new example: bignum (from a PVS tutorial)

parent abded659
(** Big numbers as little-endian lists of digits.
This is borrowed from a PVS tutorial.
(see for instance http://fm.csl.sri.com/SSFT11/ITPSummerFormal2011.pdf)
In addition, we show that the representation is valid (all digits in
0..base-1) and canonical (no most significant 0 digits).
*)
module BigNum
use import int.Int
use import list.List
constant base: int
axiom base_gt1: base > 1
type digit = int
type num = list digit
function value (n: num) : int =
match n with
| Nil -> 0
| Cons d r -> d + base * value r
end
predicate valid (n: num) =
match n with
| Nil -> true
| Cons d Nil -> 0 < d < base
| Cons d r -> 0 <= d < base && valid r
end
let rec lemma nonneg (n: num) : unit
requires { valid n }
ensures { value n >= 0 }
variant { n }
= match n with Nil -> () | Cons _ r -> nonneg r end
let rec lemma msd (n: num)
requires { valid n }
ensures { value n = 0 <-> n = Nil }
variant { n }
= match n with Nil -> () | Cons _ r -> msd r end
let rec add_digit (n: num) (d: digit) : num
requires { valid n }
requires { 0 <= d < base }
ensures { valid result }
ensures { value result = value n + d }
variant { n }
= match n with
| Nil ->
if d = 0 then Nil else Cons d Nil
| Cons d0 r ->
if d + d0 < base then Cons (d + d0) r
else Cons (d + d0 - base) (add_digit r 1)
end
let rec add_cin (n1 n2: num) (cin: int) : num
requires { valid n1 && valid n2 && 0 <= cin <= 1 }
ensures { valid result }
ensures { value result = value n1 + value n2 + cin }
variant { n1 }
= match n1, n2 with
| Nil, _ ->
add_digit n2 cin
| Cons _ _, Nil ->
add_digit n1 cin
| Cons d1 r1, Cons d2 r2 ->
let d = cin + d1 + d2 in
if d < base then Cons d (add_cin r1 r2 0)
else Cons (d - base) (add_cin r1 r2 1)
end
let add (n1 n2: num) : num
requires { valid n1 && valid n2 }
ensures { valid result }
ensures { value result = value n1 + value n2 }
= add_cin n1 n2 0
end
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE why3session PUBLIC "-//Why3//proof session v5//EN"
"http://why3.lri.fr/why3session.dtd">
<why3session shape_version="4">
<prover id="0" name="Alt-Ergo" version="1.01" timelimit="6" steplimit="0" memlimit="1000"/>
<prover id="1" name="CVC4" version="1.4" timelimit="6" steplimit="0" memlimit="1000"/>
<file name="../bignum.mlw">
<theory name="BigNum" sum="cf395b347f7215e18d58f74c8b3507a5">
<goal name="WP_parameter nonneg" expl="VC for nonneg">
<transf name="split_goal_wp">
<goal name="WP_parameter nonneg.1" expl="1. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="5"/></proof>
</goal>
<goal name="WP_parameter nonneg.2" expl="2. variant decrease">
<proof prover="0"><result status="valid" time="0.01" steps="9"/></proof>
</goal>
<goal name="WP_parameter nonneg.3" expl="3. precondition">
<proof prover="1"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter nonneg.4" expl="4. postcondition">
<transf name="compute_in_goal">
<goal name="WP_parameter nonneg.4.1" expl="1. postcondition">
<proof prover="0"><result status="valid" time="5.21" steps="114"/></proof>
</goal>
</transf>
</goal>
</transf>
</goal>
<goal name="WP_parameter msd" expl="VC for msd">
<transf name="split_goal_wp">
<goal name="WP_parameter msd.1" expl="1. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="5"/></proof>
</goal>
<goal name="WP_parameter msd.2" expl="2. variant decrease">
<proof prover="0"><result status="valid" time="0.01" steps="9"/></proof>
</goal>
<goal name="WP_parameter msd.3" expl="3. precondition">
<proof prover="1"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter msd.4" expl="4. postcondition">
<transf name="compute_in_goal">
<goal name="WP_parameter msd.4.1" expl="1. postcondition">
<proof prover="0"><result status="valid" time="1.62" steps="80"/></proof>
</goal>
</transf>
</goal>
</transf>
</goal>
<goal name="WP_parameter add_digit" expl="VC for add_digit">
<transf name="split_goal_wp">
<goal name="WP_parameter add_digit.1" expl="1. postcondition">
<proof prover="0"><result status="valid" time="0.01" steps="15"/></proof>
</goal>
<goal name="WP_parameter add_digit.2" expl="2. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_digit.3" expl="3. postcondition">
<proof prover="1"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter add_digit.4" expl="4. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_digit.5" expl="5. variant decrease">
<proof prover="0"><result status="valid" time="0.01" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_digit.6" expl="6. precondition">
<proof prover="1"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter add_digit.7" expl="7. precondition">
<proof prover="0"><result status="valid" time="0.00" steps="8"/></proof>
</goal>
<goal name="WP_parameter add_digit.8" expl="8. postcondition">
<transf name="compute_in_goal">
<goal name="WP_parameter add_digit.8.1" expl="1. postcondition">
<proof prover="0"><result status="timeout" time="5.99"/></proof>
<proof prover="1"><result status="valid" time="0.04"/></proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter add_digit.9" expl="9. postcondition">
<proof prover="0"><result status="valid" time="0.01" steps="13"/></proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter add_cin" expl="VC for add_cin">
<transf name="split_goal_wp">
<goal name="WP_parameter add_cin.1" expl="1. precondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_cin.2" expl="2. precondition">
<proof prover="0"><result status="valid" time="0.01" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_cin.3" expl="3. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_cin.4" expl="4. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_cin.5" expl="5. precondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_cin.6" expl="6. precondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_cin.7" expl="7. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_cin.8" expl="8. postcondition">
<proof prover="0"><result status="valid" time="0.01" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_cin.9" expl="9. precondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_cin.10" expl="10. precondition">
<proof prover="0"><result status="valid" time="0.00" steps="9"/></proof>
</goal>
<goal name="WP_parameter add_cin.11" expl="11. postcondition">
<proof prover="0"><result status="valid" time="0.01" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_cin.12" expl="12. postcondition">
<proof prover="0"><result status="valid" time="0.00" steps="12"/></proof>
</goal>
<goal name="WP_parameter add_cin.13" expl="13. variant decrease">
<proof prover="0"><result status="valid" time="0.03" steps="14"/></proof>
</goal>
<goal name="WP_parameter add_cin.14" expl="14. precondition">
<proof prover="1"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter add_cin.15" expl="15. postcondition">
<proof prover="1"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter add_cin.16" expl="16. postcondition">
<proof prover="0"><result status="valid" time="0.01" steps="17"/></proof>
</goal>
<goal name="WP_parameter add_cin.17" expl="17. variant decrease">
<proof prover="0"><result status="valid" time="0.03" steps="14"/></proof>
</goal>
<goal name="WP_parameter add_cin.18" expl="18. precondition">
<proof prover="1"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="WP_parameter add_cin.19" expl="19. postcondition">
<proof prover="1"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter add_cin.20" expl="20. postcondition">
<proof prover="0"><result status="valid" time="0.02" steps="17"/></proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter add" expl="VC for add">
<proof prover="0"><result status="valid" time="0.00" steps="7"/></proof>
</goal>
</theory>
</file>
</why3session>
......@@ -293,11 +293,14 @@ version_ok = "0.6"
[ATP princess]
name = "Princess"
exec = "princess"
exec = "princess-2015-12-07"
# version_switch = "-h"
version_regexp = "(CASC version \\([0-9-]+\\))"
# version_regexp = "(CASC version \\([0-9-]+\\))"
version_regexp = "(release \\([0-9-]+\\))"
command = "%e -timeout=%t %f"
driver = "drivers/princess.drv"
version_ok = "2013-05-13"
# version_ok = "2013-05-13"
version_ok = "2015-12-07"
[ATP beagle]
name = "Beagle"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment