diff options
Diffstat (limited to '')
-rw-r--r-- | tests/fstar/array/Array.Clauses.Template.fst | 4 | ||||
-rw-r--r-- | tests/fstar/array/Array.Funs.fst | 381 | ||||
-rw-r--r-- | tests/fstar/array/Primitives.fst | 132 |
3 files changed, 228 insertions, 289 deletions
diff --git a/tests/fstar/array/Array.Clauses.Template.fst b/tests/fstar/array/Array.Clauses.Template.fst index 84347ab9..b2f2649c 100644 --- a/tests/fstar/array/Array.Clauses.Template.fst +++ b/tests/fstar/array/Array.Clauses.Template.fst @@ -9,13 +9,13 @@ open Array.Types (** [array::sum]: decreases clause Source: 'src/array.rs', lines 242:0-250:1 *) unfold -let sum_loop_decreases (s : slice u32) (sum0 : u32) (i : usize) : nat = +let sum_loop_decreases (s : slice u32) (sum1 : u32) (i : usize) : nat = admit () (** [array::sum2]: decreases clause Source: 'src/array.rs', lines 252:0-261:1 *) unfold -let sum2_loop_decreases (s : slice u32) (s2 : slice u32) (sum0 : u32) +let sum2_loop_decreases (s : slice u32) (s2 : slice u32) (sum1 : u32) (i : usize) : nat = admit () diff --git a/tests/fstar/array/Array.Funs.fst b/tests/fstar/array/Array.Funs.fst index 935bd9c9..4193ba7d 100644 --- a/tests/fstar/array/Array.Funs.fst +++ b/tests/fstar/array/Array.Funs.fst @@ -7,86 +7,79 @@ include Array.Clauses #set-options "--z3rlimit 50 --fuel 1 --ifuel 1" -(** [array::incr]: merged forward/backward function - (there is a single backward function, and the forward function returns ()) +(** [array::incr]: Source: 'src/array.rs', lines 8:0-8:24 *) let incr (x : u32) : result u32 = u32_add x 1 -(** [array::array_to_shared_slice_]: forward function +(** [array::array_to_shared_slice_]: Source: 'src/array.rs', lines 16:0-16:53 *) let array_to_shared_slice_ (t : Type0) (s : array t 32) : result (slice t) = array_to_slice t 32 s -(** [array::array_to_mut_slice_]: forward function +(** [array::array_to_mut_slice_]: Source: 'src/array.rs', lines 21:0-21:58 *) -let array_to_mut_slice_ (t : Type0) (s : array t 32) : result (slice t) = - array_to_slice t 32 s - -(** [array::array_to_mut_slice_]: backward function 0 - Source: 'src/array.rs', lines 21:0-21:58 *) -let array_to_mut_slice__back - (t : Type0) (s : array t 32) (ret : slice t) : result (array t 32) = - array_from_slice t 32 s ret +let array_to_mut_slice_ + (t : Type0) (s : array t 32) : + result ((slice t) & (slice t -> result (array t 32))) + = + let* (s1, to_slice_mut_back) = array_to_slice_mut t 32 s in + Return (s1, to_slice_mut_back) -(** [array::array_len]: forward function +(** [array::array_len]: Source: 'src/array.rs', lines 25:0-25:40 *) let array_len (t : Type0) (s : array t 32) : result usize = - let* s0 = array_to_slice t 32 s in let i = slice_len t s0 in Return i + let* s1 = array_to_slice t 32 s in let i = slice_len t s1 in Return i -(** [array::shared_array_len]: forward function +(** [array::shared_array_len]: Source: 'src/array.rs', lines 29:0-29:48 *) let shared_array_len (t : Type0) (s : array t 32) : result usize = - let* s0 = array_to_slice t 32 s in let i = slice_len t s0 in Return i + let* s1 = array_to_slice t 32 s in let i = slice_len t s1 in Return i -(** [array::shared_slice_len]: forward function +(** [array::shared_slice_len]: Source: 'src/array.rs', lines 33:0-33:44 *) let shared_slice_len (t : Type0) (s : slice t) : result usize = let i = slice_len t s in Return i -(** [array::index_array_shared]: forward function +(** [array::index_array_shared]: Source: 'src/array.rs', lines 37:0-37:57 *) let index_array_shared (t : Type0) (s : array t 32) (i : usize) : result t = array_index_usize t 32 s i -(** [array::index_array_u32]: forward function +(** [array::index_array_u32]: Source: 'src/array.rs', lines 44:0-44:53 *) let index_array_u32 (s : array u32 32) (i : usize) : result u32 = array_index_usize u32 32 s i -(** [array::index_array_copy]: forward function +(** [array::index_array_copy]: Source: 'src/array.rs', lines 48:0-48:45 *) let index_array_copy (x : array u32 32) : result u32 = array_index_usize u32 32 x 0 -(** [array::index_mut_array]: forward function +(** [array::index_mut_array]: Source: 'src/array.rs', lines 52:0-52:62 *) -let index_mut_array (t : Type0) (s : array t 32) (i : usize) : result t = - array_index_usize t 32 s i - -(** [array::index_mut_array]: backward function 0 - Source: 'src/array.rs', lines 52:0-52:62 *) -let index_mut_array_back - (t : Type0) (s : array t 32) (i : usize) (ret : t) : result (array t 32) = - array_update_usize t 32 s i ret +let index_mut_array + (t : Type0) (s : array t 32) (i : usize) : + result (t & (t -> result (array t 32))) + = + let* (x, index_mut_back) = array_index_mut_usize t 32 s i in + Return (x, index_mut_back) -(** [array::index_slice]: forward function +(** [array::index_slice]: Source: 'src/array.rs', lines 56:0-56:46 *) let index_slice (t : Type0) (s : slice t) (i : usize) : result t = slice_index_usize t s i -(** [array::index_mut_slice]: forward function - Source: 'src/array.rs', lines 60:0-60:58 *) -let index_mut_slice (t : Type0) (s : slice t) (i : usize) : result t = - slice_index_usize t s i - -(** [array::index_mut_slice]: backward function 0 +(** [array::index_mut_slice]: Source: 'src/array.rs', lines 60:0-60:58 *) -let index_mut_slice_back - (t : Type0) (s : slice t) (i : usize) (ret : t) : result (slice t) = - slice_update_usize t s i ret +let index_mut_slice + (t : Type0) (s : slice t) (i : usize) : + result (t & (t -> result (slice t))) + = + let* (x, index_mut_back) = slice_index_mut_usize t s i in + Return (x, index_mut_back) -(** [array::slice_subslice_shared_]: forward function +(** [array::slice_subslice_shared_]: Source: 'src/array.rs', lines 64:0-64:70 *) let slice_subslice_shared_ (x : slice u32) (y : usize) (z : usize) : result (slice u32) = @@ -94,41 +87,33 @@ let slice_subslice_shared_ (core_slice_index_SliceIndexRangeUsizeSliceTInst u32) x { start = y; end_ = z } -(** [array::slice_subslice_mut_]: forward function +(** [array::slice_subslice_mut_]: Source: 'src/array.rs', lines 68:0-68:75 *) let slice_subslice_mut_ - (x : slice u32) (y : usize) (z : usize) : result (slice u32) = - core_slice_index_Slice_index_mut u32 (core_ops_range_Range usize) - (core_slice_index_SliceIndexRangeUsizeSliceTInst u32) x - { start = y; end_ = z } - -(** [array::slice_subslice_mut_]: backward function 0 - Source: 'src/array.rs', lines 68:0-68:75 *) -let slice_subslice_mut__back - (x : slice u32) (y : usize) (z : usize) (ret : slice u32) : - result (slice u32) + (x : slice u32) (y : usize) (z : usize) : + result ((slice u32) & (slice u32 -> result (slice u32))) = - core_slice_index_Slice_index_mut_back u32 (core_ops_range_Range usize) - (core_slice_index_SliceIndexRangeUsizeSliceTInst u32) x - { start = y; end_ = z } ret + let* (s, index_mut_back) = + core_slice_index_Slice_index_mut u32 (core_ops_range_Range usize) + (core_slice_index_SliceIndexRangeUsizeSliceTInst u32) x + { start = y; end_ = z } in + Return (s, index_mut_back) -(** [array::array_to_slice_shared_]: forward function +(** [array::array_to_slice_shared_]: Source: 'src/array.rs', lines 72:0-72:54 *) let array_to_slice_shared_ (x : array u32 32) : result (slice u32) = array_to_slice u32 32 x -(** [array::array_to_slice_mut_]: forward function +(** [array::array_to_slice_mut_]: Source: 'src/array.rs', lines 76:0-76:59 *) -let array_to_slice_mut_ (x : array u32 32) : result (slice u32) = - array_to_slice u32 32 x - -(** [array::array_to_slice_mut_]: backward function 0 - Source: 'src/array.rs', lines 76:0-76:59 *) -let array_to_slice_mut__back - (x : array u32 32) (ret : slice u32) : result (array u32 32) = - array_from_slice u32 32 x ret +let array_to_slice_mut_ + (x : array u32 32) : + result ((slice u32) & (slice u32 -> result (array u32 32))) + = + let* (s, to_slice_mut_back) = array_to_slice_mut u32 32 x in + Return (s, to_slice_mut_back) -(** [array::array_subslice_shared_]: forward function +(** [array::array_subslice_shared_]: Source: 'src/array.rs', lines 80:0-80:74 *) let array_subslice_shared_ (x : array u32 32) (y : usize) (z : usize) : result (slice u32) = @@ -137,274 +122,262 @@ let array_subslice_shared_ (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) x { start = y; end_ = z } -(** [array::array_subslice_mut_]: forward function +(** [array::array_subslice_mut_]: Source: 'src/array.rs', lines 84:0-84:79 *) let array_subslice_mut_ - (x : array u32 32) (y : usize) (z : usize) : result (slice u32) = - core_array_Array_index_mut u32 (core_ops_range_Range usize) 32 - (core_ops_index_IndexMutSliceTIInst u32 (core_ops_range_Range usize) - (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) x - { start = y; end_ = z } - -(** [array::array_subslice_mut_]: backward function 0 - Source: 'src/array.rs', lines 84:0-84:79 *) -let array_subslice_mut__back - (x : array u32 32) (y : usize) (z : usize) (ret : slice u32) : - result (array u32 32) + (x : array u32 32) (y : usize) (z : usize) : + result ((slice u32) & (slice u32 -> result (array u32 32))) = - core_array_Array_index_mut_back u32 (core_ops_range_Range usize) 32 - (core_ops_index_IndexMutSliceTIInst u32 (core_ops_range_Range usize) - (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) x - { start = y; end_ = z } ret + let* (s, index_mut_back) = + core_array_Array_index_mut u32 (core_ops_range_Range usize) 32 + (core_ops_index_IndexMutSliceTIInst u32 (core_ops_range_Range usize) + (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) x + { start = y; end_ = z } in + Return (s, index_mut_back) -(** [array::index_slice_0]: forward function +(** [array::index_slice_0]: Source: 'src/array.rs', lines 88:0-88:38 *) let index_slice_0 (t : Type0) (s : slice t) : result t = slice_index_usize t s 0 -(** [array::index_array_0]: forward function +(** [array::index_array_0]: Source: 'src/array.rs', lines 92:0-92:42 *) let index_array_0 (t : Type0) (s : array t 32) : result t = array_index_usize t 32 s 0 -(** [array::index_index_array]: forward function +(** [array::index_index_array]: Source: 'src/array.rs', lines 103:0-103:71 *) let index_index_array (s : array (array u32 32) 32) (i : usize) (j : usize) : result u32 = let* a = array_index_usize (array u32 32) 32 s i in array_index_usize u32 32 a j -(** [array::update_update_array]: forward function +(** [array::update_update_array]: Source: 'src/array.rs', lines 114:0-114:70 *) let update_update_array (s : array (array u32 32) 32) (i : usize) (j : usize) : result unit = - let* a = array_index_usize (array u32 32) 32 s i in - let* a0 = array_update_usize u32 32 a j 0 in - let* _ = array_update_usize (array u32 32) 32 s i a0 in + let* (a, index_mut_back) = array_index_mut_usize (array u32 32) 32 s i in + let* (_, index_mut_back1) = array_index_mut_usize u32 32 a j in + let* a1 = index_mut_back1 0 in + let* _ = index_mut_back a1 in Return () -(** [array::array_local_deep_copy]: forward function +(** [array::array_local_deep_copy]: Source: 'src/array.rs', lines 118:0-118:43 *) let array_local_deep_copy (x : array u32 32) : result unit = Return () -(** [array::take_array]: forward function +(** [array::take_array]: Source: 'src/array.rs', lines 122:0-122:30 *) let take_array (a : array u32 2) : result unit = Return () -(** [array::take_array_borrow]: forward function +(** [array::take_array_borrow]: Source: 'src/array.rs', lines 123:0-123:38 *) let take_array_borrow (a : array u32 2) : result unit = Return () -(** [array::take_slice]: forward function +(** [array::take_slice]: Source: 'src/array.rs', lines 124:0-124:28 *) let take_slice (s : slice u32) : result unit = Return () -(** [array::take_mut_slice]: merged forward/backward function - (there is a single backward function, and the forward function returns ()) +(** [array::take_mut_slice]: Source: 'src/array.rs', lines 125:0-125:36 *) let take_mut_slice (s : slice u32) : result (slice u32) = Return s -(** [array::const_array]: forward function +(** [array::const_array]: Source: 'src/array.rs', lines 127:0-127:32 *) let const_array : result (array u32 2) = Return (mk_array u32 2 [ 0; 0 ]) -(** [array::const_slice]: forward function +(** [array::const_slice]: Source: 'src/array.rs', lines 131:0-131:20 *) let const_slice : result unit = let* _ = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in Return () -(** [array::take_all]: forward function +(** [array::take_all]: Source: 'src/array.rs', lines 141:0-141:17 *) let take_all : result unit = let* _ = take_array (mk_array u32 2 [ 0; 0 ]) in + let* _ = take_array (mk_array u32 2 [ 0; 0 ]) in let* _ = take_array_borrow (mk_array u32 2 [ 0; 0 ]) in let* s = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in let* _ = take_slice s in - let* s0 = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in - let* s1 = take_mut_slice s0 in - let* _ = array_from_slice u32 2 (mk_array u32 2 [ 0; 0 ]) s1 in + let* (s1, to_slice_mut_back) = + array_to_slice_mut u32 2 (mk_array u32 2 [ 0; 0 ]) in + let* s2 = take_mut_slice s1 in + let* _ = to_slice_mut_back s2 in Return () -(** [array::index_array]: forward function +(** [array::index_array]: Source: 'src/array.rs', lines 155:0-155:38 *) let index_array (x : array u32 2) : result u32 = array_index_usize u32 2 x 0 -(** [array::index_array_borrow]: forward function +(** [array::index_array_borrow]: Source: 'src/array.rs', lines 158:0-158:46 *) let index_array_borrow (x : array u32 2) : result u32 = array_index_usize u32 2 x 0 -(** [array::index_slice_u32_0]: forward function +(** [array::index_slice_u32_0]: Source: 'src/array.rs', lines 162:0-162:42 *) let index_slice_u32_0 (x : slice u32) : result u32 = slice_index_usize u32 x 0 -(** [array::index_mut_slice_u32_0]: forward function - Source: 'src/array.rs', lines 166:0-166:50 *) -let index_mut_slice_u32_0 (x : slice u32) : result u32 = - slice_index_usize u32 x 0 - -(** [array::index_mut_slice_u32_0]: backward function 0 +(** [array::index_mut_slice_u32_0]: Source: 'src/array.rs', lines 166:0-166:50 *) -let index_mut_slice_u32_0_back (x : slice u32) : result (slice u32) = - let* _ = slice_index_usize u32 x 0 in Return x +let index_mut_slice_u32_0 (x : slice u32) : result (u32 & (slice u32)) = + let* i = slice_index_usize u32 x 0 in Return (i, x) -(** [array::index_all]: forward function +(** [array::index_all]: Source: 'src/array.rs', lines 170:0-170:25 *) let index_all : result u32 = let* i = index_array (mk_array u32 2 [ 0; 0 ]) in - let* i0 = index_array (mk_array u32 2 [ 0; 0 ]) in - let* i1 = u32_add i i0 in - let* i2 = index_array_borrow (mk_array u32 2 [ 0; 0 ]) in - let* i3 = u32_add i1 i2 in + let* i1 = index_array (mk_array u32 2 [ 0; 0 ]) in + let* i2 = u32_add i i1 in + let* i3 = index_array_borrow (mk_array u32 2 [ 0; 0 ]) in + let* i4 = u32_add i2 i3 in let* s = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in - let* i4 = index_slice_u32_0 s in - let* i5 = u32_add i3 i4 in - let* s0 = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in - let* i6 = index_mut_slice_u32_0 s0 in - let* i7 = u32_add i5 i6 in - let* s1 = index_mut_slice_u32_0_back s0 in - let* _ = array_from_slice u32 2 (mk_array u32 2 [ 0; 0 ]) s1 in - Return i7 - -(** [array::update_array]: forward function + let* i5 = index_slice_u32_0 s in + let* i6 = u32_add i4 i5 in + let* (s1, to_slice_mut_back) = + array_to_slice_mut u32 2 (mk_array u32 2 [ 0; 0 ]) in + let* (i7, s2) = index_mut_slice_u32_0 s1 in + let* i8 = u32_add i6 i7 in + let* _ = to_slice_mut_back s2 in + Return i8 + +(** [array::update_array]: Source: 'src/array.rs', lines 184:0-184:36 *) let update_array (x : array u32 2) : result unit = - let* _ = array_update_usize u32 2 x 0 1 in Return () + let* (_, index_mut_back) = array_index_mut_usize u32 2 x 0 in + let* _ = index_mut_back 1 in + Return () -(** [array::update_array_mut_borrow]: merged forward/backward function - (there is a single backward function, and the forward function returns ()) +(** [array::update_array_mut_borrow]: Source: 'src/array.rs', lines 187:0-187:48 *) let update_array_mut_borrow (x : array u32 2) : result (array u32 2) = - array_update_usize u32 2 x 0 1 + let* (_, index_mut_back) = array_index_mut_usize u32 2 x 0 in + index_mut_back 1 -(** [array::update_mut_slice]: merged forward/backward function - (there is a single backward function, and the forward function returns ()) +(** [array::update_mut_slice]: Source: 'src/array.rs', lines 190:0-190:38 *) let update_mut_slice (x : slice u32) : result (slice u32) = - slice_update_usize u32 x 0 1 + let* (_, index_mut_back) = slice_index_mut_usize u32 x 0 in index_mut_back 1 -(** [array::update_all]: forward function +(** [array::update_all]: Source: 'src/array.rs', lines 194:0-194:19 *) let update_all : result unit = let* _ = update_array (mk_array u32 2 [ 0; 0 ]) in - let* x = update_array_mut_borrow (mk_array u32 2 [ 0; 0 ]) in - let* s = array_to_slice u32 2 x in - let* s0 = update_mut_slice s in - let* _ = array_from_slice u32 2 x s0 in + let* _ = update_array (mk_array u32 2 [ 0; 0 ]) in + let* a = update_array_mut_borrow (mk_array u32 2 [ 0; 0 ]) in + let* (s, to_slice_mut_back) = array_to_slice_mut u32 2 a in + let* s1 = update_mut_slice s in + let* _ = to_slice_mut_back s1 in Return () -(** [array::range_all]: forward function +(** [array::range_all]: Source: 'src/array.rs', lines 205:0-205:18 *) let range_all : result unit = - let* s = + let* (s, index_mut_back) = core_array_Array_index_mut u32 (core_ops_range_Range usize) 4 (core_ops_index_IndexMutSliceTIInst u32 (core_ops_range_Range usize) (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) (mk_array u32 4 [ 0; 0; 0; 0 ]) { start = 1; end_ = 3 } in - let* s0 = update_mut_slice s in - let* _ = - core_array_Array_index_mut_back u32 (core_ops_range_Range usize) 4 - (core_ops_index_IndexMutSliceTIInst u32 (core_ops_range_Range usize) - (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) - (mk_array u32 4 [ 0; 0; 0; 0 ]) { start = 1; end_ = 3 } s0 in + let* s1 = update_mut_slice s in + let* _ = index_mut_back s1 in Return () -(** [array::deref_array_borrow]: forward function +(** [array::deref_array_borrow]: Source: 'src/array.rs', lines 214:0-214:46 *) let deref_array_borrow (x : array u32 2) : result u32 = array_index_usize u32 2 x 0 -(** [array::deref_array_mut_borrow]: forward function +(** [array::deref_array_mut_borrow]: Source: 'src/array.rs', lines 219:0-219:54 *) -let deref_array_mut_borrow (x : array u32 2) : result u32 = - array_index_usize u32 2 x 0 +let deref_array_mut_borrow (x : array u32 2) : result (u32 & (array u32 2)) = + let* i = array_index_usize u32 2 x 0 in Return (i, x) -(** [array::deref_array_mut_borrow]: backward function 0 - Source: 'src/array.rs', lines 219:0-219:54 *) -let deref_array_mut_borrow_back (x : array u32 2) : result (array u32 2) = - let* _ = array_index_usize u32 2 x 0 in Return x - -(** [array::take_array_t]: forward function +(** [array::take_array_t]: Source: 'src/array.rs', lines 227:0-227:31 *) let take_array_t (a : array aB_t 2) : result unit = Return () -(** [array::non_copyable_array]: forward function +(** [array::non_copyable_array]: Source: 'src/array.rs', lines 229:0-229:27 *) let non_copyable_array : result unit = let* _ = take_array_t (mk_array aB_t 2 [ AB_A; AB_B ]) in Return () -(** [array::sum]: loop 0: forward function +(** [array::sum]: loop 0: Source: 'src/array.rs', lines 242:0-250:1 *) let rec sum_loop - (s : slice u32) (sum0 : u32) (i : usize) : - Tot (result u32) (decreases (sum_loop_decreases s sum0 i)) + (s : slice u32) (sum1 : u32) (i : usize) : + Tot (result u32) (decreases (sum_loop_decreases s sum1 i)) = - let i0 = slice_len u32 s in - if i < i0 + let i1 = slice_len u32 s in + if i < i1 then - let* i1 = slice_index_usize u32 s i in - let* sum1 = u32_add sum0 i1 in - let* i2 = usize_add i 1 in - sum_loop s sum1 i2 - else Return sum0 + let* i2 = slice_index_usize u32 s i in + let* sum3 = u32_add sum1 i2 in + let* i3 = usize_add i 1 in + sum_loop s sum3 i3 + else Return sum1 -(** [array::sum]: forward function +(** [array::sum]: Source: 'src/array.rs', lines 242:0-242:28 *) let sum (s : slice u32) : result u32 = sum_loop s 0 0 -(** [array::sum2]: loop 0: forward function +(** [array::sum2]: loop 0: Source: 'src/array.rs', lines 252:0-261:1 *) let rec sum2_loop - (s : slice u32) (s2 : slice u32) (sum0 : u32) (i : usize) : - Tot (result u32) (decreases (sum2_loop_decreases s s2 sum0 i)) + (s : slice u32) (s2 : slice u32) (sum1 : u32) (i : usize) : + Tot (result u32) (decreases (sum2_loop_decreases s s2 sum1 i)) = - let i0 = slice_len u32 s in - if i < i0 + let i1 = slice_len u32 s in + if i < i1 then - let* i1 = slice_index_usize u32 s i in - let* i2 = slice_index_usize u32 s2 i in - let* i3 = u32_add i1 i2 in - let* sum1 = u32_add sum0 i3 in - let* i4 = usize_add i 1 in - sum2_loop s s2 sum1 i4 - else Return sum0 - -(** [array::sum2]: forward function + let* i2 = slice_index_usize u32 s i in + let* i3 = slice_index_usize u32 s2 i in + let* i4 = u32_add i2 i3 in + let* sum3 = u32_add sum1 i4 in + let* i5 = usize_add i 1 in + sum2_loop s s2 sum3 i5 + else Return sum1 + +(** [array::sum2]: Source: 'src/array.rs', lines 252:0-252:41 *) let sum2 (s : slice u32) (s2 : slice u32) : result u32 = let i = slice_len u32 s in - let i0 = slice_len u32 s2 in - if not (i = i0) then Fail Failure else sum2_loop s s2 0 0 + let i1 = slice_len u32 s2 in + if not (i = i1) then Fail Failure else sum2_loop s s2 0 0 -(** [array::f0]: forward function +(** [array::f0]: Source: 'src/array.rs', lines 263:0-263:11 *) let f0 : result unit = - let* s = array_to_slice u32 2 (mk_array u32 2 [ 1; 2 ]) in - let* s0 = slice_update_usize u32 s 0 1 in - let* _ = array_from_slice u32 2 (mk_array u32 2 [ 1; 2 ]) s0 in + let* (s, to_slice_mut_back) = + array_to_slice_mut u32 2 (mk_array u32 2 [ 1; 2 ]) in + let* (_, index_mut_back) = slice_index_mut_usize u32 s 0 in + let* s1 = index_mut_back 1 in + let* _ = to_slice_mut_back s1 in Return () -(** [array::f1]: forward function +(** [array::f1]: Source: 'src/array.rs', lines 268:0-268:11 *) let f1 : result unit = - let* _ = array_update_usize u32 2 (mk_array u32 2 [ 1; 2 ]) 0 1 in Return () + let* (_, index_mut_back) = + array_index_mut_usize u32 2 (mk_array u32 2 [ 1; 2 ]) 0 in + let* _ = index_mut_back 1 in + Return () -(** [array::f2]: forward function +(** [array::f2]: Source: 'src/array.rs', lines 273:0-273:17 *) let f2 (i : u32) : result unit = Return () -(** [array::f4]: forward function +(** [array::f4]: Source: 'src/array.rs', lines 282:0-282:54 *) let f4 (x : array u32 32) (y : usize) (z : usize) : result (slice u32) = core_array_Array_index u32 (core_ops_range_Range usize) 32 @@ -412,34 +385,36 @@ let f4 (x : array u32 32) (y : usize) (z : usize) : result (slice u32) = (core_slice_index_SliceIndexRangeUsizeSliceTInst u32)) x { start = y; end_ = z } -(** [array::f3]: forward function +(** [array::f3]: Source: 'src/array.rs', lines 275:0-275:18 *) let f3 : result u32 = let* i = array_index_usize u32 2 (mk_array u32 2 [ 1; 2 ]) 0 in let* _ = f2 i in let b = array_repeat u32 32 0 in let* s = array_to_slice u32 2 (mk_array u32 2 [ 1; 2 ]) in - let* s0 = f4 b 16 18 in - sum2 s s0 + let* s1 = f4 b 16 18 in + sum2 s s1 (** [array::SZ] Source: 'src/array.rs', lines 286:0-286:19 *) let sz_body : result usize = Return 32 let sz_c : usize = eval_global sz_body -(** [array::f5]: forward function +(** [array::f5]: Source: 'src/array.rs', lines 289:0-289:31 *) let f5 (x : array u32 32) : result u32 = array_index_usize u32 32 x 0 -(** [array::ite]: forward function +(** [array::ite]: Source: 'src/array.rs', lines 294:0-294:12 *) let ite : result unit = - let* s = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in - let* s0 = array_to_slice u32 2 (mk_array u32 2 [ 0; 0 ]) in - let* s1 = index_mut_slice_u32_0_back s0 in - let* _ = array_from_slice u32 2 (mk_array u32 2 [ 0; 0 ]) s1 in - let* s2 = index_mut_slice_u32_0_back s in - let* _ = array_from_slice u32 2 (mk_array u32 2 [ 0; 0 ]) s2 in + let* (s, to_slice_mut_back) = + array_to_slice_mut u32 2 (mk_array u32 2 [ 0; 0 ]) in + let* (_, s1) = index_mut_slice_u32_0 s in + let* (s2, to_slice_mut_back1) = + array_to_slice_mut u32 2 (mk_array u32 2 [ 0; 0 ]) in + let* (_, s3) = index_mut_slice_u32_0 s2 in + let* _ = to_slice_mut_back1 s3 in + let* _ = to_slice_mut_back s1 in Return () diff --git a/tests/fstar/array/Primitives.fst b/tests/fstar/array/Primitives.fst index a3ffbde4..fca80829 100644 --- a/tests/fstar/array/Primitives.fst +++ b/tests/fstar/array/Primitives.fst @@ -55,8 +55,7 @@ type string = string let is_zero (n: nat) : bool = n = 0 let decrease (n: nat{n > 0}) : nat = n - 1 -let core_mem_replace (a : Type0) (x : a) (y : a) : a = x -let core_mem_replace_back (a : Type0) (x : a) (y : a) : a = y +let core_mem_replace (a : Type0) (x : a) (y : a) : a & a = (x, x) // We don't really use raw pointers for now type mut_raw_ptr (t : Type0) = { v : t } @@ -477,8 +476,7 @@ noeq type core_ops_index_Index (self idx : Type0) = { // Trait declaration: [core::ops::index::IndexMut] noeq type core_ops_index_IndexMut (self idx : Type0) = { indexInst : core_ops_index_Index self idx; - index_mut : self → idx → result indexInst.output; - index_mut_back : self → idx → indexInst.output → result self; + index_mut : self → idx → result (indexInst.output & (indexInst.output → result self)); } // Trait declaration [core::ops::deref::Deref] @@ -490,8 +488,7 @@ noeq type core_ops_deref_Deref (self : Type0) = { // Trait declaration [core::ops::deref::DerefMut] noeq type core_ops_deref_DerefMut (self : Type0) = { derefInst : core_ops_deref_Deref self; - deref_mut : self → result derefInst.target; - deref_mut_back : self → derefInst.target → result self; + deref_mut : self → result (derefInst.target & (derefInst.target → result self)); } type core_ops_range_Range (a : Type0) = { @@ -502,8 +499,8 @@ type core_ops_range_Range (a : Type0) = { (*** [alloc] *) let alloc_boxed_Box_deref (t : Type0) (x : t) : result t = Return x -let alloc_boxed_Box_deref_mut (t : Type0) (x : t) : result t = Return x -let alloc_boxed_Box_deref_mut_back (t : Type) (_ : t) (x : t) : result t = Return x +let alloc_boxed_Box_deref_mut (t : Type0) (x : t) : result (t & (t -> result t)) = + Return (x, (fun x -> Return x)) // Trait instance let alloc_boxed_Box_coreopsDerefInst (self : Type0) : core_ops_deref_Deref self = { @@ -515,7 +512,6 @@ let alloc_boxed_Box_coreopsDerefInst (self : Type0) : core_ops_deref_Deref self let alloc_boxed_Box_coreopsDerefMutInst (self : Type0) : core_ops_deref_DerefMut self = { derefInst = alloc_boxed_Box_coreopsDerefInst self; deref_mut = alloc_boxed_Box_deref_mut self; - deref_mut_back = alloc_boxed_Box_deref_mut_back self; } (*** Array *) @@ -535,10 +531,18 @@ let array_index_usize (a : Type0) (n : usize) (x : array a n) (i : usize) : resu if i < length x then Return (index x i) else Fail Failure -let array_update_usize (a : Type0) (n : usize) (x : array a n) (i : usize) (nx : a) : result (array a n) = +let array_update_usize (a : Type0) (n : usize) (x : array a n) (i : usize) (nx : a) : + result (array a n) = if i < length x then Return (list_update x i nx) else Fail Failure +let array_index_mut_usize (a : Type0) (n : usize) (x : array a n) (i : usize) : + result (a & (a -> result (array a n))) = + match array_index_usize a n x i with + | Fail e -> Fail e + | Return v -> + Return (v, array_update_usize a n x i) + (*** Slice *) type slice (a : Type0) = s:list a{length s <= usize_max} @@ -552,6 +556,13 @@ let slice_update_usize (a : Type0) (x : slice a) (i : usize) (nx : a) : result ( if i < length x then Return (list_update x i nx) else Fail Failure +let slice_index_mut_usize (a : Type0) (s : slice a) (i : usize) : + result (a & (a -> result (slice a))) = + match slice_index_usize a s i with + | Fail e -> Fail e + | Return x -> + Return (x, slice_update_usize a s i) + (*** Subslices *) let array_to_slice (a : Type0) (n : usize) (x : array a n) : result (slice a) = Return x @@ -559,6 +570,10 @@ let array_from_slice (a : Type0) (n : usize) (x : array a n) (s : slice a) : res if length s = n then Return s else Fail Failure +let array_to_slice_mut (a : Type0) (n : usize) (x : array a n) : + result (slice a & (slice a -> result (array a n))) = + Return (x, array_from_slice a n x) + // TODO: finish the definitions below (there lacks [List.drop] and [List.take] in the standard library *) let array_subslice (a : Type0) (n : usize) (x : array a n) (r : core_ops_range_Range usize) : result (slice a) = admit() @@ -588,8 +603,13 @@ let alloc_vec_Vec_index_usize (#a : Type0) (v : alloc_vec_Vec a) (i : usize) : r let alloc_vec_Vec_update_usize (#a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) : result (alloc_vec_Vec a) = if i < length v then Return (list_update v i x) else Fail Failure -// The **forward** function shouldn't be used -let alloc_vec_Vec_push_fwd (a : Type0) (v : alloc_vec_Vec a) (x : a) : unit = () +let alloc_vec_Vec_index_mut_usize (#a : Type0) (v: alloc_vec_Vec a) (i: usize) : + result (a & (a → result (alloc_vec_Vec a))) = + match alloc_vec_Vec_index_usize v i with + | Return x -> + Return (x, alloc_vec_Vec_update_usize v i) + | Fail e -> Fail e + let alloc_vec_Vec_push (a : Type0) (v : alloc_vec_Vec a) (x : a) : Pure (result (alloc_vec_Vec a)) (requires True) @@ -605,9 +625,6 @@ let alloc_vec_Vec_push (a : Type0) (v : alloc_vec_Vec a) (x : a) : end else Fail Failure -// The **forward** function shouldn't be used -let alloc_vec_Vec_insert_fwd (a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) : result unit = - if i < length v then Return () else Fail Failure let alloc_vec_Vec_insert (a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) : result (alloc_vec_Vec a) = if i < length v then Return (list_update v i x) else Fail Failure @@ -619,13 +636,11 @@ noeq type core_slice_index_SliceIndex (self t : Type0) = { sealedInst : core_slice_index_private_slice_index_Sealed self; output : Type0; get : self → t → result (option output); - get_mut : self → t → result (option output); - get_mut_back : self → t → option output → result t; + get_mut : self → t → result (option output & (option output -> result t)); get_unchecked : self → const_raw_ptr t → result (const_raw_ptr output); get_unchecked_mut : self → mut_raw_ptr t → result (mut_raw_ptr output); index : self → t → result output; - index_mut : self → t → result output; - index_mut_back : self → t → output → result t; + index_mut : self → t → result (output & (output -> result t)); } // [core::slice::index::[T]::index]: forward function @@ -643,14 +658,8 @@ let core_slice_index_RangeUsize_get (t : Type0) (i : core_ops_range_Range usize) admit () // TODO // [core::slice::index::Range::get_mut]: forward function -let core_slice_index_RangeUsize_get_mut - (t : Type0) : core_ops_range_Range usize → slice t → result (option (slice t)) = - admit () // TODO - -// [core::slice::index::Range::get_mut]: backward function 0 -let core_slice_index_RangeUsize_get_mut_back - (t : Type0) : - core_ops_range_Range usize → slice t → option (slice t) → result (slice t) = +let core_slice_index_RangeUsize_get_mut (t : Type0) : + core_ops_range_Range usize → slice t → result (option (slice t) & (option (slice t) -> result (slice t))) = admit () // TODO // [core::slice::index::Range::get_unchecked]: forward function @@ -675,27 +684,16 @@ let core_slice_index_RangeUsize_index admit () // TODO // [core::slice::index::Range::index_mut]: forward function -let core_slice_index_RangeUsize_index_mut - (t : Type0) : core_ops_range_Range usize → slice t → result (slice t) = - admit () // TODO - -// [core::slice::index::Range::index_mut]: backward function 0 -let core_slice_index_RangeUsize_index_mut_back - (t : Type0) : core_ops_range_Range usize → slice t → slice t → result (slice t) = +let core_slice_index_RangeUsize_index_mut (t : Type0) : + core_ops_range_Range usize → slice t → result (slice t & (slice t -> result (slice t))) = admit () // TODO // [core::slice::index::[T]::index_mut]: forward function let core_slice_index_Slice_index_mut (t idx : Type0) (inst : core_slice_index_SliceIndex idx (slice t)) : - slice t → idx → result inst.output = + slice t → idx → result (inst.output & (inst.output -> result (slice t))) = admit () // -// [core::slice::index::[T]::index_mut]: backward function 0 -let core_slice_index_Slice_index_mut_back - (t idx : Type0) (inst : core_slice_index_SliceIndex idx (slice t)) : - slice t → idx → inst.output → result (slice t) = - admit () // TODO - // [core::array::[T; N]::index]: forward function let core_array_Array_index (t idx : Type0) (n : usize) (inst : core_ops_index_Index (slice t) idx) @@ -705,13 +703,8 @@ let core_array_Array_index // [core::array::[T; N]::index_mut]: forward function let core_array_Array_index_mut (t idx : Type0) (n : usize) (inst : core_ops_index_IndexMut (slice t) idx) - (a : array t n) (i : idx) : result inst.indexInst.output = - admit () // TODO - -// [core::array::[T; N]::index_mut]: backward function 0 -let core_array_Array_index_mut_back - (t idx : Type0) (n : usize) (inst : core_ops_index_IndexMut (slice t) idx) - (a : array t n) (i : idx) (x : inst.indexInst.output) : result (array t n) = + (a : array t n) (i : idx) : + result (inst.indexInst.output & (inst.indexInst.output -> result (array t n))) = admit () // TODO // Trait implementation: [core::slice::index::private_slice_index::Range] @@ -725,12 +718,10 @@ let core_slice_index_SliceIndexRangeUsizeSliceTInst (t : Type0) : output = slice t; get = core_slice_index_RangeUsize_get t; get_mut = core_slice_index_RangeUsize_get_mut t; - get_mut_back = core_slice_index_RangeUsize_get_mut_back t; get_unchecked = core_slice_index_RangeUsize_get_unchecked t; get_unchecked_mut = core_slice_index_RangeUsize_get_unchecked_mut t; index = core_slice_index_RangeUsize_index t; index_mut = core_slice_index_RangeUsize_index_mut t; - index_mut_back = core_slice_index_RangeUsize_index_mut_back t; } // Trait implementation: [core::slice::index::[T]] @@ -747,7 +738,6 @@ let core_ops_index_IndexMutSliceTIInst (t idx : Type0) core_ops_index_IndexMut (slice t) idx = { indexInst = core_ops_index_IndexSliceTIInst t idx inst; index_mut = core_slice_index_Slice_index_mut t idx inst; - index_mut_back = core_slice_index_Slice_index_mut_back t idx inst; } // Trait implementation: [core::array::[T; N]] @@ -764,7 +754,6 @@ let core_ops_index_IndexMutArrayIInst (t idx : Type0) (n : usize) core_ops_index_IndexMut (array t n) idx = { indexInst = core_ops_index_IndexArrayInst t idx n inst.indexInst; index_mut = core_array_Array_index_mut t idx n inst; - index_mut_back = core_array_Array_index_mut_back t idx n inst; } // [core::slice::index::usize::get]: forward function @@ -773,13 +762,8 @@ let core_slice_index_usize_get admit () // TODO // [core::slice::index::usize::get_mut]: forward function -let core_slice_index_usize_get_mut - (t : Type0) : usize → slice t → result (option t) = - admit () // TODO - -// [core::slice::index::usize::get_mut]: backward function 0 -let core_slice_index_usize_get_mut_back - (t : Type0) : usize → slice t → option t → result (slice t) = +let core_slice_index_usize_get_mut (t : Type0) : + usize → slice t → result (option t & (option t -> result (slice t))) = admit () // TODO // [core::slice::index::usize::get_unchecked]: forward function @@ -797,12 +781,8 @@ let core_slice_index_usize_index (t : Type0) : usize → slice t → result t = admit () // TODO // [core::slice::index::usize::index_mut]: forward function -let core_slice_index_usize_index_mut (t : Type0) : usize → slice t → result t = - admit () // TODO - -// [core::slice::index::usize::index_mut]: backward function 0 -let core_slice_index_usize_index_mut_back - (t : Type0) : usize → slice t → t → result (slice t) = +let core_slice_index_usize_index_mut (t : Type0) : + usize → slice t → result (t & (t -> result (slice t))) = admit () // TODO // Trait implementation: [core::slice::index::private_slice_index::usize] @@ -816,12 +796,10 @@ let core_slice_index_SliceIndexUsizeSliceTInst (t : Type0) : output = t; get = core_slice_index_usize_get t; get_mut = core_slice_index_usize_get_mut t; - get_mut_back = core_slice_index_usize_get_mut_back t; get_unchecked = core_slice_index_usize_get_unchecked t; get_unchecked_mut = core_slice_index_usize_get_unchecked_mut t; index = core_slice_index_usize_index t; index_mut = core_slice_index_usize_index_mut t; - index_mut_back = core_slice_index_usize_index_mut_back t; } // [alloc::vec::Vec::index]: forward function @@ -831,13 +809,8 @@ let alloc_vec_Vec_index (t idx : Type0) (inst : core_slice_index_SliceIndex idx // [alloc::vec::Vec::index_mut]: forward function let alloc_vec_Vec_index_mut (t idx : Type0) (inst : core_slice_index_SliceIndex idx (slice t)) - (self : alloc_vec_Vec t) (i : idx) : result inst.output = - admit () // TODO - -// [alloc::vec::Vec::index_mut]: backward function 0 -let alloc_vec_Vec_index_mut_back - (t idx : Type0) (inst : core_slice_index_SliceIndex idx (slice t)) - (self : alloc_vec_Vec t) (i : idx) (x : inst.output) : result (alloc_vec_Vec t) = + (self : alloc_vec_Vec t) (i : idx) : + result (inst.output & (inst.output -> result (alloc_vec_Vec t))) = admit () // TODO // Trait implementation: [alloc::vec::Vec] @@ -854,7 +827,6 @@ let alloc_vec_Vec_coreopsindexIndexMutInst (t idx : Type0) core_ops_index_IndexMut (alloc_vec_Vec t) idx = { indexInst = alloc_vec_Vec_coreopsindexIndexInst t idx inst; index_mut = alloc_vec_Vec_index_mut t idx inst; - index_mut_back = alloc_vec_Vec_index_mut_back t idx inst; } (*** Theorems *) @@ -870,15 +842,7 @@ let alloc_vec_Vec_index_eq (#a : Type0) (v : alloc_vec_Vec a) (i : usize) : let alloc_vec_Vec_index_mut_eq (#a : Type0) (v : alloc_vec_Vec a) (i : usize) : Lemma ( alloc_vec_Vec_index_mut a usize (core_slice_index_SliceIndexUsizeSliceTInst a) v i == - alloc_vec_Vec_index_usize v i) + alloc_vec_Vec_index_mut_usize v i) [SMTPat (alloc_vec_Vec_index_mut a usize (core_slice_index_SliceIndexUsizeSliceTInst a) v i)] = admit() - -let alloc_vec_Vec_index_mut_back_eq (#a : Type0) (v : alloc_vec_Vec a) (i : usize) (x : a) : - Lemma ( - alloc_vec_Vec_index_mut_back a usize (core_slice_index_SliceIndexUsizeSliceTInst a) v i x == - alloc_vec_Vec_update_usize v i x) - [SMTPat (alloc_vec_Vec_index_mut_back a usize (core_slice_index_SliceIndexUsizeSliceTInst a) v i x)] - = - admit() |