Boogie Verifier instrumentation for generating AST-to-CFG validation certificates #4
Conversation
copying of unoptimized blocks to be done
|
There seems to be often lots of redundant white space in the generated proofs. For example
|
|
It would be good to add comments to the newly added code such that it is easier to understand the code. Moreover, the parts where big blocks are added for the purpose of proof generation should be documented clearly. |
Source/Core/ObjectExtensions.cs
Outdated
|
|
||
| namespace Core | ||
| { | ||
| public static class ObjectExtensions |
There was a problem hiding this comment.
This file is duplicated (also in ProofGenUtil). It should be possible to keep this file only once, since there are no dependencies from this file to the Boogie code.
Source/Core/ProofGenInfoManager.cs
Outdated
| /* | ||
| if (mapFromImplementationToProofGenInfo == null) | ||
| { | ||
| mapFromImplementationToProofGenInfo = new Dictionary<Implementation, ProofGenInfo>(); | ||
| } | ||
|
|
||
| return mapFromImplementationToProofGenInfo; | ||
| */ |
Source/Core/Parser.cs
Outdated
| impl = new Implementation(x, x.val, typeParams.ConvertAll(tp => new TypeVariable(tp.tok, tp.Name)), | ||
| impl = new Implementation(x, x.val, typeParams.ConvertAll(tp => new TypeVariable(tp.tok, tp.Name)), |
There was a problem hiding this comment.
It seems like there is no change here. It would be good to keep the old formatting so that no change is displayed.
Source/Core/Parser.cs
Outdated
| @@ -581,7 +582,7 @@ public override int ComputeHashCode() | |||
| Expect(35); | |||
| ProcSignature(false, out x, out typeParams, out ins, out outs, out kv); | |||
| ImplBody(out locals, out stmtList); | |||
| impl = new Implementation(x, x.val, typeParams, ins, outs, locals, stmtList, kv, this.errors); | |||
| impl = new Implementation(x, x.val, typeParams, ins, outs, locals, stmtList, kv, this.errors); | |||
There was a problem hiding this comment.
It seems like there is no change here. It would be good to keep the old formatting so that no change is displayed.
| CoalesceBlocks(program); | ||
| //CoalesceBlocks(program); |
There was a problem hiding this comment.
Block coalescing should be left switched on.
There was a problem hiding this comment.
What impact does this have on the evaluation?
| @@ -484,6 +602,31 @@ public static Term RedCmdList(BoogieContextIsa boogieContext, Term cmdList, Term | |||
| finalCFGConfig | |||
| }); | |||
| } | |||
|
|
|||
| public static Term LoopIH(BoogieContextIsa astBoogieContext, BoogieContextIsa cfgBoogieContext, Term ast, Term bigblock, Term cont, Term cfgBody, Term blockIndex, Term posts) | |||
There was a problem hiding this comment.
A more specific name than LoopIH would be useful.
| public MembershipLemmaManager( | ||
| IsaProgramGeneratorConfig config, | ||
| IsaProgramRepr isaProgramRepr, | ||
| IsaBigBlockInfo isaBigBlockInfo, | ||
| Tuple<int, int> GlobalsMaxLocalsMin, | ||
| IVariableTranslationFactory factory, | ||
| string theoryName | ||
| ) |
There was a problem hiding this comment.
this constructor seems to share a lot of code with the previous one. It would be good to share that code.
| foreach (var id in paramsAndLocalMapping.Keys) | ||
| { | ||
| if (variable.ToString() == id.ToString()) | ||
| { | ||
| variable = id; | ||
| } | ||
| } |
There was a problem hiding this comment.
I don't understand the point of this code, it does not seem to have an effect.
| IProgramAccessor programAccessor, | ||
| IProgramAccessor beforeCfgProgramAccessor, | ||
| CFGRepr cfg) |
There was a problem hiding this comment.
What was the reason again for requiring two program accessors here? It would be good if you could describe the reasons why this is required.
| //TODO: here assuming that we use "'a" for the abstract value type carrier t --> make t a parameter somewhere | ||
| new TermWithExplicitType(new TermIdent(typeInterpId), IsaBoogieType.AbstractValueTyFunType(new VarType("a"))), | ||
| funDecls, | ||
| constantDecls, | ||
| globalDecls, | ||
| axioms, | ||
| procedure)); | ||
| procedure, | ||
| //TODO: define this elsewhere. |
…anup, still need to run and check all examples
the previous versoin used explicit symbols, which cannot be parsed by Isabelle's command line tool
# Conflicts: # Source/ProofGeneration/BoogieIsaInterface/IsaBoogieTerm.cs
…gardless of labels
…neration of the before-phase programs
(i.e., revert Parser.cs to commit ce40e35, which was the last non-proof-generation commit for Parser.cs from the main Boogie repository)
…variable declarations before and after optimizations The change also adjusts the selective phase generation. In particular, one does not need to give the AstToCfg program accessor to phases that are not connected to it. This is achieved by making the AstToCfg program accessor a parent of those program accessors right below it.
We should revisit the RemoveApostrophe with a different solution where terms are constructed via the AST instead of via strings.
ObjectExtensions.cs file in the Core module is redundant, added reference to ProofGenUtil from Core.