In [1]:
from z3 import Solver, And, ForAll, Implies, Or
from meyer.meyer import conclude, U
from meyer.program import prog, progs
from meyer.special_programs import Fail
from meyer.equivalence import eq_set, equal
from meyer.contracted_program import contracts, require, CProg
from meyer.conditions import false, fail
from meyer.state import trivial, relevant
from meyer.util.z3py_set import set, sets
from meyer.util.z3py_rel import rel, rels
from meyer.util.z3py_util import const

s = Solver()

Ha contracted program

In [2]:
# pre, post should be declared as set and relation. See next cell
title = "P70 If post <= post', Pre' <= Pre and CProg(Pre,b,post) is a cotracted program, so is CProg(Pre',b,post')"
b, p, q = progs(s, 'b p q')
s.add(eq_set(b, q)) # Additional assumption
s.add(p.post() <= q.post(), q.pre() <= p.pre(), contracts(b, p))
conclude(s, contracts(b, q), title)

[33mP70 If post <= post', Pre' <= Pre and CProg(Pre,b,post) is a cotracted program, so is CProg(Pre',b,post')[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [3]:
title = "P70 If post <= post', Pre' <= Pre and require Pre do b ensure post end is a cotracted program, so is require Pre' do b ensure post' end"
b = prog(s, 'b')
pre, pre_ = sets('pre pre_')
post, post_ = rels('post post_')
s.add(post <= post_, pre_ <= pre, require(pre, b, post))
conclude(s, require(pre_, b, post_), title)

[33mP70 If post <= post', Pre' <= Pre and require Pre do b ensure post end is a cotracted program, so is require Pre' do b ensure post' end[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [4]:
title = "P71 If CProg(Pre,b,post) is a correct program, then (b sp Pre) <= post and Pre <= (b wp post)"
p = CProg(s)
conclude(s, And(p.sp() <= p.post(), p.pre() <= p.wp()), title)

[33mP71 If CProg(Pre,b,post) is a correct program, then (b sp Pre) <= post and Pre <= (b wp post)[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [15]:
title = "P72 CProg(Pre, b, post) is correct if and only if Pre <= dom(b) - dom(post_b - post)"
p, b = progs(s, "p b")
s.add(eq_set(p, b), +p, +b) # Additional assumption
conclude(s, contracts(b, p) == (p.pre() <= b.dom() - (b.post() - p.post).dom()), title)

[33mP72 CProg(Pre, b, post) is correct if and only if Pre <= dom(b) - dom(post_b - post)[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [6]:
title = "P73 b sp False = fail"
p = CProg(s)
conclude(s, p.sp(false()) == fail(), title)

[33mP73 b sp False = fail[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [7]:
title = "P74 b wp Fail = False"
p = CProg(s)
conclude(s, p.wp(fail()) == false(), title)

[33mP74 b wp Fail = False[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [8]:
title = "P75 Fail sp C = Fail"
C = set('C')
b, p = progs(s, 'b p')
s.add(equal(b, Fail())) # Failをそのままつっこめるようにしたい
cp = CProg(s, b, p)
conclude(s, cp.sp(C) == fail(), title)

[33mP75 Fail sp C = Fail[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [9]:
title = "P76 Fail wp post (not p) = False"
b, p = progs(s, 'b p')
s.add(equal(b, Fail()))
cp = CProg(s, b, p)
conclude(s, cp.wp() == false(), title)

[33mP76 Fail wp post (not p) = False[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [10]:
title = "P77 b sp (p ∪ q) = (b sp p) ∪ (b sp q)"
b, p, q = progs(s, 'b p q')
conclude(s, CProg(s, b, p|q).sp() == CProg(s, b, p).sp() | CProg(s, b, q).sp(), title) # only one way
# conclude(s, CProg(s, b, p|q).sp() >= CProg(s, b, p).sp() | CProg(s, b, q).sp(), title)

[33mP77 b sp (p ∪ q) = (b sp p) ∪ (b sp q)[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



新Choice使ったら逆になった

In [11]:
title = "P78 b wp (p ∪ q) >= (b wp p) ∪ (b wp q)"
b, p, q = progs(s, 'b p q')
conclude(s, CProg(s, b, p|q).wp() <= CProg(s, b, p).wp() | CProg(s, b, q).wp(), title)

[33mP78 b wp (p ∪ q) >= (b wp p) ∪ (b wp q)[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [12]:
title = "P79 For feasible p, CProg(dom(p), p, post_p), the most abstract implementation of p, is a correct program"
p = prog(s, "p")
s.add(+p)
conclude(s, contracts(p, p), title)

[33mP79 For feasible p, CProg(dom(p), p, post_p), the most abstract implementation of p, is a correct program[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 



In [13]:
title = "P80 A specification <post, Pre> is feasible if and only if every state in Pre is either trivial or relevant"
p = prog(s, 'p')
x = const('x', U)
conclude(s, +p == ForAll(x, Implies(p.pre(x), Or(trivial(x, p.post), relevant(x, p.post)))), title)

[33mP80 A specification <post, Pre> is feasible if and only if every state in Pre is either trivial or relevant[0m
[33mUniverse = U, has 3 element(s)[0m
[36mHolds: unsat[0m 

