Commit 21410adf authored by Andrei Paskevich's avatar Andrei Paskevich

prove type invariant before pre-/post-

parent 05e8681c
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE why3session SYSTEM "/users/demons/melquion/src/why3/share/why3session.dtd">
<why3session
name="check-builtin/array/why3session.xml" shape_version="2">
<!DOCTYPE why3session SYSTEM "/home/andrei/prj/why-git/share/why3session.dtd">
<why3session shape_version="2">
<prover
id="0"
name="Alt-Ergo"
......@@ -36,68 +35,68 @@
expanded="false">
<theory
name="Test_simplify_array"
locfile="check-builtin/array/../array.why"
locfile="../array.why"
loclnum="1" loccnumb="7" loccnume="26"
verified="true"
expanded="true">
<goal
name="G1"
locfile="check-builtin/array/../array.why"
locfile="../array.why"
loclnum="4" loccnumb="7" loccnume="9"
sum="b1b23c8283e46198921be8711654af8c"
proved="true"
expanded="true"
shape="ainfix =agetasetV2V1V0V1V0FF">
<proof
prover="5"
prover="0"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.01"/>
</proof>
<proof
prover="4"
prover="1"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.02"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="1"
timelimit="10"
prover="2"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="0"
timelimit="10"
prover="3"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="2"
timelimit="3"
prover="4"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.02"/>
</proof>
<proof
prover="6"
timelimit="3"
prover="5"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="3"
prover="6"
timelimit="3"
memlimit="0"
obsolete="false"
......@@ -107,14 +106,14 @@
</goal>
<goal
name="G2"
locfile="check-builtin/array/../array.why"
locfile="../array.why"
loclnum="6" loccnumb="7" loccnume="9"
sum="7e66ed444e94f55df480003cd20a589c"
sum="1ad9e5ab968e6a38b47e708503c2ce88"
proved="true"
expanded="true"
shape="ainfix =agetasetV5V0V4V3V1Iainfix =agetV5V3V1Iainfix =V3V0NFF">
shape="ainfix =agetasetV4V0V3V2V1Iainfix =agetV4V2V1Iainfix =V2V0NFF">
<proof
prover="5"
prover="0"
timelimit="10"
memlimit="0"
obsolete="false"
......@@ -122,64 +121,64 @@
<result status="valid" time="0.01"/>
</proof>
<proof
prover="4"
prover="1"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="1"
timelimit="10"
prover="2"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="0"
timelimit="10"
prover="3"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="2"
timelimit="3"
prover="4"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.01"/>
</proof>
<proof
prover="6"
timelimit="3"
prover="5"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.02"/>
<result status="valid" time="0.01"/>
</proof>
<proof
prover="3"
prover="6"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal
name="G3"
locfile="check-builtin/array/../array.why"
locfile="../array.why"
loclnum="10" loccnumb="7" loccnume="9"
sum="400615409a3f600f2025269e1c4492c2"
proved="true"
expanded="true"
shape="ainfix =agetasetV2c1V1c0V0Iainfix =agetV2c0V0FF">
<proof
prover="5"
prover="0"
timelimit="10"
memlimit="0"
obsolete="false"
......@@ -187,47 +186,47 @@
<result status="valid" time="0.00"/>
</proof>
<proof
prover="4"
prover="1"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.17"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="1"
timelimit="10"
prover="2"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="0"
timelimit="10"
prover="3"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="2"
timelimit="3"
prover="4"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.17"/>
</proof>
<proof
prover="6"
timelimit="3"
prover="5"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="3"
prover="6"
timelimit="3"
memlimit="0"
obsolete="false"
......@@ -237,62 +236,62 @@
</goal>
<goal
name="G4"
locfile="check-builtin/array/../array.why"
locfile="../array.why"
loclnum="13" loccnumb="7" loccnume="9"
sum="b0f82094e35dbd134112abc5ff16bcc8"
proved="true"
expanded="true"
shape="ainfix =agetasetasetV2c1V1c0V0c1V1FF">
<proof
prover="5"
prover="0"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.01"/>
</proof>
<proof
prover="4"
prover="1"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.29"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="1"
timelimit="10"
prover="2"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="0"
timelimit="10"
prover="3"
timelimit="3"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.00"/>
</proof>
<proof
prover="2"
timelimit="3"
prover="4"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
<result status="valid" time="0.29"/>
</proof>
<proof
prover="6"
timelimit="3"
prover="5"
timelimit="10"
memlimit="0"
obsolete="false"
archived="false">
<result status="valid" time="0.00"/>
</proof>
<proof
prover="3"
prover="6"
timelimit="3"
memlimit="0"
obsolete="false"
......
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE why3session SYSTEM "/home/andrei/prj/why-git/share/why3session.dtd">
<why3session
name="programs/vstte10_aqueue/why3session.xml" shape_version="2">
<why3session shape_version="2">
<prover
id="0"
name="Alt-Ergo"
......@@ -12,19 +11,19 @@
expanded="false">
<theory
name="AmortizedQueue"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="9" loccnumb="7" loccnume="21"
verified="true"
expanded="true">
<goal
name="WP_parameter empty"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="21" loccnumb="6" loccnume="11"
expl="parameter empty"
sum="e7190a3f05a3e5728d5182b6f3ff1850"
sum="f148b224bef0491026c5971839eb52c1"
proved="true"
expanded="false"
shape="ainfix =alengthV0c0Aainfix &gt;=c0alengthV0Aainfix =alengthaNilc0LaNilAainfix =ainfix ++aNilareverseaNilaNil">
shape="ainfix =ainfix ++aNilareverseaNilaNilAainfix =alengthV0c0Aainfix &gt;=c0alengthV0Aainfix =alengthaNilc0LaNil">
<label
name="expl:parameter empty"/>
<proof
......@@ -38,13 +37,13 @@
</goal>
<goal
name="WP_parameter head"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="24" loccnumb="6" loccnume="10"
expl="postcondition"
sum="731d618ab885e13a385f070505c96178"
sum="436664d3d5a243b8e8053c7805a09a8f"
proved="true"
expanded="false"
shape="CV0aNilfaConsVwCainfix ++V0areverseV2aNilfaConsVwainfix =V4V5Iainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1Aainfix =ainfix ++V0areverseV2aNilNF">
shape="CV0aNilfaConsVwCainfix ++V0areverseV2aNilfaConsVwainfix =V4V5Iainfix =ainfix ++V0areverseV2aNilNAainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1F">
<label
name="expl:parameter head"/>
<proof
......@@ -58,13 +57,13 @@
</goal>
<goal
name="WP_parameter create"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="32" loccnumb="6" loccnume="12"
expl="parameter create"
sum="e4493530dbb94b33806eb2a0070fdeca"
sum="105c38020da8b68175e86c584c7b3c0c"
proved="true"
expanded="false"
shape="iainfix &gt;=V1V3ainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1Aainfix =ainfix ++V0areverseV2ainfix ++V0areverseV2ainfix =alengthV5c0Aainfix &gt;=V4alengthV5Aainfix =alengthainfix ++V0areverseV2V4LaNilLainfix +V1V3Aainfix =ainfix ++ainfix ++V0areverseV2areverseaNilainfix ++V0areverseV2Iainfix =V3alengthV2Aainfix =V1alengthV0F">
shape="iainfix &gt;=V1V3ainfix =ainfix ++V0areverseV2ainfix ++V0areverseV2Aainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1ainfix =ainfix ++ainfix ++V0areverseV2areverseaNilainfix ++V0areverseV2Aainfix =alengthV5c0Aainfix &gt;=V4alengthV5Aainfix =alengthainfix ++V0areverseV2V4LaNilLainfix +V1V3Iainfix =V3alengthV2Aainfix =V1alengthV0F">
<label
name="expl:parameter create"/>
<proof
......@@ -78,13 +77,13 @@
</goal>
<goal
name="WP_parameter tail"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="41" loccnumb="6" loccnume="10"
expl="parameter tail"
sum="a6440f8070a3a8534544700cdd6e4204"
sum="69d2fa37a97df558d6f6a1ea0a8d177c"
proved="true"
expanded="false"
shape="CV0aNilfaConswVCainfix ++V0areverseV2aNilfaConswVainfix =ainfix ++V5areverseV7V9Iainfix =alengthV7V8Aainfix &gt;=V6alengthV7Aainfix =alengthV5V6Aainfix =ainfix ++V5areverseV7ainfix ++V4areverseV2FAainfix =V3alengthV2Aainfix =ainfix -V1c1alengthV4Iainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1Aainfix =ainfix ++V0areverseV2aNilNF">
shape="CV0aNilfaConswVCainfix ++V0areverseV2aNilfaConswVainfix =ainfix ++V5areverseV7V9Iainfix =ainfix ++V5areverseV7ainfix ++V4areverseV2Aainfix =alengthV7V8Aainfix &gt;=V6alengthV7Aainfix =alengthV5V6FAainfix =V3alengthV2Aainfix =ainfix -V1c1alengthV4Iainfix =ainfix ++V0areverseV2aNilNAainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1F">
<label
name="expl:parameter tail"/>
<transf
......@@ -93,13 +92,13 @@
expanded="true">
<goal
name="WP_parameter tail.1"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="41" loccnumb="6" loccnume="10"
expl="parameter tail"
sum="010e43c61197c54d2ae7e9eaaeebe781"
sum="2f2dc95d9acd449cd338c2386b3a2e3b"
proved="true"
expanded="false"
shape="CV0aNilfaConswVtIainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1Aainfix =ainfix ++V0areverseV2aNilNF">
shape="CV0aNilfaConswVtIainfix =ainfix ++V0areverseV2aNilNAainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1F">
<label
name="expl:parameter tail"/>
<proof
......@@ -113,13 +112,13 @@
</goal>
<goal
name="WP_parameter tail.2"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="41" loccnumb="6" loccnume="10"
expl="precondition"
sum="a193f4ad19553331fdb67d308fbb399e"
sum="4461409ec1feafc0250e6711212337cb"
proved="true"
expanded="false"
shape="CV0aNiltaConswVainfix =V3alengthV2Aainfix =ainfix -V1c1alengthV4Iainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1Aainfix =ainfix ++V0areverseV2aNilNF">
shape="CV0aNiltaConswVainfix =V3alengthV2Aainfix =ainfix -V1c1alengthV4Iainfix =ainfix ++V0areverseV2aNilNAainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1F">
<label
name="expl:parameter tail"/>
<proof
......@@ -133,13 +132,13 @@
</goal>
<goal
name="WP_parameter tail.3"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="41" loccnumb="6" loccnume="10"
expl="postcondition"
sum="f1c01d477137a0eeb89dd49b58ab0d01"
sum="1e31605f819ec67974424062e4da9d75"
proved="true"
expanded="false"
shape="CV0aNiltaConswVCainfix ++V0areverseV2aNilfaConswVainfix =ainfix ++V5areverseV7V9Iainfix =alengthV7V8Aainfix &gt;=V6alengthV7Aainfix =alengthV5V6Aainfix =ainfix ++V5areverseV7ainfix ++V4areverseV2FIainfix =V3alengthV2Aainfix =ainfix -V1c1alengthV4Iainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1Aainfix =ainfix ++V0areverseV2aNilNF">
shape="CV0aNiltaConswVCainfix ++V0areverseV2aNilfaConswVainfix =ainfix ++V5areverseV7V9Iainfix =ainfix ++V5areverseV7ainfix ++V4areverseV2Aainfix =alengthV7V8Aainfix &gt;=V6alengthV7Aainfix =alengthV5V6FIainfix =V3alengthV2Aainfix =ainfix -V1c1alengthV4Iainfix =ainfix ++V0areverseV2aNilNAainfix =alengthV2V3Aainfix &gt;=V1alengthV2Aainfix =alengthV0V1F">
<label
name="expl:parameter tail"/>
<proof
......@@ -155,13 +154,13 @@
</goal>
<goal
name="WP_parameter enqueue"
locfile="programs/vstte10_aqueue/../vstte10_aqueue.mlw"
locfile="../vstte10_aqueue.mlw"
loclnum="49" loccnumb="6" loccnume="13"
expl="parameter enqueue"
sum="a5041cec8b908b9416f27b032df60668"
sum="34eb486749bdc14a6a35a9c85acb53dd"
proved="true"
expanded="false"
shape="ainfix =ainfix ++V5areverseV7ainfix ++ainfix ++V1areverseV3aConsV0aNilIainfix =alengthV7V8Aainfix &gt;=V6alengthV7Aainfix =alengthV5V6Aainfix =ainfix ++V5areverseV7ainfix ++V1areverseaConsV0V3FAainfix =ainfix +V4c1alengthaConsV0V3Aainfix =V2alengthV1Iainfix =alengthV3V4Aainfix &gt;=V2alengthV3Aainfix =alengthV1V2F">
shape="ainfix =ainfix ++V5areverseV7ainfix ++ainfix ++V1areverseV3aConsV0aNilIainfix =ainfix ++V5areverseV7ainfix ++V1areverseaConsV0V3Aainfix =alengthV7V8Aainfix &gt;=V6alengthV7Aainfix =alengthV5V6FAainfix =ainfix +V4c1alengthaConsV0V3Aainfix =V2alengthV1Iainfix =alengthV3V4Aainfix &gt;=V2alengthV3Aainfix =alengthV1V2F">
<label
name="expl:parameter enqueue"/>
<proof
......
......@@ -25,11 +25,9 @@ Existing Instance option_WhyType.
Implicit Arguments None [[a] [a_WT]].
Implicit Arguments Some [[a] [a_WT]].
Parameter nth: forall {a:Type} {a_WT:WhyType a}, BuiltIn.int -> (list a) ->
(option a).
Parameter nth: forall {a:Type} {a_WT:WhyType a}, Z -> (list a) -> (option a).
Axiom nth_def : forall {a:Type} {a_WT:WhyType a}, forall (n:BuiltIn.int)
(l:(list a)),
Axiom nth_def : forall {a:Type} {a_WT:WhyType a}, forall (n:Z) (l:(list a)),
match l with
| Nil => ((nth n l) = (None :(option a)))
| (Cons x r) => ((n = 0%Z) -> ((nth n l) = (Some x))) /\ ((~ (n = 0%Z)) ->
......@@ -37,8 +35,7 @@ Axiom nth_def : forall {a:Type} {a_WT:WhyType a}, forall (n:BuiltIn.int)
end.
(* Why3 assumption *)
Fixpoint length {a:Type} {a_WT:WhyType a}(l:(list
a)) {struct l}: BuiltIn.int :=
Fixpoint length {a:Type} {a_WT:WhyType a}(l:(list a)) {struct l}: Z :=
match l with
| Nil => 0%Z
| (Cons _ r) => (1%Z + (length r))%Z
......@@ -51,13 +48,13 @@ Axiom Length_nil : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a)),
((length l) = 0%Z) <-> (l = (Nil :(list a))).
Axiom nth_none_1 : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a))
(i:BuiltIn.int), (i < 0%Z)%Z -> ((nth i l) = (None :(option a))).
(i:Z), (i < 0%Z)%Z -> ((nth i l) = (None :(option a))).
Axiom nth_none_2 : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a))
(i:BuiltIn.int), ((length l) <= i)%Z -> ((nth i l) = (None :(option a))).
(i:Z), ((length l) <= i)%Z -> ((nth i l) = (None :(option a))).
Axiom nth_none_3 : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a))
(i:BuiltIn.int), ((nth i l) = (None :(option a))) -> ((i < 0%Z)%Z \/
(i:Z), ((nth i l) = (None :(option a))) -> ((i < 0%Z)%Z \/
((length l) <= i)%Z).
(* Why3 assumption *)
......@@ -95,16 +92,15 @@ Axiom mem_decomp : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l:(list
(l = (infix_plpl l1 (Cons x l2))).
Axiom nth_append_1 : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (i:BuiltIn.int), (i < (length l1))%Z -> ((nth i
(infix_plpl l1 l2)) = (nth i l1)).
(l2:(list a)) (i:Z), (i < (length l1))%Z -> ((nth i (infix_plpl l1
l2)) = (nth i l1)).
Axiom nth_append_2 : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (i:BuiltIn.int), ((length l1) <= i)%Z -> ((nth i
(infix_plpl l1 l2)) = (nth (i - (length l1))%Z l2)).
(l2:(list a)) (i:Z), ((length l1) <= i)%Z -> ((nth i (infix_plpl l1
l2)) = (nth (i - (length l1))%Z l2)).
Parameter map : forall (a:Type) {a_WT:WhyType a} (b:Type) {b_WT:WhyType b},
Type.
Axiom map_WhyType : forall (a:Type) {a_WT:WhyType a}
Axiom map : forall (a:Type) {a_WT:WhyType a} (b:Type) {b_WT:WhyType b}, Type.
Parameter map_WhyType : forall (a:Type) {a_WT:WhyType a}
(b:Type) {b_WT:WhyType b}, WhyType (map a b).
Existing Instance map_WhyType.
......@@ -130,35 +126,38 @@ Axiom Const : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
(* Why3 assumption *)
Inductive array (a:Type) {a_WT:WhyType a} :=
| mk_array : BuiltIn.int -> (map BuiltIn.int a) -> array a.
| mk_array : Z -> (map Z a) -> array a.
Axiom array_WhyType : forall (a:Type) {a_WT:WhyType a}, WhyType (array a).
Existing Instance array_WhyType.
Implicit Arguments mk_array [[a] [a_WT]].
(* Why3 assumption *)
Definition elts {a:Type} {a_WT:WhyType a}(v:(array a)): (map BuiltIn.int
a) := match v with
Definition elts {a:Type} {a_WT:WhyType a}(v:(array a)): (map Z a) :=
match v with
| (mk_array x x1) => x1
end.
(* Why3 assumption *)
Definition length1 {a:Type} {a_WT:WhyType a}(v:(array a)): BuiltIn.int :=
Definition length1 {a:Type} {a_WT:WhyType a}(v:(array a)): Z :=
match v with
| (mk_array x x1) => x
end.
(* Why3 assumption *)
Definition get1 {a:Type} {a_WT:WhyType a}(a1:(array a)) (i:BuiltIn.int): a :=
Definition get1 {a:Type} {a_WT:WhyType a}(a1:(array a)) (i:Z): a :=
(get (elts a1) i).
(* Why3 assumption *)
Definition set1 {a:Type} {a_WT:WhyType a}(a1:(array a)) (i:BuiltIn.int)
(v:a): (array a) := (mk_array (length1 a1) (set (elts a1) i v)).
Definition set1 {a:Type} {a_WT:WhyType a}(a1:(array a)) (i:Z) (v:a): (array
a) := (mk_array (length1 a1) (set (elts a1) i v)).
(* Why3 assumption *)
Definition make {a:Type} {a_WT:WhyType a}(n:Z) (v:a): (array a) :=
(mk_array n (const v:(map Z a))).
(* Why3 assumption *)
Inductive buffer (a:Type) {a_WT:WhyType a} :=
| mk_buffer : BuiltIn.int -> BuiltIn.int -> (array a) -> (list
a) -> buffer a.
| mk_buffer : Z -> Z -> (array a) -> (list a) -> buffer a.
Axiom buffer_WhyType : forall (a:Type) {a_WT:WhyType a}, WhyType (buffer a).
Existing Instance buffer_WhyType.
Implicit Arguments mk_buffer [[a] [a_WT]].
......@@ -176,39 +175,38 @@ Definition data {a:Type} {a_WT:WhyType a}(v:(buffer a)): (array a) :=
end.
(* Why3 assumption *)
Definition len {a:Type} {a_WT:WhyType a}(v:(buffer a)): BuiltIn.int :=
Definition len {a:Type} {a_WT:WhyType a}(v:(buffer a)): Z :=
match v with
| (mk_buffer x x1 x2 x3) => x1
end.
(* Why3 assumption *)
Definition first {a:Type} {a_WT:WhyType a}(v:(buffer a)): BuiltIn.int :=
Definition first {a:Type} {a_WT:WhyType a}(v:(buffer a)): Z :=
match v with
| (mk_buffer x x1 x2 x3) => x
end.
(* Why3 assumption *)
Definition size {a:Type} {a_WT:WhyType a}(b:(buffer a)): BuiltIn.int :=
Definition size {a:Type} {a_WT:WhyType a}(b:(buffer a)): Z :=
(length1 (data b)).
Require Import Why3.
Ltac ae := why3 "alt-ergo" timelimit 3.
(* Why3 goal *)
Theorem WP_parameter_head : forall {a:Type} {a_WT:WhyType a},
forall (b:BuiltIn.int), forall (rho:(list a)) (rho1:(map BuiltIn.int a))
(rho2:BuiltIn.int) (rho3:BuiltIn.int), ((0%Z < rho2)%Z /\
(((0%Z <= rho3)%Z /\ (rho3 < b)%Z) /\ (((0%Z <= rho2)%Z /\
(rho2 <= b)%Z) /\ ((rho2 = (length rho)) /\ forall (i:BuiltIn.int),
((0%Z <= i)%Z /\ (i < rho2)%Z) -> ((((rho3 + i)%Z < b)%Z -> ((nth i
rho) = (Some (get rho1 (rho3 + i)%Z)))) /\
((0%Z <= ((rho3 + i)%Z - b)%Z)%Z -> ((nth i rho) = (Some (get rho1
((rho3 + i)%Z - b)%Z))))))))) -> (((0%Z <= rho3)%Z /\ (rho3 < b)%Z) ->
Theorem WP_parameter_head : forall {a:Type} {a_WT:WhyType a}, forall (b:Z),
forall (rho:(list a)) (rho1:(map Z a)) (rho2:Z) (rho3:Z),
((((0%Z <= rho3)%Z /\ (rho3 < b)%Z) /\ (((0%Z <= rho2)%Z /\
(rho2 <= b)%Z) /\ ((rho2 = (length rho)) /\ forall (i:Z), ((0%Z <= i)%Z /\
(i < rho2)%Z) -> ((((rho3 + i)%Z < b)%Z -> ((nth i rho) = (Some (get rho1
(rho3 + i)%Z)))) /\ ((0%Z <= ((rho3 + i)%Z - b)%Z)%Z -> ((nth i
rho) = (Some (get rho1 ((rho3 + i)%Z - b)%Z)))))))) /\ (0%Z < rho2)%Z) ->
(((0%Z <= rho3)%Z /\ (rho3 < b)%Z) ->
match rho with
| Nil => False
| (Cons x _) => ((get rho1 rho3) = x)
end).
intros a _a b rho rho1 rho2 rho3 (h1,(h2,(h2b,(h2c,h2d)))) (h3,h4).
intros a _a b rho rho1 rho2 rho3 ((h2,(h2b,(h2c,h2d))),h1) (h3,h4).
destruct rho.
simpl in *.
omega.
......
(* This file is generated by Why3's Coq driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require int.Int.
(* Why3 assumption *)
Definition unit := unit.
(* Why3 assumption *)
Inductive list (a:Type) {a_WT:WhyType a} :=
| Nil : list a
| Cons : a -> (list a) -> list a.
Axiom list_WhyType : forall (a:Type) {a_WT:WhyType a}, WhyType (list a).
Existing Instance list_WhyType.
Implicit Arguments Nil [[a] [a_WT]].
Implicit Arguments Cons [[a] [a_WT]].
(* Why3 assumption *)
Inductive option (a:Type) {a_WT:WhyType a} :=
| None : option a
| Some : a -> option a.
Axiom option_WhyType : forall (a:Type) {a_WT:WhyType a}, WhyType (option a).
Existing Instance option_WhyType.
Implicit Arguments None [[a] [a_WT]].
Implicit Arguments Some [[a] [a_WT]].
Parameter nth: forall {a:Type} {a_WT:WhyType a}, BuiltIn.int -> (list a) ->
(option a).