To this end, I think it would be useful if the transformations also recorded the time they spend. It could be stored in the `why3session.xml` with another attribute to the transformation, which would give something like `<transf name="split_vc" time="0.01" >`. It probably should be disabled by default, although it would mean that we should be able to handle session files that differ in this way.
As for prover calls, it could also be shown in the IDE. To not clutter the IDE, it could only be shown if the time goes beyond X seconds.
```
use int.Int
use array.Array
let update a i (v:int)
requires { 0 <= i < length a }
ensures { a[i] = v }
= a[i] <- v
```
which is easily solved by Alt-Ergo, but not by CVC4 nor Z3.
I suggest:
- to provide monomorphic clonable versions of ref.Ref and array.Array in the stdlib, which would allow to program without polymorphism unless needed elsewhere
This allows us to prove `false` in the following ways :
- apply `case (forall x y : 'a. x = y)` and pass the resulting tasks to Eprover
- first prove that `(forall x y : 'a. x = y) \/ (not forall x y : 'a. x = y)` (by calling CVC4 for example), apply `destruct` to this hypothesis and pass the resulting tasks to Eprover
**What's happening ?**
```
axiom h: 1 = 3
goal G: forall x. x = 1
An example with records is the following:
```
use int.Int
type r = {a : int; b : int}
let f (x y: r): bool
ensures {x.a = y.a}
=
true
```
To explicitly show the problem use the following transformations:
`introduce_premises`
`destruct_term x`
`assert (x2 = mk r x1 x)`
@marche suggest to use tick `'` instead of space because the user would still not be able to define those in .mlw file but they would be able to use them. Here, the result would be something along the lines of `r'mk`.
Note that spaces also appear in the names of goals: they could be removed in favor of `'` too. For example: `f'VC`.
```
let foo () requires { true } = ()
let bar () = foo (); foo ()
```
we get two subgoals `true` marked as unknown. At this point, the user can either apply `split_vc` or launch a prover, on each subgoal. In both cases, this is a waste of user time and processor cycles. This becomes especially noticeable after !207, as the number of trivial goals greatly increases.

Two possible solutions:

1. Automatically mark `true` goals as proved.
2. Prevent `split_vc` from generating them.
Two possible solutions:
1. Automatically mark `true` goals as proved.
```
val bar (x:int): unit requires { x <> 0 }
let foo (x:int) : unit = bar x; bar x
```
When clicking the initially unique goal in the IDE, both calls `bar x` are properly highlighted as being the preconditions to prove. After splitting the goal, both goals cause the IDE to highlight the first call `bar x`, while the second goal is meant to be the precondition of the second call.
```
use list.List
constant l: list int = Cons 42 Nil
goal G : 42 = match l with Nil -> 0 | Cons x _ -> x end
```
if I want to get a goal of the form `42 = 42`, I must do first `subst_all` and only then `compile_match` is able to give me `42 = 42`.
Using split_all_full on goals containing the ieee_float theory can result in out of memory (see attached file [b.mlw](/uploads/777dac8832951acc1eacf6a489be58ba/b.mlw) ). Most likely, on the hypothesis fma_special, the negative monoid generated by split_core grows exponentially (which eventually eat all available memory).
I encountered this problem when launching the strategy "1" (problem which should be solved by #282).
It was reported by users that on this:
```
goal list_simpl_r :
forall l1:list 'a, l2:list 'a, l:list 'a. (l1 ++ l) = (l2 ++ l) -> l1 = l2
```
It was impossible to make a recursion on ``l1``.
```
axiom H: if c1 then c2 else c3
```
destruct H would create two branches: one replacing `H` by `c1 `and `c2` and the other one replacing it with `~c1` and `c3`.
Note: Similar behavior can be done for `match`.This issue to keep track of a suggestion by @bbecker to extend destruct to "if .. then .. else":
```
axiom H: if c1 then c2 else c3
```
destruct H would create two branches: one replacing `H` by `c1 `and `c2` and the other one replacing it with `~c1` and `c3`.
Note: Similar behavior can be done for `match`.Benedikt BeckerBenedikt Beckerhttps://gitlab.inria.fr/why3/why3/-/issues/263Removing Inline_trivial2019-02-12T16:55:13ZDAILLER SylvainRemoving Inline_trivialHello,
I don't understand what this transformation is used for. At first, I thought it was there for optimization but it seems that removing it from the driver makes `cvc4 1.5` fail on some files (`bench/ce/array_mono.mlw`).
Am I misunderstanding the use of this transformation ? I think there may be a bug in the rest of the transformations used for CVC4 if not.Hello,
I don't understand what this transformation is used for. At first, I thought it was there for optimization but it seems that removing it from the driver makes `cvc4 1.5` fail on some files (`bench/ce/array_mono.mlw`).
Am I misunderstanding the use of this transformation ? I think there may be a bug in the rest of the transformations used for CVC4 if not.MARCHE ClaudeMARCHE Claudehttps://gitlab.inria.fr/why3/why3/-/issues/259improve destruct_alg2019-01-31T16:26:45ZMARCHE Claudeimprove destruct_algFeature wishes for improvements:
```
H: P -> A
H1: not P -> B
H2: P -> C
```
On these cases, I think the user would like `case P` to remove unsatisfiable hypothesis and premises. This would give two new context:
```
H: A
H2: C
H3: P
```
and
```
H1: B
H: not P
```
H : r = (o [@mlw_proxy_symbol])
Goal : r + r = 5
```
With `subst_all` or `split_vc` would become:
`Goal: o + o = 5`
```
Goal forall P Q, (forall x y, P x y -> Q) -> P 3 4 -> Q.
intros P Q H H1.
apply H with (1:=H1).
```
We could imagine:
`apply H with_hyp H1`
`H : forall x. x = 0`
`instantiate H 1` generate the following hypotheses (name change and remove hypothesis):
`H : 1 = 0`
instead of
```
H : forall x. x = 0
H_inst : 1 = 0
