summaryrefslogtreecommitdiff
path: root/tests/fstar/misc
diff options
context:
space:
mode:
authorSon Ho2023-11-09 18:37:07 +0100
committerSon Ho2023-11-09 18:37:07 +0100
commit00705bba68fed61d3b0bcde2c5fe0ecc83880870 (patch)
tree8531640066e9983264ba88f552571836922a6809 /tests/fstar/misc
parent49ffc966cfdbd71f8c83a3c72ab81e1bb101f420 (diff)
Update the failing proofs
Diffstat (limited to 'tests/fstar/misc')
-rw-r--r--tests/fstar/misc/Loops.fst784
-rw-r--r--tests/fstar/misc/Primitives.fst18
2 files changed, 17 insertions, 785 deletions
diff --git a/tests/fstar/misc/Loops.fst b/tests/fstar/misc/Loops.fst
deleted file mode 100644
index 823acdd4..00000000
--- a/tests/fstar/misc/Loops.fst
+++ /dev/null
@@ -1,784 +0,0 @@
-(** THIS FILE WAS AUTOMATICALLY GENERATED BY AENEAS *)
-(** [loops] *)
-module Loops
-open Primitives
-
-#set-options "--z3rlimit 50 --fuel 1 --ifuel 1"
-
-(** [loops::sum]: decreases clause *)
-unfold let sum_loop_decreases (max : u32) (i : u32) (s : u32) : nat = admit ()
-
-(** [loops::sum]: loop 0: forward function *)
-let rec sum_loop
- (max : u32) (i : u32) (s : u32) :
- Tot (result u32) (decreases (sum_loop_decreases max i s))
- =
- if i < max
- then let* s0 = u32_add s i in let* i0 = u32_add i 1 in sum_loop max i0 s0
- else u32_mul s 2
-
-(** [loops::sum]: forward function *)
-let sum (max : u32) : result u32 =
- sum_loop max 0 0
-
-(** [loops::sum_with_mut_borrows]: decreases clause *)
-unfold
-let sum_with_mut_borrows_loop_decreases (max : u32) (mi : u32) (ms : u32) : nat
- =
- admit ()
-
-(** [loops::sum_with_mut_borrows]: loop 0: forward function *)
-let rec sum_with_mut_borrows_loop
- (max : u32) (mi : u32) (ms : u32) :
- Tot (result u32) (decreases (sum_with_mut_borrows_loop_decreases max mi ms))
- =
- if mi < max
- then
- let* ms0 = u32_add ms mi in
- let* mi0 = u32_add mi 1 in
- sum_with_mut_borrows_loop max mi0 ms0
- else u32_mul ms 2
-
-(** [loops::sum_with_mut_borrows]: forward function *)
-let sum_with_mut_borrows (max : u32) : result u32 =
- sum_with_mut_borrows_loop max 0 0
-
-(** [loops::sum_with_shared_borrows]: decreases clause *)
-unfold
-let sum_with_shared_borrows_loop_decreases (max : u32) (i : u32) (s : u32) :
- nat =
- admit ()
-
-(** [loops::sum_with_shared_borrows]: loop 0: forward function *)
-let rec sum_with_shared_borrows_loop
- (max : u32) (i : u32) (s : u32) :
- Tot (result u32) (decreases (sum_with_shared_borrows_loop_decreases max i s))
- =
- if i < max
- then
- let* i0 = u32_add i 1 in
- let* s0 = u32_add s i0 in
- sum_with_shared_borrows_loop max i0 s0
- else u32_mul s 2
-
-(** [loops::sum_with_shared_borrows]: forward function *)
-let sum_with_shared_borrows (max : u32) : result u32 =
- sum_with_shared_borrows_loop max 0 0
-
-(** [loops::clear]: decreases clause *)
-unfold
-let clear_loop_decreases (v : alloc_vec_Vec u32) (i : usize) : nat = admit ()
-
-(** [loops::clear]: loop 0: merged forward/backward function
- (there is a single backward function, and the forward function returns ()) *)
-let rec clear_loop
- (v : alloc_vec_Vec u32) (i : usize) :
- Tot (result (alloc_vec_Vec u32)) (decreases (clear_loop_decreases v i))
- =
- let i0 = alloc_vec_Vec_len u32 v in
- if i < i0
- then
- let* i1 = usize_add i 1 in
- let* v0 =
- alloc_vec_Vec_index_mut_back u32 usize
- (core_slice_index_usize_coresliceindexSliceIndexInst u32) v i 0 in
- clear_loop v0 i1
- else Return v
-
-(** [loops::clear]: merged forward/backward function
- (there is a single backward function, and the forward function returns ()) *)
-let clear (v : alloc_vec_Vec u32) : result (alloc_vec_Vec u32) =
- clear_loop v 0
-
-(** [loops::List] *)
-type list_t (t : Type0) =
-| List_Cons : t -> list_t t -> list_t t
-| List_Nil : list_t t
-
-(** [loops::list_mem]: decreases clause *)
-unfold let list_mem_loop_decreases (x : u32) (ls : list_t u32) : nat = admit ()
-
-(** [loops::list_mem]: loop 0: forward function *)
-let rec list_mem_loop
- (x : u32) (ls : list_t u32) :
- Tot (result bool) (decreases (list_mem_loop_decreases x ls))
- =
- begin match ls with
- | List_Cons y tl -> if y = x then Return true else list_mem_loop x tl
- | List_Nil -> Return false
- end
-
-(** [loops::list_mem]: forward function *)
-let list_mem (x : u32) (ls : list_t u32) : result bool =
- list_mem_loop x ls
-
-(** [loops::list_nth_mut_loop]: decreases clause *)
-unfold
-let list_nth_mut_loop_loop_decreases (t : Type0) (ls : list_t t) (i : u32) :
- nat =
- admit ()
-
-(** [loops::list_nth_mut_loop]: loop 0: forward function *)
-let rec list_nth_mut_loop_loop
- (t : Type0) (ls : list_t t) (i : u32) :
- Tot (result t) (decreases (list_nth_mut_loop_loop_decreases t ls i))
- =
- begin match ls with
- | List_Cons x tl ->
- if i = 0
- then Return x
- else let* i0 = u32_sub i 1 in list_nth_mut_loop_loop t tl i0
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop]: forward function *)
-let list_nth_mut_loop (t : Type0) (ls : list_t t) (i : u32) : result t =
- list_nth_mut_loop_loop t ls i
-
-(** [loops::list_nth_mut_loop]: loop 0: backward function 0 *)
-let rec list_nth_mut_loop_loop_back
- (t : Type0) (ls : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t)) (decreases (list_nth_mut_loop_loop_decreases t ls i))
- =
- begin match ls with
- | List_Cons x tl ->
- if i = 0
- then Return (List_Cons ret tl)
- else
- let* i0 = u32_sub i 1 in
- let* tl0 = list_nth_mut_loop_loop_back t tl i0 ret in
- Return (List_Cons x tl0)
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop]: backward function 0 *)
-let list_nth_mut_loop_back
- (t : Type0) (ls : list_t t) (i : u32) (ret : t) : result (list_t t) =
- list_nth_mut_loop_loop_back t ls i ret
-
-(** [loops::list_nth_shared_loop]: decreases clause *)
-unfold
-let list_nth_shared_loop_loop_decreases (t : Type0) (ls : list_t t) (i : u32) :
- nat =
- admit ()
-
-(** [loops::list_nth_shared_loop]: loop 0: forward function *)
-let rec list_nth_shared_loop_loop
- (t : Type0) (ls : list_t t) (i : u32) :
- Tot (result t) (decreases (list_nth_shared_loop_loop_decreases t ls i))
- =
- begin match ls with
- | List_Cons x tl ->
- if i = 0
- then Return x
- else let* i0 = u32_sub i 1 in list_nth_shared_loop_loop t tl i0
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_loop]: forward function *)
-let list_nth_shared_loop (t : Type0) (ls : list_t t) (i : u32) : result t =
- list_nth_shared_loop_loop t ls i
-
-(** [loops::get_elem_mut]: decreases clause *)
-unfold
-let get_elem_mut_loop_decreases (x : usize) (ls : list_t usize) : nat =
- admit ()
-
-(** [loops::get_elem_mut]: loop 0: forward function *)
-let rec get_elem_mut_loop
- (x : usize) (ls : list_t usize) :
- Tot (result usize) (decreases (get_elem_mut_loop_decreases x ls))
- =
- begin match ls with
- | List_Cons y tl -> if y = x then Return y else get_elem_mut_loop x tl
- | List_Nil -> Fail Failure
- end
-
-(** [loops::get_elem_mut]: forward function *)
-let get_elem_mut
- (slots : alloc_vec_Vec (list_t usize)) (x : usize) : result usize =
- let* l =
- alloc_vec_Vec_index_mut (list_t usize) usize
- (core_slice_index_usize_coresliceindexSliceIndexInst (list_t usize))
- slots 0 in
- get_elem_mut_loop x l
-
-(** [loops::get_elem_mut]: loop 0: backward function 0 *)
-let rec get_elem_mut_loop_back
- (x : usize) (ls : list_t usize) (ret : usize) :
- Tot (result (list_t usize)) (decreases (get_elem_mut_loop_decreases x ls))
- =
- begin match ls with
- | List_Cons y tl ->
- if y = x
- then Return (List_Cons ret tl)
- else let* tl0 = get_elem_mut_loop_back x tl ret in Return (List_Cons y tl0)
- | List_Nil -> Fail Failure
- end
-
-(** [loops::get_elem_mut]: backward function 0 *)
-let get_elem_mut_back
- (slots : alloc_vec_Vec (list_t usize)) (x : usize) (ret : usize) :
- result (alloc_vec_Vec (list_t usize))
- =
- let* l =
- alloc_vec_Vec_index_mut (list_t usize) usize
- (core_slice_index_usize_coresliceindexSliceIndexInst (list_t usize))
- slots 0 in
- let* l0 = get_elem_mut_loop_back x l ret in
- alloc_vec_Vec_index_mut_back (list_t usize) usize
- (core_slice_index_usize_coresliceindexSliceIndexInst (list_t usize)) slots
- 0 l0
-
-(** [loops::get_elem_shared]: decreases clause *)
-unfold
-let get_elem_shared_loop_decreases (x : usize) (ls : list_t usize) : nat =
- admit ()
-
-(** [loops::get_elem_shared]: loop 0: forward function *)
-let rec get_elem_shared_loop
- (x : usize) (ls : list_t usize) :
- Tot (result usize) (decreases (get_elem_shared_loop_decreases x ls))
- =
- begin match ls with
- | List_Cons y tl -> if y = x then Return y else get_elem_shared_loop x tl
- | List_Nil -> Fail Failure
- end
-
-(** [loops::get_elem_shared]: forward function *)
-let get_elem_shared
- (slots : alloc_vec_Vec (list_t usize)) (x : usize) : result usize =
- let* l =
- alloc_vec_Vec_index (list_t usize) usize
- (core_slice_index_usize_coresliceindexSliceIndexInst (list_t usize))
- slots 0 in
- get_elem_shared_loop x l
-
-(** [loops::id_mut]: forward function *)
-let id_mut (t : Type0) (ls : list_t t) : result (list_t t) =
- Return ls
-
-(** [loops::id_mut]: backward function 0 *)
-let id_mut_back
- (t : Type0) (ls : list_t t) (ret : list_t t) : result (list_t t) =
- Return ret
-
-(** [loops::id_shared]: forward function *)
-let id_shared (t : Type0) (ls : list_t t) : result (list_t t) =
- Return ls
-
-(** [loops::list_nth_mut_loop_with_id]: decreases clause *)
-unfold
-let list_nth_mut_loop_with_id_loop_decreases (t : Type0) (i : u32)
- (ls : list_t t) : nat =
- admit ()
-
-(** [loops::list_nth_mut_loop_with_id]: loop 0: forward function *)
-let rec list_nth_mut_loop_with_id_loop
- (t : Type0) (i : u32) (ls : list_t t) :
- Tot (result t) (decreases (list_nth_mut_loop_with_id_loop_decreases t i ls))
- =
- begin match ls with
- | List_Cons x tl ->
- if i = 0
- then Return x
- else let* i0 = u32_sub i 1 in list_nth_mut_loop_with_id_loop t i0 tl
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_with_id]: forward function *)
-let list_nth_mut_loop_with_id
- (t : Type0) (ls : list_t t) (i : u32) : result t =
- let* ls0 = id_mut t ls in list_nth_mut_loop_with_id_loop t i ls0
-
-(** [loops::list_nth_mut_loop_with_id]: loop 0: backward function 0 *)
-let rec list_nth_mut_loop_with_id_loop_back
- (t : Type0) (i : u32) (ls : list_t t) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_mut_loop_with_id_loop_decreases t i ls))
- =
- begin match ls with
- | List_Cons x tl ->
- if i = 0
- then Return (List_Cons ret tl)
- else
- let* i0 = u32_sub i 1 in
- let* tl0 = list_nth_mut_loop_with_id_loop_back t i0 tl ret in
- Return (List_Cons x tl0)
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_with_id]: backward function 0 *)
-let list_nth_mut_loop_with_id_back
- (t : Type0) (ls : list_t t) (i : u32) (ret : t) : result (list_t t) =
- let* ls0 = id_mut t ls in
- let* l = list_nth_mut_loop_with_id_loop_back t i ls0 ret in
- id_mut_back t ls l
-
-(** [loops::list_nth_shared_loop_with_id]: decreases clause *)
-unfold
-let list_nth_shared_loop_with_id_loop_decreases (t : Type0) (i : u32)
- (ls : list_t t) : nat =
- admit ()
-
-(** [loops::list_nth_shared_loop_with_id]: loop 0: forward function *)
-let rec list_nth_shared_loop_with_id_loop
- (t : Type0) (i : u32) (ls : list_t t) :
- Tot (result t)
- (decreases (list_nth_shared_loop_with_id_loop_decreases t i ls))
- =
- begin match ls with
- | List_Cons x tl ->
- if i = 0
- then Return x
- else let* i0 = u32_sub i 1 in list_nth_shared_loop_with_id_loop t i0 tl
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_loop_with_id]: forward function *)
-let list_nth_shared_loop_with_id
- (t : Type0) (ls : list_t t) (i : u32) : result t =
- let* ls0 = id_shared t ls in list_nth_shared_loop_with_id_loop t i ls0
-
-(** [loops::list_nth_mut_loop_pair]: decreases clause *)
-unfold
-let list_nth_mut_loop_pair_loop_decreases (t : Type0) (ls0 : list_t t)
- (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_mut_loop_pair]: loop 0: forward function *)
-let rec list_nth_mut_loop_pair_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_mut_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else let* i0 = u32_sub i 1 in list_nth_mut_loop_pair_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_pair]: forward function *)
-let list_nth_mut_loop_pair
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_mut_loop_pair_loop t ls0 ls1 i
-
-(** [loops::list_nth_mut_loop_pair]: loop 0: backward function 0 *)
-let rec list_nth_mut_loop_pair_loop_back'a
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_mut_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (List_Cons ret tl0)
- else
- let* i0 = u32_sub i 1 in
- let* tl00 = list_nth_mut_loop_pair_loop_back'a t tl0 tl1 i0 ret in
- Return (List_Cons x0 tl00)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_pair]: backward function 0 *)
-let list_nth_mut_loop_pair_back'a
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- result (list_t t)
- =
- list_nth_mut_loop_pair_loop_back'a t ls0 ls1 i ret
-
-(** [loops::list_nth_mut_loop_pair]: loop 0: backward function 1 *)
-let rec list_nth_mut_loop_pair_loop_back'b
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_mut_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (List_Cons ret tl1)
- else
- let* i0 = u32_sub i 1 in
- let* tl10 = list_nth_mut_loop_pair_loop_back'b t tl0 tl1 i0 ret in
- Return (List_Cons x1 tl10)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_pair]: backward function 1 *)
-let list_nth_mut_loop_pair_back'b
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- result (list_t t)
- =
- list_nth_mut_loop_pair_loop_back'b t ls0 ls1 i ret
-
-(** [loops::list_nth_shared_loop_pair]: decreases clause *)
-unfold
-let list_nth_shared_loop_pair_loop_decreases (t : Type0) (ls0 : list_t t)
- (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_shared_loop_pair]: loop 0: forward function *)
-let rec list_nth_shared_loop_pair_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_shared_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else let* i0 = u32_sub i 1 in list_nth_shared_loop_pair_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_loop_pair]: forward function *)
-let list_nth_shared_loop_pair
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_shared_loop_pair_loop t ls0 ls1 i
-
-(** [loops::list_nth_mut_loop_pair_merge]: decreases clause *)
-unfold
-let list_nth_mut_loop_pair_merge_loop_decreases (t : Type0) (ls0 : list_t t)
- (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_mut_loop_pair_merge]: loop 0: forward function *)
-let rec list_nth_mut_loop_pair_merge_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_mut_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else
- let* i0 = u32_sub i 1 in list_nth_mut_loop_pair_merge_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_pair_merge]: forward function *)
-let list_nth_mut_loop_pair_merge
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_mut_loop_pair_merge_loop t ls0 ls1 i
-
-(** [loops::list_nth_mut_loop_pair_merge]: loop 0: backward function 0 *)
-let rec list_nth_mut_loop_pair_merge_loop_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : (t & t)) :
- Tot (result ((list_t t) & (list_t t)))
- (decreases (list_nth_mut_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then let (x, x2) = ret in Return (List_Cons x tl0, List_Cons x2 tl1)
- else
- let* i0 = u32_sub i 1 in
- let* (tl00, tl10) =
- list_nth_mut_loop_pair_merge_loop_back t tl0 tl1 i0 ret in
- Return (List_Cons x0 tl00, List_Cons x1 tl10)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_loop_pair_merge]: backward function 0 *)
-let list_nth_mut_loop_pair_merge_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : (t & t)) :
- result ((list_t t) & (list_t t))
- =
- list_nth_mut_loop_pair_merge_loop_back t ls0 ls1 i ret
-
-(** [loops::list_nth_shared_loop_pair_merge]: decreases clause *)
-unfold
-let list_nth_shared_loop_pair_merge_loop_decreases (t : Type0) (ls0 : list_t t)
- (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_shared_loop_pair_merge]: loop 0: forward function *)
-let rec list_nth_shared_loop_pair_merge_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_shared_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else
- let* i0 = u32_sub i 1 in
- list_nth_shared_loop_pair_merge_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_loop_pair_merge]: forward function *)
-let list_nth_shared_loop_pair_merge
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_shared_loop_pair_merge_loop t ls0 ls1 i
-
-(** [loops::list_nth_mut_shared_loop_pair]: decreases clause *)
-unfold
-let list_nth_mut_shared_loop_pair_loop_decreases (t : Type0) (ls0 : list_t t)
- (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_mut_shared_loop_pair]: loop 0: forward function *)
-let rec list_nth_mut_shared_loop_pair_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_mut_shared_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else
- let* i0 = u32_sub i 1 in
- list_nth_mut_shared_loop_pair_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_shared_loop_pair]: forward function *)
-let list_nth_mut_shared_loop_pair
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_mut_shared_loop_pair_loop t ls0 ls1 i
-
-(** [loops::list_nth_mut_shared_loop_pair]: loop 0: backward function 0 *)
-let rec list_nth_mut_shared_loop_pair_loop_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_mut_shared_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (List_Cons ret tl0)
- else
- let* i0 = u32_sub i 1 in
- let* tl00 = list_nth_mut_shared_loop_pair_loop_back t tl0 tl1 i0 ret in
- Return (List_Cons x0 tl00)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_shared_loop_pair]: backward function 0 *)
-let list_nth_mut_shared_loop_pair_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- result (list_t t)
- =
- list_nth_mut_shared_loop_pair_loop_back t ls0 ls1 i ret
-
-(** [loops::list_nth_mut_shared_loop_pair_merge]: decreases clause *)
-unfold
-let list_nth_mut_shared_loop_pair_merge_loop_decreases (t : Type0)
- (ls0 : list_t t) (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_mut_shared_loop_pair_merge]: loop 0: forward function *)
-let rec list_nth_mut_shared_loop_pair_merge_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_mut_shared_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else
- let* i0 = u32_sub i 1 in
- list_nth_mut_shared_loop_pair_merge_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_shared_loop_pair_merge]: forward function *)
-let list_nth_mut_shared_loop_pair_merge
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_mut_shared_loop_pair_merge_loop t ls0 ls1 i
-
-(** [loops::list_nth_mut_shared_loop_pair_merge]: loop 0: backward function 0 *)
-let rec list_nth_mut_shared_loop_pair_merge_loop_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_mut_shared_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (List_Cons ret tl0)
- else
- let* i0 = u32_sub i 1 in
- let* tl00 =
- list_nth_mut_shared_loop_pair_merge_loop_back t tl0 tl1 i0 ret in
- Return (List_Cons x0 tl00)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_mut_shared_loop_pair_merge]: backward function 0 *)
-let list_nth_mut_shared_loop_pair_merge_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- result (list_t t)
- =
- list_nth_mut_shared_loop_pair_merge_loop_back t ls0 ls1 i ret
-
-(** [loops::list_nth_shared_mut_loop_pair]: decreases clause *)
-unfold
-let list_nth_shared_mut_loop_pair_loop_decreases (t : Type0) (ls0 : list_t t)
- (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_shared_mut_loop_pair]: loop 0: forward function *)
-let rec list_nth_shared_mut_loop_pair_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_shared_mut_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else
- let* i0 = u32_sub i 1 in
- list_nth_shared_mut_loop_pair_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_mut_loop_pair]: forward function *)
-let list_nth_shared_mut_loop_pair
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_shared_mut_loop_pair_loop t ls0 ls1 i
-
-(** [loops::list_nth_shared_mut_loop_pair]: loop 0: backward function 1 *)
-let rec list_nth_shared_mut_loop_pair_loop_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_shared_mut_loop_pair_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (List_Cons ret tl1)
- else
- let* i0 = u32_sub i 1 in
- let* tl10 = list_nth_shared_mut_loop_pair_loop_back t tl0 tl1 i0 ret in
- Return (List_Cons x1 tl10)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_mut_loop_pair]: backward function 1 *)
-let list_nth_shared_mut_loop_pair_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- result (list_t t)
- =
- list_nth_shared_mut_loop_pair_loop_back t ls0 ls1 i ret
-
-(** [loops::list_nth_shared_mut_loop_pair_merge]: decreases clause *)
-unfold
-let list_nth_shared_mut_loop_pair_merge_loop_decreases (t : Type0)
- (ls0 : list_t t) (ls1 : list_t t) (i : u32) : nat =
- admit ()
-
-(** [loops::list_nth_shared_mut_loop_pair_merge]: loop 0: forward function *)
-let rec list_nth_shared_mut_loop_pair_merge_loop
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) :
- Tot (result (t & t))
- (decreases (list_nth_shared_mut_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (x0, x1)
- else
- let* i0 = u32_sub i 1 in
- list_nth_shared_mut_loop_pair_merge_loop t tl0 tl1 i0
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_mut_loop_pair_merge]: forward function *)
-let list_nth_shared_mut_loop_pair_merge
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) : result (t & t) =
- list_nth_shared_mut_loop_pair_merge_loop t ls0 ls1 i
-
-(** [loops::list_nth_shared_mut_loop_pair_merge]: loop 0: backward function 0 *)
-let rec list_nth_shared_mut_loop_pair_merge_loop_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- Tot (result (list_t t))
- (decreases (list_nth_shared_mut_loop_pair_merge_loop_decreases t ls0 ls1 i))
- =
- begin match ls0 with
- | List_Cons x0 tl0 ->
- begin match ls1 with
- | List_Cons x1 tl1 ->
- if i = 0
- then Return (List_Cons ret tl1)
- else
- let* i0 = u32_sub i 1 in
- let* tl10 =
- list_nth_shared_mut_loop_pair_merge_loop_back t tl0 tl1 i0 ret in
- Return (List_Cons x1 tl10)
- | List_Nil -> Fail Failure
- end
- | List_Nil -> Fail Failure
- end
-
-(** [loops::list_nth_shared_mut_loop_pair_merge]: backward function 0 *)
-let list_nth_shared_mut_loop_pair_merge_back
- (t : Type0) (ls0 : list_t t) (ls1 : list_t t) (i : u32) (ret : t) :
- result (list_t t)
- =
- list_nth_shared_mut_loop_pair_merge_loop_back t ls0 ls1 i ret
-
diff --git a/tests/fstar/misc/Primitives.fst b/tests/fstar/misc/Primitives.fst
index 71d75c11..3297803c 100644
--- a/tests/fstar/misc/Primitives.fst
+++ b/tests/fstar/misc/Primitives.fst
@@ -427,7 +427,7 @@ let alloc_vec_Vec_new (a : Type0) : alloc_vec_Vec a = assert_norm(length #a []
let alloc_vec_Vec_len (a : Type0) (v : alloc_vec_Vec a) : usize = length v
// Helper
-let alloc_vec_Vec_index_usize (#a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) : result a =
+let alloc_vec_Vec_index_usize (#a : Type0) (v : alloc_vec_Vec a) (i : usize) : result a =
if i < length v then Return (index v i) else Fail Failure
// Helper
let alloc_vec_Vec_update_usize (#a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) : result (alloc_vec_Vec a) =
@@ -704,6 +704,22 @@ let alloc_vec_Vec_coreopsindexIndexMutInst (t idx : Type0)
(*** Theorems *)
+let alloc_vec_Vec_index_eq (#a : Type0) (v : alloc_vec_Vec a) (i : usize) :
+ Lemma (
+ alloc_vec_Vec_index a usize (core_slice_index_usize_coresliceindexSliceIndexInst a) v i ==
+ alloc_vec_Vec_index_usize v i)
+ [SMTPat (alloc_vec_Vec_index a usize (core_slice_index_usize_coresliceindexSliceIndexInst a) v i)]
+ =
+ admit()
+
+let alloc_vec_Vec_index_mut_eq (#a : Type0) (v : alloc_vec_Vec a) (i : usize) :
+ Lemma (
+ alloc_vec_Vec_index_mut a usize (core_slice_index_usize_coresliceindexSliceIndexInst a) v i ==
+ alloc_vec_Vec_index_usize v i)
+ [SMTPat (alloc_vec_Vec_index_mut a usize (core_slice_index_usize_coresliceindexSliceIndexInst a) v i)]
+ =
+ admit()
+
let alloc_vec_Vec_index_mut_back_eq (#a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) :
Lemma (
alloc_vec_Vec_index_mut_back a usize (core_slice_index_usize_coresliceindexSliceIndexInst a) v i x ==