Commit 9e6dacc7 authored by Andrei Paskevich's avatar Andrei Paskevich

"safe clone": by default, cloned axioms become lemmas

Clone "with axiom ." or "with goal ." to change the default
("with lemma ." is also accepted, just in case).
parent 0016da0c
...@@ -69,14 +69,15 @@ module AVL ...@@ -69,14 +69,15 @@ module AVL
the sequence. In other words, `M.sum f [a_1;...;a_n]` is the the sequence. In other words, `M.sum f [a_1;...;a_n]` is the
monoidal summary of sequence `[a_1;...;a_n]` with respect to monoidal summary of sequence `[a_1;...;a_n]` with respect to
measure `f`. *) measure `f`. *)
clone monoid.ComputableMonoid as M clone monoid.ComputableMonoid as M with axiom .
clone monoid.MonoidSum as M with clone monoid.MonoidSum as M with
(* scope M = M *) (* scope M = M *)
type M.t = M.t, type M.t = M.t,
constant M.zero = M.zero, constant M.zero = M.zero,
function M.op = M.op, function M.op = M.op,
goal M.assoc, goal M.assoc,
goal M.neutral goal M.neutral,
axiom .
(** Abstract description of the data stored in the tree: (** Abstract description of the data stored in the tree:
measurable elements. *) measurable elements. *)
......
...@@ -24,7 +24,7 @@ end ...@@ -24,7 +24,7 @@ end
module MonoidSum module MonoidSum
use import seq.Seq use import seq.Seq
clone import Monoid as M clone import Monoid as M with axiom .
function agg (f:'a -> t) (s:seq 'a) : t function agg (f:'a -> t) (s:seq 'a) : t
axiom agg_empty : forall f:'a -> t. agg f empty = zero axiom agg_empty : forall f:'a -> t. agg f empty = zero
...@@ -42,7 +42,7 @@ module MonoidSumDef ...@@ -42,7 +42,7 @@ module MonoidSumDef
use import seq.FreeMonoid use import seq.FreeMonoid
(* TODO: do that refinement correctly ! *) (* TODO: do that refinement correctly ! *)
clone import Monoid as M clone import Monoid as M with axiom .
let rec ghost function agg (f:'a -> t) (s:seq 'a) : M.t let rec ghost function agg (f:'a -> t) (s:seq 'a) : M.t
variant { length s } variant { length s }
...@@ -70,7 +70,7 @@ end ...@@ -70,7 +70,7 @@ end
(** {2 Computable monoid} *) (** {2 Computable monoid} *)
module ComputableMonoid module ComputableMonoid
clone export Monoid clone export Monoid with axiom .
(** Abstract routines computing operations in the monoid. *) (** Abstract routines computing operations in the monoid. *)
val zero () : t ensures { result = zero } val zero () : t ensures { result = zero }
......
...@@ -8,7 +8,7 @@ theory Full ...@@ -8,7 +8,7 @@ theory Full
(** Standard preorder theory. *) (** Standard preorder theory. *)
type t type t
predicate le t t predicate le t t
clone export relations.PreOrder with type t = t, predicate rel = le clone export relations.PreOrder with type t = t, predicate rel = le, axiom .
(** Definable symbols for equality and strict ordering. *) (** Definable symbols for equality and strict ordering. *)
predicate eq t t predicate eq t t
axiom eq_def : forall x y. eq x y <-> le x y /\ le y x axiom eq_def : forall x y. eq x y <-> le x y /\ le y x
...@@ -28,10 +28,9 @@ end ...@@ -28,10 +28,9 @@ end
(** {2 Total preorder} *) (** {2 Total preorder} *)
theory TotalFull theory TotalFull
clone export Full clone export Full with axiom .
clone export relations.Total with type t = t, predicate rel = le clone export relations.Total with type t = t, predicate rel = le, axiom Total
clone relations.Total as Lt with type t = t, clone relations.Total as Lt with type t = t, predicate rel = le, goal Total
predicate rel = le, goal Total
lemma lt_def2 : forall x y. lt x y <-> not le y x lemma lt_def2 : forall x y. lt x y <-> not le y x
end end
...@@ -40,7 +39,7 @@ end ...@@ -40,7 +39,7 @@ end
module Computable module Computable
use import int.Int use import int.Int
clone export TotalFull clone export TotalFull with axiom .
(** Comparison is computable. *) (** Comparison is computable. *)
val compare (x y:t) : int val compare (x y:t) : int
......
...@@ -24,7 +24,7 @@ module PQueue ...@@ -24,7 +24,7 @@ module PQueue
scope D type t 'a end scope D type t 'a end
scope K type t end scope K type t end
clone export key_type.KeyType with type t = D.t, type key = K.t clone export key_type.KeyType with type t = D.t, type key = K.t
clone preorder.Computable as CO with type t = K.t clone preorder.Computable as CO with type t = K.t, axiom .
(** {2 Instantiation of the AVL tree module} *) (** {2 Instantiation of the AVL tree module} *)
......
...@@ -24,7 +24,7 @@ module MapBase ...@@ -24,7 +24,7 @@ module MapBase
(** Stored elements are identified by totally ordered keys *) (** Stored elements are identified by totally ordered keys *)
scope D type t 'a end scope K type t end scope D type t 'a end scope K type t end
clone export key_type.KeyType with type t = D.t, type key = K.t clone export key_type.KeyType with type t = D.t, type key = K.t
clone preorder.Computable as CO with type t = K.t clone preorder.Computable as CO with type t = K.t, axiom .
scope D scope D
let function measure 'a : unit = () let function measure 'a : unit = ()
end end
...@@ -512,7 +512,7 @@ module Map ...@@ -512,7 +512,7 @@ module Map
(** Parameter: key type with computable total preorder. *) (** Parameter: key type with computable total preorder. *)
scope K type t end scope K type t end
clone preorder.Computable as CO with type t = K.t clone preorder.Computable as CO with type t = K.t, axiom .
(** Elements are key-value pairs *) (** Elements are key-value pairs *)
scope D scope D
...@@ -711,7 +711,7 @@ module Set ...@@ -711,7 +711,7 @@ module Set
(** Parameter: comparable elements. *) (** Parameter: comparable elements. *)
scope K type t end scope K type t end
clone preorder.Computable as CO with type t = K.t clone preorder.Computable as CO with type t = K.t, axiom .
(** Elements are themselves the keys. *) (** Elements are themselves the keys. *)
scope D scope D
......
...@@ -20,7 +20,7 @@ module BinomialHeap ...@@ -20,7 +20,7 @@ module BinomialHeap
type elt type elt
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with type t = elt, predicate rel = le, axiom .
(** Trees. (** Trees.
......
...@@ -358,7 +358,7 @@ theory BV32 ...@@ -358,7 +358,7 @@ theory BV32
function size : int = 32 function size : int = 32
clone export BitVector with function size, lemma size_positive clone export BitVector with function size, lemma size_positive, axiom .
end end
...@@ -367,7 +367,7 @@ theory BV64 ...@@ -367,7 +367,7 @@ theory BV64
function size : int = 64 function size : int = 64
clone export BitVector with function size, lemma size_positive clone export BitVector with function size, lemma size_positive, axiom .
end end
......
...@@ -26,7 +26,7 @@ module BraunHeaps ...@@ -26,7 +26,7 @@ module BraunHeaps
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with type t = elt, predicate rel = le, axiom .
(* [e] is no greater than the root of [t], if any *) (* [e] is no greater than the root of [t], if any *)
let predicate le_root (e: elt) (t: tree elt) = match t with let predicate le_root (e: elt) (t: tree elt) = match t with
......
...@@ -37,7 +37,7 @@ module Spec ...@@ -37,7 +37,7 @@ module Spec
type my_type type my_type
clone Signed as My_Type_T clone Signed as My_Type_T
with type signed_type = my_type with type signed_type = my_type, axiom .
axiom axiom_first : axiom axiom_first :
My_Type_T.first = 1 My_Type_T.first = 1
......
theory Test theory Test
type t type t
function f t t : t function f t t : t
clone algebra.AC with type t = t, function op = f clone algebra.AC with type t = t, function op = f, axiom .
goal G1 : forall x y : t. f x y = f y x goal G1 : forall x y : t. f x y = f y x
goal G2 : forall x y z : t. f (f x y) z = f x (f y z) goal G2 : forall x y z : t. f (f x y) z = f x (f y z)
end end
...@@ -60,7 +60,7 @@ module CoincidenceCountAnyType ...@@ -60,7 +60,7 @@ module CoincidenceCountAnyType
ensures { result <-> x = y } ensures { result <-> x = y }
val predicate rel (x y : t) val predicate rel (x y : t)
clone import relations.TotalStrictOrder with type t, predicate rel clone import relations.TotalStrictOrder with type t, predicate rel, axiom .
clone export list.Sorted clone export list.Sorted
with type t = t, predicate le = rel, goal Transitive.Trans with type t = t, predicate le = rel, goal Transitive.Trans
......
...@@ -280,7 +280,8 @@ theory Mat22 ...@@ -280,7 +280,8 @@ theory Mat22
clone export clone export
int.Exponentiation with int.Exponentiation with
type t = t, function one = id, function (*) = mult, type t = t, function one = id, function (*) = mult,
goal Assoc, goal Unit_def_l, goal Unit_def_r goal Assoc, goal Unit_def_l, goal Unit_def_r,
axiom . (* FIXME: replace with "goal" and prove *)
end end
......
...@@ -11,7 +11,7 @@ Authors: Martin Clochard ...@@ -11,7 +11,7 @@ Authors: Martin Clochard
module Tarski module Tarski
use import set.Fset use import set.Fset
clone export relations.PartialOrder clone export relations.PartialOrder with axiom .
constant a : set t constant a : set t
...@@ -28,7 +28,7 @@ end ...@@ -28,7 +28,7 @@ end
module Tarski_rec module Tarski_rec
use import set.Fset use import set.Fset
clone export Tarski clone export Tarski with axiom .
let lemma least_fix_point () : unit let lemma least_fix_point () : unit
ensures {exists mu. fixpoint mu /\ forall x. fixpoint x -> rel mu x } ensures {exists mu. fixpoint mu /\ forall x. fixpoint x -> rel mu x }
...@@ -45,7 +45,7 @@ end ...@@ -45,7 +45,7 @@ end
module Tarski_while module Tarski_while
use import set.Fset use import set.Fset
clone export Tarski clone export Tarski with axiom .
use import ref.Ref use import ref.Ref
let lemma least_fix_point () : unit let lemma least_fix_point () : unit
......
...@@ -6,9 +6,10 @@ module InsertionSort ...@@ -6,9 +6,10 @@ module InsertionSort
type elt type elt
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with
clone export list.Sorted with type t = elt, predicate le = le, type t = elt, predicate rel = le, axiom .
goal Transitive.Trans clone export list.Sorted with
type t = elt, predicate le = le, goal Transitive.Trans
use import list.List use import list.List
use import list.Permut use import list.Permut
......
...@@ -14,7 +14,8 @@ module Heap ...@@ -14,7 +14,8 @@ module Heap
type elt type elt
predicate le elt elt predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with
type t = elt, predicate rel = le, axiom .
type heap type heap
...@@ -103,7 +104,8 @@ module LeftistHeap ...@@ -103,7 +104,8 @@ module LeftistHeap
type elt type elt
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with
type t = elt, predicate rel = le, axiom .
use import TreeRank use import TreeRank
use export Size use export Size
......
...@@ -30,7 +30,7 @@ end ...@@ -30,7 +30,7 @@ end
module LinearProbing module LinearProbing
clone import HashedTypeWithDummy clone import HashedTypeWithDummy with axiom .
use import int.Int use import int.Int
use import int.ComputerDivision use import int.ComputerDivision
......
...@@ -33,14 +33,14 @@ theory Einstein ...@@ -33,14 +33,14 @@ theory Einstein
(** Each house is associated bijectively to a color and a person *) (** Each house is associated bijectively to a color and a person *)
clone Bijection as Color with type t = house, type u = color clone Bijection as Color with type t = house, type u = color, axiom .
clone Bijection as Owner with type t = house, type u = person clone Bijection as Owner with type t = house, type u = person, axiom .
(** Each drink, cigar brand and pet are associated bijectively to a person *) (** Each drink, cigar brand and pet are associated bijectively to a person *)
clone Bijection as Drink with type t = person, type u = drink clone Bijection as Drink with type t = person, type u = drink, axiom .
clone Bijection as Cigar with type t = person, type u = cigar clone Bijection as Cigar with type t = person, type u = cigar, axiom .
clone Bijection as Pet with type t = person, type u = pet clone Bijection as Pet with type t = person, type u = pet, axiom .
(** Relative positions of the houses *) (** Relative positions of the houses *)
......
...@@ -19,7 +19,7 @@ end ...@@ -19,7 +19,7 @@ end
theory SortedList theory SortedList
use import List use import List
clone import Order as O clone import Order as O with axiom .
inductive sorted (l : list t) = inductive sorted (l : list t) =
| sorted_nil : | sorted_nil :
......
...@@ -91,7 +91,7 @@ module MaxMatrixMemo ...@@ -91,7 +91,7 @@ module MaxMatrixMemo
use import Bitset use import Bitset
use map.Map use map.Map
clone import appmap.Appmap with type key = int clone import appmap.Appmap with type key = int, axiom .
val constant n : int val constant n : int
ensures { 0 <= result <= size } ensures { 0 <= result <= size }
...@@ -108,7 +108,7 @@ module MaxMatrixMemo ...@@ -108,7 +108,7 @@ module MaxMatrixMemo
predicate permutation (s: mapii) = solution s 0 predicate permutation (s: mapii) = solution s 0
function f (s: mapii) (i: int) : int = m[i][Map.get s i] function f (s: mapii) (i: int) : int = m[i][Map.get s i]
clone import sum.Sum with type container = mapii, function f = f clone import sum.Sum with type container = mapii, function f = f, axiom .
lemma sum_ind: lemma sum_ind:
forall i: int. i < n -> forall j: int. forall i: int. i < n -> forall j: int.
......
...@@ -15,9 +15,11 @@ module Elt ...@@ -15,9 +15,11 @@ module Elt
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with
type t = elt, predicate rel = le, axiom .
clone export array.Sorted with type elt = elt, predicate le = le clone export array.Sorted with type
elt = elt, predicate le = le, axiom .
end end
...@@ -30,7 +32,7 @@ end ...@@ -30,7 +32,7 @@ end
module Merge module Merge
clone export Elt clone export Elt with axiom .
use export ref.Refint use export ref.Refint
use export array.Array use export array.Array
use import map.Occ use import map.Occ
...@@ -94,7 +96,7 @@ end ...@@ -94,7 +96,7 @@ end
module TopDownMergesort module TopDownMergesort
clone import Merge clone import Merge with axiom .
use import mach.int.Int use import mach.int.Int
let rec mergesort_rec (a tmp: array elt) (l r: int) : unit let rec mergesort_rec (a tmp: array elt) (l r: int) : unit
...@@ -131,7 +133,7 @@ end ...@@ -131,7 +133,7 @@ end
module BottomUpMergesort module BottomUpMergesort
clone import Merge clone import Merge with axiom .
use import mach.int.Int use import mach.int.Int
use import int.MinMax use import int.MinMax
...@@ -207,7 +209,7 @@ end ...@@ -207,7 +209,7 @@ end
module NaturalMergesort module NaturalMergesort
clone import Merge clone import Merge with axiom .
use import mach.int.Int use import mach.int.Int
use import int.MinMax use import int.MinMax
......
...@@ -14,9 +14,10 @@ module Elt ...@@ -14,9 +14,10 @@ module Elt
type elt type elt
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder
clone export list.Sorted with type t = elt, predicate le = le, with type t = elt, predicate rel = le, axiom .
goal Transitive.Trans clone export list.Sorted with
type t = elt, predicate le = le, goal Transitive.Trans
end end
...@@ -24,7 +25,7 @@ end ...@@ -24,7 +25,7 @@ end
module Merge (* : MergeSpec *) module Merge (* : MergeSpec *)
clone export Elt clone export Elt with axiom .
let rec merge (l1 l2: list elt) : list elt let rec merge (l1 l2: list elt) : list elt
requires { sorted l1 /\ sorted l2 } requires { sorted l1 /\ sorted l2 }
...@@ -44,7 +45,7 @@ end ...@@ -44,7 +45,7 @@ end
module EfficientMerge (* : MergeSpec *) module EfficientMerge (* : MergeSpec *)
clone export Elt clone export Elt with axiom .
use import list.Mem use import list.Mem
use import list.Reverse use import list.Reverse
use import list.RevAppend use import list.RevAppend
...@@ -84,7 +85,7 @@ end ...@@ -84,7 +85,7 @@ end
module Mergesort module Mergesort
clone import Merge (* or EfficientMerge *) clone import Merge (* or EfficientMerge *) with axiom .
let split (l0: list 'a) : (list 'a, list 'a) let split (l0: list 'a) : (list 'a, list 'a)
requires { length l0 >= 2 } requires { length l0 >= 2 }
...@@ -132,7 +133,7 @@ end ...@@ -132,7 +133,7 @@ end
module OCamlMergesort module OCamlMergesort
clone export Elt clone export Elt with axiom .
use import list.Mem use import list.Mem
use import list.Reverse use import list.Reverse
use import list.RevAppend use import list.RevAppend
......
...@@ -15,9 +15,10 @@ module MergesortQueue ...@@ -15,9 +15,10 @@ module MergesortQueue
type elt type elt
val predicate le elt elt val predicate le elt elt
clone relations.TotalPreOrder with type t = elt, predicate rel = le clone relations.TotalPreOrder with
clone export list.Sorted with type t = elt, predicate le = le, type t = elt, predicate rel = le, axiom .
goal Transitive.Trans clone export list.Sorted with
type t = elt, predicate le = le, goal Transitive.Trans
let merge (q1: t elt) (q2: t elt) (q: t elt) let merge (q1: t elt) (q2: t elt) (q: t elt)
requires { q.elts = Nil /\ sorted q1.elts /\ sorted q2.elts } requires { q.elts = Nil /\ sorted q1.elts /\ sorted q2.elts }
......
...@@ -2,13 +2,17 @@ module LinearEquationsCoeffs ...@@ -2,13 +2,17 @@ module LinearEquationsCoeffs
type a type a
function (+) a a : a function (+) a a : a
function ( *) a a : a function (*) a a : a
function (-_) a : a function (-_) a : a
function azero: a function azero: a
function aone: a function aone: a
predicate ale a a predicate ale a a
clone algebra.OrderedUnitaryCommutativeRing as A with type t = a, function (+) = (+), function ( *) = ( *), function (-_) = (-_), constant zero = azero, constant one=aone, predicate (<=) = ale clone algebra.OrderedUnitaryCommutativeRing as A with
type t = a, function (+) = (+), function (*) = (*),
function (-_) = (-_), constant zero = azero,
constant one=aone, predicate (<=) = ale,
axiom .
function (-) a a : a function (-) a a : a
...@@ -57,7 +61,7 @@ module LinearEquationsDecision ...@@ -57,7 +61,7 @@ module LinearEquationsDecision
use import int.Int use import int.Int
type coeff type coeff
clone LinearEquationsCoeffs as C with type t = coeff clone LinearEquationsCoeffs as C with type t = coeff, axiom .
type vars = C.vars type vars = C.vars
type expr = Term coeff int | Add expr expr | Cst coeff type expr = Term coeff int | Add expr expr | Cst coeff
...@@ -80,7 +84,7 @@ let rec predicate expr_bound (e:expr) (b:int) ...@@ -80,7 +84,7 @@ let rec predicate expr_bound (e:expr) (b:int)
function interp (e:expr) (y:vars) (z:C.cvars) : C.a function interp (e:expr) (y:vars) (z:C.cvars) : C.a
= match e with = match e with
| Term c v -> C.( *) (C.interp c z) (y v) | Term c v -> C.(*) (C.interp c z) (y v)