-
Notifications
You must be signed in to change notification settings - Fork 54
/
Copy pathIntSetUnit.scala
52 lines (46 loc) · 1.61 KB
/
IntSetUnit.scala
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
/**
* NOTE: This test won't run with the current stainless configuration
* as the proofs in the function bodies will be simplified away!
*/
import stainless.lang._
import stainless.annotation._
object IntSetUnit {
case class Empty() extends IntSet
case class Node(left: IntSet,
elem: Int,
right: IntSet) extends IntSet
sealed abstract class IntSet {
def incl(x: Int): IntSet = this match {
case Empty() => Node(Empty(),x,Empty())
case Node(left, elem, right) =>
if (x < elem) Node(left.incl(x), elem, right)
else if (x > elem) Node(left, elem, right.incl(x))
else this
}
def contains(x: Int): Boolean = this match {
case Empty() => false
case Node(left, elem, right) =>
if (x < elem) left.contains(x)
else if (x > elem) right.contains(x)
else true
}
def P1(x: Int): Unit = {
()
}.ensuring(_ => !(Empty().contains(x)))
def P2(s: IntSet, x: Int): Unit = {
s match {
case Node(left, elem, right) if (x < elem) => P2(left, x)
case Node(left, elem, right) if (x > elem) => P2(right, x)
case _ => ()
}
}.ensuring(_ => (s.incl(x)).contains(x))
def P3(s: IntSet, x: Int, y: Int): Unit = {
require(x != y)
s match {
case Node(left, elem, right) if (x < elem) => P3(left, x, y)
case Node(left, elem, right) if (x > elem) => P3(right, x, y)
case _ => ()
}
}.ensuring(_ => ((s.incl(x)).contains(y))==(s.contains(y)))
}
}