def test_true(self):
with self.assertRaises(Exception):
Be.true(None)
expr = Be.true(self._manager)
self.assertTrue(expr.is_true())
self.assertFalse(expr.is_false())
self.assertTrue(expr.is_constant())
def test_true(self):
with self.assertRaises(Exception):
Be.true(None)
expr = Be.true(self._manager)
self.assertTrue(expr.is_true())
self.assertFalse(expr.is_false())
self.assertTrue(expr.is_constant())
def test_constant_with_loop(self):
with tests.Configure(self, __file__, "/example.smv"):
expr = ast.Constant("TRUE")
self.assertEqual(Be.true(self.mgr), expr.semantic_with_loop(self.enc, 0, 5, 2))
expr = ast.Constant("FALSE")
self.assertEqual(Be.false(self.mgr), expr.semantic_with_loop(self.enc, 0, 5, 2))
def bounded_semantics(self, fsm, k, fairness=True):
"""
Returns a boolean expression corresponding to the bounded semantics of
the formula denoted by `self` on a path of length k. This combines both
the semantics in case of a loopy path and the case of a non-loopy path.
.. note::
This function takes the same approach as NuSMV and does not enforce
the absence of loop when using the more restrictive semantic_no_loop.
:param fsm: the FSM representing the model. It is used to gain access
to the encoder (-> shift variables) and to obtain the list of
fairness constraints.
:param k: the last time that exists in the universe of this expression
:param fairness: a flag indicating whether or not the fairness constraints
should be taken into account while generating the formula.
:return: a boolean expression translating the bounded semantics of this
formula.
"""
enc = fsm.encoding
noloop = self.semantic_no_loop(enc, 0, k)
w_loop = Be.false(enc.manager)
for l in range(k): # [0; k-1]
fairness_cond = fairness_constraint(fsm, k, l) \
if fairness \
else Be.true(enc.manager)
w_loop |= (loop_condition(enc, k, l) \
& fairness_cond \
& self.semantic_with_loop(enc, 0, k, l))
return noloop | w_loop
def bounded_semantics(self, fsm, k, fairness=True):
"""
Returns a boolean expression corresponding to the bounded semantics of
the formula denoted by `self` on a path of length k. This combines both
the semantics in case of a loopy path and the case of a non-loopy path.
.. note::
This function takes the same approach as NuSMV and does not enforce
the absence of loop when using the more restrictive semantic_no_loop.
:param fsm: the FSM representing the model. It is used to gain access
to the encoder (-> shift variables) and to obtain the list of
fairness constraints.
:param k: the last time that exists in the universe of this expression
:param fairness: a flag indicating whether or not the fairness constraints
should be taken into account while generating the formula.
:return: a boolean expression translating the bounded semantics of this
formula.
"""
enc = fsm.encoding
noloop = self.semantic_no_loop(enc, 0, k)
w_loop = Be.false(enc.manager)
for l in range(k): # [0; k-1]
fairness_cond = fairness_constraint(fsm, k, l) if fairness else Be.true(enc.manager)
w_loop |= loop_condition(enc, k, l) & fairness_cond & self.semantic_with_loop(enc, 0, k, l)
return noloop | w_loop
def loop_condition(enc, k, l):
"""
This function generates a Be expression representing the loop condition
which is necessary to determine that k->l is a backloop.
Formally, the returned constraint is denoted _{l}L_{k}
Because the transition relation is encoded in Nusmv as formula (and not as
a relation per-se), we determine the existence of a backloop between
l < k and forall var, var(i) == var(k)
That is to say: if it is possible to encounter two times the same state
(same state being all variables have the same value in both states) we know
there is a backloop on the path
.. note::
An other implementation of this function (w/ the same semantics) exists
in :mod:`pynusmv.bmc.utils`. This version is merely re-implemented to
1. show that it can be easily done
2. stick closely to the definition given in the paper by Biere et al.
(see other note)
:param fsm: the fsm on which the condition will be evaluated
:param k: the highest time
:param l: the time where the loop is assumed to start
:return: a Be expression representing the loop condition that verifies that
k-l is a loop path.
"""
cond = Be.true(enc.manager)
for v in enc.curr_variables: # for all untimed variable
vl = v.at_time[l].boolean_expression
vk = v.at_time[k].boolean_expression
cond = cond & (vl.iff(vk))
return cond
def loop_condition(enc, k, l):
"""
This function generates a Be expression representing the loop condition
which is necessary to determine that k->l is a backloop.
Formally, the returned constraint is denoted _{l}L_{k}
Because the transition relation is encoded in Nusmv as formula (and not as
a relation per-se), we determine the existence of a backloop between
l < k and forall var, var(i) == var(k)
That is to say: if it is possible to encounter two times the same state
(same state being all variables have the same value in both states) we know
there is a backloop on the path
.. note::
An other implementation of this function (w/ the same semantics) exists
in :mod:`pynusmv.bmc.utils`. This version is merely re-implemented to
1. show that it can be easily done
2. stick closely to the definition given in the paper by Biere et al.
(see other note)
:param fsm: the fsm on which the condition will be evaluated
:param k: the highest time
:param l: the time where the loop is assumed to start
:return: a Be expression representing the loop condition that verifies that
k-l is a loop path.
"""
cond = Be.true(enc.manager)
for v in enc.curr_variables: # for all untimed variable
vl = v.at_time[l].boolean_expression
vk = v.at_time[k].boolean_expression
cond = cond & (vl.iff(vk))
return cond
def test_add_(self):
# using the algebraic notation
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertTrue((true + false).is_true())
self.assertFalse((true + false).is_false())
self.assertTrue((true + false).is_constant())
def test_sub_(self):
# and not
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertTrue((true - false).is_true())
self.assertFalse((true - false).is_false())
self.assertTrue((true - false).is_constant())
def test__and_(self):
# using the keyword
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse((true and false).is_true())
self.assertTrue((true and false).is_false())
self.assertTrue((true and false).is_constant())
def test__and_(self):
# using the keyword
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse((true and false).is_true())
self.assertTrue((true and false).is_false())
self.assertTrue((true and false).is_constant())
def test_add_(self):
# using the algebraic notation
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertTrue((true + false).is_true())
self.assertFalse((true + false).is_false())
self.assertTrue((true + false).is_constant())
def test_sub_(self):
# and not
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertTrue((true - false).is_true())
self.assertFalse((true - false).is_false())
self.assertTrue((true - false).is_constant())
def test_and(self):
# using the function
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse(true.and_(false).is_true())
self.assertTrue(true.and_(false).is_false())
self.assertTrue(true.and_(false).is_constant())
def _semantic(time, cnt):
"""auxiliary function to stop recursing after k steps"""
# at infinity, it is true: psi is not forced if []phi
if cnt == k:
return Be.true(enc.manager)
psi = self.rhs.semantic_with_loop(enc, time, k, l)
phi = self.lhs.semantic_with_loop(enc, time, k, l)
return psi | (phi & _semantic(successor(time, k, l), cnt + 1))
def test_and(self):
# using the function
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse(true.and_(false).is_true())
self.assertTrue(true.and_(false).is_false())
self.assertTrue(true.and_(false).is_constant())
def test_fairness_list(self):
self.assertEqual(1, len(self._TESTED.fairness_list))
# returned items are boolean expressions
fairness = self._TESTED.fairness_list[0]
# manually recoding v = True
v = self._TESTED.encoding.by_name['v'].boolean_expression
manual = Be.true(self._TESTED.encoding.manager).iff(v)
self.assertEqual(fairness, manual)
def _semantic(time, cnt):
"""auxiliary function to stop recursing after k steps"""
# at infinity, it is true: psi is not forced if []phi
if cnt == k:
return Be.true(enc.manager)
psi = self.rhs.semantic_with_loop(enc, time, k, l)
phi = self.lhs.semantic_with_loop(enc, time, k, l)
return psi | (phi & _semantic(successor(time, k, l), cnt + 1))
def test_fairness_list(self):
self.assertEqual(1, len(self._TESTED.fairness_list))
# returned items are boolean expressions
fairness = self._TESTED.fairness_list[0]
# manually recoding v = True
v = self._TESTED.encoding.by_name['v'].boolean_expression
manual = Be.true(self._TESTED.encoding.manager).iff(v)
self.assertEqual(fairness, manual)
def test_inline(self):
true = Be.true(self._manager)
self.assertIsNotNone(true.inline(True))
self.assertIsNotNone(true.inline(False))
# with a non constant expression
v = self._fsm.encoding.by_name["v"].boolean_expression
self.assertIsNotNone(v.inline(True))
self.assertIsNotNone(v.inline(False))
def test_inline(self):
true = Be.true(self._manager)
self.assertIsNotNone(true.inline(True))
self.assertIsNotNone(true.inline(False))
# with a non constant expression
v = self._fsm.encoding.by_name["v"].boolean_expression
self.assertIsNotNone(v.inline(True))
self.assertIsNotNone(v.inline(False))
def test_constant_with_loop(self):
with tests.Configure(self, __file__, "/example.smv"):
expr = ast.Constant("TRUE")
self.assertEqual(Be.true(self.mgr),
expr.semantic_with_loop(self.enc, 0, 5, 2))
expr = ast.Constant("FALSE")
self.assertEqual(Be.false(self.mgr),
expr.semantic_with_loop(self.enc, 0, 5, 2))
def verify_step_fairness_constraint(self):
# must be true
tool = ast.fairness_constraint(self.befsm, 0, 0)
self.assertEqual(tool, Be.true(self.mgr))
# loop position does not matter if not feasible
tool = ast.fairness_constraint(self.befsm, 0, 1)
self.assertEqual(tool, Be.true(self.mgr))
model= bmcutils.BmcModel()
# step 0
tool = ast.fairness_constraint(self.befsm, 1, 0)
smv = model.fairness(1, 0)
self.assertEqual(tool, smv)
# step 1
tool = ast.fairness_constraint(self.befsm, 2, 1)
smv = model.fairness(2, 1)
self.assertEqual(tool, smv)
def verify_step_fairness_constraint(self):
# must be true
tool = ast.fairness_constraint(self.befsm, 0, 0)
self.assertEqual(tool, Be.true(self.mgr))
# loop position does not matter if not feasible
tool = ast.fairness_constraint(self.befsm, 0, 1)
self.assertEqual(tool, Be.true(self.mgr))
model = bmcutils.BmcModel()
# step 0
tool = ast.fairness_constraint(self.befsm, 1, 0)
smv = model.fairness(1, 0)
self.assertEqual(tool, smv)
# step 1
tool = ast.fairness_constraint(self.befsm, 2, 1)
smv = model.fairness(2, 1)
self.assertEqual(tool, smv)
def verify_invariants_constraint(self, bound):
model = bmcutils.BmcModel()
manual = Be.true(self.mgr)
for i in range(bound+1):
manual &= model.invar[i]
tool = gen.invariants_constraint(self.befsm, bound)
self.assertEqual(tests.canonical_cnf(tool),
tests.canonical_cnf(manual))
def verify_invariants_constraint(self, bound):
model = bmcutils.BmcModel()
manual = Be.true(self.mgr)
for i in range(bound + 1):
manual &= model.invar[i]
tool = gen.invariants_constraint(self.befsm, bound)
self.assertEqual(tests.canonical_cnf(tool),
tests.canonical_cnf(manual))
def test_to_cnf(self):
true = Be.true(self._manager)
self.assertIsNotNone(true.to_cnf(Polarity.NOT_SET))
self.assertIsNotNone(true.to_cnf(Polarity.NEGATIVE))
self.assertIsNotNone(true.to_cnf(Polarity.POSITIVE))
# with a non constant expression
v = self._fsm.encoding.by_name["v"].boolean_expression
self.assertIsNotNone(v.to_cnf(Polarity.NOT_SET))
self.assertIsNotNone(v.to_cnf(Polarity.NEGATIVE))
self.assertIsNotNone(v.to_cnf(Polarity.POSITIVE))
def test_to_cnf(self):
true = Be.true(self._manager)
self.assertIsNotNone(true.to_cnf(Polarity.NOT_SET))
self.assertIsNotNone(true.to_cnf(Polarity.NEGATIVE))
self.assertIsNotNone(true.to_cnf(Polarity.POSITIVE))
# with a non constant expression
v = self._fsm.encoding.by_name["v"].boolean_expression
self.assertIsNotNone(v.to_cnf(Polarity.NOT_SET))
self.assertIsNotNone(v.to_cnf(Polarity.NEGATIVE))
self.assertIsNotNone(v.to_cnf(Polarity.POSITIVE))
def bounded_semantics_at_offset(fsm, formula, bound, offset, fairness=True):
"""
Generates the Be :math:`[[formula]]_{bound}` corresponding to the bounded semantic
of `formula` but encodes it with an `offset` long shift in the timeline of the encoder.
.. note::
This function plays the same role as `bounded_semantics_all_loops` but allows to
position the time blocks at some place we like in the encoder timeline. This is mostly
helpful if you want to devise verification methods that need to have multiple parallel
verifications. (ie. diagnosability).
Note however, that the two implementations are different.
.. warning::
So far, the only supported temporal operators are F, G, U, R, X
:param fsm: the BeFsm for which the property will be verified. Actually, it is only used to
provide the encoder used to assign the variables to some time blocks. The api was kept
this ways to keep uniformity with its non-offsetted counterpart.
:param formula: the property for which to generate a verification problem
represented in a 'node' format (subclass of :class:`pynusmv.node.Node`)
which corresponds to the format obtained from the ast. (remark: if you
need to manipulate [ie negate] the formula before passing it, it is
perfectly valid to pass a node decorated by `Wff.decorate`).
:param bound: the logical time bound to the problem. (Leave out the offset for this param: if you
intend to have a problem with at most 10 steps, say bound=10)
:param offset: the time offset in the encoding block where the sem of this formula will be
generated.
:param fairness: a flag indicating whether or not to take the fairness
constraint into account.
:return: a Be corresponding to the semantics of `formula` for a problem with a maximum of `bound`
steps encoded to start at time `offset` in the `fsm` encoding timeline.
"""
if bound < 0:
raise ValueError("Bound must be a positive integer")
if offset < 0:
raise ValueError("The offset must be a positive integer")
enc = fsm.encoding
straight = bounded_semantics_without_loop_at_offset(
fsm, formula, 0, bound, offset)
k_loop = Be.false(enc.manager)
for i in range(bound):
fairness_cond = utils.fairness_constraint(fsm, offset+bound, offset+i) \
if fairness \
else Be.true(enc.manager)
k_loop |= ( utils.loop_condition(enc, offset+bound, offset+i) \
& fairness_cond \
& bounded_semantics_with_loop_at_offset(fsm, formula, 0, bound, i, offset))
# this is just the sem of the formula
return straight | k_loop
def test__mul_(self):
# using algebraic notation
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse((true * false).is_true())
self.assertTrue((true * false).is_false())
self.assertTrue((true * false).is_constant())
self.assertFalse((true & false).is_true())
self.assertTrue((true & false).is_false())
self.assertTrue((true & false).is_constant())
def test__mul_(self):
# using algebraic notation
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse((true * false).is_true())
self.assertTrue((true * false).is_false())
self.assertTrue((true * false).is_constant())
self.assertFalse((true & false).is_true())
self.assertTrue((true & false).is_false())
self.assertTrue((true & false).is_constant())
def bounded_semantics_at_offset(fsm, formula, bound, offset, fairness=True):
"""
Generates the Be [[formula]]_{bound} corresponding to the bounded semantic
of `formula` but encodes it with an `offset` long shift in the timeline of the encoder.
.. note::
This function plays the same role as `bounded_semantics_all_loops` but allows to
position the time blocks at some place we like in the encoder timeline. This is mostly
helpful if you want to devise verification methods that need to have multiple parallel
verifications. (ie. diagnosability).
Note however, that the two implementations are different.
.. warning::
So far, the only supported temporal operators are F, G, U, R, X
:param fsm: the BeFsm for which the property will be verified. Actually, it is only used to
provide the encoder used to assign the variables to some time blocks. The api was kept
this ways to keep uniformity with its non-offsetted counterpart.
:param formula: the property for which to generate a verification problem
represented in a 'node' format (subclass of :see::class:`pynusmv.node.Node`)
which corresponds to the format obtained from the ast. (remark: if you
need to manipulate [ie negate] the formula before passing it, it is
perfectly valid to pass a node decorated by `Wff.decorate`).
:param bound: the logical time bound to the problem. (Leave out the offset for this param: if you
intend to have a problem with at most 10 steps, say bound=10)
:param offset: the time offset in the encoding block where the sem of this formula will be
generated.
:param fairness: a flag indicating whether or not to take the fairness
constraint into account.
:return: a Be corresponding to the semantics of `formula` for a problem with a maximum of `bound`
steps encoded to start at time `offset` in the `fsm` encoding timeline.
"""
if bound< 0:
raise ValueError("Bound must be a positive integer")
if offset<0:
raise ValueError("The offset must be a positive integer")
enc = fsm.encoding
straight = bounded_semantics_without_loop_at_offset(fsm, formula, 0, bound, offset)
k_loop = Be.false(enc.manager)
for i in range(bound):
fairness_cond = utils.fairness_constraint(fsm, offset+bound, offset+i) \
if fairness \
else Be.true(enc.manager)
k_loop |= ( utils.loop_condition(enc, offset+bound, offset+i) \
& fairness_cond \
& bounded_semantics_with_loop_at_offset(fsm, formula, 0, bound, i, offset))
# this is just the sem of the formula
return straight | k_loop
def test_imply(self):
true = Be.true(self._manager)
false = Be.false(self._manager)
# antecedent always true
self.assertFalse(true.imply(false).is_true())
self.assertTrue( true.imply(false).is_false())
self.assertTrue( true.imply(false).is_constant())
# antecedent always false
self.assertTrue( false.imply(true).is_true())
self.assertFalse(false.imply(true).is_false())
self.assertTrue( false.imply(true).is_constant())
def test_imply(self):
true = Be.true(self._manager)
false = Be.false(self._manager)
# antecedent always true
self.assertFalse(true.imply(false).is_true())
self.assertTrue(true.imply(false).is_false())
self.assertTrue(true.imply(false).is_constant())
# antecedent always false
self.assertTrue(false.imply(true).is_true())
self.assertFalse(false.imply(true).is_false())
self.assertTrue(false.imply(true).is_constant())
def test_constraint_same_observations(self):
observable = diagnosability.mk_observable_vars(["mouse"])
constraint = diagnosability.constraint_same_observations(observable, 0, 5, 5)
model = bmcutils.BmcModel()
manual = Be.true(model._fsm.encoding.manager)
for i in range(6): # because we want to go from 0 through 5
for v in model._fsm.encoding.input_variables:
v_1 = v.at_time[i].boolean_expression
v_2 = v.at_time[5+i].boolean_expression
manual &= v_1.iff(v_2)
self.assertEqual(manual, constraint)
def test_original_problem(self):
# constant expr always have zero clauses zero vars
true = Be.true(self._manager)
false = Be.false(self._manager)
TF = true or false
self.assertEqual(TF, TF.to_cnf(Polarity.NOT_SET).original_problem)
self.assertEqual(TF, TF.to_cnf(Polarity.POSITIVE).original_problem)
self.assertEqual(TF, TF.to_cnf(Polarity.NEGATIVE).original_problem)
# with variables
v = self._fsm.encoding.by_name['v'].boolean_expression
self.assertEqual(v, v.to_cnf(Polarity.NOT_SET).original_problem)
self.assertEqual(v, v.to_cnf(Polarity.POSITIVE).original_problem)
self.assertEqual(v, v.to_cnf(Polarity.NEGATIVE).original_problem)
def test_clauses_number(self):
# constant expr always have zero clauses zero vars
true = Be.true(self._manager)
false = Be.false(self._manager)
TF = true or false
self.assertEqual(0, TF.to_cnf(Polarity.NOT_SET).clauses_number)
self.assertEqual(0, TF.to_cnf(Polarity.POSITIVE).clauses_number)
self.assertEqual(0, TF.to_cnf(Polarity.NEGATIVE).clauses_number)
# with variables
v = self._fsm.encoding.by_name['v'].boolean_expression
self.assertEqual(2, v.to_cnf(Polarity.NOT_SET).clauses_number)
self.assertEqual(1, v.to_cnf(Polarity.POSITIVE).clauses_number)
self.assertEqual(1, v.to_cnf(Polarity.NEGATIVE).clauses_number)
def test_constraint_same_observations(self):
observable = diagnosability.mk_observable_vars(["mouse"])
constraint = diagnosability.constraint_same_observations(
observable, 0, 5, 5)
model = bmcutils.BmcModel()
manual = Be.true(model._fsm.encoding.manager)
for i in range(6): # because we want to go from 0 through 5
for v in model._fsm.encoding.input_variables:
v_1 = v.at_time[i].boolean_expression
v_2 = v.at_time[5 + i].boolean_expression
manual &= v_1.iff(v_2)
self.assertEqual(manual, constraint)
def test_reset(self):
"""
Verifies that resetting the cache provokes no error
-> verifies only the absence of runtime errors since it is who RBC does
the heavy lifting, not the manager
"""
mgr = BeRbcManager.with_capacity(10)
# test it doesn't hurt to call this method even though nothing is to
# be done.
mgr.reset()
# conversion to CNF populates the hashes which are being reset so
# using this manager to perform cnf conversion makes sense if we want
# to test the reset works when it actually does something.
(Be.true(mgr) and Be.false(mgr)).to_cnf(Polarity.POSITIVE)
mgr.reset()
def test_reset(self):
"""
Verifies that resetting the cache provokes no error
-> verifies only the absence of runtime errors since it is who RBC does
the heavy lifting, not the manager
"""
mgr = BeRbcManager.with_capacity(10)
# test it doesn't hurt to call this method even though nothing is to
# be done.
mgr.reset()
# conversion to CNF populates the hashes which are being reset so
# using this manager to perform cnf conversion makes sense if we want
# to test the reset works when it actually does something.
(Be.true(mgr) and Be.false(mgr)).to_cnf(Polarity.POSITIVE)
mgr.reset()
def test_if_then_else(self):
true = Be.true(self._manager)
false = Be.false(self._manager)
with self.assertRaises(Exception):
Be.if_then_else(None, true, true, false)
# tautology
expr = Be.if_then_else(self._manager, true, true, false)
self.assertTrue(expr.is_true())
self.assertFalse(expr.is_false())
self.assertTrue(expr.is_constant())
# antilogy
expr = Be.if_then_else(self._manager, false, true, false)
self.assertFalse(expr.is_true())
self.assertTrue(expr.is_false())
self.assertTrue(expr.is_constant())
def test_if_then_else(self):
true = Be.true(self._manager)
false = Be.false(self._manager)
with self.assertRaises(Exception):
Be.if_then_else(None, true, true, false)
# tautology
expr = Be.if_then_else(self._manager, true, true, false)
self.assertTrue(expr.is_true())
self.assertFalse(expr.is_false())
self.assertTrue(expr.is_constant())
# antilogy
expr = Be.if_then_else(self._manager, false, true, false)
self.assertFalse(expr.is_true())
self.assertTrue(expr.is_false())
self.assertTrue(expr.is_constant())
def test_max_var_index(self):
# constant expr always have zero clauses zero vars
true = Be.true(self._manager)
false = Be.false(self._manager)
TF = true or false
TF_cnf = TF.to_cnf(Polarity.POSITIVE)
v = self._fsm.encoding.by_name['v'].boolean_expression
v_cnf = v.to_cnf(Polarity.POSITIVE)
self.assertEqual(0, TF_cnf.max_var_index)
self.assertEqual(5, v_cnf.max_var_index)
TF_cnf.max_var_index = 5
v_cnf.max_var_index = 6
self.assertEqual(5, TF_cnf.max_var_index)
self.assertEqual(6, v_cnf.max_var_index)
def test_iff(self):
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse(true.iff(false).is_true())
self.assertTrue(true.iff(false).is_false())
self.assertTrue(true.iff(false).is_constant())
self.assertFalse(false.iff(true).is_true())
self.assertTrue(false.iff(true).is_false())
self.assertTrue(false.iff(true).is_constant())
self.assertTrue(true.iff(true).is_true())
self.assertFalse(true.iff(true).is_false())
self.assertTrue(true.iff(true).is_constant())
self.assertTrue(false.iff(false).is_true())
self.assertFalse(false.iff(false).is_false())
self.assertTrue(false.iff(false).is_constant())
def test_print_stats(self):
# TODO: use another output file and verify the output automatically
with StdioFile.stdout() as out:
# constant expr always have zero clauses zero vars
true = Be.true(self._manager)
false = Be.false(self._manager)
TF = true or false
TF.to_cnf(Polarity.NOT_SET).print_stats(out, "T/F ? => ")
TF.to_cnf(Polarity.POSITIVE).print_stats(out, "T/F + => ")
TF.to_cnf(Polarity.NEGATIVE).print_stats(out, "T/F - => ")
# with variables
v = self._fsm.encoding.by_name['v'].boolean_expression
# when polarity is not set, 2 clauses are present
v.to_cnf(Polarity.NOT_SET).print_stats(out, "Vee ? => ")
# when polarity is positive there is one single clause
v.to_cnf(Polarity.POSITIVE).print_stats(out, "Vee + => ")
# when polarity is negative there is one single clause
v.to_cnf(Polarity.NEGATIVE).print_stats(out, "Vee - => ")
def test_formula_literal(self):
# constant expr always have zero clauses zero vars
true = Be.true(self._manager)
false = Be.false(self._manager)
TF = true or false
TF_cnf = TF.to_cnf(Polarity.POSITIVE)
v = self._fsm.encoding.by_name['v'].boolean_expression
v_cnf = v.to_cnf(Polarity.POSITIVE)
self.assertEqual((2**31 - 1), TF_cnf.formula_literal)
self.assertEqual(5, v_cnf.formula_literal)
# fiddling with the clause literal directly seems pretty risky
TF_cnf.formula_literal = 42
v_cnf.formula_literal = 42
self.assertEqual(42, TF_cnf.formula_literal)
self.assertEqual(42, v_cnf.formula_literal)
def test_vars_list(self):
# constant expr always have zero clauses zero vars
true = Be.true(self._manager)
false = Be.false(self._manager)
TF = true or false
self.assertEqual("Slist[]", str(TF.to_cnf(Polarity.NOT_SET).vars_list))
self.assertEqual("Slist[]",
str(TF.to_cnf(Polarity.POSITIVE).vars_list))
self.assertEqual("Slist[]",
str(TF.to_cnf(Polarity.NEGATIVE).vars_list))
# with variables
v = self._fsm.encoding.by_name['v'].boolean_expression
self.assertEqual("Slist[1]", str(v.to_cnf(Polarity.NOT_SET).vars_list))
self.assertEqual("Slist[1]",
str(v.to_cnf(Polarity.POSITIVE).vars_list))
self.assertEqual("Slist[1]",
str(v.to_cnf(Polarity.NEGATIVE).vars_list))
self.assertEqual(self._fsm.encoding.by_name['v'].index, 1)
def test_xor_(self):
# using the operator
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertTrue((true ^ false).is_true())
self.assertFalse((true ^ false).is_false())
self.assertTrue((true ^ false).is_constant())
self.assertTrue((false ^ true).is_true())
self.assertFalse((false ^ true).is_false())
self.assertTrue((false ^ true).is_constant())
self.assertFalse((true ^ true).is_true())
self.assertTrue((true ^ true).is_false())
self.assertTrue((true ^ true).is_constant())
self.assertFalse((false ^ false).is_true())
self.assertTrue((false ^ false).is_false())
self.assertTrue((false ^ false).is_constant())
def test_iff(self):
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertFalse(true.iff(false).is_true())
self.assertTrue( true.iff(false).is_false())
self.assertTrue( true.iff(false).is_constant())
self.assertFalse(false.iff(true).is_true())
self.assertTrue( false.iff(true).is_false())
self.assertTrue( false.iff(true).is_constant())
self.assertTrue( true.iff(true).is_true())
self.assertFalse(true.iff(true).is_false())
self.assertTrue( true.iff(true).is_constant())
self.assertTrue( false.iff(false).is_true())
self.assertFalse(false.iff(false).is_false())
self.assertTrue( false.iff(false).is_constant())
def test_xor_(self):
# using the operator
true = Be.true(self._manager)
false = Be.false(self._manager)
self.assertTrue((true ^ false).is_true())
self.assertFalse((true ^ false).is_false())
self.assertTrue((true ^ false).is_constant())
self.assertTrue((false ^ true).is_true())
self.assertFalse((false^ true).is_false())
self.assertTrue((false ^ true).is_constant())
self.assertFalse((true ^ true).is_true())
self.assertTrue((true ^ true).is_false())
self.assertTrue((true ^ true).is_constant())
self.assertFalse((false^ false).is_true())
self.assertTrue((false ^ false).is_false())
self.assertTrue((false ^ false).is_constant())
def model_problem(fsm, bound):
"""
Computes the unrolled transition relation [[M]]_{k}
.. note::
this is equivalent to :see:`pynusmv.bmc.utils.BmcModel.path(bound)`
:param fsm: the fsm whose transition relation must be unrolled
:param bound: the bound up to which the transition relation must be unrolled
:return: the unrolled transition relation of `fsm`
"""
enc = fsm.encoding
# initial state
init0 = enc.shift_to_time(fsm.init, 0)
# transition relation (unrolled k steps)
trans = Be.true(enc.manager)
for k in range(bound):
trans = trans & enc.shift_to_time(fsm.trans, k)
return init0 & trans
def test_apply_inlining(self):
load_from_string("""
MODULE main
VAR v : boolean;
ASSIGN init(v) := TRUE;
next(v) := !v;
""")
with BmcSupport():
mdl = bmcutils.BmcModel()
enc = mdl._fsm.encoding
mgr = enc.manager
v = enc.by_name['v'].boolean_expression
cond = v & v & v | v
self.assertEqual(v, bmcutils.apply_inlining(cond))
cond = v | -v
self.assertEqual(Be.true(mgr), bmcutils.apply_inlining(cond))
cond = v & -v
self.assertEqual(Be.false(mgr), bmcutils.apply_inlining(cond))
def constraint_same_observations(observable_vars, offset_path1, offset_path2, length):
"""
Generates a boolean expression stating that the observable state of both
paths should be the same (all input vars are equivalent).
:param observable_vars: the list of the boolean variables that are considered
visible in the scope of this diagnosability test
:param offset_path1: the offset at which path 1 is supposed to start (should be 0)
:param offset_path2: the offset at which path 2 is supposed to start (must not intersect with path1)
:param length: the length of the path
:return: an expression describing the fact that observations must be the
exact same along the two paths.
"""
fsm = master_be_fsm()
constraint = Be.true(fsm.encoding.manager)
for time_ in range(length + 1):
for v in observable_vars:
ep1 = v.at_time[time_ + offset_path1].boolean_expression
ep2 = v.at_time[time_ + offset_path2].boolean_expression
constraint &= ep1.iff(ep2)
return constraint
def constraint_same_observations(observable_vars, offset_path1, offset_path2, length):
"""
Generates a boolean expression stating that the observable state of both
paths should be the same (all input vars are equivalent).
:param observable_vars: the list of the boolean variables that are considered
visible in the scope of this diagnosability test
:param offset_path1: the offset at which path 1 is supposed to start (should be 0)
:param offset_path2: the offset at which path 2 is supposed to start (must not intersect with path1)
:param length: the length of the path
:return: an expression describing the fact that observations must be the
exact same along the two paths.
"""
fsm = master_be_fsm()
constraint = Be.true(fsm.encoding.manager)
for time_ in range(length+1):
for v in observable_vars:
ep1 = v.at_time[time_ + offset_path1].boolean_expression
ep2 = v.at_time[time_ + offset_path2].boolean_expression
constraint &= ep1.iff(ep2)
return constraint
def fairness_constraint(fsm, k, l):
"""
Computes a step of the constraint to be added to the loop side of the BE
when one wants to take fairness into account for the case where we consider
the existence of a k-l loop (between k and l obviously).
:param fsm: the fsm whose transition relation must be unrolled
:param k: the maximum (horizon/bound) time of the problem
:param l: the time where the loop starts
:return: a step of the fairness constraint to force fair execution on the
k-l loop.
"""
constraint = Be.true(fsm.encoding.manager)
# nothing to generate, stop
if k == 0:
return constraint
for fairness in fsm.fairness_iterator():
# just a shortcut for the loop to create
# \bigvee_{l}^{k-1} (fairness_{l})
constraint &= fsm.encoding.or_interval(fairness, l, k - 1)
return constraint
def test_weak_until_with_loop(self):
with tests.Configure(self, __file__, "/example.smv"):
enc = self.enc
mgr = enc.manager
i,k,l= 0,2,0
a = ast.Proposition("a")
b = ast.Proposition("b")
expr = ast.WeakUntil(a, b)
tool = expr.semantic_with_loop(enc, i,k,l)
manual = b.semantic_with_loop(enc, i, k, l) | \
(a.semantic_with_loop(enc, i, k, l) & \
(b.semantic_with_loop(enc, i+1, k, l) | \
a.semantic_with_loop(enc, i+1, k, l) & Be.true(mgr)
)
)
# normalized string representation of the BE's (make them comparable)
s_tool = tests.canonical_cnf(tool)
s_manual= tests.canonical_cnf(manual)
self.assertEqual(s_tool, s_manual)
def _semantic(time, cnt):
if cnt == k:
return Be.true(enc.manager)
now = self.prop.semantic_with_loop(enc, time, k, l)
return now & _semantic(successor(time, k, l), cnt + 1)
def test_not(self):
expr = Be.true(self._manager)
self.assertFalse(expr.not_().is_true())
self.assertTrue(expr.not_().is_false())
self.assertTrue(expr.not_().is_constant())
def test_invert_(self):
expr = Be.true(self._manager)
self.assertFalse((~expr).is_true())
self.assertTrue((~expr).is_false())
self.assertTrue((~expr).is_constant())
def manual_unrolling(j, bound):
trans = Be.true(self.enc.manager)
for k in range(j, bound):
trans = trans & self.enc.shift_to_time(self.fsm.trans, k)
return trans
