gcd_bezout: this is ghost code

c07f1a25 · Jean-Christophe Filliâtre · 43b684d0 · c07f1a25
Commit c07f1a25 authored Mar 04, 2013 by Jean-Christophe Filliâtre
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 5 deletions

examples/gcd_bezout.mlw examples/gcd_bezout.mlw +6 -5

No files found.
--- a/examples/gcd_bezout.mlw
+++ b/examples/gcd_bezout.mlw
@@ -12,19 +12,20 @@ module GcdBezout
    requires { x >= 0 /\ y >= 0 }
    ensures  { result = gcd x y }
    ensures  { exists a b:int. a*x+b*y = result }
-  = let x = ref x in let y = ref y in
+    =
+    let x = ref x in let y = ref y in
 'Pre:
-    let a = ref 1 in let b = ref 0 in
-    let c = ref 0 in let d = ref 1 in
+    let ghost a = ref 1 in let ghost b = ref 0 in
+    let ghost c = ref 0 in let ghost d = ref 1 in
    while (!y > 0) do
       invariant { !x >= 0 /\ !y >= 0 }
       invariant { gcd !x !y = gcd (at !x 'Pre) (at !y 'Pre) }
       invariant { !a * (at !x 'Pre) + !b * (at !y 'Pre) = !x }
       invariant { !c * (at !x 'Pre) + !d * (at !y 'Pre) = !y }
       variant { !y }
-       let r = mod !x !y in let q = div !x !y in
+       let r = mod !x !y in let ghost q = div !x !y in
       x := !y; y := r;
-       let ta = !a in let tb = !b in
+       let ghost ta = !a in let ghost tb = !b in
       a := !c; b := !d;
       c := ta - !c * q; d := tb - !d * q
    done;