Commit a38e8717 authored by MARCHE Claude's avatar MARCHE Claude

a bit more proofs in WP examples

parent 683e91f1
......@@ -723,7 +723,7 @@ predicate expr_writes (e:expr) (w:Set.set mident) =
| Ederef x -> Flet result (Tderef x) q
| Eassert f ->
(* asymmetric and *)
Fand f (Fimplies f q)
Fand f (Fimplies f (Flet result (Tvalue Vvoid) q))
| Eseq e1 e2 -> wp e1 (wp e2 q)
| Elet id e1 e2 -> wp e1 (Flet id (Tvar result) (wp e2 q))
| Ebin e1 op e2 ->
......@@ -755,6 +755,10 @@ predicate expr_writes (e:expr) (w:Set.set mident) =
end
lemma result_always_fresh_in_wp:
forall e:expr, q:fmla. fresh_in_fmla result (wp e q)
(* lemma wp_subst: *)
(* forall e:expr, q:fmla, id :mident, id':ident. *)
(* fresh_in_expr id e -> *)
......
(* obsolete
module M
use import int.Int
......@@ -15,4 +16,36 @@ module M
goal C : f(3) = 4
end
*)
module Termination
type t = A t | B
predicate p (x:t) =
match x with
| A y -> p y
| B -> true
end
predicate q (x:t) =
match x with
| A (A y) -> q y
| A y -> false
| B -> true
end
type t1 = E t2
with t2 = C t1 | D
predicate r (x:t1) =
match x with
| E (C y) -> r y
| E D -> true
end
end
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment