def action_update(self,domain,pvars):
type_check(domain,self.args[0])
# print type(self.args[0])
ca = checked_assert.get()
if ca:
if ca != self.lineno:
return ([],formula_to_clauses(self.args[0]),false_clauses())
cl = formula_to_clauses(dual_formula(self.args[0]))
# return ([],formula_to_clauses_tseitin(self.args[0]),cl)
return ([],true_clauses(),cl)
def action_update(self, domain, pvars):
type_check(domain, self.args[0])
check_can_assert(self.args[0], self)
# print type(self.args[0])
if iu.new_assert_impl.get():
return assert_action(self.args[0])
else:
cl = formula_to_clauses(dual_formula(self.args[0]))
return SemActionValue([], true_clauses(), cl)
def conjs(self):
# This returns the list of conjectures as Clauses, without labels
res = []
for c in self.labeled_conjs:
fmla = c.formula
clauses = lu.formula_to_clauses(fmla)
clauses.lineno = c.lineno
res.append(clauses)
return res
def action_update(self,domain,pvars):
type_check(domain,self.args[0])
check_can_assert(self.args[0],self)
# print type(self.args[0])
if iu.new_assert_impl.get():
return assert_action(self.args[0])
else:
cl = formula_to_clauses(dual_formula(self.args[0]))
return SemActionValue([],true_clauses(),cl)
def match(self, action):
""" if action matches pattern, return the axioms, else None """
## print "match: %s %s" % (self,action)
subst = dict()
if self.pattern.match(action, self.placeholders.args, subst):
# print "match: {}".format(subst)
axioms_as_clause_sets = (formula_to_clauses(x) for x in (Not(self.precond), self.transrel))
return (subst_both_clauses(x, subst) for x in axioms_as_clause_sets)
return None
def conjs(self):
# This returns the list of conjectures as Clauses, without labels
res = []
for c in self.labeled_conjs:
fmla = c.formula
clauses = lu.formula_to_clauses(fmla)
clauses.lineno = c.lineno
res.append(clauses)
return res
def match(self,action):
""" if action matches pattern, return the axioms, else None """
## print "match: %s %s" % (self,action)
subst = dict()
if self.pattern.match(action,self.placeholders.args,subst):
# print "match: {}".format(subst)
axioms_as_clause_sets = (formula_to_clauses(x) for x in (Not(self.precond),self.transrel))
return (subst_both_clauses(x,subst) for x in axioms_as_clause_sets)
return None
def get_instance(self, params, to_clauses=True):
defn = self.defn
if len(params) != len(defn.args[0].args):
raise IndexError
subst = dict((x.rep, y.rep) for x, y in zip(defn.args[0].args, params))
ast = ivy_ast.ast_rewrite(defn.args[1], ivy_ast.AstRewriteSubstPrefix(subst, None))
# print "get_instance ast = {}".format(ast)
fmla = ast.compile_with_sort_inference()
# print "get_instance fmla = {}".format(fmla)
return formula_to_clauses(fmla) if to_clauses else fmla
def get_instance(self,params,to_clauses=True):
defn = self.defn
if len(params) != len(defn.args[0].args):
raise IndexError
subst = dict((x.rep,y.rep) for x,y in zip(defn.args[0].args,params))
ast = ivy_ast.ast_rewrite(defn.args[1],ivy_ast.AstRewriteSubstPrefix(subst,None))
# print "get_instance ast = {}".format(ast)
fmla = ast.compile_with_sort_inference()
# print "get_instance fmla = {}".format(fmla)
return formula_to_clauses(fmla) if to_clauses else fmla
def __init__(self, conj, report_pass=True, invert=True):
self.fc = lut.formula_to_clauses(conj)
if invert:
def witness(v):
return lg.Symbol('@' + v.name, v.sort)
self.fc = lut.dual_clauses(self.fc, witness)
self.report_pass = report_pass
self.failed = False
def action_update(self,domain,pvars):
lit = self.args[0]
n = lit.atom.relname
new_n = new(n)
args = lit.atom.args
vs = sym_placeholders(n)
eqs = [Atom(equals,[v,a]) for (v,a) in zip(vs,args) if not isinstance(a,Variable)]
new_clauses = And(*([Or(sign(lit.polarity,Atom(new_n,vs)),sign(1-lit.polarity,Atom(n,vs))),
sign(lit.polarity,Atom(new_n,args))] +
[Or(*([sign(0,Atom(new_n,vs)),sign(1,Atom(n,vs))] + [eq])) for eq in eqs] +
[Or(*([sign(1,Atom(new_n,vs)),sign(0,Atom(n,vs))] + [eq])) for eq in eqs]))
new_clauses = formula_to_clauses(new_clauses)
return ([n], new_clauses, false_clauses())
def action_update(self,domain,pvars):
lit = self.args[0]
n = lit.atom.relname
new_n = new(n)
args = lit.atom.args
vs = sym_placeholders(n)
eqs = [Atom(equals,[v,a]) for (v,a) in zip(vs,args) if not isinstance(a,Variable)]
new_clauses = And(*([Or(sign(lit.polarity,Atom(new_n,vs)),sign(1-lit.polarity,Atom(n,vs))),
sign(lit.polarity,Atom(new_n,args))] +
[Or(*([sign(0,Atom(new_n,vs)),sign(1,Atom(n,vs))] + [eq])) for eq in eqs] +
[Or(*([sign(1,Atom(new_n,vs)),sign(0,Atom(n,vs))] + [eq])) for eq in eqs]))
new_clauses = formula_to_clauses(new_clauses)
return ([n], new_clauses, false_clauses())
def action_update(self,domain,pvars):
lhs = self.args[0]
n = lhs.rep
new_n = new(n)
args = lhs.args
vs = [Variable("X%d" % i,s) for i,s in enumerate(n.sort.dom)]
eqs = [eq_atom(v,a) for (v,a) in zip(vs,args) if not isinstance(a,Variable)]
if is_atom(lhs):
clauses = And(*([Or(Not(Atom(new_n,vs)),Atom(n,vs),eq) for eq in eqs] +
[Or(Atom(new_n,vs),Not(Atom(n,vs)),eq) for eq in eqs]))
elif is_individual_ast(lhs.rep):
clauses = And(*[Or(eq_atom(type(lhs)(new_n,vs),type(lhs)(n,vs)),eq) for eq in eqs])
else: # TODO: ???
clauses = And()
clauses = formula_to_clauses(clauses)
return ([n], clauses, false_clauses())
def action_update(self,domain,pvars):
lhs = type_ast(domain,self.args[0])
n = lhs.rep
new_n = new(n)
args = lhs.args
vs = [Variable("X%d" % i,s) for i,s in enumerate(n.sort.dom)]
eqs = [eq_atom(v,a) for (v,a) in zip(vs,args) if not isinstance(a,Variable)]
if is_atom(lhs):
clauses = And(*([Or(Not(Atom(new_n,vs)),Atom(n,vs),eq) for eq in eqs] +
[Or(Atom(new_n,vs),Not(Atom(n,vs)),eq) for eq in eqs]))
elif is_individual_ast(lhs.rep):
clauses = And(*[Or(eq_atom(type(lhs)(new_n,vs),type(lhs)(n,vs)),eq) for eq in eqs])
else: # TODO: ???
clauses = And()
clauses = formula_to_clauses(clauses)
return ([n], clauses, false_clauses())
def analyze_state_rec(ag,state):
if hasattr(state,'id'):
return # state already visited
if hasattr(state,'pred') and state.pred:
analyze_state_rec(ag,state.pred)
ag.add(state)
ag.transitions.append((state.pred,state.action,state.action_name,state))
elif hasattr(state,'join_of'):
for x in state.join_of: analyze_state_rec(ag,x)
ag.add(state)
for x in state.join_of:
ag.transitions.append((x,None,'join',state))
else:
if not isinstance(state.clauses,list):
state.clauses = lut.formula_to_clauses(state.clauses)
ag.add(state)
def check_fcs_in_state(mod, ag, post, fcs):
# iu.dbg('"foo"')
history = ag.get_history(post)
# iu.dbg('history.actions')
gmc = lambda cls, final_cond: itr.small_model_clauses(
cls, final_cond, shrink=diagnose.get())
axioms = im.module.background_theory()
if opt_trace.get() or diagnose.get():
clauses = history.post
clauses = lut.and_clauses(clauses, axioms)
ffcs = filter_fcs(fcs)
model = itr.small_model_clauses(clauses, ffcs, shrink=True)
if model is not None:
# iu.dbg('history.actions')
failed = [c for c in ffcs if c.failed]
mclauses = lut.and_clauses(*([clauses] +
[c.cond() for c in failed]))
vocab = lut.used_symbols_clauses(mclauses)
# handler = MatchHandler(mclauses,model,vocab) if opt_trace.get() else ivy_trace.Trace(mclauses,model,vocab)
handler = ivy_trace.Trace(mclauses, model, vocab)
thing = failed[-1].get_annot()
if thing is None:
assert all(x is not None for x in history.actions)
# work around a bug in ivy_interp
actions = [
im.module.actions[a] if isinstance(a, str) else a
for a in history.actions
]
action = act.Sequence(*actions)
annot = clauses.annot
else:
action, annot = thing
act.match_annotation(action, annot, handler)
handler.end()
ff = failed[0]
handler.is_cti = (lut.formula_to_clauses(ff.lf.formula)
if isinstance(ff, ConjChecker) else None)
if not opt_trace.get():
gui_art(handler)
else:
print str(handler)
exit(0)
else:
res = history.satisfy(axioms, gmc, filter_fcs(fcs))
if res is not None and diagnose.get():
show_counterexample(ag, post, res)
return not any(fc.failed for fc in fcs)
def analyze_state_rec(ag, state):
if hasattr(state, 'id'):
return # state already visited
if hasattr(state, 'pred') and state.pred:
analyze_state_rec(ag, state.pred)
ag.add(state)
ag.transitions.append(
(state.pred, state.action, state.action_name, state))
elif hasattr(state, 'join_of'):
for x in state.join_of:
analyze_state_rec(ag, x)
ag.add(state)
for x in state.join_of:
ag.transitions.append((x, None, 'join', state))
else:
if not isinstance(state.clauses, list):
state.clauses = lut.formula_to_clauses(state.clauses)
ag.add(state)
def action_update(self, domain, pvars):
type_check(domain, self.args[0])
# print type(self.args[0])
cl = formula_to_clauses(dual_formula(self.args[0]))
return ([], true_clauses(), cl)
def constrain_state(upd, fmla):
assert isinstance(upd, SemStateValue)
return SemStateValue(upd.modset,
and_clauses(upd.trans, formula_to_clauses(fmla)),
upd.fail)
def constrain_state(upd, fmla):
return (upd[0], and_clauses(upd[1], formula_to_clauses(fmla)), upd[2])
def clausify(f):
return f if isinstance(f, Clauses) else formula_to_clauses(f)
def isolate_component(mod,isolate_name):
if isolate_name not in mod.isolates:
raise iu.IvyError(None,"undefined isolate: {}".format(isolate_name))
isolate = mod.isolates[isolate_name]
verified = set(a.relname for a in isolate.verified())
present = set(a.relname for a in isolate.present())
present.update(verified)
if not interpret_all_sorts:
for type_name in list(ivy_logic.sig.interp):
if not startswith_eq_some(type_name,present):
del ivy_logic.sig.interp[type_name]
delegates = set(s.delegated() for s in mod.delegates if not s.delegee())
delegated_to = dict((s.delegated(),s.delegee()) for s in mod.delegates if s.delegee())
derived = set(df.args[0].func.name for df in mod.concepts)
for name in present:
if (name not in mod.hierarchy
and name not in ivy_logic.sig.sorts
and name not in derived
and name not in ivy_logic.sig.interp):
raise iu.IvyError(None,"{} is not a module instance, sort, definition, or interpreted function".format(name))
new_actions = {}
use_mixin = lambda name: startswith_some(name,present)
mod_mixin = lambda m: m if startswith_some(name,verified) else m.prefix_calls('ext:')
all_mixins = lambda m: True
no_mixins = lambda m: False
after_mixins = lambda m: isinstance(m,ivy_ast.MixinAfterDef)
before_mixins = lambda m: isinstance(m,ivy_ast.MixinBeforeDef)
delegated_to_verified = lambda n: n in delegated_to and startswith_eq_some(delegated_to[n],verified)
ext_assumes = lambda m: before_mixins(m) and not delegated_to_verified(m.mixer())
for actname,action in mod.actions.iteritems():
ver = startswith_some(actname,verified)
pre = startswith_some(actname,present)
if pre:
if not ver:
assert hasattr(action,'lineno')
assert hasattr(action,'formal_params'), action
ext_action = action.assert_to_assume().prefix_calls('ext:')
assert hasattr(ext_action,'lineno')
assert hasattr(ext_action,'formal_params'), ext_action
if actname in delegates:
int_action = action.prefix_calls('ext:')
assert hasattr(int_action,'lineno')
assert hasattr(int_action,'formal_params'), int_action
else:
int_action = ext_action
assert hasattr(int_action,'lineno')
assert hasattr(int_action,'formal_params'), int_action
else:
int_action = ext_action = action
assert hasattr(int_action,'lineno')
assert hasattr(int_action,'formal_params'), int_action
# internal version of the action has mixins checked
new_actions[actname] = add_mixins(mod,actname,int_action,no_mixins,use_mixin,lambda m:m)
# external version of the action assumes mixins are ok, unless they
# are delegated to a currently verified object
new_action = add_mixins(mod,actname,ext_action,ext_assumes,use_mixin,mod_mixin)
new_actions['ext:'+actname] = new_action
# TODO: external version is public if action public *or* called from opaque
# public_actions.add('ext:'+actname)
else:
# TODO: here must check that summarized action does not
# have a call dependency on the isolated module
action = summarize_action(action)
new_actions[actname] = add_mixins(mod,actname,action,after_mixins,use_mixin,mod_mixin)
new_actions['ext:'+actname] = add_mixins(mod,actname,action,all_mixins,use_mixin,mod_mixin)
# figure out what is exported:
exported = set()
for e in mod.exports:
if not e.scope() and startswith_some(e.exported(),present): # global scope
exported.add('ext:' + e.exported())
for actname,action in mod.actions.iteritems():
if not startswith_some(actname,present):
for c in action.iter_calls():
if startswith_some(c,present):
exported.add('ext:' + c)
# print "exported: {}".format(exported)
# We allow objects to reference any symbols in global scope, and
# we keep axioms declared in global scope. Because of the way
# thigs are named, this gives a different condition for keeping
# symbols and axioms (in particular, axioms in global scope have
# label None). Maybe this needs to be cleaned up.
keep_sym = lambda name: (iu.ivy_compose_character not in name
or startswith_eq_some(name,present))
keep_ax = lambda name: (name is None or startswith_eq_some(name.rep,present))
# filter the conjectures
new_conjs = [c for c in mod.labeled_conjs if keep_ax(c.label)]
del mod.labeled_conjs[:]
mod.labeled_conjs.extend(new_conjs)
# filter the signature
# TODO: need a better way to filter signature
# new_syms = set(s for s in mod.sig.symbols if keep_sym(s))
# for s in list(mod.sig.symbols):
# if s not in new_syms:
# del mod.sig.symbols[s]
# filter the inits
new_inits = [c for c in mod.labeled_inits if keep_ax(c.label)]
del mod.labeled_inits[:]
mod.labeled_inits.extend(new_inits)
init_cond = ivy_logic.And(*(lf.formula for lf in new_inits))
im.module.init_cond = lu.formula_to_clauses(init_cond)
# filter the axioms
mod.labeled_axioms = [a for a in mod.labeled_axioms if keep_ax(a.label)]
# filter definitions
mod.concepts = [c for c in mod.concepts if startswith_eq_some(c.args[0].func.name,present)]
mod.public_actions.clear()
mod.public_actions.update(exported)
mod.actions.clear()
mod.actions.update(new_actions)
def clauses_imply_formula_cex(clauses, fmla):
if clauses_imply_formula(clauses, fmla):
return True
return CounterExample(
conjoin(clauses, negate_clauses(formula_to_clauses(fmla))))
def constrain_state(upd,fmla):
assert isinstance(upd,SemStateValue)
return SemStateValue(upd.modset,and_clauses(upd.trans,formula_to_clauses(fmla)),upd.fail)
def constrain_state(upd,fmla):
return (upd[0],and_clauses(upd[1],formula_to_clauses(fmla)),upd[2])
def clausify(f):
return f if isinstance(f,Clauses) else formula_to_clauses(f)
def __init__(self,conj,report_pass=True,invert=True):
self.fc = lut.formula_to_clauses(conj)
if invert:
self.fc = lut.dual_clauses(self.fc)
self.report_pass = report_pass
self.failed = False
def isolate_component(mod, isolate_name, extra_with=[], extra_strip=None):
if isolate_name not in mod.isolates:
raise iu.IvyError(None, "undefined isolate: {}".format(isolate_name))
isolate = mod.isolates[isolate_name]
verified = set(a.relname for a in (isolate.verified() + tuple(extra_with)))
present = set(a.relname for a in isolate.present())
present.update(verified)
if not interpret_all_sorts:
for type_name in list(ivy_logic.sig.interp):
if not (type_name in present or any(
startswith_eq_some(itp.label.rep, present, mod)
for itp in mod.interps[type_name] if itp.label)):
del ivy_logic.sig.interp[type_name]
delegates = set(s.delegated() for s in mod.delegates if not s.delegee())
delegated_to = dict(
(s.delegated(), s.delegee()) for s in mod.delegates if s.delegee())
derived = set(df.args[0].func.name for df in mod.concepts)
for name in present:
if (name not in mod.hierarchy and name not in ivy_logic.sig.sorts
and name not in derived and name not in ivy_logic.sig.interp
and name not in mod.actions
and name not in ivy_logic.sig.symbols):
raise iu.IvyError(
None,
"{} is not an object, action, sort, definition, or interpreted function"
.format(name))
impl_mixins = defaultdict(list)
# delegate all the stub actions to their implementations
global implementation_map
implementation_map = {}
for actname, ms in mod.mixins.iteritems():
implements = [
m for m in ms if isinstance(m, ivy_ast.MixinImplementDef)
]
impl_mixins[actname].extend(implements)
before_after = [
m for m in ms if not isinstance(m, ivy_ast.MixinImplementDef)
]
del ms[:]
ms.extend(before_after)
for m in implements:
for foo in (m.mixee(), m.mixer()):
if foo not in mod.actions:
raise IvyError(m, 'action {} not defined'.format(foo))
action = mod.actions[m.mixee()]
if not (isinstance(action, ia.Sequence) and len(action.args) == 0):
raise IvyError(
m,
'multiple implementations of action {}'.format(m.mixee()))
action = ia.apply_mixin(m, mod.actions[m.mixer()], action)
mod.actions[m.mixee()] = action
implementation_map[m.mixee()] = m.mixer()
new_actions = {}
use_mixin = lambda name: startswith_some(name, present, mod)
mod_mixin = lambda m: m if startswith_some(name, verified, mod
) else m.prefix_calls('ext:')
all_mixins = lambda m: True
no_mixins = lambda m: False
after_mixins = lambda m: isinstance(m, ivy_ast.MixinAfterDef)
before_mixins = lambda m: isinstance(m, ivy_ast.MixinBeforeDef)
delegated_to_verified = lambda n: n in delegated_to and startswith_eq_some(
delegated_to[n], verified, mod)
ext_assumes = lambda m: before_mixins(m) and not delegated_to_verified(
m.mixer())
int_assumes = lambda m: after_mixins(m) and not delegated_to_verified(
m.mixer())
ext_assumes_no_ver = lambda m: not delegated_to_verified(m.mixer())
summarized_actions = set()
for actname, action in mod.actions.iteritems():
ver = startswith_eq_some(actname, verified, mod)
pre = startswith_eq_some(actname, present, mod)
if pre:
if not ver:
assert hasattr(action, 'lineno')
assert hasattr(action, 'formal_params'), action
ext_action = action.assert_to_assume().prefix_calls('ext:')
assert hasattr(ext_action, 'lineno')
assert hasattr(ext_action, 'formal_params'), ext_action
if actname in delegates:
int_action = action.prefix_calls('ext:')
assert hasattr(int_action, 'lineno')
assert hasattr(int_action, 'formal_params'), int_action
else:
int_action = ext_action
assert hasattr(int_action, 'lineno')
assert hasattr(int_action, 'formal_params'), int_action
else:
int_action = ext_action = action
assert hasattr(int_action, 'lineno')
assert hasattr(int_action, 'formal_params'), int_action
# internal version of the action has mixins checked
ea = no_mixins if ver else int_assumes
new_actions[actname] = add_mixins(mod, actname, int_action, ea,
use_mixin, lambda m: m)
# external version of the action assumes mixins are ok, unless they
# are delegated to a currently verified object
ea = ext_assumes if ver else ext_assumes_no_ver
new_action = add_mixins(mod, actname, ext_action, ea, use_mixin,
mod_mixin)
new_actions['ext:' + actname] = new_action
# TODO: external version is public if action public *or* called from opaque
# public_actions.add('ext:'+actname)
else:
# TODO: here must check that summarized action does not
# have a call dependency on the isolated module
summarized_actions.add(actname)
action = summarize_action(action)
new_actions[actname] = add_mixins(mod, actname, action,
after_mixins, use_mixin,
mod_mixin)
new_actions['ext:' + actname] = add_mixins(mod, actname, action,
all_mixins, use_mixin,
mod_mixin)
# figure out what is exported:
exported = set()
for e in mod.exports:
if not e.scope() and startswith_eq_some(e.exported(), present,
mod): # global scope
exported.add('ext:' + e.exported())
for actname, action in mod.actions.iteritems():
if not startswith_some(actname, present, mod):
for c in action.iter_calls():
if (startswith_some(c, present, mod) or any(
startswith_some(m.mixer(), present, mod)
for m in mod.mixins[c])):
exported.add('ext:' + c)
# print "exported: {}".format(exported)
# We allow objects to reference any symbols in global scope, and
# we keep axioms declared in global scope. Because of the way
# thigs are named, this gives a different condition for keeping
# symbols and axioms (in particular, axioms in global scope have
# label None). Maybe this needs to be cleaned up.
keep_sym = lambda name: (iu.ivy_compose_character not in name or
startswith_eq_some(name, present))
keep_ax = lambda name: (name is None or startswith_eq_some(
name.rep, present, mod))
check_pr = lambda name: (name is None or startswith_eq_some(
name.rep, verified, mod))
prop_deps = get_prop_dependencies(mod)
# filter the conjectures
new_conjs = [c for c in mod.labeled_conjs if keep_ax(c.label)]
del mod.labeled_conjs[:]
mod.labeled_conjs.extend(new_conjs)
# filter the inits
new_inits = [c for c in mod.labeled_inits if keep_ax(c.label)]
del mod.labeled_inits[:]
mod.labeled_inits.extend(new_inits)
# filter the axioms
dropped_axioms = [a for a in mod.labeled_axioms if not keep_ax(a.label)]
mod.labeled_axioms = [a for a in mod.labeled_axioms if keep_ax(a.label)]
mod.labeled_props = [a for a in mod.labeled_props if keep_ax(a.label)]
# convert the properties not being verified to axioms
mod.labeled_axioms.extend(
[a for a in mod.labeled_props if not check_pr(a.label)])
mod.labeled_props = [a for a in mod.labeled_props if check_pr(a.label)]
# filter definitions
mod.concepts = [
c for c in mod.concepts
if startswith_eq_some(c.args[0].func.name, present, mod)
]
# filter the signature
# keep only the symbols referenced in the remaining
# formulas
asts = []
for x in [
mod.labeled_axioms, mod.labeled_props, mod.labeled_inits,
mod.labeled_conjs
]:
asts += [y.formula for y in x]
asts += mod.concepts
asts += [action for action in new_actions.values()]
sym_names = set(x.name for x in lu.used_symbols_asts(asts))
if filter_symbols.get() or cone_of_influence.get():
old_syms = list(mod.sig.symbols)
for sym in old_syms:
if sym not in sym_names:
del mod.sig.symbols[sym]
# check that any dropped axioms do not refer to the isolate's signature
# and any properties have dependencies present
def pname(s):
return s.label if s.label else ""
if enforce_axioms.get():
for a in dropped_axioms:
for x in lu.used_symbols_ast(a.formula):
if x.name in sym_names:
raise iu.IvyError(
a, "relevant axiom {} not enforced".format(pname(a)))
for actname, action in mod.actions.iteritems():
if startswith_eq_some(actname, present, mod):
for c in action.iter_calls():
called = mod.actions[c]
if not startswith_eq_some(c, present, mod):
if not (type(called) == ia.Sequence
and not called.args):
raise iu.IvyError(
None,
"No implementation for action {}".format(c))
for p, ds in prop_deps:
for d in ds:
if not startswith_eq_some(d, present, mod):
raise iu.IvyError(
p,
"property {} depends on abstracted object {}".format(
pname(p), d))
# for x,y in new_actions.iteritems():
# print iu.pretty(ia.action_def_to_str(x,y))
# check for interference
# iu.dbg('list(summarized_actions)')
check_interference(mod, new_actions, summarized_actions)
# After checking, we can put in place the new action definitions
mod.public_actions.clear()
mod.public_actions.update(exported)
mod.actions.clear()
mod.actions.update(new_actions)
# TODO: need a better way to filter signature
# new_syms = set(s for s in mod.sig.symbols if keep_sym(s))
# for s in list(mod.sig.symbols):
# if s not in new_syms:
# del mod.sig.symbols[s]
# strip the isolate parameters
strip_isolate(mod, isolate, impl_mixins, extra_strip)
# collect the initial condition
init_cond = ivy_logic.And(*(lf.formula for lf in mod.labeled_inits))
mod.init_cond = lu.formula_to_clauses(init_cond)
def action_update(self, domain, pvars):
type_check(domain, self.args[0])
# print type(self.args[0])
cl = formula_to_clauses(dual_formula(self.args[0]))
return ([], true_clauses(), cl)
def clauses_imply_formula_cex(clauses,fmla):
if clauses_imply_formula(clauses,fmla):
return True
return CounterExample(conjoin(clauses,negate_clauses(formula_to_clauses(fmla))))
def isolate_component(mod,isolate_name):
if isolate_name not in mod.isolates:
raise iu.IvyError(None,"undefined isolate: {}".format(isolate_name))
isolate = mod.isolates[isolate_name]
verified = set(a.relname for a in isolate.verified())
present = set(a.relname for a in isolate.present())
present.update(verified)
if not interpret_all_sorts:
for type_name in list(ivy_logic.sig.interp):
if not startswith_eq_some(type_name,present):
del ivy_logic.sig.interp[type_name]
delegates = set(s.delegated() for s in mod.delegates if not s.delegee())
delegated_to = dict((s.delegated(),s.delegee()) for s in mod.delegates if s.delegee())
derived = set(df.args[0].func.name for df in mod.concepts)
for name in present:
if (name not in mod.hierarchy
and name not in ivy_logic.sig.sorts
and name not in derived
and name not in ivy_logic.sig.interp):
raise iu.IvyError(None,"{} is not a module instance, sort, definition, or interpreted function".format(name))
new_actions = {}
use_mixin = lambda name: startswith_some(name,present)
mod_mixin = lambda m: m if startswith_some(name,verified) else m.prefix_calls('ext:')
all_mixins = lambda m: True
no_mixins = lambda m: False
after_mixins = lambda m: isinstance(m,ivy_ast.MixinAfterDef)
before_mixins = lambda m: isinstance(m,ivy_ast.MixinBeforeDef)
delegated_to_verified = lambda n: n in delegated_to and startswith_eq_some(delegated_to[n],verified)
ext_assumes = lambda m: before_mixins(m) and not delegated_to_verified(m.mixer())
for actname,action in mod.actions.iteritems():
ver = startswith_some(actname,verified)
pre = startswith_some(actname,present)
if pre:
if not ver:
assert hasattr(action,'lineno')
assert hasattr(action,'formal_params'), action
ext_action = action.assert_to_assume().prefix_calls('ext:')
assert hasattr(ext_action,'lineno')
assert hasattr(ext_action,'formal_params'), ext_action
if actname in delegates:
int_action = action.prefix_calls('ext:')
assert hasattr(int_action,'lineno')
assert hasattr(int_action,'formal_params'), int_action
else:
int_action = ext_action
assert hasattr(int_action,'lineno')
assert hasattr(int_action,'formal_params'), int_action
else:
int_action = ext_action = action
assert hasattr(int_action,'lineno')
assert hasattr(int_action,'formal_params'), int_action
# internal version of the action has mixins checked
new_actions[actname] = add_mixins(mod,actname,int_action,no_mixins,use_mixin,lambda m:m)
# external version of the action assumes mixins are ok, unless they
# are delegated to a currently verified object
new_action = add_mixins(mod,actname,ext_action,ext_assumes,use_mixin,mod_mixin)
new_actions['ext:'+actname] = new_action
# TODO: external version is public if action public *or* called from opaque
# public_actions.add('ext:'+actname)
else:
# TODO: here must check that summarized action does not
# have a call dependency on the isolated module
action = summarize_action(action)
new_actions[actname] = add_mixins(mod,actname,action,after_mixins,use_mixin,mod_mixin)
new_actions['ext:'+actname] = add_mixins(mod,actname,action,all_mixins,use_mixin,mod_mixin)
# figure out what is exported:
exported = set()
for e in mod.exports:
if not e.scope() and startswith_some(e.exported(),present): # global scope
exported.add('ext:' + e.exported())
for actname,action in mod.actions.iteritems():
if not startswith_some(actname,present):
for c in action.iter_calls():
if startswith_some(c,present):
exported.add('ext:' + c)
# print "exported: {}".format(exported)
# We allow objects to reference any symbols in global scope, and
# we keep axioms declared in global scope. Because of the way
# thigs are named, this gives a different condition for keeping
# symbols and axioms (in particular, axioms in global scope have
# label None). Maybe this needs to be cleaned up.
keep_sym = lambda name: (iu.ivy_compose_character not in name
or startswith_eq_some(name,present))
keep_ax = lambda name: (name is None or startswith_eq_some(name.rep,present))
# filter the conjectures
new_conjs = [c for c in mod.labeled_conjs if keep_ax(c.label)]
del mod.labeled_conjs[:]
mod.labeled_conjs.extend(new_conjs)
# filter the signature
# TODO: need a better way to filter signature
# new_syms = set(s for s in mod.sig.symbols if keep_sym(s))
# for s in list(mod.sig.symbols):
# if s not in new_syms:
# del mod.sig.symbols[s]
# filter the inits
new_inits = [c for c in mod.labeled_inits if keep_ax(c.label)]
del mod.labeled_inits[:]
mod.labeled_inits.extend(new_inits)
init_cond = ivy_logic.And(*(lf.formula for lf in new_inits))
im.module.init_cond = lu.formula_to_clauses(init_cond)
# filter the axioms
mod.labeled_axioms = [a for a in mod.labeled_axioms if keep_ax(a.label)]
# filter definitions
mod.concepts = [c for c in mod.concepts if keep_ax(c.args[0].func.name)]
mod.public_actions.clear()
mod.public_actions.update(exported)
mod.actions.clear()
mod.actions.update(new_actions)
def __init__(self,conj,report_pass=True):
self.fc = lut.dual_clauses(lut.formula_to_clauses(conj))
self.report_pass = report_pass
