Skip to content
Snippets Groups Projects
Commit f3867263 authored by Guillaume Melquiond's avatar Guillaume Melquiond
Browse files

Remove "use import" from trywhy3's examples and fix a few other typos.

parent eab446ca
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 48 additions and 55 deletions
doc/manual.tex
+ 2
0
View file @ f3867263
...@@ -348,6 +348,8 @@ file contains other potential incompatibility. ...@@ -348,6 +348,8 @@ file contains other potential incompatibility.
\hline \hline
\texttt{namespace N} & \texttt{scope N} \\ \texttt{namespace N} & \texttt{scope N} \\
\hline \hline
\texttt{use import M} & \texttt{use M} \\
\hline
\texttt{"attribute"} & \texttt{[@attribute]} \\ \texttt{"attribute"} & \texttt{[@attribute]} \\
\hline \hline
\texttt{meta M prop P} & \texttt{meta M lemma P} or \texttt{meta M axiom P} or \texttt{meta M goal P} \\ \texttt{meta M prop P} & \texttt{meta M lemma P} or \texttt{meta M axiom P} or \texttt{meta M goal P} \\
......
src/trywhy3/examples/ex1_eucl_div.mlw
+ 2
4
View file @ f3867263
(* Euclidean division (* Euclidean division
1. Prove soundness, i.e. (division a b) returns an integer q such that 1. Prove soundness, i.e. (division a b) returns an integer q such that
...@@ -9,13 +8,12 @@ ...@@ -9,13 +8,12 @@
2. Prove termination. 2. Prove termination.
(You may have to strengthen the precondition even further.) (You may have to strengthen the precondition even further.)
*) *)
module Division module Division
use import int.Int use int.Int
use import ref.Ref use ref.Ref
let division (a b: int) : int let division (a b: int) : int
requires { true } requires { true }
......
src/trywhy3/examples/ex2_fact.mlw
+ 9
11
View file @ f3867263
(* Two programs to compute the factorial
(* Two programs to compute the factorial.
Note: function "fact" from module int.Fact (already imported) Note: function "fact" from module int.Fact (already imported)
can be used in specifications. can be used in specifications.
...@@ -12,20 +11,19 @@ ...@@ -12,20 +11,19 @@
b. Prove its termination. b. Prove its termination.
2. In module FactLoop 2. In module FactLoop:
a. Prove soundness of function fact_loop a. Prove soundness of function fact_loop.
b. Prove its termination b. Prove its termination.
c. Change the code to use a for loop instead of a while loop. c. Change the code to use a for loop instead of a while loop.
*) *)
module FactRecursive module FactRecursive
use import int.Int use int.Int
use import int.Fact use int.Fact
let rec fact_rec (n: int) : int let rec fact_rec (n: int) : int
requires { true } requires { true }
...@@ -37,9 +35,9 @@ end ...@@ -37,9 +35,9 @@ end
module FactLoop module FactLoop
use import int.Int use int.Int
use import int.Fact use int.Fact
use import ref.Ref use ref.Ref
let fact_loop (n: int) : int let fact_loop (n: int) : int
requires { true } requires { true }
......
src/trywhy3/examples/ex3_multiplication.mlw
+ 8
6
View file @ f3867263
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
Multiply two integers a and b using only addition, multiplication by 2, Multiply two integers a and b using only addition, multiplication by 2,
and division by 2. You may assume b to be nonnegative. and division by 2. You may assume b to be nonnegative.
Note: library int.ComputerDivision (already imported) provide functions Note: library int.ComputerDivision (already imported) provides functions
"div" and "mod". "div" and "mod".
Questions: Questions:
...@@ -11,14 +11,13 @@ ...@@ -11,14 +11,13 @@
1. Prove soundness of function multiplication. 1. Prove soundness of function multiplication.
2. Prove its termination. 2. Prove its termination.
*) *)
module Multiplication module Multiplication
use import int.Int use int.Int
use import int.ComputerDivision use int.ComputerDivision
use import ref.Ref use ref.Ref
let multiplication (a b: int) : int let multiplication (a b: int) : int
requires { true } requires { true }
...@@ -34,8 +33,11 @@ module Multiplication ...@@ -34,8 +33,11 @@ module Multiplication
done; done;
!z !z
let main () =
multiplication 10 13
end end
(* Note: this is exactly the same algorithm as exponentiation by squarring (* Note: this is exactly the same algorithm as exponentiation by squaring
with power/*/1 being replaced by */+/0. with power/*/1 being replaced by */+/0.
*) *)
\ No newline at end of file
src/trywhy3/examples/ex4_two_way.mlw
+ 7
9
View file @ f3867263
(* Two Way Sort (* Two Way Sort
The following program sorts an array of Boolean values, with False<True. The following program sorts an array of Boolean values, with False<True.
...@@ -18,17 +17,16 @@ ...@@ -18,17 +17,16 @@
You can refer to the contents of array a at the beginning of the You can refer to the contents of array a at the beginning of the
function with notation (at a 'Init). function with notation (at a 'Init).
*) *)
module TwoWaySort module TwoWaySort
use import int.Int use int.Int
use import bool.Bool use bool.Bool
use import ref.Refint use ref.Refint
use import array.Array use array.Array
use import array.ArraySwap use array.ArraySwap
use import array.ArrayPermut use array.ArrayPermut
predicate (<<) (x y: bool) = x = False \/ y = True predicate (<<) (x y: bool) = x = False \/ y = True
...@@ -38,7 +36,7 @@ module TwoWaySort ...@@ -38,7 +36,7 @@ module TwoWaySort
let two_way_sort (a: array bool) : unit let two_way_sort (a: array bool) : unit
ensures { true } ensures { true }
= =
'Init: label Init in
let i = ref 0 in let i = ref 0 in
let j = ref (length a - 1) in let j = ref (length a - 1) in
while !i < !j do while !i < !j do
......
src/trywhy3/examples/ex5_flag.mlw
+ 5
7
View file @ f3867263
(* Dijkstra's "Dutch national flag" (* Dijkstra's "Dutch national flag"
The following program sorts an array whose elements may have three The following program sorts an array whose elements may have three
...@@ -22,16 +21,15 @@ ...@@ -22,16 +21,15 @@
4. Show that after execution the array contents is a permutation of its 4. Show that after execution the array contents is a permutation of its
initial contents. Use the library predicate "permut_all" to do so initial contents. Use the library predicate "permut_all" to do so
(the corresponding module ArrayPermut is already imported). (the corresponding module ArrayPermut is already imported).
*) *)
module Flag module Flag
use import int.Int use int.Int
use import ref.Ref use ref.Ref
use import array.Array use array.Array
use import array.ArraySwap use array.ArraySwap
use import array.ArrayPermut use array.ArrayPermut
type color = Blue | White | Red type color = Blue | White | Red
......
src/trywhy3/examples/ex6_buffer.mlw
+ 12
13
View file @ f3867263
(* Ring buffer (from the 2nd Verified Software Competition 2012) (* Ring buffer (from the 2nd Verified Software Competition 2012)
Implement operations create, clear, push, head, and pop below (that Implement operations create, clear, push, head, and pop below (that
...@@ -8,9 +7,9 @@ ...@@ -8,9 +7,9 @@
module RingBuffer module RingBuffer
use import int.Int use int.Int
use import seq.Seq use seq.Seq
use import array.Array use array.Array
type queue 'a = { type queue 'a = {
mutable first: int; mutable first: int;
...@@ -20,15 +19,15 @@ module RingBuffer ...@@ -20,15 +19,15 @@ module RingBuffer
ghost mutable sequence: Seq.seq 'a; ghost mutable sequence: Seq.seq 'a;
} }
invariant { invariant {
self.capacity = Array.length self.data /\ capacity = Array.length data /\
0 <= self.first < self.capacity /\ 0 <= first < capacity /\
0 <= self.len <= self.capacity /\ 0 <= len <= capacity /\
self.len = Seq.length self.sequence /\ len = Seq.length sequence /\
forall i: int. 0 <= i < self.len -> forall i: int. 0 <= i < len ->
Seq.([]) self.sequence i = Seq.([]) sequence i =
self.data[if self.first + i < self.capacity data[if first + i < capacity
then self.first + i then first + i
else self.first + i - self.capacity] else first + i - capacity]
} }
val create (n: int) (dummy: 'a) : queue 'a val create (n: int) (dummy: 'a) : queue 'a
......
src/trywhy3/examples/ex7_fill.mlw
+ 3
5
View file @ f3867263
(* (Exercise borrowed from Rustan Leino's Dafny tutorial at VSTTE 2012) (* (Exercise borrowed from Rustan Leino's Dafny tutorial at VSTTE 2012)
Function "fill" below stores the elements of tree "t" in array "a", Function "fill" below stores the elements of tree "t" in array "a",
...@@ -8,7 +7,7 @@ ...@@ -8,7 +7,7 @@
Questions: Questions:
1. Prove safety i.e. the absence of array access out of bounds. 1. Prove safety, i.e. the absence of array access out of bounds.
(You have to strengthen the precondition.) (You have to strengthen the precondition.)
2. Show that, after the execution of "fill", the elements in 2. Show that, after the execution of "fill", the elements in
...@@ -19,13 +18,12 @@ ...@@ -19,13 +18,12 @@
"contains" below). "contains" below).
4. Prove termination of function "fill". 4. Prove termination of function "fill".
*) *)
module Fill module Fill
use import int.Int use int.Int
use import array.Array use array.Array
type elt type elt
type tree = Null | Node tree elt tree type tree = Null | Node tree elt tree
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment