3 | import sys
4 | import os
5 | sys.path.append(os.path.join(os.path.dirname(__file__), extdir))
6 | from kninja.runner import *
7 |
8 | proj = KProject(extdir = extdir)
9 | KDefinition( proj
10 | , alias = 'prover-kore'
11 | , backend = 'llvm'
12 | , directory = proj.builddir('defn/prover-kore')
13 | )
14 | KDefinition( proj
15 | , alias = 'prover-smt'
16 | , backend = 'llvm'
17 | , directory = proj.builddir('defn/prover-smt')
18 | )
19 | KDefinition( proj
20 | , alias = 'test-driver'
21 | , backend = 'llvm'
22 | , directory = proj.builddir('defn/test-driver')
23 | )
24 | KRunner(proj).main()
25 |
--------------------------------------------------------------------------------
/prover/t/duplicate.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : \equals ( 3 , f ( .Patterns ) )
26 |
27 | axiom f-is-3 : \equals ( f ( .Patterns ) , 3 )
28 |
29 | symbol f ( .Sorts ) : Int
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/include/prelude.smt2:
--------------------------------------------------------------------------------
1 | ; Gets included whenever we call an SMT solver
2 | (set-logic ALL_SUPPORTED)
3 |
4 | ( define-sort SetInt () ( Set Int ) )
5 | ( define-fun emptysetx () SetInt ( as emptyset SetInt ) )
6 | ( define-fun in ( ( n Int ) ( x SetInt ) ) Bool ( member n x) )
7 | ( define-fun unionx ( ( x SetInt ) ( y SetInt ) ) SetInt ( union x y ) )
8 | ( define-fun intersectx ( ( x SetInt ) ( y SetInt ) ) SetInt ( intersection x y ) )
9 | ( define-fun disjointx ( ( x SetInt ) ( y SetInt ) ) Bool ( = ( intersectx x y ) emptysetx ) )
10 | ( define-fun setAdd ( ( s SetInt ) ( x Int ) ) SetInt ( unionx s ( singleton x )) )
11 | ( define-fun setDel ( ( s SetInt ) ( x Int ) ) SetInt ( setminus s ( singleton x )) )
12 | ( define-fun max ( (x Int) (y Int) ) Int ( ite (< x y) y x ) )
13 |
--------------------------------------------------------------------------------
/ml2fol/examples/z3failure.smt2:
--------------------------------------------------------------------------------
1 | ; Z3 seems to have a hard time in eliminating redundant quantifiers,
2 | ; as the next example shows.
3 |
4 | (set-logic UF)
5 |
6 | (declare-sort Nat 0)
7 |
8 | (declare-const zero Nat)
9 |
10 | (declare-fun succ (Nat) Nat)
11 | (declare-fun plus (Nat Nat) Nat)
12 |
13 | ; Axiom #1
14 | ; x + 0 = x
15 | (assert (forall ((x Nat))
16 | (= (plus x zero) x)))
17 |
18 | ; Axiom #2
19 | ; succ(x + y) = x + succ(y), but written in another way:
20 | ; forall t . t = succ(x + y) iff t = x + succ(y)
21 | (assert (forall ((x Nat) (y Nat))
22 | (forall ((t Nat))
23 | (= (= t (succ (plus x y)))
24 | (= t (plus x (succ y)))))))
25 |
26 | ; negation of 0 + 1 = 1
27 | (assert
28 | (not (= (plus zero (succ zero))
29 | (succ zero))))
30 |
31 | (check-sat)
32 |
--------------------------------------------------------------------------------
/prover/t/axiom-equals-top.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a : \equals ( f ( .Patterns ) , 1 )
26 |
27 | axiom ax0 : \equals ( \equals ( f ( .Patterns ) , 1 ) , \and ( .Patterns ) )
28 |
29 | symbol f ( .Sorts ) : Int
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/t/disabled/dllSegmentLeft-dll-implies-dll.prover.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | root
5 |
6 |
7 | true
8 |
9 |
10 | .
11 |
12 |
13 | \implies ( \and ( dllSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , dll ( H { ArrayIntInt } , Y { Int } , G { SetInt } , .Patterns ) , \equals ( K { SetInt } , union ( F { SetInt } , G { SetInt } , .Patterns ) ) , disjoint ( F { SetInt } , G { SetInt } , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( dll ( H { ArrayIntInt } , X { Int } , K { SetInt } , .Patterns ) , .Patterns ) )
14 |
15 |
16 | success
17 |
18 |
19 | .
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/prover/t/disabled/listSegmentRight-list-implies-list.prover.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | root
5 |
6 |
7 | true
8 |
9 |
10 | .
11 |
12 |
13 | \implies ( \and ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y { Int } , G1 { SetInt } , .Patterns ) , list ( H { ArrayIntInt } , Y { Int } , G2 { SetInt } , .Patterns ) , disjoint ( G1 { SetInt } , G2 { SetInt } , .Patterns ) , \equals ( F { SetInt } , union ( G1 { SetInt } , G2 { SetInt } , .Patterns ) ) , .Patterns ) , \exists { .Patterns } \and ( list ( H { ArrayIntInt } , X { Int } , F { SetInt } , .Patterns ) , .Patterns ) )
14 |
15 |
16 | success
17 |
18 |
19 | .
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/prover/t/simplify-flatten-ands.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a : \equals ( f ( 1 , .Patterns ) , 1 )
26 |
27 | axiom ax0 : \equals ( f ( \and ( 1 , \and ( .Patterns ) , .Patterns ) , .Patterns ) , 1 )
28 |
29 | symbol f ( Int , .Sorts ) : Int
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/t/sortedlist-implies-list.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSorted.kore"
2 | imports "t/definitions/list.kore"
3 |
4 |
5 | claim \implies( \and( listSorted( H { ArrayIntInt }
6 | , X { Int }
7 | , K { SetInt }
8 | , MIN { Int }
9 | )
10 | )
11 | , \and( list( H { ArrayIntInt }
12 | , X { Int }
13 | , K { SetInt }
14 | )
15 | )
16 | )
17 | strategy search-fol(bound: 3)
18 | /*
19 | strategy kt . ( (right-unfold-Nth(0, 0) . simplify . direct-proof)
20 | | ( simplify . direct-proof )
21 | | (right-unfold-Nth(0, 1) . simplify . direct-proof)
22 | )
23 | */
24 |
--------------------------------------------------------------------------------
/prover/t/test-lists/qf_shid_entl.unsat.8:
--------------------------------------------------------------------------------
1 | t/SL-COMP18/bench/qf_shid_entl/dll-vc09.smt2
2 | t/SL-COMP18/bench/qf_shid_entl/eolseg_02.sb.smt2
3 | t/SL-COMP18/bench/qf_shid_entl/eolseg_05.sb.smt2
4 | t/SL-COMP18/bench/qf_shid_entl/eolseg_06.sb.smt2
5 | t/SL-COMP18/bench/qf_shid_entl/eolseg_09.sb.smt2
6 | t/SL-COMP18/bench/qf_shid_entl/eolseg_12.sb.smt2
7 | t/SL-COMP18/bench/qf_shid_entl/eolseg_15.sb.smt2
8 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls_nonrec_05.sb.smt2
9 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls_nonrec_08.sb.smt2
10 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls_nonrec_09.sb.smt2
11 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls_nonrec_10.sb.smt2
12 | t/SL-COMP18/bench/qf_shid_entl/ls_nonrec_entail_ls_01.sb.smt2
13 | t/SL-COMP18/bench/qf_shid_entl/skl2-vc02.smt2
14 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc01.smt2
15 | t/SL-COMP18/bench/qf_shid_entl/tll_slk-9.smt
16 |
--------------------------------------------------------------------------------
/ml2fol/parser_test.ml:
--------------------------------------------------------------------------------
1 | open OUnit2
2 | open Parser
3 | open Pat
4 | open Prelude
5 |
6 | (* Parse a string into a pat AST *)
7 |
8 | let parse_pat s =
9 | let lexbuf = Lexing.from_string s in
10 | let pat = Parser.pat Lexer.token lexbuf in
11 | pat
12 | ;;
13 |
14 | let parse_thy s =
15 | let lexbuf = Lexing.from_string s in
16 | let thy = Parser.thy Lexer.token lexbuf in
17 | thy
18 | ;;
19 |
20 | (* test suite for parsing pats *)
21 |
22 | let tests =
23 | "test suite for parsing pats" >::: [
24 |
25 | "top" >::
26 | (fun _ -> assert_equal Top
27 | (parse_pat "top"));
28 |
29 | "thy1" >::
30 | (fun _ -> assert_equal
31 | (["Nat"; "Seq"], [FC("zero", [], "Nat")], [])
32 | (parse_thy "(declare-sort Nat)
33 | (declare-sort Seq)
34 | (declare-func zero () Nat)"));
35 |
36 | ]
37 |
38 | let _ = run_test_tt_main tests
39 |
40 |
--------------------------------------------------------------------------------
/prover/t/definitions/find-list.kore:
--------------------------------------------------------------------------------
1 | symbol find-list(ArrayIntInt, Int, SetInt) : Bool
2 | axiom functional(find-list)
3 |
4 | axiom \forall { H : ArrayIntInt, X : Int, F : SetInt }
5 | \iff-lfp( find-list(H, X, F)
6 | , \or( \and( \equals(X, 0)
7 | , \equals(F, emptyset)
8 | , .Patterns
9 | )
10 | , \and( find-list(H, X", !I:Int) { Int }, F", !J:Int) { SetInt },.Patterns)
11 | , gt(X,0)
12 | , \equals(select(H, plus(X, 1)), X", !I:Int) { Int })
13 | , \equals(F, add( F", !J:Int) { SetInt }, X))
14 | , \not(isMember(X, F", !J:Int) { SetInt }))
15 | , .Patterns
16 | )
17 | , .Patterns
18 | )
19 | )
20 |
--------------------------------------------------------------------------------
/prover/t/use-proven-claims.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a1 : \equals ( f ( 1 , .Patterns ) , 1 )
26 |
27 | axiom a2 : \equals ( f ( f ( 1 , .Patterns ) , .Patterns ) , 1 )
28 |
29 | axiom a3 : \equals ( f ( f ( f ( 1 , .Patterns ) , .Patterns ) , .Patterns ) , 1 )
30 |
31 | symbol f ( Int , .Sorts ) : Int
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/prover/t/definitions/list.kore:
--------------------------------------------------------------------------------
1 | symbol list(ArrayIntInt, Int, SetInt) : Bool
2 | axiom functional(list)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt } }
5 | \iff-lfp( list(H { ArrayIntInt }, X { Int }, F { SetInt })
6 | , \or( \exists {}
7 | \and( \equals(X { Int }, 0)
8 | , \equals(F { SetInt }, emptyset)
9 | )
10 | , \exists {F1 { SetInt }, X1 { Int }}
11 | \and( list(H { ArrayIntInt },X1 { Int },F1 { SetInt })
12 | , gt(X { Int },0)
13 | , \equals(select(H { ArrayIntInt }, X { Int }) , X1 { Int })
14 | , \equals(F { SetInt } , union(F1 { SetInt }, singleton(X { Int })))
15 | , disjoint(F1 { SetInt }, singleton(X { Int }))
16 | )
17 | )
18 | )
19 |
--------------------------------------------------------------------------------
/prover/t/bst-implies-bt.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/bt.kore"
2 | imports "t/definitions/bst.kore"
3 |
4 | claim \implies( \and( bst( H { ArrayIntInt }
5 | , X { Int }
6 | , F { SetInt }
7 | , MIN { Int }
8 | , MAX { Int }
9 | )
10 | )
11 | , \and( bt( H { ArrayIntInt }, X { Int }, F { SetInt }) )
12 | )
13 | strategy search-fol(bound: 5)
14 | // strategy kt . ( ( right-unfold-Nth(0,0) . ( instantiate-existentials . (smt-z3 | smt-cvc4) ) )
15 | // | ( right-unfold-Nth(0,1) . right-unfold-Nth(0,0) . right-unfold-Nth(0,0) . ( instantiate-existentials . (smt-z3 | smt-cvc4) ) )
16 | // | ( instantiate-existentials . (smt-z3 | smt-cvc4) )
17 | // | ( right-unfold-Nth(0,1) . ( instantiate-existentials . (smt-z3 | smt-cvc4) ))
18 | // )
19 |
--------------------------------------------------------------------------------
/prover/t/disabled/dllSegmentLeftLength-dllLength-implies-dllLength.prover.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | root
5 |
6 |
7 | true
8 |
9 |
10 | .
11 |
12 |
13 | \implies ( \and ( dllSegmentLeftLength ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , L { Int } , .Patterns ) , dllLength ( H { ArrayIntInt } , Y { Int } , G { SetInt } , M { Int } , .Patterns ) , \equals ( K { SetInt } , union ( F { SetInt } , G { SetInt } , .Patterns ) ) , \equals ( N { Int } , plus ( L { Int } , M { Int } , .Patterns ) ) , disjoint ( F { SetInt } , G { SetInt } , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( dllLength ( H { ArrayIntInt } , X { Int } , K { SetInt } , N { Int } , .Patterns ) , .Patterns ) )
14 |
15 |
16 | success
17 |
18 |
19 | .
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/prover/strategies/reflexivity.md:
--------------------------------------------------------------------------------
1 | ```k
2 | module STRATEGY-REFLEXIVITY
3 |
4 | imports PROVER-CORE
5 | imports STRATEGIES-EXPORTED-SYNTAX
6 |
7 | ```
8 | # Reflexivity
9 |
10 | ```
11 | .
12 | --------------
13 | Gamma |- X = X
14 | ```
15 |
16 | ```k
17 | rule reflexivity => success ...
18 | \equals(P, P)
19 |
20 | rule reflexivity => fail ...
21 | \equals(P, Q)
22 | requires P =/=K Q
23 | ```
24 | # axiom-equals-top
25 |
26 | ```
27 | .
28 | --------------------
29 | Gamma, P |- P = \top
30 | ```
31 |
32 | ```k
33 |
34 | rule (.K => loadNamed(Name))
35 | ~> axiom-equals-top(Name)
36 | ...
37 |
38 |
39 | // currently, `\top()` desugares to `\and()`
40 | rule P ~> axiom-equals-top(_) => success ...
41 | \equals(P, \and(.Patterns) #Or \top())
42 |
43 | endmodule // STRATEGY-REFLEXIVITY
44 | ```
45 |
--------------------------------------------------------------------------------
/prover/t/replace-evar-with-func-constant.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : \implies ( gte ( X { Int } , 2 , .Patterns ) , gte ( X { Int } , 1 , .Patterns ) )
26 |
27 | symbol X0 ( .Sorts ) : Int
28 |
29 | symbol X1 ( Int , .Sorts ) : Int
30 |
31 | symbol X2 ( Int , Int , .Sorts ) : Int
32 |
33 | symbol X ( .Sorts ) : Int
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/Jenkinsfile:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | dockerfile {
4 | additionalBuildArgs '--build-arg USER_ID=$(id -u) --build-arg GROUP_ID=$(id -g)'
5 | }
6 | }
7 | stages {
8 | stage("Init title") {
9 | when { changeRequest() }
10 | steps {
11 | script {
12 | currentBuild.displayName = "PR ${env.CHANGE_ID}: ${env.CHANGE_TITLE}"
13 | }
14 | }
15 | }
16 | stage('SMTLIB Tests') {
17 | steps {
18 | ansiColor('xterm') {
19 | sh '''#!/bin/bash
20 | cd prover \
21 | && PATH="$(pwd)/.build/local/bin/:$PATH" ./build smtlib2-tests
22 | '''
23 | }
24 | }
25 | }
26 | stage('Prover Tests') {
27 | steps {
28 | ansiColor('xterm') {
29 | sh '''#!/bin/bash
30 | cd prover \
31 | && PATH="$(pwd)/.build/local/bin/:$PATH" ./build -k 0
32 | '''
33 | }
34 | }
35 | }
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/prover/drivers/unit-tests.md:
--------------------------------------------------------------------------------
1 | This file contains infrastructure for writing tests for K functions.
2 |
3 | ```k
4 | requires "prover.k"
5 | ```
6 |
7 | ```k
8 | module DRIVER-UNIT-TEST
9 | imports DRIVER-KORE
10 |
11 | syntax Declaration ::= "test"
12 | rule test => next-test(1) ...
13 |
14 | syntax Declaration ::= "next-test" "(" Int ")"
15 | rule next-test(N)
16 | => test(N)
17 | ~> next-test(N +Int 1)
18 | ...
19 |
20 | requires N next-test(20) => .K ...
22 |
23 | // TODO: This is also a hack
24 | syntax Declarations ::= test(Int) [function]
25 | rule test(N) => .Declarations
26 | requires N >Int 1 andBool N .K
31 | rule .K
32 | 1 => 0
33 | endmodule
34 | ```
35 |
--------------------------------------------------------------------------------
/prover/t/apply-equation-in-context.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a : \exists { X { Int } , .Patterns } foo ( \and ( X { Int } , \equals ( X { Int } , 3 ) , 2 , \equals ( X { Int } , 2 ) , .Patterns ) , .Patterns )
26 |
27 | axiom ax0 : \exists { X { Int } , .Patterns } foo ( \and ( X { Int } , \equals ( X { Int } , 3 ) , X { Int } , \equals ( X { Int } , 2 ) , .Patterns ) , .Patterns )
28 |
29 | symbol foo ( Int , Int , .Sorts ) : Int
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/t/disabled/dllSegmentRightLength-dllSegmentRightLength-implies-dllSegmentRightLength.prover.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | root
5 |
6 |
7 | true
8 |
9 |
10 | .
11 |
12 |
13 | \implies ( \and ( dllSegmentRightLength ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , L { Int } , .Patterns ) , dllSegmentRightLength ( H { ArrayIntInt } , Y { Int } , Z { Int } , G { SetInt } , M { Int } , .Patterns ) , \equals ( K { SetInt } , union ( F { SetInt } , G { SetInt } , .Patterns ) ) , disjoint ( F { SetInt } , G { SetInt } , .Patterns ) , \equals ( N { Int } , plus ( L { Int } , M { Int } , .Patterns ) ) , .Patterns ) , \exists { .Patterns } \and ( dllSegmentRightLength ( H { ArrayIntInt } , X { Int } , Z { Int } , K { SetInt } , N { Int } , .Patterns ) , .Patterns ) )
14 |
15 |
16 | success
17 |
18 |
19 | .
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/prover/t/listSortedLength-implies-listLength.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSortedLength.kore"
2 | imports "t/definitions/listLength.kore"
3 |
4 | claim \implies( \and( listSortedLength( H { ArrayIntInt }
5 | , X { Int }
6 | , K { SetInt }
7 | , MIN { Int }
8 | , Length { Int }
9 | )
10 | )
11 | , \and( listLength( H { ArrayIntInt }
12 | , X { Int }
13 | , K { SetInt }
14 | , Length { Int }
15 | )
16 | )
17 | )
18 | strategy search-fol(bound: 5)
19 | /*
20 | strategy kt . ( (right-unfold-Nth(0, 0) . simplify . direct-proof)
21 | | simplify . direct-proof
22 | | (right-unfold-Nth(0, 1) . simplify . direct-proof)
23 | )
24 | */
25 |
--------------------------------------------------------------------------------
/prover/t/disabled/listSegmentRightLength-listSegmentRightLength-implies-listSegmentRightLength.prover.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | root
5 |
6 |
7 | true
8 |
9 |
10 | .
11 |
12 |
13 | \implies ( \and ( listSegmentRightLength ( H { ArrayIntInt } , X { Int } , Y { Int } , FA { SetInt } , LA { Int } , .Patterns ) , listSegmentRightLength ( H { ArrayIntInt } , Y { Int } , Z { Int } , FB { SetInt } , LB { Int } , .Patterns ) , \equals ( F { SetInt } , union ( FA { SetInt } , FB { SetInt } , .Patterns ) ) , disjoint ( FA { SetInt } , FB { SetInt } , .Patterns ) , \equals ( LENGTH { Int } , plus ( LA { Int } , LB { Int } , .Patterns ) ) , .Patterns ) , \exists { .Patterns } \and ( listSegmentRightLength ( H { ArrayIntInt } , X { Int } , Z { Int } , F { SetInt } , LENGTH { Int } , .Patterns ) , .Patterns ) )
14 |
15 |
16 | success
17 |
18 |
19 | .
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/prover/t/propagate-exists-through-application.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a : foo ( foo ( 1 , \exists { X { Int } , .Patterns } X { Int } , .Patterns ) , \exists { X { Int } , .Patterns } foo ( X { Int } , 3 , .Patterns ) , .Patterns )
26 |
27 | axiom ax0 : foo ( foo ( 1 , \exists { X { Int } , .Patterns } X { Int } , .Patterns ) , foo ( \exists { X { Int } , .Patterns } X { Int } , 3 , .Patterns ) , .Patterns )
28 |
29 | symbol foo ( Int , Int , .Sorts ) : Int
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/t/emptyset-implies-isempty.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( \equals ( S { SetInt } , emptyset ) , .Patterns ) , \exists { .Patterns } \and ( isEmpty ( S { SetInt } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { S { SetInt } , .Patterns } \iff-lfp ( isEmpty ( S { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( S { SetInt } , emptyset ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( isEmpty )
29 |
30 | symbol isEmpty ( SetInt , .Sorts ) : Bool
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/prover/t/instantiate-universals.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : functional ( a )
26 |
27 | axiom ax1 : \implies ( \forall { .Patterns } \forall { X { Int } , Y { A } , .Patterns } \equals ( f ( X { Int } , Y { A } , .Patterns ) , 0 ) , \equals ( f ( 3 , a ( .Patterns ) , .Patterns ) , 0 ) )
28 |
29 | sort A
30 |
31 | symbol a ( .Sorts ) : A
32 |
33 | symbol f ( Int , Int , .Sorts ) : Int
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/prover/strategies/inst-exists.md:
--------------------------------------------------------------------------------
1 | ```
2 | Gamma |- functionalPattern(T)
3 | Gamma |- P(T)
4 | --------------------------------------------------------------------
5 | Gamma |- \exists V. P(V)
6 |
7 | ```
8 |
9 | ```k
10 | module STRATEGY-INST-EXISTS
11 | imports PROVER-CORE
12 | imports STRATEGIES-EXPORTED-SYNTAX
13 | imports KORE-HELPERS
14 |
15 | rule
16 | inst-exists(V, T, Strat)
17 | => subgoal(\functionalPattern(T), Strat) & noop
18 | ...
19 |
20 | P => instExists(P, V, T)
21 |
22 |
23 | syntax Pattern ::= instExists(Pattern, Variable, Pattern) [function]
24 |
25 | rule instExists(\implies(L, R), V, T)
26 | => \implies(L, instExists(R, V, T))
27 |
28 | rule instExists(\exists {Vs} P, V, T)
29 | => subst(P, V, T)
30 | requires V in Vs andBool ((Vs -Patterns V) ==K .Patterns)
31 |
32 | rule instExists(\exists {Vs} P, V, T)
33 | => \exists {Vs -Patterns V} subst(P, V, T)
34 | requires V in Vs andBool notBool ((Vs -Patterns V) ==K .Patterns)
35 |
36 | endmodule
37 | ```
38 |
--------------------------------------------------------------------------------
/prover/t/listSortedLength-implies-listSorted.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSortedLength.kore"
2 | imports "t/definitions/listSorted.kore"
3 |
4 | claim \implies( \and( listSortedLength( H { ArrayIntInt }
5 | , X { Int }
6 | , K { SetInt }
7 | , MIN { Int }
8 | , Length { Int }
9 | )
10 | )
11 | , \and( listSorted( H { ArrayIntInt }
12 | , X { Int }
13 | , K { SetInt }
14 | , MIN { Int }
15 | )
16 | )
17 | )
18 | strategy search-fol(bound: 3)
19 | /*
20 | strategy kt . ( (right-unfold-Nth(0, 0) . simplify . instantiate-existentials . smt )
21 | | (simplify . instantiate-existentials . smt )
22 | | (right-unfold-Nth(0, 1) . simplify . instantiate-existentials . smt )
23 | )
24 | */
25 |
--------------------------------------------------------------------------------
/prover/t/zero-iszero.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( .Patterns ) , \exists { .Patterns } \and ( iszero ( 0 , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { Int } , .Patterns } \iff-lfp ( iszero ( Vx { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( Vx { Int } , 0 ) , \equals ( 0 , 0 ) , .Patterns ) , \exists { .Patterns } \and ( \not ( \equals ( Vx { Int } , 0 ) ) , \equals ( 0 , 1 ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( iszero )
29 |
30 | symbol iszero ( Int , .Sorts ) : Bool
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/prover/matching:
--------------------------------------------------------------------------------
1 |
2 |
3 | * AC + A matching algorithm, specialized to normalized unconstrained heap
4 | * Normalized form is `sep(PATTERNS)` where `PATTERNS` is a list of terms
5 |
6 |
7 | * Assoc matching algorithm
8 |
9 | ```
10 | matchAssoc( . , . )
11 | => .Subst
12 |
13 | matchAssoc( c(ARGs_T), REST_T, c(ARGs_P), REST_P )
14 | => matchAssoc( ARGs_T, REST_T, ARGs_P, REST_P )
15 |
16 | matchAssoc( (T, Ts) , (V, Ps) )
17 | => V \mapsto T matchAssoc( Ts, Ps)
18 | where V is a free variable
19 | ```
20 |
21 | * AC Matching
22 |
23 | ```
24 | matchAssocComm( . , P )
25 | => fail
26 |
27 | matchAssocComm( Ts, . )
28 | => ( subst: .Subst, rest: Ts )
29 |
30 | matchAssocComm( Ts, (P, Ps) )
31 | => ( subst: subst(X1) subst(X2)
32 | rest: rest(X2)
33 | )
34 | where X1 = matchAssocComm( Ts, P )
35 | X2 = matchAssocComm( rest(X1), Ps )
36 |
37 | matchAssocComm( (T, Ts) , P )
38 | => ( subst: matchAssoc( T, P )
39 | rest: Ts
40 | )
41 | || matchAssocComm( Ts, P )
42 | ```
43 |
--------------------------------------------------------------------------------
/prover/t/propagate-conjunct-through-exists.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a : \or ( \exists { A { Int } , .Patterns } \and ( A { Int } , .Patterns ) , \exists { X { Int } , .Patterns } \and ( gte ( X { Int } , 2 , .Patterns ) , \exists { Y { Int } , .Patterns } gte ( Y { Int } , 1 , .Patterns ) , .Patterns ) , .Patterns )
26 |
27 | axiom ax0 : \or ( \exists { A { Int } , .Patterns } \and ( A { Int } , .Patterns ) , \exists { X { Int } , Y { Int } , .Patterns } \and ( gte ( Y { Int } , 1 , .Patterns ) , gte ( X { Int } , 2 , .Patterns ) , .Patterns ) , .Patterns )
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/prover/t/propagate-predicate-through-application.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom a : \exists { X { Int } , .Patterns } \and ( gte ( X { Int } , 1 , .Patterns ) , foo ( \and ( X { Int } , gte ( X { Int } , 0 , .Patterns ) , .Patterns ) , X { Int } , .Patterns ) , .Patterns )
26 |
27 | axiom ax0 : \exists { X { Int } , .Patterns } foo ( \and ( X { Int } , gte ( X { Int } , 0 , .Patterns ) , .Patterns ) , \and ( gte ( X { Int } , 1 , .Patterns ) , X { Int } , .Patterns ) , .Patterns )
28 |
29 | symbol foo ( Int , Int , .Sorts ) : Int
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/t/apply-equation.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : \equals ( 1 , 1 )
26 |
27 | axiom ax1 : \equals ( f ( 0 , 1 , .Patterns ) , f ( 3 , f ( 0 , 1 , .Patterns ) , .Patterns ) )
28 |
29 | axiom f_X_Y : \forall { X { Int } , Y { Int } , .Patterns } \implies ( \or ( \equals ( X { Int } , 0 ) , \equals ( X { Int } , 3 ) , .Patterns ) , \implies ( gte ( Y { Int } , 0 , .Patterns ) , \equals ( f ( X { Int } , Y { Int } , .Patterns ) , Y { Int } ) ) )
30 |
31 | symbol f ( Int , Int , .Sorts ) : Int
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/prover/strategies/introduce-lemma.md:
--------------------------------------------------------------------------------
1 | # introduce-lemma
2 |
3 | ```
4 | Gamma |- Phi Gamma U {Phi} |- Psi
5 | ------------------------------------
6 | Gamma |- Psi
7 | ```
8 |
9 | ```k
10 |
11 | module STRATEGY-INTRODUCE-LEMMA
12 | imports PROVER-CORE
13 | imports STRATEGIES-EXPORTED-SYNTAX
14 |
15 | rule introduce-lemma(Name : Phi, by: Strat)
16 | => subgoal(Name, Phi, Strat)
17 | ~> #introduceLemma(Name, Phi)
18 | ...
19 |
20 | GId
21 | requires notBool AxiomNameToString(Name) in collectLocalAxiomNames(GId)
22 |
23 | rule (.K => "Name already used!" )
24 | ~> introduce-lemma(Name : _, by: _)
25 | ...
26 |
27 | GId
28 | requires AxiomNameToString(Name) in collectLocalAxiomNames(GId)
29 |
30 | syntax KItem ::= #introduceLemma(AxiomName, Pattern)
31 |
32 | rule (success ~> #introduceLemma(Name, Phi)) => noop ...
33 | (.Bag =>
34 | axiom Name : Phi
35 | ) ...
36 |
37 |
38 |
39 | endmodule
40 | ```
41 |
--------------------------------------------------------------------------------
/prover/t/apply.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | 0
4 |
5 |
6 |
7 | id: ., parent: .
8 |
9 | \and ( .Patterns )
10 |
11 |
12 | .
13 | n
14 | .
15 |
16 |
17 | .LocalDeclCellSet
18 |
19 |
20 | .
21 |
22 |
23 |
24 |
25 | axiom ax0 : bar ( .Patterns )
26 |
27 | axiom foo_and_goo_implies_bar : \implies ( foo ( .Patterns ) , \implies ( goo ( .Patterns ) , bar ( .Patterns ) ) )
28 |
29 | axiom foo_holds : foo ( .Patterns )
30 |
31 | axiom goo_holds : goo ( .Patterns )
32 |
33 | symbol bar ( .Sorts ) : Bool
34 |
35 | symbol foo ( .Sorts ) : Bool
36 |
37 | symbol goo ( .Sorts ) : Bool
38 |
39 |
40 |
41 |
--------------------------------------------------------------------------------
/prover/t/avl-implies-bst.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/avl.kore"
2 | imports "t/definitions/bst.kore"
3 |
4 | claim \implies( \and( avl( H { ArrayIntInt }
5 | , X { Int }
6 | , F { SetInt }
7 | , MIN { Int }
8 | , MAX { Int }
9 | , Height { Int }
10 | , Balance { Int }
11 | )
12 | )
13 | , \and( bst( H { ArrayIntInt }
14 | , X { Int }
15 | , F { SetInt }
16 | , MIN { Int }
17 | , MAX { Int }
18 | )
19 | )
20 | )
21 | strategy search-fol(bound: 3)
22 | //strategy simplify . kt . simplify
23 | // . ( (right-unfold-Nth(0,0) . simplify . instantiate-existentials . smt-cvc4 )
24 | // | (right-unfold-Nth(0,1) . simplify . instantiate-existentials . smt-cvc4 )
25 | // | (instantiate-existentials . smt-cvc4 )
26 | // | (right-unfold-Nth(0,2) . simplify . instantiate-existentials . smt-cvc4 )
27 | // | noop
28 | // )
29 |
--------------------------------------------------------------------------------
/prover/t/definitions/listSorted.kore:
--------------------------------------------------------------------------------
1 | symbol listSorted(ArrayIntInt, Int, SetInt, Int) : Bool
2 | axiom functional(listSorted)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt }, PREV_VAL { Int } }
5 | \iff-lfp( listSorted(H { ArrayIntInt }, X { Int }, F { SetInt }, PREV_VAL { Int })
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, 0)
8 | , \equals(F { SetInt }, emptyset)
9 | )
10 | , \exists { F_I { SetInt } , VAL_I { Int } , X_I { Int } }
11 | \and( listSorted(H { ArrayIntInt }, X_I { Int }, F_I { SetInt }, VAL_I { Int })
12 | , gt(X { Int }, 0)
13 | , \equals(select(H { ArrayIntInt }, X { Int }) , X_I { Int })
14 | , \equals(F { SetInt } , union(F_I { SetInt }, singleton(X { Int })))
15 | , disjoint(F_I { SetInt }, singleton(X { Int }))
16 | , \equals(VAL_I { Int } , select(H { ArrayIntInt }, plus(X { Int }, 1)))
17 | , gt(VAL_I { Int }, PREV_VAL { Int })
18 | )
19 | )
20 | )
21 |
--------------------------------------------------------------------------------
/ml2fol/arc/build:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | #printf "lexing \"lexer.mll\" ...\n"
4 | #ocamllex lexer.mll
5 |
6 | #printf "\nyaccing \"parser.mly\"...\n"
7 | #ocamlyacc parser.mly
8 |
9 | printf "compiling \"prelude.ml\"\t...\t"
10 | ocamlopt -c src/prelude.ml
11 | printf "Done.\n"
12 |
13 | printf "compiling \"matching_logic.ml\"\t...\t"
14 | ocamlc -c src/matching_logic.ml
15 | printf "Done.\n"
16 |
17 | #printf "\ncompiling \"convert.ml\" ...\n"
18 | #ocamlc -c convert.ml
19 |
20 | #printf "\ncompiling \"parser.mli\" ...\n"
21 | #ocamlc -c parser.mli
22 |
23 | #printf "\ncompiling \"lexer.ml\" ...\n"
24 | #ocamlc -c lexer.ml
25 |
26 | #printf "\ncompiling \"parser.ml\" ...\n"
27 | #ocamlc -c parser.ml
28 |
29 | #printf "\ncompiling \"main.ml\" ...\n"
30 | #ocamlc -c main.ml
31 |
32 | #printf "\nmaking final binaries ...\n"
33 | #ocamlc -o ml2fol lexer.cmo prelude.cmo matching_logic.cmo convert.cmo parser.cmo main.cmo
34 |
35 | #printf "\ncreating tests ...\n"
36 | #ocamlfind ocamlc -o test -package oUnit -linkpkg -g prelude.ml matching_logic.cmo convert.ml test.ml
37 |
38 | #printf "\nrunning test suites ...\n"
39 | #./test
40 |
41 | #printf "\ncleaning ...\n"
42 | #rm *.cmo *.cmi parser.mli lexer.ml parser.ml *.cache *.log test
43 |
--------------------------------------------------------------------------------
/prover/t/definitions/listSegmentLeft.kore:
--------------------------------------------------------------------------------
1 | symbol listSegmentLeft(ArrayIntInt, Int, Int, SetInt) : Bool
2 | axiom functional(listSegmentLeft)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt } }
5 | \iff-lfp( listSegmentLeft(H { ArrayIntInt }, X { Int }, Y { Int } , F { SetInt })
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, Y { Int })
8 | , \equals(F { SetInt }, emptyset)
9 | )
10 | , \exists { X1 { Int } , F1 { SetInt } }
11 | \and( gt(X { Int }, 0)
12 | , listSegmentLeft( H { ArrayIntInt }
13 | , X1 { Int }
14 | , Y { Int }
15 | , F1 { SetInt }
16 | )
17 | , \equals(select(H { ArrayIntInt }, X { Int }), X1 { Int })
18 | , \equals(F { SetInt }, union(F1 { SetInt } , singleton(X { Int })))
19 | , disjoint(F1 { SetInt } , singleton(X { Int }))
20 | )
21 | )
22 | )
23 |
--------------------------------------------------------------------------------
/prover/t/definitions/listLength.kore:
--------------------------------------------------------------------------------
1 | symbol listLength(ArrayIntInt, Int, SetInt, Int) : Bool
2 | axiom functional(listLength)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt }, LENGTH { Int } }
5 | \iff-lfp( listLength(H { ArrayIntInt }, X { Int }, F { SetInt }, LENGTH { Int })
6 | , \or( \exists { }
7 | \and( \equals(X { Int } , 0)
8 | , \equals(F { SetInt }, emptyset)
9 | , \equals(LENGTH { Int }, 0)
10 | )
11 | , \exists { F_I { SetInt } , LENGTH_I { Int } , X_I { Int } }
12 | \and( listLength(H { ArrayIntInt },X_I { Int },F_I { SetInt }, LENGTH_I { Int })
13 | , gt(X { Int } ,0)
14 | , \equals(select(H { ArrayIntInt }, X { Int }) , X_I { Int })
15 | , \equals(F { SetInt } , union(F_I { SetInt }, singleton(X { Int } )))
16 | , disjoint(F_I { SetInt }, singleton(X { Int } ))
17 | , gt(LENGTH { Int }, 0)
18 | , \equals(LENGTH_I { Int }, minus(LENGTH { Int }, 1))
19 | )
20 | )
21 | )
22 |
--------------------------------------------------------------------------------
/prover/t/isMod4-implies-isEven.smt2:
--------------------------------------------------------------------------------
1 | (define-fun-rec
2 | isDiv4Pos ((x Int)) Bool
3 | ( ite (< x 0) false
4 | ( ite (= x 0)
5 | true
6 | ( isDiv4Pos (- x 4) )
7 | )
8 | )
9 | )
10 |
11 | (define-fun-rec
12 | isEvenPos ((x Int)) Bool
13 | ( ite (< x 0) false
14 | ( ite (= x 0)
15 | true
16 | ( isEvenPos (- x 2) )
17 | )
18 | )
19 | )
20 | (declare-const x Int)
21 | (assert (isDiv4Pos x))
22 | (assert (not (isEvenPos x)))
23 |
24 | (set-info :mlprover-strategy
25 | normalize
26 | . or-split-rhs
27 | . kt . ( ( right-unfold . smt-cvc4 )
28 | | ( kt-solve-implications(smt-cvc4) . normalize
29 | . kt . ( ( right-unfold-Nth(0, 1) . normalize
30 | . right-unfold-Nth(0, 1) . normalize
31 | . right-unfold-Nth(0, 0) . normalize
32 | . smt-cvc4
33 | )
34 | | ( kt-solve-implications(smt-cvc4) . normalize
35 | . smt-cvc4
36 | )
37 | )
38 | )
39 | )
40 | )
41 | (check-sat)
42 |
--------------------------------------------------------------------------------
/tableaux/test:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -e
4 |
5 | run_maude() {
6 | maude "$test_actual"
18 | echo "passed."
19 | do_diff "$test_actual" "$t.expected"
20 | done
21 | echo 'Passed.'
22 | }
23 |
24 | update_expected() {
25 | for t in "$@"; do
26 | run_maude "$t" &> "$t.expected"
27 | done
28 | }
29 |
30 | print_usage() {
31 | echo """
32 | Usage:
33 |
34 | $0
35 | run tests
36 |
37 | $0 update test_file1 [test_file2...]
38 | update expected output
39 | """
40 | }
41 |
42 | if [[ "$#" = 0 ]] ; then run_test t/*.maude ;
43 | elif [[ "$1" = "run" ]] ; then shift; run_maude "$@" ;
44 | elif [[ "$1" = "test" ]] ; then shift; run_test "$@" ;
45 | elif [[ "$1" = "update" ]] ; then shift; update_expected "$@" ;
46 | elif [[ "$1" = "help" ]] ; then shift; print_usage "$@" ;
47 | else print_usage "$@" ; echo >&2 "Unknown argument: $1"; exit 1;
48 | fi
49 |
--------------------------------------------------------------------------------
/prover/t/disabled/dllSegmentLeft-dll-implies-dll.prover:
--------------------------------------------------------------------------------
1 | claim \implies( \and( dllSegmentLeft (
2 | H { ArrayIntInt }
3 | , X { Int }
4 | , Y { Int }
5 | , F { SetInt }
6 | )
7 | , dll ( H { ArrayIntInt }
8 | , Y { Int }
9 | , G { SetInt }
10 | )
11 | , \equals( K { SetInt }
12 | , union( F { SetInt }
13 | , G { SetInt }
14 | )
15 | )
16 | , disjoint( F { SetInt }
17 | , G { SetInt }
18 | )
19 | )
20 | , \and( dll ( H { ArrayIntInt }
21 | , X { Int }
22 | , K { SetInt }
23 | )
24 | )
25 | )
26 | // strategy search-bound(3)
27 | strategy simplify ; kt ; normalize
28 | ; ( (simplify ; instantiate-existentials ; smt)
29 | | (simplify ; right-unfold-Nth(0,1) ; simplify ; instantiate-existentials ; wait)
30 | | (wait)
31 | )
32 |
--------------------------------------------------------------------------------
/prover/t/test-lists/passing-5-12-40:
--------------------------------------------------------------------------------
1 | t/SL-COMP18/bench/qf_shid_entl/21.tst.smt2
2 | t/SL-COMP18/bench/qf_shid_entl/ls_even_append_tl_entails_ls.sb.smt2
3 | t/SL-COMP18/bench/qf_shid_entl/ls_even_entails_ls.sb.smt2
4 | t/SL-COMP18/bench/qf_shid_entl/ls_even_join_entails_ls.sb.smt2
5 | t/SL-COMP18/bench/qf_shid_entl/ls_even_join_ls_entails_ls.sb.smt2
6 | t/SL-COMP18/bench/qf_shid_entl/ls_even_odd_join_entails_ls.sb.smt2
7 | t/SL-COMP18/bench/qf_shid_entl/ls_nonrec_entail_ls_06.sb.smt2
8 | t/SL-COMP18/bench/qf_shid_entl/ls_odd_append_tl_entails_ls.sb.smt2
9 | t/SL-COMP18/bench/qf_shid_entl/ls_odd_join_entails_ls.sb.smt2
10 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_01.sb.smt2
11 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_03.sb.smt2
12 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_04.sb.smt2
13 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_09.sb.smt2
14 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_14.sb.smt2
15 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_15.sb.smt2
16 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_ls2_09.sb.smt2
17 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_ls2_13.sb.smt2
18 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_ls2_14.sb.smt2
19 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_ls2_15.sb.smt2
20 | t/SL-COMP18/bench/qf_shid_entl/lsevenodd_ls2_16.sb.smt2
21 | t/SL-COMP18/bench/qf_shid_entl/nll-vc01.smt2
22 | t/SL-COMP18/bench/qf_shid_entl/nll-vc02.smt2
23 |
--------------------------------------------------------------------------------
/prover/t/definitions/find-list-seg.kore:
--------------------------------------------------------------------------------
1 | symbol find-list-seg(ArrayIntInt, Int, Int, SetInt) : Bool
2 | axiom \forall { H : ArrayIntInt, X : Int, Y : Int, F : SetInt }
3 | \iff-lfp( find-list-seg(H, X, Y, F)
4 | , \or( \and( \equals(X, Y)
5 | , \equals(F, emptyset)
6 | , .Patterns
7 | )
8 | , \and( find-list-seg( H
9 | , X
10 | , Y", !I:Int) { Int }
11 | , F", !J:Int) { SetInt }
12 | , .Patterns
13 | )
14 | , gt(Y", !I:Int) { Int }, 0)
15 | , \equals(Y, select(H, plus(Y", !I:Int) { Int }, 1)))
16 | , \equals( F
17 | , add ( F", !J:Int) { SetInt }
18 | , Y", !I:Int) { Int }
19 | )
20 | )
21 | , \not(isMember(Y", !I:Int) { Int }, F", !J:Int) { SetInt }))
22 | , .Patterns
23 | )
24 | , .Patterns
25 | )
26 | )
27 |
--------------------------------------------------------------------------------
/prover/t/unit/subst.k:
--------------------------------------------------------------------------------
1 | requires "drivers/unit-tests.k"
2 |
3 | module UNIT-TEST
4 | imports DRIVER-UNIT-TEST
5 | imports KORE-HELPERS
6 | syntax Symbol ::= "x1" [token] | "y1" [token] | "z1" [token]
7 | syntax Sort ::= "Sort1" [token]
8 | syntax VariableName ::= "X1" [token] | "Y1" [token]
9 |
10 | rule test(1) => assert( subst(x1, y1, z1) == x1 ) .Declarations
11 | rule test(2) => assert( subst(y1, y1, z1) == z1 ) .Declarations
12 | rule test(3) => assert( subst( \forall { X1 { Sort1 } } X1 { Sort1 }, X1, Y1 { Sort1 })
13 | == \forall { X1 { Sort1 } } X1 { Sort1 }
14 | ) .Declarations
15 | rule test(4) => assert( subst( \forall { Y1 { Sort1 } } X1 { Sort1 }, X1, Y1 { Sort1 })
16 | == \forall { Y1 { Sort1 } } Y1 { Sort1 }
17 | ) .Declarations
18 | rule test(5) => assert( subst( X1 { Sort1 } , x1(y1, z1) , \and(y1) )
19 | == X1 { Sort1 }
20 | ) .Declarations
21 | rule test(6) => assert( subst( x1(x1(z1), x1(y1)) , x1(y1), z1 )
22 | == x1(x1(z1), z1)
23 | ) .Declarations
24 | rule test(7) => assert( subst( x1(x1(x1(y1)), x1(y1)) , x1(y1), z1 )
25 | == x1(x1(z1), z1)
26 | ) .Declarations
27 | endmodule
28 |
--------------------------------------------------------------------------------
/prover/t/disabled/listSegmentRight-list-implies-list.prover:
--------------------------------------------------------------------------------
1 | claim \implies( \and( listSegmentRight( H { ArrayIntInt }
2 | , X { Int }
3 | , Y { Int }
4 | , G1 { SetInt }
5 | )
6 | , list( H { ArrayIntInt }
7 | , Y { Int }
8 | , G2 { SetInt }
9 | )
10 | , disjoint(G1 { SetInt }, G2 { SetInt })
11 | , \equals(F { SetInt }, union(G1 { SetInt }, G2 { SetInt }))
12 | )
13 | , \and( list( H { ArrayIntInt }
14 | , X { Int }
15 | , F { SetInt }
16 | )
17 | )
18 | )
19 | strategy kt # head(listSegmentRight) # freshPositions(1) ; search-bound(4)
20 | /*
21 | strategy kt # head(listSegmentRight) # freshPositions(1)
22 | ; ( ( simplify ; instantiate-existentials ; smt-cvc4 )
23 | | ( right-unfold-Nth(0, 1) ; simplify ; instantiate-existentials )
24 | | noop
25 | )
26 | ; ( ( simplify ; instantiate-existentials ; smt-cvc4 )
27 | | ( right-unfold-Nth(0, 1) ; simplify ; instantiate-existentials ; smt-cvc4 )
28 | )
29 | */
30 |
--------------------------------------------------------------------------------
/prover/t/listSegmentLeft-implies-listSegmentRight.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSegmentLeft.kore"
2 | imports "t/definitions/listSegmentRight.kore"
3 |
4 | claim \implies( \and( listSegmentLeft (H { ArrayIntInt } , X { Int }, Y { Int }, F { SetInt }) )
5 | , \and( listSegmentRight(H { ArrayIntInt } , X { Int }, Y { Int }, F { SetInt }) )
6 | )
7 |
8 | // strategy search-bound(5)
9 |
10 | strategy kt . normalize . ( ( simplify . right-unfold-Nth(0, 0) . smt-cvc4 )
11 | | ( kt-solve-implications(smt-cvc4) . normalize
12 | . kt . ( ( right-unfold-Nth(0, 1)
13 | . right-unfold-Nth(0, 0)
14 | . normalize
15 | . instantiate-existentials
16 | . smt-cvc4
17 | )
18 | | ( right-unfold-Nth(0, 1)
19 | . instantiate-existentials
20 | . instantiate-universals-with-ground-terms
21 | . normalize
22 | . smt-cvc4
23 | )
24 | )
25 | )
26 | )
27 |
--------------------------------------------------------------------------------
/prover/t/definitions/dll.kore:
--------------------------------------------------------------------------------
1 | symbol dll(ArrayIntInt, Int, SetInt) : Bool
2 | axiom functional(dll)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt } }
5 | \iff-lfp( dll(H { ArrayIntInt }, X { Int }, F { SetInt })
6 | , \or( \and( \equals(X { Int }, 0)
7 | , \equals(F { SetInt }, emptyset)
8 | , .Patterns
9 | )
10 | , \and( dll( H
11 | , X", !I:Int) { Int }
12 | , F", !J:Int) { SetInt }
13 | , .Patterns
14 | )
15 | , gt(X { Int }, 0)
16 | , gt(X", !I:Int) { Int } , 0)
17 | , \equals( X", !I:Int) { Int }
18 | , select(H { ArrayIntIntInt }, plus(X { Int }, 1)))
19 | , \equals( X { Int }
20 | , select(H { ArrayIntInt }, plus(X", !I:Int) { Int }, 2)))
21 | , \not(isMember(X { Int }, F", !J:Int) { SetInt }))
22 | , \equals(F { SetInt }, union(F", !J:Int) { SetInt }, singleton(X { Int })))
23 | , .Patterns
24 | )
25 | , .Patterns
26 | )
27 | )
28 |
--------------------------------------------------------------------------------
/prover/t/test-lists/qf_shid_entl.unsat.5:
--------------------------------------------------------------------------------
1 | t/SL-COMP18/bench/qf_shid_entl/append_sll_ls_slk-1.smt2
2 | t/SL-COMP18/bench/qf_shid_entl/dll-vc01.smt2
3 | t/SL-COMP18/bench/qf_shid_entl/dll-vc02.smt2
4 | t/SL-COMP18/bench/qf_shid_entl/dll-vc03.smt2
5 | t/SL-COMP18/bench/qf_shid_entl/dll-vc15.smt2
6 | t/SL-COMP18/bench/qf_shid_entl/eolseg_01.sb.smt2
7 | t/SL-COMP18/bench/qf_shid_entl/ls2_entail_ls_04.sb.smt2
8 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls2_02.sb.smt2
9 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls2_06.sb.smt2
10 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls_nonrec_03.sb.smt2
11 | t/SL-COMP18/bench/qf_shid_entl/ls_entail_ls_nonrec_04.sb.smt2
12 | t/SL-COMP18/bench/qf_shid_entl/lsegex4_slk-6.smt2
13 | t/SL-COMP18/bench/qf_shid_entl/lsleftright_07.sb.smt2
14 | t/SL-COMP18/bench/qf_shid_entl/lsleftright_10.sb.smt2
15 | t/SL-COMP18/bench/qf_shid_entl/lsleftright_11.sb.smt2
16 | t/SL-COMP18/bench/qf_shid_entl/lsleftright_12.sb.smt2
17 | t/SL-COMP18/bench/qf_shid_entl/lsleftright_13.sb.smt2
18 | t/SL-COMP18/bench/qf_shid_entl/lsleftright_18.sb.smt2
19 | t/SL-COMP18/bench/qf_shid_entl/lss-vc01.smt2
20 | t/SL-COMP18/bench/qf_shid_entl/lss-vc02.smt2
21 | t/SL-COMP18/bench/qf_shid_entl/lss-vc03.smt2
22 | t/SL-COMP18/bench/qf_shid_entl/nll-vc05.smt2
23 | t/SL-COMP18/bench/qf_shid_entl/nll-vc12.smt2
24 | t/SL-COMP18/bench/qf_shid_entl/skl2-vc01.smt2
25 | t/SL-COMP18/bench/qf_shid_entl/skl2-vc04.smt2
26 |
--------------------------------------------------------------------------------
/ml2fol/pat.ml:
--------------------------------------------------------------------------------
1 | (* pat.ml - ml2fol conversion - FSL group *)
2 |
3 | (* The type of the abstract syntax tree (AST) of S-expressions. *)
4 |
5 | (* This file is only used for parsing. When the parser parses
6 | an S-expression of a pattern, it returns a pat. Then we
7 | resolve the variables in the pat and leave symbols there
8 | until we have a signature to resolve them. *)
9 |
10 | open Prelude
11 | open Logic
12 |
13 | type pat =
14 | | Top
15 | | Bottom
16 | | Var of string * string
17 | | Id of string (* place holder for constants and variables *)
18 | | App of string * pat list
19 | | And of pat list
20 | | Or of pat list
21 | | Not of pat
22 | | Implies of pat * pat
23 | | Iff of pat * pat
24 | | Forall of (string * string) list * pat
25 | | Exists of (string * string) list * pat
26 | | Equal of pat * pat
27 | | Ceil of pat
28 | | Floor of pat
29 | | Contains of pat * pat
30 | ;;
31 |
32 | type sym =
33 | | UI of string * (string list) * string
34 | | FC of string * (string list) * string
35 | | PF of string * (string list) * string
36 | ;;
37 |
38 | let add_sort_pat s (sorts, syms, pats) =
39 | (set_union [s] sorts, syms, pats)
40 | ;;
41 |
42 | let add_sym_pat sym (sorts, syms, pats) =
43 | (sorts, set_union [sym] syms, pats)
44 | ;;
45 |
46 | let add_axiom_pat pat (sorts, syms, pats) =
47 | (sorts, syms, set_union [pat] pats)
48 | ;;
49 |
--------------------------------------------------------------------------------
/prover/t/listSegmentRightLength-appendone-implies-listSegmentRightLength.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSegmentRightLength.kore"
2 |
3 | claim \implies( \and( listSegmentRightLength( H { ArrayIntInt }
4 | , X { Int }
5 | , Y { Int }
6 | , FA { SetInt }
7 | , LA { Int }
8 | )
9 | , \equals(F { SetInt }, union(FA { SetInt }, singleton(Y { Int })))
10 | , disjoint(FA { SetInt }, singleton(Y { Int }))
11 | , \equals(Z { Int }, select(H { ArrayIntInt }, Y { Int }))
12 | , \equals(LENGTH { Int }, plus(LA { Int }, 1))
13 | , gt(Y { Int }, 0)
14 | )
15 | , \and( listSegmentRightLength( H { ArrayIntInt }
16 | , X { Int }
17 | , Z { Int }
18 | , F { SetInt }
19 | , LENGTH { Int }
20 | )
21 | )
22 | )
23 | strategy search-fol(bound: 3)
24 | /*
25 | strategy right-unfold-Nth(0, 1) . simplify . direct-proof
26 | */
27 |
--------------------------------------------------------------------------------
/ml2fol/main.ml:
--------------------------------------------------------------------------------
1 | open Parser
2 | open Conversion
3 | open Prelude
4 | open Logic
5 | open Pat2pattern
6 | open Printf
7 | open String
8 |
9 |
10 | let parse_from_string s =
11 | let lexbuf = Lexing.from_string s in
12 | let thy = Parser.thy Lexer.token lexbuf in
13 | thy
14 | ;;
15 |
16 | let parse_from_channel c =
17 | let lexbuf = Lexing.from_channel c in
18 | let thy = Parser.thy Lexer.token lexbuf in
19 | thy
20 | ;;
21 |
22 | let parse_from_file fname =
23 | let ic = open_in fname in
24 | try
25 | let thy = parse_from_channel ic in
26 | close_in ic;
27 | thy
28 | with e ->
29 | close_in_noerr ic;
30 | raise e
31 | ;;
32 |
33 | let mltheory_from_string s =
34 | theory_of_thy (parse_from_string s)
35 | ;;
36 |
37 | let mltheory_from_file fname =
38 | theory_of_thy (parse_from_file fname)
39 | ;;
40 |
41 |
42 | let ml2fol_file fname_ml fname_fol =
43 | let smt2 = string_of_foltheory (foltheory_of_mltheory (mltheory_from_file fname_ml)) in
44 | let oc = open_out fname_fol in
45 | fprintf oc "%s\n" smt2;
46 | close_out oc
47 | ;;
48 |
49 | (* Read matching logic theory from @fname_ml,
50 | Write the first-order theory to @fname_ml ^ ".smt2". *)
51 |
52 | let _ =
53 | if Array.length Sys.argv = 1 then print_string "No argument.\n" else
54 | let fname_ml = Sys.argv.(1) in
55 | let fname_fol = fname_ml ^ ".smt2" in
56 | ml2fol_file fname_ml fname_fol
57 | ;;
58 |
--------------------------------------------------------------------------------
/prover/t/disabled/find-in-loop.prover:
--------------------------------------------------------------------------------
1 | claim
2 | \implies( \and( find-list-seg( H0 { ArrayIntInt }
3 | , OLDX { Int }
4 | , X { Int }
5 | , F1 { SetInt }
6 | )
7 | , find-list(H0 { ArrayIntInt }, X { Int }, F2 { SetInt })
8 | , disjoint(F1 { SetInt }, F2 { SetInt })
9 | , \not(isMember(DATA { Int }, F1 { SetInt }))
10 | , gt(X { Int }, 0)
11 | , gt(X { Int }, DATA { Int })
12 | , \equals(X2 { Int }, select(H0 { ArrayIntInt }, plus(X { Int }, 1)))
13 | , \equals(F3 { SetInt }, add(F1 { SetInt }, X { Int }))
14 | , \equals(F4 { SetInt }, del(F2 { SetInt }, X { Int }))
15 | )
16 | , \and( find-list-seg( H0 { ArrayIntInt }
17 | , OLDX { Int }
18 | , X2 { Int }
19 | , F3 { SetInt }
20 | )
21 | , find-list(H0 { ArrayIntInt }, X2 { Int }, F4 { SetInt })
22 | , disjoint(F3 { SetInt }, F4 { SetInt })
23 | , \not(isMember(DATA { Int }, F3 { SetInt }))
24 | )
25 | )
26 | // strategy search-bound(3)
27 | strategy simplify ; right-unfold-Nth(0,1) ; simplify ; left-unfold-Nth(1)
28 | ; simplify ; instantiate-existentials ; smt-cvc4
29 |
--------------------------------------------------------------------------------
/prover/include/prelude.kore:
--------------------------------------------------------------------------------
1 | symbol plus(Int, Int) : Int
2 | symbol minus(Int, Int) : Int
3 | symbol select(ArrayIntInt, Int) : Int
4 | symbol union(SetInt, SetInt) : SetInt
5 | symbol singleton() : SetInt
6 | symbol emptyset() : SetInt
7 | symbol disjoint(SetInt, SetInt) : Bool
8 | symbol lt(Int, Int) : Bool
9 | symbol gt(Int, Int) : Bool
10 | symbol lte(Int, Int) : Bool
11 | symbol gte(Int, Int) : Bool
12 | symbol max(Int, Int) : Int
13 | symbol isMember(Int, SetInt) : Bool
14 |
15 | axiom functional(plus)
16 | axiom functional(minus)
17 | axiom functional(select)
18 | axiom functional(union)
19 | axiom functional(singleton)
20 | axiom functional(emptyset)
21 |
22 | axiom hook-smt-sort(SetInt, SetInt)
23 | axiom hook-smt-sort(ArrayIntInt, (Array Int Int))
24 |
25 | axiom hook-smt-symbol(emptyset, emptysetx)
26 | axiom hook-smt-symbol(singleton, singleton)
27 | axiom hook-smt-symbol(lt, < )
28 | axiom hook-smt-symbol(gt, >)
29 | axiom hook-smt-symbol(lte, <=)
30 | axiom hook-smt-symbol(gte, >=)
31 | axiom hook-smt-symbol(plus, +)
32 | axiom hook-smt-symbol(max, max)
33 | axiom hook-smt-symbol(minus, -)
34 | axiom hook-smt-symbol(mult, *)
35 | axiom hook-smt-symbol(div, /)
36 | axiom hook-smt-symbol(select, select)
37 | axiom hook-smt-symbol(isMember, in)
38 | axiom hook-smt-symbol(add, setAdd)
39 | axiom hook-smt-symbol(del, setDel)
40 | axiom hook-smt-symbol(union, unionx)
41 | axiom hook-smt-symbol(disjoint, disjointx)
42 | axiom hook-smt-symbol(store, store)
43 |
44 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-06.tst.smt2:
--------------------------------------------------------------------------------
1 | (set-logic QF_SHID)
2 |
3 | (set-info :smt-lib-version 2.0)
4 | (set-info :category "crafted")
5 | (set-info :status unsat)
6 | (set-info :version "2014-05-31")
7 |
8 | (declare-sort RefGTyp 0)
9 |
10 |
11 | (declare-datatypes (
12 | (GTyp 0)
13 | ) (
14 | ((c_GTyp (f0 RefGTyp) ))
15 | )
16 | )
17 |
18 |
19 | (declare-heap (RefGTyp GTyp)
20 | )
21 |
22 | (define-fun-rec PeList ((x RefGTyp)(y RefGTyp)) Bool
23 | (or
24 | (and
25 | (= x y)
26 | (_ emp RefGTyp GTyp)
27 | )
28 |
29 | (exists ((xp RefGTyp))
30 |
31 | (and
32 | (distinct (as nil RefGTyp) x)
33 | (sep
34 | (pto x (c_GTyp xp ))
35 | (PeList xp y )
36 | )
37 |
38 | )
39 |
40 | )
41 |
42 | )
43 | )
44 |
45 |
46 | (declare-const x RefGTyp)
47 | (declare-const y RefGTyp)
48 | (declare-const z RefGTyp)
49 |
50 | (assert
51 | (sep
52 | (PeList x y )
53 | (PeList y z )
54 | )
55 |
56 | )
57 |
58 | (assert (not
59 | (PeList x z )
60 | ))
61 |
62 | ; (set-info :mlprover-strategy
63 | ; normalize
64 | ; . smtlib-to-implication
65 | ; . kt
66 | ; . or-split-rhs . normalize . lift-constraints
67 | ; . instantiate-existentials . substitute-equals-for-equals
68 | ; . ( ( lift-constraints . spatial-patterns-equal . smt)
69 | ; | ( right-unfold-Nth(0, 1) . lift-constraints
70 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
71 | ; )
72 | ; )
73 | ; )
74 | (check-sat)
75 |
76 |
--------------------------------------------------------------------------------
/prover/t/definitions/listSegmentRight.kore:
--------------------------------------------------------------------------------
1 | symbol listSegmentRight(ArrayIntInt, Int, Int, SetInt) : Bool
2 | axiom functional(listSegmentRight)
3 |
4 | axiom \forall { H { ArrayIntInt } , X { Int }, Y { Int }, F { SetInt } }
5 | \iff-lfp( listSegmentRight(H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt })
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, Y { Int })
8 | , \equals(F { SetInt }, emptyset)
9 | )
10 | , \exists { Y1 { Int } , F1 { SetInt } }
11 | \and( listSegmentRight( H { ArrayIntInt }
12 | , X { Int }
13 | , Y1 { Int }
14 | , F1 { SetInt }
15 | )
16 | , gt(Y1 { Int }, 0)
17 | , \equals(Y { Int }, select(H { ArrayIntInt }, Y1 { Int }))
18 | , \equals( F { SetInt }
19 | , union( F1 { SetInt }
20 | , singleton(Y1 { Int })
21 | )
22 | )
23 | , disjoint( F1 { SetInt }
24 | , singleton(Y1 { Int })
25 | )
26 | )
27 | )
28 | )
29 |
--------------------------------------------------------------------------------
/prover/t/definitions/bt.kore:
--------------------------------------------------------------------------------
1 | symbol bt(ArrayIntInt, Int, SetInt) : Bool
2 | axiom functional(bt)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt } }
5 | \iff-lfp( bt(H { ArrayIntInt }, X { Int }, F { SetInt } )
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, 0)
8 | , \equals(F { SetInt } , emptyset)
9 | )
10 | , \exists { F_J1 { SetInt } , F_J2 { SetInt } , X_I1 { Int } , X_I2 { Int } }
11 | \and( bt(H { ArrayIntInt }, X_I1 { Int }, F_J1 { SetInt })
12 | , bt(H { ArrayIntInt }, X_I2 { Int }, F_J2 { SetInt })
13 | , gt(X { Int }, 0)
14 | , \equals( X_I1 { Int }
15 | , select(H { ArrayIntInt }, plus(X { Int }, 1)))
16 | , \equals( X_I2 { Int }
17 | , select(H { ArrayIntInt }, plus(X { Int }, 2)))
18 | , \not(isMember(X { Int }, F_J1 { SetInt }))
19 | , \not(isMember(X { Int }, F_J2 { SetInt }))
20 | , \equals(F { SetInt } , union( singleton(X { Int })
21 | , union( F_J1 { SetInt }
22 | , F_J2 { SetInt })))
23 | , disjoint(F_J1 { SetInt }, F_J2 { SetInt })
24 | )
25 | )
26 | )
27 |
--------------------------------------------------------------------------------
/prover/t/unit/smt.k:
--------------------------------------------------------------------------------
1 | requires "drivers/unit-tests.k"
2 |
3 | module UNIT-TEST
4 | imports DRIVER-UNIT-TEST
5 | imports CVC4
6 |
7 | syntax SMTLIB2SimpleSymbol ::= "a" [token] | "b" [token] | "c" [token]
8 | | "*" [token] | "+" [token] | "=" [token] | ">" [token] | "distinct" [token]
9 | | "Bool" [token] | "Int" [token]
10 |
11 | // CVC4
12 | // ====
13 |
14 | // TODO: This test fails because the file name is non-deterministic
15 | // rule test()
16 | // ( CVC4CheckSAT((assert (= a b)))
17 | // == #error(#systemResult(1, "(error \"Parse Error: /tmp/querydcba3f.smt:2.14: Symbol a is not declared.\n\n ( assert (= a b ))\n ^\n\")\n" , ""))
18 | // )
19 | rule test(1)
20 | => assert( CVC4CheckSAT((declare-const a Bool) (assert (= a a)))
21 | == sat
22 | )
23 | .Declarations
24 | rule test(6)
25 | => assert( CVC4CheckSAT((declare-const a Bool)
26 | (assert (distinct a a))
27 | )
28 | == unsat
29 | )
30 | .Declarations
31 | // Fermat's last theorem (n = 3)
32 | rule test(2)
33 | => assert( CVC4CheckSAT((declare-const a Int) (declare-const b Int) (declare-const c Int)
34 | ( assert ( > a 0 )) ( assert ( > b 0 )) ( assert ( > c 0 ))
35 | ( assert ( = ( * c c c) ( + (* a a a) (* b b b))))
36 | )
37 | == unknown
38 | )
39 | .Declarations
40 | endmodule
41 |
--------------------------------------------------------------------------------
/prover/t/definitions/dllLength.kore:
--------------------------------------------------------------------------------
1 | symbol dllLength(ArrayIntInt, Int, SetInt, Int) : Bool
2 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt }, L { Int } }
3 | \iff-lfp( dllLength(H { ArrayIntInt }, X { Int }, F { SetInt }, L { Int })
4 | , \or( \and( \equals(X { Int }, 0)
5 | , \equals(F { SetInt }, 0)
6 | , \equals(L { Int }, emptyset)
7 | , .Patterns
8 | )
9 | , \and( dllLength( H
10 | , X", !I:Int) { Int }
11 | , F", !J:Int) { SetInt }
12 | , L", !K:Int) { Int }
13 | , .Patterns
14 | )
15 | , gt(X, 0)
16 | , \equals(L", !K:Int) { Int }, minus(L { Int }, 1))
17 | , gt(X", !I:Int) { Int } , 0)
18 | , \equals( X", !I:Int) { Int }
19 | , select(H { ArrayIntInt }, plus(X { Int }, 1)))
20 | , \equals( X { Int }
21 | , select(H { ArrayIntInt }, plus(X", !I:Int) { Int }, 2)))
22 | , \not(isMember(X { Int }, F", !J:Int) { SetInt }))
23 | , \equals(F { SetInt }, union(F", !J:Int) { SetInt }, singleton(X { Int })))
24 | , .Patterns
25 | )
26 | , .Patterns
27 | )
28 | )
29 |
--------------------------------------------------------------------------------
/prover/t/listSegmentLeft-list-implies-list.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/list.kore"
2 | imports "t/definitions/listSegmentLeft.kore"
3 |
4 |
5 | claim \implies( \and( listSegmentLeft( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } )
6 | , list( H { ArrayIntInt }, Y { Int }, G { SetInt })
7 | , \equals( K { SetInt }, union(F { SetInt }, G { SetInt }))
8 | , disjoint(F { SetInt }, G { SetInt })
9 | )
10 | , \and( list( H { ArrayIntInt }, X { Int }, K { SetInt }) )
11 | )
12 |
13 | /*
14 | Sketch of kt strategy for this proof (only considering recursive case)
15 |
16 | lseg(x,y) * list(y) -> list(x)
17 |
18 | C[lseg(x, y)] -> list(x) -- defining C == hole * list(y)
19 |
20 | lseg(x,y) -> \exists h. h /\ h * list(y) -> list(x) -- by kt-wrap
21 |
22 | (x > 0 and lseg(n(x), y))[RHS/lseg][n(x)/x] -> (\exists h. h /\ h * list(y) -> list(x)) -- by lfp
23 |
24 | (x > 0 and \exists h. h /\ h * list(y) -> list(n(x))) -> (\exists h. h /\ h * list(y) -> list(x)) -- by applying above substitution
25 |
26 | ((x > 0 and \exists h. h /\ h * list(y) -> list(n(x))) * list(y)) -> list(x) -- by kt-unwrap
27 |
28 | (x > 0 and list(n(x)) * list(y)) -> list(x) -- by kt-collapse
29 | */
30 |
31 | strategy kt . normalize
32 | . ( ( simplify
33 | . left-unfold-Nth(0) .
34 | ( ( right-unfold-Nth(0, 0) . smt)
35 | | ( right-unfold-Nth(0, 1) . smt)
36 | )
37 | )
38 | )
39 |
40 | // strategy search-bound(4)
41 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-03.tst.smt2:
--------------------------------------------------------------------------------
1 | (set-logic QF_SHID)
2 |
3 | (set-info :smt-lib-version 2.0)
4 | (set-info :category "crafted")
5 | (set-info :status unsat)
6 | (set-info :version "2014-05-31")
7 |
8 | (declare-sort RefGTyp 0)
9 |
10 | (declare-datatypes (
11 | (GTyp 0)
12 | ) (
13 | ((c_GTyp (f0 RefGTyp) ))
14 | )
15 | )
16 |
17 | (declare-heap (RefGTyp GTyp)
18 | )
19 |
20 | (define-fun-rec List ((x RefGTyp)(y RefGTyp)) Bool
21 | (or
22 | (and
23 | (distinct (as nil RefGTyp) x)
24 | (pto x (c_GTyp y ))
25 | )
26 |
27 | (exists ((xp RefGTyp))
28 |
29 | (and
30 | (distinct (as nil RefGTyp) x)
31 | (sep
32 | (pto x (c_GTyp xp ))
33 | (List xp y )
34 | )
35 |
36 | )
37 |
38 | )
39 |
40 | )
41 | )
42 |
43 | (declare-const x RefGTyp)
44 | (declare-const y RefGTyp)
45 | (declare-const z RefGTyp)
46 |
47 | (assert
48 | (sep
49 | (List x y )
50 | (pto y (c_GTyp z ))
51 | )
52 |
53 | )
54 |
55 | (assert (not
56 | (List x z )
57 | ))
58 |
59 | ; (set-info :mlprover-strategy
60 | ; normalize
61 | ; . smtlib-to-implication
62 | ; . kt
63 | ; . or-split-rhs . normalize . lift-constraints
64 | ; . ( ( right-unfold-Nth(0,1)
65 | ; . right-unfold-Nth(0,0)
66 | ; . normalize . lift-constraints
67 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
68 | ; )
69 | ; | ( right-unfold-Nth(0,1)
70 | ; . normalize . lift-constraints
71 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
72 | ; )
73 | ; )
74 | ; )
75 | (check-sat)
76 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-01.tst.smt2:
--------------------------------------------------------------------------------
1 | (set-logic QF_SHID)
2 |
3 | (set-info :smt-lib-version 2.0)
4 | (set-info :category "crafted")
5 | (set-info :status unsat)
6 | (set-info :version "2014-05-31")
7 |
8 | (declare-sort RefGTyp 0)
9 |
10 | (declare-datatypes (
11 | (GTyp 0)
12 | ) (
13 | ((c_GTyp (f0 RefGTyp) ))
14 | )
15 | )
16 |
17 | (declare-heap (RefGTyp GTyp)
18 | )
19 |
20 | (define-fun-rec RList ((x RefGTyp)(y RefGTyp)) Bool
21 | (or
22 | (and
23 | (distinct (as nil RefGTyp) x)
24 | (pto x (c_GTyp y ))
25 | )
26 |
27 | (exists ((xp RefGTyp))
28 |
29 | (and
30 | (distinct (as nil RefGTyp) xp)
31 | (sep
32 | (pto xp (c_GTyp y ))
33 | (RList x xp )
34 | )
35 |
36 | )
37 |
38 | )
39 |
40 | )
41 | )
42 |
43 | (declare-const x RefGTyp)
44 | (declare-const y RefGTyp)
45 | (declare-const z RefGTyp)
46 |
47 | (assert
48 | (sep
49 | (pto x (c_GTyp y ))
50 | (RList y z )
51 | )
52 |
53 | )
54 |
55 | (assert (not
56 | (RList x z )
57 | ))
58 |
59 | ; (set-info :mlprover-strategy
60 | ; normalize
61 | ; . smtlib-to-implication
62 | ; . kt
63 | ; . or-split-rhs . normalize . lift-constraints
64 | ; . ( ( right-unfold-Nth(0,1)
65 | ; . right-unfold-Nth(0,0)
66 | ; . normalize . lift-constraints
67 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
68 | ; )
69 | ; | ( right-unfold-Nth(0,1)
70 | ; . normalize . lift-constraints
71 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
72 | ; )
73 | ; )
74 | ; )
75 | (check-sat)
76 |
--------------------------------------------------------------------------------
/prover/t/definitions/dllSegmentLeft.kore:
--------------------------------------------------------------------------------
1 | symbol dllSegmentLeft(ArrayIntInt, Int, Int, SetInt) : Bool
2 | axiom \forall { H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt } }
3 | \iff-lfp( dllSegmentLeft(H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt })
4 | , \or( \and( \equals(X { Int }, Y { Int })
5 | , \equals(F { SetInt }, emptyset)
6 | , .Patterns
7 | )
8 | , \and( dllSegmentLeft( H { ArrayIntInt }
9 | , X", !I:Int) { Int }
10 | , Y { Int }
11 | , F", !J:Int) { SetInt }
12 | , .Patterns
13 | )
14 | , \not(\equals(X { Int }, Y { Int }))
15 | , gt(X { Int }, 0)
16 | , gt(X", !I:Int) { Int }, 0)
17 | , \equals( X", !I:Int) { Int }
18 | , select(H { ArrayIntInt }, plus(X { Int }, 1)))
19 | , \equals( X { Int }
20 | , select(H { ArrayIntInt }, plus(X", !I:Int) { Int }, 2)))
21 | , \not(isMember(X { Int }, F", !J:Int) { SetInt }))
22 | , \equals(F { SetInt }, union(F", !J:Int) { SetInt }, singleton(X { Int })))
23 | , .Patterns
24 | )
25 | , .Patterns
26 | )
27 | )
28 |
--------------------------------------------------------------------------------
/ml2fol/arc/lexer.mll:
--------------------------------------------------------------------------------
1 | {
2 | open Parser
3 | }
4 |
5 | let digit = ['0'-'9']
6 | let nzdigit = ['1'-'9']
7 | let lower = ['a'-'z']
8 | let upper = ['A'-'Z']
9 | let alpha = lower | upper | '$'
10 | let alnum = alpha | digit
11 | let id = alpha alnum*
12 | let space = [' ' '\t' '\n']
13 |
14 | rule token = parse
15 | | space { token lexbuf }
16 | | ';' { comment lexbuf } (* inline comments start with ';' *)
17 | | '(' { LPAREN }
18 | | ')' { RPAREN }
19 | | "declare-sort" { DECLSORT }
20 | | "declare-symb" { DECLSYMB }
21 | | "declare-func" { DECLFUNC }
22 | | "declare-partial" { DECLPARTIAL }
23 | | "assert" { ASSERT }
24 | | "check-sat" { CHECKSAT }
25 | | "get-model" { GETMODEL }
26 | | "top" { TOP }
27 | | "bottom" { BOTTOM }
28 | | "and" { AND }
29 | | "or" { OR }
30 | | "not" { NOT }
31 | | "->" { IMPLIES }
32 | | "<->" { IFF }
33 | | "=" { EQUAL }
34 | | "contains" { CONTAINS }
35 | | "forall" { FORALL }
36 | | "exists" { EXISTS }
37 | | "floor" { FLOOR }
38 | | "ceil" { CEIL }
39 | | int as n { INT(int_of_string n) }
40 | | word as w { ID(w) }
41 | | eof { EOF }
42 | and comment = parse
43 | | [^'\n'] { comment lexbuf } (* ignore anything until seeing a '\n' *)
44 | | '\n' { token lexbuf }
45 |
46 | {
47 | }
48 |
--------------------------------------------------------------------------------
/ml2fol/lexer.mll:
--------------------------------------------------------------------------------
1 | {
2 | open Parser
3 | }
4 |
5 | let digit = ['0'-'9']
6 | let nzdigit = ['1'-'9']
7 | let lower = ['a'-'z']
8 | let upper = ['A'-'Z']
9 | let alpha = lower | upper
10 | let ext = '$' | '_'
11 | let alphaext = alpha | ext
12 | let alnum = alpha | digit
13 | let alnumext = alnum | ext
14 | let id = alphaext alnumext*
15 | let space = [' ' '\t' '\n']
16 |
17 | rule token = parse
18 | | space { token lexbuf }
19 | | ';' { comment lexbuf } (* inline comments start with ';' *)
20 | | '(' { LPAREN }
21 | | ')' { RPAREN }
22 | | "declare-sort" { DECLSORT }
23 | | "declare-symb" { DECLSYMB }
24 | | "declare-func" { DECLFUNC }
25 | | "declare-part" { DECLPART }
26 | | "assert" { ASSERT }
27 | | "check-sat" { CHECKSAT }
28 | | "get-model" { GETMODEL }
29 | | "top" { TOP }
30 | | "bottom" { BOTTOM }
31 | | "and" { AND }
32 | | "or" { OR }
33 | | "not" { NOT }
34 | | "->" { IMPLIES }
35 | | "<->" { IFF }
36 | | "=" { EQUAL }
37 | | "contains" { CONTAINS }
38 | | "forall" { FORALL }
39 | | "exists" { EXISTS }
40 | | "floor" { FLOOR }
41 | | "ceil" { CEIL }
42 | | id as id { ID(id) }
43 | | eof { EOF }
44 | and comment = parse
45 | | [^'\n'] { comment lexbuf } (* ignore anything but '\n' *)
46 | | '\n' { token lexbuf }
47 |
48 | {
49 | }
50 |
--------------------------------------------------------------------------------
/prover/t/disabled/dllSegmentLeftLength-dllLength-implies-dllLength.prover:
--------------------------------------------------------------------------------
1 | claim \implies( \and( dllSegmentLeftLength (
2 | H { ArrayIntInt }
3 | , X { Int }
4 | , Y { Int }
5 | , F { SetInt }
6 | , L { Int }
7 | )
8 | , dllLength
9 | ( H { ArrayIntInt }
10 | , Y { Int }
11 | , G { SetInt }
12 | , M { Int }
13 | )
14 | , \equals( K { SetInt }
15 | , union( F { SetInt }
16 | , G { SetInt }
17 | )
18 | )
19 | , \equals( N { Int }
20 | , plus(L { Int }, M { Int }))
21 | , disjoint( F { SetInt }
22 | , G { SetInt }
23 | )
24 | )
25 | , \and( dllLength (
26 | H { ArrayIntInt }
27 | , X { Int }
28 | , K { SetInt }
29 | , N { Int }
30 | )
31 | )
32 | )
33 | strategy search-bound(3)
34 | /*
35 | strategy simplify ; kt
36 | ; ( simplify ; instantiate-existentials ; smt
37 | | simplify ; right-unfold-Nth(0,1) ; simplify ; instantiate-existentials ; smt
38 | )
39 | */
40 |
--------------------------------------------------------------------------------
/prover/README.md:
--------------------------------------------------------------------------------
1 | Build Instructions
2 | ==================
3 |
4 | Install these dependencies:
5 |
6 | * pandoc
7 | * ninja-build
8 | * opam
9 | * maven
10 | * openjdk-11-jdk
11 |
12 | Run `./build` to run all tests.
13 | Run `./build .build/t/TEST-NAME.smt2.prover-smt-krun` to run an individual test.
14 |
15 | Repository Layout
16 | =================
17 |
18 | * `prover.md` contains the implementation
19 | * `direct-proof.md` contains solutions to domain specific queries that
20 | can be checked against an SMT solver.
21 | * The `t/` directory contains a number of tests and experiments, detailed below.
22 |
23 | Tests & Experiments
24 | ===================
25 |
26 | In the `t/` directory, we have a number of tests. Each test consists of a
27 | "claim" (the matching logic pattern that we are trying to prove), and a
28 | strategy. The strategy directs the prover in choosing which axioms to apply. The
29 | `search-bound(N)` strategy causes the prover to begin a bounded depth first
30 | search for a proof of the claim. All lemmas named in the paper except one
31 | (`t/lsegright-list-implies-list`; see below) are proved with a search depth of 5
32 | or lower. The program verification example is proved with a search up to depth
33 | 3. In addition, there is an example of a coninductive proof
34 | (`t/zip-zeros-ones-implies-alters.prover`; see below).
35 |
36 | The `t/zip-zeros-ones-implies-alters.prover` test proof is at a depth of 17,
37 | and so we specify the strategy to reduce the search space.
38 | The `t/lsegright-list-implies-list` test needs some help in instantiating
39 | existential variables, which is done by specifying a strategy as a substitution.
40 |
--------------------------------------------------------------------------------
/prover/t/disabled/dllSegmentRightLength-dllSegmentRightLength-implies-dllSegmentRightLength.prover:
--------------------------------------------------------------------------------
1 | claim \implies( \and( dllSegmentRightLength (
2 | H { ArrayIntInt }
3 | , X { Int }
4 | , Y { Int }
5 | , F { SetInt }
6 | , L { Int }
7 | )
8 | , dllSegmentRightLength (
9 | H { ArrayIntInt }
10 | , Y { Int }
11 | , Z { Int }
12 | , G { SetInt }
13 | , M { Int }
14 | )
15 | , \equals( K { SetInt }
16 | , union( F { SetInt }
17 | , G { SetInt }))
18 | , disjoint( F { SetInt }
19 | , G { SetInt })
20 | , \equals( N { Int }
21 | , plus( L { Int }
22 | , M { Int }))
23 | )
24 | , \and( dllSegmentRightLength (
25 | H { ArrayIntInt }
26 | , X { Int }
27 | , Z { Int }
28 | , K { SetInt }
29 | , N { Int }
30 | )
31 | )
32 | )
33 | strategy search-bound(3)
34 | // strategy simplify ; kt ; simplify
35 | // ; ( direct-proof
36 | // | right-unfold-Nth(0,1) ; simplify ; direct-proof
37 | // | noop
38 | // )
39 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-02.tst.smt2:
--------------------------------------------------------------------------------
1 | (set-logic QF_SHID)
2 |
3 | (set-info :smt-lib-version 2.0)
4 | (set-info :category "crafted")
5 | (set-info :status unsat)
6 | (set-info :version "2014-05-31")
7 |
8 | (declare-sort RefGTyp 0)
9 |
10 | (declare-datatypes (
11 | (GTyp 0)
12 | ) (
13 | ((c_GTyp (f0 RefGTyp) ))
14 | )
15 | )
16 |
17 | (declare-heap (RefGTyp GTyp)
18 | )
19 |
20 | (define-fun-rec RList ((x RefGTyp)(y RefGTyp)) Bool
21 | (or
22 | (and
23 | (distinct (as nil RefGTyp) x)
24 | (pto x (c_GTyp y ))
25 | )
26 |
27 | (exists ((xp RefGTyp))
28 |
29 | (and
30 | (distinct (as nil RefGTyp) xp)
31 | (sep
32 | (pto xp (c_GTyp y ))
33 | (RList x xp )
34 | )
35 |
36 | )
37 |
38 | )
39 |
40 | )
41 | )
42 |
43 | (declare-const x RefGTyp)
44 | (declare-const y RefGTyp)
45 | (declare-const z RefGTyp)
46 |
47 | (assert
48 | (sep
49 | (RList x y )
50 | (RList y z )
51 | )
52 |
53 | )
54 |
55 | (assert (not
56 | (RList x z )
57 | ))
58 |
59 | ; (set-info :mlprover-strategy
60 | ; normalize
61 | ; . smtlib-to-implication
62 | ; . kt
63 | ; . or-split-rhs . normalize . lift-constraints
64 | ; . ( kt
65 | ; . or-split-rhs . normalize . lift-constraints
66 | ; . ( ( right-unfold-Nth(0,1)
67 | ; . right-unfold-Nth(0,0)
68 | ; . normalize . lift-constraints
69 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
70 | ; )
71 | ; | ( right-unfold-Nth(0,1)
72 | ; . normalize . lift-constraints
73 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
74 | ; )
75 | ; )
76 | ; )
77 | ; )
78 | (check-sat)
79 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-04.tst.smt2:
--------------------------------------------------------------------------------
1 | (set-logic QF_SHID)
2 |
3 | (set-info :smt-lib-version 2.0)
4 | (set-info :category "crafted")
5 | (set-info :status unsat)
6 | (set-info :version "2014-05-31")
7 |
8 | (declare-sort RefGTyp 0)
9 |
10 |
11 | (declare-datatypes (
12 | (GTyp 0)
13 | ) (
14 | ((c_GTyp (f0 RefGTyp) ))
15 | )
16 | )
17 |
18 |
19 | (declare-heap (RefGTyp GTyp)
20 | )
21 |
22 | (define-fun-rec List ((x RefGTyp)(y RefGTyp)) Bool
23 | (or
24 | (and
25 | (distinct (as nil RefGTyp) x)
26 | (pto x (c_GTyp y ))
27 | )
28 |
29 | (exists ((xp RefGTyp))
30 |
31 | (and
32 | (distinct (as nil RefGTyp) x)
33 | (sep
34 | (pto x (c_GTyp xp ))
35 | (List xp y )
36 | )
37 |
38 | )
39 |
40 | )
41 |
42 | )
43 | )
44 |
45 | (declare-const x RefGTyp)
46 | (declare-const y RefGTyp)
47 | (declare-const z RefGTyp)
48 |
49 | (assert
50 | (sep
51 | (List x y )
52 | (List y z )
53 | )
54 |
55 | )
56 |
57 | (assert (not
58 | (List x z )
59 | ))
60 |
61 | ; (set-info :mlprover-strategy
62 | ; normalize
63 | ; . smtlib-to-implication
64 | ; . kt
65 | ; . or-split-rhs . normalize . lift-constraints
66 | ; . ( kt
67 | ; . or-split-rhs . normalize . lift-constraints
68 | ; . ( ( right-unfold-Nth(0,1)
69 | ; . right-unfold-Nth(0,0)
70 | ; . normalize . lift-constraints
71 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
72 | ; )
73 | ; | ( right-unfold-Nth(0,1)
74 | ; . normalize . lift-constraints
75 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
76 | ; )
77 | ; )
78 | ; )
79 | ; )
80 | (check-sat)
81 |
82 |
--------------------------------------------------------------------------------
/prover/t/disabled/listSegmentRightLength-listSegmentRightLength-implies-listSegmentRightLength.prover:
--------------------------------------------------------------------------------
1 | claim \implies( \and( listSegmentRightLength( H { ArrayIntInt }
2 | , X { Int }
3 | , Y { Int }
4 | , FA { SetInt }
5 | , LA { Int }
6 | )
7 | , listSegmentRightLength( H { ArrayIntInt }
8 | , Y { Int }
9 | , Z { Int }
10 | , FB { SetInt }
11 | , LB { Int }
12 | )
13 | , \equals(F { SetInt }, union(FA { SetInt }, FB { SetInt }))
14 | , disjoint(FA { SetInt }, FB { SetInt })
15 | , \equals(LENGTH { Int }, plus(LA { Int }, LB { Int }))
16 | )
17 | , \and( listSegmentRightLength( H { ArrayIntInt }
18 | , X { Int }
19 | , Z { Int }
20 | , F { SetInt }
21 | , LENGTH { Int }
22 | )
23 | )
24 | )
25 | strategy search-bound(3)
26 | /*
27 | strategy kt # index(1) # useAffectedHeuristic
28 | ; ( direct-proof
29 | | ( simplify ; direct-proof )
30 | | ( right-unfold-Nth(0, 1) ; simplify ; direct-proof )
31 | )
32 | */
33 |
--------------------------------------------------------------------------------
/prover/t/listSegmentRight-implies-listSegmentLeft.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSegmentLeft.kore"
2 | imports "t/definitions/listSegmentRight.kore"
3 |
4 | claim \implies( \and( listSegmentRight( H { ArrayIntInt }
5 | , X { Int }
6 | , Y { Int }
7 | , F { SetInt }
8 | )
9 | )
10 | , \and( listSegmentLeft(H { ArrayIntInt }
11 | , X { Int }
12 | , Y { Int }
13 | , F { SetInt }
14 | )
15 | )
16 | )
17 |
18 | strategy kt . normalize . ( ( simplify . right-unfold-Nth(0, 0) . smt )
19 | | ( kt-solve-implications(smt) . normalize
20 | . kt . ( ( right-unfold-Nth(0, 1)
21 | . right-unfold-Nth(0, 0)
22 | . normalize
23 | . instantiate-existentials
24 | . smt
25 | )
26 | | ( right-unfold-Nth(0, 1)
27 | . instantiate-existentials
28 | . instantiate-universals-with-ground-terms
29 | . normalize
30 | . smt
31 | )
32 | )
33 | )
34 | )
35 |
36 | // strategy search-bound(5)
37 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-05.tst.smt2:
--------------------------------------------------------------------------------
1 | (set-logic QF_SHID)
2 |
3 | (set-info :smt-lib-version 2.0)
4 | (set-info :category "crafted")
5 | (set-info :status unsat)
6 | (set-info :version "2014-05-31")
7 |
8 | (declare-sort RefGTyp 0)
9 |
10 | (declare-datatypes (
11 | (GTyp 0)
12 | ) (
13 | ((c_GTyp (f0 RefGTyp) ))
14 | )
15 | )
16 |
17 | (declare-heap (RefGTyp GTyp)
18 | )
19 |
20 | (define-fun-rec PeList ((x RefGTyp)(y RefGTyp)) Bool
21 | (or
22 | (and
23 | (= x y)
24 | (_ emp RefGTyp GTyp)
25 | )
26 |
27 | (exists ((xp RefGTyp))
28 |
29 | (and
30 | (distinct (as nil RefGTyp) x)
31 | (sep
32 | (pto x (c_GTyp xp ))
33 | (PeList xp y )
34 | )
35 |
36 | )
37 |
38 | )
39 |
40 | )
41 | )
42 |
43 | (declare-const x RefGTyp)
44 | (declare-const y RefGTyp)
45 | (declare-const z RefGTyp)
46 |
47 | (assert
48 | (sep
49 | (PeList x y )
50 | (pto y (c_GTyp z ))
51 | )
52 |
53 | )
54 |
55 | (assert (not
56 | (PeList x z )
57 | ))
58 |
59 | ; (set-info :mlprover-strategy
60 | ; normalize
61 | ; . smtlib-to-implication
62 | ; . kt
63 | ; . or-split-rhs . normalize . lift-constraints
64 | ; . ( ( right-unfold-Nth(0,1)
65 | ; . lift-constraints
66 | ; . right-unfold-Nth(0,0)
67 | ; . normalize . lift-constraints
68 | ; . instantiate-existentials . substitute-equals-for-equals
69 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
70 | ; )
71 | ; | ( right-unfold-Nth(0,1)
72 | ; . normalize . lift-constraints
73 | ; . instantiate-existentials . substitute-equals-for-equals
74 | ; . match . instantiate-separation-logic-axioms . spatial-patterns-equal . smt-cvc4
75 | ; )
76 | ; )
77 | ; )
78 | (check-sat)
79 |
--------------------------------------------------------------------------------
/prover/t/definitions/listSortedLength.kore:
--------------------------------------------------------------------------------
1 | symbol listSortedLength(ArrayIntInt, Int, SetInt, Int, Int) : Bool
2 | axiom functional(listSortedLength)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, F { SetInt }, PREV_VAL { Int }, LENGTH { Int } }
5 | \iff-lfp( listSortedLength(H { ArrayIntInt }, X { Int }, F { SetInt }, PREV_VAL { Int }, LENGTH { Int })
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, 0)
8 | , \equals(F { SetInt }, emptyset)
9 | , \equals(LENGTH { Int }, 0)
10 | )
11 | , \exists { F_I { SetInt } , LENGTH_I { Int } , VAL_I { Int } , X_I { Int } }
12 | \and( listSortedLength( H { ArrayIntInt }
13 | , X_I { Int }
14 | , F_I { SetInt }
15 | , VAL_I { Int }
16 | , LENGTH_I { Int }
17 | )
18 | , gt(X { Int }, 0)
19 | , \equals(select(H { ArrayIntInt }, X { Int }) , X_I { Int })
20 | , \equals(F { SetInt } , union(F_I { SetInt }, singleton(X { Int })))
21 | , disjoint(F_I { SetInt }, singleton(X { Int }))
22 | , \equals(VAL_I { Int } , select(H { ArrayIntInt }, plus(X { Int }, 1)))
23 | , gt(VAL_I { Int }, PREV_VAL { Int })
24 | , gt(LENGTH { Int }, 0)
25 | , \equals(LENGTH_I { Int }, minus(LENGTH { Int }, 1))
26 | )
27 | )
28 | )
29 |
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/prover/t/trivial.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( \equals ( 1 , 1 ) , .Patterns ) , \and ( \or ( \equals ( 2 , 2 ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | smt-cvc4 ~> ( define-sort SetInt ( .SMTLIB2SortList ) ( Set Int .SMTLIB2SortList ) ) ( define-fun emptysetx ( .SMTLIB2SortedVarList ) SetInt ( as emptyset SetInt ) ) ( define-fun in ( ( n Int ) ( x SetInt ) .SMTLIB2SortedVarList ) Bool ( member n x .SMTLIB2TermList ) ) ( define-fun unionx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) SetInt ( union x y .SMTLIB2TermList ) ) ( define-fun intersectx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) SetInt ( intersection x y .SMTLIB2TermList ) ) ( define-fun disjointx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) Bool ( = ( intersectx x y .SMTLIB2TermList ) emptysetx .SMTLIB2TermList ) ) ( define-fun setAdd ( ( s SetInt ) ( x Int ) .SMTLIB2SortedVarList ) SetInt ( unionx s ( singleton x .SMTLIB2TermList ) .SMTLIB2TermList ) ) ( define-fun setDel ( ( s SetInt ) ( x Int ) .SMTLIB2SortedVarList ) SetInt ( setminus s ( singleton x .SMTLIB2TermList ) .SMTLIB2TermList ) ) ( define-fun max ( ( x Int ) ( y Int ) .SMTLIB2SortedVarList ) Int ( ite ( < x y .SMTLIB2TermList ) y x .SMTLIB2TermList ) ) ( assert ( => ( = 1 1 .SMTLIB2TermList ) ( = 2 2 .SMTLIB2TermList ) .SMTLIB2TermList ) ) .SMTLIB2Script
22 |
23 |
24 |
25 | .DeclarationCellSet
26 |
27 |
28 |
--------------------------------------------------------------------------------
/prover/t/definitions/listSegmentRightLength.kore:
--------------------------------------------------------------------------------
1 | symbol listSegmentRightLength(ArrayIntInt, Int, Int, SetInt, Int) : Bool
2 | axiom functional(listSegmentRightLength)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, LENGTH { Int } }
5 | \iff-lfp( listSegmentRightLength(H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, LENGTH { Int })
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, Y { Int })
8 | , \equals(F { SetInt }, emptyset)
9 | , \equals(LENGTH { Int }, 0)
10 | )
11 | , \exists { F1 { SetInt } , LENGTH1 { Int } , Y1 { Int } }
12 | \and( listSegmentRightLength( H { ArrayIntInt }
13 | , X { Int }
14 | , Y1 { Int }
15 | , F1 { SetInt }
16 | , LENGTH1 { Int }
17 | )
18 | , \equals(LENGTH1 { Int }, minus(LENGTH { Int }, 1))
19 | , gt(Y1 { Int }, 0)
20 | , \equals(Y { Int }, select(H { ArrayIntInt }, Y1 { Int }))
21 | , \equals( F { SetInt }
22 | , union( F1 { SetInt }
23 | , singleton(Y1 { Int })
24 | )
25 | )
26 | , disjoint( F1 { SetInt }
27 | , singleton(Y1 { Int })
28 | )
29 | )
30 | )
31 | )
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/prover/t/test-lists/qf_shlid_entl.unsat:
--------------------------------------------------------------------------------
1 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc01.smt2
2 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc02.smt2
3 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc03.smt2
4 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc05.smt2
5 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc07.smt2
6 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc09.smt2
7 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc11.smt2
8 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc15.smt2
9 | t/SL-COMP18/bench/qf_shlid_entl/dll-vc17.smt2
10 | t/SL-COMP18/bench/qf_shlid_entl/lss-vc01.smt2
11 | t/SL-COMP18/bench/qf_shlid_entl/lss-vc02.smt2
12 | t/SL-COMP18/bench/qf_shlid_entl/lss-vc03.smt2
13 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc01.smt2
14 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc02.smt2
15 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc03.smt2
16 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc04.smt2
17 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc05.smt2
18 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc07.smt2
19 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc08.smt2
20 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc09.smt2
21 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc10.smt2
22 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc11.smt2
23 | t/SL-COMP18/bench/qf_shlid_entl/nll-vc12.smt2
24 | t/SL-COMP18/bench/qf_shlid_entl/skl2-vc01.smt2
25 | t/SL-COMP18/bench/qf_shlid_entl/skl2-vc02.smt2
26 | t/SL-COMP18/bench/qf_shlid_entl/skl2-vc03.smt2
27 | t/SL-COMP18/bench/qf_shlid_entl/skl2-vc04.smt2
28 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc01.smt2
29 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc03.smt2
30 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc04.smt2
31 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc05.smt2
32 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc06.smt2
33 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc07.smt2
34 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc08.smt2
35 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc09.smt2
36 | t/SL-COMP18/bench/qf_shlid_entl/skl3-vc10.smt2
37 |
--------------------------------------------------------------------------------
/prover/t/definitions/dllSegmentRightLength.kore:
--------------------------------------------------------------------------------
1 | symbol dllSegmentRightLength(ArrayIntInt, Int, Int, SetInt, Int) : Bool
2 | axiom \forall { H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, L { Int } }
3 | \iff-lfp( dllSegmentRightLength(H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, L { Int })
4 | , \or( \and( \equals(X { Int }, Y { Int })
5 | , \equals(F { SetInt }, emptyset)
6 | , \equals(L { Int }, 0)
7 | , .Patterns
8 | )
9 | , \and( dllSegmentRightLength( H { ArrayIntInt }
10 | , X", !I:Int) { Int }
11 | , Y { Int }
12 | , F", !J:Int) { SetInt }
13 | , L", !K:Int) { Int }
14 | , .Patterns
15 | )
16 | , gt(X { Int }, 0)
17 | , \equals(L { Int }, plus(1, L", !K:Int) { Int }))
18 | , gt(X", !I:Int) { Int }, 0)
19 | , \equals( X { Int }
20 | , select(H { ArrayIntInt }, plus(X", !I:Int) { Int }, 2)))
21 | , \equals( X", !I:Int) { Int }
22 | , select(H { ArrayIntInt }, plus(X { Int }, 1)))
23 | , \not(isMember(X { Int }, F", !J:Int) { SetInt }))
24 | , \equals(F { SetInt }, union( F", !J:Int) { SetInt }
25 | , singleton(X { Int })))
26 | , .Patterns
27 | )
28 | , .Patterns
29 | )
30 | )
31 |
--------------------------------------------------------------------------------
/prover/t/definitions/dllSegmentLeftLength.kore:
--------------------------------------------------------------------------------
1 | symbol dllSegmentLeftLength(ArrayIntInt, Int, Int, SetInt, Int) : Bool
2 | axiom \forall { H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, L { Int } }
3 | \iff-lfp( dllSegmentLeftLength(H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, L { Int } })
4 | , \or( \and( \equals(X { Int }, Y { Int })
5 | , \equals(L { Int }, 0)
6 | , \equals(F { SetInt }, emptyset)
7 | , .Patterns
8 | )
9 | , \and( dllSegmentLeftLength( H { ArrayIntInt }
10 | , X", !I:Int) { Int }
11 | , Y { Int }
12 | , F", !J:Int) { SetInt }
13 | , L", !K:Int) { Int }
14 | , .Patterns
15 | )
16 | , \not(\equals(X { Int }, Y { Int }))
17 | , gt(X { Int }, 0)
18 | , \equals(L", !K:Int) { Int }, minus(L { Int }, 1))
19 | , gt(X", !I:Int) { Int }, 0)
20 | , \equals( X", !I:Int) { Int }
21 | , select(H { ArrayIntInt }, plus(X { Int }, 1)))
22 | , \equals( X { Int }
23 | , select(H { ArrayIntInt }, plus(X", !I:Int) { Int }, 2)))
24 | , \not(isMember(X { Int }, F", !J:Int) { SetInt }))
25 | , \equals(F { SetInt }, union(F", !J:Int) { SetInt }, singleton(X { Int })))
26 | , .Patterns
27 | )
28 | , .Patterns
29 | )
30 | )
31 |
--------------------------------------------------------------------------------
/prover/t/definitions/listSegmentLeftSorted.kore:
--------------------------------------------------------------------------------
1 | symbol listSegmentLeftSorted(ArrayIntInt, Int, Int, SetInt, Int, Int) : Bool
2 | axiom functional(listSegmentLeftSorted)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, PREV_VAL { Int }, MAX { Int } }
5 | \iff-lfp( listSegmentLeftSorted(H { ArrayIntInt }, X { Int }, Y { Int }, F { SetInt }, PREV_VAL { Int }, MAX { Int })
6 | , \or( \exists { }
7 | \and( \equals(X { Int }, Y { Int })
8 | , \equals(F { SetInt }, emptyset)
9 | , \not(gt(PREV_VAL { Int }, MAX { Int }))
10 | )
11 | , \exists { F_I { SetInt } , VAL_I { Int } , X_I { Int } }
12 | \and( listSegmentLeftSorted( H { ArrayIntInt }
13 | , X_I { Int }
14 | , Y { Int }
15 | , F_I { SetInt }
16 | , VAL_I { Int }
17 | , MAX { Int }
18 | )
19 | , gt(X { Int }, 0)
20 | , \equals(select(H { ArrayIntInt }, X { Int }) , X_I { Int })
21 | , \equals(F { SetInt } , union(F_I { SetInt }, singleton(X { Int })))
22 | , disjoint(F_I { SetInt }, singleton(X { Int }))
23 |
24 | , \equals(VAL_I { Int } , select(H { ArrayIntInt }, plus(X { Int }, 1)))
25 | // Strictly decreasing
26 | , gt(VAL_I { Int }, PREV_VAL { Int })
27 | , \not(gt(VAL_I { Int }, MAX { Int }))
28 | )
29 | )
30 | )
31 |
32 |
--------------------------------------------------------------------------------
/prover/t/isMod4-implies-isEven.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( isDiv4Pos ( Vx { Int } , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( isEvenPos ( Vx { Int } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { Int } , .Patterns } \iff-lfp ( isDiv4Pos ( Vx { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \not ( lt ( Vx { Int } , 0 , .Patterns ) ) , \equals ( Vx { Int } , 0 ) , .Patterns ) , \exists { .Patterns } \and ( \not ( \equals ( Vx { Int } , 0 ) ) , isDiv4Pos ( minus ( Vx { Int } , 4 , .Patterns ) , .Patterns ) , \not ( lt ( Vx { Int } , 0 , .Patterns ) ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { Vx { Int } , .Patterns } \iff-lfp ( isEvenPos ( Vx { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \not ( lt ( Vx { Int } , 0 , .Patterns ) ) , \equals ( Vx { Int } , 0 ) , .Patterns ) , \exists { .Patterns } \and ( \not ( \equals ( Vx { Int } , 0 ) ) , isEvenPos ( minus ( Vx { Int } , 2 , .Patterns ) , .Patterns ) , \not ( lt ( Vx { Int } , 0 , .Patterns ) ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( isDiv4Pos )
31 |
32 | axiom functional ( isEvenPos )
33 |
34 | symbol isDiv4Pos ( Int , .Sorts ) : Bool
35 |
36 | symbol isEvenPos ( Int , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/prover/t/pto-set.smt2.disabled:
--------------------------------------------------------------------------------
1 | (set-logic ALL_SUPPORTED)
2 |
3 | (declare-sort Heap 0)
4 |
5 | (declare-fun pto1 (Int Int) (Set Heap))
6 |
7 | (declare-fun sep1 ((Set Heap) (Set Heap)) (Set Heap))
8 |
9 | ;; emp * H = H
10 | (define-fun sep-emp ((H (Set Heap))) Bool
11 | (= (sep1 (as emptyset (Set Heap)) H) H)
12 | )
13 |
14 | ;; H1 * H2 = H2 * H1
15 | (define-fun sep-comm ((H1 (Set Heap)) (H2 (Set Heap))) Bool
16 | (= (sep1 H1 H2) (sep1 H2 H1))
17 | )
18 |
19 | ;; (H1 * H2) * H3 = H1 * (H2 * H3)
20 | (define-fun sep-assoc ((H1 (Set Heap)) (H2 (Set Heap)) (H3 (Set Heap))) Bool
21 | (= (sep1 (sep1 H1 H2) H3) (sep1 H1 (sep1 H2 H3)))
22 | )
23 |
24 | ;; (x |-> a) * (x |-> b) = bottom
25 | (define-fun sep-disjoint ((x Int) (a Int) (b Int)) Bool
26 | (= (sep1 (pto1 x a) (pto1 x b)) (as emptyset (Set Heap)))
27 | )
28 |
29 | ;; partial function axiom
30 | (define-fun partial-pto-skolem ((x Int) (y Int) (H Heap)) Bool
31 | (or (= (pto1 x y) (singleton H))
32 | (= (pto1 x y) (as emptyset (Set Heap))))
33 | )
34 |
35 | ;; injectivity axiom
36 | (define-fun injectivity-pto-skolem ((x1 Int) (y1 Int) (x2 Int) (y2 Int) (H Heap)) Bool
37 | (=> (and (= (pto1 x1 y1) (singleton H))
38 | (= (pto1 x2 y2) (singleton H)))
39 | (and (= x1 x2) (= y1 y2)))
40 | )
41 |
42 | (declare-const x Int)
43 | (declare-const a Int)
44 | (declare-const b Int)
45 |
46 | (assert (exists ((Ha Heap)) (partial-pto-skolem x a Ha)))
47 | (assert (exists ((Hb Heap)) (partial-pto-skolem x b Hb)))
48 |
49 | (assert (forall ((Ha Heap)) (injectivity-pto-skolem x a x b Ha)))
50 | (assert (forall ((Hb Heap)) (injectivity-pto-skolem x a x b Hb)))
51 |
52 | (assert (not (= (pto1 x a) (as emptyset (Set Heap)))))
53 |
54 | (declare-const HH (Set Heap))
55 |
56 | (assert (sep-disjoint x a b))
57 | (assert (= HH (sep1 (pto1 x a) (pto1 x b))))
58 | (assert (not (= HH (as emptyset (Set Heap)))))
59 |
60 | (assert (not (= a b)))
61 |
62 | (check-sat)
63 |
64 | (get-model)
65 |
--------------------------------------------------------------------------------
/prover/t/unit/visitor.k:
--------------------------------------------------------------------------------
1 | requires "drivers/unit-tests.k"
2 |
3 | module UNIT-TEST
4 | imports DRIVER-UNIT-TEST
5 |
6 | /* -------- \subseteq ------ */
7 |
8 | rule test(1)
9 | => assert( 3
10 | == TestVisitorSubseteqResult(
11 | visitTopDown(
12 | TestVisitorSubseteq(0),
13 | \subseteq(10, 20)
14 | )
15 | )
16 | )
17 | .Declarations
18 |
19 | syntax Visitor ::= TestVisitorSubseteq(Int)
20 |
21 | syntax Int ::= TestVisitorSubseteqResult(VisitorResult) [function]
22 |
23 | rule TestVisitorSubseteqResult(visitorResult(TestVisitorSubseteq(N), _))
24 | => N
25 |
26 | // first call
27 | rule visit(TestVisitorSubseteq(0), \subseteq(10, 20) #as P)
28 | => visitorResult(TestVisitorSubseteq(1), P)
29 |
30 | // second call
31 | rule visit(TestVisitorSubseteq(1), 10 #as P)
32 | => visitorResult(TestVisitorSubseteq(2), P)
33 |
34 | // third call
35 | rule visit(TestVisitorSubseteq(2), 20 #as P)
36 | => visitorResult(TestVisitorSubseteq(3), P)
37 |
38 | /* -------- \member ------ */
39 |
40 | rule test(2)
41 | => assert( 3
42 | == TestVisitorMemberResult(
43 | visitTopDown(
44 | TestVisitorMember(0),
45 | \member(30, 40)
46 | )
47 | )
48 | )
49 | .Declarations
50 |
51 | syntax Visitor ::= TestVisitorMember(Int)
52 |
53 | syntax Int ::= TestVisitorMemberResult(VisitorResult) [function]
54 |
55 | rule TestVisitorMemberResult(visitorResult(TestVisitorMember(N), _))
56 | => N
57 |
58 | // first call
59 | rule visit(TestVisitorMember(0), \member(30, 40) #as P)
60 | => visitorResult(TestVisitorMember(1), P)
61 |
62 | // second call
63 | rule visit(TestVisitorMember(1), 30 #as P)
64 | => visitorResult(TestVisitorMember(2), P)
65 |
66 | // third call
67 | rule visit(TestVisitorMember(2), 40 #as P)
68 | => visitorResult(TestVisitorMember(3), P)
69 |
70 | endmodule
71 |
--------------------------------------------------------------------------------
/prover/strategies/apply.md:
--------------------------------------------------------------------------------
1 | # apply
2 |
3 | ```
4 | Gamma contains H: \forall X1 PHI1 ->
5 | \forall X2 PHI2 -> ... -> \forall Xn . P
6 | Gamma |- PHI1[Theta1]
7 | Gamma |- PHI1[Theta1][Theta2]
8 | ...
9 | Gamma |- PHIn[Theta1]...[Thetan]
10 | where P matches Q with substitution Theta1 ... Thetan
11 | --------------------------------------------------------------------
12 | Gamma |- Q
13 |
14 | ```
15 |
16 | ```k
17 | module STRATEGY-APPLY
18 | imports PROVER-CORE
19 | imports STRATEGIES-EXPORTED-SYNTAX
20 | imports SYNTACTIC-MATCH-SYNTAX
21 | imports INSTANTIATE-ASSUMPTIONS-SYNTAX
22 |
23 | rule (.K => loadNamed(Name))
24 | ~> apply(Name, _) ...
25 |
26 |
27 | rule
28 | (A:Pattern ~> apply(_, Strat))
29 | => #apply1(
30 | A,
31 | syntacticMatch(
32 | terms: G, .Patterns,
33 | patterns: getConclusion(A), .Patterns,
34 | variables: getUniversallyQuantifiedVariables(A)
35 | ++Patterns getSetVariables(A)
36 | ),
37 | Strat
38 | )
39 | ...
40 | G
41 |
42 |
43 | syntax KItem ::= #apply1(Pattern, MatchResult, Strategy)
44 |
45 | rule
46 | #apply1(A, #matchResult(subst: Subst), Strat)
47 | => #apply2(instantiateAssumptions(GId, Subst, A), Strat, success)
48 | ...
49 | GId
50 |
51 | rule
52 | #apply1(_, #error(_), _) => fail
53 | ...
54 |
55 | syntax KItem ::= #apply2(
56 | InstantiateAssumptionsResult,
57 | Strategy, Strategy)
58 |
59 | rule
60 | #apply2(#instantiateAssumptionsResult(.Patterns, _), _, Result)
61 | => Result
62 | ...
63 |
64 | rule
65 | #apply2(
66 | #instantiateAssumptionsResult(P, Ps => Ps, _),
67 | Strat,
68 | Result => Result & subgoal(P, Strat)
69 | )
70 | ...
71 |
72 | endmodule
73 | ```
74 |
--------------------------------------------------------------------------------
/ml2fol/parser.mly:
--------------------------------------------------------------------------------
1 | %{
2 | open Pat
3 | %}
4 |
5 | %token ID
6 | %token LPAREN RPAREN
7 | %token DECLSORT DECLSYMB DECLPART DECLFUNC ASSERT CHECKSAT GETMODEL
8 | %token TOP BOTTOM AND OR NOT IMPLIES IFF FORALL EXISTS EQUAL FLOOR CEIL CONTAINS
9 | %token EOF
10 |
11 | %start thy
12 | %start pat
13 |
14 | %type <(string list) * (Pat.sym list) * (Pat.pat list)> thy
15 | %type pat
16 | %type pat_closed
17 | %type pats_closed
18 | %type <(string * string) list> bindings
19 | %type sort
20 | %type sorts
21 | %%
22 |
23 | thy:
24 | | EOF { ([], [], []) }
25 | | LPAREN thy_closed { $2 }
26 |
27 | thy_closed:
28 | | DECLSORT ID RPAREN thy { add_sort_pat $2 $4 }
29 | | DECLSYMB ID sorts sort RPAREN thy { add_sym_pat (UI($2, $3, $4)) $6 }
30 | | DECLFUNC ID sorts sort RPAREN thy { add_sym_pat (FC($2, $3, $4)) $6 }
31 | | DECLPART ID sorts sort RPAREN thy { add_sym_pat (PF($2, $3, $4)) $6 }
32 | | ASSERT pat RPAREN thy { add_axiom_pat $2 $4 }
33 |
34 | sort:
35 | | ID { $1 }
36 |
37 | sorts:
38 | | LPAREN sorts_closed { $2 }
39 |
40 | sorts_closed:
41 | | RPAREN { [] }
42 | | ID sorts_closed { $1 :: $2 }
43 |
44 | pat:
45 | | TOP { Top }
46 | | BOTTOM { Bottom }
47 | | ID { Id($1) }
48 | | LPAREN pat_closed { $2 }
49 |
50 | pat_closed:
51 | | AND pats_closed { And($2) }
52 | | OR pats_closed { Or($2) }
53 | | NOT pat RPAREN { Not($2) }
54 | | IMPLIES pat pat RPAREN { Implies($2, $3) }
55 | | IFF pat pat RPAREN { Iff($2, $3) }
56 | | FORALL bindings pat RPAREN { Forall($2, $3) }
57 | | EXISTS bindings pat RPAREN { Exists($2, $3) }
58 | | EQUAL pat pat RPAREN { Equal($2, $3) }
59 | | CEIL pat RPAREN { Ceil($2) }
60 | | FLOOR pat RPAREN { Floor($2) }
61 | | CONTAINS pat pat RPAREN { Contains($2, $3) }
62 | | ID pats_closed { App($1, $2) }
63 |
64 | pats_closed:
65 | | RPAREN { [] }
66 | | pat pats_closed { $1 :: $2 }
67 |
68 |
69 | bindings:
70 | | LPAREN bindings_closed { $2 }
71 |
72 | bindings_closed:
73 | | RPAREN { [] }
74 | | LPAREN ID ID RPAREN bindings_closed { ($2, $3) :: $5 }
75 |
76 |
77 |
--------------------------------------------------------------------------------
/prover/strategies/replace-evar-with-func-constant.md:
--------------------------------------------------------------------------------
1 | ```
2 | Gamma U {functional f} |- PHI(f()) where f fresh
3 | ------------------------------------------------
4 | Gamma |- PHI(x:S)
5 | ```
6 |
7 | ```k
8 | module STRATEGY-REPLACE-EVAR-WITH-FUNC-CONSTANT
9 | imports PROVER-CORE
10 | imports STRATEGIES-EXPORTED-SYNTAX
11 |
12 | rule
13 | replace-evar-with-func-constant V,Vs
14 | => #rewfc(V,Vs)
15 | ...
16 |
17 | rule
18 | replace-evar-with-func-constant .Variables
19 | => #rewfc(PatternsToVariables(getFreeVariables(P, .Patterns)))
20 | ...
21 | P
22 |
23 | syntax Variables ::= PatternsToVariables(Patterns) [function]
24 | rule PatternsToVariables(.Patterns) => .Variables
25 | rule PatternsToVariables(V{S}, Vs) => V{S}, PatternsToVariables(Vs)
26 | rule PatternsToVariables(_, Vs) => PatternsToVariables(Vs) [owise]
27 |
28 |
29 | syntax KItem ::= #rewfc(Variables)
30 |
31 | rule #rewfc(.Variables) => noop ...
32 |
33 | rule (.K => #rewfc1(V))
34 | ~> #rewfc(V,Vs => Vs)
35 | ...
36 |
37 | syntax KItem ::= #rewfc1(Variable)
38 | | #rewfc2(Variable, Symbol)
39 |
40 | rule #rewfc1(N{S} #as V)
41 | => #rewfc2(V, getFreshSymbol(
42 | GId, VariableNameToString(N)))
43 | ...
44 | GId
45 | P
46 | requires V in getFreeVariables(P, .Patterns)
47 |
48 | rule #rewfc2(N{S}, symbol(Sym)) => .K ...
49 | GId
50 | P => subst(P, N{S}, symbol(Sym)(.Patterns))
51 | (.Bag =>
52 | symbol Sym(.Sorts) : S
53 |
54 | axiom getFreshAxiomName(GId) : functional(Sym)
55 | )
56 | ...
57 |
58 |
59 | rule #rewfc1(V) => "No such free variable"
60 | ...
61 | P
62 | requires notBool (V in getFreeVariables(P, .Patterns))
63 |
64 | endmodule
65 | ```
66 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG K_COMMIT
2 | FROM runtimeverificationinc/kframework-k:ubuntu-bionic-${K_COMMIT}
3 |
4 | ENV TZ=America/Chicago
5 | RUN ln --symbolic --no-dereference --force /usr/share/zoneinfo/$TZ /etc/localtime \
6 | && echo $TZ > /etc/timezone
7 |
8 | RUN apt update \
9 | && apt upgrade --yes \
10 | && apt install --yes \
11 | autoconf \
12 | bison \
13 | clang-8 \
14 | cmake \
15 | curl \
16 | debhelper \
17 | flex \
18 | gcc \
19 | git \
20 | libboost-test-dev \
21 | libffi-dev \
22 | libgmp-dev \
23 | libjemalloc-dev \
24 | libmpfr-dev \
25 | libtool \
26 | libyaml-dev \
27 | libz3-dev \
28 | lld-8 \
29 | llvm-8-tools \
30 | make \
31 | maven \
32 | ninja-build \
33 | opam \
34 | openjdk-11-jdk \
35 | openjdk-8-jdk \
36 | pandoc \
37 | pkg-config \
38 | python3 \
39 | python3-graphviz \
40 | time \
41 | z3 \
42 | zlib1g-dev
43 |
44 | RUN update-alternatives --set java /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
45 |
46 | RUN apt install --yes cvc4 z3
47 |
48 | ARG USER_ID=1000
49 | ARG GROUP_ID=1000
50 | RUN groupadd --gid $GROUP_ID user \
51 | && useradd --create-home --uid $USER_ID --shell /bin/sh --gid user user
52 | USER $USER_ID:$GROUP_ID
53 |
54 | ADD --chown=user . /home/user/matching-logic-prover
55 | WORKDIR /home/user/matching-logic-prover/prover
56 | RUN ./build -v unit-tests smoke-tests
57 |
58 | ENV LC_ALL=C.UTF-8
59 |
--------------------------------------------------------------------------------
/ml2fol/README.md:
--------------------------------------------------------------------------------
1 | What is ml2fol-translation?
2 | ===========================
3 |
4 | It is a translation from matching logic (abbrev. as ML) to first-order logic
5 | with equality (abbrev. as FOL) that preserves satisfiability.
6 |
7 | Why is it useful?
8 | =================
9 |
10 | With the ml2fol-translation, you can use FOL solvers to decide the
11 | satisfiability problem in matching logic. Given any matching logic theory `T`,
12 |
13 | T sat iff ml2fol(T) sat.
14 |
15 | A common scenario to use the translation is to solve the entailment problem in
16 | matching logic. The entailment problem is to decide whether a pattern `P` can be
17 | deduced from a theory `T`. Thanks to the duality between satisfiability and
18 | validity in matching logic, we know that
19 |
20 | T entails P
21 | iff T ∪ {not floor(P)} unsat
22 | iff ml2fol( T ∪ {not floor(P)} ) unsat.
23 |
24 | So now you can use your favorite solvers to decide whether
25 | `ml2fol( T ∪ {not floor(P)} )` is satisfiable or not. And if not, you know that
26 | `T entails P` in matching logic.
27 |
28 | How to use it?
29 | ==============
30 |
31 | Prerequisite
32 | ------------
33 |
34 | sudo apt install m4 ocaml opam
35 |
36 | If it is your first time installing `opam`, you should do `opam init` first, and
37 | then do `opam install ounit` to install the OUnit testing framework.
38 |
39 | There are two bash scripts in the main directory. One is `mlprover` that takes
40 | one argument as the input file name. It reads the input file, say
41 | `example.match`, translate it to a first-order theory `example.match.smt2`, and
42 | calls Z3 to solve the first-order theory.
43 |
44 | Sometimes it is convenient to use the other bash script, `ml2fol`, which also
45 | takes one argument as the input file name, but it just translate the input
46 | matching logic theory to a first-order theory and saves it in
47 | `example.match.smt2` and doesn't call Z3.
48 |
49 | How to write my matching logic specification?
50 | =============================================
51 |
52 | A matching logic theory specification is written in a `smt2`-like style. The
53 | best way to learn is to read examples in the `/experiments` folder.
54 |
--------------------------------------------------------------------------------
/prover/t/listSegmentLeftsorted-sortedlist-implies-sortedlist.kore:
--------------------------------------------------------------------------------
1 | imports "t/definitions/listSegmentLeftSorted.kore"
2 | imports "t/definitions/listSorted.kore"
3 |
4 | /* lseglsorted(H, X, Y, F, PV, MAX) ==
5 | (X = Y and F = empty and PV <= MAX) OR
6 | (exists X', F', V. (H[X] = X' and F' U {X} = F and F' disjoint {X}) and
7 | H[X+1] = V and X > 0 and V > PV and V <= MAX and
8 | lseglsorted(H, X', Y, F', V, MAX))
9 | */
10 |
11 | /* listsorted(H, X, F, PV) ==
12 | (X = 0 and F = empty) OR
13 | (exists X', F', V. (H[X] = X' and F' U {X} = F and F' disjoint {X}) and
14 | H[X+1] = V and X > 0 and V > PV and
15 | listsorted(H, X', F', V))
16 | */
17 |
18 | claim \implies( \and( listSegmentLeftSorted( H { ArrayIntInt }
19 | , X { Int }
20 | , Y { Int }
21 | , F { SetInt }
22 | , MIN { Int }
23 | , MAX { Int }
24 | )
25 | , listSorted( H { ArrayIntInt }
26 | , Y { Int }
27 | , G { SetInt }
28 | , MIN2 { Int })
29 | , \equals( K { SetInt }, union(F { SetInt }, G { SetInt }))
30 | , disjoint(F { SetInt }, G { SetInt })
31 | , \not(gt(MAX { Int }, MIN2 { Int }))
32 | )
33 | , \and( listSorted( H { ArrayIntInt }
34 | , X { Int }
35 | , K { SetInt }
36 | , MIN { Int }
37 | )
38 | )
39 | )
40 |
41 | strategy kt . normalize
42 | . ( ( simplify
43 | . left-unfold-Nth(0) .
44 | ( ( right-unfold-Nth(0, 0) . smt)
45 | | ( right-unfold-Nth(0, 1) . smt)
46 | )
47 | )
48 | )
49 |
50 | // strategy search-bound(4)
51 |
--------------------------------------------------------------------------------
/prover/analysis.txt:
--------------------------------------------------------------------------------
1 | Remaining qf_shid_entl_unsat tests
2 | ==================================
3 |
4 | t/SL-COMP18/bench/qf_shid_entl/22.tst.smt2
5 | - special case
6 |
7 | t/SL-COMP18/bench/qf_shid_entl/dll-spaghetti.smt2
8 | t/SL-COMP18/bench/qf_shid_entl/dll2-spaghetti.smt2
9 | - Framing on recursive patterns. (try these later; large obligations!)
10 |
11 | t/SL-COMP18/bench/qf_shid_entl/dll-vc05.smt2
12 | t/SL-COMP18/bench/qf_shid_entl/dll-vc07.smt2
13 | t/SL-COMP18/bench/qf_shid_entl/dll-vc11.smt2
14 | t/SL-COMP18/bench/qf_shid_entl/dll-vc17.smt2
15 | - Requires to prove LHS unsat.
16 | - 05,11,17: RU ~> PM ~> Realize to prove LHS unsat ~> matched-LHS -> \exists c d . y |->
17 | - 07: RU ~> PM ~> Split spatial/constraints ~> (spatial just PM) ~> for constraints: Left-Unfold
18 |
19 | t/SL-COMP18/bench/qf_shid_entl/ls_nonrec_entail_ls_14.sb.smt2
20 | t/SL-COMP18/bench/qf_shid_entl/ls_nonrec_entail_ls_15.sb.smt2
21 | t/SL-COMP18/bench/qf_shid_entl/ls_nonrec_entail_ls_16.sb.smt2
22 | - will go through but take too long
23 |
24 | t/SL-COMP18/bench/qf_shid_entl/lsegex4_slk-1.smt2
25 | - special case
26 |
27 | t/SL-COMP18/bench/qf_shid_entl/nll-vc03.smt2
28 | t/SL-COMP18/bench/qf_shid_entl/nll-vc04.smt2
29 | t/SL-COMP18/bench/qf_shid_entl/nll-vc08.smt2
30 | t/SL-COMP18/bench/qf_shid_entl/nll-vc10.smt2
31 | - Framing
32 |
33 | t/SL-COMP18/bench/qf_shid_entl/odd-lseg3_slk-5.smt2
34 | - know how to prove
35 | - require an *Abstraction* on variables (not nil)
36 | - turn RHS (olseg b b ) into (olseg b k), where k is fresh (i.e., abstraction).
37 |
38 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc04.smt2
39 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc05.smt2
40 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc06.smt2
41 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc07.smt2
42 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc08.smt2
43 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc09.smt2
44 | t/SL-COMP18/bench/qf_shid_entl/skl3-vc10.smt2
45 | - Framing; skl3-vc04,5,6 are songbird failures
46 |
47 | t/SL-COMP18/bench/qf_shid_entl/tll-pp-entails-tll-pp-rev.smt2
48 | - ??
49 |
50 | t/SL-COMP18/bench/qf_shid_entl/tll-pp-rev-entails-tll-pp.smt2
51 | t/SL-COMP18/bench/qf_shid_entl/tree-pp-entails-tree-pp-rev.smt2
52 | t/SL-COMP18/bench/qf_shid_entl/tree-pp-rev-entails-tree-pp.smt2
53 | - songbird failures
54 |
--------------------------------------------------------------------------------
/prover/t/pythagoras.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( \equals ( plus ( mult ( Vx { Int } , Vx { Int } , .Patterns ) , mult ( Vy { Int } , Vy { Int } , .Patterns ) , .Patterns ) , mult ( Vz { Int } , Vz { Int } , .Patterns ) ) , gt ( Vz { Int } , 0 , .Patterns ) , gt ( Vy { Int } , 0 , .Patterns ) , gt ( Vx { Int } , 0 , .Patterns ) , .Patterns ) , \and ( \or ( .Patterns ) , .Patterns ) )
13 |
14 |
15 | fail
16 |
17 |
18 | fail
19 |
20 |
21 | smt ~> ( define-sort SetInt ( .SMTLIB2SortList ) ( Set Int .SMTLIB2SortList ) ) ( define-fun emptysetx ( .SMTLIB2SortedVarList ) SetInt ( as emptyset SetInt ) ) ( define-fun in ( ( n Int ) ( x SetInt ) .SMTLIB2SortedVarList ) Bool ( member n x .SMTLIB2TermList ) ) ( define-fun unionx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) SetInt ( union x y .SMTLIB2TermList ) ) ( define-fun intersectx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) SetInt ( intersection x y .SMTLIB2TermList ) ) ( define-fun disjointx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) Bool ( = ( intersectx x y .SMTLIB2TermList ) emptysetx .SMTLIB2TermList ) ) ( define-fun setAdd ( ( s SetInt ) ( x Int ) .SMTLIB2SortedVarList ) SetInt ( unionx s ( singleton x .SMTLIB2TermList ) .SMTLIB2TermList ) ) ( define-fun setDel ( ( s SetInt ) ( x Int ) .SMTLIB2SortedVarList ) SetInt ( setminus s ( singleton x .SMTLIB2TermList ) .SMTLIB2TermList ) ) ( define-fun max ( ( x Int ) ( y Int ) .SMTLIB2SortedVarList ) Int ( ite ( < x y .SMTLIB2TermList ) y x .SMTLIB2TermList ) ) ( declare-const Vz Int ) ( declare-const Vy Int ) ( declare-const Vx Int ) ( assert ( => ( and ( = ( + ( * Vx Vx .SMTLIB2TermList ) ( * Vy Vy .SMTLIB2TermList ) .SMTLIB2TermList ) ( * Vz Vz .SMTLIB2TermList ) .SMTLIB2TermList ) ( > Vz 0 .SMTLIB2TermList ) ( > Vy 0 .SMTLIB2TermList ) ( > Vx 0 .SMTLIB2TermList ) .SMTLIB2TermList ) false .SMTLIB2TermList ) ) .SMTLIB2Script
22 |
23 |
24 |
25 | .DeclarationCellSet
26 |
27 |
28 |
--------------------------------------------------------------------------------
/prover/t/disabled/find-in-loop.prover.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | root
5 |
6 |
7 | true
8 |
9 |
10 | .
11 |
12 |
13 | \implies ( \and ( find-list-seg ( H0 { ArrayIntInt } , OLDX { Int } , X { Int } , F1 { SetInt } , .Patterns ) , find-list ( H0 { ArrayIntInt } , X { Int } , F2 { SetInt } , .Patterns ) , disjoint ( F1 { SetInt } , F2 { SetInt } , .Patterns ) , \not ( isMember ( DATA { Int } , F1 { SetInt } , .Patterns ) ) , gt ( X { Int } , 0 , .Patterns ) , gt ( X { Int } , DATA { Int } , .Patterns ) , \equals ( X2 { Int } , select ( H0 { ArrayIntInt } , plus ( X { Int } , 1 , .Patterns ) , .Patterns ) ) , \equals ( F3 { SetInt } , add ( F1 { SetInt } , X { Int } , .Patterns ) ) , \equals ( F4 { SetInt } , del ( F2 { SetInt } , X { Int } , .Patterns ) ) , .Patterns ) , \exists { Y" , 1 ) { Int } , F" , 0 ) { SetInt } , .Patterns } \and ( find-list ( H0 { ArrayIntInt } , X2 { Int } , F4 { SetInt } , .Patterns ) , disjoint ( F3 { SetInt } , F4 { SetInt } , .Patterns ) , \not ( isMember ( DATA { Int } , F3 { SetInt } , .Patterns ) ) , find-list-seg ( H0 { ArrayIntInt } , OLDX { Int } , Y" , 1 ) { Int } , F" , 0 ) { SetInt } , .Patterns ) , gt ( Y" , 1 ) { Int } , 0 , .Patterns ) , \equals ( X2 { Int } , select ( H0 { ArrayIntInt } , plus ( Y" , 1 ) { Int } , 1 , .Patterns ) , .Patterns ) ) , \equals ( F3 { SetInt } , add ( F" , 0 ) { SetInt } , Y" , 1 ) { Int } , .Patterns ) ) , \not ( isMember ( Y" , 1 ) { Int } , F" , 0 ) { SetInt } , .Patterns ) ) , .Patterns ) )
14 |
15 |
16 | success ~> #hole ; simplify ; instantiate-existentials ; smt
17 |
18 |
19 | right-unfold-oneBody ( find-list-seg ( H0 { ArrayIntInt } , OLDX { Int } , X2 { Int } , F3 { SetInt } , .Patterns ) , \exists { Y" , 1 ) { Int } , F" , 0 ) { SetInt } , .Patterns } \and ( find-list-seg ( H0 { ArrayIntInt } , OLDX { Int } , Y" , 1 ) { Int } , F" , 0 ) { SetInt } , .Patterns ) , gt ( Y" , 1 ) { Int } , 0 , .Patterns ) , \equals ( X2 { Int } , select ( H0 { ArrayIntInt } , plus ( Y" , 1 ) { Int } , 1 , .Patterns ) , .Patterns ) ) , \equals ( F3 { SetInt } , add ( F" , 0 ) { SetInt } , Y" , 1 ) { Int } , .Patterns ) ) , \not ( isMember ( Y" , 1 ) { Int } , F" , 0 ) { SetInt } , .Patterns ) ) , .Patterns ) )
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-06.tst.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( sep ( PeList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , PeList ( Vy { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( sep ( PeList ( Vx { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { RefGTyp } , Vy { RefGTyp } , .Patterns } \iff-lfp ( PeList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( Vx { RefGTyp } , Vy { RefGTyp } ) , emp ( .Patterns ) , .Patterns ) , \exists { Vxp { RefGTyp } , .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , sep ( pto ( Vx { RefGTyp } , c_GTyp ( Vxp { RefGTyp } , .Patterns ) , .Patterns ) , PeList ( Vxp { RefGTyp } , Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( PeList )
29 |
30 | axiom functional ( c_GTyp )
31 |
32 | axiom functional ( nil_RefGTyp )
33 |
34 | axiom heap ( RefGTyp , GTyp )
35 |
36 | sort GTyp
37 |
38 | sort Heap
39 |
40 | sort RefGTyp
41 |
42 | symbol PeList ( RefGTyp , RefGTyp , .Sorts ) : Heap
43 |
44 | symbol c_GTyp ( RefGTyp , .Sorts ) : GTyp
45 |
46 | symbol emp ( .Sorts ) : Heap
47 |
48 | symbol nil_RefGTyp ( .Sorts ) : RefGTyp
49 |
50 | symbol pto ( RefGTyp , GTyp , .Sorts ) : Heap
51 |
52 | symbol sep ( Heap , Heap , .Sorts ) : Heap
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-05.tst.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( sep ( PeList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , pto ( Vy { RefGTyp } , c_GTyp ( Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( sep ( PeList ( Vx { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { RefGTyp } , Vy { RefGTyp } , .Patterns } \iff-lfp ( PeList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( Vx { RefGTyp } , Vy { RefGTyp } ) , emp ( .Patterns ) , .Patterns ) , \exists { Vxp { RefGTyp } , .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , sep ( pto ( Vx { RefGTyp } , c_GTyp ( Vxp { RefGTyp } , .Patterns ) , .Patterns ) , PeList ( Vxp { RefGTyp } , Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( PeList )
29 |
30 | axiom functional ( c_GTyp )
31 |
32 | axiom functional ( nil_RefGTyp )
33 |
34 | axiom heap ( RefGTyp , GTyp )
35 |
36 | sort GTyp
37 |
38 | sort Heap
39 |
40 | sort RefGTyp
41 |
42 | symbol PeList ( RefGTyp , RefGTyp , .Sorts ) : Heap
43 |
44 | symbol c_GTyp ( RefGTyp , .Sorts ) : GTyp
45 |
46 | symbol emp ( .Sorts ) : Heap
47 |
48 | symbol nil_RefGTyp ( .Sorts ) : RefGTyp
49 |
50 | symbol pto ( RefGTyp , GTyp , .Sorts ) : Heap
51 |
52 | symbol sep ( Heap , Heap , .Sorts ) : Heap
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/prover/t/listSegmentRightLength-appendone-implies-listSegmentRightLength.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSegmentRightLength ( H { ArrayIntInt } , X { Int } , Y { Int } , FA { SetInt } , LA { Int } , .Patterns ) , \equals ( F { SetInt } , union ( FA { SetInt } , singleton ( Y { Int } , .Patterns ) , .Patterns ) ) , disjoint ( FA { SetInt } , singleton ( Y { Int } , .Patterns ) , .Patterns ) , \equals ( Z { Int } , select ( H { ArrayIntInt } , Y { Int } , .Patterns ) ) , \equals ( LENGTH { Int } , plus ( LA { Int } , 1 , .Patterns ) ) , gt ( Y { Int } , 0 , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( listSegmentRightLength ( H { ArrayIntInt } , X { Int } , Z { Int } , F { SetInt } , LENGTH { Int } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , LENGTH { Int } , .Patterns } \iff-lfp ( listSegmentRightLength ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , LENGTH { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , Y { Int } ) , \equals ( F { SetInt } , emptyset ) , \equals ( LENGTH { Int } , 0 ) , .Patterns ) , \exists { F1 { SetInt } , LENGTH1 { Int } , Y1 { Int } , .Patterns } \and ( listSegmentRightLength ( H { ArrayIntInt } , X { Int } , Y1 { Int } , F1 { SetInt } , LENGTH1 { Int } , .Patterns ) , \equals ( LENGTH1 { Int } , minus ( LENGTH { Int } , 1 , .Patterns ) ) , gt ( Y1 { Int } , 0 , .Patterns ) , \equals ( Y { Int } , select ( H { ArrayIntInt } , Y1 { Int } , .Patterns ) ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( Y1 { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( Y1 { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( listSegmentRightLength )
29 |
30 | symbol listSegmentRightLength ( ArrayIntInt , Int , Int , SetInt , Int , .Sorts ) : Bool
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-04.tst.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( sep ( List ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , List ( Vy { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( sep ( List ( Vx { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { RefGTyp } , Vy { RefGTyp } , .Patterns } \iff-lfp ( List ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , \or ( \exists { .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , pto ( Vx { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { Vxp { RefGTyp } , .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , sep ( pto ( Vx { RefGTyp } , c_GTyp ( Vxp { RefGTyp } , .Patterns ) , .Patterns ) , List ( Vxp { RefGTyp } , Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( List )
29 |
30 | axiom functional ( c_GTyp )
31 |
32 | axiom functional ( nil_RefGTyp )
33 |
34 | axiom heap ( RefGTyp , GTyp )
35 |
36 | sort GTyp
37 |
38 | sort Heap
39 |
40 | sort RefGTyp
41 |
42 | symbol List ( RefGTyp , RefGTyp , .Sorts ) : Heap
43 |
44 | symbol c_GTyp ( RefGTyp , .Sorts ) : GTyp
45 |
46 | symbol emp ( .Sorts ) : Heap
47 |
48 | symbol nil_RefGTyp ( .Sorts ) : RefGTyp
49 |
50 | symbol pto ( RefGTyp , GTyp , .Sorts ) : Heap
51 |
52 | symbol sep ( Heap , Heap , .Sorts ) : Heap
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-02.tst.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( sep ( RList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , RList ( Vy { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( sep ( RList ( Vx { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { RefGTyp } , Vy { RefGTyp } , .Patterns } \iff-lfp ( RList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , \or ( \exists { .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , pto ( Vx { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { Vxp { RefGTyp } , .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vxp { RefGTyp } ) ) , sep ( pto ( Vxp { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , RList ( Vx { RefGTyp } , Vxp { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( RList )
29 |
30 | axiom functional ( c_GTyp )
31 |
32 | axiom functional ( nil_RefGTyp )
33 |
34 | axiom heap ( RefGTyp , GTyp )
35 |
36 | sort GTyp
37 |
38 | sort Heap
39 |
40 | sort RefGTyp
41 |
42 | symbol RList ( RefGTyp , RefGTyp , .Sorts ) : Heap
43 |
44 | symbol c_GTyp ( RefGTyp , .Sorts ) : GTyp
45 |
46 | symbol emp ( .Sorts ) : Heap
47 |
48 | symbol nil_RefGTyp ( .Sorts ) : RefGTyp
49 |
50 | symbol pto ( RefGTyp , GTyp , .Sorts ) : Heap
51 |
52 | symbol sep ( Heap , Heap , .Sorts ) : Heap
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-03.tst.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( sep ( List ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , pto ( Vy { RefGTyp } , c_GTyp ( Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( sep ( List ( Vx { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { RefGTyp } , Vy { RefGTyp } , .Patterns } \iff-lfp ( List ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , \or ( \exists { .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , pto ( Vx { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { Vxp { RefGTyp } , .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , sep ( pto ( Vx { RefGTyp } , c_GTyp ( Vxp { RefGTyp } , .Patterns ) , .Patterns ) , List ( Vxp { RefGTyp } , Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( List )
29 |
30 | axiom functional ( c_GTyp )
31 |
32 | axiom functional ( nil_RefGTyp )
33 |
34 | axiom heap ( RefGTyp , GTyp )
35 |
36 | sort GTyp
37 |
38 | sort Heap
39 |
40 | sort RefGTyp
41 |
42 | symbol List ( RefGTyp , RefGTyp , .Sorts ) : Heap
43 |
44 | symbol c_GTyp ( RefGTyp , .Sorts ) : GTyp
45 |
46 | symbol emp ( .Sorts ) : Heap
47 |
48 | symbol nil_RefGTyp ( .Sorts ) : RefGTyp
49 |
50 | symbol pto ( RefGTyp , GTyp , .Sorts ) : Heap
51 |
52 | symbol sep ( Heap , Heap , .Sorts ) : Heap
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/prover/t/qf_shid_entl-01.tst.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( sep ( pto ( Vx { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , RList ( Vy { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( sep ( RList ( Vx { RefGTyp } , Vz { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { Vx { RefGTyp } , Vy { RefGTyp } , .Patterns } \iff-lfp ( RList ( Vx { RefGTyp } , Vy { RefGTyp } , .Patterns ) , \or ( \exists { .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vx { RefGTyp } ) ) , pto ( Vx { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , \exists { Vxp { RefGTyp } , .Patterns } \and ( \not ( \equals ( nil_RefGTyp ( .Patterns ) , Vxp { RefGTyp } ) ) , sep ( pto ( Vxp { RefGTyp } , c_GTyp ( Vy { RefGTyp } , .Patterns ) , .Patterns ) , RList ( Vx { RefGTyp } , Vxp { RefGTyp } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom functional ( RList )
29 |
30 | axiom functional ( c_GTyp )
31 |
32 | axiom functional ( nil_RefGTyp )
33 |
34 | axiom heap ( RefGTyp , GTyp )
35 |
36 | sort GTyp
37 |
38 | sort Heap
39 |
40 | sort RefGTyp
41 |
42 | symbol RList ( RefGTyp , RefGTyp , .Sorts ) : Heap
43 |
44 | symbol c_GTyp ( RefGTyp , .Sorts ) : GTyp
45 |
46 | symbol emp ( .Sorts ) : Heap
47 |
48 | symbol nil_RefGTyp ( .Sorts ) : RefGTyp
49 |
50 | symbol pto ( RefGTyp , GTyp , .Sorts ) : Heap
51 |
52 | symbol sep ( Heap , Heap , .Sorts ) : Heap
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/ml2fol/arc/parser.mly:
--------------------------------------------------------------------------------
1 | %{
2 | open Convert
3 | %}
4 |
5 | %token ID
6 | %token INT
7 | %token LPAREN RPAREN DECLSORT DECLSYMB DECLPARTIAL DECLFUNC ASSERT CHECKSAT GETMODEL
8 | %token TOP BOTTOM AND OR NOT IMPLIES IFF FORALL EXISTS EQUAL FLOOR CEIL CONTAINS
9 | %token EOF
10 |
11 | %start system
12 |
13 | %type system
14 | %type pattern
15 | %type sorts
16 | %type <(string * string) list> binders
17 | %%
18 |
19 | system:
20 | | EOF { initial_system } /* the empty system */
21 | | LPAREN system_cont { $2 }
22 | ;
23 |
24 | system_cont: /* expect "declare-sort", "declare-func", "declare-symb", or "assert" */
25 | | DECLSORT ID RPAREN system { add_sort $2 $4 }
26 | | DECLFUNC ID LPAREN sorts ID RPAREN system /* sorts end with RPAREN */
27 | { add_func $2 $4 $5 $7 }
28 | | DECLPARTIAL ID LPAREN sorts ID RPAREN system
29 | { add_partial $2 $4 $5 $7 }
30 | | DECLSYMB ID LPAREN sorts ID RPAREN system
31 | { add_nonfunc $2 $4 $5 $7 }
32 | | ASSERT pattern RPAREN system
33 | { add_axiom $2 $4 }
34 | ;
35 |
36 | sorts:
37 | | RPAREN { [] }
38 | | ID sorts { $1 :: $2 }
39 | ;
40 |
41 | pattern:
42 | | TOP { TopPattern }
43 | | BOTTOM { BottomPattern }
44 | | ID { AppPattern($1, []) }
45 | | INT { IntValuePattern($1) }
46 | | LPAREN pattern_cont { $2 } /* pattern_cont ends with a RPAREN */
47 | ;
48 | pattern_cont:
49 | | AND patterns RPAREN { AndPattern($2) }
50 | | OR patterns RPAREN { OrPattern($2) }
51 | | NOT pattern RPAREN { NotPattern($2) }
52 | | IMPLIES pattern pattern RPAREN { ImpliesPattern($2, $3) }
53 | | IFF pattern pattern RPAREN { IffPattern($2, $3) }
54 | | FORALL LPAREN binders pattern RPAREN /* binders end with RPAREN */
55 | { ForallPattern($3, (replace_constants_if_binders $4 $3)) }
56 | | EXISTS LPAREN binders pattern RPAREN /* binders end with RPAREN */
57 | { ExistsPattern($3, (replace_constants_if_binders $4 $3)) }
58 | | EQUAL pattern pattern RPAREN { EqualPattern($2, $3) }
59 | | FLOOR pattern RPAREN { FloorPattern($2) }
60 | | CEIL pattern RPAREN { CeilPattern($2) }
61 | | ID patterns RPAREN { AppPattern($1, $2) }
62 | ;
63 | patterns:
64 | | pattern { [$1] }
65 | | pattern patterns { $1::$2 }
66 | ;
67 |
68 | binders: /* the starting LPAREN has been consumed */
69 | /* expect " (ID ID) (ID ID) ... (ID ID)) " */
70 | | RPAREN { [] }
71 | | LPAREN ID ID RPAREN binders { ($2, $3) :: $5 }
72 | ;
73 |
--------------------------------------------------------------------------------
/prover/t/fermat-3.smt2.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( \equals ( plus ( mult ( Vx { Int } , mult ( Vx { Int } , Vx { Int } , .Patterns ) , .Patterns ) , mult ( Vy { Int } , mult ( Vy { Int } , Vy { Int } , .Patterns ) , .Patterns ) , .Patterns ) , mult ( Vz { Int } , mult ( Vz { Int } , Vz { Int } , .Patterns ) , .Patterns ) ) , gt ( Vz { Int } , 0 , .Patterns ) , gt ( Vy { Int } , 0 , .Patterns ) , gt ( Vx { Int } , 0 , .Patterns ) , .Patterns ) , \and ( \or ( .Patterns ) , .Patterns ) )
13 |
14 |
15 | fail
16 |
17 |
18 | fail
19 |
20 |
21 | smt ~> ( define-sort SetInt ( .SMTLIB2SortList ) ( Set Int .SMTLIB2SortList ) ) ( define-fun emptysetx ( .SMTLIB2SortedVarList ) SetInt ( as emptyset SetInt ) ) ( define-fun in ( ( n Int ) ( x SetInt ) .SMTLIB2SortedVarList ) Bool ( member n x .SMTLIB2TermList ) ) ( define-fun unionx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) SetInt ( union x y .SMTLIB2TermList ) ) ( define-fun intersectx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) SetInt ( intersection x y .SMTLIB2TermList ) ) ( define-fun disjointx ( ( x SetInt ) ( y SetInt ) .SMTLIB2SortedVarList ) Bool ( = ( intersectx x y .SMTLIB2TermList ) emptysetx .SMTLIB2TermList ) ) ( define-fun setAdd ( ( s SetInt ) ( x Int ) .SMTLIB2SortedVarList ) SetInt ( unionx s ( singleton x .SMTLIB2TermList ) .SMTLIB2TermList ) ) ( define-fun setDel ( ( s SetInt ) ( x Int ) .SMTLIB2SortedVarList ) SetInt ( setminus s ( singleton x .SMTLIB2TermList ) .SMTLIB2TermList ) ) ( define-fun max ( ( x Int ) ( y Int ) .SMTLIB2SortedVarList ) Int ( ite ( < x y .SMTLIB2TermList ) y x .SMTLIB2TermList ) ) ( declare-const Vz Int ) ( declare-const Vy Int ) ( declare-const Vx Int ) ( assert ( => ( and ( = ( + ( * Vx ( * Vx Vx .SMTLIB2TermList ) .SMTLIB2TermList ) ( * Vy ( * Vy Vy .SMTLIB2TermList ) .SMTLIB2TermList ) .SMTLIB2TermList ) ( * Vz ( * Vz Vz .SMTLIB2TermList ) .SMTLIB2TermList ) .SMTLIB2TermList ) ( > Vz 0 .SMTLIB2TermList ) ( > Vy 0 .SMTLIB2TermList ) ( > Vx 0 .SMTLIB2TermList ) .SMTLIB2TermList ) false .SMTLIB2TermList ) ) .SMTLIB2Script
22 |
23 |
24 |
25 | .DeclarationCellSet
26 |
27 |
28 |
--------------------------------------------------------------------------------
/prover/t/unit/syntactic-match.k:
--------------------------------------------------------------------------------
1 | requires "drivers/unit-tests.k"
2 |
3 | module UNIT-TEST
4 | imports DRIVER-UNIT-TEST
5 |
6 | syntax Sort ::= "Foo" [token]
7 | | "Bar" [token]
8 |
9 | syntax SetVariable ::= "#A" [token]
10 |
11 | // set variables: identical
12 | rule test(1)
13 | => assert( #matchResult( subst: .Map )
14 | == syntacticMatch( terms: #A, .Patterns
15 | , patterns: #A, .Patterns
16 | , variables: .Patterns
17 | )
18 | )
19 | .Declarations
20 |
21 | // set variables: extend substitution
22 | rule test(2)
23 | => assert( #matchResult( subst: #A |-> \or(1, 2, .Patterns))
24 | == syntacticMatch( terms: \or(1, 2, .Patterns), .Patterns
25 | , patterns: #A, .Patterns
26 | , variables: #A, .Patterns
27 | )
28 | )
29 | .Declarations
30 |
31 | // set variables: cannot extend substitution
32 | rule test(3)
33 | => assert( #error("No valid substitution")
34 | == syntacticMatch( terms: \or(1, 2, .Patterns), .Patterns
35 | , patterns: #A, .Patterns
36 | , variables: .Patterns
37 | )
38 | )
39 | .Declarations
40 |
41 | // typeof: matched
42 | rule test(4)
43 | => assert( #matchResult(subst: .Map)
44 | == syntacticMatch( terms: \typeof(1, Foo), .Patterns
45 | , patterns: \typeof(1, Foo), .Patterns
46 | , variables: .Patterns
47 | )
48 | )
49 | .Declarations
50 |
51 | // typeof: mismatched sort
52 | rule test(5)
53 | => assert( #error("\\typeof(_,_) sorts do not match")
54 | == syntacticMatch( terms: \typeof(1, Foo), .Patterns
55 | , patterns: \typeof(1, Bar), .Patterns
56 | , variables: .Patterns
57 | )
58 | )
59 | .Declarations
60 |
61 | // typeof: mismatched
62 | rule test(6)
63 | => assert( #error("\\typeof(_,_) does not match")
64 | == syntacticMatch( terms: 1, .Patterns
65 | , patterns: \typeof(1, Foo), .Patterns
66 | , variables: .Patterns
67 | )
68 | )
69 | .Declarations
70 |
71 | endmodule
72 |
--------------------------------------------------------------------------------
/prover/notes.md:
--------------------------------------------------------------------------------
1 | # Separation logic canonical forms
2 |
3 | We define several syntactic categories that represent separation logic formulas.
4 | The purpose is to guide the implementation the Prover's strategies.
5 |
6 | ## Basic syntax
7 |
8 | We let `Loc` to be the sort of locations and `Val` to be the sort of values.
9 | We let `Heap` to be the (parametric) sort of heaps from locations to values.
10 | For now, we assume `Loc` is all natural numbers where `0` denotes the special
11 | location `nil`.
12 | We do not assume any specific properties about `Val`.
13 | We assume the contrainst about `Loc` and `Val` will be solved by the external SMT solvers.
14 |
15 | ```
16 | BasicConstraintPattern ::= [FOL formulas about locations (Loc) and values (Val), which can be solved by external SMT solvers]
17 | ConstraintPattern ::= \and(List{BasicConstraintPattern})
18 | ```
19 |
20 | We use `P` to denote (recursive) ML symbols from locations to heaps.
21 |
22 | ## Heap patterns
23 |
24 | At a high level, a heap pattern consists of a spatial pattern and a constraint pattern.
25 | The spatial pattern is the separating conjunction of a list of atomic spatial patterns,
26 | which are defined as follows.
27 |
28 | ```
29 | AtomicSpatialPattern
30 | ::= emp
31 | | pts(Loc, Val)
32 | | P(List{Loc})
33 | | ImplicationContext // defined below
34 | ```
35 |
36 | Here I mix the basic heap patterns (`emp`, `pts`), recursive heap patterns (`P`), and implication contexts (the "magic wand").
37 | We may define more fine-grained syntactic categories to distinguish them.
38 |
39 | ```
40 | SpatialPattern ::= sep(List{AtomicSpatialPattern})
41 | ```
42 |
43 | One of the main intuition here is that a lot of heap reasoning is about matching/unification modulo ACU
44 | over spatial patterns. Here, `sep` is the assoc-comm operator and `emp` is the unit.
45 |
46 | The canonical form of heap patterns is the logical conjunction of a spatial pattern and a constraint pattern.
47 |
48 | ```
49 | CanonicalForm ::= \and(SpatialPattern, ConstraintPattern)
50 | ```
51 |
52 | Implication context is the generalization of the magic wand. It is used to construct the result of applying the proof rule (KT).
53 | The `\forall` on the second argument is needed, because we often need to do a (Forall Introduction) on the RHS when applying (KT).
54 |
55 | ```
56 | ImplicationContext ::= \ic(CanonicalForm, \forall(List{Variable}, CanonicalForm))
57 | ```
58 |
59 | ## Proof obligation and recursive definitions
60 |
61 | ```
62 | DefinitionCase ::= \exists(List{Variable}, CanonicalForm)
63 | DefinitionBody ::= \or(List{DefinitionCase})
64 | Definition ::= P(List{Variable}) =lfp DefinitionBody
65 |
66 | Obligation ::= CanonicalForm -> CanonicalForm
67 | ```
68 |
69 |
70 |
71 |
--------------------------------------------------------------------------------
/prover/t/definitions/bst.kore:
--------------------------------------------------------------------------------
1 | symbol bst(ArrayIntInt, Int, SetInt, Int, Int) : Bool
2 | axiom functional(bst)
3 |
4 | axiom \forall { H { ArrayIntInt }, X { Int } , F { SetInt } , MIN { Int }, MAX { Int } }
5 | \iff-lfp( bst(H { ArrayIntInt }, X { Int }, F { SetInt }, MIN { Int }, MAX { Int })
6 | , \or( \exists { }
7 | \and( \equals(X { Int },0)
8 | , \equals(F { SetInt }, emptyset)
9 | )
10 | , \exists { }
11 | \and( gt(X { Int } , 0)
12 | , \equals(select(H { ArrayIntInt }, plus(X { Int }, 1)), 0)
13 | , \equals(select(H { ArrayIntInt }, plus(X { Int }, 2)), 0)
14 | , \equals(MIN { Int }, X { Int })
15 | , \equals(MAX { Int }, X { Int })
16 | , \equals(F { SetInt }, singleton(X { Int }))
17 | )
18 | , \exists { F_J1 { SetInt } , F_J2 { SetInt } , MAX_L1 { Int } , MAX_L2 { Int } , MIN_K1 { Int } , MIN_K2 { Int } , X_I1 { Int } , X_I2 { Int } }
19 | \and( bst( H { ArrayIntInt }
20 | , X_I1 { Int }
21 | , F_J1 { SetInt }
22 | , MIN_K1 { Int }
23 | , MAX_L1 { Int }
24 | )
25 | , bst( H { ArrayIntInt }
26 | , X_I2 { Int }
27 | , F_J2 { SetInt }
28 | , MIN_K2 { Int }
29 | , MAX_L2 { Int }
30 | )
31 | , gt(X { Int },0)
32 | , \equals(select(H { ArrayIntInt }, plus(X { Int }, 1)), X_I1 { Int })
33 | , \equals(select(H { ArrayIntInt }, plus(X { Int }, 2)), X_I2 { Int })
34 | , gt(X { Int }, MAX_L1 { Int })
35 | , gt(MIN_K2 { Int }, X { Int })
36 | , \equals(MIN_K1 { Int }, MIN { Int })
37 | , \equals(MAX_L2 { Int }, MAX { Int })
38 | , \not(isMember(X { Int }, F_J1 { SetInt }))
39 | , \not(isMember(X { Int }, F_J2 { SetInt }))
40 | , \equals(F { SetInt }, union( singleton(X { Int })
41 | , union( F_J1 { SetInt }
42 | , F_J2 { SetInt })))
43 | , disjoint(F_J1 { SetInt }, F_J2 { SetInt })
44 | )
45 | )
46 | )
47 |
48 |
49 |
--------------------------------------------------------------------------------
/prover/t/listSegmentLeft-implies-listSegmentRight.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , .Patterns ) , \and ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns } \iff-lfp ( listSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , Y { Int } ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { X1 { Int } , F1 { SetInt } , .Patterns } \and ( gt ( X { Int } , 0 , .Patterns ) , listSegmentLeft ( H { ArrayIntInt } , X1 { Int } , Y { Int } , F1 { SetInt } , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X1 { Int } ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns } \iff-lfp ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , Y { Int } ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { Y1 { Int } , F1 { SetInt } , .Patterns } \and ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y1 { Int } , F1 { SetInt } , .Patterns ) , gt ( Y1 { Int } , 0 , .Patterns ) , \equals ( Y { Int } , select ( H { ArrayIntInt } , Y1 { Int } , .Patterns ) ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( Y1 { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( Y1 { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( listSegmentLeft )
31 |
32 | axiom functional ( listSegmentRight )
33 |
34 | symbol listSegmentLeft ( ArrayIntInt , Int , Int , SetInt , .Sorts ) : Bool
35 |
36 | symbol listSegmentRight ( ArrayIntInt , Int , Int , SetInt , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/prover/t/listSegmentRight-implies-listSegmentLeft.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , .Patterns ) , \and ( listSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns } \iff-lfp ( listSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , Y { Int } ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { X1 { Int } , F1 { SetInt } , .Patterns } \and ( gt ( X { Int } , 0 , .Patterns ) , listSegmentLeft ( H { ArrayIntInt } , X1 { Int } , Y { Int } , F1 { SetInt } , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X1 { Int } ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns } \iff-lfp ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , Y { Int } ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { Y1 { Int } , F1 { SetInt } , .Patterns } \and ( listSegmentRight ( H { ArrayIntInt } , X { Int } , Y1 { Int } , F1 { SetInt } , .Patterns ) , gt ( Y1 { Int } , 0 , .Patterns ) , \equals ( Y { Int } , select ( H { ArrayIntInt } , Y1 { Int } , .Patterns ) ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( Y1 { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( Y1 { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( listSegmentLeft )
31 |
32 | axiom functional ( listSegmentRight )
33 |
34 | symbol listSegmentLeft ( ArrayIntInt , Int , Int , SetInt , .Sorts ) : Bool
35 |
36 | symbol listSegmentRight ( ArrayIntInt , Int , Int , SetInt , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/prover/t/sortedlist-implies-list.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSorted ( H { ArrayIntInt } , X { Int } , K { SetInt } , MIN { Int } , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( list ( H { ArrayIntInt } , X { Int } , K { SetInt } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , .Patterns } \iff-lfp ( list ( H { ArrayIntInt } , X { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { F1 { SetInt } , X1 { Int } , .Patterns } \and ( list ( H { ArrayIntInt } , X1 { Int } , F1 { SetInt } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X1 { Int } ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , .Patterns } \iff-lfp ( listSorted ( H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { F_I { SetInt } , VAL_I { Int } , X_I { Int } , .Patterns } \and ( listSorted ( H { ArrayIntInt } , X_I { Int } , F_I { SetInt } , VAL_I { Int } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X_I { Int } ) , \equals ( F { SetInt } , union ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , \equals ( VAL_I { Int } , select ( H { ArrayIntInt } , plus ( X { Int } , 1 , .Patterns ) , .Patterns ) ) , gt ( VAL_I { Int } , PREV_VAL { Int } , .Patterns ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( list )
31 |
32 | axiom functional ( listSorted )
33 |
34 | symbol list ( ArrayIntInt , Int , SetInt , .Sorts ) : Bool
35 |
36 | symbol listSorted ( ArrayIntInt , Int , SetInt , Int , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/prover/t/listSegmentLeft-list-implies-list.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , list ( H { ArrayIntInt } , Y { Int } , G { SetInt } , .Patterns ) , \equals ( K { SetInt } , union ( F { SetInt } , G { SetInt } , .Patterns ) ) , disjoint ( F { SetInt } , G { SetInt } , .Patterns ) , .Patterns ) , \and ( list ( H { ArrayIntInt } , X { Int } , K { SetInt } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , .Patterns } \iff-lfp ( list ( H { ArrayIntInt } , X { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { F1 { SetInt } , X1 { Int } , .Patterns } \and ( list ( H { ArrayIntInt } , X1 { Int } , F1 { SetInt } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X1 { Int } ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns } \iff-lfp ( listSegmentLeft ( H { ArrayIntInt } , X { Int } , Y { Int } , F { SetInt } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , Y { Int } ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { X1 { Int } , F1 { SetInt } , .Patterns } \and ( gt ( X { Int } , 0 , .Patterns ) , listSegmentLeft ( H { ArrayIntInt } , X1 { Int } , Y { Int } , F1 { SetInt } , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X1 { Int } ) , \equals ( F { SetInt } , union ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F1 { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( list )
31 |
32 | axiom functional ( listSegmentLeft )
33 |
34 | symbol list ( ArrayIntInt , Int , SetInt , .Sorts ) : Bool
35 |
36 | symbol listSegmentLeft ( ArrayIntInt , Int , Int , SetInt , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/prover/strategies/instantiate-universals.md:
--------------------------------------------------------------------------------
1 | ```
2 | Gamma, Phi(t) |- G where functional(t)
3 | ---------------------
4 | Gamma, forall x. Phi(x) |- G
5 | ```
6 |
7 | ```k
8 | module STRATEGY-INSTANTIATE-UNIVERSALS
9 | imports PROVER-CORE
10 | imports KORE-HELPERS
11 | imports STRATEGIES-EXPORTED-SYNTAX
12 |
13 | rule
14 | instantiate-universals(in: _, vars: .VariableNames,
15 | with: .Patterns) => noop ...
16 |
17 |
18 | rule
19 | instantiate-universals(in: H, vars: (V, Vs), with: (T, Ts))
20 | => instantiate-universal V with T in H
21 | ~> instantiate-universals(in: H, vars: Vs, with: Ts)
22 | ...
23 |
24 |
25 | syntax Bool ::= varIsInTopUnivQual(VariableName, Sort, Pattern) [function]
26 |
27 | rule varIsInTopUnivQual(N, S, \forall{N'{S'}, Vs} Phi)
28 | => #if N ==K N' #then
29 | S ==K S'
30 | #else
31 | varIsInTopUnivQual(N, S, \forall{Vs} Phi)
32 | #fi
33 |
34 | rule varIsInTopUnivQual(N, S, \forall{.Patterns} Phi)
35 | => varIsInTopUnivQual(N, S, Phi)
36 |
37 | syntax KItem ::= "instantiate-universal" VariableName
38 | "with" Pattern "in" AxiomName
39 |
40 | rule
41 | (.K => "Error: variable " ~> V ~> " is either not universally quantified in toplevel or has a sort other than " ~> getReturnSort(T))
42 | ~> instantiate-universal V with T in H
43 | ...
44 |
45 |
46 | axiom H : Phi
47 |
48 | requires notBool varIsInTopUnivQual(V, getReturnSort(T), Phi)
49 |
50 | rule
51 | (.K => "The term " ~> T ~> "is not known to be functional.")
52 | ~> instantiate-universal _ with T in H
53 | ...
54 |
55 | GId
56 | requires notBool isFunctional(GId, T)
57 |
58 | rule
59 | instantiate-universal V with T in H
60 | => .K ...
61 |
62 |
63 | axiom H : (Phi => #instantiateUniv(Phi, V, T))
64 |
65 | GId
66 | requires varIsInTopUnivQual(V, getReturnSort(T), Phi)
67 | andBool isFunctional(GId, T)
68 |
69 | syntax Pattern ::= #instantiateUniv(Pattern, VariableName, Pattern) [function]
70 |
71 | rule #instantiateUniv(\forall{Vs} Phi, V, P)
72 | => stripEmptyForall(
73 | #if V in PatternsToVariableNameSet(Vs)
74 | #then \forall{#removeVar(Vs, V)} subst(Phi, V, P)
75 | #else \forall{Vs} #instantiateUniv(Phi, V, P)
76 | #fi
77 | )
78 |
79 | syntax Patterns ::= #removeVar(Patterns, VariableName) [function]
80 | rule #removeVar(.Patterns, _) => .Patterns
81 | rule #removeVar((V{_},Ps), V) => #removeVar(Ps, V)
82 | rule #removeVar((P,Ps), V) => P, #removeVar(Ps, V) [owise]
83 |
84 | syntax Pattern ::= stripEmptyForall(Pattern) [function]
85 | rule stripEmptyForall(\forall{.Patterns} Phi) => Phi
86 | rule stripEmptyForall(Phi) => Phi [owise]
87 |
88 | endmodule
89 | ```
90 |
--------------------------------------------------------------------------------
/ml2fol/examples/sl/001.match:
--------------------------------------------------------------------------------
1 | (declare-sort Sll_t)
2 |
3 | (declare-sort Record)
4 |
5 | (declare-sort Map)
6 |
7 | ;Sll_t constants
8 |
9 | (declare-func x0 () Sll_t)
10 |
11 | (declare-func x1 () Sll_t)
12 |
13 | (declare-func x2 () Sll_t)
14 |
15 | (declare-func x3 () Sll_t)
16 |
17 | (declare-func x4 () Sll_t)
18 |
19 | (declare-func x5 () Sll_t)
20 |
21 | (declare-func x6 () Sll_t)
22 |
23 | (declare-func x7 () Sll_t)
24 |
25 | (declare-func x8 () Sll_t)
26 |
27 | (declare-func x9 () Sll_t)
28 |
29 | (declare-func x10 () Sll_t)
30 |
31 | (declare-func nil () Sll_t)
32 |
33 | ;distinct : a syntactic sugar
34 |
35 | ;distinct(x y) = (not (= x y))
36 |
37 | ;Field name
38 |
39 | (declare-func next (Sll_t) Record)
40 |
41 | ;Record
42 |
43 | ;(declare-func ref (Record) Record)
44 |
45 | ;Union
46 |
47 | (declare-part uni (Record Record) Record)
48 |
49 | ; Maps
50 |
51 | (declare-func emp () Map)
52 |
53 | ; x |-> y
54 |
55 | (declare-part pto (Sll_t Record) Map)
56 |
57 | ; nil |-> y is bottom
58 |
59 | (assert (forall ((x Record))
60 |
61 | (not (pto nil x))))
62 |
63 | ; ssep is separating conjunction
64 |
65 | (declare-part ssep (Map Map) Map)
66 |
67 | ; commutativity
68 |
69 | (assert (forall ((h1 Map) (h2 Map))
70 |
71 | (= (ssep h1 h2) (ssep h2 h1))))
72 |
73 | ; associativity
74 |
75 | (assert (forall ((h1 Map) (h2 Map) (h3 Map))
76 |
77 | (= (ssep (ssep h1 h2) h3)
78 |
79 | (ssep h1 (ssep h2 h3)))))
80 |
81 | ; identity
82 |
83 | (assert (forall ((h Map))
84 |
85 | (= h (ssep h emp))))
86 |
87 | ; x |-> y * x |-> z = bottom
88 |
89 | (assert (forall ((x Sll_t) (y Record) (z Record))
90 |
91 | (not (ssep (pto x y) (pto x z)))))
92 |
93 | ;(next x) U (next y) = bottom
94 |
95 | (assert (forall ((x Sll_t) (y Sll_t))
96 |
97 | (not (uni (next x) (next y)))))
98 |
99 | ; commutativity
100 |
101 | (assert (forall ((r1 Record) (r2 Record))
102 |
103 | (= (uni r1 r2) (uni r2 r1))))
104 |
105 | ; associativity
106 |
107 | (assert (forall ((r1 Record) (r2 Record) (r3 Record))
108 |
109 | (= (uni (uni r1 r2) r3)
110 |
111 | (uni r1 (uni r2 r3)))))
112 |
113 | ;List
114 |
115 | (declare-func ls (Sll_t Sll_t) Map)
116 |
117 | (assert (forall ((in Sll_t)(out Sll_t))
118 |
119 | (= (ls in out) (or (= in out) (exists ((u Sll_t)) (and (not
120 |
121 | (= in out)) (ssep (pto in (next u)) (ls u out)
122 |
123 | )))))
124 |
125 | ))
126 |
127 | ;example 1
128 |
129 | ;((ls x6 x1)*(x4|->{(next x9)})*emp)
130 |
131 | (assert
132 |
133 | (not (floor
134 |
135 | (ssep
136 |
137 | (ls x6 x1)
138 |
139 | (ssep
140 |
141 | (pto x4 (next x9))
142 |
143 | emp
144 |
145 | ))))
146 |
147 | )
148 |
149 | ;example 2
150 |
151 | ;(nil=nil) /\ (ls(x2 x7)*(x6|->{(next x1)})*(x4|->{(next x9)})*emp)
152 |
153 |
154 | (assert
155 | (not (floor
156 | (and
157 | (= nil nil)
158 | (ssep
159 | (ls x2 x7)
160 | (ssep
161 | (pto x6 (next x1))
162 | (ssep
163 | (pto x4 (next x9))
164 | (ssep
165 | (ls x10 x2)
166 | emp)
167 | ))))
168 | ))
169 | )
170 |
--------------------------------------------------------------------------------
/prover/LICENSE:
--------------------------------------------------------------------------------
1 | ==============================================================================
2 | The EVM Semantics in K Release License
3 | ==============================================================================
4 | University of Illinois/NCSA
5 | Open Source License
6 |
7 | Copyright (c) 2009-2015 University of Illinois at Urbana-Champaign.
8 | All rights reserved.
9 |
10 | Developed by:
11 |
12 | K Team (http://kframework.org)
13 | with members from:
14 |
15 | * University of Illinois at Urbana-Champaign (http://fsl.cs.illinois.edu/)
16 | * Runtime Verification, Inc (https://www.runtimeverification.com)
17 | * University Alexandru-Ioan Cuza, Romania (https://fmse.info.uaic.ro)
18 |
19 | Permission is hereby granted, free of charge, to any person obtaining a copy of
20 | this software and associated documentation files (the "Software"), to deal with
21 | the Software without restriction, including without limitation the rights to
22 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
23 | of the Software, and to permit persons to whom the Software is furnished to do
24 | so, subject to the following conditions:
25 |
26 |
27 | * Redistributions of source code must retain the above copyright notice,
28 | this list of conditions and the following disclaimers.
29 |
30 | * Redistributions in binary form must reproduce the above copyright notice,
31 | this list of conditions and the following disclaimers in the
32 | documentation and/or other materials provided with the distribution.
33 |
34 | * Neither the names of the K Team, Runtime Verification, the University of
35 | Illinois at Urbana-Champaign, the University Alexandru-Ioan Cuza, nor
36 | the names of its contributors may be used to endorse or promote products
37 | derived from this Software without specific prior written permission.
38 |
39 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
40 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
41 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
42 | CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
43 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
44 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE
45 | SOFTWARE.
46 |
47 | ==============================================================================
48 | Copyrights and Licenses for Third Party Software Distributed with the EVM
49 | Semantics in K:
50 | ==============================================================================
51 | The EVM Semantics in K software contains code written by third parties.
52 | Licenses for this software can be found in the licenses directory
53 | in the file as specified below. These files will describe the copyrights,
54 | license, and restrictions which apply to that code.
55 |
56 | The disclaimer of warranty in the University of Illinois Open Source License
57 | applies to all code in the EVM Semantics in K Distribution, and nothing in any of
58 | the other licenses gives permission to use the names of the K Team, Runtime
59 | Verification, the University of Illinois, or the University Alexandru-Ioan Cuza
60 | to endorse or promote products derived from this Software.
61 |
--------------------------------------------------------------------------------
/prover/t/listSortedLength-implies-listLength.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSortedLength ( H { ArrayIntInt } , X { Int } , K { SetInt } , MIN { Int } , Length { Int } , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( listLength ( H { ArrayIntInt } , X { Int } , K { SetInt } , Length { Int } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , LENGTH { Int } , .Patterns } \iff-lfp ( listLength ( H { ArrayIntInt } , X { Int } , F { SetInt } , LENGTH { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , \equals ( LENGTH { Int } , 0 ) , .Patterns ) , \exists { F_I { SetInt } , LENGTH_I { Int } , X_I { Int } , .Patterns } \and ( listLength ( H { ArrayIntInt } , X_I { Int } , F_I { SetInt } , LENGTH_I { Int } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X_I { Int } ) , \equals ( F { SetInt } , union ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , gt ( LENGTH { Int } , 0 , .Patterns ) , \equals ( LENGTH_I { Int } , minus ( LENGTH { Int } , 1 , .Patterns ) ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , LENGTH { Int } , .Patterns } \iff-lfp ( listSortedLength ( H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , LENGTH { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , \equals ( LENGTH { Int } , 0 ) , .Patterns ) , \exists { F_I { SetInt } , LENGTH_I { Int } , VAL_I { Int } , X_I { Int } , .Patterns } \and ( listSortedLength ( H { ArrayIntInt } , X_I { Int } , F_I { SetInt } , VAL_I { Int } , LENGTH_I { Int } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X_I { Int } ) , \equals ( F { SetInt } , union ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , \equals ( VAL_I { Int } , select ( H { ArrayIntInt } , plus ( X { Int } , 1 , .Patterns ) , .Patterns ) ) , gt ( VAL_I { Int } , PREV_VAL { Int } , .Patterns ) , gt ( LENGTH { Int } , 0 , .Patterns ) , \equals ( LENGTH_I { Int } , minus ( LENGTH { Int } , 1 , .Patterns ) ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( listLength )
31 |
32 | axiom functional ( listSortedLength )
33 |
34 | symbol listLength ( ArrayIntInt , Int , SetInt , Int , .Sorts ) : Bool
35 |
36 | symbol listSortedLength ( ArrayIntInt , Int , SetInt , Int , Int , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/prover/t/listSortedLength-implies-listSorted.kore.expected:
--------------------------------------------------------------------------------
1 |
2 |
3 | .
4 |
5 |
6 | 0
7 |
8 |
9 |
10 | active: true, id: root, parent: .
11 |
12 | \implies ( \and ( listSortedLength ( H { ArrayIntInt } , X { Int } , K { SetInt } , MIN { Int } , Length { Int } , .Patterns ) , .Patterns ) , \exists { .Patterns } \and ( listSorted ( H { ArrayIntInt } , X { Int } , K { SetInt } , MIN { Int } , .Patterns ) , .Patterns ) )
13 |
14 |
15 | success
16 |
17 |
18 | success
19 |
20 |
21 | .
22 |
23 |
24 |
25 |
26 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , .Patterns } \iff-lfp ( listSorted ( H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , .Patterns ) , \exists { F_I { SetInt } , VAL_I { Int } , X_I { Int } , .Patterns } \and ( listSorted ( H { ArrayIntInt } , X_I { Int } , F_I { SetInt } , VAL_I { Int } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X_I { Int } ) , \equals ( F { SetInt } , union ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , \equals ( VAL_I { Int } , select ( H { ArrayIntInt } , plus ( X { Int } , 1 , .Patterns ) , .Patterns ) ) , gt ( VAL_I { Int } , PREV_VAL { Int } , .Patterns ) , .Patterns ) , .Patterns ) )
27 |
28 | axiom \forall { H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , LENGTH { Int } , .Patterns } \iff-lfp ( listSortedLength ( H { ArrayIntInt } , X { Int } , F { SetInt } , PREV_VAL { Int } , LENGTH { Int } , .Patterns ) , \or ( \exists { .Patterns } \and ( \equals ( X { Int } , 0 ) , \equals ( F { SetInt } , emptyset ) , \equals ( LENGTH { Int } , 0 ) , .Patterns ) , \exists { F_I { SetInt } , LENGTH_I { Int } , VAL_I { Int } , X_I { Int } , .Patterns } \and ( listSortedLength ( H { ArrayIntInt } , X_I { Int } , F_I { SetInt } , VAL_I { Int } , LENGTH_I { Int } , .Patterns ) , gt ( X { Int } , 0 , .Patterns ) , \equals ( select ( H { ArrayIntInt } , X { Int } , .Patterns ) , X_I { Int } ) , \equals ( F { SetInt } , union ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) ) , disjoint ( F_I { SetInt } , singleton ( X { Int } , .Patterns ) , .Patterns ) , \equals ( VAL_I { Int } , select ( H { ArrayIntInt } , plus ( X { Int } , 1 , .Patterns ) , .Patterns ) ) , gt ( VAL_I { Int } , PREV_VAL { Int } , .Patterns ) , gt ( LENGTH { Int } , 0 , .Patterns ) , \equals ( LENGTH_I { Int } , minus ( LENGTH { Int } , 1 , .Patterns ) ) , .Patterns ) , .Patterns ) )
29 |
30 | axiom functional ( listSorted )
31 |
32 | axiom functional ( listSortedLength )
33 |
34 | symbol listSorted ( ArrayIntInt , Int , SetInt , Int , .Sorts ) : Bool
35 |
36 | symbol listSortedLength ( ArrayIntInt , Int , SetInt , Int , Int , .Sorts ) : Bool
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------