diff options
author | Guillaume Boisseau | 2024-05-28 11:56:39 +0200 |
---|---|---|
committer | GitHub | 2024-05-28 11:56:39 +0200 |
commit | ef7792c106a1f33397c206fcb5124b5ddfe64378 (patch) | |
tree | a72fae46702fc4c2eb32e1361a2538eb7a5f5545 /tests/fstar/hashmap | |
parent | 4f26c7f6f1e554d8ec2f46e868d5dc66c4160d16 (diff) | |
parent | c4d2af051c18c4c81b1e57a45210c37c89c8330f (diff) |
Merge pull request #213 from AeneasVerif/cleanup-tests
Diffstat (limited to 'tests/fstar/hashmap')
-rw-r--r-- | tests/fstar/hashmap/Hashmap.Clauses.Template.fst | 18 | ||||
-rw-r--r-- | tests/fstar/hashmap/Hashmap.Funs.fst | 69 | ||||
-rw-r--r-- | tests/fstar/hashmap/Hashmap.FunsExternal.fsti | 16 | ||||
-rw-r--r-- | tests/fstar/hashmap/Hashmap.Properties.fst | 48 | ||||
-rw-r--r-- | tests/fstar/hashmap/Hashmap.Types.fst | 5 | ||||
-rw-r--r-- | tests/fstar/hashmap/Hashmap.TypesExternal.fsti | 10 |
6 files changed, 125 insertions, 41 deletions
diff --git a/tests/fstar/hashmap/Hashmap.Clauses.Template.fst b/tests/fstar/hashmap/Hashmap.Clauses.Template.fst index 3119ded8..57003613 100644 --- a/tests/fstar/hashmap/Hashmap.Clauses.Template.fst +++ b/tests/fstar/hashmap/Hashmap.Clauses.Template.fst @@ -7,63 +7,63 @@ open Hashmap.Types #set-options "--z3rlimit 50 --fuel 1 --ifuel 1" (** [hashmap::{hashmap::HashMap<T>}::allocate_slots]: decreases clause - Source: 'tests/src/hashmap.rs', lines 58:4-64:5 *) + Source: 'tests/src/hashmap.rs', lines 60:4-66:5 *) unfold let hashMap_allocate_slots_loop_decreases (t : Type0) (slots : alloc_vec_Vec (list_t t)) (n : usize) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::clear]: decreases clause - Source: 'tests/src/hashmap.rs', lines 88:4-96:5 *) + Source: 'tests/src/hashmap.rs', lines 90:4-98:5 *) unfold let hashMap_clear_loop_decreases (t : Type0) (slots : alloc_vec_Vec (list_t t)) (i : usize) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::insert_in_list]: decreases clause - Source: 'tests/src/hashmap.rs', lines 105:4-122:5 *) + Source: 'tests/src/hashmap.rs', lines 107:4-124:5 *) unfold let hashMap_insert_in_list_loop_decreases (t : Type0) (key : usize) (value : t) (ls : list_t t) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::move_elements_from_list]: decreases clause - Source: 'tests/src/hashmap.rs', lines 191:4-204:5 *) + Source: 'tests/src/hashmap.rs', lines 193:4-206:5 *) unfold let hashMap_move_elements_from_list_loop_decreases (t : Type0) (ntable : hashMap_t t) (ls : list_t t) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::move_elements]: decreases clause - Source: 'tests/src/hashmap.rs', lines 179:4-188:5 *) + Source: 'tests/src/hashmap.rs', lines 181:4-190:5 *) unfold let hashMap_move_elements_loop_decreases (t : Type0) (ntable : hashMap_t t) (slots : alloc_vec_Vec (list_t t)) (i : usize) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::contains_key_in_list]: decreases clause - Source: 'tests/src/hashmap.rs', lines 214:4-227:5 *) + Source: 'tests/src/hashmap.rs', lines 216:4-229:5 *) unfold let hashMap_contains_key_in_list_loop_decreases (t : Type0) (key : usize) (ls : list_t t) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::get_in_list]: decreases clause - Source: 'tests/src/hashmap.rs', lines 232:4-245:5 *) + Source: 'tests/src/hashmap.rs', lines 234:4-247:5 *) unfold let hashMap_get_in_list_loop_decreases (t : Type0) (key : usize) (ls : list_t t) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::get_mut_in_list]: decreases clause - Source: 'tests/src/hashmap.rs', lines 253:4-262:5 *) + Source: 'tests/src/hashmap.rs', lines 255:4-264:5 *) unfold let hashMap_get_mut_in_list_loop_decreases (t : Type0) (ls : list_t t) (key : usize) : nat = admit () (** [hashmap::{hashmap::HashMap<T>}::remove_from_list]: decreases clause - Source: 'tests/src/hashmap.rs', lines 273:4-299:5 *) + Source: 'tests/src/hashmap.rs', lines 275:4-301:5 *) unfold let hashMap_remove_from_list_loop_decreases (t : Type0) (key : usize) (ls : list_t t) : nat = diff --git a/tests/fstar/hashmap/Hashmap.Funs.fst b/tests/fstar/hashmap/Hashmap.Funs.fst index 06cdf7f3..0e991720 100644 --- a/tests/fstar/hashmap/Hashmap.Funs.fst +++ b/tests/fstar/hashmap/Hashmap.Funs.fst @@ -3,17 +3,18 @@ module Hashmap.Funs open Primitives include Hashmap.Types +include Hashmap.FunsExternal include Hashmap.Clauses #set-options "--z3rlimit 50 --fuel 1 --ifuel 1" (** [hashmap::hash_key]: - Source: 'tests/src/hashmap.rs', lines 35:0-35:32 *) + Source: 'tests/src/hashmap.rs', lines 37:0-37:32 *) let hash_key (k : usize) : result usize = Ok k (** [hashmap::{hashmap::HashMap<T>}::allocate_slots]: loop 0: - Source: 'tests/src/hashmap.rs', lines 58:4-64:5 *) + Source: 'tests/src/hashmap.rs', lines 60:4-66:5 *) let rec hashMap_allocate_slots_loop (t : Type0) (slots : alloc_vec_Vec (list_t t)) (n : usize) : Tot (result (alloc_vec_Vec (list_t t))) @@ -27,7 +28,7 @@ let rec hashMap_allocate_slots_loop else Ok slots (** [hashmap::{hashmap::HashMap<T>}::allocate_slots]: - Source: 'tests/src/hashmap.rs', lines 58:4-58:76 *) + Source: 'tests/src/hashmap.rs', lines 60:4-60:76 *) let hashMap_allocate_slots (t : Type0) (slots : alloc_vec_Vec (list_t t)) (n : usize) : result (alloc_vec_Vec (list_t t)) @@ -35,7 +36,7 @@ let hashMap_allocate_slots hashMap_allocate_slots_loop t slots n (** [hashmap::{hashmap::HashMap<T>}::new_with_capacity]: - Source: 'tests/src/hashmap.rs', lines 67:4-71:13 *) + Source: 'tests/src/hashmap.rs', lines 69:4-73:13 *) let hashMap_new_with_capacity (t : Type0) (capacity : usize) (max_load_dividend : usize) (max_load_divisor : usize) : @@ -54,12 +55,12 @@ let hashMap_new_with_capacity } (** [hashmap::{hashmap::HashMap<T>}::new]: - Source: 'tests/src/hashmap.rs', lines 83:4-83:24 *) + Source: 'tests/src/hashmap.rs', lines 85:4-85:24 *) let hashMap_new (t : Type0) : result (hashMap_t t) = hashMap_new_with_capacity t 32 4 5 (** [hashmap::{hashmap::HashMap<T>}::clear]: loop 0: - Source: 'tests/src/hashmap.rs', lines 88:4-96:5 *) + Source: 'tests/src/hashmap.rs', lines 90:4-98:5 *) let rec hashMap_clear_loop (t : Type0) (slots : alloc_vec_Vec (list_t t)) (i : usize) : Tot (result (alloc_vec_Vec (list_t t))) @@ -77,18 +78,18 @@ let rec hashMap_clear_loop else Ok slots (** [hashmap::{hashmap::HashMap<T>}::clear]: - Source: 'tests/src/hashmap.rs', lines 88:4-88:27 *) + Source: 'tests/src/hashmap.rs', lines 90:4-90:27 *) let hashMap_clear (t : Type0) (self : hashMap_t t) : result (hashMap_t t) = let* hm = hashMap_clear_loop t self.slots 0 in Ok { self with num_entries = 0; slots = hm } (** [hashmap::{hashmap::HashMap<T>}::len]: - Source: 'tests/src/hashmap.rs', lines 98:4-98:30 *) + Source: 'tests/src/hashmap.rs', lines 100:4-100:30 *) let hashMap_len (t : Type0) (self : hashMap_t t) : result usize = Ok self.num_entries (** [hashmap::{hashmap::HashMap<T>}::insert_in_list]: loop 0: - Source: 'tests/src/hashmap.rs', lines 105:4-122:5 *) + Source: 'tests/src/hashmap.rs', lines 107:4-124:5 *) let rec hashMap_insert_in_list_loop (t : Type0) (key : usize) (value : t) (ls : list_t t) : Tot (result (bool & (list_t t))) @@ -105,7 +106,7 @@ let rec hashMap_insert_in_list_loop end (** [hashmap::{hashmap::HashMap<T>}::insert_in_list]: - Source: 'tests/src/hashmap.rs', lines 105:4-105:71 *) + Source: 'tests/src/hashmap.rs', lines 107:4-107:71 *) let hashMap_insert_in_list (t : Type0) (key : usize) (value : t) (ls : list_t t) : result (bool & (list_t t)) @@ -113,7 +114,7 @@ let hashMap_insert_in_list hashMap_insert_in_list_loop t key value ls (** [hashmap::{hashmap::HashMap<T>}::insert_no_resize]: - Source: 'tests/src/hashmap.rs', lines 125:4-125:54 *) + Source: 'tests/src/hashmap.rs', lines 127:4-127:54 *) let hashMap_insert_no_resize (t : Type0) (self : hashMap_t t) (key : usize) (value : t) : result (hashMap_t t) @@ -134,7 +135,7 @@ let hashMap_insert_no_resize else let* v = index_mut_back l1 in Ok { self with slots = v } (** [hashmap::{hashmap::HashMap<T>}::move_elements_from_list]: loop 0: - Source: 'tests/src/hashmap.rs', lines 191:4-204:5 *) + Source: 'tests/src/hashmap.rs', lines 193:4-206:5 *) let rec hashMap_move_elements_from_list_loop (t : Type0) (ntable : hashMap_t t) (ls : list_t t) : Tot (result (hashMap_t t)) @@ -148,13 +149,13 @@ let rec hashMap_move_elements_from_list_loop end (** [hashmap::{hashmap::HashMap<T>}::move_elements_from_list]: - Source: 'tests/src/hashmap.rs', lines 191:4-191:72 *) + Source: 'tests/src/hashmap.rs', lines 193:4-193:72 *) let hashMap_move_elements_from_list (t : Type0) (ntable : hashMap_t t) (ls : list_t t) : result (hashMap_t t) = hashMap_move_elements_from_list_loop t ntable ls (** [hashmap::{hashmap::HashMap<T>}::move_elements]: loop 0: - Source: 'tests/src/hashmap.rs', lines 179:4-188:5 *) + Source: 'tests/src/hashmap.rs', lines 181:4-190:5 *) let rec hashMap_move_elements_loop (t : Type0) (ntable : hashMap_t t) (slots : alloc_vec_Vec (list_t t)) (i : usize) : @@ -175,7 +176,7 @@ let rec hashMap_move_elements_loop else Ok (ntable, slots) (** [hashmap::{hashmap::HashMap<T>}::move_elements]: - Source: 'tests/src/hashmap.rs', lines 179:4-179:95 *) + Source: 'tests/src/hashmap.rs', lines 181:4-181:95 *) let hashMap_move_elements (t : Type0) (ntable : hashMap_t t) (slots : alloc_vec_Vec (list_t t)) (i : usize) : @@ -184,7 +185,7 @@ let hashMap_move_elements hashMap_move_elements_loop t ntable slots i (** [hashmap::{hashmap::HashMap<T>}::try_resize]: - Source: 'tests/src/hashmap.rs', lines 148:4-148:28 *) + Source: 'tests/src/hashmap.rs', lines 150:4-150:28 *) let hashMap_try_resize (t : Type0) (self : hashMap_t t) : result (hashMap_t t) = let* max_usize = scalar_cast U32 Usize core_u32_max in @@ -204,7 +205,7 @@ let hashMap_try_resize else Ok { self with max_load_factor = (i, i1) } (** [hashmap::{hashmap::HashMap<T>}::insert]: - Source: 'tests/src/hashmap.rs', lines 137:4-137:48 *) + Source: 'tests/src/hashmap.rs', lines 139:4-139:48 *) let hashMap_insert (t : Type0) (self : hashMap_t t) (key : usize) (value : t) : result (hashMap_t t) @@ -214,7 +215,7 @@ let hashMap_insert if i > self1.max_load then hashMap_try_resize t self1 else Ok self1 (** [hashmap::{hashmap::HashMap<T>}::contains_key_in_list]: loop 0: - Source: 'tests/src/hashmap.rs', lines 214:4-227:5 *) + Source: 'tests/src/hashmap.rs', lines 216:4-229:5 *) let rec hashMap_contains_key_in_list_loop (t : Type0) (key : usize) (ls : list_t t) : Tot (result bool) @@ -227,13 +228,13 @@ let rec hashMap_contains_key_in_list_loop end (** [hashmap::{hashmap::HashMap<T>}::contains_key_in_list]: - Source: 'tests/src/hashmap.rs', lines 214:4-214:68 *) + Source: 'tests/src/hashmap.rs', lines 216:4-216:68 *) let hashMap_contains_key_in_list (t : Type0) (key : usize) (ls : list_t t) : result bool = hashMap_contains_key_in_list_loop t key ls (** [hashmap::{hashmap::HashMap<T>}::contains_key]: - Source: 'tests/src/hashmap.rs', lines 207:4-207:49 *) + Source: 'tests/src/hashmap.rs', lines 209:4-209:49 *) let hashMap_contains_key (t : Type0) (self : hashMap_t t) (key : usize) : result bool = let* hash = hash_key key in @@ -246,7 +247,7 @@ let hashMap_contains_key hashMap_contains_key_in_list t key l (** [hashmap::{hashmap::HashMap<T>}::get_in_list]: loop 0: - Source: 'tests/src/hashmap.rs', lines 232:4-245:5 *) + Source: 'tests/src/hashmap.rs', lines 234:4-247:5 *) let rec hashMap_get_in_list_loop (t : Type0) (key : usize) (ls : list_t t) : Tot (result t) (decreases (hashMap_get_in_list_loop_decreases t key ls)) @@ -258,12 +259,12 @@ let rec hashMap_get_in_list_loop end (** [hashmap::{hashmap::HashMap<T>}::get_in_list]: - Source: 'tests/src/hashmap.rs', lines 232:4-232:70 *) + Source: 'tests/src/hashmap.rs', lines 234:4-234:70 *) let hashMap_get_in_list (t : Type0) (key : usize) (ls : list_t t) : result t = hashMap_get_in_list_loop t key ls (** [hashmap::{hashmap::HashMap<T>}::get]: - Source: 'tests/src/hashmap.rs', lines 247:4-247:55 *) + Source: 'tests/src/hashmap.rs', lines 249:4-249:55 *) let hashMap_get (t : Type0) (self : hashMap_t t) (key : usize) : result t = let* hash = hash_key key in let i = alloc_vec_Vec_len (list_t t) self.slots in @@ -275,7 +276,7 @@ let hashMap_get (t : Type0) (self : hashMap_t t) (key : usize) : result t = hashMap_get_in_list t key l (** [hashmap::{hashmap::HashMap<T>}::get_mut_in_list]: loop 0: - Source: 'tests/src/hashmap.rs', lines 253:4-262:5 *) + Source: 'tests/src/hashmap.rs', lines 255:4-264:5 *) let rec hashMap_get_mut_in_list_loop (t : Type0) (ls : list_t t) (key : usize) : Tot (result (t & (t -> result (list_t t)))) @@ -294,7 +295,7 @@ let rec hashMap_get_mut_in_list_loop end (** [hashmap::{hashmap::HashMap<T>}::get_mut_in_list]: - Source: 'tests/src/hashmap.rs', lines 253:4-253:86 *) + Source: 'tests/src/hashmap.rs', lines 255:4-255:86 *) let hashMap_get_mut_in_list (t : Type0) (ls : list_t t) (key : usize) : result (t & (t -> result (list_t t))) @@ -302,7 +303,7 @@ let hashMap_get_mut_in_list hashMap_get_mut_in_list_loop t ls key (** [hashmap::{hashmap::HashMap<T>}::get_mut]: - Source: 'tests/src/hashmap.rs', lines 265:4-265:67 *) + Source: 'tests/src/hashmap.rs', lines 267:4-267:67 *) let hashMap_get_mut (t : Type0) (self : hashMap_t t) (key : usize) : result (t & (t -> result (hashMap_t t))) @@ -323,7 +324,7 @@ let hashMap_get_mut Ok (x, back) (** [hashmap::{hashmap::HashMap<T>}::remove_from_list]: loop 0: - Source: 'tests/src/hashmap.rs', lines 273:4-299:5 *) + Source: 'tests/src/hashmap.rs', lines 275:4-301:5 *) let rec hashMap_remove_from_list_loop (t : Type0) (key : usize) (ls : list_t t) : Tot (result ((option t) & (list_t t))) @@ -346,7 +347,7 @@ let rec hashMap_remove_from_list_loop end (** [hashmap::{hashmap::HashMap<T>}::remove_from_list]: - Source: 'tests/src/hashmap.rs', lines 273:4-273:69 *) + Source: 'tests/src/hashmap.rs', lines 275:4-275:69 *) let hashMap_remove_from_list (t : Type0) (key : usize) (ls : list_t t) : result ((option t) & (list_t t)) @@ -354,7 +355,7 @@ let hashMap_remove_from_list hashMap_remove_from_list_loop t key ls (** [hashmap::{hashmap::HashMap<T>}::remove]: - Source: 'tests/src/hashmap.rs', lines 302:4-302:52 *) + Source: 'tests/src/hashmap.rs', lines 304:4-304:52 *) let hashMap_remove (t : Type0) (self : hashMap_t t) (key : usize) : result ((option t) & (hashMap_t t)) @@ -375,8 +376,16 @@ let hashMap_remove Ok (Some x1, { self with num_entries = i1; slots = v }) end +(** [hashmap::insert_on_disk]: + Source: 'tests/src/hashmap.rs', lines 335:0-335:43 *) +let insert_on_disk + (key : usize) (value : u64) (st : state) : result (state & unit) = + let* (st1, hm) = utils_deserialize st in + let* hm1 = hashMap_insert u64 hm key value in + utils_serialize hm1 st1 + (** [hashmap::test1]: - Source: 'tests/src/hashmap.rs', lines 323:0-323:10 *) + Source: 'tests/src/hashmap.rs', lines 350:0-350:10 *) let test1 : result unit = let* hm = hashMap_new u64 in let* hm1 = hashMap_insert u64 hm 0 42 in diff --git a/tests/fstar/hashmap/Hashmap.FunsExternal.fsti b/tests/fstar/hashmap/Hashmap.FunsExternal.fsti new file mode 100644 index 00000000..f2f305e6 --- /dev/null +++ b/tests/fstar/hashmap/Hashmap.FunsExternal.fsti @@ -0,0 +1,16 @@ +(** THIS FILE WAS AUTOMATICALLY GENERATED BY AENEAS *) +(** [hashmap]: external function declarations *) +module Hashmap.FunsExternal +open Primitives +include Hashmap.Types + +#set-options "--z3rlimit 50 --fuel 1 --ifuel 1" + +(** [hashmap::utils::deserialize]: + Source: 'tests/src/hashmap.rs', lines 330:4-330:47 *) +val utils_deserialize : state -> result (state & (hashMap_t u64)) + +(** [hashmap::utils::serialize]: + Source: 'tests/src/hashmap.rs', lines 325:4-325:46 *) +val utils_serialize : hashMap_t u64 -> state -> result (state & unit) + diff --git a/tests/fstar/hashmap/Hashmap.Properties.fst b/tests/fstar/hashmap/Hashmap.Properties.fst new file mode 100644 index 00000000..ed118c46 --- /dev/null +++ b/tests/fstar/hashmap/Hashmap.Properties.fst @@ -0,0 +1,48 @@ +(** Properties about the hashmap written on disk *) +module Hashmap.Properties +open Primitives +open Hashmap.Funs + +#set-options "--z3rlimit 50 --fuel 0 --ifuel 1" + +/// Below, we focus on the functions to read from disk/write to disk to showcase +/// how such reasoning which mixes opaque functions together with a state-error +/// monad can be performed. + +(*** Hypotheses *) + +/// [state_v] gives us the hash map currently stored on disk +assume +val state_v : state -> hashMap_t u64 + +/// [serialize] updates the hash map stored on disk +assume +val serialize_lem (hm : hashMap_t u64) (st : state) : Lemma ( + match utils_serialize hm st with + | Fail _ -> True + | Ok (st', ()) -> state_v st' == hm) + [SMTPat (utils_serialize hm st)] + +/// [deserialize] gives us the hash map stored on disk, without updating it +assume +val deserialize_lem (st : state) : Lemma ( + match utils_deserialize st with + | Fail _ -> True + | Ok (st', hm) -> hm == state_v st /\ st' == st) + [SMTPat (utils_deserialize st)] + +(*** Lemmas *) + +/// The obvious lemma about [insert_on_disk]: the updated hash map stored on disk +/// is exactly the hash map produced from inserting the binding ([key], [value]) +/// in the hash map previously stored on disk. +val insert_on_disk_lem (key : usize) (value : u64) (st : state) : Lemma ( + match insert_on_disk key value st with + | Fail _ -> True + | Ok (st', ()) -> + let hm = state_v st in + match hashMap_insert u64 hm key value with + | Fail _ -> False + | Ok hm' -> hm' == state_v st') + +let insert_on_disk_lem key value st = () diff --git a/tests/fstar/hashmap/Hashmap.Types.fst b/tests/fstar/hashmap/Hashmap.Types.fst index 962fbee2..818cb9d1 100644 --- a/tests/fstar/hashmap/Hashmap.Types.fst +++ b/tests/fstar/hashmap/Hashmap.Types.fst @@ -2,17 +2,18 @@ (** [hashmap]: type definitions *) module Hashmap.Types open Primitives +include Hashmap.TypesExternal #set-options "--z3rlimit 50 --fuel 1 --ifuel 1" (** [hashmap::List] - Source: 'tests/src/hashmap.rs', lines 27:0-27:16 *) + Source: 'tests/src/hashmap.rs', lines 29:0-29:16 *) type list_t (t : Type0) = | List_Cons : usize -> t -> list_t t -> list_t t | List_Nil : list_t t (** [hashmap::HashMap] - Source: 'tests/src/hashmap.rs', lines 43:0-43:21 *) + Source: 'tests/src/hashmap.rs', lines 45:0-45:21 *) type hashMap_t (t : Type0) = { num_entries : usize; diff --git a/tests/fstar/hashmap/Hashmap.TypesExternal.fsti b/tests/fstar/hashmap/Hashmap.TypesExternal.fsti new file mode 100644 index 00000000..66cb659b --- /dev/null +++ b/tests/fstar/hashmap/Hashmap.TypesExternal.fsti @@ -0,0 +1,10 @@ +(** THIS FILE WAS AUTOMATICALLY GENERATED BY AENEAS *) +(** [hashmap]: external type declarations *) +module Hashmap.TypesExternal +open Primitives + +#set-options "--z3rlimit 50 --fuel 1 --ifuel 1" + +(** The state type used in the state-error monad *) +val state : Type0 + |