Commit 41c6e3b6 authored by Asma Tafat-Bouzid's avatar Asma Tafat-Bouzid
Browse files

update blocking semantics3

parent 9d44ae57
......@@ -709,9 +709,9 @@ predicate stmt_writes (s:stmt) (w:Set.set mident) =
lemma distrib_conj:
forall sigma:env, pi:stack, s:stmt, p q:fmla.
eval_fmla sigma pi (wp s (Fand p q)) <->
(eval_fmla sigma pi (wp s p)) /\
(eval_fmla sigma pi (wp s q))
(eval_fmla sigma pi (wp s p)) /\
(eval_fmla sigma pi (wp s q)) ->
eval_fmla sigma pi (wp s (Fand p q))
(*
lemma monotonicity:
......
......@@ -499,7 +499,7 @@ Inductive one_step : (map mident value) -> (list (ident* value)%type) -> stmt
value)%type)) (cond:term) (inv:fmla) (body:stmt), (eval_fmla sigma pi
inv) -> (((eval_term sigma pi cond) = (Vbool true)) -> (one_step sigma
pi (Swhile cond inv body) sigma pi (Sseq body (Swhile cond inv body))))
| one_step_while_falsee : forall (sigma:(map mident value)) (pi:(list
| one_step_while_false : forall (sigma:(map mident value)) (pi:(list
(ident* value)%type)) (cond:term) (inv:fmla) (body:stmt),
(eval_fmla sigma pi inv) -> (((eval_term sigma pi
cond) = (Vbool false)) -> (one_step sigma pi (Swhile cond inv body)
......@@ -665,6 +665,10 @@ Axiom fresh_from_stmt : forall (s:stmt) (f:fmla),
Parameter abstract_effects: stmt -> fmla -> fmla.
Axiom abstract_effects_generalize : forall (sigma:(map mident value))
(pi:(list (ident* value)%type)) (s:stmt) (f:fmla), (eval_fmla sigma pi
(abstract_effects s f)) -> (eval_fmla sigma pi f).
(* Why3 assumption *)
Fixpoint wp(s:stmt) (q:fmla) {struct s}: fmla :=
match s with
......@@ -680,13 +684,15 @@ Fixpoint wp(s:stmt) (q:fmla) {struct s}: fmla :=
(Fimplies (Fand (Fnot (Fterm cond)) inv) q))))
end.
Axiom abstract_effects_writes : forall (sigma:(map mident value)) (pi:(list
(ident* value)%type)) (s:stmt) (q:fmla), (eval_fmla sigma pi
(abstract_effects s q)) -> (eval_fmla sigma pi (wp s (abstract_effects s
q))).
Axiom distrib_conj : forall (sigma:(map mident value)) (pi:(list (ident*
value)%type)) (s:stmt) (p:fmla) (q:fmla), (eval_fmla sigma pi (wp s (Fand p
q))) <-> ((eval_fmla sigma pi (wp s p)) /\ (eval_fmla sigma pi (wp s q))).
Axiom monotonicity : forall (s:stmt) (p:fmla) (q:fmla),
(valid_fmla (Fimplies p q)) -> (valid_fmla (Fimplies (wp s p) (wp s q))).
Axiom wp_reduction : forall (sigma:(map mident value)) (sigma':(map mident
value)) (pi:(list (ident* value)%type)) (pi':(list (ident* value)%type))
(s:stmt) (s':stmt), (one_step sigma pi s sigma' pi' s') -> forall (q:fmla),
......
......@@ -690,8 +690,8 @@ Axiom abstract_effects_writes : forall (sigma:(map mident value)) (pi:(list
q))).
Axiom distrib_conj : forall (sigma:(map mident value)) (pi:(list (ident*
value)%type)) (s:stmt) (p:fmla) (q:fmla), (eval_fmla sigma pi (wp s (Fand p
q))) <-> ((eval_fmla sigma pi (wp s p)) /\ (eval_fmla sigma pi (wp s q))).
value)%type)) (s:stmt) (p:fmla) (q:fmla), ((eval_fmla sigma pi (wp s p)) /\
(eval_fmla sigma pi (wp s q))) -> (eval_fmla sigma pi (wp s (Fand p q))).
(* Why3 goal *)
Theorem wp_reduction : forall (sigma:(map mident value)) (sigma':(map mident
......@@ -735,7 +735,7 @@ intuition.
simpl.
simpl in Hq.
destruct Hq as (h1 & h2).
rewrite distrib_conj; split.
apply distrib_conj; split.
generalize (abstract_effects_generalize _ _ _ _ h2).
intros h3.
simpl in h3.
......
......@@ -5,17 +5,21 @@
<prover
id="0"
name="Alt-Ergo"
version="0.95-dev"/>
version="0.94"/>
<prover
id="1"
name="Alt-Ergo"
version="0.95-dev"/>
<prover
id="2"
name="CVC3"
version="2.4.1"/>
<prover
id="2"
id="3"
name="Coq"
version="8.3pl4"/>
<prover
id="3"
id="4"
name="Z3"
version="4.0"/>
<file
......@@ -37,7 +41,7 @@
expanded="false"
shape="aterm_invamk_tvalueV0F">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -45,7 +49,7 @@
<result status="valid" time="0.02"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -62,7 +66,7 @@
expanded="false"
shape="aterm_invamk_tvarV0F">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -70,7 +74,7 @@
<result status="valid" time="0.02"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -87,7 +91,7 @@
expanded="false"
shape="aterm_invamk_tderefV0F">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -95,7 +99,7 @@
<result status="valid" time="0.02"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -112,7 +116,7 @@
expanded="false"
shape="aterm_invamk_tbinV0V2V1Iaterm_invV1Aaterm_invV0F">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -120,7 +124,7 @@
<result status="valid" time="0.02"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -137,7 +141,7 @@
expanded="false"
shape="ainfix =V0aSskipNOainfix =V0aSskipF">
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -154,7 +158,7 @@
expanded="false"
shape="ainfix =aget_stackV0aConsaTuple2V0V1V2V1F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -162,7 +166,7 @@
<result status="valid" time="0.04"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -179,7 +183,7 @@
expanded="false"
shape="ainfix =aget_stackV1aConsaTuple2V0V2V3aget_stackV1V3Iainfix =V0V1NF">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -187,7 +191,7 @@
<result status="valid" time="0.03"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -204,7 +208,7 @@
expanded="false"
shape="ainfix =aeval_termV0V1V4aVboolV5EIatype_termV2V3V4aTYboolF">
<proof
prover="2"
prover="3"
timelimit="3"
memlimit="1000"
edited="blocking_semantics3_ImpExpr_eval_bool_term_1.v"
......@@ -222,7 +226,7 @@
expanded="false"
shape="ainfix =aeval_termV0V1amsubst_termV2V3V4aeval_termasetV0V3aget_stackV4V1V1V2Iafresh_in_termV4V2F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -230,7 +234,7 @@
<result status="timeout" time="3.12"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -238,7 +242,7 @@
<result status="timeout" time="3.02"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -255,7 +259,7 @@
expanded="false"
shape="ainfix =aeval_termV0V1asubst_termV2V3V4aeval_termV0aConsaTuple2V3aget_stackV4V1V1V2Iafresh_in_termV4V2F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -263,7 +267,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -271,7 +275,7 @@
<result status="timeout" time="3.04"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -288,7 +292,7 @@
expanded="false"
shape="ainfix =aeval_termV1aConsaTuple2V3V4V2V0aeval_termV1V2V0Iafresh_in_termV3V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -296,7 +300,7 @@
<result status="timeout" time="3.11"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -304,7 +308,7 @@
<result status="timeout" time="3.11"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -321,7 +325,7 @@
expanded="false"
shape="ainfix =asubstV0V1V2V0Iafresh_in_fmlaV1V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -329,7 +333,7 @@
<result status="timeout" time="3.10"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -337,7 +341,7 @@
<result status="timeout" time="3.06"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -354,7 +358,7 @@
expanded="false"
shape="ainfix =amsubstaFletV2V0V1V4V3aFletV2amsubst_termV0V4V3amsubstV1V4V3F">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -362,7 +366,7 @@
<result status="valid" time="0.08"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -379,7 +383,7 @@
expanded="false"
shape="aeval_fmlaasetV1V3aget_stackV4V2V2V0qaeval_fmlaV1V2amsubstV0V3V4Iafresh_in_fmlaV4V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -387,7 +391,7 @@
<result status="timeout" time="3.07"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -395,7 +399,7 @@
<result status="timeout" time="3.08"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -412,7 +416,7 @@
expanded="false"
shape="aeval_fmlaV1aConsaTuple2V3aget_stackV4V2V2V0qaeval_fmlaV1V2asubstV0V3V4Iafresh_in_fmlaV4V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -420,7 +424,7 @@
<result status="timeout" time="3.10"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -428,7 +432,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -445,7 +449,7 @@
expanded="false"
shape="aeval_fmlaV1aConsaTuple2V4V6aConsaTuple2V3V5V2V0qaeval_fmlaV1aConsaTuple2V3V5aConsaTuple2V4V6V2V0Iainfix =V3V4NF">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -453,7 +457,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -461,7 +465,7 @@
<result status="timeout" time="3.08"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -478,7 +482,7 @@
expanded="false"
shape="aeval_fmlaV1aConsaTuple2V3V4V2V0qaeval_fmlaV1aConsaTuple2V3V4aConsaTuple2V3V5V2V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -486,7 +490,7 @@
<result status="timeout" time="3.08"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -494,7 +498,7 @@
<result status="timeout" time="3.11"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -511,7 +515,7 @@
expanded="false"
shape="aeval_fmlaV1V2V0qaeval_fmlaV1aConsaTuple2V3V4V2V0Iafresh_in_fmlaV3V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -519,7 +523,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -527,7 +531,7 @@
<result status="timeout" time="3.10"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -544,7 +548,7 @@
expanded="false"
shape="aeval_fmlaV4V5aFletV0V2V3Iaeval_fmlaV4V5aFletV1V2asubstV3V0V1Iafresh_in_fmlaV1V3FF">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -552,7 +556,7 @@
<result status="timeout" time="3.06"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -560,7 +564,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -577,7 +581,7 @@
expanded="false"
shape="aeval_fmlaV4V5aFletV0V2V3Iaeval_fmlaV4V5aFletV1V2asubstV3V0V1Iafresh_in_fmlaV1V3FF">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -585,7 +589,7 @@
<result status="valid" time="0.05"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -593,7 +597,7 @@
<result status="valid" time="0.00"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -610,7 +614,7 @@
expanded="false"
shape="avalid_fmlaaFimpliesaFletV0V1V2aFletV0V1V3Iavalid_fmlaaFimpliesV2V3F">
<proof
prover="3"
prover="4"
timelimit="4"
memlimit="1000"
obsolete="false"
......@@ -627,7 +631,7 @@
expanded="false"
shape="ainfix &gt;=V6c0Iamany_stepsV0V2V4V1V3V5V6F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -635,7 +639,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -643,7 +647,7 @@
<result status="timeout" time="3.11"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -660,7 +664,7 @@
expanded="false"
shape="ainfix =V6ainfix +ainfix +c1V9V10Aamany_stepsV7V8V5V1V3aSskipV10Aamany_stepsV0V2V4V7V8aSskipV9EIamany_stepsV0V2aSseqV4V5V1V3aSskipV6F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -668,7 +672,7 @@
<result status="timeout" time="3.08"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -676,7 +680,7 @@
<result status="timeout" time="3.08"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -693,7 +697,7 @@
expanded="false"
shape="aone_stepV2V4V0V3V5V1Iaone_stepV2aConsaTuple2V6V7V4V0V3V5V1Iafresh_in_stmtV6V0F">
<proof
prover="1"
prover="2"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -701,7 +705,7 @@
<result status="timeout" time="3.03"/>
</proof>
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -709,7 +713,7 @@
<result status="timeout" time="3.01"/>
</proof>
<proof
prover="0"
prover="1"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -733,7 +737,7 @@
expanded="false"
shape="ainfix =aeval_termamy_sigmaamy_piamk_tvalueaVintc13aVintc13">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -750,7 +754,7 @@
expanded="false"
shape="ainfix =aeval_termamy_sigmaamy_piamk_tvaraxaVintc42">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -767,7 +771,7 @@
expanded="false"
shape="ainfix =aeval_termamy_sigmaamy_piamk_tderefayaVintc0">
<proof
prover="3"
prover="4"
timelimit="3"
memlimit="1000"
obsolete="false"
......@@ -784,7 +788,7 @@
expanded="false"
shape="ainfix =aeval_termamy_sigmaamy_piamk_tbinamk_tvaraxaOplusamk_tvalueaVintc13aVintc55">
<proof