Mentions légales du service

Skip to content
Snippets Groups Projects
Select Git revision
  • use_api_with_expr
  • master default protected
  • colibri
  • certif
  • shape_by_hyp
  • bobot/creal
  • 248-file-names-for-edited-proof-scripts-should-be-system-independent
  • shape_pairing
  • inline_attribute
  • add_decl_no_fail_on_existing_goal
  • cvc4_17_ce
  • issue_17
  • find_program_symbols
  • fix_reflection_find_rs
  • 303-support-for-alt-ergo-2-3-0-and-cvc4-1-7
  • bobot/yul
  • issue_300
  • computing_reals
  • issue_290
  • dune
  • 1.2.0
  • 1.1.1
  • 1.1.0
  • 1.0.0
  • 0.88.3
  • 0.88.2
  • 0.88.1
  • 0.88.0
  • 0.87.3
  • 0.87.2
  • 0.87.1
  • 0.87.0
  • 0.86.3
  • 0.86.2
  • 0.86.1
  • 0.86
  • 0.85
  • 0.84
  • 0.83
  • 0.82
40 results
Blame Permalink
Forked from Why3 / why3
7438 commits behind the upstream repository.
cursor.mlw 2.12 KiB 
module Cursor

  use import seq.Seq

  type cursor 'a = private {
    ghost mutable visited : seq 'a;
  }

  predicate permitted (cursor 'a)
  axiom permitted_empty: forall c: cursor 'a. c.visited = empty -> permitted c

  predicate complete  (cursor 'a)

  val next (c: cursor 'a) : 'a
    requires { not (complete c) }
    requires { permitted c }
    writes   { c.visited }
    ensures  { c.visited = snoc (old c).visited result }
    ensures  { permitted c }

  val has_next (c: cursor 'a) : bool
    requires { permitted c }
    ensures  { result <-> not (complete c) }

end

module ListCursor

  use import seq.Seq
  use import seq.OfList
  use import list.List
  use import int.Int

  type cursor 'a = private {
    ghost mutable visited    : seq 'a;
    ghost         collection : list 'a;
  }

  predicate permitted (c: cursor 'a) =
    length c.visited <= length c.collection /\
    forall i. 0 <= i < length c.visited -> c.visited[i] = c.collection[i]

  predicate complete  (c: cursor 'a) =
    length c.visited = length c.collection

  val create (l: list 'a) : cursor 'a
    ensures { permitted result }
    ensures { result.visited = empty }
    ensures { result.collection = l }

  clone import Cursor as C with
    type cursor = cursor,
    predicate permitted = permitted,
    predicate complete  = complete,
    goal permitted_empty

end

module ArrayCursor

  use import array.Array
  use import array.ToSeq
  use import seq.Seq
  use import seq.OfList
  use import int.Int

  type cursor 'a = private {
    ghost mutable visited    : seq 'a;
    ghost         collection : seq 'a;
  }

  predicate permitted (c: cursor 'a) =
    length c.visited <= length c.collection /\
    forall i. 0 <= i < length c.visited -> c.visited[i] = c.collection[i]

  predicate complete  (c: cursor 'a) =
    length c.visited = length c.collection

  val create (a: array 'a) : cursor 'a
    ensures { permitted result }
    ensures { result.visited = empty }
    ensures { result.collection = to_seq a }

  clone import Cursor as C with
    type cursor = cursor,
    predicate permitted = permitted,
    predicate complete  = complete,
    goal permitted_empty

end