diff --git a/cargo-creusot/src/options.rs b/cargo-creusot/src/options.rs index e4a7897a78..0fa2cb17f6 100644 --- a/cargo-creusot/src/options.rs +++ b/cargo-creusot/src/options.rs @@ -32,6 +32,9 @@ pub struct CreusotArgs { /// Check the installed why3 version. #[clap(long, default_value_t = true, action = clap::ArgAction::Set)] pub check_why3: bool, + /// Use `result` as the trigger of definition and specification axioms of logic/ghost/predicate functions + #[clap(long, default_value_t = false, action = clap::ArgAction::Set)] + pub simple_triggers: bool, } /// Parse a single key-value pair diff --git a/creusot-contracts-proc/src/lib.rs b/creusot-contracts-proc/src/lib.rs index a9dea895cd..9a4cc1b018 100644 --- a/creusot-contracts-proc/src/lib.rs +++ b/creusot-contracts-proc/src/lib.rs @@ -543,7 +543,8 @@ pub fn law(_: TS1, tokens: TS1) -> TS1 { let tokens = TokenStream::from(tokens); TS1::from(quote! { #[creusot::decl::law] - #[::creusot_contracts::ghost] + #[creusot::decl::no_trigger] + #[::creusot_contracts::logic] #tokens }) } diff --git a/creusot-contracts/src/logic.rs b/creusot-contracts/src/logic.rs index 568ed21121..7d66d19075 100644 --- a/creusot-contracts/src/logic.rs +++ b/creusot-contracts/src/logic.rs @@ -5,7 +5,7 @@ mod fset; mod int; mod mapping; mod ops; -mod ord; +pub mod ord; mod seq; mod set; diff --git a/creusot-contracts/src/logic/ord.rs b/creusot-contracts/src/logic/ord.rs index 7a4c223db6..e5f9177019 100644 --- a/creusot-contracts/src/logic/ord.rs +++ b/creusot-contracts/src/logic/ord.rs @@ -70,6 +70,67 @@ pub trait OrdLogic { fn eq_cmp(x: Self, y: Self); } +#[macro_export] +macro_rules! ord_laws_impl { + () => { + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn cmp_le_log(_: Self, _: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn cmp_lt_log(_: Self, _: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn cmp_ge_log(_: Self, _: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn cmp_gt_log(_: Self, _: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn refl(_: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn trans(_: Self, _: Self, _: Self, _: Ordering) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn antisym1(_: Self, _: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn antisym2(_: Self, _: Self) { + () + } + + #[::creusot_contracts::law] + #[::creusot_contracts::open(self)] + fn eq_cmp(_: Self, _: Self) { + () + } + }; +} + +pub use ord_laws_impl; + macro_rules! ord_logic_impl { ($t:ty) => { impl OrdLogic for $t { @@ -117,59 +178,7 @@ macro_rules! ord_logic_impl { true } - #[ghost] - #[open(self)] - fn cmp_le_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn cmp_lt_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn cmp_ge_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn cmp_gt_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn refl(_: Self) { - () - } - - #[ghost] - #[open(self)] - fn trans(_: Self, _: Self, _: Self, _: Ordering) { - () - } - - #[ghost] - #[open(self)] - fn antisym1(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn antisym2(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn eq_cmp(_: Self, _: Self) { - () - } + ord_laws_impl! {} } }; } @@ -202,41 +211,7 @@ impl OrdLogic for bool { } } - #[ghost] - #[open(self)] - fn cmp_le_log(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn cmp_lt_log(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn cmp_ge_log(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn cmp_gt_log(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn refl(_: Self) {} - - #[ghost] - #[open(self)] - fn trans(_: Self, _: Self, _: Self, _: Ordering) {} - - #[ghost] - #[open(self)] - fn antisym1(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn antisym2(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn eq_cmp(_: Self, _: Self) {} + ord_laws_impl! {} } impl OrdLogic for (A, B) { @@ -259,59 +234,25 @@ impl OrdLogic for (A, B) { pearlite! { (self.0 == o.0 && self.1 <= o.1) || self.0 <= o.0 } } - #[ghost] - #[open(self)] - fn cmp_le_log(_: Self, _: Self) {} - #[ghost] #[open] fn lt_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 < o.1) || self.0 < o.0 } } - #[ghost] - #[open(self)] - fn cmp_lt_log(_: Self, _: Self) {} - #[ghost] #[open] fn ge_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 >= o.1) || self.0 >= o.0 } } - #[ghost] - #[open(self)] - fn cmp_ge_log(_: Self, _: Self) {} - #[ghost] #[open] fn gt_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 > o.1) || self.0 > o.0 } } - #[ghost] - #[open(self)] - fn cmp_gt_log(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn refl(_: Self) {} - - #[ghost] - #[open(self)] - fn trans(_: Self, _: Self, _: Self, _: Ordering) {} - - #[ghost] - #[open(self)] - fn antisym1(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn antisym2(_: Self, _: Self) {} - - #[ghost] - #[open(self)] - fn eq_cmp(_: Self, _: Self) {} + ord_laws_impl! {} } impl OrdLogic for Option { @@ -326,52 +267,5 @@ impl OrdLogic for Option { } } - #[law] - #[open(self)] - #[ensures(x.le_log(y) == (x.cmp_log(y) != Ordering::Greater))] - fn cmp_le_log(x: Self, y: Self) {} - - #[law] - #[open(self)] - #[ensures(x.lt_log(y) == (x.cmp_log(y) == Ordering::Less))] - fn cmp_lt_log(x: Self, y: Self) {} - - #[law] - #[open(self)] - #[ensures(x.ge_log(y) == (x.cmp_log(y) != Ordering::Less))] - fn cmp_ge_log(x: Self, y: Self) {} - - #[law] - #[open(self)] - #[ensures(x.gt_log(y) == (x.cmp_log(y) == Ordering::Greater))] - fn cmp_gt_log(x: Self, y: Self) {} - - #[law] - #[open(self)] - #[ensures(x.cmp_log(x) == Ordering::Equal)] - fn refl(x: Self) {} - - #[law] - #[open(self)] - #[requires(x.cmp_log(y) == o)] - #[requires(y.cmp_log(z) == o)] - #[ensures(x.cmp_log(z) == o)] - fn trans(x: Self, y: Self, z: Self, o: Ordering) {} - - #[law] - #[open(self)] - #[requires(x.cmp_log(y) == Ordering::Less)] - #[ensures(y.cmp_log(x) == Ordering::Greater)] - fn antisym1(x: Self, y: Self) {} - - #[law] - #[open(self)] - #[requires(x.cmp_log(y) == Ordering::Greater)] - #[ensures(y.cmp_log(x) == Ordering::Less)] - fn antisym2(x: Self, y: Self) {} - - #[law] - #[open(self)] - #[ensures((x == y) == (x.cmp_log(y) == Ordering::Equal))] - fn eq_cmp(x: Self, y: Self) {} + ord_laws_impl! {} } diff --git a/creusot-contracts/src/num_rational.rs b/creusot-contracts/src/num_rational.rs index 8593cd2d86..f6a50878fa 100644 --- a/creusot-contracts/src/num_rational.rs +++ b/creusot-contracts/src/num_rational.rs @@ -65,57 +65,5 @@ impl OrdLogic for Real { true } - #[ghost] - #[open(self)] - fn cmp_le_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn cmp_lt_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn cmp_ge_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn cmp_gt_log(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn refl(_: Self) { - () - } - - #[ghost] - #[open(self)] - fn trans(_: Self, _: Self, _: Self, _: Ordering) { - () - } - - #[ghost] - #[open(self)] - fn antisym1(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn antisym2(_: Self, _: Self) { - () - } - - #[ghost] - #[open(self)] - fn eq_cmp(_: Self, _: Self) { - () - } + crate::logic::ord::ord_laws_impl! {} } diff --git a/creusot-rustc/src/options.rs b/creusot-rustc/src/options.rs index b97e4ab7a1..30511b8116 100644 --- a/creusot-rustc/src/options.rs +++ b/creusot-rustc/src/options.rs @@ -35,6 +35,9 @@ pub struct CreusotArgs { /// Check the installed why3 version. #[clap(long, default_value_t = true, action = clap::ArgAction::Set)] pub check_why3: bool, + /// uses `result` as the trigger of definition and specification axioms of logic/ghost/predicate functions + #[clap(long, default_value_t = false, action = clap::ArgAction::Set)] + pub simple_triggers: bool, } /// Parse a single key-value pair @@ -93,6 +96,7 @@ impl CreusotArgs { in_cargo: cargo_creusot, span_mode: span_mode, match_str: self.focus_on, + simple_triggers: self.simple_triggers, } } } diff --git a/creusot/src/backend/logic.rs b/creusot/src/backend/logic.rs index 5cfa3b152a..642965da4a 100644 --- a/creusot/src/backend/logic.rs +++ b/creusot/src/backend/logic.rs @@ -9,7 +9,7 @@ use crate::{ use rustc_hir::def_id::DefId; use why3::{ declaration::*, - exp::{BinOp, Binder, Exp}, + exp::{BinOp, Binder, Exp, Trigger}, Ident, QName, }; @@ -269,7 +269,8 @@ pub(crate) fn spec_axiom(sig: &Signature) -> Axiom { let mut condition = preconditions.rfold(postcondition, |acc, arg| arg.implies(acc)); let func_call = function_call(sig); - condition.subst(&[("result".into(), func_call)].into_iter().collect()); + let trigger = sig.trigger.clone().unwrap_or_else(|| Trigger::single(func_call.clone())); + condition.subst(&[("result".into(), func_call.clone())].into_iter().collect()); let args: Vec<(_, _)> = sig .args .iter() @@ -278,7 +279,8 @@ pub(crate) fn spec_axiom(sig: &Signature) -> Axiom { .filter(|arg| &*arg.0 != "_") .collect(); - let axiom = if args.is_empty() { condition } else { Exp::Forall(args, Box::new(condition)) }; + let axiom = + if args.is_empty() { condition } else { Exp::forall_trig(args, trigger, condition) }; Axiom { name: format!("{}_spec", &*sig.name).into(), rewrite: false, axiom } } @@ -301,15 +303,17 @@ fn function_call(sig: &Signature) -> Exp { fn definition_axiom(sig: &Signature, body: Exp) -> Axiom { let call = function_call(sig); + let trigger = sig.trigger.clone().unwrap_or_else(|| Trigger::single(call.clone())); - let equation = Exp::BinaryOp(BinOp::Eq, Box::new(call), Box::new(body)); + let equation = Exp::BinaryOp(BinOp::Eq, Box::new(call.clone()), Box::new(body)); let preconditions = sig.contract.requires.iter().cloned(); let condition = preconditions.rfold(equation, |acc, arg| arg.implies(acc)); let args: Vec<_> = sig.args.clone().into_iter().flat_map(|b| b.var_type_pairs()).collect(); - let axiom = if args.is_empty() { condition } else { Exp::Forall(args, Box::new(condition)) }; + let axiom = + if args.is_empty() { condition } else { Exp::forall_trig(args, trigger, condition) }; Axiom { name: "def".into(), rewrite: false, axiom } } diff --git a/creusot/src/backend/signature.rs b/creusot/src/backend/signature.rs index 30d83a8b8a..723f864982 100644 --- a/creusot/src/backend/signature.rs +++ b/creusot/src/backend/signature.rs @@ -1,14 +1,17 @@ use rustc_hir::{def::Namespace, def_id::DefId}; use why3::{ declaration::{Contract, Signature}, - exp::Binder, + exp::{Binder, Trigger}, + ty::Type, }; use crate::{ backend, ctx::CloneMap, translation::specification::PreContract, - util::{ident_of, item_name, why3_attrs, AnonymousParamName, PreSignature}, + util::{ + ident_of, item_name, should_replace_trigger, why3_attrs, AnonymousParamName, PreSignature, + }, }; use super::{term::lower_pure, Why3Generator}; @@ -63,7 +66,15 @@ pub(crate) fn sig_to_why3<'tcx>( let retty = names .with_public_clones(|names| backend::ty::translate_ty(ctx, names, span, pre_sig.output)); - Signature { name, attrs, retty: Some(retty), args, contract } + let trigger = if ctx.opts.simple_triggers + && should_replace_trigger(ctx.tcx, def_id) + && retty != Type::UNIT + { + None + } else { + Some(Trigger::NONE) + }; + Signature { name, trigger, attrs, retty: Some(retty), args, contract } } fn contract_to_why3<'tcx>( diff --git a/creusot/src/backend/term.rs b/creusot/src/backend/term.rs index 9c3a4f1f29..63759b1b67 100644 --- a/creusot/src/backend/term.rs +++ b/creusot/src/backend/term.rs @@ -151,19 +151,13 @@ impl<'tcx> Lower<'_, 'tcx> { TermKind::Forall { binder, box body } => { let ty = translate_ty(self.ctx, self.names, rustc_span::DUMMY_SP, binder.1); self.pure_exp(|this| { - Exp::Forall( - vec![(binder.0.to_string().into(), ty)], - Box::new(this.lower_term(body)), - ) + Exp::forall(vec![(binder.0.to_string().into(), ty)], this.lower_term(body)) }) } TermKind::Exists { binder, box body } => { let ty = translate_ty(self.ctx, self.names, rustc_span::DUMMY_SP, binder.1); self.pure_exp(|this| { - Exp::Exists( - vec![(binder.0.to_string().into(), ty)], - Box::new(this.lower_term(body)), - ) + Exp::exists(vec![(binder.0.to_string().into(), ty)], this.lower_term(body)) }) } TermKind::Constructor { typ, variant, fields } => { diff --git a/creusot/src/backend/ty.rs b/creusot/src/backend/ty.rs index 0f5f494cfb..9a280e22f1 100644 --- a/creusot/src/backend/ty.rs +++ b/creusot/src/backend/ty.rs @@ -23,7 +23,7 @@ use why3::{ AdtDecl, ConstructorDecl, Contract, Decl, Field, LetDecl, LetKind, Module, Signature, TyDecl, Use, }, - exp::{Binder, Exp, Pattern}, + exp::{Binder, Exp, Pattern, Trigger}, ty::Type as MlT, Ident, QName, }; @@ -499,6 +499,7 @@ pub(crate) fn translate_accessor( variant_ix.into(), &variant_arities, (ix, target_ty, false), + &ctx.ctx, ) } @@ -508,12 +509,16 @@ pub(crate) fn build_accessor( variant_ix: usize, variant_arities: &[(QName, usize)], target_field: (usize, MlT, bool), + ctx: &TranslationCtx<'_>, ) -> Decl { let field_ty = target_field.1; let field_ix = target_field.0; + let trigger = if ctx.opts.simple_triggers { None } else { Some(Trigger::NONE) }; + let sig = Signature { name: acc_name.clone(), + trigger, attrs: Vec::new(), args: vec![Binder::typed("self".into(), this.clone())], retty: Some(field_ty.clone()), diff --git a/creusot/src/backend/ty_inv.rs b/creusot/src/backend/ty_inv.rs index d17d8cb469..2d6337b2bd 100644 --- a/creusot/src/backend/ty_inv.rs +++ b/creusot/src/backend/ty_inv.rs @@ -11,7 +11,7 @@ use rustc_middle::ty::{subst::SubstsRef, AdtDef, GenericArg, ParamEnv, Ty, TyCtx use rustc_span::{Symbol, DUMMY_SP}; use why3::{ declaration::{Axiom, Decl, Module, TyDecl}, - exp::{Constant, Exp, Pattern}, + exp::{Constant, Exp, Pattern, Trigger}, ty::Type as MlT, Ident, QName, }; @@ -187,10 +187,13 @@ fn build_inv_axiom<'tcx>( .unwrap_or_else(|| Exp::mk_true()) }; let trivial = rhs.is_true(); + let trigger = + if ctx.opts.simple_triggers { Trigger::single(lhs.clone()) } else { Trigger::NONE }; - let axiom = Exp::Forall( + let axiom = Exp::forall_trig( vec![("self".into(), translate_ty(ctx, names, DUMMY_SP, ty))], - Box::new(lhs.eq(rhs)), + trigger, + lhs.eq(rhs), ); Axiom { name, rewrite: !trivial, axiom } } @@ -333,7 +336,7 @@ fn build_inv_exp_seq<'tcx>( let mut body = build_inv_exp(ctx, names, "a".into(), ty, param_env, Mode::Field)?; body.subst(&[("a".into(), ith)].into()); - Some(Exp::Forall(vec![("i".into(), MlT::Integer)], Box::new(bounds.implies(body)))) + Some(Exp::forall(vec![("i".into(), MlT::Integer)], bounds.implies(body))) } fn build_inv_exp_adt<'tcx>( diff --git a/creusot/src/options.rs b/creusot/src/options.rs index 6ef1690560..1b36a9415c 100644 --- a/creusot/src/options.rs +++ b/creusot/src/options.rs @@ -20,6 +20,7 @@ pub struct Options { pub in_cargo: bool, pub span_mode: SpanMode, pub match_str: Option, + pub simple_triggers: bool, } #[derive(Debug, Clone)] diff --git a/creusot/src/util.rs b/creusot/src/util.rs index 0a144afc1b..c3362ce1ad 100644 --- a/creusot/src/util.rs +++ b/creusot/src/util.rs @@ -104,6 +104,10 @@ pub(crate) fn is_law(tcx: TyCtxt, def_id: DefId) -> bool { get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "law"]).is_some() } +pub(crate) fn should_replace_trigger(tcx: TyCtxt, def_id: DefId) -> bool { + get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "no_trigger"]).is_none() +} + pub(crate) fn is_extern_spec(tcx: TyCtxt, def_id: DefId) -> bool { get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "extern_spec"]).is_some() } diff --git a/creusot/tests/should_fail/bad_law.stderr b/creusot/tests/should_fail/bad_law.stderr index f88d1b5abb..0fa9046af0 100644 --- a/creusot/tests/should_fail/bad_law.stderr +++ b/creusot/tests/should_fail/bad_law.stderr @@ -4,7 +4,7 @@ error[creusot]: Laws cannot have additional generic parameters 6 | fn my_law(x: T); | ^^^^^^^^^^^^^^^^^^^ -Ghost != Program +Logic != Program error[creusot]: Expected `my_law` to be a program function as specified by the trait declaration --> bad_law.rs:10:5 | diff --git a/creusot/tests/should_succeed/bdd.mlcfg b/creusot/tests/should_succeed/bdd.mlcfg index b2e18b4e7c..61a96dad87 100644 --- a/creusot/tests/should_succeed/bdd.mlcfg +++ b/creusot/tests/should_succeed/bdd.mlcfg @@ -3996,7 +3996,7 @@ module CreusotContracts_Logic_Ord_Impl3_CmpLog use prelude.Int use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type function cmp_log (self : int) (o : int) : Core_Cmp_Ordering_Type.t_ordering = - [#"../../../../creusot-contracts/src/logic/ord.rs" 76 12 85 17] if self < o then + [#"../../../../creusot-contracts/src/logic/ord.rs" 137 12 146 17] if self < o then Core_Cmp_Ordering_Type.C_Less else if self = o then Core_Cmp_Ordering_Type.C_Equal else Core_Cmp_Ordering_Type.C_Greater @@ -4015,6 +4015,180 @@ module Core_Cmp_Impls_Impl63_Cmp_Interface val cmp (self : uint64) (other : uint64) : Core_Cmp_Ordering_Type.t_ordering ensures { [#"../../../../creusot-contracts/src/std/cmp.rs" 44 26 44 85] result = CmpLog0.cmp_log (DeepModel0.deep_model self) (DeepModel0.deep_model other) } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module Bdd_Impl11_And_Interface use prelude.Borrow @@ -4102,6 +4276,16 @@ module Bdd_Impl11_And type t = (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd), predicate Inv0.inv = Inv4.inv, axiom . + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone Bdd_Hashmap_Impl0_ShallowModel_Interface as ShallowModel1 with type k = (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd), type v = Bdd_Bdd_Type.t_bdd, @@ -4140,7 +4324,6 @@ module Bdd_Impl11_And type DeepModelTy1.deepModelTy = uint64, function DeepModel0.deep_model = DeepModel3.deep_model, function DeepModel1.deep_model = DeepModel3.deep_model - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type clone CreusotContracts_Logic_Ord_Impl3_CmpLog as CmpLog0 clone CreusotContracts_Std1_Num_Impl10_DeepModel as DeepModel1 clone CreusotContracts_Invariant_Inv_Interface as Inv1 with diff --git a/creusot/tests/should_succeed/bdd/why3session.xml b/creusot/tests/should_succeed/bdd/why3session.xml index 7f74e91a5a..73f9d98207 100644 --- a/creusot/tests/should_succeed/bdd/why3session.xml +++ b/creusot/tests/should_succeed/bdd/why3session.xml @@ -4,6 +4,8 @@ + + @@ -448,94 +450,94 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -549,13 +551,13 @@ - + - + - + @@ -570,13 +572,13 @@ - + - + - + @@ -587,16 +589,16 @@ - + - + - + - + @@ -605,12 +607,12 @@ - + - + @@ -625,13 +627,13 @@ - + - + - + @@ -646,14 +648,14 @@ - + - + @@ -664,28 +666,28 @@ - + - + - + - + - + - + @@ -694,7 +696,7 @@ - + @@ -702,10 +704,10 @@ - + - + @@ -714,7 +716,7 @@ - + @@ -724,12 +726,12 @@ - + - + @@ -740,10 +742,10 @@ - + - + diff --git a/creusot/tests/should_succeed/bdd/why3shapes.gz b/creusot/tests/should_succeed/bdd/why3shapes.gz index 2c7cabf112..d00db57426 100644 Binary files a/creusot/tests/should_succeed/bdd/why3shapes.gz and b/creusot/tests/should_succeed/bdd/why3shapes.gz differ diff --git a/creusot/tests/should_succeed/bug/387.mlcfg b/creusot/tests/should_succeed/bug/387.mlcfg index 7d5b0ddbc1..03541c9e39 100644 --- a/creusot/tests/should_succeed/bug/387.mlcfg +++ b/creusot/tests/should_succeed/bug/387.mlcfg @@ -310,6 +310,180 @@ module CreusotContracts_Logic_Ord_Impl3_LtLog val lt_log (self : int) (_2 : int) : bool ensures { result = lt_log self _2 } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module C387_Impl0_Height_Interface use prelude.Borrow @@ -322,6 +496,16 @@ module C387_Impl0_Height use prelude.Int use prelude.UInt64 use prelude.Borrow + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone CreusotContracts_Invariant_Inv_Interface as Inv0 with type t = uint64 clone TyInv_Trivial as TyInv_Trivial0 with diff --git a/creusot/tests/should_succeed/constrained_types.mlcfg b/creusot/tests/should_succeed/constrained_types.mlcfg index b5f315e7ae..d4e89a7551 100644 --- a/creusot/tests/should_succeed/constrained_types.mlcfg +++ b/creusot/tests/should_succeed/constrained_types.mlcfg @@ -192,7 +192,7 @@ module CreusotContracts_Logic_Ord_Impl1_LtLog clone CreusotContracts_Logic_Ord_OrdLogic_LtLog_Stub as LtLog0 with type self = b function lt_log (self : (a, b)) (o : (a, b)) : bool = - [#"../../../../creusot-contracts/src/logic/ord.rs" 269 20 269 67] (let (a, _) = self in a) = (let (a, _) = o in a) /\ LtLog0.lt_log (let (_, a) = self in a) (let (_, a) = o in a) \/ LtLog1.lt_log (let (a, _) = self in a) (let (a, _) = o in a) + [#"../../../../creusot-contracts/src/logic/ord.rs" 240 20 240 67] (let (a, _) = self in a) = (let (a, _) = o in a) /\ LtLog0.lt_log (let (_, a) = self in a) (let (_, a) = o in a) \/ LtLog1.lt_log (let (a, _) = self in a) (let (a, _) = o in a) val lt_log (self : (a, b)) (o : (a, b)) : bool ensures { result = lt_log self o } @@ -283,6 +283,207 @@ module CreusotContracts_Std1_Tuples_Impl4_DeepModel val deep_model (self : (a, b)) : (DeepModelTy0.deepModelTy, DeepModelTy1.deepModelTy) ensures { result = deep_model self } +end +module CreusotContracts_Logic_Ord_Impl1_CmpLeLog_Stub + type a + type b + function cmp_le_log (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_CmpLeLog_Interface + type a + type b + function cmp_le_log (_1 : (a, b)) (_2 : (a, b)) : () + val cmp_le_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpLeLog + type a + type b + function cmp_le_log (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpLtLog_Stub + type a + type b + function cmp_lt_log (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_CmpLtLog_Interface + type a + type b + function cmp_lt_log (_1 : (a, b)) (_2 : (a, b)) : () + val cmp_lt_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpLtLog + type a + type b + function cmp_lt_log (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpGeLog_Stub + type a + type b + function cmp_ge_log (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_CmpGeLog_Interface + type a + type b + function cmp_ge_log (_1 : (a, b)) (_2 : (a, b)) : () + val cmp_ge_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpGeLog + type a + type b + function cmp_ge_log (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpGtLog_Stub + type a + type b + function cmp_gt_log (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_CmpGtLog_Interface + type a + type b + function cmp_gt_log (_1 : (a, b)) (_2 : (a, b)) : () + val cmp_gt_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_CmpGtLog + type a + type b + function cmp_gt_log (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_Refl_Stub + type a + type b + function refl (_1 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_Refl_Interface + type a + type b + function refl (_1 : (a, b)) : () + val refl (_1 : (a, b)) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl1_Refl + type a + type b + function refl (_1 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : (a, b)) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl1_Trans_Stub + type a + type b + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : (a, b)) (_2 : (a, b)) (_3 : (a, b)) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl1_Trans_Interface + type a + type b + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : (a, b)) (_2 : (a, b)) (_3 : (a, b)) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : (a, b)) (_2 : (a, b)) (_3 : (a, b)) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl1_Trans + type a + type b + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : (a, b)) (_2 : (a, b)) (_3 : (a, b)) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : (a, b)) (_2 : (a, b)) (_3 : (a, b)) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl1_Antisym1_Stub + type a + type b + function antisym1 (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_Antisym1_Interface + type a + type b + function antisym1 (_1 : (a, b)) (_2 : (a, b)) : () + val antisym1 (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_Antisym1 + type a + type b + function antisym1 (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_Antisym2_Stub + type a + type b + function antisym2 (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_Antisym2_Interface + type a + type b + function antisym2 (_1 : (a, b)) (_2 : (a, b)) : () + val antisym2 (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_Antisym2 + type a + type b + function antisym2 (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_EqCmp_Stub + type a + type b + function eq_cmp (_1 : (a, b)) (_2 : (a, b)) : () +end +module CreusotContracts_Logic_Ord_Impl1_EqCmp_Interface + type a + type b + function eq_cmp (_1 : (a, b)) (_2 : (a, b)) : () + val eq_cmp (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl1_EqCmp + type a + type b + function eq_cmp (_1 : (a, b)) (_2 : (a, b)) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : (a, b)) (_2 : (a, b)) : () + ensures { result = eq_cmp _1 _2 } + end module CreusotContracts_Logic_Ord_Impl3_LtLog_Stub use prelude.Int @@ -325,6 +526,180 @@ module CreusotContracts_Std1_Num_Impl7_DeepModel val deep_model (self : uint32) : int ensures { result = deep_model self } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module ConstrainedTypes_UsesConcreteInstance_Interface use prelude.Int @@ -336,9 +711,46 @@ module ConstrainedTypes_UsesConcreteInstance use prelude.Int use prelude.UInt32 use prelude.Borrow + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp1 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym21 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym11 + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans1 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl1 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog1 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog1 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog1 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog1 clone CreusotContracts_Std1_Num_Impl7_DeepModel as DeepModel2 clone CreusotContracts_Logic_Ord_Impl3_LtLog as LtLog1 use prelude.Int + clone CreusotContracts_Logic_Ord_Impl1_EqCmp_Interface as EqCmp0 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_Antisym2_Interface as Antisym20 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_Antisym1_Interface as Antisym10 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_Trans_Interface as Trans0 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_Refl_Interface as Refl0 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_CmpGtLog_Interface as CmpGtLog0 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_CmpGeLog_Interface as CmpGeLog0 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_CmpLtLog_Interface as CmpLtLog0 with + type a = int, + type b = int + clone CreusotContracts_Logic_Ord_Impl1_CmpLeLog_Interface as CmpLeLog0 with + type a = int, + type b = int clone CreusotContracts_Std1_Tuples_Impl4_DeepModel as DeepModel1 with type a = uint32, type b = uint32, diff --git a/creusot/tests/should_succeed/constrained_types/why3shapes.gz b/creusot/tests/should_succeed/constrained_types/why3shapes.gz index bf95b3e0a9..c6053a7397 100644 Binary files a/creusot/tests/should_succeed/constrained_types/why3shapes.gz and b/creusot/tests/should_succeed/constrained_types/why3shapes.gz differ diff --git a/creusot/tests/should_succeed/instant.mlcfg b/creusot/tests/should_succeed/instant.mlcfg index 22012ece8b..c254489ec8 100644 --- a/creusot/tests/should_succeed/instant.mlcfg +++ b/creusot/tests/should_succeed/instant.mlcfg @@ -809,6 +809,180 @@ module CreusotContracts_Std1_Time_Impl1_DeepModel axiom deep_model_spec : forall self : Core_Time_Duration_Type.t_duration . ([#"../../../../creusot-contracts/src/std/time.rs" 26 14 26 44] deep_model self = ShallowModel0.shallow_model self) && ([#"../../../../creusot-contracts/src/std/time.rs" 25 14 25 77] deep_model self >= 0 /\ deep_model self <= SecsToNanos0.secs_to_nanos (UInt64.to_int Max0.mAX') + 999999999) end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end module CreusotContracts_Std1_Time_Impl3_DeepModel_Stub use prelude.Int use Std_Time_Instant_Type as Std_Time_Instant_Type @@ -1291,7 +1465,7 @@ module CreusotContracts_Logic_Ord_Impl2_CmpLog function cmp_log (self : Core_Option_Option_Type.t_option t) (o : Core_Option_Option_Type.t_option t) : Core_Cmp_Ordering_Type.t_ordering = - [#"../../../../creusot-contracts/src/logic/ord.rs" 321 8 326 9] match ((self, o)) with + [#"../../../../creusot-contracts/src/logic/ord.rs" 262 8 267 9] match ((self, o)) with | (Core_Option_Option_Type.C_None, Core_Option_Option_Type.C_None) -> Core_Cmp_Ordering_Type.C_Equal | (Core_Option_Option_Type.C_None, Core_Option_Option_Type.C_Some _) -> Core_Cmp_Ordering_Type.C_Less | (Core_Option_Option_Type.C_Some _, Core_Option_Option_Type.C_None) -> Core_Cmp_Ordering_Type.C_Greater @@ -1304,443 +1478,207 @@ end module CreusotContracts_Logic_Ord_Impl2_CmpLeLog_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_LeLog_Stub as LeLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_le_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function cmp_le_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_CmpLeLog_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_LeLog_Stub as LeLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_le_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val cmp_le_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 332 18 332 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 332 27 332 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 331 14 331 64] LeLog0.le_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Greater) } - ensures { result = cmp_le_log x y } + function cmp_le_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val cmp_le_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_le_log _1 _2 } - axiom cmp_le_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 332 18 332 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 332 27 332 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 331 14 331 64] LeLog0.le_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Greater)) end module CreusotContracts_Logic_Ord_Impl2_CmpLeLog type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_LeLog_Stub as LeLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_le_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 329 4 329 10] () - val cmp_le_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 332 18 332 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 332 27 332 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 331 14 331 64] LeLog0.le_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Greater) } - ensures { result = cmp_le_log x y } + function cmp_le_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_le_log _1 _2 } - axiom cmp_le_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 332 18 332 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 332 27 332 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 331 14 331 64] LeLog0.le_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Greater)) end module CreusotContracts_Logic_Ord_Impl2_CmpLtLog_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_LtLog_Stub as LtLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_lt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function cmp_lt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_CmpLtLog_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_LtLog_Stub as LtLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_lt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val cmp_lt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 337 18 337 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 337 27 337 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 336 14 336 61] LtLog0.lt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less) } - ensures { result = cmp_lt_log x y } + function cmp_lt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val cmp_lt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_lt_log _1 _2 } - axiom cmp_lt_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 337 18 337 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 337 27 337 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 336 14 336 61] LtLog0.lt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less)) end module CreusotContracts_Logic_Ord_Impl2_CmpLtLog type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_LtLog_Stub as LtLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_lt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 334 4 334 10] () - val cmp_lt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 337 18 337 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 337 27 337 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 336 14 336 61] LtLog0.lt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less) } - ensures { result = cmp_lt_log x y } + function cmp_lt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_lt_log _1 _2 } - axiom cmp_lt_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 337 18 337 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 337 27 337 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 336 14 336 61] LtLog0.lt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less)) end module CreusotContracts_Logic_Ord_Impl2_CmpGeLog_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_GeLog_Stub as GeLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_ge_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function cmp_ge_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_CmpGeLog_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_GeLog_Stub as GeLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_ge_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val cmp_ge_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 342 18 342 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 342 27 342 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 341 14 341 61] GeLog0.ge_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Less) } - ensures { result = cmp_ge_log x y } + function cmp_ge_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val cmp_ge_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_ge_log _1 _2 } - axiom cmp_ge_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 342 18 342 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 342 27 342 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 341 14 341 61] GeLog0.ge_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Less)) end module CreusotContracts_Logic_Ord_Impl2_CmpGeLog type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_GeLog_Stub as GeLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_ge_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 339 4 339 10] () - val cmp_ge_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 342 18 342 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 342 27 342 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 341 14 341 61] GeLog0.ge_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Less) } - ensures { result = cmp_ge_log x y } + function cmp_ge_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_ge_log _1 _2 } - axiom cmp_ge_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 342 18 342 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 342 27 342 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 341 14 341 61] GeLog0.ge_log x y = (CmpLog0.cmp_log x y <> Core_Cmp_Ordering_Type.C_Less)) end module CreusotContracts_Logic_Ord_Impl2_CmpGtLog_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_GtLog_Stub as GtLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_gt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function cmp_gt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_CmpGtLog_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_GtLog_Stub as GtLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_gt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val cmp_gt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 347 18 347 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 347 27 347 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 346 14 346 64] GtLog0.gt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater) } - ensures { result = cmp_gt_log x y } + function cmp_gt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val cmp_gt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_gt_log _1 _2 } - axiom cmp_gt_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 347 18 347 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 347 27 347 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 346 14 346 64] GtLog0.gt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater)) end module CreusotContracts_Logic_Ord_Impl2_CmpGtLog type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Logic_Ord_OrdLogic_GtLog_Stub as GtLog0 with - type self = Core_Option_Option_Type.t_option t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function cmp_gt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 344 4 344 10] () - val cmp_gt_log (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 347 18 347 19] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 347 27 347 28] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 346 14 346 64] GtLog0.gt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater) } - ensures { result = cmp_gt_log x y } + function cmp_gt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = cmp_gt_log _1 _2 } - axiom cmp_gt_log_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 347 18 347 19] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 347 27 347 28] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 346 14 346 64] GtLog0.gt_log x y = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater)) end module CreusotContracts_Logic_Ord_Impl2_Refl_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function refl (x : Core_Option_Option_Type.t_option t) : () + function refl (_1 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_Refl_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function refl (x : Core_Option_Option_Type.t_option t) : () - val refl (x : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 352 12 352 13] Inv0.inv x} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 351 14 351 45] CmpLog0.cmp_log x x = Core_Cmp_Ordering_Type.C_Equal } - ensures { result = refl x } + function refl (_1 : Core_Option_Option_Type.t_option t) : () + val refl (_1 : Core_Option_Option_Type.t_option t) : () + ensures { result = refl _1 } - axiom refl_spec : forall x : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 352 12 352 13] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 351 14 351 45] CmpLog0.cmp_log x x = Core_Cmp_Ordering_Type.C_Equal) end module CreusotContracts_Logic_Ord_Impl2_Refl type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function refl (x : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 349 4 349 10] () - val refl (x : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 352 12 352 13] Inv0.inv x} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 351 14 351 45] CmpLog0.cmp_log x x = Core_Cmp_Ordering_Type.C_Equal } - ensures { result = refl x } + function refl (_1 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : Core_Option_Option_Type.t_option t) : () + ensures { result = refl _1 } - axiom refl_spec : forall x : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 352 12 352 13] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 351 14 351 45] CmpLog0.cmp_log x x = Core_Cmp_Ordering_Type.C_Equal) end module CreusotContracts_Logic_Ord_Impl2_Trans_Stub type t use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function trans (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) (z : Core_Option_Option_Type.t_option t) (o : Core_Cmp_Ordering_Type.t_ordering) : () + function trans (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) (_3 : Core_Option_Option_Type.t_option t) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () end module CreusotContracts_Logic_Ord_Impl2_Trans_Interface type t use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function trans (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) (z : Core_Option_Option_Type.t_option t) (o : Core_Cmp_Ordering_Type.t_ordering) : () - - val trans (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) (z : Core_Option_Option_Type.t_option t) (o : Core_Cmp_Ordering_Type.t_ordering) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 356 15 356 32] CmpLog0.cmp_log x y = o} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 357 15 357 32] CmpLog0.cmp_log y z = o} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 359 13 359 14] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 359 22 359 23] Inv0.inv y} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 359 31 359 32] Inv0.inv z} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 358 14 358 31] CmpLog0.cmp_log x z = o } - ensures { result = trans x y z o } + function trans (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) (_3 : Core_Option_Option_Type.t_option t) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + + val trans (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) (_3 : Core_Option_Option_Type.t_option t) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } - axiom trans_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t, z : Core_Option_Option_Type.t_option t, o : Core_Cmp_Ordering_Type.t_ordering . ([#"../../../../creusot-contracts/src/logic/ord.rs" 356 15 356 32] CmpLog0.cmp_log x y = o) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 357 15 357 32] CmpLog0.cmp_log y z = o) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 359 13 359 14] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 359 22 359 23] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 359 31 359 32] Inv0.inv z) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 358 14 358 31] CmpLog0.cmp_log x z = o) end module CreusotContracts_Logic_Ord_Impl2_Trans type t use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function trans (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) (z : Core_Option_Option_Type.t_option t) (o : Core_Cmp_Ordering_Type.t_ordering) : () + function trans (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) (_3 : Core_Option_Option_Type.t_option t) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 354 4 354 10] () - val trans (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) (z : Core_Option_Option_Type.t_option t) (o : Core_Cmp_Ordering_Type.t_ordering) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 356 15 356 32] CmpLog0.cmp_log x y = o} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 357 15 357 32] CmpLog0.cmp_log y z = o} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 359 13 359 14] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 359 22 359 23] Inv0.inv y} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 359 31 359 32] Inv0.inv z} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 358 14 358 31] CmpLog0.cmp_log x z = o } - ensures { result = trans x y z o } + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) (_3 : Core_Option_Option_Type.t_option t) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } - axiom trans_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t, z : Core_Option_Option_Type.t_option t, o : Core_Cmp_Ordering_Type.t_ordering . ([#"../../../../creusot-contracts/src/logic/ord.rs" 356 15 356 32] CmpLog0.cmp_log x y = o) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 357 15 357 32] CmpLog0.cmp_log y z = o) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 359 13 359 14] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 359 22 359 23] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 359 31 359 32] Inv0.inv z) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 358 14 358 31] CmpLog0.cmp_log x z = o) end module CreusotContracts_Logic_Ord_Impl2_Antisym1_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function antisym1 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function antisym1 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_Antisym1_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function antisym1 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val antisym1 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 363 15 363 45] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 365 16 365 17] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 365 25 365 26] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 364 14 364 47] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Greater } - ensures { result = antisym1 x y } + function antisym1 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val antisym1 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = antisym1 _1 _2 } - axiom antisym1_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 363 15 363 45] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 365 16 365 17] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 365 25 365 26] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 364 14 364 47] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Greater) end module CreusotContracts_Logic_Ord_Impl2_Antisym1 type t use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function antisym1 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 361 4 361 10] () - val antisym1 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 363 15 363 45] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 365 16 365 17] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 365 25 365 26] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 364 14 364 47] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Greater } - ensures { result = antisym1 x y } + function antisym1 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = antisym1 _1 _2 } - axiom antisym1_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 363 15 363 45] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Less) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 365 16 365 17] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 365 25 365 26] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 364 14 364 47] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Greater) end module CreusotContracts_Logic_Ord_Impl2_Antisym2_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function antisym2 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function antisym2 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_Antisym2_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function antisym2 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val antisym2 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 369 15 369 48] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 371 16 371 17] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 371 25 371 26] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 370 14 370 44] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Less } - ensures { result = antisym2 x y } + function antisym2 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val antisym2 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = antisym2 _1 _2 } - axiom antisym2_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 369 15 369 48] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 371 16 371 17] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 371 25 371 26] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 370 14 370 44] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Less) end module CreusotContracts_Logic_Ord_Impl2_Antisym2 type t use Core_Option_Option_Type as Core_Option_Option_Type - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - function antisym2 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 367 4 367 10] () - val antisym2 (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 369 15 369 48] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 371 16 371 17] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 371 25 371 26] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 370 14 370 44] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Less } - ensures { result = antisym2 x y } + function antisym2 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = antisym2 _1 _2 } - axiom antisym2_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 369 15 369 48] CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Greater) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 371 16 371 17] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 371 25 371 26] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 370 14 370 44] CmpLog0.cmp_log y x = Core_Cmp_Ordering_Type.C_Less) end module CreusotContracts_Logic_Ord_Impl2_EqCmp_Stub type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function eq_cmp (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () + function eq_cmp (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () end module CreusotContracts_Logic_Ord_Impl2_EqCmp_Interface type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function eq_cmp (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - val eq_cmp (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 376 14 376 15] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 376 23 376 24] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 375 14 375 59] (x = y) = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Equal) } - ensures { result = eq_cmp x y } + function eq_cmp (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + val eq_cmp (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = eq_cmp _1 _2 } - axiom eq_cmp_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 376 14 376 15] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 376 23 376 24] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 375 14 375 59] (x = y) = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Equal)) end module CreusotContracts_Logic_Ord_Impl2_EqCmp type t use Core_Option_Option_Type as Core_Option_Option_Type - use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type - clone CreusotContracts_Logic_Ord_Impl2_CmpLog_Stub as CmpLog0 with - type t = t - clone CreusotContracts_Invariant_Inv_Stub as Inv0 with - type t = Core_Option_Option_Type.t_option t - function eq_cmp (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () = - [#"../../../../creusot-contracts/src/logic/ord.rs" 373 4 373 10] () - val eq_cmp (x : Core_Option_Option_Type.t_option t) (y : Core_Option_Option_Type.t_option t) : () - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 376 14 376 15] Inv0.inv x} - requires {[#"../../../../creusot-contracts/src/logic/ord.rs" 376 23 376 24] Inv0.inv y} - ensures { [#"../../../../creusot-contracts/src/logic/ord.rs" 375 14 375 59] (x = y) = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Equal) } - ensures { result = eq_cmp x y } + function eq_cmp (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : Core_Option_Option_Type.t_option t) (_2 : Core_Option_Option_Type.t_option t) : () + ensures { result = eq_cmp _1 _2 } - axiom eq_cmp_spec : forall x : Core_Option_Option_Type.t_option t, y : Core_Option_Option_Type.t_option t . ([#"../../../../creusot-contracts/src/logic/ord.rs" 376 14 376 15] Inv0.inv x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 376 23 376 24] Inv0.inv y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 375 14 375 59] (x = y) = (CmpLog0.cmp_log x y = Core_Cmp_Ordering_Type.C_Equal)) end module CreusotContracts_Logic_Ord_Impl3_CmpLog_Stub use prelude.Int @@ -1759,7 +1697,7 @@ module CreusotContracts_Logic_Ord_Impl3_CmpLog use prelude.Int use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type function cmp_log (self : int) (o : int) : Core_Cmp_Ordering_Type.t_ordering = - [#"../../../../creusot-contracts/src/logic/ord.rs" 76 12 85 17] if self < o then + [#"../../../../creusot-contracts/src/logic/ord.rs" 137 12 146 17] if self < o then Core_Cmp_Ordering_Type.C_Less else if self = o then Core_Cmp_Ordering_Type.C_Equal else Core_Cmp_Ordering_Type.C_Greater @@ -1785,70 +1723,33 @@ module Instant_TestInstant axiom . use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type clone CreusotContracts_Logic_Ord_Impl3_CmpLog as CmpLog1 + clone CreusotContracts_Logic_Ord_Impl2_EqCmp_Interface as EqCmp2 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_Antisym2_Interface as Antisym22 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_Antisym1_Interface as Antisym12 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_Trans_Interface as Trans2 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_Refl_Interface as Refl2 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_CmpGtLog_Interface as CmpGtLog2 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_CmpGeLog_Interface as CmpGeLog2 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_CmpLtLog_Interface as CmpLtLog2 with + type t = int + clone CreusotContracts_Logic_Ord_Impl2_CmpLeLog_Interface as CmpLeLog2 with + type t = int clone CreusotContracts_Logic_Ord_Impl2_CmpLog as CmpLog0 with type t = int, function CmpLog0.cmp_log = CmpLog1.cmp_log - clone CreusotContracts_Logic_Ord_Impl2_EqCmp_Interface as EqCmp1 with - type t = int, - predicate Inv0.inv = Inv4.inv, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - axiom . - clone CreusotContracts_Logic_Ord_Impl2_Antisym2_Interface as Antisym21 with - type t = int, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - predicate Inv0.inv = Inv4.inv, - axiom . - clone CreusotContracts_Logic_Ord_Impl2_Antisym1_Interface as Antisym11 with - type t = int, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - predicate Inv0.inv = Inv4.inv, - axiom . - clone CreusotContracts_Logic_Ord_Impl2_Trans_Interface as Trans1 with - type t = int, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - predicate Inv0.inv = Inv4.inv, - axiom . - clone CreusotContracts_Logic_Ord_Impl2_Refl_Interface as Refl1 with - type t = int, - predicate Inv0.inv = Inv4.inv, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_GtLog as GtLog0 with - type self = Core_Option_Option_Type.t_option int, - function CmpLog0.cmp_log = CmpLog0.cmp_log - clone CreusotContracts_Logic_Ord_Impl2_CmpGtLog_Interface as CmpGtLog1 with - type t = int, - predicate Inv0.inv = Inv4.inv, - function GtLog0.gt_log = GtLog0.gt_log, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - axiom . clone CreusotContracts_Logic_Ord_OrdLogic_GeLog as GeLog1 with type self = Core_Option_Option_Type.t_option int, function CmpLog0.cmp_log = CmpLog0.cmp_log - clone CreusotContracts_Logic_Ord_Impl2_CmpGeLog_Interface as CmpGeLog1 with - type t = int, - predicate Inv0.inv = Inv4.inv, - function GeLog0.ge_log = GeLog1.ge_log, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_LtLog as LtLog0 with - type self = Core_Option_Option_Type.t_option int, - function CmpLog0.cmp_log = CmpLog0.cmp_log - clone CreusotContracts_Logic_Ord_Impl2_CmpLtLog_Interface as CmpLtLog1 with - type t = int, - predicate Inv0.inv = Inv4.inv, - function LtLog0.lt_log = LtLog0.lt_log, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - axiom . clone CreusotContracts_Logic_Ord_OrdLogic_LeLog as LeLog0 with type self = Core_Option_Option_Type.t_option int, function CmpLog0.cmp_log = CmpLog0.cmp_log - clone CreusotContracts_Logic_Ord_Impl2_CmpLeLog_Interface as CmpLeLog1 with - type t = int, - predicate Inv0.inv = Inv4.inv, - function LeLog0.le_log = LeLog0.le_log, - function CmpLog0.cmp_log = CmpLog0.cmp_log, - axiom . use Core_Time_Duration_Type as Core_Time_Duration_Type clone CreusotContracts_Invariant_Inv_Interface as Inv3 with type t = Core_Option_Option_Type.t_option (Core_Time_Duration_Type.t_duration) @@ -1869,50 +1770,56 @@ module Instant_TestInstant type t = Core_Option_Option_Type.t_option (Std_Time_Instant_Type.t_instant), predicate Inv0.inv = Inv1.inv, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_EqCmp_Interface as EqCmp0 with + clone CreusotContracts_Logic_Ord_OrdLogic_EqCmp_Interface as EqCmp1 with type self = Core_Option_Option_Type.t_option int, predicate Inv0.inv = Inv4.inv, function CmpLog0.cmp_log = CmpLog0.cmp_log, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_Antisym2_Interface as Antisym20 with + clone CreusotContracts_Logic_Ord_OrdLogic_Antisym2_Interface as Antisym21 with type self = Core_Option_Option_Type.t_option int, function CmpLog0.cmp_log = CmpLog0.cmp_log, predicate Inv0.inv = Inv4.inv, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_Antisym1_Interface as Antisym10 with + clone CreusotContracts_Logic_Ord_OrdLogic_Antisym1_Interface as Antisym11 with type self = Core_Option_Option_Type.t_option int, function CmpLog0.cmp_log = CmpLog0.cmp_log, predicate Inv0.inv = Inv4.inv, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_Trans_Interface as Trans0 with + clone CreusotContracts_Logic_Ord_OrdLogic_Trans_Interface as Trans1 with type self = Core_Option_Option_Type.t_option int, function CmpLog0.cmp_log = CmpLog0.cmp_log, predicate Inv0.inv = Inv4.inv, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_Refl_Interface as Refl0 with + clone CreusotContracts_Logic_Ord_OrdLogic_Refl_Interface as Refl1 with type self = Core_Option_Option_Type.t_option int, predicate Inv0.inv = Inv4.inv, function CmpLog0.cmp_log = CmpLog0.cmp_log, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_CmpGtLog_Interface as CmpGtLog0 with + clone CreusotContracts_Logic_Ord_OrdLogic_GtLog as GtLog0 with + type self = Core_Option_Option_Type.t_option int, + function CmpLog0.cmp_log = CmpLog0.cmp_log + clone CreusotContracts_Logic_Ord_OrdLogic_CmpGtLog_Interface as CmpGtLog1 with type self = Core_Option_Option_Type.t_option int, predicate Inv0.inv = Inv4.inv, function GtLog0.gt_log = GtLog0.gt_log, function CmpLog0.cmp_log = CmpLog0.cmp_log, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_CmpGeLog_Interface as CmpGeLog0 with + clone CreusotContracts_Logic_Ord_OrdLogic_CmpGeLog_Interface as CmpGeLog1 with type self = Core_Option_Option_Type.t_option int, predicate Inv0.inv = Inv4.inv, function GeLog0.ge_log = GeLog1.ge_log, function CmpLog0.cmp_log = CmpLog0.cmp_log, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_CmpLtLog_Interface as CmpLtLog0 with + clone CreusotContracts_Logic_Ord_OrdLogic_LtLog as LtLog0 with + type self = Core_Option_Option_Type.t_option int, + function CmpLog0.cmp_log = CmpLog0.cmp_log + clone CreusotContracts_Logic_Ord_OrdLogic_CmpLtLog_Interface as CmpLtLog1 with type self = Core_Option_Option_Type.t_option int, predicate Inv0.inv = Inv4.inv, function LtLog0.lt_log = LtLog0.lt_log, function CmpLog0.cmp_log = CmpLog0.cmp_log, axiom . - clone CreusotContracts_Logic_Ord_OrdLogic_CmpLeLog_Interface as CmpLeLog0 with + clone CreusotContracts_Logic_Ord_OrdLogic_CmpLeLog_Interface as CmpLeLog1 with type self = Core_Option_Option_Type.t_option int, predicate Inv0.inv = Inv4.inv, function LeLog0.le_log = LeLog0.le_log, @@ -1923,6 +1830,15 @@ module Instant_TestInstant clone CreusotContracts_Std1_Time_Impl3_DeepModel_Interface as DeepModel4 with function ShallowModel0.shallow_model = ShallowModel0.shallow_model, axiom . + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone CreusotContracts_Std1_Time_SecsToNanos_Interface as SecsToNanos0 clone Core_Num_Impl9_Max as Max0 clone CreusotContracts_Std1_Time_Impl0_ShallowModel_Interface as ShallowModel1 with diff --git a/creusot/tests/should_succeed/knapsack_full.mlcfg b/creusot/tests/should_succeed/knapsack_full.mlcfg index a23606dbcf..f831d8841a 100644 --- a/creusot/tests/should_succeed/knapsack_full.mlcfg +++ b/creusot/tests/should_succeed/knapsack_full.mlcfg @@ -2122,6 +2122,180 @@ module CreusotContracts_Std1_Slice_Impl5_ResolveElswhere val resolve_elswhere [@inline:trivial] (self : usize) (old' : Seq.seq t) (fin : Seq.seq t) : bool ensures { result = resolve_elswhere self old' fin } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module CreusotContracts_Resolve_Impl2_Resolve_Stub type t @@ -2200,6 +2374,7 @@ module KnapsackFull_Knapsack01Dyn use prelude.Ghost use seq.Seq use prelude.Borrow + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type use KnapsackFull_Item_Type as KnapsackFull_Item_Type use Alloc_Vec_Vec_Type as Alloc_Vec_Vec_Type @@ -2260,6 +2435,15 @@ module KnapsackFull_Knapsack01Dyn type t = borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize), predicate Inv0.inv = Inv14.inv, axiom . + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 use Core_Option_Option_Type as Core_Option_Option_Type clone CreusotContracts_Invariant_Inv_Interface as Inv13 with type t = Core_Option_Option_Type.t_option usize diff --git a/creusot/tests/should_succeed/knapsack_full/why3session.xml b/creusot/tests/should_succeed/knapsack_full/why3session.xml index e7950c42b7..83eeaddb47 100644 --- a/creusot/tests/should_succeed/knapsack_full/why3session.xml +++ b/creusot/tests/should_succeed/knapsack_full/why3session.xml @@ -38,22 +38,22 @@ - + - + - + - + @@ -62,7 +62,7 @@ - + @@ -71,19 +71,19 @@ - + - + - + - + @@ -98,13 +98,13 @@ - + - + @@ -125,19 +125,19 @@ - + - + - + - + - + @@ -146,16 +146,16 @@ - + - + - + @@ -164,52 +164,52 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -218,7 +218,7 @@ - + @@ -227,37 +227,37 @@ - + - + - + - + - + - + - + - + - + - + @@ -266,52 +266,52 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -320,66 +320,66 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/knapsack_full/why3shapes.gz b/creusot/tests/should_succeed/knapsack_full/why3shapes.gz index 6e5ca9bc4b..a8c285a205 100644 Binary files a/creusot/tests/should_succeed/knapsack_full/why3shapes.gz and b/creusot/tests/should_succeed/knapsack_full/why3shapes.gz differ diff --git a/creusot/tests/should_succeed/slices/02_std.mlcfg b/creusot/tests/should_succeed/slices/02_std.mlcfg index 4adf0d409a..45f93c6790 100644 --- a/creusot/tests/should_succeed/slices/02_std.mlcfg +++ b/creusot/tests/should_succeed/slices/02_std.mlcfg @@ -601,6 +601,180 @@ module CreusotContracts_Std1_Num_Impl7_DeepModel val deep_model (self : uint32) : int ensures { result = deep_model self } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module CreusotContracts_Logic_Ord_Impl3_LeLog_Stub use prelude.Int @@ -647,6 +821,7 @@ module C02Std_BinarySearch use prelude.Slice use prelude.UInt32 use seq.Seq + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type clone CreusotContracts_Logic_Ord_Impl3_LeLog as LeLog0 use Core_Result_Result_Type as Core_Result_Result_Type clone CreusotContracts_Invariant_Inv_Interface as Inv6 with @@ -681,6 +856,15 @@ module C02Std_BinarySearch type t = slice uint32, predicate Inv0.inv = Inv2.inv, axiom . + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone CreusotContracts_Invariant_Inv_Interface as Inv1 with type t = uint32 clone TyInv_Trivial as TyInv_Trivial1 with diff --git a/creusot/tests/should_succeed/slices/02_std/why3session.xml b/creusot/tests/should_succeed/slices/02_std/why3session.xml index 1a7fc0df4b..e597d67f83 100644 --- a/creusot/tests/should_succeed/slices/02_std/why3session.xml +++ b/creusot/tests/should_succeed/slices/02_std/why3session.xml @@ -9,29 +9,29 @@ - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/slices/02_std/why3shapes.gz b/creusot/tests/should_succeed/slices/02_std/why3shapes.gz index 656388df88..3da06821c0 100644 Binary files a/creusot/tests/should_succeed/slices/02_std/why3shapes.gz and b/creusot/tests/should_succeed/slices/02_std/why3shapes.gz differ diff --git a/creusot/tests/should_succeed/sum.mlcfg b/creusot/tests/should_succeed/sum.mlcfg index 9fb8863acc..3d363ceaec 100644 --- a/creusot/tests/should_succeed/sum.mlcfg +++ b/creusot/tests/should_succeed/sum.mlcfg @@ -815,6 +815,180 @@ module CreusotContracts_Std1_Iter_Range_Impl1_Completed val completed (self : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive idx)) : bool ensures { result = completed self } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module Sum_SumFirstN_Interface use prelude.UInt32 @@ -837,6 +1011,7 @@ module Sum_SumFirstN type t = Seq.seq uint32, predicate Inv0.inv = Inv4.inv, axiom . + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type use Core_Option_Option_Type as Core_Option_Option_Type clone CreusotContracts_Invariant_Inv_Interface as Inv3 with type t = Core_Option_Option_Type.t_option uint32 @@ -851,6 +1026,15 @@ module Sum_SumFirstN type t = borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32), predicate Inv0.inv = Inv2.inv, axiom . + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone CreusotContracts_Invariant_Inv_Interface as Inv1 with type t = uint32 clone TyInv_Trivial as TyInv_Trivial1 with diff --git a/creusot/tests/should_succeed/sum/why3session.xml b/creusot/tests/should_succeed/sum/why3session.xml index 6125693839..bfa8cce7cc 100644 --- a/creusot/tests/should_succeed/sum/why3session.xml +++ b/creusot/tests/should_succeed/sum/why3session.xml @@ -4,14 +4,14 @@ - + - + @@ -23,7 +23,7 @@ - + @@ -32,10 +32,10 @@ - + - + @@ -49,7 +49,7 @@ - + @@ -63,15 +63,15 @@ - + - + - + diff --git a/creusot/tests/should_succeed/sum/why3shapes.gz b/creusot/tests/should_succeed/sum/why3shapes.gz index 0b3ab7909d..345b44b369 100644 Binary files a/creusot/tests/should_succeed/sum/why3shapes.gz and b/creusot/tests/should_succeed/sum/why3shapes.gz differ diff --git a/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg b/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg index 734d62794d..152fbf45d5 100644 --- a/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg +++ b/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg @@ -310,6 +310,180 @@ module CreusotContracts_Logic_Ord_Impl3_LtLog val lt_log (self : int) (_2 : int) : bool ensures { result = lt_log self _2 } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module C10MutualRecTypes_Impl0_Height_Interface use prelude.Borrow @@ -322,6 +496,16 @@ module C10MutualRecTypes_Impl0_Height use prelude.Int use prelude.UInt64 use prelude.Borrow + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone CreusotContracts_Invariant_Inv_Interface as Inv0 with type t = uint64 clone TyInv_Trivial as TyInv_Trivial0 with diff --git a/creusot/tests/should_succeed/vector/08_haystack.mlcfg b/creusot/tests/should_succeed/vector/08_haystack.mlcfg index 58f8f2b5af..8a016502aa 100644 --- a/creusot/tests/should_succeed/vector/08_haystack.mlcfg +++ b/creusot/tests/should_succeed/vector/08_haystack.mlcfg @@ -1465,6 +1465,180 @@ module CreusotContracts_Std1_Slice_Impl5_HasValue val has_value [@inline:trivial] (self : usize) (seq : Seq.seq t) (out : t) : bool ensures { result = has_value self seq out } +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Stub + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLeLog + use prelude.Int + function cmp_le_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 79 12 79 14] () + val cmp_le_log (_1 : int) (_2 : int) : () + ensures { result = cmp_le_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Stub + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpLtLog + use prelude.Int + function cmp_lt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 85 12 85 14] () + val cmp_lt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_lt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Stub + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGeLog + use prelude.Int + function cmp_ge_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 91 12 91 14] () + val cmp_ge_log (_1 : int) (_2 : int) : () + ensures { result = cmp_ge_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Stub + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_CmpGtLog + use prelude.Int + function cmp_gt_log (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 97 12 97 14] () + val cmp_gt_log (_1 : int) (_2 : int) : () + ensures { result = cmp_gt_log _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Stub + use prelude.Int + function refl (_1 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Refl_Interface + use prelude.Int + function refl (_1 : int) : () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Refl + use prelude.Int + function refl (_1 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 103 12 103 14] () + val refl (_1 : int) : () + ensures { result = refl _1 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Stub + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () +end +module CreusotContracts_Logic_Ord_Impl3_Trans_Interface + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Trans + use prelude.Int + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type + function trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 109 12 109 14] () + val trans (_1 : int) (_2 : int) (_3 : int) (_4 : Core_Cmp_Ordering_Type.t_ordering) : () + ensures { result = trans _1 _2 _3 _4 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Stub + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym1 + use prelude.Int + function antisym1 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 115 12 115 14] () + val antisym1 (_1 : int) (_2 : int) : () + ensures { result = antisym1 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Stub + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_Antisym2 + use prelude.Int + function antisym2 (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 121 12 121 14] () + val antisym2 (_1 : int) (_2 : int) : () + ensures { result = antisym2 _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Stub + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + +end +module CreusotContracts_Logic_Ord_Impl3_EqCmp + use prelude.Int + function eq_cmp (_1 : int) (_2 : int) : () = + [#"../../../../../creusot-contracts/src/logic/ord.rs" 127 12 127 14] () + val eq_cmp (_1 : int) (_2 : int) : () + ensures { result = eq_cmp _1 _2 } + end module C08Haystack_Search_Interface use seq.Seq @@ -1514,6 +1688,7 @@ module C08Haystack_Search type t = Seq.seq usize, predicate Inv0.inv = Inv8.inv, axiom . + use Core_Cmp_Ordering_Type as Core_Cmp_Ordering_Type clone CreusotContracts_Invariant_Inv_Interface as Inv7 with type t = uint8 clone TyInv_Trivial as TyInv_Trivial7 with @@ -1542,6 +1717,15 @@ module C08Haystack_Search predicate Inv0.inv = Inv4.inv, axiom . clone Core_Num_Impl11_Max as Max0 + clone CreusotContracts_Logic_Ord_Impl3_EqCmp_Interface as EqCmp0 + clone CreusotContracts_Logic_Ord_Impl3_Antisym2_Interface as Antisym20 + clone CreusotContracts_Logic_Ord_Impl3_Antisym1_Interface as Antisym10 + clone CreusotContracts_Logic_Ord_Impl3_Trans_Interface as Trans0 + clone CreusotContracts_Logic_Ord_Impl3_Refl_Interface as Refl0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGtLog_Interface as CmpGtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpGeLog_Interface as CmpGeLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLtLog_Interface as CmpLtLog0 + clone CreusotContracts_Logic_Ord_Impl3_CmpLeLog_Interface as CmpLeLog0 clone CreusotContracts_Invariant_Inv_Interface as Inv3 with type t = usize clone TyInv_Trivial as TyInv_Trivial3 with diff --git a/creusot/tests/should_succeed/vector/08_haystack/why3session.xml b/creusot/tests/should_succeed/vector/08_haystack/why3session.xml index 9538239768..90a474bd5c 100644 --- a/creusot/tests/should_succeed/vector/08_haystack/why3session.xml +++ b/creusot/tests/should_succeed/vector/08_haystack/why3session.xml @@ -2,7 +2,7 @@ - + @@ -14,31 +14,31 @@ - + - + - + - + - + - + - + - + @@ -47,13 +47,13 @@ - + - + - + @@ -62,25 +62,25 @@ - + - + - + - + - + - + @@ -92,28 +92,28 @@ - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/vector/08_haystack/why3shapes.gz b/creusot/tests/should_succeed/vector/08_haystack/why3shapes.gz index d154386231..68991feb11 100644 Binary files a/creusot/tests/should_succeed/vector/08_haystack/why3shapes.gz and b/creusot/tests/should_succeed/vector/08_haystack/why3shapes.gz differ diff --git a/why3/src/declaration.rs b/why3/src/declaration.rs index c3a491713d..ae0d3fa566 100644 --- a/why3/src/declaration.rs +++ b/why3/src/declaration.rs @@ -2,7 +2,7 @@ use indexmap::IndexSet; use std::collections::{BTreeMap, HashMap}; use crate::{ - exp::{Binder, Exp, ExpMutVisitor}, + exp::{Binder, Exp, ExpMutVisitor, Trigger}, mlcfg::{Block, BlockId}, ty::Type, *, @@ -143,6 +143,7 @@ pub enum Attribute { #[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub struct Signature { pub name: Ident, + pub trigger: Option, // None means Trigger::single(function_call(self)) pub attrs: Vec, pub retty: Option, pub args: Vec, diff --git a/why3/src/exp.rs b/why3/src/exp.rs index d08375d0b0..772621ed94 100644 --- a/why3/src/exp.rs +++ b/why3/src/exp.rs @@ -94,6 +94,19 @@ pub enum Purity { Program, } +#[derive(Debug, Clone)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] +// TODO: multi-trigger/multiple triggers +pub struct Trigger(pub Option>); + +impl Trigger { + pub const NONE: Trigger = Trigger(None); + + pub fn single(exp: Exp) -> Self { + Trigger(Some(Box::new(exp))) + } +} + // TODO: Should we introduce an 'ExprKind' struct which wraps `Exp` with attributes? #[derive(Debug, Clone)] #[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] @@ -128,8 +141,8 @@ pub enum Exp { Old(Box), Absurd, Impl(Box, Box), - Forall(Vec<(Ident, Type)>, Box), - Exists(Vec<(Ident, Type)>, Box), + Forall(Vec<(Ident, Type)>, Trigger, Box), + Exists(Vec<(Ident, Type)>, Trigger, Box), Sequence(Vec), FnLit(Box), } @@ -147,6 +160,10 @@ pub trait ExpMutVisitor: Sized { fn visit_mut(&mut self, exp: &mut Exp) { super_visit_mut(self, exp) } + + fn visit_trigger_mut(&mut self, trig: &mut Trigger) { + super_visit_mut_trigger(self, trig) + } } pub fn super_visit_mut(f: &mut T, exp: &mut Exp) { @@ -196,8 +213,14 @@ pub fn super_visit_mut(f: &mut T, exp: &mut Exp) { f.visit_mut(l); f.visit_mut(r) } - Exp::Forall(_, e) => f.visit_mut(e), - Exp::Exists(_, e) => f.visit_mut(e), + Exp::Forall(_, t, e) => { + f.visit_trigger_mut(t); + f.visit_mut(e) + } + Exp::Exists(_, t, e) => { + f.visit_trigger_mut(t); + f.visit_mut(e) + } Exp::Attr(_, e) => f.visit_mut(e), Exp::Ghost(e) => f.visit_mut(e), Exp::Record { fields } => fields.iter_mut().for_each(|(_, e)| f.visit_mut(e)), @@ -207,10 +230,21 @@ pub fn super_visit_mut(f: &mut T, exp: &mut Exp) { } } +pub fn super_visit_mut_trigger(f: &mut T, trigger: &mut Trigger) { + match &mut trigger.0 { + None => {} + Some(exp) => f.visit_mut(exp), + } +} + pub trait ExpVisitor: Sized { fn visit(&mut self, exp: &Exp) { super_visit(self, exp) } + + fn visit_trigger(&mut self, trig: &Trigger) { + super_visit_trigger(self, trig) + } } pub fn super_visit(f: &mut T, exp: &Exp) { @@ -260,8 +294,14 @@ pub fn super_visit(f: &mut T, exp: &Exp) { f.visit(l); f.visit(r) } - Exp::Forall(_, e) => f.visit(e), - Exp::Exists(_, e) => f.visit(e), + Exp::Forall(_, t, e) => { + f.visit_trigger(t); + f.visit(e) + } + Exp::Exists(_, t, e) => { + f.visit_trigger(t); + f.visit(e) + } Exp::Attr(_, e) => f.visit(e), Exp::Ghost(e) => f.visit(e), Exp::Record { fields } => fields.iter().for_each(|(_, e)| f.visit(e)), @@ -271,6 +311,13 @@ pub fn super_visit(f: &mut T, exp: &Exp) { } } +pub fn super_visit_trigger(f: &mut T, trigger: &Trigger) { + match &trigger.0 { + None => {} + Some(exp) => f.visit(exp), + } +} + impl Exp { pub fn impure_qvar(q: QName) -> Self { Exp::QVar(q, Purity::Program) @@ -355,6 +402,22 @@ impl Exp { } } + pub fn forall_trig(bound: Vec<(Ident, Type)>, trigger: Trigger, body: Exp) -> Self { + Exp::Forall(bound, trigger, Box::new(body)) + } + + pub fn forall(bound: Vec<(Ident, Type)>, body: Exp) -> Self { + Exp::forall_trig(bound, Trigger::NONE, body) + } + + pub fn exists_trig(bound: Vec<(Ident, Type)>, trigger: Trigger, body: Exp) -> Self { + Exp::Exists(bound, trigger, Box::new(body)) + } + + pub fn exists(bound: Vec<(Ident, Type)>, body: Exp) -> Self { + Exp::exists_trig(bound, Trigger::NONE, body) + } + pub fn is_true(&self) -> bool { if let Exp::Const(Constant::Bool(true)) = self { true @@ -551,8 +614,8 @@ impl Exp { Exp::Call(_, _) => App, // Exp::Verbatim(_) => Any, Exp::Impl(_, _) => Impl, - Exp::Forall(_, _) => IfLet, - Exp::Exists(_, _) => IfLet, + Exp::Forall(_, _, _) => IfLet, + Exp::Exists(_, _, _) => IfLet, Exp::Ascribe(_, _) => Cast, Exp::Absurd => Atom, Exp::Pure(_) => Atom, @@ -587,19 +650,19 @@ impl Exp { self.visit(arg); self.fvs.extend(fvs); } - Exp::Forall(bnds, exp) => { + Exp::Forall(bnds, trig, exp) => { let fvs = std::mem::take(&mut self.fvs); self.visit(exp); - + self.visit_trigger(trig); bnds.iter().for_each(|(l, _)| { self.fvs.remove(l); }); self.fvs.extend(fvs); } - Exp::Exists(bnds, exp) => { + Exp::Exists(bnds, trig, exp) => { let fvs = std::mem::take(&mut self.fvs); self.visit(exp); - + self.visit_trigger(trig); bnds.iter().for_each(|(l, _)| { self.fvs.remove(l); }); @@ -684,21 +747,23 @@ impl Exp { s.visit_mut(br); } } - Exp::Forall(binders, exp) => { + Exp::Forall(binders, trig, exp) => { let mut subst = self.clone(); binders.iter().for_each(|k| { subst.remove(&k.0); }); let mut s = &subst; s.visit_mut(exp); + s.visit_trigger_mut(trig); } - Exp::Exists(binders, exp) => { + Exp::Exists(binders, trig, exp) => { let mut subst = self.clone(); binders.iter().for_each(|k| { subst.remove(&k.0); }); let mut s = &subst; s.visit_mut(exp); + s.visit_trigger_mut(trig); } _ => super_visit_mut(self, exp), } diff --git a/why3/src/mlcfg/printer.rs b/why3/src/mlcfg/printer.rs index 8a2f662c87..64c0a4bb8f 100644 --- a/why3/src/mlcfg/printer.rs +++ b/why3/src/mlcfg/printer.rs @@ -3,7 +3,7 @@ use std::{fmt::Display, iter::once}; use super::*; use crate::{ declaration::*, - exp::{AssocDir, BinOp, Binder, Constant, Precedence, UnOp}, + exp::{AssocDir, BinOp, Binder, Constant, Precedence, Trigger, UnOp}, }; use num::{Float, Zero}; use pretty::*; @@ -614,6 +614,22 @@ impl Print for Type { } } +impl Print for Trigger { + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( + &'a self, + alloc: &'a A, + env: &mut PrintEnv, + ) -> DocBuilder<'a, A> + where + A::Doc: Clone, + { + match &self.0 { + None => alloc.nil(), + Some(exp) => exp.pretty(alloc, env).brackets(), + } + } +} + impl Print for Exp { fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( &'a self, @@ -730,7 +746,7 @@ impl Print for Exp { .append("else") .append(alloc.line().append(e.pretty(alloc, env)).nest(2).append(alloc.line_())) .group(), - Exp::Forall(binders, box exp) => alloc + Exp::Forall(binders, trig, box exp) => alloc .text("forall ") .append(alloc.intersperse( binders.iter().map(|(b, t)| { @@ -738,9 +754,10 @@ impl Print for Exp { }), ", ", )) + .append(trig.pretty(alloc, env)) .append(" . ") .append(exp.pretty(alloc, env)), - Exp::Exists(binders, box exp) => alloc + Exp::Exists(binders, trig, box exp) => alloc .text("exists ") .append(alloc.intersperse( binders.iter().map(|(b, t)| { @@ -748,6 +765,7 @@ impl Print for Exp { }), ", ", )) + .append(trig.pretty(alloc, env)) .append(" . ") .append(exp.pretty(alloc, env)), Exp::Impl(box hyp, box exp) => {