1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
|
(** THIS FILE WAS AUTOMATICALLY GENERATED BY AENEAS *)
(** [hashmap]: function definitions *)
open primitivesLib divDefLib
open hashmap_TypesTheory
val _ = new_theory "hashmap_Funs"
val hash_key_fwd_def = Define ‘
(** [hashmap::hash_key]: forward function *)
hash_key_fwd (k : usize) : usize result =
Return k
’
val [hash_map_allocate_slots_loop_fwd_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::allocate_slots]: loop 0: forward function *)
hash_map_allocate_slots_loop_fwd
(slots : 't list_t vec) (n : usize) : 't list_t vec result =
if usize_gt n (int_to_usize 0)
then (
do
slots0 <- vec_push_back slots ListNil;
n0 <- usize_sub n (int_to_usize 1);
hash_map_allocate_slots_loop_fwd slots0 n0
od)
else Return slots
’
val hash_map_allocate_slots_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::allocate_slots]: forward function *)
hash_map_allocate_slots_fwd
(slots : 't list_t vec) (n : usize) : 't list_t vec result =
hash_map_allocate_slots_loop_fwd slots n
’
val hash_map_new_with_capacity_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::new_with_capacity]: forward function *)
hash_map_new_with_capacity_fwd
(capacity : usize) (max_load_dividend : usize) (max_load_divisor : usize) :
't hash_map_t result
=
let v = vec_new in
do
slots <- hash_map_allocate_slots_fwd v capacity;
i <- usize_mul capacity max_load_dividend;
i0 <- usize_div i max_load_divisor;
Return
(<|
hash_map_num_entries := (int_to_usize 0);
hash_map_max_load_factor := (max_load_dividend, max_load_divisor);
hash_map_max_load := i0;
hash_map_slots := slots
|>)
od
’
val hash_map_new_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::new]: forward function *)
hash_map_new_fwd : 't hash_map_t result =
hash_map_new_with_capacity_fwd (int_to_usize 32) (int_to_usize 4)
(int_to_usize 5)
’
val [hash_map_clear_loop_fwd_back_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::clear]: loop 0: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_clear_loop_fwd_back
(slots : 't list_t vec) (i : usize) : 't list_t vec result =
let i0 = vec_len slots in
if usize_lt i i0
then (
do
i1 <- usize_add i (int_to_usize 1);
slots0 <- vec_index_mut_back slots i ListNil;
hash_map_clear_loop_fwd_back slots0 i1
od)
else Return slots
’
val hash_map_clear_fwd_back_def = Define ‘
(** [hashmap::HashMap::{0}::clear]: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_clear_fwd_back (self : 't hash_map_t) : 't hash_map_t result =
do
v <- hash_map_clear_loop_fwd_back self.hash_map_slots (int_to_usize 0);
Return
(self
with
<|
hash_map_num_entries := (int_to_usize 0); hash_map_slots := v
|>)
od
’
val hash_map_len_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::len]: forward function *)
hash_map_len_fwd (self : 't hash_map_t) : usize result =
Return self.hash_map_num_entries
’
val [hash_map_insert_in_list_loop_fwd_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::insert_in_list]: loop 0: forward function *)
hash_map_insert_in_list_loop_fwd
(key : usize) (value : 't) (ls : 't list_t) : bool result =
(case ls of
| ListCons ckey cvalue tl =>
if ckey = key
then Return F
else hash_map_insert_in_list_loop_fwd key value tl
| ListNil => Return T)
’
val hash_map_insert_in_list_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::insert_in_list]: forward function *)
hash_map_insert_in_list_fwd
(key : usize) (value : 't) (ls : 't list_t) : bool result =
hash_map_insert_in_list_loop_fwd key value ls
’
val [hash_map_insert_in_list_loop_back_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::insert_in_list]: loop 0: backward function 0 *)
hash_map_insert_in_list_loop_back
(key : usize) (value : 't) (ls : 't list_t) : 't list_t result =
(case ls of
| ListCons ckey cvalue tl =>
if ckey = key
then Return (ListCons ckey value tl)
else (
do
tl0 <- hash_map_insert_in_list_loop_back key value tl;
Return (ListCons ckey cvalue tl0)
od)
| ListNil => let l = ListNil in Return (ListCons key value l))
’
val hash_map_insert_in_list_back_def = Define ‘
(** [hashmap::HashMap::{0}::insert_in_list]: backward function 0 *)
hash_map_insert_in_list_back
(key : usize) (value : 't) (ls : 't list_t) : 't list_t result =
hash_map_insert_in_list_loop_back key value ls
’
val hash_map_insert_no_resize_fwd_back_def = Define ‘
(** [hashmap::HashMap::{0}::insert_no_resize]: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_insert_no_resize_fwd_back
(self : 't hash_map_t) (key : usize) (value : 't) : 't hash_map_t result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_mut_fwd self.hash_map_slots hash_mod;
inserted <- hash_map_insert_in_list_fwd key value l;
if inserted
then (
do
i0 <- usize_add self.hash_map_num_entries (int_to_usize 1);
l0 <- hash_map_insert_in_list_back key value l;
v <- vec_index_mut_back self.hash_map_slots hash_mod l0;
Return (self with <| hash_map_num_entries := i0; hash_map_slots := v |>)
od)
else (
do
l0 <- hash_map_insert_in_list_back key value l;
v <- vec_index_mut_back self.hash_map_slots hash_mod l0;
Return (self with <| hash_map_slots := v |>)
od)
od
od
’
(** [core::num::u32::{8}::MAX] *)
Definition core_num_u32_max_body_def:
core_num_u32_max_body : u32 result = Return (int_to_u32 4294967295)
End
Definition core_num_u32_max_c_def:
core_num_u32_max_c : u32 = get_return_value core_num_u32_max_body
End
val [hash_map_move_elements_from_list_loop_fwd_back_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::move_elements_from_list]: loop 0: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_move_elements_from_list_loop_fwd_back
(ntable : 't hash_map_t) (ls : 't list_t) : 't hash_map_t result =
(case ls of
| ListCons k v tl =>
do
ntable0 <- hash_map_insert_no_resize_fwd_back ntable k v;
hash_map_move_elements_from_list_loop_fwd_back ntable0 tl
od
| ListNil => Return ntable)
’
val hash_map_move_elements_from_list_fwd_back_def = Define ‘
(** [hashmap::HashMap::{0}::move_elements_from_list]: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_move_elements_from_list_fwd_back
(ntable : 't hash_map_t) (ls : 't list_t) : 't hash_map_t result =
hash_map_move_elements_from_list_loop_fwd_back ntable ls
’
val [hash_map_move_elements_loop_fwd_back_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::move_elements]: loop 0: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_move_elements_loop_fwd_back
(ntable : 't hash_map_t) (slots : 't list_t vec) (i : usize) :
('t hash_map_t # 't list_t vec) result
=
let i0 = vec_len slots in
if usize_lt i i0
then (
do
l <- vec_index_mut_fwd slots i;
let ls = mem_replace_fwd l ListNil in
do
ntable0 <- hash_map_move_elements_from_list_fwd_back ntable ls;
i1 <- usize_add i (int_to_usize 1);
let l0 = mem_replace_back l ListNil in
do
slots0 <- vec_index_mut_back slots i l0;
hash_map_move_elements_loop_fwd_back ntable0 slots0 i1
od
od
od)
else Return (ntable, slots)
’
val hash_map_move_elements_fwd_back_def = Define ‘
(** [hashmap::HashMap::{0}::move_elements]: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_move_elements_fwd_back
(ntable : 't hash_map_t) (slots : 't list_t vec) (i : usize) :
('t hash_map_t # 't list_t vec) result
=
hash_map_move_elements_loop_fwd_back ntable slots i
’
val hash_map_try_resize_fwd_back_def = Define ‘
(** [hashmap::HashMap::{0}::try_resize]: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_try_resize_fwd_back (self : 't hash_map_t) : 't hash_map_t result =
do
max_usize <- mk_usize (u32_to_int core_num_u32_max_c);
let capacity = vec_len self.hash_map_slots in
do
n1 <- usize_div max_usize (int_to_usize 2);
let (i, i0) = self.hash_map_max_load_factor in
do
i1 <- usize_div n1 i;
if usize_le capacity i1
then (
do
i2 <- usize_mul capacity (int_to_usize 2);
ntable <- hash_map_new_with_capacity_fwd i2 i i0;
(ntable0, _) <-
hash_map_move_elements_fwd_back ntable self.hash_map_slots
(int_to_usize 0);
Return
(ntable0
with
<|
hash_map_num_entries := self.hash_map_num_entries;
hash_map_max_load_factor := (i, i0)
|>)
od)
else Return (self with <| hash_map_max_load_factor := (i, i0) |>)
od
od
od
’
val hash_map_insert_fwd_back_def = Define ‘
(** [hashmap::HashMap::{0}::insert]: merged forward/backward function
(there is a single backward function, and the forward function returns ()) *)
hash_map_insert_fwd_back
(self : 't hash_map_t) (key : usize) (value : 't) : 't hash_map_t result =
do
self0 <- hash_map_insert_no_resize_fwd_back self key value;
i <- hash_map_len_fwd self0;
if usize_gt i self0.hash_map_max_load
then hash_map_try_resize_fwd_back self0
else Return self0
od
’
val [hash_map_contains_key_in_list_loop_fwd_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::contains_key_in_list]: loop 0: forward function *)
hash_map_contains_key_in_list_loop_fwd
(key : usize) (ls : 't list_t) : bool result =
(case ls of
| ListCons ckey t tl =>
if ckey = key
then Return T
else hash_map_contains_key_in_list_loop_fwd key tl
| ListNil => Return F)
’
val hash_map_contains_key_in_list_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::contains_key_in_list]: forward function *)
hash_map_contains_key_in_list_fwd
(key : usize) (ls : 't list_t) : bool result =
hash_map_contains_key_in_list_loop_fwd key ls
’
val hash_map_contains_key_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::contains_key]: forward function *)
hash_map_contains_key_fwd
(self : 't hash_map_t) (key : usize) : bool result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_fwd self.hash_map_slots hash_mod;
hash_map_contains_key_in_list_fwd key l
od
od
’
val [hash_map_get_in_list_loop_fwd_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::get_in_list]: loop 0: forward function *)
hash_map_get_in_list_loop_fwd (key : usize) (ls : 't list_t) : 't result =
(case ls of
| ListCons ckey cvalue tl =>
if ckey = key
then Return cvalue
else hash_map_get_in_list_loop_fwd key tl
| ListNil => Fail Failure)
’
val hash_map_get_in_list_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::get_in_list]: forward function *)
hash_map_get_in_list_fwd (key : usize) (ls : 't list_t) : 't result =
hash_map_get_in_list_loop_fwd key ls
’
val hash_map_get_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::get]: forward function *)
hash_map_get_fwd (self : 't hash_map_t) (key : usize) : 't result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_fwd self.hash_map_slots hash_mod;
hash_map_get_in_list_fwd key l
od
od
’
val [hash_map_get_mut_in_list_loop_fwd_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::get_mut_in_list]: loop 0: forward function *)
hash_map_get_mut_in_list_loop_fwd
(ls : 't list_t) (key : usize) : 't result =
(case ls of
| ListCons ckey cvalue tl =>
if ckey = key
then Return cvalue
else hash_map_get_mut_in_list_loop_fwd tl key
| ListNil => Fail Failure)
’
val hash_map_get_mut_in_list_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::get_mut_in_list]: forward function *)
hash_map_get_mut_in_list_fwd (ls : 't list_t) (key : usize) : 't result =
hash_map_get_mut_in_list_loop_fwd ls key
’
val [hash_map_get_mut_in_list_loop_back_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::get_mut_in_list]: loop 0: backward function 0 *)
hash_map_get_mut_in_list_loop_back
(ls : 't list_t) (key : usize) (ret : 't) : 't list_t result =
(case ls of
| ListCons ckey cvalue tl =>
if ckey = key
then Return (ListCons ckey ret tl)
else (
do
tl0 <- hash_map_get_mut_in_list_loop_back tl key ret;
Return (ListCons ckey cvalue tl0)
od)
| ListNil => Fail Failure)
’
val hash_map_get_mut_in_list_back_def = Define ‘
(** [hashmap::HashMap::{0}::get_mut_in_list]: backward function 0 *)
hash_map_get_mut_in_list_back
(ls : 't list_t) (key : usize) (ret : 't) : 't list_t result =
hash_map_get_mut_in_list_loop_back ls key ret
’
val hash_map_get_mut_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::get_mut]: forward function *)
hash_map_get_mut_fwd (self : 't hash_map_t) (key : usize) : 't result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_mut_fwd self.hash_map_slots hash_mod;
hash_map_get_mut_in_list_fwd l key
od
od
’
val hash_map_get_mut_back_def = Define ‘
(** [hashmap::HashMap::{0}::get_mut]: backward function 0 *)
hash_map_get_mut_back
(self : 't hash_map_t) (key : usize) (ret : 't) : 't hash_map_t result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_mut_fwd self.hash_map_slots hash_mod;
l0 <- hash_map_get_mut_in_list_back l key ret;
v <- vec_index_mut_back self.hash_map_slots hash_mod l0;
Return (self with <| hash_map_slots := v |>)
od
od
’
val [hash_map_remove_from_list_loop_fwd_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::remove_from_list]: loop 0: forward function *)
hash_map_remove_from_list_loop_fwd
(key : usize) (ls : 't list_t) : 't option result =
(case ls of
| ListCons ckey t tl =>
if ckey = key
then
let mv_ls = mem_replace_fwd (ListCons ckey t tl) ListNil in
(case mv_ls of
| ListCons i cvalue tl0 => Return (SOME cvalue)
| ListNil => Fail Failure)
else hash_map_remove_from_list_loop_fwd key tl
| ListNil => Return NONE)
’
val hash_map_remove_from_list_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::remove_from_list]: forward function *)
hash_map_remove_from_list_fwd
(key : usize) (ls : 't list_t) : 't option result =
hash_map_remove_from_list_loop_fwd key ls
’
val [hash_map_remove_from_list_loop_back_def] = DefineDiv ‘
(** [hashmap::HashMap::{0}::remove_from_list]: loop 0: backward function 1 *)
hash_map_remove_from_list_loop_back
(key : usize) (ls : 't list_t) : 't list_t result =
(case ls of
| ListCons ckey t tl =>
if ckey = key
then
let mv_ls = mem_replace_fwd (ListCons ckey t tl) ListNil in
(case mv_ls of
| ListCons i cvalue tl0 => Return tl0
| ListNil => Fail Failure)
else (
do
tl0 <- hash_map_remove_from_list_loop_back key tl;
Return (ListCons ckey t tl0)
od)
| ListNil => Return ListNil)
’
val hash_map_remove_from_list_back_def = Define ‘
(** [hashmap::HashMap::{0}::remove_from_list]: backward function 1 *)
hash_map_remove_from_list_back
(key : usize) (ls : 't list_t) : 't list_t result =
hash_map_remove_from_list_loop_back key ls
’
val hash_map_remove_fwd_def = Define ‘
(** [hashmap::HashMap::{0}::remove]: forward function *)
hash_map_remove_fwd (self : 't hash_map_t) (key : usize) : 't option result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_mut_fwd self.hash_map_slots hash_mod;
x <- hash_map_remove_from_list_fwd key l;
(case x of
| NONE => Return NONE
| SOME x0 =>
do
_ <- usize_sub self.hash_map_num_entries (int_to_usize 1);
Return (SOME x0)
od)
od
od
’
val hash_map_remove_back_def = Define ‘
(** [hashmap::HashMap::{0}::remove]: backward function 0 *)
hash_map_remove_back
(self : 't hash_map_t) (key : usize) : 't hash_map_t result =
do
hash <- hash_key_fwd key;
let i = vec_len self.hash_map_slots in
do
hash_mod <- usize_rem hash i;
l <- vec_index_mut_fwd self.hash_map_slots hash_mod;
x <- hash_map_remove_from_list_fwd key l;
(case x of
| NONE =>
do
l0 <- hash_map_remove_from_list_back key l;
v <- vec_index_mut_back self.hash_map_slots hash_mod l0;
Return (self with <| hash_map_slots := v |>)
od
| SOME x0 =>
do
i0 <- usize_sub self.hash_map_num_entries (int_to_usize 1);
l0 <- hash_map_remove_from_list_back key l;
v <- vec_index_mut_back self.hash_map_slots hash_mod l0;
Return (self with <| hash_map_num_entries := i0; hash_map_slots := v |>)
od)
od
od
’
val test1_fwd_def = Define ‘
(** [hashmap::test1]: forward function *)
test1_fwd : unit result =
do
hm <- hash_map_new_fwd;
hm0 <- hash_map_insert_fwd_back hm (int_to_usize 0) (int_to_u64 42);
hm1 <- hash_map_insert_fwd_back hm0 (int_to_usize 128) (int_to_u64 18);
hm2 <- hash_map_insert_fwd_back hm1 (int_to_usize 1024) (int_to_u64 138);
hm3 <- hash_map_insert_fwd_back hm2 (int_to_usize 1056) (int_to_u64 256);
i <- hash_map_get_fwd hm3 (int_to_usize 128);
if ~ (i = int_to_u64 18)
then Fail Failure
else (
do
hm4 <- hash_map_get_mut_back hm3 (int_to_usize 1024) (int_to_u64 56);
i0 <- hash_map_get_fwd hm4 (int_to_usize 1024);
if ~ (i0 = int_to_u64 56)
then Fail Failure
else (
do
x <- hash_map_remove_fwd hm4 (int_to_usize 1024);
(case x of
| NONE => Fail Failure
| SOME x0 =>
if ~ (x0 = int_to_u64 56)
then Fail Failure
else (
do
hm5 <- hash_map_remove_back hm4 (int_to_usize 1024);
i1 <- hash_map_get_fwd hm5 (int_to_usize 0);
if ~ (i1 = int_to_u64 42)
then Fail Failure
else (
do
i2 <- hash_map_get_fwd hm5 (int_to_usize 128);
if ~ (i2 = int_to_u64 18)
then Fail Failure
else (
do
i3 <- hash_map_get_fwd hm5 (int_to_usize 1056);
if ~ (i3 = int_to_u64 256) then Fail Failure else Return ()
od)
od)
od))
od)
od)
od
’
(** Unit test for [hashmap::test1] *)
val _ = assert_return (“test1_fwd”)
val _ = export_theory ()
|