"safe clone": by default, cloned axioms become lemmas

Clone "with axiom ." or "with goal ." to change the default ("with lemma ." is also accepted, just in case).

"safe clone": by default, cloned axioms become lemmas
Clone "with axiom ." or "with goal ." to change the default ("with lemma ." is also accepted, just in case).
9e6dacc7 · Andrei Paskevich · 0016da0c · 9e6dacc7 · 9e6dacc7 · 9e6dacc7
Commit 9e6dacc7 authored Jun 14, 2018 by Andrei Paskevich
20 changed files
--- a/examples/avl/avl.mlw
+++ b/examples/avl/avl.mlw
@@ -69,14 +69,15 @@ module AVL
      the sequence. In other words, `M.sum f [a_1;...;a_n]` is the
      monoidal summary of sequence `[a_1;...;a_n]` with respect to
      measure `f`. *)
-  clone monoid.ComputableMonoid as M
+  clone monoid.ComputableMonoid as M with axiom .
  clone monoid.MonoidSum as M with
    (* scope M = M *)
    type M.t = M.t,
    constant M.zero = M.zero,
    function M.op = M.op,
    goal M.assoc,
-    goal M.neutral
+    goal M.neutral,
+    axiom .

  (** Abstract description of the data stored in the tree:
      measurable elements. *)

--- a/examples/avl/monoid.mlw
+++ b/examples/avl/monoid.mlw
@@ -24,7 +24,7 @@ end
 module MonoidSum

  use import seq.Seq
-  clone import Monoid as M
+  clone import Monoid as M with axiom .

  function agg (f:'a -> t) (s:seq 'a) : t
  axiom agg_empty : forall f:'a -> t. agg f empty = zero
@@ -42,7 +42,7 @@ module MonoidSumDef
  use import seq.FreeMonoid

  (* TODO: do that refinement correctly ! *)
-  clone import Monoid as M
+  clone import Monoid as M with axiom .

  let rec ghost function agg (f:'a -> t) (s:seq 'a) : M.t
    variant { length s }
@@ -70,7 +70,7 @@ end
 (** {2 Computable monoid} *)
 module ComputableMonoid

-  clone export Monoid
+  clone export Monoid with axiom .

  (** Abstract routines computing operations in the monoid. *)
  val zero () : t ensures { result = zero }

--- a/examples/avl/preorder.mlw
+++ b/examples/avl/preorder.mlw
@@ -8,7 +8,7 @@ theory Full
  (** Standard preorder theory. *)
  type t
  predicate le t t
-  clone export relations.PreOrder with type t = t, predicate rel = le
+  clone export relations.PreOrder with type t = t, predicate rel = le, axiom .
  (** Definable symbols for equality and strict ordering. *)
  predicate eq t t
  axiom eq_def : forall x y. eq x y <-> le x y /\ le y x
@@ -28,10 +28,9 @@ end
 (** {2 Total preorder} *)
 theory TotalFull

-  clone export Full
-  clone export relations.Total with type t = t, predicate rel = le
-  clone relations.Total as Lt with type t = t,
-    predicate rel = le, goal Total
+  clone export Full with axiom .
+  clone export relations.Total with type t = t, predicate rel = le, axiom Total
+  clone relations.Total as Lt with type t = t, predicate rel = le, goal Total
  lemma lt_def2 : forall x y. lt x y <-> not le y x

 end
@@ -40,7 +39,7 @@ end
 module Computable

  use import int.Int
-  clone export TotalFull
+  clone export TotalFull with axiom .

  (** Comparison is computable. *)
  val compare (x y:t) : int

--- a/examples/avl/priority_queue.mlw
+++ b/examples/avl/priority_queue.mlw
@@ -24,7 +24,7 @@ module PQueue
  scope D type t 'a end
  scope K type t end
  clone export key_type.KeyType with type t = D.t, type key = K.t
-  clone preorder.Computable as CO with type t = K.t
+  clone preorder.Computable as CO with type t = K.t, axiom .

  (** {2 Instantiation of the AVL tree module} *)


--- a/examples/avl/tables.mlw
+++ b/examples/avl/tables.mlw
@@ -24,7 +24,7 @@ module MapBase
  (** Stored elements are identified by totally ordered keys *)
  scope D type t 'a end scope K type t end
  clone export key_type.KeyType with type t = D.t, type key = K.t
-  clone preorder.Computable as CO with type t = K.t
+  clone preorder.Computable as CO with type t = K.t, axiom .
  scope D
    let function measure 'a : unit = ()
  end
@@ -512,7 +512,7 @@ module Map

  (** Parameter: key type with computable total preorder. *)
  scope K type t end
-  clone preorder.Computable as CO with type t = K.t
+  clone preorder.Computable as CO with type t = K.t, axiom .

  (** Elements are key-value pairs *)
  scope D
@@ -711,7 +711,7 @@ module Set

  (** Parameter: comparable elements. *)
  scope K type t end
-  clone preorder.Computable as CO with type t = K.t
+  clone preorder.Computable as CO with type t = K.t, axiom .

  (** Elements are themselves the keys. *)
  scope D

--- a/examples/binomial_heap.mlw
+++ b/examples/binomial_heap.mlw
@@ -20,7 +20,7 @@ module BinomialHeap
  type elt

  val predicate le elt elt
-  clone relations.TotalPreOrder with type t = elt, predicate rel = le
+  clone relations.TotalPreOrder with type t = elt, predicate rel = le, axiom .

  (** Trees.


--- a/examples/bitvectors/bitvector.why
+++ b/examples/bitvectors/bitvector.why
@@ -358,7 +358,7 @@ theory BV32

  function size : int = 32

-  clone export BitVector with function size, lemma size_positive
+  clone export BitVector with function size, lemma size_positive, axiom .

 end

@@ -367,7 +367,7 @@ theory BV64

  function size : int = 64

-  clone export BitVector with function size, lemma size_positive
+  clone export BitVector with function size, lemma size_positive, axiom .

 end


--- a/examples/braun_trees.mlw
+++ b/examples/braun_trees.mlw
@@ -26,7 +26,7 @@ module BraunHeaps

  val predicate le elt elt

-  clone relations.TotalPreOrder with type t = elt, predicate rel = le
+  clone relations.TotalPreOrder with type t = elt, predicate rel = le, axiom .

  (* [e] is no greater than the root of [t], if any *)
  let predicate le_root (e: elt) (t: tree elt) = match t with

--- a/examples/bts/13375.mlw
+++ b/examples/bts/13375.mlw
@@ -37,7 +37,7 @@ module Spec
 type my_type

 clone Signed as My_Type_T
-   with type signed_type = my_type
+   with type signed_type = my_type, axiom .
 axiom axiom_first :
  My_Type_T.first = 1


--- a/examples/check-builtin/ac.why
+++ b/examples/check-builtin/ac.why
 theory Test
       type t
       function f t t : t
-       clone algebra.AC with type t = t, function op = f
+       clone algebra.AC with type t = t, function op = f, axiom .
       goal G1 : forall x y : t. f x y = f y x
       goal G2 : forall x y z : t. f (f x y) z = f x (f y z)
 end
--- a/examples/coincidence_count_list.mlw
+++ b/examples/coincidence_count_list.mlw
@@ -60,7 +60,7 @@ module CoincidenceCountAnyType
    ensures { result <-> x = y }
  val predicate rel (x y : t)

-  clone import relations.TotalStrictOrder with type t, predicate rel
+  clone import relations.TotalStrictOrder with type t, predicate rel, axiom .

  clone export list.Sorted
     with type t = t, predicate le = rel, goal Transitive.Trans

--- a/examples/fibonacci.mlw
+++ b/examples/fibonacci.mlw
@@ -280,7 +280,8 @@ theory Mat22
  clone export
    int.Exponentiation with
      type t = t, function one = id, function (*) = mult,
-      goal Assoc, goal Unit_def_l, goal Unit_def_r
+      goal Assoc, goal Unit_def_l, goal Unit_def_r,
+      axiom . (* FIXME: replace with "goal" and prove *)

 end


--- a/examples/finite_tarski.mlw
+++ b/examples/finite_tarski.mlw
@@ -11,7 +11,7 @@ Authors:  Martin Clochard
 module Tarski

  use import set.Fset
-  clone export relations.PartialOrder
+  clone export relations.PartialOrder with axiom .

  constant a : set t

@@ -28,7 +28,7 @@ end

 module Tarski_rec
  use import set.Fset
-  clone export Tarski
+  clone export Tarski with axiom .

  let lemma least_fix_point () : unit
   ensures {exists mu. fixpoint mu /\ forall x. fixpoint x -> rel mu x }
@@ -45,7 +45,7 @@ end

 module Tarski_while
  use import set.Fset
-  clone export Tarski
+  clone export Tarski with axiom .
  use import ref.Ref

  let lemma least_fix_point () : unit

--- a/examples/insertion_sort_list.mlw
+++ b/examples/insertion_sort_list.mlw
@@ -6,9 +6,10 @@ module InsertionSort
  type elt
  val predicate le elt elt

-  clone relations.TotalPreOrder with type t = elt, predicate rel = le
-  clone export list.Sorted      with type t = elt, predicate le  = le,
-   goal Transitive.Trans
+  clone relations.TotalPreOrder with
+    type t = elt, predicate rel = le, axiom .
+  clone export list.Sorted with
+    type t = elt, predicate le  = le, goal Transitive.Trans

  use import list.List
  use import list.Permut

--- a/examples/leftist_heap.mlw
+++ b/examples/leftist_heap.mlw
@@ -14,7 +14,8 @@ module Heap
  type elt
  predicate le elt elt

-  clone relations.TotalPreOrder with type t = elt, predicate rel = le
+  clone relations.TotalPreOrder with
+    type t = elt, predicate rel = le, axiom .

  type heap

@@ -103,7 +104,8 @@ module LeftistHeap

  type elt
  val predicate le elt elt
-  clone relations.TotalPreOrder with type t = elt, predicate rel = le
+  clone relations.TotalPreOrder with
+    type t = elt, predicate rel = le, axiom .

  use import TreeRank
  use export Size

--- a/examples/linear_probing.mlw
+++ b/examples/linear_probing.mlw
@@ -30,7 +30,7 @@ end

 module LinearProbing

-  clone import HashedTypeWithDummy
+  clone import HashedTypeWithDummy with axiom .

  use import int.Int
  use import int.ComputerDivision

--- a/examples/logic/einstein.why
+++ b/examples/logic/einstein.why
@@ -33,14 +33,14 @@ theory Einstein

  (** Each house is associated bijectively to a color and a person *)

-  clone Bijection as Color with type t = house, type u = color
-  clone Bijection as Owner with type t = house, type u = person
+  clone Bijection as Color with type t = house, type u = color, axiom .
+  clone Bijection as Owner with type t = house, type u = person, axiom .

  (** Each drink, cigar brand and pet are associated bijectively to a person *)

-  clone Bijection as Drink with type t = person, type u = drink
-  clone Bijection as Cigar with type t = person, type u = cigar
-  clone Bijection as Pet   with type t = person, type u = pet
+  clone Bijection as Drink with type t = person, type u = drink, axiom .
+  clone Bijection as Cigar with type t = person, type u = cigar, axiom .
+  clone Bijection as Pet   with type t = person, type u = pet, axiom .

  (** Relative positions of the houses *)


--- a/examples/logic/sorted_list.why
+++ b/examples/logic/sorted_list.why
@@ -19,7 +19,7 @@ end

 theory SortedList
  use import List
-  clone import Order as O
+  clone import Order as O with axiom .

  inductive sorted (l : list t) =
    | sorted_nil :

--- a/examples/max_matrix.mlw
+++ b/examples/max_matrix.mlw
@@ -91,7 +91,7 @@ module MaxMatrixMemo
  use import Bitset
  use map.Map

-  clone import appmap.Appmap with type key = int
+  clone import appmap.Appmap with type key = int, axiom .

  val constant n : int
    ensures { 0 <= result <= size }
@@ -108,7 +108,7 @@ module MaxMatrixMemo
  predicate permutation (s: mapii) = solution s 0

  function f (s: mapii) (i: int) : int = m[i][Map.get s i]
-  clone import sum.Sum with type container = mapii, function f = f
+  clone import sum.Sum with type container = mapii, function f = f, axiom .

  lemma sum_ind:
    forall i: int. i < n -> forall j: int.

--- a/examples/mergesort_array.mlw
+++ b/examples/mergesort_array.mlw
@@ -15,9 +15,11 @@ module Elt

  val predicate le elt elt

-  clone relations.TotalPreOrder with type t = elt, predicate rel = le
+  clone relations.TotalPreOrder with
+    type t = elt, predicate rel = le, axiom .

-  clone export array.Sorted with type elt = elt, predicate le = le
+  clone export array.Sorted with type
+    elt = elt, predicate le = le, axiom .

 end

@@ -30,7 +32,7 @@ end

 module Merge

-  clone export Elt
+  clone export Elt with axiom .
  use export ref.Refint
  use export array.Array
  use import map.Occ
@@ -94,7 +96,7 @@ end

 module TopDownMergesort

-  clone import Merge
+  clone import Merge with axiom .
  use import mach.int.Int

  let rec mergesort_rec (a tmp: array elt) (l r: int) : unit
@@ -131,7 +133,7 @@ end

 module BottomUpMergesort

-  clone import Merge
+  clone import Merge with axiom .
  use import mach.int.Int
  use import int.MinMax

@@ -207,7 +209,7 @@ end

 module NaturalMergesort

-  clone import Merge
+  clone import Merge with axiom .
  use import mach.int.Int
  use import int.MinMax