oxilean-std 0.1.2

OxiLean standard library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685

//! Auto-generated module
//!
//! 🤖 Generated with [SplitRS](https://github.com/cool-japan/splitrs)

use oxilean_kernel::{BinderInfo, Declaration, Environment, Expr, Level, Name};
use std::collections::{HashMap, HashSet, VecDeque};

use super::types::{
    AbstractDomain, AbstractTransformer, AtomicProposition, BDDManager, BDDModelChecker,
    BuchiAutomaton, CounterExample, CounterExampleGuidedRefinement, CtlFormula, CtlModelChecker,
    CtlStarFormula, KripkeStructure, LtlFormula, LtlModelChecker, MuCalculusEvaluator, MuFormula,
    ParityGameZielonka, ProbabilisticMCVerifier, SpuriousCounterexample, StateLabel,
    SymbolicTransitionRelation, BDD,
};

pub fn app(f: Expr, a: Expr) -> Expr {
    Expr::App(Box::new(f), Box::new(a))
}
pub fn app2(f: Expr, a: Expr, b: Expr) -> Expr {
    app(app(f, a), b)
}
pub fn app3(f: Expr, a: Expr, b: Expr, c: Expr) -> Expr {
    app(app2(f, a, b), c)
}
pub fn cst(s: &str) -> Expr {
    Expr::Const(Name::str(s), vec![])
}
pub fn prop() -> Expr {
    Expr::Sort(Level::zero())
}
pub fn type0() -> Expr {
    Expr::Sort(Level::succ(Level::zero()))
}
pub fn pi(bi: BinderInfo, name: &str, dom: Expr, body: Expr) -> Expr {
    Expr::Pi(bi, Name::str(name), Box::new(dom), Box::new(body))
}
pub fn arrow(a: Expr, b: Expr) -> Expr {
    pi(BinderInfo::Default, "_", a, b)
}
pub fn impl_pi(name: &str, dom: Expr, body: Expr) -> Expr {
    pi(BinderInfo::Implicit, name, dom, body)
}
pub fn bvar(n: u32) -> Expr {
    Expr::BVar(n)
}
pub fn nat_ty() -> Expr {
    cst("Nat")
}
pub fn bool_ty() -> Expr {
    cst("Bool")
}
/// KripkeStructure: (S, S_0, R, L)
pub fn kripke_structure_ty() -> Expr {
    type0()
}
/// AtomicProposition: boolean-valued proposition on states
pub fn atomic_proposition_ty() -> Expr {
    type0()
}
/// StateLabel: set of atomic propositions true in a state
pub fn state_label_ty() -> Expr {
    arrow(cst("State"), type0())
}
/// reachable_states: the set of states reachable from initial states
pub fn reachable_states_ty() -> Expr {
    arrow(cst("KripkeStructure"), app(cst("List"), cst("State")))
}
/// is_connected: every state is reachable from some initial state
pub fn is_connected_ty() -> Expr {
    arrow(cst("KripkeStructure"), prop())
}
/// compute_scc: Tarjan's SCC decomposition
pub fn compute_scc_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        app(cst("List"), app(cst("List"), cst("State"))),
    )
}
/// LTL formula type
pub fn ltl_formula_ty() -> Expr {
    type0()
}
/// CTL formula type
pub fn ctl_formula_ty() -> Expr {
    type0()
}
/// CTL* formula type
pub fn ctl_star_formula_ty() -> Expr {
    type0()
}
/// ltl_is_safety: φ is a safety property
pub fn ltl_is_safety_ty() -> Expr {
    arrow(cst("LtlFormula"), prop())
}
/// ltl_is_liveness: φ is a liveness property
pub fn ltl_is_liveness_ty() -> Expr {
    arrow(cst("LtlFormula"), prop())
}
/// ltl_is_fairness: φ is a fairness constraint
pub fn ltl_is_fairness_ty() -> Expr {
    arrow(cst("LtlFormula"), prop())
}
/// LtlModelChecker: automaton-theoretic LTL checking
pub fn ltl_model_checker_ty() -> Expr {
    type0()
}
/// CtlModelChecker: fixpoint computation for CTL
pub fn ctl_model_checker_ty() -> Expr {
    type0()
}
/// CounterExample: trace witnessing formula violation
pub fn counter_example_ty() -> Expr {
    type0()
}
/// BuchiAutomaton: (Q, Σ, δ, q_0, F) ω-automaton
pub fn buchi_automaton_ty() -> Expr {
    type0()
}
/// check_ltl: check whether K ⊨ φ (LTL)
pub fn check_ltl_ty() -> Expr {
    arrow(cst("KripkeStructure"), arrow(cst("LtlFormula"), bool_ty()))
}
/// check_ctl: check whether K ⊨ φ (CTL)
pub fn check_ctl_ty() -> Expr {
    arrow(cst("KripkeStructure"), arrow(cst("CtlFormula"), bool_ty()))
}
/// find_counterexample: produce a counterexample trace if formula fails
pub fn find_counterexample_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        arrow(cst("LtlFormula"), app(cst("Option"), cst("CounterExample"))),
    )
}
/// BDD: Binary Decision Diagram node
pub fn bdd_ty() -> Expr {
    type0()
}
/// BDDManager: unique table + apply cache
pub fn bdd_manager_ty() -> Expr {
    type0()
}
/// SymbolicTransitionRelation: T(s,s') as BDD
pub fn symbolic_transition_relation_ty() -> Expr {
    type0()
}
/// image: compute the forward image of a set of states
pub fn image_ty() -> Expr {
    arrow(
        cst("BDDManager"),
        arrow(
            cst("BDD"),
            arrow(cst("SymbolicTransitionRelation"), cst("BDD")),
        ),
    )
}
/// pre_image: compute the backward image of a set of states
pub fn pre_image_ty() -> Expr {
    arrow(
        cst("BDDManager"),
        arrow(
            cst("BDD"),
            arrow(cst("SymbolicTransitionRelation"), cst("BDD")),
        ),
    )
}
/// AbstractDomain: predicate abstraction / interval / octagon domain
pub fn abstract_domain_ty() -> Expr {
    type0()
}
/// AbstractTransformer: post[τ](α(S))
pub fn abstract_transformer_ty() -> Expr {
    arrow(
        cst("AbstractDomain"),
        arrow(cst("AbstractDomain"), cst("AbstractDomain")),
    )
}
/// CounterExampleGuidedRefinement: CEGAR loop
pub fn cegar_ty() -> Expr {
    type0()
}
/// SpuriousCounterexample: infeasible concrete path
pub fn spurious_counterexample_ty() -> Expr {
    type0()
}
/// abstract_states: map concrete states to abstract domain
pub fn abstract_states_ty() -> Expr {
    arrow(app(cst("List"), cst("State")), cst("AbstractDomain"))
}
/// refine_abstraction: refine abstract domain using a spurious counterexample
pub fn refine_abstraction_ty() -> Expr {
    arrow(
        cst("AbstractDomain"),
        arrow(cst("SpuriousCounterexample"), cst("AbstractDomain")),
    )
}
/// check_feasibility: determine if a counterexample is spurious
pub fn check_feasibility_ty() -> Expr {
    arrow(cst("CounterExample"), bool_ty())
}
/// MuFormula: a μ-calculus formula type
pub fn mu_formula_ty() -> Expr {
    type0()
}
/// mu_fixpoint: the least fixpoint operator μX.φ(X)
/// mu_fixpoint : (State → Prop) → (State → Prop)
pub fn mu_fixpoint_ty() -> Expr {
    arrow(arrow(cst("State"), prop()), arrow(cst("State"), prop()))
}
/// nu_fixpoint: the greatest fixpoint operator νX.φ(X)
/// nu_fixpoint : (State → Prop) → (State → Prop)
pub fn nu_fixpoint_ty() -> Expr {
    arrow(arrow(cst("State"), prop()), arrow(cst("State"), prop()))
}
/// check_mu: model check a μ-calculus formula
/// check_mu : KripkeStructure → MuFormula → Bool
pub fn check_mu_ty() -> Expr {
    arrow(cst("KripkeStructure"), arrow(cst("MuFormula"), bool_ty()))
}
/// AlternatingTuringMachine: ATM used in alternation-based μ-calculus model checking
pub fn alternating_turing_machine_ty() -> Expr {
    type0()
}
/// ALC: the description logic ALC (attribute language with complement)
pub fn alc_concept_ty() -> Expr {
    type0()
}
/// ParityGame: a game graph with priority function
pub fn parity_game_ty() -> Expr {
    type0()
}
/// ParityCondition: ω-winning condition: the highest priority seen inf-often is even
/// ParityCondition : (Nat → Bool) → Prop
pub fn parity_condition_ty() -> Expr {
    arrow(arrow(nat_ty(), bool_ty()), prop())
}
/// ZielonkaSolver: Zielonka's recursive parity game algorithm
/// ZielonkaSolver : ParityGame → Bool
pub fn zielonka_solver_ty() -> Expr {
    arrow(cst("ParityGame"), bool_ty())
}
/// parity_game_winner: which player wins from a given vertex?
/// parity_game_winner : ParityGame → Nat → Bool
pub fn parity_game_winner_ty() -> Expr {
    arrow(cst("ParityGame"), arrow(nat_ty(), bool_ty()))
}
/// mu_calculus_parity_reduction: reduction of μ-calc. to parity games
/// mu_calculus_parity_reduction : MuFormula → ParityGame
pub fn mu_calculus_parity_reduction_ty() -> Expr {
    arrow(cst("MuFormula"), cst("ParityGame"))
}
/// SatSolver: a SAT/SMT oracle used in bounded model checking
pub fn sat_solver_ty() -> Expr {
    type0()
}
/// BoundedMCQuery: a bounded model checking problem (BMC)
/// BoundedMCQuery : KripkeStructure → LtlFormula → Nat → Bool
pub fn bounded_mc_query_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        arrow(cst("LtlFormula"), arrow(nat_ty(), bool_ty())),
    )
}
/// KInductionResult: result of a k-induction proof step
pub fn k_induction_result_ty() -> Expr {
    type0()
}
/// k_induction_check: run k-induction for LTL safety properties
/// k_induction_check : KripkeStructure → LtlFormula → Nat → KInductionResult
pub fn k_induction_check_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        arrow(cst("LtlFormula"), arrow(nat_ty(), cst("KInductionResult"))),
    )
}
/// ProbabilisticKripke: a Markov Decision Process / Markov chain
pub fn probabilistic_kripke_ty() -> Expr {
    type0()
}
/// PCTLFormula: a PCTL (probabilistic CTL) formula type
pub fn pctl_formula_ty() -> Expr {
    type0()
}
/// check_pctl: check whether M ⊨ φ (PCTL)
/// check_pctl : ProbabilisticKripke → PCTLFormula → Bool
pub fn check_pctl_ty() -> Expr {
    arrow(
        cst("ProbabilisticKripke"),
        arrow(cst("PCTLFormula"), bool_ty()),
    )
}
/// reachability_probability: P\[reach(T) from s\] in a Markov chain
/// reachability_probability : ProbabilisticKripke → State → Set State → Real
pub fn reachability_probability_ty() -> Expr {
    arrow(
        cst("ProbabilisticKripke"),
        arrow(
            cst("State"),
            arrow(app(cst("Set"), cst("State")), cst("Real")),
        ),
    )
}
/// TimedAutomaton: automaton with clock variables
pub fn timed_automaton_ty() -> Expr {
    type0()
}
/// TCTLFormula: a timed CTL formula
pub fn tctl_formula_ty() -> Expr {
    type0()
}
/// ZoneGraph: zone-based abstract state space for timed systems
pub fn zone_graph_ty() -> Expr {
    type0()
}
/// check_tctl: verify a timed CTL formula over a timed automaton
/// check_tctl : TimedAutomaton → TCTLFormula → Bool
pub fn check_tctl_ty() -> Expr {
    arrow(cst("TimedAutomaton"), arrow(cst("TCTLFormula"), bool_ty()))
}
/// zone_reachability: compute the reachable zone graph of a timed automaton
/// zone_reachability : TimedAutomaton → ZoneGraph
pub fn zone_reachability_ty() -> Expr {
    arrow(cst("TimedAutomaton"), cst("ZoneGraph"))
}
/// HybridAutomaton: automaton with continuous flow conditions
pub fn hybrid_automaton_ty() -> Expr {
    type0()
}
/// FlowCondition: ODE describing continuous evolution in a mode
/// FlowCondition : Type → Prop
pub fn flow_condition_ty() -> Expr {
    arrow(type0(), prop())
}
/// GuardRegion: a polyhedral region enabling a discrete transition
/// GuardRegion : Type → Prop
pub fn guard_region_ty() -> Expr {
    arrow(type0(), prop())
}
/// HybridReachability: reachable set of a hybrid system
/// HybridReachability : HybridAutomaton → Set Type
pub fn hybrid_reachability_ty() -> Expr {
    arrow(cst("HybridAutomaton"), app(cst("Set"), type0()))
}
/// PushdownSystem: a recursive program modeled as a pushdown automaton
pub fn pushdown_system_ty() -> Expr {
    type0()
}
/// ContextFreeLTL: an LTL formula interpreted over pushdown system runs
pub fn context_free_ltl_ty() -> Expr {
    type0()
}
/// check_pushdown_ltl: model check a pushdown system against an LTL formula
/// check_pushdown_ltl : PushdownSystem → LtlFormula → Bool
pub fn check_pushdown_ltl_ty() -> Expr {
    arrow(cst("PushdownSystem"), arrow(cst("LtlFormula"), bool_ty()))
}
/// pushdown_reachability: backwards reachability in a pushdown system
/// pushdown_reachability : PushdownSystem → Set State
pub fn pushdown_reachability_ty() -> Expr {
    arrow(cst("PushdownSystem"), app(cst("Set"), cst("State")))
}
/// HigherOrderRecursionScheme: a HORS defining a tree language
pub fn hors_ty() -> Expr {
    type0()
}
/// HORSModelChecking: model check a HORS against an MSO property
/// HORSModelChecking : HigherOrderRecursionScheme → MuFormula → Bool
pub fn hors_model_checking_ty() -> Expr {
    arrow(
        cst("HigherOrderRecursionScheme"),
        arrow(cst("MuFormula"), bool_ty()),
    )
}
/// CraigInterpolant: a formula I with A ⊨ I and I ∧ B unsatisfiable
/// CraigInterpolant : LtlFormula → LtlFormula → LtlFormula → Prop
pub fn craig_interpolant_ty() -> Expr {
    arrow(
        cst("LtlFormula"),
        arrow(cst("LtlFormula"), arrow(cst("LtlFormula"), prop())),
    )
}
/// lazy_cegar: CEGAR with lazy abstraction refinement
/// lazy_cegar : KripkeStructure → LtlFormula → Bool
pub fn lazy_cegar_ty() -> Expr {
    arrow(cst("KripkeStructure"), arrow(cst("LtlFormula"), bool_ty()))
}
/// AssumeGuaranteeContract: an AG specification (A, G)
pub fn assume_guarantee_contract_ty() -> Expr {
    type0()
}
/// ag_decomposition: decompose a verification task using A-G reasoning
/// ag_decomposition : KripkeStructure → AssumeGuaranteeContract → Bool
pub fn ag_decomposition_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        arrow(cst("AssumeGuaranteeContract"), bool_ty()),
    )
}
/// interface_verification: check compatibility of component interfaces
/// interface_verification : List AssumeGuaranteeContract → Bool
pub fn interface_verification_ty() -> Expr {
    arrow(app(cst("List"), cst("AssumeGuaranteeContract")), bool_ty())
}
/// MazurkiewiczTrace: an equivalence class of runs under independence
pub fn mazurkiewicz_trace_ty() -> Expr {
    type0()
}
/// PersistentSet: a persistent set for partial order reduction
/// PersistentSet : KripkeStructure → State → Set (State → State) → Prop
pub fn persistent_set_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        arrow(
            cst("State"),
            arrow(app(cst("Set"), arrow(cst("State"), cst("State"))), prop()),
        ),
    )
}
/// AmpleSet: an ample set satisfying C0–C3 for POR
/// AmpleSet : KripkeStructure → State → Set (State → State) → Prop
pub fn ample_set_ty() -> Expr {
    arrow(
        cst("KripkeStructure"),
        arrow(
            cst("State"),
            arrow(app(cst("Set"), arrow(cst("State"), cst("State"))), prop()),
        ),
    )
}
/// por_reduction: apply partial order reduction to a Kripke structure
/// por_reduction : KripkeStructure → KripkeStructure
pub fn por_reduction_ty() -> Expr {
    arrow(cst("KripkeStructure"), cst("KripkeStructure"))
}
/// PSLFormula: a PSL (Property Specification Language) formula
pub fn psl_formula_ty() -> Expr {
    type0()
}
/// SVAFormula: a SystemVerilog assertion formula
pub fn sva_formula_ty() -> Expr {
    type0()
}
/// check_psl: check a PSL formula against a Kripke structure
/// check_psl : KripkeStructure → PSLFormula → Bool
pub fn check_psl_ty() -> Expr {
    arrow(cst("KripkeStructure"), arrow(cst("PSLFormula"), bool_ty()))
}
/// TemporalLogicPattern: a reusable specification pattern (Dwyer patterns)
pub fn temporal_logic_pattern_ty() -> Expr {
    type0()
}
/// Register all model checking axioms into the kernel environment.
pub fn build_env(env: &mut Environment) {
    let axioms: &[(&str, Expr)] = &[
        ("KripkeStructure", kripke_structure_ty()),
        ("AtomicProposition", atomic_proposition_ty()),
        ("StateLabel", state_label_ty()),
        ("State", type0()),
        ("reachable_states", reachable_states_ty()),
        ("is_connected", is_connected_ty()),
        ("compute_scc", compute_scc_ty()),
        ("LtlFormula", ltl_formula_ty()),
        ("CtlFormula", ctl_formula_ty()),
        ("CtlStarFormula", ctl_star_formula_ty()),
        ("ltl_is_safety", ltl_is_safety_ty()),
        ("ltl_is_liveness", ltl_is_liveness_ty()),
        ("ltl_is_fairness", ltl_is_fairness_ty()),
        ("LtlModelChecker", ltl_model_checker_ty()),
        ("CtlModelChecker", ctl_model_checker_ty()),
        ("CounterExample", counter_example_ty()),
        ("BuchiAutomaton", buchi_automaton_ty()),
        ("Option", arrow(type0(), type0())),
        ("check_ltl", check_ltl_ty()),
        ("check_ctl", check_ctl_ty()),
        ("find_counterexample", find_counterexample_ty()),
        ("BDD", bdd_ty()),
        ("BDDManager", bdd_manager_ty()),
        (
            "SymbolicTransitionRelation",
            symbolic_transition_relation_ty(),
        ),
        ("image", image_ty()),
        ("pre_image", pre_image_ty()),
        ("AbstractDomain", abstract_domain_ty()),
        ("AbstractTransformer", abstract_transformer_ty()),
        ("CounterExampleGuidedRefinement", cegar_ty()),
        ("SpuriousCounterexample", spurious_counterexample_ty()),
        ("abstract_states", abstract_states_ty()),
        ("refine_abstraction", refine_abstraction_ty()),
        ("check_feasibility", check_feasibility_ty()),
        ("MuFormula", mu_formula_ty()),
        ("mu_fixpoint", mu_fixpoint_ty()),
        ("nu_fixpoint", nu_fixpoint_ty()),
        ("check_mu", check_mu_ty()),
        ("AlternatingTuringMachine", alternating_turing_machine_ty()),
        ("ALCConcept", alc_concept_ty()),
        ("ParityGame", parity_game_ty()),
        ("ParityCondition", parity_condition_ty()),
        ("ZielonkaSolver", zielonka_solver_ty()),
        ("parity_game_winner", parity_game_winner_ty()),
        (
            "mu_calculus_parity_reduction",
            mu_calculus_parity_reduction_ty(),
        ),
        ("SatSolver", sat_solver_ty()),
        ("BoundedMCQuery", bounded_mc_query_ty()),
        ("KInductionResult", k_induction_result_ty()),
        ("k_induction_check", k_induction_check_ty()),
        ("ProbabilisticKripke", probabilistic_kripke_ty()),
        ("PCTLFormula", pctl_formula_ty()),
        ("check_pctl", check_pctl_ty()),
        ("reachability_probability", reachability_probability_ty()),
        ("TimedAutomaton", timed_automaton_ty()),
        ("TCTLFormula", tctl_formula_ty()),
        ("ZoneGraph", zone_graph_ty()),
        ("check_tctl", check_tctl_ty()),
        ("zone_reachability", zone_reachability_ty()),
        ("HybridAutomaton", hybrid_automaton_ty()),
        ("FlowCondition", flow_condition_ty()),
        ("GuardRegion", guard_region_ty()),
        ("HybridReachability", hybrid_reachability_ty()),
        ("PushdownSystem", pushdown_system_ty()),
        ("ContextFreeLTL", context_free_ltl_ty()),
        ("check_pushdown_ltl", check_pushdown_ltl_ty()),
        ("pushdown_reachability", pushdown_reachability_ty()),
        ("HigherOrderRecursionScheme", hors_ty()),
        ("HORSModelChecking", hors_model_checking_ty()),
        ("CraigInterpolant", craig_interpolant_ty()),
        ("lazy_cegar", lazy_cegar_ty()),
        ("AssumeGuaranteeContract", assume_guarantee_contract_ty()),
        ("ag_decomposition", ag_decomposition_ty()),
        ("interface_verification", interface_verification_ty()),
        ("MazurkiewiczTrace", mazurkiewicz_trace_ty()),
        ("PersistentSet", persistent_set_ty()),
        ("AmpleSet", ample_set_ty()),
        ("por_reduction", por_reduction_ty()),
        ("PSLFormula", psl_formula_ty()),
        ("SVAFormula", sva_formula_ty()),
        ("check_psl", check_psl_ty()),
        ("TemporalLogicPattern", temporal_logic_pattern_ty()),
        ("Real", cst("Real")),
    ];
    for (name, ty) in axioms {
        env.add(Declaration::Axiom {
            name: Name::str(*name),
            univ_params: vec![],
            ty: ty.clone(),
        })
        .ok();
    }
}
#[cfg(test)]
mod new_impl_tests {
    use super::*;
    fn small_kripke() -> KripkeStructure {
        let mut k = KripkeStructure::new(3);
        k.add_initial(0);
        k.add_transition(0, 1);
        k.add_transition(1, 2);
        k.add_transition(2, 0);
        k.label_state(0, "p");
        k.label_state(1, "q");
        k
    }
    #[test]
    fn test_mu_calculus_evaluator_true() {
        let k = small_kripke();
        let mc = MuCalculusEvaluator::new(k);
        let f = MuFormula::True_;
        assert!(mc.check(&f));
    }
    #[test]
    fn test_mu_calculus_evaluator_prop() {
        let k = small_kripke();
        let mc = MuCalculusEvaluator::new(k);
        let f = MuFormula::Prop("p".to_string());
        assert!(mc.check(&f));
    }
    #[test]
    fn test_mu_calculus_evaluator_diamond() {
        let k = small_kripke();
        let mc = MuCalculusEvaluator::new(k);
        let f = MuFormula::Diamond(Box::new(MuFormula::Prop("q".to_string())));
        assert!(mc.check(&f));
    }
    #[test]
    fn test_mu_calculus_evaluator_nu_box() {
        let k = small_kripke();
        let mc = MuCalculusEvaluator::new(k.clone());
        let f = MuFormula::Nu("X".to_string(), Box::new(MuFormula::True_));
        let mut env = HashMap::new();
        let sat = mc.eval(&f, &mut env);
        assert_eq!(sat.len(), k.num_states);
    }
    #[test]
    fn test_parity_game_zielonka_trivial() {
        let mut pg = ParityGameZielonka::new(1);
        pg.set_priority(0, 0);
        pg.set_owner(0, 1);
        pg.add_edge(0, 0);
        let (w0, _w1) = pg.solve();
        assert!(w0.contains(&0));
    }
    #[test]
    fn test_parity_game_zielonka_two_nodes() {
        let mut pg = ParityGameZielonka::new(2);
        pg.set_priority(0, 1);
        pg.set_priority(1, 2);
        pg.set_owner(0, 0);
        pg.set_owner(1, 1);
        pg.add_edge(0, 1);
        pg.add_edge(1, 0);
        let (w0, _w1) = pg.solve();
        assert!(!w0.is_empty() || pg.player0_wins(0));
    }
    #[test]
    fn test_bdd_model_checker_new() {
        let mut bmc = BDDModelChecker::new(2);
        let t = bmc.mgr.true_node();
        let f = bmc.mgr.false_node();
        bmc.set_init(t);
        bmc.set_trans(f);
        let reach = bmc.reachable();
        assert_eq!(reach, t);
        assert!(bmc.check_ag_safe(t));
        assert!(!bmc.check_ef(f));
    }
    #[test]
    fn test_bdd_model_checker_variable() {
        let mut bmc = BDDModelChecker::new(2);
        let v0 = bmc.mgr.var(0);
        let v1 = bmc.mgr.var(1);
        let combined = bmc.mgr.bdd_and(v0, v1);
        assert!(combined < bmc.mgr.nodes.len());
    }
    #[test]
    fn test_probabilistic_mc_verifier() {
        let mut mc = ProbabilisticMCVerifier::new(3);
        mc.set_initial(0, 1.0);
        mc.add_transition(0, 1, 0.6);
        mc.add_transition(0, 2, 0.4);
        mc.add_transition(1, 1, 1.0);
        mc.add_transition(2, 2, 1.0);
        mc.label_state(1, "good");
        mc.label_state(2, "bad");
        let target: HashSet<usize> = [1].iter().copied().collect();
        let prob = mc.reachability_prob(&target);
        assert!((prob[0] - 0.6).abs() < 1e-6);
        assert!(mc.check_prob_reach("good", 0.5));
        assert!(!mc.check_prob_reach("good", 0.7));
    }
    #[test]
    fn test_mc_env_new_axioms() {
        let mut env = Environment::new();
        build_env(&mut env);
        assert!(env.get(&Name::str("MuFormula")).is_some());
        assert!(env.get(&Name::str("mu_fixpoint")).is_some());
        assert!(env.get(&Name::str("check_mu")).is_some());
        assert!(env.get(&Name::str("ParityGame")).is_some());
        assert!(env.get(&Name::str("ZielonkaSolver")).is_some());
        assert!(env
            .get(&Name::str("mu_calculus_parity_reduction"))
            .is_some());
        assert!(env.get(&Name::str("BoundedMCQuery")).is_some());
        assert!(env.get(&Name::str("k_induction_check")).is_some());
        assert!(env.get(&Name::str("PCTLFormula")).is_some());
        assert!(env.get(&Name::str("reachability_probability")).is_some());
        assert!(env.get(&Name::str("TimedAutomaton")).is_some());
        assert!(env.get(&Name::str("zone_reachability")).is_some());
        assert!(env.get(&Name::str("HybridAutomaton")).is_some());
        assert!(env.get(&Name::str("HybridReachability")).is_some());
        assert!(env.get(&Name::str("PushdownSystem")).is_some());
        assert!(env.get(&Name::str("check_pushdown_ltl")).is_some());
        assert!(env.get(&Name::str("HigherOrderRecursionScheme")).is_some());
        assert!(env.get(&Name::str("CraigInterpolant")).is_some());
        assert!(env.get(&Name::str("lazy_cegar")).is_some());
        assert!(env.get(&Name::str("AssumeGuaranteeContract")).is_some());
        assert!(env.get(&Name::str("interface_verification")).is_some());
        assert!(env.get(&Name::str("MazurkiewiczTrace")).is_some());
        assert!(env.get(&Name::str("AmpleSet")).is_some());
        assert!(env.get(&Name::str("por_reduction")).is_some());
        assert!(env.get(&Name::str("PSLFormula")).is_some());
        assert!(env.get(&Name::str("SVAFormula")).is_some());
        assert!(env.get(&Name::str("check_psl")).is_some());
    }
}