Commit ddfa942e authored by Andrei Paskevich's avatar Andrei Paskevich

- Convert the syntax of prototype declarations and type expressions

  in the logic language into (more or less) higher-order style.
  For example,

    logic func (x : int, y : int, 'a list) : (int, 'a) map list

    logic pred (bool, int * real)

  is now written:
    
    logic func (x y : int) (list 'a) : list (map int 'a)

    logic pred bool (int, real)

  Note that types use prefix notation (as in Coq) and the types
  of tuples are now written as (type1, type2, ..., typeN).

- Use the same syntax of type expressions in the program language.

- Allow binders of the form (x y:int) in the program language.
  
parent 869cd9e9
......@@ -2,7 +2,7 @@
(* different relations *)
{
logic rel(int, int)
logic rel int int
}
let rec even (x:int) : int variant {x} for rel =
......
parameter incr : x:int ref -> { } unit writes x { !x = old !x + 1 }
parameter incr : x:ref int -> { } unit writes x { !x = old !x + 1 }
parameter x : int ref
parameter x : ref int
parameter id_not_0 : x:int -> { x <> 0 } int { result = x }
......@@ -48,8 +48,8 @@ let test_all_1 () =
logic d : int
}
parameter vx : int ref
parameter vy : int ref
parameter vx : ref int
parameter vy : ref int
parameter sq : x:int -> {} int { result = x*x }
......
exception Exception of int
parameter t : int ref
parameter t : ref int
parameter m : a:int -> b:int ->
{ }
......
......@@ -42,7 +42,7 @@ let p6 () =
(* composition of exceptions with side-effect on a reference *)
parameter x : int ref
parameter x : ref int
let p7 () =
{} begin x := 1; raise E; x := 2 end { false } | E -> { !x = 1 }
......
(** 1. A loop increasing [i] up to 10. *)
parameter i : int ref
parameter i : ref int
let loop1 (u:unit) =
{ !i <= 10 }
......@@ -14,7 +14,7 @@ let loop1 (u:unit) =
(** 2. The same loop, followed by a function call. *)
parameter x: int ref
parameter x: ref int
let negate (u:unit) = {} x := - !x { !x = -old(!x) }
......
{
logic q1(int, int, int)
logic q1 int int int
}
parameter r : int ref
parameter r : ref int
parameter f1 : y:int ->
{} unit writes r { q1 (!r) (old (!r)) y }
......@@ -11,14 +11,14 @@ parameter f1 : y:int ->
let g1 () = {} f1 !r { q1 (!r) (old (!r)) (old (!r)) }
{
logic foo(int) : int
logic q(int, int, int)
logic foo int : int
logic q int int int
}
parameter f : t:int ref -> x:int ->
parameter f : t:ref int -> x:int ->
{} unit reads t writes t { q (!t) (old (!t)) x }
let g (t:int ref) =
let g (t:ref int) =
{}
f t (foo !t)
{ q (!t) (old (!t)) (foo (old (!t))) }
......
(* Tests for proof obligations. *)
parameter x : int ref
parameter x : ref int
{
logic q(int)
......
......@@ -8,7 +8,7 @@ let rec f1 (x:int) : int variant { x } =
(** 2. With effects but no argument *)
parameter x : int ref
parameter x : ref int
let rec f2 (u:unit) : unit variant { !x } =
{ !x >= 0 } (if !x > 0 then begin x := !x - 1; f2 () end) { !x = 0 }
......@@ -22,7 +22,7 @@ let rec f3 (a:int) : unit variant { a } =
(** 4. With effects and a reference as argument *)
let rec f4 (a:int ref) : unit variant { !a } =
let rec f4 (a:ref int) : unit variant { !a } =
{ !a >= 0 }
if !a > 0 then begin x := !x + 1; a := !a - 1; f4 a end
{ !x = old !x + old !a }
......@@ -30,7 +30,7 @@ let rec f4 (a:int ref) : unit variant { !a } =
(** 5. The acid test:
partial application of a recursive function with effects *)
let rec f5 (a:int ref) (b:int ref) variant { !a } =
let rec f5 (a b:ref int) variant { !a } =
{ !a >= 0 }
if !a = 0 then !b else begin a := !a - 1; b := !b + 1; f5 a b end
{ result = old !a + old !b }
......
(* Side effect in expressions (Bart Jacobs' tricky example) *)
parameter b : int ref
parameter b1 : int ref
parameter b2 : int ref
parameter b : ref int
parameter b1 : ref int
parameter b2 : ref int
let f () =
{} b := 1 - !b; !b { result = !b and !b = 1 - old(!b) }
......
(* side effects in tests *)
parameter x : int ref
parameter x : ref int
parameter set_and_test_zero :
v:int ->
......@@ -13,7 +13,7 @@ parameter set_and_test_nzero :
v:int ->
{} bool writes x { !x = v and if result=True then !x <> 0 else !x = 0 }
let p2 (y:int ref) =
let p2 (y:ref int) =
{ !y >= 0 }
while set_and_test_nzero !y do
invariant { !y >= 0 } variant { !y }
......@@ -21,7 +21,7 @@ let p2 (y:int ref) =
done
{ !y = 0 }
let p3 (y:int ref) =
let p3 (y:ref int) =
{ !y >= 0 }
while let b = set_and_test_nzero !y in b do
invariant { !y >= 0 } variant { !y }
......@@ -29,7 +29,7 @@ let p3 (y:int ref) =
done
{ !y = 0 }
let p4 (y:int ref) =
let p4 (y:ref int) =
{ !y >= 1 }
while begin y := !y - 1; (set_and_test_nzero !y) end do
invariant { !y >= 1 } variant { !y }
......
parameter x : int ref
parameter x : ref int
parameter f : unit -> { } unit writes x { !x = 1 - old (!x) }
......
theory Test
type 'a t
type t 'a
type u = t
end
theory Test
type 'a t
type u = (int, int) t
type t 'a
type u = t int int
end
theory A
type 'a list = Nil | Cons('a, 'a list)
axiom A : forall l:int list. match l with Cons(x,x) -> true | Nil -> false end
type list 'a = Nil | Cons 'a (list 'a)
axiom A : forall l:int list. match l with Cons x x -> true | Nil -> false end
end
theory A
type 'a list = Nil | Cons('a, 'a list)
type list 'a = Nil | Cons 'a (list 'a)
axiom A : forall l:int list. (match l with Cons(x,x) -> 0 | Nil -> 1 end) = 2
axiom A : forall l:int list. (match l with Cons x x -> 0 | Nil -> 1 end) = 2
end
theory Test
type 'a t = 'b
type t 'a = 'b
end
theory Test
type 'a list = Nil
type list 'a = Nil
axiom Ax : Nil=Nil
end
theory Test
type 'a list = Nil | Cons('a, 'a list)
axiom Ax : Cons(Nil,Nil)=Nil
type list 'a = Nil | Cons 'a (list 'a)
axiom Ax : Cons Nil Nil = Nil
end
theory TreeForest
type 'a list = Nil | Cons('a, 'a list)
type 'a tree = Leaf('a) | Node('a forest)
type 'a forest = 'a tree list
type list 'a = Nil | Cons 'a (list 'a)
type tree 'a = Leaf 'a | Node (forest 'a)
type forest 'a = list (tree 'a)
end
......@@ -6,8 +6,8 @@ type t5
type t2 = t5
logic f(x : t1, y : t2) : t5
logic f (x : t1) (y : t2) : t5
logic g(x : t1) : t5 = f x x
logic g (x : t1) : t5 = f x x
end
theory Test
type t
logic f(t,t) : t
logic f t t : t
clone algebra.AC with type t = t, logic op = f
goal G1 : forall x y : t. f x y = f y x
goal G2 : forall x y z : t. f (f x y) z = f x (f y z)
......
......@@ -24,10 +24,10 @@ axiom First_octant : 0 <= y2 <= x2
{
use import int.Abs
logic best(x:int, y:int) =
logic best (x y:int) =
forall y':int. abs (x2 * y - x * y2) <= abs (x2 * y' - x * y2)
logic invariant(x:int, y:int, e:int) =
logic invariant (x y e:int) =
e = 2 * (x + 1) * y2 - (2 * y + 1) * x2 and
2 * (y2 - x2) <= e <= 2 * y2
......
......@@ -6,13 +6,13 @@ use array.Array as M
(* iteration on a set *)
parameter set_has_next :
s:'a S.t ref ->
s:ref (S.t 'a) ->
{}
bool reads s
{ if result=True then S.is_empty !s else not S.is_empty !s }
parameter set_next :
s:'a S.t ref ->
s:ref (S.t 'a) ->
{ not S.is_empty !s }
'a writes s
{ S.mem result (old !s) and !s = S.remove result (old !s) }
......@@ -22,14 +22,14 @@ parameter set_next :
type vertex
logic v : vertex S.t
logic v : S.t vertex
logic g_succ(vertex) : vertex S.t
logic g_succ(vertex) : S.t vertex
axiom G_succ_sound :
forall x:vertex. S.subset (g_succ x) v
logic weight(vertex, vertex) : int (* edge weight, if there is an edge *)
logic weight vertex vertex : int (* edge weight, if there is an edge *)
axiom Weight_nonneg : forall x y:vertex. weight x y >= 0
}
......@@ -39,18 +39,18 @@ parameter eq_vertex :
(* visited vertices *)
parameter visited : vertex S.t ref
parameter visited : ref (S.t vertex)
parameter visited_add :
x:vertex -> {} unit writes visited { !visited = S.add x (old !visited) }
(* current distances *)
parameter d : (vertex, int) M.t ref
parameter d : ref (M.t vertex int)
(* priority queue *)
parameter q : vertex S.t ref
parameter q : ref (S.t vertex)
parameter q_is_empty :
unit ->
......@@ -82,7 +82,7 @@ parameter relax :
!d = M.store (old !d) v (M.select !d u + weight u v)) }
{
logic min(m:vertex, q:vertex S.t, d:(vertex, int) M.t) =
logic min (m:vertex) (q:S.t vertex) (d:M.t vertex int) =
S.mem m q and
forall x:vertex. S.mem x q -> M.select d x <= M.select d m
}
......@@ -100,7 +100,7 @@ parameter q_extract_min :
there is a path from x to y of length d, and no shorter path *)
{
inductive path(vertex,vertex,int) =
inductive path vertex vertex int =
| Path_nil :
forall x:vertex. path x x 0
| Path_cons :
......@@ -109,7 +109,7 @@ inductive path(vertex,vertex,int) =
lemma Length_nonneg : forall x y:vertex. forall d:int. path x y d -> d >= 0
logic shortest_path(x:vertex, y:vertex, d:int) =
logic shortest_path (x y:vertex) (d:int) =
path x y d and forall d':int. path x y d' -> d <= d'
lemma Path_inversion :
......@@ -130,7 +130,7 @@ lemma Main_lemma :
shortest_path src v' d' and S.mem v (g_succ v') and d' + weight v' v < d
lemma Completeness_lemma :
forall s:vertex S.t. forall src:vertex. forall dst:vertex. forall d:int.
forall s:S.t vertex. forall src:vertex. forall dst:vertex. forall d:int.
(* if s is closed under g_succ *)
(forall v:vertex.
S.mem v s -> forall w:vertex. S.mem w (g_succ v) -> S.mem w s) ->
......@@ -141,10 +141,10 @@ lemma Completeness_lemma :
(* definitions used in loop invariants *)
logic inv_src(src:vertex, s:vertex S.t, q:vertex S.t) =
logic inv_src (src:vertex) (s q:S.t vertex) =
S.mem src s or S.mem src q
logic inv(src:vertex, s:vertex S.t, q:vertex S.t, d:(vertex,int) M.t) =
logic inv (src:vertex) (s q:S.t vertex) (d:M.t vertex int) =
inv_src src s q
(* S,Q are contained in V *)
and S.subset s v and S.subset q v
......@@ -163,13 +163,13 @@ logic inv(src:vertex, s:vertex S.t, q:vertex S.t, d:(vertex,int) M.t) =
forall x:vertex. forall dx:int. shortest_path src x dx ->
dx < M.select d m -> S.mem x s)
logic inv_succ(src:vertex, s:vertex S.t, q: vertex S.t) =
logic inv_succ (src:vertex) (s q : S.t vertex) =
(* successors of vertices in S are either in S or in Q *)
(forall x:vertex. S.mem x s ->
forall y:vertex. S.mem y (g_succ x) -> S.mem y s or S.mem y q)
logic inv_succ2(src:vertex, s:vertex S.t, q: vertex S.t,
u:vertex, su:vertex S.t) =
logic inv_succ2 (src:vertex) (s q : S.t vertex)
(u:vertex) (su:S.t vertex) =
(* successors of vertices in S are either in S or in Q,
unless they are successors of u still in su *)
(forall x:vertex. S.mem x s ->
......
......@@ -3,11 +3,11 @@
type uf
logic repr (uf,int): int
logic size (uf) : int
logic num (uf) : int
logic repr uf int: int
logic size uf : int
logic num uf : int
logic same(u:uf, x:int, y:int) = repr u x = repr u y
logic same (u:uf) (x y:int) = repr u x = repr u y
axiom OneClass :
forall u:uf. num u = 1 ->
......@@ -18,12 +18,12 @@
parameter create :
n:int ->
{ 0 <= n }
uf ref
ref uf
{ num !result = n and size !result = n and
forall x:int. 0 <= x < n -> repr !result x = x }
parameter find :
u:uf ref -> x:int ->
u:ref uf -> x:int ->
{ 0 <= x < size !u }
int writes u
{ result = repr !u x and
......@@ -31,7 +31,7 @@ parameter find :
forall x:int. 0 <= x < size !u -> repr !u x = repr (old !u) x }
parameter union :
u:uf ref -> a:int -> b:int ->
u:ref uf -> a:int -> b:int ->
{ 0 <= a < size !u and 0 <= b < size !u and not same !u a b }
unit writes u
{ same !u a b and
......@@ -43,7 +43,7 @@ parameter union :
same (old !u) x b and same (old !u) a y }
parameter get_num_classes :
u:uf ref -> {} int reads u { result = num !u }
u:ref uf -> {} int reads u { result = num !u }
parameter rand : s:int -> {} int { 0 <= result < s }
......@@ -56,19 +56,19 @@ parameter rand : s:int -> {} int { 0 <= result < s }
type graph
(*clone import graph.Path with type graph = graph, type vertex = int*)
logic path(graph,int,int)
logic path graph int int
axiom Path_refl : forall g:graph, x:int. path g x x
axiom Path_sym : forall g:graph, x y:int. path g x y -> path g y x
axiom Path_trans:
forall g:graph, x y z:int. path g x y -> path g y z -> path g x z
logic select(d:int, x:'a, y:'a) : 'a = if d = 0 then x else y
logic select (d:int) (x y:'a) : 'a = if d = 0 then x else y
}
parameter graph : graph ref
parameter graph : ref graph
parameter num_edges : int ref
parameter num_edges : ref int
parameter add_edge :
a:int -> b:int ->
......@@ -82,7 +82,7 @@ parameter add_edge :
path (old !graph) x b and path (old !graph) a y)
}
let add_edge_and_union (u:uf ref) (a:int) (b:int) =
let add_edge_and_union (u:ref uf) (a:int) (b:int) =
{ 0 <= a < size !u and 0 <= b < size !u and
not same !u a b and not path !graph a b and
forall x y:int.
......
......@@ -29,30 +29,29 @@ back +-+-+-+-------------------+
logic c1 : elt
logic c2 : elt
type 'a array = 'a A.t
type array 'a = A.t 'a
logic (#)(a : 'a array, i : int) : 'a = A.select a i
logic (#) (a : array 'a) (i : int) : 'a = A.select a i
type sparse_array =
elt array * int array * int array * int (*sz*) * int (*n*)
type sparse_array = (array elt, array int, array int, int (*sz*), int (*n*))
logic sa_val (a : sparse_array) : elt array = let (v, _, _, _, _) = a in v
logic sa_idx (a : sparse_array) : int array = let (_, i, _, _, _) = a in i
logic sa_back(a : sparse_array) : int array = let (_, _, b, _, _) = a in b
logic sa_val (a : sparse_array) : array elt = let (v, _, _, _, _) = a in v
logic sa_idx (a : sparse_array) : array int = let (_, i, _, _, _) = a in i
logic sa_back(a : sparse_array) : array int = let (_, _, b, _, _) = a in b
logic sa_sz (a : sparse_array) : int = let (_, _, _, s, _) = a in s
logic sa_n (a : sparse_array) : int = let (_, _, _, _, n) = a in n
logic is_elt(a : sparse_array, i : int) =
logic is_elt (a : sparse_array) (i : int) =
let (val, idx, back, _, n) = a in
0 <= idx#i < n and back#(idx#i) = i
logic model(a : sparse_array, i : int) : elt =
logic model (a : sparse_array) (i : int) : elt =
if is_elt a i then
(sa_val a)#i
else
default
logic invariant(a : sparse_array) =
logic invariant (a : sparse_array) =
let (val, idx, back, sz, n) = a in
0 <= n <= sz <= maxlen and
forall i : int. 0 <= i < n -> 0 <= back#i < sz and idx#(back#i) = i
......@@ -64,15 +63,15 @@ back +-+-+-+-------------------+
the proof of WPs for the function [set] below.
*)
logic permutation (n : int, a : int array) =
logic permutation (n : int) (a : array int) =
(forall i : int. 0 <= i < n -> 0 <= a#i < n) and
(forall i j : int. 0 <= i < j < n -> a#i <> a#j)
logic dirichlet (n : int, a : int array, i : int) : int
logic dirichlet (n : int) (a : array int) (i : int) : int
axiom Dirichlet :
forall n : int.
forall a : int array.
forall a : array int.
permutation n a ->
(forall i : int. 0 <= i < n ->
0 <= dirichlet n a i < n and
......@@ -92,11 +91,11 @@ back +-+-+-+-------------------+
parameter create :
sz:int ->
{ 0 <= sz <= maxlen }
sparse_array ref
ref sparse_array
{ sa_sz !result = sz and forall i:int. model !result i = default }
*)
parameter malloc : n:int -> {} 'a array { A.length result = n }
parameter malloc : n:int -> {} array 'a { A.length result = n }
let create sz =
{ 0 <= sz <= maxlen }
......@@ -115,7 +114,7 @@ let test a i =
(*
parameter get :
a:sparse_array ref -> i:int ->
a:ref sparse_array -> i:int ->
{ 0 <= i < sa_sz !a }
elt reads a
{ result = model !a i }
......@@ -131,7 +130,7 @@ let get a i =
(*
parameter set :
a:sparse_array ref -> i:int -> v:elt ->
a:ref sparse_array -> i:int -> v:elt ->
{ 0 <= i < sa_sz !a and invariant !a }
unit writes a
{ invariant !a and
......
......@@ -3,32 +3,32 @@
use array.ArrayLength as A
type 'a array = 'a A.t
type array 'a = A.t 'a
logic (#)(a : 'a array, i : int) : 'a = A.select a i
logic (#) (a : array 'a) (i : int) : 'a = A.select a i
type uf = (* link: *) int array *
(* dist: *) int array * (* distance to representative *)
(* size: *) int *
(* num : *) int
type uf = ((* link: *) array int,
(* dist: *) array int, (* distance to representative *)
(* size: *) int,
(* num : *) int)
logic link(u : uf) : int array = let (l, _, _, _) = u in l
logic dist(u : uf) : int array = let (_, d, _, _) = u in d
logic size(u : uf) : int = let (_, _, s, _) = u in s
logic num (u : uf) : int = let (_, _, _, n) = u in n
logic link (u : uf) : array int = let (l, _, _, _) = u in l
logic dist (u : uf) : array int = let (_, d, _, _) = u in d
logic size (u : uf) : int = let (_, _, s, _) = u in s
logic num (u : uf) : int = let (_, _, _, n) = u in n
logic inv(u : uf) =
logic inv (u : uf) =
let (l, d, s, n) = u in
(forall i:int. 0 <= i < s -> 0 <= l#i < s) and
(forall i:int. 0 <= i < s ->
(d#i = 0 and l#i = i or d#i > 0 and d#(l#i) = d#i - 1))
logic repr(u:uf, x:int) : int =
logic repr (u:uf) (x:int) : int =
let l = link(u) in
let y = l#x in
if y = x then y else repr u y
logic same(u:uf, x:int, y:int) = repr u x = repr u y
logic same (u:uf) (x y:int) = repr u x = repr u y
axiom OneClass :
forall u:uf. num u = 1 ->
......@@ -36,7 +36,7 @@
}
let get_num_classes (u:uf ref) =
let get_num_classes (u:ref uf) =
{} num !u { result = num !u }
let create (n:int) =
......@@ -56,7 +56,7 @@ let create (n:int) =
num !result = n and size !result = n and
forall x:int. 0 <= x < n -> repr !result x = x }
let find (u:uf ref) (x:int) =
let find (u:ref uf) (x:int) =
{ inv !u and 0 <= x < size !u }
let l = link !u in
let y = ref x in
......@@ -71,12 +71,12 @@ let find (u:uf ref) (x:int) =
size !u = size (old !u) and num !u = num (old !u) and
forall x:int. 0 <= x < size !u -> repr !u x = repr (old !u) x }
parameter ghost_find : u:uf ref -> x:int ->
parameter ghost_find : u:ref uf -> x:int ->
{ inv !u and 0 <= x < size !u }
int reads u
{ result = repr !u x }
let increment (u : uf ref) (r : int) =
let increment (u : ref uf) (r : int) =
{ inv !u and 0 <= r < size !u }
let i = ref 0 in
let d = ref (dist !u) in
......@@ -93,7 +93,7 @@ let increment (u : uf ref) (r : int) =
{ forall i:int. 0 <= i < size !u ->
result#i = (dist !u)#i + if repr !u i = r then 1 else 0 }
let union (u:uf ref) (a:int) (b:int) =
let union (u:ref uf) (a b:int) =
{ inv !u and
0 <= a < size !u and 0 <= b < size !u and not same !u a b }
let ra = find u a in
......
......@@ -140,8 +140,6 @@ let rec pattern env p =
let env, p = pattern (Mstr.add x v env) p in
env, pat_as p v
type uquant = string list * dty
type dterm = { dt_node : dterm_node; dt_ty : dty }
and dterm_node =
......@@ -156,7 +154,7 @@ and dterm_node =
and dfmla =
| Fapp of lsymbol * dterm list
| Fquant of quant * uquant list * dtrigger list list * dfmla
| Fquant of quant * (string * dty) list * dtrigger list list * dfmla
| Fbinop of binop * dfmla * dfmla
| Fnot of dfmla
| Ftrue
......@@ -219,12 +217,10 @@ and fmla env = function
f_if (fmla env f1) (fmla env f2) (fmla env f3)
| Fquant (q, uqu, trl, f1) ->
(* TODO: shouldn't we localize this ident? *)
let uquant env (xl,ty) =
let uquant env (x,ty) =
let ty = ty_of_dty ty in
map_fold_left
(fun env x ->
let v = create_vsymbol (id_fresh x) ty in Mstr.add x v env, v)
env xl
let v = create_vsymbol (id_fresh x) ty in
Mstr.add x v env, v
in
let env, vl = map_fold_left uquant env uqu in
let trigger = function
......@@ -232,7 +228,7 @@ and fmla env = function
| TRfmla f -> Fmla (fmla env f)
in
let trl = List.map (List.map trigger) trl in
f_quant q (List.concat vl) trl (fmla env f1)
f_quant q vl trl (fmla env f1)
| Fapp (s, tl) ->
f_app s (List.map (term env) tl)
| Flet (e1, x, f2) ->
......@@ -327,7 +323,7 @@ and specialize_fmla ~loc htv f = match f.f_node with
Fapp (ls, List.map (specialize_term ~loc htv) tl)
| Term.Fquant (q, fq) ->
let vl, tl, f = f_open_quant fq in
let uquant v = [v.vs_name.id_string], specialize_ty ~loc htv v.vs_ty in
let uquant v = v.vs_name.id_string, specialize_ty ~loc htv v.vs_ty in
let tl = List.map (List.map (specialize_trigger ~loc htv)) tl in
Fquant (q, List.map uquant vl, tl, specialize_fmla ~loc htv f)
| Term.Fbinop (b, f1, f2) ->
......
......@@ -48,8 +48,6 @@ and dpattern_node =
val pattern : vsymbol Mstr.t -> dpattern -> vsymbol Mstr.t * pattern
type uquant = string list * dty
type dterm = { dt_node : dterm_node; dt_ty : dty }
and dterm_node =
......@@ -64,7 +62,7 @@ and dterm_node =
and dfmla =
| Fapp of lsymbol * dterm list
| Fquant of quant * uquant list * dtrigger list list * dfmla
| Fquant of quant * (string * dty) list * dtrigger list list * dfmla
| Fbinop of binop * dfmla * dfmla
| Fnot of dfmla
| Ftrue
......
......@@ -73,6 +73,7 @@
"namespace", NAMESPACE;
"not", NOT;
"or", OR;
"prop", PROP;
"then", THEN;
"theory", THEORY;
"true", TRUE;
......@@ -203,8 +204,6 @@ rule token = parse
{ OP1 s }
| op_char_234* op_char_2 op_char_234* as s
{ OP2 s }
| "*"
{ STAR