Commit ceff2857 authored by Jean-Christophe Filliâtre's avatar Jean-Christophe Filliâtre
Browse files

library:

- new module Bag
- new function choose in set.Set
parent f40a93ad
(* The 2nd Verified Software Competition (VSTTE 2012)
(* The 2nd Verified Software Competition (VSTTE 2012)
https://sites.google.com/site/vstte2012/compet
Problem 5:
......@@ -7,14 +7,13 @@
theory Graph
use import set.Fset
use import int.Int
use export set.Fset
type vertex
function succ vertex : set vertex
use import int.Int
(* there is a path of length n from v1 to v2 *)
inductive path (v1 v2: vertex) (n: int) =
| path_empty:
......@@ -47,33 +46,11 @@ theory Graph
end
(* a bag is simply a reference containing a finite set *)
module Bag
use export set.Fset
use export module ref.Ref
type bag 'a = ref (set 'a)
val is_empty (b: bag 'a) :
{} bool { result=True <-> is_empty !b }
val push (x: 'a) (b: bag 'a) :
{} unit writes b { !b = add x (old !b) }
val take (b: bag 'a) :
{ not (is_empty !b) }
'a
writes b
{ mem result (old !b) /\ !b = remove result (old !b) }
end
module BFS
use import int.Int
use import Graph
use import module Bag
use module bag.Bag as B
use import module ref.Refint
exception Found int
......@@ -102,22 +79,22 @@ module BFS
forall y: vertex. mem y (succ x) -> mem y visited
(* function fill_next fills set next with the unvisited successors of v *)
let fill_next (s t v: vertex) (visited current next: bag vertex) (d:ref int) =
let fill_next (s t v: vertex) (visited current next: B.t vertex) (d:ref int) =
{ inv s t !visited !current !next !d /\
shortest_path s v !d /\
(forall x: vertex. x<> v -> closure !visited !current !next x) }
let acc = ref (succ v) in
while not (is_empty acc) do
while not (B.is_empty acc) do
invariant {
inv s t !visited !current !next !d /\
subset !acc (succ v) /\
subset (diff (succ v) !acc) !visited /\
(forall x: vertex. x<> v -> closure !visited !current !next x)
}
let w = take acc in
let w = B.pop acc in
if not (mem w !visited) then begin
push w visited;
push w next
B.push w visited;
B.push w next
end
done
{ inv s t !visited !current !next !d /\
......@@ -130,17 +107,17 @@ module BFS
let current = ref (singleton s) in
let next = ref empty in
let d = ref 0 in
while not (is_empty current) do
while not (B.is_empty current) do
invariant {
inv s t !visited !current !next !d /\
(is_empty !current -> is_empty !next) /\
(forall x: vertex. closure !visited !current !next x) /\
0 <= !d
}
let v = take current in
let v = B.pop current in
if v = t then raise (Found !d);
fill_next s t v visited current next d;
if is_empty current then begin
if B.is_empty current then begin
current := !next;
next := empty;
incr d
......
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE why3session SYSTEM "/home/marche/why3/share/why3session.dtd">
<!DOCTYPE why3session SYSTEM "/home/jc/why3/share/why3session.dtd">
<why3session
name="./programs/vstte12_bfs/why3session.xml">
name="vstte12_bfs/why3session.xml">
<prover
id="0"
name="Alt-Ergo"
......@@ -20,100 +20,93 @@
version="2.19"/>
<file
name="../vstte12_bfs.mlw"
verified="true"
expanded="false">
verified="false"
expanded="true">
<theory
name="Graph"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="8" loccnumb="7" loccnume="12"
verified="true"
verified="false"
expanded="false">
<goal
name="path_nonneg"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="27" loccnumb="8" loccnume="19"
sum="5f42986243ecbf719911aa8c82550b27"
proved="true"
sum="0fdadd8ba335bb7025230dd6f26a5831"
proved="false"
expanded="false"
shape="ainfix >=V2c0IapathV0V1V2F">
shape="ainfix &gt;=V2c0IapathV0V1V2F">
<proof
prover="2"
timelimit="10"
edited="vstte12_bfs_Graph_path_nonneg_1.v"
obsolete="false"
obsolete="true"
archived="false">
<result status="valid" time="0.50"/>
</proof>
</goal>
<goal
name="path_inversion"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="31" loccnumb="8" loccnume="22"
sum="645880ac5c8178b9c8d2fde7d10edb09"
proved="true"
sum="56cb3005d998e991ca0f97c62cac1974"
proved="false"
expanded="false"
shape="amemV1asuccV3AapathV0V3V2EIapathV0V1ainfix +V2c1Iainfix >=V2c0F">
shape="amemV1asuccV3AapathV0V3V2EIapathV0V1ainfix +V2c1Iainfix &gt;=V2c0F">
<proof
prover="2"
timelimit="10"
edited="vstte12_bfs_Graph_path_inversion_1.v"
obsolete="false"
obsolete="true"
archived="false">
<result status="valid" time="0.50"/>
</proof>
</goal>
<goal
name="path_closure"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="37" loccnumb="8" loccnume="20"
sum="8b5c33528e22840333b481186f2e35ce"
proved="true"
sum="be094b08e9d30865152f5290c6f529eb"
proved="false"
expanded="false"
shape="amemV2V0IamemV1V0IapathV1V2V3FIamemV5V0IamemV5asuccV4FIamemV4V0FF">
<proof
prover="2"
timelimit="10"
edited="vstte12_bfs_Graph_path_closure_1.v"
obsolete="false"
obsolete="true"
archived="false">
<result status="valid" time="0.49"/>
</proof>
</goal>
</theory>
<theory
name="WP Bag"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="51" loccnumb="7" loccnume="10"
verified="true"
expanded="false">
</theory>
<theory
name="WP BFS"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="72" loccnumb="7" loccnume="10"
verified="true"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="50" loccnumb="7" loccnume="10"
verified="false"
expanded="true">
<goal
name="WP_parameter fill_next"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="a5c844ec2b4060ccfcd38e72bef1eb9e"
sum="379c7ffb0bde5f5ac1f0a0cf8c531967"
proved="true"
expanded="true"
expanded="false"
shape="iainfix =V10aTrueNiamemV12V9NaclosureV13V3V14V15Iainfix =V15V2NFAasubsetadiffasuccV2V11V13AasubsetV11asuccV2AainvV0V1V13V3V14V4Iainfix =V14aaddV12V8FIainfix =V13aaddV12V9FaclosureV9V3V8V16Iainfix =V16V2NFAasubsetadiffasuccV2V11V9AasubsetV11asuccV2AainvV0V1V9V3V8V4Iainfix =V11aremoveV12V7AamemV12V7FFAais_emptyV7NaclosureV9V3V8V17FAasubsetasuccV2V9AainvV0V1V9V3V8V4Iais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V18Iainfix =V18V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFAaclosureV6V3V5V19Iainfix =V19V2NFAasubsetadiffasuccV2asuccV2V6AasubsetasuccV2asuccV2AainvV0V1V6V3V5V4IaclosureV6V3V5V20Iainfix =V20V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
<label
name="expl:parameter fill_next"/>
<transf
name="split_goal"
proved="true"
expanded="true">
expanded="false">
<goal
name="WP_parameter fill_next.1"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="loop invariant init"
sum="7fe45e2e066a393dfb691abcab8343e3"
sum="c558e5bfe4ee645c8aec3e35cd930b77"
proved="true"
expanded="false"
shape="aclosureV6V3V5V7Iainfix =V7V2NFAasubsetadiffasuccV2asuccV2V6AasubsetasuccV2asuccV2AainvV0V1V6V3V5V4IaclosureV6V3V5V8Iainfix =V8V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -124,15 +117,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.02"/>
<result status="valid" time="0.10"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.2"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="precondition"
sum="4a90a32af53a83f5e5545dff58624d6a"
sum="1e9f10e3c527ee1c34f79a07541521bd"
proved="true"
expanded="false"
shape="ais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V11Iainfix =V11V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V12Iainfix =V12V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -143,30 +136,30 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.3"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="loop invariant preservation"
sum="42957a4dc505b7ee9d66fbdc62b64678"
sum="86c65a9ce10284cc7884fce447c7659f"
proved="true"
expanded="true"
expanded="false"
shape="aclosureV13V3V14V15Iainfix =V15V2NFAasubsetadiffasuccV2V11V13AasubsetV11asuccV2AainvV0V1V13V3V14V4Iainfix =V14aaddV12V8FIainfix =V13aaddV12V9FIamemV12V9NIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V16Iainfix =V16V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V17Iainfix =V17V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
<label
name="expl:parameter fill_next"/>
<transf
name="split_goal"
proved="true"
expanded="true">
expanded="false">
<goal
name="WP_parameter fill_next.3.1"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="d5cdb6207b86fd25f055832fe0f751a0"
sum="2865aaac9ba0bfe62eb96d94b92dfcf0"
proved="true"
expanded="false"
shape="ainvV0V1V13V3V14V4Iainfix =V14aaddV12V8FIainfix =V13aaddV12V9FIamemV12V9NIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V15Iainfix =V15V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V16Iainfix =V16V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -174,18 +167,18 @@
name="expl:parameter fill_next"/>
<proof
prover="1"
timelimit="10"
timelimit="20"
obsolete="false"
archived="false">
<result status="valid" time="0.85"/>
<result status="valid" time="7.90"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.3.2"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="1d277cca45db122eeb3191b616f487b7"
sum="a3be308c16dace36b000f69ce98e6bca"
proved="true"
expanded="false"
shape="asubsetV11asuccV2Iainfix =V14aaddV12V8FIainfix =V13aaddV12V9FIamemV12V9NIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V15Iainfix =V15V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V16Iainfix =V16V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -196,15 +189,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.04"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.3.3"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="35dc39d69d5e4f6ae631c6b041cfb7b9"
sum="69f2b9de8728ead59941a0f9060b245e"
proved="true"
expanded="false"
shape="asubsetadiffasuccV2V11V13Iainfix =V14aaddV12V8FIainfix =V13aaddV12V9FIamemV12V9NIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V15Iainfix =V15V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V16Iainfix =V16V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -215,15 +208,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.16"/>
<result status="valid" time="0.54"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.3.4"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="12e0c8ca286d7936e7a985108f04d784"
sum="791fa8e00876395c5a12f919ccaf06e3"
proved="true"
expanded="false"
shape="aclosureV13V3V14V15Iainfix =V15V2NFIainfix =V14aaddV12V8FIainfix =V13aaddV12V9FIamemV12V9NIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V16Iainfix =V16V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V17Iainfix =V17V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -234,32 +227,32 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.04"/>
<result status="valid" time="0.15"/>
</proof>
</goal>
</transf>
</goal>
<goal
name="WP_parameter fill_next.4"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="loop invariant preservation"
sum="8e7759486bb075074bb19d6b337b8ee6"
sum="6812a5af0e167f427108c7f1fda34fe2"
proved="true"
expanded="true"
expanded="false"
shape="aclosureV9V3V8V13Iainfix =V13V2NFAasubsetadiffasuccV2V11V9AasubsetV11asuccV2AainvV0V1V9V3V8V4IamemV12V9NNIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V14Iainfix =V14V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V15Iainfix =V15V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
<label
name="expl:parameter fill_next"/>
<transf
name="split_goal"
proved="true"
expanded="true">
expanded="false">
<goal
name="WP_parameter fill_next.4.1"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="801f214379eb1be822b907bdf771b9b5"
sum="dd627a76826ea695235b4f42587be300"
proved="true"
expanded="false"
shape="ainvV0V1V9V3V8V4IamemV12V9NNIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V13Iainfix =V13V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V14Iainfix =V14V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -270,15 +263,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.04"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.4.2"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="ab972373121a5001e172cbdd6e09fe89"
sum="40dd177d57e50aec7a659e27bf081d7c"
proved="true"
expanded="false"
shape="asubsetV11asuccV2IamemV12V9NNIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V13Iainfix =V13V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V14Iainfix =V14V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -289,15 +282,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.04"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.4.3"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="5cb84bd4f2db085ac2c91e1ec1ba5e02"
sum="4ef057cbc27452448b693ebb8cf52d2b"
proved="true"
expanded="false"
shape="asubsetadiffasuccV2V11V9IamemV12V9NNIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V13Iainfix =V13V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V14Iainfix =V14V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -308,15 +301,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.03"/>
<result status="valid" time="0.10"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.4.4"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="1f398118cf83bfdcc0c93ec3631e23ec"
sum="1460e4972d3a596a6893e473cab193ee"
proved="true"
expanded="false"
shape="aclosureV9V3V8V13Iainfix =V13V2NFIamemV12V9NNIainfix =V11aremoveV12V7AamemV12V7FFIais_emptyV7NIainfix =V10aTrueNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V14Iainfix =V14V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V15Iainfix =V15V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -327,32 +320,32 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.04"/>
</proof>
</goal>
</transf>
</goal>
<goal
name="WP_parameter fill_next.5"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="normal postcondition"
sum="3d3f88adaf23744acaed57bdb7fca210"
sum="a092ff0ad58e34044c09dffa51a1f40d"
proved="true"
expanded="true"
expanded="false"
shape="aclosureV9V3V8V11FAasubsetasuccV2V9AainvV0V1V9V3V8V4Iainfix =V10aTrueNNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V12Iainfix =V12V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V13Iainfix =V13V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
<label
name="expl:parameter fill_next"/>
<transf
name="split_goal"
proved="true"
expanded="true">
expanded="false">
<goal
name="WP_parameter fill_next.5.1"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="260911db635b5013e86a3b67aa877f71"
sum="87903e4eb9c9bf6d49f6e50d7dad0e60"
proved="true"
expanded="false"
shape="ainvV0V1V9V3V8V4Iainfix =V10aTrueNNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V11Iainfix =V11V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V12Iainfix =V12V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -363,15 +356,15 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.01"/>
<result status="valid" time="0.03"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.5.2"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="cba35ab88013a4a58ec98acade29d702"
sum="4c01f1ec185b9c0c059a10be184e4243"
proved="true"
expanded="false"
shape="asubsetasuccV2V9Iainfix =V10aTrueNNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V11Iainfix =V11V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V12Iainfix =V12V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
......@@ -382,33 +375,33 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="1.14"/>
<result status="valid" time="3.64"/>
</proof>
</goal>
<goal
name="WP_parameter fill_next.5.3"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="ad6c25847539a05de6e00470cdd9567e"
sum="f6fe18468e528d716b8cd36382fbda9d"
proved="true"
expanded="true"
expanded="false"
shape="aclosureV9V3V8V11FIainfix =V10aTrueNNIais_emptyV7qainfix =V10aTrueFIaclosureV9V3V8V12Iainfix =V12V2NFAasubsetadiffasuccV2V7V9AasubsetV7asuccV2AainvV0V1V9V3V8V4FFFIaclosureV6V3V5V13Iainfix =V13V2NFAashortest_pathV0V2V4AainvV0V1V6V3V5V4FFFFFFF">
<label
name="expl:parameter fill_next"/>
<transf
name="inline_goal"
proved="true"
expanded="true">
expanded="false">
<goal
name="WP_parameter fill_next.5.3.1"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="15"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="83" loccnumb="6" loccnume="15"
expl="parameter fill_next"
sum="dfe8a1ba71386fdf25fed97ff2a94bb2"
sum="cbe9ba234161bc112de49155e9e5ac20"
proved="true"
expanded="false"
shape="amemV12V9IamemV12asuccV11FIamemV11V8NIamemV11V3NIamemV11V9FIainfix =V10aTrueNNIamemV13V7NFqainfix =V10aTrueFIamemV15V9IamemV15asuccV14FIamemV14V8NIamemV14V3NIamemV14V9Iainfix =V14V2NFAamemV16V9IamemV16adiffasuccV2V7FAamemV17asuccV2IamemV17V7FAamemV1V8OamemV1V3IamemV1V9AamemV18V9NOamemV18V8Iashortest_pathV0V18ainfix +V4c1FAainfix <=V20ainfix +V4c1AapathV0V19V20EIamemV19V9FAamemV21V9Iainfix <=V22V4IapathV0V21V22FAashortest_pathV0V23ainfix +V4c1IamemV23V8FAasubsetV8V9Aashortest_pathV0V24V4IamemV24V3FAasubsetV3V9FFFIamemV26V6IamemV26asuccV25FIamemV25V5NIamemV25V3NIamemV25V6Iainfix =V25V2NFAapathV0V2V27NIainfix <V27V4FAapathV0V2V4AamemV1V5OamemV1V3IamemV1V6AamemV28V6NOamemV28V5Iashortest_pathV0V28ainfix +V4c1FAainfix <=V30ainfix +V4c1AapathV0V29V30EIamemV29V6FAamemV31V6Iainfix <=V32V4IapathV0V31V32FAashortest_pathV0V33ainfix +V4c1IamemV33V5FAasubsetV5V6Aashortest_pathV0V34V4IamemV34V3FAasubsetV3V6FFFFFFF">
shape="amemV12V9IamemV12asuccV11FIamemV11V8NIamemV11V3NIamemV11V9FIainfix =V10aTrueNNIamemV13V7NFqainfix =V10aTrueFIamemV15V9IamemV15asuccV14FIamemV14V8NIamemV14V3NIamemV14V9Iainfix =V14V2NFAamemV16V9IamemV16adiffasuccV2V7FAamemV17asuccV2IamemV17V7FAamemV1V8OamemV1V3IamemV1V9AamemV18V9NOamemV18V8Iashortest_pathV0V18ainfix +V4c1FAainfix &lt;=V20ainfix +V4c1AapathV0V19V20EIamemV19V9FAamemV21V9Iainfix &lt;=V22V4IapathV0V21V22FAashortest_pathV0V23ainfix +V4c1IamemV23V8FAasubsetV8V9Aashortest_pathV0V24V4IamemV24V3FAasubsetV3V9FFFIamemV26V6IamemV26asuccV25FIamemV25V5NIamemV25V3NIamemV25V6Iainfix =V25V2NFAapathV0V2V27NIainfix &lt;V27V4FAapathV0V2V4AamemV1V5OamemV1V3IamemV1V6AamemV28V6NOamemV28V5Iashortest_pathV0V28ainfix +V4c1FAainfix &lt;=V30ainfix +V4c1AapathV0V29V30EIamemV29V6FAamemV31V6Iainfix &lt;=V32V4IapathV0V31V32FAashortest_pathV0V33ainfix +V4c1IamemV33V5FAasubsetV5V6Aashortest_pathV0V34V4IamemV34V3FAasubsetV3V6FFFFFFF">
<label
name="expl:parameter fill_next"/>
<proof
......@@ -416,7 +409,7 @@
timelimit="10"
obsolete="false"
archived="false">
<result status="valid" time="0.85"/>
<result status="valid" time="2.57"/>
</proof>
</goal>
</transf>
......@@ -427,40 +420,40 @@
</goal>
<goal
name="WP_parameter bfs"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="127" loccnumb="6" loccnume="9"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="9"
expl="parameter bfs"
sum="81a66a006ffd84b53fcae48394722c9c"
proved="true"
sum="c7d0fce90c396c81ce4cdc915c81aad7"
proved="false"
expanded="true"
shape="iainfix =V6aTrueNiainfix =V8V1ashortest_pathV0V1V2iainfix =V11aTrueainfix <=c0V14AaclosureV10V12V13V15FAais_emptyV13Iais_emptyV12AainvV0V1V10V12V13V14Iainfix =V14ainfix +V2c1FIainfix =V13aemptyFIainfix =V12V9Fainfix <=c0V2AaclosureV10V7V9V16FAais_emptyV9Iais_emptyV7AainvV0V1V10V7V9V2Iais_emptyV7qainfix =V11aTrueFIaclosureV10V7V9V17FAasubsetasuccV8V10AainvV0V1V10V7V9V2FFAaclosureV5V7V3V18Iainfix =V18V8NFAashortest_pathV0V8V2AainvV0V1V5V7V3V2Iainfix =V7aremoveV8V4AamemV8V4FFAais_emptyV4NapathV0V1V19NFAamemV1V5NIais_emptyV4qainfix =V6aTrueFIainfix <=c0V2AaclosureV5V4V3V20FAais_emptyV3Iais_emptyV4AainvV0V1V5V4V3V2FFFFAainfix <=c0c0AaclosureasingletonV0asingletonV0aemptyV21FAais_emptyaemptyIais_emptyasingletonV0AainvV0V1asingletonV0asingletonV0aemptyc0FF">
shape="iainfix =V6aTrueNiainfix =V8V1ashortest_pathV0V1V2iainfix =V11aTrueainfix &lt;=c0V14AaclosureV10V12V13V15FAais_emptyV13Iais_emptyV12AainvV0V1V10V12V13V14Iainfix =V14ainfix +V2c1FIainfix =V13aemptyFIainfix =V12V9Fainfix &lt;=c0V2AaclosureV10V7V9V16FAais_emptyV9Iais_emptyV7AainvV0V1V10V7V9V2Iais_emptyV7qainfix =V11aTrueFIaclosureV10V7V9V17FAasubsetasuccV8V10AainvV0V1V10V7V9V2FFAaclosureV5V7V3V18Iainfix =V18V8NFAashortest_pathV0V8V2AainvV0V1V5V7V3V2Iainfix =V7aremoveV8V4AamemV8V4FFAais_emptyV4NapathV0V1V19NFAamemV1V5NIais_emptyV4qainfix =V6aTrueFIainfix &lt;=c0V2AaclosureV5V4V3V20FAais_emptyV3Iais_emptyV4AainvV0V1V5V4V3V2FFFFAainfix &lt;=c0c0AaclosureasingletonV0asingletonV0aemptyV21FAais_emptyaemptyIais_emptyasingletonV0AainvV0V1asingletonV0asingletonV0aemptyc0FF">
<label
name="expl:parameter bfs"/>
<transf
name="split_goal"
proved="true"
proved="false"
expanded="true">
<goal
name="WP_parameter bfs.1"
locfile="./programs/vstte12_bfs/../vstte12_bfs.mlw"
loclnum="127" loccnumb="6" loccnume="9"
locfile="vstte12_bfs/../vstte12_bfs.mlw"
loclnum="105" loccnumb="6" loccnume="9"
expl="loop invariant init"
sum="34f7a35d13f3dec0537ef86662fcbc92"
sum="0b3e50091a0b7bbf8b420c9b9472b340"
proved="true"
expanded="true"
shape="ainfix <=c0c0AaclosureasingletonV0asingletonV0aemptyV2FAais_emptyaemptyIais_emptyasingletonV0AainvV0V1asingletonV0asingletonV0aemptyc0FF">
expanded="false"
shape="ainfix &lt;=c0c0AaclosureasingletonV0asingletonV0aemptyV2FAais_emptyaemptyIais_emptyasingletonV0AainvV0V1asingletonV0asingletonV0aemptyc0FF">
<label
name="expl:parameter bfs"/>
<transf
name="split_goal"
proved="true"
expanded="true">