diff options
author | Son HO | 2024-03-20 06:48:08 +0100 |
---|---|---|
committer | GitHub | 2024-03-20 06:48:08 +0100 |
commit | 0d52c3fe35d0b24de729bdfb917ad6c7104d0c6e (patch) | |
tree | 7748d3c19a0993edc710690491a2dc6ea3a2b58f /tests/lean/Demo/Properties.lean | |
parent | 8111c970fcae9d609961eba2ad6716e8c9fc1046 (diff) | |
parent | 34850eed3c66f7f2c432294e4c589be53ad5d37b (diff) |
Merge pull request #93 from AeneasVerif/son/examples
Add some examples and improve the shape of the generated code
Diffstat (limited to '')
-rw-r--r-- | tests/lean/Demo/Properties.lean | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/tests/lean/Demo/Properties.lean b/tests/lean/Demo/Properties.lean index cdec7332..e514ac3e 100644 --- a/tests/lean/Demo/Properties.lean +++ b/tests/lean/Demo/Properties.lean @@ -65,4 +65,20 @@ theorem i32_id_spec (x : I32) (h : 0 ≤ x.val) : termination_by x.val.toNat decreasing_by scalar_decr_tac +theorem list_tail_spec {T : Type} [Inhabited T] (l : CList T) : + ∃ back, list_tail T l = ret (CList.CNil, back) ∧ + ∀ tl', ∃ l', back tl' = ret l' ∧ l'.to_list = l.to_list ++ tl'.to_list := by + rw [list_tail] + match l with + | CNil => + simp_all + | CCons hd tl => + simp_all + progress as ⟨ back ⟩ + simp + -- Proving the backward function + intro tl' + progress + simp_all + end demo |