summaryrefslogtreecommitdiff
path: root/tests/lean/Demo
diff options
context:
space:
mode:
authorSon HO2024-03-20 06:48:08 +0100
committerGitHub2024-03-20 06:48:08 +0100
commit0d52c3fe35d0b24de729bdfb917ad6c7104d0c6e (patch)
tree7748d3c19a0993edc710690491a2dc6ea3a2b58f /tests/lean/Demo
parent8111c970fcae9d609961eba2ad6716e8c9fc1046 (diff)
parent34850eed3c66f7f2c432294e4c589be53ad5d37b (diff)
Merge pull request #93 from AeneasVerif/son/examples
Add some examples and improve the shape of the generated code
Diffstat (limited to 'tests/lean/Demo')
-rw-r--r--tests/lean/Demo/Demo.lean51
-rw-r--r--tests/lean/Demo/Properties.lean16
2 files changed, 54 insertions, 13 deletions
diff --git a/tests/lean/Demo/Demo.lean b/tests/lean/Demo/Demo.lean
index 854b4853..4acc69c8 100644
--- a/tests/lean/Demo/Demo.lean
+++ b/tests/lean/Demo/Demo.lean
@@ -36,14 +36,23 @@ def use_mul2_add1 (x : U32) (y : U32) : Result U32 :=
def incr (x : U32) : Result U32 :=
x + 1#u32
+/- [demo::use_incr]:
+ Source: 'src/demo.rs', lines 25:0-25:17 -/
+def use_incr : Result Unit :=
+ do
+ let x ← incr 0#u32
+ let x1 ← incr x
+ let _ ← incr x1
+ Result.ret ()
+
/- [demo::CList]
- Source: 'src/demo.rs', lines 27:0-27:17 -/
+ Source: 'src/demo.rs', lines 34:0-34:17 -/
inductive CList (T : Type) :=
| CCons : T → CList T → CList T
| CNil : CList T
/- [demo::list_nth]:
- Source: 'src/demo.rs', lines 32:0-32:56 -/
+ Source: 'src/demo.rs', lines 39:0-39:56 -/
divergent def list_nth (T : Type) (l : CList T) (i : U32) : Result T :=
match l with
| CList.CCons x tl =>
@@ -55,7 +64,7 @@ divergent def list_nth (T : Type) (l : CList T) (i : U32) : Result T :=
| CList.CNil => Result.fail .panic
/- [demo::list_nth_mut]:
- Source: 'src/demo.rs', lines 47:0-47:68 -/
+ Source: 'src/demo.rs', lines 54:0-54:68 -/
divergent def list_nth_mut
(T : Type) (l : CList T) (i : U32) :
Result (T × (T → Result (CList T)))
@@ -79,7 +88,7 @@ divergent def list_nth_mut
| CList.CNil => Result.fail .panic
/- [demo::list_nth_mut1]: loop 0:
- Source: 'src/demo.rs', lines 62:0-71:1 -/
+ Source: 'src/demo.rs', lines 69:0-78:1 -/
divergent def list_nth_mut1_loop
(T : Type) (l : CList T) (i : U32) :
Result (T × (T → Result (CList T)))
@@ -102,17 +111,15 @@ divergent def list_nth_mut1_loop
| CList.CNil => Result.fail .panic
/- [demo::list_nth_mut1]:
- Source: 'src/demo.rs', lines 62:0-62:77 -/
+ Source: 'src/demo.rs', lines 69:0-69:77 -/
def list_nth_mut1
(T : Type) (l : CList T) (i : U32) :
Result (T × (T → Result (CList T)))
:=
- do
- let (t, back_'a) ← list_nth_mut1_loop T l i
- Result.ret (t, back_'a)
+ list_nth_mut1_loop T l i
/- [demo::i32_id]:
- Source: 'src/demo.rs', lines 73:0-73:28 -/
+ Source: 'src/demo.rs', lines 80:0-80:28 -/
divergent def i32_id (i : I32) : Result I32 :=
if i = 0#i32
then Result.ret 0#i32
@@ -121,26 +128,44 @@ divergent def i32_id (i : I32) : Result I32 :=
let i2 ← i32_id i1
i2 + 1#i32
+/- [demo::list_tail]:
+ Source: 'src/demo.rs', lines 88:0-88:64 -/
+divergent def list_tail
+ (T : Type) (l : CList T) :
+ Result ((CList T) × (CList T → Result (CList T)))
+ :=
+ match l with
+ | CList.CCons t tl =>
+ do
+ let (c, list_tail_back) ← list_tail T tl
+ let back_'a :=
+ fun ret =>
+ do
+ let tl1 ← list_tail_back ret
+ Result.ret (CList.CCons t tl1)
+ Result.ret (c, back_'a)
+ | CList.CNil => Result.ret (CList.CNil, Result.ret)
+
/- Trait declaration: [demo::Counter]
- Source: 'src/demo.rs', lines 83:0-83:17 -/
+ Source: 'src/demo.rs', lines 97:0-97:17 -/
structure Counter (Self : Type) where
incr : Self → Result (Usize × Self)
/- [demo::{(demo::Counter for usize)}::incr]:
- Source: 'src/demo.rs', lines 88:4-88:31 -/
+ Source: 'src/demo.rs', lines 102:4-102:31 -/
def CounterUsize.incr (self : Usize) : Result (Usize × Usize) :=
do
let self1 ← self + 1#usize
Result.ret (self, self1)
/- Trait implementation: [demo::{(demo::Counter for usize)}]
- Source: 'src/demo.rs', lines 87:0-87:22 -/
+ Source: 'src/demo.rs', lines 101:0-101:22 -/
def CounterUsize : Counter Usize := {
incr := CounterUsize.incr
}
/- [demo::use_counter]:
- Source: 'src/demo.rs', lines 95:0-95:59 -/
+ Source: 'src/demo.rs', lines 109:0-109:59 -/
def use_counter
(T : Type) (CounterInst : Counter T) (cnt : T) : Result (Usize × T) :=
CounterInst.incr cnt
diff --git a/tests/lean/Demo/Properties.lean b/tests/lean/Demo/Properties.lean
index cdec7332..e514ac3e 100644
--- a/tests/lean/Demo/Properties.lean
+++ b/tests/lean/Demo/Properties.lean
@@ -65,4 +65,20 @@ theorem i32_id_spec (x : I32) (h : 0 ≤ x.val) :
termination_by x.val.toNat
decreasing_by scalar_decr_tac
+theorem list_tail_spec {T : Type} [Inhabited T] (l : CList T) :
+ ∃ back, list_tail T l = ret (CList.CNil, back) ∧
+ ∀ tl', ∃ l', back tl' = ret l' ∧ l'.to_list = l.to_list ++ tl'.to_list := by
+ rw [list_tail]
+ match l with
+ | CNil =>
+ simp_all
+ | CCons hd tl =>
+ simp_all
+ progress as ⟨ back ⟩
+ simp
+ -- Proving the backward function
+ intro tl'
+ progress
+ simp_all
+
end demo