diff options
-rw-r--r-- | Source/VCExpr/BigLiteralAbstracter.cs | 105 | ||||
-rw-r--r-- | Source/VCExpr/Boogie2VCExpr.cs | 1073 | ||||
-rw-r--r-- | Source/VCExpr/Clustering.cs | 328 | ||||
-rw-r--r-- | Source/VCExpr/LetBindingSorter.cs | 111 | ||||
-rw-r--r-- | Source/VCExpr/NameClashResolver.cs | 124 | ||||
-rw-r--r-- | Source/VCExpr/SimplifyLikeLineariser.cs | 501 | ||||
-rw-r--r-- | Source/VCExpr/TermFormulaFlattening.cs | 129 | ||||
-rw-r--r-- | Source/VCExpr/TypeErasure.cs | 1185 | ||||
-rw-r--r-- | Source/VCExpr/TypeErasureArguments.cs | 537 | ||||
-rw-r--r-- | Source/VCExpr/TypeErasurePremisses.cs | 917 | ||||
-rw-r--r-- | Source/VCExpr/VCExpr.csproj | 261 | ||||
-rw-r--r-- | Source/VCExpr/VCExprAST.cs | 1542 | ||||
-rw-r--r-- | Source/VCExpr/VCExprASTPrinter.cs | 211 | ||||
-rw-r--r-- | Source/VCExpr/VCExprASTVisitors.cs | 1546 |
14 files changed, 5526 insertions, 3044 deletions
diff --git a/Source/VCExpr/BigLiteralAbstracter.cs b/Source/VCExpr/BigLiteralAbstracter.cs index fac34a8d..63d87e17 100644 --- a/Source/VCExpr/BigLiteralAbstracter.cs +++ b/Source/VCExpr/BigLiteralAbstracter.cs @@ -8,7 +8,7 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// Code for replacing large integer literals in VCExpr with
@@ -20,21 +20,23 @@ namespace Microsoft.Boogie.VCExprAST public class BigLiteralAbstracter : MutatingVCExprVisitor<bool>, ICloneable {
- public BigLiteralAbstracter(VCExpressionGenerator! gen) {
- base(gen);
+ public BigLiteralAbstracter(VCExpressionGenerator gen) :base(gen){
+ Contract.Requires(gen != null);
DummyVar = gen.Variable("x", Type.Int);
- IncAxioms = new List<VCExpr!> ();
- Literals = new List<KeyValuePair<BigNum, VCExprVar!>> ();
+ IncAxioms = new List<VCExpr> ();
+ Literals = new List<KeyValuePair<BigNum, VCExprVar>> ();
}
- private BigLiteralAbstracter(BigLiteralAbstracter! abstracter) {
- base(abstracter.Gen);
+ private BigLiteralAbstracter(BigLiteralAbstracter abstracter) :base(abstracter.Gen){
+ Contract.Requires(abstracter != null);
DummyVar = abstracter.DummyVar;
- IncAxioms = new List<VCExpr!> (abstracter.IncAxioms);
- Literals = new List<KeyValuePair<BigNum, VCExprVar!>> (abstracter.Literals);
+ IncAxioms = new List<VCExpr> (abstracter.IncAxioms);
+ Literals = new List<KeyValuePair<BigNum, VCExprVar>> (abstracter.Literals);
}
- public Object! Clone() {
+ public Object Clone() {
+ Contract.Ensures(Contract.Result<Object>() != null);
+
return new BigLiteralAbstracter(this);
}
@@ -44,23 +46,34 @@ namespace Microsoft.Boogie.VCExprAST private static readonly BigNum ConstantDistanceTPO = BigNum.FromLong(200001);
private static readonly BigNum ConstantDistancePO = BigNum.FromLong(100001);
- public VCExpr! Abstract(VCExpr! expr) {
+ public VCExpr Abstract(VCExpr expr) {
+ Contract.Requires(expr != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return Mutate(expr, true);
}
////////////////////////////////////////////////////////////////////////////
// list in which axioms are incrementally collected
- private readonly List<VCExpr!>! IncAxioms;
+ private readonly List<VCExpr/*!*/>/*!*/ IncAxioms;
- private void AddAxiom(VCExpr! axiom) {
+ [ContractInvariantMethod]
+void ObjectInvariant()
+{
+ Contract.Invariant(cce.NonNullElements(IncAxioms));
+}
+
+ private void AddAxiom(VCExpr/*!*/ axiom) {
+ Contract.Requires(axiom != null);
IncAxioms.Add(axiom);
}
// Return all axioms that were added since the last time NewAxioms
// was called
- public VCExpr! GetNewAxioms() {
- VCExpr! res = Gen.NAry(VCExpressionGenerator.AndOp, IncAxioms);
+ public VCExpr GetNewAxioms() {
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr res = Gen.NAry(VCExpressionGenerator.AndOp, IncAxioms);
IncAxioms.Clear();
return res;
}
@@ -70,11 +83,20 @@ namespace Microsoft.Boogie.VCExprAST // All named integer literals known to the visitor, in ascending
// order. Such literals are always positive, and the distance
// between two literals is always more than ConstantDistance.
- private readonly List<KeyValuePair<BigNum, VCExprVar!>>! Literals;
+ private readonly List<KeyValuePair<BigNum, VCExprVar/*!*/>>/*!*/ Literals;
+
+ [ContractInvariantMethod]
+void ObjectInvariat()
+{
+ Contract.Invariant(Literals!=null);
+ Contract.Invariant(Contract.ForAll(Literals,i=>i.Value!=null));
+}
+
- private class EntryComparerC : IComparer<KeyValuePair<BigNum, VCExprVar!>> {
- public int Compare(KeyValuePair<BigNum, VCExprVar!> a,
- KeyValuePair<BigNum, VCExprVar!> b) {
+ private class EntryComparerC : IComparer<KeyValuePair<BigNum, VCExprVar/*!*/>> {
+ public int Compare(KeyValuePair<BigNum, VCExprVar/*!*/> a,
+ KeyValuePair<BigNum, VCExprVar/*!*/> b) {Contract.Requires(a.Value!=null);
+ Contract.Requires(b.Value!=null);
return a.Key.CompareTo(b.Key);
}
}
@@ -82,14 +104,21 @@ namespace Microsoft.Boogie.VCExprAST private static readonly EntryComparerC EntryComparer = new EntryComparerC ();
// variable used when searching for entries in the literal list
- private readonly VCExprVar! DummyVar;
+ private readonly VCExprVar/*!*/ DummyVar;
+ [ContractInvariantMethod]
+void ObjectInvarint()
+{
+ Contract.Invariant(DummyVar!=null);
+}
+
////////////////////////////////////////////////////////////////////////////
// Construct an expression to represent the given (large) integer
// literal. Constants are defined and axiomatised if necessary
- private VCExpr! Represent(BigNum lit)
- requires NegConstantDistance > lit || lit > ConstantDistance; {
+ private VCExpr Represent(BigNum lit) {
+Contract.Requires((NegConstantDistance > lit || lit > ConstantDistance));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
if (lit.IsNegative)
return Gen.Function(VCExpressionGenerator.SubOp,
@@ -98,8 +127,9 @@ namespace Microsoft.Boogie.VCExprAST return RepresentPos(lit);
}
- private VCExpr! RepresentPos(BigNum lit)
- requires lit > ConstantDistance; {
+ private VCExpr RepresentPos(BigNum lit) {
+Contract.Requires((lit > ConstantDistance));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
int index = GetIndexFor(lit);
if (index >= 0)
@@ -137,15 +167,16 @@ namespace Microsoft.Boogie.VCExprAST return AddConstantFor(lit);
}
- private VCExpr! AddConstantFor(BigNum lit)
- requires lit > ConstantDistance; {
+ private VCExpr AddConstantFor(BigNum lit) {
+Contract.Requires((lit > ConstantDistance));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
- VCExprVar! res = Gen.Variable("int#" + lit, Type.Int);
+ VCExprVar res = Gen.Variable("int#" + lit, Type.Int);
int index = GetIndexFor(lit);
- assert index < 0;
+ Contract.Assert(index < 0);
index = ~index;
- Literals.Insert(index, new KeyValuePair<BigNum, VCExprVar!>(lit, res));
+ Literals.Insert(index, new KeyValuePair<BigNum, VCExprVar>(lit, res));
// relate the new constant to the predecessor and successor
if (index > 0)
@@ -161,12 +192,14 @@ namespace Microsoft.Boogie.VCExprAST return res;
}
- private void DefineRelationship(VCExpr! aExpr, BigNum aValue,
- VCExpr! bExpr, BigNum bValue)
- requires aValue < bValue; {
+ private void DefineRelationship(VCExpr/*!*/ aExpr, BigNum aValue,
+ VCExpr/*!*/ bExpr, BigNum bValue)
+ {Contract.Requires(aValue < bValue);
+ Contract.Requires(aExpr != null);
+ Contract.Requires(bExpr != null);
BigNum dist = bValue - aValue;
- VCExpr! distExpr = Gen.Function(VCExpressionGenerator.SubOp, bExpr, aExpr);
+ VCExpr distExpr = Gen.Function(VCExpressionGenerator.SubOp, bExpr, aExpr);
if (dist <= ConstantDistanceTPO)
// constants that are sufficiently close to each other are put
// into a precise relationship
@@ -177,14 +210,16 @@ namespace Microsoft.Boogie.VCExprAST }
private int GetIndexFor(BigNum lit) {
- return Literals.BinarySearch(new KeyValuePair<BigNum, VCExprVar!>
+ return Literals.BinarySearch(new KeyValuePair<BigNum, VCExprVar>
(lit, DummyVar),
EntryComparer);
}
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprLiteral! node, bool arg) {
+ public override VCExpr Visit(VCExprLiteral node, bool arg) {
+ Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
VCExprIntLit intLit = node as VCExprIntLit;
if (intLit != null) {
if (NegConstantDistance > intLit.Val || intLit.Val > ConstantDistance)
diff --git a/Source/VCExpr/Boogie2VCExpr.cs b/Source/VCExpr/Boogie2VCExpr.cs index df966c2d..e20ebaed 100644 --- a/Source/VCExpr/Boogie2VCExpr.cs +++ b/Source/VCExpr/Boogie2VCExpr.cs @@ -8,156 +8,198 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// A translator from the Boogie AST to the VCExpr AST.
// This was previously realised in the methods AbsyExpr.VCView
-namespace Microsoft.Boogie.VCExprAST
-{
+namespace Microsoft.Boogie.VCExprAST {
using Microsoft.Boogie;
public class VCGenerationOptions {
- private readonly List<string!>! SupportedProverCommands;
+ private readonly List<string/*!*/>/*!*/ SupportedProverCommands;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(SupportedProverCommands));
+ }
- public bool IsProverCommandSupported(string! kind)
- {
+
+ public bool IsProverCommandSupported(string kind) {
+ Contract.Requires(kind != null);
return SupportedProverCommands.Contains(kind);
}
- public bool IsAnyProverCommandSupported(string! kinds)
- {
+ public bool IsAnyProverCommandSupported(string kinds) {
+ Contract.Requires(kinds != null);
if (kinds.IndexOf(',') < 0) {
return IsProverCommandSupported(kinds);
} else {
- return exists{string k in kinds.Split(',', ' '); IsProverCommandSupported(k)};
+ return Contract.Exists(kinds.Split(',', ' '), k => IsProverCommandSupported(k));
}
}
- public VCGenerationOptions(List<string!>! supportedProverCommands) {
+ public VCGenerationOptions(List<string/*!*/>/*!*/ supportedProverCommands) {
+ Contract.Requires(cce.NonNullElements(supportedProverCommands));
this.SupportedProverCommands = supportedProverCommands;
}
}
- public delegate VCExpr! CodeExprConverter(CodeExpr! codeExpr, Hashtable/*<Block, VCExprVar!>*/! blockVariables, List<VCExprLetBinding!>! bindings);
+ public delegate VCExpr/*!*/ CodeExprConverter(CodeExpr/*!*/ codeExpr, Hashtable/*<Block, VCExprVar!>*//*!*/ blockVariables, List<VCExprLetBinding> bindings);
public class Boogie2VCExprTranslator : StandardVisitor, ICloneable {
// Stack on which the various Visit-methods put the result of the translation
- private readonly Stack<VCExpr!>! SubExpressions = new Stack<VCExpr!> ();
+ private readonly Stack<VCExpr/*!*/>/*!*/ SubExpressions = new Stack<VCExpr>();
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(SubExpressions));
+ Contract.Invariant(Gen != null);
+ }
+
- private void Push(VCExpr! expr) {
+ private void Push(VCExpr expr) {
+ Contract.Requires(expr != null);
SubExpressions.Push(expr);
}
- private VCExpr! Pop() {
+ private VCExpr Pop() {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return SubExpressions.Pop();
}
- public VCExpr! Translate(Expr! expr) {
+ public VCExpr Translate(Expr expr) {
+ Contract.Requires(expr != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
this.Visit(expr);
return Pop();
}
- public List<VCExpr!>! Translate(ExprSeq! exprs) {
- List<VCExpr!>! res = new List<VCExpr!> ();
- foreach(Expr e in exprs)
- res.Add(Translate((!)e));
+ public List<VCExpr/*!*/>/*!*/ Translate(ExprSeq exprs) {
+ Contract.Requires(exprs != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
+ List<VCExpr/*!*/>/*!*/ res = new List<VCExpr/*!*/>();
+ foreach (Expr e in exprs)
+ res.Add(Translate(cce.NonNull(e)));
return res;
}
///////////////////////////////////////////////////////////////////////////////
- internal readonly VCExpressionGenerator! Gen;
+ internal readonly VCExpressionGenerator/*!*/ Gen;
- public Boogie2VCExprTranslator(VCExpressionGenerator! gen,
- VCGenerationOptions! genOptions) {
+ public Boogie2VCExprTranslator(VCExpressionGenerator gen,
+ VCGenerationOptions genOptions) {
+ Contract.Requires(gen != null);
+ Contract.Requires(genOptions != null);
this.Gen = gen;
this.GenerationOptions = genOptions;
- UnboundVariables = new VariableMapping<Variable> ();
- BoundVariables = new VariableMapping<BoundVariable> ();
- Formals = new VariableMapping<Formal> ();
+ UnboundVariables = new VariableMapping<Variable>();
+ BoundVariables = new VariableMapping<BoundVariable>();
+ Formals = new VariableMapping<Formal>();
}
- private Boogie2VCExprTranslator(Boogie2VCExprTranslator! tl) {
+ private Boogie2VCExprTranslator(Boogie2VCExprTranslator tl) {
+ Contract.Requires(tl != null);
this.Gen = tl.Gen;
this.GenerationOptions = tl.GenerationOptions;
UnboundVariables =
(VariableMapping<Variable>)tl.UnboundVariables.Clone();
- BoundVariables = new VariableMapping<BoundVariable> ();
- Formals = new VariableMapping<Formal> ();
+ BoundVariables = new VariableMapping<BoundVariable>();
+ Formals = new VariableMapping<Formal>();
}
- public object! Clone() {
+ public object Clone() {
+ Contract.Ensures(Contract.Result<object>() != null);
return new Boogie2VCExprTranslator(this);
}
private IAppliableTranslator IAppTranslatorAttr = null;
- private IAppliableTranslator! IAppTranslator { get {
- if (IAppTranslatorAttr == null)
- IAppTranslatorAttr = new IAppliableTranslator (this);
- return IAppTranslatorAttr;
- } }
+ private IAppliableTranslator IAppTranslator {
+ get {
+ Contract.Ensures(Contract.Result<IAppliableTranslator>() != null);
+
+ if (IAppTranslatorAttr == null)
+ IAppTranslatorAttr = new IAppliableTranslator(this);
+ return IAppTranslatorAttr;
+ }
+ }
///////////////////////////////////////////////////////////////////////////////
// Class for handling occurring variables
private class VariableMapping<VarKind> : ICloneable {
- private readonly List<Dictionary<VarKind!, VCExprVar!>!>! Mapping;
+ private readonly List<Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/>/*!*/ Mapping;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Mapping != null && Contract.ForAll(Mapping, i => cce.NonNullElements(i)));
+ }
+
public VariableMapping() {
- List<Dictionary<VarKind!, VCExprVar!>!>! mapping =
- new List<Dictionary<VarKind!, VCExprVar!>!> ();
- mapping.Add(new Dictionary<VarKind!, VCExprVar!> ());
+ List<Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/>/*!*/ mapping =
+ new List<Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/>();
+ mapping.Add(new Dictionary<VarKind/*!*/, VCExprVar/*!*/>());
this.Mapping = mapping;
}
- private VariableMapping(VariableMapping<VarKind>! vm) {
- List<Dictionary<VarKind!, VCExprVar!>!>! mapping =
- new List<Dictionary<VarKind!, VCExprVar!>!> ();
- foreach (Dictionary<VarKind!, VCExprVar!>! d in vm.Mapping)
- mapping.Add(new Dictionary<VarKind!, VCExprVar!> (d));
+ private VariableMapping(VariableMapping<VarKind> vm) {
+ Contract.Requires(vm != null);
+ List<Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/>/*!*/ mapping =
+ new List<Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/>();
+ foreach (Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/ d in vm.Mapping) {
+ Contract.Assert(cce.NonNullElements(d));
+ mapping.Add(new Dictionary<VarKind/*!*/, VCExprVar/*!*/>(d));
+ }
this.Mapping = mapping;
}
-
- public object! Clone() {
- return new VariableMapping<VarKind> (this);
+
+ public object Clone() {
+ Contract.Ensures(Contract.Result<object>() != null);
+ return new VariableMapping<VarKind>(this);
}
public void PushScope() {
- Mapping.Add(new Dictionary<VarKind!, VCExprVar!> ());
+ Mapping.Add(new Dictionary<VarKind/*!*/, VCExprVar/*!*/>());
}
public void PopScope() {
- assume Mapping.Count > 0;
+ Contract.Assume(Mapping.Count > 0);
Mapping.RemoveAt(Mapping.Count - 1);
}
-
- public void Bind(VarKind! boogieVar, VCExprVar! vcExprVar)
- requires !Contains(boogieVar); {
+
+ public void Bind(VarKind boogieVar, VCExprVar/*!*/ vcExprVar) {
+ Contract.Requires(vcExprVar != null);
+ Contract.Requires(boogieVar != null);
+ Contract.Requires(!Contains(boogieVar));
Mapping[Mapping.Count - 1].Add(boogieVar, vcExprVar);
}
-
- public VCExprVar! Lookup(VarKind! boogieVar) {
+
+ public VCExprVar Lookup(VarKind boogieVar) {
+ Contract.Requires(boogieVar != null);
+ Contract.Ensures(Contract.Result<VCExprVar>() != null);
VCExprVar res = LookupHelp(boogieVar);
- assume res != null;
+ Contract.Assume(res != null);
return res;
}
[Pure]
- public bool Contains(VarKind! boogieVar) {
+ public bool Contains(VarKind boogieVar) {
+ Contract.Requires(boogieVar != null);
return LookupHelp(boogieVar) != null;
}
- public bool TryGetValue(VarKind! boogieVar, out VCExprVar res) {
+ public bool TryGetValue(VarKind boogieVar, out VCExprVar res) {
+ Contract.Requires(boogieVar != null);
res = LookupHelp(boogieVar);
return res != null;
}
[Pure]
- private VCExprVar LookupHelp(VarKind! boogieVar) {
+ private VCExprVar LookupHelp(VarKind boogieVar) {
+ Contract.Requires(boogieVar != null);
VCExprVar res;
- foreach (Dictionary<VarKind!, VCExprVar!>! d in Mapping) {
+ foreach (Dictionary<VarKind/*!*/, VCExprVar/*!*/>/*!*/ d in Mapping) {
+ Contract.Assert(cce.NonNullElements(d));
if (d.TryGetValue(boogieVar, out res))
return res;
}
@@ -167,10 +209,17 @@ namespace Microsoft.Boogie.VCExprAST //////////////////////////////////////////////////////////////////////////////////
- private readonly VariableMapping<Variable>! UnboundVariables;
- private readonly VariableMapping<BoundVariable>! BoundVariables;
+ private readonly VariableMapping<Variable>/*!*/ UnboundVariables;
+ private readonly VariableMapping<BoundVariable>/*!*/ BoundVariables;
// used when translating the bodies of function expansions
- private readonly VariableMapping<Formal>! Formals;
+ private readonly VariableMapping<Formal>/*!*/ Formals;
+ [ContractInvariantMethod]
+ void ObjectInvairant() {
+ Contract.Invariant(UnboundVariables != null);
+ Contract.Invariant(BoundVariables != null);
+ Contract.Invariant(Formals != null);
+ }
+
internal void PushBoundVariableScope() {
BoundVariables.PushScope();
@@ -186,23 +235,28 @@ namespace Microsoft.Boogie.VCExprAST Formals.PopScope();
}
- public VCExprVar! BindVariable(Variable! boogieVar) {
+ public VCExprVar BindVariable(Variable boogieVar) {
+ Contract.Requires(boogieVar != null);
+ Contract.Ensures(Contract.Result<VCExprVar>() != null);
if (boogieVar is BoundVariable) {
- VCExprVar! newVar = Gen.Variable(boogieVar.Name, boogieVar.TypedIdent.Type);
+ VCExprVar/*!*/ newVar = Gen.Variable(boogieVar.Name, boogieVar.TypedIdent.Type);
BoundVariables.Bind((BoundVariable)boogieVar, newVar);
return newVar;
} else if (boogieVar is Formal) {
- VCExprVar! newVar = Gen.Variable(boogieVar.Name, boogieVar.TypedIdent.Type);
+ VCExprVar/*!*/ newVar = Gen.Variable(boogieVar.Name, boogieVar.TypedIdent.Type);
Formals.Bind((Formal)boogieVar, newVar);
return newVar;
} else {
// only bound variables and formals are declared explicitly
- assert false;
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
}
- public VCExprVar! LookupVariable(Variable! boogieVar) {
-
+ public VCExprVar LookupVariable(Variable boogieVar) {
+ Contract.Requires(boogieVar != null);
+ Contract.Ensures(Contract.Result<VCExprVar>() != null);
+
BoundVariable bv = boogieVar as BoundVariable;
if (bv != null) {
return BoundVariables.Lookup(bv);
@@ -210,63 +264,69 @@ namespace Microsoft.Boogie.VCExprAST VCExprVar res;
Formal fml = boogieVar as Formal;
if (fml != null && Formals.TryGetValue(fml, out res))
- return (!)res;
+ return cce.NonNull(res);
// global variables, local variables, incarnations, etc. are
// bound the first time they occur
if (!UnboundVariables.TryGetValue(boogieVar, out res)) {
- res = new VCExprVar (boogieVar.Name, boogieVar.TypedIdent.Type);
+ res = new VCExprVar(boogieVar.Name, boogieVar.TypedIdent.Type);
UnboundVariables.Bind(boogieVar, res);
}
- return (!)res;
+ return cce.NonNull(res);
}
///////////////////////////////////////////////////////////////////////////////////
-
- internal readonly VCGenerationOptions! GenerationOptions;
+
+ internal readonly VCGenerationOptions/*!*/ GenerationOptions;
+ [ContractInvariantMethod]
+ void ObjectInvarian() {
+ Contract.Invariant(GenerationOptions != null);
+ }
///////////////////////////////////////////////////////////////////////////////////
- public override LiteralExpr! VisitLiteralExpr(LiteralExpr! node) {
+ public override LiteralExpr VisitLiteralExpr(LiteralExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<LiteralExpr>() != null);
Push(TranslateLiteralExpr(node));
return node;
}
- private VCExpr! TranslateLiteralExpr(LiteralExpr! node) {
- if ( node.Val is bool )
- {
- bool b = (bool) node.Val;
- if ( b ) {
+ private VCExpr TranslateLiteralExpr(LiteralExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ if (node.Val is bool) {
+ bool b = (bool)node.Val;
+ if (b) {
return VCExpressionGenerator.True;
} else {
return VCExpressionGenerator.False;
}
- }
- else if ( node.Val is BigNum )
- {
+ } else if (node.Val is BigNum) {
return Gen.Integer(node.asBigNum);
- }
- else if ( node.Val is BvConst )
- {
+ } else if (node.Val is BvConst) {
return Gen.Bitvector((BvConst)node.Val);
- }
- else
- {
+ } else {
System.Diagnostics.Debug.Assert(false, "unknown kind of literal " + node.tok.ToString());
- assert false;
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
}
///////////////////////////////////////////////////////////////////////////////////
- public override AIVariableExpr! VisitAIVariableExpr(AIVariableExpr! node)
- {
- assert false;
+ public override AIVariableExpr VisitAIVariableExpr(AIVariableExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<AIVariableExpr>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
///////////////////////////////////////////////////////////////////////////////////
- public override Expr! VisitIdentifierExpr(IdentifierExpr! node) {
- assume node.Decl != null; // the expression has to be resolved
+ public override Expr VisitIdentifierExpr(IdentifierExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Expr>() != null);
+ Contract.Assume(node.Decl != null); // the expression has to be resolved
Push(LookupVariable(node.Decl));
return node;
}
@@ -277,92 +337,115 @@ namespace Microsoft.Boogie.VCExprAST // value of a variable x is always just "x". (The first update to it in a method
// causes it to become "x0". So we just remove old expressions with a visitor
// before transforming it into a VCExpr.
- public override Expr! VisitOldExpr(OldExpr! node)
- {
- assert false;
+ public override Expr VisitOldExpr(OldExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Expr>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
///////////////////////////////////////////////////////////////////////////////////
- public override Expr! VisitNAryExpr(NAryExpr! node)
- {
+ public override Expr VisitNAryExpr(NAryExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Expr>() != null);
Push(TranslateNAryExpr(node));
return node;
}
- private VCExpr! TranslateNAryExpr(NAryExpr! node) {
+ private VCExpr TranslateNAryExpr(NAryExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
int n = node.Args.Length;
- List<VCExpr!>! vcs = new List<VCExpr!> (n);
- for(int i = 0; i < n; i++)
- {
- vcs.Add(Translate((!)node.Args[i]));
+ List<VCExpr/*!*/>/*!*/ vcs = new List<VCExpr/*!*/>(n);
+ for (int i = 0; i < n; i++) {
+ vcs.Add(Translate(cce.NonNull(node.Args)[i]));
}
if (node.Type == null) {
System.Console.WriteLine("*** type is null for {0}", node);
- assert false;
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
return IAppTranslator.Translate(node.Fun, node.Type, vcs,
- ToList((!)node.TypeParameters));
+ ToList(cce.NonNull(node.TypeParameters)));
+ }
+
+
+ private static List<Type/*!*/>/*!*/ EMPTY_TYPE_LIST = new List<Type/*!*/>();
+ [ContractInvariantMethod]
+ void ObjectInvirant() {
+ Contract.Invariant(EMPTY_TYPE_LIST != null);
}
-
- private static List<Type!>! EMPTY_TYPE_LIST = new List<Type!> ();
- private List<Type!>! ToList(TypeParamInstantiation! insts) {
+ private List<Type/*!*/>/*!*/ ToList(TypeParamInstantiation insts) {
+ Contract.Requires(insts != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Type>>()));
if (insts.FormalTypeParams.Count == 0)
return EMPTY_TYPE_LIST;
- List<Type!>! typeArgs = new List<Type!> ();
- foreach (TypeVariable! var in insts.FormalTypeParams)
+ List<Type/*!*/>/*!*/ typeArgs = new List<Type/*!*/>();
+ foreach (TypeVariable/*!*/ var in insts.FormalTypeParams) {
+ Contract.Assert(var != null);
typeArgs.Add(insts[var]);
+ }
return typeArgs;
}
///////////////////////////////////////////////////////////////////////////////////
- public override QuantifierExpr! VisitQuantifierExpr(QuantifierExpr! node) {
+ public override QuantifierExpr VisitQuantifierExpr(QuantifierExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<QuantifierExpr>() != null);
Push(TranslateQuantifierExpr(node));
return node;
}
- public override ExistsExpr! VisitExistsExpr(ExistsExpr! node)
- {
- node = (ExistsExpr) this.VisitQuantifierExpr(node);
+ public override ExistsExpr VisitExistsExpr(ExistsExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<ExistsExpr>() != null);
+ node = (ExistsExpr)this.VisitQuantifierExpr(node);
return node;
}
- public override ForallExpr! VisitForallExpr(ForallExpr! node)
- {
- node = (ForallExpr) this.VisitQuantifierExpr(node);
+ public override ForallExpr VisitForallExpr(ForallExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<ForallExpr>() != null);
+ node = (ForallExpr)this.VisitQuantifierExpr(node);
return node;
}
- private VCExpr! TranslateQuantifierExpr(QuantifierExpr! node)
- {
- List<TypeVariable!>! typeParams = new List<TypeVariable!> ();
- foreach (TypeVariable! v in node.TypeParameters)
+ private VCExpr TranslateQuantifierExpr(QuantifierExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<TypeVariable/*!*/>/*!*/ typeParams = new List<TypeVariable/*!*/>();
+ foreach (TypeVariable/*!*/ v in node.TypeParameters) {
+ Contract.Assert(v != null);
typeParams.Add(v);
+ }
PushBoundVariableScope();
- List<VCExprVar!>! boundVars = new List<VCExprVar!> ();
- foreach (Variable! v in node.Dummies)
+ List<VCExprVar/*!*/>/*!*/ boundVars = new List<VCExprVar/*!*/>();
+ foreach (Variable/*!*/ v in node.Dummies)
boundVars.Add(BindVariable(v));
try {
- List<VCTrigger!>! triggers = TranslateTriggers(node.Triggers);
- VCExpr! body = Translate(node.Body);
- VCQuantifierInfos! infos = GenerateQuantifierInfos(node);
+ List<VCTrigger/*!*/>/*!*/ triggers = TranslateTriggers(node.Triggers);
+ VCExpr/*!*/ body = Translate(node.Body);
+ VCQuantifierInfos/*!*/ infos = GenerateQuantifierInfos(node);
Quantifier quan;
if (node is ForallExpr)
quan = Quantifier.ALL;
else if (node is ExistsExpr)
quan = Quantifier.EX;
- else
- assert false;
+ else {
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
return Gen.Quantify(quan, typeParams, boundVars, triggers, infos, body);
} finally {
@@ -370,9 +453,9 @@ namespace Microsoft.Boogie.VCExprAST }
}
- private List<VCTrigger!>! TranslateTriggers(Trigger node)
- {
- List<VCTrigger!>! res = new List<VCTrigger!> ();
+ private List<VCTrigger/*!*/>/*!*/ TranslateTriggers(Trigger node) {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCTrigger>>()));
+ List<VCTrigger/*!*/>/*!*/ res = new List<VCTrigger/*!*/>();
Trigger curTrigger = node;
while (curTrigger != null) {
res.Add(Gen.Trigger(curTrigger.Pos, Translate(curTrigger.Tr)));
@@ -381,27 +464,32 @@ namespace Microsoft.Boogie.VCExprAST return res;
}
- private VCQuantifierInfos! GenerateQuantifierInfos(QuantifierExpr! node) {
+ private VCQuantifierInfos GenerateQuantifierInfos(QuantifierExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCQuantifierInfos>() != null);
string qid = getQidNameFromQKeyValue(node.Dummies, node.Attributes);
return new VCQuantifierInfos(qid, node.SkolemId, false, node.Attributes);
}
- private string getQidNameFromQKeyValue(VariableSeq! vars, QKeyValue attributes) {
+ private string getQidNameFromQKeyValue(VariableSeq vars, QKeyValue attributes) {
+ Contract.Requires(vars != null);
// Check for a 'qid, name' pair in keyvalues
string qid = QKeyValue.FindStringAttribute(attributes, "qid");
- if (qid == null && vars.Length != 0){
+ if (qid == null && vars.Length != 0) {
// generate default name (line:column position in .bpl file)
Variable v = vars[0];
- assert v != null; // Rustan's claim!
+ Contract.Assert(v != null); // Rustan's claim!
// Include the first 8 characters of the filename in QID (helpful in case we use /concat)
// We limit it to 8, so the SX file doesn't grow too big, and who on earth would need
// more than 8 characters in a filename anyways.
int max = 8;
StringBuilder buf = new StringBuilder(max + 20);
string filename = v.tok.filename;
- if (filename == null) filename = "unknown";
+ if (filename == null)
+ filename = "unknown";
for (int i = 0; i < filename.Length; ++i) {
- if (filename[i] == '/' || filename[i] == '\\') buf.Length = 0;
+ if (filename[i] == '/' || filename[i] == '\\')
+ buf.Length = 0;
if (buf.Length < max && char.IsLetterOrDigit(filename[i])) {
if (buf.Length == 0 && char.IsDigit(filename[i])) {
// Z3 does not like QID's to start with a digit, so we prepend another character
@@ -418,260 +506,375 @@ namespace Microsoft.Boogie.VCExprAST ///////////////////////////////////////////////////////////////////////////////////
- public override BvExtractExpr! VisitBvExtractExpr(BvExtractExpr! node)
- {
+ public override BvExtractExpr VisitBvExtractExpr(BvExtractExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<BvExtractExpr>() != null);
Push(TranslateBvExtractExpr(node));
return node;
}
- private VCExpr! TranslateBvExtractExpr(BvExtractExpr! node)
- requires node.Start <= node.End; {
- VCExpr! bv = Translate(node.Bitvector);
- return Gen.BvExtract(bv, ((!)node.Bitvector.Type).BvBits, node.Start, node.End);
+ private VCExpr TranslateBvExtractExpr(BvExtractExpr node){
+Contract.Requires(node != null);
+Contract.Requires((node.Start <= node.End));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+VCExpr/*!*/ bv = Translate(node.Bitvector);
+ return Gen.BvExtract(bv,cce.NonNull(node.Bitvector.Type).BvBits, node.Start, node.End);
}
///////////////////////////////////////////////////////////////////////////////////
- public override BvConcatExpr! VisitBvConcatExpr(BvConcatExpr! node)
- {
+ public override BvConcatExpr VisitBvConcatExpr(BvConcatExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<BvConcatExpr>() != null);
Push(TranslateBvConcatExpr(node));
return node;
}
- private VCExpr! TranslateBvConcatExpr(BvConcatExpr! node) {
- VCExpr! bv0 = Translate(node.E0);
- VCExpr! bv1 = Translate(node.E1);
+ private VCExpr TranslateBvConcatExpr(BvConcatExpr node){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr/*!*/ bv0 = Translate(node.E0);
+ VCExpr/*!*/ bv1 = Translate(node.E1);
return Gen.BvConcat(bv0, bv1);
}
///////////////////////////////////////////////////////////////////////////////////
// all the other cases should never happen
- public override Cmd! VisitAssertCmd(AssertCmd! node)
- {
- assert false;
- }
- public override Cmd! VisitAssignCmd(AssignCmd! node)
- {
- assert false;
- }
- public override Cmd! VisitAssumeCmd(AssumeCmd! node)
- {
- assert false;
- }
- public override AtomicRE! VisitAtomicRE(AtomicRE! node)
- {
- assert false;
- }
- public override Axiom! VisitAxiom(Axiom! node)
- {
- assert false;
- }
- public override Type! VisitBasicType(BasicType! node)
- {
- assert false;
- }
- public override Type! VisitBvType(BvType! node)
- {
- assert false;
- }
- public override Block! VisitBlock(Block! node)
- {
- assert false;
+ public override Cmd VisitAssertCmd(AssertCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitAssignCmd(AssignCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitAssumeCmd(AssumeCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override AtomicRE VisitAtomicRE(AtomicRE node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<AtomicRE>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Axiom VisitAxiom(Axiom node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Axiom>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Type VisitBasicType(BasicType node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Type VisitBvType(BvType node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Block VisitBlock(Block node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Block>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
CodeExprConverter codeExprConverter = null;
public void SetCodeExprConverter(CodeExprConverter f){
this.codeExprConverter = f;
}
- public override Expr! VisitCodeExpr(CodeExpr! codeExpr)
+ public override Expr/*!*/ VisitCodeExpr(CodeExpr/*!*/ codeExpr)
{
- assume codeExprConverter != null;
+ Contract.Requires(codeExpr != null);
+ Contract.Ensures(Contract.Result<Expr>() != null);
+
+ Contract.Assume(codeExprConverter != null);
Hashtable/*<Block, LetVariable!>*/ blockVariables = new Hashtable/*<Block, LetVariable!!>*/();
- List<VCExprLetBinding!> bindings = new List<VCExprLetBinding!>();
+ List<VCExprLetBinding/*!*/> bindings = new List<VCExprLetBinding/*!*/>();
VCExpr e = codeExprConverter(codeExpr, blockVariables, bindings);
Push(e);
return codeExpr;
}
- public override BlockSeq! VisitBlockSeq(BlockSeq! blockSeq)
- {
- assert false;
- }
- public override List<Block!>! VisitBlockList(List<Block!>! blocks)
- {
- assert false;
- }
- public override BoundVariable! VisitBoundVariable(BoundVariable! node)
- {
- assert false;
- }
- public override Cmd! VisitCallCmd(CallCmd! node)
- {
- assert false;
- }
- public override Cmd! VisitCallForallCmd(CallForallCmd! node)
- {
- assert false;
- }
- public override CmdSeq! VisitCmdSeq(CmdSeq! cmdSeq)
- {
- assert false;
- }
- public override Choice! VisitChoice(Choice! node)
- {
- assert false;
- }
- public override Cmd! VisitCommentCmd(CommentCmd! node)
- {
- assert false;
- }
- public override Constant! VisitConstant(Constant! node)
- {
- assert false;
- }
- public override CtorType! VisitCtorType(CtorType! node)
- {
- assert false;
- }
- public override Declaration! VisitDeclaration(Declaration! node)
- {
- assert false;
- }
- public override List<Declaration!>! VisitDeclarationList(List<Declaration!>! declarationList)
- {
- assert false;
- }
- public override DeclWithFormals! VisitDeclWithFormals(DeclWithFormals! node)
- {
- assert false;
- }
- public override Requires! VisitRequires(Requires! @requires)
- {
- assert false;
- }
- public override RequiresSeq! VisitRequiresSeq(RequiresSeq! requiresSeq)
- {
- assert false;
- }
- public override Ensures! VisitEnsures(Ensures! @ensures)
- {
- assert false;
- }
- public override EnsuresSeq! VisitEnsuresSeq(EnsuresSeq! ensuresSeq)
- {
- assert false;
- }
- public override Formal! VisitFormal(Formal! node)
- {
- assert false;
- }
- public override Function! VisitFunction(Function! node)
- {
- assert false;
- }
- public override GlobalVariable! VisitGlobalVariable(GlobalVariable! node)
- {
- assert false;
- }
- public override GotoCmd! VisitGotoCmd(GotoCmd! node)
- {
- assert false;
- }
- public override Cmd! VisitHavocCmd(HavocCmd! node)
- {
- assert false;
- }
- public override Implementation! VisitImplementation(Implementation! node)
- {
- assert false;
- }
- public override LocalVariable! VisitLocalVariable(LocalVariable! node)
- {
- assert false;
- }
- public override AssignLhs! VisitMapAssignLhs(MapAssignLhs! node)
- {
- assert false;
- }
- public override MapType! VisitMapType(MapType! node)
- {
- assert false;
- }
- public override Procedure! VisitProcedure(Procedure! node)
- {
- assert false;
- }
- public override Program! VisitProgram(Program! node)
- {
- assert false;
- }
- public override Cmd! VisitRE(RE! node)
- {
- assert false;
- }
- public override RESeq! VisitRESeq(RESeq! reSeq)
- {
- assert false;
- }
- public override ReturnCmd! VisitReturnCmd(ReturnCmd! node)
- {
- assert false;
- }
- public override ReturnExprCmd! VisitReturnExprCmd(ReturnExprCmd! node)
- {
- assert false;
- }
- public override Sequential! VisitSequential(Sequential! node)
- {
- assert false;
- }
- public override AssignLhs! VisitSimpleAssignLhs(SimpleAssignLhs! node)
- {
- assert false;
- }
- public override Cmd! VisitStateCmd(StateCmd! node)
- {
- assert false;
- }
- public override TransferCmd! VisitTransferCmd(TransferCmd! node)
- {
- assert false;
- }
- public override Trigger! VisitTrigger(Trigger! node)
- {
- assert false;
- }
- public override Type! VisitType(Type! node)
- {
- assert false;
- }
- public override TypedIdent! VisitTypedIdent(TypedIdent! node)
- {
- assert false;
- }
- public override Type! VisitTypeSynonymAnnotation(TypeSynonymAnnotation! node)
- {
- assert false;
- }
- public override Type! VisitTypeVariable(TypeVariable! node)
- {
- assert false;
- }
- public override Variable! VisitVariable(Variable! node)
- {
- assert false;
- }
- public override VariableSeq! VisitVariableSeq(VariableSeq! variableSeq)
- {
- assert false;
- }
- public override Cmd! VisitAssertEnsuresCmd(AssertEnsuresCmd! node)
- {
- assert false;
- }
- public override Cmd! VisitAssertRequiresCmd(AssertRequiresCmd! node)
- {
- assert false;
+ public override BlockSeq VisitBlockSeq(BlockSeq blockSeq) {
+ Contract.Requires(blockSeq != null);
+ Contract.Ensures(Contract.Result<BlockSeq>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override List<Block/*!*/>/*!*/ VisitBlockList(List<Block/*!*/>/*!*/ blocks) {
+ Contract.Requires(cce.NonNullElements(blocks));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Block>>()));
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override BoundVariable VisitBoundVariable(BoundVariable node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<BoundVariable>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitCallCmd(CallCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitCallForallCmd(CallForallCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override CmdSeq VisitCmdSeq(CmdSeq cmdSeq) {
+ Contract.Requires(cmdSeq != null);
+ Contract.Ensures(Contract.Result<CmdSeq>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Choice VisitChoice(Choice node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Choice>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitCommentCmd(CommentCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Constant VisitConstant(Constant node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Constant>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override CtorType VisitCtorType(CtorType node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<CtorType>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Declaration VisitDeclaration(Declaration node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Declaration>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override List<Declaration/*!*/>/*!*/ VisitDeclarationList(List<Declaration/*!*/>/*!*/ declarationList) {
+ Contract.Requires(cce.NonNullElements(declarationList));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Declaration>>()));
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override DeclWithFormals VisitDeclWithFormals(DeclWithFormals node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<DeclWithFormals>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Requires VisitRequires(Requires @requires) {
+ Contract.Requires(@requires != null);
+ Contract.Ensures(Contract.Result<Requires>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override RequiresSeq VisitRequiresSeq(RequiresSeq requiresSeq) {
+ Contract.Requires(requiresSeq != null);
+ Contract.Ensures(Contract.Result<RequiresSeq>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Ensures VisitEnsures(Ensures @ensures) {
+ Contract.Requires(@ensures != null);
+ Contract.Ensures(Contract.Result<Ensures>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override EnsuresSeq VisitEnsuresSeq(EnsuresSeq ensuresSeq) {
+ Contract.Requires(ensuresSeq != null);
+ Contract.Ensures(Contract.Result<EnsuresSeq>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Formal VisitFormal(Formal node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Formal>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Function VisitFunction(Function node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override GlobalVariable VisitGlobalVariable(GlobalVariable node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<GlobalVariable>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override GotoCmd VisitGotoCmd(GotoCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<GotoCmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitHavocCmd(HavocCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Implementation VisitImplementation(Implementation node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Implementation>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override LocalVariable VisitLocalVariable(LocalVariable node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<LocalVariable>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override AssignLhs VisitMapAssignLhs(MapAssignLhs node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<AssignLhs>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override MapType VisitMapType(MapType node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<MapType>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Procedure VisitProcedure(Procedure node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Procedure>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Program VisitProgram(Program node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Program>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitRE(RE node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override RESeq VisitRESeq(RESeq reSeq) {
+ Contract.Requires(reSeq != null);
+ Contract.Ensures(Contract.Result<RESeq>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override ReturnCmd VisitReturnCmd(ReturnCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<ReturnCmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override ReturnExprCmd VisitReturnExprCmd(ReturnExprCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<ReturnExprCmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Sequential VisitSequential(Sequential node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Sequential>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override AssignLhs VisitSimpleAssignLhs(SimpleAssignLhs node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<AssignLhs>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitStateCmd(StateCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override TransferCmd VisitTransferCmd(TransferCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<TransferCmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Trigger VisitTrigger(Trigger node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Trigger>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Type VisitType(Type node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override TypedIdent VisitTypedIdent(TypedIdent node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<TypedIdent>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Type VisitTypeSynonymAnnotation(TypeSynonymAnnotation node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Type VisitTypeVariable(TypeVariable node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Variable VisitVariable(Variable node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Variable>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override VariableSeq VisitVariableSeq(VariableSeq variableSeq) {
+ Contract.Requires(variableSeq != null);
+ Contract.Ensures(Contract.Result<VariableSeq>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitAssertEnsuresCmd(AssertEnsuresCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ public override Cmd VisitAssertRequiresCmd(AssertRequiresCmd node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<Cmd>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
}
@@ -679,33 +882,58 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////
- public class IAppliableTranslator : IAppliableVisitor<VCExpr!> {
+ public class IAppliableTranslator : IAppliableVisitor<VCExpr/*!*/> {
+
+ private readonly Boogie2VCExprTranslator/*!*/ BaseTranslator;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(BaseTranslator != null);
+ }
- private readonly Boogie2VCExprTranslator! BaseTranslator;
- private VCExpressionGenerator! Gen { get {
- return BaseTranslator.Gen;
- } }
- private VCGenerationOptions! GenerationOptions { get {
- return BaseTranslator.GenerationOptions;
- } }
+ private VCExpressionGenerator/*!*/ Gen {
+ get {
+ Contract.Ensures(Contract.Result<VCExpressionGenerator>() != null);
- public IAppliableTranslator(Boogie2VCExprTranslator! baseTranslator) {
+ return BaseTranslator.Gen;
+ }
+ }
+ private VCGenerationOptions GenerationOptions {
+ get {
+ Contract.Ensures(Contract.Result<VCGenerationOptions>() != null);
+
+ return BaseTranslator.GenerationOptions;
+ }
+ }
+
+ public IAppliableTranslator(Boogie2VCExprTranslator baseTranslator) {
+ Contract.Requires(baseTranslator != null);
this.BaseTranslator = baseTranslator;
}
///////////////////////////////////////////////////////////////////////////////
- private List<VCExpr!>! args = new List<VCExpr!>();
- private List<Type!>! typeArgs = new List<Type!>();
+ private List<VCExpr/*!*/>/*!*/ args = new List<VCExpr/*!*/>();
+ private List<Type/*!*/>/*!*/ typeArgs = new List<Type/*!*/>();
+ [ContractInvariantMethod]
+ void ObjectInvarianet() {
+ Contract.Invariant(args != null);
+ Contract.Invariant(typeArgs != null);
+ }
+
- public VCExpr! Translate(IAppliable! app, Type! ty, List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public VCExpr Translate(IAppliable app, Type ty, List<VCExpr/*!*/>/*!*/ args, List<Type/*!*/>/*!*/ typeArgs){
+Contract.Requires(ty != null);
+Contract.Requires(app != null);
+Contract.Requires(cce.NonNullElements(typeArgs));
+Contract.Requires(cce.NonNullElements(args));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
- List<VCExpr!>! oldArgs = this.args;
- List<Type!>! oldTypeArgs = this.typeArgs;
+ List<VCExpr/*!*/>/*!*/ oldArgs = this.args;
+ List<Type/*!*/>/*!*/ oldTypeArgs = this.typeArgs;
this.args = args;
this.typeArgs = typeArgs;
- VCExpr! result = app.Dispatch<VCExpr!>(this);
+ VCExpr/*!*/ result = app.Dispatch<VCExpr/*!*/>(this);
this.args = oldArgs;
this.typeArgs = oldTypeArgs;
return result;
@@ -714,41 +942,58 @@ namespace Microsoft.Boogie.VCExprAST ///////////////////////////////////////////////////////////////////////////////
-
- public VCExpr! Visit(UnaryOperator! unaryOperator) {
- assert unaryOperator.Op == UnaryOperator.Opcode.Not && this.args.Count == 1;
+
+ public VCExpr Visit(UnaryOperator unaryOperator) {
+ Contract.Requires(unaryOperator != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Contract.Assert(unaryOperator.Op == UnaryOperator.Opcode.Not && this.args.Count == 1);
return Gen.Not(this.args);
}
- public VCExpr! Visit(BinaryOperator! binaryOperator) {
+ public VCExpr Visit(BinaryOperator binaryOperator) {
+ Contract.Requires(binaryOperator != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return TranslateBinaryOperator(binaryOperator, this.args);
}
-
- public VCExpr! Visit(FunctionCall! functionCall) {
+
+ public VCExpr Visit(FunctionCall functionCall) {
+ Contract.Requires(functionCall != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return TranslateFunctionCall(functionCall, this.args, this.typeArgs);
}
-
- public VCExpr! Visit(MapSelect! mapSelect) {
+
+ public VCExpr Visit(MapSelect mapSelect) {
+ Contract.Requires(mapSelect != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Gen.Select(this.args, this.typeArgs);
}
-
- public VCExpr! Visit(MapStore! mapStore) {
+
+ public VCExpr Visit(MapStore mapStore) {
+ Contract.Requires(mapStore != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Gen.Store(this.args, this.typeArgs);
}
-
- public VCExpr! Visit(TypeCoercion! typeCoercion) {
- assert this.args.Count == 1;
+
+ public VCExpr Visit(TypeCoercion typeCoercion) {
+ Contract.Requires(typeCoercion != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Contract.Assert(this.args.Count == 1);
return this.args[0];
}
- public VCExpr! Visit(IfThenElse! ite) {
+ public VCExpr Visit(IfThenElse ite) {
+ Contract.Requires(ite != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Gen.Function(VCExpressionGenerator.IfThenElseOp, this.args);
}
///////////////////////////////////////////////////////////////////////////////
- private VCExpr! TranslateBinaryOperator(BinaryOperator! app, List<VCExpr!>! args) {
- assert args.Count == 2;
+ private VCExpr TranslateBinaryOperator(BinaryOperator app, List<VCExpr/*!*/>/*!*/ args) {
+ Contract.Requires(app != null);
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Contract.Assert(args.Count == 2);
switch (app.Op) {
case BinaryOperator.Opcode.Add:
@@ -784,27 +1029,33 @@ namespace Microsoft.Boogie.VCExprAST case BinaryOperator.Opcode.Subtype:
return Gen.Function(VCExpressionGenerator.SubtypeOp, args);
default:
- assert false; // unexpected binary operator
+ Contract.Assert(false);
+ throw new cce.UnreachableException(); // unexpected binary operator
}
}
///////////////////////////////////////////////////////////////////////////////
- private VCExpr! TranslateFunctionCall(FunctionCall! app,
- List<VCExpr!>! args, List<Type!>! typeArgs) {
- assert app.Func != null; // resolution must have happened
+ private VCExpr/*!*/ TranslateFunctionCall(FunctionCall app, List<VCExpr/*!*/>/*!*/ args, List<Type/*!*/>/*!*/ typeArgs){
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Requires(cce.NonNullElements(typeArgs));
+Contract.Requires(app != null);
+ Contract.Requires((app.Func != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null); // resolution must have happened
VCExpr res = ApplyExpansion(app, args, typeArgs);
if (res != null)
return res;
- VCExprOp! functionOp = Gen.BoogieFunctionOp(app.Func);
+ VCExprOp/*!*/ functionOp = Gen.BoogieFunctionOp(app.Func);
return Gen.Function(functionOp, args, typeArgs);
}
- private VCExpr ApplyExpansion(FunctionCall! app,
- List<VCExpr!>! args, List<Type!>! typeArgs) {
- assert app.Func != null; // resolution must have happened
+ private VCExpr ApplyExpansion(FunctionCall app, List<VCExpr/*!*/>/*!*/ args, List<Type/*!*/>/*!*/ typeArgs){
+Contract.Requires(app != null);
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Assert(app.Func != null); // resolution must have happened
if (app.Func.doingExpansion) {
System.Console.WriteLine("*** detected expansion loop on {0}", app.Func);
@@ -815,8 +1066,8 @@ namespace Microsoft.Boogie.VCExprAST if (exp == null)
return null;
- VCExpr! translatedBody;
- VCExprSubstitution! subst = new VCExprSubstitution();
+ VCExpr/*!*/ translatedBody;
+ VCExprSubstitution/*!*/ subst = new VCExprSubstitution();
try {
BaseTranslator.PushFormalsScope();
BaseTranslator.PushBoundVariableScope();
@@ -825,7 +1076,7 @@ namespace Microsoft.Boogie.VCExprAST // first bind the formals to VCExpr variables, which are later
// substituted with the actual parameters
for (int i = 0; i < exp.formals.Length; ++i)
- subst[BaseTranslator.BindVariable((!)exp.formals[i])] = args[i];
+ subst[BaseTranslator.BindVariable(cce.NonNull(exp.formals)[i])] = args[i];
// recursively translate the body of the expansion
translatedBody = BaseTranslator.Translate(exp.body);
@@ -836,19 +1087,21 @@ namespace Microsoft.Boogie.VCExprAST }
// substitute the formals with the actual parameters in the body
- assert typeArgs.Count == exp.TypeParameters.Length;
+ Contract.Assert(typeArgs.Count == exp.TypeParameters.Length);
for (int i = 0; i < typeArgs.Count; ++i)
subst[exp.TypeParameters[i]] = typeArgs[i];
- SubstitutingVCExprVisitor! substituter = new SubstitutingVCExprVisitor (Gen);
+ SubstitutingVCExprVisitor/*!*/ substituter = new SubstitutingVCExprVisitor(Gen);
return substituter.Mutate(translatedBody, subst);
}
- private Expansion? FindExpansion(Function! func)
- {
- if (func.expansions == null) return null;
+ private Expansion FindExpansion(Function func) {
+ Contract.Requires(func != null);
+ if (func.expansions == null)
+ return null;
- Expansion? exp = null;
- foreach (Expansion! e in func.expansions) {
+ Expansion exp = null;
+ foreach (Expansion e in func.expansions) {
+ Contract.Assert(e != null);
if (e.ignore == null || !GenerationOptions.IsAnyProverCommandSupported(e.ignore)) {
if (exp == null) {
exp = e;
diff --git a/Source/VCExpr/Clustering.cs b/Source/VCExpr/Clustering.cs index 3b256121..ae22fa7f 100644 --- a/Source/VCExpr/Clustering.cs +++ b/Source/VCExpr/Clustering.cs @@ -8,50 +8,61 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
using Microsoft.Boogie.VCExprAST;
// Code for managing and clusterings sets of terms; this is used to
// compress the input given to the theorem prover
-namespace Microsoft.Boogie.Clustering
-{
+namespace Microsoft.Boogie.Clustering {
using Microsoft.Boogie.VCExprAST;
public class SubtermCollector : BoundVarTraversingVCExprVisitor<bool, bool> {
-
- private readonly VCExpressionGenerator! Gen;
- public SubtermCollector(VCExpressionGenerator! gen) {
+ private readonly VCExpressionGenerator/*!*/ Gen;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Gen != null);
+ Contract.Invariant(cce.NonNullElements(GlobalVariables));
+ Contract.Invariant(cce.NonNullElements(SubtermClusters));
+ }
+
+
+ public SubtermCollector(VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
Gen = gen;
}
// variables that are global and treated like constants
- private readonly IDictionary<VCExprVar!, VCExprVar!>! GlobalVariables =
- new Dictionary<VCExprVar!, VCExprVar!> ();
+ private readonly IDictionary<VCExprVar/*!*/, VCExprVar/*!*/> GlobalVariables = new Dictionary<VCExprVar/*!*/, VCExprVar/*!*/>();
- private readonly IDictionary<VCExprOp!, TermClustersSameHead!>! SubtermClusters =
- new Dictionary<VCExprOp!, TermClustersSameHead!> ();
+ private readonly IDictionary<VCExprOp/*!*/, TermClustersSameHead/*!*/> SubtermClusters =
+ new Dictionary<VCExprOp/*!*/, TermClustersSameHead/*!*/>();
public void UnifyClusters() {
- foreach (KeyValuePair<VCExprOp!, TermClustersSameHead!> pair
- in SubtermClusters)
+ foreach (KeyValuePair<VCExprOp/*!*/, TermClustersSameHead/*!*/> pair
+ in SubtermClusters) {
+ Contract.Assert(cce.NonNullElements(pair));
pair.Value.UnifyClusters();
+ }
}
////////////////////////////////////////////////////////////////////////////
- protected override bool StandardResult(VCExpr! node, bool arg) {
+ protected override bool StandardResult(VCExpr node, bool arg) {
+ Contract.Requires(node != null);
return false; // by default, do not collect terms containing node
}
- public override bool Visit(VCExprLiteral! node, bool arg) {
+ public override bool Visit(VCExprLiteral node, bool arg) {
+ Contract.Requires(node != null);
return true;
}
- public override bool Visit(VCExprNAry! node, bool arg) {
+ public override bool Visit(VCExprNAry node, bool arg) {
+ Contract.Requires(node != null);
VCExprBoogieFunctionOp op = node.Op as VCExprBoogieFunctionOp;
if (op == null) {
base.Visit(node, arg);
@@ -59,8 +70,10 @@ namespace Microsoft.Boogie.Clustering }
bool res = true;
- foreach (VCExpr! subexpr in node)
+ foreach (VCExpr subexpr in node) {
+ Contract.Assert(subexpr != null);
res &= this.Traverse(subexpr, arg);
+ }
if (res) {
TermClustersSameHead clusters;
@@ -68,25 +81,28 @@ namespace Microsoft.Boogie.Clustering clusters = new TermClustersSameHead(op, GlobalVariables, Gen);
SubtermClusters.Add(op, clusters);
}
- ((!)clusters).AddExpr(node);
+ cce.NonNull(clusters).AddExpr(node);
}
return res;
}
- public override bool Visit(VCExprVar! node, bool arg) {
+ public override bool Visit(VCExprVar node, bool arg) {
+ Contract.Requires(node != null);
if (!BoundTermVars.Contains(node))
GlobalVariables[node] = node;
return true;
}
[Pure]
- public override string! ToString()
- {
- string! res = "";
- foreach (KeyValuePair<VCExprOp!, TermClustersSameHead!> pair
- in SubtermClusters)
+ public override string ToString() {
+ Contract.Ensures(Contract.Result<string>() != null);
+ string/*!*/ res = "";
+ foreach (KeyValuePair<VCExprOp/*!*/, TermClustersSameHead/*!*/> pair
+ in SubtermClusters) {
+ Contract.Assert(cce.NonNullElements(pair));
res = res + pair.Value + "\n";
+ }
return res;
}
}
@@ -97,34 +113,45 @@ namespace Microsoft.Boogie.Clustering // with the same function symbol
internal class TermClustersSameHead {
- public readonly VCExprOp! Op;
- private readonly VCExpressionGenerator! Gen;
-
- public TermClustersSameHead(VCExprOp! op,
- IDictionary<VCExprVar!, VCExprVar!>! globalVars,
- VCExpressionGenerator! gen) {
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Op != null);
+ Contract.Invariant(Gen != null);
+ Contract.Invariant(cce.NonNullElements(GlobalVariables));
+ }
+ // variables that are global and treated like constants
+ private readonly IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ GlobalVariables;
+ public readonly VCExprOp/*!*/ Op;
+ private readonly VCExpressionGenerator/*!*/ Gen;
+
+ public TermClustersSameHead(VCExprOp op, IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars, VCExpressionGenerator/*!*/ gen) {
+ Contract.Requires(cce.NonNullElements(globalVars));
+ Contract.Requires(gen != null);
+ Contract.Requires(op != null);
Op = op;
GlobalVariables = globalVars;
Gen = gen;
}
- // variables that are global and treated like constants
- private readonly IDictionary<VCExprVar!, VCExprVar!>! GlobalVariables;
-
- private readonly List<Cluster>! Clusters = new List<Cluster> ();
+ private readonly List<Cluster>/*!*/ Clusters = new List<Cluster>();
private struct Cluster {
- public readonly VCExprNAry! Generator;
+ public readonly VCExprNAry/*!*/ Generator;
public readonly int Size;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Generator != null);
+ }
- public Cluster(VCExprNAry! generator, int size) {
+ public Cluster(VCExprNAry generator, int size) {
+ Contract.Requires(generator != null);
Generator = generator;
Size = size;
}
}
private int Distance(Cluster a, Cluster b) {
- AntiUnificationVisitor! visitor = new AntiUnificationVisitor (Gen);
+ AntiUnificationVisitor/*!*/ visitor = new AntiUnificationVisitor(Gen);
visitor.AntiUnify(a.Generator, b.Generator);
int reprSizeA, reprSizeB;
@@ -133,29 +160,31 @@ namespace Microsoft.Boogie.Clustering }
private bool EqualUpToRenaming(Cluster a, Cluster b) {
- AntiUnificationVisitor! visitor = new AntiUnificationVisitor (Gen);
+ AntiUnificationVisitor/*!*/ visitor = new AntiUnificationVisitor(Gen);
visitor.AntiUnify(a.Generator, b.Generator);
return visitor.RepresentationIsRenaming(GlobalVariables);
}
private Cluster Merge(Cluster a, Cluster b) {
- AntiUnificationVisitor! visitor = new AntiUnificationVisitor (Gen);
- VCExpr! generator = visitor.AntiUnify(a.Generator, b.Generator);
+ AntiUnificationVisitor/*!*/ visitor = new AntiUnificationVisitor(Gen);
+ VCExpr/*!*/ generator = visitor.AntiUnify(a.Generator, b.Generator);
+ Contract.Assert(generator != null);
VCExprNAry generatorNAry = generator as VCExprNAry;
- assert generatorNAry != null && Op.Equals(generatorNAry.Op);
+ Contract.Assert(generatorNAry != null && Op.Equals(generatorNAry.Op));
return new Cluster(generatorNAry, a.Size + b.Size);
}
////////////////////////////////////////////////////////////////////////////
- public void AddExpr(VCExprNAry! expr)
- requires Op.Equals(expr.Op); {
+ public void AddExpr(VCExprNAry expr) {
+ Contract.Requires(expr != null);
+ Contract.Requires(Op.Equals(expr.Op));
- Cluster c = new Cluster (expr, 1);
+ Cluster c = new Cluster(expr, 1);
for (int i = 0; i < Clusters.Count; ++i) {
Cluster d = Clusters[i];
if (EqualUpToRenaming(c, d)) {
- Clusters[i] = new Cluster (d.Generator, d.Size + 1);
+ Clusters[i] = new Cluster(d.Generator, d.Size + 1);
return;
}
}
@@ -166,59 +195,70 @@ namespace Microsoft.Boogie.Clustering ////////////////////////////////////////////////////////////////////////////
private struct ClusteringMatrix {
-
- private readonly VCExpressionGenerator! Gen;
- private readonly IDictionary<VCExprVar!, VCExprVar!>! GlobalVariables;
- public readonly List<Cluster>! Clusters;
- public readonly bool[]! RemainingClusters;
+ private readonly VCExpressionGenerator/*!*/ Gen;
+ private readonly IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ GlobalVariables;
+
+ public readonly List<Cluster>/*!*/ Clusters;
+ public readonly bool[]/*!*/ RemainingClusters;
+
+ public readonly Distance[,]/*!*/ Distances;
+
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Gen != null);
+ Contract.Invariant(cce.NonNullElements(GlobalVariables));
+ Contract.Invariant(Clusters != null);
+ Contract.Invariant(RemainingClusters != null);
+ Contract.Invariant(Distances != null);
+ }
- public readonly Distance[,]! Distances;
public struct Distance {
public readonly int Dist;
- public readonly VCExprNAry! Generator;
+ public readonly VCExprNAry/*!*/ Generator;
- public Distance(Cluster a, Cluster b,
- IDictionary<VCExprVar!, VCExprVar!>! globalVars,
- VCExpressionGenerator! gen) {
- AntiUnificationVisitor! visitor = new AntiUnificationVisitor (gen);
+ public Distance(Cluster a, Cluster b, IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars, VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(cce.NonNullElements(globalVars));
+ AntiUnificationVisitor/*!*/ visitor = new AntiUnificationVisitor(gen);
Generator = (VCExprNAry)visitor.AntiUnify(a.Generator, b.Generator);
int reprSizeA, reprSizeB;
visitor.RepresentationSize(globalVars, out reprSizeA, out reprSizeB);
- Dist = (a.Size - 1) * reprSizeA + (b.Size - 1) * reprSizeB; + Dist = (a.Size - 1) * reprSizeA + (b.Size - 1) * reprSizeB;
}
}
- public ClusteringMatrix(List<Cluster>! clusters,
- IDictionary<VCExprVar!, VCExprVar!>! globalVars,
- VCExpressionGenerator! gen) {
- List<Cluster>! c = new List<Cluster> ();
+ public ClusteringMatrix(List<Cluster> clusters, IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars, VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(clusters != null);
+ Contract.Requires(cce.NonNullElements(globalVars));
+ List<Cluster> c = new List<Cluster>();
c.AddRange(clusters);
Clusters = c;
GlobalVariables = globalVars;
Gen = gen;
- bool[] remaining = new bool [clusters.Count];
+ bool[] remaining = new bool[clusters.Count];
RemainingClusters = remaining;
for (int i = 0; i < remaining.Length; ++i)
remaining[i] = true;
- Distance[,]! distances = new Distance [clusters.Count, clusters.Count];
+ Distance[,]/*!*/ distances = new Distance[clusters.Count, clusters.Count];
Distances = distances;
for (int i = 1; i < clusters.Count; ++i)
for (int j = 0; j < i; ++j)
distances[i, j] =
- new Distance (clusters[i], clusters[j], GlobalVariables, Gen);
+ new Distance(clusters[i], clusters[j], GlobalVariables, Gen);
}
-
+
public void UnifyClusters(int maxDist) {
while (true) {
int i, j;
int minDist = FindMinDistance(out i, out j);
-
+
if (minDist > maxDist)
return;
@@ -226,7 +266,8 @@ namespace Microsoft.Boogie.Clustering }
}
- public void ResultingClusters(List<Cluster>! clusters) {
+ public void ResultingClusters(List<Cluster> clusters) {
+ Contract.Requires(clusters != null);
clusters.Clear();
for (int i = 0; i < Clusters.Count; ++i)
if (RemainingClusters[i])
@@ -239,12 +280,12 @@ namespace Microsoft.Boogie.Clustering for (int j = 0; j < i; ++j) {
if (RemainingClusters[j])
Distances[i, j] =
- new Distance (Clusters[i], Clusters[j], GlobalVariables, Gen);
+ new Distance(Clusters[i], Clusters[j], GlobalVariables, Gen);
}
for (int j = i + 1; j < Clusters.Count; ++j) {
if (RemainingClusters[j])
Distances[j, i] =
- new Distance (Clusters[j], Clusters[i], GlobalVariables, Gen);
+ new Distance(Clusters[j], Clusters[i], GlobalVariables, Gen);
}
}
@@ -265,14 +306,13 @@ namespace Microsoft.Boogie.Clustering }
}
- assert c0 == -1 && c1 == -1 || c0 > c1 && c1 >= 0;
+ Contract.Assert(c0 == -1 && c1 == -1 || c0 > c1 && c1 >= 0);
return minDist;
}
- private void MergeClusters(int i, int j)
- requires j >= 0 && i > j &&
- RemainingClusters[i] && RemainingClusters[j]; {
- Clusters[i] = new Cluster (Distances[i, j].Generator,
+ private void MergeClusters(int i, int j) {
+ Contract.Requires(j >= 0 && i > j && RemainingClusters[i] && RemainingClusters[j]);
+ Clusters[i] = new Cluster(Distances[i, j].Generator,
Clusters[i].Size + Clusters[j].Size);
RemainingClusters[j] = false;
Update(i);
@@ -283,43 +323,61 @@ namespace Microsoft.Boogie.Clustering public void UnifyClusters() {
ClusteringMatrix matrix =
- new ClusteringMatrix (Clusters, GlobalVariables, Gen);
+ new ClusteringMatrix(Clusters, GlobalVariables, Gen);
matrix.UnifyClusters(50);
matrix.ResultingClusters(Clusters);
}
[Pure]
- public override string! ToString()
- {
- string! res = "";
+ public override string ToString() {
+ Contract.Ensures(Contract.Result<string>() != null);
+ string/*!*/ res = "";
foreach (Cluster c in Clusters)
res = res + c.Generator + "\t" + c.Size + "\n";
return res;
- }
+ }
}
//////////////////////////////////////////////////////////////////////////////
- internal class AntiUnificationVisitor : TraversingVCExprVisitor<VCExpr!, VCExpr!> {
+ internal class AntiUnificationVisitor : TraversingVCExprVisitor<VCExpr/*!*/, VCExpr/*!*/> {
+
+ private readonly VCExpressionGenerator/*!*/ Gen;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Gen != null);
+ Contract.Invariant(cce.NonNullElements(Representation));
+ }
- private readonly VCExpressionGenerator! Gen;
- public AntiUnificationVisitor(VCExpressionGenerator! gen) {
+ public AntiUnificationVisitor(VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
Gen = gen;
}
// Sub-expressions in the first and second expression to be
// anti-unified that are replaced with variables
- private readonly IDictionary<ExprPair, VCExprVar!>! Representation =
- new Dictionary<ExprPair, VCExprVar!> ();
+ private readonly IDictionary<ExprPair, VCExprVar/*!*/>/*!*/ Representation =
+ new Dictionary<ExprPair, VCExprVar/*!*/>();
+
+
private struct ExprPair {
- public readonly VCExpr! Expr0, Expr1;
- public ExprPair(VCExpr! expr0, VCExpr! expr1) {
+ public readonly VCExpr/*!*/ Expr0, Expr1;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Expr0 != null);
+ Contract.Invariant(Expr1 != null);
+ }
+
+ public ExprPair(VCExpr expr0, VCExpr expr1) {
+ Contract.Requires(expr1 != null);
+ Contract.Requires(expr0 != null);
Expr0 = expr0;
Expr1 = expr1;
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (that is ExprPair) {
ExprPair thatPair = (ExprPair)that;
@@ -331,36 +389,30 @@ namespace Microsoft.Boogie.Clustering [Pure]
public override int GetHashCode() {
return Expr0.GetHashCode() + Expr1.GetHashCode() * 13;
- }
+ }
}
public void Reset() {
- Representation.Clear ();
+ Representation.Clear();
}
- public bool RepresentationIsRenaming(IDictionary<VCExprVar!, VCExprVar!>! globalVars) {
- if (!forall{KeyValuePair<ExprPair, VCExprVar!> pair in Representation;
- pair.Key.Expr0 is VCExprVar &&
- pair.Key.Expr1 is VCExprVar &&
- !globalVars.ContainsKey((VCExprVar!)pair.Key.Expr0) &&
- !globalVars.ContainsKey((VCExprVar!)pair.Key.Expr1)})
+ public bool RepresentationIsRenaming(IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars) {
+ Contract.Requires(cce.NonNullElements(globalVars));
+ if (!Contract.ForAll(Representation, pair => pair.Key.Expr0 is VCExprVar && pair.Key.Expr1 is VCExprVar && !globalVars.ContainsKey(cce.NonNull((VCExprVar)pair.Key.Expr0)) && !globalVars.ContainsKey(cce.NonNull((VCExprVar/*!*/)pair.Key.Expr1))))
return false;
// check that all substituted variables are distinct
// TODO: optimise
return
- forall{KeyValuePair<ExprPair, VCExprVar!> pair1 in Representation;
- forall{KeyValuePair<ExprPair, VCExprVar!> pair2 in Representation;
- pair1.Value.Equals(pair2.Value) || !pair1.Key.Expr0.Equals(pair2.Key.Expr0)
- && !pair1.Key.Expr1.Equals(pair2.Key.Expr1)
- }};
+ Contract.ForAll(Representation, pair1 => Contract.ForAll(Representation, pair2 => pair1.Value.Equals(pair2.Value) || !pair1.Key.Expr0.Equals(pair2.Key.Expr0) && !pair1.Key.Expr1.Equals(pair2.Key.Expr1)));
}
- public void RepresentationSize(IDictionary<VCExprVar!, VCExprVar!>! globalVars,
- out int expr0Size, out int expr1Size) {
- ReprSizeComputingVisitor! size0Visitor = new ReprSizeComputingVisitor ();
- ReprSizeComputingVisitor! size1Visitor = new ReprSizeComputingVisitor ();
+ public void RepresentationSize(IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars, out int expr0Size, out int expr1Size) {
+ Contract.Requires(cce.NonNullElements(globalVars));
+ ReprSizeComputingVisitor/*!*/ size0Visitor = new ReprSizeComputingVisitor();
+ ReprSizeComputingVisitor/*!*/ size1Visitor = new ReprSizeComputingVisitor();
- foreach (KeyValuePair<ExprPair, VCExprVar!> pair in Representation) {
+ foreach (KeyValuePair<ExprPair, VCExprVar/*!*/> pair in Representation) {
+ Contract.Assert(cce.NonNullElements(pair));
size0Visitor.ComputeSize(pair.Key.Expr0, globalVars);
size1Visitor.ComputeSize(pair.Key.Expr1, globalVars);
}
@@ -369,58 +421,76 @@ namespace Microsoft.Boogie.Clustering expr1Size = size1Visitor.Size;
}
- public VCExpr! AntiUnify(VCExpr! s, VCExpr! t)
- requires s.Type.Equals(t.Type); {
+ public VCExpr AntiUnify(VCExpr s, VCExpr t) {
+ Contract.Requires(t != null);
+ Contract.Requires(s != null);
+ Contract.Requires((s.Type.Equals(t.Type)));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return Traverse(s, t);
}
////////////////////////////////////////////////////////////////////////////
- private VCExprVar! AbstractWithVariable(VCExpr! s, VCExpr! t)
- requires s.Type.Equals(t.Type); {
+ private VCExprVar AbstractWithVariable(VCExpr s, VCExpr t) {
+ Contract.Requires(t != null);
+ Contract.Requires(s != null);
+ Contract.Requires((s.Type.Equals(t.Type)));
+Contract.Ensures(Contract.Result<VCExprVar>() != null);
- ExprPair pair = new ExprPair (s, t);
+ ExprPair pair = new ExprPair(s, t);
VCExprVar repr;
if (!Representation.TryGetValue(pair, out repr)) {
repr = Gen.Variable("abs" + Representation.Count, s.Type);
Representation.Add(pair, repr);
}
- return (!)repr;
+ return cce.NonNull(repr);
}
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprLiteral! node, VCExpr! that) {
+ public override VCExpr Visit(VCExprLiteral node, VCExpr that) {
+ Contract.Requires(that != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (node.Equals(that))
return node;
return AbstractWithVariable(node, that);
}
- public override VCExpr! Visit(VCExprNAry! node, VCExpr! that) {
+ public override VCExpr Visit(VCExprNAry node, VCExpr that) {
+ Contract.Requires(that != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
VCExprNAry thatNAry = that as VCExprNAry;
if (thatNAry != null && node.Op.Equals(thatNAry.Op)) {
// type parameters should already have been eliminated at this
// stage
- assert node.TypeParamArity == 0 && thatNAry.TypeParamArity == 0 &&
- node.Arity == thatNAry.Arity;
-
- List<VCExpr!>! unifiedArgs = new List<VCExpr!> ();
+ Contract.Assert(node.TypeParamArity == 0 && thatNAry.TypeParamArity == 0 && node.Arity == thatNAry.Arity);
+
+ List<VCExpr/*!*/>/*!*/ unifiedArgs = new List<VCExpr/*!*/>();
for (int i = 0; i < node.Arity; ++i)
unifiedArgs.Add(Traverse(node[i], thatNAry[i]));
-
+
return Gen.Function(node.Op, unifiedArgs);
}
return AbstractWithVariable(node, that);
}
- public override VCExpr! Visit(VCExprVar! node, VCExpr! that) {
+ public override VCExpr Visit(VCExprVar node, VCExpr that) {
+ Contract.Requires(that != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (node.Equals(that))
return node;
return AbstractWithVariable(node, that);
}
- protected override VCExpr! StandardResult(VCExpr! node, VCExpr! that) {
- assert false; // not handled here
+ protected override VCExpr StandardResult(VCExpr node, VCExpr that) {
+ Contract.Requires(that != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Contract.Assert(false);
+ throw new cce.UnreachableException(); // not handled here
}
}
@@ -428,22 +498,24 @@ namespace Microsoft.Boogie.Clustering internal class ReprSizeComputingVisitor
: TraversingVCExprVisitor<bool,
- // variables considered as global constants
- IDictionary<VCExprVar!, VCExprVar!>!> {
+ // variables considered as global constants
+ IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/> {
public int Size = 0;
- public void ComputeSize(VCExpr! expr,
- IDictionary<VCExprVar!, VCExprVar!>! globalVars) {
+ public void ComputeSize(VCExpr expr, IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars) {
+ Contract.Requires(expr != null);
+ Contract.Requires(cce.NonNullElements(globalVars));
Traverse(expr, globalVars);
}
-
- protected override bool StandardResult(VCExpr! node,
- IDictionary<VCExprVar!, VCExprVar!>! globalVars) {
+
+ protected override bool StandardResult(VCExpr node, IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ globalVars) {
+ Contract.Requires(node != null);
+ Contract.Requires(cce.NonNullElements(globalVars));
VCExprVar nodeAsVar = node as VCExprVar;
if (nodeAsVar == null || globalVars.ContainsKey(nodeAsVar))
Size = Size + 1;
- return true; + return true;
}
}
}
\ No newline at end of file diff --git a/Source/VCExpr/LetBindingSorter.cs b/Source/VCExpr/LetBindingSorter.cs index 96eb0af2..97d71e27 100644 --- a/Source/VCExpr/LetBindingSorter.cs +++ b/Source/VCExpr/LetBindingSorter.cs @@ -8,124 +8,149 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// Sort the bindings in a let-expression so that terms bound earlier do
// not contain variables bound later
-namespace Microsoft.Boogie.VCExprAST
-{
+namespace Microsoft.Boogie.VCExprAST {
// (argument is not used)
public class LetBindingSorter : MutatingVCExprVisitor<bool> {
- private readonly FreeVariableCollector! FreeVarCollector =
- new FreeVariableCollector ();
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(FreeVarCollector != null);
+ }
+
+ private readonly FreeVariableCollector/*!*/ FreeVarCollector =
+ new FreeVariableCollector();
- private List<VCExprVar!>! FreeVarsIn(VCExpr! expr) {
+ private List<VCExprVar/*!*/>/*!*/ FreeVarsIn(VCExpr expr) {
+ Contract.Requires(expr != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
FreeVarCollector.Collect(expr);
- List<VCExprVar!>! freeVars = new List<VCExprVar!> (FreeVarCollector.FreeTermVars.Keys);
+ List<VCExprVar/*!*/>/*!*/ freeVars = new List<VCExprVar/*!*/>(FreeVarCollector.FreeTermVars.Keys);
FreeVarCollector.Reset();
return freeVars;
}
- public LetBindingSorter(VCExpressionGenerator! gen) {
- base(gen);
+ public LetBindingSorter(VCExpressionGenerator gen):base(gen) {
+ Contract.Requires(gen != null);
+
}
- public override VCExpr! Visit(VCExprLet! node, bool arg) {
- IDictionary<VCExprVar!, Binding!> boundVars =
- new Dictionary<VCExprVar!, Binding!> ();
+ public override VCExpr Visit(VCExprLet node, bool arg){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ IDictionary<VCExprVar/*!*/, Binding/*!*/> boundVars =
+ new Dictionary<VCExprVar/*!*/, Binding/*!*/> ();
// recurse and collect the free variables in bound terms and formulae
- foreach (VCExprLetBinding! binding in node) {
- VCExpr! newE = Mutate(binding.E, arg);
- Binding! b = new Binding (binding.V, newE, FreeVarsIn(newE));
+ foreach (VCExprLetBinding/*!*/ binding in node) {Contract.Assert(binding != null);
+ VCExpr/*!*/ newE = Mutate(binding.E, arg);
+ Binding/*!*/ b = new Binding (binding.V, newE, FreeVarsIn(newE));
boundVars.Add(b.V, b);
}
// generate the occurrence edges
- foreach (KeyValuePair<VCExprVar!, Binding!> pair in boundVars) {
- Binding! b = pair.Value;
- foreach (VCExprVar! v in b.FreeVars) {
+ foreach (KeyValuePair<VCExprVar/*!*/, Binding/*!*/> pair in boundVars) {Contract.Assert(cce.NonNullElements(pair));
+ Binding/*!*/ b = pair.Value;
+ Contract.Assert(b != null);
+ foreach (VCExprVar/*!*/ v in b.FreeVars) {Contract.Assert(v != null);
Binding b2;
if (boundVars.TryGetValue(v, out b2)) {
- ((!)b2).Occurrences.Add(b);
+ cce.NonNull(b2).Occurrences.Add(b);
b.InvOccurrencesNum = b.InvOccurrencesNum + 1;
}
}
}
// topological sort
- Stack<Binding!> rootBindings = new Stack<Binding!> ();
- foreach (KeyValuePair<VCExprVar!, Binding!> pair in boundVars)
+ Stack<Binding/*!*/> rootBindings = new Stack<Binding/*!*/> ();
+ foreach (KeyValuePair<VCExprVar/*!*/, Binding/*!*/> pair in boundVars)
+ {Contract.Assert(cce.NonNullElements(pair));
if (pair.Value.InvOccurrencesNum == 0)
- rootBindings.Push(pair.Value);
+ rootBindings.Push(pair.Value);}
- List<Binding!>! sortedBindings = new List<Binding!> ();
+ List<Binding/*!*/>/*!*/ sortedBindings = new List<Binding/*!*/> ();
while (rootBindings.Count > 0) {
- Binding! b = rootBindings.Pop();
+ Binding/*!*/ b = rootBindings.Pop();
+ Contract.Assert(b != null);
sortedBindings.Add(b);
- foreach (Binding! b2 in b.Occurrences) {
+ foreach (Binding/*!*/ b2 in b.Occurrences) {
+ Contract.Assert(b2 != null);
b2.InvOccurrencesNum = b2.InvOccurrencesNum - 1;
if (b2.InvOccurrencesNum == 0)
rootBindings.Push(b2);
}
}
- if (exists{KeyValuePair<VCExprVar!, Binding!> pair in boundVars;
- pair.Value.InvOccurrencesNum > 0})
+ if (Contract.Exists(boundVars, pair=> pair.Value.InvOccurrencesNum > 0))
System.Diagnostics.Debug.Fail("Cyclic let-bindings");
- assert node.Length == sortedBindings.Count;
+ Contract.Assert(node.Length == sortedBindings.Count);
// check which of the bindings can be dropped
- VCExpr! newBody = Mutate(node.Body, arg);
+ VCExpr newBody = Mutate(node.Body, arg);
+ Contract.Assert(newBody != null);
- IDictionary<VCExprVar!, VCExprVar!>! usedVars =
- new Dictionary<VCExprVar!, VCExprVar!> ();
- foreach (VCExprVar! v in FreeVarsIn(newBody))
+ IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ usedVars =
+ new Dictionary<VCExprVar/*!*/, VCExprVar/*!*/> ();
+ foreach (VCExprVar/*!*/ v in FreeVarsIn(newBody)){Contract.Assert(v != null);
if (!usedVars.ContainsKey(v))
- usedVars.Add(v, v);
+ usedVars.Add(v, v);}
for (int i = sortedBindings.Count - 1; i >= 0; --i) {
if (usedVars.ContainsKey(sortedBindings[i].V)) {
- foreach (VCExprVar! v in sortedBindings[i].FreeVars)
+ foreach (VCExprVar/*!*/ v in sortedBindings[i].FreeVars){
+ Contract.Assert(v != null);
if (!usedVars.ContainsKey(v))
- usedVars.Add(v, v);
+ usedVars.Add(v, v);}
} else {
sortedBindings.RemoveAt(i);
}
}
// assemble the resulting let-expression
- List<VCExprLetBinding!>! newBindings = new List<VCExprLetBinding!> ();
+ List<VCExprLetBinding/*!*/>/*!*/ newBindings = new List<VCExprLetBinding/*!*/>();
foreach (Binding b in sortedBindings)
newBindings.Add(Gen.LetBinding(b.V, b.E));
return Gen.Let(newBindings, newBody);
- }
+ }
private class Binding {
- public readonly VCExprVar! V;
- public readonly VCExpr! E;
- public readonly List<VCExprVar!>! FreeVars;
+ public readonly VCExprVar/*!*/ V;
+ public readonly VCExpr/*!*/ E;
+ public readonly List<VCExprVar/*!*/>/*!*/ FreeVars;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(V != null);
+ Contract.Invariant(E != null);
+ Contract.Invariant(cce.NonNullElements(FreeVars));
+ Contract.Invariant(Occurrences != null);
+ }
+
// list of all bound expression in which the variable V occurs
// (outgoing edges)
- public readonly List<Binding>! Occurrences;
+ public readonly List<Binding>/*!*/ Occurrences;
// number of variables that are bound in this let-expression
// and that occur in FreeVars
// (incoming edges)
public int InvOccurrencesNum;
- public Binding(VCExprVar! v, VCExpr! e, List<VCExprVar!>! freeVars) {
+ public Binding(VCExprVar v, VCExpr e, List<VCExprVar/*!*/>/*!*/ freeVars) {
+ Contract.Requires(e != null);
+ Contract.Requires(v != null);
+ Contract.Requires(cce.NonNullElements(freeVars));
this.V = v;
this.E = e;
this.FreeVars = freeVars;
- this.Occurrences = new List<Binding> ();
+ this.Occurrences = new List<Binding>();
this.InvOccurrencesNum = 0;
}
}
diff --git a/Source/VCExpr/NameClashResolver.cs b/Source/VCExpr/NameClashResolver.cs index 9c281bf8..f2590948 100644 --- a/Source/VCExpr/NameClashResolver.cs +++ b/Source/VCExpr/NameClashResolver.cs @@ -8,7 +8,7 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// Visitor that establishes unique variable (or constant) names in a VCExpr.
@@ -22,58 +22,83 @@ namespace Microsoft.Boogie.VCExprAST { public class UniqueNamer : ICloneable {
public UniqueNamer() {
- GlobalNames = new Dictionary<Object!, string!> ();
- LocalNames = TEHelperFuns.ToList(new Dictionary<Object!, string!> ()
- as IDictionary<Object!, string!>);
- UsedNames = new Dictionary<string!, bool> ();
- CurrentCounters = new Dictionary<string!, int> ();
- GlobalPlusLocalNames = new Dictionary<Object!, string!> ();
+ GlobalNames = new Dictionary<Object, string>();
+ LocalNames = TEHelperFuns.ToList(new Dictionary<Object/*!*/, string/*!*/>()
+ as IDictionary<Object/*!*/, string/*!*/>);
+ UsedNames = new Dictionary<string, bool>();
+ CurrentCounters = new Dictionary<string, int>();
+ GlobalPlusLocalNames = new Dictionary<Object, string>();
}
- private UniqueNamer(UniqueNamer! namer) {
- GlobalNames = new Dictionary<Object!, string!> (namer.GlobalNames);
-
- List<IDictionary<Object!, string!>!>! localNames =
- new List<IDictionary<Object!, string!>!> ();
+ private UniqueNamer(UniqueNamer namer) {
+ Contract.Requires(namer != null);
+ GlobalNames = new Dictionary<Object, string>(namer.GlobalNames);
+
+ List<IDictionary<Object/*!*/, string/*!*/>/*!*/>/*!*/ localNames =
+ new List<IDictionary<Object, string>>();
LocalNames = localNames;
-
- foreach (IDictionary<Object!, string!>! d in namer.LocalNames)
- localNames.Add(new Dictionary<Object!, string!> (d));
- UsedNames = new Dictionary<string!, bool> (namer.UsedNames);
- CurrentCounters = new Dictionary<string!, int> (namer.CurrentCounters);
- GlobalPlusLocalNames = new Dictionary<Object!, string!>(namer.GlobalPlusLocalNames);
+ foreach (IDictionary<Object/*!*/, string/*!*/>/*!*/ d in namer.LocalNames)
+ localNames.Add(new Dictionary<Object/*!*/, string/*!*/>(d));
+
+ UsedNames = new Dictionary<string, bool>(namer.UsedNames);
+ CurrentCounters = new Dictionary<string, int>(namer.CurrentCounters);
+ GlobalPlusLocalNames = new Dictionary<Object, string>(namer.GlobalPlusLocalNames);
}
- public Object! Clone() {
- return new UniqueNamer (this);
+ public Object Clone() {
+ Contract.Ensures(Contract.Result<Object>() != null);
+ return new UniqueNamer(this);
}
////////////////////////////////////////////////////////////////////////////
- private readonly IDictionary<Object!, string!>! GlobalNames;
- private readonly List<IDictionary<Object!, string!>!>! LocalNames;
+ private readonly IDictionary<Object/*!*/, string/*!*/>/*!*/ GlobalNames;
+ [ContractInvariantMethod]
+ void GlobalNamesInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(GlobalNames));
+ }
+ private readonly List<IDictionary<Object/*!*/, string/*!*/>/*!*/>/*!*/ LocalNames;
+ [ContractInvariantMethod]
+ void LocalNamesInvariantMethod() {
+ Contract.Invariant(Contract.ForAll(LocalNames, i => i != null && cce.NonNullElements(i)));
+ }
// dictionary of all names that have already been used
// (locally or globally)
- private readonly IDictionary<string!, bool>! UsedNames;
- private readonly IDictionary<string!, int>! CurrentCounters;
- private readonly IDictionary<Object!, string!>! GlobalPlusLocalNames;
+ private readonly IDictionary<string/*!*/, bool/*!*/>/*!*/ UsedNames;
+ [ContractInvariantMethod]
+ void UsedNamesInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(UsedNames));
+ }
+ private readonly IDictionary<string/*!*/, int/*!*/>/*!*/ CurrentCounters;
+ [ContractInvariantMethod]
+ void CurrentCountersInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(CurrentCounters));
+ }
+ private readonly IDictionary<Object/*!*/, string/*!*/>/*!*/ GlobalPlusLocalNames;
+ [ContractInvariantMethod]
+ void GlobalPlusLocalNamesInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(GlobalPlusLocalNames));
+ }
////////////////////////////////////////////////////////////////////////////
public void PushScope() {
- LocalNames.Add(new Dictionary<Object!, string!> ());
+ LocalNames.Add(new Dictionary<Object/*!*/, string/*!*/>());
}
public void PopScope() {
LocalNames.RemoveAt(LocalNames.Count - 1);
- }
+ }
////////////////////////////////////////////////////////////////////////////
- private string! NextFreeName(Object! thingie, string! baseName) {
- string! candidate;
+ private string NextFreeName(Object thingie, string baseName) {
+ Contract.Requires(baseName != null);
+ Contract.Requires(thingie != null);
+ Contract.Ensures(Contract.Result<string>() != null);
+ string/*!*/ candidate;
int counter;
if (CurrentCounters.TryGetValue(baseName, out counter)) {
@@ -99,7 +124,10 @@ namespace Microsoft.Boogie.VCExprAST { // retrieve the name of a thingie; if it does not have a name yet,
// generate a unique name for it (as close as possible to its inherent
// name) and register it globally
- public string! GetName(Object! thingie, string! inherentName) {
+ public string GetName(Object thingie, string inherentName) {
+ Contract.Requires(inherentName != null);
+ Contract.Requires(thingie != null);
+ Contract.Ensures(Contract.Result<string>() != null);
string res = this[thingie];
if (res != null)
@@ -113,24 +141,34 @@ namespace Microsoft.Boogie.VCExprAST { }
[Pure]
- public string this[Object! thingie] { get {
- string res;
- for (int i = LocalNames.Count - 1; i >= 0; --i) {
- if (LocalNames[i].TryGetValue(thingie, out res))
- return res;
+ public string this[Object/*!*/ thingie] {
+ get {
+ Contract.Requires(thingie != null);
+ Contract.Ensures(Contract.Result<String>() != null);
+
+ string res;
+ for (int i = LocalNames.Count - 1; i >= 0; --i) {
+ if (LocalNames[i].TryGetValue(thingie, out res))
+ return res;
+ }
+
+ GlobalNames.TryGetValue(thingie, out res);
+ return res;
}
+ }
- GlobalNames.TryGetValue(thingie, out res);
- return res;
- } }
-
- public string! GetLocalName(Object! thingie, string! inherentName) {
- string! res = NextFreeName(thingie, inherentName);
+ public string GetLocalName(Object thingie, string inherentName) {
+ Contract.Requires(inherentName != null);
+ Contract.Requires(thingie != null);
+ Contract.Ensures(Contract.Result<string>() != null);
+ string res = NextFreeName(thingie, inherentName);
LocalNames[LocalNames.Count - 1][thingie] = res;
return res;
}
-
- public string! Lookup(Object! thingie) {
+
+ public string Lookup(Object thingie) {
+ Contract.Requires(thingie != null);
+ Contract.Ensures(Contract.Result<string>() != null);
return GlobalPlusLocalNames[thingie];
}
}
diff --git a/Source/VCExpr/SimplifyLikeLineariser.cs b/Source/VCExpr/SimplifyLikeLineariser.cs index 30779f22..b8a53b9f 100644 --- a/Source/VCExpr/SimplifyLikeLineariser.cs +++ b/Source/VCExpr/SimplifyLikeLineariser.cs @@ -8,7 +8,7 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
using Microsoft.Boogie.VCExprAST;
@@ -16,13 +16,25 @@ using Microsoft.Boogie.VCExprAST; namespace Microsoft.Boogie.VCExprAST
{
+ [ContractClassFor(typeof(LineariserOptions))]
+ public abstract class LinOptContracts:LineariserOptions{
+ public LinOptContracts() : base(true) {
+ }
+ public override LineariserOptions SetAsTerm(bool newVal)
+{
+ Contract.Ensures(Contract.Result<LineariserOptions>() != null);
+ throw new NotImplementedException();
+}
+
+ }
// Options for the linearisation. Here one can choose, for instance,
// whether Simplify or Z3 output is to be produced
+ [ContractClass(typeof(LinOptContracts))]
public abstract class LineariserOptions {
public readonly bool AsTerm;
- public abstract LineariserOptions! SetAsTerm(bool newVal);
+ public abstract LineariserOptions/*!*/ SetAsTerm(bool newVal);
public abstract bool QuantifierIds { get; }
@@ -39,19 +51,29 @@ namespace Microsoft.Boogie.VCExprAST // variables representing formulas in let-bindings have to be
// printed in a different way than other variables
- public virtual List<VCExprVar!>! LetVariables { get {
+ public virtual List<VCExprVar/*!*/>/*!*/ LetVariables { get {Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
return EmptyList;
} }
- public virtual LineariserOptions! AddLetVariable(VCExprVar! furtherVar) {
+ public virtual LineariserOptions AddLetVariable(VCExprVar furtherVar){
+Contract.Requires(furtherVar != null);
+Contract.Ensures(Contract.Result<LineariserOptions>() != null);
return this;
}
- public virtual LineariserOptions! AddLetVariables(List<VCExprVar!>! furtherVars) {
+ public virtual LineariserOptions AddLetVariables(List<VCExprVar/*!*/>/*!*/ furtherVars){
+Contract.Requires(cce.NonNullElements(furtherVars));
+Contract.Ensures(Contract.Result<LineariserOptions>() != null);
return this;
}
- private static readonly List<VCExprVar!>! EmptyList = new List<VCExprVar!>();
+ private static readonly List<VCExprVar/*!*/>/*!*/ EmptyList = new List<VCExprVar/*!*/>();
+ [ContractInvariantMethod]
+void ObjectInvarinat()
+{
+ Contract.Invariant(EmptyList!=null);
+}
+
public bool NativeBv { get {
return Bitvectors == CommandLineOptions.BvHandling.Z3Native;
@@ -67,14 +89,14 @@ namespace Microsoft.Boogie.VCExprAST this.AsTerm = asTerm;
}
- public static readonly LineariserOptions! SimplifyDefault = new SimplifyOptions (false);
- internal static readonly LineariserOptions! SimplifyDefaultTerm = new SimplifyOptions (true);
+ public static readonly LineariserOptions SimplifyDefault = new SimplifyOptions (false);
+ internal static readonly LineariserOptions SimplifyDefaultTerm = new SimplifyOptions (true);
////////////////////////////////////////////////////////////////////////////////////////
private class SimplifyOptions : LineariserOptions {
- internal SimplifyOptions(bool asTerm) {
- base(asTerm);
+ internal SimplifyOptions(bool asTerm):base(asTerm) {
+
}
public override bool QuantifierIds { get {
return false;
@@ -82,7 +104,8 @@ namespace Microsoft.Boogie.VCExprAST public override bool UseTypes { get {
return false;
} }
- public override LineariserOptions! SetAsTerm(bool newVal) {
+ public override LineariserOptions SetAsTerm(bool newVal) {
+Contract.Ensures(Contract.Result<LineariserOptions>() != null);
if (newVal)
return SimplifyDefaultTerm;
else
@@ -94,14 +117,21 @@ namespace Microsoft.Boogie.VCExprAST ////////////////////////////////////////////////////////////////////////////////////////
// Lineariser for expressions. The result (bool) is currently not used for anything
- public class SimplifyLikeExprLineariser : IVCExprVisitor<bool, LineariserOptions!> {
+ public class SimplifyLikeExprLineariser : IVCExprVisitor<bool, LineariserOptions/*!*/> {
- public static string! ToSimplifyString(VCExpr! e, UniqueNamer! namer) {
+ public static string ToSimplifyString(VCExpr e, UniqueNamer namer){
+Contract.Requires(namer != null);
+Contract.Requires(e != null);
+Contract.Ensures(Contract.Result<string>() != null);
return ToString(e, LineariserOptions.SimplifyDefault, namer);
}
- public static string! ToString(VCExpr! e, LineariserOptions! options,
- UniqueNamer! namer) {
+ public static string ToString(VCExpr/*!*/ e, LineariserOptions/*!*/ options,UniqueNamer/*!*/ namer) {
+ Contract.Requires(e != null);
+ Contract.Requires(options != null);
+ Contract.Requires(namer != null);
+ Contract.Ensures(Contract.Result<string>() != null);
+
StringWriter sw = new StringWriter();
SimplifyLikeExprLineariser lin = new SimplifyLikeExprLineariser (sw, namer);
lin.Linearise(e, options);
@@ -110,32 +140,47 @@ namespace Microsoft.Boogie.VCExprAST ////////////////////////////////////////////////////////////////////////////////////////
- private readonly TextWriter! wr;
+ [ContractInvariantMethod]
+void ObjectInvariant()
+{
+ Contract.Invariant(wr!=null);
+ Contract.Invariant(Namer != null);
+}
+
+ private readonly TextWriter/*!*/ wr;
private SimplifyLikeOpLineariser OpLinObject = null;
- private IVCExprOpVisitor<bool, LineariserOptions!>! OpLineariser { get {
+ private IVCExprOpVisitor<bool, LineariserOptions/*!*/>/*!*/ OpLineariser { get {Contract.Ensures(Contract.Result<IVCExprOpVisitor<bool, LineariserOptions>>()!=null);
if (OpLinObject == null)
OpLinObject = new SimplifyLikeOpLineariser (this, wr);
return OpLinObject;
} }
- internal readonly UniqueNamer! Namer;
+ internal readonly UniqueNamer Namer;
- public SimplifyLikeExprLineariser(TextWriter! wr, UniqueNamer! namer) {
+ public SimplifyLikeExprLineariser(TextWriter wr, UniqueNamer namer){
+Contract.Requires(namer != null);
+Contract.Requires(wr != null);
this.wr = wr;
this.Namer = namer;
}
- public void Linearise(VCExpr! expr, LineariserOptions! options) {
- expr.Accept<bool, LineariserOptions!>(this, options);
+ public void Linearise(VCExpr expr, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(expr != null);
+ expr.Accept<bool, LineariserOptions>(this, options);
}
- public void LineariseAsTerm(VCExpr! expr, LineariserOptions! options) {
+ public void LineariseAsTerm(VCExpr expr, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(expr != null);
Linearise(expr, options.SetAsTerm(true));
}
/////////////////////////////////////////////////////////////////////////////////////
- public static string! MakeIdPrintable(string! s) {
+ public static string MakeIdPrintable(string s){
+Contract.Requires(s != null);
+Contract.Ensures(Contract.Result<string>() != null);
// make sure that no keywords are used as identifiers
switch(s) {
case andName:
@@ -197,14 +242,18 @@ namespace Microsoft.Boogie.VCExprAST }
}
- private static string! TypeToStringHelper(Type! t) {
+ private static string TypeToStringHelper(Type t){
+Contract.Requires(t != null);
+Contract.Ensures(Contract.Result<string>() != null);
System.IO.StringWriter buffer = new System.IO.StringWriter();
using (TokenTextWriter stream = new TokenTextWriter("<buffer>", buffer, false)) {
t.Emit(stream);
}
return buffer.ToString();
}
- public static string! TypeToString(Type! t) {
+ public static string TypeToString(Type t){
+Contract.Requires(t != null);
+Contract.Ensures(Contract.Result<string>() != null);
if (t.IsBool)
return "$bool";
else if (t.IsInt)
@@ -222,30 +271,39 @@ namespace Microsoft.Boogie.VCExprAST }
}
- public static string! BvConcatOpName(VCExprNAry! node)
- requires node.Op is VCExprBvConcatOp; {
+ public static string BvConcatOpName(VCExprNAry node){
+Contract.Requires(node != null);
+Contract.Requires((node.Op is VCExprBvConcatOp));
+Contract.Ensures(Contract.Result<string>() != null);
int bits1 = node[0].Type.BvBits;
int bits2 = node[1].Type.BvBits;
return "$bv" + (bits1 + bits2) + "_concat[" + bits1 + "." + bits2 + "]";
}
- public static string! BvExtractOpName(VCExprNAry! node)
- requires node.Op is VCExprBvExtractOp; {
- VCExprBvExtractOp! op = (VCExprBvExtractOp)node.Op;
+ public static string BvExtractOpName(VCExprNAry node){
+Contract.Requires(node != null);
+Contract.Requires(node.Op is VCExprBvExtractOp);
+Contract.Ensures(Contract.Result<string>() != null);
+ VCExprBvExtractOp op = (VCExprBvExtractOp)node.Op;
return "$bv" + node.Type.BvBits + "_extract" + op.Total + "[" + op.Start + ":" + op.End + "]";
}
- public static string! StoreOpName(VCExprNAry! node)
- requires node.Op is VCExprStoreOp; {
+ public static string StoreOpName(VCExprNAry node){
+Contract.Requires(node != null);
+Contract.Requires((node.Op is VCExprStoreOp));
+Contract.Ensures(Contract.Result<string>() != null);
return "Store_" + TypeToString(node[0].Type);
}
- public static string! SelectOpName(VCExprNAry! node)
- requires node.Op is VCExprSelectOp; {
+ public static string SelectOpName(VCExprNAry node){
+Contract.Requires(node != null);
+Contract.Requires((node.Op is VCExprSelectOp));
+Contract.Ensures(Contract.Result<string>() != null);
return "Select_" + TypeToString(node[0].Type);
}
- internal void WriteId(string! s) {
+ internal void WriteId(string s){
+Contract.Requires(s != null);
wr.Write(MakeIdPrintable(s));
}
@@ -254,57 +312,63 @@ namespace Microsoft.Boogie.VCExprAST /// <summary>
/// The name for logical conjunction in Simplify
/// </summary>
- internal const string! andName = "AND"; // conjunction
- internal const string! orName = "OR"; // disjunction
- internal const string! notName = "NOT"; // negation
- internal const string! impliesName = "IMPLIES"; // implication
- internal const string! iffName = "IFF"; // logical equivalence
- internal const string! eqName = "EQ"; // equality
- internal const string! neqName = "NEQ"; // inequality
- internal const string! lessName = "<";
- internal const string! greaterName = ">";
- internal const string! atmostName = "<=";
- internal const string! atleastName = ">=";
- internal const string! TRUEName = "TRUE"; // nullary predicate that is always true
- internal const string! FALSEName = "FALSE"; // nullary predicate that is always false
- internal const string! subtypeName = "<:";
- internal const string! subtypeArgsName = "<::";
-
- internal const string! distinctName = "DISTINCT";
+ internal const string andName = "AND"; // conjunction
+ internal const string orName = "OR"; // disjunction
+ internal const string notName = "NOT"; // negation
+ internal const string impliesName = "IMPLIES"; // implication
+ internal const string iffName = "IFF"; // logical equivalence
+ internal const string eqName = "EQ"; // equality
+ internal const string neqName = "NEQ"; // inequality
+ internal const string lessName = "<";
+ internal const string greaterName = ">";
+ internal const string atmostName = "<=";
+ internal const string atleastName = ">=";
+ internal const string TRUEName = "TRUE"; // nullary predicate that is always true
+ internal const string FALSEName = "FALSE"; // nullary predicate that is always false
+ internal const string subtypeName = "<:";
+ internal const string subtypeArgsName = "<::";
+
+ internal const string distinctName = "DISTINCT";
/// <summary>
/// name of the main inclusion relation
/// </summary>
- internal const string! boolTrueName = "|@true|";
- internal const string! boolFalseName = "|@false|";
- internal const string! boolAndName = "boolAnd";
- internal const string! boolOrName = "boolOr";
- internal const string! boolNotName = "boolNot";
- internal const string! termEqName = "anyEqual";
- internal const string! termNeqName = "anyNeq";
- internal const string! termLessName = "intLess";
- internal const string! termGreaterName = "intGreater";
- internal const string! termAtmostName = "intAtMost";
- internal const string! termAtleastName = "intAtLeast";
- internal const string! intAddName = "+";
- internal const string! intAddNameReflect = "Reflect$Add";
- internal const string! intSubName = "-";
- internal const string! intMulName = "*";
- internal const string! intDivName = "/";
- internal const string! intModName = "%";
-
- internal void AssertAsTerm(string! x, LineariserOptions! options) {
+ internal const string boolTrueName = "|@true|";
+ internal const string boolFalseName = "|@false|";
+ internal const string boolAndName = "boolAnd";
+ internal const string boolOrName = "boolOr";
+ internal const string boolNotName = "boolNot";
+ internal const string termEqName = "anyEqual";
+ internal const string termNeqName = "anyNeq";
+ internal const string termLessName = "intLess";
+ internal const string termGreaterName = "intGreater";
+ internal const string termAtmostName = "intAtMost";
+ internal const string termAtleastName = "intAtLeast";
+ internal const string intAddName = "+";
+ internal const string intAddNameReflect = "Reflect$Add";
+ internal const string intSubName = "-";
+ internal const string intMulName = "*";
+ internal const string intDivName = "/";
+ internal const string intModName = "%";
+
+ internal void AssertAsTerm(string x, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(x != null);
if (!options.AsTerm)
System.Diagnostics.Debug.Fail("One should never write " + x + " as a formula!");
}
- internal void AssertAsFormula(string! x, LineariserOptions! options) {
+ internal void AssertAsFormula(string x, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(x != null);
if (options.AsTerm)
System.Diagnostics.Debug.Fail("One should never write " + x + " as a term!");
}
/////////////////////////////////////////////////////////////////////////////////////
- public bool Visit(VCExprLiteral! node, LineariserOptions! options) {
+ public bool Visit(VCExprLiteral node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
if (options.AsTerm) {
if (node == VCExpressionGenerator.True)
@@ -313,8 +377,10 @@ namespace Microsoft.Boogie.VCExprAST wr.Write(options.UseTypes ? FALSEName : boolFalseName);
else if (node is VCExprIntLit) {
wr.Write(((VCExprIntLit)node).Val);
- } else
- assert false;
+ } else {
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
} else {
@@ -324,8 +390,10 @@ namespace Microsoft.Boogie.VCExprAST wr.Write(FALSEName);
else if (node is VCExprIntLit) {
System.Diagnostics.Debug.Fail("One should never write IntLit as a predicate!");
- } else
- assert false;
+ } else {
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
}
@@ -334,8 +402,11 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////////
- public bool Visit(VCExprNAry! node, LineariserOptions! options) {
- VCExprOp! op = node.Op;
+ public bool Visit(VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
+ VCExprOp op = node.Op;
+ Contract.Assert(op != null);
if (!options.AsTerm &&
(op.Equals(VCExpressionGenerator.AndOp) ||
@@ -344,12 +415,13 @@ namespace Microsoft.Boogie.VCExprAST wr.Write("({0}",
op.Equals(VCExpressionGenerator.AndOp) ? andName : orName);
- IEnumerator! enumerator = new VCExprNAryUniformOpEnumerator (node);
+ IEnumerator enumerator = new VCExprNAryUniformOpEnumerator (node);
+ Contract.Assert(enumerator != null);
while (enumerator.MoveNext()) {
VCExprNAry naryExpr = enumerator.Current as VCExprNAry;
- if (naryExpr == null || !naryExpr.Op.Equals(op)) {
+ if (naryExpr == null || !naryExpr.Op.Equals(op)) {
wr.Write(" ");
- Linearise((VCExpr!)enumerator.Current, options);
+ Linearise(cce.NonNull((VCExpr)enumerator.Current), options);
}
}
@@ -358,13 +430,16 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- return node.Accept<bool, LineariserOptions!>(OpLineariser, options);
+ return node.Accept<bool, LineariserOptions>(OpLineariser, options);
}
/////////////////////////////////////////////////////////////////////////////////////
- public bool Visit(VCExprVar! node, LineariserOptions! options) {
- string! printedName = Namer.GetName(node, node.Name);
+ public bool Visit(VCExprVar node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
+ string printedName = Namer.GetName(node, node.Name);
+ Contract.Assert(printedName != null);
if (options.AsTerm ||
// variables for formulas bound in a let-binding are never
@@ -377,7 +452,7 @@ namespace Microsoft.Boogie.VCExprAST } else {
wr.Write("({0} ", eqName);
WriteId(printedName);
- wr.Write(" {0})", boolTrueName);
+ wr.Write(" {0})", boolTrueName);
}
return true;
@@ -385,19 +460,23 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////////
- public bool Visit(VCExprQuantifier! node, LineariserOptions! options) {
+ public bool Visit(VCExprQuantifier node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
AssertAsFormula(node.Quan.ToString(), options);
- assert node.TypeParameters.Count == 0;
+ Contract.Assert(node.TypeParameters.Count == 0);
Namer.PushScope(); try {
- string! kind = node.Quan == Quantifier.ALL ? "FORALL" : "EXISTS";
+ string kind = node.Quan == Quantifier.ALL ? "FORALL" : "EXISTS";
wr.Write("({0} (", kind);
for (int i = 0; i < node.BoundVars.Count; i++)
{
- VCExprVar! var = node.BoundVars[i];
- string! printedName = Namer.GetLocalName(var, var.Name);
+ VCExprVar var = node.BoundVars[i];
+ Contract.Assert(var != null);
+ string printedName = Namer.GetLocalName(var, var.Name);
+ Contract.Assert(printedName != null);
if (i != 0)
wr.Write(" ");
WriteId(printedName);
@@ -410,7 +489,8 @@ namespace Microsoft.Boogie.VCExprAST if (options.QuantifierIds) {
// only needed for Z3
- VCQuantifierInfos! infos = node.Infos;
+ VCQuantifierInfos infos = node.Infos;
+ Contract.Assert(infos != null);
if (infos.qid != null) {
wr.Write("(QID ");
wr.Write(infos.qid);
@@ -442,11 +522,14 @@ namespace Microsoft.Boogie.VCExprAST }
}
- private void WriteTriggers(List<VCTrigger!>! triggers, LineariserOptions! options) {
+ private void WriteTriggers(List<VCTrigger/*!*/>/*!*/ triggers, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(cce.NonNullElements(triggers));
// first, count how many neg/pos triggers there are
int negTriggers = 0;
int posTriggers = 0;
- foreach (VCTrigger! vcTrig in triggers) {
+ foreach (VCTrigger vcTrig in triggers) {
+ Contract.Assert(vcTrig != null);
if (vcTrig.Pos) {
posTriggers++;
} else {
@@ -456,12 +539,13 @@ namespace Microsoft.Boogie.VCExprAST if (posTriggers > 0) {
wr.Write("(PATS");
- foreach (VCTrigger! vcTrig in triggers) {
+ foreach (VCTrigger vcTrig in triggers) {
+ Contract.Assert(vcTrig != null);
if (vcTrig.Pos) {
if (vcTrig.Exprs.Count > 1) {
wr.Write(" (MPAT");
}
- foreach (VCExpr! e in vcTrig.Exprs) {
+ foreach (VCExpr e in vcTrig.Exprs) {Contract.Assert(e != null);
wr.Write(" ");
LineariseAsTerm(e, options);
}
@@ -476,10 +560,11 @@ namespace Microsoft.Boogie.VCExprAST // will ignore the negative patterns and output a warning. Therefore
// we never specify both negative and positive triggers
wr.Write("(NOPATS");
- foreach (VCTrigger! vcTrig in triggers) {
+ foreach (VCTrigger vcTrig in triggers) {
+ Contract.Assert(vcTrig != null);
if (!vcTrig.Pos) {
wr.Write(" ");
- assert vcTrig.Exprs.Count == 1;
+ Contract.Assert(vcTrig.Exprs.Count == 1);
LineariseAsTerm(vcTrig.Exprs[0], options);
}
}
@@ -490,17 +575,20 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////////
- public bool Visit(VCExprLet! node, LineariserOptions! options) {
+ public bool Visit(VCExprLet node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
Namer.PushScope(); try {
wr.Write("(LET (");
- LineariserOptions! optionsWithVars = options.AddLetVariables(node.BoundVars);
+ LineariserOptions optionsWithVars = options.AddLetVariables(node.BoundVars);
+ Contract.Assert(optionsWithVars != null);
string s = "(";
- foreach (VCExprLetBinding! b in node) {
+ foreach (VCExprLetBinding b in node) {Contract.Assert(b != null);
wr.Write(s);
- string! printedName = Namer.GetLocalName(b.V, b.V.Name);
+ string printedName = Namer.GetLocalName(b.V, b.V.Name);
bool formula = b.V.Type.IsBool;
if (formula)
@@ -527,47 +615,66 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////////
// Lineariser for operator terms. The result (bool) is currently not used for anything
- internal class SimplifyLikeOpLineariser : IVCExprOpVisitor<bool, LineariserOptions!> {
- private readonly SimplifyLikeExprLineariser! ExprLineariser;
- private readonly TextWriter! wr;
+ internal class SimplifyLikeOpLineariser : IVCExprOpVisitor<bool, LineariserOptions/*!*/> {
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(ExprLineariser != null);
+ Contract.Invariant(wr != null);
+ }
- public SimplifyLikeOpLineariser(SimplifyLikeExprLineariser! ExprLineariser, TextWriter! wr) {
+ private readonly SimplifyLikeExprLineariser/*!*/ ExprLineariser;
+ private readonly TextWriter/*!*/ wr;
+
+ public SimplifyLikeOpLineariser(SimplifyLikeExprLineariser ExprLineariser, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(ExprLineariser != null);
this.ExprLineariser = ExprLineariser;
this.wr = wr;
}
///////////////////////////////////////////////////////////////////////////////////
- private void WriteApplication(string! op, IEnumerable<VCExpr!>! args,
- LineariserOptions! options,
- bool argsAsTerms) {
+ private void WriteApplication(string op, IEnumerable<VCExpr/*!*/>/*!*/ args, LineariserOptions options, bool argsAsTerms){
+Contract.Requires(options != null);
+Contract.Requires(op != null);
+Contract.Requires(cce.NonNullElements(args));
WriteApplication(op, op, args, options, argsAsTerms);
}
- private void WriteApplication(string! op, IEnumerable<VCExpr!>! args,
- LineariserOptions! options) {
+ private void WriteApplication(string op, IEnumerable<VCExpr/*!*/>/*!*/ args,LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(op != null);
+Contract.Requires(cce.NonNullElements(args));
WriteApplication(op, op, args, options, options.AsTerm);
}
- private void WriteTermApplication(string! op, IEnumerable<VCExpr!>! args,
- LineariserOptions! options) {
+ private void WriteTermApplication(string op, IEnumerable<VCExpr/*!*/>/*!*/ args,LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(op != null);
+Contract.Requires(cce.NonNullElements(args));
ExprLineariser.AssertAsTerm(op, options);
WriteApplication(op, op, args, options, options.AsTerm);
}
- private void WriteApplication(string! termOp, string! predOp,
- IEnumerable<VCExpr!>! args, LineariserOptions! options) {
+ private void WriteApplication(string termOp, string predOp, IEnumerable<VCExpr/*!*/>/*!*/ args, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(predOp != null);
+Contract.Requires(termOp != null);
+Contract.Requires(cce.NonNullElements(args));
WriteApplication(termOp, predOp, args, options, options.AsTerm);
}
- private void WriteApplication(string! termOp, string! predOp,
- IEnumerable<VCExpr!>! args, LineariserOptions! options,
- // change the AsTerm option for the arguments?
- bool argsAsTerms) {
+ private void WriteApplication(string termOp, string predOp, IEnumerable<VCExpr/*!*/>/*!*/ args, LineariserOptions options, bool argsAsTerms){
+Contract.Requires(options != null);
+Contract.Requires(predOp != null);
+Contract.Requires(termOp != null);
+Contract.Requires(cce.NonNullElements(args));// change the AsTerm option for the arguments?
wr.Write("({0}", options.AsTerm ? termOp : predOp);
- LineariserOptions! newOptions = options.SetAsTerm(argsAsTerms);
- foreach (VCExpr! e in args) {
+ LineariserOptions newOptions = options.SetAsTerm(argsAsTerms);
+
+ foreach (VCExpr e in args) {
+ Contract.Assert(e != null);
wr.Write(" ");
ExprLineariser.Linearise(e, newOptions);
}
@@ -578,8 +685,10 @@ namespace Microsoft.Boogie.VCExprAST // write an application that can only be a term.
// if the expression is supposed to be printed as a formula,
// it is turned into an equation (EQ (f args) |@true|)
- private void WriteApplicationTermOnly(string! termOp,
- IEnumerable<VCExpr!>! args, LineariserOptions! options) {
+ private void WriteApplicationTermOnly(string termOp, IEnumerable<VCExpr/*!*/>/*!*/ args, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(termOp != null);
+Contract.Requires(cce.NonNullElements(args));
if (!options.AsTerm)
// Write: (EQ (f args) |@true|)
// where "args" are written as terms
@@ -593,22 +702,26 @@ namespace Microsoft.Boogie.VCExprAST ///////////////////////////////////////////////////////////////////////////////////
- public bool VisitNotOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitNotOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(boolNotName, notName, node, options); // arguments can be both terms and formulas
return true;
}
- public bool VisitEqOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitEqOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
if (options.AsTerm) {
// use equality on terms, also if the arguments have type bool
WriteApplication(termEqName, node, options);
} else {
if (node[0].Type.IsBool) {
- assert node[1].Type.IsBool;
+ Contract.Assert(node[1].Type.IsBool);
// use equivalence
WriteApplication(iffName, node, options);
} else {
- assert !node[1].Type.IsBool;
+ Contract.Assert(!node[1].Type.IsBool);
// use equality and write the arguments as terms
WriteApplication(eqName, node, options, true);
}
@@ -617,13 +730,15 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitNeqOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitNeqOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
if (options.AsTerm) {
// use equality on terms, also if the arguments have type bool
WriteApplication(termNeqName, node, options);
} else {
if (node[0].Type.IsBool) {
- assert node[1].Type.IsBool;
+ Contract.Assert(node[1].Type.IsBool);
// use equivalence and negate the whole thing
wr.Write("({0} ", notName);
WriteApplication(iffName, node, options);
@@ -637,19 +752,25 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitAndOp (VCExprNAry! node, LineariserOptions! options) {
- assert options.AsTerm;
+ public bool VisitAndOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
+ Contract.Assert(options.AsTerm);
WriteApplication(boolAndName, andName, node, options); // arguments can be both terms and formulas
return true;
}
- public bool VisitOrOp (VCExprNAry! node, LineariserOptions! options) {
- assert options.AsTerm;
+ public bool VisitOrOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
+ Contract.Assert(options.AsTerm);
WriteApplication(boolOrName, orName, node, options); // arguments can be both terms and formulas
return true;
}
- public bool VisitImpliesOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitImpliesOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
if (options.AsTerm) {
wr.Write("({0} ({1} ", boolOrName, boolNotName);
ExprLineariser.Linearise(node[0], options);
@@ -663,19 +784,22 @@ namespace Microsoft.Boogie.VCExprAST ExprLineariser.Linearise(node[0], options);
wr.Write("))");
} else {
- WriteApplication(impliesName, node, options);
+ WriteApplication(impliesName, node, options);
}
return true;
}
- public bool VisitDistinctOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitDistinctOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
ExprLineariser.AssertAsFormula(distinctName, options);
if (node.Length < 2) {
ExprLineariser.Linearise(VCExpressionGenerator.True, options);
} else {
wr.Write("({0}", distinctName);
- foreach (VCExpr! e in node) {
+ foreach (VCExpr e in node) {
+ Contract.Assert(e != null);
wr.Write(" ");
ExprLineariser.LineariseAsTerm(e, options);
}
@@ -685,16 +809,22 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitLabelOp (VCExprNAry! node, LineariserOptions! options) {
- VCExprLabelOp! op = (VCExprLabelOp)node.Op;
+ public bool VisitLabelOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
+ VCExprLabelOp op = (VCExprLabelOp)node.Op;
+ Contract.Assert(op != null);
wr.Write(String.Format("({0} |{1}| ", op.pos ? "LBLPOS" : "LBLNEG", op.label));
ExprLineariser.Linearise(node[0], options); wr.Write(")");
return true;
}
- public bool VisitSelectOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitSelectOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
wr.Write("(" + SelectOpName(node));
- foreach (VCExpr! e in node) {
+ foreach (VCExpr/*!*/ e in node) {
+ Contract.Assert(e != null);
wr.Write(" ");
ExprLineariser.Linearise(e, options.SetAsTerm(!e.Type.IsBool));
}
@@ -702,9 +832,12 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitStoreOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitStoreOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
wr.Write("(" + StoreOpName(node));
- foreach (VCExpr! e in node) {
+ foreach (VCExpr e in node) {
+ Contract.Assert(e != null);
wr.Write(" ");
ExprLineariser.Linearise(e, options.SetAsTerm(!e.Type.IsBool));
}
@@ -712,22 +845,30 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitBvOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitBvOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication("$make_bv" + node.Type.BvBits, node, options);
return true;
}
- public bool VisitBvExtractOp(VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitBvExtractOp(VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication(BvExtractOpName(node), node, options);
return true;
}
- public bool VisitBvConcatOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitBvConcatOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication(BvConcatOpName(node), node, options);
return true;
}
- public bool VisitIfThenElseOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitIfThenElseOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
wr.Write("(ITE ");
ExprLineariser.Linearise(node[0], options.SetAsTerm(false));
@@ -740,7 +881,9 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitCustomOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitCustomOp(VCExprNAry/*!*/ node, LineariserOptions/*!*/ options) {
+ Contract.Requires(node != null);
+ Contract.Requires(options != null);
VCExprCustomOp op = (VCExprCustomOp)node.Op;
wr.Write("({0}", op.Name);
foreach (VCExpr arg in node) {
@@ -751,7 +894,9 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitAddOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitAddOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
if (CommandLineOptions.Clo.ReflectAdd) {
WriteTermApplication(intAddNameReflect, node, options);
} else {
@@ -760,61 +905,86 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitSubOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitSubOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication(intSubName, node, options);
return true;
}
- public bool VisitMulOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitMulOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication(intMulName, node, options);
return true;
}
- public bool VisitDivOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitDivOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication(intDivName, node, options);
return true;
}
- public bool VisitModOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitModOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteTermApplication(intModName, node, options);
return true;
}
- public bool VisitLtOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitLtOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(termLessName, lessName, node, options, true); // arguments are always terms
return true;
}
- public bool VisitLeOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitLeOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(termAtmostName, atmostName, node, options, true); // arguments are always terms
return true;
}
- public bool VisitGtOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitGtOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(termGreaterName, greaterName, node, options, true); // arguments are always terms
return true;
}
- public bool VisitGeOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitGeOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(termAtleastName, atleastName, node, options, true); // arguments are always terms
return true;
}
- public bool VisitSubtypeOp (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitSubtypeOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(subtypeName, node, options, true); // arguments are always terms
return true;
}
- public bool VisitSubtype3Op (VCExprNAry! node, LineariserOptions! options) {
+ public bool VisitSubtype3Op (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
WriteApplication(subtypeArgsName, node, options, true); // arguments are always terms
return true;
}
- public bool VisitBoogieFunctionOp (VCExprNAry! node, LineariserOptions! options) {
- VCExprBoogieFunctionOp! op = (VCExprBoogieFunctionOp)node.Op;
- string! funcName = op.Func.Name;
- string? bvzName = op.Func.FindStringAttribute("external");
- string! printedName = ExprLineariser.Namer.GetName(op.Func, funcName);
+ public bool VisitBoogieFunctionOp (VCExprNAry node, LineariserOptions options){
+Contract.Requires(options != null);
+Contract.Requires(node != null);
+ VCExprBoogieFunctionOp op = (VCExprBoogieFunctionOp)node.Op;
+ Contract.Assert(op != null);
+ string funcName = op.Func.Name;
+ Contract.Assert(funcName != null);
+ string bvzName = op.Func.FindStringAttribute("external");
+ string printedName = ExprLineariser.Namer.GetName(op.Func, funcName);
+ Contract.Assert(printedName != null);
if (bvzName != null) printedName = bvzName;
if (options.UseTypes) {
@@ -824,7 +994,8 @@ namespace Microsoft.Boogie.VCExprAST wr.Write("(");
ExprLineariser.WriteId(printedName);
- foreach (VCExpr! e in node) {
+ foreach (VCExpr e in node) {
+ Contract.Assert(e != null);
wr.Write(" ");
ExprLineariser.Linearise(e, options.SetAsTerm(!e.Type.IsBool));
}
diff --git a/Source/VCExpr/TermFormulaFlattening.cs b/Source/VCExpr/TermFormulaFlattening.cs index bfb8cb3a..7111939a 100644 --- a/Source/VCExpr/TermFormulaFlattening.cs +++ b/Source/VCExpr/TermFormulaFlattening.cs @@ -8,7 +8,7 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
using Microsoft.Boogie.VCExprAST;
@@ -48,57 +48,65 @@ namespace Microsoft.Boogie.VCExprAST public class TermFormulaFlattener : MutatingVCExprVisitor<FlattenerState> {
- public TermFormulaFlattener(VCExpressionGenerator! gen) {
- base(gen);
+ public TermFormulaFlattener(VCExpressionGenerator gen):base(gen){
+Contract.Requires(gen != null);
+
}
- private readonly IDictionary<VCExpr!, VCExprVar!>! Bindings =
- new Dictionary<VCExpr!, VCExprVar!> ();
+ private readonly IDictionary<VCExpr/*!*/, VCExprVar/*!*/>/*!*/ Bindings =
+ new Dictionary<VCExpr/*!*/, VCExprVar/*!*/> ();
private int varNameCounter = 0;
- public VCExpr! Flatten(VCExpr! expr) {
- VCExpr! res = Mutate(expr, FlattenerState.INITIAL);
+ public VCExpr Flatten(VCExpr expr){
+Contract.Requires(expr != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr/*!*/ res = Mutate(expr, FlattenerState.INITIAL);
+ Contract.Assert(res != null);
while (Bindings.Count > 0) {
- List<VCExprLetBinding!>! letBindings = new List<VCExprLetBinding!> ();
- foreach (KeyValuePair<VCExpr!, VCExprVar!> pair in Bindings)
- letBindings.Add(Gen.LetBinding(pair.Value, pair.Key));
+ List<VCExprLetBinding/*!*/>/*!*/ letBindings = new List<VCExprLetBinding/*!*/> ();
+ foreach (KeyValuePair<VCExpr/*!*/, VCExprVar/*!*/> pair in Bindings){Contract.Assert(cce.NonNullElements(pair));
+ letBindings.Add(Gen.LetBinding(pair.Value, pair.Key));}
Bindings.Clear();
res = AddBindings(letBindings, res, FlattenerState.INITIAL);
}
return res;
}
- private VCExprVar! GetVarFor(VCExpr! expr) requires expr.Type.IsBool; {
+ private VCExprVar GetVarFor(VCExpr expr){
+Contract.Requires(expr != null);
+Contract.Requires((expr.Type.IsBool));
+Contract.Ensures(Contract.Result<VCExprVar>() != null);
VCExprVar res;
if (!Bindings.TryGetValue(expr, out res)) {
- string! name = "flt" + varNameCounter;
+ string name = "flt" + varNameCounter;
varNameCounter = varNameCounter + 1;
res = Gen.Variable(name, Type.Bool);
Bindings.Add(expr, res);
}
- return (!)res;
+ return cce.NonNull(res);
}
// Remove all let-bindings from the field bindings whose rhs
// contains any of the specified variables
- private List<VCExprLetBinding!>!
- RemoveBindingsWithVars(List<VCExprVar!>! boundVars,
- List<TypeVariable!>! boundTypeVars) {
-
- List<VCExprLetBinding!>! res = new List<VCExprLetBinding!> ();
- FreeVariableCollector! coll = new FreeVariableCollector ();
-
- foreach (KeyValuePair<VCExpr!, VCExprVar!> pair in Bindings) {
+ private List<VCExprLetBinding/*!*/>/*!*/ RemoveBindingsWithVars(List<VCExprVar/*!*/>/*!*/ boundVars, List<TypeVariable/*!*/>/*!*/ boundTypeVars){
+Contract.Requires(cce.NonNullElements(boundTypeVars));
+Contract.Requires(cce.NonNullElements(boundVars));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprLetBinding>>()));
+ List<VCExprLetBinding/*!*/>/*!*/ res = new List<VCExprLetBinding/*!*/> ();
+ FreeVariableCollector/*!*/ coll = new FreeVariableCollector ();
+
+ foreach (KeyValuePair<VCExpr, VCExprVar> pair in Bindings) {
+ Contract.Assert(cce.NonNullElements(pair));
coll.Collect(pair.Key);
- if (exists{VCExprVar! var in boundVars; coll.FreeTermVars.ContainsKey(var)} ||
- exists{TypeVariable! var in boundTypeVars; coll.FreeTypeVars.Contains(var)})
+ if (Contract.Exists(boundVars, var => coll.FreeTermVars.ContainsKey(var)) ||
+ Contract.Exists(boundTypeVars, var => coll.FreeTypeVars.Contains(var)))
res.Add(Gen.LetBinding(pair.Value, pair.Key));
coll.Reset();
}
- foreach (VCExprLetBinding! b in res)
- Bindings.Remove(b.E);
+ foreach (VCExprLetBinding b in res){Contract.Assert(b != null);
+ Bindings.Remove(b.E);}
return res;
}
@@ -106,13 +114,16 @@ namespace Microsoft.Boogie.VCExprAST // Add bindings to a formula using an implication or
// conjunction. The bindings themselves will be flattened as well,
// which might introduce further bindings
- private VCExpr! AddBindings(List<VCExprLetBinding!>! bindings,
- VCExpr! body,
- FlattenerState state)
- requires body.Type.IsBool; {
-
- List<VCExprLetBinding!>! mutatedBindings = FlattenBindings(bindings, state);
- VCExpr! bindingEquations = Gen.AsEquations(mutatedBindings);
+ private VCExpr AddBindings(List<VCExprLetBinding/*!*/>/*!*/ bindings, VCExpr body, FlattenerState state){
+Contract.Requires(body != null);
+Contract.Requires(cce.NonNullElements(bindings));
+Contract.Requires((body.Type.IsBool));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ List<VCExprLetBinding/*!*/>/*!*/ mutatedBindings = FlattenBindings(bindings, state);
+ Contract.Assert(mutatedBindings != null);
+ VCExpr/*!*/ bindingEquations = Gen.AsEquations(mutatedBindings);
+ Contract.Assert(bindingEquations != null);
switch(state.Polarity) {
case 1:
return Gen.Implies(bindingEquations, body);
@@ -120,27 +131,32 @@ namespace Microsoft.Boogie.VCExprAST return Gen.And(bindingEquations, body);
case 0:
// also add explicit quantifiers for the bound variables
- List<VCExprVar!>! vars = new List<VCExprVar!> ();
- foreach (VCExprLetBinding! binding in mutatedBindings)
- vars.Add(binding.V);
- return Gen.Forall(vars, new List<VCTrigger!>(),
+ List<VCExprVar/*!*/>/*!*/ vars = new List<VCExprVar/*!*/> ();
+ foreach (VCExprLetBinding/*!*/ binding in mutatedBindings){Contract.Assert(binding != null);
+ vars.Add(binding.V);}
+ return Gen.Forall(vars, new List<VCTrigger/*!*/>(),
Gen.Implies(bindingEquations, body));
}
- assert false;
+ Contract.Assert(false); throw new cce.UnreachableException();
}
- private List<VCExprLetBinding!>! FlattenBindings(List<VCExprLetBinding!>! bindings,
- FlattenerState state) {
+ private List<VCExprLetBinding/*!*/>/*!*/ FlattenBindings(List<VCExprLetBinding/*!*/>/*!*/ bindings, FlattenerState state){
+Contract.Requires(cce.NonNullElements(bindings));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprLetBinding>>()));
FlattenerState stateInBindings = state.ZeroPolarity;
- List<VCExprLetBinding!>! mutatedBindings = new List<VCExprLetBinding!> ();
- foreach (VCExprLetBinding! b in bindings)
+ List<VCExprLetBinding/*!*/>/*!*/ mutatedBindings = new List<VCExprLetBinding/*!*/> ();
+ foreach (VCExprLetBinding/*!*/ b in bindings) {
+ Contract.Assert(b != null);
mutatedBindings.Add(Gen.LetBinding(b.V, Mutate(b.E, stateInBindings)));
+ }
return mutatedBindings;
}
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprNAry! node, FlattenerState state) {
+ public override VCExpr Visit(VCExprNAry node, FlattenerState state){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// track the polarity to know whether implications or conjunctions
// are to be introduced
@@ -148,8 +164,8 @@ namespace Microsoft.Boogie.VCExprAST return Gen.Not(Mutate(node[0], state.TogglePolarity));
if (node.Op.Equals(VCExpressionGenerator.ImpliesOp)) {
- VCExpr! newArg0 = Mutate(node[0], state.TogglePolarity);
- VCExpr! newArg1 = Mutate(node[1], state);
+ VCExpr newArg0 = Mutate(node[0], state.TogglePolarity);
+ VCExpr newArg1 = Mutate(node[1], state);
return Gen.Implies(newArg0, newArg1);
}
@@ -165,40 +181,43 @@ namespace Microsoft.Boogie.VCExprAST return base.Visit(node, state);
}
- public override VCExpr! Visit(VCExprQuantifier! node, FlattenerState state) {
+ public override VCExpr Visit(VCExprQuantifier node, FlattenerState state){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
if (state.InTerm)
return GetVarFor(node);
// we only flatten within the matrix of the quantified formula,
// not within the triggers (since SMT-solvers do not seem to
// appreciate triggers with let-binders)
- VCExpr! newBody = Mutate(node.Body, state);
+ VCExpr newBody = Mutate(node.Body, state);
// Check whether any of the extracted terms contain variables
// bound by this quantifier. In this case, we have to add
// let-binders and remove the extracted terms
bool cont = true;
while (cont) {
- List<VCExprLetBinding!>! localBindings =
+ List<VCExprLetBinding/*!*/>/*!*/ localBindings =
RemoveBindingsWithVars(node.BoundVars, node.TypeParameters);
+ Contract.Assert(cce.NonNullElements(localBindings));
if (localBindings.Count > 0)
newBody = AddBindings(localBindings, newBody, state);
else
cont = false;
}
- return Gen.Quantify(node.Quan, node.TypeParameters,
- node.BoundVars, node.Triggers,
- node.Infos, newBody);
+ return Gen.Quantify(node.Quan, node.TypeParameters, node.BoundVars, node.Triggers, node.Infos, newBody);
}
- public override VCExpr! Visit(VCExprLet! node, FlattenerState state) {
+ public override VCExpr Visit(VCExprLet node, FlattenerState state){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
if (state.InTerm)
return GetVarFor(node);
- VCExprLet! prelimRes = (VCExprLet!)base.Visit(node, state);
+ VCExprLet prelimRes = (VCExprLet)cce.NonNull(base.Visit(node, state));
- List<VCExprLetBinding!>! allBindings = new List<VCExprLetBinding!> ();
+ List<VCExprLetBinding/*!*/>/*!*/ allBindings = new List<VCExprLetBinding/*!*/> ();
allBindings.AddRange(prelimRes);
// Check whether any of the extracted terms contain variables
@@ -206,8 +225,8 @@ namespace Microsoft.Boogie.VCExprAST // let-binders and remove the extracted terms
bool cont = true;
while (cont) {
- List<VCExprLetBinding!>! localBindings =
- RemoveBindingsWithVars(prelimRes.BoundVars, new List<TypeVariable!> ());
+ List<VCExprLetBinding/*!*/>/*!*/ localBindings =
+ RemoveBindingsWithVars(prelimRes.BoundVars, new List<TypeVariable/*!*/>());
if (localBindings.Count > 0)
allBindings.AddRange(FlattenBindings(localBindings, state));
else
diff --git a/Source/VCExpr/TypeErasure.cs b/Source/VCExpr/TypeErasure.cs index e0852071..c4deb76c 100644 --- a/Source/VCExpr/TypeErasure.cs +++ b/Source/VCExpr/TypeErasure.cs @@ -8,84 +8,106 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
using Microsoft.Boogie.VCExprAST;
// different classes for erasing complex types in VCExprs, replacing them
// with axioms that can be handled by theorem provers and SMT solvers
-namespace Microsoft.Boogie.TypeErasure
-{
+namespace Microsoft.Boogie.TypeErasure {
using Microsoft.Boogie.VCExprAST;
// some functionality that is needed in many places (and that should
// really be provided by the Spec# container classes; maybe one
// could integrate the functions in a nicer way?)
public class HelperFuns {
-
- public static Function! BoogieFunction(string! name, List<TypeVariable!>! typeParams,
- params Type[]! types)
- requires types.Length > 0;
- requires forall{int i in (0:types.Length); types[i] != null};
- {
- VariableSeq! args = new VariableSeq ();
+
+ public static Function BoogieFunction(string name, List<TypeVariable/*!*/>/*!*/ typeParams, params Type[] types) {
+ Contract.Requires(types != null);
+ Contract.Requires(name != null);
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Requires(types.Length > 0);
+ Contract.Requires(Contract.ForAll(0, types.Length, i => types[i] != null));
+ Contract.Ensures(Contract.Result<Function>() != null);
+
+ VariableSeq args = new VariableSeq();
for (int i = 0; i < types.Length - 1; ++i)
- args.Add(new Formal (Token.NoToken,
- new TypedIdent (Token.NoToken, "arg" + i, (!)types[i]),
+ args.Add(new Formal(Token.NoToken,
+ new TypedIdent(Token.NoToken, "arg" + i, cce.NonNull(types[i])),
true));
- Formal! result = new Formal (Token.NoToken,
- new TypedIdent (Token.NoToken, "res",
- (!)types[types.Length - 1]),
+ Formal result = new Formal(Token.NoToken,
+ new TypedIdent(Token.NoToken, "res",
+ cce.NonNull(types)[types.Length - 1]),
false);
- return new Function (Token.NoToken, name, ToSeq(typeParams), args, result);
+ return new Function(Token.NoToken, name, ToSeq(typeParams), args, result);
}
- public static Function! BoogieFunction(string! name, params Type[]! types) {
- return BoogieFunction(name, new List<TypeVariable!> (), types);
+ public static Function BoogieFunction(string name, params Type[] types) {
+ Contract.Requires(types != null);
+ Contract.Requires(name != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
+ return BoogieFunction(name, new List<TypeVariable/*!*/>(), types);
}
// boogie function where all arguments and the result have the same type U
- public static Function! UniformBoogieFunction(string! name, int arity, Type! U) {
- Type[]! types = new Type [arity + 1];
+ public static Function UniformBoogieFunction(string name, int arity, Type U) {
+ Contract.Requires(U != null);
+ Contract.Requires(name != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
+ Type[]/*!*/ types = new Type[arity + 1];
for (int i = 0; i < arity + 1; ++i)
types[i] = U;
return BoogieFunction(name, types);
}
- public static List<VCExprVar!>! GenVarsForInParams(Function! fun,
- VCExpressionGenerator! gen) {
- List<VCExprVar!>! arguments = new List<VCExprVar!> (fun.InParams.Length);
- foreach (Formal! f in fun.InParams) {
- VCExprVar! var = gen.Variable(f.Name, f.TypedIdent.Type);
+ public static List<VCExprVar/*!*/>/*!*/ GenVarsForInParams(Function fun, VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(fun != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
+ List<VCExprVar/*!*/>/*!*/ arguments = new List<VCExprVar/*!*/>(fun.InParams.Length);
+ foreach (Formal/*!*/ f in fun.InParams) {
+ Contract.Assert(f != null);
+ VCExprVar/*!*/ var = gen.Variable(f.Name, f.TypedIdent.Type);
arguments.Add(var);
}
return arguments;
}
- public static List<T!>! ToList<T> (params T[]! args) {
- List<T!>! res = new List<T!> (args.Length);
- foreach (T t in args)
- res.Add((!)t);
- return res;
+ public static List<T/*!*/>/*!*/ ToList<T>(params T[] args) {
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<T>>()));
+ return new List<T>(args);
}
- public static List<TypeVariable!>! ToList(TypeVariableSeq! seq) {
- List<TypeVariable!>! res = new List<TypeVariable!> (seq.Length);
- foreach (TypeVariable! var in seq)
+ public static List<TypeVariable/*!*/>/*!*/ ToList(TypeVariableSeq seq) {
+ Contract.Requires(seq != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<TypeVariable>>()));
+ List<TypeVariable/*!*/>/*!*/ res = new List<TypeVariable/*!*/>(seq.Length);
+ foreach (TypeVariable/*!*/ var in seq) {
+ Contract.Assert(var != null);
res.Add(var);
+ }
return res;
}
- public static TypeVariableSeq! ToSeq(List<TypeVariable!>! list) {
- TypeVariableSeq! res = new TypeVariableSeq ();
- foreach (TypeVariable! var in list)
+ public static TypeVariableSeq ToSeq(List<TypeVariable/*!*/>/*!*/ list) {
+ Contract.Requires(cce.NonNullElements(list));
+ Contract.Ensures(Contract.Result<TypeVariableSeq>() != null);
+ TypeVariableSeq/*!*/ res = new TypeVariableSeq();
+ foreach (TypeVariable/*!*/ var in list) {
+ Contract.Assert(var != null);
res.Add(var);
+ }
return res;
}
- public static List<T>! Intersect<T>(List<T>! a, List<T>! b) {
- List<T>! res = new List<T> (Math.Min(a.Count, b.Count));
+ public static List<T>/*!*/ Intersect<T>(List<T> a, List<T> b) {
+ Contract.Requires(b != null);
+ Contract.Requires(a != null);
+ Contract.Ensures(Contract.Result<List<T>>() != null);
+
+ List<T>/*!*/ res = new List<T>(Math.Min(a.Count, b.Count));
foreach (T x in a)
if (b.Contains(x))
res.Add(x);
@@ -93,42 +115,59 @@ namespace Microsoft.Boogie.TypeErasure return res;
}
- public static List<KeyValuePair<T1, T2>>! ToPairList<T1, T2>(IDictionary<T1, T2>! dict) {
- List<KeyValuePair<T1, T2>>! res = new List<KeyValuePair<T1, T2>> (dict);
+ public static List<KeyValuePair<T1, T2>>/*!*/ ToPairList<T1, T2>(IDictionary<T1, T2> dict) {
+ Contract.Requires((dict != null));
+Contract.Ensures(Contract.Result<List<KeyValuePair<T1, T2>>>() != null);
+ List<KeyValuePair<T1, T2>>/*!*/ res = new List<KeyValuePair<T1, T2>>(dict);
return res;
}
- public static void AddRangeWithoutDups<T>(IEnumerable<T>! fromList, List<T>! toList) {
+ public static void AddRangeWithoutDups<T>(IEnumerable<T> fromList, List<T> toList) {
+ Contract.Requires(toList != null);
+ Contract.Requires(fromList != null);
foreach (T t in fromList)
if (!toList.Contains(t))
toList.Add(t);
}
- public static void AddFreeVariablesWithoutDups(Type! type, List<TypeVariable!>! toList) {
- foreach (TypeVariable! var in type.FreeVariables) {
+ public static void AddFreeVariablesWithoutDups(Type type, List<TypeVariable/*!*/>/*!*/ toList) {
+ Contract.Requires(type != null);
+ Contract.Requires(cce.NonNullElements(toList));
+ foreach (TypeVariable var in type.FreeVariables) {
+ Contract.Assert(var != null);
if (!toList.Contains(var))
toList.Add(var);
}
}
- public static List<VCExpr!>! ToVCExprList(List<VCExprVar!>! list) {
- List<VCExpr!>! res = new List<VCExpr!> (list.Count);
- foreach (VCExprVar! var in list)
+ public static List<VCExpr/*!*/>/*!*/ ToVCExprList(List<VCExprVar/*!*/>/*!*/ list) {
+ Contract.Requires(cce.NonNullElements(list));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
+ List<VCExpr/*!*/>/*!*/ res = new List<VCExpr/*!*/>(list.Count);
+ foreach (VCExprVar/*!*/ var in list) {
+ Contract.Assert(var != null);
res.Add(var);
+ }
return res;
}
- public static List<VCExprVar!>! VarVector(string! baseName, int num, Type! type,
- VCExpressionGenerator! gen) {
- List<VCExprVar!>! res = new List<VCExprVar!> (num);
+ public static List<VCExprVar/*!*/>/*!*/ VarVector(string baseName, int num, Type type, VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(type != null);
+ Contract.Requires(baseName != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
+ List<VCExprVar/*!*/>/*!*/ res = new List<VCExprVar/*!*/>(num);
for (int i = 0; i < num; ++i)
res.Add(gen.Variable(baseName + i, type));
return res;
}
-
- public static List<VCExprVar!>! VarVector(string! baseName, List<Type!>! types,
- VCExpressionGenerator! gen) {
- List<VCExprVar!>! res = new List<VCExprVar!> (types.Count);
+
+ public static List<VCExprVar/*!*/>/*!*/ VarVector(string baseName, List<Type/*!*/>/*!*/ types, VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(baseName != null);
+ Contract.Requires(cce.NonNullElements(types));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
+ List<VCExprVar/*!*/>/*!*/ res = new List<VCExprVar/*!*/>(types.Count);
for (int i = 0; i < types.Count; ++i)
res.Add(gen.Variable(baseName + i, types[i]));
return res;
@@ -140,12 +179,20 @@ namespace Microsoft.Boogie.TypeErasure internal struct TypeCtorRepr {
// function that represents the application of the type constructor
// to smaller types
- public readonly Function! Ctor;
+ public readonly Function/*!*/ Ctor;
// left-inverse functions that extract the subtypes of a compound type
- public readonly List<Function!>! Dtors;
+ public readonly List<Function/*!*/>/*!*/ Dtors;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Ctor != null);
+ Contract.Invariant(cce.NonNullElements(Dtors));
+ }
- public TypeCtorRepr(Function! ctor, List<Function!>! dtors)
- requires ctor.InParams.Length == dtors.Count; {
+
+ public TypeCtorRepr(Function ctor, List<Function/*!*/>/*!*/ dtors) {
+ Contract.Requires(ctor != null);
+ Contract.Requires(cce.NonNullElements(dtors));
+ Contract.Requires(ctor.InParams.Length == dtors.Count);
this.Ctor = ctor;
this.Dtors = dtors;
}
@@ -159,119 +206,168 @@ namespace Microsoft.Boogie.TypeErasure // premisses in quantifiers (the semantic approach), and one for
// type erasure with explicit type arguments of polymorphic
// functions (the syntacted approach).
+ [ContractClass(typeof(TypeAxiomBuilderContracts))]
public abstract class TypeAxiomBuilder : ICloneable {
- protected readonly VCExpressionGenerator! Gen;
+ protected readonly VCExpressionGenerator/*!*/ Gen;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Gen != null);
+ Contract.Invariant(Ctor != null);
- internal abstract MapTypeAbstractionBuilder! MapTypeAbstracter { get; }
+ }
+
+
+ internal abstract MapTypeAbstractionBuilder/*!*/ MapTypeAbstracter {
+ get;
+ }
///////////////////////////////////////////////////////////////////////////
// Type Axioms
// list in which all typed axioms are collected
- private readonly List<VCExpr!>! AllTypeAxioms;
+ private readonly List<VCExpr/*!*/>/*!*/ AllTypeAxioms;
+ [ContractInvariantMethod]
+ void AllTypeAxiomsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(AllTypeAxioms));
+ }
// list in which type axioms are incrementally collected
- private readonly List<VCExpr!>! IncTypeAxioms;
+ private readonly List<VCExpr/*!*/>/*!*/ IncTypeAxioms;
+ [ContractInvariantMethod]
+ void IncTypeAxiomsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(IncTypeAxioms));
+ }
- internal void AddTypeAxiom(VCExpr! axiom) {
+ internal void AddTypeAxiom(VCExpr axiom) {
+ Contract.Requires(axiom != null);
AllTypeAxioms.Add(axiom);
IncTypeAxioms.Add(axiom);
}
// Return all axioms that were added since the last time NewAxioms
// was called
- public VCExpr! GetNewAxioms() {
- VCExpr! res = Gen.NAry(VCExpressionGenerator.AndOp, IncTypeAxioms);
+ public VCExpr GetNewAxioms() {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr/*!*/ res = Gen.NAry(VCExpressionGenerator.AndOp, IncTypeAxioms);
IncTypeAxioms.Clear();
return res;
}
// mapping from a type to its constructor number/index
- private readonly Function! Ctor;
+ private readonly Function/*!*/ Ctor;
private BigNum CurrentCtorNum;
- private VCExpr! GenCtorAssignment(VCExpr! typeRepr) {
+ private VCExpr GenCtorAssignment(VCExpr typeRepr) {
+ Contract.Requires(typeRepr != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (CommandLineOptions.Clo.TypeEncodingMethod
== CommandLineOptions.TypeEncoding.None)
return VCExpressionGenerator.True;
- VCExpr! res = Gen.Eq(Gen.Function(Ctor, typeRepr),
+ VCExpr res = Gen.Eq(Gen.Function(Ctor, typeRepr),
Gen.Integer(CurrentCtorNum));
CurrentCtorNum = CurrentCtorNum + BigNum.ONE;
return res;
}
- private VCExpr! GenCtorAssignment(Function! typeRepr) {
+ private VCExpr GenCtorAssignment(Function typeRepr) {
+ Contract.Requires(typeRepr != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (CommandLineOptions.Clo.TypeEncodingMethod
== CommandLineOptions.TypeEncoding.None)
return VCExpressionGenerator.True;
- List<VCExprVar!>! quantifiedVars = HelperFuns.GenVarsForInParams(typeRepr, Gen);
- VCExpr! eq =
+ List<VCExprVar/*!*/>/*!*/ quantifiedVars = HelperFuns.GenVarsForInParams(typeRepr, Gen);
+ VCExpr/*!*/ eq =
GenCtorAssignment(Gen.Function(typeRepr,
HelperFuns.ToVCExprList(quantifiedVars)));
if (typeRepr.InParams.Length == 0)
return eq;
- return Gen.Forall(quantifiedVars, new List<VCTrigger!> (),
+ return Gen.Forall(quantifiedVars, new List<VCTrigger/*!*/>(),
"ctor:" + typeRepr.Name, eq);
}
// generate an axiom (forall x0, x1, ... :: invFun(fun(x0, x1, ...) == xi)
- protected VCExpr! GenLeftInverseAxiom(Function! fun, Function! invFun, int dtorNum) {
- List<VCExprVar!>! quantifiedVars = HelperFuns.GenVarsForInParams(fun, Gen);
-
- VCExpr! funApp = Gen.Function(fun, HelperFuns.ToVCExprList(quantifiedVars));
- VCExpr! lhs = Gen.Function(invFun, funApp);
- VCExpr! rhs = quantifiedVars[dtorNum];
- VCExpr! eq = Gen.Eq(lhs, rhs);
-
- List<VCTrigger!>! triggers = HelperFuns.ToList(Gen.Trigger(true, HelperFuns.ToList(funApp)));
+ protected VCExpr GenLeftInverseAxiom(Function fun, Function invFun, int dtorNum) {
+ Contract.Requires(invFun != null);
+ Contract.Requires(fun != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExprVar/*!*/>/*!*/ quantifiedVars = HelperFuns.GenVarsForInParams(fun, Gen);
+ Contract.Assert(cce.NonNullElements(quantifiedVars));
+
+ VCExpr/*!*/ funApp = Gen.Function(fun, HelperFuns.ToVCExprList(quantifiedVars));
+ VCExpr/*!*/ lhs = Gen.Function(invFun, funApp);
+ VCExpr/*!*/ rhs = quantifiedVars[dtorNum];
+ VCExpr/*!*/ eq = Gen.Eq(lhs, rhs);
+
+ List<VCTrigger/*!*/>/*!*/ triggers = HelperFuns.ToList(Gen.Trigger(true, HelperFuns.ToList(funApp)));
+ Contract.Assert(cce.NonNullElements(triggers));
return Gen.Forall(quantifiedVars, triggers, "typeInv:" + invFun.Name, eq);
}
///////////////////////////////////////////////////////////////////////////
// the type of everything that is not int, bool, or a type
- private readonly TypeCtorDecl! UDecl;
- public readonly Type! U;
+ [ContractInvariantMethod]
+ void ObjectInvariant2() {
+ Contract.Invariant(UDecl != null);
+ Contract.Invariant(TDecl != null);
+ Contract.Invariant(U != null);
+ Contract.Invariant(T != null);
+ }
+
+ private readonly TypeCtorDecl/*!*/ UDecl;
+ public readonly Type/*!*/ U;
// the type of types
- private readonly TypeCtorDecl! TDecl;
- public readonly Type! T;
+ private readonly TypeCtorDecl/*!*/ TDecl;
+ public readonly Type/*!*/ T;
- public abstract Type! TypeAfterErasure(Type! type);
- public abstract bool UnchangedType(Type! type);
+ public abstract Type/*!*/ TypeAfterErasure(Type/*!*/ type);
+ public abstract bool UnchangedType(Type/*!*/ type);
///////////////////////////////////////////////////////////////////////////
// Symbols for representing types
- private readonly IDictionary<Type!, VCExpr!>! BasicTypeReprs;
+ private readonly IDictionary<Type/*!*/, VCExpr/*!*/>/*!*/ BasicTypeReprs;
+ [ContractInvariantMethod]
+ void BasicTypeReprsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(BasicTypeReprs));
+ }
- private VCExpr! GetBasicTypeRepr(Type! type)
- requires type.IsBasic || type.IsBv; {
+ private VCExpr GetBasicTypeRepr(Type type) {
+ Contract.Requires(type != null);
+ Contract.Requires(type.IsBasic || type.IsBv);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
VCExpr res;
if (!BasicTypeReprs.TryGetValue(type, out res)) {
res = Gen.Function(HelperFuns.BoogieFunction(type.ToString() + "Type", T));
AddTypeAxiom(GenCtorAssignment(res));
BasicTypeReprs.Add(type, res);
}
- return (!)res;
+ return cce.NonNull(res);
}
- private readonly IDictionary<TypeCtorDecl!, TypeCtorRepr>! TypeCtorReprs;
+ private readonly IDictionary<TypeCtorDecl/*!*/, TypeCtorRepr/*!*/>/*!*/ TypeCtorReprs;
+ [ContractInvariantMethod]
+ void TypeCtorReprsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(TypeCtorReprs));
+ }
- internal TypeCtorRepr GetTypeCtorReprStruct(TypeCtorDecl! decl) {
+ internal TypeCtorRepr GetTypeCtorReprStruct(TypeCtorDecl decl) {
+ Contract.Requires(decl != null);
TypeCtorRepr reprSet;
if (!TypeCtorReprs.TryGetValue(decl, out reprSet)) {
- Function! ctor = HelperFuns.UniformBoogieFunction(decl.Name + "Type", decl.Arity, T);
+ Function/*!*/ ctor = HelperFuns.UniformBoogieFunction(decl.Name + "Type", decl.Arity, T);
+ Contract.Assert(ctor != null);
AddTypeAxiom(GenCtorAssignment(ctor));
- List<Function!>! dtors = new List<Function!>(decl.Arity);
+ List<Function/*!*/>/*!*/ dtors = new List<Function/*!*/>(decl.Arity);
for (int i = 0; i < decl.Arity; ++i) {
- Function! dtor = HelperFuns.UniformBoogieFunction(decl.Name + "TypeInv" + i, 1, T);
+ Function/*!*/ dtor = HelperFuns.UniformBoogieFunction(decl.Name + "TypeInv" + i, 1, T);
dtors.Add(dtor);
AddTypeAxiom(GenLeftInverseAxiom(ctor, dtor, i));
}
@@ -283,24 +379,34 @@ namespace Microsoft.Boogie.TypeErasure return reprSet;
}
- public Function! GetTypeCtorRepr(TypeCtorDecl! decl) {
+ public Function GetTypeCtorRepr(TypeCtorDecl decl) {
+ Contract.Requires(decl != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
return GetTypeCtorReprStruct(decl).Ctor;
}
- public Function! GetTypeDtor(TypeCtorDecl! decl, int num) {
+ public Function GetTypeDtor(TypeCtorDecl decl, int num) {
+ Contract.Requires(decl != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
return GetTypeCtorReprStruct(decl).Dtors[num];
}
// mapping from free type variables to VCExpr variables
- private readonly IDictionary<TypeVariable!, VCExprVar!>! TypeVariableMapping;
+ private readonly IDictionary<TypeVariable/*!*/, VCExprVar/*!*/>/*!*/ TypeVariableMapping;
+ [ContractInvariantMethod]
+ void TypeVariableMappingInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(TypeVariableMapping));
+ }
- public VCExprVar! Typed2Untyped(TypeVariable! var) {
+ public VCExprVar Typed2Untyped(TypeVariable var) {
+ Contract.Requires(var != null);
+ Contract.Ensures(Contract.Result<VCExprVar>() != null);
VCExprVar res;
if (!TypeVariableMapping.TryGetValue(var, out res)) {
- res = new VCExprVar (var.Name, T);
+ res = new VCExprVar(var.Name, T);
TypeVariableMapping.Add(var, res);
}
- return (!)res;
+ return cce.NonNull(res);
}
@@ -308,27 +414,35 @@ namespace Microsoft.Boogie.TypeErasure // Symbols for representing variables and constants
// Globally defined variables
- private readonly IDictionary<VCExprVar!, VCExprVar!>! Typed2UntypedVariables;
+ private readonly IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ Typed2UntypedVariables;
+ [ContractInvariantMethod]
+ void Typed2UntypedVariablesInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(Typed2UntypedVariables));
+ }
// This method must only be used for free (unbound) variables
- public VCExprVar! Typed2Untyped(VCExprVar! var) {
+ public VCExprVar Typed2Untyped(VCExprVar var) {
+ Contract.Requires(var != null);
+ Contract.Ensures(Contract.Result<VCExprVar>() != null);
VCExprVar res;
if (!Typed2UntypedVariables.TryGetValue(var, out res)) {
res = Gen.Variable(var.Name, TypeAfterErasure(var.Type));
Typed2UntypedVariables.Add(var, res);
AddVarTypeAxiom(res, var.Type);
}
- return (!)res;
+ return cce.NonNull(res);
}
- protected abstract void AddVarTypeAxiom(VCExprVar! var, Type! originalType);
+ protected abstract void AddVarTypeAxiom(VCExprVar/*!*/ var, Type/*!*/ originalType);
///////////////////////////////////////////////////////////////////////////
// Translation function from types to their term representation
- public VCExpr! Type2Term(Type! type,
- IDictionary<TypeVariable!, VCExpr!>! varMapping) {
- //
+ public VCExpr Type2Term(Type type, IDictionary<TypeVariable/*!*/, VCExpr/*!*/>/*!*/ varMapping) {
+ Contract.Requires(type != null);
+ Contract.Requires(cce.NonNullElements(varMapping));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ //
if (type.IsBasic || type.IsBv) {
//
return GetBasicTypeRepr(type);
@@ -336,10 +450,12 @@ namespace Microsoft.Boogie.TypeErasure } else if (type.IsCtor) {
//
CtorType ctype = type.AsCtor;
- Function! repr = GetTypeCtorRepr(ctype.Decl);
- List<VCExpr!>! args = new List<VCExpr!> (ctype.Arguments.Length);
- foreach (Type! t in ctype.Arguments)
+ Function/*!*/ repr = GetTypeCtorRepr(ctype.Decl);
+ List<VCExpr/*!*/>/*!*/ args = new List<VCExpr/*!*/>(ctype.Arguments.Length);
+ foreach (Type/*!*/ t in ctype.Arguments) {
+ Contract.Assert(t != null);
args.Add(Type2Term(t, varMapping));
+ }
return Gen.Function(repr, args);
//
} else if (type.IsVariable) {
@@ -349,7 +465,7 @@ namespace Microsoft.Boogie.TypeErasure // then the variable is free and we bind it at this point to a term
// variable
res = Typed2Untyped(type.AsVariable);
- return (!)res;
+ return cce.NonNull(res);
//
} else if (type.IsMap) {
//
@@ -357,30 +473,32 @@ namespace Microsoft.Boogie.TypeErasure //
} else {
System.Diagnostics.Debug.Fail("Don't know how to handle this type: " + type);
- assert false; // please the compiler
+ Contract.Assert(false);
+ throw new cce.UnreachableException(); // please the compiler
}
}
////////////////////////////////////////////////////////////////////////////
- public TypeAxiomBuilder(VCExpressionGenerator! gen) {
+ public TypeAxiomBuilder(VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
this.Gen = gen;
- AllTypeAxioms = new List<VCExpr!> ();
- IncTypeAxioms = new List<VCExpr!> ();
- BasicTypeReprs = new Dictionary<Type!, VCExpr!> ();
+ AllTypeAxioms = new List<VCExpr/*!*/>();
+ IncTypeAxioms = new List<VCExpr/*!*/>();
+ BasicTypeReprs = new Dictionary<Type/*!*/, VCExpr/*!*/>();
CurrentCtorNum = BigNum.ZERO;
- TypeCtorReprs = new Dictionary<TypeCtorDecl!, TypeCtorRepr> ();
- TypeVariableMapping = new Dictionary<TypeVariable!, VCExprVar!> ();
- Typed2UntypedVariables = new Dictionary<VCExprVar!, VCExprVar!> ();
+ TypeCtorReprs = new Dictionary<TypeCtorDecl/*!*/, TypeCtorRepr>();
+ TypeVariableMapping = new Dictionary<TypeVariable/*!*/, VCExprVar/*!*/>();
+ Typed2UntypedVariables = new Dictionary<VCExprVar/*!*/, VCExprVar/*!*/>();
- TypeCtorDecl! uDecl = new TypeCtorDecl(Token.NoToken, "U", 0);
+ TypeCtorDecl/*!*/ uDecl = new TypeCtorDecl(Token.NoToken, "U", 0);
UDecl = uDecl;
- Type! u = new CtorType (Token.NoToken, uDecl, new TypeSeq ());
+ Type/*!*/ u = new CtorType(Token.NoToken, uDecl, new TypeSeq());
U = u;
- TypeCtorDecl! tDecl = new TypeCtorDecl(Token.NoToken, "T", 0);
+ TypeCtorDecl/*!*/ tDecl = new TypeCtorDecl(Token.NoToken, "T", 0);
TDecl = tDecl;
- Type! t = new CtorType (Token.NoToken, tDecl, new TypeSeq ());
+ Type/*!*/ t = new CtorType(Token.NoToken, tDecl, new TypeSeq());
T = t;
Ctor = HelperFuns.BoogieFunction("Ctor", t, Type.Int);
@@ -392,10 +510,11 @@ namespace Microsoft.Boogie.TypeErasure }
// constructor to allow cloning
- internal TypeAxiomBuilder(TypeAxiomBuilder! builder) {
+ internal TypeAxiomBuilder(TypeAxiomBuilder builder) {
+ Contract.Requires(builder != null);
Gen = builder.Gen;
- AllTypeAxioms = new List<VCExpr!> (builder.AllTypeAxioms);
- IncTypeAxioms = new List<VCExpr!> (builder.IncTypeAxioms);
+ AllTypeAxioms = new List<VCExpr/*!*/>(builder.AllTypeAxioms);
+ IncTypeAxioms = new List<VCExpr/*!*/>(builder.IncTypeAxioms);
UDecl = builder.UDecl;
U = builder.U;
@@ -406,16 +525,52 @@ namespace Microsoft.Boogie.TypeErasure Ctor = builder.Ctor;
CurrentCtorNum = builder.CurrentCtorNum;
- BasicTypeReprs = new Dictionary<Type!, VCExpr!> (builder.BasicTypeReprs);
- TypeCtorReprs = new Dictionary<TypeCtorDecl!, TypeCtorRepr> (builder.TypeCtorReprs);
+ BasicTypeReprs = new Dictionary<Type/*!*/, VCExpr/*!*/>(builder.BasicTypeReprs);
+ TypeCtorReprs = new Dictionary<TypeCtorDecl/*!*/, TypeCtorRepr>(builder.TypeCtorReprs);
TypeVariableMapping =
- new Dictionary<TypeVariable!, VCExprVar!> (builder.TypeVariableMapping);
+ new Dictionary<TypeVariable/*!*/, VCExprVar/*!*/>(builder.TypeVariableMapping);
Typed2UntypedVariables =
- new Dictionary<VCExprVar!, VCExprVar!> (builder.Typed2UntypedVariables);
+ new Dictionary<VCExprVar/*!*/, VCExprVar/*!*/>(builder.Typed2UntypedVariables);
}
- public abstract Object! Clone();
+ public abstract Object/*!*/ Clone();
+ }
+
+ [ContractClassFor(typeof(TypeAxiomBuilder))]
+ public abstract class TypeAxiomBuilderContracts : TypeAxiomBuilder {
+ public TypeAxiomBuilderContracts() : base((VCExpressionGenerator)null) {
+ }
+ internal override MapTypeAbstractionBuilder MapTypeAbstracter {
+ get {
+ Contract.Ensures(Contract.Result<MapTypeAbstractionBuilder>() != null);
+ throw new NotImplementedException();
+ }
+ }
+
+ public override Type TypeAfterErasure(Type type) {
+ Contract.Requires(type != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
+
+ throw new NotImplementedException();
+ }
+
+ public override bool UnchangedType(Type type) {
+ Contract.Requires(type != null);
+ throw new NotImplementedException();
+ }
+
+ protected override void AddVarTypeAxiom(VCExprVar var, Type originalType) {
+ Contract.Requires(var != null);
+ Contract.Requires(originalType != null);
+ throw new NotImplementedException();
+ }
+
+ public override object Clone() {
+ Contract.Ensures(Contract.Result<object>() != null);
+
+ throw new NotImplementedException();
+ }
}
//////////////////////////////////////////////////////////////////////////////
@@ -429,17 +584,22 @@ namespace Microsoft.Boogie.TypeErasure // int ... integers
// bool ... booleans
+ [ContractClass(typeof(TypeAxiomBuilderIntBoolUContracts))]
public abstract class TypeAxiomBuilderIntBoolU : TypeAxiomBuilder {
- public TypeAxiomBuilderIntBoolU(VCExpressionGenerator! gen) {
- base(gen);
- TypeCasts = new Dictionary<Type!, TypeCastSet> ();
+ public TypeAxiomBuilderIntBoolU(VCExpressionGenerator gen)
+ : base(gen) {
+ Contract.Requires(gen != null);
+
+ TypeCasts = new Dictionary<Type/*!*/, TypeCastSet>();
}
// constructor to allow cloning
- internal TypeAxiomBuilderIntBoolU(TypeAxiomBuilderIntBoolU! builder) {
- base(builder);
- TypeCasts = new Dictionary<Type!, TypeCastSet> (builder.TypeCasts);
+ internal TypeAxiomBuilderIntBoolU(TypeAxiomBuilderIntBoolU builder)
+ : base(builder) {
+ Contract.Requires(builder != null);
+
+ TypeCasts = new Dictionary<Type/*!*/, TypeCastSet>(builder.TypeCasts);
}
public override void Setup() {
@@ -450,10 +610,14 @@ namespace Microsoft.Boogie.TypeErasure }
// generate inverse axioms for casts (castToU(castFromU(x)) = x, under certain premisses)
- protected abstract VCExpr! GenReverseCastAxiom(Function! castToU, Function! castFromU);
-
- protected VCExpr! GenReverseCastEq(Function! castToU, Function! castFromU,
- out VCExprVar! var, out List<VCTrigger!>! triggers) {
+ protected abstract VCExpr/*!*/ GenReverseCastAxiom(Function/*!*/ castToU, Function/*!*/ castFromU);
+
+ protected VCExpr GenReverseCastEq(Function castToU, Function castFromU, out VCExprVar var, out List<VCTrigger/*!*/>/*!*/ triggers) {
+ Contract.Requires((castFromU != null));
+Contract.Requires((castToU != null));
+Contract.Requires((cce.NonNullElements(Contract.ValueAtReturn(out triggers))));
+Contract.Ensures(Contract.ValueAtReturn(out var) != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
var = Gen.Variable("x", U);
VCExpr inner = Gen.Function(castFromU, var);
@@ -463,63 +627,81 @@ namespace Microsoft.Boogie.TypeErasure return Gen.Eq(lhs, var);
}
- protected abstract VCExpr! GenCastTypeAxioms(Function! castToU, Function! castFromU);
+ protected abstract VCExpr/*!*/ GenCastTypeAxioms(Function/*!*/ castToU, Function/*!*/ castFromU);
///////////////////////////////////////////////////////////////////////////
// storage of type casts for types that are supposed to be left over in the
// VCs (like int, bool, bitvectors)
- private readonly IDictionary<Type!, TypeCastSet>! TypeCasts;
+ private readonly IDictionary<Type/*!*/, TypeCastSet/*!*/>/*!*/ TypeCasts;
+ [ContractInvariantMethod]
+ void TypeCastsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(TypeCasts));
+ }
- private TypeCastSet GetTypeCasts(Type! type) {
+ private TypeCastSet GetTypeCasts(Type type) {
+ Contract.Requires(type != null);
TypeCastSet res;
if (!TypeCasts.TryGetValue(type, out res)) {
- Function! castToU = HelperFuns.BoogieFunction(type.ToString() + "_2_U", type, U);
- Function! castFromU = HelperFuns.BoogieFunction("U_2_" + type.ToString(), U, type);
+ Function/*!*/ castToU = HelperFuns.BoogieFunction(type.ToString() + "_2_U", type, U);
+ Function/*!*/ castFromU = HelperFuns.BoogieFunction("U_2_" + type.ToString(), U, type);
AddTypeAxiom(GenLeftInverseAxiom(castToU, castFromU, 0));
AddTypeAxiom(GenReverseCastAxiom(castToU, castFromU));
AddTypeAxiom(GenCastTypeAxioms(castToU, castFromU));
- res = new TypeCastSet (castToU, castFromU);
+ res = new TypeCastSet(castToU, castFromU);
TypeCasts.Add(type, res);
}
return res;
}
- public Function! CastTo(Type! type)
- requires UnchangedType(type); {
+ public Function CastTo(Type type) {
+ Contract.Requires(type != null);
+ Contract.Requires((UnchangedType(type)));
+ Contract.Ensures(Contract.Result<Function>() != null);
return GetTypeCasts(type).CastFromU;
}
- public Function! CastFrom(Type! type)
- requires UnchangedType(type); {
+ public Function CastFrom(Type type) {
+ Contract.Requires(type != null);
+ Contract.Requires((UnchangedType(type)));
+ Contract.Ensures(Contract.Result<Function>() != null);
return GetTypeCasts(type).CastToU;
}
private struct TypeCastSet {
- public readonly Function! CastToU;
- public readonly Function! CastFromU;
+ public readonly Function/*!*/ CastToU;
+ public readonly Function/*!*/ CastFromU;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(CastToU != null);
+ Contract.Invariant(CastFromU != null);
+ }
+
- public TypeCastSet(Function! castToU, Function! castFromU) {
+ public TypeCastSet(Function castToU, Function castFromU) {
+ Contract.Requires(castFromU != null);
+ Contract.Requires(castToU != null);
CastToU = castToU;
CastFromU = castFromU;
}
}
- public bool IsCast(Function! fun) {
+ public bool IsCast(Function fun) {
+ Contract.Requires(fun != null);
if (fun.InParams.Length != 1)
return false;
- Type! inType = ((!)fun.InParams[0]).TypedIdent.Type;
+ Type/*!*/ inType = cce.NonNull(fun.InParams[0]).TypedIdent.Type;
if (inType.Equals(U)) {
- Type! outType = ((!)fun.OutParams[0]).TypedIdent.Type;
+ Type/*!*/ outType = cce.NonNull(fun.OutParams[0]).TypedIdent.Type;
if (!TypeCasts.ContainsKey(outType))
return false;
return fun.Equals(CastTo(outType));
} else {
if (!TypeCasts.ContainsKey(inType))
return false;
- Type! outType = ((!)fun.OutParams[0]).TypedIdent.Type;
+ Type/*!*/ outType = cce.NonNull(fun.OutParams[0]).TypedIdent.Type;
if (!outType.Equals(U))
return false;
return fun.Equals(CastFrom(inType));
@@ -531,7 +713,9 @@ namespace Microsoft.Boogie.TypeErasure // the only types that we allow in "untyped" expressions are U,
// Type.Int, and Type.Bool
- public override Type! TypeAfterErasure(Type! type) {
+ public override Type TypeAfterErasure(Type type) {
+ Contract.Requires(type != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
if (UnchangedType(type))
// these types are kept
return type;
@@ -541,35 +725,78 @@ namespace Microsoft.Boogie.TypeErasure }
[Pure]
- public override bool UnchangedType(Type! type) {
+ public override bool UnchangedType(Type type) {
+ Contract.Requires(type != null);
return type.IsInt || type.IsBool || type.IsBv || (type.IsMap && CommandLineOptions.Clo.UseArrayTheory);
- }
+ }
- public VCExpr! Cast(VCExpr! expr, Type! toType)
- requires expr.Type.Equals(U) || UnchangedType(expr.Type);
- requires toType.Equals(U) || UnchangedType(toType);
- {
+ public VCExpr Cast(VCExpr expr, Type toType) {
+ Contract.Requires(toType != null);
+ Contract.Requires(expr != null);
+ Contract.Requires((expr.Type.Equals(U) || UnchangedType(expr.Type)));
+ Contract.Requires((toType.Equals(U) || UnchangedType(toType)));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (expr.Type.Equals(toType))
return expr;
if (toType.Equals(U)) {
return Gen.Function(CastFrom(expr.Type), expr);
} else {
- assert expr.Type.Equals(U);
+ Contract.Assert(expr.Type.Equals(U));
return Gen.Function(CastTo(toType), expr);
}
}
- public List<VCExpr!>! CastSeq(List<VCExpr!>! exprs, Type! toType) {
- List<VCExpr!>! res = new List<VCExpr!> (exprs.Count);
- foreach (VCExpr! expr in exprs)
+ public List<VCExpr/*!*/>/*!*/ CastSeq(List<VCExpr/*!*/>/*!*/ exprs, Type toType) {
+ Contract.Requires(toType != null);
+ Contract.Requires(cce.NonNullElements(exprs));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
+ List<VCExpr/*!*/>/*!*/ res = new List<VCExpr/*!*/>(exprs.Count);
+ foreach (VCExpr/*!*/ expr in exprs) {
+ Contract.Assert(expr != null);
res.Add(Cast(expr, toType));
+ }
return res;
}
}
+ [ContractClassFor(typeof(TypeAxiomBuilderIntBoolU))]
+ public abstract class TypeAxiomBuilderIntBoolUContracts : TypeAxiomBuilderIntBoolU {
+ public TypeAxiomBuilderIntBoolUContracts():base((TypeAxiomBuilderIntBoolU)null){
+ }
+ protected override VCExpr GenReverseCastAxiom(Function castToU, Function castFromU) {
+ Contract.Requires(castToU != null);
+ Contract.Requires(castFromU != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ throw new NotImplementedException();
+ }
+
+ protected override VCExpr GenCastTypeAxioms(Function castToU, Function castFromU) {
+ Contract.Requires(castFromU != null);
+ Contract.Requires(castToU != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ throw new NotImplementedException();
+ }
+
+ internal override MapTypeAbstractionBuilder MapTypeAbstracter {
+ get {
+ throw new NotImplementedException();
+ }
+ }
+
+ protected override void AddVarTypeAxiom(VCExprVar var, Type originalType) {
+ throw new NotImplementedException();
+ }
+
+ public override object Clone() {
+ throw new NotImplementedException();
+ }
+ }
+
//////////////////////////////////////////////////////////////////////////////
// Class for computing most general abstractions of map types. An abstraction
// of a map type t is a maptype t' in which closed proper subtypes have been replaced
@@ -580,30 +807,38 @@ namespace Microsoft.Boogie.TypeErasure //
// select<a,b>(M b, C a, b) returns (a)
// store<a,b>(M b, C a, b, a) returns (M b)
-
+ [ContractClass(typeof(MapTypeAbstractionBuilderContracts))]
internal abstract class MapTypeAbstractionBuilder {
- protected readonly TypeAxiomBuilder! AxBuilder;
- protected readonly VCExpressionGenerator! Gen;
+ protected readonly TypeAxiomBuilder/*!*/ AxBuilder;
+ protected readonly VCExpressionGenerator/*!*/ Gen;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilder != null);
+ Contract.Invariant(Gen != null);
+ }
+
- internal MapTypeAbstractionBuilder(TypeAxiomBuilder! axBuilder,
- VCExpressionGenerator! gen) {
+ internal MapTypeAbstractionBuilder(TypeAxiomBuilder axBuilder, VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
this.AxBuilder = axBuilder;
this.Gen = gen;
- AbstractionVariables = new List<TypeVariable!> ();
- ClassRepresentations = new Dictionary<MapType!, MapTypeClassRepresentation> ();
+ AbstractionVariables = new List<TypeVariable/*!*/>();
+ ClassRepresentations = new Dictionary<MapType/*!*/, MapTypeClassRepresentation>();
}
// constructor for cloning
- internal MapTypeAbstractionBuilder(TypeAxiomBuilder! axBuilder,
- VCExpressionGenerator! gen,
- MapTypeAbstractionBuilder! builder) {
+ internal MapTypeAbstractionBuilder(TypeAxiomBuilder axBuilder, VCExpressionGenerator gen, MapTypeAbstractionBuilder builder) {
+ Contract.Requires(builder != null);
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
this.AxBuilder = axBuilder;
this.Gen = gen;
AbstractionVariables =
- new List<TypeVariable!> (builder.AbstractionVariables);
+ new List<TypeVariable/*!*/>(builder.AbstractionVariables);
ClassRepresentations =
- new Dictionary<MapType!, MapTypeClassRepresentation> (builder.ClassRepresentations);
+ new Dictionary<MapType/*!*/, MapTypeClassRepresentation>(builder.ClassRepresentations);
}
///////////////////////////////////////////////////////////////////////////
@@ -611,12 +846,17 @@ namespace Microsoft.Boogie.TypeErasure // same order in all abstractions in order to obtain comparable abstractions
// (equals, hashcode)
- private readonly List<TypeVariable!>! AbstractionVariables;
+ private readonly List<TypeVariable/*!*/>/*!*/ AbstractionVariables;
+ [ContractInvariantMethod]
+ void AbstractionVariablesInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(AbstractionVariables));
+ }
- private TypeVariable! AbstractionVariable(int num)
- requires num >= 0; {
+ private TypeVariable AbstractionVariable(int num) {
+ Contract.Requires((num >= 0));
+ Contract.Ensures(Contract.Result<TypeVariable>() != null);
while (AbstractionVariables.Count <= num)
- AbstractionVariables.Add(new TypeVariable (Token.NoToken,
+ AbstractionVariables.Add(new TypeVariable(Token.NoToken,
"aVar" + AbstractionVariables.Count));
return AbstractionVariables[num];
}
@@ -628,28 +868,42 @@ namespace Microsoft.Boogie.TypeErasure // constructor and separate select/store functions are introduced.
protected struct MapTypeClassRepresentation {
- public readonly TypeCtorDecl! RepresentingType;
- public readonly Function! Select;
- public readonly Function! Store;
+ public readonly TypeCtorDecl/*!*/ RepresentingType;
+ public readonly Function/*!*/ Select;
+ public readonly Function/*!*/ Store;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(RepresentingType != null);
+ Contract.Invariant(Select != null);
+ Contract.Invariant(Store != null);
+ }
+
- public MapTypeClassRepresentation(TypeCtorDecl! representingType,
- Function! select, Function! store) {
+ public MapTypeClassRepresentation(TypeCtorDecl representingType, Function select, Function store) {
+ Contract.Requires(store != null);
+ Contract.Requires(select != null);
+ Contract.Requires(representingType != null);
this.RepresentingType = representingType;
this.Select = select;
this.Store = store;
}
}
- private readonly IDictionary<MapType!, MapTypeClassRepresentation>! ClassRepresentations;
+ private readonly IDictionary<MapType/*!*/, MapTypeClassRepresentation/*!*/>/*!*/ ClassRepresentations;
+ [ContractInvariantMethod]
+ void ClassRepresentationsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(ClassRepresentations));
+ }
- protected MapTypeClassRepresentation GetClassRepresentation(MapType! abstractedType) {
+ protected MapTypeClassRepresentation GetClassRepresentation(MapType abstractedType) {
+ Contract.Requires(abstractedType != null);
MapTypeClassRepresentation res;
if (!ClassRepresentations.TryGetValue(abstractedType, out res)) {
int num = ClassRepresentations.Count;
- TypeCtorDecl! synonym =
+ TypeCtorDecl/*!*/ synonym =
new TypeCtorDecl(Token.NoToken, "MapType" + num, abstractedType.FreeVariables.Length);
- Function! select, store;
+ Function/*!*/ select, store;
GenSelectStoreFunctions(abstractedType, synonym, out select, out store);
res = new MapTypeClassRepresentation(synonym, select, store);
@@ -660,64 +914,76 @@ namespace Microsoft.Boogie.TypeErasure // the actual select and store functions are generated by the
// concrete subclasses of this class
- protected abstract void GenSelectStoreFunctions(MapType! abstractedType,
- TypeCtorDecl! synonymDecl,
- out Function! select, out Function! store);
+ protected abstract void GenSelectStoreFunctions(MapType/*!*/ abstractedType, TypeCtorDecl/*!*/ synonymDecl, out Function/*!*/ select, out Function/*!*/ store);
///////////////////////////////////////////////////////////////////////////
- public Function! Select(MapType! rawType, out TypeSeq! instantiations) {
+ public Function Select(MapType rawType, out TypeSeq instantiations) {
+ Contract.Requires((rawType != null));
+Contract.Ensures(Contract.ValueAtReturn(out instantiations) != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
return AbstractAndGetRepresentation(rawType, out instantiations).Select;
}
- public Function! Store(MapType! rawType, out TypeSeq! instantiations) {
+ public Function Store(MapType rawType, out TypeSeq instantiations) {
+ Contract.Requires((rawType != null));
+Contract.Ensures(Contract.ValueAtReturn(out instantiations) != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
return AbstractAndGetRepresentation(rawType, out instantiations).Store;
}
private MapTypeClassRepresentation
- AbstractAndGetRepresentation(MapType! rawType, out TypeSeq! instantiations) {
- instantiations = new TypeSeq ();
- MapType! abstraction = ThinOutMapType(rawType, instantiations);
+ AbstractAndGetRepresentation(MapType rawType, out TypeSeq instantiations) {
+ Contract.Requires((rawType != null));
+Contract.Ensures(Contract.ValueAtReturn(out instantiations) != null);
+ instantiations = new TypeSeq();
+ MapType/*!*/ abstraction = ThinOutMapType(rawType, instantiations);
return GetClassRepresentation(abstraction);
}
- public CtorType! AbstractMapType(MapType! rawType) {
- TypeSeq! instantiations = new TypeSeq ();
- MapType! abstraction = ThinOutMapType(rawType, instantiations);
+ public CtorType AbstractMapType(MapType rawType) {
+ Contract.Requires(rawType != null);
+ Contract.Ensures(Contract.Result<CtorType>() != null);
+ TypeSeq/*!*/ instantiations = new TypeSeq();
+ MapType/*!*/ abstraction = ThinOutMapType(rawType, instantiations);
MapTypeClassRepresentation repr = GetClassRepresentation(abstraction);
- assume repr.RepresentingType.Arity == instantiations.Length;
+ Contract.Assume(repr.RepresentingType.Arity == instantiations.Length);
return new CtorType(Token.NoToken, repr.RepresentingType, instantiations);
}
// TODO: cache the result of this operation
- protected MapType! ThinOutMapType(MapType! rawType,
- TypeSeq! instantiations) {
- TypeSeq! newArguments = new TypeSeq ();
- foreach (Type! subtype in rawType.Arguments)
+ protected MapType ThinOutMapType(MapType rawType, TypeSeq instantiations) {
+ Contract.Requires(instantiations != null);
+ Contract.Requires(rawType != null);
+ Contract.Ensures(Contract.Result<MapType>() != null);
+ TypeSeq/*!*/ newArguments = new TypeSeq();
+ foreach (Type/*!*/ subtype in rawType.Arguments) {
+ Contract.Assert(subtype != null);
newArguments.Add(ThinOutType(subtype, rawType.TypeParameters,
instantiations));
- Type! newResult = ThinOutType(rawType.Result, rawType.TypeParameters,
+ }
+ Type/*!*/ newResult = ThinOutType(rawType.Result, rawType.TypeParameters,
instantiations);
return new MapType(Token.NoToken, rawType.TypeParameters, newArguments, newResult);
}
- private Type! ThinOutType(Type! rawType, TypeVariableSeq! boundTypeParams,
- // the instantiations of inserted type variables,
- // the order corresponds to the order in which
- // "AbstractionVariable(int)" delivers variables
- TypeSeq! instantiations) {
+ // the instantiations of inserted type variables, the order corresponds to the order in which "AbstractionVariable(int)" delivers variables
+ private Type/*!*/ ThinOutType(Type rawType, TypeVariableSeq boundTypeParams, TypeSeq instantiations) {
+ Contract.Requires(instantiations != null);
+ Contract.Requires(boundTypeParams != null);
+ Contract.Requires(rawType != null);
+ Contract.Ensures(Contract.Result<Type>() != null);
if (CommandLineOptions.Clo.Monomorphize && AxBuilder.UnchangedType(rawType))
return rawType;
- if (forall{TypeVariable! var in rawType.FreeVariables;
- !boundTypeParams.Has(var)}) {
+ if (Contract.ForAll(0,rawType.FreeVariables.Length, var => !boundTypeParams.Has(rawType.FreeVariables[ var]))) {
// Bingo!
// if the type does not contain any bound variables, we can simply
// replace it with a type variable
- TypeVariable! abstractionVar = AbstractionVariable(instantiations.Length);
- assume !boundTypeParams.Has(abstractionVar);
+ TypeVariable/*!*/ abstractionVar = AbstractionVariable(instantiations.Length);
+ Contract.Assume(!boundTypeParams.Has(abstractionVar));
instantiations.Add(rawType);
return abstractionVar;
}
@@ -725,24 +991,26 @@ namespace Microsoft.Boogie.TypeErasure if (rawType.IsVariable) {
//
// then the variable has to be bound, we cannot do anything
- TypeVariable! rawVar = rawType.AsVariable;
- assume boundTypeParams.Has(rawVar);
+ TypeVariable/*!*/ rawVar = rawType.AsVariable;
+ Contract.Assume(boundTypeParams.Has(rawVar));
return rawVar;
//
} else if (rawType.IsMap) {
//
// recursively abstract this map type and continue abstracting
- CtorType! abstraction = AbstractMapType(rawType.AsMap);
+ CtorType/*!*/ abstraction = AbstractMapType(rawType.AsMap);
return ThinOutType(abstraction, boundTypeParams, instantiations);
//
} else if (rawType.IsCtor) {
//
// traverse the subtypes
- CtorType! rawCtorType = rawType.AsCtor;
- TypeSeq! newArguments = new TypeSeq ();
- foreach (Type! subtype in rawCtorType.Arguments)
+ CtorType/*!*/ rawCtorType = rawType.AsCtor;
+ TypeSeq/*!*/ newArguments = new TypeSeq();
+ foreach (Type/*!*/ subtype in rawCtorType.Arguments) {
+ Contract.Assert(subtype != null);
newArguments.Add(ThinOutType(subtype, boundTypeParams,
instantiations));
+ }
return new CtorType(Token.NoToken, rawCtorType.Decl, newArguments);
//
} else {
@@ -752,58 +1020,95 @@ namespace Microsoft.Boogie.TypeErasure }
}
+ [ContractClassFor(typeof(MapTypeAbstractionBuilder))]
+ internal abstract class MapTypeAbstractionBuilderContracts : MapTypeAbstractionBuilder {
+ public MapTypeAbstractionBuilderContracts() : base(null, null) {
+ }
+ protected override void GenSelectStoreFunctions(MapType abstractedType, TypeCtorDecl synonymDecl, out Function select, out Function store) {
+ Contract.Requires(abstractedType != null);
+ Contract.Requires(synonymDecl != null);
+ Contract.Ensures(Contract.ValueAtReturn(out select) != null);
+ Contract.Ensures(Contract.ValueAtReturn(out store) != null);
+
+ throw new NotImplementedException();
+ }
+ }
+
//////////////////////////////////////////////////////////////////////////////
public class VariableBindings {
- public readonly IDictionary<VCExprVar!, VCExprVar!>! VCExprVarBindings;
- public readonly IDictionary<TypeVariable!, VCExpr!>! TypeVariableBindings;
-
- public VariableBindings(IDictionary<VCExprVar!, VCExprVar!>! vcExprVarBindings,
- IDictionary<TypeVariable!, VCExpr!>! typeVariableBindings) {
+ public readonly IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ VCExprVarBindings;
+ public readonly IDictionary<TypeVariable/*!*/, VCExpr/*!*/>/*!*/ TypeVariableBindings;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(VCExprVarBindings));
+ Contract.Invariant(cce.NonNullElements(TypeVariableBindings));
+ }
+
+
+ public VariableBindings(IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ vcExprVarBindings,
+ IDictionary<TypeVariable/*!*/, VCExpr/*!*/>/*!*/ typeVariableBindings) {
+ Contract.Requires(cce.NonNullElements(vcExprVarBindings));
+ Contract.Requires(cce.NonNullElements(typeVariableBindings));
this.VCExprVarBindings = vcExprVarBindings;
this.TypeVariableBindings = typeVariableBindings;
}
- public VariableBindings() {
- this (new Dictionary<VCExprVar!, VCExprVar!> (),
- new Dictionary<TypeVariable!, VCExpr!> ());
+ public VariableBindings() :
+ this(new Dictionary<VCExprVar/*!*/, VCExprVar/*!*/>(),
+ new Dictionary<TypeVariable/*!*/, VCExpr/*!*/>()) {
}
- public VariableBindings! Clone() {
- IDictionary<VCExprVar!, VCExprVar!>! newVCExprVarBindings =
- new Dictionary<VCExprVar!, VCExprVar!> ();
- foreach (KeyValuePair<VCExprVar!, VCExprVar!> pair in VCExprVarBindings)
+ public VariableBindings Clone() {
+ Contract.Ensures(Contract.Result<VariableBindings>() != null);
+ IDictionary<VCExprVar/*!*/, VCExprVar/*!*/>/*!*/ newVCExprVarBindings =
+ new Dictionary<VCExprVar/*!*/, VCExprVar/*!*/>();
+ foreach (KeyValuePair<VCExprVar/*!*/, VCExprVar/*!*/> pair in VCExprVarBindings) {
+ Contract.Assert(cce.NonNullElements(pair));
newVCExprVarBindings.Add(pair);
- IDictionary<TypeVariable!, VCExpr!>! newTypeVariableBindings =
- new Dictionary<TypeVariable!, VCExpr!> ();
- foreach (KeyValuePair<TypeVariable!, VCExpr!> pair in TypeVariableBindings)
+ }
+ IDictionary<TypeVariable/*!*/, VCExpr/*!*/>/*!*/ newTypeVariableBindings =
+ new Dictionary<TypeVariable/*!*/, VCExpr/*!*/>();
+ foreach (KeyValuePair<TypeVariable/*!*/, VCExpr/*!*/> pair in TypeVariableBindings) {
+ Contract.Assert(cce.NonNullElements(pair));
newTypeVariableBindings.Add(pair);
+ }
return new VariableBindings(newVCExprVarBindings, newTypeVariableBindings);
}
}
-
+
//////////////////////////////////////////////////////////////////////////////
// The central class for turning types VCExprs into untyped
// VCExprs. This class makes use of the type axiom builder to manage
// the available types and symbols.
+ [ContractClass(typeof(TypeEraserContracts))]
+ public abstract class TypeEraser : MutatingVCExprVisitor<VariableBindings/*!*/> {
- public abstract class TypeEraser : MutatingVCExprVisitor<VariableBindings!> {
+ protected readonly TypeAxiomBuilderIntBoolU/*!*/ AxBuilder;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilder != null);
+ }
- protected readonly TypeAxiomBuilderIntBoolU! AxBuilder;
- protected abstract OpTypeEraser! OpEraser { get; }
-
+ protected abstract OpTypeEraser/*!*/ OpEraser {
+ get;
+ }
+
////////////////////////////////////////////////////////////////////////////
- public TypeEraser(TypeAxiomBuilderIntBoolU! axBuilder, VCExpressionGenerator! gen) {
- base(gen);
+ public TypeEraser(TypeAxiomBuilderIntBoolU axBuilder, VCExpressionGenerator gen):base(gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
AxBuilder = axBuilder;
}
- public VCExpr! Erase(VCExpr! expr, int polarity)
- requires polarity >= -1 && polarity <= 1; {
+ public VCExpr Erase(VCExpr expr, int polarity) {
+ Contract.Requires(expr != null);
+ Contract.Requires((polarity >= -1 && polarity <= 1));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
this.Polarity = polarity;
return Mutate(expr, new VariableBindings());
}
@@ -812,59 +1117,73 @@ namespace Microsoft.Boogie.TypeErasure ////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprLiteral! node, VariableBindings! bindings) {
- assume node.Type == Type.Bool || node.Type == Type.Int;
+ public override VCExpr Visit(VCExprLiteral node, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Contract.Assume(node.Type == Type.Bool || node.Type == Type.Int);
return node;
}
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprNAry! node, VariableBindings! bindings) {
- VCExprOp! op = node.Op;
+ public override VCExpr Visit(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExprOp/*!*/ op = node.Op;
if (op == VCExpressionGenerator.AndOp || op == VCExpressionGenerator.OrOp)
// more efficient on large conjunctions/disjunctions
return base.Visit(node, bindings);
// the visitor that handles all other operators
- return node.Accept<VCExpr!, VariableBindings!>(OpEraser, bindings);
+ return node.Accept<VCExpr/*!*/, VariableBindings/*!*/>(OpEraser, bindings);
}
// this method is called by MutatingVCExprVisitor.Visit(VCExprNAry, ...)
- protected override VCExpr! UpdateModifiedNode(VCExprNAry! originalNode,
- List<VCExpr!>! newSubExprs,
- bool changed,
- VariableBindings! bindings) {
- assume originalNode.Op == VCExpressionGenerator.AndOp ||
- originalNode.Op == VCExpressionGenerator.OrOp;
+ protected override VCExpr/*!*/ UpdateModifiedNode(VCExprNAry/*!*/ originalNode, List<VCExpr/*!*/>/*!*/ newSubExprs, bool changed, VariableBindings/*!*/ bindings) {
+ Contract.Requires(originalNode != null);
+ Contract.Requires(cce.NonNullElements(newSubExprs));
+ Contract.Requires(bindings != null);
+ Contract.Assume(originalNode.Op == VCExpressionGenerator.AndOp ||
+ originalNode.Op == VCExpressionGenerator.OrOp);
return Gen.Function(originalNode.Op,
AxBuilder.Cast(newSubExprs[0], Type.Bool),
AxBuilder.Cast(newSubExprs[1], Type.Bool));
}
////////////////////////////////////////////////////////////////////////////
-
- public override VCExpr! Visit(VCExprVar! node, VariableBindings! bindings) {
+
+ public override VCExpr Visit(VCExprVar node, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
VCExprVar res;
if (!bindings.VCExprVarBindings.TryGetValue(node, out res))
return AxBuilder.Typed2Untyped(node);
- return (!)res;
+ return cce.NonNull(res);
}
////////////////////////////////////////////////////////////////////////////
- protected bool IsUniversalQuantifier(VCExprQuantifier! node) {
+ protected bool IsUniversalQuantifier(VCExprQuantifier node) {
+ Contract.Requires(node != null);
return Polarity == 1 && node.Quan == Quantifier.EX ||
Polarity == -1 && node.Quan == Quantifier.ALL;
}
- protected List<VCExprVar!>! BoundVarsAfterErasure(List<VCExprVar!>! oldBoundVars,
- // the mapping between old and new variables
- // is added to this bindings-object
- VariableBindings! bindings) {
- List<VCExprVar!>! newBoundVars = new List<VCExprVar!> (oldBoundVars.Count);
- foreach (VCExprVar! var in oldBoundVars) {
- Type! newType = AxBuilder.TypeAfterErasure(var.Type);
- VCExprVar! newVar = Gen.Variable(var.Name, newType);
+ protected List<VCExprVar/*!*/>/*!*/ BoundVarsAfterErasure(List<VCExprVar/*!*/>/*!*/ oldBoundVars,
+ // the mapping between old and new variables
+ // is added to this bindings-object
+ VariableBindings/*!*/ bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(cce.NonNullElements(oldBoundVars));
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
+
+ List<VCExprVar/*!*/>/*!*/ newBoundVars = new List<VCExprVar/*!*/>(oldBoundVars.Count);
+ foreach (VCExprVar/*!*/ var in oldBoundVars) {
+ Type/*!*/ newType = AxBuilder.TypeAfterErasure(var.Type);
+ VCExprVar/*!*/ newVar = Gen.Variable(var.Name, newType);
newBoundVars.Add(newVar);
bindings.VCExprVarBindings.Add(var, newVar);
}
@@ -876,15 +1195,21 @@ namespace Microsoft.Boogie.TypeErasure // it may be better to give variable x the type U and remove the
// cast. The following method returns true if the quantifier
// should be translated again with a different typing
- protected bool RedoQuantifier(VCExprQuantifier! node,
- VCExprQuantifier! newNode,
- // the bound vars that actually occur in the body or
- // in any of the triggers
- List<VCExprVar!>! occurringVars,
- VariableBindings! oldBindings,
- out VariableBindings! newBindings,
- out List<VCExprVar!>! newBoundVars) {
- List<VCExprVar!> castVariables =
+ protected bool RedoQuantifier(VCExprQuantifier/*!*/ node,
+ VCExprQuantifier/*!*/ newNode,
+ // the bound vars that actually occur in the body or
+ // in any of the triggers
+ List<VCExprVar/*!*/>/*!*/ occurringVars,
+ VariableBindings/*!*/ oldBindings,
+ out VariableBindings/*!*/ newBindings,
+ out List<VCExprVar/*!*/>/*!*/ newBoundVars) {
+ Contract.Requires(node != null);
+ Contract.Requires(newNode != null);
+ Contract.Requires(cce.NonNullElements(occurringVars));
+ Contract.Requires(oldBindings != null);
+ Contract.Ensures(Contract.ValueAtReturn(out newBindings) != null);
+ Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out newBoundVars)));
+ List<VCExprVar/*!*/> castVariables =
VariableCastCollector.FindCastVariables(node, newNode, AxBuilder);
if (castVariables.Count == 0) {
newBindings = oldBindings; // to make the compiler happy
@@ -895,79 +1220,117 @@ namespace Microsoft.Boogie.TypeErasure // redo everything with a different typing ...
newBindings = oldBindings.Clone();
- newBoundVars = new List<VCExprVar!> (node.BoundVars.Count);
- foreach (VCExprVar! var in node.BoundVars) {
- Type! newType =
+ newBoundVars = new List<VCExprVar/*!*/>(node.BoundVars.Count);
+ foreach (VCExprVar/*!*/ var in node.BoundVars) {
+ Contract.Assert(var != null);
+ Type/*!*/ newType =
castVariables.Contains(var) ? AxBuilder.U
: AxBuilder.TypeAfterErasure(var.Type);
- VCExprVar! newVar = Gen.Variable(var.Name, newType);
+ Contract.Assert(newType != null);
+ VCExprVar/*!*/ newVar = Gen.Variable(var.Name, newType);
+ Contract.Assert(newVar != null);
newBoundVars.Add(newVar);
newBindings.VCExprVarBindings.Add(var, newVar);
}
return true;
- }
+ }
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprLet! node, VariableBindings! bindings) {
- VariableBindings! newVarBindings = bindings.Clone();
+ public override VCExpr Visit(VCExprLet node, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VariableBindings/*!*/ newVarBindings = bindings.Clone();
- List<VCExprVar!>! newBoundVars = new List<VCExprVar!> (node.BoundVars.Count);
- foreach (VCExprVar! var in node.BoundVars) {
- Type! newType = AxBuilder.TypeAfterErasure(var.Type);
- VCExprVar! newVar = Gen.Variable(var.Name, newType);
+ List<VCExprVar/*!*/>/*!*/ newBoundVars = new List<VCExprVar/*!*/>(node.BoundVars.Count);
+ foreach (VCExprVar/*!*/ var in node.BoundVars) {
+ Type/*!*/ newType = AxBuilder.TypeAfterErasure(var.Type);
+ VCExprVar/*!*/ newVar = Gen.Variable(var.Name, newType);
newBoundVars.Add(newVar);
newVarBindings.VCExprVarBindings.Add(var, newVar);
}
- List<VCExprLetBinding!>! newbindings = new List<VCExprLetBinding!> (node.Length);
+ List<VCExprLetBinding/*!*/>/*!*/ newbindings = new List<VCExprLetBinding/*!*/>(node.Length);
for (int i = 0; i < node.Length; ++i) {
- VCExprLetBinding! binding = node[i];
- VCExprVar! newVar = newBoundVars[i];
- Type! newType = newVar.Type;
+ VCExprLetBinding/*!*/ binding = node[i];
+ Contract.Assert(binding != null);
+ VCExprVar/*!*/ newVar = newBoundVars[i];
+ Type/*!*/ newType = newVar.Type;
- VCExpr! newE = AxBuilder.Cast(Mutate(binding.E, newVarBindings), newType);
+ VCExpr/*!*/ newE = AxBuilder.Cast(Mutate(binding.E, newVarBindings), newType);
newbindings.Add(Gen.LetBinding(newVar, newE));
}
- VCExpr! newbody = Mutate(node.Body, newVarBindings);
+ VCExpr/*!*/ newbody = Mutate(node.Body, newVarBindings);
return Gen.Let(newbindings, newbody);
}
}
+ [ContractClassFor(typeof(TypeEraser))]
+ public abstract class TypeEraserContracts : TypeEraser {
+ public TypeEraserContracts() : base(null, null) {
+ }
+ protected override OpTypeEraser OpEraser {
+ get {
+ Contract.Ensures(Contract.Result<OpTypeEraser>() != null);
+ throw new NotImplementedException();
+ }
+ }
+ }
+
+
//////////////////////////////////////////////////////////////////////////////
- public abstract class OpTypeEraser : StandardVCExprOpVisitor<VCExpr!, VariableBindings!> {
+ public abstract class OpTypeEraser : StandardVCExprOpVisitor<VCExpr/*!*/, VariableBindings/*!*/> {
- protected readonly TypeAxiomBuilderIntBoolU! AxBuilder;
+ protected readonly TypeAxiomBuilderIntBoolU/*!*/ AxBuilder;
+
+ protected readonly TypeEraser/*!*/ Eraser;
+ protected readonly VCExpressionGenerator/*!*/ Gen;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilder != null);
+ Contract.Invariant(Eraser != null);
+ Contract.Invariant(Gen != null);
+ }
- protected readonly TypeEraser! Eraser;
- protected readonly VCExpressionGenerator! Gen;
- public OpTypeEraser(TypeEraser! eraser, TypeAxiomBuilderIntBoolU! axBuilder,
- VCExpressionGenerator! gen) {
+ public OpTypeEraser(TypeEraser/*!*/ eraser, TypeAxiomBuilderIntBoolU/*!*/ axBuilder, VCExpressionGenerator/*!*/ gen) {
+ Contract.Requires(eraser != null);
+ Contract.Requires(axBuilder != null);
+ Contract.Requires(gen != null);
this.AxBuilder = axBuilder;
this.Eraser = eraser;
this.Gen = gen;
}
- protected override VCExpr! StandardResult(VCExprNAry! node, VariableBindings! bindings) {
+ protected override VCExpr StandardResult(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
System.Diagnostics.Debug.Fail("Don't know how to erase types in this expression: " + node);
- assert false; // to please the compiler
+ Contract.Assert(false);
+ throw new cce.UnreachableException(); // to please the compiler
}
- private List<VCExpr!>! MutateSeq(VCExprNAry! node, VariableBindings! bindings,
- int newPolarity) {
+ private List<VCExpr/*!*/>/*!*/ MutateSeq(VCExprNAry node, VariableBindings bindings, int newPolarity) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
int oldPolarity = Eraser.Polarity;
Eraser.Polarity = newPolarity;
- List<VCExpr!>! newArgs = Eraser.MutateSeq(node, bindings);
+ List<VCExpr/*!*/>/*!*/ newArgs = Eraser.MutateSeq(node, bindings);
Eraser.Polarity = oldPolarity;
return newArgs;
}
- private VCExpr! CastArguments(VCExprNAry! node, Type! argType, VariableBindings! bindings,
- int newPolarity) {
+ private VCExpr CastArguments(VCExprNAry node, Type argType, VariableBindings bindings, int newPolarity) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(argType != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Gen.Function(node.Op,
AxBuilder.CastSeq(MutateSeq(node, bindings, newPolarity),
argType));
@@ -975,14 +1338,16 @@ namespace Microsoft.Boogie.TypeErasure // Cast the arguments of the node to their old type if necessary and possible; otherwise use
// their new type (int, bool, or U)
- private VCExpr! CastArgumentsToOldType(VCExprNAry! node, VariableBindings! bindings,
- int newPolarity)
- requires node.Arity > 0; {
-
- List<VCExpr!>! newArgs = MutateSeq(node, bindings, newPolarity);
- Type! oldType = node[0].Type;
+ private VCExpr CastArgumentsToOldType(VCExprNAry node, VariableBindings bindings, int newPolarity) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Requires((node.Arity > 0));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ List<VCExpr/*!*/>/*!*/ newArgs = MutateSeq(node, bindings, newPolarity);
+ Type/*!*/ oldType = node[0].Type;
if (AxBuilder.UnchangedType(oldType) &&
- forall{int i in (1:node.Arity); node[i].Type.Equals(oldType)})
+ Contract.ForAll(1, node.Arity, i => node[i].Type.Equals(oldType)))
return Gen.Function(node.Op, AxBuilder.CastSeq(newArgs, oldType));
else
return Gen.Function(node.Op, AxBuilder.CastSeq(newArgs, AxBuilder.U));
@@ -990,34 +1355,55 @@ namespace Microsoft.Boogie.TypeErasure ///////////////////////////////////////////////////////////////////////////
- public override VCExpr! VisitNotOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitNotOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Bool, bindings, -Eraser.Polarity);
}
- public override VCExpr! VisitEqOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitEqOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArgumentsToOldType(node, bindings, 0);
}
- public override VCExpr! VisitNeqOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitNeqOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArgumentsToOldType(node, bindings, 0);
}
- public override VCExpr! VisitImpliesOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitImpliesOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// UGLY: the code for tracking polarities should be factored out
- List<VCExpr!>! newArgs = new List<VCExpr!> (2);
+ List<VCExpr/*!*/>/*!*/ newArgs = new List<VCExpr/*!*/>(2);
Eraser.Polarity = -Eraser.Polarity;
newArgs.Add(Eraser.Mutate(node[0], bindings));
Eraser.Polarity = -Eraser.Polarity;
newArgs.Add(Eraser.Mutate(node[1], bindings));
return Gen.Function(node.Op, AxBuilder.CastSeq(newArgs, Type.Bool));
}
- public override VCExpr! VisitDistinctOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitDistinctOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArgumentsToOldType(node, bindings, 0);
}
- public override VCExpr! VisitLabelOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitLabelOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// argument of the label operator should always be a formula
// (at least for Simplify ... should this be ensured at a later point?)
return CastArguments(node, Type.Bool, bindings, Eraser.Polarity);
}
- public override VCExpr! VisitIfThenElseOp (VCExprNAry! node, VariableBindings! bindings) {
- List<VCExpr!>! newArgs = MutateSeq(node, bindings, 0);
+ public override VCExpr VisitIfThenElseOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExpr/*!*/>/*!*/ newArgs = MutateSeq(node, bindings, 0);
newArgs[0] = AxBuilder.Cast(newArgs[0], Type.Bool);
Type t = node.Type;
if (!AxBuilder.UnchangedType(t)) {
@@ -1027,54 +1413,98 @@ namespace Microsoft.Boogie.TypeErasure newArgs[2] = AxBuilder.Cast(newArgs[2], t);
return Gen.Function(node.Op, newArgs);
}
- public override VCExpr! VisitCustomOp (VCExprNAry! node, VariableBindings! bindings) {
- List<VCExpr!>! newArgs = MutateSeq(node, bindings, 0);
+ public override VCExpr/*!*/ VisitCustomOp (VCExprNAry/*!*/ node, VariableBindings/*!*/ bindings) {
+ Contract.Requires(node != null);
+ Contract.Requires(bindings != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ List<VCExpr/*!*/>/*!*/ newArgs = MutateSeq(node, bindings, 0);
return Gen.Function(node.Op, newArgs);
}
- public override VCExpr! VisitAddOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitAddOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitSubOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitSubOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitMulOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitMulOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitDivOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitDivOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitModOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitModOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitLtOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitLtOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitLeOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitLeOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitGtOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitGtOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitGeOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitGeOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, Type.Int, bindings, 0);
}
- public override VCExpr! VisitSubtypeOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitSubtypeOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArguments(node, AxBuilder.U, bindings, 0);
}
- public override VCExpr! VisitBvOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitBvOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArgumentsToOldType(node, bindings, 0);
}
- public override VCExpr! VisitBvExtractOp(VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitBvExtractOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return CastArgumentsToOldType(node, bindings, 0);
}
- public override VCExpr! VisitBvConcatOp (VCExprNAry! node, VariableBindings! bindings) {
- List<VCExpr!>! newArgs = MutateSeq(node, bindings, 0);
+ public override VCExpr VisitBvConcatOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExpr/*!*/>/*!*/ newArgs = MutateSeq(node, bindings, 0);
// each argument is cast to its old type
- assert newArgs.Count == node.Arity && newArgs.Count == 2;
- VCExpr! arg0 = AxBuilder.Cast(newArgs[0], node[0].Type);
- VCExpr! arg1 = AxBuilder.Cast(newArgs[1], node[1].Type);
-
+ Contract.Assert(newArgs.Count == node.Arity && newArgs.Count == 2);
+ VCExpr/*!*/ arg0 = AxBuilder.Cast(newArgs[0], node[0].Type);
+ Contract.Assert(arg0 != null);
+ VCExpr/*!*/ arg1 = AxBuilder.Cast(newArgs[1], node[1].Type);
+ Contract.Assert(arg1 != null);
return Gen.Function(node.Op, arg0, arg1);
}
@@ -1093,23 +1523,27 @@ namespace Microsoft.Boogie.TypeErasure /// the bound variables of "oldNode" correspond to the first bound
/// variables of "newNode".
/// </summary>
- public static List<VCExprVar!>! FindCastVariables(VCExprQuantifier! oldNode,
- VCExprQuantifier! newNode,
- TypeAxiomBuilderIntBoolU! axBuilder) {
- VariableCastCollector! collector = new VariableCastCollector(axBuilder);
- if (exists{VCTrigger! trigger in newNode.Triggers; trigger.Pos}) {
+ public static List<VCExprVar/*!*/>/*!*/ FindCastVariables(VCExprQuantifier oldNode, VCExprQuantifier newNode, TypeAxiomBuilderIntBoolU axBuilder) {
+Contract.Requires((axBuilder != null));
+Contract.Requires((newNode != null));
+Contract.Requires((oldNode != null));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
+ VariableCastCollector/*!*/ collector = new VariableCastCollector(axBuilder);
+ Contract.Assert(collector != null);
+ if (Contract.Exists(newNode.Triggers, trigger=> trigger.Pos)) {
// look in the given triggers
- foreach (VCTrigger! trigger in newNode.Triggers)
- if (trigger.Pos)
- foreach (VCExpr! expr in trigger.Exprs)
- collector.Traverse(expr, true);
+ foreach (VCTrigger/*!*/ trigger in newNode.Triggers){Contract.Assert(trigger != null);
+ if (trigger.Pos){
+ foreach (VCExpr/*!*/ expr in trigger.Exprs){Contract.Assert(expr != null);
+ collector.Traverse(expr, true);}}}
} else {
// look in the body of the quantifier
collector.Traverse(newNode.Body, true);
}
- List<VCExprVar!>! castVariables = new List<VCExprVar!> (collector.varsInCasts.Count);
- foreach (VCExprVar! castVar in collector.varsInCasts) {
+ List<VCExprVar/*!*/>/*!*/ castVariables = new List<VCExprVar/*!*/> (collector.varsInCasts.Count);
+ foreach (VCExprVar/*!*/ castVar in collector.varsInCasts) {
+ Contract.Assert(castVar != null);
int i = newNode.BoundVars.IndexOf(castVar);
if (0 <= i && i < oldNode.BoundVars.Count && !collector.varsOutsideCasts.ContainsKey(castVar))
castVariables.Add(oldNode.BoundVars[i]);
@@ -1117,22 +1551,34 @@ namespace Microsoft.Boogie.TypeErasure return castVariables;
}
- public VariableCastCollector(TypeAxiomBuilderIntBoolU! axBuilder) {
+ public VariableCastCollector(TypeAxiomBuilderIntBoolU axBuilder) {
+ Contract.Requires(axBuilder != null);
this.AxBuilder = axBuilder;
}
- readonly List<VCExprVar!>! varsInCasts = new List<VCExprVar!> ();
- readonly Dictionary<VCExprVar!,object>! varsOutsideCasts = new Dictionary<VCExprVar!,object> ();
+ readonly List<VCExprVar/*!*/>/*!*/ varsInCasts = new List<VCExprVar/*!*/>();
+ readonly Dictionary<VCExprVar/*!*/, object>/*!*/ varsOutsideCasts = new Dictionary<VCExprVar/*!*/, object>();
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(varsInCasts));
+ Contract.Invariant(cce.NonNullElements(varsOutsideCasts));
+ Contract.Invariant(AxBuilder != null);
+
+ }
+
- readonly TypeAxiomBuilderIntBoolU! AxBuilder;
+ readonly TypeAxiomBuilderIntBoolU/*!*/ AxBuilder;
- protected override bool StandardResult(VCExpr! node, bool arg) {
+ protected override bool StandardResult(VCExpr node, bool arg) {
+ Contract.Requires(node != null);
return true; // not used
}
- public override bool Visit(VCExprNAry! node, bool arg) {
+ public override bool Visit(VCExprNAry node, bool arg){
+Contract.Requires(node != null);
if (node.Op is VCExprBoogieFunctionOp) {
- Function! func = ((VCExprBoogieFunctionOp)node.Op).Func;
+ Function func = ((VCExprBoogieFunctionOp)node.Op).Func;
+ Contract.Assert(func != null);
if ((AxBuilder.IsCast(func)) && node[0] is VCExprVar) {
VCExprVar castVar = (VCExprVar)node[0];
if (!varsInCasts.Contains(castVar))
@@ -1165,8 +1611,9 @@ namespace Microsoft.Boogie.TypeErasure }
return base.Visit(node, arg);
}
-
- public override bool Visit(VCExprVar! node, bool arg) {
+
+ public override bool Visit(VCExprVar node, bool arg) {
+ Contract.Requires(node != null);
if (!varsOutsideCasts.ContainsKey(node))
varsOutsideCasts.Add(node, null);
return true;
diff --git a/Source/VCExpr/TypeErasureArguments.cs b/Source/VCExpr/TypeErasureArguments.cs index ec03d2e8..c1a32aba 100644 --- a/Source/VCExpr/TypeErasureArguments.cs +++ b/Source/VCExpr/TypeErasureArguments.cs @@ -8,30 +8,33 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
using Microsoft.Boogie.VCExprAST;
// Erasure of types using explicit type parameters for functions
-namespace Microsoft.Boogie.TypeErasure
-{
+namespace Microsoft.Boogie.TypeErasure {
using Microsoft.Boogie.VCExprAST;
using HFNS = Microsoft.Boogie.VCExprAST.HelperFuns;
public class TypeAxiomBuilderArguments : TypeAxiomBuilderIntBoolU {
- public TypeAxiomBuilderArguments(VCExpressionGenerator! gen) {
- base(gen);
- Typed2UntypedFunctions = new Dictionary<Function!, Function!> ();
- }
+ public TypeAxiomBuilderArguments(VCExpressionGenerator gen)
+ : base(gen) {
+ Contract.Requires(gen != null);
+
+ Typed2UntypedFunctions = new Dictionary<Function/*!*/, Function/*!*/>();
+ }
// constructor to allow cloning
[NotDelayed]
- internal TypeAxiomBuilderArguments(TypeAxiomBuilderArguments! builder) {
+ internal TypeAxiomBuilderArguments(TypeAxiomBuilderArguments builder)
+ : base(builder) {
+ Contract.Requires(builder != null);
Typed2UntypedFunctions =
- new Dictionary<Function!, Function!> (builder.Typed2UntypedFunctions);
- base(builder);
+ new Dictionary<Function/*!*/, Function/*!*/>(builder.Typed2UntypedFunctions);
+
MapTypeAbstracterAttr =
builder.MapTypeAbstracterAttr == null ?
@@ -39,7 +42,8 @@ namespace Microsoft.Boogie.TypeErasure builder.MapTypeAbstracterAttr);
}
- public override Object! Clone() {
+ public override Object Clone() {
+ Contract.Ensures(Contract.Result<Object>() != null);
return new TypeAxiomBuilderArguments(this);
}
@@ -49,29 +53,39 @@ namespace Microsoft.Boogie.TypeErasure // (this makes use of the assumption that only well-typed terms are generated
// by the SMT-solver, i.e., that U2Int is only applied to terms that actually
// are of type int)
- protected override VCExpr! GenReverseCastAxiom(Function! castToU,
- Function! castFromU) {
- List<VCTrigger!>! triggers;
- VCExprVar! var;
- VCExpr! eq = GenReverseCastEq(castToU, castFromU, out var, out triggers);
+ protected override VCExpr GenReverseCastAxiom(Function castToU, Function castFromU) {
+ Contract.Requires(castFromU != null);
+ Contract.Requires(castToU != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCTrigger/*!*/>/*!*/ triggers;
+ VCExprVar/*!*/ var;
+ VCExpr/*!*/ eq = GenReverseCastEq(castToU, castFromU, out var, out triggers);
return Gen.Forall(HelperFuns.ToList(var), triggers, "cast:" + castFromU.Name, eq);
}
- protected override VCExpr! GenCastTypeAxioms(Function! castToU,
- Function! castFromU) {
+ protected override VCExpr GenCastTypeAxioms(Function castToU, Function castFromU) {
+ Contract.Requires(castFromU != null);
+ Contract.Requires(castToU != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
// nothing
return VCExpressionGenerator.True;
}
private MapTypeAbstractionBuilderArguments MapTypeAbstracterAttr = null;
- internal override MapTypeAbstractionBuilder! MapTypeAbstracter { get {
- if (MapTypeAbstracterAttr == null)
- MapTypeAbstracterAttr = new MapTypeAbstractionBuilderArguments (this, Gen);
- return MapTypeAbstracterAttr;
- } }
+ internal override MapTypeAbstractionBuilder/*!*/ MapTypeAbstracter {
+ get {
+ Contract.Ensures(Contract.Result<MapTypeAbstractionBuilder>() != null);
+
+ if (MapTypeAbstracterAttr == null)
+ MapTypeAbstracterAttr = new MapTypeAbstractionBuilderArguments(this, Gen);
+ return MapTypeAbstracterAttr;
+ }
+ }
- protected override void AddVarTypeAxiom(VCExprVar! var, Type! originalType) {
+ protected override void AddVarTypeAxiom(VCExprVar var, Type originalType) {
+ Contract.Requires(originalType != null);
+ Contract.Requires(var != null);
// no axioms are needed for variable or function types
}
@@ -79,20 +93,26 @@ namespace Microsoft.Boogie.TypeErasure // Symbols for representing functions
// Globally defined functions
- private readonly IDictionary<Function!, Function!>! Typed2UntypedFunctions;
+ private readonly IDictionary<Function/*!*/, Function/*!*/>/*!*/ Typed2UntypedFunctions;
+ [ContractInvariantMethod]
+ void Typed2UntypedFunctionsInvariantMethod() {
+ Contract.Invariant(cce.NonNullElements(Typed2UntypedFunctions));
+ }
- public Function! Typed2Untyped(Function! fun) {
+ public Function Typed2Untyped(Function fun) {
+ Contract.Requires(fun != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
Function res;
if (!Typed2UntypedFunctions.TryGetValue(fun, out res)) {
- assert fun.OutParams.Length == 1;
+ Contract.Assert(fun.OutParams.Length == 1);
// if all of the parameters are int or bool, the function does
// not have to be changed
- if (forall{Formal f in fun.InParams; UnchangedType(((!)f).TypedIdent.Type)} &&
- UnchangedType(((!)fun.OutParams[0]).TypedIdent.Type)) {
+ if (Contract.ForAll(0, fun.InParams.Length, f => UnchangedType(cce.NonNull(fun.InParams[f]).TypedIdent.Type)) &&
+ UnchangedType(cce.NonNull(fun.OutParams[0]).TypedIdent.Type)) {
res = fun;
} else {
- Type[]! types = new Type [fun.TypeParameters.Length + fun.InParams.Length + 1];
+ Type[]/*!*/ types = new Type[fun.TypeParameters.Length + fun.InParams.Length + 1];
int i = 0;
// the first arguments are the explicit type parameters
@@ -101,12 +121,13 @@ namespace Microsoft.Boogie.TypeErasure i = i + 1;
}
// followed by the actual parameters
- foreach (Variable! x in fun.InParams) {
+ foreach (Variable/*!*/ x in fun.InParams) {
+ Contract.Assert(x != null);
types[i] = TypeAfterErasure(x.TypedIdent.Type);
i = i + 1;
}
- types[types.Length - 1] = TypeAfterErasure(((!)fun.OutParams[0]).TypedIdent.Type);
+ types[types.Length - 1] = TypeAfterErasure(cce.NonNull(fun.OutParams[0]).TypedIdent.Type);
res = HelperFuns.BoogieFunction(fun.Name, types);
res.Attributes = fun.Attributes;
@@ -114,7 +135,7 @@ namespace Microsoft.Boogie.TypeErasure Typed2UntypedFunctions.Add(fun, res);
}
- return (!)res;
+ return cce.NonNull(res);
}
}
@@ -123,37 +144,47 @@ namespace Microsoft.Boogie.TypeErasure internal class MapTypeAbstractionBuilderArguments : MapTypeAbstractionBuilder {
- private readonly TypeAxiomBuilderArguments! AxBuilderArguments;
+ private readonly TypeAxiomBuilderArguments/*!*/ AxBuilderArguments;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilderArguments != null);
+ }
+
+
+ internal MapTypeAbstractionBuilderArguments(TypeAxiomBuilderArguments axBuilder, VCExpressionGenerator gen)
+ : base(axBuilder, gen) {
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
- internal MapTypeAbstractionBuilderArguments(TypeAxiomBuilderArguments! axBuilder,
- VCExpressionGenerator! gen) {
- base(axBuilder, gen);
this.AxBuilderArguments = axBuilder;
}
// constructor for cloning
- internal MapTypeAbstractionBuilderArguments(TypeAxiomBuilderArguments! axBuilder,
- VCExpressionGenerator! gen,
- MapTypeAbstractionBuilderArguments! builder) {
- base(axBuilder, gen, builder);
+ internal MapTypeAbstractionBuilderArguments(TypeAxiomBuilderArguments axBuilder, VCExpressionGenerator gen, MapTypeAbstractionBuilderArguments builder)
+ : base(axBuilder, gen, builder) {
+ Contract.Requires(builder != null);
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
this.AxBuilderArguments = axBuilder;
}
////////////////////////////////////////////////////////////////////////////
- protected override void GenSelectStoreFunctions(MapType! abstractedType,
- TypeCtorDecl! synonym,
- out Function! select,
- out Function! store) {
- string! baseName = synonym.Name;
+ protected override void GenSelectStoreFunctions(MapType abstractedType, TypeCtorDecl synonym, out Function/*!*/ select, out Function/*!*/ store) {
+ Contract.Requires(((synonym != null)));
+Contract.Requires(((abstractedType != null)));
+Contract.Ensures(Contract.ValueAtReturn(out select) != null);
+Contract.Ensures(Contract.ValueAtReturn(out store) != null);
+ Contract.Assert(synonym.Name != null);
+ string/*!*/ baseName = synonym.Name;
int typeParamNum = abstractedType.FreeVariables.Length +
abstractedType.TypeParameters.Length;
-
+
int arity = typeParamNum + abstractedType.Arguments.Length;
- Type![]! selectTypes = new Type! [arity + 2];
- Type![]! storeTypes = new Type! [arity + 3];
-
+ Type/*!*/[]/*!*/ selectTypes = new Type/*!*/ [arity + 2];
+ Type/*!*/[]/*!*/ storeTypes = new Type/*!*/ [arity + 3];
+
int i = 0;
// Fill in the free variables and type parameters
for (; i < typeParamNum; i++) {
@@ -170,8 +201,8 @@ namespace Microsoft.Boogie.TypeErasure }
i++;
// Fill in the index types
- foreach (Type! type in abstractedType.Arguments)
- {
+ foreach (Type/*!*/ type in abstractedType.Arguments) {
+ Contract.Assert(type != null);
if (CommandLineOptions.Clo.Monomorphize && AxBuilder.UnchangedType(type)) {
selectTypes[i] = type;
storeTypes[i] = type;
@@ -192,23 +223,23 @@ namespace Microsoft.Boogie.TypeErasure }
i++;
// Fill in the map type which is the output of the store function
- if (CommandLineOptions.Clo.UseArrayTheory)
+ if (CommandLineOptions.Clo.UseArrayTheory)
storeTypes[i] = abstractedType;
else
storeTypes[i] = AxBuilder.U;
- NonNullType.AssertInitialized(selectTypes);
- NonNullType.AssertInitialized(storeTypes);
-
- select = HelperFuns.BoogieFunction(baseName + "Select", selectTypes); + Microsoft.Contracts.NonNullType.AssertInitialized(selectTypes);
+ Microsoft.Contracts.NonNullType.AssertInitialized(storeTypes);
+
+ select = HelperFuns.BoogieFunction(baseName + "Select", selectTypes);
store = HelperFuns.BoogieFunction(baseName + "Store", storeTypes);
-
+
if (CommandLineOptions.Clo.UseArrayTheory) {
select.AddAttribute("builtin", "select");
store.AddAttribute("builtin", "store");
} else {
- AxBuilder.AddTypeAxiom(GenMapAxiom0(select, store,
+ AxBuilder.AddTypeAxiom(GenMapAxiom0(select, store,
abstractedType.TypeParameters.Length, abstractedType.FreeVariables.Length));
- AxBuilder.AddTypeAxiom(GenMapAxiom1(select, store,
+ AxBuilder.AddTypeAxiom(GenMapAxiom1(select, store,
abstractedType.TypeParameters.Length, abstractedType.FreeVariables.Length));
}
}
@@ -216,18 +247,27 @@ namespace Microsoft.Boogie.TypeErasure ///////////////////////////////////////////////////////////////////////////
// The normal axioms of the theory of arrays (right now without extensionality)
- private VCExpr! Select(Function! select, List<VCExprVar!>! types,
- VCExpr! map, List<VCExprVar!>! indexes) {
- List<VCExpr!>! selectArgs = new List<VCExpr!> ();
+ private VCExpr Select(Function select, List<VCExprVar/*!*/>/*!*/ types, VCExpr map, List<VCExprVar/*!*/>/*!*/ indexes) {
+ Contract.Requires(map != null);
+ Contract.Requires(select != null);
+ Contract.Requires(cce.NonNullElements(indexes));
+ Contract.Requires(cce.NonNullElements(types));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExpr/*!*/>/*!*/ selectArgs = new List<VCExpr/*!*/>();
selectArgs.AddRange(HelperFuns.ToVCExprList(types));
selectArgs.Add(map);
selectArgs.AddRange(HelperFuns.ToVCExprList(indexes));
return Gen.Function(select, selectArgs);
}
- private VCExpr! Store(Function! store, List<VCExprVar!>! types,
- VCExpr! map, List<VCExprVar!>! indexes, VCExpr! val) {
- List<VCExpr!>! storeArgs = new List<VCExpr!> ();
+ private VCExpr Store(Function store, List<VCExprVar/*!*/>/*!*/ types, VCExpr map, List<VCExprVar/*!*/>/*!*/ indexes, VCExpr val) {
+ Contract.Requires(val != null);
+ Contract.Requires(map != null);
+ Contract.Requires(store != null);
+ Contract.Requires(cce.NonNullElements(indexes));
+ Contract.Requires(cce.NonNullElements(types));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExpr/*!*/>/*!*/ storeArgs = new List<VCExpr/*!*/>();
storeArgs.AddRange(HelperFuns.ToVCExprList(types));
storeArgs.Add(map);
storeArgs.AddRange(HelperFuns.ToVCExprList(indexes));
@@ -235,85 +275,102 @@ namespace Microsoft.Boogie.TypeErasure return Gen.Function(store, storeArgs);
}
- private VCExpr! GenMapAxiom0(Function! select, Function! store,
- // bound type variables in the map type
+ private VCExpr/*!*/ GenMapAxiom0(Function/*!*/ select, Function/*!*/ store,
+ // bound type variables in the map type
int mapTypeParamNum,
- // free type variables in the map
- // type (abstraction)
+ // free type variables in the map
+ // type (abstraction)
int mapAbstractionVarNum) {
+ Contract.Requires(select != null);
+ Contract.Requires(store != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
int arity = select.InParams.Length - 1 - mapTypeParamNum - mapAbstractionVarNum;
- List<VCExprVar!>! types =
+ List<VCExprVar/*!*/>/*!*/ types =
HelperFuns.VarVector("t", mapTypeParamNum + mapAbstractionVarNum,
AxBuilder.T, Gen);
-
- List<Type!> indexTypes = new List<Type!>();
- for (int i = mapTypeParamNum + mapAbstractionVarNum + 1; i < select.InParams.Length; i++)
- {
- indexTypes.Add(((!)select.InParams[i]).TypedIdent.Type);
+
+ List<Type/*!*/> indexTypes = new List<Type/*!*/>();
+ for (int i = mapTypeParamNum + mapAbstractionVarNum + 1; i < select.InParams.Length; i++) {
+ indexTypes.Add(cce.NonNull(select.InParams[i]).TypedIdent.Type);
}
- assert arity == indexTypes.Count;
-
- List<VCExprVar!>! indexes = HelperFuns.VarVector("x", indexTypes, Gen);
+ Contract.Assert(arity == indexTypes.Count);
- VCExprVar! m = Gen.Variable("m", AxBuilder.U);
- VCExprVar! val = Gen.Variable("val", ((!)select.OutParams[0]).TypedIdent.Type);
+ List<VCExprVar/*!*/>/*!*/ indexes = HelperFuns.VarVector("x", indexTypes, Gen);
- VCExpr! storeExpr = Store(store, types, m, indexes, val);
- VCExpr! selectExpr = Select(select, types, storeExpr, indexes);
+ VCExprVar/*!*/ m = Gen.Variable("m", AxBuilder.U);
+ Contract.Assert(m != null);
+ VCExprVar/*!*/ val = Gen.Variable("val", cce.NonNull(select.OutParams[0]).TypedIdent.Type);
+ Contract.Assert(val != null);
- List<VCExprVar!>! quantifiedVars = new List<VCExprVar!> ();
+ VCExpr/*!*/ storeExpr = Store(store, types, m, indexes, val);
+ Contract.Assert(storeExpr != null);
+ VCExpr/*!*/ selectExpr = Select(select, types, storeExpr, indexes);
+ Contract.Assert(selectExpr != null);
+
+ List<VCExprVar/*!*/>/*!*/ quantifiedVars = new List<VCExprVar/*!*/>();
quantifiedVars.AddRange(types);
quantifiedVars.Add(val);
quantifiedVars.Add(m);
quantifiedVars.AddRange(indexes);
- VCExpr! eq = Gen.Eq(selectExpr, val);
- return Gen.Forall(quantifiedVars, new List<VCTrigger!> (),
+ VCExpr/*!*/ eq = Gen.Eq(selectExpr, val);
+ Contract.Assert(eq != null);
+ return Gen.Forall(quantifiedVars, new List<VCTrigger/*!*/>(),
"mapAx0:" + select.Name, eq);
- }
+ }
- private VCExpr! GenMapAxiom1(Function! select, Function! store,
- // bound type variables in the map
- // type
+ private VCExpr/*!*/ GenMapAxiom1(Function/*!*/ select, Function/*!*/ store,
+ // bound type variables in the map
+ // type
int mapTypeParamNum,
- // free type variables in the map
- // type (abstraction)
+ // free type variables in the map
+ // type (abstraction)
int mapAbstractionVarNum) {
+ Contract.Requires(select != null);
+ Contract.Requires(store != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
int arity = select.InParams.Length - 1 - mapTypeParamNum - mapAbstractionVarNum;
- List<VCExprVar!>! freeTypeVars =
+ List<VCExprVar/*!*/>/*!*/ freeTypeVars =
HelperFuns.VarVector("u", mapAbstractionVarNum, AxBuilder.T, Gen);
- List<VCExprVar!>! boundTypeVars0 =
+ List<VCExprVar/*!*/>/*!*/ boundTypeVars0 =
HelperFuns.VarVector("s", mapTypeParamNum, AxBuilder.T, Gen);
- List<VCExprVar!>! boundTypeVars1 =
+ List<VCExprVar/*!*/>/*!*/ boundTypeVars1 =
HelperFuns.VarVector("t", mapTypeParamNum, AxBuilder.T, Gen);
- List<VCExprVar!>! types0 = new List<VCExprVar!> (boundTypeVars0);
+ List<VCExprVar/*!*/>/*!*/ types0 = new List<VCExprVar/*!*/>(boundTypeVars0);
types0.AddRange(freeTypeVars);
- List<VCExprVar!>! types1 = new List<VCExprVar!> (boundTypeVars1);
+ List<VCExprVar/*!*/>/*!*/ types1 = new List<VCExprVar/*!*/>(boundTypeVars1);
types1.AddRange(freeTypeVars);
- List<Type!> indexTypes = new List<Type!>();
- for (int i = mapTypeParamNum + mapAbstractionVarNum + 1; i < select.InParams.Length; i++)
- {
- indexTypes.Add(((!)select.InParams[i]).TypedIdent.Type);
+ List<Type/*!*/> indexTypes = new List<Type/*!*/>();
+ for (int i = mapTypeParamNum + mapAbstractionVarNum + 1; i < select.InParams.Length; i++) {
+ indexTypes.Add(cce.NonNull(select.InParams[i]).TypedIdent.Type);
}
- assert arity == indexTypes.Count;
-
- List<VCExprVar!>! indexes0 = HelperFuns.VarVector("x", indexTypes, Gen);
- List<VCExprVar!>! indexes1 = HelperFuns.VarVector("y", indexTypes, Gen);
+ Contract.Assert(arity == indexTypes.Count);
+
+ List<VCExprVar/*!*/>/*!*/ indexes0 = HelperFuns.VarVector("x", indexTypes, Gen);
+ List<VCExprVar/*!*/>/*!*/ indexes1 = HelperFuns.VarVector("y", indexTypes, Gen);
- VCExprVar! m = Gen.Variable("m", AxBuilder.U);
- VCExprVar! val = Gen.Variable("val", ((!)select.OutParams[0]).TypedIdent.Type);
+ VCExprVar/*!*/ m = Gen.Variable("m", AxBuilder.U);
+ Contract.Assert(m != null);
+ VCExprVar/*!*/ val = Gen.Variable("val", cce.NonNull(select.OutParams[0]).TypedIdent.Type);
+ Contract.Assert(val != null);
- VCExpr! storeExpr = Store(store, types0, m, indexes0, val);
- VCExpr! selectWithoutStoreExpr = Select(select, types1, m, indexes1);
- VCExpr! selectExpr = Select(select, types1, storeExpr, indexes1);
+ VCExpr/*!*/ storeExpr = Store(store, types0, m, indexes0, val);
+ Contract.Assert(storeExpr != null);
+ VCExpr/*!*/ selectWithoutStoreExpr = Select(select, types1, m, indexes1);
+ Contract.Assert(selectWithoutStoreExpr != null);
+ VCExpr/*!*/ selectExpr = Select(select, types1, storeExpr, indexes1);
+ Contract.Assert(selectExpr != null);
- VCExpr! selectEq = Gen.Eq(selectExpr, selectWithoutStoreExpr);
+ VCExpr/*!*/ selectEq = Gen.Eq(selectExpr, selectWithoutStoreExpr);
+ Contract.Assert(selectEq != null);
- List<VCExprVar!>! quantifiedVars = new List<VCExprVar!> ();
+ List<VCExprVar/*!*/>/*!*/ quantifiedVars = new List<VCExprVar/*!*/>();
quantifiedVars.AddRange(freeTypeVars);
quantifiedVars.AddRange(boundTypeVars0);
quantifiedVars.AddRange(boundTypeVars1);
@@ -322,24 +379,27 @@ namespace Microsoft.Boogie.TypeErasure quantifiedVars.AddRange(indexes0);
quantifiedVars.AddRange(indexes1);
- List<VCTrigger!>! triggers = new List<VCTrigger!> ();
+ List<VCTrigger/*!*/>/*!*/ triggers = new List<VCTrigger/*!*/>();
// different value arguments or different type arguments are sufficient
// to conclude that that value of the map at some point (after an update)
// has not changed
- List<VCExpr!>! indexEqs = new List<VCExpr!> ();
+ List<VCExpr/*!*/>/*!*/ indexEqs = new List<VCExpr/*!*/>();
for (int i = 0; i < mapTypeParamNum; ++i)
indexEqs.Add(Gen.Eq(boundTypeVars0[i], boundTypeVars1[i]));
for (int i = 0; i < arity; ++i)
indexEqs.Add(Gen.Eq(indexes0[i], indexes1[i]));
- VCExpr! axiom = VCExpressionGenerator.True;
+ VCExpr/*!*/ axiom = VCExpressionGenerator.True;
int n = 0;
- foreach (VCExpr! indexesEq in indexEqs) {
- VCExpr! matrix = Gen.Or(indexesEq, selectEq);
- VCExpr! conjunct = Gen.Forall(quantifiedVars, triggers,
+ foreach (VCExpr/*!*/ indexesEq in indexEqs) {
+ Contract.Assert(indexesEq != null);
+ VCExpr/*!*/ matrix = Gen.Or(indexesEq, selectEq);
+ Contract.Assert(matrix != null);
+ VCExpr/*!*/ conjunct = Gen.Forall(quantifiedVars, triggers,
"mapAx1:" + select.Name + ":" + n, matrix);
+ Contract.Assert(conjunct != null);
axiom = Gen.AndSimp(axiom, conjunct);
n = n + 1;
}
@@ -352,40 +412,53 @@ namespace Microsoft.Boogie.TypeErasure public class TypeEraserArguments : TypeEraser {
- private readonly TypeAxiomBuilderArguments! AxBuilderArguments;
+ private readonly TypeAxiomBuilderArguments/*!*/ AxBuilderArguments;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilderArguments != null);
+ }
+
private OpTypeEraser OpEraserAttr = null;
- protected override OpTypeEraser! OpEraser { get {
- if (OpEraserAttr == null)
- OpEraserAttr = new OpTypeEraserArguments(this, AxBuilderArguments, Gen);
- return OpEraserAttr;
- } }
-
- public TypeEraserArguments(TypeAxiomBuilderArguments! axBuilder,
- VCExpressionGenerator! gen) {
- base(axBuilder, gen);
+ protected override OpTypeEraser/*!*/ OpEraser {
+ get {
+ Contract.Ensures(Contract.Result<OpTypeEraser>() != null);
+
+ if (OpEraserAttr == null)
+ OpEraserAttr = new OpTypeEraserArguments(this, AxBuilderArguments, Gen);
+ return OpEraserAttr;
+ }
+ }
+
+ public TypeEraserArguments(TypeAxiomBuilderArguments axBuilder, VCExpressionGenerator gen) :base(axBuilder, gen){
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
+
this.AxBuilderArguments = axBuilder;
}
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprQuantifier! node,
- VariableBindings! oldBindings) {
- VariableBindings! bindings = oldBindings.Clone();
-
+ public override VCExpr Visit(VCExprQuantifier node, VariableBindings oldBindings) {
+ Contract.Requires(oldBindings != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VariableBindings/*!*/ bindings = oldBindings.Clone();
+
// bound term variables are replaced with bound term variables
// typed in a simpler way
- List<VCExprVar!>! newBoundVars =
+ List<VCExprVar/*!*/>/*!*/ newBoundVars =
BoundVarsAfterErasure(node.BoundVars, bindings);
// type variables are replaced with ordinary quantified variables
GenBoundVarsForTypeParams(node.TypeParameters, newBoundVars, bindings);
- VCExpr! newNode = HandleQuantifier(node, newBoundVars, bindings);
+ VCExpr/*!*/ newNode = HandleQuantifier(node, newBoundVars, bindings);
+ Contract.Assert(newNode != null);
if (!(newNode is VCExprQuantifier) || !IsUniversalQuantifier(node))
return newNode;
- VariableBindings! bindings2;
+ VariableBindings/*!*/ bindings2;
if (!RedoQuantifier(node, (VCExprQuantifier)newNode, node.BoundVars, oldBindings,
out bindings2, out newBoundVars))
return newNode;
@@ -394,26 +467,33 @@ namespace Microsoft.Boogie.TypeErasure return HandleQuantifier(node, newBoundVars, bindings2);
}
- private void GenBoundVarsForTypeParams(List<TypeVariable!>! typeParams,
- List<VCExprVar!>! newBoundVars,
- VariableBindings! bindings) {
- foreach (TypeVariable! tvar in typeParams) {
- VCExprVar! var = Gen.Variable(tvar.Name, AxBuilder.T);
+ private void GenBoundVarsForTypeParams(List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ newBoundVars, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Requires(cce.NonNullElements(newBoundVars));
+ foreach (TypeVariable/*!*/ tvar in typeParams) {
+ Contract.Assert(tvar != null);
+ VCExprVar/*!*/ var = Gen.Variable(tvar.Name, AxBuilder.T);
+ Contract.Assert(var != null);
newBoundVars.Add(var);
bindings.TypeVariableBindings.Add(tvar, var);
}
}
- private VCExpr! HandleQuantifier(VCExprQuantifier! node,
- List<VCExprVar!>! newBoundVars,
- VariableBindings! bindings) {
- List<VCTrigger!>! newTriggers = MutateTriggers(node.Triggers, bindings);
- VCExpr! newBody = Mutate(node.Body, bindings);
+ private VCExpr HandleQuantifier(VCExprQuantifier node, List<VCExprVar/*!*/>/*!*/ newBoundVars, VariableBindings bindings){
+Contract.Requires(bindings != null);
+Contract.Requires(node != null);
+Contract.Requires(cce.NonNullElements(newBoundVars));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCTrigger/*!*/>/*!*/ newTriggers = MutateTriggers(node.Triggers, bindings);
+ Contract.Assert(cce.NonNullElements(newTriggers));
+ VCExpr/*!*/ newBody = Mutate(node.Body, bindings);
+ Contract.Assert(newBody != null);
newBody = AxBuilder.Cast(newBody, Type.Bool);
if (newBoundVars.Count == 0) // might happen that no bound variables are left
return newBody;
- return Gen.Quantify(node.Quan, new List<TypeVariable!> (), newBoundVars,
+ return Gen.Quantify(node.Quan, new List<TypeVariable/*!*/>(), newBoundVars,
newTriggers, node.Infos, newBody);
}
}
@@ -422,36 +502,44 @@ namespace Microsoft.Boogie.TypeErasure public class OpTypeEraserArguments : OpTypeEraser {
- protected readonly TypeAxiomBuilderArguments! AxBuilderArguments;
+ protected readonly TypeAxiomBuilderArguments/*!*/ AxBuilderArguments;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilderArguments != null);
+ }
+
- public OpTypeEraserArguments(TypeEraserArguments! eraser,
- TypeAxiomBuilderArguments! axBuilder,
- VCExpressionGenerator! gen) {
- base(eraser, axBuilder, gen);
+ public OpTypeEraserArguments(TypeEraserArguments eraser, TypeAxiomBuilderArguments axBuilder, VCExpressionGenerator gen) :base(eraser, axBuilder, gen){
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
+ Contract.Requires(eraser != null);
this.AxBuilderArguments = axBuilder;
}
////////////////////////////////////////////////////////////////////////////
- private VCExpr! AssembleOpExpression(OpTypesPair opTypes,
- IEnumerable<VCExpr!>! oldArgs,
- VariableBindings! bindings) {
+ private VCExpr AssembleOpExpression(OpTypesPair opTypes, IEnumerable<VCExpr/*!*/>/*!*/ oldArgs, VariableBindings bindings){
+Contract.Requires(bindings != null);
+Contract.Requires(cce.NonNullElements(oldArgs));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// UGLY: the code for tracking polarities should be factored out
int oldPolarity = Eraser.Polarity;
Eraser.Polarity = 0;
- List<VCExpr!>! newArgs = new List<VCExpr!> ();
+ List<VCExpr/*!*/>/*!*/ newArgs = new List<VCExpr/*!*/> ();
// explicit type parameters
- foreach (Type! t in opTypes.Types)
- newArgs.Add(AxBuilder.Type2Term(t, bindings.TypeVariableBindings));
+ foreach (Type/*!*/ t in opTypes.Types){
+ Contract.Assert(newArgs != null);
+ newArgs.Add(AxBuilder.Type2Term(t, bindings.TypeVariableBindings));}
// and the actual value parameters
- Function! newFun = ((VCExprBoogieFunctionOp)opTypes.Op).Func;
- // ^ we only allow this operator at this point
+ Function/*!*/ newFun = ((VCExprBoogieFunctionOp)opTypes.Op).Func;
+ // ^ we only allow this operator at this point
int i = opTypes.Types.Count;
- foreach (VCExpr! arg in oldArgs) {
+ foreach (VCExpr/*!*/ arg in oldArgs) {
+ Contract.Assert(arg != null);
newArgs.Add(AxBuilder.Cast(Eraser.Mutate(arg, bindings),
- ((!)newFun.InParams[i]).TypedIdent.Type));
+ cce.NonNull(newFun.InParams[i]).TypedIdent.Type));
i = i + 1;
}
@@ -461,25 +549,37 @@ namespace Microsoft.Boogie.TypeErasure // for the time being, we store both the types of the arguments and the explicit
// type parameters (for most operators, this is more than actually necessary)
- private OpTypesPair OriginalOpTypes(VCExprNAry! node) {
- List<Type!>! originalTypes = new List<Type!> ();
- foreach (VCExpr! expr in node)
+ private OpTypesPair OriginalOpTypes(VCExprNAry node){
+Contract.Requires(node != null);
+ List<Type/*!*/>/*!*/ originalTypes = new List<Type/*!*/> ();
+ foreach (VCExpr/*!*/ expr in node) {
+ Contract.Assert(expr != null);
originalTypes.Add(expr.Type);
+ }
originalTypes.AddRange(node.TypeArguments);
return new OpTypesPair (node.Op, originalTypes);
}
- private VCExpr! EqualTypes(Type! t0, Type! t1, VariableBindings! bindings) {
+ private VCExpr EqualTypes(Type t0, Type t1, VariableBindings bindings){
+Contract.Requires(bindings != null);
+Contract.Requires(t1 != null);
+Contract.Requires(t0 != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
if (t0.Equals(t1))
return VCExpressionGenerator.True;
- VCExpr! t0Expr = AxBuilder.Type2Term(t0, bindings.TypeVariableBindings);
- VCExpr! t1Expr = AxBuilder.Type2Term(t1, bindings.TypeVariableBindings);
+ VCExpr/*!*/ t0Expr = AxBuilder.Type2Term(t0, bindings.TypeVariableBindings);
+ Contract.Assert(t0Expr != null);
+ VCExpr/*!*/ t1Expr = AxBuilder.Type2Term(t1, bindings.TypeVariableBindings);
+ Contract.Assert(t1Expr != null);
return Gen.Eq(t0Expr, t1Expr);
}
///////////////////////////////////////////////////////////////////////////
- public override VCExpr! VisitEqOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitEqOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// we also have to state that the types are equal, because the
// translation does not contain any information about the
// relationship between values and types
@@ -487,7 +587,10 @@ namespace Microsoft.Boogie.TypeErasure EqualTypes(node[0].Type, node[1].Type, bindings));
}
- public override VCExpr! VisitNeqOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitNeqOp(VCExprNAry node, VariableBindings bindings) {
+ Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// we also have to state that the types are (un)equal, because the
// translation does not contain any information about the
// relationship between values and types
@@ -495,12 +598,15 @@ namespace Microsoft.Boogie.TypeErasure Gen.Not(EqualTypes(node[0].Type, node[1].Type, bindings)));
}
- public override VCExpr! VisitSubtypeOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitSubtypeOp(VCExprNAry node, VariableBindings bindings) {
+Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// UGLY: the code for tracking polarities should be factored out
int oldPolarity = Eraser.Polarity;
Eraser.Polarity = 0;
- VCExpr! res =
+ VCExpr/*!*/ res =
Gen.Function(VCExpressionGenerator.Subtype3Op,
AxBuilder.Type2Term(node[0].Type,
bindings.TypeVariableBindings),
@@ -512,17 +618,21 @@ namespace Microsoft.Boogie.TypeErasure Eraser.Polarity = oldPolarity;
return res;
}
-
- public override VCExpr! VisitSelectOp (VCExprNAry! node, VariableBindings! bindings) {
+
+ public override VCExpr VisitSelectOp(VCExprNAry node, VariableBindings bindings) {
+Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
OpTypesPair originalOpTypes = OriginalOpTypes(node);
OpTypesPair newOpTypes;
if (!NewOpCache.TryGetValue(originalOpTypes, out newOpTypes)) {
- MapType! rawType = node[0].Type.AsMap;
- TypeSeq! abstractionInstantiation;
- Function! select =
+ MapType/*!*/ rawType = node[0].Type.AsMap;
+ Contract.Assert(rawType != null);
+ TypeSeq/*!*/ abstractionInstantiation;
+ Function/*!*/ select =
AxBuilder.MapTypeAbstracter.Select(rawType, out abstractionInstantiation);
-
+ Contract.Assert(abstractionInstantiation != null);
newOpTypes = TypesPairForSelectStore(node, select, abstractionInstantiation);
NewOpCache.Add(originalOpTypes, newOpTypes);
}
@@ -530,14 +640,17 @@ namespace Microsoft.Boogie.TypeErasure return AssembleOpExpression(newOpTypes, node, bindings);
}
- public override VCExpr! VisitStoreOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitStoreOp(VCExprNAry node, VariableBindings bindings) {
+Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
OpTypesPair originalOpTypes = OriginalOpTypes(node);
OpTypesPair newOpTypes;
if (!NewOpCache.TryGetValue(originalOpTypes, out newOpTypes)) {
- MapType! rawType = node[0].Type.AsMap;
- TypeSeq! abstractionInstantiation;
- Function! store =
+ MapType/*!*/ rawType = node[0].Type.AsMap;
+ TypeSeq/*!*/ abstractionInstantiation;
+ Function/*!*/ store =
AxBuilder.MapTypeAbstracter.Store(rawType, out abstractionInstantiation);
newOpTypes = TypesPairForSelectStore(node, store, abstractionInstantiation);
@@ -547,35 +660,43 @@ namespace Microsoft.Boogie.TypeErasure return AssembleOpExpression(newOpTypes, node, bindings);
}
- private OpTypesPair TypesPairForSelectStore(VCExprNAry! node, Function! untypedOp,
- // instantiation of the abstract map type parameters
- TypeSeq! abstractionInstantiation) {
- List<Type!>! inferredTypeArgs = new List<Type!> ();
- foreach (Type! t in node.TypeArguments)
+ private OpTypesPair TypesPairForSelectStore(VCExprNAry/*!*/ node, Function/*!*/ untypedOp,
+ // instantiation of the abstract map type parameters
+ TypeSeq/*!*/ abstractionInstantiation) {
+ Contract.Requires(node != null);
+ Contract.Requires(untypedOp != null);
+ Contract.Requires(abstractionInstantiation != null);
+
+ List<Type/*!*/>/*!*/ inferredTypeArgs = new List<Type/*!*/> ();
+ foreach (Type/*!*/ t in node.TypeArguments){Contract.Assert(t != null);
// inferredTypeArgs.Add(AxBuilder.MapTypeAbstracter.AbstractMapTypeRecursively(t));
- inferredTypeArgs.Add(t);
- foreach (Type! t in abstractionInstantiation)
- inferredTypeArgs.Add(t);
+ inferredTypeArgs.Add(t);}
+ foreach (Type/*!*/ t in abstractionInstantiation) {
+ Contract.Assert(t != null);
+ inferredTypeArgs.Add(t);}
- assert untypedOp.InParams.Length == inferredTypeArgs.Count + node.Arity;
+ Contract.Assert(untypedOp.InParams.Length == inferredTypeArgs.Count + node.Arity);
return new OpTypesPair (Gen.BoogieFunctionOp(untypedOp), inferredTypeArgs);
}
///////////////////////////////////////////////////////////////////////////
- public override VCExpr! VisitBoogieFunctionOp (VCExprNAry! node, VariableBindings! bindings) {
+ public override VCExpr VisitBoogieFunctionOp(VCExprNAry node, VariableBindings bindings) {
+Contract.Requires((bindings != null));
+Contract.Requires((node != null));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
OpTypesPair originalOpTypes = OriginalOpTypes(node);
OpTypesPair newOpTypes;
if (!NewOpCache.TryGetValue(originalOpTypes, out newOpTypes)) {
- Function! oriFun = ((VCExprBoogieFunctionOp)node.Op).Func;
-
- List<Type!>! inferredTypeArgs = new List<Type!> ();
- foreach (Type! t in node.TypeArguments)
+ Function/*!*/ oriFun = ((VCExprBoogieFunctionOp)node.Op).Func;
+ Contract.Assert(oriFun != null);
+ List<Type/*!*/>/*!*/ inferredTypeArgs = new List<Type/*!*/> ();
+ foreach (Type/*!*/ t in node.TypeArguments){Contract.Assert(t != null);
// inferredTypeArgs.Add(AxBuilder.MapTypeAbstracter.AbstractMapTypeRecursively(t));
- inferredTypeArgs.Add(t);
+ inferredTypeArgs.Add(t);}
- VCExprOp! newOp = Gen.BoogieFunctionOp(AxBuilderArguments.Typed2Untyped(oriFun));
+ VCExprOp/*!*/ newOp = Gen.BoogieFunctionOp(AxBuilderArguments.Typed2Untyped(oriFun));
newOpTypes = new OpTypesPair (newOp, inferredTypeArgs);
NewOpCache.Add(originalOpTypes, newOpTypes);
@@ -591,20 +712,29 @@ namespace Microsoft.Boogie.TypeErasure // operator and the actual types of the argument expressions, the
// values are pairs of the new operators and the types that have
// to be given as explicit type arguments
- private readonly IDictionary<OpTypesPair, OpTypesPair>! NewOpCache =
+ private readonly IDictionary<OpTypesPair, OpTypesPair>/*!*/ NewOpCache =
new Dictionary<OpTypesPair, OpTypesPair>();
private struct OpTypesPair {
- public readonly VCExprOp! Op;
- public readonly List<Type!>! Types;
+ public readonly VCExprOp/*!*/ Op;
+ public readonly List<Type/*!*/>/*!*/ Types;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Op != null);
+ Contract.Invariant(cce.NonNullElements(Types));
+ }
+
- public OpTypesPair(VCExprOp! op, List<Type!>! types) {
+ public OpTypesPair(VCExprOp op, List<Type/*!*/>/*!*/ types) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(types));
this.Op = op;
this.Types = types;
this.HashCode = HFNS.PolyHash(op.GetHashCode(), 17, types);
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (that is OpTypesPair) {
OpTypesPair thatPair = (OpTypesPair)that;
@@ -622,5 +752,4 @@ namespace Microsoft.Boogie.TypeErasure }
}
}
-
-}
+}
\ No newline at end of file diff --git a/Source/VCExpr/TypeErasurePremisses.cs b/Source/VCExpr/TypeErasurePremisses.cs index 61144209..9d5eef26 100644 --- a/Source/VCExpr/TypeErasurePremisses.cs +++ b/Source/VCExpr/TypeErasurePremisses.cs @@ -8,7 +8,7 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
using Microsoft.Boogie.VCExprAST;
@@ -32,15 +32,26 @@ namespace Microsoft.Boogie.TypeErasure // of the original function).
internal struct UntypedFunction {
- public readonly Function! Fun;
+ public readonly Function/*!*/ Fun;
// type parameters that can be extracted from the value parameters
- public readonly List<TypeVariable!>! ImplicitTypeParams;
+ public readonly List<TypeVariable/*!*/>/*!*/ ImplicitTypeParams;
// type parameters that have to be given explicitly
- public readonly List<TypeVariable!>! ExplicitTypeParams;
+ public readonly List<TypeVariable/*!*/>/*!*/ ExplicitTypeParams;
+ [ContractInvariantMethod]
+void ObjectInvariant()
+{
+ Contract.Invariant(Fun != null);
+ Contract.Invariant(cce.NonNullElements(ImplicitTypeParams));
+ Contract.Invariant(cce.NonNullElements(ExplicitTypeParams));
+}
+
- public UntypedFunction(Function! fun,
- List<TypeVariable!>! implicitTypeParams,
- List<TypeVariable!>! explicitTypeParams) {
+ public UntypedFunction(Function/*!*/ fun,
+ List<TypeVariable/*!*/>/*!*/ implicitTypeParams,
+ List<TypeVariable/*!*/>/*!*/ explicitTypeParams) {
+ Contract.Requires(fun != null);
+ Contract.Requires(cce.NonNullElements(implicitTypeParams));
+ Contract.Requires(cce.NonNullElements(explicitTypeParams));
Fun = fun;
ImplicitTypeParams = implicitTypeParams;
ExplicitTypeParams = explicitTypeParams;
@@ -49,20 +60,23 @@ namespace Microsoft.Boogie.TypeErasure public class TypeAxiomBuilderPremisses : TypeAxiomBuilderIntBoolU {
- public TypeAxiomBuilderPremisses(VCExpressionGenerator! gen) {
- base(gen);
+ public TypeAxiomBuilderPremisses(VCExpressionGenerator gen)
+ : base(gen) {
+ Contract.Requires(gen != null);
+
TypeFunction = HelperFuns.BoogieFunction("dummy", Type.Int);
- Typed2UntypedFunctions = new Dictionary<Function!, UntypedFunction> ();
+ Typed2UntypedFunctions = new Dictionary<Function/*!*/, UntypedFunction>();
MapTypeAbstracterAttr = null;
}
// constructor to allow cloning
[NotDelayed]
- internal TypeAxiomBuilderPremisses(TypeAxiomBuilderPremisses! builder) {
+ internal TypeAxiomBuilderPremisses(TypeAxiomBuilderPremisses builder)
+ : base(builder) {//TODO: Possible troublespot
+ Contract.Requires(builder != null);
TypeFunction = builder.TypeFunction;
Typed2UntypedFunctions =
- new Dictionary<Function!, UntypedFunction> (builder.Typed2UntypedFunctions);
- base(builder);
+ new Dictionary<Function/*!*/, UntypedFunction>(builder.Typed2UntypedFunctions);
MapTypeAbstracterAttr =
builder.MapTypeAbstracterAttr == null ?
@@ -70,7 +84,8 @@ namespace Microsoft.Boogie.TypeErasure builder.MapTypeAbstracterAttr);
}
- public override Object! Clone() {
+ public override Object Clone() {
+ Contract.Ensures(Contract.Result<Object>() != null);
return new TypeAxiomBuilderPremisses(this);
}
@@ -83,37 +98,49 @@ namespace Microsoft.Boogie.TypeErasure // generate axioms of the kind "forall x:U. {Int2U(U2Int(x))}
// type(x)=int ==> Int2U(U2Int(x))==x"
- protected override VCExpr! GenReverseCastAxiom(Function! castToU, Function! castFromU) {
- List<VCTrigger!>! triggers;
- VCExprVar! var;
- VCExpr! eq = GenReverseCastEq(castToU, castFromU, out var, out triggers);
- VCExpr! premiss;
+ protected override VCExpr GenReverseCastAxiom(Function castToU, Function castFromU) {
+ Contract.Requires(castFromU != null);
+ Contract.Requires(castToU != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCTrigger/*!*/>/*!*/ triggers;
+ VCExprVar/*!*/ var;
+ VCExpr/*!*/ eq = GenReverseCastEq(castToU, castFromU, out var, out triggers);
+ Contract.Assert(cce.NonNullElements(triggers));
+ Contract.Assert(var != null);
+ Contract.Assert(eq != null);
+ VCExpr/*!*/ premiss;
if (CommandLineOptions.Clo.TypeEncodingMethod
== CommandLineOptions.TypeEncoding.None)
premiss = VCExpressionGenerator.True;
else
- premiss = GenVarTypeAxiom(var, ((!)castFromU.OutParams[0]).TypedIdent.Type,
- // we don't have any bindings available
- new Dictionary<TypeVariable!, VCExpr!> ());
- VCExpr! matrix = Gen.ImpliesSimp(premiss, eq);
+ premiss = GenVarTypeAxiom(var, cce.NonNull(castFromU.OutParams[0]).TypedIdent.Type,
+ // we don't have any bindings available
+ new Dictionary<TypeVariable/*!*/, VCExpr/*!*/>());
+ VCExpr/*!*/ matrix = Gen.ImpliesSimp(premiss, eq);
+ Contract.Assert(matrix != null);
return Gen.Forall(HelperFuns.ToList(var), triggers, "cast:" + castFromU.Name, matrix);
}
- protected override VCExpr! GenCastTypeAxioms(Function! castToU, Function! castFromU) {
- Type! fromType = ((!)castToU.InParams[0]).TypedIdent.Type;
- return GenFunctionAxiom(castToU, new List<TypeVariable!> (), new List<TypeVariable!> (),
+ protected override VCExpr GenCastTypeAxioms(Function castToU, Function castFromU) {
+ Contract.Requires(castFromU != null);
+ Contract.Requires(castToU != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Type/*!*/ fromType = cce.NonNull(castToU.InParams[0]).TypedIdent.Type;
+ return GenFunctionAxiom(castToU, new List<TypeVariable/*!*/>(), new List<TypeVariable/*!*/>(),
HelperFuns.ToList(fromType), fromType);
}
private MapTypeAbstractionBuilderPremisses MapTypeAbstracterAttr;
- internal override MapTypeAbstractionBuilder! MapTypeAbstracter { get {
+ internal override MapTypeAbstractionBuilder/*!*/ MapTypeAbstracter { get {Contract.Ensures(Contract.Result<MapTypeAbstractionBuilder>() != null);
+
if (MapTypeAbstracterAttr == null)
MapTypeAbstracterAttr = new MapTypeAbstractionBuilderPremisses (this, Gen);
return MapTypeAbstracterAttr;
} }
- internal MapTypeAbstractionBuilderPremisses! MapTypeAbstracterPremisses { get {
+ internal MapTypeAbstractionBuilderPremisses/*!*/ MapTypeAbstracterPremisses { get {Contract.Ensures(Contract.Result<MapTypeAbstractionBuilderPremisses>() != null);
+
return (MapTypeAbstractionBuilderPremisses)MapTypeAbstracter;
} }
@@ -121,9 +148,17 @@ namespace Microsoft.Boogie.TypeErasure // function that maps individuals to their type
// the field is overwritten with its actual value in "Setup"
- private Function! TypeFunction;
+ private Function/*!*/ TypeFunction;
+ [ContractInvariantMethod]
+void ObjectInvariant()
+{
+ Contract.Invariant(TypeFunction != null);
+}
+
- public VCExpr! TypeOf(VCExpr! expr) {
+ public VCExpr TypeOf(VCExpr expr){
+Contract.Requires(expr != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
return Gen.Function(TypeFunction, expr);
}
@@ -131,25 +166,31 @@ namespace Microsoft.Boogie.TypeErasure // Generate type premisses and type parameter bindings for quantifiers, functions, procedures
// let-bindings to extract the instantiations of type parameters
- public List<VCExprLetBinding!>!
+ public List<VCExprLetBinding/*!*/>/*!*/
GenTypeParamBindings(// the original bound variables and (implicit) type parameters
- List<TypeVariable!>! typeParams, List<VCExprVar!>! oldBoundVars,
+ List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ oldBoundVars,
// VariableBindings to which the translation
// TypeVariable -> VCExprVar is added
- VariableBindings! bindings,
+ VariableBindings/*!*/ bindings,
bool addTypeVarsToBindings) {
+ Contract.Requires(typeParams != null);
+ Contract.Requires(cce.NonNullElements(oldBoundVars));
+ Contract.Requires(bindings != null);
+
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprLetBinding>>()));
+
// type variables are replaced with ordinary variables that are bound using a
// let-expression
if (addTypeVarsToBindings) {
- foreach (TypeVariable! tvar in typeParams)
- bindings.TypeVariableBindings.Add(tvar, Gen.Variable(tvar.Name, T));
+ foreach (TypeVariable/*!*/ tvar in typeParams){Contract.Assert(tvar != null);
+ bindings.TypeVariableBindings.Add(tvar, Gen.Variable(tvar.Name, T));}
}
// extract the values of type variables from the term variables
- List<VCExprVar!>! UtypedVars = new List<VCExprVar!> (oldBoundVars.Count);
- List<Type!>! originalTypes = new List<Type!> (oldBoundVars.Count);
+ List<VCExprVar/*!*/>/*!*/ UtypedVars = new List<VCExprVar/*!*/> (oldBoundVars.Count);
+ List<Type/*!*/>/*!*/ originalTypes = new List<Type/*!*/> (oldBoundVars.Count);
foreach (VCExprVar var in oldBoundVars) {
- VCExprVar! newVar = bindings.VCExprVarBindings[var];
+ VCExprVar/*!*/ newVar = bindings.VCExprVarBindings[var];
if (newVar.Type.Equals(U)) {
UtypedVars.Add(newVar);
originalTypes.Add(var.Type);
@@ -163,16 +204,20 @@ namespace Microsoft.Boogie.TypeErasure }
- public VCExpr! AddTypePremisses(List<VCExprLetBinding!>! typeVarBindings,
- VCExpr! typePremisses, bool universal,
- VCExpr! body) {
- VCExpr! bodyWithPremisses;
+ public VCExpr/*!*/ AddTypePremisses(List<VCExprLetBinding/*!*/>/*!*/ typeVarBindings,
+ VCExpr/*!*/ typePremisses, bool universal,
+ VCExpr/*!*/ body) {Contract.Requires(cce.NonNullElements(typeVarBindings));
+ Contract.Requires(typePremisses != null);
+ Contract.Requires(body != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ VCExpr/*!*/ bodyWithPremisses;
if (universal)
bodyWithPremisses = Gen.ImpliesSimp(typePremisses, body);
else
bodyWithPremisses = Gen.AndSimp(typePremisses, body);
- return Gen.Let(typeVarBindings, bodyWithPremisses);
+ return Gen.Let(typeVarBindings, bodyWithPremisses);
}
@@ -181,12 +226,19 @@ namespace Microsoft.Boogie.TypeErasure // term variables. E.g., for a function f<a>(x : C a), we would extract the
// instantiation of "a" by looking at the concrete type of "x".
- public List<VCExprLetBinding!>!
- BestTypeVarExtractors(List<TypeVariable!>! vars, List<Type!>! types,
- List<VCExprVar!>! concreteTypeSources,
- VariableBindings! bindings) {
- List<VCExprLetBinding!>! typeParamBindings = new List<VCExprLetBinding!> ();
- foreach (TypeVariable! var in vars) {
+ public List<VCExprLetBinding/*!*/>/*!*/
+ BestTypeVarExtractors(List<TypeVariable/*!*/>/*!*/ vars, List<Type/*!*/>/*!*/ types,
+ List<VCExprVar/*!*/>/*!*/ concreteTypeSources,
+ VariableBindings/*!*/ bindings) {
+ Contract.Requires(cce.NonNullElements(vars));
+ Contract.Requires(cce.NonNullElements(types));
+ Contract.Requires(cce.NonNullElements(concreteTypeSources));
+ Contract.Requires(bindings != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprLetBinding>>()));
+
+ List<VCExprLetBinding/*!*/>/*!*/ typeParamBindings = new List<VCExprLetBinding/*!*/> ();
+ foreach (TypeVariable/*!*/ var in vars) {
+ Contract.Assert(var != null);
VCExpr extractor = BestTypeVarExtractor(var, types, concreteTypeSources);
if (extractor != null)
typeParamBindings.Add(
@@ -196,9 +248,12 @@ namespace Microsoft.Boogie.TypeErasure return typeParamBindings;
}
- private VCExpr BestTypeVarExtractor(TypeVariable! var, List<Type!>! types,
- List<VCExprVar!>! concreteTypeSources) {
- List<VCExpr!> allExtractors = TypeVarExtractors(var, types, concreteTypeSources);
+ private VCExpr BestTypeVarExtractor(TypeVariable/*!*/ var, List<Type/*!*/>/*!*/ types,
+ List<VCExprVar/*!*/>/*!*/ concreteTypeSources) {Contract.Requires(var != null);
+ Contract.Requires(cce.NonNullElements(types));
+ Contract.Requires(cce.NonNullElements(concreteTypeSources));
+ List<VCExpr/*!*/> allExtractors = TypeVarExtractors(var, types, concreteTypeSources);
+ Contract.Assert(cce.NonNullElements(allExtractors));
if (allExtractors.Count == 0)
return null;
@@ -215,18 +270,26 @@ namespace Microsoft.Boogie.TypeErasure return bestExtractor;
}
- private List<VCExpr!>! TypeVarExtractors(TypeVariable! var, List<Type!>! types,
- List<VCExprVar!>! concreteTypeSources)
- requires types.Count == concreteTypeSources.Count; {
- List<VCExpr!>! res = new List<VCExpr!>();
+ private List<VCExpr/*!*/>/*!*/ TypeVarExtractors(TypeVariable/*!*/ var, List<Type/*!*/>/*!*/ types,
+ List<VCExprVar/*!*/>/*!*/ concreteTypeSources)
+ {
+ Contract.Requires(var != null);
+ Contract.Requires(cce.NonNullElements(types));
+ Contract.Requires(cce.NonNullElements(concreteTypeSources));
+ Contract.Requires((types.Count == concreteTypeSources.Count));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
+ List<VCExpr/*!*/>/*!*/ res = new List<VCExpr/*!*/>();
for (int i = 0; i < types.Count; ++i)
TypeVarExtractors(var, types[i], TypeOf(concreteTypeSources[i]), res);
return res;
}
- private void TypeVarExtractors(TypeVariable! var, Type! completeType,
- VCExpr! innerTerm, List<VCExpr!>! extractors) {
+ private void TypeVarExtractors(TypeVariable var, Type completeType, VCExpr innerTerm, List<VCExpr/*!*/>/*!*/ extractors){
+Contract.Requires(innerTerm != null);
+Contract.Requires(completeType != null);
+Contract.Requires(var != null);
+Contract.Requires(cce.NonNullElements(extractors));
if (completeType.IsVariable) {
if (var.Equals(completeType)) {
extractors.Add(innerTerm);
@@ -234,13 +297,14 @@ namespace Microsoft.Boogie.TypeErasure } else if (completeType.IsBasic) {
// nothing
} else if (completeType.IsCtor) {
- CtorType! ctorType = completeType.AsCtor;
+ CtorType/*!*/ ctorType = completeType.AsCtor;
if (ctorType.Arguments.Length > 0) {
// otherwise there are no chances of extracting any
// instantiations from this type
TypeCtorRepr repr = GetTypeCtorReprStruct(ctorType.Decl);
for (int i = 0; i < ctorType.Arguments.Length; ++i) {
- VCExpr! newInnerTerm = Gen.Function(repr.Dtors[i], innerTerm);
+ VCExpr/*!*/ newInnerTerm = Gen.Function(repr.Dtors[i], innerTerm);
+ Contract.Assert(newInnerTerm != null);
TypeVarExtractors(var, ctorType.Arguments[i], newInnerTerm, extractors);
}
}
@@ -256,21 +320,28 @@ namespace Microsoft.Boogie.TypeErasure // Symbols for representing functions
// Globally defined functions
- private readonly IDictionary<Function!, UntypedFunction>! Typed2UntypedFunctions;
+ private readonly IDictionary<Function/*!*/, UntypedFunction/*!*/>/*!*/ Typed2UntypedFunctions;
+void Typed2UntypedFunctionsInvariantMethod(){
+Contract.Invariant(cce.NonNullElements(Typed2UntypedFunctions));}
// distinguish between implicit and explicit type parameters
- internal static void SeparateTypeParams(List<Type!>! valueArgumentTypes,
- TypeVariableSeq! allTypeParams,
- out List<TypeVariable!>! implicitParams,
- out List<TypeVariable!>! explicitParams) {
- TypeVariableSeq! varsInInParamTypes = new TypeVariableSeq ();
- foreach (Type! t in valueArgumentTypes)
- varsInInParamTypes.AppendWithoutDups(t.FreeVariables);
-
- implicitParams = new List<TypeVariable!> (allTypeParams.Length);
- explicitParams = new List<TypeVariable!> (allTypeParams.Length);
-
- foreach (TypeVariable! var in allTypeParams) {
+ internal static void SeparateTypeParams(List<Type/*!*/>/*!*/ valueArgumentTypes,
+ TypeVariableSeq/*!*/ allTypeParams,
+ out List<TypeVariable/*!*/>/*!*/ implicitParams,
+ out List<TypeVariable/*!*/>/*!*/ explicitParams) {
+ Contract.Requires(cce.NonNullElements(valueArgumentTypes));
+Contract.Requires(allTypeParams != null);
+Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out implicitParams)));
+Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out explicitParams)));
+ TypeVariableSeq/*!*/ varsInInParamTypes = new TypeVariableSeq ();
+ foreach (Type/*!*/ t in valueArgumentTypes){Contract.Assert(t != null);
+ varsInInParamTypes.AppendWithoutDups(t.FreeVariables);}
+
+ implicitParams = new List<TypeVariable/*!*/> (allTypeParams.Length);
+ explicitParams = new List<TypeVariable/*!*/> (allTypeParams.Length);
+
+ foreach (TypeVariable/*!*/ var in allTypeParams) {
+ Contract.Assert(var != null);
if (varsInInParamTypes.Has(var))
implicitParams.Add(var);
else
@@ -278,39 +349,43 @@ namespace Microsoft.Boogie.TypeErasure }
implicitParams.TrimExcess();
- explicitParams.TrimExcess();
+ explicitParams.TrimExcess();
}
- internal UntypedFunction Typed2Untyped(Function! fun) {
+ internal UntypedFunction Typed2Untyped(Function fun) {
+ Contract.Requires(fun != null);
UntypedFunction res;
if (!Typed2UntypedFunctions.TryGetValue(fun, out res)) {
- assert fun.OutParams.Length == 1;
+ Contract.Assert(fun.OutParams.Length == 1);
// if all of the parameters are int or bool, the function does
// not have to be changed
- if (forall{Formal f in fun.InParams; UnchangedType(((!)f).TypedIdent.Type)} &&
- UnchangedType(((!)fun.OutParams[0]).TypedIdent.Type) &&
+ if (Contract.ForAll(0,fun.InParams.Length, f => UnchangedType(cce.NonNull(fun.InParams[f]).TypedIdent.Type)) &&
+ UnchangedType(cce.NonNull(fun.OutParams[0]).TypedIdent.Type) &&
fun.TypeParameters.Length == 0) {
- res = new UntypedFunction(fun, new List<TypeVariable!> (), new List<TypeVariable!> ());
+ res = new UntypedFunction(fun, new List<TypeVariable/*!*/>(), new List<TypeVariable/*!*/>());
} else {
- List<Type!>! argTypes = new List<Type!> ();
- foreach (Variable! v in fun.InParams)
+ List<Type/*!*/>/*!*/ argTypes = new List<Type/*!*/>();
+ foreach (Variable/*!*/ v in fun.InParams) {
+ Contract.Assert(v != null);
argTypes.Add(v.TypedIdent.Type);
+ }
- List<TypeVariable!>! implicitParams, explicitParams;
+ List<TypeVariable/*!*/>/*!*/ implicitParams, explicitParams;
SeparateTypeParams(argTypes, fun.TypeParameters, out implicitParams, out explicitParams);
- Type[]! types = new Type [explicitParams.Count + fun.InParams.Length + 1];
+ Type[]/*!*/ types = new Type[explicitParams.Count + fun.InParams.Length + 1];
int i = 0;
for (int j = 0; j < explicitParams.Count; ++j) {
types[i] = T;
i = i + 1;
}
for (int j = 0; j < fun.InParams.Length; ++i, ++j)
- types[i] = TypeAfterErasure(((!)fun.InParams[j]).TypedIdent.Type);
- types[types.Length - 1] = TypeAfterErasure(((!)fun.OutParams[0]).TypedIdent.Type);
+ types[i] = TypeAfterErasure(cce.NonNull(fun.InParams[j]).TypedIdent.Type);
+ types[types.Length - 1] = TypeAfterErasure(cce.NonNull(fun.OutParams[0]).TypedIdent.Type);
- Function! untypedFun = HelperFuns.BoogieFunction(fun.Name, types);
+ Function/*!*/ untypedFun = HelperFuns.BoogieFunction(fun.Name, types);
+ Contract.Assert(untypedFun != null);
untypedFun.Attributes = fun.Attributes;
res = new UntypedFunction(untypedFun, implicitParams, explicitParams);
if (U.Equals(types[types.Length - 1]))
@@ -322,60 +397,75 @@ namespace Microsoft.Boogie.TypeErasure return res;
}
- private VCExpr! GenFunctionAxiom(UntypedFunction fun, Function! originalFun) {
- List<Type!>! originalInTypes = new List<Type!> (originalFun.InParams.Length);
- foreach (Formal! f in originalFun.InParams)
+ private VCExpr GenFunctionAxiom(UntypedFunction fun, Function originalFun){
+Contract.Requires(originalFun != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<Type/*!*/>/*!*/ originalInTypes = new List<Type/*!*/> (originalFun.InParams.Length);
+ foreach (Formal/*!*/ f in originalFun.InParams)
originalInTypes.Add(f.TypedIdent.Type);
return GenFunctionAxiom(fun.Fun, fun.ImplicitTypeParams, fun.ExplicitTypeParams,
originalInTypes,
- ((!)originalFun.OutParams[0]).TypedIdent.Type);
+ cce.NonNull(originalFun.OutParams[0]).TypedIdent.Type);
}
- internal VCExpr! GenFunctionAxiom(Function! fun,
- List<TypeVariable!>! implicitTypeParams,
- List<TypeVariable!>! explicitTypeParams,
- List<Type!>! originalInTypes,
- Type! originalResultType)
- requires originalInTypes.Count + explicitTypeParams.Count == fun.InParams.Length;
+ internal VCExpr/*!*/ GenFunctionAxiom(Function/*!*/ fun,
+ List<TypeVariable/*!*/>/*!*/ implicitTypeParams,
+ List<TypeVariable/*!*/>/*!*/ explicitTypeParams,
+ List<Type/*!*/>/*!*/ originalInTypes,
+ Type/*!*/ originalResultType)
{
+ Contract.Requires(cce.NonNullElements(implicitTypeParams));
+ Contract.Requires(fun != null);
+ Contract.Requires(cce.NonNullElements(explicitTypeParams));
+ Contract.Requires(cce.NonNullElements(originalInTypes));
+ Contract.Requires(originalResultType != null);
+ Contract.Requires(originalInTypes.Count + explicitTypeParams.Count == fun.InParams.Length);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
if (CommandLineOptions.Clo.TypeEncodingMethod == CommandLineOptions.TypeEncoding.None) {
return VCExpressionGenerator.True;
}
- List<VCExprVar!>! typedInputVars = new List<VCExprVar!>(originalInTypes.Count);
+ List<VCExprVar/*!*/>/*!*/ typedInputVars = new List<VCExprVar/*!*/>(originalInTypes.Count);
int i = 0;
- foreach (Type! t in originalInTypes) {
+ foreach (Type/*!*/ t in originalInTypes) {Contract.Assert(t != null);
typedInputVars.Add(Gen.Variable("arg" + i, t));
i = i + 1;
}
- VariableBindings! bindings = new VariableBindings ();
+ VariableBindings/*!*/ bindings = new VariableBindings ();
// type parameters that have to be given explicitly are replaced
// with universally quantified type variables
- List<VCExprVar!>! boundVars = new List<VCExprVar!> (explicitTypeParams.Count + typedInputVars.Count);
- foreach (TypeVariable! var in explicitTypeParams) {
- VCExprVar! newVar = Gen.Variable(var.Name, T);
+ List<VCExprVar/*!*/>/*!*/ boundVars = new List<VCExprVar/*!*/> (explicitTypeParams.Count + typedInputVars.Count);
+ foreach (TypeVariable/*!*/ var in explicitTypeParams) {Contract.Assert(var != null);
+ VCExprVar/*!*/ newVar = Gen.Variable(var.Name, T);
boundVars.Add(newVar);
bindings.TypeVariableBindings.Add(var, newVar);
}
// bound term variables are replaced with bound term variables typed in
// a simpler way
- foreach (VCExprVar! var in typedInputVars) {
- Type! newType = TypeAfterErasure(var.Type);
- VCExprVar! newVar = Gen.Variable(var.Name, newType);
+ foreach(VCExprVar/*!*/ var in typedInputVars){
+ Contract.Assert(var != null);
+ Type/*!*/ newType = TypeAfterErasure(var.Type);
+ Contract.Assert(newType != null);
+ VCExprVar/*!*/ newVar = Gen.Variable(var.Name, newType);
+ Contract.Assert(newVar != null);
boundVars.Add(newVar);
bindings.VCExprVarBindings.Add(var, newVar);
}
- List<VCExprLetBinding!> typeVarBindings =
+ List<VCExprLetBinding/*!*/> typeVarBindings =
GenTypeParamBindings(implicitTypeParams, typedInputVars, bindings, true);
+ Contract.Assert(cce.NonNullElements(typeVarBindings));
- VCExpr! funApp = Gen.Function(fun, HelperFuns.ToVCExprList(boundVars));
- VCExpr! conclusion = Gen.Eq(TypeOf(funApp),
+ VCExpr/*!*/ funApp = Gen.Function(fun, HelperFuns.ToVCExprList(boundVars));
+ Contract.Assert(funApp != null);
+ VCExpr/*!*/ conclusion = Gen.Eq(TypeOf(funApp),
Type2Term(originalResultType, bindings.TypeVariableBindings));
+ Contract.Assert(conclusion != null);
VCExpr conclusionWithPremisses =
// leave out antecedents of function type axioms ... they don't appear necessary,
// because a function can always be extended to all U-values (right?)
@@ -383,7 +473,8 @@ namespace Microsoft.Boogie.TypeErasure Gen.Let(typeVarBindings, conclusion);
if (boundVars.Count > 0) {
- List<VCTrigger!> triggers = HelperFuns.ToList(Gen.Trigger(true, HelperFuns.ToList(funApp)));
+ List<VCTrigger/*!*/> triggers = HelperFuns.ToList(Gen.Trigger(true, HelperFuns.ToList(funApp)));
+ Contract.Assert(cce.NonNullElements(triggers));
return Gen.Forall(boundVars, triggers, "funType:" + fun.Name, conclusionWithPremisses);
} else {
return conclusionWithPremisses;
@@ -392,17 +483,23 @@ namespace Microsoft.Boogie.TypeErasure ////////////////////////////////////////////////////////////////////////////
- protected override void AddVarTypeAxiom(VCExprVar! var, Type! originalType) {
+ protected override void AddVarTypeAxiom(VCExprVar var, Type originalType){
+Contract.Requires(originalType != null);
+Contract.Requires(var != null);
if (CommandLineOptions.Clo.TypeEncodingMethod == CommandLineOptions.TypeEncoding.None) return;
AddTypeAxiom(GenVarTypeAxiom(var, originalType,
// we don't have any bindings available
- new Dictionary<TypeVariable!, VCExpr!> ()));
+ new Dictionary<TypeVariable/*!*/, VCExpr/*!*/>()));
}
- public VCExpr! GenVarTypeAxiom(VCExprVar! var, Type! originalType,
- IDictionary<TypeVariable!, VCExpr!>! varMapping) {
+ public VCExpr GenVarTypeAxiom(VCExprVar var, Type originalType, IDictionary<TypeVariable/*!*/, VCExpr/*!*/>/*!*/ varMapping) {
+ Contract.Requires(var != null);
+ Contract.Requires(originalType != null);
+ Contract.Requires(cce.NonNullElements(varMapping));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
if (!var.Type.Equals(originalType)) {
- VCExpr! typeRepr = Type2Term(originalType, varMapping);
+ VCExpr/*!*/ typeRepr = Type2Term(originalType, varMapping);
return Gen.Eq(TypeOf(var), typeRepr);
}
return VCExpressionGenerator.True;
@@ -413,19 +510,26 @@ namespace Microsoft.Boogie.TypeErasure internal class MapTypeAbstractionBuilderPremisses : MapTypeAbstractionBuilder {
- private readonly TypeAxiomBuilderPremisses! AxBuilderPremisses;
+ private readonly TypeAxiomBuilderPremisses/*!*/ AxBuilderPremisses;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilderPremisses != null);
+ }
- internal MapTypeAbstractionBuilderPremisses(TypeAxiomBuilderPremisses! axBuilder,
- VCExpressionGenerator! gen) {
- base(axBuilder, gen);
+
+ internal MapTypeAbstractionBuilderPremisses(TypeAxiomBuilderPremisses axBuilder, VCExpressionGenerator gen) :base(axBuilder, gen){
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
+
this.AxBuilderPremisses = axBuilder;
}
// constructor for cloning
- internal MapTypeAbstractionBuilderPremisses(TypeAxiomBuilderPremisses! axBuilder,
- VCExpressionGenerator! gen,
- MapTypeAbstractionBuilderPremisses! builder) {
- base(axBuilder, gen, builder);
+ internal MapTypeAbstractionBuilderPremisses(TypeAxiomBuilderPremisses axBuilder, VCExpressionGenerator gen, MapTypeAbstractionBuilderPremisses builder):base(axBuilder, gen, builder) {
+ Contract.Requires(builder != null);
+ Contract.Requires(gen != null);
+ Contract.Requires(axBuilder != null);
+
this.AxBuilderPremisses = axBuilder;
}
@@ -437,96 +541,122 @@ namespace Microsoft.Boogie.TypeErasure // map). These parameters are given as a list of indexes sorted in
// ascending order; the index i refers to the i'th bound variable
// in a type <a0, a1, ..., an>[...]...
- public List<int>! ExplicitSelectTypeParams(MapType! type) {
+ public List<int>/*!*/ ExplicitSelectTypeParams(MapType type) {
+ Contract.Requires(type != null);
+ Contract.Ensures(Contract.Result<List<int>>() != null);
+
List<int> res;
if (!explicitSelectTypeParamsCache.TryGetValue(type, out res)) {
- List<TypeVariable!>! explicitParams, implicitParams;
+ List<TypeVariable/*!*/>/*!*/ explicitParams, implicitParams;
TypeAxiomBuilderPremisses.SeparateTypeParams(type.Arguments.ToList(),
type.TypeParameters,
out implicitParams,
out explicitParams);
- res = new List<int> (explicitParams.Count);
- foreach (TypeVariable! var in explicitParams)
+ res = new List<int>(explicitParams.Count);
+ foreach (TypeVariable/*!*/ var in explicitParams) {
+ Contract.Assert(var != null);
res.Add(type.TypeParameters.IndexOf(var));
+ }
explicitSelectTypeParamsCache.Add(type, res);
}
- return (!)res;
+ return cce.NonNull(res);
+ }
+
+ private IDictionary<MapType/*!*/, List<int>/*!*/>/*!*/ explicitSelectTypeParamsCache =
+ new Dictionary<MapType/*!*/, List<int>/*!*/>();
+ [ContractInvariantMethod]
+ void ObjectInvarant() {
+ Contract.Invariant(cce.NonNullElements(explicitSelectTypeParamsCache));
}
- private IDictionary<MapType!, List<int>!>! explicitSelectTypeParamsCache =
- new Dictionary<MapType!, List<int>!> ();
////////////////////////////////////////////////////////////////////////////
- protected override void GenSelectStoreFunctions(MapType! abstractedType,
- TypeCtorDecl! synonym,
- out Function! select,
- out Function! store) {
- Type! mapTypeSynonym;
- List<TypeVariable!>! typeParams;
- List<Type!>! originalInTypes;
+ protected override void GenSelectStoreFunctions(MapType abstractedType, TypeCtorDecl synonym, out Function/*!*/ select, out Function/*!*/ store) {
+ Contract.Requires(synonym != null);
+ Contract.Requires(abstractedType != null);
+ Contract.Ensures(Contract.ValueAtReturn(out select) != null);
+ Contract.Ensures(Contract.ValueAtReturn(out store) != null);
+ Type/*!*/ mapTypeSynonym;
+ List<TypeVariable/*!*/>/*!*/ typeParams;
+ List<Type/*!*/>/*!*/ originalInTypes;
GenTypeAxiomParams(abstractedType, synonym, out mapTypeSynonym,
out typeParams, out originalInTypes);
// select
- List<TypeVariable!>! explicitSelectParams, implicitSelectParams;
+ List<TypeVariable/*!*/>/*!*/ explicitSelectParams, implicitSelectParams;
select = CreateAccessFun(typeParams, originalInTypes,
abstractedType.Result, synonym.Name + "Select",
out implicitSelectParams, out explicitSelectParams);
-
+
// store, which gets one further argument: the assigned rhs
originalInTypes.Add(abstractedType.Result);
- List<TypeVariable!>! explicitStoreParams, implicitStoreParams;
+ List<TypeVariable/*!*/>/*!*/ explicitStoreParams, implicitStoreParams;
store = CreateAccessFun(typeParams, originalInTypes,
mapTypeSynonym, synonym.Name + "Store",
out implicitStoreParams, out explicitStoreParams);
- // the store function does not have any explicit type parameters
- assert explicitStoreParams.Count == 0;
-
+ // the store function does not have any explicit type parameters
+ Contract.Assert(explicitStoreParams.Count == 0);
+
if (CommandLineOptions.Clo.UseArrayTheory) {
select.AddAttribute("builtin", "select");
store.AddAttribute("builtin", "store");
- } else {
+ } else {
AxBuilder.AddTypeAxiom(GenMapAxiom0(select, store,
abstractedType.Result,
implicitSelectParams, explicitSelectParams,
originalInTypes));
- AxBuilder.AddTypeAxiom(GenMapAxiom1(select, store,
+ AxBuilder.AddTypeAxiom(GenMapAxiom1(select, store,
abstractedType.Result,
explicitSelectParams));
}
}
- protected void GenTypeAxiomParams(MapType! abstractedType, TypeCtorDecl! synonymDecl,
- out Type! mapTypeSynonym,
- out List<TypeVariable!>! typeParams,
- out List<Type!>! originalIndexTypes) {
- typeParams = new List<TypeVariable!> (abstractedType.TypeParameters.Length + abstractedType.FreeVariables.Length);
+ protected void GenTypeAxiomParams(MapType/*!*/ abstractedType, TypeCtorDecl/*!*/ synonymDecl,
+ out Type/*!*/ mapTypeSynonym,
+ out List<TypeVariable/*!*/>/*!*/ typeParams,
+ out List<Type/*!*/>/*!*/ originalIndexTypes) {
+ Contract.Requires(abstractedType != null);
+ Contract.Requires(synonymDecl != null);
+ Contract.Ensures(Contract.ValueAtReturn(out mapTypeSynonym) != null);
+ Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out typeParams)));
+ Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out originalIndexTypes)));
+ typeParams = new List<TypeVariable/*!*/>(abstractedType.TypeParameters.Length + abstractedType.FreeVariables.Length);
typeParams.AddRange(abstractedType.TypeParameters.ToList());
typeParams.AddRange(abstractedType.FreeVariables.ToList());
- originalIndexTypes = new List<Type!> (abstractedType.Arguments.Length + 1);
- TypeSeq! mapTypeParams = new TypeSeq ();
- foreach (TypeVariable! var in abstractedType.FreeVariables)
+ originalIndexTypes = new List<Type/*!*/>(abstractedType.Arguments.Length + 1);
+ TypeSeq/*!*/ mapTypeParams = new TypeSeq();
+ foreach (TypeVariable/*!*/ var in abstractedType.FreeVariables) {
+ Contract.Assert(var != null);
mapTypeParams.Add(var);
-
+ }
+
if (CommandLineOptions.Clo.UseArrayTheory)
mapTypeSynonym = abstractedType;
- else
- mapTypeSynonym = new CtorType (Token.NoToken, synonymDecl, mapTypeParams);
-
+ else
+ mapTypeSynonym = new CtorType(Token.NoToken, synonymDecl, mapTypeParams);
+
originalIndexTypes.Add(mapTypeSynonym);
originalIndexTypes.AddRange(abstractedType.Arguments.ToList());
}
// method to actually create the select or store function
- private Function! CreateAccessFun(List<TypeVariable!>! originalTypeParams,
- List<Type!>! originalInTypes,
- Type! originalResult,
- string! name,
- out List<TypeVariable!>! implicitTypeParams, out List<TypeVariable!>! explicitTypeParams) {
+ private Function/*!*/ CreateAccessFun(List<TypeVariable/*!*/>/*!*/ originalTypeParams,
+ List<Type/*!*/>/*!*/ originalInTypes,
+ Type/*!*/ originalResult,
+ string/*!*/ name,
+ out List<TypeVariable/*!*/>/*!*/ implicitTypeParams, out List<TypeVariable/*!*/>/*!*/ explicitTypeParams) {
+ Contract.Requires(cce.NonNullElements(originalTypeParams));
+ Contract.Requires(cce.NonNullElements(originalInTypes));
+ Contract.Requires(originalResult != null);
+ Contract.Requires(name != null);
+ Contract.Ensures(Contract.Result<Function>() != null);
+ Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out implicitTypeParams)));
+ Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out explicitTypeParams)));
+
// select and store are basically handled like normal functions: the type
// parameters are split into the implicit parameters, and into the parameters
// that have to be given explicitly
@@ -534,28 +664,28 @@ namespace Microsoft.Boogie.TypeErasure HelperFuns.ToSeq(originalTypeParams),
out implicitTypeParams,
out explicitTypeParams);
-
- Type[]! ioTypes = new Type [explicitTypeParams.Count + originalInTypes.Count + 1];
+
+ Type[]/*!*/ ioTypes = new Type[explicitTypeParams.Count + originalInTypes.Count + 1];
int i = 0;
for (; i < explicitTypeParams.Count; ++i)
ioTypes[i] = AxBuilder.T;
- foreach (Type! type in originalInTypes)
- {
+ foreach (Type/*!*/ type in originalInTypes) {
+ Contract.Assert(type != null);
if (CommandLineOptions.Clo.Monomorphize && AxBuilder.UnchangedType(type))
- ioTypes[i] = type;
+ ioTypes[i] = type;
else
- ioTypes[i] = AxBuilder.U;
+ ioTypes[i] = AxBuilder.U;
i++;
}
if (CommandLineOptions.Clo.Monomorphize && AxBuilder.UnchangedType(originalResult))
ioTypes[i] = originalResult;
else
ioTypes[i] = AxBuilder.U;
-
- Function! res = HelperFuns.BoogieFunction(name, ioTypes);
- if (AxBuilder.U.Equals(ioTypes[i]))
- {
+ Function/*!*/ res = HelperFuns.BoogieFunction(name, ioTypes);
+ Contract.Assert(res != null);
+
+ if (AxBuilder.U.Equals(ioTypes[i])) {
AxBuilder.AddTypeAxiom(
AxBuilderPremisses.GenFunctionAxiom(res,
implicitTypeParams, explicitTypeParams,
@@ -567,26 +697,34 @@ namespace Microsoft.Boogie.TypeErasure ///////////////////////////////////////////////////////////////////////////
// The normal axioms of the theory of arrays (without extensionality)
- private VCExpr! Select(Function! select,
- // in general, the select function has to
- // receive explicit type parameters (which
- // are here already represented as VCExpr
- // of type T)
- List<VCExpr!>! typeParams,
- VCExpr! map,
- List<VCExprVar!>! indexes) {
- List<VCExpr!>! selectArgs = new List<VCExpr!> (typeParams.Count + indexes.Count + 1);
+ private VCExpr/*!*/ Select(Function/*!*/ select,
+ // in general, the select function has to
+ // receive explicit type parameters (which
+ // are here already represented as VCExpr
+ // of type T)
+ List<VCExpr/*!*/>/*!*/ typeParams,
+ VCExpr/*!*/ map,
+ List<VCExprVar/*!*/>/*!*/ indexes) {
+ Contract.Requires(select != null);
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Requires(map != null);
+ Contract.Requires(cce.NonNullElements(indexes));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ List<VCExpr/*!*/>/*!*/ selectArgs = new List<VCExpr/*!*/>(typeParams.Count + indexes.Count + 1);
selectArgs.AddRange(typeParams);
selectArgs.Add(map);
selectArgs.AddRange(HelperFuns.ToVCExprList(indexes));
return Gen.Function(select, selectArgs);
}
- private VCExpr! Store(Function! store,
- VCExpr! map,
- List<VCExprVar!>! indexes,
- VCExpr! val) {
- List<VCExpr!>! storeArgs = new List<VCExpr!> (indexes.Count + 2);
+ private VCExpr Store(Function store, VCExpr map, List<VCExprVar/*!*/>/*!*/ indexes, VCExpr val) {
+ Contract.Requires(val != null);
+ Contract.Requires(map != null);
+ Contract.Requires(store != null);
+ Contract.Requires(cce.NonNullElements(indexes));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExpr/*!*/>/*!*/ storeArgs = new List<VCExpr/*!*/>(indexes.Count + 2);
storeArgs.Add(map);
storeArgs.AddRange(HelperFuns.ToVCExprList(indexes));
storeArgs.Add(val);
@@ -600,14 +738,17 @@ namespace Microsoft.Boogie.TypeErasure /// select(store(m, indexes, val), indexes) == val)
/// where the quantifier body is also enclosed in a let that defines portions of T, if needed.
/// </summary>
- private VCExpr! GenMapAxiom0(Function! select, Function! store,
- Type! mapResult,
- List<TypeVariable!>! implicitTypeParamsSelect, List<TypeVariable!>! explicitTypeParamsSelect,
- List<Type!>! originalInTypes)
- {
+ private VCExpr GenMapAxiom0(Function select, Function store, Type mapResult, List<TypeVariable/*!*/>/*!*/ implicitTypeParamsSelect, List<TypeVariable/*!*/>/*!*/ explicitTypeParamsSelect, List<Type/*!*/>/*!*/ originalInTypes) {
+ Contract.Requires(mapResult != null);
+ Contract.Requires(store != null);
+ Contract.Requires(select != null);
+ Contract.Requires(cce.NonNullElements(implicitTypeParamsSelect));
+ Contract.Requires(cce.NonNullElements(originalInTypes));
+ Contract.Requires(cce.NonNullElements(explicitTypeParamsSelect));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
int arity = store.InParams.Length - 2;
- List<VCExprVar!> inParams = new List<VCExprVar!>();
- List<VCExprVar!> quantifiedVars = new List<VCExprVar!>(store.InParams.Length);
+ List<VCExprVar/*!*/> inParams = new List<VCExprVar/*!*/>();
+ List<VCExprVar/*!*/> quantifiedVars = new List<VCExprVar/*!*/>(store.InParams.Length);
VariableBindings bindings = new VariableBindings();
// bound variable: m
@@ -618,16 +759,18 @@ namespace Microsoft.Boogie.TypeErasure bindings.VCExprVarBindings.Add(typedM, m);
// bound variables: indexes
- List<Type!> origIndexTypes = new List<Type!>(arity);
- List<Type!> indexTypes = new List<Type!>(arity);
- for (int i = 1; i < store.InParams.Length-1; i++) {
+ List<Type/*!*/> origIndexTypes = new List<Type/*!*/>(arity);
+ List<Type/*!*/> indexTypes = new List<Type/*!*/>(arity);
+ for (int i = 1; i < store.InParams.Length - 1; i++) {
origIndexTypes.Add(originalInTypes[i]);
- indexTypes.Add(((!)store.InParams[i]).TypedIdent.Type);
+ indexTypes.Add(cce.NonNull(store.InParams[i]).TypedIdent.Type);
}
- assert arity == indexTypes.Count;
- List<VCExprVar!> typedArgs = HelperFuns.VarVector("arg", origIndexTypes, Gen);
- List<VCExprVar!> indexes = HelperFuns.VarVector("x", indexTypes, Gen);
- assert typedArgs.Count == indexes.Count;
+ Contract.Assert(arity == indexTypes.Count);
+ List<VCExprVar/*!*/> typedArgs = HelperFuns.VarVector("arg", origIndexTypes, Gen);
+ Contract.Assert(cce.NonNullElements(typedArgs));
+ List<VCExprVar/*!*/> indexes = HelperFuns.VarVector("x", indexTypes, Gen);
+ Contract.Assert(cce.NonNullElements(indexes));
+ Contract.Assert(typedArgs.Count == indexes.Count);
inParams.AddRange(typedArgs);
quantifiedVars.AddRange(indexes);
for (int i = 0; i < arity; i++) {
@@ -636,7 +779,7 @@ namespace Microsoft.Boogie.TypeErasure // bound variable: val
VCExprVar typedVal = Gen.Variable("val", mapResult);
- VCExprVar val = Gen.Variable("val", ((!)select.OutParams[0]).TypedIdent.Type);
+ VCExprVar val = Gen.Variable("val", cce.NonNull(select.OutParams[0]).TypedIdent.Type);
quantifiedVars.Add(val);
bindings.VCExprVarBindings.Add(typedVal, val);
@@ -645,7 +788,7 @@ namespace Microsoft.Boogie.TypeErasure VCExprVar tVar = Gen.Variable(tp.Name, AxBuilderPremisses.T);
bindings.TypeVariableBindings.Add(tp, tVar);
}
- List<VCExpr!> typeParams = new List<VCExpr!>(explicitTypeParamsSelect.Count);
+ List<VCExpr/*!*/> typeParams = new List<VCExpr/*!*/>(explicitTypeParamsSelect.Count);
foreach (TypeVariable tp in explicitTypeParamsSelect) {
VCExprVar tVar = Gen.Variable(tp.Name, AxBuilderPremisses.T);
bindings.TypeVariableBindings.Add(tp, tVar);
@@ -653,108 +796,134 @@ namespace Microsoft.Boogie.TypeErasure typeParams.Add(tVar);
}
- VCExpr! storeExpr = Store(store, m, indexes, val);
- VCExpr! selectExpr = Select(select, typeParams, storeExpr, indexes);
+ VCExpr/*!*/ storeExpr = Store(store, m, indexes, val);
+ Contract.Assert(storeExpr != null);
+ VCExpr/*!*/ selectExpr = Select(select, typeParams, storeExpr, indexes);
+ Contract.Assert(selectExpr != null);
// Create let-binding definitions for all type parameters.
// The implicit ones can be phrased in terms of the types of the ordinary in-parameters, and
// we want to make sure that they don't get phrased in terms of the out-parameter, so we pass
// in inParams here.
- List<VCExprLetBinding!> letBindings_Implicit =
+ List<VCExprLetBinding/*!*/> letBindings_Implicit =
AxBuilderPremisses.GenTypeParamBindings(implicitTypeParamsSelect, inParams, bindings, false);
+ Contract.Assert(cce.NonNullElements(letBindings_Implicit));
// The explicit ones, by definition, can only be phrased in terms of the result, so we pass
// in List(typedVal) here.
- List<VCExprLetBinding!> letBindings_Explicit =
+ List<VCExprLetBinding/*!*/> letBindings_Explicit =
AxBuilderPremisses.GenTypeParamBindings(explicitTypeParamsSelect, HelperFuns.ToList(typedVal), bindings, false);
+ Contract.Assert(cce.NonNullElements(letBindings_Explicit));
// generate: select(store(m, indices, val)) == val
- VCExpr! eq = Gen.Eq(selectExpr, val);
+ VCExpr/*!*/ eq = Gen.Eq(selectExpr, val);
+ Contract.Assert(eq != null);
// generate: type(val) == T, where T is the type of val
- VCExpr! ante = Gen.Eq(
+ VCExpr/*!*/ ante = Gen.Eq(
AxBuilderPremisses.TypeOf(val),
AxBuilderPremisses.Type2Term(mapResult, bindings.TypeVariableBindings));
+ Contract.Assert(ante != null);
VCExpr body;
if (CommandLineOptions.Clo.TypeEncodingMethod == CommandLineOptions.TypeEncoding.None ||
- !AxBuilder.U.Equals(((!)select.OutParams[0]).TypedIdent.Type))
- {
+ !AxBuilder.U.Equals(cce.NonNull(select.OutParams[0]).TypedIdent.Type)) {
body = Gen.Let(letBindings_Explicit, eq);
} else {
body = Gen.Let(letBindings_Implicit, Gen.Let(letBindings_Explicit, Gen.ImpliesSimp(ante, eq)));
}
- return Gen.Forall(quantifiedVars, new List<VCTrigger!>(), "mapAx0:" + select.Name, body);
+ return Gen.Forall(quantifiedVars, new List<VCTrigger/*!*/>(), "mapAx0:" + select.Name, body);
}
- private VCExpr! GenMapAxiom1(Function! select, Function! store,
- Type! mapResult,
- List<TypeVariable!>! explicitSelectParams) {
+ private VCExpr GenMapAxiom1(Function select, Function store, Type mapResult, List<TypeVariable/*!*/>/*!*/ explicitSelectParams) {
+ Contract.Requires(mapResult != null);
+ Contract.Requires(store != null);
+ Contract.Requires(select != null);
+ Contract.Requires(cce.NonNullElements(explicitSelectParams));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
int arity = store.InParams.Length - 2;
- List<Type!> indexTypes = new List<Type!>();
- for (int i = 1; i < store.InParams.Length-1; i++)
- {
- indexTypes.Add(((!)store.InParams[i]).TypedIdent.Type);
+ List<Type/*!*/> indexTypes = new List<Type/*!*/>();
+ for (int i = 1; i < store.InParams.Length - 1; i++) {
+ indexTypes.Add(cce.NonNull(store.InParams[i]).TypedIdent.Type);
}
- assert indexTypes.Count == arity;
-
- List<VCExprVar!>! indexes0 = HelperFuns.VarVector("x", indexTypes, Gen);
- List<VCExprVar!>! indexes1 = HelperFuns.VarVector("y", indexTypes, Gen);
- VCExprVar! m = Gen.Variable("m", AxBuilder.U);
- VCExprVar! val = Gen.Variable("val", ((!)select.OutParams[0]).TypedIdent.Type);
+ Contract.Assert(indexTypes.Count == arity);
+
+ List<VCExprVar/*!*/>/*!*/ indexes0 = HelperFuns.VarVector("x", indexTypes, Gen);
+ Contract.Assert(cce.NonNullElements(indexes0));
+ List<VCExprVar/*!*/>/*!*/ indexes1 = HelperFuns.VarVector("y", indexTypes, Gen);
+ Contract.Assert(cce.NonNullElements(indexes1));
+ VCExprVar/*!*/ m = Gen.Variable("m", AxBuilder.U);
+ Contract.Assert(m != null);
+ VCExprVar/*!*/ val = Gen.Variable("val", cce.NonNull(select.OutParams[0]).TypedIdent.Type);
+ Contract.Assert(val != null);
// extract the explicit type parameters from the actual result type ...
- VCExprVar! typedVal = Gen.Variable("val", mapResult);
- VariableBindings! bindings = new VariableBindings ();
+ VCExprVar/*!*/ typedVal = Gen.Variable("val", mapResult);
+ Contract.Assert(typedVal != null);
+ VariableBindings/*!*/ bindings = new VariableBindings();
bindings.VCExprVarBindings.Add(typedVal, val);
- List<VCExprLetBinding!>! letBindings =
+ List<VCExprLetBinding/*!*/>/*!*/ letBindings =
AxBuilderPremisses.GenTypeParamBindings(explicitSelectParams,
HelperFuns.ToList(typedVal),
bindings, true);
+ Contract.Assert(cce.NonNullElements(letBindings));
// ... and quantify the introduced term variables for type
// parameters universally
- List<VCExprVar!>! typeParams = new List<VCExprVar!> (explicitSelectParams.Count);
- List<VCExpr!>! typeParamsExpr = new List<VCExpr!> (explicitSelectParams.Count);
- foreach (TypeVariable! var in explicitSelectParams) {
- VCExprVar! newVar = (VCExprVar)bindings.TypeVariableBindings[var];
+ List<VCExprVar/*!*/>/*!*/ typeParams = new List<VCExprVar/*!*/>(explicitSelectParams.Count);
+ List<VCExpr/*!*/>/*!*/ typeParamsExpr = new List<VCExpr/*!*/>(explicitSelectParams.Count);
+ foreach (TypeVariable/*!*/ var in explicitSelectParams) {
+ Contract.Assert(var != null);
+ VCExprVar/*!*/ newVar = (VCExprVar)bindings.TypeVariableBindings[var];
+ Contract.Assert(newVar != null);
typeParams.Add(newVar);
typeParamsExpr.Add(newVar);
}
- VCExpr! storeExpr = Store(store, m, indexes0, val);
- VCExpr! selectWithoutStoreExpr = Select(select, typeParamsExpr, m, indexes1);
- VCExpr! selectExpr = Select(select, typeParamsExpr, storeExpr, indexes1);
+ VCExpr/*!*/ storeExpr = Store(store, m, indexes0, val);
+ Contract.Assert(storeExpr != null);
+ VCExpr/*!*/ selectWithoutStoreExpr = Select(select, typeParamsExpr, m, indexes1);
+ Contract.Assert(selectWithoutStoreExpr != null);
+ VCExpr/*!*/ selectExpr = Select(select, typeParamsExpr, storeExpr, indexes1);
+ Contract.Assert(selectExpr != null);
- VCExpr! selectEq = Gen.Eq(selectExpr, selectWithoutStoreExpr);
+ VCExpr/*!*/ selectEq = Gen.Eq(selectExpr, selectWithoutStoreExpr);
+ Contract.Assert(selectEq != null);
- List<VCExprVar!>! quantifiedVars = new List<VCExprVar!> (indexes0.Count + indexes1.Count + 2);
+ List<VCExprVar/*!*/>/*!*/ quantifiedVars = new List<VCExprVar/*!*/>(indexes0.Count + indexes1.Count + 2);
quantifiedVars.Add(val);
quantifiedVars.Add(m);
quantifiedVars.AddRange(indexes0);
quantifiedVars.AddRange(indexes1);
quantifiedVars.AddRange(typeParams);
- List<VCTrigger!>! triggers = new List<VCTrigger!> ();
+ List<VCTrigger/*!*/>/*!*/ triggers = new List<VCTrigger/*!*/>();
+ Contract.Assert(cce.NonNullElements(triggers));
- VCExpr! axiom = VCExpressionGenerator.True;
+ VCExpr/*!*/ axiom = VCExpressionGenerator.True;
+ Contract.Assert(axiom != null);
// first non-interference criterium: the queried location is
// different from the assigned location
for (int i = 0; i < arity; ++i) {
- VCExpr! indexesEq = Gen.Eq(indexes0[i], indexes1[i]);
- VCExpr! matrix = Gen.Or(indexesEq, selectEq);
- VCExpr! conjunct = Gen.Forall(quantifiedVars, triggers,
+ VCExpr/*!*/ indexesEq = Gen.Eq(indexes0[i], indexes1[i]);
+ VCExpr/*!*/ matrix = Gen.Or(indexesEq, selectEq);
+ VCExpr/*!*/ conjunct = Gen.Forall(quantifiedVars, triggers,
"mapAx1:" + select.Name + ":" + i, matrix);
+ Contract.Assert(indexesEq != null);
+ Contract.Assert(matrix != null);
+ Contract.Assert(conjunct != null);
axiom = Gen.AndSimp(axiom, conjunct);
}
// second non-interference criterion: the queried type is
// different from the assigned type
- VCExpr! typesEq = VCExpressionGenerator.True;
- foreach (VCExprLetBinding! b in letBindings)
+ VCExpr/*!*/ typesEq = VCExpressionGenerator.True;
+ foreach (VCExprLetBinding/*!*/ b in letBindings) {
+ Contract.Assert(b != null);
typesEq = Gen.AndSimp(typesEq, Gen.Eq(b.V, b.E));
- VCExpr! matrix2 = Gen.Or(typesEq, selectEq);
- VCExpr! conjunct2 = Gen.Forall(quantifiedVars, triggers,
+ }
+ VCExpr/*!*/ matrix2 = Gen.Or(typesEq, selectEq);
+ VCExpr/*!*/ conjunct2 = Gen.Forall(quantifiedVars, triggers,
"mapAx2:" + select.Name, matrix2);
axiom = Gen.AndSimp(axiom, conjunct2);
@@ -767,25 +936,35 @@ namespace Microsoft.Boogie.TypeErasure public class TypeEraserPremisses : TypeEraser {
- private readonly TypeAxiomBuilderPremisses! AxBuilderPremisses;
+ private readonly TypeAxiomBuilderPremisses/*!*/ AxBuilderPremisses;
+ [ContractInvariantMethod]
+void ObjectInvariant()
+{
+ Contract.Invariant(AxBuilderPremisses != null);
+}
+
private OpTypeEraser OpEraserAttr = null;
- protected override OpTypeEraser! OpEraser { get {
+ protected override OpTypeEraser/*!*/ OpEraser { get {Contract.Ensures(Contract.Result<OpTypeEraser>() != null);
+
if (OpEraserAttr == null)
OpEraserAttr = new OpTypeEraserPremisses(this, AxBuilderPremisses, Gen);
return OpEraserAttr;
} }
- public TypeEraserPremisses(TypeAxiomBuilderPremisses! axBuilder,
- VCExpressionGenerator! gen) {
- base(axBuilder, gen);
+ public TypeEraserPremisses(TypeAxiomBuilderPremisses axBuilder, VCExpressionGenerator gen):base(axBuilder, gen){
+Contract.Requires(gen != null);
+Contract.Requires(axBuilder != null);
+
this.AxBuilderPremisses = axBuilder;
}
////////////////////////////////////////////////////////////////////////////
- public override VCExpr! Visit(VCExprQuantifier! node,
- VariableBindings! oldBindings) {
+ public override VCExpr Visit(VCExprQuantifier node, VariableBindings oldBindings){
+Contract.Requires(oldBindings != null);
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
VariableBindings bindings = oldBindings.Clone();
// determine the bound vars that actually occur in the body or
@@ -796,11 +975,13 @@ namespace Microsoft.Boogie.TypeErasure coll.Collect(node.Body);
foreach (VCTrigger trigger in node.Triggers) {
if (trigger.Pos)
- foreach (VCExpr! e in trigger.Exprs)
- coll.Collect(e);
+ foreach(VCExpr/*!*/ e in trigger.Exprs){
+Contract.Assert(e != null);
+
+ coll.Collect(e);}
}
- List<VCExprVar!> occurringVars = new List<VCExprVar!> (node.BoundVars.Count);
+ List<VCExprVar/*!*/> occurringVars = new List<VCExprVar/*!*/> (node.BoundVars.Count);
foreach (VCExprVar var in node.BoundVars)
if (coll.FreeTermVars.ContainsKey(var))
occurringVars.Add(var);
@@ -809,15 +990,17 @@ namespace Microsoft.Boogie.TypeErasure // bound term variables are replaced with bound term variables typed in
// a simpler way
- List<VCExprVar!>! newBoundVars =
+ List<VCExprVar/*!*/>/*!*/ newBoundVars =
BoundVarsAfterErasure(occurringVars, bindings);
- VCExpr! newNode = HandleQuantifier(node, occurringVars,
+ Contract.Assert(cce.NonNullElements(newBoundVars));
+ VCExpr/*!*/ newNode = HandleQuantifier(node, occurringVars,
newBoundVars, bindings);
+ Contract.Assert(newNode != null);
if (!(newNode is VCExprQuantifier) || !IsUniversalQuantifier(node))
return newNode;
- VariableBindings! bindings2;
+ VariableBindings bindings2;
if (!RedoQuantifier(node, (VCExprQuantifier)newNode, occurringVars, oldBindings,
out bindings2, out newBoundVars))
return newNode;
@@ -826,30 +1009,41 @@ namespace Microsoft.Boogie.TypeErasure newBoundVars, bindings2);
}
- private VCExpr! GenTypePremisses(List<VCExprVar!>! oldBoundVars,
- List<VCExprVar!>! newBoundVars,
- IDictionary<TypeVariable!, VCExpr!>!
+ private VCExpr/*!*/ GenTypePremisses(List<VCExprVar/*!*/>/*!*/ oldBoundVars,
+ List<VCExprVar/*!*/>/*!*/ newBoundVars,
+ IDictionary<TypeVariable/*!*/, VCExpr/*!*/>/*!*/
typeVarTranslation,
- List<VCExprLetBinding!>! typeVarBindings,
- out List<VCTrigger!>! triggers) {
+ List<VCExprLetBinding/*!*/>/*!*/ typeVarBindings,
+ out List<VCTrigger/*!*/>/*!*/ triggers) {
+ Contract.Requires(cce.NonNullElements(oldBoundVars));
+ Contract.Requires(cce.NonNullElements(newBoundVars));
+ Contract.Requires(cce.NonNullElements(typeVarTranslation));
+ Contract.Requires(cce.NonNullElements(typeVarBindings));
+ Contract.Ensures(cce.NonNullElements(Contract.ValueAtReturn(out triggers)));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
// build a substitution of the type variables that it can be checked
// whether type premisses are trivial
- VCExprSubstitution! typeParamSubstitution = new VCExprSubstitution ();
- foreach (VCExprLetBinding! binding in typeVarBindings)
- typeParamSubstitution[binding.V] = binding.E;
- SubstitutingVCExprVisitor! substituter = new SubstitutingVCExprVisitor (Gen);
+ VCExprSubstitution/*!*/ typeParamSubstitution = new VCExprSubstitution ();
+ foreach(VCExprLetBinding/*!*/ binding in typeVarBindings){
+Contract.Assert(binding != null);
+ typeParamSubstitution[binding.V] = binding.E;}
+ SubstitutingVCExprVisitor/*!*/ substituter = new SubstitutingVCExprVisitor (Gen);
+ Contract.Assert(substituter != null);
- List<VCExpr!>! typePremisses = new List<VCExpr!> (newBoundVars.Count);
- triggers = new List<VCTrigger!> (newBoundVars.Count);
+ List<VCExpr/*!*/>/*!*/ typePremisses = new List<VCExpr/*!*/> (newBoundVars.Count);
+ triggers = new List<VCTrigger/*!*/> (newBoundVars.Count);
for (int i = 0; i < newBoundVars.Count; ++i) {
- VCExprVar! oldVar = oldBoundVars[i];
- VCExprVar! newVar = newBoundVars[i];
+ VCExprVar/*!*/ oldVar = oldBoundVars[i];
+ Contract.Assert(oldVar != null);
+ VCExprVar/*!*/ newVar = newBoundVars[i];
+ Contract.Assert(newVar != null);
- VCExpr! typePremiss =
+ VCExpr/*!*/ typePremiss =
AxBuilderPremisses.GenVarTypeAxiom(newVar, oldVar.Type,
typeVarTranslation);
-
+ Contract.Assert(typePremiss != null);
if (!IsTriviallyTrue(substituter.Mutate(typePremiss,
typeParamSubstitution))) {
typePremisses.Add(typePremiss);
@@ -868,12 +1062,14 @@ namespace Microsoft.Boogie.TypeErasure // these optimisations should maybe be moved into a separate
// visitor (peep-hole optimisations)
- private bool IsTriviallyTrue(VCExpr! expr) {
+ private bool IsTriviallyTrue(VCExpr expr){
+Contract.Requires(expr != null);
if (expr.Equals(VCExpressionGenerator.True))
return true;
if (expr is VCExprNAry) {
- VCExprNAry! naryExpr = (VCExprNAry)expr;
+ VCExprNAry/*!*/ naryExpr = (VCExprNAry)expr;
+ Contract.Assert(naryExpr != null);
if (naryExpr.Op.Equals(VCExpressionGenerator.EqOp) &&
naryExpr[0].Equals(naryExpr[1]))
return true;
@@ -882,91 +1078,103 @@ namespace Microsoft.Boogie.TypeErasure return false;
}
- private VCExpr! HandleQuantifier(VCExprQuantifier! node,
- List<VCExprVar!>! occurringVars,
- List<VCExprVar!>! newBoundVars,
- VariableBindings! bindings) {
- List<VCExprLetBinding!>! typeVarBindings =
+ private VCExpr HandleQuantifier(VCExprQuantifier node, List<VCExprVar/*!*/>/*!*/ occurringVars/*!*/, List<VCExprVar/*!*/>/*!*/ newBoundVars, VariableBindings bindings) {
+ Contract.Requires(bindings != null);
+ Contract.Requires(node != null);
+ Contract.Requires(cce.NonNullElements(occurringVars/*!*/));
+ Contract.Requires(cce.NonNullElements(newBoundVars));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ List<VCExprLetBinding/*!*/>/*!*/ typeVarBindings =
AxBuilderPremisses.GenTypeParamBindings(node.TypeParameters, occurringVars, bindings, true);
-
+ Contract.Assert(typeVarBindings != null);
// Check whether some of the type parameters could not be
// determined from the bound variable types. In this case, we
// quantify explicitly over these variables
if (typeVarBindings.Count < node.TypeParameters.Count) {
- foreach (TypeVariable! var in node.TypeParameters) {
- if (!exists{VCExprLetBinding! b in typeVarBindings; b.V.Equals(var)})
+ foreach (TypeVariable/*!*/ var in node.TypeParameters) {
+ Contract.Assert(var != null);
+ if (!Contract.Exists(typeVarBindings, b => b.V.Equals(var)))
newBoundVars.Add((VCExprVar)bindings.TypeVariableBindings[var]);
}
}
// the lists of old and new bound variables for which type
// antecedents are to be generated
- List<VCExprVar!>! varsWithTypeSpecs = new List<VCExprVar!> ();
- List<VCExprVar!>! newVarsWithTypeSpecs = new List<VCExprVar!> ();
+ List<VCExprVar/*!*/>/*!*/ varsWithTypeSpecs = new List<VCExprVar/*!*/>();
+ List<VCExprVar/*!*/>/*!*/ newVarsWithTypeSpecs = new List<VCExprVar/*!*/>();
if (!IsUniversalQuantifier(node) ||
CommandLineOptions.Clo.TypeEncodingMethod
== CommandLineOptions.TypeEncoding.Predicates) {
- foreach (VCExprVar! oldVar in occurringVars) {
+ foreach (VCExprVar/*!*/ oldVar in occurringVars) {
+ Contract.Assert(oldVar != null);
varsWithTypeSpecs.Add(oldVar);
newVarsWithTypeSpecs.Add(bindings.VCExprVarBindings[oldVar]);
}
} // else, no type antecedents are created for any variables
- List<VCTrigger!>! furtherTriggers;
- VCExpr! typePremisses =
+ List<VCTrigger/*!*/>/*!*/ furtherTriggers;
+ VCExpr/*!*/ typePremisses =
GenTypePremisses(varsWithTypeSpecs, newVarsWithTypeSpecs,
bindings.TypeVariableBindings,
typeVarBindings, out furtherTriggers);
- List<VCTrigger!>! newTriggers = MutateTriggers(node.Triggers, bindings);
+ Contract.Assert(cce.NonNullElements(furtherTriggers));
+ Contract.Assert(typePremisses != null);
+ List<VCTrigger/*!*/>/*!*/ newTriggers = MutateTriggers(node.Triggers, bindings);
+ Contract.Assert(cce.NonNullElements(newTriggers));
newTriggers.AddRange(furtherTriggers);
newTriggers = AddLets2Triggers(newTriggers, typeVarBindings);
- VCExpr! newBody = Mutate(node.Body, bindings);
+ VCExpr/*!*/ newBody = Mutate(node.Body, bindings);
+ Contract.Assert(newBody != null);
// assemble the new quantified formula
if (CommandLineOptions.Clo.TypeEncodingMethod
== CommandLineOptions.TypeEncoding.None) {
typePremisses = VCExpressionGenerator.True;
- }
+ }
- VCExpr! bodyWithPremisses =
+ VCExpr/*!*/ bodyWithPremisses =
AxBuilderPremisses.AddTypePremisses(typeVarBindings, typePremisses,
node.Quan == Quantifier.ALL,
AxBuilder.Cast(newBody, Type.Bool));
-
+ Contract.Assert(bodyWithPremisses != null);
if (newBoundVars.Count == 0) // might happen that no bound variables are left
return bodyWithPremisses;
- foreach(VCExprVar! v in newBoundVars) {
+ foreach (VCExprVar/*!*/ v in newBoundVars) {
+ Contract.Assert(v != null);
if (v.Type == AxBuilderPremisses.U) {
newTriggers.Add(Gen.Trigger(false, AxBuilderPremisses.Cast(v, Type.Int)));
newTriggers.Add(Gen.Trigger(false, AxBuilderPremisses.Cast(v, Type.Bool)));
}
}
- return Gen.Quantify(node.Quan, new List<TypeVariable!> (), newBoundVars,
+ return Gen.Quantify(node.Quan, new List<TypeVariable/*!*/>(), newBoundVars,
newTriggers, node.Infos, bodyWithPremisses);
}
// check whether we need to add let-binders for any of the type
// parameters to the triggers (otherwise, the triggers will
// contain unbound/dangling variables for such parameters)
- private List<VCTrigger!>! AddLets2Triggers(List<VCTrigger!>! triggers,
- List<VCExprLetBinding!>! typeVarBindings) {
- List<VCTrigger!>! triggersWithLets = new List<VCTrigger!> (triggers.Count);
+ private List<VCTrigger/*!*/>/*!*/ AddLets2Triggers( List<VCTrigger/*!*/>/*!*/ triggers/*!*/, List<VCExprLetBinding/*!*/>/*!*/ typeVarBindings){
+Contract.Requires(cce.NonNullElements(triggers/*!*/));
+Contract.Requires(cce.NonNullElements(typeVarBindings));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCTrigger>>()));
+ List<VCTrigger/*!*/>/*!*/ triggersWithLets = new List<VCTrigger/*!*/> (triggers.Count);
- foreach (VCTrigger! t in triggers) {
- List<VCExpr!>! exprsWithLets = new List<VCExpr!> (t.Exprs.Count);
+ foreach(VCTrigger/*!*/ t in triggers){
+Contract.Assert(t != null);
+ List<VCExpr/*!*/>/*!*/ exprsWithLets = new List<VCExpr/*!*/> (t.Exprs.Count);
bool changed = false;
- foreach (VCExpr! e in t.Exprs) {
- Dictionary<VCExprVar!,object>! freeVars =
+ foreach(VCExpr/*!*/ e in t.Exprs){
+Contract.Assert(e != null);
+Dictionary<VCExprVar/*!*/, object>/*!*/ freeVars =
FreeVariableCollector.FreeTermVariables(e);
-
- if (exists{VCExprLetBinding! b in typeVarBindings;
- freeVars.ContainsKey(b.V)}) {
+Contract.Assert(freeVars!=null&&cce.NonNullElements(freeVars.Keys));
+ if (Contract.Exists(typeVarBindings, b=> freeVars.ContainsKey(b.V))) {
exprsWithLets.Add(Gen.Let(typeVarBindings, e));
changed = true;
} else {
@@ -989,32 +1197,41 @@ namespace Microsoft.Boogie.TypeErasure public class OpTypeEraserPremisses : OpTypeEraser {
- private TypeAxiomBuilderPremisses! AxBuilderPremisses;
+ private TypeAxiomBuilderPremisses/*!*/ AxBuilderPremisses;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(AxBuilderPremisses != null);
+ }
+
- public OpTypeEraserPremisses(TypeEraserPremisses! eraser,
- TypeAxiomBuilderPremisses! axBuilder,
- VCExpressionGenerator! gen) {
- base(eraser, axBuilder, gen);
+ public OpTypeEraserPremisses(TypeEraserPremisses eraser, TypeAxiomBuilderPremisses axBuilder, VCExpressionGenerator gen):base(eraser, axBuilder, gen){
+Contract.Requires(gen != null);
+Contract.Requires(axBuilder != null);
+Contract.Requires(eraser != null);
this.AxBuilderPremisses = axBuilder;
}
- private VCExpr! HandleFunctionOp(Function! newFun,
- List<Type!>! typeArgs,
- IEnumerable<VCExpr!>! oldArgs,
- VariableBindings! bindings) {
+ private VCExpr HandleFunctionOp(Function newFun, List<Type/*!*/>/*!*/ typeArgs/*!*/, IEnumerable<VCExpr/*!*/>/*!*/ oldArgs, VariableBindings bindings){
+Contract.Requires(bindings != null);
+Contract.Requires(newFun != null);
+Contract.Requires(cce.NonNullElements(typeArgs/*!*/));
+Contract.Requires(cce.NonNullElements(oldArgs));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// UGLY: the code for tracking polarities should be factored out
int oldPolarity = Eraser.Polarity;
Eraser.Polarity = 0;
- List<VCExpr!>! newArgs = new List<VCExpr!> (typeArgs.Count);
+ List<VCExpr/*!*/>/*!*/ newArgs = new List<VCExpr/*!*/> (typeArgs.Count);
// translate the explicit type arguments
- foreach (Type! t in typeArgs)
- newArgs.Add(AxBuilder.Type2Term(t, bindings.TypeVariableBindings));
+ foreach(Type/*!*/ t in typeArgs){
+Contract.Assert(t != null);
+ newArgs.Add(AxBuilder.Type2Term(t, bindings.TypeVariableBindings));}
// recursively translate the value arguments
- foreach (VCExpr! arg in oldArgs) {
- Type! newType = ((!)newFun.InParams[newArgs.Count]).TypedIdent.Type;
+ foreach(VCExpr/*!*/ arg in oldArgs){
+Contract.Assert(arg != null);
+Type/*!*/ newType = cce.NonNull(newFun.InParams[newArgs.Count]).TypedIdent.Type;
newArgs.Add(AxBuilder.Cast(Eraser.Mutate(arg, bindings), newType));
}
@@ -1022,56 +1239,70 @@ namespace Microsoft.Boogie.TypeErasure return Gen.Function(newFun, newArgs);
}
- public override VCExpr! VisitSelectOp (VCExprNAry! node,
- VariableBindings! bindings) {
- MapType! mapType = node[0].Type.AsMap;
- TypeSeq! instantiations; // not used
- Function! select =
+ public override VCExpr/*!*/ VisitSelectOp (VCExprNAry/*!*/ node,
+ VariableBindings/*!*/ bindings) {Contract.Requires(node != null);Contract.Requires(bindings != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ MapType/*!*/ mapType = node[0].Type.AsMap;
+ Contract.Assert(mapType != null);
+ TypeSeq/*!*/ instantiations; // not used
+ Function/*!*/ select =
AxBuilder.MapTypeAbstracter.Select(mapType, out instantiations);
+ Contract.Assert(select != null);
- List<int>! explicitTypeParams =
+ List<int>/*!*/ explicitTypeParams =
AxBuilderPremisses.MapTypeAbstracterPremisses
.ExplicitSelectTypeParams(mapType);
- assert select.InParams.Length == explicitTypeParams.Count + node.Arity;
+ Contract.Assert(select.InParams.Length == explicitTypeParams.Count + node.Arity);
- List<Type!>! typeArgs = new List<Type!> (explicitTypeParams.Count);
+ List<Type/*!*/>/*!*/ typeArgs = new List<Type/*!*/>(explicitTypeParams.Count);
foreach (int i in explicitTypeParams)
typeArgs.Add(node.TypeArguments[i]);
return HandleFunctionOp(select, typeArgs, node, bindings);
}
- public override VCExpr! VisitStoreOp (VCExprNAry! node,
- VariableBindings! bindings) {
- TypeSeq! instantiations; // not used
- Function! store =
+ public override VCExpr VisitStoreOp (VCExprNAry node, VariableBindings bindings){
+Contract.Requires(bindings != null);
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ TypeSeq/*!*/ instantiations; // not used
+ Function/*!*/ store =
AxBuilder.MapTypeAbstracter.Store(node[0].Type.AsMap, out instantiations);
+ Contract.Assert(store != null);
return HandleFunctionOp(store,
// the store function never has explicit
// type parameters
- new List<Type!> (),
+ new List<Type/*!*/>(),
node, bindings);
}
- public override VCExpr! VisitBoogieFunctionOp (VCExprNAry! node,
- VariableBindings! bindings) {
- Function! oriFun = ((VCExprBoogieFunctionOp)node.Op).Func;
+ public override VCExpr VisitBoogieFunctionOp (VCExprNAry node, VariableBindings bindings){
+Contract.Requires(bindings != null);
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ Function/*!*/ oriFun = ((VCExprBoogieFunctionOp)node.Op).Func;
+ Contract.Assert(oriFun != null);
UntypedFunction untypedFun = AxBuilderPremisses.Typed2Untyped(oriFun);
- assert untypedFun.Fun.InParams.Length ==
- untypedFun.ExplicitTypeParams.Count + node.Arity;
+ Contract.Assert( untypedFun.Fun.InParams.Length ==
+ untypedFun.ExplicitTypeParams.Count + node.Arity);
- List<Type!>! typeArgs =
+ List<Type/*!*/>/*!*/ typeArgs =
ExtractTypeArgs(node,
oriFun.TypeParameters, untypedFun.ExplicitTypeParams);
return HandleFunctionOp(untypedFun.Fun, typeArgs, node, bindings);
}
- private List<Type!>! ExtractTypeArgs(VCExprNAry! node,
- TypeVariableSeq! allTypeParams,
- List<TypeVariable!>! explicitTypeParams) {
- List<Type!>! res = new List<Type!> (explicitTypeParams.Count);
- foreach (TypeVariable! var in explicitTypeParams)
+ private List<Type/*!*/>/*!*/ ExtractTypeArgs(VCExprNAry node, TypeVariableSeq allTypeParams, List<TypeVariable/*!*/>/*!*/ explicitTypeParams){
+Contract.Requires(allTypeParams != null);
+Contract.Requires(node != null);
+Contract.Requires(cce.NonNullElements(explicitTypeParams));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<Type>>()));
+ List<Type/*!*/>/*!*/ res = new List<Type/*!*/> (explicitTypeParams.Count);
+ foreach (TypeVariable/*!*/ var in explicitTypeParams) {
+ Contract.Assert(var != null);
// this lookup could be optimised
res.Add(node.TypeArguments[allTypeParams.IndexOf(var)]);
+ }
return res;
}
}
diff --git a/Source/VCExpr/VCExpr.csproj b/Source/VCExpr/VCExpr.csproj index 53482aa5..841ed396 100644 --- a/Source/VCExpr/VCExpr.csproj +++ b/Source/VCExpr/VCExpr.csproj @@ -1,145 +1,116 @@ -<?xml version="1.0" encoding="utf-8"?>
-<VisualStudioProject>
- <XEN ProjectType="Local"
- SchemaVersion="1.0"
- Name="VCExpr"
- ProjectGuid="cf42b700-10aa-4da9-8992-48a800251c11"
- >
- <Build>
- <Settings ApplicationIcon=""
- AssemblyName="VCExpr"
- OutputType="Library"
- RootNamespace="VCExpr"
- StartupObject=""
- StandardLibraryLocation=""
- TargetPlatform="v2"
- TargetPlatformLocation=""
- >
- <Config Name="Debug"
- AllowUnsafeBlocks="False"
- BaseAddress="285212672"
- CheckForOverflowUnderflow="False"
- ConfigurationOverrideFile=""
- DefineConstants="DEBUG;TRACE"
- DocumentationFile=""
- DebugSymbols="True"
- FileAlignment="4096"
- IncrementalBuild="True"
- Optimize="False"
- OutputPath="bin\debug"
- RegisterForComInterop="False"
- RemoveIntegerChecks="false"
- TreatWarningsAsErrors="False"
- WarningLevel="4"
- CheckContractAdmissibility="True"
- CheckPurity="False"
- />
- <Config Name="Release"
- AllowUnsafeBlocks="false"
- BaseAddress="285212672"
- CheckForOverflowUnderflow="false"
- ConfigurationOverrideFile=""
- DefineConstants="TRACE"
- DocumentationFile=""
- DebugSymbols="false"
- FileAlignment="4096"
- IncrementalBuild="false"
- Optimize="true"
- OutputPath="bin\release"
- RegisterForComInterop="false"
- RemoveIntegerChecks="false"
- TreatWarningsAsErrors="false"
- WarningLevel="4"
- CheckContractAdmissibility="True"
- CheckPurity="False"
- />
- </Settings>
- <References>
- <Reference Name="System"
- AssemblyName="System"
- Private="false"
- />
- <Reference Name="System.Data"
- AssemblyName="System.Data"
- Private="false"
- />
- <Reference Name="System.Xml"
- AssemblyName="System.Xml"
- Private="false"
- />
- <Reference Name="Core"
- Project="{47BC34F1-A173-40BE-84C2-9332B4418387}"
- Private="true"
- />
- <Reference Name="Basetypes"
- Project="{0C692837-77EC-415F-BF04-395E3ED06E9A}"
- Private="true"
- />
- </References>
- </Build>
- <Files>
- <Include>
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="VCExprAST.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="VCExprASTVisitors.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="Boogie2VCExpr.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="VCExprASTPrinter.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="SimplifyLikeLineariser.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="TypeErasure.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="NameClashResolver.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="LetBindingSorter.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="TypeErasurePremisses.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="TypeErasureArguments.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="TermFormulaFlattening.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="Clustering.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="BigLiteralAbstracter.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="..\version.ssc"
- />
- <File BuildAction="Compile"
- SubType="Code"
- RelPath="AssemblyInfo.ssc"
- />
- </Include>
- </Files>
- </XEN>
-</VisualStudioProject>
\ No newline at end of file +<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <PropertyGroup>
+ <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+ <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+ <ProductVersion>9.0.30729</ProductVersion>
+ <SchemaVersion>2.0</SchemaVersion>
+ <ProjectGuid>{56FFDBCA-7D14-43B8-A6CA-22A20E417EE1}</ProjectGuid>
+ <OutputType>Library</OutputType>
+ <AppDesignerFolder>Properties</AppDesignerFolder>
+ <RootNamespace>VCExpr</RootNamespace>
+ <AssemblyName>VCExpr</AssemblyName>
+ <TargetFrameworkVersion>v3.5</TargetFrameworkVersion>
+ <FileAlignment>512</FileAlignment>
+ <CodeContractsAssemblyMode>0</CodeContractsAssemblyMode>
+ <SignAssembly>true</SignAssembly>
+ <AssemblyOriginatorKeyFile>..\InterimKey.snk</AssemblyOriginatorKeyFile>
+ </PropertyGroup>
+ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+ <DebugSymbols>true</DebugSymbols>
+ <DebugType>full</DebugType>
+ <Optimize>false</Optimize>
+ <OutputPath>bin\Debug\</OutputPath>
+ <DefineConstants>DEBUG;TRACE</DefineConstants>
+ <ErrorReport>prompt</ErrorReport>
+ <WarningLevel>4</WarningLevel>
+ <CodeContractsEnableRuntimeChecking>False</CodeContractsEnableRuntimeChecking>
+ <CodeContractsRuntimeOnlyPublicSurface>False</CodeContractsRuntimeOnlyPublicSurface>
+ <CodeContractsRuntimeThrowOnFailure>True</CodeContractsRuntimeThrowOnFailure>
+ <CodeContractsRuntimeCallSiteRequires>False</CodeContractsRuntimeCallSiteRequires>
+ <CodeContractsRunCodeAnalysis>False</CodeContractsRunCodeAnalysis>
+ <CodeContractsNonNullObligations>False</CodeContractsNonNullObligations>
+ <CodeContractsBoundsObligations>False</CodeContractsBoundsObligations>
+ <CodeContractsArithmeticObligations>False</CodeContractsArithmeticObligations>
+ <CodeContractsPointerObligations>False</CodeContractsPointerObligations>
+ <CodeContractsContainerAnalysis>False</CodeContractsContainerAnalysis>
+ <CodeContractsRedundantAssumptions>False</CodeContractsRedundantAssumptions>
+ <CodeContractsRunInBackground>True</CodeContractsRunInBackground>
+ <CodeContractsShowSquigglies>False</CodeContractsShowSquigglies>
+ <CodeContractsUseBaseLine>False</CodeContractsUseBaseLine>
+ <CodeContractsEmitXMLDocs>False</CodeContractsEmitXMLDocs>
+ <CodeContractsCustomRewriterAssembly>
+ </CodeContractsCustomRewriterAssembly>
+ <CodeContractsCustomRewriterClass>
+ </CodeContractsCustomRewriterClass>
+ <CodeContractsLibPaths>
+ </CodeContractsLibPaths>
+ <CodeContractsExtraRewriteOptions>
+ </CodeContractsExtraRewriteOptions>
+ <CodeContractsExtraAnalysisOptions>
+ </CodeContractsExtraAnalysisOptions>
+ <CodeContractsBaseLineFile>
+ </CodeContractsBaseLineFile>
+ <CodeContractsRuntimeCheckingLevel>Full</CodeContractsRuntimeCheckingLevel>
+ <CodeContractsReferenceAssembly>%28none%29</CodeContractsReferenceAssembly>
+ </PropertyGroup>
+ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+ <DebugType>pdbonly</DebugType>
+ <Optimize>true</Optimize>
+ <OutputPath>bin\Release\</OutputPath>
+ <DefineConstants>TRACE</DefineConstants>
+ <ErrorReport>prompt</ErrorReport>
+ <WarningLevel>4</WarningLevel>
+ </PropertyGroup>
+ <ItemGroup>
+ <Reference Include="Microsoft.Contracts, Version=1.0.0.0, Culture=neutral, PublicKeyToken=736440c9b414ea16, processorArchitecture=MSIL" />
+ <Reference Include="System" />
+ <Reference Include="System.Compiler.Runtime, Version=1.0.21126.0, Culture=neutral, PublicKeyToken=736440c9b414ea16, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\Binaries\System.Compiler.Runtime.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Data" />
+ <Reference Include="System.Xml" />
+ </ItemGroup>
+ <ItemGroup>
+ <Compile Include="BigLiteralAbstracter.cs" />
+ <Compile Include="Boogie2VCExpr.cs" />
+ <Compile Include="cce.cs" />
+ <Compile Include="Clustering.cs" />
+ <Compile Include="LetBindingSorter.cs" />
+ <Compile Include="NameClashResolver.cs" />
+ <Compile Include="SimplifyLikeLineariser.cs" />
+ <Compile Include="TermFormulaFlattening.cs" />
+ <Compile Include="TypeErasure.cs" />
+ <Compile Include="TypeErasureArguments.cs" />
+ <Compile Include="TypeErasurePremisses.cs" />
+ <Compile Include="VCExprAST.cs" />
+ <Compile Include="VCExprASTPrinter.cs" />
+ <Compile Include="VCExprASTVisitors.cs" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="..\AIFramework\AIFramework.sscproj">
+ <Project>{24B55172-AD8B-47D1-8952-5A95CFDB9B31}</Project>
+ <Name>AIFramework</Name>
+ </ProjectReference>
+ <ProjectReference Include="..\Basetypes\Basetypes.sscproj">
+ <Project>{0C692837-77EC-415F-BF04-395E3ED06E9A}</Project>
+ <Name>Basetypes</Name>
+ </ProjectReference>
+ <ProjectReference Include="..\Core\Core.sscproj">
+ <Project>{47BC34F1-A173-40BE-84C2-9332B4418387}</Project>
+ <Name>Core</Name>
+ </ProjectReference>
+ </ItemGroup>
+ <ItemGroup>
+ <Folder Include="Properties\" />
+ </ItemGroup>
+ <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+ <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
+ Other similar extension points exist, see Microsoft.Common.targets.
+ <Target Name="BeforeBuild">
+ </Target>
+ <Target Name="AfterBuild">
+ </Target>
+ -->
+</Project>
\ No newline at end of file diff --git a/Source/VCExpr/VCExprAST.cs b/Source/VCExpr/VCExprAST.cs index 7e5b31f1..40fadfac 100644 --- a/Source/VCExpr/VCExprAST.cs +++ b/Source/VCExpr/VCExprAST.cs @@ -8,145 +8,199 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// Prover-independent syntax trees for representing verification conditions
// The language can be seen as a simple polymorphically typed first-order logic,
// very similar to the expression language of Boogie
-namespace Microsoft.Boogie
-{
+namespace Microsoft.Boogie {
using Microsoft.Boogie.VCExprAST;
- public class VCExpressionGenerator
- {
- public static readonly VCExpr! False = new VCExprLiteral (Type.Bool);
- public static readonly VCExpr! True = new VCExprLiteral (Type.Bool);
+ public class VCExpressionGenerator {
+ public static readonly VCExpr False = new VCExprLiteral(Type.Bool);
+ public static readonly VCExpr True = new VCExprLiteral(Type.Bool);
private Function ControlFlowFunction = null;
- public VCExpr! ControlFlowFunctionApplication(VCExpr! e1, VCExpr! e2)
- {
+ public VCExpr ControlFlowFunctionApplication(VCExpr e1, VCExpr e2) {
+ Contract.Requires(e1 != null);
+ Contract.Requires(e2 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
if (ControlFlowFunction == null) {
- Formal! first = new Formal(Token.NoToken, new TypedIdent(Token.NoToken, "", Microsoft.Boogie.Type.Int), true);
- Formal! second = new Formal(Token.NoToken, new TypedIdent(Token.NoToken, "", Microsoft.Boogie.Type.Int), true);
- VariableSeq! inputs = new VariableSeq();
+ Formal/*!*/ first = new Formal(Token.NoToken, new TypedIdent(Token.NoToken, "", Microsoft.Boogie.Type.Int), true);
+ Formal/*!*/ second = new Formal(Token.NoToken, new TypedIdent(Token.NoToken, "", Microsoft.Boogie.Type.Int), true);
+ VariableSeq inputs = new VariableSeq();
inputs.Add(first);
inputs.Add(second);
- Formal! returnVar = new Formal(Token.NoToken, new TypedIdent(Token.NoToken, "", Microsoft.Boogie.Type.Int), false);
+ Formal/*!*/ returnVar = new Formal(Token.NoToken, new TypedIdent(Token.NoToken, "", Microsoft.Boogie.Type.Int), false);
ControlFlowFunction = new Function(Token.NoToken, "ControlFlow", inputs, returnVar);
}
- List<VCExpr!> args = new List<VCExpr!>();
+ List<VCExpr/*!*/> args = new List<VCExpr/*!*/>();
args.Add(e1);
args.Add(e2);
return Function(BoogieFunctionOp(ControlFlowFunction), args);
}
-
- public VCExpr! Integer(BigNum x) {
+
+ public VCExpr/*!*/ Integer(BigNum x) {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return new VCExprIntLit(x);
}
- public VCExpr! Function(VCExprOp! op,
- List<VCExpr!>! arguments,
- List<Type!>! typeArguments) {
+ public VCExpr/*!*/ Function(VCExprOp/*!*/ op,
+ List<VCExpr/*!*/>/*!*/ arguments,
+ List<Type/*!*/>/*!*/ typeArguments) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Requires(cce.NonNullElements(typeArguments));
if (typeArguments.Count > 0)
return new VCExprMultiAry(op, arguments, typeArguments);
switch (arguments.Count) {
- case 0: return new VCExprNullary(op);
- case 1: return new VCExprUnary(op, arguments);
- case 2: return new VCExprBinary(op, arguments);
- default: return new VCExprMultiAry(op, arguments);
+ case 0:
+ return new VCExprNullary(op);
+ case 1:
+ return new VCExprUnary(op, arguments);
+ case 2:
+ return new VCExprBinary(op, arguments);
+ default:
+ return new VCExprMultiAry(op, arguments);
}
}
- public VCExpr! Function(VCExprOp! op, List<VCExpr!>! arguments) {
+ public VCExpr/*!*/ Function(VCExprOp/*!*/ op, List<VCExpr/*!*/>/*!*/ arguments) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return Function(op, arguments, VCExprNAry.EMPTY_TYPE_LIST);
}
- public VCExpr! Function(VCExprOp! op, params VCExpr[]! arguments)
- requires forall{int i in (0:arguments.Length); arguments[i] != null};
- {
+ public VCExpr/*!*/ Function(VCExprOp/*!*/ op, params VCExpr[]/*!*/ arguments) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+
return Function(op,
HelperFuns.ToNonNullList(arguments),
VCExprNAry.EMPTY_TYPE_LIST);
}
- public VCExpr! Function(VCExprOp! op, VCExpr[]! arguments, Type[]! typeArguments)
- requires forall{int i in (0:arguments.Length); arguments[i] != null};
- requires forall{int i in (0:typeArguments.Length); typeArguments[i] != null};
- {
+ public VCExpr/*!*/ Function(VCExprOp/*!*/ op, VCExpr[]/*!*/ arguments, Type[]/*!*/ typeArguments) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Requires(cce.NonNullElements(typeArguments));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+
return Function(op,
HelperFuns.ToNonNullList(arguments),
HelperFuns.ToNonNullList(typeArguments));
}
- public VCExpr! Function(Function! op, List<VCExpr!>! arguments) {
+ public VCExpr/*!*/ Function(Function/*!*/ op, List<VCExpr/*!*/>/*!*/ arguments) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return Function(BoogieFunctionOp(op), arguments, VCExprNAry.EMPTY_TYPE_LIST);
}
- public VCExpr! Function(Function! op, params VCExpr[]! arguments)
- requires forall{int i in (0:arguments.Length); arguments[i] != null};
- {
+ public VCExpr/*!*/ Function(Function/*!*/ op, params VCExpr[]/*!*/ arguments) {
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Requires(op != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return Function(BoogieFunctionOp(op), arguments);
}
// The following method should really be called "ReduceLeft". It must
// only be used for the binary operators "and" and "or"
- public VCExpr! NAry(VCExprOp! op, List<VCExpr!>! args) {
+ public VCExpr/*!*/ NAry(VCExprOp/*!*/ op, List<VCExpr/*!*/>/*!*/ args) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return NAry(op, args.ToArray());
}
- public VCExpr! NAry(VCExprOp! op, params VCExpr[]! args)
- requires forall{int i in (0:args.Length); args[i] != null};
- requires op == AndOp || op == OrOp; {
+ public VCExpr/*!*/ NAry(VCExprOp/*!*/ op, params VCExpr[]/*!*/ args) {
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Requires(op == AndOp || op == OrOp);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
bool and = (op == AndOp);
- VCExpr! e = and ? True : False;
+ VCExpr/*!*/ e = and ? True : False;
foreach (VCExpr a in args) {
- e = and ? AndSimp(e, (!)a) : OrSimp(e, (!)a);
+ e = and ? AndSimp(e, cce.NonNull(a)) : OrSimp(e, cce.NonNull(a));
}
return e;
- }
+ }
////////////////////////////////////////////////////////////////////////////////
- public static readonly VCExprOp! NotOp = new VCExprNAryOp (1, Type.Bool);
- public static readonly VCExprOp! EqOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! NeqOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! AndOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! OrOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! ImpliesOp = new VCExprNAryOp (2, Type.Bool);
+ public static readonly VCExprOp NotOp = new VCExprNAryOp(1, Type.Bool);
+ public static readonly VCExprOp EqOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp NeqOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp AndOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp OrOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp ImpliesOp = new VCExprNAryOp(2, Type.Bool);
- public VCExprDistinctOp! DistinctOp(int arity) {
- return new VCExprDistinctOp (arity);
+ public VCExprDistinctOp DistinctOp(int arity) {
+ Contract.Ensures(Contract.Result<VCExprDistinctOp>() != null);
+
+ return new VCExprDistinctOp(arity);
}
- public VCExpr! Not(List<VCExpr!>! args)
- requires args.Count == 1; {
+ public VCExpr/*!*/ Not(List<VCExpr/*!*/>/*!*/ args) {
+ Contract.Requires(args != null);
+ Contract.Requires(args.Count == 1);
+ Contract.Requires(args[0] != null);
return Function(NotOp, args);
}
- public VCExpr! Not(VCExpr! e0) {
+ public VCExpr/*!*/ Not(VCExpr/*!*/ e0) {
+ Contract.Requires(e0 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return Function(NotOp, e0);
}
- public VCExpr! Eq(VCExpr! e0, VCExpr! e1) {
+ public VCExpr/*!*/ Eq(VCExpr/*!*/ e0, VCExpr/*!*/ e1) {
return Function(EqOp, e0, e1);
}
- public VCExpr! Neq(VCExpr! e0, VCExpr! e1) {
+ public VCExpr/*!*/ Neq(VCExpr/*!*/ e0, VCExpr/*!*/ e1) {
+ Contract.Requires(e0 != null);
+ Contract.Requires(e1 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
return Function(NeqOp, e0, e1);
}
- public VCExpr! And(VCExpr! e0, VCExpr! e1) {
+ public VCExpr/*!*/ And(VCExpr/*!*/ e0, VCExpr/*!*/ e1) {
+ Contract.Requires(e0 != null);
+ Contract.Requires(e1 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(AndOp, e0, e1);
}
- public VCExpr! Or(VCExpr! e0, VCExpr! e1) {
+ public VCExpr/*!*/ Or(VCExpr/*!*/ e0, VCExpr/*!*/ e1) {
+ Contract.Requires(e0 != null);
+ Contract.Requires(e1 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(OrOp, e0, e1);
}
- public VCExpr! Implies(VCExpr! e0, VCExpr! e1) {
+ public VCExpr/*!*/ Implies(VCExpr/*!*/ e0, VCExpr/*!*/ e1) {
+ Contract.Requires(e0 != null);
+ Contract.Requires(e1 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(ImpliesOp, e0, e1);
}
- public VCExpr! Distinct(List<VCExpr!>! args) {
+ public VCExpr/*!*/ Distinct(List<VCExpr/*!*/>/*!*/ args) {
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
if (args.Count <= 1)
// trivial case
return True;
@@ -157,14 +211,19 @@ namespace Microsoft.Boogie // Versions of the propositional operators that automatically simplify in
// certain cases (for example, if one of the operators is True or False)
- public VCExpr! NotSimp(VCExpr! e0) {
+ public VCExpr NotSimp(VCExpr e0) {
+ Contract.Requires(e0 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (e0.Equals(True))
return False;
if (e0.Equals(False))
return True;
return Not(e0);
}
- public VCExpr! AndSimp(VCExpr! e0, VCExpr! e1) {
+ public VCExpr AndSimp(VCExpr e0, VCExpr e1) {
+ Contract.Requires(e1 != null);
+ Contract.Requires(e0 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (e0.Equals(True))
return e1;
if (e1.Equals(True))
@@ -173,7 +232,10 @@ namespace Microsoft.Boogie return False;
return And(e0, e1);
}
- public VCExpr! OrSimp(VCExpr! e0, VCExpr! e1) {
+ public VCExpr OrSimp(VCExpr e0, VCExpr e1) {
+ Contract.Requires(e1 != null);
+ Contract.Requires(e0 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (e0.Equals(False))
return e1;
if (e1.Equals(False))
@@ -182,7 +244,10 @@ namespace Microsoft.Boogie return True;
return Or(e0, e1);
}
- public VCExpr! ImpliesSimp(VCExpr! e0, VCExpr! e1) {
+ public VCExpr ImpliesSimp(VCExpr e0, VCExpr e1) {
+ Contract.Requires(e1 != null);
+ Contract.Requires(e0 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (e0.Equals(True))
return e1;
if (e1.Equals(False))
@@ -204,13 +269,14 @@ namespace Microsoft.Boogie }
return Implies(e0, e1);
}
-
+
///<summary>
/// Returns some measure of the number of conjuncts in e. This could be the total number of conjuncts in all
/// top-most layers of the expression, or it can simply be the length of the left-prong of this and-tree. The
/// important thing is that: AndSize(e0) >= AndSize(31) ==> AndSize(And(e0,e1)) > AndSize(e0).
///</summary>
- int AndSize(VCExpr! e) {
+ int AndSize(VCExpr e) {
+ Contract.Requires(e != null);
int n = 1;
while (true) {
VCExprNAry nary = e as VCExprNAry;
@@ -226,42 +292,54 @@ namespace Microsoft.Boogie ////////////////////////////////////////////////////////////////////////////////
// Further operators
- public static readonly VCExprOp! AddOp = new VCExprNAryOp (2, Type.Int);
- public static readonly VCExprOp! SubOp = new VCExprNAryOp (2, Type.Int);
- public static readonly VCExprOp! MulOp = new VCExprNAryOp (2, Type.Int);
- public static readonly VCExprOp! DivOp = new VCExprNAryOp (2, Type.Int);
- public static readonly VCExprOp! ModOp = new VCExprNAryOp (2, Type.Int);
- public static readonly VCExprOp! LtOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! LeOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! GtOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! GeOp = new VCExprNAryOp (2, Type.Bool);
- public static readonly VCExprOp! SubtypeOp = new VCExprNAryOp (2, Type.Bool);
+ public static readonly VCExprOp AddOp = new VCExprNAryOp(2, Type.Int);
+ public static readonly VCExprOp SubOp = new VCExprNAryOp(2, Type.Int);
+ public static readonly VCExprOp MulOp = new VCExprNAryOp(2, Type.Int);
+ public static readonly VCExprOp DivOp = new VCExprNAryOp(2, Type.Int);
+ public static readonly VCExprOp ModOp = new VCExprNAryOp(2, Type.Int);
+ public static readonly VCExprOp LtOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp LeOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp GtOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp GeOp = new VCExprNAryOp(2, Type.Bool);
+ public static readonly VCExprOp SubtypeOp = new VCExprNAryOp(2, Type.Bool);
// ternary version of the subtype operator, the first argument of which gives
// the type of the compared terms
- public static readonly VCExprOp! Subtype3Op = new VCExprNAryOp (3, Type.Bool);
- public static readonly VCExprOp! IfThenElseOp = new VCExprIfThenElseOp();
-
- public static readonly VCExprOp! TickleBoolOp = new VCExprCustomOp("tickleBool", 1, Type.Bool);
+ public static readonly VCExprOp Subtype3Op = new VCExprNAryOp(3, Type.Bool);
+ public static readonly VCExprOp IfThenElseOp = new VCExprIfThenElseOp();
+
+ public static readonly VCExprOp TickleBoolOp = new VCExprCustomOp("tickleBool", 1, Type.Bool);
- public VCExprOp! BoogieFunctionOp(Function! func) {
+ public VCExprOp BoogieFunctionOp(Function func) {
+ Contract.Requires(func != null);
+ Contract.Ensures(Contract.Result<VCExprOp>() != null);
return new VCExprBoogieFunctionOp(func);
}
// Bitvector nodes
- public VCExpr! Bitvector(BvConst! bv) {
+ public VCExpr Bitvector(BvConst bv) {
+ Contract.Requires(bv != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprBvOp(bv.Bits), Integer(bv.Value));
}
- public VCExpr! BvExtract(VCExpr! bv, int bits, int start, int end) {
+ public VCExpr BvExtract(VCExpr bv, int bits, int start, int end) {
+ Contract.Requires(bv != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprBvExtractOp(start, end, bits), bv);
}
- public VCExpr! BvConcat(VCExpr! bv1, VCExpr! bv2) {
+ public VCExpr BvConcat(VCExpr bv1, VCExpr bv2) {
+ Contract.Requires(bv2 != null);
+ Contract.Requires(bv1 != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprBvConcatOp(bv1.Type.BvBits, bv2.Type.BvBits), bv1, bv2);
}
- public VCExpr! AtMost(VCExpr! smaller, VCExpr! greater) {
+ public VCExpr AtMost(VCExpr smaller, VCExpr greater) {
+ Contract.Requires(greater != null);
+ Contract.Requires(smaller != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(SubtypeOp, smaller, greater);
}
@@ -270,31 +348,52 @@ namespace Microsoft.Boogie // Dispatcher for the visitor
// the declared singleton operators
- internal enum SingletonOp { NotOp, EqOp, NeqOp, AndOp, OrOp, ImpliesOp,
- AddOp, SubOp, MulOp,
- DivOp, ModOp, LtOp, LeOp, GtOp, GeOp, SubtypeOp,
- Subtype3Op, BvConcatOp };
- internal static Dictionary<VCExprOp!, SingletonOp>! SingletonOpDict;
+ internal enum SingletonOp {
+ NotOp,
+ EqOp,
+ NeqOp,
+ AndOp,
+ OrOp,
+ ImpliesOp,
+ AddOp,
+ SubOp,
+ MulOp,
+ DivOp,
+ ModOp,
+ LtOp,
+ LeOp,
+ GtOp,
+ GeOp,
+ SubtypeOp,
+ Subtype3Op,
+ BvConcatOp
+ };
+ internal static Dictionary<VCExprOp/*!*/, SingletonOp>/*!*/ SingletonOpDict;
+ [ContractInvariantMethod]
+ void MiscInvariant() {
+ Contract.Invariant(cce.NonNullElements(SingletonOpDict));
+ }
+
static VCExpressionGenerator() {
- SingletonOpDict = new Dictionary<VCExprOp!, SingletonOp> ();
- SingletonOpDict.Add(NotOp, SingletonOp.NotOp);
- SingletonOpDict.Add(EqOp, SingletonOp.EqOp);
- SingletonOpDict.Add(NeqOp, SingletonOp.NeqOp);
- SingletonOpDict.Add(AndOp, SingletonOp.AndOp);
- SingletonOpDict.Add(OrOp, SingletonOp.OrOp);
+ SingletonOpDict = new Dictionary<VCExprOp/*!*/, SingletonOp>();
+ SingletonOpDict.Add(NotOp, SingletonOp.NotOp);
+ SingletonOpDict.Add(EqOp, SingletonOp.EqOp);
+ SingletonOpDict.Add(NeqOp, SingletonOp.NeqOp);
+ SingletonOpDict.Add(AndOp, SingletonOp.AndOp);
+ SingletonOpDict.Add(OrOp, SingletonOp.OrOp);
SingletonOpDict.Add(ImpliesOp, SingletonOp.ImpliesOp);
- SingletonOpDict.Add(AddOp, SingletonOp.AddOp);
- SingletonOpDict.Add(SubOp, SingletonOp.SubOp);
- SingletonOpDict.Add(MulOp, SingletonOp.MulOp);
- SingletonOpDict.Add(DivOp, SingletonOp.DivOp);
- SingletonOpDict.Add(ModOp, SingletonOp.ModOp);
- SingletonOpDict.Add(LtOp, SingletonOp.LtOp);
- SingletonOpDict.Add(LeOp, SingletonOp.LeOp);
- SingletonOpDict.Add(GtOp, SingletonOp.GtOp);
- SingletonOpDict.Add(GeOp, SingletonOp.GeOp);
+ SingletonOpDict.Add(AddOp, SingletonOp.AddOp);
+ SingletonOpDict.Add(SubOp, SingletonOp.SubOp);
+ SingletonOpDict.Add(MulOp, SingletonOp.MulOp);
+ SingletonOpDict.Add(DivOp, SingletonOp.DivOp);
+ SingletonOpDict.Add(ModOp, SingletonOp.ModOp);
+ SingletonOpDict.Add(LtOp, SingletonOp.LtOp);
+ SingletonOpDict.Add(LeOp, SingletonOp.LeOp);
+ SingletonOpDict.Add(GtOp, SingletonOp.GtOp);
+ SingletonOpDict.Add(GeOp, SingletonOp.GeOp);
SingletonOpDict.Add(SubtypeOp, SingletonOp.SubtypeOp);
- SingletonOpDict.Add(Subtype3Op,SingletonOp.Subtype3Op);
+ SingletonOpDict.Add(Subtype3Op, SingletonOp.Subtype3Op);
}
////////////////////////////////////////////////////////////////////////////////
@@ -302,25 +401,32 @@ namespace Microsoft.Boogie // Let-bindings
- public VCExprLetBinding! LetBinding(VCExprVar! v, VCExpr! e) {
+ public VCExprLetBinding LetBinding(VCExprVar v, VCExpr e) {
+ Contract.Requires(e != null);
+ Contract.Requires(v != null);
+ Contract.Ensures(Contract.Result<VCExprLetBinding>() != null);
return new VCExprLetBinding(v, e);
}
-
+
// A "real" let expression. All let-bindings happen simultaneously, i.e.,
// at this level the order of the bindings does not matter. It is possible to
// create expressions like "let x = y, y = 5 in ...". All bound variables are
// bound in all bound terms/formulas and can occur there, but the dependencies
// have to be acyclic
- public VCExpr! Let(List<VCExprLetBinding!>! bindings, VCExpr! body) {
+ public VCExpr Let(List<VCExprLetBinding> bindings, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(cce.NonNullElements(bindings));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (bindings.Count == 0)
// no empty let-bindings
return body;
return new VCExprLet(bindings, body);
}
- public VCExpr! Let(VCExpr! body, params VCExprLetBinding[]! bindings)
- requires forall{int i in (0:bindings.Length); bindings[i] != null};
- {
+ public VCExpr Let(VCExpr body, params VCExprLetBinding[] bindings) {
+ Contract.Requires(body != null);
+ Contract.Requires((cce.NonNullElements(bindings)));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Let(HelperFuns.ToNonNullList(bindings), body);
}
@@ -338,8 +444,10 @@ namespace Microsoft.Boogie // Turn let-bindings let v = E in ... into implications E ==> v
- public VCExpr! AsImplications(List<VCExprLetBinding!>! bindings) {
- VCExpr! antecedents = True;
+ public VCExpr AsImplications(List<VCExprLetBinding> bindings) {
+ Contract.Requires(cce.NonNullElements(bindings));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr/*!*/ antecedents = True;
foreach (VCExprLetBinding b in bindings)
// turn "LET_binding v = E" into "v <== E"
antecedents = AndSimp(antecedents, Implies(b.E, b.V));
@@ -347,8 +455,10 @@ namespace Microsoft.Boogie }
// Turn let-bindings let v = E in ... into equations v == E
- public VCExpr! AsEquations(List<VCExprLetBinding!>! bindings) {
- VCExpr! antecedents = True;
+ public VCExpr AsEquations(List<VCExprLetBinding> bindings) {
+ Contract.Requires(cce.NonNullElements(bindings));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr/*!*/ antecedents = True;
foreach (VCExprLetBinding b in bindings)
// turn "LET_binding v = E" into "v <== E"
antecedents = AndSimp(antecedents, Eq(b.E, b.V));
@@ -359,50 +469,58 @@ namespace Microsoft.Boogie // Maps
- public VCExpr! Select(params VCExpr[]! allArgs)
- requires forall{int i in (0:allArgs.Length); allArgs[i] != null};
- {
+ public VCExpr Select(params VCExpr[] allArgs) {
+ Contract.Requires(allArgs != null);
+ Contract.Requires((cce.NonNullElements(allArgs)));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprSelectOp(allArgs.Length - 1, 0),
HelperFuns.ToNonNullList(allArgs),
VCExprNAry.EMPTY_TYPE_LIST);
}
- public VCExpr! Select(VCExpr[]! allArgs, Type[]! typeArgs)
- requires 1 <= allArgs.Length;
- requires forall{int i in (0:allArgs.Length); allArgs[i] != null};
- requires forall{int i in (0:typeArgs.Length); typeArgs[i] != null};
- {
+ public VCExpr Select(VCExpr[] allArgs, Type[] typeArgs) {
+ Contract.Requires(1 <= allArgs.Length);
+ Contract.Requires(cce.NonNullElements(allArgs));
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprSelectOp(allArgs.Length - 1, typeArgs.Length),
allArgs, typeArgs);
}
- public VCExpr! Select(List<VCExpr!>! allArgs, List<Type!>! typeArgs)
- requires 1 <= allArgs.Count;
- {
+ public VCExpr Select(List<VCExpr> allArgs, List<Type> typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(allArgs));
+ Contract.Requires((1 <= allArgs.Count));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprSelectOp(allArgs.Count - 1, typeArgs.Count),
allArgs, typeArgs);
}
- public VCExpr! Store(params VCExpr[]! allArgs)
- requires forall{int i in (0:allArgs.Length); allArgs[i] != null};
- {
+ public VCExpr Store(params VCExpr[] allArgs) {
+ Contract.Requires(allArgs != null);
+ Contract.Requires(cce.NonNullElements(allArgs));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprStoreOp(allArgs.Length - 2, 0),
HelperFuns.ToNonNullList(allArgs),
VCExprNAry.EMPTY_TYPE_LIST);
}
- public VCExpr! Store(VCExpr[]! allArgs, Type[]! typeArgs)
- requires 2 <= allArgs.Length;
- requires forall{int i in (0:allArgs.Length); allArgs[i] != null};
- requires forall{int i in (0:typeArgs.Length); typeArgs[i] != null};
- {
+ public VCExpr Store(VCExpr[] allArgs, Type[] typeArgs) {
+ Contract.Requires(typeArgs != null);
+ Contract.Requires(allArgs != null);
+ Contract.Requires((2 <= allArgs.Length));
+ Contract.Requires(cce.NonNullElements(allArgs));
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprStoreOp(allArgs.Length - 2, typeArgs.Length),
allArgs, typeArgs);
}
- public VCExpr! Store(List<VCExpr!>! allArgs, List<Type!>! typeArgs)
- requires 2 <= allArgs.Count;
- {
+ public VCExpr Store(List<VCExpr> allArgs, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(allArgs));
+ Contract.Requires((2 <= allArgs.Count));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(new VCExprStoreOp(allArgs.Count - 2, typeArgs.Count),
allArgs, typeArgs);
}
@@ -410,96 +528,132 @@ namespace Microsoft.Boogie // Labels
- public VCExprLabelOp! LabelOp(bool pos, string! l) {
+ public VCExprLabelOp LabelOp(bool pos, string l) {
+ Contract.Requires(l != null);
+ Contract.Ensures(Contract.Result<VCExprLabelOp>() != null);
return new VCExprLabelOp(pos, l);
}
- public VCExpr! LabelNeg(string! label, VCExpr! e) {
+ public VCExpr LabelNeg(string label, VCExpr e) {
+ Contract.Requires(e != null);
+ Contract.Requires(label != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
if (e.Equals(True)) {
return e; // don't bother putting negative labels around True (which will expose the True to further peephole optimizations)
}
return Function(LabelOp(false, label), e);
}
- public VCExpr! LabelPos(string! label, VCExpr! e) {
+ public VCExpr LabelPos(string label, VCExpr e) {
+ Contract.Requires(e != null);
+ Contract.Requires(label != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Function(LabelOp(true, label), e);
}
// Quantifiers
- public VCExpr! Quantify(Quantifier quan,
- List<TypeVariable!>! typeParams, List<VCExprVar!>! vars,
- List<VCTrigger!>! triggers, VCQuantifierInfos! infos,
- VCExpr! body) {
+ public VCExpr Quantify(Quantifier quan, List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ vars, List<VCTrigger/*!*/>/*!*/ triggers, VCQuantifierInfos infos, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(infos != null);
+ Contract.Requires(cce.NonNullElements(triggers));
+ Contract.Requires(cce.NonNullElements(vars));
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return new VCExprQuantifier(quan, typeParams, vars, triggers, infos, body);
}
- public VCExpr! Forall(List<TypeVariable!>! typeParams, List<VCExprVar!>! vars,
- List<VCTrigger!>! triggers, VCQuantifierInfos! infos,
- VCExpr! body) {
+ public VCExpr Forall(List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ vars, List<VCTrigger/*!*/>/*!*/ triggers, VCQuantifierInfos infos, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(infos != null);
+ Contract.Requires(cce.NonNullElements(triggers));
+ Contract.Requires(cce.NonNullElements(vars));
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Quantify(Quantifier.ALL, typeParams, vars, triggers, infos, body);
}
- public VCExpr! Forall(List<VCExprVar!>! vars,
- List<VCTrigger!>! triggers,
- string! qid, VCExpr! body) {
- return Quantify(Quantifier.ALL, new List<TypeVariable!> (), vars,
+ public VCExpr Forall(List<VCExprVar/*!*/>/*!*/ vars, List<VCTrigger/*!*/>/*!*/ triggers, string qid, VCExpr body){
+Contract.Requires(body != null);Contract.Requires(qid != null);Contract.Requires(cce.NonNullElements(triggers));Contract.Requires(cce.NonNullElements(vars));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+return Quantify(Quantifier.ALL, new List<TypeVariable/*!*/>(), vars,
triggers, new VCQuantifierInfos (qid, -1, false, null), body);
}
- public VCExpr! Forall(List<VCExprVar!>! vars,
- List<VCTrigger!>! triggers,
- VCExpr! body) {
- return Quantify(Quantifier.ALL, new List<TypeVariable!> (), vars,
+ public VCExpr Forall(List<VCExprVar/*!*/>/*!*/ vars, List<VCTrigger/*!*/>/*!*/ triggers, VCExpr body){
+Contract.Requires(body != null);Contract.Requires(cce.NonNullElements(triggers));Contract.Requires(cce.NonNullElements(vars));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+return Quantify(Quantifier.ALL, new List<TypeVariable/*!*/>(), vars,
triggers, new VCQuantifierInfos (null, -1, false, null), body);
}
- public VCExpr! Forall(VCExprVar! var, VCTrigger! trigger, VCExpr! body) {
+ public VCExpr Forall(VCExprVar var, VCTrigger trigger, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(trigger != null);
+ Contract.Requires(var != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Forall(HelperFuns.ToNonNullList(var), HelperFuns.ToNonNullList(trigger), body);
}
- public VCExpr! Exists(List<TypeVariable!>! typeParams, List<VCExprVar!>! vars,
- List<VCTrigger!>! triggers, VCQuantifierInfos! infos,
- VCExpr! body) {
+ public VCExpr Exists(List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ vars, List<VCTrigger/*!*/>/*!*/ triggers, VCQuantifierInfos infos, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(infos != null);
+ Contract.Requires(cce.NonNullElements(triggers));
+ Contract.Requires(cce.NonNullElements(vars));
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Quantify(Quantifier.EX, typeParams, vars, triggers, infos, body);
}
- public VCExpr! Exists(List<VCExprVar!>! vars,
- List<VCTrigger!>! triggers,
- VCExpr! body) {
- return Quantify(Quantifier.EX, new List<TypeVariable!> (), vars,
+ public VCExpr Exists(List<VCExprVar/*!*/>/*!*/ vars, List<VCTrigger/*!*/>/*!*/ triggers, VCExpr body){
+Contract.Requires(body != null);
+ Contract.Requires(cce.NonNullElements(triggers));
+ Contract.Requires(cce.NonNullElements(vars));
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ return Quantify(Quantifier.EX, new List<TypeVariable/*!*/> (), vars,
triggers, new VCQuantifierInfos (null, -1, false, null), body);
}
- public VCExpr! Exists(VCExprVar! var, VCTrigger! trigger, VCExpr! body) {
+ public VCExpr Exists(VCExprVar var, VCTrigger trigger, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(trigger != null);
+ Contract.Requires(var != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
return Exists(HelperFuns.ToNonNullList(var), HelperFuns.ToNonNullList(trigger), body);
}
- public VCTrigger! Trigger(bool pos, List<VCExpr!>! exprs) {
+ public VCTrigger Trigger(bool pos, List<VCExpr> exprs) {
+ Contract.Requires(cce.NonNullElements(exprs));
+ Contract.Ensures(Contract.Result<VCTrigger>() != null);
return new VCTrigger(pos, exprs);
}
- public VCTrigger! Trigger(bool pos, params VCExpr[]! exprs)
- requires forall{int i in (0:exprs.Length); exprs[i] != null};
- {
+ public VCTrigger Trigger(bool pos, params VCExpr[] exprs) {
+ Contract.Requires(exprs != null);
+ Contract.Requires((Contract.ForAll(0, exprs.Length, i => exprs[i] != null)));
+ Contract.Ensures(Contract.Result<VCTrigger>() != null);
return Trigger(pos, HelperFuns.ToNonNullList(exprs));
}
// Reference to a bound or free variable
- public VCExprVar! Variable(string! name, Type! type) {
+ public VCExprVar Variable(string name, Type type) {
+ Contract.Requires(type != null);
+ Contract.Requires(name != null);
+ Contract.Ensures(Contract.Result<VCExprVar>() != null);
return new VCExprVar(name, type);
}
}
}
-namespace Microsoft.Boogie.VCExprAST
-{
+namespace Microsoft.Boogie.VCExprAST {
public class HelperFuns {
- public static bool SameElements(IEnumerable! a, IEnumerable! b) {
+ public static bool SameElements(IEnumerable a, IEnumerable b) {
+ Contract.Requires(b != null);
+ Contract.Requires(a != null);
IEnumerator ia = a.GetEnumerator();
IEnumerator ib = b.GetEnumerator();
while (true) {
if (ia.MoveNext()) {
if (ib.MoveNext()) {
- if (!((!)ia.Current).Equals(ib.Current))
+ if (!cce.NonNull(ia.Current).Equals(ib.Current))
return false;
} else {
- return false;
+ return false;
}
} else {
return !ib.MoveNext();
@@ -508,55 +662,81 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public static int PolyHash(int init, int factor, IEnumerable! a) {
+ public static int PolyHash(int init, int factor, IEnumerable a) {
+ Contract.Requires(a != null);
int res = init;
- foreach(object x in a)
- res = res * factor + ((!)x).GetHashCode();
+ foreach (object x in a)
+ res = res * factor + (cce.NonNull(x)).GetHashCode();
return res;
}
- public static List<T>! ToList<T>(IEnumerable<T>! l) {
- List<T>! res = new List<T> ();
+ public static List<T> ToList<T>(IEnumerable<T> l) {
+ Contract.Requires(l != null);
+ Contract.Ensures(Contract.Result<List<T>>() != null);
+ List<T>/*!*/ res = new List<T>();
foreach (T x in l)
res.Add(x);
return res;
}
- public static TypeSeq! ToTypeSeq(VCExpr[]! exprs, int startIndex)
- requires forall{int i in (0:exprs.Length); exprs[i] != null};
- {
- TypeSeq! res = new TypeSeq ();
+ public static TypeSeq ToTypeSeq(VCExpr[] exprs, int startIndex){
+Contract.Requires(exprs != null);
+Contract.Requires((Contract.ForAll(0,exprs.Length, i=> exprs[i] != null)));
+Contract.Ensures(Contract.Result<TypeSeq>() != null);
+TypeSeq/*!*/ res = new TypeSeq();
for (int i = startIndex; i < exprs.Length; ++i)
- res.Add(((!)exprs[i]).Type);
+ res.Add(cce.NonNull(exprs[i]).Type);
return res;
}
- public static List<T!>! ToNonNullList<T> (params T[]! args) {
- List<T!>! res = new List<T!> (args.Length);
+ public static List<T/*!*/>/*!*/ ToNonNullList<T>(params T[] args) {
+ Contract.Requires(args != null);
+ List<T/*!*/>/*!*/ res = new List<T>(args.Length);
foreach (T t in args)
- res.Add((!)t);
+ res.Add(cce.NonNull(t));
return res;
}
- public static IDictionary<A, B>! Clone<A,B>(IDictionary<A,B>! dict) {
- IDictionary<A,B>! res = new Dictionary<A,B> (dict.Count);
- foreach (KeyValuePair<A,B> pair in dict)
+ public static IDictionary<A, B> Clone<A, B>(IDictionary<A, B> dict) {
+ Contract.Requires(dict != null);
+ Contract.Ensures(Contract.Result<IDictionary<A, B>>() != null);
+ IDictionary<A, B> res = new Dictionary<A, B>(dict.Count);
+ foreach (KeyValuePair<A, B> pair in dict)
res.Add(pair);
return res;
}
}
+ [ContractClassFor(typeof(VCExpr))]
+ public abstract class VCExprContracts : VCExpr {
+ public override Type Type {
+ get {
+ Contract.Ensures(Contract.Result<Type>() != null);
+ throw new NotImplementedException();
+ }
+
+ }
+ public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ throw new NotImplementedException();
+ }
+ }
+
+ [ContractClass(typeof(VCExprContracts))]
public abstract class VCExpr {
- public abstract Type! Type { get; }
+ public abstract Type Type {
+ get;
+ }
- public abstract Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg>! visitor, Arg arg);
+ public abstract Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg);
[Pure]
- public override string! ToString() {
- StringWriter! sw = new StringWriter();
- VCExprPrinter! printer = new VCExprPrinter ();
+ public override string ToString() {
+ Contract.Ensures(Contract.Result<string>() != null);
+ StringWriter sw = new StringWriter();
+ VCExprPrinter printer = new VCExprPrinter();
printer.Print(this, sw);
- return (!)sw.ToString();
+ return cce.NonNull(sw.ToString());
}
}
@@ -564,24 +744,34 @@ namespace Microsoft.Boogie.VCExprAST // Literal expressions
public class VCExprLiteral : VCExpr {
- private readonly Type! LitType;
- public override Type! Type { get { return LitType; } }
- internal VCExprLiteral(Type! type) {
+ private readonly Type LitType;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(LitType != null);
+ }
+
+ public override Type Type {
+ get {
+ return LitType;
+ }
+ }
+ internal VCExprLiteral(Type type) {
+ Contract.Requires(type != null);
this.LitType = type;
}
- public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg>! visitor, Arg arg) {
+ public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
return visitor.Visit(this, arg);
}
}
- public class VCExprIntLit : VCExprLiteral
- {
+ public class VCExprIntLit : VCExprLiteral {
public readonly BigNum Val;
- internal VCExprIntLit(BigNum val) {
- base(Type.Int);
+ internal VCExprIntLit(BigNum val) :base(Type.Int){
this.Val = val;
- }
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ }
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -597,30 +787,79 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////
// Operator expressions with fixed arity
+ [ContractClassFor(typeof(VCExprNAry))]
+ public abstract class VCExprNAryContracts : VCExprNAry {
+ public VCExprNAryContracts()
+ : base(null) {
+ }
+ public override VCExpr this[int index] {
+ get {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ throw new NotImplementedException();
+ }
+ }
+ public override Type Type {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<IEnumerable<VCExpr>>()));
+ throw new NotImplementedException();
+ }
+ }
+ }
+
+ [ContractClass(typeof(VCExprNAryContracts))]
+ public abstract class VCExprNAry : VCExpr, IEnumerable<VCExpr/*!*/> {
+ public readonly VCExprOp Op;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Op != null);
+ Contract.Invariant(cce.NonNullElements(EMPTY_TYPE_LIST));
+ Contract.Invariant(cce.NonNullElements(EMPTY_VCEXPR_LIST));
+ }
- public abstract class VCExprNAry : VCExpr, IEnumerable<VCExpr!> {
- public readonly VCExprOp! Op;
- public int Arity { get { return Op.Arity; } }
- public int TypeParamArity { get { return Op.TypeParamArity; } }
- public int Length { get { return Arity; } }
+ public int Arity {
+ get {
+ return Op.Arity;
+ }
+ }
+ public int TypeParamArity {
+ get {
+ return Op.TypeParamArity;
+ }
+ }
+ public int Length {
+ get {
+ return Arity;
+ }
+ }
// the sub-expressions of the expression
- public abstract VCExpr! this[int index] { get; }
+ public abstract VCExpr/*!*/ this[int index] {
+ get;
+ }
// the type arguments
- public abstract List<Type!>! TypeArguments { get; }
+ public abstract List<Type/*!*/>/*!*/ TypeArguments {
+ get;
+ }
- [Pure] [GlobalAccess(false)] [Escapes(true,false)]
- public IEnumerator<VCExpr!>! GetEnumerator() {
+ [Pure]
+ [GlobalAccess(false)]
+ [Escapes(true, false)]
+ public IEnumerator<VCExpr/*!*/>/*!*/ GetEnumerator() {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<IEnumerator<VCExpr>>()));
for (int i = 0; i < Arity; ++i)
yield return this[i];
}
- [Pure] [GlobalAccess(false)] [Escapes(true,false)]
- IEnumerator! System.Collections.IEnumerable.GetEnumerator() {
+ [Pure]
+ [GlobalAccess(false)]
+ [Escapes(true, false)]
+ IEnumerator System.Collections.IEnumerable.GetEnumerator() {
+ Contract.Ensures(Contract.Result<IEnumerator>() != null);
for (int i = 0; i < Arity; ++i)
yield return this[i];
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -648,7 +887,7 @@ namespace Microsoft.Boogie.VCExprAST if (!nextExprNAry0.Op.Equals(nextExprNAry1.Op))
return false;
} else {
- if (!((!)enum0.Current).Equals(enum1.Current))
+ if (!cce.NonNull(enum0.Current).Equals(enum1.Current))
return false;
}
}
@@ -661,66 +900,111 @@ namespace Microsoft.Boogie.VCExprAST 3, this);
}
- internal VCExprNAry(VCExprOp! op) {
+ internal VCExprNAry(VCExprOp op) {
+ Contract.Requires(op != null);
this.Op = op;
}
- public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg>! visitor, Arg arg) {
+ public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
return visitor.Visit(this, arg);
}
- public Result Accept<Result, Arg>(IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ public Result Accept<Result, Arg>(IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
return Op.Accept(this, visitor, arg);
}
- internal static readonly List<Type!>! EMPTY_TYPE_LIST = new List<Type!> ();
- internal static readonly List<VCExpr!>! EMPTY_VCEXPR_LIST = new List<VCExpr!> ();
+ internal static readonly List<Type/*!*/>/*!*/ EMPTY_TYPE_LIST = new List<Type/*!*/>();
+ internal static readonly List<VCExpr/*!*/>/*!*/ EMPTY_VCEXPR_LIST = new List<VCExpr/*!*/>();
+
}
// We give specialised implementations for nullary, unary and binary expressions
internal class VCExprNullary : VCExprNAry {
- private readonly Type! ExprType;
- public override Type! Type { get { return ExprType; } }
- public override VCExpr! this[int index] { get {
- assert false; // no arguments
- } }
+ private readonly Type ExprType;
+ [ContractInvariantMethod]
+ void loneinvariant() {
+ Contract.Invariant(ExprType != null);
+ }
+
+ public override Type Type {
+ get {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ return ExprType;
+ }
+ }
+ public override VCExpr this[int index] {
+ get {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ Contract.Assert(false);
+ throw new cce.UnreachableException(); // no arguments
+ }
+ }
// the type arguments
- public override List<Type!>! TypeArguments { get {
- return EMPTY_TYPE_LIST;
- } }
+ public override List<Type/*!*/>/*!*/ TypeArguments {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Type>>()));
+ return EMPTY_TYPE_LIST;
+ }
+ }
- internal VCExprNullary(VCExprOp! op)
- requires op.Arity == 0 && op.TypeParamArity == 0; {
- base(op);
+ internal VCExprNullary(VCExprOp op):base(op) {
+ Contract.Requires(op != null);
+ Contract.Requires(op.Arity == 0 && op.TypeParamArity == 0);
this.ExprType = op.InferType(EMPTY_VCEXPR_LIST, EMPTY_TYPE_LIST);
}
}
internal class VCExprUnary : VCExprNAry {
- private readonly VCExpr! Argument;
- private readonly Type! ExprType;
- public override Type! Type { get { return ExprType; } }
- public override VCExpr! this[int index] { get {
- assume index == 0;
- return Argument;
- } }
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Argument != null);
+ Contract.Invariant(ExprType != null);
+
+ }
+
+ private readonly VCExpr/*!*/ Argument;
+ private readonly Type/*!*/ ExprType;
+ public override Type/*!*/ Type {
+ get {
+ Contract.Ensures(Contract.Result<Type>() != null);
+ return ExprType;
+ }
+ }
+ public override VCExpr/*!*/ this[int index] {
+ get {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ Contract.Assume(index == 0);
+ return Argument;
+ }
+ }
// the type arguments
- public override List<Type!>! TypeArguments { get {
- return EMPTY_TYPE_LIST;
- } }
+ public override List<Type/*!*/>/*!*/ TypeArguments {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Type>>()));
+ return EMPTY_TYPE_LIST;
+ }
+ }
- internal VCExprUnary(VCExprOp! op, List<VCExpr!>! arguments)
- requires op.Arity == 1 && op.TypeParamArity == 0 && arguments.Count == 1; {
- base(op);
+ internal VCExprUnary(VCExprOp op, List<VCExpr> arguments) :base(op){
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Requires(op.Arity == 1 && op.TypeParamArity == 0 && arguments.Count == 1);
+
this.Argument = arguments[0];
this.ExprType =
op.InferType(arguments, EMPTY_TYPE_LIST);
}
-
- internal VCExprUnary(VCExprOp! op, VCExpr! argument)
- requires op.Arity == 1 && op.TypeParamArity == 0; {
- base(op);
+
+ internal VCExprUnary(VCExprOp op, VCExpr argument) :base(op){
+ Contract.Requires(argument != null);
+ Contract.Requires(op != null);
+ Contract.Requires(op.Arity == 1 && op.TypeParamArity == 0);
+
this.Argument = argument;
// PR: could be optimised so that the argument does
// not have to be boxed in an array each time
@@ -730,34 +1014,62 @@ namespace Microsoft.Boogie.VCExprAST }
internal class VCExprBinary : VCExprNAry {
- private readonly VCExpr! Argument0;
- private readonly VCExpr! Argument1;
- private readonly Type! ExprType;
- public override Type! Type { get { return ExprType; } }
- public override VCExpr! this[int index] { get {
- switch (index) {
- case 0: return Argument0;
- case 1: return Argument1;
- default: assert false;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Argument0 != null);
+ Contract.Invariant(Argument1 != null);
+ Contract.Invariant(ExprType != null);
+ }
+
+ private readonly VCExpr Argument0;
+ private readonly VCExpr Argument1;
+ private readonly Type ExprType;
+ public override Type Type {
+ get {
+ Contract.Ensures(Contract.Result<Type>() != null);
+ return ExprType;
+ }
+ }
+ public override VCExpr this[int index] {
+ get {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ switch (index) {
+ case 0:
+ return Argument0;
+ case 1:
+ return Argument1;
+ default: {
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
+ }
+ }
}
- } }
+ }
// the type arguments
- public override List<Type!>! TypeArguments { get {
- return EMPTY_TYPE_LIST;
- } }
+ public override List<Type/*!*/>/*!*/ TypeArguments {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Type>>()));
+ return EMPTY_TYPE_LIST;
+ }
+ }
- internal VCExprBinary(VCExprOp! op, List<VCExpr!>! arguments)
- requires op.Arity == 2 && op.TypeParamArity == 0 && arguments.Count == 2; {
- base(op);
+ internal VCExprBinary(VCExprOp op, List<VCExpr> arguments) :base(op){
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Requires(op.Arity == 2 && op.TypeParamArity == 0 && arguments.Count == 2);
+
this.Argument0 = arguments[0];
this.Argument1 = arguments[1];
this.ExprType = op.InferType(arguments, EMPTY_TYPE_LIST);
}
- internal VCExprBinary(VCExprOp! op, VCExpr! argument0, VCExpr! argument1)
- requires op.Arity == 2 && op.TypeParamArity == 0; {
- base(op);
+ internal VCExprBinary(VCExprOp op, VCExpr argument0, VCExpr argument1) :base(op){
+ Contract.Requires(argument1 != null);
+ Contract.Requires(argument0 != null);
+ Contract.Requires(op != null);
+ Contract.Requires(op.Arity == 2 && op.TypeParamArity == 0);
this.Argument0 = argument0;
this.Argument1 = argument1;
// PR: could be optimised so that the arguments do
@@ -769,30 +1081,55 @@ namespace Microsoft.Boogie.VCExprAST }
internal class VCExprMultiAry : VCExprNAry {
- private readonly List<VCExpr!>! Arguments;
- private readonly List<Type!>! TypeArgumentsAttr;
+ private readonly List<VCExpr/*!*/>/*!*/ Arguments;
+ private readonly List<Type/*!*/>/*!*/ TypeArgumentsAttr;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(Arguments));
+ Contract.Invariant(cce.NonNullElements(TypeArgumentsAttr));
+ Contract.Invariant(ExprType != null);
+ }
+
+
+ private readonly Type/*!*/ ExprType;
+ public override Type/*!*/ Type {
+ get {
+ Contract.Ensures(Contract.Result<Type>() != null);
+ return ExprType;
+ }
+ }
+ public override VCExpr/*!*/ this[int index] {
+ get {
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
- private readonly Type! ExprType;
- public override Type! Type { get { return ExprType; } }
- public override VCExpr! this[int index] { get {
- assume index >= 0 && index < Arity;
- return (!)Arguments[index];
- } }
+ Contract.Assume(index >= 0 && index < Arity);
+ return cce.NonNull(Arguments)[index];
+ }
+ }
// the type arguments
- public override List<Type!>! TypeArguments { get {
- return TypeArgumentsAttr;
- } }
-
- internal VCExprMultiAry(VCExprOp! op, List<VCExpr!>! arguments) {
- this(op, arguments, EMPTY_TYPE_LIST);
- }
- internal VCExprMultiAry(VCExprOp! op, List<VCExpr!>! arguments, List<Type!>! typeArguments)
- requires (arguments.Count > 2 || typeArguments.Count > 0);
- requires op.Arity == arguments.Count;
- requires op.TypeParamArity == typeArguments.Count;
- {
- base(op);
+ public override List<Type/*!*/>/*!*/ TypeArguments {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<Type>>()));
+ return TypeArgumentsAttr;
+ }
+ }
+
+ internal VCExprMultiAry(VCExprOp op, List<VCExpr> arguments) :base(op){
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(arguments));
+ //this(op, arguments, EMPTY_TYPE_LIST);
+ this.Arguments = arguments;
+ this.TypeArgumentsAttr = EMPTY_TYPE_LIST;
+ this.ExprType = op.InferType(arguments, TypeArgumentsAttr);
+ }
+ internal VCExprMultiAry(VCExprOp op, List<VCExpr> arguments, List<Type/*!*/>/*!*/ typeArguments):base(op){
+ Contract.Requires(op != null);
+ Contract.Requires(cce.NonNullElements(typeArguments));
+ Contract.Requires(cce.NonNullElements(arguments));
+ Contract.Requires(arguments.Count > 2 || typeArguments.Count > 0);
+ Contract.Requires(op.Arity == arguments.Count);
+ Contract.Requires(op.TypeParamArity == typeArguments.Count);
this.Arguments = arguments;
this.TypeArgumentsAttr = typeArguments;
this.ExprType = op.InferType(arguments, typeArguments);
@@ -801,86 +1138,119 @@ namespace Microsoft.Boogie.VCExprAST /////////////////////////////////////////////////////////////////////////////////
// The various operators available
-
+ [ContractClass(typeof(VCExprOpContracts))]
public abstract class VCExprOp {
// the number of value parameters
- public abstract int Arity { get; }
+ public abstract int Arity {
+ get;
+ }
// the number of type parameters
- public abstract int TypeParamArity { get; }
+ public abstract int TypeParamArity {
+ get;
+ }
- public abstract Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs);
+ public abstract Type/*!*/ InferType(List<VCExpr/*!*/>/*!*/ args, List<Type/*!*/>/*!*/ typeArgs);
- public virtual Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ public virtual Result Accept<Result, Arg>(VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
VCExpressionGenerator.SingletonOp op;
if (VCExpressionGenerator.SingletonOpDict.TryGetValue(this, out op)) {
- switch(op) {
- case VCExpressionGenerator.SingletonOp.NotOp:
- return visitor.VisitNotOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.EqOp:
- return visitor.VisitEqOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.NeqOp:
- return visitor.VisitNeqOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.AndOp:
- return visitor.VisitAndOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.OrOp:
- return visitor.VisitOrOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.ImpliesOp:
- return visitor.VisitImpliesOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.AddOp:
- return visitor.VisitAddOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.SubOp:
- return visitor.VisitSubOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.MulOp:
- return visitor.VisitMulOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.DivOp:
- return visitor.VisitDivOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.ModOp:
- return visitor.VisitModOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.LtOp:
- return visitor.VisitLtOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.LeOp:
- return visitor.VisitLeOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.GtOp:
- return visitor.VisitGtOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.GeOp:
- return visitor.VisitGeOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.SubtypeOp:
- return visitor.VisitSubtypeOp(expr, arg);
- case VCExpressionGenerator.SingletonOp.Subtype3Op:
- return visitor.VisitSubtype3Op(expr, arg);
- case VCExpressionGenerator.SingletonOp.BvConcatOp:
- return visitor.VisitBvConcatOp(expr, arg);
- default:
- assert false;
+ switch (op) {
+ case VCExpressionGenerator.SingletonOp.NotOp:
+ return visitor.VisitNotOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.EqOp:
+ return visitor.VisitEqOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.NeqOp:
+ return visitor.VisitNeqOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.AndOp:
+ return visitor.VisitAndOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.OrOp:
+ return visitor.VisitOrOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.ImpliesOp:
+ return visitor.VisitImpliesOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.AddOp:
+ return visitor.VisitAddOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.SubOp:
+ return visitor.VisitSubOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.MulOp:
+ return visitor.VisitMulOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.DivOp:
+ return visitor.VisitDivOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.ModOp:
+ return visitor.VisitModOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.LtOp:
+ return visitor.VisitLtOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.LeOp:
+ return visitor.VisitLeOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.GtOp:
+ return visitor.VisitGtOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.GeOp:
+ return visitor.VisitGeOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.SubtypeOp:
+ return visitor.VisitSubtypeOp(expr, arg);
+ case VCExpressionGenerator.SingletonOp.Subtype3Op:
+ return visitor.VisitSubtype3Op(expr, arg);
+ case VCExpressionGenerator.SingletonOp.BvConcatOp:
+ return visitor.VisitBvConcatOp(expr, arg);
+ default:
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
} else {
- assert false;
+ Contract.Assert(false);
+ throw new cce.UnreachableException();
}
}
}
+ [ContractClassFor(typeof(VCExprOp))]
+ abstract class VCExprOpContracts : VCExprOp {
+ public override Type InferType(List<VCExpr> args, List<Type> typeArgs) {
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Ensures(Contract.Result<Type>() != null);
+
+ throw new NotImplementedException();
+ }
+ }
public class VCExprNAryOp : VCExprOp {
- private readonly Type! OpType;
+ private readonly Type OpType;
private readonly int OpArity;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(OpType != null);
+ }
- public override int Arity { get { return OpArity; } }
- public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public override int Arity {
+ get {
+ return OpArity;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return 0;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return OpType;
}
- internal VCExprNAryOp(int arity, Type! type) {
+ internal VCExprNAryOp(int arity, Type type) {
+ Contract.Requires(type != null);
this.OpArity = arity;
this.OpType = type;
}
}
public class VCExprDistinctOp : VCExprNAryOp {
- internal VCExprDistinctOp(int arity) {
- base(arity, Type.Bool);
+ internal VCExprDistinctOp(int arity) :base(arity, Type.Bool){
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -893,27 +1263,45 @@ namespace Microsoft.Boogie.VCExprAST return Arity * 917632481;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitDistinctOp(expr, arg);
}
}
public class VCExprLabelOp : VCExprOp {
- public override int Arity { get { return 1; } }
- public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public override int Arity {
+ get {
+ return 1;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return 0;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return args[0].Type;
}
-
+
public readonly bool pos;
- public readonly string! label;
+ public readonly string label;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(label != null);
+ }
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
if (that is VCExprLabelOp) {
- VCExprLabelOp! thatOp = (VCExprLabelOp)that;
+ VCExprLabelOp/*!*/ thatOp = (VCExprLabelOp)that;
return this.pos == thatOp.pos && this.label.Equals(thatOp.label);
}
return false;
@@ -923,12 +1311,15 @@ namespace Microsoft.Boogie.VCExprAST return (pos ? 9817231 : 7198639) + label.GetHashCode();
}
- internal VCExprLabelOp(bool pos, string! l) {
+ internal VCExprLabelOp(bool pos, string l) {
+ Contract.Requires(l != null);
this.pos = pos;
this.label = pos ? "+" + l : "@" + l;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitLabelOp(expr, arg);
}
}
@@ -936,19 +1327,31 @@ namespace Microsoft.Boogie.VCExprAST public class VCExprSelectOp : VCExprOp {
private readonly int MapArity;
private readonly int MapTypeParamArity;
- public override int Arity { get { return MapArity + 1; } }
- public override int TypeParamArity { get { return MapTypeParamArity; } }
+ public override int Arity {
+ get {
+ return MapArity + 1;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return MapTypeParamArity;
+ }
+ }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
- MapType! mapType = args[0].Type.AsMap;
- assert TypeParamArity == mapType.TypeParameters.Length;
- IDictionary<TypeVariable!, Type!>! subst = new Dictionary<TypeVariable!, Type!> ();
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs){
+Contract.Requires(cce.NonNullElements(typeArgs));
+Contract.Requires(cce.NonNullElements(args));
+Contract.Ensures(Contract.Result<Type>() != null);
+ MapType/*!*/ mapType = args[0].Type.AsMap;
+ Contract.Assert(TypeParamArity == mapType.TypeParameters.Length);
+ IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ subst = new Dictionary<TypeVariable/*!*/, Type/*!*/>();
for (int i = 0; i < TypeParamArity; ++i)
subst.Add(mapType.TypeParameters[i], typeArgs[i]);
return mapType.Result.Substitute(subst);
}
-
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -962,14 +1365,15 @@ namespace Microsoft.Boogie.VCExprAST return Arity * 1212481 + TypeParamArity * 298741;
}
- internal VCExprSelectOp(int arity, int typeParamArity)
- requires 0 <= arity && 0 <= typeParamArity;
- {
+ internal VCExprSelectOp(int arity, int typeParamArity) {
+ Contract.Requires(0 <= arity && 0 <= typeParamArity);
this.MapArity = arity;
this.MapTypeParamArity = typeParamArity;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitSelectOp(expr, arg);
}
}
@@ -977,16 +1381,28 @@ namespace Microsoft.Boogie.VCExprAST public class VCExprStoreOp : VCExprOp {
private readonly int MapArity;
private readonly int MapTypeParamArity;
- public override int Arity { get { return MapArity + 2; } }
+ public override int Arity {
+ get {
+ return MapArity + 2;
+ }
+ }
// stores never need explicit type parameters, because also the
// rhs is a value argument
- public override int TypeParamArity { get { return MapTypeParamArity; } }
+ public override int TypeParamArity {
+ get {
+ return MapTypeParamArity;
+ }
+ }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return args[0].Type;
}
-
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -999,26 +1415,39 @@ namespace Microsoft.Boogie.VCExprAST return Arity * 91361821;
}
- internal VCExprStoreOp(int arity, int typeParamArity)
- requires 0 <= arity && 0 <= typeParamArity;
- {
+ internal VCExprStoreOp(int arity, int typeParamArity) {
+ Contract.Requires(0 <= arity && 0 <= typeParamArity);
this.MapArity = arity;
this.MapTypeParamArity = typeParamArity;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitStoreOp(expr, arg);
}
}
public class VCExprIfThenElseOp : VCExprOp {
- public override int Arity { get { return 3; } }
- public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public override int Arity {
+ get {
+ return 3;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return 0;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return args[1].Type;
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -1034,16 +1463,27 @@ namespace Microsoft.Boogie.VCExprAST internal VCExprIfThenElseOp() {
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitIfThenElseOp(expr, arg);
}
}
-
+
public class VCExprCustomOp : VCExprOp {
- public readonly string! Name;
+ public readonly string/*!*/ Name;
int arity;
- public readonly Type! Type;
- public VCExprCustomOp(string! name, int arity, Type! type) {
+ public readonly Type/*!*/ Type;
+ [ContractInvariantMethod]
+void ObjectInvariant()
+{
+ Contract.Invariant(Name!=null);
+ Contract.Invariant(Type != null);
+}
+
+ public VCExprCustomOp(string/*!*/ name, int arity, Type/*!*/ type) {
+ Contract.Requires(name != null);
+ Contract.Requires(type != null);
this.Name = name;
this.arity = arity;
this.Type = type;
@@ -1059,9 +1499,13 @@ namespace Microsoft.Boogie.VCExprAST }
public override int Arity { get { return arity; } }
public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) { return Type; }
+ public override Type/*!*/ InferType(List<VCExpr/*!*/>/*!*/ args, List<Type/*!*/>/*!*/ typeArgs) {Contract.Requires((cce.NonNullElements(args)));
+Contract.Requires((cce.NonNullElements(typeArgs)));
+Contract.Ensures(Contract.Result<Type>() != null); return Type; }
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry/*!*/ expr, IVCExprOpVisitor<Result, Arg>/*!*/ visitor, Arg arg) {
+ Contract.Requires(expr != null);
+ Contract.Requires(visitor != null);
return visitor.VisitCustomOp(expr, arg);
}
}
@@ -1072,13 +1516,25 @@ namespace Microsoft.Boogie.VCExprAST public class VCExprBvOp : VCExprOp {
public readonly int Bits;
- public override int Arity { get { return 1; } }
- public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public override int Arity {
+ get {
+ return 1;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return 0;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return Type.GetBvType(Bits);
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -1095,7 +1551,9 @@ namespace Microsoft.Boogie.VCExprAST this.Bits = bits;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitBvOp(expr, arg);
}
}
@@ -1105,18 +1563,30 @@ namespace Microsoft.Boogie.VCExprAST public readonly int End;
public readonly int Total; // the number of bits from which the End-Start bits are extracted
- public override int Arity { get { return 1; } }
- public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+ public override int Arity {
+ get {
+ return 1;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return 0;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return Type.GetBvType(End - Start);
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
if (that is VCExprBvExtractOp) {
- VCExprBvExtractOp! thatExtract = (VCExprBvExtractOp)that;
+ VCExprBvExtractOp/*!*/ thatExtract = (VCExprBvExtractOp)that;
return this.Start == thatExtract.Start && this.End == thatExtract.End && this.Total == thatExtract.Total;
}
return false;
@@ -1126,15 +1596,16 @@ namespace Microsoft.Boogie.VCExprAST return Start * 81912 + End * 978132 + Total * 571289;
}
- internal VCExprBvExtractOp(int start, int end, int total)
- requires 0 <= start && start <= end && end <= total;
- {
+ internal VCExprBvExtractOp(int start, int end, int total) {
+ Contract.Requires(0 <= start && start <= end && end <= total);
this.Start = start;
this.End = end;
this.Total = total;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitBvExtractOp(expr, arg);
}
}
@@ -1142,14 +1613,26 @@ namespace Microsoft.Boogie.VCExprAST public class VCExprBvConcatOp : VCExprOp {
public readonly int LeftSize;
public readonly int RightSize;
-
- public override int Arity { get { return 2; } }
- public override int TypeParamArity { get { return 0; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
+
+ public override int Arity {
+ get {
+ return 2;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return 0;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs) {
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(args));
+ Contract.Ensures(Contract.Result<Type>() != null);
return Type.GetBvType(args[0].Type.BvBits + args[1].Type.BvBits);
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -1164,14 +1647,15 @@ namespace Microsoft.Boogie.VCExprAST return LeftSize * 81912 + RightSize * 978132;
}
- internal VCExprBvConcatOp(int leftSize, int rightSize)
- requires 0 <= leftSize && 0 <= rightSize;
- {
+ internal VCExprBvConcatOp(int leftSize, int rightSize) {
+ Contract.Requires(0 <= leftSize && 0 <= rightSize);
this.LeftSize = leftSize;
this.RightSize = rightSize;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitBvConcatOp(expr, arg);
}
}
@@ -1180,21 +1664,38 @@ namespace Microsoft.Boogie.VCExprAST // References to user-defined Boogie functions
public class VCExprBoogieFunctionOp : VCExprOp {
- public readonly Function! Func;
+ public readonly Function Func;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Func != null);
+ }
+
- public override int Arity { get { return Func.InParams.Length; } }
- public override int TypeParamArity { get { return Func.TypeParameters.Length; } }
- public override Type! InferType(List<VCExpr!>! args, List<Type!>! typeArgs) {
- assert TypeParamArity == Func.TypeParameters.Length;
+ public override int Arity {
+ get {
+ return Func.InParams.Length;
+ }
+ }
+ public override int TypeParamArity {
+ get {
+ return Func.TypeParameters.Length;
+ }
+ }
+ public override Type InferType(List<VCExpr> args, List<Type/*!*/>/*!*/ typeArgs){
+Contract.Requires(cce.NonNullElements(typeArgs));
+Contract.Requires(cce.NonNullElements(args));
+Contract.Ensures(Contract.Result<Type>() != null);
+ Contract.Assert(TypeParamArity == Func.TypeParameters.Length);
if (TypeParamArity == 0)
- return ((!)Func.OutParams[0]).TypedIdent.Type;
- IDictionary<TypeVariable!, Type!>! subst = new Dictionary<TypeVariable!, Type!> (TypeParamArity);
+ return cce.NonNull(Func.OutParams[0]).TypedIdent.Type;
+ IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ subst = new Dictionary<TypeVariable/*!*/, Type/*!*/>(TypeParamArity);
for (int i = 0; i < TypeParamArity; ++i)
subst.Add(Func.TypeParameters[i], typeArgs[i]);
- return ((!)Func.OutParams[0]).TypedIdent.Type.Substitute(subst);
+ return cce.NonNull(Func.OutParams[0]).TypedIdent.Type.Substitute(subst);
}
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
@@ -1209,11 +1710,14 @@ namespace Microsoft.Boogie.VCExprAST // we require that the result type of the expression is specified, because we
// do not want to perform full type inference at this point
- internal VCExprBoogieFunctionOp(Function! func) {
+ internal VCExprBoogieFunctionOp(Function func) {
+ Contract.Requires(func != null);
this.Func = func;
}
public override Result Accept<Result, Arg>
- (VCExprNAry! expr, IVCExprOpVisitor<Result, Arg>! visitor, Arg arg) {
+ (VCExprNAry expr, IVCExprOpVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
+ Contract.Requires(expr != null);
return visitor.VisitBoogieFunctionOp(expr, arg);
}
}
@@ -1225,30 +1729,58 @@ namespace Microsoft.Boogie.VCExprAST public class VCExprVar : VCExpr {
// the name of the variable. Note that the name is not used for comparison,
// i.e., there can be two distinct variables with the same name
- public readonly string! Name;
- private readonly Type! VarType;
- public override Type! Type { get { return VarType; } }
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Name != null);
+ Contract.Invariant(VarType != null);
+ }
+
+ public readonly string/*!*/ Name;
+ private readonly Type/*!*/ VarType;
+ public override Type/*!*/ Type {
+ get {
+ Contract.Ensures(Contract.Result<Type>() != null);
+ return VarType;
+ }
+ }
- internal VCExprVar(string! name, Type! type) {
+ internal VCExprVar(string name, Type type) {
+ Contract.Requires(type != null);
+ Contract.Requires(name != null);
this.Name = name;
this.VarType = type;
}
- public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg>! visitor, Arg arg) {
+ public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
return visitor.Visit(this, arg);
}
}
public abstract class VCExprBinder : VCExpr {
- public readonly VCExpr! Body;
- public readonly List<TypeVariable!>! TypeParameters;
- public readonly List<VCExprVar!>! BoundVars;
-
- public override Type! Type { get { return Body.Type; } }
-
- internal VCExprBinder(List<TypeVariable!>! typeParams,
- List<VCExprVar!>! boundVars,
- VCExpr! body)
- requires boundVars.Count + typeParams.Count > 0; { // only nontrivial binders ...
+ public readonly VCExpr/*!*/ Body;
+ public readonly List<TypeVariable/*!*/>/*!*/ TypeParameters;
+ public readonly List<VCExprVar/*!*/>/*!*/ BoundVars;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Body != null);
+ Contract.Invariant(cce.NonNullElements(TypeParameters));
+ Contract.Invariant(cce.NonNullElements(BoundVars));
+ }
+
+
+ public override Type/*!*/ Type {
+ get {
+ Contract.Ensures(Contract.Result<Type>() != null);
+
+ return Body.Type;
+ }
+ }
+
+ internal VCExprBinder(List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ boundVars, VCExpr body) {
+ Contract.Requires(body != null);
+ Contract.Requires(cce.NonNullElements(boundVars));
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Requires(boundVars.Count + typeParams.Count > 0); // only nontrivial binders ...
this.TypeParameters = typeParams;
this.BoundVars = boundVars;
this.Body = body;
@@ -1257,14 +1789,20 @@ namespace Microsoft.Boogie.VCExprAST public class VCTrigger {
public readonly bool Pos;
- public readonly List<VCExpr!>! Exprs;
+ public readonly List<VCExpr/*!*/>/*!*/ Exprs;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Exprs != null);
+ }
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
if (that is VCTrigger) {
- VCTrigger! thatTrigger = (VCTrigger)that;
+ VCTrigger/*!*/ thatTrigger = (VCTrigger)that;
return this.Pos == thatTrigger.Pos &&
HelperFuns.SameElements(this.Exprs, thatTrigger.Exprs);
}
@@ -1276,7 +1814,8 @@ namespace Microsoft.Boogie.VCExprAST HelperFuns.PolyHash(123, 7, this.Exprs);
}
- public VCTrigger(bool pos, List<VCExpr!>! exprs) {
+ public VCTrigger(bool pos, List<VCExpr> exprs) {
+ Contract.Requires(cce.NonNullElements(exprs));
this.Pos = pos;
this.Exprs = exprs;
}
@@ -1296,21 +1835,31 @@ namespace Microsoft.Boogie.VCExprAST }
}
- public enum Quantifier { ALL, EX };
+ public enum Quantifier {
+ ALL,
+ EX
+ };
public class VCExprQuantifier : VCExprBinder {
public readonly Quantifier Quan;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Infos != null);
+ Contract.Invariant(cce.NonNullElements(Triggers));
+ }
- public readonly List<VCTrigger!>! Triggers;
- public readonly VCQuantifierInfos! Infos;
+
+ public readonly List<VCTrigger/*!*/>/*!*/ Triggers;
+ public readonly VCQuantifierInfos Infos;
// Equality is /not/ modulo bound renaming at this point
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
if (that is VCExprQuantifier) {
- VCExprQuantifier! thatQuan = (VCExprQuantifier)that;
+ VCExprQuantifier/*!*/ thatQuan = (VCExprQuantifier)that;
return this.Quan == thatQuan.Quan &&
HelperFuns.SameElements(this.Triggers, thatQuan.Triggers) &&
HelperFuns.SameElements(this.TypeParameters, thatQuan.TypeParameters) &&
@@ -1327,18 +1876,19 @@ namespace Microsoft.Boogie.VCExprAST HelperFuns.PolyHash(123, 11, Triggers);
}
- internal VCExprQuantifier(Quantifier kind,
- List<TypeVariable!>! typeParams,
- List<VCExprVar!>! boundVars,
- List<VCTrigger!>! triggers,
- VCQuantifierInfos! infos,
- VCExpr! body) {
- base(typeParams, boundVars, body);
+ internal VCExprQuantifier(Quantifier kind, List<TypeVariable/*!*/>/*!*/ typeParams, List<VCExprVar/*!*/>/*!*/ boundVars, List<VCTrigger/*!*/>/*!*/ triggers, VCQuantifierInfos infos, VCExpr body) :base(typeParams, boundVars, body){
+ Contract.Requires(body != null);
+ Contract.Requires(infos != null);
+ Contract.Requires(cce.NonNullElements(triggers));
+ Contract.Requires(cce.NonNullElements(boundVars));
+ Contract.Requires(cce.NonNullElements(typeParams));
+
this.Quan = kind;
this.Triggers = triggers;
this.Infos = infos;
}
- public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg>! visitor, Arg arg) {
+ public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
return visitor.Visit(this, arg);
}
}
@@ -1347,15 +1897,22 @@ namespace Microsoft.Boogie.VCExprAST // Let-Bindings
public class VCExprLetBinding {
- public readonly VCExprVar! V;
- public readonly VCExpr! E;
+ public readonly VCExprVar V;
+ public readonly VCExpr E;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(V != null);
+ Contract.Invariant(E != null);
+ }
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
if (that is VCExprLetBinding) {
- VCExprLetBinding! thatB = (VCExprLetBinding)that;
+ VCExprLetBinding/*!*/ thatB = (VCExprLetBinding)that;
return this.V.Equals(thatB.V) && this.E.Equals(thatB.E);
}
return false;
@@ -1364,28 +1921,44 @@ namespace Microsoft.Boogie.VCExprAST public override int GetHashCode() {
return V.GetHashCode() * 71261 + E.GetHashCode();
}
-
- internal VCExprLetBinding(VCExprVar! v, VCExpr! e) {
+
+ internal VCExprLetBinding(VCExprVar v, VCExpr e) {
+ Contract.Requires(e != null);
+ Contract.Requires(v != null);
this.V = v;
this.E = e;
- assert v.Type.Equals(e.Type);
+ Contract.Assert(v.Type.Equals(e.Type));
}
}
- public class VCExprLet : VCExprBinder, IEnumerable<VCExprLetBinding!> {
- private readonly List<VCExprLetBinding!>! Bindings;
+ public class VCExprLet : VCExprBinder, IEnumerable<VCExprLetBinding/*!*/> {
+ private readonly List<VCExprLetBinding/*!*/>/*!*/ Bindings;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(Bindings));
- public int Length { get { return Bindings.Count; } }
- public VCExprLetBinding! this[int index] { get {
- return Bindings[index];
- } }
+ }
- [Pure][Reads(ReadsAttribute.Reads.Nothing)]
+
+ public int Length {
+ get {
+ return Bindings.Count;
+ }
+ }
+ public VCExprLetBinding this[int index] {
+ get {
+ Contract.Ensures(Contract.Result<VCExprLetBinding>() != null);
+ return Bindings[index];
+ }
+ }
+
+ [Pure]
+ [Reads(ReadsAttribute.Reads.Nothing)]
public override bool Equals(object that) {
if (Object.ReferenceEquals(this, that))
return true;
if (that is VCExprLet) {
- VCExprLet! thatLet = (VCExprLet)that;
+ VCExprLet/*!*/ thatLet = (VCExprLet)that;
return this.Body.Equals(thatLet.Body) &&
HelperFuns.SameElements(this, (VCExprLet)that);
}
@@ -1396,28 +1969,37 @@ namespace Microsoft.Boogie.VCExprAST return HelperFuns.PolyHash(Body.GetHashCode(), 9, Bindings);
}
- [Pure] [GlobalAccess(false)] [Escapes(true,false)]
- public IEnumerator<VCExprLetBinding!>! GetEnumerator() {
+ [Pure]
+ [GlobalAccess(false)]
+ [Escapes(true, false)]
+ public IEnumerator<VCExprLetBinding/*!*/>/*!*/ GetEnumerator() {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<IEnumerator<VCExprLetBinding>>()));
return Bindings.GetEnumerator();
}
- [Pure] [GlobalAccess(false)] [Escapes(true,false)]
- IEnumerator! System.Collections.IEnumerable.GetEnumerator() {
+ [Pure]
+ [GlobalAccess(false)]
+ [Escapes(true, false)]
+ IEnumerator System.Collections.IEnumerable.GetEnumerator() {
+ Contract.Ensures(Contract.Result<IEnumerator>() != null);
return Bindings.GetEnumerator();
}
- private static List<VCExprVar!>! toSeq(List<VCExprLetBinding!>! bindings) {
- List<VCExprVar!>! res = new List<VCExprVar!> ();
- foreach (VCExprLetBinding! b in bindings)
+ private static List<VCExprVar/*!*/>/*!*/ toSeq(List<VCExprLetBinding/*!*/>/*!*/ bindings){
+Contract.Requires(cce.NonNullElements(bindings));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExprVar>>()));
+ List<VCExprVar> res = new List<VCExprVar> ();
+ foreach (VCExprLetBinding/*!*/ b in bindings)
res.Add(b.V);
return res;
}
- internal VCExprLet(List<VCExprLetBinding!>! bindings,
- VCExpr! body) {
- base(new List<TypeVariable!> (), toSeq(bindings), body);
+ internal VCExprLet(List<VCExprLetBinding/*!*/>/*!*/ bindings, VCExpr/*!*/ body) :base(new List<TypeVariable/*!*/>(), toSeq(bindings), body){
+ Contract.Requires(cce.NonNullElements(bindings));
+ Contract.Requires(body != null);
this.Bindings = bindings;
}
- public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg>! visitor, Arg arg) {
+ public override Result Accept<Result, Arg>(IVCExprVisitor<Result, Arg> visitor, Arg arg) {
+ Contract.Requires(visitor != null);
return visitor.Visit(this, arg);
}
}
diff --git a/Source/VCExpr/VCExprASTPrinter.cs b/Source/VCExpr/VCExprASTPrinter.cs index 796a2b4e..5e310c1c 100644 --- a/Source/VCExpr/VCExprASTPrinter.cs +++ b/Source/VCExpr/VCExprASTPrinter.cs @@ -8,7 +8,7 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// A simple visitor for turning a VCExpr into a human-readable string
@@ -17,19 +17,24 @@ using Microsoft.Basetypes; namespace Microsoft.Boogie.VCExprAST
{
- public class VCExprPrinter : IVCExprVisitor<bool, TextWriter!> {
+ public class VCExprPrinter : IVCExprVisitor<bool, TextWriter/*!*/> {
private VCExprOpPrinter OpPrinterVar = null;
- private VCExprOpPrinter! OpPrinter { get {
+ private VCExprOpPrinter/*!*/ OpPrinter { get {Contract.Ensures(Contract.Result<VCExprOpPrinter>() != null);
+
if (OpPrinterVar == null)
OpPrinterVar = new VCExprOpPrinter(this);
return OpPrinterVar;
} }
- public void Print(VCExpr! expr, TextWriter! wr) {
- expr.Accept<bool, TextWriter!>(this, wr);
+ public void Print(VCExpr expr, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(expr != null);
+ expr.Accept<bool, TextWriter/*!*/>(this, wr);
}
- public bool Visit(VCExprLiteral! node, TextWriter! wr) {
+ public bool Visit(VCExprLiteral node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
if (node == VCExpressionGenerator.True)
wr.Write("true");
else if (node == VCExpressionGenerator.False)
@@ -37,11 +42,14 @@ namespace Microsoft.Boogie.VCExprAST else if (node is VCExprIntLit) {
wr.Write(((VCExprIntLit)node).Val);
} else
- assert false;
+ Contract.Assert(false); throw new cce.UnreachableException();
return true;
}
- public bool Visit(VCExprNAry! node, TextWriter! wr) {
- VCExprOp! op = node.Op;
+ public bool Visit(VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+ VCExprOp/*!*/ op = node.Op;
+ Contract.Assert(op != null);
if (op.Equals(VCExpressionGenerator.AndOp) ||
op.Equals(VCExpressionGenerator.OrOp)) {
@@ -49,12 +57,13 @@ namespace Microsoft.Boogie.VCExprAST wr.Write("({0}",
op.Equals(VCExpressionGenerator.AndOp) ? "And" : "Or");
- IEnumerator! enumerator = new VCExprNAryUniformOpEnumerator (node);
+ IEnumerator/*!*/ enumerator = new VCExprNAryUniformOpEnumerator (node);
+ Contract.Assert(enumerator != null);
while (enumerator.MoveNext()) {
VCExprNAry naryExpr = enumerator.Current as VCExprNAry;
if (naryExpr == null || !naryExpr.Op.Equals(op)) {
wr.Write(" ");
- Print((VCExpr!)enumerator.Current, wr);
+ Print(cce.NonNull((VCExpr/*!*/)enumerator.Current), wr);
}
}
@@ -63,21 +72,27 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- return node.Accept<bool, TextWriter!>(OpPrinter, wr);
+ return node.Accept<bool, TextWriter/*!*/>(OpPrinter, wr);
}
- public bool Visit(VCExprVar! node, TextWriter! wr) {
+ public bool Visit(VCExprVar node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
wr.Write(node.Name);
return true;
}
- public bool Visit(VCExprQuantifier! node, TextWriter! wr) {
- string! quan = node.Quan == Quantifier.ALL ? "Forall" : "Exists";
+ public bool Visit(VCExprQuantifier node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+ string/*!*/ quan = node.Quan == Quantifier.ALL ? "Forall" : "Exists";
+ Contract.Assert(quan != null);
wr.Write("({0} ", quan);
if (node.TypeParameters.Count > 0) {
wr.Write("<");
- string! sep = "";
- foreach (TypeVariable! v in node.TypeParameters) {
+ string/*!*/ sep = "";
+ foreach(TypeVariable/*!*/ v in node.TypeParameters){
+Contract.Assert(v != null);
wr.Write(sep);
sep = ", ";
wr.Write("{0}", v.Name);
@@ -86,8 +101,9 @@ namespace Microsoft.Boogie.VCExprAST }
if (node.BoundVars.Count > 0) {
- string! sep = "";
- foreach (VCExprVar! v in node.BoundVars) {
+ string/*!*/ sep = "";
+ foreach(VCExprVar/*!*/ v in node.BoundVars){
+Contract.Assert(v != null);
wr.Write(sep);
sep = ", ";
Print(v, wr);
@@ -99,12 +115,14 @@ namespace Microsoft.Boogie.VCExprAST if (node.Triggers.Count > 0) {
wr.Write("{0} ", "{");
- string! sep = "";
- foreach (VCTrigger! t in node.Triggers) {
+ string/*!*/ sep = "";
+ foreach(VCTrigger/*!*/ t in node.Triggers){
+Contract.Assert(t != null);
wr.Write(sep);
sep = ", ";
- string! sep2 = "";
- foreach (VCExpr! e in t.Exprs) {
+ string/*!*/ sep2 = "";
+ foreach(VCExpr/*!*/ e in t.Exprs){
+Contract.Assert(e != null);
wr.Write(sep2);
sep2 = "+";
Print(e, wr);
@@ -117,11 +135,14 @@ namespace Microsoft.Boogie.VCExprAST wr.Write(")");
return true;
}
- public bool Visit(VCExprLet! node, TextWriter! wr) {
+ public bool Visit(VCExprLet node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
wr.Write("(Let ");
- string! sep = "";
- foreach (VCExprLetBinding! b in node) {
+ string/*!*/ sep = "";
+ foreach(VCExprLetBinding/*!*/ b in node){
+Contract.Assert(b != null);
wr.Write(sep);
sep = ", ";
Print(b.V, wr);
@@ -136,16 +157,26 @@ namespace Microsoft.Boogie.VCExprAST }
}
- public class VCExprOpPrinter : IVCExprOpVisitor<bool, TextWriter!> {
- private VCExprPrinter! ExprPrinter;
+ public class VCExprOpPrinter : IVCExprOpVisitor<bool, TextWriter/*!*/> {
+ private VCExprPrinter/*!*/ ExprPrinter;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(ExprPrinter != null);
+ }
+
- public VCExprOpPrinter(VCExprPrinter! exprPrinter) {
+ public VCExprOpPrinter(VCExprPrinter exprPrinter){
+Contract.Requires(exprPrinter != null);
this.ExprPrinter = exprPrinter;
}
- private bool PrintNAry(string! op, VCExprNAry! node, TextWriter! wr) {
+ private bool PrintNAry(string op, VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+Contract.Requires(op != null);
wr.Write("({0}", op);
- foreach (VCExpr! arg in node) {
+ foreach(VCExpr/*!*/ arg in node){
+Contract.Assert(arg != null);
wr.Write(" ");
ExprPrinter.Print(arg, wr);
}
@@ -153,92 +184,148 @@ namespace Microsoft.Boogie.VCExprAST return true;
}
- public bool VisitNotOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitNotOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("!", node, wr);
}
- public bool VisitEqOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitEqOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("==", node, wr);
}
- public bool VisitNeqOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitNeqOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("!=", node, wr);
}
- public bool VisitAndOp (VCExprNAry! node, TextWriter! wr) {
- assert false;
+ public bool VisitAndOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+ Contract.Assert(false); throw new cce.UnreachableException();
}
- public bool VisitOrOp (VCExprNAry! node, TextWriter! wr) {
- assert false;
+ public bool VisitOrOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+ Contract.Assert(false); throw new cce.UnreachableException();
}
- public bool VisitImpliesOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitImpliesOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("Implies", node, wr);
}
- public bool VisitDistinctOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitDistinctOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("Distinct", node, wr);
}
- public bool VisitLabelOp (VCExprNAry! node, TextWriter! wr) {
- VCExprLabelOp! op = (VCExprLabelOp)node.Op;
+ public bool VisitLabelOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+VCExprLabelOp/*!*/ op = (VCExprLabelOp)node.Op;
+Contract.Assert(op != null);
return PrintNAry("Label " + op.label, node, wr);
}
- public bool VisitSelectOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitSelectOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("Select", node, wr);
}
- public bool VisitStoreOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitStoreOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("Store", node, wr);
}
- public bool VisitBvOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitBvOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("Bv", node, wr);
}
- public bool VisitBvExtractOp(VCExprNAry! node, TextWriter! wr) {
+ public bool VisitBvExtractOp(VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("BvExtract", node, wr);
}
- public bool VisitBvConcatOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitBvConcatOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("BvConcat", node, wr);
}
- public bool VisitIfThenElseOp(VCExprNAry! node, TextWriter! wr) {
+ public bool VisitIfThenElseOp(VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("if-then-else", node, wr);
}
- public bool VisitCustomOp(VCExprNAry! node, TextWriter! wr) {
+ public bool VisitCustomOp(VCExprNAry/*!*/ node, TextWriter/*!*/ wr) {
+ Contract.Requires(node!=null);
+ Contract.Requires(wr != null);
VCExprCustomOp op = (VCExprCustomOp)node.Op;
return PrintNAry(op.Name, node, wr);
}
- public bool VisitAddOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitAddOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
if (CommandLineOptions.Clo.ReflectAdd) {
return PrintNAry("Reflect$Add", node, wr);
} else {
return PrintNAry("+", node, wr);
}
}
- public bool VisitSubOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitSubOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("-", node, wr);
}
- public bool VisitMulOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitMulOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("*", node, wr);
}
- public bool VisitDivOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitDivOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("/", node, wr);
}
- public bool VisitModOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitModOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("%", node, wr);
}
- public bool VisitLtOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitLtOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("<", node, wr);
}
- public bool VisitLeOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitLeOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("<=", node, wr);
}
- public bool VisitGtOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitGtOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry(">", node, wr);
}
- public bool VisitGeOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitGeOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry(">=", node, wr);
}
- public bool VisitSubtypeOp (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitSubtypeOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("<:", node, wr);
}
- public bool VisitSubtype3Op (VCExprNAry! node, TextWriter! wr) {
+ public bool VisitSubtype3Op (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
return PrintNAry("<::", node, wr);
}
- public bool VisitBoogieFunctionOp (VCExprNAry! node, TextWriter! wr) {
- VCExprBoogieFunctionOp! op = (VCExprBoogieFunctionOp)node.Op;
+ public bool VisitBoogieFunctionOp (VCExprNAry node, TextWriter wr){
+Contract.Requires(wr != null);
+Contract.Requires(node != null);
+VCExprBoogieFunctionOp/*!*/ op = (VCExprBoogieFunctionOp)node.Op;
+Contract.Assert(op != null);
return PrintNAry(op.Func.Name, node, wr);
}
}
diff --git a/Source/VCExpr/VCExprASTVisitors.cs b/Source/VCExpr/VCExprASTVisitors.cs index c9d56962..4a13cbb5 100644 --- a/Source/VCExpr/VCExprASTVisitors.cs +++ b/Source/VCExpr/VCExprASTVisitors.cs @@ -8,51 +8,223 @@ using System.Text; using System.IO;
using System.Collections;
using System.Collections.Generic;
-using Microsoft.Contracts;
+using System.Diagnostics.Contracts;
using Microsoft.Basetypes;
// Some visitor skeletons for the VCExpression AST
-namespace Microsoft.Boogie.VCExprAST
-{
+namespace Microsoft.Boogie.VCExprAST {
using Microsoft.Boogie;
- public interface IVCExprVisitor<Result, Arg> {
- Result Visit(VCExprLiteral! node, Arg arg);
- Result Visit(VCExprNAry! node, Arg arg);
- Result Visit(VCExprVar! node, Arg arg);
- Result Visit(VCExprQuantifier! node, Arg arg);
- Result Visit(VCExprLet! node, Arg arg);
+ [ContractClass(typeof(IVCExprVisitorContracts<,>))]
+ public interface IVCExprVisitor<Result,Arg> {
+ Result Visit(VCExprLiteral/*!*/ node, Arg arg);
+ Result Visit(VCExprNAry/*!*/ node, Arg arg);
+ Result Visit(VCExprVar/*!*/ node, Arg arg);
+ Result Visit(VCExprQuantifier/*!*/ node, Arg arg);
+ Result Visit(VCExprLet/*!*/ node, Arg arg);
}
+ [ContractClassFor(typeof(IVCExprVisitor<,>))]
+ public abstract class IVCExprVisitorContracts<Result,Arg> : IVCExprVisitor<Result,Arg> {
+ #region IVCExprVisitor Members
+ public Result Visit(VCExprLiteral node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result Visit(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result Visit(VCExprVar node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result Visit(VCExprQuantifier node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result Visit(VCExprLet node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ #endregion
+ }
+ [ContractClass(typeof(IVCExprOpVisitorContracts<,>))]
public interface IVCExprOpVisitor<Result, Arg> {
- Result VisitNotOp (VCExprNAry! node, Arg arg);
- Result VisitEqOp (VCExprNAry! node, Arg arg);
- Result VisitNeqOp (VCExprNAry! node, Arg arg);
- Result VisitAndOp (VCExprNAry! node, Arg arg);
- Result VisitOrOp (VCExprNAry! node, Arg arg);
- Result VisitImpliesOp (VCExprNAry! node, Arg arg);
- Result VisitDistinctOp (VCExprNAry! node, Arg arg);
- Result VisitLabelOp (VCExprNAry! node, Arg arg);
- Result VisitSelectOp (VCExprNAry! node, Arg arg);
- Result VisitStoreOp (VCExprNAry! node, Arg arg);
- Result VisitBvOp (VCExprNAry! node, Arg arg);
- Result VisitBvExtractOp(VCExprNAry! node, Arg arg);
- Result VisitBvConcatOp (VCExprNAry! node, Arg arg);
- Result VisitAddOp (VCExprNAry! node, Arg arg);
- Result VisitSubOp (VCExprNAry! node, Arg arg);
- Result VisitMulOp (VCExprNAry! node, Arg arg);
- Result VisitDivOp (VCExprNAry! node, Arg arg);
- Result VisitModOp (VCExprNAry! node, Arg arg);
- Result VisitLtOp (VCExprNAry! node, Arg arg);
- Result VisitLeOp (VCExprNAry! node, Arg arg);
- Result VisitGtOp (VCExprNAry! node, Arg arg);
- Result VisitGeOp (VCExprNAry! node, Arg arg);
- Result VisitSubtypeOp (VCExprNAry! node, Arg arg);
- Result VisitSubtype3Op (VCExprNAry! node, Arg arg);
- Result VisitBoogieFunctionOp (VCExprNAry! node, Arg arg);
- Result VisitIfThenElseOp (VCExprNAry! node, Arg arg);
- Result VisitCustomOp (VCExprNAry! node, Arg arg);
+ Result VisitNotOp(VCExprNAry node, Arg arg);
+ Result VisitEqOp(VCExprNAry node, Arg arg);
+ Result VisitNeqOp(VCExprNAry node, Arg arg);
+ Result VisitAndOp(VCExprNAry node, Arg arg);
+ Result VisitOrOp(VCExprNAry node, Arg arg);
+ Result VisitImpliesOp(VCExprNAry node, Arg arg);
+ Result VisitDistinctOp(VCExprNAry node, Arg arg);
+ Result VisitLabelOp(VCExprNAry node, Arg arg);
+ Result VisitSelectOp(VCExprNAry node, Arg arg);
+ Result VisitStoreOp(VCExprNAry node, Arg arg);
+ Result VisitBvOp(VCExprNAry node, Arg arg);
+ Result VisitBvExtractOp(VCExprNAry node, Arg arg);
+ Result VisitBvConcatOp(VCExprNAry node, Arg arg);
+ Result VisitAddOp(VCExprNAry node, Arg arg);
+ Result VisitSubOp(VCExprNAry node, Arg arg);
+ Result VisitMulOp(VCExprNAry node, Arg arg);
+ Result VisitDivOp(VCExprNAry node, Arg arg);
+ Result VisitModOp(VCExprNAry node, Arg arg);
+ Result VisitLtOp(VCExprNAry node, Arg arg);
+ Result VisitLeOp(VCExprNAry node, Arg arg);
+ Result VisitGtOp(VCExprNAry node, Arg arg);
+ Result VisitGeOp(VCExprNAry node, Arg arg);
+ Result VisitSubtypeOp(VCExprNAry node, Arg arg);
+ Result VisitSubtype3Op(VCExprNAry node, Arg arg);
+ Result VisitBoogieFunctionOp(VCExprNAry node, Arg arg);
+ Result VisitIfThenElseOp(VCExprNAry node, Arg arg);
+ Result VisitCustomOp (VCExprNAry node, Arg arg);
+ }
+ [ContractClassFor(typeof(IVCExprOpVisitor<,>))]
+ public abstract class IVCExprOpVisitorContracts<Result, Arg>:IVCExprOpVisitor<Result,Arg> {
+ #region IVCExprOpVisitor<Result,Arg> Members
+
+ public Result VisitNotOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitEqOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitNeqOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitAndOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitOrOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitImpliesOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitDistinctOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitLabelOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitSelectOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitStoreOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitBvOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitBvExtractOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitBvConcatOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitAddOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitSubOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitMulOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitDivOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitModOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitLtOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitLeOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitGtOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitGeOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitSubtypeOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitSubtype3Op(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitBoogieFunctionOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitIfThenElseOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ public Result VisitCustomOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+
+ #endregion
}
//////////////////////////////////////////////////////////////////////////////
@@ -64,29 +236,35 @@ namespace Microsoft.Boogie.VCExprAST // operator, e.g., (AND (AND (AND ...) ...) ...). This is necessary
// to avoid stack overflows
+
+ [ContractClass(typeof(TraversingVCExprVisitorContracts<,>))]
public abstract class TraversingVCExprVisitor<Result, Arg>
: IVCExprVisitor<Result, Arg> {
- protected abstract Result StandardResult(VCExpr! node, Arg arg);
+ protected abstract Result StandardResult(VCExpr/*!*/ node, Arg arg);
- public Result Traverse(VCExpr! node, Arg arg) {
+ public Result Traverse(VCExpr node, Arg arg) {
+ Contract.Requires(node != null);
return node.Accept(this, arg);
}
- public virtual Result Visit(VCExprLiteral! node, Arg arg) {
+ public virtual Result Visit(VCExprLiteral node, Arg arg) {
+ Contract.Requires(node != null);
return StandardResult(node, arg);
}
- public virtual Result Visit(VCExprNAry! node, Arg arg) {
+ public virtual Result Visit(VCExprNAry node, Arg arg){
+Contract.Requires(node != null);
Result res = StandardResult(node, arg);
if (node.TypeParamArity == 0) {
- VCExprOp! op = node.Op;
+ Contract.Assert(node.Op != null);
+ VCExprOp op = node.Op;
IEnumerator enumerator = new VCExprNAryUniformOpEnumerator(node);
enumerator.MoveNext(); // skip the node itself
while (enumerator.MoveNext()) {
- VCExpr! expr = (VCExpr!)enumerator.Current;
+ VCExpr/*!*/ expr = cce.NonNull((VCExpr/*!*/)enumerator.Current);
VCExprNAry naryExpr = expr as VCExprNAry;
if (naryExpr == null || !naryExpr.Op.Equals(op)) {
expr.Accept(this, arg);
@@ -95,34 +273,45 @@ namespace Microsoft.Boogie.VCExprAST }
}
} else {
- foreach (VCExpr! e in node)
- e.Accept(this, arg);
+ foreach (VCExpr e in node){Contract.Assert(e != null);
+ e.Accept(this, arg);}
}
return res;
}
- public virtual Result Visit(VCExprVar! node, Arg arg) {
+ public virtual Result Visit(VCExprVar node, Arg arg) {
+ Contract.Requires(node != null);
return StandardResult(node, arg);
}
- public virtual Result Visit(VCExprQuantifier! node, Arg arg) {
+ public virtual Result Visit(VCExprQuantifier node, Arg arg){
+Contract.Requires(node != null);
Result res = StandardResult(node, arg);
- foreach (VCTrigger! trigger in node.Triggers)
- foreach (VCExpr! expr in trigger.Exprs)
- expr.Accept(this, arg);
+ foreach (VCTrigger/*!*/ trigger in node.Triggers){Contract.Assert(trigger != null);
+ foreach (VCExpr/*!*/ expr in trigger.Exprs) {
+ Contract.Assert(expr != null);
+ expr.Accept(this, arg);}}
node.Body.Accept(this, arg);
return res;
}
- public virtual Result Visit(VCExprLet! node, Arg arg) {
+ public virtual Result Visit(VCExprLet node, Arg arg){
+Contract.Requires(node != null);
Result res = StandardResult(node, arg);
// visit the bound expressions first
- foreach (VCExprLetBinding! binding in node)
- binding.E.Accept(this, arg);
+ foreach (VCExprLetBinding/*!*/ binding in node) {
+ Contract.Assert(binding != null);
+ binding.E.Accept(this, arg);}
node.Body.Accept(this, arg);
return res;
}
}
-
+ [ContractClassFor(typeof(TraversingVCExprVisitor<,>))]
+ public abstract class TraversingVCExprVisitorContracts<Result, Arg> : TraversingVCExprVisitor<Result, Arg> {
+ protected override Result StandardResult(VCExpr node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+ }
//////////////////////////////////////////////////////////////////////////////
// Class to iterate over the nodes of a tree of VCExprNAry. This is
// used to avoid handling such VCExpr recursively, which can easily
@@ -130,13 +319,19 @@ namespace Microsoft.Boogie.VCExprAST public class VCExprNAryEnumerator : IEnumerator {
- private readonly VCExprNAry! CompleteExpr;
+ private readonly VCExprNAry/*!*/ CompleteExpr;
private VCExpr CurrentExpr = null;
- private readonly Stack<VCExpr!>! ExprTodo = new Stack<VCExpr!> ();
-
- public VCExprNAryEnumerator(VCExprNAry! completeExpr) {
+ private readonly Stack<VCExpr/*!*/>/*!*/ ExprTodo = new Stack<VCExpr/*!*/>();
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(CompleteExpr != null);
+ Contract.Invariant(cce.NonNullElements(ExprTodo));
+ }
+
+ public VCExprNAryEnumerator(VCExprNAry completeExpr){
+Contract.Requires(completeExpr != null);
this.CompleteExpr = completeExpr;
- Stack<VCExpr!>! exprTodo = new Stack<VCExpr!> ();
+ Stack<VCExpr/*!*/>/*!*/ exprTodo = new Stack<VCExpr/*!*/>();
exprTodo.Push(completeExpr);
ExprTodo = exprTodo;
}
@@ -144,10 +339,11 @@ namespace Microsoft.Boogie.VCExprAST // Method using which a subclass can decide whether the
// subexpressions of an expression should be enumerated as well
// The default is to enumerate all nodes
- protected virtual bool Descend(VCExprNAry! expr) {
+ protected virtual bool Descend(VCExprNAry expr) {
+ Contract.Requires(expr != null);
return true;
}
-
+
////////////////////////////////////////////////////////////////////////////
public bool MoveNext() {
@@ -160,14 +356,15 @@ namespace Microsoft.Boogie.VCExprAST for (int i = currentNAry.Arity - 1; i >= 0; --i)
ExprTodo.Push(currentNAry[i]);
}
-
+
return true;
}
public object Current {
get {
- return (!)CurrentExpr;
- } }
+ return cce.NonNull(CurrentExpr);
+ }
+ }
public void Reset() {
ExprTodo.Clear();
@@ -176,19 +373,27 @@ namespace Microsoft.Boogie.VCExprAST }
}
-
+
//////////////////////////////////////////////////////////////////////////////
public class VCExprNAryUniformOpEnumerator : VCExprNAryEnumerator {
- private readonly VCExprOp! Op;
- public VCExprNAryUniformOpEnumerator(VCExprNAry! completeExpr) {
- base(completeExpr);
+ private readonly VCExprOp/*!*/ Op;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Op != null);
+ }
+
+ public VCExprNAryUniformOpEnumerator(VCExprNAry completeExpr)
+ : base(completeExpr) {
+ Contract.Requires(completeExpr != null);
+
this.Op = completeExpr.Op;
}
- protected override bool Descend(VCExprNAry! expr) {
+ protected override bool Descend(VCExprNAry expr) {
+ Contract.Requires(expr != null);
return expr.Op.Equals(Op) &&
- // we never skip nodes with type parameters
- // (those are too interesting ...)
+ // we never skip nodes with type parameters
+ // (those are too interesting ...)
expr.TypeParamArity == 0;
}
}
@@ -200,19 +405,33 @@ namespace Microsoft.Boogie.VCExprAST : TraversingVCExprVisitor<Result, Arg> {
// Maps with all variables bound above a certain location in the VCExpression.
// The value of the map tells how often a particular symbol was bound
- private readonly IDictionary<VCExprVar!, int>! BoundTermVarsDict =
- new Dictionary<VCExprVar!, int> ();
- private readonly IDictionary<TypeVariable!, int>! BoundTypeVarsDict =
- new Dictionary<TypeVariable!, int> ();
-
- protected ICollection<VCExprVar!>! BoundTermVars { get {
- return BoundTermVarsDict.Keys;
- } }
- protected ICollection<TypeVariable!>! BoundTypeVars { get {
- return BoundTypeVarsDict.Keys;
- } }
-
- private void AddBoundVar<T>(IDictionary<T!, int>! dict, T! sym) {
+ private readonly IDictionary<VCExprVar/*!*/, int>/*!*/ BoundTermVarsDict =
+ new Dictionary<VCExprVar/*!*/, int>();
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(BoundTermVarsDict));
+ Contract.Invariant(cce.NonNullElements(BoundTypeVarsDict));
+ }
+
+ private readonly IDictionary<TypeVariable/*!*/, int>/*!*/ BoundTypeVarsDict =
+ new Dictionary<TypeVariable/*!*/, int>();
+
+ protected ICollection<VCExprVar/*!*/>/*!*/ BoundTermVars {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<ICollection<VCExprVar>>()));
+ return BoundTermVarsDict.Keys;
+ }
+ }
+ protected ICollection<TypeVariable/*!*/>/*!*/ BoundTypeVars {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result<ICollection<TypeVariable>>()));
+ return BoundTypeVarsDict.Keys;
+ }
+ }
+
+ private void AddBoundVar<T>(IDictionary<T, int> dict, T sym) {
+ Contract.Requires(sym != null);
+ Contract.Requires(cce.NonNullElements(dict));
int n;
if (dict.TryGetValue(sym, out n))
dict[sym] = n + 1;
@@ -220,47 +439,54 @@ namespace Microsoft.Boogie.VCExprAST dict[sym] = 1;
}
- private void RemoveBoundVar<T>(IDictionary<T!, int>! dict, T! sym) {
+ private void RemoveBoundVar<T>(IDictionary<T/*!*/, int/*!*/>/*!*/ dict, T sym) {
+ Contract.Requires(sym != null);
+ Contract.Requires(cce.NonNullElements(dict));
int n;
bool b = dict.TryGetValue(sym, out n);
- assert b && n > 0;
+ Contract.Assert(b && n > 0);
if (n == 1)
dict.Remove(sym);
else
dict[sym] = n - 1;
}
- public override Result Visit(VCExprQuantifier! node, Arg arg) {
+ public override Result Visit(VCExprQuantifier node, Arg arg){
+Contract.Requires(node != null);
// we temporarily add bound (term and type) variables to the
// corresponding lists
- foreach (VCExprVar! v in node.BoundVars)
- AddBoundVar<VCExprVar>(BoundTermVarsDict, v);
- foreach (TypeVariable! v in node.TypeParameters)
- AddBoundVar<TypeVariable>(BoundTypeVarsDict, v);
+ foreach (VCExprVar/*!*/ v in node.BoundVars){Contract.Assert(v != null);
+ AddBoundVar<VCExprVar>(BoundTermVarsDict, v);}
+ foreach (TypeVariable/*!*/ v in node.TypeParameters){Contract.Assert(v != null);
+ AddBoundVar<TypeVariable>(BoundTypeVarsDict, v);}
Result res;
try {
res = VisitAfterBinding(node, arg);
} finally {
- foreach (VCExprVar! v in node.BoundVars)
- RemoveBoundVar<VCExprVar>(BoundTermVarsDict, v);
- foreach (TypeVariable! v in node.TypeParameters)
- RemoveBoundVar<TypeVariable>(BoundTypeVarsDict, v);
+ foreach (VCExprVar/*!*/ v in node.BoundVars){Contract.Assert(v != null);
+ RemoveBoundVar<VCExprVar>(BoundTermVarsDict, v);}
+ foreach (TypeVariable/*!*/ v in node.TypeParameters) {
+ Contract.Assert(v != null);
+ RemoveBoundVar<TypeVariable>(BoundTypeVarsDict, v);}
}
return res;
}
- public override Result Visit(VCExprLet! node, Arg arg) {
+ public override Result Visit(VCExprLet node, Arg arg){
+Contract.Requires(node != null);
// we temporarily add bound term variables to the
// corresponding lists
- foreach (VCExprVar! v in node.BoundVars)
- AddBoundVar<VCExprVar>(BoundTermVarsDict, v);
+ foreach (VCExprVar/*!*/ v in node.BoundVars){Contract.Assert(v != null);
+ AddBoundVar<VCExprVar>(BoundTermVarsDict, v);}
Result res;
try {
res = VisitAfterBinding(node, arg);
} finally {
- foreach (VCExprVar! v in node.BoundVars)
+ foreach (VCExprVar/*!*/ v in node.BoundVars) {
+ Contract.Assert(v != null);
RemoveBoundVar<VCExprVar>(BoundTermVarsDict, v);
+ }
}
return res;
}
@@ -271,11 +497,13 @@ namespace Microsoft.Boogie.VCExprAST // (when overriding the normal visit-methods, the node will be visited
// before the binding happens)
- protected virtual Result VisitAfterBinding(VCExprQuantifier! node, Arg arg) {
+ protected virtual Result VisitAfterBinding(VCExprQuantifier node, Arg arg) {
+ Contract.Requires(node != null);
return base.Visit(node, arg);
}
- protected virtual Result VisitAfterBinding(VCExprLet! node, Arg arg) {
+ protected virtual Result VisitAfterBinding(VCExprLet node, Arg arg) {
+ Contract.Requires(node != null);
return base.Visit(node, arg);
}
}
@@ -285,174 +513,231 @@ namespace Microsoft.Boogie.VCExprAST // As the visitor is not used anywhere for the time being, it maybe should
// be removed
+ [ContractClass(typeof(CollectingVCExprVisitorContracts<,>))]
public abstract class CollectingVCExprVisitor<Result, Arg>
: IVCExprVisitor<Result, Arg> {
- protected abstract Result CombineResults(List<Result>! results, Arg arg);
+ protected abstract Result CombineResults(List<Result>/*!*/ results, Arg arg);
- public Result Collect(VCExpr! node, Arg arg) {
+ public Result Collect(VCExpr node, Arg arg) {
+ Contract.Requires(node != null);
return node.Accept(this, arg);
}
- public virtual Result Visit(VCExprLiteral! node, Arg arg) {
- return CombineResults(new List<Result> (), arg);
+ public virtual Result Visit(VCExprLiteral node, Arg arg) {
+ Contract.Requires(node != null);
+ return CombineResults(new List<Result>(), arg);
}
- public virtual Result Visit(VCExprNAry! node, Arg arg) {
- List<Result>! results = new List<Result> ();
- foreach (VCExpr! subnode in node)
- results.Add(subnode.Accept(this, arg));
+ public virtual Result Visit(VCExprNAry node, Arg arg){
+Contract.Requires(node != null);
+ List<Result>/*!*/ results = new List<Result> ();
+ foreach (VCExpr/*!*/ subnode in node) {
+ Contract.Assert(subnode != null);
+ results.Add(subnode.Accept(this, arg));}
return CombineResults(results, arg);
}
- public virtual Result Visit(VCExprVar! node, Arg arg) {
- return CombineResults(new List<Result> (), arg);
+ public virtual Result Visit(VCExprVar node, Arg arg) {
+ Contract.Requires(node != null);
+ return CombineResults(new List<Result>(), arg);
}
- public virtual Result Visit(VCExprQuantifier! node, Arg arg) {
- List<Result>! result = new List<Result> ();
+ public virtual Result Visit(VCExprQuantifier node, Arg arg){
+Contract.Requires(node != null);
+ List<Result>/*!*/ result = new List<Result> ();
result.Add(node.Body.Accept(this, arg));
- foreach (VCTrigger! trigger in node.Triggers)
- foreach (VCExpr! expr in trigger.Exprs)
- result.Add(expr.Accept(this, arg));
+ foreach (VCTrigger/*!*/ trigger in node.Triggers){Contract.Assert(trigger != null);
+ foreach (VCExpr/*!*/ expr in trigger.Exprs) {
+ Contract.Assert(expr != null);
+ result.Add(expr.Accept(this, arg));}}
return CombineResults(result, arg);
}
- public virtual Result Visit(VCExprLet! node, Arg arg) {
- List<Result>! results = new List<Result> ();
+ public virtual Result Visit(VCExprLet node, Arg arg){
+Contract.Requires(node != null);
+ List<Result>/*!*/ results = new List<Result> ();
// visit the bound expressions first
- foreach (VCExprLetBinding! binding in node)
+ foreach (VCExprLetBinding/*!*/ binding in node) {
+ Contract.Assert(binding != null);
results.Add(binding.E.Accept(this, arg));
+ }
results.Add(node.Body.Accept(this, arg));
return CombineResults(results, arg);
}
}
-
+ [ContractClassFor(typeof(CollectingVCExprVisitor<,>))]
+ public abstract class CollectingVCExprVisitorContracts<Result, Arg> : CollectingVCExprVisitor<Result, Arg> {
+ protected override Result CombineResults(List<Result> results, Arg arg) {
+ Contract.Requires(results != null);
+ throw new NotImplementedException();
+ }
+ }
////////////////////////////////////////////////////////////////////////////
- public class SizeComputingVisitor : TraversingVCExprVisitor<bool, bool> {
+ public class SizeComputingVisitor : TraversingVCExprVisitor<bool, bool> {
- private int Size = 0;
+ private int Size = 0;
- public static int ComputeSize(VCExpr! expr) {
- SizeComputingVisitor! visitor = new SizeComputingVisitor();
- visitor.Traverse(expr, true);
- return visitor.Size;
- }
-
- protected override bool StandardResult(VCExpr! node, bool arg) {
- Size = Size + 1;
- return true;
+ public static int ComputeSize(VCExpr expr) {
+ Contract.Requires(expr != null);
+ SizeComputingVisitor/*!*/ visitor = new SizeComputingVisitor();
+ visitor.Traverse(expr, true);
+ return visitor.Size;
+ }
+
+ protected override bool StandardResult(VCExpr node, bool arg) {
+ Contract.Requires(node != null);
+ Size = Size + 1;
+ return true;
+ }
}
- }
- ////////////////////////////////////////////////////////////////////////////
+ ////////////////////////////////////////////////////////////////////////////
- // Collect all free term and type variables in a VCExpr. Type variables
- // can occur free either in the types of bound variables, or in the type
- // parameters of VCExprNAry.
+ // Collect all free term and type variables in a VCExpr. Type variables
+ // can occur free either in the types of bound variables, or in the type
+ // parameters of VCExprNAry.
+
+ // the result and argument (of type bool) are not used currently
+ public class FreeVariableCollector : BoundVarTraversingVCExprVisitor<bool, bool> {
+ public readonly Dictionary<VCExprVar/*!*/, object>/*!*/ FreeTermVars = new Dictionary<VCExprVar/*!*/, object>();
+ public readonly List<TypeVariable/*!*/>/*!*/ FreeTypeVars = new List<TypeVariable/*!*/>();
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(cce.NonNullElements(FreeTermVars));
+ Contract.Invariant(cce.NonNullElements(FreeTypeVars));
+ }
- // the result and argument (of type bool) are not used currently
- public class FreeVariableCollector : BoundVarTraversingVCExprVisitor<bool, bool> {
- public readonly Dictionary<VCExprVar!,object>! FreeTermVars = new Dictionary<VCExprVar!,object> ();
- public readonly List<TypeVariable!>! FreeTypeVars = new List<TypeVariable!> ();
- // not used
- protected override bool StandardResult(VCExpr! node, bool arg) {
- return true;
- }
+ // not used
+ protected override bool StandardResult(VCExpr node, bool arg) {
+ Contract.Requires(node != null);
+ return true;
+ }
- public static Dictionary<VCExprVar!,object>! FreeTermVariables(VCExpr! node) {
- FreeVariableCollector collector = new FreeVariableCollector ();
- collector.Traverse(node, true);
- return collector.FreeTermVars;
- }
+ public static Dictionary<VCExprVar/*!*/, object/*!*/>/*!*/ FreeTermVariables(VCExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<Dictionary<VCExprVar, object>>()));
+ FreeVariableCollector collector = new FreeVariableCollector();
+ collector.Traverse(node, true);
+ return collector.FreeTermVars;
+ }
- public static List<TypeVariable!>! FreeTypeVariables(VCExpr! node) {
- FreeVariableCollector collector = new FreeVariableCollector ();
- collector.Traverse(node, true);
- return collector.FreeTypeVars;
- }
+ public static List<TypeVariable/*!*/>/*!*/ FreeTypeVariables(VCExpr node) {
+ Contract.Requires(node != null);
+ Contract.Ensures(cce.NonNullElements(Contract.Result<List<TypeVariable>>()));
+ FreeVariableCollector collector = new FreeVariableCollector();
+ collector.Traverse(node, true);
+ return collector.FreeTypeVars;
+ }
- public void Reset() {
- FreeTermVars.Clear();
- FreeTypeVars.Clear();
- }
+ public void Reset() {
+ FreeTermVars.Clear();
+ FreeTypeVars.Clear();
+ }
- public void Collect(VCExpr! node) {
- Traverse(node, true);
- }
+ public void Collect(VCExpr node) {
+ Contract.Requires(node != null);
+ Traverse(node, true);
+ }
- public void Collect(Type! type) {
- AddTypeVariables(type.FreeVariables.ToList());
- }
+ public void Collect(Type type) {
+ Contract.Requires(type != null);
+ AddTypeVariables(type.FreeVariables.ToList());
+ }
- /////////////////////////////////////////////////////////////////////////
+ /////////////////////////////////////////////////////////////////////////
- private void CollectTypeVariables(IEnumerable<VCExprVar!>! boundVars) {
- foreach (VCExprVar! var in boundVars)
+ private void CollectTypeVariables(IEnumerable<VCExprVar/*!*/>/*!*/ boundVars){Contract.Requires(cce.NonNullElements(boundVars));
+ foreach (VCExprVar/*!*/ var in boundVars) {
+ Contract.Assert(var != null);
Collect(var.Type);
+ }
}
- private void AddTypeVariables(IEnumerable<TypeVariable!>! typeVars) {
- foreach (TypeVariable! tvar in typeVars)
- if (!BoundTypeVars.Contains(tvar) && !FreeTypeVars.Contains(tvar))
- FreeTypeVars.Add(tvar);
- }
+ private void AddTypeVariables(IEnumerable<TypeVariable/*!*/>/*!*/ typeVars) {
+ Contract.Requires(cce.NonNullElements(typeVars));
+ foreach (TypeVariable/*!*/ tvar in typeVars) {
+ Contract.Assert(tvar != null);
+ if (!BoundTypeVars.Contains(tvar) && !FreeTypeVars.Contains(tvar))
+ FreeTypeVars.Add(tvar);
+ }
+ }
- public override bool Visit(VCExprVar! node, bool arg) {
- if (!BoundTermVars.Contains(node) && !FreeTermVars.ContainsKey(node)) {
- FreeTermVars.Add(node, null);
- Collect(node.Type);
+ public override bool Visit(VCExprVar node, bool arg) {
+ Contract.Requires(node != null);
+ if (!BoundTermVars.Contains(node) && !FreeTermVars.ContainsKey(node)) {
+ FreeTermVars.Add(node, null);
+ Collect(node.Type);
+ }
+ return true;
}
- return true;
- }
- public override bool Visit(VCExprNAry! node, bool arg) {
- foreach (Type! t in node.TypeArguments)
- Collect(t);
- return base.Visit(node, arg);
- }
+ public override bool Visit(VCExprNAry node, bool arg) {
+ Contract.Requires(node != null);
+ foreach (Type/*!*/ t in node.TypeArguments) {
+ Contract.Assert(t != null);
+ Collect(t);
+ }
+ return base.Visit(node, arg);
+ }
- protected override bool VisitAfterBinding(VCExprQuantifier! node, bool arg) {
- CollectTypeVariables(node.BoundVars);
- return base.VisitAfterBinding(node, arg);
- }
+ protected override bool VisitAfterBinding(VCExprQuantifier node, bool arg) {
+ Contract.Requires(node != null);
+ CollectTypeVariables(node.BoundVars);
+ return base.VisitAfterBinding(node, arg);
+ }
- protected override bool VisitAfterBinding(VCExprLet! node, bool arg) {
- CollectTypeVariables(node.BoundVars);
- return base.VisitAfterBinding(node, arg);
+ protected override bool VisitAfterBinding(VCExprLet node, bool arg) {
+ Contract.Requires(node != null);
+ CollectTypeVariables(node.BoundVars);
+ return base.VisitAfterBinding(node, arg);
+ }
}
- }
-
- ////////////////////////////////////////////////////////////////////////////
- // Framework for mutating VCExprs
- // The Visit implementations in the following visitor work
- // recursively, apart from the implementation for VCExprNAry that
- // uses its own stack when applied to nested nodes with the same
- // operator, e.g., (AND (AND (AND ...) ...) ...). This is necessary
- // to avoid stack overflows (like in TraversingVCExprVisitor)
+ ////////////////////////////////////////////////////////////////////////////
+ // Framework for mutating VCExprs
+
+ // The Visit implementations in the following visitor work
+ // recursively, apart from the implementation for VCExprNAry that
+ // uses its own stack when applied to nested nodes with the same
+ // operator, e.g., (AND (AND (AND ...) ...) ...). This is necessary
+ // to avoid stack overflows (like in TraversingVCExprVisitor)
+
+ public abstract class MutatingVCExprVisitor<Arg>
+ : IVCExprVisitor<VCExpr/*!*/, Arg> {
+ protected readonly VCExpressionGenerator/*!*/ Gen;
+ [ContractInvariantMethod]
+ void ObjectInvariant() {
+ Contract.Invariant(Gen != null);
+ }
- public abstract class MutatingVCExprVisitor<Arg>
- : IVCExprVisitor<VCExpr!, Arg> {
- protected readonly VCExpressionGenerator! Gen;
- public MutatingVCExprVisitor(VCExpressionGenerator! gen) {
- this.Gen = gen;
- }
+ public MutatingVCExprVisitor(VCExpressionGenerator gen) {
+ Contract.Requires(gen != null);
+ this.Gen = gen;
+ }
- public VCExpr! Mutate(VCExpr! expr, Arg arg) {
- return expr.Accept(this, arg);
- }
+ public VCExpr Mutate(VCExpr expr, Arg arg) {
+ Contract.Requires(expr != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ return expr.Accept(this, arg);
+ }
- public List<VCExpr!>! MutateSeq(IEnumerable<VCExpr!>! exprs, Arg arg) {
- List<VCExpr!>! res = new List<VCExpr!> ();
- foreach (VCExpr! expr in exprs)
+ public List<VCExpr/*!*/>/*!*/ MutateSeq(IEnumerable<VCExpr/*!*/>/*!*/ exprs, Arg arg){
+Contract.Requires(cce.NonNullElements(exprs));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
+ List<VCExpr/*!*/>/*!*/ res = new List<VCExpr/*!*/> ();
+ foreach (VCExpr/*!*/ expr in exprs) {
+ Contract.Assert(expr != null);
res.Add(expr.Accept(this, arg));
+ }
return res;
}
- private List<VCExpr!>! MutateList(List<VCExpr!>! exprs, Arg arg) {
+ private List<VCExpr/*!*/>/*!*/ MutateList(List<VCExpr/*!*/>/*!*/ exprs, Arg arg){
+Contract.Requires(cce.NonNullElements(exprs));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCExpr>>()));
bool changed = false;
- List<VCExpr!>! res = new List<VCExpr!> ();
- foreach (VCExpr! expr in exprs) {
- VCExpr! newExpr = expr.Accept(this, arg);
+ List<VCExpr/*!*/>/*!*/ res = new List<VCExpr/*!*/> ();
+ foreach (VCExpr/*!*/ expr in exprs) {Contract.Assert(expr != null);
+ VCExpr/*!*/ newExpr = expr.Accept(this, arg);
if (!Object.ReferenceEquals(expr, newExpr))
changed = true;
res.Add(newExpr);
@@ -462,54 +747,69 @@ namespace Microsoft.Boogie.VCExprAST return res;
}
- public virtual VCExpr! Visit(VCExprLiteral! node, Arg arg) {
- return node;
- }
-
- ////////////////////////////////////////////////////////////////////////////
-
- // Special element used to mark the positions in the todo-stack where
- // results have to be popped from the result-stack.
- private static readonly VCExpr! CombineResultsMarker = new VCExprLiteral (Type.Bool);
+ public virtual VCExpr Visit(VCExprLiteral node, Arg arg) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ return node;
+ }
- // The todo-stack contains records of the shape
- //
- // arg0
- // arg1
- // arg2
- // ...
- // CombineResultsMarker
- // f(arg0, arg1, arg2, ...) (the original expression)
+ ////////////////////////////////////////////////////////////////////////////
+
+ // Special element used to mark the positions in the todo-stack where
+ // results have to be popped from the result-stack.
+ private static readonly VCExpr/*!*/ CombineResultsMarker = new VCExprLiteral(Type.Bool);
+
+ // The todo-stack contains records of the shape
+ //
+ // arg0
+ // arg1
+ // arg2
+ // ...
+ // CombineResultsMarker
+ // f(arg0, arg1, arg2, ...) (the original expression)
+
+ private readonly Stack<VCExpr/*!*/>/*!*/ NAryExprTodoStack = new Stack<VCExpr/*!*/>();
+ private readonly Stack<VCExpr/*!*/>/*!*/ NAryExprResultStack = new Stack<VCExpr/*!*/>();
+ [ContractInvariantMethod]
+ void ObjectInvarianta() {
+ Contract.Invariant(cce.NonNullElements(NAryExprResultStack));
+ Contract.Invariant(cce.NonNullElements(NAryExprTodoStack));
+ }
- private readonly Stack<VCExpr!>! NAryExprTodoStack = new Stack<VCExpr!> ();
- private readonly Stack<VCExpr!>! NAryExprResultStack = new Stack<VCExpr!> ();
- private void PushTodo(VCExprNAry! exprTodo) {
- NAryExprTodoStack.Push(exprTodo);
- NAryExprTodoStack.Push(CombineResultsMarker);
- for (int i = exprTodo.Arity - 1; i >= 0; --i)
- NAryExprTodoStack.Push(exprTodo[i]);
- }
+ private void PushTodo(VCExprNAry exprTodo) {
+ Contract.Requires(exprTodo != null);
+ NAryExprTodoStack.Push(exprTodo);
+ NAryExprTodoStack.Push(CombineResultsMarker);
+ for (int i = exprTodo.Arity - 1; i >= 0; --i)
+ NAryExprTodoStack.Push(exprTodo[i]);
+ }
- public virtual VCExpr! Visit(VCExprNAry! node, Arg arg) {
- VCExprOp! op = node.Op;
+ public virtual VCExpr Visit(VCExprNAry node, Arg arg){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExprOp/*!*/ op = node.Op;
+ Contract.Assert(op != null);
int initialStackSize = NAryExprTodoStack.Count;
int initialResultStackSize = NAryExprResultStack.Count;
PushTodo(node);
while (NAryExprTodoStack.Count > initialStackSize) {
- VCExpr! subExpr = NAryExprTodoStack.Pop();
+ VCExpr/*!*/ subExpr = NAryExprTodoStack.Pop();
+ Contract.Assert(subExpr != null);
if (Object.ReferenceEquals(subExpr, CombineResultsMarker)) {
//
// assemble a result
- VCExprNAry! originalExpr = (VCExprNAry)NAryExprTodoStack.Pop();
+ VCExprNAry/*!*/ originalExpr = (VCExprNAry)NAryExprTodoStack.Pop();
+ Contract.Assert(originalExpr != null);
bool changed = false;
- List<VCExpr!>! newSubExprs = new List<VCExpr!> ();
+ List<VCExpr/*!*/>/*!*/ newSubExprs = new List<VCExpr/*!*/> ();
for (int i = op.Arity - 1; i >= 0; --i) {
- VCExpr! nextSubExpr = NAryExprResultStack.Pop();
+ VCExpr/*!*/ nextSubExpr = NAryExprResultStack.Pop();
+ Contract.Assert(nextSubExpr != null);
if (!Object.ReferenceEquals(nextSubExpr, originalExpr[i]))
changed = true;
newSubExprs.Insert(0, nextSubExpr);
@@ -532,35 +832,41 @@ namespace Microsoft.Boogie.VCExprAST }
}
- assert NAryExprTodoStack.Count == initialStackSize &&
- NAryExprResultStack.Count == initialResultStackSize + 1;
+ Contract.Assert(NAryExprTodoStack.Count == initialStackSize && NAryExprResultStack.Count == initialResultStackSize + 1);
return NAryExprResultStack.Pop();
}
- protected virtual VCExpr! UpdateModifiedNode(VCExprNAry! originalNode,
- List<VCExpr!>! newSubExprs,
- // has any of the subexpressions changed?
- bool changed,
- Arg arg) {
- if (changed)
- return Gen.Function(originalNode.Op,
- newSubExprs, originalNode.TypeArguments);
- else
- return originalNode;
- }
+ protected virtual VCExpr/*!*/ UpdateModifiedNode(VCExprNAry/*!*/ originalNode, List<VCExpr/*!*/>/*!*/ newSubExprs, // has any of the subexpressions changed?
+ bool changed,
+ Arg arg) {
+ Contract.Requires(cce.NonNullElements(newSubExprs));
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
- ////////////////////////////////////////////////////////////////////////////
+ if (changed)
+ return Gen.Function(originalNode.Op,
+ newSubExprs, originalNode.TypeArguments);
+ else
+ return originalNode;
+ }
- public virtual VCExpr! Visit(VCExprVar! node, Arg arg) {
- return node;
- }
+ ////////////////////////////////////////////////////////////////////////////
+
+ public virtual VCExpr Visit(VCExprVar node, Arg arg) {
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ return node;
+ }
- protected List<VCTrigger!>! MutateTriggers(List<VCTrigger!>! triggers, Arg arg) {
- List<VCTrigger!>! newTriggers = new List<VCTrigger!> ();
+ protected List<VCTrigger/*!*/>/*!*/ MutateTriggers(List<VCTrigger/*!*/>/*!*/ triggers, Arg arg){
+Contract.Requires(cce.NonNullElements(triggers));
+Contract.Ensures(cce.NonNullElements(Contract.Result<List<VCTrigger>>()));
+ List<VCTrigger/*!*/>/*!*/ newTriggers = new List<VCTrigger/*!*/> ();
bool changed = false;
- foreach (VCTrigger! trigger in triggers) {
- List<VCExpr!>! exprs = trigger.Exprs;
- List<VCExpr!>! newExprs = MutateList(exprs, arg);
+ foreach (VCTrigger/*!*/ trigger in triggers) {
+ Contract.Assert(trigger != null);
+ List<VCExpr/*!*/>/*!*/ exprs = trigger.Exprs;
+ List<VCExpr/*!*/>/*!*/ newExprs = MutateList(exprs, arg);
+
if (Object.ReferenceEquals(exprs, newExprs)) {
newTriggers.Add(trigger);
} else {
@@ -573,17 +879,23 @@ namespace Microsoft.Boogie.VCExprAST return newTriggers;
}
- public virtual VCExpr! Visit(VCExprQuantifier! node, Arg arg) {
+ public virtual VCExpr Visit(VCExprQuantifier node, Arg arg){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
bool changed = false;
- VCExpr! body = node.Body;
- VCExpr! newbody = body.Accept(this, arg);
+ VCExpr/*!*/ body = node.Body;
+ Contract.Assert(body != null);
+ VCExpr/*!*/ newbody = body.Accept(this, arg);
+ Contract.Assert(newbody != null);
if (!Object.ReferenceEquals(body, newbody))
changed = true;
// visit the trigger expressions as well
- List<VCTrigger!>! triggers = node.Triggers;
- List<VCTrigger!>! newTriggers = MutateTriggers(triggers, arg);
+ List<VCTrigger/*!*/>/*!*/ triggers = node.Triggers;
+ Contract.Assert(cce.NonNullElements(triggers));
+ List<VCTrigger/*!*/>/*!*/ newTriggers = MutateTriggers(triggers, arg);
+ Contract.Assert(cce.NonNullElements(newTriggers));
if (!Object.ReferenceEquals(triggers, newTriggers))
changed = true;
@@ -593,19 +905,22 @@ namespace Microsoft.Boogie.VCExprAST newTriggers, node.Infos, newbody);
}
- public virtual VCExpr! Visit(VCExprLet! node, Arg arg) {
+ public virtual VCExpr Visit(VCExprLet node, Arg arg){
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
bool changed = false;
- VCExpr! body = node.Body;
- VCExpr! newbody = body.Accept(this, arg);
+ VCExpr/*!*/ body = node.Body;
+ VCExpr/*!*/ newbody = body.Accept(this, arg);
if (!Object.ReferenceEquals(body, newbody))
changed = true;
- List<VCExprLetBinding!>! newbindings = new List<VCExprLetBinding!> ();
+ List<VCExprLetBinding/*!*/>/*!*/ newbindings = new List<VCExprLetBinding/*!*/> ();
for (int i = 0; i < node.Length; ++i) {
- VCExprLetBinding! binding = node[i];
- VCExpr! e = binding.E;
- VCExpr! newE = e.Accept(this, arg);
+ VCExprLetBinding/*!*/ binding = node[i];
+ Contract.Assert(binding != null);
+ VCExpr/*!*/ e = binding.E;
+ VCExpr/*!*/ newE = e.Accept(this, arg);
if (Object.ReferenceEquals(e, newE)) {
newbindings.Add(binding);
} else {
@@ -618,174 +933,220 @@ namespace Microsoft.Boogie.VCExprAST return node;
return Gen.Let(newbindings, newbody);
}
- }
-
- ////////////////////////////////////////////////////////////////////////////
- // Substitutions and a visitor for applying substitutions. A substitution can
- // substitute both type variables and term variables
+ }
- public class VCExprSubstitution {
- private readonly List<IDictionary<VCExprVar!, VCExpr!>!>! TermSubsts;
- private readonly List<IDictionary<TypeVariable!, Type!>!>! TypeSubsts;
+ ////////////////////////////////////////////////////////////////////////////
+ // Substitutions and a visitor for applying substitutions. A substitution can
+ // substitute both type variables and term variables
+
+ public class VCExprSubstitution {
+ private readonly List<IDictionary<VCExprVar/*!*/, VCExpr/*!*/>/*!*/>/*!*/ TermSubsts;
+ [ContractInvariantMethod]
+ void TermSubstsInvariantMethod() {
+ Contract.Invariant(TermSubsts != null && Contract.ForAll(TermSubsts, i => cce.NonNullElements(i)));
+ }
+ private readonly List<IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/>/*!*/ TypeSubsts;
+ [ContractInvariantMethod]
+ void TypeSubstsInvariantMethod() {
+ Contract.Invariant(TermSubsts != null && Contract.ForAll(TypeSubsts, i => cce.NonNullElements(i)));
+ }
- public VCExprSubstitution(IDictionary<VCExprVar!, VCExpr!>! termSubst,
- IDictionary<TypeVariable!, Type!>! typeSubst) {
- List<IDictionary<VCExprVar!, VCExpr!>!>! termSubsts =
- new List<IDictionary<VCExprVar!, VCExpr!>!> ();
+ public VCExprSubstitution(IDictionary<VCExprVar/*!*/, VCExpr/*!*/>/*!*/ termSubst, IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ typeSubst) {
+ Contract.Requires(cce.NonNullElements(termSubst));
+ Contract.Requires(cce.NonNullElements(typeSubst));
+ List<IDictionary<VCExprVar/*!*/, VCExpr/*!*/>/*!*/>/*!*/ termSubsts =
+ new List<IDictionary<VCExprVar/*!*/, VCExpr/*!*/>/*!*/> ();
termSubsts.Add(termSubst);
- List<IDictionary<TypeVariable!, Type!>!>! typeSubsts =
- new List<IDictionary<TypeVariable!, Type!>!> ();
+ List<IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/>/*!*/ typeSubsts =
+ new List<IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/>();
typeSubsts.Add(typeSubst);
this.TermSubsts = termSubsts;
this.TypeSubsts = typeSubsts;
}
- public VCExprSubstitution() {
- this(new Dictionary<VCExprVar!, VCExpr!> (), new Dictionary<TypeVariable!, Type!> ());
+ public VCExprSubstitution() :this(new Dictionary<VCExprVar/*!*/, VCExpr/*!*/>(), new Dictionary<TypeVariable/*!*/, Type/*!*/>()){
+
}
- public void PushScope() {
- TermSubsts.Add(new Dictionary<VCExprVar!, VCExpr!> ());
- TypeSubsts.Add(new Dictionary<TypeVariable!, Type!> ());
+ public void PushScope() {
+ TermSubsts.Add(new Dictionary<VCExprVar/*!*/, VCExpr/*!*/> ());
+ TypeSubsts.Add(new Dictionary<TypeVariable/*!*/, Type/*!*/>());
}
- public void PopScope() {
- TermSubsts.RemoveAt(TermSubsts.Count - 1);
- TypeSubsts.RemoveAt(TypeSubsts.Count - 1);
- }
+ public void PopScope() {
+ TermSubsts.RemoveAt(TermSubsts.Count - 1);
+ TypeSubsts.RemoveAt(TypeSubsts.Count - 1);
+ }
- public VCExpr this[VCExprVar! var] {
- get {
- VCExpr res;
- for (int i = TermSubsts.Count - 1; i >= 0; --i) {
- if (TermSubsts[i].TryGetValue(var, out res))
- return res;
+ public VCExpr this[VCExprVar/*!*/ var] {
+ get {
+ Contract.Requires(var != null);
+ VCExpr res;
+ for (int i = TermSubsts.Count - 1; i >= 0; --i) {
+ if (TermSubsts[i].TryGetValue(var, out res))
+ return res;
+ }
+ return null;
+ }
+ set {
+ TermSubsts[TermSubsts.Count - 1][var] = cce.NonNull(value);
}
- return null;
- }
- set {
- TermSubsts[TermSubsts.Count - 1][var] = (!)value;
}
- }
- public Type this[TypeVariable! var] {
- get {
- Type res;
- for (int i = TypeSubsts.Count - 1; i >= 0; --i) {
- if (TypeSubsts[i].TryGetValue(var, out res))
- return res;
+ public Type this[TypeVariable/*!*/ var] {
+ get {
+ Contract.Requires(var != null);
+ Type res;
+ for (int i = TypeSubsts.Count - 1; i >= 0; --i) {
+ if (TypeSubsts[i].TryGetValue(var, out res))
+ return res;
+ }
+ return null;
+ }
+ set {
+ TypeSubsts[TypeSubsts.Count - 1][var] = cce.NonNull(value);
}
- return null;
- }
- set {
- TypeSubsts[TypeSubsts.Count - 1][var] = (!)value;
}
- }
- public bool ContainsKey(VCExprVar! var) {
- return this[var] != null;
- }
+ public bool ContainsKey(VCExprVar var) {
+ Contract.Requires(var != null);
+ return this[var] != null;
+ }
- public bool ContainsKey(TypeVariable! var) {
- return this[var] != null;
- }
+ public bool ContainsKey(TypeVariable var) {
+ Contract.Requires(var != null);
+ return this[var] != null;
+ }
- public bool TermSubstIsEmpty { get {
- return forall{IDictionary<VCExprVar!, VCExpr!>! dict in TermSubsts;
- dict.Count == 0};
- } }
+ public bool TermSubstIsEmpty {
+ get {
+ return Contract.ForAll(TermSubsts, dict => dict.Count == 0);
+ }
+ }
- public bool TypeSubstIsEmpty { get {
- return forall{IDictionary<TypeVariable!, Type!>! dict in TypeSubsts;
- dict.Count == 0};
- } }
+ public bool TypeSubstIsEmpty {
+ get {
+ return Contract.ForAll(TypeSubsts, dict => dict.Count == 0);
+ }
+ }
- public IDictionary<TypeVariable!, Type!>! ToTypeSubst { get {
- IDictionary<TypeVariable!, Type!>! res = new Dictionary<TypeVariable!, Type!> ();
- foreach (IDictionary<TypeVariable!, Type!>! dict in TypeSubsts)
- foreach (KeyValuePair<TypeVariable!, Type!> pair in dict)
- // later ones overwrite earlier ones
- res[pair.Key] = pair.Value;
- return res;
- } }
+ public IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ ToTypeSubst {
+ get {
+ Contract.Ensures(cce.NonNullElements(Contract.Result < IDictionary<TypeVariable, Type>>()));
+ IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ res = new Dictionary<TypeVariable/*!*/, Type/*!*/>();
+ foreach (IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ dict in TypeSubsts) {
+ foreach (KeyValuePair<TypeVariable/*!*/, Type/*!*/> pair in dict) {
+ Contract.Assert(cce.NonNullElements(pair));
+ // later ones overwrite earlier ones
+ res[pair.Key] = pair.Value;
+ }
+ }
+ return res;
+ }
+ }
- // the variables that are not mapped to themselves
- public IEnumerable<VCExprVar!>! TermDomain { get {
- Dictionary<VCExprVar!, bool>! domain = new Dictionary<VCExprVar!, bool> ();
- foreach (IDictionary<VCExprVar!, VCExpr!>! dict in TermSubsts)
- foreach (VCExprVar! var in dict.Keys)
+ // the variables that are not mapped to themselves
+ public IEnumerable<VCExprVar/*!*/>/*!*/ TermDomain {
+ get {Contract.Ensures(cce.NonNullElements(Contract.Result<IEnumerable<VCExprVar>>()));
+ Dictionary<VCExprVar/*!*/, bool>/*!*/ domain = new Dictionary<VCExprVar/*!*/, bool> ();
+ foreach (IDictionary<VCExprVar/*!*/, VCExpr/*!*/>/*!*/ dict in TermSubsts) {
+ Contract.Assert(dict != null);
+ foreach (VCExprVar/*!*/ var in dict.Keys) {
+ Contract.Assert(var != null);
if (!var.Equals(this[var]))
domain.Add(var, true);
+ }
+ }
return domain.Keys;
- } }
+ }
+ }
- // the variables that are not mapped to themselves
- public IEnumerable<TypeVariable!>! TypeDomain { get {
- Dictionary<TypeVariable!, bool>! domain = new Dictionary<TypeVariable!, bool> ();
- foreach (IDictionary<TypeVariable!, Type!>! dict in TypeSubsts)
- foreach (TypeVariable! var in dict.Keys)
+ // the variables that are not mapped to themselves
+ public IEnumerable<TypeVariable/*!*/>/*!*/ TypeDomain {
+ get {Contract.Ensures(cce.NonNullElements(Contract.Result<IEnumerable<TypeVariable>>()));
+ Dictionary<TypeVariable/*!*/, bool>/*!*/ domain = new Dictionary<TypeVariable/*!*/, bool> ();
+ foreach (IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ dict in TypeSubsts) {
+ Contract.Assert(dict != null);
+ foreach (TypeVariable/*!*/ var in dict.Keys) {
+ Contract.Assert(var != null);
if (!var.Equals(this[var]))
domain.Add(var, true);
+ }
+ }
return domain.Keys;
- } }
-
- public FreeVariableCollector! Codomains { get {
- FreeVariableCollector! coll = new FreeVariableCollector ();
- foreach (VCExprVar! var in TermDomain)
- coll.Collect((!)this[var]);
- foreach (TypeVariable! var in TypeDomain)
- coll.Collect((!)this[var]);
+ }
+ }
+
+ public FreeVariableCollector/*!*/ Codomains {
+ get {Contract.Ensures(Contract.Result<FreeVariableCollector>() != null);
+
+ FreeVariableCollector/*!*/ coll = new FreeVariableCollector ();
+ foreach (VCExprVar/*!*/ var in TermDomain)
+ coll.Collect(cce.NonNull(this)[var]);
+ foreach (TypeVariable/*!*/ var in TypeDomain)
+ coll.Collect(cce.NonNull(this)[var]);
return coll;
- } }
+ }
+ }
- public VCExprSubstitution! Clone() {
- VCExprSubstitution! res = new VCExprSubstitution ();
- foreach (IDictionary<VCExprVar!, VCExpr!>! dict in TermSubsts)
+ public VCExprSubstitution Clone() {
+Contract.Ensures(Contract.Result<VCExprSubstitution>() != null);
+ VCExprSubstitution/*!*/ res = new VCExprSubstitution ();
+ foreach (IDictionary<VCExprVar/*!*/, VCExpr/*!*/>/*!*/ dict in TermSubsts)
res.TermSubsts.Add(HelperFuns.Clone(dict));
- foreach (IDictionary<TypeVariable!, Type!>! dict in TypeSubsts)
+ foreach (IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ dict in TypeSubsts)
res.TypeSubsts.Add(HelperFuns.Clone(dict));
return res;
}
- }
+ }
- /////////////////////////////////////////////////////////////////////////////////
+ /////////////////////////////////////////////////////////////////////////////////
- public class SubstitutingVCExprVisitor
- : MutatingVCExprVisitor<VCExprSubstitution!> {
- public SubstitutingVCExprVisitor(VCExpressionGenerator! gen) {
- base(gen);
- }
+ public class SubstitutingVCExprVisitor
+ : MutatingVCExprVisitor<VCExprSubstitution/*!*/> {
+ public SubstitutingVCExprVisitor(VCExpressionGenerator gen) :base(gen){
+ Contract.Requires(gen != null);
+
+ }
- // when descending across a binder, we have to check that no collisions
- // or variable capture can occur. if this might happen, we replace the
- // term and type variables bound by the binder with fresh variables
- private bool CollisionPossible(IEnumerable<TypeVariable!>! typeParams,
- IEnumerable<VCExprVar!>! boundVars,
- VCExprSubstitution! substitution) {
+ // when descending across a binder, we have to check that no collisions
+ // or variable capture can occur. if this might happen, we replace the
+ // term and type variables bound by the binder with fresh variables
+ private bool CollisionPossible(IEnumerable<TypeVariable/*!*/>/*!*/ typeParams, IEnumerable<VCExprVar/*!*/>/*!*/ boundVars, VCExprSubstitution/*!*/ substitution) {
+ Contract.Requires(cce.NonNullElements(typeParams));
+ Contract.Requires(cce.NonNullElements(boundVars));
+ Contract.Requires(substitution != null);
// variables can be shadowed by a binder
- if (exists{TypeVariable! var in typeParams; substitution.ContainsKey(var)} ||
- exists{VCExprVar! var in boundVars; substitution.ContainsKey(var)})
+ if (Contract.Exists(typeParams, var=> substitution.ContainsKey(var)) ||
+ Contract.Exists(boundVars, var=> substitution.ContainsKey(var)))
return true;
// compute the codomain of the substitution
- FreeVariableCollector! coll = substitution.Codomains;
+ FreeVariableCollector coll = substitution.Codomains;
+ Contract.Assert(coll != null);
// variables could be captured when applying the substitution
- return exists{TypeVariable! var in typeParams; coll.FreeTypeVars.Contains(var)} ||
- exists{VCExprVar! var in boundVars; coll.FreeTermVars.ContainsKey(var)};
+ return Contract.Exists(typeParams, var=> coll.FreeTypeVars.Contains(var)) ||
+ Contract.Exists(boundVars, var=> coll.FreeTermVars.ContainsKey(var));
}
- // can be overwritten if names of bound variables are to be changed
- protected virtual string! ChooseNewVariableName(string! oldName) {
- return oldName;
- }
+ // can be overwritten if names of bound variables are to be changed
+ protected virtual string ChooseNewVariableName(string oldName) {
+ Contract.Requires(oldName != null);
+ Contract.Ensures(Contract.Result<string>() != null);
+ return oldName;
+ }
- // handle type parameters in VCExprNAry
- protected override VCExpr! UpdateModifiedNode(VCExprNAry! originalNode,
- List<VCExpr!>! newSubExprs,
- bool changed,
- VCExprSubstitution! substitution) {
- List<Type!>! typeParams = new List<Type!> ();
- foreach (Type! t in originalNode.TypeArguments) {
- Type! newType = t.Substitute(substitution.ToTypeSubst);
+ // handle type parameters in VCExprNAry
+ protected override VCExpr/*!*/ UpdateModifiedNode(VCExprNAry/*!*/ originalNode, List<VCExpr/*!*/>/*!*/ newSubExprs, bool changed, VCExprSubstitution/*!*/ substitution) {
+ Contract.Requires(originalNode != null);
+ Contract.Requires(cce.NonNullElements(newSubExprs));
+ Contract.Requires(substitution != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ List<Type/*!*/>/*!*/ typeParams = new List<Type/*!*/> ();
+ foreach (Type/*!*/ t in originalNode.TypeArguments) {
+ Contract.Assert(t != null);
+ Type/*!*/ newType = t.Substitute(substitution.ToTypeSubst);
+ Contract.Assert(newType != null);
if (!ReferenceEquals(t, newType))
changed = true;
typeParams.Add(newType);
@@ -796,211 +1157,272 @@ namespace Microsoft.Boogie.VCExprAST return originalNode;
}
- public override VCExpr! Visit(VCExprQuantifier! node,
- VCExprSubstitution! substitution) {
- // the default is to refresh bound variables only if necessary
- // because of collisions
- return Visit(node, substitution, false);
- }
-
- public VCExpr! Visit(VCExprQuantifier! node,
- VCExprSubstitution! substitution,
- bool refreshBoundVariables) {
- substitution.PushScope(); try {
+ public override VCExpr/*!*/ Visit(VCExprQuantifier/*!*/ node, VCExprSubstitution/*!*/ substitution) {
+ Contract.Requires(node != null);
+ Contract.Requires(substitution != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
- List<TypeVariable!>! typeParams = node.TypeParameters;
- bool refreshAllVariables = refreshBoundVariables ||
- CollisionPossible(node.TypeParameters, node.BoundVars, substitution);
- if (refreshAllVariables) {
- // we introduce fresh type variables to ensure that none gets captured
- typeParams = new List<TypeVariable!> ();
- foreach (TypeVariable! var in node.TypeParameters) {
- TypeVariable! freshVar =
- new TypeVariable (Token.NoToken, ChooseNewVariableName(var.Name));
- typeParams.Add(freshVar);
- substitution[var] = freshVar;
- // this might overwrite other elements of the substitution, deliberately
- }
+ // the default is to refresh bound variables only if necessary
+ // because of collisions
+ return Visit(node, substitution, false);
}
- List<VCExprVar!>! boundVars = node.BoundVars;
- if (refreshAllVariables || !substitution.TypeSubstIsEmpty) {
- // collisions are possible, or we also substitute type variables. in this case
- // the bound term variables have to be replaced with fresh variables with the
- // right types
- boundVars = new List<VCExprVar!> ();
- IDictionary<TypeVariable!, Type!>! typeSubst = substitution.ToTypeSubst;
- foreach (VCExprVar! var in node.BoundVars) {
- VCExprVar! freshVar =
- Gen.Variable(ChooseNewVariableName(var.Name),
- var.Type.Substitute(typeSubst));
- boundVars.Add(freshVar);
- substitution[var] = freshVar;
- // this might overwrite other elements of the substitution, deliberately
- }
- }
+ public VCExpr/*!*/ Visit(VCExprQuantifier/*!*/ node, VCExprSubstitution/*!*/ substitution, bool refreshBoundVariables) {
+ Contract.Requires(node != null);
+ Contract.Requires(substitution != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+
+ substitution.PushScope();
+ try {
+
+ List<TypeVariable/*!*/>/*!*/ typeParams = node.TypeParameters;
+ Contract.Assert(cce.NonNullElements(typeParams));
+ bool refreshAllVariables = refreshBoundVariables ||
+ CollisionPossible(node.TypeParameters, node.BoundVars, substitution);
+ if (refreshAllVariables) {
+ // we introduce fresh type variables to ensure that none gets captured
+ typeParams = new List<TypeVariable/*!*/>();
+ foreach (TypeVariable/*!*/ var in node.TypeParameters) {
+ Contract.Assert(var != null);
+ TypeVariable/*!*/ freshVar =
+ new TypeVariable(Token.NoToken, ChooseNewVariableName(var.Name));
+ Contract.Assert(freshVar != null);
+ typeParams.Add(freshVar);
+ substitution[var] = freshVar;
+ // this might overwrite other elements of the substitution, deliberately
+ }
+ }
- List<VCTrigger!>! newTriggers = new List<VCTrigger!> ();
- foreach (VCTrigger! trigger in node.Triggers)
- newTriggers.Add(Gen.Trigger(trigger.Pos, MutateSeq(trigger.Exprs, substitution)));
+ List<VCExprVar/*!*/>/*!*/ boundVars = node.BoundVars;
+ Contract.Assert(cce.NonNullElements(boundVars));
+ if (refreshAllVariables || !substitution.TypeSubstIsEmpty) {
+ // collisions are possible, or we also substitute type variables. in this case
+ // the bound term variables have to be replaced with fresh variables with the
+ // right types
+ boundVars = new List<VCExprVar/*!*/>();
+ IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ typeSubst = substitution.ToTypeSubst;
+ Contract.Assert(cce.NonNullElements(typeSubst));
+ foreach (VCExprVar/*!*/ var in node.BoundVars) {
+ Contract.Assert(var != null);
+ VCExprVar/*!*/ freshVar =
+ Gen.Variable(ChooseNewVariableName(var.Name),
+ var.Type.Substitute(typeSubst));
+ Contract.Assert(freshVar != null);
+ boundVars.Add(freshVar);
+ substitution[var] = freshVar;
+ // this might overwrite other elements of the substitution, deliberately
+ }
+ }
- VCExpr! newBody = Mutate(node.Body, substitution);
+ List<VCTrigger/*!*/>/*!*/ newTriggers = new List<VCTrigger/*!*/>();
+ foreach (VCTrigger/*!*/ trigger in node.Triggers) {
+ Contract.Assert(trigger != null);
+ newTriggers.Add(Gen.Trigger(trigger.Pos, MutateSeq(trigger.Exprs, substitution)));
+ }
- return Gen.Quantify(node.Quan, typeParams, boundVars,
- newTriggers, node.Infos, newBody);
+ VCExpr/*!*/ newBody = Mutate(node.Body, substitution);
+ Contract.Assert(newBody != null);
- } finally {
- substitution.PopScope();
+ return Gen.Quantify(node.Quan, typeParams, boundVars,
+ newTriggers, node.Infos, newBody);
+
+ } finally {
+ substitution.PopScope();
+ }
}
- }
- public override VCExpr! Visit(VCExprVar! node,
- VCExprSubstitution! substitution) {
- VCExpr res = substitution[node];
- if (res != null)
- return res;
- return node;
- }
+ public override VCExpr Visit(VCExprVar node, VCExprSubstitution substitution) {
+ Contract.Requires(substitution != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ VCExpr res = substitution[node];
+ if (res != null)
+ return res;
+ return node;
+ }
- public override VCExpr! Visit(VCExprLet! node,
- VCExprSubstitution! substitution) {
- // the default is to refresh bound variables only if necessary
- // because of collisions
- return Visit(node, substitution, false);
- }
+ public override VCExpr Visit(VCExprLet node, VCExprSubstitution substitution) {
+ Contract.Requires(substitution != null);
+ Contract.Requires(node != null);
+ Contract.Ensures(Contract.Result<VCExpr>() != null);
+ // the default is to refresh bound variables only if necessary
+ // because of collisions
+ return Visit(node, substitution, false);
+ }
- public VCExpr! Visit(VCExprLet! node,
- VCExprSubstitution! substitution,
- bool refreshBoundVariables) {
+ public VCExpr Visit(VCExprLet node, VCExprSubstitution substitution, bool refreshBoundVariables){
+Contract.Requires(substitution != null);
+Contract.Requires(node != null);
+Contract.Ensures(Contract.Result<VCExpr>() != null);
// let-expressions do not have type parameters (fortunately ...)
substitution.PushScope (); try {
bool refreshAllVariables =
refreshBoundVariables ||
!substitution.TypeSubstIsEmpty ||
- CollisionPossible(new List<TypeVariable!> (), node.BoundVars, substitution);
+ CollisionPossible(new List<TypeVariable/*!*/> (), node.BoundVars, substitution);
- List<VCExprVar!>! newBoundVars = node.BoundVars;
+ List<VCExprVar/*!*/>/*!*/ newBoundVars = node.BoundVars;
+ Contract.Assert(cce.NonNullElements(newBoundVars));
if (refreshAllVariables) {
// collisions are possible, or we also substitute type variables. in this case
// the bound term variables have to be replaced with fresh variables with the
// right types
- newBoundVars = new List<VCExprVar!> ();
- IDictionary<TypeVariable!, Type!>! typeSubst = substitution.ToTypeSubst;
- foreach (VCExprVar! var in node.BoundVars) {
- VCExprVar! freshVar =
+ newBoundVars = new List<VCExprVar/*!*/> ();
+ IDictionary<TypeVariable/*!*/, Type/*!*/>/*!*/ typeSubst = substitution.ToTypeSubst;
+ Contract.Assert(cce.NonNullElements(typeSubst));
+ foreach (VCExprVar/*!*/ var in node.BoundVars) {
+ Contract.Assert(var != null);
+ VCExprVar/*!*/ freshVar =
Gen.Variable(ChooseNewVariableName(var.Name),
var.Type.Substitute(typeSubst));
+ Contract.Assert(freshVar != null);
newBoundVars.Add(freshVar);
substitution[var] = freshVar;
// this might overwrite other elements of the substitution, deliberately
}
}
- List<VCExprLetBinding!>! newbindings = new List<VCExprLetBinding!> ();
+ List<VCExprLetBinding/*!*/>/*!*/ newbindings = new List<VCExprLetBinding/*!*/> ();
for (int i = 0; i < node.Length; ++i) {
- VCExprLetBinding! binding = node[i];
+ VCExprLetBinding/*!*/ binding = node[i];
+ Contract.Assert(binding != null);
newbindings.Add(Gen.LetBinding(newBoundVars[i], Mutate(binding.E, substitution)));
}
-
- VCExpr! newBody = Mutate(node.Body, substitution);
+
+ VCExpr/*!*/ newBody = Mutate(node.Body, substitution);
+ Contract.Assert(newBody != null);
return Gen.Let(newbindings, newBody);
} finally {
substitution.PopScope();
}
}
- }
+ }
- ////////////////////////////////////////////////////////////////////////////
+ ////////////////////////////////////////////////////////////////////////////
+ [ContractClassFor(typeof(StandardVCExprOpVisitor<,>))]
+ public abstract class StandardVCExprOpVisitorContracts<Result, Arg> : StandardVCExprOpVisitor<Result, Arg> {
+ protected override Result StandardResult(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ throw new NotImplementedException();
+ }
+ }
- public abstract class StandardVCExprOpVisitor<Result, Arg>
- : IVCExprOpVisitor<Result, Arg> {
- protected abstract Result StandardResult(VCExprNAry! node, Arg arg);
- public virtual Result VisitNotOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitEqOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitNeqOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitAndOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitOrOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitImpliesOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitDistinctOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitLabelOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitSelectOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitStoreOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitBvOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitBvExtractOp(VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitBvConcatOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitIfThenElseOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitCustomOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitAddOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitSubOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitMulOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitDivOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitModOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitLtOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitLeOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitGtOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitGeOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitSubtypeOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
- }
- public virtual Result VisitSubtype3Op (VCExprNAry! node, Arg arg) {
+ [ContractClass(typeof(StandardVCExprOpVisitorContracts<,>))]
+ public abstract class StandardVCExprOpVisitor<Result, Arg>
+ : IVCExprOpVisitor<Result, Arg> {
+ protected abstract Result StandardResult(VCExprNAry/*!*/ node, Arg arg);
+
+ public virtual Result VisitNotOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitEqOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitNeqOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitAndOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitOrOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitImpliesOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitDistinctOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitLabelOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitSelectOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitStoreOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitBvOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitBvExtractOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitBvConcatOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitIfThenElseOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitCustomOp (VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
return StandardResult(node, arg);
}
- public virtual Result VisitBoogieFunctionOp (VCExprNAry! node, Arg arg) {
- return StandardResult(node, arg);
+ public virtual Result VisitAddOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitSubOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitMulOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitDivOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitModOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitLtOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitLeOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitGtOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitGeOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitSubtypeOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitSubtype3Op(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
+ public virtual Result VisitBoogieFunctionOp(VCExprNAry node, Arg arg) {
+ Contract.Requires(node != null);
+ return StandardResult(node, arg);
+ }
}
- }
-
-}
-
+ }
\ No newline at end of file |