## Test Create CHCs

In this file we test the creation of CHCs from a given program.

First we import the necessary libraries and set up the Z3 solver.

In [1]:
from z3 import And, Ints, Int, Array, IntSort, ForAll, Implies, Or
import z3
import graphviz
z3.set_param(proof=True)
from sw.verify.stasm_to_chcs import create_chcs

# Sanity test
Now let's create a simple program and generate the CHCs for it.
This program is taken straight out of the class presentation.
It is a sanity test case for our implementation.
All it does is `stack[sp-2] + stack[sp-1] * 13`.  

In [2]:
program = [("PUSH", 13),
              ("POP", 2),
              ("ALU", "MUL"),
              ("POP", 2),
              ("ALU", "ADD"),
              ("POP", 1)]

In our case we are going to set 
`stack[0] = 1, stack[1] = 5`
and test that the output is `1 + 5 * 13`

In [3]:

stack = Array("stack", IntSort(), IntSort())
sp, r0, r1 = Ints('sp r0 r1')
a, b = Ints('a b')
chcs = create_chcs(pre_condition=And(stack[0] == a, stack[1] == b, sp == 2),
             input_vars=[a,b],
             program=program,
             post_condition=stack[sp] ==  a + b * 13)
d = {'xform.inline_eager': False, 'xform.inline_linear': False}
chcs.solve()

version 7


0,1
digraph { 	0 [label=0] 	1 [label=1] 	2 [label=2] 	2 -> 1 	1 -> 0 	3 [label=3] 	3 -> 0 },"0False1query!0(30612,  -76102,  K(Int, 0),  Store(Store(Store(Store(K(Int, 18), 1, 380146),  3,  13),  0,  30612),  2,  456248),  0,  380146,  456248)2∀A, B, C, D, E, F, G :  ¬(F[0] = B + 13·C) ∧  A[1] = C ∧  A[0] = B ∧  E = 13·A[2] ∧  G = F[1] ∧  F = Store(Store(Store(A, 3, 13), 2, 13·A[2]), 1, A[1] + E) ⇒  query!0(B, C, D, F, 0, G, E)3query!0(30612,  -76102,  K(Int, 0),  Store(Store(Store(Store(K(Int, 18), 1, 380146),  3,  13),  0,  30612),  2,  456248),  0,  380146,  456248) ⇒ False"

0,1
0,False
1,"query!0(30612,  -76102,  K(Int, 0),  Store(Store(Store(Store(K(Int, 18), 1, 380146),  3,  13),  0,  30612),  2,  456248),  0,  380146,  456248)"
2,"∀A, B, C, D, E, F, G :  ¬(F[0] = B + 13·C) ∧  A[1] = C ∧  A[0] = B ∧  E = 13·A[2] ∧  G = F[1] ∧  F = Store(Store(Store(A, 3, 13), 2, 13·A[2]), 1, A[1] + E) ⇒  query!0(B, C, D, F, 0, G, E)"
3,"query!0(30612,  -76102,  K(Int, 0),  Store(Store(Store(Store(K(Int, 18), 1, 380146),  3,  13),  0,  30612),  2,  456248),  0,  380146,  456248) ⇒ False"


# Find max element in array
Now lets test the find max program from milestone 0
First, import some macros:

In [4]:
def READ_FROM_ARRAY():
    """
    Pops the top as index and then base addr and push the value at that index from the array at addr
    :return:
    """
    return [
        ("POP", 2),  # r0 = index, r1 = base addr
        ("ALU", "ADD"),  # push base addr + index
        ("POP", 1),   # r0 = base addr + index
        ("LOAD", 0),  # push value at base addr + index
    ]

Now writing the program:

In [5]:
program_find_max = [
    ("PUSH", 0),
    ("DUP", 2),
    *READ_FROM_ARRAY(),
    # Stack is now: [arr_addr, length, a[0]]
    # Now let's define max = a[0]
    ("DUP", 0),
    # Stack is now: [arr_addr, length, a[0], mx=a[0]]
    # Now after we saved a[0] on stack we can use this mem for i
    # lets set i = 1 to memory address &a[0]
    ("PUSH", 1),
    ("DUP", 4),
    ("POP", 2),
    ("STOR", 0),
    "CHECK_COND:",
    # First put i in r0 and n in r1
    ("DUP", 3),
    ("POP", 1),
    ("LOAD", 0),
    ("DUP", 3),
    ("POP", 2),
    # Check i < n
    ("ALU", "LT"),
    ("POP", 1),
    ("JNZ", "LOOP_BODY"),
    ("JMP", "END"),
    "LOOP_BODY:",
    # read i from mem and put on stack
    ("DUP", 3),
    ("POP", 1),
    ("LOAD", 0),
    # put base addr on stack
    ("DUP", 4),
    # Put a[i] on stack
    *READ_FROM_ARRAY(),
    # Put mx on stack
    ("DUP", 1),
    # now stack is [base_addr, n, a[0], mx, a[i], mx]
    ("POP", 2),
    ("ALU", "LT"),
    # now stack is [base_addr, n, a[0], mx, (result a[i] < mx)]
    ("POP", 1),
    ("JNZ", "INC_I"),
    ("JMP", "UPDATE"),
    "INC_I:",
    # Put i on stack
    ("PUSH", 0),
    ("DUP", 4),
    *READ_FROM_ARRAY(),
    ("PUSH", 1),
    ("POP", 2),
    ("ALU", "ADD"),
    ("DUP", 4),
    ("POP", 2),
    ("STOR", 0),
    ("JMP", "CHECK_COND"),
    "UPDATE:",
    ("POP", 1),  # remove old mx from stack
    # Push base addr
    ("DUP", 2),
    ("POP", 1),
    ("LOAD", 0),
    # Now i is on top of stack
    ("DUP", 3),
    *READ_FROM_ARRAY(),  # so now a[i] is where mx was on stack so mx = a[i]
    ("JMP", "INC_I"),
    "END:",
    # Restore a[0]:
    # Put a[0] on stack (we saved it before):
    ("DUP", 1),
    # Put base_addr on stack:
    ("DUP", 4),
    ("POP", 2),
    ("STOR", 0),
    ("POP", 2),
    ("POP", 1),
    ("POP", 1)
]

Now creating the verification (We are testing array of size 1: `[2]` and making sure the return value is 2 (`r1==2`)

In [6]:
stack = Array("stack", IntSort(), IntSort())
memory = Array("memory", IntSort(), IntSort())
sp, r0, r1 = Ints('sp r0 r1')

pre_condition = And(
    stack[0] == 0, stack[1] == 0, stack[2] == 1, sp == 2,
    memory[0] == 2
)
chcs = create_chcs(pre_condition=pre_condition,
                   input_vars=[],
                   program=program_find_max,
                   post_condition=And(sp == 0,
                                      memory[0] == 2,
                                      r1 == 2))
chcs.solve(d)

version 7


0,1
U31,False
U19,(¬(ν0[0] ≤ 1) ∨ ¬(ν1[-3 + ν2] ≤ -1)) ∧ ¬(ν1[ν2] ≥ 3) ∧ ¬(ν1[ν2] ≤ 1) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν2 ≤ 3) ∧ (¬(ν0[0] ≥ 3) ∨ ¬(ν1[-3 + ν2] ≤ -1)) ∧ (¬(ν0[0] ≥ 3) ∨ ¬(ν1[-3 + ν2] ≥ 1)) ∧ ¬(ν1[-1 + ν2] ≥ 3) ∧ ¬(ν1[-1 + ν2] ≤ 1) ∧ (¬(ν0[0] ≤ 1) ∨ ¬(ν1[-3 + ν2] ≥ 1))
U16,¬(ν3 + -1·ν4 ≤ -1) ∧ ¬(ν1[ν2] ≥ 3) ∧ ¬(ν1[ν2] ≤ 1) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν2 ≤ 3) ∧ (¬(ν0[0] ≥ 3) ∨ ¬(ν1[-3 + ν2] ≥ 1)) ∧ (¬(ν0[0] ≥ 3) ∨ ¬(ν1[-3 + ν2] ≤ -1)) ∧ ¬(ν1[-1 + ν2] ≥ 3) ∧ ¬(ν1[-1 + ν2] ≤ 1) ∧ (¬(ν0[0] ≤ 1) ∨ ¬(ν1[-3 + ν2] ≥ 1)) ∧ (¬(ν0[0] ≤ 1) ∨ ¬(ν1[-3 + ν2] ≤ -1))
U37,False
U1,¬(ν1[-1 + ν2] ≥ 2) ∧ ¬(ν0[ν1[ν2] + ν1[-2 + ν2]] ≥ 3) ∧ ¬(ν0[ν1[ν2] + ν1[-2 + ν2]] ≤ 1) ∧ ¬(ν2 ≥ 4) ∧ ¬(ν2 ≤ 2) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν0[0] ≤ 1)
U40,False
U21,False
U38,False
U42,False
U8,¬(ν1[-3 + ν2] + -1·ν1[ν2] ≥ 1) ∧ ¬(ν1[-1 + ν2] ≥ 3) ∧ ¬(ν1[-1 + ν2] ≤ 1) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν1[-2 + ν2] ≥ 3) ∧ ¬(ν1[-2 + ν2] ≤ 1) ∧ ¬(ν0[0] ≤ 1) ∧ ¬(ν1[ν2] ≤ 0)


Now lets test that it finds model for `r1==9999` (the max is 2 and not 9999, so we should get a digraph for a counterexample)

In [7]:
stack = Array("stack", IntSort(), IntSort())
memory = Array("memory", IntSort(), IntSort())
sp, r0, r1 = Ints('sp r0 r1')


pre_condition = And(
    stack[0] == 0, stack[1] == 1, sp == 2,
    memory[0] == 2
)
chcs = create_chcs(pre_condition=pre_condition,
                   input_vars=[],
                   program=program_find_max,
                   post_condition=And(sp == 0,
                                      memory[0] == 2,
                                      r1 == 9999))
chcs.solve(d)

version 7


0,1
digraph { 	0 [label=0] 	1 [label=1] 	2 [label=2] 	2 -> 1 	3 [label=3] 	4 [label=4] 	4 -> 3 	5 [label=5] 	6 [label=6] 	6 -> 5 	7 [label=7] 	8 [label=8] 	8 -> 7 	9 [label=9] 	10 [label=10] 	10 -> 9 	11 [label=11] 	12 [label=12] 	12 -> 11 	13 [label=13] 	14 [label=14] 	14 -> 13 	15 [label=15] 	16 [label=16] 	16 -> 15 	17 [label=17] 	18 [label=18] 	18 -> 17 	19 [label=19] 	20 [label=20] 	20 -> 19 	21 [label=21] 	22 [label=22] 	22 -> 21 	23 [label=23] 	24 [label=24] 	24 -> 23 	25 [label=25] 	26 [label=26] 	26 -> 25 	27 [label=27] 	28 [label=28] 	28 -> 27 	29 [label=29] 	30 [label=30] 	30 -> 29 	31 [label=31] 	32 [label=32] 	32 -> 31 	33 [label=33] 	34 [label=34] 	34 -> 33 	35 [label=35] 	36 [label=36] 	36 -> 35 	37 [label=37] 	38 [label=38] 	38 -> 37 	39 [label=39] 	40 [label=40] 	40 -> 39 	41 [label=41] 	42 [label=42] 	42 -> 41 	43 [label=43] 	44 [label=44] 	44 -> 43 	45 [label=45] 	46 [label=46] 	46 -> 45 	47 [label=47] 	48 [label=48] 	48 -> 47 	49 [label=49] 	50 [label=50] 	50 -> 49 	51 [label=51] 	52 [label=52] 	52 -> 51 	53 [label=53] 	54 [label=54] 	54 -> 53 	55 [label=55] 	56 [label=56] 	56 -> 55 	57 [label=57] 	58 [label=58] 	58 -> 57 	57 -> 55 	55 -> 53 	53 -> 51 	51 -> 49 	49 -> 47 	47 -> 45 	45 -> 43 	43 -> 41 	41 -> 39 	39 -> 37 	37 -> 35 	35 -> 33 	33 -> 31 	31 -> 29 	29 -> 27 	27 -> 25 	25 -> 23 	23 -> 21 	21 -> 19 	19 -> 17 	17 -> 15 	15 -> 13 	13 -> 11 	11 -> 9 	9 -> 7 	7 -> 5 	5 -> 3 	3 -> 1 	1 -> 0 	59 [label=59] 	59 -> 0 },"0False1query!26499(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int,  12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  0,  1,  7552)2∀A, B, C, D, E :  U64(A, B, C, D, E) ∧ (¬(E = 9999) ∨ ¬(C = 0) ∨ ¬(A[0] = 2)) ⇒  query!26499(A, B, C, D, E)3U64(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  0,  1,  7552)4∀A, B, C, D, E, F, G :  U63(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U64(C, D, B, A, G)5U63(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  1,  -8855,  7552)6∀A, B, C, D, E, F, G :  U62(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U63(C, D, B, A, G)7U62(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  2,  7552,  7552)8∀A, B, C, D, E, F, G, H :  U61(D, E, F, G, H) ∧  A = E[F] ∧  C = -2 + F ∧  F ≥ 1 ∧  B = E[-1 + F] ⇒  U62(D, E, C, B, A)9U61(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  4,  7552,  1)10∀A, B, C, D, E, F :  U60(B, C, D, E, F) ∧ A = Store(B, F, E) ⇒  U61(A, C, D, E, F)11U60(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  4,  7552,  1)12∀A, B, C, D, E, F, G, H :  U59(D, E, F, G, H) ∧  A = E[F] ∧  C = -2 + F ∧  F ≥ 1 ∧  B = E[-1 + F] ⇒  U60(D, E, C, B, A)13U59(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  6,  0,  -8855)14∀A, B, C, D, E, F, G :  U58(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 4 ∧  B = Store(D, 1 + E, D[-4 + E]) ⇒  U59(C, B, A, F, G)15U58(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  6,  -8855),  1,  1),  3,  7552),  0,  0),  4,  7552),  5,  7552),  2,  -8855),  5,  0,  -8855)16∀A, B, C, D, E, F, G :  U57(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 1 ∧  B = Store(D, 1 + E, D[-1 + E]) ⇒  U58(C, B, A, F, G)17U57(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  0),  6,  -8855),  4,  0,  -8855)18∀A, B, C, D, E : U19(A, B, C, D, E) ⇒ U57(A, B, C, D, E)19U19(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  0),  6,  -8855),  4,  0,  -8855)20∀A, B, C, D : U18(A, B, C, 0, D) ⇒ U19(A, B, C, 0, D)21U18(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  0),  6,  -8855),  4,  0,  -8855)22∀A, B, C, D, E, F, G :  U17(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U18(C, D, B, A, G)23U17(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  0),  6,  -8855),  5,  1,  -8855)24∀A, B, C, D, E, F, G :  U16(C, D, E, F, G) ∧  A = 1 + E ∧  B = Store(D, 1 + E, If(G ≤ F, 0, 1)) ⇒  U17(C, B, A, F, G)25U16(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  6,  -8855),  1,  1),  3,  7552),  0,  0),  4,  7552),  2,  -8855),  5,  1),  4,  1,  -8855)26∀A, B, C, D, E, F, G, H :  U15(D, E, F, G, H) ∧  A = E[F] ∧  C = -2 + F ∧  F ≥ 1 ∧  B = E[-1 + F] ⇒  U16(D, E, C, B, A)27U15(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  6,  -8855),  1,  1),  3,  7552),  0,  0),  4,  7552),  2,  -8855),  5,  1),  6,  1,  1)28∀A, B, C, D, E, F, G :  U14(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 3 ∧  B = Store(D, 1 + E, D[-3 + E]) ⇒  U15(C, B, A, F, G)29U14(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  0,  0),  4,  7552),  5,  1),  6,  1),  5,  1,  1)30∀A, B, C, D, E, F, G :  U13(C, D, E, F, G) ∧ A = 1 + E ∧ B = Store(D, 1 + E, C[F]) ⇒  U14(C, B, A, F, G)31U13(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  0,  0),  4,  7552),  5,  1),  6,  1),  4,  1,  1)32∀A, B, C, D, E, F, G :  U12(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U13(C, D, B, A, G)33U12(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  1),  6,  1),  5,  1,  1)34∀A, B, C, D, E, F, G :  U11(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 3 ∧  B = Store(D, 1 + E, D[-3 + E]) ⇒  U12(C, B, A, F, G)35U11(Store(Store(K(Int, 13), 1, 1), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  1),  6,  1),  4,  1,  1)36∀A, B, C, D, E, F :  U10(B, C, D, E, F) ∧ A = Store(B, F, E) ⇒  U11(A, C, D, E, F)37U10(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  1),  6,  1),  4,  1,  1)38∀A, B, C, D, E, F, G, H :  U9(D, E, F, G, H) ∧  A = E[F] ∧  C = -2 + F ∧  F ≥ 1 ∧  B = E[-1 + F] ⇒  U10(D, E, C, B, A)39U9(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  2,  -8855),  1,  1),  3,  7552),  4,  7552),  0,  0),  5,  1),  6,  1),  6,  1,  1)40∀A, B, C, D, E, F, G :  U8(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 4 ∧  B = Store(D, 1 + E, D[-4 + E]) ⇒  U9(C, B, A, F, G)41U8(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(K(Int, 12), 1, 1),  3,  7552),  4,  7552),  0,  0),  5,  1),  2,  -8855),  5,  1,  1)42∀A, B, C, D, E, F, G :  U7(C, D, E, F, G) ∧ A = 1 + E ∧ B = Store(D, 1 + E, 1) ⇒  U8(C, B, A, F, G)43U7(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 7552),  4,  7552),  0,  0),  2,  -8855),  4,  1,  1)44∀A, B, C, D, E, F, G :  U6(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 0 ∧  B = Store(D, 1 + E, D[E]) ⇒  U7(C, B, A, F, G)45U6(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 7552),  0,  0),  4,  1),  2,  -8855),  3,  1,  1)46∀A, B, C, D, E, F, G :  U5(C, D, E, F, G) ∧ A = 1 + E ∧ B = Store(D, 1 + E, C[F]) ⇒  U6(C, B, A, F, G)47U5(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 1),  0,  0),  4,  1),  2,  -8855),  2,  1,  1)48∀A, B, C, D, E, F, G :  U4(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U5(C, D, B, A, G)49U4(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 1),  0,  0),  4,  1),  2,  -8855),  3,  0,  1)50∀A, B, C, D, E, F, G :  U3(C, D, E, F, G) ∧ A = 1 + E ∧ B = Store(D, 1 + E, F + G) ⇒  U4(C, B, A, F, G)51U3(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 0),  4,  1),  0,  0),  2,  -8855),  2,  0,  1)52∀A, B, C, D, E, F, G, H :  U2(D, E, F, G, H) ∧  A = E[F] ∧  C = -2 + F ∧  F ≥ 1 ∧  B = E[-1 + F] ⇒  U3(D, E, C, B, A)53U2(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 0),  4,  1),  0,  0),  2,  -8855),  4,  0,  0)54∀A, B, C, D, E, F, G :  U1(C, D, E, F, G) ∧  A = 1 + E ∧  E ≥ 2 ∧  B = Store(D, 1 + E, D[-2 + E]) ⇒  U2(C, B, A, F, G)55U1(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(K(Int, 12), 1, 1), 3, 0), 0, 0),  2,  -8855),  3,  0,  0)56∀A, B, C, D, E, F, G :  U0(C, D, E, F, G) ∧ A = 1 + E ∧ B = Store(D, 1 + E, 0) ⇒  U1(C, B, A, F, G)57U0(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(K(Int, 12), 1, 1), 0, 0), 2, -8855),  2,  0,  0)58∀A, B, C, D :  A[1] = 1 ∧ A[0] = 0 ∧ B[0] = 2 ⇒ U0(B, A, 2, C, D)59query!26499(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int,  12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  0,  1,  7552) ⇒ False"

0,1
0,False
1,"query!26499(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int,  12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  0,  1,  7552)"
2,"∀A, B, C, D, E :  U64(A, B, C, D, E) ∧ (¬(E = 9999) ∨ ¬(C = 0) ∨ ¬(A[0] = 2)) ⇒  query!26499(A, B, C, D, E)"
3,"U64(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  0,  1,  7552)"
4,"∀A, B, C, D, E, F, G :  U63(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U64(C, D, B, A, G)"
5,"U63(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  1,  -8855,  7552)"
6,"∀A, B, C, D, E, F, G :  U62(C, D, E, F, G) ∧ B = -1 + E ∧ E ≥ 0 ∧ A = D[E] ⇒  U63(C, D, B, A, G)"
7,"U62(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  2,  7552,  7552)"
8,"∀A, B, C, D, E, F, G, H :  U61(D, E, F, G, H) ∧  A = E[F] ∧  C = -2 + F ∧  F ≥ 1 ∧  B = E[-1 + F] ⇒  U62(D, E, C, B, A)"
9,"U61(Store(Store(K(Int, 13), 1, 7552), 0, 2),  Store(Store(Store(Store(Store(Store(Store(K(Int, 12),  5,  7552),  1,  1),  3,  7552),  4,  7552),  0,  0),  2,  -8855),  6,  1),  4,  7552,  1)"


Now lets test an array `[2,8,10,3]` of size 4 to make sure that we get SAT for `r1==10`

In [8]:
stack = Array("stack", IntSort(), IntSort())
memory = Array("memory", IntSort(), IntSort())
sp, r0, r1 = Ints('sp r0 r1')

pre_condition = And(
    stack[0] == 0, stack[1] == 0, stack[2] == 4, sp == 2,
    memory[0] == 2, memory[1] == 8, memory[2] == 10, memory[3] == 3
)
# Test correct maximum
chcs_correct = create_chcs(pre_condition=pre_condition,
                           input_vars=[],
                           program=program_find_max,
                           post_condition=And(sp == 0,
                                              memory[0] == 2, memory[1] == 8,
                                              memory[2] == 10, memory[3] == 3,
                                              r1 == 10))
chcs_correct.solve(d)

version 7


0,1
U31,(¬(ν1[ν2] ≤ 0) ∨  ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤ 9)) ∧ ¬(ν1[ν2] ≤ -1) ∧ ¬(ν1[-1 + ν2] ≥ 11) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν0[ν1[-4 + ν2]] ≤ -1) ∧ ¬(ν1[-4 + ν2] ≥ 1) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 2) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≥ 11)) ∧ ¬(ν1[-3 + ν2] ≤ 1) ∧ ¬(ν0[1] ≤ 7) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨ ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 1)) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν1[-2 + ν2] ≥ 3) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ ¬(ν1[-4 + ν2] ≤ -1) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν1[-2 + ν2] ≤ 1) ∧ (¬(ν1[ν2] ≤ 0) ∨  ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 2) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤ 9)) ∧ ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 4) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  -1·ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤  -1)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 3) ∨  ¬(ν0[2 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≥ 11)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 2) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≥ 11)) ∧ (¬(ν1[ν2] ≥ 1) ∨ ¬(ν1[-1 + ν2] ≤ 9))
U19,¬(ν1[-1 + ν2] ≤ 1) ∧ ¬(ν1[ν2] ≤ 9) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν1[ν2] ≥ 11) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν2 = 3) ∧ ¬(ν0[2] ≤ 9) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ (¬(ν1[-3 + ν2] = 0) ∨ ¬(ν1[-1 + ν2] ≥ 3)) ∧ ¬(ν1[-3 + ν2] ≤ -1) ∧ ¬(ν1[-3 + ν2] ≥ 1) ∧ ¬(ν0[2] ≥ 11)
U16,(¬(ν1[ν2] + -1·ν0[1 + ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≤ 0) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≤ 9)) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν1[-3 + ν2] ≥ 1) ∧ ¬(ν1[ν2] ≥ 11) ∧ ¬(ν1[-2 + ν2] ≤ 1) ∧ ¬(ν0[1] ≤ 7) ∧ (¬(ν1[ν2] ≤ 9) ∨ ¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≤ 1)) ∧ (¬(ν1[ν2] ≤ 9) ∨ ¬(ν3 + -1·ν4 ≥ 0)) ∧ ¬(ν2 ≤ 3) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν1[-1 + ν2] ≥ 3) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ ¬(ν1[-3 + ν2] ≤ -1) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν1[-1 + ν2] ≤ 1) ∧ (¬(ν1[ν2] ≤ 9) ∨  ¬(ν1[-2 + ν2] ≤ 2) ∨  ¬(ν0[-1 + ν1[-3 + ν2]] ≤ 8) ∨  ¬(ν1[ν2] + -1·ν0[1 + ν1[-3 + ν2]] ≥ 1)) ∧ (¬(ν1[ν2] ≤ 9) ∨  ¬(ν0[ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≤ 9) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≤ 2)) ∧ (¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] +  -1·ν0[ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≤  -1)) ∧ ¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≥ 4) ∧ (¬(ν3 + -1·ν4 ≤ -1) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≤ 1) ∨  ¬(ν0[ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≥ 11)) ∧ (¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≥ 2) ∨  ¬(ν0[1 + ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≥ 11)) ∧ (¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≥ 3) ∨  ¬(ν0[2 + ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≥ 4)) ∧ (¬(ν1[ν2] ≤ 9) ∨ ¬(ν1[ν2] + -1·ν0[ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≥ 1)) ∧ (¬(ν1[-2 + ν2] + -1·ν0[ν1[-3 + ν2]] ≥ 2) ∨  ¬(ν0[ν1[-3 + ν2] + ν0[ν1[-3 + ν2]]] ≥ 11))
U37,(¬(ν1[ν2] ≤ 9) ∨ ¬(ν0[1 + ν1[-3 + ν2] + ν0[ν4 + ν3]] ≤ 9)) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν1[ν2] ≥ 11) ∧ ¬(ν0[ν4 + ν3] ≤ -1) ∧ ¬(ν1[-3 + ν2] ≥ 1) ∧ (¬(ν1[-2 + ν2] ≤ 1) ∨ ¬(ν0[ν4 + ν3] ≥ -1)) ∧ ¬(ν0[1] ≤ 7) ∧ (¬(ν1[ν2] ≤ 9) ∨ ¬(ν0[ν4 + ν3] + -1·ν1[-2 + ν2] ≥ -2)) ∧ ¬(ν2 ≤ 3) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν1[-1 + ν2] ≥ 3) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ ¬(ν1[-3 + ν2] ≤ -1) ∧ ¬(ν1[-1 + ν2] ≤ 1) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν0[ν4 + ν3] + -1·ν1[-2 + ν2] ≤ -4) ∧ (¬(ν0[ν4 + ν3] + -1·ν1[-2 + ν2] ≤ -2) ∨  ¬(ν0[1 + ν1[-3 + ν2] + ν0[ν4 + ν3]] ≥ 11) ∨  ¬(ν0[ν4 + ν3] + -1·ν1[-2 + ν2] ≥ -2)) ∧ (¬(ν0[2 + ν1[-3 + ν2] + ν0[ν4 + ν3]] ≥ 11) ∨  ¬(ν0[ν4 + ν3] + -1·ν1[-2 + ν2] ≤ -3)) ∧ (¬(ν0[ν4 + ν3] + -1·ν1[-2 + ν2] ≤ -3) ∨  ¬(ν0[1 + ν1[-3 + ν2] + ν0[ν4 + ν3]] ≥ 11))
U1,¬(ν0[ν1[ν2]] ≤ 1) ∧ ¬(ν1[-1 + ν2] ≤ 3) ∧ ¬(ν0[1 + ν1[-2 + ν2]] + -1·ν0[ν1[ν2] + ν1[-2 + ν2]] ≤ 5) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν2 ≥ 4) ∧ ¬(ν0[2 + ν1[-2 + ν2]] ≥ 11) ∧ ¬(ν2 ≤ 2) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν1[-2 + ν2] ≤ -1) ∧ ¬(ν1[-1 + ν2] ≥ 5) ∧ ¬(ν1[-2 + ν2] ≥ 1)
U40,(¬(ν1[-3 + ν2] + -1·ν1[ν2] ≥ 3) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν1[ν2]] ≥ 11)) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν1[-1 + ν2] ≥ 11) ∧ ¬(ν1[-3 + ν2] ≤ 1) ∧ ¬(ν0[1] ≤ 7) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨ ¬(ν1[-3 + ν2] + -1·ν1[ν2] ≤ 2)) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν1[-2 + ν2] ≥ 3) ∧ ¬(ν0[2] ≤ 9) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ ¬(ν1[-4 + ν2] ≤ -1) ∧ ¬(ν1[-4 + ν2] ≥ 1) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν1[-2 + ν2] ≤ 1) ∧ ¬(ν1[-3 + ν2] + -1·ν1[ν2] ≥ 4) ∧ (¬(ν1[-3 + ν2] + -1·ν1[ν2] ≥ 2) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν1[ν2]] ≥ 11) ∨  ¬(ν1[-3 + ν2] + -1·ν1[ν2] ≤ 2)) ∧ (¬(ν1[-3 + ν2] + -1·ν1[ν2] ≥ 3) ∨  ¬(ν0[2 + ν1[-4 + ν2] + ν1[ν2]] ≥ 11)) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨ ¬(ν0[1 + ν1[-4 + ν2] + ν1[ν2]] ≤ 9)) ∧ (¬(ν1[-3 + ν2] ≤ 2) ∨ ¬(ν1[-1 + ν2] ≤ 9))
U21,(¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤ 9) ∨  ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  -1·ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  ν0[ν1[-4 + ν2] + ν0[ν1[ν2]]] +  -1·ν1[-1 + ν2] ≥  0)) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν1[-1 + ν2] ≥ 11) ∧ ¬(ν1[-3 + ν2] ≤ 1) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 2) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≥ 11)) ∧ ¬(ν1[-4 + ν2] ≥ 1) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨ ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 1)) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν1[-2 + ν2] ≥ 3) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ ¬(ν1[-4 + ν2] ≤ -1) ∧ ¬(ν0[ν1[-4 + ν2]] ≤ -1) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν1[-2 + ν2] ≤ 1) ∧ ¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 4) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 2) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤ 9) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[ν2]]] + -1·ν1[-1 + ν2] ≥ 0)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  -1·ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤  -1)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 3) ∨  ¬(ν0[2 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≥ 10)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≥ 2) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≥ 11)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[-4 + ν2]] ≤ 1) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤ 9) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  -1·ν0[ν1[-4 + ν2] + ν0[ν1[ν2]]] +  ν1[-1 + ν2] ≤  9)) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[ν2]]] + -1·ν1[-1 + ν2] ≤ -1)) ∧ (¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  -1·ν0[ν1[-4 + ν2] + ν0[ν1[ν2]]] +  ν1[-1 + ν2] ≤  9) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] +  -1·ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤  -1) ∨  ¬(ν0[ν1[-4 + ν2] + ν0[ν1[-4 + ν2]]] ≤ 9))
U38,(¬(ν1[-3 + ν2] + -1·ν0[ν1[ν2]] ≥ 3) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[ν2]]] ≥ 11)) ∧ (¬(ν1[-3 + ν2] ≤ 1) ∨ ¬(ν0[ν1[ν2]] ≥ -1)) ∧ ¬(ν1[-4 + ν2] ≥ 1) ∧ ¬(ν1[-1 + ν2] ≥ 11) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[1] ≤ 7) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨ ¬(ν1[-3 + ν2] + -1·ν0[ν1[ν2]] ≤ 2)) ∧ ¬(ν0[ν1[ν2]] ≤ -1) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν1[-2 + ν2] ≥ 3) ∧ ¬(ν0[2] ≤ 9) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-4 + ν2] ≤ 2)) ∧ ¬(ν1[-4 + ν2] ≤ -1) ∧ ¬(ν1[-2 + ν2] ≤ 1) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν1[-3 + ν2] + -1·ν0[ν1[ν2]] ≥ 4) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[ν2]] ≥ 2) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[ν2]]] ≥ 11) ∨  ¬(ν1[-3 + ν2] + -1·ν0[ν1[ν2]] ≤ 2)) ∧ (¬(ν1[-3 + ν2] + -1·ν0[ν1[ν2]] ≥ 3) ∨  ¬(ν0[2 + ν1[-4 + ν2] + ν0[ν1[ν2]]] ≥ 11)) ∧ (¬(ν1[-1 + ν2] ≤ 9) ∨ ¬(ν0[1 + ν1[-4 + ν2] + ν0[ν1[ν2]]] ≤ 9))
U42,(¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≤ -2) ∨ ¬(ν0[ν1[-3 + ν2] + ν3 + ν4] ≥ 11)) ∧ (¬(ν3 + ν4 ≥ 0) ∨ ¬(ν1[-2 + ν2] ≤ 1)) ∧ ¬(ν2 ≥ 5) ∧ (¬(ν3 + ν4 ≤ -1) ∨ ¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≥ -2)) ∧ ¬(ν1[ν2] ≥ 11) ∧ ¬(ν0[1] ≤ 7) ∧ (¬(ν1[ν2] ≤ 9) ∨ ¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≥ -1)) ∧ ¬(ν2 ≤ 3) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν1[-1 + ν2] ≥ 3) ∧ (¬(ν0[3] ≥ 4) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ ¬(ν1[-3 + ν2] ≤ -1) ∧ (¬(ν0[3] ≤ 2) ∨ ¬(ν1[-3 + ν2] ≤ 2)) ∧ ¬(ν1[-3 + ν2] ≥ 1) ∧ ¬(ν1[-1 + ν2] ≤ 1) ∧ ¬(ν0[2] ≥ 11) ∧ (¬(ν1[ν2] ≤ 9) ∨  ¬(ν0[1 + ν1[-3 + ν2]] + -1·ν1[ν2] ≤ -1) ∨  ¬(ν1[-2 + ν2] ≤ 2)) ∧ ¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≤ -3) ∧ (¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≤ -1) ∨  ¬(ν0[ν1[-3 + ν2] + ν3 + ν4] ≥ 11) ∨  ¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≥ -1)) ∧ (¬(ν3 + ν4 + -1·ν1[-2 + ν2] ≤ -2) ∨  ¬(ν0[1 + ν1[-3 + ν2] + ν3 + ν4] ≥ 11)) ∧ (¬(ν1[ν2] ≤ 9) ∨ ¬(ν0[ν1[-3 + ν2] + ν3 + ν4] ≤ 9)) ∧ (¬(ν3 + ν4 ≤ 0) ∨ ¬(ν0[1 + ν1[-3 + ν2]] + -1·ν1[ν2] ≥ 0))
U8,¬(ν1[-2 + ν2] ≤ 1) ∧ ¬(ν0[1 + ν1[ν2] + ν1[-4 + ν2]] ≥ 11) ∧ ¬(ν1[ν2] ≤ 0) ∧ ¬(ν1[ν2] + -1·ν1[-3 + ν2] ≥ -2) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν0[ν1[ν2] + ν1[-4 + ν2]] ≥ 9) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν0[1 + ν1[ν2] + ν1[-4 + ν2]] ≤ 9) ∧ ¬(ν1[-4 + ν2] ≥ 1) ∧ ¬(ν1[-1 + ν2] + -1·ν0[ν1[ν2] + ν1[-4 + ν2]] ≥ -5) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≤ 9) ∧ ¬(ν1[-2 + ν2] ≥ 3) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν1[-4 + ν2] ≤ -1) ∧ ¬(ν0[2] ≥ 11) ∧ ¬(ν1[ν2] + -1·ν1[-3 + ν2] ≤ -4) ∧ ¬(ν0[2 + ν1[ν2] + ν1[-4 + ν2]] ≥ 4)


# Test element exists in array program
Lets test the other program from milestone 

In [9]:
program_find_v = [
    ("PUSH", 0x0),  # int i = 0
    "CHECK_COND:",
    ("DUP", 0),  # Push i on stack
    ("DUP", 3),  # Push n on stack
    ("POP", 2),  # r0 = i, r1 = n
    ("ALU", "LT"),  # Compare i < n
    ("POP", 1),  # r0 = comparison result
    ("JNZ", "LOOP_BODY"),  # If i < n, jump to loop body
    ("JMP", "NOT_FOUND"),  # Otherwise, exit loop
    "INC_I:",  # Increment i
    ("PUSH", 1),  # Push constant 1
    ("POP", 2),  # r0 = i r1 = 1
    ("ALU", "ADD"),  # Push i + 1
    ("JMP", "CHECK_COND"),  # Jump to check condition
    "LOOP_BODY:",
    ("DUP", 0),  # Push i on stack
    ("DUP", 4),  # Push base_addr on stack
    *READ_FROM_ARRAY(),  # Push a[i]
    ("DUP", 2),
    ("POP", 2),
    ("ALU", "SUB"),
    ("POP", 1),  # r0 = a[i] - v
    ("JZ", "FOUND"),  # If a[i] == v, jump to found
    ("JMP", "INC_I"),  # Otherwise, check condition
    "FOUND:",  # Found the value
    ("POP", 2),  # Emptying the stack
    ("POP", 2),
    ("PUSH", 1),  # Push True
    ("PUSH", 1),  # Push True
    ("JMP", "END"),  # Jump to end
    "NOT_FOUND:",  # Not found
    ("POP", 2),  # Emptying the stack
    ("POP", 2),
    ("PUSH", 0),  # Push False
    ("PUSH", 0),  # Push False
    "END:",
    ("POP", 2)
]

Setting up the test

In [10]:
stack = Array("stack", IntSort(), IntSort())
memory = Array("memory", IntSort(), IntSort())
sp, r0, r1 = Ints('sp r0 r1')


k = Int("k")
pre_condition = And(
    stack[0] == 0, stack[1] == 0, stack[2] == 4, stack[3] == 8,
    sp == 3,
    memory[0] == 2, memory[1] == 8, memory[2] == 1, memory[3] == 3,
    # Stack beyond sp is 0

)

# Test correct maximum
chcs_correct = create_chcs(pre_condition=pre_condition,
                           input_vars=[],
                           program=program_find_v,
                           post_condition=And(sp == 0,
                                              memory[0] == 2, memory[1] == 8, memory[2] == 1, memory[3] == 3,
                                              r1 == 1))
d = {'xform.inline_eager': False, 'xform.inline_linear': False}
chcs_correct.solve(d)

version 7


0,1
U31,False
U17,¬(ν0[3] ≥ 4) ∧ ¬(ν0[3] ≤ 2) ∧ (¬(ν1[-1 + ν2] + -1·ν0[ν3] ≥ 1) ∨  ¬(ν1[-1 + ν2] + -1·ν0[1 + ν1[-3 + ν2] + ν1[ν2]] ≥ 1)) ∧ ¬(ν1[-1 + ν2] + -1·ν0[ν3] ≤ -1) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν1[-2 + ν2] + -1·ν1[ν2] ≤ 2) ∧ ¬(ν0[2] ≥ 2) ∧ ¬(ν2 ≤ 3) ∧ ¬(ν0[1] ≥ 9) ∧ (¬(ν1[-2 + ν2] + -1·ν1[ν2] ≤ 3) ∨ ¬(ν1[-1 + ν2] + -1·ν0[ν3] ≥ 1)) ∧ (¬(ν1[-1 + ν2] + -1·ν0[ν3] ≥ 1) ∨  ¬(ν1[-1 + ν2] + -1·ν0[1 + ν1[-3 + ν2] + ν1[ν2]] ≤ -1)) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν0[0] ≤ 1) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν0[0] ≥ 3)
U19,¬(ν0[2] ≥ 2) ∧ (¬(ν1[-1 + ν2] + -1·ν1[ν2] ≤ -1) ∨  ¬(ν1[-3 + ν2] + -1·ν0[1 + ν1[-2 + ν2] + ν1[-5 + ν2]] ≥ 1)) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν1[-4 + ν2] + -1·ν1[-2 + ν2] ≤ 2) ∧ ¬(ν2 ≤ 5) ∧ ¬(ν2 ≥ 7) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[3] ≤ 2) ∧ (¬(ν1[-1 + ν2] + -1·ν1[ν2] ≤ -1) ∨  ¬(ν1[-4 + ν2] + -1·ν1[-2 + ν2] ≤ 3)) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν0[0] ≤ 1) ∧ ¬(ν1[-1 + ν2] + -1·ν1[ν2] ≥ 1) ∧ (¬(ν1[-1 + ν2] + -1·ν1[ν2] ≤ -1) ∨  ¬(ν1[-3 + ν2] + -1·ν0[1 + ν1[-2 + ν2] + ν1[-5 + ν2]] ≤ -1)) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν0[3] ≥ 4)
U16,¬(ν0[2] ≥ 2) ∧ (¬(ν1[-3 + ν2] + -1·ν1[-1 + ν2] ≤ 3) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2]] ≥ 1)) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν1[-3 + ν2] + -1·ν1[-1 + ν2] ≤ 2) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν2 ≥ 6) ∧ (¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2]] ≥ 1) ∨  ¬(ν1[-2 + ν2] + -1·ν0[1 + ν1[-4 + ν2] + ν1[-1 + ν2]] ≤ -1)) ∧ ¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2]] ≤ -1) ∧ ¬(ν0[1] ≥ 9) ∧ (¬(ν1[-2 + ν2] + -1·ν0[1 + ν1[-4 + ν2] + ν1[-1 + ν2]] ≥ 1) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2]] ≥ 1)) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν0[0] ≤ 1)
U13,¬(ν1[-1 + ν2] + -1·ν1[-3 + ν2] ≥ -2) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[2] ≥ 2) ∧ ¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2] + ν1[-4 + ν2]] ≤ -1) ∧ ¬(ν0[3] ≤ 2) ∧ (¬(ν1[-1 + ν2] + -1·ν1[-3 + ν2] ≥ -3) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2] + ν1[-4 + ν2]] ≥ 1)) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν0[0] ≤ 1) ∧ (¬(ν0[1 + ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≤ -1) ∨  ¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2] + ν1[-4 + ν2]] ≥ 1)) ∧ (¬(ν1[-2 + ν2] + -1·ν0[ν1[ν2] + ν1[-4 + ν2]] ≥ 1) ∨  ¬(ν0[1 + ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≥ 1)) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν0[2] ≤ 0)
U5,¬(ν0[1] ≤ 7) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν1[-1 + ν2] + -1·ν1[-3 + ν2] ≥ -2) ∧ ¬(ν0[0] ≤ 1) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν0[2] ≤ 0) ∧ (¬(ν0[ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≤ -1) ∨  ¬(ν1[-2 + ν2] + -1·ν0[1 + ν1[-1 + ν2] + ν1[-4 + ν2]] ≤ -1)) ∧ ¬(ν0[ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≥ 1) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν1[ν2] ≤ 0) ∧ ¬(ν0[2] ≥ 2) ∧ (¬(ν0[ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≤ -1) ∨  ¬(ν1[-2 + ν2] + -1·ν0[1 + ν1[-1 + ν2] + ν1[-4 + ν2]] ≥ 1)) ∧ ¬(ν2 ≤ 4) ∧ (¬(ν1[-1 + ν2] + -1·ν1[-3 + ν2] ≥ -3) ∨  ¬(ν0[ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≤ -1))
U1,(¬(ν1[-2 + ν2] + -1·ν1[ν2] ≤ 3) ∨  ¬(ν1[-1 + ν2] + -1·ν0[ν1[ν2] + ν1[-3 + ν2]] ≥ 1)) ∧ ¬(ν1[-1 + ν2] + -1·ν0[ν1[ν2] + ν1[-3 + ν2]] ≤ -1) ∧ ¬(ν2 ≤ 3) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν1[-2 + ν2] + -1·ν1[ν2] ≤ 2) ∧ ¬(ν0[2] ≥ 2) ∧ (¬(ν0[1 + ν1[ν2] + ν1[-3 + ν2]] + -1·ν1[-1 + ν2] ≥ 1) ∨  ¬(ν1[-1 + ν2] + -1·ν0[ν1[ν2] + ν1[-3 + ν2]] ≥ 1)) ∧ ¬(ν0[0] ≤ 1) ∧ (¬(ν0[1 + ν1[ν2] + ν1[-3 + ν2]] + -1·ν1[-1 + ν2] ≤ -1) ∨  ¬(ν1[-1 + ν2] + -1·ν0[ν1[ν2] + ν1[-3 + ν2]] ≥ 1)) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν2 ≥ 5)
U18,¬(ν0[0] ≤ 1) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν0[3] ≥ 4) ∧ (¬(ν1[-2 + ν2] + -1·ν1[ν2] ≥ 1) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν1[-1 + ν2]] + -1·ν1[-2 + ν2] ≤ -1)) ∧ ¬(ν0[2] ≥ 2) ∧ ¬(ν1[-2 + ν2] + -1·ν1[ν2] ≤ -1) ∧ (¬(ν1[-2 + ν2] + -1·ν1[ν2] ≥ 1) ∨  ¬(ν0[1 + ν1[-4 + ν2] + ν1[-1 + ν2]] + -1·ν1[-2 + ν2] ≥ 1)) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν1[-3 + ν2] + -1·ν1[-1 + ν2] ≤ 2) ∧ (¬(ν1[-2 + ν2] + -1·ν1[ν2] ≥ 1) ∨  ¬(ν1[-3 + ν2] + -1·ν1[-1 + ν2] ≤ 3)) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν0[1] ≤ 7)
U21,¬(ν0[1] ≥ 9) ∧ (¬(ν1[ν2] ≤ -1) ∨ ¬(ν1[-3 + ν2] + -1·ν1[-1 + ν2] ≤ 3)) ∧ ¬(ν2 ≥ 6) ∧ ¬(ν1[-3 + ν2] + -1·ν1[-1 + ν2] ≤ 2) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν0[3] ≤ 2) ∧ (¬(ν1[ν2] ≤ -1) ∨  ¬(ν0[1 + ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≤ -1)) ∧ ¬(ν1[ν2] ≥ 1) ∧ ¬(ν0[0] ≤ 1) ∧ (¬(ν1[ν2] ≤ -1) ∨  ¬(ν0[1 + ν1[-1 + ν2] + ν1[-4 + ν2]] + -1·ν1[-2 + ν2] ≥ 1)) ∧ ¬(ν0[2] ≥ 2) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν2 ≤ 4) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν0[1] ≤ 7)
U8,¬(ν1[-2 + ν2] + -1·ν1[ν2] ≤ 3) ∧ ¬(ν0[3] ≤ 2) ∧ ¬(ν0[0] ≤ 1) ∧ ¬(ν2 ≥ 5) ∧ ¬(ν2 ≤ 3) ∧ ¬(ν0[2] ≤ 0) ∧ ¬(ν1[-1 + ν2] + -1·ν0[1 + ν1[-3 + ν2] + ν1[ν2]] ≥ 1) ∧ ¬(ν1[-1 + ν2] + -1·ν0[1 + ν1[-3 + ν2] + ν1[ν2]] ≤ -1) ∧ ¬(ν0[0] ≥ 3) ∧ ¬(ν0[1] ≥ 9) ∧ ¬(ν0[1] ≤ 7) ∧ ¬(ν0[3] ≥ 4) ∧ ¬(ν0[2] ≥ 2)


# Simple Test

In [11]:

program = [
    ("PUSH", 4),
    ("PUSH", 1),
    # stack is now [20,i<-1]
    "START1:",
    ("DUP", 1), # stack is now [20,i,20]
    ("DUP", 1), # stack is now [20,i,20,i]
    ("POP", 2), # stack is now [20,i] r0=20 r1=i
    ("ALU", "LT"), # if 20 < i push 1 on stack otherwise 0, stack is now [2,i,2<i]
    ("POP", 1),  # stack is now [20,i] and the result goes to r0
    ("JNZ", "END"), # based on r0 we jump to the end if 20<i otherwise continue to next line
    ("PUSH", 1),  # Next three lines is i++
    ("POP", 2),
    ("ALU", "ADD"),
    ("JMP", "START1"), # return to start1 where we check the condition
    "END:",
    ("POP", 2) # r0=20 r1=
]

program = [
    ("PUSH", 10),
    ("PUSH", 0),
    ("POP", 2),
    ("STOR", 0),
    ("PUSH", 0),
    ("POP", 1),
    ("LOAD" , 0)
]


stack = Array("stack", IntSort(), IntSort())
memory = Array("memory", IntSort(), IntSort())
sp, r0, r1 = Ints('sp r0 r1')

pre_condition = And(sp == 0, stack[0]==0)

chcs_correct = create_chcs(pre_condition=pre_condition,
                           input_vars=[],
                           program=program,
                           post_condition=And(stack[0] == 0, stack[1] == 10, sp == 1, memory[0] == 10))
d = {'xform.inline_eager': False, 'xform.inline_linear': False}
chcs_correct.solve(d)


version 7


0,1
U7,¬(ν0[0] ≥ 11) ∧ ¬(ν2 ≤ 0) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν1[1] ≥ 11) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν0[0] ≤ 9) ∧ ¬(ν1[1] ≤ 9) ∧ ¬(ν2 ≥ 2)
U6,¬(ν1[0] ≤ -1) ∧ ¬(ν0[ν3] ≤ 9) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν0[0] ≥ 11) ∧ ¬(ν0[0] ≤ 9) ∧ ¬(ν0[ν3] ≥ 11) ∧ ¬(ν2 ≤ -1) ∧ ¬(ν2 ≥ 1)
U2,¬(ν1[-1 + ν2] ≤ 9) ∧ ¬(ν1[-1 + ν2] ≥ 11) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν1[ν2] ≥ 1) ∧ ¬(ν2 ≤ 1) ∧ ¬(ν2 ≥ 3) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν1[ν2] ≤ -1)
U4,¬(ν2 ≥ 1) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν0[0] ≥ 11) ∧ ¬(ν2 ≤ -1) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν0[0] ≤ 9)
U0,¬(ν2 ≥ 1) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν2 ≤ -1)
U5,¬(ν2 ≤ 0) ∧ ¬(ν0[ν1[ν2]] ≥ 11) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν0[0] ≥ 11) ∧ ¬(ν0[ν1[ν2]] ≤ 9) ∧ ¬(ν2 ≥ 2) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν0[0] ≤ 9)
U1,¬(ν1[1] ≥ 11) ∧ ¬(ν2 ≤ 0) ∧ ¬(ν1[1] ≤ 9) ∧ ¬(ν2 ≥ 2) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν1[0] ≥ 1)
U3,¬(ν2 ≤ -1) ∧ ν2 = ν4 ∧ ¬(ν3 ≤ 9) ∧ ¬(ν1[0] ≥ 1) ∧ ¬(ν1[0] ≤ -1) ∧ ¬(ν3 ≥ 11) ∧ ¬(ν2 ≥ 1)
