diff options
author | Son HO | 2023-08-09 09:58:04 +0200 |
---|---|---|
committer | GitHub | 2023-08-09 09:58:04 +0200 |
commit | 3d377976afe382a32f6ce718b473db5f016b1e47 (patch) | |
tree | 3f5b7147d1c4edc2b5c9ac002e1a203cfb396427 /tests/hol4 | |
parent | 1cbc7ce007cf3433a6df9bdeb12c4e27511fad9c (diff) | |
parent | 967d08107de73f7f151dc8b4fb1f1cc61f109051 (diff) |
Merge pull request #33 from AeneasVerif/son_refactor
Update the code following Charon's refactor
Diffstat (limited to '')
-rw-r--r-- | tests/hol4/betree/betreeMain_FunsScript.sml | 516 | ||||
-rw-r--r-- | tests/hol4/betree/betreeMain_TypesScript.sml | 12 | ||||
-rw-r--r-- | tests/hol4/betree/betreeMain_TypesTheory.sig | 140 | ||||
-rw-r--r-- | tests/hol4/misc-no_nested_borrows/noNestedBorrowsScript.sml | 8 | ||||
-rw-r--r-- | tests/hol4/misc-no_nested_borrows/noNestedBorrowsTheory.sig | 158 |
5 files changed, 418 insertions, 416 deletions
diff --git a/tests/hol4/betree/betreeMain_FunsScript.sml b/tests/hol4/betree/betreeMain_FunsScript.sml index 03ff2671..b53c7b8d 100644 --- a/tests/hol4/betree/betreeMain_FunsScript.sml +++ b/tests/hol4/betree/betreeMain_FunsScript.sml @@ -279,22 +279,6 @@ val betree_leaf_split_back_def = Define ‘ od ’ -val [betree_node_lookup_in_bindings_fwd_def] = DefineDiv ‘ - (** [betree_main::betree::Node::{5}::lookup_in_bindings]: forward function *) - betree_node_lookup_in_bindings_fwd - (key : u64) (bindings : (u64 # u64) betree_list_t) : u64 option result = - (case bindings of - | BetreeListCons hd tl => - let (i, i0) = hd in - if i = key - then Return (SOME i0) - else - if u64_gt i key - then Return NONE - else betree_node_lookup_in_bindings_fwd key tl - | BetreeListNil => Return NONE) -’ - val [betree_node_lookup_first_message_for_key_fwd_def] = DefineDiv ‘ (** [betree_main::betree::Node::{5}::lookup_first_message_for_key]: forward function *) betree_node_lookup_first_message_for_key_fwd @@ -396,7 +380,51 @@ val [betree_node_apply_upserts_back_def] = DefineDiv ‘ od ’ -val [betree_node_lookup_fwd_def, betree_node_lookup_back_def, betree_internal_lookup_in_children_fwd_def, betree_internal_lookup_in_children_back_def] = DefineDiv ‘ +val [betree_node_lookup_in_bindings_fwd_def] = DefineDiv ‘ + (** [betree_main::betree::Node::{5}::lookup_in_bindings]: forward function *) + betree_node_lookup_in_bindings_fwd + (key : u64) (bindings : (u64 # u64) betree_list_t) : u64 option result = + (case bindings of + | BetreeListCons hd tl => + let (i, i0) = hd in + if i = key + then Return (SOME i0) + else + if u64_gt i key + then Return NONE + else betree_node_lookup_in_bindings_fwd key tl + | BetreeListNil => Return NONE) +’ + +val [betree_internal_lookup_in_children_fwd_def, betree_internal_lookup_in_children_back_def, betree_node_lookup_fwd_def, betree_node_lookup_back_def] = DefineDiv ‘ + (** [betree_main::betree::Internal::{4}::lookup_in_children]: forward function *) + (betree_internal_lookup_in_children_fwd + (self : betree_internal_t) (key : u64) (st : state) : + (state # u64 option) result + = + if u64_lt key self.betree_internal_pivot + then betree_node_lookup_fwd self.betree_internal_left key st + else betree_node_lookup_fwd self.betree_internal_right key st) + /\ + + (** [betree_main::betree::Internal::{4}::lookup_in_children]: backward function 0 *) + (betree_internal_lookup_in_children_back + (self : betree_internal_t) (key : u64) (st : state) : + betree_internal_t result + = + if u64_lt key self.betree_internal_pivot + then ( + do + n <- betree_node_lookup_back self.betree_internal_left key st; + Return (self with <| betree_internal_left := n |>) + od) + else ( + do + n <- betree_node_lookup_back self.betree_internal_right key st; + Return (self with <| betree_internal_right := n |>) + od)) + /\ + (** [betree_main::betree::Node::{5}::lookup]: forward function *) (betree_node_lookup_fwd (self : betree_node_t) (key : u64) (st : state) : @@ -468,8 +496,8 @@ val [betree_node_lookup_fwd_def, betree_node_lookup_back_def, betree_internal_lo /\ (** [betree_main::betree::Node::{5}::lookup]: backward function 0 *) - (betree_node_lookup_back - (self : betree_node_t) (key : u64) (st : state) : betree_node_t result = + betree_node_lookup_back + (self : betree_node_t) (key : u64) (st : state) : betree_node_t result = (case self of | BetreeNodeInternal node => do @@ -532,142 +560,7 @@ val [betree_node_lookup_fwd_def, betree_node_lookup_back_def, betree_internal_lo (_, bindings) <- betree_load_leaf_node_fwd node.betree_leaf_id st; _ <- betree_node_lookup_in_bindings_fwd key bindings; Return (BetreeNodeLeaf node) - od)) - /\ - - (** [betree_main::betree::Internal::{4}::lookup_in_children]: forward function *) - (betree_internal_lookup_in_children_fwd - (self : betree_internal_t) (key : u64) (st : state) : - (state # u64 option) result - = - if u64_lt key self.betree_internal_pivot - then betree_node_lookup_fwd self.betree_internal_left key st - else betree_node_lookup_fwd self.betree_internal_right key st) - /\ - - (** [betree_main::betree::Internal::{4}::lookup_in_children]: backward function 0 *) - betree_internal_lookup_in_children_back - (self : betree_internal_t) (key : u64) (st : state) : - betree_internal_t result - = - if u64_lt key self.betree_internal_pivot - then ( - do - n <- betree_node_lookup_back self.betree_internal_left key st; - Return (self with <| betree_internal_left := n |>) od) - else ( - do - n <- betree_node_lookup_back self.betree_internal_right key st; - Return (self with <| betree_internal_right := n |>) - od) -’ - -val [betree_node_lookup_mut_in_bindings_fwd_def] = DefineDiv ‘ - (** [betree_main::betree::Node::{5}::lookup_mut_in_bindings]: forward function *) - betree_node_lookup_mut_in_bindings_fwd - (key : u64) (bindings : (u64 # u64) betree_list_t) : - (u64 # u64) betree_list_t result - = - (case bindings of - | BetreeListCons hd tl => - let (i, i0) = hd in - if u64_ge i key - then Return (BetreeListCons (i, i0) tl) - else betree_node_lookup_mut_in_bindings_fwd key tl - | BetreeListNil => Return BetreeListNil) -’ - -val [betree_node_lookup_mut_in_bindings_back_def] = DefineDiv ‘ - (** [betree_main::betree::Node::{5}::lookup_mut_in_bindings]: backward function 0 *) - betree_node_lookup_mut_in_bindings_back - (key : u64) (bindings : (u64 # u64) betree_list_t) - (ret : (u64 # u64) betree_list_t) : - (u64 # u64) betree_list_t result - = - (case bindings of - | BetreeListCons hd tl => - let (i, i0) = hd in - if u64_ge i key - then Return ret - else ( - do - tl0 <- betree_node_lookup_mut_in_bindings_back key tl ret; - Return (BetreeListCons (i, i0) tl0) - od) - | BetreeListNil => Return ret) -’ - -val betree_node_apply_to_leaf_fwd_back_def = Define ‘ - (** [betree_main::betree::Node::{5}::apply_to_leaf]: merged forward/backward function - (there is a single backward function, and the forward function returns ()) *) - betree_node_apply_to_leaf_fwd_back - (bindings : (u64 # u64) betree_list_t) (key : u64) - (new_msg : betree_message_t) : - (u64 # u64) betree_list_t result - = - do - bindings0 <- betree_node_lookup_mut_in_bindings_fwd key bindings; - b <- betree_list_head_has_key_fwd bindings0 key; - if b - then ( - do - hd <- betree_list_pop_front_fwd bindings0; - (case new_msg of - | BetreeMessageInsert v => - do - bindings1 <- betree_list_pop_front_back bindings0; - bindings2 <- betree_list_push_front_fwd_back bindings1 (key, v); - betree_node_lookup_mut_in_bindings_back key bindings bindings2 - od - | BetreeMessageDelete => - do - bindings1 <- betree_list_pop_front_back bindings0; - betree_node_lookup_mut_in_bindings_back key bindings bindings1 - od - | BetreeMessageUpsert s => - let (_, i) = hd in - do - v <- betree_upsert_update_fwd (SOME i) s; - bindings1 <- betree_list_pop_front_back bindings0; - bindings2 <- betree_list_push_front_fwd_back bindings1 (key, v); - betree_node_lookup_mut_in_bindings_back key bindings bindings2 - od) - od) - else - (case new_msg of - | BetreeMessageInsert v => - do - bindings1 <- betree_list_push_front_fwd_back bindings0 (key, v); - betree_node_lookup_mut_in_bindings_back key bindings bindings1 - od - | BetreeMessageDelete => - betree_node_lookup_mut_in_bindings_back key bindings bindings0 - | BetreeMessageUpsert s => - do - v <- betree_upsert_update_fwd NONE s; - bindings1 <- betree_list_push_front_fwd_back bindings0 (key, v); - betree_node_lookup_mut_in_bindings_back key bindings bindings1 - od) - od -’ - -val [betree_node_apply_messages_to_leaf_fwd_back_def] = DefineDiv ‘ - (** [betree_main::betree::Node::{5}::apply_messages_to_leaf]: merged forward/backward function - (there is a single backward function, and the forward function returns ()) *) - betree_node_apply_messages_to_leaf_fwd_back - (bindings : (u64 # u64) betree_list_t) - (new_msgs : (u64 # betree_message_t) betree_list_t) : - (u64 # u64) betree_list_t result - = - (case new_msgs of - | BetreeListCons new_msg new_msgs_tl => - let (i, m) = new_msg in - do - bindings0 <- betree_node_apply_to_leaf_fwd_back bindings i m; - betree_node_apply_messages_to_leaf_fwd_back bindings0 new_msgs_tl - od - | BetreeListNil => Return bindings) ’ val [betree_node_filter_messages_for_key_fwd_back_def] = DefineDiv ‘ @@ -811,7 +704,211 @@ val [betree_node_apply_messages_to_internal_fwd_back_def] = DefineDiv ‘ | BetreeListNil => Return msgs) ’ -val [betree_node_apply_messages_fwd_def, betree_node_apply_messages_back_def, betree_internal_flush_fwd_def, betree_internal_flush_back_def] = DefineDiv ‘ +val [betree_node_lookup_mut_in_bindings_fwd_def] = DefineDiv ‘ + (** [betree_main::betree::Node::{5}::lookup_mut_in_bindings]: forward function *) + betree_node_lookup_mut_in_bindings_fwd + (key : u64) (bindings : (u64 # u64) betree_list_t) : + (u64 # u64) betree_list_t result + = + (case bindings of + | BetreeListCons hd tl => + let (i, i0) = hd in + if u64_ge i key + then Return (BetreeListCons (i, i0) tl) + else betree_node_lookup_mut_in_bindings_fwd key tl + | BetreeListNil => Return BetreeListNil) +’ + +val [betree_node_lookup_mut_in_bindings_back_def] = DefineDiv ‘ + (** [betree_main::betree::Node::{5}::lookup_mut_in_bindings]: backward function 0 *) + betree_node_lookup_mut_in_bindings_back + (key : u64) (bindings : (u64 # u64) betree_list_t) + (ret : (u64 # u64) betree_list_t) : + (u64 # u64) betree_list_t result + = + (case bindings of + | BetreeListCons hd tl => + let (i, i0) = hd in + if u64_ge i key + then Return ret + else ( + do + tl0 <- betree_node_lookup_mut_in_bindings_back key tl ret; + Return (BetreeListCons (i, i0) tl0) + od) + | BetreeListNil => Return ret) +’ + +val betree_node_apply_to_leaf_fwd_back_def = Define ‘ + (** [betree_main::betree::Node::{5}::apply_to_leaf]: merged forward/backward function + (there is a single backward function, and the forward function returns ()) *) + betree_node_apply_to_leaf_fwd_back + (bindings : (u64 # u64) betree_list_t) (key : u64) + (new_msg : betree_message_t) : + (u64 # u64) betree_list_t result + = + do + bindings0 <- betree_node_lookup_mut_in_bindings_fwd key bindings; + b <- betree_list_head_has_key_fwd bindings0 key; + if b + then ( + do + hd <- betree_list_pop_front_fwd bindings0; + (case new_msg of + | BetreeMessageInsert v => + do + bindings1 <- betree_list_pop_front_back bindings0; + bindings2 <- betree_list_push_front_fwd_back bindings1 (key, v); + betree_node_lookup_mut_in_bindings_back key bindings bindings2 + od + | BetreeMessageDelete => + do + bindings1 <- betree_list_pop_front_back bindings0; + betree_node_lookup_mut_in_bindings_back key bindings bindings1 + od + | BetreeMessageUpsert s => + let (_, i) = hd in + do + v <- betree_upsert_update_fwd (SOME i) s; + bindings1 <- betree_list_pop_front_back bindings0; + bindings2 <- betree_list_push_front_fwd_back bindings1 (key, v); + betree_node_lookup_mut_in_bindings_back key bindings bindings2 + od) + od) + else + (case new_msg of + | BetreeMessageInsert v => + do + bindings1 <- betree_list_push_front_fwd_back bindings0 (key, v); + betree_node_lookup_mut_in_bindings_back key bindings bindings1 + od + | BetreeMessageDelete => + betree_node_lookup_mut_in_bindings_back key bindings bindings0 + | BetreeMessageUpsert s => + do + v <- betree_upsert_update_fwd NONE s; + bindings1 <- betree_list_push_front_fwd_back bindings0 (key, v); + betree_node_lookup_mut_in_bindings_back key bindings bindings1 + od) + od +’ + +val [betree_node_apply_messages_to_leaf_fwd_back_def] = DefineDiv ‘ + (** [betree_main::betree::Node::{5}::apply_messages_to_leaf]: merged forward/backward function + (there is a single backward function, and the forward function returns ()) *) + betree_node_apply_messages_to_leaf_fwd_back + (bindings : (u64 # u64) betree_list_t) + (new_msgs : (u64 # betree_message_t) betree_list_t) : + (u64 # u64) betree_list_t result + = + (case new_msgs of + | BetreeListCons new_msg new_msgs_tl => + let (i, m) = new_msg in + do + bindings0 <- betree_node_apply_to_leaf_fwd_back bindings i m; + betree_node_apply_messages_to_leaf_fwd_back bindings0 new_msgs_tl + od + | BetreeListNil => Return bindings) +’ + +val [betree_internal_flush_fwd_def, betree_internal_flush_back_def, betree_node_apply_messages_fwd_def, betree_node_apply_messages_back_def] = DefineDiv ‘ + (** [betree_main::betree::Internal::{4}::flush]: forward function *) + (betree_internal_flush_fwd + (self : betree_internal_t) (params : betree_params_t) + (node_id_cnt : betree_node_id_counter_t) + (content : (u64 # betree_message_t) betree_list_t) (st : state) : + (state # (u64 # betree_message_t) betree_list_t) result + = + do + p <- betree_list_partition_at_pivot_fwd content self.betree_internal_pivot; + let (msgs_left, msgs_right) = p in + do + len_left <- betree_list_len_fwd msgs_left; + if u64_ge len_left params.betree_params_min_flush_size + then ( + do + (st0, _) <- + betree_node_apply_messages_fwd self.betree_internal_left params + node_id_cnt msgs_left st; + (_, node_id_cnt0) <- + betree_node_apply_messages_back self.betree_internal_left params + node_id_cnt msgs_left st; + len_right <- betree_list_len_fwd msgs_right; + if u64_ge len_right params.betree_params_min_flush_size + then ( + do + (st1, _) <- + betree_node_apply_messages_fwd self.betree_internal_right params + node_id_cnt0 msgs_right st0; + _ <- + betree_node_apply_messages_back self.betree_internal_right params + node_id_cnt0 msgs_right st0; + Return (st1, BetreeListNil) + od) + else Return (st0, msgs_right) + od) + else ( + do + (st0, _) <- + betree_node_apply_messages_fwd self.betree_internal_right params + node_id_cnt msgs_right st; + _ <- + betree_node_apply_messages_back self.betree_internal_right params + node_id_cnt msgs_right st; + Return (st0, msgs_left) + od) + od + od) + /\ + + (** [betree_main::betree::Internal::{4}::flush]: backward function 0 *) + (betree_internal_flush_back + (self : betree_internal_t) (params : betree_params_t) + (node_id_cnt : betree_node_id_counter_t) + (content : (u64 # betree_message_t) betree_list_t) (st : state) : + (betree_internal_t # betree_node_id_counter_t) result + = + do + p <- betree_list_partition_at_pivot_fwd content self.betree_internal_pivot; + let (msgs_left, msgs_right) = p in + do + len_left <- betree_list_len_fwd msgs_left; + if u64_ge len_left params.betree_params_min_flush_size + then ( + do + (st0, _) <- + betree_node_apply_messages_fwd self.betree_internal_left params + node_id_cnt msgs_left st; + (n, node_id_cnt0) <- + betree_node_apply_messages_back self.betree_internal_left params + node_id_cnt msgs_left st; + len_right <- betree_list_len_fwd msgs_right; + if u64_ge len_right params.betree_params_min_flush_size + then ( + do + (n0, node_id_cnt1) <- + betree_node_apply_messages_back self.betree_internal_right params + node_id_cnt0 msgs_right st0; + Return + (self + with + <| + betree_internal_left := n; betree_internal_right := n0 + |>, node_id_cnt1) + od) + else Return (self with <| betree_internal_left := n |>, node_id_cnt0) + od) + else ( + do + (n, node_id_cnt0) <- + betree_node_apply_messages_back self.betree_internal_right params + node_id_cnt msgs_right st; + Return (self with <| betree_internal_right := n |>, node_id_cnt0) + od) + od + od) + /\ + (** [betree_main::betree::Node::{5}::apply_messages]: forward function *) (betree_node_apply_messages_fwd (self : betree_node_t) (params : betree_params_t) @@ -868,12 +965,12 @@ val [betree_node_apply_messages_fwd_def, betree_node_apply_messages_back_def, be /\ (** [betree_main::betree::Node::{5}::apply_messages]: backward function 0 *) - (betree_node_apply_messages_back - (self : betree_node_t) (params : betree_params_t) - (node_id_cnt : betree_node_id_counter_t) - (msgs : (u64 # betree_message_t) betree_list_t) (st : state) : - (betree_node_t # betree_node_id_counter_t) result - = + betree_node_apply_messages_back + (self : betree_node_t) (params : betree_params_t) + (node_id_cnt : betree_node_id_counter_t) + (msgs : (u64 # betree_message_t) betree_list_t) (st : state) : + (betree_node_t # betree_node_id_counter_t) result + = (case self of | BetreeNodeInternal node => do @@ -921,104 +1018,7 @@ val [betree_node_apply_messages_fwd_def, betree_node_apply_messages_back_def, be Return (BetreeNodeLeaf (node with <| betree_leaf_size := len |>), node_id_cnt) od) - od)) - /\ - - (** [betree_main::betree::Internal::{4}::flush]: forward function *) - (betree_internal_flush_fwd - (self : betree_internal_t) (params : betree_params_t) - (node_id_cnt : betree_node_id_counter_t) - (content : (u64 # betree_message_t) betree_list_t) (st : state) : - (state # (u64 # betree_message_t) betree_list_t) result - = - do - p <- betree_list_partition_at_pivot_fwd content self.betree_internal_pivot; - let (msgs_left, msgs_right) = p in - do - len_left <- betree_list_len_fwd msgs_left; - if u64_ge len_left params.betree_params_min_flush_size - then ( - do - (st0, _) <- - betree_node_apply_messages_fwd self.betree_internal_left params - node_id_cnt msgs_left st; - (_, node_id_cnt0) <- - betree_node_apply_messages_back self.betree_internal_left params - node_id_cnt msgs_left st; - len_right <- betree_list_len_fwd msgs_right; - if u64_ge len_right params.betree_params_min_flush_size - then ( - do - (st1, _) <- - betree_node_apply_messages_fwd self.betree_internal_right params - node_id_cnt0 msgs_right st0; - _ <- - betree_node_apply_messages_back self.betree_internal_right params - node_id_cnt0 msgs_right st0; - Return (st1, BetreeListNil) - od) - else Return (st0, msgs_right) - od) - else ( - do - (st0, _) <- - betree_node_apply_messages_fwd self.betree_internal_right params - node_id_cnt msgs_right st; - _ <- - betree_node_apply_messages_back self.betree_internal_right params - node_id_cnt msgs_right st; - Return (st0, msgs_left) od) - od - od) - /\ - - (** [betree_main::betree::Internal::{4}::flush]: backward function 0 *) - betree_internal_flush_back - (self : betree_internal_t) (params : betree_params_t) - (node_id_cnt : betree_node_id_counter_t) - (content : (u64 # betree_message_t) betree_list_t) (st : state) : - (betree_internal_t # betree_node_id_counter_t) result - = - do - p <- betree_list_partition_at_pivot_fwd content self.betree_internal_pivot; - let (msgs_left, msgs_right) = p in - do - len_left <- betree_list_len_fwd msgs_left; - if u64_ge len_left params.betree_params_min_flush_size - then ( - do - (st0, _) <- - betree_node_apply_messages_fwd self.betree_internal_left params - node_id_cnt msgs_left st; - (n, node_id_cnt0) <- - betree_node_apply_messages_back self.betree_internal_left params - node_id_cnt msgs_left st; - len_right <- betree_list_len_fwd msgs_right; - if u64_ge len_right params.betree_params_min_flush_size - then ( - do - (n0, node_id_cnt1) <- - betree_node_apply_messages_back self.betree_internal_right params - node_id_cnt0 msgs_right st0; - Return - (self - with - <| - betree_internal_left := n; betree_internal_right := n0 - |>, node_id_cnt1) - od) - else Return (self with <| betree_internal_left := n |>, node_id_cnt0) - od) - else ( - do - (n, node_id_cnt0) <- - betree_node_apply_messages_back self.betree_internal_right params - node_id_cnt msgs_right st; - Return (self with <| betree_internal_right := n |>, node_id_cnt0) - od) - od - od ’ val betree_node_apply_fwd_def = Define ‘ diff --git a/tests/hol4/betree/betreeMain_TypesScript.sml b/tests/hol4/betree/betreeMain_TypesScript.sml index c43421c2..779f6abb 100644 --- a/tests/hol4/betree/betreeMain_TypesScript.sml +++ b/tests/hol4/betree/betreeMain_TypesScript.sml @@ -31,12 +31,6 @@ Datatype: End Datatype: - (** [betree_main::betree::Node] *) - betree_node_t = - | BetreeNodeInternal betree_internal_t - | BetreeNodeLeaf betree_leaf_t - ; - (** [betree_main::betree::Internal] *) betree_internal_t = <| @@ -45,6 +39,12 @@ Datatype: betree_internal_left : betree_node_t; betree_internal_right : betree_node_t; |> + ; + + (** [betree_main::betree::Node] *) + betree_node_t = + | BetreeNodeInternal betree_internal_t + | BetreeNodeLeaf betree_leaf_t End Datatype: diff --git a/tests/hol4/betree/betreeMain_TypesTheory.sig b/tests/hol4/betree/betreeMain_TypesTheory.sig index a451eae9..cffe6afb 100644 --- a/tests/hol4/betree/betreeMain_TypesTheory.sig +++ b/tests/hol4/betree/betreeMain_TypesTheory.sig @@ -22,6 +22,7 @@ sig val betree_internal_t_betree_internal_right : thm val betree_internal_t_betree_internal_right_fupd : thm val betree_internal_t_case_def : thm + val betree_internal_t_size_def : thm val betree_leaf_t_TY_DEF : thm val betree_leaf_t_betree_leaf_id : thm val betree_leaf_t_betree_leaf_id_fupd : thm @@ -42,7 +43,6 @@ sig val betree_node_id_counter_t_size_def : thm val betree_node_t_TY_DEF : thm val betree_node_t_case_def : thm - val betree_node_t_size_def : thm val betree_params_t_TY_DEF : thm val betree_params_t_betree_params_min_flush_size : thm val betree_params_t_betree_params_min_flush_size_fupd : thm @@ -177,11 +177,11 @@ sig val betree_upsert_fun_state_t_induction : thm val betree_upsert_fun_state_t_nchotomy : thm val datatype_betree_be_tree_t : thm + val datatype_betree_internal_t : thm val datatype_betree_leaf_t : thm val datatype_betree_list_t : thm val datatype_betree_message_t : thm val datatype_betree_node_id_counter_t : thm - val datatype_betree_node_t : thm val datatype_betree_params_t : thm val datatype_betree_upsert_fun_state_t : thm @@ -253,30 +253,30 @@ sig ⊢ ∃rep. TYPE_DEFINITION - (λa1'. - ∀ $var$('betree_node_t') $var$('betree_internal_t'). + (λa0'. + ∀ $var$('betree_internal_t') $var$('betree_node_t'). (∀a0'. - (∃a. a0' = - (λa. - ind_type$CONSTR 0 (ARB,ARB,ARB) - (ind_type$FCONS a (λn. ind_type$BOTTOM))) - a ∧ $var$('betree_internal_t') a) ∨ - (∃a. a0' = - (λa. - ind_type$CONSTR (SUC 0) (a,ARB,ARB) - (λn. ind_type$BOTTOM)) a) ⇒ - $var$('betree_node_t') a0') ∧ - (∀a1'. (∃a0 a1 a2 a3. - a1' = + a0' = (λa0 a1 a2 a3. - ind_type$CONSTR (SUC (SUC 0)) (ARB,a0,a1) + ind_type$CONSTR 0 (a0,a1,ARB) (ind_type$FCONS a2 (ind_type$FCONS a3 (λn. ind_type$BOTTOM)))) a0 a1 a2 a3 ∧ $var$('betree_node_t') a2 ∧ $var$('betree_node_t') a3) ⇒ - $var$('betree_internal_t') a1') ⇒ - $var$('betree_internal_t') a1') rep + $var$('betree_internal_t') a0') ∧ + (∀a1'. + (∃a. a1' = + (λa. + ind_type$CONSTR (SUC 0) (ARB,ARB,ARB) + (ind_type$FCONS a (λn. ind_type$BOTTOM))) + a ∧ $var$('betree_internal_t') a) ∨ + (∃a. a1' = + (λa. + ind_type$CONSTR (SUC (SUC 0)) (ARB,ARB,a) + (λn. ind_type$BOTTOM)) a) ⇒ + $var$('betree_node_t') a1') ⇒ + $var$('betree_internal_t') a0') rep [betree_internal_t_betree_internal_id] Definition @@ -329,6 +329,16 @@ sig betree_internal_t_CASE (betree_internal_t a0 a1 a2 a3) f = f a0 a1 a2 a3 + [betree_internal_t_size_def] Definition + + ⊢ (∀a0 a1 a2 a3. + betree_internal_t_size (betree_internal_t a0 a1 a2 a3) = + 1 + (betree_node_t_size a2 + betree_node_t_size a3)) ∧ + (∀a. betree_node_t_size (BetreeNodeInternal a) = + 1 + betree_internal_t_size a) ∧ + ∀a. betree_node_t_size (BetreeNodeLeaf a) = + 1 + betree_leaf_t_size a + [betree_leaf_t_TY_DEF] Definition ⊢ ∃rep. @@ -479,46 +489,36 @@ sig ⊢ ∃rep. TYPE_DEFINITION - (λa0'. - ∀ $var$('betree_node_t') $var$('betree_internal_t'). + (λa1'. + ∀ $var$('betree_internal_t') $var$('betree_node_t'). (∀a0'. - (∃a. a0' = - (λa. - ind_type$CONSTR 0 (ARB,ARB,ARB) - (ind_type$FCONS a (λn. ind_type$BOTTOM))) - a ∧ $var$('betree_internal_t') a) ∨ - (∃a. a0' = - (λa. - ind_type$CONSTR (SUC 0) (a,ARB,ARB) - (λn. ind_type$BOTTOM)) a) ⇒ - $var$('betree_node_t') a0') ∧ - (∀a1'. (∃a0 a1 a2 a3. - a1' = + a0' = (λa0 a1 a2 a3. - ind_type$CONSTR (SUC (SUC 0)) (ARB,a0,a1) + ind_type$CONSTR 0 (a0,a1,ARB) (ind_type$FCONS a2 (ind_type$FCONS a3 (λn. ind_type$BOTTOM)))) a0 a1 a2 a3 ∧ $var$('betree_node_t') a2 ∧ $var$('betree_node_t') a3) ⇒ - $var$('betree_internal_t') a1') ⇒ - $var$('betree_node_t') a0') rep + $var$('betree_internal_t') a0') ∧ + (∀a1'. + (∃a. a1' = + (λa. + ind_type$CONSTR (SUC 0) (ARB,ARB,ARB) + (ind_type$FCONS a (λn. ind_type$BOTTOM))) + a ∧ $var$('betree_internal_t') a) ∨ + (∃a. a1' = + (λa. + ind_type$CONSTR (SUC (SUC 0)) (ARB,ARB,a) + (λn. ind_type$BOTTOM)) a) ⇒ + $var$('betree_node_t') a1') ⇒ + $var$('betree_node_t') a1') rep [betree_node_t_case_def] Definition ⊢ (∀a f f1. betree_node_t_CASE (BetreeNodeInternal a) f f1 = f a) ∧ ∀a f f1. betree_node_t_CASE (BetreeNodeLeaf a) f f1 = f1 a - [betree_node_t_size_def] Definition - - ⊢ (∀a. betree_node_t_size (BetreeNodeInternal a) = - 1 + betree_internal_t_size a) ∧ - (∀a. betree_node_t_size (BetreeNodeLeaf a) = - 1 + betree_leaf_t_size a) ∧ - ∀a0 a1 a2 a3. - betree_internal_t_size (betree_internal_t a0 a1 a2 a3) = - 1 + (betree_node_t_size a2 + betree_node_t_size a3) - [betree_params_t_TY_DEF] Definition ⊢ ∃rep. @@ -883,11 +883,11 @@ sig [betree_internal_t_Axiom] Theorem ⊢ ∀f0 f1 f2. ∃fn0 fn1. - (∀a. fn0 (BetreeNodeInternal a) = f0 a (fn1 a)) ∧ - (∀a. fn0 (BetreeNodeLeaf a) = f1 a) ∧ - ∀a0 a1 a2 a3. - fn1 (betree_internal_t a0 a1 a2 a3) = - f2 a0 a1 a2 a3 (fn0 a2) (fn0 a3) + (∀a0 a1 a2 a3. + fn0 (betree_internal_t a0 a1 a2 a3) = + f0 a0 a1 a2 a3 (fn1 a2) (fn1 a3)) ∧ + (∀a. fn1 (BetreeNodeInternal a) = f1 a (fn0 a)) ∧ + ∀a. fn1 (BetreeNodeLeaf a) = f2 a [betree_internal_t_accessors] Theorem @@ -1130,9 +1130,9 @@ sig [betree_internal_t_induction] Theorem ⊢ ∀P0 P1. - (∀b. P1 b ⇒ P0 (BetreeNodeInternal b)) ∧ - (∀b. P0 (BetreeNodeLeaf b)) ∧ - (∀b b0. P0 b ∧ P0 b0 ⇒ ∀u u0. P1 (betree_internal_t u0 u b b0)) ⇒ + (∀b b0. P1 b ∧ P1 b0 ⇒ ∀u u0. P0 (betree_internal_t u0 u b b0)) ∧ + (∀b. P0 b ⇒ P1 (BetreeNodeInternal b)) ∧ + (∀b. P1 (BetreeNodeLeaf b)) ⇒ (∀b. P0 b) ∧ ∀b. P1 b [betree_internal_t_literal_11] Theorem @@ -1472,11 +1472,11 @@ sig [betree_node_t_Axiom] Theorem ⊢ ∀f0 f1 f2. ∃fn0 fn1. - (∀a. fn0 (BetreeNodeInternal a) = f0 a (fn1 a)) ∧ - (∀a. fn0 (BetreeNodeLeaf a) = f1 a) ∧ - ∀a0 a1 a2 a3. - fn1 (betree_internal_t a0 a1 a2 a3) = - f2 a0 a1 a2 a3 (fn0 a2) (fn0 a3) + (∀a0 a1 a2 a3. + fn0 (betree_internal_t a0 a1 a2 a3) = + f0 a0 a1 a2 a3 (fn1 a2) (fn1 a3)) ∧ + (∀a. fn1 (BetreeNodeInternal a) = f1 a (fn0 a)) ∧ + ∀a. fn1 (BetreeNodeLeaf a) = f2 a [betree_node_t_case_cong] Theorem @@ -1498,9 +1498,9 @@ sig [betree_node_t_induction] Theorem ⊢ ∀P0 P1. - (∀b. P1 b ⇒ P0 (BetreeNodeInternal b)) ∧ - (∀b. P0 (BetreeNodeLeaf b)) ∧ - (∀b b0. P0 b ∧ P0 b0 ⇒ ∀u u0. P1 (betree_internal_t u0 u b b0)) ⇒ + (∀b b0. P1 b ∧ P1 b0 ⇒ ∀u u0. P0 (betree_internal_t u0 u b b0)) ∧ + (∀b. P0 b ⇒ P1 (BetreeNodeInternal b)) ∧ + (∀b. P1 (BetreeNodeLeaf b)) ⇒ (∀b. P0 b) ∧ ∀b. P1 b [betree_node_t_nchotomy] Theorem @@ -1706,6 +1706,14 @@ sig (record betree_be_tree_t betree_be_tree_params betree_be_tree_node_id_cnt betree_be_tree_root) + [datatype_betree_internal_t] Theorem + + ⊢ DATATYPE + (record betree_internal_t betree_internal_id + betree_internal_pivot betree_internal_left + betree_internal_right ∧ + betree_node_t BetreeNodeInternal BetreeNodeLeaf) + [datatype_betree_leaf_t] Theorem ⊢ DATATYPE (record betree_leaf_t betree_leaf_id betree_leaf_size) @@ -1726,14 +1734,6 @@ sig (record betree_node_id_counter_t betree_node_id_counter_next_node_id) - [datatype_betree_node_t] Theorem - - ⊢ DATATYPE - (betree_node_t BetreeNodeInternal BetreeNodeLeaf ∧ - record betree_internal_t betree_internal_id - betree_internal_pivot betree_internal_left - betree_internal_right) - [datatype_betree_params_t] Theorem ⊢ DATATYPE diff --git a/tests/hol4/misc-no_nested_borrows/noNestedBorrowsScript.sml b/tests/hol4/misc-no_nested_borrows/noNestedBorrowsScript.sml index 66614c3f..1b2d6121 100644 --- a/tests/hol4/misc-no_nested_borrows/noNestedBorrowsScript.sml +++ b/tests/hol4/misc-no_nested_borrows/noNestedBorrowsScript.sml @@ -279,11 +279,11 @@ val test_char_fwd_def = Define ‘ ’ Datatype: - (** [no_nested_borrows::NodeElem] *) - node_elem_t = | NodeElemCons tree_t node_elem_t | NodeElemNil ; - (** [no_nested_borrows::Tree] *) - tree_t = | TreeLeaf 't | TreeNode 't node_elem_t tree_t + tree_t = | TreeLeaf 't | TreeNode 't node_elem_t tree_t ; + + (** [no_nested_borrows::NodeElem] *) + node_elem_t = | NodeElemCons tree_t node_elem_t | NodeElemNil End val [list_length_fwd_def] = DefineDiv ‘ diff --git a/tests/hol4/misc-no_nested_borrows/noNestedBorrowsTheory.sig b/tests/hol4/misc-no_nested_borrows/noNestedBorrowsTheory.sig index c0ff4e09..67368e38 100644 --- a/tests/hol4/misc-no_nested_borrows/noNestedBorrowsTheory.sig +++ b/tests/hol4/misc-no_nested_borrows/noNestedBorrowsTheory.sig @@ -47,7 +47,6 @@ sig val new_tuple3_fwd_def : thm val node_elem_t_TY_DEF : thm val node_elem_t_case_def : thm - val node_elem_t_size_def : thm val one_t_TY_DEF : thm val one_t_case_def : thm val one_t_size_def : thm @@ -97,6 +96,7 @@ sig val test_weird_borrows1_fwd_def : thm val tree_t_TY_DEF : thm val tree_t_case_def : thm + val tree_t_size_def : thm (* Theorems *) val EXISTS_pair_t : thm @@ -108,12 +108,12 @@ sig val datatype_empty_enum_t : thm val datatype_enum_t : thm val datatype_list_t : thm - val datatype_node_elem_t : thm val datatype_one_t : thm val datatype_pair_t : thm val datatype_struct_with_pair_t : thm val datatype_struct_with_tuple_t : thm val datatype_sum_t : thm + val datatype_tree_t : thm val empty_enum_t2num_11 : thm val empty_enum_t2num_ONTO : thm val empty_enum_t2num_num2empty_enum_t : thm @@ -491,52 +491,41 @@ sig ⊢ ∃rep. TYPE_DEFINITION - (λa0'. - ∀ $var$('node_elem_t') $var$('tree_t'). + (λa1'. + ∀ $var$('tree_t') $var$('node_elem_t'). (∀a0'. - (∃a0 a1. - a0' = - (λa0 a1. - ind_type$CONSTR 0 ARB - (ind_type$FCONS a0 - (ind_type$FCONS a1 (λn. ind_type$BOTTOM)))) - a0 a1 ∧ $var$('tree_t') a0 ∧ - $var$('node_elem_t') a1) ∨ - a0' = - ind_type$CONSTR (SUC 0) ARB (λn. ind_type$BOTTOM) ⇒ - $var$('node_elem_t') a0') ∧ - (∀a1'. - (∃a. a1' = - (λa. - ind_type$CONSTR (SUC (SUC 0)) a - (λn. ind_type$BOTTOM)) a) ∨ + (∃a. a0' = + (λa. ind_type$CONSTR 0 a (λn. ind_type$BOTTOM)) + a) ∨ (∃a0 a1 a2. - a1' = + a0' = (λa0 a1 a2. - ind_type$CONSTR (SUC (SUC (SUC 0))) a0 + ind_type$CONSTR (SUC 0) a0 (ind_type$FCONS a1 (ind_type$FCONS a2 (λn. ind_type$BOTTOM)))) a0 a1 a2 ∧ $var$('node_elem_t') a1 ∧ $var$('tree_t') a2) ⇒ - $var$('tree_t') a1') ⇒ - $var$('node_elem_t') a0') rep + $var$('tree_t') a0') ∧ + (∀a1'. + (∃a0 a1. + a1' = + (λa0 a1. + ind_type$CONSTR (SUC (SUC 0)) ARB + (ind_type$FCONS a0 + (ind_type$FCONS a1 (λn. ind_type$BOTTOM)))) + a0 a1 ∧ $var$('tree_t') a0 ∧ + $var$('node_elem_t') a1) ∨ + a1' = + ind_type$CONSTR (SUC (SUC (SUC 0))) ARB + (λn. ind_type$BOTTOM) ⇒ + $var$('node_elem_t') a1') ⇒ + $var$('node_elem_t') a1') rep [node_elem_t_case_def] Definition ⊢ (∀a0 a1 f v. node_elem_t_CASE (NodeElemCons a0 a1) f v = f a0 a1) ∧ ∀f v. node_elem_t_CASE NodeElemNil f v = v - [node_elem_t_size_def] Definition - - ⊢ (∀f a0 a1. - node_elem_t_size f (NodeElemCons a0 a1) = - 1 + (tree_t_size f a0 + node_elem_t_size f a1)) ∧ - (∀f. node_elem_t_size f NodeElemNil = 0) ∧ - (∀f a. tree_t_size f (TreeLeaf a) = 1 + f a) ∧ - ∀f a0 a1 a2. - tree_t_size f (TreeNode a0 a1 a2) = - 1 + (f a0 + (node_elem_t_size f a1 + tree_t_size f a2)) - [one_t_TY_DEF] Definition ⊢ ∃rep. @@ -923,41 +912,52 @@ sig ⊢ ∃rep. TYPE_DEFINITION - (λa1'. - ∀ $var$('node_elem_t') $var$('tree_t'). + (λa0'. + ∀ $var$('tree_t') $var$('node_elem_t'). (∀a0'. - (∃a0 a1. - a0' = - (λa0 a1. - ind_type$CONSTR 0 ARB - (ind_type$FCONS a0 - (ind_type$FCONS a1 (λn. ind_type$BOTTOM)))) - a0 a1 ∧ $var$('tree_t') a0 ∧ - $var$('node_elem_t') a1) ∨ - a0' = - ind_type$CONSTR (SUC 0) ARB (λn. ind_type$BOTTOM) ⇒ - $var$('node_elem_t') a0') ∧ - (∀a1'. - (∃a. a1' = - (λa. - ind_type$CONSTR (SUC (SUC 0)) a - (λn. ind_type$BOTTOM)) a) ∨ + (∃a. a0' = + (λa. ind_type$CONSTR 0 a (λn. ind_type$BOTTOM)) + a) ∨ (∃a0 a1 a2. - a1' = + a0' = (λa0 a1 a2. - ind_type$CONSTR (SUC (SUC (SUC 0))) a0 + ind_type$CONSTR (SUC 0) a0 (ind_type$FCONS a1 (ind_type$FCONS a2 (λn. ind_type$BOTTOM)))) a0 a1 a2 ∧ $var$('node_elem_t') a1 ∧ $var$('tree_t') a2) ⇒ - $var$('tree_t') a1') ⇒ - $var$('tree_t') a1') rep + $var$('tree_t') a0') ∧ + (∀a1'. + (∃a0 a1. + a1' = + (λa0 a1. + ind_type$CONSTR (SUC (SUC 0)) ARB + (ind_type$FCONS a0 + (ind_type$FCONS a1 (λn. ind_type$BOTTOM)))) + a0 a1 ∧ $var$('tree_t') a0 ∧ + $var$('node_elem_t') a1) ∨ + a1' = + ind_type$CONSTR (SUC (SUC (SUC 0))) ARB + (λn. ind_type$BOTTOM) ⇒ + $var$('node_elem_t') a1') ⇒ + $var$('tree_t') a0') rep [tree_t_case_def] Definition ⊢ (∀a f f1. tree_t_CASE (TreeLeaf a) f f1 = f a) ∧ ∀a0 a1 a2 f f1. tree_t_CASE (TreeNode a0 a1 a2) f f1 = f1 a0 a1 a2 + [tree_t_size_def] Definition + + ⊢ (∀f a. tree_t_size f (TreeLeaf a) = 1 + f a) ∧ + (∀f a0 a1 a2. + tree_t_size f (TreeNode a0 a1 a2) = + 1 + (f a0 + (node_elem_t_size f a1 + tree_t_size f a2))) ∧ + (∀f a0 a1. + node_elem_t_size f (NodeElemCons a0 a1) = + 1 + (tree_t_size f a0 + node_elem_t_size f a1)) ∧ + ∀f. node_elem_t_size f NodeElemNil = 0 + [EXISTS_pair_t] Theorem ⊢ ∀P. (∃p. P p) ⇔ ∃t0 t. P <|pair_x := t0; pair_y := t|> @@ -994,11 +994,6 @@ sig ⊢ DATATYPE (list_t ListCons ListNil) - [datatype_node_elem_t] Theorem - - ⊢ DATATYPE - (node_elem_t NodeElemCons NodeElemNil ∧ tree_t TreeLeaf TreeNode) - [datatype_one_t] Theorem ⊢ DATATYPE (one_t OneOne) @@ -1019,6 +1014,11 @@ sig ⊢ DATATYPE (sum_t SumLeft SumRight) + [datatype_tree_t] Theorem + + ⊢ DATATYPE + (tree_t TreeLeaf TreeNode ∧ node_elem_t NodeElemCons NodeElemNil) + [empty_enum_t2num_11] Theorem ⊢ ∀a a'. empty_enum_t2num a = empty_enum_t2num a' ⇔ a = a' @@ -1167,10 +1167,11 @@ sig [node_elem_t_Axiom] Theorem ⊢ ∀f0 f1 f2 f3. ∃fn0 fn1. - (∀a0 a1. fn0 (NodeElemCons a0 a1) = f0 a0 a1 (fn1 a0) (fn0 a1)) ∧ - fn0 NodeElemNil = f1 ∧ (∀a. fn1 (TreeLeaf a) = f2 a) ∧ - ∀a0 a1 a2. - fn1 (TreeNode a0 a1 a2) = f3 a0 a1 a2 (fn0 a1) (fn1 a2) + (∀a. fn0 (TreeLeaf a) = f0 a) ∧ + (∀a0 a1 a2. + fn0 (TreeNode a0 a1 a2) = f1 a0 a1 a2 (fn1 a1) (fn0 a2)) ∧ + (∀a0 a1. fn1 (NodeElemCons a0 a1) = f2 a0 a1 (fn0 a0) (fn1 a1)) ∧ + fn1 NodeElemNil = f3 [node_elem_t_case_cong] Theorem @@ -1192,10 +1193,10 @@ sig [node_elem_t_induction] Theorem ⊢ ∀P0 P1. - (∀t n. P1 t ∧ P0 n ⇒ P0 (NodeElemCons t n)) ∧ P0 NodeElemNil ∧ - (∀t. P1 (TreeLeaf t)) ∧ - (∀n t. P0 n ∧ P1 t ⇒ ∀t0. P1 (TreeNode t0 n t)) ⇒ - (∀n. P0 n) ∧ ∀t. P1 t + (∀t. P0 (TreeLeaf t)) ∧ + (∀n t. P1 n ∧ P0 t ⇒ ∀t0. P0 (TreeNode t0 n t)) ∧ + (∀t n. P0 t ∧ P1 n ⇒ P1 (NodeElemCons t n)) ∧ P1 NodeElemNil ⇒ + (∀t. P0 t) ∧ ∀n. P1 n [node_elem_t_nchotomy] Theorem @@ -1557,10 +1558,11 @@ sig [tree_t_Axiom] Theorem ⊢ ∀f0 f1 f2 f3. ∃fn0 fn1. - (∀a0 a1. fn0 (NodeElemCons a0 a1) = f0 a0 a1 (fn1 a0) (fn0 a1)) ∧ - fn0 NodeElemNil = f1 ∧ (∀a. fn1 (TreeLeaf a) = f2 a) ∧ - ∀a0 a1 a2. - fn1 (TreeNode a0 a1 a2) = f3 a0 a1 a2 (fn0 a1) (fn1 a2) + (∀a. fn0 (TreeLeaf a) = f0 a) ∧ + (∀a0 a1 a2. + fn0 (TreeNode a0 a1 a2) = f1 a0 a1 a2 (fn1 a1) (fn0 a2)) ∧ + (∀a0 a1. fn1 (NodeElemCons a0 a1) = f2 a0 a1 (fn0 a0) (fn1 a1)) ∧ + fn1 NodeElemNil = f3 [tree_t_case_cong] Theorem @@ -1582,10 +1584,10 @@ sig [tree_t_induction] Theorem ⊢ ∀P0 P1. - (∀t n. P1 t ∧ P0 n ⇒ P0 (NodeElemCons t n)) ∧ P0 NodeElemNil ∧ - (∀t. P1 (TreeLeaf t)) ∧ - (∀n t. P0 n ∧ P1 t ⇒ ∀t0. P1 (TreeNode t0 n t)) ⇒ - (∀n. P0 n) ∧ ∀t. P1 t + (∀t. P0 (TreeLeaf t)) ∧ + (∀n t. P1 n ∧ P0 t ⇒ ∀t0. P0 (TreeNode t0 n t)) ∧ + (∀t n. P0 t ∧ P1 n ⇒ P1 (NodeElemCons t n)) ∧ P1 NodeElemNil ⇒ + (∀t. P0 t) ∧ ∀n. P1 n [tree_t_nchotomy] Theorem |