From cc80f8ef1f67d4d60da8c63e1b165491378779de Mon Sep 17 00:00:00 2001 From: dewert99 Date: Tue, 16 Jan 2024 14:11:06 -0800 Subject: [PATCH 01/66] Add ZST references to GhostPtrToken based on thesis --- creusot-contracts/src/ghost_ptr.rs | 154 ++++++++++++++++++++++++----- 1 file changed, 127 insertions(+), 27 deletions(-) diff --git a/creusot-contracts/src/ghost_ptr.rs b/creusot-contracts/src/ghost_ptr.rs index bc31353e43..95162e1a17 100644 --- a/creusot-contracts/src/ghost_ptr.rs +++ b/creusot-contracts/src/ghost_ptr.rs @@ -1,12 +1,26 @@ // Inspired by https://plv.mpi-sws.org/rustbelt/ghostcell/ https://rust-unofficial.github.io/too-many-lists/fifth.html use crate::{logic::FMap, *}; -use ::std::marker::PhantomData; +use ::std::{ + marker::PhantomData, + ops::{Deref, DerefMut}, +}; /// Models a fragment of the heap that maps the [`GhostPtr`]s it has permission to their value. /// At most one [`GhostToken`] has permission to each [`GhostPtr`] /// No [`GhostToken`] has permission to a dangling [`GhostPtr`] #[trusted] -pub struct GhostPtrToken(Ghost, T>>, PhantomData); +pub struct GhostPtrToken(PhantomData); + +/// ZST equivalent of [`&'a GhostPtrToken`](GhostPtrToken) +/// Can be created using [`GhostPtrToken::borrow`] +#[trusted] +#[derive(Copy, Clone)] +pub struct GhostPtrTokenRef<'a, T: ?Sized>(PhantomData<&'a T>); + +/// ZST equivalent of [`&'a mut GhostPtrToken`](GhostPtrToken) +/// Can be created using [`GhostPtrToken::borrow_mut`] +#[trusted] +pub struct GhostPtrTokenMut<'a, T: ?Sized>(PhantomData<&'a mut T>); /// Thin wrapper over a raw pointer managed by a [`GhostPtr`] pub type GhostPtr = *const T; @@ -26,7 +40,7 @@ impl GhostPtrToken { /// Creates a new [`GhostPtr`] that has no permission #[ensures(result@ == FMap::empty())] pub fn new() -> Self { - GhostPtrToken(gh!(FMap::empty()), PhantomData) + GhostPtrToken(PhantomData) } #[trusted] @@ -68,35 +82,12 @@ impl GhostPtrToken { unsafe { &*ptr } } - /// Shrinks the view of the `self` so that it's model is now new-model - #[trusted] - #[requires(_new_model.subset(self@))] - #[ensures(result@ == *_new_model)] - pub fn shrink_token_ref(&self, _new_model: Ghost>) -> &GhostPtrToken { - self - } - - /// Mutably borrows `ptr` and shrinks `t` so that it can no longer be used to access `ptr` - // Safety no other token has permission to `self` - // `t` can no longer be used to access `ptr` - #[trusted] - #[requires((**self)@.contains(ptr))] - #[ensures(*result == *(**self)@.lookup_unsized(ptr))] - #[ensures((*^self)@ == (**self)@.remove(ptr))] - #[ensures((^*self)@ == (^^self)@.insert(ptr, ^result))] - // #[ensures(!(^^t)@.contains(ptr))] - // ^~ It shouldn't have been possible to add pointer to `t` while we were holding a mutable reference to the pointer - pub fn take_mut<'o, 'i>(self: &'o mut &'i mut GhostPtrToken, ptr: *const T) -> &'i mut T { - unsafe { &mut *(ptr as *mut _) } - } - /// Mutably borrows `ptr` #[requires(self@.contains(ptr))] #[ensures(*result == *(*self)@.lookup_unsized(ptr))] #[ensures((^self)@ == (*self)@.insert(ptr, ^result))] pub fn ptr_as_mut(&mut self, ptr: *const T) -> &mut T { - let mut t = self; - t.take_mut(ptr) + self.borrow_mut().take_mut(ptr) } /// Transfers ownership of `ptr` back into a `Box` @@ -119,6 +110,21 @@ impl GhostPtrToken { /// Leaks memory iff the precondition fails #[requires(self@.is_empty())] pub fn drop(self) {} + + /// Convert a shared reference in an equivalent ZST + #[trusted] + #[ensures(result@ == self@)] + pub fn borrow(&self) -> GhostPtrTokenRef<'_, T> { + GhostPtrTokenRef(PhantomData) + } + + /// Convert a mutable reference in an equivalent ZST + #[trusted] + #[ensures(result.curr() == (*result)@)] + #[ensures(result.fin() == (^result)@)] + pub fn borrow_mut(&mut self) -> GhostPtrTokenMut<'_, T> { + GhostPtrTokenMut(PhantomData) + } } impl GhostPtrExt for GhostPtr { @@ -140,6 +146,100 @@ impl GhostPtrExt for GhostPtr { } } +impl<'a, T: ?Sized> ShallowModel for GhostPtrTokenRef<'a, T> { + type ShallowModelTy = FMap, T>; + + #[trusted] + #[ghost] + #[open(self)] + fn shallow_model(self) -> Self::ShallowModelTy { + absurd + } +} + +impl<'a, T: ?Sized> Deref for GhostPtrTokenRef<'a, T> { + type Target = GhostPtrToken; + + #[trusted] + #[ensures(result@ == self@)] + fn deref(&self) -> &Self::Target { + &GhostPtrToken(PhantomData) + } +} + +impl<'a, T: ?Sized> GhostPtrTokenRef<'a, T> { + /// Shrinks the view of the `self` so that it's model is now new-model + #[trusted] + #[requires(_new_model.subset(self@))] + #[ensures(result@ == *_new_model)] + pub fn shrink_token_ref(self, _new_model: Ghost>) -> Self { + self + } +} + +impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { + #[trusted] + #[ghost] + #[open(self)] + pub fn curr(self) -> FMap, T> { + absurd + } + + #[trusted] + #[logic] + #[open(self)] + pub fn fin(self) -> FMap, T> { + absurd + } + + #[ensures(self.fin() == self.cur())] + #[ensures(result@ == self.cur())] + pub fn shr(self) -> GhostPtrTokenRef<'a, T> { + GhostPtrTokenRef(PhantomData) + } + + /// Mutably borrows `ptr` and shrinks `t` so that it can no longer be used to access `ptr` + // Safety no other token has permission to `self` + // `t` can no longer be used to access `ptr` + #[trusted] + #[requires((*self).curr().contains(ptr))] + #[ensures(*result == *(*self).curr().lookup_unsized(ptr))] + #[ensures((^self).curr() == (*self).curr().remove(ptr))] + #[ensures((*self).fin() == (^self).fin().insert(ptr, ^result))] + #[ensures(!(^self).fin().contains(ptr))] + pub fn take_mut(&mut self, ptr: *const T) -> &'a mut T { + unsafe { &mut *(ptr as *mut _) } + } +} + +impl<'a, T> Deref for GhostPtrTokenMut<'a, T> { + type Target = GhostPtrToken; + + #[trusted] + #[ensures(result@ == self.curr())] + fn deref(&self) -> &Self::Target { + &GhostPtrToken(PhantomData) + } +} + +impl<'a, T> DerefMut for GhostPtrTokenMut<'a, T> { + #[trusted] + #[ensures((*result)@ == (*self).curr())] + #[ensures((^self).curr() == (^result)@)] + fn deref_mut(&mut self) -> &mut Self::Target { + Box::leak(Box::new(GhostPtrToken(PhantomData))) + } +} + +#[trusted] +impl<'a, T> Resolve for GhostPtrTokenMut<'a, T> { + #[logic] + #[open] + fn resolve(self) -> bool { + self.curr() == self.fin() + } +} + pub trait GhostPtrExt: Sized { #[ghost] fn null_logic() -> Self; From 73bc5385aa0e7a6792599b4ee12533bcd4e20084 Mon Sep 17 00:00:00 2001 From: dewert99 Date: Fri, 26 Jan 2024 11:33:11 -0800 Subject: [PATCH 02/66] Guaranteed that the ptr::null().addr() == 0 --- creusot-contracts/src/ghost_ptr.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/creusot-contracts/src/ghost_ptr.rs b/creusot-contracts/src/ghost_ptr.rs index 95162e1a17..6df84ae1ef 100644 --- a/creusot-contracts/src/ghost_ptr.rs +++ b/creusot-contracts/src/ghost_ptr.rs @@ -132,7 +132,7 @@ impl GhostPtrExt for GhostPtr { #[open(self)] #[ghost] #[ensures(forall> !t@.contains(result))] - // #[ensures(result.addr_logic() == 0@)] + #[ensures(result.addr_logic() == 0@)] #[ensures(forall> ptr.addr_logic() == result.addr_logic() ==> ptr == result)] fn null_logic() -> Self { absurd From 267f0775d18689999ff0bb7c682aa8e9b3310bea Mon Sep 17 00:00:00 2001 From: dewert99 Date: Fri, 26 Jan 2024 13:26:06 -0800 Subject: [PATCH 03/66] Fixes --- creusot-contracts/src/ghost_ptr.rs | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/creusot-contracts/src/ghost_ptr.rs b/creusot-contracts/src/ghost_ptr.rs index 6df84ae1ef..c02ed743ce 100644 --- a/creusot-contracts/src/ghost_ptr.rs +++ b/creusot-contracts/src/ghost_ptr.rs @@ -1,5 +1,5 @@ // Inspired by https://plv.mpi-sws.org/rustbelt/ghostcell/ https://rust-unofficial.github.io/too-many-lists/fifth.html -use crate::{logic::FMap, *}; +use crate::{logic::FMap, Clone, *}; use ::std::{ marker::PhantomData, ops::{Deref, DerefMut}, @@ -120,8 +120,8 @@ impl GhostPtrToken { /// Convert a mutable reference in an equivalent ZST #[trusted] - #[ensures(result.curr() == (*result)@)] - #[ensures(result.fin() == (^result)@)] + #[ensures(result.curr() == (*self)@)] + #[ensures(result.fin() == (^self)@)] pub fn borrow_mut(&mut self) -> GhostPtrTokenMut<'_, T> { GhostPtrTokenMut(PhantomData) } @@ -132,7 +132,7 @@ impl GhostPtrExt for GhostPtr { #[open(self)] #[ghost] #[ensures(forall> !t@.contains(result))] - #[ensures(result.addr_logic() == 0@)] + #[ensures(result.addr_logic() == 0)] #[ensures(forall> ptr.addr_logic() == result.addr_logic() ==> ptr == result)] fn null_logic() -> Self { absurd @@ -192,8 +192,8 @@ impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { absurd } - #[ensures(self.fin() == self.cur())] - #[ensures(result@ == self.cur())] + #[ensures(self.fin() == self.curr())] + #[ensures(result@ == self.curr())] pub fn shr(self) -> GhostPtrTokenRef<'a, T> { GhostPtrTokenRef(PhantomData) } @@ -233,7 +233,7 @@ impl<'a, T> DerefMut for GhostPtrTokenMut<'a, T> { #[trusted] impl<'a, T> Resolve for GhostPtrTokenMut<'a, T> { - #[logic] + #[predicate] #[open] fn resolve(self) -> bool { self.curr() == self.fin() From 887d58426f20a21565bb0be5a923e01fdc2d76c8 Mon Sep 17 00:00:00 2001 From: dewert99 Date: Sat, 27 Jan 2024 10:42:07 -0800 Subject: [PATCH 04/66] Improve GhostPtrToken::take_mut documentation and added test --- creusot-contracts/src/ghost_ptr.rs | 26 +- creusot-contracts/src/logic/fmap.rs | 5 +- .../should_succeed/ghost_ptr_token.mlcfg | 509 ++++++++++++++++++ .../tests/should_succeed/ghost_ptr_token.rs | 18 + 4 files changed, 555 insertions(+), 3 deletions(-) create mode 100644 creusot/tests/should_succeed/ghost_ptr_token.mlcfg create mode 100644 creusot/tests/should_succeed/ghost_ptr_token.rs diff --git a/creusot-contracts/src/ghost_ptr.rs b/creusot-contracts/src/ghost_ptr.rs index c02ed743ce..c2b8b8a09e 100644 --- a/creusot-contracts/src/ghost_ptr.rs +++ b/creusot-contracts/src/ghost_ptr.rs @@ -198,9 +198,31 @@ impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { GhostPtrTokenRef(PhantomData) } - /// Mutably borrows `ptr` and shrinks `t` so that it can no longer be used to access `ptr` + /// Mutably borrows `ptr` and shrinks `self` so that it can no longer be used to access `ptr` + /// + /// This function can be used to get multiple mutable references to non-aliasing pointers at the same time + /// + /// ``` + /// use creusot_contracts::ghost_ptr::GhostPtrToken; + /// + /// let mut token = GhostPtrToken::new(); + /// let ptr1 = token.ptr_from_box(Box::new(1)); + /// let ptr2 = token.ptr_from_box(Box::new(2)); + /// + /// let mut token_mut = token.borrow_mut(); + /// let m1 = token_mut.take_mut(ptr1); + /// // let m1_alias = token_mut.take_mut(ptr1); // Verification Error + /// let m2 = token_mut.take_mut(ptr2); + /// + /// assert_eq!(*m1, 1); + /// assert_eq!(*m2, 2); + /// + /// core::mem::swap(m1, m2); + /// assert_eq!(*token.ptr_as_ref(ptr1), 2); + /// assert_eq!(*token.ptr_as_ref(ptr2), 1); + /// ``` // Safety no other token has permission to `self` - // `t` can no longer be used to access `ptr` + // `self` can no longer be used to access `ptr` #[trusted] #[requires((*self).curr().contains(ptr))] #[ensures(*result == *(*self).curr().lookup_unsized(ptr))] diff --git a/creusot-contracts/src/logic/fmap.rs b/creusot-contracts/src/logic/fmap.rs index 1300eede27..d67d4e7487 100644 --- a/creusot-contracts/src/logic/fmap.rs +++ b/creusot-contracts/src/logic/fmap.rs @@ -57,6 +57,7 @@ impl FMap { #[ghost] #[open] + #[why3::attr = "inline:trivial"] pub fn lookup_unsized(self, k: K) -> SizedW { unwrap(self.get(k)) } @@ -73,6 +74,7 @@ impl FMap { #[ghost] #[open] + #[why3::attr = "inline:trivial"] pub fn contains(self, k: K) -> bool { self.get(k) != None } @@ -129,10 +131,11 @@ impl FMap { } #[ghost] - #[open] + #[open(self)] #[requires(other.subset(self))] #[ensures(result.disjoint(other))] #[ensures(other.union(result).ext_eq(self))] + #[ensures(forall result.get(k) == if other.contains(k) {None} else {self.get(k)})] pub fn subtract(self, other: Self) -> Self { self.subtract_keys(other) } diff --git a/creusot/tests/should_succeed/ghost_ptr_token.mlcfg b/creusot/tests/should_succeed/ghost_ptr_token.mlcfg new file mode 100644 index 0000000000..17e01fea41 --- /dev/null +++ b/creusot/tests/should_succeed/ghost_ptr_token.mlcfg @@ -0,0 +1,509 @@ + +module CreusotContracts_GhostPtr_GhostPtrToken_Type + type t_ghostptrtoken 't +end +module CreusotContracts_GhostPtr_GhostPtrTokenMut_Type + type t_ghostptrtokenmut 't +end +module CreusotContracts_Logic_Fmap_FMap_Type + type t_fmap 'k 'v +end +module Core_Panicking_AssertKind_Type + type t_assertkind = + | C_Eq + | C_Ne + | C_Match + +end +module Core_Option_Option_Type + type t_option 't = + | C_None + | C_Some 't + +end +module Core_Ptr_NonNull_NonNull_Type + use prelude.Opaque + type t_nonnull 't = + | C_NonNull opaque_ptr + +end +module Core_Marker_PhantomData_Type + type t_phantomdata 't = + | C_PhantomData + +end +module Core_Ptr_Unique_Unique_Type + use Core_Marker_PhantomData_Type as Core_Marker_PhantomData_Type + use Core_Ptr_NonNull_NonNull_Type as Core_Ptr_NonNull_NonNull_Type + type t_unique 't = + | C_Unique (Core_Ptr_NonNull_NonNull_Type.t_nonnull 't) (Core_Marker_PhantomData_Type.t_phantomdata 't) + +end +module Alloc_Boxed_Box_Type + use Core_Ptr_Unique_Unique_Type as Core_Ptr_Unique_Unique_Type + type t_box 't 'a = + | C_Box (Core_Ptr_Unique_Unique_Type.t_unique 't) 'a + +end +module Alloc_Alloc_Global_Type + type t_global = + | C_Global + +end +module GhostPtrToken_Test + use prelude.Int32 + use prelude.Opaque + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant7 (self : Core_Option_Option_Type.t_option int32) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant7 (self : Core_Option_Option_Type.t_option int32) : bool + ensures { result = invariant7 self } + + predicate inv7 (_x : Core_Option_Option_Type.t_option int32) + val inv7 (_x : Core_Option_Option_Type.t_option int32) : bool + ensures { result = inv7 _x } + + axiom inv7 : forall x : Core_Option_Option_Type.t_option int32 . inv7 x = true + use map.Map + predicate invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool + ensures { result = invariant6 self } + + predicate inv6 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) + val inv6 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool + ensures { result = inv6 _x } + + axiom inv6 : forall x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) . inv6 x = true + predicate invariant5 (self : int32) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant5 (self : int32) : bool + ensures { result = invariant5 self } + + predicate inv5 (_x : int32) + val inv5 (_x : int32) : bool + ensures { result = inv5 _x } + + axiom inv5 : forall x : int32 . inv5 x = true + predicate invariant4 (self : opaque_ptr) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant4 (self : opaque_ptr) : bool + ensures { result = invariant4 self } + + predicate inv4 (_x : opaque_ptr) + val inv4 (_x : opaque_ptr) : bool + ensures { result = inv4 _x } + + axiom inv4 : forall x : opaque_ptr . inv4 x = true + use CreusotContracts_Logic_Fmap_FMap_Type as CreusotContracts_Logic_Fmap_FMap_Type + predicate invariant3 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant3 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool + ensures { result = invariant3 self } + + predicate inv3 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) + val inv3 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool + ensures { result = inv3 _x } + + axiom inv3 : forall x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . inv3 x = true + predicate invariant2 (self : int32) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant2 (self : int32) : bool + ensures { result = invariant2 self } + + predicate inv2 (_x : int32) + val inv2 (_x : int32) : bool + ensures { result = inv2 _x } + + axiom inv2 : forall x : int32 . inv2 x = true + use prelude.Borrow + predicate invariant1 (self : borrowed int32) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant1 (self : borrowed int32) : bool + ensures { result = invariant1 self } + + predicate inv1 (_x : borrowed int32) + val inv1 (_x : borrowed int32) : bool + ensures { result = inv1 _x } + + axiom inv1 : forall x : borrowed int32 . inv1 x = true + predicate invariant0 (self : int32) = + [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant0 (self : int32) : bool + ensures { result = invariant0 self } + + predicate inv0 (_x : int32) + val inv0 (_x : int32) : bool + ensures { result = inv0 _x } + + use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type + axiom inv0 : forall x : int32 . inv0 x = true + use prelude.Opaque + use Core_Panicking_AssertKind_Type as Core_Panicking_AssertKind_Type + use CreusotContracts_GhostPtr_GhostPtrToken_Type as CreusotContracts_GhostPtr_GhostPtrToken_Type + function unreachable0 (_1 : ()) : int32 + val unreachable0 (_1 : ()) : int32 + requires {[#"../../../../creusot-contracts/src/util.rs" 24 11 24 16] false} + ensures { result = unreachable0 _1 } + + axiom unreachable0_spec : forall _1 : () . ([#"../../../../creusot-contracts/src/util.rs" 24 11 24 16] false) -> ([#"../../../../creusot-contracts/src/util.rs" 27 0 27 28] inv0 (unreachable0 _1)) && ([#"../../../../creusot-contracts/src/util.rs" 25 10 25 15] false) + function unwrap0 (op : Core_Option_Option_Type.t_option int32) : int32 + val unwrap0 (op : Core_Option_Option_Type.t_option int32) : int32 + requires {[#"../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None} + requires {[#"../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv7 op} + ensures { result = unwrap0 op } + + axiom unwrap0_spec : forall op : Core_Option_Option_Type.t_option int32 . ([#"../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None) -> ([#"../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv7 op) -> ([#"../../../../creusot-contracts/src/util.rs" 35 0 35 36] inv0 (unwrap0 op)) && ([#"../../../../creusot-contracts/src/util.rs" 34 10 34 28] Core_Option_Option_Type.C_Some (unwrap0 op) = op) + use map.Map + function mk0 (_m : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val mk0 (_m : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = mk0 _m } + + function view0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) + + val view0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv3 self} + ensures { result = view0 self } + + axiom view0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv3 self) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 28 4 28 35] inv6 (view0 self)) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 27 14 27 38] mk0 (view0 self) = self) + function get0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : Core_Option_Option_Type.t_option int32 + + = + [#"../../../../creusot-contracts/src/logic/fmap.rs" 55 8 55 26] Map.get (view0 self) k + val get0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : Core_Option_Option_Type.t_option int32 + ensures { result = get0 self k } + + function lookup_unsized0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 + + = + [#"../../../../creusot-contracts/src/logic/fmap.rs" 62 8 62 27] unwrap0 (get0 self k) + val lookup_unsized0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 + ensures { result = lookup_unsized0 self k } + + function contains0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool + + = + [#"../../../../creusot-contracts/src/logic/fmap.rs" 79 8 79 27] get0 self k <> Core_Option_Option_Type.C_None + val contains0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool + ensures { result = contains0 self k } + + function shallow_model0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val shallow_model0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = shallow_model0 self } + + function shallow_model1 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + = + [#"../../../../creusot-contracts/src/model.rs" 83 8 83 31] shallow_model0 self + val shallow_model1 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = shallow_model1 self } + + val ptr_as_ref0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) (ptr : opaque_ptr) : int32 + requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 79 4 79 36] contains0 (shallow_model1 self) ptr} + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 80 14 80 51] result = lookup_unsized0 (shallow_model1 self) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 81 4 81 49] inv2 result } + + predicate resolve2 (self : borrowed int32) = + [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self + val resolve2 (self : borrowed int32) : bool + ensures { result = resolve2 self } + + val swap0 (x : borrowed int32) (y : borrowed int32) : () + requires {inv1 x} + requires {inv1 y} + ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 11 22 11 30] ^ x = * y } + ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 12 22 12 30] ^ y = * x } + + predicate resolve3 (self : int32) = + [#"../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true + val resolve3 (self : int32) : bool + ensures { result = resolve3 self } + + predicate resolve1 (self : (int32, int32)) = + [#"../../../../creusot-contracts/src/resolve.rs" 16 8 16 60] resolve3 (let (a, _) = self in a) /\ resolve3 (let (_, a) = self in a) + val resolve1 (self : (int32, int32)) : bool + ensures { result = resolve1 self } + + use CreusotContracts_GhostPtr_GhostPtrTokenMut_Type as CreusotContracts_GhostPtr_GhostPtrTokenMut_Type + function fin0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val fin0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = fin0 self } + + function curr0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val curr0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = curr0 self } + + predicate resolve0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) = + [#"../../../../creusot-contracts/src/ghost_ptr.rs" 261 8 261 33] curr0 self = fin0 self + val resolve0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : bool + ensures { result = resolve0 self } + + use prelude.Int + function len0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : int + val len0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : int + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv3 self} + ensures { result = len0 self } + + axiom len0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv3 self) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 12 14 12 25] len0 self >= 0) + use map.Map + function make_sized0 (self : int32) : int32 + val make_sized0 (self : int32) : int32 + requires {[#"../../../../creusot-contracts/src/util.rs" 16 18 16 22] inv5 self} + ensures { result = make_sized0 self } + + axiom make_sized0_spec : forall self : int32 . ([#"../../../../creusot-contracts/src/util.rs" 16 18 16 22] inv5 self) -> ([#"../../../../creusot-contracts/src/util.rs" 16 4 16 39] inv0 (make_sized0 self)) && ([#"../../../../creusot-contracts/src/util.rs" 15 14 15 29] make_sized0 self = self) + function insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv3 self} + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv4 k} + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv5 v} + ensures { result = insert0 self k v } + + axiom insert0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr, v : int32 . ([#"../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv3 self) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv4 k) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv5 v) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 38 4 38 43] inv3 (insert0 self k v)) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 37 4 37 68] not contains0 self k -> len0 (insert0 self k v) = len0 self + 1) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 36 4 36 63] contains0 self k -> len0 (insert0 self k v) = len0 self) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 35 14 35 71] view0 (insert0 self k v) = Map.set (view0 self) k (Core_Option_Option_Type.C_Some (make_sized0 v))) + function remove0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val remove0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv3 self} + requires {[#"../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv4 k} + ensures { result = remove0 self k } + + axiom remove0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr . ([#"../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv3 self) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv4 k) -> ([#"../../../../creusot-contracts/src/logic/fmap.rs" 47 4 47 37] inv3 (remove0 self k)) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 46 14 46 84] len0 (remove0 self k) = (if contains0 self k then + len0 self - 1 + else + len0 self + )) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 45 14 45 55] view0 (remove0 self k) = Map.set (view0 self) k (Core_Option_Option_Type.C_None)) + val take_mut0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32)) (ptr : opaque_ptr) : borrowed int32 + requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 227 15 227 43] contains0 (curr0 ( * self)) ptr} + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 228 14 228 60] * result = lookup_unsized0 (curr0 ( * self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 229 14 229 58] curr0 ( ^ self) = remove0 (curr0 ( * self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 230 14 230 65] fin0 ( * self) = insert0 (fin0 ( ^ self)) ptr ( ^ result) } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 231 14 231 42] not contains0 (fin0 ( ^ self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 232 4 232 58] inv1 result } + + val borrow_mut0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32 + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 123 14 123 39] curr0 result = shallow_model0 ( * self) } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 124 14 124 38] fin0 result = shallow_model0 ( ^ self) } + + val ptr_from_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (val' : int32) : opaque_ptr + requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 71 35 71 38] inv0 val'} + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 67 4 67 42] not contains0 (shallow_model0 ( * self)) result } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 70 14 70 55] shallow_model0 ( ^ self) = insert0 (shallow_model0 ( * self)) result val' } + + use map.Const + function empty0 (_1 : ()) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + val empty0 (_1 : ()) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = empty0 _1 } + + axiom empty0_spec : forall _1 : () . ([#"../../../../creusot-contracts/src/logic/fmap.rs" 87 4 87 26] inv3 (empty0 _1)) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 86 14 86 49] view0 (empty0 _1) = Const.const (Core_Option_Option_Type.C_None)) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 85 14 85 31] len0 (empty0 _1) = 0) + val new0 (_1 : ()) : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32 + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 41 14 41 38] shallow_model0 result = empty0 () } + + let constant promoted0 [#"../ghost_ptr_token.rs" 3 0 3 13] : int32 = [@vc:do_not_keep_trace] [@vc:sp] + let _1 = [#"../ghost_ptr_token.rs" 17 40 17 41] [#"../ghost_ptr_token.rs" 17 40 17 41] (1 : int32) in let _0 = _1 in _0 + let constant promoted1 [#"../ghost_ptr_token.rs" 3 0 3 13] : int32 = [@vc:do_not_keep_trace] [@vc:sp] + let _1 = [#"../ghost_ptr_token.rs" 16 40 16 41] [#"../ghost_ptr_token.rs" 16 40 16 41] (2 : int32) in let _0 = _1 in _0 + let constant promoted2 [#"../ghost_ptr_token.rs" 3 0 3 13] : int32 = [@vc:do_not_keep_trace] [@vc:sp] + let _1 = [#"../ghost_ptr_token.rs" 13 20 13 21] [#"../ghost_ptr_token.rs" 13 20 13 21] (2 : int32) in let _0 = _1 in _0 + let constant promoted3 [#"../ghost_ptr_token.rs" 3 0 3 13] : int32 = [@vc:do_not_keep_trace] [@vc:sp] + let _1 = [#"../ghost_ptr_token.rs" 12 20 12 21] [#"../ghost_ptr_token.rs" 12 20 12 21] (1 : int32) in let _0 = _1 in _0 + let rec cfg test [#"../ghost_ptr_token.rs" 3 0 3 13] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () + = [@vc:do_not_keep_trace] [@vc:sp] + var _0 : (); + var token : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32; + var ptr1 : opaque_ptr; + var _3 : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + var ptr2 : opaque_ptr; + var _6 : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + var token_mut : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32; + var _9 : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + var m1 : borrowed int32; + var _11 : borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32); + var m2 : borrowed int32; + var _14 : borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32); + var _17 : (int32, int32); + var left_val : int32; + var right_val : int32; + var kind : Core_Panicking_AssertKind_Type.t_assertkind; + var _32 : int32; + var _34 : int32; + var _37 : (int32, int32); + var left_val1 : int32; + var right_val1 : int32; + var kind1 : Core_Panicking_AssertKind_Type.t_assertkind; + var _52 : int32; + var _54 : int32; + var _56 : (); + var _57 : borrowed int32; + var _58 : borrowed int32; + var _60 : (int32, int32); + var _62 : int32; + var left_val2 : int32; + var right_val2 : int32; + var kind2 : Core_Panicking_AssertKind_Type.t_assertkind; + var _78 : int32; + var _80 : int32; + var _83 : (int32, int32); + var _85 : int32; + var left_val3 : int32; + var right_val3 : int32; + var kind3 : Core_Panicking_AssertKind_Type.t_assertkind; + var _101 : int32; + var _103 : int32; + var _105 : int32; + var _106 : int32; + var _107 : int32; + var _108 : int32; + { + goto BB0 + } + BB0 { + [#"../ghost_ptr_token.rs" 4 20 4 40] token <- ([#"../ghost_ptr_token.rs" 4 20 4 40] new0 ()); + goto BB1 + } + BB1 { + [#"../ghost_ptr_token.rs" 5 15 5 46] _3 <- Borrow.borrow_mut token; + [#"../ghost_ptr_token.rs" 5 15 5 46] token <- ^ _3; + goto BB2 + } + BB2 { + [#"../ghost_ptr_token.rs" 5 15 5 46] ptr1 <- ([#"../ghost_ptr_token.rs" 5 15 5 46] ptr_from_box0 _3 ([#"../ghost_ptr_token.rs" 5 43 5 44] [#"../ghost_ptr_token.rs" 5 43 5 44] (1 : int32))); + _3 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + goto BB3 + } + BB3 { + [#"../ghost_ptr_token.rs" 6 15 6 46] _6 <- Borrow.borrow_mut token; + [#"../ghost_ptr_token.rs" 6 15 6 46] token <- ^ _6; + goto BB4 + } + BB4 { + [#"../ghost_ptr_token.rs" 6 15 6 46] ptr2 <- ([#"../ghost_ptr_token.rs" 6 15 6 46] ptr_from_box0 _6 ([#"../ghost_ptr_token.rs" 6 43 6 44] [#"../ghost_ptr_token.rs" 6 43 6 44] (2 : int32))); + _6 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + goto BB5 + } + BB5 { + [#"../ghost_ptr_token.rs" 8 24 8 42] _9 <- Borrow.borrow_mut token; + [#"../ghost_ptr_token.rs" 8 24 8 42] token <- ^ _9; + [#"../ghost_ptr_token.rs" 8 24 8 42] token_mut <- ([#"../ghost_ptr_token.rs" 8 24 8 42] borrow_mut0 _9); + _9 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + goto BB6 + } + BB6 { + [#"../ghost_ptr_token.rs" 9 13 9 37] _11 <- Borrow.borrow_mut token_mut; + [#"../ghost_ptr_token.rs" 9 13 9 37] token_mut <- ^ _11; + [#"../ghost_ptr_token.rs" 9 13 9 37] m1 <- ([#"../ghost_ptr_token.rs" 9 13 9 37] take_mut0 _11 ([#"../ghost_ptr_token.rs" 9 32 9 36] ptr1)); + _11 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32); + goto BB7 + } + BB7 { + [#"../ghost_ptr_token.rs" 10 13 10 37] _14 <- Borrow.borrow_mut token_mut; + [#"../ghost_ptr_token.rs" 10 13 10 37] token_mut <- ^ _14; + [#"../ghost_ptr_token.rs" 10 13 10 37] m2 <- ([#"../ghost_ptr_token.rs" 10 13 10 37] take_mut0 _14 ([#"../ghost_ptr_token.rs" 10 32 10 36] ptr2)); + _14 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32); + goto BB8 + } + BB8 { + assume { resolve0 token_mut }; + _108 <- promoted3; + _17 <- ( * m1, _108); + left_val <- (let (a, _) = _17 in a); + right_val <- (let (_, a) = _17 in a); + assume { resolve1 _17 }; + switch (not left_val = right_val) + | False -> goto BB10 + | True -> goto BB9 + end + } + BB9 { + assume { resolve2 m2 }; + kind <- Core_Panicking_AssertKind_Type.C_Eq; + _32 <- left_val; + _34 <- right_val; + assert { false }; + absurd + } + BB10 { + _107 <- promoted2; + _37 <- ( * m2, _107); + left_val1 <- (let (a, _) = _37 in a); + right_val1 <- (let (_, a) = _37 in a); + assume { resolve1 _37 }; + switch (not left_val1 = right_val1) + | False -> goto BB12 + | True -> goto BB11 + end + } + BB11 { + assume { resolve2 m1 }; + kind1 <- Core_Panicking_AssertKind_Type.C_Eq; + _52 <- left_val1; + _54 <- right_val1; + assert { false }; + absurd + } + BB12 { + [#"../ghost_ptr_token.rs" 15 20 15 22] _57 <- Borrow.borrow_mut ( * m1); + [#"../ghost_ptr_token.rs" 15 20 15 22] m1 <- { m1 with current = ^ _57 }; + [#"../ghost_ptr_token.rs" 15 24 15 26] _58 <- Borrow.borrow_mut ( * m2); + [#"../ghost_ptr_token.rs" 15 24 15 26] m2 <- { m2 with current = ^ _58 }; + [#"../ghost_ptr_token.rs" 15 4 15 27] _56 <- ([#"../ghost_ptr_token.rs" 15 4 15 27] swap0 _57 _58); + _57 <- any borrowed int32; + _58 <- any borrowed int32; + goto BB13 + } + BB13 { + assume { resolve2 m2 }; + assume { resolve2 m1 }; + [#"../ghost_ptr_token.rs" 16 16 16 38] _62 <- ([#"../ghost_ptr_token.rs" 16 16 16 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 16 16 16 38] token) ([#"../ghost_ptr_token.rs" 16 33 16 37] ptr1)); + goto BB14 + } + BB14 { + _106 <- promoted1; + _60 <- (_62, _106); + left_val2 <- (let (a, _) = _60 in a); + right_val2 <- (let (_, a) = _60 in a); + assume { resolve1 _60 }; + switch (not left_val2 = right_val2) + | False -> goto BB16 + | True -> goto BB15 + end + } + BB15 { + kind2 <- Core_Panicking_AssertKind_Type.C_Eq; + _78 <- left_val2; + _80 <- right_val2; + assert { false }; + absurd + } + BB16 { + [#"../ghost_ptr_token.rs" 17 16 17 38] _85 <- ([#"../ghost_ptr_token.rs" 17 16 17 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 17 16 17 38] token) ([#"../ghost_ptr_token.rs" 17 33 17 37] ptr2)); + goto BB17 + } + BB17 { + _105 <- promoted0; + _83 <- (_85, _105); + left_val3 <- (let (a, _) = _83 in a); + right_val3 <- (let (_, a) = _83 in a); + assume { resolve1 _83 }; + switch (not left_val3 = right_val3) + | False -> goto BB19 + | True -> goto BB18 + end + } + BB18 { + kind3 <- Core_Panicking_AssertKind_Type.C_Eq; + _101 <- left_val3; + _103 <- right_val3; + assert { false }; + absurd + } + BB19 { + [#"../ghost_ptr_token.rs" 3 14 18 1] _0 <- ([#"../ghost_ptr_token.rs" 3 14 18 1] ()); + return _0 + } + +end diff --git a/creusot/tests/should_succeed/ghost_ptr_token.rs b/creusot/tests/should_succeed/ghost_ptr_token.rs new file mode 100644 index 0000000000..eb91e8f54b --- /dev/null +++ b/creusot/tests/should_succeed/ghost_ptr_token.rs @@ -0,0 +1,18 @@ +extern crate creusot_contracts; +use creusot_contracts::ghost_ptr::GhostPtrToken; +pub fn test() { + let mut token = GhostPtrToken::new(); + let ptr1 = token.ptr_from_box(Box::new(1)); + let ptr2 = token.ptr_from_box(Box::new(2)); + + let mut token_mut = token.borrow_mut(); + let m1 = token_mut.take_mut(ptr1); + let m2 = token_mut.take_mut(ptr2); + + assert_eq!(*m1, 1); + assert_eq!(*m2, 2); + + core::mem::swap(m1, m2); + assert_eq!(*token.ptr_as_ref(ptr1), 2); + assert_eq!(*token.ptr_as_ref(ptr2), 1); +} From 4dfcc6cdf61962752c933d43aaa3bcd79e8f45d7 Mon Sep 17 00:00:00 2001 From: dewert99 Date: Sat, 27 Jan 2024 10:44:45 -0800 Subject: [PATCH 05/66] rename `curr` to `cur` --- creusot-contracts/src/ghost_ptr.rs | 22 +++++++++---------- .../should_succeed/ghost_ptr_token.mlcfg | 16 +++++++------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/creusot-contracts/src/ghost_ptr.rs b/creusot-contracts/src/ghost_ptr.rs index c2b8b8a09e..61058aed31 100644 --- a/creusot-contracts/src/ghost_ptr.rs +++ b/creusot-contracts/src/ghost_ptr.rs @@ -120,7 +120,7 @@ impl GhostPtrToken { /// Convert a mutable reference in an equivalent ZST #[trusted] - #[ensures(result.curr() == (*self)@)] + #[ensures(result.cur() == (*self)@)] #[ensures(result.fin() == (^self)@)] pub fn borrow_mut(&mut self) -> GhostPtrTokenMut<'_, T> { GhostPtrTokenMut(PhantomData) @@ -181,7 +181,7 @@ impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { #[trusted] #[ghost] #[open(self)] - pub fn curr(self) -> FMap, T> { + pub fn cur(self) -> FMap, T> { absurd } @@ -192,8 +192,8 @@ impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { absurd } - #[ensures(self.fin() == self.curr())] - #[ensures(result@ == self.curr())] + #[ensures(self.fin() == self.cur())] + #[ensures(result@ == self.cur())] pub fn shr(self) -> GhostPtrTokenRef<'a, T> { GhostPtrTokenRef(PhantomData) } @@ -224,9 +224,9 @@ impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { // Safety no other token has permission to `self` // `self` can no longer be used to access `ptr` #[trusted] - #[requires((*self).curr().contains(ptr))] - #[ensures(*result == *(*self).curr().lookup_unsized(ptr))] - #[ensures((^self).curr() == (*self).curr().remove(ptr))] + #[requires((*self).cur().contains(ptr))] + #[ensures(*result == *(*self).cur().lookup_unsized(ptr))] + #[ensures((^self).cur() == (*self).cur().remove(ptr))] #[ensures((*self).fin() == (^self).fin().insert(ptr, ^result))] #[ensures(!(^self).fin().contains(ptr))] pub fn take_mut(&mut self, ptr: *const T) -> &'a mut T { @@ -238,7 +238,7 @@ impl<'a, T> Deref for GhostPtrTokenMut<'a, T> { type Target = GhostPtrToken; #[trusted] - #[ensures(result@ == self.curr())] + #[ensures(result@ == self.cur())] fn deref(&self) -> &Self::Target { &GhostPtrToken(PhantomData) } @@ -246,8 +246,8 @@ impl<'a, T> Deref for GhostPtrTokenMut<'a, T> { impl<'a, T> DerefMut for GhostPtrTokenMut<'a, T> { #[trusted] - #[ensures((*result)@ == (*self).curr())] - #[ensures((^self).curr() == (^result)@)] + #[ensures((*result)@ == (*self).cur())] + #[ensures((^self).cur() == (^result)@)] fn deref_mut(&mut self) -> &mut Self::Target { Box::leak(Box::new(GhostPtrToken(PhantomData))) } @@ -258,7 +258,7 @@ impl<'a, T> Resolve for GhostPtrTokenMut<'a, T> { #[predicate] #[open] fn resolve(self) -> bool { - self.curr() == self.fin() + self.cur() == self.fin() } } diff --git a/creusot/tests/should_succeed/ghost_ptr_token.mlcfg b/creusot/tests/should_succeed/ghost_ptr_token.mlcfg index 17e01fea41..c32dc89e82 100644 --- a/creusot/tests/should_succeed/ghost_ptr_token.mlcfg +++ b/creusot/tests/should_succeed/ghost_ptr_token.mlcfg @@ -232,13 +232,13 @@ module GhostPtrToken_Test val fin0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 ensures { result = fin0 self } - function curr0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + function cur0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 - val curr0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 - ensures { result = curr0 self } + val cur0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = cur0 self } predicate resolve0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) = - [#"../../../../creusot-contracts/src/ghost_ptr.rs" 261 8 261 33] curr0 self = fin0 self + [#"../../../../creusot-contracts/src/ghost_ptr.rs" 261 8 261 32] cur0 self = fin0 self val resolve0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : bool ensures { result = resolve0 self } @@ -278,15 +278,15 @@ module GhostPtrToken_Test len0 self )) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 45 14 45 55] view0 (remove0 self k) = Map.set (view0 self) k (Core_Option_Option_Type.C_None)) val take_mut0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32)) (ptr : opaque_ptr) : borrowed int32 - requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 227 15 227 43] contains0 (curr0 ( * self)) ptr} - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 228 14 228 60] * result = lookup_unsized0 (curr0 ( * self)) ptr } - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 229 14 229 58] curr0 ( ^ self) = remove0 (curr0 ( * self)) ptr } + requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 227 15 227 42] contains0 (cur0 ( * self)) ptr} + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 228 14 228 59] * result = lookup_unsized0 (cur0 ( * self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 229 14 229 56] cur0 ( ^ self) = remove0 (cur0 ( * self)) ptr } ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 230 14 230 65] fin0 ( * self) = insert0 (fin0 ( ^ self)) ptr ( ^ result) } ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 231 14 231 42] not contains0 (fin0 ( ^ self)) ptr } ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 232 4 232 58] inv1 result } val borrow_mut0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32 - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 123 14 123 39] curr0 result = shallow_model0 ( * self) } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 123 14 123 38] cur0 result = shallow_model0 ( * self) } ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 124 14 124 38] fin0 result = shallow_model0 ( ^ self) } val ptr_from_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (val' : int32) : opaque_ptr From cafe0b0ded4d80ec095c719c5e6e21048f4c374c Mon Sep 17 00:00:00 2001 From: Dominik Stolz Date: Wed, 14 Feb 2024 19:58:32 +0100 Subject: [PATCH 06/66] Add a chapter on type invariants to the guide --- guide/src/type_invariants.md | 91 ++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 guide/src/type_invariants.md diff --git a/guide/src/type_invariants.md b/guide/src/type_invariants.md new file mode 100644 index 0000000000..617b9d5909 --- /dev/null +++ b/guide/src/type_invariants.md @@ -0,0 +1,91 @@ +# Type Invariants + +## Overview + +Defining a type invariant allows you to constrain a data type's set of valid values with a logical predicate that all values must satisfy. +During verification, Creusot enforces that all type invariants are preserved across functions. +Inside a function, values subject to type invariants may temporarily break their invariants as long as each value's invariant is restored before the value can be observed by another function. + + +## Defining Type Invariants + +To attach an invariant to a type, you implement the `Invariant` trait provided by Creusot. +Here is an example: + +```rust +struct SumTo10 { + a: i32, + b: i32, +} + +// The type invariant constrains the set of valid `SumTo10`s to +// only allow values where the sum of both fields is equal to 10. +impl Invariant for SumTo10 { + #[predicate] + fn invariant(self) -> bool { + pearlite! { + self.a@ + self.b@ == 10 + } + } +} +``` + +## Enforcement of Type Invariants + +Creusot enforces type invariants on function boundaries by generating additional pre- and postconditions based on the types of a function's arguments and return value. +The type invariants of a function’s arguments are treated as additional preconditions and a type invariant of the return value corresponds to an extra postcondition. +Here is an example: + +```rust +// `inv` generically refers to the invariant of some value +#[requires(inv(x))] // generated by Creusot +#[ensures(inv(result))] // generated by Creusot +fn foo(x: SumTo10) -> SumTo10 { + x +} +``` + +These generated pre- and postconditions require you to prove the invariants of any values used as arguments in function calls or returned values. +Besides the proof obligations at function boundaries, you must also prove the type invariants of mutably borrowed values when the lifetimes of the created references end. +When creating a mutable reference `r`, Creusot requires you to prove the type invariant of its current value at the end of `r`'s lifetime, since `r` might have been used to break the invariant of the borrowed value. +This lets Creusot assume the invariant of the final value `^r` holds, simplifying the reasoning about mutable references. +Here is an example: + +```rust +fn swap() { + let mut s = SumTo10 { a: 3, b: 7 } + let r = &mut s; + // Creusot can prophetically assume inv(^r) holds: + proof_assert! { inv(^r) }; + + let tmp = r.a; + *r.a = r.b; + *r.b = tmp; + // The lifetime of r ends: We must prove inv(*r) + + proof_assert! { inv(v) }; // provable since v = ^r = *r +} +``` + +## Structural Invariants + +To determine the invariant of a particular type, Creusot considers both whether the user provided an explicit definition through the `Invariant` trait, as well as any invariants the can be derived automatically based on the type's definition. +We call those automatically derived invariants *structural invariants*. +When neither an explicit definition exists, nor a structural invariant, the type has the *trivial* invariant, which does not impose any constraints on the set of valid values. + +Here are some examples demonstrating structural invariants of various types: + +| Type of `x` | Invariant `inv(x)` | +|-------------|--------------------| +| `bool, u8, i32, ...` | `true` | +| `&mut Foo` | `inv(*x) && inv(^x)` | +| `&Foo` | `inv(*x)` | +| `Box` | `inv(*x)` | +| `*const Foo, *mut Foo` | `true` | +| `(Foo, Bar)` | `inv(x.0) && inv(x.1)` | +| `struct Foo { f: Bar }` | `inv(x.f)` | +| `enum Foo { A(Bar), B(Baz) }` | `match x { A(y) => inv(y), B(z) => inv(z) }` | +| `Vec` | `inv(x[0]) && ... && inv(x[x.len()-1])` | + + + From 4c21d0a0955f5ed26681e9849ad4a35b2fd9760e Mon Sep 17 00:00:00 2001 From: Dominik Stolz Date: Thu, 15 Feb 2024 11:39:21 +0100 Subject: [PATCH 07/66] Add link to thesis --- guide/src/type_invariants.md | 1 + 1 file changed, 1 insertion(+) diff --git a/guide/src/type_invariants.md b/guide/src/type_invariants.md index 617b9d5909..34f5d8267f 100644 --- a/guide/src/type_invariants.md +++ b/guide/src/type_invariants.md @@ -6,6 +6,7 @@ Defining a type invariant allows you to constrain a data type's set of valid val During verification, Creusot enforces that all type invariants are preserved across functions. Inside a function, values subject to type invariants may temporarily break their invariants as long as each value's invariant is restored before the value can be observed by another function. +Type invariant were added to Creusot as part of a Master's thesis available [here](https://mediatum.ub.tum.de/1726472). ## Defining Type Invariants From 9f6cc8da0a99a2cade6510e20f03748001090211 Mon Sep 17 00:00:00 2001 From: Dominik Stolz Date: Thu, 15 Feb 2024 11:40:42 +0100 Subject: [PATCH 08/66] Typo --- guide/src/type_invariants.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guide/src/type_invariants.md b/guide/src/type_invariants.md index 34f5d8267f..84fd070cac 100644 --- a/guide/src/type_invariants.md +++ b/guide/src/type_invariants.md @@ -6,7 +6,7 @@ Defining a type invariant allows you to constrain a data type's set of valid val During verification, Creusot enforces that all type invariants are preserved across functions. Inside a function, values subject to type invariants may temporarily break their invariants as long as each value's invariant is restored before the value can be observed by another function. -Type invariant were added to Creusot as part of a Master's thesis available [here](https://mediatum.ub.tum.de/1726472). +Type invariants were added to Creusot as part of a Master's thesis available [here](https://mediatum.ub.tum.de/1726472). ## Defining Type Invariants From 38a270208e90864e31eeed7e7f667c332c7d3ba6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arma=C3=ABl=20Gu=C3=A9neau?= Date: Mon, 19 Feb 2024 20:40:34 +0100 Subject: [PATCH 09/66] fix: why3 version check was only comparing the first 2 numbers --- creusot-rustc/src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/creusot-rustc/src/main.rs b/creusot-rustc/src/main.rs index 7baa67ec1f..f1a59a1a87 100644 --- a/creusot-rustc/src/main.rs +++ b/creusot-rustc/src/main.rs @@ -87,7 +87,7 @@ fn setup_plugin() { if creusot.check_why3 { if let Some(why3_vers) = why3_version() { let parts: Vec<_> = why3_vers.split(|c| c == '.' || c == '+').collect(); - if &parts[..2] < WHY3_VERSION { + if &parts[..3] < WHY3_VERSION { emit_warning(format!( "the recommended version of why3 is at least {} (installed: {why3_vers})", WHY3_VERSION.join(".") From 5b709198e0900724c2b46660c7e1841c846596eb Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Mon, 19 Feb 2024 14:27:45 +0100 Subject: [PATCH 10/66] initial coma AST --- why3/src/coma.rs | 87 ++++++++++++++++++++++++++++++++++++++++++++++++ why3/src/lib.rs | 3 ++ 2 files changed, 90 insertions(+) create mode 100644 why3/src/coma.rs diff --git a/why3/src/coma.rs b/why3/src/coma.rs new file mode 100644 index 0000000000..588e81f113 --- /dev/null +++ b/why3/src/coma.rs @@ -0,0 +1,87 @@ +use crate::{declaration::Use, ty::Type, Ident}; + +type Term = crate::Exp; + +/// The Coma Intermediate Verification Language +/// +/// This language is developed by Paul Patault, Andrei Paskeivich and Jean-Christophe Filiatre. +/// In this module is a complete, faithful ast and pretty printer for Coma. +/// +/// TODO: Document Coma and its motivation +/// +/// Notable points +/// +/// 1. Higher order functional language that always generates first-order VCs +/// 2. User level control on transparency of functions +/// 3. CPS structure + +pub enum Expr { + /// Variables eg: `x` + Symbol(Ident), + /// Generic application for type lambdas, terms, references and continuations + /// e ... t... | e... + App(Box, Box), + /// Functions, used for anonymous closures + /// fun pl -> e + Lambda(Vec, Box), + /// Handler group definitions, binds a set of (mutually recursive) handlers + /// Can be read as a "where" clause in haskell. + // + /// e / rec? h p e and ... + Defn(Box, bool, Vec), + /// Similarly to handlers, the assignment should be read "backwards", the expression happens in a context where + /// the identifiers have been updated + Assign(Box, Vec<(Ident, Term)>), + /// Let binding, introduces a new lexical scope. + Let(Box, Vec), + /// Asserts that the term holds before evaluating the expression + Assert(Box, Box), + /// The core operator of coma is the "black box" or *abstraction barrier* operator. + /// This operator distinguishes the responsibility between the caller and callee for + /// verification. Everything under an abstraction is opaque to the outside world, whereas from the inside, + /// we can suppose than any surrounding assertions hold. + // + /// TODO: Write a more intuitive explanaitio + // + /// ! e + BlackBox(Box), + /// Good question... + WhiteBox(Box), + /// A non-deterministic value + Any, +} + +/// TODO: what is the bool? +pub struct Var(Ident, Term, Type, bool); + +/// Parameter declarations +pub enum Param { + Ty(Type), + Term(Ident, Type), + Region(Ident, Type), + Cont(Ident, Vec, Vec), +} + +pub enum Arg { + Ty(Type), + Term(Term), + Ref(Ident), + Cont(Expr), +} + +pub struct Defn { + pub name: Ident, + pub writes: Vec, + pub params: Vec, + pub body: Expr, +} + +pub enum Decl { + /// Coma definitions + Defn(Vec), + /// Escape hatch for type declarations, predicates etc... + PureDecl(crate::declaration::Decl), + Use(Use), +} + +pub struct Module(pub Vec); diff --git a/why3/src/lib.rs b/why3/src/lib.rs index 7e17f3eee3..7972597489 100644 --- a/why3/src/lib.rs +++ b/why3/src/lib.rs @@ -6,6 +6,9 @@ pub mod mlcfg; pub mod name; pub mod ty; +// Coma IR +pub mod coma; + pub use exp::Exp; pub use mlcfg::printer::Print; pub use name::*; From 3fbeaf52da7d67dcaec29edc1890c8d20448dee4 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Tue, 20 Feb 2024 16:50:32 +0100 Subject: [PATCH 11/66] Add a coma pretty printer --- Cargo.lock | 271 ++++++++++++++-- creusot/src/translation.rs | 4 +- why3/Cargo.toml | 7 +- why3/src/ce_models.rs | 195 ++++++----- why3/src/coma.rs | 209 +++++++++++- why3/src/mlcfg/printer.rs | 642 ++++++++++++++----------------------- 6 files changed, 799 insertions(+), 529 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7f1320bf60..82a61e7c36 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -92,12 +92,33 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "bit-set" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1" +dependencies = [ + "bit-vec", +] + +[[package]] +name = "bit-vec" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" + [[package]] name = "bitflags" version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitflags" +version = "2.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed570934406eb16438a4e976b1b4500774099c13b8cb96eec99f620f05090ddf" + [[package]] name = "bstr" version = "0.2.17" @@ -154,7 +175,7 @@ checksum = "0fdc5d93c358224b4d6867ef1356d740de2303e9892edc06c5340daeccd96bab" dependencies = [ "anstream", "anstyle", - "bitflags", + "bitflags 1.3.2", "clap_lex", "strsim", ] @@ -315,23 +336,12 @@ dependencies = [ [[package]] name = "errno" -version = "0.3.1" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a" +checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" dependencies = [ - "errno-dragonfly", - "libc", - "windows-sys 0.48.0", -] - -[[package]] -name = "errno-dragonfly" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" -dependencies = [ - "cc", "libc", + "windows-sys 0.52.0", ] [[package]] @@ -346,12 +356,24 @@ dependencies = [ "serde_json", ] +[[package]] +name = "fastrand" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" + [[package]] name = "fixedbitset" version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + [[package]] name = "form_urlencoded" version = "1.1.0" @@ -384,7 +406,7 @@ version = "0.14.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d0155506aab710a86160ddb504a480d2964d7ab5b9e62419be69e0032bc5931c" dependencies = [ - "bitflags", + "bitflags 1.3.2", "libc", "libgit2-sys", "log", @@ -495,7 +517,7 @@ checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f" dependencies = [ "hermit-abi", "io-lifetimes", - "rustix", + "rustix 0.37.18", "windows-sys 0.48.0", ] @@ -531,9 +553,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.142" +version = "0.2.153" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a987beff54b60ffa6d51982e1aa1146bc42f19bd26be28b0586f252fccf5317" +checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd" [[package]] name = "libgit2-sys" @@ -549,6 +571,12 @@ dependencies = [ "pkg-config", ] +[[package]] +name = "libm" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" + [[package]] name = "libssh2-sys" version = "0.2.23" @@ -587,6 +615,12 @@ version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b64f40e5e03e0d54f03845c8197d0291253cdbedfb1cb46b13c2c117554a9f4c" +[[package]] +name = "linux-raw-sys" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c" + [[package]] name = "log" version = "0.4.17" @@ -699,6 +733,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" dependencies = [ "autocfg", + "libm", ] [[package]] @@ -758,6 +793,12 @@ version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + [[package]] name = "predicates" version = "2.1.5" @@ -806,6 +847,32 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "proptest" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31b476131c3c86cb68032fdc5cb6d5a1045e3e42d96b69fa599fd77701e1f5bf" +dependencies = [ + "bit-set", + "bit-vec", + "bitflags 2.4.2", + "lazy_static", + "num-traits", + "rand 0.8.5", + "rand_chacha", + "rand_xorshift", + "regex-syntax 0.8.2", + "rusty-fork", + "tempfile", + "unarray", +] + +[[package]] +name = "quick-error" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" + [[package]] name = "quote" version = "1.0.35" @@ -828,6 +895,27 @@ dependencies = [ "winapi", ] +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core 0.6.4", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core 0.6.4", +] + [[package]] name = "rand_core" version = "0.3.1" @@ -843,6 +931,24 @@ version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "rand_xorshift" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d25bf25ec5ae4a3f1b92f929810509a2f53d7dca2f50b794ff57e3face536c8f" +dependencies = [ + "rand_core 0.6.4", +] + [[package]] name = "rdrand" version = "0.4.0" @@ -880,7 +986,7 @@ checksum = "af83e617f331cc6ae2da5443c602dfa5af81e517212d9d611a5b3ba1777b5370" dependencies = [ "aho-corasick", "memchr", - "regex-syntax", + "regex-syntax 0.7.1", ] [[package]] @@ -895,6 +1001,12 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a5996294f19bd3aae0453a862ad728f60e6600695733dd5df01da90c54363a3c" +[[package]] +name = "regex-syntax" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" + [[package]] name = "remove_dir_all" version = "0.5.3" @@ -919,14 +1031,39 @@ version = "0.37.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8bbfc1d1c7c40c01715f47d71444744a81669ca84e8b63e25a55e169b1f86433" dependencies = [ - "bitflags", + "bitflags 1.3.2", "errno", "io-lifetimes", "libc", - "linux-raw-sys", + "linux-raw-sys 0.3.6", "windows-sys 0.48.0", ] +[[package]] +name = "rustix" +version = "0.38.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ea3e1a662af26cd7a3ba09c0297a31af215563ecf42817c98df621387f4e949" +dependencies = [ + "bitflags 2.4.2", + "errno", + "libc", + "linux-raw-sys 0.4.13", + "windows-sys 0.52.0", +] + +[[package]] +name = "rusty-fork" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb3dcc6e454c328bb824492db107ab7c0ae8fcffe4ad210136ef014458c1bc4f" +dependencies = [ + "fnv", + "quick-error", + "tempfile", + "wait-timeout", +] + [[package]] name = "ryu" version = "1.0.13" @@ -993,10 +1130,22 @@ version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "15f2b5fb00ccdf689e0149d1b1b3c03fead81c2b37735d812fa8bddbbf41b6d8" dependencies = [ - "rand", + "rand 0.4.6", "remove_dir_all", ] +[[package]] +name = "tempfile" +version = "3.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a365e8cd18e44762ef95d87f284f4b5cd04107fec2ff3052bd6a3e6069669e67" +dependencies = [ + "cfg-if", + "fastrand", + "rustix 0.38.31", + "windows-sys 0.52.0", +] + [[package]] name = "termcolor" version = "1.2.0" @@ -1042,6 +1191,12 @@ version = "2.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6af6ae20167a9ece4bcb41af5b80f8a1f1df981f6391189ce00fd257af04126a" +[[package]] +name = "unarray" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eaea85b334db583fe3274d12b4cd1880032beab409c0d774be044d4480ab9a94" + [[package]] name = "unicode-bidi" version = "0.3.13" @@ -1124,8 +1279,10 @@ dependencies = [ "itertools", "num", "pretty", + "proptest", "serde", "serde_json", + "tempfile", ] [[package]] @@ -1192,7 +1349,16 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets", + "windows-targets 0.48.0", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.0", ] [[package]] @@ -1210,6 +1376,21 @@ dependencies = [ "windows_x86_64_msvc 0.48.0", ] +[[package]] +name = "windows-targets" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +dependencies = [ + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", +] + [[package]] name = "windows_aarch64_gnullvm" version = "0.42.2" @@ -1222,6 +1403,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "91ae572e1b79dba883e0d315474df7305d12f569b400fcf90581b06062f7e1bc" +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" + [[package]] name = "windows_aarch64_msvc" version = "0.42.2" @@ -1234,6 +1421,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b2ef27e0d7bdfcfc7b868b317c1d32c641a6fe4629c171b8928c7b08d98d7cf3" +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" + [[package]] name = "windows_i686_gnu" version = "0.42.2" @@ -1246,6 +1439,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "622a1962a7db830d6fd0a69683c80a18fda201879f0f447f065a3b7467daa241" +[[package]] +name = "windows_i686_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" + [[package]] name = "windows_i686_msvc" version = "0.42.2" @@ -1258,6 +1457,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4542c6e364ce21bf45d69fdd2a8e455fa38d316158cfd43b3ac1c5b1b19f8e00" +[[package]] +name = "windows_i686_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" + [[package]] name = "windows_x86_64_gnu" version = "0.42.2" @@ -1270,6 +1475,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca2b8a661f7628cbd23440e50b05d705db3686f894fc9580820623656af974b1" +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" + [[package]] name = "windows_x86_64_gnullvm" version = "0.42.2" @@ -1282,6 +1493,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" + [[package]] name = "windows_x86_64_msvc" version = "0.42.2" @@ -1294,6 +1511,12 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" + [[package]] name = "xmlparser" version = "0.13.5" diff --git a/creusot/src/translation.rs b/creusot/src/translation.rs index 74b7e8e2ea..2c5c35eb61 100644 --- a/creusot/src/translation.rs +++ b/creusot/src/translation.rs @@ -236,12 +236,12 @@ fn print_crate>( where W: Write, { - let (alloc, mut pe) = mlcfg::printer::PrintEnv::new(); + let alloc = mlcfg::printer::ALLOC; writeln!(out)?; for modl in functions { - modl.pretty(&alloc, &mut pe).1.render(120, out)?; + modl.pretty(&alloc).1.render(120, out)?; writeln!(out)?; } diff --git a/why3/Cargo.toml b/why3/Cargo.toml index 3e73331ff6..ec6774f34c 100644 --- a/why3/Cargo.toml +++ b/why3/Cargo.toml @@ -14,6 +14,11 @@ indexmap = "1.2.0" serde = { version = "1.0", optional = true, features = ["derive"] } num = "*" serde_json = "1.0.107" -[features] +[dev-dependencies] +proptest= "1.4.0" +tempfile="3.10.0" + + +[features] serialize = ["serde"] diff --git a/why3/src/ce_models.rs b/why3/src/ce_models.rs index a6e085ee32..077ff7e9cd 100644 --- a/why3/src/ce_models.rs +++ b/why3/src/ce_models.rs @@ -1,17 +1,18 @@ +#[cfg(feature = "serde")] use serde::Deserialize; use serde_json::Value as Json; use std::fmt::{Debug, Formatter}; -#[derive(Deserialize)] -#[serde(untagged)] +#[cfg_attr(feature = "serde", derive(Deserialize))] +#[cfg_attr(feature = "serde", serde(untagged))] pub enum Loc { Span(Why3Span), Other(Json), } #[allow(dead_code)] -#[derive(Deserialize)] -#[serde(rename_all = "kebab-case")] +#[cfg_attr(feature = "serde", derive(Deserialize))] +#[cfg_attr(feature = "serde", serde(rename_all = "kebab-case"))] pub struct Why3Span { pub file_name: String, pub start_line: u32, @@ -31,41 +32,47 @@ impl Debug for Loc { } } -#[derive(Deserialize, Debug)] -#[serde(untagged)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] +#[cfg_attr(feature = "serde", serde(untagged))] pub enum Fallible { Ok(T), Err(Json), } -#[derive(Deserialize, Debug)] -#[serde(untagged)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] +#[cfg_attr(feature = "serde", serde(untagged))] pub enum Model { Model { answer: String, model: Vec> }, Unknown(Json), } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct Model2 { pub filename: String, pub model: Vec>, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct Model3 { pub is_vc_line: bool, pub line: String, pub model_elements: Vec>, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct LSymbol { pub name: String, pub attrs: Vec, pub loc: Loc, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct ModelElem { pub attrs: Vec, pub kind: String, @@ -74,20 +81,21 @@ pub struct ModelElem { pub value: Value, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct Value { pub value_concrete_term: ConcreteTerm, pub value_term: Term, pub value_type: Type, } -#[derive(Deserialize)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub enum Type { - #[serde(rename = "Tyvar")] + #[cfg_attr(feature = "serde", serde(rename = "Tyvar"))] Var(String), - #[serde(rename = "Tyapp")] + #[cfg_attr(feature = "serde", serde(rename = "Tyapp"))] App { ty_symbol: String, ty_args: Vec }, - #[serde(untagged)] + #[cfg_attr(feature = "serde", serde(untagged))] Unknown(Json), } @@ -107,102 +115,107 @@ impl Debug for Type { } } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct VSymbol { pub vs_name: String, pub vs_type: Type, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub enum TBool { - #[serde(rename = "Ttrue")] + #[cfg_attr(feature = "serde", serde(rename = "Ttrue"))] True, - #[serde(rename = "Tfalse")] + #[cfg_attr(feature = "serde", serde(rename = "Tfalse"))] False, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub enum Term { - #[serde(rename = "Tvar")] + #[cfg_attr(feature = "serde", serde(rename = "Tvar"))] Var(VSymbol), - #[serde(rename = "Tconst")] + #[cfg_attr(feature = "serde", serde(rename = "Tconst"))] Const { - #[serde(rename = "const_type")] + #[cfg_attr(feature = "serde", serde(rename = "const_type"))] ty: String, - #[serde(rename = "const_value")] + #[cfg_attr(feature = "serde", serde(rename = "const_value"))] val: String, }, - #[serde(rename = "Tapp")] + #[cfg_attr(feature = "serde", serde(rename = "Tapp"))] App { - #[serde(rename = "app_ls")] + #[cfg_attr(feature = "serde", serde(rename = "app_ls"))] ls: String, - #[serde(rename = "app_args")] + #[cfg_attr(feature = "serde", serde(rename = "app_args"))] args: Vec, }, - #[serde(rename = "Tif")] + #[cfg_attr(feature = "serde", serde(rename = "Tif"))] If { - #[serde(rename = "if")] + #[cfg_attr(feature = "serde", serde(rename = "if"))] ift: Box, then: Box, - #[serde(rename = "else")] + #[cfg_attr(feature = "serde", serde(rename = "else"))] elset: Box, }, - #[serde(rename = "Teps")] + #[cfg_attr(feature = "serde", serde(rename = "Teps"))] Eps { - #[serde(rename = "eps_vs")] + #[cfg_attr(feature = "serde", serde(rename = "eps_vs"))] vs: VSymbol, - #[serde(rename = "eps_t")] + #[cfg_attr(feature = "serde", serde(rename = "eps_t"))] t: Box, }, - #[serde(rename = "Tfun")] + #[cfg_attr(feature = "serde", serde(rename = "Tfun"))] Fun { - #[serde(rename = "fun_args")] + #[cfg_attr(feature = "serde", serde(rename = "fun_args"))] args: Vec, - #[serde(rename = "fun_body")] + #[cfg_attr(feature = "serde", serde(rename = "fun_body"))] body: Box, }, - #[serde(rename = "Tquant")] + #[cfg_attr(feature = "serde", serde(rename = "Tquant"))] Quant { quant: String, - #[serde(rename = "quant_vs")] + #[cfg_attr(feature = "serde", serde(rename = "quant_vs"))] vs: Vec, - #[serde(rename = "quant_t")] + #[cfg_attr(feature = "serde", serde(rename = "quant_t"))] t: Box, }, - #[serde(rename = "Tbinop")] + #[cfg_attr(feature = "serde", serde(rename = "Tbinop"))] Binop { binop: String, - #[serde(rename = "binop_t1")] + #[cfg_attr(feature = "serde", serde(rename = "binop_t1"))] t1: Box, - #[serde(rename = "binop_t2")] + #[cfg_attr(feature = "serde", serde(rename = "binop_t2"))] t2: Box, }, - #[serde(rename = "Tnot")] + #[cfg_attr(feature = "serde", serde(rename = "Tnot"))] Not(Box), - #[serde(rename = "Tlet")] + #[cfg_attr(feature = "serde", serde(rename = "Tlet"))] Let(String), - #[serde(rename = "Tcase")] + #[cfg_attr(feature = "serde", serde(rename = "Tcase"))] Case(String), - #[serde(untagged)] + #[cfg_attr(feature = "serde", serde(untagged))] Bool(TBool), - #[serde(untagged)] + #[cfg_attr(feature = "serde", serde(untagged))] Unknown(Json), } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct BitVector { pub bv_value_as_decimal: String, pub bv_length: u32, pub bv_verbatim: String, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct Real { pub real_value: String, pub real_verbatim: String, } -#[derive(Deserialize)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct Integer { pub int_value: String, pub int_verbatim: String, @@ -231,28 +244,31 @@ impl Debug for Integer { } } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub enum Float { Infinity, - #[serde(rename = "Plus_zero")] + #[cfg_attr(feature = "serde", serde(rename = "Plus_zero"))] PlusZero, - #[serde(rename = "Minus_zero")] + #[cfg_attr(feature = "serde", serde(rename = "Minus_zero"))] MinusZero, - #[serde(rename = "Float_value")] + #[cfg_attr(feature = "serde", serde(rename = "Float_value"))] Value { float_hex: String, }, } #[allow(dead_code)] -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct FunLitElt { pub indice: ConcreteTerm, pub value: ConcreteTerm, } -#[derive(Deserialize, Debug)] -#[serde(tag = "type", content = "val")] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] +#[cfg_attr(feature = "serde", serde(tag = "type", content = "val"))] pub enum ConcreteTerm { Var(String), Boolean(bool), @@ -261,92 +277,95 @@ pub enum ConcreteTerm { Real(Real), BitVector(BitVector), Fraction { - #[serde(rename = "frac_num")] + #[cfg_attr(feature = "serde", serde(rename = "frac_num"))] num: Real, - #[serde(rename = "frac_num")] + #[cfg_attr(feature = "serde", serde(rename = "frac_num"))] denom: Real, - #[serde(rename = "frac_verbatim")] + #[cfg_attr(feature = "serde", serde(rename = "frac_verbatim"))] verbatim: String, }, Float(Float), - #[serde(rename = "Apply")] + #[cfg_attr(feature = "serde", serde(rename = "Apply"))] App { - #[serde(rename = "app_ls")] + #[cfg_attr(feature = "serde", serde(rename = "app_ls"))] ls: String, - #[serde(rename = "app_args")] + #[cfg_attr(feature = "serde", serde(rename = "app_args"))] args: Vec, }, If { - #[serde(rename = "if")] + #[cfg_attr(feature = "serde", serde(rename = "if"))] ift: Box, then: Box, - #[serde(rename = "else")] + #[cfg_attr(feature = "serde", serde(rename = "else"))] elset: Box, }, - #[serde(rename = "Epsilon")] + #[cfg_attr(feature = "serde", serde(rename = "Epsilon"))] Eps { - #[serde(rename = "eps_var")] + #[cfg_attr(feature = "serde", serde(rename = "eps_var"))] var: String, - #[serde(rename = "eps_t")] + #[cfg_attr(feature = "serde", serde(rename = "eps_t"))] t: Box, }, - #[serde(rename = "Function")] + #[cfg_attr(feature = "serde", serde(rename = "Function"))] Fun { - #[serde(rename = "fun_args")] + #[cfg_attr(feature = "serde", serde(rename = "fun_args"))] args: Vec, - #[serde(rename = "fun_body")] + #[cfg_attr(feature = "serde", serde(rename = "fun_body"))] body: Box, }, Quant { quant: String, - #[serde(rename = "quant_vs")] + #[cfg_attr(feature = "serde", serde(rename = "quant_vs"))] vs: Vec, - #[serde(rename = "quant_t")] + #[cfg_attr(feature = "serde", serde(rename = "quant_t"))] t: Box, }, Binop { binop: String, - #[serde(rename = "binop_t1")] + #[cfg_attr(feature = "serde", serde(rename = "binop_t1"))] t1: Box, - #[serde(rename = "binop_t2")] + #[cfg_attr(feature = "serde", serde(rename = "binop_t2"))] t2: Box, }, Not(Box), FunctionLiteral { - #[serde(rename = "funliteral_elts")] + #[cfg_attr(feature = "serde", serde(rename = "funliteral_elts"))] elts: Vec, - #[serde(rename = "funliteral_others")] + #[cfg_attr(feature = "serde", serde(rename = "funliteral_others"))] other: Box, }, Proj { - #[serde(rename = "proj_name")] + #[cfg_attr(feature = "serde", serde(rename = "proj_name"))] name: String, - #[serde(rename = "proj_value")] + #[cfg_attr(feature = "serde", serde(rename = "proj_value"))] value: Box, }, - #[serde(untagged)] + #[cfg_attr(feature = "serde", serde(untagged))] Unknown(Json), } -#[derive(Deserialize)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct Goal { pub term: GoalTerm, - #[serde(alias = "prover-result")] + #[cfg_attr(feature = "serde", serde(alias = "prover-result"))] pub prover_result: ProverResult, } -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct GoalTerm { pub loc: Loc, - #[serde(alias = "goal-name")] //Why3 doesn't currently use kebab-case but this might change + #[cfg_attr(feature = "serde", serde(alias = "goal-name"))] + //Why3 doesn't currently use kebab-case but this might change pub goal_name: String, pub explanations: Vec, } #[allow(dead_code)] -#[derive(Deserialize, Debug)] +#[derive(Debug)] +#[cfg_attr(feature = "serde", derive(Deserialize))] pub struct ProverResult { pub answer: String, - #[serde(rename = "ce-models")] + #[cfg_attr(feature = "serde", serde(rename = "ce-models"))] pub ce_models: Vec, pub time: f32, pub step: i32, diff --git a/why3/src/coma.rs b/why3/src/coma.rs index 588e81f113..4cb515c0be 100644 --- a/why3/src/coma.rs +++ b/why3/src/coma.rs @@ -1,4 +1,6 @@ -use crate::{declaration::Use, ty::Type, Ident}; +use pretty::docs; + +use crate::{declaration::Use, ty::Type, Ident, Print}; type Term = crate::Exp; @@ -15,6 +17,7 @@ type Term = crate::Exp; /// 2. User level control on transparency of functions /// 3. CPS structure +#[derive(Clone, Debug)] pub enum Expr { /// Variables eg: `x` Symbol(Ident), @@ -51,31 +54,48 @@ pub enum Expr { Any, } -/// TODO: what is the bool? -pub struct Var(Ident, Term, Type, bool); +#[derive(Clone, Debug)] +pub struct Var(Ident, Type, Term, IsRef); + +#[derive(Clone, Debug)] +pub enum IsRef { + Ref, + NotRef, +} /// Parameter declarations +#[derive(Clone, Debug)] pub enum Param { + // Can only be type parameters Ty(Type), Term(Ident, Type), - Region(Ident, Type), + Reference(Ident, Type), + /// Continuations accept a set of handlers and a set of ordinary parameters Cont(Ident, Vec, Vec), } +#[derive(Clone, Debug)] pub enum Arg { + /// Type application Ty(Type), + /// Logical terms (and 'program' ones) Term(Term), + /// Reference Ref(Ident), + /// Continuation parameter Cont(Expr), } +#[derive(Clone, Debug)] pub struct Defn { pub name: Ident, + /// Only relevant if using references pub writes: Vec, pub params: Vec, pub body: Expr, } +#[derive(Clone, Debug)] pub enum Decl { /// Coma definitions Defn(Vec), @@ -84,4 +104,185 @@ pub enum Decl { Use(Use), } +#[derive(Clone, Debug)] pub struct Module(pub Vec); + +impl Print for Param { + fn pretty<'b, 'a: 'b, A: pretty::DocAllocator<'a>>( + &'a self, + alloc: &'a A, + ) -> pretty::DocBuilder<'a, A> + where + A::Doc: Clone, + { + match self { + Param::Ty(ty) => ty.pretty(alloc), + Param::Term(id, ty) => docs![alloc, id.pretty(alloc), ":", ty.pretty(alloc)], + Param::Reference(id, ty) => docs![alloc, "&", id.pretty(alloc), ":", ty.pretty(alloc)], + Param::Cont(id, writes, params) => docs![ + alloc, + id.pretty(alloc), + alloc.space(), + brackets(alloc.intersperse(writes.iter().map(|a| a.pretty(alloc)), " ")), + alloc.space(), + alloc.intersperse(params.iter().map(|a| a.pretty(alloc)), " "), + ] + .parens(), + } + } +} +impl Print for Var { + fn pretty<'b, 'a: 'b, A: pretty::DocAllocator<'a>>( + &'a self, + alloc: &'a A, + ) -> pretty::DocBuilder<'a, A> + where + A::Doc: Clone, + { + docs![ + alloc, + if matches!(self.3, IsRef::Ref) { alloc.text("& ") } else { alloc.nil() }, + self.0.pretty(alloc), + " : ", + self.1.pretty(alloc), + " = ", + self.2.pretty(alloc) + ] + } +} + +impl Print for Arg { + fn pretty<'b, 'a: 'b, A: pretty::DocAllocator<'a>>( + &'a self, + alloc: &'a A, + ) -> pretty::DocBuilder<'a, A> + where + A::Doc: Clone, + { + match self { + Arg::Ty(ty) => ty.pretty(alloc).enclose("<", ">"), + Arg::Term(t) => t.pretty(alloc).braces(), + Arg::Ref(r) => alloc.text("& ").append(r.pretty(alloc)), + Arg::Cont(c) => c.pretty(alloc).parens(), + } + } +} + +impl Print for Expr { + fn pretty<'b, 'a: 'b, A: pretty::DocAllocator<'a>>( + &'a self, + alloc: &'a A, + ) -> pretty::DocBuilder<'a, A> + where + A::Doc: Clone, + { + match self { + Expr::Symbol(id) => id.pretty(alloc), + Expr::App(e, arg) => { + let needs_paren = !matches!( + &**e, + Expr::App(_, _) | Expr::Symbol(_) | Expr::Any | Expr::Lambda(_, _) + ); + + let doc = e.pretty(alloc); + + if needs_paren { doc.parens() } else { doc }.append(arg.pretty(alloc)) + } + Expr::Lambda(params, body) => { + let header = if params.is_empty() { + alloc.text("->") + } else { + docs![ + alloc, + "fun ", + alloc.intersperse(params.iter().map(|p| p.pretty(alloc)), alloc.text(" ")) + ] + }; + + header.append(body.pretty(alloc)).parens() + } + Expr::Defn(cont, rec, handlers) => { + let handlers = + handlers.iter().map(|d| print_defn(d, if *rec { "=" } else { "->" }, alloc)); + cont.pretty(alloc).append(alloc.intersperse(handlers, alloc.text(" | ")).brackets()) + } + Expr::Let(cont, lets) => docs![ + alloc, + cont.pretty(alloc), + alloc.intersperse(lets.iter().map(|l| l.pretty(alloc)), alloc.text(" | ")) + ], + Expr::Assign(cont, asgns) => docs![ + alloc, + alloc + .intersperse( + asgns.iter().map(|(id, t)| docs![ + alloc, + "&", + id.pretty(alloc), + "<-", + t.pretty(alloc).braces() + ]), + alloc.text(" | ") + ) + .brackets(), + cont.pretty(alloc) + ], + Expr::Assert(t, e) => docs![alloc, t.pretty(alloc).braces(), e.pretty(alloc)], + Expr::BlackBox(e) => docs![alloc, "!", alloc.space(), e.pretty(alloc)].parens(), + Expr::WhiteBox(e) => docs![alloc, "?", alloc.space(), e.pretty(alloc)].parens(), + Expr::Any => alloc.text("any"), + } + } +} + +fn braces<'a, A: pretty::DocAllocator<'a>>( + doc: pretty::DocBuilder<'a, A>, +) -> pretty::DocBuilder<'a, A> { + if !matches!(&*doc.1, pretty::Doc::Nil) { + doc.braces() + } else { + doc + } +} + +fn brackets<'a, A: pretty::DocAllocator<'a>>( + doc: pretty::DocBuilder<'a, A>, +) -> pretty::DocBuilder<'a, A> { + if !matches!(&*doc.1, pretty::Doc::Nil) { + doc.brackets() + } else { + doc + } +} + +fn print_defn<'a, A: pretty::DocAllocator<'a>>( + defn: &'a Defn, + arrow_kind: &'a str, + alloc: &'a A, +) -> pretty::DocBuilder<'a, A> +where + A::Doc: Clone, +{ + docs![ + alloc, + defn.name.pretty(alloc), + alloc.space(), + brackets(alloc.intersperse(defn.writes.iter().map(|a| a.pretty(alloc)), " ")), + alloc.space(), + alloc.intersperse(defn.params.iter().map(|a| a.pretty(alloc)), " "), + arrow_kind, + defn.body.pretty(alloc), + ] +} + +impl Print for Defn { + fn pretty<'b, 'a: 'b, A: pretty::DocAllocator<'a>>( + &'a self, + alloc: &'a A, + ) -> pretty::DocBuilder<'a, A> + where + A::Doc: Clone, + { + docs![alloc, "let ", print_defn(self, "=", alloc),] + } +} diff --git a/why3/src/mlcfg/printer.rs b/why3/src/mlcfg/printer.rs index a0f6099332..a4aaa1a9aa 100644 --- a/why3/src/mlcfg/printer.rs +++ b/why3/src/mlcfg/printer.rs @@ -8,33 +8,20 @@ use crate::{ use num::{Float, Zero}; use pretty::*; -#[derive(Default)] -pub struct PrintEnv { - pub scopes: Vec, -} - -impl PrintEnv { - pub fn new() -> (BoxAllocator, Self) { - (BoxAllocator, PrintEnv::default()) - } -} - pub struct PrintDisplay<'a, A: Print>(&'a A); impl<'a, A: Print> Display for PrintDisplay<'a, A> { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - let (alloc, mut env) = PrintEnv::new(); - self.0.pretty(&alloc, &mut env).1.render_fmt(120, f)?; + let alloc = BoxAllocator; + self.0.pretty(&alloc).1.render_fmt(120, f)?; Ok(()) } } +pub const ALLOC: BoxAllocator = BoxAllocator; + pub trait Print { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone; @@ -48,17 +35,16 @@ pub trait Print { // TODO: replace with functions macro_rules! parens { - ($alloc:ident, $env:ident, $parent:ident, $child:ident) => { - parens($alloc, $env, $parent.precedence(), $child) + ($alloc:ident, $parent:ident, $child:ident) => { + parens($alloc, $parent.precedence(), $child) }; - ($alloc:ident, $env:ident, $par_prec:expr, $child:ident) => { - parens($alloc, $env, $par_prec, $child) + ($alloc:ident, $par_prec:expr, $child:ident) => { + parens($alloc, $par_prec, $child) }; } fn parens<'b, 'a: 'b, A: DocAllocator<'a>>( alloc: &'a A, - env: &mut PrintEnv, prec: Precedence, child: &'a Exp, ) -> DocBuilder<'a, A> @@ -67,81 +53,63 @@ where { let child_prec = child.precedence(); if child_prec == Precedence::Atom { - child.pretty(alloc, env) + child.pretty(alloc) } else if child_prec < prec { - child.pretty(alloc, env).parens() + child.pretty(alloc).parens() } else if child_prec == prec && child.associativity() != child.associativity() { - child.pretty(alloc, env).parens() + child.pretty(alloc).parens() } else { - child.pretty(alloc, env) + child.pretty(alloc) } } impl Print for Decl { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match self { - Decl::CfgDecl(fun) => fun.pretty(alloc, env), - Decl::LogicDefn(log) => log.pretty(alloc, env), - Decl::Module(modl) => modl.pretty(alloc, env), - Decl::Scope(scope) => scope.pretty(alloc, env), - Decl::PredDecl(p) => p.pretty(alloc, env), - Decl::TyDecl(t) => t.pretty(alloc, env), - Decl::Clone(c) => c.pretty(alloc, env), - Decl::ValDecl(v) => v.pretty(alloc, env), - Decl::UseDecl(u) => u.pretty(alloc, env), - Decl::Axiom(a) => a.pretty(alloc, env), - Decl::Goal(g) => g.pretty(alloc, env), - Decl::Let(l) => l.pretty(alloc, env), + Decl::CfgDecl(fun) => fun.pretty(alloc), + Decl::LogicDefn(log) => log.pretty(alloc), + Decl::Module(modl) => modl.pretty(alloc), + Decl::Scope(scope) => scope.pretty(alloc), + Decl::PredDecl(p) => p.pretty(alloc), + Decl::TyDecl(t) => t.pretty(alloc), + Decl::Clone(c) => c.pretty(alloc), + Decl::ValDecl(v) => v.pretty(alloc), + Decl::UseDecl(u) => u.pretty(alloc), + Decl::Axiom(a) => a.pretty(alloc), + Decl::Goal(g) => g.pretty(alloc), + Decl::Let(l) => l.pretty(alloc), } } } impl Print for Module { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { - env.scopes.push(self.name.clone()); let doc = alloc .text("module ") .append(&*self.name) .append(alloc.hardline()) .append( alloc - .intersperse( - self.decls.iter().map(|decl| decl.pretty(alloc, env)), - alloc.hardline(), - ) + .intersperse(self.decls.iter().map(|decl| decl.pretty(alloc)), alloc.hardline()) .indent(2), ) .append(alloc.hardline()) .append("end"); - env.scopes.pop(); doc } } impl Print for Scope { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { - env.scopes.push(self.name.clone()); let doc = alloc .text("scope") .append(alloc.space()) @@ -149,59 +117,43 @@ impl Print for Scope { .append(alloc.hardline()) .append( alloc - .intersperse( - self.decls.iter().map(|decl| decl.pretty(alloc, env)), - alloc.hardline(), - ) + .intersperse(self.decls.iter().map(|decl| decl.pretty(alloc)), alloc.hardline()) .indent(2), ) .append(alloc.hardline()) .append("end"); - env.scopes.pop(); doc } } impl Print for Axiom { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { alloc .text("axiom ") - .append(self.name.pretty(alloc, env)) + .append(self.name.pretty(alloc)) .append(if self.rewrite { " [@rewrite] : " } else { " : " }) - .append(self.axiom.pretty(alloc, env)) + .append(self.axiom.pretty(alloc)) } } impl Print for Goal { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { alloc .text("goal ") - .append(self.name.pretty(alloc, env)) + .append(self.name.pretty(alloc)) .append(" : ") - .append(self.goal.pretty(alloc, env)) + .append(self.goal.pretty(alloc)) } } impl Print for LetDecl { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -225,24 +177,20 @@ impl Print for LetDecl { doc = doc .append( self.sig - .pretty(alloc, env) + .pretty(alloc) .append(alloc.line_()) .append(alloc.text(" = [@vc:do_not_keep_trace] [@vc:sp]")), ) .group() .append(alloc.line()) - .append(self.body.pretty(alloc, env).indent(2)); + .append(self.body.pretty(alloc).indent(2)); doc } } impl Print for Attribute { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - _: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -265,91 +213,70 @@ impl Print for Attribute { } impl Print for Signature { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { self.name - .pretty(alloc, env) + .pretty(alloc) .append(alloc.space()) .append(alloc.intersperse( - self.attrs.iter().map(|a| a.pretty(alloc, env)).chain(once(alloc.nil())), + self.attrs.iter().map(|a| a.pretty(alloc)).chain(once(alloc.nil())), alloc.space(), )) - .append(arg_list(alloc, env, &self.args)) + .append(arg_list(alloc, &self.args)) .append( - self.retty.as_ref().map_or_else( - || alloc.nil(), - |t| alloc.text(" : ").append(t.pretty(alloc, env)), - ), + self.retty + .as_ref() + .map_or_else(|| alloc.nil(), |t| alloc.text(" : ").append(t.pretty(alloc))), ) - .append(alloc.line_().append(self.contract.pretty(alloc, env))) + .append(alloc.line_().append(self.contract.pretty(alloc))) .nest(2) .group() // .append(alloc.line()) - // .append(self.contract.pretty(alloc, env).indent(2)) + // .append(self.contract.pretty(alloc).indent(2)) } } impl Print for Predicate { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { alloc .text("predicate ") - .append(self.sig.pretty(alloc, env).append(alloc.line_()).append(alloc.text(" ="))) + .append(self.sig.pretty(alloc).append(alloc.line_()).append(alloc.text(" ="))) .group() .append(alloc.line()) - .append(self.body.pretty(alloc, env).indent(2)) + .append(self.body.pretty(alloc).indent(2)) } } -fn arg_list<'b: 'a, 'a, A: DocAllocator<'a>>( - alloc: &'a A, - env: &mut PrintEnv, - args: &'a [Binder], -) -> DocBuilder<'a, A> +fn arg_list<'b: 'a, 'a, A: DocAllocator<'a>>(alloc: &'a A, args: &'a [Binder]) -> DocBuilder<'a, A> where A::Doc: Clone, { { - alloc.intersperse(args.iter().map(|b| b.pretty(alloc, env)), alloc.space()) + alloc.intersperse(args.iter().map(|b| b.pretty(alloc)), alloc.space()) } } impl Print for Logic { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { alloc .text("function ") - .append(self.sig.pretty(alloc, env).append(alloc.line_()).append(alloc.text(" ="))) + .append(self.sig.pretty(alloc).append(alloc.line_()).append(alloc.text(" ="))) .group() .append(alloc.line()) - .append(self.body.pretty(alloc, env).indent(2)) + .append(self.body.pretty(alloc).indent(2)) } } impl Print for DeclClone { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -362,8 +289,7 @@ impl Print for DeclClone { _ => alloc.nil(), }; - let doc = - alloc.text("clone ").append(kind).append(self.name.pretty(alloc, env)).append(as_doc); + let doc = alloc.text("clone ").append(kind).append(self.name.pretty(alloc)).append(as_doc); if self.subst.is_empty() { doc @@ -371,7 +297,7 @@ impl Print for DeclClone { doc.append(" with").append(alloc.hardline()).append( alloc .intersperse( - self.subst.iter().map(|s| s.pretty(alloc, env)), + self.subst.iter().map(|s| s.pretty(alloc)), alloc.text(",").append(alloc.hardline()), ) .indent(2), @@ -381,37 +307,29 @@ impl Print for DeclClone { } impl Print for CloneSubst { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match self { - CloneSubst::Type(id, ty) => alloc - .text("type ") - .append(id.pretty(alloc, env)) - .append(" = ") - .append(ty.pretty(alloc, env)), - CloneSubst::Val(id, o) => alloc - .text("val ") - .append(id.pretty(alloc, env)) - .append(" = ") - .append(o.pretty(alloc, env)), + CloneSubst::Type(id, ty) => { + alloc.text("type ").append(id.pretty(alloc)).append(" = ").append(ty.pretty(alloc)) + } + CloneSubst::Val(id, o) => { + alloc.text("val ").append(id.pretty(alloc)).append(" = ").append(o.pretty(alloc)) + } CloneSubst::Predicate(id, o) => alloc .text("predicate ") - .append(id.pretty(alloc, env)) + .append(id.pretty(alloc)) .append(" = ") - .append(o.pretty(alloc, env)), + .append(o.pretty(alloc)), CloneSubst::Function(id, o) => alloc .text("function ") - .append(id.pretty(alloc, env)) + .append(id.pretty(alloc)) .append(" = ") - .append(o.pretty(alloc, env)), + .append(o.pretty(alloc)), CloneSubst::Axiom(id) => match id { - Some(id) => alloc.text("axiom ").append(id.pretty(alloc, env)), + Some(id) => alloc.text("axiom ").append(id.pretty(alloc)), None => alloc.text("axiom ."), }, } @@ -419,20 +337,16 @@ impl Print for CloneSubst { } impl Print for Use { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { alloc .text("use ") .append(if self.export { alloc.text("export ") } else { alloc.nil() }) - .append(self.name.pretty(alloc, env)) + .append(self.name.pretty(alloc)) .append(if let Some(as_) = &self.as_ { - alloc.text(" as ").append(as_.pretty(alloc, env)) + alloc.text(" as ").append(as_.pretty(alloc)) } else { alloc.nil() }) @@ -440,11 +354,7 @@ impl Print for Use { } impl Print for ValDecl { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -465,17 +375,13 @@ impl Print for ValDecl { None => {} }; - doc = doc.append(self.sig.pretty(alloc, env)); + doc = doc.append(self.sig.pretty(alloc)); doc } } impl Print for Contract { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -483,10 +389,7 @@ impl Print for Contract { for req in &self.requires { doc = doc.append( - alloc - .text("requires ") - .append(req.pretty(alloc, env).braces()) - .append(alloc.hardline()), + alloc.text("requires ").append(req.pretty(alloc).braces()).append(alloc.hardline()), ) } @@ -494,19 +397,14 @@ impl Print for Contract { doc = doc.append( alloc .text("ensures ") - .append( - alloc.space().append(req.pretty(alloc, env)).append(alloc.space()).braces(), - ) + .append(alloc.space().append(req.pretty(alloc)).append(alloc.space()).braces()) .append(alloc.hardline()), ) } for var in &self.variant { doc = doc.append( - alloc - .text("variant ") - .append(var.pretty(alloc, env).braces()) - .append(alloc.hardline()), + alloc.text("variant ").append(var.pretty(alloc).braces()).append(alloc.hardline()), ) } @@ -515,11 +413,7 @@ impl Print for Contract { } impl Print for CfgFunction { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -530,7 +424,7 @@ impl Print for CfgFunction { .append(if self.constant { "constant " } else { "" }) .append( self.sig - .pretty(alloc, env) + .pretty(alloc) .append(alloc.line_()) .append(alloc.text(" = [@vc:do_not_keep_trace] [@vc:sp]")), ) @@ -542,9 +436,9 @@ impl Print for CfgFunction { if *ghost { alloc.text("ghost var ") } else { alloc.text("var ") } .append(alloc.as_string(&var.0)) .append(" : ") - .append(ty.pretty(alloc, env)) + .append(ty.pretty(alloc)) .append(if let Some(init) = init { - alloc.text(" = ").append(init.pretty(alloc, env)) + alloc.text(" = ").append(init.pretty(alloc)) } else { alloc.nil() }) @@ -552,11 +446,11 @@ impl Print for CfgFunction { }), alloc.hardline(), )) - .append(self.entry.pretty(alloc, env).append(alloc.hardline())) + .append(self.entry.pretty(alloc).append(alloc.hardline())) .append(sep_end_by( alloc, self.blocks.iter().map(|(id, block)| { - id.pretty(alloc, env).append(alloc.space()).append(block.pretty(alloc, env)) + id.pretty(alloc).append(alloc.space()).append(block.pretty(alloc)) }), alloc.hardline(), )) @@ -564,22 +458,18 @@ impl Print for CfgFunction { } impl Print for Type { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { use Type::*; macro_rules! ty_parens { - ($alloc:ident, $env:ident, $e:ident) => { + ($alloc:ident, $e:ident) => { if $e.complex() { - $e.pretty($alloc, $env).parens() + $e.pretty($alloc).parens() } else { - $e.pretty($alloc, $env) + $e.pretty($alloc) } }; } @@ -587,145 +477,127 @@ impl Print for Type { Bool => alloc.text("bool"), Char => alloc.text("char"), Integer => alloc.text("int"), - MutableBorrow(box t) => alloc.text("borrowed ").append(ty_parens!(alloc, env, t)), + MutableBorrow(box t) => alloc.text("borrowed ").append(ty_parens!(alloc, t)), TVar(v) => alloc.text(format!("'{}", v.0)), - TConstructor(ty) => ty.pretty(alloc, env), + TConstructor(ty) => ty.pretty(alloc), - TFun(box a, box b) => { - ty_parens!(alloc, env, a).append(" -> ").append(ty_parens!(alloc, env, b)) - } + TFun(box a, box b) => ty_parens!(alloc, a).append(" -> ").append(ty_parens!(alloc, b)), TApp(box tyf, args) => { if args.is_empty() { - tyf.pretty(alloc, env) + tyf.pretty(alloc) } else { - tyf.pretty(alloc, env).append(alloc.space()).append(alloc.intersperse( - args.iter().map(|arg| ty_parens!(alloc, env, arg)), - alloc.space(), - )) + tyf.pretty(alloc).append(alloc.space()).append( + alloc.intersperse( + args.iter().map(|arg| ty_parens!(alloc, arg)), + alloc.space(), + ), + ) } } - Tuple(tys) if tys.len() == 1 => tys[0].pretty(alloc, env), - Tuple(tys) => { - alloc.intersperse(tys.iter().map(|ty| ty.pretty(alloc, env)), ", ").parens() - } + Tuple(tys) if tys.len() == 1 => tys[0].pretty(alloc), + Tuple(tys) => alloc.intersperse(tys.iter().map(|ty| ty.pretty(alloc)), ", ").parens(), } } } impl Print for Trigger { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match &self.0 { None => alloc.nil(), - Some(exp) => exp.pretty(alloc, env).brackets(), + Some(exp) => exp.pretty(alloc).brackets(), } } } impl Print for Exp { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match self { - Exp::Any(ty) => alloc.text("any ").append(ty.pretty(alloc, env)), - Exp::Current(box e) => alloc.text(" * ").append(parens!(alloc, env, self, e)), - Exp::Final(box e) => alloc.text(" ^ ").append(parens!(alloc, env, self, e)), + Exp::Any(ty) => alloc.text("any ").append(ty.pretty(alloc)), + Exp::Current(box e) => alloc.text(" * ").append(parens!(alloc, self, e)), + Exp::Final(box e) => alloc.text(" ^ ").append(parens!(alloc, self, e)), // TODO parenthesization Exp::Let { pattern, box arg, box body } => alloc .text("let ") - .append(pattern.pretty(alloc, env)) + .append(pattern.pretty(alloc)) .append(" = ") - .append(arg.pretty(alloc, env)) + .append(arg.pretty(alloc)) .append(" in ") - .append(body.pretty(alloc, env)), - Exp::Var(v, _) => v.pretty(alloc, env), - Exp::QVar(v, _) => v.pretty(alloc, env), + .append(body.pretty(alloc)), + Exp::Var(v, _) => v.pretty(alloc), + Exp::QVar(v, _) => v.pretty(alloc), Exp::RecUp { box record, updates } => { let mut res = alloc .space() - .append(parens!(alloc, env, self.precedence().next(), record)) + .append(parens!(alloc, self.precedence().next(), record)) .append(" with "); for (label, val) in updates { res = res .append(alloc.text(label)) .append(" = ") - .append(parens!(alloc, env, self, val)) + .append(parens!(alloc, self, val)) .append(" ; "); } res.braces() } - Exp::RecField { box record, label } => { - record.pretty(alloc, env).append(".").append(label) - } + Exp::RecField { box record, label } => record.pretty(alloc).append(".").append(label), Exp::Tuple(args) => alloc - .intersperse(args.iter().map(|a| parens!(alloc, env, Precedence::Cast, a)), ", ") + .intersperse(args.iter().map(|a| parens!(alloc, Precedence::Cast, a)), ", ") .parens(), - Exp::Constructor { ctor, args } => ctor.pretty(alloc, env).append(if args.is_empty() { - alloc.nil() - } else { - alloc.space().append(alloc.intersperse( - args.iter().map(|a| parens!(alloc, env, Precedence::Brackets, a)), - " ", - )) - }), - Exp::Const(c) => c.pretty(alloc, env), - - Exp::UnaryOp(UnOp::Not, box op) => { - alloc.text("not ").append(parens!(alloc, env, self, op)) + Exp::Constructor { ctor, args } => { + ctor.pretty(alloc).append(if args.is_empty() { + alloc.nil() + } else { + alloc.space().append(alloc.intersperse( + args.iter().map(|a| parens!(alloc, Precedence::Brackets, a)), + " ", + )) + }) } + Exp::Const(c) => c.pretty(alloc), - Exp::UnaryOp(UnOp::Neg, box op) => { - alloc.text("- ").append(parens!(alloc, env, self, op)) - } + Exp::UnaryOp(UnOp::Not, box op) => alloc.text("not ").append(parens!(alloc, self, op)), + + Exp::UnaryOp(UnOp::Neg, box op) => alloc.text("- ").append(parens!(alloc, self, op)), Exp::UnaryOp(UnOp::FloatNeg, box op) => { - alloc.text(".- ").append(parens!(alloc, env, self, op)) + alloc.text(".- ").append(parens!(alloc, self, op)) } Exp::BinaryOp(op, box l, box r) => match self.associativity() { - Some(AssocDir::Left) => parens!(alloc, env, self, l), - Some(AssocDir::Right) | None => parens!(alloc, env, self.precedence().next(), l), + Some(AssocDir::Left) => parens!(alloc, self, l), + Some(AssocDir::Right) | None => parens!(alloc, self.precedence().next(), l), } .append(alloc.space()) .append(bin_op_to_string(op)) .append(alloc.space()) .append(match self.associativity() { - Some(AssocDir::Right) => parens!(alloc, env, self, r), - Some(AssocDir::Left) | None => parens!(alloc, env, self.precedence().next(), r), + Some(AssocDir::Right) => parens!(alloc, self, r), + Some(AssocDir::Left) | None => parens!(alloc, self.precedence().next(), r), }), Exp::Call(box fun, args) => { - parens!(alloc, env, self, fun).append(alloc.space()).append(alloc.intersperse( - args.iter().map(|a| parens!(alloc, env, Precedence::App.next(), a)), + parens!(alloc, self, fun).append(alloc.space()).append(alloc.intersperse( + args.iter().map(|a| parens!(alloc, Precedence::App.next(), a)), alloc.space(), )) } Exp::Verbatim(verb) => alloc.text(verb), - Exp::Attr(attr, e) => { - attr.pretty(alloc, env).append(alloc.space()).append(e.pretty(alloc, env)) - } + Exp::Attr(attr, e) => attr.pretty(alloc).append(alloc.space()).append(e.pretty(alloc)), Exp::Abs(binders, box body) => alloc .text("fun ") - .append( - alloc.intersperse(binders.iter().map(|b| b.pretty(alloc, env)), alloc.space()), - ) + .append(alloc.intersperse(binders.iter().map(|b| b.pretty(alloc)), alloc.space())) .append(" -> ") - .append(body.pretty(alloc, env)), + .append(body.pretty(alloc)), Exp::Match(box scrut, brs) => alloc .text("match ") - .append(scrut.pretty(alloc, env)) + .append(scrut.pretty(alloc)) .append(" with") .append(alloc.hardline()) .append( @@ -734,9 +606,9 @@ impl Print for Exp { brs.iter().map(|(pat, br)| { alloc .text("| ") - .append(pat.pretty(alloc, env)) + .append(pat.pretty(alloc)) .append(" -> ") - .append(br.pretty(alloc, env)) + .append(br.pretty(alloc)) }), alloc.hardline(), ) @@ -745,52 +617,53 @@ impl Print for Exp { .append("end"), Exp::IfThenElse(s, i, e) => alloc .text("if ") - .append(s.pretty(alloc, env)) + .append(s.pretty(alloc)) .append(" then") - .append(alloc.line().append(i.pretty(alloc, env)).nest(2).append(alloc.line())) + .append(alloc.line().append(i.pretty(alloc)).nest(2).append(alloc.line())) .append("else") - .append(alloc.line().append(e.pretty(alloc, env)).nest(2).append(alloc.line_())) + .append(alloc.line().append(e.pretty(alloc)).nest(2).append(alloc.line_())) .group(), Exp::Forall(binders, trig, box exp) => alloc .text("forall ") - .append(alloc.intersperse( - binders.iter().map(|(b, t)| { - b.pretty(alloc, env).append(" : ").append(t.pretty(alloc, env)) - }), - ", ", - )) - .append(trig.pretty(alloc, env)) + .append( + alloc.intersperse( + binders + .iter() + .map(|(b, t)| b.pretty(alloc).append(" : ").append(t.pretty(alloc))), + ", ", + ), + ) + .append(trig.pretty(alloc)) .append(" . ") - .append(exp.pretty(alloc, env)), + .append(exp.pretty(alloc)), Exp::Exists(binders, trig, box exp) => alloc .text("exists ") - .append(alloc.intersperse( - binders.iter().map(|(b, t)| { - b.pretty(alloc, env).append(" : ").append(t.pretty(alloc, env)) - }), - ", ", - )) - .append(trig.pretty(alloc, env)) + .append( + alloc.intersperse( + binders + .iter() + .map(|(b, t)| b.pretty(alloc).append(" : ").append(t.pretty(alloc))), + ", ", + ), + ) + .append(trig.pretty(alloc)) .append(" . ") - .append(exp.pretty(alloc, env)), + .append(exp.pretty(alloc)), Exp::Impl(box hyp, box exp) => { - parens!(alloc, env, self, hyp).append(" -> ").append(parens!(alloc, env, self, exp)) + parens!(alloc, self, hyp).append(" -> ").append(parens!(alloc, self, exp)) } Exp::Ascribe(e, t) => { - parens!(alloc, env, self, e).append(" : ").append(t.pretty(alloc, env)).group() - } - Exp::Pure(e) => alloc.text("pure ").append(e.pretty(alloc, env).braces()), - Exp::Ghost(e) => { - alloc.text("ghost ").append(parens!(alloc, env, Precedence::App.next(), e)) + parens!(alloc, self, e).append(" : ").append(t.pretty(alloc)).group() } + Exp::Pure(e) => alloc.text("pure ").append(e.pretty(alloc).braces()), + Exp::Ghost(e) => alloc.text("ghost ").append(parens!(alloc, Precedence::App.next(), e)), Exp::Absurd => alloc.text("absurd"), - Exp::Old(e) => alloc.text("old").append(e.pretty(alloc, env).parens()), + Exp::Old(e) => alloc.text("old").append(e.pretty(alloc).parens()), Exp::Record { fields } => alloc .intersperse( fields.iter().map(|(nm, a)| { alloc.text(nm).append(" = ").append(parens!( alloc, - env, Precedence::Attr.next(), a )) @@ -798,36 +671,30 @@ impl Print for Exp { "; ", ) .braces(), - Exp::Chain(fields) => { - alloc.intersperse(fields.iter().map(|f| f.pretty(alloc, env)), "; ") - } - Exp::FnLit(e) => alloc.text("fun _ -> ").append(e.pretty(alloc, env)).parens(), - Exp::Assert(e) => alloc.text("assert ").append(e.pretty(alloc, env).braces()), - Exp::Assume(e) => alloc.text("assume ").append(e.pretty(alloc, env).braces()), + Exp::Chain(fields) => alloc.intersperse(fields.iter().map(|f| f.pretty(alloc)), "; "), + Exp::FnLit(e) => alloc.text("fun _ -> ").append(e.pretty(alloc)).parens(), + Exp::Assert(e) => alloc.text("assert ").append(e.pretty(alloc).braces()), + Exp::Assume(e) => alloc.text("assume ").append(e.pretty(alloc).braces()), } } } impl Print for Binder { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match self { Binder::Wild => alloc.text("_"), - Binder::UnNamed(ty) => ty.pretty(alloc, env), - Binder::Named(id) => id.pretty(alloc, env), + Binder::UnNamed(ty) => ty.pretty(alloc), + Binder::Named(id) => id.pretty(alloc), Binder::Typed(ghost, ids, ty) => { (if *ghost { alloc.text("ghost ") } else { alloc.nil() }) .append( alloc - .intersperse(ids.iter().map(|id| id.pretty(alloc, env)), alloc.space()) + .intersperse(ids.iter().map(|id| id.pretty(alloc)), alloc.space()) .append(" : ") - .append(ty.pretty(alloc, env)), + .append(ty.pretty(alloc)), ) .parens() } @@ -838,52 +705,47 @@ impl Print for Binder { fn pretty_attr<'b, 'a: 'b, A: DocAllocator<'a>>( attr: &'a Option, alloc: &'a A, - env: &mut PrintEnv, ) -> DocBuilder<'a, A> where A::Doc: Clone, { match attr { - Some(attr) => attr.pretty(alloc, env).append(" "), + Some(attr) => attr.pretty(alloc).append(" "), None => alloc.nil(), } } impl Print for Statement { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match self { - Statement::Assign { attr, lhs, rhs } => pretty_attr(attr, alloc, env) - .append(lhs.pretty(alloc, env)) + Statement::Assign { attr, lhs, rhs } => pretty_attr(attr, alloc) + .append(lhs.pretty(alloc)) .append(" <- ") - .append(parens!(alloc, env, Precedence::Impl, rhs)), + .append(parens!(alloc, Precedence::Impl, rhs)), Statement::Invariant(e) => { - let doc = alloc.text("invariant ").append( - alloc.space().append(e.pretty(alloc, env)).append(alloc.space()).braces(), - ); + let doc = alloc + .text("invariant ") + .append(alloc.space().append(e.pretty(alloc)).append(alloc.space()).braces()); doc } Statement::Variant(e) => { - let doc = alloc.text("variant ").append( - alloc.space().append(e.pretty(alloc, env)).append(alloc.space()).braces(), - ); + let doc = alloc + .text("variant ") + .append(alloc.space().append(e.pretty(alloc)).append(alloc.space()).braces()); doc } Statement::Assume(assump) => { let doc = alloc.text("assume ").append( - alloc.space().append(assump.pretty(alloc, env)).append(alloc.space()).braces(), + alloc.space().append(assump.pretty(alloc)).append(alloc.space()).braces(), ); doc } Statement::Assert(assert) => { let doc = alloc.text("assert ").append( - alloc.space().append(assert.pretty(alloc, env)).append(alloc.space()).braces(), + alloc.space().append(assert.pretty(alloc)).append(alloc.space()).braces(), ); doc } @@ -892,22 +754,18 @@ impl Print for Statement { } impl Print for Terminator { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { use Terminator::*; match self { - Goto(tgt) => alloc.text("goto ").append(tgt.pretty(alloc, env)), + Goto(tgt) => alloc.text("goto ").append(tgt.pretty(alloc)), Absurd => alloc.text("absurd"), Return => alloc.text("return _0"), Switch(discr, brs) => alloc .text("switch ") - .append(discr.pretty(alloc, env).parens()) + .append(discr.pretty(alloc).parens()) .append(alloc.hardline()) .append( sep_end_by( @@ -915,9 +773,9 @@ impl Print for Terminator { brs.iter().map(|(pat, tgt)| { alloc .text("| ") - .append(pat.pretty(alloc, env)) + .append(pat.pretty(alloc)) .append(" -> ") - .append(tgt.pretty(alloc, env)) + .append(tgt.pretty(alloc)) }), alloc.hardline(), ) @@ -929,30 +787,26 @@ impl Print for Terminator { } impl Print for Pattern { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { match self { Pattern::Wildcard => alloc.text("_"), - Pattern::VarP(v) => v.pretty(alloc, env), + Pattern::VarP(v) => v.pretty(alloc), Pattern::TupleP(pats) => { - alloc.intersperse(pats.iter().map(|p| p.pretty(alloc, env)), ", ").parens() + alloc.intersperse(pats.iter().map(|p| p.pretty(alloc)), ", ").parens() } Pattern::ConsP(c, pats) => { - let mut doc = c.pretty(alloc, env); + let mut doc = c.pretty(alloc); if !pats.is_empty() { doc = doc.append(alloc.space()).append(alloc.intersperse( pats.iter().map(|p| { if matches!(p, Pattern::ConsP(_, _)) { - p.pretty(alloc, env).parens() + p.pretty(alloc).parens() } else { - p.pretty(alloc, env) + p.pretty(alloc) } }), " ", @@ -965,11 +819,7 @@ impl Print for Pattern { } impl Print for BlockId { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - _: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -996,11 +846,7 @@ where } impl Print for Block { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -1009,10 +855,10 @@ impl Print for Block { .append( sep_end_by( alloc, - self.statements.iter().map(|stmt| stmt.pretty(alloc, env)), + self.statements.iter().map(|stmt| stmt.pretty(alloc)), alloc.text(";").append(alloc.line()), ) - .append(self.terminator.pretty(alloc, env)), + .append(self.terminator.pretty(alloc)), ) .nest(2) .append(alloc.hardline()) @@ -1051,11 +897,7 @@ fn bin_op_to_string(op: &BinOp) -> &str { } impl Print for Constant { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -1069,11 +911,11 @@ impl Print for Constant { } } Constant::Int(i, Some(t)) => { - alloc.as_string(i).append(" : ").append(t.pretty(alloc, env)).parens() + alloc.as_string(i).append(" : ").append(t.pretty(alloc)).parens() } Constant::Int(i, None) => alloc.as_string(i), Constant::Uint(i, Some(t)) => { - alloc.as_string(i).append(" : ").append(t.pretty(alloc, env)).parens() + alloc.as_string(i).append(" : ").append(t.pretty(alloc)).parens() } Constant::String(s) => alloc.text(format!("{s:?}")), Constant::Uint(i, None) => alloc.as_string(i), @@ -1088,7 +930,7 @@ impl Print for Constant { Constant::Float(f, Some(t)) => { assert!(f.is_finite()); let f_str = print_float(*f); - alloc.text(f_str).append(" : ").append(t.pretty(alloc, env)).parens() + alloc.text(f_str).append(" : ").append(t.pretty(alloc)).parens() } } } @@ -1112,21 +954,17 @@ fn print_float(f: f64) -> String { } impl Print for TyDecl { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { let ty_decl = match self { TyDecl::Opaque { ty_name, ty_params } => { - let mut decl = alloc.text("type ").append(ty_name.pretty(alloc, env)); + let mut decl = alloc.text("type ").append(ty_name.pretty(alloc)); if !ty_params.is_empty() { decl = decl.append(" ").append(alloc.intersperse( - ty_params.iter().map(|p| alloc.text("'").append(p.pretty(alloc, env))), + ty_params.iter().map(|p| alloc.text("'").append(p.pretty(alloc))), alloc.space(), )); } @@ -1134,14 +972,14 @@ impl Print for TyDecl { } TyDecl::Alias { ty_name, ty_params, alias } => alloc .text("type ") - .append(ty_name.pretty(alloc, env)) + .append(ty_name.pretty(alloc)) .append(" ") .append(alloc.intersperse( - ty_params.iter().map(|p| alloc.text("'").append(p.pretty(alloc, env))), + ty_params.iter().map(|p| alloc.text("'").append(p.pretty(alloc))), alloc.space(), )) .append(alloc.text(" =").append(alloc.hardline())) - .append(alias.pretty(alloc, env).indent(2)), + .append(alias.pretty(alloc).indent(2)), TyDecl::Adt { tys } => { use std::iter::*; let header = once("type").chain(repeat("with")); @@ -1151,21 +989,21 @@ impl Print for TyDecl { decl = decl .append(hdr) .append(" ") - .append(ty_decl.ty_name.pretty(alloc, env)) + .append(ty_decl.ty_name.pretty(alloc)) .append(" ") .append( alloc.intersperse( ty_decl .ty_params .iter() - .map(|p| alloc.text("'").append(p.pretty(alloc, env))), + .map(|p| alloc.text("'").append(p.pretty(alloc))), alloc.space(), ), ); let mut inner_doc = alloc.nil(); for cons in &ty_decl.constrs { - let ty_cons = alloc.text("| ").append(cons.pretty(alloc, env)); + let ty_cons = alloc.text("| ").append(cons.pretty(alloc)); inner_doc = inner_doc.append(ty_cons.append(alloc.hardline())) } decl = decl @@ -1177,9 +1015,9 @@ impl Print for TyDecl { }; // let mut ty_decl = - // alloc.text("type ").append(self.ty_name.pretty(alloc, env)).append(" ").append( + // alloc.text("type ").append(self.ty_name.pretty(alloc)).append(" ").append( // alloc.intersperse( - // self.ty_params.iter().map(|p| alloc.text("'").append(p.pretty(alloc, env))), + // self.ty_params.iter().map(|p| alloc.text("'").append(p.pretty(alloc))), // alloc.space(), // ), // ); @@ -1188,24 +1026,20 @@ impl Print for TyDecl { // ty_decl = ty_decl.append(alloc.text(" =").append(alloc.hardline())); // } ty_decl - // ty_decl.append(self.kind.pretty(alloc, env).indent(2)) + // ty_decl.append(self.kind.pretty(alloc).indent(2)) } } impl Print for ConstructorDecl { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { - let mut cons_doc = self.name.pretty(alloc, env); + let mut cons_doc = self.name.pretty(alloc); if !self.fields.is_empty() { cons_doc = cons_doc.append(alloc.space()).append( - alloc.intersperse(self.fields.iter().map(|ty_arg| ty_arg.pretty(alloc, env)), " "), + alloc.intersperse(self.fields.iter().map(|ty_arg| ty_arg.pretty(alloc)), " "), ); } @@ -1214,17 +1048,13 @@ impl Print for ConstructorDecl { } impl Print for Field { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { let parens = self.ghost || self.ty.complex(); let doc = if self.ghost { alloc.text("ghost ") } else { alloc.nil() } - .append(self.ty.pretty(alloc, env)); + .append(self.ty.pretty(alloc)); if parens { doc.parens() @@ -1234,11 +1064,7 @@ impl Print for Field { } } impl Print for Ident { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - _env: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { @@ -1247,11 +1073,7 @@ impl Print for Ident { } impl Print for QName { - fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>( - &'a self, - alloc: &'a A, - _: &mut PrintEnv, - ) -> DocBuilder<'a, A> + fn pretty<'b, 'a: 'b, A: DocAllocator<'a>>(&'a self, alloc: &'a A) -> DocBuilder<'a, A> where A::Doc: Clone, { From 00d7ba9c8a4363067f4cbd07583efe60fc95eca6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arma=C3=ABl=20Gu=C3=A9neau?= Date: Tue, 20 Feb 2024 23:42:35 +0100 Subject: [PATCH 12/66] fix: emit correct relative paths in spans with 'cargo creusot' add an option to creusot-rustc to specify the relative location of the project's root with respect to creusot's output. This option is used by the test harness, which uses a different file layout than 'cargo creusot'. ('cargo creusot' then simply uses the default value of the option, which matches its usecase.) --- creusot-args/src/options.rs | 14 +++++++++++++- creusot-rustc/src/options.rs | 1 + creusot/src/backend.rs | 1 - creusot/src/options.rs | 15 +++++++++++++-- creusot/tests/ui.rs | 1 + 5 files changed, 28 insertions(+), 4 deletions(-) diff --git a/creusot-args/src/options.rs b/creusot-args/src/options.rs index 6fbe839da1..b8e5090a69 100644 --- a/creusot-args/src/options.rs +++ b/creusot-args/src/options.rs @@ -1,6 +1,6 @@ use clap::*; use serde::{Deserialize, Serialize}; -use std::{error::Error, ffi::OsString}; +use std::{error::Error, ffi::OsString, path::PathBuf}; #[derive(Parser, Serialize, Deserialize)] pub struct CreusotArgs { @@ -10,6 +10,11 @@ pub struct CreusotArgs { /// [None] provides the clearest diffs. #[clap(long, value_enum, default_value_t=SpanMode::Relative)] pub span_mode: SpanMode, + #[clap(long, default_value_os_t = get_default_root_path_relative_from_output())] + /// Relative path of the root of the Rust project relative to the output files + /// of Creusot. This is used when producing [Relative] spans, to know the location + /// of Rust files corresponding to the generated Why3 files. + pub root_path_relative_from_output: PathBuf, #[clap(long)] /// Only generate proofs for items matching the provided string. The string is treated /// as a Rust qualified path. @@ -61,6 +66,13 @@ pub enum Why3SubCommand { Replay, } +/// Default relative path of the root project wrt the output. +/// This corresponds to the default scenario where the user invokes "cargo creusot" +/// which writes its output in target/debug/ +fn get_default_root_path_relative_from_output() -> PathBuf { + ["..", ".."].iter().collect() +} + /// Parse a single key-value pair fn parse_key_val(s: &str) -> Result<(T, U), Box> where diff --git a/creusot-rustc/src/options.rs b/creusot-rustc/src/options.rs index 4add35c947..9d2bae2079 100644 --- a/creusot-rustc/src/options.rs +++ b/creusot-rustc/src/options.rs @@ -42,6 +42,7 @@ impl CreusotArgsExt for CreusotArgs { output_file, in_cargo: cargo_creusot, span_mode: span_mode, + root_path_relative_from_output: self.root_path_relative_from_output, match_str: self.focus_on, simple_triggers: self.simple_triggers, why3_cmd: self.subcommand.map(why3_command), diff --git a/creusot/src/backend.rs b/creusot/src/backend.rs index 0bf36c5dac..71ffbf4434 100644 --- a/creusot/src/backend.rs +++ b/creusot/src/backend.rs @@ -383,7 +383,6 @@ impl<'tcx> Why3Generator<'tcx> { let filename = match self.opts.span_mode { SpanMode::Absolute => path.to_string_lossy().into_owned(), SpanMode::Relative => { - // Why3 treats the spans as relative to the session not the source file?? format!("{}", self.opts.relative_to_output(&path).to_string_lossy()) } _ => return None, diff --git a/creusot/src/options.rs b/creusot/src/options.rs index 7759ecfdf9..bc0476dc3b 100644 --- a/creusot/src/options.rs +++ b/creusot/src/options.rs @@ -32,6 +32,7 @@ pub struct Options { pub output_file: Option, pub in_cargo: bool, pub span_mode: SpanMode, + pub root_path_relative_from_output: PathBuf, pub match_str: Option, pub simple_triggers: bool, pub why3_cmd: Option, @@ -65,8 +66,18 @@ impl Options { let output_components = other.components().count(); let mut buf = PathBuf::new(); - (0..(output_components - same)).for_each(|_| buf.push("..")); + (0..(output_components - same)).for_each(|_| { + // Why3 treats the spans as relative to the session, not the source file, + // and the session is in a subdirectory next to the mlcfg file, so we need + // to add .. + buf.push(".."); + // then add the relative path of the root project with respect to the output + // directory (typically some amount of ..) + buf.extend(&self.root_path_relative_from_output) + }); buf.extend(p.components().skip(same)); - buf + // the roundtrip through [components()] gives us some basic (syntactic) + // normalization of the path (e.g. remove /./) + buf.components().collect() } } diff --git a/creusot/tests/ui.rs b/creusot/tests/ui.rs index 41c80ba545..70ce3c0275 100644 --- a/creusot/tests/ui.rs +++ b/creusot/tests/ui.rs @@ -91,6 +91,7 @@ fn run_creusot( "--stdout", "--export-metadata=false", "--span-mode=relative", + "--root-path-relative-from-output=.", "--check-why3=false", ]); cmd.args(&[ From 4fb23bef9e4fe98615d233701fd8452a288c81b1 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Wed, 21 Feb 2024 18:22:12 +0100 Subject: [PATCH 13/66] Demote `Expr::Call` to `Statement::Call` --- creusot/src/backend/optimization.rs | 23 +++- creusot/src/backend/program.rs | 124 +++++++++++------- creusot/src/translation.rs | 2 +- creusot/src/translation/fmir.rs | 20 +-- creusot/src/translation/function.rs | 4 +- creusot/src/translation/function/statement.rs | 6 +- .../src/translation/function/terminator.rs | 21 +-- creusot/tests/should_succeed/100doors.mlcfg | 2 +- creusot/tests/should_succeed/bug/874.mlcfg | 6 +- .../should_succeed/filter_positive.mlcfg | 2 +- creusot/tests/should_succeed/hashmap.mlcfg | 2 +- creusot/tests/should_succeed/knapsack.mlcfg | 4 +- .../tests/should_succeed/knapsack_full.mlcfg | 4 +- .../tests/should_succeed/sparse_array.mlcfg | 6 +- .../should_succeed/syntax/13_vec_macro.mlcfg | 6 +- .../vector/06_knights_tour.mlcfg | 2 +- why3/src/coma.rs | 10 -- 17 files changed, 136 insertions(+), 108 deletions(-) diff --git a/creusot/src/backend/optimization.rs b/creusot/src/backend/optimization.rs index cabc00804e..933a34c146 100644 --- a/creusot/src/backend/optimization.rs +++ b/creusot/src/backend/optimization.rs @@ -94,6 +94,10 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { } Statement::AssumeBorrowInv(p) => self.read_place(p), Statement::AssertTyInv(p) => self.read_place(p), + Statement::Call(dest, _, _, args, _) => { + self.write_place(dest); + args.iter().for_each(|a| self.visit_expr(a)); + } } } @@ -110,17 +114,22 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { // fn visit_term(&mut self, t: &Term<'tcx>) {} + fn visit_operand(&mut self, op: &Operand<'tcx>) { + match op { + Operand::Move(p) => self.read_place(p), + Operand::Copy(p) => self.read_place(p), + } + } + fn visit_expr(&mut self, e: &Expr<'tcx>) { match &e.kind { - ExprKind::Move(p) => self.read_place(p), - ExprKind::Copy(p) => self.read_place(p), + ExprKind::Operand(op) => self.visit_operand(op), ExprKind::BinOp(_, l, r) => { self.visit_expr(l); self.visit_expr(r) } ExprKind::UnaryOp(_, e) => self.visit_expr(e), ExprKind::Constructor(_, _, es) => es.iter().for_each(|e| self.visit_expr(e)), - ExprKind::Call(_, _, es) => es.iter().for_each(|e| self.visit_expr(e)), ExprKind::Constant(t) => self.visit_term(t), ExprKind::Cast(e, _, _) => self.visit_expr(e), ExprKind::Tuple(es) => es.iter().for_each(|e| self.visit_expr(e)), @@ -220,11 +229,11 @@ impl<'tcx> SimplePropagator<'tcx> { match s { Statement::Assignment(l, RValue::Expr(r), _) // we do not propagate calls to avoid moving them after the resolve of their arguments - if self.should_propagate(l.local) && !self.usage[&l.local].used_in_pure_ctx && !r.is_call() => { + if self.should_propagate(l.local) && !self.usage[&l.local].used_in_pure_ctx => { self.prop.insert(l.local, r); self.dead.insert(l.local); } - Statement::Assignment(ref l, RValue::Expr(ref r), _) if self.should_erase(l.local) && !r.is_call() && r.is_pure() => { + Statement::Assignment(ref l, RValue::Expr(ref r), _) if self.should_erase(l.local) && r.is_pure() => { self.dead.insert(l.local); } Statement::Resolve(_,_, ref p) => { @@ -255,6 +264,7 @@ impl<'tcx> SimplePropagator<'tcx> { } } Statement::Assertion { cond, msg: _ } => self.visit_term(cond), + Statement::Call(_, _, _, args, _) => args.iter_mut().for_each(|a| self.visit_expr(a)), Statement::AssumeBorrowInv(_) => {}, Statement::AssertTyInv( _) => {}, } @@ -272,7 +282,7 @@ impl<'tcx> SimplePropagator<'tcx> { fn visit_expr(&mut self, e: &mut Expr<'tcx>) { match &mut e.kind { - ExprKind::Move(p) | ExprKind::Copy(p) => { + ExprKind::Operand(Operand::Move(p) | Operand::Copy(p)) => { if let Some(l) = p.as_symbol() && let Some(v) = self.prop.remove(&l) { *e = v; } @@ -283,7 +293,6 @@ impl<'tcx> SimplePropagator<'tcx> { } ExprKind::UnaryOp(_, e) => self.visit_expr(e), ExprKind::Constructor(_, _, es) => es.iter_mut().for_each(|e| self.visit_expr(e)), - ExprKind::Call(_, _, es) => es.iter_mut().for_each(|e| self.visit_expr(e)), ExprKind::Constant(t) => self.visit_term(t), ExprKind::Cast(e, _, _) => self.visit_expr(e), ExprKind::Tuple(es) => es.iter_mut().for_each(|e| self.visit_expr(e)), diff --git a/creusot/src/backend/program.rs b/creusot/src/backend/program.rs index ad2a3a5ace..131f97d1d5 100644 --- a/creusot/src/backend/program.rs +++ b/creusot/src/backend/program.rs @@ -7,11 +7,12 @@ use super::{ }; use crate::{ backend::{ - closure_generic_decls, optimization, place, - place::translate_rplace, + closure_generic_decls, optimization, + place::{self, translate_rplace}, ty::{self, translate_closure_ty, translate_ty}, }, ctx::{BodyId, CloneMap, TranslationCtx}, + fmir::Operand, translation::{ binop_to_binop, fmir::{ @@ -25,7 +26,7 @@ use crate::{ use rustc_hir::{def_id::DefId, Unsafety}; use rustc_middle::{ mir::{BasicBlock, BinOp, ProjectionElem}, - ty::TyKind, + ty::{GenericArgsRef, TyKind}, }; use rustc_span::{Span, DUMMY_SP}; use rustc_type_ir::{IntTy, UintTy}; @@ -301,11 +302,11 @@ impl<'tcx> Expr<'tcx> { locals: &LocalDecls<'tcx>, ) -> Exp { let e = match self.kind { - ExprKind::Move(pl) => { + ExprKind::Operand(Operand::Move(pl)) => { // TODO invalidate original place pl.as_rplace(ctx, names, locals) } - ExprKind::Copy(pl) => pl.as_rplace(ctx, names, locals), + ExprKind::Operand(Operand::Copy(pl)) => pl.as_rplace(ctx, names, locals), ExprKind::BinOp(BinOp::BitAnd, l, r) if l.ty.is_bool() => { l.to_why(ctx, names, locals).lazy_and(r.to_why(ctx, names, locals)) } @@ -338,36 +339,6 @@ impl<'tcx> Expr<'tcx> { let ctor = names.constructor(id, subst); Exp::Constructor { ctor, args } } - ExprKind::Call(id, subst, args) => { - let mut args: Vec<_> = - args.into_iter().map(|a| a.to_why(ctx, names, locals)).collect(); - let fname = names.value(id, subst); - - let exp = if ctx.is_closure(id) { - assert!(args.len() == 2, "closures should only have two arguments (env, args)"); - - let real_sig = - ctx.signature_unclosure(subst.as_closure().sig(), Unsafety::Normal); - let closure_arg_count = real_sig.inputs().skip_binder().len(); - let names = ('a'..).take(closure_arg_count); - - let mut closure_args = vec![args.remove(0)]; - - closure_args - .extend(names.clone().map(|nm| Exp::impure_var(nm.to_string().into()))); - - Exp::Let { - pattern: Pattern::TupleP( - names.map(|nm| Pattern::VarP(nm.to_string().into())).collect(), - ), - arg: Box::new(args.remove(0)), - body: Box::new(Exp::impure_qvar(fname).app(closure_args)), - } - } else { - Exp::impure_qvar(fname).app(args) - }; - exp - } ExprKind::Constant(c) => lower_impure(ctx, names, &c), ExprKind::Tuple(f) => { Exp::Tuple(f.into_iter().map(|f| f.to_why(ctx, names, locals)).collect()) @@ -455,15 +426,14 @@ impl<'tcx> Expr<'tcx> { fn invalidated_places(&self, places: &mut Vec<(fmir::Place<'tcx>, Span)>) { match &self.kind { - ExprKind::Move(p) => places.push((p.clone(), self.span)), - ExprKind::Copy(_) => {} + ExprKind::Operand(Operand::Move(p)) => places.push((p.clone(), self.span)), + ExprKind::Operand(_) => {} ExprKind::BinOp(_, l, r) => { l.invalidated_places(places); r.invalidated_places(places) } ExprKind::UnaryOp(_, e) => e.invalidated_places(places), ExprKind::Constructor(_, _, es) => es.iter().for_each(|e| e.invalidated_places(places)), - ExprKind::Call(_, _, es) => es.iter().for_each(|e| e.invalidated_places(places)), ExprKind::Constant(_) => {} ExprKind::Cast(e, _, _) => e.invalidated_places(places), ExprKind::Tuple(es) => es.iter().for_each(|e| e.invalidated_places(places)), @@ -729,18 +699,24 @@ impl<'tcx> Statement<'tcx> { let rhs = rhs.to_why(ctx, names, locals); let mut exps = vec![place::create_assign_inner(ctx, names, locals, &lhs, rhs, span)]; - for (pl, pl_span) in invalid { - let ty = pl.ty(ctx.tcx, locals); - let ty = translate_ty(ctx, names, pl_span.substitute_dummy(span), ty); - exps.push(place::create_assign_inner( - ctx, - names, - locals, - &pl, - Exp::Any(ty), - pl_span, - )); + invalidate_places(ctx, names, locals, span, invalid, &mut exps); + + exps + } + Statement::Call(dest, fun_id, subst, args, span) => { + let mut invalid = Vec::new(); + args.iter().for_each(|a| a.invalidated_places(&mut invalid)); + + let mut exp = func_call_to_why3(ctx, names, locals, fun_id, subst, args); + + if let Some(attr) = ctx.span_attr(span) { + exp = Exp::Attr(attr, Box::new(exp)); } + + let mut exps = + vec![place::create_assign_inner(ctx, names, locals, &dest, exp, span)]; + invalidate_places(ctx, names, locals, span, invalid, &mut exps); + exps } Statement::Resolve(id, subst, pl) => { @@ -779,6 +755,56 @@ impl<'tcx> Statement<'tcx> { } } +fn invalidate_places<'tcx>( + ctx: &mut Why3Generator<'tcx>, + names: &mut CloneMap<'tcx>, + locals: &LocalDecls<'tcx>, + span: Span, + invalid: Vec<(Place<'tcx>, Span)>, + out: &mut Vec, +) { + for (pl, pl_span) in invalid { + let ty = pl.ty(ctx.tcx, locals); + let ty = translate_ty(ctx, names, pl_span.substitute_dummy(span), ty); + out.push(place::create_assign_inner(ctx, names, locals, &pl, Exp::Any(ty), pl_span)); + } +} + +fn func_call_to_why3<'tcx>( + ctx: &mut Why3Generator<'tcx>, + names: &mut CloneMap<'tcx>, + locals: &LocalDecls<'tcx>, + id: DefId, + subst: GenericArgsRef<'tcx>, + args: Vec>, +) -> Exp { + let mut args: Vec<_> = args.into_iter().map(|a| a.to_why(ctx, names, locals)).collect(); + let fname = names.value(id, subst); + + let exp = if ctx.is_closure(id) { + assert!(args.len() == 2, "closures should only have two arguments (env, args)"); + + let real_sig = ctx.signature_unclosure(subst.as_closure().sig(), Unsafety::Normal); + let closure_arg_count = real_sig.inputs().skip_binder().len(); + let names = ('a'..).take(closure_arg_count); + + let mut closure_args = vec![args.remove(0)]; + + closure_args.extend(names.clone().map(|nm| Exp::impure_var(nm.to_string().into()))); + + Exp::Let { + pattern: Pattern::TupleP( + names.map(|nm| Pattern::VarP(nm.to_string().into())).collect(), + ), + arg: Box::new(args.remove(0)), + body: Box::new(Exp::impure_qvar(fname).app(closure_args)), + } + } else { + Exp::impure_qvar(fname).app(args) + }; + exp +} + pub(crate) fn int_to_prelude(ity: IntTy) -> PreludeModule { match ity { IntTy::Isize => PreludeModule::Isize, diff --git a/creusot/src/translation.rs b/creusot/src/translation.rs index 2c5c35eb61..1cfb160c9a 100644 --- a/creusot/src/translation.rs +++ b/creusot/src/translation.rs @@ -100,7 +100,7 @@ pub(crate) fn after_analysis(ctx: TranslationCtx) -> Result<(), Box> let outputs = why3.output_filenames(()); let crate_name = why3.crate_name(LOCAL_CRATE); - let libname = format!("{}-{}.mlcfg", crate_name.as_str(), why3.crate_types()[0]); + let libname = format!("{}-{}.coma", crate_name.as_str(), why3.crate_types()[0]); let directory = if why3.opts.in_cargo { let mut dir = outputs.out_directory.clone(); diff --git a/creusot/src/translation/fmir.rs b/creusot/src/translation/fmir.rs index 28fdb02a52..840986f4f0 100644 --- a/creusot/src/translation/fmir.rs +++ b/creusot/src/translation/fmir.rs @@ -42,7 +42,9 @@ pub enum Statement<'tcx> { Resolve(DefId, GenericArgsRef<'tcx>, Place<'tcx>), Assertion { cond: Term<'tcx>, msg: String }, AssumeBorrowInv(Place<'tcx>), + // Todo: fold into `Assertion` AssertTyInv(Place<'tcx>), + Call(Place<'tcx>, DefId, GenericArgsRef<'tcx>, Vec>, Span), } // Re-organize this completely @@ -68,16 +70,18 @@ pub struct Expr<'tcx> { } #[derive(Clone, Debug)] -pub enum ExprKind<'tcx> { - // Extract this into a standalone `Operand` type +pub enum Operand<'tcx> { Move(Place<'tcx>), Copy(Place<'tcx>), +} + +#[derive(Clone, Debug)] +pub enum ExprKind<'tcx> { + Operand(Operand<'tcx>), // Revisit whether this is a good idea to allow general expression trees. BinOp(BinOp, Box>, Box>), UnaryOp(UnOp, Box>), Constructor(DefId, GenericArgsRef<'tcx>, Vec>), - // Should this be a statement? - Call(DefId, GenericArgsRef<'tcx>, Vec>), Constant(Term<'tcx>), Cast(Box>, Ty<'tcx>, Ty<'tcx>), Tuple(Vec>), @@ -89,12 +93,10 @@ pub enum ExprKind<'tcx> { impl<'tcx> Expr<'tcx> { pub fn is_call(&self) -> bool { match &self.kind { - ExprKind::Move(_) => false, - ExprKind::Copy(_) => false, + ExprKind::Operand(_) => false, ExprKind::BinOp(_, _, _) => false, ExprKind::UnaryOp(_, _) => false, ExprKind::Constructor(_, _, _) => false, - ExprKind::Call(_, _, _) => true, ExprKind::Constant(_) => false, ExprKind::Cast(_, _, _) => false, ExprKind::Tuple(_) => false, @@ -106,8 +108,7 @@ impl<'tcx> Expr<'tcx> { pub fn is_pure(&self) -> bool { match &self.kind { - ExprKind::Move(_) => true, - ExprKind::Copy(_) => true, + ExprKind::Operand(_) => true, ExprKind::BinOp( BinOp::Add | BinOp::Mul | BinOp::Rem | BinOp::Div | BinOp::Sub, _, @@ -117,7 +118,6 @@ impl<'tcx> Expr<'tcx> { ExprKind::UnaryOp(UnOp::Neg, _) => false, ExprKind::UnaryOp(_, _) => true, ExprKind::Constructor(_, _, es) => es.iter().all(|e| e.is_pure()), - ExprKind::Call(_, _, es) => es.iter().all(|e| e.is_pure()), ExprKind::Constant(_) => true, ExprKind::Cast(_, _, _) => false, ExprKind::Tuple(es) => es.iter().all(|e| e.is_pure()), diff --git a/creusot/src/translation/function.rs b/creusot/src/translation/function.rs index ee0d9493b4..49c8a5fa5f 100644 --- a/creusot/src/translation/function.rs +++ b/creusot/src/translation/function.rs @@ -348,8 +348,8 @@ impl<'body, 'tcx> BodyTranslator<'body, 'tcx> { // Useful helper to translate an operand pub(crate) fn translate_operand(&mut self, operand: &Operand<'tcx>) -> Expr<'tcx> { let kind = match operand { - Operand::Copy(pl) => ExprKind::Copy(self.translate_place(*pl)), - Operand::Move(pl) => ExprKind::Move(self.translate_place(*pl)), + Operand::Copy(pl) => ExprKind::Operand(fmir::Operand::Copy(self.translate_place(*pl))), + Operand::Move(pl) => ExprKind::Operand(fmir::Operand::Move(self.translate_place(*pl))), Operand::Constant(c) => { return crate::constant::from_mir_constant(self.param_env(), self.ctx, c) } diff --git a/creusot/src/translation/function/statement.rs b/creusot/src/translation/function/statement.rs index 24ce51c75b..5f65ee8008 100644 --- a/creusot/src/translation/function/statement.rs +++ b/creusot/src/translation/function/statement.rs @@ -1,6 +1,7 @@ use super::BodyTranslator; use crate::{ analysis::NotFinalPlaces, + fmir::Operand, translation::{ fmir::{self, Expr, ExprKind, RValue}, specification::inv_subst, @@ -90,7 +91,8 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { return; } - ExprKind::Copy(self.translate_place(self.compute_ref_place(*pl, loc))) + let op = Operand::Copy(self.translate_place(self.compute_ref_place(*pl, loc))); + ExprKind::Operand(op) } Mut { .. } => { if self.erased_locals.contains(pl.local) { @@ -158,7 +160,7 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { } Rvalue::Len(pl) => { let e = Expr { - kind: ExprKind::Copy(self.translate_place(*pl)), + kind: ExprKind::Operand(Operand::Copy(self.translate_place(*pl))), ty: pl.ty(self.body, self.tcx).ty, span: DUMMY_SP, }; diff --git a/creusot/src/translation/function/terminator.rs b/creusot/src/translation/function/terminator.rs index a5435b93c3..c09d670a25 100644 --- a/creusot/src/translation/function/terminator.rs +++ b/creusot/src/translation/function/terminator.rs @@ -106,10 +106,12 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { ty: self.ctx.types.unit, }) } - let call_exp = if self.is_box_new(fun_def_id) { + let (loc, bb) = (destination, target.unwrap()); + + if self.is_box_new(fun_def_id) { assert_eq!(func_args.len(), 1); - func_args.remove(0) + self.emit_assignment(&loc, RValue::Expr(func_args.remove(0)), span); } else { let (fun_def_id, subst) = resolve_function(self.ctx, self.param_env(), fun_def_id, subst, span); @@ -118,16 +120,15 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { .try_normalize_erasing_regions(self.param_env(), subst) .unwrap_or(subst); - let exp = Expr { - span: span.source_callsite(), - kind: ExprKind::Call(fun_def_id, subst, func_args), - ty: destination.ty(self.body, self.tcx).ty, - }; - exp + self.emit_statement(Statement::Call( + self.translate_place(*loc), + fun_def_id, + subst, + func_args, + span.source_callsite(), + )); }; - let (loc, bb) = (destination, target.unwrap()); - self.emit_assignment(&loc, RValue::Expr(call_exp), span); self.emit_terminator(Terminator::Goto(bb)); } Assert { cond, expected, msg, target, unwind: _ } => { diff --git a/creusot/tests/should_succeed/100doors.mlcfg b/creusot/tests/should_succeed/100doors.mlcfg index 3e79bd28a9..afcad7798f 100644 --- a/creusot/tests/should_succeed/100doors.mlcfg +++ b/creusot/tests/should_succeed/100doors.mlcfg @@ -375,7 +375,7 @@ module C100doors_F goto BB0 } BB0 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] door_open <- ([#"../100doors.rs" 19 35 19 51] from_elem0 ([#"../100doors.rs" 19 40 19 45] [#"../100doors.rs" 19 40 19 45] false) ([#"../100doors.rs" 19 47 19 50] [#"../100doors.rs" 19 47 19 50] (100 : usize))); + [#"../100doors.rs" 19 35 19 51] door_open <- ([#"../100doors.rs" 19 35 19 51] from_elem0 ([#"../100doors.rs" 19 40 19 45] [#"../100doors.rs" 19 40 19 45] false) ([#"../100doors.rs" 19 47 19 50] [#"../100doors.rs" 19 47 19 50] (100 : usize))); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/bug/874.mlcfg b/creusot/tests/should_succeed/bug/874.mlcfg index bb5bb69294..63e5f6614a 100644 --- a/creusot/tests/should_succeed/bug/874.mlcfg +++ b/creusot/tests/should_succeed/bug/874.mlcfg @@ -290,7 +290,7 @@ module C874_CanExtend goto BB2 } BB2 { - [#"../../../../../creusot-contracts/src/lib.rs" 254 8 254 58] v <- ([#"../874.rs" 5 16 5 29] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 5 21 5 22] [#"../874.rs" 5 21 5 22] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 5 24 5 25] [#"../874.rs" 5 24 5 25] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 5 27 5 28] [#"../874.rs" 5 27 5 28] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); + [#"../874.rs" 5 16 5 29] v <- ([#"../874.rs" 5 16 5 29] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 5 21 5 22] [#"../874.rs" 5 21 5 22] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 5 24 5 25] [#"../874.rs" 5 24 5 25] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 5 27 5 28] [#"../874.rs" 5 27 5 28] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); goto BB3 } BB3 { @@ -300,7 +300,7 @@ module C874_CanExtend goto BB5 } BB5 { - [#"../../../../../creusot-contracts/src/lib.rs" 254 8 254 58] w <- ([#"../874.rs" 6 12 6 25] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 6 17 6 18] [#"../874.rs" 6 17 6 18] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 6 20 6 21] [#"../874.rs" 6 20 6 21] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 6 23 6 24] [#"../874.rs" 6 23 6 24] (6 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); + [#"../874.rs" 6 12 6 25] w <- ([#"../874.rs" 6 12 6 25] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 6 17 6 18] [#"../874.rs" 6 17 6 18] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 6 20 6 21] [#"../874.rs" 6 20 6 21] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 6 23 6 24] [#"../874.rs" 6 23 6 24] (6 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); goto BB6 } BB6 { @@ -319,7 +319,7 @@ module C874_CanExtend goto BB9 } BB9 { - [#"../../../../../creusot-contracts/src/lib.rs" 254 8 254 58] z <- ([#"../874.rs" 9 12 9 34] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 9 17 9 18] [#"../874.rs" 9 17 9 18] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 9 20 9 21] [#"../874.rs" 9 20 9 21] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 9 23 9 24] [#"../874.rs" 9 23 9 24] (3 : int32))}; assume {Seq.get (__arr_temp.elts) 3 = ([#"../874.rs" 9 26 9 27] [#"../874.rs" 9 26 9 27] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 4 = ([#"../874.rs" 9 29 9 30] [#"../874.rs" 9 29 9 30] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 5 = ([#"../874.rs" 9 32 9 33] [#"../874.rs" 9 32 9 33] (6 : int32))}; assume {Slice.length __arr_temp = 6}; __arr_temp)); + [#"../874.rs" 9 12 9 34] z <- ([#"../874.rs" 9 12 9 34] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 9 17 9 18] [#"../874.rs" 9 17 9 18] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 9 20 9 21] [#"../874.rs" 9 20 9 21] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 9 23 9 24] [#"../874.rs" 9 23 9 24] (3 : int32))}; assume {Seq.get (__arr_temp.elts) 3 = ([#"../874.rs" 9 26 9 27] [#"../874.rs" 9 26 9 27] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 4 = ([#"../874.rs" 9 29 9 30] [#"../874.rs" 9 29 9 30] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 5 = ([#"../874.rs" 9 32 9 33] [#"../874.rs" 9 32 9 33] (6 : int32))}; assume {Slice.length __arr_temp = 6}; __arr_temp)); goto BB10 } BB10 { diff --git a/creusot/tests/should_succeed/filter_positive.mlcfg b/creusot/tests/should_succeed/filter_positive.mlcfg index 9d0c742143..736c16c50d 100644 --- a/creusot/tests/should_succeed/filter_positive.mlcfg +++ b/creusot/tests/should_succeed/filter_positive.mlcfg @@ -382,7 +382,7 @@ module FilterPositive_M goto BB3 } BB11 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] u <- ([#"../filter_positive.rs" 95 26 95 40] from_elem0 ([#"../filter_positive.rs" 95 31 95 32] [#"../filter_positive.rs" 95 31 95 32] (0 : int32)) ([#"../filter_positive.rs" 95 34 95 39] count)); + [#"../filter_positive.rs" 95 26 95 40] u <- ([#"../filter_positive.rs" 95 26 95 40] from_elem0 ([#"../filter_positive.rs" 95 31 95 32] [#"../filter_positive.rs" 95 31 95 32] (0 : int32)) ([#"../filter_positive.rs" 95 34 95 39] count)); goto BB12 } BB12 { diff --git a/creusot/tests/should_succeed/hashmap.mlcfg b/creusot/tests/should_succeed/hashmap.mlcfg index 9d85e30728..bf068bf2d6 100644 --- a/creusot/tests/should_succeed/hashmap.mlcfg +++ b/creusot/tests/should_succeed/hashmap.mlcfg @@ -289,7 +289,7 @@ module Hashmap_Impl5_New goto BB0 } BB0 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] _6 <- ([#"../hashmap.rs" 99 39 99 60] from_elem0 ([#"../hashmap.rs" 99 44 99 53] Hashmap_List_Type.C_Nil) ([#"../hashmap.rs" 99 55 99 59] size)); + [#"../hashmap.rs" 99 39 99 60] _6 <- ([#"../hashmap.rs" 99 39 99 60] from_elem0 ([#"../hashmap.rs" 99 44 99 53] Hashmap_List_Type.C_Nil) ([#"../hashmap.rs" 99 55 99 59] size)); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/knapsack.mlcfg b/creusot/tests/should_succeed/knapsack.mlcfg index 70b4b6168e..f552550362 100644 --- a/creusot/tests/should_succeed/knapsack.mlcfg +++ b/creusot/tests/should_succeed/knapsack.mlcfg @@ -644,7 +644,7 @@ module Knapsack_Knapsack01Dyn goto BB0 } BB0 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] _7 <- ([#"../knapsack.rs" 49 30 49 53] from_elem0 ([#"../knapsack.rs" 49 35 49 36] [#"../knapsack.rs" 49 35 49 36] (0 : usize)) ([#"../knapsack.rs" 49 38 49 52] ([#"../knapsack.rs" 49 38 49 48] max_weight) + ([#"../knapsack.rs" 49 51 49 52] [#"../knapsack.rs" 49 51 49 52] (1 : usize)))); + [#"../knapsack.rs" 49 30 49 53] _7 <- ([#"../knapsack.rs" 49 30 49 53] from_elem0 ([#"../knapsack.rs" 49 35 49 36] [#"../knapsack.rs" 49 35 49 36] (0 : usize)) ([#"../knapsack.rs" 49 38 49 52] ([#"../knapsack.rs" 49 38 49 48] max_weight) + ([#"../knapsack.rs" 49 51 49 52] [#"../knapsack.rs" 49 51 49 52] (1 : usize)))); goto BB1 } BB1 { @@ -652,7 +652,7 @@ module Knapsack_Knapsack01Dyn goto BB2 } BB2 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] best_value <- ([#"../knapsack.rs" 49 25 49 71] from_elem1 _7 ([#"../knapsack.rs" 49 55 49 70] _11 + ([#"../knapsack.rs" 49 69 49 70] [#"../knapsack.rs" 49 69 49 70] (1 : usize)))); + [#"../knapsack.rs" 49 25 49 71] best_value <- ([#"../knapsack.rs" 49 25 49 71] from_elem1 _7 ([#"../knapsack.rs" 49 55 49 70] _11 + ([#"../knapsack.rs" 49 69 49 70] [#"../knapsack.rs" 49 69 49 70] (1 : usize)))); _7 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); _11 <- any usize; goto BB3 diff --git a/creusot/tests/should_succeed/knapsack_full.mlcfg b/creusot/tests/should_succeed/knapsack_full.mlcfg index 2b79bfda79..72f2c91618 100644 --- a/creusot/tests/should_succeed/knapsack_full.mlcfg +++ b/creusot/tests/should_succeed/knapsack_full.mlcfg @@ -1095,7 +1095,7 @@ module KnapsackFull_Knapsack01Dyn goto BB0 } BB0 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] _10 <- ([#"../knapsack_full.rs" 86 30 86 53] from_elem0 ([#"../knapsack_full.rs" 86 35 86 36] [#"../knapsack_full.rs" 86 35 86 36] (0 : usize)) ([#"../knapsack_full.rs" 86 38 86 52] ([#"../knapsack_full.rs" 86 38 86 48] max_weight) + ([#"../knapsack_full.rs" 86 51 86 52] [#"../knapsack_full.rs" 86 51 86 52] (1 : usize)))); + [#"../knapsack_full.rs" 86 30 86 53] _10 <- ([#"../knapsack_full.rs" 86 30 86 53] from_elem0 ([#"../knapsack_full.rs" 86 35 86 36] [#"../knapsack_full.rs" 86 35 86 36] (0 : usize)) ([#"../knapsack_full.rs" 86 38 86 52] ([#"../knapsack_full.rs" 86 38 86 48] max_weight) + ([#"../knapsack_full.rs" 86 51 86 52] [#"../knapsack_full.rs" 86 51 86 52] (1 : usize)))); goto BB1 } BB1 { @@ -1103,7 +1103,7 @@ module KnapsackFull_Knapsack01Dyn goto BB2 } BB2 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] best_value <- ([#"../knapsack_full.rs" 86 25 86 71] from_elem1 _10 ([#"../knapsack_full.rs" 86 55 86 70] _14 + ([#"../knapsack_full.rs" 86 69 86 70] [#"../knapsack_full.rs" 86 69 86 70] (1 : usize)))); + [#"../knapsack_full.rs" 86 25 86 71] best_value <- ([#"../knapsack_full.rs" 86 25 86 71] from_elem1 _10 ([#"../knapsack_full.rs" 86 55 86 70] _14 + ([#"../knapsack_full.rs" 86 69 86 70] [#"../knapsack_full.rs" 86 69 86 70] (1 : usize)))); _10 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); _14 <- any usize; goto BB3 diff --git a/creusot/tests/should_succeed/sparse_array.mlcfg b/creusot/tests/should_succeed/sparse_array.mlcfg index 13c38a0688..f0ab87c15d 100644 --- a/creusot/tests/should_succeed/sparse_array.mlcfg +++ b/creusot/tests/should_succeed/sparse_array.mlcfg @@ -1132,15 +1132,15 @@ module SparseArray_Create BB0 { assert { [@expl:type invariant] inv0 dummy }; assume { resolve0 dummy }; - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] _6 <- ([#"../sparse_array.rs" 135 37 135 52] from_elem0 ([#"../sparse_array.rs" 135 42 135 47] dummy) ([#"../sparse_array.rs" 135 49 135 51] sz)); + [#"../sparse_array.rs" 135 37 135 52] _6 <- ([#"../sparse_array.rs" 135 37 135 52] from_elem0 ([#"../sparse_array.rs" 135 42 135 47] dummy) ([#"../sparse_array.rs" 135 49 135 51] sz)); goto BB1 } BB1 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] _9 <- ([#"../sparse_array.rs" 135 59 135 70] from_elem1 ([#"../sparse_array.rs" 135 64 135 65] [#"../sparse_array.rs" 135 64 135 65] (0 : usize)) ([#"../sparse_array.rs" 135 67 135 69] sz)); + [#"../sparse_array.rs" 135 59 135 70] _9 <- ([#"../sparse_array.rs" 135 59 135 70] from_elem1 ([#"../sparse_array.rs" 135 64 135 65] [#"../sparse_array.rs" 135 64 135 65] (0 : usize)) ([#"../sparse_array.rs" 135 67 135 69] sz)); goto BB2 } BB2 { - [#"../../../../creusot-contracts/src/lib.rs" 251 8 251 40] _11 <- ([#"../sparse_array.rs" 135 78 135 89] from_elem1 ([#"../sparse_array.rs" 135 83 135 84] [#"../sparse_array.rs" 135 83 135 84] (0 : usize)) ([#"../sparse_array.rs" 135 86 135 88] sz)); + [#"../sparse_array.rs" 135 78 135 89] _11 <- ([#"../sparse_array.rs" 135 78 135 89] from_elem1 ([#"../sparse_array.rs" 135 83 135 84] [#"../sparse_array.rs" 135 83 135 84] (0 : usize)) ([#"../sparse_array.rs" 135 86 135 88] sz)); goto BB3 } BB3 { diff --git a/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg b/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg index c57c421f83..f71e01f3b3 100644 --- a/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg +++ b/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg @@ -213,7 +213,7 @@ module C13VecMacro_X goto BB0 } BB0 { - [#"../../../../../creusot-contracts/src/lib.rs" 248 8 248 30] v0 <- ([#"../13_vec_macro.rs" 6 23 6 29] new0 ()); + [#"../13_vec_macro.rs" 6 23 6 29] v0 <- ([#"../13_vec_macro.rs" 6 23 6 29] new0 ()); goto BB1 } BB1 { @@ -222,7 +222,7 @@ module C13VecMacro_X goto BB2 } BB2 { - [#"../../../../../creusot-contracts/src/lib.rs" 251 8 251 40] v1 <- ([#"../13_vec_macro.rs" 9 13 9 23] from_elem0 ([#"../13_vec_macro.rs" 9 18 9 19] [#"../13_vec_macro.rs" 9 18 9 19] (0 : int32)) ([#"../13_vec_macro.rs" 9 21 9 22] [#"../13_vec_macro.rs" 9 21 9 22] (2 : usize))); + [#"../13_vec_macro.rs" 9 13 9 23] v1 <- ([#"../13_vec_macro.rs" 9 13 9 23] from_elem0 ([#"../13_vec_macro.rs" 9 18 9 19] [#"../13_vec_macro.rs" 9 18 9 19] (0 : int32)) ([#"../13_vec_macro.rs" 9 21 9 22] [#"../13_vec_macro.rs" 9 21 9 22] (2 : usize))); goto BB3 } BB3 { @@ -237,7 +237,7 @@ module C13VecMacro_X goto BB6 } BB6 { - [#"../../../../../creusot-contracts/src/lib.rs" 254 8 254 58] v2 <- ([#"../13_vec_macro.rs" 12 13 12 26] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../13_vec_macro.rs" 12 18 12 19] [#"../13_vec_macro.rs" 12 18 12 19] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../13_vec_macro.rs" 12 21 12 22] [#"../13_vec_macro.rs" 12 21 12 22] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../13_vec_macro.rs" 12 24 12 25] [#"../13_vec_macro.rs" 12 24 12 25] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); + [#"../13_vec_macro.rs" 12 13 12 26] v2 <- ([#"../13_vec_macro.rs" 12 13 12 26] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../13_vec_macro.rs" 12 18 12 19] [#"../13_vec_macro.rs" 12 18 12 19] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../13_vec_macro.rs" 12 21 12 22] [#"../13_vec_macro.rs" 12 21 12 22] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../13_vec_macro.rs" 12 24 12 25] [#"../13_vec_macro.rs" 12 24 12 25] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); goto BB7 } BB7 { diff --git a/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg b/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg index 7661676331..ecdfc5f9da 100644 --- a/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg +++ b/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg @@ -277,7 +277,7 @@ module C06KnightsTour_Impl1_New_Closure3 } BB0 { assume { resolve0 _1 }; - [#"../../../../../creusot-contracts/src/lib.rs" 251 8 251 40] res <- ([#"../06_knights_tour.rs" 44 23 44 36] from_elem0 ([#"../06_knights_tour.rs" 44 28 44 29] [#"../06_knights_tour.rs" 44 28 44 29] (0 : usize)) ([#"../06_knights_tour.rs" 44 31 44 35] field_00 ( * _1))); + [#"../06_knights_tour.rs" 44 23 44 36] res <- ([#"../06_knights_tour.rs" 44 23 44 36] from_elem0 ([#"../06_knights_tour.rs" 44 28 44 29] [#"../06_knights_tour.rs" 44 28 44 29] (0 : usize)) ([#"../06_knights_tour.rs" 44 31 44 35] field_00 ( * _1))); goto BB1 } BB1 { diff --git a/why3/src/coma.rs b/why3/src/coma.rs index 4cb515c0be..607c21f995 100644 --- a/why3/src/coma.rs +++ b/why3/src/coma.rs @@ -235,16 +235,6 @@ impl Print for Expr { } } -fn braces<'a, A: pretty::DocAllocator<'a>>( - doc: pretty::DocBuilder<'a, A>, -) -> pretty::DocBuilder<'a, A> { - if !matches!(&*doc.1, pretty::Doc::Nil) { - doc.braces() - } else { - doc - } -} - fn brackets<'a, A: pretty::DocAllocator<'a>>( doc: pretty::DocBuilder<'a, A>, ) -> pretty::DocBuilder<'a, A> { From 397d24be1a2a6abb57ebd6e113306f302c8b5731 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Wed, 21 Feb 2024 19:11:52 +0100 Subject: [PATCH 14/66] Revert the coma extension in files --- creusot/src/translation.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/creusot/src/translation.rs b/creusot/src/translation.rs index 1cfb160c9a..2c5c35eb61 100644 --- a/creusot/src/translation.rs +++ b/creusot/src/translation.rs @@ -100,7 +100,7 @@ pub(crate) fn after_analysis(ctx: TranslationCtx) -> Result<(), Box> let outputs = why3.output_filenames(()); let crate_name = why3.crate_name(LOCAL_CRATE); - let libname = format!("{}-{}.coma", crate_name.as_str(), why3.crate_types()[0]); + let libname = format!("{}-{}.mlcfg", crate_name.as_str(), why3.crate_types()[0]); let directory = if why3.opts.in_cargo { let mut dir = outputs.out_directory.clone(); From 0a4eac7f72e39df24a09d407c86b79c45a10319e Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Wed, 21 Feb 2024 16:05:06 +0100 Subject: [PATCH 15/66] Fix #949 --- creusot/src/backend/clone_map.rs | 2 +- creusot/src/backend/clone_map/elaborator.rs | 2 +- creusot/src/backend/clone_map/expander.rs | 9 +- creusot/src/backend/dependency.rs | 8 +- creusot/tests/should_succeed/bug/949.mlcfg | 308 ++++++++++++++++++++ creusot/tests/should_succeed/bug/949.rs | 10 + 6 files changed, 329 insertions(+), 10 deletions(-) create mode 100644 creusot/tests/should_succeed/bug/949.mlcfg create mode 100644 creusot/tests/should_succeed/bug/949.rs diff --git a/creusot/src/backend/clone_map.rs b/creusot/src/backend/clone_map.rs index ebe25a097d..db49c5e224 100644 --- a/creusot/src/backend/clone_map.rs +++ b/creusot/src/backend/clone_map.rs @@ -221,7 +221,7 @@ impl<'tcx> Namer<'tcx> for CloneMap<'tcx> { } fn import_prelude_module(&mut self, module: PreludeModule) { - self.insert(DepNode::Buitlin(module)); + self.insert(DepNode::Builtin(module)); } fn with_vis(&mut self, vis: CloneLevel, f: F) -> A diff --git a/creusot/src/backend/clone_map/elaborator.rs b/creusot/src/backend/clone_map/elaborator.rs index a9dd1cc264..3fbf4775e3 100644 --- a/creusot/src/backend/clone_map/elaborator.rs +++ b/creusot/src/backend/clone_map/elaborator.rs @@ -64,7 +64,7 @@ impl<'tcx> SymbolElaborator<'tcx> { match item { DepNode::Type(ty) => return self.elaborate_ty(ctx, names, ty), - DepNode::Buitlin(b) => { + DepNode::Builtin(b) => { return vec![Decl::UseDecl(Use { name: b.qname(), as_: None, export: false })] } DepNode::TyInv(ty, kind) => { diff --git a/creusot/src/backend/clone_map/expander.rs b/creusot/src/backend/clone_map/expander.rs index 587ac1cce8..e438c952b6 100644 --- a/creusot/src/backend/clone_map/expander.rs +++ b/creusot/src/backend/clone_map/expander.rs @@ -162,10 +162,11 @@ impl<'a, 'tcx> Expander<'a, 'tcx> { Some(self.resolve_dep(ctx, node)) } TyKind::Closure(_, _) => Some(DepNode::Type(t)), - TyKind::Ref(_, _, Mutability::Mut) => Some(DepNode::Buitlin(PreludeModule::Borrow)), - TyKind::Int(ity) => Some(DepNode::Buitlin(int_to_prelude(*ity))), - TyKind::Uint(uty) => Some(DepNode::Buitlin(uint_to_prelude(*uty))), - TyKind::Slice(_) => Some(DepNode::Buitlin(PreludeModule::Slice)), + TyKind::Ref(_, _, Mutability::Mut) => Some(DepNode::Builtin(PreludeModule::Borrow)), + TyKind::Int(ity) => Some(DepNode::Builtin(int_to_prelude(*ity))), + TyKind::Uint(uty) => Some(DepNode::Builtin(uint_to_prelude(*uty))), + TyKind::Slice(_) => Some(DepNode::Builtin(PreludeModule::Slice)), + TyKind::RawPtr(_) => Some(DepNode::Builtin(PreludeModule::Opaque)), TyKind::Adt(_, _) => Some(DepNode::Type(t)), _ => None, }; diff --git a/creusot/src/backend/dependency.rs b/creusot/src/backend/dependency.rs index 7dba79f1d4..7daaac6aa9 100644 --- a/creusot/src/backend/dependency.rs +++ b/creusot/src/backend/dependency.rs @@ -25,7 +25,7 @@ pub(crate) enum Dependency<'tcx> { Item(DefId, GenericArgsRef<'tcx>), TyInv(Ty<'tcx>, TyInvKind), Hacked(HackedId, DefId, GenericArgsRef<'tcx>), - Buitlin(PreludeModule), + Builtin(PreludeModule), } #[derive(Copy, Clone, PartialEq, Eq, Debug, Hash, PartialOrd, Ord)] @@ -99,7 +99,7 @@ impl<'tcx> Dependency<'tcx> { Dependency::Item(id, _) => Some(TransId::Item(id)), Dependency::TyInv(_, k) => Some(TransId::TyInv(k)), Dependency::Hacked(h, id, _) => Some(TransId::Hacked(h, id)), - Dependency::Buitlin(_) => None, + Dependency::Builtin(_) => None, } } @@ -125,7 +125,7 @@ impl<'tcx> Dependency<'tcx> { _ => None, }, Dependency::Hacked(_, id, substs) => Some((id, substs)), - Dependency::Buitlin(_) => None, + Dependency::Builtin(_) => None, } } @@ -200,7 +200,7 @@ impl<'tcx> Dependency<'tcx> { HackedId::Resolve => Symbol::intern("resolve"), HackedId::Accessor(ix) => Symbol::intern(&format!("field_{ix}")), }, - Dependency::Buitlin(_) => Symbol::intern("builtin_should_not_appear"), + Dependency::Builtin(_) => Symbol::intern("builtin_should_not_appear"), } } } diff --git a/creusot/tests/should_succeed/bug/949.mlcfg b/creusot/tests/should_succeed/bug/949.mlcfg new file mode 100644 index 0000000000..b537986375 --- /dev/null +++ b/creusot/tests/should_succeed/bug/949.mlcfg @@ -0,0 +1,308 @@ + +module CreusotContracts_GhostPtr_GhostPtrToken_Type + type t_ghostptrtoken 't +end +module CreusotContracts_Logic_Fmap_FMap_Type + type t_fmap 'k 'v +end +module Core_Option_Option_Type + type t_option 't = + | C_None + | C_Some 't + +end +module Core_Ptr_NonNull_NonNull_Type + use prelude.Opaque + type t_nonnull 't = + | C_NonNull opaque_ptr + +end +module Core_Marker_PhantomData_Type + type t_phantomdata 't = + | C_PhantomData + +end +module Core_Ptr_Unique_Unique_Type + use Core_Marker_PhantomData_Type as Core_Marker_PhantomData_Type + use Core_Ptr_NonNull_NonNull_Type as Core_Ptr_NonNull_NonNull_Type + type t_unique 't = + | C_Unique (Core_Ptr_NonNull_NonNull_Type.t_nonnull 't) (Core_Marker_PhantomData_Type.t_phantomdata 't) + +end +module Alloc_Boxed_Box_Type + use Core_Ptr_Unique_Unique_Type as Core_Ptr_Unique_Unique_Type + type t_box 't 'a = + | C_Box (Core_Ptr_Unique_Unique_Type.t_unique 't) 'a + +end +module Alloc_Alloc_Global_Type + type t_global = + | C_Global + +end +module C949_Main + use prelude.Int32 + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant8 (self : Core_Option_Option_Type.t_option int32) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant8 (self : Core_Option_Option_Type.t_option int32) : bool + ensures { result = invariant8 self } + + predicate inv8 (_x : Core_Option_Option_Type.t_option int32) + val inv8 (_x : Core_Option_Option_Type.t_option int32) : bool + ensures { result = inv8 _x } + + axiom inv8 : forall x : Core_Option_Option_Type.t_option int32 . inv8 x = true + predicate invariant7 (self : int32) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant7 (self : int32) : bool + ensures { result = invariant7 self } + + predicate inv7 (_x : int32) + val inv7 (_x : int32) : bool + ensures { result = inv7 _x } + + axiom inv7 : forall x : int32 . inv7 x = true + use prelude.Opaque + use map.Map + predicate invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool + ensures { result = invariant6 self } + + predicate inv6 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) + val inv6 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool + ensures { result = inv6 _x } + + axiom inv6 : forall x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) . inv6 x = true + predicate invariant5 (self : int32) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant5 (self : int32) : bool + ensures { result = invariant5 self } + + predicate inv5 (_x : int32) + val inv5 (_x : int32) : bool + ensures { result = inv5 _x } + + axiom inv5 : forall x : int32 . inv5 x = true + predicate invariant4 (self : opaque_ptr) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant4 (self : opaque_ptr) : bool + ensures { result = invariant4 self } + + predicate inv4 (_x : opaque_ptr) + val inv4 (_x : opaque_ptr) : bool + ensures { result = inv4 _x } + + axiom inv4 : forall x : opaque_ptr . inv4 x = true + use CreusotContracts_Logic_Fmap_FMap_Type as CreusotContracts_Logic_Fmap_FMap_Type + predicate invariant3 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant3 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool + ensures { result = invariant3 self } + + predicate inv3 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) + val inv3 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool + ensures { result = inv3 _x } + + axiom inv3 : forall x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . inv3 x = true + predicate invariant2 (self : int32) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant2 (self : int32) : bool + ensures { result = invariant2 self } + + predicate inv2 (_x : int32) + val inv2 (_x : int32) : bool + ensures { result = inv2 _x } + + use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type + axiom inv2 : forall x : int32 . inv2 x = true + use CreusotContracts_GhostPtr_GhostPtrToken_Type as CreusotContracts_GhostPtr_GhostPtrToken_Type + use prelude.Borrow + predicate invariant1 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant1 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : bool + ensures { result = invariant1 self } + + predicate inv1 (_x : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) + val inv1 (_x : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : bool + ensures { result = inv1 _x } + + axiom inv1 : forall x : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) . inv1 x = true + predicate invariant0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) = + [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true + val invariant0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : bool + ensures { result = invariant0 self } + + predicate inv0 (_x : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) + val inv0 (_x : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : bool + ensures { result = inv0 _x } + + axiom inv0 : forall x : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32 . inv0 x = true + predicate resolve1 (self : int32) = + [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true + val resolve1 (self : int32) : bool + ensures { result = resolve1 self } + + predicate resolve0 (self : int32) = + [#"../../../../../creusot-contracts/src/resolve.rs" 34 8 34 31] resolve1 self + val resolve0 (self : int32) : bool + ensures { result = resolve0 self } + + use prelude.Int + use map.Map + function mk0 (_m : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val mk0 (_m : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = mk0 _m } + + function view0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) + + val view0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv3 self} + ensures { result = view0 self } + + axiom view0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 4 28 35] inv6 (view0 self)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 27 14 27 38] mk0 (view0 self) = self) + function get0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : Core_Option_Option_Type.t_option int32 + + = + [#"../../../../../creusot-contracts/src/logic/fmap.rs" 55 8 55 26] Map.get (view0 self) k + val get0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : Core_Option_Option_Type.t_option int32 + ensures { result = get0 self k } + + function contains0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool = + [#"../../../../../creusot-contracts/src/logic/fmap.rs" 77 8 77 27] get0 self k <> Core_Option_Option_Type.C_None + val contains0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool + ensures { result = contains0 self k } + + function len0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : int + val len0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : int + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv3 self} + ensures { result = len0 self } + + axiom len0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 12 14 12 25] len0 self >= 0) + use map.Map + function remove0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val remove0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv3 self} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv4 k} + ensures { result = remove0 self k } + + axiom remove0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv4 k) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 4 47 37] inv3 (remove0 self k)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 46 14 46 84] len0 (remove0 self k) = (if contains0 self k then + len0 self - 1 + else + len0 self + )) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 45 14 45 55] view0 (remove0 self k) = Map.set (view0 self) k (Core_Option_Option_Type.C_None)) + function unreachable0 (_1 : ()) : int32 + val unreachable0 (_1 : ()) : int32 + requires {[#"../../../../../creusot-contracts/src/util.rs" 24 11 24 16] false} + ensures { result = unreachable0 _1 } + + axiom unreachable0_spec : forall _1 : () . ([#"../../../../../creusot-contracts/src/util.rs" 24 11 24 16] false) -> ([#"../../../../../creusot-contracts/src/util.rs" 27 0 27 28] inv2 (unreachable0 _1)) && ([#"../../../../../creusot-contracts/src/util.rs" 25 10 25 15] false) + function unwrap0 (op : Core_Option_Option_Type.t_option int32) : int32 + val unwrap0 (op : Core_Option_Option_Type.t_option int32) : int32 + requires {[#"../../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None} + requires {[#"../../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv8 op} + ensures { result = unwrap0 op } + + axiom unwrap0_spec : forall op : Core_Option_Option_Type.t_option int32 . ([#"../../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None) -> ([#"../../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv8 op) -> ([#"../../../../../creusot-contracts/src/util.rs" 35 0 35 36] inv2 (unwrap0 op)) && ([#"../../../../../creusot-contracts/src/util.rs" 34 10 34 28] Core_Option_Option_Type.C_Some (unwrap0 op) = op) + function lookup_unsized0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 + + = + [#"../../../../../creusot-contracts/src/logic/fmap.rs" 61 8 61 27] unwrap0 (get0 self k) + val lookup_unsized0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 + ensures { result = lookup_unsized0 self k } + + function shallow_model0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val shallow_model0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = shallow_model0 self } + + val ptr_to_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (ptr : opaque_ptr) : int32 + requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 106 4 106 39] contains0 (shallow_model0 ( * self)) ptr} + requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 109 27 109 31] inv1 self} + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 107 14 107 54] result = lookup_unsized0 (shallow_model0 ( * self)) ptr } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 108 14 108 46] shallow_model0 ( ^ self) = remove0 (shallow_model0 ( * self)) ptr } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 109 4 109 57] inv2 result } + + function make_sized0 (self : int32) : int32 + val make_sized0 (self : int32) : int32 + requires {[#"../../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv7 self} + ensures { result = make_sized0 self } + + axiom make_sized0_spec : forall self : int32 . ([#"../../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv7 self) -> ([#"../../../../../creusot-contracts/src/util.rs" 16 4 16 40] inv2 (make_sized0 self)) && ([#"../../../../../creusot-contracts/src/util.rs" 15 14 15 30] make_sized0 self = self) + function insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + + val insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv3 self} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv4 k} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv5 v} + ensures { result = insert0 self k v } + + axiom insert0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr, v : int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv4 k) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv5 v) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 4 38 43] inv3 (insert0 self k v)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 37 4 37 68] not contains0 self k -> len0 (insert0 self k v) = len0 self + 1) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 36 4 36 63] contains0 self k -> len0 (insert0 self k v) = len0 self) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 35 14 35 71] view0 (insert0 self k v) = Map.set (view0 self) k (Core_Option_Option_Type.C_Some (make_sized0 v))) + val ptr_from_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (val' : int32) : opaque_ptr + requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 57 29 57 33] inv1 self} + requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 57 35 57 38] inv2 val'} + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 53 4 53 42] not contains0 (shallow_model0 ( * self)) result } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 56 14 56 55] shallow_model0 ( ^ self) = insert0 (shallow_model0 ( * self)) result val' } + + use map.Const + function empty0 (_1 : ()) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + val empty0 (_1 : ()) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 + ensures { result = empty0 _1 } + + axiom empty0_spec : forall _1 : () . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 85 4 85 26] inv3 (empty0 _1)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 84 14 84 49] view0 (empty0 _1) = Const.const (Core_Option_Option_Type.C_None)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 83 14 83 31] len0 (empty0 _1) = 0) + val new0 (_1 : ()) : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32 + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 27 14 27 38] shallow_model0 result = empty0 () } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 28 4 28 24] inv0 result } + + let rec cfg main [#"../949.rs" 4 0 4 13] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () + = [@vc:do_not_keep_trace] [@vc:sp] + var _0 : (); + var tok : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32; + var b : int32; + var p : opaque_ptr; + var _4 : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + var r : int32; + var _7 : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + { + goto BB0 + } + BB0 { + [#"../949.rs" 5 18 5 38] tok <- ([#"../949.rs" 5 18 5 38] new0 ()); + goto BB1 + } + BB1 { + [#"../949.rs" 6 12 6 23] b <- ([#"../949.rs" 6 21 6 22] [#"../949.rs" 6 21 6 22] (1 : int32)); + goto BB2 + } + BB2 { + [#"../949.rs" 7 12 7 15] _4 <- Borrow.borrow_mut tok; + [#"../949.rs" 7 12 7 15] tok <- ^ _4; + [#"../949.rs" 7 12 7 31] p <- ([#"../949.rs" 7 12 7 31] ptr_from_box0 _4 ([#"../949.rs" 7 29 7 30] b)); + _4 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + [#"../949.rs" 7 29 7 30] b <- any int32; + goto BB3 + } + BB3 { + [#"../949.rs" 8 16 8 19] _7 <- Borrow.borrow_mut tok; + [#"../949.rs" 8 16 8 19] tok <- ^ _7; + [#"../949.rs" 8 16 8 33] r <- ([#"../949.rs" 8 16 8 33] ptr_to_box0 _7 ([#"../949.rs" 8 31 8 32] p)); + _7 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); + goto BB4 + } + BB4 { + [#"../949.rs" 9 4 9 11] r <- ([#"../949.rs" 9 4 9 11] r + ([#"../949.rs" 9 10 9 11] [#"../949.rs" 9 10 9 11] (5 : int32))); + assume { resolve0 r }; + [#"../949.rs" 4 14 10 1] _0 <- ([#"../949.rs" 4 14 10 1] ()); + goto BB5 + } + BB5 { + goto BB6 + } + BB6 { + return _0 + } + +end diff --git a/creusot/tests/should_succeed/bug/949.rs b/creusot/tests/should_succeed/bug/949.rs new file mode 100644 index 0000000000..2022939229 --- /dev/null +++ b/creusot/tests/should_succeed/bug/949.rs @@ -0,0 +1,10 @@ +extern crate creusot_contracts; +use creusot_contracts::ghost_ptr::GhostPtrToken; + +pub fn main() { + let mut tok = GhostPtrToken::new(); + let b = Box::new(1); + let p = tok.ptr_from_box(b); + let mut r = tok.ptr_to_box(p); + *r += 5; +} From 08982df6cad00d0b043a74a421061982dc53bc8c Mon Sep 17 00:00:00 2001 From: dewert99 Date: Thu, 22 Feb 2024 11:41:25 -0800 Subject: [PATCH 16/66] Blessed tests --- creusot/tests/should_succeed/bug/949.mlcfg | 159 ++++++-------- .../should_succeed/ghost_ptr_token.mlcfg | 197 +++++++++--------- .../should_succeed/iterators/01_range.mlcfg | 66 +++--- .../should_succeed/iterators/04_skip.mlcfg | 48 ++--- .../should_succeed/iterators/07_fuse.mlcfg | 4 +- .../should_succeed/iterators/09_empty.mlcfg | 2 +- .../should_succeed/iterators/10_once.mlcfg | 46 ++-- .../should_succeed/iterators/14_copied.mlcfg | 72 +++---- .../iterators/15_enumerate.mlcfg | 76 +++---- 9 files changed, 324 insertions(+), 346 deletions(-) diff --git a/creusot/tests/should_succeed/bug/949.mlcfg b/creusot/tests/should_succeed/bug/949.mlcfg index b537986375..360f62446d 100644 --- a/creusot/tests/should_succeed/bug/949.mlcfg +++ b/creusot/tests/should_succeed/bug/949.mlcfg @@ -43,38 +43,16 @@ end module C949_Main use prelude.Int32 use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant8 (self : Core_Option_Option_Type.t_option int32) = + predicate invariant6 (self : Core_Option_Option_Type.t_option int32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant8 (self : Core_Option_Option_Type.t_option int32) : bool - ensures { result = invariant8 self } - - predicate inv8 (_x : Core_Option_Option_Type.t_option int32) - val inv8 (_x : Core_Option_Option_Type.t_option int32) : bool - ensures { result = inv8 _x } - - axiom inv8 : forall x : Core_Option_Option_Type.t_option int32 . inv8 x = true - predicate invariant7 (self : int32) = - [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant7 (self : int32) : bool - ensures { result = invariant7 self } - - predicate inv7 (_x : int32) - val inv7 (_x : int32) : bool - ensures { result = inv7 _x } - - axiom inv7 : forall x : int32 . inv7 x = true - use prelude.Opaque - use map.Map - predicate invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) = - [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool + val invariant6 (self : Core_Option_Option_Type.t_option int32) : bool ensures { result = invariant6 self } - predicate inv6 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) - val inv6 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool + predicate inv6 (_x : Core_Option_Option_Type.t_option int32) + val inv6 (_x : Core_Option_Option_Type.t_option int32) : bool ensures { result = inv6 _x } - axiom inv6 : forall x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) . inv6 x = true + axiom inv6 : forall x : Core_Option_Option_Type.t_option int32 . inv6 x = true predicate invariant5 (self : int32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true val invariant5 (self : int32) : bool @@ -85,60 +63,60 @@ module C949_Main ensures { result = inv5 _x } axiom inv5 : forall x : int32 . inv5 x = true - predicate invariant4 (self : opaque_ptr) = + use prelude.Opaque + use map.Map + predicate invariant4 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant4 (self : opaque_ptr) : bool + val invariant4 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool ensures { result = invariant4 self } - predicate inv4 (_x : opaque_ptr) - val inv4 (_x : opaque_ptr) : bool + predicate inv4 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) + val inv4 (_x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : bool ensures { result = inv4 _x } - axiom inv4 : forall x : opaque_ptr . inv4 x = true - use CreusotContracts_Logic_Fmap_FMap_Type as CreusotContracts_Logic_Fmap_FMap_Type - predicate invariant3 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) = + axiom inv4 : forall x : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) . inv4 x = true + predicate invariant3 (self : int32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant3 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool + val invariant3 (self : int32) : bool ensures { result = invariant3 self } - predicate inv3 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) - val inv3 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool + predicate inv3 (_x : int32) + val inv3 (_x : int32) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . inv3 x = true - predicate invariant2 (self : int32) = + axiom inv3 : forall x : int32 . inv3 x = true + predicate invariant2 (self : opaque_ptr) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant2 (self : int32) : bool + val invariant2 (self : opaque_ptr) : bool ensures { result = invariant2 self } - predicate inv2 (_x : int32) - val inv2 (_x : int32) : bool + predicate inv2 (_x : opaque_ptr) + val inv2 (_x : opaque_ptr) : bool ensures { result = inv2 _x } - use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type - axiom inv2 : forall x : int32 . inv2 x = true - use CreusotContracts_GhostPtr_GhostPtrToken_Type as CreusotContracts_GhostPtr_GhostPtrToken_Type - use prelude.Borrow - predicate invariant1 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) = + axiom inv2 : forall x : opaque_ptr . inv2 x = true + use CreusotContracts_Logic_Fmap_FMap_Type as CreusotContracts_Logic_Fmap_FMap_Type + predicate invariant1 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant1 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : bool + val invariant1 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool ensures { result = invariant1 self } - predicate inv1 (_x : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) - val inv1 (_x : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : bool + predicate inv1 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) + val inv1 (_x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) . inv1 x = true - predicate invariant0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) = + axiom inv1 : forall x : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . inv1 x = true + predicate invariant0 (self : int32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : bool + val invariant0 (self : int32) : bool ensures { result = invariant0 self } - predicate inv0 (_x : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) - val inv0 (_x : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : bool + predicate inv0 (_x : int32) + val inv0 (_x : int32) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32 . inv0 x = true + use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type + axiom inv0 : forall x : int32 . inv0 x = true predicate resolve1 (self : int32) = [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve1 (self : int32) : bool @@ -149,6 +127,7 @@ module C949_Main val resolve0 (self : int32) : bool ensures { result = resolve0 self } + use CreusotContracts_GhostPtr_GhostPtrToken_Type as CreusotContracts_GhostPtr_GhostPtrToken_Type use prelude.Int use map.Map function mk0 (_m : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 @@ -159,10 +138,10 @@ module C949_Main function view0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) val view0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32) - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv3 self} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv1 self} ensures { result = view0 self } - axiom view0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 4 28 35] inv6 (view0 self)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 27 14 27 38] mk0 (view0 self) = self) + axiom view0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 16 28 20] inv1 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 28 4 28 35] inv4 (view0 self)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 27 14 27 38] mk0 (view0 self) = self) function get0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : Core_Option_Option_Type.t_option int32 = @@ -170,26 +149,28 @@ module C949_Main val get0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : Core_Option_Option_Type.t_option int32 ensures { result = get0 self k } - function contains0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool = - [#"../../../../../creusot-contracts/src/logic/fmap.rs" 77 8 77 27] get0 self k <> Core_Option_Option_Type.C_None - val contains0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool + function contains0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool + + = + [#"../../../../../creusot-contracts/src/logic/fmap.rs" 79 8 79 27] get0 self k <> Core_Option_Option_Type.C_None + val contains0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : bool ensures { result = contains0 self k } function len0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : int val len0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) : int - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv3 self} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv1 self} ensures { result = len0 self } - axiom len0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 12 14 12 25] len0 self >= 0) + axiom len0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 13 15 13 19] inv1 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 12 14 12 25] len0 self >= 0) use map.Map function remove0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 val remove0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv3 self} - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv4 k} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv1 self} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv2 k} ensures { result = remove0 self k } - axiom remove0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv4 k) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 4 47 37] inv3 (remove0 self k)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 46 14 46 84] len0 (remove0 self k) = (if contains0 self k then + axiom remove0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 18 47 22] inv1 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 24 47 25] inv2 k) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 47 4 47 37] inv1 (remove0 self k)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 46 14 46 84] len0 (remove0 self k) = (if contains0 self k then len0 self - 1 else len0 self @@ -199,19 +180,19 @@ module C949_Main requires {[#"../../../../../creusot-contracts/src/util.rs" 24 11 24 16] false} ensures { result = unreachable0 _1 } - axiom unreachable0_spec : forall _1 : () . ([#"../../../../../creusot-contracts/src/util.rs" 24 11 24 16] false) -> ([#"../../../../../creusot-contracts/src/util.rs" 27 0 27 28] inv2 (unreachable0 _1)) && ([#"../../../../../creusot-contracts/src/util.rs" 25 10 25 15] false) + axiom unreachable0_spec : forall _1 : () . ([#"../../../../../creusot-contracts/src/util.rs" 24 11 24 16] false) -> ([#"../../../../../creusot-contracts/src/util.rs" 27 0 27 28] inv0 (unreachable0 _1)) && ([#"../../../../../creusot-contracts/src/util.rs" 25 10 25 15] false) function unwrap0 (op : Core_Option_Option_Type.t_option int32) : int32 val unwrap0 (op : Core_Option_Option_Type.t_option int32) : int32 requires {[#"../../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None} - requires {[#"../../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv8 op} + requires {[#"../../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv6 op} ensures { result = unwrap0 op } - axiom unwrap0_spec : forall op : Core_Option_Option_Type.t_option int32 . ([#"../../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None) -> ([#"../../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv8 op) -> ([#"../../../../../creusot-contracts/src/util.rs" 35 0 35 36] inv2 (unwrap0 op)) && ([#"../../../../../creusot-contracts/src/util.rs" 34 10 34 28] Core_Option_Option_Type.C_Some (unwrap0 op) = op) - function lookup_unsized0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 + axiom unwrap0_spec : forall op : Core_Option_Option_Type.t_option int32 . ([#"../../../../../creusot-contracts/src/util.rs" 33 11 33 21] op <> Core_Option_Option_Type.C_None) -> ([#"../../../../../creusot-contracts/src/util.rs" 35 17 35 19] inv6 op) -> ([#"../../../../../creusot-contracts/src/util.rs" 35 0 35 36] inv0 (unwrap0 op)) && ([#"../../../../../creusot-contracts/src/util.rs" 34 10 34 28] Core_Option_Option_Type.C_Some (unwrap0 op) = op) + function lookup_unsized0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 = - [#"../../../../../creusot-contracts/src/logic/fmap.rs" 61 8 61 27] unwrap0 (get0 self k) - val lookup_unsized0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 + [#"../../../../../creusot-contracts/src/logic/fmap.rs" 62 8 62 27] unwrap0 (get0 self k) + val lookup_unsized0 [@inline:trivial] (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) : int32 ensures { result = lookup_unsized0 self k } function shallow_model0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 @@ -219,43 +200,41 @@ module C949_Main val shallow_model0 (self : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 ensures { result = shallow_model0 self } + use prelude.Borrow val ptr_to_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (ptr : opaque_ptr) : int32 - requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 106 4 106 39] contains0 (shallow_model0 ( * self)) ptr} - requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 109 27 109 31] inv1 self} - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 107 14 107 54] result = lookup_unsized0 (shallow_model0 ( * self)) ptr } - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 108 14 108 46] shallow_model0 ( ^ self) = remove0 (shallow_model0 ( * self)) ptr } - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 109 4 109 57] inv2 result } + requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 96 4 96 39] contains0 (shallow_model0 ( * self)) ptr} + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 97 14 97 54] result = lookup_unsized0 (shallow_model0 ( * self)) ptr } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 98 14 98 46] shallow_model0 ( ^ self) = remove0 (shallow_model0 ( * self)) ptr } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 99 4 99 57] inv0 result } function make_sized0 (self : int32) : int32 val make_sized0 (self : int32) : int32 - requires {[#"../../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv7 self} + requires {[#"../../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv5 self} ensures { result = make_sized0 self } - axiom make_sized0_spec : forall self : int32 . ([#"../../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv7 self) -> ([#"../../../../../creusot-contracts/src/util.rs" 16 4 16 40] inv2 (make_sized0 self)) && ([#"../../../../../creusot-contracts/src/util.rs" 15 14 15 30] make_sized0 self = self) + axiom make_sized0_spec : forall self : int32 . ([#"../../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv5 self) -> ([#"../../../../../creusot-contracts/src/util.rs" 16 4 16 40] inv0 (make_sized0 self)) && ([#"../../../../../creusot-contracts/src/util.rs" 15 14 15 30] make_sized0 self = self) function insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 val insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv3 self} - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv4 k} - requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv5 v} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv1 self} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv2 k} + requires {[#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv3 v} ensures { result = insert0 self k v } - axiom insert0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr, v : int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv3 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv4 k) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv5 v) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 4 38 43] inv3 (insert0 self k v)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 37 4 37 68] not contains0 self k -> len0 (insert0 self k v) = len0 self + 1) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 36 4 36 63] contains0 self k -> len0 (insert0 self k v) = len0 self) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 35 14 35 71] view0 (insert0 self k v) = Map.set (view0 self) k (Core_Option_Option_Type.C_Some (make_sized0 v))) + axiom insert0_spec : forall self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32, k : opaque_ptr, v : int32 . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 18 38 22] inv1 self) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 24 38 25] inv2 k) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 30 38 31] inv3 v) -> ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 38 4 38 43] inv1 (insert0 self k v)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 37 4 37 68] not contains0 self k -> len0 (insert0 self k v) = len0 self + 1) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 36 4 36 63] contains0 self k -> len0 (insert0 self k v) = len0 self) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 35 14 35 71] view0 (insert0 self k v) = Map.set (view0 self) k (Core_Option_Option_Type.C_Some (make_sized0 v))) val ptr_from_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (val' : int32) : opaque_ptr - requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 57 29 57 33] inv1 self} - requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 57 35 57 38] inv2 val'} - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 53 4 53 42] not contains0 (shallow_model0 ( * self)) result } - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 56 14 56 55] shallow_model0 ( ^ self) = insert0 (shallow_model0 ( * self)) result val' } + requires {[#"../../../../../creusot-contracts/src/ghost_ptr.rs" 71 35 71 38] inv0 val'} + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 67 4 67 42] not contains0 (shallow_model0 ( * self)) result } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 70 14 70 55] shallow_model0 ( ^ self) = insert0 (shallow_model0 ( * self)) result val' } use map.Const function empty0 (_1 : ()) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 val empty0 (_1 : ()) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 ensures { result = empty0 _1 } - axiom empty0_spec : forall _1 : () . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 85 4 85 26] inv3 (empty0 _1)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 84 14 84 49] view0 (empty0 _1) = Const.const (Core_Option_Option_Type.C_None)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 83 14 83 31] len0 (empty0 _1) = 0) + axiom empty0_spec : forall _1 : () . ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 87 4 87 26] inv1 (empty0 _1)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 86 14 86 49] view0 (empty0 _1) = Const.const (Core_Option_Option_Type.C_None)) && ([#"../../../../../creusot-contracts/src/logic/fmap.rs" 85 14 85 31] len0 (empty0 _1) = 0) val new0 (_1 : ()) : CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32 - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 27 14 27 38] shallow_model0 result = empty0 () } - ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 28 4 28 24] inv0 result } + ensures { [#"../../../../../creusot-contracts/src/ghost_ptr.rs" 41 14 41 38] shallow_model0 result = empty0 () } let rec cfg main [#"../949.rs" 4 0 4 13] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] diff --git a/creusot/tests/should_succeed/ghost_ptr_token.mlcfg b/creusot/tests/should_succeed/ghost_ptr_token.mlcfg index c32dc89e82..58dd13058a 100644 --- a/creusot/tests/should_succeed/ghost_ptr_token.mlcfg +++ b/creusot/tests/should_succeed/ghost_ptr_token.mlcfg @@ -52,7 +52,6 @@ module Alloc_Alloc_Global_Type end module GhostPtrToken_Test use prelude.Int32 - use prelude.Opaque use Core_Option_Option_Type as Core_Option_Option_Type predicate invariant7 (self : Core_Option_Option_Type.t_option int32) = [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true @@ -64,6 +63,7 @@ module GhostPtrToken_Test ensures { result = inv7 _x } axiom inv7 : forall x : Core_Option_Option_Type.t_option int32 . inv7 x = true + use prelude.Opaque use map.Map predicate invariant6 (self : Map.map opaque_ptr (Core_Option_Option_Type.t_option int32)) = [#"../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true @@ -138,8 +138,6 @@ module GhostPtrToken_Test use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type axiom inv0 : forall x : int32 . inv0 x = true - use prelude.Opaque - use Core_Panicking_AssertKind_Type as Core_Panicking_AssertKind_Type use CreusotContracts_GhostPtr_GhostPtrToken_Type as CreusotContracts_GhostPtr_GhostPtrToken_Type function unreachable0 (_1 : ()) : int32 val unreachable0 (_1 : ()) : int32 @@ -205,17 +203,18 @@ module GhostPtrToken_Test ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 80 14 80 51] result = lookup_unsized0 (shallow_model1 self) ptr } ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 81 4 81 49] inv2 result } - predicate resolve2 (self : borrowed int32) = - [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self - val resolve2 (self : borrowed int32) : bool - ensures { result = resolve2 self } - val swap0 (x : borrowed int32) (y : borrowed int32) : () requires {inv1 x} requires {inv1 y} ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 11 22 11 30] ^ x = * y } ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 12 22 12 30] ^ y = * x } + use Core_Panicking_AssertKind_Type as Core_Panicking_AssertKind_Type + predicate resolve2 (self : borrowed int32) = + [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self + val resolve2 (self : borrowed int32) : bool + ensures { result = resolve2 self } + predicate resolve3 (self : int32) = [#"../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve3 (self : int32) : bool @@ -238,7 +237,7 @@ module GhostPtrToken_Test ensures { result = cur0 self } predicate resolve0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) = - [#"../../../../creusot-contracts/src/ghost_ptr.rs" 261 8 261 32] cur0 self = fin0 self + [#"../../../../creusot-contracts/src/ghost_ptr.rs" 263 8 263 32] cur0 self = fin0 self val resolve0 (self : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32) : bool ensures { result = resolve0 self } @@ -252,10 +251,10 @@ module GhostPtrToken_Test use map.Map function make_sized0 (self : int32) : int32 val make_sized0 (self : int32) : int32 - requires {[#"../../../../creusot-contracts/src/util.rs" 16 18 16 22] inv5 self} + requires {[#"../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv2 self} ensures { result = make_sized0 self } - axiom make_sized0_spec : forall self : int32 . ([#"../../../../creusot-contracts/src/util.rs" 16 18 16 22] inv5 self) -> ([#"../../../../creusot-contracts/src/util.rs" 16 4 16 39] inv0 (make_sized0 self)) && ([#"../../../../creusot-contracts/src/util.rs" 15 14 15 29] make_sized0 self = self) + axiom make_sized0_spec : forall self : int32 . ([#"../../../../creusot-contracts/src/util.rs" 16 19 16 23] inv2 self) -> ([#"../../../../creusot-contracts/src/util.rs" 16 4 16 40] inv0 (make_sized0 self)) && ([#"../../../../creusot-contracts/src/util.rs" 15 14 15 30] make_sized0 self = self) function insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 val insert0 (self : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32) (k : opaque_ptr) (v : int32) : CreusotContracts_Logic_Fmap_FMap_Type.t_fmap opaque_ptr int32 @@ -278,16 +277,16 @@ module GhostPtrToken_Test len0 self )) && ([#"../../../../creusot-contracts/src/logic/fmap.rs" 45 14 45 55] view0 (remove0 self k) = Map.set (view0 self) k (Core_Option_Option_Type.C_None)) val take_mut0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32)) (ptr : opaque_ptr) : borrowed int32 - requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 227 15 227 42] contains0 (cur0 ( * self)) ptr} - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 228 14 228 59] * result = lookup_unsized0 (cur0 ( * self)) ptr } - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 229 14 229 56] cur0 ( ^ self) = remove0 (cur0 ( * self)) ptr } - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 230 14 230 65] fin0 ( * self) = insert0 (fin0 ( ^ self)) ptr ( ^ result) } - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 231 14 231 42] not contains0 (fin0 ( ^ self)) ptr } - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 232 4 232 58] inv1 result } + requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 229 15 229 42] contains0 (cur0 ( * self)) ptr} + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 230 14 230 59] * result = lookup_unsized0 (cur0 ( * self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 231 14 231 56] cur0 ( ^ self) = remove0 (cur0 ( * self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 232 14 232 65] fin0 ( * self) = insert0 (fin0 ( ^ self)) ptr ( ^ result) } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 233 14 233 42] not contains0 (fin0 ( ^ self)) ptr } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 234 4 234 58] inv1 result } val borrow_mut0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) : CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32 - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 123 14 123 38] cur0 result = shallow_model0 ( * self) } - ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 124 14 124 38] fin0 result = shallow_model0 ( ^ self) } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 124 14 124 38] cur0 result = shallow_model0 ( * self) } + ensures { [#"../../../../creusot-contracts/src/ghost_ptr.rs" 125 14 125 38] fin0 result = shallow_model0 ( ^ self) } val ptr_from_box0 (self : borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32)) (val' : int32) : opaque_ptr requires {[#"../../../../creusot-contracts/src/ghost_ptr.rs" 71 35 71 38] inv0 val'} @@ -329,35 +328,35 @@ module GhostPtrToken_Test var left_val : int32; var right_val : int32; var kind : Core_Panicking_AssertKind_Type.t_assertkind; - var _32 : int32; - var _34 : int32; - var _37 : (int32, int32); + var _31 : int32; + var _33 : int32; + var _36 : (int32, int32); var left_val1 : int32; var right_val1 : int32; var kind1 : Core_Panicking_AssertKind_Type.t_assertkind; + var _50 : int32; var _52 : int32; - var _54 : int32; - var _56 : (); - var _57 : borrowed int32; - var _58 : borrowed int32; - var _60 : (int32, int32); - var _62 : int32; + var _54 : (); + var _55 : borrowed int32; + var _56 : borrowed int32; + var _58 : (int32, int32); + var _60 : int32; var left_val2 : int32; var right_val2 : int32; var kind2 : Core_Panicking_AssertKind_Type.t_assertkind; - var _78 : int32; - var _80 : int32; - var _83 : (int32, int32); - var _85 : int32; + var _75 : int32; + var _77 : int32; + var _80 : (int32, int32); + var _82 : int32; var left_val3 : int32; var right_val3 : int32; var kind3 : Core_Panicking_AssertKind_Type.t_assertkind; + var _97 : int32; + var _99 : int32; var _101 : int32; + var _102 : int32; var _103 : int32; - var _105 : int32; - var _106 : int32; - var _107 : int32; - var _108 : int32; + var _104 : int32; { goto BB0 } @@ -366,8 +365,8 @@ module GhostPtrToken_Test goto BB1 } BB1 { - [#"../ghost_ptr_token.rs" 5 15 5 46] _3 <- Borrow.borrow_mut token; - [#"../ghost_ptr_token.rs" 5 15 5 46] token <- ^ _3; + [#"../ghost_ptr_token.rs" 5 15 5 20] _3 <- Borrow.borrow_mut token; + [#"../ghost_ptr_token.rs" 5 15 5 20] token <- ^ _3; goto BB2 } BB2 { @@ -376,8 +375,8 @@ module GhostPtrToken_Test goto BB3 } BB3 { - [#"../ghost_ptr_token.rs" 6 15 6 46] _6 <- Borrow.borrow_mut token; - [#"../ghost_ptr_token.rs" 6 15 6 46] token <- ^ _6; + [#"../ghost_ptr_token.rs" 6 15 6 20] _6 <- Borrow.borrow_mut token; + [#"../ghost_ptr_token.rs" 6 15 6 20] token <- ^ _6; goto BB4 } BB4 { @@ -386,124 +385,124 @@ module GhostPtrToken_Test goto BB5 } BB5 { - [#"../ghost_ptr_token.rs" 8 24 8 42] _9 <- Borrow.borrow_mut token; - [#"../ghost_ptr_token.rs" 8 24 8 42] token <- ^ _9; + [#"../ghost_ptr_token.rs" 8 24 8 29] _9 <- Borrow.borrow_mut token; + [#"../ghost_ptr_token.rs" 8 24 8 29] token <- ^ _9; [#"../ghost_ptr_token.rs" 8 24 8 42] token_mut <- ([#"../ghost_ptr_token.rs" 8 24 8 42] borrow_mut0 _9); _9 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); goto BB6 } BB6 { - [#"../ghost_ptr_token.rs" 9 13 9 37] _11 <- Borrow.borrow_mut token_mut; - [#"../ghost_ptr_token.rs" 9 13 9 37] token_mut <- ^ _11; + [#"../ghost_ptr_token.rs" 9 13 9 22] _11 <- Borrow.borrow_mut token_mut; + [#"../ghost_ptr_token.rs" 9 13 9 22] token_mut <- ^ _11; [#"../ghost_ptr_token.rs" 9 13 9 37] m1 <- ([#"../ghost_ptr_token.rs" 9 13 9 37] take_mut0 _11 ([#"../ghost_ptr_token.rs" 9 32 9 36] ptr1)); _11 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32); goto BB7 } BB7 { - [#"../ghost_ptr_token.rs" 10 13 10 37] _14 <- Borrow.borrow_mut token_mut; - [#"../ghost_ptr_token.rs" 10 13 10 37] token_mut <- ^ _14; + [#"../ghost_ptr_token.rs" 10 13 10 22] _14 <- Borrow.borrow_mut token_mut; + [#"../ghost_ptr_token.rs" 10 13 10 22] token_mut <- ^ _14; [#"../ghost_ptr_token.rs" 10 13 10 37] m2 <- ([#"../ghost_ptr_token.rs" 10 13 10 37] take_mut0 _14 ([#"../ghost_ptr_token.rs" 10 32 10 36] ptr2)); _14 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrTokenMut_Type.t_ghostptrtokenmut int32); goto BB8 } BB8 { assume { resolve0 token_mut }; - _108 <- promoted3; - _17 <- ( * m1, _108); + _104 <- promoted3; + _17 <- ( * m1, _104); left_val <- (let (a, _) = _17 in a); right_val <- (let (_, a) = _17 in a); assume { resolve1 _17 }; - switch (not left_val = right_val) + switch (left_val = right_val) | False -> goto BB10 | True -> goto BB9 end } BB9 { + _103 <- promoted2; + _36 <- ( * m2, _103); + left_val1 <- (let (a, _) = _36 in a); + right_val1 <- (let (_, a) = _36 in a); + assume { resolve1 _36 }; + switch (left_val1 = right_val1) + | False -> goto BB12 + | True -> goto BB11 + end + } + BB10 { assume { resolve2 m2 }; kind <- Core_Panicking_AssertKind_Type.C_Eq; - _32 <- left_val; - _34 <- right_val; + _31 <- left_val; + _33 <- right_val; assert { false }; absurd } - BB10 { - _107 <- promoted2; - _37 <- ( * m2, _107); - left_val1 <- (let (a, _) = _37 in a); - right_val1 <- (let (_, a) = _37 in a); - assume { resolve1 _37 }; - switch (not left_val1 = right_val1) - | False -> goto BB12 - | True -> goto BB11 - end - } BB11 { + [#"../ghost_ptr_token.rs" 15 20 15 22] _55 <- Borrow.borrow_final ( * m1) (Borrow.get_id m1); + [#"../ghost_ptr_token.rs" 15 20 15 22] m1 <- { m1 with current = ( ^ _55) ; }; + [#"../ghost_ptr_token.rs" 15 24 15 26] _56 <- Borrow.borrow_final ( * m2) (Borrow.get_id m2); + [#"../ghost_ptr_token.rs" 15 24 15 26] m2 <- { m2 with current = ( ^ _56) ; }; + [#"../ghost_ptr_token.rs" 15 4 15 27] _54 <- ([#"../ghost_ptr_token.rs" 15 4 15 27] swap0 _55 _56); + _55 <- any borrowed int32; + _56 <- any borrowed int32; + goto BB13 + } + BB12 { assume { resolve2 m1 }; kind1 <- Core_Panicking_AssertKind_Type.C_Eq; - _52 <- left_val1; - _54 <- right_val1; + _50 <- left_val1; + _52 <- right_val1; assert { false }; absurd } - BB12 { - [#"../ghost_ptr_token.rs" 15 20 15 22] _57 <- Borrow.borrow_mut ( * m1); - [#"../ghost_ptr_token.rs" 15 20 15 22] m1 <- { m1 with current = ^ _57 }; - [#"../ghost_ptr_token.rs" 15 24 15 26] _58 <- Borrow.borrow_mut ( * m2); - [#"../ghost_ptr_token.rs" 15 24 15 26] m2 <- { m2 with current = ^ _58 }; - [#"../ghost_ptr_token.rs" 15 4 15 27] _56 <- ([#"../ghost_ptr_token.rs" 15 4 15 27] swap0 _57 _58); - _57 <- any borrowed int32; - _58 <- any borrowed int32; - goto BB13 - } BB13 { assume { resolve2 m2 }; assume { resolve2 m1 }; - [#"../ghost_ptr_token.rs" 16 16 16 38] _62 <- ([#"../ghost_ptr_token.rs" 16 16 16 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 16 16 16 38] token) ([#"../ghost_ptr_token.rs" 16 33 16 37] ptr1)); + [#"../ghost_ptr_token.rs" 16 16 16 38] _60 <- ([#"../ghost_ptr_token.rs" 16 16 16 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 16 16 16 21] token) ([#"../ghost_ptr_token.rs" 16 33 16 37] ptr1)); goto BB14 } BB14 { - _106 <- promoted1; - _60 <- (_62, _106); - left_val2 <- (let (a, _) = _60 in a); - right_val2 <- (let (_, a) = _60 in a); - assume { resolve1 _60 }; - switch (not left_val2 = right_val2) + _102 <- promoted1; + _58 <- (_60, _102); + left_val2 <- (let (a, _) = _58 in a); + right_val2 <- (let (_, a) = _58 in a); + assume { resolve1 _58 }; + switch (left_val2 = right_val2) | False -> goto BB16 | True -> goto BB15 end } BB15 { + [#"../ghost_ptr_token.rs" 17 16 17 38] _82 <- ([#"../ghost_ptr_token.rs" 17 16 17 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 17 16 17 21] token) ([#"../ghost_ptr_token.rs" 17 33 17 37] ptr2)); + goto BB17 + } + BB16 { kind2 <- Core_Panicking_AssertKind_Type.C_Eq; - _78 <- left_val2; - _80 <- right_val2; + _75 <- left_val2; + _77 <- right_val2; assert { false }; absurd } - BB16 { - [#"../ghost_ptr_token.rs" 17 16 17 38] _85 <- ([#"../ghost_ptr_token.rs" 17 16 17 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 17 16 17 38] token) ([#"../ghost_ptr_token.rs" 17 33 17 37] ptr2)); - goto BB17 - } BB17 { - _105 <- promoted0; - _83 <- (_85, _105); - left_val3 <- (let (a, _) = _83 in a); - right_val3 <- (let (_, a) = _83 in a); - assume { resolve1 _83 }; - switch (not left_val3 = right_val3) + _101 <- promoted0; + _80 <- (_82, _101); + left_val3 <- (let (a, _) = _80 in a); + right_val3 <- (let (_, a) = _80 in a); + assume { resolve1 _80 }; + switch (left_val3 = right_val3) | False -> goto BB19 | True -> goto BB18 end } BB18 { + [#"../ghost_ptr_token.rs" 3 14 18 1] _0 <- ([#"../ghost_ptr_token.rs" 3 14 18 1] ()); + return _0 + } + BB19 { kind3 <- Core_Panicking_AssertKind_Type.C_Eq; - _101 <- left_val3; - _103 <- right_val3; + _97 <- left_val3; + _99 <- right_val3; assert { false }; absurd } - BB19 { - [#"../ghost_ptr_token.rs" 3 14 18 1] _0 <- ([#"../ghost_ptr_token.rs" 3 14 18 1] ()); - return _0 - } end diff --git a/creusot/tests/should_succeed/iterators/01_range.mlcfg b/creusot/tests/should_succeed/iterators/01_range.mlcfg index e9dc99bf9f..571f08d22c 100644 --- a/creusot/tests/should_succeed/iterators/01_range.mlcfg +++ b/creusot/tests/should_succeed/iterators/01_range.mlcfg @@ -314,56 +314,46 @@ module C01Range_Impl0 ensures { result = inv3 _x } axiom inv3 : forall x : Seq.seq isize . inv3 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant2 (self : Core_Option_Option_Type.t_option isize) = + use C01Range_Range_Type as C01Range_Range_Type + predicate invariant2 (self : C01Range_Range_Type.t_range) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant2 (self : Core_Option_Option_Type.t_option isize) : bool + val invariant2 (self : C01Range_Range_Type.t_range) : bool ensures { result = invariant2 self } - predicate inv2 (_x : Core_Option_Option_Type.t_option isize) - val inv2 (_x : Core_Option_Option_Type.t_option isize) : bool + predicate inv2 (_x : C01Range_Range_Type.t_range) + val inv2 (_x : C01Range_Range_Type.t_range) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : Core_Option_Option_Type.t_option isize . inv2 x = true - use C01Range_Range_Type as C01Range_Range_Type - use prelude.Borrow - predicate invariant1 (self : borrowed (C01Range_Range_Type.t_range)) = + axiom inv2 : forall x : C01Range_Range_Type.t_range . inv2 x = true + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant1 (self : Core_Option_Option_Type.t_option isize) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant1 (self : borrowed (C01Range_Range_Type.t_range)) : bool + val invariant1 (self : Core_Option_Option_Type.t_option isize) : bool ensures { result = invariant1 self } - predicate inv1 (_x : borrowed (C01Range_Range_Type.t_range)) - val inv1 (_x : borrowed (C01Range_Range_Type.t_range)) : bool + predicate inv1 (_x : Core_Option_Option_Type.t_option isize) + val inv1 (_x : Core_Option_Option_Type.t_option isize) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : borrowed (C01Range_Range_Type.t_range) . inv1 x = true - predicate invariant0 (self : C01Range_Range_Type.t_range) = + axiom inv1 : forall x : Core_Option_Option_Type.t_option isize . inv1 x = true + use prelude.Borrow + predicate invariant0 (self : borrowed (C01Range_Range_Type.t_range)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant0 (self : C01Range_Range_Type.t_range) : bool + val invariant0 (self : borrowed (C01Range_Range_Type.t_range)) : bool ensures { result = invariant0 self } - predicate inv0 (_x : C01Range_Range_Type.t_range) - val inv0 (_x : C01Range_Range_Type.t_range) : bool + predicate inv0 (_x : borrowed (C01Range_Range_Type.t_range)) + val inv0 (_x : borrowed (C01Range_Range_Type.t_range)) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : C01Range_Range_Type.t_range . inv0 x = true + axiom inv0 : forall x : borrowed (C01Range_Range_Type.t_range) . inv0 x = true use seq.Seq use seq.Seq - use prelude.Int - predicate resolve0 (self : borrowed (C01Range_Range_Type.t_range)) = - [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self - val resolve0 (self : borrowed (C01Range_Range_Type.t_range)) : bool - ensures { result = resolve0 self } - - predicate completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) = - [#"../01_range.rs" 25 12 25 52] resolve0 self /\ C01Range_Range_Type.range_start ( * self) >= C01Range_Range_Type.range_end ( * self) - val completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) : bool - ensures { result = completed0 self } - use seq.Seq use seq.Seq use prelude.IntSize use seq.Seq + use prelude.Int predicate produces0 [#"../01_range.rs" 31 4 31 64] (self : C01Range_Range_Type.t_range) (visited : Seq.seq isize) (o : C01Range_Range_Type.t_range) = @@ -372,13 +362,23 @@ module C01Range_Impl0 ensures { result = produces0 self visited o } use seq.Seq - goal produces_refl_refn : [#"../01_range.rs" 44 4 44 26] forall self : C01Range_Range_Type.t_range . inv0 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../01_range.rs" 57 4 57 39] forall self : borrowed (C01Range_Range_Type.t_range) . inv1 self -> (forall result : Core_Option_Option_Type.t_option isize . match result with + predicate resolve0 (self : borrowed (C01Range_Range_Type.t_range)) = + [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self + val resolve0 (self : borrowed (C01Range_Range_Type.t_range)) : bool + ensures { result = resolve0 self } + + predicate completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) = + [#"../01_range.rs" 25 12 25 52] resolve0 self /\ C01Range_Range_Type.range_start ( * self) >= C01Range_Range_Type.range_end ( * self) + val completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) : bool + ensures { result = completed0 self } + + goal next_refn : [#"../01_range.rs" 57 4 57 39] forall self : borrowed (C01Range_Range_Type.t_range) . inv0 self -> (forall result : Core_Option_Option_Type.t_option isize . match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv2 result /\ match result with + end -> inv1 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_trans_refn : [#"../01_range.rs" 51 4 51 90] forall a : C01Range_Range_Type.t_range . forall ab : Seq.seq isize . forall b : C01Range_Range_Type.t_range . forall bc : Seq.seq isize . forall c : C01Range_Range_Type.t_range . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_refl_refn : [#"../01_range.rs" 44 4 44 26] forall self : C01Range_Range_Type.t_range . inv2 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal produces_trans_refn : [#"../01_range.rs" 51 4 51 90] forall a : C01Range_Range_Type.t_range . forall ab : Seq.seq isize . forall b : C01Range_Range_Type.t_range . forall bc : Seq.seq isize . forall c : C01Range_Range_Type.t_range . inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b -> produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end diff --git a/creusot/tests/should_succeed/iterators/04_skip.mlcfg b/creusot/tests/should_succeed/iterators/04_skip.mlcfg index 247a964a99..a4c042ee4e 100644 --- a/creusot/tests/should_succeed/iterators/04_skip.mlcfg +++ b/creusot/tests/should_succeed/iterators/04_skip.mlcfg @@ -529,36 +529,36 @@ module C04Skip_Impl0 axiom inv4 : forall x : borrowed i . inv4 x = true type item0 - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant3 (self : Core_Option_Option_Type.t_option item0) - val invariant3 (self : Core_Option_Option_Type.t_option item0) : bool + use seq.Seq + predicate invariant3 (self : Seq.seq item0) + val invariant3 (self : Seq.seq item0) : bool ensures { result = invariant3 self } - predicate inv3 (_x : Core_Option_Option_Type.t_option item0) - val inv3 (_x : Core_Option_Option_Type.t_option item0) : bool + predicate inv3 (_x : Seq.seq item0) + val inv3 (_x : Seq.seq item0) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : Core_Option_Option_Type.t_option item0 . inv3 x = true - use C04Skip_Skip_Type as C04Skip_Skip_Type - predicate invariant2 (self : borrowed (C04Skip_Skip_Type.t_skip i)) - val invariant2 (self : borrowed (C04Skip_Skip_Type.t_skip i)) : bool + axiom inv3 : forall x : Seq.seq item0 . inv3 x = true + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant2 (self : Core_Option_Option_Type.t_option item0) + val invariant2 (self : Core_Option_Option_Type.t_option item0) : bool ensures { result = invariant2 self } - predicate inv2 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) - val inv2 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) : bool + predicate inv2 (_x : Core_Option_Option_Type.t_option item0) + val inv2 (_x : Core_Option_Option_Type.t_option item0) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : borrowed (C04Skip_Skip_Type.t_skip i) . inv2 x = true - use seq.Seq - predicate invariant1 (self : Seq.seq item0) - val invariant1 (self : Seq.seq item0) : bool + axiom inv2 : forall x : Core_Option_Option_Type.t_option item0 . inv2 x = true + use C04Skip_Skip_Type as C04Skip_Skip_Type + predicate invariant1 (self : borrowed (C04Skip_Skip_Type.t_skip i)) + val invariant1 (self : borrowed (C04Skip_Skip_Type.t_skip i)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Seq.seq item0) - val inv1 (_x : Seq.seq item0) : bool + predicate inv1 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) + val inv1 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Seq.seq item0 . inv1 x = true + axiom inv1 : forall x : borrowed (C04Skip_Skip_Type.t_skip i) . inv1 x = true predicate invariant0 (self : C04Skip_Skip_Type.t_skip i) val invariant0 (self : C04Skip_Skip_Type.t_skip i) : bool ensures { result = invariant0 self } @@ -569,6 +569,7 @@ module C04Skip_Impl0 axiom inv0 : forall x : C04Skip_Skip_Type.t_skip i . inv0 x = true use seq.Seq + use seq.Seq predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed1 self } @@ -586,27 +587,26 @@ module C04Skip_Impl0 use seq.Seq use prelude.UIntSize predicate completed0 [#"../04_skip.rs" 22 4 22 35] (self : borrowed (C04Skip_Skip_Type.t_skip i)) = - [#"../04_skip.rs" 23 8 31 9] UIntSize.to_int (C04Skip_Skip_Type.skip_n ( ^ self)) = 0 /\ (exists i : borrowed i . exists s : Seq.seq item0 . inv4 i /\ inv1 s /\ Seq.length s <= UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * self)) /\ produces1 (C04Skip_Skip_Type.skip_iter ( * self)) s ( * i) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i)) /\ completed1 i /\ ^ i = C04Skip_Skip_Type.skip_iter ( ^ self)) + [#"../04_skip.rs" 23 8 31 9] UIntSize.to_int (C04Skip_Skip_Type.skip_n ( ^ self)) = 0 /\ (exists i : borrowed i . exists s : Seq.seq item0 . inv4 i /\ inv3 s /\ Seq.length s <= UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * self)) /\ produces1 (C04Skip_Skip_Type.skip_iter ( * self)) s ( * i) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i)) /\ completed1 i /\ ^ i = C04Skip_Skip_Type.skip_iter ( ^ self)) val completed0 [#"../04_skip.rs" 22 4 22 35] (self : borrowed (C04Skip_Skip_Type.t_skip i)) : bool ensures { result = completed0 self } - use seq.Seq use seq.Seq use seq.Seq predicate produces0 [#"../04_skip.rs" 36 4 36 64] (self : C04Skip_Skip_Type.t_skip i) (visited : Seq.seq item0) (o : C04Skip_Skip_Type.t_skip i) = - [#"../04_skip.rs" 37 8 44 9] visited = Seq.empty /\ self = o \/ UIntSize.to_int (C04Skip_Skip_Type.skip_n o) = 0 /\ Seq.length visited > 0 /\ (exists s : Seq.seq item0 . inv1 s /\ Seq.length s = UIntSize.to_int (C04Skip_Skip_Type.skip_n self) /\ produces1 (C04Skip_Skip_Type.skip_iter self) (Seq.(++) s visited) (C04Skip_Skip_Type.skip_iter o) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i))) + [#"../04_skip.rs" 37 8 44 9] visited = Seq.empty /\ self = o \/ UIntSize.to_int (C04Skip_Skip_Type.skip_n o) = 0 /\ Seq.length visited > 0 /\ (exists s : Seq.seq item0 . inv3 s /\ Seq.length s = UIntSize.to_int (C04Skip_Skip_Type.skip_n self) /\ produces1 (C04Skip_Skip_Type.skip_iter self) (Seq.(++) s visited) (C04Skip_Skip_Type.skip_iter o) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i))) val produces0 [#"../04_skip.rs" 36 4 36 64] (self : C04Skip_Skip_Type.t_skip i) (visited : Seq.seq item0) (o : C04Skip_Skip_Type.t_skip i) : bool ensures { result = produces0 self visited o } - goal produces_trans_refn : [#"../04_skip.rs" 57 4 57 90] forall a : C04Skip_Skip_Type.t_skip i . forall ab : Seq.seq item0 . forall b : C04Skip_Skip_Type.t_skip i . forall bc : Seq.seq item0 . forall c : C04Skip_Skip_Type.t_skip i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal produces_refl_refn : [#"../04_skip.rs" 50 4 50 26] forall self : C04Skip_Skip_Type.t_skip i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../04_skip.rs" 63 4 63 41] forall self : borrowed (C04Skip_Skip_Type.t_skip i) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option item0 . inv3 result /\ match result with + goal next_refn : [#"../04_skip.rs" 63 4 63 41] forall self : borrowed (C04Skip_Skip_Type.t_skip i) . inv1 self -> inv1 self /\ (forall result : Core_Option_Option_Type.t_option item0 . inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv3 result /\ match result with + end -> inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) + goal produces_trans_refn : [#"../04_skip.rs" 57 4 57 90] forall a : C04Skip_Skip_Type.t_skip i . forall ab : Seq.seq item0 . forall b : C04Skip_Skip_Type.t_skip i . forall bc : Seq.seq item0 . forall c : C04Skip_Skip_Type.t_skip i . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end diff --git a/creusot/tests/should_succeed/iterators/07_fuse.mlcfg b/creusot/tests/should_succeed/iterators/07_fuse.mlcfg index 97a236a7b1..8eac620b79 100644 --- a/creusot/tests/should_succeed/iterators/07_fuse.mlcfg +++ b/creusot/tests/should_succeed/iterators/07_fuse.mlcfg @@ -636,13 +636,13 @@ module C07Fuse_Impl0 val completed0 [#"../07_fuse.rs" 16 4 16 35] (self : borrowed (C07Fuse_Fuse_Type.t_fuse i)) : bool ensures { result = completed0 self } + use seq.Seq use seq.Seq use seq.Seq predicate produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces1 self visited o } - use seq.Seq predicate produces0 [#"../07_fuse.rs" 25 4 25 65] (self : C07Fuse_Fuse_Type.t_fuse i) (prod : Seq.seq item0) (other : C07Fuse_Fuse_Type.t_fuse i) = @@ -656,8 +656,8 @@ module C07Fuse_Impl0 val produces0 [#"../07_fuse.rs" 25 4 25 65] (self : C07Fuse_Fuse_Type.t_fuse i) (prod : Seq.seq item0) (other : C07Fuse_Fuse_Type.t_fuse i) : bool ensures { result = produces0 self prod other } - goal produces_refl_refn : [#"../07_fuse.rs" 55 4 55 26] forall self : C07Fuse_Fuse_Type.t_fuse i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) goal produces_trans_refn : [#"../07_fuse.rs" 62 4 62 90] forall a : C07Fuse_Fuse_Type.t_fuse i . forall ab : Seq.seq item0 . forall b : C07Fuse_Fuse_Type.t_fuse i . forall bc : Seq.seq item0 . forall c : C07Fuse_Fuse_Type.t_fuse i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_refl_refn : [#"../07_fuse.rs" 55 4 55 26] forall self : C07Fuse_Fuse_Type.t_fuse i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) goal next_refn : [#"../07_fuse.rs" 39 4 39 44] forall self : borrowed (C07Fuse_Fuse_Type.t_fuse i) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option item0 . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) diff --git a/creusot/tests/should_succeed/iterators/09_empty.mlcfg b/creusot/tests/should_succeed/iterators/09_empty.mlcfg index d0d7618fea..8bc18d71fb 100644 --- a/creusot/tests/should_succeed/iterators/09_empty.mlcfg +++ b/creusot/tests/should_succeed/iterators/09_empty.mlcfg @@ -183,8 +183,8 @@ module C09Empty_Impl0 val produces0 [#"../09_empty.rs" 21 4 21 64] (self : C09Empty_Empty_Type.t_empty t) (visited : Seq.seq t) (o : C09Empty_Empty_Type.t_empty t) : bool ensures { result = produces0 self visited o } - goal produces_trans_refn : [#"../09_empty.rs" 35 4 35 90] forall a : C09Empty_Empty_Type.t_empty t . forall ab : Seq.seq t . forall b : C09Empty_Empty_Type.t_empty t . forall bc : Seq.seq t . forall c : C09Empty_Empty_Type.t_empty t . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv1 bc /\ inv1 ab /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal produces_refl_refn : [#"../09_empty.rs" 28 4 28 26] forall self : C09Empty_Empty_Type.t_empty t . inv0 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal produces_trans_refn : [#"../09_empty.rs" 35 4 35 90] forall a : C09Empty_Empty_Type.t_empty t . forall ab : Seq.seq t . forall b : C09Empty_Empty_Type.t_empty t . forall bc : Seq.seq t . forall c : C09Empty_Empty_Type.t_empty t . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv1 bc /\ inv1 ab /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal next_refn : [#"../09_empty.rs" 41 4 41 35] forall self : borrowed (C09Empty_Empty_Type.t_empty t) . inv2 self -> (forall result : Core_Option_Option_Type.t_option t . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) diff --git a/creusot/tests/should_succeed/iterators/10_once.mlcfg b/creusot/tests/should_succeed/iterators/10_once.mlcfg index 95da1af9bf..3536ac79a0 100644 --- a/creusot/tests/should_succeed/iterators/10_once.mlcfg +++ b/creusot/tests/should_succeed/iterators/10_once.mlcfg @@ -216,37 +216,37 @@ module C10Once_Impl0 ensures { result = inv4 _x } axiom inv4 : forall x : t . inv4 x = true - use seq.Seq - predicate invariant3 (self : Seq.seq t) - val invariant3 (self : Seq.seq t) : bool + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant3 (self : Core_Option_Option_Type.t_option t) + val invariant3 (self : Core_Option_Option_Type.t_option t) : bool ensures { result = invariant3 self } - predicate inv3 (_x : Seq.seq t) - val inv3 (_x : Seq.seq t) : bool + predicate inv3 (_x : Core_Option_Option_Type.t_option t) + val inv3 (_x : Core_Option_Option_Type.t_option t) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : Seq.seq t . inv3 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant2 (self : Core_Option_Option_Type.t_option t) - val invariant2 (self : Core_Option_Option_Type.t_option t) : bool + axiom inv3 : forall x : Core_Option_Option_Type.t_option t . inv3 x = true + use C10Once_Once_Type as C10Once_Once_Type + use prelude.Borrow + predicate invariant2 (self : borrowed (C10Once_Once_Type.t_once t)) + val invariant2 (self : borrowed (C10Once_Once_Type.t_once t)) : bool ensures { result = invariant2 self } - predicate inv2 (_x : Core_Option_Option_Type.t_option t) - val inv2 (_x : Core_Option_Option_Type.t_option t) : bool + predicate inv2 (_x : borrowed (C10Once_Once_Type.t_once t)) + val inv2 (_x : borrowed (C10Once_Once_Type.t_once t)) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : Core_Option_Option_Type.t_option t . inv2 x = true - use C10Once_Once_Type as C10Once_Once_Type - use prelude.Borrow - predicate invariant1 (self : borrowed (C10Once_Once_Type.t_once t)) - val invariant1 (self : borrowed (C10Once_Once_Type.t_once t)) : bool + axiom inv2 : forall x : borrowed (C10Once_Once_Type.t_once t) . inv2 x = true + use seq.Seq + predicate invariant1 (self : Seq.seq t) + val invariant1 (self : Seq.seq t) : bool ensures { result = invariant1 self } - predicate inv1 (_x : borrowed (C10Once_Once_Type.t_once t)) - val inv1 (_x : borrowed (C10Once_Once_Type.t_once t)) : bool + predicate inv1 (_x : Seq.seq t) + val inv1 (_x : Seq.seq t) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : borrowed (C10Once_Once_Type.t_once t) . inv1 x = true + axiom inv1 : forall x : Seq.seq t . inv1 x = true predicate invariant0 (self : C10Once_Once_Type.t_once t) val invariant0 (self : C10Once_Once_Type.t_once t) : bool ensures { result = invariant0 self } @@ -257,7 +257,6 @@ module C10Once_Impl0 axiom inv0 : forall x : C10Once_Once_Type.t_once t . inv0 x = true use seq.Seq - use seq.Seq predicate resolve0 (self : borrowed (C10Once_Once_Type.t_once t)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve0 (self : borrowed (C10Once_Once_Type.t_once t)) : bool @@ -268,6 +267,7 @@ module C10Once_Impl0 val completed0 [#"../10_once.rs" 15 4 15 35] (self : borrowed (C10Once_Once_Type.t_once t)) : bool ensures { result = completed0 self } + use seq.Seq use seq.Seq use seq.Seq predicate produces0 [#"../10_once.rs" 21 4 21 64] (self : C10Once_Once_Type.t_once t) (visited : Seq.seq t) (o : C10Once_Once_Type.t_once t) @@ -277,13 +277,13 @@ module C10Once_Impl0 val produces0 [#"../10_once.rs" 21 4 21 64] (self : C10Once_Once_Type.t_once t) (visited : Seq.seq t) (o : C10Once_Once_Type.t_once t) : bool ensures { result = produces0 self visited o } + goal produces_trans_refn : [#"../10_once.rs" 38 4 38 90] forall a : C10Once_Once_Type.t_once t . forall ab : Seq.seq t . forall b : C10Once_Once_Type.t_once t . forall bc : Seq.seq t . forall c : C10Once_Once_Type.t_once t . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal produces_refl_refn : [#"../10_once.rs" 31 4 31 26] forall self : C10Once_Once_Type.t_once t . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../10_once.rs" 44 4 44 35] forall self : borrowed (C10Once_Once_Type.t_once t) . inv1 self -> inv1 self /\ (forall result : Core_Option_Option_Type.t_option t . inv2 result /\ match result with + goal next_refn : [#"../10_once.rs" 44 4 44 35] forall self : borrowed (C10Once_Once_Type.t_once t) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option t . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv2 result /\ match result with + end -> inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_trans_refn : [#"../10_once.rs" 38 4 38 90] forall a : C10Once_Once_Type.t_once t . forall ab : Seq.seq t . forall b : C10Once_Once_Type.t_once t . forall bc : Seq.seq t . forall c : C10Once_Once_Type.t_once t . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end diff --git a/creusot/tests/should_succeed/iterators/14_copied.mlcfg b/creusot/tests/should_succeed/iterators/14_copied.mlcfg index bf7ebba998..e1d7b69948 100644 --- a/creusot/tests/should_succeed/iterators/14_copied.mlcfg +++ b/creusot/tests/should_succeed/iterators/14_copied.mlcfg @@ -368,55 +368,45 @@ module C14Copied_Impl0 ensures { result = inv4 _x } axiom inv4 : forall x : Seq.seq t . inv4 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant3 (self : Core_Option_Option_Type.t_option t) - val invariant3 (self : Core_Option_Option_Type.t_option t) : bool + predicate invariant3 (self : Seq.seq t) + val invariant3 (self : Seq.seq t) : bool ensures { result = invariant3 self } - predicate inv3 (_x : Core_Option_Option_Type.t_option t) - val inv3 (_x : Core_Option_Option_Type.t_option t) : bool + predicate inv3 (_x : Seq.seq t) + val inv3 (_x : Seq.seq t) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : Core_Option_Option_Type.t_option t . inv3 x = true + axiom inv3 : forall x : Seq.seq t . inv3 x = true use C14Copied_Copied_Type as C14Copied_Copied_Type - use prelude.Borrow - predicate invariant2 (self : borrowed (C14Copied_Copied_Type.t_copied i)) - val invariant2 (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool + predicate invariant2 (self : C14Copied_Copied_Type.t_copied i) + val invariant2 (self : C14Copied_Copied_Type.t_copied i) : bool ensures { result = invariant2 self } - predicate inv2 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) - val inv2 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) : bool + predicate inv2 (_x : C14Copied_Copied_Type.t_copied i) + val inv2 (_x : C14Copied_Copied_Type.t_copied i) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : borrowed (C14Copied_Copied_Type.t_copied i) . inv2 x = true - predicate invariant1 (self : Seq.seq t) - val invariant1 (self : Seq.seq t) : bool + axiom inv2 : forall x : C14Copied_Copied_Type.t_copied i . inv2 x = true + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant1 (self : Core_Option_Option_Type.t_option t) + val invariant1 (self : Core_Option_Option_Type.t_option t) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Seq.seq t) - val inv1 (_x : Seq.seq t) : bool + predicate inv1 (_x : Core_Option_Option_Type.t_option t) + val inv1 (_x : Core_Option_Option_Type.t_option t) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Seq.seq t . inv1 x = true - predicate invariant0 (self : C14Copied_Copied_Type.t_copied i) - val invariant0 (self : C14Copied_Copied_Type.t_copied i) : bool + axiom inv1 : forall x : Core_Option_Option_Type.t_option t . inv1 x = true + use prelude.Borrow + predicate invariant0 (self : borrowed (C14Copied_Copied_Type.t_copied i)) + val invariant0 (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool ensures { result = invariant0 self } - predicate inv0 (_x : C14Copied_Copied_Type.t_copied i) - val inv0 (_x : C14Copied_Copied_Type.t_copied i) : bool + predicate inv0 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) + val inv0 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : C14Copied_Copied_Type.t_copied i . inv0 x = true - use seq.Seq - predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) - val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool - ensures { result = completed1 self } - - predicate completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) = - [#"../14_copied.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C14Copied_Copied_Type.copied_iter ( * self)) (C14Copied_Copied_Type.copied_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) - val completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool - ensures { result = completed0 self } - + axiom inv0 : forall x : borrowed (C14Copied_Copied_Type.t_copied i) . inv0 x = true use seq.Seq use seq.Seq use seq.Seq @@ -436,13 +426,23 @@ module C14Copied_Impl0 val produces0 [#"../14_copied.rs" 28 4 28 64] (self : C14Copied_Copied_Type.t_copied i) (visited : Seq.seq t) (o : C14Copied_Copied_Type.t_copied i) : bool ensures { result = produces0 self visited o } - goal produces_trans_refn : [#"../14_copied.rs" 46 4 46 90] forall a : C14Copied_Copied_Type.t_copied i . forall ab : Seq.seq t . forall b : C14Copied_Copied_Type.t_copied i . forall bc : Seq.seq t . forall c : C14Copied_Copied_Type.t_copied i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) - goal produces_refl_refn : [#"../14_copied.rs" 39 4 39 26] forall self : C14Copied_Copied_Type.t_copied i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../14_copied.rs" 52 4 52 35] forall self : borrowed (C14Copied_Copied_Type.t_copied i) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option t . inv3 result /\ match result with + use seq.Seq + predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) + val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool + ensures { result = completed1 self } + + predicate completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) = + [#"../14_copied.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C14Copied_Copied_Type.copied_iter ( * self)) (C14Copied_Copied_Type.copied_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) + val completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool + ensures { result = completed0 self } + + goal next_refn : [#"../14_copied.rs" 52 4 52 35] forall self : borrowed (C14Copied_Copied_Type.t_copied i) . inv0 self -> inv0 self /\ (forall result : Core_Option_Option_Type.t_option t . inv1 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv3 result /\ match result with + end -> inv1 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) + goal produces_trans_refn : [#"../14_copied.rs" 46 4 46 90] forall a : C14Copied_Copied_Type.t_copied i . forall ab : Seq.seq t . forall b : C14Copied_Copied_Type.t_copied i . forall bc : Seq.seq t . forall c : C14Copied_Copied_Type.t_copied i . inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b -> inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_refl_refn : [#"../14_copied.rs" 39 4 39 26] forall self : C14Copied_Copied_Type.t_copied i . inv2 self -> inv2 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) end diff --git a/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg b/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg index c328782b34..58aefb3144 100644 --- a/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg +++ b/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg @@ -610,6 +610,30 @@ module C15Enumerate_Impl0 ensures { result = inv3 _x } axiom inv3 : forall x : Seq.seq (usize, item0) . inv3 x = true + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant2 (self : Core_Option_Option_Type.t_option (usize, item0)) + val invariant2 (self : Core_Option_Option_Type.t_option (usize, item0)) : bool + ensures { result = invariant2 self } + + predicate inv2 (_x : Core_Option_Option_Type.t_option (usize, item0)) + val inv2 (_x : Core_Option_Option_Type.t_option (usize, item0)) : bool + ensures { result = inv2 _x } + + axiom inv2 : forall x : Core_Option_Option_Type.t_option (usize, item0) . inv2 x = true + use C15Enumerate_Enumerate_Type as C15Enumerate_Enumerate_Type + predicate invariant1 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) + val invariant1 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool + ensures { result = invariant1 self } + + predicate inv0 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) + val inv0 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) : bool + ensures { result = inv0 _x } + + predicate inv1 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) + val inv1 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool + ensures { result = inv1 _x } + + axiom inv1 : forall x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv1 x = (inv0 ( * x) /\ inv0 ( ^ x)) use seq.Seq predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool @@ -624,40 +648,22 @@ module C15Enumerate_Impl0 val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces1 self visited o } - use C15Enumerate_Enumerate_Type as C15Enumerate_Enumerate_Type - predicate invariant2 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) = + predicate invariant0 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) = [#"../15_enumerate.rs" 73 12 74 79] (forall i : i . forall s : Seq.seq item0 . inv5 i -> inv4 s -> produces1 (C15Enumerate_Enumerate_Type.enumerate_iter self) s i -> UIntSize.to_int (C15Enumerate_Enumerate_Type.enumerate_count self) + Seq.length s < UIntSize.to_int max0) /\ (forall i : borrowed i . inv6 i -> completed1 i -> produces1 ( * i) (Seq.empty ) ( ^ i)) - val invariant2 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) : bool - ensures { result = invariant2 self } - - predicate inv2 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) - val inv2 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) : bool - ensures { result = inv2 _x } + val invariant0 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) : bool + ensures { result = invariant0 self } - axiom inv2 : forall x : C15Enumerate_Enumerate_Type.t_enumerate i . inv2 x = (invariant2 x /\ match x with + axiom inv0 : forall x : C15Enumerate_Enumerate_Type.t_enumerate i . inv0 x = (invariant0 x /\ match x with | C15Enumerate_Enumerate_Type.C_Enumerate iter count -> true end) - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant1 (self : Core_Option_Option_Type.t_option (usize, item0)) - val invariant1 (self : Core_Option_Option_Type.t_option (usize, item0)) : bool - ensures { result = invariant1 self } - - predicate inv1 (_x : Core_Option_Option_Type.t_option (usize, item0)) - val inv1 (_x : Core_Option_Option_Type.t_option (usize, item0)) : bool - ensures { result = inv1 _x } - - axiom inv1 : forall x : Core_Option_Option_Type.t_option (usize, item0) . inv1 x = true - predicate invariant0 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) - val invariant0 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool - ensures { result = invariant0 self } - - predicate inv0 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) - val inv0 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool - ensures { result = inv0 _x } - - axiom inv0 : forall x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv0 x = (inv2 ( * x) /\ inv2 ( ^ x)) use seq.Seq use seq.Seq + predicate completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) + = + [#"../15_enumerate.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C15Enumerate_Enumerate_Type.enumerate_iter ( * self)) (C15Enumerate_Enumerate_Type.enumerate_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) + val completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool + ensures { result = completed0 self } + use seq.Seq use seq.Seq use seq.Seq @@ -670,21 +676,15 @@ module C15Enumerate_Impl0 ensures { result = produces0 self visited o } use seq.Seq - predicate completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) - = - [#"../15_enumerate.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C15Enumerate_Enumerate_Type.enumerate_iter ( * self)) (C15Enumerate_Enumerate_Type.enumerate_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) - val completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool - ensures { result = completed0 self } - - goal next_refn : [#"../15_enumerate.rs" 53 4 53 44] forall self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv0 self -> inv0 self /\ (forall result : Core_Option_Option_Type.t_option (usize, item0) . inv1 result /\ match result with + goal produces_refl_refn : [#"../15_enumerate.rs" 40 4 40 26] forall self : C15Enumerate_Enumerate_Type.t_enumerate i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal next_refn : [#"../15_enumerate.rs" 53 4 53 44] forall self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv1 self -> inv1 self /\ (forall result : Core_Option_Option_Type.t_option (usize, item0) . inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv1 result /\ match result with + end -> inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_trans_refn : [#"../15_enumerate.rs" 47 4 47 90] forall a : C15Enumerate_Enumerate_Type.t_enumerate i . forall ab : Seq.seq (usize, item0) . forall b : C15Enumerate_Enumerate_Type.t_enumerate i . forall bc : Seq.seq (usize, item0) . forall c : C15Enumerate_Enumerate_Type.t_enumerate i . inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b -> inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) - goal produces_refl_refn : [#"../15_enumerate.rs" 40 4 40 26] forall self : C15Enumerate_Enumerate_Type.t_enumerate i . inv2 self -> inv2 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal produces_trans_refn : [#"../15_enumerate.rs" 47 4 47 90] forall a : C15Enumerate_Enumerate_Type.t_enumerate i . forall ab : Seq.seq (usize, item0) . forall b : C15Enumerate_Enumerate_Type.t_enumerate i . forall bc : Seq.seq (usize, item0) . forall c : C15Enumerate_Enumerate_Type.t_enumerate i . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end module C15Enumerate_Impl1 type i From 1252d4579fd369140895603b698ac55b96f3764b Mon Sep 17 00:00:00 2001 From: dewert99 Date: Thu, 22 Feb 2024 11:45:58 -0800 Subject: [PATCH 17/66] Revert some blessed tests --- .../should_succeed/iterators/01_range.mlcfg | 66 ++++++++-------- .../should_succeed/iterators/04_skip.mlcfg | 48 ++++++------ .../should_succeed/iterators/07_fuse.mlcfg | 4 +- .../should_succeed/iterators/09_empty.mlcfg | 2 +- .../should_succeed/iterators/10_once.mlcfg | 46 +++++------ .../should_succeed/iterators/14_copied.mlcfg | 72 +++++++++--------- .../iterators/15_enumerate.mlcfg | 76 +++++++++---------- 7 files changed, 157 insertions(+), 157 deletions(-) diff --git a/creusot/tests/should_succeed/iterators/01_range.mlcfg b/creusot/tests/should_succeed/iterators/01_range.mlcfg index 571f08d22c..e9dc99bf9f 100644 --- a/creusot/tests/should_succeed/iterators/01_range.mlcfg +++ b/creusot/tests/should_succeed/iterators/01_range.mlcfg @@ -314,46 +314,56 @@ module C01Range_Impl0 ensures { result = inv3 _x } axiom inv3 : forall x : Seq.seq isize . inv3 x = true - use C01Range_Range_Type as C01Range_Range_Type - predicate invariant2 (self : C01Range_Range_Type.t_range) = + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant2 (self : Core_Option_Option_Type.t_option isize) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant2 (self : C01Range_Range_Type.t_range) : bool + val invariant2 (self : Core_Option_Option_Type.t_option isize) : bool ensures { result = invariant2 self } - predicate inv2 (_x : C01Range_Range_Type.t_range) - val inv2 (_x : C01Range_Range_Type.t_range) : bool + predicate inv2 (_x : Core_Option_Option_Type.t_option isize) + val inv2 (_x : Core_Option_Option_Type.t_option isize) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : C01Range_Range_Type.t_range . inv2 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant1 (self : Core_Option_Option_Type.t_option isize) = + axiom inv2 : forall x : Core_Option_Option_Type.t_option isize . inv2 x = true + use C01Range_Range_Type as C01Range_Range_Type + use prelude.Borrow + predicate invariant1 (self : borrowed (C01Range_Range_Type.t_range)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant1 (self : Core_Option_Option_Type.t_option isize) : bool + val invariant1 (self : borrowed (C01Range_Range_Type.t_range)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Core_Option_Option_Type.t_option isize) - val inv1 (_x : Core_Option_Option_Type.t_option isize) : bool + predicate inv1 (_x : borrowed (C01Range_Range_Type.t_range)) + val inv1 (_x : borrowed (C01Range_Range_Type.t_range)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Core_Option_Option_Type.t_option isize . inv1 x = true - use prelude.Borrow - predicate invariant0 (self : borrowed (C01Range_Range_Type.t_range)) = + axiom inv1 : forall x : borrowed (C01Range_Range_Type.t_range) . inv1 x = true + predicate invariant0 (self : C01Range_Range_Type.t_range) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant0 (self : borrowed (C01Range_Range_Type.t_range)) : bool + val invariant0 (self : C01Range_Range_Type.t_range) : bool ensures { result = invariant0 self } - predicate inv0 (_x : borrowed (C01Range_Range_Type.t_range)) - val inv0 (_x : borrowed (C01Range_Range_Type.t_range)) : bool + predicate inv0 (_x : C01Range_Range_Type.t_range) + val inv0 (_x : C01Range_Range_Type.t_range) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : borrowed (C01Range_Range_Type.t_range) . inv0 x = true + axiom inv0 : forall x : C01Range_Range_Type.t_range . inv0 x = true use seq.Seq use seq.Seq + use prelude.Int + predicate resolve0 (self : borrowed (C01Range_Range_Type.t_range)) = + [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self + val resolve0 (self : borrowed (C01Range_Range_Type.t_range)) : bool + ensures { result = resolve0 self } + + predicate completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) = + [#"../01_range.rs" 25 12 25 52] resolve0 self /\ C01Range_Range_Type.range_start ( * self) >= C01Range_Range_Type.range_end ( * self) + val completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) : bool + ensures { result = completed0 self } + use seq.Seq use seq.Seq use prelude.IntSize use seq.Seq - use prelude.Int predicate produces0 [#"../01_range.rs" 31 4 31 64] (self : C01Range_Range_Type.t_range) (visited : Seq.seq isize) (o : C01Range_Range_Type.t_range) = @@ -362,23 +372,13 @@ module C01Range_Impl0 ensures { result = produces0 self visited o } use seq.Seq - predicate resolve0 (self : borrowed (C01Range_Range_Type.t_range)) = - [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self - val resolve0 (self : borrowed (C01Range_Range_Type.t_range)) : bool - ensures { result = resolve0 self } - - predicate completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) = - [#"../01_range.rs" 25 12 25 52] resolve0 self /\ C01Range_Range_Type.range_start ( * self) >= C01Range_Range_Type.range_end ( * self) - val completed0 [#"../01_range.rs" 23 4 23 35] (self : borrowed (C01Range_Range_Type.t_range)) : bool - ensures { result = completed0 self } - - goal next_refn : [#"../01_range.rs" 57 4 57 39] forall self : borrowed (C01Range_Range_Type.t_range) . inv0 self -> (forall result : Core_Option_Option_Type.t_option isize . match result with + goal produces_refl_refn : [#"../01_range.rs" 44 4 44 26] forall self : C01Range_Range_Type.t_range . inv0 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal next_refn : [#"../01_range.rs" 57 4 57 39] forall self : borrowed (C01Range_Range_Type.t_range) . inv1 self -> (forall result : Core_Option_Option_Type.t_option isize . match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv1 result /\ match result with + end -> inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_refl_refn : [#"../01_range.rs" 44 4 44 26] forall self : C01Range_Range_Type.t_range . inv2 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal produces_trans_refn : [#"../01_range.rs" 51 4 51 90] forall a : C01Range_Range_Type.t_range . forall ab : Seq.seq isize . forall b : C01Range_Range_Type.t_range . forall bc : Seq.seq isize . forall c : C01Range_Range_Type.t_range . inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b -> produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_trans_refn : [#"../01_range.rs" 51 4 51 90] forall a : C01Range_Range_Type.t_range . forall ab : Seq.seq isize . forall b : C01Range_Range_Type.t_range . forall bc : Seq.seq isize . forall c : C01Range_Range_Type.t_range . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end diff --git a/creusot/tests/should_succeed/iterators/04_skip.mlcfg b/creusot/tests/should_succeed/iterators/04_skip.mlcfg index a4c042ee4e..247a964a99 100644 --- a/creusot/tests/should_succeed/iterators/04_skip.mlcfg +++ b/creusot/tests/should_succeed/iterators/04_skip.mlcfg @@ -529,36 +529,36 @@ module C04Skip_Impl0 axiom inv4 : forall x : borrowed i . inv4 x = true type item0 - use seq.Seq - predicate invariant3 (self : Seq.seq item0) - val invariant3 (self : Seq.seq item0) : bool + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant3 (self : Core_Option_Option_Type.t_option item0) + val invariant3 (self : Core_Option_Option_Type.t_option item0) : bool ensures { result = invariant3 self } - predicate inv3 (_x : Seq.seq item0) - val inv3 (_x : Seq.seq item0) : bool + predicate inv3 (_x : Core_Option_Option_Type.t_option item0) + val inv3 (_x : Core_Option_Option_Type.t_option item0) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : Seq.seq item0 . inv3 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant2 (self : Core_Option_Option_Type.t_option item0) - val invariant2 (self : Core_Option_Option_Type.t_option item0) : bool + axiom inv3 : forall x : Core_Option_Option_Type.t_option item0 . inv3 x = true + use C04Skip_Skip_Type as C04Skip_Skip_Type + predicate invariant2 (self : borrowed (C04Skip_Skip_Type.t_skip i)) + val invariant2 (self : borrowed (C04Skip_Skip_Type.t_skip i)) : bool ensures { result = invariant2 self } - predicate inv2 (_x : Core_Option_Option_Type.t_option item0) - val inv2 (_x : Core_Option_Option_Type.t_option item0) : bool + predicate inv2 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) + val inv2 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : Core_Option_Option_Type.t_option item0 . inv2 x = true - use C04Skip_Skip_Type as C04Skip_Skip_Type - predicate invariant1 (self : borrowed (C04Skip_Skip_Type.t_skip i)) - val invariant1 (self : borrowed (C04Skip_Skip_Type.t_skip i)) : bool + axiom inv2 : forall x : borrowed (C04Skip_Skip_Type.t_skip i) . inv2 x = true + use seq.Seq + predicate invariant1 (self : Seq.seq item0) + val invariant1 (self : Seq.seq item0) : bool ensures { result = invariant1 self } - predicate inv1 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) - val inv1 (_x : borrowed (C04Skip_Skip_Type.t_skip i)) : bool + predicate inv1 (_x : Seq.seq item0) + val inv1 (_x : Seq.seq item0) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : borrowed (C04Skip_Skip_Type.t_skip i) . inv1 x = true + axiom inv1 : forall x : Seq.seq item0 . inv1 x = true predicate invariant0 (self : C04Skip_Skip_Type.t_skip i) val invariant0 (self : C04Skip_Skip_Type.t_skip i) : bool ensures { result = invariant0 self } @@ -569,7 +569,6 @@ module C04Skip_Impl0 axiom inv0 : forall x : C04Skip_Skip_Type.t_skip i . inv0 x = true use seq.Seq - use seq.Seq predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed1 self } @@ -587,26 +586,27 @@ module C04Skip_Impl0 use seq.Seq use prelude.UIntSize predicate completed0 [#"../04_skip.rs" 22 4 22 35] (self : borrowed (C04Skip_Skip_Type.t_skip i)) = - [#"../04_skip.rs" 23 8 31 9] UIntSize.to_int (C04Skip_Skip_Type.skip_n ( ^ self)) = 0 /\ (exists i : borrowed i . exists s : Seq.seq item0 . inv4 i /\ inv3 s /\ Seq.length s <= UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * self)) /\ produces1 (C04Skip_Skip_Type.skip_iter ( * self)) s ( * i) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i)) /\ completed1 i /\ ^ i = C04Skip_Skip_Type.skip_iter ( ^ self)) + [#"../04_skip.rs" 23 8 31 9] UIntSize.to_int (C04Skip_Skip_Type.skip_n ( ^ self)) = 0 /\ (exists i : borrowed i . exists s : Seq.seq item0 . inv4 i /\ inv1 s /\ Seq.length s <= UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * self)) /\ produces1 (C04Skip_Skip_Type.skip_iter ( * self)) s ( * i) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i)) /\ completed1 i /\ ^ i = C04Skip_Skip_Type.skip_iter ( ^ self)) val completed0 [#"../04_skip.rs" 22 4 22 35] (self : borrowed (C04Skip_Skip_Type.t_skip i)) : bool ensures { result = completed0 self } + use seq.Seq use seq.Seq use seq.Seq predicate produces0 [#"../04_skip.rs" 36 4 36 64] (self : C04Skip_Skip_Type.t_skip i) (visited : Seq.seq item0) (o : C04Skip_Skip_Type.t_skip i) = - [#"../04_skip.rs" 37 8 44 9] visited = Seq.empty /\ self = o \/ UIntSize.to_int (C04Skip_Skip_Type.skip_n o) = 0 /\ Seq.length visited > 0 /\ (exists s : Seq.seq item0 . inv3 s /\ Seq.length s = UIntSize.to_int (C04Skip_Skip_Type.skip_n self) /\ produces1 (C04Skip_Skip_Type.skip_iter self) (Seq.(++) s visited) (C04Skip_Skip_Type.skip_iter o) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i))) + [#"../04_skip.rs" 37 8 44 9] visited = Seq.empty /\ self = o \/ UIntSize.to_int (C04Skip_Skip_Type.skip_n o) = 0 /\ Seq.length visited > 0 /\ (exists s : Seq.seq item0 . inv1 s /\ Seq.length s = UIntSize.to_int (C04Skip_Skip_Type.skip_n self) /\ produces1 (C04Skip_Skip_Type.skip_iter self) (Seq.(++) s visited) (C04Skip_Skip_Type.skip_iter o) /\ (forall i : int . 0 <= i /\ i < Seq.length s -> resolve0 (Seq.get s i))) val produces0 [#"../04_skip.rs" 36 4 36 64] (self : C04Skip_Skip_Type.t_skip i) (visited : Seq.seq item0) (o : C04Skip_Skip_Type.t_skip i) : bool ensures { result = produces0 self visited o } + goal produces_trans_refn : [#"../04_skip.rs" 57 4 57 90] forall a : C04Skip_Skip_Type.t_skip i . forall ab : Seq.seq item0 . forall b : C04Skip_Skip_Type.t_skip i . forall bc : Seq.seq item0 . forall c : C04Skip_Skip_Type.t_skip i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal produces_refl_refn : [#"../04_skip.rs" 50 4 50 26] forall self : C04Skip_Skip_Type.t_skip i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../04_skip.rs" 63 4 63 41] forall self : borrowed (C04Skip_Skip_Type.t_skip i) . inv1 self -> inv1 self /\ (forall result : Core_Option_Option_Type.t_option item0 . inv2 result /\ match result with + goal next_refn : [#"../04_skip.rs" 63 4 63 41] forall self : borrowed (C04Skip_Skip_Type.t_skip i) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option item0 . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv2 result /\ match result with + end -> inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_trans_refn : [#"../04_skip.rs" 57 4 57 90] forall a : C04Skip_Skip_Type.t_skip i . forall ab : Seq.seq item0 . forall b : C04Skip_Skip_Type.t_skip i . forall bc : Seq.seq item0 . forall c : C04Skip_Skip_Type.t_skip i . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end diff --git a/creusot/tests/should_succeed/iterators/07_fuse.mlcfg b/creusot/tests/should_succeed/iterators/07_fuse.mlcfg index 8eac620b79..97a236a7b1 100644 --- a/creusot/tests/should_succeed/iterators/07_fuse.mlcfg +++ b/creusot/tests/should_succeed/iterators/07_fuse.mlcfg @@ -636,13 +636,13 @@ module C07Fuse_Impl0 val completed0 [#"../07_fuse.rs" 16 4 16 35] (self : borrowed (C07Fuse_Fuse_Type.t_fuse i)) : bool ensures { result = completed0 self } - use seq.Seq use seq.Seq use seq.Seq predicate produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces1 self visited o } + use seq.Seq predicate produces0 [#"../07_fuse.rs" 25 4 25 65] (self : C07Fuse_Fuse_Type.t_fuse i) (prod : Seq.seq item0) (other : C07Fuse_Fuse_Type.t_fuse i) = @@ -656,8 +656,8 @@ module C07Fuse_Impl0 val produces0 [#"../07_fuse.rs" 25 4 25 65] (self : C07Fuse_Fuse_Type.t_fuse i) (prod : Seq.seq item0) (other : C07Fuse_Fuse_Type.t_fuse i) : bool ensures { result = produces0 self prod other } - goal produces_trans_refn : [#"../07_fuse.rs" 62 4 62 90] forall a : C07Fuse_Fuse_Type.t_fuse i . forall ab : Seq.seq item0 . forall b : C07Fuse_Fuse_Type.t_fuse i . forall bc : Seq.seq item0 . forall c : C07Fuse_Fuse_Type.t_fuse i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal produces_refl_refn : [#"../07_fuse.rs" 55 4 55 26] forall self : C07Fuse_Fuse_Type.t_fuse i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal produces_trans_refn : [#"../07_fuse.rs" 62 4 62 90] forall a : C07Fuse_Fuse_Type.t_fuse i . forall ab : Seq.seq item0 . forall b : C07Fuse_Fuse_Type.t_fuse i . forall bc : Seq.seq item0 . forall c : C07Fuse_Fuse_Type.t_fuse i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal next_refn : [#"../07_fuse.rs" 39 4 39 44] forall self : borrowed (C07Fuse_Fuse_Type.t_fuse i) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option item0 . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) diff --git a/creusot/tests/should_succeed/iterators/09_empty.mlcfg b/creusot/tests/should_succeed/iterators/09_empty.mlcfg index 8bc18d71fb..d0d7618fea 100644 --- a/creusot/tests/should_succeed/iterators/09_empty.mlcfg +++ b/creusot/tests/should_succeed/iterators/09_empty.mlcfg @@ -183,8 +183,8 @@ module C09Empty_Impl0 val produces0 [#"../09_empty.rs" 21 4 21 64] (self : C09Empty_Empty_Type.t_empty t) (visited : Seq.seq t) (o : C09Empty_Empty_Type.t_empty t) : bool ensures { result = produces0 self visited o } - goal produces_refl_refn : [#"../09_empty.rs" 28 4 28 26] forall self : C09Empty_Empty_Type.t_empty t . inv0 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) goal produces_trans_refn : [#"../09_empty.rs" 35 4 35 90] forall a : C09Empty_Empty_Type.t_empty t . forall ab : Seq.seq t . forall b : C09Empty_Empty_Type.t_empty t . forall bc : Seq.seq t . forall c : C09Empty_Empty_Type.t_empty t . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv1 bc /\ inv1 ab /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_refl_refn : [#"../09_empty.rs" 28 4 28 26] forall self : C09Empty_Empty_Type.t_empty t . inv0 self -> (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) goal next_refn : [#"../09_empty.rs" 41 4 41 35] forall self : borrowed (C09Empty_Empty_Type.t_empty t) . inv2 self -> (forall result : Core_Option_Option_Type.t_option t . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) diff --git a/creusot/tests/should_succeed/iterators/10_once.mlcfg b/creusot/tests/should_succeed/iterators/10_once.mlcfg index 3536ac79a0..95da1af9bf 100644 --- a/creusot/tests/should_succeed/iterators/10_once.mlcfg +++ b/creusot/tests/should_succeed/iterators/10_once.mlcfg @@ -216,37 +216,37 @@ module C10Once_Impl0 ensures { result = inv4 _x } axiom inv4 : forall x : t . inv4 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant3 (self : Core_Option_Option_Type.t_option t) - val invariant3 (self : Core_Option_Option_Type.t_option t) : bool + use seq.Seq + predicate invariant3 (self : Seq.seq t) + val invariant3 (self : Seq.seq t) : bool ensures { result = invariant3 self } - predicate inv3 (_x : Core_Option_Option_Type.t_option t) - val inv3 (_x : Core_Option_Option_Type.t_option t) : bool + predicate inv3 (_x : Seq.seq t) + val inv3 (_x : Seq.seq t) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : Core_Option_Option_Type.t_option t . inv3 x = true - use C10Once_Once_Type as C10Once_Once_Type - use prelude.Borrow - predicate invariant2 (self : borrowed (C10Once_Once_Type.t_once t)) - val invariant2 (self : borrowed (C10Once_Once_Type.t_once t)) : bool + axiom inv3 : forall x : Seq.seq t . inv3 x = true + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant2 (self : Core_Option_Option_Type.t_option t) + val invariant2 (self : Core_Option_Option_Type.t_option t) : bool ensures { result = invariant2 self } - predicate inv2 (_x : borrowed (C10Once_Once_Type.t_once t)) - val inv2 (_x : borrowed (C10Once_Once_Type.t_once t)) : bool + predicate inv2 (_x : Core_Option_Option_Type.t_option t) + val inv2 (_x : Core_Option_Option_Type.t_option t) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : borrowed (C10Once_Once_Type.t_once t) . inv2 x = true - use seq.Seq - predicate invariant1 (self : Seq.seq t) - val invariant1 (self : Seq.seq t) : bool + axiom inv2 : forall x : Core_Option_Option_Type.t_option t . inv2 x = true + use C10Once_Once_Type as C10Once_Once_Type + use prelude.Borrow + predicate invariant1 (self : borrowed (C10Once_Once_Type.t_once t)) + val invariant1 (self : borrowed (C10Once_Once_Type.t_once t)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Seq.seq t) - val inv1 (_x : Seq.seq t) : bool + predicate inv1 (_x : borrowed (C10Once_Once_Type.t_once t)) + val inv1 (_x : borrowed (C10Once_Once_Type.t_once t)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Seq.seq t . inv1 x = true + axiom inv1 : forall x : borrowed (C10Once_Once_Type.t_once t) . inv1 x = true predicate invariant0 (self : C10Once_Once_Type.t_once t) val invariant0 (self : C10Once_Once_Type.t_once t) : bool ensures { result = invariant0 self } @@ -257,6 +257,7 @@ module C10Once_Impl0 axiom inv0 : forall x : C10Once_Once_Type.t_once t . inv0 x = true use seq.Seq + use seq.Seq predicate resolve0 (self : borrowed (C10Once_Once_Type.t_once t)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve0 (self : borrowed (C10Once_Once_Type.t_once t)) : bool @@ -267,7 +268,6 @@ module C10Once_Impl0 val completed0 [#"../10_once.rs" 15 4 15 35] (self : borrowed (C10Once_Once_Type.t_once t)) : bool ensures { result = completed0 self } - use seq.Seq use seq.Seq use seq.Seq predicate produces0 [#"../10_once.rs" 21 4 21 64] (self : C10Once_Once_Type.t_once t) (visited : Seq.seq t) (o : C10Once_Once_Type.t_once t) @@ -277,13 +277,13 @@ module C10Once_Impl0 val produces0 [#"../10_once.rs" 21 4 21 64] (self : C10Once_Once_Type.t_once t) (visited : Seq.seq t) (o : C10Once_Once_Type.t_once t) : bool ensures { result = produces0 self visited o } - goal produces_trans_refn : [#"../10_once.rs" 38 4 38 90] forall a : C10Once_Once_Type.t_once t . forall ab : Seq.seq t . forall b : C10Once_Once_Type.t_once t . forall bc : Seq.seq t . forall c : C10Once_Once_Type.t_once t . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) goal produces_refl_refn : [#"../10_once.rs" 31 4 31 26] forall self : C10Once_Once_Type.t_once t . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../10_once.rs" 44 4 44 35] forall self : borrowed (C10Once_Once_Type.t_once t) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option t . inv3 result /\ match result with + goal next_refn : [#"../10_once.rs" 44 4 44 35] forall self : borrowed (C10Once_Once_Type.t_once t) . inv1 self -> inv1 self /\ (forall result : Core_Option_Option_Type.t_option t . inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv3 result /\ match result with + end -> inv2 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) + goal produces_trans_refn : [#"../10_once.rs" 38 4 38 90] forall a : C10Once_Once_Type.t_once t . forall ab : Seq.seq t . forall b : C10Once_Once_Type.t_once t . forall bc : Seq.seq t . forall c : C10Once_Once_Type.t_once t . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) end diff --git a/creusot/tests/should_succeed/iterators/14_copied.mlcfg b/creusot/tests/should_succeed/iterators/14_copied.mlcfg index e1d7b69948..bf7ebba998 100644 --- a/creusot/tests/should_succeed/iterators/14_copied.mlcfg +++ b/creusot/tests/should_succeed/iterators/14_copied.mlcfg @@ -368,45 +368,55 @@ module C14Copied_Impl0 ensures { result = inv4 _x } axiom inv4 : forall x : Seq.seq t . inv4 x = true - predicate invariant3 (self : Seq.seq t) - val invariant3 (self : Seq.seq t) : bool + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant3 (self : Core_Option_Option_Type.t_option t) + val invariant3 (self : Core_Option_Option_Type.t_option t) : bool ensures { result = invariant3 self } - predicate inv3 (_x : Seq.seq t) - val inv3 (_x : Seq.seq t) : bool + predicate inv3 (_x : Core_Option_Option_Type.t_option t) + val inv3 (_x : Core_Option_Option_Type.t_option t) : bool ensures { result = inv3 _x } - axiom inv3 : forall x : Seq.seq t . inv3 x = true + axiom inv3 : forall x : Core_Option_Option_Type.t_option t . inv3 x = true use C14Copied_Copied_Type as C14Copied_Copied_Type - predicate invariant2 (self : C14Copied_Copied_Type.t_copied i) - val invariant2 (self : C14Copied_Copied_Type.t_copied i) : bool + use prelude.Borrow + predicate invariant2 (self : borrowed (C14Copied_Copied_Type.t_copied i)) + val invariant2 (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool ensures { result = invariant2 self } - predicate inv2 (_x : C14Copied_Copied_Type.t_copied i) - val inv2 (_x : C14Copied_Copied_Type.t_copied i) : bool + predicate inv2 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) + val inv2 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : C14Copied_Copied_Type.t_copied i . inv2 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant1 (self : Core_Option_Option_Type.t_option t) - val invariant1 (self : Core_Option_Option_Type.t_option t) : bool + axiom inv2 : forall x : borrowed (C14Copied_Copied_Type.t_copied i) . inv2 x = true + predicate invariant1 (self : Seq.seq t) + val invariant1 (self : Seq.seq t) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Core_Option_Option_Type.t_option t) - val inv1 (_x : Core_Option_Option_Type.t_option t) : bool + predicate inv1 (_x : Seq.seq t) + val inv1 (_x : Seq.seq t) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Core_Option_Option_Type.t_option t . inv1 x = true - use prelude.Borrow - predicate invariant0 (self : borrowed (C14Copied_Copied_Type.t_copied i)) - val invariant0 (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool + axiom inv1 : forall x : Seq.seq t . inv1 x = true + predicate invariant0 (self : C14Copied_Copied_Type.t_copied i) + val invariant0 (self : C14Copied_Copied_Type.t_copied i) : bool ensures { result = invariant0 self } - predicate inv0 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) - val inv0 (_x : borrowed (C14Copied_Copied_Type.t_copied i)) : bool + predicate inv0 (_x : C14Copied_Copied_Type.t_copied i) + val inv0 (_x : C14Copied_Copied_Type.t_copied i) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : borrowed (C14Copied_Copied_Type.t_copied i) . inv0 x = true + axiom inv0 : forall x : C14Copied_Copied_Type.t_copied i . inv0 x = true + use seq.Seq + predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) + val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool + ensures { result = completed1 self } + + predicate completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) = + [#"../14_copied.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C14Copied_Copied_Type.copied_iter ( * self)) (C14Copied_Copied_Type.copied_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) + val completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool + ensures { result = completed0 self } + use seq.Seq use seq.Seq use seq.Seq @@ -426,23 +436,13 @@ module C14Copied_Impl0 val produces0 [#"../14_copied.rs" 28 4 28 64] (self : C14Copied_Copied_Type.t_copied i) (visited : Seq.seq t) (o : C14Copied_Copied_Type.t_copied i) : bool ensures { result = produces0 self visited o } - use seq.Seq - predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) - val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool - ensures { result = completed1 self } - - predicate completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) = - [#"../14_copied.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C14Copied_Copied_Type.copied_iter ( * self)) (C14Copied_Copied_Type.copied_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) - val completed0 [#"../14_copied.rs" 22 4 22 35] (self : borrowed (C14Copied_Copied_Type.t_copied i)) : bool - ensures { result = completed0 self } - - goal next_refn : [#"../14_copied.rs" 52 4 52 35] forall self : borrowed (C14Copied_Copied_Type.t_copied i) . inv0 self -> inv0 self /\ (forall result : Core_Option_Option_Type.t_option t . inv1 result /\ match result with + goal produces_trans_refn : [#"../14_copied.rs" 46 4 46 90] forall a : C14Copied_Copied_Type.t_copied i . forall ab : Seq.seq t . forall b : C14Copied_Copied_Type.t_copied i . forall bc : Seq.seq t . forall c : C14Copied_Copied_Type.t_copied i . inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv1 bc /\ inv0 b /\ inv1 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_refl_refn : [#"../14_copied.rs" 39 4 39 26] forall self : C14Copied_Copied_Type.t_copied i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) + goal next_refn : [#"../14_copied.rs" 52 4 52 35] forall self : borrowed (C14Copied_Copied_Type.t_copied i) . inv2 self -> inv2 self /\ (forall result : Core_Option_Option_Type.t_option t . inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv1 result /\ match result with + end -> inv3 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_trans_refn : [#"../14_copied.rs" 46 4 46 90] forall a : C14Copied_Copied_Type.t_copied i . forall ab : Seq.seq t . forall b : C14Copied_Copied_Type.t_copied i . forall bc : Seq.seq t . forall c : C14Copied_Copied_Type.t_copied i . inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b -> inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) - goal produces_refl_refn : [#"../14_copied.rs" 39 4 39 26] forall self : C14Copied_Copied_Type.t_copied i . inv2 self -> inv2 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) end diff --git a/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg b/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg index 58aefb3144..c328782b34 100644 --- a/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg +++ b/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg @@ -610,30 +610,6 @@ module C15Enumerate_Impl0 ensures { result = inv3 _x } axiom inv3 : forall x : Seq.seq (usize, item0) . inv3 x = true - use Core_Option_Option_Type as Core_Option_Option_Type - predicate invariant2 (self : Core_Option_Option_Type.t_option (usize, item0)) - val invariant2 (self : Core_Option_Option_Type.t_option (usize, item0)) : bool - ensures { result = invariant2 self } - - predicate inv2 (_x : Core_Option_Option_Type.t_option (usize, item0)) - val inv2 (_x : Core_Option_Option_Type.t_option (usize, item0)) : bool - ensures { result = inv2 _x } - - axiom inv2 : forall x : Core_Option_Option_Type.t_option (usize, item0) . inv2 x = true - use C15Enumerate_Enumerate_Type as C15Enumerate_Enumerate_Type - predicate invariant1 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) - val invariant1 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool - ensures { result = invariant1 self } - - predicate inv0 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) - val inv0 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) : bool - ensures { result = inv0 _x } - - predicate inv1 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) - val inv1 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool - ensures { result = inv1 _x } - - axiom inv1 : forall x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv1 x = (inv0 ( * x) /\ inv0 ( ^ x)) use seq.Seq predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool @@ -648,22 +624,40 @@ module C15Enumerate_Impl0 val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces1 self visited o } - predicate invariant0 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) = + use C15Enumerate_Enumerate_Type as C15Enumerate_Enumerate_Type + predicate invariant2 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) = [#"../15_enumerate.rs" 73 12 74 79] (forall i : i . forall s : Seq.seq item0 . inv5 i -> inv4 s -> produces1 (C15Enumerate_Enumerate_Type.enumerate_iter self) s i -> UIntSize.to_int (C15Enumerate_Enumerate_Type.enumerate_count self) + Seq.length s < UIntSize.to_int max0) /\ (forall i : borrowed i . inv6 i -> completed1 i -> produces1 ( * i) (Seq.empty ) ( ^ i)) - val invariant0 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) : bool - ensures { result = invariant0 self } + val invariant2 [#"../15_enumerate.rs" 71 4 71 30] (self : C15Enumerate_Enumerate_Type.t_enumerate i) : bool + ensures { result = invariant2 self } - axiom inv0 : forall x : C15Enumerate_Enumerate_Type.t_enumerate i . inv0 x = (invariant0 x /\ match x with + predicate inv2 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) + val inv2 (_x : C15Enumerate_Enumerate_Type.t_enumerate i) : bool + ensures { result = inv2 _x } + + axiom inv2 : forall x : C15Enumerate_Enumerate_Type.t_enumerate i . inv2 x = (invariant2 x /\ match x with | C15Enumerate_Enumerate_Type.C_Enumerate iter count -> true end) + use Core_Option_Option_Type as Core_Option_Option_Type + predicate invariant1 (self : Core_Option_Option_Type.t_option (usize, item0)) + val invariant1 (self : Core_Option_Option_Type.t_option (usize, item0)) : bool + ensures { result = invariant1 self } + + predicate inv1 (_x : Core_Option_Option_Type.t_option (usize, item0)) + val inv1 (_x : Core_Option_Option_Type.t_option (usize, item0)) : bool + ensures { result = inv1 _x } + + axiom inv1 : forall x : Core_Option_Option_Type.t_option (usize, item0) . inv1 x = true + predicate invariant0 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) + val invariant0 (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool + ensures { result = invariant0 self } + + predicate inv0 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) + val inv0 (_x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool + ensures { result = inv0 _x } + + axiom inv0 : forall x : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv0 x = (inv2 ( * x) /\ inv2 ( ^ x)) use seq.Seq use seq.Seq - predicate completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) - = - [#"../15_enumerate.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C15Enumerate_Enumerate_Type.enumerate_iter ( * self)) (C15Enumerate_Enumerate_Type.enumerate_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) - val completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool - ensures { result = completed0 self } - use seq.Seq use seq.Seq use seq.Seq @@ -676,15 +670,21 @@ module C15Enumerate_Impl0 ensures { result = produces0 self visited o } use seq.Seq - goal produces_refl_refn : [#"../15_enumerate.rs" 40 4 40 26] forall self : C15Enumerate_Enumerate_Type.t_enumerate i . inv0 self -> inv0 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) - goal next_refn : [#"../15_enumerate.rs" 53 4 53 44] forall self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv1 self -> inv1 self /\ (forall result : Core_Option_Option_Type.t_option (usize, item0) . inv2 result /\ match result with + predicate completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) + = + [#"../15_enumerate.rs" 23 8 23 43] completed1 (Borrow.borrow_logic (C15Enumerate_Enumerate_Type.enumerate_iter ( * self)) (C15Enumerate_Enumerate_Type.enumerate_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) + val completed0 [#"../15_enumerate.rs" 22 4 22 35] (self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i)) : bool + ensures { result = completed0 self } + + goal next_refn : [#"../15_enumerate.rs" 53 4 53 44] forall self : borrowed (C15Enumerate_Enumerate_Type.t_enumerate i) . inv0 self -> inv0 self /\ (forall result : Core_Option_Option_Type.t_option (usize, item0) . inv1 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) - end -> inv2 result /\ match result with + end -> inv1 result /\ match result with | Core_Option_Option_Type.C_None -> completed0 self | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end) - goal produces_trans_refn : [#"../15_enumerate.rs" 47 4 47 90] forall a : C15Enumerate_Enumerate_Type.t_enumerate i . forall ab : Seq.seq (usize, item0) . forall b : C15Enumerate_Enumerate_Type.t_enumerate i . forall bc : Seq.seq (usize, item0) . forall c : C15Enumerate_Enumerate_Type.t_enumerate i . inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b -> inv0 c /\ inv3 bc /\ inv0 b /\ inv3 ab /\ inv0 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_trans_refn : [#"../15_enumerate.rs" 47 4 47 90] forall a : C15Enumerate_Enumerate_Type.t_enumerate i . forall ab : Seq.seq (usize, item0) . forall b : C15Enumerate_Enumerate_Type.t_enumerate i . forall bc : Seq.seq (usize, item0) . forall c : C15Enumerate_Enumerate_Type.t_enumerate i . inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b -> inv2 c /\ inv3 bc /\ inv2 b /\ inv3 ab /\ inv2 a /\ produces0 b bc c /\ produces0 a ab b /\ (forall result : () . produces0 a (Seq.(++) ab bc) c -> produces0 a (Seq.(++) ab bc) c) + goal produces_refl_refn : [#"../15_enumerate.rs" 40 4 40 26] forall self : C15Enumerate_Enumerate_Type.t_enumerate i . inv2 self -> inv2 self /\ (forall result : () . produces0 self (Seq.empty ) self -> produces0 self (Seq.empty ) self) end module C15Enumerate_Impl1 type i From 4b6434e1b3011b5e2aaa1abf22a6d235389994f8 Mon Sep 17 00:00:00 2001 From: dewert99 Date: Fri, 23 Feb 2024 10:06:08 -0800 Subject: [PATCH 18/66] Added why3 tracking to ghostptrtoken test --- .../ghost_ptr_token/why3session.xml | 14 ++++++++++++++ .../should_succeed/ghost_ptr_token/why3shapes.gz | Bin 0 -> 774 bytes 2 files changed, 14 insertions(+) create mode 100644 creusot/tests/should_succeed/ghost_ptr_token/why3session.xml create mode 100644 creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml new file mode 100644 index 0000000000..d911bffbbc --- /dev/null +++ b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml @@ -0,0 +1,14 @@ + + + + + + + + + + + + + diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz b/creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz new file mode 100644 index 0000000000000000000000000000000000000000..a75a8d77246a7295398bfc43c6450c7416be6f86 GIT binary patch literal 774 zcmV+h1Nrj*&4|%q!1R24P`Gab8Ju?xf|ld zsqG}RU*C~rd7WmL7DRY@nt3x%n)uyf-aYG+>E;*HcDv^IX)foB_p|<|-W@LrSvEk4 zJV3xGK!I_9F^T{qgaA3p02!)mR;?V==VNPh`K&j!VVD$EHq%S}xc=H444qwDePWnm zIz|sn;k!zUC%wd!5}ul)ak+;*)0dsOGURr-L^(2r?~s!n{duWtb0n6RBhS5t-kWu| z`)#qpfc-|~gG$Rn5IDiG6|wx?6l639V!rVqs}6|CJT!Akp9?$dpPaX|rPbL?$E zQ2N%M&D)6|LTbtF9leolP2c4f{%r?9j0m?APn@>q&|K)vI1PlF+H`yWAY*$s!MmX~ zsXqo(^4k`j#-zoY{Lq#PZAsUbD`XC*{ujk1C0mWHj-)No^<#5RdOXZ#yQ-*GRYBFd zroNa61>952Q=Yfervxgxsuw`IeH=Z|FHzGCj5=I@JD+NjQ?z223`$!N1H! z;LJ_l6q3nCa_jOtN~RYGYUMVdXe0f{gueh#u1l^rP1`nCvwb-1eQLEk>YC<9@3!>o z%`gP}QcKH0s(+Y%?M`ipg=H2Y6q3Ibss5nIoT7hwPzZ8Vl%paW6s1*UnT-?(Zbk!` zyc|qt6keH8pyg&1fIt>x{ER}3;ARw}N&hcX8rkw9MPS7QOe%_WTAtmP7YcH67B3!SpE+_1Q+ zjFNQuERHm*V8d0ZR5a%*=Q8JzbCL5n=TXji&RL%3Nv?94LoV_-CpKrZKbH_BRAL7J E07LtBfB*mh literal 0 HcmV?d00001 From 6ad931f887db60a1d686b3f28fba70dae788d8d1 Mon Sep 17 00:00:00 2001 From: dewert99 Date: Fri, 23 Feb 2024 10:26:37 -0800 Subject: [PATCH 19/66] Reran with correct z3 version --- creusot/tests/should_succeed/ghost_ptr_token/why3session.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml index d911bffbbc..4a59f5af0c 100644 --- a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml +++ b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml @@ -7,7 +7,7 @@ - + From 4037c1ae84a5783b94e9aea9f25bccb99d224e90 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Fri, 23 Feb 2024 22:59:30 +0100 Subject: [PATCH 20/66] Update session --- .../ghost_ptr_token/why3session.xml | 2 +- .../ghost_ptr_token/why3shapes.gz | Bin 774 -> 775 bytes 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml index 4a59f5af0c..5692257551 100644 --- a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml +++ b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz b/creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz index a75a8d77246a7295398bfc43c6450c7416be6f86..9971c808685c2af25d79de29a05bb20364d21df4 100644 GIT binary patch literal 775 zcmV+i1Ni(OiwFP!00000|BX~pYuhjoe$TJSTepmXWa%Vp&_O5|8%AF??r}j)lr_|e zGuuhoe*I38qq-gJBE3+EoS!C-mShidq-!_tvxa{ zXvXM)sbW{Ay0^DzDB-?2xRASlV)ndq&kVU=AyJJ?6+7f)$9}%GwL1{Y*CWrPhJA9Y zZui@5=rp4>l)vPwXpv_jCsZJ&b8Szjq$QDq?OdOVdn#GGP=ck6tz4(a21P{y>*mn= zfTZ-TJ-N3NKcv((_jmM0wl{s1TgA5>05LM%j+i)Y-M%@~n{gTlJ+&G3@j=G+E`oPM zYs!91Xw5HM3>uRbFY;4cI<=)jTcMEKANyYvm#^7!Y;`1kiLM`;3)16ZG23mc?Q&aD zwXUhpE<*{|6pK{k{q$*xny%^vkZv!s8~P<`x`9!L+i$01O>&x+2+2U8NHSSO0ySTH zKv67G+#cIz-}E#%kzlAyF^r-zUu@kpPp9MRbcoYs>0e#f>yCY+TJz2o&LJ#@l{1 zB3wSnD~&3zCSc-6>FFlFHm3lU3duQvBFR8R3YGNcd{lI<qoNuW*`TPrA}f5PL2OljuJOM}3w37AxrW?G(ImzNr47(rkJ zia|!|h;o$5mzO%44Wt^&`*sIG$__3hpplw6ivlsqdrFF7ksnU}g$C6uxhC9x%&{Q>RDQ6gdo F005N8cJu%M literal 774 zcmV+h1Nrj*&4|%q!1R24P`Gab8Ju?xf|ld zsqG}RU*C~rd7WmL7DRY@nt3x%n)uyf-aYG+>E;*HcDv^IX)foB_p|<|-W@LrSvEk4 zJV3xGK!I_9F^T{qgaA3p02!)mR;?V==VNPh`K&j!VVD$EHq%S}xc=H444qwDePWnm zIz|sn;k!zUC%wd!5}ul)ak+;*)0dsOGURr-L^(2r?~s!n{duWtb0n6RBhS5t-kWu| z`)#qpfc-|~gG$Rn5IDiG6|wx?6l639V!rVqs}6|CJT!Akp9?$dpPaX|rPbL?$E zQ2N%M&D)6|LTbtF9leolP2c4f{%r?9j0m?APn@>q&|K)vI1PlF+H`yWAY*$s!MmX~ zsXqo(^4k`j#-zoY{Lq#PZAsUbD`XC*{ujk1C0mWHj-)No^<#5RdOXZ#yQ-*GRYBFd zroNa61>952Q=Yfervxgxsuw`IeH=Z|FHzGCj5=I@JD+NjQ?z223`$!N1H! z;LJ_l6q3nCa_jOtN~RYGYUMVdXe0f{gueh#u1l^rP1`nCvwb-1eQLEk>YC<9@3!>o z%`gP}QcKH0s(+Y%?M`ipg=H2Y6q3Ibss5nIoT7hwPzZ8Vl%paW6s1*UnT-?(Zbk!` zyc|qt6keH8pyg&1fIt>x{ER}3;ARw}N&hcX8rkw9MPS7QOe%_WTAtmP7YcH67B3!SpE+_1Q+ zjFNQuERHm*V8d0ZR5a%*=Q8JzbCL5n=TXji&RL%3Nv?94LoV_-CpKrZKbH_BRAL7J E07LtBfB*mh From 16f4b49c27c256eb925d8c19b62d5df2a44a2b92 Mon Sep 17 00:00:00 2001 From: arnaudgolfouse Date: Mon, 26 Feb 2024 13:54:33 +0100 Subject: [PATCH 21/66] Make TranslationCtx::error/warn return a DiagnosticBuilder This adds more control to the display of errors/warnings, like notes, 'help' sections... --- creusot/src/ctx.rs | 12 ++++++++---- creusot/src/run_why3.rs | 4 ++-- creusot/src/translation/function/terminator.rs | 5 +++-- creusot/src/validate.rs | 11 ++++++----- 4 files changed, 19 insertions(+), 13 deletions(-) diff --git a/creusot/src/ctx.rs b/creusot/src/ctx.rs index bdf9a6b9e9..b38cb6749e 100644 --- a/creusot/src/ctx.rs +++ b/creusot/src/ctx.rs @@ -243,16 +243,20 @@ impl<'tcx, 'sess> TranslationCtx<'tcx> { ) } - pub(crate) fn error(&self, span: Span, msg: &str) { - self.tcx.sess.span_err_with_code( + pub(crate) fn error( + &self, + span: Span, + msg: &str, + ) -> DiagnosticBuilder<'tcx, rustc_errors::ErrorGuaranteed> { + self.tcx.sess.struct_span_err_with_code( span, msg.to_string(), DiagnosticId::Error(String::from("creusot")), ) } - pub(crate) fn warn(&self, span: Span, msg: &str) { - self.tcx.sess.span_warn_with_code( + pub(crate) fn warn(&self, span: Span, msg: &str) -> DiagnosticBuilder<'tcx, ()> { + self.tcx.sess.struct_span_warn_with_code( span, msg.to_string(), DiagnosticId::Lint { diff --git a/creusot/src/run_why3.rs b/creusot/src/run_why3.rs index f0b95c89bb..a77b80b08f 100644 --- a/creusot/src/run_why3.rs +++ b/creusot/src/run_why3.rs @@ -76,7 +76,7 @@ pub(super) fn run_why3<'tcx>(ctx: &Why3Generator<'tcx>, file: Option) { "Prover reported {answer:?} (time: {time:?}, steps: {step:?}) when trying to solve goal {:?} {:?}", x.term.goal_name, x.term.explanations ); - ctx.error(span.unwrap_or_default(), &msg); + ctx.error(span.unwrap_or_default(), &msg).emit(); for model in x.prover_result.model_elems() { let span = span_map.decode_span(&model.location); let mut msg = format!("Model Element for {}\n", model.lsymbol.name); @@ -94,7 +94,7 @@ pub(super) fn run_why3<'tcx>(ctx: &Why3Generator<'tcx>, file: Option) { } Err(err) => { let msg = format!("error parsing why3 output {err:?}"); - ctx.error(DUMMY_SP, &msg) + ctx.error(DUMMY_SP, &msg).emit(); } } } diff --git a/creusot/src/translation/function/terminator.rs b/creusot/src/translation/function/terminator.rs index c09d670a25..7b96d6fcea 100644 --- a/creusot/src/translation/function/terminator.rs +++ b/creusot/src/translation/function/terminator.rs @@ -202,7 +202,7 @@ pub(crate) fn resolve_function<'tcx>( .expect("could not find instance"); if !method.0.is_local() && ctx.sig(method.0).contract.is_false() { - ctx.warn(sp, "calling an external function with no contract will yield an impossible precondition"); + ctx.warn(sp, "calling an external function with no contract will yield an impossible precondition").emit(); } return method; @@ -213,7 +213,8 @@ pub(crate) fn resolve_function<'tcx>( ctx.warn( sp, "calling an external function with no contract will yield an impossible precondition", - ); + ) + .emit(); } // ctx.translate(def_id); diff --git a/creusot/src/validate.rs b/creusot/src/validate.rs index e01c00e888..d57a5e7a47 100644 --- a/creusot/src/validate.rs +++ b/creusot/src/validate.rs @@ -33,7 +33,7 @@ pub(crate) fn validate_opacity(ctx: &mut TranslationCtx, item: DefId) -> Option< "Cannot make `{:?}` transparent in `{:?}` as it would call a less-visible item.", self.ctx.def_path_str(id), self.ctx.def_path_str(self.source_item) ), - ) + ).emit(); } } @@ -69,7 +69,7 @@ pub(crate) fn validate_opacity(ctx: &mut TranslationCtx, item: DefId) -> Option< if ctx.visibility(item) != Visibility::Restricted(parent_module(ctx.tcx, item)) && util::opacity_witness_name(ctx.tcx, item).is_none() { - ctx.error(ctx.def_span(item), "Non private definitions must have an explicit transparency. Please add #[open(..)] to your definition", ); + ctx.error(ctx.def_span(item), "Non private definitions must have an explicit transparency. Please add #[open(..)] to your definition").emit(); } let opacity = ctx.opacity(item).scope(); @@ -93,7 +93,7 @@ pub(crate) fn validate_traits(ctx: &mut TranslationCtx) { } for (_, sp) in law_violations { - ctx.error(sp, "Laws cannot have additional generic parameters"); + ctx.error(sp, "Laws cannot have additional generic parameters").emit(); } } @@ -120,7 +120,7 @@ pub(crate) fn validate_impls(ctx: &TranslationCtx) { trait_ref.print_only_trait_name() ) }; - ctx.error(ctx.def_span(impl_id.to_def_id()), &msg) + ctx.error(ctx.def_span(impl_id.to_def_id()), &msg).emit(); } let implementors = ctx.impl_item_implementor_ids(impl_id.to_def_id()); @@ -145,7 +145,8 @@ pub(crate) fn validate_impls(ctx: &TranslationCtx) { ctx.item_name(*impl_item), util::item_type(ctx.tcx, *impl_item).to_str() ), - ); + ) + .emit(); } } } From dbd44843fe40f4599cf2d34d2e027ef520a6e5c7 Mon Sep 17 00:00:00 2001 From: arnaudgolfouse Date: Mon, 26 Feb 2024 14:08:16 +0100 Subject: [PATCH 22/66] Rename the `Ghost` type to `Snapshot` --- README.md | 2 +- creusot-contracts-dummy/src/lib.rs | 5 ++- creusot-contracts-proc/src/invariant.rs | 6 +-- creusot-contracts-proc/src/lib.rs | 8 ++-- creusot-contracts/src/lib.rs | 22 ++++----- creusot-contracts/src/logic/ops.rs | 2 +- .../src/{ghost.rs => snapshot.rs} | 28 ++++++------ creusot-contracts/src/std/iter.rs | 8 ++-- creusot-contracts/src/std/iter/map_inv.rs | 36 +++++++-------- creusot-contracts/src/stubs.rs | 4 +- creusot/src/backend/program.rs | 2 +- creusot/src/backend/ty.rs | 4 +- creusot/src/cleanup_spec_closures.rs | 2 +- creusot/src/gather_spec_closures.rs | 45 +++++++++++-------- creusot/src/translation/function.rs | 18 ++++---- creusot/src/translation/function/statement.rs | 4 +- .../src/translation/function/terminator.rs | 5 +-- creusot/src/translation/pearlite.rs | 20 ++++----- creusot/src/translation/specification.rs | 8 ++-- creusot/src/util.rs | 16 ++++--- exercises/04_all_zero.rs | 2 +- prelude/prelude.mlw | 10 ++--- 22 files changed, 133 insertions(+), 124 deletions(-) rename creusot-contracts/src/{ghost.rs => snapshot.rs} (52%) diff --git a/README.md b/README.md index 91ff22aa29..097641ed0a 100644 --- a/README.md +++ b/README.md @@ -155,7 +155,7 @@ Contracts and logic functions are written in Pearlite, a specification language We also provide three new attributes on Rust functions: `ghost`, `logic` and `predicate`. A ghost function is marked with `#[ghost]`. It can be used in ghost code, to assign ghost -variables of the `Ghost` type. +variables of the `Snapshot` type. Marked `#[logic]` or `#[predicate]`, a function can be used in specs and other logical conditions (`requires`/`ensures` and `invariant`). They can use ghost functions. The two attributes have the following difference. diff --git a/creusot-contracts-dummy/src/lib.rs b/creusot-contracts-dummy/src/lib.rs index 34da7077b9..c7a952d901 100644 --- a/creusot-contracts-dummy/src/lib.rs +++ b/creusot-contracts-dummy/src/lib.rs @@ -28,8 +28,9 @@ pub fn proof_assert(_: TS1) -> TS1 { } #[proc_macro] -pub fn gh(_: TS1) -> TS1 { - quote::quote! { creusot_contracts::ghost::Ghost::from_fn(|| std::process::abort()) }.into() +pub fn snapshot(_: TS1) -> TS1 { + quote::quote! { creusot_contracts::snapshot::Snapshot::from_fn(|| std::process::abort()) } + .into() } #[proc_macro_attribute] diff --git a/creusot-contracts-proc/src/invariant.rs b/creusot-contracts-proc/src/invariant.rs index bce8c2bcb3..dd09700161 100644 --- a/creusot-contracts-proc/src/invariant.rs +++ b/creusot-contracts-proc/src/invariant.rs @@ -144,8 +144,8 @@ fn desugar_for(mut invariants: Vec, f: ExprForLoop) -> TokenStream { quote! { { let mut #it = ::std::iter::IntoIterator::into_iter(#iter); - let #iter_old = gh! { #it }; - let mut #produced = gh! { ::creusot_contracts::logic::Seq::EMPTY }; + let #iter_old = snapshot! { #it }; + let mut #produced = snapshot! { ::creusot_contracts::logic::Seq::EMPTY }; #(#invariants;)* #(#outer)* #lbl @@ -153,7 +153,7 @@ fn desugar_for(mut invariants: Vec, f: ExprForLoop) -> TokenStream { #(#inner)* match ::std::iter::Iterator::next(&mut #it) { Some(#elem) => { - #produced = gh! { #produced.inner().concat(::creusot_contracts::logic::Seq::singleton(#elem)) }; + #produced = snapshot! { #produced.inner().concat(::creusot_contracts::logic::Seq::singleton(#elem)) }; let #pat = #elem; #body }, diff --git a/creusot-contracts-proc/src/lib.rs b/creusot-contracts-proc/src/lib.rs index 9a4cc1b018..bf4a3cf717 100644 --- a/creusot-contracts-proc/src/lib.rs +++ b/creusot-contracts-proc/src/lib.rs @@ -405,17 +405,17 @@ pub fn proof_assert(assertion: TS1) -> TS1 { } #[proc_macro] -pub fn gh(assertion: TS1) -> TS1 { +pub fn snapshot(assertion: TS1) -> TS1 { let assert = parse_macro_input!(assertion as Assertion); let assert_body = pretyping::encode_block(&assert.0).unwrap(); TS1::from(quote! { { - ::creusot_contracts::__stubs::ghost_from_fn( + ::creusot_contracts::__stubs::snapshot_from_fn( #[creusot::no_translate] #[creusot::spec] - #[creusot::spec::ghost] - || { ::creusot_contracts::ghost::Ghost::new (#assert_body) } + #[creusot::spec::snapshot] + || { ::creusot_contracts::snapshot::Snapshot::new (#assert_body) } ) } }) diff --git a/creusot-contracts/src/lib.rs b/creusot-contracts/src/lib.rs index 44b345dedb..5ef8b382e1 100644 --- a/creusot-contracts/src/lib.rs +++ b/creusot-contracts/src/lib.rs @@ -20,7 +20,7 @@ mod macros { /// A post-condition of a function or trait item pub use creusot_contracts_proc::ensures; - pub use creusot_contracts_proc::gh; + pub use creusot_contracts_proc::snapshot; /// A loop invariant /// The first argument should be a name for the invariant @@ -97,7 +97,7 @@ mod macros { /// A post-condition of a function or trait item pub use creusot_contracts_dummy::ensures; - pub use creusot_contracts_dummy::gh; + pub use creusot_contracts_dummy::snapshot; /// A loop invariant /// The first argument should be a name for the invariant @@ -179,27 +179,27 @@ pub mod std; pub mod num_rational; #[cfg(creusot)] -pub mod ghost; +pub mod snapshot; #[cfg(not(creusot))] -pub mod ghost { - pub struct Ghost(std::marker::PhantomData) +pub mod snapshot { + pub struct Snapshot(std::marker::PhantomData) where T: ?Sized; - impl Ghost { + impl Snapshot { pub fn from_fn(_: fn() -> T) -> Self { - Ghost(std::marker::PhantomData) + Snapshot(std::marker::PhantomData) } } - impl Clone for Ghost { + impl Clone for Snapshot { fn clone(&self) -> Self { - Ghost(std::marker::PhantomData) + Snapshot(std::marker::PhantomData) } } - impl Copy for Ghost {} + impl Copy for Snapshot {} } pub mod ghost_ptr; @@ -211,11 +211,11 @@ pub mod well_founded; // We add some common things at the root of the creusot-contracts library pub use crate::{ - ghost::Ghost, logic::{IndexLogic as _, Int, OrdLogic, Seq}, macros::*, model::{DeepModel, ShallowModel}, resolve::Resolve, + snapshot::Snapshot, std::{ // Shadow std::prelude by our version. // For Clone and PartialEq, this is important for the derive macro. diff --git a/creusot-contracts/src/logic/ops.rs b/creusot-contracts/src/logic/ops.rs index 9a9b09fefb..80339c0be6 100644 --- a/creusot-contracts/src/logic/ops.rs +++ b/creusot-contracts/src/logic/ops.rs @@ -77,7 +77,7 @@ impl IndexLogic for [T; N] { } } -impl IndexLogic for Ghost> { +impl IndexLogic for Snapshot> { type Item = T; #[ghost] diff --git a/creusot-contracts/src/ghost.rs b/creusot-contracts/src/snapshot.rs similarity index 52% rename from creusot-contracts/src/ghost.rs rename to creusot-contracts/src/snapshot.rs index f9fae61c9d..b0da99475c 100644 --- a/creusot-contracts/src/ghost.rs +++ b/creusot-contracts/src/snapshot.rs @@ -1,24 +1,24 @@ use crate::{std::ops::Deref, *}; -#[cfg_attr(creusot, creusot::builtins = "prelude.Ghost.ghost_ty")] -pub struct Ghost(std::marker::PhantomData) +#[cfg_attr(creusot, creusot::builtins = "prelude.Snapshot.snap_ty")] +pub struct Snapshot(pub(crate) std::marker::PhantomData) where T: ?Sized; -impl Deref for Ghost { +impl Deref for Snapshot { type Target = T; #[trusted] #[ghost] #[open(self)] - #[rustc_diagnostic_item = "ghost_deref"] - #[creusot::builtins = "prelude.Ghost.inner"] + #[rustc_diagnostic_item = "snapshot_deref"] + #[creusot::builtins = "prelude.Snapshot.inner"] fn deref(&self) -> &Self::Target { pearlite! { absurd } } } -impl ShallowModel for Ghost { +impl ShallowModel for Snapshot { type ShallowModelTy = T::ShallowModelTy; #[ghost] @@ -28,28 +28,28 @@ impl ShallowModel for Ghost { } } -impl Clone for Ghost { +impl Clone for Snapshot { fn clone(&self) -> Self { - gh! { **self } + snapshot! { **self } } } -impl Copy for Ghost {} +impl Copy for Snapshot {} -impl Ghost { +impl Snapshot { #[trusted] #[ghost] #[open(self)] - #[creusot::builtins = "prelude.Ghost.new"] - pub fn new(_: T) -> Ghost { + #[creusot::builtins = "prelude.Snapshot.new"] + pub fn new(_: T) -> Snapshot { pearlite! { absurd } } #[trusted] #[ghost] #[open(self)] - #[rustc_diagnostic_item = "ghost_inner"] - #[creusot::builtins = "prelude.Ghost.inner"] + #[rustc_diagnostic_item = "snapshot_inner"] + #[creusot::builtins = "prelude.Snapshot.inner"] pub fn inner(self) -> T where T: Sized, // TODO: don't require T: Sized here. Problem: return type is T. diff --git a/creusot-contracts/src/std/iter.rs b/creusot-contracts/src/std/iter.rs index 05c9871b5d..e2618d2bfb 100644 --- a/creusot-contracts/src/std/iter.rs +++ b/creusot-contracts/src/std/iter.rs @@ -40,16 +40,16 @@ pub trait Iterator: ::std::iter::Iterator { #[ensures(a.produces(ab.concat(bc), c))] fn produces_trans(a: Self, ab: Seq, b: Self, bc: Seq, c: Self); - #[requires(forall self.produces(Seq::singleton(e), i2) ==> func.precondition((e, Ghost::new(Seq::EMPTY))))] + #[requires(forall self.produces(Seq::singleton(e), i2) ==> func.precondition((e, Snapshot::new(Seq::EMPTY))))] #[requires(MapInv::::reinitialize())] #[requires(MapInv::::preservation(self, func))] - #[ensures(result == MapInv { iter: self, func, produced: Ghost::new(Seq::EMPTY) })] + #[ensures(result == MapInv { iter: self, func, produced: Snapshot::new(Seq::EMPTY) })] fn map_inv(self, func: F) -> MapInv where Self: Sized, - F: FnMut(Self::Item, Ghost>) -> B, + F: FnMut(Self::Item, Snapshot>) -> B, { - MapInv { iter: self, func, produced: gh! {Seq::EMPTY} } + MapInv { iter: self, func, produced: snapshot! {Seq::EMPTY} } } } diff --git a/creusot-contracts/src/std/iter/map_inv.rs b/creusot-contracts/src/std/iter/map_inv.rs index 355637eee6..406f74abf7 100644 --- a/creusot-contracts/src/std/iter/map_inv.rs +++ b/creusot-contracts/src/std/iter/map_inv.rs @@ -3,10 +3,10 @@ use crate::{invariant::Invariant, *}; pub struct MapInv { pub iter: I, pub func: F, - pub produced: Ghost>, + pub produced: Snapshot>, } -impl>) -> B> Iterator +impl>) -> B> Iterator for MapInv { #[open] @@ -44,8 +44,8 @@ impl>) -> B> Iterator else { *fs[0] == self.func && ^fs[visited.len() - 1] == succ.func } && forall 0 <= i && i < visited.len() ==> self.func.unnest(*fs[i]) - && (*fs[i]).precondition((s[i], Ghost::new(self.produced.concat(s.subsequence(0, i))))) - && fs[i].postcondition_mut((s[i], Ghost::new(self.produced.concat(s.subsequence(0, i)))), visited[i]) + && (*fs[i]).precondition((s[i], Snapshot::new(self.produced.concat(s.subsequence(0, i))))) + && fs[i].postcondition_mut((s[i], Snapshot::new(self.produced.concat(s.subsequence(0, i)))), visited[i]) } } } @@ -59,7 +59,7 @@ impl Resolve for MapInv { } } -impl>) -> B> Invariant +impl>) -> B> Invariant for MapInv { // Should not quantify over self or the `invariant` cannot be made into a type invariant @@ -74,7 +74,7 @@ impl>) -> B> Invariant } } -impl>) -> B> ::std::iter::Iterator +impl>) -> B> ::std::iter::Iterator for MapInv { type Item = B; @@ -84,35 +84,35 @@ impl>) -> B> ::std::iter::I Some(v) => (*self).produces_one(v, ^self) })] fn next(&mut self) -> Option { - let old_self: Ghost = gh! { *self }; + let old_self: Snapshot = snapshot! { *self }; match self.iter.next() { Some(v) => { proof_assert! { self.func.precondition((v, self.produced)) }; - let produced = gh! { self.produced.push(v) }; + let produced = snapshot! { self.produced.push(v) }; let r = (self.func)(v, self.produced); self.produced = produced; #[allow(path_statements)] - let _: Ghost<()> = gh! { { Self::produces_one_invariant; () } }; + let _: Snapshot<()> = snapshot! { { Self::produces_one_invariant; () } }; proof_assert! { old_self.produces_one(r, *self) }; let _ = self; // Make sure self is not resolve until here. Some(r) } None => { - self.produced = gh! { Seq::EMPTY }; + self.produced = snapshot! { Seq::EMPTY }; None } } } } -impl>) -> B> MapInv { +impl>) -> B> MapInv { #[open] #[predicate] pub fn next_precondition(iter: I, func: F, produced: Seq) -> bool { pearlite! { forall iter.produces(Seq::singleton(e), i) ==> - func.precondition((e, Ghost::new(produced))) + func.precondition((e, Snapshot::new(produced))) } } @@ -123,9 +123,9 @@ impl>) -> B> MapInv, e1: I::Item, e2: I::Item, f: &mut F, b: B, i: I> func.unnest(*f) ==> iter.produces(s.push(e1).push(e2), i) ==> - (*f).precondition((e1, Ghost::new(produced.concat(s)))) ==> - f.postcondition_mut((e1, Ghost::new(produced.concat(s))), b) ==> - (^f).precondition((e2, Ghost::new(produced.concat(s).push(e1)))) + (*f).precondition((e1, Snapshot::new(produced.concat(s)))) ==> + f.postcondition_mut((e1, Snapshot::new(produced.concat(s))), b) ==> + (^f).precondition((e2, Snapshot::new(produced.concat(s).push(e1)))) } } @@ -136,9 +136,9 @@ impl>) -> B> MapInv, e1: I::Item, e2: I::Item, f: &mut F, b: B, i: I> func.unnest(*f) ==> iter.produces(s.push(e1).push(e2), i) ==> - (*f).precondition((e1, Ghost::new(s))) ==> - f.postcondition_mut((e1, Ghost::new(s)), b) ==> - (^f).precondition((e2, Ghost::new(s.push(e1)))) + (*f).precondition((e1, Snapshot::new(s))) ==> + f.postcondition_mut((e1, Snapshot::new(s)), b) ==> + (^f).precondition((e2, Snapshot::new(s.push(e1)))) } } diff --git a/creusot-contracts/src/stubs.rs b/creusot-contracts/src/stubs.rs index dacfcf1604..af1e7a3868 100644 --- a/creusot-contracts/src/stubs.rs +++ b/creusot-contracts/src/stubs.rs @@ -58,8 +58,8 @@ pub fn variant_check(_: R) -> Box< pub fn closure_result(_: R, _: R) {} #[creusot::no_translate] -#[rustc_diagnostic_item = "ghost_from_fn"] -pub fn ghost_from_fn crate::Ghost>(_: F) -> crate::Ghost { +#[rustc_diagnostic_item = "snapshot_from_fn"] +pub fn snapshot_from_fn crate::Snapshot>(_: F) -> crate::Snapshot { panic!() } diff --git a/creusot/src/backend/program.rs b/creusot/src/backend/program.rs index 131f97d1d5..17589b051c 100644 --- a/creusot/src/backend/program.rs +++ b/creusot/src/backend/program.rs @@ -189,7 +189,7 @@ fn collect_body_ids<'tcx>(ctx: &mut TranslationCtx<'tcx>, def_id: DefId) -> Opti .collect::>(); ids.extend(promoted.iter().filter_map(|(p, p_ty)| { - if util::ghost_closure_id(ctx.tcx, *p_ty).is_none() { + if util::snapshot_closure_id(ctx.tcx, *p_ty).is_none() { Some(BodyId::new(def_id.expect_local(), Some(*p))) } else { None diff --git a/creusot/src/backend/ty.rs b/creusot/src/backend/ty.rs index c74558f1e4..ae04467845 100644 --- a/creusot/src/backend/ty.rs +++ b/creusot/src/backend/ty.rs @@ -481,7 +481,7 @@ fn field_ty<'tcx>( let ty = ctx.try_normalize_erasing_regions(param_env, ty).unwrap_or(ty); if !validate_field_ty(ctx, did, ty) { - ctx.crash_and_error(ctx.def_span(field.did), "Illegal use of the Ghost type") + ctx.crash_and_error(ctx.def_span(field.did), "Illegal use of the Snapshot type") } translate_ty_inner(TyTranslation::Declaration(did), ctx, names, ctx.def_span(field.did), ty) @@ -492,7 +492,7 @@ fn validate_field_ty<'tcx>(ctx: &mut Why3Generator<'tcx>, adt_did: DefId, ty: Ty let bg = ctx.binding_group(adt_did); !ty.walk().filter_map(ty::GenericArg::as_type).any(|ty| { - util::is_ghost_ty(tcx, ty) + util::is_snap_ty(tcx, ty) && ty.walk().filter_map(ty::GenericArg::as_type).any(|ty| match ty.kind() { TyKind::Adt(adt_def, _) => bg.contains(&adt_def.did()), // TyKind::Param(_) => true, diff --git a/creusot/src/cleanup_spec_closures.rs b/creusot/src/cleanup_spec_closures.rs index b62c5d5b62..f009d0cf70 100644 --- a/creusot/src/cleanup_spec_closures.rs +++ b/creusot/src/cleanup_spec_closures.rs @@ -81,7 +81,7 @@ impl<'tcx> MutVisitor<'tcx> for NoTranslateNoMoves<'tcx> { match rvalue { Rvalue::Aggregate(box AggregateKind::Closure(def_id, _), substs) => { if util::is_no_translate(self.tcx, *def_id) - || util::is_ghost_closure(self.tcx, *def_id) + || util::is_snapshot_closure(self.tcx, *def_id) { substs.iter_mut().for_each(|p| { if p.is_move() { diff --git a/creusot/src/gather_spec_closures.rs b/creusot/src/gather_spec_closures.rs index 76376d169d..af957da5cd 100644 --- a/creusot/src/gather_spec_closures.rs +++ b/creusot/src/gather_spec_closures.rs @@ -3,7 +3,7 @@ use indexmap::{IndexMap, IndexSet}; use crate::{ ctx::TranslationCtx, pearlite::Term, - util::{self, ghost_closure_id}, + util::{self, snapshot_closure_id}, }; use rustc_data_structures::graph::WithSuccessors; use rustc_hir::def_id::DefId; @@ -18,25 +18,32 @@ pub enum LoopSpecKind { Variant, } -pub(crate) fn assertions_and_ghosts<'tcx>( - ctx: &mut TranslationCtx<'tcx>, - body: &Body<'tcx>, -) -> IndexMap> { - let mut visitor = Closures::new(ctx.tcx); - visitor.visit_body(&body); - - let mut assertions: IndexMap<_, _> = Default::default(); - for clos in visitor.closures.into_iter() { - if util::is_assertion(ctx.tcx, clos) { - let term = ctx.term(clos).unwrap().clone(); - assertions.insert(clos, term); - } else if util::is_ghost_closure(ctx.tcx, clos) { - let term = ctx.term(clos).unwrap().clone(); - // A hack should probably be separately tracked - assertions.insert(clos, term); +/// Collect spec-related special closures in a mir [`Body`]. +pub(crate) struct SpecClosures<'tcx> { + /// Closures generated by `proof_assert!` + pub(crate) assertions: IndexMap>, + /// Closures generated by `snapshot!` + pub(crate) snapshots: IndexMap>, +} + +impl<'tcx> SpecClosures<'tcx> { + pub(crate) fn collect(ctx: &mut TranslationCtx<'tcx>, body: &Body<'tcx>) -> Self { + let mut visitor = Closures::new(ctx.tcx); + visitor.visit_body(&body); + + let mut assertions = IndexMap::new(); + let mut snapshots = IndexMap::new(); + for clos in visitor.closures.into_iter() { + if util::is_assertion(ctx.tcx, clos) { + let term = ctx.term(clos).unwrap().clone(); + assertions.insert(clos, term); + } else if util::is_snapshot_closure(ctx.tcx, clos) { + let term = ctx.term(clos).unwrap().clone(); + snapshots.insert(clos, term); + } } + Self { assertions, snapshots } } - assertions } // Collect the closures in thir, so that we can do typechecking ourselves, and @@ -59,7 +66,7 @@ impl<'tcx> Visitor<'tcx> for Closures<'tcx> { self.closures.insert(*id); } Rvalue::Use(Operand::Constant(box ck)) => { - if let Some(def_id) = ghost_closure_id(self.tcx, ck.const_.ty()) { + if let Some(def_id) = snapshot_closure_id(self.tcx, ck.const_.ty()) { self.closures.insert(def_id); } } diff --git a/creusot/src/translation/function.rs b/creusot/src/translation/function.rs index 49c8a5fa5f..c1d835d8e3 100644 --- a/creusot/src/translation/function.rs +++ b/creusot/src/translation/function.rs @@ -8,9 +8,7 @@ use crate::{ backend::ty::closure_accessors, ctx::*, fmir::{self, Expr}, - gather_spec_closures::{ - assertions_and_ghosts, corrected_invariant_names_and_locations, LoopSpecKind, - }, + gather_spec_closures::{corrected_invariant_names_and_locations, LoopSpecKind, SpecClosures}, resolve::EagerResolver, translation::{ fmir::LocalDecl, @@ -61,7 +59,7 @@ pub struct BodyTranslator<'body, 'tcx> { resolver: Option>, - // Spec / Ghost variables + // Spec / Snapshot variables erased_locals: BitSet, // Current block being generated @@ -77,7 +75,10 @@ pub struct BodyTranslator<'body, 'tcx> { invariants: IndexMap)>>, + /// Map of the `proof_assert!` blocks to their translated version. assertions: IndexMap>, + /// Map of the `snapshot!` blocks to their translated version. + snapshots: IndexMap>, borrows: Option>>, @@ -95,12 +96,12 @@ impl<'body, 'tcx> BodyTranslator<'body, 'tcx> { body_id: BodyId, ) -> Self { let invariants = corrected_invariant_names_and_locations(ctx, &body); - let assertions = assertions_and_ghosts(ctx, &body); + let SpecClosures { assertions, snapshots } = SpecClosures::collect(ctx, &body); let mut erased_locals = BitSet::new_empty(body.local_decls.len()); body.local_decls.iter_enumerated().for_each(|(local, decl)| { if let TyKind::Closure(def_id, _) = decl.ty.peel_refs().kind() { - if crate::util::is_spec(tcx, *def_id) || util::is_ghost_closure(tcx, *def_id) { + if crate::util::is_spec(tcx, *def_id) || util::is_snapshot_closure(tcx, *def_id) { erased_locals.insert(local); } } @@ -117,9 +118,6 @@ impl<'body, 'tcx> BodyTranslator<'body, 'tcx> { with_facts.region_inference_context.clone(), ); - // eprintln!("body of {}", tcx.def_path_str(body_id.def_id())); - // resolver.debug(with_facts.regioncx.clone()); - (Some(resolver), Some(borrows)) } Some(_) => (None, None), @@ -141,6 +139,7 @@ impl<'body, 'tcx> BodyTranslator<'body, 'tcx> { fresh_id: body.basic_blocks.len(), invariants, assertions, + snapshots, borrows, } } @@ -151,6 +150,7 @@ impl<'body, 'tcx> BodyTranslator<'body, 'tcx> { let arg_count = self.body.arg_count; assert!(self.assertions.is_empty(), "unused assertions"); + assert!(self.snapshots.is_empty(), "unused snapshots"); assert!(self.invariants.is_empty(), "unused invariants"); fmir::Body { locals: self.vars, arg_count, blocks: self.past_blocks } diff --git a/creusot/src/translation/function/statement.rs b/creusot/src/translation/function/statement.rs index 5f65ee8008..f59e977f42 100644 --- a/creusot/src/translation/function/statement.rs +++ b/creusot/src/translation/function/statement.rs @@ -6,7 +6,7 @@ use crate::{ fmir::{self, Expr, ExprKind, RValue}, specification::inv_subst, }, - util::{self, ghost_closure_id}, + util::{self, snapshot_closure_id}, }; use rustc_borrowck::borrow_set::TwoPhaseActivation; use rustc_middle::{ @@ -79,7 +79,7 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { Rvalue::Use(op) => match op { Move(_pl) | Copy(_pl) => self.translate_operand(op).kind, Constant(box c) => { - if ghost_closure_id(self.tcx, c.const_.ty()).is_some() { + if snapshot_closure_id(self.tcx, c.const_.ty()).is_some() { return; }; crate::constant::from_mir_constant(self.param_env(), self.ctx, c).kind diff --git a/creusot/src/translation/function/terminator.rs b/creusot/src/translation/function/terminator.rs index 7b96d6fcea..f6b2052e95 100644 --- a/creusot/src/translation/function/terminator.rs +++ b/creusot/src/translation/function/terminator.rs @@ -69,11 +69,10 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { } let (fun_def_id, subst) = func_defid(func).expect("expected call with function"); - if Some(fun_def_id) == self.tcx.get_diagnostic_item(Symbol::intern("ghost_from_fn")) - { + if self.tcx.is_diagnostic_item(Symbol::intern("snapshot_from_fn"), fun_def_id) { let GenericArgKind::Type(ty) = subst.get(1).unwrap().unpack() else { panic!() }; let TyKind::Closure(def_id, _) = ty.kind() else { panic!() }; - let mut assertion = self.assertions.remove(def_id).unwrap(); + let mut assertion = self.snapshots.remove(def_id).unwrap(); assertion.subst(&inv_subst(self.body, &self.locals, terminator.source_info)); self.check_ghost_term(&assertion, location); self.emit_ghost_assign(*destination, assertion, span); diff --git a/creusot/src/translation/pearlite.rs b/creusot/src/translation/pearlite.rs index 690f71e7bc..5a8d286781 100644 --- a/creusot/src/translation/pearlite.rs +++ b/creusot/src/translation/pearlite.rs @@ -15,7 +15,7 @@ use crate::{ error::{CrErr, CreusotResult, Error}, projection_vec::{visit_projections, visit_projections_mut, ProjectionVec}, translation::TranslationCtx, - util::{self, is_ghost_ty}, + util::{self, is_snap_ty}, }; use itertools::Itertools; use log::*; @@ -840,16 +840,16 @@ impl<'a, 'tcx> ThirTerm<'a, 'tcx> { )) } ExprKind::Deref { arg } => { - // Detect * ghost_deref & and treat that as a single 'projection' - if self.is_ghost_deref(*arg) { + // Detect * snapshot_deref & and treat that as a single 'projection' + if self.is_snapshot_deref(*arg) { let ExprKind::Call { args, .. } = &self.thir[*arg].kind else { unreachable!() }; let ExprKind::Borrow { borrow_kind: BorrowKind::Shared, arg } = self.thir[args[0]].kind else { unreachable!() }; let (cur, fin) = self.logical_reborrow_inner(arg)?; let deref_method = - self.ctx.get_diagnostic_item(Symbol::intern("ghost_inner")).unwrap(); - // Extract the `T` from `Ghost` - let TyKind::Adt(_, subst) = self.thir[arg].ty.peel_refs().kind() else {unreachable!()}; + self.ctx.get_diagnostic_item(Symbol::intern("snapshot_inner")).unwrap(); + // Extract the `T` from `Snapshot` + let TyKind::Adt(_, subst) = self.thir[arg].ty.peel_refs().kind() else { unreachable!() }; return Ok(( Term::call(self.ctx.tcx, deref_method, subst, vec![cur]), Term::call(self.ctx.tcx, deref_method, subst, vec![fin]), @@ -918,8 +918,8 @@ impl<'a, 'tcx> ThirTerm<'a, 'tcx> { Ok(res) } ExprKind::Deref { arg } => { - // Detect * ghost_deref & and treat that as a single 'projection' - if self.is_ghost_deref(*arg) { + // Detect * snapshot_deref & and treat that as a single 'projection' + if self.is_snapshot_deref(*arg) { let ExprKind::Call { args, .. } = &self.thir[*arg].kind else { unreachable!() }; let ExprKind::Borrow { borrow_kind: BorrowKind::Shared, arg } = self.thir[args[0]].kind else { unreachable!() }; @@ -956,7 +956,7 @@ impl<'a, 'tcx> ThirTerm<'a, 'tcx> { } } - pub(crate) fn is_ghost_deref(&self, expr_id: ExprId) -> bool { + pub(crate) fn is_snapshot_deref(&self, expr_id: ExprId) -> bool { let ExprKind::Call { ty, .. } = &self.thir[expr_id].kind else { return false }; let TyKind::FnDef(id, sub) = ty.kind() else { panic!("expected function type") }; @@ -965,7 +965,7 @@ impl<'a, 'tcx> ThirTerm<'a, 'tcx> { return false; } - sub[0].as_type().map(|ty| is_ghost_ty(self.ctx.tcx, ty)).unwrap_or(false) + sub[0].as_type().map(|ty| is_snap_ty(self.ctx.tcx, ty)).unwrap_or(false) } fn mk_projection(&self, lhs: Term<'tcx>, name: FieldIdx) -> Result, Error> { diff --git a/creusot/src/translation/specification.rs b/creusot/src/translation/specification.rs index 23907d2737..5929eabae7 100644 --- a/creusot/src/translation/specification.rs +++ b/creusot/src/translation/specification.rs @@ -302,7 +302,7 @@ pub(crate) fn is_overloaded_item(tcx: TyCtxt, def_id: DefId) -> bool { || def_path.ends_with("::boxed::Box::::new") || def_path.ends_with("::ops::Deref::deref") || def_path.ends_with("::ops::DerefMut::deref_mut") - || def_path.ends_with("Ghost::::from_fn") + || def_path.ends_with("Snapshot::::from_fn") } #[derive(Clone, Copy, PartialEq, Eq, Debug)] @@ -314,13 +314,13 @@ pub(crate) enum Purity { impl Purity { pub(crate) fn of_def_id<'tcx>(tcx: TyCtxt<'tcx>, def_id: DefId) -> Self { - let is_ghost = util::is_ghost_closure(tcx, def_id); + let is_snapshot = util::is_snapshot_closure(tcx, def_id); if util::is_predicate(tcx, def_id) || util::is_logic(tcx, def_id) - || (util::is_spec(tcx, def_id) && !is_ghost) + || (util::is_spec(tcx, def_id) && !is_snapshot) { Purity::Logic - } else if util::is_ghost(tcx, def_id) || is_ghost { + } else if util::is_ghost(tcx, def_id) || is_snapshot { Purity::Ghost } else { Purity::Program diff --git a/creusot/src/util.rs b/creusot/src/util.rs index da12223eb5..dc81964b52 100644 --- a/creusot/src/util.rs +++ b/creusot/src/util.rs @@ -65,21 +65,23 @@ pub(crate) fn is_assertion(tcx: TyCtxt, def_id: DefId) -> bool { get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "spec", "assert"]).is_some() } -pub(crate) fn is_ghost_closure(tcx: TyCtxt, def_id: DefId) -> bool { - get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "spec", "ghost"]).is_some() +pub(crate) fn is_snapshot_closure(tcx: TyCtxt, def_id: DefId) -> bool { + get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "spec", "snapshot"]).is_some() } -pub(crate) fn ghost_closure_id<'tcx>(tcx: TyCtxt<'tcx>, ty: Ty<'tcx>) -> Option { - if let TyKind::Closure(def_id, _) = ty.peel_refs().kind() && is_ghost_closure(tcx, *def_id) { +pub(crate) fn snapshot_closure_id<'tcx>(tcx: TyCtxt<'tcx>, ty: Ty<'tcx>) -> Option { + if let TyKind::Closure(def_id, _) = ty.peel_refs().kind() && is_snapshot_closure(tcx, *def_id) { Some(*def_id) - } else { None } + } else { + None + } } -pub(crate) fn is_ghost_ty<'tcx>(tcx: TyCtxt<'tcx>, ty: Ty<'tcx>) -> bool { +pub(crate) fn is_snap_ty<'tcx>(tcx: TyCtxt<'tcx>, ty: Ty<'tcx>) -> bool { let r: Option = try { let adt = ty.ty_adt_def()?; let builtin = get_builtin(tcx, adt.did())?; - builtin.as_str() == "prelude.Ghost.ghost_ty" + builtin.as_str() == "prelude.Snapshot.snap_ty" }; r.unwrap_or(false) } diff --git a/exercises/04_all_zero.rs b/exercises/04_all_zero.rs index 2395529747..12b2aeef44 100644 --- a/exercises/04_all_zero.rs +++ b/exercises/04_all_zero.rs @@ -5,7 +5,7 @@ use creusot_contracts::*; // Also show that no elements were added or removed pub fn all_zero(v: &mut Vec) { let mut i = 0; - let old_v = gh! { v }; + let old_v = snapshot! { v }; // Until https://gitlab.inria.fr/why3/why3/-/merge_requests/667 is merged // the following invariant is needed to allow Why3 to remember prophecies dont change #[invariant(proph_const, ^v == ^old_v.inner())] diff --git a/prelude/prelude.mlw b/prelude/prelude.mlw index a132033874..44aeeb6fd8 100644 --- a/prelude/prelude.mlw +++ b/prelude/prelude.mlw @@ -214,12 +214,12 @@ module Char axiom chr_code: forall c. chr (code c) = c end -module Ghost - type ghost_ty 't - val function new (ghost x : 't) : ghost_ty 't - val function inner (x : ghost_ty 't) : 't +module Snapshot + type snap_ty 't + val function new (ghost x : 't) : snap_ty 't + val function inner (x : snap_ty 't) : 't axiom new_spec: forall x: 't [new x]. inner (new x) = x - axiom inner_spec: forall x: ghost_ty 't [inner x]. new (inner x) = x + axiom inner_spec: forall x: snap_ty 't [inner x]. new (inner x) = x end module Slice From d41f576a577faed5688d3752421242b915955e5c Mon Sep 17 00:00:00 2001 From: arnaudgolfouse Date: Wed, 28 Feb 2024 11:22:18 +0100 Subject: [PATCH 23/66] rename ghost, logic and predicate functions `#[ghost]` -> `#[logic]` `#[logic]` -> `#[logic(prophetic)]` `#[predicate]` -> `#[predicate]` and `#[predicate(prophetic)]` --- ARCHITECTURE.md | 2 +- README.md | 7 +- creusot-contracts-dummy/src/lib.rs | 5 -- .../src/derive/deep_model.rs | 2 +- creusot-contracts-proc/src/derive/resolve.rs | 2 +- creusot-contracts-proc/src/lib.rs | 84 ++++++++----------- creusot-contracts/src/ghost_ptr.rs | 16 ++-- creusot-contracts/src/invariant.rs | 2 +- creusot-contracts/src/lib.rs | 82 +++++++++++++----- creusot-contracts/src/logic/fmap.rs | 36 ++++---- creusot-contracts/src/logic/fset.rs | 16 ++-- creusot-contracts/src/logic/int.rs | 12 +-- creusot-contracts/src/logic/mapping.rs | 6 +- creusot-contracts/src/logic/ops.rs | 16 ++-- creusot-contracts/src/logic/ord.rs | 34 ++++---- creusot-contracts/src/logic/seq.rs | 22 ++--- creusot-contracts/src/logic/set.rs | 12 +-- creusot-contracts/src/model.rs | 22 ++--- creusot-contracts/src/num_rational.rs | 16 ++-- creusot-contracts/src/resolve.rs | 8 +- creusot-contracts/src/snapshot.rs | 8 +- creusot-contracts/src/std/array.rs | 4 +- creusot-contracts/src/std/boxed.rs | 4 +- creusot-contracts/src/std/cmp.rs | 4 +- creusot-contracts/src/std/default.rs | 2 +- creusot-contracts/src/std/deque.rs | 12 +-- creusot-contracts/src/std/iter.rs | 6 +- creusot-contracts/src/std/iter/cloned.rs | 10 +-- creusot-contracts/src/std/iter/copied.rs | 10 +-- creusot-contracts/src/std/iter/empty.rs | 2 +- creusot-contracts/src/std/iter/enumerate.rs | 16 ++-- creusot-contracts/src/std/iter/fuse.rs | 6 +- creusot-contracts/src/std/iter/map_inv.rs | 20 ++--- creusot-contracts/src/std/iter/once.rs | 4 +- creusot-contracts/src/std/iter/range.rs | 6 +- creusot-contracts/src/std/iter/repeat.rs | 2 +- creusot-contracts/src/std/iter/skip.rs | 14 ++-- creusot-contracts/src/std/iter/take.rs | 18 ++-- creusot-contracts/src/std/iter/zip.rs | 12 +-- creusot-contracts/src/std/num.rs | 4 +- creusot-contracts/src/std/ops.rs | 12 +-- creusot-contracts/src/std/option.rs | 16 ++-- creusot-contracts/src/std/result.rs | 2 +- creusot-contracts/src/std/slice.rs | 28 +++---- creusot-contracts/src/std/time.rs | 16 ++-- creusot-contracts/src/std/tuples.rs | 6 +- creusot-contracts/src/std/vec.rs | 12 +-- creusot-contracts/src/util.rs | 8 +- creusot/src/backend.rs | 9 +- creusot/src/backend/logic.rs | 4 +- creusot/src/backend/ty.rs | 2 +- creusot/src/ctx.rs | 2 +- creusot/src/translation.rs | 1 - creusot/src/translation/pearlite.rs | 2 +- creusot/src/translation/specification.rs | 44 ++++++---- creusot/src/util.rs | 53 ++++++------ creusot/src/validate.rs | 11 +-- 57 files changed, 416 insertions(+), 378 deletions(-) diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md index eafaf886d0..b23aa48468 100644 --- a/ARCHITECTURE.md +++ b/ARCHITECTURE.md @@ -151,7 +151,7 @@ Instead, we replace the `discriminant` / `switchInt` pair with a match directly ## Logical functions -Logical functions are created by `#[ghost]`, `#[logic]`, or `#[predicate]`. +Logical functions are created by `#[logic]` or `#[predicate]`. ## Specifications diff --git a/README.md b/README.md index 097641ed0a..657c4eaab8 100644 --- a/README.md +++ b/README.md @@ -152,15 +152,14 @@ Contracts and logic functions are written in Pearlite, a specification language - Logical Expressions: quantifiers (`forall` and `exists`), logical implication `==>`, *logical* equality `a == b`, labels - Rust specific logical expressions: access to the **final** value of a mutable reference `^`, access to the *model* of an object `@` -We also provide three new attributes on Rust functions: `ghost`, `logic` and `predicate`. - -A ghost function is marked with `#[ghost]`. It can be used in ghost code, to assign ghost -variables of the `Snapshot` type. +We also provide two new attributes on Rust functions: `logic` and `predicate`. Marked `#[logic]` or `#[predicate]`, a function can be used in specs and other logical conditions (`requires`/`ensures` and `invariant`). They can use ghost functions. The two attributes have the following difference. - A `logic` function can freely have logical, non-executable operations, such as quantifiers, logic equalities, etc. Instead, this function can't be called in normal Rust code (the function body of a `logic` function is replaced with a panic). You can use pearlite syntax for any part in the logic function by marking that part with the `pearlite! { ... }` macro. + + If you need to use the prophecy operator `^` on a mutable reference, you need to mark the function `#[logic(prophetic)]`. - A `predicate` is a logical function which returns a proposition (in practice, returns a boolean value). When you write *recursive* `ghost`, `logic` or `predicate` functions, you have to show that the function terminates. diff --git a/creusot-contracts-dummy/src/lib.rs b/creusot-contracts-dummy/src/lib.rs index c7a952d901..9e1f60b1dd 100644 --- a/creusot-contracts-dummy/src/lib.rs +++ b/creusot-contracts-dummy/src/lib.rs @@ -43,11 +43,6 @@ pub fn pearlite(_: TS1) -> TS1 { TS1::new() } -#[proc_macro_attribute] -pub fn ghost(_: TS1, _: TS1) -> TS1 { - TS1::new() -} - #[proc_macro_attribute] pub fn predicate(_: TS1, _: TS1) -> TS1 { TS1::new() diff --git a/creusot-contracts-proc/src/derive/deep_model.rs b/creusot-contracts-proc/src/derive/deep_model.rs index 6dd6807924..7171b82fd9 100644 --- a/creusot-contracts-proc/src/derive/deep_model.rs +++ b/creusot-contracts-proc/src/derive/deep_model.rs @@ -47,7 +47,7 @@ pub fn derive_deep_model(input: proc_macro::TokenStream) -> proc_macro::TokenStr impl #impl_generics ::creusot_contracts::DeepModel for #name #ty_generics #where_clause { type DeepModelTy = #deep_model_ty_name #ty_generics; - #[ghost] + #[logic] #open fn deep_model(self) -> Self::DeepModelTy { #eq diff --git a/creusot-contracts-proc/src/derive/resolve.rs b/creusot-contracts-proc/src/derive/resolve.rs index 1b081e2daf..3888b8ebc6 100644 --- a/creusot-contracts-proc/src/derive/resolve.rs +++ b/creusot-contracts-proc/src/derive/resolve.rs @@ -14,7 +14,7 @@ pub fn derive_resolve(input: proc_macro::TokenStream) -> proc_macro::TokenStream let expanded = quote! { #[::creusot_contracts::trusted] impl #impl_generics ::creusot_contracts::Resolve for #name #ty_generics #where_clause { - #[::creusot_contracts::predicate] + #[::creusot_contracts::predicate(prophetic)] #[::creusot_contracts::open] fn resolve(self) -> bool { use ::creusot_contracts::Resolve; diff --git a/creusot-contracts-proc/src/lib.rs b/creusot-contracts-proc/src/lib.rs index bf4a3cf717..6209c692da 100644 --- a/creusot-contracts-proc/src/lib.rs +++ b/creusot-contracts-proc/src/lib.rs @@ -467,59 +467,35 @@ impl Parse for LogicInput { } #[proc_macro_attribute] -pub fn ghost(_: TS1, tokens: TS1) -> TS1 { - let log = parse_macro_input!(tokens as LogicInput); - match log { - LogicInput::Item(log) => ghost_item(log), - LogicInput::Sig(sig) => ghost_sig(sig), - } -} - -fn ghost_sig(sig: TraitItemSignature) -> TS1 { - let span = sig.span(); - TS1::from(quote_spanned! {span=> - #[creusot::decl::ghost] - #sig - }) -} - -fn ghost_item(log: LogicItem) -> TS1 { - let span = log.sig.span(); - - let term = log.body; - let vis = log.vis; - let def = log.defaultness; - let sig = log.sig; - let attrs = log.attrs; - let req_body = pretyping::encode_block(&term.stmts).unwrap(); - - TS1::from(quote_spanned! {span=> - #[creusot::decl::ghost] - #(#attrs)* - #vis #def #sig { - #req_body +pub fn logic(prophetic: TS1, tokens: TS1) -> TS1 { + let prophetic = if prophetic.is_empty() { + None + } else { + let t = parse_macro_input!(prophetic as Ident); + if t.to_string() == "prophetic" { + Some(quote!(#[creusot::decl::logic::prophetic])) + } else { + None } - }) -} - -#[proc_macro_attribute] -pub fn logic(_: TS1, tokens: TS1) -> TS1 { + }; let log = parse_macro_input!(tokens as LogicInput); match log { - LogicInput::Item(log) => logic_item(log), - LogicInput::Sig(sig) => logic_sig(sig), + LogicInput::Item(log) => logic_item(log, prophetic), + LogicInput::Sig(sig) => logic_sig(sig, prophetic), } } -fn logic_sig(sig: TraitItemSignature) -> TS1 { +fn logic_sig(sig: TraitItemSignature, prophetic: Option) -> TS1 { let span = sig.span(); - TS1::from(quote_spanned! {span=> + + TS1::from(quote_spanned! {span => #[creusot::decl::logic] + #prophetic #sig }) } -fn logic_item(log: LogicItem) -> TS1 { +fn logic_item(log: LogicItem, prophetic: Option) -> TS1 { let span = log.sig.span(); let term = log.body; @@ -529,8 +505,9 @@ fn logic_item(log: LogicItem) -> TS1 { let attrs = log.attrs; let req_body = pretyping::encode_block(&term.stmts).unwrap(); - TS1::from(quote_spanned! {span=> + TS1::from(quote_spanned! {span => #[creusot::decl::logic] + #prophetic #(#attrs)* #vis #def #sig { #req_body @@ -550,7 +527,18 @@ pub fn law(_: TS1, tokens: TS1) -> TS1 { } #[proc_macro_attribute] -pub fn predicate(_: TS1, tokens: TS1) -> TS1 { +pub fn predicate(prophetic: TS1, tokens: TS1) -> TS1 { + let prophetic = if prophetic.is_empty() { + None + } else { + let t = parse_macro_input!(prophetic as Ident); + if t.to_string() == "prophetic" { + Some(quote!(#[creusot::decl::logic::prophetic])) + } else { + None + } + }; + let pred = parse_macro_input!(tokens as LogicInput); let sig = match &pred { @@ -573,20 +561,21 @@ pub fn predicate(_: TS1, tokens: TS1) -> TS1 { }; match pred { - LogicInput::Item(log) => predicate_item(log), - LogicInput::Sig(sig) => predicate_sig(sig), + LogicInput::Item(log) => predicate_item(log, prophetic), + LogicInput::Sig(sig) => predicate_sig(sig, prophetic), } } -fn predicate_sig(sig: TraitItemSignature) -> TS1 { +fn predicate_sig(sig: TraitItemSignature, prophetic: Option) -> TS1 { let span = sig.span(); TS1::from(quote_spanned! {span=> #[creusot::decl::predicate] + #prophetic #sig }) } -fn predicate_item(log: LogicItem) -> TS1 { +fn predicate_item(log: LogicItem, prophetic: Option) -> TS1 { let span = log.sig.span(); let term = log.body; let vis = log.vis; @@ -598,6 +587,7 @@ fn predicate_item(log: LogicItem) -> TS1 { TS1::from(quote_spanned! {span=> #[creusot::decl::predicate] + #prophetic #(#attrs)* #vis #def #sig { #req_body diff --git a/creusot-contracts/src/ghost_ptr.rs b/creusot-contracts/src/ghost_ptr.rs index 44f2158ed0..64041cec16 100644 --- a/creusot-contracts/src/ghost_ptr.rs +++ b/creusot-contracts/src/ghost_ptr.rs @@ -29,7 +29,7 @@ impl ShallowModel for GhostPtrToken { type ShallowModelTy = FMap, T>; #[trusted] - #[ghost] + #[logic] #[open(self)] fn shallow_model(self) -> Self::ShallowModelTy { absurd @@ -131,7 +131,7 @@ impl GhostPtrToken { impl GhostPtrExt for GhostPtr { #[trusted] #[open(self)] - #[ghost] + #[logic] #[ensures(forall> !t@.contains(result))] #[ensures(result.addr_logic() == 0)] #[ensures(forall> ptr.addr_logic() == result.addr_logic() ==> ptr == result)] @@ -140,7 +140,7 @@ impl GhostPtrExt for GhostPtr { } #[trusted] - #[ghost] + #[logic] #[open(self)] fn addr_logic(self) -> Int { absurd @@ -151,7 +151,7 @@ impl<'a, T: ?Sized> ShallowModel for GhostPtrTokenRef<'a, T> { type ShallowModelTy = FMap, T>; #[trusted] - #[ghost] + #[logic] #[open(self)] fn shallow_model(self) -> Self::ShallowModelTy { absurd @@ -174,14 +174,14 @@ impl<'a, T: ?Sized> GhostPtrTokenRef<'a, T> { #[requires(new_model.subset(self@))] #[ensures(result@ == *new_model)] #[allow(unused_variables)] - pub fn shrink_token_ref(self, new_model: Ghost>) -> Self { + pub fn shrink_token_ref(self, new_model: Snapshot>) -> Self { self } } impl<'a, T: ?Sized> GhostPtrTokenMut<'a, T> { #[trusted] - #[ghost] + #[logic] #[open(self)] pub fn cur(self) -> FMap, T> { absurd @@ -265,9 +265,9 @@ impl<'a, T> Resolve for GhostPtrTokenMut<'a, T> { } pub trait GhostPtrExt: Sized { - #[ghost] + #[logic] fn null_logic() -> Self; - #[ghost] + #[logic] fn addr_logic(self) -> Int; } diff --git a/creusot-contracts/src/invariant.rs b/creusot-contracts/src/invariant.rs index ff9fdae4c4..51aa0d047a 100644 --- a/creusot-contracts/src/invariant.rs +++ b/creusot-contracts/src/invariant.rs @@ -1,7 +1,7 @@ use crate::*; pub trait Invariant { - #[predicate] + #[predicate(prophetic)] #[open] #[rustc_diagnostic_item = "creusot_invariant_user"] fn invariant(self) -> bool { diff --git a/creusot-contracts/src/lib.rs b/creusot-contracts/src/lib.rs index 5ef8b382e1..fd324b72dc 100644 --- a/creusot-contracts/src/lib.rs +++ b/creusot-contracts/src/lib.rs @@ -32,20 +32,41 @@ mod macros { pub use creusot_contracts_proc::law; /// Declare a function as being a logical function, this declaration must be pure and - /// total. It cannot be called from Rust programs as it is *ghost*, in exchange it can - /// use logical operations and syntax with the help of the [pearlite] macro. + /// total. It cannot be called from Rust programs, but in exchange it can use logical + /// operations and syntax with the help of the [`pearlite!`] macro. + /// + /// # `prophetic` + /// + /// If you wish to use the `^` operator on mutable borrows to get the final value, you need to + /// specify that the function is _prophetic_, like so: + /// ```ignore + /// #[logic(prophetic)] + /// fn uses_prophecies(x: &mut Int) -> Int { + /// pearlite! { if ^x == 0 { 0 } else { 1 } } + /// } + /// ``` + /// Such a logic function cannot be used in [`snapshot!`] anymore, and cannot be + /// called from a regular [`logic`] or [`predicate`] function. pub use creusot_contracts_proc::logic; - /// Declare a function as being a ghost function, this declaration must be pure and - /// total. It cannot be called from Rust programs as it is *ghost*, in exchange it can - /// use logical operations and syntax with the help of the [pearlite] macro. - /// Unlike functions marked with the `[logic]` attribute, `[ghost]` functions cannot - /// use the final value operator (^), nor call other `[predicate]` or `[logic]` functions. - pub use creusot_contracts_proc::ghost; - /// Declare a function as being a logical function, this declaration must be pure and /// total. It cannot be called from Rust programs as it is *ghost*, in exchange it can - /// use logical operations and syntax with the help of the [pearlite] macro. + /// use logical operations and syntax with the help of the [`pearlite!`] macro. + /// + /// It **must** return a boolean. + /// + /// # `prophetic` + /// + /// If you wish to use the `^` operator on mutable borrows to get the final value, you need to + /// specify that the function is _prophetic_, like so: + /// ```ignore + /// #[predicate(prophetic)] + /// fn uses_prophecies(x: &mut Int) -> bool { + /// pearlite! { ^x == 0 } + /// } + /// ``` + /// Such a predicate function cannot be used in [`snapshot!`] anymore, and cannot be + /// called from a regular [`logic`] or [`predicate`] function. pub use creusot_contracts_proc::predicate; /// Inserts a *logical* assertion into the code. This assertion will not be checked at runtime @@ -109,20 +130,41 @@ mod macros { pub use creusot_contracts_dummy::law; /// Declare a function as being a logical function, this declaration must be pure and - /// total. It cannot be called from Rust programs as it is *ghost*, in exchange it can - /// use logical operations and syntax with the help of the [pearlite] macro. + /// total. It cannot be called from Rust programs, but in exchange it can use logical + /// operations and syntax with the help of the [`pearlite!`] macro. + /// + /// # `prophetic` + /// + /// If you wish to use the `^` operator on mutable borrows to get the final value, you need to + /// specify that the function is _prophetic_, like so: + /// ```ignore + /// #[logic(prophetic)] + /// fn uses_prophecies(x: &mut Int) -> Int { + /// pearlite! { if ^x == 0 { 0 } else { 1 } } + /// } + /// ``` + /// Such a logic function cannot be used in [`snapshot!`] anymore, and cannot be + /// called from a regular [`logic`] or [`predicate`] function. pub use creusot_contracts_dummy::logic; - /// Declare a function as being a ghost function, this declaration must be pure and - /// total. It cannot be called from Rust programs as it is *ghost*, in exchange it can - /// use logical operations and syntax with the help of the [pearlite] macro. - /// Unlike functions marked with the `[logic]` attribute, `[ghost]` functions cannot - /// use the final value operator (^), nor call other `[predicate]` or `[logic]` functions. - pub use creusot_contracts_dummy::ghost; - /// Declare a function as being a logical function, this declaration must be pure and /// total. It cannot be called from Rust programs as it is *ghost*, in exchange it can - /// use logical operations and syntax with the help of the [pearlite] macro. + /// use logical operations and syntax with the help of the [`pearlite!`] macro. + /// + /// It **must** return a boolean. + /// + /// # `prophetic` + /// + /// If you wish to use the `^` operator on mutable borrows to get the final value, you need to + /// specify that the function is _prophetic_, like so: + /// ```ignore + /// #[predicate(prophetic)] + /// fn uses_prophecies(x: &mut Int) -> bool { + /// pearlite! { ^x == 0 } + /// } + /// ``` + /// Such a predicate function cannot be used in [`snapshot!`] anymore, and cannot be + /// called from a regular [`logic`] or [`predicate`] function. pub use creusot_contracts_dummy::predicate; /// Inserts a *logical* assertion into the code. This assertion will not be checked at runtime diff --git a/creusot-contracts/src/logic/fmap.rs b/creusot-contracts/src/logic/fmap.rs index 796190aac6..04357dd532 100644 --- a/creusot-contracts/src/logic/fmap.rs +++ b/creusot-contracts/src/logic/fmap.rs @@ -7,7 +7,7 @@ pub struct FMap(PMap); impl FMap { #[trusted] - #[ghost] + #[logic] #[open(self)] #[ensures(result >= 0)] pub fn len(self) -> Int { @@ -15,7 +15,7 @@ impl FMap { } #[trusted] - #[ghost] + #[logic] #[open(self)] pub fn mk(_m: PMap) -> Self { absurd @@ -23,7 +23,7 @@ impl FMap { #[trusted] #[open(self)] - #[ghost] + #[logic] #[ensures(Self::mk(result) == self)] // injectivity pub fn view(self) -> PMap { absurd @@ -31,7 +31,7 @@ impl FMap { #[trusted] #[open(self)] - #[ghost] + #[logic] #[ensures(result.view() == self.view().set(k, Some(v.make_sized())))] #[ensures(self.contains(k) ==> result.len() == self.len())] #[ensures(!self.contains(k) ==> result.len() == self.len() + 1)] @@ -41,28 +41,28 @@ impl FMap { #[trusted] #[open(self)] - #[ghost] + #[logic] #[ensures(result.view() == self.view().set(k, None))] #[ensures(result.len() == if self.contains(k) {self.len() - 1} else {self.len()})] pub fn remove(self, k: K) -> Self { absurd } - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] pub fn get(self, k: K) -> Option> { self.view().get(k) } - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] pub fn lookup_unsized(self, k: K) -> SizedW { unwrap(self.get(k)) } - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] pub fn lookup(self, k: K) -> V @@ -72,7 +72,7 @@ impl FMap { *self.lookup_unsized(k) } - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] pub fn contains(self, k: K) -> bool { @@ -80,7 +80,7 @@ impl FMap { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[ensures(result.len() == 0)] #[ensures(result.view() == Mapping::cst(None))] @@ -88,26 +88,26 @@ impl FMap { absurd } - #[ghost] + #[logic] #[open] pub fn is_empty(self) -> bool { self.ext_eq(FMap::empty()) } - #[ghost] + #[logic] #[open] pub fn disjoint(self, other: Self) -> bool { pearlite! {forall !self.contains(k) || !other.contains(k)} } - #[ghost] + #[logic] #[open] pub fn subset(self, other: Self) -> bool { pearlite! {forall self.contains(k) ==> other.get(k) == self.get(k)} } #[trusted] - #[ghost] + #[logic] #[open(self)] #[requires(self.disjoint(other))] #[ensures(forall result.get(k) == if self.contains(k) { @@ -123,15 +123,15 @@ impl FMap { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[ensures(forall result.get(k) == if other.contains(k) {None} else {self.get(k)})] pub fn subtract_keys(self, other: Self) -> Self { absurd } - #[ghost] - #[open(self)] + #[logic] + #[open] #[requires(other.subset(self))] #[ensures(result.disjoint(other))] #[ensures(other.union(result).ext_eq(self))] @@ -140,7 +140,7 @@ impl FMap { self.subtract_keys(other) } - #[ghost] + #[logic] #[open] #[ensures(result ==> self == other)] #[ensures((forall self.get(k) == other.get(k)) ==> result)] diff --git a/creusot-contracts/src/logic/fset.rs b/creusot-contracts/src/logic/fset.rs index c500edcde6..7b3dfb65b4 100644 --- a/creusot-contracts/src/logic/fset.rs +++ b/creusot-contracts/src/logic/fset.rs @@ -17,7 +17,7 @@ impl FSet { } #[doc(hidden)] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Fset.mem"] pub fn mem(_: T, _: Self) -> bool { @@ -25,14 +25,14 @@ impl FSet { } #[open] - #[ghost] + #[logic] #[why3::attr = "inline:trivial"] pub fn insert(self, e: T) -> Self { Self::add(e, self) } #[doc(hidden)] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Fset.add"] pub fn add(_: T, _: Self) -> Self { @@ -47,21 +47,21 @@ impl FSet { } #[open] - #[ghost] + #[logic] #[why3::attr = "inline:trivial"] pub fn remove(self, a: T) -> Self { Self::rem(a, self) } #[doc(hidden)] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Fset.remove"] pub fn rem(_: T, _: Self) -> Self { pearlite! { absurd } } - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Fset.union"] pub fn union(self, _: Self) -> Self { @@ -82,14 +82,14 @@ impl FSet { Self::is_subset(other, self) } - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Fset.cardinal"] pub fn len(self) -> Int { pearlite! { absurd } } - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Fset.pick"] pub fn peek(self) -> T diff --git a/creusot-contracts/src/logic/int.rs b/creusot-contracts/src/logic/int.rs index 7fb8a8de44..1a7725f5f7 100644 --- a/creusot-contracts/src/logic/int.rs +++ b/creusot-contracts/src/logic/int.rs @@ -8,7 +8,7 @@ pub struct Int(*mut ()); impl Int { #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "int.Power.power"] pub fn pow(self, _: Int) -> Int { @@ -16,7 +16,7 @@ impl Int { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "int.MinMax.max"] pub fn max(self, _: Int) -> Int { @@ -24,7 +24,7 @@ impl Int { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "int.MinMax.min"] pub fn min(self, _: Int) -> Int { @@ -32,7 +32,7 @@ impl Int { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "int.EuclideanDivision.div"] pub fn div_euclid(self, _: Int) -> Int { @@ -40,14 +40,14 @@ impl Int { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "int.EuclideanDivision.mod"] pub fn rem_euclid(self, _: Int) -> Int { absurd } - #[ghost] + #[logic] #[open] pub fn abs_diff(self, other: Int) -> Int { if self < other { diff --git a/creusot-contracts/src/logic/mapping.rs b/creusot-contracts/src/logic/mapping.rs index 7fb7be6089..b53c838370 100644 --- a/creusot-contracts/src/logic/mapping.rs +++ b/creusot-contracts/src/logic/mapping.rs @@ -5,7 +5,7 @@ pub struct Mapping(std::marker::PhantomData<(A, B)>); impl Mapping { #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "map.Map.get"] pub fn get(self, _: A) -> B { @@ -13,7 +13,7 @@ impl Mapping { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "map.Map.set"] pub fn set(self, _: A, _: B) -> Self { @@ -21,7 +21,7 @@ impl Mapping { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "map.Const.const"] pub fn cst(_: B) -> Self { diff --git a/creusot-contracts/src/logic/ops.rs b/creusot-contracts/src/logic/ops.rs index 80339c0be6..3deff865dd 100644 --- a/creusot-contracts/src/logic/ops.rs +++ b/creusot-contracts/src/logic/ops.rs @@ -5,7 +5,7 @@ use crate::*; pub trait IndexLogic { type Item; - #[ghost] + #[logic] #[rustc_diagnostic_item = "index_logic_method"] fn index_logic(self, idx: I) -> Self::Item; } @@ -13,7 +13,7 @@ pub trait IndexLogic { impl IndexLogic for Vec { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: Int) -> Self::Item { @@ -24,7 +24,7 @@ impl IndexLogic for Vec { impl IndexLogic for Vec { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: usize) -> Self::Item { @@ -35,7 +35,7 @@ impl IndexLogic for Vec { impl IndexLogic for [T] { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] #[rustc_diagnostic_item = "slice_index_logic"] @@ -47,7 +47,7 @@ impl IndexLogic for [T] { impl IndexLogic for [T] { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: usize) -> Self::Item { @@ -58,7 +58,7 @@ impl IndexLogic for [T] { impl IndexLogic for [T; N] { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: Int) -> Self::Item { @@ -69,7 +69,7 @@ impl IndexLogic for [T; N] { impl IndexLogic for [T; N] { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: usize) -> Self::Item { @@ -80,7 +80,7 @@ impl IndexLogic for [T; N] { impl IndexLogic for Snapshot> { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: Int) -> Self::Item { diff --git a/creusot-contracts/src/logic/ord.rs b/creusot-contracts/src/logic/ord.rs index e5f9177019..76bda7b493 100644 --- a/creusot-contracts/src/logic/ord.rs +++ b/creusot-contracts/src/logic/ord.rs @@ -2,10 +2,10 @@ use crate::{std::cmp::Ordering, *}; #[allow(unused)] pub trait OrdLogic { - #[ghost] + #[logic] fn cmp_log(self, _: Self) -> Ordering; - #[ghost] + #[logic] #[open] fn le_log(self, o: Self) -> bool { pearlite! { self.cmp_log(o) != Ordering::Greater } @@ -15,7 +15,7 @@ pub trait OrdLogic { #[ensures(x.le_log(y) == (x.cmp_log(y) != Ordering::Greater))] fn cmp_le_log(x: Self, y: Self); - #[ghost] + #[logic] #[open] fn lt_log(self, o: Self) -> bool { pearlite! { self.cmp_log(o) == Ordering::Less } @@ -25,7 +25,7 @@ pub trait OrdLogic { #[ensures(x.lt_log(y) == (x.cmp_log(y) == Ordering::Less))] fn cmp_lt_log(x: Self, y: Self); - #[ghost] + #[logic] #[open] fn ge_log(self, o: Self) -> bool { pearlite! { self.cmp_log(o) != Ordering::Less } @@ -35,7 +35,7 @@ pub trait OrdLogic { #[ensures(x.ge_log(y) == (x.cmp_log(y) != Ordering::Less))] fn cmp_ge_log(x: Self, y: Self); - #[ghost] + #[logic] #[open] fn gt_log(self, o: Self) -> bool { pearlite! { self.cmp_log(o) == Ordering::Greater } @@ -134,7 +134,7 @@ pub use ord_laws_impl; macro_rules! ord_logic_impl { ($t:ty) => { impl OrdLogic for $t { - #[ghost] + #[logic] #[open] fn cmp_log(self, o: Self) -> Ordering { if self < o { @@ -148,7 +148,7 @@ macro_rules! ord_logic_impl { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "int.Int.(<=)"] fn le_log(self, _: Self) -> bool { true @@ -156,7 +156,7 @@ macro_rules! ord_logic_impl { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "int.Int.(<)"] fn lt_log(self, _: Self) -> bool { true @@ -164,7 +164,7 @@ macro_rules! ord_logic_impl { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "int.Int.(>=)"] fn ge_log(self, _: Self) -> bool { true @@ -172,7 +172,7 @@ macro_rules! ord_logic_impl { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "int.Int.(>)"] fn gt_log(self, _: Self) -> bool { true @@ -201,7 +201,7 @@ ord_logic_impl!(isize); impl OrdLogic for bool { #[open] - #[ghost] + #[logic] fn cmp_log(self, o: Self) -> Ordering { match (self, o) { (false, false) => Ordering::Equal, @@ -215,7 +215,7 @@ impl OrdLogic for bool { } impl OrdLogic for (A, B) { - #[ghost] + #[logic] #[open] fn cmp_log(self, o: Self) -> Ordering { pearlite! { { @@ -228,25 +228,25 @@ impl OrdLogic for (A, B) { } } } - #[ghost] + #[logic] #[open] fn le_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 <= o.1) || self.0 <= o.0 } } - #[ghost] + #[logic] #[open] fn lt_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 < o.1) || self.0 < o.0 } } - #[ghost] + #[logic] #[open] fn ge_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 >= o.1) || self.0 >= o.0 } } - #[ghost] + #[logic] #[open] fn gt_log(self, o: Self) -> bool { pearlite! { (self.0 == o.0 && self.1 > o.1) || self.0 > o.0 } @@ -256,7 +256,7 @@ impl OrdLogic for (A, B) { } impl OrdLogic for Option { - #[ghost] + #[logic] #[open] fn cmp_log(self, o: Self) -> Ordering { match (self, o) { diff --git a/creusot-contracts/src/logic/seq.rs b/creusot-contracts/src/logic/seq.rs index 31f3860705..cbeba88a70 100644 --- a/creusot-contracts/src/logic/seq.rs +++ b/creusot-contracts/src/logic/seq.rs @@ -13,14 +13,14 @@ impl Seq { pub const EMPTY: Self = { Seq(std::marker::PhantomData) }; #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq.Seq.create"] pub fn new(_: Int, _: Mapping) -> Self { absurd } - #[ghost] + #[logic] #[open] pub fn get(self, ix: Int) -> Option { if 0 <= ix && ix < self.len() { @@ -31,7 +31,7 @@ impl Seq { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq_ext.SeqExt.subsequence"] pub fn subsequence(self, _: Int, _: Int) -> Self { @@ -39,21 +39,21 @@ impl Seq { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq.Seq.singleton"] pub fn singleton(_: T) -> Self { absurd } - #[ghost] + #[logic] #[open] pub fn tail(self) -> Self { self.subsequence(1, self.len()) } #[trusted] - #[ghost] + #[logic] #[open(self)] #[rustc_diagnostic_item = "seq_len"] #[creusot::builtins = "seq.Seq.length"] @@ -62,7 +62,7 @@ impl Seq { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq.Seq.set"] pub fn set(self, _: Int, _: T) -> Self { @@ -78,7 +78,7 @@ impl Seq { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq.Seq.snoc"] pub fn push(self, _: T) -> Self { @@ -86,7 +86,7 @@ impl Seq { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq.Seq.(++)"] pub fn concat(self, _: Self) -> Self { @@ -94,7 +94,7 @@ impl Seq { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "seq.Reverse.reverse"] pub fn reverse(self) -> Self { @@ -163,7 +163,7 @@ impl Seq<&T> { impl IndexLogic for Seq { type Item = T; - #[ghost] + #[logic] #[trusted] #[open(self)] #[rustc_diagnostic_item = "seq_index"] diff --git a/creusot-contracts/src/logic/set.rs b/creusot-contracts/src/logic/set.rs index ec36252a28..f4bc35d3ea 100644 --- a/creusot-contracts/src/logic/set.rs +++ b/creusot-contracts/src/logic/set.rs @@ -17,7 +17,7 @@ impl Set { } #[doc(hidden)] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Set.mem"] pub fn mem(_: T, _: Self) -> bool { @@ -25,14 +25,14 @@ impl Set { } #[open] - #[ghost] + #[logic] #[why3::attr = "inline:trivial"] pub fn insert(self, e: T) -> Self { Self::add(e, self) } #[doc(hidden)] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Set.add"] pub fn add(_: T, _: Self) -> Self { @@ -47,14 +47,14 @@ impl Set { } #[open] - #[ghost] + #[logic] #[why3::attr = "inline:trivial"] pub fn remove(self, a: T) -> Self { Self::rem(a, self) } #[doc(hidden)] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "set.Set.remove"] pub fn rem(_: T, _: Self) -> Self { @@ -62,7 +62,7 @@ impl Set { } #[open(self)] - #[ghost] + #[logic] #[creusot::builtins = "set.Set.union"] pub fn union(self, _: Self) -> Self { pearlite! { absurd} diff --git a/creusot-contracts/src/model.rs b/creusot-contracts/src/model.rs index 91835cf59a..eea2b3cba6 100644 --- a/creusot-contracts/src/model.rs +++ b/creusot-contracts/src/model.rs @@ -8,7 +8,7 @@ use crate::*; /// Models of inner types are typically not involved. pub trait ShallowModel { type ShallowModelTy; - #[ghost] + #[logic] fn shallow_model(self) -> Self::ShallowModelTy; } @@ -24,13 +24,13 @@ pub use creusot_contracts_dummy::DeepModel; /// Typically, such a model recursively calls deep models of inner types. pub trait DeepModel { type DeepModelTy; - #[ghost] + #[logic] fn deep_model(self) -> Self::DeepModelTy; } impl DeepModel for Rc { type DeepModelTy = T::DeepModelTy; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { pearlite! { self.shallow_model().deep_model() } @@ -39,7 +39,7 @@ impl DeepModel for Rc { impl ShallowModel for Rc { type ShallowModelTy = T; - #[ghost] + #[logic] #[open] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { @@ -49,7 +49,7 @@ impl ShallowModel for Rc { impl DeepModel for Arc { type DeepModelTy = T::DeepModelTy; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { pearlite! { self@.deep_model() } @@ -58,7 +58,7 @@ impl DeepModel for Arc { impl ShallowModel for Arc { type ShallowModelTy = T; - #[ghost] + #[logic] #[open] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { @@ -68,7 +68,7 @@ impl ShallowModel for Arc { impl DeepModel for &T { type DeepModelTy = T::DeepModelTy; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { (*self).deep_model() @@ -77,7 +77,7 @@ impl DeepModel for &T { impl ShallowModel for &T { type ShallowModelTy = T::ShallowModelTy; - #[ghost] + #[logic] #[open] fn shallow_model(self) -> Self::ShallowModelTy { (*self).shallow_model() @@ -86,7 +86,7 @@ impl ShallowModel for &T { impl DeepModel for &mut T { type DeepModelTy = T::DeepModelTy; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { (*self).deep_model() @@ -95,7 +95,7 @@ impl DeepModel for &mut T { impl ShallowModel for &mut T { type ShallowModelTy = T::ShallowModelTy; - #[ghost] + #[logic] #[open] fn shallow_model(self) -> Self::ShallowModelTy { (*self).shallow_model() @@ -105,7 +105,7 @@ impl ShallowModel for &mut T { impl DeepModel for bool { type DeepModelTy = bool; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { self diff --git a/creusot-contracts/src/num_rational.rs b/creusot-contracts/src/num_rational.rs index be700d066e..95cf6e595f 100644 --- a/creusot-contracts/src/num_rational.rs +++ b/creusot-contracts/src/num_rational.rs @@ -1,6 +1,6 @@ use std::marker::PhantomData; -use crate::{ghost, open, pearlite, trusted, DeepModel, Int, OrdLogic}; +use crate::{logic, open, pearlite, trusted, DeepModel, Int, OrdLogic}; use num_rational::BigRational; use std::cmp::Ordering; @@ -12,7 +12,7 @@ pub struct Real(PhantomData<*mut ()>); impl DeepModel for BigRational { type DeepModelTy = Real; - #[ghost] + #[logic] #[open(self)] #[trusted] fn deep_model(self) -> Self::DeepModelTy { @@ -21,7 +21,7 @@ impl DeepModel for BigRational { } impl Real { - #[ghost] + #[logic] #[trusted] #[open(self)] pub fn from_int(_: Int) -> Self { @@ -30,7 +30,7 @@ impl Real { } impl OrdLogic for Real { - #[ghost] + #[logic] #[open] fn cmp_log(self, o: Self) -> Ordering { if self < o { @@ -44,7 +44,7 @@ impl OrdLogic for Real { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "prelude.Real.(<=)"] fn le_log(self, _: Self) -> bool { true @@ -52,7 +52,7 @@ impl OrdLogic for Real { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "prelude.Real.(<)"] fn lt_log(self, _: Self) -> bool { true @@ -60,7 +60,7 @@ impl OrdLogic for Real { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "prelude.Real.(>=)"] fn ge_log(self, _: Self) -> bool { true @@ -68,7 +68,7 @@ impl OrdLogic for Real { #[trusted] #[open] - #[ghost] + #[logic] #[creusot::builtins = "prelude.Real.(>)"] fn gt_log(self, _: Self) -> bool { true diff --git a/creusot-contracts/src/resolve.rs b/creusot-contracts/src/resolve.rs index f2dc879bcc..ed297eb976 100644 --- a/creusot-contracts/src/resolve.rs +++ b/creusot-contracts/src/resolve.rs @@ -3,14 +3,14 @@ use crate::*; #[cfg_attr(creusot, rustc_diagnostic_item = "creusot_resolve")] #[trusted] pub trait Resolve { - #[predicate] + #[predicate(prophetic)] #[rustc_diagnostic_item = "creusot_resolve_method"] fn resolve(self) -> bool; } #[trusted] impl Resolve for (T1, T2) { - #[predicate] + #[predicate(prophetic)] #[open] fn resolve(self) -> bool { Resolve::resolve(self.0) && Resolve::resolve(self.1) @@ -19,7 +19,7 @@ impl Resolve for (T1, T2) { #[trusted] impl Resolve for &mut T { - #[predicate] + #[predicate(prophetic)] #[open] fn resolve(self) -> bool { pearlite! { ^self == *self } @@ -28,7 +28,7 @@ impl Resolve for &mut T { #[trusted] impl Resolve for Box { - #[predicate] + #[predicate(prophetic)] #[open] fn resolve(self) -> bool { Resolve::resolve(*self) diff --git a/creusot-contracts/src/snapshot.rs b/creusot-contracts/src/snapshot.rs index b0da99475c..4ba6827948 100644 --- a/creusot-contracts/src/snapshot.rs +++ b/creusot-contracts/src/snapshot.rs @@ -9,7 +9,7 @@ impl Deref for Snapshot { type Target = T; #[trusted] - #[ghost] + #[logic] #[open(self)] #[rustc_diagnostic_item = "snapshot_deref"] #[creusot::builtins = "prelude.Snapshot.inner"] @@ -21,7 +21,7 @@ impl Deref for Snapshot { impl ShallowModel for Snapshot { type ShallowModelTy = T::ShallowModelTy; - #[ghost] + #[logic] #[open] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { self.deref().shallow_model() } @@ -38,7 +38,7 @@ impl Copy for Snapshot {} impl Snapshot { #[trusted] - #[ghost] + #[logic] #[open(self)] #[creusot::builtins = "prelude.Snapshot.new"] pub fn new(_: T) -> Snapshot { @@ -46,7 +46,7 @@ impl Snapshot { } #[trusted] - #[ghost] + #[logic] #[open(self)] #[rustc_diagnostic_item = "snapshot_inner"] #[creusot::builtins = "prelude.Snapshot.inner"] diff --git a/creusot-contracts/src/std/array.rs b/creusot-contracts/src/std/array.rs index dc2f2d2501..d4badf497c 100644 --- a/creusot-contracts/src/std/array.rs +++ b/creusot-contracts/src/std/array.rs @@ -3,7 +3,7 @@ use crate::*; impl ShallowModel for [T; N] { type ShallowModelTy = Seq; - #[ghost] + #[logic] #[trusted] #[open] #[creusot::builtins = "prelude.Slice.id"] @@ -18,7 +18,7 @@ impl ShallowModel for [T; N] { impl DeepModel for [T; N] { type DeepModelTy = Seq; - #[ghost] + #[logic] #[trusted] #[open(self)] // TODO diff --git a/creusot-contracts/src/std/boxed.rs b/creusot-contracts/src/std/boxed.rs index 2e65842d17..cd686e68f5 100644 --- a/creusot-contracts/src/std/boxed.rs +++ b/creusot-contracts/src/std/boxed.rs @@ -4,7 +4,7 @@ pub use ::std::boxed::*; #[cfg(creusot)] impl DeepModel for Box { type DeepModelTy = Box; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { Box::new((*self).deep_model()) @@ -14,7 +14,7 @@ impl DeepModel for Box { #[cfg(creusot)] impl ShallowModel for Box { type ShallowModelTy = T::ShallowModelTy; - #[ghost] + #[logic] #[open] fn shallow_model(self) -> Self::ShallowModelTy { (*self).shallow_model() diff --git a/creusot-contracts/src/std/cmp.rs b/creusot-contracts/src/std/cmp.rs index ea8c76d6ea..9db3799cce 100644 --- a/creusot-contracts/src/std/cmp.rs +++ b/creusot-contracts/src/std/cmp.rs @@ -64,7 +64,7 @@ extern_spec! { impl DeepModel for Reverse { type DeepModelTy = Reverse; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { pearlite! { Reverse(self.0.deep_model()) } @@ -72,7 +72,7 @@ impl DeepModel for Reverse { } impl OrdLogic for Reverse { - #[ghost] + #[logic] #[open] fn cmp_log(self, o: Self) -> Ordering { match self.0.cmp_log(o.0) { diff --git a/creusot-contracts/src/std/default.rs b/creusot-contracts/src/std/default.rs index e95565db1e..b1770f27ab 100644 --- a/creusot-contracts/src/std/default.rs +++ b/creusot-contracts/src/std/default.rs @@ -2,7 +2,7 @@ use crate::*; pub use ::std::default::*; pub trait Default: ::std::default::Default { - #[predicate] + #[predicate(prophetic)] fn is_default(self) -> bool; } diff --git a/creusot-contracts/src/std/deque.rs b/creusot-contracts/src/std/deque.rs index 8dace155aa..3d06232b86 100644 --- a/creusot-contracts/src/std/deque.rs +++ b/creusot-contracts/src/std/deque.rs @@ -5,7 +5,7 @@ pub use ::std::collections::VecDeque; impl ShallowModel for VecDeque { type ShallowModelTy = Seq; - #[ghost] + #[logic] #[trusted] #[open(self)] #[ensures(result.len() <= usize::MAX@)] @@ -17,7 +17,7 @@ impl ShallowModel for VecDeque { impl DeepModel for VecDeque { type DeepModelTy = Seq; - #[ghost] + #[logic] #[trusted] #[open(self)] #[ensures(self.shallow_model().len() == result.len())] @@ -31,7 +31,7 @@ impl DeepModel for VecDeque { impl IndexLogic for VecDeque { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: Int) -> Self::Item { @@ -42,7 +42,7 @@ impl IndexLogic for VecDeque { impl IndexLogic for VecDeque { type Item = T; - #[ghost] + #[logic] #[open] #[why3::attr = "inline:trivial"] fn index_logic(self, ix: usize) -> Self::Item { @@ -115,7 +115,7 @@ impl IntoIterator for &VecDeque { impl<'a, T> ShallowModel for Iter<'a, T> { type ShallowModelTy = &'a [T]; - #[ghost] + #[logic] #[open(self)] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { @@ -126,7 +126,7 @@ impl<'a, T> ShallowModel for Iter<'a, T> { impl<'a, T> Invariant for Iter<'a, T> {} impl<'a, T> Iterator for Iter<'a, T> { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { self.resolve() && (*self@)@ == Seq::EMPTY } diff --git a/creusot-contracts/src/std/iter.rs b/creusot-contracts/src/std/iter.rs index e2618d2bfb..e7d6544f14 100644 --- a/creusot-contracts/src/std/iter.rs +++ b/creusot-contracts/src/std/iter.rs @@ -24,10 +24,10 @@ pub use take::TakeExt; pub use zip::ZipExt; pub trait Iterator: ::std::iter::Iterator { - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool; - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool; #[law] @@ -63,7 +63,7 @@ where pearlite! { true } } - #[predicate] + #[predicate(prophetic)] fn into_iter_post(self, res: Self::IntoIter) -> bool; } diff --git a/creusot-contracts/src/std/iter/cloned.rs b/creusot-contracts/src/std/iter/cloned.rs index 514b3abe13..09cef10136 100644 --- a/creusot-contracts/src/std/iter/cloned.rs +++ b/creusot-contracts/src/std/iter/cloned.rs @@ -1,13 +1,13 @@ use crate::{std::iter::Cloned, *}; pub trait ClonedExt { - #[ghost] + #[logic] fn iter(self) -> I; } impl ClonedExt for Cloned { #[open(self)] - #[ghost] + #[logic] #[trusted] fn iter(self) -> I { pearlite! { absurd } @@ -17,7 +17,7 @@ impl ClonedExt for Cloned { #[trusted] impl Resolve for Cloned { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { pearlite! { self.iter().resolve() @@ -31,13 +31,13 @@ where T: Clone, { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { exists *inner == self.iter() && ^inner == (^self).iter() && inner.completed() } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { exists> self.iter().produces(s, o.iter()) diff --git a/creusot-contracts/src/std/iter/copied.rs b/creusot-contracts/src/std/iter/copied.rs index 0460d5178c..9944f4b4b6 100644 --- a/creusot-contracts/src/std/iter/copied.rs +++ b/creusot-contracts/src/std/iter/copied.rs @@ -1,13 +1,13 @@ use crate::{std::iter::Copied, *}; pub trait CopiedExt { - #[ghost] + #[logic] fn iter(self) -> I; } impl CopiedExt for Copied { #[open] - #[ghost] + #[logic] #[trusted] fn iter(self) -> I { pearlite! { absurd } @@ -17,7 +17,7 @@ impl CopiedExt for Copied { #[trusted] impl Resolve for Copied { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { pearlite! { self.iter().resolve() @@ -31,13 +31,13 @@ where T: Copy, { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { exists *inner == self.iter() && ^inner == (^self).iter() && inner.completed() } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { exists> self.iter().produces(s, o.iter()) diff --git a/creusot-contracts/src/std/iter/empty.rs b/creusot-contracts/src/std/iter/empty.rs index 9fdc551ec7..52def108b0 100644 --- a/creusot-contracts/src/std/iter/empty.rs +++ b/creusot-contracts/src/std/iter/empty.rs @@ -2,7 +2,7 @@ use crate::{std::iter::Empty, *}; impl Iterator for Empty { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.resolve() } } diff --git a/creusot-contracts/src/std/iter/enumerate.rs b/creusot-contracts/src/std/iter/enumerate.rs index f2d0172950..662f3cc642 100644 --- a/creusot-contracts/src/std/iter/enumerate.rs +++ b/creusot-contracts/src/std/iter/enumerate.rs @@ -1,23 +1,23 @@ use crate::{invariant::Invariant, std::iter::Enumerate, *}; pub trait EnumerateExt { - #[ghost] + #[logic] fn iter(self) -> I; - #[ghost] + #[logic] fn n(self) -> Int; } impl EnumerateExt for Enumerate { #[trusted] - #[ghost] + #[logic] #[open(self)] fn iter(self) -> I { absurd } #[trusted] - #[ghost] + #[logic] #[open(self)] fn n(self) -> Int { absurd @@ -27,7 +27,7 @@ impl EnumerateExt for Enumerate { #[trusted] impl Resolve for Enumerate { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { pearlite! { self.iter().resolve() @@ -37,7 +37,7 @@ impl Resolve for Enumerate { impl Invariant for Enumerate { #[open(self)] - #[predicate] + #[predicate(prophetic)] fn invariant(self) -> bool { pearlite! { (forall, i: I> self.iter().produces(s, i) ==> self.n() + s.len() < std::usize::MAX@) @@ -51,13 +51,13 @@ where I: Iterator, { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { exists *inner == self.iter() && ^inner == (^self).iter() && inner.completed() } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { visited.len() == o.n() - self.n() diff --git a/creusot-contracts/src/std/iter/fuse.rs b/creusot-contracts/src/std/iter/fuse.rs index 1893a0a124..2ac534497a 100644 --- a/creusot-contracts/src/std/iter/fuse.rs +++ b/creusot-contracts/src/std/iter/fuse.rs @@ -3,7 +3,7 @@ use crate::{std::iter::Fuse, *}; impl ShallowModel for Fuse { type ShallowModelTy = Option; - #[ghost] + #[logic] #[open(self)] #[trusted] fn shallow_model(self) -> Option { @@ -13,7 +13,7 @@ impl ShallowModel for Fuse { impl Iterator for Fuse { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (self@ == None || exists it.completed() && self@ == Some(*it)) && @@ -22,7 +22,7 @@ impl Iterator for Fuse { } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, prod: Seq, other: Self) -> bool { pearlite! { match self@ { diff --git a/creusot-contracts/src/std/iter/map_inv.rs b/creusot-contracts/src/std/iter/map_inv.rs index 406f74abf7..d71b1cc7e9 100644 --- a/creusot-contracts/src/std/iter/map_inv.rs +++ b/creusot-contracts/src/std/iter/map_inv.rs @@ -10,7 +10,7 @@ impl>) -> B> Iterator for MapInv { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { *(^self).produced == Seq::EMPTY && @@ -31,7 +31,7 @@ impl>) -> B> Iterator fn produces_trans(a: Self, ab: Seq, b: Self, bc: Seq, c: Self) {} #[open] - #[predicate] + #[predicate(prophetic)] #[why3::attr = "inline:trivial"] fn produces(self, visited: Seq, succ: Self) -> bool { pearlite! { @@ -53,7 +53,7 @@ impl>) -> B> Iterator #[trusted] impl Resolve for MapInv { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { self.iter.resolve() && self.func.resolve() } @@ -64,7 +64,7 @@ impl>) -> B> Invariant { // Should not quantify over self or the `invariant` cannot be made into a type invariant #[open(self)] - #[predicate] + #[predicate(prophetic)] fn invariant(self) -> bool { pearlite! { Self::reinitialize() && @@ -107,7 +107,7 @@ impl>) -> B> ::std::iter impl>) -> B> MapInv { #[open] - #[predicate] + #[predicate(prophetic)] pub fn next_precondition(iter: I, func: F, produced: Seq) -> bool { pearlite! { forall @@ -116,7 +116,7 @@ impl>) -> B> MapInv result == Self::preservation(iter, func))] fn preservation_inv(iter: I, func: F, produced: Seq) -> bool { pearlite! { @@ -130,7 +130,7 @@ impl>) -> B> MapInv bool { pearlite! { forall, e1: I::Item, e2: I::Item, f: &mut F, b: B, i: I> @@ -143,7 +143,7 @@ impl>) -> B> MapInv bool { pearlite! { forall @@ -153,7 +153,7 @@ impl>) -> B> MapInv>) -> B> MapInv bool { pearlite! { diff --git a/creusot-contracts/src/std/iter/once.rs b/creusot-contracts/src/std/iter/once.rs index ad96988263..000d18ca89 100644 --- a/creusot-contracts/src/std/iter/once.rs +++ b/creusot-contracts/src/std/iter/once.rs @@ -3,7 +3,7 @@ use crate::{std::iter::Once, *}; impl ShallowModel for Once { type ShallowModelTy = Option; - #[ghost] + #[logic] #[trusted] #[open(self)] fn shallow_model(self) -> Option { @@ -13,7 +13,7 @@ impl ShallowModel for Once { impl Iterator for Once { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (*self)@ == None && self.resolve() } } diff --git a/creusot-contracts/src/std/iter/range.rs b/creusot-contracts/src/std/iter/range.rs index db68337ff0..2a21d42f9e 100644 --- a/creusot-contracts/src/std/iter/range.rs +++ b/creusot-contracts/src/std/iter/range.rs @@ -7,7 +7,7 @@ use crate::{ }; impl + Step> Iterator for Range { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { @@ -40,7 +40,7 @@ impl + Step> Iterator for Range { fn produces_trans(a: Self, ab: Seq, b: Self, bc: Seq, c: Self) {} } -#[ghost] +#[logic] #[open] #[ensures(r.is_empty_log() == (result == 0))] pub fn range_inclusive_len>(r: RangeInclusive) -> Int { @@ -51,7 +51,7 @@ pub fn range_inclusive_len>(r: RangeInclusive< } impl + Step> Iterator for RangeInclusive { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { diff --git a/creusot-contracts/src/std/iter/repeat.rs b/creusot-contracts/src/std/iter/repeat.rs index 2dd172cec5..156c00b34c 100644 --- a/creusot-contracts/src/std/iter/repeat.rs +++ b/creusot-contracts/src/std/iter/repeat.rs @@ -3,7 +3,7 @@ use crate::{std::iter::Repeat, *}; impl ShallowModel for Repeat { type ShallowModelTy = T; - #[ghost] + #[logic] #[trusted] #[open(self)] fn shallow_model(self) -> T { diff --git a/creusot-contracts/src/std/iter/skip.rs b/creusot-contracts/src/std/iter/skip.rs index 830306e384..0c3acd035d 100644 --- a/creusot-contracts/src/std/iter/skip.rs +++ b/creusot-contracts/src/std/iter/skip.rs @@ -1,22 +1,22 @@ use crate::{std::iter::Skip, *}; pub trait SkipExt { - #[ghost] + #[logic] fn iter(self) -> I; - #[ghost] + #[logic] fn n(self) -> Int; } impl SkipExt for Skip { - #[ghost] + #[logic] #[open(self)] #[trusted] fn iter(self) -> I { pearlite! { absurd } } - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result >= 0 && result <= usize::MAX@)] @@ -28,7 +28,7 @@ impl SkipExt for Skip { #[trusted] impl Resolve for Skip { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { pearlite! { self.iter().resolve() @@ -38,7 +38,7 @@ impl Resolve for Skip { impl Iterator for Skip { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (^self).n() == 0 && @@ -52,7 +52,7 @@ impl Iterator for Skip { } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { visited == Seq::EMPTY && self == o || diff --git a/creusot-contracts/src/std/iter/take.rs b/creusot-contracts/src/std/iter/take.rs index f4d7b57185..25d76f10b9 100644 --- a/creusot-contracts/src/std/iter/take.rs +++ b/creusot-contracts/src/std/iter/take.rs @@ -1,25 +1,25 @@ use crate::{std::iter::Take, *}; pub trait TakeExt { - #[ghost] + #[logic] fn iter(self) -> I; - #[ghost] + #[logic] fn iter_mut(&mut self) -> &mut I; - #[ghost] + #[logic] fn n(self) -> Int; } impl TakeExt for Take { - #[ghost] + #[logic] #[trusted] #[open(self)] fn iter(self) -> I { pearlite! { absurd } } - #[ghost] + #[logic] #[trusted] #[open(self)] #[ensures((*self).iter() == *result && (^self).iter() == ^result)] @@ -27,7 +27,7 @@ impl TakeExt for Take { pearlite! { absurd } } - #[ghost] + #[logic] #[trusted] #[open(self)] #[ensures(result >= 0 && result <= usize::MAX@)] @@ -39,7 +39,7 @@ impl TakeExt for Take { #[trusted] impl Resolve for Take { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { pearlite! { self.iter().resolve() @@ -49,7 +49,7 @@ impl Resolve for Take { impl Iterator for Take { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.n() == 0 && self.resolve() || @@ -58,7 +58,7 @@ impl Iterator for Take { } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { self.n() == o.n() + visited.len() && self.iter().produces(visited, o.iter()) diff --git a/creusot-contracts/src/std/iter/zip.rs b/creusot-contracts/src/std/iter/zip.rs index 409f2fa485..a5f1069ad2 100644 --- a/creusot-contracts/src/std/iter/zip.rs +++ b/creusot-contracts/src/std/iter/zip.rs @@ -1,22 +1,22 @@ use crate::{std::iter::Zip, *}; pub trait ZipExt { - #[ghost] + #[logic] fn itera(self) -> A; - #[ghost] + #[logic] fn iterb(self) -> B; } impl ZipExt for Zip { - #[ghost] + #[logic] #[open(self)] #[trusted] fn itera(self) -> A { pearlite! { absurd } } - #[ghost] + #[logic] #[open(self)] #[trusted] fn iterb(self) -> B { @@ -26,7 +26,7 @@ impl ZipExt for Zip { impl Iterator for Zip { #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { exists @@ -39,7 +39,7 @@ impl Iterator for Zip { } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { // Using an `unzip` definition doesn't work well because of issues related to datatypes and `match` diff --git a/creusot-contracts/src/std/num.rs b/creusot-contracts/src/std/num.rs index 6ea805cfae..5eadb2b86d 100644 --- a/creusot-contracts/src/std/num.rs +++ b/creusot-contracts/src/std/num.rs @@ -5,7 +5,7 @@ macro_rules! mach_int { ($t:ty, $ty_nm:expr, $zero:expr) => { impl ShallowModel for $t { type ShallowModelTy = Int; - #[ghost] + #[logic] #[open] #[trusted] #[creusot::builtins = concat!($ty_nm, ".to_int")] @@ -16,7 +16,7 @@ macro_rules! mach_int { impl DeepModel for $t { type DeepModelTy = Int; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { pearlite! { self@ } diff --git a/creusot-contracts/src/std/ops.rs b/creusot-contracts/src/std/ops.rs index e07157388d..d4c0912267 100644 --- a/creusot-contracts/src/std/ops.rs +++ b/creusot-contracts/src/std/ops.rs @@ -172,13 +172,13 @@ extern_spec! { } pub trait RangeInclusiveExt { - #[ghost] + #[logic] fn start_log(self) -> Idx; - #[ghost] + #[logic] fn end_log(self) -> Idx; - #[ghost] + #[logic] fn is_empty_log(self) -> bool where Idx: DeepModel, @@ -187,21 +187,21 @@ pub trait RangeInclusiveExt { impl RangeInclusiveExt for RangeInclusive { #[open(self)] - #[ghost] + #[logic] #[trusted] fn start_log(self) -> Idx { pearlite! { absurd } } #[open(self)] - #[ghost] + #[logic] #[trusted] fn end_log(self) -> Idx { pearlite! { absurd } } #[open(self)] - #[ghost] + #[logic] #[trusted] #[ensures(!result ==> self.start_log().deep_model() <= self.end_log().deep_model())] fn is_empty_log(self) -> bool diff --git a/creusot-contracts/src/std/option.rs b/creusot-contracts/src/std/option.rs index 3470d856f4..accd4a752f 100644 --- a/creusot-contracts/src/std/option.rs +++ b/creusot-contracts/src/std/option.rs @@ -4,7 +4,7 @@ pub use ::std::option::*; impl DeepModel for Option { type DeepModelTy = Option; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { match self { @@ -137,7 +137,7 @@ impl ShallowModel for IntoIter { type ShallowModelTy = Option; #[open(self)] - #[ghost] + #[logic] #[trusted] fn shallow_model(self) -> Option { pearlite! { absurd } @@ -145,7 +145,7 @@ impl ShallowModel for IntoIter { } impl Iterator for IntoIter { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { (*self)@ == None && self.resolve() } @@ -191,7 +191,7 @@ impl<'a, T> ShallowModel for Iter<'a, T> { type ShallowModelTy = Option<&'a T>; #[open(self)] - #[ghost] + #[logic] #[trusted] fn shallow_model(self) -> Option<&'a T> { pearlite! { absurd } @@ -199,7 +199,7 @@ impl<'a, T> ShallowModel for Iter<'a, T> { } impl<'a, T> Iterator for Iter<'a, T> { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { (*self)@ == None && self.resolve() } @@ -247,7 +247,7 @@ impl<'a, T> IntoIterator for &'a Option { impl<'a, T> ShallowModel for IterMut<'a, T> { type ShallowModelTy = Option<&'a mut T>; - #[ghost] + #[logic] #[open(self)] #[trusted] fn shallow_model(self) -> Option<&'a mut T> { @@ -256,7 +256,7 @@ impl<'a, T> ShallowModel for IterMut<'a, T> { } impl<'a, T> Iterator for IterMut<'a, T> { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { (*self)@ == None && self.resolve() } @@ -291,7 +291,7 @@ impl<'a, T> IntoIterator for &'a mut Option { pearlite! { true } } - #[predicate] + #[predicate(prophetic)] #[open] fn into_iter_post(self, res: Self::IntoIter) -> bool { pearlite! { diff --git a/creusot-contracts/src/std/result.rs b/creusot-contracts/src/std/result.rs index 9fd665d826..0a746d8f4b 100644 --- a/creusot-contracts/src/std/result.rs +++ b/creusot-contracts/src/std/result.rs @@ -5,7 +5,7 @@ use ::std::fmt::Debug; impl DeepModel for Result { type DeepModelTy = Result; - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { match self { diff --git a/creusot-contracts/src/std/slice.rs b/creusot-contracts/src/std/slice.rs index 96ecb87765..a1d67f0e7b 100644 --- a/creusot-contracts/src/std/slice.rs +++ b/creusot-contracts/src/std/slice.rs @@ -11,7 +11,7 @@ impl ShallowModel for [T] { type ShallowModelTy = Seq; // We define this as trusted because builtins and ensures are incompatible - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result.len() <= usize::MAX@)] @@ -24,7 +24,7 @@ impl ShallowModel for [T] { impl DeepModel for [T] { type DeepModelTy = Seq; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures((&self)@.len() == result.len())] @@ -34,14 +34,14 @@ impl DeepModel for [T] { } } -#[ghost] +#[logic] #[trusted] #[creusot::builtins = "prelude.Slice.id"] fn slice_model(_: &[T]) -> Seq { pearlite! { absurd } } -#[ghost] +#[logic] #[open] #[rustc_diagnostic_item = "slice_len_logic"] pub fn slice_len(x: [T]) -> Int { @@ -50,7 +50,7 @@ pub fn slice_len(x: [T]) -> Int { impl Default for &mut [T] { #[open] - #[predicate] + #[predicate(prophetic)] fn is_default(self) -> bool { pearlite! { self@ == Seq::EMPTY && (^self)@ == Seq::EMPTY } } @@ -65,15 +65,15 @@ impl Default for &[T] { } pub trait SliceExt { - #[ghost] + #[logic] fn to_mut_seq(&mut self) -> Seq<&mut T>; - #[ghost] + #[logic] fn to_ref_seq(&self) -> Seq<&T>; } impl SliceExt for [T] { - #[ghost] + #[logic] #[trusted] #[open(self)] #[ensures(result.len() == self@.len())] @@ -83,7 +83,7 @@ impl SliceExt for [T] { pearlite! { absurd } } - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result.len() == self@.len())] @@ -364,7 +364,7 @@ impl IntoIterator for &mut [T] { impl<'a, T> ShallowModel for Iter<'a, T> { type ShallowModelTy = &'a [T]; - #[ghost] + #[logic] #[open(self)] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { @@ -373,7 +373,7 @@ impl<'a, T> ShallowModel for Iter<'a, T> { } impl<'a, T> Iterator for Iter<'a, T> { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { self.resolve() && (*self@)@ == Seq::EMPTY } @@ -403,7 +403,7 @@ impl<'a, T> Iterator for Iter<'a, T> { impl<'a, T> ShallowModel for IterMut<'a, T> { type ShallowModelTy = &'a mut [T]; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures((^result)@.len() == (*result)@.len())] @@ -414,7 +414,7 @@ impl<'a, T> ShallowModel for IterMut<'a, T> { #[trusted] impl<'a, T> Resolve for IterMut<'a, T> { - #[predicate] + #[predicate(prophetic)] #[open] fn resolve(self) -> bool { pearlite! { *self@ == ^self@ } @@ -422,7 +422,7 @@ impl<'a, T> Resolve for IterMut<'a, T> { } impl<'a, T> Iterator for IterMut<'a, T> { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { self.resolve() && (*self@)@ == Seq::EMPTY } diff --git a/creusot-contracts/src/std/time.rs b/creusot-contracts/src/std/time.rs index 3178c16e9c..6b087f06b6 100644 --- a/creusot-contracts/src/std/time.rs +++ b/creusot-contracts/src/std/time.rs @@ -7,7 +7,7 @@ pub use ::std::{ impl ShallowModel for Duration { type ShallowModelTy = Int; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result >= 0 && result <= secs_to_nanos(u64::MAX@) + 999_999_999)] @@ -19,7 +19,7 @@ impl ShallowModel for Duration { impl DeepModel for Duration { type DeepModelTy = Int; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result >= 0 && result <= secs_to_nanos(u64::MAX@) + 999_999_999)] @@ -29,21 +29,21 @@ impl DeepModel for Duration { } } -#[ghost] +#[logic] fn nanos_to_micros(nanos: Int) -> Int { nanos / 1_000 } -#[ghost] +#[logic] fn nanos_to_millis(nanos: Int) -> Int { nanos / 1_000_000 } -#[ghost] +#[logic] fn nanos_to_secs(nanos: Int) -> Int { nanos / 1_000_000_000 } -#[ghost] +#[logic] fn secs_to_nanos(secs: Int) -> Int { secs * 1_000_000_000 } @@ -51,7 +51,7 @@ fn secs_to_nanos(secs: Int) -> Int { impl ShallowModel for Instant { type ShallowModelTy = Int; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result >= 0)] @@ -63,7 +63,7 @@ impl ShallowModel for Instant { impl DeepModel for Instant { type DeepModelTy = Int; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(result >= 0)] diff --git a/creusot-contracts/src/std/tuples.rs b/creusot-contracts/src/std/tuples.rs index 74d29bdf97..0aa1ed6c60 100644 --- a/creusot-contracts/src/std/tuples.rs +++ b/creusot-contracts/src/std/tuples.rs @@ -3,7 +3,7 @@ use crate::{Default, *}; impl DeepModel for () { type DeepModelTy = (); - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { pearlite! { () } @@ -23,7 +23,7 @@ macro_rules! tuple_impls { impl<$($name: DeepModel),+> DeepModel for ($($name,)+) { type DeepModelTy = ($($name::DeepModelTy,)+); - #[ghost] + #[logic] #[open] fn deep_model(self) -> Self::DeepModelTy { pearlite! { ($(self.$idx.deep_model(),)+) } @@ -31,7 +31,7 @@ macro_rules! tuple_impls { } impl<$($name: Default),+> Default for ($($name,)+) { - #[predicate] + #[predicate(prophetic)] #[open] fn is_default(self) -> bool { pearlite! { $(self.$idx.is_default())&&+ } diff --git a/creusot-contracts/src/std/vec.rs b/creusot-contracts/src/std/vec.rs index b2251ecaa4..efacdeaa04 100644 --- a/creusot-contracts/src/std/vec.rs +++ b/creusot-contracts/src/std/vec.rs @@ -13,7 +13,7 @@ impl ShallowModel for Vec { type ShallowModelTy = Seq; #[open(self)] - #[ghost] + #[logic] #[trusted] #[ensures(result.len() <= usize::MAX@)] fn shallow_model(self) -> Seq { @@ -24,7 +24,7 @@ impl ShallowModel for Vec { impl DeepModel for Vec { type DeepModelTy = Seq; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures(self.shallow_model().len() == result.len())] @@ -45,7 +45,7 @@ impl Default for Vec { #[trusted] impl Resolve for Vec { - #[predicate] + #[predicate(prophetic)] #[open] fn resolve(self) -> bool { pearlite! { forall 0 <= i && i < self@.len() ==> self[i].resolve() } @@ -207,7 +207,7 @@ impl ShallowModel for std::vec::IntoIter { type ShallowModelTy = Seq; #[open(self)] - #[ghost] + #[logic] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { absurd @@ -216,7 +216,7 @@ impl ShallowModel for std::vec::IntoIter { #[trusted] impl Resolve for std::vec::IntoIter { - #[predicate] + #[predicate(prophetic)] #[open] fn resolve(self) -> bool { pearlite! { forall 0 <= i && i < self@.len() ==> self@[i].resolve() } @@ -224,7 +224,7 @@ impl Resolve for std::vec::IntoIter { } impl Iterator for std::vec::IntoIter { - #[predicate] + #[predicate(prophetic)] #[open] fn completed(&mut self) -> bool { pearlite! { self.resolve() && self@ == Seq::EMPTY } diff --git a/creusot-contracts/src/util.rs b/creusot-contracts/src/util.rs index a719a9cb15..da7ea0126d 100644 --- a/creusot-contracts/src/util.rs +++ b/creusot-contracts/src/util.rs @@ -3,14 +3,14 @@ use crate::*; pub type SizedW = Box; pub trait MakeSized { - #[ghost] + #[logic] #[why3::attr = "inline:trivial"] fn make_sized(&self) -> SizedW; } impl MakeSized for T { #[trusted] - #[ghost] + #[logic] #[open(self)] #[ensures(*result == *self)] fn make_sized(&self) -> SizedW { @@ -19,7 +19,7 @@ impl MakeSized for T { } #[allow(unconditional_recursion)] -#[ghost] +#[logic] #[open(self)] #[requires(false)] #[ensures(false)] @@ -28,7 +28,7 @@ pub fn unreachable() -> T { unreachable() } -#[ghost] +#[logic] #[open(self)] #[requires(op != None)] #[ensures(Some(result) == op)] diff --git a/creusot/src/backend.rs b/creusot/src/backend.rs index 71ffbf4434..f04ad83442 100644 --- a/creusot/src/backend.rs +++ b/creusot/src/backend.rs @@ -140,9 +140,8 @@ impl<'tcx> Why3Generator<'tcx> { self.finish(def_id); } } - ItemType::Ghost - | ItemType::Logic - | ItemType::Predicate + ItemType::Logic { .. } + | ItemType::Predicate { .. } | ItemType::Program | ItemType::Closure => { self.start(def_id); @@ -200,7 +199,7 @@ impl<'tcx> Why3Generator<'tcx> { } let translated = match util::item_type(self.tcx, def_id) { - ItemType::Ghost | ItemType::Logic | ItemType::Predicate => { + ItemType::Logic { .. } | ItemType::Predicate { .. } => { debug!("translating {:?} as logical", def_id); let (proof_modl, deps) = logic::translate_logic_or_predicate(self, def_id); self.dependencies.insert(def_id.into(), deps); @@ -340,7 +339,7 @@ impl<'tcx> Why3Generator<'tcx> { fn is_logical(&self, item: DefId) -> bool { matches!( util::item_type(self.tcx, item), - ItemType::Logic | ItemType::Predicate | ItemType::Ghost + ItemType::Logic { .. } | ItemType::Predicate { .. } ) } diff --git a/creusot/src/backend/logic.rs b/creusot/src/backend/logic.rs index 54149df259..f12938d782 100644 --- a/creusot/src/backend/logic.rs +++ b/creusot/src/backend/logic.rs @@ -334,11 +334,11 @@ fn proof_module(ctx: &mut Why3Generator, def_id: DefId) -> Option { decls.extend(clones); let kind = match util::item_type(ctx.tcx, def_id) { - ItemType::Predicate => { + ItemType::Predicate { .. } => { sig.retty = None; Some(LetKind::Predicate) } - ItemType::Ghost | ItemType::Logic => Some(LetKind::Function), + ItemType::Logic { .. } => Some(LetKind::Function), _ => unreachable!(), }; diff --git a/creusot/src/backend/ty.rs b/creusot/src/backend/ty.rs index ae04467845..3d981be8b3 100644 --- a/creusot/src/backend/ty.rs +++ b/creusot/src/backend/ty.rs @@ -156,7 +156,7 @@ fn translate_ty_inner<'tcx, N: Namer<'tcx>>( Closure(id, subst) => { ctx.translate(*id); - if util::is_ghost(ctx.tcx, *id) { + if util::is_logic(ctx.tcx, *id) { return MlT::Tuple(Vec::new()); } diff --git a/creusot/src/ctx.rs b/creusot/src/ctx.rs index b38cb6749e..69832951a8 100644 --- a/creusot/src/ctx.rs +++ b/creusot/src/ctx.rs @@ -318,7 +318,7 @@ impl<'tcx, 'sess> TranslationCtx<'tcx> { fn mk_opacity(&self, item: DefId) -> Opacity { if !matches!( util::item_type(self.tcx, item), - ItemType::Predicate | ItemType::Logic | ItemType::Ghost + ItemType::Predicate { .. } | ItemType::Logic { .. } ) { return Opacity(Visibility::Public); }; diff --git a/creusot/src/translation.rs b/creusot/src/translation.rs index 2c5c35eb61..eb7886735a 100644 --- a/creusot/src/translation.rs +++ b/creusot/src/translation.rs @@ -34,7 +34,6 @@ pub(crate) fn before_analysis(ctx: &mut TranslationCtx) -> Result<(), Box bool { #[derive(Clone, Copy, PartialEq, Eq, Debug)] pub(crate) enum Purity { Program, - Ghost, - Logic, + Logic { prophetic: bool }, } impl Purity { pub(crate) fn of_def_id<'tcx>(tcx: TyCtxt<'tcx>, def_id: DefId) -> Self { let is_snapshot = util::is_snapshot_closure(tcx, def_id); - if util::is_predicate(tcx, def_id) - || util::is_logic(tcx, def_id) + if (util::is_predicate(tcx, def_id) && util::is_prophetic(tcx, def_id)) + || (util::is_logic(tcx, def_id) && util::is_prophetic(tcx, def_id)) || (util::is_spec(tcx, def_id) && !is_snapshot) { - Purity::Logic - } else if util::is_ghost(tcx, def_id) || is_snapshot { - Purity::Ghost + Purity::Logic { prophetic: true } + } else if util::is_predicate(tcx, def_id) || util::is_logic(tcx, def_id) || is_snapshot { + Purity::Logic { prophetic: false } } else { Purity::Program } @@ -329,12 +328,22 @@ impl Purity { fn can_call(self, other: Purity) -> bool { match (self, other) { - (Purity::Logic, Purity::Ghost) => true, + (Purity::Logic { prophetic: true }, Purity::Logic { prophetic: false }) => true, (ctx, call) => ctx == call, } } } +impl std::fmt::Display for Purity { + fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result { + f.write_str(match self { + Purity::Program => "program", + Purity::Logic { prophetic: false } => "logic", + Purity::Logic { prophetic: true } => "prophetic logic", + }) + } +} + pub(crate) struct PurityVisitor<'a, 'tcx> { pub(crate) tcx: TyCtxt<'tcx>, pub(crate) thir: &'a Thir<'tcx>, @@ -346,15 +355,16 @@ impl<'a, 'tcx> PurityVisitor<'a, 'tcx> { let stub = pearlite_stub(self.tcx, self.thir[fun].ty); if matches!(stub, Some(Stub::Fin)) - || util::is_predicate(self.tcx, func_did) - || util::is_logic(self.tcx, func_did) + || (util::is_predicate(self.tcx, func_did) && util::is_prophetic(self.tcx, func_did)) + || (util::is_logic(self.tcx, func_did) && util::is_prophetic(self.tcx, func_did)) { - Purity::Logic - } else if util::is_ghost(self.tcx, func_did) + Purity::Logic { prophetic: true } + } else if util::is_predicate(self.tcx, func_did) + || util::is_logic(self.tcx, func_did) || util::get_builtin(self.tcx, func_did).is_some() || stub.is_some() { - Purity::Ghost + Purity::Logic { prophetic: false } } else { Purity::Program } @@ -373,11 +383,13 @@ impl<'a, 'tcx> thir::visit::Visitor<'a, 'tcx> for PurityVisitor<'a, 'tcx> { let fn_purity = self.purity(fun, func_did); if !self.context.can_call(fn_purity) && !is_overloaded_item(self.tcx, func_did) { - let msg = - format!("called {fn_purity:?} function in {:?} context", self.context); self.tcx.sess.span_err_with_code( self.thir[fun].span, - format!("{} {:?}", msg, self.tcx.def_path_str(func_did)), + format!( + "called {fn_purity} function {:?} in {} context", + self.tcx.def_path_str(func_did), + self.context, + ), rustc_errors::DiagnosticId::Error(String::from("creusot")), ); } diff --git a/creusot/src/util.rs b/creusot/src/util.rs index dc81964b52..808a5dad66 100644 --- a/creusot/src/util.rs +++ b/creusot/src/util.rs @@ -35,10 +35,7 @@ use why3::{ }; pub(crate) fn no_mir(tcx: TyCtxt, def_id: DefId) -> bool { - crate::util::is_no_translate(tcx, def_id) - || crate::util::is_ghost(tcx, def_id) - || crate::util::is_predicate(tcx, def_id) - || crate::util::is_logic(tcx, def_id) + is_no_translate(tcx, def_id) || is_predicate(tcx, def_id) || is_logic(tcx, def_id) } pub(crate) fn is_no_translate(tcx: TyCtxt, def_id: DefId) -> bool { @@ -90,12 +87,12 @@ pub(crate) fn is_logic(tcx: TyCtxt, def_id: DefId) -> bool { get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "logic"]).is_some() } -pub(crate) fn is_predicate(tcx: TyCtxt, def_id: DefId) -> bool { - get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "predicate"]).is_some() +pub(crate) fn is_prophetic(tcx: TyCtxt, def_id: DefId) -> bool { + get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "logic", "prophetic"]).is_some() } -pub(crate) fn is_ghost(tcx: TyCtxt, def_id: DefId) -> bool { - get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "ghost"]).is_some() +pub(crate) fn is_predicate(tcx: TyCtxt, def_id: DefId) -> bool { + get_attr(tcx.get_attrs_unchecked(def_id), &["creusot", "decl", "predicate"]).is_some() } pub(crate) fn is_trusted(tcx: TyCtxt, def_id: DefId) -> bool { @@ -180,7 +177,7 @@ pub(crate) fn has_body(ctx: &mut TranslationCtx, def_id: DefId) -> bool { ctx.tcx.hir().maybe_body_owned_by(local_id).is_some() } else { match item_type(ctx.tcx, def_id) { - ItemType::Ghost | ItemType::Logic | ItemType::Predicate => ctx.term(def_id).is_some(), + ItemType::Logic { .. } | ItemType::Predicate { .. } => ctx.term(def_id).is_some(), _ => false, } } @@ -296,9 +293,8 @@ fn ident_path(tcx: TyCtxt, def_id: DefId) -> Ident { #[derive(Clone, Copy, Debug, PartialEq, Eq)] pub enum ItemType { - Logic, - Predicate, - Ghost, + Logic { prophetic: bool }, + Predicate { prophetic: bool }, Program, Closure, Trait, @@ -312,8 +308,8 @@ pub enum ItemType { impl ItemType { pub(crate) fn let_kind(&self) -> Option { match self { - ItemType::Logic | ItemType::Ghost => Some(LetKind::Function), - ItemType::Predicate => Some(LetKind::Predicate), + ItemType::Logic { .. } => Some(LetKind::Function), + ItemType::Predicate { .. } => Some(LetKind::Predicate), ItemType::Program | ItemType::Closure => None, ItemType::Constant => Some(LetKind::Constant), _ => None, @@ -322,10 +318,10 @@ impl ItemType { pub(crate) fn val(&self, mut sig: Signature) -> ValDecl { match self { - ItemType::Logic | ItemType::Ghost => { + ItemType::Logic { .. } => { ValDecl { sig, ghost: false, val: false, kind: Some(LetKind::Function) } } - ItemType::Predicate => { + ItemType::Predicate { .. } => { sig.retty = None; ValDecl { sig, ghost: false, val: false, kind: Some(LetKind::Predicate) } } @@ -341,9 +337,10 @@ impl ItemType { pub(crate) fn to_str(&self) -> &str { match self { - ItemType::Logic => "logic function", - ItemType::Predicate => "predicate", - ItemType::Ghost => "ghost function", + ItemType::Logic { prophetic: false } => "logic function", + ItemType::Logic { prophetic: true } => "prophetic logic function", + ItemType::Predicate { prophetic: false } => "predicate", + ItemType::Predicate { prophetic: true } => "prophetic predicate", ItemType::Program => "program function", ItemType::Closure => "closure", ItemType::Trait => "trait declaration", @@ -354,6 +351,16 @@ impl ItemType { ItemType::Unsupported(_) => "[OTHER]", } } + + pub(crate) fn can_implement(self, trait_type: Self) -> bool { + match (self, trait_type) { + (ItemType::Logic { prophetic: false }, ItemType::Logic { prophetic: true }) => true, + (ItemType::Predicate { prophetic: false }, ItemType::Predicate { prophetic: true }) => { + true + } + _ => self == trait_type, + } + } } pub(crate) fn item_type(tcx: TyCtxt<'_>, def_id: DefId) -> ItemType { @@ -362,11 +369,9 @@ pub(crate) fn item_type(tcx: TyCtxt<'_>, def_id: DefId) -> ItemType { DefKind::Impl { .. } => ItemType::Impl, DefKind::Fn | DefKind::AssocFn => { if is_predicate(tcx, def_id) { - ItemType::Predicate - } else if is_ghost(tcx, def_id) { - ItemType::Ghost + ItemType::Predicate { prophetic: is_prophetic(tcx, def_id) } } else if is_logic(tcx, def_id) { - ItemType::Logic + ItemType::Logic { prophetic: is_prophetic(tcx, def_id) } } else { ItemType::Program } @@ -522,7 +527,7 @@ fn elaborate_type_invariants<'tcx>( ) { if is_user_tyinv(ctx.tcx, def_id) || is_inv_internal(ctx.tcx, def_id) - || (is_predicate(ctx.tcx, def_id) || is_ghost(ctx.tcx, def_id) || is_logic(ctx.tcx, def_id)) + || (is_predicate(ctx.tcx, def_id) || is_logic(ctx.tcx, def_id)) && pre_sig.contract.ensures.is_empty() { return; diff --git a/creusot/src/validate.rs b/creusot/src/validate.rs index d57a5e7a47..895efe5283 100644 --- a/creusot/src/validate.rs +++ b/creusot/src/validate.rs @@ -132,18 +132,15 @@ pub(crate) fn validate_impls(ctx: &TranslationCtx) { continue; }; - if util::item_type(ctx.tcx, *trait_item) != util::item_type(ctx.tcx, *impl_item) { - eprintln!( - "{:?} != {:?}", - util::item_type(ctx.tcx, *trait_item), - util::item_type(ctx.tcx, *impl_item) - ); + let item_type = util::item_type(ctx.tcx, *impl_item); + let trait_type = util::item_type(ctx.tcx, *trait_item); + if !item_type.can_implement(trait_type) { ctx.error( ctx.def_span(impl_item), &format!( "Expected `{}` to be a {} as specified by the trait declaration", ctx.item_name(*impl_item), - util::item_type(ctx.tcx, *impl_item).to_str() + trait_type.to_str() ), ) .emit(); From 04ef3b24aa19c33de48b617fec3c7c998277d340 Mon Sep 17 00:00:00 2001 From: arnaudgolfouse Date: Mon, 26 Feb 2024 14:57:32 +0100 Subject: [PATCH 24/66] Update tests --- creusot/tests/should_fail/bad_law.stderr | 3 +- creusot/tests/should_fail/bug/222.rs | 4 +- creusot/tests/should_fail/bug/436_0.rs | 8 +- creusot/tests/should_fail/bug/436_0.stderr | 10 +- creusot/tests/should_fail/bug/436_1.rs | 6 +- creusot/tests/should_fail/bug/436_1.stderr | 10 +- creusot/tests/should_fail/bug/436_2.rs | 4 +- creusot/tests/should_fail/bug/436_2.stderr | 6 +- creusot/tests/should_fail/bug/869.mlcfg | 74 +- creusot/tests/should_fail/bug/869.rs | 12 +- .../tests/should_fail/bug/borrowed_ghost.rs | 8 +- .../should_fail/bug/borrowed_ghost.stderr | 6 +- .../should_fail/builtin_with_contract.rs | 2 +- creusot/tests/should_fail/ghost_mapping.rs | 8 +- .../tests/should_fail/ghost_mapping.stderr | 4 +- creusot/tests/should_fail/impure_functions.rs | 2 +- .../tests/should_fail/impure_functions.stderr | 4 +- .../tests/should_fail/logic_ghost_impl.stderr | 9 - ..._ghost_impl.rs => logic_prophetic_impl.rs} | 2 +- .../should_fail/logic_prophetic_impl.stderr | 8 + .../trait_item_types_mismatch.stderr | 3 +- .../should_fail/traits/17_impl_refinement.rs | 4 +- creusot/tests/should_succeed/100doors.mlcfg | 30 +- creusot/tests/should_succeed/all_zero.mlcfg | 14 +- creusot/tests/should_succeed/all_zero.rs | 6 +- creusot/tests/should_succeed/bdd.mlcfg | 132 ++-- creusot/tests/should_succeed/bdd.rs | 42 +- creusot/tests/should_succeed/binary_search.rs | 6 +- creusot/tests/should_succeed/bug/181_ident.rs | 2 +- creusot/tests/should_succeed/bug/206.rs | 4 +- creusot/tests/should_succeed/bug/217.rs | 2 +- creusot/tests/should_succeed/bug/265.rs | 4 +- creusot/tests/should_succeed/bug/269.rs | 2 +- creusot/tests/should_succeed/bug/564.rs | 6 +- creusot/tests/should_succeed/bug/570.rs | 2 +- creusot/tests/should_succeed/bug/594.rs | 2 +- creusot/tests/should_succeed/bug/682.mlcfg | 12 +- creusot/tests/should_succeed/bug/682.rs | 2 +- creusot/tests/should_succeed/bug/768.rs | 2 +- creusot/tests/should_succeed/bug/797.rs | 2 +- creusot/tests/should_succeed/bug/874.mlcfg | 6 +- creusot/tests/should_succeed/bug/pure_neq.rs | 2 +- creusot/tests/should_succeed/cell/02.mlcfg | 14 +- creusot/tests/should_succeed/cell/02.rs | 10 +- creusot/tests/should_succeed/clones/02.rs | 4 +- creusot/tests/should_succeed/clones/03.rs | 2 +- creusot/tests/should_succeed/clones/04.rs | 6 +- .../tests/should_succeed/filter_positive.rs | 6 +- creusot/tests/should_succeed/hashmap.mlcfg | 110 +-- creusot/tests/should_succeed/hashmap.rs | 18 +- .../should_succeed/heapsort_generic.mlcfg | 66 +- .../tests/should_succeed/heapsort_generic.rs | 8 +- creusot/tests/should_succeed/hillel.mlcfg | 312 +++++---- creusot/tests/should_succeed/hillel.rs | 24 +- .../inplace_list_reversal.mlcfg | 26 +- .../should_succeed/inplace_list_reversal.rs | 4 +- creusot/tests/should_succeed/ite_normalize.rs | 2 +- .../should_succeed/iterators/01_range.mlcfg | 32 +- .../should_succeed/iterators/01_range.rs | 8 +- .../iterators/02_iter_mut.mlcfg | 39 +- .../should_succeed/iterators/02_iter_mut.rs | 12 +- .../iterators/03_std_iterators.mlcfg | 342 ++++----- .../iterators/03_std_iterators.rs | 2 +- .../should_succeed/iterators/04_skip.mlcfg | 68 +- .../tests/should_succeed/iterators/04_skip.rs | 10 +- .../should_succeed/iterators/05_map.mlcfg | 12 +- .../tests/should_succeed/iterators/05_map.rs | 18 +- .../iterators/06_map_precond.mlcfg | 663 +++++++++--------- .../iterators/06_map_precond.rs | 62 +- .../tests/should_succeed/iterators/07_fuse.rs | 4 +- .../iterators/08_collect_extend.mlcfg | 183 ++--- .../iterators/08_collect_extend.rs | 6 +- .../should_succeed/iterators/09_empty.rs | 2 +- .../tests/should_succeed/iterators/10_once.rs | 2 +- .../tests/should_succeed/iterators/12_zip.rs | 4 +- .../should_succeed/iterators/13_cloned.rs | 4 +- .../should_succeed/iterators/14_copied.rs | 4 +- .../should_succeed/iterators/15_enumerate.rs | 6 +- .../tests/should_succeed/iterators/16_take.rs | 4 +- .../tests/should_succeed/iterators/common.rs | 4 +- creusot/tests/should_succeed/knapsack.rs | 2 +- .../tests/should_succeed/knapsack_full.mlcfg | 60 +- creusot/tests/should_succeed/knapsack_full.rs | 6 +- .../tests/should_succeed/lang/assoc_type.rs | 2 +- .../tests/should_succeed/list_index_mut.mlcfg | 32 +- .../tests/should_succeed/list_index_mut.rs | 8 +- .../should_succeed/list_reversal_lasso.mlcfg | 138 ++-- .../should_succeed/list_reversal_lasso.rs | 30 +- .../tests/should_succeed/mapping_test.mlcfg | 18 +- creusot/tests/should_succeed/mapping_test.rs | 4 +- creusot/tests/should_succeed/mutex.mlcfg | 24 +- creusot/tests/should_succeed/mutex.rs | 8 +- .../tests/should_succeed/red_black_tree.mlcfg | 194 ++--- .../tests/should_succeed/red_black_tree.rs | 44 +- creusot/tests/should_succeed/result/own.rs | 2 +- .../rusthorn/inc_max_repeat.mlcfg | 34 +- .../rusthorn/inc_some_2_list.mlcfg | 8 +- .../rusthorn/inc_some_2_list.rs | 6 +- .../rusthorn/inc_some_2_tree.rs | 4 +- .../rusthorn/inc_some_list.mlcfg | 8 +- .../should_succeed/rusthorn/inc_some_list.rs | 6 +- .../should_succeed/rusthorn/inc_some_tree.rs | 4 +- .../selection_sort_generic.mlcfg | 91 +-- .../should_succeed/selection_sort_generic.rs | 2 +- .../tests/should_succeed/sparse_array.mlcfg | 12 +- creusot/tests/should_succeed/sparse_array.rs | 8 +- .../specification/logic_call.rs | 2 +- .../specification/logic_functions.rs | 10 +- .../should_succeed/specification/model.rs | 4 +- creusot/tests/should_succeed/sum.mlcfg | 34 +- .../tests/should_succeed/sum_of_odds.mlcfg | 34 +- creusot/tests/should_succeed/sum_of_odds.rs | 6 +- .../should_succeed/syntax/02_operators.rs | 18 +- .../should_succeed/syntax/05_pearlite.mlcfg | 28 +- .../should_succeed/syntax/05_pearlite.rs | 30 +- .../syntax/06_logic_function_contracts.rs | 2 +- .../tests/should_succeed/syntax/08_const.rs | 2 +- .../should_succeed/syntax/12_ghost_code.mlcfg | 88 +-- .../should_succeed/syntax/12_ghost_code.rs | 22 +- .../should_succeed/syntax/13_vec_macro.mlcfg | 2 +- .../should_succeed/syntax/derive_macros.rs | 4 +- creusot/tests/should_succeed/traits/08.rs | 2 +- creusot/tests/should_succeed/traits/11.rs | 2 +- .../traits/12_default_method.rs | 2 +- .../traits/14_assoc_in_logic.rs | 4 +- .../traits/15_impl_interfaces.rs | 2 +- .../should_succeed/traits/16_impl_cloning.rs | 2 +- .../should_succeed/traits/18_trait_laws.rs | 8 +- creusot/tests/should_succeed/vector/01.mlcfg | 48 +- creusot/tests/should_succeed/vector/01.rs | 2 +- .../should_succeed/vector/02_gnome.mlcfg | 31 +- .../tests/should_succeed/vector/02_gnome.rs | 2 +- .../vector/03_knuth_shuffle.mlcfg | 59 +- .../should_succeed/vector/03_knuth_shuffle.rs | 2 +- .../vector/06_knights_tour.mlcfg | 180 ++--- .../should_succeed/vector/06_knights_tour.rs | 4 +- .../should_succeed/vector/08_haystack.mlcfg | 60 +- 137 files changed, 2023 insertions(+), 2008 deletions(-) delete mode 100644 creusot/tests/should_fail/logic_ghost_impl.stderr rename creusot/tests/should_fail/{logic_ghost_impl.rs => logic_prophetic_impl.rs} (85%) create mode 100644 creusot/tests/should_fail/logic_prophetic_impl.stderr diff --git a/creusot/tests/should_fail/bad_law.stderr b/creusot/tests/should_fail/bad_law.stderr index 0fa9046af0..0c45878833 100644 --- a/creusot/tests/should_fail/bad_law.stderr +++ b/creusot/tests/should_fail/bad_law.stderr @@ -4,8 +4,7 @@ error[creusot]: Laws cannot have additional generic parameters 6 | fn my_law(x: T); | ^^^^^^^^^^^^^^^^^^^ -Logic != Program -error[creusot]: Expected `my_law` to be a program function as specified by the trait declaration +error[creusot]: Expected `my_law` to be a logic function as specified by the trait declaration --> bad_law.rs:10:5 | 10 | fn my_law(_: T) {} diff --git a/creusot/tests/should_fail/bug/222.rs b/creusot/tests/should_fail/bug/222.rs index 26d339bc30..09688138ff 100644 --- a/creusot/tests/should_fail/bug/222.rs +++ b/creusot/tests/should_fail/bug/222.rs @@ -3,7 +3,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Int, *}; trait A { - #[ghost] + #[logic] fn mktrue() -> Int { pearlite! { 5 } } @@ -17,7 +17,7 @@ trait A { } impl A for () { - #[ghost] + #[logic] fn mktrue() -> Int { pearlite! { 6 } } diff --git a/creusot/tests/should_fail/bug/436_0.rs b/creusot/tests/should_fail/bug/436_0.rs index a2eb958c4b..1fa6e050af 100644 --- a/creusot/tests/should_fail/bug/436_0.rs +++ b/creusot/tests/should_fail/bug/436_0.rs @@ -2,16 +2,16 @@ extern crate creusot_contracts; use creusot_contracts::*; struct S { - g: Ghost, + g: Snapshot, } -#[ghost] +#[logic(prophetic)] fn prophecy(x: &mut S) -> i32 { pearlite! { *(^x).g } } pub fn f() { - let b = &mut S { g: gh! { 1i32 } }; - b.g = gh! { prophecy(b) + 1i32 }; + let b = &mut S { g: snapshot! { 1i32 } }; + b.g = snapshot! { prophecy(b) + 1i32 }; proof_assert! { false } } diff --git a/creusot/tests/should_fail/bug/436_0.stderr b/creusot/tests/should_fail/bug/436_0.stderr index 180377c7a3..4154f9c419 100644 --- a/creusot/tests/should_fail/bug/436_0.stderr +++ b/creusot/tests/should_fail/bug/436_0.stderr @@ -1,10 +1,8 @@ -error[creusot]: called Logic function in Ghost context "creusot_contracts::__stubs::fin" - --> 436_0.rs:10:5 +error[creusot]: called prophetic logic function "prophecy" in logic context + --> 436_0.rs:15:23 | -10 | pearlite! { *(^x).g } - | ^^^^^^^^^^^^^^^^^^^^^ - | - = note: this error originates in the macro `pearlite` (in Nightly builds, run with -Z macro-backtrace for more info) +15 | b.g = snapshot! { prophecy(b) + 1i32 }; + | ^^^^^^^^ error: aborting due to previous error diff --git a/creusot/tests/should_fail/bug/436_1.rs b/creusot/tests/should_fail/bug/436_1.rs index e2b6bc1ebb..1ac4dc2c73 100644 --- a/creusot/tests/should_fail/bug/436_1.rs +++ b/creusot/tests/should_fail/bug/436_1.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::*; struct S { - g: Ghost, + g: Snapshot, } #[predicate] @@ -11,7 +11,7 @@ fn prophecy(x: &mut S) -> bool { } pub fn f() { - let b = &mut S { g: gh! { true } }; - b.g = gh! { !prophecy(b) }; + let b = &mut S { g: snapshot! { true } }; + b.g = snapshot! { !prophecy(b) }; proof_assert! { false } } diff --git a/creusot/tests/should_fail/bug/436_1.stderr b/creusot/tests/should_fail/bug/436_1.stderr index 832ef17013..dec51b306a 100644 --- a/creusot/tests/should_fail/bug/436_1.stderr +++ b/creusot/tests/should_fail/bug/436_1.stderr @@ -1,8 +1,10 @@ -error[creusot]: called Logic function in Ghost context "prophecy" - --> 436_1.rs:15:18 +error[creusot]: called prophetic logic function "creusot_contracts::__stubs::fin" in logic context + --> 436_1.rs:10:5 | -15 | b.g = gh! { !prophecy(b) }; - | ^^^^^^^^ +10 | pearlite! { *(^x).g } + | ^^^^^^^^^^^^^^^^^^^^^ + | + = note: this error originates in the macro `pearlite` (in Nightly builds, run with -Z macro-backtrace for more info) error: aborting due to previous error diff --git a/creusot/tests/should_fail/bug/436_2.rs b/creusot/tests/should_fail/bug/436_2.rs index 2a678e4725..b426ec20ed 100644 --- a/creusot/tests/should_fail/bug/436_2.rs +++ b/creusot/tests/should_fail/bug/436_2.rs @@ -3,13 +3,13 @@ use creusot_contracts::*; enum Bad<'a> { None, - Some(Ghost<&'a mut Bad<'a>>), + Some(Snapshot<&'a mut Bad<'a>>), } pub fn test_bad() { let mut x = Bad::None; let m = &mut x; - let g = gh!(m); + let g = snapshot!(m); *m = Bad::Some(g); proof_assert!(*m == Bad::Some(g)); proof_assert!(^*g == ^m); diff --git a/creusot/tests/should_fail/bug/436_2.stderr b/creusot/tests/should_fail/bug/436_2.stderr index cecee78ff4..5a34046556 100644 --- a/creusot/tests/should_fail/bug/436_2.stderr +++ b/creusot/tests/should_fail/bug/436_2.stderr @@ -1,8 +1,8 @@ -error[creusot]: Illegal use of the Ghost type +error[creusot]: Illegal use of the Snapshot type --> 436_2.rs:6:10 | -6 | Some(Ghost<&'a mut Bad<'a>>), - | ^^^^^^^^^^^^^^^^^^^^^^ +6 | Some(Snapshot<&'a mut Bad<'a>>), + | ^^^^^^^^^^^^^^^^^^^^^^^^^ error: aborting due to previous error diff --git a/creusot/tests/should_fail/bug/869.mlcfg b/creusot/tests/should_fail/bug/869.mlcfg index f4bf3a9e22..2353255e0c 100644 --- a/creusot/tests/should_fail/bug/869.mlcfg +++ b/creusot/tests/should_fail/bug/869.mlcfg @@ -1,59 +1,59 @@ module C869_Unsound - use prelude.Ghost + use prelude.Snapshot use prelude.Borrow - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - predicate resolve0 (self : borrowed (Ghost.ghost_ty bool)) = + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + predicate resolve0 (self : borrowed (Snapshot.snap_ty bool)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self - val resolve0 (self : borrowed (Ghost.ghost_ty bool)) : bool + val resolve0 (self : borrowed (Snapshot.snap_ty bool)) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg unsound [#"../869.rs" 4 0 4 16] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); - var x : Ghost.ghost_ty bool; - var xm : borrowed (Ghost.ghost_ty bool); - var _4 : borrowed (Ghost.ghost_ty bool); - var b : borrowed (Ghost.ghost_ty bool); - var _6 : borrowed (Ghost.ghost_ty bool); - var bg : Ghost.ghost_ty (borrowed (Ghost.ghost_ty bool)); - var evil : borrowed (Ghost.ghost_ty bool); - var _12 : borrowed (Ghost.ghost_ty bool); - var _15 : Ghost.ghost_ty bool; + var x : Snapshot.snap_ty bool; + var xm : borrowed (Snapshot.snap_ty bool); + var _4 : borrowed (Snapshot.snap_ty bool); + var b : borrowed (Snapshot.snap_ty bool); + var _6 : borrowed (Snapshot.snap_ty bool); + var bg : Snapshot.snap_ty (borrowed (Snapshot.snap_ty bool)); + var evil : borrowed (Snapshot.snap_ty bool); + var _12 : borrowed (Snapshot.snap_ty bool); + var _15 : Snapshot.snap_ty bool; { goto BB0 } BB0 { - [#"../869.rs" 5 29 5 41] x <- ([#"../869.rs" 5 29 5 41] Ghost.new true); + [#"../869.rs" 5 32 5 50] x <- ([#"../869.rs" 5 32 5 50] Snapshot.new true); goto BB1 } BB1 { - [#"../869.rs" 7 31 7 37] _4 <- Borrow.borrow_mut x; - [#"../869.rs" 7 31 7 37] x <- ^ _4; - [#"../869.rs" 7 31 7 37] xm <- Borrow.borrow_final ( * _4) (Borrow.get_id _4); - [#"../869.rs" 7 31 7 37] _4 <- { _4 with current = ( ^ xm) ; }; + [#"../869.rs" 7 34 7 40] _4 <- Borrow.borrow_mut x; + [#"../869.rs" 7 34 7 40] x <- ^ _4; + [#"../869.rs" 7 34 7 40] xm <- Borrow.borrow_final ( * _4) (Borrow.get_id _4); + [#"../869.rs" 7 34 7 40] _4 <- { _4 with current = ( ^ xm) ; }; assume { resolve0 _4 }; - [#"../869.rs" 9 30 9 38] _6 <- Borrow.borrow_mut ( * xm); - [#"../869.rs" 9 30 9 38] xm <- { xm with current = ( ^ _6) ; }; - [#"../869.rs" 9 30 9 38] b <- Borrow.borrow_final ( * _6) (Borrow.get_id _6); - [#"../869.rs" 9 30 9 38] _6 <- { _6 with current = ( ^ b) ; }; + [#"../869.rs" 9 33 9 41] _6 <- Borrow.borrow_mut ( * xm); + [#"../869.rs" 9 33 9 41] xm <- { xm with current = ( ^ _6) ; }; + [#"../869.rs" 9 33 9 41] b <- Borrow.borrow_final ( * _6) (Borrow.get_id _6); + [#"../869.rs" 9 33 9 41] _6 <- { _6 with current = ( ^ b) ; }; assume { resolve0 b }; assume { resolve0 _6 }; - [#"../869.rs" 10 38 10 47] bg <- ([#"../869.rs" 10 38 10 47] Ghost.new b); + [#"../869.rs" 10 44 10 59] bg <- ([#"../869.rs" 10 44 10 59] Snapshot.new b); goto BB2 } BB2 { - assert { [@expl:assertion] [#"../869.rs" 11 20 11 50] Ghost.inner ( * Ghost.inner bg) = true /\ Ghost.inner ( ^ Ghost.inner bg) = true }; - [#"../869.rs" 13 33 13 41] _12 <- Borrow.borrow_final ( * xm) (Borrow.get_id xm); - [#"../869.rs" 13 33 13 41] xm <- { xm with current = ( ^ _12) ; }; - [#"../869.rs" 13 33 13 41] evil <- Borrow.borrow_final ( * _12) (Borrow.get_id _12); - [#"../869.rs" 13 33 13 41] _12 <- { _12 with current = ( ^ evil) ; }; + assert { [@expl:assertion] [#"../869.rs" 11 20 11 50] Snapshot.inner ( * Snapshot.inner bg) = true /\ Snapshot.inner ( ^ Snapshot.inner bg) = true }; + [#"../869.rs" 13 36 13 44] _12 <- Borrow.borrow_final ( * xm) (Borrow.get_id xm); + [#"../869.rs" 13 36 13 44] xm <- { xm with current = ( ^ _12) ; }; + [#"../869.rs" 13 36 13 44] evil <- Borrow.borrow_final ( * _12) (Borrow.get_id _12); + [#"../869.rs" 13 36 13 44] _12 <- { _12 with current = ( ^ evil) ; }; assume { resolve0 _12 }; - assert { [@expl:assertion] [#"../869.rs" 17 20 17 53] (evil = Ghost.inner bg) = (Ghost.inner ( ^ evil) = true) }; - [#"../869.rs" 18 12 18 58] _15 <- ([#"../869.rs" 18 12 18 58] Ghost.new (if evil = Ghost.inner bg then + assert { [@expl:assertion] [#"../869.rs" 17 20 17 53] (evil = Snapshot.inner bg) = (Snapshot.inner ( ^ evil) = true) }; + [#"../869.rs" 18 12 18 64] _15 <- ([#"../869.rs" 18 12 18 64] Snapshot.new (if evil = Snapshot.inner bg then false else true @@ -61,12 +61,12 @@ module C869_Unsound goto BB3 } BB3 { - [#"../869.rs" 18 4 18 58] evil <- { evil with current = ([#"../869.rs" 18 4 18 58] _15) ; }; - [#"../869.rs" 18 4 18 58] _15 <- any Ghost.ghost_ty bool; + [#"../869.rs" 18 4 18 64] evil <- { evil with current = ([#"../869.rs" 18 4 18 64] _15) ; }; + [#"../869.rs" 18 4 18 64] _15 <- any Snapshot.snap_ty bool; assume { resolve0 evil }; assume { resolve0 xm }; - assert { [@expl:assertion] [#"../869.rs" 19 20 19 37] Ghost.inner ( * evil) = (not Ghost.inner ( ^ evil)) }; - assert { [@expl:assertion] [#"../869.rs" 20 20 20 37] Ghost.inner ( * evil) = (not Ghost.inner ( * evil)) }; + assert { [@expl:assertion] [#"../869.rs" 19 20 19 37] Snapshot.inner ( * evil) = (not Snapshot.inner ( ^ evil)) }; + assert { [@expl:assertion] [#"../869.rs" 20 20 20 37] Snapshot.inner ( * evil) = (not Snapshot.inner ( * evil)) }; [#"../869.rs" 4 17 21 1] _0 <- ([#"../869.rs" 4 17 21 1] ()); return _0 } diff --git a/creusot/tests/should_fail/bug/869.rs b/creusot/tests/should_fail/bug/869.rs index 968f0d43cc..1c03245f58 100644 --- a/creusot/tests/should_fail/bug/869.rs +++ b/creusot/tests/should_fail/bug/869.rs @@ -2,20 +2,20 @@ extern crate creusot_contracts; use creusot_contracts::*; pub fn unsound() { - let mut x: Ghost = gh! { true }; + let mut x: Snapshot = snapshot! { true }; // id(xm) = i1 - let xm: &mut Ghost = &mut x; + let xm: &mut Snapshot = &mut x; // Not final: id(b) = i2 - let b: &mut Ghost = &mut *xm; - let bg: Ghost<&mut Ghost> = gh! { b }; + let b: &mut Snapshot = &mut *xm; + let bg: Snapshot<&mut Snapshot> = snapshot! { b }; proof_assert! { ***bg == true && *^*bg == true }; // Final: id(evil) = i1 - let evil: &mut Ghost = &mut *xm; + let evil: &mut Snapshot = &mut *xm; // This proof_assert does not pass ! // Indeed evil != *bg (because the id do not match), which causes the next line to put `true` inside `*evil`. // And thus *^evil == true, disproving the assertion. proof_assert! { (evil == *bg) == (*^evil == true) }; - *evil = gh! { if evil == *bg { false } else { true } }; + *evil = snapshot! { if evil == *bg { false } else { true } }; proof_assert! { **evil == !*^evil }; proof_assert! { **evil == !**evil }; } diff --git a/creusot/tests/should_fail/bug/borrowed_ghost.rs b/creusot/tests/should_fail/bug/borrowed_ghost.rs index 7dee17a169..a76d4866e8 100644 --- a/creusot/tests/should_fail/bug/borrowed_ghost.rs +++ b/creusot/tests/should_fail/bug/borrowed_ghost.rs @@ -2,9 +2,9 @@ extern crate creusot_contracts; use creusot_contracts::*; pub fn use_borrowed() { - let mut x = gh! { true }; - let r = &mut x; // x = ?, r = (gh true, x) - *r = gh! { !x.inner() }; // r = (gh (not (inner x)), x) - // resolve r: x = gh (not (inner x)) + let mut x = snapshot! { true }; + let r = &mut x; // x = ?, r = (snapshot true, x) + *r = snapshot! { !x.inner() }; // r = (snapshot (not (inner x)), x) + // resolve r: x = snapshot (not (inner x)) proof_assert! { x.inner() == !x.inner() } // UNSOUND! } diff --git a/creusot/tests/should_fail/bug/borrowed_ghost.stderr b/creusot/tests/should_fail/bug/borrowed_ghost.stderr index bcd2ec41da..b2d362a0b3 100644 --- a/creusot/tests/should_fail/bug/borrowed_ghost.stderr +++ b/creusot/tests/should_fail/bug/borrowed_ghost.stderr @@ -1,10 +1,10 @@ error[creusot]: Use of borrowed variable x --> borrowed_ghost.rs:7:10 | -7 | *r = gh! { !x.inner() }; // r = (gh (not (inner x)), x) - | ^^^^^^^^^^^^^^^^^^ +7 | *r = snapshot! { !x.inner() }; // r = (snapshot (not (inner x)), x) + | ^^^^^^^^^^^^^^^^^^^^^^^^ | - = note: this error originates in the macro `gh` (in Nightly builds, run with -Z macro-backtrace for more info) + = note: this error originates in the macro `snapshot` (in Nightly builds, run with -Z macro-backtrace for more info) error: aborting due to previous error diff --git a/creusot/tests/should_fail/builtin_with_contract.rs b/creusot/tests/should_fail/builtin_with_contract.rs index 13658b1e8a..1490467a70 100644 --- a/creusot/tests/should_fail/builtin_with_contract.rs +++ b/creusot/tests/should_fail/builtin_with_contract.rs @@ -1,7 +1,7 @@ extern crate creusot_contracts; use creusot_contracts::*; -#[ghost] +#[logic] #[ensures(true && false)] #[creusot::builtins = "dummy_function"] fn builtin_with_contract() {} diff --git a/creusot/tests/should_fail/ghost_mapping.rs b/creusot/tests/should_fail/ghost_mapping.rs index d351972ab3..9fdb87b0d4 100644 --- a/creusot/tests/should_fail/ghost_mapping.rs +++ b/creusot/tests/should_fail/ghost_mapping.rs @@ -1,22 +1,22 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Mapping, *}; -#[logic] +#[logic(prophetic)] fn f(x: &mut i32) -> Mapping<(), i32> { pearlite! { |_| ^x } } -#[ghost] +#[logic] fn g(x: &mut i32) -> Mapping<(), i32> { pearlite! { |_| ^x } } -#[logic] +#[logic(prophetic)] fn h(y: &mut i32) -> bool { pearlite! { forall<_x:Int> ^y == 1i32 } } -#[ghost] +#[logic] fn i(y: &mut i32) -> bool { pearlite! { forall<_x:Int> ^y == 1i32 } } diff --git a/creusot/tests/should_fail/ghost_mapping.stderr b/creusot/tests/should_fail/ghost_mapping.stderr index 7d6ce9aaa4..0a40ed1ca5 100644 --- a/creusot/tests/should_fail/ghost_mapping.stderr +++ b/creusot/tests/should_fail/ghost_mapping.stderr @@ -1,4 +1,4 @@ -error[creusot]: called Logic function in Ghost context "creusot_contracts::__stubs::fin" +error[creusot]: called prophetic logic function "creusot_contracts::__stubs::fin" in logic context --> ghost_mapping.rs:11:5 | 11 | pearlite! { |_| ^x } @@ -6,7 +6,7 @@ error[creusot]: called Logic function in Ghost context "creusot_contracts::__stu | = note: this error originates in the macro `pearlite` (in Nightly builds, run with -Z macro-backtrace for more info) -error[creusot]: called Logic function in Ghost context "creusot_contracts::__stubs::fin" +error[creusot]: called prophetic logic function "creusot_contracts::__stubs::fin" in logic context --> ghost_mapping.rs:21:5 | 21 | pearlite! { forall<_x:Int> ^y == 1i32 } diff --git a/creusot/tests/should_fail/impure_functions.rs b/creusot/tests/should_fail/impure_functions.rs index 29f4a5ab2a..a5869b7572 100644 --- a/creusot/tests/should_fail/impure_functions.rs +++ b/creusot/tests/should_fail/impure_functions.rs @@ -1,7 +1,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::*, *}; -#[ghost] +#[logic] fn x(v: &Vec) -> Int { pearlite! { v.len()@ } } diff --git a/creusot/tests/should_fail/impure_functions.stderr b/creusot/tests/should_fail/impure_functions.stderr index 34403eb4d8..51ca718af7 100644 --- a/creusot/tests/should_fail/impure_functions.stderr +++ b/creusot/tests/should_fail/impure_functions.stderr @@ -1,10 +1,10 @@ -error[creusot]: called Program function in Ghost context "std::vec::Vec::::len" +error[creusot]: called program function "std::vec::Vec::::len" in logic context --> impure_functions.rs:6:19 | 6 | pearlite! { v.len()@ } | ^^^ -error[creusot]: called Ghost function in Program context "x" +error[creusot]: called logic function "x" in program context --> impure_functions.rs:10:13 | 10 | let _ = x(&Vec::<()>::new()); diff --git a/creusot/tests/should_fail/logic_ghost_impl.stderr b/creusot/tests/should_fail/logic_ghost_impl.stderr deleted file mode 100644 index 6f05bea770..0000000000 --- a/creusot/tests/should_fail/logic_ghost_impl.stderr +++ /dev/null @@ -1,9 +0,0 @@ -Logic != Ghost -error[creusot]: Expected `f` to be a ghost function as specified by the trait declaration - --> logic_ghost_impl.rs:11:5 - | -11 | fn f() { - | ^^^^^^ - -error: aborting due to previous error - diff --git a/creusot/tests/should_fail/logic_ghost_impl.rs b/creusot/tests/should_fail/logic_prophetic_impl.rs similarity index 85% rename from creusot/tests/should_fail/logic_ghost_impl.rs rename to creusot/tests/should_fail/logic_prophetic_impl.rs index 40ab38e93c..f71bb2a3d0 100644 --- a/creusot/tests/should_fail/logic_ghost_impl.rs +++ b/creusot/tests/should_fail/logic_prophetic_impl.rs @@ -7,7 +7,7 @@ trait T { } impl T for () { - #[ghost] + #[logic(prophetic)] fn f() { () } diff --git a/creusot/tests/should_fail/logic_prophetic_impl.stderr b/creusot/tests/should_fail/logic_prophetic_impl.stderr new file mode 100644 index 0000000000..6043a836f7 --- /dev/null +++ b/creusot/tests/should_fail/logic_prophetic_impl.stderr @@ -0,0 +1,8 @@ +error[creusot]: Expected `f` to be a logic function as specified by the trait declaration + --> logic_prophetic_impl.rs:11:5 + | +11 | fn f() { + | ^^^^^^ + +error: aborting due to previous error + diff --git a/creusot/tests/should_fail/trait_item_types_mismatch.stderr b/creusot/tests/should_fail/trait_item_types_mismatch.stderr index 9839639a5c..7165f39c19 100644 --- a/creusot/tests/should_fail/trait_item_types_mismatch.stderr +++ b/creusot/tests/should_fail/trait_item_types_mismatch.stderr @@ -4,8 +4,7 @@ error[creusot]: Expected implementation of trait `Trusted` for `()` to be marked 7 | impl Trusted for () {} | ^^^^^^^^^^^^^^^^^^^ -Predicate != Program -error[creusot]: Expected `my_predicate` to be a program function as specified by the trait declaration +error[creusot]: Expected `my_predicate` to be a predicate as specified by the trait declaration --> trait_item_types_mismatch.rs:17:5 | 17 | fn my_predicate() -> bool { diff --git a/creusot/tests/should_fail/traits/17_impl_refinement.rs b/creusot/tests/should_fail/traits/17_impl_refinement.rs index 47720c14e7..e80c05fb31 100644 --- a/creusot/tests/should_fail/traits/17_impl_refinement.rs +++ b/creusot/tests/should_fail/traits/17_impl_refinement.rs @@ -17,14 +17,14 @@ impl Tr for () { } trait ReqFalse { - #[ghost] + #[logic] #[requires(x@ >= 10)] fn need_false(x: u64) -> (); } impl ReqFalse for () { // This should not prove - #[ghost] + #[logic] #[requires(y@ >= 15)] fn need_false(y: u64) {} } diff --git a/creusot/tests/should_succeed/100doors.mlcfg b/creusot/tests/should_succeed/100doors.mlcfg index afcad7798f..f974b231f5 100644 --- a/creusot/tests/should_succeed/100doors.mlcfg +++ b/creusot/tests/should_succeed/100doors.mlcfg @@ -237,7 +237,7 @@ module C100doors_F ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_Range_Type.t_range usize . inv0 x = true - use prelude.Ghost + use prelude.Snapshot predicate resolve3 (self : bool) = [#"../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve3 (self : bool) : bool @@ -325,10 +325,10 @@ module C100doors_F end } ensures { inv5 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -358,14 +358,14 @@ module C100doors_F var _0 : (); var door_open : Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global); var iter : Core_Ops_Range_Range_Type.t_range usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _11 : (); var _12 : Core_Option_Option_Type.t_option usize; var _13 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _14 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _17 : Ghost.ghost_ty (Seq.seq usize); + var _17 : Snapshot.snap_ty (Seq.seq usize); var pass : usize; var door : usize; var _26 : bool; @@ -383,11 +383,11 @@ module C100doors_F goto BB2 } BB2 { - [#"../100doors.rs" 20 4 20 41] iter_old <- ([#"../100doors.rs" 20 4 20 41] Ghost.new iter); + [#"../100doors.rs" 20 4 20 41] iter_old <- ([#"../100doors.rs" 20 4 20 41] Snapshot.new iter); goto BB3 } BB3 { - [#"../100doors.rs" 20 4 20 41] produced <- ([#"../100doors.rs" 20 4 20 41] Ghost.new (Seq.empty )); + [#"../100doors.rs" 20 4 20 41] produced <- ([#"../100doors.rs" 20 4 20 41] Snapshot.new (Seq.empty )); goto BB4 } BB4 { @@ -398,7 +398,7 @@ module C100doors_F } BB6 { invariant { [#"../100doors.rs" 20 4 20 41] inv0 iter }; - invariant { [#"../100doors.rs" 20 4 20 41] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../100doors.rs" 20 4 20 41] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../100doors.rs" 20 16 20 39] Seq.length (shallow_model0 door_open) = 100 }; goto BB7 } @@ -432,14 +432,14 @@ module C100doors_F absurd } BB12 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _12); - [#"../100doors.rs" 20 4 20 41] _17 <- ([#"../100doors.rs" 20 4 20 41] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _12); + [#"../100doors.rs" 20 4 20 41] _17 <- ([#"../100doors.rs" 20 4 20 41] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB13 } BB13 { [#"../100doors.rs" 20 4 20 41] produced <- ([#"../100doors.rs" 20 4 20 41] _17); - [#"../100doors.rs" 20 4 20 41] _17 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] pass <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../100doors.rs" 20 4 20 41] _17 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] pass <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../100doors.rs" 22 30 22 34] door <- ([#"../100doors.rs" 22 30 22 34] pass); goto BB14 } diff --git a/creusot/tests/should_succeed/all_zero.mlcfg b/creusot/tests/should_succeed/all_zero.mlcfg index 6294a3c0df..817be0c32b 100644 --- a/creusot/tests/should_succeed/all_zero.mlcfg +++ b/creusot/tests/should_succeed/all_zero.mlcfg @@ -26,7 +26,7 @@ end module AllZero_AllZero use AllZero_List_Type as AllZero_List_Type use prelude.Borrow - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (AllZero_List_Type.t_list)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (AllZero_List_Type.t_list)) : bool @@ -43,7 +43,7 @@ module AllZero_AllZero val resolve0 (self : borrowed uint32) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot use Core_Option_Option_Type as Core_Option_Option_Type use prelude.Int function get0 [#"../all_zero.rs" 21 4 21 40] (self : AllZero_List_Type.t_list) (ix : int) : Core_Option_Option_Type.t_option uint32 @@ -64,7 +64,7 @@ module AllZero_AllZero val len0 [#"../all_zero.rs" 13 4 13 23] (self : AllZero_List_Type.t_list) : int ensures { result = len0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg all_zero [#"../all_zero.rs" 34 0 34 29] [@cfg:stackify] [@cfg:subregion_analysis] (l : borrowed (AllZero_List_Type.t_list)) : () ensures { [#"../all_zero.rs" 32 0 32 77] forall i : int . 0 <= i /\ i < len0 ( * l) -> get0 ( ^ l) i = Core_Option_Option_Type.C_Some (0 : uint32) } ensures { [#"../all_zero.rs" 33 10 33 34] len0 ( * l) = len0 ( ^ l) } @@ -72,7 +72,7 @@ module AllZero_AllZero = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var l : borrowed (AllZero_List_Type.t_list) = l; - var old_l : Ghost.ghost_ty (borrowed (AllZero_List_Type.t_list)); + var old_l : Snapshot.snap_ty (borrowed (AllZero_List_Type.t_list)); var loop_l : borrowed (AllZero_List_Type.t_list); var value : borrowed uint32; var next : borrowed (AllZero_List_Type.t_list); @@ -81,7 +81,7 @@ module AllZero_AllZero goto BB0 } BB0 { - [#"../all_zero.rs" 36 16 36 25] old_l <- ([#"../all_zero.rs" 36 16 36 25] Ghost.new l); + [#"../all_zero.rs" 36 16 36 31] old_l <- ([#"../all_zero.rs" 36 16 36 31] Snapshot.new l); goto BB1 } BB1 { @@ -90,8 +90,8 @@ module AllZero_AllZero goto BB2 } BB2 { - invariant { [#"../all_zero.rs" 39 4 41 88] (forall i : int . 0 <= i /\ i < len0 ( * loop_l) -> get0 ( ^ loop_l) i = Core_Option_Option_Type.C_Some (0 : uint32)) -> (forall i : int . 0 <= i /\ i < len0 ( * Ghost.inner old_l) -> get0 ( ^ Ghost.inner old_l) i = Core_Option_Option_Type.C_Some (0 : uint32)) }; - invariant { [#"../all_zero.rs" 39 4 41 88] len0 ( ^ loop_l) = len0 ( * loop_l) -> len0 ( ^ Ghost.inner old_l) = len0 ( * Ghost.inner old_l) }; + invariant { [#"../all_zero.rs" 39 4 41 88] (forall i : int . 0 <= i /\ i < len0 ( * loop_l) -> get0 ( ^ loop_l) i = Core_Option_Option_Type.C_Some (0 : uint32)) -> (forall i : int . 0 <= i /\ i < len0 ( * Snapshot.inner old_l) -> get0 ( ^ Snapshot.inner old_l) i = Core_Option_Option_Type.C_Some (0 : uint32)) }; + invariant { [#"../all_zero.rs" 39 4 41 88] len0 ( ^ loop_l) = len0 ( * loop_l) -> len0 ( ^ Snapshot.inner old_l) = len0 ( * Snapshot.inner old_l) }; goto BB3 } BB3 { diff --git a/creusot/tests/should_succeed/all_zero.rs b/creusot/tests/should_succeed/all_zero.rs index 30d2b8b62a..f48895b8ed 100644 --- a/creusot/tests/should_succeed/all_zero.rs +++ b/creusot/tests/should_succeed/all_zero.rs @@ -9,7 +9,7 @@ pub enum List { use List::*; impl List { - #[ghost] + #[logic] fn len(self) -> Int { match self { Cons(_, ls) => 1 + ls.len(), @@ -17,7 +17,7 @@ impl List { } } - #[ghost] + #[logic] fn get(self, ix: Int) -> Option { match self { Cons(x, ls) => match pearlite! { ix == 0 } { @@ -33,7 +33,7 @@ impl List { #[ensures((*l).len() == (^l).len())] pub fn all_zero(l: &mut List) { use List::*; - let old_l = gh! { l }; + let old_l = snapshot! { l }; let mut loop_l = l; #[invariant( diff --git a/creusot/tests/should_succeed/bdd.mlcfg b/creusot/tests/should_succeed/bdd.mlcfg index 9dab2772aa..729da25651 100644 --- a/creusot/tests/should_succeed/bdd.mlcfg +++ b/creusot/tests/should_succeed/bdd.mlcfg @@ -773,11 +773,11 @@ module Bdd_Context_Type use prelude.Int use Bdd_Node_Type as Bdd_Node_Type use map.Map - use prelude.Ghost + use prelude.Snapshot use Bdd_Bumpalo_Bump_Type as Bdd_Bumpalo_Bump_Type use prelude.Borrow type t_context = - | C_Context (Bdd_Bumpalo_Bump_Type.t_bump) (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd)) (Ghost.ghost_ty (Map.map uint64 (Bdd_Node_Type.t_node))) (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)) (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)) uint64 + | C_Context (Bdd_Bumpalo_Bump_Type.t_bump) (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd)) (Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node))) (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)) (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)) uint64 let function context_hashcons (self : t_context) : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd) @@ -789,7 +789,7 @@ module Bdd_Context_Type match self with | C_Context _ _ _ _ _ a -> a end - let function context_hashcons_ghost (self : t_context) : Ghost.ghost_ty (Map.map uint64 (Bdd_Node_Type.t_node)) + let function context_hashcons_ghost (self : t_context) : Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)) = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_Context _ _ a _ _ _ -> a @@ -897,7 +897,7 @@ module Bdd_Impl10_GrowsIsValidBdd_Impl ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -909,14 +909,14 @@ module Bdd_Impl10_GrowsIsValidBdd_Impl predicate invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model1 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model4 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model5 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant1 self } @@ -1041,7 +1041,7 @@ module Bdd_Impl10_GrowsTrans_Impl ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -1053,14 +1053,14 @@ module Bdd_Impl10_GrowsTrans_Impl predicate invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model1 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model3 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model4 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant1 self } @@ -1189,7 +1189,7 @@ module Bdd_Impl10_SetIrreleventVar_Impl ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -1201,14 +1201,14 @@ module Bdd_Impl10_SetIrreleventVar_Impl predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model1 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model5 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model6 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -1319,7 +1319,7 @@ module Bdd_Impl10_DiscrValuation_Impl ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -1331,14 +1331,14 @@ module Bdd_Impl10_DiscrValuation_Impl predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model0 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model1 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model1 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model5 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model6 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -1505,7 +1505,7 @@ module Bdd_Impl10_BddCanonical_Impl ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -1517,14 +1517,14 @@ module Bdd_Impl10_BddCanonical_Impl predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model0 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model1 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model1 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model5 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model6 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -1701,7 +1701,7 @@ module Bdd_Impl11_New ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -1713,14 +1713,14 @@ module Bdd_Impl11_New predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model0 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model3 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model3 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model1 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model2 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -1733,7 +1733,7 @@ module Bdd_Impl11_New | Bdd_Context_Type.C_Context alloc hashcons hashcons_ghost not_memo and_memo cnt -> true end) use Bdd_Bumpalo_Bump_Type as Bdd_Bumpalo_Bump_Type - use prelude.Ghost + use prelude.Snapshot use map.Const val new3 [#"../bdd.rs" 69 8 69 28] (_1 : ()) : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd) ensures { [#"../bdd.rs" 67 18 67 47] shallow_model2 result = Const.const (Core_Option_Option_Type.C_None) } @@ -1742,7 +1742,7 @@ module Bdd_Impl11_New val new2 [#"../bdd.rs" 69 8 69 28] (_1 : ()) : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd) ensures { [#"../bdd.rs" 67 18 67 47] shallow_model1 result = Const.const (Core_Option_Option_Type.C_None) } - use prelude.Ghost + use prelude.Snapshot use map.Const use map.Const val new0 [#"../bdd.rs" 69 8 69 28] (_1 : ()) : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd) @@ -1758,7 +1758,7 @@ module Bdd_Impl11_New var alloc : Bdd_Bumpalo_Bump_Type.t_bump = alloc; var t : Bdd_Node_Type.t_node; var _5 : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd); - var _6 : Ghost.ghost_ty (Map.map uint64 (Bdd_Node_Type.t_node)); + var _6 : Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); var _8 : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd); var _9 : Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd); var _10 : Bdd_Node_Type.t_node; @@ -1772,7 +1772,7 @@ module Bdd_Impl11_New goto BB1 } BB1 { - [#"../bdd.rs" 429 28 429 51] _6 <- ([#"../bdd.rs" 429 28 429 51] Ghost.new (Const.const t)); + [#"../bdd.rs" 429 28 429 57] _6 <- ([#"../bdd.rs" 429 28 429 57] Snapshot.new (Const.const t)); goto BB2 } BB2 { @@ -1786,7 +1786,7 @@ module Bdd_Impl11_New BB4 { [#"../bdd.rs" 426 8 433 9] _0 <- ([#"../bdd.rs" 426 8 433 9] Bdd_Context_Type.C_Context ([#"../bdd.rs" 427 12 427 17] alloc) _5 _6 _8 _9 ([#"../bdd.rs" 432 17 432 18] [#"../bdd.rs" 432 17 432 18] (0 : uint64))); _5 <- any Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd); - _6 <- any Ghost.ghost_ty (Map.map uint64 (Bdd_Node_Type.t_node)); + _6 <- any Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); _8 <- any Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd); _9 <- any Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd); return _0 @@ -1879,7 +1879,7 @@ module Bdd_Impl11_Hashcons ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -1891,14 +1891,14 @@ module Bdd_Impl11_Hashcons predicate invariant7 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model3 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model0 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model0 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model7 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model8 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant7 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant7 self } @@ -1988,8 +1988,8 @@ module Bdd_Impl11_Hashcons val grows0 [#"../bdd.rs" 296 4 296 35] (self : borrowed (Bdd_Context_Type.t_context)) : bool ensures { result = grows0 self } - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot use map.Map function shallow_model4 (self : borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd))) : Map.map (Bdd_NodeLog_Type.t_nodelog) (Core_Option_Option_Type.t_option (Bdd_Bdd_Type.t_bdd)) @@ -2061,7 +2061,7 @@ module Bdd_Impl11_Hashcons var _19 : borrowed (Bdd_Node_Type.t_node); var _23 : (); var _24 : borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd)); - var _27 : Ghost.ghost_ty (Map.map uint64 (Bdd_Node_Type.t_node)); + var _27 : Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); { goto BB0 } @@ -2101,12 +2101,12 @@ module Bdd_Impl11_Hashcons goto BB6 } BB6 { - [#"../bdd.rs" 447 30 447 71] _27 <- ([#"../bdd.rs" 447 30 447 71] Ghost.new (Map.set (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost ( * self))) (Bdd_Bdd_Type.bdd_1 r1) (Bdd_Bdd_Type.bdd_0 r1))); + [#"../bdd.rs" 447 30 447 77] _27 <- ([#"../bdd.rs" 447 30 447 77] Snapshot.new (Map.set (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost ( * self))) (Bdd_Bdd_Type.bdd_1 r1) (Bdd_Bdd_Type.bdd_0 r1))); goto BB7 } BB7 { - [#"../bdd.rs" 447 8 447 71] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 ([#"../bdd.rs" 447 8 447 71] _27) x3 x4 x5) ; }; - [#"../bdd.rs" 447 8 447 71] _27 <- any Ghost.ghost_ty (Map.map uint64 (Bdd_Node_Type.t_node)); + [#"../bdd.rs" 447 8 447 77] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 ([#"../bdd.rs" 447 8 447 77] _27) x3 x4 x5) ; }; + [#"../bdd.rs" 447 8 447 77] _27 <- any Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); switch ([#"../bdd.rs" 448 11 448 34] ([#"../bdd.rs" 448 11 448 19] Bdd_Context_Type.context_cnt ( * self)) > ([#"../bdd.rs" 448 22 448 34] ([#"../bdd.rs" 448 22 448 30] [#"../bdd.rs" 448 22 448 30] (18446744073709551615 : uint64)) - ([#"../bdd.rs" 448 33 448 34] [#"../bdd.rs" 448 33 448 34] (1 : uint64)))) | False -> goto BB11 | True -> goto BB8 @@ -2234,7 +2234,7 @@ module Bdd_Impl11_Node ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -2246,14 +2246,14 @@ module Bdd_Impl11_Node predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model2 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model3 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model3 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model7 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model8 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -2458,7 +2458,7 @@ module Bdd_Impl11_True ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -2470,14 +2470,14 @@ module Bdd_Impl11_True predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model1 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model5 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model6 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -2634,7 +2634,7 @@ module Bdd_Impl11_False ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -2646,14 +2646,14 @@ module Bdd_Impl11_False predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model1 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model5 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model6 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -2810,7 +2810,7 @@ module Bdd_Impl11_V ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -2822,14 +2822,14 @@ module Bdd_Impl11_V predicate invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model1 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model2 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model5 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model6 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant0 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant0 self } @@ -3053,7 +3053,7 @@ module Bdd_Impl11_Not ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -3065,14 +3065,14 @@ module Bdd_Impl11_Not predicate invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model4 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model5 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model5 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model2 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model8 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant1 self } @@ -3508,7 +3508,7 @@ module Bdd_Impl11_And ensures { result = is_valid_bdd0 self b } use map.Map - use prelude.Ghost + use prelude.Snapshot predicate is_valid_node0 [#"../bdd.rs" 316 4 316 51] (self : Bdd_Context_Type.t_context) (n : Bdd_Node_Type.t_node) = [#"../bdd.rs" 318 12 327 13] match n with | Bdd_Node_Type.C_True -> true @@ -3520,14 +3520,14 @@ module Bdd_Impl11_And predicate invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) = [#"../bdd.rs" 264 12 288 19] (forall n : Bdd_NodeLog_Type.t_nodelog . match Map.get (shallow_model4 (Bdd_Context_Type.context_hashcons self)) n with - | Core_Option_Option_Type.C_Some b -> shallow_model5 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b + | Core_Option_Option_Type.C_Some b -> shallow_model5 (Bdd_Bdd_Type.bdd_0 b) = n /\ is_valid_node0 self (Bdd_Bdd_Type.bdd_0 b) /\ Bdd_Bdd_Type.bdd_1 b < Bdd_Context_Type.context_cnt self /\ Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (Bdd_Bdd_Type.bdd_1 b) = Bdd_Bdd_Type.bdd_0 b | Core_Option_Option_Type.C_None -> true end) /\ (forall bm : uint64 . match Map.get (shallow_model8 (Bdd_Context_Type.context_not_memo self)) bm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n + | Core_Option_Option_Type.C_Some n -> let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) bm) bm in is_valid_bdd0 self n /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (not interp0 b v)) /\ leastvar0 b <= leastvar0 n end) /\ (forall abm : (uint64, uint64) . match Map.get (shallow_model2 (Bdd_Context_Type.context_and_memo self)) abm with | Core_Option_Option_Type.C_None -> true - | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Ghost.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) + | Core_Option_Option_Type.C_Some n -> let a = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (a, _) = abm in a)) (let (a, _) = abm in a) in let b = Bdd_Bdd_Type.C_Bdd (Map.get (Snapshot.inner (Bdd_Context_Type.context_hashcons_ghost self)) (let (_, a) = abm in a)) (let (_, a) = abm in a) in is_valid_bdd0 self n /\ is_valid_bdd0 self a /\ is_valid_bdd0 self b /\ (forall v : Map.map uint64 bool . interp0 n v = (interp0 a v /\ interp0 b v)) /\ (leastvar0 a <= leastvar0 n \/ leastvar0 b <= leastvar0 n) end) val invariant1 [#"../bdd.rs" 262 4 262 30] (self : Bdd_Context_Type.t_context) : bool ensures { result = invariant1 self } diff --git a/creusot/tests/should_succeed/bdd.rs b/creusot/tests/should_succeed/bdd.rs index ba902cbec0..1c973686af 100644 --- a/creusot/tests/should_succeed/bdd.rs +++ b/creusot/tests/should_succeed/bdd.rs @@ -30,7 +30,7 @@ mod hashmap { #[ensures(result@ == Self::hash_log(self.deep_model()))] fn hash(&self) -> u64; - #[ghost] + #[logic] fn hash_log(_: Self::DeepModelTy) -> Int; } @@ -40,7 +40,7 @@ mod hashmap { impl ShallowModel for MyHashMap { type ShallowModelTy = Mapping>; - #[ghost] + #[logic] #[open(self)] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { @@ -78,7 +78,7 @@ mod hashmap { } #[open(self)] - #[ghost] + #[logic] fn hash_log(x: Self::DeepModelTy) -> Int { pearlite! { (U::hash_log(x.0) + V::hash_log(x.1) * 17) % (u64::MAX@ + 1) } } @@ -124,7 +124,7 @@ impl<'arena> hashmap::Hash for Node<'arena> { } #[open(self)] - #[ghost] + #[logic] fn hash_log(x: Self::DeepModelTy) -> Int { pearlite! { match x { @@ -144,7 +144,7 @@ impl<'arena> hashmap::Hash for Bdd<'arena> { } #[open(self)] - #[ghost] + #[logic] fn hash_log(x: Self::DeepModelTy) -> Int { pearlite! { x@ } } @@ -154,7 +154,7 @@ impl<'arena> DeepModel for Node<'arena> { type DeepModelTy = NodeLog; #[open(self)] - #[ghost] + #[logic] fn deep_model(self) -> Self::DeepModelTy { pearlite! { match self { @@ -171,7 +171,7 @@ impl<'arena> ShallowModel for Node<'arena> { type ShallowModelTy = NodeLog; #[open(self)] - #[ghost] + #[logic] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { self.deep_model() } } @@ -181,7 +181,7 @@ impl<'arena> DeepModel for Bdd<'arena> { type DeepModelTy = u64; #[open(self)] - #[ghost] + #[logic] fn deep_model(self) -> Self::DeepModelTy { pearlite! { self.1 } } @@ -191,7 +191,7 @@ impl<'arena> ShallowModel for Bdd<'arena> { type ShallowModelTy = u64; #[open(self)] - #[ghost] + #[logic] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { self.deep_model() } } @@ -205,7 +205,7 @@ impl<'arena> PartialEq for Bdd<'arena> { } impl<'arena> Bdd<'arena> { - #[ghost] + #[logic] fn interp(self, vars: Mapping) -> bool { pearlite! { match self { @@ -219,7 +219,7 @@ impl<'arena> Bdd<'arena> { } } - #[ghost] + #[logic] #[ensures(result >= 0)] fn size(self) -> Int { pearlite! { @@ -235,7 +235,7 @@ impl<'arena> Bdd<'arena> { } } - #[ghost] + #[logic] fn leastvar(self) -> Int { pearlite! { match self { @@ -250,7 +250,7 @@ impl<'arena> Bdd<'arena> { pub struct Context<'arena> { alloc: &'arena bumpalo::Bump, hashcons: hashmap::MyHashMap, Bdd<'arena>>, - hashcons_ghost: Ghost>>, + hashcons_ghost: Snapshot>>, not_memo: hashmap::MyHashMap, Bdd<'arena>>, and_memo: hashmap::MyHashMap<(Bdd<'arena>, Bdd<'arena>), Bdd<'arena>>, cnt: u64, @@ -292,7 +292,7 @@ impl<'arena> Invariant for Context<'arena> { impl<'arena> Context<'arena> { #[open(self)] - #[predicate] + #[predicate(prophetic)] pub fn grows(&mut self) -> bool { pearlite! { self.cnt@ <= (^self).cnt@ && @@ -328,14 +328,14 @@ impl<'arena> Context<'arena> { } } - #[ghost] + #[logic] #[open(self)] #[requires(self.grows())] #[requires(self.is_valid_bdd(b))] #[ensures((^self).is_valid_bdd(b))] pub fn grows_is_valid_bdd(&mut self, b: Bdd<'arena>) {} - #[ghost] + #[logic] #[open(self)] #[requires(self.grows())] #[requires(o.grows())] @@ -344,7 +344,7 @@ impl<'arena> Context<'arena> { #[ensures(oo.grows())] pub fn grows_trans(&mut self, o: &mut Self, oo: &mut Self) {} - #[ghost] + #[logic] #[requires(self.is_valid_bdd(a))] #[requires(x@ < a.leastvar())] #[ensures(a.interp(v) == a.interp(v.set(x, b)))] @@ -360,7 +360,7 @@ impl<'arena> Context<'arena> { } } - #[ghost] + #[logic] #[requires(self.is_valid_bdd(a))] #[requires(self.is_valid_bdd(b))] #[requires(a != b)] @@ -408,7 +408,7 @@ impl<'arena> Context<'arena> { } } - #[ghost] + #[logic] #[open(self)] #[requires(self.is_valid_bdd(a))] #[requires(self.is_valid_bdd(b))] @@ -426,7 +426,7 @@ impl<'arena> Context<'arena> { Context { alloc, hashcons: hashmap::MyHashMap::new(), - hashcons_ghost: gh! { Mapping::cst(t) }, + hashcons_ghost: snapshot! { Mapping::cst(t) }, not_memo: hashmap::MyHashMap::new(), and_memo: hashmap::MyHashMap::new(), cnt: 0, @@ -444,7 +444,7 @@ impl<'arena> Context<'arena> { } let r = Bdd(self.alloc.alloc(n), self.cnt); self.hashcons.add(n, r); - self.hashcons_ghost = gh! { self.hashcons_ghost.set(r.1, r.0) }; + self.hashcons_ghost = snapshot! { self.hashcons_ghost.set(r.1, r.0) }; if self.cnt > u64::MAX - 1 { loop { // prevent self from being resolved diff --git a/creusot/tests/should_succeed/binary_search.rs b/creusot/tests/should_succeed/binary_search.rs index 16a58f13c4..3bbf583b76 100644 --- a/creusot/tests/should_succeed/binary_search.rs +++ b/creusot/tests/should_succeed/binary_search.rs @@ -17,7 +17,7 @@ pub enum List { use List::*; impl List { - #[ghost] + #[logic] #[ensures(result >= 0)] fn len_logic(self) -> Int { match self { @@ -26,7 +26,7 @@ impl List { } } - #[ghost] + #[logic] fn get(self, ix: Int) -> Option { match self { Cons(t, ls) => { @@ -74,7 +74,7 @@ impl List { len } - #[ghost] + #[logic] fn get_default(self, ix: Int, def: T) -> T { match self.get(ix) { Some(v) => v, diff --git a/creusot/tests/should_succeed/bug/181_ident.rs b/creusot/tests/should_succeed/bug/181_ident.rs index 202233d6b1..d601a86ee1 100644 --- a/creusot/tests/should_succeed/bug/181_ident.rs +++ b/creusot/tests/should_succeed/bug/181_ident.rs @@ -3,7 +3,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Int, *}; // Bug #181 -#[ghost] +#[logic] #[open] pub fn max_int(a: Int, b: Int) -> Int { if a < b { diff --git a/creusot/tests/should_succeed/bug/206.rs b/creusot/tests/should_succeed/bug/206.rs index d8b329f840..1e14851c50 100644 --- a/creusot/tests/should_succeed/bug/206.rs +++ b/creusot/tests/should_succeed/bug/206.rs @@ -4,11 +4,11 @@ use creusot_contracts::*; pub struct A(Vec); -#[ghost] +#[logic] #[ensures(a.0@ == a.0@)] fn u2(a: A) {} -#[ghost] +#[logic] #[open(self)] pub fn u(a: A) { pearlite! { diff --git a/creusot/tests/should_succeed/bug/217.rs b/creusot/tests/should_succeed/bug/217.rs index d9474e02ed..d27344e6f6 100644 --- a/creusot/tests/should_succeed/bug/217.rs +++ b/creusot/tests/should_succeed/bug/217.rs @@ -6,7 +6,7 @@ use creusot_contracts::{ }; #[open] -#[ghost] +#[logic] #[variant(c.len())] pub fn ex(c: Seq, a: Int) -> Int { if c.len() == 0 { diff --git a/creusot/tests/should_succeed/bug/265.rs b/creusot/tests/should_succeed/bug/265.rs index 3fa3b918b8..3800d4948e 100644 --- a/creusot/tests/should_succeed/bug/265.rs +++ b/creusot/tests/should_succeed/bug/265.rs @@ -2,13 +2,13 @@ extern crate creusot_contracts; use creusot_contracts::*; #[open] -#[ghost] +#[logic] pub fn bool_to_bool(b: bool) -> bool { b } #[open] -#[ghost] +#[logic] pub fn ex() { pearlite! { bool_to_bool(!true) }; } diff --git a/creusot/tests/should_succeed/bug/269.rs b/creusot/tests/should_succeed/bug/269.rs index d52bf783c1..bb8730c780 100644 --- a/creusot/tests/should_succeed/bug/269.rs +++ b/creusot/tests/should_succeed/bug/269.rs @@ -3,5 +3,5 @@ extern crate creusot_contracts; use creusot_contracts::*; #[open] -#[ghost] +#[logic] pub fn my_lemma() {} diff --git a/creusot/tests/should_succeed/bug/564.rs b/creusot/tests/should_succeed/bug/564.rs index a35c8dd2db..96a649271e 100644 --- a/creusot/tests/should_succeed/bug/564.rs +++ b/creusot/tests/should_succeed/bug/564.rs @@ -1,7 +1,7 @@ extern crate creusot_contracts; use creusot_contracts::*; -#[ghost] +#[logic] #[open] #[requires(invariants())] pub fn emits_pure_eq() -> bool { @@ -10,7 +10,7 @@ pub fn emits_pure_eq() -> bool { } } -#[ghost] +#[logic] #[open] #[requires(invariants())] pub fn emits_pure_implies() -> bool { @@ -19,7 +19,7 @@ pub fn emits_pure_implies() -> bool { } } -#[ghost] +#[logic] fn invariants() -> bool { true } diff --git a/creusot/tests/should_succeed/bug/570.rs b/creusot/tests/should_succeed/bug/570.rs index b05fdfb543..80a9793173 100644 --- a/creusot/tests/should_succeed/bug/570.rs +++ b/creusot/tests/should_succeed/bug/570.rs @@ -18,7 +18,7 @@ pub fn test_assign(mut s: S2) { } #[open] -#[ghost] +#[logic] pub fn test_logic(s: S2) { s.s1.f; } diff --git a/creusot/tests/should_succeed/bug/594.rs b/creusot/tests/should_succeed/bug/594.rs index 3596bd72ae..3ad0672196 100644 --- a/creusot/tests/should_succeed/bug/594.rs +++ b/creusot/tests/should_succeed/bug/594.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::*; #[open] -#[ghost] +#[logic] pub fn test_logic((x, _): (u32, u32)) -> u32 { x } diff --git a/creusot/tests/should_succeed/bug/682.mlcfg b/creusot/tests/should_succeed/bug/682.mlcfg index 39e923a575..f4c346d39f 100644 --- a/creusot/tests/should_succeed/bug/682.mlcfg +++ b/creusot/tests/should_succeed/bug/682.mlcfg @@ -30,8 +30,8 @@ module C682_AddSome end module C682_Foo use prelude.UInt64 - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot use prelude.Borrow predicate resolve0 (self : borrowed uint64) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -45,7 +45,7 @@ module C682_Foo requires {[#"../682.rs" 4 11 4 32] * a <= div max0 (2 : uint64)} ensures { [#"../682.rs" 5 10 5 17] ^ a > * a } - use prelude.Ghost + use prelude.Snapshot let rec cfg foo [#"../682.rs" 12 0 12 23] [@cfg:stackify] [@cfg:subregion_analysis] (a : borrowed uint64) : () requires {[#"../682.rs" 10 11 10 21] * a = (3 : uint64)} ensures { [#"../682.rs" 11 10 11 17] ^ a > * a } @@ -53,14 +53,14 @@ module C682_Foo = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var a : borrowed uint64 = a; - var a_p : Ghost.ghost_ty uint64; + var a_p : Snapshot.snap_ty uint64; var _6 : (); var _7 : borrowed uint64; { goto BB0 } BB0 { - [#"../682.rs" 13 26 13 33] a_p <- ([#"../682.rs" 13 26 13 33] Ghost.new ( * a)); + [#"../682.rs" 13 29 13 42] a_p <- ([#"../682.rs" 13 29 13 42] Snapshot.new ( * a)); goto BB1 } BB1 { @@ -72,7 +72,7 @@ module C682_Foo } BB2 { assume { resolve0 a }; - assert { [@expl:assertion] [#"../682.rs" 15 18 15 27] * a > Ghost.inner a_p }; + assert { [@expl:assertion] [#"../682.rs" 15 18 15 27] * a > Snapshot.inner a_p }; [#"../682.rs" 12 24 16 1] _0 <- ([#"../682.rs" 12 24 16 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/bug/682.rs b/creusot/tests/should_succeed/bug/682.rs index 869462f7e8..e26d997f37 100644 --- a/creusot/tests/should_succeed/bug/682.rs +++ b/creusot/tests/should_succeed/bug/682.rs @@ -10,7 +10,7 @@ fn add_some(a: &mut u64) { #[requires(*a == 3u64)] #[ensures(^a > *a)] pub fn foo(a: &mut u64) { - let a_p: Ghost = gh!(*a); + let a_p: Snapshot = snapshot!(*a); add_some(a); proof_assert!(*a > *a_p); } diff --git a/creusot/tests/should_succeed/bug/768.rs b/creusot/tests/should_succeed/bug/768.rs index 0baf4161d3..175c6947f2 100644 --- a/creusot/tests/should_succeed/bug/768.rs +++ b/creusot/tests/should_succeed/bug/768.rs @@ -8,7 +8,7 @@ pub struct A { impl A { #[open] - #[ghost] + #[logic] pub fn with_l(self, l: usize) -> Self { A { l, ..self } } diff --git a/creusot/tests/should_succeed/bug/797.rs b/creusot/tests/should_succeed/bug/797.rs index a65c40c744..df3951ecb4 100644 --- a/creusot/tests/should_succeed/bug/797.rs +++ b/creusot/tests/should_succeed/bug/797.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Mapping, *}; #[open] -#[ghost] +#[logic] pub fn make_mapping() -> Mapping<(Int, Int), bool> { |(x, y)| x + y == 0 } diff --git a/creusot/tests/should_succeed/bug/874.mlcfg b/creusot/tests/should_succeed/bug/874.mlcfg index 63e5f6614a..d2da1c5c95 100644 --- a/creusot/tests/should_succeed/bug/874.mlcfg +++ b/creusot/tests/should_succeed/bug/874.mlcfg @@ -290,7 +290,7 @@ module C874_CanExtend goto BB2 } BB2 { - [#"../874.rs" 5 16 5 29] v <- ([#"../874.rs" 5 16 5 29] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 5 21 5 22] [#"../874.rs" 5 21 5 22] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 5 24 5 25] [#"../874.rs" 5 24 5 25] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 5 27 5 28] [#"../874.rs" 5 27 5 28] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); + [#"../874.rs" 5 16 5 29] v <- ([#"../874.rs" 5 16 5 29] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 296 47 296 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 5 21 5 22] [#"../874.rs" 5 21 5 22] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 5 24 5 25] [#"../874.rs" 5 24 5 25] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 5 27 5 28] [#"../874.rs" 5 27 5 28] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); goto BB3 } BB3 { @@ -300,7 +300,7 @@ module C874_CanExtend goto BB5 } BB5 { - [#"../874.rs" 6 12 6 25] w <- ([#"../874.rs" 6 12 6 25] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 6 17 6 18] [#"../874.rs" 6 17 6 18] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 6 20 6 21] [#"../874.rs" 6 20 6 21] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 6 23 6 24] [#"../874.rs" 6 23 6 24] (6 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); + [#"../874.rs" 6 12 6 25] w <- ([#"../874.rs" 6 12 6 25] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 296 47 296 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 6 17 6 18] [#"../874.rs" 6 17 6 18] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 6 20 6 21] [#"../874.rs" 6 20 6 21] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 6 23 6 24] [#"../874.rs" 6 23 6 24] (6 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); goto BB6 } BB6 { @@ -319,7 +319,7 @@ module C874_CanExtend goto BB9 } BB9 { - [#"../874.rs" 9 12 9 34] z <- ([#"../874.rs" 9 12 9 34] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 9 17 9 18] [#"../874.rs" 9 17 9 18] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 9 20 9 21] [#"../874.rs" 9 20 9 21] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 9 23 9 24] [#"../874.rs" 9 23 9 24] (3 : int32))}; assume {Seq.get (__arr_temp.elts) 3 = ([#"../874.rs" 9 26 9 27] [#"../874.rs" 9 26 9 27] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 4 = ([#"../874.rs" 9 29 9 30] [#"../874.rs" 9 29 9 30] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 5 = ([#"../874.rs" 9 32 9 33] [#"../874.rs" 9 32 9 33] (6 : int32))}; assume {Slice.length __arr_temp = 6}; __arr_temp)); + [#"../874.rs" 9 12 9 34] z <- ([#"../874.rs" 9 12 9 34] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 296 47 296 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../874.rs" 9 17 9 18] [#"../874.rs" 9 17 9 18] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../874.rs" 9 20 9 21] [#"../874.rs" 9 20 9 21] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../874.rs" 9 23 9 24] [#"../874.rs" 9 23 9 24] (3 : int32))}; assume {Seq.get (__arr_temp.elts) 3 = ([#"../874.rs" 9 26 9 27] [#"../874.rs" 9 26 9 27] (4 : int32))}; assume {Seq.get (__arr_temp.elts) 4 = ([#"../874.rs" 9 29 9 30] [#"../874.rs" 9 29 9 30] (5 : int32))}; assume {Seq.get (__arr_temp.elts) 5 = ([#"../874.rs" 9 32 9 33] [#"../874.rs" 9 32 9 33] (6 : int32))}; assume {Slice.length __arr_temp = 6}; __arr_temp)); goto BB10 } BB10 { diff --git a/creusot/tests/should_succeed/bug/pure_neq.rs b/creusot/tests/should_succeed/bug/pure_neq.rs index 09e55673a2..feff180fa1 100644 --- a/creusot/tests/should_succeed/bug/pure_neq.rs +++ b/creusot/tests/should_succeed/bug/pure_neq.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Int, *}; #[open] -#[ghost] +#[logic] #[ensures(result == !(x == y))] pub fn f(x: Option, y: Option) -> bool { pearlite! { x != y } diff --git a/creusot/tests/should_succeed/cell/02.mlcfg b/creusot/tests/should_succeed/cell/02.mlcfg index a56f1f67d8..15bee105da 100644 --- a/creusot/tests/should_succeed/cell/02.mlcfg +++ b/creusot/tests/should_succeed/cell/02.mlcfg @@ -224,7 +224,7 @@ module C02_FibMemo val fib_cell0 [#"../02.rs" 84 0 84 32] (v : Alloc_Vec_Vec_Type.t_vec (C02_Cell_Type.t_cell (Core_Option_Option_Type.t_option usize) (C02_Fib_Type.t_fib)) (Alloc_Alloc_Global_Type.t_global)) : bool ensures { result = fib_cell0 v } - use prelude.Ghost + use prelude.Snapshot function fib0 [#"../02.rs" 32 0 32 25] (i : int) : int axiom fib0_def : forall i : int . fib0 i = ([#"../02.rs" 29 0 29 8] if i <= 0 then 0 @@ -247,7 +247,7 @@ module C02_FibMemo requires {[#"../02.rs" 24 16 24 20] inv2 self} requires {[#"../02.rs" 24 22 24 23] inv4 v} - use prelude.Ghost + use prelude.Snapshot use int.Power function lemma_fib_bound0 [#"../02.rs" 47 0 47 30] (i : int) : () axiom lemma_fib_bound0_def : forall i : int . lemma_fib_bound0 i = ([#"../02.rs" 43 0 43 8] if i = 0 then @@ -260,7 +260,7 @@ module C02_FibMemo ensures { result = lemma_fib_bound0 i } axiom lemma_fib_bound0_spec : forall i : int . ([#"../02.rs" 44 11 44 17] 0 <= i) -> ([#"../02.rs" 45 10 45 28] fib0 i <= Power.power 2 i) - use prelude.Ghost + use prelude.Snapshot function lemma_max_int0 [#"../02.rs" 62 0 62 22] (_1 : ()) : () = [#"../02.rs" 60 0 60 8] () val lemma_max_int0 [#"../02.rs" 62 0 62 22] (_1 : ()) : () @@ -308,8 +308,8 @@ module C02_FibMemo var _9 : C02_Cell_Type.t_cell (Core_Option_Option_Type.t_option usize) (C02_Fib_Type.t_fib); var v : usize; var fib_i : usize; - var _19 : Ghost.ghost_ty (); - var _21 : Ghost.ghost_ty (); + var _19 : Snapshot.snap_ty (); + var _21 : Snapshot.snap_ty (); var _23 : usize; var _27 : usize; var _33 : (); @@ -364,11 +364,11 @@ module C02_FibMemo goto BB15 } BB10 { - [#"../02.rs" 104 16 104 37] _19 <- ([#"../02.rs" 104 16 104 37] Ghost.new ()); + [#"../02.rs" 104 16 104 43] _19 <- ([#"../02.rs" 104 16 104 43] Snapshot.new ()); goto BB11 } BB11 { - [#"../02.rs" 105 16 105 39] _21 <- ([#"../02.rs" 105 16 105 39] Ghost.new ()); + [#"../02.rs" 105 16 105 45] _21 <- ([#"../02.rs" 105 16 105 45] Snapshot.new ()); goto BB12 } BB12 { diff --git a/creusot/tests/should_succeed/cell/02.rs b/creusot/tests/should_succeed/cell/02.rs index 97186b6576..5bb5e2a2e9 100644 --- a/creusot/tests/should_succeed/cell/02.rs +++ b/creusot/tests/should_succeed/cell/02.rs @@ -26,7 +26,7 @@ impl> Cell { } } -#[ghost] +#[logic] #[open] #[variant(i)] pub fn fib(i: Int) -> Int { @@ -40,7 +40,7 @@ pub fn fib(i: Int) -> Int { } #[open] -#[ghost] +#[logic] #[requires(0 <= i)] #[ensures(fib(i) <= 2.pow(i))] #[variant(i)] @@ -57,7 +57,7 @@ pub fn lemma_fib_bound(i: Int) { #[trusted] #[open] -#[ghost] +#[logic] #[ensures(2.pow(63) < 0xffff_ffff_ffff_ffffusize@)] pub fn lemma_max_int() {} @@ -101,8 +101,8 @@ pub fn fib_memo(mem: &FibCache, i: usize) -> usize { } else if i == 1 { 1 } else { - gh! { lemma_max_int }; - gh! { lemma_fib_bound }; + snapshot! { lemma_max_int }; + snapshot! { lemma_fib_bound }; fib_memo(mem, i - 1) + fib_memo(mem, i - 2) }; proof_assert! { fib_i@ == fib(i@)}; diff --git a/creusot/tests/should_succeed/clones/02.rs b/creusot/tests/should_succeed/clones/02.rs index 074c8831d2..5131557d90 100644 --- a/creusot/tests/should_succeed/clones/02.rs +++ b/creusot/tests/should_succeed/clones/02.rs @@ -5,12 +5,12 @@ use creusot_contracts::*; // Here we want to ensure that `program` properly shares // the implementation of simple between itself and `uses_simple`. -#[ghost] +#[logic] fn simple() -> bool { true } -#[ghost] +#[logic] fn uses_simple() -> bool { simple() } diff --git a/creusot/tests/should_succeed/clones/03.rs b/creusot/tests/should_succeed/clones/03.rs index 85afc4d94b..acc5f3c8f6 100644 --- a/creusot/tests/should_succeed/clones/03.rs +++ b/creusot/tests/should_succeed/clones/03.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::*; -#[ghost] +#[logic] fn omg(_x: T) -> bool { true } diff --git a/creusot/tests/should_succeed/clones/04.rs b/creusot/tests/should_succeed/clones/04.rs index 2c9ec822d8..0d3827e3e4 100644 --- a/creusot/tests/should_succeed/clones/04.rs +++ b/creusot/tests/should_succeed/clones/04.rs @@ -2,17 +2,17 @@ extern crate creusot_contracts; use creusot_contracts::*; -#[ghost] +#[logic] fn a(x: u32) -> bool { x > 0u32 } -#[ghost] +#[logic] fn b(x: u32) -> bool { x > 10u32 && a(x) } -#[ghost] +#[logic] fn c(x: u32) -> bool { x < 50u32 && b(x) } diff --git a/creusot/tests/should_succeed/filter_positive.rs b/creusot/tests/should_succeed/filter_positive.rs index 40888e945a..e5fbef896d 100644 --- a/creusot/tests/should_succeed/filter_positive.rs +++ b/creusot/tests/should_succeed/filter_positive.rs @@ -32,7 +32,7 @@ use creusot_contracts::{ // number of positive elements of `t` between `i` (included) and `j` // (excluded) -#[ghost] +#[logic] #[variant(j-i)] fn num_of_pos(i: Int, j: Int, t: Seq) -> Int { pearlite! { @@ -58,7 +58,7 @@ fn num_of_pos(i: Int, j: Int, t: Seq) -> Int { // // lemma: `num_of_pos` is increasing -#[ghost] +#[logic] #[requires(j <= k)] #[ensures(num_of_pos(i,j,t) <= num_of_pos(i,k,t))] #[variant(k-j)] @@ -72,7 +72,7 @@ fn lemma_num_of_pos_increasing(i: Int, j: Int, k: Int, t: Seq) { // lemma: `num_of_pos` is strictly increasing when a positive element // is met -#[ghost] +#[logic] #[requires(0 <= i && i < t.len())] #[requires(t[i]@ > 0)] #[ensures(num_of_pos(0,i,t) < num_of_pos(0,i+1,t))] diff --git a/creusot/tests/should_succeed/hashmap.mlcfg b/creusot/tests/should_succeed/hashmap.mlcfg index bf068bf2d6..e2130c43b3 100644 --- a/creusot/tests/should_succeed/hashmap.mlcfg +++ b/creusot/tests/should_succeed/hashmap.mlcfg @@ -445,16 +445,16 @@ module Hashmap_Impl5_Add ensures { result = inv5 _x } axiom inv5 : forall x : deep_model_ty0 . inv5 x = true - use prelude.Ghost - predicate invariant4 (self : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) - val invariant4 (self : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) : bool + use prelude.Snapshot + predicate invariant4 (self : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) + val invariant4 (self : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) : bool ensures { result = invariant4 self } - predicate inv4 (_x : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) - val inv4 (_x : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) : bool + predicate inv4 (_x : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) + val inv4 (_x : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) : bool ensures { result = inv4 _x } - axiom inv4 : forall x : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v))) . inv4 x = true + axiom inv4 : forall x : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v))) . inv4 x = true predicate invariant3 (self : borrowed (Hashmap_List_Type.t_list (k, v))) val invariant3 (self : borrowed (Hashmap_List_Type.t_list (k, v))) : bool ensures { result = invariant3 self } @@ -497,15 +497,15 @@ module Hashmap_Impl5_Add ensures { result = invariant1 self } axiom inv1 : forall x : Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global) . inv1 x = true - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) + val invariant0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) . inv0 x = true use prelude.Mapping function deep_model0 (self : k) : deep_model_ty0 val deep_model0 (self : k) : deep_model_ty0 @@ -631,14 +631,14 @@ module Hashmap_Impl5_Add requires {inv14 other} ensures { [#"../../../../creusot-contracts/src/std/cmp.rs" 11 26 11 75] result = (deep_model1 self = deep_model1 other) } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - predicate resolve2 (self : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) - val resolve2 (self : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) : bool + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + predicate resolve2 (self : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) + val resolve2 (self : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v)))) : bool ensures { result = resolve2 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve1 (self : borrowed (Hashmap_List_Type.t_list (k, v))) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve1 (self : borrowed (Hashmap_List_Type.t_list (k, v))) : bool @@ -698,11 +698,11 @@ module Hashmap_Impl5_Add requires {inv13 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model3 self) } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) + val resolve0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg add [#"../hashmap.rs" 106 4 106 41] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) (key : k) (val' : v) : () requires {[#"../hashmap.rs" 103 15 103 36] hashmap_inv0 ( * self)} requires {[#"../hashmap.rs" 106 20 106 24] inv12 self} @@ -720,7 +720,7 @@ module Hashmap_Impl5_Add var self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v) = self; var key : k = key; var val' : v = val'; - var old_self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)); + var old_self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)); var length : usize; var index : usize; var _13 : uint64; @@ -730,7 +730,7 @@ module Hashmap_Impl5_Add var _18 : borrowed (Hashmap_List_Type.t_list (k, v)); var _19 : borrowed (Hashmap_List_Type.t_list (k, v)); var _20 : borrowed (Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global)); - var old_l : Ghost.ghost_ty (borrowed (Hashmap_List_Type.t_list (k, v))); + var old_l : Snapshot.snap_ty (borrowed (Hashmap_List_Type.t_list (k, v))); var k : borrowed k; var v : borrowed v; var tl : borrowed (Hashmap_List_Type.t_list (k, v)); @@ -742,7 +742,7 @@ module Hashmap_Impl5_Add goto BB0 } BB0 { - [#"../hashmap.rs" 108 23 108 35] old_self <- ([#"../hashmap.rs" 108 23 108 35] Ghost.new self); + [#"../hashmap.rs" 108 23 108 41] old_self <- ([#"../hashmap.rs" 108 23 108 41] Snapshot.new self); goto BB1 } BB1 { @@ -781,7 +781,7 @@ module Hashmap_Impl5_Add assume { inv2 ( ^ l) }; assert { [@expl:type invariant] inv3 _18 }; assume { resolve1 _18 }; - [#"../hashmap.rs" 112 20 112 29] old_l <- ([#"../hashmap.rs" 112 20 112 29] Ghost.new l); + [#"../hashmap.rs" 112 20 112 35] old_l <- ([#"../hashmap.rs" 112 20 112 35] Snapshot.new l); goto BB6 } BB6 { @@ -790,12 +790,12 @@ module Hashmap_Impl5_Add goto BB7 } BB7 { - invariant { [#"../hashmap.rs" 114 20 114 52] good_bucket0 ( * Ghost.inner old_self) ( * l) (UIntSize.to_int index) }; - invariant { [#"../hashmap.rs" 114 8 114 54] good_bucket0 ( * Ghost.inner old_self) ( ^ l) (UIntSize.to_int index) -> good_bucket0 ( * Ghost.inner old_self) ( ^ Ghost.inner old_l) (UIntSize.to_int index) }; - invariant { [#"../hashmap.rs" 114 8 114 54] get0 ( ^ l) (deep_model0 key) = Core_Option_Option_Type.C_Some val' -> get0 ( ^ Ghost.inner old_l) (deep_model0 key) = Core_Option_Option_Type.C_Some val' }; - invariant { [#"../hashmap.rs" 114 8 114 54] forall i : deep_model_ty0 . inv5 i -> get0 ( ^ l) i = get0 ( * l) i -> get0 ( ^ Ghost.inner old_l) i = get0 ( * Ghost.inner old_l) i }; + invariant { [#"../hashmap.rs" 114 20 114 52] good_bucket0 ( * Snapshot.inner old_self) ( * l) (UIntSize.to_int index) }; + invariant { [#"../hashmap.rs" 114 8 114 54] good_bucket0 ( * Snapshot.inner old_self) ( ^ l) (UIntSize.to_int index) -> good_bucket0 ( * Snapshot.inner old_self) ( ^ Snapshot.inner old_l) (UIntSize.to_int index) }; + invariant { [#"../hashmap.rs" 114 8 114 54] get0 ( ^ l) (deep_model0 key) = Core_Option_Option_Type.C_Some val' -> get0 ( ^ Snapshot.inner old_l) (deep_model0 key) = Core_Option_Option_Type.C_Some val' }; + invariant { [#"../hashmap.rs" 114 8 114 54] forall i : deep_model_ty0 . inv5 i -> get0 ( ^ l) i = get0 ( * l) i -> get0 ( ^ Snapshot.inner old_l) i = get0 ( * Snapshot.inner old_l) i }; invariant { [#"../hashmap.rs" 118 20 118 44] no_double_binding0 ( * l) }; - invariant { [#"../hashmap.rs" 114 8 114 54] (forall i : deep_model_ty0 . inv5 i -> get0 ( * l) i = get0 ( ^ l) i \/ i = deep_model0 key) /\ no_double_binding0 ( ^ l) -> no_double_binding0 ( ^ Ghost.inner old_l) }; + invariant { [#"../hashmap.rs" 114 8 114 54] (forall i : deep_model_ty0 . inv5 i -> get0 ( * l) i = get0 ( ^ l) i \/ i = deep_model0 key) /\ no_double_binding0 ( ^ l) -> no_double_binding0 ( ^ Snapshot.inner old_l) }; goto BB8 } BB8 { @@ -1474,16 +1474,16 @@ module Hashmap_Impl5_Resize ensures { result = inv1 _x } axiom inv1 : forall x : deep_model_ty0 . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) + val invariant0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) . inv0 x = true use prelude.Mapping function deep_model0 (self : k) : deep_model_ty0 val deep_model0 (self : k) : deep_model_ty0 @@ -1654,7 +1654,7 @@ module Hashmap_Impl5_Resize val resolve1 (self : Hashmap_MyHashMap_Type.t_myhashmap k v) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot function shallow_model6 (self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) = @@ -1662,12 +1662,12 @@ module Hashmap_Impl5_Resize val shallow_model6 (self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) ensures { result = shallow_model6 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model6 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model6 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) ensures { result = shallow_model1 self } val new1 [#"../hashmap.rs" 98 4 98 46] (size : usize) : Hashmap_MyHashMap_Type.t_myhashmap k v @@ -1687,11 +1687,11 @@ module Hashmap_Impl5_Resize requires {inv10 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model5 self) } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) + val resolve0 (self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg resize [#"../hashmap.rs" 161 4 161 24] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)) : () requires {[#"../hashmap.rs" 156 15 156 41] Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))) < 1000} requires {[#"../hashmap.rs" 157 15 157 36] hashmap_inv0 ( * self)} @@ -1702,7 +1702,7 @@ module Hashmap_Impl5_Resize = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v) = self; - var old_self : Ghost.ghost_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)); + var old_self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)); var new : Hashmap_MyHashMap_Type.t_myhashmap k v; var _10 : usize; var i : usize; @@ -1722,7 +1722,7 @@ module Hashmap_Impl5_Resize goto BB0 } BB0 { - [#"../hashmap.rs" 162 23 162 35] old_self <- ([#"../hashmap.rs" 162 23 162 35] Ghost.new self); + [#"../hashmap.rs" 162 23 162 41] old_self <- ([#"../hashmap.rs" 162 23 162 41] Snapshot.new self); goto BB1 } BB1 { @@ -1747,12 +1747,12 @@ module Hashmap_Impl5_Resize goto BB6 } BB6 { - invariant { [#"../hashmap.rs" 166 8 166 111] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Ghost.inner old_self) k < UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = Map.get (shallow_model2 new) k }; - invariant { [#"../hashmap.rs" 166 8 166 111] forall k : deep_model_ty0 . inv1 k -> UIntSize.to_int i <= bucket_ix0 ( * Ghost.inner old_self) k /\ bucket_ix0 ( * Ghost.inner old_self) k <= Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Ghost.inner old_self))) -> Map.get (shallow_model2 new) k = Core_Option_Option_Type.C_None }; - invariant { [#"../hashmap.rs" 166 8 166 111] forall j : int . UIntSize.to_int i <= j /\ j < Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Ghost.inner old_self))) -> index_logic0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self)) j = index_logic0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Ghost.inner old_self)) j }; + invariant { [#"../hashmap.rs" 166 8 166 111] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Snapshot.inner old_self) k < UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = Map.get (shallow_model2 new) k }; + invariant { [#"../hashmap.rs" 166 8 166 111] forall k : deep_model_ty0 . inv1 k -> UIntSize.to_int i <= bucket_ix0 ( * Snapshot.inner old_self) k /\ bucket_ix0 ( * Snapshot.inner old_self) k <= Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Snapshot.inner old_self))) -> Map.get (shallow_model2 new) k = Core_Option_Option_Type.C_None }; + invariant { [#"../hashmap.rs" 166 8 166 111] forall j : int . UIntSize.to_int i <= j /\ j < Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Snapshot.inner old_self))) -> index_logic0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self)) j = index_logic0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Snapshot.inner old_self)) j }; invariant { [#"../hashmap.rs" 172 20 172 37] hashmap_inv0 new }; - invariant { [#"../hashmap.rs" 173 20 173 46] ^ Ghost.inner old_self = ^ self }; - invariant { [#"../hashmap.rs" 174 20 174 66] Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Ghost.inner old_self))) = Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))) }; + invariant { [#"../hashmap.rs" 173 20 173 46] ^ Snapshot.inner old_self = ^ self }; + invariant { [#"../hashmap.rs" 174 20 174 66] Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Snapshot.inner old_self))) = Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))) }; invariant { [#"../hashmap.rs" 175 20 175 45] UIntSize.to_int i <= Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))) }; goto BB7 } @@ -1809,14 +1809,14 @@ module Hashmap_Impl5_Resize } BB17 { invariant { [#"../hashmap.rs" 179 24 179 41] hashmap_inv0 new }; - invariant { [#"../hashmap.rs" 179 12 179 43] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Ghost.inner old_self) k < UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = Map.get (shallow_model2 new) k }; - invariant { [#"../hashmap.rs" 179 12 179 43] forall k : deep_model_ty0 . inv1 k -> UIntSize.to_int i < bucket_ix0 ( * Ghost.inner old_self) k /\ bucket_ix0 ( * Ghost.inner old_self) k <= Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Ghost.inner old_self))) -> Map.get (shallow_model2 new) k = Core_Option_Option_Type.C_None }; - invariant { [#"../hashmap.rs" 179 12 179 43] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Ghost.inner old_self) k = UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = match get1 l k with + invariant { [#"../hashmap.rs" 179 12 179 43] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Snapshot.inner old_self) k < UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = Map.get (shallow_model2 new) k }; + invariant { [#"../hashmap.rs" 179 12 179 43] forall k : deep_model_ty0 . inv1 k -> UIntSize.to_int i < bucket_ix0 ( * Snapshot.inner old_self) k /\ bucket_ix0 ( * Snapshot.inner old_self) k <= Seq.length (shallow_model3 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * Snapshot.inner old_self))) -> Map.get (shallow_model2 new) k = Core_Option_Option_Type.C_None }; + invariant { [#"../hashmap.rs" 179 12 179 43] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Snapshot.inner old_self) k = UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = match get1 l k with | Core_Option_Option_Type.C_None -> Map.get (shallow_model2 new) k | Core_Option_Option_Type.C_Some v -> Core_Option_Option_Type.C_Some v end }; invariant { [#"../hashmap.rs" 186 24 186 45] no_double_binding0 l }; - invariant { [#"../hashmap.rs" 187 24 187 51] good_bucket0 ( * Ghost.inner old_self) l (UIntSize.to_int i) }; + invariant { [#"../hashmap.rs" 187 24 187 51] good_bucket0 ( * Snapshot.inner old_self) l (UIntSize.to_int i) }; goto BB18 } BB18 { @@ -1863,7 +1863,7 @@ module Hashmap_Impl5_Resize BB25 { assert { [@expl:type invariant] inv5 l }; assume { resolve4 l }; - assert { [@expl:assertion] [#"../hashmap.rs" 192 12 192 121] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Ghost.inner old_self) k = UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = Map.get (shallow_model2 new) k }; + assert { [@expl:assertion] [#"../hashmap.rs" 192 12 192 121] forall k : deep_model_ty0 . inv1 k -> bucket_ix0 ( * Snapshot.inner old_self) k = UIntSize.to_int i -> Map.get (shallow_model1 old_self) k = Map.get (shallow_model2 new) k }; goto BB27 } BB26 { diff --git a/creusot/tests/should_succeed/hashmap.rs b/creusot/tests/should_succeed/hashmap.rs index 96ce8163e0..d844cac633 100644 --- a/creusot/tests/should_succeed/hashmap.rs +++ b/creusot/tests/should_succeed/hashmap.rs @@ -23,7 +23,7 @@ impl Clone for List { } impl List<(K, V)> { - #[ghost] + #[logic] #[open] pub fn get(self, index: K::DeepModelTy) -> Option { pearlite! { @@ -50,7 +50,7 @@ trait Hash: DeepModel { #[ensures(result@ == Self::hash_log(self.deep_model()))] fn hash(&self) -> u64; - #[ghost] + #[logic] fn hash_log(_: Self::DeepModelTy) -> Int; } @@ -60,7 +60,7 @@ impl Hash for usize { *self as u64 } - #[ghost] + #[logic] fn hash_log(x: Int) -> Int { pearlite! { x } } @@ -74,18 +74,18 @@ impl ShallowModel for MyHashMap { type ShallowModelTy = Mapping>; #[open(self)] - #[ghost] + #[logic] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { |k| self.bucket(k).get(k) } } } impl MyHashMap { - #[ghost] + #[logic] fn bucket(self, k: K::DeepModelTy) -> List<(K, V)> { pearlite! { self.buckets[self.bucket_ix(k)] } } - #[ghost] + #[logic] fn bucket_ix(self, k: K::DeepModelTy) -> Int { pearlite! { K::hash_log(k).rem_euclid(self.buckets@.len()) } } @@ -105,11 +105,11 @@ impl MyHashMap { #[ensures(forall (^self)@.get(i) == (if i == key.deep_model() { Some(val) } else { self@.get(i) } ))] pub fn add(&mut self, key: K, val: V) { use List::*; - let old_self = gh! { self }; + let old_self = snapshot! { self }; let length = self.buckets.len(); let index: usize = key.hash() as usize % length; let mut l: &mut List<_> = &mut self.buckets[index]; - let old_l = gh! { l }; + let old_l = snapshot! { l }; #[invariant(old_self.good_bucket(*l, index@))] #[invariant(old_self.good_bucket(^l, index@) ==> old_self.good_bucket(^old_l.inner(), index@))] @@ -159,7 +159,7 @@ impl MyHashMap { #[ensures(forall (^self)@.get(k) == self@.get(k))] // lets prove the extensional version for now #[allow(dead_code)] fn resize(&mut self) { - let old_self = gh! { self }; + let old_self = snapshot! { self }; let mut new = Self::new(self.buckets.len() * 2); let mut i: usize = 0; diff --git a/creusot/tests/should_succeed/heapsort_generic.mlcfg b/creusot/tests/should_succeed/heapsort_generic.mlcfg index e0f38b0994..72aa82241c 100644 --- a/creusot/tests/should_succeed/heapsort_generic.mlcfg +++ b/creusot/tests/should_succeed/heapsort_generic.mlcfg @@ -377,17 +377,17 @@ module HeapsortGeneric_SiftDown ensures { result = invariant1 self } axiom inv1 : forall x : deep_model_ty0 . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true function deep_model3 (self : t) : deep_model_ty0 val deep_model3 (self : t) : deep_model_ty0 ensures { result = deep_model3 self } @@ -507,7 +507,7 @@ module HeapsortGeneric_SiftDown val deep_model0 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq deep_model_ty0 ensures { result = deep_model0 self } - use prelude.Ghost + use prelude.Snapshot use seq.Permut predicate permutation_of0 (self : Seq.seq t) (o : Seq.seq t) = [#"../../../../creusot-contracts/src/logic/seq.rs" 107 8 107 37] Permut.permut self o 0 (Seq.length self) @@ -520,18 +520,19 @@ module HeapsortGeneric_SiftDown val shallow_model4 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model4 self } - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model4 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model4 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model1 self } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg sift_down [#"../heapsort_generic.rs" 41 0 43 29] [@cfg:stackify] [@cfg:subregion_analysis] (v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) (start : usize) (end' : usize) : () requires {[#"../heapsort_generic.rs" 31 11 31 54] heap_frag0 (deep_model0 v) (UIntSize.to_int start + 1) (UIntSize.to_int end')} requires {[#"../heapsort_generic.rs" 32 11 32 24] UIntSize.to_int start < UIntSize.to_int end'} @@ -547,7 +548,7 @@ module HeapsortGeneric_SiftDown var v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = v; var start : usize = start; var end' : usize = end'; - var old_v : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var i : usize; var _28 : bool; var child : usize; @@ -566,7 +567,7 @@ module HeapsortGeneric_SiftDown goto BB0 } BB0 { - [#"../heapsort_generic.rs" 45 16 45 25] old_v <- ([#"../heapsort_generic.rs" 45 16 45 25] Ghost.new v); + [#"../heapsort_generic.rs" 45 16 45 31] old_v <- ([#"../heapsort_generic.rs" 45 16 45 31] Snapshot.new v); goto BB1 } BB1 { @@ -578,8 +579,8 @@ module HeapsortGeneric_SiftDown BB2 { invariant { [#"../heapsort_generic.rs" 48 4 48 43] permutation_of0 (shallow_model0 v) (shallow_model1 old_v) }; invariant { [#"../heapsort_generic.rs" 49 16 49 41] UIntSize.to_int start <= UIntSize.to_int i /\ UIntSize.to_int i < UIntSize.to_int end' }; - invariant { [#"../heapsort_generic.rs" 48 4 48 43] forall j : int . 0 <= j /\ j < UIntSize.to_int start \/ UIntSize.to_int end' <= j /\ j < Seq.length (shallow_model0 v) -> index_logic0 ( * Ghost.inner old_v) j = index_logic0 ( * v) j }; - invariant { [#"../heapsort_generic.rs" 48 4 48 43] forall m : deep_model_ty0 . inv1 m -> (forall j : int . UIntSize.to_int start <= j /\ j < UIntSize.to_int end' -> le_log0 (Seq.get (deep_model0 (Ghost.inner old_v)) j) m) -> (forall j : int . UIntSize.to_int start <= j /\ j < UIntSize.to_int end' -> le_log0 (Seq.get (deep_model0 v) j) m) }; + invariant { [#"../heapsort_generic.rs" 48 4 48 43] forall j : int . 0 <= j /\ j < UIntSize.to_int start \/ UIntSize.to_int end' <= j /\ j < Seq.length (shallow_model0 v) -> index_logic0 ( * Snapshot.inner old_v) j = index_logic0 ( * v) j }; + invariant { [#"../heapsort_generic.rs" 48 4 48 43] forall m : deep_model_ty0 . inv1 m -> (forall j : int . UIntSize.to_int start <= j /\ j < UIntSize.to_int end' -> le_log0 (Seq.get (deep_model0 (Snapshot.inner old_v)) j) m) -> (forall j : int . UIntSize.to_int start <= j /\ j < UIntSize.to_int end' -> le_log0 (Seq.get (deep_model0 v) j) m) }; invariant { [#"../heapsort_generic.rs" 48 4 48 43] forall j : int . UIntSize.to_int start <= parent0 j /\ j < UIntSize.to_int end' /\ UIntSize.to_int i <> parent0 j -> le_log0 (Seq.get (deep_model0 v) j) (Seq.get (deep_model0 v) (parent0 j)) }; invariant { [#"../heapsort_generic.rs" 48 4 48 43] let c = 2 * UIntSize.to_int i + 1 in c < UIntSize.to_int end' /\ UIntSize.to_int start <= parent0 (UIntSize.to_int i) -> le_log0 (Seq.get (deep_model0 v) c) (Seq.get (deep_model0 v) (parent0 (parent0 c))) }; invariant { [#"../heapsort_generic.rs" 48 4 48 43] let c = 2 * UIntSize.to_int i + 2 in c < UIntSize.to_int end' /\ UIntSize.to_int start <= parent0 (UIntSize.to_int i) -> le_log0 (Seq.get (deep_model0 v) c) (Seq.get (deep_model0 v) (parent0 (parent0 c))) }; @@ -883,17 +884,17 @@ module HeapsortGeneric_HeapSort ensures { result = cmp_le_log0 x y } axiom cmp_le_log0_spec : forall x : deep_model_ty0, y : deep_model_ty0 . ([#"../../../../creusot-contracts/src/logic/ord.rs" 16 18 16 19] inv7 x) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 16 27 16 28] inv7 y) -> ([#"../../../../creusot-contracts/src/logic/ord.rs" 15 14 15 64] le_log0 x y = (cmp_log0 x y <> Core_Cmp_Ordering_Type.C_Greater)) - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true use seq.Seq predicate sorted_range0 [#"../heapsort_generic.rs" 77 0 77 63] (s : Seq.seq deep_model_ty0) (l : int) (u : int) = [#"../heapsort_generic.rs" 78 4 80 5] forall j : int . forall i : int . l <= i /\ i < j /\ j < u -> le_log0 (Seq.get s i) (Seq.get s j) @@ -1020,12 +1021,12 @@ module HeapsortGeneric_HeapSort val shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model5 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model5 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model5 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model1 self } function shallow_model4 (self : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) : Seq.seq t = @@ -1037,11 +1038,12 @@ module HeapsortGeneric_HeapSort requires {inv5 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model4 self) } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg heap_sort [#"../heapsort_generic.rs" 93 0 95 29] [@cfg:stackify] [@cfg:subregion_analysis] (v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : () requires {[#"../heapsort_generic.rs" 90 11 90 40] Seq.length (shallow_model0 v) < div (UIntSize.to_int max0) 2} requires {[#"../heapsort_generic.rs" 93 37 93 38] inv1 v} @@ -1051,7 +1053,7 @@ module HeapsortGeneric_HeapSort = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = v; - var old_v : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var start : usize; var _8 : usize; var _10 : bool; @@ -1070,7 +1072,7 @@ module HeapsortGeneric_HeapSort goto BB0 } BB0 { - [#"../heapsort_generic.rs" 97 16 97 25] old_v <- ([#"../heapsort_generic.rs" 97 16 97 25] Ghost.new v); + [#"../heapsort_generic.rs" 97 16 97 31] old_v <- ([#"../heapsort_generic.rs" 97 16 97 31] Snapshot.new v); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/heapsort_generic.rs b/creusot/tests/should_succeed/heapsort_generic.rs index 93e7957cde..551c003231 100644 --- a/creusot/tests/should_succeed/heapsort_generic.rs +++ b/creusot/tests/should_succeed/heapsort_generic.rs @@ -6,7 +6,7 @@ use creusot_contracts::{ *, }; -#[ghost] +#[logic] fn parent(i: Int) -> Int { (i + 1) / 2 - 1 } @@ -17,7 +17,7 @@ fn heap_frag(s: Seq, start: Int, end: Int) -> bool { s[i] <= s[parent(i)] } } -#[ghost] +#[logic] #[requires(heap_frag(s, 0, end))] #[requires(0 <= i && i < end)] #[ensures(s[i] <= s[0])] @@ -42,7 +42,7 @@ fn sift_down(v: &mut Vec, start: usize, end: usize) where T::DeepModelTy: OrdLogic, { - let old_v = gh! { v }; + let old_v = snapshot! { v }; let mut i = start; #[invariant(v@.permutation_of(old_v@))] @@ -94,7 +94,7 @@ pub fn heap_sort(v: &mut Vec) where T::DeepModelTy: OrdLogic, { - let old_v = gh! { v }; + let old_v = snapshot! { v }; let mut start = v.len() / 2; #[invariant(v@.permutation_of(old_v@))] diff --git a/creusot/tests/should_succeed/hillel.mlcfg b/creusot/tests/should_succeed/hillel.mlcfg index 664ccbe4ac..f96c442327 100644 --- a/creusot/tests/should_succeed/hillel.mlcfg +++ b/creusot/tests/should_succeed/hillel.mlcfg @@ -102,17 +102,17 @@ module Hillel_RightPad ensures { result = inv1 _x } axiom inv1 : forall x : t . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true use seq.Seq function shallow_model1 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t = @@ -143,7 +143,7 @@ module Hillel_RightPad requires {inv4 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model5 self) } - use prelude.Ghost + use prelude.Snapshot use seq.Seq function index_logic0 [@inline:trivial] (self : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) (ix : int) : t @@ -158,18 +158,19 @@ module Hillel_RightPad val shallow_model4 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model4 self } - function shallow_model0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + function shallow_model0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model4 (Ghost.inner self) - val shallow_model0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model4 (Snapshot.inner self) + val shallow_model0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model0 self } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg right_pad [#"../hillel.rs" 16 0 16 59] [@cfg:stackify] [@cfg:subregion_analysis] (str : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) (len : usize) (pad : t) : () requires {[#"../hillel.rs" 16 22 16 25] inv2 str} requires {[#"../hillel.rs" 16 52 16 55] inv1 pad} @@ -185,7 +186,7 @@ module Hillel_RightPad var str : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = str; var len : usize = len; var pad : t = pad; - var old_str : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_str : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var _19 : usize; var _22 : (); var _23 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); @@ -193,7 +194,7 @@ module Hillel_RightPad goto BB0 } BB0 { - [#"../hillel.rs" 17 18 17 29] old_str <- ([#"../hillel.rs" 17 18 17 29] Ghost.new str); + [#"../hillel.rs" 17 18 17 35] old_str <- ([#"../hillel.rs" 17 18 17 35] Snapshot.new str); goto BB1 } BB1 { @@ -205,7 +206,7 @@ module Hillel_RightPad invariant { [#"../hillel.rs" 19 16 19 44] Seq.length (shallow_model0 old_str) <= Seq.length (shallow_model1 str) }; invariant { [#"../hillel.rs" 19 4 19 46] Seq.length (shallow_model0 old_str) < UIntSize.to_int len -> Seq.length (shallow_model1 str) <= UIntSize.to_int len }; invariant { [#"../hillel.rs" 19 4 19 46] Seq.length (shallow_model1 str) > UIntSize.to_int len -> Seq.length (shallow_model1 str) = Seq.length (shallow_model0 old_str) }; - invariant { [#"../hillel.rs" 19 4 19 46] forall i : int . 0 <= i /\ i < Seq.length (shallow_model0 old_str) -> index_logic0 ( * str) i = index_logic0 ( * Ghost.inner old_str) i }; + invariant { [#"../hillel.rs" 19 4 19 46] forall i : int . 0 <= i /\ i < Seq.length (shallow_model0 old_str) -> index_logic0 ( * str) i = index_logic0 ( * Snapshot.inner old_str) i }; invariant { [#"../hillel.rs" 19 4 19 46] forall i : int . Seq.length (shallow_model0 old_str) <= i /\ i < Seq.length (shallow_model1 str) -> index_logic0 ( * str) i = pad }; goto BB3 } @@ -304,18 +305,18 @@ module Hillel_LeftPad ensures { result = inv1 _x } axiom inv1 : forall x : t . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true - use prelude.Ghost + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + use prelude.Snapshot use seq.Seq function index_logic0 [@inline:trivial] (self : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) (ix : int) : t @@ -356,16 +357,16 @@ module Hillel_LeftPad requires {inv4 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model7 self) } - use prelude.Ghost + use prelude.Snapshot use prelude.Int function shallow_model6 (self : usize) : int = [#"../../../../creusot-contracts/src/model.rs" 83 8 83 31] UIntSize.to_int self val shallow_model6 (self : usize) : int ensures { result = shallow_model6 self } - function shallow_model3 (self : Ghost.ghost_ty usize) : int = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model6 (Ghost.inner self) - val shallow_model3 (self : Ghost.ghost_ty usize) : int + function shallow_model3 (self : Snapshot.snap_ty usize) : int = + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model6 (Snapshot.inner self) + val shallow_model3 (self : Snapshot.snap_ty usize) : int ensures { result = shallow_model3 self } function shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t @@ -374,19 +375,20 @@ module Hillel_LeftPad val shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model5 self } - function shallow_model0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + function shallow_model0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model5 (Ghost.inner self) - val shallow_model0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model5 (Snapshot.inner self) + val shallow_model0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model0 self } - use prelude.Ghost - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + use prelude.Snapshot + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg left_pad [#"../hillel.rs" 33 0 33 58] [@cfg:stackify] [@cfg:subregion_analysis] (str : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) (len : usize) (pad : t) : () requires {[#"../hillel.rs" 33 21 33 24] inv2 str} requires {[#"../hillel.rs" 33 51 33 54] inv1 pad} @@ -400,23 +402,23 @@ module Hillel_LeftPad var str : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = str; var len : usize = len; var pad : t = pad; - var old_str : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); - var c : Ghost.ghost_ty usize; + var old_str : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var c : Snapshot.snap_ty usize; var _20 : usize; var _23 : (); var _24 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); - var _26 : Ghost.ghost_ty usize; + var _26 : Snapshot.snap_ty usize; { goto BB0 } BB0 { - [#"../hillel.rs" 34 18 34 29] old_str <- ([#"../hillel.rs" 34 18 34 29] Ghost.new str); + [#"../hillel.rs" 34 18 34 35] old_str <- ([#"../hillel.rs" 34 18 34 35] Snapshot.new str); goto BB1 } BB1 { assert { [@expl:type invariant] inv0 old_str }; assume { resolve0 old_str }; - [#"../hillel.rs" 35 30 35 44] c <- ([#"../hillel.rs" 35 30 35 44] Ghost.new (0 : usize)); + [#"../hillel.rs" 35 33 35 53] c <- ([#"../hillel.rs" 35 33 35 53] Snapshot.new (0 : usize)); goto BB2 } BB2 { @@ -427,7 +429,7 @@ module Hillel_LeftPad invariant { [#"../hillel.rs" 37 4 37 46] Seq.length (shallow_model0 old_str) < UIntSize.to_int len -> Seq.length (shallow_model1 str) <= UIntSize.to_int len }; invariant { [#"../hillel.rs" 37 4 37 46] Seq.length (shallow_model1 str) > UIntSize.to_int len -> Seq.length (shallow_model1 str) = Seq.length (shallow_model0 old_str) }; invariant { [#"../hillel.rs" 40 16 40 49] shallow_model3 c = Seq.length (shallow_model1 str) - Seq.length (shallow_model0 old_str) }; - invariant { [#"../hillel.rs" 37 4 37 46] forall i : int . shallow_model3 c <= i /\ i < Seq.length (shallow_model1 str) -> index_logic0 ( * str) i = index_logic0 ( * Ghost.inner old_str) (i - shallow_model3 c) }; + invariant { [#"../hillel.rs" 37 4 37 46] forall i : int . shallow_model3 c <= i /\ i < Seq.length (shallow_model1 str) -> index_logic0 ( * str) i = index_logic0 ( * Snapshot.inner old_str) (i - shallow_model3 c) }; invariant { [#"../hillel.rs" 37 4 37 46] forall i : int . 0 <= i /\ i < shallow_model3 c -> index_logic0 ( * str) i = pad }; goto BB4 } @@ -450,12 +452,12 @@ module Hillel_LeftPad goto BB7 } BB7 { - [#"../hillel.rs" 45 12 45 31] _26 <- ([#"../hillel.rs" 45 12 45 31] Ghost.new ((1 : usize) + Ghost.inner c)); + [#"../hillel.rs" 45 12 45 37] _26 <- ([#"../hillel.rs" 45 12 45 37] Snapshot.new ((1 : usize) + Snapshot.inner c)); goto BB8 } BB8 { - [#"../hillel.rs" 45 8 45 31] c <- ([#"../hillel.rs" 45 8 45 31] _26); - [#"../hillel.rs" 45 8 45 31] _26 <- any Ghost.ghost_ty usize; + [#"../hillel.rs" 45 8 45 37] c <- ([#"../hillel.rs" 45 8 45 37] _26); + [#"../hillel.rs" 45 8 45 37] _26 <- any Snapshot.snap_ty usize; goto BB3 } BB9 { @@ -732,30 +734,30 @@ module Hillel_InsertUnique ensures { result = inv3 _x } axiom inv3 : forall x : Core_Slice_Iter_Iter_Type.t_iter t . inv3 x = true - use prelude.Ghost - predicate invariant2 (self : Ghost.ghost_ty (Seq.seq t)) - val invariant2 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + predicate invariant2 (self : Snapshot.snap_ty (Seq.seq t)) + val invariant2 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = invariant2 self } - predicate inv2 (_x : Ghost.ghost_ty (Seq.seq t)) - val inv2 (_x : Ghost.ghost_ty (Seq.seq t)) : bool + predicate inv2 (_x : Snapshot.snap_ty (Seq.seq t)) + val inv2 (_x : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : Ghost.ghost_ty (Seq.seq t) . inv2 x = true + axiom inv2 : forall x : Snapshot.snap_ty (Seq.seq t) . inv2 x = true predicate invariant1 (self : slice t) val invariant1 (self : slice t) : bool ensures { result = invariant1 self } axiom inv1 : forall x : slice t . inv1 x = true - predicate invariant0 (self : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) - val invariant0 (self : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool + predicate invariant0 (self : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) + val invariant0 (self : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) - val inv0 (_x : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool + predicate inv0 (_x : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) + val inv0 (_x : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) . inv0 x = true function deep_model1 (self : t) : deep_model_ty0 val deep_model1 (self : t) : deep_model_ty0 ensures { result = deep_model1 self } @@ -825,7 +827,7 @@ module Hillel_InsertUnique requires {inv12 other} ensures { [#"../../../../creusot-contracts/src/std/cmp.rs" 11 26 11 75] result = (deep_model4 self = deep_model4 other) } - use prelude.Ghost + use prelude.Snapshot predicate resolve7 (self : t) val resolve7 (self : t) : bool ensures { result = resolve7 self } @@ -858,24 +860,24 @@ module Hillel_InsertUnique end } ensures { inv4 result } - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq t)) (ix : int) : t = - [#"../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq t)) (ix : int) : t + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq t)) (ix : int) : t = + [#"../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq t)) (ix : int) : t ensures { result = index_logic0 self ix } - use prelude.Ghost - use prelude.Ghost - predicate resolve4 (self : Ghost.ghost_ty (Seq.seq t)) - val resolve4 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + use prelude.Snapshot + predicate resolve4 (self : Snapshot.snap_ty (Seq.seq t)) + val resolve4 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = resolve4 self } - use prelude.Ghost - predicate resolve3 (self : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t)) - val resolve3 (self : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t)) : bool + use prelude.Snapshot + predicate resolve3 (self : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t)) + val resolve3 (self : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t)) : bool ensures { result = resolve3 self } - use prelude.Ghost + use prelude.Snapshot predicate into_iter_post0 (self : Core_Slice_Iter_Iter_Type.t_iter t) (res : Core_Slice_Iter_Iter_Type.t_iter t) = [#"../../../../creusot-contracts/src/std/iter.rs" 80 8 80 19] self = res val into_iter_post0 (self : Core_Slice_Iter_Iter_Type.t_iter t) (res : Core_Slice_Iter_Iter_Type.t_iter t) : bool @@ -910,11 +912,11 @@ module Hillel_InsertUnique ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 147 26 147 42] shallow_model0 result = shallow_model1 self } ensures { inv1 result } - predicate resolve1 (self : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) - val resolve1 (self : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool + predicate resolve1 (self : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) + val resolve1 (self : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot predicate is_subset0 [#"../hillel.rs" 64 0 64 49] (sub : Seq.seq deep_model_ty0) (sup : Seq.seq deep_model_ty0) = [#"../hillel.rs" 65 4 67 5] forall i : int . 0 <= i /\ i < Seq.length sub -> contains0 sup (Seq.get sub i) val is_subset0 [#"../hillel.rs" 64 0 64 49] (sub : Seq.seq deep_model_ty0) (sup : Seq.seq deep_model_ty0) : bool @@ -928,11 +930,11 @@ module Hillel_InsertUnique val deep_model0 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq deep_model_ty0 ensures { result = deep_model0 self } - predicate resolve0 (self : Ghost.ghost_ty ()) - val resolve0 (self : Ghost.ghost_ty ()) : bool + predicate resolve0 (self : Snapshot.snap_ty ()) + val resolve0 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot function subset_push0 [#"../hillel.rs" 72 0 72 37] (s : Seq.seq deep_model_ty0) (elem : deep_model_ty0) : () = [#"../hillel.rs" 70 0 70 8] () val subset_push0 [#"../hillel.rs" 72 0 72 37] (s : Seq.seq deep_model_ty0) (elem : deep_model_ty0) : () @@ -954,18 +956,18 @@ module Hillel_InsertUnique var _0 : (); var vec : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = vec; var elem : t = elem; - var _8 : Ghost.ghost_ty (); - var ghost_vec : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); + var _8 : Snapshot.snap_ty (); + var ghost_vec : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); var iter : Core_Slice_Iter_Iter_Type.t_iter t; var _16 : Core_Slice_Iter_Iter_Type.t_iter t; var _18 : slice t; - var iter_old : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t); - var produced : Ghost.ghost_ty (Seq.seq t); + var iter_old : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t); + var produced : Snapshot.snap_ty (Seq.seq t); var _28 : Core_Option_Option_Type.t_option t; var _29 : borrowed (Core_Slice_Iter_Iter_Type.t_iter t); var _30 : borrowed (Core_Slice_Iter_Iter_Type.t_iter t); var __creusot_proc_iter_elem : t; - var _33 : Ghost.ghost_ty (Seq.seq t); + var _33 : Snapshot.snap_ty (Seq.seq t); var e : t; var _38 : bool; var _41 : t; @@ -981,7 +983,7 @@ module Hillel_InsertUnique goto BB2 } BB2 { - [#"../hillel.rs" 80 4 80 41] _8 <- ([#"../hillel.rs" 80 4 80 41] Ghost.new ()); + [#"../hillel.rs" 80 4 80 47] _8 <- ([#"../hillel.rs" 80 4 80 47] Snapshot.new ()); goto BB3 } BB3 { @@ -990,7 +992,7 @@ module Hillel_InsertUnique goto BB4 } BB4 { - [#"../hillel.rs" 82 20 82 32] ghost_vec <- ([#"../hillel.rs" 82 20 82 32] Ghost.new ( * vec)); + [#"../hillel.rs" 82 20 82 38] ghost_vec <- ([#"../hillel.rs" 82 20 82 38] Snapshot.new ( * vec)); goto BB5 } BB5 { @@ -1011,12 +1013,12 @@ module Hillel_InsertUnique goto BB8 } BB8 { - [#"../hillel.rs" 84 4 84 111] iter_old <- ([#"../hillel.rs" 84 4 84 111] Ghost.new iter); + [#"../hillel.rs" 84 4 84 111] iter_old <- ([#"../hillel.rs" 84 4 84 111] Snapshot.new iter); goto BB9 } BB9 { assume { resolve3 iter_old }; - [#"../hillel.rs" 84 4 84 111] produced <- ([#"../hillel.rs" 84 4 84 111] Ghost.new (Seq.empty )); + [#"../hillel.rs" 84 4 84 111] produced <- ([#"../hillel.rs" 84 4 84 111] Snapshot.new (Seq.empty )); goto BB10 } BB10 { @@ -1029,8 +1031,8 @@ module Hillel_InsertUnique } BB12 { invariant { [#"../hillel.rs" 84 4 84 111] inv3 iter }; - invariant { [#"../hillel.rs" 84 4 84 111] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../hillel.rs" 84 4 84 111] forall j : int . 0 <= j /\ j < Seq.length (Ghost.inner produced) -> deep_model2 (index_logic0 produced j) <> deep_model1 elem }; + invariant { [#"../hillel.rs" 84 4 84 111] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../hillel.rs" 84 4 84 111] forall j : int . 0 <= j /\ j < Seq.length (Snapshot.inner produced) -> deep_model2 (index_logic0 produced j) <> deep_model1 elem }; goto BB13 } BB13 { @@ -1071,21 +1073,21 @@ module Hillel_InsertUnique absurd } BB18 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _28); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _28); assert { [@expl:type invariant] inv4 _28 }; assume { resolve6 _28 }; - [#"../hillel.rs" 84 4 84 111] _33 <- ([#"../hillel.rs" 84 4 84 111] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../hillel.rs" 84 4 84 111] _33 <- ([#"../hillel.rs" 84 4 84 111] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB19 } BB19 { [#"../hillel.rs" 84 4 84 111] produced <- ([#"../hillel.rs" 84 4 84 111] _33); - [#"../hillel.rs" 84 4 84 111] _33 <- any Ghost.ghost_ty (Seq.seq t); + [#"../hillel.rs" 84 4 84 111] _33 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv2 produced }; assume { resolve4 produced }; - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] e <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] e <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); assert { [@expl:type invariant] inv5 __creusot_proc_iter_elem }; assume { resolve7 __creusot_proc_iter_elem }; - assert { [@expl:assertion] [#"../hillel.rs" 86 24 86 57] e = index_logic1 (Ghost.inner ghost_vec) (Seq.length (Ghost.inner produced) - 1) }; + assert { [@expl:assertion] [#"../hillel.rs" 86 24 86 57] e = index_logic1 (Snapshot.inner ghost_vec) (Seq.length (Snapshot.inner produced) - 1) }; [#"../hillel.rs" 87 16 87 21] _41 <- ([#"../hillel.rs" 87 16 87 21] elem); [#"../hillel.rs" 87 11 87 21] _38 <- ([#"../hillel.rs" 87 11 87 21] eq0 ([#"../hillel.rs" 87 11 87 12] e) ([#"../hillel.rs" 87 16 87 21] _41)); goto BB20 @@ -1315,16 +1317,16 @@ module Hillel_Unique ensures { result = invariant1 self } axiom inv1 : forall x : Core_Ops_Range_Range_Type.t_range usize . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (Seq.seq t)) - val invariant0 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (Seq.seq t)) + val invariant0 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (Seq.seq t)) - val inv0 (_x : Ghost.ghost_ty (Seq.seq t)) : bool + predicate inv0 (_x : Snapshot.snap_ty (Seq.seq t)) + val inv0 (_x : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (Seq.seq t) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (Seq.seq t) . inv0 x = true predicate resolve2 (self : t) val resolve2 (self : t) : bool ensures { result = resolve2 self } @@ -1360,7 +1362,7 @@ module Hillel_Unique ensures { result = resolve4 self } use seq.Seq - use prelude.Ghost + use prelude.Snapshot predicate resolve3 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve3 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool @@ -1430,7 +1432,7 @@ module Hillel_Unique ensures { inv8 result } use seq_ext.SeqExt - use prelude.Ghost + use prelude.Snapshot function index_logic4 [@inline:trivial] (self : slice t) (ix : int) : t = [#"../../../../creusot-contracts/src/logic/ops.rs" 43 8 43 31] Seq.get (shallow_model3 self) ix val index_logic4 [@inline:trivial] (self : slice t) (ix : int) : t @@ -1447,10 +1449,10 @@ module Hillel_Unique val deep_model1 (self : slice t) : Seq.seq deep_model_ty0 ensures { result = deep_model1 self } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -1473,11 +1475,11 @@ module Hillel_Unique requires {inv5 self} ensures { [#"../../../../creusot-contracts/src/std/slice.rs" 238 0 334 1] Seq.length (shallow_model0 self) = UIntSize.to_int result } - predicate resolve0 (self : Ghost.ghost_ty (Seq.seq t)) - val resolve0 (self : Ghost.ghost_ty (Seq.seq t)) : bool + predicate resolve0 (self : Snapshot.snap_ty (Seq.seq t)) + val resolve0 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot use seq.Seq val new0 (_1 : ()) : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global) ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 68 26 68 44] Seq.length (shallow_model1 result) = 0 } @@ -1494,16 +1496,16 @@ module Hillel_Unique var _0 : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); var str : slice t = str; var unique : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); - var sub_str : Ghost.ghost_ty (Seq.seq t); + var sub_str : Snapshot.snap_ty (Seq.seq t); var iter : Core_Ops_Range_Range_Type.t_range usize; var _11 : usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _23 : Core_Option_Option_Type.t_option usize; var _24 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _25 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _28 : Ghost.ghost_ty (Seq.seq usize); + var _28 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var elem : t; var _32 : usize; @@ -1511,7 +1513,7 @@ module Hillel_Unique var _35 : (); var _36 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); var _37 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); - var _39 : Ghost.ghost_ty (Seq.seq t); + var _39 : Snapshot.snap_ty (Seq.seq t); { goto BB0 } @@ -1520,7 +1522,7 @@ module Hillel_Unique goto BB1 } BB1 { - [#"../hillel.rs" 102 37 102 55] sub_str <- ([#"../hillel.rs" 102 37 102 55] Ghost.new (Seq.empty )); + [#"../hillel.rs" 102 40 102 64] sub_str <- ([#"../hillel.rs" 102 40 102 64] Snapshot.new (Seq.empty )); goto BB2 } BB2 { @@ -1535,11 +1537,11 @@ module Hillel_Unique goto BB4 } BB4 { - [#"../hillel.rs" 104 4 104 48] iter_old <- ([#"../hillel.rs" 104 4 104 48] Ghost.new iter); + [#"../hillel.rs" 104 4 104 48] iter_old <- ([#"../hillel.rs" 104 4 104 48] Snapshot.new iter); goto BB5 } BB5 { - [#"../hillel.rs" 104 4 104 48] produced <- ([#"../hillel.rs" 104 4 104 48] Ghost.new (Seq.empty )); + [#"../hillel.rs" 104 4 104 48] produced <- ([#"../hillel.rs" 104 4 104 48] Snapshot.new (Seq.empty )); goto BB6 } BB6 { @@ -1556,10 +1558,10 @@ module Hillel_Unique } BB10 { invariant { [#"../hillel.rs" 104 4 104 48] inv1 iter }; - invariant { [#"../hillel.rs" 104 4 104 48] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../hillel.rs" 104 4 104 48] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../hillel.rs" 104 16 104 46] is_unique0 (deep_model0 unique) }; invariant { [#"../hillel.rs" 105 16 105 64] is_subset0 (deep_model0 unique) (deep_model1 str) }; - invariant { [#"../hillel.rs" 106 16 106 95] is_subset0 (SeqExt.subsequence (deep_model1 str) 0 (Seq.length (Ghost.inner produced))) (deep_model0 unique) }; + invariant { [#"../hillel.rs" 106 16 106 95] is_subset0 (SeqExt.subsequence (deep_model1 str) 0 (Seq.length (Snapshot.inner produced))) (deep_model0 unique) }; goto BB11 } BB11 { @@ -1596,14 +1598,14 @@ module Hillel_Unique absurd } BB16 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _23); - [#"../hillel.rs" 104 4 104 48] _28 <- ([#"../hillel.rs" 104 4 104 48] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _23); + [#"../hillel.rs" 104 4 104 48] _28 <- ([#"../hillel.rs" 104 4 104 48] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB17 } BB17 { [#"../hillel.rs" 104 4 104 48] produced <- ([#"../hillel.rs" 104 4 104 48] _28); - [#"../hillel.rs" 104 4 104 48] _28 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../hillel.rs" 104 4 104 48] _28 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../hillel.rs" 108 26 108 27] _32 <- ([#"../hillel.rs" 108 26 108 27] i); [#"../hillel.rs" 108 22 108 28] _34 <- ([#"../hillel.rs" 108 22 108 28] _32 < ([#"../hillel.rs" 108 22 108 28] Slice.length str)); assert { [@expl:index in bounds] [#"../hillel.rs" 108 22 108 28] _34 }; @@ -1626,12 +1628,12 @@ module Hillel_Unique BB19 { assert { [@expl:type invariant] inv4 _37 }; assume { resolve3 _37 }; - [#"../hillel.rs" 110 18 110 44] _39 <- ([#"../hillel.rs" 110 18 110 44] Ghost.new (Seq.snoc (Ghost.inner sub_str) elem)); + [#"../hillel.rs" 110 18 110 50] _39 <- ([#"../hillel.rs" 110 18 110 50] Snapshot.new (Seq.snoc (Snapshot.inner sub_str) elem)); goto BB20 } BB20 { - [#"../hillel.rs" 110 8 110 44] sub_str <- ([#"../hillel.rs" 110 8 110 44] _39); - [#"../hillel.rs" 110 8 110 44] _39 <- any Ghost.ghost_ty (Seq.seq t); + [#"../hillel.rs" 110 8 110 50] sub_str <- ([#"../hillel.rs" 110 8 110 50] _39); + [#"../hillel.rs" 110 8 110 50] _39 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv0 sub_str }; assume { resolve0 sub_str }; goto BB10 @@ -1942,7 +1944,7 @@ module Hillel_Fulcrum ensures { result = inv0 _x } axiom inv0 : forall x : Core_Slice_Iter_Iter_Type.t_iter uint32 . inv0 x = true - use prelude.Ghost + use prelude.Snapshot function abs_diff1 (self : int) (other : int) : int = [#"../../../../creusot-contracts/src/logic/int.rs" 50 4 50 12] if self < other then other - self else self - other val abs_diff1 (self : int) (other : int) : int @@ -2001,11 +2003,11 @@ module Hillel_Fulcrum ensures { result = score0 seq i } axiom score0_spec : forall seq : Seq.seq uint32, i : int . ([#"../hillel.rs" 141 11 141 35] 0 <= i /\ i <= Seq.length seq) -> ([#"../hillel.rs" 143 0 143 79] 0 = i \/ i = Seq.length seq -> score0 seq i = sum_range0 seq 0 (Seq.length seq)) && ([#"../hillel.rs" 142 10 142 64] 0 <= score0 seq i /\ score0 seq i <= sum_range0 seq 0 (Seq.length seq)) - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post1 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -2052,11 +2054,11 @@ module Hillel_Fulcrum end } ensures { inv3 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : slice uint32) (res : Core_Slice_Iter_Iter_Type.t_iter uint32) = [#"../../../../creusot-contracts/src/std/slice.rs" 346 20 346 32] self = shallow_model3 res val into_iter_post0 (self : slice uint32) (res : Core_Slice_Iter_Iter_Type.t_iter uint32) : bool @@ -2083,27 +2085,27 @@ module Hillel_Fulcrum var s : slice uint32 = s; var total : uint32; var iter : Core_Slice_Iter_Iter_Type.t_iter uint32; - var iter_old : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter uint32); - var produced : Ghost.ghost_ty (Seq.seq uint32); + var iter_old : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter uint32); + var produced : Snapshot.snap_ty (Seq.seq uint32); var _18 : (); var _19 : Core_Option_Option_Type.t_option uint32; var _20 : borrowed (Core_Slice_Iter_Iter_Type.t_iter uint32); var _21 : borrowed (Core_Slice_Iter_Iter_Type.t_iter uint32); var __creusot_proc_iter_elem : uint32; - var _24 : Ghost.ghost_ty (Seq.seq uint32); + var _24 : Snapshot.snap_ty (Seq.seq uint32); var x : uint32; var min_i : usize; var min_dist : uint32; var sum : uint32; var iter1 : Core_Ops_Range_Range_Type.t_range usize; var _37 : usize; - var iter_old1 : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced1 : Ghost.ghost_ty (Seq.seq usize); + var iter_old1 : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced1 : Snapshot.snap_ty (Seq.seq usize); var _50 : Core_Option_Option_Type.t_option usize; var _51 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _52 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem1 : usize; - var _55 : Ghost.ghost_ty (Seq.seq usize); + var _55 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var dist : uint32; var _63 : (); @@ -2118,11 +2120,11 @@ module Hillel_Fulcrum goto BB1 } BB1 { - [#"../hillel.rs" 159 4 159 60] iter_old <- ([#"../hillel.rs" 159 4 159 60] Ghost.new iter); + [#"../hillel.rs" 159 4 159 60] iter_old <- ([#"../hillel.rs" 159 4 159 60] Snapshot.new iter); goto BB2 } BB2 { - [#"../hillel.rs" 159 4 159 60] produced <- ([#"../hillel.rs" 159 4 159 60] Ghost.new (Seq.empty )); + [#"../hillel.rs" 159 4 159 60] produced <- ([#"../hillel.rs" 159 4 159 60] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -2130,8 +2132,8 @@ module Hillel_Fulcrum } BB4 { invariant { [#"../hillel.rs" 159 4 159 60] inv0 iter }; - invariant { [#"../hillel.rs" 159 4 159 60] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../hillel.rs" 159 16 159 58] UInt32.to_int total = sum_range0 (shallow_model1 s) 0 (Seq.length (Ghost.inner produced)) }; + invariant { [#"../hillel.rs" 159 4 159 60] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../hillel.rs" 159 16 159 58] UInt32.to_int total = sum_range0 (shallow_model1 s) 0 (Seq.length (Snapshot.inner produced)) }; invariant { [#"../hillel.rs" 160 16 160 52] UInt32.to_int total <= sum_range0 (shallow_model1 s) 0 (Seq.length (shallow_model1 s)) }; goto BB5 } @@ -2167,13 +2169,13 @@ module Hillel_Fulcrum absurd } BB10 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _19); - [#"../hillel.rs" 159 4 159 60] _24 <- ([#"../hillel.rs" 159 4 159 60] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _19); + [#"../hillel.rs" 159 4 159 60] _24 <- ([#"../hillel.rs" 159 4 159 60] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB11 } BB11 { [#"../hillel.rs" 159 4 159 60] produced <- ([#"../hillel.rs" 159 4 159 60] _24); - [#"../hillel.rs" 159 4 159 60] _24 <- any Ghost.ghost_ty (Seq.seq uint32); + [#"../hillel.rs" 159 4 159 60] _24 <- any Snapshot.snap_ty (Seq.seq uint32); [#"../hillel.rs" 161 9 161 10] x <- ([#"../hillel.rs" 161 9 161 10] __creusot_proc_iter_elem); [#"../hillel.rs" 162 8 162 18] total <- ([#"../hillel.rs" 162 8 162 18] total + ([#"../hillel.rs" 162 17 162 18] x)); [#"../hillel.rs" 161 16 163 5] _18 <- ([#"../hillel.rs" 161 16 163 5] ()); @@ -2185,11 +2187,11 @@ module Hillel_Fulcrum goto BB13 } BB13 { - [#"../hillel.rs" 171 4 171 58] iter_old1 <- ([#"../hillel.rs" 171 4 171 58] Ghost.new iter1); + [#"../hillel.rs" 171 4 171 58] iter_old1 <- ([#"../hillel.rs" 171 4 171 58] Snapshot.new iter1); goto BB14 } BB14 { - [#"../hillel.rs" 171 4 171 58] produced1 <- ([#"../hillel.rs" 171 4 171 58] Ghost.new (Seq.empty )); + [#"../hillel.rs" 171 4 171 58] produced1 <- ([#"../hillel.rs" 171 4 171 58] Snapshot.new (Seq.empty )); goto BB15 } BB15 { @@ -2197,12 +2199,12 @@ module Hillel_Fulcrum } BB16 { invariant { [#"../hillel.rs" 171 4 171 58] inv1 iter1 }; - invariant { [#"../hillel.rs" 171 4 171 58] produces1 (Ghost.inner iter_old1) (Ghost.inner produced1) iter1 }; - invariant { [#"../hillel.rs" 171 16 171 56] UInt32.to_int sum = sum_range0 (shallow_model1 s) 0 (Seq.length (Ghost.inner produced1)) }; + invariant { [#"../hillel.rs" 171 4 171 58] produces1 (Snapshot.inner iter_old1) (Snapshot.inner produced1) iter1 }; + invariant { [#"../hillel.rs" 171 16 171 56] UInt32.to_int sum = sum_range0 (shallow_model1 s) 0 (Seq.length (Snapshot.inner produced1)) }; invariant { [#"../hillel.rs" 172 16 172 30] UInt32.to_int sum <= UInt32.to_int total }; - invariant { [#"../hillel.rs" 173 16 173 61] UIntSize.to_int min_i <= Seq.length (Ghost.inner produced1) /\ UIntSize.to_int min_i < Seq.length (shallow_model1 s) }; + invariant { [#"../hillel.rs" 173 16 173 61] UIntSize.to_int min_i <= Seq.length (Snapshot.inner produced1) /\ UIntSize.to_int min_i < Seq.length (shallow_model1 s) }; invariant { [#"../hillel.rs" 174 16 174 46] UInt32.to_int min_dist = score0 (shallow_model1 s) (UIntSize.to_int min_i) }; - invariant { [#"../hillel.rs" 171 4 171 58] forall j : int . 0 <= j /\ j < Seq.length (Ghost.inner produced1) -> score0 (shallow_model1 s) (UIntSize.to_int min_i) <= score0 (shallow_model1 s) j }; + invariant { [#"../hillel.rs" 171 4 171 58] forall j : int . 0 <= j /\ j < Seq.length (Snapshot.inner produced1) -> score0 (shallow_model1 s) (UIntSize.to_int min_i) <= score0 (shallow_model1 s) j }; goto BB17 } BB17 { @@ -2229,14 +2231,14 @@ module Hillel_Fulcrum goto BB21 } BB21 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1 <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _50); - [#"../hillel.rs" 171 4 171 58] _55 <- ([#"../hillel.rs" 171 4 171 58] Ghost.new (Seq.(++) (Ghost.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1 <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _50); + [#"../hillel.rs" 171 4 171 58] _55 <- ([#"../hillel.rs" 171 4 171 58] Snapshot.new (Seq.(++) (Snapshot.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); goto BB22 } BB22 { [#"../hillel.rs" 171 4 171 58] produced1 <- ([#"../hillel.rs" 171 4 171 58] _55); - [#"../hillel.rs" 171 4 171 58] _55 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1); + [#"../hillel.rs" 171 4 171 58] _55 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); [#"../hillel.rs" 177 19 177 44] dist <- ([#"../hillel.rs" 177 19 177 44] abs_diff0 ([#"../hillel.rs" 177 19 177 22] sum) ([#"../hillel.rs" 177 32 177 43] ([#"../hillel.rs" 177 32 177 37] total) - ([#"../hillel.rs" 177 40 177 43] sum))); goto BB23 } diff --git a/creusot/tests/should_succeed/hillel.rs b/creusot/tests/should_succeed/hillel.rs index 4b8e81c428..667779f4ef 100644 --- a/creusot/tests/should_succeed/hillel.rs +++ b/creusot/tests/should_succeed/hillel.rs @@ -14,7 +14,7 @@ use creusot_contracts::{ #[ensures(forall 0 <= i && i < str@.len() ==> (^str)[i] == str[i])] #[ensures(forall str@.len() <= i && i < len@ ==> (^str)[i] == pad)] fn right_pad(str: &mut Vec, len: usize, pad: T) { - let old_str = gh! { str }; + let old_str = snapshot! { str }; #[invariant(old_str@.len() <= str@.len())] #[invariant(old_str@.len() < len@ ==> str@.len() <= len@)] @@ -31,8 +31,8 @@ fn right_pad(str: &mut Vec, len: usize, pad: T) { #[ensures(forall 0 <= i && i < ((^str)@.len() - str@.len()) ==> (^str)[i] == pad)] #[ensures(forall 0 <= i && i < str@.len() ==> (^str)[i + ((^str)@.len() - str@.len())] == str[i])] fn left_pad(str: &mut Vec, len: usize, pad: T) { - let old_str = gh! { str }; - let mut c: Ghost = gh! { 0usize }; + let old_str = snapshot! { str }; + let mut c: Snapshot = snapshot! { 0usize }; #[invariant(old_str@.len() <= str@.len())] #[invariant(old_str@.len() < len@ ==> str@.len() <= len@)] @@ -42,7 +42,7 @@ fn left_pad(str: &mut Vec, len: usize, pad: T) { #[invariant(forall 0 <= i && i < c@ ==> str[i] == pad)] while str.len() < len { str.insert(0, pad); - c = gh! { 1usize + *c }; + c = snapshot! { 1usize + *c }; } } @@ -67,7 +67,7 @@ fn is_subset(sub: Seq, sup: Seq) -> bool { } } -#[ghost] +#[logic] #[ensures(is_subset(s, s.push(elem)))] fn subset_push(s: Seq, elem: T) {} @@ -77,9 +77,9 @@ fn subset_push(s: Seq, elem: T) {} #[ensures(is_subset((^vec).deep_model(), vec.deep_model().push(elem.deep_model())))] #[ensures(contains((^vec).deep_model(), elem.deep_model()))] fn insert_unique(vec: &mut Vec, elem: T) { - gh! { subset_push:: }; + snapshot! { subset_push:: }; proof_assert! { is_subset(vec.deep_model(), vec.deep_model().push(elem.deep_model())) }; - let ghost_vec = gh! { *vec }; + let ghost_vec = snapshot! { *vec }; #[invariant(forall 0 <= j && j < produced.len() ==> produced[j].deep_model() != elem.deep_model())] for e in vec.iter() { @@ -99,7 +99,7 @@ fn insert_unique(vec: &mut Vec, elem: T) { #[ensures(is_subset(str.deep_model(), result.deep_model()))] fn unique(str: &[T]) -> Vec { let mut unique = Vec::new(); - let mut sub_str: Ghost> = gh! { Seq::EMPTY }; + let mut sub_str: Snapshot> = snapshot! { Seq::EMPTY }; #[invariant(is_unique(unique.deep_model()))] #[invariant(is_subset(unique.deep_model(), str.deep_model()))] @@ -107,7 +107,7 @@ fn unique(str: &[T]) -> Vec { for i in 0..str.len() { let elem: T = str[i]; insert_unique(&mut unique, elem); - sub_str = gh! { sub_str.push(elem) }; + sub_str = snapshot! { sub_str.push(elem) }; } proof_assert! { is_subset(str.deep_model().subsequence(0, str@.len()), unique.deep_model()) } @@ -115,7 +115,7 @@ fn unique(str: &[T]) -> Vec { unique } -#[ghost] +#[logic] #[variant(to - from)] #[requires(0 <= from && from <= to && to <= seq.len())] #[ensures(result >= 0)] @@ -127,7 +127,7 @@ fn sum_range(seq: Seq, from: Int, to: Int) -> Int { } } -#[ghost] +#[logic] #[variant(i - from)] #[requires(0 <= from && from <= i && i <= to && to <= seq.len())] #[ensures(sum_range(seq, from, to) == sum_range(seq, from, i) + sum_range(seq, i, to))] @@ -137,7 +137,7 @@ fn sum_range_split(seq: Seq, from: Int, to: Int, i: Int) { } } -#[ghost] +#[logic] #[requires(0 <= i && i <= seq.len())] #[ensures(0 <= result && result <= sum_range(seq, 0 , seq.len()))] #[ensures(0 == i || i == seq.len() ==> result == sum_range(seq, 0, seq.len()))] diff --git a/creusot/tests/should_succeed/inplace_list_reversal.mlcfg b/creusot/tests/should_succeed/inplace_list_reversal.mlcfg index 65a1e6a0e8..f48b7797ed 100644 --- a/creusot/tests/should_succeed/inplace_list_reversal.mlcfg +++ b/creusot/tests/should_succeed/inplace_list_reversal.mlcfg @@ -32,16 +32,16 @@ module InplaceListReversal_Rev ensures { result = inv1 _x } axiom inv1 : forall x : InplaceListReversal_List_Type.t_list t . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t))) - val invariant0 (self : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t))) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t))) + val invariant0 (self : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t))) - val inv0 (_x : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t))) + val inv0 (_x : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t)) . inv0 x = true predicate resolve2 (self : borrowed (InplaceListReversal_List_Type.t_list t)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (InplaceListReversal_List_Type.t_list t)) : bool @@ -51,7 +51,7 @@ module InplaceListReversal_Rev val resolve1 (self : InplaceListReversal_List_Type.t_list t) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot function rev_append0 [#"../inplace_list_reversal.rs" 16 0 16 55] (n : InplaceListReversal_List_Type.t_list t) (o : InplaceListReversal_List_Type.t_list t) : InplaceListReversal_List_Type.t_list t = @@ -69,11 +69,11 @@ module InplaceListReversal_Rev ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 8 22 8 37] result = * dest } ensures { inv1 result } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t))) - val resolve0 (self : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t))) + val resolve0 (self : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg rev [#"../inplace_list_reversal.rs" 24 0 24 30] [@cfg:stackify] [@cfg:subregion_analysis] (l : borrowed (InplaceListReversal_List_Type.t_list t)) : () requires {[#"../inplace_list_reversal.rs" 24 14 24 15] inv2 l} ensures { [#"../inplace_list_reversal.rs" 23 10 23 35] ^ l = rev_append0 ( * l) (InplaceListReversal_List_Type.C_Nil) } @@ -81,7 +81,7 @@ module InplaceListReversal_Rev = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var l : borrowed (InplaceListReversal_List_Type.t_list t) = l; - var old_l : Ghost.ghost_ty (borrowed (InplaceListReversal_List_Type.t_list t)); + var old_l : Snapshot.snap_ty (borrowed (InplaceListReversal_List_Type.t_list t)); var prev : InplaceListReversal_List_Type.t_list t; var head : InplaceListReversal_List_Type.t_list t; var _7 : borrowed (InplaceListReversal_List_Type.t_list t); @@ -91,7 +91,7 @@ module InplaceListReversal_Rev goto BB0 } BB0 { - [#"../inplace_list_reversal.rs" 25 16 25 25] old_l <- ([#"../inplace_list_reversal.rs" 25 16 25 25] Ghost.new l); + [#"../inplace_list_reversal.rs" 25 16 25 31] old_l <- ([#"../inplace_list_reversal.rs" 25 16 25 31] Snapshot.new l); goto BB1 } BB1 { @@ -112,7 +112,7 @@ module InplaceListReversal_Rev goto BB4 } BB4 { - invariant { [#"../inplace_list_reversal.rs" 28 16 28 73] rev_append0 head prev = rev_append0 ( * Ghost.inner old_l) (InplaceListReversal_List_Type.C_Nil) }; + invariant { [#"../inplace_list_reversal.rs" 28 16 28 73] rev_append0 head prev = rev_append0 ( * Snapshot.inner old_l) (InplaceListReversal_List_Type.C_Nil) }; goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/inplace_list_reversal.rs b/creusot/tests/should_succeed/inplace_list_reversal.rs index 6aee771ec7..26607bc85c 100644 --- a/creusot/tests/should_succeed/inplace_list_reversal.rs +++ b/creusot/tests/should_succeed/inplace_list_reversal.rs @@ -11,7 +11,7 @@ pub enum List { use List::*; type Node = Box<(T, List)>; -#[ghost] +#[logic] #[open(self)] pub fn rev_append(n: List, o: List) -> List { match n { @@ -22,7 +22,7 @@ pub fn rev_append(n: List, o: List) -> List { #[ensures(^l == rev_append(*l, Nil))] pub fn rev(l: &mut List) { - let old_l = gh! { l }; + let old_l = snapshot! { l }; let mut prev = Nil; let mut head = replace(l, Nil); #[invariant(rev_append(head, prev) == rev_append(*old_l.inner(), Nil))] diff --git a/creusot/tests/should_succeed/ite_normalize.rs b/creusot/tests/should_succeed/ite_normalize.rs index a9a960ac43..f4253b10ab 100644 --- a/creusot/tests/should_succeed/ite_normalize.rs +++ b/creusot/tests/should_succeed/ite_normalize.rs @@ -44,7 +44,7 @@ impl Clone for BTreeMap { impl ShallowModel for BTreeMap { type ShallowModelTy = creusot_contracts::logic::Mapping>; - #[ghost] + #[logic] #[open(self)] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { diff --git a/creusot/tests/should_succeed/iterators/01_range.mlcfg b/creusot/tests/should_succeed/iterators/01_range.mlcfg index e9dc99bf9f..490a8aa47f 100644 --- a/creusot/tests/should_succeed/iterators/01_range.mlcfg +++ b/creusot/tests/should_succeed/iterators/01_range.mlcfg @@ -196,7 +196,7 @@ module C01Range_SumRange ensures { result = inv0 _x } axiom inv0 : forall x : C01Range_Range_Type.t_range . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use seq.Seq use Core_Option_Option_Type as Core_Option_Option_Type use prelude.Borrow @@ -216,11 +216,11 @@ module C01Range_SumRange | Core_Option_Option_Type.C_Some v -> produces0 ( * self) (Seq.singleton v) ( ^ self) end } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot val into_iter0 [#"../01_range.rs" 70 4 70 34] (self : C01Range_Range_Type.t_range) : C01Range_Range_Type.t_range ensures { [#"../01_range.rs" 69 14 69 28] result = self } @@ -233,12 +233,12 @@ module C01Range_SumRange var n : isize = n; var i : isize; var it : C01Range_Range_Type.t_range; - var iter_old : Ghost.ghost_ty (C01Range_Range_Type.t_range); - var produced : Ghost.ghost_ty (Seq.seq isize); + var iter_old : Snapshot.snap_ty (C01Range_Range_Type.t_range); + var produced : Snapshot.snap_ty (Seq.seq isize); var _17 : Core_Option_Option_Type.t_option isize; var _18 : borrowed (C01Range_Range_Type.t_range); var x : isize; - var _21 : Ghost.ghost_ty (Seq.seq isize); + var _21 : Snapshot.snap_ty (Seq.seq isize); { goto BB0 } @@ -248,11 +248,11 @@ module C01Range_SumRange goto BB1 } BB1 { - [#"../01_range.rs" 80 19 80 29] iter_old <- ([#"../01_range.rs" 80 19 80 29] Ghost.new it); + [#"../01_range.rs" 80 19 80 35] iter_old <- ([#"../01_range.rs" 80 19 80 35] Snapshot.new it); goto BB2 } BB2 { - [#"../01_range.rs" 81 23 81 41] produced <- ([#"../01_range.rs" 81 23 81 41] Ghost.new (Seq.empty )); + [#"../01_range.rs" 81 23 81 47] produced <- ([#"../01_range.rs" 81 23 81 47] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -260,8 +260,8 @@ module C01Range_SumRange } BB4 { invariant { [#"../01_range.rs" 82 16 82 23] inv0 it }; - invariant { [#"../01_range.rs" 83 16 83 55] produces0 (Ghost.inner iter_old) (Ghost.inner produced) it }; - invariant { [#"../01_range.rs" 84 16 84 46] IntSize.to_int i = Seq.length (Ghost.inner produced) /\ i <= n }; + invariant { [#"../01_range.rs" 83 16 83 55] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) it }; + invariant { [#"../01_range.rs" 84 16 84 46] IntSize.to_int i = Seq.length (Snapshot.inner produced) /\ i <= n }; goto BB5 } BB5 { @@ -290,12 +290,12 @@ module C01Range_SumRange } BB10 { [#"../01_range.rs" 87 17 87 18] x <- ([#"../01_range.rs" 87 17 87 18] Core_Option_Option_Type.some_0 _17); - [#"../01_range.rs" 88 27 88 69] _21 <- ([#"../01_range.rs" 88 27 88 69] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton x))); + [#"../01_range.rs" 88 27 88 75] _21 <- ([#"../01_range.rs" 88 27 88 75] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton x))); goto BB11 } BB11 { - [#"../01_range.rs" 88 16 88 69] produced <- ([#"../01_range.rs" 88 16 88 69] _21); - [#"../01_range.rs" 88 16 88 69] _21 <- any Ghost.ghost_ty (Seq.seq isize); + [#"../01_range.rs" 88 16 88 75] produced <- ([#"../01_range.rs" 88 16 88 75] _21); + [#"../01_range.rs" 88 16 88 75] _21 <- any Snapshot.snap_ty (Seq.seq isize); [#"../01_range.rs" 89 16 89 22] i <- ([#"../01_range.rs" 89 16 89 22] i + ([#"../01_range.rs" 89 21 89 22] [#"../01_range.rs" 89 21 89 22] (1 : isize))); goto BB4 } diff --git a/creusot/tests/should_succeed/iterators/01_range.rs b/creusot/tests/should_succeed/iterators/01_range.rs index cb83e7000e..5d1e9d0330 100644 --- a/creusot/tests/should_succeed/iterators/01_range.rs +++ b/creusot/tests/should_succeed/iterators/01_range.rs @@ -19,7 +19,7 @@ impl Iterator for Range { type Item = isize; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.resolve() && self.start >= self.end @@ -77,15 +77,15 @@ impl Range { pub fn sum_range(n: isize) -> isize { let mut i = 0; let mut it = Range { start: 0, end: n }.into_iter(); - let iter_old = gh! { it }; - let mut produced = gh! { Seq::EMPTY }; + let iter_old = snapshot! { it }; + let mut produced = snapshot! { Seq::EMPTY }; #[invariant(inv(it))] #[invariant(iter_old.produces(produced.inner(), it))] #[invariant(i@ == produced.len() && i <= n)] loop { match it.next() { Some(x) => { - produced = gh! { produced.concat(Seq::singleton(x)) }; + produced = snapshot! { produced.concat(Seq::singleton(x)) }; i += 1 } None => break, diff --git a/creusot/tests/should_succeed/iterators/02_iter_mut.mlcfg b/creusot/tests/should_succeed/iterators/02_iter_mut.mlcfg index 44f2b567f0..ecdd711011 100644 --- a/creusot/tests/should_succeed/iterators/02_iter_mut.mlcfg +++ b/creusot/tests/should_succeed/iterators/02_iter_mut.mlcfg @@ -903,7 +903,7 @@ module C02IterMut_AllZero val shallow_model2 (self : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) : Seq.seq usize ensures { result = shallow_model2 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve1 (self : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve1 (self : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) : bool @@ -935,17 +935,18 @@ module C02IterMut_AllZero end } ensures { [#"../02_iter_mut.rs" 63 26 63 44] inv3 result } - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize + = - [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize + [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize ensures { result = index_logic0 self ix } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot val into_iter0 [#"../02_iter_mut.rs" 70 4 70 30] (self : C02IterMut_IterMut_Type.t_itermut usize) : C02IterMut_IterMut_Type.t_itermut usize requires {[#"../02_iter_mut.rs" 70 17 70 21] inv0 self} ensures { [#"../02_iter_mut.rs" 69 14 69 28] result = self } @@ -968,12 +969,12 @@ module C02IterMut_AllZero var it : C02IterMut_IterMut_Type.t_itermut usize; var _5 : C02IterMut_IterMut_Type.t_itermut usize; var _6 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); - var iter_old : Ghost.ghost_ty (C02IterMut_IterMut_Type.t_itermut usize); - var produced : Ghost.ghost_ty (Seq.seq (borrowed usize)); + var iter_old : Snapshot.snap_ty (C02IterMut_IterMut_Type.t_itermut usize); + var produced : Snapshot.snap_ty (Seq.seq (borrowed usize)); var _15 : Core_Option_Option_Type.t_option (borrowed usize); var _16 : borrowed (C02IterMut_IterMut_Type.t_itermut usize); var x : borrowed usize; - var _19 : Ghost.ghost_ty (Seq.seq (borrowed usize)); + var _19 : Snapshot.snap_ty (Seq.seq (borrowed usize)); { goto BB0 } @@ -990,11 +991,11 @@ module C02IterMut_AllZero goto BB2 } BB2 { - [#"../02_iter_mut.rs" 86 19 86 29] iter_old <- ([#"../02_iter_mut.rs" 86 19 86 29] Ghost.new it); + [#"../02_iter_mut.rs" 86 19 86 35] iter_old <- ([#"../02_iter_mut.rs" 86 19 86 35] Snapshot.new it); goto BB3 } BB3 { - [#"../02_iter_mut.rs" 87 23 87 41] produced <- ([#"../02_iter_mut.rs" 87 23 87 41] Ghost.new (Seq.empty )); + [#"../02_iter_mut.rs" 87 23 87 47] produced <- ([#"../02_iter_mut.rs" 87 23 87 47] Snapshot.new (Seq.empty )); goto BB4 } BB4 { @@ -1002,8 +1003,8 @@ module C02IterMut_AllZero } BB5 { invariant { [#"../02_iter_mut.rs" 88 16 88 23] inv0 it }; - invariant { [#"../02_iter_mut.rs" 89 16 89 55] produces0 (Ghost.inner iter_old) (Ghost.inner produced) it }; - invariant { [#"../02_iter_mut.rs" 88 4 88 25] forall i : int . 0 <= i /\ i < Seq.length (Ghost.inner produced) -> UIntSize.to_int ( ^ index_logic0 produced i) = 0 }; + invariant { [#"../02_iter_mut.rs" 89 16 89 55] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) it }; + invariant { [#"../02_iter_mut.rs" 88 4 88 25] forall i : int . 0 <= i /\ i < Seq.length (Snapshot.inner produced) -> UIntSize.to_int ( ^ index_logic0 produced i) = 0 }; goto BB6 } BB6 { @@ -1036,12 +1037,12 @@ module C02IterMut_AllZero BB11 { [#"../02_iter_mut.rs" 93 17 93 18] x <- ([#"../02_iter_mut.rs" 93 17 93 18] Core_Option_Option_Type.some_0 _15); [#"../02_iter_mut.rs" 93 17 93 18] _15 <- (let Core_Option_Option_Type.C_Some x0 = _15 in Core_Option_Option_Type.C_Some (any borrowed usize)); - [#"../02_iter_mut.rs" 94 27 94 69] _19 <- ([#"../02_iter_mut.rs" 94 27 94 69] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton x))); + [#"../02_iter_mut.rs" 94 27 94 75] _19 <- ([#"../02_iter_mut.rs" 94 27 94 75] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton x))); goto BB12 } BB12 { - [#"../02_iter_mut.rs" 94 16 94 69] produced <- ([#"../02_iter_mut.rs" 94 16 94 69] _19); - [#"../02_iter_mut.rs" 94 16 94 69] _19 <- any Ghost.ghost_ty (Seq.seq (borrowed usize)); + [#"../02_iter_mut.rs" 94 16 94 75] produced <- ([#"../02_iter_mut.rs" 94 16 94 75] _19); + [#"../02_iter_mut.rs" 94 16 94 75] _19 <- any Snapshot.snap_ty (Seq.seq (borrowed usize)); [#"../02_iter_mut.rs" 95 16 95 22] x <- { x with current = ([#"../02_iter_mut.rs" 95 16 95 22] [#"../02_iter_mut.rs" 95 21 95 22] (0 : usize)) ; }; assume { resolve0 x }; goto BB5 diff --git a/creusot/tests/should_succeed/iterators/02_iter_mut.rs b/creusot/tests/should_succeed/iterators/02_iter_mut.rs index c83d4a7a44..42e717ee55 100644 --- a/creusot/tests/should_succeed/iterators/02_iter_mut.rs +++ b/creusot/tests/should_succeed/iterators/02_iter_mut.rs @@ -16,7 +16,7 @@ struct IterMut<'a, T> { impl<'a, T> Invariant for IterMut<'a, T> { #[open] - #[predicate] + #[predicate(prophetic)] fn invariant(self) -> bool { // Property that is always true but we must carry around.. pearlite! { (^self.inner)@.len() == (*self.inner)@.len() } @@ -27,13 +27,13 @@ impl<'a, T> Iterator for IterMut<'a, T> { type Item = &'a mut T; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.inner.resolve() && self.inner@.ext_eq(Seq::EMPTY) } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, tl: Self) -> bool { pearlite! { self.inner@.len() == visited.len() + tl.inner@.len() && @@ -83,15 +83,15 @@ fn iter_mut<'a, T>(v: &'a mut Vec) -> IterMut<'a, T> { #[ensures(forall 0 <= i && i < v@.len() ==> (^v)[i]@ == 0)] pub fn all_zero(v: &mut Vec) { let mut it = iter_mut(v).into_iter(); - let iter_old = gh! { it }; - let mut produced = gh! { Seq::EMPTY }; + let iter_old = snapshot! { it }; + let mut produced = snapshot! { Seq::EMPTY }; #[invariant(inv(it))] #[invariant(iter_old.produces(produced.inner(), it))] #[invariant(forall 0 <= i && i < produced.len() ==> (^produced[i])@ == 0)] loop { match it.next() { Some(x) => { - produced = gh! { produced.concat(Seq::singleton(x)) }; + produced = snapshot! { produced.concat(Seq::singleton(x)) }; *x = 0; } None => break, diff --git a/creusot/tests/should_succeed/iterators/03_std_iterators.mlcfg b/creusot/tests/should_succeed/iterators/03_std_iterators.mlcfg index b498071408..ef7847c07c 100644 --- a/creusot/tests/should_succeed/iterators/03_std_iterators.mlcfg +++ b/creusot/tests/should_succeed/iterators/03_std_iterators.mlcfg @@ -158,16 +158,16 @@ module C03StdIterators_SliceIter ensures { result = inv2 _x } axiom inv2 : forall x : Core_Slice_Iter_Iter_Type.t_iter t . inv2 x = true - use prelude.Ghost - predicate invariant1 (self : Ghost.ghost_ty (Seq.seq t)) - val invariant1 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + predicate invariant1 (self : Snapshot.snap_ty (Seq.seq t)) + val invariant1 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Ghost.ghost_ty (Seq.seq t)) - val inv1 (_x : Ghost.ghost_ty (Seq.seq t)) : bool + predicate inv1 (_x : Snapshot.snap_ty (Seq.seq t)) + val inv1 (_x : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Ghost.ghost_ty (Seq.seq t) . inv1 x = true + axiom inv1 : forall x : Snapshot.snap_ty (Seq.seq t) . inv1 x = true predicate invariant0 (self : slice t) val invariant0 (self : slice t) : bool ensures { result = invariant0 self } @@ -209,19 +209,19 @@ module C03StdIterators_SliceIter end } ensures { inv3 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - predicate resolve2 (self : Ghost.ghost_ty (Seq.seq t)) - val resolve2 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + predicate resolve2 (self : Snapshot.snap_ty (Seq.seq t)) + val resolve2 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = resolve2 self } - use prelude.Ghost - predicate resolve1 (self : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t)) - val resolve1 (self : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t)) : bool + use prelude.Snapshot + predicate resolve1 (self : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t)) + val resolve1 (self : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t)) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot predicate into_iter_post0 (self : Core_Slice_Iter_Iter_Type.t_iter t) (res : Core_Slice_Iter_Iter_Type.t_iter t) = [#"../../../../../creusot-contracts/src/std/iter.rs" 80 8 80 19] self = res val into_iter_post0 (self : Core_Slice_Iter_Iter_Type.t_iter t) (res : Core_Slice_Iter_Iter_Type.t_iter t) : bool @@ -257,13 +257,13 @@ module C03StdIterators_SliceIter var i : usize; var iter : Core_Slice_Iter_Iter_Type.t_iter t; var _7 : Core_Slice_Iter_Iter_Type.t_iter t; - var iter_old : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t); - var produced : Ghost.ghost_ty (Seq.seq t); + var iter_old : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t); + var produced : Snapshot.snap_ty (Seq.seq t); var _17 : Core_Option_Option_Type.t_option t; var _18 : borrowed (Core_Slice_Iter_Iter_Type.t_iter t); var _19 : borrowed (Core_Slice_Iter_Iter_Type.t_iter t); var __creusot_proc_iter_elem : t; - var _22 : Ghost.ghost_ty (Seq.seq t); + var _22 : Snapshot.snap_ty (Seq.seq t); { goto BB0 } @@ -280,12 +280,12 @@ module C03StdIterators_SliceIter goto BB2 } BB2 { - [#"../03_std_iterators.rs" 8 4 8 38] iter_old <- ([#"../03_std_iterators.rs" 8 4 8 38] Ghost.new iter); + [#"../03_std_iterators.rs" 8 4 8 38] iter_old <- ([#"../03_std_iterators.rs" 8 4 8 38] Snapshot.new iter); goto BB3 } BB3 { assume { resolve1 iter_old }; - [#"../03_std_iterators.rs" 8 4 8 38] produced <- ([#"../03_std_iterators.rs" 8 4 8 38] Ghost.new (Seq.empty )); + [#"../03_std_iterators.rs" 8 4 8 38] produced <- ([#"../03_std_iterators.rs" 8 4 8 38] Snapshot.new (Seq.empty )); goto BB4 } BB4 { @@ -295,8 +295,8 @@ module C03StdIterators_SliceIter } BB5 { invariant { [#"../03_std_iterators.rs" 8 4 8 38] inv2 iter }; - invariant { [#"../03_std_iterators.rs" 8 4 8 38] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../03_std_iterators.rs" 8 16 8 36] UIntSize.to_int i = Seq.length (Ghost.inner produced) }; + invariant { [#"../03_std_iterators.rs" 8 4 8 38] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../03_std_iterators.rs" 8 16 8 36] UIntSize.to_int i = Seq.length (Snapshot.inner produced) }; goto BB6 } BB6 { @@ -333,15 +333,15 @@ module C03StdIterators_SliceIter absurd } BB11 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); assert { [@expl:type invariant] inv3 _17 }; assume { resolve4 _17 }; - [#"../03_std_iterators.rs" 8 4 8 38] _22 <- ([#"../03_std_iterators.rs" 8 4 8 38] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../03_std_iterators.rs" 8 4 8 38] _22 <- ([#"../03_std_iterators.rs" 8 4 8 38] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB12 } BB12 { [#"../03_std_iterators.rs" 8 4 8 38] produced <- ([#"../03_std_iterators.rs" 8 4 8 38] _22); - [#"../03_std_iterators.rs" 8 4 8 38] _22 <- any Ghost.ghost_ty (Seq.seq t); + [#"../03_std_iterators.rs" 8 4 8 38] _22 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv1 produced }; assume { resolve2 produced }; assert { [@expl:type invariant] inv4 __creusot_proc_iter_elem }; @@ -530,16 +530,16 @@ module C03StdIterators_VecIter ensures { result = inv2 _x } axiom inv2 : forall x : Core_Slice_Iter_Iter_Type.t_iter t . inv2 x = true - use prelude.Ghost - predicate invariant1 (self : Ghost.ghost_ty (Seq.seq t)) - val invariant1 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + predicate invariant1 (self : Snapshot.snap_ty (Seq.seq t)) + val invariant1 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Ghost.ghost_ty (Seq.seq t)) - val inv1 (_x : Ghost.ghost_ty (Seq.seq t)) : bool + predicate inv1 (_x : Snapshot.snap_ty (Seq.seq t)) + val inv1 (_x : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Ghost.ghost_ty (Seq.seq t) . inv1 x = true + axiom inv1 : forall x : Snapshot.snap_ty (Seq.seq t) . inv1 x = true predicate invariant0 (self : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) val invariant0 (self : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) : bool ensures { result = invariant0 self } @@ -590,19 +590,19 @@ module C03StdIterators_VecIter end } ensures { inv3 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - predicate resolve2 (self : Ghost.ghost_ty (Seq.seq t)) - val resolve2 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + predicate resolve2 (self : Snapshot.snap_ty (Seq.seq t)) + val resolve2 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = resolve2 self } - use prelude.Ghost - predicate resolve1 (self : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t)) - val resolve1 (self : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t)) : bool + use prelude.Snapshot + predicate resolve1 (self : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t)) + val resolve1 (self : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t)) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot predicate into_iter_post0 (self : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) (res : Core_Slice_Iter_Iter_Type.t_iter t) = @@ -634,13 +634,13 @@ module C03StdIterators_VecIter var vec : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global) = vec; var i : usize; var iter : Core_Slice_Iter_Iter_Type.t_iter t; - var iter_old : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter t); - var produced : Ghost.ghost_ty (Seq.seq t); + var iter_old : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter t); + var produced : Snapshot.snap_ty (Seq.seq t); var _16 : Core_Option_Option_Type.t_option t; var _17 : borrowed (Core_Slice_Iter_Iter_Type.t_iter t); var _18 : borrowed (Core_Slice_Iter_Iter_Type.t_iter t); var __creusot_proc_iter_elem : t; - var _21 : Ghost.ghost_ty (Seq.seq t); + var _21 : Snapshot.snap_ty (Seq.seq t); { goto BB0 } @@ -652,12 +652,12 @@ module C03StdIterators_VecIter goto BB1 } BB1 { - [#"../03_std_iterators.rs" 19 4 19 38] iter_old <- ([#"../03_std_iterators.rs" 19 4 19 38] Ghost.new iter); + [#"../03_std_iterators.rs" 19 4 19 38] iter_old <- ([#"../03_std_iterators.rs" 19 4 19 38] Snapshot.new iter); goto BB2 } BB2 { assume { resolve1 iter_old }; - [#"../03_std_iterators.rs" 19 4 19 38] produced <- ([#"../03_std_iterators.rs" 19 4 19 38] Ghost.new (Seq.empty )); + [#"../03_std_iterators.rs" 19 4 19 38] produced <- ([#"../03_std_iterators.rs" 19 4 19 38] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -667,8 +667,8 @@ module C03StdIterators_VecIter } BB4 { invariant { [#"../03_std_iterators.rs" 19 4 19 38] inv2 iter }; - invariant { [#"../03_std_iterators.rs" 19 4 19 38] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../03_std_iterators.rs" 19 16 19 36] UIntSize.to_int i = Seq.length (Ghost.inner produced) }; + invariant { [#"../03_std_iterators.rs" 19 4 19 38] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../03_std_iterators.rs" 19 16 19 36] UIntSize.to_int i = Seq.length (Snapshot.inner produced) }; goto BB5 } BB5 { @@ -705,15 +705,15 @@ module C03StdIterators_VecIter absurd } BB10 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _16); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _16); assert { [@expl:type invariant] inv3 _16 }; assume { resolve4 _16 }; - [#"../03_std_iterators.rs" 19 4 19 38] _21 <- ([#"../03_std_iterators.rs" 19 4 19 38] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../03_std_iterators.rs" 19 4 19 38] _21 <- ([#"../03_std_iterators.rs" 19 4 19 38] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB11 } BB11 { [#"../03_std_iterators.rs" 19 4 19 38] produced <- ([#"../03_std_iterators.rs" 19 4 19 38] _21); - [#"../03_std_iterators.rs" 19 4 19 38] _21 <- any Ghost.ghost_ty (Seq.seq t); + [#"../03_std_iterators.rs" 19 4 19 38] _21 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv1 produced }; assume { resolve2 produced }; assert { [@expl:type invariant] inv4 __creusot_proc_iter_elem }; @@ -904,7 +904,7 @@ module C03StdIterators_AllZero val shallow_model2 (self : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) : Seq.seq usize ensures { result = shallow_model2 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve4 (self : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve4 (self : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) : bool @@ -944,17 +944,18 @@ module C03StdIterators_AllZero end } ensures { inv3 result } - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize + = - [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize + [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq (borrowed usize))) (ix : int) : borrowed usize ensures { result = index_logic0 self ix } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate resolve0 (self : borrowed (slice usize)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve0 (self : borrowed (slice usize)) : bool @@ -1000,13 +1001,13 @@ module C03StdIterators_AllZero var _6 : borrowed (slice usize); var _7 : borrowed (slice usize); var _8 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); - var iter_old : Ghost.ghost_ty (Core_Slice_Iter_IterMut_Type.t_itermut usize); - var produced : Ghost.ghost_ty (Seq.seq (borrowed usize)); + var iter_old : Snapshot.snap_ty (Core_Slice_Iter_IterMut_Type.t_itermut usize); + var produced : Snapshot.snap_ty (Seq.seq (borrowed usize)); var _17 : Core_Option_Option_Type.t_option (borrowed usize); var _18 : borrowed (Core_Slice_Iter_IterMut_Type.t_itermut usize); var _19 : borrowed (Core_Slice_Iter_IterMut_Type.t_itermut usize); var __creusot_proc_iter_elem : borrowed usize; - var _22 : Ghost.ghost_ty (Seq.seq (borrowed usize)); + var _22 : Snapshot.snap_ty (Seq.seq (borrowed usize)); var x : borrowed usize; { goto BB0 @@ -1032,11 +1033,11 @@ module C03StdIterators_AllZero } BB3 { assume { resolve0 _7 }; - [#"../03_std_iterators.rs" 29 4 29 87] iter_old <- ([#"../03_std_iterators.rs" 29 4 29 87] Ghost.new iter); + [#"../03_std_iterators.rs" 29 4 29 87] iter_old <- ([#"../03_std_iterators.rs" 29 4 29 87] Snapshot.new iter); goto BB4 } BB4 { - [#"../03_std_iterators.rs" 29 4 29 87] produced <- ([#"../03_std_iterators.rs" 29 4 29 87] Ghost.new (Seq.empty )); + [#"../03_std_iterators.rs" 29 4 29 87] produced <- ([#"../03_std_iterators.rs" 29 4 29 87] Snapshot.new (Seq.empty )); goto BB5 } BB5 { @@ -1044,8 +1045,8 @@ module C03StdIterators_AllZero } BB6 { invariant { [#"../03_std_iterators.rs" 29 4 29 87] inv0 iter }; - invariant { [#"../03_std_iterators.rs" 29 4 29 87] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../03_std_iterators.rs" 29 4 29 87] forall i : int . 0 <= i /\ i < Seq.length (Ghost.inner produced) -> UIntSize.to_int ( ^ index_logic0 produced i) = 0 }; + invariant { [#"../03_std_iterators.rs" 29 4 29 87] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../03_std_iterators.rs" 29 4 29 87] forall i : int . 0 <= i /\ i < Seq.length (Snapshot.inner produced) -> UIntSize.to_int ( ^ index_logic0 produced i) = 0 }; goto BB7 } BB7 { @@ -1080,16 +1081,16 @@ module C03StdIterators_AllZero absurd } BB12 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] _17 <- (let Core_Option_Option_Type.C_Some x0 = _17 in Core_Option_Option_Type.C_Some (any borrowed usize)); - [#"../03_std_iterators.rs" 29 4 29 87] _22 <- ([#"../03_std_iterators.rs" 29 4 29 87] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] _17 <- (let Core_Option_Option_Type.C_Some x0 = _17 in Core_Option_Option_Type.C_Some (any borrowed usize)); + [#"../03_std_iterators.rs" 29 4 29 87] _22 <- ([#"../03_std_iterators.rs" 29 4 29 87] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB13 } BB13 { [#"../03_std_iterators.rs" 29 4 29 87] produced <- ([#"../03_std_iterators.rs" 29 4 29 87] _22); - [#"../03_std_iterators.rs" 29 4 29 87] _22 <- any Ghost.ghost_ty (Seq.seq (borrowed usize)); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- any borrowed usize; + [#"../03_std_iterators.rs" 29 4 29 87] _22 <- any Snapshot.snap_ty (Seq.seq (borrowed usize)); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- any borrowed usize; [#"../03_std_iterators.rs" 31 8 31 14] x <- { x with current = ([#"../03_std_iterators.rs" 31 8 31 14] [#"../03_std_iterators.rs" 31 13 31 14] (0 : usize)) ; }; assume { resolve2 x }; goto BB6 @@ -1421,9 +1422,9 @@ module C03StdIterators_SkipTake end module CreusotContracts_Std1_Iter_MapInv_MapInv_Type use seq.Seq - use prelude.Ghost + use prelude.Snapshot type t_mapinv 'i 'b 'f = - | C_MapInv 'i 'f (Ghost.ghost_ty (Seq.seq 'b)) + | C_MapInv 'i 'f (Snapshot.snap_ty (Seq.seq 'b)) let function mapinv_iter (self : t_mapinv 'i 'b 'f) : 'i = [@vc:do_not_keep_trace] [@vc:sp] match self with @@ -1433,7 +1434,7 @@ module CreusotContracts_Std1_Iter_MapInv_MapInv_Type match self with | C_MapInv _ a _ -> a end - let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Ghost.ghost_ty (Seq.seq 'b) + let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Snapshot.snap_ty (Seq.seq 'b) = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_MapInv _ _ a -> a @@ -1442,7 +1443,7 @@ end module C03StdIterators_Counter_Closure0_Type use prelude.UInt32 use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int16 use prelude.UIntSize use prelude.Int @@ -1455,7 +1456,7 @@ module C03StdIterators_Counter_Closure0 use prelude.Int16 use prelude.UInt32 use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int use prelude.UIntSize use prelude.Borrow @@ -1474,16 +1475,16 @@ module C03StdIterators_Counter_Closure0 let constant max0 : usize = [@vc:do_not_keep_trace] [@vc:sp] (18446744073709551615 : usize) use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.UIntSize predicate resolve0 (self : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve0 (self : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) : bool ensures { result = resolve0 self } - let rec cfg c03StdIterators_Counter_Closure0 [#"../03_std_iterators.rs" 48 12 48 91] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (x : uint32) (_prod : Ghost.ghost_ty (Seq.seq uint32)) : uint32 - requires {[#"../03_std_iterators.rs" 47 23 47 65] UIntSize.to_int ( * field_00 ( * _1)) = Seq.length (Ghost.inner _prod) /\ * field_00 ( * _1) < max0} - ensures { [#"../03_std_iterators.rs" 48 22 48 89] UIntSize.to_int ( * field_00 ( ^ _1)) = UIntSize.to_int ( * field_00 ( * _1)) + 1 /\ UIntSize.to_int ( * field_00 ( ^ _1)) = Seq.length (Ghost.inner _prod) + 1 /\ result = x } + let rec cfg c03StdIterators_Counter_Closure0 [#"../03_std_iterators.rs" 48 12 48 91] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (x : uint32) (_prod : Snapshot.snap_ty (Seq.seq uint32)) : uint32 + requires {[#"../03_std_iterators.rs" 47 23 47 65] UIntSize.to_int ( * field_00 ( * _1)) = Seq.length (Snapshot.inner _prod) /\ * field_00 ( * _1) < max0} + ensures { [#"../03_std_iterators.rs" 48 22 48 89] UIntSize.to_int ( * field_00 ( ^ _1)) = UIntSize.to_int ( * field_00 ( * _1)) + 1 /\ UIntSize.to_int ( * field_00 ( ^ _1)) = Seq.length (Snapshot.inner _prod) + 1 /\ result = x } ensures { unnest0 ( * _1) ( ^ _1) } = [@vc:do_not_keep_trace] [@vc:sp] @@ -1508,17 +1509,17 @@ end module C03StdIterators_Counter use prelude.UInt32 use seq.Seq - use prelude.Ghost - predicate invariant15 (self : Ghost.ghost_ty (Seq.seq uint32)) = + use prelude.Snapshot + predicate invariant15 (self : Snapshot.snap_ty (Seq.seq uint32)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant15 (self : Ghost.ghost_ty (Seq.seq uint32)) : bool + val invariant15 (self : Snapshot.snap_ty (Seq.seq uint32)) : bool ensures { result = invariant15 self } - predicate inv15 (_x : Ghost.ghost_ty (Seq.seq uint32)) - val inv15 (_x : Ghost.ghost_ty (Seq.seq uint32)) : bool + predicate inv15 (_x : Snapshot.snap_ty (Seq.seq uint32)) + val inv15 (_x : Snapshot.snap_ty (Seq.seq uint32)) : bool ensures { result = inv15 _x } - axiom inv15 : forall x : Ghost.ghost_ty (Seq.seq uint32) . inv15 x = true + axiom inv15 : forall x : Snapshot.snap_ty (Seq.seq uint32) . inv15 x = true use prelude.Slice predicate invariant14 (self : slice uint32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true @@ -1631,23 +1632,23 @@ module C03StdIterators_Counter = ^ field_00 _2 = ^ field_00 self use seq.Seq - use prelude.Ghost - predicate postcondition_mut0 [#"../03_std_iterators.rs" 48 12 48 91] (self : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (args : (uint32, Ghost.ghost_ty (Seq.seq uint32))) (result : uint32) + use prelude.Snapshot + predicate postcondition_mut0 [#"../03_std_iterators.rs" 48 12 48 91] (self : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (args : (uint32, Snapshot.snap_ty (Seq.seq uint32))) (result : uint32) = - (let (x, _prod) = args in UIntSize.to_int ( * field_00 ( ^ self)) = UIntSize.to_int ( * field_00 ( * self)) + 1 /\ UIntSize.to_int ( * field_00 ( ^ self)) = Seq.length (Ghost.inner _prod) + 1 /\ result = x) /\ unnest0 ( * self) ( ^ self) + (let (x, _prod) = args in UIntSize.to_int ( * field_00 ( ^ self)) = UIntSize.to_int ( * field_00 ( * self)) + 1 /\ UIntSize.to_int ( * field_00 ( ^ self)) = Seq.length (Snapshot.inner _prod) + 1 /\ result = x) /\ unnest0 ( * self) ( ^ self) use seq.Seq - predicate precondition0 [#"../03_std_iterators.rs" 48 12 48 91] (self : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (args : (uint32, Ghost.ghost_ty (Seq.seq uint32))) + predicate precondition0 [#"../03_std_iterators.rs" 48 12 48 91] (self : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (args : (uint32, Snapshot.snap_ty (Seq.seq uint32))) = - [#"../03_std_iterators.rs" 47 23 47 65] let (x, _prod) = args in UIntSize.to_int ( * field_00 self) = Seq.length (Ghost.inner _prod) /\ * field_00 self < max0 - use prelude.Ghost + [#"../03_std_iterators.rs" 47 23 47 65] let (x, _prod) = args in UIntSize.to_int ( * field_00 self) = Seq.length (Snapshot.inner _prod) /\ * field_00 self < max0 + use prelude.Snapshot use seq_ext.SeqExt use seq.Seq use seq.Seq use seq.Seq use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Slice function shallow_model5 (self : slice uint32) : Seq.seq uint32 val shallow_model5 (self : slice uint32) : Seq.seq uint32 @@ -1689,11 +1690,11 @@ module C03StdIterators_Counter predicate produces1 [@inline:trivial] (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (visited : Seq.seq uint32) (succ : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 37 8 49 9] unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ) /\ (exists s : Seq.seq uint32 . inv9 s /\ Seq.length s = Seq.length visited /\ produces0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) s (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter succ) /\ Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced succ) = Seq.(++) (Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) s /\ (exists fs : Seq.seq (borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) . inv13 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 37 8 49 9] unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ) /\ (exists s : Seq.seq uint32 . inv9 s /\ Seq.length s = Seq.length visited /\ produces0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) s (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter succ) /\ Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced succ) = Seq.(++) (Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) s /\ (exists fs : Seq.seq (borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) . inv13 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ else * Seq.get fs 0 = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self /\ ^ Seq.get fs (Seq.length visited - 1) = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces1 [@inline:trivial] (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (visited : Seq.seq uint32) (succ : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) : bool ensures { result = produces1 self visited succ } @@ -1749,7 +1750,7 @@ module C03StdIterators_Counter predicate next_precondition0 (iter : Core_Slice_Iter_Iter_Type.t_iter uint32) (func : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (produced : Seq.seq uint32) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 112 8 116 9] forall i : Core_Slice_Iter_Iter_Type.t_iter uint32 . forall e : uint32 . inv2 i -> inv3 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 112 8 116 9] forall i : Core_Slice_Iter_Iter_Type.t_iter uint32 . forall e : uint32 . inv2 i -> inv3 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 (iter : Core_Slice_Iter_Iter_Type.t_iter uint32) (func : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) (produced : Seq.seq uint32) : bool ensures { result = next_precondition0 iter func produced } @@ -1757,7 +1758,7 @@ module C03StdIterators_Counter predicate preservation0 (iter : Core_Slice_Iter_Iter_Type.t_iter uint32) (func : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 135 8 142 9] forall i : Core_Slice_Iter_Iter_Type.t_iter uint32 . forall b : uint32 . forall f : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0 . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv11 b -> inv12 f -> inv3 e2 -> inv3 e1 -> inv9 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 135 8 142 9] forall i : Core_Slice_Iter_Iter_Type.t_iter uint32 . forall b : uint32 . forall f : borrowed C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0 . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv11 b -> inv12 f -> inv3 e2 -> inv3 e1 -> inv9 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 (iter : Core_Slice_Iter_Iter_Type.t_iter uint32) (func : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) : bool ensures { result = preservation0 iter func } @@ -1902,7 +1903,7 @@ module C03StdIterators_Counter predicate completed0 (self : borrowed (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0)) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 15 8 18 9] Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( * self)) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( * self) = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( ^ self) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 15 8 18 9] Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( * self)) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( * self) = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( ^ self) val completed0 (self : borrowed (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0)) : bool ensures { result = completed0 self } @@ -1923,7 +1924,7 @@ module C03StdIterators_Counter predicate resolve1 (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 56 4 56 16] resolve3 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) /\ resolve4 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 56 4 56 27] resolve3 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) /\ resolve4 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) val resolve1 (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) : bool ensures { result = resolve1 self } @@ -1933,13 +1934,13 @@ module C03StdIterators_Counter ensures { inv8 result } val map_inv0 (self : Core_Slice_Iter_Iter_Type.t_iter uint32) (func : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0) : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0 - requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 43 4 43 138] forall i2 : Core_Slice_Iter_Iter_Type.t_iter uint32 . forall e : uint32 . inv2 i2 -> inv3 e -> produces0 self (Seq.singleton e) i2 -> precondition0 func (e, Ghost.new (Seq.empty ))} + requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 43 4 43 141] forall i2 : Core_Slice_Iter_Iter_Type.t_iter uint32 . forall e : uint32 . inv2 i2 -> inv3 e -> produces0 self (Seq.singleton e) i2 -> precondition0 func (e, Snapshot.new (Seq.empty ))} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 44 15 44 51] reinitialize0 ()} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 45 15 45 70] preservation0 self func} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 47 21 47 25] inv2 self} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 47 27 47 31] inv4 func} - ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 46 14 46 85] result = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.C_MapInv self func (Ghost.new (Seq.empty )) } - ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 47 4 50 58] inv5 result } + ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 46 14 46 88] result = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.C_MapInv self func (Snapshot.new (Seq.empty )) } + ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 47 4 50 61] inv5 result } val iter0 (self : slice uint32) : Core_Slice_Iter_Iter_Type.t_iter uint32 requires {inv1 self} @@ -2114,7 +2115,7 @@ module C03StdIterators_SumRange ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_Range_Type.t_range isize . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate resolve0 (self : borrowed (Core_Ops_Range_Range_Type.t_range isize)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -2134,11 +2135,11 @@ module C03StdIterators_SumRange end } ensures { inv2 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range isize) (res : Core_Ops_Range_Range_Type.t_range isize) = @@ -2166,13 +2167,13 @@ module C03StdIterators_SumRange var n : isize = n; var i : isize; var iter : Core_Ops_Range_Range_Type.t_range isize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range isize); - var produced : Ghost.ghost_ty (Seq.seq isize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range isize); + var produced : Snapshot.snap_ty (Seq.seq isize); var _17 : Core_Option_Option_Type.t_option isize; var _18 : borrowed (Core_Ops_Range_Range_Type.t_range isize); var _19 : borrowed (Core_Ops_Range_Range_Type.t_range isize); var __creusot_proc_iter_elem : isize; - var _22 : Ghost.ghost_ty (Seq.seq isize); + var _22 : Snapshot.snap_ty (Seq.seq isize); { goto BB0 } @@ -2182,11 +2183,11 @@ module C03StdIterators_SumRange goto BB1 } BB1 { - [#"../03_std_iterators.rs" 65 4 65 48] iter_old <- ([#"../03_std_iterators.rs" 65 4 65 48] Ghost.new iter); + [#"../03_std_iterators.rs" 65 4 65 48] iter_old <- ([#"../03_std_iterators.rs" 65 4 65 48] Snapshot.new iter); goto BB2 } BB2 { - [#"../03_std_iterators.rs" 65 4 65 48] produced <- ([#"../03_std_iterators.rs" 65 4 65 48] Ghost.new (Seq.empty )); + [#"../03_std_iterators.rs" 65 4 65 48] produced <- ([#"../03_std_iterators.rs" 65 4 65 48] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -2194,8 +2195,8 @@ module C03StdIterators_SumRange } BB4 { invariant { [#"../03_std_iterators.rs" 65 4 65 48] inv0 iter }; - invariant { [#"../03_std_iterators.rs" 65 4 65 48] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../03_std_iterators.rs" 65 16 65 46] IntSize.to_int i = Seq.length (Ghost.inner produced) /\ i <= n }; + invariant { [#"../03_std_iterators.rs" 65 4 65 48] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../03_std_iterators.rs" 65 16 65 46] IntSize.to_int i = Seq.length (Snapshot.inner produced) /\ i <= n }; goto BB5 } BB5 { @@ -2226,13 +2227,13 @@ module C03StdIterators_SumRange absurd } BB10 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); - [#"../03_std_iterators.rs" 65 4 65 48] _22 <- ([#"../03_std_iterators.rs" 65 4 65 48] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); + [#"../03_std_iterators.rs" 65 4 65 48] _22 <- ([#"../03_std_iterators.rs" 65 4 65 48] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB11 } BB11 { [#"../03_std_iterators.rs" 65 4 65 48] produced <- ([#"../03_std_iterators.rs" 65 4 65 48] _22); - [#"../03_std_iterators.rs" 65 4 65 48] _22 <- any Ghost.ghost_ty (Seq.seq isize); + [#"../03_std_iterators.rs" 65 4 65 48] _22 <- any Snapshot.snap_ty (Seq.seq isize); [#"../03_std_iterators.rs" 67 8 67 14] i <- ([#"../03_std_iterators.rs" 67 8 67 14] i + ([#"../03_std_iterators.rs" 67 13 67 14] [#"../03_std_iterators.rs" 67 13 67 14] (1 : isize))); goto BB4 } @@ -2419,7 +2420,7 @@ module C03StdIterators_EnumerateRange axiom inv0 : forall x : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize) . inv0 x = (invariant0 x /\ match x with | Core_Iter_Adapters_Enumerate_Enumerate_Type.C_Enumerate iter count -> true end) - use prelude.Ghost + use prelude.Snapshot predicate resolve4 (self : Core_Ops_Range_Range_Type.t_range usize) = [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve4 (self : Core_Ops_Range_Range_Type.t_range usize) : bool @@ -2465,16 +2466,17 @@ module C03StdIterators_EnumerateRange end } ensures { inv4 result } - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq (usize, usize))) (ix : int) : (usize, usize) = - [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq (usize, usize))) (ix : int) : (usize, usize) + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq (usize, usize))) (ix : int) : (usize, usize) + = + [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq (usize, usize))) (ix : int) : (usize, usize) ensures { result = index_logic0 self ix } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)) (res : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)) = @@ -2506,13 +2508,13 @@ module C03StdIterators_EnumerateRange var _0 : (); var iter : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize); var _2 : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize); - var iter_old : Ghost.ghost_ty (Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)); - var produced : Ghost.ghost_ty (Seq.seq (usize, usize)); + var iter_old : Snapshot.snap_ty (Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)); + var produced : Snapshot.snap_ty (Seq.seq (usize, usize)); var _12 : Core_Option_Option_Type.t_option (usize, usize); var _13 : borrowed (Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)); var _14 : borrowed (Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)); var __creusot_proc_iter_elem : (usize, usize); - var _17 : Ghost.ghost_ty (Seq.seq (usize, usize)); + var _17 : Snapshot.snap_ty (Seq.seq (usize, usize)); var ix : usize; var x : usize; var _21 : (usize, usize); @@ -2529,11 +2531,11 @@ module C03StdIterators_EnumerateRange goto BB2 } BB2 { - [#"../03_std_iterators.rs" 73 4 73 96] iter_old <- ([#"../03_std_iterators.rs" 73 4 73 96] Ghost.new iter); + [#"../03_std_iterators.rs" 73 4 73 96] iter_old <- ([#"../03_std_iterators.rs" 73 4 73 96] Snapshot.new iter); goto BB3 } BB3 { - [#"../03_std_iterators.rs" 73 4 73 96] produced <- ([#"../03_std_iterators.rs" 73 4 73 96] Ghost.new (Seq.empty )); + [#"../03_std_iterators.rs" 73 4 73 96] produced <- ([#"../03_std_iterators.rs" 73 4 73 96] Snapshot.new (Seq.empty )); goto BB4 } BB4 { @@ -2541,8 +2543,8 @@ module C03StdIterators_EnumerateRange } BB5 { invariant { [#"../03_std_iterators.rs" 73 4 73 96] inv0 iter }; - invariant { [#"../03_std_iterators.rs" 73 4 73 96] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../03_std_iterators.rs" 73 4 73 96] forall i : int . 0 <= i /\ i < Seq.length (Ghost.inner produced) -> (let (a, _) = index_logic0 produced i in a) = (let (_, a) = index_logic0 produced i in a) }; + invariant { [#"../03_std_iterators.rs" 73 4 73 96] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../03_std_iterators.rs" 73 4 73 96] forall i : int . 0 <= i /\ i < Seq.length (Snapshot.inner produced) -> (let (a, _) = index_logic0 produced i in a) = (let (_, a) = index_logic0 produced i in a) }; goto BB6 } BB6 { @@ -2580,13 +2582,13 @@ module C03StdIterators_EnumerateRange absurd } BB11 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _12); - [#"../03_std_iterators.rs" 73 4 73 96] _17 <- ([#"../03_std_iterators.rs" 73 4 73 96] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _12); + [#"../03_std_iterators.rs" 73 4 73 96] _17 <- ([#"../03_std_iterators.rs" 73 4 73 96] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB12 } BB12 { [#"../03_std_iterators.rs" 73 4 73 96] produced <- ([#"../03_std_iterators.rs" 73 4 73 96] _17); - [#"../03_std_iterators.rs" 73 4 73 96] _17 <- any Ghost.ghost_ty (Seq.seq (usize, usize)); + [#"../03_std_iterators.rs" 73 4 73 96] _17 <- any Snapshot.snap_ty (Seq.seq (usize, usize)); [#"../03_std_iterators.rs" 74 9 74 11] ix <- ([#"../03_std_iterators.rs" 74 9 74 11] let (a, _) = __creusot_proc_iter_elem in a); [#"../03_std_iterators.rs" 74 13 74 14] x <- ([#"../03_std_iterators.rs" 74 13 74 14] let (_, a) = __creusot_proc_iter_elem in a); assume { resolve1 __creusot_proc_iter_elem }; @@ -2813,16 +2815,16 @@ module C03StdIterators_MyReverse ensures { result = invariant1 self } axiom inv1 : forall x : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize) . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (slice t))) - val invariant0 (self : Ghost.ghost_ty (borrowed (slice t))) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (slice t))) + val invariant0 (self : Snapshot.snap_ty (borrowed (slice t))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (slice t))) - val inv0 (_x : Ghost.ghost_ty (borrowed (slice t))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (slice t))) + val inv0 (_x : Snapshot.snap_ty (borrowed (slice t))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (slice t)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (slice t)) . inv0 x = true use seq.Seq use seq.Reverse use prelude.Slice @@ -2909,22 +2911,22 @@ module C03StdIterators_MyReverse val equiv_range0 [#"../03_std_iterators.rs" 80 0 80 65] (s1 : Seq.seq t) (s2 : Seq.seq t) (l : int) (u : int) : bool ensures { result = equiv_range0 s1 s2 l u } - use prelude.Ghost + use prelude.Snapshot function shallow_model5 (self : borrowed (slice t)) : Seq.seq t = [#"../../../../../creusot-contracts/src/model.rs" 83 8 83 31] shallow_model1 self val shallow_model5 (self : borrowed (slice t)) : Seq.seq t ensures { result = shallow_model5 self } - use prelude.Ghost - function shallow_model2 (self : Ghost.ghost_ty (borrowed (slice t))) : Seq.seq t = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model5 (Ghost.inner self) - val shallow_model2 (self : Ghost.ghost_ty (borrowed (slice t))) : Seq.seq t + use prelude.Snapshot + function shallow_model2 (self : Snapshot.snap_ty (borrowed (slice t))) : Seq.seq t = + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model5 (Snapshot.inner self) + val shallow_model2 (self : Snapshot.snap_ty (borrowed (slice t))) : Seq.seq t ensures { result = shallow_model2 self } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post1 (self : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)) (res : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)) = @@ -2965,11 +2967,11 @@ module C03StdIterators_MyReverse ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 125 26 125 62] into_iter_post0 other (iterb0 result) } ensures { inv1 result } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (slice t))) - val resolve0 (self : Ghost.ghost_ty (borrowed (slice t))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (slice t))) + val resolve0 (self : Snapshot.snap_ty (borrowed (slice t))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot function shallow_model4 (self : slice t) : Seq.seq t = [#"../../../../../creusot-contracts/src/model.rs" 83 8 83 31] shallow_model3 self val shallow_model4 (self : slice t) : Seq.seq t @@ -2987,18 +2989,18 @@ module C03StdIterators_MyReverse var _0 : (); var slice : borrowed (slice t) = slice; var n : usize; - var old_v : Ghost.ghost_ty (borrowed (slice t)); + var old_v : Snapshot.snap_ty (borrowed (slice t)); var iter : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize); var _8 : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize); var _12 : bool; var _16 : bool; - var iter_old : Ghost.ghost_ty (Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)); - var produced : Ghost.ghost_ty (Seq.seq (usize, usize)); + var iter_old : Snapshot.snap_ty (Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)); + var produced : Snapshot.snap_ty (Seq.seq (usize, usize)); var _28 : Core_Option_Option_Type.t_option (usize, usize); var _29 : borrowed (Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)); var _30 : borrowed (Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)); var __creusot_proc_iter_elem : (usize, usize); - var _33 : Ghost.ghost_ty (Seq.seq (usize, usize)); + var _33 : Snapshot.snap_ty (Seq.seq (usize, usize)); var i : usize; var j : usize; var _37 : (); @@ -3011,7 +3013,7 @@ module C03StdIterators_MyReverse goto BB1 } BB1 { - [#"../03_std_iterators.rs" 96 33 96 46] old_v <- ([#"../03_std_iterators.rs" 96 33 96 46] Ghost.new slice); + [#"../03_std_iterators.rs" 96 36 96 55] old_v <- ([#"../03_std_iterators.rs" 96 36 96 55] Snapshot.new slice); goto BB2 } BB2 { @@ -3036,11 +3038,11 @@ module C03StdIterators_MyReverse goto BB6 } BB6 { - [#"../03_std_iterators.rs" 97 4 97 36] iter_old <- ([#"../03_std_iterators.rs" 97 4 97 36] Ghost.new iter); + [#"../03_std_iterators.rs" 97 4 97 36] iter_old <- ([#"../03_std_iterators.rs" 97 4 97 36] Snapshot.new iter); goto BB7 } BB7 { - [#"../03_std_iterators.rs" 97 4 97 36] produced <- ([#"../03_std_iterators.rs" 97 4 97 36] Ghost.new (Seq.empty )); + [#"../03_std_iterators.rs" 97 4 97 36] produced <- ([#"../03_std_iterators.rs" 97 4 97 36] Snapshot.new (Seq.empty )); goto BB8 } BB8 { @@ -3048,11 +3050,11 @@ module C03StdIterators_MyReverse } BB9 { invariant { [#"../03_std_iterators.rs" 97 4 97 36] inv1 iter }; - invariant { [#"../03_std_iterators.rs" 97 4 97 36] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../03_std_iterators.rs" 97 4 97 36] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../03_std_iterators.rs" 97 16 97 34] UIntSize.to_int n = Seq.length (shallow_model1 slice) }; - invariant { [#"../03_std_iterators.rs" 98 16 98 78] equiv_range0 (shallow_model1 slice) (shallow_model2 old_v) (Seq.length (Ghost.inner produced)) (UIntSize.to_int n - Seq.length (Ghost.inner produced)) }; - invariant { [#"../03_std_iterators.rs" 99 16 99 76] equiv_reverse_range0 (shallow_model1 slice) (shallow_model2 old_v) 0 (Seq.length (Ghost.inner produced)) (UIntSize.to_int n - 1) }; - invariant { [#"../03_std_iterators.rs" 100 16 100 80] equiv_reverse_range0 (shallow_model1 slice) (shallow_model2 old_v) (UIntSize.to_int n - Seq.length (Ghost.inner produced)) (UIntSize.to_int n) (UIntSize.to_int n - 1) }; + invariant { [#"../03_std_iterators.rs" 98 16 98 78] equiv_range0 (shallow_model1 slice) (shallow_model2 old_v) (Seq.length (Snapshot.inner produced)) (UIntSize.to_int n - Seq.length (Snapshot.inner produced)) }; + invariant { [#"../03_std_iterators.rs" 99 16 99 76] equiv_reverse_range0 (shallow_model1 slice) (shallow_model2 old_v) 0 (Seq.length (Snapshot.inner produced)) (UIntSize.to_int n - 1) }; + invariant { [#"../03_std_iterators.rs" 100 16 100 80] equiv_reverse_range0 (shallow_model1 slice) (shallow_model2 old_v) (UIntSize.to_int n - Seq.length (Snapshot.inner produced)) (UIntSize.to_int n) (UIntSize.to_int n - 1) }; goto BB10 } BB10 { @@ -3087,13 +3089,13 @@ module C03StdIterators_MyReverse absurd } BB15 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _28); - [#"../03_std_iterators.rs" 97 4 97 36] _33 <- ([#"../03_std_iterators.rs" 97 4 97 36] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _28); + [#"../03_std_iterators.rs" 97 4 97 36] _33 <- ([#"../03_std_iterators.rs" 97 4 97 36] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB16 } BB16 { [#"../03_std_iterators.rs" 97 4 97 36] produced <- ([#"../03_std_iterators.rs" 97 4 97 36] _33); - [#"../03_std_iterators.rs" 97 4 97 36] _33 <- any Ghost.ghost_ty (Seq.seq (usize, usize)); + [#"../03_std_iterators.rs" 97 4 97 36] _33 <- any Snapshot.snap_ty (Seq.seq (usize, usize)); [#"../03_std_iterators.rs" 101 9 101 10] i <- ([#"../03_std_iterators.rs" 101 9 101 10] let (a, _) = __creusot_proc_iter_elem in a); [#"../03_std_iterators.rs" 101 12 101 13] j <- ([#"../03_std_iterators.rs" 101 12 101 13] let (_, a) = __creusot_proc_iter_elem in a); assume { resolve2 __creusot_proc_iter_elem }; diff --git a/creusot/tests/should_succeed/iterators/03_std_iterators.rs b/creusot/tests/should_succeed/iterators/03_std_iterators.rs index 9eacdb997d..48129ab740 100644 --- a/creusot/tests/should_succeed/iterators/03_std_iterators.rs +++ b/creusot/tests/should_succeed/iterators/03_std_iterators.rs @@ -93,7 +93,7 @@ fn equiv_reverse_range(s1: Seq, s2: Seq, l: Int, u: Int, n: Int) -> boo #[ensures((^slice)@.ext_eq(slice@.reverse()))] pub fn my_reverse(slice: &mut [T]) { let n = slice.len(); - let old_v: Ghost<&mut [T]> = gh! { slice }; + let old_v: Snapshot<&mut [T]> = snapshot! { slice }; #[invariant(n@ == slice@.len())] #[invariant(equiv_range(slice@, old_v@, produced.len(), n@-produced.len()))] #[invariant(equiv_reverse_range(slice@, old_v@, 0, produced.len(), n@-1))] diff --git a/creusot/tests/should_succeed/iterators/04_skip.mlcfg b/creusot/tests/should_succeed/iterators/04_skip.mlcfg index 247a964a99..c8924be797 100644 --- a/creusot/tests/should_succeed/iterators/04_skip.mlcfg +++ b/creusot/tests/should_succeed/iterators/04_skip.mlcfg @@ -296,25 +296,25 @@ module C04Skip_Impl0_Next ensures { result = produces_refl0 self } axiom produces_refl0_spec : forall self : i . ([#"../common.rs" 15 21 15 25] inv3 self) -> ([#"../common.rs" 14 14 14 45] produces0 self (Seq.empty ) self) - use prelude.Ghost - predicate invariant1 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant1 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate invariant1 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant1 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv1 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv1 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv1 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv1 x = true - predicate invariant0 (self : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i))) - val invariant0 (self : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i))) : bool + axiom inv1 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv1 x = true + predicate invariant0 (self : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i))) + val invariant0 (self : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i))) - val inv0 (_x : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i))) + val inv0 (_x : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i)) . inv0 x = true predicate resolve3 (self : item0) val resolve3 (self : item0) : bool ensures { result = resolve3 self } @@ -357,19 +357,19 @@ module C04Skip_Impl0_Next end } ensures { [#"../common.rs" 27 26 27 44] inv5 result } - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq item0)) (ix : int) : item0 = - [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq item0)) (ix : int) : item0 + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq item0)) (ix : int) : item0 = + [#"../../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq item0)) (ix : int) : item0 ensures { result = index_logic0 self ix } - use prelude.Ghost - use prelude.Ghost - predicate resolve2 (self : Ghost.ghost_ty (Seq.seq item0)) - val resolve2 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + use prelude.Snapshot + predicate resolve2 (self : Snapshot.snap_ty (Seq.seq item0)) + val resolve2 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = resolve2 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve1 (self : borrowed usize) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve1 (self : borrowed usize) : bool @@ -386,11 +386,11 @@ module C04Skip_Impl0_Next ensures { [#"../../../../../creusot-contracts/src/std/mem.rs" 16 22 16 42] is_default0 ( ^ dest) } ensures { inv7 result } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i))) - val resolve0 (self : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i))) + val resolve0 (self : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg next [#"../04_skip.rs" 63 4 63 41] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (C04Skip_Skip_Type.t_skip i)) : Core_Option_Option_Type.t_option item0 requires {[#"../04_skip.rs" 63 17 63 21] inv2 self} ensures { [#"../04_skip.rs" 59 14 62 5] match result with @@ -402,20 +402,20 @@ module C04Skip_Impl0_Next = [@vc:do_not_keep_trace] [@vc:sp] var _0 : Core_Option_Option_Type.t_option item0; var self : borrowed (C04Skip_Skip_Type.t_skip i) = self; - var old_self : Ghost.ghost_ty (borrowed (C04Skip_Skip_Type.t_skip i)); + var old_self : Snapshot.snap_ty (borrowed (C04Skip_Skip_Type.t_skip i)); var n : usize; var _6 : borrowed usize; var _7 : borrowed usize; - var skipped : Ghost.ghost_ty (Seq.seq item0); + var skipped : Snapshot.snap_ty (Seq.seq item0); var r : Core_Option_Option_Type.t_option item0; var _18 : borrowed i; var x : item0; - var _25 : Ghost.ghost_ty (Seq.seq item0); + var _25 : Snapshot.snap_ty (Seq.seq item0); { goto BB0 } BB0 { - [#"../04_skip.rs" 64 23 64 35] old_self <- ([#"../04_skip.rs" 64 23 64 35] Ghost.new self); + [#"../04_skip.rs" 64 23 64 41] old_self <- ([#"../04_skip.rs" 64 23 64 41] Snapshot.new self); goto BB1 } BB1 { @@ -431,7 +431,7 @@ module C04Skip_Impl0_Next } BB2 { assume { resolve1 _7 }; - [#"../04_skip.rs" 66 26 66 44] skipped <- ([#"../04_skip.rs" 66 26 66 44] Ghost.new (Seq.empty )); + [#"../04_skip.rs" 66 26 66 50] skipped <- ([#"../04_skip.rs" 66 26 66 50] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -440,9 +440,9 @@ module C04Skip_Impl0_Next goto BB4 } BB4 { - invariant { [#"../04_skip.rs" 67 20 67 53] Seq.length (Ghost.inner skipped) + UIntSize.to_int n = UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * Ghost.inner old_self)) }; - invariant { [#"../04_skip.rs" 67 8 67 55] produces0 (C04Skip_Skip_Type.skip_iter ( * Ghost.inner old_self)) (Ghost.inner skipped) (C04Skip_Skip_Type.skip_iter ( * self)) }; - invariant { [#"../04_skip.rs" 67 8 67 55] forall i : int . 0 <= i /\ i < Seq.length (Ghost.inner skipped) -> resolve3 (index_logic0 skipped i) }; + invariant { [#"../04_skip.rs" 67 20 67 53] Seq.length (Snapshot.inner skipped) + UIntSize.to_int n = UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * Snapshot.inner old_self)) }; + invariant { [#"../04_skip.rs" 67 8 67 55] produces0 (C04Skip_Skip_Type.skip_iter ( * Snapshot.inner old_self)) (Snapshot.inner skipped) (C04Skip_Skip_Type.skip_iter ( * self)) }; + invariant { [#"../04_skip.rs" 67 8 67 55] forall i : int . 0 <= i /\ i < Seq.length (Snapshot.inner skipped) -> resolve3 (index_logic0 skipped i) }; invariant { [#"../04_skip.rs" 70 20 70 35] UIntSize.to_int (C04Skip_Skip_Type.skip_n ( * self)) = 0 }; invariant { [#"../04_skip.rs" 71 20 71 29] inv2 self }; goto BB5 @@ -491,12 +491,12 @@ module C04Skip_Impl0_Next assume { resolve3 x }; assert { [@expl:type invariant] inv5 r }; assume { resolve4 r }; - [#"../04_skip.rs" 78 26 78 67] _25 <- ([#"../04_skip.rs" 78 26 78 67] Ghost.new (Seq.(++) (Ghost.inner skipped) (Seq.singleton x))); + [#"../04_skip.rs" 78 26 78 73] _25 <- ([#"../04_skip.rs" 78 26 78 73] Snapshot.new (Seq.(++) (Snapshot.inner skipped) (Seq.singleton x))); goto BB12 } BB12 { - [#"../04_skip.rs" 78 16 78 67] skipped <- ([#"../04_skip.rs" 78 16 78 67] _25); - [#"../04_skip.rs" 78 16 78 67] _25 <- any Ghost.ghost_ty (Seq.seq item0); + [#"../04_skip.rs" 78 16 78 73] skipped <- ([#"../04_skip.rs" 78 16 78 73] _25); + [#"../04_skip.rs" 78 16 78 73] _25 <- any Snapshot.snap_ty (Seq.seq item0); assert { [@expl:type invariant] inv1 skipped }; assume { resolve2 skipped }; [#"../04_skip.rs" 79 16 79 22] n <- ([#"../04_skip.rs" 79 16 79 22] n - ([#"../04_skip.rs" 79 21 79 22] [#"../04_skip.rs" 79 21 79 22] (1 : usize))); diff --git a/creusot/tests/should_succeed/iterators/04_skip.rs b/creusot/tests/should_succeed/iterators/04_skip.rs index ff5ebbc063..792f7a31d8 100644 --- a/creusot/tests/should_succeed/iterators/04_skip.rs +++ b/creusot/tests/should_succeed/iterators/04_skip.rs @@ -18,7 +18,7 @@ where type Item = I::Item; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (^self).n@ == 0 && @@ -32,7 +32,7 @@ where } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { visited == Seq::EMPTY && self == o || @@ -61,9 +61,9 @@ where Some(v) => (*self).produces(Seq::singleton(v), ^self) })] fn next(&mut self) -> Option { - let old_self = gh! { self }; + let old_self = snapshot! { self }; let mut n = std::mem::take(&mut self.n); - let mut skipped = gh! { Seq::EMPTY }; + let mut skipped = snapshot! { Seq::EMPTY }; #[invariant(skipped.len() + n@ == old_self.n@)] #[invariant(old_self.iter.produces(skipped.inner(), self.iter))] #[invariant(forall 0 <= i && i < skipped.len() ==> skipped[i].resolve())] @@ -75,7 +75,7 @@ where return r; } if let Some(x) = r { - skipped = gh! { skipped.concat(Seq::singleton(x)) }; + skipped = snapshot! { skipped.concat(Seq::singleton(x)) }; n -= 1 } else { return r; diff --git a/creusot/tests/should_succeed/iterators/05_map.mlcfg b/creusot/tests/should_succeed/iterators/05_map.mlcfg index e8ee06ea2e..f03f4055a9 100644 --- a/creusot/tests/should_succeed/iterators/05_map.mlcfg +++ b/creusot/tests/should_succeed/iterators/05_map.mlcfg @@ -1220,7 +1220,7 @@ module C05Map_Impl0_Next val completed0 [#"../05_map.rs" 22 4 22 35] (self : borrowed (C05Map_Map_Type.t_map i b f)) : bool ensures { result = completed0 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (C05Map_Map_Type.t_map i b f)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (C05Map_Map_Type.t_map i b f)) : bool @@ -1233,11 +1233,11 @@ module C05Map_Impl0_Next ensures { [#"../../../../../creusot-contracts/src/std/ops.rs" 148 0 172 1] postcondition_mut0 self args result } ensures { inv8 result } - predicate resolve1 (self : Ghost.ghost_ty ()) - val resolve1 (self : Ghost.ghost_ty ()) : bool + predicate resolve1 (self : Snapshot.snap_ty ()) + val resolve1 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot function produces_one_invariant0 [#"../05_map.rs" 107 4 107 73] (self : C05Map_Map_Type.t_map i b f) (e : item0) (r : b) (f : borrowed f) (iter : i) : () val produces_one_invariant0 [#"../05_map.rs" 107 4 107 73] (self : C05Map_Map_Type.t_map i b f) (e : item0) (r : b) (f : borrowed f) (iter : i) : () @@ -1278,7 +1278,7 @@ module C05Map_Impl0_Next var _3 : Core_Option_Option_Type.t_option item0; var _4 : borrowed i; var v : item0; - var _9 : Ghost.ghost_ty (); + var _9 : Snapshot.snap_ty (); var _11 : b; var _12 : borrowed f; { @@ -1326,7 +1326,7 @@ module C05Map_Impl0_Next goto BB6 } BB6 { - [#"../05_map.rs" 64 16 64 52] _9 <- ([#"../05_map.rs" 64 16 64 52] Ghost.new ()); + [#"../05_map.rs" 64 16 64 58] _9 <- ([#"../05_map.rs" 64 16 64 58] Snapshot.new ()); goto BB7 } BB7 { diff --git a/creusot/tests/should_succeed/iterators/05_map.rs b/creusot/tests/should_succeed/iterators/05_map.rs index f3bd5283ab..971ea5dbe3 100644 --- a/creusot/tests/should_succeed/iterators/05_map.rs +++ b/creusot/tests/should_succeed/iterators/05_map.rs @@ -18,7 +18,7 @@ impl B> Iterator for Map { type Item = B; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.iter.completed() && (*self).func == (^self).func } } @@ -36,7 +36,7 @@ impl B> Iterator for Map { fn produces_trans(a: Self, ab: Seq, b: Self, bc: Seq, c: Self) {} #[open] - #[predicate] + #[predicate(prophetic)] #[why3::attr = "inline:trivial"] fn produces(self, visited: Seq, succ: Self) -> bool { pearlite! { @@ -61,7 +61,7 @@ impl B> Iterator for Map { match self.iter.next() { Some(v) => { proof_assert! { self.func.precondition((v,)) }; - gh! { Self::produces_one_invariant }; + snapshot! { Self::produces_one_invariant }; Some((self.func)(v)) } None => None, @@ -70,14 +70,14 @@ impl B> Iterator for Map { } impl B> Map { - #[predicate] + #[predicate(prophetic)] fn next_precondition(iter: I, func: F) -> bool { pearlite! { forall iter.produces(Seq::singleton(e), i) ==> func.precondition((e,)) } } - #[predicate] + #[predicate(prophetic)] fn preservation(iter: I, func: F) -> bool { pearlite! { forall, e1: I::Item, e2: I::Item, f: &mut F, b: B, i: I> @@ -89,7 +89,7 @@ impl B> Map { } } - #[predicate] + #[predicate(prophetic)] fn reinitialize() -> bool { pearlite! { forall @@ -98,7 +98,7 @@ impl B> Map { } } - #[ghost] + #[logic] #[requires(self.iter.produces(Seq::singleton(e), iter))] #[requires(*f == self.func)] #[requires(f.postcondition_mut((e,), r) )] @@ -112,7 +112,7 @@ impl B> Map { } } - #[predicate] + #[predicate(prophetic)] #[ensures(result == self.produces(Seq::singleton(visited), succ))] fn produces_one(self, visited: B, succ: Self) -> bool { pearlite! { @@ -126,7 +126,7 @@ impl B> Map { impl B> Invariant for Map { // Should not quantify over self or the `invariant` cannot be made into a type invariant - #[predicate] + #[predicate(prophetic)] #[open(self)] fn invariant(self) -> bool { pearlite! { diff --git a/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg b/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg index 034ca354fa..0a3bb325c0 100644 --- a/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg +++ b/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg @@ -2,11 +2,11 @@ module C06MapPrecond_Map_Type type item0 use seq.Seq - use prelude.Ghost + use prelude.Snapshot type t_map 'i 'b 'f 'proj0 = - | C_Map 'i 'f (Ghost.ghost_ty (Seq.seq 'proj0)) + | C_Map 'i 'f (Snapshot.snap_ty (Seq.seq 'proj0)) - let function map_produced (self : t_map 'i 'b 'f 'proj0) : Ghost.ghost_ty (Seq.seq 'proj0) + let function map_produced (self : t_map 'i 'b 'f 'proj0) : Snapshot.snap_ty (Seq.seq 'proj0) = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_Map _ _ a -> a @@ -26,31 +26,31 @@ module C06MapPrecond_Impl1_PreservationInv_Impl type f type item0 use seq.Seq - use prelude.Ghost - predicate invariant6 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant6 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + use prelude.Snapshot + predicate invariant6 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant6 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant6 self } - predicate inv6 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv6 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv6 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv6 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv6 _x } - axiom inv6 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv6 x = true + axiom inv6 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv6 x = true predicate resolve0 (self : f) val resolve0 (self : f) : bool ensures { result = resolve0 self } use prelude.Borrow - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } predicate inv4 (_x : borrowed f) val inv4 (_x : borrowed f) : bool ensures { result = inv4 _x } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } predicate inv3 (_x : b) @@ -61,14 +61,14 @@ module C06MapPrecond_Impl1_PreservationInv_Impl val inv1 (_x : f) : bool ensures { result = inv1 _x } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv1 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv6 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv3 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv1 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv6 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv3 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv4 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv1 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv6 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv3 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv4 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) predicate unnest0 (self : f) (_2 : f) val unnest0 (self : f) (_2 : f) : bool ensures { result = unnest0 self _2 } @@ -89,15 +89,16 @@ module C06MapPrecond_Impl1_PreservationInv_Impl ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv1 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv4 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv6 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv3 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv4 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv6 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv3 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv4 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv6 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv3 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) predicate invariant5 (self : item0) val invariant5 (self : item0) : bool ensures { result = invariant5 self } @@ -165,14 +166,14 @@ module C06MapPrecond_Impl1_PreservationInv_Impl ensures { result = invariant0 self } axiom inv0 : forall x : i . inv0 x = true - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv3 b -> inv4 f -> inv5 e2 -> inv5 e1 -> inv2 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv3 b -> inv4 f -> inv5 e2 -> inv5 e1 -> inv2 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } @@ -183,7 +184,7 @@ module C06MapPrecond_Impl1_PreservationInv_Impl ensures { [#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> result = preservation0 iter func } = [@vc:do_not_keep_trace] [@vc:sp] - [#"../06_map_precond.rs" 94 8 101 9] pure {forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv3 b -> inv4 f -> inv5 e2 -> inv5 e1 -> inv2 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1))} + [#"../06_map_precond.rs" 94 8 101 9] pure {forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv3 b -> inv4 f -> inv5 e2 -> inv5 e1 -> inv2 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1))} end module C06MapPrecond_Impl0_ProducesRefl_Impl type i @@ -219,16 +220,16 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl axiom inv8 : forall x : b . inv8 x = true use seq.Seq - use prelude.Ghost - predicate invariant7 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant7 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + use prelude.Snapshot + predicate invariant7 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant7 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant7 self } - predicate inv7 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv7 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv7 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv7 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv7 _x } - axiom inv7 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv7 x = true + axiom inv7 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv7 x = true predicate invariant6 (self : borrowed f) val invariant6 (self : borrowed f) : bool ensures { result = invariant6 self } @@ -238,15 +239,15 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl ensures { result = inv6 _x } axiom inv6 : forall x : borrowed f . inv6 x = true - predicate invariant5 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant5 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate invariant5 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant5 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant5 self } - predicate inv5 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv5 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv5 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv5 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv5 _x } - axiom inv5 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv5 x = true + axiom inv5 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv5 x = true predicate invariant4 (self : f) val invariant4 (self : f) : bool ensures { result = invariant4 self } @@ -287,22 +288,22 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl val resolve0 (self : f) : bool ensures { result = resolve0 self } - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv4 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv7 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv8 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv4 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv8 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv6 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv4 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv8 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv6 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) predicate unnest0 (self : f) (_2 : f) val unnest0 (self : f) (_2 : f) : bool ensures { result = unnest0 self _2 } @@ -323,15 +324,16 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv4 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv6 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv7 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv8 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv8 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv8 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) use seq.Seq predicate produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool @@ -357,25 +359,25 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl ensures { result = produces_refl0 self } axiom produces_refl0_spec : forall self : i . ([#"../common.rs" 15 21 15 25] inv3 self) -> ([#"../common.rs" 14 14 14 45] produces1 self (Seq.empty ) self) - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv3 i -> inv10 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv3 i -> inv10 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } use seq.Seq predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv3 i -> inv8 b -> inv6 f -> inv10 e2 -> inv10 e1 -> inv1 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv3 i -> inv8 b -> inv6 f -> inv10 e2 -> inv10 e1 -> inv1 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv3 i -> inv8 b -> inv6 f -> inv10 e2 -> inv10 e1 -> inv1 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv3 i -> inv8 b -> inv6 f -> inv10 e2 -> inv10 e1 -> inv1 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv3 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv4 func} @@ -383,7 +385,7 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : f, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv3 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv4 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv1 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed0 self } @@ -395,7 +397,7 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl use C06MapPrecond_Map_Type as C06MapPrecond_Map_Type predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant0 self } @@ -412,17 +414,17 @@ module C06MapPrecond_Impl0_ProducesRefl_Impl use seq.Seq use prelude.Int use seq.Seq - use prelude.Ghost + use prelude.Snapshot use seq.Seq use seq.Seq predicate produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv1 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv2 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv1 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv2 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then C06MapPrecond_Map_Type.map_func self = C06MapPrecond_Map_Type.map_func succ else * Seq.get fs 0 = C06MapPrecond_Map_Type.map_func self /\ ^ Seq.get fs (Seq.length visited - 1) = C06MapPrecond_Map_Type.map_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = produces0 self visited succ } @@ -468,16 +470,16 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl axiom inv9 : forall x : b . inv9 x = true use seq.Seq - use prelude.Ghost - predicate invariant8 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant8 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + use prelude.Snapshot + predicate invariant8 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant8 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant8 self } - predicate inv8 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv8 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv8 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv8 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv8 _x } - axiom inv8 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv8 x = true + axiom inv8 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv8 x = true predicate invariant7 (self : borrowed f) val invariant7 (self : borrowed f) : bool ensures { result = invariant7 self } @@ -487,15 +489,15 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl ensures { result = inv7 _x } axiom inv7 : forall x : borrowed f . inv7 x = true - predicate invariant6 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant6 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate invariant6 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant6 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant6 self } - predicate inv6 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv6 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv6 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv6 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv6 _x } - axiom inv6 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv6 x = true + axiom inv6 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv6 x = true predicate invariant5 (self : f) val invariant5 (self : f) : bool ensures { result = invariant5 self } @@ -536,22 +538,22 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl val resolve0 (self : f) : bool ensures { result = resolve0 self } - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv5 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv8 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv9 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv5 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv7 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv5 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv7 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) predicate unnest0 (self : f) (_2 : f) val unnest0 (self : f) (_2 : f) : bool ensures { result = unnest0 self _2 } @@ -572,15 +574,16 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv5 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv7 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv8 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv9 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) use seq.Seq predicate produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool @@ -615,25 +618,25 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl ensures { result = inv1 _x } axiom inv1 : forall x : Seq.seq b . inv1 x = true - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv4 i -> inv11 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv4 i -> inv11 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } use seq.Seq predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv2 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv2 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv2 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv2 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv4 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv5 func} @@ -641,7 +644,7 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : f, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv4 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv5 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv2 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed0 self } @@ -653,7 +656,7 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl use C06MapPrecond_Map_Type as C06MapPrecond_Map_Type predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant0 self } @@ -671,17 +674,17 @@ module C06MapPrecond_Impl0_ProducesTrans_Impl use seq.Seq use prelude.Int use seq.Seq - use prelude.Ghost + use prelude.Snapshot use seq.Seq use seq.Seq predicate produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv2 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv3 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv2 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv3 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then C06MapPrecond_Map_Type.map_func self = C06MapPrecond_Map_Type.map_func succ else * Seq.get fs 0 = C06MapPrecond_Map_Type.map_func self /\ ^ Seq.get fs (Seq.length visited - 1) = C06MapPrecond_Map_Type.map_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = produces0 self visited succ } @@ -725,16 +728,16 @@ module C06MapPrecond_Impl1_ProducesOne_Impl axiom inv11 : forall x : borrowed i . inv11 x = true type item0 use seq.Seq - use prelude.Ghost - predicate invariant10 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant10 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + use prelude.Snapshot + predicate invariant10 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant10 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant10 self } - predicate inv10 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv10 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv10 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv10 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv10 _x } - axiom inv10 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv10 x = true + axiom inv10 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv10 x = true predicate invariant9 (self : Seq.seq b) val invariant9 (self : Seq.seq b) : bool ensures { result = invariant9 self } @@ -744,15 +747,15 @@ module C06MapPrecond_Impl1_ProducesOne_Impl ensures { result = inv9 _x } axiom inv9 : forall x : Seq.seq b . inv9 x = true - predicate invariant8 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant8 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate invariant8 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant8 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant8 self } - predicate inv8 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv8 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv8 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv8 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv8 _x } - axiom inv8 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv8 x = true + axiom inv8 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv8 x = true predicate invariant7 (self : f) val invariant7 (self : f) : bool ensures { result = invariant7 self } @@ -793,30 +796,30 @@ module C06MapPrecond_Impl1_ProducesOne_Impl val resolve0 (self : f) : bool ensures { result = resolve0 self } - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } predicate inv2 (_x : borrowed f) val inv2 (_x : borrowed f) : bool ensures { result = inv2 _x } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } predicate inv1 (_x : b) val inv1 (_x : b) : bool ensures { result = inv1 _x } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv7 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv10 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv1 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv10 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv1 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv2 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv10 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv1 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv2 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) predicate unnest0 (self : f) (_2 : f) val unnest0 (self : f) (_2 : f) : bool ensures { result = unnest0 self _2 } @@ -837,15 +840,16 @@ module C06MapPrecond_Impl1_ProducesOne_Impl ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv2 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv10 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv1 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv10 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv1 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv10 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv1 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) predicate invariant3 (self : item0) val invariant3 (self : item0) : bool ensures { result = invariant3 self } @@ -892,28 +896,28 @@ module C06MapPrecond_Impl1_ProducesOne_Impl ensures { result = inv0 _x } use seq.Seq - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot use seq_ext.SeqExt use seq.Seq use seq.Seq use prelude.Int use seq.Seq - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot use seq.Seq use seq.Seq predicate produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv4 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv5 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv4 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv5 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then C06MapPrecond_Map_Type.map_func self = C06MapPrecond_Map_Type.map_func succ else * Seq.get fs 0 = C06MapPrecond_Map_Type.map_func self /\ ^ Seq.get fs (Seq.length visited - 1) = C06MapPrecond_Map_Type.map_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = produces0 self visited succ } @@ -947,18 +951,18 @@ module C06MapPrecond_Impl1_ProducesOne_Impl axiom inv1 : forall x : b . inv1 x = true use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv6 i -> inv3 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv6 i -> inv3 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } use seq.Seq predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv6 i -> inv1 b -> inv2 f -> inv3 e2 -> inv3 e1 -> inv4 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv6 i -> inv1 b -> inv2 f -> inv3 e2 -> inv3 e1 -> inv4 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv6 i -> inv1 b -> inv2 f -> inv3 e2 -> inv3 e1 -> inv4 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv6 i -> inv1 b -> inv2 f -> inv3 e2 -> inv3 e1 -> inv4 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv6 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv7 func} @@ -976,7 +980,7 @@ module C06MapPrecond_Impl1_ProducesOne_Impl ensures { result = reinitialize0 _1 } predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant0 self } @@ -991,7 +995,7 @@ module C06MapPrecond_Impl1_ProducesOne_Impl ensures { [#"../06_map_precond.rs" 141 14 141 68] result = produces0 self (Seq.singleton visited) succ } = [@vc:do_not_keep_trace] [@vc:sp] - [#"../06_map_precond.rs" 143 8 149 9] pure {exists f : borrowed f . inv2 f /\ * f = C06MapPrecond_Map_Type.map_func self /\ ^ f = C06MapPrecond_Map_Type.map_func succ /\ (exists e : item0 . inv3 e /\ produces1 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e /\ precondition0 ( * f) (e, C06MapPrecond_Map_Type.map_produced self) /\ postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) visited)} + [#"../06_map_precond.rs" 143 8 149 9] pure {exists f : borrowed f . inv2 f /\ * f = C06MapPrecond_Map_Type.map_func self /\ ^ f = C06MapPrecond_Map_Type.map_func succ /\ (exists e : item0 . inv3 e /\ produces1 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e /\ precondition0 ( * f) (e, C06MapPrecond_Map_Type.map_produced self) /\ postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) visited)} end module C06MapPrecond_Impl1_ProducesOneInvariant_Impl type i @@ -1009,25 +1013,25 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl axiom inv9 : forall x : borrowed i . inv9 x = true type item0 use seq.Seq - use prelude.Ghost - predicate invariant8 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant8 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate invariant8 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant8 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant8 self } - predicate inv8 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv8 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv8 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv8 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv8 _x } - axiom inv8 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv8 x = true - predicate invariant7 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant7 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + axiom inv8 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv8 x = true + predicate invariant7 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant7 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant7 self } - predicate inv7 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv7 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv7 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv7 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv7 _x } - axiom inv7 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv7 x = true + axiom inv7 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv7 x = true predicate invariant6 (self : f) val invariant6 (self : f) : bool ensures { result = invariant6 self } @@ -1082,23 +1086,23 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl ensures { result = inv1 _x } axiom inv1 : forall x : item0 . inv1 x = true - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot predicate produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces0 self visited o } use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv4 i -> inv1 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv4 i -> inv1 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } use seq.Seq @@ -1108,13 +1112,13 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl ensures { result = unnest0 self _2 } predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv2 b -> inv3 f -> inv1 e2 -> inv1 e1 -> inv5 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv2 b -> inv3 f -> inv1 e2 -> inv1 e1 -> inv5 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } use seq.Seq predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv2 b -> inv3 f -> inv1 e2 -> inv1 e1 -> inv5 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv2 b -> inv3 f -> inv1 e2 -> inv1 e1 -> inv5 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv4 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv6 func} @@ -1122,7 +1126,7 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : f, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv4 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv6 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv5 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed0 self } @@ -1134,7 +1138,7 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl use C06MapPrecond_Map_Type as C06MapPrecond_Map_Type predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant0 self } @@ -1149,18 +1153,18 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl val resolve0 (self : f) : bool ensures { result = resolve0 self } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv6 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv7 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv2 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv2 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv3 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv2 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv3 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) function unnest_trans0 (self : f) (b : f) (c : f) : () val unnest_trans0 (self : f) (b : f) (c : f) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 114 15 114 29] unnest0 self b} @@ -1177,15 +1181,16 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv3 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv7 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv2 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv3 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv2 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv3 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv7 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv2 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) function produces_trans0 [#"../common.rs" 21 4 21 91] (a : i) (ab : Seq.seq item0) (b : i) (bc : Seq.seq item0) (c : i) : () val produces_trans0 [#"../common.rs" 21 4 21 91] (a : i) (ab : Seq.seq item0) (b : i) (bc : Seq.seq item0) (c : i) : () @@ -1214,8 +1219,8 @@ module C06MapPrecond_Impl1_ProducesOneInvariant_Impl requires {[#"../06_map_precond.rs" 132 48 132 49] inv2 r} requires {[#"../06_map_precond.rs" 132 54 132 55] inv3 f} requires {[#"../06_map_precond.rs" 132 65 132 69] inv4 iter} - ensures { [#"../06_map_precond.rs" 130 14 130 69] preservation_inv0 iter ( ^ f) (Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e) } - ensures { [#"../06_map_precond.rs" 131 14 131 70] next_precondition0 iter ( ^ f) (Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e) } + ensures { [#"../06_map_precond.rs" 130 14 130 69] preservation_inv0 iter ( ^ f) (Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e) } + ensures { [#"../06_map_precond.rs" 131 14 131 70] next_precondition0 iter ( ^ f) (Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e) } = [@vc:do_not_keep_trace] [@vc:sp] [#"../06_map_precond.rs" 126 4 126 12] let _ = let a = pure {forall i : i . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv4 i -> inv1 e2 -> inv1 e1 -> inv5 s -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> produces0 (C06MapPrecond_Map_Type.map_iter self) (Seq.snoc (Seq.snoc (Seq.(++) (Seq.singleton e) s) e1) e2) i} in assert {a} in () @@ -1254,9 +1259,9 @@ module C06MapPrecond_Impl0_Next ensures { result = inv11 _x } axiom inv11 : forall x : item0 . inv11 x = true - use prelude.Ghost - predicate inv3 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv3 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate inv3 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv3 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv3 _x } predicate inv2 (_x : f) @@ -1267,23 +1272,23 @@ module C06MapPrecond_Impl0_Next val inv0 (_x : i) : bool ensures { result = inv0 _x } - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot predicate produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces0 self visited o } use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv0 i -> inv11 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv0 i -> inv11 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } use seq.Seq @@ -1301,13 +1306,13 @@ module C06MapPrecond_Impl0_Next ensures { result = inv9 _x } predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv12 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv12 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } use seq.Seq predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv12 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv9 b -> inv7 f -> inv11 e2 -> inv11 e1 -> inv12 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv0 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv2 func} @@ -1315,7 +1320,7 @@ module C06MapPrecond_Impl0_Next ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : f, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv0 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv2 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv12 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed1 self } @@ -1331,7 +1336,7 @@ module C06MapPrecond_Impl0_Next use C06MapPrecond_Map_Type as C06MapPrecond_Map_Type predicate invariant10 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant10 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant10 self } @@ -1351,22 +1356,22 @@ module C06MapPrecond_Impl0_Next val resolve4 (self : f) : bool ensures { result = resolve4 self } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } - predicate inv8 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv8 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv8 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv8 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv8 _x } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv2 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv8 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv9 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv7 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve4 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv7 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve4 ( ^ s))) function unnest_trans0 (self : f) (b : f) (c : f) : () val unnest_trans0 (self : f) (b : f) (c : f) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 114 15 114 29] unnest0 self b} @@ -1383,20 +1388,21 @@ module C06MapPrecond_Impl0_Next ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv7 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv8 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv9 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) - predicate invariant8 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant8 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv7 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv8 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv9 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + predicate invariant8 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant8 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant8 self } - axiom inv8 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv8 x = true + axiom inv8 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv8 x = true predicate invariant7 (self : borrowed f) val invariant7 (self : borrowed f) : bool ensures { result = invariant7 self } @@ -1426,11 +1432,11 @@ module C06MapPrecond_Impl0_Next ensures { result = inv4 _x } axiom inv4 : forall x : borrowed (C06MapPrecond_Map_Type.t_map i b f item0) . inv4 x = (inv10 ( * x) /\ inv10 ( ^ x)) - predicate invariant3 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant3 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate invariant3 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant3 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant3 self } - axiom inv3 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv3 x = true + axiom inv3 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv3 x = true predicate invariant2 (self : f) val invariant2 (self : f) : bool ensures { result = invariant2 self } @@ -1469,7 +1475,7 @@ module C06MapPrecond_Impl0_Next ensures { result = invariant0 self } axiom inv0 : forall x : i . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use seq.Seq use seq_ext.SeqExt use seq.Seq @@ -1481,11 +1487,11 @@ module C06MapPrecond_Impl0_Next predicate produces1 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv12 s /\ Seq.length s = Seq.length visited /\ produces0 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv13 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv12 s /\ Seq.length s = Seq.length visited /\ produces0 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv13 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then C06MapPrecond_Map_Type.map_func self = C06MapPrecond_Map_Type.map_func succ else * Seq.get fs 0 = C06MapPrecond_Map_Type.map_func self /\ ^ Seq.get fs (Seq.length visited - 1) = C06MapPrecond_Map_Type.map_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces1 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = produces1 self visited succ } @@ -1493,7 +1499,7 @@ module C06MapPrecond_Impl0_Next predicate produces_one0 [#"../06_map_precond.rs" 142 4 142 57] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 143 8 149 9] exists f : borrowed f . inv7 f /\ * f = C06MapPrecond_Map_Type.map_func self /\ ^ f = C06MapPrecond_Map_Type.map_func succ /\ (exists e : item0 . inv11 e /\ produces0 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e /\ precondition0 ( * f) (e, C06MapPrecond_Map_Type.map_produced self) /\ postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) visited) + [#"../06_map_precond.rs" 143 8 149 9] exists f : borrowed f . inv7 f /\ * f = C06MapPrecond_Map_Type.map_func self /\ ^ f = C06MapPrecond_Map_Type.map_func succ /\ (exists e : item0 . inv11 e /\ produces0 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e /\ precondition0 ( * f) (e, C06MapPrecond_Map_Type.map_produced self) /\ postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) visited) val produces_one0 [#"../06_map_precond.rs" 142 4 142 57] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool requires {[#"../06_map_precond.rs" 142 20 142 24] inv10 self} requires {[#"../06_map_precond.rs" 142 26 142 33] inv9 visited} @@ -1503,15 +1509,15 @@ module C06MapPrecond_Impl0_Next axiom produces_one0_spec : forall self : C06MapPrecond_Map_Type.t_map i b f item0, visited : b, succ : C06MapPrecond_Map_Type.t_map i b f item0 . ([#"../06_map_precond.rs" 142 20 142 24] inv10 self) -> ([#"../06_map_precond.rs" 142 26 142 33] inv9 visited) -> ([#"../06_map_precond.rs" 142 38 142 42] inv10 succ) -> ([#"../06_map_precond.rs" 141 14 141 68] produces_one0 self visited succ = produces1 self (Seq.singleton visited) succ) predicate completed0 [#"../06_map_precond.rs" 21 4 21 35] (self : borrowed (C06MapPrecond_Map_Type.t_map i b f item0)) = - [#"../06_map_precond.rs" 22 8 25 9] Ghost.inner (C06MapPrecond_Map_Type.map_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (C06MapPrecond_Map_Type.map_iter ( * self)) (C06MapPrecond_Map_Type.map_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ C06MapPrecond_Map_Type.map_func ( * self) = C06MapPrecond_Map_Type.map_func ( ^ self) + [#"../06_map_precond.rs" 22 8 25 9] Snapshot.inner (C06MapPrecond_Map_Type.map_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (C06MapPrecond_Map_Type.map_iter ( * self)) (C06MapPrecond_Map_Type.map_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ C06MapPrecond_Map_Type.map_func ( * self) = C06MapPrecond_Map_Type.map_func ( ^ self) val completed0 [#"../06_map_precond.rs" 21 4 21 35] (self : borrowed (C06MapPrecond_Map_Type.t_map i b f item0)) : bool ensures { result = completed0 self } - predicate resolve3 (self : Ghost.ghost_ty ()) - val resolve3 (self : Ghost.ghost_ty ()) : bool + predicate resolve3 (self : Snapshot.snap_ty ()) + val resolve3 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve3 self } - use prelude.Ghost + use prelude.Snapshot function produces_one_invariant0 [#"../06_map_precond.rs" 132 4 132 73] (self : C06MapPrecond_Map_Type.t_map i b f item0) (e : item0) (r : b) (f : borrowed f) (iter : i) : () val produces_one_invariant0 [#"../06_map_precond.rs" 132 4 132 73] (self : C06MapPrecond_Map_Type.t_map i b f item0) (e : item0) (r : b) (f : borrowed f) (iter : i) : () @@ -1525,17 +1531,17 @@ module C06MapPrecond_Impl0_Next requires {[#"../06_map_precond.rs" 132 65 132 69] inv0 iter} ensures { result = produces_one_invariant0 self e r f iter } - axiom produces_one_invariant0_spec : forall self : C06MapPrecond_Map_Type.t_map i b f item0, e : item0, r : b, f : borrowed f, iter : i . ([#"../06_map_precond.rs" 127 4 127 60] produces0 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) iter) -> ([#"../06_map_precond.rs" 128 15 128 30] * f = C06MapPrecond_Map_Type.map_func self) -> ([#"../06_map_precond.rs" 129 15 129 57] postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) r) -> ([#"../06_map_precond.rs" 132 30 132 34] inv10 self) -> ([#"../06_map_precond.rs" 132 36 132 37] inv11 e) -> ([#"../06_map_precond.rs" 132 48 132 49] inv9 r) -> ([#"../06_map_precond.rs" 132 54 132 55] inv7 f) -> ([#"../06_map_precond.rs" 132 65 132 69] inv0 iter) -> ([#"../06_map_precond.rs" 131 14 131 70] next_precondition0 iter ( ^ f) (Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e)) && ([#"../06_map_precond.rs" 130 14 130 69] preservation_inv0 iter ( ^ f) (Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e)) + axiom produces_one_invariant0_spec : forall self : C06MapPrecond_Map_Type.t_map i b f item0, e : item0, r : b, f : borrowed f, iter : i . ([#"../06_map_precond.rs" 127 4 127 60] produces0 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) iter) -> ([#"../06_map_precond.rs" 128 15 128 30] * f = C06MapPrecond_Map_Type.map_func self) -> ([#"../06_map_precond.rs" 129 15 129 57] postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) r) -> ([#"../06_map_precond.rs" 132 30 132 34] inv10 self) -> ([#"../06_map_precond.rs" 132 36 132 37] inv11 e) -> ([#"../06_map_precond.rs" 132 48 132 49] inv9 r) -> ([#"../06_map_precond.rs" 132 54 132 55] inv7 f) -> ([#"../06_map_precond.rs" 132 65 132 69] inv0 iter) -> ([#"../06_map_precond.rs" 131 14 131 70] next_precondition0 iter ( ^ f) (Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e)) && ([#"../06_map_precond.rs" 130 14 130 69] preservation_inv0 iter ( ^ f) (Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e)) predicate resolve2 (self : borrowed (C06MapPrecond_Map_Type.t_map i b f item0)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (C06MapPrecond_Map_Type.t_map i b f item0)) : bool ensures { result = resolve2 self } - predicate resolve1 (self : Ghost.ghost_ty (Seq.seq item0)) - val resolve1 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate resolve1 (self : Snapshot.snap_ty (Seq.seq item0)) + val resolve1 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = resolve1 self } - val call_mut0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) : b + val call_mut0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) : b requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 160 27 160 52] precondition0 ( * self) args} requires {inv7 self} requires {inv8 args} @@ -1568,11 +1574,11 @@ module C06MapPrecond_Impl0_Next var _3 : Core_Option_Option_Type.t_option item0; var _4 : borrowed i; var v : item0; - var produced : Ghost.ghost_ty (Seq.seq item0); + var produced : Snapshot.snap_ty (Seq.seq item0); var r : b; var _12 : borrowed f; - var _17 : Ghost.ghost_ty (); - var _20 : Ghost.ghost_ty (Seq.seq item0); + var _17 : Snapshot.snap_ty (); + var _20 : Snapshot.snap_ty (Seq.seq item0); { goto BB0 } @@ -1593,7 +1599,7 @@ module C06MapPrecond_Impl0_Next BB2 { assert { [@expl:type invariant] inv1 _3 }; assume { resolve0 _3 }; - [#"../06_map_precond.rs" 74 32 74 50] _20 <- ([#"../06_map_precond.rs" 74 32 74 50] Ghost.new (Seq.empty )); + [#"../06_map_precond.rs" 74 32 74 56] _20 <- ([#"../06_map_precond.rs" 74 32 74 56] Snapshot.new (Seq.empty )); goto BB14 } BB3 { @@ -1616,7 +1622,7 @@ module C06MapPrecond_Impl0_Next goto BB6 } BB6 { - [#"../06_map_precond.rs" 67 31 67 60] produced <- ([#"../06_map_precond.rs" 67 31 67 60] Ghost.new (Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced ( * self))) v)); + [#"../06_map_precond.rs" 67 31 67 66] produced <- ([#"../06_map_precond.rs" 67 31 67 66] Snapshot.new (Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced ( * self))) v)); goto BB7 } BB7 { @@ -1639,7 +1645,7 @@ module C06MapPrecond_Impl0_Next assume { resolve1 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assert { [@expl:type invariant] inv4 self }; assume { resolve2 self }; - [#"../06_map_precond.rs" 70 16 70 52] _17 <- ([#"../06_map_precond.rs" 70 16 70 52] Ghost.new ()); + [#"../06_map_precond.rs" 70 16 70 58] _17 <- ([#"../06_map_precond.rs" 70 16 70 58] Snapshot.new ()); goto BB10 } BB10 { @@ -1658,8 +1664,8 @@ module C06MapPrecond_Impl0_Next goto BB15 } BB14 { - [#"../06_map_precond.rs" 74 16 74 50] self <- { self with current = (let C06MapPrecond_Map_Type.C_Map x0 x1 x2 = * self in C06MapPrecond_Map_Type.C_Map x0 x1 ([#"../06_map_precond.rs" 74 16 74 50] _20)) ; }; - [#"../06_map_precond.rs" 74 16 74 50] _20 <- any Ghost.ghost_ty (Seq.seq item0); + [#"../06_map_precond.rs" 74 16 74 56] self <- { self with current = (let C06MapPrecond_Map_Type.C_Map x0 x1 x2 = * self in C06MapPrecond_Map_Type.C_Map x0 x1 ([#"../06_map_precond.rs" 74 16 74 56] _20)) ; }; + [#"../06_map_precond.rs" 74 16 74 56] _20 <- any Snapshot.snap_ty (Seq.seq item0); assert { [@expl:type invariant] inv3 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assume { resolve1 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assert { [@expl:type invariant] inv4 self }; @@ -1681,40 +1687,40 @@ module C06MapPrecond_Map type f type item0 use seq.Seq - use prelude.Ghost - predicate invariant9 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) - val invariant9 (self : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + use prelude.Snapshot + predicate invariant9 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) + val invariant9 (self : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = invariant9 self } - predicate inv9 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) - val inv9 (_x : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate inv9 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) + val inv9 (_x : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = inv9 _x } - axiom inv9 : forall x : (item0, Ghost.ghost_ty (Seq.seq item0)) . inv9 x = true - predicate invariant8 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant8 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + axiom inv9 : forall x : (item0, Snapshot.snap_ty (Seq.seq item0)) . inv9 x = true + predicate invariant8 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant8 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant8 self } - predicate inv8 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv8 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv8 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv8 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv8 _x } - axiom inv8 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv8 x = true + axiom inv8 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv8 x = true predicate resolve0 (self : f) val resolve0 (self : f) : bool ensures { result = resolve0 self } use prelude.Borrow - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } predicate inv6 (_x : borrowed f) val inv6 (_x : borrowed f) : bool ensures { result = inv6 _x } - predicate postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_once0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_once0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_once0 self _2 _3 } predicate inv5 (_x : b) @@ -1725,14 +1731,14 @@ module C06MapPrecond_Map val inv2 (_x : f) : bool ensures { result = inv2 _x } - function fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val fn_mut_once0 (self : f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + val fn_mut_once0 (self : f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv2 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv9 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv5 res} ensures { result = fn_mut_once0 self args res } - axiom fn_mut_once0_spec : forall self : f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv9 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv5 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv6 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) + axiom fn_mut_once0_spec : forall self : f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 19 123 23] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 25 123 29] inv9 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 123 37 123 40] inv5 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 122 14 122 135] postcondition_once0 self args res = (exists s : borrowed f . inv6 s /\ * s = self /\ postcondition_mut0 s args res /\ resolve0 ( ^ s))) predicate unnest0 (self : f) (_2 : f) val unnest0 (self : f) (_2 : f) : bool ensures { result = unnest0 self _2 } @@ -1753,15 +1759,16 @@ module C06MapPrecond_Map ensures { result = unnest_refl0 self } axiom unnest_refl0_spec : forall self : f . ([#"../../../../../creusot-contracts/src/std/ops.rs" 110 19 110 23] inv2 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 109 14 109 31] unnest0 self self) - function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () - val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (res : b) : () + function postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () + + val postcondition_mut_unnest0 (self : borrowed f) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (res : b) : () requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv6 self} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv9 args} requires {[#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv5 res} ensures { result = postcondition_mut_unnest0 self args res } - axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Ghost.ghost_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv9 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv5 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) + axiom postcondition_mut_unnest0_spec : forall self : borrowed f, args : (item0, Snapshot.snap_ty (Seq.seq item0)), res : b . ([#"../../../../../creusot-contracts/src/std/ops.rs" 103 15 103 48] postcondition_mut0 self args res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 37 105 41] inv6 self) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 43 105 47] inv9 args) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 105 55 105 58] inv5 res) -> ([#"../../../../../creusot-contracts/src/std/ops.rs" 104 14 104 35] unnest0 ( * self) ( ^ self)) predicate invariant7 (self : Seq.seq item0) val invariant7 (self : Seq.seq item0) : bool ensures { result = invariant7 self } @@ -1794,11 +1801,11 @@ module C06MapPrecond_Map val inv0 (_x : i) : bool ensures { result = inv0 _x } - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot predicate produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces0 self visited o } @@ -1809,20 +1816,20 @@ module C06MapPrecond_Map ensures { result = inv1 _x } predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv0 i -> inv1 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv0 i -> inv1 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } use seq.Seq use seq.Seq predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv5 b -> inv6 f -> inv1 e2 -> inv1 e1 -> inv7 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv5 b -> inv6 f -> inv1 e2 -> inv1 e1 -> inv7 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } use seq.Seq predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv5 b -> inv6 f -> inv1 e2 -> inv1 e1 -> inv7 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv0 i -> inv5 b -> inv6 f -> inv1 e2 -> inv1 e1 -> inv7 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv0 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv2 func} @@ -1830,7 +1837,7 @@ module C06MapPrecond_Map ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : f, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv0 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv2 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv7 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed0 self } @@ -1842,7 +1849,7 @@ module C06MapPrecond_Map use C06MapPrecond_Map_Type as C06MapPrecond_Map_Type predicate invariant3 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant3 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant3 self } @@ -1888,19 +1895,19 @@ module C06MapPrecond_Map axiom produces_refl0_spec : forall self : i . ([#"../common.rs" 15 21 15 25] inv0 self) -> ([#"../common.rs" 14 14 14 45] produces0 self (Seq.empty ) self) let rec cfg map [#"../06_map_precond.rs" 170 0 173 17] [@cfg:stackify] [@cfg:subregion_analysis] (iter : i) (func : f) : C06MapPrecond_Map_Type.t_map i b f item0 - requires {[#"../06_map_precond.rs" 166 0 166 128] forall i2 : i . forall e : item0 . inv0 i2 -> inv1 e -> produces0 iter (Seq.singleton e) i2 -> precondition0 func (e, Ghost.new (Seq.empty ))} + requires {[#"../06_map_precond.rs" 166 0 166 131] forall i2 : i . forall e : item0 . inv0 i2 -> inv1 e -> produces0 iter (Seq.singleton e) i2 -> precondition0 func (e, Snapshot.new (Seq.empty ))} requires {[#"../06_map_precond.rs" 167 11 167 41] reinitialize0 ()} requires {[#"../06_map_precond.rs" 168 11 168 51] preservation0 iter func} requires {[#"../06_map_precond.rs" 171 4 171 8] inv0 iter} requires {[#"../06_map_precond.rs" 172 4 172 8] inv2 func} - ensures { [#"../06_map_precond.rs" 169 10 169 72] result = C06MapPrecond_Map_Type.C_Map iter func (Ghost.new (Seq.empty )) } + ensures { [#"../06_map_precond.rs" 169 10 169 75] result = C06MapPrecond_Map_Type.C_Map iter func (Snapshot.new (Seq.empty )) } ensures { [#"../06_map_precond.rs" 173 5 173 17] inv3 result } = [@vc:do_not_keep_trace] [@vc:sp] var _0 : C06MapPrecond_Map_Type.t_map i b f item0; var iter : i = iter; var func : f = func; - var _9 : Ghost.ghost_ty (Seq.seq item0); + var _9 : Snapshot.snap_ty (Seq.seq item0); { goto BB0 } @@ -1914,14 +1921,14 @@ module C06MapPrecond_Map goto BB3 } BB3 { - [#"../06_map_precond.rs" 174 32 174 48] _9 <- ([#"../06_map_precond.rs" 174 32 174 48] Ghost.new (Seq.empty )); + [#"../06_map_precond.rs" 174 32 174 54] _9 <- ([#"../06_map_precond.rs" 174 32 174 54] Snapshot.new (Seq.empty )); goto BB4 } BB4 { - [#"../06_map_precond.rs" 174 4 174 50] _0 <- ([#"../06_map_precond.rs" 174 4 174 50] C06MapPrecond_Map_Type.C_Map ([#"../06_map_precond.rs" 174 10 174 14] iter) ([#"../06_map_precond.rs" 174 16 174 20] func) _9); + [#"../06_map_precond.rs" 174 4 174 56] _0 <- ([#"../06_map_precond.rs" 174 4 174 56] C06MapPrecond_Map_Type.C_Map ([#"../06_map_precond.rs" 174 10 174 14] iter) ([#"../06_map_precond.rs" 174 16 174 20] func) _9); [#"../06_map_precond.rs" 174 10 174 14] iter <- any i; [#"../06_map_precond.rs" 174 16 174 20] func <- any f; - _9 <- any Ghost.ghost_ty (Seq.seq item0); + _9 <- any Snapshot.snap_ty (Seq.seq item0); goto BB5 } BB5 { @@ -1942,7 +1949,7 @@ module C06MapPrecond_Identity_Closure0_Type use seq.Seq use seq.Seq use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int16 type c06mapprecond_identity_closure0 'i = | C06MapPrecond_Identity_Closure0 @@ -1979,16 +1986,16 @@ module C06MapPrecond_Identity_Closure0 ensures { result = inv1 _x } axiom inv1 : forall x : item0 . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant0 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant0 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv0 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv0 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv0 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv0 x = true use seq.Seq predicate produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces0 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool @@ -2026,11 +2033,11 @@ module C06MapPrecond_Identity_Closure0 val resolve1 (self : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i)) : bool ensures { result = resolve1 self } - predicate resolve0 (self : Ghost.ghost_ty (Seq.seq item0)) - val resolve0 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate resolve0 (self : Snapshot.snap_ty (Seq.seq item0)) + val resolve0 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = resolve0 self } - let rec cfg c06MapPrecond_Identity_Closure0 [#"../06_map_precond.rs" 178 14 178 20] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i)) (x : item0) (_3 : Ghost.ghost_ty (Seq.seq item0)) : item0 + let rec cfg c06MapPrecond_Identity_Closure0 [#"../06_map_precond.rs" 178 14 178 20] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i)) (x : item0) (_3 : Snapshot.snap_ty (Seq.seq item0)) : item0 requires {[#"../06_map_precond.rs" 178 15 178 16] inv1 x} requires {inv0 _3} ensures { unnest0 ( * _1) ( ^ _1) } @@ -2040,7 +2047,7 @@ module C06MapPrecond_Identity_Closure0 var _0 : item0; var _1 : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) = _1; var x : item0 = x; - var _3 : Ghost.ghost_ty (Seq.seq item0) = _3; + var _3 : Snapshot.snap_ty (Seq.seq item0) = _3; { goto BB0 } @@ -2061,16 +2068,16 @@ module C06MapPrecond_Identity type i type item0 use seq.Seq - use prelude.Ghost - predicate invariant7 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant7 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate invariant7 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant7 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant7 self } - predicate inv7 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv7 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv7 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv7 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv7 _x } - axiom inv7 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv7 x = true + axiom inv7 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv7 x = true predicate invariant6 (self : Seq.seq item0) val invariant6 (self : Seq.seq item0) : bool ensures { result = invariant6 self } @@ -2153,16 +2160,16 @@ module C06MapPrecond_Identity ensures { result = produces_refl0 self } axiom produces_refl0_spec : forall self : i . ([#"../common.rs" 15 21 15 25] inv1 self) -> ([#"../common.rs" 14 14 14 45] produces0 self (Seq.empty ) self) - predicate precondition0 [#"../06_map_precond.rs" 178 14 178 20] (self : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) + predicate precondition0 [#"../06_map_precond.rs" 178 14 178 20] (self : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) = let (x, _3) = args in true - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv1 i -> inv2 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv1 i -> inv2 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } @@ -2170,7 +2177,7 @@ module C06MapPrecond_Identity = true - predicate postcondition_mut0 [#"../06_map_precond.rs" 178 14 178 20] (self : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i)) (args : (item0, Ghost.ghost_ty (Seq.seq item0))) (result : item0) + predicate postcondition_mut0 [#"../06_map_precond.rs" 178 14 178 20] (self : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i)) (args : (item0, Snapshot.snap_ty (Seq.seq item0))) (result : item0) = (let (x, _3) = args in true) /\ unnest0 ( * self) ( ^ self) @@ -2178,14 +2185,14 @@ module C06MapPrecond_Identity predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : item0 . forall f : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv1 i -> inv2 b -> inv5 f -> inv2 e2 -> inv2 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : item0 . forall f : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv1 i -> inv2 b -> inv5 f -> inv2 e2 -> inv2 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) : bool ensures { result = preservation0 iter func } predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : item0 . forall f : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv1 i -> inv2 b -> inv5 f -> inv2 e2 -> inv2 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : item0 . forall f : borrowed (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv1 i -> inv2 b -> inv5 f -> inv2 e2 -> inv2 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv1 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv3 func} @@ -2193,7 +2200,7 @@ module C06MapPrecond_Identity ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv1 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv3 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv6 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed0 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed0 self } @@ -2207,7 +2214,7 @@ module C06MapPrecond_Identity predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i item0 (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i item0 (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) item0) : bool ensures { result = invariant0 self } @@ -2225,12 +2232,12 @@ module C06MapPrecond_Identity ensures { result = resolve0 self } val map0 [#"../06_map_precond.rs" 170 0 173 17] (iter : i) (func : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) : C06MapPrecond_Map_Type.t_map i item0 (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) item0 - requires {[#"../06_map_precond.rs" 166 0 166 128] forall i2 : i . forall e : item0 . inv1 i2 -> inv2 e -> produces0 iter (Seq.singleton e) i2 -> precondition0 func (e, Ghost.new (Seq.empty ))} + requires {[#"../06_map_precond.rs" 166 0 166 131] forall i2 : i . forall e : item0 . inv1 i2 -> inv2 e -> produces0 iter (Seq.singleton e) i2 -> precondition0 func (e, Snapshot.new (Seq.empty ))} requires {[#"../06_map_precond.rs" 167 11 167 41] reinitialize0 ()} requires {[#"../06_map_precond.rs" 168 11 168 51] preservation0 iter func} requires {[#"../06_map_precond.rs" 171 4 171 8] inv1 iter} requires {[#"../06_map_precond.rs" 172 4 172 8] inv3 func} - ensures { [#"../06_map_precond.rs" 169 10 169 72] result = C06MapPrecond_Map_Type.C_Map iter func (Ghost.new (Seq.empty )) } + ensures { [#"../06_map_precond.rs" 169 10 169 75] result = C06MapPrecond_Map_Type.C_Map iter func (Snapshot.new (Seq.empty )) } ensures { [#"../06_map_precond.rs" 173 5 173 17] inv0 result } let rec cfg identity [#"../06_map_precond.rs" 177 0 177 37] [@cfg:stackify] [@cfg:subregion_analysis] (iter : i) : () @@ -2265,7 +2272,7 @@ end module C06MapPrecond_Increment_Closure2_Type use prelude.UInt32 use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int16 type c06mapprecond_increment_closure2 'u = | C06MapPrecond_Increment_Closure2 @@ -2276,7 +2283,7 @@ module C06MapPrecond_Increment_Closure2 use prelude.Int16 use prelude.UInt32 use seq.Seq - use prelude.Ghost + use prelude.Snapshot use C06MapPrecond_Increment_Closure2_Type as C06MapPrecond_Increment_Closure2 predicate unnest0 [#"../06_map_precond.rs" 189 8 189 35] (self : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (_2 : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) @@ -2290,7 +2297,7 @@ module C06MapPrecond_Increment_Closure2 val resolve0 (self : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) : bool ensures { result = resolve0 self } - let rec cfg c06MapPrecond_Increment_Closure2 [#"../06_map_precond.rs" 189 8 189 35] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) (x : uint32) (_3 : Ghost.ghost_ty (Seq.seq uint32)) : uint32 + let rec cfg c06MapPrecond_Increment_Closure2 [#"../06_map_precond.rs" 189 8 189 35] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) (x : uint32) (_3 : Snapshot.snap_ty (Seq.seq uint32)) : uint32 requires {[#"../06_map_precond.rs" 188 19 188 27] UInt32.to_int x <= 15} ensures { [#"../06_map_precond.rs" 189 18 189 33] UInt32.to_int result = UInt32.to_int x + 1 } ensures { unnest0 ( * _1) ( ^ _1) } @@ -2317,17 +2324,17 @@ module C06MapPrecond_Increment type u use prelude.UInt32 use seq.Seq - use prelude.Ghost - predicate invariant8 (self : Ghost.ghost_ty (Seq.seq uint32)) = + use prelude.Snapshot + predicate invariant8 (self : Snapshot.snap_ty (Seq.seq uint32)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant8 (self : Ghost.ghost_ty (Seq.seq uint32)) : bool + val invariant8 (self : Snapshot.snap_ty (Seq.seq uint32)) : bool ensures { result = invariant8 self } - predicate inv8 (_x : Ghost.ghost_ty (Seq.seq uint32)) - val inv8 (_x : Ghost.ghost_ty (Seq.seq uint32)) : bool + predicate inv8 (_x : Snapshot.snap_ty (Seq.seq uint32)) + val inv8 (_x : Snapshot.snap_ty (Seq.seq uint32)) : bool ensures { result = inv8 _x } - axiom inv8 : forall x : Ghost.ghost_ty (Seq.seq uint32) . inv8 x = true + axiom inv8 : forall x : Snapshot.snap_ty (Seq.seq uint32) . inv8 x = true use prelude.Int16 use C06MapPrecond_Increment_Closure2_Type as C06MapPrecond_Increment_Closure2 use prelude.Borrow @@ -2437,30 +2444,30 @@ module C06MapPrecond_Increment true use prelude.UInt32 use prelude.Int - predicate postcondition_mut0 [#"../06_map_precond.rs" 189 8 189 35] (self : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) (args : (uint32, Ghost.ghost_ty (Seq.seq uint32))) (result : uint32) + predicate postcondition_mut0 [#"../06_map_precond.rs" 189 8 189 35] (self : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) (args : (uint32, Snapshot.snap_ty (Seq.seq uint32))) (result : uint32) = (let (x, _3) = args in UInt32.to_int result = UInt32.to_int x + 1) /\ unnest0 ( * self) ( ^ self) - predicate precondition0 [#"../06_map_precond.rs" 189 8 189 35] (self : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (args : (uint32, Ghost.ghost_ty (Seq.seq uint32))) + predicate precondition0 [#"../06_map_precond.rs" 189 8 189 35] (self : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (args : (uint32, Snapshot.snap_ty (Seq.seq uint32))) = [#"../06_map_precond.rs" 188 19 188 27] let (x, _3) = args in UInt32.to_int x <= 15 - use prelude.Ghost + use prelude.Snapshot use seq_ext.SeqExt use seq.Seq use seq.Seq use seq.Seq - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot use seq.Seq predicate produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32) (visited : Seq.seq uint32) (succ : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32) = - [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq uint32 . inv5 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) . inv6 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq uint32 . inv5 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u)) . inv6 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then C06MapPrecond_Map_Type.map_func self = C06MapPrecond_Map_Type.map_func succ else * Seq.get fs 0 = C06MapPrecond_Map_Type.map_func self /\ ^ Seq.get fs (Seq.length visited - 1) = C06MapPrecond_Map_Type.map_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32) (visited : Seq.seq uint32) (succ : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32) : bool ensures { result = produces0 self visited succ } @@ -2492,7 +2499,7 @@ module C06MapPrecond_Increment predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (produced : Seq.seq uint32) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : u . forall e : uint32 . inv2 i -> inv3 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : u . forall e : uint32 . inv2 i -> inv3 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (produced : Seq.seq uint32) : bool ensures { result = next_precondition0 iter func produced } @@ -2500,14 +2507,14 @@ module C06MapPrecond_Increment predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : u . forall b : uint32 . forall f : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv7 f -> inv3 e2 -> inv3 e1 -> inv5 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : u . forall b : uint32 . forall f : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv7 f -> inv3 e2 -> inv3 e1 -> inv5 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) : bool ensures { result = preservation0 iter func } predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (produced : Seq.seq uint32) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : u . forall b : uint32 . forall f : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv7 f -> inv3 e2 -> inv3 e1 -> inv5 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : u . forall b : uint32 . forall f : borrowed (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv7 f -> inv3 e2 -> inv3 e1 -> inv5 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) (produced : Seq.seq uint32) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv2 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv4 func} @@ -2527,7 +2534,7 @@ module C06MapPrecond_Increment predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32) : bool ensures { result = invariant0 self } @@ -2540,12 +2547,12 @@ module C06MapPrecond_Increment ensures { result = resolve0 self } val map0 [#"../06_map_precond.rs" 170 0 173 17] (iter : u) (func : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32 - requires {[#"../06_map_precond.rs" 166 0 166 128] forall i2 : u . forall e : uint32 . inv2 i2 -> inv3 e -> produces1 iter (Seq.singleton e) i2 -> precondition0 func (e, Ghost.new (Seq.empty ))} + requires {[#"../06_map_precond.rs" 166 0 166 131] forall i2 : u . forall e : uint32 . inv2 i2 -> inv3 e -> produces1 iter (Seq.singleton e) i2 -> precondition0 func (e, Snapshot.new (Seq.empty ))} requires {[#"../06_map_precond.rs" 167 11 167 41] reinitialize0 ()} requires {[#"../06_map_precond.rs" 168 11 168 51] preservation0 iter func} requires {[#"../06_map_precond.rs" 171 4 171 8] inv2 iter} requires {[#"../06_map_precond.rs" 172 4 172 8] inv4 func} - ensures { [#"../06_map_precond.rs" 169 10 169 72] result = C06MapPrecond_Map_Type.C_Map iter func (Ghost.new (Seq.empty )) } + ensures { [#"../06_map_precond.rs" 169 10 169 75] result = C06MapPrecond_Map_Type.C_Map iter func (Snapshot.new (Seq.empty )) } ensures { [#"../06_map_precond.rs" 173 5 173 17] inv0 result } let rec cfg increment [#"../06_map_precond.rs" 185 0 185 50] [@cfg:stackify] [@cfg:subregion_analysis] (iter : u) : () @@ -2589,7 +2596,7 @@ end module C06MapPrecond_Counter_Closure2_Type use prelude.UInt32 use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int16 use prelude.UIntSize use prelude.Int @@ -2603,7 +2610,7 @@ module C06MapPrecond_Counter_Closure2 use prelude.Int16 use prelude.UInt32 use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int use prelude.UIntSize use prelude.Borrow @@ -2622,15 +2629,15 @@ module C06MapPrecond_Counter_Closure2 let constant max0 : usize = [@vc:do_not_keep_trace] [@vc:sp] (18446744073709551615 : usize) use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.UIntSize predicate resolve0 (self : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve0 (self : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i)) : bool ensures { result = resolve0 self } - let rec cfg c06MapPrecond_Counter_Closure2 [#"../06_map_precond.rs" 206 8 206 41] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i)) (x : uint32) (_prod : Ghost.ghost_ty (Seq.seq uint32)) : uint32 - requires {[#"../06_map_precond.rs" 205 19 205 61] UIntSize.to_int ( * field_00 ( * _1)) = Seq.length (Ghost.inner _prod) /\ * field_00 ( * _1) < max0} + let rec cfg c06MapPrecond_Counter_Closure2 [#"../06_map_precond.rs" 206 8 206 41] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i)) (x : uint32) (_prod : Snapshot.snap_ty (Seq.seq uint32)) : uint32 + requires {[#"../06_map_precond.rs" 205 19 205 61] UIntSize.to_int ( * field_00 ( * _1)) = Seq.length (Snapshot.inner _prod) /\ * field_00 ( * _1) < max0} ensures { [#"../06_map_precond.rs" 206 18 206 39] UIntSize.to_int ( * field_00 ( ^ _1)) = UIntSize.to_int ( * field_00 ( * _1)) + 1 } ensures { unnest0 ( * _1) ( ^ _1) } @@ -2657,17 +2664,17 @@ module C06MapPrecond_Counter type i use prelude.UInt32 use seq.Seq - use prelude.Ghost - predicate invariant7 (self : Ghost.ghost_ty (Seq.seq uint32)) = + use prelude.Snapshot + predicate invariant7 (self : Snapshot.snap_ty (Seq.seq uint32)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant7 (self : Ghost.ghost_ty (Seq.seq uint32)) : bool + val invariant7 (self : Snapshot.snap_ty (Seq.seq uint32)) : bool ensures { result = invariant7 self } - predicate inv7 (_x : Ghost.ghost_ty (Seq.seq uint32)) - val inv7 (_x : Ghost.ghost_ty (Seq.seq uint32)) : bool + predicate inv7 (_x : Snapshot.snap_ty (Seq.seq uint32)) + val inv7 (_x : Snapshot.snap_ty (Seq.seq uint32)) : bool ensures { result = inv7 _x } - axiom inv7 : forall x : Ghost.ghost_ty (Seq.seq uint32) . inv7 x = true + axiom inv7 : forall x : Snapshot.snap_ty (Seq.seq uint32) . inv7 x = true predicate invariant6 (self : Seq.seq uint32) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true val invariant6 (self : Seq.seq uint32) : bool @@ -2759,7 +2766,7 @@ module C06MapPrecond_Counter let constant max0 : usize = [@vc:do_not_keep_trace] [@vc:sp] (18446744073709551615 : usize) use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.UIntSize function field_00 [#"../06_map_precond.rs" 206 8 206 41] (self : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) : borrowed usize @@ -2768,16 +2775,16 @@ module C06MapPrecond_Counter val field_00 [#"../06_map_precond.rs" 206 8 206 41] (self : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) : borrowed usize ensures { result = field_00 self } - predicate precondition0 [#"../06_map_precond.rs" 206 8 206 41] (self : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) (args : (uint32, Ghost.ghost_ty (Seq.seq uint32))) + predicate precondition0 [#"../06_map_precond.rs" 206 8 206 41] (self : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) (args : (uint32, Snapshot.snap_ty (Seq.seq uint32))) = - [#"../06_map_precond.rs" 205 19 205 61] let (x, _prod) = args in UIntSize.to_int ( * field_00 self) = Seq.length (Ghost.inner _prod) /\ * field_00 self < max0 - use prelude.Ghost + [#"../06_map_precond.rs" 205 19 205 61] let (x, _prod) = args in UIntSize.to_int ( * field_00 self) = Seq.length (Snapshot.inner _prod) /\ * field_00 self < max0 + use prelude.Snapshot use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) (produced : Seq.seq uint32) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : uint32 . inv2 i -> inv3 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : uint32 . inv2 i -> inv3 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) (produced : Seq.seq uint32) : bool ensures { result = next_precondition0 iter func produced } @@ -2785,7 +2792,7 @@ module C06MapPrecond_Counter = ^ field_00 _2 = ^ field_00 self - predicate postcondition_mut0 [#"../06_map_precond.rs" 206 8 206 41] (self : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i)) (args : (uint32, Ghost.ghost_ty (Seq.seq uint32))) (result : uint32) + predicate postcondition_mut0 [#"../06_map_precond.rs" 206 8 206 41] (self : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i)) (args : (uint32, Snapshot.snap_ty (Seq.seq uint32))) (result : uint32) = (let (x, _prod) = args in UIntSize.to_int ( * field_00 ( ^ self)) = UIntSize.to_int ( * field_00 ( * self)) + 1) /\ unnest0 ( * self) ( ^ self) @@ -2793,14 +2800,14 @@ module C06MapPrecond_Counter predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : uint32 . forall f : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv5 f -> inv3 e2 -> inv3 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : uint32 . forall f : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv5 f -> inv3 e2 -> inv3 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) : bool ensures { result = preservation0 iter func } predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) (produced : Seq.seq uint32) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : uint32 . forall f : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv5 f -> inv3 e2 -> inv3 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : uint32 . forall f : borrowed (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) . forall e2 : uint32 . forall e1 : uint32 . forall s : Seq.seq uint32 . inv2 i -> inv3 b -> inv5 f -> inv3 e2 -> inv3 e1 -> inv6 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) (produced : Seq.seq uint32) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv2 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv4 func} @@ -2821,7 +2828,7 @@ module C06MapPrecond_Counter predicate invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i uint32 (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) uint32) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant0 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i uint32 (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) uint32) : bool ensures { result = invariant0 self } @@ -2839,12 +2846,12 @@ module C06MapPrecond_Counter ensures { result = resolve0 self } val map0 [#"../06_map_precond.rs" 170 0 173 17] (iter : i) (func : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) : C06MapPrecond_Map_Type.t_map i uint32 (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) uint32 - requires {[#"../06_map_precond.rs" 166 0 166 128] forall i2 : i . forall e : uint32 . inv2 i2 -> inv3 e -> produces0 iter (Seq.singleton e) i2 -> precondition0 func (e, Ghost.new (Seq.empty ))} + requires {[#"../06_map_precond.rs" 166 0 166 131] forall i2 : i . forall e : uint32 . inv2 i2 -> inv3 e -> produces0 iter (Seq.singleton e) i2 -> precondition0 func (e, Snapshot.new (Seq.empty ))} requires {[#"../06_map_precond.rs" 167 11 167 41] reinitialize0 ()} requires {[#"../06_map_precond.rs" 168 11 168 51] preservation0 iter func} requires {[#"../06_map_precond.rs" 171 4 171 8] inv2 iter} requires {[#"../06_map_precond.rs" 172 4 172 8] inv4 func} - ensures { [#"../06_map_precond.rs" 169 10 169 72] result = C06MapPrecond_Map_Type.C_Map iter func (Ghost.new (Seq.empty )) } + ensures { [#"../06_map_precond.rs" 169 10 169 75] result = C06MapPrecond_Map_Type.C_Map iter func (Snapshot.new (Seq.empty )) } ensures { [#"../06_map_precond.rs" 173 5 173 17] inv0 result } let rec cfg counter [#"../06_map_precond.rs" 201 0 201 48] [@cfg:stackify] [@cfg:subregion_analysis] (iter : i) : () @@ -2903,16 +2910,16 @@ module C06MapPrecond_Impl0 axiom inv12 : forall x : borrowed i . inv12 x = true type item0 use seq.Seq - use prelude.Ghost - predicate invariant11 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant11 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate invariant11 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant11 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant11 self } - predicate inv11 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv11 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv11 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv11 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv11 _x } - axiom inv11 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv11 x = true + axiom inv11 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv11 x = true predicate invariant10 (self : f) val invariant10 (self : f) : bool ensures { result = invariant10 self } @@ -2985,23 +2992,23 @@ module C06MapPrecond_Impl0 ensures { result = inv3 _x } axiom inv3 : forall x : Seq.seq b . inv3 x = true - predicate precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) - val precondition0 (self : f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) : bool + predicate precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) + val precondition0 (self : f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) : bool ensures { result = precondition0 self _2 } - use prelude.Ghost + use prelude.Snapshot predicate produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) val produces1 [#"../common.rs" 8 4 8 65] (self : i) (visited : Seq.seq item0) (o : i) : bool ensures { result = produces1 self visited o } use seq.Seq predicate next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv9 i -> inv6 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../06_map_precond.rs" 84 8 88 9] forall i : i . forall e : item0 . inv9 i -> inv6 e -> produces1 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 [#"../06_map_precond.rs" 83 4 83 74] (iter : i) (func : f) (produced : Seq.seq item0) : bool ensures { result = next_precondition0 iter func produced } - predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) - val postcondition_mut0 (self : borrowed f) (_2 : (item0, Ghost.ghost_ty (Seq.seq item0))) (_3 : b) : bool + predicate postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) + val postcondition_mut0 (self : borrowed f) (_2 : (item0, Snapshot.snap_ty (Seq.seq item0))) (_3 : b) : bool ensures { result = postcondition_mut0 self _2 _3 } use seq.Seq @@ -3011,13 +3018,13 @@ module C06MapPrecond_Impl0 ensures { result = unnest0 self _2 } predicate preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) = - [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv9 i -> inv4 b -> inv5 f -> inv6 e2 -> inv6 e1 -> inv7 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../06_map_precond.rs" 106 8 113 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv9 i -> inv4 b -> inv5 f -> inv6 e2 -> inv6 e1 -> inv7 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 [#"../06_map_precond.rs" 105 4 105 45] (iter : i) (func : f) : bool ensures { result = preservation0 iter func } use seq.Seq predicate preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) = - [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv9 i -> inv4 b -> inv5 f -> inv6 e2 -> inv6 e1 -> inv7 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Ghost.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc (Seq.(++) produced s) e1)) + [#"../06_map_precond.rs" 94 8 101 9] forall i : i . forall b : b . forall f : borrowed f . forall e2 : item0 . forall e1 : item0 . forall s : Seq.seq item0 . inv9 i -> inv4 b -> inv5 f -> inv6 e2 -> inv6 e1 -> inv7 s -> unnest0 func ( * f) -> produces1 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new (Seq.(++) produced s)) -> postcondition_mut0 f (e1, Snapshot.new (Seq.(++) produced s)) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc (Seq.(++) produced s) e1)) val preservation_inv0 [#"../06_map_precond.rs" 93 4 93 73] (iter : i) (func : f) (produced : Seq.seq item0) : bool requires {[#"../06_map_precond.rs" 93 24 93 28] inv9 iter} requires {[#"../06_map_precond.rs" 93 33 93 37] inv10 func} @@ -3025,7 +3032,7 @@ module C06MapPrecond_Impl0 ensures { result = preservation_inv0 iter func produced } axiom preservation_inv0_spec : forall iter : i, func : f, produced : Seq.seq item0 . ([#"../06_map_precond.rs" 93 24 93 28] inv9 iter) -> ([#"../06_map_precond.rs" 93 33 93 37] inv10 func) -> ([#"../06_map_precond.rs" 93 42 93 50] inv7 produced) -> ([#"../06_map_precond.rs" 92 4 92 83] produced = Seq.empty -> preservation_inv0 iter func produced = preservation0 iter func) - use prelude.Ghost + use prelude.Snapshot predicate completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) val completed1 [#"../common.rs" 11 4 11 36] (self : borrowed i) : bool ensures { result = completed1 self } @@ -3037,7 +3044,7 @@ module C06MapPrecond_Impl0 use C06MapPrecond_Map_Type as C06MapPrecond_Map_Type predicate invariant2 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) + [#"../06_map_precond.rs" 159 12 161 73] reinitialize0 () /\ preservation_inv0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) /\ next_precondition0 (C06MapPrecond_Map_Type.map_iter self) (C06MapPrecond_Map_Type.map_func self) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) val invariant2 [#"../06_map_precond.rs" 157 4 157 30] (self : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = invariant2 self } @@ -3076,17 +3083,17 @@ module C06MapPrecond_Impl0 use seq.Seq use prelude.Int use seq.Seq - use prelude.Ghost + use prelude.Snapshot use seq.Seq use seq.Seq predicate produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv7 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv8 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../06_map_precond.rs" 44 8 56 9] unnest0 (C06MapPrecond_Map_Type.map_func self) (C06MapPrecond_Map_Type.map_func succ) /\ (exists s : Seq.seq item0 . inv7 s /\ Seq.length s = Seq.length visited /\ produces1 (C06MapPrecond_Map_Type.map_iter self) s (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) s /\ (exists fs : Seq.seq (borrowed f) . inv8 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then C06MapPrecond_Map_Type.map_func self = C06MapPrecond_Map_Type.map_func succ else * Seq.get fs 0 = C06MapPrecond_Map_Type.map_func self /\ ^ Seq.get fs (Seq.length visited - 1) = C06MapPrecond_Map_Type.map_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (C06MapPrecond_Map_Type.map_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces0 [@inline:trivial] [#"../06_map_precond.rs" 43 4 43 67] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : Seq.seq b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool ensures { result = produces0 self visited succ } @@ -3094,7 +3101,7 @@ module C06MapPrecond_Impl0 predicate produces_one0 [#"../06_map_precond.rs" 142 4 142 57] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) = - [#"../06_map_precond.rs" 143 8 149 9] exists f : borrowed f . inv5 f /\ * f = C06MapPrecond_Map_Type.map_func self /\ ^ f = C06MapPrecond_Map_Type.map_func succ /\ (exists e : item0 . inv6 e /\ produces1 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) (C06MapPrecond_Map_Type.map_iter succ) /\ Ghost.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.snoc (Ghost.inner (C06MapPrecond_Map_Type.map_produced self)) e /\ precondition0 ( * f) (e, C06MapPrecond_Map_Type.map_produced self) /\ postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) visited) + [#"../06_map_precond.rs" 143 8 149 9] exists f : borrowed f . inv5 f /\ * f = C06MapPrecond_Map_Type.map_func self /\ ^ f = C06MapPrecond_Map_Type.map_func succ /\ (exists e : item0 . inv6 e /\ produces1 (C06MapPrecond_Map_Type.map_iter self) (Seq.singleton e) (C06MapPrecond_Map_Type.map_iter succ) /\ Snapshot.inner (C06MapPrecond_Map_Type.map_produced succ) = Seq.snoc (Snapshot.inner (C06MapPrecond_Map_Type.map_produced self)) e /\ precondition0 ( * f) (e, C06MapPrecond_Map_Type.map_produced self) /\ postcondition_mut0 f (e, C06MapPrecond_Map_Type.map_produced self) visited) val produces_one0 [#"../06_map_precond.rs" 142 4 142 57] (self : C06MapPrecond_Map_Type.t_map i b f item0) (visited : b) (succ : C06MapPrecond_Map_Type.t_map i b f item0) : bool requires {[#"../06_map_precond.rs" 142 20 142 24] inv2 self} requires {[#"../06_map_precond.rs" 142 26 142 33] inv4 visited} @@ -3104,7 +3111,7 @@ module C06MapPrecond_Impl0 axiom produces_one0_spec : forall self : C06MapPrecond_Map_Type.t_map i b f item0, visited : b, succ : C06MapPrecond_Map_Type.t_map i b f item0 . ([#"../06_map_precond.rs" 142 20 142 24] inv2 self) -> ([#"../06_map_precond.rs" 142 26 142 33] inv4 visited) -> ([#"../06_map_precond.rs" 142 38 142 42] inv2 succ) -> ([#"../06_map_precond.rs" 141 14 141 68] produces_one0 self visited succ = produces0 self (Seq.singleton visited) succ) predicate completed0 [#"../06_map_precond.rs" 21 4 21 35] (self : borrowed (C06MapPrecond_Map_Type.t_map i b f item0)) = - [#"../06_map_precond.rs" 22 8 25 9] Ghost.inner (C06MapPrecond_Map_Type.map_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (C06MapPrecond_Map_Type.map_iter ( * self)) (C06MapPrecond_Map_Type.map_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ C06MapPrecond_Map_Type.map_func ( * self) = C06MapPrecond_Map_Type.map_func ( ^ self) + [#"../06_map_precond.rs" 22 8 25 9] Snapshot.inner (C06MapPrecond_Map_Type.map_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (C06MapPrecond_Map_Type.map_iter ( * self)) (C06MapPrecond_Map_Type.map_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ C06MapPrecond_Map_Type.map_func ( * self) = C06MapPrecond_Map_Type.map_func ( ^ self) val completed0 [#"../06_map_precond.rs" 21 4 21 35] (self : borrowed (C06MapPrecond_Map_Type.t_map i b f item0)) : bool ensures { result = completed0 self } diff --git a/creusot/tests/should_succeed/iterators/06_map_precond.rs b/creusot/tests/should_succeed/iterators/06_map_precond.rs index edf08f99a5..c2fccaec51 100644 --- a/creusot/tests/should_succeed/iterators/06_map_precond.rs +++ b/creusot/tests/should_succeed/iterators/06_map_precond.rs @@ -7,17 +7,17 @@ mod common; use common::Iterator; // FIXME: make it Map again -pub struct Map>) -> B> { +pub struct Map>) -> B> { iter: I, func: F, - produced: Ghost>, + produced: Snapshot>, } -impl>) -> B> Iterator for Map { +impl>) -> B> Iterator for Map { type Item = B; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { *(^self).produced == Seq::EMPTY && @@ -38,7 +38,7 @@ impl>) -> B> Iterator for M fn produces_trans(a: Self, ab: Seq, b: Self, bc: Seq, c: Self) {} #[open] - #[predicate] + #[predicate(prophetic)] #[why3::attr = "inline:trivial"] fn produces(self, visited: Seq, succ: Self) -> bool { pearlite! { @@ -51,8 +51,8 @@ impl>) -> B> Iterator for M else { *fs[0] == self.func && ^fs[visited.len() - 1] == succ.func } && forall 0 <= i && i < visited.len() ==> self.func.unnest(*fs[i]) - && (*fs[i]).precondition((s[i], Ghost::new(self.produced.concat(s.subsequence(0, i))))) - && fs[i].postcondition_mut((s[i], Ghost::new(self.produced.concat(s.subsequence(0, i)))), visited[i]) + && (*fs[i]).precondition((s[i], Snapshot::new(self.produced.concat(s.subsequence(0, i))))) + && fs[i].postcondition_mut((s[i], Snapshot::new(self.produced.concat(s.subsequence(0, i)))), visited[i]) } } @@ -64,56 +64,56 @@ impl>) -> B> Iterator for M match self.iter.next() { Some(v) => { proof_assert! { self.func.precondition((v, self.produced)) }; - let produced = gh! { self.produced.push(v) }; + let produced = snapshot! { self.produced.push(v) }; let r = (self.func)(v, self.produced); self.produced = produced; - gh! { Self::produces_one_invariant }; + snapshot! { Self::produces_one_invariant }; Some(r) } None => { - self.produced = gh! { Seq::EMPTY }; + self.produced = snapshot! { Seq::EMPTY }; None } } } } -impl>) -> B> Map { - #[predicate] +impl>) -> B> Map { + #[predicate(prophetic)] fn next_precondition(iter: I, func: F, produced: Seq) -> bool { pearlite! { forall iter.produces(Seq::singleton(e), i) ==> - func.precondition((e, Ghost::new(produced))) + func.precondition((e, Snapshot::new(produced))) } } - #[predicate] + #[predicate(prophetic)] #[ensures(produced == Seq::EMPTY ==> result == Self::preservation(iter, func))] fn preservation_inv(iter: I, func: F, produced: Seq) -> bool { pearlite! { forall, e1: I::Item, e2: I::Item, f: &mut F, b: B, i: I> func.unnest(*f) ==> iter.produces(s.push(e1).push(e2), i) ==> - (*f).precondition((e1, Ghost::new(produced.concat(s)))) ==> - f.postcondition_mut((e1, Ghost::new(produced.concat(s))), b) ==> - (^f).precondition((e2, Ghost::new(produced.concat(s).push(e1)))) + (*f).precondition((e1, Snapshot::new(produced.concat(s)))) ==> + f.postcondition_mut((e1, Snapshot::new(produced.concat(s))), b) ==> + (^f).precondition((e2, Snapshot::new(produced.concat(s).push(e1)))) } } - #[predicate] + #[predicate(prophetic)] fn preservation(iter: I, func: F) -> bool { pearlite! { forall, e1: I::Item, e2: I::Item, f: &mut F, b: B, i: I> func.unnest(*f) ==> iter.produces(s.push(e1).push(e2), i) ==> - (*f).precondition((e1, Ghost::new(s))) ==> - f.postcondition_mut((e1, Ghost::new(s)), b) ==> - (^f).precondition((e2, Ghost::new(s.push(e1)))) + (*f).precondition((e1, Snapshot::new(s))) ==> + f.postcondition_mut((e1, Snapshot::new(s)), b) ==> + (^f).precondition((e2, Snapshot::new(s.push(e1)))) } } - #[predicate] + #[predicate(prophetic)] fn reinitialize() -> bool { pearlite! { forall @@ -123,7 +123,7 @@ impl>) -> B> Map { } } - #[ghost] + #[logic] #[requires(self.iter.produces(Seq::singleton(e), iter))] #[requires(*f == self.func)] #[requires(f.postcondition_mut((e, self.produced), r) )] @@ -137,7 +137,7 @@ impl>) -> B> Map { } } - #[predicate] + #[predicate(prophetic)] #[ensures(result == self.produces(Seq::singleton(visited), succ))] fn produces_one(self, visited: B, succ: Self) -> bool { pearlite! { @@ -150,9 +150,9 @@ impl>) -> B> Map { } } -impl>) -> B> Invariant for Map { +impl>) -> B> Invariant for Map { // Should not quantify over self or the `invariant` cannot be made into a type invariant - #[predicate] + #[predicate(prophetic)] #[open(self)] fn invariant(self) -> bool { pearlite! { @@ -163,15 +163,15 @@ impl>) -> B> Invariant for } } -#[requires(forall iter.produces(Seq::singleton(e), i2) ==> func.precondition((e, Ghost::new(Seq::EMPTY))))] +#[requires(forall iter.produces(Seq::singleton(e), i2) ==> func.precondition((e, Snapshot::new(Seq::EMPTY))))] #[requires(Map::::reinitialize())] #[requires(Map::::preservation(iter, func))] -#[ensures(result == Map { iter, func, produced: Ghost::new(Seq::EMPTY) })] -pub fn map>) -> B>( +#[ensures(result == Map { iter, func, produced: Snapshot::new(Seq::EMPTY) })] +pub fn map>) -> B>( iter: I, func: F, ) -> Map { - Map { iter, func, produced: gh! {Seq::EMPTY} } + Map { iter, func, produced: snapshot! {Seq::EMPTY} } } pub fn identity(iter: I) { @@ -204,7 +204,7 @@ pub fn counter>(iter: I) { iter, #[requires(cnt@ == (*_prod).len() && cnt < usize::MAX)] #[ensures(cnt@ == old(cnt)@ + 1)] - |x, _prod: Ghost>| { + |x, _prod: Snapshot>| { cnt += 1; x }, diff --git a/creusot/tests/should_succeed/iterators/07_fuse.rs b/creusot/tests/should_succeed/iterators/07_fuse.rs index 878ec75dba..c8bc3eb543 100644 --- a/creusot/tests/should_succeed/iterators/07_fuse.rs +++ b/creusot/tests/should_succeed/iterators/07_fuse.rs @@ -12,7 +12,7 @@ impl Iterator for Fuse { type Item = I::Item; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (self.iter == None || exists it.completed() && self.iter == Some(*it)) && @@ -21,7 +21,7 @@ impl Iterator for Fuse { } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, prod: Seq, other: Self) -> bool { match self.iter { None => prod == Seq::EMPTY && other.iter == self.iter, diff --git a/creusot/tests/should_succeed/iterators/08_collect_extend.mlcfg b/creusot/tests/should_succeed/iterators/08_collect_extend.mlcfg index cf85fe4f6a..ab943e1f82 100644 --- a/creusot/tests/should_succeed/iterators/08_collect_extend.mlcfg +++ b/creusot/tests/should_succeed/iterators/08_collect_extend.mlcfg @@ -157,35 +157,35 @@ module C08CollectExtend_Extend ensures { result = invariant3 self } axiom inv3 : forall x : i . inv3 x = true - use prelude.Ghost - predicate invariant2 (self : Ghost.ghost_ty (Seq.seq t)) - val invariant2 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + predicate invariant2 (self : Snapshot.snap_ty (Seq.seq t)) + val invariant2 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = invariant2 self } - predicate inv2 (_x : Ghost.ghost_ty (Seq.seq t)) - val inv2 (_x : Ghost.ghost_ty (Seq.seq t)) : bool + predicate inv2 (_x : Snapshot.snap_ty (Seq.seq t)) + val inv2 (_x : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = inv2 _x } - axiom inv2 : forall x : Ghost.ghost_ty (Seq.seq t) . inv2 x = true - predicate invariant1 (self : Ghost.ghost_ty i) - val invariant1 (self : Ghost.ghost_ty i) : bool + axiom inv2 : forall x : Snapshot.snap_ty (Seq.seq t) . inv2 x = true + predicate invariant1 (self : Snapshot.snap_ty i) + val invariant1 (self : Snapshot.snap_ty i) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Ghost.ghost_ty i) - val inv1 (_x : Ghost.ghost_ty i) : bool + predicate inv1 (_x : Snapshot.snap_ty i) + val inv1 (_x : Snapshot.snap_ty i) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Ghost.ghost_ty i . inv1 x = true - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + axiom inv1 : forall x : Snapshot.snap_ty i . inv1 x = true + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true predicate completed0 (self : borrowed i) val completed0 (self : borrowed i) : bool ensures { result = completed0 self } @@ -230,33 +230,33 @@ module C08CollectExtend_Extend ensures { inv5 result } use seq.Seq - use prelude.Ghost + use prelude.Snapshot function shallow_model3 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t = [#"../../../../../creusot-contracts/src/model.rs" 83 8 83 31] shallow_model0 self val shallow_model3 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model3 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model3 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model3 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model1 self } - use prelude.Ghost - use prelude.Ghost - predicate resolve2 (self : Ghost.ghost_ty (Seq.seq t)) - val resolve2 (self : Ghost.ghost_ty (Seq.seq t)) : bool + use prelude.Snapshot + use prelude.Snapshot + predicate resolve2 (self : Snapshot.snap_ty (Seq.seq t)) + val resolve2 (self : Snapshot.snap_ty (Seq.seq t)) : bool ensures { result = resolve2 self } - use prelude.Ghost - predicate resolve1 (self : Ghost.ghost_ty i) - val resolve1 (self : Ghost.ghost_ty i) : bool + use prelude.Snapshot + predicate resolve1 (self : Snapshot.snap_ty i) + val resolve1 (self : Snapshot.snap_ty i) : bool ensures { result = resolve1 self } - use prelude.Ghost + use prelude.Snapshot predicate into_iter_post0 (self : i) (res : i) = [#"../../../../../creusot-contracts/src/std/iter.rs" 80 8 80 19] self = res val into_iter_post0 (self : i) (res : i) : bool @@ -273,11 +273,12 @@ module C08CollectExtend_Extend ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 89 0 166 1] into_iter_post0 self result } ensures { inv3 result } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg extend [#"../08_collect_extend.rs" 25 0 25 66] [@cfg:stackify] [@cfg:subregion_analysis] (vec : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) (iter : i) : () requires {[#"../08_collect_extend.rs" 25 40 25 43] inv7 vec} requires {[#"../08_collect_extend.rs" 25 58 25 62] inv3 iter} @@ -287,15 +288,15 @@ module C08CollectExtend_Extend var _0 : (); var vec : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = vec; var iter : i = iter; - var old_vec : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_vec : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var iter1 : i; - var iter_old : Ghost.ghost_ty i; - var produced : Ghost.ghost_ty (Seq.seq t); + var iter_old : Snapshot.snap_ty i; + var produced : Snapshot.snap_ty (Seq.seq t); var _17 : Core_Option_Option_Type.t_option t; var _18 : borrowed i; var _19 : borrowed i; var __creusot_proc_iter_elem : t; - var _22 : Ghost.ghost_ty (Seq.seq t); + var _22 : Snapshot.snap_ty (Seq.seq t); var x : t; var _25 : (); var _26 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); @@ -306,7 +307,7 @@ module C08CollectExtend_Extend goto BB1 } BB1 { - [#"../08_collect_extend.rs" 26 18 26 29] old_vec <- ([#"../08_collect_extend.rs" 26 18 26 29] Ghost.new vec); + [#"../08_collect_extend.rs" 26 18 26 35] old_vec <- ([#"../08_collect_extend.rs" 26 18 26 35] Snapshot.new vec); goto BB2 } BB2 { @@ -317,13 +318,13 @@ module C08CollectExtend_Extend goto BB3 } BB3 { - [#"../08_collect_extend.rs" 27 4 27 35] iter_old <- ([#"../08_collect_extend.rs" 27 4 27 35] Ghost.new iter1); + [#"../08_collect_extend.rs" 27 4 27 35] iter_old <- ([#"../08_collect_extend.rs" 27 4 27 35] Snapshot.new iter1); goto BB4 } BB4 { assert { [@expl:type invariant] inv1 iter_old }; assume { resolve1 iter_old }; - [#"../08_collect_extend.rs" 27 4 27 35] produced <- ([#"../08_collect_extend.rs" 27 4 27 35] Ghost.new (Seq.empty )); + [#"../08_collect_extend.rs" 27 4 27 35] produced <- ([#"../08_collect_extend.rs" 27 4 27 35] Snapshot.new (Seq.empty )); goto BB5 } BB5 { @@ -339,9 +340,9 @@ module C08CollectExtend_Extend } BB8 { invariant { [#"../08_collect_extend.rs" 27 4 27 35] inv3 iter1 }; - invariant { [#"../08_collect_extend.rs" 27 4 27 35] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter1 }; - invariant { [#"../08_collect_extend.rs" 27 16 27 33] ^ Ghost.inner old_vec = ^ vec }; - invariant { [#"../08_collect_extend.rs" 27 4 27 35] Seq.(==) (shallow_model0 vec) (Seq.(++) (shallow_model1 old_vec) (Ghost.inner produced)) }; + invariant { [#"../08_collect_extend.rs" 27 4 27 35] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter1 }; + invariant { [#"../08_collect_extend.rs" 27 16 27 33] ^ Snapshot.inner old_vec = ^ vec }; + invariant { [#"../08_collect_extend.rs" 27 4 27 35] Seq.(==) (shallow_model0 vec) (Seq.(++) (shallow_model1 old_vec) (Snapshot.inner produced)) }; goto BB9 } BB9 { @@ -387,20 +388,20 @@ module C08CollectExtend_Extend absurd } BB14 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] _17 <- (let Core_Option_Option_Type.C_Some x0 = _17 in Core_Option_Option_Type.C_Some (any t)); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] _17 <- (let Core_Option_Option_Type.C_Some x0 = _17 in Core_Option_Option_Type.C_Some (any t)); assert { [@expl:type invariant] inv5 _17 }; assume { resolve4 _17 }; - [#"../08_collect_extend.rs" 27 4 27 35] _22 <- ([#"../08_collect_extend.rs" 27 4 27 35] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../08_collect_extend.rs" 27 4 27 35] _22 <- ([#"../08_collect_extend.rs" 27 4 27 35] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB15 } BB15 { [#"../08_collect_extend.rs" 27 4 27 35] produced <- ([#"../08_collect_extend.rs" 27 4 27 35] _22); - [#"../08_collect_extend.rs" 27 4 27 35] _22 <- any Ghost.ghost_ty (Seq.seq t); + [#"../08_collect_extend.rs" 27 4 27 35] _22 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv2 produced }; assume { resolve2 produced }; - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- any t; + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- any t; [#"../08_collect_extend.rs" 30 8 30 11] _26 <- Borrow.borrow_mut ( * vec); [#"../08_collect_extend.rs" 30 8 30 11] vec <- { vec with current = ( ^ _26) ; }; assume { inv6 ( ^ _26) }; @@ -540,25 +541,25 @@ module C08CollectExtend_Collect ensures { result = invariant2 self } axiom inv2 : forall x : i . inv2 x = true - use prelude.Ghost - predicate invariant1 (self : Ghost.ghost_ty (Seq.seq item0)) - val invariant1 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + predicate invariant1 (self : Snapshot.snap_ty (Seq.seq item0)) + val invariant1 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = invariant1 self } - predicate inv1 (_x : Ghost.ghost_ty (Seq.seq item0)) - val inv1 (_x : Ghost.ghost_ty (Seq.seq item0)) : bool + predicate inv1 (_x : Snapshot.snap_ty (Seq.seq item0)) + val inv1 (_x : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = inv1 _x } - axiom inv1 : forall x : Ghost.ghost_ty (Seq.seq item0) . inv1 x = true - predicate invariant0 (self : Ghost.ghost_ty i) - val invariant0 (self : Ghost.ghost_ty i) : bool + axiom inv1 : forall x : Snapshot.snap_ty (Seq.seq item0) . inv1 x = true + predicate invariant0 (self : Snapshot.snap_ty i) + val invariant0 (self : Snapshot.snap_ty i) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty i) - val inv0 (_x : Ghost.ghost_ty i) : bool + predicate inv0 (_x : Snapshot.snap_ty i) + val inv0 (_x : Snapshot.snap_ty i) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty i . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty i . inv0 x = true predicate completed0 (self : borrowed i) val completed0 (self : borrowed i) : bool ensures { result = completed0 self } @@ -616,19 +617,19 @@ module C08CollectExtend_Collect ensures { inv4 result } use seq.Seq - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - predicate resolve1 (self : Ghost.ghost_ty (Seq.seq item0)) - val resolve1 (self : Ghost.ghost_ty (Seq.seq item0)) : bool + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + predicate resolve1 (self : Snapshot.snap_ty (Seq.seq item0)) + val resolve1 (self : Snapshot.snap_ty (Seq.seq item0)) : bool ensures { result = resolve1 self } - use prelude.Ghost - predicate resolve0 (self : Ghost.ghost_ty i) - val resolve0 (self : Ghost.ghost_ty i) : bool + use prelude.Snapshot + predicate resolve0 (self : Snapshot.snap_ty i) + val resolve0 (self : Snapshot.snap_ty i) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot predicate into_iter_post0 (self : i) (res : i) = [#"../../../../../creusot-contracts/src/std/iter.rs" 80 8 80 19] self = res val into_iter_post0 (self : i) (res : i) : bool @@ -659,13 +660,13 @@ module C08CollectExtend_Collect var iter : i = iter; var res : Alloc_Vec_Vec_Type.t_vec item0 (Alloc_Alloc_Global_Type.t_global); var iter1 : i; - var iter_old : Ghost.ghost_ty i; - var produced : Ghost.ghost_ty (Seq.seq item0); + var iter_old : Snapshot.snap_ty i; + var produced : Snapshot.snap_ty (Seq.seq item0); var _15 : Core_Option_Option_Type.t_option item0; var _16 : borrowed i; var _17 : borrowed i; var __creusot_proc_iter_elem : item0; - var _20 : Ghost.ghost_ty (Seq.seq item0); + var _20 : Snapshot.snap_ty (Seq.seq item0); var x : item0; var _23 : (); var _24 : borrowed (Alloc_Vec_Vec_Type.t_vec item0 (Alloc_Alloc_Global_Type.t_global)); @@ -685,13 +686,13 @@ module C08CollectExtend_Collect goto BB3 } BB3 { - [#"../08_collect_extend.rs" 45 4 45 40] iter_old <- ([#"../08_collect_extend.rs" 45 4 45 40] Ghost.new iter1); + [#"../08_collect_extend.rs" 45 4 45 40] iter_old <- ([#"../08_collect_extend.rs" 45 4 45 40] Snapshot.new iter1); goto BB4 } BB4 { assert { [@expl:type invariant] inv0 iter_old }; assume { resolve0 iter_old }; - [#"../08_collect_extend.rs" 45 4 45 40] produced <- ([#"../08_collect_extend.rs" 45 4 45 40] Ghost.new (Seq.empty )); + [#"../08_collect_extend.rs" 45 4 45 40] produced <- ([#"../08_collect_extend.rs" 45 4 45 40] Snapshot.new (Seq.empty )); goto BB5 } BB5 { @@ -710,8 +711,8 @@ module C08CollectExtend_Collect } BB9 { invariant { [#"../08_collect_extend.rs" 45 4 45 40] inv2 iter1 }; - invariant { [#"../08_collect_extend.rs" 45 4 45 40] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter1 }; - invariant { [#"../08_collect_extend.rs" 45 4 45 40] Seq.(==) (shallow_model0 res) (Ghost.inner produced) }; + invariant { [#"../08_collect_extend.rs" 45 4 45 40] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter1 }; + invariant { [#"../08_collect_extend.rs" 45 4 45 40] Seq.(==) (shallow_model0 res) (Snapshot.inner produced) }; goto BB10 } BB10 { @@ -754,20 +755,20 @@ module C08CollectExtend_Collect absurd } BB15 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _15); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] _15 <- (let Core_Option_Option_Type.C_Some x0 = _15 in Core_Option_Option_Type.C_Some (any item0)); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _15); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] _15 <- (let Core_Option_Option_Type.C_Some x0 = _15 in Core_Option_Option_Type.C_Some (any item0)); assert { [@expl:type invariant] inv4 _15 }; assume { resolve3 _15 }; - [#"../08_collect_extend.rs" 45 4 45 40] _20 <- ([#"../08_collect_extend.rs" 45 4 45 40] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../08_collect_extend.rs" 45 4 45 40] _20 <- ([#"../08_collect_extend.rs" 45 4 45 40] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB16 } BB16 { [#"../08_collect_extend.rs" 45 4 45 40] produced <- ([#"../08_collect_extend.rs" 45 4 45 40] _20); - [#"../08_collect_extend.rs" 45 4 45 40] _20 <- any Ghost.ghost_ty (Seq.seq item0); + [#"../08_collect_extend.rs" 45 4 45 40] _20 <- any Snapshot.snap_ty (Seq.seq item0); assert { [@expl:type invariant] inv1 produced }; assume { resolve1 produced }; - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- any item0; + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- any item0; [#"../08_collect_extend.rs" 47 8 47 11] _24 <- Borrow.borrow_mut res; [#"../08_collect_extend.rs" 47 8 47 11] res <- ^ _24; assume { inv5 ( ^ _24) }; @@ -960,7 +961,7 @@ module C08CollectExtend_ExtendIndex ensures { result = inv0 _x } axiom inv0 : forall x : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global) . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use seq.Seq use prelude.Slice function shallow_model6 (self : slice uint32) : Seq.seq uint32 @@ -974,10 +975,10 @@ module C08CollectExtend_ExtendIndex val shallow_model2 (self : slice uint32) : Seq.seq uint32 ensures { result = shallow_model2 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (slice uint32)) : Seq.seq uint32 = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model2 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (slice uint32)) : Seq.seq uint32 + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (slice uint32)) : Seq.seq uint32 = + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model2 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (slice uint32)) : Seq.seq uint32 ensures { result = shallow_model1 self } predicate resolve2 (self : uint32) = @@ -1054,7 +1055,7 @@ module C08CollectExtend_ExtendIndex ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 89 0 166 1] into_iter_post0 self result } ensures { inv3 result } - use prelude.Ghost + use prelude.Snapshot function shallow_model3 (self : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)) : Seq.seq uint32 = [#"../../../../../creusot-contracts/src/model.rs" 83 8 83 31] shallow_model0 self val shallow_model3 (self : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)) : Seq.seq uint32 @@ -1071,8 +1072,8 @@ module C08CollectExtend_ExtendIndex var _0 : (); var v1 : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global) = v1; var v2 : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global) = v2; - var oldv1 : Ghost.ghost_ty (slice uint32); - var oldv2 : Ghost.ghost_ty (slice uint32); + var oldv1 : Snapshot.snap_ty (slice uint32); + var oldv2 : Snapshot.snap_ty (slice uint32); var _7 : (); var _8 : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)); var _9 : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)); @@ -1081,11 +1082,11 @@ module C08CollectExtend_ExtendIndex goto BB0 } BB0 { - [#"../08_collect_extend.rs" 53 16 53 27] oldv1 <- ([#"../08_collect_extend.rs" 53 16 53 27] Ghost.new (deref0 v1)); + [#"../08_collect_extend.rs" 53 16 53 33] oldv1 <- ([#"../08_collect_extend.rs" 53 16 53 33] Snapshot.new (deref0 v1)); goto BB1 } BB1 { - [#"../08_collect_extend.rs" 54 16 54 27] oldv2 <- ([#"../08_collect_extend.rs" 54 16 54 27] Ghost.new (deref0 v2)); + [#"../08_collect_extend.rs" 54 16 54 33] oldv2 <- ([#"../08_collect_extend.rs" 54 16 54 33] Snapshot.new (deref0 v2)); goto BB2 } BB2 { diff --git a/creusot/tests/should_succeed/iterators/08_collect_extend.rs b/creusot/tests/should_succeed/iterators/08_collect_extend.rs index 166950392d..1a6d1857e3 100644 --- a/creusot/tests/should_succeed/iterators/08_collect_extend.rs +++ b/creusot/tests/should_succeed/iterators/08_collect_extend.rs @@ -23,7 +23,7 @@ use creusot_contracts::{ done.completed() && iter.produces(prod, *done) && (^vec)@ == vec@.concat(prod) )] pub fn extend>(vec: &mut Vec, iter: I) { - let old_vec = gh! { vec }; + let old_vec = snapshot! { vec }; #[invariant(^*old_vec == ^vec)] #[invariant(vec@.ext_eq(old_vec@.concat(*produced)))] for x in iter { @@ -50,8 +50,8 @@ pub fn collect(iter: I) -> Vec { } pub fn extend_index(mut v1: Vec, v2: Vec) { - let oldv1 = gh! { *v1 }; - let oldv2 = gh! { *v2 }; + let oldv1 = snapshot! { *v1 }; + let oldv2 = snapshot! { *v2 }; extend(&mut v1, v2.into_iter()); proof_assert! { v1@.ext_eq(oldv1@.concat(oldv2@)) }; diff --git a/creusot/tests/should_succeed/iterators/09_empty.rs b/creusot/tests/should_succeed/iterators/09_empty.rs index 0fd5cb45f6..e0658ab9f2 100644 --- a/creusot/tests/should_succeed/iterators/09_empty.rs +++ b/creusot/tests/should_succeed/iterators/09_empty.rs @@ -11,7 +11,7 @@ impl Iterator for Empty { type Item = T; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.resolve() } } diff --git a/creusot/tests/should_succeed/iterators/10_once.rs b/creusot/tests/should_succeed/iterators/10_once.rs index bf2e7392ce..3562488054 100644 --- a/creusot/tests/should_succeed/iterators/10_once.rs +++ b/creusot/tests/should_succeed/iterators/10_once.rs @@ -11,7 +11,7 @@ impl Iterator for Once { type Item = T; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { *self == Once(None) && self.resolve() } } diff --git a/creusot/tests/should_succeed/iterators/12_zip.rs b/creusot/tests/should_succeed/iterators/12_zip.rs index 38e5172a97..cf9eff0d14 100644 --- a/creusot/tests/should_succeed/iterators/12_zip.rs +++ b/creusot/tests/should_succeed/iterators/12_zip.rs @@ -14,7 +14,7 @@ impl Iterator for Zip { type Item = (A::Item, B::Item); #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (self.a.completed() && (*self).b == (^self).b) @@ -24,7 +24,7 @@ impl Iterator for Zip { } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, tl: Self) -> bool { pearlite! { // Using an `unzip` definition doesn't work well because of issues related to datatypes and `match` diff --git a/creusot/tests/should_succeed/iterators/13_cloned.rs b/creusot/tests/should_succeed/iterators/13_cloned.rs index d68f82990a..c7ec63276d 100644 --- a/creusot/tests/should_succeed/iterators/13_cloned.rs +++ b/creusot/tests/should_succeed/iterators/13_cloned.rs @@ -18,13 +18,13 @@ where type Item = T; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.iter.completed() } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { exists> self.iter.produces(s, o.iter) diff --git a/creusot/tests/should_succeed/iterators/14_copied.rs b/creusot/tests/should_succeed/iterators/14_copied.rs index c29d7aa0dc..4a63babd9b 100644 --- a/creusot/tests/should_succeed/iterators/14_copied.rs +++ b/creusot/tests/should_succeed/iterators/14_copied.rs @@ -18,13 +18,13 @@ where type Item = T; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.iter.completed() } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { exists> self.iter.produces(s, o.iter) diff --git a/creusot/tests/should_succeed/iterators/15_enumerate.rs b/creusot/tests/should_succeed/iterators/15_enumerate.rs index f0f7c28c7f..d800aecd7c 100644 --- a/creusot/tests/should_succeed/iterators/15_enumerate.rs +++ b/creusot/tests/should_succeed/iterators/15_enumerate.rs @@ -18,13 +18,13 @@ where type Item = (usize, I::Item); #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { self.iter.completed() } } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { visited.len() == o.count@ - self.count@ @@ -67,7 +67,7 @@ where I: Iterator, { #[open] - #[predicate] + #[predicate(prophetic)] fn invariant(self) -> bool { pearlite! { (forall, i: I> self.iter.produces(s, i) ==> self.count@ + s.len() < std::usize::MAX@) diff --git a/creusot/tests/should_succeed/iterators/16_take.rs b/creusot/tests/should_succeed/iterators/16_take.rs index 77a3350d59..7563da5509 100644 --- a/creusot/tests/should_succeed/iterators/16_take.rs +++ b/creusot/tests/should_succeed/iterators/16_take.rs @@ -18,7 +18,7 @@ where type Item = I::Item; #[open] - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool { pearlite! { (*self).n@ == 0 && self.resolve() || @@ -27,7 +27,7 @@ where } #[open] - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool { pearlite! { self.n@ == o.n@ + visited.len() && self.iter.produces(visited, o.iter) diff --git a/creusot/tests/should_succeed/iterators/common.rs b/creusot/tests/should_succeed/iterators/common.rs index fb815fb51c..17f5e5e258 100644 --- a/creusot/tests/should_succeed/iterators/common.rs +++ b/creusot/tests/should_succeed/iterators/common.rs @@ -4,10 +4,10 @@ use creusot_contracts::{logic::Seq, *}; pub trait Iterator { type Item; - #[predicate] + #[predicate(prophetic)] fn produces(self, visited: Seq, o: Self) -> bool; - #[predicate] + #[predicate(prophetic)] fn completed(&mut self) -> bool; #[law] diff --git a/creusot/tests/should_succeed/knapsack.rs b/creusot/tests/should_succeed/knapsack.rs index 90ddb4b5c0..bbbf0c160c 100644 --- a/creusot/tests/should_succeed/knapsack.rs +++ b/creusot/tests/should_succeed/knapsack.rs @@ -26,7 +26,7 @@ fn max(a: usize, b: usize) -> usize { /// * $m[0,\,w]=0$ /// * $m[i,\,w]=m[i-1,\,w]$ if $w_i > w\,\!$ (the new item is more than the current weight limit) /// * $m[i,\,w]=\max(m[i-1,\,w],\,m[i-1,w-w_i]+v_i)$ if $w_i \leqslant w$. -#[ghost] +#[logic] #[variant(i)] #[requires(0 <= i && i <= items.len())] #[requires(0 <= w)] diff --git a/creusot/tests/should_succeed/knapsack_full.mlcfg b/creusot/tests/should_succeed/knapsack_full.mlcfg index 72f2c91618..a45e9fe18e 100644 --- a/creusot/tests/should_succeed/knapsack_full.mlcfg +++ b/creusot/tests/should_succeed/knapsack_full.mlcfg @@ -666,7 +666,7 @@ module KnapsackFull_Knapsack01Dyn val index_logic4 [@inline:trivial] (self : Alloc_Vec_Vec_Type.t_vec (KnapsackFull_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global)) (ix : int) : KnapsackFull_Item_Type.t_item name ensures { result = index_logic4 self ix } - use prelude.Ghost + use prelude.Snapshot use seq.Seq function shallow_model10 (self : borrowed (Alloc_Vec_Vec_Type.t_vec (KnapsackFull_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global))) : Seq.seq (KnapsackFull_Item_Type.t_item name) @@ -895,8 +895,8 @@ module KnapsackFull_Knapsack01Dyn end } ensures { inv13 result } - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post1 (self : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize) (res : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize) = @@ -989,11 +989,11 @@ module KnapsackFull_Knapsack01Dyn ensures { result = m0 items i w } axiom m0_spec : forall items : Seq.seq (KnapsackFull_Item_Type.t_item name), i : int, w : int . ([#"../knapsack_full.rs" 60 11 60 37] 0 <= i /\ i <= Seq.length items) -> ([#"../knapsack_full.rs" 61 11 61 17] 0 <= w) -> ([#"../knapsack_full.rs" 66 11 66 16] inv11 items) -> ([#"../knapsack_full.rs" 63 0 65 2] forall j : int . forall s : Seq.seq (KnapsackFull_Item_Type.t_item name) . inv3 s -> 0 <= j /\ j <= Seq.length s /\ subseq_rev0 s j items i /\ sum_weights0 s j <= w -> sum_values0 s j <= m0 items i w) && ([#"../knapsack_full.rs" 62 10 62 21] m0 items i w >= 0) - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -1047,26 +1047,26 @@ module KnapsackFull_Knapsack01Dyn var _14 : usize; var iter : Core_Ops_Range_Range_Type.t_range usize; var _19 : usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _31 : (); var _32 : Core_Option_Option_Type.t_option usize; var _33 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _34 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _37 : Ghost.ghost_ty (Seq.seq usize); + var _37 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var it : KnapsackFull_Item_Type.t_item name; var _41 : KnapsackFull_Item_Type.t_item name; var iter1 : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize; var _45 : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize; - var iter_old1 : Ghost.ghost_ty (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); - var produced1 : Ghost.ghost_ty (Seq.seq usize); + var iter_old1 : Snapshot.snap_ty (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); + var produced1 : Snapshot.snap_ty (Seq.seq usize); var _58 : Core_Option_Option_Type.t_option usize; var _59 : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); var _60 : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); var __creusot_proc_iter_elem1 : usize; - var _63 : Ghost.ghost_ty (Seq.seq usize); + var _63 : Snapshot.snap_ty (Seq.seq usize); var w : usize; var _66 : usize; var _70 : usize; @@ -1118,11 +1118,11 @@ module KnapsackFull_Knapsack01Dyn goto BB5 } BB5 { - [#"../knapsack_full.rs" 88 4 88 55] iter_old <- ([#"../knapsack_full.rs" 88 4 88 55] Ghost.new iter); + [#"../knapsack_full.rs" 88 4 88 55] iter_old <- ([#"../knapsack_full.rs" 88 4 88 55] Snapshot.new iter); goto BB6 } BB6 { - [#"../knapsack_full.rs" 88 4 88 55] produced <- ([#"../knapsack_full.rs" 88 4 88 55] Ghost.new (Seq.empty )); + [#"../knapsack_full.rs" 88 4 88 55] produced <- ([#"../knapsack_full.rs" 88 4 88 55] Snapshot.new (Seq.empty )); goto BB7 } BB7 { @@ -1142,10 +1142,10 @@ module KnapsackFull_Knapsack01Dyn } BB12 { invariant { [#"../knapsack_full.rs" 88 4 88 55] inv0 iter }; - invariant { [#"../knapsack_full.rs" 88 4 88 55] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../knapsack_full.rs" 88 4 88 55] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../knapsack_full.rs" 88 16 88 53] Seq.length (shallow_model0 items) + 1 = Seq.length (shallow_model1 best_value) }; invariant { [#"../knapsack_full.rs" 88 4 88 55] forall i : int . 0 <= i /\ i < Seq.length (shallow_model1 best_value) -> UIntSize.to_int max_weight + 1 = Seq.length (shallow_model3 (index_logic0 best_value i)) }; - invariant { [#"../knapsack_full.rs" 88 4 88 55] forall ww : int . forall ii : int . 0 <= ii /\ ii <= Seq.length (Ghost.inner produced) /\ 0 <= ww /\ ww <= UIntSize.to_int max_weight -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value ii)) ww) = m0 (shallow_model0 items) ii ww }; + invariant { [#"../knapsack_full.rs" 88 4 88 55] forall ww : int . forall ii : int . 0 <= ii /\ ii <= Seq.length (Snapshot.inner produced) /\ 0 <= ww /\ ww <= UIntSize.to_int max_weight -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value ii)) ww) = m0 (shallow_model0 items) ii ww }; invariant { [#"../knapsack_full.rs" 88 4 88 55] forall ww : int . forall ii : int . 0 <= ii /\ ii <= Seq.length (shallow_model0 items) /\ 0 <= ww /\ ww <= UIntSize.to_int max_weight -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value ii)) ww) <= 10000000 * ii }; goto BB13 } @@ -1177,14 +1177,14 @@ module KnapsackFull_Knapsack01Dyn absurd } BB18 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _32); - [#"../knapsack_full.rs" 88 4 88 55] _37 <- ([#"../knapsack_full.rs" 88 4 88 55] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _32); + [#"../knapsack_full.rs" 88 4 88 55] _37 <- ([#"../knapsack_full.rs" 88 4 88 55] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB19 } BB19 { [#"../knapsack_full.rs" 88 4 88 55] produced <- ([#"../knapsack_full.rs" 88 4 88 55] _37); - [#"../knapsack_full.rs" 88 4 88 55] _37 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../knapsack_full.rs" 88 4 88 55] _37 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../knapsack_full.rs" 96 23 96 26] _41 <- ([#"../knapsack_full.rs" 96 23 96 26] index0 ([#"../knapsack_full.rs" 96 18 96 23] items) ([#"../knapsack_full.rs" 96 24 96 25] i)); goto BB20 } @@ -1201,11 +1201,11 @@ module KnapsackFull_Knapsack01Dyn goto BB22 } BB22 { - [#"../knapsack_full.rs" 98 8 98 59] iter_old1 <- ([#"../knapsack_full.rs" 98 8 98 59] Ghost.new iter1); + [#"../knapsack_full.rs" 98 8 98 59] iter_old1 <- ([#"../knapsack_full.rs" 98 8 98 59] Snapshot.new iter1); goto BB23 } BB23 { - [#"../knapsack_full.rs" 98 8 98 59] produced1 <- ([#"../knapsack_full.rs" 98 8 98 59] Ghost.new (Seq.empty )); + [#"../knapsack_full.rs" 98 8 98 59] produced1 <- ([#"../knapsack_full.rs" 98 8 98 59] Snapshot.new (Seq.empty )); goto BB24 } BB24 { @@ -1228,11 +1228,11 @@ module KnapsackFull_Knapsack01Dyn } BB30 { invariant { [#"../knapsack_full.rs" 98 8 98 59] inv2 iter1 }; - invariant { [#"../knapsack_full.rs" 98 8 98 59] produces1 (Ghost.inner iter_old1) (Ghost.inner produced1) iter1 }; + invariant { [#"../knapsack_full.rs" 98 8 98 59] produces1 (Snapshot.inner iter_old1) (Snapshot.inner produced1) iter1 }; invariant { [#"../knapsack_full.rs" 98 20 98 57] Seq.length (shallow_model0 items) + 1 = Seq.length (shallow_model1 best_value) }; invariant { [#"../knapsack_full.rs" 98 8 98 59] forall i : int . 0 <= i /\ i < Seq.length (shallow_model1 best_value) -> UIntSize.to_int max_weight + 1 = Seq.length (shallow_model3 (index_logic0 best_value i)) }; invariant { [#"../knapsack_full.rs" 98 8 98 59] forall ww : int . forall ii : int . 0 <= ii /\ ii <= UIntSize.to_int i /\ 0 <= ww /\ ww <= UIntSize.to_int max_weight -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value ii)) ww) = m0 (shallow_model0 items) ii ww }; - invariant { [#"../knapsack_full.rs" 98 8 98 59] forall ww : int . 0 <= ww /\ ww <= Seq.length (Ghost.inner produced1) - 1 -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value (UIntSize.to_int i + 1))) ww) = m0 (shallow_model0 items) (UIntSize.to_int i + 1) ww }; + invariant { [#"../knapsack_full.rs" 98 8 98 59] forall ww : int . 0 <= ww /\ ww <= Seq.length (Snapshot.inner produced1) - 1 -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value (UIntSize.to_int i + 1))) ww) = m0 (shallow_model0 items) (UIntSize.to_int i + 1) ww }; invariant { [#"../knapsack_full.rs" 98 8 98 59] forall ww : int . forall ii : int . 0 <= ii /\ ii <= Seq.length (shallow_model0 items) /\ 0 <= ww /\ ww <= UIntSize.to_int max_weight -> UIntSize.to_int (Seq.get (shallow_model3 (index_logic0 best_value ii)) ww) <= 10000000 * ii }; goto BB31 } @@ -1262,14 +1262,14 @@ module KnapsackFull_Knapsack01Dyn goto BB35 } BB35 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1 <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _58); - [#"../knapsack_full.rs" 98 8 98 59] _63 <- ([#"../knapsack_full.rs" 98 8 98 59] Ghost.new (Seq.(++) (Ghost.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1 <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _58); + [#"../knapsack_full.rs" 98 8 98 59] _63 <- ([#"../knapsack_full.rs" 98 8 98 59] Snapshot.new (Seq.(++) (Snapshot.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); goto BB36 } BB36 { [#"../knapsack_full.rs" 98 8 98 59] produced1 <- ([#"../knapsack_full.rs" 98 8 98 59] _63); - [#"../knapsack_full.rs" 98 8 98 59] _63 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] w <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1); + [#"../knapsack_full.rs" 98 8 98 59] _63 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] w <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); switch ([#"../knapsack_full.rs" 111 38 111 51] ([#"../knapsack_full.rs" 111 38 111 47] KnapsackFull_Item_Type.item_weight it) > ([#"../knapsack_full.rs" 111 50 111 51] w)) | False -> goto BB40 | True -> goto BB37 diff --git a/creusot/tests/should_succeed/knapsack_full.rs b/creusot/tests/should_succeed/knapsack_full.rs index 915d02bb5d..359165faae 100644 --- a/creusot/tests/should_succeed/knapsack_full.rs +++ b/creusot/tests/should_succeed/knapsack_full.rs @@ -20,7 +20,7 @@ fn max(a: usize, b: usize) -> usize { } } -#[ghost] +#[logic] #[variant(s.len()-i)] #[requires(0 <= i && i <= s.len())] #[ensures(result >= 0)] @@ -31,7 +31,7 @@ fn sum_weights(s: Seq<&Item>, i: Int) -> Int { } } -#[ghost] +#[logic] #[variant(s.len()-i)] #[requires(i >= 0 && i <= s.len())] fn sum_values(s: Seq<&Item>, i: Int) -> Int { @@ -55,7 +55,7 @@ fn subseq_rev(s1: Seq<&T>, i1: Int, s2: Seq, i2: Int) -> bool { } } -#[ghost] +#[logic] #[variant(i)] #[requires(0 <= i && i <= items.len())] #[requires(0 <= w)] diff --git a/creusot/tests/should_succeed/lang/assoc_type.rs b/creusot/tests/should_succeed/lang/assoc_type.rs index f738dba4f5..a64edf665a 100644 --- a/creusot/tests/should_succeed/lang/assoc_type.rs +++ b/creusot/tests/should_succeed/lang/assoc_type.rs @@ -43,7 +43,7 @@ pub fn uses3(_: Nested) {} // pub struct Map { // pub iter: I, -// pub produced: Ghost>, +// pub produced: Snapshot>, // } // pub fn use_map(_: Map) {} diff --git a/creusot/tests/should_succeed/list_index_mut.mlcfg b/creusot/tests/should_succeed/list_index_mut.mlcfg index 4615644180..dfacf48032 100644 --- a/creusot/tests/should_succeed/list_index_mut.mlcfg +++ b/creusot/tests/should_succeed/list_index_mut.mlcfg @@ -57,7 +57,7 @@ module ListIndexMut_IndexMut axiom inv0 : forall x : borrowed (Core_Option_Option_Type.t_option (ListIndexMut_List_Type.t_list)) . inv0 x = true use prelude.UInt32 use prelude.UIntSize - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (ListIndexMut_List_Type.t_list)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (ListIndexMut_List_Type.t_list)) : bool @@ -92,13 +92,13 @@ module ListIndexMut_IndexMut val shallow_model2 (self : usize) : int ensures { result = shallow_model2 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty usize) : int = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model2 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty usize) : int + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty usize) : int = + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model2 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty usize) : int ensures { result = shallow_model1 self } - use prelude.Ghost + use prelude.Snapshot use prelude.Int function get0 [#"../list_index_mut.rs" 18 4 18 46] (self : ListIndexMut_List_Type.t_list) (ix : int) : Core_Option_Option_Type.t_option uint32 @@ -122,8 +122,8 @@ module ListIndexMut_IndexMut val len0 [#"../list_index_mut.rs" 7 4 7 29] (self : ListIndexMut_List_Type.t_list) : int ensures { result = len0 self } - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot let rec cfg index_mut [#"../list_index_mut.rs" 37 0 37 61] [@cfg:stackify] [@cfg:subregion_analysis] (l : borrowed (ListIndexMut_List_Type.t_list)) (ix : usize) : borrowed uint32 requires {[#"../list_index_mut.rs" 32 11 32 24] UIntSize.to_int ix < len0 ( * l)} ensures { [#"../list_index_mut.rs" 33 10 33 37] Core_Option_Option_Type.C_Some ( * result) = get0 ( * l) (UIntSize.to_int ix) } @@ -136,8 +136,8 @@ module ListIndexMut_IndexMut var l : borrowed (ListIndexMut_List_Type.t_list) = l; var ix : usize = ix; var _3 : borrowed uint32; - var old_l : Ghost.ghost_ty (borrowed (ListIndexMut_List_Type.t_list)); - var old_ix : Ghost.ghost_ty usize; + var old_l : Snapshot.snap_ty (borrowed (ListIndexMut_List_Type.t_list)); + var old_ix : Snapshot.snap_ty usize; var _22 : borrowed (ListIndexMut_List_Type.t_list); var _23 : borrowed (ListIndexMut_List_Type.t_list); var _24 : Core_Option_Option_Type.t_option (borrowed (ListIndexMut_List_Type.t_list)); @@ -147,11 +147,11 @@ module ListIndexMut_IndexMut goto BB0 } BB0 { - [#"../list_index_mut.rs" 38 16 38 25] old_l <- ([#"../list_index_mut.rs" 38 16 38 25] Ghost.new l); + [#"../list_index_mut.rs" 38 16 38 31] old_l <- ([#"../list_index_mut.rs" 38 16 38 31] Snapshot.new l); goto BB1 } BB1 { - [#"../list_index_mut.rs" 39 17 39 27] old_ix <- ([#"../list_index_mut.rs" 39 17 39 27] Ghost.new ix); + [#"../list_index_mut.rs" 39 17 39 33] old_ix <- ([#"../list_index_mut.rs" 39 17 39 33] Snapshot.new ix); goto BB2 } BB2 { @@ -159,10 +159,10 @@ module ListIndexMut_IndexMut } BB3 { invariant { [#"../list_index_mut.rs" 40 16 40 45] (0 : usize) <= ix /\ UIntSize.to_int ix < len0 ( * l) }; - invariant { [#"../list_index_mut.rs" 41 16 41 52] get0 ( * l) (UIntSize.to_int ix) = get0 ( * Ghost.inner old_l) (shallow_model1 old_ix) }; - invariant { [#"../list_index_mut.rs" 42 16 42 55] get0 ( ^ l) (UIntSize.to_int ix) = get0 ( ^ Ghost.inner old_l) (shallow_model1 old_ix) }; - invariant { [#"../list_index_mut.rs" 40 4 40 47] len0 ( ^ l) = len0 ( * l) -> len0 ( ^ Ghost.inner old_l) = len0 ( * Ghost.inner old_l) }; - invariant { [#"../list_index_mut.rs" 40 4 40 47] (forall i : int . 0 <= i /\ i < len0 ( * l) /\ i <> UIntSize.to_int ix -> get0 ( ^ l) i = get0 ( * l) i) -> (forall i : int . 0 <= i /\ i < len0 ( * Ghost.inner old_l) /\ i <> shallow_model1 old_ix -> get0 ( ^ Ghost.inner old_l) i = get0 ( * Ghost.inner old_l) i) }; + invariant { [#"../list_index_mut.rs" 41 16 41 52] get0 ( * l) (UIntSize.to_int ix) = get0 ( * Snapshot.inner old_l) (shallow_model1 old_ix) }; + invariant { [#"../list_index_mut.rs" 42 16 42 55] get0 ( ^ l) (UIntSize.to_int ix) = get0 ( ^ Snapshot.inner old_l) (shallow_model1 old_ix) }; + invariant { [#"../list_index_mut.rs" 40 4 40 47] len0 ( ^ l) = len0 ( * l) -> len0 ( ^ Snapshot.inner old_l) = len0 ( * Snapshot.inner old_l) }; + invariant { [#"../list_index_mut.rs" 40 4 40 47] (forall i : int . 0 <= i /\ i < len0 ( * l) /\ i <> UIntSize.to_int ix -> get0 ( ^ l) i = get0 ( * l) i) -> (forall i : int . 0 <= i /\ i < len0 ( * Snapshot.inner old_l) /\ i <> shallow_model1 old_ix -> get0 ( ^ Snapshot.inner old_l) i = get0 ( * Snapshot.inner old_l) i) }; goto BB4 } BB4 { diff --git a/creusot/tests/should_succeed/list_index_mut.rs b/creusot/tests/should_succeed/list_index_mut.rs index 9291581962..ddf3a8a26b 100644 --- a/creusot/tests/should_succeed/list_index_mut.rs +++ b/creusot/tests/should_succeed/list_index_mut.rs @@ -3,7 +3,7 @@ use creusot_contracts::{logic::Int, *}; pub struct List(u32, Option>); impl List { - #[ghost] + #[logic] fn len(self: List) -> Int { { let List(_, ls) = self; @@ -14,7 +14,7 @@ impl List { } } - #[ghost] + #[logic] fn get(self: List, ix: Int) -> Option { { let List(i, ls) = self; @@ -35,8 +35,8 @@ impl List { #[ensures((^l).len() == (*l).len())] #[ensures(forall 0 <= i && i < l.len() && i != ix@ ==> l.get(i) == (^l).get(i))] pub fn index_mut(mut l: &mut List, mut ix: usize) -> &mut u32 { - let old_l = gh! { l }; - let old_ix = gh! { ix }; + let old_l = snapshot! { l }; + let old_ix = snapshot! { ix }; #[invariant(0usize <= ix && ix@ < l.len())] #[invariant(l.get(ix@) == (**old_l).get(old_ix@))] #[invariant((^l).get(ix@) == (^*old_l).get(old_ix@))] diff --git a/creusot/tests/should_succeed/list_reversal_lasso.mlcfg b/creusot/tests/should_succeed/list_reversal_lasso.mlcfg index d37be0a86a..a3f62bf56b 100644 --- a/creusot/tests/should_succeed/list_reversal_lasso.mlcfg +++ b/creusot/tests/should_succeed/list_reversal_lasso.mlcfg @@ -614,7 +614,7 @@ module ListReversalLasso_Impl4_ListReversalList val list0 [#"../list_reversal_lasso.rs" 91 4 91 54] (self : ListReversalLasso_Memory_Type.t_memory) (first : usize) (s : Seq.seq usize) : bool ensures { result = list0 self first s } - use prelude.Ghost + use prelude.Snapshot use prelude.Int predicate resolve1 (self : borrowed usize) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -641,20 +641,20 @@ module ListReversalLasso_Impl4_ListReversalList ensures { result = resolve0 self } use seq.Reverse - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - let rec cfg list_reversal_list [#"../list_reversal_lasso.rs" 99 4 99 79] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s : Ghost.ghost_ty (Seq.seq usize)) : usize - requires {[#"../list_reversal_lasso.rs" 97 15 97 31] list0 ( * self) l (Ghost.inner s)} - ensures { [#"../list_reversal_lasso.rs" 98 14 98 47] list0 ( ^ self) result (Reverse.reverse (Ghost.inner s)) } + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + let rec cfg list_reversal_list [#"../list_reversal_lasso.rs" 99 4 99 82] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s : Snapshot.snap_ty (Seq.seq usize)) : usize + requires {[#"../list_reversal_lasso.rs" 97 15 97 31] list0 ( * self) l (Snapshot.inner s)} + ensures { [#"../list_reversal_lasso.rs" 98 14 98 47] list0 ( ^ self) result (Reverse.reverse (Snapshot.inner s)) } = [@vc:do_not_keep_trace] [@vc:sp] var _0 : usize; var self : borrowed (ListReversalLasso_Memory_Type.t_memory) = self; var l : usize = l; - var s : Ghost.ghost_ty (Seq.seq usize) = s; + var s : Snapshot.snap_ty (Seq.seq usize) = s; var r : usize; - var n : Ghost.ghost_ty int; + var n : Snapshot.snap_ty int; var _17 : usize; var _18 : borrowed usize; var _19 : borrowed usize; @@ -663,22 +663,22 @@ module ListReversalLasso_Impl4_ListReversalList var _23 : usize; var _24 : borrowed usize; var _25 : borrowed usize; - var _27 : Ghost.ghost_ty int; + var _27 : Snapshot.snap_ty int; { goto BB0 } BB0 { [#"../list_reversal_lasso.rs" 100 20 100 24] r <- ([#"../list_reversal_lasso.rs" 100 20 100 24] [#"../list_reversal_lasso.rs" 100 20 100 24] (18446744073709551615 : usize)); - [#"../list_reversal_lasso.rs" 101 20 101 29] n <- ([#"../list_reversal_lasso.rs" 101 20 101 29] Ghost.new 0); + [#"../list_reversal_lasso.rs" 101 20 101 35] n <- ([#"../list_reversal_lasso.rs" 101 20 101 35] Snapshot.new 0); goto BB1 } BB1 { goto BB2 } BB2 { - invariant { [#"../list_reversal_lasso.rs" 103 20 103 44] 0 <= Ghost.inner n /\ Ghost.inner n <= Seq.length (Ghost.inner s) }; - invariant { [#"../list_reversal_lasso.rs" 104 20 104 59] list_seg0 ( * self) l (Ghost.inner s) null0 (Ghost.inner n) (Seq.length (Ghost.inner s)) }; - invariant { [#"../list_reversal_lasso.rs" 105 20 105 76] list_seg0 ( * self) r (Reverse.reverse (Ghost.inner s)) null0 (Seq.length (Ghost.inner s) - Ghost.inner n) (Seq.length (Ghost.inner s)) }; + invariant { [#"../list_reversal_lasso.rs" 103 20 103 44] 0 <= Snapshot.inner n /\ Snapshot.inner n <= Seq.length (Snapshot.inner s) }; + invariant { [#"../list_reversal_lasso.rs" 104 20 104 59] list_seg0 ( * self) l (Snapshot.inner s) null0 (Snapshot.inner n) (Seq.length (Snapshot.inner s)) }; + invariant { [#"../list_reversal_lasso.rs" 105 20 105 76] list_seg0 ( * self) r (Reverse.reverse (Snapshot.inner s)) null0 (Seq.length (Snapshot.inner s) - Snapshot.inner n) (Seq.length (Snapshot.inner s)) }; goto BB3 } BB3 { @@ -719,12 +719,12 @@ module ListReversalLasso_Impl4_ListReversalList assume { resolve1 _19 }; [#"../list_reversal_lasso.rs" 108 12 108 77] l <- ([#"../list_reversal_lasso.rs" 108 12 108 77] _17); [#"../list_reversal_lasso.rs" 108 12 108 77] _17 <- any usize; - [#"../list_reversal_lasso.rs" 109 16 109 30] _27 <- ([#"../list_reversal_lasso.rs" 109 16 109 30] Ghost.new (Ghost.inner n + 1)); + [#"../list_reversal_lasso.rs" 109 16 109 36] _27 <- ([#"../list_reversal_lasso.rs" 109 16 109 36] Snapshot.new (Snapshot.inner n + 1)); goto BB8 } BB8 { - [#"../list_reversal_lasso.rs" 109 12 109 30] n <- ([#"../list_reversal_lasso.rs" 109 12 109 30] _27); - [#"../list_reversal_lasso.rs" 109 12 109 30] _27 <- any Ghost.ghost_ty int; + [#"../list_reversal_lasso.rs" 109 12 109 36] n <- ([#"../list_reversal_lasso.rs" 109 12 109 36] _27); + [#"../list_reversal_lasso.rs" 109 12 109 36] _27 <- any Snapshot.snap_ty int; goto BB2 } BB9 { @@ -836,7 +836,7 @@ module ListReversalLasso_Impl4_ListReversalLoop val loop0 [#"../list_reversal_lasso.rs" 116 4 116 55] (self : ListReversalLasso_Memory_Type.t_memory) (first : usize) (s : Seq.seq usize) : bool ensures { result = loop0 self first s } - use prelude.Ghost + use prelude.Snapshot use prelude.Int predicate resolve1 (self : borrowed usize) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -866,28 +866,28 @@ module ListReversalLasso_Impl4_ListReversalLoop ensures { result = resolve0 self } use seq.Reverse - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq usize)) (ix : int) : usize = - [#"../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq usize)) (ix : int) : usize + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq usize)) (ix : int) : usize = + [#"../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq usize)) (ix : int) : usize ensures { result = index_logic0 self ix } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) - use prelude.Ghost - use prelude.Ghost - let rec cfg list_reversal_loop [#"../list_reversal_lasso.rs" 125 4 125 79] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s : Ghost.ghost_ty (Seq.seq usize)) : usize - requires {[#"../list_reversal_lasso.rs" 122 15 122 26] Seq.length (Ghost.inner s) > 0} - requires {[#"../list_reversal_lasso.rs" 123 15 123 32] loop0 ( * self) l (Ghost.inner s)} - ensures { [#"../list_reversal_lasso.rs" 124 14 124 101] loop0 ( ^ self) result (Seq.(++) (Seq.singleton (index_logic0 s 0)) (Reverse.reverse (SeqExt.subsequence (Ghost.inner s) 1 (Seq.length (Ghost.inner s))))) } + use prelude.Snapshot + use prelude.Snapshot + let rec cfg list_reversal_loop [#"../list_reversal_lasso.rs" 125 4 125 82] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s : Snapshot.snap_ty (Seq.seq usize)) : usize + requires {[#"../list_reversal_lasso.rs" 122 15 122 26] Seq.length (Snapshot.inner s) > 0} + requires {[#"../list_reversal_lasso.rs" 123 15 123 32] loop0 ( * self) l (Snapshot.inner s)} + ensures { [#"../list_reversal_lasso.rs" 124 14 124 101] loop0 ( ^ self) result (Seq.(++) (Seq.singleton (index_logic0 s 0)) (Reverse.reverse (SeqExt.subsequence (Snapshot.inner s) 1 (Seq.length (Snapshot.inner s))))) } = [@vc:do_not_keep_trace] [@vc:sp] var _0 : usize; var self : borrowed (ListReversalLasso_Memory_Type.t_memory) = self; var l : usize = l; - var s : Ghost.ghost_ty (Seq.seq usize) = s; + var s : Snapshot.snap_ty (Seq.seq usize) = s; var r : usize; - var n : Ghost.ghost_ty int; + var n : Snapshot.snap_ty int; var _21 : usize; var _22 : borrowed usize; var _23 : borrowed usize; @@ -896,23 +896,23 @@ module ListReversalLasso_Impl4_ListReversalLoop var _27 : usize; var _28 : borrowed usize; var _29 : borrowed usize; - var _31 : Ghost.ghost_ty int; + var _31 : Snapshot.snap_ty int; { goto BB0 } BB0 { [#"../list_reversal_lasso.rs" 126 20 126 24] r <- ([#"../list_reversal_lasso.rs" 126 20 126 24] [#"../list_reversal_lasso.rs" 126 20 126 24] (18446744073709551615 : usize)); - [#"../list_reversal_lasso.rs" 127 20 127 29] n <- ([#"../list_reversal_lasso.rs" 127 20 127 29] Ghost.new 0); + [#"../list_reversal_lasso.rs" 127 20 127 35] n <- ([#"../list_reversal_lasso.rs" 127 20 127 35] Snapshot.new 0); goto BB1 } BB1 { goto BB2 } BB2 { - invariant { [#"../list_reversal_lasso.rs" 129 20 129 48] 0 <= Ghost.inner n /\ Ghost.inner n <= Seq.length (Ghost.inner s) + 1 }; - invariant { [#"../list_reversal_lasso.rs" 129 8 129 50] Ghost.inner n = Seq.length (Ghost.inner s) + 1 -> l = null0 /\ r = index_logic0 s 0 /\ nonnull_ptr0 ( * self) r /\ index_logic1 ( * self) r = index_logic0 s (Seq.length (Ghost.inner s) - 1) /\ list_seg0 ( * self) (index_logic0 s (Seq.length (Ghost.inner s) - 1)) (Reverse.reverse (Ghost.inner s)) (index_logic0 s 0) 0 (Seq.length (Ghost.inner s) - 1) }; - invariant { [#"../list_reversal_lasso.rs" 129 8 129 50] Ghost.inner n <= Seq.length (Ghost.inner s) -> list_seg0 ( * self) l (Ghost.inner s) (index_logic0 s 0) (Ghost.inner n) (Seq.length (Ghost.inner s)) }; - invariant { [#"../list_reversal_lasso.rs" 129 8 129 50] Ghost.inner n <= Seq.length (Ghost.inner s) -> list_seg0 ( * self) r (Reverse.reverse (Ghost.inner s)) null0 (Seq.length (Ghost.inner s) - Ghost.inner n) (Seq.length (Ghost.inner s)) }; + invariant { [#"../list_reversal_lasso.rs" 129 20 129 48] 0 <= Snapshot.inner n /\ Snapshot.inner n <= Seq.length (Snapshot.inner s) + 1 }; + invariant { [#"../list_reversal_lasso.rs" 129 8 129 50] Snapshot.inner n = Seq.length (Snapshot.inner s) + 1 -> l = null0 /\ r = index_logic0 s 0 /\ nonnull_ptr0 ( * self) r /\ index_logic1 ( * self) r = index_logic0 s (Seq.length (Snapshot.inner s) - 1) /\ list_seg0 ( * self) (index_logic0 s (Seq.length (Snapshot.inner s) - 1)) (Reverse.reverse (Snapshot.inner s)) (index_logic0 s 0) 0 (Seq.length (Snapshot.inner s) - 1) }; + invariant { [#"../list_reversal_lasso.rs" 129 8 129 50] Snapshot.inner n <= Seq.length (Snapshot.inner s) -> list_seg0 ( * self) l (Snapshot.inner s) (index_logic0 s 0) (Snapshot.inner n) (Seq.length (Snapshot.inner s)) }; + invariant { [#"../list_reversal_lasso.rs" 129 8 129 50] Snapshot.inner n <= Seq.length (Snapshot.inner s) -> list_seg0 ( * self) r (Reverse.reverse (Snapshot.inner s)) null0 (Seq.length (Snapshot.inner s) - Snapshot.inner n) (Seq.length (Snapshot.inner s)) }; goto BB3 } BB3 { @@ -922,7 +922,7 @@ module ListReversalLasso_Impl4_ListReversalLoop end } BB4 { - assert { [@expl:assertion] [#"../list_reversal_lasso.rs" 138 12 138 77] Ghost.inner n = Seq.length (Ghost.inner s) -> l = Seq.get (Reverse.reverse (Ghost.inner s)) (Seq.length (Ghost.inner s) - 1) }; + assert { [@expl:assertion] [#"../list_reversal_lasso.rs" 138 12 138 77] Snapshot.inner n = Seq.length (Snapshot.inner s) -> l = Seq.get (Reverse.reverse (Snapshot.inner s)) (Seq.length (Snapshot.inner s) - 1) }; [#"../list_reversal_lasso.rs" 139 39 139 43] _25 <- Borrow.borrow_mut ( * self); [#"../list_reversal_lasso.rs" 139 39 139 43] self <- { self with current = ( ^ _25) ; }; [#"../list_reversal_lasso.rs" 139 43 139 46] _24 <- ([#"../list_reversal_lasso.rs" 139 43 139 46] index_mut0 _25 ([#"../list_reversal_lasso.rs" 139 44 139 45] l)); @@ -954,20 +954,20 @@ module ListReversalLasso_Impl4_ListReversalLoop assume { resolve1 _23 }; [#"../list_reversal_lasso.rs" 139 12 139 77] l <- ([#"../list_reversal_lasso.rs" 139 12 139 77] _21); [#"../list_reversal_lasso.rs" 139 12 139 77] _21 <- any usize; - [#"../list_reversal_lasso.rs" 140 16 140 30] _31 <- ([#"../list_reversal_lasso.rs" 140 16 140 30] Ghost.new (Ghost.inner n + 1)); + [#"../list_reversal_lasso.rs" 140 16 140 36] _31 <- ([#"../list_reversal_lasso.rs" 140 16 140 36] Snapshot.new (Snapshot.inner n + 1)); goto BB8 } BB8 { - [#"../list_reversal_lasso.rs" 140 12 140 30] n <- ([#"../list_reversal_lasso.rs" 140 12 140 30] _31); - [#"../list_reversal_lasso.rs" 140 12 140 30] _31 <- any Ghost.ghost_ty int; + [#"../list_reversal_lasso.rs" 140 12 140 36] n <- ([#"../list_reversal_lasso.rs" 140 12 140 36] _31); + [#"../list_reversal_lasso.rs" 140 12 140 36] _31 <- any Snapshot.snap_ty int; goto BB2 } BB9 { assume { resolve0 self }; - assert { [@expl:assertion] [#"../list_reversal_lasso.rs" 143 8 145 54] forall i : int . 0 <= i /\ i < Seq.length (Ghost.inner s) -> Seq.get (Seq.(++) (Seq.singleton (index_logic0 s 0)) (Reverse.reverse (SeqExt.subsequence (Ghost.inner s) 1 (Seq.length (Ghost.inner s))))) i = (if i = 0 then + assert { [@expl:assertion] [#"../list_reversal_lasso.rs" 143 8 145 54] forall i : int . 0 <= i /\ i < Seq.length (Snapshot.inner s) -> Seq.get (Seq.(++) (Seq.singleton (index_logic0 s 0)) (Reverse.reverse (SeqExt.subsequence (Snapshot.inner s) 1 (Seq.length (Snapshot.inner s))))) i = (if i = 0 then index_logic0 s 0 else - Seq.get (Reverse.reverse (Ghost.inner s)) (i - 1) + Seq.get (Reverse.reverse (Snapshot.inner s)) (i - 1) ) }; [#"../list_reversal_lasso.rs" 146 15 146 16] _0 <- ([#"../list_reversal_lasso.rs" 146 15 146 16] r); return _0 @@ -1080,7 +1080,7 @@ module ListReversalLasso_Impl4_ListReversalLasso val lasso0 [#"../list_reversal_lasso.rs" 151 4 151 70] (self : ListReversalLasso_Memory_Type.t_memory) (first : usize) (s1 : Seq.seq usize) (s2 : Seq.seq usize) : bool ensures { result = lasso0 self first s1 s2 } - use prelude.Ghost + use prelude.Snapshot use prelude.Int predicate resolve1 (self : borrowed usize) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -1109,26 +1109,26 @@ module ListReversalLasso_Impl4_ListReversalLasso let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) use seq.Reverse - use prelude.Ghost - function index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq usize)) (ix : int) : usize = - [#"../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Ghost.inner self) ix - val index_logic0 [@inline:trivial] (self : Ghost.ghost_ty (Seq.seq usize)) (ix : int) : usize + use prelude.Snapshot + function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq usize)) (ix : int) : usize = + [#"../../../../creusot-contracts/src/logic/ops.rs" 87 8 87 33] Seq.get (Snapshot.inner self) ix + val index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq usize)) (ix : int) : usize ensures { result = index_logic0 self ix } - use prelude.Ghost - use prelude.Ghost - let rec cfg list_reversal_lasso [#"../list_reversal_lasso.rs" 163 4 168 12] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s1 : Ghost.ghost_ty (Seq.seq usize)) (s2 : Ghost.ghost_ty (Seq.seq usize)) : usize - requires {[#"../list_reversal_lasso.rs" 161 15 161 38] lasso0 ( * self) l (Ghost.inner s1) (Ghost.inner s2)} - ensures { [#"../list_reversal_lasso.rs" 162 14 162 54] lasso0 ( ^ self) result (Ghost.inner s1) (Reverse.reverse (Ghost.inner s2)) } + use prelude.Snapshot + use prelude.Snapshot + let rec cfg list_reversal_lasso [#"../list_reversal_lasso.rs" 163 4 168 12] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s1 : Snapshot.snap_ty (Seq.seq usize)) (s2 : Snapshot.snap_ty (Seq.seq usize)) : usize + requires {[#"../list_reversal_lasso.rs" 161 15 161 38] lasso0 ( * self) l (Snapshot.inner s1) (Snapshot.inner s2)} + ensures { [#"../list_reversal_lasso.rs" 162 14 162 54] lasso0 ( ^ self) result (Snapshot.inner s1) (Reverse.reverse (Snapshot.inner s2)) } = [@vc:do_not_keep_trace] [@vc:sp] var _0 : usize; var self : borrowed (ListReversalLasso_Memory_Type.t_memory) = self; var l : usize = l; - var s1 : Ghost.ghost_ty (Seq.seq usize) = s1; - var s2 : Ghost.ghost_ty (Seq.seq usize) = s2; + var s1 : Snapshot.snap_ty (Seq.seq usize) = s1; + var s2 : Snapshot.snap_ty (Seq.seq usize) = s2; var r : usize; - var n : Ghost.ghost_ty int; + var n : Snapshot.snap_ty int; var _19 : usize; var _20 : borrowed usize; var _21 : borrowed usize; @@ -1137,31 +1137,31 @@ module ListReversalLasso_Impl4_ListReversalLasso var _25 : usize; var _26 : borrowed usize; var _27 : borrowed usize; - var _29 : Ghost.ghost_ty int; + var _29 : Snapshot.snap_ty int; { goto BB0 } BB0 { [#"../list_reversal_lasso.rs" 169 20 169 24] r <- ([#"../list_reversal_lasso.rs" 169 20 169 24] [#"../list_reversal_lasso.rs" 169 20 169 24] (18446744073709551615 : usize)); - [#"../list_reversal_lasso.rs" 170 20 170 29] n <- ([#"../list_reversal_lasso.rs" 170 20 170 29] Ghost.new 0); + [#"../list_reversal_lasso.rs" 170 20 170 35] n <- ([#"../list_reversal_lasso.rs" 170 20 170 35] Snapshot.new 0); goto BB1 } BB1 { goto BB2 } BB2 { - invariant { [#"../list_reversal_lasso.rs" 172 20 172 58] 0 <= Ghost.inner n /\ Ghost.inner n <= 2 * Seq.length (Ghost.inner s1) + Seq.length (Ghost.inner s2) }; - invariant { [#"../list_reversal_lasso.rs" 172 8 172 60] let mid = if Seq.length (Ghost.inner s2) = 0 then - index_logic0 s1 (Seq.length (Ghost.inner s1) - 1) + invariant { [#"../list_reversal_lasso.rs" 172 20 172 58] 0 <= Snapshot.inner n /\ Snapshot.inner n <= 2 * Seq.length (Snapshot.inner s1) + Seq.length (Snapshot.inner s2) }; + invariant { [#"../list_reversal_lasso.rs" 172 8 172 60] let mid = if Seq.length (Snapshot.inner s2) = 0 then + index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1) else index_logic0 s2 0 - in Ghost.inner n <= Seq.length (Ghost.inner s1) -> list_seg0 ( * self) l (Ghost.inner s1) mid (Ghost.inner n) (Seq.length (Ghost.inner s1)) /\ list_seg0 ( * self) mid (Ghost.inner s2) (index_logic0 s1 (Seq.length (Ghost.inner s1) - 1)) 0 (Seq.length (Ghost.inner s2)) /\ list_seg0 ( * self) r (Reverse.reverse (Ghost.inner s1)) null0 (Seq.length (Ghost.inner s1) - Ghost.inner n) (Seq.length (Ghost.inner s1)) }; - invariant { [#"../list_reversal_lasso.rs" 172 8 172 60] Seq.length (Ghost.inner s1) < Ghost.inner n /\ Ghost.inner n <= Seq.length (Ghost.inner s1) + Seq.length (Ghost.inner s2) -> list_seg0 ( * self) l (Ghost.inner s2) (index_logic0 s1 (Seq.length (Ghost.inner s1) - 1)) (Ghost.inner n - Seq.length (Ghost.inner s1)) (Seq.length (Ghost.inner s2)) /\ list_seg0 ( * self) r (Reverse.reverse (Ghost.inner s2)) (index_logic0 s1 (Seq.length (Ghost.inner s1) - 1)) (Seq.length (Ghost.inner s1) + Seq.length (Ghost.inner s2) - Ghost.inner n) (Seq.length (Ghost.inner s2)) /\ list_seg0 ( * self) (index_logic0 s1 (Seq.length (Ghost.inner s1) - 1)) (Reverse.reverse (Ghost.inner s1)) null0 0 (Seq.length (Ghost.inner s1)) }; - invariant { [#"../list_reversal_lasso.rs" 172 8 172 60] let mid = if Seq.length (Ghost.inner s2) = 0 then - index_logic0 s1 (Seq.length (Ghost.inner s1) - 1) + in Snapshot.inner n <= Seq.length (Snapshot.inner s1) -> list_seg0 ( * self) l (Snapshot.inner s1) mid (Snapshot.inner n) (Seq.length (Snapshot.inner s1)) /\ list_seg0 ( * self) mid (Snapshot.inner s2) (index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1)) 0 (Seq.length (Snapshot.inner s2)) /\ list_seg0 ( * self) r (Reverse.reverse (Snapshot.inner s1)) null0 (Seq.length (Snapshot.inner s1) - Snapshot.inner n) (Seq.length (Snapshot.inner s1)) }; + invariant { [#"../list_reversal_lasso.rs" 172 8 172 60] Seq.length (Snapshot.inner s1) < Snapshot.inner n /\ Snapshot.inner n <= Seq.length (Snapshot.inner s1) + Seq.length (Snapshot.inner s2) -> list_seg0 ( * self) l (Snapshot.inner s2) (index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1)) (Snapshot.inner n - Seq.length (Snapshot.inner s1)) (Seq.length (Snapshot.inner s2)) /\ list_seg0 ( * self) r (Reverse.reverse (Snapshot.inner s2)) (index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1)) (Seq.length (Snapshot.inner s1) + Seq.length (Snapshot.inner s2) - Snapshot.inner n) (Seq.length (Snapshot.inner s2)) /\ list_seg0 ( * self) (index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1)) (Reverse.reverse (Snapshot.inner s1)) null0 0 (Seq.length (Snapshot.inner s1)) }; + invariant { [#"../list_reversal_lasso.rs" 172 8 172 60] let mid = if Seq.length (Snapshot.inner s2) = 0 then + index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1) else - index_logic0 s2 (Seq.length (Ghost.inner s2) - 1) - in Seq.length (Ghost.inner s1) + Seq.length (Ghost.inner s2) < Ghost.inner n -> list_seg0 ( * self) l (Reverse.reverse (Ghost.inner s1)) null0 (Ghost.inner n - Seq.length (Ghost.inner s1) - Seq.length (Ghost.inner s2)) (Seq.length (Ghost.inner s1)) /\ list_seg0 ( * self) r (Ghost.inner s1) mid (2 * Seq.length (Ghost.inner s1) + Seq.length (Ghost.inner s2) - Ghost.inner n) (Seq.length (Ghost.inner s1)) /\ list_seg0 ( * self) mid (Reverse.reverse (Ghost.inner s2)) (index_logic0 s1 (Seq.length (Ghost.inner s1) - 1)) 0 (Seq.length (Ghost.inner s2)) }; + index_logic0 s2 (Seq.length (Snapshot.inner s2) - 1) + in Seq.length (Snapshot.inner s1) + Seq.length (Snapshot.inner s2) < Snapshot.inner n -> list_seg0 ( * self) l (Reverse.reverse (Snapshot.inner s1)) null0 (Snapshot.inner n - Seq.length (Snapshot.inner s1) - Seq.length (Snapshot.inner s2)) (Seq.length (Snapshot.inner s1)) /\ list_seg0 ( * self) r (Snapshot.inner s1) mid (2 * Seq.length (Snapshot.inner s1) + Seq.length (Snapshot.inner s2) - Snapshot.inner n) (Seq.length (Snapshot.inner s1)) /\ list_seg0 ( * self) mid (Reverse.reverse (Snapshot.inner s2)) (index_logic0 s1 (Seq.length (Snapshot.inner s1) - 1)) 0 (Seq.length (Snapshot.inner s2)) }; goto BB3 } BB3 { @@ -1202,12 +1202,12 @@ module ListReversalLasso_Impl4_ListReversalLasso assume { resolve1 _21 }; [#"../list_reversal_lasso.rs" 191 12 191 77] l <- ([#"../list_reversal_lasso.rs" 191 12 191 77] _19); [#"../list_reversal_lasso.rs" 191 12 191 77] _19 <- any usize; - [#"../list_reversal_lasso.rs" 192 16 192 30] _29 <- ([#"../list_reversal_lasso.rs" 192 16 192 30] Ghost.new (Ghost.inner n + 1)); + [#"../list_reversal_lasso.rs" 192 16 192 36] _29 <- ([#"../list_reversal_lasso.rs" 192 16 192 36] Snapshot.new (Snapshot.inner n + 1)); goto BB8 } BB8 { - [#"../list_reversal_lasso.rs" 192 12 192 30] n <- ([#"../list_reversal_lasso.rs" 192 12 192 30] _29); - [#"../list_reversal_lasso.rs" 192 12 192 30] _29 <- any Ghost.ghost_ty int; + [#"../list_reversal_lasso.rs" 192 12 192 36] n <- ([#"../list_reversal_lasso.rs" 192 12 192 36] _29); + [#"../list_reversal_lasso.rs" 192 12 192 36] _29 <- any Snapshot.snap_ty int; goto BB2 } BB9 { diff --git a/creusot/tests/should_succeed/list_reversal_lasso.rs b/creusot/tests/should_succeed/list_reversal_lasso.rs index 023e3d7dbc..c293c69ee0 100644 --- a/creusot/tests/should_succeed/list_reversal_lasso.rs +++ b/creusot/tests/should_succeed/list_reversal_lasso.rs @@ -16,7 +16,7 @@ impl IndexLogic for Memory { type Item = Ptr; #[open(self)] - #[ghost] + #[logic] fn index_logic(self, i: Ptr) -> Ptr { pearlite! { self.0[i] } } @@ -96,9 +96,9 @@ impl Memory { #[requires(self.list(l, *s))] #[ensures((^self).list(result, s.reverse()))] - pub fn list_reversal_list(&mut self, mut l: Ptr, s: Ghost>) -> Ptr { + pub fn list_reversal_list(&mut self, mut l: Ptr, s: Snapshot>) -> Ptr { let mut r = NULL; - let mut n = gh! { 0 }; + let mut n = snapshot! { 0 }; #[invariant(0 <= *n && *n <= s.len())] #[invariant(self.list_seg(l, *s, NULL, *n, s.len()))] @@ -106,7 +106,7 @@ impl Memory { // #[variant(s.len() - *n)] while l != NULL { l = std::mem::replace(&mut self[l], std::mem::replace(&mut r, l)); - n = gh! { *n + 1 } + n = snapshot! { *n + 1 } } return r; } @@ -122,9 +122,9 @@ impl Memory { #[requires(s.len() > 0)] #[requires(self.loop_(l, *s))] #[ensures((^self).loop_(result, Seq::singleton(s[0]).concat(s.subsequence(1, s.len()).reverse())))] - pub fn list_reversal_loop(&mut self, mut l: Ptr, s: Ghost>) -> Ptr { + pub fn list_reversal_loop(&mut self, mut l: Ptr, s: Snapshot>) -> Ptr { let mut r = NULL; - let mut n = gh! { 0 }; + let mut n = snapshot! { 0 }; #[invariant(0 <= *n && *n <= s.len() + 1)] #[invariant(*n == s.len() + 1 ==> @@ -137,7 +137,7 @@ impl Memory { while l != NULL { proof_assert! { *n == s.len() ==> l == s.reverse()[s.len() - 1] } l = std::mem::replace(&mut self[l], std::mem::replace(&mut r, l)); - n = gh! { *n + 1 } + n = snapshot! { *n + 1 } } proof_assert! { forall 0 <= i && i < s.len() ==> @@ -163,11 +163,11 @@ impl Memory { pub fn list_reversal_lasso( &mut self, mut l: Ptr, - s1: Ghost>, - s2: Ghost>, + s1: Snapshot>, + s2: Snapshot>, ) -> Ptr { let mut r = NULL; - let mut n = gh! { 0 }; + let mut n = snapshot! { 0 }; #[invariant(0 <= *n && *n <= 2*s1.len() + s2.len())] #[invariant({ @@ -189,12 +189,12 @@ impl Memory { // #[variant(2*s1.len() + s2.len() - *n)] while l != NULL { l = std::mem::replace(&mut self[l], std::mem::replace(&mut r, l)); - n = gh! { *n + 1 } + n = snapshot! { *n + 1 } } return r; } - #[ghost] + #[logic] #[requires(0 <= i && i <= s.len())] #[ensures(match result { None => forall i <= j && j < s.len() ==> s[j]@ != p, @@ -209,7 +209,7 @@ impl Memory { } } - #[ghost] + #[logic] #[requires(0 <= n)] #[requires(forall 0 <= i && i < s.len() ==> s[i]@ < n)] #[requires(forall 0 <= i && i < s.len() && 0 <= j && j < s.len() && i != j ==> s[i] != s[j])] @@ -232,7 +232,7 @@ impl Memory { } } - #[ghost] + #[logic] #[requires(self.mem_is_well_formed())] #[requires(last == NULL || self.nonnull_ptr(last))] #[requires(self.list_seg(first, s, last, 0, s.len()))] @@ -259,7 +259,7 @@ impl Memory { } } - #[ghost] + #[logic] #[open(self)] #[requires(self.mem_is_well_formed())] #[requires(first == NULL || self.nonnull_ptr(first))] diff --git a/creusot/tests/should_succeed/mapping_test.mlcfg b/creusot/tests/should_succeed/mapping_test.mlcfg index 4b3c7df8f1..e44734dd03 100644 --- a/creusot/tests/should_succeed/mapping_test.mlcfg +++ b/creusot/tests/should_succeed/mapping_test.mlcfg @@ -32,17 +32,17 @@ module MappingTest_Incr val shallow_model3 (self : borrowed (MappingTest_T_Type.t_t)) : Map.map int int ensures { result = shallow_model3 self } - use prelude.Ghost + use prelude.Snapshot use map.Map - use prelude.Ghost + use prelude.Snapshot function shallow_model4 (self : borrowed (MappingTest_T_Type.t_t)) : Map.map int int = [#"../../../../creusot-contracts/src/model.rs" 83 8 83 31] shallow_model3 self val shallow_model4 (self : borrowed (MappingTest_T_Type.t_t)) : Map.map int int ensures { result = shallow_model4 self } - function shallow_model1 (self : Ghost.ghost_ty (borrowed (MappingTest_T_Type.t_t))) : Map.map int int = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model4 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (MappingTest_T_Type.t_t))) : Map.map int int + function shallow_model1 (self : Snapshot.snap_ty (borrowed (MappingTest_T_Type.t_t))) : Map.map int int = + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model4 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (MappingTest_T_Type.t_t))) : Map.map int int ensures { result = shallow_model1 self } predicate resolve0 (self : borrowed (MappingTest_T_Type.t_t)) = @@ -51,7 +51,7 @@ module MappingTest_Incr ensures { result = resolve0 self } use prelude.Int32 - use prelude.Ghost + use prelude.Snapshot let rec cfg incr [#"../mapping_test.rs" 30 0 30 18] [@cfg:stackify] [@cfg:subregion_analysis] (t : borrowed (MappingTest_T_Type.t_t)) : () requires {[#"../mapping_test.rs" 27 12 27 24] 0 <= Int32.to_int (MappingTest_T_Type.t_a ( * t))} requires {[#"../mapping_test.rs" 28 12 28 26] Int32.to_int (MappingTest_T_Type.t_a ( * t)) < 1000} @@ -60,18 +60,18 @@ module MappingTest_Incr = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var t : borrowed (MappingTest_T_Type.t_t) = t; - var old_t : Ghost.ghost_ty (borrowed (MappingTest_T_Type.t_t)); + var old_t : Snapshot.snap_ty (borrowed (MappingTest_T_Type.t_t)); { goto BB0 } BB0 { - [#"../mapping_test.rs" 31 16 31 25] old_t <- ([#"../mapping_test.rs" 31 16 31 25] Ghost.new t); + [#"../mapping_test.rs" 31 16 31 31] old_t <- ([#"../mapping_test.rs" 31 16 31 31] Snapshot.new t); goto BB1 } BB1 { [#"../mapping_test.rs" 32 4 32 15] t <- { t with current = (let MappingTest_T_Type.C_T x0 = * t in MappingTest_T_Type.C_T ([#"../mapping_test.rs" 32 4 32 15] MappingTest_T_Type.t_a ( * t) + ([#"../mapping_test.rs" 32 14 32 15] [#"../mapping_test.rs" 32 14 32 15] (1 : int32)))) ; }; assume { resolve0 t }; - assert { [@expl:assertion] [#"../mapping_test.rs" 35 19 35 50] shallow_model0 ( ^ t) = Map.set (shallow_model1 old_t) (Int32.to_int (MappingTest_T_Type.t_a ( * Ghost.inner old_t))) 1 }; + assert { [@expl:assertion] [#"../mapping_test.rs" 35 19 35 50] shallow_model0 ( ^ t) = Map.set (shallow_model1 old_t) (Int32.to_int (MappingTest_T_Type.t_a ( * Snapshot.inner old_t))) 1 }; [#"../mapping_test.rs" 30 19 36 1] _0 <- ([#"../mapping_test.rs" 30 19 36 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/mapping_test.rs b/creusot/tests/should_succeed/mapping_test.rs index 021c5084bf..a2481d3955 100644 --- a/creusot/tests/should_succeed/mapping_test.rs +++ b/creusot/tests/should_succeed/mapping_test.rs @@ -13,7 +13,7 @@ struct T { impl ShallowModel for T { type ShallowModelTy = Mapping; - #[ghost] + #[logic] #[open(self)] #[trusted] #[ensures( @@ -28,7 +28,7 @@ impl ShallowModel for T { #[requires( (*t).a@ < 1000 )] // to prevent overflow #[ensures( (^t)@ == t@.set((*t).a@,1) )] fn incr(t: &mut T) { - let old_t = gh! { t }; + let old_t = snapshot! { t }; (*t).a += 1; // proving the post-consition via extensional equality of mappings // (notice `==` versus `==`) diff --git a/creusot/tests/should_succeed/mutex.mlcfg b/creusot/tests/should_succeed/mutex.mlcfg index ba08106e93..fdb4f10ec5 100644 --- a/creusot/tests/should_succeed/mutex.mlcfg +++ b/creusot/tests/should_succeed/mutex.mlcfg @@ -16,12 +16,12 @@ module Mutex_GuardInner_Type type t_guardinner 't end module Mutex_MutexGuard_Type - use prelude.Ghost + use prelude.Snapshot use Mutex_GuardInner_Type as Mutex_GuardInner_Type type t_mutexguard 't 'i = - | C_MutexGuard (Mutex_GuardInner_Type.t_guardinner 't) (Ghost.ghost_ty 'i) + | C_MutexGuard (Mutex_GuardInner_Type.t_guardinner 't) (Snapshot.snap_ty 'i) - let function mutexguard_1 (self : t_mutexguard 't 'i) : Ghost.ghost_ty 'i = [@vc:do_not_keep_trace] [@vc:sp] + let function mutexguard_1 (self : t_mutexguard 't 'i) : Snapshot.snap_ty 'i = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_MutexGuard _ a -> a end @@ -118,20 +118,20 @@ module Mutex_Impl3_Call val inv3 [#"../mutex.rs" 66 4 66 33] (self : Mutex_Even_Type.t_even) (x : uint32) : bool ensures { result = inv3 self x } - use prelude.Ghost + use prelude.Snapshot val set0 [#"../mutex.rs" 56 4 56 27] (self : borrowed (Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even))) (v : uint32) : () - requires {[#"../mutex.rs" 55 4 55 30] inv3 (Ghost.inner (Mutex_MutexGuard_Type.mutexguard_1 ( * self))) v} + requires {[#"../mutex.rs" 55 4 55 30] inv3 (Snapshot.inner (Mutex_MutexGuard_Type.mutexguard_1 ( * self))) v} requires {[#"../mutex.rs" 56 16 56 20] inv5 self} requires {[#"../mutex.rs" 56 22 56 23] inv6 v} val deref0 [#"../mutex.rs" 50 4 50 25] (self : Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even)) : uint32 requires {[#"../mutex.rs" 50 14 50 18] inv2 self} - ensures { [#"../mutex.rs" 49 4 49 35] inv3 (Ghost.inner (Mutex_MutexGuard_Type.mutexguard_1 self)) result } + ensures { [#"../mutex.rs" 49 4 49 35] inv3 (Snapshot.inner (Mutex_MutexGuard_Type.mutexguard_1 self)) result } ensures { [#"../mutex.rs" 50 23 50 25] inv4 result } val lock0 [#"../mutex.rs" 37 4 37 46] (self : Mutex_Mutex_Type.t_mutex uint32 (Mutex_Even_Type.t_even)) : Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even) requires {[#"../mutex.rs" 37 17 37 21] inv0 self} - ensures { [#"../mutex.rs" 36 14 36 33] Mutex_Mutex_Type.mutex_1 self = Ghost.inner (Mutex_MutexGuard_Type.mutexguard_1 result) } + ensures { [#"../mutex.rs" 36 14 36 33] Mutex_Mutex_Type.mutex_1 self = Snapshot.inner (Mutex_MutexGuard_Type.mutexguard_1 result) } ensures { [#"../mutex.rs" 37 26 37 46] inv1 result } use Mutex_AddsTwo_Type as Mutex_AddsTwo_Type @@ -205,12 +205,12 @@ module Mutex_JoinHandleInner_Type type t_joinhandleinner 't end module Mutex_JoinHandle_Type - use prelude.Ghost + use prelude.Snapshot use Mutex_JoinHandleInner_Type as Mutex_JoinHandleInner_Type type t_joinhandle 't 'i = - | C_JoinHandle (Mutex_JoinHandleInner_Type.t_joinhandleinner 't) (Ghost.ghost_ty 'i) + | C_JoinHandle (Mutex_JoinHandleInner_Type.t_joinhandleinner 't) (Snapshot.snap_ty 'i) - let function joinhandle_1 (self : t_joinhandle 't 'i) : Ghost.ghost_ty 'i = [@vc:do_not_keep_trace] [@vc:sp] + let function joinhandle_1 (self : t_joinhandle 't 'i) : Snapshot.snap_ty 'i = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_JoinHandle _ a -> a end @@ -358,11 +358,11 @@ module Mutex_Concurrent val inv8 [#"../mutex.rs" 150 4 150 39] (self : Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo)) (v : ()) : bool ensures { result = inv8 self v } - use prelude.Ghost + use prelude.Snapshot val join0 [#"../mutex.rs" 121 4 121 34] (self : Mutex_JoinHandle_Type.t_joinhandle () (Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo))) : Core_Result_Result_Type.t_result () () requires {[#"../mutex.rs" 121 12 121 16] inv7 self} ensures { [#"../mutex.rs" 117 14 120 5] match result with - | Core_Result_Result_Type.C_Ok v -> inv8 (Ghost.inner (Mutex_JoinHandle_Type.joinhandle_1 self)) v + | Core_Result_Result_Type.C_Ok v -> inv8 (Snapshot.inner (Mutex_JoinHandle_Type.joinhandle_1 self)) v | _ -> true end } ensures { [#"../mutex.rs" 121 21 121 34] inv9 result } diff --git a/creusot/tests/should_succeed/mutex.rs b/creusot/tests/should_succeed/mutex.rs index cafe5e1924..afea3c3895 100644 --- a/creusot/tests/should_succeed/mutex.rs +++ b/creusot/tests/should_succeed/mutex.rs @@ -35,14 +35,14 @@ impl> Mutex { #[trusted] #[ensures(self.1 == *result.1)] pub fn lock(&self) -> MutexGuard<'_, T, I> { - MutexGuard(GuardInner(self.0 .0.lock().unwrap()), gh! { self.1 }) + MutexGuard(GuardInner(self.0 .0.lock().unwrap()), snapshot! { self.1 }) } } #[trusted] struct GuardInner<'a, T: ?Sized + 'a>(std::sync::MutexGuard<'a, T>); -pub struct MutexGuard<'a, T: ?Sized + 'a, I>(GuardInner<'a, T>, Ghost); +pub struct MutexGuard<'a, T: ?Sized + 'a, I>(GuardInner<'a, T>, Snapshot); impl<'a, T, I: Inv> MutexGuard<'a, T, I> { #[trusted] @@ -110,7 +110,7 @@ impl<'a> FakeFnOnce for AddsTwo<'a> { #[trusted] struct JoinHandleInner(std::thread::JoinHandle); -struct JoinHandle(JoinHandleInner, Ghost); +struct JoinHandle(JoinHandleInner, Snapshot); impl> JoinHandle { #[trusted] @@ -136,7 +136,7 @@ fn spawn>( #[creusot::no_translate] || f.call(), )), - gh! { SpawnPostCond { f } }, + snapshot! { SpawnPostCond { f } }, ) } diff --git a/creusot/tests/should_succeed/red_black_tree.mlcfg b/creusot/tests/should_succeed/red_black_tree.mlcfg index 7d943341c6..5a1b50dfbf 100644 --- a/creusot/tests/should_succeed/red_black_tree.mlcfg +++ b/creusot/tests/should_succeed/red_black_tree.mlcfg @@ -1300,16 +1300,16 @@ module RedBlackTree_Impl14_RotateRight ensures { result = inv1 _x } axiom inv1 : forall x : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v) . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) - val invariant0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) + val invariant0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) - val inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) + val inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v)) . inv0 x = true use prelude.Int function height1 [#"../red_black_tree.rs" 296 4 296 26] (self : RedBlackTree_Tree_Type.t_tree k v) : int = [#"../red_black_tree.rs" 298 12 306 13] match self with @@ -1426,7 +1426,7 @@ module RedBlackTree_Impl14_RotateRight val resolve5 (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = resolve5 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve4 (self : borrowed (RedBlackTree_Color_Type.t_color)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve4 (self : borrowed (RedBlackTree_Color_Type.t_color)) : bool @@ -1482,11 +1482,11 @@ module RedBlackTree_Impl14_RotateRight ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 16 22 16 42] is_default0 ( ^ dest) } ensures { inv1 result } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) - val resolve0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) + val resolve0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg rotate_right [#"../red_black_tree.rs" 412 4 412 30] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (RedBlackTree_Node_Type.t_node k v)) : () requires {[#"../red_black_tree.rs" 400 15 400 43] internal_invariant0 ( * self)} requires {[#"../red_black_tree.rs" 401 15 401 42] color0 (RedBlackTree_Node_Type.node_left ( * self)) = RedBlackTree_Color_Type.C_Red} @@ -1502,7 +1502,7 @@ module RedBlackTree_Impl14_RotateRight = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var self : borrowed (RedBlackTree_Node_Type.t_node k v) = self; - var old_self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v)); + var old_self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v)); var x : RedBlackTree_Node_Type.t_node k v; var _14 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); var _15 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -1525,7 +1525,7 @@ module RedBlackTree_Impl14_RotateRight goto BB0 } BB0 { - [#"../red_black_tree.rs" 413 23 413 35] old_self <- ([#"../red_black_tree.rs" 413 23 413 35] Ghost.new self); + [#"../red_black_tree.rs" 413 23 413 41] old_self <- ([#"../red_black_tree.rs" 413 23 413 41] Snapshot.new self); goto BB1 } BB1 { @@ -1604,7 +1604,7 @@ module RedBlackTree_Impl14_RotateRight BB6 { assume { resolve4 _30 }; assume { resolve4 _28 }; - assert { [@expl:assertion] [#"../red_black_tree.rs" 441 8 441 90] has_mapping0 (RedBlackTree_Node_Type.node_left ( * Ghost.inner old_self)) (deep_model0 (RedBlackTree_Node_Type.node_key ( * self))) (RedBlackTree_Node_Type.node_val ( * self)) }; + assert { [@expl:assertion] [#"../red_black_tree.rs" 441 8 441 90] has_mapping0 (RedBlackTree_Node_Type.node_left ( * Snapshot.inner old_self)) (deep_model0 (RedBlackTree_Node_Type.node_key ( * self))) (RedBlackTree_Node_Type.node_val ( * self)) }; goto BB7 } BB7 { @@ -1830,16 +1830,16 @@ module RedBlackTree_Impl14_RotateLeft ensures { result = inv1 _x } axiom inv1 : forall x : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v) . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) - val invariant0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) + val invariant0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) - val inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) + val inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v)) . inv0 x = true use prelude.Int function height1 [#"../red_black_tree.rs" 296 4 296 26] (self : RedBlackTree_Tree_Type.t_tree k v) : int = [#"../red_black_tree.rs" 298 12 306 13] match self with @@ -1956,7 +1956,7 @@ module RedBlackTree_Impl14_RotateLeft val resolve5 (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = resolve5 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve4 (self : borrowed (RedBlackTree_Color_Type.t_color)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve4 (self : borrowed (RedBlackTree_Color_Type.t_color)) : bool @@ -2012,11 +2012,11 @@ module RedBlackTree_Impl14_RotateLeft ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 16 22 16 42] is_default0 ( ^ dest) } ensures { inv1 result } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) - val resolve0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) + val resolve0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg rotate_left [#"../red_black_tree.rs" 462 4 462 29] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (RedBlackTree_Node_Type.t_node k v)) : () requires {[#"../red_black_tree.rs" 450 15 450 43] internal_invariant0 ( * self)} requires {[#"../red_black_tree.rs" 451 15 451 43] color0 (RedBlackTree_Node_Type.node_right ( * self)) = RedBlackTree_Color_Type.C_Red} @@ -2032,7 +2032,7 @@ module RedBlackTree_Impl14_RotateLeft = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var self : borrowed (RedBlackTree_Node_Type.t_node k v) = self; - var old_self : Ghost.ghost_ty (borrowed (RedBlackTree_Node_Type.t_node k v)); + var old_self : Snapshot.snap_ty (borrowed (RedBlackTree_Node_Type.t_node k v)); var x : RedBlackTree_Node_Type.t_node k v; var _14 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); var _15 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -2055,7 +2055,7 @@ module RedBlackTree_Impl14_RotateLeft goto BB0 } BB0 { - [#"../red_black_tree.rs" 463 23 463 35] old_self <- ([#"../red_black_tree.rs" 463 23 463 35] Ghost.new self); + [#"../red_black_tree.rs" 463 23 463 41] old_self <- ([#"../red_black_tree.rs" 463 23 463 41] Snapshot.new self); goto BB1 } BB1 { @@ -2134,7 +2134,7 @@ module RedBlackTree_Impl14_RotateLeft BB6 { assume { resolve4 _30 }; assume { resolve4 _28 }; - assert { [@expl:assertion] [#"../red_black_tree.rs" 468 8 468 91] has_mapping0 (RedBlackTree_Node_Type.node_right ( * Ghost.inner old_self)) (deep_model0 (RedBlackTree_Node_Type.node_key ( * self))) (RedBlackTree_Node_Type.node_val ( * self)) }; + assert { [@expl:assertion] [#"../red_black_tree.rs" 468 8 468 91] has_mapping0 (RedBlackTree_Node_Type.node_right ( * Snapshot.inner old_self)) (deep_model0 (RedBlackTree_Node_Type.node_key ( * self))) (RedBlackTree_Node_Type.node_val ( * self)) }; goto BB7 } BB7 { @@ -5447,12 +5447,12 @@ module RedBlackTree_Impl15_Insert val invariant0 [#"../red_black_tree.rs" 364 4 364 34] (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = invariant0 self } - use prelude.Ghost - predicate resolve2 (self : Ghost.ghost_ty ()) - val resolve2 (self : Ghost.ghost_ty ()) : bool + use prelude.Snapshot + predicate resolve2 (self : Snapshot.snap_ty ()) + val resolve2 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve2 self } - use prelude.Ghost + use prelude.Snapshot use map.Map function model_acc_has_mapping0 [#"../red_black_tree.rs" 68 4 72 5] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) (k : deep_model_ty0) : () @@ -5564,7 +5564,7 @@ module RedBlackTree_Impl15_Insert var _12 : borrowed (RedBlackTree_Node_Type.t_node k v); var _13 : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v)); var _14 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); - var _15 : Ghost.ghost_ty (); + var _15 : Snapshot.snap_ty (); { goto BB0 } @@ -5600,7 +5600,7 @@ module RedBlackTree_Impl15_Insert assume { resolve0 _12 }; assert { [@expl:type invariant] inv3 self }; assume { resolve1 self }; - [#"../red_black_tree.rs" 629 8 629 39] _15 <- ([#"../red_black_tree.rs" 629 8 629 39] Ghost.new ()); + [#"../red_black_tree.rs" 629 8 629 45] _15 <- ([#"../red_black_tree.rs" 629 8 629 45] Snapshot.new ()); goto BB5 } BB5 { @@ -6594,16 +6594,16 @@ module RedBlackTree_Impl15_DeleteMax ensures { result = inv1 _x } axiom inv1 : forall x : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v) . inv1 x = true - use prelude.Ghost - predicate invariant1 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) - val invariant1 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool + use prelude.Snapshot + predicate invariant1 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) + val invariant1 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool ensures { result = invariant1 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) - val inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) + val inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)) . inv0 x = true use map.Const use map.Map function deep_model0 (self : k) : deep_model_ty0 @@ -6719,11 +6719,11 @@ module RedBlackTree_Impl15_DeleteMax val invariant0 [#"../red_black_tree.rs" 364 4 364 34] (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = invariant0 self } - predicate resolve4 (self : Ghost.ghost_ty ()) - val resolve4 (self : Ghost.ghost_ty ()) : bool + predicate resolve4 (self : Snapshot.snap_ty ()) + val resolve4 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve4 self } - use prelude.Ghost + use prelude.Snapshot function model_acc_has_mapping0 [#"../red_black_tree.rs" 68 4 72 5] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) (k : deep_model_ty0) : () = @@ -6819,7 +6819,7 @@ module RedBlackTree_Impl15_DeleteMax val same_mappings0 [#"../red_black_tree.rs" 42 4 42 43] (self : RedBlackTree_Tree_Type.t_tree k v) (o : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = same_mappings0 self o } - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v))) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v))) : bool @@ -6834,11 +6834,11 @@ module RedBlackTree_Impl15_DeleteMax requires {[#"../red_black_tree.rs" 388 15 388 19] inv9 self} ensures { [#"../red_black_tree.rs" 387 14 387 45] result = (color0 self = RedBlackTree_Color_Type.C_Red) } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) - val resolve0 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) + val resolve0 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg delete_max [#"../red_black_tree.rs" 667 4 667 50] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (RedBlackTree_Tree_Type.t_tree k v)) : Core_Option_Option_Type.t_option (k, v) requires {[#"../red_black_tree.rs" 660 15 660 34] invariant0 ( * self)} requires {[#"../red_black_tree.rs" 667 27 667 31] inv6 self} @@ -6852,7 +6852,7 @@ module RedBlackTree_Impl15_DeleteMax = [@vc:do_not_keep_trace] [@vc:sp] var _0 : Core_Option_Option_Type.t_option (k, v); var self : borrowed (RedBlackTree_Tree_Type.t_tree k v) = self; - var old_self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)); + var old_self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)); var _7 : (); var _8 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var node : borrowed (RedBlackTree_Node_Type.t_node k v); @@ -6864,12 +6864,12 @@ module RedBlackTree_Impl15_DeleteMax var _23 : borrowed (RedBlackTree_Node_Type.t_node k v); var _24 : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v)); var _25 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); - var _26 : Ghost.ghost_ty (); + var _26 : Snapshot.snap_ty (); { goto BB0 } BB0 { - [#"../red_black_tree.rs" 668 23 668 35] old_self <- ([#"../red_black_tree.rs" 668 23 668 35] Ghost.new self); + [#"../red_black_tree.rs" 668 23 668 41] old_self <- ([#"../red_black_tree.rs" 668 23 668 41] Snapshot.new self); goto BB1 } BB1 { @@ -6917,7 +6917,7 @@ module RedBlackTree_Impl15_DeleteMax goto BB7 } BB7 { - assert { [@expl:assertion] [#"../red_black_tree.rs" 676 24 676 53] same_mappings0 ( * Ghost.inner old_self) ( * self) }; + assert { [@expl:assertion] [#"../red_black_tree.rs" 676 24 676 53] same_mappings0 ( * Snapshot.inner old_self) ( * self) }; [#"../red_black_tree.rs" 677 16 677 20] _18 <- Borrow.borrow_mut ( * self); [#"../red_black_tree.rs" 677 16 677 20] self <- { self with current = ( ^ _18) ; }; assume { inv5 ( ^ _18) }; @@ -6972,7 +6972,7 @@ module RedBlackTree_Impl15_DeleteMax goto BB15 } BB15 { - [#"../red_black_tree.rs" 681 8 681 39] _26 <- ([#"../red_black_tree.rs" 681 8 681 39] Ghost.new ()); + [#"../red_black_tree.rs" 681 8 681 45] _26 <- ([#"../red_black_tree.rs" 681 8 681 45] Snapshot.new ()); goto BB16 } BB16 { @@ -8045,7 +8045,7 @@ module RedBlackTree_Impl15_DeleteMin val invariant0 [#"../red_black_tree.rs" 364 4 364 34] (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = invariant0 self } - use prelude.Ghost + use prelude.Snapshot val unwrap0 (self : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v))) : borrowed (RedBlackTree_Node_Type.t_node k v) requires {[#"../../../../creusot-contracts/src/std/option.rs" 29 0 126 1] self <> Core_Option_Option_Type.C_None} requires {inv11 self} @@ -8108,11 +8108,11 @@ module RedBlackTree_Impl15_DeleteMin requires {[#"../red_black_tree.rs" 388 15 388 19] inv9 self} ensures { [#"../red_black_tree.rs" 387 14 387 45] result = (color0 self = RedBlackTree_Color_Type.C_Red) } - predicate resolve0 (self : Ghost.ghost_ty ()) - val resolve0 (self : Ghost.ghost_ty ()) : bool + predicate resolve0 (self : Snapshot.snap_ty ()) + val resolve0 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot function model_acc_has_mapping0 [#"../red_black_tree.rs" 68 4 72 5] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) (k : deep_model_ty0) : () = @@ -8166,7 +8166,7 @@ module RedBlackTree_Impl15_DeleteMin = [@vc:do_not_keep_trace] [@vc:sp] var _0 : Core_Option_Option_Type.t_option (k, v); var self : borrowed (RedBlackTree_Tree_Type.t_tree k v) = self; - var _5 : Ghost.ghost_ty (); + var _5 : Snapshot.snap_ty (); var _7 : (); var _8 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var node : borrowed (RedBlackTree_Node_Type.t_node k v); @@ -8182,7 +8182,7 @@ module RedBlackTree_Impl15_DeleteMin goto BB0 } BB0 { - [#"../red_black_tree.rs" 720 8 720 39] _5 <- ([#"../red_black_tree.rs" 720 8 720 39] Ghost.new ()); + [#"../red_black_tree.rs" 720 8 720 45] _5 <- ([#"../red_black_tree.rs" 720 8 720 45] Snapshot.new ()); goto BB1 } BB1 { @@ -8701,7 +8701,7 @@ module RedBlackTree_Impl15_DeleteRec val internal_invariant0 [#"../red_black_tree.rs" 356 4 356 43] (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = internal_invariant0 self } - use prelude.Ghost + use prelude.Snapshot predicate color_invariant1 [#"../red_black_tree.rs" 286 4 286 36] (self : RedBlackTree_Node_Type.t_node k v) = [#"../red_black_tree.rs" 287 8 287 112] color_invariant_here0 self /\ color_invariant0 (RedBlackTree_Node_Type.node_left self) /\ color_invariant0 (RedBlackTree_Node_Type.node_right self) val color_invariant1 [#"../red_black_tree.rs" 286 4 286 36] (self : RedBlackTree_Node_Type.t_node k v) : bool @@ -8840,11 +8840,11 @@ module RedBlackTree_Impl15_DeleteRec ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 11 22 11 30] ^ x = * y } ensures { [#"../../../../creusot-contracts/src/std/mem.rs" 12 22 12 30] ^ y = * x } - predicate resolve5 (self : Ghost.ghost_ty ()) - val resolve5 (self : Ghost.ghost_ty ()) : bool + predicate resolve5 (self : Snapshot.snap_ty ()) + val resolve5 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve5 self } - use prelude.Ghost + use prelude.Snapshot use map.Map use map.Map function model_acc0 [#"../red_black_tree.rs" 49 4 52 47] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v) @@ -9094,7 +9094,7 @@ module RedBlackTree_Impl15_DeleteRec var _71 : borrowed (RedBlackTree_Node_Type.t_node k v); var kv : (k, v); var _74 : borrowed (RedBlackTree_Tree_Type.t_tree k v); - var _75 : Ghost.ghost_ty (); + var _75 : Snapshot.snap_ty (); var _77 : (); var _78 : borrowed k; var _79 : borrowed k; @@ -9428,7 +9428,7 @@ module RedBlackTree_Impl15_DeleteRec goto BB54 } BB54 { - [#"../red_black_tree.rs" 778 24 778 53] _75 <- ([#"../red_black_tree.rs" 778 24 778 53] Ghost.new ()); + [#"../red_black_tree.rs" 778 24 778 59] _75 <- ([#"../red_black_tree.rs" 778 24 778 59] Snapshot.new ()); goto BB55 } BB55 { @@ -9892,7 +9892,7 @@ module RedBlackTree_Impl15_Delete val invariant0 [#"../red_black_tree.rs" 364 4 364 34] (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = invariant0 self } - use prelude.Ghost + use prelude.Snapshot val unwrap0 (self : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v))) : borrowed (RedBlackTree_Node_Type.t_node k v) requires {[#"../../../../creusot-contracts/src/std/option.rs" 29 0 126 1] self <> Core_Option_Option_Type.C_None} requires {inv11 self} @@ -9962,11 +9962,11 @@ module RedBlackTree_Impl15_Delete requires {[#"../red_black_tree.rs" 388 15 388 19] inv10 self} ensures { [#"../red_black_tree.rs" 387 14 387 45] result = (color0 self = RedBlackTree_Color_Type.C_Red) } - predicate resolve0 (self : Ghost.ghost_ty ()) - val resolve0 (self : Ghost.ghost_ty ()) : bool + predicate resolve0 (self : Snapshot.snap_ty ()) + val resolve0 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot function model_acc_has_mapping0 [#"../red_black_tree.rs" 68 4 72 5] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) (k : deep_model_ty0) : () = @@ -10023,7 +10023,7 @@ module RedBlackTree_Impl15_Delete var _0 : Core_Option_Option_Type.t_option (k, v); var self : borrowed (RedBlackTree_Tree_Type.t_tree k v) = self; var key : k = key; - var _7 : Ghost.ghost_ty (); + var _7 : Snapshot.snap_ty (); var _9 : (); var _10 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var node : borrowed (RedBlackTree_Node_Type.t_node k v); @@ -10039,7 +10039,7 @@ module RedBlackTree_Impl15_Delete goto BB0 } BB0 { - [#"../red_black_tree.rs" 801 8 801 39] _7 <- ([#"../red_black_tree.rs" 801 8 801 39] Ghost.new ()); + [#"../red_black_tree.rs" 801 8 801 45] _7 <- ([#"../red_black_tree.rs" 801 8 801 45] Snapshot.new ()); goto BB1 } BB1 { @@ -10459,7 +10459,7 @@ module RedBlackTree_Impl15_Get val invariant0 [#"../red_black_tree.rs" 364 4 364 34] (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = invariant0 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve5 (self : v) val resolve5 (self : v) : bool ensures { result = resolve5 self } @@ -10490,11 +10490,11 @@ module RedBlackTree_Impl15_Get val resolve1 (self : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = resolve1 self } - predicate resolve0 (self : Ghost.ghost_ty ()) - val resolve0 (self : Ghost.ghost_ty ()) : bool + predicate resolve0 (self : Snapshot.snap_ty ()) + val resolve0 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot function model_acc_has_mapping0 [#"../red_black_tree.rs" 68 4 72 5] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) (k : deep_model_ty0) : () = @@ -10549,7 +10549,7 @@ module RedBlackTree_Impl15_Get var _0 : Core_Option_Option_Type.t_option v; var self : RedBlackTree_Tree_Type.t_tree k v = self; var key : k = key; - var _6 : Ghost.ghost_ty (); + var _6 : Snapshot.snap_ty (); var tree : RedBlackTree_Tree_Type.t_tree k v; var _12 : (); var _13 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); @@ -10563,7 +10563,7 @@ module RedBlackTree_Impl15_Get goto BB0 } BB0 { - [#"../red_black_tree.rs" 823 8 823 39] _6 <- ([#"../red_black_tree.rs" 823 8 823 39] Ghost.new ()); + [#"../red_black_tree.rs" 823 8 823 45] _6 <- ([#"../red_black_tree.rs" 823 8 823 45] Snapshot.new ()); goto BB1 } BB1 { @@ -10875,16 +10875,16 @@ module RedBlackTree_Impl15_GetMut ensures { result = inv1 _x } axiom inv1 : forall x : v . inv1 x = true - use prelude.Ghost - predicate invariant1 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) - val invariant1 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool + use prelude.Snapshot + predicate invariant1 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) + val invariant1 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool ensures { result = invariant1 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) - val inv0 (_x : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) + val inv0 (_x : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)) . inv0 x = true use map.Map function deep_model1 (self : k) : deep_model_ty0 val deep_model1 (self : k) : deep_model_ty0 @@ -11040,22 +11040,22 @@ module RedBlackTree_Impl15_GetMut val match_t0 [#"../red_black_tree.rs" 232 4 232 52] (self : RedBlackTree_Cp_Type.t_cp) (tree : RedBlackTree_Tree_Type.t_tree k v) : bool ensures { result = match_t0 self tree } - use prelude.Ghost + use prelude.Snapshot function deep_model0 (self : k) : deep_model_ty0 = [#"../../../../creusot-contracts/src/model.rs" 74 8 74 28] deep_model1 self val deep_model0 (self : k) : deep_model_ty0 ensures { result = deep_model0 self } - predicate resolve1 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) - val resolve1 (self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool + predicate resolve1 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) + val resolve1 (self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v))) : bool ensures { result = resolve1 self } - use prelude.Ghost - predicate resolve0 (self : Ghost.ghost_ty ()) - val resolve0 (self : Ghost.ghost_ty ()) : bool + use prelude.Snapshot + predicate resolve0 (self : Snapshot.snap_ty ()) + val resolve0 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot function model_acc_has_mapping0 [#"../red_black_tree.rs" 68 4 72 5] (self : RedBlackTree_Tree_Type.t_tree k v) (accu : Map.map deep_model_ty0 (Core_Option_Option_Type.t_option v)) (k : deep_model_ty0) : () = @@ -11111,8 +11111,8 @@ module RedBlackTree_Impl15_GetMut var _0 : Core_Option_Option_Type.t_option (borrowed v); var self : borrowed (RedBlackTree_Tree_Type.t_tree k v) = self; var key : k = key; - var _7 : Ghost.ghost_ty (); - var old_self : Ghost.ghost_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)); + var _7 : Snapshot.snap_ty (); + var old_self : Snapshot.snap_ty (borrowed (RedBlackTree_Tree_Type.t_tree k v)); var tree : borrowed (RedBlackTree_Tree_Type.t_tree k v); var _22 : (); var _23 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -11129,12 +11129,12 @@ module RedBlackTree_Impl15_GetMut goto BB0 } BB0 { - [#"../red_black_tree.rs" 845 8 845 39] _7 <- ([#"../red_black_tree.rs" 845 8 845 39] Ghost.new ()); + [#"../red_black_tree.rs" 845 8 845 45] _7 <- ([#"../red_black_tree.rs" 845 8 845 45] Snapshot.new ()); goto BB1 } BB1 { assume { resolve0 _7 }; - [#"../red_black_tree.rs" 847 23 847 35] old_self <- ([#"../red_black_tree.rs" 847 23 847 35] Ghost.new self); + [#"../red_black_tree.rs" 847 23 847 41] old_self <- ([#"../red_black_tree.rs" 847 23 847 41] Snapshot.new self); goto BB2 } BB2 { @@ -11148,12 +11148,12 @@ module RedBlackTree_Impl15_GetMut invariant { [#"../red_black_tree.rs" 850 20 850 43] bst_invariant0 ( * tree) }; invariant { [#"../red_black_tree.rs" 851 20 851 46] height_invariant0 ( * tree) }; invariant { [#"../red_black_tree.rs" 852 20 852 45] color_invariant0 ( * tree) }; - invariant { [#"../red_black_tree.rs" 850 8 850 45] forall v : v . inv1 v -> has_mapping0 ( ^ tree) (deep_model0 key) v = has_mapping0 ( ^ Ghost.inner old_self) (deep_model0 key) v }; - invariant { [#"../red_black_tree.rs" 850 8 850 45] forall v : v . inv1 v -> has_mapping0 ( * tree) (deep_model0 key) v = has_mapping0 ( * Ghost.inner old_self) (deep_model0 key) v }; - invariant { [#"../red_black_tree.rs" 850 8 850 45] (forall v : v . forall k : deep_model_ty0 . inv1 v -> inv2 k -> k = deep_model0 key \/ has_mapping0 ( * tree) k v = has_mapping0 ( ^ tree) k v) -> bst_invariant0 ( ^ tree) -> bst_invariant0 ( ^ Ghost.inner old_self) }; - invariant { [#"../red_black_tree.rs" 850 8 850 45] height0 ( * tree) = height0 ( ^ tree) /\ height_invariant0 ( ^ tree) -> height_invariant0 ( ^ Ghost.inner old_self) }; - invariant { [#"../red_black_tree.rs" 850 8 850 45] match_t0 (RedBlackTree_Cp_Type.C_CPL (color0 ( * tree))) ( ^ tree) -> match_t0 (RedBlackTree_Cp_Type.C_CPL (RedBlackTree_Color_Type.C_Black)) ( ^ Ghost.inner old_self) }; - invariant { [#"../red_black_tree.rs" 850 8 850 45] forall v : v . forall k : deep_model_ty0 . inv1 v -> inv2 k -> has_mapping0 ( * tree) k v = has_mapping0 ( ^ tree) k v -> has_mapping0 ( * Ghost.inner old_self) k v = has_mapping0 ( ^ Ghost.inner old_self) k v }; + invariant { [#"../red_black_tree.rs" 850 8 850 45] forall v : v . inv1 v -> has_mapping0 ( ^ tree) (deep_model0 key) v = has_mapping0 ( ^ Snapshot.inner old_self) (deep_model0 key) v }; + invariant { [#"../red_black_tree.rs" 850 8 850 45] forall v : v . inv1 v -> has_mapping0 ( * tree) (deep_model0 key) v = has_mapping0 ( * Snapshot.inner old_self) (deep_model0 key) v }; + invariant { [#"../red_black_tree.rs" 850 8 850 45] (forall v : v . forall k : deep_model_ty0 . inv1 v -> inv2 k -> k = deep_model0 key \/ has_mapping0 ( * tree) k v = has_mapping0 ( ^ tree) k v) -> bst_invariant0 ( ^ tree) -> bst_invariant0 ( ^ Snapshot.inner old_self) }; + invariant { [#"../red_black_tree.rs" 850 8 850 45] height0 ( * tree) = height0 ( ^ tree) /\ height_invariant0 ( ^ tree) -> height_invariant0 ( ^ Snapshot.inner old_self) }; + invariant { [#"../red_black_tree.rs" 850 8 850 45] match_t0 (RedBlackTree_Cp_Type.C_CPL (color0 ( * tree))) ( ^ tree) -> match_t0 (RedBlackTree_Cp_Type.C_CPL (RedBlackTree_Color_Type.C_Black)) ( ^ Snapshot.inner old_self) }; + invariant { [#"../red_black_tree.rs" 850 8 850 45] forall v : v . forall k : deep_model_ty0 . inv1 v -> inv2 k -> has_mapping0 ( * tree) k v = has_mapping0 ( ^ tree) k v -> has_mapping0 ( * Snapshot.inner old_self) k v = has_mapping0 ( ^ Snapshot.inner old_self) k v }; goto BB4 } BB4 { diff --git a/creusot/tests/should_succeed/red_black_tree.rs b/creusot/tests/should_succeed/red_black_tree.rs index cf67597fd2..9fb3f15fd7 100644 --- a/creusot/tests/should_succeed/red_black_tree.rs +++ b/creusot/tests/should_succeed/red_black_tree.rs @@ -45,7 +45,7 @@ impl Tree { } } - #[ghost] + #[logic] fn model_acc( self, accu: ::ShallowModelTy, @@ -62,7 +62,7 @@ impl Tree { } } - #[ghost] + #[logic] #[ensures(self.model_acc(accu).get(k) == accu.get(k) || exists self.model_acc(accu).get(k) == Some(v) && self.has_mapping(k, v))] fn model_acc_has_mapping( @@ -83,7 +83,7 @@ impl Tree { } } - #[ghost] + #[logic] #[requires(self.bst_invariant())] #[ensures(forall self.has_mapping(k, v) ==> self.model_acc(accu).get(k) == Some(v))] fn has_mapping_model_acc(self, accu: ::ShallowModelTy, k: K::DeepModelTy) @@ -104,7 +104,7 @@ impl Tree { } } - #[ghost] + #[logic] #[requires(self.bst_invariant())] #[ensures(forall self.has_mapping(k, v) == (self@.get(k) == Some(v)))] fn has_mapping_model(self, k: K::DeepModelTy) @@ -117,7 +117,7 @@ impl Tree { } } } - #[ghost] + #[logic] #[requires(self.bst_invariant())] #[requires(self.has_mapping(k, v1))] #[requires(self.has_mapping(k, v2))] @@ -155,7 +155,7 @@ impl Node { impl ShallowModel for Node { type ShallowModelTy = Mapping>; - #[ghost] + #[logic] #[open(self)] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { @@ -167,7 +167,7 @@ impl ShallowModel for Node { impl ShallowModel for Tree { type ShallowModelTy = Mapping>; - #[ghost] + #[logic] #[open(self)] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { self.model_acc(Mapping::cst(None)) } @@ -222,7 +222,7 @@ enum CP { } use CP::*; -#[ghost] +#[logic] fn cpn(c: Color, l: CP, r: CP) -> CP { pearlite! { CPN(c, Box::new(l), Box::new(r)) } } @@ -252,7 +252,7 @@ impl CP { } impl Tree { - #[ghost] + #[logic] fn color(self) -> Color { pearlite! { match self.node { @@ -291,7 +291,7 @@ impl Node { /***************************** The height invariant *************************/ impl Tree { - #[ghost] + #[logic] #[ensures(result >= 0)] fn height(self) -> Int { pearlite! { @@ -322,7 +322,7 @@ impl Tree { } impl Node { - #[ghost] + #[logic] #[ensures(forall>> self == *node ==> result == Tree{ node: Some(node) }.height())] fn height(self) -> Int { @@ -410,7 +410,7 @@ where ((^self).left, r.left, r.right) == (l.left, l.right, (*self).right) && r.key == (*self).key)] fn rotate_right(&mut self) { - let old_self = gh! { self }; + let old_self = snapshot! { self }; // self // / \ @@ -460,7 +460,7 @@ where (l.left, l.right, (^self).right) == ((*self).left, r.left, r.right) && l.key == (*self).key)] fn rotate_left(&mut self) { - let old_self = gh! { self }; + let old_self = snapshot! { self }; let mut x = std::mem::take(&mut self.right.node).unwrap(); std::mem::swap(&mut self.right, &mut x.left); std::mem::swap(self, &mut x); @@ -626,7 +626,7 @@ where pub fn insert(&mut self, key: K, val: V) { self.insert_rec(key, val); self.node.as_mut().unwrap().color = Black; - gh! { Self::has_mapping_model }; + snapshot! { Self::has_mapping_model }; } #[requires((*self).internal_invariant())] @@ -665,7 +665,7 @@ where (^self)@ == self@.set(k.deep_model(), None), None => (^self)@ == self@ && self@ == Mapping::cst(None)})] pub fn delete_max(&mut self) -> Option<(K, V)> { - let old_self = gh! { self }; + let old_self = snapshot! { self }; if let Some(node) = &mut self.node { if !node.left.is_red() { node.color = Red; @@ -678,7 +678,7 @@ where if self.is_red() { self.node.as_mut().unwrap().color = Black; } - gh! { Self::has_mapping_model }; + snapshot! { Self::has_mapping_model }; Some(r) } @@ -717,7 +717,7 @@ where None => (^self)@ == self@ && self@ == Mapping::cst(None) })] pub fn delete_min(&mut self) -> Option<(K, V)> { - gh! { Self::has_mapping_model }; + snapshot! { Self::has_mapping_model }; if let Some(node) = &mut self.node { if !node.left.is_red() { @@ -775,7 +775,7 @@ where } if let Equal = ord { let mut kv = node.right.delete_min_rec(); - gh! { Self::has_mapping_inj }; + snapshot! { Self::has_mapping_inj }; std::mem::swap(&mut node.key, &mut kv.0); std::mem::swap(&mut node.val, &mut kv.1); r = Some(kv) @@ -798,7 +798,7 @@ where })] #[ensures((^self)@ == self@.set(key.deep_model(), None))] pub fn delete(&mut self, key: &K) -> Option<(K, V)> { - gh! { Self::has_mapping_model }; + snapshot! { Self::has_mapping_model }; if let Some(node) = &mut self.node { if !node.left.is_red() { @@ -820,7 +820,7 @@ where None => self@.get(key.deep_model()) == None })] pub fn get(&self, key: &K) -> Option<&V> { - gh! { Self::has_mapping_model }; + snapshot! { Self::has_mapping_model }; let mut tree = self; #[invariant((*tree).bst_invariant())] @@ -842,9 +842,9 @@ where None => self@.get(key.deep_model()) == None && (^self)@ == self@ })] pub fn get_mut(&mut self, key: &K) -> Option<&mut V> { - gh! { Self::has_mapping_model }; + snapshot! { Self::has_mapping_model }; - let old_self = gh! { self }; + let old_self = snapshot! { self }; let mut tree = self; #[invariant((*tree).bst_invariant())] diff --git a/creusot/tests/should_succeed/result/own.rs b/creusot/tests/should_succeed/result/own.rs index 9d3b333910..a4ca0bf952 100644 --- a/creusot/tests/should_succeed/result/own.rs +++ b/creusot/tests/should_succeed/result/own.rs @@ -11,7 +11,7 @@ pub enum OwnResult { #[trusted] impl Resolve for OwnResult { #[open] - #[predicate] + #[predicate(prophetic)] fn resolve(self) -> bool { match self { OwnResult::Ok(t) => t.resolve(), diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg index 450906744d..adeffc0c7b 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg @@ -167,7 +167,7 @@ module IncMaxRepeat_IncMaxRepeat ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_Range_Type.t_range uint32 . inv0 x = true - use prelude.Ghost + use prelude.Snapshot predicate resolve1 (self : borrowed uint32) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve1 (self : borrowed uint32) : bool @@ -199,11 +199,11 @@ module IncMaxRepeat_IncMaxRepeat end } ensures { inv2 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range uint32) (res : Core_Ops_Range_Range_Type.t_range uint32) = @@ -231,13 +231,13 @@ module IncMaxRepeat_IncMaxRepeat var b : uint32 = b; var n : uint32 = n; var iter : Core_Ops_Range_Range_Type.t_range uint32; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range uint32); - var produced : Ghost.ghost_ty (Seq.seq uint32); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range uint32); + var produced : Snapshot.snap_ty (Seq.seq uint32); var _18 : Core_Option_Option_Type.t_option uint32; var _19 : borrowed (Core_Ops_Range_Range_Type.t_range uint32); var _20 : borrowed (Core_Ops_Range_Range_Type.t_range uint32); var __creusot_proc_iter_elem : uint32; - var _23 : Ghost.ghost_ty (Seq.seq uint32); + var _23 : Snapshot.snap_ty (Seq.seq uint32); var mc : borrowed uint32; var _26 : borrowed uint32; var _27 : borrowed uint32; @@ -251,11 +251,11 @@ module IncMaxRepeat_IncMaxRepeat goto BB1 } BB1 { - [#"../inc_max_repeat.rs" 16 4 16 86] iter_old <- ([#"../inc_max_repeat.rs" 16 4 16 86] Ghost.new iter); + [#"../inc_max_repeat.rs" 16 4 16 86] iter_old <- ([#"../inc_max_repeat.rs" 16 4 16 86] Snapshot.new iter); goto BB2 } BB2 { - [#"../inc_max_repeat.rs" 16 4 16 86] produced <- ([#"../inc_max_repeat.rs" 16 4 16 86] Ghost.new (Seq.empty )); + [#"../inc_max_repeat.rs" 16 4 16 86] produced <- ([#"../inc_max_repeat.rs" 16 4 16 86] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -263,9 +263,9 @@ module IncMaxRepeat_IncMaxRepeat } BB4 { invariant { [#"../inc_max_repeat.rs" 16 4 16 86] inv0 iter }; - invariant { [#"../inc_max_repeat.rs" 16 4 16 86] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../inc_max_repeat.rs" 16 16 16 84] UInt32.to_int a <= 1000000 + Seq.length (Ghost.inner produced) /\ UInt32.to_int b <= 1000000 + Seq.length (Ghost.inner produced) }; - invariant { [#"../inc_max_repeat.rs" 17 16 17 70] UInt32.to_int a >= UInt32.to_int b + Seq.length (Ghost.inner produced) \/ UInt32.to_int b >= UInt32.to_int a + Seq.length (Ghost.inner produced) }; + invariant { [#"../inc_max_repeat.rs" 16 4 16 86] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../inc_max_repeat.rs" 16 16 16 84] UInt32.to_int a <= 1000000 + Seq.length (Snapshot.inner produced) /\ UInt32.to_int b <= 1000000 + Seq.length (Snapshot.inner produced) }; + invariant { [#"../inc_max_repeat.rs" 17 16 17 70] UInt32.to_int a >= UInt32.to_int b + Seq.length (Snapshot.inner produced) \/ UInt32.to_int b >= UInt32.to_int a + Seq.length (Snapshot.inner produced) }; goto BB5 } BB5 { @@ -298,13 +298,13 @@ module IncMaxRepeat_IncMaxRepeat absurd } BB10 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _18); - [#"../inc_max_repeat.rs" 16 4 16 86] _23 <- ([#"../inc_max_repeat.rs" 16 4 16 86] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _18); + [#"../inc_max_repeat.rs" 16 4 16 86] _23 <- ([#"../inc_max_repeat.rs" 16 4 16 86] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB11 } BB11 { [#"../inc_max_repeat.rs" 16 4 16 86] produced <- ([#"../inc_max_repeat.rs" 16 4 16 86] _23); - [#"../inc_max_repeat.rs" 16 4 16 86] _23 <- any Ghost.ghost_ty (Seq.seq uint32); + [#"../inc_max_repeat.rs" 16 4 16 86] _23 <- any Snapshot.snap_ty (Seq.seq uint32); [#"../inc_max_repeat.rs" 19 26 19 32] _27 <- Borrow.borrow_mut a; [#"../inc_max_repeat.rs" 19 26 19 32] a <- ^ _27; [#"../inc_max_repeat.rs" 19 26 19 32] _26 <- Borrow.borrow_final ( * _27) (Borrow.get_id _27); diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_list.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_some_2_list.mlcfg index 8a31fb3c75..cec949ebd3 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_2_list.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_some_2_list.mlcfg @@ -120,7 +120,7 @@ module IncSome2List_Impl0_TakeSomeRest val sum0 [#"../inc_some_2_list.rs" 21 4 21 23] (self : IncSome2List_List_Type.t_list) : int ensures { result = sum0 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (IncSome2List_List_Type.t_list)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (IncSome2List_List_Type.t_list)) : bool @@ -137,7 +137,7 @@ module IncSome2List_Impl0_TakeSomeRest ensures { result = resolve0 self } val random0 [#"../inc_some_2_list.rs" 15 0 15 19] (_1 : ()) : bool - use prelude.Ghost + use prelude.Snapshot function lemma_sum_nonneg0 [#"../inc_some_2_list.rs" 34 4 34 30] (self : IncSome2List_List_Type.t_list) : () axiom lemma_sum_nonneg0_def : forall self : IncSome2List_List_Type.t_list . lemma_sum_nonneg0 self = ([#"../inc_some_2_list.rs" 35 8 38 9] match self with | IncSome2List_List_Type.C_Cons _ l -> lemma_sum_nonneg0 l @@ -157,7 +157,7 @@ module IncSome2List_Impl0_TakeSomeRest var self : borrowed (IncSome2List_List_Type.t_list) = self; var ma : borrowed uint32; var ml : borrowed (IncSome2List_List_Type.t_list); - var _8 : Ghost.ghost_ty (); + var _8 : Snapshot.snap_ty (); var _10 : bool; var _11 : borrowed uint32; var _12 : borrowed (IncSome2List_List_Type.t_list); @@ -188,7 +188,7 @@ module IncSome2List_Impl0_TakeSomeRest [#"../inc_some_2_list.rs" 56 17 56 19] self <- { self with current = (let IncSome2List_List_Type.C_Cons x0 x1 = * self in IncSome2List_List_Type.C_Cons ( ^ ma) x1) ; }; [#"../inc_some_2_list.rs" 56 21 56 23] ml <- Borrow.borrow_final (IncSome2List_List_Type.cons_1 ( * self)) (Borrow.inherit_id (Borrow.get_id self) 2); [#"../inc_some_2_list.rs" 56 21 56 23] self <- { self with current = (let IncSome2List_List_Type.C_Cons x0 x1 = * self in IncSome2List_List_Type.C_Cons x0 ( ^ ml)) ; }; - [#"../inc_some_2_list.rs" 57 16 57 45] _8 <- ([#"../inc_some_2_list.rs" 57 16 57 45] Ghost.new (lemma_sum_nonneg0 ( * ml))); + [#"../inc_some_2_list.rs" 57 16 57 51] _8 <- ([#"../inc_some_2_list.rs" 57 16 57 51] Snapshot.new (lemma_sum_nonneg0 ( * ml))); goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_list.rs b/creusot/tests/should_succeed/rusthorn/inc_some_2_list.rs index 9b6c99adf9..e440b224d1 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_2_list.rs +++ b/creusot/tests/should_succeed/rusthorn/inc_some_2_list.rs @@ -17,7 +17,7 @@ fn random() -> bool { } impl List { - #[ghost] + #[logic] fn sum(self) -> Int { pearlite! { match self { @@ -28,7 +28,7 @@ impl List { } // TODO: Make this ghost - #[ghost] + #[logic] #[variant(*self)] #[ensures(self.sum() >= 0)] fn lemma_sum_nonneg(&self) { @@ -54,7 +54,7 @@ impl List { fn take_some_rest(&mut self) -> (&mut u32, &mut List) { match self { Cons(ma, ml) => { - gh! { ml.lemma_sum_nonneg() }; + snapshot! { ml.lemma_sum_nonneg() }; if random() { (ma, ml) } else { diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.rs b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.rs index 3074f94c8f..059d409e9e 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.rs +++ b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.rs @@ -17,7 +17,7 @@ fn random() -> bool { } impl Tree { - #[ghost] + #[logic] fn sum(self) -> Int { pearlite! { match self { @@ -27,7 +27,7 @@ impl Tree { } } - #[ghost] + #[logic] #[variant(*self)] #[ensures(self.sum() >= 0)] fn lemma_sum_nonneg(&self) { diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_list.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_some_list.mlcfg index 6ec52c1e83..e1d6374a94 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_list.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_some_list.mlcfg @@ -120,7 +120,7 @@ module IncSomeList_Impl0_TakeSome val sum0 [#"../inc_some_list.rs" 21 4 21 23] (self : IncSomeList_List_Type.t_list) : int ensures { result = sum0 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (IncSomeList_List_Type.t_list)) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (IncSomeList_List_Type.t_list)) : bool @@ -137,7 +137,7 @@ module IncSomeList_Impl0_TakeSome ensures { result = resolve0 self } val random0 [#"../inc_some_list.rs" 15 0 15 19] (_1 : ()) : bool - use prelude.Ghost + use prelude.Snapshot function lemma_sum_nonneg0 [#"../inc_some_list.rs" 33 4 33 30] (self : IncSomeList_List_Type.t_list) : () axiom lemma_sum_nonneg0_def : forall self : IncSomeList_List_Type.t_list . lemma_sum_nonneg0 self = ([#"../inc_some_list.rs" 34 8 37 9] match self with | IncSomeList_List_Type.C_Cons _ l -> lemma_sum_nonneg0 l @@ -159,7 +159,7 @@ module IncSomeList_Impl0_TakeSome var ma : borrowed uint32; var ml : borrowed (IncSomeList_List_Type.t_list); var _9 : borrowed uint32; - var _10 : Ghost.ghost_ty (); + var _10 : Snapshot.snap_ty (); var _12 : borrowed uint32; var _13 : bool; var _14 : borrowed uint32; @@ -191,7 +191,7 @@ module IncSomeList_Impl0_TakeSome [#"../inc_some_list.rs" 53 17 53 19] self <- { self with current = (let IncSomeList_List_Type.C_Cons x0 x1 = * self in IncSomeList_List_Type.C_Cons ( ^ ma) x1) ; }; [#"../inc_some_list.rs" 53 21 53 23] ml <- Borrow.borrow_final (IncSomeList_List_Type.cons_1 ( * self)) (Borrow.inherit_id (Borrow.get_id self) 2); [#"../inc_some_list.rs" 53 21 53 23] self <- { self with current = (let IncSomeList_List_Type.C_Cons x0 x1 = * self in IncSomeList_List_Type.C_Cons x0 ( ^ ml)) ; }; - [#"../inc_some_list.rs" 54 16 54 45] _10 <- ([#"../inc_some_list.rs" 54 16 54 45] Ghost.new (lemma_sum_nonneg0 ( * ml))); + [#"../inc_some_list.rs" 54 16 54 51] _10 <- ([#"../inc_some_list.rs" 54 16 54 51] Snapshot.new (lemma_sum_nonneg0 ( * ml))); goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_list.rs b/creusot/tests/should_succeed/rusthorn/inc_some_list.rs index 5f865b043f..36a4b51e37 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_list.rs +++ b/creusot/tests/should_succeed/rusthorn/inc_some_list.rs @@ -17,7 +17,7 @@ fn random() -> bool { } impl List { - #[ghost] + #[logic] fn sum(self) -> Int { pearlite! { match self { @@ -27,7 +27,7 @@ impl List { } } - #[ghost] + #[logic] #[variant(*self)] #[ensures(self.sum() >= 0)] fn lemma_sum_nonneg(&self) { @@ -51,7 +51,7 @@ impl List { fn take_some(&mut self) -> &mut u32 { match self { Cons(ma, ml) => { - gh! { ml.lemma_sum_nonneg() }; + snapshot! { ml.lemma_sum_nonneg() }; if random() { ma } else { diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_tree.rs b/creusot/tests/should_succeed/rusthorn/inc_some_tree.rs index ece870a132..908c02e973 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_tree.rs +++ b/creusot/tests/should_succeed/rusthorn/inc_some_tree.rs @@ -17,7 +17,7 @@ fn random() -> bool { } impl Tree { - #[ghost] + #[logic] fn sum(self) -> Int { pearlite! { match self { @@ -27,7 +27,7 @@ impl Tree { } } - #[ghost] + #[logic] #[variant(*self)] #[ensures(self.sum() >= 0)] fn lemma_sum_nonneg(&self) { diff --git a/creusot/tests/should_succeed/selection_sort_generic.mlcfg b/creusot/tests/should_succeed/selection_sort_generic.mlcfg index 4b2adbf524..bc06c2fc5f 100644 --- a/creusot/tests/should_succeed/selection_sort_generic.mlcfg +++ b/creusot/tests/should_succeed/selection_sort_generic.mlcfg @@ -348,17 +348,17 @@ module SelectionSortGeneric_SelectionSort ensures { result = invariant1 self } axiom inv1 : forall x : Core_Ops_Range_Range_Type.t_range usize . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true use seq.Seq predicate sorted_range0 [#"../selection_sort_generic.rs" 10 0 10 63] (s : Seq.seq deep_model_ty0) (l : int) (u : int) = @@ -491,7 +491,7 @@ module SelectionSortGeneric_SelectionSort val partition0 [#"../selection_sort_generic.rs" 24 0 24 52] (v : Seq.seq deep_model_ty0) (i : int) : bool ensures { result = partition0 v i } - use prelude.Ghost + use prelude.Snapshot function deep_model0 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq deep_model_ty0 = @@ -511,18 +511,18 @@ module SelectionSortGeneric_SelectionSort val shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model5 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model5 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model5 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model1 self } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -545,11 +545,12 @@ module SelectionSortGeneric_SelectionSort requires {inv7 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model4 self) } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg selection_sort [#"../selection_sort_generic.rs" 30 0 32 29] [@cfg:stackify] [@cfg:subregion_analysis] (v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : () requires {[#"../selection_sort_generic.rs" 30 42 30 43] inv6 v} ensures { [#"../selection_sort_generic.rs" 28 10 28 35] sorted0 (deep_model1 ( ^ v)) } @@ -558,28 +559,28 @@ module SelectionSortGeneric_SelectionSort = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = v; - var old_v : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var iter : Core_Ops_Range_Range_Type.t_range usize; var _8 : usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _19 : (); var _20 : Core_Option_Option_Type.t_option usize; var _21 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _22 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _25 : Ghost.ghost_ty (Seq.seq usize); + var _25 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var min : usize; var iter1 : Core_Ops_Range_Range_Type.t_range usize; var _34 : usize; - var iter_old1 : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced1 : Ghost.ghost_ty (Seq.seq usize); + var iter_old1 : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced1 : Snapshot.snap_ty (Seq.seq usize); var _44 : Core_Option_Option_Type.t_option usize; var _45 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _46 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem1 : usize; - var _49 : Ghost.ghost_ty (Seq.seq usize); + var _49 : Snapshot.snap_ty (Seq.seq usize); var j : usize; var _52 : bool; var _54 : t; @@ -592,7 +593,7 @@ module SelectionSortGeneric_SelectionSort goto BB0 } BB0 { - [#"../selection_sort_generic.rs" 34 16 34 25] old_v <- ([#"../selection_sort_generic.rs" 34 16 34 25] Ghost.new v); + [#"../selection_sort_generic.rs" 34 16 34 31] old_v <- ([#"../selection_sort_generic.rs" 34 16 34 31] Snapshot.new v); goto BB1 } BB1 { @@ -607,11 +608,11 @@ module SelectionSortGeneric_SelectionSort goto BB3 } BB3 { - [#"../selection_sort_generic.rs" 35 4 35 43] iter_old <- ([#"../selection_sort_generic.rs" 35 4 35 43] Ghost.new iter); + [#"../selection_sort_generic.rs" 35 4 35 43] iter_old <- ([#"../selection_sort_generic.rs" 35 4 35 43] Snapshot.new iter); goto BB4 } BB4 { - [#"../selection_sort_generic.rs" 35 4 35 43] produced <- ([#"../selection_sort_generic.rs" 35 4 35 43] Ghost.new (Seq.empty )); + [#"../selection_sort_generic.rs" 35 4 35 43] produced <- ([#"../selection_sort_generic.rs" 35 4 35 43] Snapshot.new (Seq.empty )); goto BB5 } BB5 { @@ -619,10 +620,10 @@ module SelectionSortGeneric_SelectionSort } BB6 { invariant { [#"../selection_sort_generic.rs" 35 4 35 43] inv1 iter }; - invariant { [#"../selection_sort_generic.rs" 35 4 35 43] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../selection_sort_generic.rs" 35 4 35 43] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../selection_sort_generic.rs" 35 4 35 43] permutation_of0 (shallow_model0 v) (shallow_model1 old_v) }; - invariant { [#"../selection_sort_generic.rs" 36 16 36 63] sorted_range0 (deep_model0 v) 0 (Seq.length (Ghost.inner produced)) }; - invariant { [#"../selection_sort_generic.rs" 37 16 37 57] partition0 (deep_model0 v) (Seq.length (Ghost.inner produced)) }; + invariant { [#"../selection_sort_generic.rs" 36 16 36 63] sorted_range0 (deep_model0 v) 0 (Seq.length (Snapshot.inner produced)) }; + invariant { [#"../selection_sort_generic.rs" 37 16 37 57] partition0 (deep_model0 v) (Seq.length (Snapshot.inner produced)) }; goto BB7 } BB7 { @@ -655,14 +656,14 @@ module SelectionSortGeneric_SelectionSort absurd } BB12 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _20); - [#"../selection_sort_generic.rs" 35 4 35 43] _25 <- ([#"../selection_sort_generic.rs" 35 4 35 43] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _20); + [#"../selection_sort_generic.rs" 35 4 35 43] _25 <- ([#"../selection_sort_generic.rs" 35 4 35 43] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB13 } BB13 { [#"../selection_sort_generic.rs" 35 4 35 43] produced <- ([#"../selection_sort_generic.rs" 35 4 35 43] _25); - [#"../selection_sort_generic.rs" 35 4 35 43] _25 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../selection_sort_generic.rs" 35 4 35 43] _25 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../selection_sort_generic.rs" 39 22 39 23] min <- ([#"../selection_sort_generic.rs" 39 22 39 23] i); [#"../selection_sort_generic.rs" 43 26 43 33] _34 <- ([#"../selection_sort_generic.rs" 43 26 43 33] len0 ([#"../selection_sort_generic.rs" 43 26 43 27] * v)); goto BB14 @@ -673,11 +674,11 @@ module SelectionSortGeneric_SelectionSort goto BB15 } BB15 { - [#"../selection_sort_generic.rs" 41 8 41 121] iter_old1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] Ghost.new iter1); + [#"../selection_sort_generic.rs" 41 8 41 121] iter_old1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] Snapshot.new iter1); goto BB16 } BB16 { - [#"../selection_sort_generic.rs" 41 8 41 121] produced1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] Ghost.new (Seq.empty )); + [#"../selection_sort_generic.rs" 41 8 41 121] produced1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] Snapshot.new (Seq.empty )); goto BB17 } BB17 { @@ -685,9 +686,9 @@ module SelectionSortGeneric_SelectionSort } BB18 { invariant { [#"../selection_sort_generic.rs" 41 8 41 121] inv1 iter1 }; - invariant { [#"../selection_sort_generic.rs" 41 8 41 121] produces0 (Ghost.inner iter_old1) (Ghost.inner produced1) iter1 }; - invariant { [#"../selection_sort_generic.rs" 41 8 41 121] forall k : int . UIntSize.to_int i <= k /\ k < Seq.length (Ghost.inner produced1) + UIntSize.to_int i + 1 -> le_log0 (Seq.get (deep_model0 v) (UIntSize.to_int min)) (Seq.get (deep_model0 v) k) }; - invariant { [#"../selection_sort_generic.rs" 42 20 42 64] UIntSize.to_int i <= UIntSize.to_int min /\ UIntSize.to_int min < Seq.length (Ghost.inner produced1) + UIntSize.to_int i + 1 }; + invariant { [#"../selection_sort_generic.rs" 41 8 41 121] produces0 (Snapshot.inner iter_old1) (Snapshot.inner produced1) iter1 }; + invariant { [#"../selection_sort_generic.rs" 41 8 41 121] forall k : int . UIntSize.to_int i <= k /\ k < Seq.length (Snapshot.inner produced1) + UIntSize.to_int i + 1 -> le_log0 (Seq.get (deep_model0 v) (UIntSize.to_int min)) (Seq.get (deep_model0 v) k) }; + invariant { [#"../selection_sort_generic.rs" 42 20 42 64] UIntSize.to_int i <= UIntSize.to_int min /\ UIntSize.to_int min < Seq.length (Snapshot.inner produced1) + UIntSize.to_int i + 1 }; goto BB19 } BB19 { @@ -718,14 +719,14 @@ module SelectionSortGeneric_SelectionSort goto BB23 } BB23 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1 <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _44); - [#"../selection_sort_generic.rs" 41 8 41 121] _49 <- ([#"../selection_sort_generic.rs" 41 8 41 121] Ghost.new (Seq.(++) (Ghost.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1 <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _44); + [#"../selection_sort_generic.rs" 41 8 41 121] _49 <- ([#"../selection_sort_generic.rs" 41 8 41 121] Snapshot.new (Seq.(++) (Snapshot.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); goto BB24 } BB24 { [#"../selection_sort_generic.rs" 41 8 41 121] produced1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] _49); - [#"../selection_sort_generic.rs" 41 8 41 121] _49 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] j <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1); + [#"../selection_sort_generic.rs" 41 8 41 121] _49 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] j <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); [#"../selection_sort_generic.rs" 44 16 44 19] _54 <- ([#"../selection_sort_generic.rs" 44 16 44 19] index0 ([#"../selection_sort_generic.rs" 44 15 44 16] * v) ([#"../selection_sort_generic.rs" 44 17 44 18] j)); goto BB25 } @@ -770,7 +771,7 @@ module SelectionSortGeneric_SelectionSort BB32 { assert { [@expl:type invariant] inv5 _65 }; assume { resolve3 _65 }; - assert { [@expl:assertion] [#"../selection_sort_generic.rs" 49 8 50 63] let i = Seq.length (Ghost.inner produced) in forall k2 : int . forall k1 : int . 0 <= k1 /\ k1 < i /\ i <= k2 /\ k2 < Seq.length (deep_model0 v) -> le_log0 (Seq.get (deep_model0 v) k1) (Seq.get (deep_model0 v) k2) }; + assert { [@expl:assertion] [#"../selection_sort_generic.rs" 49 8 50 63] let i = Seq.length (Snapshot.inner produced) in forall k2 : int . forall k1 : int . 0 <= k1 /\ k1 < i /\ i <= k2 /\ k2 < Seq.length (deep_model0 v) -> le_log0 (Seq.get (deep_model0 v) k1) (Seq.get (deep_model0 v) k2) }; [#"../selection_sort_generic.rs" 38 24 51 5] _19 <- ([#"../selection_sort_generic.rs" 38 24 51 5] ()); goto BB6 } diff --git a/creusot/tests/should_succeed/selection_sort_generic.rs b/creusot/tests/should_succeed/selection_sort_generic.rs index 6beb8d5349..47a92baa7d 100644 --- a/creusot/tests/should_succeed/selection_sort_generic.rs +++ b/creusot/tests/should_succeed/selection_sort_generic.rs @@ -31,7 +31,7 @@ pub fn selection_sort(v: &mut Vec) where T::DeepModelTy: OrdLogic, { - let old_v = gh! { v }; + let old_v = snapshot! { v }; #[invariant(v@.permutation_of(old_v@))] #[invariant(sorted_range(v.deep_model(), 0, produced.len()))] #[invariant(partition(v.deep_model(), produced.len()))] diff --git a/creusot/tests/should_succeed/sparse_array.mlcfg b/creusot/tests/should_succeed/sparse_array.mlcfg index f0ab87c15d..05784a95c2 100644 --- a/creusot/tests/should_succeed/sparse_array.mlcfg +++ b/creusot/tests/should_succeed/sparse_array.mlcfg @@ -729,7 +729,7 @@ module SparseArray_Impl2_Set val shallow_model1 (self : borrowed (SparseArray_Sparse_Type.t_sparse t)) : Seq.seq (Core_Option_Option_Type.t_option t) ensures { result = shallow_model1 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve4 (self : borrowed (SparseArray_Sparse_Type.t_sparse t)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve4 (self : borrowed (SparseArray_Sparse_Type.t_sparse t)) : bool @@ -773,11 +773,11 @@ module SparseArray_Impl2_Set ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 136 26 136 55] Seq.length (shallow_model7 ( ^ self)) = Seq.length (shallow_model6 self) } ensures { inv10 result } - predicate resolve2 (self : Ghost.ghost_ty ()) - val resolve2 (self : Ghost.ghost_ty ()) : bool + predicate resolve2 (self : Snapshot.snap_ty ()) + val resolve2 (self : Snapshot.snap_ty ()) : bool ensures { result = resolve2 self } - use prelude.Ghost + use prelude.Snapshot function lemma_permutation0 [#"../sparse_array.rs" 104 4 104 38] (self : SparseArray_Sparse_Type.t_sparse t) (i : int) : () = @@ -859,7 +859,7 @@ module SparseArray_Impl2_Set var index : usize; var _13 : usize; var _21 : usize; - var _25 : Ghost.ghost_ty (); + var _25 : Snapshot.snap_ty (); var _30 : borrowed usize; var _31 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _34 : borrowed usize; @@ -924,7 +924,7 @@ module SparseArray_Impl2_Set goto BB12 } BB12 { - [#"../sparse_array.rs" 117 12 117 40] _25 <- ([#"../sparse_array.rs" 117 12 117 40] Ghost.new ()); + [#"../sparse_array.rs" 117 12 117 46] _25 <- ([#"../sparse_array.rs" 117 12 117 46] Snapshot.new ()); goto BB13 } BB13 { diff --git a/creusot/tests/should_succeed/sparse_array.rs b/creusot/tests/should_succeed/sparse_array.rs index cff884529a..20fd0adb32 100644 --- a/creusot/tests/should_succeed/sparse_array.rs +++ b/creusot/tests/should_succeed/sparse_array.rs @@ -33,7 +33,7 @@ pub struct Sparse { impl ShallowModel for Sparse { type ShallowModelTy = Seq>; - #[ghost] + #[logic] #[open(self)] fn shallow_model(self) -> Self::ShallowModelTy { pearlite! { @@ -68,7 +68,7 @@ impl Sparse { * (1) check that array `idx` maps `i` to a index `j` between 0 and `n` (excluded) * (2) check that `back[j]` is `i` */ - #[ghost] + #[logic] fn is_elt(&self, i: Int) -> bool { pearlite! { self.idx[i]@ < self.n@ && self.back[self.idx[i]@]@ == i @@ -97,7 +97,7 @@ impl Sparse { /* A key lemma to prove for safety of access in `set()` */ - #[ghost] + #[logic] #[requires(self.n == self.size)] #[requires(0 <= i && i < self.size@)] #[ensures(self.is_elt(i))] @@ -114,7 +114,7 @@ impl Sparse { let index = self.idx[i]; if !(index < self.n && self.back[index] == i) { // the hard assertion! - gh!(Self::lemma_permutation); + snapshot!(Self::lemma_permutation); proof_assert!(self.n@ < self.size@); // assert!(self.n < self.size); self.idx[i] = self.n; diff --git a/creusot/tests/should_succeed/specification/logic_call.rs b/creusot/tests/should_succeed/specification/logic_call.rs index 9d75253f5d..db19f7db1f 100644 --- a/creusot/tests/should_succeed/specification/logic_call.rs +++ b/creusot/tests/should_succeed/specification/logic_call.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::*; -#[ghost] +#[logic] fn reflexive(x: T) -> bool { pearlite! { x == x } } diff --git a/creusot/tests/should_succeed/specification/logic_functions.rs b/creusot/tests/should_succeed/specification/logic_functions.rs index b0b2ae096d..553dcb2f8c 100644 --- a/creusot/tests/should_succeed/specification/logic_functions.rs +++ b/creusot/tests/should_succeed/specification/logic_functions.rs @@ -1,7 +1,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Int, *}; -#[ghost] +#[logic] fn logic() -> bool { true } @@ -10,7 +10,7 @@ fn logic() -> bool { pub fn use_logic() {} // When we want to use pearlite syntax, we use pearlite! macro -#[ghost] +#[logic] fn logic_pearlite() -> bool { pearlite! { 0 == 0 } } @@ -21,7 +21,7 @@ pub fn use_logic_pearlite() {} pub mod nested { use creusot_contracts::*; - #[ghost] + #[logic] #[open] pub fn nested() -> bool { true @@ -29,7 +29,7 @@ pub mod nested { } #[open] -#[ghost] +#[logic] pub fn arith(n: Int, b: bool) -> Int { if !b { -n + n - n * n @@ -39,7 +39,7 @@ pub fn arith(n: Int, b: bool) -> Int { } #[open] -#[ghost] +#[logic] pub fn deref_pat<'a>(o: &'a Option) -> Int { match o { Some(a) => *a, diff --git a/creusot/tests/should_succeed/specification/model.rs b/creusot/tests/should_succeed/specification/model.rs index 2f93c5f6d7..5407192a21 100644 --- a/creusot/tests/should_succeed/specification/model.rs +++ b/creusot/tests/should_succeed/specification/model.rs @@ -6,7 +6,7 @@ pub struct Seven(); impl ShallowModel for Seven { type ShallowModelTy = Int; - #[ghost] + #[logic] #[open] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { @@ -25,7 +25,7 @@ pub struct Pair(T, U); impl ShallowModel for Pair { type ShallowModelTy = (T, U); - #[ghost] + #[logic] #[open] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { diff --git a/creusot/tests/should_succeed/sum.mlcfg b/creusot/tests/should_succeed/sum.mlcfg index 535bf2c8e5..f2f32e7f16 100644 --- a/creusot/tests/should_succeed/sum.mlcfg +++ b/creusot/tests/should_succeed/sum.mlcfg @@ -145,7 +145,7 @@ module Sum_SumFirstN ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32 . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate resolve0 (self : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32)) = [#"../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -165,11 +165,11 @@ module Sum_SumFirstN end } ensures { inv3 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32) (res : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32) = @@ -206,13 +206,13 @@ module Sum_SumFirstN var sum : uint32; var iter : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32; var _7 : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32); - var produced : Ghost.ghost_ty (Seq.seq uint32); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32); + var produced : Snapshot.snap_ty (Seq.seq uint32); var _17 : Core_Option_Option_Type.t_option uint32; var _18 : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32); var _19 : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive uint32); var __creusot_proc_iter_elem : uint32; - var _22 : Ghost.ghost_ty (Seq.seq uint32); + var _22 : Snapshot.snap_ty (Seq.seq uint32); var i : uint32; { goto BB0 @@ -228,11 +228,11 @@ module Sum_SumFirstN goto BB2 } BB2 { - [#"../sum.rs" 8 4 8 67] iter_old <- ([#"../sum.rs" 8 4 8 67] Ghost.new iter); + [#"../sum.rs" 8 4 8 67] iter_old <- ([#"../sum.rs" 8 4 8 67] Snapshot.new iter); goto BB3 } BB3 { - [#"../sum.rs" 8 4 8 67] produced <- ([#"../sum.rs" 8 4 8 67] Ghost.new (Seq.empty )); + [#"../sum.rs" 8 4 8 67] produced <- ([#"../sum.rs" 8 4 8 67] Snapshot.new (Seq.empty )); goto BB4 } BB4 { @@ -240,8 +240,8 @@ module Sum_SumFirstN } BB5 { invariant { [#"../sum.rs" 8 4 8 67] inv0 iter }; - invariant { [#"../sum.rs" 8 4 8 67] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../sum.rs" 8 16 8 65] UInt32.to_int sum = div (Seq.length (Ghost.inner produced) * (Seq.length (Ghost.inner produced) + 1)) 2 }; + invariant { [#"../sum.rs" 8 4 8 67] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../sum.rs" 8 16 8 65] UInt32.to_int sum = div (Seq.length (Snapshot.inner produced) * (Seq.length (Snapshot.inner produced) + 1)) 2 }; goto BB6 } BB6 { @@ -272,14 +272,14 @@ module Sum_SumFirstN absurd } BB11 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); - [#"../sum.rs" 8 4 8 67] _22 <- ([#"../sum.rs" 8 4 8 67] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); + [#"../sum.rs" 8 4 8 67] _22 <- ([#"../sum.rs" 8 4 8 67] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB12 } BB12 { [#"../sum.rs" 8 4 8 67] produced <- ([#"../sum.rs" 8 4 8 67] _22); - [#"../sum.rs" 8 4 8 67] _22 <- any Ghost.ghost_ty (Seq.seq uint32); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../sum.rs" 8 4 8 67] _22 <- any Snapshot.snap_ty (Seq.seq uint32); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../sum.rs" 10 8 10 16] sum <- ([#"../sum.rs" 10 8 10 16] sum + ([#"../sum.rs" 10 15 10 16] i)); goto BB5 } diff --git a/creusot/tests/should_succeed/sum_of_odds.mlcfg b/creusot/tests/should_succeed/sum_of_odds.mlcfg index d1612b4d8f..06a4f1687d 100644 --- a/creusot/tests/should_succeed/sum_of_odds.mlcfg +++ b/creusot/tests/should_succeed/sum_of_odds.mlcfg @@ -139,7 +139,7 @@ module SumOfOdds_ComputeSumOfOdd ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_Range_Type.t_range uint32 . inv0 x = true - use prelude.Ghost + use prelude.Snapshot function sqr0 [#"../sum_of_odds.rs" 7 0 7 21] (x : int) : int = [#"../sum_of_odds.rs" 8 4 8 9] x * x val sqr0 [#"../sum_of_odds.rs" 7 0 7 21] (x : int) : int @@ -184,11 +184,11 @@ module SumOfOdds_ComputeSumOfOdd end } ensures { inv2 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range uint32) (res : Core_Ops_Range_Range_Type.t_range uint32) = @@ -216,13 +216,13 @@ module SumOfOdds_ComputeSumOfOdd var x : uint32 = x; var s : uint32; var iter : Core_Ops_Range_Range_Type.t_range uint32; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range uint32); - var produced : Ghost.ghost_ty (Seq.seq uint32); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range uint32); + var produced : Snapshot.snap_ty (Seq.seq uint32); var _18 : Core_Option_Option_Type.t_option uint32; var _19 : borrowed (Core_Ops_Range_Range_Type.t_range uint32); var _20 : borrowed (Core_Ops_Range_Range_Type.t_range uint32); var __creusot_proc_iter_elem : uint32; - var _23 : Ghost.ghost_ty (Seq.seq uint32); + var _23 : Snapshot.snap_ty (Seq.seq uint32); var i : uint32; { goto BB0 @@ -233,11 +233,11 @@ module SumOfOdds_ComputeSumOfOdd goto BB1 } BB1 { - [#"../sum_of_odds.rs" 38 4 38 50] iter_old <- ([#"../sum_of_odds.rs" 38 4 38 50] Ghost.new iter); + [#"../sum_of_odds.rs" 38 4 38 50] iter_old <- ([#"../sum_of_odds.rs" 38 4 38 50] Snapshot.new iter); goto BB2 } BB2 { - [#"../sum_of_odds.rs" 38 4 38 50] produced <- ([#"../sum_of_odds.rs" 38 4 38 50] Ghost.new (Seq.empty )); + [#"../sum_of_odds.rs" 38 4 38 50] produced <- ([#"../sum_of_odds.rs" 38 4 38 50] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -245,8 +245,8 @@ module SumOfOdds_ComputeSumOfOdd } BB4 { invariant { [#"../sum_of_odds.rs" 38 4 38 50] inv0 iter }; - invariant { [#"../sum_of_odds.rs" 38 4 38 50] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../sum_of_odds.rs" 38 16 38 48] UInt32.to_int s = sum_of_odd0 (Seq.length (Ghost.inner produced)) }; + invariant { [#"../sum_of_odds.rs" 38 4 38 50] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../sum_of_odds.rs" 38 16 38 48] UInt32.to_int s = sum_of_odd0 (Seq.length (Snapshot.inner produced)) }; goto BB5 } BB5 { @@ -277,14 +277,14 @@ module SumOfOdds_ComputeSumOfOdd absurd } BB10 { - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _18); - [#"../sum_of_odds.rs" 38 4 38 50] _23 <- ([#"../sum_of_odds.rs" 38 4 38 50] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _18); + [#"../sum_of_odds.rs" 38 4 38 50] _23 <- ([#"../sum_of_odds.rs" 38 4 38 50] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB11 } BB11 { [#"../sum_of_odds.rs" 38 4 38 50] produced <- ([#"../sum_of_odds.rs" 38 4 38 50] _23); - [#"../sum_of_odds.rs" 38 4 38 50] _23 <- any Ghost.ghost_ty (Seq.seq uint32); - [#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../sum_of_odds.rs" 38 4 38 50] _23 <- any Snapshot.snap_ty (Seq.seq uint32); + [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); assert { [@expl:assertion] [#"../sum_of_odds.rs" 41 12 41 33] let _ = sum_of_odd_is_sqr0 (UInt32.to_int i) in true }; [#"../sum_of_odds.rs" 44 8 44 22] s <- ([#"../sum_of_odds.rs" 44 8 44 22] s + ([#"../sum_of_odds.rs" 44 13 44 22] ([#"../sum_of_odds.rs" 44 13 44 18] ([#"../sum_of_odds.rs" 44 13 44 14] [#"../sum_of_odds.rs" 44 13 44 14] (2 : uint32)) * ([#"../sum_of_odds.rs" 44 17 44 18] i)) + ([#"../sum_of_odds.rs" 44 21 44 22] [#"../sum_of_odds.rs" 44 21 44 22] (1 : uint32)))); goto BB4 diff --git a/creusot/tests/should_succeed/sum_of_odds.rs b/creusot/tests/should_succeed/sum_of_odds.rs index f16c467ade..971972807b 100644 --- a/creusot/tests/should_succeed/sum_of_odds.rs +++ b/creusot/tests/should_succeed/sum_of_odds.rs @@ -3,7 +3,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Int, *}; -#[ghost] +#[logic] fn sqr(x: Int) -> Int { x * x } @@ -13,7 +13,7 @@ fn is_square(y: Int) -> bool { pearlite! { exists y == sqr(z) } } -#[ghost] +#[logic] #[variant(x)] fn sum_of_odd(x: Int) -> Int { if x <= 0 { @@ -23,7 +23,7 @@ fn sum_of_odd(x: Int) -> Int { } } -#[ghost] +#[logic] #[requires(x >= 0)] #[ensures(sum_of_odd(x) == sqr(x))] #[variant(x)] diff --git a/creusot/tests/should_succeed/syntax/02_operators.rs b/creusot/tests/should_succeed/syntax/02_operators.rs index df0b14bc17..7b0ebbe17f 100644 --- a/creusot/tests/should_succeed/syntax/02_operators.rs +++ b/creusot/tests/should_succeed/syntax/02_operators.rs @@ -9,12 +9,12 @@ fn division(x: usize, y: usize) -> usize { x / y } -// #[ghost] +// #[logic] // fn division_logic(x : usize, y : usize) -> usize { // x / y // } -#[ghost] +#[logic] fn division_int(x: Int, y: Int) -> Int { x / y } @@ -24,12 +24,12 @@ fn modulus(x: usize, y: usize) -> usize { x % y } -// #[ghost] +// #[logic] // fn modulus_logic(x : usize, y : usize) -> usize { // x % y // } -#[ghost] +#[logic] fn modulus_int(x: Int, y: Int) -> Int { x % y } @@ -39,7 +39,7 @@ fn multiply(x: usize, y: usize) -> usize { x * y } -#[ghost] +#[logic] fn multiply_int(x: Int, y: Int) -> Int { x * y } @@ -49,12 +49,12 @@ fn add(x: usize, y: usize) -> usize { x + y } -#[ghost] +#[logic] fn add_int(x: Int, y: Int) -> Int { x + y } -// #[ghost] +// #[logic] // fn add_logic(x : usize, y : usize) -> usize { // x + y // } @@ -64,7 +64,7 @@ fn sub(x: usize, y: usize) -> usize { x - y } -#[ghost] +#[logic] fn sub_int(x: Int, y: Int) -> Int { x - y } @@ -78,7 +78,7 @@ fn expression(x: usize, y: usize, z: usize) -> bool { x / y * z == (x / y) * z } -#[ghost] +#[logic] #[ensures(result)] fn expression_logic(x: usize, y: usize, z: usize) -> bool { x / y * z == (x / y) * z diff --git a/creusot/tests/should_succeed/syntax/05_pearlite.mlcfg b/creusot/tests/should_succeed/syntax/05_pearlite.mlcfg index 02cec69d8c..9f91579208 100644 --- a/creusot/tests/should_succeed/syntax/05_pearlite.mlcfg +++ b/creusot/tests/should_succeed/syntax/05_pearlite.mlcfg @@ -101,19 +101,19 @@ end module C05Pearlite_GhostClosure use prelude.UInt32 use map.Map - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot use prelude.Mapping use prelude.Int let rec cfg ghost_closure [#"../05_pearlite.rs" 48 0 48 22] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); - var _x : Ghost.ghost_ty (Map.map uint32 uint32); + var _x : Snapshot.snap_ty (Map.map uint32 uint32); { goto BB0 } BB0 { - [#"../05_pearlite.rs" 49 13 49 32] _x <- ([#"../05_pearlite.rs" 49 13 49 32] Ghost.new (Mapping.from_fn (fun (a : uint32) -> a))); + [#"../05_pearlite.rs" 49 13 49 38] _x <- ([#"../05_pearlite.rs" 49 13 49 38] Snapshot.new (Mapping.from_fn (fun (a : uint32) -> a))); goto BB1 } BB1 { @@ -126,8 +126,8 @@ module C05Pearlite_PearliteClosure use prelude.UInt32 use prelude.Int use map.Map - use prelude.Ghost - let rec cfg pearlite_closure [#"../05_pearlite.rs" 52 0 52 54] [@cfg:stackify] [@cfg:subregion_analysis] (_x : Ghost.ghost_ty (Map.map uint32 bool)) : () + use prelude.Snapshot + let rec cfg pearlite_closure [#"../05_pearlite.rs" 52 0 52 57] [@cfg:stackify] [@cfg:subregion_analysis] (_x : Snapshot.snap_ty (Map.map uint32 bool)) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); @@ -135,7 +135,7 @@ module C05Pearlite_PearliteClosure goto BB0 } BB0 { - [#"../05_pearlite.rs" 52 55 52 57] _0 <- ([#"../05_pearlite.rs" 52 55 52 57] ()); + [#"../05_pearlite.rs" 52 58 52 60] _0 <- ([#"../05_pearlite.rs" 52 58 52 60] ()); return _0 } @@ -143,26 +143,26 @@ end module C05Pearlite_Caller use prelude.UInt32 use map.Map - use prelude.Ghost + use prelude.Snapshot use prelude.Int - val pearlite_closure0 [#"../05_pearlite.rs" 52 0 52 54] (_x : Ghost.ghost_ty (Map.map uint32 bool)) : () - use prelude.Ghost + val pearlite_closure0 [#"../05_pearlite.rs" 52 0 52 57] (_x : Snapshot.snap_ty (Map.map uint32 bool)) : () + use prelude.Snapshot use prelude.Mapping let rec cfg caller [#"../05_pearlite.rs" 54 0 54 15] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var _1 : (); - var _2 : Ghost.ghost_ty (Map.map uint32 bool); + var _2 : Snapshot.snap_ty (Map.map uint32 bool); { goto BB0 } BB0 { - [#"../05_pearlite.rs" 55 21 55 38] _2 <- ([#"../05_pearlite.rs" 55 21 55 38] Ghost.new (Mapping.from_fn (fun (_a : uint32) -> true))); + [#"../05_pearlite.rs" 55 21 55 44] _2 <- ([#"../05_pearlite.rs" 55 21 55 44] Snapshot.new (Mapping.from_fn (fun (_a : uint32) -> true))); goto BB1 } BB1 { - [#"../05_pearlite.rs" 55 4 55 39] _1 <- ([#"../05_pearlite.rs" 55 4 55 39] pearlite_closure0 _2); - _2 <- any Ghost.ghost_ty (Map.map uint32 bool); + [#"../05_pearlite.rs" 55 4 55 45] _1 <- ([#"../05_pearlite.rs" 55 4 55 45] pearlite_closure0 _2); + _2 <- any Snapshot.snap_ty (Map.map uint32 bool); goto BB2 } BB2 { diff --git a/creusot/tests/should_succeed/syntax/05_pearlite.rs b/creusot/tests/should_succeed/syntax/05_pearlite.rs index 4fb2ab7010..5a9a7612f9 100644 --- a/creusot/tests/should_succeed/syntax/05_pearlite.rs +++ b/creusot/tests/should_succeed/syntax/05_pearlite.rs @@ -46,13 +46,13 @@ pub fn field1_is_true(x: B) -> bool { } pub fn ghost_closure() { - let _x = gh! { |a : u32| a }; + let _x = snapshot! { |a : u32| a }; } -pub fn pearlite_closure(_x: Ghost>) {} +pub fn pearlite_closure(_x: Snapshot>) {} pub fn caller() { - pearlite_closure(gh! { |_a| true }); + pearlite_closure(snapshot! { |_a| true }); } // Implicit logical reborrows @@ -61,20 +61,20 @@ pub struct S {} impl S { #[open] - #[ghost] + #[logic] pub fn x(&mut self) -> bool { true } } #[open] -#[ghost] +#[logic] pub fn proj(x: &mut (S, S)) -> bool { x.0.x() } #[open] -#[ghost] +#[logic] pub fn proj2(x: &mut &mut (S, S)) -> bool { x.0.x() } @@ -82,43 +82,43 @@ pub fn proj2(x: &mut &mut (S, S)) -> bool { // Unnesting through an index projection #[open(self)] -#[ghost] +#[logic] pub fn reborrow_index_projection<'a, 'b, T>(a: &'a mut &'b mut [T]) -> &'a mut T { &mut a[0] } #[open(self)] -#[ghost] +#[logic] pub fn reborrow_index_projection2<'a, 'b, T>(a: &'a &'b [T]) -> &'a T { &a[0] } #[open(self)] -#[ghost] -pub fn test3<'a, T>(a: Ghost<&'a mut Vec>) -> &'a mut T { +#[logic] +pub fn test3<'a, T>(a: Snapshot<&'a mut Vec>) -> &'a mut T { &mut a[0] } #[open(self)] -#[ghost] -pub fn test4<'a, T>(a: &'a mut Ghost>) -> &'a mut T { +#[logic] +pub fn test4<'a, T>(a: &'a mut Snapshot>) -> &'a mut T { &mut a[0] } #[open(self)] -#[ghost] +#[logic] pub fn test5<'a, T>(a: &'a mut &mut &mut Vec) -> &'a mut T { &mut a[0] } #[open(self)] -#[ghost] +#[logic] pub fn test6<'a>(a: &'a mut &&mut u32) -> &'a mut u32 { &mut ***a } // Left out until I understand the semantics of `Deref` patterns. -// #[ghost] +// #[logic] // pub fn proj_opt(x : &mut Option) -> bool { // match x { // Some(a) => a.x(), diff --git a/creusot/tests/should_succeed/syntax/06_logic_function_contracts.rs b/creusot/tests/should_succeed/syntax/06_logic_function_contracts.rs index c50a5713e1..83e05c9327 100644 --- a/creusot/tests/should_succeed/syntax/06_logic_function_contracts.rs +++ b/creusot/tests/should_succeed/syntax/06_logic_function_contracts.rs @@ -5,7 +5,7 @@ use creusot_contracts::{ }; #[open] -#[ghost] +#[logic] #[variant(seq.len())] pub fn sum(seq: Seq) -> Int { pearlite! { diff --git a/creusot/tests/should_succeed/syntax/08_const.rs b/creusot/tests/should_succeed/syntax/08_const.rs index 64a8d80210..97410d4ccb 100644 --- a/creusot/tests/should_succeed/syntax/08_const.rs +++ b/creusot/tests/should_succeed/syntax/08_const.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Seq, *}; #[open] -#[ghost] +#[logic] pub fn omg() -> Seq { Seq::EMPTY } diff --git a/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg b/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg index 804220981f..f9dfc6f983 100644 --- a/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg +++ b/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg @@ -2,24 +2,24 @@ module C12GhostCode_GhostArg use prelude.UInt32 use prelude.Int - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - let rec cfg ghost_arg [#"../12_ghost_code.rs" 4 0 4 31] [@cfg:stackify] [@cfg:subregion_analysis] (g : Ghost.ghost_ty uint32) : () + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + let rec cfg ghost_arg [#"../12_ghost_code.rs" 4 0 4 34] [@cfg:stackify] [@cfg:subregion_analysis] (g : Snapshot.snap_ty uint32) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); - var g : Ghost.ghost_ty uint32 = g; - var _x : Ghost.ghost_ty uint32; + var g : Snapshot.snap_ty uint32 = g; + var _x : Snapshot.snap_ty uint32; { goto BB0 } BB0 { - [#"../12_ghost_code.rs" 5 25 5 35] _x <- ([#"../12_ghost_code.rs" 5 25 5 35] Ghost.new (Ghost.inner g)); + [#"../12_ghost_code.rs" 5 28 5 44] _x <- ([#"../12_ghost_code.rs" 5 28 5 44] Snapshot.new (Snapshot.inner g)); goto BB1 } BB1 { - [#"../12_ghost_code.rs" 4 32 6 1] _0 <- ([#"../12_ghost_code.rs" 4 32 6 1] ()); + [#"../12_ghost_code.rs" 4 35 6 1] _0 <- ([#"../12_ghost_code.rs" 4 35 6 1] ()); return _0 } @@ -100,8 +100,8 @@ module C12GhostCode_GhostVec ensures { result = invariant0 self } axiom inv0 : forall x : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global) . inv0 x = true - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot predicate resolve1 (self : uint32) = [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve1 (self : uint32) : bool @@ -128,7 +128,7 @@ module C12GhostCode_GhostVec = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var x : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global); - var _s : Ghost.ghost_ty (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)); + var _s : Snapshot.snap_ty (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)); { goto BB0 } @@ -138,7 +138,7 @@ module C12GhostCode_GhostVec } BB1 { assume { resolve0 x }; - [#"../12_ghost_code.rs" 10 32 10 41] _s <- ([#"../12_ghost_code.rs" 10 32 10 41] Ghost.new x); + [#"../12_ghost_code.rs" 10 35 10 50] _s <- ([#"../12_ghost_code.rs" 10 35 10 50] Snapshot.new x); goto BB2 } BB2 { @@ -153,9 +153,9 @@ end module C12GhostCode_GhostCopy use prelude.Int32 use seq.Seq - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot use seq.Seq use seq.Seq use prelude.Int @@ -163,23 +163,23 @@ module C12GhostCode_GhostCopy = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var a : int32; - var _s : Ghost.ghost_ty (Seq.seq int32); - var _4 : Ghost.ghost_ty (Seq.seq int32); + var _s : Snapshot.snap_ty (Seq.seq int32); + var _4 : Snapshot.snap_ty (Seq.seq int32); { goto BB0 } BB0 { [#"../12_ghost_code.rs" 18 12 18 13] a <- ([#"../12_ghost_code.rs" 18 12 18 13] [#"../12_ghost_code.rs" 18 12 18 13] (0 : int32)); - [#"../12_ghost_code.rs" 19 17 19 46] _s <- ([#"../12_ghost_code.rs" 19 17 19 46] Ghost.new (Seq.snoc (Seq.empty ) (0 : int32))); + [#"../12_ghost_code.rs" 19 17 19 52] _s <- ([#"../12_ghost_code.rs" 19 17 19 52] Snapshot.new (Seq.snoc (Seq.empty ) (0 : int32))); goto BB1 } BB1 { - [#"../12_ghost_code.rs" 20 9 20 27] _4 <- ([#"../12_ghost_code.rs" 20 9 20 27] Ghost.new (Seq.snoc (Ghost.inner _s) a)); + [#"../12_ghost_code.rs" 20 9 20 33] _4 <- ([#"../12_ghost_code.rs" 20 9 20 33] Snapshot.new (Seq.snoc (Snapshot.inner _s) a)); goto BB2 } BB2 { - [#"../12_ghost_code.rs" 20 4 20 27] _s <- ([#"../12_ghost_code.rs" 20 4 20 27] _4); - [#"../12_ghost_code.rs" 20 4 20 27] _4 <- any Ghost.ghost_ty (Seq.seq int32); + [#"../12_ghost_code.rs" 20 4 20 33] _s <- ([#"../12_ghost_code.rs" 20 4 20 33] _4); + [#"../12_ghost_code.rs" 20 4 20 33] _4 <- any Snapshot.snap_ty (Seq.seq int32); [#"../12_ghost_code.rs" 17 20 21 1] _0 <- ([#"../12_ghost_code.rs" 17 20 21 1] ()); return _0 } @@ -188,8 +188,8 @@ end module C12GhostCode_GhostIsCopy use prelude.Int32 use prelude.Borrow - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot predicate resolve0 (self : borrowed int32) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve0 (self : borrowed int32) : bool @@ -201,9 +201,9 @@ module C12GhostCode_GhostIsCopy var _0 : (); var x : int32; var r : borrowed int32; - var g : Ghost.ghost_ty (borrowed int32); - var g1 : Ghost.ghost_ty (borrowed int32); - var g2 : Ghost.ghost_ty (borrowed int32); + var g : Snapshot.snap_ty (borrowed int32); + var g1 : Snapshot.snap_ty (borrowed int32); + var g2 : Snapshot.snap_ty (borrowed int32); { goto BB0 } @@ -212,7 +212,7 @@ module C12GhostCode_GhostIsCopy [#"../12_ghost_code.rs" 25 12 25 18] r <- Borrow.borrow_mut x; [#"../12_ghost_code.rs" 25 12 25 18] x <- ^ r; assume { resolve0 r }; - [#"../12_ghost_code.rs" 26 12 26 21] g <- ([#"../12_ghost_code.rs" 26 12 26 21] Ghost.new r); + [#"../12_ghost_code.rs" 26 12 26 27] g <- ([#"../12_ghost_code.rs" 26 12 26 27] Snapshot.new r); goto BB1 } BB1 { @@ -292,7 +292,7 @@ module C12GhostCode_GhostCheck ensures { result = invariant0 self } axiom inv0 : forall x : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global) . inv0 x = true - use prelude.Ghost + use prelude.Snapshot predicate resolve1 (self : int32) = [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve1 (self : int32) : bool @@ -333,7 +333,7 @@ module C12GhostCode_GhostCheck requires {inv2 value} ensures { [#"../../../../../creusot-contracts/src/std/vec.rs" 78 26 78 51] shallow_model0 ( ^ self) = Seq.snoc (shallow_model1 self) value } - use prelude.Ghost + use prelude.Snapshot function logi_drop0 [#"../12_ghost_code.rs" 33 0 33 21] (_1 : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)) : () = @@ -349,7 +349,7 @@ module C12GhostCode_GhostCheck = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var x : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); - var _2 : Ghost.ghost_ty (); + var _2 : Snapshot.snap_ty (); var _4 : (); var _5 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); var _8 : usize; @@ -361,7 +361,7 @@ module C12GhostCode_GhostCheck goto BB1 } BB1 { - [#"../12_ghost_code.rs" 39 4 39 25] _2 <- ([#"../12_ghost_code.rs" 39 4 39 25] Ghost.new (let _ = logi_drop0 x in ())); + [#"../12_ghost_code.rs" 39 4 39 31] _2 <- ([#"../12_ghost_code.rs" 39 4 39 31] Snapshot.new (let _ = logi_drop0 x in ())); goto BB2 } BB2 { @@ -397,16 +397,16 @@ module C12GhostCode_GhostCheck end module C12GhostCode_MyStruct_Type use prelude.UInt32 - use prelude.Ghost + use prelude.Snapshot use prelude.Int type t_mystruct = - | C_MyStruct uint32 (Ghost.ghost_ty uint32) + | C_MyStruct uint32 (Snapshot.snap_ty uint32) let function mystruct_f (self : t_mystruct) : uint32 = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_MyStruct a _ -> a end - let function mystruct_g (self : t_mystruct) : Ghost.ghost_ty uint32 = [@vc:do_not_keep_trace] [@vc:sp] + let function mystruct_g (self : t_mystruct) : Snapshot.snap_ty uint32 = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_MyStruct _ a -> a end @@ -421,15 +421,15 @@ module C12GhostCode_TakesStruct val shallow_model1 (self : uint32) : int ensures { result = shallow_model1 self } - use prelude.Ghost - use prelude.Ghost - function shallow_model0 (self : Ghost.ghost_ty uint32) : int = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model1 (Ghost.inner self) - val shallow_model0 (self : Ghost.ghost_ty uint32) : int + use prelude.Snapshot + use prelude.Snapshot + function shallow_model0 (self : Snapshot.snap_ty uint32) : int = + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model1 (Snapshot.inner self) + val shallow_model0 (self : Snapshot.snap_ty uint32) : int ensures { result = shallow_model0 self } use prelude.Int - use prelude.Ghost + use prelude.Snapshot use C12GhostCode_MyStruct_Type as C12GhostCode_MyStruct_Type let rec cfg takes_struct [#"../12_ghost_code.rs" 52 0 52 36] [@cfg:stackify] [@cfg:subregion_analysis] (x : C12GhostCode_MyStruct_Type.t_mystruct) : () requires {[#"../12_ghost_code.rs" 51 11 51 20] shallow_model0 (C12GhostCode_MyStruct_Type.mystruct_g x) = 0} @@ -437,17 +437,17 @@ module C12GhostCode_TakesStruct = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var x : C12GhostCode_MyStruct_Type.t_mystruct = x; - var _3 : Ghost.ghost_ty uint32; + var _3 : Snapshot.snap_ty uint32; { goto BB0 } BB0 { - [#"../12_ghost_code.rs" 53 10 53 21] _3 <- ([#"../12_ghost_code.rs" 53 10 53 21] Ghost.new (C12GhostCode_MyStruct_Type.mystruct_f x)); + [#"../12_ghost_code.rs" 53 10 53 27] _3 <- ([#"../12_ghost_code.rs" 53 10 53 27] Snapshot.new (C12GhostCode_MyStruct_Type.mystruct_f x)); goto BB1 } BB1 { - [#"../12_ghost_code.rs" 53 4 53 21] x <- (let C12GhostCode_MyStruct_Type.C_MyStruct x0 x1 = x in C12GhostCode_MyStruct_Type.C_MyStruct x0 ([#"../12_ghost_code.rs" 53 4 53 21] _3)); - [#"../12_ghost_code.rs" 53 4 53 21] _3 <- any Ghost.ghost_ty uint32; + [#"../12_ghost_code.rs" 53 4 53 27] x <- (let C12GhostCode_MyStruct_Type.C_MyStruct x0 x1 = x in C12GhostCode_MyStruct_Type.C_MyStruct x0 ([#"../12_ghost_code.rs" 53 4 53 27] _3)); + [#"../12_ghost_code.rs" 53 4 53 27] _3 <- any Snapshot.snap_ty uint32; [#"../12_ghost_code.rs" 52 37 54 1] _0 <- ([#"../12_ghost_code.rs" 52 37 54 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/syntax/12_ghost_code.rs b/creusot/tests/should_succeed/syntax/12_ghost_code.rs index a4dfc8143b..206fed9302 100644 --- a/creusot/tests/should_succeed/syntax/12_ghost_code.rs +++ b/creusot/tests/should_succeed/syntax/12_ghost_code.rs @@ -1,42 +1,42 @@ extern crate creusot_contracts; use creusot_contracts::{logic::Seq, *}; -pub fn ghost_arg(g: Ghost) { - let _x: Ghost = gh! { *g }; +pub fn ghost_arg(g: Snapshot) { + let _x: Snapshot = snapshot! { *g }; } pub fn ghost_vec() { let x: Vec = Vec::new(); - let mut _s: Ghost> = gh! { x }; + let mut _s: Snapshot> = snapshot! { x }; } #[open] -#[ghost] +#[logic] pub fn omg() {} pub fn ghost_copy() { let a = 0; - let mut _s = gh! { Seq::EMPTY.push(0i32) }; - _s = gh! { _s.push(a) }; + let mut _s = snapshot! { Seq::EMPTY.push(0i32) }; + _s = snapshot! { _s.push(a) }; } pub fn ghost_is_copy() { let mut x = 0; let r = &mut x; - let g = gh! { r }; + let g = snapshot! { r }; let g1 = g; let g2 = g; proof_assert!(g1 == g2); } -#[ghost] +#[logic] fn logi_drop(_: T) {} pub fn ghost_check() { let mut x = Vec::new(); // We ghost capture the value and then drop it without affecting program - gh! { logi_drop(x); }; + snapshot! { logi_drop(x); }; x.push(0); @@ -45,10 +45,10 @@ pub fn ghost_check() { pub struct MyStruct { f: u32, - g: Ghost, + g: Snapshot, } #[requires(x.g@ == 0)] pub fn takes_struct(mut x: MyStruct) { - x.g = gh! { x.f }; + x.g = snapshot! { x.f }; } diff --git a/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg b/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg index f71e01f3b3..9a00153f23 100644 --- a/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg +++ b/creusot/tests/should_succeed/syntax/13_vec_macro.mlcfg @@ -237,7 +237,7 @@ module C13VecMacro_X goto BB6 } BB6 { - [#"../13_vec_macro.rs" 12 13 12 26] v2 <- ([#"../13_vec_macro.rs" 12 13 12 26] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 254 47 254 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../13_vec_macro.rs" 12 18 12 19] [#"../13_vec_macro.rs" 12 18 12 19] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../13_vec_macro.rs" 12 21 12 22] [#"../13_vec_macro.rs" 12 21 12 22] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../13_vec_macro.rs" 12 24 12 25] [#"../13_vec_macro.rs" 12 24 12 25] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); + [#"../13_vec_macro.rs" 12 13 12 26] v2 <- ([#"../13_vec_macro.rs" 12 13 12 26] into_vec0 ([#"../../../../../creusot-contracts/src/lib.rs" 296 47 296 56] let __arr_temp = any array int32 in assume {Seq.get (__arr_temp.elts) 0 = ([#"../13_vec_macro.rs" 12 18 12 19] [#"../13_vec_macro.rs" 12 18 12 19] (1 : int32))}; assume {Seq.get (__arr_temp.elts) 1 = ([#"../13_vec_macro.rs" 12 21 12 22] [#"../13_vec_macro.rs" 12 21 12 22] (2 : int32))}; assume {Seq.get (__arr_temp.elts) 2 = ([#"../13_vec_macro.rs" 12 24 12 25] [#"../13_vec_macro.rs" 12 24 12 25] (3 : int32))}; assume {Slice.length __arr_temp = 3}; __arr_temp)); goto BB7 } BB7 { diff --git a/creusot/tests/should_succeed/syntax/derive_macros.rs b/creusot/tests/should_succeed/syntax/derive_macros.rs index fc85641c23..063e18b6ff 100644 --- a/creusot/tests/should_succeed/syntax/derive_macros.rs +++ b/creusot/tests/should_succeed/syntax/derive_macros.rs @@ -19,7 +19,7 @@ where type DeepModelTy = Product; #[open] - #[ghost] + #[logic] fn deep_model(self) -> Self::DeepModelTy { Product { a: self.a.deep_model(), b: self.b.deep_model() } } @@ -35,7 +35,7 @@ impl DeepModel for Sum { type DeepModelTy = Sum; #[open] - #[ghost] + #[logic] fn deep_model(self) -> Self::DeepModelTy { match self { Sum::A(a) => Sum::A(a.deep_model()), diff --git a/creusot/tests/should_succeed/traits/08.rs b/creusot/tests/should_succeed/traits/08.rs index 850aa34efb..4d3040d412 100644 --- a/creusot/tests/should_succeed/traits/08.rs +++ b/creusot/tests/should_succeed/traits/08.rs @@ -5,7 +5,7 @@ use creusot_contracts::{logic::Int, *}; // Ensure that different kinds of functions are translated to the // correct abstract symbol in Rust pub trait Tr { - #[ghost] + #[logic] fn logical(&self) -> Int; #[predicate] fn predicate(&self) -> bool; diff --git a/creusot/tests/should_succeed/traits/11.rs b/creusot/tests/should_succeed/traits/11.rs index 0a8a8ef20f..faf81bba58 100644 --- a/creusot/tests/should_succeed/traits/11.rs +++ b/creusot/tests/should_succeed/traits/11.rs @@ -3,7 +3,7 @@ extern crate creusot_contracts; use creusot_contracts::*; #[open] -#[ghost] +#[logic] pub fn id(x: T) -> T { x } diff --git a/creusot/tests/should_succeed/traits/12_default_method.rs b/creusot/tests/should_succeed/traits/12_default_method.rs index fd408f3743..963d97a8d2 100644 --- a/creusot/tests/should_succeed/traits/12_default_method.rs +++ b/creusot/tests/should_succeed/traits/12_default_method.rs @@ -8,7 +8,7 @@ pub trait T { } #[open] - #[ghost] + #[logic] fn logic_default(self) -> bool { true } diff --git a/creusot/tests/should_succeed/traits/14_assoc_in_logic.rs b/creusot/tests/should_succeed/traits/14_assoc_in_logic.rs index 7c51cac64c..021306e5fa 100644 --- a/creusot/tests/should_succeed/traits/14_assoc_in_logic.rs +++ b/creusot/tests/should_succeed/traits/14_assoc_in_logic.rs @@ -6,13 +6,13 @@ pub trait Assoc { type Ty; } -#[ghost] +#[logic] #[trusted] fn from_ty(_x: T::Ty) -> T { absurd } -#[ghost] +#[logic] #[trusted] fn to_ty(_x: T) -> T::Ty { absurd diff --git a/creusot/tests/should_succeed/traits/15_impl_interfaces.rs b/creusot/tests/should_succeed/traits/15_impl_interfaces.rs index a2bf356bc0..e02030aff1 100644 --- a/creusot/tests/should_succeed/traits/15_impl_interfaces.rs +++ b/creusot/tests/should_succeed/traits/15_impl_interfaces.rs @@ -14,7 +14,7 @@ impl Tr for () { } #[trusted] -#[ghost] +#[logic] fn x(_x: T) -> T::A { absurd } diff --git a/creusot/tests/should_succeed/traits/16_impl_cloning.rs b/creusot/tests/should_succeed/traits/16_impl_cloning.rs index 9fbe4d93aa..d9e0ab5aaa 100644 --- a/creusot/tests/should_succeed/traits/16_impl_cloning.rs +++ b/creusot/tests/should_succeed/traits/16_impl_cloning.rs @@ -6,7 +6,7 @@ pub struct Vec(std::vec::Vec); impl ShallowModel for Vec { type ShallowModelTy = Seq; #[open] - #[ghost] + #[logic] #[trusted] fn shallow_model(self) -> Self::ShallowModelTy { absurd diff --git a/creusot/tests/should_succeed/traits/18_trait_laws.rs b/creusot/tests/should_succeed/traits/18_trait_laws.rs index c03d1b3103..b63d2eca86 100644 --- a/creusot/tests/should_succeed/traits/18_trait_laws.rs +++ b/creusot/tests/should_succeed/traits/18_trait_laws.rs @@ -2,7 +2,7 @@ extern crate creusot_contracts; use creusot_contracts::*; pub trait Symmetric { - #[ghost] + #[logic] fn op(self, _: Self) -> Self; #[law] @@ -11,7 +11,7 @@ pub trait Symmetric { } #[open] -#[ghost] +#[logic] #[ensures(result == true)] pub fn uses_op(x: T, y: T) -> bool { pearlite! { x.op(y) == y.op(x) } @@ -19,7 +19,7 @@ pub fn uses_op(x: T, y: T) -> bool { impl Symmetric for () { #[open] - #[ghost] + #[logic] fn op(self, _: Self) -> Self { () } @@ -31,7 +31,7 @@ impl Symmetric for () { } #[open] -#[ghost] +#[logic] #[ensures(result == true)] pub fn impl_laws() -> bool { pearlite! { ().op(()) == ().op(()) } diff --git a/creusot/tests/should_succeed/vector/01.mlcfg b/creusot/tests/should_succeed/vector/01.mlcfg index c58d4a4ba2..3312b54666 100644 --- a/creusot/tests/should_succeed/vector/01.mlcfg +++ b/creusot/tests/should_succeed/vector/01.mlcfg @@ -218,7 +218,7 @@ module C01_AllZero ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_Range_Type.t_range usize . inv0 x = true - use prelude.Ghost + use prelude.Snapshot predicate resolve2 (self : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve2 (self : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))) : bool @@ -289,7 +289,7 @@ module C01_AllZero val index_logic0 [@inline:trivial] (self : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)) (ix : int) : uint32 ensures { result = index_logic0 self ix } - use prelude.Ghost + use prelude.Snapshot function shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))) : Seq.seq uint32 = @@ -297,18 +297,18 @@ module C01_AllZero val shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))) : Seq.seq uint32 ensures { result = shallow_model5 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq uint32 + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq uint32 = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model5 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq uint32 + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model5 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq uint32 ensures { result = shallow_model1 self } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -336,7 +336,7 @@ module C01_AllZero requires {inv1 self} ensures { [#"../../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model4 self) } - use prelude.Ghost + use prelude.Snapshot let rec cfg all_zero [#"../01.rs" 7 0 7 33] [@cfg:stackify] [@cfg:subregion_analysis] (v : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))) : () ensures { [#"../01.rs" 5 0 5 73] forall i : int . 0 <= i /\ i < Seq.length (shallow_model2 ( ^ v)) -> index_logic0 ( ^ v) i = (0 : uint32) } ensures { [#"../01.rs" 6 10 6 33] Seq.length (shallow_model0 v) = Seq.length (shallow_model2 ( ^ v)) } @@ -344,16 +344,16 @@ module C01_AllZero = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var v : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)) = v; - var old_v : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))); + var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))); var iter : Core_Ops_Range_Range_Type.t_range usize; var _8 : usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _19 : Core_Option_Option_Type.t_option usize; var _20 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _21 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _24 : Ghost.ghost_ty (Seq.seq usize); + var _24 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var _27 : borrowed uint32; var _28 : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)); @@ -361,7 +361,7 @@ module C01_AllZero goto BB0 } BB0 { - [#"../01.rs" 8 16 8 25] old_v <- ([#"../01.rs" 8 16 8 25] Ghost.new v); + [#"../01.rs" 8 16 8 31] old_v <- ([#"../01.rs" 8 16 8 31] Snapshot.new v); goto BB1 } BB1 { @@ -374,11 +374,11 @@ module C01_AllZero goto BB3 } BB3 { - [#"../01.rs" 9 4 9 42] iter_old <- ([#"../01.rs" 9 4 9 42] Ghost.new iter); + [#"../01.rs" 9 4 9 42] iter_old <- ([#"../01.rs" 9 4 9 42] Snapshot.new iter); goto BB4 } BB4 { - [#"../01.rs" 9 4 9 42] produced <- ([#"../01.rs" 9 4 9 42] Ghost.new (Seq.empty )); + [#"../01.rs" 9 4 9 42] produced <- ([#"../01.rs" 9 4 9 42] Snapshot.new (Seq.empty )); goto BB5 } BB5 { @@ -386,9 +386,9 @@ module C01_AllZero } BB6 { invariant { [#"../01.rs" 9 4 9 42] inv0 iter }; - invariant { [#"../01.rs" 9 4 9 42] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../01.rs" 9 4 9 42] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../01.rs" 9 16 9 40] Seq.length (shallow_model0 v) = Seq.length (shallow_model1 old_v) }; - invariant { [#"../01.rs" 9 4 9 42] forall j : int . 0 <= j /\ j < Seq.length (Ghost.inner produced) -> index_logic0 ( * v) j = (0 : uint32) }; + invariant { [#"../01.rs" 9 4 9 42] forall j : int . 0 <= j /\ j < Seq.length (Snapshot.inner produced) -> index_logic0 ( * v) j = (0 : uint32) }; goto BB7 } BB7 { @@ -421,14 +421,14 @@ module C01_AllZero absurd } BB12 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _19); - [#"../01.rs" 9 4 9 42] _24 <- ([#"../01.rs" 9 4 9 42] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _19); + [#"../01.rs" 9 4 9 42] _24 <- ([#"../01.rs" 9 4 9 42] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB13 } BB13 { [#"../01.rs" 9 4 9 42] produced <- ([#"../01.rs" 9 4 9 42] _24); - [#"../01.rs" 9 4 9 42] _24 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../01.rs" 9 4 9 42] _24 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../01.rs" 12 8 12 9] _28 <- Borrow.borrow_mut ( * v); [#"../01.rs" 12 8 12 9] v <- { v with current = ( ^ _28) ; }; [#"../01.rs" 12 9 12 12] _27 <- ([#"../01.rs" 12 9 12 12] index_mut0 _28 ([#"../01.rs" 12 10 12 11] i)); diff --git a/creusot/tests/should_succeed/vector/01.rs b/creusot/tests/should_succeed/vector/01.rs index 2e01e398f1..89966fb772 100644 --- a/creusot/tests/should_succeed/vector/01.rs +++ b/creusot/tests/should_succeed/vector/01.rs @@ -5,7 +5,7 @@ use creusot_contracts::{logic::Int, *}; #[ensures(forall 0 <= i && i < (^v)@.len() ==> (^v)[i] == 0u32)] #[ensures(v@.len() == (^v)@.len())] pub fn all_zero(v: &mut Vec) { - let old_v = gh! { v }; + let old_v = snapshot! { v }; #[invariant(v@.len() == old_v@.len())] #[invariant(forall 0 <= j && j < produced.len() ==> v[j] == 0u32)] for i in 0..v.len() { diff --git a/creusot/tests/should_succeed/vector/02_gnome.mlcfg b/creusot/tests/should_succeed/vector/02_gnome.mlcfg index 1701594573..92097f2ad8 100644 --- a/creusot/tests/should_succeed/vector/02_gnome.mlcfg +++ b/creusot/tests/should_succeed/vector/02_gnome.mlcfg @@ -246,17 +246,17 @@ module C02Gnome_GnomeSort ensures { result = inv1 _x } axiom inv1 : forall x : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true use seq.Seq predicate sorted_range0 [#"../02_gnome.rs" 9 0 9 63] (s : Seq.seq deep_model_ty0) (l : int) (u : int) = [#"../02_gnome.rs" 10 4 12 5] forall j : int . forall i : int . l <= i /\ i < j /\ j < u -> le_log0 (Seq.get s i) (Seq.get s j) @@ -380,12 +380,12 @@ module C02Gnome_GnomeSort val shallow_model4 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model4 self } - use prelude.Ghost - function shallow_model2 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + use prelude.Snapshot + function shallow_model2 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model4 (Ghost.inner self) - val shallow_model2 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model4 (Snapshot.inner self) + val shallow_model2 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model2 self } function deep_model0 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq deep_model_ty0 @@ -395,11 +395,12 @@ module C02Gnome_GnomeSort val deep_model0 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq deep_model_ty0 ensures { result = deep_model0 self } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg gnome_sort [#"../02_gnome.rs" 22 0 24 29] [@cfg:stackify] [@cfg:subregion_analysis] (v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : () requires {[#"../02_gnome.rs" 22 38 22 39] inv1 v} ensures { [#"../02_gnome.rs" 20 10 20 35] sorted0 (deep_model1 ( ^ v)) } @@ -408,7 +409,7 @@ module C02Gnome_GnomeSort = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = v; - var old_v : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var i : usize; var _9 : (); var _12 : usize; @@ -424,7 +425,7 @@ module C02Gnome_GnomeSort goto BB0 } BB0 { - [#"../02_gnome.rs" 26 16 26 25] old_v <- ([#"../02_gnome.rs" 26 16 26 25] Ghost.new v); + [#"../02_gnome.rs" 26 16 26 31] old_v <- ([#"../02_gnome.rs" 26 16 26 31] Snapshot.new v); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/vector/02_gnome.rs b/creusot/tests/should_succeed/vector/02_gnome.rs index 208058d019..02171fbeff 100644 --- a/creusot/tests/should_succeed/vector/02_gnome.rs +++ b/creusot/tests/should_succeed/vector/02_gnome.rs @@ -23,7 +23,7 @@ pub fn gnome_sort(v: &mut Vec) where T::DeepModelTy: OrdLogic, { - let old_v = gh! { v }; + let old_v = snapshot! { v }; let mut i = 0; #[invariant(sorted_range(v.deep_model(), 0, i@))] #[invariant(v@.permutation_of(old_v@))] diff --git a/creusot/tests/should_succeed/vector/03_knuth_shuffle.mlcfg b/creusot/tests/should_succeed/vector/03_knuth_shuffle.mlcfg index 5620a338cb..727bb57ea0 100644 --- a/creusot/tests/should_succeed/vector/03_knuth_shuffle.mlcfg +++ b/creusot/tests/should_succeed/vector/03_knuth_shuffle.mlcfg @@ -214,17 +214,17 @@ module C03KnuthShuffle_KnuthShuffle ensures { result = invariant1 self } axiom inv1 : forall x : Core_Ops_Range_Range_Type.t_range usize . inv1 x = true - use prelude.Ghost - predicate invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + use prelude.Snapshot + predicate invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val invariant0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + val invariant0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = invariant0 self } - predicate inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val inv0 (_x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + val inv0 (_x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = inv0 _x } - axiom inv0 : forall x : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true + axiom inv0 : forall x : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) . inv0 x = true predicate resolve3 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self val resolve3 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : bool @@ -301,18 +301,18 @@ module C03KnuthShuffle_KnuthShuffle val shallow_model5 (self : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : Seq.seq t ensures { result = shallow_model5 self } - use prelude.Ghost - function shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + use prelude.Snapshot + function shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t = - [#"../../../../../creusot-contracts/src/ghost.rs" 27 20 27 48] shallow_model5 (Ghost.inner self) - val shallow_model1 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t + [#"../../../../../creusot-contracts/src/snapshot.rs" 27 20 27 48] shallow_model5 (Snapshot.inner self) + val shallow_model1 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : Seq.seq t ensures { result = shallow_model1 self } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -340,11 +340,12 @@ module C03KnuthShuffle_KnuthShuffle requires {inv6 self} ensures { [#"../../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model4 self) } - predicate resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) - val resolve0 (self : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool + predicate resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) + + val resolve0 (self : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)))) : bool ensures { result = resolve0 self } - use prelude.Ghost + use prelude.Snapshot let rec cfg knuth_shuffle [#"../03_knuth_shuffle.rs" 13 0 13 39] [@cfg:stackify] [@cfg:subregion_analysis] (v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))) : () requires {[#"../03_knuth_shuffle.rs" 13 24 13 25] inv5 v} ensures { [#"../03_knuth_shuffle.rs" 12 0 12 36] permutation_of0 (shallow_model2 ( ^ v)) (shallow_model0 v) } @@ -352,16 +353,16 @@ module C03KnuthShuffle_KnuthShuffle = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = v; - var old_v : Ghost.ghost_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); + var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var iter : Core_Ops_Range_Range_Type.t_range usize; var _7 : usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _17 : Core_Option_Option_Type.t_option usize; var _18 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _19 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _22 : Ghost.ghost_ty (Seq.seq usize); + var _22 : Snapshot.snap_ty (Seq.seq usize); var n : usize; var upper : usize; var _26 : usize; @@ -374,7 +375,7 @@ module C03KnuthShuffle_KnuthShuffle goto BB0 } BB0 { - [#"../03_knuth_shuffle.rs" 14 16 14 25] old_v <- ([#"../03_knuth_shuffle.rs" 14 16 14 25] Ghost.new v); + [#"../03_knuth_shuffle.rs" 14 16 14 31] old_v <- ([#"../03_knuth_shuffle.rs" 14 16 14 31] Snapshot.new v); goto BB1 } BB1 { @@ -389,11 +390,11 @@ module C03KnuthShuffle_KnuthShuffle goto BB3 } BB3 { - [#"../03_knuth_shuffle.rs" 16 4 16 43] iter_old <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] Ghost.new iter); + [#"../03_knuth_shuffle.rs" 16 4 16 43] iter_old <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] Snapshot.new iter); goto BB4 } BB4 { - [#"../03_knuth_shuffle.rs" 16 4 16 43] produced <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] Ghost.new (Seq.empty )); + [#"../03_knuth_shuffle.rs" 16 4 16 43] produced <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] Snapshot.new (Seq.empty )); goto BB5 } BB5 { @@ -401,7 +402,7 @@ module C03KnuthShuffle_KnuthShuffle } BB6 { invariant { [#"../03_knuth_shuffle.rs" 16 4 16 43] inv1 iter }; - invariant { [#"../03_knuth_shuffle.rs" 16 4 16 43] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../03_knuth_shuffle.rs" 16 4 16 43] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../03_knuth_shuffle.rs" 16 4 16 43] permutation_of0 (shallow_model0 v) (shallow_model1 old_v) }; goto BB7 } @@ -437,14 +438,14 @@ module C03KnuthShuffle_KnuthShuffle absurd } BB12 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); - [#"../03_knuth_shuffle.rs" 16 4 16 43] _22 <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); + [#"../03_knuth_shuffle.rs" 16 4 16 43] _22 <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB13 } BB13 { [#"../03_knuth_shuffle.rs" 16 4 16 43] produced <- ([#"../03_knuth_shuffle.rs" 16 4 16 43] _22); - [#"../03_knuth_shuffle.rs" 16 4 16 43] _22 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] n <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../03_knuth_shuffle.rs" 16 4 16 43] _22 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] n <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../03_knuth_shuffle.rs" 20 20 20 27] _26 <- ([#"../03_knuth_shuffle.rs" 20 20 20 27] len0 ([#"../03_knuth_shuffle.rs" 20 20 20 21] * v)); goto BB14 } diff --git a/creusot/tests/should_succeed/vector/03_knuth_shuffle.rs b/creusot/tests/should_succeed/vector/03_knuth_shuffle.rs index ae6d15918c..c93b1e2313 100644 --- a/creusot/tests/should_succeed/vector/03_knuth_shuffle.rs +++ b/creusot/tests/should_succeed/vector/03_knuth_shuffle.rs @@ -11,7 +11,7 @@ fn rand_in_range(l: usize, u: usize) -> usize { #[ensures((^v)@.permutation_of(v@))] pub fn knuth_shuffle(v: &mut Vec) { - let old_v = gh! { v }; + let old_v = snapshot! { v }; #[invariant(v@.permutation_of(old_v@))] for n in 0..v.len() { diff --git a/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg b/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg index ecdfc5f9da..b59ce41797 100644 --- a/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg +++ b/creusot/tests/should_succeed/vector/06_knights_tour.mlcfg @@ -140,9 +140,9 @@ module C06KnightsTour_Board_Type end module CreusotContracts_Std1_Iter_MapInv_MapInv_Type use seq.Seq - use prelude.Ghost + use prelude.Snapshot type t_mapinv 'i 'b 'f = - | C_MapInv 'i 'f (Ghost.ghost_ty (Seq.seq 'b)) + | C_MapInv 'i 'f (Snapshot.snap_ty (Seq.seq 'b)) let function mapinv_iter (self : t_mapinv 'i 'b 'f) : 'i = [@vc:do_not_keep_trace] [@vc:sp] match self with @@ -152,7 +152,7 @@ module CreusotContracts_Std1_Iter_MapInv_MapInv_Type match self with | C_MapInv _ a _ -> a end - let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Ghost.ghost_ty (Seq.seq 'b) + let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Snapshot.snap_ty (Seq.seq 'b) = [@vc:do_not_keep_trace] [@vc:sp] match self with | C_MapInv _ _ a -> a @@ -176,7 +176,7 @@ module C06KnightsTour_Impl1_New_Closure3_Type use prelude.UIntSize use Alloc_Vec_Vec_Type as Alloc_Vec_Vec_Type use seq.Seq - use prelude.Ghost + use prelude.Snapshot use prelude.Int16 use prelude.Int use prelude.Borrow @@ -231,7 +231,7 @@ module C06KnightsTour_Impl1_New_Closure3 axiom inv0 : forall x : usize . inv0 x = true use prelude.Int16 - use prelude.Ghost + use prelude.Snapshot use prelude.Borrow use C06KnightsTour_Impl1_New_Closure3_Type as C06KnightsTour_Impl1_New_Closure3 function field_00 [#"../06_knights_tour.rs" 43 16 43 50] (self : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) : usize @@ -264,7 +264,7 @@ module C06KnightsTour_Impl1_New_Closure3 val resolve0 (self : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) : bool ensures { result = resolve0 self } - let rec cfg c06KnightsTour_Impl1_New_Closure3 [#"../06_knights_tour.rs" 43 16 43 50] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (_2 : usize) (_3 : Ghost.ghost_ty (Seq.seq usize)) : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global) + let rec cfg c06KnightsTour_Impl1_New_Closure3 [#"../06_knights_tour.rs" 43 16 43 50] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (_2 : usize) (_3 : Snapshot.snap_ty (Seq.seq usize)) : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global) ensures { [#"../06_knights_tour.rs" 43 26 43 48] Seq.length (shallow_model0 result) = UIntSize.to_int (field_00 ( ^ _1)) } ensures { unnest0 ( * _1) ( ^ _1) } @@ -296,17 +296,17 @@ end module C06KnightsTour_Impl1_New use prelude.UIntSize use seq.Seq - use prelude.Ghost - predicate invariant12 (self : Ghost.ghost_ty (Seq.seq usize)) = + use prelude.Snapshot + predicate invariant12 (self : Snapshot.snap_ty (Seq.seq usize)) = [#"../../../../../creusot-contracts/src/invariant.rs" 8 8 8 12] true - val invariant12 (self : Ghost.ghost_ty (Seq.seq usize)) : bool + val invariant12 (self : Snapshot.snap_ty (Seq.seq usize)) : bool ensures { result = invariant12 self } - predicate inv12 (_x : Ghost.ghost_ty (Seq.seq usize)) - val inv12 (_x : Ghost.ghost_ty (Seq.seq usize)) : bool + predicate inv12 (_x : Snapshot.snap_ty (Seq.seq usize)) + val inv12 (_x : Snapshot.snap_ty (Seq.seq usize)) : bool ensures { result = inv12 _x } - axiom inv12 : forall x : Ghost.ghost_ty (Seq.seq usize) . inv12 x = true + axiom inv12 : forall x : Snapshot.snap_ty (Seq.seq usize) . inv12 x = true use Alloc_Alloc_Global_Type as Alloc_Alloc_Global_Type use Alloc_Vec_Vec_Type as Alloc_Vec_Vec_Type use prelude.Int16 @@ -418,23 +418,23 @@ module C06KnightsTour_Impl1_New = field_00 _2 = field_00 self - predicate postcondition_mut0 [#"../06_knights_tour.rs" 43 16 43 50] (self : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (args : (usize, Ghost.ghost_ty (Seq.seq usize))) (result : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) + predicate postcondition_mut0 [#"../06_knights_tour.rs" 43 16 43 50] (self : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (args : (usize, Snapshot.snap_ty (Seq.seq usize))) (result : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) = (let (_2, _3) = args in Seq.length (shallow_model2 result) = UIntSize.to_int (field_00 ( ^ self))) /\ unnest0 ( * self) ( ^ self) use seq.Seq - predicate precondition0 [#"../06_knights_tour.rs" 43 16 43 50] (self : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (args : (usize, Ghost.ghost_ty (Seq.seq usize))) + predicate precondition0 [#"../06_knights_tour.rs" 43 16 43 50] (self : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (args : (usize, Snapshot.snap_ty (Seq.seq usize))) = let (_2, _3) = args in true - use prelude.Ghost + use prelude.Snapshot use seq_ext.SeqExt use seq.Seq use seq.Seq use seq.Seq use seq.Seq - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot use prelude.Int function deep_model0 (self : usize) : int = [#"../../../../../creusot-contracts/src/std/num.rs" 22 16 22 35] UIntSize.to_int self @@ -451,11 +451,11 @@ module C06KnightsTour_Impl1_New predicate produces1 [@inline:trivial] (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (visited : Seq.seq (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) (succ : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 37 8 49 9] unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ) /\ (exists s : Seq.seq usize . inv7 s /\ Seq.length s = Seq.length visited /\ produces0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) s (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter succ) /\ Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced succ) = Seq.(++) (Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) s /\ (exists fs : Seq.seq (borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) . inv11 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 37 8 49 9] unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ) /\ (exists s : Seq.seq usize . inv7 s /\ Seq.length s = Seq.length visited /\ produces0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) s (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter succ) /\ Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced succ) = Seq.(++) (Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) s /\ (exists fs : Seq.seq (borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) . inv11 fs /\ Seq.length fs = Seq.length visited /\ (forall i : int . 1 <= i /\ i < Seq.length fs -> ^ Seq.get fs (i - 1) = * Seq.get fs i) /\ (if Seq.length visited = 0 then CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ else * Seq.get fs 0 = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self /\ ^ Seq.get fs (Seq.length visited - 1) = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func succ - ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Ghost.new (Seq.(++) (Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) + ) /\ (forall i : int . 0 <= i /\ i < Seq.length visited -> unnest0 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) ( * Seq.get fs i) /\ precondition0 ( * Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) /\ postcondition_mut0 (Seq.get fs i) (Seq.get s i, Snapshot.new (Seq.(++) (Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced self)) (SeqExt.subsequence s 0 i))) (Seq.get visited i)))) val produces1 [@inline:trivial] (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (visited : Seq.seq (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global))) (succ : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) : bool ensures { result = produces1 self visited succ } @@ -511,7 +511,7 @@ module C06KnightsTour_Impl1_New predicate next_precondition0 (iter : Core_Ops_Range_Range_Type.t_range usize) (func : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (produced : Seq.seq usize) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 112 8 116 9] forall i : Core_Ops_Range_Range_Type.t_range usize . forall e : usize . inv0 i -> inv1 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Ghost.new produced) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 112 8 116 9] forall i : Core_Ops_Range_Range_Type.t_range usize . forall e : usize . inv0 i -> inv1 e -> produces0 iter (Seq.singleton e) i -> precondition0 func (e, Snapshot.new produced) val next_precondition0 (iter : Core_Ops_Range_Range_Type.t_range usize) (func : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) (produced : Seq.seq usize) : bool ensures { result = next_precondition0 iter func produced } @@ -519,7 +519,7 @@ module C06KnightsTour_Impl1_New predicate preservation0 (iter : Core_Ops_Range_Range_Type.t_range usize) (func : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 135 8 142 9] forall i : Core_Ops_Range_Range_Type.t_range usize . forall b : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global) . forall f : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3 . forall e2 : usize . forall e1 : usize . forall s : Seq.seq usize . inv0 i -> inv9 b -> inv10 f -> inv1 e2 -> inv1 e1 -> inv7 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Ghost.new s) -> postcondition_mut0 f (e1, Ghost.new s) b -> precondition0 ( ^ f) (e2, Ghost.new (Seq.snoc s e1)) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 135 8 142 9] forall i : Core_Ops_Range_Range_Type.t_range usize . forall b : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global) . forall f : borrowed C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3 . forall e2 : usize . forall e1 : usize . forall s : Seq.seq usize . inv0 i -> inv9 b -> inv10 f -> inv1 e2 -> inv1 e1 -> inv7 s -> unnest0 func ( * f) -> produces0 iter (Seq.snoc (Seq.snoc s e1) e2) i -> precondition0 ( * f) (e1, Snapshot.new s) -> postcondition_mut0 f (e1, Snapshot.new s) b -> precondition0 ( ^ f) (e2, Snapshot.new (Seq.snoc s e1)) val preservation0 (iter : Core_Ops_Range_Range_Type.t_range usize) (func : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) : bool ensures { result = preservation0 iter func } @@ -639,7 +639,7 @@ module C06KnightsTour_Impl1_New predicate completed0 (self : borrowed (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3)) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 15 8 18 9] Ghost.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( * self)) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( * self) = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( ^ self) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 15 8 18 9] Snapshot.inner (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_produced ( ^ self)) = Seq.empty /\ completed1 (Borrow.borrow_logic (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( * self)) (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter ( ^ self)) (Borrow.inherit_id (Borrow.get_id self) 1)) /\ CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( * self) = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func ( ^ self) val completed0 (self : borrowed (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3)) : bool ensures { result = completed0 self } @@ -655,7 +655,7 @@ module C06KnightsTour_Impl1_New predicate resolve0 (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) = - [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 56 4 56 16] resolve1 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) /\ resolve2 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) + [#"../../../../../creusot-contracts/src/std/iter/map_inv.rs" 56 4 56 27] resolve1 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_iter self) /\ resolve2 (CreusotContracts_Std1_Iter_MapInv_MapInv_Type.mapinv_func self) val resolve0 (self : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) : bool ensures { result = resolve0 self } @@ -665,13 +665,13 @@ module C06KnightsTour_Impl1_New ensures { inv6 result } val map_inv0 (self : Core_Ops_Range_Range_Type.t_range usize) (func : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3) : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3 - requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 43 4 43 138] forall i2 : Core_Ops_Range_Range_Type.t_range usize . forall e : usize . inv0 i2 -> inv1 e -> produces0 self (Seq.singleton e) i2 -> precondition0 func (e, Ghost.new (Seq.empty ))} + requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 43 4 43 141] forall i2 : Core_Ops_Range_Range_Type.t_range usize . forall e : usize . inv0 i2 -> inv1 e -> produces0 self (Seq.singleton e) i2 -> precondition0 func (e, Snapshot.new (Seq.empty ))} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 44 15 44 51] reinitialize0 ()} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 45 15 45 70] preservation0 self func} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 47 21 47 25] inv0 self} requires {[#"../../../../../creusot-contracts/src/std/iter.rs" 47 27 47 31] inv2 func} - ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 46 14 46 85] result = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.C_MapInv self func (Ghost.new (Seq.empty )) } - ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 47 4 50 58] inv3 result } + ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 46 14 46 88] result = CreusotContracts_Std1_Iter_MapInv_MapInv_Type.C_MapInv self func (Snapshot.new (Seq.empty )) } + ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 47 4 50 61] inv3 result } let rec cfg new [#"../06_knights_tour.rs" 40 4 40 31] [@cfg:stackify] [@cfg:subregion_analysis] (size : usize) : C06KnightsTour_Board_Type.t_board requires {[#"../06_knights_tour.rs" 37 15 37 28] UIntSize.to_int size <= 1000} @@ -1187,7 +1187,7 @@ module C06KnightsTour_Impl1_CountDegree val wf0 [#"../06_knights_tour.rs" 30 4 30 23] (self : C06KnightsTour_Board_Type.t_board) : bool ensures { result = wf0 self } - use prelude.Ghost + use prelude.Snapshot predicate resolve3 (self : isize) = [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true val resolve3 (self : isize) : bool @@ -1248,11 +1248,11 @@ module C06KnightsTour_Impl1_CountDegree end } ensures { inv3 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Alloc_Vec_Vec_Type.t_vec (isize, isize) (Alloc_Alloc_Global_Type.t_global)) (res : Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)) = @@ -1293,14 +1293,14 @@ module C06KnightsTour_Impl1_CountDegree var count : usize; var iter : Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global); var _8 : Alloc_Vec_Vec_Type.t_vec (isize, isize) (Alloc_Alloc_Global_Type.t_global); - var iter_old : Ghost.ghost_ty (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); - var produced : Ghost.ghost_ty (Seq.seq (isize, isize)); + var iter_old : Snapshot.snap_ty (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); + var produced : Snapshot.snap_ty (Seq.seq (isize, isize)); var _16 : (); var _17 : Core_Option_Option_Type.t_option (isize, isize); var _18 : borrowed (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); var _19 : borrowed (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); var __creusot_proc_iter_elem : (isize, isize); - var _22 : Ghost.ghost_ty (Seq.seq (isize, isize)); + var _22 : Snapshot.snap_ty (Seq.seq (isize, isize)); var m : (isize, isize); var next : C06KnightsTour_Point_Type.t_point; var _28 : (isize, isize); @@ -1319,11 +1319,11 @@ module C06KnightsTour_Impl1_CountDegree goto BB2 } BB2 { - [#"../06_knights_tour.rs" 73 8 73 46] iter_old <- ([#"../06_knights_tour.rs" 73 8 73 46] Ghost.new iter); + [#"../06_knights_tour.rs" 73 8 73 46] iter_old <- ([#"../06_knights_tour.rs" 73 8 73 46] Snapshot.new iter); goto BB3 } BB3 { - [#"../06_knights_tour.rs" 73 8 73 46] produced <- ([#"../06_knights_tour.rs" 73 8 73 46] Ghost.new (Seq.empty )); + [#"../06_knights_tour.rs" 73 8 73 46] produced <- ([#"../06_knights_tour.rs" 73 8 73 46] Snapshot.new (Seq.empty )); goto BB4 } BB4 { @@ -1337,8 +1337,8 @@ module C06KnightsTour_Impl1_CountDegree } BB7 { invariant { [#"../06_knights_tour.rs" 73 8 73 46] inv0 iter }; - invariant { [#"../06_knights_tour.rs" 73 8 73 46] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../06_knights_tour.rs" 73 20 73 44] UIntSize.to_int count <= Seq.length (Ghost.inner produced) }; + invariant { [#"../06_knights_tour.rs" 73 8 73 46] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../06_knights_tour.rs" 73 20 73 44] UIntSize.to_int count <= Seq.length (Snapshot.inner produced) }; goto BB8 } BB8 { @@ -1370,14 +1370,14 @@ module C06KnightsTour_Impl1_CountDegree absurd } BB13 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _17); - [#"../06_knights_tour.rs" 73 8 73 46] _22 <- ([#"../06_knights_tour.rs" 73 8 73 46] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _17); + [#"../06_knights_tour.rs" 73 8 73 46] _22 <- ([#"../06_knights_tour.rs" 73 8 73 46] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB14 } BB14 { [#"../06_knights_tour.rs" 73 8 73 46] produced <- ([#"../06_knights_tour.rs" 73 8 73 46] _22); - [#"../06_knights_tour.rs" 73 8 73 46] _22 <- any Ghost.ghost_ty (Seq.seq (isize, isize)); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] m <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../06_knights_tour.rs" 73 8 73 46] _22 <- any Snapshot.snap_ty (Seq.seq (isize, isize)); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] m <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); assume { resolve1 __creusot_proc_iter_elem }; [#"../06_knights_tour.rs" 75 29 75 31] _28 <- ([#"../06_knights_tour.rs" 75 29 75 31] m); [#"../06_knights_tour.rs" 75 23 75 32] next <- ([#"../06_knights_tour.rs" 75 23 75 32] mov0 ([#"../06_knights_tour.rs" 75 23 75 24] p) ([#"../06_knights_tour.rs" 75 29 75 31] _28)); @@ -1857,7 +1857,7 @@ module C06KnightsTour_Min ensures { result = inv0 _x } axiom inv0 : forall x : Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point) . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use seq.Seq predicate resolve0 (self : borrowed (Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point))) = [#"../../../../../creusot-contracts/src/resolve.rs" 25 20 25 34] ^ self = * self @@ -1898,10 +1898,10 @@ module C06KnightsTour_Min val shallow_model0 (self : Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global)) : Seq.seq (usize, C06KnightsTour_Point_Type.t_point) ensures { result = shallow_model0 self } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global)) (res : Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point)) = @@ -1929,13 +1929,13 @@ module C06KnightsTour_Min var v : Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global) = v; var min : Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); var iter : Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point); - var iter_old : Ghost.ghost_ty (Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point)); - var produced : Ghost.ghost_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); + var iter_old : Snapshot.snap_ty (Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point)); + var produced : Snapshot.snap_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); var _15 : Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); var _16 : borrowed (Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point)); var _17 : borrowed (Core_Slice_Iter_Iter_Type.t_iter (usize, C06KnightsTour_Point_Type.t_point)); var __creusot_proc_iter_elem : (usize, C06KnightsTour_Point_Type.t_point); - var _20 : Ghost.ghost_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); + var _20 : Snapshot.snap_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); var x : (usize, C06KnightsTour_Point_Type.t_point); var _23 : (); var m : (usize, C06KnightsTour_Point_Type.t_point); @@ -1948,11 +1948,11 @@ module C06KnightsTour_Min goto BB1 } BB1 { - [#"../06_knights_tour.rs" 113 4 114 74] iter_old <- ([#"../06_knights_tour.rs" 113 4 114 74] Ghost.new iter); + [#"../06_knights_tour.rs" 113 4 114 74] iter_old <- ([#"../06_knights_tour.rs" 113 4 114 74] Snapshot.new iter); goto BB2 } BB2 { - [#"../06_knights_tour.rs" 113 4 114 74] produced <- ([#"../06_knights_tour.rs" 113 4 114 74] Ghost.new (Seq.empty )); + [#"../06_knights_tour.rs" 113 4 114 74] produced <- ([#"../06_knights_tour.rs" 113 4 114 74] Snapshot.new (Seq.empty )); goto BB3 } BB3 { @@ -1960,7 +1960,7 @@ module C06KnightsTour_Min } BB4 { invariant { [#"../06_knights_tour.rs" 113 4 114 74] inv0 iter }; - invariant { [#"../06_knights_tour.rs" 113 4 114 74] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../06_knights_tour.rs" 113 4 114 74] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../06_knights_tour.rs" 113 4 114 74] forall r : (usize, C06KnightsTour_Point_Type.t_point) . min = Core_Option_Option_Type.C_Some r -> (exists i : int . 0 <= i /\ i < Seq.length (shallow_model0 v) /\ index_logic0 v i = r) }; goto BB5 } @@ -1992,14 +1992,14 @@ module C06KnightsTour_Min absurd } BB10 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _15); - [#"../06_knights_tour.rs" 113 4 114 74] _20 <- ([#"../06_knights_tour.rs" 113 4 114 74] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _15); + [#"../06_knights_tour.rs" 113 4 114 74] _20 <- ([#"../06_knights_tour.rs" 113 4 114 74] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB11 } BB11 { [#"../06_knights_tour.rs" 113 4 114 74] produced <- ([#"../06_knights_tour.rs" 113 4 114 74] _20); - [#"../06_knights_tour.rs" 113 4 114 74] _20 <- any Ghost.ghost_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../06_knights_tour.rs" 113 4 114 74] _20 <- any Snapshot.snap_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); switch (min) | Core_Option_Option_Type.C_None -> goto BB12 | Core_Option_Option_Type.C_Some _ -> goto BB13 @@ -2347,7 +2347,7 @@ module C06KnightsTour_KnightsTour ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_Range_Type.t_range usize . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use C06KnightsTour_Board_Type as C06KnightsTour_Board_Type predicate resolve8 (self : C06KnightsTour_Point_Type.t_point) = [#"../../../../../creusot-contracts/src/resolve.rs" 45 8 45 12] true @@ -2487,10 +2487,10 @@ module C06KnightsTour_KnightsTour end } ensures { inv8 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post1 (self : Alloc_Vec_Vec_Type.t_vec (isize, isize) (Alloc_Alloc_Global_Type.t_global)) (res : Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)) = @@ -2543,10 +2543,10 @@ module C06KnightsTour_KnightsTour end } ensures { inv3 result } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -2565,7 +2565,7 @@ module C06KnightsTour_KnightsTour ensures { [#"../../../../../creusot-contracts/src/std/iter.rs" 89 0 166 1] into_iter_post0 self result } ensures { inv0 result } - use prelude.Ghost + use prelude.Snapshot function dumb_nonlinear_arith0 [#"../06_knights_tour.rs" 131 0 131 33] (a : usize) : () = [#"../06_knights_tour.rs" 128 0 128 8] () val dumb_nonlinear_arith0 [#"../06_knights_tour.rs" 131 0 131 33] (a : usize) : () @@ -2598,27 +2598,27 @@ module C06KnightsTour_KnightsTour var p : C06KnightsTour_Point_Type.t_point; var _14 : (); var _15 : borrowed (C06KnightsTour_Board_Type.t_board); - var _17 : Ghost.ghost_ty (); + var _17 : Snapshot.snap_ty (); var iter : Core_Ops_Range_Range_Type.t_range usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _34 : (); var _35 : Core_Option_Option_Type.t_option usize; var _36 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _37 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem : usize; - var _40 : Ghost.ghost_ty (Seq.seq usize); + var _40 : Snapshot.snap_ty (Seq.seq usize); var step : usize; var candidates : Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global); var iter1 : Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global); var _46 : Alloc_Vec_Vec_Type.t_vec (isize, isize) (Alloc_Alloc_Global_Type.t_global); - var iter_old1 : Ghost.ghost_ty (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); - var produced1 : Ghost.ghost_ty (Seq.seq (isize, isize)); + var iter_old1 : Snapshot.snap_ty (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); + var produced1 : Snapshot.snap_ty (Seq.seq (isize, isize)); var _54 : Core_Option_Option_Type.t_option (isize, isize); var _55 : borrowed (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); var _56 : borrowed (Alloc_Vec_IntoIter_IntoIter_Type.t_intoiter (isize, isize) (Alloc_Alloc_Global_Type.t_global)); var __creusot_proc_iter_elem1 : (isize, isize); - var _59 : Ghost.ghost_ty (Seq.seq (isize, isize)); + var _59 : Snapshot.snap_ty (Seq.seq (isize, isize)); var m : (isize, isize); var adj : C06KnightsTour_Point_Type.t_point; var _65 : (isize, isize); @@ -2647,7 +2647,7 @@ module C06KnightsTour_KnightsTour goto BB2 } BB2 { - [#"../06_knights_tour.rs" 141 4 141 38] _17 <- ([#"../06_knights_tour.rs" 141 4 141 38] Ghost.new (dumb_nonlinear_arith0 size)); + [#"../06_knights_tour.rs" 141 4 141 44] _17 <- ([#"../06_knights_tour.rs" 141 4 141 44] Snapshot.new (dumb_nonlinear_arith0 size)); goto BB3 } BB3 { @@ -2655,11 +2655,11 @@ module C06KnightsTour_KnightsTour goto BB4 } BB4 { - [#"../06_knights_tour.rs" 142 4 142 36] iter_old <- ([#"../06_knights_tour.rs" 142 4 142 36] Ghost.new iter); + [#"../06_knights_tour.rs" 142 4 142 36] iter_old <- ([#"../06_knights_tour.rs" 142 4 142 36] Snapshot.new iter); goto BB5 } BB5 { - [#"../06_knights_tour.rs" 142 4 142 36] produced <- ([#"../06_knights_tour.rs" 142 4 142 36] Ghost.new (Seq.empty )); + [#"../06_knights_tour.rs" 142 4 142 36] produced <- ([#"../06_knights_tour.rs" 142 4 142 36] Snapshot.new (Seq.empty )); goto BB6 } BB6 { @@ -2673,7 +2673,7 @@ module C06KnightsTour_KnightsTour } BB9 { invariant { [#"../06_knights_tour.rs" 142 4 142 36] inv0 iter }; - invariant { [#"../06_knights_tour.rs" 142 4 142 36] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; + invariant { [#"../06_knights_tour.rs" 142 4 142 36] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; invariant { [#"../06_knights_tour.rs" 142 16 142 34] C06KnightsTour_Board_Type.board_size board = size }; invariant { [#"../06_knights_tour.rs" 143 16 143 26] wf0 board }; invariant { [#"../06_knights_tour.rs" 144 16 144 34] in_bounds0 board p }; @@ -2708,14 +2708,14 @@ module C06KnightsTour_KnightsTour absurd } BB15 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _35); - [#"../06_knights_tour.rs" 142 4 142 36] _40 <- ([#"../06_knights_tour.rs" 142 4 142 36] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _35); + [#"../06_knights_tour.rs" 142 4 142 36] _40 <- ([#"../06_knights_tour.rs" 142 4 142 36] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB16 } BB16 { [#"../06_knights_tour.rs" 142 4 142 36] produced <- ([#"../06_knights_tour.rs" 142 4 142 36] _40); - [#"../06_knights_tour.rs" 142 4 142 36] _40 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] step <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../06_knights_tour.rs" 142 4 142 36] _40 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] step <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../06_knights_tour.rs" 147 50 147 60] candidates <- ([#"../06_knights_tour.rs" 147 50 147 60] new4 ()); goto BB17 } @@ -2729,11 +2729,11 @@ module C06KnightsTour_KnightsTour goto BB19 } BB19 { - [#"../06_knights_tour.rs" 148 8 149 54] iter_old1 <- ([#"../06_knights_tour.rs" 148 8 149 54] Ghost.new iter1); + [#"../06_knights_tour.rs" 148 8 149 54] iter_old1 <- ([#"../06_knights_tour.rs" 148 8 149 54] Snapshot.new iter1); goto BB20 } BB20 { - [#"../06_knights_tour.rs" 148 8 149 54] produced1 <- ([#"../06_knights_tour.rs" 148 8 149 54] Ghost.new (Seq.empty )); + [#"../06_knights_tour.rs" 148 8 149 54] produced1 <- ([#"../06_knights_tour.rs" 148 8 149 54] Snapshot.new (Seq.empty )); goto BB21 } BB21 { @@ -2750,7 +2750,7 @@ module C06KnightsTour_KnightsTour } BB25 { invariant { [#"../06_knights_tour.rs" 148 8 149 54] inv1 iter1 }; - invariant { [#"../06_knights_tour.rs" 148 8 149 54] produces1 (Ghost.inner iter_old1) (Ghost.inner produced1) iter1 }; + invariant { [#"../06_knights_tour.rs" 148 8 149 54] produces1 (Snapshot.inner iter_old1) (Snapshot.inner produced1) iter1 }; invariant { [#"../06_knights_tour.rs" 148 8 149 54] forall i : int . 0 <= i /\ i < Seq.length (shallow_model0 candidates) -> in_bounds0 board (let (_, a) = index_logic0 candidates i in a) }; goto BB26 } @@ -2778,14 +2778,14 @@ module C06KnightsTour_KnightsTour goto BB30 } BB30 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1 <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _54); - [#"../06_knights_tour.rs" 148 8 149 54] _59 <- ([#"../06_knights_tour.rs" 148 8 149 54] Ghost.new (Seq.(++) (Ghost.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1 <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _54); + [#"../06_knights_tour.rs" 148 8 149 54] _59 <- ([#"../06_knights_tour.rs" 148 8 149 54] Snapshot.new (Seq.(++) (Snapshot.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); goto BB31 } BB31 { [#"../06_knights_tour.rs" 148 8 149 54] produced1 <- ([#"../06_knights_tour.rs" 148 8 149 54] _59); - [#"../06_knights_tour.rs" 148 8 149 54] _59 <- any Ghost.ghost_ty (Seq.seq (isize, isize)); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] m <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1); + [#"../06_knights_tour.rs" 148 8 149 54] _59 <- any Snapshot.snap_ty (Seq.seq (isize, isize)); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] m <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); assume { resolve2 __creusot_proc_iter_elem1 }; [#"../06_knights_tour.rs" 151 28 151 30] _65 <- ([#"../06_knights_tour.rs" 151 28 151 30] m); [#"../06_knights_tour.rs" 151 22 151 31] adj <- ([#"../06_knights_tour.rs" 151 22 151 31] mov0 ([#"../06_knights_tour.rs" 151 22 151 23] p) ([#"../06_knights_tour.rs" 151 28 151 30] _65)); diff --git a/creusot/tests/should_succeed/vector/06_knights_tour.rs b/creusot/tests/should_succeed/vector/06_knights_tour.rs index 84e824fb06..b3f6643fdc 100644 --- a/creusot/tests/should_succeed/vector/06_knights_tour.rs +++ b/creusot/tests/should_succeed/vector/06_knights_tour.rs @@ -125,7 +125,7 @@ fn min(v: &Vec<(usize, Point)>) -> Option<&(usize, Point)> { min } -#[ghost] +#[logic] #[requires(a@ <= 1_000)] #[ensures(a@ * a@ <= 1_000_000)] fn dumb_nonlinear_arith(a: usize) {} @@ -138,7 +138,7 @@ pub fn knights_tour(size: usize, x: usize, y: usize) -> Option { let mut p = Point { x: x as isize, y: y as isize }; board.set(p, 1); - gh! { dumb_nonlinear_arith(size) }; + snapshot! { dumb_nonlinear_arith(size) }; #[invariant(board.size == size)] #[invariant(board.wf())] #[invariant(board.in_bounds(p))] diff --git a/creusot/tests/should_succeed/vector/08_haystack.mlcfg b/creusot/tests/should_succeed/vector/08_haystack.mlcfg index 8ac793f7be..406aaa9f4e 100644 --- a/creusot/tests/should_succeed/vector/08_haystack.mlcfg +++ b/creusot/tests/should_succeed/vector/08_haystack.mlcfg @@ -296,7 +296,7 @@ module C08Haystack_Search ensures { result = invariant0 self } axiom inv0 : forall x : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize . inv0 x = true - use prelude.Ghost + use prelude.Snapshot use prelude.Slice use seq.Seq predicate has_value0 [@inline:trivial] (self : usize) (seq : Seq.seq uint8) (out : uint8) = @@ -340,8 +340,8 @@ module C08Haystack_Search end } ensures { inv5 result } - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post1 (self : Core_Ops_Range_Range_Type.t_range usize) (res : Core_Ops_Range_Range_Type.t_range usize) = @@ -392,11 +392,11 @@ module C08Haystack_Search val match_at0 [#"../08_haystack.rs" 7 0 7 77] (needle : Alloc_Vec_Vec_Type.t_vec uint8 (Alloc_Alloc_Global_Type.t_global)) (haystack : Alloc_Vec_Vec_Type.t_vec uint8 (Alloc_Alloc_Global_Type.t_global)) (pos : int) (len : int) : bool ensures { result = match_at0 needle haystack pos len } - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost - use prelude.Ghost + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot + use prelude.Snapshot predicate into_iter_post0 (self : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize) (res : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize) = @@ -441,23 +441,23 @@ module C08Haystack_Search var _10 : Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize; var _12 : usize; var _14 : usize; - var iter_old : Ghost.ghost_ty (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); - var produced : Ghost.ghost_ty (Seq.seq usize); + var iter_old : Snapshot.snap_ty (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); + var produced : Snapshot.snap_ty (Seq.seq usize); var _24 : Core_Option_Option_Type.t_option usize; var _25 : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); var _26 : borrowed (Core_Ops_Range_RangeInclusive_Type.t_rangeinclusive usize); var __creusot_proc_iter_elem : usize; - var _29 : Ghost.ghost_ty (Seq.seq usize); + var _29 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var iter1 : Core_Ops_Range_Range_Type.t_range usize; var _36 : usize; - var iter_old1 : Ghost.ghost_ty (Core_Ops_Range_Range_Type.t_range usize); - var produced1 : Ghost.ghost_ty (Seq.seq usize); + var iter_old1 : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); + var produced1 : Snapshot.snap_ty (Seq.seq usize); var _45 : Core_Option_Option_Type.t_option usize; var _46 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var _47 : borrowed (Core_Ops_Range_Range_Type.t_range usize); var __creusot_proc_iter_elem1 : usize; - var _50 : Ghost.ghost_ty (Seq.seq usize); + var _50 : Snapshot.snap_ty (Seq.seq usize); var j : usize; var _55 : uint8; var _59 : uint8; @@ -484,11 +484,11 @@ module C08Haystack_Search goto BB4 } BB4 { - [#"../08_haystack.rs" 22 4 22 112] iter_old <- ([#"../08_haystack.rs" 22 4 22 112] Ghost.new iter); + [#"../08_haystack.rs" 22 4 22 112] iter_old <- ([#"../08_haystack.rs" 22 4 22 112] Snapshot.new iter); goto BB5 } BB5 { - [#"../08_haystack.rs" 22 4 22 112] produced <- ([#"../08_haystack.rs" 22 4 22 112] Ghost.new (Seq.empty )); + [#"../08_haystack.rs" 22 4 22 112] produced <- ([#"../08_haystack.rs" 22 4 22 112] Snapshot.new (Seq.empty )); goto BB6 } BB6 { @@ -496,8 +496,8 @@ module C08Haystack_Search } BB7 { invariant { [#"../08_haystack.rs" 22 4 22 112] inv0 iter }; - invariant { [#"../08_haystack.rs" 22 4 22 112] produces0 (Ghost.inner iter_old) (Ghost.inner produced) iter }; - invariant { [#"../08_haystack.rs" 22 4 22 112] forall k : int . 0 <= k /\ k < Seq.length (Ghost.inner produced) -> not match_at0 needle haystack k (Seq.length (shallow_model0 needle)) }; + invariant { [#"../08_haystack.rs" 22 4 22 112] produces0 (Snapshot.inner iter_old) (Snapshot.inner produced) iter }; + invariant { [#"../08_haystack.rs" 22 4 22 112] forall k : int . 0 <= k /\ k < Seq.length (Snapshot.inner produced) -> not match_at0 needle haystack k (Seq.length (shallow_model0 needle)) }; goto BB8 } BB8 { @@ -528,14 +528,14 @@ module C08Haystack_Search absurd } BB13 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _24); - [#"../08_haystack.rs" 22 4 22 112] _29 <- ([#"../08_haystack.rs" 22 4 22 112] Ghost.new (Seq.(++) (Ghost.inner produced) (Seq.singleton __creusot_proc_iter_elem))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _24); + [#"../08_haystack.rs" 22 4 22 112] _29 <- ([#"../08_haystack.rs" 22 4 22 112] Snapshot.new (Seq.(++) (Snapshot.inner produced) (Seq.singleton __creusot_proc_iter_elem))); goto BB14 } BB14 { [#"../08_haystack.rs" 22 4 22 112] produced <- ([#"../08_haystack.rs" 22 4 22 112] _29); - [#"../08_haystack.rs" 22 4 22 112] _29 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] i <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem); + [#"../08_haystack.rs" 22 4 22 112] _29 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../08_haystack.rs" 25 20 25 32] _36 <- ([#"../08_haystack.rs" 25 20 25 32] len0 ([#"../08_haystack.rs" 25 20 25 26] needle)); goto BB15 } @@ -545,11 +545,11 @@ module C08Haystack_Search goto BB16 } BB16 { - [#"../08_haystack.rs" 24 8 24 68] iter_old1 <- ([#"../08_haystack.rs" 24 8 24 68] Ghost.new iter1); + [#"../08_haystack.rs" 24 8 24 68] iter_old1 <- ([#"../08_haystack.rs" 24 8 24 68] Snapshot.new iter1); goto BB17 } BB17 { - [#"../08_haystack.rs" 24 8 24 68] produced1 <- ([#"../08_haystack.rs" 24 8 24 68] Ghost.new (Seq.empty )); + [#"../08_haystack.rs" 24 8 24 68] produced1 <- ([#"../08_haystack.rs" 24 8 24 68] Snapshot.new (Seq.empty )); goto BB18 } BB18 { @@ -557,8 +557,8 @@ module C08Haystack_Search } BB19 { invariant { [#"../08_haystack.rs" 24 8 24 68] inv1 iter1 }; - invariant { [#"../08_haystack.rs" 24 8 24 68] produces1 (Ghost.inner iter_old1) (Ghost.inner produced1) iter1 }; - invariant { [#"../08_haystack.rs" 24 20 24 66] match_at0 needle haystack (UIntSize.to_int i) (Seq.length (Ghost.inner produced1)) }; + invariant { [#"../08_haystack.rs" 24 8 24 68] produces1 (Snapshot.inner iter_old1) (Snapshot.inner produced1) iter1 }; + invariant { [#"../08_haystack.rs" 24 20 24 66] match_at0 needle haystack (UIntSize.to_int i) (Seq.length (Snapshot.inner produced1)) }; goto BB20 } BB20 { @@ -585,14 +585,14 @@ module C08Haystack_Search goto BB24 } BB24 { - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1 <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] Core_Option_Option_Type.some_0 _45); - [#"../08_haystack.rs" 24 8 24 68] _50 <- ([#"../08_haystack.rs" 24 8 24 68] Ghost.new (Seq.(++) (Ghost.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1 <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] Core_Option_Option_Type.some_0 _45); + [#"../08_haystack.rs" 24 8 24 68] _50 <- ([#"../08_haystack.rs" 24 8 24 68] Snapshot.new (Seq.(++) (Snapshot.inner produced1) (Seq.singleton __creusot_proc_iter_elem1))); goto BB25 } BB25 { [#"../08_haystack.rs" 24 8 24 68] produced1 <- ([#"../08_haystack.rs" 24 8 24 68] _50); - [#"../08_haystack.rs" 24 8 24 68] _50 <- any Ghost.ghost_ty (Seq.seq usize); - [#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] j <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 664 0 664 51] __creusot_proc_iter_elem1); + [#"../08_haystack.rs" 24 8 24 68] _50 <- any Snapshot.snap_ty (Seq.seq usize); + [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] j <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); [#"../08_haystack.rs" 26 21 26 24] _55 <- ([#"../08_haystack.rs" 26 21 26 24] index0 ([#"../08_haystack.rs" 26 15 26 21] needle) ([#"../08_haystack.rs" 26 22 26 23] j)); goto BB26 } From 0b2d650abf704e7b20ca9d542855a6448d0a9617 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Thu, 29 Feb 2024 09:03:32 +0100 Subject: [PATCH 25/66] Update Coma AST and printer with latest syntax changes --- why3/src/coma.rs | 130 +++++++++++++++++++++++++++++++++++++---------- 1 file changed, 102 insertions(+), 28 deletions(-) diff --git a/why3/src/coma.rs b/why3/src/coma.rs index 607c21f995..631bf9408c 100644 --- a/why3/src/coma.rs +++ b/why3/src/coma.rs @@ -1,6 +1,8 @@ +use crate::{declaration::Use, ty::Type, Ident, Print, QName}; use pretty::docs; -use crate::{declaration::Use, ty::Type, Ident, Print}; +#[cfg(feature = "serialize")] +use serde::{Deserialize, Serialize}; type Term = crate::Exp; @@ -18,9 +20,10 @@ type Term = crate::Exp; /// 3. CPS structure #[derive(Clone, Debug)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub enum Expr { /// Variables eg: `x` - Symbol(Ident), + Symbol(QName), /// Generic application for type lambdas, terms, references and continuations /// e ... t... | e... App(Box, Box), @@ -39,6 +42,8 @@ pub enum Expr { Let(Box, Vec), /// Asserts that the term holds before evaluating the expression Assert(Box, Box), + /// Syntactic sugar for assuming that a term holds before evaluating the inner expression + Assume(Box, Box), /// The core operator of coma is the "black box" or *abstraction barrier* operator. /// This operator distinguishes the responsibility between the caller and callee for /// verification. Everything under an abstraction is opaque to the outside world, whereas from the inside, @@ -55,9 +60,11 @@ pub enum Expr { } #[derive(Clone, Debug)] -pub struct Var(Ident, Type, Term, IsRef); +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] +pub struct Var(pub Ident, pub Type, pub Term, pub IsRef); #[derive(Clone, Debug)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub enum IsRef { Ref, NotRef, @@ -65,6 +72,7 @@ pub enum IsRef { /// Parameter declarations #[derive(Clone, Debug)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub enum Param { // Can only be type parameters Ty(Type), @@ -75,6 +83,7 @@ pub enum Param { } #[derive(Clone, Debug)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub enum Arg { /// Type application Ty(Type), @@ -87,6 +96,7 @@ pub enum Arg { } #[derive(Clone, Debug)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub struct Defn { pub name: Ident, /// Only relevant if using references @@ -96,6 +106,7 @@ pub struct Defn { } #[derive(Clone, Debug)] +#[cfg_attr(feature = "serialize", derive(Serialize, Deserialize))] pub enum Decl { /// Coma definitions Defn(Vec), @@ -107,6 +118,22 @@ pub enum Decl { #[derive(Clone, Debug)] pub struct Module(pub Vec); +impl Expr { + pub fn app(self, args: Vec) -> Self { + args.into_iter().fold(self, |acc, a| Expr::App(Box::new(acc), Box::new(a))) + } + + pub fn assign(mut self, lhs: Ident, rhs: Term) -> Self { + match &mut self { + Expr::Assign(_, asgns) => { + asgns.push((lhs, rhs)); + self + } + _ => Expr::Assign(Box::new(self), vec![(lhs, rhs)]), + } + } +} + impl Print for Param { fn pretty<'b, 'a: 'b, A: pretty::DocAllocator<'a>>( &'a self, @@ -117,7 +144,7 @@ impl Print for Param { { match self { Param::Ty(ty) => ty.pretty(alloc), - Param::Term(id, ty) => docs![alloc, id.pretty(alloc), ":", ty.pretty(alloc)], + Param::Term(id, ty) => docs![alloc, id.pretty(alloc), ":", ty.pretty(alloc)].parens(), Param::Reference(id, ty) => docs![alloc, "&", id.pretty(alloc), ":", ty.pretty(alloc)], Param::Cont(id, writes, params) => docs![ alloc, @@ -163,6 +190,7 @@ impl Print for Arg { Arg::Ty(ty) => ty.pretty(alloc).enclose("<", ">"), Arg::Term(t) => t.pretty(alloc).braces(), Arg::Ref(r) => alloc.text("& ").append(r.pretty(alloc)), + Arg::Cont(e @ Expr::Lambda(_, _)) => e.pretty(alloc), Arg::Cont(c) => c.pretty(alloc).parens(), } } @@ -186,48 +214,68 @@ impl Print for Expr { let doc = e.pretty(alloc); - if needs_paren { doc.parens() } else { doc }.append(arg.pretty(alloc)) + docs![ + alloc, + if needs_paren { doc.parens() } else { doc }, + alloc.softline(), + arg.pretty(alloc) + ] } Expr::Lambda(params, body) => { let header = if params.is_empty() { - alloc.text("->") + alloc.text("-> ") } else { docs![ alloc, "fun ", - alloc.intersperse(params.iter().map(|p| p.pretty(alloc)), alloc.text(" ")) + alloc.intersperse(params.iter().map(|p| p.pretty(alloc)), alloc.text(" ")), + alloc.text(" -> ") ] }; - header.append(body.pretty(alloc)).parens() + header.append(body.pretty(alloc).nest(2)).parens() } Expr::Defn(cont, rec, handlers) => { let handlers = handlers.iter().map(|d| print_defn(d, if *rec { "=" } else { "->" }, alloc)); - cont.pretty(alloc).append(alloc.intersperse(handlers, alloc.text(" | ")).brackets()) + cont.pretty(alloc).append(alloc.softline()).append(bracket_list( + alloc, + handlers, + alloc.line().append(alloc.text("| ")), + )) } Expr::Let(cont, lets) => docs![ alloc, cont.pretty(alloc), - alloc.intersperse(lets.iter().map(|l| l.pretty(alloc)), alloc.text(" | ")) + bracket_list( + alloc, + lets.iter().map(|l| l.pretty(alloc)), + alloc.line().append(alloc.text("| ")) + ) ], Expr::Assign(cont, asgns) => docs![ alloc, - alloc - .intersperse( - asgns.iter().map(|(id, t)| docs![ - alloc, - "&", - id.pretty(alloc), - "<-", - t.pretty(alloc).braces() - ]), - alloc.text(" | ") - ) - .brackets(), + bracket_list( + alloc, + asgns.iter().map(|(id, t)| docs![ + alloc, + "&", + id.pretty(alloc), + alloc.space(), + "<-", + alloc.space(), + t.pretty(alloc) + ]), + alloc.line().append(alloc.text("| ")) + ), cont.pretty(alloc) ], - Expr::Assert(t, e) => docs![alloc, t.pretty(alloc).braces(), e.pretty(alloc)], + Expr::Assert(t, e) => { + docs![alloc, t.pretty(alloc).braces(), alloc.space(), e.pretty(alloc)] + } + Expr::Assume(t, e) => { + docs![alloc, t.pretty(alloc).enclose("-{", "}-"), alloc.space(), e.pretty(alloc)] + } Expr::BlackBox(e) => docs![alloc, "!", alloc.space(), e.pretty(alloc)].parens(), Expr::WhiteBox(e) => docs![alloc, "?", alloc.space(), e.pretty(alloc)].parens(), Expr::Any => alloc.text("any"), @@ -237,14 +285,39 @@ impl Print for Expr { fn brackets<'a, A: pretty::DocAllocator<'a>>( doc: pretty::DocBuilder<'a, A>, -) -> pretty::DocBuilder<'a, A> { +) -> pretty::DocBuilder<'a, A> +where + A::Doc: Clone, +{ if !matches!(&*doc.1, pretty::Doc::Nil) { - doc.brackets() + doc.brackets().nest(2) } else { doc } } +fn bracket_list<'a, S, A: pretty::DocAllocator<'a>>( + alloc: &'a A, + docs: impl Iterator>, + sep: S, +) -> pretty::DocBuilder<'a, A> +where + S: pretty::Pretty<'a, A> + Clone, +{ + let body = alloc.intersperse(docs, sep).group(); + if matches!(&*body.1, pretty::Doc::Nil) { + return body; + } + + docs![ + alloc, + alloc.line_(), + alloc.space().append(body).append(alloc.space()).brackets().nest(0), + alloc.line_() + ] + .group() +} + fn print_defn<'a, A: pretty::DocAllocator<'a>>( defn: &'a Defn, arrow_kind: &'a str, @@ -257,11 +330,12 @@ where alloc, defn.name.pretty(alloc), alloc.space(), - brackets(alloc.intersperse(defn.writes.iter().map(|a| a.pretty(alloc)), " ")), - alloc.space(), + bracket_list(alloc, defn.writes.iter().map(|a| a.pretty(alloc)), " "), + if defn.writes.is_empty() { alloc.nil() } else { alloc.space() }, alloc.intersperse(defn.params.iter().map(|a| a.pretty(alloc)), " "), arrow_kind, - defn.body.pretty(alloc), + alloc.space(), + defn.body.pretty(alloc).nest(2), ] } From 808186aee73e51da6b8a6ae78852d424f917d061 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Thu, 29 Feb 2024 09:13:12 +0100 Subject: [PATCH 26/66] refactor fmir --- creusot/src/backend/clone_map/elaborator.rs | 14 ++-- creusot/src/backend/constant.rs | 8 +-- creusot/src/backend/optimization.rs | 54 ++++++++------- creusot/src/translation/constant.rs | 51 ++++---------- creusot/src/translation/fmir.rs | 68 ++++++++++++++----- creusot/src/translation/function.rs | 26 +++---- creusot/src/translation/function/statement.rs | 20 +++--- .../src/translation/function/terminator.rs | 22 ++++-- 8 files changed, 139 insertions(+), 124 deletions(-) diff --git a/creusot/src/backend/clone_map/elaborator.rs b/creusot/src/backend/clone_map/elaborator.rs index 3fbf4775e3..1f705477a9 100644 --- a/creusot/src/backend/clone_map/elaborator.rs +++ b/creusot/src/backend/clone_map/elaborator.rs @@ -18,7 +18,7 @@ use crate::{ dependency::HackedId, logic::{lower_logical_defn, lower_pure_defn, sigs, spec_axiom}, signature::sig_to_why3, - term::lower_pure, + term::{lower_impure, lower_pure}, ty_inv::InvariantElaborator, TransId, Why3Generator, }, @@ -63,21 +63,21 @@ impl<'tcx> SymbolElaborator<'tcx> { let param_env = old_names.param_env(ctx); match item { - DepNode::Type(ty) => return self.elaborate_ty(ctx, names, ty), + DepNode::Type(ty) => self.elaborate_ty(ctx, names, ty), DepNode::Builtin(b) => { - return vec![Decl::UseDecl(Use { name: b.qname(), as_: None, export: false })] + vec![Decl::UseDecl(Use { name: b.qname(), as_: None, export: false })] } DepNode::TyInv(ty, kind) => { let term = InvariantElaborator::new(param_env, true).elaborate_inv(ctx, ty, Some(kind)); let exp = lower_pure(ctx, names, &term); let axiom = Axiom { name: names.ty_inv(ty).name, rewrite: false, axiom: exp }; - return vec![Decl::Axiom(axiom)]; + vec![Decl::Axiom(axiom)] } DepNode::Item(_, _) | DepNode::Hacked(_, _, _) => { - return self.elaborate_item(ctx, names, param_env, level_of_item, item) + self.elaborate_item(ctx, names, param_env, level_of_item, item) } - }; + } } fn elaborate_ty>( @@ -184,7 +184,7 @@ impl<'tcx> SymbolElaborator<'tcx> { let span = ctx.def_span(def_id); let res = crate::constant::from_ty_const(&mut ctx.ctx, constant, param_env, span); - let res = res.to_why(ctx, names, &LocalDecls::new()); + let res = lower_impure(ctx, names, &res); vec![Decl::Let(LetDecl { kind: Some(LetKind::Constant), diff --git a/creusot/src/backend/constant.rs b/creusot/src/backend/constant.rs index df9c0cb8e8..1ec964b1ef 100644 --- a/creusot/src/backend/constant.rs +++ b/creusot/src/backend/constant.rs @@ -1,14 +1,12 @@ use rustc_hir::def_id::DefId; use rustc_middle::ty::{self, Const, GenericArgs}; -use crate::{ - ctx::TranslatedItem, - translation::{constant::from_ty_const, fmir::LocalDecls}, -}; +use crate::{ctx::TranslatedItem, translation::constant::from_ty_const}; use super::{ clone_map::{CloneMap, CloneSummary}, signature::signature_of, + term::lower_impure, CloneDepth, Why3Generator, }; @@ -29,7 +27,7 @@ impl<'tcx> Why3Generator<'tcx> { let span = self.def_span(def_id); let res = from_ty_const(&mut self.ctx, constant, param_env, span); let mut names = CloneMap::new(self.tcx, def_id.into()); - let _ = res.to_why(self, &mut names, &LocalDecls::new()); + let _ = lower_impure(self, &mut names, &res); let _ = signature_of(self, &mut names, def_id); let (_, summary) = names.to_clones(self, CloneDepth::Shallow); diff --git a/creusot/src/backend/optimization.rs b/creusot/src/backend/optimization.rs index 933a34c146..8daecad1d1 100644 --- a/creusot/src/backend/optimization.rs +++ b/creusot/src/backend/optimization.rs @@ -68,7 +68,7 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { fn visit_terminator(&mut self, t: &Terminator<'tcx>) { match t { - Terminator::Switch(e, _) => self.visit_expr(e), + Terminator::Switch(e, _) => self.visit_operand(e), Terminator::Return => { self.read(Symbol::intern("_0"), true); self.read(Symbol::intern("_0"), true); @@ -96,7 +96,7 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { Statement::AssertTyInv(p) => self.read_place(p), Statement::Call(dest, _, _, args, _) => { self.write_place(dest); - args.iter().for_each(|a| self.visit_expr(a)); + args.iter().for_each(|a| self.visit_operand(a)); } } } @@ -118,6 +118,7 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { match op { Operand::Move(p) => self.read_place(p), Operand::Copy(p) => self.read_place(p), + Operand::Constant(t) => self.visit_term(t), } } @@ -125,19 +126,18 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { match &e.kind { ExprKind::Operand(op) => self.visit_operand(op), ExprKind::BinOp(_, l, r) => { - self.visit_expr(l); - self.visit_expr(r) + self.visit_operand(l); + self.visit_operand(r) } - ExprKind::UnaryOp(_, e) => self.visit_expr(e), - ExprKind::Constructor(_, _, es) => es.iter().for_each(|e| self.visit_expr(e)), - ExprKind::Constant(t) => self.visit_term(t), - ExprKind::Cast(e, _, _) => self.visit_expr(e), - ExprKind::Tuple(es) => es.iter().for_each(|e| self.visit_expr(e)), - ExprKind::Len(e) => self.visit_expr(e), - ExprKind::Array(es) => es.iter().for_each(|e| self.visit_expr(e)), + ExprKind::UnaryOp(_, e) => self.visit_operand(e), + ExprKind::Constructor(_, _, es) => es.iter().for_each(|e| self.visit_operand(e)), + ExprKind::Cast(e, _, _) => self.visit_operand(e), + ExprKind::Tuple(es) => es.iter().for_each(|e| self.visit_operand(e)), + ExprKind::Len(e) => self.visit_operand(e), + ExprKind::Array(es) => es.iter().for_each(|e| self.visit_operand(e)), ExprKind::Repeat(l, r) => { - self.visit_expr(l); - self.visit_expr(r) + self.visit_operand(l); + self.visit_operand(r) } } } @@ -249,7 +249,7 @@ impl<'tcx> SimplePropagator<'tcx> { match &mut b.terminator { Terminator::Goto(_) => {} - Terminator::Switch(e, _) => self.visit_expr(e), + Terminator::Switch(e, _) => self.visit_operand(e), Terminator::Return => {} Terminator::Abort(_) => {} } @@ -264,7 +264,7 @@ impl<'tcx> SimplePropagator<'tcx> { } } Statement::Assertion { cond, msg: _ } => self.visit_term(cond), - Statement::Call(_, _, _, args, _) => args.iter_mut().for_each(|a| self.visit_expr(a)), + Statement::Call(_, _, _, args, _) => args.iter_mut().for_each(|a| self.visit_operand(a)), Statement::AssumeBorrowInv(_) => {}, Statement::AssertTyInv( _) => {}, } @@ -280,6 +280,8 @@ impl<'tcx> SimplePropagator<'tcx> { } } + fn visit_operand(&mut self, op: &mut Operand<'tcx>) {} + fn visit_expr(&mut self, e: &mut Expr<'tcx>) { match &mut e.kind { ExprKind::Operand(Operand::Move(p) | Operand::Copy(p)) => { @@ -287,20 +289,20 @@ impl<'tcx> SimplePropagator<'tcx> { *e = v; } }, + ExprKind::Operand(Operand::Constant(_)) => {} ExprKind::BinOp(_, l, r) => { - self.visit_expr(l); - self.visit_expr(r) + self.visit_operand(l); + self.visit_operand(r) } - ExprKind::UnaryOp(_, e) => self.visit_expr(e), - ExprKind::Constructor(_, _, es) => es.iter_mut().for_each(|e| self.visit_expr(e)), - ExprKind::Constant(t) => self.visit_term(t), - ExprKind::Cast(e, _, _) => self.visit_expr(e), - ExprKind::Tuple(es) => es.iter_mut().for_each(|e| self.visit_expr(e)), - ExprKind::Len(e) => self.visit_expr(e), - ExprKind::Array(es) => es.iter_mut().for_each(|e| self.visit_expr(e)), + ExprKind::UnaryOp(_, e) => self.visit_operand(e), + ExprKind::Constructor(_, _, es) => es.iter_mut().for_each(|e| self.visit_operand(e)), + ExprKind::Cast(e, _, _) => self.visit_operand(e), + ExprKind::Tuple(es) => es.iter_mut().for_each(|e| self.visit_operand(e)), + ExprKind::Len(e) => self.visit_operand(e), + ExprKind::Array(es) => es.iter_mut().for_each(|e| self.visit_operand(e)), ExprKind::Repeat(l, r) => { - self.visit_expr(l); - self.visit_expr(r) + self.visit_operand(l); + self.visit_operand(r) } } } diff --git a/creusot/src/translation/constant.rs b/creusot/src/translation/constant.rs index 7552cd4966..9f0c9860c3 100644 --- a/creusot/src/translation/constant.rs +++ b/creusot/src/translation/constant.rs @@ -9,16 +9,13 @@ use rustc_middle::{ use rustc_span::{Span, Symbol}; use rustc_target::abi::Size; -use super::{ - fmir::{Expr, ExprKind}, - pearlite::{Term, TermKind}, -}; +use super::pearlite::{Term, TermKind}; pub(crate) fn from_mir_constant<'tcx>( env: ParamEnv<'tcx>, ctx: &mut TranslationCtx<'tcx>, c: &rustc_middle::mir::ConstOperand<'tcx>, -) -> Expr<'tcx> { +) -> Term<'tcx> { from_mir_constant_kind(ctx, c.const_, env, c.span) } @@ -27,13 +24,13 @@ pub(crate) fn from_mir_constant_kind<'tcx>( ck: mir::Const<'tcx>, env: ParamEnv<'tcx>, span: Span, -) -> Expr<'tcx> { +) -> Term<'tcx> { if let mir::Const::Ty(c) = ck { return from_ty_const(ctx, c, env, span); } if ck.ty().is_unit() { - return Expr { kind: ExprKind::Tuple(Vec::new()), ty: ck.ty(), span }; + return Term { kind: TermKind::Tuple { fields: Vec::new() }, ty: ck.ty(), span }; } // // let ck = ck.normalize(ctx.tcx, env); @@ -48,36 +45,20 @@ pub(crate) fn from_mir_constant_kind<'tcx>( .unwrap(); let string = std::str::from_utf8(bytes).unwrap(); - return Expr { - ty: ck.ty(), - span, - kind: ExprKind::Constant(Term { - kind: TermKind::Lit(Literal::String(string.into())), - ty: ck.ty(), - span, - }), - }; + return Term { kind: TermKind::Lit(Literal::String(string.into())), ty: ck.ty(), span }; } } if let mir::Const::Unevaluated(UnevaluatedConst { promoted: Some(p), .. }, _) = ck { - return Expr { - kind: ExprKind::Constant(Term { - kind: TermKind::Var(Symbol::intern(&format!("promoted{:?}", p.as_usize()))), - ty: ck.ty(), - span, - }), + return Term { + kind: TermKind::Var(Symbol::intern(&format!("promoted{:?}", p.as_usize()))), ty: ck.ty(), span, }; } - return Expr { - kind: ExprKind::Constant(Term { - kind: TermKind::Lit(try_to_bits(ctx, env, ck.ty(), span, ck)), - ty: ck.ty(), - span, - }), + return Term { + kind: TermKind::Lit(try_to_bits(ctx, env, ck.ty(), span, ck)), ty: ck.ty(), span, }; @@ -88,27 +69,19 @@ pub(crate) fn from_ty_const<'tcx>( c: Const<'tcx>, env: ParamEnv<'tcx>, span: Span, -) -> Expr<'tcx> { +) -> Term<'tcx> { // Check if a constant is builtin and thus should not be evaluated further // Builtin constants are given a body which panics if let ConstKind::Unevaluated(u) = c.kind() && let Some(_) = get_builtin(ctx.tcx, u.def) { - return Expr { kind: ExprKind::Constant(Term { kind: TermKind::Lit(Literal::Function(u.def, u.args)), ty: c.ty(), span}), ty: c.ty(), span } + return Term { kind: TermKind::Lit(Literal::Function(u.def, u.args)), ty: c.ty(), span} }; if let ConstKind::Param(_) = c.kind() { ctx.crash_and_error(span, "const generic parameters are not yet supported"); } - return Expr { - kind: ExprKind::Constant(Term { - kind: TermKind::Lit(try_to_bits(ctx, env, c.ty(), span, c)), - ty: c.ty(), - span, - }), - ty: c.ty(), - span, - }; + return Term { kind: TermKind::Lit(try_to_bits(ctx, env, c.ty(), span, c)), ty: c.ty(), span }; } fn try_to_bits<'tcx, C: ToBits<'tcx>>( diff --git a/creusot/src/translation/fmir.rs b/creusot/src/translation/fmir.rs index 840986f4f0..7bb1471d20 100644 --- a/creusot/src/translation/fmir.rs +++ b/creusot/src/translation/fmir.rs @@ -44,7 +44,7 @@ pub enum Statement<'tcx> { AssumeBorrowInv(Place<'tcx>), // Todo: fold into `Assertion` AssertTyInv(Place<'tcx>), - Call(Place<'tcx>, DefId, GenericArgsRef<'tcx>, Vec>, Span), + Call(Place<'tcx>, DefId, GenericArgsRef<'tcx>, Vec>, Span), } // Re-organize this completely @@ -73,21 +73,31 @@ pub struct Expr<'tcx> { pub enum Operand<'tcx> { Move(Place<'tcx>), Copy(Place<'tcx>), + Constant(Term<'tcx>), +} + +impl<'tcx> Operand<'tcx> { + pub fn ty(&self, tcx: TyCtxt<'tcx>, locals: &LocalDecls<'tcx>) -> Ty<'tcx> { + match self { + Operand::Move(pl) => pl.ty(tcx, locals), + Operand::Copy(pl) => pl.ty(tcx, locals), + Operand::Constant(t) => t.ty, + } + } } #[derive(Clone, Debug)] pub enum ExprKind<'tcx> { Operand(Operand<'tcx>), // Revisit whether this is a good idea to allow general expression trees. - BinOp(BinOp, Box>, Box>), - UnaryOp(UnOp, Box>), - Constructor(DefId, GenericArgsRef<'tcx>, Vec>), - Constant(Term<'tcx>), - Cast(Box>, Ty<'tcx>, Ty<'tcx>), - Tuple(Vec>), - Len(Box>), - Array(Vec>), - Repeat(Box>, Box>), + BinOp(BinOp, Box>, Box>), + UnaryOp(UnOp, Box>), + Constructor(DefId, GenericArgsRef<'tcx>, Vec>), + Cast(Box>, Ty<'tcx>, Ty<'tcx>), + Tuple(Vec>), + Len(Box>), + Array(Vec>), + Repeat(Box>, Box>), } impl<'tcx> Expr<'tcx> { @@ -97,7 +107,6 @@ impl<'tcx> Expr<'tcx> { ExprKind::BinOp(_, _, _) => false, ExprKind::UnaryOp(_, _) => false, ExprKind::Constructor(_, _, _) => false, - ExprKind::Constant(_) => false, ExprKind::Cast(_, _, _) => false, ExprKind::Tuple(_) => false, ExprKind::Len(_) => false, @@ -117,13 +126,12 @@ impl<'tcx> Expr<'tcx> { ExprKind::BinOp(_, _, _) => true, ExprKind::UnaryOp(UnOp::Neg, _) => false, ExprKind::UnaryOp(_, _) => true, - ExprKind::Constructor(_, _, es) => es.iter().all(|e| e.is_pure()), - ExprKind::Constant(_) => true, + ExprKind::Constructor(_, _, _) => true, ExprKind::Cast(_, _, _) => false, - ExprKind::Tuple(es) => es.iter().all(|e| e.is_pure()), - ExprKind::Len(e) => e.is_pure(), - ExprKind::Array(es) => es.iter().all(|e| e.is_pure()), - ExprKind::Repeat(l, r) => l.is_pure() && r.is_pure(), + ExprKind::Tuple(_) => true, + ExprKind::Len(_) => true, + ExprKind::Array(_) => true, + ExprKind::Repeat(_, _) => true, } } } @@ -131,11 +139,35 @@ impl<'tcx> Expr<'tcx> { #[derive(Clone)] pub enum Terminator<'tcx> { Goto(BasicBlock), - Switch(Expr<'tcx>, Branches<'tcx>), + Switch(self::Operand<'tcx>, Branches<'tcx>), Return, Abort(Span), } +impl<'tcx> Terminator<'tcx> { + pub fn targets(&self) -> impl Iterator + '_ { + use std::iter::*; + match self { + Terminator::Goto(bb) => Box::new(once(*bb)) as Box>, + Terminator::Switch(_, brs) => match brs { + Branches::Int(brs, def) => Box::new(brs.iter().map(|(_, b)| *b).chain(once(*def))) + as Box>, + Branches::Uint(brs, def) => Box::new(brs.iter().map(|(_, b)| *b).chain(once(*def))) + as Box>, + Branches::Constructor(_, _, brs, def) => { + Box::new(brs.iter().map(|(_, b)| *b).chain(once(*def))) + as Box> + } + Branches::Bool(f, t) => { + Box::new([*f, *t].into_iter()) as Box> + } + }, + Terminator::Return => Box::new(empty()) as Box>, + Terminator::Abort(_) => Box::new(empty()) as Box>, + } + } +} + #[derive(Clone)] pub enum Branches<'tcx> { Int(Vec<(i128, BasicBlock)>, BasicBlock), diff --git a/creusot/src/translation/function.rs b/creusot/src/translation/function.rs index c1d835d8e3..a19d85916f 100644 --- a/creusot/src/translation/function.rs +++ b/creusot/src/translation/function.rs @@ -1,5 +1,5 @@ use super::{ - fmir::{ExprKind, LocalDecls, LocalIdent, RValue}, + fmir::{LocalDecls, LocalIdent, RValue}, pearlite::{normalize, Term}, specification::inv_subst, }; @@ -7,7 +7,7 @@ use crate::{ analysis::NotFinalPlaces, backend::ty::closure_accessors, ctx::*, - fmir::{self, Expr}, + fmir::{self}, gather_spec_closures::{corrected_invariant_names_and_locations, LoopSpecKind, SpecClosures}, resolve::EagerResolver, translation::{ @@ -346,16 +346,16 @@ impl<'body, 'tcx> BodyTranslator<'body, 'tcx> { } // Useful helper to translate an operand - pub(crate) fn translate_operand(&mut self, operand: &Operand<'tcx>) -> Expr<'tcx> { - let kind = match operand { - Operand::Copy(pl) => ExprKind::Operand(fmir::Operand::Copy(self.translate_place(*pl))), - Operand::Move(pl) => ExprKind::Operand(fmir::Operand::Move(self.translate_place(*pl))), - Operand::Constant(c) => { - return crate::constant::from_mir_constant(self.param_env(), self.ctx, c) - } - }; - - Expr { kind, span: DUMMY_SP, ty: operand.ty(self.body, self.tcx) } + pub(crate) fn translate_operand(&mut self, operand: &Operand<'tcx>) -> fmir::Operand<'tcx> { + let kind = + match operand { + Operand::Copy(pl) => fmir::Operand::Copy(self.translate_place(*pl)), + Operand::Move(pl) => fmir::Operand::Move(self.translate_place(*pl)), + Operand::Constant(c) => fmir::Operand::Constant( + crate::constant::from_mir_constant(self.param_env(), self.ctx, c), + ), + }; + kind } fn translate_place(&self, _pl: mir::Place<'tcx>) -> fmir::Place<'tcx> { @@ -654,7 +654,7 @@ pub(crate) fn closure_contract<'tcx>( contracts.postcond_once = Some((post_sig, postcondition)); } - return contracts; + contracts } fn closure_resolve<'tcx>( diff --git a/creusot/src/translation/function/statement.rs b/creusot/src/translation/function/statement.rs index f59e977f42..843e97f707 100644 --- a/creusot/src/translation/function/statement.rs +++ b/creusot/src/translation/function/statement.rs @@ -17,7 +17,6 @@ use rustc_middle::{ ty::adjustment::PointerCoercion, }; use rustc_mir_dataflow::ResultsCursor; -use rustc_span::DUMMY_SP; impl<'tcx> BodyTranslator<'_, 'tcx> { pub(crate) fn translate_statement( @@ -77,12 +76,12 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { let span = si.span; let rval: ExprKind<'tcx> = match rvalue { Rvalue::Use(op) => match op { - Move(_pl) | Copy(_pl) => self.translate_operand(op).kind, + Move(_pl) | Copy(_pl) => ExprKind::Operand(self.translate_operand(op)), Constant(box c) => { if snapshot_closure_id(self.tcx, c.const_.ty()).is_some() { return; }; - crate::constant::from_mir_constant(self.param_env(), self.ctx, c).kind + ExprKind::Operand(self.translate_operand(op)) } }, Rvalue::Ref(_, ss, pl) => match ss { @@ -159,11 +158,7 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { } } Rvalue::Len(pl) => { - let e = Expr { - kind: ExprKind::Operand(Operand::Copy(self.translate_place(*pl))), - ty: pl.ty(self.body, self.tcx).ty, - span: DUMMY_SP, - }; + let e = Operand::Copy(self.translate_place(*pl)); ExprKind::Len(Box::new(e)) } Rvalue::Cast(CastKind::IntToInt | CastKind::PtrToPtr, op, cast_ty) => { @@ -172,13 +167,18 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { } Rvalue::Repeat(op, len) => ExprKind::Repeat( Box::new(self.translate_operand(op)), - Box::new(crate::constant::from_ty_const(self.ctx, *len, self.param_env(), si.span)), + Box::new(Operand::Constant(crate::constant::from_ty_const( + self.ctx, + *len, + self.param_env(), + si.span, + ))), ), Rvalue::Cast(CastKind::PointerCoercion(PointerCoercion::Unsize), op, ty) => { if let Some(t) = ty.builtin_deref(true) && t.ty.is_slice() { // treat &[T; N] to &[T] casts as normal assignments - self.translate_operand(op).kind + ExprKind::Operand(self.translate_operand(op)) } else { // TODO: Since we don't do anything with casts into `dyn` objects, just ignore them return; diff --git a/creusot/src/translation/function/terminator.rs b/creusot/src/translation/function/terminator.rs index f6b2052e95..dc33ca92b9 100644 --- a/creusot/src/translation/function/terminator.rs +++ b/creusot/src/translation/function/terminator.rs @@ -1,6 +1,7 @@ use super::BodyTranslator; use crate::{ ctx::TranslationCtx, + fmir, translation::{ fmir::*, pearlite::{Term, TermKind, UnOp}, @@ -99,18 +100,27 @@ impl<'tcx> BodyTranslator<'_, 'tcx> { if func_args.is_empty() { // TODO: Remove this, push the 0-ary handling down to why3 backend // We use tuple as a dummy argument for 0-ary functions - func_args.push(Expr { - span: DUMMY_SP, - kind: ExprKind::Tuple(vec![]), + func_args.push(fmir::Operand::Constant(Term { + kind: TermKind::Tuple { fields: Vec::new() }, ty: self.ctx.types.unit, - }) + span, + })) } let (loc, bb) = (destination, target.unwrap()); if self.is_box_new(fun_def_id) { assert_eq!(func_args.len(), 1); - self.emit_assignment(&loc, RValue::Expr(func_args.remove(0)), span); + let arg_ty = func_args[0].ty(self.tcx, &self.vars); + self.emit_assignment( + &loc, + RValue::Expr(Expr { + kind: ExprKind::Operand(func_args.remove(0)), + ty: arg_ty, + span, + }), + span, + ); } else { let (fun_def_id, subst) = resolve_function(self.ctx, self.param_env(), fun_def_id, subst, span); @@ -279,7 +289,7 @@ pub(crate) fn make_switch<'tcx>( si: SourceInfo, switch_ty: Ty<'tcx>, targets: &SwitchTargets, - discr: Expr<'tcx>, + discr: fmir::Operand<'tcx>, ) -> Terminator<'tcx> { match switch_ty.kind() { TyKind::Adt(def, substs) => { From 7e7d0b1368a1eee876271539fd81ad8ec6c9e2ab Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Thu, 29 Feb 2024 09:56:11 +0100 Subject: [PATCH 27/66] Update tests --- creusot/src/backend/logic.rs | 3 +- creusot/src/backend/optimization.rs | 43 +- creusot/src/backend/program.rs | 60 +- creusot/src/backend/term.rs | 3 +- .../bug/01_resolve_unsoundness.mlcfg | 12 +- creusot/tests/should_fail/bug/492.mlcfg | 8 +- creusot/tests/should_fail/bug/692.mlcfg | 18 +- creusot/tests/should_fail/bug/695.mlcfg | 37 +- creusot/tests/should_fail/bug/869.mlcfg | 2 +- .../tests/should_fail/bug/specialize.mlcfg | 12 +- creusot/tests/should_fail/bug/subregion.mlcfg | 8 +- creusot/tests/should_fail/final_borrows.mlcfg | 14 +- .../traits/17_impl_refinement.mlcfg | 2 +- creusot/tests/should_succeed/100doors.mlcfg | 27 +- .../should_succeed/100doors/why3session.xml | 2 +- .../should_succeed/100doors/why3shapes.gz | Bin 574 -> 589 bytes creusot/tests/should_succeed/all_zero.mlcfg | 6 +- creusot/tests/should_succeed/bdd.mlcfg | 141 +- .../tests/should_succeed/bdd/why3session.xml | 90 +- .../tests/should_succeed/bdd/why3shapes.gz | Bin 14283 -> 14367 bytes .../tests/should_succeed/binary_search.mlcfg | 66 +- .../binary_search/why3session.xml | 58 +- .../binary_search/why3shapes.gz | Bin 2323 -> 2444 bytes creusot/tests/should_succeed/bug/168.mlcfg | 2 +- creusot/tests/should_succeed/bug/173.mlcfg | 4 +- creusot/tests/should_succeed/bug/235.mlcfg | 2 +- creusot/tests/should_succeed/bug/256.mlcfg | 2 +- creusot/tests/should_succeed/bug/271.mlcfg | 6 +- creusot/tests/should_succeed/bug/273.mlcfg | 2 +- creusot/tests/should_succeed/bug/387.mlcfg | 8 +- creusot/tests/should_succeed/bug/395.mlcfg | 23 +- .../should_succeed/bug/395/why3session.xml | 2 +- .../should_succeed/bug/395/why3shapes.gz | Bin 248 -> 273 bytes creusot/tests/should_succeed/bug/463.mlcfg | 7 +- .../should_succeed/bug/463/why3session.xml | 2 +- .../should_succeed/bug/463/why3shapes.gz | Bin 237 -> 235 bytes creusot/tests/should_succeed/bug/486.mlcfg | 2 +- creusot/tests/should_succeed/bug/510.mlcfg | 4 +- creusot/tests/should_succeed/bug/511.mlcfg | 12 +- creusot/tests/should_succeed/bug/528.mlcfg | 2 +- creusot/tests/should_succeed/bug/552.mlcfg | 4 +- creusot/tests/should_succeed/bug/570.mlcfg | 2 +- creusot/tests/should_succeed/bug/594.mlcfg | 16 +- creusot/tests/should_succeed/bug/682.mlcfg | 2 +- creusot/tests/should_succeed/bug/691.mlcfg | 4 +- creusot/tests/should_succeed/bug/693.mlcfg | 2 +- creusot/tests/should_succeed/bug/874.mlcfg | 19 +- .../should_succeed/bug/874/why3session.xml | 2 +- .../should_succeed/bug/874/why3shapes.gz | Bin 515 -> 532 bytes creusot/tests/should_succeed/bug/949.mlcfg | 10 +- .../tests/should_succeed/bug/eq_panic.mlcfg | 2 +- .../should_succeed/bug/final_borrows.mlcfg | 28 +- .../bug/final_borrows/why3session.xml | 2 +- .../bug/final_borrows/why3shapes.gz | Bin 2801 -> 2818 bytes .../tests/should_succeed/bug/two_phase.mlcfg | 2 +- creusot/tests/should_succeed/cell/01.mlcfg | 13 +- .../should_succeed/cell/01/why3session.xml | 2 +- .../should_succeed/cell/01/why3shapes.gz | Bin 187 -> 211 bytes creusot/tests/should_succeed/cell/02.mlcfg | 33 +- .../tests/should_succeed/checked_ops.mlcfg | 1154 ++++++++++++----- .../checked_ops/why3session.xml | 48 +- .../should_succeed/checked_ops/why3shapes.gz | Bin 4104 -> 4210 bytes creusot/tests/should_succeed/clones/03.mlcfg | 2 +- .../should_succeed/closures/01_basic.mlcfg | 44 +- .../should_succeed/closures/02_nested.mlcfg | 16 +- .../closures/03_generic_bound.mlcfg | 10 +- .../closures/04_generic_closure.mlcfg | 14 +- .../should_succeed/closures/05_map.mlcfg | 9 +- .../should_succeed/closures/06_fn_specs.mlcfg | 48 +- .../closures/06_fn_specs/why3session.xml | 2 +- .../closures/06_fn_specs/why3shapes.gz | Bin 749 -> 752 bytes .../closures/07_mutable_capture.mlcfg | 14 +- .../closures/07_mutable_capture/why3shapes.gz | Bin 429 -> 429 bytes .../closures/08_multiple_calls.mlcfg | 6 +- .../should_succeed/constrained_types.mlcfg | 2 +- creusot/tests/should_succeed/drop_pair.mlcfg | 2 +- creusot/tests/should_succeed/duration.mlcfg | 126 +- .../should_succeed/filter_positive.mlcfg | 52 +- .../filter_positive/why3session.xml | 2 +- .../filter_positive/why3shapes.gz | Bin 879 -> 886 bytes .../should_succeed/ghost_ptr_token.mlcfg | 36 +- creusot/tests/should_succeed/hashmap.mlcfg | 151 ++- .../should_succeed/hashmap/why3session.xml | 246 ++-- .../should_succeed/hashmap/why3shapes.gz | Bin 10107 -> 10206 bytes .../should_succeed/heapsort_generic.mlcfg | 70 +- .../heapsort_generic/why3session.xml | 318 ++--- .../heapsort_generic/why3shapes.gz | Bin 8766 -> 9128 bytes creusot/tests/should_succeed/hillel.mlcfg | 91 +- .../should_succeed/hillel/why3session.xml | 52 +- .../tests/should_succeed/hillel/why3shapes.gz | Bin 7279 -> 7317 bytes creusot/tests/should_succeed/immut.mlcfg | 2 +- .../tests/should_succeed/index_range.mlcfg | 731 +++++++---- .../index_range/why3session.xml | 196 +-- .../should_succeed/index_range/why3shapes.gz | Bin 4318 -> 4417 bytes .../inplace_list_reversal.mlcfg | 28 +- .../inplace_list_reversal/why3session.xml | 2 +- .../inplace_list_reversal/why3shapes.gz | Bin 417 -> 420 bytes creusot/tests/should_succeed/instant.mlcfg | 66 +- .../tests/should_succeed/ite_normalize.mlcfg | 148 +-- .../should_succeed/iterators/01_range.mlcfg | 21 +- .../iterators/01_range/why3session.xml | 4 +- .../iterators/01_range/why3shapes.gz | Bin 935 -> 962 bytes .../iterators/02_iter_mut.mlcfg | 13 +- .../iterators/02_iter_mut/why3shapes.gz | Bin 3582 -> 3587 bytes .../iterators/03_std_iterators.mlcfg | 135 +- .../03_std_iterators/why3session.xml | 86 +- .../iterators/03_std_iterators/why3shapes.gz | Bin 6551 -> 6586 bytes .../should_succeed/iterators/04_skip.mlcfg | 14 +- .../iterators/04_skip/why3session.xml | 2 +- .../iterators/04_skip/why3shapes.gz | Bin 1069 -> 1083 bytes .../should_succeed/iterators/05_map.mlcfg | 15 +- .../iterators/05_map/why3session.xml | 12 +- .../iterators/05_map/why3shapes.gz | Bin 6125 -> 6154 bytes .../iterators/06_map_precond.mlcfg | 52 +- .../iterators/06_map_precond/why3session.xml | 16 +- .../iterators/06_map_precond/why3shapes.gz | Bin 9087 -> 9109 bytes .../should_succeed/iterators/07_fuse.mlcfg | 9 +- .../iterators/07_fuse/why3session.xml | 2 +- .../iterators/07_fuse/why3shapes.gz | Bin 1433 -> 1437 bytes .../iterators/08_collect_extend.mlcfg | 38 +- .../should_succeed/iterators/11_repeat.mlcfg | 2 +- .../should_succeed/iterators/12_zip.mlcfg | 17 +- .../iterators/12_zip/why3session.xml | 4 +- .../iterators/12_zip/why3shapes.gz | Bin 2176 -> 2177 bytes .../iterators/15_enumerate.mlcfg | 15 +- .../iterators/15_enumerate/why3session.xml | 6 +- .../iterators/15_enumerate/why3shapes.gz | Bin 1860 -> 1874 bytes .../should_succeed/iterators/16_take.mlcfg | 6 +- .../iterators/16_take/why3session.xml | 2 +- .../iterators/16_take/why3shapes.gz | Bin 939 -> 965 bytes creusot/tests/should_succeed/knapsack.mlcfg | 105 +- .../should_succeed/knapsack/why3session.xml | 292 ++--- .../should_succeed/knapsack/why3shapes.gz | Bin 5103 -> 5324 bytes .../tests/should_succeed/knapsack_full.mlcfg | 99 +- .../knapsack_full/why3session.xml | 263 ++-- .../knapsack_full/why3shapes.gz | Bin 8611 -> 8521 bytes .../should_succeed/lang/branch_borrow_2.mlcfg | 54 +- creusot/tests/should_succeed/lang/const.mlcfg | 2 +- .../tests/should_succeed/lang/float_ops.mlcfg | 12 +- .../tests/should_succeed/lang/literals.mlcfg | 13 +- .../tests/should_succeed/lang/modules.mlcfg | 4 +- .../tests/should_succeed/lang/move_path.mlcfg | 8 +- .../should_succeed/lang/multiple_scopes.mlcfg | 8 +- .../lang/promoted_constants.mlcfg | 22 +- .../tests/should_succeed/lang/unary_op.mlcfg | 2 +- .../tests/should_succeed/lang/while_let.mlcfg | 7 +- .../tests/should_succeed/list_index_mut.mlcfg | 25 +- .../list_index_mut/why3session.xml | 4 +- .../list_index_mut/why3shapes.gz | Bin 727 -> 748 bytes .../should_succeed/list_reversal_lasso.mlcfg | 74 +- .../list_reversal_lasso/why3session.xml | 172 +-- .../list_reversal_lasso/why3shapes.gz | Bin 12905 -> 13005 bytes creusot/tests/should_succeed/loop.mlcfg | 6 +- .../tests/should_succeed/mapping_test.mlcfg | 4 +- creusot/tests/should_succeed/match_int.mlcfg | 16 +- .../should_succeed/match_int/why3session.xml | 2 +- .../should_succeed/match_int/why3shapes.gz | Bin 182 -> 241 bytes creusot/tests/should_succeed/mc91.mlcfg | 11 +- .../tests/should_succeed/mc91/why3session.xml | 2 +- .../tests/should_succeed/mc91/why3shapes.gz | Bin 212 -> 248 bytes creusot/tests/should_succeed/mutex.mlcfg | 40 +- .../should_succeed/mutex/why3session.xml | 4 +- .../tests/should_succeed/mutex/why3shapes.gz | Bin 571 -> 593 bytes .../should_succeed/one_side_update.mlcfg | 9 +- creusot/tests/should_succeed/option.mlcfg | 252 ++-- .../should_succeed/option/why3session.xml | 2 +- .../tests/should_succeed/option/why3shapes.gz | Bin 424 -> 365 bytes creusot/tests/should_succeed/ord_trait.mlcfg | 6 +- .../should_succeed/projection_toggle.mlcfg | 14 +- .../projection_toggle/why3shapes.gz | Bin 649 -> 661 bytes .../tests/should_succeed/projections.mlcfg | 12 +- creusot/tests/should_succeed/prophecy.mlcfg | 4 +- .../tests/should_succeed/red_black_tree.mlcfg | 265 ++-- .../red_black_tree/why3session.xml | 246 ++-- .../red_black_tree/why3shapes.gz | Bin 79016 -> 79329 bytes creusot/tests/should_succeed/replace.mlcfg | 4 +- .../tests/should_succeed/resolve_uninit.mlcfg | 24 +- .../resolve_uninit/why3session.xml | 2 +- .../resolve_uninit/why3shapes.gz | Bin 450 -> 466 bytes creusot/tests/should_succeed/result/own.mlcfg | 126 +- .../tests/should_succeed/result/result.mlcfg | 278 ++-- .../should_succeed/rusthorn/inc_max.mlcfg | 10 +- .../rusthorn/inc_max/why3session.xml | 4 +- .../rusthorn/inc_max/why3shapes.gz | Bin 517 -> 549 bytes .../should_succeed/rusthorn/inc_max_3.mlcfg | 28 +- .../rusthorn/inc_max_3/why3session.xml | 4 +- .../rusthorn/inc_max_3/why3shapes.gz | Bin 823 -> 837 bytes .../rusthorn/inc_max_many.mlcfg | 20 +- .../rusthorn/inc_max_many/why3session.xml | 4 +- .../rusthorn/inc_max_many/why3shapes.gz | Bin 558 -> 605 bytes .../rusthorn/inc_max_repeat.mlcfg | 27 +- .../rusthorn/inc_max_repeat/why3session.xml | 4 +- .../rusthorn/inc_max_repeat/why3shapes.gz | Bin 751 -> 764 bytes .../rusthorn/inc_some_2_list.mlcfg | 31 +- .../rusthorn/inc_some_2_list/why3session.xml | 2 +- .../rusthorn/inc_some_2_list/why3shapes.gz | Bin 1008 -> 1026 bytes .../rusthorn/inc_some_2_tree.mlcfg | 38 +- .../rusthorn/inc_some_2_tree/why3session.xml | 4 +- .../rusthorn/inc_some_2_tree/why3shapes.gz | Bin 1125 -> 1153 bytes .../rusthorn/inc_some_list.mlcfg | 20 +- .../rusthorn/inc_some_list/why3session.xml | 2 +- .../rusthorn/inc_some_list/why3shapes.gz | Bin 898 -> 913 bytes .../rusthorn/inc_some_tree.mlcfg | 27 +- .../rusthorn/inc_some_tree/why3session.xml | 4 +- .../rusthorn/inc_some_tree/why3shapes.gz | Bin 985 -> 1011 bytes .../selection_sort_generic.mlcfg | 31 +- .../selection_sort_generic/why3session.xml | 90 +- .../selection_sort_generic/why3shapes.gz | Bin 4062 -> 4088 bytes creusot/tests/should_succeed/slices/01.mlcfg | 29 +- .../should_succeed/slices/01/why3session.xml | 6 +- .../should_succeed/slices/01/why3shapes.gz | Bin 643 -> 676 bytes .../tests/should_succeed/slices/02_std.mlcfg | 6 +- .../tests/should_succeed/sparse_array.mlcfg | 98 +- .../sparse_array/why3session.xml | 54 +- .../should_succeed/sparse_array/why3shapes.gz | Bin 4259 -> 4259 bytes .../specification/division.mlcfg | 4 +- .../specification/logic_call.mlcfg | 2 +- .../should_succeed/specification/loops.mlcfg | 2 +- .../tests/should_succeed/split_borrow.mlcfg | 33 +- creusot/tests/should_succeed/sum.mlcfg | 8 +- .../tests/should_succeed/sum_of_odds.mlcfg | 19 +- .../sum_of_odds/why3session.xml | 22 +- .../should_succeed/sum_of_odds/why3shapes.gz | Bin 1706 -> 1712 bytes .../tests/should_succeed/swap_borrows.mlcfg | 15 +- .../swap_borrows/why3session.xml | 2 +- .../should_succeed/swap_borrows/why3shapes.gz | Bin 340 -> 347 bytes creusot/tests/should_succeed/switch.mlcfg | 4 +- .../tests/should_succeed/switch_struct.mlcfg | 4 +- .../should_succeed/syntax/02_operators.mlcfg | 36 +- .../syntax/02_operators/why3session.xml | 2 +- .../syntax/02_operators/why3shapes.gz | Bin 670 -> 693 bytes .../syntax/07_extern_spec.mlcfg | 2 +- .../syntax/10_mutual_rec_types.mlcfg | 8 +- .../syntax/11_array_types.mlcfg | 15 +- .../syntax/11_array_types/why3session.xml | 4 +- .../syntax/11_array_types/why3shapes.gz | Bin 303 -> 310 bytes .../should_succeed/syntax/12_ghost_code.mlcfg | 17 +- .../syntax/12_ghost_code/why3shapes.gz | Bin 346 -> 362 bytes .../should_succeed/syntax/13_vec_macro.mlcfg | 7 +- .../syntax/13_vec_macro/why3shapes.gz | Bin 376 -> 381 bytes .../should_succeed/syntax/14_const_fns.mlcfg | 2 +- .../should_succeed/syntax/derive_macros.mlcfg | 30 +- .../tests/should_succeed/take_first_mut.mlcfg | 6 +- creusot/tests/should_succeed/traits/01.mlcfg | 4 +- creusot/tests/should_succeed/traits/02.mlcfg | 2 +- creusot/tests/should_succeed/traits/03.mlcfg | 4 +- creusot/tests/should_succeed/traits/04.mlcfg | 8 +- creusot/tests/should_succeed/traits/06.mlcfg | 2 +- creusot/tests/should_succeed/traits/07.mlcfg | 4 +- creusot/tests/should_succeed/traits/09.mlcfg | 4 +- .../traits/12_default_method.mlcfg | 4 +- .../traits/13_assoc_types.mlcfg | 2 +- .../tests/should_succeed/two_modules.mlcfg | 7 +- .../should_succeed/type_constructors.mlcfg | 10 + .../type_invariants/borrows.mlcfg | 20 +- .../type_invariants/non_zero.mlcfg | 12 +- .../type_invariants/non_zero/why3session.xml | 2 +- .../type_invariants/non_zero/why3shapes.gz | Bin 371 -> 378 bytes .../type_invariants/type_invariants.mlcfg | 2 +- .../tests/should_succeed/unused_in_loop.mlcfg | 4 +- creusot/tests/should_succeed/vecdeque.mlcfg | 48 +- .../should_succeed/vecdeque/why3session.xml | 116 +- .../should_succeed/vecdeque/why3shapes.gz | Bin 2253 -> 2260 bytes creusot/tests/should_succeed/vector/01.mlcfg | 13 +- .../should_succeed/vector/01/why3session.xml | 2 +- .../should_succeed/vector/01/why3shapes.gz | Bin 647 -> 648 bytes .../should_succeed/vector/02_gnome.mlcfg | 31 +- .../vector/02_gnome/why3session.xml | 86 +- .../vector/02_gnome/why3shapes.gz | Bin 2578 -> 2635 bytes .../vector/03_knuth_shuffle.mlcfg | 20 +- .../vector/03_knuth_shuffle/why3session.xml | 2 +- .../vector/03_knuth_shuffle/why3shapes.gz | Bin 651 -> 651 bytes .../vector/04_binary_search.mlcfg | 52 +- .../vector/04_binary_search/why3session.xml | 2 +- .../vector/04_binary_search/why3shapes.gz | Bin 460 -> 467 bytes .../vector/05_binary_search_generic.mlcfg | 44 +- .../05_binary_search_generic/why3session.xml | 110 +- .../05_binary_search_generic/why3shapes.gz | Bin 2488 -> 2603 bytes .../vector/06_knights_tour.mlcfg | 189 ++- .../vector/06_knights_tour/why3session.xml | 133 +- .../vector/06_knights_tour/why3shapes.gz | Bin 11255 -> 11336 bytes .../should_succeed/vector/07_read_write.mlcfg | 8 +- .../should_succeed/vector/08_haystack.mlcfg | 33 +- .../vector/08_haystack/why3session.xml | 60 +- .../vector/08_haystack/why3shapes.gz | Bin 2877 -> 2920 bytes .../should_succeed/vector/09_capacity.mlcfg | 6 +- 286 files changed, 5615 insertions(+), 3707 deletions(-) diff --git a/creusot/src/backend/logic.rs b/creusot/src/backend/logic.rs index f12938d782..62a5fe78b0 100644 --- a/creusot/src/backend/logic.rs +++ b/creusot/src/backend/logic.rs @@ -326,7 +326,8 @@ fn proof_module(ctx: &mut Why3Generator, def_id: DefId) -> Option { return None; } let term = ctx.term(def_id).unwrap().clone(); - let body = lower_impure(ctx, &mut names, &term); + let mut body = lower_impure(ctx, &mut names, &term); + body = ctx.attach_span(term.span, body); let mut decls: Vec<_> = Vec::new(); decls.extend(all_generic_decls_for(ctx.tcx, def_id)); diff --git a/creusot/src/backend/optimization.rs b/creusot/src/backend/optimization.rs index 8daecad1d1..ae41d4efd2 100644 --- a/creusot/src/backend/optimization.rs +++ b/creusot/src/backend/optimization.rs @@ -45,6 +45,8 @@ pub(crate) struct Usage { temp_var: bool, // Is this local used in a place where we need a `Term`? used_in_pure_ctx: bool, + // Is this local being used in a move chain as in: _x = _y + is_move_chain: bool, } pub(crate) fn gather_usage(b: &Body) -> HashMap { @@ -81,6 +83,9 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { match b { Statement::Assignment(p, r, _) => { self.write_place(p); + if let RValue::Expr(Expr { kind: ExprKind::Operand(_), .. }) = r { + self.move_chain(p.local); + } self.visit_rvalue(r) } Statement::Resolve(_, _, p) => { @@ -124,7 +129,13 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { fn visit_expr(&mut self, e: &Expr<'tcx>) { match &e.kind { - ExprKind::Operand(op) => self.visit_operand(op), + ExprKind::Operand(op) => match op { + Operand::Move(p) | Operand::Copy(p) => { + self.read_place(p); + // self.move_chain(p.local); + } + Operand::Constant(t) => self.visit_term(t), + }, ExprKind::BinOp(_, l, r) => { self.visit_operand(l); self.visit_operand(r) @@ -158,6 +169,12 @@ impl<'a, 'tcx> LocalUsage<'a, 'tcx> { }) } + fn move_chain(&mut self, local: Symbol) { + if let Some(usage) = self.get(local) { + usage.is_move_chain = true; + } + } + fn read(&mut self, local: Symbol, whole: bool) { if let Some(usage) = self.get(local) { usage.read.inc(if whole { Whole::Whole } else { Whole::Part }) @@ -203,7 +220,7 @@ impl<'a, 'tcx> TermVisitor<'tcx> for LocalUsage<'a, 'tcx> { struct SimplePropagator<'tcx> { usage: HashMap, - prop: HashMap>, + prop: HashMap>, dead: HashSet, } @@ -230,7 +247,8 @@ impl<'tcx> SimplePropagator<'tcx> { Statement::Assignment(l, RValue::Expr(r), _) // we do not propagate calls to avoid moving them after the resolve of their arguments if self.should_propagate(l.local) && !self.usage[&l.local].used_in_pure_ctx => { - self.prop.insert(l.local, r); + let Expr { kind: ExprKind::Operand(op), .. } = r else { panic!() }; + self.prop.insert(l.local, op); self.dead.insert(l.local); } Statement::Assignment(ref l, RValue::Expr(ref r), _) if self.should_erase(l.local) && r.is_pure() => { @@ -280,16 +298,20 @@ impl<'tcx> SimplePropagator<'tcx> { } } - fn visit_operand(&mut self, op: &mut Operand<'tcx>) {} - - fn visit_expr(&mut self, e: &mut Expr<'tcx>) { - match &mut e.kind { - ExprKind::Operand(Operand::Move(p) | Operand::Copy(p)) => { + fn visit_operand(&mut self, op: &mut Operand<'tcx>) { + match op { + Operand::Move(p) | Operand::Copy(p) => { if let Some(l) = p.as_symbol() && let Some(v) = self.prop.remove(&l) { - *e = v; + *op = v; } }, - ExprKind::Operand(Operand::Constant(_)) => {} + Operand::Constant(_) => {} + } + } + + fn visit_expr(&mut self, e: &mut Expr<'tcx>) { + match &mut e.kind { + ExprKind::Operand(op) => self.visit_operand(op), ExprKind::BinOp(_, l, r) => { self.visit_operand(l); self.visit_operand(r) @@ -323,6 +345,7 @@ impl<'tcx> SimplePropagator<'tcx> { u.read == ZeroOneMany::One(Whole::Whole) && u.write == ZeroOneMany::One(Whole::Whole) && u.temp_var + && u.is_move_chain }) .unwrap_or(false) } diff --git a/creusot/src/backend/program.rs b/creusot/src/backend/program.rs index 17589b051c..cbe7bd951f 100644 --- a/creusot/src/backend/program.rs +++ b/creusot/src/backend/program.rs @@ -294,6 +294,26 @@ pub fn to_why<'tcx>( Decl::CfgDecl(CfgFunction { sig, rec: true, constant: false, entry, blocks, vars }) } +impl<'tcx> Operand<'tcx> { + pub(crate) fn to_why>( + self, + ctx: &mut Why3Generator<'tcx>, + names: &mut N, + locals: &LocalDecls<'tcx>, + ) -> Exp { + match self { + Operand::Move(pl) => pl.as_rplace(ctx, names, locals), + Operand::Copy(pl) => pl.as_rplace(ctx, names, locals), + Operand::Constant(c) => lower_impure(ctx, names, &c), + } + } + fn invalidated_places(&self, places: &mut Vec>) { + if let Operand::Move(pl) = self { + places.push(pl.clone()) + } + } +} + impl<'tcx> Expr<'tcx> { pub(crate) fn to_why>( self, @@ -302,44 +322,41 @@ impl<'tcx> Expr<'tcx> { locals: &LocalDecls<'tcx>, ) -> Exp { let e = match self.kind { - ExprKind::Operand(Operand::Move(pl)) => { - // TODO invalidate original place - pl.as_rplace(ctx, names, locals) - } - ExprKind::Operand(Operand::Copy(pl)) => pl.as_rplace(ctx, names, locals), - ExprKind::BinOp(BinOp::BitAnd, l, r) if l.ty.is_bool() => { + ExprKind::Operand(op) => op.to_why(ctx, names, locals), + ExprKind::BinOp(BinOp::BitAnd, l, r) if l.ty(ctx.tcx, locals).is_bool() => { l.to_why(ctx, names, locals).lazy_and(r.to_why(ctx, names, locals)) } - ExprKind::BinOp(BinOp::Eq, l, r) if l.ty.is_bool() => { + ExprKind::BinOp(BinOp::Eq, l, r) if l.ty(ctx.tcx, locals).is_bool() => { names.import_prelude_module(PreludeModule::Bool); Exp::impure_qvar(QName::from_string("Bool.eqb").unwrap()) .app(vec![l.to_why(ctx, names, locals), r.to_why(ctx, names, locals)]) } - ExprKind::BinOp(BinOp::Ne, l, r) if l.ty.is_bool() => { + ExprKind::BinOp(BinOp::Ne, l, r) if l.ty(ctx.tcx, locals).is_bool() => { names.import_prelude_module(PreludeModule::Bool); Exp::impure_qvar(QName::from_string("Bool.neqb").unwrap()) .app(vec![l.to_why(ctx, names, locals), r.to_why(ctx, names, locals)]) } ExprKind::BinOp(op, l, r) => { + let ty = l.ty(ctx.tcx, locals); // Hack - translate_ty(ctx, names, DUMMY_SP, l.ty); + translate_ty(ctx, names, DUMMY_SP, ty); Exp::BinaryOp( - binop_to_binop(ctx, l.ty, op), + binop_to_binop(ctx, ty, op), Box::new(l.to_why(ctx, names, locals)), Box::new(r.to_why(ctx, names, locals)), ) } - ExprKind::UnaryOp(op, arg) => { - Exp::UnaryOp(unop_to_unop(arg.ty, op), Box::new(arg.to_why(ctx, names, locals))) - } + ExprKind::UnaryOp(op, arg) => Exp::UnaryOp( + unop_to_unop(arg.ty(ctx.tcx, locals), op), + Box::new(arg.to_why(ctx, names, locals)), + ), ExprKind::Constructor(id, subst, args) => { let args = args.into_iter().map(|a| a.to_why(ctx, names, locals)).collect(); let ctor = names.constructor(id, subst); Exp::Constructor { ctor, args } } - ExprKind::Constant(c) => lower_impure(ctx, names, &c), ExprKind::Tuple(f) => { Exp::Tuple(f.into_iter().map(|f| f.to_why(ctx, names, locals)).collect()) } @@ -424,9 +441,9 @@ impl<'tcx> Expr<'tcx> { } } - fn invalidated_places(&self, places: &mut Vec<(fmir::Place<'tcx>, Span)>) { + fn invalidated_places(&self, places: &mut Vec>) { match &self.kind { - ExprKind::Operand(Operand::Move(p)) => places.push((p.clone(), self.span)), + ExprKind::Operand(Operand::Move(p)) => places.push(p.clone()), ExprKind::Operand(_) => {} ExprKind::BinOp(_, l, r) => { l.invalidated_places(places); @@ -434,7 +451,6 @@ impl<'tcx> Expr<'tcx> { } ExprKind::UnaryOp(_, e) => e.invalidated_places(places), ExprKind::Constructor(_, _, es) => es.iter().for_each(|e| e.invalidated_places(places)), - ExprKind::Constant(_) => {} ExprKind::Cast(e, _, _) => e.invalidated_places(places), ExprKind::Tuple(es) => es.iter().for_each(|e| e.invalidated_places(places)), ExprKind::Len(e) => e.invalidated_places(places), @@ -760,13 +776,13 @@ fn invalidate_places<'tcx>( names: &mut CloneMap<'tcx>, locals: &LocalDecls<'tcx>, span: Span, - invalid: Vec<(Place<'tcx>, Span)>, + invalid: Vec>, out: &mut Vec, ) { - for (pl, pl_span) in invalid { + for pl in invalid { let ty = pl.ty(ctx.tcx, locals); - let ty = translate_ty(ctx, names, pl_span.substitute_dummy(span), ty); - out.push(place::create_assign_inner(ctx, names, locals, &pl, Exp::Any(ty), pl_span)); + let ty = translate_ty(ctx, names, DUMMY_SP.substitute_dummy(span), ty); + out.push(place::create_assign_inner(ctx, names, locals, &pl, Exp::Any(ty), DUMMY_SP)); } } @@ -776,7 +792,7 @@ fn func_call_to_why3<'tcx>( locals: &LocalDecls<'tcx>, id: DefId, subst: GenericArgsRef<'tcx>, - args: Vec>, + args: Vec>, ) -> Exp { let mut args: Vec<_> = args.into_iter().map(|a| a.to_why(ctx, names, locals)).collect(); let fname = names.value(id, subst); diff --git a/creusot/src/backend/term.rs b/creusot/src/backend/term.rs index 4fea167e62..00e64398ca 100644 --- a/creusot/src/backend/term.rs +++ b/creusot/src/backend/term.rs @@ -33,7 +33,8 @@ pub(crate) fn lower_impure<'tcx, N: Namer<'tcx>>( let span = term.span; let mut term = Lower { ctx, names, pure: Purity::Program }.lower_term(term); term.reassociate(); - ctx.attach_span(span, term) + term + // ctx.attach_span(span, term) } pub(super) struct Lower<'a, 'tcx, N: Namer<'tcx>> { diff --git a/creusot/tests/should_fail/bug/01_resolve_unsoundness.mlcfg b/creusot/tests/should_fail/bug/01_resolve_unsoundness.mlcfg index 3ca526e5a6..edcae4251c 100644 --- a/creusot/tests/should_fail/bug/01_resolve_unsoundness.mlcfg +++ b/creusot/tests/should_fail/bug/01_resolve_unsoundness.mlcfg @@ -120,6 +120,7 @@ module C01ResolveUnsoundness_MakeVecOfSize var n : usize = n; var out : Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global); var i : usize; + var _9 : bool; var _12 : (); var _13 : borrowed (Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global)); { @@ -130,7 +131,7 @@ module C01ResolveUnsoundness_MakeVecOfSize goto BB1 } BB1 { - [#"../01_resolve_unsoundness.rs" 11 16 11 17] i <- ([#"../01_resolve_unsoundness.rs" 11 16 11 17] [#"../01_resolve_unsoundness.rs" 11 16 11 17] (0 : usize)); + [#"../01_resolve_unsoundness.rs" 11 16 11 17] i <- ([#"../01_resolve_unsoundness.rs" 11 16 11 17] (0 : usize)); goto BB2 } BB2 { @@ -138,7 +139,8 @@ module C01ResolveUnsoundness_MakeVecOfSize goto BB3 } BB3 { - switch ([#"../01_resolve_unsoundness.rs" 13 10 13 16] ([#"../01_resolve_unsoundness.rs" 13 10 13 11] i) <= ([#"../01_resolve_unsoundness.rs" 13 15 13 16] n)) + [#"../01_resolve_unsoundness.rs" 13 10 13 16] _9 <- ([#"../01_resolve_unsoundness.rs" 13 10 13 16] i <= n); + switch (_9) | False -> goto BB6 | True -> goto BB4 end @@ -146,17 +148,17 @@ module C01ResolveUnsoundness_MakeVecOfSize BB4 { [#"../01_resolve_unsoundness.rs" 14 8 14 11] _13 <- Borrow.borrow_mut out; [#"../01_resolve_unsoundness.rs" 14 8 14 11] out <- ^ _13; - [#"../01_resolve_unsoundness.rs" 14 8 14 23] _12 <- ([#"../01_resolve_unsoundness.rs" 14 8 14 23] push0 _13 ([#"../01_resolve_unsoundness.rs" 14 17 14 22] [#"../01_resolve_unsoundness.rs" 14 17 14 22] false)); + [#"../01_resolve_unsoundness.rs" 14 8 14 23] _12 <- ([#"../01_resolve_unsoundness.rs" 14 8 14 23] push0 _13 false); _13 <- any borrowed (Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global)); goto BB5 } BB5 { - [#"../01_resolve_unsoundness.rs" 15 8 15 14] i <- ([#"../01_resolve_unsoundness.rs" 15 8 15 14] i + ([#"../01_resolve_unsoundness.rs" 15 13 15 14] [#"../01_resolve_unsoundness.rs" 15 13 15 14] (1 : usize))); + [#"../01_resolve_unsoundness.rs" 15 8 15 14] i <- ([#"../01_resolve_unsoundness.rs" 15 8 15 14] i + (1 : usize)); goto BB2 } BB6 { [#"../01_resolve_unsoundness.rs" 17 11 17 14] _0 <- ([#"../01_resolve_unsoundness.rs" 17 11 17 14] out); - [#"../01_resolve_unsoundness.rs" 17 11 17 14] out <- any Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global); + out <- any Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global); goto BB7 } BB7 { diff --git a/creusot/tests/should_fail/bug/492.mlcfg b/creusot/tests/should_fail/bug/492.mlcfg index 4a4831c7a3..21d7ec792e 100644 --- a/creusot/tests/should_fail/bug/492.mlcfg +++ b/creusot/tests/should_fail/bug/492.mlcfg @@ -52,7 +52,7 @@ module C492_ReborrowTuple [#"../492.rs" 6 5 6 6] _3 <- Borrow.borrow_final ( * x) (Borrow.get_id x); [#"../492.rs" 6 5 6 6] x <- { x with current = ( ^ _3) ; }; assume { inv0 ( ^ _3) }; - [#"../492.rs" 6 4 6 11] _0 <- ([#"../492.rs" 6 4 6 11] (_3, ([#"../492.rs" 6 8 6 10] [#"../492.rs" 6 8 6 10] (32 : uint32)))); + [#"../492.rs" 6 4 6 11] _0 <- ([#"../492.rs" 6 4 6 11] (_3, (32 : uint32))); _3 <- any borrowed t; assert { [@expl:type invariant] inv1 x }; assume { resolve0 x }; @@ -119,7 +119,7 @@ module C492_Test goto BB0 } BB0 { - [#"../492.rs" 11 16 11 17] x <- ([#"../492.rs" 11 16 11 17] [#"../492.rs" 11 16 11 17] (5 : int32)); + [#"../492.rs" 11 16 11 17] x <- ([#"../492.rs" 11 16 11 17] (5 : int32)); [#"../492.rs" 12 34 12 40] _6 <- Borrow.borrow_mut x; [#"../492.rs" 12 34 12 40] x <- ^ _6; [#"../492.rs" 12 34 12 40] _5 <- Borrow.borrow_final ( * _6) (Borrow.get_id _6); @@ -130,11 +130,11 @@ module C492_Test } BB1 { [#"../492.rs" 12 9 12 12] res <- ([#"../492.rs" 12 9 12 12] let (a, _) = _4 in a); - [#"../492.rs" 12 9 12 12] _4 <- (let (x0, x1) = _4 in (any borrowed int32, x1)); + _4 <- (let (x0, x1) = _4 in (any borrowed int32, x1)); assume { resolve0 _4 }; assume { resolve1 _6 }; assert { [@expl:assertion] [#"../492.rs" 13 18 13 30] ^ res = (5 : int32) }; - [#"../492.rs" 14 4 14 13] res <- { res with current = ([#"../492.rs" 14 4 14 13] [#"../492.rs" 14 11 14 13] (10 : int32)) ; }; + [#"../492.rs" 14 4 14 13] res <- { res with current = ([#"../492.rs" 14 4 14 13] (10 : int32)) ; }; assume { resolve1 res }; [#"../492.rs" 10 14 15 1] _0 <- ([#"../492.rs" 10 14 15 1] ()); return _0 diff --git a/creusot/tests/should_fail/bug/692.mlcfg b/creusot/tests/should_fail/bug/692.mlcfg index a00ef582b2..b38b939b26 100644 --- a/creusot/tests/should_fail/bug/692.mlcfg +++ b/creusot/tests/should_fail/bug/692.mlcfg @@ -213,22 +213,22 @@ module C692_ValidNormal_Closure2 goto BB0 } BB0 { - switch ([#"../692.rs" 16 21 16 22] b) + switch (b) | False -> goto BB2 | True -> goto BB1 end } BB1 { - [#"../692.rs" 16 25 16 26] _4 <- ([#"../692.rs" 16 25 16 26] [#"../692.rs" 16 25 16 26] (2 : uint32)); + [#"../692.rs" 16 25 16 26] _4 <- ([#"../692.rs" 16 25 16 26] (2 : uint32)); goto BB3 } BB2 { - [#"../692.rs" 16 36 16 37] _4 <- ([#"../692.rs" 16 36 16 37] [#"../692.rs" 16 36 16 37] (1 : uint32)); + [#"../692.rs" 16 36 16 37] _4 <- ([#"../692.rs" 16 36 16 37] (1 : uint32)); goto BB3 } BB3 { [#"../692.rs" 16 14 16 39] _1 <- { _1 with current = (let C692_ValidNormal_Closure2.C692_ValidNormal_Closure2 x0 = * _1 in C692_ValidNormal_Closure2.C692_ValidNormal_Closure2 ({ (field_00 ( * _1)) with current = ([#"../692.rs" 16 14 16 39] _4) ; })) ; }; - [#"../692.rs" 16 14 16 39] _4 <- any uint32; + _4 <- any uint32; assume { resolve0 _1 }; [#"../692.rs" 16 14 16 39] res <- ([#"../692.rs" 16 14 16 39] ()); [#"../692.rs" 15 17 15 64] _0 <- ([#"../692.rs" 15 17 15 64] res); @@ -267,7 +267,7 @@ module C692_ValidNormal_Closure1 goto BB0 } BB0 { - [#"../692.rs" 14 7 14 15] res <- ([#"../692.rs" 14 7 14 15] ([#"../692.rs" 14 7 14 8] field_00 _1) > ([#"../692.rs" 14 11 14 15] [#"../692.rs" 14 11 14 15] (7 : uint32))); + [#"../692.rs" 14 7 14 15] res <- ([#"../692.rs" 14 7 14 15] field_00 _1 > (7 : uint32)); [#"../692.rs" 13 15 13 47] _0 <- ([#"../692.rs" 13 15 13 47] res); return _0 } @@ -341,15 +341,15 @@ module C692_ValidNormal goto BB0 } BB0 { - [#"../692.rs" 12 16 12 20] r <- ([#"../692.rs" 12 16 12 20] [#"../692.rs" 12 16 12 20] (0 : uint32)); - [#"../692.rs" 13 15 13 47] cond <- ([#"../692.rs" 13 15 13 47] C692_ValidNormal_Closure1.C692_ValidNormal_Closure1 ([#"../692.rs" 13 15 13 47] n)); + [#"../692.rs" 12 16 12 20] r <- ([#"../692.rs" 12 16 12 20] (0 : uint32)); + [#"../692.rs" 13 15 13 47] cond <- ([#"../692.rs" 13 15 13 47] C692_ValidNormal_Closure1.C692_ValidNormal_Closure1 n); [#"../692.rs" 15 17 15 64] _7 <- Borrow.borrow_mut r; [#"../692.rs" 15 17 15 64] r <- ^ _7; [#"../692.rs" 15 17 15 64] branch <- ([#"../692.rs" 15 17 15 64] C692_ValidNormal_Closure2.C692_ValidNormal_Closure2 _7); _7 <- any borrowed uint32; assume { resolve0 cond }; - [#"../692.rs" 17 4 17 27] _8 <- ([#"../692.rs" 17 4 17 27] incorrect0 ([#"../692.rs" 17 14 17 18] cond) ([#"../692.rs" 17 20 17 26] branch)); - [#"../692.rs" 17 20 17 26] branch <- any C692_ValidNormal_Closure2.c692_validnormal_closure2; + [#"../692.rs" 17 4 17 27] _8 <- ([#"../692.rs" 17 4 17 27] incorrect0 cond branch); + branch <- any C692_ValidNormal_Closure2.c692_validnormal_closure2; goto BB1 } BB1 { diff --git a/creusot/tests/should_fail/bug/695.mlcfg b/creusot/tests/should_fail/bug/695.mlcfg index cdbe67b164..d3ed638384 100644 --- a/creusot/tests/should_fail/bug/695.mlcfg +++ b/creusot/tests/should_fail/bug/695.mlcfg @@ -180,6 +180,9 @@ module C695_InversedIf var cond : c = cond; var branch : b = branch; var _5 : bool; + var _7 : (); + var _9 : bool; + var _11 : bool; { goto BB0 } @@ -190,7 +193,9 @@ module C695_InversedIf goto BB2 } BB2 { - [#"../695.rs" 7 8 7 14] _5 <- ([#"../695.rs" 7 8 7 14] call0 ([#"../695.rs" 7 8 7 12] cond) ([#"../695.rs" 7 8 7 14] ())); + [#"../695.rs" 7 8 7 14] _7 <- ([#"../695.rs" 7 8 7 14] ()); + [#"../695.rs" 7 8 7 14] _5 <- ([#"../695.rs" 7 8 7 14] call0 cond _7); + _7 <- any (); goto BB3 } BB3 { @@ -202,15 +207,19 @@ module C695_InversedIf BB4 { assert { [@expl:type invariant] inv0 cond }; assume { resolve0 cond }; - [#"../695.rs" 10 8 10 21] _0 <- ([#"../695.rs" 10 8 10 21] call_once0 ([#"../695.rs" 10 8 10 14] branch) ([#"../695.rs" 10 8 10 21] (([#"../695.rs" 10 15 10 20] [#"../695.rs" 10 15 10 20] false)))); - [#"../695.rs" 10 8 10 14] branch <- any b; + [#"../695.rs" 10 8 10 21] _11 <- ([#"../695.rs" 10 8 10 21] (false)); + [#"../695.rs" 10 8 10 21] _0 <- ([#"../695.rs" 10 8 10 21] call_once0 branch _11); + branch <- any b; + _11 <- any bool; goto BB7 } BB5 { assert { [@expl:type invariant] inv0 cond }; assume { resolve0 cond }; - [#"../695.rs" 8 8 8 20] _0 <- ([#"../695.rs" 8 8 8 20] call_once0 ([#"../695.rs" 8 8 8 14] branch) ([#"../695.rs" 8 8 8 20] (([#"../695.rs" 8 15 8 19] [#"../695.rs" 8 15 8 19] true)))); - [#"../695.rs" 8 8 8 14] branch <- any b; + [#"../695.rs" 8 8 8 20] _9 <- ([#"../695.rs" 8 8 8 20] (true)); + [#"../695.rs" 8 8 8 20] _0 <- ([#"../695.rs" 8 8 8 20] call_once0 branch _9); + branch <- any b; + _9 <- any bool; goto BB6 } BB6 { @@ -273,22 +282,22 @@ module C695_Valid_Closure2 goto BB0 } BB0 { - switch ([#"../695.rs" 20 21 20 22] b) + switch (b) | False -> goto BB2 | True -> goto BB1 end } BB1 { - [#"../695.rs" 20 25 20 26] _4 <- ([#"../695.rs" 20 25 20 26] [#"../695.rs" 20 25 20 26] (2 : uint32)); + [#"../695.rs" 20 25 20 26] _4 <- ([#"../695.rs" 20 25 20 26] (2 : uint32)); goto BB3 } BB2 { - [#"../695.rs" 20 36 20 37] _4 <- ([#"../695.rs" 20 36 20 37] [#"../695.rs" 20 36 20 37] (1 : uint32)); + [#"../695.rs" 20 36 20 37] _4 <- ([#"../695.rs" 20 36 20 37] (1 : uint32)); goto BB3 } BB3 { [#"../695.rs" 20 14 20 39] _1 <- { _1 with current = (let C695_Valid_Closure2.C695_Valid_Closure2 x0 = * _1 in C695_Valid_Closure2.C695_Valid_Closure2 ({ (field_00 ( * _1)) with current = ([#"../695.rs" 20 14 20 39] _4) ; })) ; }; - [#"../695.rs" 20 14 20 39] _4 <- any uint32; + _4 <- any uint32; assume { resolve0 _1 }; [#"../695.rs" 20 14 20 39] res <- ([#"../695.rs" 20 14 20 39] ()); [#"../695.rs" 19 17 19 64] _0 <- ([#"../695.rs" 19 17 19 64] res); @@ -327,7 +336,7 @@ module C695_Valid_Closure1 goto BB0 } BB0 { - [#"../695.rs" 18 7 18 15] res <- ([#"../695.rs" 18 7 18 15] ([#"../695.rs" 18 7 18 8] field_00 _1) > ([#"../695.rs" 18 11 18 15] [#"../695.rs" 18 11 18 15] (7 : uint32))); + [#"../695.rs" 18 7 18 15] res <- ([#"../695.rs" 18 7 18 15] field_00 _1 > (7 : uint32)); [#"../695.rs" 17 15 17 47] _0 <- ([#"../695.rs" 17 15 17 47] res); return _0 } @@ -406,15 +415,15 @@ module C695_Valid goto BB0 } BB0 { - [#"../695.rs" 16 16 16 20] r <- ([#"../695.rs" 16 16 16 20] [#"../695.rs" 16 16 16 20] (0 : uint32)); - [#"../695.rs" 17 15 17 47] cond <- ([#"../695.rs" 17 15 17 47] C695_Valid_Closure1.C695_Valid_Closure1 ([#"../695.rs" 17 15 17 47] n)); + [#"../695.rs" 16 16 16 20] r <- ([#"../695.rs" 16 16 16 20] (0 : uint32)); + [#"../695.rs" 17 15 17 47] cond <- ([#"../695.rs" 17 15 17 47] C695_Valid_Closure1.C695_Valid_Closure1 n); [#"../695.rs" 19 17 19 64] _7 <- Borrow.borrow_mut r; [#"../695.rs" 19 17 19 64] r <- ^ _7; [#"../695.rs" 19 17 19 64] branch <- ([#"../695.rs" 19 17 19 64] C695_Valid_Closure2.C695_Valid_Closure2 _7); _7 <- any borrowed uint32; assume { resolve0 cond }; - [#"../695.rs" 21 4 21 29] _8 <- ([#"../695.rs" 21 4 21 29] inversed_if0 ([#"../695.rs" 21 16 21 20] cond) ([#"../695.rs" 21 22 21 28] branch)); - [#"../695.rs" 21 22 21 28] branch <- any C695_Valid_Closure2.c695_valid_closure2; + [#"../695.rs" 21 4 21 29] _8 <- ([#"../695.rs" 21 4 21 29] inversed_if0 cond branch); + branch <- any C695_Valid_Closure2.c695_valid_closure2; goto BB1 } BB1 { diff --git a/creusot/tests/should_fail/bug/869.mlcfg b/creusot/tests/should_fail/bug/869.mlcfg index 2353255e0c..336bd0c7c1 100644 --- a/creusot/tests/should_fail/bug/869.mlcfg +++ b/creusot/tests/should_fail/bug/869.mlcfg @@ -62,7 +62,7 @@ module C869_Unsound } BB3 { [#"../869.rs" 18 4 18 64] evil <- { evil with current = ([#"../869.rs" 18 4 18 64] _15) ; }; - [#"../869.rs" 18 4 18 64] _15 <- any Snapshot.snap_ty bool; + _15 <- any Snapshot.snap_ty bool; assume { resolve0 evil }; assume { resolve0 xm }; assert { [@expl:assertion] [#"../869.rs" 19 20 19 37] Snapshot.inner ( * evil) = (not Snapshot.inner ( ^ evil)) }; diff --git a/creusot/tests/should_fail/bug/specialize.mlcfg b/creusot/tests/should_fail/bug/specialize.mlcfg index 1168a6b820..2b62b6f2c4 100644 --- a/creusot/tests/should_fail/bug/specialize.mlcfg +++ b/creusot/tests/should_fail/bug/specialize.mlcfg @@ -56,8 +56,8 @@ module Specialize_F goto BB0 } BB0 { - [#"../specialize.rs" 22 4 22 9] _2 <- ([#"../specialize.rs" 22 4 22 9] x0 ([#"../specialize.rs" 22 4 22 5] v)); - [#"../specialize.rs" 22 4 22 5] v <- any Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global); + [#"../specialize.rs" 22 4 22 9] _2 <- ([#"../specialize.rs" 22 4 22 9] x0 v); + v <- any Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global); goto BB1 } BB1 { @@ -120,8 +120,8 @@ module Specialize_G goto BB0 } BB0 { - [#"../specialize.rs" 28 4 28 9] _2 <- ([#"../specialize.rs" 28 4 28 9] x0 ([#"../specialize.rs" 28 4 28 5] v)); - [#"../specialize.rs" 28 4 28 5] v <- any Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); + [#"../specialize.rs" 28 4 28 9] _2 <- ([#"../specialize.rs" 28 4 28 9] x0 v); + v <- any Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); goto BB1 } BB1 { @@ -185,8 +185,8 @@ module Specialize_H goto BB0 } BB0 { - [#"../specialize.rs" 35 4 35 9] _2 <- ([#"../specialize.rs" 35 4 35 9] x0 ([#"../specialize.rs" 35 4 35 5] v)); - [#"../specialize.rs" 35 4 35 5] v <- any Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); + [#"../specialize.rs" 35 4 35 9] _2 <- ([#"../specialize.rs" 35 4 35 9] x0 v); + v <- any Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); goto BB1 } BB1 { diff --git a/creusot/tests/should_fail/bug/subregion.mlcfg b/creusot/tests/should_fail/bug/subregion.mlcfg index 5f4eb60b5d..f5199bad20 100644 --- a/creusot/tests/should_fail/bug/subregion.mlcfg +++ b/creusot/tests/should_fail/bug/subregion.mlcfg @@ -8,13 +8,14 @@ module Subregion_ListReversalH var _0 : usize; var l : usize = l; var r : usize; + var _7 : bool; var x : usize; var tmp : usize; { goto BB0 } BB0 { - [#"../subregion.rs" 4 16 4 17] r <- ([#"../subregion.rs" 4 16 4 17] [#"../subregion.rs" 4 16 4 17] (0 : usize)); + [#"../subregion.rs" 4 16 4 17] r <- ([#"../subregion.rs" 4 16 4 17] (0 : usize)); goto BB1 } BB1 { @@ -22,7 +23,8 @@ module Subregion_ListReversalH goto BB2 } BB2 { - switch ([#"../subregion.rs" 6 10 6 16] ([#"../subregion.rs" 6 10 6 11] l) <> ([#"../subregion.rs" 6 15 6 16] [#"../subregion.rs" 6 15 6 16] (0 : usize))) + [#"../subregion.rs" 6 10 6 16] _7 <- ([#"../subregion.rs" 6 10 6 16] l <> (0 : usize)); + switch (_7) | False -> goto BB4 | True -> goto BB3 end @@ -31,7 +33,7 @@ module Subregion_ListReversalH assert { [@expl:assertion] [#"../subregion.rs" 7 22 7 27] false }; [#"../subregion.rs" 8 16 8 17] x <- ([#"../subregion.rs" 8 16 8 17] r); [#"../subregion.rs" 9 18 9 19] tmp <- ([#"../subregion.rs" 9 18 9 19] l); - [#"../subregion.rs" 10 8 10 15] r <- ([#"../subregion.rs" 10 12 10 15] tmp); + [#"../subregion.rs" 10 8 10 15] r <- ([#"../subregion.rs" 10 8 10 15] tmp); goto BB1 } BB4 { diff --git a/creusot/tests/should_fail/final_borrows.mlcfg b/creusot/tests/should_fail/final_borrows.mlcfg index 3a90adab4e..a4d8b7fa04 100644 --- a/creusot/tests/should_fail/final_borrows.mlcfg +++ b/creusot/tests/should_fail/final_borrows.mlcfg @@ -106,8 +106,8 @@ module FinalBorrows_StoreChangesProphecy goto BB1 } BB1 { - [#"../final_borrows.rs" 14 4 14 8] bor <- { bor with current = ([#"../final_borrows.rs" 14 11 14 12] x) ; }; - [#"../final_borrows.rs" 14 11 14 12] x <- any t; + [#"../final_borrows.rs" 14 4 14 8] bor <- { bor with current = ([#"../final_borrows.rs" 14 4 14 8] x) ; }; + x <- any t; assert { [@expl:type invariant] inv0 ( * bor) }; assume { resolve1 ( * bor) }; assert { [@expl:type invariant] inv1 bor }; @@ -134,7 +134,7 @@ module FinalBorrows_CallChangesProphecy_Inner goto BB0 } BB0 { - [#"../final_borrows.rs" 20 8 20 9] _0 <- ([#"../final_borrows.rs" 20 8 20 9] [#"../final_borrows.rs" 20 8 20 9] (2 : int32)); + [#"../final_borrows.rs" 20 8 20 9] _0 <- ([#"../final_borrows.rs" 20 8 20 9] (2 : int32)); return _0 } @@ -168,7 +168,7 @@ module FinalBorrows_CallChangesProphecy } BB1 { [#"../final_borrows.rs" 24 4 24 18] bor <- { bor with current = ([#"../final_borrows.rs" 24 4 24 18] _3) ; }; - [#"../final_borrows.rs" 24 4 24 18] _3 <- any int32; + _3 <- any int32; assume { resolve0 bor }; assert { [@expl:assertion] [#"../final_borrows.rs" 25 18 25 27] b1 = bor }; [#"../final_borrows.rs" 18 44 26 1] _0 <- ([#"../final_borrows.rs" 18 44 26 1] ()); @@ -362,13 +362,15 @@ module FinalBorrows_Indexing var _2 : borrowed t; var _5 : borrowed t; var _6 : usize; + var _7 : usize; var _8 : bool; { goto BB0 } BB0 { - [#"../final_borrows.rs" 38 11 38 12] _6 <- ([#"../final_borrows.rs" 38 11 38 12] [#"../final_borrows.rs" 38 11 38 12] (0 : usize)); - [#"../final_borrows.rs" 38 9 38 13] _8 <- ([#"../final_borrows.rs" 38 9 38 13] _6 < ([#"../final_borrows.rs" 38 9 38 13] Slice.length ( * x))); + [#"../final_borrows.rs" 38 11 38 12] _6 <- ([#"../final_borrows.rs" 38 11 38 12] (0 : usize)); + [#"../final_borrows.rs" 38 9 38 13] _7 <- ([#"../final_borrows.rs" 38 9 38 13] Slice.length ( * x)); + [#"../final_borrows.rs" 38 9 38 13] _8 <- ([#"../final_borrows.rs" 38 9 38 13] _6 < _7); assert { [@expl:index in bounds] [#"../final_borrows.rs" 38 9 38 13] _8 }; goto BB1 } diff --git a/creusot/tests/should_fail/traits/17_impl_refinement.mlcfg b/creusot/tests/should_fail/traits/17_impl_refinement.mlcfg index a5c6b6a316..fc76655409 100644 --- a/creusot/tests/should_fail/traits/17_impl_refinement.mlcfg +++ b/creusot/tests/should_fail/traits/17_impl_refinement.mlcfg @@ -14,7 +14,7 @@ module C17ImplRefinement_Impl0_MyFunction goto BB0 } BB0 { - [#"../17_impl_refinement.rs" 15 8 15 10] _0 <- ([#"../17_impl_refinement.rs" 15 8 15 10] [#"../17_impl_refinement.rs" 15 8 15 10] (20 : usize)); + [#"../17_impl_refinement.rs" 15 8 15 10] _0 <- ([#"../17_impl_refinement.rs" 15 8 15 10] (20 : usize)); return _0 } diff --git a/creusot/tests/should_succeed/100doors.mlcfg b/creusot/tests/should_succeed/100doors.mlcfg index f974b231f5..81005bcef7 100644 --- a/creusot/tests/should_succeed/100doors.mlcfg +++ b/creusot/tests/should_succeed/100doors.mlcfg @@ -358,6 +358,7 @@ module C100doors_F var _0 : (); var door_open : Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global); var iter : Core_Ops_Range_Range_Type.t_range usize; + var _3 : Core_Ops_Range_Range_Type.t_range usize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced : Snapshot.snap_ty (Seq.seq usize); var _11 : (); @@ -368,18 +369,23 @@ module C100doors_F var _17 : Snapshot.snap_ty (Seq.seq usize); var pass : usize; var door : usize; + var _23 : bool; var _26 : bool; + var _28 : usize; var _30 : borrowed bool; var _31 : borrowed (Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global)); + var _32 : usize; { goto BB0 } BB0 { - [#"../100doors.rs" 19 35 19 51] door_open <- ([#"../100doors.rs" 19 35 19 51] from_elem0 ([#"../100doors.rs" 19 40 19 45] [#"../100doors.rs" 19 40 19 45] false) ([#"../100doors.rs" 19 47 19 50] [#"../100doors.rs" 19 47 19 50] (100 : usize))); + [#"../100doors.rs" 19 35 19 51] door_open <- ([#"../100doors.rs" 19 35 19 51] from_elem0 false (100 : usize)); goto BB1 } BB1 { - [#"../100doors.rs" 20 4 20 41] iter <- ([#"../100doors.rs" 20 4 20 41] into_iter0 ([#"../100doors.rs" 21 16 21 22] Core_Ops_Range_Range_Type.C_Range ([#"../100doors.rs" 21 16 21 17] [#"../100doors.rs" 21 16 21 17] (1 : usize)) ([#"../100doors.rs" 21 19 21 22] [#"../100doors.rs" 21 19 21 22] (101 : usize)))); + [#"../100doors.rs" 21 16 21 22] _3 <- ([#"../100doors.rs" 21 16 21 22] Core_Ops_Range_Range_Type.C_Range (1 : usize) (101 : usize)); + [#"../100doors.rs" 20 4 20 41] iter <- ([#"../100doors.rs" 20 4 20 41] into_iter0 _3); + _3 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB2 } BB2 { @@ -438,7 +444,7 @@ module C100doors_F } BB13 { [#"../100doors.rs" 20 4 20 41] produced <- ([#"../100doors.rs" 20 4 20 41] _17); - [#"../100doors.rs" 20 4 20 41] _17 <- any Snapshot.snap_ty (Seq.seq usize); + _17 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] pass <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../100doors.rs" 22 30 22 34] door <- ([#"../100doors.rs" 22 30 22 34] pass); goto BB14 @@ -452,26 +458,31 @@ module C100doors_F goto BB16 } BB16 { - switch ([#"../100doors.rs" 25 14 25 25] ([#"../100doors.rs" 25 14 25 18] door) <= ([#"../100doors.rs" 25 22 25 25] [#"../100doors.rs" 25 22 25 25] (100 : usize))) + [#"../100doors.rs" 25 14 25 25] _23 <- ([#"../100doors.rs" 25 14 25 25] door <= (100 : usize)); + switch (_23) | False -> goto BB20 | True -> goto BB17 end } BB17 { - [#"../100doors.rs" 26 44 26 54] _26 <- ([#"../100doors.rs" 26 44 26 54] index0 ([#"../100doors.rs" 26 35 26 44] door_open) ([#"../100doors.rs" 26 45 26 53] ([#"../100doors.rs" 26 45 26 49] door) - ([#"../100doors.rs" 26 52 26 53] [#"../100doors.rs" 26 52 26 53] (1 : usize)))); + [#"../100doors.rs" 26 45 26 53] _28 <- ([#"../100doors.rs" 26 45 26 53] door - (1 : usize)); + [#"../100doors.rs" 26 44 26 54] _26 <- ([#"../100doors.rs" 26 44 26 54] index0 door_open _28); + _28 <- any usize; goto BB18 } BB18 { [#"../100doors.rs" 26 12 26 21] _31 <- Borrow.borrow_mut door_open; [#"../100doors.rs" 26 12 26 21] door_open <- ^ _31; - [#"../100doors.rs" 26 21 26 31] _30 <- ([#"../100doors.rs" 26 21 26 31] index_mut0 _31 ([#"../100doors.rs" 26 22 26 30] ([#"../100doors.rs" 26 22 26 26] door) - ([#"../100doors.rs" 26 29 26 30] [#"../100doors.rs" 26 29 26 30] (1 : usize)))); + [#"../100doors.rs" 26 22 26 30] _32 <- ([#"../100doors.rs" 26 22 26 30] door - (1 : usize)); + [#"../100doors.rs" 26 21 26 31] _30 <- ([#"../100doors.rs" 26 21 26 31] index_mut0 _31 _32); _31 <- any borrowed (Alloc_Vec_Vec_Type.t_vec bool (Alloc_Alloc_Global_Type.t_global)); + _32 <- any usize; goto BB19 } BB19 { - [#"../100doors.rs" 26 12 26 54] _30 <- { _30 with current = ([#"../100doors.rs" 26 12 26 54] not ([#"../100doors.rs" 26 35 26 54] _26)) ; }; + [#"../100doors.rs" 26 12 26 54] _30 <- { _30 with current = ([#"../100doors.rs" 26 12 26 54] not _26) ; }; assume { resolve1 _30 }; - [#"../100doors.rs" 27 12 27 24] door <- ([#"../100doors.rs" 27 12 27 24] door + ([#"../100doors.rs" 27 20 27 24] pass)); + [#"../100doors.rs" 27 12 27 24] door <- ([#"../100doors.rs" 27 12 27 24] door + pass); [#"../100doors.rs" 25 26 28 9] _11 <- ([#"../100doors.rs" 25 26 28 9] ()); goto BB15 } diff --git a/creusot/tests/should_succeed/100doors/why3session.xml b/creusot/tests/should_succeed/100doors/why3session.xml index 9998709ce0..5d2178ff19 100644 --- a/creusot/tests/should_succeed/100doors/why3session.xml +++ b/creusot/tests/should_succeed/100doors/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/100doors/why3shapes.gz b/creusot/tests/should_succeed/100doors/why3shapes.gz index 7919eb508f55850f04ca116b5cadfda7c92e6e8f..925625dabc950eab694a87b4840e8044de23749c 100644 GIT binary patch literal 589 zcmV-T0)~&?=(fYE7_Fx1sl*>*7j|6F_%Bz(R}%>ZTy@*>Vq;X5Zr(hEk`%L!&D!Ek|@(+$9?xlPU*Q%g1)# zto!RX7u5N_tq&g1h>%avW7~D@i(lVte^vCo+xu7=>U2DBs)lORIaO=^4(j-aIx82) zY1LWrQ77mJYIV^i*-=D2OJDadPrma^X5ZhtL|PCNE)P`iF9aR){s_{p+zaHlLoLO) zSK1ci+6@U#UA-I_8o?pv?SpAUU#8Eng2^Mj^9Cv%M34PdsAZsKagv8~w5F(G?0Uv% zTA7#%OgU({9qSr*+pu+7*M+c#ETbIiJx2`ZisIq}lWz})C!c^TqyuB<$NO*le z&l|Wr9D3JIC8Ae6~$wzd{FCIRC>J5Ua!gVX^y b5H5F_v(7l}l#`CFPR#xRI3!vs(**zkm(U=M literal 574 zcmV-E0>S+siwFP!00000|CLn9j+;Obz56S;O=4@L-hn7{K$cMZl2cU2u?o8#qhN5r zOY-+Az&$qJqFm7HT3)}ZuHw@;Xx6xOO>l5^lUL=Jzy#yZqunpe%LC`YQjZyMk7E!X zMj$;5L3wCEd#J&9s37!ELX?j1>l+rX{IOdji71NdINwxDS1^ciSIzTsha3FOk}lyU zWY(Gm#GXfHVswYh4Pj@(-f2&HD^c6HpSQNP12w9`b0} z^H9V4#)6J<(%Sr4sn)yTXa5Y}=nFbZ3E`fMM!j^d2q%|k6%I}+ZS~BvYF{p!=aDn4 zT~ieY$3chPeIaI5T~|l9eA)cW@q4{@m}1em*2((wDlf4BZ7^TbH|_Fh;B-1W&8gPO zqfX#EXmQsi$&q+Hb5}ISwW}SGsoS`FqzMw?{D8&&PSWY#_fFcAxQ=|>){^uarB%`| zoE8^dy`OmfObTCz&0p}r)7*HwPRdSd-&Fyccdt*9I1OWOrLm0rUPpum^{8klOHfi9 zeX2%9N&k0HW>C$&w5w_;SD7)HTSz8F$O3LG*On{GrRBnMZaK5DjcjO*)mB+)$!gi? MFGG_rGtvbB0Q;FF&;S4c diff --git a/creusot/tests/should_succeed/all_zero.mlcfg b/creusot/tests/should_succeed/all_zero.mlcfg index 817be0c32b..a5d2f172c2 100644 --- a/creusot/tests/should_succeed/all_zero.mlcfg +++ b/creusot/tests/should_succeed/all_zero.mlcfg @@ -86,7 +86,7 @@ module AllZero_AllZero } BB1 { [#"../all_zero.rs" 37 21 37 22] loop_l <- ([#"../all_zero.rs" 37 21 37 22] l); - [#"../all_zero.rs" 37 21 37 22] l <- any borrowed (AllZero_List_Type.t_list); + l <- any borrowed (AllZero_List_Type.t_list); goto BB2 } BB2 { @@ -108,13 +108,13 @@ module AllZero_AllZero [#"../all_zero.rs" 43 19 43 24] loop_l <- { loop_l with current = (let AllZero_List_Type.C_Cons x0 x1 = * loop_l in AllZero_List_Type.C_Cons ( ^ value) x1) ; }; [#"../all_zero.rs" 43 26 43 30] next <- Borrow.borrow_final (AllZero_List_Type.cons_1 ( * loop_l)) (Borrow.inherit_id (Borrow.get_id loop_l) 2); [#"../all_zero.rs" 43 26 43 30] loop_l <- { loop_l with current = (let AllZero_List_Type.C_Cons x0 x1 = * loop_l in AllZero_List_Type.C_Cons x0 ( ^ next)) ; }; - [#"../all_zero.rs" 44 8 44 18] value <- { value with current = ([#"../all_zero.rs" 44 8 44 18] [#"../all_zero.rs" 44 17 44 18] (0 : uint32)) ; }; + [#"../all_zero.rs" 44 8 44 18] value <- { value with current = ([#"../all_zero.rs" 44 8 44 18] (0 : uint32)) ; }; assume { resolve0 value }; [#"../all_zero.rs" 45 17 45 21] _13 <- Borrow.borrow_mut ( * next); [#"../all_zero.rs" 45 17 45 21] next <- { next with current = ( ^ _13) ; }; assume { resolve1 loop_l }; [#"../all_zero.rs" 45 8 45 21] loop_l <- ([#"../all_zero.rs" 45 8 45 21] _13); - [#"../all_zero.rs" 45 8 45 21] _13 <- any borrowed (AllZero_List_Type.t_list); + _13 <- any borrowed (AllZero_List_Type.t_list); assume { resolve2 next }; goto BB2 } diff --git a/creusot/tests/should_succeed/bdd.mlcfg b/creusot/tests/should_succeed/bdd.mlcfg index 729da25651..5beb972661 100644 --- a/creusot/tests/should_succeed/bdd.mlcfg +++ b/creusot/tests/should_succeed/bdd.mlcfg @@ -141,17 +141,17 @@ module Bdd_Hashmap_Impl2_Hash goto BB0 } BB0 { - [#"../bdd.rs" 77 12 77 25] _3 <- ([#"../bdd.rs" 77 12 77 25] hash0 ([#"../bdd.rs" 77 12 77 18] let (a, _) = self in a)); + [#"../bdd.rs" 77 12 77 25] _3 <- ([#"../bdd.rs" 77 12 77 25] hash0 (let (a, _) = self in a)); goto BB1 } BB1 { assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../bdd.rs" 77 39 77 52] _6 <- ([#"../bdd.rs" 77 39 77 52] hash1 ([#"../bdd.rs" 77 39 77 45] let (_, a) = self in a)); + [#"../bdd.rs" 77 39 77 52] _6 <- ([#"../bdd.rs" 77 39 77 52] hash1 (let (_, a) = self in a)); goto BB2 } BB2 { - [#"../bdd.rs" 77 39 77 69] _5 <- ([#"../bdd.rs" 77 39 77 69] wrapping_mul0 _6 ([#"../bdd.rs" 77 66 77 68] [#"../bdd.rs" 77 66 77 68] (17 : uint64))); + [#"../bdd.rs" 77 39 77 69] _5 <- ([#"../bdd.rs" 77 39 77 69] wrapping_mul0 _6 (17 : uint64)); _6 <- any uint64; goto BB3 } @@ -254,7 +254,7 @@ module Bdd_Impl7_Eq goto BB0 } BB0 { - [#"../bdd.rs" 203 8 203 21] _0 <- ([#"../bdd.rs" 203 8 203 21] ([#"../bdd.rs" 203 8 203 14] Bdd_Bdd_Type.bdd_1 self) = ([#"../bdd.rs" 203 18 203 21] Bdd_Bdd_Type.bdd_1 o)); + [#"../bdd.rs" 203 8 203 21] _0 <- ([#"../bdd.rs" 203 8 203 21] Bdd_Bdd_Type.bdd_1 self = Bdd_Bdd_Type.bdd_1 o); return _0 } @@ -353,7 +353,7 @@ module Bdd_Impl14_Eq goto BB0 } BB0 { - [#"../bdd.rs" 90 13 90 22] _4 <- ([#"../bdd.rs" 90 13 90 22] (([#"../bdd.rs" 90 13 90 22] self), ([#"../bdd.rs" 90 13 90 22] rhs))); + [#"../bdd.rs" 90 13 90 22] _4 <- ([#"../bdd.rs" 90 13 90 22] (self, rhs)); switch (let (a, _) = _4 in a) | Bdd_Node_Type.C_False -> goto BB1 | Bdd_Node_Type.C_True -> goto BB4 @@ -371,7 +371,7 @@ module Bdd_Impl14_Eq } BB3 { assume { resolve0 _4 }; - [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] [#"../bdd.rs" 90 13 90 22] false); + [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] false); goto BB22 } BB4 { @@ -394,12 +394,12 @@ module Bdd_Impl14_Eq } BB8 { assume { resolve0 _4 }; - [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] [#"../bdd.rs" 90 13 90 22] true); + [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] true); goto BB22 } BB9 { assume { resolve0 _4 }; - [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] [#"../bdd.rs" 90 13 90 22] true); + [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] true); goto BB22 } BB10 { @@ -410,7 +410,7 @@ module Bdd_Impl14_Eq [#"../bdd.rs" 94 17 94 23] childt_2 <- ([#"../bdd.rs" 94 17 94 23] Bdd_Node_Type.if_childt (let (_, a) = _4 in a)); [#"../bdd.rs" 94 38 94 44] childf_2 <- ([#"../bdd.rs" 94 38 94 44] Bdd_Node_Type.if_childf (let (_, a) = _4 in a)); assume { resolve0 _4 }; - [#"../bdd.rs" 90 13 90 22] _17 <- ([#"../bdd.rs" 90 13 90 22] eq0 ([#"../bdd.rs" 94 38 94 44] childf_1) ([#"../bdd.rs" 94 38 94 44] childf_2)); + [#"../bdd.rs" 90 13 90 22] _17 <- ([#"../bdd.rs" 90 13 90 22] eq0 childf_1 childf_2); goto BB11 } BB11 { @@ -420,7 +420,7 @@ module Bdd_Impl14_Eq end } BB12 { - [#"../bdd.rs" 90 13 90 22] _20 <- ([#"../bdd.rs" 90 13 90 22] eq0 ([#"../bdd.rs" 94 17 94 23] childt_1) ([#"../bdd.rs" 94 17 94 23] childt_2)); + [#"../bdd.rs" 90 13 90 22] _20 <- ([#"../bdd.rs" 90 13 90 22] eq0 childt_1 childt_2); goto BB13 } BB13 { @@ -430,7 +430,7 @@ module Bdd_Impl14_Eq end } BB14 { - [#"../bdd.rs" 90 13 90 22] _23 <- ([#"../bdd.rs" 90 13 90 22] eq1 ([#"../bdd.rs" 94 9 94 10] v_1) ([#"../bdd.rs" 94 9 94 10] v_2)); + [#"../bdd.rs" 90 13 90 22] _23 <- ([#"../bdd.rs" 90 13 90 22] eq1 v_1 v_2); goto BB15 } BB15 { @@ -440,7 +440,7 @@ module Bdd_Impl14_Eq end } BB16 { - [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] [#"../bdd.rs" 90 13 90 22] true); + [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] true); goto BB21 } BB17 { @@ -453,7 +453,7 @@ module Bdd_Impl14_Eq goto BB20 } BB20 { - [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] [#"../bdd.rs" 90 13 90 22] false); + [#"../bdd.rs" 90 13 90 22] _0 <- ([#"../bdd.rs" 90 13 90 22] false); goto BB21 } BB21 { @@ -530,7 +530,7 @@ module Bdd_Impl15_Clone [#"../bdd.rs" 94 17 94 23] childt_1 <- ([#"../bdd.rs" 94 17 94 23] Bdd_Node_Type.if_childt self); [#"../bdd.rs" 94 38 94 44] childf_1 <- ([#"../bdd.rs" 94 38 94 44] Bdd_Node_Type.if_childf self); [#"../bdd.rs" 90 24 90 29] _9 <- ([#"../bdd.rs" 90 24 90 29] v_1); - [#"../bdd.rs" 90 24 90 29] _7 <- ([#"../bdd.rs" 90 24 90 29] clone0 ([#"../bdd.rs" 90 24 90 29] _9)); + [#"../bdd.rs" 90 24 90 29] _7 <- ([#"../bdd.rs" 90 24 90 29] clone0 _9); goto BB7 } BB4 { @@ -547,12 +547,12 @@ module Bdd_Impl15_Clone } BB7 { [#"../bdd.rs" 90 24 90 29] _12 <- ([#"../bdd.rs" 90 24 90 29] childt_1); - [#"../bdd.rs" 90 24 90 29] _10 <- ([#"../bdd.rs" 90 24 90 29] clone1 ([#"../bdd.rs" 90 24 90 29] _12)); + [#"../bdd.rs" 90 24 90 29] _10 <- ([#"../bdd.rs" 90 24 90 29] clone1 _12); goto BB8 } BB8 { [#"../bdd.rs" 90 24 90 29] _15 <- ([#"../bdd.rs" 90 24 90 29] childf_1); - [#"../bdd.rs" 90 24 90 29] _13 <- ([#"../bdd.rs" 90 24 90 29] clone1 ([#"../bdd.rs" 90 24 90 29] _15)); + [#"../bdd.rs" 90 24 90 29] _13 <- ([#"../bdd.rs" 90 24 90 29] clone1 _15); goto BB9 } BB9 { @@ -673,7 +673,7 @@ module Bdd_Impl1_Hash [#"../bdd.rs" 120 17 120 18] v <- ([#"../bdd.rs" 120 17 120 18] Bdd_Node_Type.if_v self); [#"../bdd.rs" 120 20 120 26] childt <- ([#"../bdd.rs" 120 20 120 26] Bdd_Node_Type.if_childt self); [#"../bdd.rs" 120 28 120 34] childf <- ([#"../bdd.rs" 120 28 120 34] Bdd_Node_Type.if_childf self); - [#"../bdd.rs" 121 31 121 55] _9 <- ([#"../bdd.rs" 121 31 121 55] wrapping_mul0 ([#"../bdd.rs" 121 31 121 39] Bdd_Bdd_Type.bdd_1 childt) ([#"../bdd.rs" 121 53 121 54] [#"../bdd.rs" 121 53 121 54] (5 : uint64))); + [#"../bdd.rs" 121 31 121 55] _9 <- ([#"../bdd.rs" 121 31 121 55] wrapping_mul0 (Bdd_Bdd_Type.bdd_1 childt) (5 : uint64)); goto BB7 } BB4 { @@ -681,20 +681,20 @@ module Bdd_Impl1_Hash absurd } BB5 { - [#"../bdd.rs" 118 21 118 22] _0 <- ([#"../bdd.rs" 118 21 118 22] [#"../bdd.rs" 118 21 118 22] (1 : uint64)); + [#"../bdd.rs" 118 21 118 22] _0 <- ([#"../bdd.rs" 118 21 118 22] (1 : uint64)); goto BB11 } BB6 { - [#"../bdd.rs" 119 20 119 21] _0 <- ([#"../bdd.rs" 119 20 119 21] [#"../bdd.rs" 119 20 119 21] (2 : uint64)); + [#"../bdd.rs" 119 20 119 21] _0 <- ([#"../bdd.rs" 119 20 119 21] (2 : uint64)); goto BB11 } BB7 { - [#"../bdd.rs" 121 16 121 56] _7 <- ([#"../bdd.rs" 121 16 121 56] wrapping_add0 ([#"../bdd.rs" 121 16 121 17] v) _9); + [#"../bdd.rs" 121 16 121 56] _7 <- ([#"../bdd.rs" 121 16 121 56] wrapping_add0 v _9); _9 <- any uint64; goto BB8 } BB8 { - [#"../bdd.rs" 121 70 121 94] _11 <- ([#"../bdd.rs" 121 70 121 94] wrapping_mul0 ([#"../bdd.rs" 121 70 121 78] Bdd_Bdd_Type.bdd_1 childf) ([#"../bdd.rs" 121 92 121 93] [#"../bdd.rs" 121 92 121 93] (7 : uint64))); + [#"../bdd.rs" 121 70 121 94] _11 <- ([#"../bdd.rs" 121 70 121 94] wrapping_mul0 (Bdd_Bdd_Type.bdd_1 childf) (7 : uint64)); goto BB9 } BB9 { @@ -1766,7 +1766,7 @@ module Bdd_Impl11_New goto BB0 } BB0 { - [#"../bdd.rs" 425 16 425 21] _10 <- ([#"../bdd.rs" 425 16 425 21] [#"../bdd.rs" 425 16 425 21] promoted0); + [#"../bdd.rs" 425 16 425 21] _10 <- ([#"../bdd.rs" 425 16 425 21] promoted0); [#"../bdd.rs" 425 16 425 21] t <- ([#"../bdd.rs" 425 16 425 21] _10); [#"../bdd.rs" 428 22 428 47] _5 <- ([#"../bdd.rs" 428 22 428 47] new0 ()); goto BB1 @@ -1784,7 +1784,7 @@ module Bdd_Impl11_New goto BB4 } BB4 { - [#"../bdd.rs" 426 8 433 9] _0 <- ([#"../bdd.rs" 426 8 433 9] Bdd_Context_Type.C_Context ([#"../bdd.rs" 427 12 427 17] alloc) _5 _6 _8 _9 ([#"../bdd.rs" 432 17 432 18] [#"../bdd.rs" 432 17 432 18] (0 : uint64))); + [#"../bdd.rs" 426 8 433 9] _0 <- ([#"../bdd.rs" 426 8 433 9] Bdd_Context_Type.C_Context alloc _5 _6 _8 _9 (0 : uint64)); _5 <- any Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd); _6 <- any Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); _8 <- any Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd); @@ -2062,12 +2062,14 @@ module Bdd_Impl11_Hashcons var _23 : (); var _24 : borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd)); var _27 : Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); + var _30 : bool; + var _32 : uint64; { goto BB0 } BB0 { [#"../bdd.rs" 441 44 441 46] _11 <- ([#"../bdd.rs" 441 44 441 46] n); - [#"../bdd.rs" 441 26 441 47] _8 <- ([#"../bdd.rs" 441 26 441 47] get0 ([#"../bdd.rs" 441 26 441 39] Bdd_Context_Type.context_hashcons ( * self)) ([#"../bdd.rs" 441 44 441 46] _11)); + [#"../bdd.rs" 441 26 441 47] _8 <- ([#"../bdd.rs" 441 26 441 47] get0 (Bdd_Context_Type.context_hashcons ( * self)) _11); goto BB1 } BB1 { @@ -2088,15 +2090,15 @@ module Bdd_Impl11_Hashcons goto BB12 } BB4 { - [#"../bdd.rs" 445 20 445 39] _19 <- ([#"../bdd.rs" 445 20 445 39] alloc0 ([#"../bdd.rs" 445 20 445 30] Bdd_Context_Type.context_alloc ( * self)) ([#"../bdd.rs" 445 37 445 38] n)); + [#"../bdd.rs" 445 20 445 39] _19 <- ([#"../bdd.rs" 445 20 445 39] alloc0 (Bdd_Context_Type.context_alloc ( * self)) n); goto BB5 } BB5 { - [#"../bdd.rs" 445 16 445 50] r1 <- ([#"../bdd.rs" 445 16 445 50] Bdd_Bdd_Type.C_Bdd ([#"../bdd.rs" 445 20 445 39] * _19) ([#"../bdd.rs" 445 41 445 49] Bdd_Context_Type.context_cnt ( * self))); + [#"../bdd.rs" 445 16 445 50] r1 <- ([#"../bdd.rs" 445 16 445 50] Bdd_Bdd_Type.C_Bdd ( * _19) (Bdd_Context_Type.context_cnt ( * self))); assume { resolve1 _19 }; [#"../bdd.rs" 446 8 446 21] _24 <- Borrow.borrow_final (Bdd_Context_Type.context_hashcons ( * self)) (Borrow.inherit_id (Borrow.get_id self) 2); [#"../bdd.rs" 446 8 446 21] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 ( ^ _24) x2 x3 x4 x5) ; }; - [#"../bdd.rs" 446 8 446 31] _23 <- ([#"../bdd.rs" 446 8 446 31] add0 _24 ([#"../bdd.rs" 446 26 446 27] n) ([#"../bdd.rs" 446 29 446 30] r1)); + [#"../bdd.rs" 446 8 446 31] _23 <- ([#"../bdd.rs" 446 8 446 31] add0 _24 n r1); _24 <- any borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Node_Type.t_node) (Bdd_Bdd_Type.t_bdd)); goto BB6 } @@ -2106,8 +2108,11 @@ module Bdd_Impl11_Hashcons } BB7 { [#"../bdd.rs" 447 8 447 77] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 ([#"../bdd.rs" 447 8 447 77] _27) x3 x4 x5) ; }; - [#"../bdd.rs" 447 8 447 77] _27 <- any Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); - switch ([#"../bdd.rs" 448 11 448 34] ([#"../bdd.rs" 448 11 448 19] Bdd_Context_Type.context_cnt ( * self)) > ([#"../bdd.rs" 448 22 448 34] ([#"../bdd.rs" 448 22 448 30] [#"../bdd.rs" 448 22 448 30] (18446744073709551615 : uint64)) - ([#"../bdd.rs" 448 33 448 34] [#"../bdd.rs" 448 33 448 34] (1 : uint64)))) + _27 <- any Snapshot.snap_ty (Map.map uint64 (Bdd_Node_Type.t_node)); + [#"../bdd.rs" 448 22 448 34] _32 <- ([#"../bdd.rs" 448 22 448 34] (18446744073709551615 : uint64) - (1 : uint64)); + [#"../bdd.rs" 448 11 448 34] _30 <- ([#"../bdd.rs" 448 11 448 34] Bdd_Context_Type.context_cnt ( * self) > _32); + _32 <- any uint64; + switch (_30) | False -> goto BB11 | True -> goto BB8 end @@ -2119,11 +2124,11 @@ module Bdd_Impl11_Hashcons goto BB10 } BB10 { - [#"../bdd.rs" 451 16 451 35] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 ([#"../bdd.rs" 451 27 451 35] Bdd_Context_Type.context_cnt ( * self))) ; }; + [#"../bdd.rs" 451 16 451 35] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 ([#"../bdd.rs" 451 16 451 35] Bdd_Context_Type.context_cnt ( * self))) ; }; goto BB9 } BB11 { - [#"../bdd.rs" 454 8 454 21] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 ([#"../bdd.rs" 454 8 454 21] Bdd_Context_Type.context_cnt ( * self) + ([#"../bdd.rs" 454 20 454 21] [#"../bdd.rs" 454 20 454 21] (1 : uint64)))) ; }; + [#"../bdd.rs" 454 8 454 21] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 ([#"../bdd.rs" 454 8 454 21] Bdd_Context_Type.context_cnt ( * self) + (1 : uint64))) ; }; assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; [#"../bdd.rs" 455 8 455 9] _0 <- ([#"../bdd.rs" 455 8 455 9] r1); @@ -2321,11 +2326,12 @@ module Bdd_Impl11_Node var childf : Bdd_Bdd_Type.t_bdd = childf; var _13 : bool; var _17 : borrowed (Bdd_Context_Type.t_context); + var _18 : Bdd_Node_Type.t_node; { goto BB0 } BB0 { - [#"../bdd.rs" 466 11 466 27] _13 <- ([#"../bdd.rs" 466 11 466 27] eq0 ([#"../bdd.rs" 466 11 466 17] childt) ([#"../bdd.rs" 466 21 466 27] childf)); + [#"../bdd.rs" 466 11 466 27] _13 <- ([#"../bdd.rs" 466 11 466 27] eq0 childt childf); goto BB1 } BB1 { @@ -2344,8 +2350,10 @@ module Bdd_Impl11_Node [#"../bdd.rs" 469 8 469 12] _17 <- Borrow.borrow_final ( * self) (Borrow.get_id self); [#"../bdd.rs" 469 8 469 12] self <- { self with current = ( ^ _17) ; }; assume { inv0 ( ^ _17) }; - [#"../bdd.rs" 469 8 469 50] _0 <- ([#"../bdd.rs" 469 8 469 50] hashcons0 _17 ([#"../bdd.rs" 469 22 469 49] Bdd_Node_Type.C_If ([#"../bdd.rs" 469 30 469 31] x) ([#"../bdd.rs" 469 33 469 39] childt) ([#"../bdd.rs" 469 41 469 47] childf))); + [#"../bdd.rs" 469 22 469 49] _18 <- ([#"../bdd.rs" 469 22 469 49] Bdd_Node_Type.C_If x childt childf); + [#"../bdd.rs" 469 8 469 50] _0 <- ([#"../bdd.rs" 469 8 469 50] hashcons0 _17 _18); _17 <- any borrowed (Bdd_Context_Type.t_context); + _18 <- any Bdd_Node_Type.t_node; goto BB4 } BB4 { @@ -2516,6 +2524,7 @@ module Bdd_Impl11_True var _0 : Bdd_Bdd_Type.t_bdd; var self : borrowed (Bdd_Context_Type.t_context) = self; var _6 : borrowed (Bdd_Context_Type.t_context); + var _7 : Bdd_Node_Type.t_node; { goto BB0 } @@ -2523,8 +2532,10 @@ module Bdd_Impl11_True [#"../bdd.rs" 477 8 477 12] _6 <- Borrow.borrow_final ( * self) (Borrow.get_id self); [#"../bdd.rs" 477 8 477 12] self <- { self with current = ( ^ _6) ; }; assume { inv0 ( ^ _6) }; - [#"../bdd.rs" 477 8 477 27] _0 <- ([#"../bdd.rs" 477 8 477 27] hashcons0 _6 ([#"../bdd.rs" 477 22 477 26] Bdd_Node_Type.C_True)); + [#"../bdd.rs" 477 22 477 26] _7 <- ([#"../bdd.rs" 477 22 477 26] Bdd_Node_Type.C_True); + [#"../bdd.rs" 477 8 477 27] _0 <- ([#"../bdd.rs" 477 8 477 27] hashcons0 _6 _7); _6 <- any borrowed (Bdd_Context_Type.t_context); + _7 <- any Bdd_Node_Type.t_node; goto BB1 } BB1 { @@ -2692,6 +2703,7 @@ module Bdd_Impl11_False var _0 : Bdd_Bdd_Type.t_bdd; var self : borrowed (Bdd_Context_Type.t_context) = self; var _6 : borrowed (Bdd_Context_Type.t_context); + var _7 : Bdd_Node_Type.t_node; { goto BB0 } @@ -2699,8 +2711,10 @@ module Bdd_Impl11_False [#"../bdd.rs" 485 8 485 12] _6 <- Borrow.borrow_final ( * self) (Borrow.get_id self); [#"../bdd.rs" 485 8 485 12] self <- { self with current = ( ^ _6) ; }; assume { inv0 ( ^ _6) }; - [#"../bdd.rs" 485 8 485 28] _0 <- ([#"../bdd.rs" 485 8 485 28] hashcons0 _6 ([#"../bdd.rs" 485 22 485 27] Bdd_Node_Type.C_False)); + [#"../bdd.rs" 485 22 485 27] _7 <- ([#"../bdd.rs" 485 22 485 27] Bdd_Node_Type.C_False); + [#"../bdd.rs" 485 8 485 28] _0 <- ([#"../bdd.rs" 485 8 485 28] hashcons0 _6 _7); _6 <- any borrowed (Bdd_Context_Type.t_context); + _7 <- any Bdd_Node_Type.t_node; goto BB1 } BB1 { @@ -2916,7 +2930,7 @@ module Bdd_Impl11_V [#"../bdd.rs" 494 8 494 12] _10 <- Borrow.borrow_final ( * self) (Borrow.get_id self); [#"../bdd.rs" 494 8 494 12] self <- { self with current = ( ^ _10) ; }; assume { inv0 ( ^ _10) }; - [#"../bdd.rs" 494 8 494 26] _0 <- ([#"../bdd.rs" 494 8 494 26] node0 _10 ([#"../bdd.rs" 494 18 494 19] x) ([#"../bdd.rs" 494 21 494 22] t) ([#"../bdd.rs" 494 24 494 25] f)); + [#"../bdd.rs" 494 8 494 26] _0 <- ([#"../bdd.rs" 494 8 494 26] node0 _10 x t f); _10 <- any borrowed (Bdd_Context_Type.t_context); goto BB3 } @@ -3220,7 +3234,7 @@ module Bdd_Impl11_Not } BB0 { [#"../bdd.rs" 504 43 504 45] _13 <- ([#"../bdd.rs" 504 43 504 45] x); - [#"../bdd.rs" 504 25 504 46] _10 <- ([#"../bdd.rs" 504 25 504 46] get0 ([#"../bdd.rs" 504 25 504 38] Bdd_Context_Type.context_not_memo ( * self)) ([#"../bdd.rs" 504 43 504 45] _13)); + [#"../bdd.rs" 504 25 504 46] _10 <- ([#"../bdd.rs" 504 25 504 46] get0 (Bdd_Context_Type.context_not_memo ( * self)) _13); goto BB1 } BB1 { @@ -3265,7 +3279,7 @@ module Bdd_Impl11_Not [#"../bdd.rs" 511 29 511 33] _25 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 511 29 511 33] self <- { self with current = ( ^ _25) ; }; assume { inv1 ( ^ _25) }; - [#"../bdd.rs" 511 29 511 45] childt1 <- ([#"../bdd.rs" 511 29 511 45] not' _25 ([#"../bdd.rs" 511 38 511 44] childt)); + [#"../bdd.rs" 511 29 511 45] childt1 <- ([#"../bdd.rs" 511 29 511 45] not' _25 childt); _25 <- any borrowed (Bdd_Context_Type.t_context); goto BB13 } @@ -3295,7 +3309,7 @@ module Bdd_Impl11_Not [#"../bdd.rs" 512 29 512 33] _28 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 512 29 512 33] self <- { self with current = ( ^ _28) ; }; assume { inv1 ( ^ _28) }; - [#"../bdd.rs" 512 29 512 45] childf1 <- ([#"../bdd.rs" 512 29 512 45] not' _28 ([#"../bdd.rs" 512 38 512 44] childf)); + [#"../bdd.rs" 512 29 512 45] childf1 <- ([#"../bdd.rs" 512 29 512 45] not' _28 childf); _28 <- any borrowed (Bdd_Context_Type.t_context); goto BB14 } @@ -3303,7 +3317,7 @@ module Bdd_Impl11_Not [#"../bdd.rs" 513 16 513 20] _30 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 513 16 513 20] self <- { self with current = ( ^ _30) ; }; assume { inv1 ( ^ _30) }; - [#"../bdd.rs" 513 16 513 44] r1 <- ([#"../bdd.rs" 513 16 513 44] node0 _30 ([#"../bdd.rs" 513 26 513 27] v) ([#"../bdd.rs" 513 29 513 35] childt1) ([#"../bdd.rs" 513 37 513 43] childf1)); + [#"../bdd.rs" 513 16 513 44] r1 <- ([#"../bdd.rs" 513 16 513 44] node0 _30 v childt1 childf1); _30 <- any borrowed (Bdd_Context_Type.t_context); goto BB15 } @@ -3313,7 +3327,7 @@ module Bdd_Impl11_Not BB16 { [#"../bdd.rs" 516 8 516 21] _35 <- Borrow.borrow_final (Bdd_Context_Type.context_not_memo ( * self)) (Borrow.inherit_id (Borrow.get_id self) 4); [#"../bdd.rs" 516 8 516 21] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 x2 ( ^ _35) x4 x5) ; }; - [#"../bdd.rs" 516 8 516 31] _34 <- ([#"../bdd.rs" 516 8 516 31] add0 _35 ([#"../bdd.rs" 516 26 516 27] x) ([#"../bdd.rs" 516 29 516 30] r1)); + [#"../bdd.rs" 516 8 516 31] _34 <- ([#"../bdd.rs" 516 8 516 31] add0 _35 x r1); _35 <- any borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)); goto BB17 } @@ -3725,13 +3739,14 @@ module Bdd_Impl11_And var _74 : borrowed (Bdd_Context_Type.t_context); var _78 : (); var _79 : borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)); + var _80 : (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd); { goto BB0 } BB0 { - [#"../bdd.rs" 528 44 528 50] _16 <- ([#"../bdd.rs" 528 44 528 50] (([#"../bdd.rs" 528 45 528 46] a), ([#"../bdd.rs" 528 48 528 49] b))); + [#"../bdd.rs" 528 44 528 50] _16 <- ([#"../bdd.rs" 528 44 528 50] (a, b)); [#"../bdd.rs" 528 43 528 50] _15 <- ([#"../bdd.rs" 528 43 528 50] _16); - [#"../bdd.rs" 528 25 528 51] _12 <- ([#"../bdd.rs" 528 25 528 51] get0 ([#"../bdd.rs" 528 25 528 38] Bdd_Context_Type.context_and_memo ( * self)) ([#"../bdd.rs" 528 43 528 50] _15)); + [#"../bdd.rs" 528 25 528 51] _12 <- ([#"../bdd.rs" 528 25 528 51] get0 (Bdd_Context_Type.context_and_memo ( * self)) _15); goto BB1 } BB1 { @@ -3756,7 +3771,7 @@ module Bdd_Impl11_And absurd } BB5 { - [#"../bdd.rs" 531 22 531 34] _23 <- ([#"../bdd.rs" 531 22 531 34] (([#"../bdd.rs" 531 23 531 27] Bdd_Bdd_Type.bdd_0 a), ([#"../bdd.rs" 531 29 531 33] Bdd_Bdd_Type.bdd_0 b))); + [#"../bdd.rs" 531 22 531 34] _23 <- ([#"../bdd.rs" 531 22 531 34] (Bdd_Bdd_Type.bdd_0 a, Bdd_Bdd_Type.bdd_0 b)); switch (let (a, _) = _23 in a) | Bdd_Node_Type.C_True -> goto BB7 | _ -> goto BB6 @@ -3808,7 +3823,7 @@ module Bdd_Impl11_And [#"../bdd.rs" 536 53 536 60] childfa <- ([#"../bdd.rs" 536 53 536 60] Bdd_Node_Type.if_childf (let (a, _) = _23 in a)); assume { resolve2 _23 }; [#"../bdd.rs" 540 29 540 32] _45 <- ([#"../bdd.rs" 540 29 540 32] vb); - [#"../bdd.rs" 540 22 540 33] _42 <- ([#"../bdd.rs" 540 22 540 33] cmp0 ([#"../bdd.rs" 540 22 540 24] va) ([#"../bdd.rs" 540 29 540 32] _45)); + [#"../bdd.rs" 540 22 540 33] _42 <- ([#"../bdd.rs" 540 22 540 33] cmp0 va _45); goto BB19 } BB15 { @@ -3844,11 +3859,11 @@ module Bdd_Impl11_And goto BB26 } BB21 { - [#"../bdd.rs" 552 24 552 30] v <- ([#"../bdd.rs" 552 28 552 30] va); + [#"../bdd.rs" 552 24 552 30] v <- ([#"../bdd.rs" 552 24 552 30] va); [#"../bdd.rs" 553 33 553 37] _67 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 553 33 553 37] self <- { self with current = ( ^ _67) ; }; assume { inv1 ( ^ _67) }; - [#"../bdd.rs" 553 33 553 59] _66 <- ([#"../bdd.rs" 553 33 553 59] and _67 ([#"../bdd.rs" 553 42 553 49] childta) ([#"../bdd.rs" 553 51 553 58] childtb)); + [#"../bdd.rs" 553 33 553 59] _66 <- ([#"../bdd.rs" 553 33 553 59] and _67 childta childtb); _67 <- any borrowed (Bdd_Context_Type.t_context); goto BB29 } @@ -3856,68 +3871,68 @@ module Bdd_Impl11_And goto BB23 } BB23 { - [#"../bdd.rs" 542 24 542 30] v <- ([#"../bdd.rs" 542 28 542 30] vb); + [#"../bdd.rs" 542 24 542 30] v <- ([#"../bdd.rs" 542 24 542 30] vb); [#"../bdd.rs" 543 33 543 37] _49 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 543 33 543 37] self <- { self with current = ( ^ _49) ; }; assume { inv1 ( ^ _49) }; - [#"../bdd.rs" 543 33 543 53] _48 <- ([#"../bdd.rs" 543 33 543 53] and _49 ([#"../bdd.rs" 543 42 543 43] a) ([#"../bdd.rs" 543 45 543 52] childtb)); + [#"../bdd.rs" 543 33 543 53] _48 <- ([#"../bdd.rs" 543 33 543 53] and _49 a childtb); _49 <- any borrowed (Bdd_Context_Type.t_context); goto BB24 } BB24 { [#"../bdd.rs" 543 24 543 53] childt <- ([#"../bdd.rs" 543 24 543 53] _48); - [#"../bdd.rs" 543 24 543 53] _48 <- any Bdd_Bdd_Type.t_bdd; + _48 <- any Bdd_Bdd_Type.t_bdd; [#"../bdd.rs" 544 33 544 37] _53 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 544 33 544 37] self <- { self with current = ( ^ _53) ; }; assume { inv1 ( ^ _53) }; - [#"../bdd.rs" 544 33 544 53] _52 <- ([#"../bdd.rs" 544 33 544 53] and _53 ([#"../bdd.rs" 544 42 544 43] a) ([#"../bdd.rs" 544 45 544 52] childfb)); + [#"../bdd.rs" 544 33 544 53] _52 <- ([#"../bdd.rs" 544 33 544 53] and _53 a childfb); _53 <- any borrowed (Bdd_Context_Type.t_context); goto BB25 } BB25 { [#"../bdd.rs" 544 24 544 53] childf <- ([#"../bdd.rs" 544 24 544 53] _52); - [#"../bdd.rs" 544 24 544 53] _52 <- any Bdd_Bdd_Type.t_bdd; + _52 <- any Bdd_Bdd_Type.t_bdd; [#"../bdd.rs" 541 31 545 21] _41 <- ([#"../bdd.rs" 541 31 545 21] ()); goto BB31 } BB26 { - [#"../bdd.rs" 547 24 547 30] v <- ([#"../bdd.rs" 547 28 547 30] va); + [#"../bdd.rs" 547 24 547 30] v <- ([#"../bdd.rs" 547 24 547 30] va); [#"../bdd.rs" 548 33 548 37] _58 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 548 33 548 37] self <- { self with current = ( ^ _58) ; }; assume { inv1 ( ^ _58) }; - [#"../bdd.rs" 548 33 548 53] _57 <- ([#"../bdd.rs" 548 33 548 53] and _58 ([#"../bdd.rs" 548 42 548 49] childta) ([#"../bdd.rs" 548 51 548 52] b)); + [#"../bdd.rs" 548 33 548 53] _57 <- ([#"../bdd.rs" 548 33 548 53] and _58 childta b); _58 <- any borrowed (Bdd_Context_Type.t_context); goto BB27 } BB27 { [#"../bdd.rs" 548 24 548 53] childt <- ([#"../bdd.rs" 548 24 548 53] _57); - [#"../bdd.rs" 548 24 548 53] _57 <- any Bdd_Bdd_Type.t_bdd; + _57 <- any Bdd_Bdd_Type.t_bdd; [#"../bdd.rs" 549 33 549 37] _62 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 549 33 549 37] self <- { self with current = ( ^ _62) ; }; assume { inv1 ( ^ _62) }; - [#"../bdd.rs" 549 33 549 53] _61 <- ([#"../bdd.rs" 549 33 549 53] and _62 ([#"../bdd.rs" 549 42 549 49] childfa) ([#"../bdd.rs" 549 51 549 52] b)); + [#"../bdd.rs" 549 33 549 53] _61 <- ([#"../bdd.rs" 549 33 549 53] and _62 childfa b); _62 <- any borrowed (Bdd_Context_Type.t_context); goto BB28 } BB28 { [#"../bdd.rs" 549 24 549 53] childf <- ([#"../bdd.rs" 549 24 549 53] _61); - [#"../bdd.rs" 549 24 549 53] _61 <- any Bdd_Bdd_Type.t_bdd; + _61 <- any Bdd_Bdd_Type.t_bdd; [#"../bdd.rs" 546 28 550 21] _41 <- ([#"../bdd.rs" 546 28 550 21] ()); goto BB31 } BB29 { [#"../bdd.rs" 553 24 553 59] childt <- ([#"../bdd.rs" 553 24 553 59] _66); - [#"../bdd.rs" 553 24 553 59] _66 <- any Bdd_Bdd_Type.t_bdd; + _66 <- any Bdd_Bdd_Type.t_bdd; [#"../bdd.rs" 554 33 554 37] _71 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 554 33 554 37] self <- { self with current = ( ^ _71) ; }; assume { inv1 ( ^ _71) }; - [#"../bdd.rs" 554 33 554 59] _70 <- ([#"../bdd.rs" 554 33 554 59] and _71 ([#"../bdd.rs" 554 42 554 49] childfa) ([#"../bdd.rs" 554 51 554 58] childfb)); + [#"../bdd.rs" 554 33 554 59] _70 <- ([#"../bdd.rs" 554 33 554 59] and _71 childfa childfb); _71 <- any borrowed (Bdd_Context_Type.t_context); goto BB30 } BB30 { [#"../bdd.rs" 554 24 554 59] childf <- ([#"../bdd.rs" 554 24 554 59] _70); - [#"../bdd.rs" 554 24 554 59] _70 <- any Bdd_Bdd_Type.t_bdd; + _70 <- any Bdd_Bdd_Type.t_bdd; [#"../bdd.rs" 551 29 555 21] _41 <- ([#"../bdd.rs" 551 29 555 21] ()); goto BB31 } @@ -3925,7 +3940,7 @@ module Bdd_Impl11_And [#"../bdd.rs" 557 16 557 20] _74 <- Borrow.borrow_mut ( * self); [#"../bdd.rs" 557 16 557 20] self <- { self with current = ( ^ _74) ; }; assume { inv1 ( ^ _74) }; - [#"../bdd.rs" 557 16 557 44] r1 <- ([#"../bdd.rs" 557 16 557 44] node0 _74 ([#"../bdd.rs" 557 26 557 27] v) ([#"../bdd.rs" 557 29 557 35] childt) ([#"../bdd.rs" 557 37 557 43] childf)); + [#"../bdd.rs" 557 16 557 44] r1 <- ([#"../bdd.rs" 557 16 557 44] node0 _74 v childt childf); _74 <- any borrowed (Bdd_Context_Type.t_context); goto BB32 } @@ -3935,8 +3950,10 @@ module Bdd_Impl11_And BB33 { [#"../bdd.rs" 560 8 560 21] _79 <- Borrow.borrow_final (Bdd_Context_Type.context_and_memo ( * self)) (Borrow.inherit_id (Borrow.get_id self) 5); [#"../bdd.rs" 560 8 560 21] self <- { self with current = (let Bdd_Context_Type.C_Context x0 x1 x2 x3 x4 x5 = * self in Bdd_Context_Type.C_Context x0 x1 x2 x3 ( ^ _79) x5) ; }; - [#"../bdd.rs" 560 8 560 36] _78 <- ([#"../bdd.rs" 560 8 560 36] add0 _79 ([#"../bdd.rs" 560 26 560 32] (([#"../bdd.rs" 560 27 560 28] a), ([#"../bdd.rs" 560 30 560 31] b))) ([#"../bdd.rs" 560 34 560 35] r1)); + [#"../bdd.rs" 560 26 560 32] _80 <- ([#"../bdd.rs" 560 26 560 32] (a, b)); + [#"../bdd.rs" 560 8 560 36] _78 <- ([#"../bdd.rs" 560 8 560 36] add0 _79 _80 r1); _79 <- any borrowed (Bdd_Hashmap_MyHashMap_Type.t_myhashmap (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd) (Bdd_Bdd_Type.t_bdd)); + _80 <- any (Bdd_Bdd_Type.t_bdd, Bdd_Bdd_Type.t_bdd); goto BB34 } BB34 { diff --git a/creusot/tests/should_succeed/bdd/why3session.xml b/creusot/tests/should_succeed/bdd/why3session.xml index 7e2b51fade..6618e26c9c 100644 --- a/creusot/tests/should_succeed/bdd/why3session.xml +++ b/creusot/tests/should_succeed/bdd/why3session.xml @@ -247,7 +247,7 @@ - + @@ -262,52 +262,52 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -318,7 +318,7 @@ - + @@ -327,18 +327,18 @@ - + - + - + - + @@ -347,28 +347,28 @@ - + - + - + - + - + - + - + @@ -380,7 +380,7 @@ - + @@ -639,10 +639,10 @@ - + - + @@ -653,14 +653,14 @@ - + - + @@ -675,13 +675,13 @@ - + - + - + @@ -694,12 +694,12 @@ - + - + @@ -710,10 +710,10 @@ - + - + @@ -723,12 +723,12 @@ - + - + @@ -736,7 +736,7 @@ - + @@ -748,7 +748,7 @@ - + diff --git a/creusot/tests/should_succeed/bdd/why3shapes.gz b/creusot/tests/should_succeed/bdd/why3shapes.gz index 8a9e864eaafc5f7e571376143ac6a3fa1c8eace1..4506ae1babb921c56720f687b77c2848edd4354f 100644 GIT binary patch literal 14367 zcmV+)IN--0iwFP!00000|LuKQj~qFY=6n7Mz4dN22H<@xrV7Xvq)h>h?uQ-3Vv!V7o)4G&z{g8=5YMl|kKz9A_T}sQ1DD|+;q5+|2w_lf4meV(=klpilZ{ig>SZS)1IZ-4Xa-TU$; ziQx$k@#X#7)gYg@iNXxC)kHCn<%jXk4;P7BBAU5?Xl9tGO&B{9#Q=A&PkTY1c9^KM zeI5~yZMJR`^)Tu`J<#Z+uRc+m-&{6P{@|9=TPKca4!!{P0+uD%x^%&s6P=xa(N^E5@OD`{J_Qw=%oRZ@=wBJ z#+i^<-Zc!wgn{S?TuiX%^8lK*^2KVoQ_Hf;v5`f_$UAAX0>ihTa zhllO@Ag^hZ2Y%fK#h(3b(d7($g!lC6eSdfSZ*BNO1rZ#s*Hl|gkX_wz_H6i4wJ(q8 zeLOqvWV-nHeH#du=fC$S--~Cbl+_2*fQj(3-ll)Ne3k3LJZq2m^yq$k#OTqx;m$8U z(d~&_e9@oS{(*irPC|VTb{;3BQPA`W(KI1jvrxl0&#QkY#_2Q>Z5YCwnGNn%w_+rx zXlRJzi9Dv>2|a}v0kruP56q`Hkv}0fCWM0?w!xDN`f}UIDa3-p<1^lAJl?Y9XT!Yt zP7d#kVf*v|Et;RF6WLEO7xp0BG=J|GH&+DUz+Uu!o=@r_y}El{ z{xrTN*nIqC`nNx8Bpv?gPhNme4-PEZ8S~&fPaag~#6zcsJ;-OB$vQvkgJ}P%1(8^L zA{Qj;PedmWo9NR}Uzm=Cm$jPNX)uW|hXFe>kDv?j!ed*wV19ZmKH3Fa!q~Cwa_NE{ z_4!dQ*jArM)>dw|Ub|qssQ>gpqm8~+F4*#$2Q7OS5B;_=PaYZq)6^`9PSbkf(63%2~`;fWgE4%HQaTh5nT%GC(u&?x6F zpqx7vD-kYL08LE|juEMipGX6YdVxU`{O_CxeenM1S<@KpAxUV$$jDLx07+cCAaS3X zLpL1`@0WV@?aTjPuHddby?uK3`o4U)KlJ~x<}ZdfF9RrfU_%&*h_YRTpAWV>lpv2C z0!vFT-`>6puU_U`42PkWJNUtCb=OBPf1sDw;qPzm-oM4`38VJlcG>o7Y{c0BjI+T9 z_SX~iAE`V1H8oGrY3A7Y{D(zf`@P=339sKiL=HBPgEeyeh|Bx(=2zA%%zP8zdp2W3 zapTiPGYYEN;%?dSdf85_+KFYmqX~uU>aL#-vv3XZowV4i65ieeZ`OR!)daxcaS9>k zF4U?+wMOhbaJ2zkZD9H0Je*@D0hoD;fX?m9H*daRd6;NRA7dw7MerylWczK&O|@l2`kA$;KBg9smF1B9!1 z)l6qYhwl4DoF0Yo38?yGVyDlq2F`twOL~K@%O>I<#MQ5FO1gWUU*5mGdwuoS&F=X} zbidgf@5AGbU}wnl(>cn;^OOrq)Wb}{%Te!h3DW%aEJ*%%kTm{Bj7^0PI(#tUgB=I= z!EExy2lJ^jW2V6#burHU2mPsC=yCFgt3hxZf&Vn!Mcfc25I+3&>Yikp-hSw@)9Sl0 zwwXWe53YW_dwaj&>1AL1lD^35E@hOMjP5@S7Wr?(^%%X30MO^#`~LMB(M6wav}a!P z0jId^d!JmG`6F=aA!6E&;1N@`!KmeEri97W%a>2_zn8~kA*a6uc8k8qr=9zvP!o4Y z-*Nh|Cs9^kT6#BsN`vBm?GdFAJ%BqLwn+P)e6uzdypIpGlvB&FF(w41r-N$qA!f`> zyFL0+(w8TrYM;vaQyQbBLDAKDOod#GX;(#Tj6oeFJDnIwQ=wLju8zOd^yTTyNSX@0 z`c%^x@caR4i+Ntc8STDe14TSE-D%vtAO?Kdath6&3qj0s%6hJ)J4RCXe9Qciq>nb( z&bP$L#ITfPXl!f&utV~xdB$tA(1q>nbZiR0Dkt4?sqFQev?kB*Uk ze%)E6hX?Yy!9@@D*rSB|z5P&M&!!G{eZZ2YKSsQeT@7%?bfC zUbx30F!g)teV-8de&Eq1&fqM?HqhIANPhpnpJJglG26j;bno-ax9JVR|1C6AO)1&+ zqoGSmq_?>y)wS8gkq#IX#eORi^GP%83jTSSKN0uc-W2H}As)a9trWGIaKi1WKtD>B z_xd7Lp+}>)-^vcHW{m8EbT}udf9W}3gj7q_0DW=NJLx`8c4^i+`;CSmPq-Hi$Klb6 zU(s~)q3{&Old6-$>KHWA^~wq!q?+#_s%?F41*hq@t%qWYUn#?r!t1-&FH?ARH3*$; z*&n+|IM}wDE4n#M!}>1GRa@s)MV5i>?3z~?ye|>ZJ%iVp+i{ug@Ka@up2HZf%1H+ za^QSX<{)~4%2FOkUiZr%aQV+s$1NlI*BBP9AGeUCDV$r*>7pgJaD7F2o4-Rc)>J1d z&~R=kr$-bSVJy}w8>pwZ|M%{f(gnC(eJVI2`}ohTYlw<=0o2{lN%+vBknk4Qw~XH2 z|L3pe$wcw1c{Qe|CXVO1r6L(YSg{Wg=Iz_^W>n6tL&Bt?Av*zo0HS^%p`z=C%cxZQ z+i|$*_5Co?2_-&$f|l@mb_mnbKDo7c`T8H_&CB~+-2T0^f2ctc9Y&+##C?nWz#REd z6CUE-n>TmwOa9X@|8Ld)=hn&MlTcs24zD`kp|dttjX_>*&93Y)+T!oYOEtV2XAXp- zW#Z-9V|e|d%LL@VQ60`A2`uUBm#<%!Hz!28{rf)<@(!aP^2!8xm{mTLhA+oTnT7Dd zg%2K7qR5etp?%tI*6%@K!)e(eS_?x@m5?v%)t*QRB{P>jP#1ZTPM3|!ZvDsp{P?aB`LO(#9 zKVXtRz(4)K?Q(E`exTEi>Y~lvg`d!++?$3CyzUnBAjWwRI}ExbWsqn-sTA&Z^#tCb z<+7lJfb6JQIe$c%rN!7gpAxXM1d-z)E?|DS0J`XQg9vs4^!o1p_LuU@-3;QF6%mfs zFos5FUd2U{x?%F}G$|CvhqPw42#*)ndziZk^YA*aF~1D;u*5G+h&&d#zpdYfBh;Uc zPQ$7hRU0gB?B9;wy4Bm&;)ti}g_>b94ji`cX(=fKY1OG;2M1P{Ca1$py?MkW)<7_ijHH_ zx5UJG(u?C@e17w2g0%FB-XHe9nBy}H`_Za}LXxIgaB;n%&*=Smb#{GLPd2dIdY5uA zh?<76P80SB{oVtg*%O~M?5WGX!1lEH;AOAwe%`vfK5fZnrB2RCOHMaUjsJgrMak#k z4ZmKyt;34sczxE9>&)4MLdu42TgU6io8}!diDmI0xfR!+?x1uKBHZy~Jo&C)bba1| zYbj4b4qQt*Xi9I-gpng*skMa{O!R- zw`4%NWjS^8cc^eRGU%S1Zp2YXti0gl>viNdO7~}zgINeDfBP>v7|0^XkTyBc&1Bhc zP7c(*9H_M%sBJk=56giWVXEgH8k$?%E8Y?VZ>S&RcyBHQ2FC*Q<2E^(7gE z);-?bbt9wNMe7A&%=?xi=_Nm7$iA*q>La^lrv*$c3pdpZwQ}si{2_73t_RW9&BV2icbuQz(NgpGadSoE=4xx)12^KcRt-%Jg+7&NDktvpOs`Mn znV`?&3^m)!-$!XCy}M=u-ixx^TFJ96%eWePpnUhU_mGTUy$&_?Y}h9QHL;zmU6=B+ zo@#GI)#tOagM0e(kgcYA#YGk5Mpm1zN(A|saXu*>8`6@!e*E0aRy8&hntoWs)8m)> zFYA!P9+RcF=Qn`x0p#Y>5x_DvcFRXEeoV#U!9vAvCsu!M&2|!~tiSG^xv`#Wz-t=R zai~N9Z@HT?_I6V91FR{SxIN8)bbOl9ABn}s!M23Q(=Atv&#o50-W><89q8Tl0*}dL zz?Zt^?)uCSuNS1)cINho*rD3NFCzQPmoqXLLq0Otu+xBs&=J`3N&8R-?~Ti4QV8F@ zdpX^8Rt@xMK(hcLV_s8U*~?Av|wcs13fSX`J4yYg5H>RjqtE z-?mk;>8{n|_8z%B`0dOERW%dPv4;4?(}gu3%A$vjIb3X{mVR!o!(4>icF&AXg@?i# zH{G<=Ro}4U&qmgmHruS(g50;R)g9^T0S37!qxwdiGw5vB)hQnQfQHi^sa9~ja4+02 z6nFVnG+H@4dBUGP@5RZa|6hz&<@t*fvXCFHC$e;{KiE+C&zJ zx92ZLx(V^3Z4_@(cEO5_L2=b+KJw z&G%j$mu0lN`c|-g`jpKpv*?(l@z2X$4G84cCEe@VEPX~C)IuB<(!hsd4F%-9J(*Xi zPvoLiq0H6(3%O`J(MKR`g8}GUF|26!TE=JsA7^T! zx_QUl>`*Q^A|f7 zqj{-w@3QR`U9LQsQ?>nkCKIyVux%QWCwP+e?YXze{RS>bN3`>w5J&!_n)*TgG3#n%{Sy`s=@i8 zopG=wDDS2s88#Qm@VQ7v%r!D{Gh$JzJzi>vZq&TTYg9CZ#1zo%Ml>Hr=lR1}m;#@1 zGb&?y>o7+pFH-tfs;ua4I{$JXPk=SOSi1H#7-_(&W#7Upc1-u&E}>{Zwd^l?Y@sh88oEwcx#!ntw@piz|OzgfSG^Uix zyHg~u&%C|oBTdnNJGr8->-5z2-Ss&m)L)MjyxaF2n_^jH9t68y=#<@b!lpLr>3lY% z6PB5S>6C(oxp)9|vDy-IM`u>-Vo&LNu}GZw>xHt~&xUNNx#e=eunI7tKLlljJyoy& zxHV~aYDII^V!C4{7VJds@o4Y`*-$mJHBi|*7zZjB^Cb7@X@|9kHMMZ3hoO!dw!Il} z4R_}H0a3eK)pLw8Oa&`PGJI#or<*M3T3@r;Sn#0RUWhwZYx9a*=R!cV!`PVR*|H5|t?5YHH%qg4PHDV(xbpOJ zq&Ew$+h^M)xpH`Qt|a%vi|%%}lH6(aT`Y3Xek<4PX=H!hqsXicHolcx#5AWWY2H6K zyCP$Fii>xrIn;M2gg?ug@gzTKPNKeu+-ag6I%%M<>9UV`x-eYZAJS^IJO3PCCwS>Nva5aqkYV zszR@H94UicO`%%rQB$aercj&fickV;4d3fws9a{y60)o2rFNtGng>w!Ywgy`arSWT z;6|L?0%y04v)jTMQ0$1aop2uYn)~MT+VQBqs9u{F2Jing?ZagAK1@ERn8lo8mUD_( zZKjy@D#fga6tiBWn8lo87GsK8tj=GO8|N<#(fr8?OvCfoleMPrZovf~A8EQ9E_r)1 zB&++riJ^tw+4{-$_Dw8L?>z=}**4IR1-(vaiz%Tk7W+J>ugoxF8ot=sFUrOIe#~^= zigDvs7;eYH)i}Oxi|)+|kPiFX^mIy%w~u)XRqmtIdvTux$D)N8W)-C@y)w1!B}L!*B}z`9*py{f;!ce31RnVn&CM=HJwYpx|n~7V7}_-s7;$*rUKlt7I)8uct3kfAOC&- z@8a_M$iur{JAm(-i&(FIdkq0h{|NC_dGhNW80+z4e>!_jx2Bg=o3|bGy19nU^`CRgKd_36)m0;|7iM~Q)ox|tk5=uBI9*?zSM8cF(b^%Nq=nIa zqKF4=#GN=Ii`+L^@{}xMe7Z#!cw@_TTfJEF)B8()n{H?yt~*_~y&k;W!RcM_jqSS% zEgP3}kC|gdDfKY_s8e3qH}Q2-yV8QO+NGD}tL0zIuNUTamyuSc`e=!iARaIO$|WNi z(;3d}ECjFA{oTVZ$DKLloOl@h4t1>f)yZJgLw<+a@(0xJu9@jwU3hU~%Zn4FV~#=x zy+669H7xjie0(-^F#JJY8!(ww;4uaF3td(eTo$^VDMGng@Z1Jzz(o+F6R)B^nn0HA z5$IGR(fDC9b*yHIUxbHpD?EgC)8fK`Y!5+;M+`w9>)&;FD3-|M?)R{Ik5gCYwAFWI z^>+C9ev=9AW*+$OYW2)M8=WixHLJH@-SypCy`hqQld0@h_0-ijAh zUFnIPpy7TyXb|V3hW{3NVkerY+tGwN7fpP>dSbH4XX}X1zC2rFJSEB0`AGbJ(lFE2 zl!U0q$$);jP63P=0lrQNY^53axHv*pW&EMk+-5z^qIP?(qVBsh_@Qs7e$2)rzPm@O z6*tXQ3U*$Q-QA3R*xQTUfSF-kmYcDT<|Gx&!hGR#I&yjZ_qvxW&J#t;j^i}7 z(u$Mc;$!{vl6Fd#>4T;%Z`%hdG}nIlQ>AlZnH*OXx7Rl}KU}O{Qs;l!TLk^fgsm74 zk&q+WG=%Zz4P&pu2;o^n9VZb9;@BpLm! zP6}SvBj37l72PpDth1>}WjfZLuXD~_+4Z&d4scYX+m)!+?-n<=SNp}y;uw+j>BIOS zobPtCI%{~f?$%w>t?T8mZ<=K9rLji=7!Z80VO`j_)7>~Ssx7_DO5jq&1h2 z)+~z7Pt$EZ#dK11E>4Qh7rUXSjTQ5b=(*(l0b!L73aeZS>#DGP|LE%7((=V8gTV4_ z5Ay7kh@IN<_G(@3Z7-M-VV@t9`}BwuadJkA7!OGi?qYJQ2g$9Low_5h_+);b}4q&pj=9?eT^a38be&7 zF@$+Oo26m#bK14Cl~9&^W5>&wLO74P*vDL~F&CF$E=J7fQnO>U)Fo)`8&$D3s^Su( zDqvJUDn2_|vOU>WA5~8y6-PwJiuxp{P zmk5P5^M)P0Jn3#c*0KHK`_6_PyJJE6o2hP8?-`I@ojzNS>n_SY2+|0GuKQM>oy|Op zb3QvV^5TO5=kS&qno}D>2LtLU{5`co<3WF1U$TQ|{hM^3vV}(-$6k-y!gCtHw=;D= zDS#KAelBnP_qv;}MF20{9Kb7n8o&=F{dDjpV$(5zS8OkUmn&)RzZBL`SM!PS7k{`6 z;1#EKJ!d@a+IU)0+k3{dtLD*onuYP~XHNQK z<7ti@hEbjC(QxXcBY-Y^P)E$#CjD!>QED{;BCuDrL_b&aDquhEs1EPEc+#n`GOY{ZV2>nsVFy!0Tzm zl-%ovQ;_w$9(Q#C=CDzV9lC!!m{SqxtmflgCxG|jf;P{`lgo!+P2|t7$}hj(|K}}+ z|7-b#UXG8)d_H$@PheLtR(Il`M25!TFD`93K_Au5^XHH1D z85cS8%ImAcpZFVhm8C7kS6Uj2QaKs3@IW##Csd6gqY-CUB`M)mRwmjQToBAE zxY=IFq>BpG1Aor15>qKTlZ+QOY8P@gqEw*ZtT)jYY9+3U5GvZ>6OX9|uD!G-swkZD zDZ7-Pa5R%wIz=ml%{B-HiZJ6dOBhRu-q&F46Yg%fz2WAD>#J&_P{nJRTq!^k*aoR< zk*o$=&{(h=?uW*~6(>w#!dsbW)bNl>6vq3Qyf*HMz+8wM!LK3*=`%oK;4u}JK)Wo0 zsKtPoxjeD<#+nctvb00A_V5C4jBO5Z}B2W^e0v&u{inEvucf!|XebFMxTsunsQfR({ z&!w|DYo!D$jwK7$2w;9^OtOvC?nc_PKwQ!AZ^7D$q9w>>1y)sB@CR7CkIp{;#BeSJ z*bgEUG-y<8RRLa1mL4oy%}DBp;8b4?$PI_Ui=;ectmFzZYmt2vve8Gei$FQ%!G+RG zpCa@L*Wg)^bBy#u3_*^hz7U#;RpN7DWps%rZ9@dWBBIJ!IO&MgO5Z5_SKcUbqxjAM z!IM%*Fd;LMTj-c5dGwY^QIuk}VPzhMV?&M-ss-u{P6RVLBvlf(8oJ2lFbc>epfEHW zY$Q!Y8Y@{|Rf?byVx{7uYc#(Yn&cMHR2JDqQ-jY?DoLgY4?k6x^GNoK0a}NzN{u=c zC`y(SSkv3WqUXj3Asgl0jj|67v*0UPp#oqdU^SGj2GXdYDuu~akCcB1j)1ig(LnOK z;!v7QC+RSEE-7w|@PoWu0xAg>1+T=Y@PVNsi!ar~U=>$0SFusvUkc5G8zPg?ku}65 zd;!x#ue+?Iu*}wx@)rYiqytKEGQs3!u&ZaVCL!_)Yu5m(8!d0NxY3+sN3(t0fSR!d zoMD4jLK_*$9zfGTGb^J9cD)2tHL!vRG8_yH{0R^rAZ&0B-hjYV5-6=MhQ>tlPU|X* zPZ+SY6*k9eTYP|?<_(&71VG`vjH-kPOI&MaS`{9QhY2$ok&zu{;ZZOl+ErVoxv`$C zcC|%CW)s|%Tv^R+B7moU7!=suGdKvCK-eHS9obtIv({Q+*ftN`dkH8Gk%T<4EQH`5 zg!DS5#J!Y-rRf z<&>yU`vP{z#SkJqNH{zbD0^efjnVri(x?OvRpbCsWL|3JAOlKy0}(Y&&!aQ$VYQ#2 z>KPLySunm%nH;c)=mF{*KKVpy8lZnzmBFxiXSE65b9hX=AW|sM+9GnLApxr~T6PW; z=o{gkfY({kEGS5#h=^9IgWr=Kn}=!nMbfRchgU6h$+qeimoS=%tjH^iJkKMw;vy~u zV<3`2IFl7zR0rKwS*RLuP=y_?d>*U?O!<%;!R^%;o=^~Mofz{0?rK5E=B#q{ggwrH zaz4S)0ZTyNR?84l_!<#L!1v)n^76#-8wa}i8|xNdMYy5d!cb<|HTdqZ|H&iD;fVWPy#u7xV#7RV)R7Q(!$5kllxYATQlvRBDG;XsQ++&#bX?8YJXb2rZ3ICJCljZ;_2 zLU<|+9jygH=?bk8lQ9E>pOiMu8hCZ%C5_LET{s0n3T7}#=$&dner9rs*}{*t&M^DL z`v$??cpw9q`d=`=2bdg&#c>O$2@btA&LnVn;tU!wLZv?8Ox$qB@y8yIFr*GXH9XHK zQq_>@tc7PxTAiy&ftZssg+F;Qz6cj`)bR66DJsFe@KB8iN1}Hr$T)%IK$`3DA6Kw!gWS8q?(rszx8u>i=b4S0xJi2jQdnYdN9_K2)fjFM6G zpfsX)hbLNeZLa*+z|BiUFxp9xjg}Ojdg)7oxe2+zR@nhJ`!#TLLJAGnOCf4jwWUy{ zPOyw7%8amiz|DLO++a#$mLfXF5Gx=Qv_b}`0PTz-J{)k22G=AsS4F90RdCcU!BlW~0|wkEixo=2r-G-#jEQ{k38ed4_=y;e z&L&rpYXv(d2#Z#xSPx$+q_B{auj04ZsEf{s-GxL@9TFE6T*+XDHKyK;J{9{~__^#6 z+i+8BR#HJd*IJzSMO7_>iEJUqU&rs$h#9R45^h3*cCnQ~8jN+KLe-c&(2oyt@^$8z zIa>FH6VGL>ZCywhUL03+F0>zgEb%pQl(l$M;gnhgUpZByH2ejVC~uVz5zV@W@ND$_ zI(TvwX<0#qD7=W;v+NzjCAyLmgngi;{AzQpR8*`Qs-URS#L66F1sR4lHg17~#f(`{)KHZQC~By*1@8=SG=OOU zlkhfZXV?Tkvg$F;9IY~{gvvc!dlrlcL0fKphc7>=4@COOX`7+`WAd~P6ewjSirK>7hqZS@qK9uiA~CpF#{nAv`{L1mWl%TQd?j2y>$=53Rxw584H8c9-vJt z1>8_$*|9{hM)tD)L0DkU3b!j*NQMPQrGU~rA?#x&I86MKr!Il#D-06YJ^Bb4He4kM z)S%Kl1-osXf;;vom@$e(i`BBQs&sU)e>nz8K7{A8gbtJb_@m&$K1Jp%1Fk${;FZI$ z=9Ik!>Vk|aq35Di0?;LtebeOs;O#BNZbWJ#b#&p}hnDyV(L*_9VWhrv5% zb4ZA2g-UrysgrgV(2#-&{LwZ0Ryr_HlFxt6>7{cmNyoRzM@D)(9^kSTs3El_&kb)?&TKH_0_g>W(=-DGIuqKrPdjPiwF;&H6 zDr03U=~Ru%RM#f~m6p(Hg_M>^X^oT?Nol?FvtpDPToVp)iLw+X;leOnDw#6W7c6C? z1;XUt4D^Wy<94a))V4186;js{@ zVTCY6(6Tm_3sU)%1Y`-Y4P*U#&Z^7s3u+Jr?r4Q3pp^Exwyq55E+Vofq(#ht63rm&L@-y_7;UU^!5Q*8Kcrc-81D~!& z2l30bmj`J2BL~Z_d($*-%pHO%q2*`r7LqgBSj|N!tiVYtSyb!bEyI;0OZy-;aA^fx zTEs=4!=vC-!~;B(K$t8L3k9W=M*Lb40c$zW1fU`S5{3#+0ohPJ5Me{5zv$J-Z$xHv zDAiX4TCPMLB`Yi%?R*lMON*%-!z6*Q?g9xc6dA%hr$V^Q;7uk~m6I950{r+gP`V6a zk??oPQ?H>4Pb*eZmRJ(FsTv&{L_uNaqo8_LbwIdKW#KwS7buM);6Yg~5u>vX6(A_6 zeH7&60wx*}1&mVg)+of@%7`rBgcvT&6J@Dt4^x8(2muHF0NMex14~df7veLx!&lyz z7;D=>!+F?n#EHsu4wE(ID&=itDG)rp> zf#NB?3@X|sF%&?0>REqE&#_3K4Rn`{RCGaWr?Bq6#4Kz~veorUc;;Xl{IMGeUYFo? z$*G{z;7{WZZ8#P2QN1XY2BIAz6bYRpp>rg3j$~A|iFSyIBw`}Ts2Y@gwqanp@}LqSz2!6bSSkv>gKCJ`D9o7z$(Xsa>S> zTCp$~9*&H`REWroRlTlD3jIeJPE8ChO^Wcd3P)r|JGjUOQYEOgO!X~g^oQ=LZkno{ zVK=0pGHRenJA8!s)`#g}x3bnbix@<(Dp=ZOMpdugB6Mmlr=(3`f9zo*DorI-4quV8 z>O;YdG7%AmNrYak^kIG%LzRhE;gU$f^5BDt#*_%2g)J*t_st-Zs`I~(;TA{RK8u3O zBejSniilBYsRL}Bce=?b;v@;54>Z6Khhfkr#cyXAf+gprDYW56a|Tn)99%-9jSIo1 zu00X*edEJ`)e^M-vMTt&a2?^_lmMkt73PWg(1)S^2tz@bSzO>YBB<4x6@@8LLc;xp zziy=JL(zYf;Z$!FBNqvtb^?y*hGZlvmNSf8YI4%HhoO7K&yu!$AflDDcMnmWL{ukf z2j#atOwKfdAVZ5gE_tS8g;QAIDH;e<8T>+o6o2qx!s}JuIQUxVI8%ieI20TkT!^Lg zx_qg>i=jdnvI?d(jy!vH+D`X<3|FbPO-ZCo#iAxj#KoDkr;WTO z&YPUl{yN0T(x7Vt6lv?8{-%Z@OtzlV?$sy(Ukl!)5-}^UoijyrFT|*CeHgUt4&4Do z!gLL#RB1KP^)LaUB;B{X)BeP7e<-EKq+>8aR;EJ@v@B1H#1;SV<2WOKnBmBPaM@GJ zNU$onj65*7sZ~)@*fHPa!~z9N|I&U`pkRT51*!(98lYyv~i|wQI^*H(TABOm0k*7V^OAR2WD=SXgYH2F~ z{7GJIWeJj3<1keBy$si>r**!&BdZxNf4l8wgEX&X3(EZadtHS_lcvaV96Xb|7TAZg3BRm>tv_q<32zB!N5H)XLyj@DL=-Vkkj zZZ(x|$(Un-gCg=abv-=;S{`VjYl*HUx|W{((G$$k#>_DC;^46e%ejLRpaZ3Na+uwlOTzA%Mcs2^8naVev<&>Cv^qpZue{ zx3Q+IAmUVgX{>aUm)3~z1*+r0ByECbbiRg5PK%gfDI-Gsb7*`a zjc6+r2dA_hbYm?R>KZJa8I*S5Qs?t1eN&SRp3fr2s+py#Jcpn>3x->jvKBoEKN-sR zs}Tj2P=e28vVf93MA$KBV1Ny6A2;X7@jYrpVM?GMk@9p}NR?G$ATd|?hsju>&y(Z3 z(}=cK4r3{KsXSBimwCfX%J2_WEroS*h~L9qEf#N>7mR5xp&&6mU|e4 z_}pZ0d*KL(MH0}k8KywYXo?3Wn=jHuUuZe;4})qHC2%N86P%*b)HXbsZ# zRA56@tMjPB3%TS9rkOVQvKYOmoefrGDRYE3k}Xi5DePyo>6~ji>vV~BJ4tm5 z?QhEyks_8#zXV`prQ?i4Ox8QxC8%VU$1MXZhN4qg;cqJVo2s2zy}?l5uWN6rwMiJb zvh>3bu(G}|M>{MK-WS8_r;_Y@bpPov8;g)u(gBOKdqWvGKHOKWl6CRZN%sAP2tj+p zbr9C%+>Q#QgM+IE&l$K+X?7Xyu2G^LMyjb$w4v)S=fi^ved99A2|*2uMdi%tfK^o` zAC@p1y8G^CM^|m4+dLKXWy;~Q6Dk-@2N^@4d9A)O$Gvkr$!umyYkwYfFwidQ`pYhK z(J?Nvz$JhipbT6BItbJF%tH>@mYMqd9!#e`KSTX5zh3u!48tl&0si9+01s=1Dt{+fBs^0RC?Sg)#z~l(WQkP6; z3M0^!Nz);3l1E)PyRe^+bI~({XX`BIv{M8&u6U)BDNrue%I)qyI=HW3fxIrpZ z4rfP-v>oC% z;~ZR(6cA6Bs910Y?S)J+@H{k@t+7zKG1g^aaQMMdH|3d^cyzWeW2_rHaguiuFSdp=z910OHhK|H?---r9V+n2BJ4_ta%^4)mnhl|855zRb+Xl59wO&B`^#Q=A&P5Xd0?J!Vh z+dLv3+brD%>N4s-TqtzXRv)O%Iu9Ete{joTa?|V+i`gd*>iKn_!st6q~5)GLZwL@K#sh6b@#p(X9srtfd7WJ zRQQiKzZYs%y$sL8tGA^+z`Z;)F+qO`ncsnmQGX+ZmaS498?b^Y{d4Nq@df&2GBd$?{-3Bd4>F59yg_5J(z z!^3uckk{191HW#aV$c4$XmSQV!h8DkzP~&ETN}O*K?H~EHPu!FWLI~bJsWDOR`ZD7 z$D`v;hKrB&TSvG&U*Dh97tc;9s}H6D6X9jOO+UYUmFvMgYmfN!=ze^}=+V33&M&Iy z_QWk}^e47g(9gy}sPDnf<>NP7~3(AYRA!)UXHntTS2XM|}|OuUZg^wI^~x zqW(m50Bwko-3lq#wkHtruU`rS~nq4kUu%k9V z$^_eL^GMsu&C+WVY!~$(E)?2mYh{8h>s-|AeUb>0x=WyZX@c>wM*4UYYzbp$p!m`R zJ8JWzOt7sskBG-NORr6^UDSWLQ0SzsBNJ>{=kh>}W{2tmz%9qiE$7t;>QjYZo-#r{a)J zhr|1&Tz&iU|CKA4D^G8q-o3srAMOwRAJ*)}@aAOzB@b+HBjHiDi}2IIc7qb+v4dl2 z>E+wocj48`e2eZdlyV0@Sgr2*=;e3x@;dzM&E5OAcs*g%9^5X=UX6t~8-Q^(*uegJ zg8n@wA=X^FZnkZNAuP^Tk%1B$#M! z5akm);q15NRSjYDX}tOe&I`&fcB|2PYhKOQ9Y{}Fvt;e!qzO!#2O&V4YO zeDT5j(UCDzXOEf~$Nq!@Q15m;x+>RZMuuNAxgk~`2E#A&1ri3q5Dp&dSNUx zSM3k3e!Y8pzu@U*Tl^tyk=9+#QDQQ>|1fCee-789_c8)Nn{V%X?KPr{Hd}AcyygQ= zaoP4hxiIoa;MQHlupPl8rfQv0%ic@@ldG36pW>gF$7CU+zd3e`w#cTP+agyJcSrR& zRqR2ORZUCp=Bm^w{*Ufa3eg?7!(ofG@5wf6eZl*9p`@HjhK)YKDLw5}8xJvKX4>sh zO-VIRdey4RxhnNhQm5$ZJf=b}`m`$|Hu|6rlAR8Wq@hqNMpwr*HPt*F8A(H-S5-Cj z0naZ`Tg>AU&Pewa8z|zT=}zPB1u@{u7E@>%T?k^9Q`U1W+%b~6$6Mw~k}7Smoo|7Y ziD45sjbb2W`%$mFWlo0 znA$zHzE6mJKk(=hXK*=-MpeNCpgoV!sqk^GP!7PWvTbu2)*{Ak}<_soK`(R&bhZ+j=M_|CJ&a6?MR;9?@jLjV#pL64 z4R%_8SkQ#W{p*{%U+(TpUIdo_`BE^&4#5;VXDb+rB=t*8u6Vyxz;3vt0Lt?z%YpMn znuF*8Dob%7dEGC+!{u+Ij9Ys0uhA`9KW;8b6F9e=(?ttx;rfc=HvhuRSW}&-K;5~e zm>yANgt1t!Y@nXr{_neAN}s^(>W_jWvX6gmT|-o~3!v_XM#6{Yg@m`bzGd|G{{Q}3 zo=g{*{!oD=I*dleiTf7uf!Xt+B0R*q zH*fCVm;AS1{?DrXPpy$fl~7;44zD`kp|RFijZR)|jjrr4+T!oYOEtV2M-GIdW#Z-9 zV|e|d&k4-`Ms*mAG+{|zzkL0=yg4D#?Z1A8%RBUbh$|E1VO04{8oul+MHa#b7e07U zi9AO>l1J>3r&S?@<~j@d@R2~AD0Ca|et(_chJQ=kDP^ou%u36=*4%KN_!WuQf0Z{+ z?%tI*6%@K!jw&-YdsN;)>~2YCG16J=FyPKC!i?pU$lz{Q4&WV1E)zxw$c`A5b0vx#Ejr)% zkbs?~h#Wid0Opnppo?ZVh+ro`ukY?}e<{D*%^-eR5#eZ!VkmUxRa^w28z%2ggFbP5 zNNZvX_jhrz&bpBwyT^mG9m&HjYW(0uSd&FOHq<`OTvV(!wKp zzuWuM9M#b6M~fD6Ihtg_#r1|fqxa{<+4WgD*}!hgU5c^5D;oMb4cH^(dv|PROM8;A zrzZIV+tcEM6}`IqY3uI#v?QB_IvF1=_}nBl{(F7(l#+zn3x2(}N{0o<@%pTt)_Jr0 zd=%`w+fvP1O z3+}vLJ6q#~{Zy!w)jSI63FpS9JRwbeFjtIMoyM%Etqnrw;( zvvwzf3U`esQ1(vjy2vd{h6?QHkL#6Fe*F+XzBP|GcU={zcF|gav+=$KDthA0=s2&l zg?i6!*=ZV4i-k>DJ1r@C(2^}O)>EaxGJIE?f{Mq{Fg;Jqp1{%~L~2Ns?K2t!@N5{_ z_iakIX4Iml9#fHYOE1-IXJC~)D0NW!pv*zpgYtb;4~qO`{Quc{CQ*U?X^irTKRaat zJU=^wskLPr; z&)$RGdtx|b&$D3*3g-TH7<8Q_&w3QQ5mk$`0ng2fi_qp_FdcsyBE^&|xX3`_=+`x#9Sk8-xO_PngZASi zZw(3lgm*_^%dYJG>)ZlLEMqmO_wMC%*O3qJ)(`ISpwGH@i}a-#!oeLwIJhGSc+eo= zZ-?-_1&20Rp2lu^vrY*W$H}bn<$T)~qo%u-2HRWY^5C}v3Y1JtK*!YG7f%=Jd&ou} z_QOzXCvlyhnyuhwE5atv+Hq%SLVkR$zF^U6Z}QreYB?7XvGc`YiouCrY|&-3S>tV6D>vj`9Odb zaeP~*^p7Xb^A`i4y*y^V_u@GFp{1{LzWJ2R3!rG2X5ZhJn+M>1tuv?BDNyO@} zFSwr%-5T<=d3!Q11fR@vown-=auO@Ip@bO=5{{Vv%$i z#LV?d-Zbg)Vn-`9D|K#Nwr!Zppubs;A?~_XfU&%*6-2jvCqcH9T-$TmKXeyE7j+wp z2ko(Xu*`%0Ae~^(Nxg1)3}SC63WD&yU;GT`yOUH%yGN>H1vqi2nHkW$IIHkz_ir9f zg;=De3<_?1K4qYs!F$CClxeiHknmHt7G|`k5ngDWVWJ+70N>C$b9&2n?f8JLiSlmB zKVftJ37_*%#GHO2HyskS+CHTQ=S9uir$!M&NKF39uEX+Sw2D8BIUleKH@z~pw*+#O zO)`dJ5A)R@1-D90;cQ3?X;*|in-?qB2`bA1J)dN>)>nD;loG-guFs~Cz8MD|iB7Kv zho@aFn;Gro9@@Il3ioGQp%j+hN>65)TOrqD+@gXP@7lKE@jX2mEcj`E@yWY7??zs} zBjV_b#Mw<>>BQ0G*Y<52qf^?qdkmSI!`&&566DFJ?&Q_8V@TI0F4|OMy`f>;c&?6@ z8pqP(tLI0{)dRxE5BNwNH|D%-XSMv)itHt?4D@kF^r;W0k6Svyd(Y`!-_}EQ^qWVAl(ovKunkltw*9&xVk}GCD9F z0MIZO7f=_g-6nT*9K0RaoS<+)>VS2hpvtiw!Il}4R_}H z!c@CkrBaM@m~usq=J1^vpKh|CYi-S9W5I)Ndv)zttj)`4oeKfc4t<-}?Wexoqi=4j zZ%Z+I=T7@}Kjyiw`sT)`n|;%*tyyI(`lh$n%(fKTD9!Yq*}})5soaRT_Yz6%WJs=Z zN88rOj+WZZ+#4$V)SBztH+NNx8f-h&QZ#2lv!xrxG|rK>Zut=pysYbCJE9sfR}0L?gPznun}yj#tL-z++AN8!%|Y8aa;7D2r#t27 zu8SsZ3CvF4v~FOBzUf8Z^mgC$&^KB!2UqES92=mF{nCp5*OLVZDOzY=<(MkD?9&@|l&|X?8w`?na`@=!|jiTezV_$1yfoyj> z+)3EloaQ&{ebc^0n)MtTlRXtiw>aM{;_N8m?5>ETOe41`;@X=@#5odT>*Mi;NGN2S z>oU&nmpKVt#`!H7XD1owH)Wh%$hh~7POeYlbD~18WE=^D zT}h!@=}}Usg``lMtB4Q+YYE@;VJKZ@kP@>oHCn4VS#V8G_Y)%fe7X z@9e5%ds`Nk2jd=tde{!jj|IIBXp1SJEf!lSr&?y{F?D}Te>&cZ$;JGBjC9|ManDp3 zZpUoYIKFP{>`e=h4EyKwbPA2PO1;#OH9D5!N5y)nQ4TL)jq&dZ)VN!6S#h;<@?GrF zYpOAauHzzhy?RsQB62;xc^4)ai|F?n#3J;)hA@r7Ja#RCxP!h`8YuQF5z;Te9-nc} zsrBV8YK+C7-u_tLzU>&k8>0%^T?(*kcQ(MT-SRZ0v9o{pIIWJ_0B-x`cotbhVRVP} zR@@ndZ?#?R51WoHIf?Ux@zu&M($hgF$A-~zPZ^5+b2GNIF0){Z;SN1A;$k%4hzrqt zBTfdRewx8R(*wBem(ySvG4tEA-+re<0ebiBB}Oy5xqQ8EcAwG4Y5IqHXwR_Q^m6X! zB1_QN4W>htTVt+H`0LTEXUrb!jon@_mob+auwykcV825jEx*Wsc7HE)A0*578E}-C ze`Js>Kf{L8%W04-pPBK0y(s|{9pqmeI;}3Qi>mYMqRMZbo%bmi5)E(l5|58qkx&>} zQEi11QRP;-2eRTe6Ds!zCRFEk)()7A?APx|qRWfyha%_MPs`oG_=Ak6<>p}E@e#{u zIU5(_;d9%TO-}}%<5Sa-@2iXXkpKCrA5k{#WSNp|$9&s86XN}BEq#3b{{O}0^^t{l zy*2>fHxsd5{r(ygF#R0jtMcU6J22Mc`~Gycnr=y1*J+uG{LxlAqpR^4l~+dw1RGy6yE~e-AysmySlLA#FiB&NX8tw4tjrZPjgsM zeSCb@buj!QuML>YBJh}k`-v_q3N8~}&Lp8+EqHE&G~gmkqZ6y5KAJ$5?Gfm7MxyX# zGIgxx8NYB3<(7L0?WV;8JF?vcEgsPYeJp?1?x9#BkGn6S^&Tg#&Pl6pO6%?L@%<(f z+|4}jpH=IbeKtB-0%}@sKfCLj)p|oF`zBM_t?a3*ugE&)`vbg@`E@Sw>zk4jJ5Iy> zw$mWac@6(5!r{Ul+gt0@RkkAngI zavcH~BLaLK64(ke@Nsd3vdZ|S(A;J|%_4Vu&Z6$SGkD7&c-+P#zPm@OB{$7k3U*$Q z-Q93~*xPU2fSF-kmYXq;<|Gu;HvwM%f$>6hI?Z_ed)?C&=YgVS$8nfiYQ@QC?uL!E z?Sv}RJ55{OwhvTjrv36OpmSoGJbR$RcE#m^3TXVty+zO;Cv3%dh=d%`rY?+M4vaku zBZOyd*$^B;nFI5xzFa1@^c;m%3c|dqFAZfREOIK;nA@!=Z{j0!6*ie@N>>;UBH2t= zkn8NX2ip+T6WjR0s)Lo!_Eja`9vyyY4Lf6%Ft}Fe_$) zS#f=Ot_eNv)Ea$dzsECE8nxX>#2M14^-db~&LO$7`NHk@y9GXZOOwQkW}Xwmg#*Een6?ggnw z_8xG%SgJhYsA?A3b8CKo5!3GZPW1VXo#Jp@%Cz+$8FD#hOp0%DSdjh zi8wjiM2v@<2=`!0tBaIYOG>MUQCfc_rPWC3Ga2(lPQOoSzoxXmKxx0s)7QsT*QZq1 zCsfxX)%BX{C-mCU54*%Vs~;Xps(le5)*?b&5D~&WpB2xrj5+N;*$NFyzOi>@3 zTI?e&)<}yBNQ)8aIbZA;BlQrB_BEzhYfN!LV+v@@kMgfhmRwJ^1-S=wgzrxszMeY# z!qnmZ`3VO8A*5vcq-1MSvJ0eS=UcM-yl>aMZ!hq^HS-P|y*!$3JY2DT{d{MKjosm% z{$@(_)DL5x>%I|ZXRFQPXwBZTeDJY-v-3#>&8aq^WBc^voSy2F@fbd?hr^%GByzKp zk8bUzJhvkV=TlJpZ0id@x~l8LNp?2(5+vaU?`YaKzu{iDBU=BEdo3(}X8e0S>>QZg zYslKky(Z7^*u8E$j+!ImCwH)YTx-X@mMepTGWiG8)%o<{&5BF+8jW9euZQgceIL-2 z>fgUHPo7x&D+c$P*n_gr7fJJGnP9&9K9S}JEoS$c(&Xolvnfk=L(;q;FlV;X@H1O! zPB=)9hY~5>jxcSVn~&_9oDSx^f=kzdTK1QwQU7~x!rO7h4uPxnL zTe=I{(uwI5-@UVpErg*xSa+~~Y<@c(@Knw${Od6sFc4w2w0d^$(khm~Pgk14#x|oS zwaw+V_v1C?)q*TrH|{B(!)7iy+hn8(et|88aSCW2jua=yTm~U;1Y3GmcTd+2jq#xskd^+2fZz)MXDoMQFQj)%h9oa)R zXswjwAKIbikHd%R$S@ei_Iihw+E9;u$LnIh*(22B`}gmm9;LvKkADaCFrIqdZuxkt z-$RFOC`dbOr zAHEjIpI?<DS9TjROyMj zkvHOo->@r|d5+b)%rdi97n@~C&eoK2=0;!fs*5SwO3O{wOlsq!wAN)ELavgd zkiD`(Ii`x1I@)Ah?sxGF-ZXoF8Y zrW&~R(weBEaLT9bQhvfwOkU{}tq?ZbAQULVjL$5gFC}_kgRxJzyW#eRn;WjLs)<4s zuVr$j08L;Uq^?D>8f-yf!EU%83I|u5Fog+kWujg)9!eC(`FvG&HA8=-H6qVhb7%!FtI5{0fc2#yERq@oO3d?GQ<@?sAptDMmz|VM6W;xADH4SCc~ZZHCbP@ zNHW)sl7A>PU%}_n*_^dff)&S-1#1K_zcVJ;MrwB>?O7nMXxO-5?L-j~%*zU_sk-m};SR2No8mw3`}cLA`7sB#ugIwG~w zHwyokH%irkuIs6&CEWI2H~y)7(yZhR23QQqAsd#RfRwPb||fR2FHP_`P(Mg>tROs;yQ z{3SR7+CoHwna>r6&}2GEhp}@>abtuZ=F3AsCBdTLl^7MKF+^nXrFtl=;%eq9Hp=^l zLi6B;$RuQB4KWE{!1R#oE-NW4vvs8Wg8@2{0i`&Zpz<=<)iY?55P5~RYXH@amN#15 zXijrSvwhrvnz03(VS`pe8yQI-K+-@mE29T?eF&&(patQ3I4Bs{6Cgf7*x($j0fC_; zP+C108WYJot*b0Pp~KQv=p3tU@d0w0H)!G!0EPE5suChJajltYRd_HSD$Ha!Om-NB zN5RC@uG%uqjrF9pt1T)rn_#Zw%4%){0X+3(P+)h@U?5-sp@U#_WN%f>T5E-F+dOdZ zLqKs%Nz5mfg%I3>kY2}>xRaUdQ8vt-9b0i$KeZ<#fho<$2b;R5D>vrmk;G5p5r z9T5aG&V$sj`!JgZ{E8gJSc}Y7@NYu$Xv(r%)iZ zMdV6j2CVvM**Q?4Z-jLMUS~zKpfD3fgtt;1?4In{+)c|LG`qF-u&RYF*;d{B5=JAD z6)j_sZ7OI9HRH26}pF3*-Q(l@!Fncw+Cln^OPK@~g zbG5)_b5^-}!X9TpIiFzYfF&Srt7UL0e2s7;VEgbOd3oaajRW2MjdhD!5oRd2P?Q;Z z4YoVrWBQ6UU-N`xFgZK z6l9!0a-hwDHfOk}Xb9#Jv-r__{g@^tG+h!7y?_-D#Y2G>nG>!vydl-BRM@Sbx>-1- z+7xIxz+>E}ViN?nf^RArtZ#@03XM=Wh2kj`BjJG0KPe6z4zaAlL!g+FbO>Zbcp-K4 z-bbc84g!4_Xj7m~ir9QUd`vXOXwPBQYX(b%vyd2!qrz=e@Iz<@a78EqtWaMHEdjHh zWAbnlz?d+hO?DEvX$2+bOXyM@F5ef%E5P=Kfg8ED&cm&OiwtMda2A_Ap$5Fnm&Plb z;0mWD1vv5&&XuSJbE-JyOw_Q$J6`%r<7G=#GHM5}40fFGaJV5GA+ul$<`~$3m-^Cp z!DolPD-22Jzzff?4&WOESQIHaEe5>gm&PlmNJ23&h(!Y_Oko9=y)qUE!ddHh!KC8i zi}M%^Zy3CV;;D%n8CX&|G>UOck-q^q|7YN)i-MuYD9Gob&@4IKaO9z5Xf~7qH+U_7 z0&dw_*!CHArSUG9#9>D}3~A9Z!>mpNZv4-{O=eg?zCiqY2wZsbMnX41%2lOP3}wI# z^FWF(t^>TODrPTCjOTWNlXQhAnT*al@gxl_EC-j(b5R*=uK_I;;Sw;G z3KZ;soBuO#;}}OMFGowEo+UCRVSA(us}>rcg~fdR;<&|<1vGn(B3lKMJ6SCxFEA;6 zOjXuF-?L#(d~y8XnbZ^nbgK;t9$g59q9Y6{BUc_rJBj~U_(72>rWu$mg#;;LRSXXH z5-qDrSWvS(AsibWzdZj1&VvE*OrW?AT$ogH6)C`E$zF~$6n_S81xn00&76xG{fsfF-yC2&f=SU(d*!1~!qJ!|?JA4~Y2bHu3rZTw9zh*L zDJOVlfS&<=2KtcjHGpYQPWuTqMmS*TA$MVrYbPK^lrga;6{RyHZ2r;kSBSx9!Jd4bAIBB_uKtnt#}S@$TI%4mftYZ8k*2Q57-O64NZj%Gf|2GgOA^^bx} z9EypPVd!!fW05IC2{=)*L1Pg{hXVj7=Rssvk|h_6jm(z74719?mlZ6k0@1-SiMZ2K zg#v?FR1Faml`qLD%oOE08LGCJ>QMm&G5MycB*5zo+<}Iy=Q2h(RoP(@RQL#0JrU@a z=;>1213S!Sj=2oa6+d*(`Kuhj5NM4-5N89$8nl59rp0)tyl*SW9P*O;wt&eY6V5?X z=wmG!a=G#n1%rd_GnMiX<|c_OAdv;5Br$^OzLo}zj{@`AcNV zLA5--C8tT*@?bNC#za8_;KCdN44KM#OKK5N|AM0hjuv1B2u`g7ET?6$kLe%0XG+9i z8QL<+K>Vn=3&Uv68sal8md>3({hM$UM86oeR)8XSgnn&^4_ZW3@!U=l{Kjp z$y8zz3cO-46~%=p%~CZg({eVgR?>1Mtyj{5C9OTu;v*$Neo~AwgE_)6U7{?7$rxZz zL@+Vp_l$%2-uat&M z*nkEwv;_?9uVc>WP^zzRv|NcgN>*4j+QC)LTv`xxbdv;Jx(Cd_;<7EU&M7&K)|69H zRXLf-Glhq}bd(+jvA~xoWU1Fsg@=tUr7W=|a8)%rHi&{;&PPFo@2>;gg(?fzDY{Tx zp~cf^xirzU4izBCp?wr&0hVxJhX7b`Ljn}3V#Wf9tIXN>L;%EegQt`-JtIeAdoX81fs79YAn=Lsds14BJW$zZPMgn={QWL;{)LSk8p zz2~9;G=(GrOn?F(m;5QdbSmHqiN;WrbqSCyK=RQo!;SRWKz3OeALtQmGiY~TViqY_qEOQB7m*92DDY??%r}4u(P6>6CyGdz!D2Ev>F{9yo;)imKGAL0FGDl)gNJg2N z)D7y9`()kF@QNvqlTrYZDe$djBqtI>ul11UEBII64HiPhOx4^v4->_P=%RoR?;!2q z5ch6~zd~0SgH7$gR6!NXXgLmihM^Di4-gk9?H;|62Y_3WhLvr zK||8kyKker#nD#GqG0k!En3v2IWJA2 zO)#1>sAA?|5*lq>2sU-;src944QMSvdm^h6j7&$^Hzh!*RE2S3KJ;#gzd~2wW)>H? zjc{ryg@aOIl#nogVXqshdROFMr90Id#mGd0b)0}Jnxi=q70Ve)F12|A-%--`3z(gf z_R+zkmGJ5$?Pi2mCzblzyUCe`6J&fe%q7p1tS|}-EJcIKR0g{cZt`Eeo3MJ7Hx9NI z5XjtR1r7zr1{Y!}Jy%|~4S0X~u0j^F3Z^xVEPJh`&C$zhWmUd#-c4jUir+|gm14 z@t=?5h^W6xcVvLO>?veKYvf!;9+q zYV8-1=}L=|a}A;f8$6?x%%F6LKEa&QYK4*eFKqq`o39a@l4#S7qZ7EGt+|#7@+06T z$tYm6w5_-j6(m*oL{b{gz2GhyAw-EqM62Ld70028D^KN#M1|JoCvG=7#UVGK|6oCK zRk*3H7MVbQI;EnCOh-S6G)HGbf%F9D6Zw>qV!+IjQI3C^#*i`#xfT_ju+R^80j$r6 zg4fD=SfF%JO)kYlHP+-!71dLMv+n0c`Ol38)0T4oiqe$1FLdB^+*g9zm96u`a)sBQ z8;#-${Cbsm_Ey8ux8A5&toB|Vx9z#rl)5Ejjs@n1$lKIKvl7ip546y<^dtm`AKhO)z#MJN3_ULn z7K^Z)I|ugH{%DJx8I%Dyz#8l6Nurd?tx#D+C9pupMM$r96AEiq8x}J8-GJ2K=Q3G9%3jhY181OsjaJc{bL99IC897T&=;CKOhj8{ zmFQ5+74~5=R_OEO_~s;{t(8MrN?t0@6#Ql0Fq1OuLsd&@83hXHeF1Z|SV22*1Y?>@ z2uKVM7}rd+@>ibaeo5wWn0`44l5 z(dMKG<0wSN@|YH?jQXQZApEd21dOc1>>2 z=~!46=@>_Ab>cx;rm_eMqE&G9v84J2&2cX2(0G58Ov<5=~IiNqi)ZjZaz0p|HaWafhP+kh^o3+ z=~JTUnfDN?Sn*z`;>62S$KEE8{;Fd`s0ex6D+O(rY-{Bgy%YfGqU0Zyw5s^!I1m|1l2-$fRrlG*COD=Ctq1^AM)Y!y~@rK zc0N$+vUF~M|22Mga^m5`hbAREBZ`LKGwnNK!$M!EpYf*G$o(}F3=$#TkT4vr0~ z?xXP0P(7tt6xttEzBEbqOBO`;ZCGapG$ILs#Gl< z)Y=v`=O#W2QR$;bGF9d=h*?xvC+IBma0;|F)rGlv@hJ%E6RUJSh|R(luIT80!7O~R ztRrS1f1)gXeg|s7nkxer(O`s)hUHNL%p?|^L3y~kF~GX)g?%e5R4zF>cs1S|NXQC~ z<=R_oIU0drSr(?F-HL$0jmhsJ`UPfVV#x7k2F71#_VjZ0RcwGS*5N3kh>w zSnlYM5@v^jyfvSyk6cv_)EuQ7(wD`&kJ(iRl*f)a(Q&17osy`=!D0 ([#"../binary_search.rs" 52 20 52 21] [#"../binary_search.rs" 52 20 52 21] (0 : usize))) + [#"../binary_search.rs" 52 15 52 21] _14 <- ([#"../binary_search.rs" 52 15 52 21] ix > (0 : usize)); + switch (_14) | False -> goto BB6 | True -> goto BB5 end @@ -177,8 +179,8 @@ module BinarySearch_Impl0_Index assume { resolve1 ls }; assert { [@expl:type invariant] inv1 _17 }; assume { resolve1 _17 }; - [#"../binary_search.rs" 53 16 53 24] l <- ([#"../binary_search.rs" 53 20 53 24] _17); - [#"../binary_search.rs" 54 16 54 23] ix <- ([#"../binary_search.rs" 54 16 54 23] ix - ([#"../binary_search.rs" 54 22 54 23] [#"../binary_search.rs" 54 22 54 23] (1 : usize))); + [#"../binary_search.rs" 53 16 53 24] l <- ([#"../binary_search.rs" 53 16 53 24] _17); + [#"../binary_search.rs" 54 16 54 23] ix <- ([#"../binary_search.rs" 54 16 54 23] ix - (1 : usize)); goto BB1 } BB6 { @@ -265,7 +267,7 @@ module BinarySearch_Impl0_Len goto BB0 } BB0 { - [#"../binary_search.rs" 67 29 67 30] len <- ([#"../binary_search.rs" 67 29 67 30] [#"../binary_search.rs" 67 29 67 30] (0 : usize)); + [#"../binary_search.rs" 67 29 67 30] len <- ([#"../binary_search.rs" 67 29 67 30] (0 : usize)); [#"../binary_search.rs" 68 20 68 24] l <- ([#"../binary_search.rs" 68 20 68 24] self); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; @@ -288,10 +290,10 @@ module BinarySearch_Impl0_Len [#"../binary_search.rs" 70 26 70 28] ls <- ([#"../binary_search.rs" 70 26 70 28] BinarySearch_List_Type.cons_1 l); assert { [@expl:type invariant] inv0 l }; assume { resolve0 l }; - [#"../binary_search.rs" 71 12 71 20] len <- ([#"../binary_search.rs" 71 12 71 20] len + ([#"../binary_search.rs" 71 19 71 20] [#"../binary_search.rs" 71 19 71 20] (1 : usize))); + [#"../binary_search.rs" 71 12 71 20] len <- ([#"../binary_search.rs" 71 12 71 20] len + (1 : usize)); assert { [@expl:type invariant] inv1 ls }; assume { resolve1 ls }; - [#"../binary_search.rs" 72 12 72 18] l <- ([#"../binary_search.rs" 72 16 72 18] ls); + [#"../binary_search.rs" 72 12 72 18] l <- ([#"../binary_search.rs" 72 12 72 18] ls); goto BB1 } BB5 { @@ -409,39 +411,47 @@ module BinarySearch_BinarySearch var _0 : Core_Result_Result_Type.t_result usize usize; var arr : BinarySearch_List_Type.t_list uint32 = arr; var elem : uint32 = elem; + var _9 : bool; var _10 : usize; var size : usize; var base : usize; + var _21 : bool; var half : usize; var _25 : bool; var mid : usize; var _29 : usize; + var _30 : bool; var _32 : uint32; var cmp : uint32; var _41 : uint32; + var _44 : bool; + var _48 : bool; + var _51 : usize; { goto BB0 } BB0 { - [#"../binary_search.rs" 110 7 110 16] _10 <- ([#"../binary_search.rs" 110 7 110 16] len0 ([#"../binary_search.rs" 110 7 110 10] arr)); + [#"../binary_search.rs" 110 7 110 16] _10 <- ([#"../binary_search.rs" 110 7 110 16] len0 arr); goto BB1 } BB1 { - switch ([#"../binary_search.rs" 110 7 110 21] _10 = ([#"../binary_search.rs" 110 20 110 21] [#"../binary_search.rs" 110 20 110 21] (0 : usize))) + [#"../binary_search.rs" 110 7 110 21] _9 <- ([#"../binary_search.rs" 110 7 110 21] _10 = (0 : usize)); + _10 <- any usize; + switch (_9) | False -> goto BB3 | True -> goto BB2 end } BB2 { - [#"../binary_search.rs" 111 15 111 21] _0 <- ([#"../binary_search.rs" 111 15 111 21] Core_Result_Result_Type.C_Err ([#"../binary_search.rs" 111 19 111 20] [#"../binary_search.rs" 111 19 111 20] (0 : usize))); + [#"../binary_search.rs" 111 15 111 21] _0 <- ([#"../binary_search.rs" 111 15 111 21] Core_Result_Result_Type.C_Err (0 : usize)); goto BB21 } BB3 { - [#"../binary_search.rs" 113 19 113 28] size <- ([#"../binary_search.rs" 113 19 113 28] len0 ([#"../binary_search.rs" 113 19 113 22] arr)); + [#"../binary_search.rs" 113 19 113 28] size <- ([#"../binary_search.rs" 113 19 113 28] len0 arr); goto BB4 } BB4 { - [#"../binary_search.rs" 114 19 114 20] base <- ([#"../binary_search.rs" 114 19 114 20] [#"../binary_search.rs" 114 19 114 20] (0 : usize)); + [#"../binary_search.rs" 114 19 114 20] base <- ([#"../binary_search.rs" 114 19 114 20] (0 : usize)); goto BB5 } BB5 { @@ -451,24 +461,26 @@ module BinarySearch_BinarySearch goto BB6 } BB6 { - switch ([#"../binary_search.rs" 119 10 119 18] ([#"../binary_search.rs" 119 10 119 14] size) > ([#"../binary_search.rs" 119 17 119 18] [#"../binary_search.rs" 119 17 119 18] (1 : usize))) + [#"../binary_search.rs" 119 10 119 18] _21 <- ([#"../binary_search.rs" 119 10 119 18] size > (1 : usize)); + switch (_21) | False -> goto BB13 | True -> goto BB7 end } BB7 { - [#"../binary_search.rs" 120 19 120 27] _25 <- ([#"../binary_search.rs" 120 19 120 27] ([#"../binary_search.rs" 120 26 120 27] [#"../binary_search.rs" 120 26 120 27] (2 : usize)) = ([#"../binary_search.rs" 120 19 120 27] [#"../binary_search.rs" 120 19 120 27] (0 : usize))); + [#"../binary_search.rs" 120 19 120 27] _25 <- ([#"../binary_search.rs" 120 19 120 27] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../binary_search.rs" 120 19 120 27] not _25 }; goto BB8 } BB8 { - [#"../binary_search.rs" 120 19 120 27] half <- ([#"../binary_search.rs" 120 19 120 27] ([#"../binary_search.rs" 120 19 120 23] size) / ([#"../binary_search.rs" 120 26 120 27] [#"../binary_search.rs" 120 26 120 27] (2 : usize))); - [#"../binary_search.rs" 121 18 121 29] mid <- ([#"../binary_search.rs" 121 18 121 29] ([#"../binary_search.rs" 121 18 121 22] base) + ([#"../binary_search.rs" 121 25 121 29] half)); - [#"../binary_search.rs" 123 19 123 33] _32 <- ([#"../binary_search.rs" 123 19 123 33] index0 ([#"../binary_search.rs" 123 19 123 22] arr) ([#"../binary_search.rs" 123 29 123 32] mid)); + [#"../binary_search.rs" 120 19 120 27] half <- ([#"../binary_search.rs" 120 19 120 27] size / (2 : usize)); + [#"../binary_search.rs" 121 18 121 29] mid <- ([#"../binary_search.rs" 121 18 121 29] base + half); + [#"../binary_search.rs" 123 19 123 33] _32 <- ([#"../binary_search.rs" 123 19 123 33] index0 arr mid); goto BB9 } BB9 { - switch ([#"../binary_search.rs" 123 18 123 40] ([#"../binary_search.rs" 123 18 123 33] _32) > ([#"../binary_search.rs" 123 36 123 40] elem)) + [#"../binary_search.rs" 123 18 123 40] _30 <- ([#"../binary_search.rs" 123 18 123 40] _32 > elem); + switch (_30) | False -> goto BB11 | True -> goto BB10 end @@ -483,37 +495,41 @@ module BinarySearch_BinarySearch } BB12 { [#"../binary_search.rs" 123 8 123 62] base <- ([#"../binary_search.rs" 123 8 123 62] _29); - [#"../binary_search.rs" 123 8 123 62] _29 <- any usize; - [#"../binary_search.rs" 124 8 124 20] size <- ([#"../binary_search.rs" 124 8 124 20] size - ([#"../binary_search.rs" 124 16 124 20] half)); + _29 <- any usize; + [#"../binary_search.rs" 124 8 124 20] size <- ([#"../binary_search.rs" 124 8 124 20] size - half); goto BB5 } BB13 { - [#"../binary_search.rs" 127 15 127 30] _41 <- ([#"../binary_search.rs" 127 15 127 30] index0 ([#"../binary_search.rs" 127 15 127 18] arr) ([#"../binary_search.rs" 127 25 127 29] base)); + [#"../binary_search.rs" 127 15 127 30] _41 <- ([#"../binary_search.rs" 127 15 127 30] index0 arr base); goto BB14 } BB14 { [#"../binary_search.rs" 127 14 127 30] cmp <- ([#"../binary_search.rs" 127 14 127 30] _41); - switch ([#"../binary_search.rs" 128 7 128 18] ([#"../binary_search.rs" 128 7 128 10] cmp) = ([#"../binary_search.rs" 128 14 128 18] elem)) + [#"../binary_search.rs" 128 7 128 18] _44 <- ([#"../binary_search.rs" 128 7 128 18] cmp = elem); + switch (_44) | False -> goto BB16 | True -> goto BB15 end } BB15 { - [#"../binary_search.rs" 129 8 129 16] _0 <- ([#"../binary_search.rs" 129 8 129 16] Core_Result_Result_Type.C_Ok ([#"../binary_search.rs" 129 11 129 15] base)); + [#"../binary_search.rs" 129 8 129 16] _0 <- ([#"../binary_search.rs" 129 8 129 16] Core_Result_Result_Type.C_Ok base); goto BB20 } BB16 { - switch ([#"../binary_search.rs" 130 14 130 24] ([#"../binary_search.rs" 130 14 130 17] cmp) < ([#"../binary_search.rs" 130 20 130 24] elem)) + [#"../binary_search.rs" 130 14 130 24] _48 <- ([#"../binary_search.rs" 130 14 130 24] cmp < elem); + switch (_48) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../binary_search.rs" 131 8 131 21] _0 <- ([#"../binary_search.rs" 131 8 131 21] Core_Result_Result_Type.C_Err ([#"../binary_search.rs" 131 12 131 20] ([#"../binary_search.rs" 131 12 131 16] base) + ([#"../binary_search.rs" 131 19 131 20] [#"../binary_search.rs" 131 19 131 20] (1 : usize)))); + [#"../binary_search.rs" 131 12 131 20] _51 <- ([#"../binary_search.rs" 131 12 131 20] base + (1 : usize)); + [#"../binary_search.rs" 131 8 131 21] _0 <- ([#"../binary_search.rs" 131 8 131 21] Core_Result_Result_Type.C_Err _51); + _51 <- any usize; goto BB19 } BB18 { - [#"../binary_search.rs" 133 8 133 17] _0 <- ([#"../binary_search.rs" 133 8 133 17] Core_Result_Result_Type.C_Err ([#"../binary_search.rs" 133 12 133 16] base)); + [#"../binary_search.rs" 133 8 133 17] _0 <- ([#"../binary_search.rs" 133 8 133 17] Core_Result_Result_Type.C_Err base); goto BB19 } BB19 { diff --git a/creusot/tests/should_succeed/binary_search/why3session.xml b/creusot/tests/should_succeed/binary_search/why3session.xml index 61fddab936..426bf24a8c 100644 --- a/creusot/tests/should_succeed/binary_search/why3session.xml +++ b/creusot/tests/should_succeed/binary_search/why3session.xml @@ -12,7 +12,7 @@ - + @@ -30,67 +30,67 @@ - + - + - + - + - + - - + + - - + + - + - - + + - - + + - - + + - - + + - + - - + + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/binary_search/why3shapes.gz b/creusot/tests/should_succeed/binary_search/why3shapes.gz index 43f2d834d4b9c438b0944e220ba07167733763de..c4f7ae7603be9b8183d1eeb77576d810f653cba5 100644 GIT binary patch literal 2444 zcmV;733K)ziwFP!00000|Fu|4ZyPxhzUx=$w!0Gyz$(5M_5gxmp?#S->_S(8uTF$@ zEU)A^nfdiwWOqyKmSj7LHxD(Ntg5eAPqP31%Y6UIJ*NHqIqmkF?ZZFkYW~YVW>5ch zn}=t%V#}HP?RtfQ-Q75Px(@+XVv*-WV7KmOeY1Voe_gpkL$AMY?pLr}+;r^nK=3rI z-E}LloULx=?RGc6PY>(+?Z-{%L3sx4hM38^A*^tD(25tW+<}v2W$rp=v7Fu9^vtB_ zHR1ki`#I5z`AJM=HY3j?%XczxA)J9C_AP9 z+|u3e6CsV|>+T)YFac)au8uFY`k)G$S%D_BYxjjnl=xdA)b7{%-3Br*L9hMx%R}6s zEEYj(1#+ae9MqPB+VYiM6*-ay%UA5={=NG`=H-QfZ+dIwN%z}WH+B?7TV_Kfu*EPa zBG3hjm^JB;>8~?FnaBjoA)darckQBmMcmg;C^%IfPNgt!i#l zX(xN-WUrgd8#60eHmFx>d0am)Odir@^AOXwLw>Mhe!ww5@FYKYpC6cWhcelHI0Pb$ zwv3~!>KwANbu8IFR%{5)@M7$rOogtA^!6FVO8M2{zWykcWTvhq`w92wTH zCM6D7`BPWUOMZq@BS!+9+wBGsGq>5V_uJi5ie-NGxJzW)xOt)$Fe?g_>9Gyn8dxCS z!Q}aU0+1IA)i@N6oNGI(5ZCoew=f0WZ~jUn)I4zp*1LV7yE?k0Bkjj|eZod24y>k~ z-EX&#lw!|rw{Z_oG}=6o#9EzA{gP!C#5~8b%u#t*$JDwn_fG|6ke@LtvUHz5zmYX} zw<+u0NUN2YYL&fzv_skZ8Jlcohk8RBo7(hh3i`%v&ZcICQ?Ed+8k|D^zw83bAKO<> z&AVf9mZy<4wlzS z!_IIcljrG^XeE_|nB?!k->(h|=NB^~y?T>)Q;265xY$F!So>Db!dZ@&)a z>X@$smI{;~-HIG*T^4@tRyv-zdEVsn@7(`6|10gbd9`CdYC<%pp2FF<(tUFG?M2F$ zb~P0;k^6ZQ-^6r?l*}-Rlbg1)!cEz^EhNL?HNSTvi;32p<>p3@GojjhZOw7&#Eu8u zwmTl?=OH$?Cy`0`c|EJKg~fQkTX@5EGfy%27N_iZ!3m4n?Tbsnu^7crZxV!|&tNuJ z?ap6MkX~_TrolI{O)DqXd5y1iG@Q0H>h$}xdv;x?f4Q~cTMMyzwGgWl*{2-}&u()= z_qm%AvH5;^yW8a>>mh0nb95Y~!=0r|)a^JF@>Oee(gZ3XxBaa}7cPCVP|+1=y0P1i zw(TXTB0-HqD6`Wu(%xajK1Z--kJuWzz^nn<*ziB?!d;N{yGox0$5 z@nfwJ*{B!d^blA#!|beK#Eu-x#Tz3F;nmPW7<;#q{oxcArj4`C7NRS5r)z3?nw2hr zbmkV&v5v17I)4qRT~Oj;8Wyq_E~f|NJX01{qDB?3pyqEde^7R`cjv)!E)MIMtlQ=j^yW z_iff+%>THT_*>Jg%0rs<>pdtLtN39iN&9@VC}VZq7&a zVfir9iyD?zmUnf@<9b;s@@=GD_0TUS^AROq z^hSzRnB%W8*L7Bou08p<`P1^>lN!zf8 zwt=#6$;)j6`Dmx(=*N#49yMMSEBLn>mOiU?C%O%f4HBH{~) z2&akomXN}6OyOxz9SgLrK8hab-xySA&jeNNMLYK4v^khci;0F+5Sp$f>%M%K@2hp4 z2Kn;0Cpqm7<ACk&MB_9nMUKYr);qZN8eQ>62dE(wd3=&en=r}}$E(mN*5vv+58%{yQzfU;JVhmcX z>4|OYTFJQt3n+XL2C_W`Zv-|18bLs|;ilpGJ0KiIT9i>56_5+7A#jpUahsxODJFWC z{Uk~h$qVbOaUoJn7%U_7Kj9v zs*cy%d&vJ;2#z_jXKNV7Y){4B4=zZmAVElqb0Me4v zD^7ny3mh2Z4n&TAN?qILm{g)s{M`_d3IY`Z$}qqdyfwy3O(_R1M(fm2Jl_|T?leIu z!zd%DW}pTsLKG}1ugH@Ii&d%rs7A@3*ji$!sq<0UjNDkyjPMkyLR-*At1#EJFS4ik zSs*SA)l)!InLGzlWIXbW5^ zyqY%}-v^YM4@NJjiznduG{LnrAX$)9LcQ~ItsAWxO`zhOF9PG<3baxoI%+=LnwAb5 zDz@~GiY>8|i3~J`HQF}XT#&SeW`uNFxiO2P0JREoX`+u+H`j>yL9{%Tc z_m89@+m-w9z5!3JFCG56cb+zUlizVquH5DA<^KNot#O40A8&Sd4c%@oJ9aS=JPdo+ z-45NZn#*yDXkSC_kUaJ?w9H_YaM{c87S}-#td8?99rG&9Jz}Gf{?%?MO%)3fG-A6gI;G zb<8EJ?wO7+sM@%T>7h29ilRp~RHB~u?kkc={*OW^-LLht@#t7odfV>5-iPDKW)UPB z%4Y`i!C*cZ%wIT9k;8GZeZfQS!`uQg(&M?v5NNU)7DX^PkAS#EMPyrE(C$Sh*bZ>{ zmafw#y&&#eC-MpBli`J_d~as1C)>?a?0Q5=#Vu=YU0El3<3w*;iK%WxIiPBCWQYCp z!o-*jyZaEokMJiG{OJULIDtRw;SV`AFj3vR5p8sKWSAvQ7m&u(fH6HFOpgcC1*s3$ z44(wmRL^RG&*f(2Fx@*u_YTupi5ZZgCmf*0;UH{gdM-gTV~Pt(#;Waen!XiflY?g2 zsAoC~JVruM@5zN9M}554$9sLn$FkuC3c{1^w12UvV3d@edMd!;6iIV$({qQ-rFz!)x?PX{dGDbl zM*b;@0%GU3?hfPj`{8TsH*UI}@@f@!kGni|t=m7=f5yW;?{@4{8AX~?b+E#9{1^}G zJq~W^ZvSmH&&W^iE%G&ZPXJUqItK|Nos;kC6z zzF1r2iR{y&3ulkH>!OvfJXeQ9o`vcszFCY)d_E0flcZNOaOL@CVe96m%ro73TFxO z4?rjT-Ko~)%u|E6F~z4EufCgZw9miiM*5C(KBG!s+*{_rP4}}HsfUe**K+v_a`R36 zw*h~@{kMU9?`=SiXy}&<7dI9`n%&@W;K^z4Zh*{jLp?)$30NY=&u`%w8yjsCJfK2$UK33-F%zM{Xb<7u|5 zs=Q=v7w@NnI-dXs<*zN0jGjOKxIM1OrdEqP+v~dMF|w@;`98C*LY;WZD1>=0S(egSl5e5ory^CyPxcbV)9@{S6+ItHYnX6zBB?h$5rI(?GoR4w!T zH9-b8Px0mTzU~d<*BGiM`d5Y-_?a-*uI6(`FZ#lyk)8mtf`#gOt?U~^`3zT=aLS+m zdclX*kiTPW`rqaEmT{}^?W1sbUO069VSpmbLqNlLhl2dOzzX9hSV1br%F!5W7z|ip zP+_H?ZztC?TCg&F&uDk|?(oMgUWX3;(`wZ!=LDA_M3baUL3-{Zkx>)w4UKUPmRhn( zMsulB(wezMC81cal;K(n(i+di+E{Isl~!18*{TiTTM1GIrMU}|_{6CQi72iOQEE+v zrQA|xDaxmol9dTT8A_Q^JQzs=Gct%sxslN;0b;G0)krKS76sn5j7h}|+N@d~l2D7XT>bz>#^?}R9T`S8AlO?>XD_($$_r_PD~gQe`tK@YTDlBOE*zDZF2s2c zMruP9W7r!qyaly_`~Y1bjMgqO=>ZE8iP#1O(E-6g96m#zN1MXwXO2QS>7t&MG>6Pca1J>*1VpN3j6pJ goto BB4 | True -> goto BB3 end diff --git a/creusot/tests/should_succeed/bug/256.mlcfg b/creusot/tests/should_succeed/bug/256.mlcfg index 31ead196f2..30e3140e33 100644 --- a/creusot/tests/should_succeed/bug/256.mlcfg +++ b/creusot/tests/should_succeed/bug/256.mlcfg @@ -11,7 +11,7 @@ module C256_U8Safe goto BB0 } BB0 { - [#"../256.rs" 4 12 4 17] _2 <- ([#"../256.rs" 4 12 4 17] ([#"../256.rs" 4 12 4 13] u) + ([#"../256.rs" 4 16 4 17] [#"../256.rs" 4 16 4 17] (0 : uint8))); + [#"../256.rs" 4 12 4 17] _2 <- ([#"../256.rs" 4 12 4 17] u + (0 : uint8)); [#"../256.rs" 3 22 5 1] _0 <- ([#"../256.rs" 3 22 5 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/bug/271.mlcfg b/creusot/tests/should_succeed/bug/271.mlcfg index ad30030cf4..1834729226 100644 --- a/creusot/tests/should_succeed/bug/271.mlcfg +++ b/creusot/tests/should_succeed/bug/271.mlcfg @@ -10,7 +10,7 @@ module C271_Ex goto BB0 } BB0 { - [#"../271.rs" 6 12 6 13] a <- ([#"../271.rs" 6 12 6 13] [#"../271.rs" 6 12 6 13] (0 : int32)); + [#"../271.rs" 6 12 6 13] a <- ([#"../271.rs" 6 12 6 13] (0 : int32)); goto BB2 } BB1 { @@ -37,7 +37,7 @@ module C271_Ex2 goto BB0 } BB0 { - [#"../271.rs" 14 12 14 13] a <- ([#"../271.rs" 14 12 14 13] [#"../271.rs" 14 12 14 13] (0 : int32)); + [#"../271.rs" 14 12 14 13] a <- ([#"../271.rs" 14 12 14 13] (0 : int32)); switch (a = 0) | True -> goto BB1 | False -> switch (a = 1) @@ -89,7 +89,7 @@ module C271_Ex3 goto BB0 } BB0 { - [#"../271.rs" 23 12 23 13] a <- ([#"../271.rs" 23 12 23 13] [#"../271.rs" 23 12 23 13] (0 : int32)); + [#"../271.rs" 23 12 23 13] a <- ([#"../271.rs" 23 12 23 13] (0 : int32)); switch (a = 0) | True -> goto BB1 | False -> switch (a = 1) diff --git a/creusot/tests/should_succeed/bug/273.mlcfg b/creusot/tests/should_succeed/bug/273.mlcfg index 7c4be7eafa..3e369b934c 100644 --- a/creusot/tests/should_succeed/bug/273.mlcfg +++ b/creusot/tests/should_succeed/bug/273.mlcfg @@ -21,7 +21,7 @@ module C273_Ex goto BB0 } BB0 { - [#"../273.rs" 5 21 5 31] _1 <- ([#"../273.rs" 5 21 5 31] Core_Option_Option_Type.C_Some ([#"../273.rs" 5 26 5 30] [#"../273.rs" 5 26 5 30] true)); + [#"../273.rs" 5 21 5 31] _1 <- ([#"../273.rs" 5 21 5 31] Core_Option_Option_Type.C_Some true); switch (_1) | Core_Option_Option_Type.C_Some _ -> goto BB1 | _ -> goto BB3 diff --git a/creusot/tests/should_succeed/bug/387.mlcfg b/creusot/tests/should_succeed/bug/387.mlcfg index 97d8c50a50..e909861af9 100644 --- a/creusot/tests/should_succeed/bug/387.mlcfg +++ b/creusot/tests/should_succeed/bug/387.mlcfg @@ -118,7 +118,7 @@ module C387_Impl0_Height } BB2 { [#"../387.rs" 19 22 19 23] n <- ([#"../387.rs" 19 22 19 23] Core_Option_Option_Type.some_0 (C387_Tree_Type.tree_0 self)); - [#"../387.rs" 19 29 19 44] _5 <- ([#"../387.rs" 19 29 19 44] height ([#"../387.rs" 19 29 19 35] C387_Node_Type.node_left n)); + [#"../387.rs" 19 29 19 44] _5 <- ([#"../387.rs" 19 29 19 44] height (C387_Node_Type.node_left n)); goto BB5 } BB3 { @@ -126,11 +126,11 @@ module C387_Impl0_Height absurd } BB4 { - [#"../387.rs" 18 26 18 27] _0 <- ([#"../387.rs" 18 26 18 27] [#"../387.rs" 18 26 18 27] (0 : uint64)); + [#"../387.rs" 18 26 18 27] _0 <- ([#"../387.rs" 18 26 18 27] (0 : uint64)); goto BB8 } BB5 { - [#"../387.rs" 19 49 19 65] _7 <- ([#"../387.rs" 19 49 19 65] height ([#"../387.rs" 19 49 19 56] C387_Node_Type.node_right n)); + [#"../387.rs" 19 49 19 65] _7 <- ([#"../387.rs" 19 49 19 65] height (C387_Node_Type.node_right n)); goto BB6 } BB6 { @@ -140,7 +140,7 @@ module C387_Impl0_Height goto BB7 } BB7 { - [#"../387.rs" 19 29 19 70] _0 <- ([#"../387.rs" 19 29 19 70] _4 + ([#"../387.rs" 19 69 19 70] [#"../387.rs" 19 69 19 70] (1 : uint64))); + [#"../387.rs" 19 29 19 70] _0 <- ([#"../387.rs" 19 29 19 70] _4 + (1 : uint64)); _4 <- any uint64; goto BB8 } diff --git a/creusot/tests/should_succeed/bug/395.mlcfg b/creusot/tests/should_succeed/bug/395.mlcfg index 256f6a0f9e..997c4c4fe2 100644 --- a/creusot/tests/should_succeed/bug/395.mlcfg +++ b/creusot/tests/should_succeed/bug/395.mlcfg @@ -7,29 +7,42 @@ module C395_SignedDivision var _0 : (); var x : int32; var y : int32; + var _4 : bool; + var _5 : int32; var _6 : int32; var _7 : int32; var _8 : bool; + var _9 : bool; + var _10 : bool; var _11 : bool; { goto BB0 } BB0 { - [#"../395.rs" 4 12 4 14] x <- ([#"../395.rs" 4 12 4 14] [#"../395.rs" 4 12 4 14] (10 : int32)); - [#"../395.rs" 5 12 5 13] y <- ([#"../395.rs" 5 12 5 13] [#"../395.rs" 5 12 5 13] (1 : int32)); + [#"../395.rs" 4 12 4 14] x <- ([#"../395.rs" 4 12 4 14] (10 : int32)); + [#"../395.rs" 5 12 5 13] y <- ([#"../395.rs" 5 12 5 13] (1 : int32)); [#"../395.rs" 7 12 7 13] _6 <- ([#"../395.rs" 7 12 7 13] x); [#"../395.rs" 7 16 7 17] _7 <- ([#"../395.rs" 7 16 7 17] y); - [#"../395.rs" 7 12 7 17] _8 <- ([#"../395.rs" 7 12 7 17] _7 = ([#"../395.rs" 7 12 7 17] [#"../395.rs" 7 12 7 17] (0 : int32))); + [#"../395.rs" 7 12 7 17] _8 <- ([#"../395.rs" 7 12 7 17] _7 = (0 : int32)); assert { [@expl:division by zero] [#"../395.rs" 7 12 7 17] not _8 }; goto BB1 } BB1 { - [#"../395.rs" 7 12 7 17] _11 <- ([#"../395.rs" 7 12 7 17] ([#"../395.rs" 7 12 7 17] _7 = ([#"../395.rs" 7 12 7 17] [#"../395.rs" 7 12 7 17] (-1 : int32))) && ([#"../395.rs" 7 12 7 17] _6 = ([#"../395.rs" 7 12 7 17] [#"../395.rs" 7 12 7 17] (-2147483648 : int32)))); + [#"../395.rs" 7 12 7 17] _9 <- ([#"../395.rs" 7 12 7 17] _7 = (-1 : int32)); + [#"../395.rs" 7 12 7 17] _10 <- ([#"../395.rs" 7 12 7 17] _6 = (-2147483648 : int32)); + [#"../395.rs" 7 12 7 17] _11 <- ([#"../395.rs" 7 12 7 17] _9 && _10); + _9 <- any bool; + _10 <- any bool; assert { [@expl:Div overflow] [#"../395.rs" 7 12 7 17] not _11 }; goto BB2 } BB2 { - switch ([#"../395.rs" 7 12 7 23] ([#"../395.rs" 7 12 7 17] _6 / _7) = ([#"../395.rs" 7 21 7 23] [#"../395.rs" 7 21 7 23] (10 : int32))) + [#"../395.rs" 7 12 7 17] _5 <- ([#"../395.rs" 7 12 7 17] _6 / _7); + _6 <- any int32; + _7 <- any int32; + [#"../395.rs" 7 12 7 23] _4 <- ([#"../395.rs" 7 12 7 23] _5 = (10 : int32)); + _5 <- any int32; + switch (_4) | False -> goto BB4 | True -> goto BB3 end diff --git a/creusot/tests/should_succeed/bug/395/why3session.xml b/creusot/tests/should_succeed/bug/395/why3session.xml index a3a1bf3a69..3c77f7b5e8 100644 --- a/creusot/tests/should_succeed/bug/395/why3session.xml +++ b/creusot/tests/should_succeed/bug/395/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/bug/395/why3shapes.gz b/creusot/tests/should_succeed/bug/395/why3shapes.gz index 145d22c4cecd4360af35e0589c173b2550d81768..f153c50072d304c0c971bf29feef0a9def008495 100644 GIT binary patch literal 273 zcmV+s0q*`EiwFP!00000|9z27Z^IxAhVS_m+_qJ!#D^1LQV&t3Xk2!hxKi2~wvsfiX z^GsIX!x4ec)VfMZndJ;!t$su8mJ;9~SOpn+sVsl7F6naR#_X14lQB>$+N6w(aL0vT zT=-*zXCJ(_$rEOJdWY(%kJu^4<8lhUM{Pf#7*3schcwYJZn`K8;S7XhM3#~}Y>%>X X0K!}ES^<(H@`j6VA~gYKA_4#aPNIUA literal 248 zcmVH&K%gTFR6Q(*~D1X{J8xCXDi(6==R- y=m(hMsq^hI-!G2e1wds@u(cqF*TQ;>Yb%UHsNy-N2y=+P5%>pXSPEq40RRA=Fm?+7 diff --git a/creusot/tests/should_succeed/bug/463.mlcfg b/creusot/tests/should_succeed/bug/463.mlcfg index bcfbe448ed..1d867edcc7 100644 --- a/creusot/tests/should_succeed/bug/463.mlcfg +++ b/creusot/tests/should_succeed/bug/463.mlcfg @@ -26,7 +26,7 @@ module C463_Test_Closure0 goto BB0 } BB0 { - [#"../463.rs" 7 19 7 24] res1 <- ([#"../463.rs" 7 19 7 24] ([#"../463.rs" 7 19 7 20] x) + ([#"../463.rs" 7 23 7 24] [#"../463.rs" 7 23 7 24] (1 : usize))); + [#"../463.rs" 7 19 7 24] res1 <- ([#"../463.rs" 7 19 7 24] x + (1 : usize)); [#"../463.rs" 5 8 5 30] res <- ([#"../463.rs" 5 8 5 30] res1); [#"../463.rs" 6 8 6 37] _0 <- ([#"../463.rs" 6 8 6 37] res); return _0 @@ -51,12 +51,15 @@ module C463_Test var _0 : (); var c : C463_Test_Closure0.c463_test_closure0; var y : usize; + var _4 : usize; { goto BB0 } BB0 { [#"../463.rs" 6 8 6 37] c <- ([#"../463.rs" 6 8 6 37] C463_Test_Closure0.C463_Test_Closure0); - [#"../463.rs" 9 12 9 16] y <- ([#"../463.rs" 9 12 9 16] let (a) = [#"../463.rs" 9 12 9 16] (([#"../463.rs" 9 14 9 15] [#"../463.rs" 9 14 9 15] (2 : usize))) in closure00 ([#"../463.rs" 9 12 9 13] c) a); + [#"../463.rs" 9 12 9 16] _4 <- ([#"../463.rs" 9 12 9 16] ((2 : usize))); + [#"../463.rs" 9 12 9 16] y <- ([#"../463.rs" 9 12 9 16] let (a) = _4 in closure00 c a); + _4 <- any usize; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/bug/463/why3session.xml b/creusot/tests/should_succeed/bug/463/why3session.xml index 1af2d5d592..949c7766d3 100644 --- a/creusot/tests/should_succeed/bug/463/why3session.xml +++ b/creusot/tests/should_succeed/bug/463/why3session.xml @@ -12,7 +12,7 @@ - + diff --git a/creusot/tests/should_succeed/bug/463/why3shapes.gz b/creusot/tests/should_succeed/bug/463/why3shapes.gz index 544b969f2ae21dea31223d7dd2024996c409957f..d1ca6a8262641d24f2fc5cd0d63df0316d020a07 100644 GIT binary patch literal 235 zcmV>@+NKv^5tOPqRF_-J&avDr2YlOk2qAjrJD&2wgElaJP^n{g$z@$g?4qdv z11?nZ(w-KCZ=xmk6dO@^uMQO!? zG|e2XJ{G2!MZ0wt))(rBwu{r?)7!D3(=G!5YGx~biz9bRWBVIYZmUO3(->e^O*m|5 z3@JWd0jPSTF6D%UwcKX^|BaJtsnc$qgPXi1=h=xdt-LYbqbii6PUxUjP=!a7 - + diff --git a/creusot/tests/should_succeed/bug/874/why3shapes.gz b/creusot/tests/should_succeed/bug/874/why3shapes.gz index 73aae1d83a04690f4a02bff789987aed4c107dd4..f4bf1f6df69cccf583e6a6da93084bda9876aa53 100644 GIT binary patch literal 532 zcmV+v0_*)BiwFP!00000|8-JLbDJ;_z4I%$wRJ99NeIZ4gC}D~{sTJJqX;?i3+9D+{FF6zSus#+O9vf&2uc`&9BIP=u>kQijwl$i2GIWb98I-6W&v&mFG zn^eKT^>?9b+q}7Vjbqhy`}c5eD_dhP(5^k48mG_ti)?-NI>xsJH0H8s)7i!V_P7OC zz?UtGI{~K(zxTQi-u<|9;Mk=oLUuG?A-K)X_HBK&gL|(F{3@E2(-<^ck-)fYiC|b- zZpZm(>T9Hm3anA+PaH<@AHzuF$QUe)7+i1GX;<(9S&B9Bj1N3 zz6L5Ze{?v=gJmN?gTo;N!Ql`hW+V=of^?<`=^cuYh7>`}6hZhJDDUJU#U!MdtR#X^ zC=rAPiA3rpKDJ$KbaSv@&NfvPkreWy$nwgNqXGT;nx{e^3Fnz5HlsWSDgh)AnafP3 WQpiMd$t0qZME?P~;DnzY1polni~h<0 literal 515 zcmV+e0{s0SiwFP!00000|8-K!lAACPyz>>@l6Wr~y@0K7pi-vfAJ8$bSf?6}?_^xUoMn(FHO^#N1*TCVa*23H#rl&6*mrO7-S z^>Lz*;s;64@|zbj3iT<4Z;x-TM_2Wo2h%YtP7I$x*(p{1@VJ*LA-im z0{CiO1i@-u1hGO6#2~VuzliC3#Po)k`XZ(t5mReoYGVh2)^;Gs+aa*O!q=t^3#^as zvv+kF1d1aAg|b8;;Z?^;%rN0DmKtAPgv1cI0WiQ!Vqy~+ZIqEl7(xvT{sWUAu6q9j F003>!{v-eZ diff --git a/creusot/tests/should_succeed/bug/949.mlcfg b/creusot/tests/should_succeed/bug/949.mlcfg index 360f62446d..837e58198d 100644 --- a/creusot/tests/should_succeed/bug/949.mlcfg +++ b/creusot/tests/should_succeed/bug/949.mlcfg @@ -253,26 +253,26 @@ module C949_Main goto BB1 } BB1 { - [#"../949.rs" 6 12 6 23] b <- ([#"../949.rs" 6 21 6 22] [#"../949.rs" 6 21 6 22] (1 : int32)); + [#"../949.rs" 6 12 6 23] b <- ([#"../949.rs" 6 12 6 23] (1 : int32)); goto BB2 } BB2 { [#"../949.rs" 7 12 7 15] _4 <- Borrow.borrow_mut tok; [#"../949.rs" 7 12 7 15] tok <- ^ _4; - [#"../949.rs" 7 12 7 31] p <- ([#"../949.rs" 7 12 7 31] ptr_from_box0 _4 ([#"../949.rs" 7 29 7 30] b)); + [#"../949.rs" 7 12 7 31] p <- ([#"../949.rs" 7 12 7 31] ptr_from_box0 _4 b); _4 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); - [#"../949.rs" 7 29 7 30] b <- any int32; + b <- any int32; goto BB3 } BB3 { [#"../949.rs" 8 16 8 19] _7 <- Borrow.borrow_mut tok; [#"../949.rs" 8 16 8 19] tok <- ^ _7; - [#"../949.rs" 8 16 8 33] r <- ([#"../949.rs" 8 16 8 33] ptr_to_box0 _7 ([#"../949.rs" 8 31 8 32] p)); + [#"../949.rs" 8 16 8 33] r <- ([#"../949.rs" 8 16 8 33] ptr_to_box0 _7 p); _7 <- any borrowed (CreusotContracts_GhostPtr_GhostPtrToken_Type.t_ghostptrtoken int32); goto BB4 } BB4 { - [#"../949.rs" 9 4 9 11] r <- ([#"../949.rs" 9 4 9 11] r + ([#"../949.rs" 9 10 9 11] [#"../949.rs" 9 10 9 11] (5 : int32))); + [#"../949.rs" 9 4 9 11] r <- ([#"../949.rs" 9 4 9 11] r + (5 : int32)); assume { resolve0 r }; [#"../949.rs" 4 14 10 1] _0 <- ([#"../949.rs" 4 14 10 1] ()); goto BB5 diff --git a/creusot/tests/should_succeed/bug/eq_panic.mlcfg b/creusot/tests/should_succeed/bug/eq_panic.mlcfg index a8f4a43c2c..4bba04abf2 100644 --- a/creusot/tests/should_succeed/bug/eq_panic.mlcfg +++ b/creusot/tests/should_succeed/bug/eq_panic.mlcfg @@ -56,7 +56,7 @@ module EqPanic_Omg goto BB0 } BB0 { - [#"../eq_panic.rs" 7 4 7 10] _0 <- ([#"../eq_panic.rs" 7 4 7 10] eq0 ([#"../eq_panic.rs" 7 4 7 5] x) ([#"../eq_panic.rs" 7 9 7 10] y)); + [#"../eq_panic.rs" 7 4 7 10] _0 <- ([#"../eq_panic.rs" 7 4 7 10] eq0 x y); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/bug/final_borrows.mlcfg b/creusot/tests/should_succeed/bug/final_borrows.mlcfg index 9c48ff2c95..fb1ab311ec 100644 --- a/creusot/tests/should_succeed/bug/final_borrows.mlcfg +++ b/creusot/tests/should_succeed/bug/final_borrows.mlcfg @@ -96,7 +96,7 @@ module FinalBorrows_Select goto BB0 } BB0 { - switch ([#"../final_borrows.rs" 11 7 11 8] b) + switch (b) | False -> goto BB2 | True -> goto BB1 end @@ -569,7 +569,7 @@ module FinalBorrows_Set7 goto BB0 } BB0 { - [#"../final_borrows.rs" 49 4 49 10] r <- { r with current = ([#"../final_borrows.rs" 49 4 49 10] [#"../final_borrows.rs" 49 9 49 10] (7 : int32)) ; }; + [#"../final_borrows.rs" 49 4 49 10] r <- { r with current = ([#"../final_borrows.rs" 49 4 49 10] (7 : int32)) ; }; assume { resolve0 r }; [#"../final_borrows.rs" 48 22 50 1] _0 <- ([#"../final_borrows.rs" 48 22 50 1] ()); return _0 @@ -604,7 +604,7 @@ module FinalBorrows_NotFinalBorrowWorks goto BB0 } BB0 { - [#"../final_borrows.rs" 54 16 54 20] x <- ([#"../final_borrows.rs" 54 16 54 20] [#"../final_borrows.rs" 54 16 54 20] (1 : int32)); + [#"../final_borrows.rs" 54 16 54 20] x <- ([#"../final_borrows.rs" 54 16 54 20] (1 : int32)); [#"../final_borrows.rs" 55 12 55 18] r <- Borrow.borrow_mut x; [#"../final_borrows.rs" 55 12 55 18] x <- ^ r; [#"../final_borrows.rs" 56 13 56 20] r1 <- Borrow.borrow_final ( * r) (Borrow.get_id r); @@ -618,9 +618,9 @@ module FinalBorrows_NotFinalBorrowWorks BB1 { assume { resolve0 r1 }; [#"../final_borrows.rs" 58 12 58 14] y <- ([#"../final_borrows.rs" 58 12 58 14] * r); - [#"../final_borrows.rs" 59 4 59 10] r <- { r with current = ([#"../final_borrows.rs" 59 4 59 10] [#"../final_borrows.rs" 59 9 59 10] (2 : int32)) ; }; + [#"../final_borrows.rs" 59 4 59 10] r <- { r with current = ([#"../final_borrows.rs" 59 4 59 10] (2 : int32)) ; }; assume { resolve0 r }; - [#"../final_borrows.rs" 60 11 60 16] _0 <- ([#"../final_borrows.rs" 60 11 60 16] ([#"../final_borrows.rs" 60 11 60 12] x) + ([#"../final_borrows.rs" 60 15 60 16] y)); + [#"../final_borrows.rs" 60 11 60 16] _0 <- ([#"../final_borrows.rs" 60 11 60 16] x + y); return _0 } @@ -653,14 +653,14 @@ module FinalBorrows_Branching goto BB0 } BB0 { - [#"../final_borrows.rs" 65 16 65 17] x <- ([#"../final_borrows.rs" 65 16 65 17] [#"../final_borrows.rs" 65 16 65 17] (3 : int32)); + [#"../final_borrows.rs" 65 16 65 17] x <- ([#"../final_borrows.rs" 65 16 65 17] (3 : int32)); [#"../final_borrows.rs" 67 17 67 23] r1 <- Borrow.borrow_mut x; [#"../final_borrows.rs" 67 17 67 23] x <- ^ r1; [#"../final_borrows.rs" 69 13 69 21] r2 <- Borrow.borrow_mut ( * r1); [#"../final_borrows.rs" 69 13 69 21] r1 <- { r1 with current = ( ^ r2) ; }; assume { resolve0 r2 }; - [#"../final_borrows.rs" 70 4 70 11] y <- ([#"../final_borrows.rs" 70 8 70 11] * r2); - switch ([#"../final_borrows.rs" 71 7 71 8] b) + [#"../final_borrows.rs" 70 4 70 11] y <- ([#"../final_borrows.rs" 70 4 70 11] * r2); + switch (b) | False -> goto BB2 | True -> goto BB1 end @@ -672,10 +672,10 @@ module FinalBorrows_Branching [#"../final_borrows.rs" 73 13 73 19] _10 <- Borrow.borrow_final ( * _11) (Borrow.get_id _11); [#"../final_borrows.rs" 73 13 73 19] _11 <- { _11 with current = ( ^ _10) ; }; [#"../final_borrows.rs" 73 8 73 19] r1 <- ([#"../final_borrows.rs" 73 8 73 19] _10); - [#"../final_borrows.rs" 73 8 73 19] _10 <- any borrowed int32; + _10 <- any borrowed int32; assume { resolve0 _11 }; assume { resolve0 r1 }; - [#"../final_borrows.rs" 74 8 74 15] y <- ([#"../final_borrows.rs" 74 12 74 15] * r1); + [#"../final_borrows.rs" 74 8 74 15] y <- ([#"../final_borrows.rs" 74 8 74 15] * r1); [#"../final_borrows.rs" 71 9 75 5] _8 <- ([#"../final_borrows.rs" 71 9 75 5] ()); goto BB3 } @@ -683,7 +683,7 @@ module FinalBorrows_Branching [#"../final_borrows.rs" 77 17 77 25] r21 <- Borrow.borrow_final ( * r1) (Borrow.get_id r1); [#"../final_borrows.rs" 77 17 77 25] r1 <- { r1 with current = ( ^ r21) ; }; assume { resolve0 r21 }; - [#"../final_borrows.rs" 78 8 78 15] y <- ([#"../final_borrows.rs" 78 12 78 15] * r21); + [#"../final_borrows.rs" 78 8 78 15] y <- ([#"../final_borrows.rs" 78 8 78 15] * r21); assume { resolve0 r1 }; [#"../final_borrows.rs" 75 11 79 5] _8 <- ([#"../final_borrows.rs" 75 11 79 5] ()); goto BB3 @@ -843,7 +843,7 @@ module FinalBorrows_BoxDeref } BB1 { [#"../final_borrows.rs" 95 4 95 6] _0 <- ([#"../final_borrows.rs" 95 4 95 6] x); - [#"../final_borrows.rs" 95 4 95 6] x <- any t; + x <- any t; assert { [@expl:type invariant] inv0 x }; assume { resolve0 x }; goto BB2 @@ -1453,6 +1453,7 @@ module FinalBorrows_ShallowBorrowNoGen var _r : borrowed (Core_Option_Option_Type.t_option int32); var inner : int32; var inner1 : int32; + var _8 : bool; { goto BB0 } @@ -1475,7 +1476,8 @@ module FinalBorrows_ShallowBorrowNoGen BB3 { [#"../final_borrows.rs" 174 13 174 22] inner <- ([#"../final_borrows.rs" 174 13 174 22] Core_Option_Option_Type.some_0 ( * x)); [#"../final_borrows.rs" 174 13 174 22] inner1 <- ([#"../final_borrows.rs" 174 13 174 22] inner); - switch ([#"../final_borrows.rs" 174 27 174 38] ([#"../final_borrows.rs" 174 27 174 33] inner1) = ([#"../final_borrows.rs" 174 37 174 38] [#"../final_borrows.rs" 174 37 174 38] (2 : int32))) + [#"../final_borrows.rs" 174 27 174 38] _8 <- ([#"../final_borrows.rs" 174 27 174 38] inner1 = (2 : int32)); + switch (_8) | False -> goto BB5 | True -> goto BB4 end diff --git a/creusot/tests/should_succeed/bug/final_borrows/why3session.xml b/creusot/tests/should_succeed/bug/final_borrows/why3session.xml index b2d906e4a1..2f919458e1 100644 --- a/creusot/tests/should_succeed/bug/final_borrows/why3session.xml +++ b/creusot/tests/should_succeed/bug/final_borrows/why3session.xml @@ -109,7 +109,7 @@ - + diff --git a/creusot/tests/should_succeed/bug/final_borrows/why3shapes.gz b/creusot/tests/should_succeed/bug/final_borrows/why3shapes.gz index fc47d67e6253661e10dcde1cae9df918d7953df1..b9593b54d1f0c3c0d346e1c44f45b3838a70f30d 100644 GIT binary patch delta 651 zcmV;60(AZH6@nJ9gb07Z_uI#CJ;Fm-m-7gOaQRoKv?##gN8f>q0Q8(t-ml|81}2?* zXnXK|hSB3~Qb(}^zAoSbr|G!7g!(|vDyNr^zMLpq0$=L$nE*b;`HFMaV8a0VUMr!L zCH81L158R`gw$(ZVFeXibxNrQYrr1R2-RX|4R;ElscX^ob}fG^5f(PRkZsorCIl#w zDf*7{)^^Y`)Q!V6u*z1Z(v@2ET-IE31H5l~=M1yfa@Ka%wa{qUu0dCzDv%YBa9#nO z1y;NP#0EQ!uD7yxo$7c~cRfQ@JKMW8*a}SELIal!4Uk~XwE&}~0@{c>Yf!)%p+Yv_ z0@}t2kX-}TG$eo7DIuY*5jrhv)w(s3U2r8N?c7RZ=~GJHl7UpOkz_Y@V-&7YRwz~o z3LHag47RQ5Tg$9gttE?6+UR7xMqQy=(J$!dk_j$5Z5`EpifQb~5>02NrcG^ySuf4V z5kk}sbVCXXrFpM9vV{cal4B!l-`Db;W6! z=%qDeP}Z8xiMGW?3oC@?tm`^PXSEg2iaBN-DJvasxUH!;BzfdGrZnq%g49|-CD^Ja z-}sbv!8lsmIR{-Wxv-`t(7;*{ZnHX! z8$thSvX-XpykZ^pT#34~4Pj_4bR|@GgClG`{=@k)OLy&A--3iHnt%a?G2}?~= lw@^#XYHPhsIfA6)w2kg1w!K(Os3cqc2hylMtZoA&005blFzWyS delta 633 zcmV-<0*3v97V#CZgb07q_joAl@mPhnIDQnj-#nh)$BVJ8!S@*^kGDyk#18nn;CGy+ z+wzj>12wCZUM~7_p}g{csn2Hu@D#@@&RK&E1L%9Lgi@B+q3sMXDTNVIuX%+PRBY8L zr5daOdq5*pi=8#xDS)P~Mc3Q4tVCGY^g^~>E0_?VNT%pJ&Rc)mLCa7#4%fgcTbW8% zYSnXDbIlF#zUiGa%v#G?+gaB_qh-4WU4g1VRzSje1#}iz@dgkZ>@>RG%HDOV<4xW5 z3{~xH@77=|FnJ3NTrxC3f;HCyjFt*$Bkrt00c(T`*?bFV8z(?^4Or8VWT%9Lx<=@< ztX1pQNOr-MkhFhuD~+X3DS1l-0+-hfPrAd7zobFpePQ$LLB`IXroL3x^TxWkZG|IJP9P%5TqG7U;t%auH zWHMSTD=yMv+Zx*tb{ZjM)2T+Zf?V85?!XD7`Zd=Tr)8p-){sG2YdR;|78@lmHYRy-@_n02JAbiCoVrs9v}k>i-stm_F^lbhYHdnwmfZYeBfp>M(8u{j14Znzr+bb=Y$y>drQV zp|#MJP{F2_oF$z=5CWxFM05>7vT=1MBm=e goto BB4 | True -> goto BB2 end } BB2 { - [#"../01.rs" 44 8 44 20] _6 <- ([#"../01.rs" 44 8 44 20] set0 ([#"../01.rs" 44 8 44 9] c) ([#"../01.rs" 44 14 44 19] ([#"../01.rs" 44 14 44 15] v) + ([#"../01.rs" 44 18 44 19] [#"../01.rs" 44 18 44 19] (2 : uint32)))); + [#"../01.rs" 44 14 44 19] _8 <- ([#"../01.rs" 44 14 44 19] v + (2 : uint32)); + [#"../01.rs" 44 8 44 20] _6 <- ([#"../01.rs" 44 8 44 20] set0 c _8); + _8 <- any uint32; goto BB3 } BB3 { @@ -98,7 +103,7 @@ module C01_AddsTwo goto BB6 } BB4 { - [#"../01.rs" 46 8 46 16] _10 <- ([#"../01.rs" 46 8 46 16] set0 ([#"../01.rs" 46 8 46 9] c) ([#"../01.rs" 46 14 46 15] [#"../01.rs" 46 14 46 15] (0 : uint32))); + [#"../01.rs" 46 8 46 16] _10 <- ([#"../01.rs" 46 8 46 16] set0 c (0 : uint32)); goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/cell/01/why3session.xml b/creusot/tests/should_succeed/cell/01/why3session.xml index c1273f0f5c..450c0bb113 100644 --- a/creusot/tests/should_succeed/cell/01/why3session.xml +++ b/creusot/tests/should_succeed/cell/01/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/cell/01/why3shapes.gz b/creusot/tests/should_succeed/cell/01/why3shapes.gz index 5695af0330aaaa161ac06cbe335b32d7e21ac7cc..f9b6d4914e7f1c15721261944fcd2691b0a3f78a 100644 GIT binary patch literal 211 zcmV;^04)C>iwFP!00000|7A|GZiFxl-SZXMuH}{_4hgERLv>O__sT0WB&S2F;7Wl0 zehE;is2=?6XFvNrWjx;L5h9<%5Zk_c;f80=Z2Y3On-vPTmjb0@*OhF<+s3FBWh2PZ zXAGOd9*1b(=@l&+w;)YzH-b7X84aEPwz^R+DXO}kIv@WH>0_7z=IL18?*9@+m*b)o zDbh342n(*JU^fHq*PUZ{<+py|LC@0jzHGd!t0O<~V8_}QxvG~2^di9s&D;bnTxKGtDJ;xhwZ=we zbf(T#Ey~T%jiUYU8d|AGXMU@@s_=hDI<0|#v4)=}G^n#V6PGO1-*C;$mEY@zQ&IT5 peb goto BB8 | True -> goto BB7 end @@ -350,17 +356,18 @@ module C02_FibMemo goto BB19 } BB7 { - [#"../02.rs" 100 16 100 17] fib_i <- ([#"../02.rs" 100 16 100 17] [#"../02.rs" 100 16 100 17] (0 : usize)); + [#"../02.rs" 100 16 100 17] fib_i <- ([#"../02.rs" 100 16 100 17] (0 : usize)); goto BB16 } BB8 { - switch ([#"../02.rs" 101 22 101 28] ([#"../02.rs" 101 22 101 23] i) = ([#"../02.rs" 101 27 101 28] [#"../02.rs" 101 27 101 28] (1 : usize))) + [#"../02.rs" 101 22 101 28] _17 <- ([#"../02.rs" 101 22 101 28] i = (1 : usize)); + switch (_17) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../02.rs" 102 16 102 17] fib_i <- ([#"../02.rs" 102 16 102 17] [#"../02.rs" 102 16 102 17] (1 : usize)); + [#"../02.rs" 102 16 102 17] fib_i <- ([#"../02.rs" 102 16 102 17] (1 : usize)); goto BB15 } BB10 { @@ -372,11 +379,15 @@ module C02_FibMemo goto BB12 } BB12 { - [#"../02.rs" 106 16 106 36] _23 <- ([#"../02.rs" 106 16 106 36] fib_memo ([#"../02.rs" 106 25 106 28] mem) ([#"../02.rs" 106 30 106 35] ([#"../02.rs" 106 30 106 31] i) - ([#"../02.rs" 106 34 106 35] [#"../02.rs" 106 34 106 35] (1 : usize)))); + [#"../02.rs" 106 30 106 35] _25 <- ([#"../02.rs" 106 30 106 35] i - (1 : usize)); + [#"../02.rs" 106 16 106 36] _23 <- ([#"../02.rs" 106 16 106 36] fib_memo mem _25); + _25 <- any usize; goto BB13 } BB13 { - [#"../02.rs" 106 39 106 59] _27 <- ([#"../02.rs" 106 39 106 59] fib_memo ([#"../02.rs" 106 48 106 51] mem) ([#"../02.rs" 106 53 106 58] ([#"../02.rs" 106 53 106 54] i) - ([#"../02.rs" 106 57 106 58] [#"../02.rs" 106 57 106 58] (2 : usize)))); + [#"../02.rs" 106 53 106 58] _29 <- ([#"../02.rs" 106 53 106 58] i - (2 : usize)); + [#"../02.rs" 106 39 106 59] _27 <- ([#"../02.rs" 106 39 106 59] fib_memo mem _29); + _29 <- any usize; goto BB14 } BB14 { @@ -390,11 +401,13 @@ module C02_FibMemo } BB16 { assert { [@expl:assertion] [#"../02.rs" 108 28 108 45] UIntSize.to_int fib_i = fib0 (UIntSize.to_int i) }; - [#"../02.rs" 109 15 109 18] _35 <- ([#"../02.rs" 109 15 109 18] index0 ([#"../02.rs" 109 12 109 15] mem) ([#"../02.rs" 109 16 109 17] i)); + [#"../02.rs" 109 15 109 18] _35 <- ([#"../02.rs" 109 15 109 18] index0 mem i); goto BB17 } BB17 { - [#"../02.rs" 109 12 109 35] _33 <- ([#"../02.rs" 109 12 109 35] set0 ([#"../02.rs" 109 12 109 18] _35) ([#"../02.rs" 109 23 109 34] Core_Option_Option_Type.C_Some ([#"../02.rs" 109 28 109 33] fib_i))); + [#"../02.rs" 109 23 109 34] _38 <- ([#"../02.rs" 109 23 109 34] Core_Option_Option_Type.C_Some fib_i); + [#"../02.rs" 109 12 109 35] _33 <- ([#"../02.rs" 109 12 109 35] set0 _35 _38); + _38 <- any Core_Option_Option_Type.t_option usize; goto BB18 } BB18 { diff --git a/creusot/tests/should_succeed/checked_ops.mlcfg b/creusot/tests/should_succeed/checked_ops.mlcfg index badfe90472..9125f4b762 100644 --- a/creusot/tests/should_succeed/checked_ops.mlcfg +++ b/creusot/tests/should_succeed/checked_ops.mlcfg @@ -103,21 +103,30 @@ module CheckedOps_TestU8AddExample = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _2 : bool; var _3 : uint8; var _4 : Core_Option_Option_Type.t_option uint8; var _7 : bool; var _9 : Core_Option_Option_Type.t_option uint8; + var _12 : bool; var _13 : uint8; + var _16 : bool; var _17 : uint8; + var _20 : bool; var _21 : uint8; + var _24 : bool; var _25 : uint8; var res : (uint8, bool); + var _29 : bool; + var _31 : bool; var res1 : (uint8, bool); + var _36 : bool; + var _38 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 6 12 6 31] _4 <- ([#"../checked_ops.rs" 6 12 6 31] checked_add0 ([#"../checked_ops.rs" 6 12 6 15] [#"../checked_ops.rs" 6 12 6 15] (5 : uint8)) ([#"../checked_ops.rs" 6 28 6 30] [#"../checked_ops.rs" 6 28 6 30] (10 : uint8))); + [#"../checked_ops.rs" 6 12 6 31] _4 <- ([#"../checked_ops.rs" 6 12 6 31] checked_add0 (5 : uint8) (10 : uint8)); goto BB1 } BB1 { @@ -126,13 +135,15 @@ module CheckedOps_TestU8AddExample goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 6 12 6 46] _3 = ([#"../checked_ops.rs" 6 44 6 46] [#"../checked_ops.rs" 6 44 6 46] (15 : uint8))) + [#"../checked_ops.rs" 6 12 6 46] _2 <- ([#"../checked_ops.rs" 6 12 6 46] _3 = (15 : uint8)); + _3 <- any uint8; + switch (_2) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 7 12 7 33] _9 <- ([#"../checked_ops.rs" 7 12 7 33] checked_add0 ([#"../checked_ops.rs" 7 12 7 17] [#"../checked_ops.rs" 7 12 7 17] (250 : uint8)) ([#"../checked_ops.rs" 7 30 7 32] [#"../checked_ops.rs" 7 30 7 32] (10 : uint8))); + [#"../checked_ops.rs" 7 12 7 33] _9 <- ([#"../checked_ops.rs" 7 12 7 33] checked_add0 (250 : uint8) (10 : uint8)); goto BB5 } BB4 { @@ -140,7 +151,7 @@ module CheckedOps_TestU8AddExample absurd } BB5 { - [#"../checked_ops.rs" 7 12 7 43] _7 <- ([#"../checked_ops.rs" 7 12 7 43] is_none0 ([#"../checked_ops.rs" 7 12 7 33] _9)); + [#"../checked_ops.rs" 7 12 7 43] _7 <- ([#"../checked_ops.rs" 7 12 7 43] is_none0 _9); goto BB6 } BB6 { @@ -150,7 +161,7 @@ module CheckedOps_TestU8AddExample end } BB7 { - [#"../checked_ops.rs" 9 12 9 32] _13 <- ([#"../checked_ops.rs" 9 12 9 32] wrapping_add0 ([#"../checked_ops.rs" 9 12 9 15] [#"../checked_ops.rs" 9 12 9 15] (5 : uint8)) ([#"../checked_ops.rs" 9 29 9 31] [#"../checked_ops.rs" 9 29 9 31] (10 : uint8))); + [#"../checked_ops.rs" 9 12 9 32] _13 <- ([#"../checked_ops.rs" 9 12 9 32] wrapping_add0 (5 : uint8) (10 : uint8)); goto BB9 } BB8 { @@ -158,13 +169,15 @@ module CheckedOps_TestU8AddExample absurd } BB9 { - switch ([#"../checked_ops.rs" 9 12 9 38] _13 = ([#"../checked_ops.rs" 9 36 9 38] [#"../checked_ops.rs" 9 36 9 38] (15 : uint8))) + [#"../checked_ops.rs" 9 12 9 38] _12 <- ([#"../checked_ops.rs" 9 12 9 38] _13 = (15 : uint8)); + _13 <- any uint8; + switch (_12) | False -> goto BB11 | True -> goto BB10 end } BB10 { - [#"../checked_ops.rs" 10 12 10 34] _17 <- ([#"../checked_ops.rs" 10 12 10 34] wrapping_add0 ([#"../checked_ops.rs" 10 12 10 17] [#"../checked_ops.rs" 10 12 10 17] (250 : uint8)) ([#"../checked_ops.rs" 10 31 10 33] [#"../checked_ops.rs" 10 31 10 33] (10 : uint8))); + [#"../checked_ops.rs" 10 12 10 34] _17 <- ([#"../checked_ops.rs" 10 12 10 34] wrapping_add0 (250 : uint8) (10 : uint8)); goto BB12 } BB11 { @@ -172,13 +185,15 @@ module CheckedOps_TestU8AddExample absurd } BB12 { - switch ([#"../checked_ops.rs" 10 12 10 39] _17 = ([#"../checked_ops.rs" 10 38 10 39] [#"../checked_ops.rs" 10 38 10 39] (4 : uint8))) + [#"../checked_ops.rs" 10 12 10 39] _16 <- ([#"../checked_ops.rs" 10 12 10 39] _17 = (4 : uint8)); + _17 <- any uint8; + switch (_16) | False -> goto BB14 | True -> goto BB13 end } BB13 { - [#"../checked_ops.rs" 12 12 12 34] _21 <- ([#"../checked_ops.rs" 12 12 12 34] saturating_add0 ([#"../checked_ops.rs" 12 12 12 15] [#"../checked_ops.rs" 12 12 12 15] (5 : uint8)) ([#"../checked_ops.rs" 12 31 12 33] [#"../checked_ops.rs" 12 31 12 33] (10 : uint8))); + [#"../checked_ops.rs" 12 12 12 34] _21 <- ([#"../checked_ops.rs" 12 12 12 34] saturating_add0 (5 : uint8) (10 : uint8)); goto BB15 } BB14 { @@ -186,13 +201,15 @@ module CheckedOps_TestU8AddExample absurd } BB15 { - switch ([#"../checked_ops.rs" 12 12 12 40] _21 = ([#"../checked_ops.rs" 12 38 12 40] [#"../checked_ops.rs" 12 38 12 40] (15 : uint8))) + [#"../checked_ops.rs" 12 12 12 40] _20 <- ([#"../checked_ops.rs" 12 12 12 40] _21 = (15 : uint8)); + _21 <- any uint8; + switch (_20) | False -> goto BB17 | True -> goto BB16 end } BB16 { - [#"../checked_ops.rs" 13 12 13 36] _25 <- ([#"../checked_ops.rs" 13 12 13 36] saturating_add0 ([#"../checked_ops.rs" 13 12 13 17] [#"../checked_ops.rs" 13 12 13 17] (250 : uint8)) ([#"../checked_ops.rs" 13 33 13 35] [#"../checked_ops.rs" 13 33 13 35] (10 : uint8))); + [#"../checked_ops.rs" 13 12 13 36] _25 <- ([#"../checked_ops.rs" 13 12 13 36] saturating_add0 (250 : uint8) (10 : uint8)); goto BB18 } BB17 { @@ -200,13 +217,15 @@ module CheckedOps_TestU8AddExample absurd } BB18 { - switch ([#"../checked_ops.rs" 13 12 13 43] _25 = ([#"../checked_ops.rs" 13 40 13 43] [#"../checked_ops.rs" 13 40 13 43] (255 : uint8))) + [#"../checked_ops.rs" 13 12 13 43] _24 <- ([#"../checked_ops.rs" 13 12 13 43] _25 = (255 : uint8)); + _25 <- any uint8; + switch (_24) | False -> goto BB20 | True -> goto BB19 end } BB19 { - [#"../checked_ops.rs" 15 14 15 37] res <- ([#"../checked_ops.rs" 15 14 15 37] overflowing_add0 ([#"../checked_ops.rs" 15 14 15 17] [#"../checked_ops.rs" 15 14 15 17] (5 : uint8)) ([#"../checked_ops.rs" 15 34 15 36] [#"../checked_ops.rs" 15 34 15 36] (10 : uint8))); + [#"../checked_ops.rs" 15 14 15 37] res <- ([#"../checked_ops.rs" 15 14 15 37] overflowing_add0 (5 : uint8) (10 : uint8)); goto BB21 } BB20 { @@ -214,20 +233,22 @@ module CheckedOps_TestU8AddExample absurd } BB21 { - switch ([#"../checked_ops.rs" 16 12 16 23] ([#"../checked_ops.rs" 16 12 16 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 16 21 16 23] [#"../checked_ops.rs" 16 21 16 23] (15 : uint8))) + [#"../checked_ops.rs" 16 12 16 23] _29 <- ([#"../checked_ops.rs" 16 12 16 23] (let (a, _) = res in a) = (15 : uint8)); + switch (_29) | False -> goto BB25 | True -> goto BB22 end } BB22 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 16 27 16 41] Bool.eqb ([#"../checked_ops.rs" 16 27 16 32] let (_, a) = res in a) ([#"../checked_ops.rs" 16 36 16 41] [#"../checked_ops.rs" 16 36 16 41] false)) + [#"../checked_ops.rs" 16 27 16 41] _31 <- ([#"../checked_ops.rs" 16 27 16 41] Bool.eqb (let (_, a) = res in a) false); + switch (_31) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../checked_ops.rs" 17 14 17 39] res1 <- ([#"../checked_ops.rs" 17 14 17 39] overflowing_add0 ([#"../checked_ops.rs" 17 14 17 19] [#"../checked_ops.rs" 17 14 17 19] (250 : uint8)) ([#"../checked_ops.rs" 17 36 17 38] [#"../checked_ops.rs" 17 36 17 38] (10 : uint8))); + [#"../checked_ops.rs" 17 14 17 39] res1 <- ([#"../checked_ops.rs" 17 14 17 39] overflowing_add0 (250 : uint8) (10 : uint8)); goto BB27 } BB24 { @@ -242,14 +263,16 @@ module CheckedOps_TestU8AddExample absurd } BB27 { - switch ([#"../checked_ops.rs" 18 12 18 22] ([#"../checked_ops.rs" 18 12 18 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 18 21 18 22] [#"../checked_ops.rs" 18 21 18 22] (4 : uint8))) + [#"../checked_ops.rs" 18 12 18 22] _36 <- ([#"../checked_ops.rs" 18 12 18 22] (let (a, _) = res1 in a) = (4 : uint8)); + switch (_36) | False -> goto BB31 | True -> goto BB28 end } BB28 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 18 26 18 39] Bool.eqb ([#"../checked_ops.rs" 18 26 18 31] let (_, a) = res1 in a) ([#"../checked_ops.rs" 18 35 18 39] [#"../checked_ops.rs" 18 35 18 39] true)) + [#"../checked_ops.rs" 18 26 18 39] _38 <- ([#"../checked_ops.rs" 18 26 18 39] Bool.eqb (let (_, a) = res1 in a) true); + switch (_38) | False -> goto BB30 | True -> goto BB29 end @@ -347,18 +370,24 @@ module CheckedOps_TestU8AddOverflow var a : uint8 = a; var _4 : bool; var _6 : Core_Option_Option_Type.t_option uint8; + var _10 : bool; var _11 : uint8; + var _13 : uint8; + var _17 : bool; var _18 : uint8; var res : (uint8, bool); + var _24 : bool; + var _26 : uint8; + var _28 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 24 12 24 32] _6 <- ([#"../checked_ops.rs" 24 12 24 32] checked_add0 ([#"../checked_ops.rs" 24 12 24 17] [#"../checked_ops.rs" 24 12 24 17] (255 : uint8)) ([#"../checked_ops.rs" 24 30 24 31] a)); + [#"../checked_ops.rs" 24 12 24 32] _6 <- ([#"../checked_ops.rs" 24 12 24 32] checked_add0 (255 : uint8) a); goto BB1 } BB1 { - [#"../checked_ops.rs" 24 12 24 42] _4 <- ([#"../checked_ops.rs" 24 12 24 42] is_none0 ([#"../checked_ops.rs" 24 12 24 32] _6)); + [#"../checked_ops.rs" 24 12 24 42] _4 <- ([#"../checked_ops.rs" 24 12 24 42] is_none0 _6); goto BB2 } BB2 { @@ -368,7 +397,7 @@ module CheckedOps_TestU8AddOverflow end } BB3 { - [#"../checked_ops.rs" 25 12 25 33] _11 <- ([#"../checked_ops.rs" 25 12 25 33] wrapping_add0 ([#"../checked_ops.rs" 25 12 25 17] [#"../checked_ops.rs" 25 12 25 17] (255 : uint8)) ([#"../checked_ops.rs" 25 31 25 32] a)); + [#"../checked_ops.rs" 25 12 25 33] _11 <- ([#"../checked_ops.rs" 25 12 25 33] wrapping_add0 (255 : uint8) a); goto BB5 } BB4 { @@ -376,13 +405,17 @@ module CheckedOps_TestU8AddOverflow absurd } BB5 { - switch ([#"../checked_ops.rs" 25 12 25 42] _11 = ([#"../checked_ops.rs" 25 37 25 42] ([#"../checked_ops.rs" 25 37 25 38] a) - ([#"../checked_ops.rs" 25 41 25 42] [#"../checked_ops.rs" 25 41 25 42] (1 : uint8)))) + [#"../checked_ops.rs" 25 37 25 42] _13 <- ([#"../checked_ops.rs" 25 37 25 42] a - (1 : uint8)); + [#"../checked_ops.rs" 25 12 25 42] _10 <- ([#"../checked_ops.rs" 25 12 25 42] _11 = _13); + _11 <- any uint8; + _13 <- any uint8; + switch (_10) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 26 12 26 35] _18 <- ([#"../checked_ops.rs" 26 12 26 35] saturating_add0 ([#"../checked_ops.rs" 26 12 26 17] [#"../checked_ops.rs" 26 12 26 17] (255 : uint8)) ([#"../checked_ops.rs" 26 33 26 34] a)); + [#"../checked_ops.rs" 26 12 26 35] _18 <- ([#"../checked_ops.rs" 26 12 26 35] saturating_add0 (255 : uint8) a); goto BB8 } BB7 { @@ -390,13 +423,15 @@ module CheckedOps_TestU8AddOverflow absurd } BB8 { - switch ([#"../checked_ops.rs" 26 12 26 42] _18 = ([#"../checked_ops.rs" 26 39 26 42] [#"../checked_ops.rs" 26 39 26 42] (255 : uint8))) + [#"../checked_ops.rs" 26 12 26 42] _17 <- ([#"../checked_ops.rs" 26 12 26 42] _18 = (255 : uint8)); + _18 <- any uint8; + switch (_17) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 27 14 27 38] res <- ([#"../checked_ops.rs" 27 14 27 38] overflowing_add0 ([#"../checked_ops.rs" 27 14 27 19] [#"../checked_ops.rs" 27 14 27 19] (255 : uint8)) ([#"../checked_ops.rs" 27 36 27 37] a)); + [#"../checked_ops.rs" 27 14 27 38] res <- ([#"../checked_ops.rs" 27 14 27 38] overflowing_add0 (255 : uint8) a); goto BB11 } BB10 { @@ -404,14 +439,18 @@ module CheckedOps_TestU8AddOverflow absurd } BB11 { - switch ([#"../checked_ops.rs" 28 12 28 26] ([#"../checked_ops.rs" 28 12 28 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 28 21 28 26] ([#"../checked_ops.rs" 28 21 28 22] a) - ([#"../checked_ops.rs" 28 25 28 26] [#"../checked_ops.rs" 28 25 28 26] (1 : uint8)))) + [#"../checked_ops.rs" 28 21 28 26] _26 <- ([#"../checked_ops.rs" 28 21 28 26] a - (1 : uint8)); + [#"../checked_ops.rs" 28 12 28 26] _24 <- ([#"../checked_ops.rs" 28 12 28 26] (let (a, _) = res in a) = _26); + _26 <- any uint8; + switch (_24) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 28 30 28 43] Bool.eqb ([#"../checked_ops.rs" 28 30 28 35] let (_, a) = res in a) ([#"../checked_ops.rs" 28 39 28 43] [#"../checked_ops.rs" 28 39 28 43] true)) + [#"../checked_ops.rs" 28 30 28 43] _28 <- ([#"../checked_ops.rs" 28 30 28 43] Bool.eqb (let (_, a) = res in a) true); + switch (_28) | False -> goto BB14 | True -> goto BB13 end @@ -464,7 +503,7 @@ module CheckedOps_TestU8WrappingAdd goto BB0 } BB0 { - [#"../checked_ops.rs" 35 4 35 21] _0 <- ([#"../checked_ops.rs" 35 4 35 21] wrapping_add0 ([#"../checked_ops.rs" 35 4 35 5] a) ([#"../checked_ops.rs" 35 19 35 20] b)); + [#"../checked_ops.rs" 35 4 35 21] _0 <- ([#"../checked_ops.rs" 35 4 35 21] wrapping_add0 a b); goto BB1 } BB1 { @@ -541,8 +580,10 @@ module CheckedOps_TestU8OverflowingAdd var _0 : (); var a : uint8 = a; var b : uint8 = b; + var _4 : bool; var _6 : (uint8, bool); var _9 : uint8; + var _14 : bool; var _16 : (uint8, bool); var _19 : bool; var _21 : Core_Option_Option_Type.t_option uint8; @@ -550,22 +591,24 @@ module CheckedOps_TestU8OverflowingAdd goto BB0 } BB0 { - [#"../checked_ops.rs" 40 12 40 32] _6 <- ([#"../checked_ops.rs" 40 12 40 32] overflowing_add0 ([#"../checked_ops.rs" 40 12 40 13] a) ([#"../checked_ops.rs" 40 30 40 31] b)); + [#"../checked_ops.rs" 40 12 40 32] _6 <- ([#"../checked_ops.rs" 40 12 40 32] overflowing_add0 a b); goto BB1 } BB1 { assume { resolve0 _6 }; - [#"../checked_ops.rs" 40 38 40 55] _9 <- ([#"../checked_ops.rs" 40 38 40 55] wrapping_add0 ([#"../checked_ops.rs" 40 38 40 39] a) ([#"../checked_ops.rs" 40 53 40 54] b)); + [#"../checked_ops.rs" 40 38 40 55] _9 <- ([#"../checked_ops.rs" 40 38 40 55] wrapping_add0 a b); goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 40 12 40 55] ([#"../checked_ops.rs" 40 12 40 34] let (a, _) = _6 in a) = _9) + [#"../checked_ops.rs" 40 12 40 55] _4 <- ([#"../checked_ops.rs" 40 12 40 55] (let (a, _) = _6 in a) = _9); + _9 <- any uint8; + switch (_4) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 41 12 41 32] _16 <- ([#"../checked_ops.rs" 41 12 41 32] overflowing_add0 ([#"../checked_ops.rs" 41 12 41 13] a) ([#"../checked_ops.rs" 41 30 41 31] b)); + [#"../checked_ops.rs" 41 12 41 32] _16 <- ([#"../checked_ops.rs" 41 12 41 32] overflowing_add0 a b); goto BB5 } BB4 { @@ -574,15 +617,17 @@ module CheckedOps_TestU8OverflowingAdd } BB5 { assume { resolve0 _16 }; - [#"../checked_ops.rs" 41 38 41 54] _21 <- ([#"../checked_ops.rs" 41 38 41 54] checked_add0 ([#"../checked_ops.rs" 41 38 41 39] a) ([#"../checked_ops.rs" 41 52 41 53] b)); + [#"../checked_ops.rs" 41 38 41 54] _21 <- ([#"../checked_ops.rs" 41 38 41 54] checked_add0 a b); goto BB6 } BB6 { - [#"../checked_ops.rs" 41 38 41 64] _19 <- ([#"../checked_ops.rs" 41 38 41 64] is_none0 ([#"../checked_ops.rs" 41 38 41 54] _21)); + [#"../checked_ops.rs" 41 38 41 64] _19 <- ([#"../checked_ops.rs" 41 38 41 64] is_none0 _21); goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 41 12 41 64] Bool.eqb ([#"../checked_ops.rs" 41 12 41 34] let (_, a) = _16 in a) _19) + [#"../checked_ops.rs" 41 12 41 64] _14 <- ([#"../checked_ops.rs" 41 12 41 64] Bool.eqb (let (_, a) = _16 in a) _19); + _19 <- any bool; + switch (_14) | False -> goto BB9 | True -> goto BB8 end @@ -697,23 +742,32 @@ module CheckedOps_TestU8SubExample var _0 : (); var _2 : bool; var _4 : Core_Option_Option_Type.t_option uint8; + var _7 : bool; var _8 : uint8; var _9 : Core_Option_Option_Type.t_option uint8; + var _12 : bool; var _13 : uint8; + var _16 : bool; var _17 : uint8; + var _20 : bool; var _21 : uint8; + var _24 : bool; var _25 : uint8; var res : (uint8, bool); + var _29 : bool; + var _31 : bool; var res1 : (uint8, bool); + var _36 : bool; + var _38 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 46 12 46 31] _4 <- ([#"../checked_ops.rs" 46 12 46 31] checked_sub0 ([#"../checked_ops.rs" 46 12 46 15] [#"../checked_ops.rs" 46 12 46 15] (5 : uint8)) ([#"../checked_ops.rs" 46 28 46 30] [#"../checked_ops.rs" 46 28 46 30] (10 : uint8))); + [#"../checked_ops.rs" 46 12 46 31] _4 <- ([#"../checked_ops.rs" 46 12 46 31] checked_sub0 (5 : uint8) (10 : uint8)); goto BB1 } BB1 { - [#"../checked_ops.rs" 46 12 46 41] _2 <- ([#"../checked_ops.rs" 46 12 46 41] is_none0 ([#"../checked_ops.rs" 46 12 46 31] _4)); + [#"../checked_ops.rs" 46 12 46 41] _2 <- ([#"../checked_ops.rs" 46 12 46 41] is_none0 _4); goto BB2 } BB2 { @@ -723,7 +777,7 @@ module CheckedOps_TestU8SubExample end } BB3 { - [#"../checked_ops.rs" 47 12 47 33] _9 <- ([#"../checked_ops.rs" 47 12 47 33] checked_sub0 ([#"../checked_ops.rs" 47 12 47 17] [#"../checked_ops.rs" 47 12 47 17] (250 : uint8)) ([#"../checked_ops.rs" 47 30 47 32] [#"../checked_ops.rs" 47 30 47 32] (10 : uint8))); + [#"../checked_ops.rs" 47 12 47 33] _9 <- ([#"../checked_ops.rs" 47 12 47 33] checked_sub0 (250 : uint8) (10 : uint8)); goto BB5 } BB4 { @@ -736,13 +790,15 @@ module CheckedOps_TestU8SubExample goto BB6 } BB6 { - switch ([#"../checked_ops.rs" 47 12 47 49] _8 = ([#"../checked_ops.rs" 47 46 47 49] [#"../checked_ops.rs" 47 46 47 49] (240 : uint8))) + [#"../checked_ops.rs" 47 12 47 49] _7 <- ([#"../checked_ops.rs" 47 12 47 49] _8 = (240 : uint8)); + _8 <- any uint8; + switch (_7) | False -> goto BB8 | True -> goto BB7 end } BB7 { - [#"../checked_ops.rs" 49 12 49 32] _13 <- ([#"../checked_ops.rs" 49 12 49 32] wrapping_sub0 ([#"../checked_ops.rs" 49 12 49 15] [#"../checked_ops.rs" 49 12 49 15] (5 : uint8)) ([#"../checked_ops.rs" 49 29 49 31] [#"../checked_ops.rs" 49 29 49 31] (10 : uint8))); + [#"../checked_ops.rs" 49 12 49 32] _13 <- ([#"../checked_ops.rs" 49 12 49 32] wrapping_sub0 (5 : uint8) (10 : uint8)); goto BB9 } BB8 { @@ -750,13 +806,15 @@ module CheckedOps_TestU8SubExample absurd } BB9 { - switch ([#"../checked_ops.rs" 49 12 49 39] _13 = ([#"../checked_ops.rs" 49 36 49 39] [#"../checked_ops.rs" 49 36 49 39] (251 : uint8))) + [#"../checked_ops.rs" 49 12 49 39] _12 <- ([#"../checked_ops.rs" 49 12 49 39] _13 = (251 : uint8)); + _13 <- any uint8; + switch (_12) | False -> goto BB11 | True -> goto BB10 end } BB10 { - [#"../checked_ops.rs" 50 12 50 34] _17 <- ([#"../checked_ops.rs" 50 12 50 34] wrapping_sub0 ([#"../checked_ops.rs" 50 12 50 17] [#"../checked_ops.rs" 50 12 50 17] (250 : uint8)) ([#"../checked_ops.rs" 50 31 50 33] [#"../checked_ops.rs" 50 31 50 33] (10 : uint8))); + [#"../checked_ops.rs" 50 12 50 34] _17 <- ([#"../checked_ops.rs" 50 12 50 34] wrapping_sub0 (250 : uint8) (10 : uint8)); goto BB12 } BB11 { @@ -764,13 +822,15 @@ module CheckedOps_TestU8SubExample absurd } BB12 { - switch ([#"../checked_ops.rs" 50 12 50 41] _17 = ([#"../checked_ops.rs" 50 38 50 41] [#"../checked_ops.rs" 50 38 50 41] (240 : uint8))) + [#"../checked_ops.rs" 50 12 50 41] _16 <- ([#"../checked_ops.rs" 50 12 50 41] _17 = (240 : uint8)); + _17 <- any uint8; + switch (_16) | False -> goto BB14 | True -> goto BB13 end } BB13 { - [#"../checked_ops.rs" 52 12 52 34] _21 <- ([#"../checked_ops.rs" 52 12 52 34] saturating_sub0 ([#"../checked_ops.rs" 52 12 52 15] [#"../checked_ops.rs" 52 12 52 15] (5 : uint8)) ([#"../checked_ops.rs" 52 31 52 33] [#"../checked_ops.rs" 52 31 52 33] (10 : uint8))); + [#"../checked_ops.rs" 52 12 52 34] _21 <- ([#"../checked_ops.rs" 52 12 52 34] saturating_sub0 (5 : uint8) (10 : uint8)); goto BB15 } BB14 { @@ -778,13 +838,15 @@ module CheckedOps_TestU8SubExample absurd } BB15 { - switch ([#"../checked_ops.rs" 52 12 52 39] _21 = ([#"../checked_ops.rs" 52 38 52 39] [#"../checked_ops.rs" 52 38 52 39] (0 : uint8))) + [#"../checked_ops.rs" 52 12 52 39] _20 <- ([#"../checked_ops.rs" 52 12 52 39] _21 = (0 : uint8)); + _21 <- any uint8; + switch (_20) | False -> goto BB17 | True -> goto BB16 end } BB16 { - [#"../checked_ops.rs" 53 12 53 36] _25 <- ([#"../checked_ops.rs" 53 12 53 36] saturating_sub0 ([#"../checked_ops.rs" 53 12 53 17] [#"../checked_ops.rs" 53 12 53 17] (250 : uint8)) ([#"../checked_ops.rs" 53 33 53 35] [#"../checked_ops.rs" 53 33 53 35] (10 : uint8))); + [#"../checked_ops.rs" 53 12 53 36] _25 <- ([#"../checked_ops.rs" 53 12 53 36] saturating_sub0 (250 : uint8) (10 : uint8)); goto BB18 } BB17 { @@ -792,13 +854,15 @@ module CheckedOps_TestU8SubExample absurd } BB18 { - switch ([#"../checked_ops.rs" 53 12 53 43] _25 = ([#"../checked_ops.rs" 53 40 53 43] [#"../checked_ops.rs" 53 40 53 43] (240 : uint8))) + [#"../checked_ops.rs" 53 12 53 43] _24 <- ([#"../checked_ops.rs" 53 12 53 43] _25 = (240 : uint8)); + _25 <- any uint8; + switch (_24) | False -> goto BB20 | True -> goto BB19 end } BB19 { - [#"../checked_ops.rs" 55 14 55 37] res <- ([#"../checked_ops.rs" 55 14 55 37] overflowing_sub0 ([#"../checked_ops.rs" 55 14 55 17] [#"../checked_ops.rs" 55 14 55 17] (5 : uint8)) ([#"../checked_ops.rs" 55 34 55 36] [#"../checked_ops.rs" 55 34 55 36] (10 : uint8))); + [#"../checked_ops.rs" 55 14 55 37] res <- ([#"../checked_ops.rs" 55 14 55 37] overflowing_sub0 (5 : uint8) (10 : uint8)); goto BB21 } BB20 { @@ -806,20 +870,22 @@ module CheckedOps_TestU8SubExample absurd } BB21 { - switch ([#"../checked_ops.rs" 56 12 56 24] ([#"../checked_ops.rs" 56 12 56 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 56 21 56 24] [#"../checked_ops.rs" 56 21 56 24] (251 : uint8))) + [#"../checked_ops.rs" 56 12 56 24] _29 <- ([#"../checked_ops.rs" 56 12 56 24] (let (a, _) = res in a) = (251 : uint8)); + switch (_29) | False -> goto BB25 | True -> goto BB22 end } BB22 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 56 28 56 41] Bool.eqb ([#"../checked_ops.rs" 56 28 56 33] let (_, a) = res in a) ([#"../checked_ops.rs" 56 37 56 41] [#"../checked_ops.rs" 56 37 56 41] true)) + [#"../checked_ops.rs" 56 28 56 41] _31 <- ([#"../checked_ops.rs" 56 28 56 41] Bool.eqb (let (_, a) = res in a) true); + switch (_31) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../checked_ops.rs" 57 14 57 39] res1 <- ([#"../checked_ops.rs" 57 14 57 39] overflowing_sub0 ([#"../checked_ops.rs" 57 14 57 19] [#"../checked_ops.rs" 57 14 57 19] (250 : uint8)) ([#"../checked_ops.rs" 57 36 57 38] [#"../checked_ops.rs" 57 36 57 38] (10 : uint8))); + [#"../checked_ops.rs" 57 14 57 39] res1 <- ([#"../checked_ops.rs" 57 14 57 39] overflowing_sub0 (250 : uint8) (10 : uint8)); goto BB27 } BB24 { @@ -834,14 +900,16 @@ module CheckedOps_TestU8SubExample absurd } BB27 { - switch ([#"../checked_ops.rs" 58 12 58 24] ([#"../checked_ops.rs" 58 12 58 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 58 21 58 24] [#"../checked_ops.rs" 58 21 58 24] (240 : uint8))) + [#"../checked_ops.rs" 58 12 58 24] _36 <- ([#"../checked_ops.rs" 58 12 58 24] (let (a, _) = res1 in a) = (240 : uint8)); + switch (_36) | False -> goto BB31 | True -> goto BB28 end } BB28 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 58 28 58 42] Bool.eqb ([#"../checked_ops.rs" 58 28 58 33] let (_, a) = res1 in a) ([#"../checked_ops.rs" 58 37 58 42] [#"../checked_ops.rs" 58 37 58 42] false)) + [#"../checked_ops.rs" 58 28 58 42] _38 <- ([#"../checked_ops.rs" 58 28 58 42] Bool.eqb (let (_, a) = res1 in a) false); + switch (_38) | False -> goto BB30 | True -> goto BB29 end @@ -939,18 +1007,26 @@ module CheckedOps_TestU8SubOverflow var a : uint8 = a; var _4 : bool; var _6 : Core_Option_Option_Type.t_option uint8; + var _10 : bool; var _11 : uint8; + var _13 : uint8; + var _14 : uint8; + var _18 : bool; var _19 : uint8; var res : (uint8, bool); + var _25 : bool; + var _27 : uint8; + var _28 : uint8; + var _30 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 64 12 64 30] _6 <- ([#"../checked_ops.rs" 64 12 64 30] checked_sub0 ([#"../checked_ops.rs" 64 12 64 15] [#"../checked_ops.rs" 64 12 64 15] (0 : uint8)) ([#"../checked_ops.rs" 64 28 64 29] a)); + [#"../checked_ops.rs" 64 12 64 30] _6 <- ([#"../checked_ops.rs" 64 12 64 30] checked_sub0 (0 : uint8) a); goto BB1 } BB1 { - [#"../checked_ops.rs" 64 12 64 40] _4 <- ([#"../checked_ops.rs" 64 12 64 40] is_none0 ([#"../checked_ops.rs" 64 12 64 30] _6)); + [#"../checked_ops.rs" 64 12 64 40] _4 <- ([#"../checked_ops.rs" 64 12 64 40] is_none0 _6); goto BB2 } BB2 { @@ -960,7 +1036,7 @@ module CheckedOps_TestU8SubOverflow end } BB3 { - [#"../checked_ops.rs" 65 12 65 31] _11 <- ([#"../checked_ops.rs" 65 12 65 31] wrapping_sub0 ([#"../checked_ops.rs" 65 12 65 15] [#"../checked_ops.rs" 65 12 65 15] (0 : uint8)) ([#"../checked_ops.rs" 65 29 65 30] a)); + [#"../checked_ops.rs" 65 12 65 31] _11 <- ([#"../checked_ops.rs" 65 12 65 31] wrapping_sub0 (0 : uint8) a); goto BB5 } BB4 { @@ -968,13 +1044,19 @@ module CheckedOps_TestU8SubOverflow absurd } BB5 { - switch ([#"../checked_ops.rs" 65 12 65 46] _11 = ([#"../checked_ops.rs" 65 35 65 46] ([#"../checked_ops.rs" 65 35 65 42] ([#"../checked_ops.rs" 65 35 65 38] [#"../checked_ops.rs" 65 35 65 38] (255 : uint8)) - ([#"../checked_ops.rs" 65 41 65 42] a)) + ([#"../checked_ops.rs" 65 45 65 46] [#"../checked_ops.rs" 65 45 65 46] (1 : uint8)))) + [#"../checked_ops.rs" 65 35 65 42] _14 <- ([#"../checked_ops.rs" 65 35 65 42] (255 : uint8) - a); + [#"../checked_ops.rs" 65 35 65 46] _13 <- ([#"../checked_ops.rs" 65 35 65 46] _14 + (1 : uint8)); + _14 <- any uint8; + [#"../checked_ops.rs" 65 12 65 46] _10 <- ([#"../checked_ops.rs" 65 12 65 46] _11 = _13); + _11 <- any uint8; + _13 <- any uint8; + switch (_10) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 66 12 66 33] _19 <- ([#"../checked_ops.rs" 66 12 66 33] saturating_sub0 ([#"../checked_ops.rs" 66 12 66 15] [#"../checked_ops.rs" 66 12 66 15] (0 : uint8)) ([#"../checked_ops.rs" 66 31 66 32] a)); + [#"../checked_ops.rs" 66 12 66 33] _19 <- ([#"../checked_ops.rs" 66 12 66 33] saturating_sub0 (0 : uint8) a); goto BB8 } BB7 { @@ -982,13 +1064,15 @@ module CheckedOps_TestU8SubOverflow absurd } BB8 { - switch ([#"../checked_ops.rs" 66 12 66 38] _19 = ([#"../checked_ops.rs" 66 37 66 38] [#"../checked_ops.rs" 66 37 66 38] (0 : uint8))) + [#"../checked_ops.rs" 66 12 66 38] _18 <- ([#"../checked_ops.rs" 66 12 66 38] _19 = (0 : uint8)); + _19 <- any uint8; + switch (_18) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 67 14 67 36] res <- ([#"../checked_ops.rs" 67 14 67 36] overflowing_sub0 ([#"../checked_ops.rs" 67 14 67 17] [#"../checked_ops.rs" 67 14 67 17] (0 : uint8)) ([#"../checked_ops.rs" 67 34 67 35] a)); + [#"../checked_ops.rs" 67 14 67 36] res <- ([#"../checked_ops.rs" 67 14 67 36] overflowing_sub0 (0 : uint8) a); goto BB11 } BB10 { @@ -996,14 +1080,20 @@ module CheckedOps_TestU8SubOverflow absurd } BB11 { - switch ([#"../checked_ops.rs" 68 12 68 32] ([#"../checked_ops.rs" 68 12 68 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 68 21 68 32] ([#"../checked_ops.rs" 68 21 68 28] ([#"../checked_ops.rs" 68 21 68 24] [#"../checked_ops.rs" 68 21 68 24] (255 : uint8)) - ([#"../checked_ops.rs" 68 27 68 28] a)) + ([#"../checked_ops.rs" 68 31 68 32] [#"../checked_ops.rs" 68 31 68 32] (1 : uint8)))) + [#"../checked_ops.rs" 68 21 68 28] _28 <- ([#"../checked_ops.rs" 68 21 68 28] (255 : uint8) - a); + [#"../checked_ops.rs" 68 21 68 32] _27 <- ([#"../checked_ops.rs" 68 21 68 32] _28 + (1 : uint8)); + _28 <- any uint8; + [#"../checked_ops.rs" 68 12 68 32] _25 <- ([#"../checked_ops.rs" 68 12 68 32] (let (a, _) = res in a) = _27); + _27 <- any uint8; + switch (_25) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 68 36 68 49] Bool.eqb ([#"../checked_ops.rs" 68 36 68 41] let (_, a) = res in a) ([#"../checked_ops.rs" 68 45 68 49] [#"../checked_ops.rs" 68 45 68 49] true)) + [#"../checked_ops.rs" 68 36 68 49] _30 <- ([#"../checked_ops.rs" 68 36 68 49] Bool.eqb (let (_, a) = res in a) true); + switch (_30) | False -> goto BB14 | True -> goto BB13 end @@ -1056,7 +1146,7 @@ module CheckedOps_TestU8WrappingSub goto BB0 } BB0 { - [#"../checked_ops.rs" 75 4 75 21] _0 <- ([#"../checked_ops.rs" 75 4 75 21] wrapping_sub0 ([#"../checked_ops.rs" 75 4 75 5] a) ([#"../checked_ops.rs" 75 19 75 20] b)); + [#"../checked_ops.rs" 75 4 75 21] _0 <- ([#"../checked_ops.rs" 75 4 75 21] wrapping_sub0 a b); goto BB1 } BB1 { @@ -1133,8 +1223,10 @@ module CheckedOps_TestU8OverflowingSub var _0 : (); var a : uint8 = a; var b : uint8 = b; + var _4 : bool; var _6 : (uint8, bool); var _9 : uint8; + var _14 : bool; var _16 : (uint8, bool); var _19 : bool; var _21 : Core_Option_Option_Type.t_option uint8; @@ -1142,22 +1234,24 @@ module CheckedOps_TestU8OverflowingSub goto BB0 } BB0 { - [#"../checked_ops.rs" 80 12 80 32] _6 <- ([#"../checked_ops.rs" 80 12 80 32] overflowing_sub0 ([#"../checked_ops.rs" 80 12 80 13] a) ([#"../checked_ops.rs" 80 30 80 31] b)); + [#"../checked_ops.rs" 80 12 80 32] _6 <- ([#"../checked_ops.rs" 80 12 80 32] overflowing_sub0 a b); goto BB1 } BB1 { assume { resolve0 _6 }; - [#"../checked_ops.rs" 80 38 80 55] _9 <- ([#"../checked_ops.rs" 80 38 80 55] wrapping_sub0 ([#"../checked_ops.rs" 80 38 80 39] a) ([#"../checked_ops.rs" 80 53 80 54] b)); + [#"../checked_ops.rs" 80 38 80 55] _9 <- ([#"../checked_ops.rs" 80 38 80 55] wrapping_sub0 a b); goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 80 12 80 55] ([#"../checked_ops.rs" 80 12 80 34] let (a, _) = _6 in a) = _9) + [#"../checked_ops.rs" 80 12 80 55] _4 <- ([#"../checked_ops.rs" 80 12 80 55] (let (a, _) = _6 in a) = _9); + _9 <- any uint8; + switch (_4) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 81 12 81 32] _16 <- ([#"../checked_ops.rs" 81 12 81 32] overflowing_sub0 ([#"../checked_ops.rs" 81 12 81 13] a) ([#"../checked_ops.rs" 81 30 81 31] b)); + [#"../checked_ops.rs" 81 12 81 32] _16 <- ([#"../checked_ops.rs" 81 12 81 32] overflowing_sub0 a b); goto BB5 } BB4 { @@ -1166,15 +1260,17 @@ module CheckedOps_TestU8OverflowingSub } BB5 { assume { resolve0 _16 }; - [#"../checked_ops.rs" 81 38 81 54] _21 <- ([#"../checked_ops.rs" 81 38 81 54] checked_sub0 ([#"../checked_ops.rs" 81 38 81 39] a) ([#"../checked_ops.rs" 81 52 81 53] b)); + [#"../checked_ops.rs" 81 38 81 54] _21 <- ([#"../checked_ops.rs" 81 38 81 54] checked_sub0 a b); goto BB6 } BB6 { - [#"../checked_ops.rs" 81 38 81 64] _19 <- ([#"../checked_ops.rs" 81 38 81 64] is_none0 ([#"../checked_ops.rs" 81 38 81 54] _21)); + [#"../checked_ops.rs" 81 38 81 64] _19 <- ([#"../checked_ops.rs" 81 38 81 64] is_none0 _21); goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 81 12 81 64] Bool.eqb ([#"../checked_ops.rs" 81 12 81 34] let (_, a) = _16 in a) _19) + [#"../checked_ops.rs" 81 12 81 64] _14 <- ([#"../checked_ops.rs" 81 12 81 64] Bool.eqb (let (_, a) = _16 in a) _19); + _19 <- any bool; + switch (_14) | False -> goto BB9 | True -> goto BB8 end @@ -1287,21 +1383,30 @@ module CheckedOps_TestU8MulExample = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _2 : bool; var _3 : uint8; var _4 : Core_Option_Option_Type.t_option uint8; var _7 : bool; var _9 : Core_Option_Option_Type.t_option uint8; + var _12 : bool; var _13 : uint8; + var _16 : bool; var _17 : uint8; + var _20 : bool; var _21 : uint8; + var _24 : bool; var _25 : uint8; var res : (uint8, bool); + var _29 : bool; + var _31 : bool; var res1 : (uint8, bool); + var _36 : bool; + var _38 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 86 12 86 31] _4 <- ([#"../checked_ops.rs" 86 12 86 31] checked_mul0 ([#"../checked_ops.rs" 86 12 86 15] [#"../checked_ops.rs" 86 12 86 15] (5 : uint8)) ([#"../checked_ops.rs" 86 28 86 30] [#"../checked_ops.rs" 86 28 86 30] (10 : uint8))); + [#"../checked_ops.rs" 86 12 86 31] _4 <- ([#"../checked_ops.rs" 86 12 86 31] checked_mul0 (5 : uint8) (10 : uint8)); goto BB1 } BB1 { @@ -1310,13 +1415,15 @@ module CheckedOps_TestU8MulExample goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 86 12 86 46] _3 = ([#"../checked_ops.rs" 86 44 86 46] [#"../checked_ops.rs" 86 44 86 46] (50 : uint8))) + [#"../checked_ops.rs" 86 12 86 46] _2 <- ([#"../checked_ops.rs" 86 12 86 46] _3 = (50 : uint8)); + _3 <- any uint8; + switch (_2) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 87 12 87 32] _9 <- ([#"../checked_ops.rs" 87 12 87 32] checked_mul0 ([#"../checked_ops.rs" 87 12 87 16] [#"../checked_ops.rs" 87 12 87 16] (50 : uint8)) ([#"../checked_ops.rs" 87 29 87 31] [#"../checked_ops.rs" 87 29 87 31] (10 : uint8))); + [#"../checked_ops.rs" 87 12 87 32] _9 <- ([#"../checked_ops.rs" 87 12 87 32] checked_mul0 (50 : uint8) (10 : uint8)); goto BB5 } BB4 { @@ -1324,7 +1431,7 @@ module CheckedOps_TestU8MulExample absurd } BB5 { - [#"../checked_ops.rs" 87 12 87 42] _7 <- ([#"../checked_ops.rs" 87 12 87 42] is_none0 ([#"../checked_ops.rs" 87 12 87 32] _9)); + [#"../checked_ops.rs" 87 12 87 42] _7 <- ([#"../checked_ops.rs" 87 12 87 42] is_none0 _9); goto BB6 } BB6 { @@ -1334,7 +1441,7 @@ module CheckedOps_TestU8MulExample end } BB7 { - [#"../checked_ops.rs" 89 12 89 32] _13 <- ([#"../checked_ops.rs" 89 12 89 32] wrapping_mul0 ([#"../checked_ops.rs" 89 12 89 15] [#"../checked_ops.rs" 89 12 89 15] (5 : uint8)) ([#"../checked_ops.rs" 89 29 89 31] [#"../checked_ops.rs" 89 29 89 31] (10 : uint8))); + [#"../checked_ops.rs" 89 12 89 32] _13 <- ([#"../checked_ops.rs" 89 12 89 32] wrapping_mul0 (5 : uint8) (10 : uint8)); goto BB9 } BB8 { @@ -1342,13 +1449,15 @@ module CheckedOps_TestU8MulExample absurd } BB9 { - switch ([#"../checked_ops.rs" 89 12 89 38] _13 = ([#"../checked_ops.rs" 89 36 89 38] [#"../checked_ops.rs" 89 36 89 38] (50 : uint8))) + [#"../checked_ops.rs" 89 12 89 38] _12 <- ([#"../checked_ops.rs" 89 12 89 38] _13 = (50 : uint8)); + _13 <- any uint8; + switch (_12) | False -> goto BB11 | True -> goto BB10 end } BB10 { - [#"../checked_ops.rs" 90 12 90 33] _17 <- ([#"../checked_ops.rs" 90 12 90 33] wrapping_mul0 ([#"../checked_ops.rs" 90 12 90 16] [#"../checked_ops.rs" 90 12 90 16] (50 : uint8)) ([#"../checked_ops.rs" 90 30 90 32] [#"../checked_ops.rs" 90 30 90 32] (10 : uint8))); + [#"../checked_ops.rs" 90 12 90 33] _17 <- ([#"../checked_ops.rs" 90 12 90 33] wrapping_mul0 (50 : uint8) (10 : uint8)); goto BB12 } BB11 { @@ -1356,13 +1465,15 @@ module CheckedOps_TestU8MulExample absurd } BB12 { - switch ([#"../checked_ops.rs" 90 12 90 40] _17 = ([#"../checked_ops.rs" 90 37 90 40] [#"../checked_ops.rs" 90 37 90 40] (244 : uint8))) + [#"../checked_ops.rs" 90 12 90 40] _16 <- ([#"../checked_ops.rs" 90 12 90 40] _17 = (244 : uint8)); + _17 <- any uint8; + switch (_16) | False -> goto BB14 | True -> goto BB13 end } BB13 { - [#"../checked_ops.rs" 92 12 92 34] _21 <- ([#"../checked_ops.rs" 92 12 92 34] saturating_mul0 ([#"../checked_ops.rs" 92 12 92 15] [#"../checked_ops.rs" 92 12 92 15] (5 : uint8)) ([#"../checked_ops.rs" 92 31 92 33] [#"../checked_ops.rs" 92 31 92 33] (10 : uint8))); + [#"../checked_ops.rs" 92 12 92 34] _21 <- ([#"../checked_ops.rs" 92 12 92 34] saturating_mul0 (5 : uint8) (10 : uint8)); goto BB15 } BB14 { @@ -1370,13 +1481,15 @@ module CheckedOps_TestU8MulExample absurd } BB15 { - switch ([#"../checked_ops.rs" 92 12 92 40] _21 = ([#"../checked_ops.rs" 92 38 92 40] [#"../checked_ops.rs" 92 38 92 40] (50 : uint8))) + [#"../checked_ops.rs" 92 12 92 40] _20 <- ([#"../checked_ops.rs" 92 12 92 40] _21 = (50 : uint8)); + _21 <- any uint8; + switch (_20) | False -> goto BB17 | True -> goto BB16 end } BB16 { - [#"../checked_ops.rs" 93 12 93 35] _25 <- ([#"../checked_ops.rs" 93 12 93 35] saturating_mul0 ([#"../checked_ops.rs" 93 12 93 16] [#"../checked_ops.rs" 93 12 93 16] (50 : uint8)) ([#"../checked_ops.rs" 93 32 93 34] [#"../checked_ops.rs" 93 32 93 34] (10 : uint8))); + [#"../checked_ops.rs" 93 12 93 35] _25 <- ([#"../checked_ops.rs" 93 12 93 35] saturating_mul0 (50 : uint8) (10 : uint8)); goto BB18 } BB17 { @@ -1384,13 +1497,15 @@ module CheckedOps_TestU8MulExample absurd } BB18 { - switch ([#"../checked_ops.rs" 93 12 93 42] _25 = ([#"../checked_ops.rs" 93 39 93 42] [#"../checked_ops.rs" 93 39 93 42] (255 : uint8))) + [#"../checked_ops.rs" 93 12 93 42] _24 <- ([#"../checked_ops.rs" 93 12 93 42] _25 = (255 : uint8)); + _25 <- any uint8; + switch (_24) | False -> goto BB20 | True -> goto BB19 end } BB19 { - [#"../checked_ops.rs" 95 14 95 37] res <- ([#"../checked_ops.rs" 95 14 95 37] overflowing_mul0 ([#"../checked_ops.rs" 95 14 95 17] [#"../checked_ops.rs" 95 14 95 17] (5 : uint8)) ([#"../checked_ops.rs" 95 34 95 36] [#"../checked_ops.rs" 95 34 95 36] (10 : uint8))); + [#"../checked_ops.rs" 95 14 95 37] res <- ([#"../checked_ops.rs" 95 14 95 37] overflowing_mul0 (5 : uint8) (10 : uint8)); goto BB21 } BB20 { @@ -1398,20 +1513,22 @@ module CheckedOps_TestU8MulExample absurd } BB21 { - switch ([#"../checked_ops.rs" 96 12 96 23] ([#"../checked_ops.rs" 96 12 96 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 96 21 96 23] [#"../checked_ops.rs" 96 21 96 23] (50 : uint8))) + [#"../checked_ops.rs" 96 12 96 23] _29 <- ([#"../checked_ops.rs" 96 12 96 23] (let (a, _) = res in a) = (50 : uint8)); + switch (_29) | False -> goto BB25 | True -> goto BB22 end } BB22 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 96 27 96 41] Bool.eqb ([#"../checked_ops.rs" 96 27 96 32] let (_, a) = res in a) ([#"../checked_ops.rs" 96 36 96 41] [#"../checked_ops.rs" 96 36 96 41] false)) + [#"../checked_ops.rs" 96 27 96 41] _31 <- ([#"../checked_ops.rs" 96 27 96 41] Bool.eqb (let (_, a) = res in a) false); + switch (_31) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../checked_ops.rs" 97 14 97 38] res1 <- ([#"../checked_ops.rs" 97 14 97 38] overflowing_mul0 ([#"../checked_ops.rs" 97 14 97 18] [#"../checked_ops.rs" 97 14 97 18] (50 : uint8)) ([#"../checked_ops.rs" 97 35 97 37] [#"../checked_ops.rs" 97 35 97 37] (10 : uint8))); + [#"../checked_ops.rs" 97 14 97 38] res1 <- ([#"../checked_ops.rs" 97 14 97 38] overflowing_mul0 (50 : uint8) (10 : uint8)); goto BB27 } BB24 { @@ -1426,14 +1543,16 @@ module CheckedOps_TestU8MulExample absurd } BB27 { - switch ([#"../checked_ops.rs" 98 12 98 24] ([#"../checked_ops.rs" 98 12 98 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 98 21 98 24] [#"../checked_ops.rs" 98 21 98 24] (244 : uint8))) + [#"../checked_ops.rs" 98 12 98 24] _36 <- ([#"../checked_ops.rs" 98 12 98 24] (let (a, _) = res1 in a) = (244 : uint8)); + switch (_36) | False -> goto BB31 | True -> goto BB28 end } BB28 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 98 28 98 41] Bool.eqb ([#"../checked_ops.rs" 98 28 98 33] let (_, a) = res1 in a) ([#"../checked_ops.rs" 98 37 98 41] [#"../checked_ops.rs" 98 37 98 41] true)) + [#"../checked_ops.rs" 98 28 98 41] _38 <- ([#"../checked_ops.rs" 98 28 98 41] Bool.eqb (let (_, a) = res1 in a) true); + switch (_38) | False -> goto BB30 | True -> goto BB29 end @@ -1539,16 +1658,21 @@ module CheckedOps_TestU8MulZero = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var a : uint8 = a; + var _3 : bool; var _4 : uint8; var _5 : Core_Option_Option_Type.t_option uint8; + var _9 : bool; var _10 : uint8; + var _14 : bool; var _15 : uint8; var res : (uint8, bool); + var _21 : bool; + var _23 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 103 12 103 30] _5 <- ([#"../checked_ops.rs" 103 12 103 30] checked_mul0 ([#"../checked_ops.rs" 103 12 103 15] [#"../checked_ops.rs" 103 12 103 15] (0 : uint8)) ([#"../checked_ops.rs" 103 28 103 29] a)); + [#"../checked_ops.rs" 103 12 103 30] _5 <- ([#"../checked_ops.rs" 103 12 103 30] checked_mul0 (0 : uint8) a); goto BB1 } BB1 { @@ -1557,13 +1681,15 @@ module CheckedOps_TestU8MulZero goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 103 12 103 44] _4 = ([#"../checked_ops.rs" 103 43 103 44] [#"../checked_ops.rs" 103 43 103 44] (0 : uint8))) + [#"../checked_ops.rs" 103 12 103 44] _3 <- ([#"../checked_ops.rs" 103 12 103 44] _4 = (0 : uint8)); + _4 <- any uint8; + switch (_3) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 104 12 104 31] _10 <- ([#"../checked_ops.rs" 104 12 104 31] wrapping_mul0 ([#"../checked_ops.rs" 104 12 104 15] [#"../checked_ops.rs" 104 12 104 15] (0 : uint8)) ([#"../checked_ops.rs" 104 29 104 30] a)); + [#"../checked_ops.rs" 104 12 104 31] _10 <- ([#"../checked_ops.rs" 104 12 104 31] wrapping_mul0 (0 : uint8) a); goto BB5 } BB4 { @@ -1571,13 +1697,15 @@ module CheckedOps_TestU8MulZero absurd } BB5 { - switch ([#"../checked_ops.rs" 104 12 104 36] _10 = ([#"../checked_ops.rs" 104 35 104 36] [#"../checked_ops.rs" 104 35 104 36] (0 : uint8))) + [#"../checked_ops.rs" 104 12 104 36] _9 <- ([#"../checked_ops.rs" 104 12 104 36] _10 = (0 : uint8)); + _10 <- any uint8; + switch (_9) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 105 12 105 33] _15 <- ([#"../checked_ops.rs" 105 12 105 33] saturating_mul0 ([#"../checked_ops.rs" 105 12 105 15] [#"../checked_ops.rs" 105 12 105 15] (0 : uint8)) ([#"../checked_ops.rs" 105 31 105 32] a)); + [#"../checked_ops.rs" 105 12 105 33] _15 <- ([#"../checked_ops.rs" 105 12 105 33] saturating_mul0 (0 : uint8) a); goto BB8 } BB7 { @@ -1585,13 +1713,15 @@ module CheckedOps_TestU8MulZero absurd } BB8 { - switch ([#"../checked_ops.rs" 105 12 105 38] _15 = ([#"../checked_ops.rs" 105 37 105 38] [#"../checked_ops.rs" 105 37 105 38] (0 : uint8))) + [#"../checked_ops.rs" 105 12 105 38] _14 <- ([#"../checked_ops.rs" 105 12 105 38] _15 = (0 : uint8)); + _15 <- any uint8; + switch (_14) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 106 14 106 36] res <- ([#"../checked_ops.rs" 106 14 106 36] overflowing_mul0 ([#"../checked_ops.rs" 106 14 106 17] [#"../checked_ops.rs" 106 14 106 17] (0 : uint8)) ([#"../checked_ops.rs" 106 34 106 35] a)); + [#"../checked_ops.rs" 106 14 106 36] res <- ([#"../checked_ops.rs" 106 14 106 36] overflowing_mul0 (0 : uint8) a); goto BB11 } BB10 { @@ -1599,14 +1729,16 @@ module CheckedOps_TestU8MulZero absurd } BB11 { - switch ([#"../checked_ops.rs" 107 12 107 22] ([#"../checked_ops.rs" 107 12 107 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 107 21 107 22] [#"../checked_ops.rs" 107 21 107 22] (0 : uint8))) + [#"../checked_ops.rs" 107 12 107 22] _21 <- ([#"../checked_ops.rs" 107 12 107 22] (let (a, _) = res in a) = (0 : uint8)); + switch (_21) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 107 26 107 40] Bool.eqb ([#"../checked_ops.rs" 107 26 107 31] let (_, a) = res in a) ([#"../checked_ops.rs" 107 35 107 40] [#"../checked_ops.rs" 107 35 107 40] false)) + [#"../checked_ops.rs" 107 26 107 40] _23 <- ([#"../checked_ops.rs" 107 26 107 40] Bool.eqb (let (_, a) = res in a) false); + switch (_23) | False -> goto BB14 | True -> goto BB13 end @@ -1697,8 +1829,10 @@ module CheckedOps_TestU8OverflowingMul var _0 : (); var a : uint8 = a; var b : uint8 = b; + var _4 : bool; var _6 : (uint8, bool); var _9 : uint8; + var _14 : bool; var _16 : (uint8, bool); var _19 : bool; var _21 : Core_Option_Option_Type.t_option uint8; @@ -1706,22 +1840,24 @@ module CheckedOps_TestU8OverflowingMul goto BB0 } BB0 { - [#"../checked_ops.rs" 112 12 112 32] _6 <- ([#"../checked_ops.rs" 112 12 112 32] overflowing_mul0 ([#"../checked_ops.rs" 112 12 112 13] a) ([#"../checked_ops.rs" 112 30 112 31] b)); + [#"../checked_ops.rs" 112 12 112 32] _6 <- ([#"../checked_ops.rs" 112 12 112 32] overflowing_mul0 a b); goto BB1 } BB1 { assume { resolve0 _6 }; - [#"../checked_ops.rs" 112 38 112 55] _9 <- ([#"../checked_ops.rs" 112 38 112 55] wrapping_mul0 ([#"../checked_ops.rs" 112 38 112 39] a) ([#"../checked_ops.rs" 112 53 112 54] b)); + [#"../checked_ops.rs" 112 38 112 55] _9 <- ([#"../checked_ops.rs" 112 38 112 55] wrapping_mul0 a b); goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 112 12 112 55] ([#"../checked_ops.rs" 112 12 112 34] let (a, _) = _6 in a) = _9) + [#"../checked_ops.rs" 112 12 112 55] _4 <- ([#"../checked_ops.rs" 112 12 112 55] (let (a, _) = _6 in a) = _9); + _9 <- any uint8; + switch (_4) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 113 12 113 32] _16 <- ([#"../checked_ops.rs" 113 12 113 32] overflowing_mul0 ([#"../checked_ops.rs" 113 12 113 13] a) ([#"../checked_ops.rs" 113 30 113 31] b)); + [#"../checked_ops.rs" 113 12 113 32] _16 <- ([#"../checked_ops.rs" 113 12 113 32] overflowing_mul0 a b); goto BB5 } BB4 { @@ -1730,15 +1866,17 @@ module CheckedOps_TestU8OverflowingMul } BB5 { assume { resolve0 _16 }; - [#"../checked_ops.rs" 113 38 113 54] _21 <- ([#"../checked_ops.rs" 113 38 113 54] checked_mul0 ([#"../checked_ops.rs" 113 38 113 39] a) ([#"../checked_ops.rs" 113 52 113 53] b)); + [#"../checked_ops.rs" 113 38 113 54] _21 <- ([#"../checked_ops.rs" 113 38 113 54] checked_mul0 a b); goto BB6 } BB6 { - [#"../checked_ops.rs" 113 38 113 64] _19 <- ([#"../checked_ops.rs" 113 38 113 64] is_none0 ([#"../checked_ops.rs" 113 38 113 54] _21)); + [#"../checked_ops.rs" 113 38 113 64] _19 <- ([#"../checked_ops.rs" 113 38 113 64] is_none0 _21); goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 113 12 113 64] Bool.eqb ([#"../checked_ops.rs" 113 12 113 34] let (_, a) = _16 in a) _19) + [#"../checked_ops.rs" 113 12 113 64] _14 <- ([#"../checked_ops.rs" 113 12 113 64] Bool.eqb (let (_, a) = _16 in a) _19); + _19 <- any bool; + switch (_14) | False -> goto BB9 | True -> goto BB8 end @@ -1843,20 +1981,25 @@ module CheckedOps_TestU8DivExample var _0 : (); var _2 : bool; var _4 : Core_Option_Option_Type.t_option uint8; + var _7 : bool; var _8 : uint8; var _9 : Core_Option_Option_Type.t_option uint8; + var _12 : bool; var _13 : uint8; + var _16 : bool; var _17 : uint8; var res : (uint8, bool); + var _21 : bool; + var _23 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 118 12 118 30] _4 <- ([#"../checked_ops.rs" 118 12 118 30] checked_div0 ([#"../checked_ops.rs" 118 12 118 15] [#"../checked_ops.rs" 118 12 118 15] (5 : uint8)) ([#"../checked_ops.rs" 118 28 118 29] [#"../checked_ops.rs" 118 28 118 29] (0 : uint8))); + [#"../checked_ops.rs" 118 12 118 30] _4 <- ([#"../checked_ops.rs" 118 12 118 30] checked_div0 (5 : uint8) (0 : uint8)); goto BB1 } BB1 { - [#"../checked_ops.rs" 118 12 118 40] _2 <- ([#"../checked_ops.rs" 118 12 118 40] is_none0 ([#"../checked_ops.rs" 118 12 118 30] _4)); + [#"../checked_ops.rs" 118 12 118 40] _2 <- ([#"../checked_ops.rs" 118 12 118 40] is_none0 _4); goto BB2 } BB2 { @@ -1866,7 +2009,7 @@ module CheckedOps_TestU8DivExample end } BB3 { - [#"../checked_ops.rs" 119 12 119 30] _9 <- ([#"../checked_ops.rs" 119 12 119 30] checked_div0 ([#"../checked_ops.rs" 119 12 119 15] [#"../checked_ops.rs" 119 12 119 15] (5 : uint8)) ([#"../checked_ops.rs" 119 28 119 29] [#"../checked_ops.rs" 119 28 119 29] (2 : uint8))); + [#"../checked_ops.rs" 119 12 119 30] _9 <- ([#"../checked_ops.rs" 119 12 119 30] checked_div0 (5 : uint8) (2 : uint8)); goto BB5 } BB4 { @@ -1879,13 +2022,15 @@ module CheckedOps_TestU8DivExample goto BB6 } BB6 { - switch ([#"../checked_ops.rs" 119 12 119 44] _8 = ([#"../checked_ops.rs" 119 43 119 44] [#"../checked_ops.rs" 119 43 119 44] (2 : uint8))) + [#"../checked_ops.rs" 119 12 119 44] _7 <- ([#"../checked_ops.rs" 119 12 119 44] _8 = (2 : uint8)); + _8 <- any uint8; + switch (_7) | False -> goto BB8 | True -> goto BB7 end } BB7 { - [#"../checked_ops.rs" 120 12 120 31] _13 <- ([#"../checked_ops.rs" 120 12 120 31] wrapping_div0 ([#"../checked_ops.rs" 120 12 120 15] [#"../checked_ops.rs" 120 12 120 15] (5 : uint8)) ([#"../checked_ops.rs" 120 29 120 30] [#"../checked_ops.rs" 120 29 120 30] (2 : uint8))); + [#"../checked_ops.rs" 120 12 120 31] _13 <- ([#"../checked_ops.rs" 120 12 120 31] wrapping_div0 (5 : uint8) (2 : uint8)); goto BB9 } BB8 { @@ -1893,13 +2038,15 @@ module CheckedOps_TestU8DivExample absurd } BB9 { - switch ([#"../checked_ops.rs" 120 12 120 36] _13 = ([#"../checked_ops.rs" 120 35 120 36] [#"../checked_ops.rs" 120 35 120 36] (2 : uint8))) + [#"../checked_ops.rs" 120 12 120 36] _12 <- ([#"../checked_ops.rs" 120 12 120 36] _13 = (2 : uint8)); + _13 <- any uint8; + switch (_12) | False -> goto BB11 | True -> goto BB10 end } BB10 { - [#"../checked_ops.rs" 121 12 121 33] _17 <- ([#"../checked_ops.rs" 121 12 121 33] saturating_div0 ([#"../checked_ops.rs" 121 12 121 15] [#"../checked_ops.rs" 121 12 121 15] (5 : uint8)) ([#"../checked_ops.rs" 121 31 121 32] [#"../checked_ops.rs" 121 31 121 32] (2 : uint8))); + [#"../checked_ops.rs" 121 12 121 33] _17 <- ([#"../checked_ops.rs" 121 12 121 33] saturating_div0 (5 : uint8) (2 : uint8)); goto BB12 } BB11 { @@ -1907,13 +2054,15 @@ module CheckedOps_TestU8DivExample absurd } BB12 { - switch ([#"../checked_ops.rs" 121 12 121 38] _17 = ([#"../checked_ops.rs" 121 37 121 38] [#"../checked_ops.rs" 121 37 121 38] (2 : uint8))) + [#"../checked_ops.rs" 121 12 121 38] _16 <- ([#"../checked_ops.rs" 121 12 121 38] _17 = (2 : uint8)); + _17 <- any uint8; + switch (_16) | False -> goto BB14 | True -> goto BB13 end } BB13 { - [#"../checked_ops.rs" 122 14 122 36] res <- ([#"../checked_ops.rs" 122 14 122 36] overflowing_div0 ([#"../checked_ops.rs" 122 14 122 17] [#"../checked_ops.rs" 122 14 122 17] (5 : uint8)) ([#"../checked_ops.rs" 122 34 122 35] [#"../checked_ops.rs" 122 34 122 35] (2 : uint8))); + [#"../checked_ops.rs" 122 14 122 36] res <- ([#"../checked_ops.rs" 122 14 122 36] overflowing_div0 (5 : uint8) (2 : uint8)); goto BB15 } BB14 { @@ -1921,14 +2070,16 @@ module CheckedOps_TestU8DivExample absurd } BB15 { - switch ([#"../checked_ops.rs" 123 12 123 22] ([#"../checked_ops.rs" 123 12 123 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 123 21 123 22] [#"../checked_ops.rs" 123 21 123 22] (2 : uint8))) + [#"../checked_ops.rs" 123 12 123 22] _21 <- ([#"../checked_ops.rs" 123 12 123 22] (let (a, _) = res in a) = (2 : uint8)); + switch (_21) | False -> goto BB19 | True -> goto BB16 end } BB16 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 123 26 123 40] Bool.eqb ([#"../checked_ops.rs" 123 26 123 31] let (_, a) = res in a) ([#"../checked_ops.rs" 123 35 123 40] [#"../checked_ops.rs" 123 35 123 40] false)) + [#"../checked_ops.rs" 123 26 123 40] _23 <- ([#"../checked_ops.rs" 123 26 123 40] Bool.eqb (let (_, a) = res in a) false); + switch (_23) | False -> goto BB18 | True -> goto BB17 end @@ -2026,24 +2177,33 @@ module CheckedOps_TestU8DivNoOverflow var _0 : (); var a : uint8 = a; var b : uint8 = b; + var _5 : bool; var _6 : uint8; var _7 : Core_Option_Option_Type.t_option uint8; + var _10 : uint8; var _12 : uint8; var _13 : bool; + var _16 : bool; var _17 : uint8; + var _20 : uint8; var _22 : uint8; var _23 : bool; + var _26 : bool; var _27 : uint8; + var _30 : uint8; var _32 : uint8; var _33 : bool; var res : (uint8, bool); + var _39 : bool; + var _41 : uint8; var _43 : uint8; var _44 : bool; + var _45 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 129 12 129 28] _7 <- ([#"../checked_ops.rs" 129 12 129 28] checked_div0 ([#"../checked_ops.rs" 129 12 129 13] a) ([#"../checked_ops.rs" 129 26 129 27] b)); + [#"../checked_ops.rs" 129 12 129 28] _7 <- ([#"../checked_ops.rs" 129 12 129 28] checked_div0 a b); goto BB1 } BB1 { @@ -2053,18 +2213,23 @@ module CheckedOps_TestU8DivNoOverflow } BB2 { [#"../checked_ops.rs" 129 45 129 46] _12 <- ([#"../checked_ops.rs" 129 45 129 46] b); - [#"../checked_ops.rs" 129 41 129 46] _13 <- ([#"../checked_ops.rs" 129 41 129 46] _12 = ([#"../checked_ops.rs" 129 41 129 46] [#"../checked_ops.rs" 129 41 129 46] (0 : uint8))); + [#"../checked_ops.rs" 129 41 129 46] _13 <- ([#"../checked_ops.rs" 129 41 129 46] _12 = (0 : uint8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 129 41 129 46] not _13 }; goto BB3 } BB3 { - switch ([#"../checked_ops.rs" 129 12 129 46] _6 = ([#"../checked_ops.rs" 129 41 129 46] ([#"../checked_ops.rs" 129 41 129 42] a) / _12)) + [#"../checked_ops.rs" 129 41 129 46] _10 <- ([#"../checked_ops.rs" 129 41 129 46] a / _12); + _12 <- any uint8; + [#"../checked_ops.rs" 129 12 129 46] _5 <- ([#"../checked_ops.rs" 129 12 129 46] _6 = _10); + _6 <- any uint8; + _10 <- any uint8; + switch (_5) | False -> goto BB5 | True -> goto BB4 end } BB4 { - [#"../checked_ops.rs" 130 12 130 29] _17 <- ([#"../checked_ops.rs" 130 12 130 29] wrapping_div0 ([#"../checked_ops.rs" 130 12 130 13] a) ([#"../checked_ops.rs" 130 27 130 28] b)); + [#"../checked_ops.rs" 130 12 130 29] _17 <- ([#"../checked_ops.rs" 130 12 130 29] wrapping_div0 a b); goto BB6 } BB5 { @@ -2073,18 +2238,23 @@ module CheckedOps_TestU8DivNoOverflow } BB6 { [#"../checked_ops.rs" 130 37 130 38] _22 <- ([#"../checked_ops.rs" 130 37 130 38] b); - [#"../checked_ops.rs" 130 33 130 38] _23 <- ([#"../checked_ops.rs" 130 33 130 38] _22 = ([#"../checked_ops.rs" 130 33 130 38] [#"../checked_ops.rs" 130 33 130 38] (0 : uint8))); + [#"../checked_ops.rs" 130 33 130 38] _23 <- ([#"../checked_ops.rs" 130 33 130 38] _22 = (0 : uint8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 130 33 130 38] not _23 }; goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 130 12 130 38] _17 = ([#"../checked_ops.rs" 130 33 130 38] ([#"../checked_ops.rs" 130 33 130 34] a) / _22)) + [#"../checked_ops.rs" 130 33 130 38] _20 <- ([#"../checked_ops.rs" 130 33 130 38] a / _22); + _22 <- any uint8; + [#"../checked_ops.rs" 130 12 130 38] _16 <- ([#"../checked_ops.rs" 130 12 130 38] _17 = _20); + _17 <- any uint8; + _20 <- any uint8; + switch (_16) | False -> goto BB9 | True -> goto BB8 end } BB8 { - [#"../checked_ops.rs" 131 12 131 31] _27 <- ([#"../checked_ops.rs" 131 12 131 31] saturating_div0 ([#"../checked_ops.rs" 131 12 131 13] a) ([#"../checked_ops.rs" 131 29 131 30] b)); + [#"../checked_ops.rs" 131 12 131 31] _27 <- ([#"../checked_ops.rs" 131 12 131 31] saturating_div0 a b); goto BB10 } BB9 { @@ -2093,18 +2263,23 @@ module CheckedOps_TestU8DivNoOverflow } BB10 { [#"../checked_ops.rs" 131 39 131 40] _32 <- ([#"../checked_ops.rs" 131 39 131 40] b); - [#"../checked_ops.rs" 131 35 131 40] _33 <- ([#"../checked_ops.rs" 131 35 131 40] _32 = ([#"../checked_ops.rs" 131 35 131 40] [#"../checked_ops.rs" 131 35 131 40] (0 : uint8))); + [#"../checked_ops.rs" 131 35 131 40] _33 <- ([#"../checked_ops.rs" 131 35 131 40] _32 = (0 : uint8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 131 35 131 40] not _33 }; goto BB11 } BB11 { - switch ([#"../checked_ops.rs" 131 12 131 40] _27 = ([#"../checked_ops.rs" 131 35 131 40] ([#"../checked_ops.rs" 131 35 131 36] a) / _32)) + [#"../checked_ops.rs" 131 35 131 40] _30 <- ([#"../checked_ops.rs" 131 35 131 40] a / _32); + _32 <- any uint8; + [#"../checked_ops.rs" 131 12 131 40] _26 <- ([#"../checked_ops.rs" 131 12 131 40] _27 = _30); + _27 <- any uint8; + _30 <- any uint8; + switch (_26) | False -> goto BB13 | True -> goto BB12 end } BB12 { - [#"../checked_ops.rs" 132 14 132 34] res <- ([#"../checked_ops.rs" 132 14 132 34] overflowing_div0 ([#"../checked_ops.rs" 132 14 132 15] a) ([#"../checked_ops.rs" 132 32 132 33] b)); + [#"../checked_ops.rs" 132 14 132 34] res <- ([#"../checked_ops.rs" 132 14 132 34] overflowing_div0 a b); goto BB14 } BB13 { @@ -2113,19 +2288,24 @@ module CheckedOps_TestU8DivNoOverflow } BB14 { [#"../checked_ops.rs" 133 25 133 26] _43 <- ([#"../checked_ops.rs" 133 25 133 26] b); - [#"../checked_ops.rs" 133 21 133 26] _44 <- ([#"../checked_ops.rs" 133 21 133 26] _43 = ([#"../checked_ops.rs" 133 21 133 26] [#"../checked_ops.rs" 133 21 133 26] (0 : uint8))); + [#"../checked_ops.rs" 133 21 133 26] _44 <- ([#"../checked_ops.rs" 133 21 133 26] _43 = (0 : uint8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 133 21 133 26] not _44 }; goto BB15 } BB15 { - switch ([#"../checked_ops.rs" 133 12 133 26] ([#"../checked_ops.rs" 133 12 133 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 133 21 133 26] ([#"../checked_ops.rs" 133 21 133 22] a) / _43)) + [#"../checked_ops.rs" 133 21 133 26] _41 <- ([#"../checked_ops.rs" 133 21 133 26] a / _43); + _43 <- any uint8; + [#"../checked_ops.rs" 133 12 133 26] _39 <- ([#"../checked_ops.rs" 133 12 133 26] (let (a, _) = res in a) = _41); + _41 <- any uint8; + switch (_39) | False -> goto BB19 | True -> goto BB16 end } BB16 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 133 30 133 44] Bool.eqb ([#"../checked_ops.rs" 133 30 133 35] let (_, a) = res in a) ([#"../checked_ops.rs" 133 39 133 44] [#"../checked_ops.rs" 133 39 133 44] false)) + [#"../checked_ops.rs" 133 30 133 44] _45 <- ([#"../checked_ops.rs" 133 30 133 44] Bool.eqb (let (_, a) = res in a) false); + switch (_45) | False -> goto BB18 | True -> goto BB17 end @@ -2184,11 +2364,11 @@ module CheckedOps_TestU8DivZero goto BB0 } BB0 { - [#"../checked_ops.rs" 138 12 138 28] _5 <- ([#"../checked_ops.rs" 138 12 138 28] checked_div0 ([#"../checked_ops.rs" 138 12 138 13] a) ([#"../checked_ops.rs" 138 26 138 27] [#"../checked_ops.rs" 138 26 138 27] (0 : uint8))); + [#"../checked_ops.rs" 138 12 138 28] _5 <- ([#"../checked_ops.rs" 138 12 138 28] checked_div0 a (0 : uint8)); goto BB1 } BB1 { - [#"../checked_ops.rs" 138 12 138 38] _3 <- ([#"../checked_ops.rs" 138 12 138 38] is_none0 ([#"../checked_ops.rs" 138 12 138 28] _5)); + [#"../checked_ops.rs" 138 12 138 38] _3 <- ([#"../checked_ops.rs" 138 12 138 38] is_none0 _5); goto BB2 } BB2 { @@ -2305,26 +2485,39 @@ module CheckedOps_TestI8AddExample = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _2 : bool; var _3 : int8; var _4 : Core_Option_Option_Type.t_option int8; var _7 : bool; var _9 : Core_Option_Option_Type.t_option int8; var _12 : bool; var _14 : Core_Option_Option_Type.t_option int8; + var _17 : bool; var _18 : int8; + var _21 : bool; var _22 : int8; + var _25 : bool; var _26 : int8; + var _29 : bool; var _30 : int8; + var _33 : bool; var _34 : int8; + var _37 : bool; var _38 : int8; var res : (int8, bool); + var _42 : bool; + var _44 : bool; var res1 : (int8, bool); + var _49 : bool; + var _51 : bool; var res2 : (int8, bool); + var _56 : bool; + var _58 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 143 12 143 31] _4 <- ([#"../checked_ops.rs" 143 12 143 31] checked_add0 ([#"../checked_ops.rs" 143 12 143 15] [#"../checked_ops.rs" 143 12 143 15] (5 : int8)) ([#"../checked_ops.rs" 143 28 143 30] [#"../checked_ops.rs" 143 28 143 30] (10 : int8))); + [#"../checked_ops.rs" 143 12 143 31] _4 <- ([#"../checked_ops.rs" 143 12 143 31] checked_add0 (5 : int8) (10 : int8)); goto BB1 } BB1 { @@ -2333,13 +2526,15 @@ module CheckedOps_TestI8AddExample goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 143 12 143 46] _3 = ([#"../checked_ops.rs" 143 44 143 46] [#"../checked_ops.rs" 143 44 143 46] (15 : int8))) + [#"../checked_ops.rs" 143 12 143 46] _2 <- ([#"../checked_ops.rs" 143 12 143 46] _3 = (15 : int8)); + _3 <- any int8; + switch (_2) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 144 12 144 33] _9 <- ([#"../checked_ops.rs" 144 12 144 33] checked_add0 ([#"../checked_ops.rs" 144 12 144 17] [#"../checked_ops.rs" 144 12 144 17] (120 : int8)) ([#"../checked_ops.rs" 144 30 144 32] [#"../checked_ops.rs" 144 30 144 32] (10 : int8))); + [#"../checked_ops.rs" 144 12 144 33] _9 <- ([#"../checked_ops.rs" 144 12 144 33] checked_add0 (120 : int8) (10 : int8)); goto BB5 } BB4 { @@ -2347,7 +2542,7 @@ module CheckedOps_TestI8AddExample absurd } BB5 { - [#"../checked_ops.rs" 144 12 144 43] _7 <- ([#"../checked_ops.rs" 144 12 144 43] is_none0 ([#"../checked_ops.rs" 144 12 144 33] _9)); + [#"../checked_ops.rs" 144 12 144 43] _7 <- ([#"../checked_ops.rs" 144 12 144 43] is_none0 _9); goto BB6 } BB6 { @@ -2357,7 +2552,7 @@ module CheckedOps_TestI8AddExample end } BB7 { - [#"../checked_ops.rs" 145 12 145 37] _14 <- ([#"../checked_ops.rs" 145 12 145 37] checked_add0 ([#"../checked_ops.rs" 145 12 145 20] [#"../checked_ops.rs" 145 12 145 20] (-120 : int8)) ([#"../checked_ops.rs" 145 33 145 36] [#"../checked_ops.rs" 145 33 145 36] (-10 : int8))); + [#"../checked_ops.rs" 145 12 145 37] _14 <- ([#"../checked_ops.rs" 145 12 145 37] checked_add0 (-120 : int8) (-10 : int8)); goto BB9 } BB8 { @@ -2365,7 +2560,7 @@ module CheckedOps_TestI8AddExample absurd } BB9 { - [#"../checked_ops.rs" 145 12 145 47] _12 <- ([#"../checked_ops.rs" 145 12 145 47] is_none0 ([#"../checked_ops.rs" 145 12 145 37] _14)); + [#"../checked_ops.rs" 145 12 145 47] _12 <- ([#"../checked_ops.rs" 145 12 145 47] is_none0 _14); goto BB10 } BB10 { @@ -2375,7 +2570,7 @@ module CheckedOps_TestI8AddExample end } BB11 { - [#"../checked_ops.rs" 147 12 147 32] _18 <- ([#"../checked_ops.rs" 147 12 147 32] wrapping_add0 ([#"../checked_ops.rs" 147 12 147 15] [#"../checked_ops.rs" 147 12 147 15] (5 : int8)) ([#"../checked_ops.rs" 147 29 147 31] [#"../checked_ops.rs" 147 29 147 31] (10 : int8))); + [#"../checked_ops.rs" 147 12 147 32] _18 <- ([#"../checked_ops.rs" 147 12 147 32] wrapping_add0 (5 : int8) (10 : int8)); goto BB13 } BB12 { @@ -2383,13 +2578,15 @@ module CheckedOps_TestI8AddExample absurd } BB13 { - switch ([#"../checked_ops.rs" 147 12 147 38] _18 = ([#"../checked_ops.rs" 147 36 147 38] [#"../checked_ops.rs" 147 36 147 38] (15 : int8))) + [#"../checked_ops.rs" 147 12 147 38] _17 <- ([#"../checked_ops.rs" 147 12 147 38] _18 = (15 : int8)); + _18 <- any int8; + switch (_17) | False -> goto BB15 | True -> goto BB14 end } BB14 { - [#"../checked_ops.rs" 148 12 148 34] _22 <- ([#"../checked_ops.rs" 148 12 148 34] wrapping_add0 ([#"../checked_ops.rs" 148 12 148 17] [#"../checked_ops.rs" 148 12 148 17] (120 : int8)) ([#"../checked_ops.rs" 148 31 148 33] [#"../checked_ops.rs" 148 31 148 33] (10 : int8))); + [#"../checked_ops.rs" 148 12 148 34] _22 <- ([#"../checked_ops.rs" 148 12 148 34] wrapping_add0 (120 : int8) (10 : int8)); goto BB16 } BB15 { @@ -2397,13 +2594,15 @@ module CheckedOps_TestI8AddExample absurd } BB16 { - switch ([#"../checked_ops.rs" 148 12 148 42] _22 = ([#"../checked_ops.rs" 148 38 148 42] [#"../checked_ops.rs" 148 38 148 42] (-126 : int8))) + [#"../checked_ops.rs" 148 12 148 42] _21 <- ([#"../checked_ops.rs" 148 12 148 42] _22 = (-126 : int8)); + _22 <- any int8; + switch (_21) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../checked_ops.rs" 149 12 149 38] _26 <- ([#"../checked_ops.rs" 149 12 149 38] wrapping_add0 ([#"../checked_ops.rs" 149 12 149 20] [#"../checked_ops.rs" 149 12 149 20] (-120 : int8)) ([#"../checked_ops.rs" 149 34 149 37] [#"../checked_ops.rs" 149 34 149 37] (-10 : int8))); + [#"../checked_ops.rs" 149 12 149 38] _26 <- ([#"../checked_ops.rs" 149 12 149 38] wrapping_add0 (-120 : int8) (-10 : int8)); goto BB19 } BB18 { @@ -2411,13 +2610,15 @@ module CheckedOps_TestI8AddExample absurd } BB19 { - switch ([#"../checked_ops.rs" 149 12 149 45] _26 = ([#"../checked_ops.rs" 149 42 149 45] [#"../checked_ops.rs" 149 42 149 45] (126 : int8))) + [#"../checked_ops.rs" 149 12 149 45] _25 <- ([#"../checked_ops.rs" 149 12 149 45] _26 = (126 : int8)); + _26 <- any int8; + switch (_25) | False -> goto BB21 | True -> goto BB20 end } BB20 { - [#"../checked_ops.rs" 151 12 151 34] _30 <- ([#"../checked_ops.rs" 151 12 151 34] saturating_add0 ([#"../checked_ops.rs" 151 12 151 15] [#"../checked_ops.rs" 151 12 151 15] (5 : int8)) ([#"../checked_ops.rs" 151 31 151 33] [#"../checked_ops.rs" 151 31 151 33] (10 : int8))); + [#"../checked_ops.rs" 151 12 151 34] _30 <- ([#"../checked_ops.rs" 151 12 151 34] saturating_add0 (5 : int8) (10 : int8)); goto BB22 } BB21 { @@ -2425,13 +2626,15 @@ module CheckedOps_TestI8AddExample absurd } BB22 { - switch ([#"../checked_ops.rs" 151 12 151 40] _30 = ([#"../checked_ops.rs" 151 38 151 40] [#"../checked_ops.rs" 151 38 151 40] (15 : int8))) + [#"../checked_ops.rs" 151 12 151 40] _29 <- ([#"../checked_ops.rs" 151 12 151 40] _30 = (15 : int8)); + _30 <- any int8; + switch (_29) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../checked_ops.rs" 152 12 152 36] _34 <- ([#"../checked_ops.rs" 152 12 152 36] saturating_add0 ([#"../checked_ops.rs" 152 12 152 17] [#"../checked_ops.rs" 152 12 152 17] (120 : int8)) ([#"../checked_ops.rs" 152 33 152 35] [#"../checked_ops.rs" 152 33 152 35] (10 : int8))); + [#"../checked_ops.rs" 152 12 152 36] _34 <- ([#"../checked_ops.rs" 152 12 152 36] saturating_add0 (120 : int8) (10 : int8)); goto BB25 } BB24 { @@ -2439,13 +2642,15 @@ module CheckedOps_TestI8AddExample absurd } BB25 { - switch ([#"../checked_ops.rs" 152 12 152 43] _34 = ([#"../checked_ops.rs" 152 40 152 43] [#"../checked_ops.rs" 152 40 152 43] (127 : int8))) + [#"../checked_ops.rs" 152 12 152 43] _33 <- ([#"../checked_ops.rs" 152 12 152 43] _34 = (127 : int8)); + _34 <- any int8; + switch (_33) | False -> goto BB27 | True -> goto BB26 end } BB26 { - [#"../checked_ops.rs" 153 12 153 40] _38 <- ([#"../checked_ops.rs" 153 12 153 40] saturating_add0 ([#"../checked_ops.rs" 153 12 153 20] [#"../checked_ops.rs" 153 12 153 20] (-120 : int8)) ([#"../checked_ops.rs" 153 36 153 39] [#"../checked_ops.rs" 153 36 153 39] (-10 : int8))); + [#"../checked_ops.rs" 153 12 153 40] _38 <- ([#"../checked_ops.rs" 153 12 153 40] saturating_add0 (-120 : int8) (-10 : int8)); goto BB28 } BB27 { @@ -2453,13 +2658,15 @@ module CheckedOps_TestI8AddExample absurd } BB28 { - switch ([#"../checked_ops.rs" 153 12 153 48] _38 = ([#"../checked_ops.rs" 153 44 153 48] [#"../checked_ops.rs" 153 44 153 48] (-128 : int8))) + [#"../checked_ops.rs" 153 12 153 48] _37 <- ([#"../checked_ops.rs" 153 12 153 48] _38 = (-128 : int8)); + _38 <- any int8; + switch (_37) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../checked_ops.rs" 155 14 155 37] res <- ([#"../checked_ops.rs" 155 14 155 37] overflowing_add0 ([#"../checked_ops.rs" 155 14 155 17] [#"../checked_ops.rs" 155 14 155 17] (5 : int8)) ([#"../checked_ops.rs" 155 34 155 36] [#"../checked_ops.rs" 155 34 155 36] (10 : int8))); + [#"../checked_ops.rs" 155 14 155 37] res <- ([#"../checked_ops.rs" 155 14 155 37] overflowing_add0 (5 : int8) (10 : int8)); goto BB31 } BB30 { @@ -2467,20 +2674,22 @@ module CheckedOps_TestI8AddExample absurd } BB31 { - switch ([#"../checked_ops.rs" 156 12 156 23] ([#"../checked_ops.rs" 156 12 156 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 156 21 156 23] [#"../checked_ops.rs" 156 21 156 23] (15 : int8))) + [#"../checked_ops.rs" 156 12 156 23] _42 <- ([#"../checked_ops.rs" 156 12 156 23] (let (a, _) = res in a) = (15 : int8)); + switch (_42) | False -> goto BB35 | True -> goto BB32 end } BB32 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 156 27 156 41] Bool.eqb ([#"../checked_ops.rs" 156 27 156 32] let (_, a) = res in a) ([#"../checked_ops.rs" 156 36 156 41] [#"../checked_ops.rs" 156 36 156 41] false)) + [#"../checked_ops.rs" 156 27 156 41] _44 <- ([#"../checked_ops.rs" 156 27 156 41] Bool.eqb (let (_, a) = res in a) false); + switch (_44) | False -> goto BB34 | True -> goto BB33 end } BB33 { - [#"../checked_ops.rs" 157 14 157 39] res1 <- ([#"../checked_ops.rs" 157 14 157 39] overflowing_add0 ([#"../checked_ops.rs" 157 14 157 19] [#"../checked_ops.rs" 157 14 157 19] (120 : int8)) ([#"../checked_ops.rs" 157 36 157 38] [#"../checked_ops.rs" 157 36 157 38] (10 : int8))); + [#"../checked_ops.rs" 157 14 157 39] res1 <- ([#"../checked_ops.rs" 157 14 157 39] overflowing_add0 (120 : int8) (10 : int8)); goto BB37 } BB34 { @@ -2495,20 +2704,22 @@ module CheckedOps_TestI8AddExample absurd } BB37 { - switch ([#"../checked_ops.rs" 158 12 158 25] ([#"../checked_ops.rs" 158 12 158 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 158 21 158 25] [#"../checked_ops.rs" 158 21 158 25] (-126 : int8))) + [#"../checked_ops.rs" 158 12 158 25] _49 <- ([#"../checked_ops.rs" 158 12 158 25] (let (a, _) = res1 in a) = (-126 : int8)); + switch (_49) | False -> goto BB41 | True -> goto BB38 end } BB38 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 158 29 158 42] Bool.eqb ([#"../checked_ops.rs" 158 29 158 34] let (_, a) = res1 in a) ([#"../checked_ops.rs" 158 38 158 42] [#"../checked_ops.rs" 158 38 158 42] true)) + [#"../checked_ops.rs" 158 29 158 42] _51 <- ([#"../checked_ops.rs" 158 29 158 42] Bool.eqb (let (_, a) = res1 in a) true); + switch (_51) | False -> goto BB40 | True -> goto BB39 end } BB39 { - [#"../checked_ops.rs" 159 14 159 43] res2 <- ([#"../checked_ops.rs" 159 14 159 43] overflowing_add0 ([#"../checked_ops.rs" 159 14 159 22] [#"../checked_ops.rs" 159 14 159 22] (-120 : int8)) ([#"../checked_ops.rs" 159 39 159 42] [#"../checked_ops.rs" 159 39 159 42] (-10 : int8))); + [#"../checked_ops.rs" 159 14 159 43] res2 <- ([#"../checked_ops.rs" 159 14 159 43] overflowing_add0 (-120 : int8) (-10 : int8)); goto BB43 } BB40 { @@ -2523,14 +2734,16 @@ module CheckedOps_TestI8AddExample absurd } BB43 { - switch ([#"../checked_ops.rs" 160 12 160 24] ([#"../checked_ops.rs" 160 12 160 17] let (a, _) = res2 in a) = ([#"../checked_ops.rs" 160 21 160 24] [#"../checked_ops.rs" 160 21 160 24] (126 : int8))) + [#"../checked_ops.rs" 160 12 160 24] _56 <- ([#"../checked_ops.rs" 160 12 160 24] (let (a, _) = res2 in a) = (126 : int8)); + switch (_56) | False -> goto BB47 | True -> goto BB44 end } BB44 { assume { resolve0 res2 }; - switch ([#"../checked_ops.rs" 160 28 160 41] Bool.eqb ([#"../checked_ops.rs" 160 28 160 33] let (_, a) = res2 in a) ([#"../checked_ops.rs" 160 37 160 41] [#"../checked_ops.rs" 160 37 160 41] true)) + [#"../checked_ops.rs" 160 28 160 41] _58 <- ([#"../checked_ops.rs" 160 28 160 41] Bool.eqb (let (_, a) = res2 in a) true); + switch (_58) | False -> goto BB46 | True -> goto BB45 end @@ -2628,18 +2841,26 @@ module CheckedOps_TestI8AddOverflowPos var a : int8 = a; var _4 : bool; var _6 : Core_Option_Option_Type.t_option int8; + var _10 : bool; var _11 : int8; + var _13 : int8; + var _14 : int8; + var _18 : bool; var _19 : int8; var res : (int8, bool); + var _25 : bool; + var _27 : int8; + var _28 : int8; + var _30 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 166 12 166 32] _6 <- ([#"../checked_ops.rs" 166 12 166 32] checked_add0 ([#"../checked_ops.rs" 166 12 166 17] [#"../checked_ops.rs" 166 12 166 17] (127 : int8)) ([#"../checked_ops.rs" 166 30 166 31] a)); + [#"../checked_ops.rs" 166 12 166 32] _6 <- ([#"../checked_ops.rs" 166 12 166 32] checked_add0 (127 : int8) a); goto BB1 } BB1 { - [#"../checked_ops.rs" 166 12 166 42] _4 <- ([#"../checked_ops.rs" 166 12 166 42] is_none0 ([#"../checked_ops.rs" 166 12 166 32] _6)); + [#"../checked_ops.rs" 166 12 166 42] _4 <- ([#"../checked_ops.rs" 166 12 166 42] is_none0 _6); goto BB2 } BB2 { @@ -2649,7 +2870,7 @@ module CheckedOps_TestI8AddOverflowPos end } BB3 { - [#"../checked_ops.rs" 167 12 167 33] _11 <- ([#"../checked_ops.rs" 167 12 167 33] wrapping_add0 ([#"../checked_ops.rs" 167 12 167 17] [#"../checked_ops.rs" 167 12 167 17] (127 : int8)) ([#"../checked_ops.rs" 167 31 167 32] a)); + [#"../checked_ops.rs" 167 12 167 33] _11 <- ([#"../checked_ops.rs" 167 12 167 33] wrapping_add0 (127 : int8) a); goto BB5 } BB4 { @@ -2657,13 +2878,19 @@ module CheckedOps_TestI8AddOverflowPos absurd } BB5 { - switch ([#"../checked_ops.rs" 167 12 167 48] _11 = ([#"../checked_ops.rs" 167 37 167 48] ([#"../checked_ops.rs" 167 37 167 44] ([#"../checked_ops.rs" 167 37 167 38] a) - ([#"../checked_ops.rs" 167 41 167 44] [#"../checked_ops.rs" 167 41 167 44] (127 : int8))) - ([#"../checked_ops.rs" 167 47 167 48] [#"../checked_ops.rs" 167 47 167 48] (2 : int8)))) + [#"../checked_ops.rs" 167 37 167 44] _14 <- ([#"../checked_ops.rs" 167 37 167 44] a - (127 : int8)); + [#"../checked_ops.rs" 167 37 167 48] _13 <- ([#"../checked_ops.rs" 167 37 167 48] _14 - (2 : int8)); + _14 <- any int8; + [#"../checked_ops.rs" 167 12 167 48] _10 <- ([#"../checked_ops.rs" 167 12 167 48] _11 = _13); + _11 <- any int8; + _13 <- any int8; + switch (_10) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 168 12 168 35] _19 <- ([#"../checked_ops.rs" 168 12 168 35] saturating_add0 ([#"../checked_ops.rs" 168 12 168 17] [#"../checked_ops.rs" 168 12 168 17] (127 : int8)) ([#"../checked_ops.rs" 168 33 168 34] a)); + [#"../checked_ops.rs" 168 12 168 35] _19 <- ([#"../checked_ops.rs" 168 12 168 35] saturating_add0 (127 : int8) a); goto BB8 } BB7 { @@ -2671,13 +2898,15 @@ module CheckedOps_TestI8AddOverflowPos absurd } BB8 { - switch ([#"../checked_ops.rs" 168 12 168 42] _19 = ([#"../checked_ops.rs" 168 39 168 42] [#"../checked_ops.rs" 168 39 168 42] (127 : int8))) + [#"../checked_ops.rs" 168 12 168 42] _18 <- ([#"../checked_ops.rs" 168 12 168 42] _19 = (127 : int8)); + _19 <- any int8; + switch (_18) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 169 14 169 38] res <- ([#"../checked_ops.rs" 169 14 169 38] overflowing_add0 ([#"../checked_ops.rs" 169 14 169 19] [#"../checked_ops.rs" 169 14 169 19] (127 : int8)) ([#"../checked_ops.rs" 169 36 169 37] a)); + [#"../checked_ops.rs" 169 14 169 38] res <- ([#"../checked_ops.rs" 169 14 169 38] overflowing_add0 (127 : int8) a); goto BB11 } BB10 { @@ -2685,14 +2914,20 @@ module CheckedOps_TestI8AddOverflowPos absurd } BB11 { - switch ([#"../checked_ops.rs" 170 12 170 32] ([#"../checked_ops.rs" 170 12 170 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 170 21 170 32] ([#"../checked_ops.rs" 170 21 170 28] ([#"../checked_ops.rs" 170 21 170 22] a) - ([#"../checked_ops.rs" 170 25 170 28] [#"../checked_ops.rs" 170 25 170 28] (127 : int8))) - ([#"../checked_ops.rs" 170 31 170 32] [#"../checked_ops.rs" 170 31 170 32] (2 : int8)))) + [#"../checked_ops.rs" 170 21 170 28] _28 <- ([#"../checked_ops.rs" 170 21 170 28] a - (127 : int8)); + [#"../checked_ops.rs" 170 21 170 32] _27 <- ([#"../checked_ops.rs" 170 21 170 32] _28 - (2 : int8)); + _28 <- any int8; + [#"../checked_ops.rs" 170 12 170 32] _25 <- ([#"../checked_ops.rs" 170 12 170 32] (let (a, _) = res in a) = _27); + _27 <- any int8; + switch (_25) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 170 36 170 49] Bool.eqb ([#"../checked_ops.rs" 170 36 170 41] let (_, a) = res in a) ([#"../checked_ops.rs" 170 45 170 49] [#"../checked_ops.rs" 170 45 170 49] true)) + [#"../checked_ops.rs" 170 36 170 49] _30 <- ([#"../checked_ops.rs" 170 36 170 49] Bool.eqb (let (_, a) = res in a) true); + switch (_30) | False -> goto BB14 | True -> goto BB13 end @@ -2790,18 +3025,26 @@ module CheckedOps_TestI8AddOverflowNeg var a : int8 = a; var _4 : bool; var _6 : Core_Option_Option_Type.t_option int8; + var _10 : bool; var _11 : int8; + var _13 : int8; + var _14 : int8; + var _18 : bool; var _19 : int8; var res : (int8, bool); + var _25 : bool; + var _27 : int8; + var _28 : int8; + var _30 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 176 12 176 35] _6 <- ([#"../checked_ops.rs" 176 12 176 35] checked_add0 ([#"../checked_ops.rs" 176 12 176 20] [#"../checked_ops.rs" 176 12 176 20] (-128 : int8)) ([#"../checked_ops.rs" 176 33 176 34] a)); + [#"../checked_ops.rs" 176 12 176 35] _6 <- ([#"../checked_ops.rs" 176 12 176 35] checked_add0 (-128 : int8) a); goto BB1 } BB1 { - [#"../checked_ops.rs" 176 12 176 45] _4 <- ([#"../checked_ops.rs" 176 12 176 45] is_none0 ([#"../checked_ops.rs" 176 12 176 35] _6)); + [#"../checked_ops.rs" 176 12 176 45] _4 <- ([#"../checked_ops.rs" 176 12 176 45] is_none0 _6); goto BB2 } BB2 { @@ -2811,7 +3054,7 @@ module CheckedOps_TestI8AddOverflowNeg end } BB3 { - [#"../checked_ops.rs" 177 12 177 36] _11 <- ([#"../checked_ops.rs" 177 12 177 36] wrapping_add0 ([#"../checked_ops.rs" 177 12 177 20] [#"../checked_ops.rs" 177 12 177 20] (-128 : int8)) ([#"../checked_ops.rs" 177 34 177 35] a)); + [#"../checked_ops.rs" 177 12 177 36] _11 <- ([#"../checked_ops.rs" 177 12 177 36] wrapping_add0 (-128 : int8) a); goto BB5 } BB4 { @@ -2819,13 +3062,19 @@ module CheckedOps_TestI8AddOverflowNeg absurd } BB5 { - switch ([#"../checked_ops.rs" 177 12 177 51] _11 = ([#"../checked_ops.rs" 177 40 177 51] ([#"../checked_ops.rs" 177 40 177 47] ([#"../checked_ops.rs" 177 40 177 41] a) + ([#"../checked_ops.rs" 177 44 177 47] [#"../checked_ops.rs" 177 44 177 47] (127 : int8))) + ([#"../checked_ops.rs" 177 50 177 51] [#"../checked_ops.rs" 177 50 177 51] (1 : int8)))) + [#"../checked_ops.rs" 177 40 177 47] _14 <- ([#"../checked_ops.rs" 177 40 177 47] a + (127 : int8)); + [#"../checked_ops.rs" 177 40 177 51] _13 <- ([#"../checked_ops.rs" 177 40 177 51] _14 + (1 : int8)); + _14 <- any int8; + [#"../checked_ops.rs" 177 12 177 51] _10 <- ([#"../checked_ops.rs" 177 12 177 51] _11 = _13); + _11 <- any int8; + _13 <- any int8; + switch (_10) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 178 12 178 38] _19 <- ([#"../checked_ops.rs" 178 12 178 38] saturating_add0 ([#"../checked_ops.rs" 178 12 178 20] [#"../checked_ops.rs" 178 12 178 20] (-128 : int8)) ([#"../checked_ops.rs" 178 36 178 37] a)); + [#"../checked_ops.rs" 178 12 178 38] _19 <- ([#"../checked_ops.rs" 178 12 178 38] saturating_add0 (-128 : int8) a); goto BB8 } BB7 { @@ -2833,13 +3082,15 @@ module CheckedOps_TestI8AddOverflowNeg absurd } BB8 { - switch ([#"../checked_ops.rs" 178 12 178 46] _19 = ([#"../checked_ops.rs" 178 42 178 46] [#"../checked_ops.rs" 178 42 178 46] (-128 : int8))) + [#"../checked_ops.rs" 178 12 178 46] _18 <- ([#"../checked_ops.rs" 178 12 178 46] _19 = (-128 : int8)); + _19 <- any int8; + switch (_18) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 179 14 179 41] res <- ([#"../checked_ops.rs" 179 14 179 41] overflowing_add0 ([#"../checked_ops.rs" 179 14 179 22] [#"../checked_ops.rs" 179 14 179 22] (-128 : int8)) ([#"../checked_ops.rs" 179 39 179 40] a)); + [#"../checked_ops.rs" 179 14 179 41] res <- ([#"../checked_ops.rs" 179 14 179 41] overflowing_add0 (-128 : int8) a); goto BB11 } BB10 { @@ -2847,14 +3098,20 @@ module CheckedOps_TestI8AddOverflowNeg absurd } BB11 { - switch ([#"../checked_ops.rs" 180 12 180 32] ([#"../checked_ops.rs" 180 12 180 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 180 21 180 32] ([#"../checked_ops.rs" 180 21 180 28] ([#"../checked_ops.rs" 180 21 180 22] a) + ([#"../checked_ops.rs" 180 25 180 28] [#"../checked_ops.rs" 180 25 180 28] (127 : int8))) + ([#"../checked_ops.rs" 180 31 180 32] [#"../checked_ops.rs" 180 31 180 32] (1 : int8)))) + [#"../checked_ops.rs" 180 21 180 28] _28 <- ([#"../checked_ops.rs" 180 21 180 28] a + (127 : int8)); + [#"../checked_ops.rs" 180 21 180 32] _27 <- ([#"../checked_ops.rs" 180 21 180 32] _28 + (1 : int8)); + _28 <- any int8; + [#"../checked_ops.rs" 180 12 180 32] _25 <- ([#"../checked_ops.rs" 180 12 180 32] (let (a, _) = res in a) = _27); + _27 <- any int8; + switch (_25) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 180 36 180 49] Bool.eqb ([#"../checked_ops.rs" 180 36 180 41] let (_, a) = res in a) ([#"../checked_ops.rs" 180 45 180 49] [#"../checked_ops.rs" 180 45 180 49] true)) + [#"../checked_ops.rs" 180 36 180 49] _30 <- ([#"../checked_ops.rs" 180 36 180 49] Bool.eqb (let (_, a) = res in a) true); + switch (_30) | False -> goto BB14 | True -> goto BB13 end @@ -2907,7 +3164,7 @@ module CheckedOps_TestI8WrappingAdd goto BB0 } BB0 { - [#"../checked_ops.rs" 187 4 187 21] _0 <- ([#"../checked_ops.rs" 187 4 187 21] wrapping_add0 ([#"../checked_ops.rs" 187 4 187 5] a) ([#"../checked_ops.rs" 187 19 187 20] b)); + [#"../checked_ops.rs" 187 4 187 21] _0 <- ([#"../checked_ops.rs" 187 4 187 21] wrapping_add0 a b); goto BB1 } BB1 { @@ -2984,8 +3241,10 @@ module CheckedOps_TestI8OverflowingAdd var _0 : (); var a : int8 = a; var b : int8 = b; + var _4 : bool; var _6 : (int8, bool); var _9 : int8; + var _14 : bool; var _16 : (int8, bool); var _19 : bool; var _21 : Core_Option_Option_Type.t_option int8; @@ -2993,22 +3252,24 @@ module CheckedOps_TestI8OverflowingAdd goto BB0 } BB0 { - [#"../checked_ops.rs" 192 12 192 32] _6 <- ([#"../checked_ops.rs" 192 12 192 32] overflowing_add0 ([#"../checked_ops.rs" 192 12 192 13] a) ([#"../checked_ops.rs" 192 30 192 31] b)); + [#"../checked_ops.rs" 192 12 192 32] _6 <- ([#"../checked_ops.rs" 192 12 192 32] overflowing_add0 a b); goto BB1 } BB1 { assume { resolve0 _6 }; - [#"../checked_ops.rs" 192 38 192 55] _9 <- ([#"../checked_ops.rs" 192 38 192 55] wrapping_add0 ([#"../checked_ops.rs" 192 38 192 39] a) ([#"../checked_ops.rs" 192 53 192 54] b)); + [#"../checked_ops.rs" 192 38 192 55] _9 <- ([#"../checked_ops.rs" 192 38 192 55] wrapping_add0 a b); goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 192 12 192 55] ([#"../checked_ops.rs" 192 12 192 34] let (a, _) = _6 in a) = _9) + [#"../checked_ops.rs" 192 12 192 55] _4 <- ([#"../checked_ops.rs" 192 12 192 55] (let (a, _) = _6 in a) = _9); + _9 <- any int8; + switch (_4) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 193 12 193 32] _16 <- ([#"../checked_ops.rs" 193 12 193 32] overflowing_add0 ([#"../checked_ops.rs" 193 12 193 13] a) ([#"../checked_ops.rs" 193 30 193 31] b)); + [#"../checked_ops.rs" 193 12 193 32] _16 <- ([#"../checked_ops.rs" 193 12 193 32] overflowing_add0 a b); goto BB5 } BB4 { @@ -3017,15 +3278,17 @@ module CheckedOps_TestI8OverflowingAdd } BB5 { assume { resolve0 _16 }; - [#"../checked_ops.rs" 193 38 193 54] _21 <- ([#"../checked_ops.rs" 193 38 193 54] checked_add0 ([#"../checked_ops.rs" 193 38 193 39] a) ([#"../checked_ops.rs" 193 52 193 53] b)); + [#"../checked_ops.rs" 193 38 193 54] _21 <- ([#"../checked_ops.rs" 193 38 193 54] checked_add0 a b); goto BB6 } BB6 { - [#"../checked_ops.rs" 193 38 193 64] _19 <- ([#"../checked_ops.rs" 193 38 193 64] is_none0 ([#"../checked_ops.rs" 193 38 193 54] _21)); + [#"../checked_ops.rs" 193 38 193 64] _19 <- ([#"../checked_ops.rs" 193 38 193 64] is_none0 _21); goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 193 12 193 64] Bool.eqb ([#"../checked_ops.rs" 193 12 193 34] let (_, a) = _16 in a) _19) + [#"../checked_ops.rs" 193 12 193 64] _14 <- ([#"../checked_ops.rs" 193 12 193 64] Bool.eqb (let (_, a) = _16 in a) _19); + _19 <- any bool; + switch (_14) | False -> goto BB9 | True -> goto BB8 end @@ -3138,26 +3401,40 @@ module CheckedOps_TestI8SubExample = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _2 : bool; var _3 : int8; var _4 : Core_Option_Option_Type.t_option int8; + var _7 : bool; var _8 : int8; var _9 : Core_Option_Option_Type.t_option int8; var _12 : bool; var _14 : Core_Option_Option_Type.t_option int8; + var _17 : bool; var _18 : int8; + var _21 : bool; var _22 : int8; + var _25 : bool; var _26 : int8; + var _29 : bool; var _30 : int8; + var _33 : bool; var _34 : int8; + var _37 : bool; var _38 : int8; var res : (int8, bool); + var _42 : bool; + var _44 : bool; var res1 : (int8, bool); + var _49 : bool; + var _51 : bool; var res2 : (int8, bool); + var _56 : bool; + var _58 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 198 12 198 31] _4 <- ([#"../checked_ops.rs" 198 12 198 31] checked_sub0 ([#"../checked_ops.rs" 198 12 198 15] [#"../checked_ops.rs" 198 12 198 15] (5 : int8)) ([#"../checked_ops.rs" 198 28 198 30] [#"../checked_ops.rs" 198 28 198 30] (10 : int8))); + [#"../checked_ops.rs" 198 12 198 31] _4 <- ([#"../checked_ops.rs" 198 12 198 31] checked_sub0 (5 : int8) (10 : int8)); goto BB1 } BB1 { @@ -3166,13 +3443,15 @@ module CheckedOps_TestI8SubExample goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 198 12 198 46] _3 = ([#"../checked_ops.rs" 198 44 198 46] [#"../checked_ops.rs" 198 44 198 46] (-5 : int8))) + [#"../checked_ops.rs" 198 12 198 46] _2 <- ([#"../checked_ops.rs" 198 12 198 46] _3 = (-5 : int8)); + _3 <- any int8; + switch (_2) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 199 12 199 33] _9 <- ([#"../checked_ops.rs" 199 12 199 33] checked_sub0 ([#"../checked_ops.rs" 199 12 199 17] [#"../checked_ops.rs" 199 12 199 17] (120 : int8)) ([#"../checked_ops.rs" 199 30 199 32] [#"../checked_ops.rs" 199 30 199 32] (10 : int8))); + [#"../checked_ops.rs" 199 12 199 33] _9 <- ([#"../checked_ops.rs" 199 12 199 33] checked_sub0 (120 : int8) (10 : int8)); goto BB5 } BB4 { @@ -3185,13 +3464,15 @@ module CheckedOps_TestI8SubExample goto BB6 } BB6 { - switch ([#"../checked_ops.rs" 199 12 199 49] _8 = ([#"../checked_ops.rs" 199 46 199 49] [#"../checked_ops.rs" 199 46 199 49] (110 : int8))) + [#"../checked_ops.rs" 199 12 199 49] _7 <- ([#"../checked_ops.rs" 199 12 199 49] _8 = (110 : int8)); + _8 <- any int8; + switch (_7) | False -> goto BB8 | True -> goto BB7 end } BB7 { - [#"../checked_ops.rs" 200 12 200 36] _14 <- ([#"../checked_ops.rs" 200 12 200 36] checked_sub0 ([#"../checked_ops.rs" 200 12 200 20] [#"../checked_ops.rs" 200 12 200 20] (-120 : int8)) ([#"../checked_ops.rs" 200 33 200 35] [#"../checked_ops.rs" 200 33 200 35] (10 : int8))); + [#"../checked_ops.rs" 200 12 200 36] _14 <- ([#"../checked_ops.rs" 200 12 200 36] checked_sub0 (-120 : int8) (10 : int8)); goto BB9 } BB8 { @@ -3199,7 +3480,7 @@ module CheckedOps_TestI8SubExample absurd } BB9 { - [#"../checked_ops.rs" 200 12 200 46] _12 <- ([#"../checked_ops.rs" 200 12 200 46] is_none0 ([#"../checked_ops.rs" 200 12 200 36] _14)); + [#"../checked_ops.rs" 200 12 200 46] _12 <- ([#"../checked_ops.rs" 200 12 200 46] is_none0 _14); goto BB10 } BB10 { @@ -3209,7 +3490,7 @@ module CheckedOps_TestI8SubExample end } BB11 { - [#"../checked_ops.rs" 202 12 202 32] _18 <- ([#"../checked_ops.rs" 202 12 202 32] wrapping_sub0 ([#"../checked_ops.rs" 202 12 202 15] [#"../checked_ops.rs" 202 12 202 15] (5 : int8)) ([#"../checked_ops.rs" 202 29 202 31] [#"../checked_ops.rs" 202 29 202 31] (10 : int8))); + [#"../checked_ops.rs" 202 12 202 32] _18 <- ([#"../checked_ops.rs" 202 12 202 32] wrapping_sub0 (5 : int8) (10 : int8)); goto BB13 } BB12 { @@ -3217,13 +3498,15 @@ module CheckedOps_TestI8SubExample absurd } BB13 { - switch ([#"../checked_ops.rs" 202 12 202 38] _18 = ([#"../checked_ops.rs" 202 36 202 38] [#"../checked_ops.rs" 202 36 202 38] (-5 : int8))) + [#"../checked_ops.rs" 202 12 202 38] _17 <- ([#"../checked_ops.rs" 202 12 202 38] _18 = (-5 : int8)); + _18 <- any int8; + switch (_17) | False -> goto BB15 | True -> goto BB14 end } BB14 { - [#"../checked_ops.rs" 203 12 203 34] _22 <- ([#"../checked_ops.rs" 203 12 203 34] wrapping_sub0 ([#"../checked_ops.rs" 203 12 203 17] [#"../checked_ops.rs" 203 12 203 17] (120 : int8)) ([#"../checked_ops.rs" 203 31 203 33] [#"../checked_ops.rs" 203 31 203 33] (10 : int8))); + [#"../checked_ops.rs" 203 12 203 34] _22 <- ([#"../checked_ops.rs" 203 12 203 34] wrapping_sub0 (120 : int8) (10 : int8)); goto BB16 } BB15 { @@ -3231,13 +3514,15 @@ module CheckedOps_TestI8SubExample absurd } BB16 { - switch ([#"../checked_ops.rs" 203 12 203 41] _22 = ([#"../checked_ops.rs" 203 38 203 41] [#"../checked_ops.rs" 203 38 203 41] (110 : int8))) + [#"../checked_ops.rs" 203 12 203 41] _21 <- ([#"../checked_ops.rs" 203 12 203 41] _22 = (110 : int8)); + _22 <- any int8; + switch (_21) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../checked_ops.rs" 204 12 204 37] _26 <- ([#"../checked_ops.rs" 204 12 204 37] wrapping_sub0 ([#"../checked_ops.rs" 204 12 204 20] [#"../checked_ops.rs" 204 12 204 20] (-120 : int8)) ([#"../checked_ops.rs" 204 34 204 36] [#"../checked_ops.rs" 204 34 204 36] (10 : int8))); + [#"../checked_ops.rs" 204 12 204 37] _26 <- ([#"../checked_ops.rs" 204 12 204 37] wrapping_sub0 (-120 : int8) (10 : int8)); goto BB19 } BB18 { @@ -3245,13 +3530,15 @@ module CheckedOps_TestI8SubExample absurd } BB19 { - switch ([#"../checked_ops.rs" 204 12 204 44] _26 = ([#"../checked_ops.rs" 204 41 204 44] [#"../checked_ops.rs" 204 41 204 44] (126 : int8))) + [#"../checked_ops.rs" 204 12 204 44] _25 <- ([#"../checked_ops.rs" 204 12 204 44] _26 = (126 : int8)); + _26 <- any int8; + switch (_25) | False -> goto BB21 | True -> goto BB20 end } BB20 { - [#"../checked_ops.rs" 206 12 206 34] _30 <- ([#"../checked_ops.rs" 206 12 206 34] saturating_sub0 ([#"../checked_ops.rs" 206 12 206 15] [#"../checked_ops.rs" 206 12 206 15] (5 : int8)) ([#"../checked_ops.rs" 206 31 206 33] [#"../checked_ops.rs" 206 31 206 33] (10 : int8))); + [#"../checked_ops.rs" 206 12 206 34] _30 <- ([#"../checked_ops.rs" 206 12 206 34] saturating_sub0 (5 : int8) (10 : int8)); goto BB22 } BB21 { @@ -3259,13 +3546,15 @@ module CheckedOps_TestI8SubExample absurd } BB22 { - switch ([#"../checked_ops.rs" 206 12 206 40] _30 = ([#"../checked_ops.rs" 206 38 206 40] [#"../checked_ops.rs" 206 38 206 40] (-5 : int8))) + [#"../checked_ops.rs" 206 12 206 40] _29 <- ([#"../checked_ops.rs" 206 12 206 40] _30 = (-5 : int8)); + _30 <- any int8; + switch (_29) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../checked_ops.rs" 207 12 207 36] _34 <- ([#"../checked_ops.rs" 207 12 207 36] saturating_sub0 ([#"../checked_ops.rs" 207 12 207 17] [#"../checked_ops.rs" 207 12 207 17] (120 : int8)) ([#"../checked_ops.rs" 207 33 207 35] [#"../checked_ops.rs" 207 33 207 35] (10 : int8))); + [#"../checked_ops.rs" 207 12 207 36] _34 <- ([#"../checked_ops.rs" 207 12 207 36] saturating_sub0 (120 : int8) (10 : int8)); goto BB25 } BB24 { @@ -3273,13 +3562,15 @@ module CheckedOps_TestI8SubExample absurd } BB25 { - switch ([#"../checked_ops.rs" 207 12 207 43] _34 = ([#"../checked_ops.rs" 207 40 207 43] [#"../checked_ops.rs" 207 40 207 43] (110 : int8))) + [#"../checked_ops.rs" 207 12 207 43] _33 <- ([#"../checked_ops.rs" 207 12 207 43] _34 = (110 : int8)); + _34 <- any int8; + switch (_33) | False -> goto BB27 | True -> goto BB26 end } BB26 { - [#"../checked_ops.rs" 208 12 208 39] _38 <- ([#"../checked_ops.rs" 208 12 208 39] saturating_sub0 ([#"../checked_ops.rs" 208 12 208 20] [#"../checked_ops.rs" 208 12 208 20] (-120 : int8)) ([#"../checked_ops.rs" 208 36 208 38] [#"../checked_ops.rs" 208 36 208 38] (10 : int8))); + [#"../checked_ops.rs" 208 12 208 39] _38 <- ([#"../checked_ops.rs" 208 12 208 39] saturating_sub0 (-120 : int8) (10 : int8)); goto BB28 } BB27 { @@ -3287,13 +3578,15 @@ module CheckedOps_TestI8SubExample absurd } BB28 { - switch ([#"../checked_ops.rs" 208 12 208 47] _38 = ([#"../checked_ops.rs" 208 43 208 47] [#"../checked_ops.rs" 208 43 208 47] (-128 : int8))) + [#"../checked_ops.rs" 208 12 208 47] _37 <- ([#"../checked_ops.rs" 208 12 208 47] _38 = (-128 : int8)); + _38 <- any int8; + switch (_37) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../checked_ops.rs" 210 14 210 37] res <- ([#"../checked_ops.rs" 210 14 210 37] overflowing_sub0 ([#"../checked_ops.rs" 210 14 210 17] [#"../checked_ops.rs" 210 14 210 17] (5 : int8)) ([#"../checked_ops.rs" 210 34 210 36] [#"../checked_ops.rs" 210 34 210 36] (10 : int8))); + [#"../checked_ops.rs" 210 14 210 37] res <- ([#"../checked_ops.rs" 210 14 210 37] overflowing_sub0 (5 : int8) (10 : int8)); goto BB31 } BB30 { @@ -3301,20 +3594,22 @@ module CheckedOps_TestI8SubExample absurd } BB31 { - switch ([#"../checked_ops.rs" 211 12 211 23] ([#"../checked_ops.rs" 211 12 211 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 211 21 211 23] [#"../checked_ops.rs" 211 21 211 23] (-5 : int8))) + [#"../checked_ops.rs" 211 12 211 23] _42 <- ([#"../checked_ops.rs" 211 12 211 23] (let (a, _) = res in a) = (-5 : int8)); + switch (_42) | False -> goto BB35 | True -> goto BB32 end } BB32 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 211 27 211 41] Bool.eqb ([#"../checked_ops.rs" 211 27 211 32] let (_, a) = res in a) ([#"../checked_ops.rs" 211 36 211 41] [#"../checked_ops.rs" 211 36 211 41] false)) + [#"../checked_ops.rs" 211 27 211 41] _44 <- ([#"../checked_ops.rs" 211 27 211 41] Bool.eqb (let (_, a) = res in a) false); + switch (_44) | False -> goto BB34 | True -> goto BB33 end } BB33 { - [#"../checked_ops.rs" 212 14 212 39] res1 <- ([#"../checked_ops.rs" 212 14 212 39] overflowing_sub0 ([#"../checked_ops.rs" 212 14 212 19] [#"../checked_ops.rs" 212 14 212 19] (120 : int8)) ([#"../checked_ops.rs" 212 36 212 38] [#"../checked_ops.rs" 212 36 212 38] (10 : int8))); + [#"../checked_ops.rs" 212 14 212 39] res1 <- ([#"../checked_ops.rs" 212 14 212 39] overflowing_sub0 (120 : int8) (10 : int8)); goto BB37 } BB34 { @@ -3329,20 +3624,22 @@ module CheckedOps_TestI8SubExample absurd } BB37 { - switch ([#"../checked_ops.rs" 213 12 213 24] ([#"../checked_ops.rs" 213 12 213 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 213 21 213 24] [#"../checked_ops.rs" 213 21 213 24] (110 : int8))) + [#"../checked_ops.rs" 213 12 213 24] _49 <- ([#"../checked_ops.rs" 213 12 213 24] (let (a, _) = res1 in a) = (110 : int8)); + switch (_49) | False -> goto BB41 | True -> goto BB38 end } BB38 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 213 28 213 42] Bool.eqb ([#"../checked_ops.rs" 213 28 213 33] let (_, a) = res1 in a) ([#"../checked_ops.rs" 213 37 213 42] [#"../checked_ops.rs" 213 37 213 42] false)) + [#"../checked_ops.rs" 213 28 213 42] _51 <- ([#"../checked_ops.rs" 213 28 213 42] Bool.eqb (let (_, a) = res1 in a) false); + switch (_51) | False -> goto BB40 | True -> goto BB39 end } BB39 { - [#"../checked_ops.rs" 214 14 214 42] res2 <- ([#"../checked_ops.rs" 214 14 214 42] overflowing_sub0 ([#"../checked_ops.rs" 214 14 214 22] [#"../checked_ops.rs" 214 14 214 22] (-120 : int8)) ([#"../checked_ops.rs" 214 39 214 41] [#"../checked_ops.rs" 214 39 214 41] (10 : int8))); + [#"../checked_ops.rs" 214 14 214 42] res2 <- ([#"../checked_ops.rs" 214 14 214 42] overflowing_sub0 (-120 : int8) (10 : int8)); goto BB43 } BB40 { @@ -3357,14 +3654,16 @@ module CheckedOps_TestI8SubExample absurd } BB43 { - switch ([#"../checked_ops.rs" 215 12 215 24] ([#"../checked_ops.rs" 215 12 215 17] let (a, _) = res2 in a) = ([#"../checked_ops.rs" 215 21 215 24] [#"../checked_ops.rs" 215 21 215 24] (126 : int8))) + [#"../checked_ops.rs" 215 12 215 24] _56 <- ([#"../checked_ops.rs" 215 12 215 24] (let (a, _) = res2 in a) = (126 : int8)); + switch (_56) | False -> goto BB47 | True -> goto BB44 end } BB44 { assume { resolve0 res2 }; - switch ([#"../checked_ops.rs" 215 28 215 41] Bool.eqb ([#"../checked_ops.rs" 215 28 215 33] let (_, a) = res2 in a) ([#"../checked_ops.rs" 215 37 215 41] [#"../checked_ops.rs" 215 37 215 41] true)) + [#"../checked_ops.rs" 215 28 215 41] _58 <- ([#"../checked_ops.rs" 215 28 215 41] Bool.eqb (let (_, a) = res2 in a) true); + switch (_58) | False -> goto BB46 | True -> goto BB45 end @@ -3462,18 +3761,26 @@ module CheckedOps_TestI8SubOverflowPos var a : int8 = a; var _4 : bool; var _6 : Core_Option_Option_Type.t_option int8; + var _10 : bool; var _11 : int8; + var _13 : int8; + var _14 : int8; + var _18 : bool; var _19 : int8; var res : (int8, bool); + var _25 : bool; + var _27 : int8; + var _28 : int8; + var _30 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 221 12 221 35] _6 <- ([#"../checked_ops.rs" 221 12 221 35] checked_sub0 ([#"../checked_ops.rs" 221 12 221 20] [#"../checked_ops.rs" 221 12 221 20] (-128 : int8)) ([#"../checked_ops.rs" 221 33 221 34] a)); + [#"../checked_ops.rs" 221 12 221 35] _6 <- ([#"../checked_ops.rs" 221 12 221 35] checked_sub0 (-128 : int8) a); goto BB1 } BB1 { - [#"../checked_ops.rs" 221 12 221 45] _4 <- ([#"../checked_ops.rs" 221 12 221 45] is_none0 ([#"../checked_ops.rs" 221 12 221 35] _6)); + [#"../checked_ops.rs" 221 12 221 45] _4 <- ([#"../checked_ops.rs" 221 12 221 45] is_none0 _6); goto BB2 } BB2 { @@ -3483,7 +3790,7 @@ module CheckedOps_TestI8SubOverflowPos end } BB3 { - [#"../checked_ops.rs" 222 12 222 36] _11 <- ([#"../checked_ops.rs" 222 12 222 36] wrapping_sub0 ([#"../checked_ops.rs" 222 12 222 20] [#"../checked_ops.rs" 222 12 222 20] (-128 : int8)) ([#"../checked_ops.rs" 222 34 222 35] a)); + [#"../checked_ops.rs" 222 12 222 36] _11 <- ([#"../checked_ops.rs" 222 12 222 36] wrapping_sub0 (-128 : int8) a); goto BB5 } BB4 { @@ -3491,13 +3798,19 @@ module CheckedOps_TestI8SubOverflowPos absurd } BB5 { - switch ([#"../checked_ops.rs" 222 12 222 51] _11 = ([#"../checked_ops.rs" 222 40 222 51] ([#"../checked_ops.rs" 222 40 222 47] ([#"../checked_ops.rs" 222 40 222 43] [#"../checked_ops.rs" 222 40 222 43] (127 : int8)) - ([#"../checked_ops.rs" 222 46 222 47] a)) + ([#"../checked_ops.rs" 222 50 222 51] [#"../checked_ops.rs" 222 50 222 51] (1 : int8)))) + [#"../checked_ops.rs" 222 40 222 47] _14 <- ([#"../checked_ops.rs" 222 40 222 47] (127 : int8) - a); + [#"../checked_ops.rs" 222 40 222 51] _13 <- ([#"../checked_ops.rs" 222 40 222 51] _14 + (1 : int8)); + _14 <- any int8; + [#"../checked_ops.rs" 222 12 222 51] _10 <- ([#"../checked_ops.rs" 222 12 222 51] _11 = _13); + _11 <- any int8; + _13 <- any int8; + switch (_10) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 223 12 223 38] _19 <- ([#"../checked_ops.rs" 223 12 223 38] saturating_sub0 ([#"../checked_ops.rs" 223 12 223 20] [#"../checked_ops.rs" 223 12 223 20] (-128 : int8)) ([#"../checked_ops.rs" 223 36 223 37] a)); + [#"../checked_ops.rs" 223 12 223 38] _19 <- ([#"../checked_ops.rs" 223 12 223 38] saturating_sub0 (-128 : int8) a); goto BB8 } BB7 { @@ -3505,13 +3818,15 @@ module CheckedOps_TestI8SubOverflowPos absurd } BB8 { - switch ([#"../checked_ops.rs" 223 12 223 46] _19 = ([#"../checked_ops.rs" 223 42 223 46] [#"../checked_ops.rs" 223 42 223 46] (-128 : int8))) + [#"../checked_ops.rs" 223 12 223 46] _18 <- ([#"../checked_ops.rs" 223 12 223 46] _19 = (-128 : int8)); + _19 <- any int8; + switch (_18) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 224 14 224 41] res <- ([#"../checked_ops.rs" 224 14 224 41] overflowing_sub0 ([#"../checked_ops.rs" 224 14 224 22] [#"../checked_ops.rs" 224 14 224 22] (-128 : int8)) ([#"../checked_ops.rs" 224 39 224 40] a)); + [#"../checked_ops.rs" 224 14 224 41] res <- ([#"../checked_ops.rs" 224 14 224 41] overflowing_sub0 (-128 : int8) a); goto BB11 } BB10 { @@ -3519,14 +3834,20 @@ module CheckedOps_TestI8SubOverflowPos absurd } BB11 { - switch ([#"../checked_ops.rs" 225 12 225 32] ([#"../checked_ops.rs" 225 12 225 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 225 21 225 32] ([#"../checked_ops.rs" 225 21 225 28] ([#"../checked_ops.rs" 225 21 225 24] [#"../checked_ops.rs" 225 21 225 24] (127 : int8)) - ([#"../checked_ops.rs" 225 27 225 28] a)) + ([#"../checked_ops.rs" 225 31 225 32] [#"../checked_ops.rs" 225 31 225 32] (1 : int8)))) + [#"../checked_ops.rs" 225 21 225 28] _28 <- ([#"../checked_ops.rs" 225 21 225 28] (127 : int8) - a); + [#"../checked_ops.rs" 225 21 225 32] _27 <- ([#"../checked_ops.rs" 225 21 225 32] _28 + (1 : int8)); + _28 <- any int8; + [#"../checked_ops.rs" 225 12 225 32] _25 <- ([#"../checked_ops.rs" 225 12 225 32] (let (a, _) = res in a) = _27); + _27 <- any int8; + switch (_25) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 225 36 225 49] Bool.eqb ([#"../checked_ops.rs" 225 36 225 41] let (_, a) = res in a) ([#"../checked_ops.rs" 225 45 225 49] [#"../checked_ops.rs" 225 45 225 49] true)) + [#"../checked_ops.rs" 225 36 225 49] _30 <- ([#"../checked_ops.rs" 225 36 225 49] Bool.eqb (let (_, a) = res in a) true); + switch (_30) | False -> goto BB14 | True -> goto BB13 end @@ -3624,18 +3945,28 @@ module CheckedOps_TestI8SubOverflowNeg var a : int8 = a; var _4 : bool; var _6 : Core_Option_Option_Type.t_option int8; + var _10 : bool; var _11 : int8; + var _13 : int8; + var _14 : int8; + var _15 : int8; + var _19 : bool; var _20 : int8; var res : (int8, bool); + var _26 : bool; + var _28 : int8; + var _29 : int8; + var _30 : int8; + var _32 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 231 12 231 32] _6 <- ([#"../checked_ops.rs" 231 12 231 32] checked_sub0 ([#"../checked_ops.rs" 231 12 231 17] [#"../checked_ops.rs" 231 12 231 17] (127 : int8)) ([#"../checked_ops.rs" 231 30 231 31] a)); + [#"../checked_ops.rs" 231 12 231 32] _6 <- ([#"../checked_ops.rs" 231 12 231 32] checked_sub0 (127 : int8) a); goto BB1 } BB1 { - [#"../checked_ops.rs" 231 12 231 42] _4 <- ([#"../checked_ops.rs" 231 12 231 42] is_none0 ([#"../checked_ops.rs" 231 12 231 32] _6)); + [#"../checked_ops.rs" 231 12 231 42] _4 <- ([#"../checked_ops.rs" 231 12 231 42] is_none0 _6); goto BB2 } BB2 { @@ -3645,7 +3976,7 @@ module CheckedOps_TestI8SubOverflowNeg end } BB3 { - [#"../checked_ops.rs" 232 12 232 33] _11 <- ([#"../checked_ops.rs" 232 12 232 33] wrapping_sub0 ([#"../checked_ops.rs" 232 12 232 17] [#"../checked_ops.rs" 232 12 232 17] (127 : int8)) ([#"../checked_ops.rs" 232 31 232 32] a)); + [#"../checked_ops.rs" 232 12 232 33] _11 <- ([#"../checked_ops.rs" 232 12 232 33] wrapping_sub0 (127 : int8) a); goto BB5 } BB4 { @@ -3653,13 +3984,21 @@ module CheckedOps_TestI8SubOverflowNeg absurd } BB5 { - switch ([#"../checked_ops.rs" 232 12 232 51] _11 = ([#"../checked_ops.rs" 232 37 232 51] ([#"../checked_ops.rs" 232 37 232 45] - ([#"../checked_ops.rs" 232 38 232 45] ([#"../checked_ops.rs" 232 39 232 40] [#"../checked_ops.rs" 232 39 232 40] (2 : int8)) + ([#"../checked_ops.rs" 232 43 232 44] a))) - ([#"../checked_ops.rs" 232 48 232 51] [#"../checked_ops.rs" 232 48 232 51] (127 : int8)))) + [#"../checked_ops.rs" 232 38 232 45] _15 <- ([#"../checked_ops.rs" 232 38 232 45] (2 : int8) + a); + [#"../checked_ops.rs" 232 37 232 45] _14 <- ([#"../checked_ops.rs" 232 37 232 45] - _15); + _15 <- any int8; + [#"../checked_ops.rs" 232 37 232 51] _13 <- ([#"../checked_ops.rs" 232 37 232 51] _14 - (127 : int8)); + _14 <- any int8; + [#"../checked_ops.rs" 232 12 232 51] _10 <- ([#"../checked_ops.rs" 232 12 232 51] _11 = _13); + _11 <- any int8; + _13 <- any int8; + switch (_10) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 233 12 233 35] _20 <- ([#"../checked_ops.rs" 233 12 233 35] saturating_sub0 ([#"../checked_ops.rs" 233 12 233 17] [#"../checked_ops.rs" 233 12 233 17] (127 : int8)) ([#"../checked_ops.rs" 233 33 233 34] a)); + [#"../checked_ops.rs" 233 12 233 35] _20 <- ([#"../checked_ops.rs" 233 12 233 35] saturating_sub0 (127 : int8) a); goto BB8 } BB7 { @@ -3667,13 +4006,15 @@ module CheckedOps_TestI8SubOverflowNeg absurd } BB8 { - switch ([#"../checked_ops.rs" 233 12 233 42] _20 = ([#"../checked_ops.rs" 233 39 233 42] [#"../checked_ops.rs" 233 39 233 42] (127 : int8))) + [#"../checked_ops.rs" 233 12 233 42] _19 <- ([#"../checked_ops.rs" 233 12 233 42] _20 = (127 : int8)); + _20 <- any int8; + switch (_19) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 234 14 234 38] res <- ([#"../checked_ops.rs" 234 14 234 38] overflowing_sub0 ([#"../checked_ops.rs" 234 14 234 19] [#"../checked_ops.rs" 234 14 234 19] (127 : int8)) ([#"../checked_ops.rs" 234 36 234 37] a)); + [#"../checked_ops.rs" 234 14 234 38] res <- ([#"../checked_ops.rs" 234 14 234 38] overflowing_sub0 (127 : int8) a); goto BB11 } BB10 { @@ -3681,14 +4022,22 @@ module CheckedOps_TestI8SubOverflowNeg absurd } BB11 { - switch ([#"../checked_ops.rs" 235 12 235 35] ([#"../checked_ops.rs" 235 12 235 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 235 21 235 35] ([#"../checked_ops.rs" 235 21 235 29] - ([#"../checked_ops.rs" 235 22 235 29] ([#"../checked_ops.rs" 235 23 235 24] [#"../checked_ops.rs" 235 23 235 24] (2 : int8)) + ([#"../checked_ops.rs" 235 27 235 28] a))) - ([#"../checked_ops.rs" 235 32 235 35] [#"../checked_ops.rs" 235 32 235 35] (127 : int8)))) + [#"../checked_ops.rs" 235 22 235 29] _30 <- ([#"../checked_ops.rs" 235 22 235 29] (2 : int8) + a); + [#"../checked_ops.rs" 235 21 235 29] _29 <- ([#"../checked_ops.rs" 235 21 235 29] - _30); + _30 <- any int8; + [#"../checked_ops.rs" 235 21 235 35] _28 <- ([#"../checked_ops.rs" 235 21 235 35] _29 - (127 : int8)); + _29 <- any int8; + [#"../checked_ops.rs" 235 12 235 35] _26 <- ([#"../checked_ops.rs" 235 12 235 35] (let (a, _) = res in a) = _28); + _28 <- any int8; + switch (_26) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 235 39 235 52] Bool.eqb ([#"../checked_ops.rs" 235 39 235 44] let (_, a) = res in a) ([#"../checked_ops.rs" 235 48 235 52] [#"../checked_ops.rs" 235 48 235 52] true)) + [#"../checked_ops.rs" 235 39 235 52] _32 <- ([#"../checked_ops.rs" 235 39 235 52] Bool.eqb (let (_, a) = res in a) true); + switch (_32) | False -> goto BB14 | True -> goto BB13 end @@ -3741,7 +4090,7 @@ module CheckedOps_TestI8WrappingSub goto BB0 } BB0 { - [#"../checked_ops.rs" 242 4 242 21] _0 <- ([#"../checked_ops.rs" 242 4 242 21] wrapping_sub0 ([#"../checked_ops.rs" 242 4 242 5] a) ([#"../checked_ops.rs" 242 19 242 20] b)); + [#"../checked_ops.rs" 242 4 242 21] _0 <- ([#"../checked_ops.rs" 242 4 242 21] wrapping_sub0 a b); goto BB1 } BB1 { @@ -3818,8 +4167,10 @@ module CheckedOps_TestI8OverflowingSub var _0 : (); var a : int8 = a; var b : int8 = b; + var _4 : bool; var _6 : (int8, bool); var _9 : int8; + var _14 : bool; var _16 : (int8, bool); var _19 : bool; var _21 : Core_Option_Option_Type.t_option int8; @@ -3827,22 +4178,24 @@ module CheckedOps_TestI8OverflowingSub goto BB0 } BB0 { - [#"../checked_ops.rs" 247 12 247 32] _6 <- ([#"../checked_ops.rs" 247 12 247 32] overflowing_sub0 ([#"../checked_ops.rs" 247 12 247 13] a) ([#"../checked_ops.rs" 247 30 247 31] b)); + [#"../checked_ops.rs" 247 12 247 32] _6 <- ([#"../checked_ops.rs" 247 12 247 32] overflowing_sub0 a b); goto BB1 } BB1 { assume { resolve0 _6 }; - [#"../checked_ops.rs" 247 38 247 55] _9 <- ([#"../checked_ops.rs" 247 38 247 55] wrapping_sub0 ([#"../checked_ops.rs" 247 38 247 39] a) ([#"../checked_ops.rs" 247 53 247 54] b)); + [#"../checked_ops.rs" 247 38 247 55] _9 <- ([#"../checked_ops.rs" 247 38 247 55] wrapping_sub0 a b); goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 247 12 247 55] ([#"../checked_ops.rs" 247 12 247 34] let (a, _) = _6 in a) = _9) + [#"../checked_ops.rs" 247 12 247 55] _4 <- ([#"../checked_ops.rs" 247 12 247 55] (let (a, _) = _6 in a) = _9); + _9 <- any int8; + switch (_4) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 248 12 248 32] _16 <- ([#"../checked_ops.rs" 248 12 248 32] overflowing_sub0 ([#"../checked_ops.rs" 248 12 248 13] a) ([#"../checked_ops.rs" 248 30 248 31] b)); + [#"../checked_ops.rs" 248 12 248 32] _16 <- ([#"../checked_ops.rs" 248 12 248 32] overflowing_sub0 a b); goto BB5 } BB4 { @@ -3851,15 +4204,17 @@ module CheckedOps_TestI8OverflowingSub } BB5 { assume { resolve0 _16 }; - [#"../checked_ops.rs" 248 38 248 54] _21 <- ([#"../checked_ops.rs" 248 38 248 54] checked_sub0 ([#"../checked_ops.rs" 248 38 248 39] a) ([#"../checked_ops.rs" 248 52 248 53] b)); + [#"../checked_ops.rs" 248 38 248 54] _21 <- ([#"../checked_ops.rs" 248 38 248 54] checked_sub0 a b); goto BB6 } BB6 { - [#"../checked_ops.rs" 248 38 248 64] _19 <- ([#"../checked_ops.rs" 248 38 248 64] is_none0 ([#"../checked_ops.rs" 248 38 248 54] _21)); + [#"../checked_ops.rs" 248 38 248 64] _19 <- ([#"../checked_ops.rs" 248 38 248 64] is_none0 _21); goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 248 12 248 64] Bool.eqb ([#"../checked_ops.rs" 248 12 248 34] let (_, a) = _16 in a) _19) + [#"../checked_ops.rs" 248 12 248 64] _14 <- ([#"../checked_ops.rs" 248 12 248 64] Bool.eqb (let (_, a) = _16 in a) _19); + _19 <- any bool; + switch (_14) | False -> goto BB9 | True -> goto BB8 end @@ -3972,26 +4327,39 @@ module CheckedOps_TestI8MulExample = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _2 : bool; var _3 : int8; var _4 : Core_Option_Option_Type.t_option int8; var _7 : bool; var _9 : Core_Option_Option_Type.t_option int8; var _12 : bool; var _14 : Core_Option_Option_Type.t_option int8; + var _17 : bool; var _18 : int8; + var _21 : bool; var _22 : int8; + var _25 : bool; var _26 : int8; + var _29 : bool; var _30 : int8; + var _33 : bool; var _34 : int8; + var _37 : bool; var _38 : int8; var res : (int8, bool); + var _42 : bool; + var _44 : bool; var res1 : (int8, bool); + var _49 : bool; + var _51 : bool; var res2 : (int8, bool); + var _56 : bool; + var _58 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 253 12 253 31] _4 <- ([#"../checked_ops.rs" 253 12 253 31] checked_mul0 ([#"../checked_ops.rs" 253 12 253 15] [#"../checked_ops.rs" 253 12 253 15] (5 : int8)) ([#"../checked_ops.rs" 253 28 253 30] [#"../checked_ops.rs" 253 28 253 30] (10 : int8))); + [#"../checked_ops.rs" 253 12 253 31] _4 <- ([#"../checked_ops.rs" 253 12 253 31] checked_mul0 (5 : int8) (10 : int8)); goto BB1 } BB1 { @@ -4000,13 +4368,15 @@ module CheckedOps_TestI8MulExample goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 253 12 253 46] _3 = ([#"../checked_ops.rs" 253 44 253 46] [#"../checked_ops.rs" 253 44 253 46] (50 : int8))) + [#"../checked_ops.rs" 253 12 253 46] _2 <- ([#"../checked_ops.rs" 253 12 253 46] _3 = (50 : int8)); + _3 <- any int8; + switch (_2) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 254 12 254 32] _9 <- ([#"../checked_ops.rs" 254 12 254 32] checked_mul0 ([#"../checked_ops.rs" 254 12 254 16] [#"../checked_ops.rs" 254 12 254 16] (50 : int8)) ([#"../checked_ops.rs" 254 29 254 31] [#"../checked_ops.rs" 254 29 254 31] (10 : int8))); + [#"../checked_ops.rs" 254 12 254 32] _9 <- ([#"../checked_ops.rs" 254 12 254 32] checked_mul0 (50 : int8) (10 : int8)); goto BB5 } BB4 { @@ -4014,7 +4384,7 @@ module CheckedOps_TestI8MulExample absurd } BB5 { - [#"../checked_ops.rs" 254 12 254 42] _7 <- ([#"../checked_ops.rs" 254 12 254 42] is_none0 ([#"../checked_ops.rs" 254 12 254 32] _9)); + [#"../checked_ops.rs" 254 12 254 42] _7 <- ([#"../checked_ops.rs" 254 12 254 42] is_none0 _9); goto BB6 } BB6 { @@ -4024,7 +4394,7 @@ module CheckedOps_TestI8MulExample end } BB7 { - [#"../checked_ops.rs" 255 12 255 33] _14 <- ([#"../checked_ops.rs" 255 12 255 33] checked_mul0 ([#"../checked_ops.rs" 255 12 255 16] [#"../checked_ops.rs" 255 12 255 16] (50 : int8)) ([#"../checked_ops.rs" 255 29 255 32] [#"../checked_ops.rs" 255 29 255 32] (-10 : int8))); + [#"../checked_ops.rs" 255 12 255 33] _14 <- ([#"../checked_ops.rs" 255 12 255 33] checked_mul0 (50 : int8) (-10 : int8)); goto BB9 } BB8 { @@ -4032,7 +4402,7 @@ module CheckedOps_TestI8MulExample absurd } BB9 { - [#"../checked_ops.rs" 255 12 255 43] _12 <- ([#"../checked_ops.rs" 255 12 255 43] is_none0 ([#"../checked_ops.rs" 255 12 255 33] _14)); + [#"../checked_ops.rs" 255 12 255 43] _12 <- ([#"../checked_ops.rs" 255 12 255 43] is_none0 _14); goto BB10 } BB10 { @@ -4042,7 +4412,7 @@ module CheckedOps_TestI8MulExample end } BB11 { - [#"../checked_ops.rs" 257 12 257 32] _18 <- ([#"../checked_ops.rs" 257 12 257 32] wrapping_mul0 ([#"../checked_ops.rs" 257 12 257 15] [#"../checked_ops.rs" 257 12 257 15] (5 : int8)) ([#"../checked_ops.rs" 257 29 257 31] [#"../checked_ops.rs" 257 29 257 31] (10 : int8))); + [#"../checked_ops.rs" 257 12 257 32] _18 <- ([#"../checked_ops.rs" 257 12 257 32] wrapping_mul0 (5 : int8) (10 : int8)); goto BB13 } BB12 { @@ -4050,13 +4420,15 @@ module CheckedOps_TestI8MulExample absurd } BB13 { - switch ([#"../checked_ops.rs" 257 12 257 38] _18 = ([#"../checked_ops.rs" 257 36 257 38] [#"../checked_ops.rs" 257 36 257 38] (50 : int8))) + [#"../checked_ops.rs" 257 12 257 38] _17 <- ([#"../checked_ops.rs" 257 12 257 38] _18 = (50 : int8)); + _18 <- any int8; + switch (_17) | False -> goto BB15 | True -> goto BB14 end } BB14 { - [#"../checked_ops.rs" 258 12 258 33] _22 <- ([#"../checked_ops.rs" 258 12 258 33] wrapping_mul0 ([#"../checked_ops.rs" 258 12 258 16] [#"../checked_ops.rs" 258 12 258 16] (50 : int8)) ([#"../checked_ops.rs" 258 30 258 32] [#"../checked_ops.rs" 258 30 258 32] (10 : int8))); + [#"../checked_ops.rs" 258 12 258 33] _22 <- ([#"../checked_ops.rs" 258 12 258 33] wrapping_mul0 (50 : int8) (10 : int8)); goto BB16 } BB15 { @@ -4064,13 +4436,15 @@ module CheckedOps_TestI8MulExample absurd } BB16 { - switch ([#"../checked_ops.rs" 258 12 258 40] _22 = ([#"../checked_ops.rs" 258 37 258 40] [#"../checked_ops.rs" 258 37 258 40] (-12 : int8))) + [#"../checked_ops.rs" 258 12 258 40] _21 <- ([#"../checked_ops.rs" 258 12 258 40] _22 = (-12 : int8)); + _22 <- any int8; + switch (_21) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../checked_ops.rs" 259 12 259 34] _26 <- ([#"../checked_ops.rs" 259 12 259 34] wrapping_mul0 ([#"../checked_ops.rs" 259 12 259 16] [#"../checked_ops.rs" 259 12 259 16] (50 : int8)) ([#"../checked_ops.rs" 259 30 259 33] [#"../checked_ops.rs" 259 30 259 33] (-10 : int8))); + [#"../checked_ops.rs" 259 12 259 34] _26 <- ([#"../checked_ops.rs" 259 12 259 34] wrapping_mul0 (50 : int8) (-10 : int8)); goto BB19 } BB18 { @@ -4078,13 +4452,15 @@ module CheckedOps_TestI8MulExample absurd } BB19 { - switch ([#"../checked_ops.rs" 259 12 259 40] _26 = ([#"../checked_ops.rs" 259 38 259 40] [#"../checked_ops.rs" 259 38 259 40] (12 : int8))) + [#"../checked_ops.rs" 259 12 259 40] _25 <- ([#"../checked_ops.rs" 259 12 259 40] _26 = (12 : int8)); + _26 <- any int8; + switch (_25) | False -> goto BB21 | True -> goto BB20 end } BB20 { - [#"../checked_ops.rs" 261 12 261 34] _30 <- ([#"../checked_ops.rs" 261 12 261 34] saturating_mul0 ([#"../checked_ops.rs" 261 12 261 15] [#"../checked_ops.rs" 261 12 261 15] (5 : int8)) ([#"../checked_ops.rs" 261 31 261 33] [#"../checked_ops.rs" 261 31 261 33] (10 : int8))); + [#"../checked_ops.rs" 261 12 261 34] _30 <- ([#"../checked_ops.rs" 261 12 261 34] saturating_mul0 (5 : int8) (10 : int8)); goto BB22 } BB21 { @@ -4092,13 +4468,15 @@ module CheckedOps_TestI8MulExample absurd } BB22 { - switch ([#"../checked_ops.rs" 261 12 261 40] _30 = ([#"../checked_ops.rs" 261 38 261 40] [#"../checked_ops.rs" 261 38 261 40] (50 : int8))) + [#"../checked_ops.rs" 261 12 261 40] _29 <- ([#"../checked_ops.rs" 261 12 261 40] _30 = (50 : int8)); + _30 <- any int8; + switch (_29) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../checked_ops.rs" 262 12 262 35] _34 <- ([#"../checked_ops.rs" 262 12 262 35] saturating_mul0 ([#"../checked_ops.rs" 262 12 262 16] [#"../checked_ops.rs" 262 12 262 16] (50 : int8)) ([#"../checked_ops.rs" 262 32 262 34] [#"../checked_ops.rs" 262 32 262 34] (10 : int8))); + [#"../checked_ops.rs" 262 12 262 35] _34 <- ([#"../checked_ops.rs" 262 12 262 35] saturating_mul0 (50 : int8) (10 : int8)); goto BB25 } BB24 { @@ -4106,13 +4484,15 @@ module CheckedOps_TestI8MulExample absurd } BB25 { - switch ([#"../checked_ops.rs" 262 12 262 42] _34 = ([#"../checked_ops.rs" 262 39 262 42] [#"../checked_ops.rs" 262 39 262 42] (127 : int8))) + [#"../checked_ops.rs" 262 12 262 42] _33 <- ([#"../checked_ops.rs" 262 12 262 42] _34 = (127 : int8)); + _34 <- any int8; + switch (_33) | False -> goto BB27 | True -> goto BB26 end } BB26 { - [#"../checked_ops.rs" 263 12 263 36] _38 <- ([#"../checked_ops.rs" 263 12 263 36] saturating_mul0 ([#"../checked_ops.rs" 263 12 263 16] [#"../checked_ops.rs" 263 12 263 16] (50 : int8)) ([#"../checked_ops.rs" 263 32 263 35] [#"../checked_ops.rs" 263 32 263 35] (-10 : int8))); + [#"../checked_ops.rs" 263 12 263 36] _38 <- ([#"../checked_ops.rs" 263 12 263 36] saturating_mul0 (50 : int8) (-10 : int8)); goto BB28 } BB27 { @@ -4120,13 +4500,15 @@ module CheckedOps_TestI8MulExample absurd } BB28 { - switch ([#"../checked_ops.rs" 263 12 263 44] _38 = ([#"../checked_ops.rs" 263 40 263 44] [#"../checked_ops.rs" 263 40 263 44] (-128 : int8))) + [#"../checked_ops.rs" 263 12 263 44] _37 <- ([#"../checked_ops.rs" 263 12 263 44] _38 = (-128 : int8)); + _38 <- any int8; + switch (_37) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../checked_ops.rs" 265 14 265 37] res <- ([#"../checked_ops.rs" 265 14 265 37] overflowing_mul0 ([#"../checked_ops.rs" 265 14 265 17] [#"../checked_ops.rs" 265 14 265 17] (5 : int8)) ([#"../checked_ops.rs" 265 34 265 36] [#"../checked_ops.rs" 265 34 265 36] (10 : int8))); + [#"../checked_ops.rs" 265 14 265 37] res <- ([#"../checked_ops.rs" 265 14 265 37] overflowing_mul0 (5 : int8) (10 : int8)); goto BB31 } BB30 { @@ -4134,20 +4516,22 @@ module CheckedOps_TestI8MulExample absurd } BB31 { - switch ([#"../checked_ops.rs" 266 12 266 23] ([#"../checked_ops.rs" 266 12 266 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 266 21 266 23] [#"../checked_ops.rs" 266 21 266 23] (50 : int8))) + [#"../checked_ops.rs" 266 12 266 23] _42 <- ([#"../checked_ops.rs" 266 12 266 23] (let (a, _) = res in a) = (50 : int8)); + switch (_42) | False -> goto BB35 | True -> goto BB32 end } BB32 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 266 27 266 41] Bool.eqb ([#"../checked_ops.rs" 266 27 266 32] let (_, a) = res in a) ([#"../checked_ops.rs" 266 36 266 41] [#"../checked_ops.rs" 266 36 266 41] false)) + [#"../checked_ops.rs" 266 27 266 41] _44 <- ([#"../checked_ops.rs" 266 27 266 41] Bool.eqb (let (_, a) = res in a) false); + switch (_44) | False -> goto BB34 | True -> goto BB33 end } BB33 { - [#"../checked_ops.rs" 267 14 267 38] res1 <- ([#"../checked_ops.rs" 267 14 267 38] overflowing_mul0 ([#"../checked_ops.rs" 267 14 267 18] [#"../checked_ops.rs" 267 14 267 18] (50 : int8)) ([#"../checked_ops.rs" 267 35 267 37] [#"../checked_ops.rs" 267 35 267 37] (10 : int8))); + [#"../checked_ops.rs" 267 14 267 38] res1 <- ([#"../checked_ops.rs" 267 14 267 38] overflowing_mul0 (50 : int8) (10 : int8)); goto BB37 } BB34 { @@ -4162,20 +4546,22 @@ module CheckedOps_TestI8MulExample absurd } BB37 { - switch ([#"../checked_ops.rs" 268 12 268 24] ([#"../checked_ops.rs" 268 12 268 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 268 21 268 24] [#"../checked_ops.rs" 268 21 268 24] (-12 : int8))) + [#"../checked_ops.rs" 268 12 268 24] _49 <- ([#"../checked_ops.rs" 268 12 268 24] (let (a, _) = res1 in a) = (-12 : int8)); + switch (_49) | False -> goto BB41 | True -> goto BB38 end } BB38 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 268 28 268 41] Bool.eqb ([#"../checked_ops.rs" 268 28 268 33] let (_, a) = res1 in a) ([#"../checked_ops.rs" 268 37 268 41] [#"../checked_ops.rs" 268 37 268 41] true)) + [#"../checked_ops.rs" 268 28 268 41] _51 <- ([#"../checked_ops.rs" 268 28 268 41] Bool.eqb (let (_, a) = res1 in a) true); + switch (_51) | False -> goto BB40 | True -> goto BB39 end } BB39 { - [#"../checked_ops.rs" 269 14 269 39] res2 <- ([#"../checked_ops.rs" 269 14 269 39] overflowing_mul0 ([#"../checked_ops.rs" 269 14 269 18] [#"../checked_ops.rs" 269 14 269 18] (50 : int8)) ([#"../checked_ops.rs" 269 35 269 38] [#"../checked_ops.rs" 269 35 269 38] (-10 : int8))); + [#"../checked_ops.rs" 269 14 269 39] res2 <- ([#"../checked_ops.rs" 269 14 269 39] overflowing_mul0 (50 : int8) (-10 : int8)); goto BB43 } BB40 { @@ -4190,14 +4576,16 @@ module CheckedOps_TestI8MulExample absurd } BB43 { - switch ([#"../checked_ops.rs" 270 12 270 23] ([#"../checked_ops.rs" 270 12 270 17] let (a, _) = res2 in a) = ([#"../checked_ops.rs" 270 21 270 23] [#"../checked_ops.rs" 270 21 270 23] (12 : int8))) + [#"../checked_ops.rs" 270 12 270 23] _56 <- ([#"../checked_ops.rs" 270 12 270 23] (let (a, _) = res2 in a) = (12 : int8)); + switch (_56) | False -> goto BB47 | True -> goto BB44 end } BB44 { assume { resolve0 res2 }; - switch ([#"../checked_ops.rs" 270 27 270 40] Bool.eqb ([#"../checked_ops.rs" 270 27 270 32] let (_, a) = res2 in a) ([#"../checked_ops.rs" 270 36 270 40] [#"../checked_ops.rs" 270 36 270 40] true)) + [#"../checked_ops.rs" 270 27 270 40] _58 <- ([#"../checked_ops.rs" 270 27 270 40] Bool.eqb (let (_, a) = res2 in a) true); + switch (_58) | False -> goto BB46 | True -> goto BB45 end @@ -4303,16 +4691,21 @@ module CheckedOps_TestI8MulZero = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var a : int8 = a; + var _3 : bool; var _4 : int8; var _5 : Core_Option_Option_Type.t_option int8; + var _9 : bool; var _10 : int8; + var _14 : bool; var _15 : int8; var res : (int8, bool); + var _21 : bool; + var _23 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 275 12 275 30] _5 <- ([#"../checked_ops.rs" 275 12 275 30] checked_mul0 ([#"../checked_ops.rs" 275 12 275 15] [#"../checked_ops.rs" 275 12 275 15] (0 : int8)) ([#"../checked_ops.rs" 275 28 275 29] a)); + [#"../checked_ops.rs" 275 12 275 30] _5 <- ([#"../checked_ops.rs" 275 12 275 30] checked_mul0 (0 : int8) a); goto BB1 } BB1 { @@ -4321,13 +4714,15 @@ module CheckedOps_TestI8MulZero goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 275 12 275 44] _4 = ([#"../checked_ops.rs" 275 43 275 44] [#"../checked_ops.rs" 275 43 275 44] (0 : int8))) + [#"../checked_ops.rs" 275 12 275 44] _3 <- ([#"../checked_ops.rs" 275 12 275 44] _4 = (0 : int8)); + _4 <- any int8; + switch (_3) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 276 12 276 31] _10 <- ([#"../checked_ops.rs" 276 12 276 31] wrapping_mul0 ([#"../checked_ops.rs" 276 12 276 15] [#"../checked_ops.rs" 276 12 276 15] (0 : int8)) ([#"../checked_ops.rs" 276 29 276 30] a)); + [#"../checked_ops.rs" 276 12 276 31] _10 <- ([#"../checked_ops.rs" 276 12 276 31] wrapping_mul0 (0 : int8) a); goto BB5 } BB4 { @@ -4335,13 +4730,15 @@ module CheckedOps_TestI8MulZero absurd } BB5 { - switch ([#"../checked_ops.rs" 276 12 276 36] _10 = ([#"../checked_ops.rs" 276 35 276 36] [#"../checked_ops.rs" 276 35 276 36] (0 : int8))) + [#"../checked_ops.rs" 276 12 276 36] _9 <- ([#"../checked_ops.rs" 276 12 276 36] _10 = (0 : int8)); + _10 <- any int8; + switch (_9) | False -> goto BB7 | True -> goto BB6 end } BB6 { - [#"../checked_ops.rs" 277 12 277 33] _15 <- ([#"../checked_ops.rs" 277 12 277 33] saturating_mul0 ([#"../checked_ops.rs" 277 12 277 15] [#"../checked_ops.rs" 277 12 277 15] (0 : int8)) ([#"../checked_ops.rs" 277 31 277 32] a)); + [#"../checked_ops.rs" 277 12 277 33] _15 <- ([#"../checked_ops.rs" 277 12 277 33] saturating_mul0 (0 : int8) a); goto BB8 } BB7 { @@ -4349,13 +4746,15 @@ module CheckedOps_TestI8MulZero absurd } BB8 { - switch ([#"../checked_ops.rs" 277 12 277 38] _15 = ([#"../checked_ops.rs" 277 37 277 38] [#"../checked_ops.rs" 277 37 277 38] (0 : int8))) + [#"../checked_ops.rs" 277 12 277 38] _14 <- ([#"../checked_ops.rs" 277 12 277 38] _15 = (0 : int8)); + _15 <- any int8; + switch (_14) | False -> goto BB10 | True -> goto BB9 end } BB9 { - [#"../checked_ops.rs" 278 14 278 36] res <- ([#"../checked_ops.rs" 278 14 278 36] overflowing_mul0 ([#"../checked_ops.rs" 278 14 278 17] [#"../checked_ops.rs" 278 14 278 17] (0 : int8)) ([#"../checked_ops.rs" 278 34 278 35] a)); + [#"../checked_ops.rs" 278 14 278 36] res <- ([#"../checked_ops.rs" 278 14 278 36] overflowing_mul0 (0 : int8) a); goto BB11 } BB10 { @@ -4363,14 +4762,16 @@ module CheckedOps_TestI8MulZero absurd } BB11 { - switch ([#"../checked_ops.rs" 279 12 279 22] ([#"../checked_ops.rs" 279 12 279 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 279 21 279 22] [#"../checked_ops.rs" 279 21 279 22] (0 : int8))) + [#"../checked_ops.rs" 279 12 279 22] _21 <- ([#"../checked_ops.rs" 279 12 279 22] (let (a, _) = res in a) = (0 : int8)); + switch (_21) | False -> goto BB15 | True -> goto BB12 end } BB12 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 279 26 279 40] Bool.eqb ([#"../checked_ops.rs" 279 26 279 31] let (_, a) = res in a) ([#"../checked_ops.rs" 279 35 279 40] [#"../checked_ops.rs" 279 35 279 40] false)) + [#"../checked_ops.rs" 279 26 279 40] _23 <- ([#"../checked_ops.rs" 279 26 279 40] Bool.eqb (let (_, a) = res in a) false); + switch (_23) | False -> goto BB14 | True -> goto BB13 end @@ -4461,8 +4862,10 @@ module CheckedOps_TestI8OverflowingMul var _0 : (); var a : int8 = a; var b : int8 = b; + var _4 : bool; var _6 : (int8, bool); var _9 : int8; + var _14 : bool; var _16 : (int8, bool); var _19 : bool; var _21 : Core_Option_Option_Type.t_option int8; @@ -4470,22 +4873,24 @@ module CheckedOps_TestI8OverflowingMul goto BB0 } BB0 { - [#"../checked_ops.rs" 284 12 284 32] _6 <- ([#"../checked_ops.rs" 284 12 284 32] overflowing_mul0 ([#"../checked_ops.rs" 284 12 284 13] a) ([#"../checked_ops.rs" 284 30 284 31] b)); + [#"../checked_ops.rs" 284 12 284 32] _6 <- ([#"../checked_ops.rs" 284 12 284 32] overflowing_mul0 a b); goto BB1 } BB1 { assume { resolve0 _6 }; - [#"../checked_ops.rs" 284 38 284 55] _9 <- ([#"../checked_ops.rs" 284 38 284 55] wrapping_mul0 ([#"../checked_ops.rs" 284 38 284 39] a) ([#"../checked_ops.rs" 284 53 284 54] b)); + [#"../checked_ops.rs" 284 38 284 55] _9 <- ([#"../checked_ops.rs" 284 38 284 55] wrapping_mul0 a b); goto BB2 } BB2 { - switch ([#"../checked_ops.rs" 284 12 284 55] ([#"../checked_ops.rs" 284 12 284 34] let (a, _) = _6 in a) = _9) + [#"../checked_ops.rs" 284 12 284 55] _4 <- ([#"../checked_ops.rs" 284 12 284 55] (let (a, _) = _6 in a) = _9); + _9 <- any int8; + switch (_4) | False -> goto BB4 | True -> goto BB3 end } BB3 { - [#"../checked_ops.rs" 285 12 285 32] _16 <- ([#"../checked_ops.rs" 285 12 285 32] overflowing_mul0 ([#"../checked_ops.rs" 285 12 285 13] a) ([#"../checked_ops.rs" 285 30 285 31] b)); + [#"../checked_ops.rs" 285 12 285 32] _16 <- ([#"../checked_ops.rs" 285 12 285 32] overflowing_mul0 a b); goto BB5 } BB4 { @@ -4494,15 +4899,17 @@ module CheckedOps_TestI8OverflowingMul } BB5 { assume { resolve0 _16 }; - [#"../checked_ops.rs" 285 38 285 54] _21 <- ([#"../checked_ops.rs" 285 38 285 54] checked_mul0 ([#"../checked_ops.rs" 285 38 285 39] a) ([#"../checked_ops.rs" 285 52 285 53] b)); + [#"../checked_ops.rs" 285 38 285 54] _21 <- ([#"../checked_ops.rs" 285 38 285 54] checked_mul0 a b); goto BB6 } BB6 { - [#"../checked_ops.rs" 285 38 285 64] _19 <- ([#"../checked_ops.rs" 285 38 285 64] is_none0 ([#"../checked_ops.rs" 285 38 285 54] _21)); + [#"../checked_ops.rs" 285 38 285 64] _19 <- ([#"../checked_ops.rs" 285 38 285 64] is_none0 _21); goto BB7 } BB7 { - switch ([#"../checked_ops.rs" 285 12 285 64] Bool.eqb ([#"../checked_ops.rs" 285 12 285 34] let (_, a) = _16 in a) _19) + [#"../checked_ops.rs" 285 12 285 64] _14 <- ([#"../checked_ops.rs" 285 12 285 64] Bool.eqb (let (_, a) = _16 in a) _19); + _19 <- any bool; + switch (_14) | False -> goto BB9 | True -> goto BB8 end @@ -4607,30 +5014,44 @@ module CheckedOps_TestI8DivExample var _0 : (); var _2 : bool; var _4 : Core_Option_Option_Type.t_option int8; + var _7 : bool; var _8 : int8; var _9 : Core_Option_Option_Type.t_option int8; + var _12 : bool; var _13 : int8; var _14 : Core_Option_Option_Type.t_option int8; var _17 : bool; var _19 : Core_Option_Option_Type.t_option int8; + var _22 : bool; var _23 : int8; + var _26 : bool; var _27 : int8; + var _30 : bool; var _31 : int8; + var _34 : bool; var _35 : int8; + var _38 : bool; var _39 : int8; + var _42 : bool; var _43 : int8; var res : (int8, bool); + var _47 : bool; + var _49 : bool; var res1 : (int8, bool); + var _54 : bool; + var _56 : bool; var res2 : (int8, bool); + var _61 : bool; + var _63 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 290 12 290 30] _4 <- ([#"../checked_ops.rs" 290 12 290 30] checked_div0 ([#"../checked_ops.rs" 290 12 290 15] [#"../checked_ops.rs" 290 12 290 15] (5 : int8)) ([#"../checked_ops.rs" 290 28 290 29] [#"../checked_ops.rs" 290 28 290 29] (0 : int8))); + [#"../checked_ops.rs" 290 12 290 30] _4 <- ([#"../checked_ops.rs" 290 12 290 30] checked_div0 (5 : int8) (0 : int8)); goto BB1 } BB1 { - [#"../checked_ops.rs" 290 12 290 40] _2 <- ([#"../checked_ops.rs" 290 12 290 40] is_none0 ([#"../checked_ops.rs" 290 12 290 30] _4)); + [#"../checked_ops.rs" 290 12 290 40] _2 <- ([#"../checked_ops.rs" 290 12 290 40] is_none0 _4); goto BB2 } BB2 { @@ -4640,7 +5061,7 @@ module CheckedOps_TestI8DivExample end } BB3 { - [#"../checked_ops.rs" 291 12 291 30] _9 <- ([#"../checked_ops.rs" 291 12 291 30] checked_div0 ([#"../checked_ops.rs" 291 12 291 15] [#"../checked_ops.rs" 291 12 291 15] (5 : int8)) ([#"../checked_ops.rs" 291 28 291 29] [#"../checked_ops.rs" 291 28 291 29] (2 : int8))); + [#"../checked_ops.rs" 291 12 291 30] _9 <- ([#"../checked_ops.rs" 291 12 291 30] checked_div0 (5 : int8) (2 : int8)); goto BB5 } BB4 { @@ -4653,13 +5074,15 @@ module CheckedOps_TestI8DivExample goto BB6 } BB6 { - switch ([#"../checked_ops.rs" 291 12 291 44] _8 = ([#"../checked_ops.rs" 291 43 291 44] [#"../checked_ops.rs" 291 43 291 44] (2 : int8))) + [#"../checked_ops.rs" 291 12 291 44] _7 <- ([#"../checked_ops.rs" 291 12 291 44] _8 = (2 : int8)); + _8 <- any int8; + switch (_7) | False -> goto BB8 | True -> goto BB7 end } BB7 { - [#"../checked_ops.rs" 292 12 292 31] _14 <- ([#"../checked_ops.rs" 292 12 292 31] checked_div0 ([#"../checked_ops.rs" 292 12 292 15] [#"../checked_ops.rs" 292 12 292 15] (5 : int8)) ([#"../checked_ops.rs" 292 28 292 30] [#"../checked_ops.rs" 292 28 292 30] (-2 : int8))); + [#"../checked_ops.rs" 292 12 292 31] _14 <- ([#"../checked_ops.rs" 292 12 292 31] checked_div0 (5 : int8) (-2 : int8)); goto BB9 } BB8 { @@ -4672,13 +5095,15 @@ module CheckedOps_TestI8DivExample goto BB10 } BB10 { - switch ([#"../checked_ops.rs" 292 12 292 46] _13 = ([#"../checked_ops.rs" 292 44 292 46] [#"../checked_ops.rs" 292 44 292 46] (-2 : int8))) + [#"../checked_ops.rs" 292 12 292 46] _12 <- ([#"../checked_ops.rs" 292 12 292 46] _13 = (-2 : int8)); + _13 <- any int8; + switch (_12) | False -> goto BB12 | True -> goto BB11 end } BB11 { - [#"../checked_ops.rs" 293 12 293 36] _19 <- ([#"../checked_ops.rs" 293 12 293 36] checked_div0 ([#"../checked_ops.rs" 293 12 293 20] [#"../checked_ops.rs" 293 12 293 20] (-128 : int8)) ([#"../checked_ops.rs" 293 33 293 35] [#"../checked_ops.rs" 293 33 293 35] (-1 : int8))); + [#"../checked_ops.rs" 293 12 293 36] _19 <- ([#"../checked_ops.rs" 293 12 293 36] checked_div0 (-128 : int8) (-1 : int8)); goto BB13 } BB12 { @@ -4686,7 +5111,7 @@ module CheckedOps_TestI8DivExample absurd } BB13 { - [#"../checked_ops.rs" 293 12 293 46] _17 <- ([#"../checked_ops.rs" 293 12 293 46] is_none0 ([#"../checked_ops.rs" 293 12 293 36] _19)); + [#"../checked_ops.rs" 293 12 293 46] _17 <- ([#"../checked_ops.rs" 293 12 293 46] is_none0 _19); goto BB14 } BB14 { @@ -4696,7 +5121,7 @@ module CheckedOps_TestI8DivExample end } BB15 { - [#"../checked_ops.rs" 295 12 295 31] _23 <- ([#"../checked_ops.rs" 295 12 295 31] wrapping_div0 ([#"../checked_ops.rs" 295 12 295 15] [#"../checked_ops.rs" 295 12 295 15] (5 : int8)) ([#"../checked_ops.rs" 295 29 295 30] [#"../checked_ops.rs" 295 29 295 30] (2 : int8))); + [#"../checked_ops.rs" 295 12 295 31] _23 <- ([#"../checked_ops.rs" 295 12 295 31] wrapping_div0 (5 : int8) (2 : int8)); goto BB17 } BB16 { @@ -4704,13 +5129,15 @@ module CheckedOps_TestI8DivExample absurd } BB17 { - switch ([#"../checked_ops.rs" 295 12 295 36] _23 = ([#"../checked_ops.rs" 295 35 295 36] [#"../checked_ops.rs" 295 35 295 36] (2 : int8))) + [#"../checked_ops.rs" 295 12 295 36] _22 <- ([#"../checked_ops.rs" 295 12 295 36] _23 = (2 : int8)); + _23 <- any int8; + switch (_22) | False -> goto BB19 | True -> goto BB18 end } BB18 { - [#"../checked_ops.rs" 296 12 296 32] _27 <- ([#"../checked_ops.rs" 296 12 296 32] wrapping_div0 ([#"../checked_ops.rs" 296 12 296 15] [#"../checked_ops.rs" 296 12 296 15] (5 : int8)) ([#"../checked_ops.rs" 296 29 296 31] [#"../checked_ops.rs" 296 29 296 31] (-2 : int8))); + [#"../checked_ops.rs" 296 12 296 32] _27 <- ([#"../checked_ops.rs" 296 12 296 32] wrapping_div0 (5 : int8) (-2 : int8)); goto BB20 } BB19 { @@ -4718,13 +5145,15 @@ module CheckedOps_TestI8DivExample absurd } BB20 { - switch ([#"../checked_ops.rs" 296 12 296 38] _27 = ([#"../checked_ops.rs" 296 36 296 38] [#"../checked_ops.rs" 296 36 296 38] (-2 : int8))) + [#"../checked_ops.rs" 296 12 296 38] _26 <- ([#"../checked_ops.rs" 296 12 296 38] _27 = (-2 : int8)); + _27 <- any int8; + switch (_26) | False -> goto BB22 | True -> goto BB21 end } BB21 { - [#"../checked_ops.rs" 297 12 297 37] _31 <- ([#"../checked_ops.rs" 297 12 297 37] wrapping_div0 ([#"../checked_ops.rs" 297 12 297 20] [#"../checked_ops.rs" 297 12 297 20] (-128 : int8)) ([#"../checked_ops.rs" 297 34 297 36] [#"../checked_ops.rs" 297 34 297 36] (-1 : int8))); + [#"../checked_ops.rs" 297 12 297 37] _31 <- ([#"../checked_ops.rs" 297 12 297 37] wrapping_div0 (-128 : int8) (-1 : int8)); goto BB23 } BB22 { @@ -4732,13 +5161,15 @@ module CheckedOps_TestI8DivExample absurd } BB23 { - switch ([#"../checked_ops.rs" 297 12 297 45] _31 = ([#"../checked_ops.rs" 297 41 297 45] [#"../checked_ops.rs" 297 41 297 45] (-128 : int8))) + [#"../checked_ops.rs" 297 12 297 45] _30 <- ([#"../checked_ops.rs" 297 12 297 45] _31 = (-128 : int8)); + _31 <- any int8; + switch (_30) | False -> goto BB25 | True -> goto BB24 end } BB24 { - [#"../checked_ops.rs" 299 12 299 33] _35 <- ([#"../checked_ops.rs" 299 12 299 33] saturating_div0 ([#"../checked_ops.rs" 299 12 299 15] [#"../checked_ops.rs" 299 12 299 15] (5 : int8)) ([#"../checked_ops.rs" 299 31 299 32] [#"../checked_ops.rs" 299 31 299 32] (2 : int8))); + [#"../checked_ops.rs" 299 12 299 33] _35 <- ([#"../checked_ops.rs" 299 12 299 33] saturating_div0 (5 : int8) (2 : int8)); goto BB26 } BB25 { @@ -4746,13 +5177,15 @@ module CheckedOps_TestI8DivExample absurd } BB26 { - switch ([#"../checked_ops.rs" 299 12 299 38] _35 = ([#"../checked_ops.rs" 299 37 299 38] [#"../checked_ops.rs" 299 37 299 38] (2 : int8))) + [#"../checked_ops.rs" 299 12 299 38] _34 <- ([#"../checked_ops.rs" 299 12 299 38] _35 = (2 : int8)); + _35 <- any int8; + switch (_34) | False -> goto BB28 | True -> goto BB27 end } BB27 { - [#"../checked_ops.rs" 300 12 300 34] _39 <- ([#"../checked_ops.rs" 300 12 300 34] saturating_div0 ([#"../checked_ops.rs" 300 12 300 15] [#"../checked_ops.rs" 300 12 300 15] (5 : int8)) ([#"../checked_ops.rs" 300 31 300 33] [#"../checked_ops.rs" 300 31 300 33] (-2 : int8))); + [#"../checked_ops.rs" 300 12 300 34] _39 <- ([#"../checked_ops.rs" 300 12 300 34] saturating_div0 (5 : int8) (-2 : int8)); goto BB29 } BB28 { @@ -4760,13 +5193,15 @@ module CheckedOps_TestI8DivExample absurd } BB29 { - switch ([#"../checked_ops.rs" 300 12 300 40] _39 = ([#"../checked_ops.rs" 300 38 300 40] [#"../checked_ops.rs" 300 38 300 40] (-2 : int8))) + [#"../checked_ops.rs" 300 12 300 40] _38 <- ([#"../checked_ops.rs" 300 12 300 40] _39 = (-2 : int8)); + _39 <- any int8; + switch (_38) | False -> goto BB31 | True -> goto BB30 end } BB30 { - [#"../checked_ops.rs" 301 12 301 39] _43 <- ([#"../checked_ops.rs" 301 12 301 39] saturating_div0 ([#"../checked_ops.rs" 301 12 301 20] [#"../checked_ops.rs" 301 12 301 20] (-128 : int8)) ([#"../checked_ops.rs" 301 36 301 38] [#"../checked_ops.rs" 301 36 301 38] (-1 : int8))); + [#"../checked_ops.rs" 301 12 301 39] _43 <- ([#"../checked_ops.rs" 301 12 301 39] saturating_div0 (-128 : int8) (-1 : int8)); goto BB32 } BB31 { @@ -4774,13 +5209,15 @@ module CheckedOps_TestI8DivExample absurd } BB32 { - switch ([#"../checked_ops.rs" 301 12 301 47] _43 = ([#"../checked_ops.rs" 301 43 301 47] [#"../checked_ops.rs" 301 43 301 47] (-128 : int8))) + [#"../checked_ops.rs" 301 12 301 47] _42 <- ([#"../checked_ops.rs" 301 12 301 47] _43 = (-128 : int8)); + _43 <- any int8; + switch (_42) | False -> goto BB34 | True -> goto BB33 end } BB33 { - [#"../checked_ops.rs" 303 14 303 36] res <- ([#"../checked_ops.rs" 303 14 303 36] overflowing_div0 ([#"../checked_ops.rs" 303 14 303 17] [#"../checked_ops.rs" 303 14 303 17] (5 : int8)) ([#"../checked_ops.rs" 303 34 303 35] [#"../checked_ops.rs" 303 34 303 35] (2 : int8))); + [#"../checked_ops.rs" 303 14 303 36] res <- ([#"../checked_ops.rs" 303 14 303 36] overflowing_div0 (5 : int8) (2 : int8)); goto BB35 } BB34 { @@ -4788,20 +5225,22 @@ module CheckedOps_TestI8DivExample absurd } BB35 { - switch ([#"../checked_ops.rs" 304 12 304 22] ([#"../checked_ops.rs" 304 12 304 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 304 21 304 22] [#"../checked_ops.rs" 304 21 304 22] (2 : int8))) + [#"../checked_ops.rs" 304 12 304 22] _47 <- ([#"../checked_ops.rs" 304 12 304 22] (let (a, _) = res in a) = (2 : int8)); + switch (_47) | False -> goto BB39 | True -> goto BB36 end } BB36 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 304 26 304 40] Bool.eqb ([#"../checked_ops.rs" 304 26 304 31] let (_, a) = res in a) ([#"../checked_ops.rs" 304 35 304 40] [#"../checked_ops.rs" 304 35 304 40] false)) + [#"../checked_ops.rs" 304 26 304 40] _49 <- ([#"../checked_ops.rs" 304 26 304 40] Bool.eqb (let (_, a) = res in a) false); + switch (_49) | False -> goto BB38 | True -> goto BB37 end } BB37 { - [#"../checked_ops.rs" 305 14 305 37] res1 <- ([#"../checked_ops.rs" 305 14 305 37] overflowing_div0 ([#"../checked_ops.rs" 305 14 305 17] [#"../checked_ops.rs" 305 14 305 17] (5 : int8)) ([#"../checked_ops.rs" 305 34 305 36] [#"../checked_ops.rs" 305 34 305 36] (-2 : int8))); + [#"../checked_ops.rs" 305 14 305 37] res1 <- ([#"../checked_ops.rs" 305 14 305 37] overflowing_div0 (5 : int8) (-2 : int8)); goto BB41 } BB38 { @@ -4816,20 +5255,22 @@ module CheckedOps_TestI8DivExample absurd } BB41 { - switch ([#"../checked_ops.rs" 306 12 306 23] ([#"../checked_ops.rs" 306 12 306 17] let (a, _) = res1 in a) = ([#"../checked_ops.rs" 306 21 306 23] [#"../checked_ops.rs" 306 21 306 23] (-2 : int8))) + [#"../checked_ops.rs" 306 12 306 23] _54 <- ([#"../checked_ops.rs" 306 12 306 23] (let (a, _) = res1 in a) = (-2 : int8)); + switch (_54) | False -> goto BB45 | True -> goto BB42 end } BB42 { assume { resolve0 res1 }; - switch ([#"../checked_ops.rs" 306 27 306 41] Bool.eqb ([#"../checked_ops.rs" 306 27 306 32] let (_, a) = res1 in a) ([#"../checked_ops.rs" 306 36 306 41] [#"../checked_ops.rs" 306 36 306 41] false)) + [#"../checked_ops.rs" 306 27 306 41] _56 <- ([#"../checked_ops.rs" 306 27 306 41] Bool.eqb (let (_, a) = res1 in a) false); + switch (_56) | False -> goto BB44 | True -> goto BB43 end } BB43 { - [#"../checked_ops.rs" 307 14 307 42] res2 <- ([#"../checked_ops.rs" 307 14 307 42] overflowing_div0 ([#"../checked_ops.rs" 307 14 307 22] [#"../checked_ops.rs" 307 14 307 22] (-128 : int8)) ([#"../checked_ops.rs" 307 39 307 41] [#"../checked_ops.rs" 307 39 307 41] (-1 : int8))); + [#"../checked_ops.rs" 307 14 307 42] res2 <- ([#"../checked_ops.rs" 307 14 307 42] overflowing_div0 (-128 : int8) (-1 : int8)); goto BB47 } BB44 { @@ -4844,14 +5285,16 @@ module CheckedOps_TestI8DivExample absurd } BB47 { - switch ([#"../checked_ops.rs" 308 12 308 25] ([#"../checked_ops.rs" 308 12 308 17] let (a, _) = res2 in a) = ([#"../checked_ops.rs" 308 21 308 25] [#"../checked_ops.rs" 308 21 308 25] (-128 : int8))) + [#"../checked_ops.rs" 308 12 308 25] _61 <- ([#"../checked_ops.rs" 308 12 308 25] (let (a, _) = res2 in a) = (-128 : int8)); + switch (_61) | False -> goto BB51 | True -> goto BB48 end } BB48 { assume { resolve0 res2 }; - switch ([#"../checked_ops.rs" 308 29 308 42] Bool.eqb ([#"../checked_ops.rs" 308 29 308 34] let (_, a) = res2 in a) ([#"../checked_ops.rs" 308 38 308 42] [#"../checked_ops.rs" 308 38 308 42] true)) + [#"../checked_ops.rs" 308 29 308 42] _63 <- ([#"../checked_ops.rs" 308 29 308 42] Bool.eqb (let (_, a) = res2 in a) true); + switch (_63) | False -> goto BB50 | True -> goto BB49 end @@ -4949,32 +5392,49 @@ module CheckedOps_TestI8DivNoOverflow var _0 : (); var a : int8 = a; var b : int8 = b; + var _5 : bool; var _6 : int8; var _7 : Core_Option_Option_Type.t_option int8; + var _10 : int8; var _11 : int8; var _12 : int8; var _13 : bool; + var _14 : bool; + var _15 : bool; var _16 : bool; + var _19 : bool; var _20 : int8; + var _23 : int8; var _24 : int8; var _25 : int8; var _26 : bool; + var _27 : bool; + var _28 : bool; var _29 : bool; + var _32 : bool; var _33 : int8; + var _36 : int8; var _37 : int8; var _38 : int8; var _39 : bool; + var _40 : bool; + var _41 : bool; var _42 : bool; var res : (int8, bool); + var _48 : bool; + var _50 : int8; var _51 : int8; var _52 : int8; var _53 : bool; + var _54 : bool; + var _55 : bool; var _56 : bool; + var _57 : bool; { goto BB0 } BB0 { - [#"../checked_ops.rs" 314 12 314 28] _7 <- ([#"../checked_ops.rs" 314 12 314 28] checked_div0 ([#"../checked_ops.rs" 314 12 314 13] a) ([#"../checked_ops.rs" 314 26 314 27] b)); + [#"../checked_ops.rs" 314 12 314 28] _7 <- ([#"../checked_ops.rs" 314 12 314 28] checked_div0 a b); goto BB1 } BB1 { @@ -4985,23 +5445,33 @@ module CheckedOps_TestI8DivNoOverflow BB2 { [#"../checked_ops.rs" 314 41 314 42] _11 <- ([#"../checked_ops.rs" 314 41 314 42] a); [#"../checked_ops.rs" 314 45 314 46] _12 <- ([#"../checked_ops.rs" 314 45 314 46] b); - [#"../checked_ops.rs" 314 41 314 46] _13 <- ([#"../checked_ops.rs" 314 41 314 46] _12 = ([#"../checked_ops.rs" 314 41 314 46] [#"../checked_ops.rs" 314 41 314 46] (0 : int8))); + [#"../checked_ops.rs" 314 41 314 46] _13 <- ([#"../checked_ops.rs" 314 41 314 46] _12 = (0 : int8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 314 41 314 46] not _13 }; goto BB3 } BB3 { - [#"../checked_ops.rs" 314 41 314 46] _16 <- ([#"../checked_ops.rs" 314 41 314 46] ([#"../checked_ops.rs" 314 41 314 46] _12 = ([#"../checked_ops.rs" 314 41 314 46] [#"../checked_ops.rs" 314 41 314 46] (-1 : int8))) && ([#"../checked_ops.rs" 314 41 314 46] _11 = ([#"../checked_ops.rs" 314 41 314 46] [#"../checked_ops.rs" 314 41 314 46] (-128 : int8)))); + [#"../checked_ops.rs" 314 41 314 46] _14 <- ([#"../checked_ops.rs" 314 41 314 46] _12 = (-1 : int8)); + [#"../checked_ops.rs" 314 41 314 46] _15 <- ([#"../checked_ops.rs" 314 41 314 46] _11 = (-128 : int8)); + [#"../checked_ops.rs" 314 41 314 46] _16 <- ([#"../checked_ops.rs" 314 41 314 46] _14 && _15); + _14 <- any bool; + _15 <- any bool; assert { [@expl:Div overflow] [#"../checked_ops.rs" 314 41 314 46] not _16 }; goto BB4 } BB4 { - switch ([#"../checked_ops.rs" 314 12 314 46] _6 = ([#"../checked_ops.rs" 314 41 314 46] _11 / _12)) + [#"../checked_ops.rs" 314 41 314 46] _10 <- ([#"../checked_ops.rs" 314 41 314 46] _11 / _12); + _11 <- any int8; + _12 <- any int8; + [#"../checked_ops.rs" 314 12 314 46] _5 <- ([#"../checked_ops.rs" 314 12 314 46] _6 = _10); + _6 <- any int8; + _10 <- any int8; + switch (_5) | False -> goto BB6 | True -> goto BB5 end } BB5 { - [#"../checked_ops.rs" 315 12 315 29] _20 <- ([#"../checked_ops.rs" 315 12 315 29] wrapping_div0 ([#"../checked_ops.rs" 315 12 315 13] a) ([#"../checked_ops.rs" 315 27 315 28] b)); + [#"../checked_ops.rs" 315 12 315 29] _20 <- ([#"../checked_ops.rs" 315 12 315 29] wrapping_div0 a b); goto BB7 } BB6 { @@ -5011,23 +5481,33 @@ module CheckedOps_TestI8DivNoOverflow BB7 { [#"../checked_ops.rs" 315 33 315 34] _24 <- ([#"../checked_ops.rs" 315 33 315 34] a); [#"../checked_ops.rs" 315 37 315 38] _25 <- ([#"../checked_ops.rs" 315 37 315 38] b); - [#"../checked_ops.rs" 315 33 315 38] _26 <- ([#"../checked_ops.rs" 315 33 315 38] _25 = ([#"../checked_ops.rs" 315 33 315 38] [#"../checked_ops.rs" 315 33 315 38] (0 : int8))); + [#"../checked_ops.rs" 315 33 315 38] _26 <- ([#"../checked_ops.rs" 315 33 315 38] _25 = (0 : int8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 315 33 315 38] not _26 }; goto BB8 } BB8 { - [#"../checked_ops.rs" 315 33 315 38] _29 <- ([#"../checked_ops.rs" 315 33 315 38] ([#"../checked_ops.rs" 315 33 315 38] _25 = ([#"../checked_ops.rs" 315 33 315 38] [#"../checked_ops.rs" 315 33 315 38] (-1 : int8))) && ([#"../checked_ops.rs" 315 33 315 38] _24 = ([#"../checked_ops.rs" 315 33 315 38] [#"../checked_ops.rs" 315 33 315 38] (-128 : int8)))); + [#"../checked_ops.rs" 315 33 315 38] _27 <- ([#"../checked_ops.rs" 315 33 315 38] _25 = (-1 : int8)); + [#"../checked_ops.rs" 315 33 315 38] _28 <- ([#"../checked_ops.rs" 315 33 315 38] _24 = (-128 : int8)); + [#"../checked_ops.rs" 315 33 315 38] _29 <- ([#"../checked_ops.rs" 315 33 315 38] _27 && _28); + _27 <- any bool; + _28 <- any bool; assert { [@expl:Div overflow] [#"../checked_ops.rs" 315 33 315 38] not _29 }; goto BB9 } BB9 { - switch ([#"../checked_ops.rs" 315 12 315 38] _20 = ([#"../checked_ops.rs" 315 33 315 38] _24 / _25)) + [#"../checked_ops.rs" 315 33 315 38] _23 <- ([#"../checked_ops.rs" 315 33 315 38] _24 / _25); + _24 <- any int8; + _25 <- any int8; + [#"../checked_ops.rs" 315 12 315 38] _19 <- ([#"../checked_ops.rs" 315 12 315 38] _20 = _23); + _20 <- any int8; + _23 <- any int8; + switch (_19) | False -> goto BB11 | True -> goto BB10 end } BB10 { - [#"../checked_ops.rs" 316 12 316 31] _33 <- ([#"../checked_ops.rs" 316 12 316 31] saturating_div0 ([#"../checked_ops.rs" 316 12 316 13] a) ([#"../checked_ops.rs" 316 29 316 30] b)); + [#"../checked_ops.rs" 316 12 316 31] _33 <- ([#"../checked_ops.rs" 316 12 316 31] saturating_div0 a b); goto BB12 } BB11 { @@ -5037,23 +5517,33 @@ module CheckedOps_TestI8DivNoOverflow BB12 { [#"../checked_ops.rs" 316 35 316 36] _37 <- ([#"../checked_ops.rs" 316 35 316 36] a); [#"../checked_ops.rs" 316 39 316 40] _38 <- ([#"../checked_ops.rs" 316 39 316 40] b); - [#"../checked_ops.rs" 316 35 316 40] _39 <- ([#"../checked_ops.rs" 316 35 316 40] _38 = ([#"../checked_ops.rs" 316 35 316 40] [#"../checked_ops.rs" 316 35 316 40] (0 : int8))); + [#"../checked_ops.rs" 316 35 316 40] _39 <- ([#"../checked_ops.rs" 316 35 316 40] _38 = (0 : int8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 316 35 316 40] not _39 }; goto BB13 } BB13 { - [#"../checked_ops.rs" 316 35 316 40] _42 <- ([#"../checked_ops.rs" 316 35 316 40] ([#"../checked_ops.rs" 316 35 316 40] _38 = ([#"../checked_ops.rs" 316 35 316 40] [#"../checked_ops.rs" 316 35 316 40] (-1 : int8))) && ([#"../checked_ops.rs" 316 35 316 40] _37 = ([#"../checked_ops.rs" 316 35 316 40] [#"../checked_ops.rs" 316 35 316 40] (-128 : int8)))); + [#"../checked_ops.rs" 316 35 316 40] _40 <- ([#"../checked_ops.rs" 316 35 316 40] _38 = (-1 : int8)); + [#"../checked_ops.rs" 316 35 316 40] _41 <- ([#"../checked_ops.rs" 316 35 316 40] _37 = (-128 : int8)); + [#"../checked_ops.rs" 316 35 316 40] _42 <- ([#"../checked_ops.rs" 316 35 316 40] _40 && _41); + _40 <- any bool; + _41 <- any bool; assert { [@expl:Div overflow] [#"../checked_ops.rs" 316 35 316 40] not _42 }; goto BB14 } BB14 { - switch ([#"../checked_ops.rs" 316 12 316 40] _33 = ([#"../checked_ops.rs" 316 35 316 40] _37 / _38)) + [#"../checked_ops.rs" 316 35 316 40] _36 <- ([#"../checked_ops.rs" 316 35 316 40] _37 / _38); + _37 <- any int8; + _38 <- any int8; + [#"../checked_ops.rs" 316 12 316 40] _32 <- ([#"../checked_ops.rs" 316 12 316 40] _33 = _36); + _33 <- any int8; + _36 <- any int8; + switch (_32) | False -> goto BB16 | True -> goto BB15 end } BB15 { - [#"../checked_ops.rs" 317 14 317 34] res <- ([#"../checked_ops.rs" 317 14 317 34] overflowing_div0 ([#"../checked_ops.rs" 317 14 317 15] a) ([#"../checked_ops.rs" 317 32 317 33] b)); + [#"../checked_ops.rs" 317 14 317 34] res <- ([#"../checked_ops.rs" 317 14 317 34] overflowing_div0 a b); goto BB17 } BB16 { @@ -5063,24 +5553,34 @@ module CheckedOps_TestI8DivNoOverflow BB17 { [#"../checked_ops.rs" 318 21 318 22] _51 <- ([#"../checked_ops.rs" 318 21 318 22] a); [#"../checked_ops.rs" 318 25 318 26] _52 <- ([#"../checked_ops.rs" 318 25 318 26] b); - [#"../checked_ops.rs" 318 21 318 26] _53 <- ([#"../checked_ops.rs" 318 21 318 26] _52 = ([#"../checked_ops.rs" 318 21 318 26] [#"../checked_ops.rs" 318 21 318 26] (0 : int8))); + [#"../checked_ops.rs" 318 21 318 26] _53 <- ([#"../checked_ops.rs" 318 21 318 26] _52 = (0 : int8)); assert { [@expl:division by zero] [#"../checked_ops.rs" 318 21 318 26] not _53 }; goto BB18 } BB18 { - [#"../checked_ops.rs" 318 21 318 26] _56 <- ([#"../checked_ops.rs" 318 21 318 26] ([#"../checked_ops.rs" 318 21 318 26] _52 = ([#"../checked_ops.rs" 318 21 318 26] [#"../checked_ops.rs" 318 21 318 26] (-1 : int8))) && ([#"../checked_ops.rs" 318 21 318 26] _51 = ([#"../checked_ops.rs" 318 21 318 26] [#"../checked_ops.rs" 318 21 318 26] (-128 : int8)))); + [#"../checked_ops.rs" 318 21 318 26] _54 <- ([#"../checked_ops.rs" 318 21 318 26] _52 = (-1 : int8)); + [#"../checked_ops.rs" 318 21 318 26] _55 <- ([#"../checked_ops.rs" 318 21 318 26] _51 = (-128 : int8)); + [#"../checked_ops.rs" 318 21 318 26] _56 <- ([#"../checked_ops.rs" 318 21 318 26] _54 && _55); + _54 <- any bool; + _55 <- any bool; assert { [@expl:Div overflow] [#"../checked_ops.rs" 318 21 318 26] not _56 }; goto BB19 } BB19 { - switch ([#"../checked_ops.rs" 318 12 318 26] ([#"../checked_ops.rs" 318 12 318 17] let (a, _) = res in a) = ([#"../checked_ops.rs" 318 21 318 26] _51 / _52)) + [#"../checked_ops.rs" 318 21 318 26] _50 <- ([#"../checked_ops.rs" 318 21 318 26] _51 / _52); + _51 <- any int8; + _52 <- any int8; + [#"../checked_ops.rs" 318 12 318 26] _48 <- ([#"../checked_ops.rs" 318 12 318 26] (let (a, _) = res in a) = _50); + _50 <- any int8; + switch (_48) | False -> goto BB23 | True -> goto BB20 end } BB20 { assume { resolve0 res }; - switch ([#"../checked_ops.rs" 318 30 318 44] Bool.eqb ([#"../checked_ops.rs" 318 30 318 35] let (_, a) = res in a) ([#"../checked_ops.rs" 318 39 318 44] [#"../checked_ops.rs" 318 39 318 44] false)) + [#"../checked_ops.rs" 318 30 318 44] _57 <- ([#"../checked_ops.rs" 318 30 318 44] Bool.eqb (let (_, a) = res in a) false); + switch (_57) | False -> goto BB22 | True -> goto BB21 end @@ -5139,11 +5639,11 @@ module CheckedOps_TestI8DivZero goto BB0 } BB0 { - [#"../checked_ops.rs" 323 12 323 28] _5 <- ([#"../checked_ops.rs" 323 12 323 28] checked_div0 ([#"../checked_ops.rs" 323 12 323 13] a) ([#"../checked_ops.rs" 323 26 323 27] [#"../checked_ops.rs" 323 26 323 27] (0 : int8))); + [#"../checked_ops.rs" 323 12 323 28] _5 <- ([#"../checked_ops.rs" 323 12 323 28] checked_div0 a (0 : int8)); goto BB1 } BB1 { - [#"../checked_ops.rs" 323 12 323 38] _3 <- ([#"../checked_ops.rs" 323 12 323 38] is_none0 ([#"../checked_ops.rs" 323 12 323 28] _5)); + [#"../checked_ops.rs" 323 12 323 38] _3 <- ([#"../checked_ops.rs" 323 12 323 38] is_none0 _5); goto BB2 } BB2 { diff --git a/creusot/tests/should_succeed/checked_ops/why3session.xml b/creusot/tests/should_succeed/checked_ops/why3session.xml index d6a1e024ed..759ec6ca8b 100644 --- a/creusot/tests/should_succeed/checked_ops/why3session.xml +++ b/creusot/tests/should_succeed/checked_ops/why3session.xml @@ -9,12 +9,12 @@ - + - + @@ -24,17 +24,17 @@ - + - + - + @@ -44,32 +44,32 @@ - + - + - + - + - + - + @@ -79,17 +79,17 @@ - + - + - + @@ -99,22 +99,22 @@ - + - + - + - + @@ -124,32 +124,32 @@ - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/checked_ops/why3shapes.gz b/creusot/tests/should_succeed/checked_ops/why3shapes.gz index 046f3283e65b4b9f4fd37e101f75be36e555bdf5..ff6caa343fa3c19bab2d9de1553bb9e1d018705e 100644 GIT binary patch literal 4210 zcmV-&5RLC2iwFP!00000|Lt5`Z{4^Ne)q39Z*6TD;QdlG28_Ul{IYrILazaJ+Zssh zBu=u6{`!tcNr$9JT^t)5Zw&-7CCzZi;c&>0oH>6#Jv{u!d}<#K-`g(_xA%AdJcz^T zKTf`WHn(@*Nr|q9A};Y*L?yXC>2A8q?&fW0uFZ#s_R)XMm-gZQ!}k`MU%!3&(2|nk zl9J)$SNFFwzkd1FmXuwZH}L1XV>T)RDm^bFz?cG=P zH~7!Kv0tDb+Fg+$~*?<)-MNrZ=0qaIs33kofVw z$#H$U|GoWEli>|E)$P}Zpsp)tR7CZ5K~!W^M7ZaKMH1eBbr?@AHKf-rrw*TdEfqFK0-ey zH-T2sk&msljHKe4lrph#g@Yb1z$jHL8TT$Xj?!Tb%_a)*47`g1E2FnT#z)Mrhx;uO&uTe!GI{ zy?f|_Htrq*v~>tlZsH!c8r_Hc-%pMe`sQ1rsXnMeyz{9NG&lV!3OkY;&ts))1EXZ? zHp!xi;8&1YIlWmBircVQ^JoU7#6`e~0$9$n5`r$~;zdT7|qe1(F4^k(Q7cK!k8*7eQPNyoF5 z0{N4}<2;4+aot?8j;BYueX+AhOC)H+8iC>&lJ0KWJq3g8Pmx@+FP3Q%f`U2Xv8>M# zXY9JSfOu=dOJxlm{)Q`pzbolKm8z7!fy?ahK584VKD;tNx{Eu2*guS`!ssG?CV-jS z&u>DQgrN~*LUD#N;avu2j;dS6nJZMwI5We%6KAeBG)7-}xqEQtde`Irrs%C-*wTfI zRk94u%y9iU&dea6O)!&iJmO3!&VVMo%OK6EHw#E}k!Bfbj;yhNc=%RL0CP90l>Ne= zM3t^{@tgT=A(4dm?lbKK91 z*?wLO`}rRIO?Q%^=BLfqY#XpdGHwI-Y#YFQy?dOy7Uk9Ug%Zzl61T5RtKAJHCWymn zpKJETGR;g-H03>(%`lKUNEe$88O?^w%!UkR1LlVV7#M8(cMekk2X-nPKc~V+J-I%| z(FL$CO?iy}wqNf5RJ3tAl|6+d&_;qTH_@K~Z9I|mG}=gU?nE0a?TfeMX^Feg#!7cX ziOE6stbPe?>=G2ZnV$n~WR$%JZEPQ2nIGLpqYdyAThYdRQt95TlIPXKk#W2SL-{>~ zt;;dHBYhnE9bFIS)li5Q19&r@JG%{t9z&o8uS)83>^*W{J)e&!>At~9)7*ZaZO+KM zZIy;KjTATAm`88#j>YE=cvJ+RDS|siSZ90{uF_A{8y2pSyE>Fz=E=Cs#~mU=hZ4*D zQ*{VGc6f4&vFpstN(Up=WgpCE!8Io?-*QNj@jY^%44qr6z-V8mLg=Q{Ue9rkfWqD zx}Bm<%^qKHQgLN~0G#I-1CWFk}6!G2E z#8A?A+bRuf@-}H(m`AiO9CD6_1p|n7!_t?cVZj0V9uYT-FBsXvu=LlLzu2qIX;@~r zoMc20WQHKffFKANhNW+25W5Hq(o^X+ieucP-W(ohQ&cdUM+LL3QNelj_II(rxNFpu zZ@9ZZ-eo0lML!M8*=b^g9BAVHiu*dBTyw88Xx-rNxbN;zs6w1^cgVRrGB#m$N7Hx8 zBBm!ge0}sGEfXb6AI&gp3M@7SCUb|ht}4fCt$@WRGfdQ&*cE3e_Cqn*fO};>%93$M zRWcSvil5`jzM-6t=g-j%&W+6uY8dn5#bfrpDoJXu*c^(4jf-l zK`cAX5ymbrcI9FNVM1;YL>}{PJrmcQ1K)5Prj5L`s2<>9aQsLw8y5R>u^<4)-Pr~8M$zJoXm97G)Q=R1hAy$%9A zxLWrRX{wDbB4mE7kH|JO>m+7!ALS*oUC+3QfPS`l$aUdjm2AyZgj_%FD*F0HU(uIi zXVJgg>n%2oVcuP26|?9e?%Lm?*uO0qWv_W>d2ug4@9g$9@9Z`2Y%cLN?`-3p-Lw$! zWAU$(b$0t~S!a(wqEaQ($t|nP$Kmni9Z=_hzZyT5E(D9m7b;90kEqoAh)PXIRJvr+ zQI$-Di6rNXuz!tgJfM=Z11jMsltkRHz-{<(0Z!til6+f3$!ANF=?2L(PAc+)7-ArhdY!b0;KA3WcnDHGFquC26M*6Rg*=|o+ygg;4#_m@ShGJ--_LVyh zD;aiFrOmeV27Q}-9;spv@sjh-Zl4c;o?B3Ve6yNywg^C1s5a)E{SW|MZ)gn5@^T-Q zfVL41rs-!MVgZ2el{ohgKPv#;H-`Dtw9Nq2Pdt0v5mi3YCljiTvL3<<^hrl*_Y`7? z^eLm&9;Wnh>JRtM!!@(_fd^;UY&v-&%msD(v^1a{PP@}y2ka;EB(s2{z@z8Sx|fNT zVv^1?yr*HtdTu($8BCi_O#LjESSsCsQD~gSwCSW(rpZGWvUt|LQ(WXg9(UHA4cVGb zKl%Kun@?xmiMXwt^Vl+SQLNT+1QtC+d_!gXHON)Hx=i_o*KF0-Y}H42w*T*J)!QAg;^pP4-aa~4_1WPC$NlYY@&?>qA@KML zfoFe7$5rKc?b5>Ir3JRb)Ahqp4hJ7k*AJYG*XS4^j-LX1j>Eh_@AhDF3w-utIZXTc zhaL}<-)*lvtkEO7*fV|D=o@dCnleLn1!`%<`7?%zzX&C$SCJy7jh zdNG^*_6tkrb)NePtc%r#b&V7^8@aDmutQdtRQF#Uv%AZVLp|u20857q*h!Og$bhv- z!%>uUSDH3ev48lHG*y5;EHj6Rn@h8c{=ALZx)wuVV44p>0(~j8G3-s|Aqr-kzDFWA z6_3xIj@$EG`@;|%E!FW!tZ;3{qZ-u)&^+;6hu{U(cdSd76p$Jv)czW$AC7(X^_ z7JR{mopWD^`Ca4$8*(%mEr)s9W8ewD?#ZELGapCwQ{{P5JyGmS@*L*F>>72PAg&bX zhIm(@)Veh)ODaN}p(3;yioEie)_feADYv?$tbe3Oo0Vkp;)L^8H}_zU|e7Xwb2$!!dr!#N{Cj<8e~${idI3jO-m1$7MKhz ztZUx!+5ihOlt86O$r^FiDXB%70rs1b^Etz@(##xzE@3RP9pRl3#~AFwR2 zIH|B~K}v^Ni@D|+w*q`t)6^POP$$%<3#_0%L@O?<4*DP(rlH?mMQen+iXdrJ-5v-o z2pU?6jjU-!I^JR2b*4eJ=7iCPbV7HA(*xlJVFdxblM_^thM=Zt8Ea6dY1h@YB%pDM zRZC!eh%892_PXPWwTa|JWgV>z zsymp<1c6p5E+`tBK$IjxD^n5HwRJ5t)va!Xmb$_QvHC!1K?yX0gC0>sT2!@C(Hb{g zNK$bys+7&__dP9iER){5Q* zHdumX)?5~>uTAN z8h4GLf+J!WSPZWTIdEKXbRu9H!9e3)3aGAbDy11G6s)VNcr6Z`7QF9{k_|>efHn;i z(6p8}F!n$R^Aur551bc#><($LX07H7>y{D4VeDH&SyS@{<_nbvE(+l>{5*y5N16Xswh)Fz7Xd!3Q#92%$C19Rv!4S_Lk|I87wXAMDi~f);`dO%M$d6#>5ky|0x(b)~ABcAyyeM^$qW%-QJw0663t13@EpV& z`vd;9KYspN-^3|e0$%c);q%`9V80$ee$ju!Kc^=m2iBA10Jk^x+Fsf(5ATqs1VP3o z9b5K;{V#cI|FuSS{78OoM`eSAKMYThiM>j7ewBm7XICyScf^vSd`MH0+xty|`g|`J z_^J(jRmXRW>LK44J&yFlCKaw%$s!y-JXEP(pB{d#KbJ84LTz#U^5~6q+rm z8+e*9tS<7`hvwn);Y`<0dI*v!eq#`EEE##C4(dczL^E&ZUiqrR1PQ|(lsF-Jz zxRgHE%QV*wd5p?=K8dRxa*dFO*(4?Y^%_-#U64zhPTNw6X**2~KfF%Q@-{h4jI}HF zUe{<>guNEl&u`$)Dl%8Yhi?(-w3R>IlsDUAY2pF58qNEMUoTGjFlTb)WReGklW$$B z2n`CBGu)BfJBv$vGz@vZ9`QVwX6^uqRoj_kKD!OmS_Jbe#x7Vo<5qAypA`9enP$$% zomFm+)j4%{7kd8J&-T-&q5Ucycu$EJL&N6v0o~>{Mr7%?dx}M9zNE0 zH~pg0<$nB&3EcI0m&^iBGr|!fAIDI#+H8tF#L@Y|*IM?Lw7wA&?DwLbBV1YN8FZ z!?-4l31SbtOhJGXz64Hgrq&E&j!)+(bF{!R%3PsZMwyAuJ5lDkpdt23^WB3o*HsVo zjnQ|Lc#8_xt7Hk3ndr3{WhPEA9FPgZY0Y5f_;ijlC&?CY<|559&Wv{5i8I$k3~^?P z=N_CH=7-0x#RM-`F(o29{-)nMBrs)5F~z)e98i{1@1*1?8f~9tlYyVi2H8|D-#yo z11qmES4s9i?Hb;^tv9?52I;avzGTL<~ zl3WupM3O00>2(h0UQes~((*!-d;b zHP30%&Jwy;SBG{Of6vuzu-a>MZo?Z1hI{bFin7s36yl9lp|6)|;&>z0!lHZd#&#E~qziZ9jqRpY z6YUb-z$~$TR4p-PyUd}IJBXH~rI2O6J;2Xkkr0DxyCz;yxf|*d_@%Qf1Q+FG7a+-F2FmN>AaAO<%W+Br`K4oy9CiI@}*C99cBoX zV*#>Ykyls3RbiB(&v`KBJdsX${>z+s%7ama+3T5BsSYanJE8QBh+)={tv{JeoWOPz zErBR0bZ_tbR;%vhR_CG28Sklb#{7HUR}{#pJv%L1r5n-|<6)X&?uFJ__g6XF0A^Tt zCvQnypZDb=?+v(yh1c_zOc3&p_wer~FRF6AfiS|?y8<5e+jbJeAQf~JpLG1ND-3&W}dj~Y=jBeimzF2sNFfFLh_cG0w_ZZAe3`f6S zG9TdvBgj6e6dA$^G%E$$r+0Y z;$!_&aOZDJDcMWGS(@FSzu@fnQgHTCaJIO-{ACNyrbR@Yn%{f5Sso^bz4d18DN^^M zj;YiMK}*q{H=RzN=EqW}hbm`cI-l~(K&}>#2iC~O^MTnrJ;vQ~kgM4N!S-{ZO|tr& zFPAuPKbqL2eyDS_gI~|Eq{j6+-Hd5aDiUAx+-lO{`?lk z-he;ddb4c@R5%g4!UCEqEa)hPDXYi18+e5~ZS5xj?Hy68@dV2K&7+XFvjl@d6Q&P= ziDSwm;kuDN;9e#=;h8XbfWK<^N6k+uR@rpG4gQ+paeY$7%BB-%h?D!Fymf?_c!KPTb(Q1yRi1iuPKmzb>eR^$zi)Bs$S{^5 zUW!!D!ThC2H8Pj}kVUG;9mwK)DN$WS7V{d_1!Q4x8`35aPEvcnmZIHund$Ap(DXNd zr^lS&zPYEvjk{a2dPV)BJLk0iw7t_a_@Lb4KBo`1-)so1V6k^2+Ag|nl)5T%^u||sfjlD8eA|ji>w+1^fV`irl+&_I0tW|0lzus!wj*hN);z;mkrREsVdc$q?OnVS6#Y> zua|M7{l*XePA$jn?#+h2=I<2T*gTGj%dd{3y{6p_i7Nyy$1kT}Z^oY^;B@MeAnG2y z>91)_La>lKlw-h`v&$J|jN;odiu(r12Tz;8)2rpOvwY~q#&0W^onC$HDwhS+N=^;m z_l`rszwQ9i_dPgoCSj=eoc<4OZ8PqBfYFh_PQD+0y%~S@h4Q;3h}h_RI0Ybtb(t_0 zokEDIVZhWd)|>(izHhDMy*dMOHU|c;(Kh-pmK)qE)yU%xbzI0280QtYO>L#HtfU%h zYIs%ZS`tbQJYyMTG$R+4Rz%TCm&z&$N=R)@rSU(`g{q6{pfZ_>3tK2bd1;_xR%!#L zsDYTev9-0PwESQ)eIaq9NOYwnu^J3mQdUYy0h~0r?n!Z=G@}GZdus~^#N!GWVEByHJ24ts?maqqCo96ubQ$Us<7M~KxDu(K)b_5qm{L`u4=9r zBT{lI0l8?PP$&)T04jsl?9>=rvkLjvrUp?oC5~&Y07GlV4326t(1QrJQbeLHX~9v< zvXqr(Ri&kAN;H_&2SzhS1`$9jKquG&cvB;-VWu{fG|Cjz5?&q{%NU>tf>YB7N(zjV z(&B2`)KyubIaI?qk>Fq^6D3w88Lh;J|6d$psWmfs$IG zwImud3B~Bgu+yLrF%x>=EaROzfNV%p*os&#WLaxXSc&p!K(|sHPh@;l2l)|8pl*tS zl#D7-0~(AJ7=^^(R_MT0##?ouU_=|ECBsNzQ1IGlLI|T=2vM;5z)i+mbtF`#WQ;eZ zYEa0g!XAR4g-{+*0vrU*1gfJdj547LNhOC$DkLp5qq?eaQ;Y#3SSFy0`I_S_1S+La zI06PY2dElDXj5xt4nkyNRHvpKq-D4(9EPXC=x$NmPr^ykQI>yVBRUTDbcTGp^K6=1#SN^T^%IvWAy(bwZxK2 GaR2~E1sXK~ diff --git a/creusot/tests/should_succeed/clones/03.mlcfg b/creusot/tests/should_succeed/clones/03.mlcfg index cacc974bb0..3700068abf 100644 --- a/creusot/tests/should_succeed/clones/03.mlcfg +++ b/creusot/tests/should_succeed/clones/03.mlcfg @@ -81,7 +81,7 @@ module C03_Prog2 goto BB0 } BB0 { - [#"../03.rs" 15 4 15 11] _2 <- ([#"../03.rs" 15 4 15 11] prog0 ([#"../03.rs" 15 9 15 10] [#"../03.rs" 15 9 15 10] (0 : int32))); + [#"../03.rs" 15 4 15 11] _2 <- ([#"../03.rs" 15 4 15 11] prog0 (0 : int32)); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/closures/01_basic.mlcfg b/creusot/tests/should_succeed/closures/01_basic.mlcfg index 203254292a..6490d5da08 100644 --- a/creusot/tests/should_succeed/closures/01_basic.mlcfg +++ b/creusot/tests/should_succeed/closures/01_basic.mlcfg @@ -51,13 +51,16 @@ module C01Basic_UsesClosure var y : bool; var _x : bool; var _4 : C01Basic_UsesClosure_Closure0.c01basic_usesclosure_closure0; + var _6 : (); { goto BB0 } BB0 { - [#"../01_basic.rs" 5 12 5 16] y <- ([#"../01_basic.rs" 5 12 5 16] [#"../01_basic.rs" 5 12 5 16] true); - [#"../01_basic.rs" 6 13 6 19] _4 <- ([#"../01_basic.rs" 6 13 6 19] C01Basic_UsesClosure_Closure0.C01Basic_UsesClosure_Closure0 ([#"../01_basic.rs" 6 13 6 19] y)); - [#"../01_basic.rs" 6 13 6 21] _x <- ([#"../01_basic.rs" 6 13 6 21] let () = [#"../01_basic.rs" 6 13 6 21] () in closure00 ([#"../01_basic.rs" 6 13 6 19] _4)); + [#"../01_basic.rs" 5 12 5 16] y <- ([#"../01_basic.rs" 5 12 5 16] true); + [#"../01_basic.rs" 6 13 6 19] _4 <- ([#"../01_basic.rs" 6 13 6 19] C01Basic_UsesClosure_Closure0.C01Basic_UsesClosure_Closure0 y); + [#"../01_basic.rs" 6 13 6 21] _6 <- ([#"../01_basic.rs" 6 13 6 21] ()); + [#"../01_basic.rs" 6 13 6 21] _x <- ([#"../01_basic.rs" 6 13 6 21] let () = _6 in closure00 _4); + _6 <- any (); goto BB1 } BB1 { @@ -90,7 +93,7 @@ module C01Basic_MultiArg_Closure0 goto BB0 } BB0 { - [#"../01_basic.rs" 10 19 10 24] _0 <- ([#"../01_basic.rs" 10 19 10 24] ([#"../01_basic.rs" 10 19 10 20] a) + ([#"../01_basic.rs" 10 23 10 24] b)); + [#"../01_basic.rs" 10 19 10 24] _0 <- ([#"../01_basic.rs" 10 19 10 24] a + b); return _0 } @@ -110,12 +113,15 @@ module C01Basic_MultiArg var _0 : (); var x : C01Basic_MultiArg_Closure0.c01basic_multiarg_closure0; var _a : int32; + var _4 : (int32, int32); { goto BB0 } BB0 { [#"../01_basic.rs" 10 12 10 24] x <- ([#"../01_basic.rs" 10 12 10 24] C01Basic_MultiArg_Closure0.C01Basic_MultiArg_Closure0); - [#"../01_basic.rs" 11 13 11 22] _a <- ([#"../01_basic.rs" 11 13 11 22] let (a, b) = [#"../01_basic.rs" 11 13 11 22] (([#"../01_basic.rs" 11 17 11 18] [#"../01_basic.rs" 11 17 11 18] (0 : int32)), ([#"../01_basic.rs" 11 20 11 21] [#"../01_basic.rs" 11 20 11 21] (3 : int32))) in closure00 ([#"../01_basic.rs" 11 13 11 16] x) a b); + [#"../01_basic.rs" 11 13 11 22] _4 <- ([#"../01_basic.rs" 11 13 11 22] ((0 : int32), (3 : int32))); + [#"../01_basic.rs" 11 13 11 22] _a <- ([#"../01_basic.rs" 11 13 11 22] let (a, b) = _4 in closure00 x a b); + _4 <- any (int32, int32); goto BB1 } BB1 { @@ -166,7 +172,7 @@ module C01Basic_MoveClosure_Closure0 goto BB0 } BB0 { - [#"../01_basic.rs" 20 8 20 15] _1 <- { _1 with current = (let C01Basic_MoveClosure_Closure0.C01Basic_MoveClosure_Closure0 x0 = * _1 in C01Basic_MoveClosure_Closure0.C01Basic_MoveClosure_Closure0 ({ (field_00 ( * _1)) with current = ([#"../01_basic.rs" 20 8 20 15] * field_00 ( * _1) + ([#"../01_basic.rs" 20 14 20 15] [#"../01_basic.rs" 20 14 20 15] (1 : int32))) ; })) ; }; + [#"../01_basic.rs" 20 8 20 15] _1 <- { _1 with current = (let C01Basic_MoveClosure_Closure0.C01Basic_MoveClosure_Closure0 x0 = * _1 in C01Basic_MoveClosure_Closure0.C01Basic_MoveClosure_Closure0 ({ (field_00 ( * _1)) with current = ([#"../01_basic.rs" 20 8 20 15] * field_00 ( * _1) + (1 : int32)) ; })) ; }; assume { resolve0 _1 }; [#"../01_basic.rs" 19 24 21 5] _0 <- ([#"../01_basic.rs" 19 24 21 5] ()); return _0 @@ -214,28 +220,34 @@ module C01Basic_MoveClosure var x : C01Basic_MoveClosure_Closure0.c01basic_moveclosure_closure0; var _4 : (); var _5 : borrowed C01Basic_MoveClosure_Closure0.c01basic_moveclosure_closure0; + var _6 : (); var _7 : (); var _8 : borrowed C01Basic_MoveClosure_Closure0.c01basic_moveclosure_closure0; + var _9 : (); { goto BB0 } BB0 { - [#"../01_basic.rs" 17 17 17 21] _2 <- ([#"../01_basic.rs" 17 17 17 21] [#"../01_basic.rs" 17 17 17 21] (0 : int32)); + [#"../01_basic.rs" 17 17 17 21] _2 <- ([#"../01_basic.rs" 17 17 17 21] (0 : int32)); [#"../01_basic.rs" 17 12 17 21] a <- Borrow.borrow_mut _2; [#"../01_basic.rs" 17 12 17 21] _2 <- ^ a; [#"../01_basic.rs" 19 16 21 5] x <- ([#"../01_basic.rs" 19 16 21 5] C01Basic_MoveClosure_Closure0.C01Basic_MoveClosure_Closure0 a); a <- any borrowed int32; [#"../01_basic.rs" 23 4 23 7] _5 <- Borrow.borrow_mut x; [#"../01_basic.rs" 23 4 23 7] x <- ^ _5; - [#"../01_basic.rs" 23 4 23 9] _4 <- ([#"../01_basic.rs" 23 4 23 9] let () = [#"../01_basic.rs" 23 4 23 9] () in closure00 _5); + [#"../01_basic.rs" 23 4 23 9] _6 <- ([#"../01_basic.rs" 23 4 23 9] ()); + [#"../01_basic.rs" 23 4 23 9] _4 <- ([#"../01_basic.rs" 23 4 23 9] let () = _6 in closure00 _5); _5 <- any borrowed C01Basic_MoveClosure_Closure0.c01basic_moveclosure_closure0; + _6 <- any (); goto BB1 } BB1 { [#"../01_basic.rs" 24 4 24 7] _8 <- Borrow.borrow_mut x; [#"../01_basic.rs" 24 4 24 7] x <- ^ _8; - [#"../01_basic.rs" 24 4 24 9] _7 <- ([#"../01_basic.rs" 24 4 24 9] let () = [#"../01_basic.rs" 24 4 24 9] () in closure00 _8); + [#"../01_basic.rs" 24 4 24 9] _9 <- ([#"../01_basic.rs" 24 4 24 9] ()); + [#"../01_basic.rs" 24 4 24 9] _7 <- ([#"../01_basic.rs" 24 4 24 9] let () = _9 in closure00 _8); _8 <- any borrowed C01Basic_MoveClosure_Closure0.c01basic_moveclosure_closure0; + _9 <- any (); goto BB2 } BB2 { @@ -313,7 +325,7 @@ module C01Basic_MoveMut_Closure0 [#"../01_basic.rs" 36 12 36 21] _2 <- Borrow.borrow_final ( * _3) (Borrow.get_id _3); [#"../01_basic.rs" 36 12 36 21] _3 <- { _3 with current = ( ^ _2) ; }; [#"../01_basic.rs" 36 8 36 21] _1 <- { _1 with current = (let C01Basic_MoveMut_Closure0.C01Basic_MoveMut_Closure0 x0 = * _1 in C01Basic_MoveMut_Closure0.C01Basic_MoveMut_Closure0 ([#"../01_basic.rs" 36 8 36 21] _2)) ; }; - [#"../01_basic.rs" 36 8 36 21] _2 <- any borrowed uint32; + _2 <- any borrowed uint32; assume { resolve0 (field_00 ( * _1)) }; assume { resolve1 _1 }; assume { resolve0 _3 }; @@ -375,28 +387,34 @@ module C01Basic_MoveMut var a : C01Basic_MoveMut_Closure0.c01basic_movemut_closure0; var _4 : (); var _5 : borrowed C01Basic_MoveMut_Closure0.c01basic_movemut_closure0; + var _6 : (); var _7 : (); var _8 : borrowed C01Basic_MoveMut_Closure0.c01basic_movemut_closure0; + var _9 : (); { goto BB0 } BB0 { - [#"../01_basic.rs" 33 21 33 25] _2 <- ([#"../01_basic.rs" 33 21 33 25] [#"../01_basic.rs" 33 21 33 25] (0 : uint32)); + [#"../01_basic.rs" 33 21 33 25] _2 <- ([#"../01_basic.rs" 33 21 33 25] (0 : uint32)); [#"../01_basic.rs" 33 16 33 25] x <- Borrow.borrow_mut _2; [#"../01_basic.rs" 33 16 33 25] _2 <- ^ x; [#"../01_basic.rs" 35 16 37 5] a <- ([#"../01_basic.rs" 35 16 37 5] C01Basic_MoveMut_Closure0.C01Basic_MoveMut_Closure0 x); x <- any borrowed uint32; [#"../01_basic.rs" 38 4 38 7] _5 <- Borrow.borrow_mut a; [#"../01_basic.rs" 38 4 38 7] a <- ^ _5; - [#"../01_basic.rs" 38 4 38 9] _4 <- ([#"../01_basic.rs" 38 4 38 9] let () = [#"../01_basic.rs" 38 4 38 9] () in closure00 _5); + [#"../01_basic.rs" 38 4 38 9] _6 <- ([#"../01_basic.rs" 38 4 38 9] ()); + [#"../01_basic.rs" 38 4 38 9] _4 <- ([#"../01_basic.rs" 38 4 38 9] let () = _6 in closure00 _5); _5 <- any borrowed C01Basic_MoveMut_Closure0.c01basic_movemut_closure0; + _6 <- any (); goto BB1 } BB1 { [#"../01_basic.rs" 39 4 39 7] _8 <- Borrow.borrow_mut a; [#"../01_basic.rs" 39 4 39 7] a <- ^ _8; - [#"../01_basic.rs" 39 4 39 9] _7 <- ([#"../01_basic.rs" 39 4 39 9] let () = [#"../01_basic.rs" 39 4 39 9] () in closure00 _8); + [#"../01_basic.rs" 39 4 39 9] _9 <- ([#"../01_basic.rs" 39 4 39 9] ()); + [#"../01_basic.rs" 39 4 39 9] _7 <- ([#"../01_basic.rs" 39 4 39 9] let () = _9 in closure00 _8); _8 <- any borrowed C01Basic_MoveMut_Closure0.c01basic_movemut_closure0; + _9 <- any (); goto BB2 } BB2 { diff --git a/creusot/tests/should_succeed/closures/02_nested.mlcfg b/creusot/tests/should_succeed/closures/02_nested.mlcfg index 32d2394222..333554df29 100644 --- a/creusot/tests/should_succeed/closures/02_nested.mlcfg +++ b/creusot/tests/should_succeed/closures/02_nested.mlcfg @@ -69,12 +69,15 @@ module C02Nested_NestedClosure_Closure0 var _0 : bool; var _1 : C02Nested_NestedClosure_Closure0.c02nested_nestedclosure_closure0 = _1; var omg : C02Nested_NestedClosure_Closure0_Closure0.c02nested_nestedclosure_closure0_closure0; + var _5 : (); { goto BB0 } BB0 { - [#"../02_nested.rs" 6 18 6 22] omg <- ([#"../02_nested.rs" 6 18 6 22] C02Nested_NestedClosure_Closure0_Closure0.C02Nested_NestedClosure_Closure0_Closure0 ([#"../02_nested.rs" 6 18 6 22] field_00 _1)); - [#"../02_nested.rs" 7 8 7 15] _0 <- ([#"../02_nested.rs" 7 8 7 15] let () = [#"../02_nested.rs" 7 8 7 15] () in closure00 ([#"../02_nested.rs" 7 8 7 13] omg)); + [#"../02_nested.rs" 6 18 6 22] omg <- ([#"../02_nested.rs" 6 18 6 22] C02Nested_NestedClosure_Closure0_Closure0.C02Nested_NestedClosure_Closure0_Closure0 (field_00 _1)); + [#"../02_nested.rs" 7 8 7 15] _5 <- ([#"../02_nested.rs" 7 8 7 15] ()); + [#"../02_nested.rs" 7 8 7 15] _0 <- ([#"../02_nested.rs" 7 8 7 15] let () = _5 in closure00 omg); + _5 <- any (); goto BB1 } BB1 { @@ -120,13 +123,16 @@ module C02Nested_NestedClosure var a : bool; var _a : bool; var _4 : C02Nested_NestedClosure_Closure0.c02nested_nestedclosure_closure0; + var _6 : (); { goto BB0 } BB0 { - [#"../02_nested.rs" 4 12 4 16] a <- ([#"../02_nested.rs" 4 12 4 16] [#"../02_nested.rs" 4 12 4 16] true); - [#"../02_nested.rs" 5 13 8 6] _4 <- ([#"../02_nested.rs" 5 13 8 6] C02Nested_NestedClosure_Closure0.C02Nested_NestedClosure_Closure0 ([#"../02_nested.rs" 5 13 8 6] a)); - [#"../02_nested.rs" 5 13 8 8] _a <- ([#"../02_nested.rs" 5 13 8 8] let () = [#"../02_nested.rs" 5 13 8 8] () in closure00 ([#"../02_nested.rs" 5 13 8 6] _4)); + [#"../02_nested.rs" 4 12 4 16] a <- ([#"../02_nested.rs" 4 12 4 16] true); + [#"../02_nested.rs" 5 13 8 6] _4 <- ([#"../02_nested.rs" 5 13 8 6] C02Nested_NestedClosure_Closure0.C02Nested_NestedClosure_Closure0 a); + [#"../02_nested.rs" 5 13 8 8] _6 <- ([#"../02_nested.rs" 5 13 8 8] ()); + [#"../02_nested.rs" 5 13 8 8] _a <- ([#"../02_nested.rs" 5 13 8 8] let () = _6 in closure00 _4); + _6 <- any (); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/closures/03_generic_bound.mlcfg b/creusot/tests/should_succeed/closures/03_generic_bound.mlcfg index 57fdf87f38..f68b76137f 100644 --- a/creusot/tests/should_succeed/closures/03_generic_bound.mlcfg +++ b/creusot/tests/should_succeed/closures/03_generic_bound.mlcfg @@ -142,11 +142,14 @@ module C03GenericBound_ClosureParam = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var f : f = f; + var _3 : uint32; { goto BB0 } BB0 { - [#"../03_generic_bound.rs" 4 4 4 10] _0 <- ([#"../03_generic_bound.rs" 4 4 4 10] call0 ([#"../03_generic_bound.rs" 4 4 4 7] f) ([#"../03_generic_bound.rs" 4 4 4 10] (([#"../03_generic_bound.rs" 4 8 4 9] [#"../03_generic_bound.rs" 4 8 4 9] (0 : uint32))))); + [#"../03_generic_bound.rs" 4 4 4 10] _3 <- ([#"../03_generic_bound.rs" 4 4 4 10] ((0 : uint32))); + [#"../03_generic_bound.rs" 4 4 4 10] _0 <- ([#"../03_generic_bound.rs" 4 4 4 10] call0 f _3); + _3 <- any uint32; goto BB1 } BB1 { @@ -205,11 +208,14 @@ module C03GenericBound_Caller let rec cfg caller [#"../03_generic_bound.rs" 7 0 7 15] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _1 : C03GenericBound_Caller_Closure0.c03genericbound_caller_closure0; { goto BB0 } BB0 { - [#"../03_generic_bound.rs" 8 4 8 31] _0 <- ([#"../03_generic_bound.rs" 8 4 8 31] closure_param0 ([#"../03_generic_bound.rs" 8 18 8 30] C03GenericBound_Caller_Closure0.C03GenericBound_Caller_Closure0)); + [#"../03_generic_bound.rs" 8 18 8 30] _1 <- ([#"../03_generic_bound.rs" 8 18 8 30] C03GenericBound_Caller_Closure0.C03GenericBound_Caller_Closure0); + [#"../03_generic_bound.rs" 8 4 8 31] _0 <- ([#"../03_generic_bound.rs" 8 4 8 31] closure_param0 _1); + _1 <- any C03GenericBound_Caller_Closure0.c03genericbound_caller_closure0; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/closures/04_generic_closure.mlcfg b/creusot/tests/should_succeed/closures/04_generic_closure.mlcfg index aa4fdd7cef..1d07ea19da 100644 --- a/creusot/tests/should_succeed/closures/04_generic_closure.mlcfg +++ b/creusot/tests/should_succeed/closures/04_generic_closure.mlcfg @@ -152,12 +152,15 @@ module C04GenericClosure_GenericClosure var _0 : b; var f : f = f; var a : a = a; + var _4 : a; { goto BB0 } BB0 { - [#"../04_generic_closure.rs" 4 4 4 8] _0 <- ([#"../04_generic_closure.rs" 4 4 4 8] call0 ([#"../04_generic_closure.rs" 4 4 4 5] f) ([#"../04_generic_closure.rs" 4 4 4 8] (([#"../04_generic_closure.rs" 4 6 4 7] a)))); - [#"../04_generic_closure.rs" 4 6 4 7] a <- any a; + [#"../04_generic_closure.rs" 4 4 4 8] _4 <- ([#"../04_generic_closure.rs" 4 4 4 8] (a)); + a <- any a; + [#"../04_generic_closure.rs" 4 4 4 8] _0 <- ([#"../04_generic_closure.rs" 4 4 4 8] call0 f _4); + _4 <- any a; goto BB1 } BB1 { @@ -270,12 +273,15 @@ module C04GenericClosure_Mapper var _0 : (); var x : a = x; var _2 : (); + var _3 : C04GenericClosure_Mapper_Closure0.c04genericclosure_mapper_closure0 a; { goto BB0 } BB0 { - [#"../04_generic_closure.rs" 8 12 8 39] _2 <- ([#"../04_generic_closure.rs" 8 12 8 39] generic_closure0 ([#"../04_generic_closure.rs" 8 28 8 35] C04GenericClosure_Mapper_Closure0.C04GenericClosure_Mapper_Closure0) ([#"../04_generic_closure.rs" 8 37 8 38] x)); - [#"../04_generic_closure.rs" 8 37 8 38] x <- any a; + [#"../04_generic_closure.rs" 8 28 8 35] _3 <- ([#"../04_generic_closure.rs" 8 28 8 35] C04GenericClosure_Mapper_Closure0.C04GenericClosure_Mapper_Closure0); + [#"../04_generic_closure.rs" 8 12 8 39] _2 <- ([#"../04_generic_closure.rs" 8 12 8 39] generic_closure0 _3 x); + _3 <- any C04GenericClosure_Mapper_Closure0.c04genericclosure_mapper_closure0 a; + x <- any a; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/closures/05_map.mlcfg b/creusot/tests/should_succeed/closures/05_map.mlcfg index 15dad8e0a3..f0754d7255 100644 --- a/creusot/tests/should_succeed/closures/05_map.mlcfg +++ b/creusot/tests/should_succeed/closures/05_map.mlcfg @@ -230,6 +230,7 @@ module C05Map_Impl0_Next var _3 : borrowed i; var e : a; var _6 : b; + var _8 : a; { goto BB0 } @@ -252,11 +253,13 @@ module C05Map_Impl0_Next } BB3 { [#"../05_map.rs" 20 17 20 18] e <- ([#"../05_map.rs" 20 17 20 18] Core_Option_Option_Type.some_0 _2); - [#"../05_map.rs" 20 17 20 18] _2 <- (let Core_Option_Option_Type.C_Some x0 = _2 in Core_Option_Option_Type.C_Some (any a)); + _2 <- (let Core_Option_Option_Type.C_Some x0 = _2 in Core_Option_Option_Type.C_Some (any a)); assert { [@expl:type invariant] inv1 _2 }; assume { resolve0 _2 }; - [#"../05_map.rs" 20 28 20 42] _6 <- ([#"../05_map.rs" 20 28 20 42] call0 ([#"../05_map.rs" 20 28 20 39] C05Map_Map_Type.map_func ( * self)) ([#"../05_map.rs" 20 28 20 42] (([#"../05_map.rs" 20 40 20 41] e)))); - [#"../05_map.rs" 20 40 20 41] e <- any a; + [#"../05_map.rs" 20 28 20 42] _8 <- ([#"../05_map.rs" 20 28 20 42] (e)); + e <- any a; + [#"../05_map.rs" 20 28 20 42] _6 <- ([#"../05_map.rs" 20 28 20 42] call0 (C05Map_Map_Type.map_func ( * self)) _8); + _8 <- any a; goto BB6 } BB4 { diff --git a/creusot/tests/should_succeed/closures/06_fn_specs.mlcfg b/creusot/tests/should_succeed/closures/06_fn_specs.mlcfg index 860ffcbf71..421d85590a 100644 --- a/creusot/tests/should_succeed/closures/06_fn_specs.mlcfg +++ b/creusot/tests/should_succeed/closures/06_fn_specs.mlcfg @@ -66,9 +66,9 @@ module C06FnSpecs_Weaken3 goto BB2 } BB2 { - [#"../06_fn_specs.rs" 33 4 33 27] _0 <- ([#"../06_fn_specs.rs" 33 4 33 27] call_once0 ([#"../06_fn_specs.rs" 33 22 33 23] f) ([#"../06_fn_specs.rs" 33 25 33 26] a)); - [#"../06_fn_specs.rs" 33 22 33 23] f <- any f; - [#"../06_fn_specs.rs" 33 25 33 26] a <- any a; + [#"../06_fn_specs.rs" 33 4 33 27] _0 <- ([#"../06_fn_specs.rs" 33 4 33 27] call_once0 f a); + f <- any f; + a <- any a; goto BB3 } BB3 { @@ -204,9 +204,9 @@ module C06FnSpecs_Weaken2 goto BB2 } BB2 { - [#"../06_fn_specs.rs" 21 4 21 18] _0 <- ([#"../06_fn_specs.rs" 21 4 21 18] weaken_30 ([#"../06_fn_specs.rs" 21 13 21 14] f) ([#"../06_fn_specs.rs" 21 16 21 17] a)); - [#"../06_fn_specs.rs" 21 13 21 14] f <- any f; - [#"../06_fn_specs.rs" 21 16 21 17] a <- any a; + [#"../06_fn_specs.rs" 21 4 21 18] _0 <- ([#"../06_fn_specs.rs" 21 4 21 18] weaken_30 f a); + f <- any f; + a <- any a; goto BB3 } BB3 { @@ -367,9 +367,9 @@ module C06FnSpecs_Weaken goto BB2 } BB2 { - [#"../06_fn_specs.rs" 9 4 9 18] _0 <- ([#"../06_fn_specs.rs" 9 4 9 18] weaken_20 ([#"../06_fn_specs.rs" 9 13 9 14] f) ([#"../06_fn_specs.rs" 9 16 9 17] a)); - [#"../06_fn_specs.rs" 9 13 9 14] f <- any f; - [#"../06_fn_specs.rs" 9 16 9 17] a <- any a; + [#"../06_fn_specs.rs" 9 4 9 18] _0 <- ([#"../06_fn_specs.rs" 9 4 9 18] weaken_20 f a); + f <- any f; + a <- any a; goto BB3 } BB3 { @@ -450,9 +450,9 @@ module C06FnSpecs_Weaken3Std goto BB2 } BB2 { - [#"../06_fn_specs.rs" 39 4 39 27] _0 <- ([#"../06_fn_specs.rs" 39 4 39 27] call_once0 ([#"../06_fn_specs.rs" 39 22 39 23] f) ([#"../06_fn_specs.rs" 39 25 39 26] a)); - [#"../06_fn_specs.rs" 39 22 39 23] f <- any f; - [#"../06_fn_specs.rs" 39 25 39 26] a <- any a; + [#"../06_fn_specs.rs" 39 4 39 27] _0 <- ([#"../06_fn_specs.rs" 39 4 39 27] call_once0 f a); + f <- any f; + a <- any a; goto BB3 } BB3 { @@ -588,9 +588,9 @@ module C06FnSpecs_Weaken2Std goto BB2 } BB2 { - [#"../06_fn_specs.rs" 27 4 27 22] _0 <- ([#"../06_fn_specs.rs" 27 4 27 22] weaken_3_std0 ([#"../06_fn_specs.rs" 27 17 27 18] f) ([#"../06_fn_specs.rs" 27 20 27 21] a)); - [#"../06_fn_specs.rs" 27 17 27 18] f <- any f; - [#"../06_fn_specs.rs" 27 20 27 21] a <- any a; + [#"../06_fn_specs.rs" 27 4 27 22] _0 <- ([#"../06_fn_specs.rs" 27 4 27 22] weaken_3_std0 f a); + f <- any f; + a <- any a; goto BB3 } BB3 { @@ -751,9 +751,9 @@ module C06FnSpecs_WeakenStd goto BB2 } BB2 { - [#"../06_fn_specs.rs" 15 4 15 22] _0 <- ([#"../06_fn_specs.rs" 15 4 15 22] weaken_2_std0 ([#"../06_fn_specs.rs" 15 17 15 18] f) ([#"../06_fn_specs.rs" 15 20 15 21] a)); - [#"../06_fn_specs.rs" 15 17 15 18] f <- any f; - [#"../06_fn_specs.rs" 15 20 15 21] a <- any a; + [#"../06_fn_specs.rs" 15 4 15 22] _0 <- ([#"../06_fn_specs.rs" 15 4 15 22] weaken_2_std0 f a); + f <- any f; + a <- any a; goto BB3 } BB3 { @@ -822,6 +822,7 @@ module C06FnSpecs_FnOnceUser = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var f : f = f; + var _4 : usize; { goto BB0 } @@ -829,8 +830,10 @@ module C06FnSpecs_FnOnceUser goto BB1 } BB1 { - [#"../06_fn_specs.rs" 45 4 45 8] _0 <- ([#"../06_fn_specs.rs" 45 4 45 8] call_once0 ([#"../06_fn_specs.rs" 45 4 45 5] f) ([#"../06_fn_specs.rs" 45 4 45 8] (([#"../06_fn_specs.rs" 45 6 45 7] [#"../06_fn_specs.rs" 45 6 45 7] (0 : usize))))); - [#"../06_fn_specs.rs" 45 4 45 5] f <- any f; + [#"../06_fn_specs.rs" 45 4 45 8] _4 <- ([#"../06_fn_specs.rs" 45 4 45 8] ((0 : usize))); + [#"../06_fn_specs.rs" 45 4 45 8] _0 <- ([#"../06_fn_specs.rs" 45 4 45 8] call_once0 f _4); + f <- any f; + _4 <- any usize; goto BB2 } BB2 { @@ -896,11 +899,14 @@ module C06FnSpecs_Caller let rec cfg caller [#"../06_fn_specs.rs" 48 0 48 15] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _1 : C06FnSpecs_Caller_Closure0.c06fnspecs_caller_closure0; { goto BB0 } BB0 { - [#"../06_fn_specs.rs" 49 4 49 24] _0 <- ([#"../06_fn_specs.rs" 49 4 49 24] fn_once_user0 ([#"../06_fn_specs.rs" 49 17 49 23] C06FnSpecs_Caller_Closure0.C06FnSpecs_Caller_Closure0)); + [#"../06_fn_specs.rs" 49 17 49 23] _1 <- ([#"../06_fn_specs.rs" 49 17 49 23] C06FnSpecs_Caller_Closure0.C06FnSpecs_Caller_Closure0); + [#"../06_fn_specs.rs" 49 4 49 24] _0 <- ([#"../06_fn_specs.rs" 49 4 49 24] fn_once_user0 _1); + _1 <- any C06FnSpecs_Caller_Closure0.c06fnspecs_caller_closure0; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/closures/06_fn_specs/why3session.xml b/creusot/tests/should_succeed/closures/06_fn_specs/why3session.xml index 82f34b3b23..e680c575f1 100644 --- a/creusot/tests/should_succeed/closures/06_fn_specs/why3session.xml +++ b/creusot/tests/should_succeed/closures/06_fn_specs/why3session.xml @@ -38,7 +38,7 @@ - + diff --git a/creusot/tests/should_succeed/closures/06_fn_specs/why3shapes.gz b/creusot/tests/should_succeed/closures/06_fn_specs/why3shapes.gz index 3bea0ccc112364a67c8945bdffe5183fac2ca7b1..294a6c6a55a81967e6d29dfe724d9146b30a44b2 100644 GIT binary patch literal 752 zcmV9H#?*sc0auC`fsUBpS~uCck|kRV8x2CgbL!4 zRahibSgy?5Za6f%zI{Eo)0-vMC#bj$6~$^Q!BJWnrQQv_p7|Y zgUcy91#VbQ+}xzhvG48Rl8Pz|yYVZ-SCl7^^uhB9IXkZ^74Yi3>lo&)jXcx`2n2wI zVY|qc26G2+;Nqk%;7ndR>kE7m*rish`QRYGIyrEe<%spe^M4|Y5Aql915g!YMWmZu zw*rVUOBUS#GHC6yEyW(8@z4Aq*ZPsURAgNy$&r z&nz&0`9l42c0$a~XJ;!dte{*QD%1}SfRi`WRVS#?3&rVvcvCEKt|_<8$Dzh?xvd+Q zAwVMu5vRc8ji68Yy-~c{bBlQ~FDpz23&>bN#R6IMl$<#^pS@HpK2>;m>0Qw2<^$fL z=x#s7w+dH(&kt8 z{LUjU?Q_K&R+P6OE*2AalLa=%!R}8(4>M=gr(U38-_4rIqW|$`n_;sy+pXPi*4y21 z+*?*2V%}y9Bnjmx@|L8LQq-+5bw{Y`rV%X)#af$kO&T?5mS7DAS|Zz!u@XrtMIA|0 z3i7&EHU+MMG&nS9U^>@IXIg5J2xvG-qFNGIB3XBN4Ye>_*j8ber6@FVjjj@E1dYs} zhg^fwkZF(_#C@hHAE%1he^XWWsagdcSG8zdH7=0>tMgpiy35Eq;aN&dV;;CR9SY2x ia0;wNsM{tJ)EV109h27blt>e5g5)2+9p|4+2mk;oI%n(v literal 749 zcmVxb-BG`tpDtf}n;B>^8v11+pw-#j>Q0 zlkV?NvSr6k6SUaLvh+kg@;&j(L)QJWFTTs({IPpJ?7w9)d-%FKz1rvf8&<4HOQ>L6 zvI>jUa4gsM<wuh;*~7zV@7?9q3J-J56jXAH9B^5=YFfe6O1kMz5 zLj;#YbV}T?9Jqx}+4FwyyAV`VD(#M6nZBZ&Kr$X)ZphhvUFn3^m)*cH4`t*jKR_Y? zEHyiv+$b;)fB-HgbpdDc(nVk3gTNuQUe6l``OVHjh%9?-Y+n2mseOvBYm$MsUc3)krw6KB>W$2VYIRGYa=$lT^y%&n^PQ7N;yBb2m?{>pvvH$VnUANuX-OeAko86&1 zA3YnRx_*1Lq8vrukhD^Yx)HW+33ct9Xi#X@_>3DeXuz-))?lF_@{X*RNK$KRNut(} z*R}Q;a06r@puqq$xzR=$X~ar^<0Oe{N#KcO-R3pa!gApojjhU17~}>+CNu~JS-cOq z0c}7TkOsuZOi_NGDysjcsz0V$qiU4XNG(^cQOYUZGS8Y2#|e}?BW5s9T)EX;^>E7S#uCLnW)dxR#@e&-HM)w23KoR^@WPx)W+O%p03=$P%Lgf26U{>n{cf;7} z^uxF>o9#HHN!|8lhbjxi*%giwN1(}?(>2ajq~y|CsbI2@hkwR)x^L^fCMvXhA!cpY zwLiLe+I~AFxCSVJWz}G<7*>TD4hv!z#HPg26wld{8I9}gddYLTTwv9tSvxjGfA@1U z^-SG+-WYf0?(Xin#<%NZ;Ex;wnZBi`62ELaKX*WSXSG-wESy~q%`G=IHD5Fs8!5%N z8g%B>Aa6zJ&VO*6)5U+8i%-n02dg5-rfs#8&|?)%>I+olhPC(PLKv7p@P{zrOc>k} z7CJW#cZ9(s*oO&|w%EhNpu!_xj@60@CKQ`2H-Qc_rsy#cJw5qbw?b@Dhc_BGwRV4p7R7=uG%@MLdSOM9zV0K^X)9P$tSSFQhaGDk=DU#k^l$ Kb~pc%1pojpfW}|| delta 416 zcmV;R0bl;D1FZv)7k|qbgTYmEh>%bsrMJq*qQMvyl|aOj{(fyjw&voLgU5z>vpm1y z*>n3Z+^gO_sIITt=GA4c_u?ctHjU~BKu-XE3RvM1hc>I40lh?UOdxt62h3}g;C>i8 zm3?UUwAqbAmeg&p-waOFUJFz1DKRJ>f)*Yq*v{_xIR)z(iK)smbYV5^miY( zQ_sY{=dE`4?cMD?H~4ma4fK&~faysck+@~sxzYmZoYi7zFmV5JX?D4ZuKA)tuBF6p zHE7MNM&63ho_}F3$?Ct%@e^}KLzXR@S|^!v5l`ClL~MsOQ*xn;=|JocU4b=S?3S+3 zx@C4p7kdQzAYG9u_4rc|;mnq0t-%Bfgg;rT108q1Aafux5C5#<(-@qmV9-Ic(nNKf z5NH(ValwF=7$_{bVq8(i$|wev2QFEILpg<*$}(p(4;dv>u>_ebN_ goto BB4 | True -> goto BB3 end } BB3 { - [#"../duration.rs" 12 14 12 50] max <- ([#"../duration.rs" 12 14 12 50] new0 ([#"../duration.rs" 12 28 12 36] [#"../duration.rs" 12 28 12 36] (18446744073709551615 : uint64)) ([#"../duration.rs" 12 38 12 49] [#"../duration.rs" 12 38 12 49] (999999999 : uint32))); + [#"../duration.rs" 12 14 12 50] max <- ([#"../duration.rs" 12 14 12 50] new0 (18446744073709551615 : uint64) (999999999 : uint32)); goto BB5 } BB4 { @@ -229,27 +242,27 @@ module Duration_TestDuration absurd } BB5 { - [#"../duration.rs" 14 17 14 39] d_secs <- ([#"../duration.rs" 14 17 14 39] from_secs0 ([#"../duration.rs" 14 37 14 38] [#"../duration.rs" 14 37 14 38] (1 : uint64))); + [#"../duration.rs" 14 17 14 39] d_secs <- ([#"../duration.rs" 14 17 14 39] from_secs0 (1 : uint64)); goto BB6 } BB6 { assert { [@expl:assertion] [#"../duration.rs" 15 18 15 42] shallow_model0 d_secs = 1000000000 }; - [#"../duration.rs" 17 19 17 43] d_millis <- ([#"../duration.rs" 17 19 17 43] from_millis0 ([#"../duration.rs" 17 41 17 42] [#"../duration.rs" 17 41 17 42] (1 : uint64))); + [#"../duration.rs" 17 19 17 43] d_millis <- ([#"../duration.rs" 17 19 17 43] from_millis0 (1 : uint64)); goto BB7 } BB7 { assert { [@expl:assertion] [#"../duration.rs" 18 18 18 40] shallow_model0 d_millis = 1000000 }; - [#"../duration.rs" 20 19 20 43] d_micros <- ([#"../duration.rs" 20 19 20 43] from_micros0 ([#"../duration.rs" 20 41 20 42] [#"../duration.rs" 20 41 20 42] (1 : uint64))); + [#"../duration.rs" 20 19 20 43] d_micros <- ([#"../duration.rs" 20 19 20 43] from_micros0 (1 : uint64)); goto BB8 } BB8 { assert { [@expl:assertion] [#"../duration.rs" 21 18 21 36] shallow_model0 d_micros = 1000 }; - [#"../duration.rs" 23 18 23 41] d_nanos <- ([#"../duration.rs" 23 18 23 41] from_nanos0 ([#"../duration.rs" 23 39 23 40] [#"../duration.rs" 23 39 23 40] (1 : uint64))); + [#"../duration.rs" 23 18 23 41] d_nanos <- ([#"../duration.rs" 23 18 23 41] from_nanos0 (1 : uint64)); goto BB9 } BB9 { assert { [@expl:assertion] [#"../duration.rs" 24 18 24 31] shallow_model0 d_nanos = 1 }; - [#"../duration.rs" 26 12 26 26] _23 <- ([#"../duration.rs" 26 12 26 26] is_zero0 ([#"../duration.rs" 26 12 26 16] zero)); + [#"../duration.rs" 26 12 26 26] _23 <- ([#"../duration.rs" 26 12 26 26] is_zero0 zero); goto BB10 } BB10 { @@ -259,7 +272,7 @@ module Duration_TestDuration end } BB11 { - [#"../duration.rs" 27 13 27 29] _27 <- ([#"../duration.rs" 27 13 27 29] is_zero0 ([#"../duration.rs" 27 13 27 19] d_secs)); + [#"../duration.rs" 27 13 27 29] _27 <- ([#"../duration.rs" 27 13 27 29] is_zero0 d_secs); goto BB13 } BB12 { @@ -277,17 +290,19 @@ module Duration_TestDuration absurd } BB15 { - [#"../duration.rs" 29 17 29 33] _32 <- ([#"../duration.rs" 29 17 29 33] as_secs0 ([#"../duration.rs" 29 17 29 23] d_secs)); + [#"../duration.rs" 29 17 29 33] _32 <- ([#"../duration.rs" 29 17 29 33] as_secs0 d_secs); goto BB16 } BB16 { - switch ([#"../duration.rs" 29 12 29 33] ([#"../duration.rs" 29 12 29 13] [#"../duration.rs" 29 12 29 13] (1 : uint64)) = _32) + [#"../duration.rs" 29 12 29 33] _31 <- ([#"../duration.rs" 29 12 29 33] (1 : uint64) = _32); + _32 <- any uint64; + switch (_31) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../duration.rs" 30 17 30 39] _37 <- ([#"../duration.rs" 30 17 30 39] subsec_millis0 ([#"../duration.rs" 30 17 30 23] d_secs)); + [#"../duration.rs" 30 17 30 39] _37 <- ([#"../duration.rs" 30 17 30 39] subsec_millis0 d_secs); goto BB19 } BB18 { @@ -295,13 +310,15 @@ module Duration_TestDuration absurd } BB19 { - switch ([#"../duration.rs" 30 12 30 39] ([#"../duration.rs" 30 12 30 13] [#"../duration.rs" 30 12 30 13] (0 : uint32)) = _37) + [#"../duration.rs" 30 12 30 39] _36 <- ([#"../duration.rs" 30 12 30 39] (0 : uint32) = _37); + _37 <- any uint32; + switch (_36) | False -> goto BB21 | True -> goto BB20 end } BB20 { - [#"../duration.rs" 31 17 31 39] _42 <- ([#"../duration.rs" 31 17 31 39] subsec_micros0 ([#"../duration.rs" 31 17 31 23] d_secs)); + [#"../duration.rs" 31 17 31 39] _42 <- ([#"../duration.rs" 31 17 31 39] subsec_micros0 d_secs); goto BB22 } BB21 { @@ -309,13 +326,15 @@ module Duration_TestDuration absurd } BB22 { - switch ([#"../duration.rs" 31 12 31 39] ([#"../duration.rs" 31 12 31 13] [#"../duration.rs" 31 12 31 13] (0 : uint32)) = _42) + [#"../duration.rs" 31 12 31 39] _41 <- ([#"../duration.rs" 31 12 31 39] (0 : uint32) = _42); + _42 <- any uint32; + switch (_41) | False -> goto BB24 | True -> goto BB23 end } BB23 { - [#"../duration.rs" 32 17 32 38] _47 <- ([#"../duration.rs" 32 17 32 38] subsec_nanos0 ([#"../duration.rs" 32 17 32 23] d_secs)); + [#"../duration.rs" 32 17 32 38] _47 <- ([#"../duration.rs" 32 17 32 38] subsec_nanos0 d_secs); goto BB25 } BB24 { @@ -323,13 +342,15 @@ module Duration_TestDuration absurd } BB25 { - switch ([#"../duration.rs" 32 12 32 38] ([#"../duration.rs" 32 12 32 13] [#"../duration.rs" 32 12 32 13] (0 : uint32)) = _47) + [#"../duration.rs" 32 12 32 38] _46 <- ([#"../duration.rs" 32 12 32 38] (0 : uint32) = _47); + _47 <- any uint32; + switch (_46) | False -> goto BB27 | True -> goto BB26 end } BB26 { - [#"../duration.rs" 34 12 34 36] _53 <- ([#"../duration.rs" 34 12 34 36] subsec_millis0 ([#"../duration.rs" 34 12 34 20] d_millis)); + [#"../duration.rs" 34 12 34 36] _53 <- ([#"../duration.rs" 34 12 34 36] subsec_millis0 d_millis); goto BB28 } BB27 { @@ -337,17 +358,22 @@ module Duration_TestDuration absurd } BB28 { - [#"../duration.rs" 34 48 34 68] _55 <- ([#"../duration.rs" 34 48 34 68] as_millis0 ([#"../duration.rs" 34 48 34 56] d_millis)); + [#"../duration.rs" 34 12 34 44] _52 <- ([#"../duration.rs" 34 12 34 44] UInt128.of_int (UInt32.to_int _53)); + _53 <- any uint32; + [#"../duration.rs" 34 48 34 68] _55 <- ([#"../duration.rs" 34 48 34 68] as_millis0 d_millis); goto BB29 } BB29 { - switch ([#"../duration.rs" 34 12 34 68] ([#"../duration.rs" 34 12 34 44] UInt128.of_int (UInt32.to_int _53)) = _55) + [#"../duration.rs" 34 12 34 68] _51 <- ([#"../duration.rs" 34 12 34 68] _52 = _55); + _52 <- any uint128; + _55 <- any uint128; + switch (_51) | False -> goto BB31 | True -> goto BB30 end } BB30 { - [#"../duration.rs" 35 12 35 36] _61 <- ([#"../duration.rs" 35 12 35 36] subsec_micros0 ([#"../duration.rs" 35 12 35 20] d_micros)); + [#"../duration.rs" 35 12 35 36] _61 <- ([#"../duration.rs" 35 12 35 36] subsec_micros0 d_micros); goto BB32 } BB31 { @@ -355,17 +381,22 @@ module Duration_TestDuration absurd } BB32 { - [#"../duration.rs" 35 48 35 68] _63 <- ([#"../duration.rs" 35 48 35 68] as_micros0 ([#"../duration.rs" 35 48 35 56] d_micros)); + [#"../duration.rs" 35 12 35 44] _60 <- ([#"../duration.rs" 35 12 35 44] UInt128.of_int (UInt32.to_int _61)); + _61 <- any uint32; + [#"../duration.rs" 35 48 35 68] _63 <- ([#"../duration.rs" 35 48 35 68] as_micros0 d_micros); goto BB33 } BB33 { - switch ([#"../duration.rs" 35 12 35 68] ([#"../duration.rs" 35 12 35 44] UInt128.of_int (UInt32.to_int _61)) = _63) + [#"../duration.rs" 35 12 35 68] _59 <- ([#"../duration.rs" 35 12 35 68] _60 = _63); + _60 <- any uint128; + _63 <- any uint128; + switch (_59) | False -> goto BB35 | True -> goto BB34 end } BB34 { - [#"../duration.rs" 36 12 36 34] _69 <- ([#"../duration.rs" 36 12 36 34] subsec_nanos0 ([#"../duration.rs" 36 12 36 19] d_nanos)); + [#"../duration.rs" 36 12 36 34] _69 <- ([#"../duration.rs" 36 12 36 34] subsec_nanos0 d_nanos); goto BB36 } BB35 { @@ -373,17 +404,22 @@ module Duration_TestDuration absurd } BB36 { - [#"../duration.rs" 36 46 36 64] _71 <- ([#"../duration.rs" 36 46 36 64] as_nanos0 ([#"../duration.rs" 36 46 36 53] d_nanos)); + [#"../duration.rs" 36 12 36 42] _68 <- ([#"../duration.rs" 36 12 36 42] UInt128.of_int (UInt32.to_int _69)); + _69 <- any uint32; + [#"../duration.rs" 36 46 36 64] _71 <- ([#"../duration.rs" 36 46 36 64] as_nanos0 d_nanos); goto BB37 } BB37 { - switch ([#"../duration.rs" 36 12 36 64] ([#"../duration.rs" 36 12 36 42] UInt128.of_int (UInt32.to_int _69)) = _71) + [#"../duration.rs" 36 12 36 64] _67 <- ([#"../duration.rs" 36 12 36 64] _68 = _71); + _68 <- any uint128; + _71 <- any uint128; + switch (_67) | False -> goto BB39 | True -> goto BB38 end } BB38 { - [#"../duration.rs" 38 12 38 35] _77 <- ([#"../duration.rs" 38 12 38 35] checked_add0 ([#"../duration.rs" 38 12 38 18] d_secs) ([#"../duration.rs" 38 31 38 34] max)); + [#"../duration.rs" 38 12 38 35] _77 <- ([#"../duration.rs" 38 12 38 35] checked_add0 d_secs max); goto BB40 } BB39 { @@ -391,7 +427,7 @@ module Duration_TestDuration absurd } BB40 { - [#"../duration.rs" 38 12 38 45] _75 <- ([#"../duration.rs" 38 12 38 45] is_none0 ([#"../duration.rs" 38 12 38 35] _77)); + [#"../duration.rs" 38 12 38 45] _75 <- ([#"../duration.rs" 38 12 38 45] is_none0 _77); goto BB41 } BB41 { @@ -401,7 +437,7 @@ module Duration_TestDuration end } BB42 { - [#"../duration.rs" 39 12 39 38] _84 <- ([#"../duration.rs" 39 12 39 38] checked_add0 ([#"../duration.rs" 39 12 39 18] d_secs) ([#"../duration.rs" 39 31 39 37] d_secs)); + [#"../duration.rs" 39 12 39 38] _84 <- ([#"../duration.rs" 39 12 39 38] checked_add0 d_secs d_secs); goto BB44 } BB43 { @@ -409,7 +445,7 @@ module Duration_TestDuration absurd } BB44 { - [#"../duration.rs" 39 12 39 48] _82 <- ([#"../duration.rs" 39 12 39 48] is_some0 ([#"../duration.rs" 39 12 39 38] _84)); + [#"../duration.rs" 39 12 39 48] _82 <- ([#"../duration.rs" 39 12 39 48] is_some0 _84); goto BB45 } BB45 { @@ -419,7 +455,7 @@ module Duration_TestDuration end } BB46 { - [#"../duration.rs" 41 12 41 35] _91 <- ([#"../duration.rs" 41 12 41 35] checked_sub0 ([#"../duration.rs" 41 12 41 18] d_secs) ([#"../duration.rs" 41 31 41 34] max)); + [#"../duration.rs" 41 12 41 35] _91 <- ([#"../duration.rs" 41 12 41 35] checked_sub0 d_secs max); goto BB48 } BB47 { @@ -427,7 +463,7 @@ module Duration_TestDuration absurd } BB48 { - [#"../duration.rs" 41 12 41 45] _89 <- ([#"../duration.rs" 41 12 41 45] is_none0 ([#"../duration.rs" 41 12 41 35] _91)); + [#"../duration.rs" 41 12 41 45] _89 <- ([#"../duration.rs" 41 12 41 45] is_none0 _91); goto BB49 } BB49 { @@ -437,7 +473,7 @@ module Duration_TestDuration end } BB50 { - [#"../duration.rs" 42 12 42 40] _98 <- ([#"../duration.rs" 42 12 42 40] checked_sub0 ([#"../duration.rs" 42 12 42 18] d_secs) ([#"../duration.rs" 42 31 42 39] d_millis)); + [#"../duration.rs" 42 12 42 40] _98 <- ([#"../duration.rs" 42 12 42 40] checked_sub0 d_secs d_millis); goto BB52 } BB51 { @@ -445,7 +481,7 @@ module Duration_TestDuration absurd } BB52 { - [#"../duration.rs" 42 12 42 50] _96 <- ([#"../duration.rs" 42 12 42 50] is_some0 ([#"../duration.rs" 42 12 42 40] _98)); + [#"../duration.rs" 42 12 42 50] _96 <- ([#"../duration.rs" 42 12 42 50] is_some0 _98); goto BB53 } BB53 { @@ -455,7 +491,7 @@ module Duration_TestDuration end } BB54 { - [#"../duration.rs" 44 12 44 30] _105 <- ([#"../duration.rs" 44 12 44 30] checked_mul0 ([#"../duration.rs" 44 12 44 15] max) ([#"../duration.rs" 44 28 44 29] [#"../duration.rs" 44 28 44 29] (2 : uint32))); + [#"../duration.rs" 44 12 44 30] _105 <- ([#"../duration.rs" 44 12 44 30] checked_mul0 max (2 : uint32)); goto BB56 } BB55 { @@ -463,7 +499,7 @@ module Duration_TestDuration absurd } BB56 { - [#"../duration.rs" 44 12 44 40] _103 <- ([#"../duration.rs" 44 12 44 40] is_none0 ([#"../duration.rs" 44 12 44 30] _105)); + [#"../duration.rs" 44 12 44 40] _103 <- ([#"../duration.rs" 44 12 44 40] is_none0 _105); goto BB57 } BB57 { @@ -473,7 +509,7 @@ module Duration_TestDuration end } BB58 { - [#"../duration.rs" 45 12 45 34] _111 <- ([#"../duration.rs" 45 12 45 34] checked_mul0 ([#"../duration.rs" 45 12 45 18] d_secs) ([#"../duration.rs" 45 31 45 33] [#"../duration.rs" 45 31 45 33] (10 : uint32))); + [#"../duration.rs" 45 12 45 34] _111 <- ([#"../duration.rs" 45 12 45 34] checked_mul0 d_secs (10 : uint32)); goto BB60 } BB59 { @@ -481,7 +517,7 @@ module Duration_TestDuration absurd } BB60 { - [#"../duration.rs" 45 12 45 44] _109 <- ([#"../duration.rs" 45 12 45 44] is_some0 ([#"../duration.rs" 45 12 45 34] _111)); + [#"../duration.rs" 45 12 45 44] _109 <- ([#"../duration.rs" 45 12 45 44] is_some0 _111); goto BB61 } BB61 { @@ -491,7 +527,7 @@ module Duration_TestDuration end } BB62 { - [#"../duration.rs" 47 12 47 33] _117 <- ([#"../duration.rs" 47 12 47 33] checked_div0 ([#"../duration.rs" 47 12 47 18] d_secs) ([#"../duration.rs" 47 31 47 32] [#"../duration.rs" 47 31 47 32] (0 : uint32))); + [#"../duration.rs" 47 12 47 33] _117 <- ([#"../duration.rs" 47 12 47 33] checked_div0 d_secs (0 : uint32)); goto BB64 } BB63 { @@ -499,7 +535,7 @@ module Duration_TestDuration absurd } BB64 { - [#"../duration.rs" 47 12 47 43] _115 <- ([#"../duration.rs" 47 12 47 43] is_none0 ([#"../duration.rs" 47 12 47 33] _117)); + [#"../duration.rs" 47 12 47 43] _115 <- ([#"../duration.rs" 47 12 47 43] is_none0 _117); goto BB65 } BB65 { @@ -509,7 +545,7 @@ module Duration_TestDuration end } BB66 { - [#"../duration.rs" 48 12 48 34] _123 <- ([#"../duration.rs" 48 12 48 34] checked_div0 ([#"../duration.rs" 48 12 48 18] d_secs) ([#"../duration.rs" 48 31 48 33] [#"../duration.rs" 48 31 48 33] (10 : uint32))); + [#"../duration.rs" 48 12 48 34] _123 <- ([#"../duration.rs" 48 12 48 34] checked_div0 d_secs (10 : uint32)); goto BB68 } BB67 { @@ -517,7 +553,7 @@ module Duration_TestDuration absurd } BB68 { - [#"../duration.rs" 48 12 48 44] _121 <- ([#"../duration.rs" 48 12 48 44] is_some0 ([#"../duration.rs" 48 12 48 34] _123)); + [#"../duration.rs" 48 12 48 44] _121 <- ([#"../duration.rs" 48 12 48 44] is_some0 _123); goto BB69 } BB69 { @@ -527,7 +563,7 @@ module Duration_TestDuration end } BB70 { - [#"../duration.rs" 50 14 50 33] sum <- ([#"../duration.rs" 50 14 50 33] add0 ([#"../duration.rs" 50 14 50 22] d_millis) ([#"../duration.rs" 50 25 50 33] d_micros)); + [#"../duration.rs" 50 14 50 33] sum <- ([#"../duration.rs" 50 14 50 33] add0 d_millis d_micros); goto BB72 } BB71 { @@ -535,7 +571,7 @@ module Duration_TestDuration absurd } BB72 { - [#"../duration.rs" 51 21 51 40] difference <- ([#"../duration.rs" 51 21 51 40] sub0 ([#"../duration.rs" 51 21 51 29] d_millis) ([#"../duration.rs" 51 32 51 40] d_micros)); + [#"../duration.rs" 51 21 51 40] difference <- ([#"../duration.rs" 51 21 51 40] sub0 d_millis d_micros); goto BB73 } BB73 { diff --git a/creusot/tests/should_succeed/filter_positive.mlcfg b/creusot/tests/should_succeed/filter_positive.mlcfg index 736c16c50d..f32f455df0 100644 --- a/creusot/tests/should_succeed/filter_positive.mlcfg +++ b/creusot/tests/should_succeed/filter_positive.mlcfg @@ -317,12 +317,16 @@ module FilterPositive_M var count : usize; var i : usize; var _9 : (); + var _10 : bool; var _12 : usize; var _14 : (); + var _15 : bool; var _17 : int32; var u : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); + var _28 : bool; var _30 : usize; var _32 : (); + var _33 : bool; var _35 : int32; var _43 : int32; var _46 : borrowed int32; @@ -331,8 +335,8 @@ module FilterPositive_M goto BB0 } BB0 { - [#"../filter_positive.rs" 83 27 83 28] count <- ([#"../filter_positive.rs" 83 27 83 28] [#"../filter_positive.rs" 83 27 83 28] (0 : usize)); - [#"../filter_positive.rs" 84 23 84 24] i <- ([#"../filter_positive.rs" 84 23 84 24] [#"../filter_positive.rs" 84 23 84 24] (0 : usize)); + [#"../filter_positive.rs" 83 27 83 28] count <- ([#"../filter_positive.rs" 83 27 83 28] (0 : usize)); + [#"../filter_positive.rs" 84 23 84 24] i <- ([#"../filter_positive.rs" 84 23 84 24] (0 : usize)); goto BB1 } BB1 { @@ -348,27 +352,30 @@ module FilterPositive_M goto BB4 } BB4 { - [#"../filter_positive.rs" 89 14 89 21] _12 <- ([#"../filter_positive.rs" 89 14 89 21] len1 ([#"../filter_positive.rs" 89 14 89 15] t)); + [#"../filter_positive.rs" 89 14 89 21] _12 <- ([#"../filter_positive.rs" 89 14 89 21] len1 t); goto BB5 } BB5 { - switch ([#"../filter_positive.rs" 89 10 89 21] ([#"../filter_positive.rs" 89 10 89 11] i) < _12) + [#"../filter_positive.rs" 89 10 89 21] _10 <- ([#"../filter_positive.rs" 89 10 89 21] i < _12); + _12 <- any usize; + switch (_10) | False -> goto BB11 | True -> goto BB6 end } BB6 { - [#"../filter_positive.rs" 90 12 90 15] _17 <- ([#"../filter_positive.rs" 90 12 90 15] index0 ([#"../filter_positive.rs" 90 11 90 12] t) ([#"../filter_positive.rs" 90 13 90 14] i)); + [#"../filter_positive.rs" 90 12 90 15] _17 <- ([#"../filter_positive.rs" 90 12 90 15] index0 t i); goto BB7 } BB7 { - switch ([#"../filter_positive.rs" 90 11 90 19] ([#"../filter_positive.rs" 90 11 90 15] _17) > ([#"../filter_positive.rs" 90 18 90 19] [#"../filter_positive.rs" 90 18 90 19] (0 : int32))) + [#"../filter_positive.rs" 90 11 90 19] _15 <- ([#"../filter_positive.rs" 90 11 90 19] _17 > (0 : int32)); + switch (_15) | False -> goto BB9 | True -> goto BB8 end } BB8 { - [#"../filter_positive.rs" 91 12 91 22] count <- ([#"../filter_positive.rs" 91 12 91 22] count + ([#"../filter_positive.rs" 91 21 91 22] [#"../filter_positive.rs" 91 21 91 22] (1 : usize))); + [#"../filter_positive.rs" 91 12 91 22] count <- ([#"../filter_positive.rs" 91 12 91 22] count + (1 : usize)); [#"../filter_positive.rs" 91 12 91 22] _14 <- ([#"../filter_positive.rs" 91 12 91 22] ()); goto BB10 } @@ -377,17 +384,17 @@ module FilterPositive_M goto BB10 } BB10 { - [#"../filter_positive.rs" 93 8 93 14] i <- ([#"../filter_positive.rs" 93 8 93 14] i + ([#"../filter_positive.rs" 93 13 93 14] [#"../filter_positive.rs" 93 13 93 14] (1 : usize))); + [#"../filter_positive.rs" 93 8 93 14] i <- ([#"../filter_positive.rs" 93 8 93 14] i + (1 : usize)); [#"../filter_positive.rs" 89 22 94 5] _9 <- ([#"../filter_positive.rs" 89 22 94 5] ()); goto BB3 } BB11 { - [#"../filter_positive.rs" 95 26 95 40] u <- ([#"../filter_positive.rs" 95 26 95 40] from_elem0 ([#"../filter_positive.rs" 95 31 95 32] [#"../filter_positive.rs" 95 31 95 32] (0 : int32)) ([#"../filter_positive.rs" 95 34 95 39] count)); + [#"../filter_positive.rs" 95 26 95 40] u <- ([#"../filter_positive.rs" 95 26 95 40] from_elem0 (0 : int32) count); goto BB12 } BB12 { - [#"../filter_positive.rs" 96 4 96 13] count <- ([#"../filter_positive.rs" 96 4 96 13] [#"../filter_positive.rs" 96 12 96 13] (0 : usize)); - [#"../filter_positive.rs" 98 4 98 9] i <- ([#"../filter_positive.rs" 98 4 98 9] [#"../filter_positive.rs" 98 8 98 9] (0 : usize)); + [#"../filter_positive.rs" 96 4 96 13] count <- ([#"../filter_positive.rs" 96 4 96 13] (0 : usize)); + [#"../filter_positive.rs" 98 4 98 9] i <- ([#"../filter_positive.rs" 98 4 98 9] (0 : usize)); goto BB13 } BB13 { @@ -402,21 +409,24 @@ module FilterPositive_M goto BB16 } BB16 { - [#"../filter_positive.rs" 102 14 102 21] _30 <- ([#"../filter_positive.rs" 102 14 102 21] len1 ([#"../filter_positive.rs" 102 14 102 15] t)); + [#"../filter_positive.rs" 102 14 102 21] _30 <- ([#"../filter_positive.rs" 102 14 102 21] len1 t); goto BB17 } BB17 { - switch ([#"../filter_positive.rs" 102 10 102 21] ([#"../filter_positive.rs" 102 10 102 11] i) < _30) + [#"../filter_positive.rs" 102 10 102 21] _28 <- ([#"../filter_positive.rs" 102 10 102 21] i < _30); + _30 <- any usize; + switch (_28) | False -> goto BB27 | True -> goto BB18 end } BB18 { - [#"../filter_positive.rs" 103 12 103 15] _35 <- ([#"../filter_positive.rs" 103 12 103 15] index0 ([#"../filter_positive.rs" 103 11 103 12] t) ([#"../filter_positive.rs" 103 13 103 14] i)); + [#"../filter_positive.rs" 103 12 103 15] _35 <- ([#"../filter_positive.rs" 103 12 103 15] index0 t i); goto BB19 } BB19 { - switch ([#"../filter_positive.rs" 103 11 103 19] ([#"../filter_positive.rs" 103 11 103 15] _35) > ([#"../filter_positive.rs" 103 18 103 19] [#"../filter_positive.rs" 103 18 103 19] (0 : int32))) + [#"../filter_positive.rs" 103 11 103 19] _33 <- ([#"../filter_positive.rs" 103 11 103 19] _35 > (0 : int32)); + switch (_33) | False -> goto BB25 | True -> goto BB20 end @@ -430,20 +440,20 @@ module FilterPositive_M goto BB22 } BB22 { - [#"../filter_positive.rs" 113 24 113 27] _43 <- ([#"../filter_positive.rs" 113 24 113 27] index0 ([#"../filter_positive.rs" 113 23 113 24] t) ([#"../filter_positive.rs" 113 25 113 26] i)); + [#"../filter_positive.rs" 113 24 113 27] _43 <- ([#"../filter_positive.rs" 113 24 113 27] index0 t i); goto BB23 } BB23 { [#"../filter_positive.rs" 113 12 113 13] _47 <- Borrow.borrow_mut u; [#"../filter_positive.rs" 113 12 113 13] u <- ^ _47; - [#"../filter_positive.rs" 113 13 113 20] _46 <- ([#"../filter_positive.rs" 113 13 113 20] index_mut0 _47 ([#"../filter_positive.rs" 113 14 113 19] count)); + [#"../filter_positive.rs" 113 13 113 20] _46 <- ([#"../filter_positive.rs" 113 13 113 20] index_mut0 _47 count); _47 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); goto BB24 } BB24 { - [#"../filter_positive.rs" 113 12 113 27] _46 <- { _46 with current = ([#"../filter_positive.rs" 113 23 113 27] _43) ; }; + [#"../filter_positive.rs" 113 12 113 27] _46 <- { _46 with current = ([#"../filter_positive.rs" 113 12 113 27] _43) ; }; assume { resolve1 _46 }; - [#"../filter_positive.rs" 114 12 114 22] count <- ([#"../filter_positive.rs" 114 12 114 22] count + ([#"../filter_positive.rs" 114 21 114 22] [#"../filter_positive.rs" 114 21 114 22] (1 : usize))); + [#"../filter_positive.rs" 114 12 114 22] count <- ([#"../filter_positive.rs" 114 12 114 22] count + (1 : usize)); [#"../filter_positive.rs" 103 20 115 9] _32 <- ([#"../filter_positive.rs" 103 20 115 9] ()); goto BB26 } @@ -452,14 +462,14 @@ module FilterPositive_M goto BB26 } BB26 { - [#"../filter_positive.rs" 116 8 116 14] i <- ([#"../filter_positive.rs" 116 8 116 14] i + ([#"../filter_positive.rs" 116 13 116 14] [#"../filter_positive.rs" 116 13 116 14] (1 : usize))); + [#"../filter_positive.rs" 116 8 116 14] i <- ([#"../filter_positive.rs" 116 8 116 14] i + (1 : usize)); [#"../filter_positive.rs" 102 22 117 5] _9 <- ([#"../filter_positive.rs" 102 22 117 5] ()); goto BB15 } BB27 { assume { resolve0 t }; [#"../filter_positive.rs" 118 11 118 12] _0 <- ([#"../filter_positive.rs" 118 11 118 12] u); - [#"../filter_positive.rs" 118 11 118 12] u <- any Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); + u <- any Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); goto BB28 } BB28 { diff --git a/creusot/tests/should_succeed/filter_positive/why3session.xml b/creusot/tests/should_succeed/filter_positive/why3session.xml index 292fd0ed57..6ff4d0d310 100644 --- a/creusot/tests/should_succeed/filter_positive/why3session.xml +++ b/creusot/tests/should_succeed/filter_positive/why3session.xml @@ -23,7 +23,7 @@ - + diff --git a/creusot/tests/should_succeed/filter_positive/why3shapes.gz b/creusot/tests/should_succeed/filter_positive/why3shapes.gz index b339fc225aebbf6eb4c66a09bbbd38b09a1ae5af..bfed154a011f3011df10b06536d20ad68d454599 100644 GIT binary patch literal 886 zcmV-+1Bv_}iwFP!00000|AkdukDE#ieb2Apt+!iM8qXJSwW$=XHkwFR_o?z@BL{|E zR1&t3?6&{D9tde5$ySPB#$)@~=Xl6JcTxLHFTRalebbip?%&8pcOPdZ-P33KjF16} z@J6wq`+0U;|K;=x?dx^9+tZWZqwF0svHG9B%uygLXZR2mbrbCl+jU*6U+Q*7bNaIr z!3$+sj%`OoNuRFUGq{1wg$>AD<|tU9Mmw<>w5xJ|;YpuRGt3oly5}q=P=ImwW?+MH z_tYn5c>Q0WW7P+&LIA%{d{lnBrS+fm+)37WYRlad7k-YLb(N1ToLg~ydNpQ2vo*-W z4OD*jw0|B-LUkLs-8W^nuYR3Zu>V2j?lnfSJT7e@v|k#O!%~O5{gO)@mNK;2FPXw# zhrS%*0j#R}ZN05?Ujfs0EPhKrx$Y2f;j#*5f$@-1V6vQ!P>R5c!(@okFcX4l0+@`^ z*~!@;LB}CG_lLtQh2$OLJCZTFL{JDC!Ibp%@KSm4w*VFqf{I-bi`KVboEfslB(7}gq$%- z({KBovWqc*vXc}hgGc(>96Tz%_;Y@i#{|L1bh4L{eXP#JW9P$HL_IG0d!y8XxW)A= zRR_4C%O0w&SW;et*ckh zUo#c*SVfz$Y0IwA~En`2NI# zm*aIk)}1PH{Crzqz@5s}*if0;90dy}ot|iv(|LWk^2EXdcL6jkH6sg5Q&JIiQWhghW~31S6OLCN#RR zTo4I*49Phf2QG!=eZ>z}M%B3k;Xpc2HGV(7G@kt~fR+ehi+vC+t&hK^EfDs`L3X7~ zN!jx%m;)$N+Hm^86>)eNoI^gDn?ta$z*o)&`fxb$herrvfa7M8bH2&T*RF{ zNBZmzK{(HGPG-l`6-js`Z!JIdF)1ze@>v(K3LIK*+T*V5uB~|;av8@}JOy2jQA!~v zL8^cy!9=p)(WAd#b2^>i%SF5nf@Y-7*RR+dJwc_%QwW+OdOwak8kL4VEjYoJi+7*} zy9rE4xm+!3ymzsrnk?uZytnpst}drj~Ck3p6Eqdf&{zb8qrP!TYZ z(n*M?$|eg_*(92-Gr_m_UE92Ra4HQMREnE+zi;1s`Dy#FQv$1chmBJP>yrMLy%W97 zb=+u>7WbgVA5N*8ChAX}Yp;FNy*>Lq@j=41->sx05>10nb$|4&ec;z8e~6<55KozD zKIN3`sYO#Xt>dP)H)`m`*{jQJFlXDZ=fIkS*iNG%u(+JdqmEeH$T0$5-+v#B++{{e~Z$2 goto BB10 | True -> goto BB9 end @@ -423,7 +428,8 @@ module GhostPtrToken_Test left_val1 <- (let (a, _) = _36 in a); right_val1 <- (let (_, a) = _36 in a); assume { resolve1 _36 }; - switch (left_val1 = right_val1) + _42 <- left_val1 = right_val1; + switch (_42) | False -> goto BB12 | True -> goto BB11 end @@ -457,7 +463,7 @@ module GhostPtrToken_Test BB13 { assume { resolve2 m2 }; assume { resolve2 m1 }; - [#"../ghost_ptr_token.rs" 16 16 16 38] _60 <- ([#"../ghost_ptr_token.rs" 16 16 16 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 16 16 16 21] token) ([#"../ghost_ptr_token.rs" 16 33 16 37] ptr1)); + [#"../ghost_ptr_token.rs" 16 16 16 38] _60 <- ([#"../ghost_ptr_token.rs" 16 16 16 38] ptr_as_ref0 token ptr1); goto BB14 } BB14 { @@ -466,13 +472,14 @@ module GhostPtrToken_Test left_val2 <- (let (a, _) = _58 in a); right_val2 <- (let (_, a) = _58 in a); assume { resolve1 _58 }; - switch (left_val2 = right_val2) + _67 <- left_val2 = right_val2; + switch (_67) | False -> goto BB16 | True -> goto BB15 end } BB15 { - [#"../ghost_ptr_token.rs" 17 16 17 38] _82 <- ([#"../ghost_ptr_token.rs" 17 16 17 38] ptr_as_ref0 ([#"../ghost_ptr_token.rs" 17 16 17 21] token) ([#"../ghost_ptr_token.rs" 17 33 17 37] ptr2)); + [#"../ghost_ptr_token.rs" 17 16 17 38] _82 <- ([#"../ghost_ptr_token.rs" 17 16 17 38] ptr_as_ref0 token ptr2); goto BB17 } BB16 { @@ -488,7 +495,8 @@ module GhostPtrToken_Test left_val3 <- (let (a, _) = _80 in a); right_val3 <- (let (_, a) = _80 in a); assume { resolve1 _80 }; - switch (left_val3 = right_val3) + _89 <- left_val3 = right_val3; + switch (_89) | False -> goto BB19 | True -> goto BB18 end diff --git a/creusot/tests/should_succeed/hashmap.mlcfg b/creusot/tests/should_succeed/hashmap.mlcfg index e2130c43b3..8decff6f31 100644 --- a/creusot/tests/should_succeed/hashmap.mlcfg +++ b/creusot/tests/should_succeed/hashmap.mlcfg @@ -54,7 +54,7 @@ module Hashmap_Impl2_Hash goto BB0 } BB0 { - [#"../hashmap.rs" 60 8 60 20] _0 <- ([#"../hashmap.rs" 60 8 60 20] UInt64.of_int (UIntSize.to_int ([#"../hashmap.rs" 60 8 60 13] self))); + [#"../hashmap.rs" 60 8 60 20] _0 <- ([#"../hashmap.rs" 60 8 60 20] UInt64.of_int (UIntSize.to_int self)); return _0 } @@ -285,11 +285,14 @@ module Hashmap_Impl5_New var size : usize = size; var res : Hashmap_MyHashMap_Type.t_myhashmap k v; var _6 : Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global); + var _7 : Hashmap_List_Type.t_list (k, v); { goto BB0 } BB0 { - [#"../hashmap.rs" 99 39 99 60] _6 <- ([#"../hashmap.rs" 99 39 99 60] from_elem0 ([#"../hashmap.rs" 99 44 99 53] Hashmap_List_Type.C_Nil) ([#"../hashmap.rs" 99 55 99 59] size)); + [#"../hashmap.rs" 99 44 99 53] _7 <- ([#"../hashmap.rs" 99 44 99 53] Hashmap_List_Type.C_Nil); + [#"../hashmap.rs" 99 39 99 60] _6 <- ([#"../hashmap.rs" 99 39 99 60] from_elem0 _7 size); + _7 <- any Hashmap_List_Type.t_list (k, v); goto BB1 } BB1 { @@ -299,7 +302,7 @@ module Hashmap_Impl5_New } BB2 { [#"../hashmap.rs" 100 8 100 11] _0 <- ([#"../hashmap.rs" 100 8 100 11] res); - [#"../hashmap.rs" 100 8 100 11] res <- any Hashmap_MyHashMap_Type.t_myhashmap k v; + res <- any Hashmap_MyHashMap_Type.t_myhashmap k v; goto BB3 } BB3 { @@ -723,6 +726,7 @@ module Hashmap_Impl5_Add var old_self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)); var length : usize; var index : usize; + var _12 : usize; var _13 : uint64; var _15 : usize; var _16 : bool; @@ -738,6 +742,9 @@ module Hashmap_Impl5_Add var _38 : bool; var _45 : borrowed (Hashmap_List_Type.t_list (k, v)); var _46 : borrowed (Hashmap_List_Type.t_list (k, v)); + var _50 : Hashmap_List_Type.t_list (k, v); + var _51 : (k, v); + var _55 : Hashmap_List_Type.t_list (k, v); { goto BB0 } @@ -748,27 +755,29 @@ module Hashmap_Impl5_Add BB1 { assert { [@expl:type invariant] inv0 old_self }; assume { resolve0 old_self }; - [#"../hashmap.rs" 109 21 109 39] length <- ([#"../hashmap.rs" 109 21 109 39] len0 ([#"../hashmap.rs" 109 21 109 33] Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))); + [#"../hashmap.rs" 109 21 109 39] length <- ([#"../hashmap.rs" 109 21 109 39] len0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))); goto BB2 } BB2 { - [#"../hashmap.rs" 110 27 110 37] _13 <- ([#"../hashmap.rs" 110 27 110 37] hash0 ([#"../hashmap.rs" 110 27 110 30] key)); + [#"../hashmap.rs" 110 27 110 37] _13 <- ([#"../hashmap.rs" 110 27 110 37] hash0 key); goto BB3 } BB3 { + [#"../hashmap.rs" 110 27 110 46] _12 <- ([#"../hashmap.rs" 110 27 110 46] UIntSize.of_int (UInt64.to_int _13)); + _13 <- any uint64; [#"../hashmap.rs" 110 49 110 55] _15 <- ([#"../hashmap.rs" 110 49 110 55] length); - [#"../hashmap.rs" 110 27 110 55] _16 <- ([#"../hashmap.rs" 110 27 110 55] _15 = ([#"../hashmap.rs" 110 27 110 55] [#"../hashmap.rs" 110 27 110 55] (0 : usize))); + [#"../hashmap.rs" 110 27 110 55] _16 <- ([#"../hashmap.rs" 110 27 110 55] _15 = (0 : usize)); assert { [@expl:remainder by zero] [#"../hashmap.rs" 110 27 110 55] not _16 }; goto BB4 } BB4 { - [#"../hashmap.rs" 110 27 110 55] index <- ([#"../hashmap.rs" 110 27 110 55] ([#"../hashmap.rs" 110 27 110 46] UIntSize.of_int (UInt64.to_int _13)) % _15); - _13 <- any uint64; + [#"../hashmap.rs" 110 27 110 55] index <- ([#"../hashmap.rs" 110 27 110 55] _12 % _15); + _12 <- any usize; _15 <- any usize; [#"../hashmap.rs" 111 39 111 51] _20 <- Borrow.borrow_final (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../hashmap.rs" 111 39 111 51] self <- { self with current = (let Hashmap_MyHashMap_Type.C_MyHashMap x0 = * self in Hashmap_MyHashMap_Type.C_MyHashMap ( ^ _20)) ; }; assume { inv1 ( ^ _20) }; - [#"../hashmap.rs" 111 51 111 58] _19 <- ([#"../hashmap.rs" 111 51 111 58] index_mut0 _20 ([#"../hashmap.rs" 111 52 111 57] index)); + [#"../hashmap.rs" 111 51 111 58] _19 <- ([#"../hashmap.rs" 111 51 111 58] index_mut0 _20 index); _20 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global)); goto BB5 } @@ -818,8 +827,8 @@ module Hashmap_Impl5_Add [#"../hashmap.rs" 121 31 121 33] l <- { l with current = (let Hashmap_List_Type.C_Cons x0 x1 = * l in Hashmap_List_Type.C_Cons x0 ( ^ tl)) ; }; assume { inv8 ( ^ tl) }; [#"../hashmap.rs" 122 21 122 23] tl1 <- ([#"../hashmap.rs" 122 21 122 23] tl); - [#"../hashmap.rs" 122 21 122 23] tl <- any borrowed (Hashmap_List_Type.t_list (k, v)); - [#"../hashmap.rs" 123 15 123 24] _38 <- ([#"../hashmap.rs" 123 15 123 24] eq0 ([#"../hashmap.rs" 123 15 123 17] * k) ([#"../hashmap.rs" 123 21 123 24] key)); + tl <- any borrowed (Hashmap_List_Type.t_list (k, v)); + [#"../hashmap.rs" 123 15 123 24] _38 <- ([#"../hashmap.rs" 123 15 123 24] eq0 ( * k) key); goto BB11 } BB11 { @@ -837,7 +846,7 @@ module Hashmap_Impl5_Add assume { resolve6 key }; assert { [@expl:type invariant] inv7 val' }; assume { resolve7 val' }; - [#"../hashmap.rs" 124 16 124 24] v <- { v with current = ([#"../hashmap.rs" 124 21 124 24] val') ; }; + [#"../hashmap.rs" 124 16 124 24] v <- { v with current = ([#"../hashmap.rs" 124 16 124 24] val') ; }; assert { [@expl:type invariant] inv7 ( * v) }; assume { resolve7 ( * v) }; assert { [@expl:type invariant] inv9 v }; @@ -866,7 +875,7 @@ module Hashmap_Impl5_Add assert { [@expl:type invariant] inv3 l }; assume { resolve1 l }; [#"../hashmap.rs" 128 12 128 25] l <- ([#"../hashmap.rs" 128 12 128 25] _45); - [#"../hashmap.rs" 128 12 128 25] _45 <- any borrowed (Hashmap_List_Type.t_list (k, v)); + _45 <- any borrowed (Hashmap_List_Type.t_list (k, v)); assert { [@expl:type invariant] inv3 _46 }; assume { resolve1 _46 }; assert { [@expl:type invariant] inv11 tl1 }; @@ -878,16 +887,22 @@ module Hashmap_Impl5_Add assume { resolve6 key }; assert { [@expl:type invariant] inv7 val' }; assume { resolve7 val' }; + [#"../hashmap.rs" 131 18 131 28] _51 <- ([#"../hashmap.rs" 131 18 131 28] (key, val')); + [#"../hashmap.rs" 131 39 131 42] _55 <- ([#"../hashmap.rs" 131 39 131 42] Hashmap_List_Type.C_Nil); goto BB15 } BB15 { + [#"../hashmap.rs" 131 13 131 44] _50 <- ([#"../hashmap.rs" 131 13 131 44] Hashmap_List_Type.C_Cons _51 _55); + _51 <- any (k, v); + _55 <- any Hashmap_List_Type.t_list (k, v); goto BB16 } BB16 { goto BB17 } BB17 { - [#"../hashmap.rs" 131 8 131 10] l <- { l with current = ([#"../hashmap.rs" 131 13 131 44] Hashmap_List_Type.C_Cons ([#"../hashmap.rs" 131 18 131 28] (([#"../hashmap.rs" 131 19 131 22] key), ([#"../hashmap.rs" 131 24 131 27] val'))) ([#"../hashmap.rs" 131 39 131 42] Hashmap_List_Type.C_Nil)) ; }; + [#"../hashmap.rs" 131 8 131 10] l <- { l with current = ([#"../hashmap.rs" 131 8 131 10] _50) ; }; + _50 <- any Hashmap_List_Type.t_list (k, v); assert { [@expl:type invariant] inv2 ( * l) }; assume { resolve9 ( * l) }; assert { [@expl:type invariant] inv3 l }; @@ -1197,11 +1212,11 @@ module Hashmap_Impl5_Get val resolve0 (self : Hashmap_MyHashMap_Type.t_myhashmap k v) : bool ensures { result = resolve0 self } - use prelude.UInt64 val len0 (self : Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global)) : usize requires {inv7 self} ensures { [#"../../../../creusot-contracts/src/std/vec.rs" 75 26 75 48] UIntSize.to_int result = Seq.length (shallow_model3 self) } + use prelude.UInt64 use prelude.UInt64 val hash0 [#"../hashmap.rs" 51 4 51 26] (self : k) : uint64 requires {[#"../hashmap.rs" 51 13 51 17] inv2 self} @@ -1222,6 +1237,7 @@ module Hashmap_Impl5_Get var self : Hashmap_MyHashMap_Type.t_myhashmap k v = self; var key : k = key; var index : usize; + var _7 : usize; var _8 : uint64; var _10 : usize; var _12 : bool; @@ -1236,25 +1252,27 @@ module Hashmap_Impl5_Get goto BB0 } BB0 { - [#"../hashmap.rs" 142 27 142 37] _8 <- ([#"../hashmap.rs" 142 27 142 37] hash0 ([#"../hashmap.rs" 142 27 142 30] key)); + [#"../hashmap.rs" 142 27 142 37] _8 <- ([#"../hashmap.rs" 142 27 142 37] hash0 key); goto BB1 } BB1 { - [#"../hashmap.rs" 142 49 142 67] _10 <- ([#"../hashmap.rs" 142 49 142 67] len0 ([#"../hashmap.rs" 142 49 142 61] Hashmap_MyHashMap_Type.myhashmap_buckets self)); + [#"../hashmap.rs" 142 27 142 46] _7 <- ([#"../hashmap.rs" 142 27 142 46] UIntSize.of_int (UInt64.to_int _8)); + _8 <- any uint64; + [#"../hashmap.rs" 142 49 142 67] _10 <- ([#"../hashmap.rs" 142 49 142 67] len0 (Hashmap_MyHashMap_Type.myhashmap_buckets self)); goto BB2 } BB2 { - [#"../hashmap.rs" 142 27 142 67] _12 <- ([#"../hashmap.rs" 142 27 142 67] _10 = ([#"../hashmap.rs" 142 27 142 67] [#"../hashmap.rs" 142 27 142 67] (0 : usize))); + [#"../hashmap.rs" 142 27 142 67] _12 <- ([#"../hashmap.rs" 142 27 142 67] _10 = (0 : usize)); assert { [@expl:remainder by zero] [#"../hashmap.rs" 142 27 142 67] not _12 }; goto BB3 } BB3 { - [#"../hashmap.rs" 142 27 142 67] index <- ([#"../hashmap.rs" 142 27 142 67] ([#"../hashmap.rs" 142 27 142 46] UIntSize.of_int (UInt64.to_int _8)) % _10); - _8 <- any uint64; + [#"../hashmap.rs" 142 27 142 67] index <- ([#"../hashmap.rs" 142 27 142 67] _7 % _10); + _7 <- any usize; _10 <- any usize; assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../hashmap.rs" 143 33 143 40] _14 <- ([#"../hashmap.rs" 143 33 143 40] index0 ([#"../hashmap.rs" 143 21 143 33] Hashmap_MyHashMap_Type.myhashmap_buckets self) ([#"../hashmap.rs" 143 34 143 39] index)); + [#"../hashmap.rs" 143 33 143 40] _14 <- ([#"../hashmap.rs" 143 33 143 40] index0 (Hashmap_MyHashMap_Type.myhashmap_buckets self) index); goto BB4 } BB4 { @@ -1284,7 +1302,7 @@ module Hashmap_Impl5_Get assume { resolve1 l }; assert { [@expl:type invariant] inv2 k }; assume { resolve2 k }; - [#"../hashmap.rs" 147 15 147 24] _25 <- ([#"../hashmap.rs" 147 15 147 24] eq0 ([#"../hashmap.rs" 147 15 147 17] k) ([#"../hashmap.rs" 147 21 147 24] key)); + [#"../hashmap.rs" 147 15 147 24] _25 <- ([#"../hashmap.rs" 147 15 147 24] eq0 k key); goto BB9 } BB9 { @@ -1300,7 +1318,7 @@ module Hashmap_Impl5_Get assume { resolve5 key }; assert { [@expl:type invariant] inv3 v }; assume { resolve3 v }; - [#"../hashmap.rs" 148 23 148 30] _0 <- ([#"../hashmap.rs" 148 23 148 30] Core_Option_Option_Type.C_Some ([#"../hashmap.rs" 148 28 148 29] v)); + [#"../hashmap.rs" 148 23 148 30] _0 <- ([#"../hashmap.rs" 148 23 148 30] Core_Option_Option_Type.C_Some v); goto BB13 } BB11 { @@ -1311,7 +1329,7 @@ module Hashmap_Impl5_Get assume { resolve4 tl }; assert { [@expl:type invariant] inv1 _31 }; assume { resolve1 _31 }; - [#"../hashmap.rs" 150 12 150 21] l <- ([#"../hashmap.rs" 150 16 150 21] _31); + [#"../hashmap.rs" 150 12 150 21] l <- ([#"../hashmap.rs" 150 12 150 21] _31); goto BB5 } BB12 { @@ -1704,15 +1722,18 @@ module Hashmap_Impl5_Resize var self : borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v) = self; var old_self : Snapshot.snap_ty (borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v)); var new : Hashmap_MyHashMap_Type.t_myhashmap k v; + var _9 : usize; var _10 : usize; var i : usize; var _21 : (); + var _22 : bool; var _24 : usize; var l : Hashmap_List_Type.t_list (k, v); var _27 : borrowed (Hashmap_List_Type.t_list (k, v)); var _28 : borrowed (Hashmap_List_Type.t_list (k, v)); var _29 : borrowed (Hashmap_List_Type.t_list (k, v)); var _30 : borrowed (Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global)); + var _32 : Hashmap_List_Type.t_list (k, v); var k : k; var v : v; var tl : Hashmap_List_Type.t_list (k, v); @@ -1728,16 +1749,18 @@ module Hashmap_Impl5_Resize BB1 { assert { [@expl:type invariant] inv0 old_self }; assume { resolve0 old_self }; - [#"../hashmap.rs" 163 32 163 50] _10 <- ([#"../hashmap.rs" 163 32 163 50] len0 ([#"../hashmap.rs" 163 32 163 44] Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))); + [#"../hashmap.rs" 163 32 163 50] _10 <- ([#"../hashmap.rs" 163 32 163 50] len0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))); goto BB2 } BB2 { - [#"../hashmap.rs" 163 22 163 55] new <- ([#"../hashmap.rs" 163 22 163 55] new1 ([#"../hashmap.rs" 163 32 163 54] _10 * ([#"../hashmap.rs" 163 53 163 54] [#"../hashmap.rs" 163 53 163 54] (2 : usize)))); + [#"../hashmap.rs" 163 32 163 54] _9 <- ([#"../hashmap.rs" 163 32 163 54] _10 * (2 : usize)); _10 <- any usize; + [#"../hashmap.rs" 163 22 163 55] new <- ([#"../hashmap.rs" 163 22 163 55] new1 _9); + _9 <- any usize; goto BB3 } BB3 { - [#"../hashmap.rs" 165 27 165 28] i <- ([#"../hashmap.rs" 165 27 165 28] [#"../hashmap.rs" 165 27 165 28] (0 : usize)); + [#"../hashmap.rs" 165 27 165 28] i <- ([#"../hashmap.rs" 165 27 165 28] (0 : usize)); goto BB4 } BB4 { @@ -1757,11 +1780,13 @@ module Hashmap_Impl5_Resize goto BB7 } BB7 { - [#"../hashmap.rs" 176 18 176 36] _24 <- ([#"../hashmap.rs" 176 18 176 36] len0 ([#"../hashmap.rs" 176 18 176 30] Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))); + [#"../hashmap.rs" 176 18 176 36] _24 <- ([#"../hashmap.rs" 176 18 176 36] len0 (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self))); goto BB8 } BB8 { - switch ([#"../hashmap.rs" 176 14 176 36] ([#"../hashmap.rs" 176 14 176 15] i) < _24) + [#"../hashmap.rs" 176 14 176 36] _22 <- ([#"../hashmap.rs" 176 14 176 36] i < _24); + _24 <- any usize; + switch (_22) | False -> goto BB29 | True -> goto BB9 end @@ -1770,7 +1795,7 @@ module Hashmap_Impl5_Resize [#"../hashmap.rs" 177 56 177 68] _30 <- Borrow.borrow_mut (Hashmap_MyHashMap_Type.myhashmap_buckets ( * self)); [#"../hashmap.rs" 177 56 177 68] self <- { self with current = (let Hashmap_MyHashMap_Type.C_MyHashMap x0 = * self in Hashmap_MyHashMap_Type.C_MyHashMap ( ^ _30)) ; }; assume { inv4 ( ^ _30) }; - [#"../hashmap.rs" 177 68 177 71] _29 <- ([#"../hashmap.rs" 177 68 177 71] index_mut0 _30 ([#"../hashmap.rs" 177 69 177 70] i)); + [#"../hashmap.rs" 177 68 177 71] _29 <- ([#"../hashmap.rs" 177 68 177 71] index_mut0 _30 i); _30 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (Hashmap_List_Type.t_list (k, v)) (Alloc_Alloc_Global_Type.t_global)); goto BB10 } @@ -1781,8 +1806,10 @@ module Hashmap_Impl5_Resize [#"../hashmap.rs" 177 51 177 71] _27 <- Borrow.borrow_final ( * _28) (Borrow.get_id _28); [#"../hashmap.rs" 177 51 177 71] _28 <- { _28 with current = ( ^ _27) ; }; assume { inv5 ( ^ _27) }; - [#"../hashmap.rs" 177 33 177 83] l <- ([#"../hashmap.rs" 177 33 177 83] replace0 _27 ([#"../hashmap.rs" 177 73 177 82] Hashmap_List_Type.C_Nil)); + [#"../hashmap.rs" 177 73 177 82] _32 <- ([#"../hashmap.rs" 177 73 177 82] Hashmap_List_Type.C_Nil); + [#"../hashmap.rs" 177 33 177 83] l <- ([#"../hashmap.rs" 177 33 177 83] replace0 _27 _32); _27 <- any borrowed (Hashmap_List_Type.t_list (k, v)); + _32 <- any Hashmap_List_Type.t_list (k, v); goto BB11 } BB11 { @@ -1832,7 +1859,7 @@ module Hashmap_Impl5_Resize [#"../hashmap.rs" 188 34 188 35] k <- ([#"../hashmap.rs" 188 34 188 35] let (a, _) = Hashmap_List_Type.cons_0 l in a); [#"../hashmap.rs" 188 37 188 38] v <- ([#"../hashmap.rs" 188 37 188 38] let (_, a) = Hashmap_List_Type.cons_0 l in a); [#"../hashmap.rs" 188 41 188 43] tl <- ([#"../hashmap.rs" 188 41 188 43] Hashmap_List_Type.cons_1 l); - [#"../hashmap.rs" 188 41 188 43] l <- (let Hashmap_List_Type.C_Cons x0 x1 = l in Hashmap_List_Type.C_Cons x0 (any Hashmap_List_Type.t_list (k, v))); + l <- (let Hashmap_List_Type.C_Cons x0 x1 = l in Hashmap_List_Type.C_Cons x0 (any Hashmap_List_Type.t_list (k, v))); assert { [@expl:type invariant] inv5 l }; assume { resolve4 l }; [#"../hashmap.rs" 189 16 189 19] _45 <- Borrow.borrow_mut new; @@ -1842,7 +1869,7 @@ module Hashmap_Impl5_Resize assume { resolve5 k }; assert { [@expl:type invariant] inv8 v }; assume { resolve6 v }; - [#"../hashmap.rs" 189 16 189 29] _44 <- ([#"../hashmap.rs" 189 16 189 29] add0 _45 ([#"../hashmap.rs" 189 24 189 25] k) ([#"../hashmap.rs" 189 27 189 28] v)); + [#"../hashmap.rs" 189 16 189 29] _44 <- ([#"../hashmap.rs" 189 16 189 29] add0 _45 k v); _45 <- any borrowed (Hashmap_MyHashMap_Type.t_myhashmap k v); goto BB21 } @@ -1852,8 +1879,8 @@ module Hashmap_Impl5_Resize goto BB22 } BB22 { - [#"../hashmap.rs" 190 16 190 17] l <- ([#"../hashmap.rs" 190 20 190 23] tl); - [#"../hashmap.rs" 190 20 190 23] tl <- any Hashmap_List_Type.t_list (k, v); + [#"../hashmap.rs" 190 16 190 17] l <- ([#"../hashmap.rs" 190 16 190 17] tl); + tl <- any Hashmap_List_Type.t_list (k, v); goto BB24 } BB24 { @@ -1870,7 +1897,7 @@ module Hashmap_Impl5_Resize goto BB17 } BB27 { - [#"../hashmap.rs" 193 12 193 18] i <- ([#"../hashmap.rs" 193 12 193 18] i + ([#"../hashmap.rs" 193 17 193 18] [#"../hashmap.rs" 193 17 193 18] (1 : usize))); + [#"../hashmap.rs" 193 12 193 18] i <- ([#"../hashmap.rs" 193 12 193 18] i + (1 : usize)); [#"../hashmap.rs" 176 37 194 9] _21 <- ([#"../hashmap.rs" 176 37 194 9] ()); goto BB28 } @@ -1881,8 +1908,8 @@ module Hashmap_Impl5_Resize goto BB30 } BB30 { - [#"../hashmap.rs" 196 8 196 13] self <- { self with current = ([#"../hashmap.rs" 196 16 196 19] new) ; }; - [#"../hashmap.rs" 196 16 196 19] new <- any Hashmap_MyHashMap_Type.t_myhashmap k v; + [#"../hashmap.rs" 196 8 196 13] self <- { self with current = ([#"../hashmap.rs" 196 8 196 13] new) ; }; + new <- any Hashmap_MyHashMap_Type.t_myhashmap k v; assert { [@expl:type invariant] inv2 ( * self) }; assume { resolve1 ( * self) }; assert { [@expl:type invariant] inv3 self }; @@ -2158,92 +2185,92 @@ module Hashmap_Main goto BB0 } BB0 { - [#"../hashmap.rs" 224 42 224 60] h1 <- ([#"../hashmap.rs" 224 42 224 60] new0 ([#"../hashmap.rs" 224 57 224 59] [#"../hashmap.rs" 224 57 224 59] (17 : usize))); + [#"../hashmap.rs" 224 42 224 60] h1 <- ([#"../hashmap.rs" 224 42 224 60] new0 (17 : usize)); goto BB1 } BB1 { - [#"../hashmap.rs" 225 42 225 60] h2 <- ([#"../hashmap.rs" 225 42 225 60] new0 ([#"../hashmap.rs" 225 57 225 59] [#"../hashmap.rs" 225 57 225 59] (42 : usize))); + [#"../hashmap.rs" 225 42 225 60] h2 <- ([#"../hashmap.rs" 225 42 225 60] new0 (42 : usize)); goto BB2 } BB2 { - [#"../hashmap.rs" 226 17 226 26] _x <- ([#"../hashmap.rs" 226 17 226 26] get0 ([#"../hashmap.rs" 226 17 226 19] h1) ([#"../hashmap.rs" 226 24 226 25] [#"../hashmap.rs" 226 24 226 25] (1 : usize))); + [#"../hashmap.rs" 226 17 226 26] _x <- ([#"../hashmap.rs" 226 17 226 26] get0 h1 (1 : usize)); goto BB3 } BB3 { - [#"../hashmap.rs" 227 17 227 26] _y <- ([#"../hashmap.rs" 227 17 227 26] get0 ([#"../hashmap.rs" 227 17 227 19] h1) ([#"../hashmap.rs" 227 24 227 25] [#"../hashmap.rs" 227 24 227 25] (2 : usize))); + [#"../hashmap.rs" 227 17 227 26] _y <- ([#"../hashmap.rs" 227 17 227 26] get0 h1 (2 : usize)); goto BB4 } BB4 { - [#"../hashmap.rs" 228 17 228 26] _z <- ([#"../hashmap.rs" 228 17 228 26] get0 ([#"../hashmap.rs" 228 17 228 19] h2) ([#"../hashmap.rs" 228 24 228 25] [#"../hashmap.rs" 228 24 228 25] (1 : usize))); + [#"../hashmap.rs" 228 17 228 26] _z <- ([#"../hashmap.rs" 228 17 228 26] get0 h2 (1 : usize)); goto BB5 } BB5 { - [#"../hashmap.rs" 229 17 229 26] _t <- ([#"../hashmap.rs" 229 17 229 26] get0 ([#"../hashmap.rs" 229 17 229 19] h2) ([#"../hashmap.rs" 229 24 229 25] [#"../hashmap.rs" 229 24 229 25] (2 : usize))); + [#"../hashmap.rs" 229 17 229 26] _t <- ([#"../hashmap.rs" 229 17 229 26] get0 h2 (2 : usize)); goto BB6 } BB6 { [#"../hashmap.rs" 233 4 233 6] _12 <- Borrow.borrow_mut h1; [#"../hashmap.rs" 233 4 233 6] h1 <- ^ _12; - [#"../hashmap.rs" 233 4 233 17] _11 <- ([#"../hashmap.rs" 233 4 233 17] add0 _12 ([#"../hashmap.rs" 233 11 233 12] [#"../hashmap.rs" 233 11 233 12] (1 : usize)) ([#"../hashmap.rs" 233 14 233 16] [#"../hashmap.rs" 233 14 233 16] (17 : isize))); + [#"../hashmap.rs" 233 4 233 17] _11 <- ([#"../hashmap.rs" 233 4 233 17] add0 _12 (1 : usize) (17 : isize)); _12 <- any borrowed (Hashmap_MyHashMap_Type.t_myhashmap usize isize); goto BB7 } BB7 { - [#"../hashmap.rs" 234 9 234 18] _13 <- ([#"../hashmap.rs" 234 9 234 18] get0 ([#"../hashmap.rs" 234 9 234 11] h1) ([#"../hashmap.rs" 234 16 234 17] [#"../hashmap.rs" 234 16 234 17] (1 : usize))); + [#"../hashmap.rs" 234 9 234 18] _13 <- ([#"../hashmap.rs" 234 9 234 18] get0 h1 (1 : usize)); goto BB8 } BB8 { [#"../hashmap.rs" 234 4 234 18] _x <- ([#"../hashmap.rs" 234 4 234 18] _13); - [#"../hashmap.rs" 234 4 234 18] _13 <- any Core_Option_Option_Type.t_option isize; - [#"../hashmap.rs" 235 9 235 18] _15 <- ([#"../hashmap.rs" 235 9 235 18] get0 ([#"../hashmap.rs" 235 9 235 11] h1) ([#"../hashmap.rs" 235 16 235 17] [#"../hashmap.rs" 235 16 235 17] (2 : usize))); + _13 <- any Core_Option_Option_Type.t_option isize; + [#"../hashmap.rs" 235 9 235 18] _15 <- ([#"../hashmap.rs" 235 9 235 18] get0 h1 (2 : usize)); goto BB9 } BB9 { [#"../hashmap.rs" 235 4 235 18] _y <- ([#"../hashmap.rs" 235 4 235 18] _15); - [#"../hashmap.rs" 235 4 235 18] _15 <- any Core_Option_Option_Type.t_option isize; - [#"../hashmap.rs" 236 9 236 18] _17 <- ([#"../hashmap.rs" 236 9 236 18] get0 ([#"../hashmap.rs" 236 9 236 11] h2) ([#"../hashmap.rs" 236 16 236 17] [#"../hashmap.rs" 236 16 236 17] (1 : usize))); + _15 <- any Core_Option_Option_Type.t_option isize; + [#"../hashmap.rs" 236 9 236 18] _17 <- ([#"../hashmap.rs" 236 9 236 18] get0 h2 (1 : usize)); goto BB10 } BB10 { [#"../hashmap.rs" 236 4 236 18] _z <- ([#"../hashmap.rs" 236 4 236 18] _17); - [#"../hashmap.rs" 236 4 236 18] _17 <- any Core_Option_Option_Type.t_option isize; - [#"../hashmap.rs" 237 9 237 18] _19 <- ([#"../hashmap.rs" 237 9 237 18] get0 ([#"../hashmap.rs" 237 9 237 11] h2) ([#"../hashmap.rs" 237 16 237 17] [#"../hashmap.rs" 237 16 237 17] (2 : usize))); + _17 <- any Core_Option_Option_Type.t_option isize; + [#"../hashmap.rs" 237 9 237 18] _19 <- ([#"../hashmap.rs" 237 9 237 18] get0 h2 (2 : usize)); goto BB11 } BB11 { [#"../hashmap.rs" 237 4 237 18] _t <- ([#"../hashmap.rs" 237 4 237 18] _19); - [#"../hashmap.rs" 237 4 237 18] _19 <- any Core_Option_Option_Type.t_option isize; + _19 <- any Core_Option_Option_Type.t_option isize; [#"../hashmap.rs" 240 4 240 6] _22 <- Borrow.borrow_mut h2; [#"../hashmap.rs" 240 4 240 6] h2 <- ^ _22; - [#"../hashmap.rs" 240 4 240 17] _21 <- ([#"../hashmap.rs" 240 4 240 17] add0 _22 ([#"../hashmap.rs" 240 11 240 12] [#"../hashmap.rs" 240 11 240 12] (1 : usize)) ([#"../hashmap.rs" 240 14 240 16] [#"../hashmap.rs" 240 14 240 16] (42 : isize))); + [#"../hashmap.rs" 240 4 240 17] _21 <- ([#"../hashmap.rs" 240 4 240 17] add0 _22 (1 : usize) (42 : isize)); _22 <- any borrowed (Hashmap_MyHashMap_Type.t_myhashmap usize isize); goto BB12 } BB12 { - [#"../hashmap.rs" 241 9 241 18] _23 <- ([#"../hashmap.rs" 241 9 241 18] get0 ([#"../hashmap.rs" 241 9 241 11] h1) ([#"../hashmap.rs" 241 16 241 17] [#"../hashmap.rs" 241 16 241 17] (1 : usize))); + [#"../hashmap.rs" 241 9 241 18] _23 <- ([#"../hashmap.rs" 241 9 241 18] get0 h1 (1 : usize)); goto BB13 } BB13 { [#"../hashmap.rs" 241 4 241 18] _x <- ([#"../hashmap.rs" 241 4 241 18] _23); - [#"../hashmap.rs" 241 4 241 18] _23 <- any Core_Option_Option_Type.t_option isize; - [#"../hashmap.rs" 242 9 242 18] _25 <- ([#"../hashmap.rs" 242 9 242 18] get0 ([#"../hashmap.rs" 242 9 242 11] h1) ([#"../hashmap.rs" 242 16 242 17] [#"../hashmap.rs" 242 16 242 17] (2 : usize))); + _23 <- any Core_Option_Option_Type.t_option isize; + [#"../hashmap.rs" 242 9 242 18] _25 <- ([#"../hashmap.rs" 242 9 242 18] get0 h1 (2 : usize)); goto BB14 } BB14 { [#"../hashmap.rs" 242 4 242 18] _y <- ([#"../hashmap.rs" 242 4 242 18] _25); - [#"../hashmap.rs" 242 4 242 18] _25 <- any Core_Option_Option_Type.t_option isize; - [#"../hashmap.rs" 243 9 243 18] _27 <- ([#"../hashmap.rs" 243 9 243 18] get0 ([#"../hashmap.rs" 243 9 243 11] h2) ([#"../hashmap.rs" 243 16 243 17] [#"../hashmap.rs" 243 16 243 17] (1 : usize))); + _25 <- any Core_Option_Option_Type.t_option isize; + [#"../hashmap.rs" 243 9 243 18] _27 <- ([#"../hashmap.rs" 243 9 243 18] get0 h2 (1 : usize)); goto BB15 } BB15 { [#"../hashmap.rs" 243 4 243 18] _z <- ([#"../hashmap.rs" 243 4 243 18] _27); - [#"../hashmap.rs" 243 4 243 18] _27 <- any Core_Option_Option_Type.t_option isize; - [#"../hashmap.rs" 244 9 244 18] _29 <- ([#"../hashmap.rs" 244 9 244 18] get0 ([#"../hashmap.rs" 244 9 244 11] h2) ([#"../hashmap.rs" 244 16 244 17] [#"../hashmap.rs" 244 16 244 17] (2 : usize))); + _27 <- any Core_Option_Option_Type.t_option isize; + [#"../hashmap.rs" 244 9 244 18] _29 <- ([#"../hashmap.rs" 244 9 244 18] get0 h2 (2 : usize)); goto BB16 } BB16 { [#"../hashmap.rs" 244 4 244 18] _t <- ([#"../hashmap.rs" 244 4 244 18] _29); - [#"../hashmap.rs" 244 4 244 18] _29 <- any Core_Option_Option_Type.t_option isize; + _29 <- any Core_Option_Option_Type.t_option isize; [#"../hashmap.rs" 217 14 247 1] _0 <- ([#"../hashmap.rs" 217 14 247 1] ()); goto BB17 } diff --git a/creusot/tests/should_succeed/hashmap/why3session.xml b/creusot/tests/should_succeed/hashmap/why3session.xml index a607e2c377..59f0b1a1a5 100644 --- a/creusot/tests/should_succeed/hashmap/why3session.xml +++ b/creusot/tests/should_succeed/hashmap/why3session.xml @@ -14,7 +14,7 @@ - + @@ -29,11 +29,11 @@ - - + + - - + + @@ -42,7 +42,7 @@ - + @@ -69,7 +69,7 @@ - + @@ -84,7 +84,7 @@ - + @@ -96,34 +96,34 @@ - + - + - + - + - + - + - + - + - + @@ -132,93 +132,93 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -235,7 +235,7 @@ - + @@ -250,7 +250,7 @@ - + @@ -263,20 +263,20 @@ - - + + - - + + - - + + - + @@ -318,13 +318,13 @@ - + - + @@ -333,10 +333,10 @@ - + - + @@ -383,131 +383,131 @@ - - + + - - + + - - + + - - + + - + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - + - - + + - - + + - - + + - - + + diff --git a/creusot/tests/should_succeed/hashmap/why3shapes.gz b/creusot/tests/should_succeed/hashmap/why3shapes.gz index df19aca4c92f0b762a0881bc9a7ca8caa15c7f37..89987a474ea690ac720e62de0610ddded9b10a50 100644 GIT binary patch literal 10206 zcmV<4Cn4A$iwFP!00000|LuKSa~!vl<~x4{-_EZ01^3H_9I*_C70rm5vkx=Tk7D5J z!x1fdC0UZ^*YB4=RdscDHQAIXQnK3Tv{)A)k;qKs1xTR&$4}?){uTZx@6JDzx9_fR z-~8`$bN|%Jy{9ta=H~WeZ&a+sfK~WCd}0@^!d{U}dQ6B7Amv()mtw8POTO0QC0iS`*`9HE zf!_R9-fu&t7i+G~hjgChK8 zy8;~6uh`nZ91!)?`4r_`-LtC_HVFWbGwlb4z#ye9exV$ z%1!N3BR1D2ye@yWD;qw9n}5(ay1mI)R3L!Po04pLe)j&aKgu~Cg}2w?&HJ2v?){iRUGZf#z{ma$qkT5i zsm>Yxmfy5d68`h;pJgn5 z_Rs#VJv@6`es2Tp?Ros`{J+cF+xB`7T)zHrO)79IHR~68dne+0r)OaZ?^qijZ5O3eUz5Q77KYo9`RpeEJ zTd&`Qn_ho_*=3-=o)Li!z1k8aJr;tJ*j$=kbdu$(a`WyZ&@YE!>wzHku7r*YEFx@oE>wz2!F#9;@c%gK=y=18Xm4 zJ`yQM47mTe{k=@qU??|l`cZ3K9*qlG*l@jt`*pu0K3*SadMdK@aJleW@P*QNI!AI= zsK08KUyvL4=JqPz{uyt|RRo={-~84Jp{=zLyM6n=Bgh6u%)pBgq*w;oM#tjw8PZ3H zK7Tst+imJggoHm_{*K}+pEH&p#aVtoA1)7YkYC&@6?`rhd`B*R?i~E(>X+L$@4_b@ zJ_&jVx9Z(huO0sL&p&RU34aQ&!zVdt<=1noylq5O@y4@mA+X z-hn@rdxiD^Y3zY$JrINM{Hi1QQ+R*V+u_vCNOe41Kvz!4$_*bSeyZW4mhhnhuL$0N zg=|>JhJ|ZyniEU|?q>9if9lk|l5WTIoV&#&C3|jitJLc>V4iw8m{>{IEnFh-!$Z}Z zf*+tvBL*MP+4CsyzIWk$mxcF(Fo^zggrYmF(OJR$=vDNG__Ggslrm~$EINVKgJ*H0 zW`4y@C%K-zC&+WpqusVpvGr$qrH9*l)vdnM)j&w}uDtyadPsDyLe)>FyLX$~XiWX} zJb`0Dqu|B|(1-21T-5(^tI1iZb~CD5c~JlBX4=(VN?g?S9+GI-d`AzKJBZJ#x?IvkJpao0r+l z%53IjHZwAt`IyaY%w{fTGZQn-!%VXm=x49sT!Wi$J-nR}Vdyxc#ba>wM1olnk; zRqQkwHz3K@+`l}2UgK~eJx1F6P=O^;7mK1Uc3d5?LU;iU@lZIxxj(wP{xr^=0beMXiH!3J z(8G|zHP!06Yc}}xWtU-SftP#Ad#HFMeCpyC000UNuNS1J9!REPhWC&vI~sv!ZCze` z8Tn)r;};~^pV_u_~+c`f`}*q!)p39j71zO4kl4!2@N zUfhGcq*#AIUXTL5vym?xV#~vcBCm1msf(?#-=B-&ayK5{QF*V1b*0;P@3$6~{?E>` z=uj|RU+=G(is98f(jZFiIy7gC3$Bj>`LWd50!_Q8zF`5Mt2939G`_9W_(rSoiz7mc zC(~+YkEZ$m_N01b1F$qJMZV9%q|~l{I(tluEl0k|wZk-Z zjM-L8W?Su=?Zx@b!Q_ZuZY|6+nC)fDH+h+lB(P!>SaA~Adj)pMM3#?mgWyjCFW4v`g(~#uvIPD8?_dNMS4$zvz za}`VePk%E_gYdnjueD&CDX5)+MsP3hkNDQoZpLD}>9dNn$9!#EA8qYoda8!8*)GNr zxVD3-Zx@>}I6faQf5yLaN>le5QP-NX8u0J0o9cLZG0gmIfPxP_(W_sK<8Q5p^e@(~ z#u2zS{$iXa^=+W7Eo*47yG9>i%pahoU#XJuYomW1haaxnL$@^ijA;di&KVkh`1jW> z>A-^q09dMDyKv)bU!qZNkY{>5jzI!94nokaLAq-Y8s5sS4I3%08^!gn`*OT)a~3m9 zb?Yi>Ydd19?VZCARiOtu=TphAt>em?*o{1-#qp zg0c-hTPr_yLHWD8pzIX%q3l|@shy7t?R@;WILtN)lx&tj$!7_a;_xiGTFd6zMH|01k&l$>1NfcQ~MPy?tqS#ACWK$}l=*v%giHEK7;XFgT zQ~Ibh!~IHAO6f@QyHfh54mT|}EK}Z{BR5n*V`@kqyc(9>`^C&dQ`17rI7Qr|`Q7!& z-TPK!Z@u#iV2v37l@N7{=pBYi@~uM`r_dnyqF2VFp2ki z9tjNr#AZ%-khy;Uf%3d}ZC`)&nzG~fUrk1FBm(VuxVO7oh?xr4r~P7bU#02NMC$|1O_j}Ek@m1GQHVFc<$B{g!;_c89uYa4^Fbumx!5j#rpCHB z;l6peQm>`jbJWJt=!w{Kfhf8g9iWjG+cLG-o{W`vM7c&D$(<|H7Z_QONJ=$5Ib}=|Wra?o5VwzJq-zjBwEH_1Q z^E>$b|D?)YGd4IongeB0k38sNcPADe^;c^lTjRslp95>F)Qt{HAfDR8mT%n+tx|5r z95j^8qQ6FDe|bTJ;`5lO{mx_B*Q7lHj+d7kZfZ9qk?0(q)}AKWjN+3ZI{iJd@UzEkB*`M5k!BKC@H^vg~{(SFgE z2APH}E970h*iKW~N#1)sW$qoAvYC}U0@3cy-2rCZ_mbS-VcIHq7v=jFML zzPsbC=-s3_dXw39%_Er_UJpDyS_u3k1b3rOC67)d+pc10cKsZ$IfHs`7^-xuNN9N&|sR8jYHNfY3;FuvLo_?X0U)t}8DOiw1iOU$NihWo`)Hl(>MI1DO`wznhSCr4Tmvn0wc z?%tkl2Hr9qo87>NyZwp)AMUs61-2&-cidh(mY^lu=~ANH;!fbD+Pm|LL!$@8en5KZ z-GIw{-g2=$N(%RPmK$4n)l2r-1u<>_7H$MF?9|?D0PYX*XKzo9m^J{5z5#dutozFm zwCxQ{pzQ{9-vli7HUVEv$!^rhSabqy`_$i*qdIiP4n^>$s~-Z>ZrbCY#+orYSx-%^spUx_^Wy%A=a`V+31%Spq4_50#}%jT z?bUZn*1YWYklk5$YXvrIbMl@dpVXnnxpC9?R;}?yhfii${@Ogc9qi+5`=A;!dirkL zr9rUsOwG2@+SziSrt7u>`(d^>@x$Kcl=&80y_d(`o*nQ!@op{kLV}SRUTqSrY2JT( z;br9Xum{l3mk{l+ZyK%8#a(J)TrPfnzkk3Vpt$)FBSE!B?-^6(7(gg?uTnDmgTy?< zMd0`Q2#592UX=DZP6E;EL0*FD4IigW?Lp-CqQK8qrgo&fz28fCkhC46cxU9B6tCYg z-r^XM^hdSUfzMl0Y_~O(xmUUSeYy1qe1&^e`pu3a-%+%~4!9?>acJ$aja%!$eO8UK z5@u9r_G3FAK^;YlqoN>rgzKq~qo}@@RC=FO-8zh`ME`4hmZqPKGJhnNiX0m@E>E#M zRGG_%DRZ%<%r`S;;;RLGkD|-v0|P$!RI2<)3hwCgt!j5KsmLQ1q_$^>)#7;qVsA}F z-4lv0t*IPAAbv z*qa`Vvv@Q;f1UB~%RYPEa`qQ(%$gfY{vK02+{J>8LV-i)+oH0*&$h0Oq>S}#%WBM) zWknMxvurDRD;pFCGMj#+?GbI?qk|g!gWAU|YoC^(^J0V4LAWEfb{X4FLw`&+{IY== z0PK;+?@Hk|Jdz|3U7JlN3?C4~H|g_YlRhsu>GNun1Ee=8KxUHxWH$*wZj=8r9L>|VcC=!& zL19ibJlH;Pnyli_Yh|DhUk>?4N-t+Wa#FZ6P9{FZ33nzxF4mjpJ}TYMo|cJ^Xscbc z)gs!oVQ4~I97KC7oi9z>pp?G{?frUNXp0f;iQ0S@ZN80mI|K+OoQ&mww)BV4hVQdT zZGC6T>tek*+S2b*Te=;zrCUIIdB>T=z~c*wK=wBSrU|~p&vd(m*l;Sk=KFeJNL@8) z+!;0?tJ|9$H6YE-=p~1eV6=nNfrr%X$oZf81l8=cb=^xSiqJ-W$b+D@Ic6@t9Nwj{{)83&evLt11J8s<2~;y^YU^+?5wKHl~*!)RV0^6B~zhYoMy5_ z#q~K~v9rLc%&}>;R(|DHc4bz2rB-q!&P3HhE5p5&oJUoP zutJq+s*lXNakJuj#np<-6&EYc z@S6;0OvRL7bE!wl7ly{+Kug;}eNxhQ5N3Nt;NxqWo^P4j{Yo8rATJc;Z7dfRY zxDQ5zl)XEbekI*X+Q)2^1HNF2fiXIYQnX<)OOvIrQOn+_;w!}-yImEmavF53GNt6J zcMQ#o$RHgmsdJ@PO0JZ6{HBFd%8DGbRi8|4zY@e|IW2oY5o+LVBke(Km)CcPtgnEw6r#*l9d*n7g|0M zGA2d~X~-pVU$RrVXjfCwq9n$HvLuj(t+Zchx6*c{p%L^-tEa%tTknhE%)snHABX~8 zS)Vb2v=hFXh8ur2^rX|t1Q|JFCRAm02rdyQWX`gsu6e%lY~|nry6>-plI5VhhDn!BCeJN=9LpFyEDbj` z$ksu*^5VPf9Xex-tTt0_fQUvr2e;KEF5xf76kG4i%IlR^-*GpU64hIm$^Xv@20*bA z5-(LN@YN@>tsH!J-Lpg?W z4AGBYdAIWRyP}za;KMs|49;x{QbO3B_f;_#omXavElyyjX9Nhk_&mF-JEs>_8!tzj8Y+a4HX+o#t21>lVud0cBm;%G&~rZGZVAR z@Sh@LaYU&(NG$)&cmQS>QWJljS zrXl0ZtH8Bm7J3D-T836(p^A9U6-p}7zA zDoh6>u})~8;Wu03auhr>RS>PqU@I$d+u(kH3WBKc13OkQ0;wj;D8Nops2D8mtqB3% zuCp%B2xWc_H~NEKr;s;Vm2g%|iUwA+Z$!t{(F_HWg3(KdWqRZF#u!|?E$z0bzi zplnHeSTpF|{=U0Pu8;|a_Cfhrr7gVe!toK21Z_;*p40z3^ccfj`sAW<5N{3lPpIJF zr)ybN$*wV1ptRrw4A3yj1xC4`QNCrC{tna-DTw4XL&PF$7EZHVq)kqj$asyqQv(oD z>BpgpVHIACGE6`L=pucQGBfWr`8X=1aZX$CACWpyMw)|wj;N#!;X@#VvXn2Ztt%=| zv!R27_hV8?=@M8hQ3%Bh0?P=$Lcw}+mZB`e?9W>M(Bz6%X3(cFp;CgY5q#Fg*_3l( zF0!;gyZA$si`8P`#w#zmt<}OE)2bLKZMZGT4u?)`%>sTIx&E%vk*vkIS{+l8wmz8b zjPNXhtb+FH=Ka~a6CIc6NHb?ndF@28N~$VcDT>G7Wk|G-?C`AGiJptIDqI;=JdcSf zpA?6ep0#M(Jhci@9G?9;(Q|QDo(WpNlA77X5YzFhKu}(#WEG~_?9Wo2=(t2j=t^ds zQP$}Qk1r}0V1K+WN@oF)Jr^)q0#-}#CrUOi8qvns4e1$upthJX8;ca<1_^DDQ)1i)JYud0Yh#t8RbVHMJl(X7P#ShB1R0Eg&mCR1DLJKT2rPe(9Qi_D z^Z-Ym-xsygXvFK%nacLAXQ-Fc!v@R`d{K z;%SQhT!2ghawE{RkZ4At9pE5nIRJQ z9;Tja1axIv(;J{VPz~LIfSuvRH)FX zt5KJ(m4DRseKiIx!bAzHMe@Zm}erUgnFwV-oTjpkaG zh#)F7K5O;W@gRpC3~&s?1&+FmsW28R+^OIZ%bB)hMr~j?e@#3T3%5&w(AS~C2Z>Dkagg7NBM5qWot6?Qn zuMJlaSTGP{6@=?Fa!-y|W*XMT(=l#L6;&P6EbJ}6z8SD7h`F$Q_A#TxiPg7K=tctO=>vDjCyV8!dNeJ0WLyFdnR88^*M1ZV zc!(bjCjVV`7J&;L<_Mb&!&q~Rm}*FrL8hbQW)e~|jNf=)G&dzsQc4LPVKQaY8^w82 zPI`FKU3pMDBd@-LJ}E;UCjvkwmG%x%8G;1(0)pufxQdfPbn?6FTcXtfCNpAMU%Yk_ za_G2baJ36}x##COz;Vya17$HpO7Wm~stV3cg=U9UP03Z>&yZ~GxNier5#Zbw%JFpw zX6}xX{qVhVrHt73|?3n<|N&>gK%Vt z1uF|e3B{eMv=(c@dPQ?HkcV@H#+9Z?Ec&6cM`e%79*y_|jd(osct)So@#0L`%(YSp zBBmp}(_#_gDMwRU0B!i}t2j*3beUx0iyDkMM&~%Q+$2}fbg?2x&>K!MorKc9i^J4x zuI_Q#rSHO|WGRCI%~lhwg>cR z5^0s0D|i`ImrgtVZ1};|hKAFOLFK{QK~shcsBIsiqa!mNKl8jeicpI4uva#lSYi#b zeN96MIz`ILj-!2cJPoW7qGp(>gdqakA2Keyqt9Ywm)qwQB(>OCmwJiu| z_hh){4EeJ@DxX44mNZQ*2uF(d6kxVfNF=QlHJoY93JA3QJI{}MWwFwa@--}i4?Oo4 zb|nX!xRSc#jyB+Re5-vh5y7tTDY_CuOe#BcB!^;hfR-?B%6*e?p}zIbzk^8Y-nJGI;h-Ck%>5J6^nW{mX^$ccr4fQJ;W- zBFWR=R6jztz>|5AeB|MA$dq%`DomXv3mCGA3!_Dd+jyB1;=vAm*2@@PFTGckj>I@w;U}}&2 zETxc{9yR}!hKlL%^(43Q_DNsuF znF_#_fGYu4db$S&fFS`xdbID+z6UOjzBccENIDu9e4!j#N4o=puZUxr_0F~=G1<RVNyM_AGynw8PP7 ztAZ3T01U$s66RXf+<>S6O1o03NB3+{Uf)`o#_2Y z^!6E^cgl$RUE)P(A8}*hX;yC_5;#hl zCGVMo7DLIB3t}|Oc@!oEJut+cnDUgXmYG-2bTSdOJ@?R7HD&s`jWLV2L0_!4p@jvgt58>=Jw^Ea;573lDN`YH*_%LnR=aTXi?U{6osILq&;Dg!#MGn${?lg zMAU~6wYZ$EXYC*x8uZ2$3)kFM$E%E^KJ_QUKGaZ|BnzTWReUu*2^TV4CJm#XG|OWk zs@aLSpOY4?G*l~N8XCdMtc56+j;FD7;4OfhD|A?)!wMZ%=&(YE6*{cYVTBGWO~<`~ zxO4=Zmau?TBnHwm&bZMcyQp>XF*w7MHVFVx(a)H)x84Ppo~BJ|8j*l3Tp!a05QkW;{X5v literal 10107 zcmV->CxqA^iwFP!00000|LuKSa~sE!<~x4{-_EZ0rS6vvD`F7}E5L{u@54;s(Tuv< z9Mhs#k|lY5{eIciHvkO~lqgcNaE>81x~sCXGPCklS&jek!{yuG!k^{s<@@sH?akfm z|9xpLfB2sl;YE0NcYX8v-A0Dr!rR}jZ|{C(A(!&!^&fY++_DY33NJQtBVOTe_zNwK z`WLkq8~$n)ZeCxP%qy7KeT+W>2|wR=zS4>d=YNT z>tEkdn{a!3_n{3cHloKW{1HB~Ro7v!$raru#Cni&BZo_|QNtzQ=;4xW494v4ak;{5 zel72|q0)m5SK;OL&v&oORqMnR=1Ca-5&pbxcjUjJ$-n=-#?5~Ze{Q%S8gWpBzv`|4 zhqWuV@vnMBJq>yDI+u?`SG2r? z`l^`X#rD8=yX}8oLM-3BzaibXG#=)91fbp-uUp2a^!XuN3-)p&*fJxa5Hhs@z~9Q7 zn|Igv3avzcs6pZlMkiY{0O2Fur@K7FyEkv{K9u~gKYrh8@=FJ|-nG=h4VE=_AXO7V5Meft6Em%}i2mg6w`fhFDJzVxg|19z{n`2IRJBuLNw zeNBh4erb(K^|Y&wb=(b58l&*N=T3hUf3`XBOV_AT9S_6Ml=N78*g)Sl@IBz$39M^i z-7eVM5vU78!yf4Eh_~Y-Q+WTiDW}^`Gqr}Q-5Fbo;rp+5clkR0m3}YphNq>XdHZb{qpYh+whTxkAiN(p?Z7WdWZk~ z>(5(g!XLu#;iK%e^6zu2yl{8kR2ATd(yeT zwBT+BpZJGH-D~M~{MWfdOj5GsAWPT!bih2#vNy4kuDd{q!1p&*8w!4aG958^kItS) zf#+=s@0u*U>xDtIhXWMdU=7X+z7JkSyNN&hpa&_VL58LyXx)1jw`%5B+%}Ty*>i$C z_dL3lGyghJ)h?j`Y&BZX3ED**_bI8Gi73? zJj|4ZnQ|~=24>8^Oxc$y_cCQ(ro79Pb(!T{?oXv0Nz2%IT4v~C#|&JLB-?QR>hz4p z;XrzbwE3Y1OQJ3oMP2N;I%3PsxYy%6*`ty7cr+3T7nZJnMNFQn;aBO?S-}zrJcR z3@z|#PkHwpPlQiX{0smc4;8{nPtIs2!?8Nv-lI%~MfPA(3 zBw-J4;W0FSVIj%OXTIgnH@6q{;;+|lN=Uy2km>TzyBo^cj;=Dbn7sb}+fkREY;tE) zy5>uMz370C3)}Z!oA)K=-j}#|IsUIUfAigHaZ;-tHL;qTp4ANGsvl>yWvW)A4O`7j z+p4#Bt1UCQ8to%(TD(7KOuH$+=c{cC-1lymb4$GnL&AME^O{$KE4|t>@~g@EH>VwL z!Rk|d`PCQ|tfo+*+l*OY@kW}hAfspM@N`o@bb``ghP&wcAL!6MPK~He0dXHk#e&VA7o!&=jYHkv+~BoG*^D8Y9=$3Bm71 z_>HhTLE92sxr2STr}ulflLPYd9^@qj@ICU9wCd48K68~VuP6$qhUKSLTg$)Q7yadK zkh`PDe(AS~?%uxJ+9&!yI~$yR!*Fx6zxyfrNAvK3D7ovUTr6&#J__W=(r61bZSMEP z0zTJjd{AqATd(m+vGLUjal(@+wu?to{{MJVJ+cj0N;Q!~vyf@p)lV0XX|(0QH+dT0 zzH7t1l&^%H*rPNKr^&2blv%kevqy6M^9#R+ZJ4RG2T`EGVCsfMYyr8q{?>}(=r_H50@|S@0`*!y^g3GZ9!E0`_t4N4_AFs zXBrB8Xdv6gumm^C_iM1b8W!QkxYdvWZQ0+Ap$a?vdu#y$#{33G`l;*WHb(t4tUz3M zH|^32G`efhPtK5z#=k#pNe6Cp0My3FpPF#vYG0z!u9s(eJgh+iH!MQXt%GzVX4)9m zwcBVvP+WBsS3m8`F+JPDRCiOQ-e$m5o1@DRUB+dIwi~U7aXxH~GpxgoZ7*oxBMT9Y zHd=16#iYB0-kM6K^cM%0Ll$hQ118?lo>-mwB0B>j`Lw*oDUxsm)TSm$!1lN zd{z}H4kyUfM(&p_vb{D}ZSBdayi!f&m3k_#G*fk@or){nR9oq1rIl<}TFGbSkYZL2 zDR;{uXJw7!r5%WCwEKbOChAKx3PCw`Y|pOKxu&wL?5h>a?}yVx@7N2y zdN>DHGXd!Hc)!mhp+10^GQ+*hweRn#a(mbCwMV~Gz5D*7(IO5+paTr|PIn8D59HIn zTykplG6x4gcA)v@L466q;mZ7F=(^FjyBK{}+3wOs^HF8ztH|Bz__<3e#nxA@C&w9Xyyy>n$XN)D z@T+mLyLdr^HF3iC&b^gDK<;^ILu(4-_WU0T=?3p-pvAUKElzn0mk(`(EoHF4hMlj} znnvHg{nKm+(YyZL#fxsgp!59jXCv%S!$Z5889+*_Y+Jt#SFQD6XMx(P_kKDqQDmq) zk8*zON$(hLiXP|R#9oi>=itcCZS$Xa-|7Iir2#Nf;~QP<9=pP=_6V_4H&lPvM;xe` zz%&~ys`2 z8DqVrpH6A8mqhae^(^5N&p+X)lqM^Iju56f8+vDa); zFguk(`%Sz0#?+rhA@}OX?fR3Qs=VLFlDq>6n_0^f5N-b45ipx}NaX$r)4{)Em=mA@ z^?@j^iT7~(_{6)W$4PVYxv}k@Co(ns-t+WiA@HLR97mm6o?Ice-F0;;0V&_slilx- z{l7@){_7wHdnIW5)SFk#ylhFqy@iSqcAClKfC;bDKogD+gWc8m|9H^Kyd*PsI^Ekr zffrlFa(xZ$K%qm!?5WQk2#5L|(1mlh9_nh3loWoR8W0at1AMLrPFYgo>6a9Lz?wQu zSow2HD{ta@%+84;(#)SsocYBzCmtlweDpblJMesRIu4W|>LZP7KsI`$m!9>w%(Huo<55YpKiX~><(Jm7#o%H%{wmx6qCclR9e-^%@n`Qui5QQ+ zigx_92dvw}0kmxcjG*lVx*dTPdq-fe$Eq+IWN12qwj=(wzdIIZw!Zz>?$Hme*^71% zch=X>3;EmE{)yXu;`r&F=b^pA2f3c&e%BM6JjEtRcAw3WY|rLM)?1B z(@Dg7knbtlxF;D(c~G&+J^Qt1RZg^%awL0mlpagYUOtF+WByBysWo)R^iL2)dD2h~ z^wwBvXDl?iI!*xsvL~(wP9oiV*!Ol$&0{8CKFVs8pRpQG5p4OD3-;&Bki1`p<|lt2 zSDd!b6d#wYdE4zJyR$3RHJCQ8AKsWd_Oyp_kQn4#{6KZ-YazO?k$Rb_iQ8eLhX&}A59g= zU7CDrTVh~!fAY=GH`r`{S{S3y#WB4wY^MHxzk|RZpt<=8OF?ym-m|F8DS*)IUae&I zSBZIukHGJD5)Lb*y%6S8yab}xgWLqw20l%j+JngNg-D;QP3=H=d%v6TAZa^A^UlaO zYF@u%y~Qaa=}#K10iTbi*zRa(bFX&y`*Q0KI1Bgc^xGXxzN2aT_~VI;97cO=>())+ zKC?!9_A@GsX5*CkpA`DY6Z}nm8Wr`u|{`$y_`VBYHfKx9V5rq~ZAX2p@jth#Tng#i3_^07DP!gC1?i;kY&8 zZ_wjvtE=nojKyI6up>Y_+-cLf+RhRT^*!i*^WSAGXlKXj<;U=4tln{ZO?n*oR2VO& z!gx6q#;d8iM^D8)W~%M6Q)!QzDtr3(>2wFDx@OAmyc$~B?N>vSfq$`42CDs4UsGqarnfQRV+C^I}qAg)>N3_L3w6|)5(|Ev1`Fqgb z@3)1v7|)&6l`Mw_L&xILu+(K4&Pj=J*MG`M|#G`}Jz2Y2r zNZq|0{)d)do4prZw-!`=I`Tsv0n2Me~P*CNMKi~a*{g&R(KZ0Simtt+i zfp_zF@8rC%&8w>sv5TrQS6<2JRgqjOl}v?pahk~z71x)1%`UvEnN?o|D?Iap9xND} zb1Y7!!15($Yrl4DyEbdRR%^Ky7p2Ieijg)dA-vDNdTU*@!qudGDVN-%nGkE?*TSuZ zT??}odM(si(1W$$Yr)psuen=uyXI!i^_r_SmuoK8oL^XNimtp`6=bo(8(XwzK`HM- z&0bwfvzB@-fsb5Ev6g%-*{2U@a@IaOZnWaLN-lCrS#TfV(WUI&rSxm**3v%apd9c8 zQw)sJQIw($i&>g1g^gOaK^0#s_Q>OU9VD+B+~dxtWTYq=ZlNj8WWzGQRCcY*T7lbY zt>jvX$H&1ctCcm9v808vp?U|i<|F4$k+@ze%-wx)G)(mz9JeO%D66rGd2gb#LB+^~ zPM2D&HD7D?#W9hoNLQth+M8O1GA?Fay|m6_8Hzvz(ejCqVOnPIxi&Fb=nPg93qXsz z9E8?UlVlpU)JN%q1BDYaBV6#?s6Wj8Ooc4qDLH#RlxZD34f1Uso1%%?~L--qkM z;NQtgQ}cZ7+1kMubl=_tc}gin9^qO=R*V<$GhE~;M!2a}h;D*%?Zr1aJ8ff7Fo-E= zcr>BpQZ+2K%}EqqgzaW$)?Tl@`i7?o4_RxSm=r9+a(QP8b0S;l%c$VJlWpYy!~uyD zD1t@62pWMScm$9jb|BFX;SFbK$Iys+;}N~MChH(L(N$wF@HoXm;@ z01SPm`6I}7EY1rPrFOdO zX*k2i2cIrE#^xBDWArlW&|t zXzwW(!Ie9+bd5NLEypO-Z_%tZm6sXO&W9p>uSB4HngzcDo6f z?2SzDNkJ-IBvZi_p(K-0IODAxlL-1u!y|!~bjiTijNCA+P*_yBnuQymg(|5lq7c(k zK9llrp@2#{QEfnCw2M%LPKtIOm5)Js-sK5MO9HJkMNg|j;V}sZr=l3F@9b0zC1=KC z4ar2;vH%7kfE@>VXX-vI2a8$8>Oj2=6ONGIOKZGHEETHJYScwj!_QRy^x!etoP4!j ziCC=R-WsEm$ckHSrD>UN;KzaBncANngLr0Lj?NpNq*XeVqT!Z09U$zG?=dG1G|yCj zG(DXqFV(=02pR#O&oQZ7v$M%&k%VqCZl<8&O#Meqhln6VHrg1at2VW;0$y;-bQO~8 zOTh>P+EPyB%!V&zPC;>ALA&A+g;<`LW+fP{Y7~J*-?M?8+3;nHWVNzh%gjR!!dF*$ zaWTg1lU82m+|`|P|JAPs&l($?e@r%T=a%`von2-Gchn1r(Po1KVvZUUVt58@xFtql z0ze2Z4L)cGoH®1`sufENd1+}I0W;08qjmL!(F4N_s9fFCM5k7vH;k2~|{dH9pH z(LMyBF+&zrHAR*{`KVy64wd)(0YDF6UY+^$JbWsiiW8L(2DZjwQ87;EUqY=s1S?g~ zCv)c0GxMofmB0_hatR_B@F{9^L_`QLfrXw={>-1};SXmKL1Ohe`>G{#Od(iz)^Sw| z;03sCa6do=K~(sT9V?%0QZiLK>|>m>8Pr02t+}RiVZqG^Wxfl7NEKir14~sY=@IfK z87r)0E&~3i5;KC>f7Haau}((%jm(Jfp7T_hqZ&C|U2;%e{hmRa_P0G%=VYN8G-qTH z)~8fBOO{SyYOj>q$?5+SW-Me$-ent=vT*xsO|d2~cu2Oy5W5XYfmJPNRd1Q0f5Pmu zR60p(9OkPc=9g>LCOfLFJs1u0E%mXF!Z-eLPbs3I`|XnU98DCwZAS0Ss!b%+xF zrYZYb$M1?fP79MWLv$8+its1Bs2T1)d~)IG@cLdh@Vg>UGVsIc)mbc5Z(&)5G_@k8 z4FR4KT!_6a-NVT9PmNZRDzL{^%3OVQE@7oHW^AnjUZ`ga*|Rg2v zd6Zh^0wr!0i0Kb!wa)Y-`Y~QSyus>9@jfGxQ%p!LtAPH85j2OhO=tQM{j4fJr0C&W z3&csj7$IE@Aryxdoy2|?=uEe6-4GuZ-$MR1~%eA*aT zh{(EV7yr5vnXQaDQJ`Kpy?UZY%u)gRbKu7yU5HmTD>5>eRJb8Zz=idpx{!?6!;f-> zkC>zAWU0y3^PB@$UOSdpPFg!@ypNI@BXWt#8!7Gn{J(6n>bdDr=|xq}>WZiiiwUZP zi|hlWqk>c>@5`%y)@N1opoEhU<$WOQ6<=~LlVW8owza&X0Z zc~qS}X?Ewig&GmHf_9P0aA^IEm|Ln?s;G(Cpg4pYJQHA#pmaJ07Ls5CI1vDY3mTn< zr|}5^!hld99E7~^0LF^V)jEt*Y85_t6(fQytAzLT#u|ZX3HmDm1M~aTv6$sD7h}B+ zOejtaXQo;OchbmgcpD3_6n~WQg0ImFtI2=ORoP&8tTC|cE2zp6y?RrCgF+EY&<9L> ztg)-%0pf4G<~dgcyXg+(WA_cBemdH9GY!H3BhRKj}9UM7d&HY!Kw zjOmTUO35^?$EU=JF)LK8%oeG22$8v}y#%{VcCpt-T0J>lSjdr1{}y^v9}~fZDzXX^ zJ|A4Z(l&E7eQf_%KN)T^D5yVO2p~S4SF!Xx(?)B=z(maSK?(3cl6O?|aSr+94jD}^52a0`h z8LVw{0W5O+#kVuBDq?a76IoK^D_J2jgfFB>`kl4oZUSL~K%DR`&JQ-z=$f-|6>2ye zuT0_+mJ7~UfEMoFULg<=2}_gG-}Ge3@r7ZL*+*62b2<^6E8JF9CD*b{Lh8QyxmaKw zyv7_@${w+jSE_26nMEL>5^K(@pYiJJpHpHoRPO~v0|@@`506kDUM2WaO6O4_TK~<> z&DWAut`(lXq?%rffDh`jGI)*wfV#Okz;Vxur^|sUt(evlp$B=`S<|^8cssll8ArJy z=kY7RmpKJg1$Qp#5|gbyWEQH8R`ckyX*nZ@#!fax_Ke6Hn&I%v-MaECi9TbDo4@CGZlO*<9IPC_(AG|CIMkU9%9CT+iq{9bD zFfgC#FNT-Z*$16jE>k|7RxyekwP^SePQZs_aBiLyKWHt@M1hG7PRinHbWp(Bs_t7OMt+1JR5%W-V9hT#-Q?Ck`OJ!p?Rf`(AklhhTk*eC_*U? zhP2vjVu>}#YJ>ouHAHD;!%;pvo~8?6SXMk?iBxYw#)XIVl2Es~OIk|Wbpad+I3PVf zv>`-CX$WWaWVl8KEH(KoPQ(&|4?%&Jh(v5+aAq2=v}c8ZyYnv?z1unhKD2rC70dyq ztoXoUfw1bLB4fI`h-e==DP!TcIeY{2pzV2DEzMG2%J{sf0gOunP6bc*YaG7rN*8j-4YlB7SO2R(?4?i8>L$(EOR)!>( z<~-BgVF0qW5LKw|* z&E3oAY}O&b=T^<1CESeoZfIf{?XKon6~a5mEqrP&SgpcwkVbVstR)TbF};8PozX|I z6a~Epk~4BhigAd6xaA%(o7E;a`T!S0bTN%aMt^s7iZ13HHTY2_EMN2hGj(&Hy zw0OeOxP1(3zE3)p%B8M_NyIbN$e1~4Wyn-9s+epWoiMf)-z|-xkkBk3qKYPX2d_;i z7qrV-sq9sY{jB=#=|nkPxa5UEY;3N}cZolD81*J5qqaWA?UR3aTrs+YN zN|vDTdGQ7WtSSl_1W(0P=>i@#e-p4I`kiU}z&tgAIN_Mb*j|)e`S-3n#MQ^+nnSLnS zJ70<7J~H3-T+seZ>qn4j5jA)8Itb5MsHy<5;+>K@XDdx?v=(Q2KN7tiOHR8gf-G5@ zK%08m2JYd*8aNy+?}RZV#y}i!ruAp#sB5t-GF9Pkm=r^WyAhmayaH8vHvpY9!N7_( zt!d0N;U9!g^*vHSseezNn+0O-{@h+SRXGu@GcU#pR-8R@&H} z5ocyRiP4r=7fD2KRZ0clFlj`%)o1IVr}FsLSVd)BXX0%U&ln$VvNlwSNJ@kV1z+in zdYo7Ip1y4-LvT6lEr-3OGN131RyONuWx}vRD5I6+LWUeo5*!v#x1WVkR14Mb2Pvx4 zI}@)J{rajXSDI=q$-2yA&QzgVrA=7Bg=%4yfTk4uOt-ns*QEv-rN}BKZ@G(!ezdPz zpA2KX{oE`Go$8PxBFZxncas;&V5z!cD2Z@QnlPD>{Gn6u_qCLyZCmut9 zSKl%YL=+|EnUKfyq+}71Y8FnD6P{e68XymMJjTET@1^og%#*yrTCHrTiK)*7JvEI2B6`SWVv=hgW%cxGOA%bA2r{~!pyo`}hY;0xYY|0TR)diU zu{{es@~DlAg~fW=(G&EOpj9`IuLEzcs|!)l9&B-}B;%9~ft$dSF*$X=_Mt#~rPx=A zztqu#$^!Bn>4yR7hoq&h404m;3{0<(RrD&XuXrLKD3 zGm65X5)@Q|QsyGtDiQ+;7-!sQkzLff_!u1JzD&AQ&@~FWMnTso4cSOe1z&UZg{czg d1gR1^Tl&qe=&kNMU{oV6{y)MJ*FQ1=0RRGv_x%6> diff --git a/creusot/tests/should_succeed/heapsort_generic.mlcfg b/creusot/tests/should_succeed/heapsort_generic.mlcfg index 72aa82241c..a476984f29 100644 --- a/creusot/tests/should_succeed/heapsort_generic.mlcfg +++ b/creusot/tests/should_succeed/heapsort_generic.mlcfg @@ -550,12 +550,18 @@ module HeapsortGeneric_SiftDown var end' : usize = end'; var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var i : usize; + var _24 : bool; + var _26 : usize; var _28 : bool; var child : usize; + var _31 : usize; var _33 : (); + var _34 : bool; + var _35 : usize; var _38 : bool; var _40 : t; var _44 : t; + var _46 : usize; var _49 : bool; var _51 : t; var _55 : t; @@ -587,12 +593,15 @@ module HeapsortGeneric_SiftDown goto BB3 } BB3 { - [#"../heapsort_generic.rs" 60 16 60 23] _28 <- ([#"../heapsort_generic.rs" 60 16 60 23] ([#"../heapsort_generic.rs" 60 22 60 23] [#"../heapsort_generic.rs" 60 22 60 23] (2 : usize)) = ([#"../heapsort_generic.rs" 60 16 60 23] [#"../heapsort_generic.rs" 60 16 60 23] (0 : usize))); + [#"../heapsort_generic.rs" 60 16 60 23] _28 <- ([#"../heapsort_generic.rs" 60 16 60 23] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../heapsort_generic.rs" 60 16 60 23] not _28 }; goto BB4 } BB4 { - switch ([#"../heapsort_generic.rs" 60 11 60 23] ([#"../heapsort_generic.rs" 60 11 60 12] i) >= ([#"../heapsort_generic.rs" 60 16 60 23] ([#"../heapsort_generic.rs" 60 16 60 19] end') / ([#"../heapsort_generic.rs" 60 22 60 23] [#"../heapsort_generic.rs" 60 22 60 23] (2 : usize)))) + [#"../heapsort_generic.rs" 60 16 60 23] _26 <- ([#"../heapsort_generic.rs" 60 16 60 23] end' / (2 : usize)); + [#"../heapsort_generic.rs" 60 11 60 23] _24 <- ([#"../heapsort_generic.rs" 60 11 60 23] i >= _26); + _26 <- any usize; + switch (_24) | False -> goto BB6 | True -> goto BB5 end @@ -604,14 +613,19 @@ module HeapsortGeneric_SiftDown goto BB23 } BB6 { - [#"../heapsort_generic.rs" 64 24 64 33] child <- ([#"../heapsort_generic.rs" 64 24 64 33] ([#"../heapsort_generic.rs" 64 24 64 29] ([#"../heapsort_generic.rs" 64 24 64 25] [#"../heapsort_generic.rs" 64 24 64 25] (2 : usize)) * ([#"../heapsort_generic.rs" 64 28 64 29] i)) + ([#"../heapsort_generic.rs" 64 32 64 33] [#"../heapsort_generic.rs" 64 32 64 33] (1 : usize))); - switch ([#"../heapsort_generic.rs" 65 11 65 26] ([#"../heapsort_generic.rs" 65 11 65 20] ([#"../heapsort_generic.rs" 65 11 65 16] child) + ([#"../heapsort_generic.rs" 65 19 65 20] [#"../heapsort_generic.rs" 65 19 65 20] (1 : usize))) < ([#"../heapsort_generic.rs" 65 23 65 26] end')) + [#"../heapsort_generic.rs" 64 24 64 29] _31 <- ([#"../heapsort_generic.rs" 64 24 64 29] (2 : usize) * i); + [#"../heapsort_generic.rs" 64 24 64 33] child <- ([#"../heapsort_generic.rs" 64 24 64 33] _31 + (1 : usize)); + _31 <- any usize; + [#"../heapsort_generic.rs" 65 11 65 20] _35 <- ([#"../heapsort_generic.rs" 65 11 65 20] child + (1 : usize)); + [#"../heapsort_generic.rs" 65 11 65 26] _34 <- ([#"../heapsort_generic.rs" 65 11 65 26] _35 < end'); + _35 <- any usize; + switch (_34) | False -> goto BB8 | True -> goto BB7 end } BB7 { - [#"../heapsort_generic.rs" 65 31 65 38] _40 <- ([#"../heapsort_generic.rs" 65 31 65 38] index0 ([#"../heapsort_generic.rs" 65 30 65 31] * v) ([#"../heapsort_generic.rs" 65 32 65 37] child)); + [#"../heapsort_generic.rs" 65 31 65 38] _40 <- ([#"../heapsort_generic.rs" 65 31 65 38] index0 ( * v) child); goto BB9 } BB8 { @@ -620,13 +634,15 @@ module HeapsortGeneric_SiftDown BB9 { assert { [@expl:type invariant] inv2 _40 }; assume { resolve1 _40 }; - [#"../heapsort_generic.rs" 65 42 65 53] _44 <- ([#"../heapsort_generic.rs" 65 42 65 53] index0 ([#"../heapsort_generic.rs" 65 41 65 42] * v) ([#"../heapsort_generic.rs" 65 43 65 52] ([#"../heapsort_generic.rs" 65 43 65 48] child) + ([#"../heapsort_generic.rs" 65 51 65 52] [#"../heapsort_generic.rs" 65 51 65 52] (1 : usize)))); + [#"../heapsort_generic.rs" 65 43 65 52] _46 <- ([#"../heapsort_generic.rs" 65 43 65 52] child + (1 : usize)); + [#"../heapsort_generic.rs" 65 42 65 53] _44 <- ([#"../heapsort_generic.rs" 65 42 65 53] index0 ( * v) _46); + _46 <- any usize; goto BB10 } BB10 { assert { [@expl:type invariant] inv2 _44 }; assume { resolve1 _44 }; - [#"../heapsort_generic.rs" 65 30 65 53] _38 <- ([#"../heapsort_generic.rs" 65 30 65 53] lt0 ([#"../heapsort_generic.rs" 65 30 65 38] _40) ([#"../heapsort_generic.rs" 65 41 65 53] _44)); + [#"../heapsort_generic.rs" 65 30 65 53] _38 <- ([#"../heapsort_generic.rs" 65 30 65 53] lt0 _40 _44); goto BB11 } BB11 { @@ -636,7 +652,7 @@ module HeapsortGeneric_SiftDown end } BB12 { - [#"../heapsort_generic.rs" 66 12 66 22] child <- ([#"../heapsort_generic.rs" 66 12 66 22] child + ([#"../heapsort_generic.rs" 66 21 66 22] [#"../heapsort_generic.rs" 66 21 66 22] (1 : usize))); + [#"../heapsort_generic.rs" 66 12 66 22] child <- ([#"../heapsort_generic.rs" 66 12 66 22] child + (1 : usize)); [#"../heapsort_generic.rs" 66 12 66 22] _33 <- ([#"../heapsort_generic.rs" 66 12 66 22] ()); goto BB15 } @@ -648,19 +664,19 @@ module HeapsortGeneric_SiftDown goto BB15 } BB15 { - [#"../heapsort_generic.rs" 68 12 68 19] _51 <- ([#"../heapsort_generic.rs" 68 12 68 19] index0 ([#"../heapsort_generic.rs" 68 11 68 12] * v) ([#"../heapsort_generic.rs" 68 13 68 18] child)); + [#"../heapsort_generic.rs" 68 12 68 19] _51 <- ([#"../heapsort_generic.rs" 68 12 68 19] index0 ( * v) child); goto BB16 } BB16 { assert { [@expl:type invariant] inv2 _51 }; assume { resolve1 _51 }; - [#"../heapsort_generic.rs" 68 24 68 27] _55 <- ([#"../heapsort_generic.rs" 68 24 68 27] index0 ([#"../heapsort_generic.rs" 68 23 68 24] * v) ([#"../heapsort_generic.rs" 68 25 68 26] i)); + [#"../heapsort_generic.rs" 68 24 68 27] _55 <- ([#"../heapsort_generic.rs" 68 24 68 27] index0 ( * v) i); goto BB17 } BB17 { assert { [@expl:type invariant] inv2 _55 }; assume { resolve1 _55 }; - [#"../heapsort_generic.rs" 68 11 68 27] _49 <- ([#"../heapsort_generic.rs" 68 11 68 27] le0 ([#"../heapsort_generic.rs" 68 11 68 19] _51) ([#"../heapsort_generic.rs" 68 23 68 27] _55)); + [#"../heapsort_generic.rs" 68 11 68 27] _49 <- ([#"../heapsort_generic.rs" 68 11 68 27] le0 _51 _55); goto BB18 } BB18 { @@ -687,14 +703,14 @@ module HeapsortGeneric_SiftDown [#"../heapsort_generic.rs" 71 8 71 9] _60 <- Borrow.borrow_final ( * _61) (Borrow.get_id _61); [#"../heapsort_generic.rs" 71 8 71 9] _61 <- { _61 with current = ( ^ _60) ; }; assume { inv4 ( ^ _60) }; - [#"../heapsort_generic.rs" 71 8 71 24] _59 <- ([#"../heapsort_generic.rs" 71 8 71 24] swap0 _60 ([#"../heapsort_generic.rs" 71 15 71 16] i) ([#"../heapsort_generic.rs" 71 18 71 23] child)); + [#"../heapsort_generic.rs" 71 8 71 24] _59 <- ([#"../heapsort_generic.rs" 71 8 71 24] swap0 _60 i child); _60 <- any borrowed (slice t); goto BB22 } BB22 { assert { [@expl:type invariant] inv5 _61 }; assume { resolve2 _61 }; - [#"../heapsort_generic.rs" 72 8 72 17] i <- ([#"../heapsort_generic.rs" 72 12 72 17] child); + [#"../heapsort_generic.rs" 72 8 72 17] i <- ([#"../heapsort_generic.rs" 72 8 72 17] child); goto BB2 } BB23 { @@ -1058,10 +1074,12 @@ module HeapsortGeneric_HeapSort var _8 : usize; var _10 : bool; var _15 : (); + var _16 : bool; var _18 : (); var _19 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); var _21 : usize; var end' : usize; + var _33 : bool; var _35 : (); var _36 : borrowed (slice t); var _37 : borrowed (slice t); @@ -1078,16 +1096,16 @@ module HeapsortGeneric_HeapSort BB1 { assert { [@expl:type invariant] inv0 old_v }; assume { resolve0 old_v }; - [#"../heapsort_generic.rs" 99 20 99 27] _8 <- ([#"../heapsort_generic.rs" 99 20 99 27] len0 ([#"../heapsort_generic.rs" 99 20 99 21] * v)); + [#"../heapsort_generic.rs" 99 20 99 27] _8 <- ([#"../heapsort_generic.rs" 99 20 99 27] len0 ( * v)); goto BB2 } BB2 { - [#"../heapsort_generic.rs" 99 20 99 31] _10 <- ([#"../heapsort_generic.rs" 99 20 99 31] ([#"../heapsort_generic.rs" 99 30 99 31] [#"../heapsort_generic.rs" 99 30 99 31] (2 : usize)) = ([#"../heapsort_generic.rs" 99 20 99 31] [#"../heapsort_generic.rs" 99 20 99 31] (0 : usize))); + [#"../heapsort_generic.rs" 99 20 99 31] _10 <- ([#"../heapsort_generic.rs" 99 20 99 31] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../heapsort_generic.rs" 99 20 99 31] not _10 }; goto BB3 } BB3 { - [#"../heapsort_generic.rs" 99 20 99 31] start <- ([#"../heapsort_generic.rs" 99 20 99 31] _8 / ([#"../heapsort_generic.rs" 99 30 99 31] [#"../heapsort_generic.rs" 99 30 99 31] (2 : usize))); + [#"../heapsort_generic.rs" 99 20 99 31] start <- ([#"../heapsort_generic.rs" 99 20 99 31] _8 / (2 : usize)); _8 <- any usize; goto BB4 } @@ -1098,21 +1116,22 @@ module HeapsortGeneric_HeapSort goto BB5 } BB5 { - switch ([#"../heapsort_generic.rs" 103 10 103 19] ([#"../heapsort_generic.rs" 103 10 103 15] start) > ([#"../heapsort_generic.rs" 103 18 103 19] [#"../heapsort_generic.rs" 103 18 103 19] (0 : usize))) + [#"../heapsort_generic.rs" 103 10 103 19] _16 <- ([#"../heapsort_generic.rs" 103 10 103 19] start > (0 : usize)); + switch (_16) | False -> goto BB9 | True -> goto BB6 end } BB6 { - [#"../heapsort_generic.rs" 104 8 104 18] start <- ([#"../heapsort_generic.rs" 104 8 104 18] start - ([#"../heapsort_generic.rs" 104 17 104 18] [#"../heapsort_generic.rs" 104 17 104 18] (1 : usize))); + [#"../heapsort_generic.rs" 104 8 104 18] start <- ([#"../heapsort_generic.rs" 104 8 104 18] start - (1 : usize)); [#"../heapsort_generic.rs" 105 18 105 19] _19 <- Borrow.borrow_mut ( * v); [#"../heapsort_generic.rs" 105 18 105 19] v <- { v with current = ( ^ _19) ; }; assume { inv2 ( ^ _19) }; - [#"../heapsort_generic.rs" 105 28 105 35] _21 <- ([#"../heapsort_generic.rs" 105 28 105 35] len0 ([#"../heapsort_generic.rs" 105 28 105 29] * _19)); + [#"../heapsort_generic.rs" 105 28 105 35] _21 <- ([#"../heapsort_generic.rs" 105 28 105 35] len0 ( * _19)); goto BB7 } BB7 { - [#"../heapsort_generic.rs" 105 8 105 36] _18 <- ([#"../heapsort_generic.rs" 105 8 105 36] sift_down0 _19 ([#"../heapsort_generic.rs" 105 21 105 26] start) _21); + [#"../heapsort_generic.rs" 105 8 105 36] _18 <- ([#"../heapsort_generic.rs" 105 8 105 36] sift_down0 _19 start _21); _19 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); _21 <- any usize; goto BB8 @@ -1122,7 +1141,7 @@ module HeapsortGeneric_HeapSort goto BB4 } BB9 { - [#"../heapsort_generic.rs" 108 18 108 25] end' <- ([#"../heapsort_generic.rs" 108 18 108 25] len0 ([#"../heapsort_generic.rs" 108 18 108 19] * v)); + [#"../heapsort_generic.rs" 108 18 108 25] end' <- ([#"../heapsort_generic.rs" 108 18 108 25] len0 ( * v)); goto BB10 } BB10 { @@ -1137,13 +1156,14 @@ module HeapsortGeneric_HeapSort goto BB12 } BB12 { - switch ([#"../heapsort_generic.rs" 115 10 115 17] ([#"../heapsort_generic.rs" 115 10 115 13] end') > ([#"../heapsort_generic.rs" 115 16 115 17] [#"../heapsort_generic.rs" 115 16 115 17] (1 : usize))) + [#"../heapsort_generic.rs" 115 10 115 17] _33 <- ([#"../heapsort_generic.rs" 115 10 115 17] end' > (1 : usize)); + switch (_33) | False -> goto BB17 | True -> goto BB13 end } BB13 { - [#"../heapsort_generic.rs" 116 8 116 16] end' <- ([#"../heapsort_generic.rs" 116 8 116 16] end' - ([#"../heapsort_generic.rs" 116 15 116 16] [#"../heapsort_generic.rs" 116 15 116 16] (1 : usize))); + [#"../heapsort_generic.rs" 116 8 116 16] end' <- ([#"../heapsort_generic.rs" 116 8 116 16] end' - (1 : usize)); [#"../heapsort_generic.rs" 117 8 117 9] _38 <- Borrow.borrow_mut ( * v); [#"../heapsort_generic.rs" 117 8 117 9] v <- { v with current = ( ^ _38) ; }; assume { inv2 ( ^ _38) }; @@ -1155,7 +1175,7 @@ module HeapsortGeneric_HeapSort [#"../heapsort_generic.rs" 117 8 117 9] _36 <- Borrow.borrow_final ( * _37) (Borrow.get_id _37); [#"../heapsort_generic.rs" 117 8 117 9] _37 <- { _37 with current = ( ^ _36) ; }; assume { inv3 ( ^ _36) }; - [#"../heapsort_generic.rs" 117 8 117 22] _35 <- ([#"../heapsort_generic.rs" 117 8 117 22] swap0 _36 ([#"../heapsort_generic.rs" 117 15 117 16] [#"../heapsort_generic.rs" 117 15 117 16] (0 : usize)) ([#"../heapsort_generic.rs" 117 18 117 21] end')); + [#"../heapsort_generic.rs" 117 8 117 22] _35 <- ([#"../heapsort_generic.rs" 117 8 117 22] swap0 _36 (0 : usize) end'); _36 <- any borrowed (slice t); goto BB15 } @@ -1166,7 +1186,7 @@ module HeapsortGeneric_HeapSort [#"../heapsort_generic.rs" 123 18 123 19] _43 <- Borrow.borrow_mut ( * v); [#"../heapsort_generic.rs" 123 18 123 19] v <- { v with current = ( ^ _43) ; }; assume { inv2 ( ^ _43) }; - [#"../heapsort_generic.rs" 123 8 123 28] _42 <- ([#"../heapsort_generic.rs" 123 8 123 28] sift_down0 _43 ([#"../heapsort_generic.rs" 123 21 123 22] [#"../heapsort_generic.rs" 123 21 123 22] (0 : usize)) ([#"../heapsort_generic.rs" 123 24 123 27] end')); + [#"../heapsort_generic.rs" 123 8 123 28] _42 <- ([#"../heapsort_generic.rs" 123 8 123 28] sift_down0 _43 (0 : usize) end'); _43 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB16 } diff --git a/creusot/tests/should_succeed/heapsort_generic/why3session.xml b/creusot/tests/should_succeed/heapsort_generic/why3session.xml index e28544f122..29a8903bd5 100644 --- a/creusot/tests/should_succeed/heapsort_generic/why3session.xml +++ b/creusot/tests/should_succeed/heapsort_generic/why3session.xml @@ -49,56 +49,56 @@ - - + + - + - + - - + + - + - + - - + + - - + + - - + + - + - + - - + + - - + + - + - - + + - - + + - + @@ -110,7 +110,7 @@ - + @@ -119,10 +119,10 @@ - + - + @@ -131,10 +131,10 @@ - + - + @@ -143,36 +143,32 @@ - + - + - + - - - - - + - - - - - + + + + + @@ -183,17 +179,25 @@ - + + + + + - - - - - + + + + + + + + + @@ -204,62 +208,70 @@ + + + + + + + + + + - + - - + + - + - + - - + + + + + - - - - - - - - - - - - - - + - + + + + + - - - - + + + + + + + + @@ -268,13 +280,13 @@ - + - + @@ -306,105 +318,87 @@ - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - + - + - - + + - - + + - - + + - - - - - - - - - - - - - - - - - - - + - + - + - + - + - - + + @@ -416,17 +410,35 @@ - - + + - - + + - - + + - - + + + + + + + + + + + + + + + + + + + + diff --git a/creusot/tests/should_succeed/heapsort_generic/why3shapes.gz b/creusot/tests/should_succeed/heapsort_generic/why3shapes.gz index 2b14177726e1b1d57eb487f4fcc5db028580eb2e..34d7d0264c255d6285bc457c7a719b650c4ced7e 100644 GIT binary patch literal 9128 zcmV;ZBUjuXiwFP!00000|LuKQj~qAB;Jbc>-e%W>1sD-L7nXsBG1?L^7`=R`$7%4i z+bgRzt+r;q{q-AU9+jDul~wYkYDut5mBl235y4;_WRU$ozIp!sNB=IrfBqpqyuZ7D z`@f&-=imI#XOI8#cW*zyUc7wfU-{xO3h z_n>;J8i+hCpMp@sgIwUD_h2Rv-aJmrrx48WpqEH62i%;LH+lMM3T0q0*q6N!i9L4w z>l-lM*KjgQM;;6F!j*FtW={tZM|Lq>-9*G}bL@tpx{>SX! z-IfRcgJ|u#m#r2Kweatg9$xi8U(JBx1SqZnefezv{qu7F@O*rA`?LSgFoQ&$Lfx~g zv!i>odmJ9ko`y%gm&2pltKm`Zc|aHeX3g6l9)I*aU*EjB|M%_B_bI=jz44Ftw|8$J zJ$Ksi1H@6CMiPGyFlj#y5ANMUV#Gwc+bpjIqnHm5%Q-lR1N<5{1RgLt=4V znf_h*6vUuct2oXes6FbH>ED%4Aq+|t)e;G_N4q}#yH`^v1DkOaHGXynRX~F(SQBM} z;YG^%U02Gcg6Cl+{c%ycC!CZJ!%z7?6|XyFHCVbhZja$I)=M2H= z*~fF2=F{)RN`(I;lNB{5`VfdNfroS+Dv$u

Gp$voB!Pxi>~C^`y%W{0k$({>1Hl5l7w43!sPa=KlWOp#y%pdz{dAH>KldLf4GwyV~NXQ)J#O z+40lsR(%SolM4S+BWNO0{u}=JHb3S6l1RXx@&NZGnc+> zBL@EGg}t4L(+nrYg4<2tZ|jdO9`pN`&yE=X)3YfHJE1$>cV%4H;byHp>59#Wm_CD; ze);NBg3S!DIRn_d930j)+I!!Dc~CXxD5!_xGn_as8=GFjBYPS^ec6ayLyTWm*M_TX zPN_rfO1h7y6w90!hl#jFd)%OX_>PzGz?}zFEA<0@2Is~VH>LCMta`tRIM#@8Uc14% zdONAIV5;R{Ig>t4p}<*<0w1qZHU|EBiUKQ#GIP)phu|Bfv{YhU&4E!sQ((!Y71yRfi( z@sI9Jr$5r&hr7D6@jU$Z^Z%D0?(5sG`Q6*waR1BO^xktF{|jTHt44xVph2{Yq&&$o#vG~2LOLv)Q(FC z@yEM2X|>u3Ag#d>m|LE#r>fo3oEhIP8!lMbx9Ro&h=%BKovAd{)ZVjq4>{hyO?Oo* zHz&w+fPMFd`_~|CrF;4Tq~_1+#$wqXK0WzelDR zz3A7>C*xkLI1HFkwLha)CD$x|%BkQO*-MFOEHZL$Xb>DjGs!i$DmA8KmEroZWR-yx zl&8Imp{piwM(nj4de?5&yH=~cbN!A5+ExhKo|ai{CciG#l?n#6RG$uNNzIku9c<{p zYOf}}t=DCcYV1nQx>8Mz@st}}nwiE^u=qVz?``c1hJUNE$LNLU9>V>@!~MT=`peJ% z*Z;G<96giH9ch?Q_pVo*?P;<6Q%hm#fv;6G4b-CQ6uzpj2V6z_7Y6UB7O=l|dzXe% z{(>VSL{CKRr)$=cA-lKpAY?6g(2HuFSZvhn@#d%epZKGH`$Jx%TCB7^4u^URKCt2- zY}o%~Uf@vcT!e-fEkLnL@jgF%@SRI>;0|v4{$sVxr6~ME*P^g%6F=7VUyI9+JpVp0 zzs&JpE*mgXuQ$2virH4a>`M>hpwge_qaqHS23SqAVv&C2S@mO8Ze;C93`$ea6=y3kyF|oem5;K zQwDH)-33oh>T~NZ?s&p+;j1q6zI4KK-Pf~VeYWo6HWv=2*zgb?mT>1`_VF@_Jlcw# z&ni5u&z^L>E}9YWbf*OT#yPPr;gd;m^D9E)u8s2da!G$RT3ye5!fiSjYa^dQAC8NXIZTm&wK`8nC1qex0_&p?|zoTjD`mo(R3a zvT4Sq-!y+{Nx=H*!OcP2otts<*|Rd&E}A_X_QseMdt*%1_x$Q&dt=P&uEmPIG3H`> zW9-D?KTAlI!xow*7*O_YWk_0B?Kk{C?O!s3vl{_Kz3t=i%Ch-lXwi z#f@k27<+DT#<f588mFe5IPe7a4Olo(V zk_*4>oa?_GX<&u7F@|HLf#b?#5#`~T*z+TKe?H2?n>G3Hk(QqR7D`+4d_ajV5{FC3tFYWuMidPkwH%c}KtS+)2%TbEVCx~!7Z zeSxlMzAmfQ*JZnXgmEiizN4`2)XWeVmS%^|fV~`-W~IAuM?ns&v$Czu%8k`oX_g*M zw*qhWQXj3ruWw6DcNEmJiCXL^$YDo8_KW@V<^Qug3T>Z7;^jLEeRtLV9(5nDS+xdIP1B}*q+%H#XRf?CzZKEdKft4*F-`Zxx}sThQ@z_&cwGOKiqs9L zUKcbq7c@N+G(8BKZi1%yVH7ky7qsQ-+A!3eplQ~jM}npnf+k_19|u8GP0*Cxt5MLD zxr8ff5VT>___Uy@qj0a&?W(gHbHwE;;!X7^T2`J1hionS%BRf68MU~&bG)e*-R8#e z)<&y2Y_ytRr4}nk>|({NdK@#37#MY8^;ut3pLKPYRnLA}F%=d&7}NUj;>`XHH8odxx*P1}obwU662;-piF|W&dntYgPA_j;eB53%2OuOkYc{y9O)ax}|N0 ze{ba^NVoD#gtwLC*Li*Cvv#@Op5&fvP1PH-_J-wwJ?Tlmdr~zuZX;f8pxg|UI}OT> zxqs&6&C!5VSW+xTq$})~%vXnGUl*Dt{b;WFdb-5UUH8Kw1$TQ+XlsV$N)M-8?L$K5 zAupSec(r032NR@+2z%5s>(JJ;LCsXER2*%>@DG&WOzwJXwd zc*iLW4W8bxjt!_@Pf61Alq5Y%Nzy|~(%{Chw=!DCc}kLAr&D(+Nm{aXK61krc0(=_ zJ3hiTpWuofw5}GNjoz@1(_|zTq0WFgw#i2Z%&wx{oFuhKLK;rJy}v7ux9R@hZ^xr; z;&8ML4oBPYaI}pMN89A#M4H+<86KOj6Q*Fp5 zZ@!f?v0DA>W(?PD7B#Tl2C{hBM@)10{UpI|G-pRv`%`m!qC5Xzzr1_H0npL=Lq>Y7 z=fC6cczn9I8gJD<4X1lMEzqA%P`weai1M&Z4%OBM^_0NYnL9IA2FGXaOgnRD*7QVu zJDlt@Z3+2=Kh}KfLq8&7f41sFpM~^Im!IBOxwWf+{ZMvNL^kQA&$=PVIhl8D*Op zXy;PF?$!#2U95ReCr5WfK5)($*yIde+S}#|{MuO?9MAi7;mW1EsW6-bnr+L$A${lN zN`dO6X$%@~! zz07ZV&VQg~&MChfInYtvr||x>+a_vM^czOY^e$H7%f#80iY+;8S(PU6Wqm#1s@uP2 zOq}I{A#t`V<*%c}S+3M4&NjOOUELx7m-HcvEUsH+J+IaCbfadEw%*K$BfZl0fXKA3 z10!Z>v+d_Xhv0H*;~6bNn{$rVvD6|B9mi;%fr>LZ+8&a1Vq4GM zlsbt6^w^*1=f!9tgO3FA|?R<0?87O0P5 z`WU2-A^I4gAHwr9VfSU1)WEATIPVvI`&$b(FQR!hyNJe29$NU(T`IGB&CD!_r7?0} zzjkIC+^b1wzH;ZxdT?Lk@8jTp8k?WEoM{2ac2V>gH;+;H@UV#E-B5pdaZ|fhW*Kth zf-grwb${{9NX8_%pWi)WhP!9XaQDm)D_6{{+(R zXT1?-hH#6T=YujVQ*^JUcntiUpN4OT>g@_My7J|y(7;maCu^UWezdM2ML((g{PN|x zM%~uO)9V`T^@dfbF2F(K4_ysOPpkFEeU=#-G_<9)<&SD8Si9>}%O7ky#`LpV&wp1} zNRO94>LR!8pXSRSvL$Uw+g8^*dhBfZqc-4|tGd?gmFSl)RM+Y9bv@X{{|=QlZ!S`J zq?5VHmOX9Jl9H>X2aBjq?r^QdP^#tpDY+IyDfx068AeyHmL6`6sHsI4JBBqI>Dvl( z#W7U6LuSRxQO2)$IjW7cGE0v|nUiqrDjeJ3oC-`=y(P7kr#S#_yZR%ewAk=tv^eV( zX_!GfcCIJTVDO5RTk(qeb&c()Lv9L&T#Gv7C3ou7y`0rjJkWO9ajW8^sqN`3heXpE zVU~4UZmm=wd`-RCbK6>5ah*-=d1GxwUh0*0t7)5y2>sIAauuN!z~z@~ z2XL`_H!kh9=fjFDt}hhHq2{R|4cy|sH9SOW40L(l8qVLH?O%*I!v-GE(|x+9^RXH? zU+ei;`>>Zt$J(crZZ3;)m76)mT=(_tew+^RVOi{~V&XpK^tzkLfwo(mU0u`xt`5hh zZmIxb1`y5w9Mw~Ebxtl{E=K0`lH{_7t>tZu`0V@dFGwX=xCY(5M61hxbqpV0O|QZj zZqM!ZpzFh!2ze?SLz|jexK?^tJk=+pq;1k4@+g#Uxrg6YfMZcFAKJZqd2?D<)s6nK z$wp`EW5%z>Ft~NO9c9p)Y^x6_0w|Lc?B(CwQOG=qpvD&a1vFa$X5v$(Mt0D8Gjq*1&VfLH- z>^k8(7oI(nMHtN5ODq5sxeN+Td?NC}a|5E4@IGQ74Qx73r;a4Gp)G_Rm1ZXeM1mW<$63^I_uOBb30`lZf2+SpM+Quxu6lo8SMx& zqfIPdS}$m$ep2`!JUDf5j*X6+U_)~PR9Qa#?xz|1Epd_ zBnKFjvr!dObdao@rD}M(>p<0rqJlFZqGN6rp_4H>7B*!rq~f1j*jaHc*t+18FIJ@J zyi;TWfs!IA6b5oOH*D3;%AKX1#jC)%6eX0FB_|Al=XZ7js-XbOiYU3#a5g)uuM2G# z1!gMDUvD5}sab$cQJ(E?aMEK#o1GDRb(k0S@>sV^^hzgZSg(o{6pCOXduTB}cXH=w z=Wyp>=fpLV05;m|)Zjd- zWTazHB=wWpxu-!6K?pHx6dYEe432zM7F1#T8xvcxDqtXL*d(3~O-dj-;Z$P7mQ6Ag zq7^x%0EK=1(og-TMplU0DRzZ?{rfw}ajMTU8`f^9tWZI8LxoR~G?7I~OdCgCNXBq* zVWlQj!*}+XSSw{;ZLo&&tcQ&B$gJ*Spm`5KB^VlVxbJk?_ORi&n zMb%z28Eg(o$!sONrP>meBn?}Yl8F%(vU9*2>Q_$+MXk^hLh&_vWfw-}C^<@UNwcTg z=^v~gMw>wa!-5K|Lc4C#f+$v^vB?!ILAwmT7^|%?LD;CfQQ{7OdjReNxDVh?fO`S% z2DqOmNVX`^1*!|sJb)qx3?>yJZA#>zE|@p6>2o9|a&y)}BK3aAV9GR?mHV7)&aQK~!H5QeU9Umlo3A|uZC}Hu5ObF~R zkq$xyjs($q_V{wo3&y$5i!X#H$#MjYAsSnvV$}dxQV>C7kveAVcv3f^TY3R#s`&+= zzZeDu#XhPuCEFN^GdjoO6=n9fb&%48C4*`v1|!YCp#8)@he^t;ueN~X29g`dN|5~1 z#S5J9o{~hF2(z&^YmUJ)*uamfT*$pzHgHdg-Pvic#d~TDT{kf+#A_(No}nLPSJ^ zo=Gm**~nHD3tW#@d=m3o5_2$Pl*+Is!jd6Tgy?-i&xQ6{nCX7c&5KXWbM#tUW(gQ+ zDOke5VSz9xNoi-O_lp@3(5g>gs2KlF~|t#u$-u5td^PHa4s>K}B^b`@Xt9T{tguvQjAae`H;^QzZsSH8I?!V(D6h z@k)Ik_QFdEF_CiKs^VoP4)=;ntOYTcd^PNQ63&kSouU^aAz9^|2~H$183j7;bh#Q~ zd>YCBDKhv|hamG;V*glx-HV7B{U>LCVWZIQZTI-?5g?Xe|+it?A`bUF#FOGzq;ib{1i z$!8y9O{dKv_RIE+T4fQKDx>bJ+c}jn$5u&L8)98%Ll+qzZw$|E5=em8!@w(bm7)@4 zgp7hC9a$6UIpE2`I9o+i>vS|pt@sirDhZAYV~&FHmKt*qR9K;*iAu9}b3L0}FK4wq z12FpQgk3H~l%RCB)&2%8w3SkNb|z)@fr5+i;~DuiVr))2rIeJg&L*7#DRysUQZg8A zOmV|v`8Dy?sL#mPK}gOj&DvBKU}ruh!*WhU79&~>*QXz@)E-e1!AN724{XtE{e&kxwFs4}lV5J?)IeQDQSsMn&hWblM5@*T>hV5zZ3@nF~ZIIGBtrHarpj>j`BJOwvXf(_p3m_?%KMMAdd zHb=rlsz}LhCXWN~Kmd=*Cq4VgacZb3`>`$!qCt_2W*ex4vB|>(PrORGA(MQvsEU!% zgYd@3>`GGJ30quMha&;zGQr_FavhXKqAXM_7BksOWysmaqS!AX4>X}necaTz(uhJE z;&4K04~hTP9K|}X*}|oo32R;Xbp$^h&!597T~|OXX)lwke-TLAnlJ+*Yqm?je!#EP zMU1L=LT@M}VHH0?iAlQ&j?>H-vL+8Qzo<-!Gvf8tI3{C z?i&1w!nQXGlnF~Rbr~`SOd?W(Bo#k&xH8j$xqdA;D=%tVwJb#jJ4C6$D9Y<)GzvT@l%m>DWOQ`R6WQWoKk=si9sSCrSESj z`;;hJl^px|-k5+gB!$r#6H7LN1D24fURZ!Ub3QSeI^>#h?+sfc9}=55Ht{7nj`Ilw z&&cjdO03iT6QYSel1H7frpAfP6NUYdC|D*-QJ~v(k*rp(0o8=rq-?EK0ys*=fTkt| z2~eo5FVvyxt_58ol_3huMW|ZQqExcp;TlzTmU3$Phw6u6uYA$%Z4;as)w6mR6cU3;2b+FDdui4%#)zSWcJ!))!}SZjFc34u84?a*;CZ@9+pag zeKPcDOvGvly<$H-lqgxlQ%oeaGKv3d^e{%q{tq%*Sn*;P@F~$KVs_56=cI|v0tTHq zVB^s$(P(R-`F5!4hubRdLvkOI`{2L{8~v&+iKCR)O{iANKr))x3(A63Ham}k-3(UU zQLCg{D1fSd=<}f1JDZEFw}?3KHfC_zS?{G`qU-I^V{rLdQJuUjIk4BQ+U@Ad34Y5l zRFmR5buoPn*!p{=CXOPa*gKR>zb`i$BucG3hH>+T(UKG|9*)aybOy(G5aZ!vqrJ#aS zI#4vk1|sGHjD55I6=j287Gv008j~D*210RUud*#<>a|epq+@aL9P2VfUDPoQ)G*MB zWu?r>FOy@|Gl>a`w9FEp9fvWLIXEUvvY779GOR9^Wf+!WR6A_Nm&>qRvQb(Z5_YTTBmppn_>yEW0?BNw0YPcIV!fovI38#xN81W=7>2UmwMMRO@C$Fl5r$b(j1>_ z;0ak$z{Efh^c89XEFT zT%#&$zjAQkU~$T3!EtvnTt%m%1<7nOOJa~p=$?c0m5bZEOqRVg7pxa0vgifxCHdDdHTCWCiDC{N7FWQl^UDQ4{QMeNUtP^IK6H!t9(Vt3ffQ2zoF7)mAx zmc|mJl`)}>U%B~}o1bihMFHd-An?qVSU@CJq0CX4b4?8iJvZ%FZeC=8e6E*V$Q%+e zXKhs8P|fNR4lE|;{-MRhwCxNi8)Tpabk`WbDWst#2hE)I5Edb)I6bT!t3O& zB3T*9#5nbgJttwcuyy~bkSUReMrGqkWu0?>-3ZmZqndcsGLPu%DE!`|P^d7=K?rB+ zAGq>C2C&XbN>)kMG_z5dt_ywD*Ox9yYA}j8F7*x-#JbI2H|wa>zl$b8*Zmuk^&_s6 z0MCZH6p+pfiBPoWU@)xag7uljPU7_vq(LJEh^%C!;70B5su~ek zv~$qObp-KzVo`fCMDZNU5P)>HzIf#LDTx?Ki%_(5rXMBu^awM``oO`Vvy4!^4l$5| zVx3Q{rx>wD7%PY;Nt|L|xNy*hkwamgRLZ5KxskCtQVyXb4xTQ77V4Q0D3W!0(a4&_ zdsE5vz$$RK#Io8GRsXtorIsmD__U}5%CYWQyJDpVh|1P1E~Ax7Y{No#fS8ni`jiG@ m)5TI6gys;0O@ov?xFLY#AWx9)DK(!5wf`R~q*%^;+5iAj!vYil literal 8766 zcmV-EBEj7siwFP!00000|LuKUkK8zt;JbfCz0I8$3owFYkX*DIFa}eX1q{Y7i+r2{ zKf9~X?edhXJ+t@gFGxw5l2WNm_qgpWyMQjIL{Y(rU@*QIRR6D+S08@%@AHSNkNM%l z-Tk}&x}vL>|NF(`Km6UhkFXWjFZ?SXe|>-Z_Wmcag)RC&-~QzvzxlWS@UQCaP1kSu zg=v4amE8ZY`NN0)x$1xA&A6M~D(?1w9N%hdns2@t)deyk}3vvpe# z{VT5jwf(P|fUten$=jBjW?W!8Vc^3+_>6MEEyz9Q%q{=ZL@(8GnA;Xzw4BM5IF$L(VXX1Jg^63hWNCFN}%KN>?B7!3Bh7b3C6 zj(`12OvK|BS!A%kilT#X_ju6BzxNOM-J>|@?0@8@C|>siz-#}*7S$FdU%ZOkqF(!- zvwweE9{f+Dz1KZ#y>RG-e;ti*(*wPk0L2kdTmpLiV*BT-a{q9(dvyD&|JSgBL|sDN zwX3V6yR=&zF3naBm$X&GrQYh{Qf+xc7y)L@yPqC^_Pk!-zPt+%oM$+9@d2QH<`EW5`6OyHOy4FWxeY3JOW^go% z@WF~7iTBO1^>HZob}WvEVm^grhW_)#!;MqWSpS#&mkIBVTX9JNS>pYp#dUU$4K+v6Kvzuf8AVEw9=c-@wbo5Anb zjD+K>kJql8F27d`9qtnUySOszcZShEYB|`iI8|!)<<-{>0c# zp3a`V8s9Hc!2`T#>Zks`^7n7k?MMGE|FdrvUCWEd|9PLU_})L<`FD>mSZ#i|fBP{H zkNM5J4uKc!Pdxnk8zaL0#O-|%2g6Mppoj4G{{H=b0KU3=9MN_+rsMU9t_jh1^^ISS zk@ojIxZMK&q28?Vn4e$2IAHuQFUBnFgzos*m2usGtG%|8DmFXB z=mcVPeRD3sW&+rp0Bo)Yhjoee-gjUgRE@b4)P3^_P8_!FUOk6L_Beq0uo1b07(cA8 z4R={xQv2SObRUl?mMJgx3vrG1xI+8z8_(f^I}NCI>L>gJ&W$T>Oy^%&^}dX_>k;9! zc7tX0c2s4-Sj)kDC4HJgfs+~qK3%1(OaNTyN?k{JVd22)%7K4p>8#_jAi(hZB^XYN zFjN^{#Yru-9^jX8$90SG_0Ow@*ouM@SlB%zc*7?a;cH6P%X&^1y0`keVQ*nv}D? z=_9w%s%+TL?swgr=>Pe#TN|a_Zgq{M_}?X1TV*DTRQpEcR_m79qKZk3)(;2br547FF? z^;W6*D{At}R>{8qr0sB({^j+m8rUkF1HomrQvorHpiOn-7948EiqS}ezWHt+vCM+D^vQv^Zw#KM^EtP6!frSVD@2r>)j=611N6R);dA)hEl)xk^#Ppo8kw zUI*!^y1RoFbyv;KXtd?N3{vlg(vzWd(_hN%+>?oVW7Rdi-*s*$91tOTBI-EZYaJP?dpZp$mI48qb?d}prDu;fU*&(rpZ&X^@)Ffz z;oZZ~rZ?3CEB3;M{VnqXhhC?mEj%lk#JB_;aZBCVv z?C0$~U7R}Di!$2vpL&YRLO&UH@at9c>s6iFVOZ(Tbg=oAn{zn1BD3spAIhxKO=k4@ zGOP5P?u`YRRqJV?2{tsA*%KKpMb{^Yqb1^~5l5du95v!-kvKY^I2sd2Cx|0Du^?H< zMv0&*a_h{3v(tYHCxF)tH9sHHe^rN!Q+Ie~Iv$tu@uQbdC!?_oQ1>{WNLea#J~QkD z@Ot)SvqWwoe>@`Btun(kX1Ft%v2OIMEUn@~tGH0Zh0erV($q3R$TDo2};p2f**sF(v0YuV6#+w66_{5{#wIbDPc8M;0j+LG(EoLtw_ohpw)SPe< zTfK9_^)$Jzmy_%IAi1vXVk&W;4IMJ;x@Fe2+3Hb?vy*LW7~#!Rafsq!m_TMsZ#l!%XvAC+V%g; zA>@3^s27iAsh*P8Bw{aNG!mzM!nOexc^K& zYB(j;u&nE9Xr$-*O3!vFlv_}Y?sq6gd$_x{woPRA+eGG56k{dI%!x8Hq6qg|u^Cxf zHnKD|vNSQWG#FWGMz)3%J0nX|BTLIhmJW<8(E_65F^45tFJ7I6^{syH<8rh8!_?_glv58oOb zWgEY*Y0+)5gayOp|@=&Xda4V0UJa>qfrT@8}C zetj?@6_ygS8R;7P?xtGm0k-Y9P_XDg<<>pP)6cr z!8#5mh=w41S1zz@9j8uFs}R^*vthe-aML>Bz9THq2c;AfpRcWmRgbSnsd+nkUTQG6?s}nwLeEPmhQl`>?#knB zy8q|9-3c49KVbv=6E?U%VI%h^Y}Ec>j9xozvrCu$>i^Ywg7%=xO+T^w12&_x5O#Vz zqaHUKAGO(?R5SaF`SBd=j_2$S+L(5}rn`XY@fGOKy>zC=-pqkeJ2N(Eb=|?U{Xv`M!#Hr{piO(UJDp z7j#R9YmhD8wDe+RwED-*7A~7C*}!%?h2pvon5OXiMS|UIPEOAChj+G8-ueIj?fqMh ze-57S3u9|P|0Dm#!$XGEcI*CXIAqvqfxbvu_cpvD%F{AB+gD$x#mZ|(f6P=F93K5K z?dXqL(i8RRaKOm4B=Zq>taY1>6wv&-|y_XVPW`r7g9^qykZF&?9_oWvMbbb^K zr_WA~FLpS?3LenYeSD;oaa(SkR72or#C0w7%XR;Lw!99wcYo0(%f+y_ez*Onae zlKb27HTO~P7RfliKB^4i+@q1lwjP=mnCxe~@E`6U9&@^VsAWRO^w5d1y2!s}5sqy- zb`@r;6=|nR!|s+Ehb`{uNJmxXiqgd?V_=mtcXTmf{P`&7=7AsX@a%Bg zn+ItJRa>tP%U#)jnJcx0j;#Q0-c^p^tNM7rmD;~%SMJIUL%D0$%0CC?uH30FcWo{e zbbW`aT}gYh6PF!Qn)d2>y3(^pn^vp-BrUwVM`S$Ko)ME`*LFKw={R42cw()~)s-Qa z*1FuS^$#ENLst{K2BTVrrB*SvMaR&audc4xY+frg*g>{2*S)aR;}Si2%)6OP@WWoP zWhdBjFW5>R_h8y)<}gRox>20S(fX7eG5SglOX?^N&|`mOpwq64l8eJ0x-M-8=)iSp zt$j(=Q7RVZ4Bw2)ulE?VT>eb#01Lobv3joc-zmOuP5&THvWR%+p^FUxtYntD3SYmL)VM?Q}< zgJZh{(k^AROF#`5vlNya`p-X|)V}L7&o<$VF9-Rg{?jizGDdl=>DOP(@bwoneEsF8 zg^#=}d=qBMA*5Y`>c|IRx|taz$EII@F~iqiO#AxFxMNEv?TWwlfLr@y%H_ajoQY!h zy_Y=_Lw>DmA0Z)!WT@=-riPBP?qnP=qidexFtD?JlVyT%OBhWjWysKVkH&Zm{G6Ug zZ^zp00yDby`K-u+rLteFeewN4N==D=QTH|U^ORn#)5YT{z4my;DpVI>uknYWhTXr# z{&FebsO0djT*~}aL&4gej%EJXbnMCzYd`;E-BLKr{MGFp+h0vHf680)i z^t9Fn=V+p5$y?GVvpEd7ZTjsiq{WIKLnl%>6&g&S9Xi(|XuCX)b_-rnpM6-5I@GFQ zsHLbwol``w>Ve{=R@~Ee+;M9)#In`x&8LLq31L=sLwc!oRCrITBezZE1=rcskykPx z>P)ZnZ%6Y9AG^qYcaXN;bORn#%f7g~JEKHkrue$=o-9JFChGBKw97nvAy9W4r1fH@ zzJhc;bgLoXcMyY zsu$L*4HV22YuC6|h}6DBFqzv~9nwyp8#t%vg${~dXszgl)NYtD-A$h7n5_}82<4a* zsio8ezj4!NHn>L(!dQGJ$&mVD%Y`&Um};TNb?aAkX`AJjRjI!0+b5qZtt;Zi3sr={ zOkQEJV2!l~3V~7}&{}2P72pP717hPgc4IcQ(Hpgq8*bf*7ZH;Q2qBvoqLf|-lu-u} zg7!tpcm+;x!0`)uBl%ysk+_ktkz#{xgLZ>vgS0`tLA61KiW`It3Vvq;b^~Suv;hX8 zHXvVEPZUu{6$msHWmPI#W?!;%=+Im#+$h*6v5{^g?M9l7q|Y<7OWs08l*xh%m=Yy| zgvMw>MM7RF+9>9X+9>%);h>ZekVqy$S&5``@;VDqoJdL*FB%T!4@biZk~S1+5@xHs zK#`FWMw^QA*1Lv=+bH`bkTJxhi^y!q*$0+_NI6z9F)8tsHJ)g_(Q2dRM&m}qMvE_j zSP(^k)kdlSDaBm83c>@JWF=)v4KcUTw&7+rn!XTXMdX4;7-z^y%#cF?7lAPIdi6*Z zF_Ig?4Z()QmqRR~0bWz&NCJ>VNtUI$gycYim1&BY`l7fo0!b>9=$M;DP%?&MAzxfb#a~(2SaB)XCRQmt`HoEwYOt1qC2OK9tobmw zSWS;r8!I;!F9TsfA4HNsR!Vv?Klp;nGOk@-_AQa0| zYm_lrH-zoRnhU}iVv;D7D;P1$;H5H|14S95ifool#o39Cbr*(qP*^LlrIf7sd9C?u zQXp@fS2+M&vBT!%#^J`n#Ubxgj9Ri+ok2Rm3Ql;G9=v0jNd{s=USBT$n1w{6A`7=P zuG-uL2DORoKeMF^4S%|55@dC`JbSrh zP0$l1GMj?QLy`u0nQ`c(va{Z1%XTZ0^u6N-!hTf`O%e+myOZoEutrGi;}pfQo5OT(Pf=s|Mk15ze@1*vFC)i;yhrnw$*M zLese*xAI zH;ZMJk_(x^|F}HNF-DOrD}kh9Ne)?{Ir?`hlFrJT*fCsQDE89Gn28;|s7a*6&Up!% zeTkYe)l#`mx^@4jE)D&Xr7uCHm|e^8LUc6&EuGADb0l=kujtZ6lc8Bxb5I%*`vyMQ ztQC-PF4Y9TDLonbDUd=LG;&mwj1$?jtL-slGSLeQDvQ)eVGzJDpaQ8-DwqoAvPm-z zLXkNWn<_Q|CVNAs4ytekqzG>=?2KTnjNy9tT0}nb*vwq1D`dj&UxnnzESe6N3FBaHiA*26bud{ z&wO!42&1VP2U)wyZ;f^uO3xmM76oD0mIYc2SGS$HY z4OWt~Zq6XxF-S9m+OO!Cq}-lK%6?uZDSoc?=gH21s)Sc0>otCHwOy-FT(Sl-1Xt^I z_$Tx7bch@$Tne`peZG9yGsnL(jw`Gsa9%5GvOp(viK-@DrEpmVM+YhwI+ZJ?9RH)$ zu67sBMi;DdkYXt*7pEypAw!Ub;~ixKo+-G0I2-A**%+iCXQU~PNMu#LWVDt!8z5$I z2M)m3Vxv88?O!shWtCXN0U1Z6NRs`|V!aS(L=dXDaw)7nQ_Ws7tEtwTWevpz#o?cd zfrvw%6jc%~>R!h(B0##YBL%YGlV2M+@^OM#&1YprM44+fa`c&FB&)4ok?$9r}PbH(<1 zH~TIj3!e0vEMbYYq&*skP8Tl}1bZ=j{08j4q8Oq;X|l$EXmcutomQ=k;0f^MVtD-x z7=9>VN|0>aPzk~)iY!{jl8Z2g4O_=+#unJ*a%2UJ^>=3Zs}Yhm32A(dnri0L+Mqbv zhh#~bo<-PL1dJRocF(r|-&p@T)FXFNS!W`IoTO*x-`mJ5PI^n1!|-n@%ks?hFVA$r z43GvzP5>!6W6;Iu1G?mbD}$vQGri*c?B_1z3RIK+7sSbLAZkFiQtYXDD}w`)IR<02gAj94 zE>b%1WUcrfy;+qZ`eGy+X`;vg%r=%g%>pWH2?Lv4FO>C~0T_DrYX9Am`ojKI5K^GP zVq%Jb$&*g4-ln8*obk^#|Hz6@#s$n4Qzj--lNPm1QPq<{B6eTtu-wzaQ&^b5^HtB0 zcr770k&WTiNvdd@C~B*&pwYsd=IQvV6)-6Xqk(^dHo|ETN%Cci94ZtYM|d7Tss6P$ z@v?*DwG+Jhtdpr8DATbpX>2Hbt#;edK8EDhv1V?A?IRJu3l}#D!CGMR?hw|{yYU`8CgFvsTtY$$IQ0Ap3AcVWbi3~ zOTVA+3-`j=39Jdt6m*OwI2no8LMd#BsmQ4F?W z>g1p<>?If;cIKn9m_-U$K>K8j=cep})a+OFOSc}qwC+-HhWhafX9TmCZMoHgM2b#X zRs9tid!z2;P{QEahoiv3r4WEQ)*N>ckWvmMD0C)k18sjmV!2|q!Xq&-ei!*=`C*|3Mhf839k4)W4LUN*?fhP`6`tB6!g7?pZJn3oSYs$7&JvvbF$ z4A`*~|5rVMwD_~@d$(fBBuM`dn>h?vc-($i$;XLE4e2{1Ti{huFq*6ltc!yR|aEz`s z2SBz!lI*Sc{(Dhh6Gf|&iypi&0aZvEqcbKJHj`SIkYzpCjl68WGMW^!sh^%RY><3N zS$I=aNscv&35a` ztL|szPhTH-4soNF(uCxLH)OodWFbpw*{(aJraakxAsaB(@cdWr<%JTXSYRYekBel< zF!#x`X;0d-lKdE#=e^hEJ0?b~lmf z5+#x-Xf%|XcU2x20L$r{h!sY{MeqY075@2g0qe>ZpFT$nFE=F;t zewK+O8|3y;Uwzp$2uv{)=be^<6`f&NDZ79ala?W+hR!@Q!ijHRmjMF5AQqsjxkE7XSO8pu}=xAZsnqg~(t?RvhGV~dC!9(#u zbD*1qF3v@1bu@-#{r-Gt(FE0$5yPzb62l~hNer`YqgRzp;&KVpNe~;HB(3w_rlb@? za%4>kQLCbwS~mQ?;r9)XLp%=Ir%P}W$%9pfjch%Xs)Y(A+u{p5Q6~D%iMI^DCNgST z$S{1v@GG*WGDChl%wYKJ30q?`WFfTi>>As`YngOl%K#lS;QL`nv=WK^&A__3c;~!g z?^9p4X0VQ}P0uY+&nhWd6kg5r0w3RXP`(OyTi0q@YfS|R& z9P!p-DbXdLJ!!f^$G~mfPhjAdf!p5fS^a%+$_7WF9#^3vY!oK2u_=m@u&iy_ack?z zF|78>upGm3@cl8WZm%n8Y!Sj(Z;PrY&pk&SDJNI7>lj7P%&N>%Qklr%OtQg5_Bjm% zcAYiqpn3VZPD^v&XNC=-lasbY(AuM_g;dd_HyKpS%5(74Gt53SZNfBffI_MNzYgo9 zQ_hs)W7S%~R?l|18OcB-1CgTcA@g7iSRZKUQnJs0Dh5Kc>Ooy1lM3+Ca=9B_s75=gx|O zs#=q%p1J?IxbLlzzC`Z>*3Yz}%tmRFQOT?f_MgZaxIfO*JnQ3A`#wec>}6sXpW{le zvuEGbC-zxQVz0H;oJw8);As+=lF~7WQ2+PI+SUKNZ%Q({6l^WC&c2l goto BB7 | True -> goto BB5 end @@ -224,7 +227,7 @@ module Hillel_RightPad [#"../hillel.rs" 25 8 25 11] _23 <- Borrow.borrow_mut ( * str); [#"../hillel.rs" 25 8 25 11] str <- { str with current = ( ^ _23) ; }; assume { inv3 ( ^ _23) }; - [#"../hillel.rs" 25 8 25 21] _22 <- ([#"../hillel.rs" 25 8 25 21] push0 _23 ([#"../hillel.rs" 25 17 25 20] pad)); + [#"../hillel.rs" 25 8 25 21] _22 <- ([#"../hillel.rs" 25 8 25 21] push0 _23 pad); _23 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB6 } @@ -404,6 +407,7 @@ module Hillel_LeftPad var pad : t = pad; var old_str : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var c : Snapshot.snap_ty usize; + var _19 : bool; var _20 : usize; var _23 : (); var _24 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); @@ -434,11 +438,13 @@ module Hillel_LeftPad goto BB4 } BB4 { - [#"../hillel.rs" 43 10 43 19] _20 <- ([#"../hillel.rs" 43 10 43 19] len1 ([#"../hillel.rs" 43 10 43 13] * str)); + [#"../hillel.rs" 43 10 43 19] _20 <- ([#"../hillel.rs" 43 10 43 19] len1 ( * str)); goto BB5 } BB5 { - switch ([#"../hillel.rs" 43 10 43 25] _20 < ([#"../hillel.rs" 43 22 43 25] len)) + [#"../hillel.rs" 43 10 43 25] _19 <- ([#"../hillel.rs" 43 10 43 25] _20 < len); + _20 <- any usize; + switch (_19) | False -> goto BB9 | True -> goto BB6 end @@ -447,7 +453,7 @@ module Hillel_LeftPad [#"../hillel.rs" 44 8 44 11] _24 <- Borrow.borrow_mut ( * str); [#"../hillel.rs" 44 8 44 11] str <- { str with current = ( ^ _24) ; }; assume { inv3 ( ^ _24) }; - [#"../hillel.rs" 44 8 44 26] _23 <- ([#"../hillel.rs" 44 8 44 26] insert0 _24 ([#"../hillel.rs" 44 19 44 20] [#"../hillel.rs" 44 19 44 20] (0 : usize)) ([#"../hillel.rs" 44 22 44 25] pad)); + [#"../hillel.rs" 44 8 44 26] _23 <- ([#"../hillel.rs" 44 8 44 26] insert0 _24 (0 : usize) pad); _24 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB7 } @@ -457,7 +463,7 @@ module Hillel_LeftPad } BB8 { [#"../hillel.rs" 45 8 45 37] c <- ([#"../hillel.rs" 45 8 45 37] _26); - [#"../hillel.rs" 45 8 45 37] _26 <- any Snapshot.snap_ty usize; + _26 <- any Snapshot.snap_ty usize; goto BB3 } BB9 { @@ -998,13 +1004,13 @@ module Hillel_InsertUnique BB5 { assert { [@expl:type invariant] inv0 ghost_vec }; assume { resolve1 ghost_vec }; - [#"../hillel.rs" 85 13 85 23] _18 <- ([#"../hillel.rs" 85 13 85 23] deref0 ([#"../hillel.rs" 85 13 85 16] * vec)); + [#"../hillel.rs" 85 13 85 23] _18 <- ([#"../hillel.rs" 85 13 85 23] deref0 ( * vec)); goto BB6 } BB6 { assert { [@expl:type invariant] inv1 _18 }; assume { resolve2 _18 }; - [#"../hillel.rs" 85 13 85 23] _16 <- ([#"../hillel.rs" 85 13 85 23] iter0 ([#"../hillel.rs" 85 13 85 16] _18)); + [#"../hillel.rs" 85 13 85 23] _16 <- ([#"../hillel.rs" 85 13 85 23] iter0 _18); goto BB7 } BB7 { @@ -1081,7 +1087,7 @@ module Hillel_InsertUnique } BB19 { [#"../hillel.rs" 84 4 84 111] produced <- ([#"../hillel.rs" 84 4 84 111] _33); - [#"../hillel.rs" 84 4 84 111] _33 <- any Snapshot.snap_ty (Seq.seq t); + _33 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv2 produced }; assume { resolve4 produced }; [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] e <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); @@ -1089,7 +1095,7 @@ module Hillel_InsertUnique assume { resolve7 __creusot_proc_iter_elem }; assert { [@expl:assertion] [#"../hillel.rs" 86 24 86 57] e = index_logic1 (Snapshot.inner ghost_vec) (Seq.length (Snapshot.inner produced) - 1) }; [#"../hillel.rs" 87 16 87 21] _41 <- ([#"../hillel.rs" 87 16 87 21] elem); - [#"../hillel.rs" 87 11 87 21] _38 <- ([#"../hillel.rs" 87 11 87 21] eq0 ([#"../hillel.rs" 87 11 87 12] e) ([#"../hillel.rs" 87 16 87 21] _41)); + [#"../hillel.rs" 87 11 87 21] _38 <- ([#"../hillel.rs" 87 11 87 21] eq0 e _41); goto BB20 } BB20 { @@ -1126,9 +1132,9 @@ module Hillel_InsertUnique [#"../hillel.rs" 94 4 94 7] _49 <- Borrow.borrow_final ( * vec) (Borrow.get_id vec); [#"../hillel.rs" 94 4 94 7] vec <- { vec with current = ( ^ _49) ; }; assume { inv8 ( ^ _49) }; - [#"../hillel.rs" 94 4 94 18] _48 <- ([#"../hillel.rs" 94 4 94 18] push1 _49 ([#"../hillel.rs" 94 13 94 17] elem)); + [#"../hillel.rs" 94 4 94 18] _48 <- ([#"../hillel.rs" 94 4 94 18] push1 _49 elem); _49 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); - [#"../hillel.rs" 94 13 94 17] elem <- any t; + elem <- any t; goto BB25 } BB25 { @@ -1498,6 +1504,7 @@ module Hillel_Unique var unique : Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); var sub_str : Snapshot.snap_ty (Seq.seq t); var iter : Core_Ops_Range_Range_Type.t_range usize; + var _10 : Core_Ops_Range_Range_Type.t_range usize; var _11 : usize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced : Snapshot.snap_ty (Seq.seq usize); @@ -1509,6 +1516,7 @@ module Hillel_Unique var i : usize; var elem : t; var _32 : usize; + var _33 : usize; var _34 : bool; var _35 : (); var _36 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); @@ -1528,12 +1536,14 @@ module Hillel_Unique BB2 { assert { [@expl:type invariant] inv0 sub_str }; assume { resolve0 sub_str }; - [#"../hillel.rs" 107 16 107 25] _11 <- ([#"../hillel.rs" 107 16 107 25] len0 ([#"../hillel.rs" 107 16 107 19] str)); + [#"../hillel.rs" 107 16 107 25] _11 <- ([#"../hillel.rs" 107 16 107 25] len0 str); goto BB3 } BB3 { - [#"../hillel.rs" 104 4 104 48] iter <- ([#"../hillel.rs" 104 4 104 48] into_iter0 ([#"../hillel.rs" 107 13 107 25] Core_Ops_Range_Range_Type.C_Range ([#"../hillel.rs" 107 13 107 14] [#"../hillel.rs" 107 13 107 14] (0 : usize)) _11)); + [#"../hillel.rs" 107 13 107 25] _10 <- ([#"../hillel.rs" 107 13 107 25] Core_Ops_Range_Range_Type.C_Range (0 : usize) _11); _11 <- any usize; + [#"../hillel.rs" 104 4 104 48] iter <- ([#"../hillel.rs" 104 4 104 48] into_iter0 _10); + _10 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB4 } BB4 { @@ -1604,10 +1614,11 @@ module Hillel_Unique } BB17 { [#"../hillel.rs" 104 4 104 48] produced <- ([#"../hillel.rs" 104 4 104 48] _28); - [#"../hillel.rs" 104 4 104 48] _28 <- any Snapshot.snap_ty (Seq.seq usize); + _28 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../hillel.rs" 108 26 108 27] _32 <- ([#"../hillel.rs" 108 26 108 27] i); - [#"../hillel.rs" 108 22 108 28] _34 <- ([#"../hillel.rs" 108 22 108 28] _32 < ([#"../hillel.rs" 108 22 108 28] Slice.length str)); + [#"../hillel.rs" 108 22 108 28] _33 <- ([#"../hillel.rs" 108 22 108 28] Slice.length str); + [#"../hillel.rs" 108 22 108 28] _34 <- ([#"../hillel.rs" 108 22 108 28] _32 < _33); assert { [@expl:index in bounds] [#"../hillel.rs" 108 22 108 28] _34 }; goto BB18 } @@ -1621,7 +1632,7 @@ module Hillel_Unique assume { inv2 ( ^ _36) }; assert { [@expl:type invariant] inv3 elem }; assume { resolve2 elem }; - [#"../hillel.rs" 109 8 109 40] _35 <- ([#"../hillel.rs" 109 8 109 40] insert_unique0 _36 ([#"../hillel.rs" 109 35 109 39] elem)); + [#"../hillel.rs" 109 8 109 40] _35 <- ([#"../hillel.rs" 109 8 109 40] insert_unique0 _36 elem); _36 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB19 } @@ -1633,7 +1644,7 @@ module Hillel_Unique } BB20 { [#"../hillel.rs" 110 8 110 50] sub_str <- ([#"../hillel.rs" 110 8 110 50] _39); - [#"../hillel.rs" 110 8 110 50] _39 <- any Snapshot.snap_ty (Seq.seq t); + _39 <- any Snapshot.snap_ty (Seq.seq t); assert { [@expl:type invariant] inv0 sub_str }; assume { resolve0 sub_str }; goto BB10 @@ -1641,7 +1652,7 @@ module Hillel_Unique BB21 { assert { [@expl:assertion] [#"../hillel.rs" 114 20 114 88] Seq.(==) (SeqExt.subsequence (deep_model1 str) 0 (Seq.length (shallow_model0 str))) (deep_model1 str) }; [#"../hillel.rs" 115 4 115 10] _0 <- ([#"../hillel.rs" 115 4 115 10] unique); - [#"../hillel.rs" 115 4 115 10] unique <- any Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); + unique <- any Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); goto BB22 } BB22 { @@ -2098,6 +2109,7 @@ module Hillel_Fulcrum var min_dist : uint32; var sum : uint32; var iter1 : Core_Ops_Range_Range_Type.t_range usize; + var _36 : Core_Ops_Range_Range_Type.t_range usize; var _37 : usize; var iter_old1 : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced1 : Snapshot.snap_ty (Seq.seq usize); @@ -2108,15 +2120,18 @@ module Hillel_Fulcrum var _55 : Snapshot.snap_ty (Seq.seq usize); var i : usize; var dist : uint32; + var _60 : uint32; var _63 : (); + var _64 : bool; var _70 : usize; + var _71 : usize; var _72 : bool; { goto BB0 } BB0 { - [#"../hillel.rs" 157 25 157 26] total <- ([#"../hillel.rs" 157 25 157 26] [#"../hillel.rs" 157 25 157 26] (0 : uint32)); - [#"../hillel.rs" 159 4 159 60] iter <- ([#"../hillel.rs" 159 4 159 60] into_iter0 ([#"../hillel.rs" 161 14 161 15] s)); + [#"../hillel.rs" 157 25 157 26] total <- ([#"../hillel.rs" 157 25 157 26] (0 : uint32)); + [#"../hillel.rs" 159 4 159 60] iter <- ([#"../hillel.rs" 159 4 159 60] into_iter0 s); goto BB1 } BB1 { @@ -2155,10 +2170,10 @@ module Hillel_Fulcrum } BB7 { assert { [@expl:assertion] [#"../hillel.rs" 165 20 165 56] UInt32.to_int total = sum_range0 (shallow_model1 s) 0 (Seq.length (shallow_model1 s)) }; - [#"../hillel.rs" 167 27 167 28] min_i <- ([#"../hillel.rs" 167 27 167 28] [#"../hillel.rs" 167 27 167 28] (0 : usize)); + [#"../hillel.rs" 167 27 167 28] min_i <- ([#"../hillel.rs" 167 27 167 28] (0 : usize)); [#"../hillel.rs" 168 28 168 33] min_dist <- ([#"../hillel.rs" 168 28 168 33] total); - [#"../hillel.rs" 170 23 170 24] sum <- ([#"../hillel.rs" 170 23 170 24] [#"../hillel.rs" 170 23 170 24] (0 : uint32)); - [#"../hillel.rs" 176 16 176 23] _37 <- ([#"../hillel.rs" 176 16 176 23] len2 ([#"../hillel.rs" 176 16 176 17] s)); + [#"../hillel.rs" 170 23 170 24] sum <- ([#"../hillel.rs" 170 23 170 24] (0 : uint32)); + [#"../hillel.rs" 176 16 176 23] _37 <- ([#"../hillel.rs" 176 16 176 23] len2 s); goto BB12 } BB8 { @@ -2175,15 +2190,17 @@ module Hillel_Fulcrum } BB11 { [#"../hillel.rs" 159 4 159 60] produced <- ([#"../hillel.rs" 159 4 159 60] _24); - [#"../hillel.rs" 159 4 159 60] _24 <- any Snapshot.snap_ty (Seq.seq uint32); + _24 <- any Snapshot.snap_ty (Seq.seq uint32); [#"../hillel.rs" 161 9 161 10] x <- ([#"../hillel.rs" 161 9 161 10] __creusot_proc_iter_elem); - [#"../hillel.rs" 162 8 162 18] total <- ([#"../hillel.rs" 162 8 162 18] total + ([#"../hillel.rs" 162 17 162 18] x)); + [#"../hillel.rs" 162 8 162 18] total <- ([#"../hillel.rs" 162 8 162 18] total + x); [#"../hillel.rs" 161 16 163 5] _18 <- ([#"../hillel.rs" 161 16 163 5] ()); goto BB4 } BB12 { - [#"../hillel.rs" 171 4 171 58] iter1 <- ([#"../hillel.rs" 171 4 171 58] into_iter1 ([#"../hillel.rs" 176 13 176 23] Core_Ops_Range_Range_Type.C_Range ([#"../hillel.rs" 176 13 176 14] [#"../hillel.rs" 176 13 176 14] (0 : usize)) _37)); + [#"../hillel.rs" 176 13 176 23] _36 <- ([#"../hillel.rs" 176 13 176 23] Core_Ops_Range_Range_Type.C_Range (0 : usize) _37); _37 <- any usize; + [#"../hillel.rs" 171 4 171 58] iter1 <- ([#"../hillel.rs" 171 4 171 58] into_iter1 _36); + _36 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB13 } BB13 { @@ -2237,20 +2254,23 @@ module Hillel_Fulcrum } BB22 { [#"../hillel.rs" 171 4 171 58] produced1 <- ([#"../hillel.rs" 171 4 171 58] _55); - [#"../hillel.rs" 171 4 171 58] _55 <- any Snapshot.snap_ty (Seq.seq usize); + _55 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); - [#"../hillel.rs" 177 19 177 44] dist <- ([#"../hillel.rs" 177 19 177 44] abs_diff0 ([#"../hillel.rs" 177 19 177 22] sum) ([#"../hillel.rs" 177 32 177 43] ([#"../hillel.rs" 177 32 177 37] total) - ([#"../hillel.rs" 177 40 177 43] sum))); + [#"../hillel.rs" 177 32 177 43] _60 <- ([#"../hillel.rs" 177 32 177 43] total - sum); + [#"../hillel.rs" 177 19 177 44] dist <- ([#"../hillel.rs" 177 19 177 44] abs_diff0 sum _60); + _60 <- any uint32; goto BB23 } BB23 { - switch ([#"../hillel.rs" 178 11 178 26] ([#"../hillel.rs" 178 11 178 15] dist) < ([#"../hillel.rs" 178 18 178 26] min_dist)) + [#"../hillel.rs" 178 11 178 26] _64 <- ([#"../hillel.rs" 178 11 178 26] dist < min_dist); + switch (_64) | False -> goto BB25 | True -> goto BB24 end } BB24 { - [#"../hillel.rs" 179 12 179 21] min_i <- ([#"../hillel.rs" 179 20 179 21] i); - [#"../hillel.rs" 180 12 180 27] min_dist <- ([#"../hillel.rs" 180 23 180 27] dist); + [#"../hillel.rs" 179 12 179 21] min_i <- ([#"../hillel.rs" 179 12 179 21] i); + [#"../hillel.rs" 180 12 180 27] min_dist <- ([#"../hillel.rs" 180 12 180 27] dist); [#"../hillel.rs" 178 27 181 9] _63 <- ([#"../hillel.rs" 178 27 181 9] ()); goto BB26 } @@ -2260,12 +2280,13 @@ module Hillel_Fulcrum } BB26 { [#"../hillel.rs" 183 17 183 18] _70 <- ([#"../hillel.rs" 183 17 183 18] i); - [#"../hillel.rs" 183 15 183 19] _72 <- ([#"../hillel.rs" 183 15 183 19] _70 < ([#"../hillel.rs" 183 15 183 19] Slice.length s)); + [#"../hillel.rs" 183 15 183 19] _71 <- ([#"../hillel.rs" 183 15 183 19] Slice.length s); + [#"../hillel.rs" 183 15 183 19] _72 <- ([#"../hillel.rs" 183 15 183 19] _70 < _71); assert { [@expl:index in bounds] [#"../hillel.rs" 183 15 183 19] _72 }; goto BB27 } BB27 { - [#"../hillel.rs" 183 8 183 19] sum <- ([#"../hillel.rs" 183 8 183 19] sum + ([#"../hillel.rs" 183 15 183 19] Slice.get s _70)); + [#"../hillel.rs" 183 8 183 19] sum <- ([#"../hillel.rs" 183 8 183 19] sum + Slice.get s _70); [#"../hillel.rs" 176 24 184 5] _18 <- ([#"../hillel.rs" 176 24 184 5] ()); goto BB16 } diff --git a/creusot/tests/should_succeed/hillel/why3session.xml b/creusot/tests/should_succeed/hillel/why3session.xml index 2fab57c547..d768271e21 100644 --- a/creusot/tests/should_succeed/hillel/why3session.xml +++ b/creusot/tests/should_succeed/hillel/why3session.xml @@ -10,12 +10,12 @@ - + - + @@ -152,7 +152,7 @@ - + @@ -200,88 +200,88 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/hillel/why3shapes.gz b/creusot/tests/should_succeed/hillel/why3shapes.gz index 0e91db8a857bf3d498bdc904550ca483a4ba0c5a..16937cf781d53f6db266a8c1ed9f6c04a7f61eff 100644 GIT binary patch literal 7317 zcmV;G9BShqiwFP!00000|Lr|%ZydRi-}Ni>?e5lCfK_}S)(Z@b2ra-!fV-eSX24hP zYERZUlDygc`zw=L6_@XP0s-&Z~0KfRt!aGKxvq1jK zS%hue&mRE$iBTih9kWNUAfzbw7=j#w8&b7 zDme%%2qIgRBwF+g;82t*WZbKy*SmCI#$cHeSE2SYg}5qH8L`#jS;STcov}e?y$I3O zX`TjEdaccIO{5*HI9T^^w+s8d!49i=(Z0IucK4U}H^2P)xP9y5sumJYYaub$LdP_V zd(nb%KOTpFO019Q5mWTYiJe*Xh*?ohwpVfXL(mz3+f{)&Iebk4i1QS{6R4dWbzA}9 zpa5`C0Qf-)09(|(0?-ErN)6jkAKl_K)~s!D_hW8609YnklK{lBj}8XWh%)~{!-^ol zY0a{_>DLFH&?k77KEW@bPe=e>7H-L_Qj+d2{i8*Z-`qQbtHgg~=qTKa0E-%al?7$% zckk}v!=PYpQ&;uN;D@lu56QmI&BONLoqtG=Bp^j+wb=4r@c5?oBdyXyt6jHm-#z>~ z0GxSKP~54$JadTvC!Yvl<`l8XE3(-uTKB~Cfer+5(5IknT0Outtr?26J%*wp?q7|r zAi&HQ#B~&?Ctu?5@<@l9NdF#1FE?NJ3TF6)%OA*S?pt_Uj&m$g}E zPBk!RC)DO%v93)v*RNTU_u%(ZiE3}RnSQ%bQ_n^=lx$X(rT4qLo4>zHYzC6K-&43K zGCh`*OSkDwX2{lLec}H4?(J=27lSQfR6n15A6#`-_ABR1sqh~j()}ZaQ+cLee%(Dh zZgamp;SVD&Y-+i9{O8+rNp3&O-X3(lY;X`R`B}7ZJ%ddT(T6|fa+udy}EU1DyH@8Zvd z-L%eozWxa9w?kPtYap2rb}%&WCeDuI1N~m&?5bz=4{poZ*>uCuzpf3qzYVWck9O8d zU2_GggY8WmYUu&a@9yt+|48va-uz!4PMx}&J9nEK>oDs3%7xt<+G39>veM<%_RqV! zG()q__i%If3-#LFwH$h2ueSfYdy`r!7b*N*)Kb6xvfxl~Aq7#Pj*V*3)l?D}YU0d& zT-YJ(uzPxTh>;zAEjLDm zg@_NDyyfWjhf!VGqxi%g#jB5*m!HFS3P7miaWo2!{G(Vu_s|cRP@S|bO_8ob3e-?pW^VdW z^{@Bu(!x*(ntJ{=4XGmr@^bY=Nq#H!X;zzN#u)akB^h<{RepEXlQ`3Q;Gj`g?IoUP z_wbm-?8(e58L1eQ-ryMZ&K)^Hj|BPQ&`~>tx)=&8PGeTR#lfN#o;<8qU1j>?<~?TI zEN9$|3VX98YBM>en>~}YnJr>}o|QI><=%{9P(_Fsck$|RZ)%w4hQpJEGmOn${J{0?t5$vI^JKno* zJ=aq{wy6dXXZPNVf+!Z)tRk2D?&Eg$_`RML+-B7zP~-JNtF}^9Wl#!7?lmMorckN6 z;#9OLz0p{LuvDdaY|*4`jic!Cr_ztN693d|QY!YUv>;BJG}ru4`<_sx$2c@7tX8N= znp#=$B%I+)6?y_Tu*%=ev0NCm=fDlMiimDiuOUles>Puei+*fXVW#5iN|OLAUkf+s zL6g@K98sECnJl$stJqvkwo>+}T{fKj7Sm$9T?=MziDZW$ zRX9|^;ux3@Am+deWWImmT#tr94S>{i77TiJjd6nfd`5lp*uHeg$M*IZYo;Uae0jTi zzX*DS4>>K23SzL+A}xp4O}sWxo5s?6Qsq(0-@5T0D`3}o+6AREMC!nO}zfC?jNG|F68jibzFC}g=&WTJGru2s62KBdZaEj?Rh z=|OtC+|JWWZ()=iY*)=?psrI>F@~ctqLzHqJGQ>A_eQ1LV9B@|(d1+~ud9VnVlx!3 zSHi=;k!!KIugX)exY?!ep64ac9>3SKf?Hdl!I1VA)cyRj<$+z_xbn>Zl8w)I-yHMZ zcUD*}8G=^iG>n!+=uhtFoV?INU{{&b?V#=2qB~oX%6POSBnbwW?=KYj66S)Bf@L zNXLpw?p(3iXYt_7ELqjpiv2oKJf_Tx!E{zuysS;NgtKe=a_C<2%VvP&s56Ua^)fq8 zH#`QAAB-hA@C#pHX-$@f;1&#Y$-Eac7dqR8{i6~_L0 zzfb*yl9g0yhGZ{uJp%!37(N4=VY0PI_qgPboN|wAf=Mi#EaCk@ z>vd%r$km({wc^IYn2@pTzL&quYt=G+c{yU9yj=XtW%H0_r$r~^nHaxvTr&Mg&fB66(v zY)4;f_v;8rQ}G|Q39qWFG}TfbIGkqcD&1vUlf|R|7PeHdNyUkt{6*&?@@EY$Ap%VA zRk3Cd@uy|OV14^<3nqa3*((n#9(Ha4#@NML#$q0s+5EVBbho*+_yk8ay!XgW$zUF#1 zYb{wQY|KKzKIs7tvryQOg@VuzgZ(TNc03D(%?`2z_Q1w06tH97lbz>_5e@|xuwxd= zr{d^K_vYqqdoxII1(~bj&BNozFZcUFIwgP~4~Yg=GFSQxws*^Qy&qP@?f=O$_9PwlSwEj*;2Tl>LCd&Y z#|&kECGyq$;I3pDTI1_x0<`RSIODP9F6Ll$u?oNwNdi3`=RjHQ^xGakKTHkcK11Oc zN0*#}6R?hVJZB5RS?oBUajWoJQBESoTGr4IstbPAZxPaw65m7OaTw8S_o7nkdv1VP zbJo)mM)h86>2aXmsZ+1sCHBK`$PSbXMPDKADSGH~EJ`?$DF7$)D9_0mfYnS&d=Fw)avIM_PYoEq zjB-EDPmV{UKdZ}z@`4KKmvn!*`#s%vv^jIOT%Rz|d$4&JPI_%KIJP*LsNr+HsdN5! z*6*fIjZ!7sf*y-o{-5SJ?c=zZwltP(v_aeM#v?p9ZvVIC);>S_%%d6X9h}Fb&1s%* z4i;%MTltz(M2{l4JHC+1omfiZ4j1`OB8$;DT)R?JPKbn_It}}3@k#p*XZcQxbwcgQwp;kR@$H5WEUU2vHOujUi89`#}5hz_yDrzAWv%O;y_7Vd=4eIAC2IX@!j!{ zd5;BnYac7{V?HRJ6=UG37>}PFs;p1;+jPS69-p{?{fN&lC@$C^_Ef|)512lDUUBB< z9;XUM!!Yz$v*c$kt_aylizY2Rhs?z+N|ae*wb013!XD2kiw(Aa9#=d5UzZz_yv4Ilq%K$Qoo zSx8K)VbO~7zaVhB=j&pQ^BU-U6*K=s1lrDh1L{)HshhGm&{j&hG3N=r;wV65fD}o9_xLPObFfnx;u3OpsO9C1+<=xsbCB=%8cT13R zsTbCocWcFPC*Qrh4fpTfTwHLTjOk*CLRrQkbi@)1w)2)pG%Q@2MmMUFjc9m-4K(aR zqDo#x1R1O~3_4{xosvz0iC~Pl1ZaSbgKQZjm^CIEn_`0CASmfkp-f%};e7I!AR7=3 z@P?d46RbxQd_%ZAfryvdc&aMqx0&@`wU zR1L}oMT0~DHV6%}1_&$DfNnrt1QDDU5u#wSlVnFUYJeD00523%mx2fpjo^*IMnEH2 z!|kV;8U@ksi38dRZ5m79Xe)q_g0Fun;WwMzMl9&JRvm;}YWXPCwELzQclBm6B ztfNg~td_CxgfJ0b5T!2AJ_Dz@Qk|1rF=;&40jy+!B~wtM4JW@SRyqcx{b@lm$z$-T z^Aa#6N4r~j&;={~uRx5^j@HT{xn;*G*aL8DkBZ6nQ>M$#ga ziYG^6#)L^|Qb>qha-f7ZhFvO|5mVw{k17L8I}vy^q#t>wEGlI~u))S8J7Y4cO8vWF zOY#^%a1B0aZ9RhF-f53U3yZ~#n&aWc1elOdYy$< zo5rw4+g#AP(W=q1(W243(b#BcH2b%pMS4yWO#~!oNN4fH1q4jW39{fRuxwHdZwxjD zo()ktc`{NExq%pEw1!?JBi9L2h+QbQ(hx1WF{&{{pm=^XlHv7+Y@YR^Bgu=MW)z5n zcF9H?c$aAu&!0?+;*vBvk)MMUHh@7MoiqrDiky&QAS`Q)ecohRE{Uu_g!)d3sALqV zI<%Uc@J@u-s}zfkg=aucu%uRublzyA&@o492Dt5IY*0VN#E#7Dg{A|VloC_3)y5dg2hg9$E3F`x)@_H z6fSle0!1m=ZUDdMsD%m!|djF1Bo zbz*>yic_=`r9yIzJS1J&V7>)bc;0d4bO&UpQUq_%q4Y{fV{J!nVbKHmyai|+vtK(q zbOK8uh~vR^+OYsCMx_jyG!humVPyxA4frjwMf&8lMj1Mwpe!iTBCg|1(?$Xvg}DSE z`tu1}K4Sa!_=6&Lh9VHzg%A=LnIyUGNs=qUF(02){^)O+N8qiAf}(uS3`J|!S)LMk z$Q@Z<5j6HZq7hI6=Wm={Dx^e=VnHTy)l%prVj>B1(FAAmp>eO6@ta^r=PdIg#!iyw z!pKoK#w3?xM&e0CcA%KQ5w;kP3dyBQN+o7Pr?Lh2$hku%MLpk#9914{qi=&j(P&5l zq!kp}C@-u5(#pz8Z#r^%OCV0u0m8SZ5RE`3kWDSfkU!LK2 ze&wTrll{V6Oe>Jdb<%43S7}vA;_R7`r68v_XboML$etO{s5>;| zT60EW2z#bv0k~v+a9#x?w22m(cP0j{EEmG|0!UDwA882QfEAr{6fu*(DovzUExmFw zdXY0zNS_cQkdK`t4JM2r`?G`=5MGdNFChnn9T0jz_(3+pgdq@$KsW-=?4f>KT#)59 zQE?H4H;R+19CQQ`t*0rY!SKl^)Sf%(T#NyIB&FJs3xUaK4}xTrCz_BtN^t?sJBg5j z@gZ5GWY)vUqR@%F43<06475ZbX$DDVmJ#cMF&lqtmx;!BM_e@I3-A}cU?e3=%^^Qi{KonQ1P%|1Q#VKbc;F#8mK!FoJ=Ap zA&g8ZDj)NuIgqW)do}ML_SrGg#%h%LFx-QT$;b}LgF^w)lZ0~BCmnoQq@dH*dJMvQ zfi9mYvAku-S&0!9_{t{y@`%w^73jU9y&FQ8G|9E_h%72n+#NF&G5)VXj#Llx-Wuyj zg;9k?Ppd1L0@3BGjvT!pd2kdH(~nd&ZGNQ9k1T8Jj3dD%9}dWg1DmnW#E36RK`_jc z6Y5zay_Nsvq~B;J@=L)BK5SK_5DS6K5Ba3X$N({YHdSAa8WtT=5TPvSXgX5EOh{T3 zE+kn%ZfvFoDR4vz91-xDPzAONkpf~eDWu80kR)LciJnde$t_l@J#?W`kTNZ8=YA%!L{(o1q@ z3)SK)q}-$glDsXhyPRn%V@_DfmenvBxUKp*2ci^-($KGy3HhWhlKR%pq2`IUJ36JE zbzC~5r7Y%`B2=UZl{iH|qL3m~ay#fpR8Z`WJoh0=bNHU)cYN+#5kTgvGm+(-WNoEL zTu?+sRy;V{DJ%ykq!8&x=!;y=rxip31@}n7Jq0}UW9w}DD%fN#L(c+3tCb*Dc^yfT z61SZ}a(H}YQ$=1|to|tifq8 zW~Kh^vMgC`j8TTd_YjpKDO6SmQv4cS^r>ij4d1!8v<9Tigy=dT9p`-l^eJe^LnJnI zkYe4l8o#q`89_MhQqHSMV604`Bfk>KG)OJ;w+go8CZW!(EDD6|Z^6JDqDSZH#6zR;t0t-kv-PqN)5t71q*uqR}lja>4`ILR&1Z-qFI z?S#bVV>|S$|C-n?xMLw&ng6H&hQPbPMMz|~G#9A7I#b%Ij*vnF-=+Tj^mT`UxGA;Q zBA*^x?6?j|pm)sZ=zI3d?>hS=8x=`z${A-m8KVeJ7O`%%cZEy#vLmObz-nCsUQLKE8AIZ2!wkEr1+fX#qQGMVUhhR*sZH5H-{% zw2;t3OX%DDPUz>P)FDk3Ezx1wS+srmtcYNvlbx|SZ8HSgkrWnDsOenN`OD>gGZLCe zXg*^)(JQ7v<-c*GFdtL{(d=~oqcTFr#K-T)z5-eqZNWs!G%6p26kSp_O6ycd(JuH< v4-9xl_3NP5a1!87#srSUR|^$7qdLQdGM1UhdwSt(qWS*;Ka;}Yu9*M;^N%!T literal 7279 zcmV-#9FXH5iwFP!00000|LuHhZ(KLB;CKBBeY?9c0IcJ|u+ zK;Qkmo!P7r2NnKma}kWx{!)L}f$fkr zok6xj8rW4GqUB~Z@KA{wX4q?_*ZcHP$3UGDR(k9U7gz0&c-{_)xg9!Y zTimM-wEO-z{!@y5#FFT0Nlt8qW=ZslaWcJ;Gap0FfZVJq*2&>(CP18L0-ho5s1Lq`%ji`=o@-lXRfyYhmzAv2z2^GC-(1>0l6zsPi9m ztf&B-wk>Ph{=}eli$a6WuqZRAzs#Z(tNOZ1OI+0_;qKEvJLKify(hd%{71o#+`S60 zXu+$ZA~$~b{yshqrsXc>W?6<9giSF>iF%;G>?CxIaOl7`nu0B$4wf0Vq^eccNTNE(v@6Viv2ZywV>Xhp=D!iX~A zFX?Fyyu^vK%`00|A3z?RV6dL@s?o{!`unv9S|#`HVHe+r^jKm-_o}#$7H(YkD-3pg zBH_=V%>XyYP=}iZTG~?S?YpP{DN({0J0niPGfs+Aw#2BqDCZ*Fw<%+U8&i5WwGJX& zwiZ)1wJZW2Xx%65T|?XKt8Nmtd-!{;M76iuOuyZzs~001o=A44LBGGh{m1*nW+<8a zJ%x*^)8mtJ=`Ou30=Y58Ubz2$|L!iai@}R9YM)QOkFJF)`;BvEVe|sWQ_q zzwRENZVFtP@Vk)~HuYRQ{m;8}Np0@o*4;mix;w2x^sKc$BonzW!+6$>Ap#$F<{cDwT0!?efO_4{Ub7pn+b zV?RG1`wCpI@C~jid_{y~$2d+*O?SK9yGeNTbo(^hI?YE<6tvfIqDD;7OZOXnyWa-w zUBX@bji{T}8JB^;i0!vST{vqXxe#_RwCpC%j?)AEUgGSk7xj1UhO@Kzh5^2<4YepXZ8Y(ShAR5-OQ!PME zV{u_7&fLdU9KsH}rx%A9#nHFY*MT_1AdZ5$3>)^JX}!H=s!xZhQ5}Dn8;RQ9Xd4XM zObA6_?vMI@6CTq0#~pQ>KC?&h>QmS!V}x9-Z_Jtp_x5AV~$Q3#rP{x%J1BL?wQ!81=y&1wl`Q`SCDNJH)ye3M)ZlF}*dwq7|MZ zte8c$vt(*B1*V%lm$jKKVt)6?G6FwG5z zCktmdo6XE`Z9c%?ZR#elZnx=O=WgaWH`TlDns42FuybCORdxQGF=FUrgBP`gn-4b* zo0+}Ye2U@PJZ~5`r%mhTq+Q+|vE-XQYrold2b-CL*;QWYtGdP=E?nP^FTLFk=B{hU zi?;6!EcNCx#-_N0`Df`uM_p3EG9_tzEWf%-{%Y+F%V z&#a}Xt4iOU67;3WqN%|gb+VqS&EDt7<AEqGC2VUcr#1hOXo2Ss@%#x`K0&Zn4DB7Jv{Z=Ivsqo*}*qV z2j4iISM%w-T1@BFayqV7(`mJyPE5`ExplcP+CMtC2O#|ol${P<%NhCn^cL#*FAnF+ z?TlCs=a$p4F&~?7XoAHtFdtCNkyp%o|HQc+4TBmGsp%{j^z0hr1p9ot2R?pmUjfRo zy*(zH>4>{r_O2c|!|dvPZaI)09yyoRa_&91#Ix;*t^35?I#jgN-Fl7DmiYVSM7ByX zLE$0Af?5wLF0JLhX@%mxyHd>8a5i%JA-Sb{kZ?Kp|EZBK^ools*8mG{S0PK+-oO=C zSRl(~n;&Y!(GX=7V zyFCoYqaQeHv(l0;CR1#6z16;=tgd%KvUey@9O5ux*QYN)4wOQY4=7IZ17}U zjbw5P7OtCzP<%5yT(6{ue=mW?{Ju)AZl?yj7kSCE$L~QlbZZMVIMUvOx*uP6Jh1Cq zSHH{ue!+8;?i{a`4y9gZzh)1>KC&<4wHHne9Ut%!{Uauir1HS>l?y>bN%t zy@ylxcj=+uSo#P;eE|Dr&ifkTNgKlMA&s#&n__R6VsD&cZ$8D|Vv4=x6nm>FX4bO+ z7RqLMRrPrm3S)o0-3zfxscr2zm z*wk~O_Q=)GlV?o9eysY~yzT~ZGS#Y=?XKIJJRbd9_)@_p z6DNB17r<5J&l+4)1eo5NVJ#8j56h0h`}V&pm=Nw)uRN|q*rf*;V;5@`i)CaH^V9Ch z-Id3^a+b&bqVe&tl;v?MWMN|=%bUja7F8(iwY0NYZ>>UMV-*VaMGtUTg~Em^lv0vkhrxao3Oinf!e$3q0()d* z6$;p~?#a&U#fXMV3)ry=<%Bc(PN)B?Oj#~hTJP^i+U9$Eue<3U^dpCtsb~$xsWh~5a>_Qgd28_7TmCP4X9V(LOiDdH9>lwi9UE-P)G08 z0<0RKPh)|Qf5eiDV@p1)?DNHxFjiB_h3|Uy(jLw(r-TzF18}mS@|@xUSS_i<4`61c zxbZ9kIw23rDv=tiKFa6xQLYtMo;kNVYY8Zo6l#r>N~rq8WjIk@Ny1RAzEaAS`pUDW zSOhM-V5|1_)PV6PQttct5%TEtXKlq%UeH7OB|Tj3eoqgXHfJfDYkTmv4`s_Rob1|W zh;VUmQFE~J{|w@mjK^%oeF_#xYiBJw8*J%rJgI}@-n~^7%@FS3JhnHd#ke_;`)0P7 ztzL+}sxI#MLe+L+sa!i;)G~>p8RKy6YD+!+5qbg|wu)ZVGU2S2X;Ju8tBy)7lNesb zk=m^u@G27o42fKeSqQ{Sl==sIp&L!q^nyLLf1E0;@@a)uW?e_@$SagYJWe<2N zd*f#(A?uU*WB8l) zo9aL17ab@{!yj<+=Nd=NXn%w@Yxx8AtXKuXbB2v)xeJrlkN*hkf`{j)XW}_Xe|}os zL*+2C|Eatdt00}J;euJ}Os9uyK-0N^YWVml z%$ywRSQQ&hv0v&^(C+!ZPU*3;)2c5^(W+cV7~UBi|1dz)2WnYpOs8Sd3-dn`a2oPW zbXg|O9H8f`mmuCC|NHZ5x1wzR7kFsU zR32-`@>|Pmc`RWnPrbsm@>okDapPqIUY5r;MlBA7uoiyq{oOyi;o3dFzY7oV-(Fm# zD7lJRWuXjOX#&q)JIOqEQ6_6H%~o&KR&K?XZ*dD-b`cyT)Q(0Z<6X|&c?{CJBqVs5 z@+H6)*f_}6L4sLhqOmC^AOt~4j|ye-Itb^JzXZ7ju?4=R@X-XqrY$p|821UKH7vWt ziMjw<^Go0a$8pQemg_B7TQ0YpCga=E2wTp!Xt!v#sJE!LD7PrKNDSZ>VT)`FM3vcs z-h#RaA~-K1M8Ra1iJ6xJsV#?#73n|wxwcqw5k*;d%UmJG%i1SX{> z6;UjbefP+f0Fz@Rm9j++lGlIumlI=>WXPCwELzQclBm6BEZgjj)iPF@5GCR>l9U4j zGKiWhl^yL^CXMGhfR!w;WGYFt;pAtfO2>e-KP^Zmc?>>fF9B0>w7ZoDU8&Ol3c?ue zXsw*_7`;jmK_pbb5|`F9?Tb1ozE!wYuvKg;?N*x4O{7I86;F=Tj0uy_q>vDEa-f7Z zhFvOI2vg!;PbvdTI}vy^WFL7}7L~Fg*kEIl*_cAAQvWX0l0F6yT!Rl5iGkz{*({#8fPhIkK^{B>R$Qv#TZ3BzFNP_dJUJ4KT=~lLi4%Q4mrcgk@V}UpAYTOJXY!qdrR!m5c&aMyn|Z&mzR$q*&ZqcmeDL zOJ>DL=Z!WB9dl%6fZOc6RDh;NiIk0Pt=(GUN^h;&TDi4iYk9wHFNIajLllaVVdH_3 zw^bM@D(7esE!i90SfwP0QBKC-OJSRQMzEMAcT9TAqKh#GL+N7H5GYG2egjzfh%b@- z5==*O{=zCB6f==!mLsLf5VfM5uvlMU1j^KxECz0noR9-jbrOJ%ic_`|r9ujgJS5%3 zV7>-Xc%Hd(Is-YX6u}#GD7_NWSeq#dJVz^_Rx(kG`i%8-GQvY^O{xXhWRjRZOha|uBFmlL*f#P;>c2Sv<=G7y=|yd9aPX4gp1@AqkLHP->&Rum;E~D=WRp6!g|a zoTdYWuUk%F7|)aiX&WI)W{u>=XGSJR0Z+0eMp!P-@SD8KQ9&wq66G2btxRN)koKO| zl2a1FlXjOtC;*Gl%nM*g3nP?7DVWc~IVOzdmb^@~E+BTM9z*f zT&5Msr9!T*ykEthrA@J0$wO*UpCIX(ca#=l~)F%CVEA!9)?1c$UZl zq6>=eCE|dn10oNIJ}6F@C32fA;jIQ*iiae~)7=y&@Eku=#6;U99Lz0kW^?cFLIP#%DP87(C{uOitlCuP-1ex`mNdt%+ z6{U6&oC6ga9rm-(q9mnmk@S!T(h>wGlL(6RRHhV_kLA)F$XAxVTJ{h7%PG>vYLw+L z+=GnC$cz-hp@8T~L%HgU4n8kYkhQfQgYaIUD;)-;qnwyNWU48G zLyF+YEYqjZNO&oR0}A567U~N#;&XBk46_u3dX^ya@;@j0Ml(@d3SRJGt0JXX2xPh_ zCPhXLi0QMr`h48*oK^A>iYwqz=45RmOQa;zWQkBN;n-u1c07XwG7UBpQeIg>xx|VN6k!$DI>iDHSZmOwKB&C{JLu)Q@cS z7r-g^%37Y4kPH%JOYtTmH#P@~tCH(Eg)fBLghq0D2`L9Hg(8lD0&WWHH0@dG8@Koc zajdPQCFKEg)ZCF-a?W82*2Um-j;3+Uzc8+Yi;R*rO4<@9&%!8`&t#o650+VPV&l4e zM7bLK@&uqT7ef`8Qj7~jA!hX4(ApREM|9P_Qs#-2c_L+=NSP<{l5-OWl#?Sb{lsNS z%S&Ef5_5dX67kBX$S5}nR``;WkddQQ-ceL5ong8jh*088pYmN!Ac%ZQ*pU);N@D0k zEKqnE|hJa^8k$W0o2rm$-n(9E1vOe-eUk;_7oAl_huw!bZy!Y6IDDn}xR~`BdwP zkPxAUZz8KA6Uj#HWY82^b8k{Pd8g!pF;1RR3f7B^e-qnY78V&vCzrxLo{pBsTXC+(U*Heo a end end +module Core_Option_Option_Type + type t_option 't = + | C_None + | C_Some 't + +end module IndexRange_TestRange use prelude.Int32 use prelude.Slice @@ -483,49 +483,81 @@ module IndexRange_TestRange var arr : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); var s : slice int32; var _3 : slice int32; + var _5 : Core_Ops_Range_Range_Type.t_range usize; + var _7 : bool; var _8 : usize; + var _10 : bool; var _12 : usize; + var _13 : usize; var _14 : bool; + var _15 : bool; var _17 : usize; + var _18 : usize; var _19 : bool; var s1 : slice int32; var _22 : slice int32; + var _24 : Core_Ops_Range_Range_Type.t_range usize; + var _26 : bool; var _27 : usize; + var _29 : bool; var _31 : usize; + var _32 : usize; var _33 : bool; + var _34 : bool; var _36 : usize; + var _37 : usize; var _38 : bool; + var _41 : bool; var _42 : usize; var _44 : slice int32; + var _46 : Core_Ops_Range_Range_Type.t_range usize; + var _49 : bool; var _50 : usize; var _52 : slice int32; + var _54 : Core_Ops_Range_Range_Type.t_range usize; var _57 : bool; var _59 : Core_Option_Option_Type.t_option (slice int32); var _61 : slice int32; + var _63 : Core_Ops_Range_Range_Type.t_range usize; var _66 : bool; var _68 : Core_Option_Option_Type.t_option (slice int32); var _70 : slice int32; + var _72 : Core_Ops_Range_Range_Type.t_range usize; var _75 : bool; var _77 : Core_Option_Option_Type.t_option (slice int32); var _79 : slice int32; + var _81 : Core_Ops_Range_Range_Type.t_range usize; var _84 : bool; var _86 : Core_Option_Option_Type.t_option (slice int32); var _88 : slice int32; + var _90 : Core_Ops_Range_Range_Type.t_range usize; var s2 : borrowed (slice int32); var _93 : borrowed (slice int32); var _94 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + var _95 : Core_Ops_Range_Range_Type.t_range usize; + var _97 : bool; var _98 : usize; var _101 : usize; + var _102 : usize; var _103 : bool; var _104 : usize; + var _105 : usize; var _106 : bool; + var _108 : bool; var _110 : usize; + var _111 : usize; var _112 : bool; + var _115 : bool; var _116 : usize; + var _120 : bool; var _122 : int32; + var _126 : bool; var _128 : int32; + var _132 : bool; var _134 : int32; + var _138 : bool; var _140 : int32; + var _144 : bool; var _146 : int32; { goto BB0 @@ -535,46 +567,56 @@ module IndexRange_TestRange goto BB1 } BB1 { - [#"../index_range.rs" 34 16 34 22] _3 <- ([#"../index_range.rs" 34 16 34 22] index0 ([#"../index_range.rs" 34 13 34 16] arr) ([#"../index_range.rs" 34 17 34 21] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 34 17 34 18] [#"../index_range.rs" 34 17 34 18] (0 : usize)) ([#"../index_range.rs" 34 20 34 21] [#"../index_range.rs" 34 20 34 21] (2 : usize)))); + [#"../index_range.rs" 34 17 34 21] _5 <- ([#"../index_range.rs" 34 17 34 21] Core_Ops_Range_Range_Type.C_Range (0 : usize) (2 : usize)); + [#"../index_range.rs" 34 16 34 22] _3 <- ([#"../index_range.rs" 34 16 34 22] index0 arr _5); + _5 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB2 } BB2 { [#"../index_range.rs" 34 12 34 22] s <- ([#"../index_range.rs" 34 12 34 22] _3); - [#"../index_range.rs" 35 12 35 19] _8 <- ([#"../index_range.rs" 35 12 35 19] len0 ([#"../index_range.rs" 35 12 35 13] s)); + [#"../index_range.rs" 35 12 35 19] _8 <- ([#"../index_range.rs" 35 12 35 19] len0 s); goto BB3 } BB3 { - switch ([#"../index_range.rs" 35 12 35 24] _8 = ([#"../index_range.rs" 35 23 35 24] [#"../index_range.rs" 35 23 35 24] (2 : usize))) + [#"../index_range.rs" 35 12 35 24] _7 <- ([#"../index_range.rs" 35 12 35 24] _8 = (2 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB11 | True -> goto BB4 end } BB4 { - [#"../index_range.rs" 35 30 35 31] _12 <- ([#"../index_range.rs" 35 30 35 31] [#"../index_range.rs" 35 30 35 31] (0 : usize)); - [#"../index_range.rs" 35 28 35 32] _14 <- ([#"../index_range.rs" 35 28 35 32] _12 < ([#"../index_range.rs" 35 28 35 32] Slice.length s)); + [#"../index_range.rs" 35 30 35 31] _12 <- ([#"../index_range.rs" 35 30 35 31] (0 : usize)); + [#"../index_range.rs" 35 28 35 32] _13 <- ([#"../index_range.rs" 35 28 35 32] Slice.length s); + [#"../index_range.rs" 35 28 35 32] _14 <- ([#"../index_range.rs" 35 28 35 32] _12 < _13); assert { [@expl:index in bounds] [#"../index_range.rs" 35 28 35 32] _14 }; goto BB5 } BB5 { - switch ([#"../index_range.rs" 35 28 35 37] ([#"../index_range.rs" 35 28 35 32] Slice.get s _12) = ([#"../index_range.rs" 35 36 35 37] [#"../index_range.rs" 35 36 35 37] (0 : int32))) + [#"../index_range.rs" 35 28 35 37] _10 <- ([#"../index_range.rs" 35 28 35 37] Slice.get s _12 = (0 : int32)); + switch (_10) | False -> goto BB10 | True -> goto BB6 end } BB6 { - [#"../index_range.rs" 35 43 35 44] _17 <- ([#"../index_range.rs" 35 43 35 44] [#"../index_range.rs" 35 43 35 44] (1 : usize)); - [#"../index_range.rs" 35 41 35 45] _19 <- ([#"../index_range.rs" 35 41 35 45] _17 < ([#"../index_range.rs" 35 41 35 45] Slice.length s)); + [#"../index_range.rs" 35 43 35 44] _17 <- ([#"../index_range.rs" 35 43 35 44] (1 : usize)); + [#"../index_range.rs" 35 41 35 45] _18 <- ([#"../index_range.rs" 35 41 35 45] Slice.length s); + [#"../index_range.rs" 35 41 35 45] _19 <- ([#"../index_range.rs" 35 41 35 45] _17 < _18); assert { [@expl:index in bounds] [#"../index_range.rs" 35 41 35 45] _19 }; goto BB7 } BB7 { - switch ([#"../index_range.rs" 35 41 35 50] ([#"../index_range.rs" 35 41 35 45] Slice.get s _17) = ([#"../index_range.rs" 35 49 35 50] [#"../index_range.rs" 35 49 35 50] (1 : int32))) + [#"../index_range.rs" 35 41 35 50] _15 <- ([#"../index_range.rs" 35 41 35 50] Slice.get s _17 = (1 : int32)); + switch (_15) | False -> goto BB9 | True -> goto BB8 end } BB8 { - [#"../index_range.rs" 37 16 37 22] _22 <- ([#"../index_range.rs" 37 16 37 22] index0 ([#"../index_range.rs" 37 13 37 16] arr) ([#"../index_range.rs" 37 17 37 21] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 37 17 37 18] [#"../index_range.rs" 37 17 37 18] (3 : usize)) ([#"../index_range.rs" 37 20 37 21] [#"../index_range.rs" 37 20 37 21] (5 : usize)))); + [#"../index_range.rs" 37 17 37 21] _24 <- ([#"../index_range.rs" 37 17 37 21] Core_Ops_Range_Range_Type.C_Range (3 : usize) (5 : usize)); + [#"../index_range.rs" 37 16 37 22] _22 <- ([#"../index_range.rs" 37 16 37 22] index0 arr _24); + _24 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB13 } BB9 { @@ -595,41 +637,49 @@ module IndexRange_TestRange } BB13 { [#"../index_range.rs" 37 12 37 22] s1 <- ([#"../index_range.rs" 37 12 37 22] _22); - [#"../index_range.rs" 38 12 38 19] _27 <- ([#"../index_range.rs" 38 12 38 19] len0 ([#"../index_range.rs" 38 12 38 13] s1)); + [#"../index_range.rs" 38 12 38 19] _27 <- ([#"../index_range.rs" 38 12 38 19] len0 s1); goto BB14 } BB14 { - switch ([#"../index_range.rs" 38 12 38 24] _27 = ([#"../index_range.rs" 38 23 38 24] [#"../index_range.rs" 38 23 38 24] (2 : usize))) + [#"../index_range.rs" 38 12 38 24] _26 <- ([#"../index_range.rs" 38 12 38 24] _27 = (2 : usize)); + _27 <- any usize; + switch (_26) | False -> goto BB22 | True -> goto BB15 end } BB15 { - [#"../index_range.rs" 38 30 38 31] _31 <- ([#"../index_range.rs" 38 30 38 31] [#"../index_range.rs" 38 30 38 31] (0 : usize)); - [#"../index_range.rs" 38 28 38 32] _33 <- ([#"../index_range.rs" 38 28 38 32] _31 < ([#"../index_range.rs" 38 28 38 32] Slice.length s1)); + [#"../index_range.rs" 38 30 38 31] _31 <- ([#"../index_range.rs" 38 30 38 31] (0 : usize)); + [#"../index_range.rs" 38 28 38 32] _32 <- ([#"../index_range.rs" 38 28 38 32] Slice.length s1); + [#"../index_range.rs" 38 28 38 32] _33 <- ([#"../index_range.rs" 38 28 38 32] _31 < _32); assert { [@expl:index in bounds] [#"../index_range.rs" 38 28 38 32] _33 }; goto BB16 } BB16 { - switch ([#"../index_range.rs" 38 28 38 37] ([#"../index_range.rs" 38 28 38 32] Slice.get s1 _31) = ([#"../index_range.rs" 38 36 38 37] [#"../index_range.rs" 38 36 38 37] (3 : int32))) + [#"../index_range.rs" 38 28 38 37] _29 <- ([#"../index_range.rs" 38 28 38 37] Slice.get s1 _31 = (3 : int32)); + switch (_29) | False -> goto BB21 | True -> goto BB17 end } BB17 { - [#"../index_range.rs" 38 43 38 44] _36 <- ([#"../index_range.rs" 38 43 38 44] [#"../index_range.rs" 38 43 38 44] (1 : usize)); - [#"../index_range.rs" 38 41 38 45] _38 <- ([#"../index_range.rs" 38 41 38 45] _36 < ([#"../index_range.rs" 38 41 38 45] Slice.length s1)); + [#"../index_range.rs" 38 43 38 44] _36 <- ([#"../index_range.rs" 38 43 38 44] (1 : usize)); + [#"../index_range.rs" 38 41 38 45] _37 <- ([#"../index_range.rs" 38 41 38 45] Slice.length s1); + [#"../index_range.rs" 38 41 38 45] _38 <- ([#"../index_range.rs" 38 41 38 45] _36 < _37); assert { [@expl:index in bounds] [#"../index_range.rs" 38 41 38 45] _38 }; goto BB18 } BB18 { - switch ([#"../index_range.rs" 38 41 38 50] ([#"../index_range.rs" 38 41 38 45] Slice.get s1 _36) = ([#"../index_range.rs" 38 49 38 50] [#"../index_range.rs" 38 49 38 50] (4 : int32))) + [#"../index_range.rs" 38 41 38 50] _34 <- ([#"../index_range.rs" 38 41 38 50] Slice.get s1 _36 = (4 : int32)); + switch (_34) | False -> goto BB20 | True -> goto BB19 end } BB19 { - [#"../index_range.rs" 43 15 43 21] _44 <- ([#"../index_range.rs" 43 15 43 21] index0 ([#"../index_range.rs" 43 12 43 15] arr) ([#"../index_range.rs" 43 16 43 20] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 43 16 43 17] [#"../index_range.rs" 43 16 43 17] (2 : usize)) ([#"../index_range.rs" 43 19 43 20] [#"../index_range.rs" 43 19 43 20] (2 : usize)))); + [#"../index_range.rs" 43 16 43 20] _46 <- ([#"../index_range.rs" 43 16 43 20] Core_Ops_Range_Range_Type.C_Range (2 : usize) (2 : usize)); + [#"../index_range.rs" 43 15 43 21] _44 <- ([#"../index_range.rs" 43 15 43 21] index0 arr _46); + _46 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB24 } BB20 { @@ -649,17 +699,21 @@ module IndexRange_TestRange absurd } BB24 { - [#"../index_range.rs" 43 12 43 27] _42 <- ([#"../index_range.rs" 43 12 43 27] len0 ([#"../index_range.rs" 43 12 43 21] _44)); + [#"../index_range.rs" 43 12 43 27] _42 <- ([#"../index_range.rs" 43 12 43 27] len0 _44); goto BB25 } BB25 { - switch ([#"../index_range.rs" 43 12 43 32] _42 = ([#"../index_range.rs" 43 31 43 32] [#"../index_range.rs" 43 31 43 32] (0 : usize))) + [#"../index_range.rs" 43 12 43 32] _41 <- ([#"../index_range.rs" 43 12 43 32] _42 = (0 : usize)); + _42 <- any usize; + switch (_41) | False -> goto BB27 | True -> goto BB26 end } BB26 { - [#"../index_range.rs" 45 15 45 21] _52 <- ([#"../index_range.rs" 45 15 45 21] index0 ([#"../index_range.rs" 45 12 45 15] arr) ([#"../index_range.rs" 45 16 45 20] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 45 16 45 17] [#"../index_range.rs" 45 16 45 17] (5 : usize)) ([#"../index_range.rs" 45 19 45 20] [#"../index_range.rs" 45 19 45 20] (5 : usize)))); + [#"../index_range.rs" 45 16 45 20] _54 <- ([#"../index_range.rs" 45 16 45 20] Core_Ops_Range_Range_Type.C_Range (5 : usize) (5 : usize)); + [#"../index_range.rs" 45 15 45 21] _52 <- ([#"../index_range.rs" 45 15 45 21] index0 arr _54); + _54 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB28 } BB27 { @@ -668,17 +722,19 @@ module IndexRange_TestRange absurd } BB28 { - [#"../index_range.rs" 45 12 45 27] _50 <- ([#"../index_range.rs" 45 12 45 27] len0 ([#"../index_range.rs" 45 12 45 21] _52)); + [#"../index_range.rs" 45 12 45 27] _50 <- ([#"../index_range.rs" 45 12 45 27] len0 _52); goto BB29 } BB29 { - switch ([#"../index_range.rs" 45 12 45 32] _50 = ([#"../index_range.rs" 45 31 45 32] [#"../index_range.rs" 45 31 45 32] (0 : usize))) + [#"../index_range.rs" 45 12 45 32] _49 <- ([#"../index_range.rs" 45 12 45 32] _50 = (0 : usize)); + _50 <- any usize; + switch (_49) | False -> goto BB31 | True -> goto BB30 end } BB30 { - [#"../index_range.rs" 50 12 50 25] _61 <- ([#"../index_range.rs" 50 12 50 25] deref0 ([#"../index_range.rs" 50 12 50 15] arr)); + [#"../index_range.rs" 50 12 50 25] _61 <- ([#"../index_range.rs" 50 12 50 25] deref0 arr); goto BB32 } BB31 { @@ -687,11 +743,13 @@ module IndexRange_TestRange absurd } BB32 { - [#"../index_range.rs" 50 12 50 25] _59 <- ([#"../index_range.rs" 50 12 50 25] get0 ([#"../index_range.rs" 50 12 50 15] _61) ([#"../index_range.rs" 50 20 50 24] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 50 20 50 21] [#"../index_range.rs" 50 20 50 21] (2 : usize)) ([#"../index_range.rs" 50 23 50 24] [#"../index_range.rs" 50 23 50 24] (6 : usize)))); + [#"../index_range.rs" 50 20 50 24] _63 <- ([#"../index_range.rs" 50 20 50 24] Core_Ops_Range_Range_Type.C_Range (2 : usize) (6 : usize)); + [#"../index_range.rs" 50 12 50 25] _59 <- ([#"../index_range.rs" 50 12 50 25] get0 _61 _63); + _63 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB33 } BB33 { - [#"../index_range.rs" 50 12 50 35] _57 <- ([#"../index_range.rs" 50 12 50 35] is_none0 ([#"../index_range.rs" 50 12 50 25] _59)); + [#"../index_range.rs" 50 12 50 35] _57 <- ([#"../index_range.rs" 50 12 50 35] is_none0 _59); goto BB34 } BB34 { @@ -701,7 +759,7 @@ module IndexRange_TestRange end } BB35 { - [#"../index_range.rs" 52 12 52 25] _70 <- ([#"../index_range.rs" 52 12 52 25] deref0 ([#"../index_range.rs" 52 12 52 15] arr)); + [#"../index_range.rs" 52 12 52 25] _70 <- ([#"../index_range.rs" 52 12 52 25] deref0 arr); goto BB37 } BB36 { @@ -710,11 +768,13 @@ module IndexRange_TestRange absurd } BB37 { - [#"../index_range.rs" 52 12 52 25] _68 <- ([#"../index_range.rs" 52 12 52 25] get0 ([#"../index_range.rs" 52 12 52 15] _70) ([#"../index_range.rs" 52 20 52 24] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 52 20 52 21] [#"../index_range.rs" 52 20 52 21] (2 : usize)) ([#"../index_range.rs" 52 23 52 24] [#"../index_range.rs" 52 23 52 24] (1 : usize)))); + [#"../index_range.rs" 52 20 52 24] _72 <- ([#"../index_range.rs" 52 20 52 24] Core_Ops_Range_Range_Type.C_Range (2 : usize) (1 : usize)); + [#"../index_range.rs" 52 12 52 25] _68 <- ([#"../index_range.rs" 52 12 52 25] get0 _70 _72); + _72 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB38 } BB38 { - [#"../index_range.rs" 52 12 52 35] _66 <- ([#"../index_range.rs" 52 12 52 35] is_none0 ([#"../index_range.rs" 52 12 52 25] _68)); + [#"../index_range.rs" 52 12 52 35] _66 <- ([#"../index_range.rs" 52 12 52 35] is_none0 _68); goto BB39 } BB39 { @@ -724,7 +784,7 @@ module IndexRange_TestRange end } BB40 { - [#"../index_range.rs" 54 12 54 25] _79 <- ([#"../index_range.rs" 54 12 54 25] deref0 ([#"../index_range.rs" 54 12 54 15] arr)); + [#"../index_range.rs" 54 12 54 25] _79 <- ([#"../index_range.rs" 54 12 54 25] deref0 arr); goto BB42 } BB41 { @@ -733,11 +793,13 @@ module IndexRange_TestRange absurd } BB42 { - [#"../index_range.rs" 54 12 54 25] _77 <- ([#"../index_range.rs" 54 12 54 25] get0 ([#"../index_range.rs" 54 12 54 15] _79) ([#"../index_range.rs" 54 20 54 24] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 54 20 54 21] [#"../index_range.rs" 54 20 54 21] (6 : usize)) ([#"../index_range.rs" 54 23 54 24] [#"../index_range.rs" 54 23 54 24] (6 : usize)))); + [#"../index_range.rs" 54 20 54 24] _81 <- ([#"../index_range.rs" 54 20 54 24] Core_Ops_Range_Range_Type.C_Range (6 : usize) (6 : usize)); + [#"../index_range.rs" 54 12 54 25] _77 <- ([#"../index_range.rs" 54 12 54 25] get0 _79 _81); + _81 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB43 } BB43 { - [#"../index_range.rs" 54 12 54 35] _75 <- ([#"../index_range.rs" 54 12 54 35] is_none0 ([#"../index_range.rs" 54 12 54 25] _77)); + [#"../index_range.rs" 54 12 54 35] _75 <- ([#"../index_range.rs" 54 12 54 35] is_none0 _77); goto BB44 } BB44 { @@ -747,7 +809,7 @@ module IndexRange_TestRange end } BB45 { - [#"../index_range.rs" 56 12 56 27] _88 <- ([#"../index_range.rs" 56 12 56 27] deref0 ([#"../index_range.rs" 56 12 56 15] arr)); + [#"../index_range.rs" 56 12 56 27] _88 <- ([#"../index_range.rs" 56 12 56 27] deref0 arr); goto BB47 } BB46 { @@ -756,11 +818,13 @@ module IndexRange_TestRange absurd } BB47 { - [#"../index_range.rs" 56 12 56 27] _86 <- ([#"../index_range.rs" 56 12 56 27] get0 ([#"../index_range.rs" 56 12 56 15] _88) ([#"../index_range.rs" 56 20 56 26] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 56 20 56 22] [#"../index_range.rs" 56 20 56 22] (10 : usize)) ([#"../index_range.rs" 56 24 56 26] [#"../index_range.rs" 56 24 56 26] (10 : usize)))); + [#"../index_range.rs" 56 20 56 26] _90 <- ([#"../index_range.rs" 56 20 56 26] Core_Ops_Range_Range_Type.C_Range (10 : usize) (10 : usize)); + [#"../index_range.rs" 56 12 56 27] _86 <- ([#"../index_range.rs" 56 12 56 27] get0 _88 _90); + _90 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB48 } BB48 { - [#"../index_range.rs" 56 12 56 37] _84 <- ([#"../index_range.rs" 56 12 56 37] is_none0 ([#"../index_range.rs" 56 12 56 27] _86)); + [#"../index_range.rs" 56 12 56 37] _84 <- ([#"../index_range.rs" 56 12 56 37] is_none0 _86); goto BB49 } BB49 { @@ -772,8 +836,10 @@ module IndexRange_TestRange BB50 { [#"../index_range.rs" 59 17 59 20] _94 <- Borrow.borrow_mut arr; [#"../index_range.rs" 59 17 59 20] arr <- ^ _94; - [#"../index_range.rs" 59 20 59 26] _93 <- ([#"../index_range.rs" 59 20 59 26] index_mut0 _94 ([#"../index_range.rs" 59 21 59 25] Core_Ops_Range_Range_Type.C_Range ([#"../index_range.rs" 59 21 59 22] [#"../index_range.rs" 59 21 59 22] (1 : usize)) ([#"../index_range.rs" 59 24 59 25] [#"../index_range.rs" 59 24 59 25] (4 : usize)))); + [#"../index_range.rs" 59 21 59 25] _95 <- ([#"../index_range.rs" 59 21 59 25] Core_Ops_Range_Range_Type.C_Range (1 : usize) (4 : usize)); + [#"../index_range.rs" 59 20 59 26] _93 <- ([#"../index_range.rs" 59 20 59 26] index_mut0 _94 _95); _94 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + _95 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB52 } BB51 { @@ -784,18 +850,21 @@ module IndexRange_TestRange BB52 { [#"../index_range.rs" 59 12 59 26] s2 <- Borrow.borrow_final ( * _93) (Borrow.get_id _93); [#"../index_range.rs" 59 12 59 26] _93 <- { _93 with current = ( ^ s2) ; }; - [#"../index_range.rs" 60 12 60 19] _98 <- ([#"../index_range.rs" 60 12 60 19] len0 ([#"../index_range.rs" 60 12 60 13] * s2)); + [#"../index_range.rs" 60 12 60 19] _98 <- ([#"../index_range.rs" 60 12 60 19] len0 ( * s2)); goto BB53 } BB53 { - switch ([#"../index_range.rs" 60 12 60 24] _98 = ([#"../index_range.rs" 60 23 60 24] [#"../index_range.rs" 60 23 60 24] (3 : usize))) + [#"../index_range.rs" 60 12 60 24] _97 <- ([#"../index_range.rs" 60 12 60 24] _98 = (3 : usize)); + _98 <- any usize; + switch (_97) | False -> goto BB55 | True -> goto BB54 end } BB54 { - [#"../index_range.rs" 61 6 61 7] _101 <- ([#"../index_range.rs" 61 6 61 7] [#"../index_range.rs" 61 6 61 7] (0 : usize)); - [#"../index_range.rs" 61 4 61 8] _103 <- ([#"../index_range.rs" 61 4 61 8] _101 < ([#"../index_range.rs" 61 4 61 8] Slice.length ( * s2))); + [#"../index_range.rs" 61 6 61 7] _101 <- ([#"../index_range.rs" 61 6 61 7] (0 : usize)); + [#"../index_range.rs" 61 4 61 8] _102 <- ([#"../index_range.rs" 61 4 61 8] Slice.length ( * s2)); + [#"../index_range.rs" 61 4 61 8] _103 <- ([#"../index_range.rs" 61 4 61 8] _101 < _102); assert { [@expl:index in bounds] [#"../index_range.rs" 61 4 61 8] _103 }; goto BB56 } @@ -807,29 +876,32 @@ module IndexRange_TestRange absurd } BB56 { - [#"../index_range.rs" 61 4 61 13] s2 <- { s2 with current = Slice.set ( * s2) _101 ([#"../index_range.rs" 61 4 61 13] [#"../index_range.rs" 61 11 61 13] (-1 : int32)) ; }; - [#"../index_range.rs" 62 6 62 7] _104 <- ([#"../index_range.rs" 62 6 62 7] [#"../index_range.rs" 62 6 62 7] (1 : usize)); - [#"../index_range.rs" 62 4 62 8] _106 <- ([#"../index_range.rs" 62 4 62 8] _104 < ([#"../index_range.rs" 62 4 62 8] Slice.length ( * s2))); + [#"../index_range.rs" 61 4 61 13] s2 <- { s2 with current = Slice.set ( * s2) _101 ([#"../index_range.rs" 61 4 61 13] (-1 : int32)) ; }; + [#"../index_range.rs" 62 6 62 7] _104 <- ([#"../index_range.rs" 62 6 62 7] (1 : usize)); + [#"../index_range.rs" 62 4 62 8] _105 <- ([#"../index_range.rs" 62 4 62 8] Slice.length ( * s2)); + [#"../index_range.rs" 62 4 62 8] _106 <- ([#"../index_range.rs" 62 4 62 8] _104 < _105); assert { [@expl:index in bounds] [#"../index_range.rs" 62 4 62 8] _106 }; goto BB57 } BB57 { - [#"../index_range.rs" 62 4 62 13] s2 <- { s2 with current = Slice.set ( * s2) _104 ([#"../index_range.rs" 62 4 62 13] [#"../index_range.rs" 62 11 62 13] (-1 : int32)) ; }; - [#"../index_range.rs" 67 14 67 15] _110 <- ([#"../index_range.rs" 67 14 67 15] [#"../index_range.rs" 67 14 67 15] (2 : usize)); - [#"../index_range.rs" 67 12 67 16] _112 <- ([#"../index_range.rs" 67 12 67 16] _110 < ([#"../index_range.rs" 67 12 67 16] Slice.length ( * s2))); + [#"../index_range.rs" 62 4 62 13] s2 <- { s2 with current = Slice.set ( * s2) _104 ([#"../index_range.rs" 62 4 62 13] (-1 : int32)) ; }; + [#"../index_range.rs" 67 14 67 15] _110 <- ([#"../index_range.rs" 67 14 67 15] (2 : usize)); + [#"../index_range.rs" 67 12 67 16] _111 <- ([#"../index_range.rs" 67 12 67 16] Slice.length ( * s2)); + [#"../index_range.rs" 67 12 67 16] _112 <- ([#"../index_range.rs" 67 12 67 16] _110 < _111); assert { [@expl:index in bounds] [#"../index_range.rs" 67 12 67 16] _112 }; goto BB58 } BB58 { assume { resolve1 s2 }; + [#"../index_range.rs" 67 12 67 21] _108 <- ([#"../index_range.rs" 67 12 67 21] Slice.get ( * s2) _110 = (3 : int32)); assume { resolve1 _93 }; - switch ([#"../index_range.rs" 67 12 67 21] ([#"../index_range.rs" 67 12 67 16] Slice.get ( * s2) _110) = ([#"../index_range.rs" 67 20 67 21] [#"../index_range.rs" 67 20 67 21] (3 : int32))) + switch (_108) | False -> goto BB60 | True -> goto BB59 end } BB59 { - [#"../index_range.rs" 69 12 69 21] _116 <- ([#"../index_range.rs" 69 12 69 21] len1 ([#"../index_range.rs" 69 12 69 15] arr)); + [#"../index_range.rs" 69 12 69 21] _116 <- ([#"../index_range.rs" 69 12 69 21] len1 arr); goto BB61 } BB60 { @@ -838,13 +910,15 @@ module IndexRange_TestRange absurd } BB61 { - switch ([#"../index_range.rs" 69 12 69 26] _116 = ([#"../index_range.rs" 69 25 69 26] [#"../index_range.rs" 69 25 69 26] (5 : usize))) + [#"../index_range.rs" 69 12 69 26] _115 <- ([#"../index_range.rs" 69 12 69 26] _116 = (5 : usize)); + _116 <- any usize; + switch (_115) | False -> goto BB63 | True -> goto BB62 end } BB62 { - [#"../index_range.rs" 70 15 70 18] _122 <- ([#"../index_range.rs" 70 15 70 18] index1 ([#"../index_range.rs" 70 12 70 15] arr) ([#"../index_range.rs" 70 16 70 17] [#"../index_range.rs" 70 16 70 17] (0 : usize))); + [#"../index_range.rs" 70 15 70 18] _122 <- ([#"../index_range.rs" 70 15 70 18] index1 arr (0 : usize)); goto BB64 } BB63 { @@ -853,13 +927,14 @@ module IndexRange_TestRange absurd } BB64 { - switch ([#"../index_range.rs" 70 12 70 23] ([#"../index_range.rs" 70 12 70 18] _122) = ([#"../index_range.rs" 70 22 70 23] [#"../index_range.rs" 70 22 70 23] (0 : int32))) + [#"../index_range.rs" 70 12 70 23] _120 <- ([#"../index_range.rs" 70 12 70 23] _122 = (0 : int32)); + switch (_120) | False -> goto BB66 | True -> goto BB65 end } BB65 { - [#"../index_range.rs" 71 15 71 18] _128 <- ([#"../index_range.rs" 71 15 71 18] index1 ([#"../index_range.rs" 71 12 71 15] arr) ([#"../index_range.rs" 71 16 71 17] [#"../index_range.rs" 71 16 71 17] (1 : usize))); + [#"../index_range.rs" 71 15 71 18] _128 <- ([#"../index_range.rs" 71 15 71 18] index1 arr (1 : usize)); goto BB67 } BB66 { @@ -868,13 +943,14 @@ module IndexRange_TestRange absurd } BB67 { - switch ([#"../index_range.rs" 71 12 71 24] ([#"../index_range.rs" 71 12 71 18] _128) = ([#"../index_range.rs" 71 22 71 24] [#"../index_range.rs" 71 22 71 24] (-1 : int32))) + [#"../index_range.rs" 71 12 71 24] _126 <- ([#"../index_range.rs" 71 12 71 24] _128 = (-1 : int32)); + switch (_126) | False -> goto BB69 | True -> goto BB68 end } BB68 { - [#"../index_range.rs" 72 15 72 18] _134 <- ([#"../index_range.rs" 72 15 72 18] index1 ([#"../index_range.rs" 72 12 72 15] arr) ([#"../index_range.rs" 72 16 72 17] [#"../index_range.rs" 72 16 72 17] (2 : usize))); + [#"../index_range.rs" 72 15 72 18] _134 <- ([#"../index_range.rs" 72 15 72 18] index1 arr (2 : usize)); goto BB70 } BB69 { @@ -883,13 +959,14 @@ module IndexRange_TestRange absurd } BB70 { - switch ([#"../index_range.rs" 72 12 72 24] ([#"../index_range.rs" 72 12 72 18] _134) = ([#"../index_range.rs" 72 22 72 24] [#"../index_range.rs" 72 22 72 24] (-1 : int32))) + [#"../index_range.rs" 72 12 72 24] _132 <- ([#"../index_range.rs" 72 12 72 24] _134 = (-1 : int32)); + switch (_132) | False -> goto BB72 | True -> goto BB71 end } BB71 { - [#"../index_range.rs" 73 15 73 18] _140 <- ([#"../index_range.rs" 73 15 73 18] index1 ([#"../index_range.rs" 73 12 73 15] arr) ([#"../index_range.rs" 73 16 73 17] [#"../index_range.rs" 73 16 73 17] (3 : usize))); + [#"../index_range.rs" 73 15 73 18] _140 <- ([#"../index_range.rs" 73 15 73 18] index1 arr (3 : usize)); goto BB73 } BB72 { @@ -898,13 +975,14 @@ module IndexRange_TestRange absurd } BB73 { - switch ([#"../index_range.rs" 73 12 73 23] ([#"../index_range.rs" 73 12 73 18] _140) = ([#"../index_range.rs" 73 22 73 23] [#"../index_range.rs" 73 22 73 23] (3 : int32))) + [#"../index_range.rs" 73 12 73 23] _138 <- ([#"../index_range.rs" 73 12 73 23] _140 = (3 : int32)); + switch (_138) | False -> goto BB75 | True -> goto BB74 end } BB74 { - [#"../index_range.rs" 74 15 74 18] _146 <- ([#"../index_range.rs" 74 15 74 18] index1 ([#"../index_range.rs" 74 12 74 15] arr) ([#"../index_range.rs" 74 16 74 17] [#"../index_range.rs" 74 16 74 17] (4 : usize))); + [#"../index_range.rs" 74 15 74 18] _146 <- ([#"../index_range.rs" 74 15 74 18] index1 arr (4 : usize)); goto BB76 } BB75 { @@ -914,7 +992,8 @@ module IndexRange_TestRange } BB76 { assume { resolve0 arr }; - switch ([#"../index_range.rs" 74 12 74 23] ([#"../index_range.rs" 74 12 74 18] _146) = ([#"../index_range.rs" 74 22 74 23] [#"../index_range.rs" 74 22 74 23] (4 : int32))) + [#"../index_range.rs" 74 12 74 23] _144 <- ([#"../index_range.rs" 74 12 74 23] _146 = (4 : int32)); + switch (_144) | False -> goto BB78 | True -> goto BB77 end @@ -1215,31 +1294,52 @@ module IndexRange_TestRangeTo var arr : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); var s : slice int32; var _3 : slice int32; + var _5 : Core_Ops_Range_RangeTo_Type.t_rangeto usize; + var _7 : bool; var _8 : usize; + var _10 : bool; var _12 : usize; + var _13 : usize; var _14 : bool; + var _15 : bool; var _17 : usize; + var _18 : usize; var _19 : bool; + var _22 : bool; var _23 : usize; var _25 : slice int32; + var _27 : Core_Ops_Range_RangeTo_Type.t_rangeto usize; var _30 : bool; var _32 : Core_Option_Option_Type.t_option (slice int32); var _34 : slice int32; + var _36 : Core_Ops_Range_RangeTo_Type.t_rangeto usize; var s1 : borrowed (slice int32); var _39 : borrowed (slice int32); var _40 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + var _41 : Core_Ops_Range_RangeTo_Type.t_rangeto usize; + var _43 : bool; var _44 : usize; var _47 : usize; + var _48 : usize; var _49 : bool; var _50 : usize; + var _51 : usize; var _52 : bool; + var _54 : bool; var _56 : usize; + var _57 : usize; var _58 : bool; + var _61 : bool; var _62 : usize; + var _66 : bool; var _68 : int32; + var _72 : bool; var _74 : int32; + var _78 : bool; var _80 : int32; + var _84 : bool; var _86 : int32; + var _90 : bool; var _92 : int32; { goto BB0 @@ -1249,46 +1349,56 @@ module IndexRange_TestRangeTo goto BB1 } BB1 { - [#"../index_range.rs" 85 16 85 21] _3 <- ([#"../index_range.rs" 85 16 85 21] index0 ([#"../index_range.rs" 85 13 85 16] arr) ([#"../index_range.rs" 85 17 85 20] Core_Ops_Range_RangeTo_Type.C_RangeTo ([#"../index_range.rs" 85 19 85 20] [#"../index_range.rs" 85 19 85 20] (2 : usize)))); + [#"../index_range.rs" 85 17 85 20] _5 <- ([#"../index_range.rs" 85 17 85 20] Core_Ops_Range_RangeTo_Type.C_RangeTo (2 : usize)); + [#"../index_range.rs" 85 16 85 21] _3 <- ([#"../index_range.rs" 85 16 85 21] index0 arr _5); + _5 <- any Core_Ops_Range_RangeTo_Type.t_rangeto usize; goto BB2 } BB2 { [#"../index_range.rs" 85 12 85 21] s <- ([#"../index_range.rs" 85 12 85 21] _3); - [#"../index_range.rs" 86 12 86 19] _8 <- ([#"../index_range.rs" 86 12 86 19] len0 ([#"../index_range.rs" 86 12 86 13] s)); + [#"../index_range.rs" 86 12 86 19] _8 <- ([#"../index_range.rs" 86 12 86 19] len0 s); goto BB3 } BB3 { - switch ([#"../index_range.rs" 86 12 86 24] _8 = ([#"../index_range.rs" 86 23 86 24] [#"../index_range.rs" 86 23 86 24] (2 : usize))) + [#"../index_range.rs" 86 12 86 24] _7 <- ([#"../index_range.rs" 86 12 86 24] _8 = (2 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB11 | True -> goto BB4 end } BB4 { - [#"../index_range.rs" 86 30 86 31] _12 <- ([#"../index_range.rs" 86 30 86 31] [#"../index_range.rs" 86 30 86 31] (0 : usize)); - [#"../index_range.rs" 86 28 86 32] _14 <- ([#"../index_range.rs" 86 28 86 32] _12 < ([#"../index_range.rs" 86 28 86 32] Slice.length s)); + [#"../index_range.rs" 86 30 86 31] _12 <- ([#"../index_range.rs" 86 30 86 31] (0 : usize)); + [#"../index_range.rs" 86 28 86 32] _13 <- ([#"../index_range.rs" 86 28 86 32] Slice.length s); + [#"../index_range.rs" 86 28 86 32] _14 <- ([#"../index_range.rs" 86 28 86 32] _12 < _13); assert { [@expl:index in bounds] [#"../index_range.rs" 86 28 86 32] _14 }; goto BB5 } BB5 { - switch ([#"../index_range.rs" 86 28 86 37] ([#"../index_range.rs" 86 28 86 32] Slice.get s _12) = ([#"../index_range.rs" 86 36 86 37] [#"../index_range.rs" 86 36 86 37] (0 : int32))) + [#"../index_range.rs" 86 28 86 37] _10 <- ([#"../index_range.rs" 86 28 86 37] Slice.get s _12 = (0 : int32)); + switch (_10) | False -> goto BB10 | True -> goto BB6 end } BB6 { - [#"../index_range.rs" 86 43 86 44] _17 <- ([#"../index_range.rs" 86 43 86 44] [#"../index_range.rs" 86 43 86 44] (1 : usize)); - [#"../index_range.rs" 86 41 86 45] _19 <- ([#"../index_range.rs" 86 41 86 45] _17 < ([#"../index_range.rs" 86 41 86 45] Slice.length s)); + [#"../index_range.rs" 86 43 86 44] _17 <- ([#"../index_range.rs" 86 43 86 44] (1 : usize)); + [#"../index_range.rs" 86 41 86 45] _18 <- ([#"../index_range.rs" 86 41 86 45] Slice.length s); + [#"../index_range.rs" 86 41 86 45] _19 <- ([#"../index_range.rs" 86 41 86 45] _17 < _18); assert { [@expl:index in bounds] [#"../index_range.rs" 86 41 86 45] _19 }; goto BB7 } BB7 { - switch ([#"../index_range.rs" 86 41 86 50] ([#"../index_range.rs" 86 41 86 45] Slice.get s _17) = ([#"../index_range.rs" 86 49 86 50] [#"../index_range.rs" 86 49 86 50] (1 : int32))) + [#"../index_range.rs" 86 41 86 50] _15 <- ([#"../index_range.rs" 86 41 86 50] Slice.get s _17 = (1 : int32)); + switch (_15) | False -> goto BB9 | True -> goto BB8 end } BB8 { - [#"../index_range.rs" 91 15 91 20] _25 <- ([#"../index_range.rs" 91 15 91 20] index0 ([#"../index_range.rs" 91 12 91 15] arr) ([#"../index_range.rs" 91 16 91 19] Core_Ops_Range_RangeTo_Type.C_RangeTo ([#"../index_range.rs" 91 18 91 19] [#"../index_range.rs" 91 18 91 19] (0 : usize)))); + [#"../index_range.rs" 91 16 91 19] _27 <- ([#"../index_range.rs" 91 16 91 19] Core_Ops_Range_RangeTo_Type.C_RangeTo (0 : usize)); + [#"../index_range.rs" 91 15 91 20] _25 <- ([#"../index_range.rs" 91 15 91 20] index0 arr _27); + _27 <- any Core_Ops_Range_RangeTo_Type.t_rangeto usize; goto BB13 } BB9 { @@ -1308,17 +1418,19 @@ module IndexRange_TestRangeTo absurd } BB13 { - [#"../index_range.rs" 91 12 91 26] _23 <- ([#"../index_range.rs" 91 12 91 26] len0 ([#"../index_range.rs" 91 12 91 20] _25)); + [#"../index_range.rs" 91 12 91 26] _23 <- ([#"../index_range.rs" 91 12 91 26] len0 _25); goto BB14 } BB14 { - switch ([#"../index_range.rs" 91 12 91 31] _23 = ([#"../index_range.rs" 91 30 91 31] [#"../index_range.rs" 91 30 91 31] (0 : usize))) + [#"../index_range.rs" 91 12 91 31] _22 <- ([#"../index_range.rs" 91 12 91 31] _23 = (0 : usize)); + _23 <- any usize; + switch (_22) | False -> goto BB16 | True -> goto BB15 end } BB15 { - [#"../index_range.rs" 96 12 96 24] _34 <- ([#"../index_range.rs" 96 12 96 24] deref0 ([#"../index_range.rs" 96 12 96 15] arr)); + [#"../index_range.rs" 96 12 96 24] _34 <- ([#"../index_range.rs" 96 12 96 24] deref0 arr); goto BB17 } BB16 { @@ -1327,11 +1439,13 @@ module IndexRange_TestRangeTo absurd } BB17 { - [#"../index_range.rs" 96 12 96 24] _32 <- ([#"../index_range.rs" 96 12 96 24] get0 ([#"../index_range.rs" 96 12 96 15] _34) ([#"../index_range.rs" 96 20 96 23] Core_Ops_Range_RangeTo_Type.C_RangeTo ([#"../index_range.rs" 96 22 96 23] [#"../index_range.rs" 96 22 96 23] (6 : usize)))); + [#"../index_range.rs" 96 20 96 23] _36 <- ([#"../index_range.rs" 96 20 96 23] Core_Ops_Range_RangeTo_Type.C_RangeTo (6 : usize)); + [#"../index_range.rs" 96 12 96 24] _32 <- ([#"../index_range.rs" 96 12 96 24] get0 _34 _36); + _36 <- any Core_Ops_Range_RangeTo_Type.t_rangeto usize; goto BB18 } BB18 { - [#"../index_range.rs" 96 12 96 34] _30 <- ([#"../index_range.rs" 96 12 96 34] is_none0 ([#"../index_range.rs" 96 12 96 24] _32)); + [#"../index_range.rs" 96 12 96 34] _30 <- ([#"../index_range.rs" 96 12 96 34] is_none0 _32); goto BB19 } BB19 { @@ -1343,8 +1457,10 @@ module IndexRange_TestRangeTo BB20 { [#"../index_range.rs" 99 17 99 20] _40 <- Borrow.borrow_mut arr; [#"../index_range.rs" 99 17 99 20] arr <- ^ _40; - [#"../index_range.rs" 99 20 99 25] _39 <- ([#"../index_range.rs" 99 20 99 25] index_mut0 _40 ([#"../index_range.rs" 99 21 99 24] Core_Ops_Range_RangeTo_Type.C_RangeTo ([#"../index_range.rs" 99 23 99 24] [#"../index_range.rs" 99 23 99 24] (3 : usize)))); + [#"../index_range.rs" 99 21 99 24] _41 <- ([#"../index_range.rs" 99 21 99 24] Core_Ops_Range_RangeTo_Type.C_RangeTo (3 : usize)); + [#"../index_range.rs" 99 20 99 25] _39 <- ([#"../index_range.rs" 99 20 99 25] index_mut0 _40 _41); _40 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + _41 <- any Core_Ops_Range_RangeTo_Type.t_rangeto usize; goto BB22 } BB21 { @@ -1355,18 +1471,21 @@ module IndexRange_TestRangeTo BB22 { [#"../index_range.rs" 99 12 99 25] s1 <- Borrow.borrow_final ( * _39) (Borrow.get_id _39); [#"../index_range.rs" 99 12 99 25] _39 <- { _39 with current = ( ^ s1) ; }; - [#"../index_range.rs" 100 12 100 19] _44 <- ([#"../index_range.rs" 100 12 100 19] len0 ([#"../index_range.rs" 100 12 100 13] * s1)); + [#"../index_range.rs" 100 12 100 19] _44 <- ([#"../index_range.rs" 100 12 100 19] len0 ( * s1)); goto BB23 } BB23 { - switch ([#"../index_range.rs" 100 12 100 24] _44 = ([#"../index_range.rs" 100 23 100 24] [#"../index_range.rs" 100 23 100 24] (3 : usize))) + [#"../index_range.rs" 100 12 100 24] _43 <- ([#"../index_range.rs" 100 12 100 24] _44 = (3 : usize)); + _44 <- any usize; + switch (_43) | False -> goto BB25 | True -> goto BB24 end } BB24 { - [#"../index_range.rs" 101 6 101 7] _47 <- ([#"../index_range.rs" 101 6 101 7] [#"../index_range.rs" 101 6 101 7] (0 : usize)); - [#"../index_range.rs" 101 4 101 8] _49 <- ([#"../index_range.rs" 101 4 101 8] _47 < ([#"../index_range.rs" 101 4 101 8] Slice.length ( * s1))); + [#"../index_range.rs" 101 6 101 7] _47 <- ([#"../index_range.rs" 101 6 101 7] (0 : usize)); + [#"../index_range.rs" 101 4 101 8] _48 <- ([#"../index_range.rs" 101 4 101 8] Slice.length ( * s1)); + [#"../index_range.rs" 101 4 101 8] _49 <- ([#"../index_range.rs" 101 4 101 8] _47 < _48); assert { [@expl:index in bounds] [#"../index_range.rs" 101 4 101 8] _49 }; goto BB26 } @@ -1378,29 +1497,32 @@ module IndexRange_TestRangeTo absurd } BB26 { - [#"../index_range.rs" 101 4 101 13] s1 <- { s1 with current = Slice.set ( * s1) _47 ([#"../index_range.rs" 101 4 101 13] [#"../index_range.rs" 101 11 101 13] (-1 : int32)) ; }; - [#"../index_range.rs" 102 6 102 7] _50 <- ([#"../index_range.rs" 102 6 102 7] [#"../index_range.rs" 102 6 102 7] (2 : usize)); - [#"../index_range.rs" 102 4 102 8] _52 <- ([#"../index_range.rs" 102 4 102 8] _50 < ([#"../index_range.rs" 102 4 102 8] Slice.length ( * s1))); + [#"../index_range.rs" 101 4 101 13] s1 <- { s1 with current = Slice.set ( * s1) _47 ([#"../index_range.rs" 101 4 101 13] (-1 : int32)) ; }; + [#"../index_range.rs" 102 6 102 7] _50 <- ([#"../index_range.rs" 102 6 102 7] (2 : usize)); + [#"../index_range.rs" 102 4 102 8] _51 <- ([#"../index_range.rs" 102 4 102 8] Slice.length ( * s1)); + [#"../index_range.rs" 102 4 102 8] _52 <- ([#"../index_range.rs" 102 4 102 8] _50 < _51); assert { [@expl:index in bounds] [#"../index_range.rs" 102 4 102 8] _52 }; goto BB27 } BB27 { - [#"../index_range.rs" 102 4 102 13] s1 <- { s1 with current = Slice.set ( * s1) _50 ([#"../index_range.rs" 102 4 102 13] [#"../index_range.rs" 102 11 102 13] (-1 : int32)) ; }; - [#"../index_range.rs" 104 14 104 15] _56 <- ([#"../index_range.rs" 104 14 104 15] [#"../index_range.rs" 104 14 104 15] (1 : usize)); - [#"../index_range.rs" 104 12 104 16] _58 <- ([#"../index_range.rs" 104 12 104 16] _56 < ([#"../index_range.rs" 104 12 104 16] Slice.length ( * s1))); + [#"../index_range.rs" 102 4 102 13] s1 <- { s1 with current = Slice.set ( * s1) _50 ([#"../index_range.rs" 102 4 102 13] (-1 : int32)) ; }; + [#"../index_range.rs" 104 14 104 15] _56 <- ([#"../index_range.rs" 104 14 104 15] (1 : usize)); + [#"../index_range.rs" 104 12 104 16] _57 <- ([#"../index_range.rs" 104 12 104 16] Slice.length ( * s1)); + [#"../index_range.rs" 104 12 104 16] _58 <- ([#"../index_range.rs" 104 12 104 16] _56 < _57); assert { [@expl:index in bounds] [#"../index_range.rs" 104 12 104 16] _58 }; goto BB28 } BB28 { assume { resolve1 s1 }; + [#"../index_range.rs" 104 12 104 21] _54 <- ([#"../index_range.rs" 104 12 104 21] Slice.get ( * s1) _56 = (1 : int32)); assume { resolve1 _39 }; - switch ([#"../index_range.rs" 104 12 104 21] ([#"../index_range.rs" 104 12 104 16] Slice.get ( * s1) _56) = ([#"../index_range.rs" 104 20 104 21] [#"../index_range.rs" 104 20 104 21] (1 : int32))) + switch (_54) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../index_range.rs" 106 12 106 21] _62 <- ([#"../index_range.rs" 106 12 106 21] len1 ([#"../index_range.rs" 106 12 106 15] arr)); + [#"../index_range.rs" 106 12 106 21] _62 <- ([#"../index_range.rs" 106 12 106 21] len1 arr); goto BB31 } BB30 { @@ -1409,13 +1531,15 @@ module IndexRange_TestRangeTo absurd } BB31 { - switch ([#"../index_range.rs" 106 12 106 26] _62 = ([#"../index_range.rs" 106 25 106 26] [#"../index_range.rs" 106 25 106 26] (5 : usize))) + [#"../index_range.rs" 106 12 106 26] _61 <- ([#"../index_range.rs" 106 12 106 26] _62 = (5 : usize)); + _62 <- any usize; + switch (_61) | False -> goto BB33 | True -> goto BB32 end } BB32 { - [#"../index_range.rs" 107 15 107 18] _68 <- ([#"../index_range.rs" 107 15 107 18] index1 ([#"../index_range.rs" 107 12 107 15] arr) ([#"../index_range.rs" 107 16 107 17] [#"../index_range.rs" 107 16 107 17] (0 : usize))); + [#"../index_range.rs" 107 15 107 18] _68 <- ([#"../index_range.rs" 107 15 107 18] index1 arr (0 : usize)); goto BB34 } BB33 { @@ -1424,13 +1548,14 @@ module IndexRange_TestRangeTo absurd } BB34 { - switch ([#"../index_range.rs" 107 12 107 24] ([#"../index_range.rs" 107 12 107 18] _68) = ([#"../index_range.rs" 107 22 107 24] [#"../index_range.rs" 107 22 107 24] (-1 : int32))) + [#"../index_range.rs" 107 12 107 24] _66 <- ([#"../index_range.rs" 107 12 107 24] _68 = (-1 : int32)); + switch (_66) | False -> goto BB36 | True -> goto BB35 end } BB35 { - [#"../index_range.rs" 108 15 108 18] _74 <- ([#"../index_range.rs" 108 15 108 18] index1 ([#"../index_range.rs" 108 12 108 15] arr) ([#"../index_range.rs" 108 16 108 17] [#"../index_range.rs" 108 16 108 17] (1 : usize))); + [#"../index_range.rs" 108 15 108 18] _74 <- ([#"../index_range.rs" 108 15 108 18] index1 arr (1 : usize)); goto BB37 } BB36 { @@ -1439,13 +1564,14 @@ module IndexRange_TestRangeTo absurd } BB37 { - switch ([#"../index_range.rs" 108 12 108 23] ([#"../index_range.rs" 108 12 108 18] _74) = ([#"../index_range.rs" 108 22 108 23] [#"../index_range.rs" 108 22 108 23] (1 : int32))) + [#"../index_range.rs" 108 12 108 23] _72 <- ([#"../index_range.rs" 108 12 108 23] _74 = (1 : int32)); + switch (_72) | False -> goto BB39 | True -> goto BB38 end } BB38 { - [#"../index_range.rs" 109 15 109 18] _80 <- ([#"../index_range.rs" 109 15 109 18] index1 ([#"../index_range.rs" 109 12 109 15] arr) ([#"../index_range.rs" 109 16 109 17] [#"../index_range.rs" 109 16 109 17] (2 : usize))); + [#"../index_range.rs" 109 15 109 18] _80 <- ([#"../index_range.rs" 109 15 109 18] index1 arr (2 : usize)); goto BB40 } BB39 { @@ -1454,13 +1580,14 @@ module IndexRange_TestRangeTo absurd } BB40 { - switch ([#"../index_range.rs" 109 12 109 24] ([#"../index_range.rs" 109 12 109 18] _80) = ([#"../index_range.rs" 109 22 109 24] [#"../index_range.rs" 109 22 109 24] (-1 : int32))) + [#"../index_range.rs" 109 12 109 24] _78 <- ([#"../index_range.rs" 109 12 109 24] _80 = (-1 : int32)); + switch (_78) | False -> goto BB42 | True -> goto BB41 end } BB41 { - [#"../index_range.rs" 110 15 110 18] _86 <- ([#"../index_range.rs" 110 15 110 18] index1 ([#"../index_range.rs" 110 12 110 15] arr) ([#"../index_range.rs" 110 16 110 17] [#"../index_range.rs" 110 16 110 17] (3 : usize))); + [#"../index_range.rs" 110 15 110 18] _86 <- ([#"../index_range.rs" 110 15 110 18] index1 arr (3 : usize)); goto BB43 } BB42 { @@ -1469,13 +1596,14 @@ module IndexRange_TestRangeTo absurd } BB43 { - switch ([#"../index_range.rs" 110 12 110 23] ([#"../index_range.rs" 110 12 110 18] _86) = ([#"../index_range.rs" 110 22 110 23] [#"../index_range.rs" 110 22 110 23] (3 : int32))) + [#"../index_range.rs" 110 12 110 23] _84 <- ([#"../index_range.rs" 110 12 110 23] _86 = (3 : int32)); + switch (_84) | False -> goto BB45 | True -> goto BB44 end } BB44 { - [#"../index_range.rs" 111 15 111 18] _92 <- ([#"../index_range.rs" 111 15 111 18] index1 ([#"../index_range.rs" 111 12 111 15] arr) ([#"../index_range.rs" 111 16 111 17] [#"../index_range.rs" 111 16 111 17] (4 : usize))); + [#"../index_range.rs" 111 15 111 18] _92 <- ([#"../index_range.rs" 111 15 111 18] index1 arr (4 : usize)); goto BB46 } BB45 { @@ -1485,7 +1613,8 @@ module IndexRange_TestRangeTo } BB46 { assume { resolve0 arr }; - switch ([#"../index_range.rs" 111 12 111 23] ([#"../index_range.rs" 111 12 111 18] _92) = ([#"../index_range.rs" 111 22 111 23] [#"../index_range.rs" 111 22 111 23] (4 : int32))) + [#"../index_range.rs" 111 12 111 23] _90 <- ([#"../index_range.rs" 111 12 111 23] _92 = (4 : int32)); + switch (_90) | False -> goto BB48 | True -> goto BB47 end @@ -1789,34 +1918,56 @@ module IndexRange_TestRangeFrom var arr : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); var s : slice int32; var _3 : slice int32; + var _5 : Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; + var _7 : bool; var _8 : usize; + var _10 : bool; var _12 : usize; + var _13 : usize; var _14 : bool; + var _15 : bool; var _17 : usize; + var _18 : usize; var _19 : bool; + var _22 : bool; var _23 : usize; var _25 : slice int32; + var _27 : Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; var _30 : bool; var _32 : Core_Option_Option_Type.t_option (slice int32); var _34 : slice int32; + var _36 : Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; var _39 : bool; var _41 : Core_Option_Option_Type.t_option (slice int32); var _43 : slice int32; + var _45 : Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; var s1 : borrowed (slice int32); var _48 : borrowed (slice int32); var _49 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + var _50 : Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; + var _52 : bool; var _53 : usize; var _56 : usize; + var _57 : usize; var _58 : bool; var _59 : usize; + var _60 : usize; var _61 : bool; + var _63 : bool; var _65 : usize; + var _66 : usize; var _67 : bool; + var _70 : bool; var _71 : usize; + var _75 : bool; var _77 : int32; + var _81 : bool; var _83 : int32; + var _87 : bool; var _89 : int32; + var _93 : bool; var _95 : int32; + var _99 : bool; var _101 : int32; { goto BB0 @@ -1826,46 +1977,56 @@ module IndexRange_TestRangeFrom goto BB1 } BB1 { - [#"../index_range.rs" 122 16 122 21] _3 <- ([#"../index_range.rs" 122 16 122 21] index0 ([#"../index_range.rs" 122 13 122 16] arr) ([#"../index_range.rs" 122 17 122 20] Core_Ops_Range_RangeFrom_Type.C_RangeFrom ([#"../index_range.rs" 122 17 122 18] [#"../index_range.rs" 122 17 122 18] (3 : usize)))); + [#"../index_range.rs" 122 17 122 20] _5 <- ([#"../index_range.rs" 122 17 122 20] Core_Ops_Range_RangeFrom_Type.C_RangeFrom (3 : usize)); + [#"../index_range.rs" 122 16 122 21] _3 <- ([#"../index_range.rs" 122 16 122 21] index0 arr _5); + _5 <- any Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; goto BB2 } BB2 { [#"../index_range.rs" 122 12 122 21] s <- ([#"../index_range.rs" 122 12 122 21] _3); - [#"../index_range.rs" 123 12 123 19] _8 <- ([#"../index_range.rs" 123 12 123 19] len0 ([#"../index_range.rs" 123 12 123 13] s)); + [#"../index_range.rs" 123 12 123 19] _8 <- ([#"../index_range.rs" 123 12 123 19] len0 s); goto BB3 } BB3 { - switch ([#"../index_range.rs" 123 12 123 24] _8 = ([#"../index_range.rs" 123 23 123 24] [#"../index_range.rs" 123 23 123 24] (2 : usize))) + [#"../index_range.rs" 123 12 123 24] _7 <- ([#"../index_range.rs" 123 12 123 24] _8 = (2 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB11 | True -> goto BB4 end } BB4 { - [#"../index_range.rs" 123 30 123 31] _12 <- ([#"../index_range.rs" 123 30 123 31] [#"../index_range.rs" 123 30 123 31] (0 : usize)); - [#"../index_range.rs" 123 28 123 32] _14 <- ([#"../index_range.rs" 123 28 123 32] _12 < ([#"../index_range.rs" 123 28 123 32] Slice.length s)); + [#"../index_range.rs" 123 30 123 31] _12 <- ([#"../index_range.rs" 123 30 123 31] (0 : usize)); + [#"../index_range.rs" 123 28 123 32] _13 <- ([#"../index_range.rs" 123 28 123 32] Slice.length s); + [#"../index_range.rs" 123 28 123 32] _14 <- ([#"../index_range.rs" 123 28 123 32] _12 < _13); assert { [@expl:index in bounds] [#"../index_range.rs" 123 28 123 32] _14 }; goto BB5 } BB5 { - switch ([#"../index_range.rs" 123 28 123 37] ([#"../index_range.rs" 123 28 123 32] Slice.get s _12) = ([#"../index_range.rs" 123 36 123 37] [#"../index_range.rs" 123 36 123 37] (3 : int32))) + [#"../index_range.rs" 123 28 123 37] _10 <- ([#"../index_range.rs" 123 28 123 37] Slice.get s _12 = (3 : int32)); + switch (_10) | False -> goto BB10 | True -> goto BB6 end } BB6 { - [#"../index_range.rs" 123 43 123 44] _17 <- ([#"../index_range.rs" 123 43 123 44] [#"../index_range.rs" 123 43 123 44] (1 : usize)); - [#"../index_range.rs" 123 41 123 45] _19 <- ([#"../index_range.rs" 123 41 123 45] _17 < ([#"../index_range.rs" 123 41 123 45] Slice.length s)); + [#"../index_range.rs" 123 43 123 44] _17 <- ([#"../index_range.rs" 123 43 123 44] (1 : usize)); + [#"../index_range.rs" 123 41 123 45] _18 <- ([#"../index_range.rs" 123 41 123 45] Slice.length s); + [#"../index_range.rs" 123 41 123 45] _19 <- ([#"../index_range.rs" 123 41 123 45] _17 < _18); assert { [@expl:index in bounds] [#"../index_range.rs" 123 41 123 45] _19 }; goto BB7 } BB7 { - switch ([#"../index_range.rs" 123 41 123 50] ([#"../index_range.rs" 123 41 123 45] Slice.get s _17) = ([#"../index_range.rs" 123 49 123 50] [#"../index_range.rs" 123 49 123 50] (4 : int32))) + [#"../index_range.rs" 123 41 123 50] _15 <- ([#"../index_range.rs" 123 41 123 50] Slice.get s _17 = (4 : int32)); + switch (_15) | False -> goto BB9 | True -> goto BB8 end } BB8 { - [#"../index_range.rs" 128 15 128 20] _25 <- ([#"../index_range.rs" 128 15 128 20] index0 ([#"../index_range.rs" 128 12 128 15] arr) ([#"../index_range.rs" 128 16 128 19] Core_Ops_Range_RangeFrom_Type.C_RangeFrom ([#"../index_range.rs" 128 16 128 17] [#"../index_range.rs" 128 16 128 17] (5 : usize)))); + [#"../index_range.rs" 128 16 128 19] _27 <- ([#"../index_range.rs" 128 16 128 19] Core_Ops_Range_RangeFrom_Type.C_RangeFrom (5 : usize)); + [#"../index_range.rs" 128 15 128 20] _25 <- ([#"../index_range.rs" 128 15 128 20] index0 arr _27); + _27 <- any Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; goto BB13 } BB9 { @@ -1885,17 +2046,19 @@ module IndexRange_TestRangeFrom absurd } BB13 { - [#"../index_range.rs" 128 12 128 26] _23 <- ([#"../index_range.rs" 128 12 128 26] len0 ([#"../index_range.rs" 128 12 128 20] _25)); + [#"../index_range.rs" 128 12 128 26] _23 <- ([#"../index_range.rs" 128 12 128 26] len0 _25); goto BB14 } BB14 { - switch ([#"../index_range.rs" 128 12 128 31] _23 = ([#"../index_range.rs" 128 30 128 31] [#"../index_range.rs" 128 30 128 31] (0 : usize))) + [#"../index_range.rs" 128 12 128 31] _22 <- ([#"../index_range.rs" 128 12 128 31] _23 = (0 : usize)); + _23 <- any usize; + switch (_22) | False -> goto BB16 | True -> goto BB15 end } BB15 { - [#"../index_range.rs" 133 12 133 24] _34 <- ([#"../index_range.rs" 133 12 133 24] deref0 ([#"../index_range.rs" 133 12 133 15] arr)); + [#"../index_range.rs" 133 12 133 24] _34 <- ([#"../index_range.rs" 133 12 133 24] deref0 arr); goto BB17 } BB16 { @@ -1904,11 +2067,13 @@ module IndexRange_TestRangeFrom absurd } BB17 { - [#"../index_range.rs" 133 12 133 24] _32 <- ([#"../index_range.rs" 133 12 133 24] get0 ([#"../index_range.rs" 133 12 133 15] _34) ([#"../index_range.rs" 133 20 133 23] Core_Ops_Range_RangeFrom_Type.C_RangeFrom ([#"../index_range.rs" 133 20 133 21] [#"../index_range.rs" 133 20 133 21] (6 : usize)))); + [#"../index_range.rs" 133 20 133 23] _36 <- ([#"../index_range.rs" 133 20 133 23] Core_Ops_Range_RangeFrom_Type.C_RangeFrom (6 : usize)); + [#"../index_range.rs" 133 12 133 24] _32 <- ([#"../index_range.rs" 133 12 133 24] get0 _34 _36); + _36 <- any Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; goto BB18 } BB18 { - [#"../index_range.rs" 133 12 133 34] _30 <- ([#"../index_range.rs" 133 12 133 34] is_none0 ([#"../index_range.rs" 133 12 133 24] _32)); + [#"../index_range.rs" 133 12 133 34] _30 <- ([#"../index_range.rs" 133 12 133 34] is_none0 _32); goto BB19 } BB19 { @@ -1918,7 +2083,7 @@ module IndexRange_TestRangeFrom end } BB20 { - [#"../index_range.rs" 135 12 135 25] _43 <- ([#"../index_range.rs" 135 12 135 25] deref0 ([#"../index_range.rs" 135 12 135 15] arr)); + [#"../index_range.rs" 135 12 135 25] _43 <- ([#"../index_range.rs" 135 12 135 25] deref0 arr); goto BB22 } BB21 { @@ -1927,11 +2092,13 @@ module IndexRange_TestRangeFrom absurd } BB22 { - [#"../index_range.rs" 135 12 135 25] _41 <- ([#"../index_range.rs" 135 12 135 25] get0 ([#"../index_range.rs" 135 12 135 15] _43) ([#"../index_range.rs" 135 20 135 24] Core_Ops_Range_RangeFrom_Type.C_RangeFrom ([#"../index_range.rs" 135 20 135 22] [#"../index_range.rs" 135 20 135 22] (10 : usize)))); + [#"../index_range.rs" 135 20 135 24] _45 <- ([#"../index_range.rs" 135 20 135 24] Core_Ops_Range_RangeFrom_Type.C_RangeFrom (10 : usize)); + [#"../index_range.rs" 135 12 135 25] _41 <- ([#"../index_range.rs" 135 12 135 25] get0 _43 _45); + _45 <- any Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; goto BB23 } BB23 { - [#"../index_range.rs" 135 12 135 35] _39 <- ([#"../index_range.rs" 135 12 135 35] is_none0 ([#"../index_range.rs" 135 12 135 25] _41)); + [#"../index_range.rs" 135 12 135 35] _39 <- ([#"../index_range.rs" 135 12 135 35] is_none0 _41); goto BB24 } BB24 { @@ -1943,8 +2110,10 @@ module IndexRange_TestRangeFrom BB25 { [#"../index_range.rs" 138 17 138 20] _49 <- Borrow.borrow_mut arr; [#"../index_range.rs" 138 17 138 20] arr <- ^ _49; - [#"../index_range.rs" 138 20 138 25] _48 <- ([#"../index_range.rs" 138 20 138 25] index_mut0 _49 ([#"../index_range.rs" 138 21 138 24] Core_Ops_Range_RangeFrom_Type.C_RangeFrom ([#"../index_range.rs" 138 21 138 22] [#"../index_range.rs" 138 21 138 22] (2 : usize)))); + [#"../index_range.rs" 138 21 138 24] _50 <- ([#"../index_range.rs" 138 21 138 24] Core_Ops_Range_RangeFrom_Type.C_RangeFrom (2 : usize)); + [#"../index_range.rs" 138 20 138 25] _48 <- ([#"../index_range.rs" 138 20 138 25] index_mut0 _49 _50); _49 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + _50 <- any Core_Ops_Range_RangeFrom_Type.t_rangefrom usize; goto BB27 } BB26 { @@ -1955,18 +2124,21 @@ module IndexRange_TestRangeFrom BB27 { [#"../index_range.rs" 138 12 138 25] s1 <- Borrow.borrow_final ( * _48) (Borrow.get_id _48); [#"../index_range.rs" 138 12 138 25] _48 <- { _48 with current = ( ^ s1) ; }; - [#"../index_range.rs" 139 12 139 19] _53 <- ([#"../index_range.rs" 139 12 139 19] len0 ([#"../index_range.rs" 139 12 139 13] * s1)); + [#"../index_range.rs" 139 12 139 19] _53 <- ([#"../index_range.rs" 139 12 139 19] len0 ( * s1)); goto BB28 } BB28 { - switch ([#"../index_range.rs" 139 12 139 24] _53 = ([#"../index_range.rs" 139 23 139 24] [#"../index_range.rs" 139 23 139 24] (3 : usize))) + [#"../index_range.rs" 139 12 139 24] _52 <- ([#"../index_range.rs" 139 12 139 24] _53 = (3 : usize)); + _53 <- any usize; + switch (_52) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../index_range.rs" 140 6 140 7] _56 <- ([#"../index_range.rs" 140 6 140 7] [#"../index_range.rs" 140 6 140 7] (0 : usize)); - [#"../index_range.rs" 140 4 140 8] _58 <- ([#"../index_range.rs" 140 4 140 8] _56 < ([#"../index_range.rs" 140 4 140 8] Slice.length ( * s1))); + [#"../index_range.rs" 140 6 140 7] _56 <- ([#"../index_range.rs" 140 6 140 7] (0 : usize)); + [#"../index_range.rs" 140 4 140 8] _57 <- ([#"../index_range.rs" 140 4 140 8] Slice.length ( * s1)); + [#"../index_range.rs" 140 4 140 8] _58 <- ([#"../index_range.rs" 140 4 140 8] _56 < _57); assert { [@expl:index in bounds] [#"../index_range.rs" 140 4 140 8] _58 }; goto BB31 } @@ -1978,29 +2150,32 @@ module IndexRange_TestRangeFrom absurd } BB31 { - [#"../index_range.rs" 140 4 140 13] s1 <- { s1 with current = Slice.set ( * s1) _56 ([#"../index_range.rs" 140 4 140 13] [#"../index_range.rs" 140 11 140 13] (-1 : int32)) ; }; - [#"../index_range.rs" 141 6 141 7] _59 <- ([#"../index_range.rs" 141 6 141 7] [#"../index_range.rs" 141 6 141 7] (1 : usize)); - [#"../index_range.rs" 141 4 141 8] _61 <- ([#"../index_range.rs" 141 4 141 8] _59 < ([#"../index_range.rs" 141 4 141 8] Slice.length ( * s1))); + [#"../index_range.rs" 140 4 140 13] s1 <- { s1 with current = Slice.set ( * s1) _56 ([#"../index_range.rs" 140 4 140 13] (-1 : int32)) ; }; + [#"../index_range.rs" 141 6 141 7] _59 <- ([#"../index_range.rs" 141 6 141 7] (1 : usize)); + [#"../index_range.rs" 141 4 141 8] _60 <- ([#"../index_range.rs" 141 4 141 8] Slice.length ( * s1)); + [#"../index_range.rs" 141 4 141 8] _61 <- ([#"../index_range.rs" 141 4 141 8] _59 < _60); assert { [@expl:index in bounds] [#"../index_range.rs" 141 4 141 8] _61 }; goto BB32 } BB32 { - [#"../index_range.rs" 141 4 141 13] s1 <- { s1 with current = Slice.set ( * s1) _59 ([#"../index_range.rs" 141 4 141 13] [#"../index_range.rs" 141 11 141 13] (-1 : int32)) ; }; - [#"../index_range.rs" 143 14 143 15] _65 <- ([#"../index_range.rs" 143 14 143 15] [#"../index_range.rs" 143 14 143 15] (2 : usize)); - [#"../index_range.rs" 143 12 143 16] _67 <- ([#"../index_range.rs" 143 12 143 16] _65 < ([#"../index_range.rs" 143 12 143 16] Slice.length ( * s1))); + [#"../index_range.rs" 141 4 141 13] s1 <- { s1 with current = Slice.set ( * s1) _59 ([#"../index_range.rs" 141 4 141 13] (-1 : int32)) ; }; + [#"../index_range.rs" 143 14 143 15] _65 <- ([#"../index_range.rs" 143 14 143 15] (2 : usize)); + [#"../index_range.rs" 143 12 143 16] _66 <- ([#"../index_range.rs" 143 12 143 16] Slice.length ( * s1)); + [#"../index_range.rs" 143 12 143 16] _67 <- ([#"../index_range.rs" 143 12 143 16] _65 < _66); assert { [@expl:index in bounds] [#"../index_range.rs" 143 12 143 16] _67 }; goto BB33 } BB33 { assume { resolve1 s1 }; + [#"../index_range.rs" 143 12 143 21] _63 <- ([#"../index_range.rs" 143 12 143 21] Slice.get ( * s1) _65 = (4 : int32)); assume { resolve1 _48 }; - switch ([#"../index_range.rs" 143 12 143 21] ([#"../index_range.rs" 143 12 143 16] Slice.get ( * s1) _65) = ([#"../index_range.rs" 143 20 143 21] [#"../index_range.rs" 143 20 143 21] (4 : int32))) + switch (_63) | False -> goto BB35 | True -> goto BB34 end } BB34 { - [#"../index_range.rs" 145 12 145 21] _71 <- ([#"../index_range.rs" 145 12 145 21] len1 ([#"../index_range.rs" 145 12 145 15] arr)); + [#"../index_range.rs" 145 12 145 21] _71 <- ([#"../index_range.rs" 145 12 145 21] len1 arr); goto BB36 } BB35 { @@ -2009,13 +2184,15 @@ module IndexRange_TestRangeFrom absurd } BB36 { - switch ([#"../index_range.rs" 145 12 145 26] _71 = ([#"../index_range.rs" 145 25 145 26] [#"../index_range.rs" 145 25 145 26] (5 : usize))) + [#"../index_range.rs" 145 12 145 26] _70 <- ([#"../index_range.rs" 145 12 145 26] _71 = (5 : usize)); + _71 <- any usize; + switch (_70) | False -> goto BB38 | True -> goto BB37 end } BB37 { - [#"../index_range.rs" 146 15 146 18] _77 <- ([#"../index_range.rs" 146 15 146 18] index1 ([#"../index_range.rs" 146 12 146 15] arr) ([#"../index_range.rs" 146 16 146 17] [#"../index_range.rs" 146 16 146 17] (0 : usize))); + [#"../index_range.rs" 146 15 146 18] _77 <- ([#"../index_range.rs" 146 15 146 18] index1 arr (0 : usize)); goto BB39 } BB38 { @@ -2024,13 +2201,14 @@ module IndexRange_TestRangeFrom absurd } BB39 { - switch ([#"../index_range.rs" 146 12 146 23] ([#"../index_range.rs" 146 12 146 18] _77) = ([#"../index_range.rs" 146 22 146 23] [#"../index_range.rs" 146 22 146 23] (0 : int32))) + [#"../index_range.rs" 146 12 146 23] _75 <- ([#"../index_range.rs" 146 12 146 23] _77 = (0 : int32)); + switch (_75) | False -> goto BB41 | True -> goto BB40 end } BB40 { - [#"../index_range.rs" 147 15 147 18] _83 <- ([#"../index_range.rs" 147 15 147 18] index1 ([#"../index_range.rs" 147 12 147 15] arr) ([#"../index_range.rs" 147 16 147 17] [#"../index_range.rs" 147 16 147 17] (1 : usize))); + [#"../index_range.rs" 147 15 147 18] _83 <- ([#"../index_range.rs" 147 15 147 18] index1 arr (1 : usize)); goto BB42 } BB41 { @@ -2039,13 +2217,14 @@ module IndexRange_TestRangeFrom absurd } BB42 { - switch ([#"../index_range.rs" 147 12 147 23] ([#"../index_range.rs" 147 12 147 18] _83) = ([#"../index_range.rs" 147 22 147 23] [#"../index_range.rs" 147 22 147 23] (1 : int32))) + [#"../index_range.rs" 147 12 147 23] _81 <- ([#"../index_range.rs" 147 12 147 23] _83 = (1 : int32)); + switch (_81) | False -> goto BB44 | True -> goto BB43 end } BB43 { - [#"../index_range.rs" 148 15 148 18] _89 <- ([#"../index_range.rs" 148 15 148 18] index1 ([#"../index_range.rs" 148 12 148 15] arr) ([#"../index_range.rs" 148 16 148 17] [#"../index_range.rs" 148 16 148 17] (2 : usize))); + [#"../index_range.rs" 148 15 148 18] _89 <- ([#"../index_range.rs" 148 15 148 18] index1 arr (2 : usize)); goto BB45 } BB44 { @@ -2054,13 +2233,14 @@ module IndexRange_TestRangeFrom absurd } BB45 { - switch ([#"../index_range.rs" 148 12 148 24] ([#"../index_range.rs" 148 12 148 18] _89) = ([#"../index_range.rs" 148 22 148 24] [#"../index_range.rs" 148 22 148 24] (-1 : int32))) + [#"../index_range.rs" 148 12 148 24] _87 <- ([#"../index_range.rs" 148 12 148 24] _89 = (-1 : int32)); + switch (_87) | False -> goto BB47 | True -> goto BB46 end } BB46 { - [#"../index_range.rs" 149 15 149 18] _95 <- ([#"../index_range.rs" 149 15 149 18] index1 ([#"../index_range.rs" 149 12 149 15] arr) ([#"../index_range.rs" 149 16 149 17] [#"../index_range.rs" 149 16 149 17] (3 : usize))); + [#"../index_range.rs" 149 15 149 18] _95 <- ([#"../index_range.rs" 149 15 149 18] index1 arr (3 : usize)); goto BB48 } BB47 { @@ -2069,13 +2249,14 @@ module IndexRange_TestRangeFrom absurd } BB48 { - switch ([#"../index_range.rs" 149 12 149 24] ([#"../index_range.rs" 149 12 149 18] _95) = ([#"../index_range.rs" 149 22 149 24] [#"../index_range.rs" 149 22 149 24] (-1 : int32))) + [#"../index_range.rs" 149 12 149 24] _93 <- ([#"../index_range.rs" 149 12 149 24] _95 = (-1 : int32)); + switch (_93) | False -> goto BB50 | True -> goto BB49 end } BB49 { - [#"../index_range.rs" 150 15 150 18] _101 <- ([#"../index_range.rs" 150 15 150 18] index1 ([#"../index_range.rs" 150 12 150 15] arr) ([#"../index_range.rs" 150 16 150 17] [#"../index_range.rs" 150 16 150 17] (4 : usize))); + [#"../index_range.rs" 150 15 150 18] _101 <- ([#"../index_range.rs" 150 15 150 18] index1 arr (4 : usize)); goto BB51 } BB50 { @@ -2085,7 +2266,8 @@ module IndexRange_TestRangeFrom } BB51 { assume { resolve0 arr }; - switch ([#"../index_range.rs" 150 12 150 23] ([#"../index_range.rs" 150 12 150 18] _101) = ([#"../index_range.rs" 150 22 150 23] [#"../index_range.rs" 150 22 150 23] (4 : int32))) + [#"../index_range.rs" 150 12 150 23] _99 <- ([#"../index_range.rs" 150 12 150 23] _101 = (4 : int32)); + switch (_99) | False -> goto BB53 | True -> goto BB52 end @@ -2345,30 +2527,52 @@ module IndexRange_TestRangeFull var arr : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); var s : slice int32; var _3 : slice int32; + var _5 : Core_Ops_Range_RangeFull_Type.t_rangefull; + var _7 : bool; var _8 : usize; + var _10 : bool; var _12 : usize; + var _13 : usize; var _14 : bool; + var _15 : bool; var _17 : usize; + var _18 : usize; var _19 : bool; + var _20 : bool; var _22 : usize; + var _23 : usize; var _24 : bool; + var _25 : bool; var _27 : usize; + var _28 : usize; var _29 : bool; + var _30 : bool; var _32 : usize; + var _33 : usize; var _34 : bool; var s1 : borrowed (slice int32); var _37 : borrowed (slice int32); var _38 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + var _39 : Core_Ops_Range_RangeFull_Type.t_rangefull; + var _41 : bool; var _42 : usize; var _45 : usize; + var _46 : usize; var _47 : bool; var _48 : usize; + var _49 : usize; var _50 : bool; + var _52 : bool; var _53 : usize; + var _57 : bool; var _59 : int32; + var _63 : bool; var _65 : int32; + var _69 : bool; var _71 : int32; + var _75 : bool; var _77 : int32; + var _81 : bool; var _83 : int32; { goto BB0 @@ -2378,76 +2582,90 @@ module IndexRange_TestRangeFull goto BB1 } BB1 { - [#"../index_range.rs" 161 16 161 20] _3 <- ([#"../index_range.rs" 161 16 161 20] index0 ([#"../index_range.rs" 161 13 161 16] arr) ([#"../index_range.rs" 161 17 161 19] Core_Ops_Range_RangeFull_Type.C_RangeFull)); + [#"../index_range.rs" 161 17 161 19] _5 <- ([#"../index_range.rs" 161 17 161 19] Core_Ops_Range_RangeFull_Type.C_RangeFull); + [#"../index_range.rs" 161 16 161 20] _3 <- ([#"../index_range.rs" 161 16 161 20] index0 arr _5); + _5 <- any Core_Ops_Range_RangeFull_Type.t_rangefull; goto BB2 } BB2 { [#"../index_range.rs" 161 12 161 20] s <- ([#"../index_range.rs" 161 12 161 20] _3); - [#"../index_range.rs" 162 12 162 19] _8 <- ([#"../index_range.rs" 162 12 162 19] len0 ([#"../index_range.rs" 162 12 162 13] s)); + [#"../index_range.rs" 162 12 162 19] _8 <- ([#"../index_range.rs" 162 12 162 19] len0 s); goto BB3 } BB3 { - switch ([#"../index_range.rs" 162 12 162 24] _8 = ([#"../index_range.rs" 162 23 162 24] [#"../index_range.rs" 162 23 162 24] (5 : usize))) + [#"../index_range.rs" 162 12 162 24] _7 <- ([#"../index_range.rs" 162 12 162 24] _8 = (5 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB20 | True -> goto BB4 end } BB4 { - [#"../index_range.rs" 162 30 162 31] _12 <- ([#"../index_range.rs" 162 30 162 31] [#"../index_range.rs" 162 30 162 31] (0 : usize)); - [#"../index_range.rs" 162 28 162 32] _14 <- ([#"../index_range.rs" 162 28 162 32] _12 < ([#"../index_range.rs" 162 28 162 32] Slice.length s)); + [#"../index_range.rs" 162 30 162 31] _12 <- ([#"../index_range.rs" 162 30 162 31] (0 : usize)); + [#"../index_range.rs" 162 28 162 32] _13 <- ([#"../index_range.rs" 162 28 162 32] Slice.length s); + [#"../index_range.rs" 162 28 162 32] _14 <- ([#"../index_range.rs" 162 28 162 32] _12 < _13); assert { [@expl:index in bounds] [#"../index_range.rs" 162 28 162 32] _14 }; goto BB5 } BB5 { - switch ([#"../index_range.rs" 162 28 162 37] ([#"../index_range.rs" 162 28 162 32] Slice.get s _12) = ([#"../index_range.rs" 162 36 162 37] [#"../index_range.rs" 162 36 162 37] (0 : int32))) + [#"../index_range.rs" 162 28 162 37] _10 <- ([#"../index_range.rs" 162 28 162 37] Slice.get s _12 = (0 : int32)); + switch (_10) | False -> goto BB19 | True -> goto BB6 end } BB6 { - [#"../index_range.rs" 162 43 162 44] _17 <- ([#"../index_range.rs" 162 43 162 44] [#"../index_range.rs" 162 43 162 44] (1 : usize)); - [#"../index_range.rs" 162 41 162 45] _19 <- ([#"../index_range.rs" 162 41 162 45] _17 < ([#"../index_range.rs" 162 41 162 45] Slice.length s)); + [#"../index_range.rs" 162 43 162 44] _17 <- ([#"../index_range.rs" 162 43 162 44] (1 : usize)); + [#"../index_range.rs" 162 41 162 45] _18 <- ([#"../index_range.rs" 162 41 162 45] Slice.length s); + [#"../index_range.rs" 162 41 162 45] _19 <- ([#"../index_range.rs" 162 41 162 45] _17 < _18); assert { [@expl:index in bounds] [#"../index_range.rs" 162 41 162 45] _19 }; goto BB7 } BB7 { - switch ([#"../index_range.rs" 162 41 162 50] ([#"../index_range.rs" 162 41 162 45] Slice.get s _17) = ([#"../index_range.rs" 162 49 162 50] [#"../index_range.rs" 162 49 162 50] (1 : int32))) + [#"../index_range.rs" 162 41 162 50] _15 <- ([#"../index_range.rs" 162 41 162 50] Slice.get s _17 = (1 : int32)); + switch (_15) | False -> goto BB18 | True -> goto BB8 end } BB8 { - [#"../index_range.rs" 162 56 162 57] _22 <- ([#"../index_range.rs" 162 56 162 57] [#"../index_range.rs" 162 56 162 57] (2 : usize)); - [#"../index_range.rs" 162 54 162 58] _24 <- ([#"../index_range.rs" 162 54 162 58] _22 < ([#"../index_range.rs" 162 54 162 58] Slice.length s)); + [#"../index_range.rs" 162 56 162 57] _22 <- ([#"../index_range.rs" 162 56 162 57] (2 : usize)); + [#"../index_range.rs" 162 54 162 58] _23 <- ([#"../index_range.rs" 162 54 162 58] Slice.length s); + [#"../index_range.rs" 162 54 162 58] _24 <- ([#"../index_range.rs" 162 54 162 58] _22 < _23); assert { [@expl:index in bounds] [#"../index_range.rs" 162 54 162 58] _24 }; goto BB9 } BB9 { - switch ([#"../index_range.rs" 162 54 162 63] ([#"../index_range.rs" 162 54 162 58] Slice.get s _22) = ([#"../index_range.rs" 162 62 162 63] [#"../index_range.rs" 162 62 162 63] (2 : int32))) + [#"../index_range.rs" 162 54 162 63] _20 <- ([#"../index_range.rs" 162 54 162 63] Slice.get s _22 = (2 : int32)); + switch (_20) | False -> goto BB17 | True -> goto BB10 end } BB10 { - [#"../index_range.rs" 162 69 162 70] _27 <- ([#"../index_range.rs" 162 69 162 70] [#"../index_range.rs" 162 69 162 70] (3 : usize)); - [#"../index_range.rs" 162 67 162 71] _29 <- ([#"../index_range.rs" 162 67 162 71] _27 < ([#"../index_range.rs" 162 67 162 71] Slice.length s)); + [#"../index_range.rs" 162 69 162 70] _27 <- ([#"../index_range.rs" 162 69 162 70] (3 : usize)); + [#"../index_range.rs" 162 67 162 71] _28 <- ([#"../index_range.rs" 162 67 162 71] Slice.length s); + [#"../index_range.rs" 162 67 162 71] _29 <- ([#"../index_range.rs" 162 67 162 71] _27 < _28); assert { [@expl:index in bounds] [#"../index_range.rs" 162 67 162 71] _29 }; goto BB11 } BB11 { - switch ([#"../index_range.rs" 162 67 162 76] ([#"../index_range.rs" 162 67 162 71] Slice.get s _27) = ([#"../index_range.rs" 162 75 162 76] [#"../index_range.rs" 162 75 162 76] (3 : int32))) + [#"../index_range.rs" 162 67 162 76] _25 <- ([#"../index_range.rs" 162 67 162 76] Slice.get s _27 = (3 : int32)); + switch (_25) | False -> goto BB16 | True -> goto BB12 end } BB12 { - [#"../index_range.rs" 162 82 162 83] _32 <- ([#"../index_range.rs" 162 82 162 83] [#"../index_range.rs" 162 82 162 83] (4 : usize)); - [#"../index_range.rs" 162 80 162 84] _34 <- ([#"../index_range.rs" 162 80 162 84] _32 < ([#"../index_range.rs" 162 80 162 84] Slice.length s)); + [#"../index_range.rs" 162 82 162 83] _32 <- ([#"../index_range.rs" 162 82 162 83] (4 : usize)); + [#"../index_range.rs" 162 80 162 84] _33 <- ([#"../index_range.rs" 162 80 162 84] Slice.length s); + [#"../index_range.rs" 162 80 162 84] _34 <- ([#"../index_range.rs" 162 80 162 84] _32 < _33); assert { [@expl:index in bounds] [#"../index_range.rs" 162 80 162 84] _34 }; goto BB13 } BB13 { - switch ([#"../index_range.rs" 162 80 162 89] ([#"../index_range.rs" 162 80 162 84] Slice.get s _32) = ([#"../index_range.rs" 162 88 162 89] [#"../index_range.rs" 162 88 162 89] (4 : int32))) + [#"../index_range.rs" 162 80 162 89] _30 <- ([#"../index_range.rs" 162 80 162 89] Slice.get s _32 = (4 : int32)); + switch (_30) | False -> goto BB15 | True -> goto BB14 end @@ -2455,8 +2673,10 @@ module IndexRange_TestRangeFull BB14 { [#"../index_range.rs" 165 17 165 20] _38 <- Borrow.borrow_mut arr; [#"../index_range.rs" 165 17 165 20] arr <- ^ _38; - [#"../index_range.rs" 165 20 165 24] _37 <- ([#"../index_range.rs" 165 20 165 24] index_mut0 _38 ([#"../index_range.rs" 165 21 165 23] Core_Ops_Range_RangeFull_Type.C_RangeFull)); + [#"../index_range.rs" 165 21 165 23] _39 <- ([#"../index_range.rs" 165 21 165 23] Core_Ops_Range_RangeFull_Type.C_RangeFull); + [#"../index_range.rs" 165 20 165 24] _37 <- ([#"../index_range.rs" 165 20 165 24] index_mut0 _38 _39); _38 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + _39 <- any Core_Ops_Range_RangeFull_Type.t_rangefull; goto BB22 } BB15 { @@ -2490,18 +2710,21 @@ module IndexRange_TestRangeFull BB22 { [#"../index_range.rs" 165 12 165 24] s1 <- Borrow.borrow_final ( * _37) (Borrow.get_id _37); [#"../index_range.rs" 165 12 165 24] _37 <- { _37 with current = ( ^ s1) ; }; - [#"../index_range.rs" 166 12 166 19] _42 <- ([#"../index_range.rs" 166 12 166 19] len0 ([#"../index_range.rs" 166 12 166 13] * s1)); + [#"../index_range.rs" 166 12 166 19] _42 <- ([#"../index_range.rs" 166 12 166 19] len0 ( * s1)); goto BB23 } BB23 { - switch ([#"../index_range.rs" 166 12 166 24] _42 = ([#"../index_range.rs" 166 23 166 24] [#"../index_range.rs" 166 23 166 24] (5 : usize))) + [#"../index_range.rs" 166 12 166 24] _41 <- ([#"../index_range.rs" 166 12 166 24] _42 = (5 : usize)); + _42 <- any usize; + switch (_41) | False -> goto BB25 | True -> goto BB24 end } BB24 { - [#"../index_range.rs" 167 6 167 7] _45 <- ([#"../index_range.rs" 167 6 167 7] [#"../index_range.rs" 167 6 167 7] (1 : usize)); - [#"../index_range.rs" 167 4 167 8] _47 <- ([#"../index_range.rs" 167 4 167 8] _45 < ([#"../index_range.rs" 167 4 167 8] Slice.length ( * s1))); + [#"../index_range.rs" 167 6 167 7] _45 <- ([#"../index_range.rs" 167 6 167 7] (1 : usize)); + [#"../index_range.rs" 167 4 167 8] _46 <- ([#"../index_range.rs" 167 4 167 8] Slice.length ( * s1)); + [#"../index_range.rs" 167 4 167 8] _47 <- ([#"../index_range.rs" 167 4 167 8] _45 < _46); assert { [@expl:index in bounds] [#"../index_range.rs" 167 4 167 8] _47 }; goto BB26 } @@ -2513,27 +2736,30 @@ module IndexRange_TestRangeFull absurd } BB26 { - [#"../index_range.rs" 167 4 167 13] s1 <- { s1 with current = Slice.set ( * s1) _45 ([#"../index_range.rs" 167 4 167 13] [#"../index_range.rs" 167 11 167 13] (-1 : int32)) ; }; - [#"../index_range.rs" 168 6 168 7] _48 <- ([#"../index_range.rs" 168 6 168 7] [#"../index_range.rs" 168 6 168 7] (3 : usize)); - [#"../index_range.rs" 168 4 168 8] _50 <- ([#"../index_range.rs" 168 4 168 8] _48 < ([#"../index_range.rs" 168 4 168 8] Slice.length ( * s1))); + [#"../index_range.rs" 167 4 167 13] s1 <- { s1 with current = Slice.set ( * s1) _45 ([#"../index_range.rs" 167 4 167 13] (-1 : int32)) ; }; + [#"../index_range.rs" 168 6 168 7] _48 <- ([#"../index_range.rs" 168 6 168 7] (3 : usize)); + [#"../index_range.rs" 168 4 168 8] _49 <- ([#"../index_range.rs" 168 4 168 8] Slice.length ( * s1)); + [#"../index_range.rs" 168 4 168 8] _50 <- ([#"../index_range.rs" 168 4 168 8] _48 < _49); assert { [@expl:index in bounds] [#"../index_range.rs" 168 4 168 8] _50 }; goto BB27 } BB27 { - [#"../index_range.rs" 168 4 168 13] s1 <- { s1 with current = Slice.set ( * s1) _48 ([#"../index_range.rs" 168 4 168 13] [#"../index_range.rs" 168 11 168 13] (-1 : int32)) ; }; + [#"../index_range.rs" 168 4 168 13] s1 <- { s1 with current = Slice.set ( * s1) _48 ([#"../index_range.rs" 168 4 168 13] (-1 : int32)) ; }; assume { resolve1 s1 }; assume { resolve1 _37 }; - [#"../index_range.rs" 170 12 170 21] _53 <- ([#"../index_range.rs" 170 12 170 21] len1 ([#"../index_range.rs" 170 12 170 15] arr)); + [#"../index_range.rs" 170 12 170 21] _53 <- ([#"../index_range.rs" 170 12 170 21] len1 arr); goto BB28 } BB28 { - switch ([#"../index_range.rs" 170 12 170 26] _53 = ([#"../index_range.rs" 170 25 170 26] [#"../index_range.rs" 170 25 170 26] (5 : usize))) + [#"../index_range.rs" 170 12 170 26] _52 <- ([#"../index_range.rs" 170 12 170 26] _53 = (5 : usize)); + _53 <- any usize; + switch (_52) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../index_range.rs" 171 15 171 18] _59 <- ([#"../index_range.rs" 171 15 171 18] index1 ([#"../index_range.rs" 171 12 171 15] arr) ([#"../index_range.rs" 171 16 171 17] [#"../index_range.rs" 171 16 171 17] (0 : usize))); + [#"../index_range.rs" 171 15 171 18] _59 <- ([#"../index_range.rs" 171 15 171 18] index1 arr (0 : usize)); goto BB31 } BB30 { @@ -2542,13 +2768,14 @@ module IndexRange_TestRangeFull absurd } BB31 { - switch ([#"../index_range.rs" 171 12 171 23] ([#"../index_range.rs" 171 12 171 18] _59) = ([#"../index_range.rs" 171 22 171 23] [#"../index_range.rs" 171 22 171 23] (0 : int32))) + [#"../index_range.rs" 171 12 171 23] _57 <- ([#"../index_range.rs" 171 12 171 23] _59 = (0 : int32)); + switch (_57) | False -> goto BB33 | True -> goto BB32 end } BB32 { - [#"../index_range.rs" 172 15 172 18] _65 <- ([#"../index_range.rs" 172 15 172 18] index1 ([#"../index_range.rs" 172 12 172 15] arr) ([#"../index_range.rs" 172 16 172 17] [#"../index_range.rs" 172 16 172 17] (1 : usize))); + [#"../index_range.rs" 172 15 172 18] _65 <- ([#"../index_range.rs" 172 15 172 18] index1 arr (1 : usize)); goto BB34 } BB33 { @@ -2557,13 +2784,14 @@ module IndexRange_TestRangeFull absurd } BB34 { - switch ([#"../index_range.rs" 172 12 172 24] ([#"../index_range.rs" 172 12 172 18] _65) = ([#"../index_range.rs" 172 22 172 24] [#"../index_range.rs" 172 22 172 24] (-1 : int32))) + [#"../index_range.rs" 172 12 172 24] _63 <- ([#"../index_range.rs" 172 12 172 24] _65 = (-1 : int32)); + switch (_63) | False -> goto BB36 | True -> goto BB35 end } BB35 { - [#"../index_range.rs" 173 15 173 18] _71 <- ([#"../index_range.rs" 173 15 173 18] index1 ([#"../index_range.rs" 173 12 173 15] arr) ([#"../index_range.rs" 173 16 173 17] [#"../index_range.rs" 173 16 173 17] (2 : usize))); + [#"../index_range.rs" 173 15 173 18] _71 <- ([#"../index_range.rs" 173 15 173 18] index1 arr (2 : usize)); goto BB37 } BB36 { @@ -2572,13 +2800,14 @@ module IndexRange_TestRangeFull absurd } BB37 { - switch ([#"../index_range.rs" 173 12 173 23] ([#"../index_range.rs" 173 12 173 18] _71) = ([#"../index_range.rs" 173 22 173 23] [#"../index_range.rs" 173 22 173 23] (2 : int32))) + [#"../index_range.rs" 173 12 173 23] _69 <- ([#"../index_range.rs" 173 12 173 23] _71 = (2 : int32)); + switch (_69) | False -> goto BB39 | True -> goto BB38 end } BB38 { - [#"../index_range.rs" 174 15 174 18] _77 <- ([#"../index_range.rs" 174 15 174 18] index1 ([#"../index_range.rs" 174 12 174 15] arr) ([#"../index_range.rs" 174 16 174 17] [#"../index_range.rs" 174 16 174 17] (3 : usize))); + [#"../index_range.rs" 174 15 174 18] _77 <- ([#"../index_range.rs" 174 15 174 18] index1 arr (3 : usize)); goto BB40 } BB39 { @@ -2587,13 +2816,14 @@ module IndexRange_TestRangeFull absurd } BB40 { - switch ([#"../index_range.rs" 174 12 174 24] ([#"../index_range.rs" 174 12 174 18] _77) = ([#"../index_range.rs" 174 22 174 24] [#"../index_range.rs" 174 22 174 24] (-1 : int32))) + [#"../index_range.rs" 174 12 174 24] _75 <- ([#"../index_range.rs" 174 12 174 24] _77 = (-1 : int32)); + switch (_75) | False -> goto BB42 | True -> goto BB41 end } BB41 { - [#"../index_range.rs" 175 15 175 18] _83 <- ([#"../index_range.rs" 175 15 175 18] index1 ([#"../index_range.rs" 175 12 175 15] arr) ([#"../index_range.rs" 175 16 175 17] [#"../index_range.rs" 175 16 175 17] (4 : usize))); + [#"../index_range.rs" 175 15 175 18] _83 <- ([#"../index_range.rs" 175 15 175 18] index1 arr (4 : usize)); goto BB43 } BB42 { @@ -2603,7 +2833,8 @@ module IndexRange_TestRangeFull } BB43 { assume { resolve0 arr }; - switch ([#"../index_range.rs" 175 12 175 23] ([#"../index_range.rs" 175 12 175 18] _83) = ([#"../index_range.rs" 175 22 175 23] [#"../index_range.rs" 175 22 175 23] (4 : int32))) + [#"../index_range.rs" 175 12 175 23] _81 <- ([#"../index_range.rs" 175 12 175 23] _83 = (4 : int32)); + switch (_81) | False -> goto BB45 | True -> goto BB44 end @@ -2907,29 +3138,48 @@ module IndexRange_TestRangeToInclusive var arr : Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global); var s : slice int32; var _3 : slice int32; + var _5 : Core_Ops_Range_RangeToInclusive_Type.t_rangetoinclusive usize; + var _7 : bool; var _8 : usize; + var _10 : bool; var _12 : usize; + var _13 : usize; var _14 : bool; + var _15 : bool; var _17 : usize; + var _18 : usize; var _19 : bool; var _22 : bool; var _24 : Core_Option_Option_Type.t_option (slice int32); var _26 : slice int32; + var _28 : Core_Ops_Range_RangeToInclusive_Type.t_rangetoinclusive usize; var s1 : borrowed (slice int32); var _31 : borrowed (slice int32); var _32 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + var _33 : Core_Ops_Range_RangeToInclusive_Type.t_rangetoinclusive usize; + var _35 : bool; var _36 : usize; var _39 : usize; + var _40 : usize; var _41 : bool; var _42 : usize; + var _43 : usize; var _44 : bool; + var _46 : bool; var _48 : usize; + var _49 : usize; var _50 : bool; + var _53 : bool; var _54 : usize; + var _58 : bool; var _60 : int32; + var _64 : bool; var _66 : int32; + var _70 : bool; var _72 : int32; + var _76 : bool; var _78 : int32; + var _82 : bool; var _84 : int32; { goto BB0 @@ -2939,46 +3189,54 @@ module IndexRange_TestRangeToInclusive goto BB1 } BB1 { - [#"../index_range.rs" 186 16 186 22] _3 <- ([#"../index_range.rs" 186 16 186 22] index0 ([#"../index_range.rs" 186 13 186 16] arr) ([#"../index_range.rs" 186 17 186 21] Core_Ops_Range_RangeToInclusive_Type.C_RangeToInclusive ([#"../index_range.rs" 186 20 186 21] [#"../index_range.rs" 186 20 186 21] (1 : usize)))); + [#"../index_range.rs" 186 17 186 21] _5 <- ([#"../index_range.rs" 186 17 186 21] Core_Ops_Range_RangeToInclusive_Type.C_RangeToInclusive (1 : usize)); + [#"../index_range.rs" 186 16 186 22] _3 <- ([#"../index_range.rs" 186 16 186 22] index0 arr _5); + _5 <- any Core_Ops_Range_RangeToInclusive_Type.t_rangetoinclusive usize; goto BB2 } BB2 { [#"../index_range.rs" 186 12 186 22] s <- ([#"../index_range.rs" 186 12 186 22] _3); - [#"../index_range.rs" 187 12 187 19] _8 <- ([#"../index_range.rs" 187 12 187 19] len0 ([#"../index_range.rs" 187 12 187 13] s)); + [#"../index_range.rs" 187 12 187 19] _8 <- ([#"../index_range.rs" 187 12 187 19] len0 s); goto BB3 } BB3 { - switch ([#"../index_range.rs" 187 12 187 24] _8 = ([#"../index_range.rs" 187 23 187 24] [#"../index_range.rs" 187 23 187 24] (2 : usize))) + [#"../index_range.rs" 187 12 187 24] _7 <- ([#"../index_range.rs" 187 12 187 24] _8 = (2 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB11 | True -> goto BB4 end } BB4 { - [#"../index_range.rs" 187 30 187 31] _12 <- ([#"../index_range.rs" 187 30 187 31] [#"../index_range.rs" 187 30 187 31] (0 : usize)); - [#"../index_range.rs" 187 28 187 32] _14 <- ([#"../index_range.rs" 187 28 187 32] _12 < ([#"../index_range.rs" 187 28 187 32] Slice.length s)); + [#"../index_range.rs" 187 30 187 31] _12 <- ([#"../index_range.rs" 187 30 187 31] (0 : usize)); + [#"../index_range.rs" 187 28 187 32] _13 <- ([#"../index_range.rs" 187 28 187 32] Slice.length s); + [#"../index_range.rs" 187 28 187 32] _14 <- ([#"../index_range.rs" 187 28 187 32] _12 < _13); assert { [@expl:index in bounds] [#"../index_range.rs" 187 28 187 32] _14 }; goto BB5 } BB5 { - switch ([#"../index_range.rs" 187 28 187 37] ([#"../index_range.rs" 187 28 187 32] Slice.get s _12) = ([#"../index_range.rs" 187 36 187 37] [#"../index_range.rs" 187 36 187 37] (0 : int32))) + [#"../index_range.rs" 187 28 187 37] _10 <- ([#"../index_range.rs" 187 28 187 37] Slice.get s _12 = (0 : int32)); + switch (_10) | False -> goto BB10 | True -> goto BB6 end } BB6 { - [#"../index_range.rs" 187 43 187 44] _17 <- ([#"../index_range.rs" 187 43 187 44] [#"../index_range.rs" 187 43 187 44] (1 : usize)); - [#"../index_range.rs" 187 41 187 45] _19 <- ([#"../index_range.rs" 187 41 187 45] _17 < ([#"../index_range.rs" 187 41 187 45] Slice.length s)); + [#"../index_range.rs" 187 43 187 44] _17 <- ([#"../index_range.rs" 187 43 187 44] (1 : usize)); + [#"../index_range.rs" 187 41 187 45] _18 <- ([#"../index_range.rs" 187 41 187 45] Slice.length s); + [#"../index_range.rs" 187 41 187 45] _19 <- ([#"../index_range.rs" 187 41 187 45] _17 < _18); assert { [@expl:index in bounds] [#"../index_range.rs" 187 41 187 45] _19 }; goto BB7 } BB7 { - switch ([#"../index_range.rs" 187 41 187 50] ([#"../index_range.rs" 187 41 187 45] Slice.get s _17) = ([#"../index_range.rs" 187 49 187 50] [#"../index_range.rs" 187 49 187 50] (1 : int32))) + [#"../index_range.rs" 187 41 187 50] _15 <- ([#"../index_range.rs" 187 41 187 50] Slice.get s _17 = (1 : int32)); + switch (_15) | False -> goto BB9 | True -> goto BB8 end } BB8 { - [#"../index_range.rs" 192 12 192 25] _26 <- ([#"../index_range.rs" 192 12 192 25] deref0 ([#"../index_range.rs" 192 12 192 15] arr)); + [#"../index_range.rs" 192 12 192 25] _26 <- ([#"../index_range.rs" 192 12 192 25] deref0 arr); goto BB13 } BB9 { @@ -2998,11 +3256,13 @@ module IndexRange_TestRangeToInclusive absurd } BB13 { - [#"../index_range.rs" 192 12 192 25] _24 <- ([#"../index_range.rs" 192 12 192 25] get0 ([#"../index_range.rs" 192 12 192 15] _26) ([#"../index_range.rs" 192 20 192 24] Core_Ops_Range_RangeToInclusive_Type.C_RangeToInclusive ([#"../index_range.rs" 192 23 192 24] [#"../index_range.rs" 192 23 192 24] (5 : usize)))); + [#"../index_range.rs" 192 20 192 24] _28 <- ([#"../index_range.rs" 192 20 192 24] Core_Ops_Range_RangeToInclusive_Type.C_RangeToInclusive (5 : usize)); + [#"../index_range.rs" 192 12 192 25] _24 <- ([#"../index_range.rs" 192 12 192 25] get0 _26 _28); + _28 <- any Core_Ops_Range_RangeToInclusive_Type.t_rangetoinclusive usize; goto BB14 } BB14 { - [#"../index_range.rs" 192 12 192 35] _22 <- ([#"../index_range.rs" 192 12 192 35] is_none0 ([#"../index_range.rs" 192 12 192 25] _24)); + [#"../index_range.rs" 192 12 192 35] _22 <- ([#"../index_range.rs" 192 12 192 35] is_none0 _24); goto BB15 } BB15 { @@ -3014,8 +3274,10 @@ module IndexRange_TestRangeToInclusive BB16 { [#"../index_range.rs" 195 17 195 20] _32 <- Borrow.borrow_mut arr; [#"../index_range.rs" 195 17 195 20] arr <- ^ _32; - [#"../index_range.rs" 195 20 195 26] _31 <- ([#"../index_range.rs" 195 20 195 26] index_mut0 _32 ([#"../index_range.rs" 195 21 195 25] Core_Ops_Range_RangeToInclusive_Type.C_RangeToInclusive ([#"../index_range.rs" 195 24 195 25] [#"../index_range.rs" 195 24 195 25] (2 : usize)))); + [#"../index_range.rs" 195 21 195 25] _33 <- ([#"../index_range.rs" 195 21 195 25] Core_Ops_Range_RangeToInclusive_Type.C_RangeToInclusive (2 : usize)); + [#"../index_range.rs" 195 20 195 26] _31 <- ([#"../index_range.rs" 195 20 195 26] index_mut0 _32 _33); _32 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + _33 <- any Core_Ops_Range_RangeToInclusive_Type.t_rangetoinclusive usize; goto BB18 } BB17 { @@ -3026,18 +3288,21 @@ module IndexRange_TestRangeToInclusive BB18 { [#"../index_range.rs" 195 12 195 26] s1 <- Borrow.borrow_final ( * _31) (Borrow.get_id _31); [#"../index_range.rs" 195 12 195 26] _31 <- { _31 with current = ( ^ s1) ; }; - [#"../index_range.rs" 196 12 196 19] _36 <- ([#"../index_range.rs" 196 12 196 19] len0 ([#"../index_range.rs" 196 12 196 13] * s1)); + [#"../index_range.rs" 196 12 196 19] _36 <- ([#"../index_range.rs" 196 12 196 19] len0 ( * s1)); goto BB19 } BB19 { - switch ([#"../index_range.rs" 196 12 196 24] _36 = ([#"../index_range.rs" 196 23 196 24] [#"../index_range.rs" 196 23 196 24] (3 : usize))) + [#"../index_range.rs" 196 12 196 24] _35 <- ([#"../index_range.rs" 196 12 196 24] _36 = (3 : usize)); + _36 <- any usize; + switch (_35) | False -> goto BB21 | True -> goto BB20 end } BB20 { - [#"../index_range.rs" 197 6 197 7] _39 <- ([#"../index_range.rs" 197 6 197 7] [#"../index_range.rs" 197 6 197 7] (0 : usize)); - [#"../index_range.rs" 197 4 197 8] _41 <- ([#"../index_range.rs" 197 4 197 8] _39 < ([#"../index_range.rs" 197 4 197 8] Slice.length ( * s1))); + [#"../index_range.rs" 197 6 197 7] _39 <- ([#"../index_range.rs" 197 6 197 7] (0 : usize)); + [#"../index_range.rs" 197 4 197 8] _40 <- ([#"../index_range.rs" 197 4 197 8] Slice.length ( * s1)); + [#"../index_range.rs" 197 4 197 8] _41 <- ([#"../index_range.rs" 197 4 197 8] _39 < _40); assert { [@expl:index in bounds] [#"../index_range.rs" 197 4 197 8] _41 }; goto BB22 } @@ -3049,29 +3314,32 @@ module IndexRange_TestRangeToInclusive absurd } BB22 { - [#"../index_range.rs" 197 4 197 13] s1 <- { s1 with current = Slice.set ( * s1) _39 ([#"../index_range.rs" 197 4 197 13] [#"../index_range.rs" 197 11 197 13] (-1 : int32)) ; }; - [#"../index_range.rs" 198 6 198 7] _42 <- ([#"../index_range.rs" 198 6 198 7] [#"../index_range.rs" 198 6 198 7] (2 : usize)); - [#"../index_range.rs" 198 4 198 8] _44 <- ([#"../index_range.rs" 198 4 198 8] _42 < ([#"../index_range.rs" 198 4 198 8] Slice.length ( * s1))); + [#"../index_range.rs" 197 4 197 13] s1 <- { s1 with current = Slice.set ( * s1) _39 ([#"../index_range.rs" 197 4 197 13] (-1 : int32)) ; }; + [#"../index_range.rs" 198 6 198 7] _42 <- ([#"../index_range.rs" 198 6 198 7] (2 : usize)); + [#"../index_range.rs" 198 4 198 8] _43 <- ([#"../index_range.rs" 198 4 198 8] Slice.length ( * s1)); + [#"../index_range.rs" 198 4 198 8] _44 <- ([#"../index_range.rs" 198 4 198 8] _42 < _43); assert { [@expl:index in bounds] [#"../index_range.rs" 198 4 198 8] _44 }; goto BB23 } BB23 { - [#"../index_range.rs" 198 4 198 13] s1 <- { s1 with current = Slice.set ( * s1) _42 ([#"../index_range.rs" 198 4 198 13] [#"../index_range.rs" 198 11 198 13] (-1 : int32)) ; }; - [#"../index_range.rs" 200 14 200 15] _48 <- ([#"../index_range.rs" 200 14 200 15] [#"../index_range.rs" 200 14 200 15] (1 : usize)); - [#"../index_range.rs" 200 12 200 16] _50 <- ([#"../index_range.rs" 200 12 200 16] _48 < ([#"../index_range.rs" 200 12 200 16] Slice.length ( * s1))); + [#"../index_range.rs" 198 4 198 13] s1 <- { s1 with current = Slice.set ( * s1) _42 ([#"../index_range.rs" 198 4 198 13] (-1 : int32)) ; }; + [#"../index_range.rs" 200 14 200 15] _48 <- ([#"../index_range.rs" 200 14 200 15] (1 : usize)); + [#"../index_range.rs" 200 12 200 16] _49 <- ([#"../index_range.rs" 200 12 200 16] Slice.length ( * s1)); + [#"../index_range.rs" 200 12 200 16] _50 <- ([#"../index_range.rs" 200 12 200 16] _48 < _49); assert { [@expl:index in bounds] [#"../index_range.rs" 200 12 200 16] _50 }; goto BB24 } BB24 { assume { resolve1 s1 }; + [#"../index_range.rs" 200 12 200 21] _46 <- ([#"../index_range.rs" 200 12 200 21] Slice.get ( * s1) _48 = (1 : int32)); assume { resolve1 _31 }; - switch ([#"../index_range.rs" 200 12 200 21] ([#"../index_range.rs" 200 12 200 16] Slice.get ( * s1) _48) = ([#"../index_range.rs" 200 20 200 21] [#"../index_range.rs" 200 20 200 21] (1 : int32))) + switch (_46) | False -> goto BB26 | True -> goto BB25 end } BB25 { - [#"../index_range.rs" 202 12 202 21] _54 <- ([#"../index_range.rs" 202 12 202 21] len1 ([#"../index_range.rs" 202 12 202 15] arr)); + [#"../index_range.rs" 202 12 202 21] _54 <- ([#"../index_range.rs" 202 12 202 21] len1 arr); goto BB27 } BB26 { @@ -3080,13 +3348,15 @@ module IndexRange_TestRangeToInclusive absurd } BB27 { - switch ([#"../index_range.rs" 202 12 202 26] _54 = ([#"../index_range.rs" 202 25 202 26] [#"../index_range.rs" 202 25 202 26] (5 : usize))) + [#"../index_range.rs" 202 12 202 26] _53 <- ([#"../index_range.rs" 202 12 202 26] _54 = (5 : usize)); + _54 <- any usize; + switch (_53) | False -> goto BB29 | True -> goto BB28 end } BB28 { - [#"../index_range.rs" 203 15 203 18] _60 <- ([#"../index_range.rs" 203 15 203 18] index1 ([#"../index_range.rs" 203 12 203 15] arr) ([#"../index_range.rs" 203 16 203 17] [#"../index_range.rs" 203 16 203 17] (0 : usize))); + [#"../index_range.rs" 203 15 203 18] _60 <- ([#"../index_range.rs" 203 15 203 18] index1 arr (0 : usize)); goto BB30 } BB29 { @@ -3095,13 +3365,14 @@ module IndexRange_TestRangeToInclusive absurd } BB30 { - switch ([#"../index_range.rs" 203 12 203 24] ([#"../index_range.rs" 203 12 203 18] _60) = ([#"../index_range.rs" 203 22 203 24] [#"../index_range.rs" 203 22 203 24] (-1 : int32))) + [#"../index_range.rs" 203 12 203 24] _58 <- ([#"../index_range.rs" 203 12 203 24] _60 = (-1 : int32)); + switch (_58) | False -> goto BB32 | True -> goto BB31 end } BB31 { - [#"../index_range.rs" 204 15 204 18] _66 <- ([#"../index_range.rs" 204 15 204 18] index1 ([#"../index_range.rs" 204 12 204 15] arr) ([#"../index_range.rs" 204 16 204 17] [#"../index_range.rs" 204 16 204 17] (1 : usize))); + [#"../index_range.rs" 204 15 204 18] _66 <- ([#"../index_range.rs" 204 15 204 18] index1 arr (1 : usize)); goto BB33 } BB32 { @@ -3110,13 +3381,14 @@ module IndexRange_TestRangeToInclusive absurd } BB33 { - switch ([#"../index_range.rs" 204 12 204 23] ([#"../index_range.rs" 204 12 204 18] _66) = ([#"../index_range.rs" 204 22 204 23] [#"../index_range.rs" 204 22 204 23] (1 : int32))) + [#"../index_range.rs" 204 12 204 23] _64 <- ([#"../index_range.rs" 204 12 204 23] _66 = (1 : int32)); + switch (_64) | False -> goto BB35 | True -> goto BB34 end } BB34 { - [#"../index_range.rs" 205 15 205 18] _72 <- ([#"../index_range.rs" 205 15 205 18] index1 ([#"../index_range.rs" 205 12 205 15] arr) ([#"../index_range.rs" 205 16 205 17] [#"../index_range.rs" 205 16 205 17] (2 : usize))); + [#"../index_range.rs" 205 15 205 18] _72 <- ([#"../index_range.rs" 205 15 205 18] index1 arr (2 : usize)); goto BB36 } BB35 { @@ -3125,13 +3397,14 @@ module IndexRange_TestRangeToInclusive absurd } BB36 { - switch ([#"../index_range.rs" 205 12 205 24] ([#"../index_range.rs" 205 12 205 18] _72) = ([#"../index_range.rs" 205 22 205 24] [#"../index_range.rs" 205 22 205 24] (-1 : int32))) + [#"../index_range.rs" 205 12 205 24] _70 <- ([#"../index_range.rs" 205 12 205 24] _72 = (-1 : int32)); + switch (_70) | False -> goto BB38 | True -> goto BB37 end } BB37 { - [#"../index_range.rs" 206 15 206 18] _78 <- ([#"../index_range.rs" 206 15 206 18] index1 ([#"../index_range.rs" 206 12 206 15] arr) ([#"../index_range.rs" 206 16 206 17] [#"../index_range.rs" 206 16 206 17] (3 : usize))); + [#"../index_range.rs" 206 15 206 18] _78 <- ([#"../index_range.rs" 206 15 206 18] index1 arr (3 : usize)); goto BB39 } BB38 { @@ -3140,13 +3413,14 @@ module IndexRange_TestRangeToInclusive absurd } BB39 { - switch ([#"../index_range.rs" 206 12 206 23] ([#"../index_range.rs" 206 12 206 18] _78) = ([#"../index_range.rs" 206 22 206 23] [#"../index_range.rs" 206 22 206 23] (3 : int32))) + [#"../index_range.rs" 206 12 206 23] _76 <- ([#"../index_range.rs" 206 12 206 23] _78 = (3 : int32)); + switch (_76) | False -> goto BB41 | True -> goto BB40 end } BB40 { - [#"../index_range.rs" 207 15 207 18] _84 <- ([#"../index_range.rs" 207 15 207 18] index1 ([#"../index_range.rs" 207 12 207 15] arr) ([#"../index_range.rs" 207 16 207 17] [#"../index_range.rs" 207 16 207 17] (4 : usize))); + [#"../index_range.rs" 207 15 207 18] _84 <- ([#"../index_range.rs" 207 15 207 18] index1 arr (4 : usize)); goto BB42 } BB41 { @@ -3156,7 +3430,8 @@ module IndexRange_TestRangeToInclusive } BB42 { assume { resolve0 arr }; - switch ([#"../index_range.rs" 207 12 207 23] ([#"../index_range.rs" 207 12 207 18] _84) = ([#"../index_range.rs" 207 22 207 23] [#"../index_range.rs" 207 22 207 23] (4 : int32))) + [#"../index_range.rs" 207 12 207 23] _82 <- ([#"../index_range.rs" 207 12 207 23] _84 = (4 : int32)); + switch (_82) | False -> goto BB44 | True -> goto BB43 end diff --git a/creusot/tests/should_succeed/index_range/why3session.xml b/creusot/tests/should_succeed/index_range/why3session.xml index 0007cfb686..108d138d7e 100644 --- a/creusot/tests/should_succeed/index_range/why3session.xml +++ b/creusot/tests/should_succeed/index_range/why3session.xml @@ -14,220 +14,220 @@ - + - + - + - + - + - + - + - + - + - + - + - + - - + + - - + + - + - + - - + + - - + + - - + + - - + + - + - + - - + + - + - - + + - - + + - + - + - - + + - + - - + + - + - - + + - - + + - + - - + + - - + + - + - + - + - - + + - - + + - + - + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/index_range/why3shapes.gz b/creusot/tests/should_succeed/index_range/why3shapes.gz index c0759acd7c5b8a57bc54549b4f3f53ef0bf3edeb..87bd26a6c9eca465bfa0f489339059a70b91b7b3 100644 GIT binary patch literal 4417 zcmV-H5x(vpiwFP!00000|Lt8_ZzMO8e%G(i+w2-xfWcq{$-(r4VA#k87PG+apdP2d z(-u}%c_p67(uWp~e4?mXY+n>tQ^Zn-W zueW^r)xY1o{9m|#{0Ud;+o`Enux-Lhe|r=D_9i@($M0Ug4?^JKVe|9)hfOXIYK7rt zv%Y_P2|t8?sk=_*Xv*8xEuUMGYGs7vn`tFTS1$irKWx6cPim!gGRfRs7{-K`hUMQ& z!;s+8uu7^8pWdvD)7$VyK35vPmDXZH_~%Ni@cg(*^8uNz+Mb$Zr%w^9>ZG7A`nI># z3VbK~l{8l1PO|`ek_Ff%m(Btw7GN7$aD7o{0d@tvWx*?;Gc3$$7N*Izv(Q@>rjw<< zXk=klfLj*00)2)BoMzGW(^;KroOFr_3hW;sXT8Uek!V2*|*{0xqMhx4gYw0S60}(f&9K7dwXZ= z5Ig(kZfZ1j3u@GVk>9=NKf`zBr5!@;`XtrYjm;UQzlC?QhD~3o-R#MC2HH>3l3h(b zPI!;#wCx>sflhN$<5X$P(Y2mEI_#5ZhfdQ4bU1r5BLj1U4u$uGuFFm@Wv3zOajG;L zxQ}-;o)6VE+07z8fU+0V_&cT zJ3M|@#EXvr+hE`4X@4*N>{6_e;Y+cmdBY2_MusoN8X3MAYh;|hxtq>FoveKMxwm>W zzoctA8{CbX-9o=?(`X#6F}J?fGg=?ficO!yJL_XUZ+&cLPc$;1o%PYwV|Hg_>r7wD z^UM0F>GkHEw1RlrMCWpfJ}Sb#I4-)nI4-KbI4+iQaa;_ojjyTExqn>8&AZ3^thOfm zkBtm1Y`d+y`SGcw&11fQk#y~*JK^5l{p4)%&A~Z&AJwqNPC@sExaobz^En|)Ubpq` zYuC5pmZ!gW^`V7BI~eFay$O0$$y%bqWCbJlHJGz@)RxU3aauAG?sC7qf4m*#dvm;a z+FN;ec^=t`H8%k?I5T5E92j}1#jcJg9PG}H2DO&-Yq2|jX?J%1=%ytT;iJiCcVib} z?QmeENoRJmpRnJJwrz{2%~sn}c6(%?+Mct}lLVxjwl=Eiyiv;F&Mft43oU{z4YT!) zgL-M22Sek?&CX%=oz$D~{9K;;0etr;nO*um#D{YG<3=cN7j7lBL?<5ijBwi78(ji& z;$wLspOY8z2{sZi?m96oQ~zi4L+Kr33^m`pJ)^smq;7U}{=RuE|Mkn3_6kr|_m&x3 zjok9=>={hsTiK5fTX}vJ)@Jf}Z`y~HORc9*Gm!9{Q5u+|qj6Qses?XHFW9MlT^^o) z{=Phw_ftHoI=0|Whp9e%a%@6%TH&Wzi)he)=#nk(e~yb{#VGzoO=Hl9@~dNMR?_txzW+@Dz~A&ZIht+Fg?B0-BwcOj12KH2O%!#~aYw{GvaM zz>af_gTaxTIgw`^Pdae_H05%;Z1*5D4{O#Z9gE(dZXU1cX4`3f;~*@($-&S82zl6o znBog0b(&?nXi108`^-!s>iTRqwi*{FHa3^x*f);y5!QpTL$G`d7A}B=8Q7CEB~>?D zuy*v))-3hiyT-AjwCZ5!0IAi-Nc9DzdWQ7mOerqZ7O5Luxl_ktb=%{-w(h7pIT$+x z>yE+V1+X{+dvd1m;vHBX!SWdV4zcnS;N0@?91a~Ib>y!_9f-rK~;PA%ZuW>Wnq1{Ex9L@_Ikg1yTUMzq)?ed~&Z~wqC&; zc?I+Ny#j8%0v>q<{L_1dZ=W_lyw5M-)i3RK(|MCL3Ucr1Kt!0 zkI<=I90fl{xCJ_JiKd9Rye8^hhr#e{9OZ2s9jBdgn(rPSt|ivB#5!MMy?sm%@1E~} zD(}mw;F?oSwTnJTie~i{yR%C^>%hqxOC&gH{^o|13blyzE94vtrX-FoW>UTcOrhNJ zK!X`@&;tzWrsV9=RAa>RF@~a@bE&OnX)6V{S`Qiqtp@M|xB=_{JOB+~2EYM?3JjnI zKe)l(U_=E36>POxaZIV0fFWhj#dvRT!N~&m!Su35r(Lm%m5E01S&PwvPiWmTHiO0wWl;lQ%Fe~=qS!kiXJ^?8;F!^I>MZnc(;SGlriyclJj@WqTZXoZ@+>5S}vJRl8dej6_nES2g~G?HKC zstROpinqZ>OzdwB4@Qj53ai12I&qhL<(TNSSb=sh= z)q;!2CV=f$P4pRn#gHP4&I;>j$vMR#L@g;RS@bSb1IB6~Kad;94)i&sR|%puzNV72 zCY_`9wnpo`Se8x^C!g@yamHZ14`Tn~BAwMNu0*^p716t(H(ks8I-s)Gj=dP4HYR!2 zI&wi{a#ST&kIWu1~#t( zxi6r#$=XZc&*J-)<%B_{LJE8->efO>{wl!-ph_m^9Ef5Dj#(vVl10=a{~D)5XZ7oX zUA=L>+Ja6}tsJY-tevgIiIQWo4YoCdrT!aV9e$E@LAD^S*m&F0MTwu$Yj03;p}@K0 z=U2T2my6@5tq1E3n9La^+d*S1S4Z4c;M8FKU}d^}y&Iv#j3ho0k^^mn@{+SVO!rjI4vq&$gEND}FJoVo6-qf+Rn26i^ih$b1Ia5~NgRyt`*L68){0aKRVv5~ zCAEqde5>}N53x#}M?F(={!85*JE*2+&*(@zV9i#FS=~x9t!3Mx?asTw+rjhTY4B$7 zICwpH=~rLgezWY5tg%+KS(GvqZ6-0$lAV|?`N>a$lJ!amD50Q)glaT|i2vh=qB)`J z10rauQn5(#hHWuS!^fR3IR)yN~{`Bxmf7cIy72Wd5rCQAkdRdH zE|*+GC1oQgbPkqIkWbd3)+Kn$ zCf1}E!SuhhJXIQlf#3iEa@E5p)I-I>QdUL9i6RoE zT-k&e(Wl^x-UsEYEn(#|WYcKJT^ zs-fRMxTL6~kpmQK;dZf+G&t*HE4Ouyc64Y$g7~VN-@6*m+DQ^drTPq|Xey*kpc*0} zrJ{C$|EizQ^Zf=nHSAO|6f#spElU#>X=8O}py}+mtByYB%}P$~3;4BvX%3Aca>2`S z(oT+(Gjy0B2wo7tz_Ol&ydb}->@&O`m5hO0b(up()`3J#IV&4%03Y1)7T~J2SD`f* z4H}A)J_OmOYBvQb*`RGs0n7MjoPe9Y%vE2nKwq9CgruchVk>2nlu?z7QHa`l>%i=i zi>uCFkIs@0)f8_eh$$_JdQx0f1X58MgfSsxzUu9j=}nQX62v&El!+31BN}4g{@el< zg|lx+OK<~ug!arrnC(@KuSAWKYGkSeDiOyFA*NCktE>~D^^A+e8jdStlIW}v7w4im!OyXdRc3Gtw zvM81<$}xs&toOTb7d!Q_OCyKiFy@q4I0EKeQ_}2mG1+@{`2E_C&YKXTPK9!DXeH|- zYc&TbtUZGd?eE8uW$wd|h(ax=!wZ#c16orxakVv4aWzGE3tmWw&43sUh}D3Y4T#-< z7!HW#fS3-r#!2QmnJ0Dxj&3Npj8^LX;!9S!^uORj>555fiI(M7tA@~jDA4~0ZaQ^u HDR=+?Kw7Zc literal 4318 zcmV<45Fzg$iwFP!00000|Lt4rZ`??Z|L(uS-}ZKZ1BxuxYq9xY3=$~7AqU(I`r|h0 zIb)p1J!?Ce{qv7il3J~9wbql#JDnJoR1cEHB7Y=R@_+nr{rHRjEk9nr%MXvYyZgUg z>+2u>diC^Ae|!H;@QtaQsL*Sh)tS~o;k z>lRVe?&ZaDzk2Oo@O6XmitmmF_UmNSy0t&V}Tq;W|EK|CG1>;bHV5n4F6xhBcSM6PE&UGN#Gns&Dp0 z-Q-@jx>tW|Sn}ak^J0cu#VZ_ci5IOZ>qcDvRcWI-hUg@3n}|MEZQCw7Jn zQX8cFPY-W%e|zg+`Mby5TKwPrTb`q-pGgN#!?IaC`?5`>2ruhZHq>a>BgWh^G47?q zi7~D)hBd|zMPn=)*tKhAd^msK#aQz4oY~5X4*i}D!>XWQ`nw7iFK-5m&^MkZZ{PX5 zw^{ffxBuhsf6k1Tc;dpUpZ22N(aW=N%W$#=_1wJ%^%aa(pq{(epq{%|p`QEI%bODu zL_2#pyl*C`8qW9Exh2$=-Vz8mWa}VudrKg9-V(?zSps2GG1=Y(siA*=oina26Jyl| z>4~vkVXW2|tKI~OdONGvBNLpuHY8U}kVeEChBZOqY0e92jsn$T$I-Ym#v_)D=h#Zb87oB1{NLTLxi$3Rj9$K8*60$Ut38!ByZij# ze`I2-h~VfXN``#q<>{Q7@P zhR2lKdw*B^+N6;#HiG9ptg#zijCvd7kSdQ|thVht`x`Sj-AYpDirTm=T&;8)`oMg9 zcEjGVru+SDOXpmz_fmB}L9e6E>2IKdiwacYM8+izDsiGgIGuQ)CODctS0d|8A84^Y z_G;8e)0!IfIT7pIgI%d_Bdm|IFhqb zF|xNk7+P_v06V(Lcy}OyT#-P|Bv>5DB=ueb-Sf~##aZ99@0+n-%8N$!G-JOw(r+D( z>>bY2hFUkc+21w6-b^Zbv)`^ali|GC8}XY3mw7WqrvnG>n_FIZI}>mI zG<&E;w%_%2{qESB#`Y;~zB$OtZ{9b#zZuJeN*nr@2K9QxeBU#b7B>gA%+322L^oqe zHI`VH_hMiEd$ENQ{9Af2cH7(F;p?v-Pn-HZJQ=HK{{R~;4jzs-K-%pPpN}%2K2re4innVS-|K1%BFvzH(n>HPG660pLXvB z4m5xRoqz*w@i#xA9W_iD<@I7coH=-RuNwgfn^LZM~rEo<}%}6 zIyo_xD~y+N@;zf5A{h*6?r~AjTK0^=^`T{AEY36LqUAheaD5~L8`aHlJ&I&g*ASS_ zMKZmQWJCO_Uxm!V(D1%|F_OK#yE}i!Z2e0gSpU)o*1zO$Q|w4J8(x zlvp%NmFfcOu#J`b5=*Y9O62O`qg099dWl7@vcaLm!sAeBmy)TrgM+j5-xigeZJP6>Zp?)cF>8dL}(2pXF)qhDe$s|k}0VusHEtw5j%tqMF*|} z+kxpocc40;4rB*R1v(I&>uhJPEKn*@1uq0*DF70Sls;zZZ1UM$gXYm%JeQsdQD;Lj zIm8Uwh=3%u@T6E^QS`NBQm#YWq3KX}s5+z$<#Xv9LBU2SG6q#biNR*6tPs*gX)|G^ zFX7Lz2r+{f$w@RR#UPBxLMyG4AX$WOEbz~ADWrrhB3qYY@i9h)ysw41m||SWjf?K2 z>Ll;Ie1AsLWSvQn*9xq&))p-_?@6>)$7IAc$&Roi=!iMGPTEeI55Skab1JhvqY}s~ z)T~JGI_RK4CPQ_BL?4AUieM>}5=9EhgO#eFs)j9e${(jWVvCvtRbutzBf`VP%KFbrA*ObM#z;YxFEORmsdc?Z&R(13<_i_Remjlq zmYl1Cmmwh#q47c$9ct#@gtuR={EEZA@KOS>#2hggRANm7qVUR>(B!wKv%0gYv(#DH zS?nxyme=LJ#1*m4qu~<7khPB8*vlkk;gsGeZ*qZ}b2|RP&OzsRbv(^}O$&5}|2ywF z=+_#BoHjbA9D?Ku)a$loj=t_SN@qlh8WXQbB#<724cfcno#%8g)=dOaC-4l{IomnY zIo&z+b+6k;C9LJ(&Iu+PZjG0&P|+0Ii-=Z?g1~Qb?PRr&kYeI&CI?vvI1;c6muxv* zjJn@*CM1}WU{Zo<2_`0(n)o*DffOYMw7`jTu#sVzb5x@Q*NdziMWNY4o5Pbpe0Ta0 zPHO3ti4YJKIZk%iRh(C-o%F%>`r*lScAfs6>dD2(89A5sE_j(OFtS()2D2B&bE)6! zi3wFol~kqmo$CzIXknAl3X9RC1ZYkrY=vgWS)ZG1>!P@lv8= zSPz_%iQd-mqPxZ96`f=xlbq583J{|r#R0Hr8;rI__PXQAOck(B=lKX19UkUToEH0F z81Mu{4N7Nai}D;ONXFvy-fu5@T(8SH>oUn^iySB1(n*^v zu!t%5yXf_g)!rO^O3^WA&U2h_!h0u`5Q?kuD81-y6)(DdpV&mi_!)&@r4&-2C_|7o z2whJkv*~rqBqY<2Rlk*ryy*B3eVO33h#0go*^pAjIaRWa47OlJnDX|Ep8wpdVR<|24@NtQ!jLpc!X8I1djGJtZm}A-@%3{&?-c982P;Y; zCoDl<0~1|z|1sXD>RdkuLSqdV%-Zojc((XtGHZ-;l;PMOSQKDcfQ12;hRd4EHhjQs zuwab!UQ0%O4zLc{;sDuDUv9Vb1@KYM2%T;Iqw}5iF9nB7fqfwNP?I|kQ|-Z3`Nui z3TMSmCMrJ64U#Tuo4&cpM1avsMe}U6kd6L6kG`D|)?-W@tIBXXuY$4W3 z4$340R&YjYX9lOfYgM5zMHNj-1zS|&T%A1Rq?F9TXq}IZ?EBW1whD4bh$_|`iA;|;AL#G^-rSFagGs-P{}ZADOrGj(_xDC0l9LDXE@zU z9Azw7u2p;i8-#c) MABD*@o-}Fz08{Q{O8@`> diff --git a/creusot/tests/should_succeed/inplace_list_reversal.mlcfg b/creusot/tests/should_succeed/inplace_list_reversal.mlcfg index f48b7797ed..bd092d55a1 100644 --- a/creusot/tests/should_succeed/inplace_list_reversal.mlcfg +++ b/creusot/tests/should_succeed/inplace_list_reversal.mlcfg @@ -85,8 +85,10 @@ module InplaceListReversal_Rev var prev : InplaceListReversal_List_Type.t_list t; var head : InplaceListReversal_List_Type.t_list t; var _7 : borrowed (InplaceListReversal_List_Type.t_list t); + var _8 : InplaceListReversal_List_Type.t_list t; var curr : (t, InplaceListReversal_List_Type.t_list t); var next : InplaceListReversal_List_Type.t_list t; + var _16 : InplaceListReversal_List_Type.t_list t; { goto BB0 } @@ -101,8 +103,10 @@ module InplaceListReversal_Rev [#"../inplace_list_reversal.rs" 27 27 27 28] _7 <- Borrow.borrow_final ( * l) (Borrow.get_id l); [#"../inplace_list_reversal.rs" 27 27 27 28] l <- { l with current = ( ^ _7) ; }; assume { inv1 ( ^ _7) }; - [#"../inplace_list_reversal.rs" 27 19 27 34] head <- ([#"../inplace_list_reversal.rs" 27 19 27 34] replace0 _7 ([#"../inplace_list_reversal.rs" 27 30 27 33] InplaceListReversal_List_Type.C_Nil)); + [#"../inplace_list_reversal.rs" 27 30 27 33] _8 <- ([#"../inplace_list_reversal.rs" 27 30 27 33] InplaceListReversal_List_Type.C_Nil); + [#"../inplace_list_reversal.rs" 27 19 27 34] head <- ([#"../inplace_list_reversal.rs" 27 19 27 34] replace0 _7 _8); _7 <- any borrowed (InplaceListReversal_List_Type.t_list t); + _8 <- any InplaceListReversal_List_Type.t_list t; goto BB2 } BB2 { @@ -126,35 +130,37 @@ module InplaceListReversal_Rev } BB7 { [#"../inplace_list_reversal.rs" 29 19 29 27] curr <- ([#"../inplace_list_reversal.rs" 29 19 29 27] InplaceListReversal_List_Type.cons_0 head); - [#"../inplace_list_reversal.rs" 29 19 29 27] head <- (let InplaceListReversal_List_Type.C_Cons x0 = head in InplaceListReversal_List_Type.C_Cons (any (t, InplaceListReversal_List_Type.t_list t))); + head <- (let InplaceListReversal_List_Type.C_Cons x0 = head in InplaceListReversal_List_Type.C_Cons (any (t, InplaceListReversal_List_Type.t_list t))); assert { [@expl:type invariant] inv1 head }; assume { resolve1 head }; [#"../inplace_list_reversal.rs" 30 19 30 25] next <- ([#"../inplace_list_reversal.rs" 30 19 30 25] let (_, a) = curr in a); - [#"../inplace_list_reversal.rs" 30 19 30 25] curr <- (let (x0, x1) = curr in (x0, any InplaceListReversal_List_Type.t_list t)); + curr <- (let (x0, x1) = curr in (x0, any InplaceListReversal_List_Type.t_list t)); goto BB8 } BB8 { - [#"../inplace_list_reversal.rs" 31 8 31 14] curr <- (let (x0, x1) = curr in (x0, ([#"../inplace_list_reversal.rs" 31 17 31 21] prev))); - [#"../inplace_list_reversal.rs" 31 17 31 21] prev <- any InplaceListReversal_List_Type.t_list t; + [#"../inplace_list_reversal.rs" 31 8 31 14] curr <- (let (x0, x1) = curr in (x0, ([#"../inplace_list_reversal.rs" 31 8 31 14] prev))); + prev <- any InplaceListReversal_List_Type.t_list t; goto BB10 } BB10 { + [#"../inplace_list_reversal.rs" 32 15 32 25] _16 <- ([#"../inplace_list_reversal.rs" 32 15 32 25] InplaceListReversal_List_Type.C_Cons curr); + curr <- any (t, InplaceListReversal_List_Type.t_list t); goto BB11 } BB11 { goto BB12 } BB12 { - [#"../inplace_list_reversal.rs" 32 8 32 12] prev <- ([#"../inplace_list_reversal.rs" 32 15 32 25] InplaceListReversal_List_Type.C_Cons ([#"../inplace_list_reversal.rs" 32 20 32 24] curr)); - [#"../inplace_list_reversal.rs" 32 20 32 24] curr <- any (t, InplaceListReversal_List_Type.t_list t); + [#"../inplace_list_reversal.rs" 32 8 32 12] prev <- ([#"../inplace_list_reversal.rs" 32 8 32 12] _16); + _16 <- any InplaceListReversal_List_Type.t_list t; goto BB14 } BB14 { goto BB15 } BB15 { - [#"../inplace_list_reversal.rs" 33 8 33 12] head <- ([#"../inplace_list_reversal.rs" 33 15 33 19] next); - [#"../inplace_list_reversal.rs" 33 15 33 19] next <- any InplaceListReversal_List_Type.t_list t; + [#"../inplace_list_reversal.rs" 33 8 33 12] head <- ([#"../inplace_list_reversal.rs" 33 8 33 12] next); + next <- any InplaceListReversal_List_Type.t_list t; goto BB17 } BB17 { @@ -172,8 +178,8 @@ module InplaceListReversal_Rev goto BB4 } BB21 { - [#"../inplace_list_reversal.rs" 35 4 35 6] l <- { l with current = ([#"../inplace_list_reversal.rs" 35 9 35 13] prev) ; }; - [#"../inplace_list_reversal.rs" 35 9 35 13] prev <- any InplaceListReversal_List_Type.t_list t; + [#"../inplace_list_reversal.rs" 35 4 35 6] l <- { l with current = ([#"../inplace_list_reversal.rs" 35 4 35 6] prev) ; }; + prev <- any InplaceListReversal_List_Type.t_list t; assert { [@expl:type invariant] inv1 ( * l) }; assume { resolve1 ( * l) }; assert { [@expl:type invariant] inv2 l }; diff --git a/creusot/tests/should_succeed/inplace_list_reversal/why3session.xml b/creusot/tests/should_succeed/inplace_list_reversal/why3session.xml index 31b0868b8c..a72a1e213a 100644 --- a/creusot/tests/should_succeed/inplace_list_reversal/why3session.xml +++ b/creusot/tests/should_succeed/inplace_list_reversal/why3session.xml @@ -1,6 +1,6 @@ +"https://www.why3.org/why3session.dtd"> diff --git a/creusot/tests/should_succeed/inplace_list_reversal/why3shapes.gz b/creusot/tests/should_succeed/inplace_list_reversal/why3shapes.gz index e5dbb9b484f73107b88098cb644c0e9bf1fa6f38..26cbb40d6ba97978b99362947ec44f78aa24f8a6 100644 GIT binary patch literal 420 zcmV;V0bBkbiwFP!00000|AkVqj@vK{-Tf8b+IkWt*^&y}U>FdRrBlK20$!rDMpHYr z)8zLnT5>LTLvPa4T^}jKj|Fi@*1YOABV4HQ&wM!%OC28t3=^51cVg|l)mUX zdZH;@cXU37;UG{&+C4Hk_bA>1On$yVIEJ{5W9BU+`em9z(R2Es)9kV-e(q%Hv|=h z_ppu+(>{iFv4mQ6x2SkV_11U1C&!n2BN7#C(?}JxD|qdblae68_7yI319};!X}pEQ zr{BNgBeo=d252fCyjoiRS O6#oEiYj!tP0{{Tyr_Hed literal 417 zcmV;S0bc$eiwFP!00000|AkV)Zrd;nz56SC>*kY0$+lde2g87n0L4xPj}6#ZZjEMk zW~a&TPqgGT?O{9V>G4tIBlROo=QldKIX$~+?#JOiEz;~~a{5F4a0V1MLWy#P0>LIt zLk~2$^Nx;3H?*Fs5X>z@nHLXkLQT!?SAW>j!y*!PLB_MqIL!3)aXdIc&bB10RJzDFnGtfKo@9K*_n2o5#c1`ChASY`Usfz(QGlt13&B#@fhYcR{JV@EX?s zVcPr9&X-WD?&1~CsJ^=O_u%t%Z3Iw>Z5X5y^$I@wOSHtrGMyPSbdC?cMKp zKMCskfevV>Z_#}5t5&~i^{ZAZw@Z?WU-`$9Z2dh$V*bCadX40*hQflEBY7ZYz09e^ z%Eqp$IE3v*zG)8H;kPS}i1ut~ddO1 shallow_model0 lesser_instant }; - [#"../instant.rs" 24 12 24 29] _63 <- ([#"../instant.rs" 24 12 24 29] sub1 ([#"../instant.rs" 24 12 24 19] instant) ([#"../instant.rs" 24 22 24 29] instant)); + [#"../instant.rs" 24 12 24 29] _63 <- ([#"../instant.rs" 24 12 24 29] sub1 instant instant); goto BB29 } BB29 { - [#"../instant.rs" 24 12 24 41] _61 <- ([#"../instant.rs" 24 12 24 41] eq1 ([#"../instant.rs" 24 12 24 29] _63) ([#"../instant.rs" 24 33 24 41] zero_dur)); + [#"../instant.rs" 24 12 24 41] _61 <- ([#"../instant.rs" 24 12 24 41] eq1 _63 zero_dur); goto BB30 } BB30 { @@ -604,7 +604,7 @@ module Instant_TestInstant end } BB31 { - [#"../instant.rs" 25 12 25 37] _71 <- ([#"../instant.rs" 25 12 25 37] sub1 ([#"../instant.rs" 25 12 25 19] instant) ([#"../instant.rs" 25 22 25 37] greater_instant)); + [#"../instant.rs" 25 12 25 37] _71 <- ([#"../instant.rs" 25 12 25 37] sub1 instant greater_instant); goto BB33 } BB32 { @@ -612,7 +612,7 @@ module Instant_TestInstant absurd } BB33 { - [#"../instant.rs" 25 12 25 49] _69 <- ([#"../instant.rs" 25 12 25 49] eq1 ([#"../instant.rs" 25 12 25 37] _71) ([#"../instant.rs" 25 41 25 49] zero_dur)); + [#"../instant.rs" 25 12 25 49] _69 <- ([#"../instant.rs" 25 12 25 49] eq1 _71 zero_dur); goto BB34 } BB34 { @@ -622,7 +622,7 @@ module Instant_TestInstant end } BB35 { - [#"../instant.rs" 26 12 26 37] _79 <- ([#"../instant.rs" 26 12 26 37] sub1 ([#"../instant.rs" 26 12 26 27] greater_instant) ([#"../instant.rs" 26 30 26 37] instant)); + [#"../instant.rs" 26 12 26 37] _79 <- ([#"../instant.rs" 26 12 26 37] sub1 greater_instant instant); goto BB37 } BB36 { @@ -630,7 +630,7 @@ module Instant_TestInstant absurd } BB37 { - [#"../instant.rs" 26 12 26 48] _77 <- ([#"../instant.rs" 26 12 26 48] gt0 ([#"../instant.rs" 26 12 26 37] _79) ([#"../instant.rs" 26 40 26 48] zero_dur)); + [#"../instant.rs" 26 12 26 48] _77 <- ([#"../instant.rs" 26 12 26 48] gt0 _79 zero_dur); goto BB38 } BB38 { @@ -640,7 +640,7 @@ module Instant_TestInstant end } BB39 { - [#"../instant.rs" 28 12 28 51] _87 <- ([#"../instant.rs" 28 12 28 51] duration_since0 ([#"../instant.rs" 28 12 28 27] greater_instant) ([#"../instant.rs" 28 43 28 50] instant)); + [#"../instant.rs" 28 12 28 51] _87 <- ([#"../instant.rs" 28 12 28 51] duration_since0 greater_instant instant); goto BB41 } BB40 { @@ -648,7 +648,7 @@ module Instant_TestInstant absurd } BB41 { - [#"../instant.rs" 28 12 28 62] _85 <- ([#"../instant.rs" 28 12 28 62] gt0 ([#"../instant.rs" 28 12 28 51] _87) ([#"../instant.rs" 28 54 28 62] zero_dur)); + [#"../instant.rs" 28 12 28 62] _85 <- ([#"../instant.rs" 28 12 28 62] gt0 _87 zero_dur); goto BB42 } BB42 { @@ -658,7 +658,7 @@ module Instant_TestInstant end } BB43 { - [#"../instant.rs" 29 12 29 51] _95 <- ([#"../instant.rs" 29 12 29 51] duration_since0 ([#"../instant.rs" 29 12 29 19] instant) ([#"../instant.rs" 29 35 29 50] greater_instant)); + [#"../instant.rs" 29 12 29 51] _95 <- ([#"../instant.rs" 29 12 29 51] duration_since0 instant greater_instant); goto BB45 } BB44 { @@ -666,7 +666,7 @@ module Instant_TestInstant absurd } BB45 { - [#"../instant.rs" 29 12 29 63] _93 <- ([#"../instant.rs" 29 12 29 63] eq1 ([#"../instant.rs" 29 12 29 51] _95) ([#"../instant.rs" 29 55 29 63] zero_dur)); + [#"../instant.rs" 29 12 29 63] _93 <- ([#"../instant.rs" 29 12 29 63] eq1 _95 zero_dur); goto BB46 } BB46 { @@ -676,7 +676,7 @@ module Instant_TestInstant end } BB47 { - [#"../instant.rs" 30 12 30 59] _103 <- ([#"../instant.rs" 30 12 30 59] checked_duration_since0 ([#"../instant.rs" 30 12 30 27] greater_instant) ([#"../instant.rs" 30 51 30 58] instant)); + [#"../instant.rs" 30 12 30 59] _103 <- ([#"../instant.rs" 30 12 30 59] checked_duration_since0 greater_instant instant); goto BB49 } BB48 { @@ -684,7 +684,7 @@ module Instant_TestInstant absurd } BB49 { - [#"../instant.rs" 30 12 30 69] _101 <- ([#"../instant.rs" 30 12 30 69] is_some0 ([#"../instant.rs" 30 12 30 59] _103)); + [#"../instant.rs" 30 12 30 69] _101 <- ([#"../instant.rs" 30 12 30 69] is_some0 _103); goto BB50 } BB50 { @@ -694,7 +694,7 @@ module Instant_TestInstant end } BB51 { - [#"../instant.rs" 31 12 31 59] _110 <- ([#"../instant.rs" 31 12 31 59] checked_duration_since0 ([#"../instant.rs" 31 12 31 19] instant) ([#"../instant.rs" 31 43 31 58] greater_instant)); + [#"../instant.rs" 31 12 31 59] _110 <- ([#"../instant.rs" 31 12 31 59] checked_duration_since0 instant greater_instant); goto BB53 } BB52 { @@ -702,7 +702,7 @@ module Instant_TestInstant absurd } BB53 { - [#"../instant.rs" 31 12 31 69] _108 <- ([#"../instant.rs" 31 12 31 69] is_none0 ([#"../instant.rs" 31 12 31 59] _110)); + [#"../instant.rs" 31 12 31 69] _108 <- ([#"../instant.rs" 31 12 31 69] is_none0 _110); goto BB54 } BB54 { @@ -712,7 +712,7 @@ module Instant_TestInstant end } BB55 { - [#"../instant.rs" 32 12 32 62] _117 <- ([#"../instant.rs" 32 12 32 62] saturating_duration_since0 ([#"../instant.rs" 32 12 32 27] greater_instant) ([#"../instant.rs" 32 54 32 61] instant)); + [#"../instant.rs" 32 12 32 62] _117 <- ([#"../instant.rs" 32 12 32 62] saturating_duration_since0 greater_instant instant); goto BB57 } BB56 { @@ -720,7 +720,7 @@ module Instant_TestInstant absurd } BB57 { - [#"../instant.rs" 32 12 32 73] _115 <- ([#"../instant.rs" 32 12 32 73] gt0 ([#"../instant.rs" 32 12 32 62] _117) ([#"../instant.rs" 32 65 32 73] zero_dur)); + [#"../instant.rs" 32 12 32 73] _115 <- ([#"../instant.rs" 32 12 32 73] gt0 _117 zero_dur); goto BB58 } BB58 { @@ -730,7 +730,7 @@ module Instant_TestInstant end } BB59 { - [#"../instant.rs" 33 12 33 62] _125 <- ([#"../instant.rs" 33 12 33 62] saturating_duration_since0 ([#"../instant.rs" 33 12 33 19] instant) ([#"../instant.rs" 33 46 33 61] greater_instant)); + [#"../instant.rs" 33 12 33 62] _125 <- ([#"../instant.rs" 33 12 33 62] saturating_duration_since0 instant greater_instant); goto BB61 } BB60 { @@ -738,7 +738,7 @@ module Instant_TestInstant absurd } BB61 { - [#"../instant.rs" 33 12 33 74] _123 <- ([#"../instant.rs" 33 12 33 74] eq1 ([#"../instant.rs" 33 12 33 62] _125) ([#"../instant.rs" 33 66 33 74] zero_dur)); + [#"../instant.rs" 33 12 33 74] _123 <- ([#"../instant.rs" 33 12 33 74] eq1 _125 zero_dur); goto BB62 } BB62 { diff --git a/creusot/tests/should_succeed/ite_normalize.mlcfg b/creusot/tests/should_succeed/ite_normalize.mlcfg index a65f6bd7a9..783cbb19b4 100644 --- a/creusot/tests/should_succeed/ite_normalize.mlcfg +++ b/creusot/tests/should_succeed/ite_normalize.mlcfg @@ -165,17 +165,17 @@ module IteNormalize_Impl6_Clone [#"../ite_normalize.rs" 57 31 57 32] t_1 <- ([#"../ite_normalize.rs" 57 31 57 32] IteNormalize_Expr_Type.ifthenelse_t self); [#"../ite_normalize.rs" 57 45 57 46] e_1 <- ([#"../ite_normalize.rs" 57 45 57 46] IteNormalize_Expr_Type.ifthenelse_e self); [#"../ite_normalize.rs" 55 9 55 14] _9 <- ([#"../ite_normalize.rs" 55 9 55 14] c_1); - [#"../ite_normalize.rs" 55 9 55 14] _7 <- ([#"../ite_normalize.rs" 55 9 55 14] clone0 ([#"../ite_normalize.rs" 55 9 55 14] _9)); + [#"../ite_normalize.rs" 55 9 55 14] _7 <- ([#"../ite_normalize.rs" 55 9 55 14] clone0 _9); goto BB7 } BB7 { [#"../ite_normalize.rs" 55 9 55 14] _12 <- ([#"../ite_normalize.rs" 55 9 55 14] t_1); - [#"../ite_normalize.rs" 55 9 55 14] _10 <- ([#"../ite_normalize.rs" 55 9 55 14] clone0 ([#"../ite_normalize.rs" 55 9 55 14] _12)); + [#"../ite_normalize.rs" 55 9 55 14] _10 <- ([#"../ite_normalize.rs" 55 9 55 14] clone0 _12); goto BB8 } BB8 { [#"../ite_normalize.rs" 55 9 55 14] _15 <- ([#"../ite_normalize.rs" 55 9 55 14] e_1); - [#"../ite_normalize.rs" 55 9 55 14] _13 <- ([#"../ite_normalize.rs" 55 9 55 14] clone0 ([#"../ite_normalize.rs" 55 9 55 14] _15)); + [#"../ite_normalize.rs" 55 9 55 14] _13 <- ([#"../ite_normalize.rs" 55 9 55 14] clone0 _15); goto BB9 } BB9 { @@ -197,7 +197,7 @@ module IteNormalize_Impl6_Clone BB13 { [#"../ite_normalize.rs" 58 10 58 11] v_1 <- ([#"../ite_normalize.rs" 58 10 58 11] IteNormalize_Expr_Type.var_v self); [#"../ite_normalize.rs" 55 9 55 14] _19 <- ([#"../ite_normalize.rs" 55 9 55 14] v_1); - [#"../ite_normalize.rs" 55 9 55 14] _17 <- ([#"../ite_normalize.rs" 55 9 55 14] clone1 ([#"../ite_normalize.rs" 55 9 55 14] _19)); + [#"../ite_normalize.rs" 55 9 55 14] _17 <- ([#"../ite_normalize.rs" 55 9 55 14] clone1 _19); goto BB14 } BB14 { @@ -230,7 +230,7 @@ module IteNormalize_Impl5_Variable goto BB0 } BB0 { - [#"../ite_normalize.rs" 102 8 102 23] _0 <- ([#"../ite_normalize.rs" 102 8 102 23] IteNormalize_Expr_Type.C_Var ([#"../ite_normalize.rs" 102 20 102 21] v)); + [#"../ite_normalize.rs" 102 8 102 23] _0 <- ([#"../ite_normalize.rs" 102 8 102 23] IteNormalize_Expr_Type.C_Var v); return _0 } @@ -249,7 +249,7 @@ module IteNormalize_Impl3_From goto BB0 } BB0 { - [#"../ite_normalize.rs" 81 8 81 25] _0 <- ([#"../ite_normalize.rs" 81 8 81 25] variable0 ([#"../ite_normalize.rs" 81 23 81 24] a)); + [#"../ite_normalize.rs" 81 8 81 25] _0 <- ([#"../ite_normalize.rs" 81 8 81 25] variable0 a); goto BB1 } BB1 { @@ -268,7 +268,7 @@ module IteNormalize_Impl4_From goto BB0 } BB0 { - switch ([#"../ite_normalize.rs" 87 11 87 12] b) + switch (b) | False -> goto BB2 | True -> goto BB1 end @@ -312,10 +312,10 @@ module IteNormalize_Impl5_Ite goto BB4 } BB4 { - [#"../ite_normalize.rs" 98 8 98 75] _0 <- ([#"../ite_normalize.rs" 98 8 98 75] IteNormalize_Expr_Type.C_IfThenElse ([#"../ite_normalize.rs" 98 39 98 40] c) ([#"../ite_normalize.rs" 98 55 98 56] t) ([#"../ite_normalize.rs" 98 71 98 72] e)); - [#"../ite_normalize.rs" 98 39 98 40] c <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 98 55 98 56] t <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 98 71 98 72] e <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 98 8 98 75] _0 <- ([#"../ite_normalize.rs" 98 8 98 75] IteNormalize_Expr_Type.C_IfThenElse c t e); + c <- any IteNormalize_Expr_Type.t_expr; + t <- any IteNormalize_Expr_Type.t_expr; + e <- any IteNormalize_Expr_Type.t_expr; goto BB5 } BB5 { @@ -420,7 +420,7 @@ module IteNormalize_Impl5_Transpose } BB8 { [#"../ite_normalize.rs" 121 27 121 28] _0 <- ([#"../ite_normalize.rs" 121 27 121 28] b); - [#"../ite_normalize.rs" 121 27 121 28] b <- any IteNormalize_Expr_Type.t_expr; + b <- any IteNormalize_Expr_Type.t_expr; goto BB31 } BB9 { @@ -429,22 +429,22 @@ module IteNormalize_Impl5_Transpose } BB10 { [#"../ite_normalize.rs" 112 31 112 32] c <- ([#"../ite_normalize.rs" 112 31 112 32] IteNormalize_Expr_Type.ifthenelse_c self); - [#"../ite_normalize.rs" 112 31 112 32] self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse (any IteNormalize_Expr_Type.t_expr) x1 x2); + self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse (any IteNormalize_Expr_Type.t_expr) x1 x2); [#"../ite_normalize.rs" 112 34 112 35] t <- ([#"../ite_normalize.rs" 112 34 112 35] IteNormalize_Expr_Type.ifthenelse_t self); - [#"../ite_normalize.rs" 112 34 112 35] self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 (any IteNormalize_Expr_Type.t_expr) x2); + self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 (any IteNormalize_Expr_Type.t_expr) x2); [#"../ite_normalize.rs" 112 37 112 38] e <- ([#"../ite_normalize.rs" 112 37 112 38] IteNormalize_Expr_Type.ifthenelse_e self); - [#"../ite_normalize.rs" 112 37 112 38] self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 x1 (any IteNormalize_Expr_Type.t_expr)); + self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 x1 (any IteNormalize_Expr_Type.t_expr)); assume { resolve0 t }; - [#"../ite_normalize.rs" 114 40 114 49] _17 <- ([#"../ite_normalize.rs" 114 40 114 49] clone0 ([#"../ite_normalize.rs" 114 40 114 41] a)); + [#"../ite_normalize.rs" 114 40 114 49] _17 <- ([#"../ite_normalize.rs" 114 40 114 49] clone0 a); goto BB11 } BB11 { - [#"../ite_normalize.rs" 114 51 114 60] _19 <- ([#"../ite_normalize.rs" 114 51 114 60] clone0 ([#"../ite_normalize.rs" 114 51 114 52] b)); + [#"../ite_normalize.rs" 114 51 114 60] _19 <- ([#"../ite_normalize.rs" 114 51 114 60] clone0 b); goto BB12 } BB12 { - [#"../ite_normalize.rs" 114 28 114 61] _15 <- ([#"../ite_normalize.rs" 114 28 114 61] transpose ([#"../ite_normalize.rs" 114 28 114 29] t) _17 _19); - [#"../ite_normalize.rs" 114 28 114 29] t <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 114 28 114 61] _15 <- ([#"../ite_normalize.rs" 114 28 114 61] transpose t _17 _19); + t <- any IteNormalize_Expr_Type.t_expr; _17 <- any IteNormalize_Expr_Type.t_expr; _19 <- any IteNormalize_Expr_Type.t_expr; goto BB13 @@ -454,18 +454,18 @@ module IteNormalize_Impl5_Transpose } BB14 { assume { resolve0 e }; - [#"../ite_normalize.rs" 115 28 115 45] _22 <- ([#"../ite_normalize.rs" 115 28 115 45] transpose ([#"../ite_normalize.rs" 115 28 115 29] e) ([#"../ite_normalize.rs" 115 40 115 41] a) ([#"../ite_normalize.rs" 115 43 115 44] b)); - [#"../ite_normalize.rs" 115 28 115 29] e <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 115 40 115 41] a <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 115 43 115 44] b <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 115 28 115 45] _22 <- ([#"../ite_normalize.rs" 115 28 115 45] transpose e a b); + e <- any IteNormalize_Expr_Type.t_expr; + a <- any IteNormalize_Expr_Type.t_expr; + b <- any IteNormalize_Expr_Type.t_expr; goto BB15 } BB15 { goto BB16 } BB16 { - [#"../ite_normalize.rs" 112 44 116 13] _0 <- ([#"../ite_normalize.rs" 112 44 116 13] IteNormalize_Expr_Type.C_IfThenElse ([#"../ite_normalize.rs" 113 16 113 17] c) _15 _22); - [#"../ite_normalize.rs" 113 16 113 17] c <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 112 44 116 13] _0 <- ([#"../ite_normalize.rs" 112 44 116 13] IteNormalize_Expr_Type.C_IfThenElse c _15 _22); + c <- any IteNormalize_Expr_Type.t_expr; _15 <- any IteNormalize_Expr_Type.t_expr; _22 <- any IteNormalize_Expr_Type.t_expr; goto BB17 @@ -498,10 +498,10 @@ module IteNormalize_Impl5_Transpose goto BB26 } BB26 { - [#"../ite_normalize.rs" 118 16 118 86] _0 <- ([#"../ite_normalize.rs" 118 16 118 86] IteNormalize_Expr_Type.C_IfThenElse ([#"../ite_normalize.rs" 118 47 118 51] self) ([#"../ite_normalize.rs" 118 66 118 67] a) ([#"../ite_normalize.rs" 118 82 118 83] b)); - [#"../ite_normalize.rs" 118 47 118 51] self <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 118 66 118 67] a <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 118 82 118 83] b <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 118 16 118 86] _0 <- ([#"../ite_normalize.rs" 118 16 118 86] IteNormalize_Expr_Type.C_IfThenElse self a b); + self <- any IteNormalize_Expr_Type.t_expr; + a <- any IteNormalize_Expr_Type.t_expr; + b <- any IteNormalize_Expr_Type.t_expr; goto BB27 } BB27 { @@ -515,7 +515,7 @@ module IteNormalize_Impl5_Transpose } BB30 { [#"../ite_normalize.rs" 120 26 120 27] _0 <- ([#"../ite_normalize.rs" 120 26 120 27] a); - [#"../ite_normalize.rs" 120 26 120 27] a <- any IteNormalize_Expr_Type.t_expr; + a <- any IteNormalize_Expr_Type.t_expr; goto BB31 } BB31 { @@ -591,29 +591,29 @@ module IteNormalize_Impl5_Normalize } BB2 { [#"../ite_normalize.rs" 153 12 153 13] e1 <- ([#"../ite_normalize.rs" 153 12 153 13] self); - [#"../ite_normalize.rs" 153 17 153 26] _0 <- ([#"../ite_normalize.rs" 153 17 153 26] clone0 ([#"../ite_normalize.rs" 153 17 153 18] e1)); + [#"../ite_normalize.rs" 153 17 153 26] _0 <- ([#"../ite_normalize.rs" 153 17 153 26] clone0 e1); goto BB11 } BB3 { [#"../ite_normalize.rs" 147 31 147 32] c <- ([#"../ite_normalize.rs" 147 31 147 32] IteNormalize_Expr_Type.ifthenelse_c self); [#"../ite_normalize.rs" 147 34 147 35] t <- ([#"../ite_normalize.rs" 147 34 147 35] IteNormalize_Expr_Type.ifthenelse_t self); [#"../ite_normalize.rs" 147 37 147 38] e <- ([#"../ite_normalize.rs" 147 37 147 38] IteNormalize_Expr_Type.ifthenelse_e self); - [#"../ite_normalize.rs" 148 25 148 38] cp <- ([#"../ite_normalize.rs" 148 25 148 38] normalize ([#"../ite_normalize.rs" 148 25 148 26] c)); + [#"../ite_normalize.rs" 148 25 148 38] cp <- ([#"../ite_normalize.rs" 148 25 148 38] normalize c); goto BB4 } BB4 { - [#"../ite_normalize.rs" 149 25 149 38] tp <- ([#"../ite_normalize.rs" 149 25 149 38] normalize ([#"../ite_normalize.rs" 149 25 149 26] t)); + [#"../ite_normalize.rs" 149 25 149 38] tp <- ([#"../ite_normalize.rs" 149 25 149 38] normalize t); goto BB5 } BB5 { - [#"../ite_normalize.rs" 150 25 150 38] ep <- ([#"../ite_normalize.rs" 150 25 150 38] normalize ([#"../ite_normalize.rs" 150 25 150 26] e)); + [#"../ite_normalize.rs" 150 25 150 38] ep <- ([#"../ite_normalize.rs" 150 25 150 38] normalize e); goto BB6 } BB6 { - [#"../ite_normalize.rs" 151 16 151 36] _0 <- ([#"../ite_normalize.rs" 151 16 151 36] transpose0 ([#"../ite_normalize.rs" 151 16 151 18] cp) ([#"../ite_normalize.rs" 151 29 151 31] tp) ([#"../ite_normalize.rs" 151 33 151 35] ep)); - [#"../ite_normalize.rs" 151 16 151 18] cp <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 151 29 151 31] tp <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 151 33 151 35] ep <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 151 16 151 36] _0 <- ([#"../ite_normalize.rs" 151 16 151 36] transpose0 cp tp ep); + cp <- any IteNormalize_Expr_Type.t_expr; + tp <- any IteNormalize_Expr_Type.t_expr; + ep <- any IteNormalize_Expr_Type.t_expr; goto BB7 } BB7 { @@ -867,18 +867,18 @@ module IteNormalize_Impl5_SimplifyHelper } BB6 { [#"../ite_normalize.rs" 229 12 229 13] c2 <- ([#"../ite_normalize.rs" 229 12 229 13] self); - [#"../ite_normalize.rs" 229 12 229 13] self <- any IteNormalize_Expr_Type.t_expr; + self <- any IteNormalize_Expr_Type.t_expr; [#"../ite_normalize.rs" 229 17 229 18] _0 <- ([#"../ite_normalize.rs" 229 17 229 18] c2); - [#"../ite_normalize.rs" 229 17 229 18] c2 <- any IteNormalize_Expr_Type.t_expr; + c2 <- any IteNormalize_Expr_Type.t_expr; goto BB51 } BB7 { [#"../ite_normalize.rs" 191 31 191 32] c <- ([#"../ite_normalize.rs" 191 31 191 32] IteNormalize_Expr_Type.ifthenelse_c self); - [#"../ite_normalize.rs" 191 31 191 32] self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse (any IteNormalize_Expr_Type.t_expr) x1 x2); + self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse (any IteNormalize_Expr_Type.t_expr) x1 x2); [#"../ite_normalize.rs" 191 34 191 35] t <- ([#"../ite_normalize.rs" 191 34 191 35] IteNormalize_Expr_Type.ifthenelse_t self); - [#"../ite_normalize.rs" 191 34 191 35] self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 (any IteNormalize_Expr_Type.t_expr) x2); + self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 (any IteNormalize_Expr_Type.t_expr) x2); [#"../ite_normalize.rs" 191 37 191 38] e <- ([#"../ite_normalize.rs" 191 37 191 38] IteNormalize_Expr_Type.ifthenelse_e self); - [#"../ite_normalize.rs" 191 37 191 38] self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 x1 (any IteNormalize_Expr_Type.t_expr)); + self <- (let IteNormalize_Expr_Type.C_IfThenElse x0 x1 x2 = self in IteNormalize_Expr_Type.C_IfThenElse x0 x1 (any IteNormalize_Expr_Type.t_expr)); switch (c) | IteNormalize_Expr_Type.C_Var _ -> goto BB9 | _ -> goto BB8 @@ -888,11 +888,11 @@ module IteNormalize_Impl5_SimplifyHelper assume { resolve0 e }; assume { resolve0 t }; [#"../ite_normalize.rs" 215 20 215 21] c1 <- ([#"../ite_normalize.rs" 215 20 215 21] c); - [#"../ite_normalize.rs" 215 20 215 21] c <- any IteNormalize_Expr_Type.t_expr; + c <- any IteNormalize_Expr_Type.t_expr; assume { resolve0 c }; - [#"../ite_normalize.rs" 215 25 215 49] _0 <- ([#"../ite_normalize.rs" 215 25 215 49] simplify_helper ([#"../ite_normalize.rs" 215 25 215 26] c1) ([#"../ite_normalize.rs" 215 43 215 48] state)); - [#"../ite_normalize.rs" 215 25 215 26] c1 <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 215 43 215 48] state <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; + [#"../ite_normalize.rs" 215 25 215 49] _0 <- ([#"../ite_normalize.rs" 215 25 215 49] simplify_helper c1 state); + c1 <- any IteNormalize_Expr_Type.t_expr; + state <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; goto BB36 } BB9 { @@ -901,7 +901,7 @@ module IteNormalize_Impl5_SimplifyHelper BB10 { [#"../ite_normalize.rs" 193 32 193 33] v <- ([#"../ite_normalize.rs" 193 32 193 33] IteNormalize_Expr_Type.var_v c); [#"../ite_normalize.rs" 194 51 194 53] _16 <- ([#"../ite_normalize.rs" 194 51 194 53] v); - [#"../ite_normalize.rs" 194 41 194 54] _13 <- ([#"../ite_normalize.rs" 194 41 194 54] get0 ([#"../ite_normalize.rs" 194 41 194 46] state) ([#"../ite_normalize.rs" 194 51 194 53] _16)); + [#"../ite_normalize.rs" 194 41 194 54] _13 <- ([#"../ite_normalize.rs" 194 41 194 54] get0 state _16); goto BB11 } BB11 { @@ -916,7 +916,7 @@ module IteNormalize_Impl5_SimplifyHelper BB13 { assume { resolve0 c }; [#"../ite_normalize.rs" 194 36 194 37] b <- ([#"../ite_normalize.rs" 194 36 194 37] Core_Option_Option_Type.some_0 _13); - switch ([#"../ite_normalize.rs" 195 31 195 33] b) + switch (b) | False -> goto BB16 | True -> goto BB14 end @@ -924,9 +924,9 @@ module IteNormalize_Impl5_SimplifyHelper BB14 { assume { resolve0 e }; assume { resolve0 t }; - [#"../ite_normalize.rs" 196 32 196 56] _0 <- ([#"../ite_normalize.rs" 196 32 196 56] simplify_helper ([#"../ite_normalize.rs" 196 32 196 33] t) ([#"../ite_normalize.rs" 196 50 196 55] state)); - [#"../ite_normalize.rs" 196 32 196 33] t <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 196 50 196 55] state <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; + [#"../ite_normalize.rs" 196 32 196 56] _0 <- ([#"../ite_normalize.rs" 196 32 196 56] simplify_helper t state); + t <- any IteNormalize_Expr_Type.t_expr; + state <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; goto BB15 } BB15 { @@ -935,9 +935,9 @@ module IteNormalize_Impl5_SimplifyHelper BB16 { assume { resolve0 t }; assume { resolve0 e }; - [#"../ite_normalize.rs" 198 32 198 56] _0 <- ([#"../ite_normalize.rs" 198 32 198 56] simplify_helper ([#"../ite_normalize.rs" 198 32 198 33] e) ([#"../ite_normalize.rs" 198 50 198 55] state)); - [#"../ite_normalize.rs" 198 32 198 33] e <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 198 50 198 55] state <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; + [#"../ite_normalize.rs" 198 32 198 56] _0 <- ([#"../ite_normalize.rs" 198 32 198 56] simplify_helper e state); + e <- any IteNormalize_Expr_Type.t_expr; + state <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; goto BB17 } BB17 { @@ -947,39 +947,39 @@ module IteNormalize_Impl5_SimplifyHelper goto BB35 } BB19 { - [#"../ite_normalize.rs" 202 46 202 59] state_t <- ([#"../ite_normalize.rs" 202 46 202 59] clone0 ([#"../ite_normalize.rs" 202 46 202 51] state)); + [#"../ite_normalize.rs" 202 46 202 59] state_t <- ([#"../ite_normalize.rs" 202 46 202 59] clone0 state); goto BB20 } BB20 { [#"../ite_normalize.rs" 203 28 203 35] _27 <- Borrow.borrow_mut state_t; [#"../ite_normalize.rs" 203 28 203 35] state_t <- ^ _27; - [#"../ite_normalize.rs" 203 28 203 51] _26 <- ([#"../ite_normalize.rs" 203 28 203 51] insert0 _27 ([#"../ite_normalize.rs" 203 43 203 44] v) ([#"../ite_normalize.rs" 203 46 203 50] [#"../ite_normalize.rs" 203 46 203 50] true)); + [#"../ite_normalize.rs" 203 28 203 51] _26 <- ([#"../ite_normalize.rs" 203 28 203 51] insert0 _27 v true); _27 <- any borrowed (IteNormalize_BTreeMap_Type.t_btreemap usize bool); goto BB21 } BB21 { assume { resolve0 t }; - [#"../ite_normalize.rs" 204 37 204 63] tp <- ([#"../ite_normalize.rs" 204 37 204 63] simplify_helper ([#"../ite_normalize.rs" 204 37 204 38] t) ([#"../ite_normalize.rs" 204 55 204 62] state_t)); - [#"../ite_normalize.rs" 204 37 204 38] t <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 204 55 204 62] state_t <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; + [#"../ite_normalize.rs" 204 37 204 63] tp <- ([#"../ite_normalize.rs" 204 37 204 63] simplify_helper t state_t); + t <- any IteNormalize_Expr_Type.t_expr; + state_t <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; goto BB22 } BB22 { - [#"../ite_normalize.rs" 207 46 207 59] state_e <- ([#"../ite_normalize.rs" 207 46 207 59] clone0 ([#"../ite_normalize.rs" 207 46 207 51] state)); + [#"../ite_normalize.rs" 207 46 207 59] state_e <- ([#"../ite_normalize.rs" 207 46 207 59] clone0 state); goto BB23 } BB23 { [#"../ite_normalize.rs" 208 28 208 35] _35 <- Borrow.borrow_mut state_e; [#"../ite_normalize.rs" 208 28 208 35] state_e <- ^ _35; - [#"../ite_normalize.rs" 208 28 208 52] _34 <- ([#"../ite_normalize.rs" 208 28 208 52] insert0 _35 ([#"../ite_normalize.rs" 208 43 208 44] v) ([#"../ite_normalize.rs" 208 46 208 51] [#"../ite_normalize.rs" 208 46 208 51] false)); + [#"../ite_normalize.rs" 208 28 208 52] _34 <- ([#"../ite_normalize.rs" 208 28 208 52] insert0 _35 v false); _35 <- any borrowed (IteNormalize_BTreeMap_Type.t_btreemap usize bool); goto BB24 } BB24 { assume { resolve0 e }; - [#"../ite_normalize.rs" 209 37 209 63] ep <- ([#"../ite_normalize.rs" 209 37 209 63] simplify_helper ([#"../ite_normalize.rs" 209 37 209 38] e) ([#"../ite_normalize.rs" 209 55 209 62] state_e)); - [#"../ite_normalize.rs" 209 37 209 38] e <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 209 55 209 62] state_e <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; + [#"../ite_normalize.rs" 209 37 209 63] ep <- ([#"../ite_normalize.rs" 209 37 209 63] simplify_helper e state_e); + e <- any IteNormalize_Expr_Type.t_expr; + state_e <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; goto BB25 } BB25 { @@ -989,10 +989,10 @@ module IteNormalize_Impl5_SimplifyHelper goto BB27 } BB27 { - [#"../ite_normalize.rs" 212 28 212 84] _0 <- ([#"../ite_normalize.rs" 212 28 212 84] IteNormalize_Expr_Type.C_IfThenElse ([#"../ite_normalize.rs" 212 47 212 48] c) ([#"../ite_normalize.rs" 212 62 212 64] tp) ([#"../ite_normalize.rs" 212 79 212 81] ep)); - [#"../ite_normalize.rs" 212 47 212 48] c <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 212 62 212 64] tp <- any IteNormalize_Expr_Type.t_expr; - [#"../ite_normalize.rs" 212 79 212 81] ep <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 212 28 212 84] _0 <- ([#"../ite_normalize.rs" 212 28 212 84] IteNormalize_Expr_Type.C_IfThenElse c tp ep); + c <- any IteNormalize_Expr_Type.t_expr; + tp <- any IteNormalize_Expr_Type.t_expr; + ep <- any IteNormalize_Expr_Type.t_expr; goto BB28 } BB28 { @@ -1040,7 +1040,7 @@ module IteNormalize_Impl5_SimplifyHelper BB42 { [#"../ite_normalize.rs" 218 24 218 25] v1 <- ([#"../ite_normalize.rs" 218 24 218 25] IteNormalize_Expr_Type.var_v self); [#"../ite_normalize.rs" 219 43 219 45] _52 <- ([#"../ite_normalize.rs" 219 43 219 45] v1); - [#"../ite_normalize.rs" 219 33 219 46] _49 <- ([#"../ite_normalize.rs" 219 33 219 46] get0 ([#"../ite_normalize.rs" 219 33 219 38] state) ([#"../ite_normalize.rs" 219 43 219 45] _52)); + [#"../ite_normalize.rs" 219 33 219 46] _49 <- ([#"../ite_normalize.rs" 219 33 219 46] get0 state _52); goto BB43 } BB43 { @@ -1054,7 +1054,7 @@ module IteNormalize_Impl5_SimplifyHelper } BB45 { [#"../ite_normalize.rs" 219 28 219 29] b1 <- ([#"../ite_normalize.rs" 219 28 219 29] Core_Option_Option_Type.some_0 _49); - switch ([#"../ite_normalize.rs" 220 23 220 25] b1) + switch (b1) | False -> goto BB47 | True -> goto BB46 end @@ -1071,7 +1071,7 @@ module IteNormalize_Impl5_SimplifyHelper goto BB50 } BB49 { - [#"../ite_normalize.rs" 226 20 226 35] _0 <- ([#"../ite_normalize.rs" 226 20 226 35] IteNormalize_Expr_Type.C_Var ([#"../ite_normalize.rs" 226 32 226 33] v1)); + [#"../ite_normalize.rs" 226 20 226 35] _0 <- ([#"../ite_normalize.rs" 226 20 226 35] IteNormalize_Expr_Type.C_Var v1); goto BB50 } BB50 { @@ -1165,8 +1165,8 @@ module IteNormalize_Impl5_Simplify goto BB2 } BB2 { - [#"../ite_normalize.rs" 182 8 182 45] _0 <- ([#"../ite_normalize.rs" 182 8 182 45] simplify_helper0 ([#"../ite_normalize.rs" 182 8 182 12] self) _5); - [#"../ite_normalize.rs" 182 8 182 12] self <- any IteNormalize_Expr_Type.t_expr; + [#"../ite_normalize.rs" 182 8 182 45] _0 <- ([#"../ite_normalize.rs" 182 8 182 45] simplify_helper0 self _5); + self <- any IteNormalize_Expr_Type.t_expr; _5 <- any IteNormalize_BTreeMap_Type.t_btreemap usize bool; goto BB3 } diff --git a/creusot/tests/should_succeed/iterators/01_range.mlcfg b/creusot/tests/should_succeed/iterators/01_range.mlcfg index 490a8aa47f..5dcec0a0f5 100644 --- a/creusot/tests/should_succeed/iterators/01_range.mlcfg +++ b/creusot/tests/should_succeed/iterators/01_range.mlcfg @@ -108,12 +108,14 @@ module C01Range_Impl0_Next = [@vc:do_not_keep_trace] [@vc:sp] var _0 : Core_Option_Option_Type.t_option isize; var self : borrowed (C01Range_Range_Type.t_range) = self; + var _3 : bool; var r : isize; { goto BB0 } BB0 { - switch ([#"../01_range.rs" 58 11 58 33] ([#"../01_range.rs" 58 11 58 21] C01Range_Range_Type.range_start ( * self)) >= ([#"../01_range.rs" 58 25 58 33] C01Range_Range_Type.range_end ( * self))) + [#"../01_range.rs" 58 11 58 33] _3 <- ([#"../01_range.rs" 58 11 58 33] C01Range_Range_Type.range_start ( * self) >= C01Range_Range_Type.range_end ( * self)); + switch (_3) | False -> goto BB2 | True -> goto BB1 end @@ -125,9 +127,9 @@ module C01Range_Impl0_Next } BB2 { [#"../01_range.rs" 61 20 61 30] r <- ([#"../01_range.rs" 61 20 61 30] C01Range_Range_Type.range_start ( * self)); - [#"../01_range.rs" 62 12 62 27] self <- { self with current = (let C01Range_Range_Type.C_Range x0 x1 = * self in C01Range_Range_Type.C_Range ([#"../01_range.rs" 62 12 62 27] C01Range_Range_Type.range_start ( * self) + ([#"../01_range.rs" 62 26 62 27] [#"../01_range.rs" 62 26 62 27] (1 : isize))) x1) ; }; + [#"../01_range.rs" 62 12 62 27] self <- { self with current = (let C01Range_Range_Type.C_Range x0 x1 = * self in C01Range_Range_Type.C_Range ([#"../01_range.rs" 62 12 62 27] C01Range_Range_Type.range_start ( * self) + (1 : isize)) x1) ; }; assume { resolve0 self }; - [#"../01_range.rs" 63 12 63 19] _0 <- ([#"../01_range.rs" 63 12 63 19] Core_Option_Option_Type.C_Some ([#"../01_range.rs" 63 17 63 18] r)); + [#"../01_range.rs" 63 12 63 19] _0 <- ([#"../01_range.rs" 63 12 63 19] Core_Option_Option_Type.C_Some r); goto BB3 } BB3 { @@ -148,7 +150,7 @@ module C01Range_Impl1_IntoIter } BB0 { [#"../01_range.rs" 71 8 71 12] _0 <- ([#"../01_range.rs" 71 8 71 12] self); - [#"../01_range.rs" 71 8 71 12] self <- any C01Range_Range_Type.t_range; + self <- any C01Range_Range_Type.t_range; return _0 } @@ -233,6 +235,7 @@ module C01Range_SumRange var n : isize = n; var i : isize; var it : C01Range_Range_Type.t_range; + var _6 : C01Range_Range_Type.t_range; var iter_old : Snapshot.snap_ty (C01Range_Range_Type.t_range); var produced : Snapshot.snap_ty (Seq.seq isize); var _17 : Core_Option_Option_Type.t_option isize; @@ -243,8 +246,10 @@ module C01Range_SumRange goto BB0 } BB0 { - [#"../01_range.rs" 78 16 78 17] i <- ([#"../01_range.rs" 78 16 78 17] [#"../01_range.rs" 78 16 78 17] (0 : isize)); - [#"../01_range.rs" 79 17 79 55] it <- ([#"../01_range.rs" 79 17 79 55] into_iter0 ([#"../01_range.rs" 79 17 79 43] C01Range_Range_Type.C_Range ([#"../01_range.rs" 79 32 79 33] [#"../01_range.rs" 79 32 79 33] (0 : isize)) ([#"../01_range.rs" 79 40 79 41] n))); + [#"../01_range.rs" 78 16 78 17] i <- ([#"../01_range.rs" 78 16 78 17] (0 : isize)); + [#"../01_range.rs" 79 17 79 43] _6 <- ([#"../01_range.rs" 79 17 79 43] C01Range_Range_Type.C_Range (0 : isize) n); + [#"../01_range.rs" 79 17 79 55] it <- ([#"../01_range.rs" 79 17 79 55] into_iter0 _6); + _6 <- any C01Range_Range_Type.t_range; goto BB1 } BB1 { @@ -295,8 +300,8 @@ module C01Range_SumRange } BB11 { [#"../01_range.rs" 88 16 88 75] produced <- ([#"../01_range.rs" 88 16 88 75] _21); - [#"../01_range.rs" 88 16 88 75] _21 <- any Snapshot.snap_ty (Seq.seq isize); - [#"../01_range.rs" 89 16 89 22] i <- ([#"../01_range.rs" 89 16 89 22] i + ([#"../01_range.rs" 89 21 89 22] [#"../01_range.rs" 89 21 89 22] (1 : isize))); + _21 <- any Snapshot.snap_ty (Seq.seq isize); + [#"../01_range.rs" 89 16 89 22] i <- ([#"../01_range.rs" 89 16 89 22] i + (1 : isize)); goto BB4 } diff --git a/creusot/tests/should_succeed/iterators/01_range/why3session.xml b/creusot/tests/should_succeed/iterators/01_range/why3session.xml index cb3bf3edaf..906c627a5a 100644 --- a/creusot/tests/should_succeed/iterators/01_range/why3session.xml +++ b/creusot/tests/should_succeed/iterators/01_range/why3session.xml @@ -17,7 +17,7 @@ - + @@ -27,7 +27,7 @@ - + diff --git a/creusot/tests/should_succeed/iterators/01_range/why3shapes.gz b/creusot/tests/should_succeed/iterators/01_range/why3shapes.gz index 404b2b0604fa4c6013467eb24cd9d039b1ab3acb..cb2d68289d0b56f8b359c7d0fa9c8274bb1ed344 100644 GIT binary patch literal 962 zcmV;z13mm7iwFP!00000|D{z+Z{s!)zUx=$wrzp}9KKoXE?@)^WMI)lx8Sh`DNa(GKhWz}*WE>{taR1btJ`-+$v@z~Rqpz-azhH)jVK%wmIiLmd2CXo zGW@yMt*hK&j5D^hqXjbJej6U6Whs*FXV0W^pFh1__=P2QA(yH)cnJG$=ljPljPGM# zL*FKR#2-8)bEFe;5Bc7OC)De`&+8ez!ly;a`$$`;ue}jhKlns^a)3 z0(&A>Rz)HV1*^8x7g%-T+{Yyes97>15hOvI42Rg=9lxQyi-V%BIeql zb4g>VuC^<}QN8RMLTaGeyx!7m%z2chvdWTlUHopT$XW4g8Nm;8KP6$pYAK%8$K_gV z(tgiYG*z2ZIJm5V90C`o6w(k>W!G~i#CLW%OYBQ(8>UIpd@5oB$S?<`%M`e$FUujP zd0*6xIMh3ICe=LQxXsKOipOcH?dt9T_1fiu+Dl@Vu8-_D-ybHQAn2@~Wb9Zz*Ay!) zaFkcX0QLqk(6Ax~hhJK@jepZ3LSApVepDIkFMiWt{p_ujxnK?kF z6|vKCnA0tReVPtMH_7Gm8HZ{vkHh$QzssXO4;f1j$0QqsMe!kYP27j&be9?D_{pIJbi_HX1Z2wypwazjjgM@4a9BD7`iP76vwbk-r zj^ci9l@L5J`@Ct>(3^(yu65rM!=X1fr#;LIMv=MiZU(qVb-WP?N$t zXd1x{F+6JGD72C~158A!Txe;@YFbDWX^=jEAS7xHn(IJ?X(2SC5j2#d=7kj65z|EF zTOqmdiW=Im#x+Elh{;P;%ffi&f$HcPSGp0QB`p;#Q_e$RUWO8A4NwEAO|1(SqKh<& zrfHlD(ooMl)&QxQq9Mc*bPcKoS%av7*T4#@IMwC|QO41L2-4Wl#wK0BqITF#rGn literal 935 zcmV;Y16ceYiwFP!00000|D9D!Z{s!)zUx=$wrzp}9KKoX7BGwm60q1q3-DNjqNuD< zTS_G-Y5#qPlSPEg<;(H-OstqZ+^_&!_YU6K8(Z? z7mg37zbz>;yUp8v$j`Rj5Zc4q_4d|+WtLY9EscuJ(hYs++ia)7bz`=5zCS)3!YMQ{ z;db|}@4`#4yFul+@9xo~?<{q{C#T=~W3U#g{nmZ4a8|I58^YKho&vFIgBIoLei-`a z(0n@nfnLA5?mk#)g=_bnJ7B7PW62%5x_x(&{1g6L>26%w2B zES_&FfJ-daUPn_%PvyA z*u-IQ5!z%pgzoZOL@wQtEC1P>VAsCgw;}3xzEczG7Qgqv7)Ki%;Ai5CCM8C$i#l$Ghx56iY6mw8mroc0OU9xmKA-EA)xxl+)B03%aOQ zQJ1_L;zJ`V;f zHtQPi&EBig1Nf){STh%xt_qbE2%TUM8GGhX=%<%no$Ea z32mU>`9=m6G-px=uYD^qisz!_nH1U)exZQy?BJqKr$j872Qhop7 zuzn6dlSVD_hU1Z+Yxg!B=F1z6fL-{s-tOOSJh#$p&Ougd_*5=QnuVkTfAb??_cMa@n4i*m?NX z*!e$;fv^w*X^IG+C3*6tk|&EYSpxn-3nNLTiIOF3HfX-1L^5BIGO2!PD&aRfy zHpyu_MS|zB?Q;THvs*Nti7s%g&TcxudED_XJZ;d-yU1<)hzmSqfcQLacb`%zgJYQD z_D@gykD>d+`+rXsJVeNTvvb?LH4@1LQ#y>(xsZwvk56HAsM`}`!_^7y;5PW>WG91#8K7)F4e#P~$;!V^XKhou7_WESD?nQC^YyUnpXAhhT)y1P-Uz&cn zJbgU@M;89E-vzfOxtgsHSy^y(_|Icl4L*D2p2G8f`w~c*M({N$7+22k-#>1{A#`N0 zt#v)5`vlWaSq$oVvwMp>_B)(LuF|gCW1Pz4`Q5Red#G!(NbwxErIIr@Q^@QF$AEEk zgrmtDSp`Fg`{Cpma!X$kqjPzPWj2@w^iX>0n`JwWte&&u6x)~7b#~Kr*>u5LXNsn=NV;K@6Q-L<%h+- zAh+iAwqRt5vU9~NOVz=}%4L4+=*w&gW5Ga<7eXo}O1y()``M#dbuBgthm;l@qFDhn zjf~OK)QD(q>O-^@$}pT1Z%BbB4bqv5rg&5wQ)i!x0T$PxI?3RO7_F=K=@O_?MAsuc z=p3Ps;1RXJ%M33QJZKCSqo1n*UKZC@@xQWG#;bzi(%_;3={W_W@K_q@C@HW>eOySL%) z!*+Xr7~?KY5@N?vr&a1C3z%d{rVF7#>M%&XR#E8^h}>0c9PjC3Oo?@H@lid-6*WfD zS)cJGx3H%jPQB9OV?capaxoAMPmR6GVeCxK(c{?FUy5#V9;ING7~xI!F8Rg%4*UFm zhkuuThyQ|pM=$j|D)&2+mYAh(nEQyJUpC zX)(K&ZAW2aEk0uzkFdwikw_ia3AijBZhSzO-ETX$3m+$|HitM_WSb|GY){~D;dZ}& z99t87ikruhKHt_1bn@2$c}_A~ncLu}+f*6N*GI03lRnIA-~kc8EN}^*%@Q2%dyOI{ zKJe+1jKVV4^~Rmnd-gTvxf3eW0UDJDa%|GeGfhvk&Mae{G-h#l(nuA+u`L5p+kQxf zfFDEuSW6Bx_)CWTa>kBdW(qu=90WSQT#Zf?bys=G-D>=fJ?S%kS(7=lc>$fWIB8?^ zg~@z~r0)04lFC>$nMW^Xc;=u z<)0~xn@Qe0IYNG;w#K?HMv7OErjaGuvq>tR6(^{u99KU<3aoL{aO3fbE%-M*4nvQ) zK0Lj+T!=7(#_hU3&et&=^RX$KG%d* zn_&9vC40s?3oz*_D8D}x$G<&yq=t)ztIQTxGlAe#;fAZbn`1dQ)C|ieX_$$dx%=DH9 zlLi=e?OFPWJiX&)xt&RPn;^E7I4Y77@g5NwXIwXpCOOvw2-GqW<~Rbv%Z`X%(r^?$?Det6eH$4ifI_4^dL+%k#FzfYm%_bD{}6e1NK z^+gXIUi9RL)Pm06+?ta&kFy=~7mcTljydX{Vnj3-nJ&i!nweD5vXBO zO1fgiGG!T??ea`B7DCr+(-NU|-*T*Vyfc(C&qKdr!ZK;8wp3Y)55iJzDQ>67P`KIg zmSD=qy?v0*I3_vuK)axOMG_SMEGW}z;RvTnwh}5FIQKYp#M0opB%tw8V$D*HjVH_FZ69V9xK7wBTzf7-3{*dT<2E z2;Os!G*B#rVpG#W)(8C>3a$1=^jr%{s3s7Upwf%pwW>@W*RR0#fobDR z#~A<%3b{ke?4@Z9Xr|kCC5#o?3T1`-V(^y5lSB}j5iME**NIpMkC-UZ=$5=7`Ub3H@f0?$3A zW~I1Q%qnUXSVgQfR_ZH7wCjW8q2olMTlik_zL%OQi~#^@rMcBC($&;zu$ow9titf8 ztddrVE3_x3THgt;guv(^(D*%Vg=vFqyS`rmvJS|*k=6)nxHZfgY7JOJ$~m;LT3fBG zMmpk3cAex(Kc6-(1*6|6ywHIj0hd~ zy=R`Nj%H|H{-L`Q^mhWkgj8VA8iQ1Pr+P=22q*;^gGNu#%jF6P1{i|EAsAu^#u)O= zXk)xnt&18!tD^>GrYQPQ*9W6o?MSALQS3X>_a3!IdPgyXwu%SWw=FuDBhu?mIaTN* zjTBGed-8%sIyWRp4=uFbm|zShGjAAXY~LG^R35{9jQ26%$A}+8evJ7s=zn{bg2O@r zdGbAm8qv9q=#Ep0F4P9rp@Fl=Qv8RcXiPdtio&nSV#`9yTHj;Z5P{&gp7kDseo!qs zr}3FZBuiyh;BU(=>X9Og&PXiS47#;rEl{lklR~P_U=%`rFjxXcOJK+o)?$E_6~uF} znA(v()&qc52ViLcSl=MPZ*dl-jfM_S6Y#S)yydOn9dSLzX5SfI&O(1L=Mkpw(ULmP zv8Hvp!yIlnhNsSVp~K3zoCoP}mTl?xb2jLS@tyQcI%kyg(M>wnL#zrhqqcZ9q{l_^ zi{DNMQq#7@%0^;if^svxlpYO@lYr&03o8(@$VGZsYy#FEnCk)S4-oMaMT{j#&iA3i z+M@4iz&c$~!cs0{SgE!_6Fhi9Qm-Smj0tRdyuhLZ5HEPoW39@m&{+A&f}~$Z`X8r< J>Z1xY004$w0lokL literal 3582 zcmVD0D=&q1#I$=0P`rKyQjw{ zLX%pGmYw|iR9|zDGnBNpcd;>SbJ)jM)pb`7|9HK6`d}Z!)9N`Ko;Lg4Ushsu{imzr z&vvtWW(~S4kF>${ku;<};)dQ`*&pB8ZP>j(ez1VG-R?iHKknPG#SOE^{d%)I+K=`N zy0P!h=QnM`ZW5`px%*6(-Cf-t?d|&h7!H5`bZi=)*4x9z?vAM8i4XV$K6*BQ>c>yV z^;7s6HFB0W7?1p1+xOu(UEU}FY{QrJcK?3kvAvE%_x48^pF_Wa(|gpYy9oC%1E;5O z4{<2M=}U0>E*+9gC-1Y!B^>qfux~&4@PrzSZTR?j{0}_bXHj7M(@0(zRM_0Ey8U5Q zH?0q$+g|kw?$z5XcTnvMnmJb~k1FM51;1n*Vr(2`gUBSSa%DM@%)=-u;vFbrIGz66 z#2QrLeIhrU(Mb};td=ltFgevz8jPBPsToyaTy%xWUB$-<|JREEc|iSjYr_Cw?50++9JldBn`MS;OYuL;$%wGZa_DYv(0W7 z4nXLKy6%S`Y$o%Xeg4d9j|aPZnicRV$p(wE2uSu+mp6FWkTfA)cciKrF>g^%Hx z?EIg_Ks*xzNs0)sl015=TP{1~TZiBx;U3qBqJ$Q1P<4_?TiXvm=H>~bz` zqnx%=BzOwjE+>FBy#?bL=>o>;?54#q4?8}D!v@T}joikMxWMBK5TA$b_Dd>dU<^{+ z{&3iT4(%U4{(H3GAwqVWo!#cGkw_+((qWv=g;acaJcPlaZqJMjRwuZl-N2W#xp=yB z3x(n3P1j}9Ul&|HgL<^Q;<{h)E^3aQ=yEiBeKuS7g1G**{}`IZ1E)fD_Gs6arXMa( zUys0ng@5dK!LCuRX6r*%7QQe?()ILB?NqIb zNb*Kn!2sgEKRJZl(pSXjTpnVXjdg=nUwW#Wc{`4*F4=L4?Q`l{+;m+wU9e-Af5DE+ zifG3KpV@Igdwn)r_g=K)$omC5zBK)CdHQ+;UQ`-2a8vrTl4#SSq#wBysv=4XRZ-^< zsAA(V36(IA5O{7b-sMH?JY>Q`kE_$)HiVqQ+*RA5eV4flUygmMLqn>=!=(Yal&R?p znK~Y+$u$N&n=9r@Pct=}w27=_RaW}S(aKm7LwPFh^T*x&=>pLo6nF$iVYr-245#I( zonAO1wAdGq80X=Lq|^habN9Urr$?ltBeI5;vV#s~2Oo4H23^QyMk&<$6GqSZp|LN> zt$DpI7+4~7sd%NSI=EQ5OphIXna*L%7|7{DoJxrj?{KpH>`}D379E8{LW&KMtN@Zm zhG?m4MASF+A=(O|5Kf9Wq`;E~$;3rdJSvWIek25e%;YW9Wp-r}R|4POgC+ z;?7B?DWR`sQ>;rm#k$;ouH*IFbKi@J+JL2@=V^=e5a)Aa^_-SJmx6sQmaZ6a-ZYzA z%eIrCvF5K>#v<&gb0kuyRRSzahZ`QiW%t|G?!xEMs?9M@7TM;>B-=AMSh(HqABV;S zp5o@ApwD+TJ)QiuN1l?5R%SQwX*X3y)Af<7;-nAL3b;pvFEd=?SF?mq_q{|B(jNBd zij3fSuIqg}skiKF$Z}^?#sefO4~wBiFV7@BP5QEob=H=};ZYk^0Eeaw^V;;|WC-xl zcaOE;0E53|$j=LQ{5(D6jSK5Y$EU5pejAdMqSv}c`EJSk2747k!_cU@iwD@^V}t$(*~ZPrE~~{)2VfuzK9XhIFqs>jJTyrYZ*$s+L-?Y7DVIR5R@ks8JuCNo=1P6Pr|g&QXCZcgRg5Zx~urD4i%PJ2_zN1X~w zJuDM*Cecux>Qbsxu^KsJ`H4m2YZy(XD||Lg!AJA}Rz=ycROXDn(~(`nEKDVtrtR9M zk@UWY>0wblupWsYHuT{Fmh?~fr&t6<7ShqYCvH0%F!rqo55ZE#bQR+|YEh z1w%O!!uPu}+t0~{idvOZF}-S|Z0@QJMh9{{R?lf&zG?%o(kD{Zw-WL3-9&F`Flm57 z&z_|Z$m1Jsn%jwa+oGi5C4cg1{)DL_YK|}279|r}=eCuL;RW)5P6~N)LcZ3$oLnS7 zrbW~ld6GI_ST$5prC$QCT>m#5_Whd{GF*9lt6!&x`Id=a{&fl|zfK|PhY+dosIPfQ z|C%S?oXmDRdX{n2==okprxtYj-d3Nzcbx2)zGggcbo5F06eFU(*gWZR@03cT$!zH~ zp;4ILVUyWAY%;zQXSvz#@33kAzVZIeSbP!duD+@ywfzBeO7^x+Ka`sEN~HEmK#tzw!Y!L1Fn(^a@m3Q;Jqz86azlk7$`EM?Ja9vpA+VjCLcwOs9DP9BuY^1RZ!X~ZV@9=ITSSG9t-3h91nUcrWlH6A$lH)U_+3>+F)g{ zG*}qS4Q2*Yg8>~IjEuetDzw^Sj<7>MxK0s?wCmbH35T5DCTZcXp`f`It?sZzK!&r9 zF`xlrK?Itb7H55suc6?S*Suqj6GRlkL2@EI@2rz8?>fs@0&GMWCJlrCLB7l|Y8WvL z8wSL+q3ViC?t&)PYbBT^8h2n|tz%p=+Od|cI5(Ub4hkZMW5bbQ+A#G3Y!|4~R=12| zOoIgOz%o0boyLkP=T=-Bt_+uki#LNi8c!;?lVDbkw+OY~dD=SN(m=3?mL}jY`sE}9 zL0mw|ECNCpIS0ZZZ6}-nyY7686A5Aj{wgXOv-rxKpn!=`;E6(a3I&HiMuc@FQDH{V zucFemToB%}0Imb3&M+l#B;GkLTFFszOhEohiCONMX5I#FI}~_m6}24&-@=}GLi9>9 zBdL+ZNNglBLK^|9^u$T2EqFN+$buwD+@S(x#Bm>1iWx;CT}6z-Mj<1$kr4i*k-|uR z1@=Ux^DXz1bBGQcj2}R`c0std>sA<8$H2Q5MsuT?(bQ;SG&UNQb0}?;GD;c+boiBM zTfrp9q0`{LkhZmDB2dl{1XnF+^a+f>1+~%2=(j+72(y;rE;!dp%CsjC5nARuPd$@1=@fD}Xw8XW>J7b}b)z#tF~f)Ils#-MLT8{(aG zHfjK@j%bjXB;Z4B7qoQBqD&j2*mt7uJ!lPemOut|k_Fp22M%VD@T!$o7WzOV#Z&w} zd4VFGX%vLV4m+=P&>E7N*Az0g?=(*;kKsPX`xx+J#E&6A#{3xczdcLALLmV>`3^!2 zZ*7ZI%LoA%a)GvB;54!n{{blylMav~_}667(cq}_9i$B&5Pa)s=OO3^>A*R)&nyC2 zBC-O1TXsQ@1X#3MK*6TLtu1w!D2QW%3)yOjLck9MOAOHxQ{V||F$|Rzj_05;wF7;q z2QX9}7)k>S^$h_07H5%4E8N0q0(^FwIp#QPk?lIke5+MC3;DgAhwH8bOKLrXn%1fo za=2y?o?73A7AoIz9-zZ$wx!?C*>H!nZ-uAAS}m=QZqnKg$EuJa>ELWYkMZIcznu<* zBF;f&BcL$>x#>;_4~E82fO6P|73Q(X1$t0yVyHbJ*JG$ZFpr-gVkkj!z7H+b7F|aI z)ajBSnsOP1O4S90;NS&GzKrB3< a - end - let function mapinv_func (self : t_mapinv 'i 'b 'f) : 'f = [@vc:do_not_keep_trace] [@vc:sp] - match self with - | C_MapInv _ a _ -> a - end - let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Snapshot.snap_ty (Seq.seq 'b) - = [@vc:do_not_keep_trace] [@vc:sp] - match self with - | C_MapInv _ _ a -> a - end -end module C03StdIterators_Counter_Closure0_Type use prelude.UInt32 use seq.Seq @@ -1497,7 +1477,7 @@ module C03StdIterators_Counter_Closure0 goto BB0 } BB0 { - [#"../03_std_iterators.rs" 50 16 50 24] _1 <- { _1 with current = (let C03StdIterators_Counter_Closure0.C03StdIterators_Counter_Closure0 x0 = * _1 in C03StdIterators_Counter_Closure0.C03StdIterators_Counter_Closure0 ({ (field_00 ( * _1)) with current = ([#"../03_std_iterators.rs" 50 16 50 24] * field_00 ( * _1) + ([#"../03_std_iterators.rs" 50 23 50 24] [#"../03_std_iterators.rs" 50 23 50 24] (1 : usize))) ; })) ; }; + [#"../03_std_iterators.rs" 50 16 50 24] _1 <- { _1 with current = (let C03StdIterators_Counter_Closure0.C03StdIterators_Counter_Closure0 x0 = * _1 in C03StdIterators_Counter_Closure0.C03StdIterators_Counter_Closure0 ({ (field_00 ( * _1)) with current = ([#"../03_std_iterators.rs" 50 16 50 24] * field_00 ( * _1) + (1 : usize)) ; })) ; }; assume { resolve0 _1 }; [#"../03_std_iterators.rs" 51 16 51 18] res1 <- ([#"../03_std_iterators.rs" 51 16 51 18] x); [#"../03_std_iterators.rs" 47 12 47 67] res <- ([#"../03_std_iterators.rs" 47 12 47 67] res1); @@ -1506,6 +1486,26 @@ module C03StdIterators_Counter_Closure0 } end +module CreusotContracts_Std1_Iter_MapInv_MapInv_Type + use seq.Seq + use prelude.Snapshot + type t_mapinv 'i 'b 'f = + | C_MapInv 'i 'f (Snapshot.snap_ty (Seq.seq 'b)) + + let function mapinv_iter (self : t_mapinv 'i 'b 'f) : 'i = [@vc:do_not_keep_trace] [@vc:sp] + match self with + | C_MapInv a _ _ -> a + end + let function mapinv_func (self : t_mapinv 'i 'b 'f) : 'f = [@vc:do_not_keep_trace] [@vc:sp] + match self with + | C_MapInv _ a _ -> a + end + let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Snapshot.snap_ty (Seq.seq 'b) + = [@vc:do_not_keep_trace] [@vc:sp] + match self with + | C_MapInv _ _ a -> a + end +end module C03StdIterators_Counter use prelude.UInt32 use seq.Seq @@ -1966,25 +1966,28 @@ module C03StdIterators_Counter var _4 : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Slice_Iter_Iter_Type.t_iter uint32) uint32 C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0; var _5 : Core_Slice_Iter_Iter_Type.t_iter uint32; var _7 : slice uint32; + var _9 : C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0; var _10 : borrowed usize; { goto BB0 } BB0 { - [#"../03_std_iterators.rs" 42 18 42 19] cnt <- ([#"../03_std_iterators.rs" 42 18 42 19] [#"../03_std_iterators.rs" 42 18 42 19] (0 : usize)); - [#"../03_std_iterators.rs" 44 22 45 15] _7 <- ([#"../03_std_iterators.rs" 44 22 45 15] deref0 ([#"../03_std_iterators.rs" 44 22 44 23] v)); + [#"../03_std_iterators.rs" 42 18 42 19] cnt <- ([#"../03_std_iterators.rs" 42 18 42 19] (0 : usize)); + [#"../03_std_iterators.rs" 44 22 45 15] _7 <- ([#"../03_std_iterators.rs" 44 22 45 15] deref0 v); goto BB1 } BB1 { - [#"../03_std_iterators.rs" 44 22 45 15] _5 <- ([#"../03_std_iterators.rs" 44 22 45 15] iter0 ([#"../03_std_iterators.rs" 44 22 44 23] _7)); + [#"../03_std_iterators.rs" 44 22 45 15] _5 <- ([#"../03_std_iterators.rs" 44 22 45 15] iter0 _7); goto BB2 } BB2 { [#"../03_std_iterators.rs" 48 12 48 91] _10 <- Borrow.borrow_mut cnt; [#"../03_std_iterators.rs" 48 12 48 91] cnt <- ^ _10; - [#"../03_std_iterators.rs" 44 22 53 9] _4 <- ([#"../03_std_iterators.rs" 44 22 53 9] map_inv0 _5 ([#"../03_std_iterators.rs" 48 12 48 91] C03StdIterators_Counter_Closure0.C03StdIterators_Counter_Closure0 _10)); - _5 <- any Core_Slice_Iter_Iter_Type.t_iter uint32; + [#"../03_std_iterators.rs" 48 12 48 91] _9 <- ([#"../03_std_iterators.rs" 48 12 48 91] C03StdIterators_Counter_Closure0.C03StdIterators_Counter_Closure0 _10); _10 <- any borrowed usize; + [#"../03_std_iterators.rs" 44 22 53 9] _4 <- ([#"../03_std_iterators.rs" 44 22 53 9] map_inv0 _5 _9); + _5 <- any Core_Slice_Iter_Iter_Type.t_iter uint32; + _9 <- any C03StdIterators_Counter_Closure0.c03stditerators_counter_closure0; goto BB3 } BB3 { @@ -2167,6 +2170,7 @@ module C03StdIterators_SumRange var n : isize = n; var i : isize; var iter : Core_Ops_Range_Range_Type.t_range isize; + var _7 : Core_Ops_Range_Range_Type.t_range isize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range isize); var produced : Snapshot.snap_ty (Seq.seq isize); var _17 : Core_Option_Option_Type.t_option isize; @@ -2178,8 +2182,10 @@ module C03StdIterators_SumRange goto BB0 } BB0 { - [#"../03_std_iterators.rs" 64 16 64 17] i <- ([#"../03_std_iterators.rs" 64 16 64 17] [#"../03_std_iterators.rs" 64 16 64 17] (0 : isize)); - [#"../03_std_iterators.rs" 65 4 65 48] iter <- ([#"../03_std_iterators.rs" 65 4 65 48] into_iter0 ([#"../03_std_iterators.rs" 66 13 66 17] Core_Ops_Range_Range_Type.C_Range ([#"../03_std_iterators.rs" 66 13 66 14] [#"../03_std_iterators.rs" 66 13 66 14] (0 : isize)) ([#"../03_std_iterators.rs" 66 16 66 17] n))); + [#"../03_std_iterators.rs" 64 16 64 17] i <- ([#"../03_std_iterators.rs" 64 16 64 17] (0 : isize)); + [#"../03_std_iterators.rs" 66 13 66 17] _7 <- ([#"../03_std_iterators.rs" 66 13 66 17] Core_Ops_Range_Range_Type.C_Range (0 : isize) n); + [#"../03_std_iterators.rs" 65 4 65 48] iter <- ([#"../03_std_iterators.rs" 65 4 65 48] into_iter0 _7); + _7 <- any Core_Ops_Range_Range_Type.t_range isize; goto BB1 } BB1 { @@ -2233,8 +2239,8 @@ module C03StdIterators_SumRange } BB11 { [#"../03_std_iterators.rs" 65 4 65 48] produced <- ([#"../03_std_iterators.rs" 65 4 65 48] _22); - [#"../03_std_iterators.rs" 65 4 65 48] _22 <- any Snapshot.snap_ty (Seq.seq isize); - [#"../03_std_iterators.rs" 67 8 67 14] i <- ([#"../03_std_iterators.rs" 67 8 67 14] i + ([#"../03_std_iterators.rs" 67 13 67 14] [#"../03_std_iterators.rs" 67 13 67 14] (1 : isize))); + _22 <- any Snapshot.snap_ty (Seq.seq isize); + [#"../03_std_iterators.rs" 67 8 67 14] i <- ([#"../03_std_iterators.rs" 67 8 67 14] i + (1 : isize)); goto BB4 } @@ -2508,6 +2514,7 @@ module C03StdIterators_EnumerateRange var _0 : (); var iter : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize); var _2 : Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize); + var _3 : Core_Ops_Range_Range_Type.t_range usize; var iter_old : Snapshot.snap_ty (Core_Iter_Adapters_Enumerate_Enumerate_Type.t_enumerate (Core_Ops_Range_Range_Type.t_range usize)); var produced : Snapshot.snap_ty (Seq.seq (usize, usize)); var _12 : Core_Option_Option_Type.t_option (usize, usize); @@ -2522,7 +2529,9 @@ module C03StdIterators_EnumerateRange goto BB0 } BB0 { - [#"../03_std_iterators.rs" 74 19 74 38] _2 <- ([#"../03_std_iterators.rs" 74 19 74 38] enumerate0 ([#"../03_std_iterators.rs" 74 19 74 26] Core_Ops_Range_Range_Type.C_Range ([#"../03_std_iterators.rs" 74 20 74 21] [#"../03_std_iterators.rs" 74 20 74 21] (0 : usize)) ([#"../03_std_iterators.rs" 74 23 74 25] [#"../03_std_iterators.rs" 74 23 74 25] (10 : usize)))); + [#"../03_std_iterators.rs" 74 19 74 26] _3 <- ([#"../03_std_iterators.rs" 74 19 74 26] Core_Ops_Range_Range_Type.C_Range (0 : usize) (10 : usize)); + [#"../03_std_iterators.rs" 74 19 74 38] _2 <- ([#"../03_std_iterators.rs" 74 19 74 38] enumerate0 _3); + _3 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB1 } BB1 { @@ -2588,11 +2597,11 @@ module C03StdIterators_EnumerateRange } BB12 { [#"../03_std_iterators.rs" 73 4 73 96] produced <- ([#"../03_std_iterators.rs" 73 4 73 96] _17); - [#"../03_std_iterators.rs" 73 4 73 96] _17 <- any Snapshot.snap_ty (Seq.seq (usize, usize)); + _17 <- any Snapshot.snap_ty (Seq.seq (usize, usize)); [#"../03_std_iterators.rs" 74 9 74 11] ix <- ([#"../03_std_iterators.rs" 74 9 74 11] let (a, _) = __creusot_proc_iter_elem in a); [#"../03_std_iterators.rs" 74 13 74 14] x <- ([#"../03_std_iterators.rs" 74 13 74 14] let (_, a) = __creusot_proc_iter_elem in a); assume { resolve1 __creusot_proc_iter_elem }; - [#"../03_std_iterators.rs" 75 16 75 23] _21 <- ([#"../03_std_iterators.rs" 75 16 75 23] (([#"../03_std_iterators.rs" 75 17 75 19] ix), ([#"../03_std_iterators.rs" 75 21 75 22] x))); + [#"../03_std_iterators.rs" 75 16 75 23] _21 <- ([#"../03_std_iterators.rs" 75 16 75 23] (ix, x)); assume { resolve1 _21 }; goto BB5 } @@ -2992,7 +3001,11 @@ module C03StdIterators_MyReverse var old_v : Snapshot.snap_ty (borrowed (slice t)); var iter : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize); var _8 : Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize); + var _9 : Core_Ops_Range_Range_Type.t_range usize; + var _10 : usize; var _12 : bool; + var _13 : Core_Ops_Range_Range_Type.t_range usize; + var _14 : usize; var _16 : bool; var iter_old : Snapshot.snap_ty (Core_Iter_Adapters_Zip_Zip_Type.t_zip (Core_Ops_Range_Range_Type.t_range usize) (Core_Ops_Range_Range_Type.t_range usize)); var produced : Snapshot.snap_ty (Seq.seq (usize, usize)); @@ -3005,11 +3018,13 @@ module C03StdIterators_MyReverse var j : usize; var _37 : (); var _38 : borrowed (slice t); + var _40 : usize; + var _41 : usize; { goto BB0 } BB0 { - [#"../03_std_iterators.rs" 95 12 95 23] n <- ([#"../03_std_iterators.rs" 95 12 95 23] len0 ([#"../03_std_iterators.rs" 95 12 95 17] * slice)); + [#"../03_std_iterators.rs" 95 12 95 23] n <- ([#"../03_std_iterators.rs" 95 12 95 23] len0 ( * slice)); goto BB1 } BB1 { @@ -3019,17 +3034,25 @@ module C03StdIterators_MyReverse BB2 { assert { [@expl:type invariant] inv0 old_v }; assume { resolve0 old_v }; - [#"../03_std_iterators.rs" 101 22 101 27] _12 <- ([#"../03_std_iterators.rs" 101 22 101 27] ([#"../03_std_iterators.rs" 101 26 101 27] [#"../03_std_iterators.rs" 101 26 101 27] (2 : usize)) = ([#"../03_std_iterators.rs" 101 22 101 27] [#"../03_std_iterators.rs" 101 22 101 27] (0 : usize))); + [#"../03_std_iterators.rs" 101 22 101 27] _12 <- ([#"../03_std_iterators.rs" 101 22 101 27] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../03_std_iterators.rs" 101 22 101 27] not _12 }; goto BB3 } BB3 { - [#"../03_std_iterators.rs" 101 36 101 41] _16 <- ([#"../03_std_iterators.rs" 101 36 101 41] ([#"../03_std_iterators.rs" 101 40 101 41] [#"../03_std_iterators.rs" 101 40 101 41] (2 : usize)) = ([#"../03_std_iterators.rs" 101 36 101 41] [#"../03_std_iterators.rs" 101 36 101 41] (0 : usize))); + [#"../03_std_iterators.rs" 101 22 101 27] _10 <- ([#"../03_std_iterators.rs" 101 22 101 27] n / (2 : usize)); + [#"../03_std_iterators.rs" 101 18 101 28] _9 <- ([#"../03_std_iterators.rs" 101 18 101 28] Core_Ops_Range_Range_Type.C_Range (0 : usize) _10); + _10 <- any usize; + [#"../03_std_iterators.rs" 101 36 101 41] _16 <- ([#"../03_std_iterators.rs" 101 36 101 41] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../03_std_iterators.rs" 101 36 101 41] not _16 }; goto BB4 } BB4 { - [#"../03_std_iterators.rs" 101 18 101 42] _8 <- ([#"../03_std_iterators.rs" 101 18 101 42] zip0 ([#"../03_std_iterators.rs" 101 18 101 28] Core_Ops_Range_Range_Type.C_Range ([#"../03_std_iterators.rs" 101 19 101 20] [#"../03_std_iterators.rs" 101 19 101 20] (0 : usize)) ([#"../03_std_iterators.rs" 101 22 101 27] ([#"../03_std_iterators.rs" 101 22 101 23] n) / ([#"../03_std_iterators.rs" 101 26 101 27] [#"../03_std_iterators.rs" 101 26 101 27] (2 : usize)))) ([#"../03_std_iterators.rs" 101 33 101 41] Core_Ops_Range_Range_Type.C_Range ([#"../03_std_iterators.rs" 101 33 101 34] [#"../03_std_iterators.rs" 101 33 101 34] (0 : usize)) ([#"../03_std_iterators.rs" 101 36 101 41] ([#"../03_std_iterators.rs" 101 36 101 37] n) / ([#"../03_std_iterators.rs" 101 40 101 41] [#"../03_std_iterators.rs" 101 40 101 41] (2 : usize))))); + [#"../03_std_iterators.rs" 101 36 101 41] _14 <- ([#"../03_std_iterators.rs" 101 36 101 41] n / (2 : usize)); + [#"../03_std_iterators.rs" 101 33 101 41] _13 <- ([#"../03_std_iterators.rs" 101 33 101 41] Core_Ops_Range_Range_Type.C_Range (0 : usize) _14); + _14 <- any usize; + [#"../03_std_iterators.rs" 101 18 101 42] _8 <- ([#"../03_std_iterators.rs" 101 18 101 42] zip0 _9 _13); + _9 <- any Core_Ops_Range_Range_Type.t_range usize; + _13 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB5 } BB5 { @@ -3095,15 +3118,19 @@ module C03StdIterators_MyReverse } BB16 { [#"../03_std_iterators.rs" 97 4 97 36] produced <- ([#"../03_std_iterators.rs" 97 4 97 36] _33); - [#"../03_std_iterators.rs" 97 4 97 36] _33 <- any Snapshot.snap_ty (Seq.seq (usize, usize)); + _33 <- any Snapshot.snap_ty (Seq.seq (usize, usize)); [#"../03_std_iterators.rs" 101 9 101 10] i <- ([#"../03_std_iterators.rs" 101 9 101 10] let (a, _) = __creusot_proc_iter_elem in a); [#"../03_std_iterators.rs" 101 12 101 13] j <- ([#"../03_std_iterators.rs" 101 12 101 13] let (_, a) = __creusot_proc_iter_elem in a); assume { resolve2 __creusot_proc_iter_elem }; [#"../03_std_iterators.rs" 102 8 102 13] _38 <- Borrow.borrow_mut ( * slice); [#"../03_std_iterators.rs" 102 8 102 13] slice <- { slice with current = ( ^ _38) ; }; assume { inv2 ( ^ _38) }; - [#"../03_std_iterators.rs" 102 8 102 32] _37 <- ([#"../03_std_iterators.rs" 102 8 102 32] swap0 _38 ([#"../03_std_iterators.rs" 102 19 102 20] i) ([#"../03_std_iterators.rs" 102 22 102 31] ([#"../03_std_iterators.rs" 102 22 102 27] ([#"../03_std_iterators.rs" 102 22 102 23] n) - ([#"../03_std_iterators.rs" 102 26 102 27] j)) - ([#"../03_std_iterators.rs" 102 30 102 31] [#"../03_std_iterators.rs" 102 30 102 31] (1 : usize)))); + [#"../03_std_iterators.rs" 102 22 102 27] _41 <- ([#"../03_std_iterators.rs" 102 22 102 27] n - j); + [#"../03_std_iterators.rs" 102 22 102 31] _40 <- ([#"../03_std_iterators.rs" 102 22 102 31] _41 - (1 : usize)); + _41 <- any usize; + [#"../03_std_iterators.rs" 102 8 102 32] _37 <- ([#"../03_std_iterators.rs" 102 8 102 32] swap0 _38 i _40); _38 <- any borrowed (slice t); + _40 <- any usize; goto BB17 } BB17 { diff --git a/creusot/tests/should_succeed/iterators/03_std_iterators/why3session.xml b/creusot/tests/should_succeed/iterators/03_std_iterators/why3session.xml index fac3b7cce0..d5bf13f43f 100644 --- a/creusot/tests/should_succeed/iterators/03_std_iterators/why3session.xml +++ b/creusot/tests/should_succeed/iterators/03_std_iterators/why3session.xml @@ -43,43 +43,43 @@ - + - + - + - + - + - + - + - + - + - + - + @@ -95,100 +95,100 @@ - + - - + + - - + + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/iterators/03_std_iterators/why3shapes.gz b/creusot/tests/should_succeed/iterators/03_std_iterators/why3shapes.gz index cd34f025c6b955a24c07fc02c4a488c824dd075b..5f8ccc8da40e2d0a9239ce394fa3ddc309beee1d 100644 GIT binary patch literal 6586 zcmV;r8AawFiwFP!00000|Lt2@ZyZOGe&?^?+wRIRkoU2$1|S3zMZh}`JA;07BP*-Q z!x@Q`NlLco*Y6j3RAp6nle8?$npqiYGdqvS$f&6J;>iBb7w7kX3vb8!^Y`Q3{q^n5 zf1jK47yotk@ME~Xd2e^@vNX+(*QVZy+EhDPn{uZv&%!q^!|UTS%jPeDJ6xq&RCf4+NF!6=I;Op((?eH#+_iX3F zS6}V?j`JNCS6N=1mxjM;CURCMHH&E_ThZe(jBnmP{DMZ6wb*f0+n}Ip8!4qk?Lpk~y6B$_gO)qWQ`@+AL#fBWucxIY}7xz;;r zuZm{ci`tln1z5PsQX@u7BQb&@ewkW4+>Af%6iaO3?@sBklP-KsjeOXh^rSM&cf~Fi z-Nz_~E-&hG6H<>!OUyE<=$0~R>P!j8o2Sez_Z_Jf$WW_@)g}g|0}VRtvb~G^yKsMf z^TX@$;r6B#!11S=bOEp3?VE8ATKW=?`7ikLQyMEvF;S+8kg>X~MAXHr5O3eS#ZKdZ zwW4asq69Cfci~3a@O_>~TkJA1kd>joy}P^pX&nCJ%|G&#>G~$T-U$!e!0{)~gX*LQ zl{zJ-_j?c9Av{Uo1@*j`=Q7YKZQ*yqrF9r~J7H40XtB_1Ef)3>EfyB5ix!Lg><1$My#vr`LL=mjjy0v7i4_68>OF|eRrcK#SxkTqVT1@+L2jQ(T9%R3DlegrUl0W!Zf@SI+4PDUNJyh4Vm zjTJs{S!cED(_*VNzeWvv0yPB7mLk7B3u^GzzL;tnOtmlO5H&XM zo03Of6g3ZGhl(0JnP?5*I6w`x!3FauYM3=@xQZICqK0cxLsry~6*baJ2iBCxs39_H z@PZn=n0-PGv)J}E1SsC3hMJ)uEw>pwl5e8y8fXYL>oWpWT;id>N0A0 zLJilVhTouud*Z1kU2rpMml;@g=P8%6cm)>C@d^1T3C1)zCT8i zuStHN`VvY0D9LQ(5H+nvud;Z3d*roPz{RSApytHP7l$*m3Lf@vLl;6e0G3G+NAeQ5 zsSUM4FV|7x+p+(DGfcf*|EFl;Mn)6P%$Z!I@s*tg5kI z!I^G?AT2S+7ohhDc%gUMTN8Mtc^SNN$V)!M8oV&2fS1cS<@YM=CkiZQ_1kdjFGGjQ&UGW!AlMvN{72@NF3&p_+c)Ix4EQB zwh7vJ6SXCyOK0H}N*o-9ddq2Y(y2AjHd%c~CRp$?r!-75nI-6`M|8DkZTx*D(2^#) zd>uatQ4S?U-KWeRgtt`2Cb&&E1fX4M; zLgKcogmEG{9}6fnHb(m5xfM&!TT9MrLW|XeR_=M3b3vDNsoQwe=BP()T7yW(lV%NYD`}=a7aoC$#-UsO*j~Co9nR}dCG+?x&z!Sk>AVD!t2irn z9fVoUicOs5H^apMZ-G`M43s&nsi{0u5pR>_GZl~Z2EtSHlh(DQb6m9E&sJc!l@Q@r ziiW=jW|qMC1)3#UyX5~&1=R6=yn7!Wu5V#`6ZHPL>fC31q=5vrFK6T}Dc6F(s)9Ym zM+ng#05Sg)-d^3j-{HTKy$E;L;pTyo8MUU^qzZ&x1AKCjgeTK4McGX9y6dW_CRv@; zu1|~CWi?q{A=x+xvT+b(;~>b!L6B?aq$`CP#cOeCt};<)?O~PgidfRMJW{GJ6KF{% zx@*2w<-6o0DLI+mj(GDB*;xke_h)!;@%Co8rU!Sned|QnZ;Py0l8%azgXt>lb?JW* z_ITy6RoM~IG4;^5z0a+b7q}Lw0bU#4iOlSOgfUHO`Fz@x(7| zW-?bNIL+zi8vWH+0wE*Bem7p7bRI{Buh_cp$Z7`lL zRZtqYl)h4!Z3C6YzFvyF$&>n~{VrB_SvYw-7j?M{smG-yZkbfP_;H_R?YrPfzV%Q^iq!3Z@Bqk%mujA$0IfVw44NrH|LMu zz1iQ<{5d{iO78I9?VUg~LX&&)GZuvf5H<`kbYa|Nhgcp)!3-7}Hpo{6Ml z9uT(rQk4j6_GO3ic}bq_Om}we+&ye313#L%q?MbJiuNy-AQCwf(ZS{hCrIahm{`>3_OaS)G`K{jaE~cY+xU&mH6Z6f-n_tO7|F zXXXlIHPd6Y7b{~8tHYWkC~uOWVo8F^C3!h#eC)>F8d7OnE_P(&w=Tiy`C>`UxtYWA zTib()DOcL0?RYhZ^@cd-Ouk7w ze@#EfIPZTsPi5^t*X4`rk2!5^;wFkS{2hN7@6K=Ek9QMJbhfJ4q}<(+RXKS#J4tgw zkDHThn#|^wygEgmid+qSb++-y>}oe);>>AEva-W3x{X-K%2UR(--gd10>DuvM zPSGBRNkb)P66vQRDJewR_mj3}XY2vtdPQ+(RBc&No}-~W;nI7Gw|16MCugObv|?xZ z_TsBuoAsS#o1*N&Xd=aS#vk0F_3OzHXgjJ;likj|DsWX8$3tFcq#?L+vsdSzk>pzf z#_o(M31wr_4V|SpQ874OugGL|zT<(GqSSC|(QSs@%0GfNS=Ou9LLECXquduW>yG0FgxfF z&$;Zl=s52<>wM=r+nG*xs*@dhJ9ZZPAqG24Vic1Q(hNO|W(>XKZ0gk*&L!)F?}Y1w z?S$!s?u66_j;k{}ve8A$yc3`#`rdFWdM)}8;xMVx_*DKGX3uAB34ePY;wCl9( zG)|{GtvW3`EjrCR%{t{fg}rR2Os8;o)hP+Wy|bDt2rxQ3fOs6Da<11hsDT@y&W-2{ zKNC|Nob*wt7_=RFJP%_dGe!!_M0DqzBmfaO{Ii`ioztCDos*pto#UNjo%NlC>}_XF zXLV;)XJuzaXL)B?XMAT|XYgoDXLM&&XXKfTZk&P|dGCUbL-5)LJBeUN&E??bx#yi{ zo%0`gUn3;5(}>5#!(ayO5oJ#jU?!rEc#LUZnf{57zdJ-6`=FiH!uNrB!{sEsauBxZ zm1VR$XY_$O`_8-0+s>QL>&~m+i>W~ks#nIdA;Y%2~6kaqYJ_S2G z^k&3Uaza8CxCoP;jElmL%(+Pv8L3anQiM=A#(; zNCweFVY$%5Bu(Mb{Ly^!5PK&lPC#O{wOpA#IL93tOt7Ele7Vu=t}? z%!m;Jl|$rqh{HJt^mAZ8WQ-4Z735TaS2zG%uruMg>!XvsW!Cdi09O^)N>7859CqoP z1Lrw_o&)JQpq>NkVMOr(F~B_s-oujNgL&{axNv7cR^z52j+#XkoZ`KLOA!X8rcv_A zp9{dc0IqXQ9}v~#e}E{^p9B6m@Snp0;P3!A=5m?~CjgHEA97SM4~_tbH^LP^W4+ar zbl`1p!b=%!504jiKjIZN{gB>B_!=C}#>d)o1d_vG!mWvxyc;O?7#ZZx)f8Y6&N&_t zH&_5)1aIO;-5g#H5N*PLEHJ?hAXgb63q3N}fPl?G1p2}aId>oemHEAxnR=+7mA3a9 z*zV%MC-{(~9VanK8+m31D*UM!Qc{j#GQwCk2sMO&ry|Xyp$F@Tp-uwj(zNBajd>PhzoSY!~=lOxAmO(OOq9P-#J zolKG?fl>fw|4?4x4^L8!E~vgd_xc?Esu!#^dJC4 zQM#e$E@XZ`FP<6VbS9mjLWEB-NZ|))aAdGbhzbXrdB!?81sq-hcjB|)8}>;IGFqqL z8W>mxgv%j%VU1KiSeN-$pC#|Thr=ehiB2hH92^>_#wogph-XrEI_HSOIovTA5`0`~ zo6qhbLNl$|WLPf|Il^fklz`^IwNX+HuFnTaPvY}GjPYi&cpNwqoL4pUg9KI&*1&}b zz{PSH@h@|rIEB%Vy@t~%b>MPs9~!6gV=s@r5W~Vj{p`P|CkU9-02%Zls_3IYFe)Y}Fz*Mby>{{(!6FWi z!}9+h0#Vk%5l85PP)2H|qL{`Zj8GUJA&?vk3P~RvkSZorGNGCY6-}sWLS+-Go20@C z=27WHU>?Ujj(ObvTMIB6#^7!kHB9jSjI`PY8MT;L56`d)LWt7wX&S8` z0wkcO(XimP@xWIznt>MwG9Ea|5F2!qx`6YUrS97ZR5m^19tJ9uDOj`oWz zpOZ?_4pF`vM?W|N`0RT2aJw$g*@_|9XcT;cH2e-Y+WsG|oz*>T`f^q%R-4RHdDbLLeHqu@oD;)_6^>lngpIw&Oqxqg@; zv%FVu6Lk;$3@WH1Q29luze1?ohG1Qoj8w|vU?Ut!8<=xFB+R%gLRDV``$e#yhhWWM z`Cv^Hnpt?Ej_F`}H}NPX7iQ{RoRD03)R5;{X5v literal 6551 zcmV;I8EEDoiwFP!00000|Lt5`ZyYzWexF~Vw>?LJ0T%B(uoe)62rVFIAI>iN(F1lj z+tEhWIFfwH{`ynJOEE}Z<=>B;?%{%yEFc^~fXuXnfq zbD~d9|9kWBv%kK5Z(4Sli@JqUR4p$>*@{vWt-Rd$muLPa+`fMJ(IeTLo85=)o81s@ zM63M6ZhL+E;NSR|S5@KowX1CDtCIe2z=%S!*sMYiijT`ND7H>+Ricc-Mz})>{AFcdcsy zTHse{zW{Qv-@524==6%quVABJ>+O+Qi3+JWaFSh^K-G+GvDa#Dkx3}T0mHd3>J=bwD zHR25CX$3UZ84hoyKn~9QJEW%N-y%)nzpJ0Q>LKp`w%fhC9q#vAC$3d1%vF|5b6yHl zGe;J#(ykGsxeyt_Cb*0x@VDVZD_LXqH5cH+7jx_6HIxBtxaVttK)kEYhIG&ePi-e(?9#x36!)!|t}; zfWvP!$^ss{-J7sQTIv#C^FQ(7Lu|`Kv7?9`agXI?AtKK&e7}417H0|rj^#x{W+6DG z+L;?^{HxTDrf3r}BrANkySv+c2*cmr{FJ(k*SG$rU{{^q(5+v|sLm(_!t)wv~g zeq3AgrM9L4dtI&)LQGg-W-QRHoWVlPV4-KQFvq9Ys6rnD3u?y~ZV&N=ZC7cj_83^W zgOkeE9Rdr|#!IxI8al{We~5TK)2PD_0EWvz=9UT`=x75eb=2hrGGr+%@Bu{WRgaH@ z#geElsG%#=FcoUp3N_pkHOvvz;4Ep1bb4mgfLg!kq8fD3FM1y}R_9HM0|!M;jW|O= z4TvgQA#m)WhFsx-eiSwI5;bf=4O>vd)~F#0YKVdw@z5b_k|)&Q2{j<224uBQsG(=w zzJve?HEPHS3gU2+z$4lw(ky|7P{S-x17_5aY{rj>8c2ppd0TBl4M(V9Yt(Qn)UZ#y z)hG*gLJeJ^hOSXVW>Z6`%Ncr>s38ubhNw})5+sNjHB{2@a*Y}yqXz2!2oNlz3j)WC z8oZ!}U>P+y{mFfS=;SiX_z^(`RsRAt^h({^N2HiA#}svMYSiGcBBLH7gVwhwWJHY` zs-T7{s1b1;q3tkgRG5O4Ce(Nz`h*$B)H8119y+MKF6B7Q%3sdPU(G5>&l>3wNRUrJ zf~+Ay?X_jKyM}}}?;ak51d$-&w1C3geFX{~37|_sE>KLBUi)ab zBx(z?*&4MLC{1P`+3h`BnCVM)@ytxhR8`7!CCic4Q392Y#N+r->php1TE*k5noHIy z-m1)_S|Ot1nKebMt<`}LQ@7|xL=-2VWKstz9&fc!k3Gw}QHiJqRrI{@i*P5Fa9nbN zRC0n;c7hc0fp8|t2~snBMJH%}RtqOcI&4aCM#BltuqMKpn&GU7v0A{Hs+=G>IYBZx zK}beUPEdp);w(B+H6pH@AgK#>j0n?lcd#mh7g`e&cv0J=C9`vwz0?%u5KHhv=sf^l zSUbZagv*v&*5puYa#jLbtOT@D%~^^CU6!GCWl`&c7PYPwA}vqo*`l_W#r4U7&Dfq} zLsY!14f&{4)D*qJQCUNhIZvB}G9tv}QnIpdkZtkeM({eQld2#NXJm-)4X0W%$%_eG z3>~bR;vPR;zui9gp8{G3?@(XdKhWA~HAE#Il}b6CUXX!x!NflwhAW%^>+kNj7w9t5 zOT4(*-M_oTw?LyOOe(f`zb3?=O{f|qo-qjd@1yIB+^2XJML6i2A~}_`MA0w{TzQIm z-5FI{LLf=@w9F6WO0{h5aO-xN2h&B~Jkrn++`qi-F zd{l4GJd?^&awcKzpBP+pl$v9AWD-whF$ds)&+Zn2!JHvrv%}>IMjf(e_h5_E^In&$ z6hAa`DA67#snEB2%yFZ3lr48?E|sAU*Xxc2^Wd0e4(w1kFT&))&q`H$ZdNs7pyd$*MRIFOC{Gu}TSfVF!DF?8@aX--aW(1W7cJ*A1=vj?L^u|`;a7;6*)cxF zVh+~M@jqPvHQa~0_x|B}hq^aH@6U_MZNf)th){brA#V=3X8e@}?8!eu7wrKd=70U$ ztK0W2{>#w|e|PO~A1Ihna*9=`fSV=2M+1pFQvHJG$pn;H7fCh2O0Rl+9K1}ciDC+g z%0Lj6fgmaaK~x5USTZMUPRvLs$)zdFM3tq66}}5%30w0>p}s_*CLQT6`Id$69FwHr zWIP@H?L*Ht3Ao>H@Wu7J+u@pC+-801xZkdmtT-et6r$l+9ZM)Z!U zW|N`;*E|-G!-``XJXsw+#7;GLPb=^^=fB>eZG-YQN3(td843wZbgqu@n!?P*>nlD4 zx{A2ncj5XLr}a12{|T8WTOA>y^&FP+-fdMZJdKaj7&V=%=T24c-I?FY-$WpCu$3D> z-tFGRkm2_24s9(8#DAQfH>aI#Q3r@9`z&b8)smY`_16_fg=FOgDFH)!{fAi_wq0DJdGVs*&ghKd;}_ zvGva}mV?AUeNbg%DpNhAP>M1X?8&Bq(&u|Zp;GmXSV~b?I?1AR^nd)%?lO>zjp0JcvdB@7tUV>+g=cOAsk+3OSl%LCG z1zB9ndV^IOSdpWU&FV5v0?QI&sFI#3=Sju^#IzVnN2 zz*>i`(2<$KRypI(vH>+a)74}OU8ia~v*%YW8*BGFUZbGEZBBMY$J%&GhP{~6y3uxe zSwHi|?G+#!=e!KJKGxVc#Lk_vT^z#(^H^TpUV*8^((M(9rMxRHG01wB?`}+;mw{Wd z@96qQiPds5$7*@4iE_RxXQz|>sh439E)Ru8u(nEjQUEpfOJR|C!{fTTg`rkKTVA|m z4&=)4bV7NIJf)Z|-OVVsR3L?HvF3E@N(Z}?Dal^)jg;%a@LLRYB0oC0V#zE4{^6dW*00 z7O(Xdto0V`=`C34Ek5flL3(S_tL$=9B6X0iNRT`Olsg`<49xC3rL6K!)z$o}QjI7z z%R4B0PANO&l(IdiltrgB`h(x!zI#J>hXk}!t8fgNoGHU`DDA-Y)NM*TL=SVaQ;JhzV@fOmF@)o&#>xFiiE$*ePvT&&XS9`E{o^F#=N?z1TUX*JN zqFi$**B4WOItQ><(eQ(6U({+}QJh4~YF|uhU&uKcp02X25kM3K5D@{=^~4#IW8H)R zA|rqh@v`FOOgteukHvfuC0|2{cT@89#S1dh56eHNjOzuN)raLjwl7k))9WkmUq2@Q z@d{Q@XLJ=}`2=LRq8MVO7Kvs)#3_Bc5W8 zR8HX?v(mSkMB3zA97*{t^KELnMN$H6dOz1z*I>sO7_DM-P}E_$4h~So;CO{QRV)mu zdoxg7oOwFw22+8RtQ(Z98$~^Bsro!=H>lEXP=)hYOuIdD*Yv5M2JraXfPAgV?Y9DVop+@bIggJrv$Vf#K>Dl;jTYBvwRybUK4Tvf4%)a=iCPKnX@ z6{9S`ul=RJxexwdcke=O_(y7qRh!}Z{Wbme;-vfKB;~NFQ6C+q)3AS(NoL;wDb?wU z+n#UmJG>5eC%gCIZp3wO7D*hxJ2Yn11rGLEnqITn<#$tbYN~<#s*+^&%x~>p--X#% zx5hCYjVbX;yJBUp3Q16%Pq*6Qpj1o@Z1Kg#cU>y8h!0h;>t?rmJHPZ3iVkendU7U~ z9w#z|ZjrDf*Nn2Lg`eMDzfW3@9qh6WnRi@iyg9j565{ro3<^0YmBa^fC- z>m*OEVs2he`@AiOXY4tA!luKM{C>)g9G>~uzQeEG_#+E^awW&NK3YVDc=fPJ*O*Gn zRLm#y)NciQ_Su^H=eq@zjYyAJ&t27uU8y1&VWk$oU}?+6PKn!Xx`_u;Yi-p-+Km2=bCG*ESAECM9Nww8g;!u~D(>?bi#!TdV>a`P(b&IeP zOW|YxBbf#JKtj89uF0I?uG8X~6Mk7;yX(3^@Lz*~34x0+6j&%LApr7kLxCzly-RsPncK0VD5Bl6;qeM9EdVdDl{ z7Qerc<%)Cu%^nqswf2l9wR)BRzLb^dj)bxpu5yWr;4t>QSbbv-`-%qfV1w5^i)`h*tr8>3j_=_18hx~-5(Ed3D31d6M1!>r+w|SgdozqY@R4(&hmQ3+_|5_wI~n|mU=4Q- zw+%N9*9}(#sn5@ZrrZiH$CvL+hA8v&U^WX@`@H5u0(c3V38KARX^@DdPW@hBx1O;Mn;>1DY zSYzF1o>z0h%oy->fgkjs9J<(}Ks@8U>+vfBxBd&kXbigj041eJA@KMcOLd zYiX3^G&?X9W!E^{IMX=YIMq1$r5G~SN#&Uez@_7=8_-I|L!zv)qj2Mp7(z*9@Wpwt z{b;}kkH?gAX}EU+@KANWXABRSNW6&Ojh|r{1u7ry2Qz{jQE%YuW5Nx#w}J_l_>sRW zPq-~gq2y@6JxXkcY-lDW>c-IoGy24n`rY~JgEP9*8oIvMn*KLE%v**!)(B*6$b6w9 zVW>!%{^I;F8wP{Q6m{#syy)eC@`U>noER9sN7QP#L4+O=K9D&C5Mb_iW02#~@4A8Y zAOzjA?qEQbiyS*?2klj6P<>S<9phqjqLZDp+zr8vTnmk=T5!iL8#9yot25g3K4?HT znf8A4;0EZy1~;(Lj;P2^0I?kq+)>Tphl~bf6agLx;lXWq2PhT8fQX0a$PgX}ZjEz; z=-i-L*Oo;H-fMkM%l3r-2l^@#P1)AXYSF0bRu{!z3F>5DBB?~!lLcLc#p;| znp%KX7NETaXmF*n_`@u~Dm2!W*35fECN!f^fuX1D1KMMD0GAhF|Imv-_t{E`=g%5% z9jJapZ1rgH8T3UE$?_uHAATVN@4~1N;WP@l97jLkIqhwa;4*O4nY0kc{uGPBQ!py8 zP}LX#gRuiQ8od^)gT!SBn->FrngxMZC{m%bih?$SL%zmAftNy9Z9+cm=w$tw78SG< zrbi_f#&KZEncj8`V4&b23S%Ix%bCKD#E-xa#}Cy}fEMR)IESNk;~eN|0=k;u#29YrR)5IowusQviBZ0DoX#L}@^(JVF*#OIa zBd0VArFgz=-ctV<>$nEbhdwy;BYHfEqYy#$ec(34a4i?KfBf729l|Tl#}NlGuapvl z9hAg#E2RjCxYD?^fAZTNKC*{G$liFRgSAHc(V(5?x)HUY>y!)Jq&-yM_VFoM>73yn4H}PsIHIyq=*$DKw2_j1+sx;9;=&_RBe2*J{UJ4UW;ERNeCWIw z?U;`?-8K2Pq2D(2tALN|3=4q|&~+UyY8-;<^w14VtG@FxZz%t^sh<)_WY!7Gdi)j~ z?Q&2~A|E4+A_#7Wys7fr#(rv`yw^rrGltPHrPav120>Xf6kMbu^2Um98~ceH`~Nh2 Jj|5w8005V0rnmqA diff --git a/creusot/tests/should_succeed/iterators/04_skip.mlcfg b/creusot/tests/should_succeed/iterators/04_skip.mlcfg index c8924be797..4bb5388414 100644 --- a/creusot/tests/should_succeed/iterators/04_skip.mlcfg +++ b/creusot/tests/should_succeed/iterators/04_skip.mlcfg @@ -409,6 +409,7 @@ module C04Skip_Impl0_Next var skipped : Snapshot.snap_ty (Seq.seq item0); var r : Core_Option_Option_Type.t_option item0; var _18 : borrowed i; + var _20 : bool; var x : item0; var _25 : Snapshot.snap_ty (Seq.seq item0); { @@ -456,7 +457,8 @@ module C04Skip_Impl0_Next goto BB6 } BB6 { - switch ([#"../04_skip.rs" 74 15 74 21] ([#"../04_skip.rs" 74 15 74 16] n) = ([#"../04_skip.rs" 74 20 74 21] [#"../04_skip.rs" 74 20 74 21] (0 : usize))) + [#"../04_skip.rs" 74 15 74 21] _20 <- ([#"../04_skip.rs" 74 15 74 21] n = (0 : usize)); + switch (_20) | False -> goto BB8 | True -> goto BB7 end @@ -465,7 +467,7 @@ module C04Skip_Impl0_Next assert { [@expl:type invariant] inv2 self }; assume { resolve5 self }; [#"../04_skip.rs" 75 23 75 24] _0 <- ([#"../04_skip.rs" 75 23 75 24] r); - [#"../04_skip.rs" 75 23 75 24] r <- any Core_Option_Option_Type.t_option item0; + r <- any Core_Option_Option_Type.t_option item0; goto BB15 } BB8 { @@ -478,7 +480,7 @@ module C04Skip_Impl0_Next assert { [@expl:type invariant] inv2 self }; assume { resolve5 self }; [#"../04_skip.rs" 81 23 81 24] _0 <- ([#"../04_skip.rs" 81 23 81 24] r); - [#"../04_skip.rs" 81 23 81 24] r <- any Core_Option_Option_Type.t_option item0; + r <- any Core_Option_Option_Type.t_option item0; goto BB15 } BB10 { @@ -486,7 +488,7 @@ module C04Skip_Impl0_Next } BB11 { [#"../04_skip.rs" 77 24 77 25] x <- ([#"../04_skip.rs" 77 24 77 25] Core_Option_Option_Type.some_0 r); - [#"../04_skip.rs" 77 24 77 25] r <- (let Core_Option_Option_Type.C_Some x0 = r in Core_Option_Option_Type.C_Some (any item0)); + r <- (let Core_Option_Option_Type.C_Some x0 = r in Core_Option_Option_Type.C_Some (any item0)); assert { [@expl:type invariant] inv4 x }; assume { resolve3 x }; assert { [@expl:type invariant] inv5 r }; @@ -496,10 +498,10 @@ module C04Skip_Impl0_Next } BB12 { [#"../04_skip.rs" 78 16 78 73] skipped <- ([#"../04_skip.rs" 78 16 78 73] _25); - [#"../04_skip.rs" 78 16 78 73] _25 <- any Snapshot.snap_ty (Seq.seq item0); + _25 <- any Snapshot.snap_ty (Seq.seq item0); assert { [@expl:type invariant] inv1 skipped }; assume { resolve2 skipped }; - [#"../04_skip.rs" 79 16 79 22] n <- ([#"../04_skip.rs" 79 16 79 22] n - ([#"../04_skip.rs" 79 21 79 22] [#"../04_skip.rs" 79 21 79 22] (1 : usize))); + [#"../04_skip.rs" 79 16 79 22] n <- ([#"../04_skip.rs" 79 16 79 22] n - (1 : usize)); goto BB13 } BB13 { diff --git a/creusot/tests/should_succeed/iterators/04_skip/why3session.xml b/creusot/tests/should_succeed/iterators/04_skip/why3session.xml index eaa7b39560..f888ad166e 100644 --- a/creusot/tests/should_succeed/iterators/04_skip/why3session.xml +++ b/creusot/tests/should_succeed/iterators/04_skip/why3session.xml @@ -22,7 +22,7 @@ - + diff --git a/creusot/tests/should_succeed/iterators/04_skip/why3shapes.gz b/creusot/tests/should_succeed/iterators/04_skip/why3shapes.gz index 5c2739aad51a0a5b9e9576fc906c8c71346af645..5ef67863964e8785fa29c1c101da0a6cc3cf9c3c 100644 GIT binary patch delta 1073 zcmV-11kU@d2)hW78GrC87Mp_+#GrshFD-biK~Yp9tRrP*CE5P_4n@k6ouEL0`oNI$ z;`hxANBQMudwOy&;k11V!>R4N-?nml^Xq2(;o9zvTC&euu(02_m!Yp;eK>)o?)KI) zE37P&W%>(NYvXA%dq7MGh`9Sf0-;pJ_hB8Y@eVt8fwi1$db;os+YqQC)#YBtR_S z9V`<7w#yl(yDWiOLb62fRzU!g|5~P}sPHit#t?w#+SUyfl6HEN{0Km6WzVX30KiPBTsJ)%wDSt#6J$?lK-Iamx)-s7*yf_Ha^ zBFnKvLpb%vw;(JlcDbR7chtDOJD$S7+qpl7*I+qT{C^JDHoHV23K;d|VV5_hyK}E? zH%k5m*GV)v5zF+$F41IqO%r=pT+<{-6Qv7HPLbwhmuSwx*d(4VFI?3RL;oJ?FVEkj z;rI4s(psim({}D?8MwB_^&zXRjrUBfq8X1YqJ+B>Y7gxghRI-(Po8n5JRZ*x(oGC-cCkmk;_8l}dmNuo--Q7cJNNYtEjZh+ zp3xdywgi24xq=?S++K&x@US}9K+o|W&S;Sm$uFHvwPeI~*jQ6{FJ?GzRMb*!X_1P9 zZ#K5j=}?Epy&gw`<)HE#;-YdgRTm|T$~l`U(SK9oQEI7}OF)Ht4C7(arfQ+&=4{G8 zX#z`Q^U%3c_*l>z+xdNEBuoigho zqp(eu5tAU|x1{`UQHsx_?04(0I*sTy6(v*%&jt0)Y0}gU#SSJA;@%6jl|~qDn4ty? z*)#$ltg1PevVx}JA@~|YXb7V6%!@660e^xH+7w2iL+w@YO^s^ZRCoieDJbuR&;fkS z)CUL9mD55Y5ZQ3$rF1+Lstzi!ihz<^Dh%a@A|h%i7)lIi1BC%)KpGGRxB+H>ZVI7% zQ&r$9$)swOtd$nE4|SnA*Pd({H4F?RhH66#LzSU&!-$uhRg3{cmRg2JH4Ov?1S&Yv r^ph96_Nog7oC;qF7KD%uk)Aunm}J7&p^%dozxMhEr}eK#?$gW9#8we`(>$?cRw%AfBJp*j*e~05*%z6{`J^5Zy}z*p})U( z+)1al*)qSu$+8z^&&wXSGjEX{XK;iit`5*XzPz6Qa=Q5Ik$(wu)y$ANQw+^EYt3fi z*2}g(E=QZ)F}8;}HYDGK5)F0lXbi7)XhN?bD^Y0d<vq*D|ED2l-@M=^r&K|CB@`MN(I`;XXsdHI$MzwKWKt>fCa`_3O62fuIV z`B>D>rE_3#Co@5q4@n~YiL|@@IUWatK|Xk_pQ=xS24e5I#9#O~?*O!_V!NwM-@AIL)BW_C;F0!;fkO2iNb&E zlW`_?@%#BQ(%3Z8U>a#S%@ID05pgwsWEylT4W{j<(s{?F@1E0hflekROj)`^mAx+e zYJZ&i+y4z|lYWb#^LE2Ofa{3zJeAwegq!h<^1Y&&dNoQvok8;vq^XIf0hB4yhh+QT zP^!;SHmmt39TU4njSQs>LSpdVu(oND`kO&a>mc<~S!spk7A;t|XeC`|-3Xyn4Q(r8 z3=KgTh_Vhm$R&UUMh?bSR+B>$bPR1nYJbz#bOJUAI(R8fgwSyPgF~f_LLZH6Q3j|b zKuc$}v6f9!DJhmHEeeao2rYs|X2DpfENBbLg0vtka0|Goqz-LegRd1=y49-DMm8Zf zl@Y=Ow&Z9zSk5dOi +"https://www.why3.org/why3session.dtd"> @@ -190,22 +190,22 @@ - + - + - + - + - + diff --git a/creusot/tests/should_succeed/iterators/05_map/why3shapes.gz b/creusot/tests/should_succeed/iterators/05_map/why3shapes.gz index 7ee97d5a13b06dd9e356d4349a34616bb9ae4ec4..6f2caa4f438639206176a1bc5a38bbda412c4206 100644 GIT binary patch literal 6154 zcmV+l81?5LiwFP!00000|Lt5|bKN$Qeb=wh+wLYcRcL%;D}K0@vWkA#ec7%1XctI= z6V*DBBgvl3{`x)mBEfq}NpTcwQae*~Ef5464RrTGcLU77es_8Qlm8U%FTaGl`|I1A zf4|h1-~HQ#zrOk6j_fKG?2&T89CPT%e;x;nUsi_<0ET zbaejv?~lZe#E&H2#62b^|a$GMjB4Z{_p{@mYl_C4CFl$a1G0zTdEt+T5 z@psq$2DKtjBNp-tlrY6N_}BmV;XnMRqu@s&-X2z+iqCm$>gq6)iapnJN{AuU+rwhKiH+-raF^J?lC3LRYVw>KMwD+a9)6jj zEEf})jP%(Lfho`}4I$i)hiJTC}PbEvrR~ZHpEeMXoM>d??0x1X!$0mFr)!RVNVHGq-5c zsl;6=Rdb^qb6fX#!rU^Z{1CfrnH#OljXmGo*vpw4i{{1`a|2sEvCL;nVAb6C%G}td zxv@vgjk{fQ!>bK*R=3a>$SCEsPU&N!V(7Ra7o#UZn-%TB`59#O22E#~bO^R|n5 zo5j5KV%};oZ@HMaSj?M0>AA>S;MH@H)pOz1bCECOxyaw^x#(wtjcrgz7u((e8`Tt8 zZTdA}qaFhrTfxRuu+dM0O$F$PC@t`qHSm}UJmzY{L-0$n&rYqszgP_Pz82!!4LkB^ zF+XGi!cQ%QX+@&gd93|Q#EoL-cupSB4~-d5_tnm^px3LO3&j?c`WcbXXjskh&Gv*B zE4< zjP7WFpIe`)0bank*2*x~ofD5@_Sg99ug_X9YO@gdi@%6N+f+VpB-TT0e6sLx3n*Sl)G+oL`uo}NP>1`!Q~<}s1L z^R{6;Lf{d2YkMV2k*Die?L{_z=d&erctYlT8nmT9hpo|L6nUnvs7!NFXDVNDPc=^I zzWE%^Ol~hEka4ipqN@|Bsh!YZqvyW3a`Usft>mOu@qv7LtYZ0(q=cG47;X@V;?TUsq(ZFWTYa`hXKuWff zpL;$)x|aY*jCYi@$P)af=v>mg-mb_}(n^+Y4u=iB<&qCl~6M;`<{}c|N$bJq9+xkfU`|tD2 zQb3lE7-c<35{FX5YYo*Jc4*1)Okh>VvV^bB4i_Kp{LTG3qsz84y6k9=uHIQgL3Y9_E|E zPRT6u^lEF$B_q9LEvVLIif7c!hGftGYmT(8FCH66dC zpyhH-z}402v_dE5OgeX3&aP`Vdp^RjwZ_yM{jMcrD}k1DJ|ka^2SckTVRbNCQs7bd zniP1^=J}XhloWW)%#r_ceGda1>*@LDp=R2qoJ%@A&`D6yR@NTEhs``&I_SB-zWM9N z@Nj$ML-QteJq6S$(K$zF)Gy3Fb@Wu3lI_TCez@W1tZE)*CylhUoT^LL&^xax^!A*- zr|CU zeKB!X^DOt&#O|ocy7v>>VNREEUpwqdJIvQ5O1)b{+ubjbk47L}BvlX8>R% zax&2zfyc#x6zW2(MZT_0m%nnbos|DMb2<%7|15Kgt=fTLJ=;@>3A?RbKfl?U#hSEa z%?n#*AX%M(n|V!d6aQ_UuH3t~HR7{1H(_dSLZ9axZg0YTJ&rBc<7l}a$CvAIV!0kC zmq1)CVXt0-OtXqH?JC5yCBi(tEGxIO9WtjIO1>jrs4L4ua_{~cHFxsnf^KseZMH(4 z-K(9ix|x)am|NycacxK460-Pz?Pk|$4;Lrs3PY#&@kP!;Y|Q;U^$;^0DVq>4?YGzM z>&3Z~3;b%G1!>60N}we@-|25EO-*%}O31Vg9&xr}?QW!gSJDfiWE1Y{4XYBC=gzrU zoAO$qixPLWjASNmZin&@nxRX+U9!XM+&CVIHk>zo@9)Fi>DAQdQAwG;cr`VpcJ}yO zx5}1Qzji4}BC1Iu8B;y@U&@JquP;91OrrQcF5OM|_2I)BgdTetv&`@7^}K~(t$w#L zXRxp{10Qyq;Q)GZ71BeDeilna7_)0dd*dcIN`%@W<(}b7B+=WJB+N_Bt~Ri za8Wa+!d6C1WTZauId?s0p683thnmmZ1T;Z8jaOiN@v(A;?P;!-cq4fXApbB!Y(-(d zV0wha=7Ka|E=Y^zg0x(Afc5?S_IkcP>asQH1;69oqrEK-R6Gs&#kX3!oRXA1u@r0t2c7i& z6rSRK8eN<%M9c3gYxTrK)a<&bdwc;Moj_;HP;Je;Btx~0zoj;TQK)vVI)*4^Ppf(H z@BD}6eEPe&{(6iru5W${ch?Ue@Pz0m{)z7g%01IolPuEz>VHj@v5I_udv|yHw=n+8 z&;L{2zmL>@B|lx?_>Z|`Ay$(3u|e5EQE1oi;zvK+{`?7Z2qQ%@KYsX6h^d)wn#0O- zeV^O?*X_^Y=s$?EN5{e&{97noJpBDrxLh!5as5hwYI(gD9bgq=%S zI{ad~_q7zcQ zA;k}A+T?E!nbF&=-DjTA?V+yHp;@}a{`w!~W9wgc#wyfIo%`EVLaSTaSB9KMxur8r zIr}lusYh-U0SskS-o}+Y)C1e7LrsfR|z}6aCX!d`ZB~4g&J`c+iq^;1i{3_Ri_RaF zOw?qf^KbW+9-T3fW*Jpc(^LSRS(6oi`*zXzwA^^jipt};zOC;hq6ho73dOFJKH|c; z(#P6G>2-96rCd~^5M!x2jbOG^9xtQ8l=Wt5z1eELS?Y{dqOP|TTkFk+;&0>i;%-E0 zR|hCp(jRS?|GvP{)VRmgFvhS&8B=@9;wSbN1%6drDZB0R8*{W2n;nXyY^nJCW+OwE zS|`#Nlrrh4nZ~3_wxOBEruSu~w2cd)?Nzf+<&`peW2LmMnrW7NV2!S# zbGb@UZD*+9${$O53L!@MxNqw#g`4 zuK47SR+m^NI>)Yln>oi=^)}3Q8fyL?bSSsXR5`%F{Z8q&9{`=%wpDp5{aP zB~qd$QhH7TYz}JXFVR^|fSH;AV=t8eE1!qv@IP6kU}c^qfI6+Ys)@fUkqyF4&J1X_;UZ}YEBwJ&6lhIYqA2gWCi$=6%dQuq zNL?>NZ!T!r`eEPu67eVP`(=*ctDuRk^@LWrVxpo0wAKM?@irx5Ps7R-?$?l>)q<`` z0+yryhN4NIbKClr^4^;^6*Wirt2$Tzi!6B6S1DDva%C`= zjok~i&1$AxwV8J>s>cyz-#tOAxV?IMY-CO)Q9gAy@3yP2=4Gg|1ci$* z4I0A+W?kr&vcmQ{aAlR{PFV_R88J$8E<=$92b5$7RPw z$N2^C2hL^BCp{|e)hInTqa8VDqwM^pFrBa++22ao_LC>g-6(rul%M(#xF#b9tvs)U z^;ZxM#ydNB8T3GWa9TMQ0vQ{m_fAU_*MVFlOr|4@pgNKriH>+jg}m)dr#sbQ*bcQF zTw@!w>AeU9pTb(}Js->@wN;8qtNKWl({H7!+|Wno(^)+^sX>lSe5An+dIGD%C8h4v zDfCmFlARKr;+;Yb>!j{PKr+QPEse?1rv7a2R)8Ld#?f)DiCR}m6WnK zg2e?U@MTQyH49qLmPCbRi|aAMW=bEsne`eu2Z&CU$r2NamSq_Ls1fwHp4iw0ro09 zaKVPWAmY{dgHB6hCl&1n_#{S6ZV=Pp_y{Y~>e52r8GpU?8(0{GVKNNU6vD(z7?chY zDh*v$GV*8X_1Ft0XvPGeMh3*-6O&GBhG1oI<6wMZ@AafRT8q6xNICVr99-WAY#(aW zOpy0pQescO8hdsOT60Fsp(gDV&+NfTu$?up%4C?h4mON|OFs+@aNHww zk6xKbB6ifd*Hgj~PLdcHe9vL(Cq973Y3wKCfYgw`O&p5Oz1|)|x*rAyA5=JOY{u}> zs4!U=u+R#qm^hTL$>BH!GX*Wjel%>9fu^Akf(yw=_D=A`q3N9N-0PY1=#59v;dpSp zvV)Bq%BZ5m#W*;b_Bv-@nMs6J8k?IYKN>D39-xa{Fm8=P@DWU6(!Da1EC^Cz6iVue z8yZ=37~qoY&<_^ycuD9+=tl^mh{u=(8%>O6VyF~jr5M)4xF!ZRF|vuF4Pu*Z4;c{B zJFl%4OoY*RHL#J?IB=#EB$!-K83zI}1a6V`ON=`PZ#CjnX|)NaH{LLULqftbAuaQH zTnvCnl0^KAfe=R$0!iYL3G?DS*$LaZn#NJ<$y;vXem;!w%CRPP5<}*Rz9~-u7(Yof z3TB|Ta^OQh>Yf{Gqs!|vPeOiEo^-DeJ_%?I+%n+052~Lg55<*?8^!ZFv2QCoV+4(e zFDVEYBsY^)2>lUmI{0Hl4poHvwz4xyg&=M43|@bbq^#q^;NkiYy>K$~q`oOnlQ$S! zAiC6Qk^^*mO3fGMh{YeBn5fJ|I(tBUSh+|5mCZ}Z^sk7 zI5HNP31A#N6N(3qa7YY}O(P#n#sZPC{KeP93-}z$P7`yU!i3Fyl9NX;;f*fX_(zS+ zH8zG}1UT!F!I6*#;ej!l8wnTET@w5UtV~Dn2na3#!6yI!;D-@ZOgUl%I0mpi{J;r( z0|dKZ7VY33kTe(GIqD}LBQ`0e?j19bqf_u$5ZXEaB73=m?LS5E>9XT7pYU2xJK179pA;1crpjkZjDZ z$1?%6voVDqjU@7ob`el)%#%mwh%0Qb(>TC&<^c|~p`J6isv-=dl9zx+3~cbz_$mA( zegZ!*#r_zk+(;$})x)QUSFgC1kO?+2g$*Sz%P%=$aEi%(%72;rrVLsrF;_aKQ5B%s z35DK@Swu@pPudp-!3conH5rwG!|oOD$3cu-j(!5RdD}}T2|G+>6ih*(IZ%=VB{@*? zHJH^*+bJGE1u?~Z7IvR$05S5)vR<c#S2Gc_rd&@m%h=++eOu;Iss}j8k zZj7oB4JaO!#j~<_SQbyq;&E9#FN+6e>BNlx!%Yn4FV&#?c##K=tp*L>Td0v4;qUUP zOpN}NlM^1>t&xNGQV{DY1n)Qv0`nABX;&u4|Fje2J;Y~y5QYigyD>NbJ5!d+0imaI z+3*pia1qaJ#h-41*d+rbWj%wJBMkQw{Nq6h?BQ$@TwG%B#Kd%g-q&N)StABSW-y#! zc(4PT%wR0GSf{P_=`@fdgyq8i;k@{uy@G2Y^fbZSViRK4pv5=^=A{mO;sqi8x8f(j z3swV7VVZ(NOf!zg!utrll5UV(U2^zR9KIAbTl^p}_);9c6o)T`02eLJQ6z+KazNx`;-EqverC}4}V9Y5{?|-h5OqN zp91smj${x1E$sn~ZUu+h)e_M6NK#`I|B{r!q8Wb!dm7f4jK} z_mPA+a#da|1z8JN)VXDD&~}t9A&gKb$My0eGG^iw>RNDD8M1E+v*vUW^X$;pqIp&w ze|PO~P%H8@Vj;gk2~&K9fBozC|KUF#1wRV$=CJBiw3d0lF!qc8_M)avJ=gO{$RO04!(ya~hwF!M=RFpvd1~p%b2=DHzPWh#bq1?kOmLNp z39xc8K~^p%(8|RGTe+BkD;E=VsKnui0)BOzc@!G}=_+u9T`} z(T-)Udpu@Y88Uu~?YAt8R+hz{X<6)xEsI6V;)`X06`t7Sv+A>IS$t(#Y}2yXo@H^j zZCR+_uq^K0Y%XR4nkykLdoJKMQ;M)VSH@woD9cvB637=LV~h2=#d_^xy=Jjqy;!eW ztXD49D;DeJPr4qm7I<|%WOY4wbv@+QaXsXhx*qzOSYjJc(ZzIkutYTlR-1kfmZ-h4^;MYS3bS$OMF+S_;#O zM6v2v`IaIXW5LUkwhbk;;r8N`khfQ(yzI_^IdC^K>D=N#n(+Y@V#VHcU zx&?|?LZd}${m@EnXr)F2TZ?CN>I<(R^_bYehRBkbOZ|Y-p5WH)H$>O3nx?sng_kP3 z68e!Z7QxD2N(-7QhR02@O83VfVPB9=g30$O5N#w?-Zqb5a7XffZhaJ%>Py4H^o~V9 ziEKQ|XG`etgv|FeXiI+%TcgKl@JwG(ndYL-RKDV!YFy8K^EsTE+@7Z|<6x^rS0_?a zJ0AZ=&&S+;xiz=eobh zx^IVG8++5?$!+ei-Xi}GkjXopRIIPBi%eV;W%(F~UL>7=(31}5I zWYN&BXjl^kY$izxk&+>KB2fGT#`Z;K*6*9yGYssRruED~?Sw0(-^?XPiN)4|yRBPCwCBrj; zRUOL`zB)S|e7N&B_v=h9+s@>&qdmHk$7M%zsCng`G_Hxw%ei;{>yEZ$PEDJ@rJA-j zO@Y@!o3YKA>b4_q3CWtBHaR=JBydT^d8v8|Zwfmlqs-H*ttppG^pcIIbq=0V5}xPe zv1qcv%lQCTSF2MBotQJ}IB7X_u37B) z=)%?-Q)~3wmW-_gTGIJ&do>;mtsZdI!DvZ+N8M{u-$k3}^KDU5-!&u0{C)T^m0aAX z>wDPZSYP}$)TG;#(@N7~Xt`HJjkdD(5I$_C++r_(e|_`U58>hV#)sxj>UxT;Q=)SY z)Tm#WJ;Q@E$~jZA9l1>rH~gGc&7OnMYM1_u8BOiR8`7)zF_K@R$(!269f^z}H(G5lqXb zY1!FL&{ddr<%m3{@#)x6=tpAgf6DG3U3Qz^O!nVzODtq8h0n4)2!FyD}4%MCeNZpiWFhMZV#$jK!pS4#w}mw3~x z!cDu1Hf;$uPp`wu?Zk)7nTL}4h379C!6A~M9KhHwMWJgLY#EbXsmHB#i?&K1_S|>yr zGO`kANzeE4n@Ur&9;Om9ZG%UgtysGoso$0KLMYjUyL!p0gyp$&F4m^J7U-hHT`eP- ziJRM@{DWrbk}sO++ll~t0msZBLm3a&k$Qtm@k+fA+fn5&6hjU zV!0zNmmOez1HZk1uaCNH4SK=vcte-AKQf9)%o1oP{N~5JJPySj_%1h~>jmUu3-jk& zpwNP@sF`Kn6l4SaZGyT5bFoTOCvcw=((4b9D1Lyn+=zBFL$+qJx4%FlllBC+Y@wVj zdnhj-73uPURw~BNu*$~Dd6Qcf%`N5=cvfjU&^c2)Ux83fXJlA)*-GANw5{~}8 zD0_4)yu!bQ!o|biKZeT%qZZe%^vJ73bEino|IXv{Cx4HJ_pGIvUzca96}R)?v>Jg< zPZ4I{|A(@QpAsbpjryDa@87ThY$gD5u1JsgS+aW$Pf+Q zC8CQEsY;QG%aj_NpO3^|pYn&dxj}-fSheAbrN;O-)3kFbi-TWG7r))y1wZ`k`w!vr zSXO(SYoxoim9}j zl-5Uy9lN$F^JFEKs09q$&NJSw*&!L-L>c{ISylBIZ@xtBjl7>40S2$}yIEv)l&<)P z(lzRz2_%}j(f*@yg+?sA!n>np`I}^m(x#)O^ii?7S>#vg*jKp?y;ml^&kG-y>w3h$ zZm9S2y#(`LX4&AG=kYubi9ma zQr4TL^=7N}W~nn;iMrlWY^^sNiZ6}Viz^YST^*oONo%xOzW+b!8p`OZg1S+`)ZV!G z3B0AFWmm;bvfEl_^wF@`>`$g=OjgF(3Eqyd5y)WydlRj#5)vQmP z(yK&JUA@igW482B&-!Rq`Uqvo;;$mMb#Z|rm z%>jP0OTo%KONew@b5&D&tKfeXv!r$r)2?r@^8Um1|3c$7H~k#suWtdhkp*uOM0~mI zb2X<0p!Q4L&ziWOmbjlUalcsPE*G(@Me2GHdUG4g*1JOQN=%=$@7Fm-uYxAF))QJ~ zgNcd`&{_wmMctHYJq;XFKwpD)RtvhO0a%Xj8;T} z)!T^`*~pwqqI}P8-fmZ4&C5__2?`fs8Z?Ft%(~DkWrgi^;L0k?ow5`zIqQV$gzALs zgy;nC1a-tZ)Ul4cj@yo#j_Z!Aj?0dVj`IuN51h-MPkL0`t5JGxMmuuQM%npGVLD+u zvVWAY?I%x~yHWN6o6*#Vz%>~;Xyth&tUrTrFy7h0%b*A1gVV~f5Xjgdy?0ugxDMnZ zVKNTGdCYoc<_P z<%T}Gpw8;aNeyyr;v)@q&=Xi4E-Cg!XN7*MQ?gT{Q@m5uDb`8XN!v-&N!>}1m7Nrw zs}WUMneOZv=}AOw4r#Y?;pJ&Zxvbi`DvbMii!JSP$oz zkxGWK7hDC_`(fmq2VO?BUvWgM{YYZ!9V0bqZUU#^^(39O7|)D(M0GwQM8m}AjOew- z7(`H~ph!v$p}}brM1x|Z4sk?twx~vSMs$XEhC0JK?K*8c4Qe5DAp_f~~frUXBCc`jIAxzAKLFpi&($HlkBY&2?9DBh8&6wcR$bcApV$x~N4D*8< z2jdfaFDKp6TI>}<%Bk<=;QBsb`%t51g1q;V5_{ss*t28M+LL0v9hqW-B;f}IPJ3yf zn3R?8<)q8CWGr4UOqgjXDAzkDId_Hu=yc@Iy&SgmmI20@8bePMoRXZJbMYW}&|b1B zNmsrcwDi*V#K+*=g#EeaJ(EmKLaEVVpUtLwwiSFo+W;&xJ4xw0lRdl#;>0E>p(gDV z&+OUGn$GGMWim`$2OGw~r5^@{-J(b29-T6gMC@2+Urq@}_()=4a6N~qpZEYCr?H=m z15iW$HgU*1_i|eZ>3$d-Tu|Y#uNlKfqrzlizd|d3V&YJ|B!}Y^%oMa7`_Zsb2AYOG z2reWe**n1#hq`mBb1!GkqclI7vtb$+UlHnVI~n-Y3yy9{AjqC zcz`Z)!MHUFu}3h8N&CV~vLHx>Q7EY=ZfIoDUw}uhLqAx+<0YXRp&#)Wt{^grflQ2& zVwe=&kK>wZ#CjnX|)NaH{LLULqftbAuaQHU<`stl0^KA!4O9h0!cz7NeCssI#YJSey*l* z)Ozxko4BD5BiwSVik-xenWFE@Q~=CR(u{%`Xs#Ui(2u(3#@gug`plG&-pdY<>O6Cp$o+0f%OSm*0DY=!`SlPfYcFX3BnNMTbrg z%9_!G9H2=-WbwbNXr-6fdUI%$VBtG51&5A|1$Y7>2hW7!!6PsdgJaXk2a_Q|WK{q9 zE8+$G4`ru`IZt82#y-i(Be3vB7m)mBgL92NVi*C_dSvh_q(Q7;jOIqdpLCaGKot%J z!95`O2LuNJIDj8UQ8E39QQ#%O0`UVka1;>uf?KqMuRzjVc;~2}d<@^Dl)87!K$K3w zeLD9hjTQPBg(cz#t$1M~L7F5nLgHFNBB)zc_HrrD7mB zM5JY2UoEo6!8iI6#>No$Wh)&`DsVG$_$ypbMhO{xI+^4PXN{t__6_+UM5uC{dO#*) z-XrXq;7vNmu|V*6b>`#y@WSA2vz{>-#AGKg5b=rLjEGvvSp=<@9O}uj33C>6=;#RN zmf(dG!UcktOK@`u!3`koR7SxRz>)(jIlz(wEMJ0I&9t53c@zvG=C`l~O#_ILSC;jfCDh_T zc%F`Z{xO*LQiD4u2iXt6_Ca!P;5suW1Uw%^Ude#su~|Gfiw9@%G;Jsiw1Vx9=hvC%p>m)>S$7xBmzj0paxnw(&Luu5Cc;MfSm{RFRg zPy(Aan*a{Zz5B7UQaGCXJMk;)Z&!YW*2Xw&J3u^!X2H83( diff --git a/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg b/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg index 0a3bb325c0..5938683ba3 100644 --- a/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg +++ b/creusot/tests/should_succeed/iterators/06_map_precond.mlcfg @@ -1577,6 +1577,7 @@ module C06MapPrecond_Impl0_Next var produced : Snapshot.snap_ty (Seq.seq item0); var r : b; var _12 : borrowed f; + var _13 : (item0, Snapshot.snap_ty (Seq.seq item0)); var _17 : Snapshot.snap_ty (); var _20 : Snapshot.snap_ty (Seq.seq item0); { @@ -1615,7 +1616,7 @@ module C06MapPrecond_Impl0_Next } BB5 { [#"../06_map_precond.rs" 65 17 65 18] v <- ([#"../06_map_precond.rs" 65 17 65 18] Core_Option_Option_Type.some_0 _3); - [#"../06_map_precond.rs" 65 17 65 18] _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (any item0)); + _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (any item0)); assert { [@expl:type invariant] inv1 _3 }; assume { resolve0 _3 }; assert { [@expl:assertion] [#"../06_map_precond.rs" 66 16 66 76] precondition0 (C06MapPrecond_Map_Type.map_func ( * self)) (v, C06MapPrecond_Map_Type.map_produced ( * self)) }; @@ -1629,9 +1630,11 @@ module C06MapPrecond_Impl0_Next [#"../06_map_precond.rs" 68 24 68 35] _12 <- Borrow.borrow_final (C06MapPrecond_Map_Type.map_func ( * self)) (Borrow.inherit_id (Borrow.get_id self) 2); [#"../06_map_precond.rs" 68 24 68 35] self <- { self with current = (let C06MapPrecond_Map_Type.C_Map x0 x1 x2 = * self in C06MapPrecond_Map_Type.C_Map x0 ( ^ _12) x2) ; }; assume { inv2 ( ^ _12) }; - [#"../06_map_precond.rs" 68 24 68 53] r <- ([#"../06_map_precond.rs" 68 24 68 53] call_mut0 _12 ([#"../06_map_precond.rs" 68 24 68 53] (([#"../06_map_precond.rs" 68 36 68 37] v), ([#"../06_map_precond.rs" 68 39 68 52] C06MapPrecond_Map_Type.map_produced ( * self))))); + [#"../06_map_precond.rs" 68 24 68 53] _13 <- ([#"../06_map_precond.rs" 68 24 68 53] (v, C06MapPrecond_Map_Type.map_produced ( * self))); + v <- any item0; + [#"../06_map_precond.rs" 68 24 68 53] r <- ([#"../06_map_precond.rs" 68 24 68 53] call_mut0 _12 _13); _12 <- any borrowed f; - [#"../06_map_precond.rs" 68 36 68 37] v <- any item0; + _13 <- any (item0, Snapshot.snap_ty (Seq.seq item0)); goto BB8 } BB8 { @@ -1640,7 +1643,7 @@ module C06MapPrecond_Impl0_Next BB9 { assert { [@expl:type invariant] inv3 produced }; assume { resolve1 produced }; - [#"../06_map_precond.rs" 69 16 69 40] self <- { self with current = (let C06MapPrecond_Map_Type.C_Map x0 x1 x2 = * self in C06MapPrecond_Map_Type.C_Map x0 x1 ([#"../06_map_precond.rs" 69 32 69 40] produced)) ; }; + [#"../06_map_precond.rs" 69 16 69 40] self <- { self with current = (let C06MapPrecond_Map_Type.C_Map x0 x1 x2 = * self in C06MapPrecond_Map_Type.C_Map x0 x1 ([#"../06_map_precond.rs" 69 16 69 40] produced)) ; }; assert { [@expl:type invariant] inv3 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assume { resolve1 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assert { [@expl:type invariant] inv4 self }; @@ -1650,8 +1653,8 @@ module C06MapPrecond_Impl0_Next } BB10 { assume { resolve3 _17 }; - [#"../06_map_precond.rs" 71 16 71 23] _0 <- ([#"../06_map_precond.rs" 71 16 71 23] Core_Option_Option_Type.C_Some ([#"../06_map_precond.rs" 71 21 71 22] r)); - [#"../06_map_precond.rs" 71 21 71 22] r <- any b; + [#"../06_map_precond.rs" 71 16 71 23] _0 <- ([#"../06_map_precond.rs" 71 16 71 23] Core_Option_Option_Type.C_Some r); + r <- any b; goto BB11 } BB11 { @@ -1665,7 +1668,7 @@ module C06MapPrecond_Impl0_Next } BB14 { [#"../06_map_precond.rs" 74 16 74 56] self <- { self with current = (let C06MapPrecond_Map_Type.C_Map x0 x1 x2 = * self in C06MapPrecond_Map_Type.C_Map x0 x1 ([#"../06_map_precond.rs" 74 16 74 56] _20)) ; }; - [#"../06_map_precond.rs" 74 16 74 56] _20 <- any Snapshot.snap_ty (Seq.seq item0); + _20 <- any Snapshot.snap_ty (Seq.seq item0); assert { [@expl:type invariant] inv3 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assume { resolve1 (C06MapPrecond_Map_Type.map_produced ( * self)) }; assert { [@expl:type invariant] inv4 self }; @@ -1925,9 +1928,9 @@ module C06MapPrecond_Map goto BB4 } BB4 { - [#"../06_map_precond.rs" 174 4 174 56] _0 <- ([#"../06_map_precond.rs" 174 4 174 56] C06MapPrecond_Map_Type.C_Map ([#"../06_map_precond.rs" 174 10 174 14] iter) ([#"../06_map_precond.rs" 174 16 174 20] func) _9); - [#"../06_map_precond.rs" 174 10 174 14] iter <- any i; - [#"../06_map_precond.rs" 174 16 174 20] func <- any f; + [#"../06_map_precond.rs" 174 4 174 56] _0 <- ([#"../06_map_precond.rs" 174 4 174 56] C06MapPrecond_Map_Type.C_Map iter func _9); + iter <- any i; + func <- any f; _9 <- any Snapshot.snap_ty (Seq.seq item0); goto BB5 } @@ -2053,7 +2056,7 @@ module C06MapPrecond_Identity_Closure0 } BB0 { [#"../06_map_precond.rs" 178 21 178 22] _0 <- ([#"../06_map_precond.rs" 178 21 178 22] x); - [#"../06_map_precond.rs" 178 21 178 22] x <- any item0; + x <- any item0; assert { [@expl:type invariant] inv0 _3 }; assume { resolve0 _3 }; assume { resolve1 _1 }; @@ -2247,12 +2250,15 @@ module C06MapPrecond_Identity var _0 : (); var iter : i = iter; var _2 : C06MapPrecond_Map_Type.t_map i item0 (C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i) item0; + var _4 : C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i; { goto BB0 } BB0 { - [#"../06_map_precond.rs" 178 4 178 23] _2 <- ([#"../06_map_precond.rs" 178 4 178 23] map0 ([#"../06_map_precond.rs" 178 8 178 12] iter) ([#"../06_map_precond.rs" 178 14 178 22] C06MapPrecond_Identity_Closure0.C06MapPrecond_Identity_Closure0)); - [#"../06_map_precond.rs" 178 8 178 12] iter <- any i; + [#"../06_map_precond.rs" 178 14 178 22] _4 <- ([#"../06_map_precond.rs" 178 14 178 22] C06MapPrecond_Identity_Closure0.C06MapPrecond_Identity_Closure0); + [#"../06_map_precond.rs" 178 4 178 23] _2 <- ([#"../06_map_precond.rs" 178 4 178 23] map0 iter _4); + iter <- any i; + _4 <- any C06MapPrecond_Identity_Closure0.c06mapprecond_identity_closure0 i; goto BB1 } BB1 { @@ -2313,7 +2319,7 @@ module C06MapPrecond_Increment_Closure2 } BB0 { assume { resolve0 _1 }; - [#"../06_map_precond.rs" 190 20 190 25] res1 <- ([#"../06_map_precond.rs" 190 20 190 25] ([#"../06_map_precond.rs" 190 20 190 21] x) + ([#"../06_map_precond.rs" 190 24 190 25] [#"../06_map_precond.rs" 190 24 190 25] (1 : uint32))); + [#"../06_map_precond.rs" 190 20 190 25] res1 <- ([#"../06_map_precond.rs" 190 20 190 25] x + (1 : uint32)); [#"../06_map_precond.rs" 188 8 188 29] res <- ([#"../06_map_precond.rs" 188 8 188 29] res1); [#"../06_map_precond.rs" 189 8 189 35] _0 <- ([#"../06_map_precond.rs" 189 8 189 35] res); return _0 @@ -2564,6 +2570,7 @@ module C06MapPrecond_Increment var _0 : (); var iter : u = iter; var i : C06MapPrecond_Map_Type.t_map u uint32 (C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u) uint32; + var _6 : C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u; { goto BB0 } @@ -2571,8 +2578,10 @@ module C06MapPrecond_Increment goto BB1 } BB1 { - [#"../06_map_precond.rs" 186 12 191 5] i <- ([#"../06_map_precond.rs" 186 12 191 5] map0 ([#"../06_map_precond.rs" 187 8 187 12] iter) ([#"../06_map_precond.rs" 189 8 189 35] C06MapPrecond_Increment_Closure2.C06MapPrecond_Increment_Closure2)); - [#"../06_map_precond.rs" 187 8 187 12] iter <- any u; + [#"../06_map_precond.rs" 189 8 189 35] _6 <- ([#"../06_map_precond.rs" 189 8 189 35] C06MapPrecond_Increment_Closure2.C06MapPrecond_Increment_Closure2); + [#"../06_map_precond.rs" 186 12 191 5] i <- ([#"../06_map_precond.rs" 186 12 191 5] map0 iter _6); + iter <- any u; + _6 <- any C06MapPrecond_Increment_Closure2.c06mapprecond_increment_closure2 u; goto BB2 } BB2 { @@ -2651,7 +2660,7 @@ module C06MapPrecond_Counter_Closure2 goto BB0 } BB0 { - [#"../06_map_precond.rs" 208 12 208 20] _1 <- { _1 with current = (let C06MapPrecond_Counter_Closure2.C06MapPrecond_Counter_Closure2 x0 = * _1 in C06MapPrecond_Counter_Closure2.C06MapPrecond_Counter_Closure2 ({ (field_00 ( * _1)) with current = ([#"../06_map_precond.rs" 208 12 208 20] * field_00 ( * _1) + ([#"../06_map_precond.rs" 208 19 208 20] [#"../06_map_precond.rs" 208 19 208 20] (1 : usize))) ; })) ; }; + [#"../06_map_precond.rs" 208 12 208 20] _1 <- { _1 with current = (let C06MapPrecond_Counter_Closure2.C06MapPrecond_Counter_Closure2 x0 = * _1 in C06MapPrecond_Counter_Closure2.C06MapPrecond_Counter_Closure2 ({ (field_00 ( * _1)) with current = ([#"../06_map_precond.rs" 208 12 208 20] * field_00 ( * _1) + (1 : usize)) ; })) ; }; assume { resolve0 _1 }; [#"../06_map_precond.rs" 209 12 209 13] res1 <- ([#"../06_map_precond.rs" 209 12 209 13] x); [#"../06_map_precond.rs" 205 8 205 63] res <- ([#"../06_map_precond.rs" 205 8 205 63] res1); @@ -2864,6 +2873,7 @@ module C06MapPrecond_Counter var iter : i = iter; var cnt : usize; var _5 : C06MapPrecond_Map_Type.t_map i uint32 (C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i) uint32; + var _7 : C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i; var _8 : borrowed usize; { goto BB0 @@ -2872,12 +2882,14 @@ module C06MapPrecond_Counter goto BB1 } BB1 { - [#"../06_map_precond.rs" 202 18 202 19] cnt <- ([#"../06_map_precond.rs" 202 18 202 19] [#"../06_map_precond.rs" 202 18 202 19] (0 : usize)); + [#"../06_map_precond.rs" 202 18 202 19] cnt <- ([#"../06_map_precond.rs" 202 18 202 19] (0 : usize)); [#"../06_map_precond.rs" 206 8 206 41] _8 <- Borrow.borrow_mut cnt; [#"../06_map_precond.rs" 206 8 206 41] cnt <- ^ _8; - [#"../06_map_precond.rs" 203 4 211 5] _5 <- ([#"../06_map_precond.rs" 203 4 211 5] map0 ([#"../06_map_precond.rs" 204 8 204 12] iter) ([#"../06_map_precond.rs" 206 8 206 41] C06MapPrecond_Counter_Closure2.C06MapPrecond_Counter_Closure2 _8)); - [#"../06_map_precond.rs" 204 8 204 12] iter <- any i; + [#"../06_map_precond.rs" 206 8 206 41] _7 <- ([#"../06_map_precond.rs" 206 8 206 41] C06MapPrecond_Counter_Closure2.C06MapPrecond_Counter_Closure2 _8); _8 <- any borrowed usize; + [#"../06_map_precond.rs" 203 4 211 5] _5 <- ([#"../06_map_precond.rs" 203 4 211 5] map0 iter _7); + iter <- any i; + _7 <- any C06MapPrecond_Counter_Closure2.c06mapprecond_counter_closure2 i; goto BB2 } BB2 { diff --git a/creusot/tests/should_succeed/iterators/06_map_precond/why3session.xml b/creusot/tests/should_succeed/iterators/06_map_precond/why3session.xml index 5aefe21b75..e5a124ca68 100644 --- a/creusot/tests/should_succeed/iterators/06_map_precond/why3session.xml +++ b/creusot/tests/should_succeed/iterators/06_map_precond/why3session.xml @@ -291,28 +291,28 @@ - + - + - + - + - + - + - + @@ -374,7 +374,7 @@ - + diff --git a/creusot/tests/should_succeed/iterators/06_map_precond/why3shapes.gz b/creusot/tests/should_succeed/iterators/06_map_precond/why3shapes.gz index 9af660d528c39f744da34d83c46b45a9b4696215..0b686a41cb0700ad944efaa868a0e4d32847c2c8 100644 GIT binary patch delta 8717 zcmV+oBJ$n;MwLf@ABzY8000000RQcMTW{qyw&uHkMZKLfX*9t5Wzc>w3T3E(Ok;pE z*pDet6xD4^VkdT0x_W;7e2Ww%YHw-VRprD+PJ(uAiQ;8(aorcm{?G5;Jp42KoF3l% zn(iNN?r#6*8}sJ7|8ep0mvD3Yt2waii*TPF?tc6=vGBuxL0yHP?;bwJyW8RBBWi#6 z>C;DcPzQ04SK%^zhev)zE!9E2`{k(a-EB$)bbFf~(5XJy zskHu@=~us>D;fH@v@lJ3cW_gEx0C`xk7@X6e9k8TID229#+Qu=dQ?E=>j^FTz(sw= zgk^n3hYDkV{d|8ne2VD-O?3FnUk)7oy8|zSvicxUSW9dzF|`D9Y`U?vgSPA3uU(BN zSV%wp{PEv-m^u=y0w)e)o&eTho&f5|+(~*!_rC_3G>WjK`WGskF+s~OeE2_~e*Q6G z1zEUF{|XPccaf$j%t4}%Z(^@$#dE8A_as0sXUv>$s{!+&<{~pq2&71pI#0P`4e~$`-0n`NF~6(FEND z&_wFC@|DS-w&qSOlo?_sB&;LP^d$<#S4z;6D9vpz(wR33fW-|K}a+Y9<@1 zK7P85rD`+G`|vmF`^R+qkB|Q>a9xGJUFPQ3S2tjkAEwITud7;-uRF~=HC2tr1704z zAAge%11~c7n~$hCeOni_V5n0t0IGVow=}D_ixn|8s;<<{T~@N4l>>&H$V*KUUA98H zRQqtB#*=UZAOUZakpmMAMnvm#BHC9GJ=;L`Ta&Q^9s!4w&;u!dUpKfopvL^tUu;W= zen&h68j6TLjP01?YS2lbQR!bvKu!V;?|91sO)m|rKm)bitXeKTw$itsMK3DF6;>{{ zQM5pbp4gtw%fPjIC_J23L!s3{;bBpCq2JSW&oah_EDde}u%&*U*P2|K^^t2jyAq&1zkyLQ3BdKgrk}I0x3sLp4C92pG z6_0F9J)78CU`1Ews0v`X)sp9e{Wb5`YtCuyTyELJ{c(GQ^(@0|&{n@1A!FJtGq1$u zs#zKGFAtMsV$(0r%a{w|d5IQJl=sK`aQiS3C+6}%G?T@D>xUf8XsBlT+Pnh%9l{NB z?XRZZxr>Q}@dmlICgi#76euFmaD(4)b5eUD`K5!uhMSr0m(rW{V7YIi$8BL4FaEw) z{ix%WXx#?qxEsC_CPWyg)0^hLE5cS2+vh1l#ve0AQM{K+PdIsI7)=menU!by3yJ*F5vxmEH?EkDr3^(sv60G_#lh+0?4gIw+ zRax{p~hP+(8HEmh~oBC`CEE_U%Auzx!Gt6?Pq}g(Zd5rY3w%iMT1FENv|@wM1`!WeN(q z0NyH7rW6&Np(4AcBFd8~Q)C;6btfVBOv7v;#kND_g*P)3&t$sF#Hl3{caA`HTo1Dl z=qg#H7gqi9MOnJBrGr(O&i&e>v=84-`|!NWWXk&RLnS57calCX*RLCArU!PY85Y+j zYD7-!l+4TgAnSu@Qao~<01|nBcgrdvq-!(1&iELbTiv2FrGEI)-j=O-o3g#7*+b)- zEh~?vf=rVWQnf_Z5>ZQ@ClzFBwtn7+VlzOFcArdJOXde(lRT^@d3?LaWVM~e*ACjQ zOa5pzo)k5;De7Qi$xX@AjXab%*IT)%{2`|XE-5vz-Im{Mjyer-6z<-@?cX15eKO?nu8uu; zce~}s1ip!fM@VE76I&6rRh3mVwIP#p0mb88HEqMQLCoKL)-xlALocs3a)rNt)NB4s8(nci+D_^orSmkVh z+@o^2L*>sk?jtmREshs|pQh!Crp4FMwD@gkS`baEg{Cnrm8Yd<;uV#q)rzLi@p7SQ z@s%_^S!LVXnHAro;78d^ofp)966~J@`w9v6@xA!jTRqx+f9iit)izEDR{w@jv>OyT zA>K#Yox|k0D9>cRJfg?ykPTK#dZ8@g4;AZc!d#bTAWKSrAd7{kAn-Wc`zHc75Jve`ATZ|hBJJVn%s|0DcgRDG=-pnhl;n&RvS<$2`n$(iVQ1zT`TgEGj z)VnDvJatm0SW22xEo?c}!k1GmVmZ|!ms2fjIn|<<7`<6S^md6qyOZ!Ur6{(d&(ncg z3O;k*1fTVP){)$G?3s&I?3s%x_Dn}|S9un{ooDeS-!LUw@Mf-R-eK=}&6J{8AKRS| zzu;?o?pUxU?a<~Q$^&bTsFve|ZNv5ew3v?_nv$1Tk}X2fVO%vIN}T{&4lt_igSeFR zctQ$8?H`lXHHD#`D}|wQ3ZoH?`)&o5etE?Geo9Gyq$vY&Ur!fIq4d&gd8}1Mec(0N z-9lKPtLKly1FE4(3B&HpVy;ZPTbd~~Z6ClR$EVz$)=N$^>YUP%?|0!`*D9-9^L4VG zc$M`ym6UV@`r?##ORtoyc`T7~n?8U1u$Hgi(3VoTKTxV_Pu5B~ol!hVbv>ow`wgt) z%MQ+e35z7#DOH@0K(v|Q2IZ?dlNUZ=TGiaGtS7*vBa~l#IUqWx<7JM3>;cl&DS*@^ zSE@eLw5by1_g zqJ?>Lw+6{`zJ0j{ow^kHuxM6TDsLc|Qu%udiPi&av8PSPLUL?Lp% zf39hAh1K!UwjNu;u>)wpQ(1F#iaiW7lTH0O~X zq@5{~qSUpc*#eu+?kzhNh}jnwp`9qdgqAm!9V&HWhODb0=e-*8_-t!o0Y%h#&d4p9 zrVWw(q?XlWts7HRrQ1nVaXt%8mZj!@mYFYStDTHX-kN^HTy;(%c}_H2j7aalh6lWSVC|I4XI0*L zEx4O;!&eC4$C>!qldV{o4AozMw*Xw7vfVL|YCpe*zr;DTvtN&Td_rH3_7i@6T2Hil z?@Wc`Eq-UJE?fU-(FDcg1osn!GC2{eA?z!9>oUH>hRfw&-N_QX8u9HpY1-` zic%+26PE>0JnWI{aV(d*p9qMWQ_I|~EuE5vJpI1mFKzTQxkY|>&u@2r7;@S#yLcX@45mW6Mv zir-y1d=gwe2L7xr6f1J)GrebYwVHUgSjK;4zF4X8)|zPyB34bYl}VKC(SQ zHFd$JSWtbS4ef2GWI}CsncZ)SLgX5`JJN)iX-OF#izJLbC1(uVWyV_Rm=kmPB~4(1 zOzlBCaAKiRqS~8(0sp>h$P=&BT$@Gmyj#`+^gTKMTDPL7%p%Xs+C}yp9ML2GZ6wdT zW}dFz7U}kdZmo1OPbx>>Te8-=gY^e9Y2t&;^R(-E+D6Wy>J;UmhfB=iV9mQCRPeOv zn49^cLaPo|mj-C6kKwc#p{Qi|yDCr6Iu~vUO3U*1gB6c|FB7U6S5k@to=!yw>P_;4 zJ})dt-Q^ClQaG3le8BI)N&IO1kl=9hz7wM-!Qslj6I5M3VQNjz5nmR`fv?|}7*wwI z{ieXkv)PjtH2(?H=7c!3Y>3mSi8$#2bDL#@k?-Cuav~G)C3RK=1>Wn|`c3PDR_`jQ ztCr7U#QGY4ej=ZDm37!WsdLa2Mk0@(SYSZ2y>g||*9jnRNlX^eZa;sRInAwWeOmU|rKEs>%3~%Byyt&tspWc3$ zb1hq;xaAtuOA070;W)c_r|LQ&C)(Q&C0=Xzr@bJ5RW;$CCf4!=hd%7dp%43&hd$<* zYd)V*=8*$Oi(Gzx@{K}7xl}K;uIrU!t7z>y_E|#b_vz*qD;j>h`G1MccH&VKe$J0h zR|!p!G;u3=6pE_%_sWU~Nf)eE76L!dvAAX}+Pi9-sMl&C6s?0UG~O_RY#AZHH^JJa zwJ8mMo9?C?gqM)VlQCXmnfKc9ww<@1TOO=%#@g@hTCZE)VyGitIPcH>zT zt&+%Xe4YZ^HHmDdORI9~^)lyRMO`8xzMp!?LFv{rE24zg%YoT3gXIQKV=yuA*bsV~ z!9*LRq=fFA2wv{3y}kyl=gH^&$6A}s6n8UKYV`pTcitWK@eY{(c+lZ5^^wP%!lzw- z0`yCSmZi^uaCR9!p^g;)K{eq^w6AD*P00Gt-+j6r9!@?s+(TC}Ts8yhJ@&Yb_vt5q zUneN$qycMmQj;=RSVb zl5UwP3&WhtX_R2iI!<{Vc5>k-%RJJ5bTjXDXuFk4)i<_@) znuonhmUh7DO+DzodD$JxHys)ri3qJS~}DKCs(*lceYm2C(! znH1Bj-n2KCkKgBs%BM{9`?sWPpHT5Bb?6?#1(FPeep25}qo2a(<3%=4>Z47;ku|hw zRvkBOZ2&_ihh6TW5cR=-%pQ}Q-W!i>XA#$9 z`x?Izb%P79mxu5ptCzP{FA?Z33#HENV5?>ML*C+?AHU1tw8*fJA`>aV3&*VUP(s!YaZtk$jc00vm@u%P6!TB%Ll4UH#C0T3Ym-hFLJ%l_mjMh9fY)6 zDU1^_?i+^%#PVs|X)K%WwCc3%G)j1Cy8b z{ooBe7AJe*)DXBe%F7sHDg*GZAAkohlpcp9(6fuZN+y4JGq}Msqm|(_fRmjQo#UNj zo%Njs5!%k0&g#yp&dSb;&hpN(&iKx_&VWWuXLM&&XJltYXLx5=r+ug0*Mr&*QJcWL zcQQ%s1LyQRawm)eq4I(Y_9|cv1Y-jC2yaI#ob^fiQF}RpFa!wCfqs~O6|lxQLT*KG zA}DJR#wLF!HB%tBp0Qv&!Rqv@0M*MuE6qofhC%f`3E#nSK+Yg?oftEy_EmtYl~4@K z1gQGn4o)*D2B-`j%mBq+u-361g=U9-46?QUU?s^0D1{l|2njQj@-K;_G6O9 zIUa|YtPoMC0Y(%PE`!Qn1*kj-Yx)p*V599v;Zp3i^MkU=Yt6H`@~ZQ)^Ws$iY_QZk zSxA5Xkpt9Z`rfbzD>#N^88aDR{O@%rt^xKkT!a9Q8eyEPehiSgK(GsfyRks)I{!LY z%p@I^6q3OJU|J741ucfig(;?ahSt9pXh-2SjBdaN_@sd2AVai~DS)h1@!7Ay#iOBRO-X8nJ+77d{HfUt*?9T{fAJ-p%uh~f=HqdHo?${iS(e9jtxo=kqxe2;C_8{!o2oYvk^WWoO%z5lG3Ok)m=X*XVhzk zy&royn2{USYs+oy2PcIPX6Q{E6N_)Sq*xJ@j{uVjOh8aPkKQo}3Mf%Ti9$*gQ=*^} zM?DJrak)Pz3|*g?l}?F1de3{SeT07z|fCo9Gz3Hz$eX1!6(GX{Qz;tq6&Y?i(s__ zTu?#Q^@`~UfA*!|(*uK6gcl`6f+xsbg5j57f=HuAUOW}9UkrW0k(mJxWPpDXrSEOz z5y+EV1vt~i+K?|seTt7lS~hAv!Y_3aRM;mE_GM!rg;BtJG3Hev`UE_gpj01Z@_kIa zSEIK~8m)>h$l$yPc<|nX;k=wZQPABT*a{QuRhs8q0to?7*$^;N6jz#pN#r9zg50RK0&vTtZdAtsUTe zk9x2{gOgnW@5MNmc~F?p!RsKrg|RdSE=O*IVga6bp*=L?Do40pO1HsCNlZa~!2*r~ z%d5a4gLKBj?>0qwDEfObF44h`0j`D)L5xxv?!0g#8w9vJz|blnqEGc=76NQ52`^c} z?H4@^gWegFG~5Q442*wOTR`+L31Y8=(#(VK`p7jKbhHB-Ag7b!5mr`_HRvBs2>CiM z#Wl>pBTLR1onkL2E<6k@k$ouUG$y>I7Y36vZ-s-vcF@5ij4t>io;k`6z|=AEm4F!; z^B9tGs6j8H8Xb@uymHd^G5QkBf&2N=*o5z7Bpi}azz2X^nM8kZPDqv1sJPRw1WXB| zFn~ZKToXSG!HuJ}5Jp&hPAS3S1+(Ic{zf_vE{BD^8a$LrbZUgJ1o>#R2{uAs{|+EH zqnNeQ31~J6KO=Yxg4aRy!U}HTt$B3j(V0c(miDgT-O@Wcx9Hpg2n!%AfUp3fL~Mcoi_?o^`M^4rTyTTNXwJ)Q*M;%+N{g zB7;D}VCcxBBae<8ZOlPO4jmDFI&?()K^z8jB4ge0LXwU>3w$;No1h6XtfORua?!?7 zDQT7HdpYFA_o(aT?*UFg1tF5tK8_;kq#&#{SvI2tojHG2!1-N4l4ej|%6?GH7{)=7 zSQ<7;9gK4@4c`cK4AZ(3AbtVj2QKkv@rQB{zX0(I5WnEG|BB-e^%&|g)MKc}P>-P= zLp_Fi4D}do)S{hQ0L;4!Sj>a7df*HzBP<-=pd|-w!O={x58epc?nV2(Xu}un_@XUe zdCwO*qg{Vrzaemg8Ns;_UND?wjV=?WR-oU@?1no+LOwGTvJ?#Ymgq}iq%7?wgJciTEK%rQTi{=5*IP)Np-g`Q3PM0b2u086K(QAEnw#XjwJIe6 zBf>bXjU7kd4}O3-F^pM;3+Oh?8s_#7?l7Txydy2u9kZ?ta z7&JEY%l{CQ79M6R3=SA+nl^rWFVz6QmKmEo{KaX~wBs9{!G002U;b!FfcX<7%pk+$ zz#TcA7E>}Kk8qoy8z&^7Q{(>d$N-Pic2R%kLXdqA=XPY?TL!y!6xLcYOwqtjO8*rA zJZM;4wjas1r#(18^e{3iftwxzC*vNrE&jys1`|x^1m9cv1X7~CK{EBqvLq8%8Wd4r zQolP~boPSt!8#MzN2t-(UB4~^k@k0Sin1m z6^B0z;3Y`WutZTR9-`NrV$uBwz6_xs0BCw6fev_Z_~ZD4&kuA+phE&366laXhXgt# z&>?{i$n%R4iy)xTA@21!njUWH0HS|U-oS!)5w0n44a4^WPT7#4>_Q({q*yb2#-KUO zVwlIY>r;ZGB{*6N`opM#juK&1Fn|ODNI^$uFe(;RVo@a)Rbo*k7FBX{F@U`=C%6kX zCWw+4BDbSeN)2#$oXlEQ(kYxAKtd;U7KaYw3Sc$pm3KCSkGSfE{PHJ#Tc}Ro(A^6&EOvVOuL2RknA8>@OB6m ztlfh(vtdqyDEdPO6eoLzK?i?6_822D2NE?RMeBQmNhcm*Sj3QB841NFq4*>epHy_V z3>`!9JvT5cjLBH=&%i)is)uqIebNJDEA3mO*e4ome!)PCMw@=rtk5DABzY8000000RQcM+i%=B*5|wbioAWhJs5!Z%VPXs1Thp~cCf&= zsK*W{ikdMtZFk#APiFu6{T))2s4A)KB<{Aq*=}^XR1`0Vhv$As=D+>$=HVaV=k)OA z*L44Ib9ehc-k3K({P&Abzl59HU(JDCUxfSgaQE@o#KMn%2Xz&GzI*r-?{0^iPpJLj zr_Z0*K^??FUWLo>10MMmwNwZ7?w6ywcegRI1Eazu4L%t(!wY8gDix=urWcuP3zV0~hrf z6PEQE9V(1}_4EDR@HwUjG|}Nte>!mV?+&~S%IbqaVJ)$>#MBbZvFXOv4%)7BzjigA zU?KhV^QV8|Vd_Y*3Y<8Ic>-92c><^-b0_H`-TxYB(kQ}`>R+gE#sn?D@Zo=d{`q6V z3bJsU{uv%_?;=f6n1e(i-^5e(iSlLY1NElZ6320cDfJ0WW`x zT}>Py_xP2SChrT-(}S(N1NvtT*Kt*exP8#|K`jfE3Hbf0p>8{}l`T}E@`Z!BqY1hR zpo!FN01*@t1H+Pt%J`v6sXr3uQ3!O2(>^u_Q9Sc>5{5{qR4-&jD9vpz(wR33fW-|K}a+Y9<@1 zK7PK9rD`+G`|ua)`(wKO`=@^txURxqE_3tis~a%Nk5lFF=T)u9*PUjbnySX*0WXh! zAHS0i11~cBn@^}Xy;~QwV5n0t0IGVow=}C?7b{|HR9&f?yR2k8D+dfYk(Zhzx@?7X zsrKPMjgxQ#AOY`_kpmMAMMUd!BHC9GJ=;L`dy}yP9s!G!&;u!dZ#TF&pvL^8zu1-# z{f>ADG!zkg7~3(&)u59=qtZW>2NPg+y&*5gK`=#_|Jy`CW=y6*Z#*4r0 zRX^%@C0e(^Iqrt9gb5MG>GY<#?~1V1#P)fLkg&#zEfs9m&TxY@(qclLi)BZiyzEeTeAn8|Acn1=pZ zn5wLJI%HFeX{2q;{uYDP9x|gnW$c6W8-r8nSC3AO+Trnglf?x_0UMJH1|I?YlPm@v zf7bi|ul3%E3O;J*ZUzOn4C$*!ZSt$NJ-gw#jHX zr86SwEfU)!b#Yd-DVjsO+IhD7t4%She|EVErd`e^#cT zpbOxwGG$6p!5J#DYbv5VnKDJTfmnAEa?do(7E)|GL|%9^Gx1EOt4y3)GI8e!RLAu& z3xTeZMS5Y?uV0j<8(TV9mFe8CJxcrV?X(ZiyG*964?k2=;(RCR<8uAFab|j8hnit= zZK6ixv`)#q%n!0Yh$h7&*9jnze|NX65<nXJR>&*k?ke2z7hFqXLDah^9bcUxFn$dEQ;wI$C@e9NX?tv zbUVk5S7qbSUIILwhJeN@_tI(oO;h4rg9R~eOh@)`#25$fMXzP<9k9T$K z!MocnKPK=^JUl`oo0!;&sI983qNxp;oC_!(@2Y7Vo(*FD<|7|PBNyJ@k$jB#po$KX4;}Jf({KwtR6!}D#^cf*JzY%Z4QQf7#U61wYWVd!+pN-m{ z#h2ZoBywv1prAh}==&&WZ|mpNZNJ?;p!>G?rsUkWPp>u%+&#J%gqJodL0I{kZNe&N z1LPi+%N;6zu5llse`#^N`1>?1S2QiYji$wKL(_t2S}inG_6)NeU6t4 zO^a`&>B%bF-p;J}9tA(jX6n44{)1ruAlO$(u#fM>&)(|M?)y{!YpS+!La_QbgreP` z$O-X2((W84&qaAA^W_meR)=h`TG9(;34g3uUlZoKGy_>ue*#%7JOzQr;od(GxPd^b z)eZ!KvW+)2&tI=I6xm|jK-ifEJ6R=2yB%cZLG)%`X$`+_UdW0jUD2eLJcg?0Y}+zk zQKa5YQQ@hRGR0EToN8gqsTRJRY7xt+7P*{iQOl_oy~OCv5~8Y`0YH4FZqTk(Sl#*s^%T`j@L{niuJMG z`S1(gw&#uoYtjyF{-Hdu=7?%JPS`eV4?v6g*r6$Ti6z-06dlG@^P$uUpydFg+CGR& zNslL_Fx37rSzS{Y>bX)FDyJ|S(YWtcQ0do4-0!E9e?*!x5cl?Pxoxck5frWN1!iGdAIaR$(qL!DYxm%rw?oS`W)BLrt41QI5YCsBGONX67@b^C`}n3*SDZQ2Spc7e_S4Pd)!(a>iNU@i0N8OnMO%L)tP#> z)GS(~1r?7ZwQqP0R_1S%qud-Mr_2(r0(M=R0 z=lkcHCRbP;4{bYgt&&{t4)9qc*DN^SI=jEEtS7BF-I7M?F z=|S3=GAT-3JDM%9>FnOJQ-PR$VG-Ji@=IuWW7(lnH)hDX8gkyNA&<|t78X!Mo#%|) zl4;ry*-vU&P1d?GMOC_;L>1?=&}3O^e{Pxia<f6@EMOUta>vWN&@!WSOC2r8#i9{Ric z`@4Up;Xi)*KU0+-sl!|=j5oL8V`+X`c4Mym_6t z3|}xUU1u&fW?t%0N6W-{oq0W3w=x^b7-9y7@4TLuQp|Ir*7@YSrxCgd6h@8L9{x2G2x3nOSGAP(C-(! zPqw1eIo+>84bPEApCMk~H;`3t-@YY2W|Jtps@;i7 za&vorb#^FzwF_j9679(JgK`Juk0jeN^Vxi?n7uldr&q18xvDZ~nocvjETrz|+7fGT zb7$P<&N3OWqxs8b{__0%f93xC<<g}cd7rH9rWYHcG{t+JJMluhOdx`QD*YpOMkz^1TJ zeW1PVZKq^SZFiYHaSBM}8o4`CikWvwFCI%Kj6UUQ4BO?&TIrY}bNMArV1tV7K|3&H zAz>own*o2{HPnlrf7D!?MF729mI~xQ#R0T#B~Y0~o|)B)2s*e7i(`!dde_X;`e~l@ zus6@C(#brj{1SgR=4s8r+Jl*t^18nmgSRj+W*32P+<56I3&cpMQGr6eOupYebCctfv(j`Y>?_c^`dGdirn8-0%G&f z&OuW|sjQ1We~9VwMZFWq5mdRx>#Dn6qyA0g#T;tfrGD2qPIG;irI*dcsZD!-s264W zb=W2+QtDMz%LQX?j%F)tGlig*Pz`TFHM|Mc@aBq3etHpNPP=SH<(3;!FDbUPMCR<~ z^{VUGoM5C3tCQvjt1QH77PFLGmP`Mx*Y9`^(@v;~%wT2zSHb^>_d~kocpAV;PN&{K$Cd`;@4MI{0G&9 zf1}a^X>3(^0MI_x|89u8Bp&r$8Ee%KLPwYJuznwSfi1e+`+;qa$yv; zFp6FnWgT@t;SSN>xmhK}RM4pArH2#l;3wR{Pq;%gy0s8=%Su@k=A=%e0&DtlO7O6g zn?G6Rkfxh?(?i?!obzc4t7L30I6u82f0KxL^NP%Q8w5B^tagH|?(w{-r$JYWT&`GG z$o4{W+BriyG~3(49rF&KUc2RzaOhf4YvaU;s;=^-pMPoTxEz?KoK58UvJg4nhahX{ zQWEhmYxZ!N(_cyiQ)+d~4G@>`mhk+)QO~?N)n9@^dN8 zmyms-Q-NPtB+iB~7f3PR&(B`*KQipD)!%cNaeA-f>uEZy63Y92$Lmi$h zi}EbdzrUM)O#=2Ams)%oi5Gwb=lRIZ;~O|q}Y~h%C`{J#3!XSk7QF# zr2XCQ%LEDXQn8~1+e(FtYV|n@4JW=_SiT?F1 zY1$`Ld`ca>nKEhFtfMh zrr(V>wzRJ|SseLeYb%3Se=B1#v>FrWS)Bz{orUT4i^=gX{~QQK1FF>1trMV5rJkx% zZ_^2QqL(dZFI((**=r}jRkLOO7fnR|7fp_(-U%_R-5d%~iTrQId;(Oa%$*iYkrgL<~#Z?XM4UztVG@2!t2c;{K(Sf zt))w3`O89|GZWZqP5zkoH|NJ6asX}e0gmnVhH9#P-tHKxyRYg3*3H3UW^>w_y)u}^ zMu3z`o00O?WijVIe?;A>4)S}XubM#-*&p8P<+}dEJT=rJ*4wIt$RRsfwnD$(eba8l zELX#1mTk(W-PD!IMfLqdKC$#idxc)wkIJr7V<7g)OJ*~o^Z zo$XDEI!Ghg;6jvxAA}w3_=c;F%Z`hV^NzF5cdoOY>2#+$CE200V;7ED=b?J69pa#d zAsWxrD0wijniTU-=|d07^Tc%|?`o4>7eWxIe3u5J1lQKQk-C$nlkyvruNN49Z|{H9 z8bVj~!KyLzA*B$M^l?mFS~c|Pd;1qGCWZCxnKO(VC+#4l)k{T*}RIP+!U?xD-_jYiaK`}sO=wJpY z_JURSIzZ)G$CUiQ_@K40N`}6VYJl|ARwtc7eI>Lipfb#0+-ME{}b1$5-z4Y41SG|urj#AJntLJcsYm~a_X z{whG_L0Hp=$O9W~KMI#(ubm&1RbFeJ#g$i`mz@`{0$_us=E*{T`i~r-Ce!zZMOeWx zB+Hn|0OSAHp|}Rv%Wx3_IBJA(uKF=R<^sVk2=2xLt?T^jU@?<)R8mL=1Au8g=oGXV zA{VBZ<{4W5TA&?;*D$&P8{m@yj)M%*My3F=R>>FP1#gLw6ZJYI1N49ZZsG4S;}Ta1 zFk7%7FfLgfCYbeq>w*~?O)((Van)Nc2OhXGYKWsTQt7b3EMFDeaLruk2Us+K-UGrO zPIhFN3HR`l(*n18b+CKWyI~l7Bp*!V-gF0%&!aAYzQKWKG+09BPP;= zQaUy$Jw!IReu4Y-(Fya~Tg^uJba3iDBuYx7f>d|?pqx>!8TNkc-@jUvCNl-wEB1#leqL>l|l{o5A*pJKoL1F0n#H@5m z^wE3XTkRu%?4Y5SHfc#wEpDiP^eJ+9?m35-WM&Jgg@Po)qzB=o?l~xJlsu&zwBx`l zr*BCSOpGZpro@;MV+y3ehLv$poePAd~N7;=LNZWzuL>bU_B^MZkmi z9t`JyeROUZg;4=SI5H0QND;O|iRqx~OMy2E3uywa3HZ29iStO7FOv=-GCz#dl?=p2&plcLx9rNG0`d?2S6wzY!MC*26!uXkf~0t&V)u2wGv9vg|` zu#l=ZlG0cP3}FXul?U&Ryeuw%DewSVuchjLmEsbr0&eX9=X=zH4H}&63V1KZxy*yY zgbrQ@;Vq1%F>pC@8x#xh#0%}A8CN;N^-{VGMoMA|>I)Wd6j)vb4jH5~9)7ne%0toT z#kfQVI|jHKIs`FFWw`UgjcgF$?f^rpfQUZTi&+S;tt7l;1-D=HFbsNUOww>0Trx0! zR&4>%za)sg5=t`mR=Z4&b$>40^30ck1)F6k9g)NI{;J1#8(1lWXxko#-Rqih-!2|Zt%)U z+sEijFbD4EOJfthlaX*pMgboHZeLt;EZC{N++P%B>arvEeKu* z)e9@Qg}3I>nMY?9om<+wg5Q>YqjQVSEr759!U6~jAPnjm)H4*gKs`fqKs_UWFIY&> zPh+A?kpRVx7OLJ2_zkZDX56z5md3#hU~0?4$bj0>Fo795sa<3cNEi$qd35B_k)w?{ z=*XcXqECm8Xg`Rlqo;$!hK_-K6a9>gy=?Z4vqpdLd#hI$P380s<9W2nbakD(r;jasx*3xIid z0gHKXRu7zEWiZ&Nf|eY#1xGW%K6oQ&yBF>Eq77fP4J#!Lz1N2P$<)L36+q`; zG@AfLXA+%()Sxc#k*@-H;FhdFI3h7>?t2eDfzh8Ju_VQ1Cg9Pjbgy<2Nm<%W2FV_v zS)$Orw!pvAuD6gjLzx7B6oi0=5Q?7BfnqNTG`QV)YgI}DMuc%%8#|7^AN&AwVi>aw z7tn2($EyRLB_nAD)@#kSsLco4tEE$cd!W)(m*7E45$@g7X3B338NRaO+r1 z+9j536cIKu{69hd9{~d&5PA$BbPNwiz{3GA;6v}wF*35pk6IZ< z6+H+-fi5V`kzyRD0nM`xsv);fJ|sF?1`C;K_=1%Ew2qG;#c5FX>;p^J```tIuXMnA z_PTdTjG!;ZAUyRnu>EZY_uyyR{S%?X2f+gD>|nv#Jy=xq#kG+X?}CperF)h^2R`-~ zBf#{3#e77H*7pXJP8{Yi=sLS55(-Z$IwOXTq41=lGXCtqurMZL!9N27ZK>XYseIA{ zWGn4MqgW;yD}Rx=2ueaxn9)hqTMe0{p-n6Uzf;~o!g7V9Uc?L3xr92GQ0G$fUGc&O z=Ol0riQ)!Hu8kdf$Q5V<28eU`Ttf0oNPY=k$uFTzCA6u8Spm-)A36nyzF}4XmH40@ z%nGRq2GrB`BFPBLJNCg21COIgkW?O{Fl$oMQI;{}_l=>YglHI@@126Y)*RyAjXWeu Vo0?F@P~SDi{{zB&gD?fA0035I^K}3K diff --git a/creusot/tests/should_succeed/iterators/07_fuse.mlcfg b/creusot/tests/should_succeed/iterators/07_fuse.mlcfg index 97a236a7b1..f94abb9a95 100644 --- a/creusot/tests/should_succeed/iterators/07_fuse.mlcfg +++ b/creusot/tests/should_succeed/iterators/07_fuse.mlcfg @@ -184,6 +184,7 @@ module C07Fuse_Impl0_Next var iter : borrowed i; var _6 : Core_Option_Option_Type.t_option item0; var _7 : borrowed i; + var _9 : Core_Option_Option_Type.t_option i; var x : Core_Option_Option_Type.t_option item0; { goto BB0 @@ -244,18 +245,20 @@ module C07Fuse_Impl0_Next assert { [@expl:type invariant] inv2 self }; assume { resolve1 self }; [#"../07_fuse.rs" 47 16 47 17] x <- ([#"../07_fuse.rs" 47 16 47 17] _6); - [#"../07_fuse.rs" 47 16 47 17] _6 <- any Core_Option_Option_Type.t_option item0; + _6 <- any Core_Option_Option_Type.t_option item0; [#"../07_fuse.rs" 47 21 47 22] _0 <- ([#"../07_fuse.rs" 47 21 47 22] x); - [#"../07_fuse.rs" 47 21 47 22] x <- any Core_Option_Option_Type.t_option item0; + x <- any Core_Option_Option_Type.t_option item0; goto BB12 } BB8 { assert { [@expl:type invariant] inv5 _6 }; assume { resolve3 _6 }; + [#"../07_fuse.rs" 44 32 44 36] _9 <- ([#"../07_fuse.rs" 44 32 44 36] Core_Option_Option_Type.C_None); goto BB9 } BB9 { - [#"../07_fuse.rs" 44 20 44 29] self <- { self with current = (let C07Fuse_Fuse_Type.C_Fuse x0 = * self in C07Fuse_Fuse_Type.C_Fuse ([#"../07_fuse.rs" 44 32 44 36] Core_Option_Option_Type.C_None)) ; }; + [#"../07_fuse.rs" 44 20 44 29] self <- { self with current = (let C07Fuse_Fuse_Type.C_Fuse x0 = * self in C07Fuse_Fuse_Type.C_Fuse ([#"../07_fuse.rs" 44 20 44 29] _9)) ; }; + _9 <- any Core_Option_Option_Type.t_option i; assert { [@expl:type invariant] inv0 (C07Fuse_Fuse_Type.fuse_iter ( * self)) }; assume { resolve4 (C07Fuse_Fuse_Type.fuse_iter ( * self)) }; assert { [@expl:type invariant] inv2 self }; diff --git a/creusot/tests/should_succeed/iterators/07_fuse/why3session.xml b/creusot/tests/should_succeed/iterators/07_fuse/why3session.xml index cc9b9853c2..93580f029d 100644 --- a/creusot/tests/should_succeed/iterators/07_fuse/why3session.xml +++ b/creusot/tests/should_succeed/iterators/07_fuse/why3session.xml @@ -8,7 +8,7 @@ - + diff --git a/creusot/tests/should_succeed/iterators/07_fuse/why3shapes.gz b/creusot/tests/should_succeed/iterators/07_fuse/why3shapes.gz index 57e6d7442fef4321f44e307f9bdf5d1e7a35b4a3..46ebe3e424299a87e11c184e1c7df641a07b97f3 100644 GIT binary patch literal 1437 zcmV;O1!DRiiwFP!00000|Fu_1Z(BDIzUx=$*4DmoxW5892!aI~DB42-9&7M%Nrc*x zD=A6)?>pop-y#c1+n_o~giH>aVo2?nT}6x@V6wX)y@S)S)i1FrZz0 zdAtTBH){?^T(Ih=Xi+$Png?2{d_#c(H3!cnR?zI z-XqWPU_rRw2EJd9FVUik$L%&%vF-XW=OH|`YA$LCKGV}Q-zR9;jn-&#hIb@%Zc zE!wF(1j+1*{0_fee>|OzpJVv$<@a_>JD2tc_iUka`+(mMGePLGAhHbJJdB2!rFt_U zKy`~a`)wI7w(vsr!_51vX@Io*Tx9DBv6O8Ffb*hKsiksL^FkIEw595ySyXe(QBYiC z4(K~lC(K#KyzmW}H)X7liv_trr*IFzP{_bgcqnXWp66AearZu6p2}$^-DS$%z}l1- z=qbB`K6_D48~Cb#uO6C*>2ro(6=95!j3xJUoe!(OkGlP?w8F_Il^@(M= zrU+}fmS&OF(;Qh|zC%T~BSY!0MaHycszt`smm*u)?K&M#>qGqWGB%8PzgYAenj0F+ zo#}Bn9)4+UWKbI!&5dlRhI#+ugWybEZfOexsx~xL<<-=!^o$WZ6sep*9&0xvKQ$n* z_tmhPz|$$F=eZ%sk+yW?$3xg(@X5Ui)9B6w#x+;*2z|j9u2EpPPcrRmF#_Ez51<{8ftwj6!WZ)(kLe&sDbzgKRe;AXBy3pBe$3h8&oN98!jyd90SnWfpPkjT1Mb>9$L8u%tnyZl)##@;s*SRO#;1DL`~nZ~a{HN#Z?cUtsq zExXP9C88PcR(xbO%un}9r+Z~J*SIZ%rf7-wmbP0Y6JI7=DakG44@dSVj?^^fJiALz<}fQFM#w?_Q888){Gj)vJ@o-Is-aOQ62Gr z01vWHfd=Sk2ta}l+*8j}CyNwZONmI8O2iY@B}s#0Qj(Z>;xdu04{1$1!-%2EP-!U2 zazimXYUux|s?!-D-zyR*VP0vWdq;dqR0tIj0aQixKT;(rSAysuRHDvxo#u#S@3Km@-TnCJf^%ADQ+<5rwWwziDCAMB88bLjNnEvBk1aH4|&#CA`k!onr**b literal 1433 zcmV;K1!npmiwFP!00000|Fu_3j~h1(zWZ1B)^>9dMZKm#4u-LY76{ry0Uf*0%t(pR zU3+UgN&D|hX{330-K1?$A8d)@^AkzY-`}mzAN)%=uRn#;d4D|oxK``CA6A#&{r>Pt zIkqcH>7Xu!XJJceFX=jv&=#Ac8EZ1w!S+)zdVIY=;;Lg_VK6VA&j<|zf08f z{_vi7jt2+Q|2pvfa(oVsR6K0Av50NATmP0wWxMgGa6UeL3KRp|3{Is*p^B|TAlBW- zb8uv*@Gv6tEAm_V_U-X>I(`oQchA3-Ep(6eP1o=InpF3uaO4wmZ%fb zC!7=8pZPP1Kju^$wN+gyAyUR=wRFQb zk|3Q{pD_D`ixkMW3)+FI9)Y^$5mt{tQ3}e1iu<1_wWn;ZnUNN^5}rBKB}Gt|!#Il! zr^qlzhJO~)c;CYRp9Xy z;?vv^q)2#j>FW^;_5Z3H&j~q}MI@^DR}oSZrg|Ppy=MBfb=}@LZ++XH!u>igFDHLEFA`ggzNdG!oOS@xprvFyLC5s0Y~@M+M2Y0zPL(3!`Y3p_(W5!V{7MGm#fp_Vy}bv`Tf zGz?V*bJbZd?yjz_^rKqvKow8blO85|-trSsMz+GhS-nD2uTal3C`*FLeDnECPggZH zy8ZbvRZ~Br#3z(+LP;!~mc{2qcq4IFypkmeY5dG5k9js;>LIL^Gp>2KN!`t}Fpsu# zf=(>eR)Iv7eSJVHLQ4bRq-mEvtHtR1Y934D$b1~rbScv?HmF8Q<$tHe+}5(&%wHm& z@UF$jW&{0nuY9^!EV(9J9y?`CwAZxVBALW8;c{UXH)_j~1u)9%|0tMnUbUu;o#{Jf zq}ELcTJvZ`hYhv@q3hScY-5epR#|Cy%t0w}?rKGYgFclccx_^shkls*OGG zq2YZGtnYf!@lM1>WhuCpl7VX-S;uq}74JPN#X=NOsK}bOk89poWR`2omE|NWET`zW z<^QLu#w38cR{=>D#tcb#`j5iAPq_ts +"https://www.why3.org/why3session.dtd"> @@ -72,7 +72,7 @@ - + diff --git a/creusot/tests/should_succeed/iterators/12_zip/why3shapes.gz b/creusot/tests/should_succeed/iterators/12_zip/why3shapes.gz index b5093cc4383a67ddcc7a950f285a052530eee3ef..467ac4ca1f20581ca9049433a801ccf9442d55f2 100644 GIT binary patch literal 2177 zcmV-{2!8h;iwFP!00000|Fu|6a~n4jz3W%-wj28bG`_c@14~5~blDuTHHST{3K(D< zR%DVZF?M!;eHxg-42B#^ievd;Vj4hqzt@d!K!5+Rdj7>7QYzs3yvO*Km!N|Jqw19X?)4}SLpKw*(Ukj3n9KG?ubQ}r%F@2Bw*6zpK7Cq3l>+b)%zcl-p1?>R%2fh zS_tPf$);rm5i4#y?C83ja{}r<HznD?tdPd0^ z3XueP#Br2S$ZHuTXIK^zZ<-X-vVuqyM7%~sQj_xaC5ZGrcB$n}S+|IK%(_>a+{?N5 zQd_GsZ~^t(^N{rYsvtcco=@#zA9g2vhRq%hI^U~JU!jM$!;l-aWD6RrfTE*Jd)kIn4Ct(9@ekr8h@ElnvjGPZcpeRpxI7m7Lf84Ss&{H~He9C1w!l z;ak=35K}f+N>QVknW0b~1LN}os<$hf-b|ENj|4G)QOL}+>Paa~_k-kvDGxV2ipIB` zoV{0cQBf<;nr9DzR1A8zffjRgdba@d?-rR((4A`!pD}w+F{F~>?jHVm*vBfHJ|yY$ zZvP3_9QNt>{ik2|^Wk%BQmeSTbGPZt_FLEPDLx+_zeIe+m)?~IgOoI^1CqfzwQhY-82Or=0WlJ~s^EJ#J3Z_|swWS5SDS#O9i>{O&6~U%&rtGb;#n4+WuBMCZzeXIGVZ?Sc;GY! z83hk1KAVxvVGh}$o1%@@ykV}XbKYpm8CCNpQ_iT7x1x+>akfA%dCQXx6y7lBkO5#d zZ|N#=n^(!g8@8BB-hj2V=MAU(I-WLfe!9EsrW_oHB^i^qLv3#qZB!;h;W&p2B_f9l zzZ)qxRf0-0B$>=vA;*-FdPcnzd0H0grI@Hsb7LaQa%Ykmu@sHuC6OhcC$c0W@?NzfF}tO;vTb5^jfnQfi$#+glg-W%;&l zI=Oh)f}y|{D?|F~;oFq9MoL?ooB7Myw&~x^th`>FlvG{ogJLk}r(;qYy}ti*S}0jo zvt8GJw}V9ZP3Jv{QFKI*NV!*-_ev4)-n7a@5GzWovDzvtt+3oO3zk}PLk&3Uff3#X zOm9Y+V|cJgOy-batp*#W2v@OSt>0RmU2s(rKkm8+JPBCJ?e3-@~-O?b1I@c zCP3#!SV>d@mKn>mWy&&XnXr;rVP4VP8DWUhT5%H{5m-aCArxeEO1PG)Z`Vwe1O|pv z?S=83R-si|8OK$tTST6L({IttkqPOMgb++C4b_qu5{Qu@q{|#jnuR{sER+@U70ry3 zwv9~ij+o9c9~6^XI&V;&aiJN*r!1gyVFAY&dayuWv899V(3qiwur_p_$!PF; z%{_xCRLqGXE|_PSSpC9M_vjBspeyS zOV-W1Vdt#X3OSdZ)+}%noF{Cz1CPRonD!d7yqCB@S}#3i(o1QK7g2HNB=$NYBGGv-UEcc#D!p&$^&J2J D_8d8H literal 2176 zcmV-`2!HnD}Q`EbicLn2^--*er#l;8*@ACAAX_H7c={OW*=W>Uyi>x zvM)#Wab#cqLH6bA?29T4yhyM}ph$iU`=VkWGW$~`i0F*mA2AQOKf;y&5wqY3Nsve6I1%`B`kwY(`=39xzlG zmSL!9&Z3ZJ%P>sd!{q+b{|dlj0;h@476_qjz%C&`k_;HqFoUr3&H}=&fC$<8FmBIL zgzUpGZnN{u`}_-j#Kp#6$UbI4I|BarF_DlkyuZi;R6NkaBsd`eG65@)1_I!B60qd5 zMou%Qkhd$C3!F<}UkExbz(Nuf*qBk`C6u_kgy0Mw%*zU{F_a|PZqGX4^P_)wS}7!{ zB3;B8R)TstoTTb3j_VOTDTC*bX~9XfNU~jz6TTQHemPEJfr2MN9ub2gqY#(kBo=X6 z3Fkb?=Vb*EFLA)I1l3CdYvdBXd?-rslaQDkt6bJW#Y?^nVOZ zYRhZ>hvua+5lXyHGKw!^fk{wK56}Md^NixVwF7a&Kh6sZ|5*5k3mGL|%qV#|qtpV0 zOoBWTG|DK{rHoPwEGvmOPs({&K_m+zQ6plhNrn0n#D*Tb*7D}8TSYx(-78J*<=lIz ztyLMgg8J=w$cBDZkRA_D&+Xx%+dtDYZ1Hd~`Ce^@3O&9Z#@v9CEv(cZDCSspU{;f> zU*1=%9%z`Z&1`;i*!j(2<~N5?knf zx31qIwrsAHl195Q16Upd)AItWw=19DOdzU9f?U2RRAyQaq!gxyLGr>^>$ z>jvya8PDQu0ev_;J|4cs?oVHSrG@|89~;4jZT<_E{N{4IE#v-Mjt5Os zkV$Zt;?I==BBJw<$|O#JS7_?O4cf|%v#0PvX-PX`x=PJyl!AW zD=YWohxni8sqnJ7@WNbptAbb6yQzSY6^z2;s=a>sVq z2ia{DDM81rP*g+Gy*AZcR(bGjRAG&4QRvfk@~&+bRo2G0Qq;RoA7<98a31In^w+lj;@CT(Gu{ zT#BCA-ty3Cu8i`*lE?(zX3g?UGlfq(B<0c}jVbi#5MHrmI@6Oe3ykr$>jPKO()C&d zj#28E6GNUc&ndIG<0L2Qm_y>qe2;a>I?p;CqKN{TL=&t51oFqwZNun|04L9)^TVtM z!EG!1&h}j^dc-!iF-WfINcCC`*4cYmCku4@=zCNFA&MYd8~a{rI-v%chGbp5n{}^Z zCzN0YC6$jDx?V(7l3p1mC{&oOzgyg+ro$&h-*VYX^fFKp(qOul1*?(w**bqO>&Ue? zpcxmDia;kd6;*FL(J4jAhap=R?`2)c7;Vd`Wa^fo&`e5AxzPKr(;f5!cI||6;_Qt7 zC?BW@3Kmq4y@Aepk1QSh*mqIK)(4S&IICSh?A%fFU}%F@bk757K*7_ISCV6@`BdMM zb^C7Etc0zeF`?K(lBpmxa3#(*=-Y3nrgQSG#HS~@M9=1!y2;52i}I%S-q zHmjVHS0D^CmRgvXiuZwPHFi;=q6WqzS1KVg)R&Dj+8O1HbVfMCoxv*`n2l zBJ~svB14K!L>ao6_FA^Sm-&vhK?UF{C}nMsQ48-C^*SaaGkGtp@BKf`?qR?69RL6- CH)D1H diff --git a/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg b/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg index c328782b34..784e7b7fb8 100644 --- a/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg +++ b/creusot/tests/should_succeed/iterators/15_enumerate.mlcfg @@ -394,6 +394,7 @@ module C15Enumerate_Impl0_Next var _4 : borrowed i; var x : item0; var n : usize; + var _8 : (usize, item0); { goto BB0 } @@ -416,13 +417,15 @@ module C15Enumerate_Impl0_Next } BB3 { [#"../15_enumerate.rs" 56 17 56 18] x <- ([#"../15_enumerate.rs" 56 17 56 18] Core_Option_Option_Type.some_0 _3); - [#"../15_enumerate.rs" 56 17 56 18] _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (any item0)); + _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (any item0)); assert { [@expl:type invariant] inv1 _3 }; assume { resolve0 _3 }; [#"../15_enumerate.rs" 57 24 57 34] n <- ([#"../15_enumerate.rs" 57 24 57 34] C15Enumerate_Enumerate_Type.enumerate_count ( * self)); - [#"../15_enumerate.rs" 58 16 58 31] self <- { self with current = (let C15Enumerate_Enumerate_Type.C_Enumerate x0 x1 = * self in C15Enumerate_Enumerate_Type.C_Enumerate x0 ([#"../15_enumerate.rs" 58 16 58 31] C15Enumerate_Enumerate_Type.enumerate_count ( * self) + ([#"../15_enumerate.rs" 58 30 58 31] [#"../15_enumerate.rs" 58 30 58 31] (1 : usize)))) ; }; + [#"../15_enumerate.rs" 58 16 58 31] self <- { self with current = (let C15Enumerate_Enumerate_Type.C_Enumerate x0 x1 = * self in C15Enumerate_Enumerate_Type.C_Enumerate x0 ([#"../15_enumerate.rs" 58 16 58 31] C15Enumerate_Enumerate_Type.enumerate_count ( * self) + (1 : usize))) ; }; assert { [@expl:type invariant] inv2 self }; assume { resolve1 self }; + [#"../15_enumerate.rs" 59 21 59 27] _8 <- ([#"../15_enumerate.rs" 59 21 59 27] (n, x)); + x <- any item0; goto BB6 } BB4 { @@ -442,8 +445,8 @@ module C15Enumerate_Impl0_Next goto BB9 } BB6 { - [#"../15_enumerate.rs" 59 16 59 28] _0 <- ([#"../15_enumerate.rs" 59 16 59 28] Core_Option_Option_Type.C_Some ([#"../15_enumerate.rs" 59 21 59 27] (([#"../15_enumerate.rs" 59 22 59 23] n), ([#"../15_enumerate.rs" 59 25 59 26] x)))); - [#"../15_enumerate.rs" 59 25 59 26] x <- any item0; + [#"../15_enumerate.rs" 59 16 59 28] _0 <- ([#"../15_enumerate.rs" 59 16 59 28] Core_Option_Option_Type.C_Some _8); + _8 <- any (usize, item0); goto BB7 } BB7 { @@ -556,8 +559,8 @@ module C15Enumerate_Enumerate goto BB1 } BB1 { - [#"../15_enumerate.rs" 82 4 82 32] _0 <- ([#"../15_enumerate.rs" 82 4 82 32] C15Enumerate_Enumerate_Type.C_Enumerate ([#"../15_enumerate.rs" 82 16 82 20] iter) ([#"../15_enumerate.rs" 82 29 82 30] [#"../15_enumerate.rs" 82 29 82 30] (0 : usize))); - [#"../15_enumerate.rs" 82 16 82 20] iter <- any i; + [#"../15_enumerate.rs" 82 4 82 32] _0 <- ([#"../15_enumerate.rs" 82 4 82 32] C15Enumerate_Enumerate_Type.C_Enumerate iter (0 : usize)); + iter <- any i; goto BB2 } BB2 { diff --git a/creusot/tests/should_succeed/iterators/15_enumerate/why3session.xml b/creusot/tests/should_succeed/iterators/15_enumerate/why3session.xml index 56fc594e56..d4685790e2 100644 --- a/creusot/tests/should_succeed/iterators/15_enumerate/why3session.xml +++ b/creusot/tests/should_succeed/iterators/15_enumerate/why3session.xml @@ -41,7 +41,7 @@ - + @@ -58,10 +58,10 @@ - + - + diff --git a/creusot/tests/should_succeed/iterators/15_enumerate/why3shapes.gz b/creusot/tests/should_succeed/iterators/15_enumerate/why3shapes.gz index c05292fe520933998d70ca05e0ba995af13dc925..a581ba10285f4be23ed20ae8035c0514f51e27a6 100644 GIT binary patch literal 1874 zcmV-Y2d(%YiwFP!00000|E*U`ZyPxhzUx=$HapIRMHXL+^+7N!P{3j@yXa#Cb~if_ z##VbJIr04aEwV|8ZOfS?8^dVvRbR2bDi(`>yICGT`=@YRehG);ZruNUsg^gtFHZmU zyZsl@uytlSY61MjaZ*u zf)|%Wn&L|Tv6;53{7s{>lhlPJ{fbVq+cp4o9Bd{%0A+;b5t|20?IU1Cyn>CGY^I4Q z&H*P1?AZ`%S?@p93 z7I(fIAD=ms%D{Nm4l@-AcVBs<8=v>5 zOmW3F%;}c?MMcDIOUwJC|KOi@6w~+{ecuBk=h1BV6b{Rg((v#wevSB*;0WIflwHl= zbv5m9tQ`%-(@>Gh7sKLte+a(&?AwR1d>TpX;_fa|$FhG`g)NxGSCvmzHIu7Ca2CA4 zBnSNGnSzJ=t)YJsyp2EpWor2SD=oaz!dHJ~Yy;MhS8ZLr;`cl0ou{obzWP?A%&34f z7n7w`7?xHud`+BD5MN@rIxLf%A9;qN#*dyr4)YV3v8GeL`mSU_IsZzsxJpl*AXr&8 z+aN26tJ)$bHF<5eoGqTlBdtp+2x1dsGurk# z#A!pTeE0K9z?ZX zR}qBCZp0EnDAwl)N^_;i+=rLbw@XWrOUv22MqKJdoE6A2)`=?Cb$Q3Oygzb(Ugtxs z^DokR60G22p+B#{St$=$MgUfohp;ZGEinLMezozAt&13)+JE?mu>W-W9E12YZsVbU z^e=2Pd;g?ry*$I9yvwK%U9aY8QcXLH=Yy=P)2b?!EP1IgfA)Fa{H%0`OX0x+U4n8T9iRi@fMmb{bJm%KURXtI1cIF!LaT%61vd~38LtUY*_JT16VeHlzW8I{eXq%4FoO<*_C}cwO*eGP zAcPjZN#NEA^Ybb=205^<=QemQ5J^ePK?jRoc|HtL1)@XYkUIp2>}Rxy-nX6go$Ue! zu8H#2XsI-C*@BX|MC;HvBwfm(`~?~Rx0T=6;!n~m)+tqDv$&d z)!3p}k`v9pp9Tp~pe=inOmv{|>aWpXHyVw9-7Jrv{ZlwDzl6ha*YAH@s^!hEi_`!8 zZvRD8Y@M3Cg4~3PuNVI5(6`S`I6@`-hYuB2s?wWr<@gVkN`0C7nEGNMfFmq9 zQ($~}d^-JEnIv!4i@TG*+urY=AH%_)LRD3E73ch6=l3U8*@U(iW*+X|qJgUzT1Adj##V$*;reFQ9v7qAhN%`_3k zDd0qgoeZHij@#${7#_NXzx6kMi#}vtw!0Jk-%PW+Hcs#MpTl8y+EVXR82;jX1EYLw zm)!cZKMzxJ0({*c4*l2A{_^<8Y}Lnzdr-S+o>A1*A6RvmZyPqe1rQ&^1Z?zaE!A4BE0VgQDraZBHXusHqs z6qZw1Ec_uH`-d-qWr>kDn1mvnKl9i>3xA~EmX)C6JdSCRdr@BzS=t z9Pqzq3LZ{WpI;#I0+HH(V^{^&_gC#&z2Nd2shp>%JidA_DrRQGWcMIchFoq{-PeI1 z3fN1$76)UL^F2>c)cD@h#$kTi64rR4SKpKvD8FAx3|HwXlL5=iW*cNVNfle`1s%#iNmaJq_B$wRz@uBeHlMb^=DNet@-6$G(~aTslT8P2q!Rl4W-#iJF+ zbP;ka0(k@|0=eS0;<7*!BB8~`Eq&jNV8JTEN2((!yOzH9^XQEW-Va}rY2f~)cLq~# zX>V5r?n^UGHq#6eCR4`s{rx3w2Rdk4rog3so}K2f;^ID|iCO5z)A~AeR+NIU&Z$jA!$HiiHr`A$03GCi`-iaqbow0Q`qXb@9(eR;wwb+khRQrYxga}- ziq7?Fo+j0}vv_34x-zY*T(zq8RLW0bkTyRn)8SI4^Glg7t~^q(a236bl7FU(_+w?# z?SE65L{fbAmD_ujL83Kf0s*@Fs!RSz@1n^3<~xD-TR`jdCd#h_dXEicZiiQO82~o< ze-SS3A7aMyHC+TN9;Uhqnk3Fng83xGt+&rHEr`03eU#`|pLap98s$ zzr~_9(u*!A0|GQ_8*eDeu```$pyNg_wNp+ybi#25jx8ieW@>I&pf5JTin_MS8;er0 zj@czB2hssL5DrKN9582{S#+HQ-C4yr>x9A1`_@wu=eEU$8P1oAIcXi2j-%tGk2?;I zGY8gzaiAB{XzN?fTFIELn@$ERn@}smjndNEr4UYVC%_5jI6)c5wd3kNOhf{~Ms=aq z!L))K2!@Q;1gLCHnA!>Hgc`p1ec)}YTVudM!YV>9Rw@#QJSHUsJ zjx{Z}!E=E~N@@-|SoF&Cu8S%V9SVosAvk0|qD8d6Zme%?6EJX1l-EW}rGd*Dl*A=k zhsGi4QV!)$&}g~DE&v0sSZytmF2w?LOe(Cs)X^@54&0%fB` zTXPlarnSM=ONma3=&T=B5iBsFeI1k*#u6;ots+ZnsT$>_T}m>IPM!R=05H}_*?IIp z55>^5UZ{q=gTZUjNi(3C?*OEeY)ml7L3Xm0!gi+doX%M1HDe5y$~Z-7K{+LzLZ^gN z+$mTH;N+^VmZ&uvP+aOx*CKR^b0rmDYUQ+a8lzGzoTe{0&787}rfrqtmWSH2mWmM# yhBhG@N-C0dwHajfb=kNAfRYcITGU=qoGKou-%_S(5eHdwUG^_tZq=oF6#xK%Ethrx diff --git a/creusot/tests/should_succeed/iterators/16_take.mlcfg b/creusot/tests/should_succeed/iterators/16_take.mlcfg index 7686a575d8..8567343ed5 100644 --- a/creusot/tests/should_succeed/iterators/16_take.mlcfg +++ b/creusot/tests/should_succeed/iterators/16_take.mlcfg @@ -296,18 +296,20 @@ module C16Take_Impl0_Next = [@vc:do_not_keep_trace] [@vc:sp] var _0 : Core_Option_Option_Type.t_option item0; var self : borrowed (C16Take_Take_Type.t_take i) = self; + var _3 : bool; var _5 : borrowed i; { goto BB0 } BB0 { - switch ([#"../16_take.rs" 54 11 54 22] ([#"../16_take.rs" 54 11 54 17] C16Take_Take_Type.take_n ( * self)) <> ([#"../16_take.rs" 54 21 54 22] [#"../16_take.rs" 54 21 54 22] (0 : usize))) + [#"../16_take.rs" 54 11 54 22] _3 <- ([#"../16_take.rs" 54 11 54 22] C16Take_Take_Type.take_n ( * self) <> (0 : usize)); + switch (_3) | False -> goto BB3 | True -> goto BB1 end } BB1 { - [#"../16_take.rs" 55 12 55 23] self <- { self with current = (let C16Take_Take_Type.C_Take x0 x1 = * self in C16Take_Take_Type.C_Take x0 ([#"../16_take.rs" 55 12 55 23] C16Take_Take_Type.take_n ( * self) - ([#"../16_take.rs" 55 22 55 23] [#"../16_take.rs" 55 22 55 23] (1 : usize)))) ; }; + [#"../16_take.rs" 55 12 55 23] self <- { self with current = (let C16Take_Take_Type.C_Take x0 x1 = * self in C16Take_Take_Type.C_Take x0 ([#"../16_take.rs" 55 12 55 23] C16Take_Take_Type.take_n ( * self) - (1 : usize))) ; }; [#"../16_take.rs" 56 12 56 21] _5 <- Borrow.borrow_final (C16Take_Take_Type.take_iter ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../16_take.rs" 56 12 56 21] self <- { self with current = (let C16Take_Take_Type.C_Take x0 x1 = * self in C16Take_Take_Type.C_Take ( ^ _5) x1) ; }; assume { inv1 ( ^ _5) }; diff --git a/creusot/tests/should_succeed/iterators/16_take/why3session.xml b/creusot/tests/should_succeed/iterators/16_take/why3session.xml index 0f29b2ddb3..0818cbc038 100644 --- a/creusot/tests/should_succeed/iterators/16_take/why3session.xml +++ b/creusot/tests/should_succeed/iterators/16_take/why3session.xml @@ -17,7 +17,7 @@ - + diff --git a/creusot/tests/should_succeed/iterators/16_take/why3shapes.gz b/creusot/tests/should_succeed/iterators/16_take/why3shapes.gz index da6067f4e125ec1962fcc5960e37327073f0e4a8..7b1a76b21044e4d8074e0d8a4b4f4c9430f0691e 100644 GIT binary patch literal 965 zcmV;$13LU4iwFP!00000|D{z;kJ~m7z57@AmUM#v9DXyv9t>jz3MhJMz+((bq7osy z(pL6v+kf97MXe;Sfug7nmS#Bf=5Zc1{CKxN|M1V@ynhYjxf}W~d%3^+Wq0|*cl|4M zq{y$}pxF86acExZa0W;Hr%#SK;bb{2PfzMZwt2Q$wrRP_=2PMd4zc*Afb!w#`SQ0@ zIbY38h|{Y;;!F-S<+N&wojdN^VcgF#r!lmTYix+*X=L&5q>~M6u53zN!A1HT@-lOp zn|q$sE4S$dIeo^7^nj+hd!+P5j7bGLNP*Gsp|qB^!ND4nFl|H^YHi@-kP0Y3;%cy z$K$d{d0vb!G2c;f$W0S#R(K}fu>xd8*Q}^SR&-%S#ls|Ya>oLc`)U}+;m^=~c>0Nf zU;WRJRvl%&?Rx*{!1%7g|A)NnT-?1$=@>>3^FBsUg4jR8*j-LtaVip+?= zVD_oIgfRg;q#c?Y1RO{QdM*#CJft!&U4N1M1OCT=&ntTZ?~^b!Y`KE}I=&#PNEJnw z%&Ga&!D}*c!I$!?2)ce6ef(7PzcqckaQQVhWk z)91tT3`y&;6w|k*W5O|&d&gMp9b?719gL-P4C6&PNyqpN=@^@(!{xPfh?fx9E$OIn zj9y7sTy+%#K5uMPEba4D4KICje!sfW;Fh*DwV&!MZKSVY$bxAgNg>%(7{ zx4}i0!3E3Ypv&Z7n~}@&wBh9~XOX{eo`*4BN@?YkuF2hI?(kb%FwXa?32WV9BnMgcF8Kz?8v(P=V&Uu0j)d(8`28 zfCYjH#%ilDfeM@&LMjeiS0E}crDQd!TP}@KUhFBcU@T}0%7U~YEN~0V0^O0y)I`=& zc&K>Q(1u8@DU}MRv0zf}skBsB$}L5H)Kb`0p2@1NTCJEdt*%<>S)j7fwQfZlAf>2H n3O5ba(AK&lg47kO8s7-Xblqsf3Dqe@Z&LmNj`(0-$_W4fEr{^p literal 939 zcmV;c162GUiwFP!00000|D{z+kJ~m7zWZ0`mUe>z9KKm#4}!4*4HUh!;4uazQHhXU zX)AlT?Z5Akq9VyLP!#pS)Vzn^M-G2@C@x?8Yq%8eVY>9=@N*%HhaV5uKYTyDQ%9=& z2@a}*f1SqmtqB)!)PMZwm=jK(X7jvKC$h}5%(6^Rn`k}u=50~5xU-@N`--UI$ z+YF06awk_RPIK@=y~r}pGTVY9=D-{Hb_H}sOXqmKqGeXr0ej7C(DLY;@#Xb7TtgeT z>5u1M$04ly_YYBf>4(qgGY$xj|1|skHogRhDNgSRA9B_H&>(lX(lkKV*$#1Jx>gF9U8!OQQBQs|RhX=t?*q$2AlXwXd7m?ez9NIh z5@-ynEe;G)IJ(j5G;_x29nKgmoS}Kk8RknF;2vjGIYw?ct8Q>ahb?E0ng-H7&-M5= zw3qL#JJfGTU8$ooQMRnRB=Uy3WxB01X$XH^zl|TVjvrX>KV9!X+YL^hX9hprQ&#zW z@mv(2mSj1n$L_G39{k?$;F}{Nkz@YtfQWK=GX7f@bw5j0ZeJeQJ%TYSj$YwZ9F6z1 z)pq2kM|G=^(Pcp*pK6h1nPrvbeS!a#sfxeD!Aosa=$Pt);@$`?h|!#S?X_sR*M+pg za?32WV9BADgcF7)V9MaVuR(L&)S(SLXk|hHV1ZzOvDzvO=t$QXBUIhVhWoY^H9?tS zs4*ZE6qHyn7PJLrL0S+NxCLf`9!PB(A{!|@)VywKOQhD6O2vF9n3M&TmI_O`rPv>} z6b`j#vTo{5D`rfmv8rc*%2qeJ6J3B5qIMzNv{Xaa=$Z)9)U0lOD goto BB2 | True -> goto BB1 end @@ -610,32 +612,43 @@ module Knapsack_Knapsack01Dyn var max_weight : usize = max_weight; var best_value : Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global); var _7 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _8 : usize; + var _10 : usize; var _11 : usize; var i : usize; var _19 : (); + var _20 : bool; var _22 : usize; var it : Knapsack_Item_Type.t_item name; var _25 : Knapsack_Item_Type.t_item name; var w : usize; + var _35 : bool; var _38 : usize; + var _39 : bool; var _42 : usize; var _44 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); var _49 : usize; var _51 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _55 : usize; var _57 : usize; var _59 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _62 : usize; var _66 : borrowed usize; var _67 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _68 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _69 : borrowed (Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global)); + var _70 : usize; var result : Alloc_Vec_Vec_Type.t_vec (Knapsack_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global); var _80 : usize; var left_weight : usize; var j : usize; + var _88 : bool; var it1 : Knapsack_Item_Type.t_item name; var _91 : Knapsack_Item_Type.t_item name; + var _94 : bool; var _96 : usize; var _98 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _100 : usize; var _104 : usize; var _106 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); var _110 : (); @@ -644,21 +657,25 @@ module Knapsack_Knapsack01Dyn goto BB0 } BB0 { - [#"../knapsack.rs" 49 30 49 53] _7 <- ([#"../knapsack.rs" 49 30 49 53] from_elem0 ([#"../knapsack.rs" 49 35 49 36] [#"../knapsack.rs" 49 35 49 36] (0 : usize)) ([#"../knapsack.rs" 49 38 49 52] ([#"../knapsack.rs" 49 38 49 48] max_weight) + ([#"../knapsack.rs" 49 51 49 52] [#"../knapsack.rs" 49 51 49 52] (1 : usize)))); + [#"../knapsack.rs" 49 38 49 52] _8 <- ([#"../knapsack.rs" 49 38 49 52] max_weight + (1 : usize)); + [#"../knapsack.rs" 49 30 49 53] _7 <- ([#"../knapsack.rs" 49 30 49 53] from_elem0 (0 : usize) _8); + _8 <- any usize; goto BB1 } BB1 { - [#"../knapsack.rs" 49 55 49 66] _11 <- ([#"../knapsack.rs" 49 55 49 66] len0 ([#"../knapsack.rs" 49 55 49 60] items)); + [#"../knapsack.rs" 49 55 49 66] _11 <- ([#"../knapsack.rs" 49 55 49 66] len0 items); goto BB2 } BB2 { - [#"../knapsack.rs" 49 25 49 71] best_value <- ([#"../knapsack.rs" 49 25 49 71] from_elem1 _7 ([#"../knapsack.rs" 49 55 49 70] _11 + ([#"../knapsack.rs" 49 69 49 70] [#"../knapsack.rs" 49 69 49 70] (1 : usize)))); - _7 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + [#"../knapsack.rs" 49 55 49 70] _10 <- ([#"../knapsack.rs" 49 55 49 70] _11 + (1 : usize)); _11 <- any usize; + [#"../knapsack.rs" 49 25 49 71] best_value <- ([#"../knapsack.rs" 49 25 49 71] from_elem1 _7 _10); + _7 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + _10 <- any usize; goto BB3 } BB3 { - [#"../knapsack.rs" 50 16 50 17] i <- ([#"../knapsack.rs" 50 16 50 17] [#"../knapsack.rs" 50 16 50 17] (0 : usize)); + [#"../knapsack.rs" 50 16 50 17] i <- ([#"../knapsack.rs" 50 16 50 17] (0 : usize)); goto BB4 } BB4 { @@ -681,24 +698,26 @@ module Knapsack_Knapsack01Dyn goto BB9 } BB9 { - [#"../knapsack.rs" 59 14 59 25] _22 <- ([#"../knapsack.rs" 59 14 59 25] len0 ([#"../knapsack.rs" 59 14 59 19] items)); + [#"../knapsack.rs" 59 14 59 25] _22 <- ([#"../knapsack.rs" 59 14 59 25] len0 items); goto BB10 } BB10 { - switch ([#"../knapsack.rs" 59 10 59 25] ([#"../knapsack.rs" 59 10 59 11] i) < _22) + [#"../knapsack.rs" 59 10 59 25] _20 <- ([#"../knapsack.rs" 59 10 59 25] i < _22); + _22 <- any usize; + switch (_20) | False -> goto BB34 | True -> goto BB11 end } BB11 { - [#"../knapsack.rs" 60 23 60 26] _25 <- ([#"../knapsack.rs" 60 23 60 26] index0 ([#"../knapsack.rs" 60 18 60 23] items) ([#"../knapsack.rs" 60 24 60 25] i)); + [#"../knapsack.rs" 60 23 60 26] _25 <- ([#"../knapsack.rs" 60 23 60 26] index0 items i); goto BB12 } BB12 { [#"../knapsack.rs" 60 17 60 26] it <- ([#"../knapsack.rs" 60 17 60 26] _25); assert { [@expl:type invariant] inv1 _25 }; assume { resolve2 _25 }; - [#"../knapsack.rs" 64 20 64 21] w <- ([#"../knapsack.rs" 64 20 64 21] [#"../knapsack.rs" 64 20 64 21] (0 : usize)); + [#"../knapsack.rs" 64 20 64 21] w <- ([#"../knapsack.rs" 64 20 64 21] (0 : usize)); goto BB13 } BB13 { @@ -725,23 +744,25 @@ module Knapsack_Knapsack01Dyn goto BB19 } BB19 { - switch ([#"../knapsack.rs" 76 14 76 29] ([#"../knapsack.rs" 76 14 76 15] w) <= ([#"../knapsack.rs" 76 19 76 29] max_weight)) + [#"../knapsack.rs" 76 14 76 29] _35 <- ([#"../knapsack.rs" 76 14 76 29] w <= max_weight); + switch (_35) | False -> goto BB33 | True -> goto BB20 end } BB20 { - switch ([#"../knapsack.rs" 77 38 77 51] ([#"../knapsack.rs" 77 38 77 47] Knapsack_Item_Type.item_weight it) > ([#"../knapsack.rs" 77 50 77 51] w)) + [#"../knapsack.rs" 77 38 77 51] _39 <- ([#"../knapsack.rs" 77 38 77 51] Knapsack_Item_Type.item_weight it > w); + switch (_39) | False -> goto BB24 | True -> goto BB21 end } BB21 { - [#"../knapsack.rs" 78 26 78 29] _44 <- ([#"../knapsack.rs" 78 26 78 29] index1 ([#"../knapsack.rs" 78 16 78 26] best_value) ([#"../knapsack.rs" 78 27 78 28] i)); + [#"../knapsack.rs" 78 26 78 29] _44 <- ([#"../knapsack.rs" 78 26 78 29] index1 best_value i); goto BB22 } BB22 { - [#"../knapsack.rs" 78 29 78 32] _42 <- ([#"../knapsack.rs" 78 29 78 32] index2 ([#"../knapsack.rs" 78 16 78 29] _44) ([#"../knapsack.rs" 78 30 78 31] w)); + [#"../knapsack.rs" 78 29 78 32] _42 <- ([#"../knapsack.rs" 78 29 78 32] index2 _44 w); goto BB23 } BB23 { @@ -749,23 +770,27 @@ module Knapsack_Knapsack01Dyn goto BB30 } BB24 { - [#"../knapsack.rs" 80 30 80 33] _51 <- ([#"../knapsack.rs" 80 30 80 33] index1 ([#"../knapsack.rs" 80 20 80 30] best_value) ([#"../knapsack.rs" 80 31 80 32] i)); + [#"../knapsack.rs" 80 30 80 33] _51 <- ([#"../knapsack.rs" 80 30 80 33] index1 best_value i); goto BB25 } BB25 { - [#"../knapsack.rs" 80 33 80 36] _49 <- ([#"../knapsack.rs" 80 33 80 36] index2 ([#"../knapsack.rs" 80 20 80 33] _51) ([#"../knapsack.rs" 80 34 80 35] w)); + [#"../knapsack.rs" 80 33 80 36] _49 <- ([#"../knapsack.rs" 80 33 80 36] index2 _51 w); goto BB26 } BB26 { - [#"../knapsack.rs" 80 48 80 51] _59 <- ([#"../knapsack.rs" 80 48 80 51] index1 ([#"../knapsack.rs" 80 38 80 48] best_value) ([#"../knapsack.rs" 80 49 80 50] i)); + [#"../knapsack.rs" 80 48 80 51] _59 <- ([#"../knapsack.rs" 80 48 80 51] index1 best_value i); goto BB27 } BB27 { - [#"../knapsack.rs" 80 51 80 66] _57 <- ([#"../knapsack.rs" 80 51 80 66] index2 ([#"../knapsack.rs" 80 38 80 51] _59) ([#"../knapsack.rs" 80 52 80 65] ([#"../knapsack.rs" 80 52 80 53] w) - ([#"../knapsack.rs" 80 56 80 65] Knapsack_Item_Type.item_weight it))); + [#"../knapsack.rs" 80 52 80 65] _62 <- ([#"../knapsack.rs" 80 52 80 65] w - Knapsack_Item_Type.item_weight it); + [#"../knapsack.rs" 80 51 80 66] _57 <- ([#"../knapsack.rs" 80 51 80 66] index2 _59 _62); + _62 <- any usize; goto BB28 } BB28 { - [#"../knapsack.rs" 80 16 80 78] _38 <- ([#"../knapsack.rs" 80 16 80 78] max0 ([#"../knapsack.rs" 80 20 80 36] _49) ([#"../knapsack.rs" 80 38 80 77] ([#"../knapsack.rs" 80 38 80 66] _57) + ([#"../knapsack.rs" 80 69 80 77] Knapsack_Item_Type.item_value it))); + [#"../knapsack.rs" 80 38 80 77] _55 <- ([#"../knapsack.rs" 80 38 80 77] _57 + Knapsack_Item_Type.item_value it); + [#"../knapsack.rs" 80 16 80 78] _38 <- ([#"../knapsack.rs" 80 16 80 78] max0 _49 _55); + _55 <- any usize; goto BB29 } BB29 { @@ -774,35 +799,37 @@ module Knapsack_Knapsack01Dyn BB30 { [#"../knapsack.rs" 77 12 77 22] _69 <- Borrow.borrow_mut best_value; [#"../knapsack.rs" 77 12 77 22] best_value <- ^ _69; - [#"../knapsack.rs" 77 22 77 29] _68 <- ([#"../knapsack.rs" 77 22 77 29] index_mut0 _69 ([#"../knapsack.rs" 77 23 77 28] ([#"../knapsack.rs" 77 23 77 24] i) + ([#"../knapsack.rs" 77 27 77 28] [#"../knapsack.rs" 77 27 77 28] (1 : usize)))); + [#"../knapsack.rs" 77 23 77 28] _70 <- ([#"../knapsack.rs" 77 23 77 28] i + (1 : usize)); + [#"../knapsack.rs" 77 22 77 29] _68 <- ([#"../knapsack.rs" 77 22 77 29] index_mut0 _69 _70); _69 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global)); + _70 <- any usize; goto BB31 } BB31 { [#"../knapsack.rs" 77 12 77 29] _67 <- Borrow.borrow_final ( * _68) (Borrow.get_id _68); [#"../knapsack.rs" 77 12 77 29] _68 <- { _68 with current = ( ^ _67) ; }; - [#"../knapsack.rs" 77 29 77 32] _66 <- ([#"../knapsack.rs" 77 29 77 32] index_mut1 _67 ([#"../knapsack.rs" 77 30 77 31] w)); + [#"../knapsack.rs" 77 29 77 32] _66 <- ([#"../knapsack.rs" 77 29 77 32] index_mut1 _67 w); _67 <- any borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); goto BB32 } BB32 { [#"../knapsack.rs" 77 12 81 13] _66 <- { _66 with current = ([#"../knapsack.rs" 77 12 81 13] _38) ; }; - [#"../knapsack.rs" 77 12 81 13] _38 <- any usize; + _38 <- any usize; assume { resolve3 _66 }; assume { resolve4 _68 }; - [#"../knapsack.rs" 82 12 82 18] w <- ([#"../knapsack.rs" 82 12 82 18] w + ([#"../knapsack.rs" 82 17 82 18] [#"../knapsack.rs" 82 17 82 18] (1 : usize))); + [#"../knapsack.rs" 82 12 82 18] w <- ([#"../knapsack.rs" 82 12 82 18] w + (1 : usize)); [#"../knapsack.rs" 82 12 82 18] _19 <- ([#"../knapsack.rs" 82 12 82 18] ()); goto BB18 } BB33 { assert { [@expl:type invariant] inv1 it }; assume { resolve2 it }; - [#"../knapsack.rs" 84 8 84 14] i <- ([#"../knapsack.rs" 84 8 84 14] i + ([#"../knapsack.rs" 84 13 84 14] [#"../knapsack.rs" 84 13 84 14] (1 : usize))); + [#"../knapsack.rs" 84 8 84 14] i <- ([#"../knapsack.rs" 84 8 84 14] i + (1 : usize)); [#"../knapsack.rs" 84 8 84 14] _19 <- ([#"../knapsack.rs" 84 8 84 14] ()); goto BB8 } BB34 { - [#"../knapsack.rs" 87 40 87 51] _80 <- ([#"../knapsack.rs" 87 40 87 51] len0 ([#"../knapsack.rs" 87 40 87 45] items)); + [#"../knapsack.rs" 87 40 87 51] _80 <- ([#"../knapsack.rs" 87 40 87 51] len0 items); goto BB35 } BB35 { @@ -812,7 +839,7 @@ module Knapsack_Knapsack01Dyn } BB36 { [#"../knapsack.rs" 88 26 88 36] left_weight <- ([#"../knapsack.rs" 88 26 88 36] max_weight); - [#"../knapsack.rs" 90 16 90 27] j <- ([#"../knapsack.rs" 90 16 90 27] len0 ([#"../knapsack.rs" 90 16 90 21] items)); + [#"../knapsack.rs" 90 16 90 27] j <- ([#"../knapsack.rs" 90 16 90 27] len0 items); goto BB37 } BB37 { @@ -824,37 +851,41 @@ module Knapsack_Knapsack01Dyn goto BB39 } BB39 { - switch ([#"../knapsack.rs" 93 10 93 15] ([#"../knapsack.rs" 93 10 93 11] [#"../knapsack.rs" 93 10 93 11] (0 : usize)) < ([#"../knapsack.rs" 93 14 93 15] j)) + [#"../knapsack.rs" 93 10 93 15] _88 <- ([#"../knapsack.rs" 93 10 93 15] (0 : usize) < j); + switch (_88) | False -> goto BB50 | True -> goto BB40 end } BB40 { - [#"../knapsack.rs" 94 8 94 14] j <- ([#"../knapsack.rs" 94 8 94 14] j - ([#"../knapsack.rs" 94 13 94 14] [#"../knapsack.rs" 94 13 94 14] (1 : usize))); - [#"../knapsack.rs" 95 23 95 26] _91 <- ([#"../knapsack.rs" 95 23 95 26] index0 ([#"../knapsack.rs" 95 18 95 23] items) ([#"../knapsack.rs" 95 24 95 25] j)); + [#"../knapsack.rs" 94 8 94 14] j <- ([#"../knapsack.rs" 94 8 94 14] j - (1 : usize)); + [#"../knapsack.rs" 95 23 95 26] _91 <- ([#"../knapsack.rs" 95 23 95 26] index0 items j); goto BB41 } BB41 { [#"../knapsack.rs" 95 17 95 26] it1 <- ([#"../knapsack.rs" 95 17 95 26] _91); assert { [@expl:type invariant] inv1 _91 }; assume { resolve2 _91 }; - [#"../knapsack.rs" 96 21 96 28] _98 <- ([#"../knapsack.rs" 96 21 96 28] index1 ([#"../knapsack.rs" 96 11 96 21] best_value) ([#"../knapsack.rs" 96 22 96 27] ([#"../knapsack.rs" 96 22 96 23] j) + ([#"../knapsack.rs" 96 26 96 27] [#"../knapsack.rs" 96 26 96 27] (1 : usize)))); + [#"../knapsack.rs" 96 22 96 27] _100 <- ([#"../knapsack.rs" 96 22 96 27] j + (1 : usize)); + [#"../knapsack.rs" 96 21 96 28] _98 <- ([#"../knapsack.rs" 96 21 96 28] index1 best_value _100); + _100 <- any usize; goto BB42 } BB42 { - [#"../knapsack.rs" 96 28 96 41] _96 <- ([#"../knapsack.rs" 96 28 96 41] index2 ([#"../knapsack.rs" 96 11 96 28] _98) ([#"../knapsack.rs" 96 29 96 40] left_weight)); + [#"../knapsack.rs" 96 28 96 41] _96 <- ([#"../knapsack.rs" 96 28 96 41] index2 _98 left_weight); goto BB43 } BB43 { - [#"../knapsack.rs" 96 55 96 58] _106 <- ([#"../knapsack.rs" 96 55 96 58] index1 ([#"../knapsack.rs" 96 45 96 55] best_value) ([#"../knapsack.rs" 96 56 96 57] j)); + [#"../knapsack.rs" 96 55 96 58] _106 <- ([#"../knapsack.rs" 96 55 96 58] index1 best_value j); goto BB44 } BB44 { - [#"../knapsack.rs" 96 58 96 71] _104 <- ([#"../knapsack.rs" 96 58 96 71] index2 ([#"../knapsack.rs" 96 45 96 58] _106) ([#"../knapsack.rs" 96 59 96 70] left_weight)); + [#"../knapsack.rs" 96 58 96 71] _104 <- ([#"../knapsack.rs" 96 58 96 71] index2 _106 left_weight); goto BB45 } BB45 { - switch ([#"../knapsack.rs" 96 11 96 71] ([#"../knapsack.rs" 96 11 96 41] _96) <> ([#"../knapsack.rs" 96 45 96 71] _104)) + [#"../knapsack.rs" 96 11 96 71] _94 <- ([#"../knapsack.rs" 96 11 96 71] _96 <> _104); + switch (_94) | False -> goto BB48 | True -> goto BB46 end @@ -863,14 +894,14 @@ module Knapsack_Knapsack01Dyn [#"../knapsack.rs" 97 12 97 18] _111 <- Borrow.borrow_mut result; [#"../knapsack.rs" 97 12 97 18] result <- ^ _111; assume { inv2 ( ^ _111) }; - [#"../knapsack.rs" 97 12 97 27] _110 <- ([#"../knapsack.rs" 97 12 97 27] push0 _111 ([#"../knapsack.rs" 97 24 97 26] it1)); + [#"../knapsack.rs" 97 12 97 27] _110 <- ([#"../knapsack.rs" 97 12 97 27] push0 _111 it1); _111 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (Knapsack_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global)); goto BB47 } BB47 { assert { [@expl:type invariant] inv1 it1 }; assume { resolve2 it1 }; - [#"../knapsack.rs" 98 12 98 36] left_weight <- ([#"../knapsack.rs" 98 12 98 36] left_weight - ([#"../knapsack.rs" 98 27 98 36] Knapsack_Item_Type.item_weight it1)); + [#"../knapsack.rs" 98 12 98 36] left_weight <- ([#"../knapsack.rs" 98 12 98 36] left_weight - Knapsack_Item_Type.item_weight it1); [#"../knapsack.rs" 96 72 99 9] _19 <- ([#"../knapsack.rs" 96 72 99 9] ()); goto BB49 } @@ -888,7 +919,7 @@ module Knapsack_Knapsack01Dyn assert { [@expl:type invariant] inv0 items }; assume { resolve1 items }; [#"../knapsack.rs" 102 4 102 10] _0 <- ([#"../knapsack.rs" 102 4 102 10] result); - [#"../knapsack.rs" 102 4 102 10] result <- any Alloc_Vec_Vec_Type.t_vec (Knapsack_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global); + result <- any Alloc_Vec_Vec_Type.t_vec (Knapsack_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global); goto BB51 } BB51 { diff --git a/creusot/tests/should_succeed/knapsack/why3session.xml b/creusot/tests/should_succeed/knapsack/why3session.xml index 7ba3a17b69..098364b3b7 100644 --- a/creusot/tests/should_succeed/knapsack/why3session.xml +++ b/creusot/tests/should_succeed/knapsack/why3session.xml @@ -8,7 +8,7 @@ - + @@ -54,267 +54,267 @@ - + - + + - - + + + - - - + + - - + + - - - + + - - + + - - + + + - - + + - - + - - + + - - + + - + - + - + - + + - - + - - + - + - - + + - + + - + - - + + - + + - - + + - + - + + - - + + + - + + - - - + + - - - + + + - - + + - - + + - - + + - - + + + - - + + - - + + + - - + + - - - + + - - + + - - + + + - - + + - - + + - - + + - + + - + - - - + + - - + + + - - + + + - - + - + + - - - + + - - + + - - + + + - - + - - + + - + - - + + - - + + - - + + - + + - + + - - + - + - - + - + - - + - - - + + - + - - + + - + - - + + - + - - + - - - + + - - - + + - - + + - - + + - + - - + diff --git a/creusot/tests/should_succeed/knapsack/why3shapes.gz b/creusot/tests/should_succeed/knapsack/why3shapes.gz index 0dd9b5ce0c21626965ba360a8f8088ade8cc33d9..cf84daa5a187fd2734e8115ce0e81e1750dd965d 100644 GIT binary patch literal 5324 zcmV;-6f^4|iwFP!00000|Lt8{Zyh(1e%G(i+w3L?z^dYP5e*;&7Fxh!pBDWXf!9Qd zV`VKRn)&xzB)eOu&qY=g+mVhluq>X_#j5&>#k#QR%zu1!di$gQHQ%28p5NbI-@N;; zQ+@i?f1da=e|K|r{qAl=|BL_E{6WkExcttajmTeI__w#Yjluu#``_|N=lqGTrw8>b z|E>RxCu#YQ&ST>Pyt%kI8NWL%H}6kb&dJ^X`RjMTi&0#h__GK$OVYvw1b7NhcC zk9uRezrM@AT>b9fvWy=xbMxPf7~#B5)ls}@1I2@hm;dLaf1h}tuYdUQZgb{Hz7sN@ zC@#*gyEe@6+cW<58-BhmeV0ik9-V)i-~Dj+<2-kC{CjjGP9O2VJMm>z%~n|}QPqmf z#cXpim5bTovTrVk?a3hOY!JKCKWvxF|LHcl+$RdRCE>%OPD=`=t?9RC6RBsnd;9k0 z{_2;Tl;27gG-<%=49ymHhos2{J;KGzR98vUSdFxdI^Vp2Ah-D4%FcuhrcEIRenubR4U}no>d6+GYpmx}rU7E(0jkSR0@dBC&%wZ9% zfZY)RW|yeR;0?bRjmL}CV8q30>MP5mVg zIpqV@Cc#4(czC`o6TYyBi3yycEVreAM*Rt8%`R98P^rwpuMt>%x!KM#mTSlbG&(%uJ1VM)cJdT z-d~v+`jxFz8>s8U5nb$9-2>f>%yndv=^pZ#zXEv7EC&t1^Q!i1pd4fO6YUKQKIGfG zY55jy#1<^EK{b+K^{6F{3eyjpx^o``!mtJb8O_^Xn<|_wTR$yE`6T z-<|Y4cn#HMub;r9>9NPR4=ncqJ2ZhGh0{pT%=ux}XCuSK4Enn5L=Io`W}F_}-?s<% z_q*zC_#H=?C!@Wt%zhDjSFS&O7UPjbG}#s6^=oxI%5 z)yLjo@zYbc(31%_MeYex8yr879`~|@{h{y5+O_@TX7k6QCZgHoY@wUCzvq=#o!tHV z*Zh!%79x1a*KFG>E+}qp?^YE>Wn9H>ru1*t@^>=&Pq>d{nJ+5Ap|at3;-@E`4cApa zNbIj%uY;hEIA-2W!wDSDBzsGdpKxC#BK8q29H5h|)Y0omSeu`nZ>Y`NK=naJth(*! z#5|mIz_rV)SeRuRt*AC6e{eeg=q?%N;evj9DYme0z-$>NPVS1+_-s4U zbs~TJ?k27u+5VuhUVOWKInc}%wg|2>uF zTup6d;MzPsmO-y!l|c^>GiNnt&^oF{?V|^?_wVncnEN+uP3wN>pQI^hB0pAtp<92U zpWa{Si|u|Dp4V`EvVN3N*^$iQR;E7f9fUdDL73h_*xgpfPOS_p|IPgLK0en9Uq1-o z<$J^++k_uO-bn6g@|dt&%&jobCUMVg?mkrq{;_rlK7EJa<_>v=E%0-=?Q`_{m@Wf< z-e+)>FiNp`ARwVhlH#CUWINqt!Y3RENa&WjBDHQaS6T5M_Mb&hGq+0MRhfFQ1H0bs z9ItU7NzXjgG7o*e&Co=Cqbg*sc8ipNHF#^+uQ`Ke+tT9&guKdhL~4M+3NOm>-?% zuM{l(vVv8+e7{?*tNGO7e%<-+CG}U*Ee&!V{sE=jgHrBbGkX6>qqltkqw$Z--LOKP zxr5Ekhc6mecGyqMKV~sRAMSsLrObib6RgwS>>b_Bo^DGi7hCq>V+$c zajkLqP^Hj_o>e1E>|aoI&@_4xbwRhy=couakA|+;gza2s;(oJno2kZ(WvF_Cuhew7 zve{O{(|1v4Vh*2}9N56qISD`P=N+5k>FI%`i+9UWiC7<%?AyxSL#87VHpqNL0_!7^ zLm_xN7^x$@$kb1hsUOa#c$uzbw*glg^O4BbnaF{FGM$LDkzI7KPt(Cp2PEXq|4e3` zxwJEf&FJ|39J4kZ$cTNl;^tYs+1jA4vuXF4mSMdCA(n#mD!;wG|1rPM;=uInIJc;_ zKMc0Vd!J3pY#yKO7g%jFG@#XrRe_J2=ne>sgR5O=055mo^P2s?#?U46m%88WitceA$&-%ZK4LTU z%=Y8cGzqZXB&?37@R{dR_?geAwhtSmdSX!_`<(!$UxA*DqBws)R28Gr%RS^)k}cow z-$nI4+vP_7=lP?O4~Oxip7JsemYd5=W46xp`HNN3WhMtQ0W*5DpZ~rWKBH0lUia|V z^Gs|+^$InAXXKmqqK5~gqBs41wP_cu4Xt1CjGDPrRi@GU?GAspLWhk7jt1VG&zE6g zGt*YU>r6Wu(aF#1NV{ob9d2gYx-#obTWh{X-Zax@k*LiFBx>Es&)P^mNL;cPc zQUa7!O61_I1dCFWK7~P?I3W^($qALuRul-vr<@TAc?bngZT```tFcP#)g_4nqN(s)pm`;gxqJeNA7)T80K894smMRn+7>9)oCsS4)4VEG# z8&aK;8AuPLKDOX&3W-2229sTg3eYAG5CRIBA&Dj!2Pp<}1KCfYfwek{XfP}Glmdxe zK%+{^P>Io^s|J^>0eng&Jj;dXxo8tc6qN~$(pD?YKB+>XY6ccB=@aXrArO0=2k&E+ zR%Ay>CJ}SMU@W9l=>};B$=c{aszJ(6uT#=R2uC?5siXs$jdMkcB6IOE5LKNN4hjY( zKD%;MjI*Q)+eZi=!Gev>^12CIP z&Q6zRLJgCaS~M-)U!kZqLW3?ABioO)=Jq~$8G;vD$SB+t4zwDy95f9YKd*klBOzyy zAX`=uXq~Z?HS&^c85jNRpm~D+>lAf1t6+mILE1pxo0PIZodLDt0(y?ChX24|#Gu^^ zP&#XHPUxs8N)#fd%&PJxLZ8t|R21h=>$=|R zMXDZUG#nh*$SDDmPEy9~xd=js&gXJ!p^CI(FpPm`nZf9n2ZM`pRlL?7v-MI+OJqo< z#I+Q!NQtLb4weRsuK|p8z$KW8MdTW%EjQAEN)qTTuZU2!BC&d~>IGxSya+)$Hoqu{ zmh*OCBnDjKLQ_Df@yFW1nimd(%iqG?KUbxh^Q7lK%mV3P3FpuI9mD+ zP`qxC#OOk_#ut;NRXIu^2oZt2NHL@i5|02VfRXhGFewp*2VPyN$tP(oudJsIlo<%- zAn5f16)JKo9X(3oJnp4O44xuMpSV9sY6_`GftCC5h+I926u48dHUZc71i~2aqzHa0 z#f}B8QcCc8O5~kML2{2~Jf`fV#lqzdb{}R=qW;#eAF!-P*vKnt0312)A-w0#AsZ_^ zulEG_$UvjQtfb(!yO0XNv8e+^05JT$#Ln&-EJ`)xk$%SG#TKutF_Ej zdl9I!>-09iey(}R9gh)`WGAP{#T9~2Hkn{^kv0oqGtGOvvZ;J3qhmFM(1x2G4s|I- zVP!DNGUmX2HwQZ}WH*HTLX5$if%m_yeS`>EJ3)dQK~4e?taKY&!ydmel6KkWVv8hG zsO0)uRe;e!QH%j|?eU@Vs|>#sqbO^gOQd8HK3k8`g7ut9oG$^A%BP%1c^*$>zAqO> zN!%<8^!&FgTHAtz$s|bV1*tT{kgouWM8~O|+YI(gO_u*yEx8I$!f3+WTPv0TEaI2UUiXv=-7fas#iC{rw65r*I}Y0G`Aaj_frC21T8 zb>>D}mngWB(-u*B!+A}4q-;_P-z*APV*AZ9Ux3=)nF50KV~>DX&*-!aXsO29P+y3)o00aLP~`AY-yFX|%Pls0e_?LQNS&FC2}Q&T>dkIzmvufu6GB zSg6Qxtci#n&3s1!cpIq7O22Se#+UkbP6?ANSN|^A7(%V~V$lXkHdw3zunrBEdj+7P z&>W$n0Odeu6@9z*BZA;<#8HbnC|cbV0g0~!okO7uZzL@+g5g$NP+cn@IDvSJq6IWn zf0$=O%3N7PU==}D#_}b@lZCuaPK%uC9X=9*>%|x)J8I_c!?p@j@l=Jc8D`4dVuJJ0 zb8DG>;;LHesFd>}0S48Jt%{*K=j+BQY~+qXfG_0g1upL*m1IihK@MO#R^E+JLyS_# zg4-xn&(MSuQbG~V^CBC^O*6NXPDAOqYy9a+quy4lpzX03z!ry?N{zii<%AhZE-`Sk z6r|1?Cj;O*5^Fdn8xR>N%5$};>TOh_EUfUZD4C@o-`)uTD+sJ1=n9`+BTSo%VTioD zdBv0R&J_`D%7(jOX(V)*M*-E85QD7ucT0w3z+2*O&FSbgKQU_VfsO=jPO4~BEoKE3 zQx3?@h%ac6n?TzS1G(`B?)-sU|5pyTD94os$Lh!}n6e=e#i*q%+KE7R+OO`IAd`|# zWT&lj2waAM7bT~lEm!?c#oSjIjtzFm_2x5IAocy7H&I#@xC=srlmsQWL}tU&4IT?@ z0^ZOv$Am^}uN5IB<0xv!-Gg#!6{(L4dg8n*yag+{-);Ba1;=ZH$X{_yVs;|;alscM z%Mj5COgeFCRfq$6LdD&FeZ$)i?@fixOpH7>_)wEqL|-7V+bfb7xP|5-ECc5=*{`9P z%E=t72}qkP64z(ZlEIqK>N&s6f;%#wOXwz0$8H7{UDkqA87T4;G_QX&7P!K;)hT;lsgnk(U0@0|KfgkmX;tbENdx!lpDlHz<|0lbT%L?tC! z^k_^Dt5WE7Lrp#e=Ty)-Wi7b?4VDdYq&+CSpkqcX6qfjvjsQ>Uccv-BE z*`!$SGqt^3e=1b<+Tohaxr=uw_#lnv&6|REnrq#9elApZDg$1-dc zVms`Y3(;7iGN`Paq2Lr+se-Hj6wg_t;(M3on1@rZ8D_Fl7IxKIb4C7;yi!sCgj_r( z*^eLGQ9#XHOerr!4vB-ZN3XO@2+ngM4yb#*?d-9@6-ANa5QN&4qMT5raGjVFM5%d` zw(1E*{b4DB#R!%oSdd^zqKc}r+-o<3;~2%eRyY}m%V!c~xY4k&L~gfy&%r3{mtcxi zZ=nfeK)6gvnw+u{uEgS`x7NrxS$!eqV0G9hT((w$EGZe{dQ?L!w%*ag_Af<|*&y>l zW`s~bvmmIFSQK+Z;f~!*k&_)zv22kNK_{-*>;Ffq&@zG%DJ*vcklB6Vwn|u1;9VB7 zGDd02JHuWwfNM3Mj>~D50|6lZrOmOq!FHQQLPEri*RU z`}w~Oc#@0*pX+}>$x5HW8!0_HlwPq1a+IGOul``QAR_#2zKugSh>2o|l*yEO={3uM e5o;MNQG(xlMFgv`zwNkb$NvXP6Sd;jfB*nbe}ugN literal 5103 zcmVMBg%#L9m0>{ce!l%Zxhwl2YCJZWc=^b zdiCK{7@b`IZ@7H-Nsa3DN%;HO$Vr`FHdfrkj5>TjnyuO4^18ge_!Qp!UcxU$n1vrk zOz^5rHA(%{2U-R*ukiO-!D-@6x%}nV>+P8%g^5tqPU`im%SjvI_~V&e{Xy>UO25mb z5syB+Der!{{&krb#_2`wT$fu8?mAR9>xMA&>b-5 zE=@7j1V>K9Y zV>R&vv6@7Sw=%*JX+)O&+(Jgb(!7hry^zEAt1ImXA9BiDs%?VXFmQW+SI9v>-=>HDwL^N=;YW_#$5Y{w{x%71@e)+lrmYh4M@J zaC#+Kp$g-+!dtXg_e||xnAFMp4<%i_%a_-ZRNC~tE*~!Jg8ZrxZDDTrM)YYy>NjKy zEI+|wA-m01;R4`3n;b+h^P28!lyHD%Z%_!ae7v5QZqXHXFsUt~k(8+3z>&J0utZ%o zq0?IvIxjJ-{P_NUuX|9zlQ&ma?@xt)_;4BCUCZe5`ee$0m(ZN`@)10`9(%m{z)Bx5 zLl^j2IE@6|nh&eK7#UtKpfCF#l)$xY!}-R|O}}w-b634Br<3^dXtbA&*;}=D<)*t& zVmuO!gohYUcY7ccqB~F)d-SS7Xg5|^ZqV!3i-GRlTt7bDB;Rc!TVIVo@8h4#t>E!~ z1>27G1XIA5Sw+}g#-}JI#TRcal3bV+;lqmXq=;PYN{3aHM%;?> zEubCD1fQr!9}zOaJV-1|b)Nv!NOrq-jbsn+wsv=Na(mdx?d0U{?rwAQZWHBy zSnl4Wr&{6rTLH3s_ZVcC@N>u;$v;k>5Kb2JE6j^Y{8Qu4mr4?!Ylq~KiGO737Iv9<2brJO;tE$r*h?y3c4LHT zxWE6^_Q0{LD0D4r{#ZZnMbhPVDYQbgmU?-&>Au80Bs=Zud*NL^dEOEJ%dnC?m(c%$Cc_QSQ7 zq&7F`)lLGT$H(h7wcWqsS99cVqwP$g_hpJkw3ewKpR^{K!o<9qGiMv!n{g*EXk=#{ z`jy?NYhOK_-5b%_G;$l6?r}2RycidZlXS6(-$?flNtbZch|Z=_d+0WcZ^OsP2lYp4 zsIyh@`gw^rtCMQjmsqz7$wsl##ZPSd^Rvy68r>#!Uz9f=Z+?jw2B$=YWu{hnBC zeVLL7c1xnwi4#8Y$O*slk<;$^0qaK=1U#KYvtENJ0w?ak%iXoZWhmw6hks8+H6f$8#PHU|pRa07SO^5!78 zdnv;OD6>H~j~@rG6F(M=5VvoDXP9&0e`hI_NynE@zwUK^hzG)HmMbfS3JjW*hRCg>>-U-i@z0XA9|#@ zFV^mP%qu3|kdAt(6GrTZ1Dor-U)YGQzqqMsv}(ODa$&VFqdv48qjo>tf|pMd_CC0~ z7-Q=b?kzbapi6r@7ga z;dZmvFt4M;X!JyW)<--~R5ILd^_s!g0c|8dkx!c8twelCB246GeWY$Bs?ETt+3F73=2sK7%;Qn(T_yC6YhhPn9ed>J z{5~#@7Gx#mySTvX^G)b!-aEf^=w2;@&Fyyhb9o>j-s8;HoZnibedvJge2&qt>~U&m z_d2z++cT#D%GLA5&)e{WRX=##W=#T(`PDWVz>{D5viJD?d*56A<`WRx3&+?KoG2CxH|0rUVo z01bcxzyNCSgB$E%27RI|6<=*2qb!4Qxl*>Qsn+O&Px+KYCmIL`f`LTrXOZfGLZ#@z zdaOPw&P9s_u~x<8qdp}&kQqpSZo$P?QjvU$w)mJdpvwUuMpRrNt1cJ^Rs;Eg+!xTm zIg?bfSTq%?ki`WI>Z~nQaUS%|;4B)zmsBE%Tu4DGJY`kYh0to_j5gwvI#z0C5b;c3 zSPuh{#OnftkP16hJY~)*m59+g$fxWFb_0txW?(%qe|epl^UCR`7#j0Wf z1i{9PQFextikVW=&$z+Jck|b2Nf8Rx6jODgskVp}KoSYEgqGl! zp!(M&0JtUAx*luo^IQs-iHt;% zn1bu^&Xi<{vMNTA_C2>b9vpQf_*`LVsb!T;D(9G!RPh+S(KcYPK8HjT46{mpPCsKj z-l8l+VpmybWMyhpz7_?_DI@Jp3!0t>PlLz7!{F86WVRceeSTorW$`a5FssSHS=_2P z@RUr<5@=27VD$0e0jd5VRja*o7^=!i%6N9ADk&Y%m^q^z6C`rg7nQP!|z@0wa~sF~>yGX;t8=$dM#gmPJb{;vDfnsbfF`&@dDvjs#dhRxC<- zidsqUgDTyIydwd`AtnUoU^7W{P}!CeeQ@5Fpe@){%sUcH)h8>hNn{e(sQR0bIoki1PhN5n)1?`DKX`hiz(M4K!<%^wGS-&L6L1)1# zVM}|15|>RAcJxb^`ArYT~@Ds(M@jN12k|UH8Y&troP$c;$Z=~TU;&cv) zIxZ0AfNee=BSx!l9VV%9y$dHY9vRJhaaw ztV9nGMSyyKcy_pKdlXoFLg_!8cj&Tp5Q9degHdWa-4Mype;yY$SDX*+4K9dQT4Sh) zy`WQ-RAx&PHh;AEYD^_X7bzQEeKN#Gr5v>sGqRGQKQRH3f6N$*Y%dHs1u4%;hD^%q z#28F;$}f!v3o{mO+{VI>8$;nJ+5rnshNHwz;Mh272R*8Q;n3bWbf&$BWlIkIoe0qC z#o}k5vJR{rvzMBjNeXt^zB-U28v`uocrVxlE~1HC3@MXps2(^nw*x?HwN*a!w4<91 zgqv>e(D(_%mTk4L)WTE4i?j{5%Gj33Sdyv{xB|plv#t<*iE&daOY!k7+DBTw98gM> zB+ZdaN_is*Q4&2sUH}3N_VHW zEB9~IW{7At=AdmvmhI+j#+oHfMX$Z9X?8E+Ao?}C82Z*tCXpP2=i;(Yq=T0#J3vfg zK{D+fvHeYx`G4EBEh=?iz(kysi`hn#3Z~S4IUpNJh-H4075?gaRYz&~rC5uh^74%*qEeSW%^ zRNA?`V{43r9#xcMX?u_*jFUBf(w(2J{@!>B5vBbOioD{Oo!Gy%v{Go4QmSl7jO@MV2ujO_DAeB$6CV>!{@G&*=nDsCt&6Ch5G11ob|qC5 zG-?xVjs%X8P2J8RslAO@jil;QV)0QTsJPwqE+RNMCP-1dtW_UL_PwkX8C$^RNT~!T zDKqsa8LoZt{1cA?SFRS@E0*36vI_v5!IvaBB`mx4Yj6#Z@NoJl@v&lKqf#|nRRfvi zG%CngLTwM?riX4$IJH{mNHJCwjjom)R~1q<$|$Im+wZFtSMqf5=={;+^p3Lx#2_FE zLW$NeB#N9pVX?t(9+STStkqPB{03r7sV3 zbX6BLG5X|u%pt|B1o<)E?S93Hc3R*H4_w*Y~IA>7lzwb zlZ>&ISsDtHuvAL2vmHte#hPd-|6U???<8PFr42xlR+a-=YcY@_R0WHk{Jh~7Zr;8q z>`ciZ6mMhE*-Nf!6_;-3=B+ojb6j&T7Jo6?Fb8kN348^R4%Gz&mX2Fv_4YQdzg!zA zX(enS@@TMHmgdzMX)(~I(*B%6?~_moZ`FPZch%Ud7io(`g5803CXy*EX%7<-N+i$` zlJCDSiK=~x6s2FhJ+eZqK}+k*!5TxL+B+W_r3xaIjhpPj-;_-X*rbZ&3lqgMI_DfH z#zLn3J(_~ycE7l9#wH0^k;z2tLXK?Eb757b@lnZV>MuW`%s}P8IosIkNFr&@maJ5f zQOYTu+h3@$SR6ZS{z8pu`-0~UCHU-}D-2F5BkBJNr goto BB2 | True -> goto BB1 end @@ -1044,8 +1046,11 @@ module KnapsackFull_Knapsack01Dyn var max_weight : usize = max_weight; var best_value : Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global); var _10 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _11 : usize; + var _13 : usize; var _14 : usize; var iter : Core_Ops_Range_Range_Type.t_range usize; + var _18 : Core_Ops_Range_Range_Type.t_range usize; var _19 : usize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced : Snapshot.snap_ty (Seq.seq usize); @@ -1069,24 +1074,31 @@ module KnapsackFull_Knapsack01Dyn var _63 : Snapshot.snap_ty (Seq.seq usize); var w : usize; var _66 : usize; + var _67 : bool; var _70 : usize; var _72 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); var _77 : usize; var _79 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _83 : usize; var _85 : usize; var _87 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _90 : usize; var _94 : borrowed usize; var _95 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _96 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _97 : borrowed (Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global)); + var _98 : usize; var result : Alloc_Vec_Vec_Type.t_vec (KnapsackFull_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global); var _104 : usize; var left_weight : usize; var j : usize; + var _115 : bool; var it1 : KnapsackFull_Item_Type.t_item name; var _118 : KnapsackFull_Item_Type.t_item name; + var _121 : bool; var _123 : usize; var _125 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _127 : usize; var _131 : usize; var _133 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); var _137 : (); @@ -1095,26 +1107,32 @@ module KnapsackFull_Knapsack01Dyn goto BB0 } BB0 { - [#"../knapsack_full.rs" 86 30 86 53] _10 <- ([#"../knapsack_full.rs" 86 30 86 53] from_elem0 ([#"../knapsack_full.rs" 86 35 86 36] [#"../knapsack_full.rs" 86 35 86 36] (0 : usize)) ([#"../knapsack_full.rs" 86 38 86 52] ([#"../knapsack_full.rs" 86 38 86 48] max_weight) + ([#"../knapsack_full.rs" 86 51 86 52] [#"../knapsack_full.rs" 86 51 86 52] (1 : usize)))); + [#"../knapsack_full.rs" 86 38 86 52] _11 <- ([#"../knapsack_full.rs" 86 38 86 52] max_weight + (1 : usize)); + [#"../knapsack_full.rs" 86 30 86 53] _10 <- ([#"../knapsack_full.rs" 86 30 86 53] from_elem0 (0 : usize) _11); + _11 <- any usize; goto BB1 } BB1 { - [#"../knapsack_full.rs" 86 55 86 66] _14 <- ([#"../knapsack_full.rs" 86 55 86 66] len0 ([#"../knapsack_full.rs" 86 55 86 60] items)); + [#"../knapsack_full.rs" 86 55 86 66] _14 <- ([#"../knapsack_full.rs" 86 55 86 66] len0 items); goto BB2 } BB2 { - [#"../knapsack_full.rs" 86 25 86 71] best_value <- ([#"../knapsack_full.rs" 86 25 86 71] from_elem1 _10 ([#"../knapsack_full.rs" 86 55 86 70] _14 + ([#"../knapsack_full.rs" 86 69 86 70] [#"../knapsack_full.rs" 86 69 86 70] (1 : usize)))); - _10 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + [#"../knapsack_full.rs" 86 55 86 70] _13 <- ([#"../knapsack_full.rs" 86 55 86 70] _14 + (1 : usize)); _14 <- any usize; + [#"../knapsack_full.rs" 86 25 86 71] best_value <- ([#"../knapsack_full.rs" 86 25 86 71] from_elem1 _10 _13); + _10 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + _13 <- any usize; goto BB3 } BB3 { - [#"../knapsack_full.rs" 95 16 95 27] _19 <- ([#"../knapsack_full.rs" 95 16 95 27] len0 ([#"../knapsack_full.rs" 95 16 95 21] items)); + [#"../knapsack_full.rs" 95 16 95 27] _19 <- ([#"../knapsack_full.rs" 95 16 95 27] len0 items); goto BB4 } BB4 { - [#"../knapsack_full.rs" 88 4 88 55] iter <- ([#"../knapsack_full.rs" 88 4 88 55] into_iter0 ([#"../knapsack_full.rs" 95 13 95 27] Core_Ops_Range_Range_Type.C_Range ([#"../knapsack_full.rs" 95 13 95 14] [#"../knapsack_full.rs" 95 13 95 14] (0 : usize)) _19)); + [#"../knapsack_full.rs" 95 13 95 27] _18 <- ([#"../knapsack_full.rs" 95 13 95 27] Core_Ops_Range_Range_Type.C_Range (0 : usize) _19); _19 <- any usize; + [#"../knapsack_full.rs" 88 4 88 55] iter <- ([#"../knapsack_full.rs" 88 4 88 55] into_iter0 _18); + _18 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB5 } BB5 { @@ -1166,7 +1184,7 @@ module KnapsackFull_Knapsack01Dyn end } BB15 { - [#"../knapsack_full.rs" 119 49 119 60] _104 <- ([#"../knapsack_full.rs" 119 49 119 60] len0 ([#"../knapsack_full.rs" 119 49 119 54] items)); + [#"../knapsack_full.rs" 119 49 119 60] _104 <- ([#"../knapsack_full.rs" 119 49 119 60] len0 items); goto BB49 } BB16 { @@ -1183,16 +1201,16 @@ module KnapsackFull_Knapsack01Dyn } BB19 { [#"../knapsack_full.rs" 88 4 88 55] produced <- ([#"../knapsack_full.rs" 88 4 88 55] _37); - [#"../knapsack_full.rs" 88 4 88 55] _37 <- any Snapshot.snap_ty (Seq.seq usize); + _37 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); - [#"../knapsack_full.rs" 96 23 96 26] _41 <- ([#"../knapsack_full.rs" 96 23 96 26] index0 ([#"../knapsack_full.rs" 96 18 96 23] items) ([#"../knapsack_full.rs" 96 24 96 25] i)); + [#"../knapsack_full.rs" 96 23 96 26] _41 <- ([#"../knapsack_full.rs" 96 23 96 26] index0 items i); goto BB20 } BB20 { [#"../knapsack_full.rs" 96 17 96 26] it <- ([#"../knapsack_full.rs" 96 17 96 26] _41); assert { [@expl:type invariant] inv1 _41 }; assume { resolve1 _41 }; - [#"../knapsack_full.rs" 110 17 110 31] _45 <- ([#"../knapsack_full.rs" 110 17 110 31] new2 ([#"../knapsack_full.rs" 110 17 110 18] [#"../knapsack_full.rs" 110 17 110 18] (0 : usize)) ([#"../knapsack_full.rs" 110 21 110 31] max_weight)); + [#"../knapsack_full.rs" 110 17 110 31] _45 <- ([#"../knapsack_full.rs" 110 17 110 31] new2 (0 : usize) max_weight); goto BB21 } BB21 { @@ -1268,19 +1286,20 @@ module KnapsackFull_Knapsack01Dyn } BB36 { [#"../knapsack_full.rs" 98 8 98 59] produced1 <- ([#"../knapsack_full.rs" 98 8 98 59] _63); - [#"../knapsack_full.rs" 98 8 98 59] _63 <- any Snapshot.snap_ty (Seq.seq usize); + _63 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] w <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); - switch ([#"../knapsack_full.rs" 111 38 111 51] ([#"../knapsack_full.rs" 111 38 111 47] KnapsackFull_Item_Type.item_weight it) > ([#"../knapsack_full.rs" 111 50 111 51] w)) + [#"../knapsack_full.rs" 111 38 111 51] _67 <- ([#"../knapsack_full.rs" 111 38 111 51] KnapsackFull_Item_Type.item_weight it > w); + switch (_67) | False -> goto BB40 | True -> goto BB37 end } BB37 { - [#"../knapsack_full.rs" 112 26 112 29] _72 <- ([#"../knapsack_full.rs" 112 26 112 29] index1 ([#"../knapsack_full.rs" 112 16 112 26] best_value) ([#"../knapsack_full.rs" 112 27 112 28] i)); + [#"../knapsack_full.rs" 112 26 112 29] _72 <- ([#"../knapsack_full.rs" 112 26 112 29] index1 best_value i); goto BB38 } BB38 { - [#"../knapsack_full.rs" 112 29 112 32] _70 <- ([#"../knapsack_full.rs" 112 29 112 32] index2 ([#"../knapsack_full.rs" 112 16 112 29] _72) ([#"../knapsack_full.rs" 112 30 112 31] w)); + [#"../knapsack_full.rs" 112 29 112 32] _70 <- ([#"../knapsack_full.rs" 112 29 112 32] index2 _72 w); goto BB39 } BB39 { @@ -1288,23 +1307,27 @@ module KnapsackFull_Knapsack01Dyn goto BB46 } BB40 { - [#"../knapsack_full.rs" 114 30 114 33] _79 <- ([#"../knapsack_full.rs" 114 30 114 33] index1 ([#"../knapsack_full.rs" 114 20 114 30] best_value) ([#"../knapsack_full.rs" 114 31 114 32] i)); + [#"../knapsack_full.rs" 114 30 114 33] _79 <- ([#"../knapsack_full.rs" 114 30 114 33] index1 best_value i); goto BB41 } BB41 { - [#"../knapsack_full.rs" 114 33 114 36] _77 <- ([#"../knapsack_full.rs" 114 33 114 36] index2 ([#"../knapsack_full.rs" 114 20 114 33] _79) ([#"../knapsack_full.rs" 114 34 114 35] w)); + [#"../knapsack_full.rs" 114 33 114 36] _77 <- ([#"../knapsack_full.rs" 114 33 114 36] index2 _79 w); goto BB42 } BB42 { - [#"../knapsack_full.rs" 114 48 114 51] _87 <- ([#"../knapsack_full.rs" 114 48 114 51] index1 ([#"../knapsack_full.rs" 114 38 114 48] best_value) ([#"../knapsack_full.rs" 114 49 114 50] i)); + [#"../knapsack_full.rs" 114 48 114 51] _87 <- ([#"../knapsack_full.rs" 114 48 114 51] index1 best_value i); goto BB43 } BB43 { - [#"../knapsack_full.rs" 114 51 114 66] _85 <- ([#"../knapsack_full.rs" 114 51 114 66] index2 ([#"../knapsack_full.rs" 114 38 114 51] _87) ([#"../knapsack_full.rs" 114 52 114 65] ([#"../knapsack_full.rs" 114 52 114 53] w) - ([#"../knapsack_full.rs" 114 56 114 65] KnapsackFull_Item_Type.item_weight it))); + [#"../knapsack_full.rs" 114 52 114 65] _90 <- ([#"../knapsack_full.rs" 114 52 114 65] w - KnapsackFull_Item_Type.item_weight it); + [#"../knapsack_full.rs" 114 51 114 66] _85 <- ([#"../knapsack_full.rs" 114 51 114 66] index2 _87 _90); + _90 <- any usize; goto BB44 } BB44 { - [#"../knapsack_full.rs" 114 16 114 78] _66 <- ([#"../knapsack_full.rs" 114 16 114 78] max0 ([#"../knapsack_full.rs" 114 20 114 36] _77) ([#"../knapsack_full.rs" 114 38 114 77] ([#"../knapsack_full.rs" 114 38 114 66] _85) + ([#"../knapsack_full.rs" 114 69 114 77] KnapsackFull_Item_Type.item_value it))); + [#"../knapsack_full.rs" 114 38 114 77] _83 <- ([#"../knapsack_full.rs" 114 38 114 77] _85 + KnapsackFull_Item_Type.item_value it); + [#"../knapsack_full.rs" 114 16 114 78] _66 <- ([#"../knapsack_full.rs" 114 16 114 78] max0 _77 _83); + _83 <- any usize; goto BB45 } BB45 { @@ -1313,20 +1336,22 @@ module KnapsackFull_Knapsack01Dyn BB46 { [#"../knapsack_full.rs" 111 12 111 22] _97 <- Borrow.borrow_mut best_value; [#"../knapsack_full.rs" 111 12 111 22] best_value <- ^ _97; - [#"../knapsack_full.rs" 111 22 111 29] _96 <- ([#"../knapsack_full.rs" 111 22 111 29] index_mut0 _97 ([#"../knapsack_full.rs" 111 23 111 28] ([#"../knapsack_full.rs" 111 23 111 24] i) + ([#"../knapsack_full.rs" 111 27 111 28] [#"../knapsack_full.rs" 111 27 111 28] (1 : usize)))); + [#"../knapsack_full.rs" 111 23 111 28] _98 <- ([#"../knapsack_full.rs" 111 23 111 28] i + (1 : usize)); + [#"../knapsack_full.rs" 111 22 111 29] _96 <- ([#"../knapsack_full.rs" 111 22 111 29] index_mut0 _97 _98); _97 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global)); + _98 <- any usize; goto BB47 } BB47 { [#"../knapsack_full.rs" 111 12 111 29] _95 <- Borrow.borrow_final ( * _96) (Borrow.get_id _96); [#"../knapsack_full.rs" 111 12 111 29] _96 <- { _96 with current = ( ^ _95) ; }; - [#"../knapsack_full.rs" 111 29 111 32] _94 <- ([#"../knapsack_full.rs" 111 29 111 32] index_mut1 _95 ([#"../knapsack_full.rs" 111 30 111 31] w)); + [#"../knapsack_full.rs" 111 29 111 32] _94 <- ([#"../knapsack_full.rs" 111 29 111 32] index_mut1 _95 w); _95 <- any borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); goto BB48 } BB48 { [#"../knapsack_full.rs" 111 12 115 13] _94 <- { _94 with current = ([#"../knapsack_full.rs" 111 12 115 13] _66) ; }; - [#"../knapsack_full.rs" 111 12 115 13] _66 <- any usize; + _66 <- any usize; assume { resolve3 _94 }; assume { resolve4 _96 }; [#"../knapsack_full.rs" 110 32 116 9] _31 <- ([#"../knapsack_full.rs" 110 32 116 9] ()); @@ -1339,7 +1364,7 @@ module KnapsackFull_Knapsack01Dyn } BB50 { [#"../knapsack_full.rs" 120 26 120 36] left_weight <- ([#"../knapsack_full.rs" 120 26 120 36] max_weight); - [#"../knapsack_full.rs" 122 16 122 27] j <- ([#"../knapsack_full.rs" 122 16 122 27] len0 ([#"../knapsack_full.rs" 122 16 122 21] items)); + [#"../knapsack_full.rs" 122 16 122 27] j <- ([#"../knapsack_full.rs" 122 16 122 27] len0 items); goto BB51 } BB51 { @@ -1363,37 +1388,41 @@ module KnapsackFull_Knapsack01Dyn goto BB56 } BB56 { - switch ([#"../knapsack_full.rs" 140 10 140 15] ([#"../knapsack_full.rs" 140 10 140 11] [#"../knapsack_full.rs" 140 10 140 11] (0 : usize)) < ([#"../knapsack_full.rs" 140 14 140 15] j)) + [#"../knapsack_full.rs" 140 10 140 15] _115 <- ([#"../knapsack_full.rs" 140 10 140 15] (0 : usize) < j); + switch (_115) | False -> goto BB67 | True -> goto BB57 end } BB57 { - [#"../knapsack_full.rs" 141 8 141 14] j <- ([#"../knapsack_full.rs" 141 8 141 14] j - ([#"../knapsack_full.rs" 141 13 141 14] [#"../knapsack_full.rs" 141 13 141 14] (1 : usize))); - [#"../knapsack_full.rs" 142 23 142 26] _118 <- ([#"../knapsack_full.rs" 142 23 142 26] index0 ([#"../knapsack_full.rs" 142 18 142 23] items) ([#"../knapsack_full.rs" 142 24 142 25] j)); + [#"../knapsack_full.rs" 141 8 141 14] j <- ([#"../knapsack_full.rs" 141 8 141 14] j - (1 : usize)); + [#"../knapsack_full.rs" 142 23 142 26] _118 <- ([#"../knapsack_full.rs" 142 23 142 26] index0 items j); goto BB58 } BB58 { [#"../knapsack_full.rs" 142 17 142 26] it1 <- ([#"../knapsack_full.rs" 142 17 142 26] _118); assert { [@expl:type invariant] inv1 _118 }; assume { resolve1 _118 }; - [#"../knapsack_full.rs" 143 21 143 28] _125 <- ([#"../knapsack_full.rs" 143 21 143 28] index1 ([#"../knapsack_full.rs" 143 11 143 21] best_value) ([#"../knapsack_full.rs" 143 22 143 27] ([#"../knapsack_full.rs" 143 22 143 23] j) + ([#"../knapsack_full.rs" 143 26 143 27] [#"../knapsack_full.rs" 143 26 143 27] (1 : usize)))); + [#"../knapsack_full.rs" 143 22 143 27] _127 <- ([#"../knapsack_full.rs" 143 22 143 27] j + (1 : usize)); + [#"../knapsack_full.rs" 143 21 143 28] _125 <- ([#"../knapsack_full.rs" 143 21 143 28] index1 best_value _127); + _127 <- any usize; goto BB59 } BB59 { - [#"../knapsack_full.rs" 143 28 143 41] _123 <- ([#"../knapsack_full.rs" 143 28 143 41] index2 ([#"../knapsack_full.rs" 143 11 143 28] _125) ([#"../knapsack_full.rs" 143 29 143 40] left_weight)); + [#"../knapsack_full.rs" 143 28 143 41] _123 <- ([#"../knapsack_full.rs" 143 28 143 41] index2 _125 left_weight); goto BB60 } BB60 { - [#"../knapsack_full.rs" 143 55 143 58] _133 <- ([#"../knapsack_full.rs" 143 55 143 58] index1 ([#"../knapsack_full.rs" 143 45 143 55] best_value) ([#"../knapsack_full.rs" 143 56 143 57] j)); + [#"../knapsack_full.rs" 143 55 143 58] _133 <- ([#"../knapsack_full.rs" 143 55 143 58] index1 best_value j); goto BB61 } BB61 { - [#"../knapsack_full.rs" 143 58 143 71] _131 <- ([#"../knapsack_full.rs" 143 58 143 71] index2 ([#"../knapsack_full.rs" 143 45 143 58] _133) ([#"../knapsack_full.rs" 143 59 143 70] left_weight)); + [#"../knapsack_full.rs" 143 58 143 71] _131 <- ([#"../knapsack_full.rs" 143 58 143 71] index2 _133 left_weight); goto BB62 } BB62 { - switch ([#"../knapsack_full.rs" 143 11 143 71] ([#"../knapsack_full.rs" 143 11 143 41] _123) <> ([#"../knapsack_full.rs" 143 45 143 71] _131)) + [#"../knapsack_full.rs" 143 11 143 71] _121 <- ([#"../knapsack_full.rs" 143 11 143 71] _123 <> _131); + switch (_121) | False -> goto BB65 | True -> goto BB63 end @@ -1402,14 +1431,14 @@ module KnapsackFull_Knapsack01Dyn [#"../knapsack_full.rs" 144 12 144 18] _138 <- Borrow.borrow_mut result; [#"../knapsack_full.rs" 144 12 144 18] result <- ^ _138; assume { inv5 ( ^ _138) }; - [#"../knapsack_full.rs" 144 12 144 27] _137 <- ([#"../knapsack_full.rs" 144 12 144 27] push0 _138 ([#"../knapsack_full.rs" 144 24 144 26] it1)); + [#"../knapsack_full.rs" 144 12 144 27] _137 <- ([#"../knapsack_full.rs" 144 12 144 27] push0 _138 it1); _138 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (KnapsackFull_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global)); goto BB64 } BB64 { assert { [@expl:type invariant] inv1 it1 }; assume { resolve1 it1 }; - [#"../knapsack_full.rs" 145 12 145 36] left_weight <- ([#"../knapsack_full.rs" 145 12 145 36] left_weight - ([#"../knapsack_full.rs" 145 27 145 36] KnapsackFull_Item_Type.item_weight it1)); + [#"../knapsack_full.rs" 145 12 145 36] left_weight <- ([#"../knapsack_full.rs" 145 12 145 36] left_weight - KnapsackFull_Item_Type.item_weight it1); [#"../knapsack_full.rs" 143 72 146 9] _31 <- ([#"../knapsack_full.rs" 143 72 146 9] ()); goto BB66 } @@ -1427,7 +1456,7 @@ module KnapsackFull_Knapsack01Dyn assert { [@expl:type invariant] inv4 items }; assume { resolve6 items }; [#"../knapsack_full.rs" 149 4 149 10] _0 <- ([#"../knapsack_full.rs" 149 4 149 10] result); - [#"../knapsack_full.rs" 149 4 149 10] result <- any Alloc_Vec_Vec_Type.t_vec (KnapsackFull_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global); + result <- any Alloc_Vec_Vec_Type.t_vec (KnapsackFull_Item_Type.t_item name) (Alloc_Alloc_Global_Type.t_global); goto BB68 } BB68 { diff --git a/creusot/tests/should_succeed/knapsack_full/why3session.xml b/creusot/tests/should_succeed/knapsack_full/why3session.xml index 909372f228..d157d16530 100644 --- a/creusot/tests/should_succeed/knapsack_full/why3session.xml +++ b/creusot/tests/should_succeed/knapsack_full/why3session.xml @@ -10,7 +10,7 @@ - + @@ -55,333 +55,326 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - - + + - - + + - - + + - - + + - - + + - + - + - + - + - - + + - - + + - + - + - + - + - + - + - + - - + + - + - + - - + + - - + + - + - - + + - - + + - - + + - - + + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + + + + + - + - + - + - + - + - + - + - + - + - + - - + + - + - + - + - - + + - + - - + + - + - + - + - - + + - + - + - + - + - + - + - + - + - + - + - - - - - - - - - - - - + - + - + diff --git a/creusot/tests/should_succeed/knapsack_full/why3shapes.gz b/creusot/tests/should_succeed/knapsack_full/why3shapes.gz index 96abf9b3dc4592ecf332b2462638dd49b88f95b3..6c8e7012cf249cd29a64fb46d69e5129182a8f53 100644 GIT binary patch literal 8521 zcmV-PA-3KhiwFP!00000|LuKkZ{#+z?sxx+`F74p5P-#ZUSt+925a;H2j>F!Ui8Np ze9d}y#yx90ncaVXt4K*Lsax%~$H|NnC2>qiWW78^7OO}~{?G5;-2csg%J*-6&3E@V zyW9WuM!)&)zb^b+|FFBhxqaAj|Iz=ezhHd<-oNv2w;XR=`49KGmcjqOyI=BFT;i3u z=^oH6|D*o}8)^9;jmGE#{(5zFv3>WZ?C#zmpNofo`kUKd*_K^h_`e{T$ll)&Isg5r zmA`q&AFn^>o1g#o;D63Y1-Z*hY9J%~tFP@yB>y4b{`~N_EnHnTvT*5te7jY{eY%Wn ztMIq~VYrJGMi;zQn%w$t|NWLnc>g~WF7L-o_?!tJ6utkYm;U}@Qk7L5cw`fKu<7^$ z=JMbzk_S3@V7ULDh{KdPL^hG*SO4Lc+{74Q;Uie41nO-PV5`W^^-}z|{{aDS%w;ur zwV7-^U{rj-UPb0Y67@H44UyWO$5rL2=c4F(+ss8VB#Iu3QgP@dI?nI?gkcq%`WZ10 zbG~8$f)R${KL7LjF8|u~U7)_(cVn!FGVF0iQ_|4*z8glZBiBbwKonq78P!37YiHhz zHqh+)5ZlVFniCz34tzSRj$~Cwb}+iEBW_wzZw&!cwbJh=7SO!~t}br;9t5_vTek)5 zom)Ud{O{=_nl9#hhGV4ff9?O!2`L_2dbLV78#Qpx*Zn z2JN~h=s3oty1VGkI@=F@5lnA=-C+Xe>Z*+@MUINPIwe~8Lr*k zDf_|m@qP$%-m@1ydrLlj&RuP}JZjbM$((z;JLN71?yBc5d+usvS^t-%p*0XBlXR8e z(hc-uH=PR@=8yBuM#9;l+x5PPTN)PJc0H3iV)ebyeA*Nsf%V;%n?r!wlQ}@$UB2bb z)$(D)iQegP*MTEg2M#x+=v2>2nF#1Z1$0$FA5-8s5djB8M0E}VjuPn&HG~w^9W)Xi z1Dy{acAu|5?o$4shFFHiD^w)_4(e2mvEL3po%--l26Dz-871q>;K-YHWxG{F*=+St z*5o?7vfA3AEVphb3v_D31+VU{yFm2^*5vpG-elRUMXiDS(_C$LSf{Fu9c>UD%X*nC z%4rVKWQUb1T|<7eql@K1b?g^znTI52HRmA?>r@sv+6Ukid9tpI6$aP@xtPi><@~7; zK#?E(-NW^V-OuChDv`;BW4)^T$sQ{~jvW$fx!NysDG*oxlA#qr~yUFZVaU z=4;f8ToKJ)2kq6QJp%7P-R;sZG2a7?rSCD|G&Dp-*C+b|3*1 zzSeQ%_Rr@`7N_=ctrjWs*s{_}1A}U{Rl25XQzI($_-0(^a0;$f@X2%v?(R~nmZlED zwz55Trh`}6tE>0jOrYfZ?rDqB)ezGw*|($q@Z(Xx%Btq~5m@_&>h0ZZC-eB}+anm? z+@}05a%4AAHhNp-hDMZdDR+u{FDChaa?|ZDm9N9@m)mqd&Hu-OUEq!UbH01C`!(Mc zBut%aRQDQZ_2tHO-ihqu(_N0c+jR4Av%4h%M`t;tHB3QBmgkz=CbX>Df zVp&tqP|f`k3tq`n;4H#`?IIkgD;6ppjR$B(+DHLo#sdUySQXy!!5*nsF!^M`zQjb@^Iw(=NC!_(dUL%m7V?z%dy__qGO z-hD{^Hh&&&cC$#kS!a=p54+u`H`vnO-T2!FEZsbeW*ek=oA36-+T}o|r~Ccsq4uaP zE?UZPLxb_=jM{JaZhhRn7rOC+X^Gv75ZY>9`v-qi^1j#bt6t-q>S1mMrKbRQwLX8Y zwLX77ly%hE(2Jj~`3({K$d1~pJ$)A8t(IFYmI$|})n{vQs7en`TZho{I3#^7d37~| z?)V7%@%i|CH+b}Fr!Vj3@IoC9&hK$B?sCt70)7XR!rZ3Mky3B98d(f)G^y0GR4we# z`iz-c>#M8I!G7njg*@9uLSMgmWbi-rmvmo@o~C+@I$zgfy@|ijn7g~X-RGSCj{UPMj#(aYwlxR8TTa?L;roYov&e#X&$rsv-hGFKI*{#2a(ySX`{mv~w#Jc9Y*_)D04)l%O#ZBGP$-`sxTdorsgoYx~X!Gfhznp!Km0C zm%^~lR;Gr5hMgmXVe@SFF-tAY#zPN2X37}{G|&>66aD{qR58x+40|cc?++-yI4VoM z$+TTDgG}q5m^nV{&J79Y_a@V?26WaxDh2O*Q=P)i@hN;R1kK)~-1)J-bP}=|rTBES zPCV;z6i>TW_#OQX9OJ*xN8qV02cF<_V9Dux6C({C9coVl@`+!+T&_*nbV6rYBV5_*e>x+t+H9hL}%HvX_T{ zf6Du{f}xTgjrEru!Po4pK6lN|AGg=+tRZ{NzR}Toz0B}w1NEAnKSl@8P7lvLXkTY! zUOxuRQ4r1@k9!bK4#g1&lTkR2x|fEt3e$f0`6MWljoKb#ms4&%g zsD2^{=p))u<;m@{u{$^)V}?@@Sb84KLkBh?dSty}(tG8z20-gb@~TUcui4GE|Oro`AYv_u!0MeJci35gON7wuR&W|kj zb91cHKml5niAZ|71XoWW9Nf~i;YhVdDbaJ)$myZniNUAQ?u3ZhH`J4ABj%5{r~iq@ z-3;Xcgt=8_5R8;OS(A1;#9l=qo}eOCK3g9_n@s}t`iL$f;qAfugKi*ZyFh(?xM>ki zcTRUtqJQ2;IJIluJnZkcarELb%y-1yo;4-6s^`Ztt^Qf@Oee*+8Pjyay-Zxwfp~Uo zGXe2*d@}{{>%=&n3{Q-6dQi@db*7-4jCW?B%rcKYG5M+1>L#zz1&6Nuc24)FPSM+4 zoNaHg_N0#8VJ4|p3zOi)_bePqr1tMha}MvOYtQ_k!!@n=K1CagaXGk_!3j->?JlRz zZ1*f-mv~-256R21WyUJ*@6@Wh%HTWvJ(#w-Tk@cnk9gqACwlabDfk_~>?Q^(J!Mj% z`ft0Uxa=k}DxEz8QsqwUogBoFPY?s=YO4RXE2=>Zb@`NNgQ~x6wRU>mh4f)ibUBT( zF88t6-Acub9h75l+9$B!~Ea=g{ zSvd8G;?I+R+5V>4Ut_7_ZqCEqJjMRHx4%AN|9TKPl%= zXA>SLy+89ZZ+o^HRf%UYr=)7$>|n=y;Vel@Y@W;4oddi7VU(K9xJ>i5XGt+0HU}WM zwyrNsJ<9hi`r`wEbauql5qF~cXo=|N)C$qfWP#{-Revp^Umj|QN^TxnX&<%7er0C1 zF+IGpfK^ni3t|1s3Up^&{ouugTA{spFntpO$I$rghuNVIPVHtVGvVOg?*5_PY)5^d zYuR7y&t$@ID6`!ktOlclnftdBW+#kbZfh7wwKIiKk5T@P$I&Xw7dqK?@{q-`lWjHo zZU+JTgWAtK>GqqQiiDbQFK)25r|osqBOBwx%0zo5c$l|dWiQ=UL)R__J4(c;88+}cvcTdICS{rytLGfx=)R%b%_3ymCp{>b6uk@E~J`0vo4 zpCi_9)qVJvcOOchC>|f6)SaTR5kN`)%vz4JsY1-^N! z?9QkvJDgEf`yC}-#i?Q`JDgGN*2X5Qg`?Lc;Ox`9ysv-O{Q6=;`{m|WemZ$O>Ltwl zp#2P!XAaiiYPLlc9VLZ}-pRGZ@hw$a9D245y@l|8z{WlI#5!M^Pg=iiNhO@hDq%<~ zm3>lL31{b(a3ZlBzhiZne(-asFXoo~3Cb*Fd1nbg!{DId!3ddG7>|oD;cd?{0VbJd zDc9xG^^a#taw5;6a7wQ<8Pc`FW^wX4n%q<_Q8>GYHg* zM>obkFGD&%c;VO+nvV3RhI7R_;WRy*U~s%L{-^;3J3eMHd-c<*g%8j)b*NLcP5$%k z%J+8VkJ*(!C$M410-NWi6-eEgFA5bZh0|N+9h?1*`4gt;jy!D-FHg{-osAzS2Zs|h zzwDy+dHNupls;5}W(k2jGjWi80Dnf}AfFT`bTDa({l_Uo_fe|lciK#Qr)^*pET!f?F%Qe%z+y!6WZQxQ#4;=Mb9QA%PU6U(fjS?Gn zZOwGs_PBfM_H1j(4ieb2B(U8Mu5KirIW=FNp7k#e!i39F?6Grng}-X(w5uOa+Xp{8 zfN3+MzpwZE8*rFqH`c&T z#nfYtSQ8p8c3u>BUaBykXvWjsPi^{Gm|kxVPh&cJq{{d#rkkBqvOR}iVPB*;V4uRH z#P^^7mg|=fjy9jqMnCnF-toz*K0f-alVE%X<2XYa1NwBup3hIMYW*r!E7nyMr+Ol7 z6~(Dx6{X$8Uk9rwSgBh@aoYD)mqQTZr}nJXA);`!$$TdIsWo2uC`c3R*t3r7vKMj# z5b{*Dp2ttEV*T1!D-uq#H=@ZQ_9(UYp{Zi0xv2GrOIcwaZ_Dr}tdohM$qOyT*t%eA z&tI^$&t9;#_}}t^ZGBop3%k5vYukdYJy@`{XKX--XKq07-*p3Gwt{TWTtT*N1=%jI zAd4Xov;t$U=?6I3;c3yu&j;ay_w&}r&oOMBJ3_Qcjjaxjh+=)bExPZLaw^vk$FhYZ zqFBHG9w9q*K9uC>PIn;L?sx~5>g+oCa4D0=PRg8uqE|<=`PrDIZxK{+j`G+evoEsa zAgK-{N#zF8!da*>NT<$0O+bk^k^XK=T4`19Bi-2U60|G4#^?tT0RgX{F~+lvb;Twplq2$6+i zpsZ3X2WKT%F165aV8bqyHO6U^m=X+fw2ZmTvo;d{(cbbmaw9hUf|n>=6geczI1)11 zNg1>Q&VtokywMwVVIt=uNt{o)58U|#QLAJaHZf9!{Kjs~MM~DIWJ@SfSu2IHP`tt% zSSMb5jBh}1Ky5&7Kx}|-05-rj?n0PsSP77G48idbO^99<=Zs*!nDjHyk#cZNP27ZopiWteDcqYJj3On1U&`N(y^lNeB;rqhX`jM!Ai$ z8)Y_1e;qkfazQ#D&|k5li?_-ar=`Imn04~{jg}iNHkyBZQKe^5Cz(oeIqE2sOwmTP zu;w|k;z(2!Qk#v|8?C+xnUjkwiLAI0v1rb{Pl5@q9Onv>W3?Ng%=X(7+otHF0`v-w zx!|HMJmnlrwq83SQ|%RIW7sz*xpI;hmqX+p{YvpNG3%Mm$~lhHpYA$|5gWrd2EIiV zvWi(oXH^y=B(TOhVS+4*dFBn5q=L~Kqc%o<(~58@UBD?s1#J{_HgX+YDBjaoz7v$H zhV+S&IVJ2QacEo08|!yP#5#Z!AjgHWoIPQNh?(pp=c-;=Jv0u{;Zd(SZv% z^SkVVkHKeB%8J*gm%ynXZG$tI(h|U!kbFv7@no%%OjNz(>r~A!pBctc5+h#0A_p%y zV8*XqmIWt4Qq63v-dOcob#zP=3Bo3;m18)#BuuaKtI&uR#L^Nv-yeN#_y|)>o zBu|q92A}wYVL!vTpV2i&{tQEZMzKEz|A>LzIP=O>cOs#l41;Wo(TS0uu*3@XcE+Rw z*~KP684jj6z_85h9}$US9cU;vm4bPuV@ycQ=41q^g5}l@NTAk~_)+FpQ@=kvGAe+= z%ov@Y0YnEg=nx=<2$T!EkjNe2jD|n@&j=3>QUpyyNYa!pF>o=#M9HKV5yRsKkNq=4 z1n6HyvJjb-4EszpiWj4E#FR4^s6icYT1uhcs46w4)_-o;6hjcK#>tmkp;VD2qbJf* z6&;jUy1|C7p`~d|xfb>rdqgKW;;SFSwvn!FJGHGJA5OR`I zcQBe2%15DOn4?38g=2oBbwGc}j4a%V$fXjX8k8swpge#A0ZOz&d)8D_nD@?MvS5nL zskoA|7g+{|^Ri^6gBEpFe1-HZNTYEvMTYYYrlDZ7S3wC(#R6Vt?+R^E07?c*u2au^ zQ8+}Ww0DR@v5;h>en>sk7G;d8YZ)jXD80gWWG#~?FOnAEt-{GhXPvW=fh%7y5-=3LUF=MZ&MUD2PTU%(Rqw5g{tQsK%=TC>O29y=*?-kZ_eP`q!rywCKpK_#xZH%?<>Zc@OolS|If>w3;}sPGzs z5?i3~E4)t&2TaaVU^Kv!RzWypF+5NvOP{&1vcXHxt`I+ag~aCMjHf)aKnW3afxt4? z7%E^o>RJzm73MGO$(HeK69x;6bK`uJf?27g=2CzavB69~sIK8F%+FkuGEOF!Oo%Mv zf7}ShGUi)WWAqC?4UxnO^%p}8)_bN+Fd1AnI1@SnIntrp1Xim);a%Z=nLw^UQiiF( zyqAGnX+_c)b-2h%;F>iDf{+=4Tdi<^=|*ZYQhQTm^b!;=E=uk|f;5;yvkq>(LjHnN zB-1Qs1D4T|causouJEjc5yIpILnN}o{-OaOrY$lGmRVv3^-%#cZ(+3s7qrUImfS4r zN@oX9H#88oqiE2sHh7^05LFyH9PnCWnw~}E(T9v#yC}&+Zb7&sGf)d`Vi7)zFj$1a z$`>}vpV|}%Rno!%FFF`B3B9O?p`+wV7SB_zrl8TVn&bD`5|z?poP+;Fn~l;jKrSx$ z%tAEE@4b_Q)gHgYapA&~vce@BFdE8Wl29coNVzVF*SF}vkvaHkmfvv__ZX}?=94hG zcpWhHWq^UIp*I;Ung!={tc^Omb@H8W>S&NE%4i%j*7CqzF$qkunJ2@u@31o~ehZnY z$OxUcLb(z$@C-H-Q?&HTlt=+2;YUpwwZdkO4wysOn#J-4Oc;pkPhiS;3`*a zA93aG-0X1VjpHAv~NB)X0opJNsk9 zrGVw&t@H^qizJtJ?8 zZMv-H=rdA^VYD3>i!r32jKsjEWDrdAnn7_+KhS=YyIZlVJub>pii=t&?W_nYhk)sh z_ldJu+A6T7hI~bE!OKO<99LdRt8^*M;eV2uED}p0h`O@HvE_>5$rMF+2|;+SLh_sk zYjbwiaqeSrCZvWU5+X`Oif9qB71G6p40RgMOpzY*^CiSeJhv~IYGanm5KHW@!8)l;38uuWxTM&A@PXw6Xh{l zD;uH{4Pvpv{DlsJMNIH`j0W?>D1<9YXr(xm1hRYmAC+2>{_<}hp}Pg83Qs&0fsQ!D zBpfqbfp!8)>(EF7IdEjLqW&T~E5#cw49h}^sHH-9B2P}l!ETbqJrMq?nOv#PmFP$9ddoNT$FA`(bLQ5mVAfH*JU z53-SD6=Z}`aukzGwVLA#4xuC^d?`|-AUWjhS#pp$PR-0?*|voujg2(^rbRZCm!rU| zeSW9KC<9&^i?LC1S;j21S0<_;S#*G5675}ZT1Y`@S37;hJtmfX4Awyb%QS!z5N#^C zgv7KEot@-rtFLb>;hDoMuV`PKE5Y-OQJF%==P|ub-9Br@c(vEJU@x!eyG#PZ=By(9 z>F+3`jYTo#tqetVV~c)TuDIIno3WiM7}-Uml8rpX09IqzXPq$`(|n_#v)zz!>Xvb8 zvl?+V;%dYf{mdPNs8SYI(5uQBWZ;n}O1w;xCNv|W?34W0u+@&=mK}XE-q3+NRV;&S z>D-7)KIbB>_Piy~mVU4`Eoq>79QEUd%t;K8gCSER57d>TvfS|1lwaeN1_PI^PPVuZ z(RflQOdOo?Ae9rQnNqFhd>!Vb&zQudymU$R7QBEB5P)Kt7%`KX&v{nBx68J9<^40qqfi&Y_teb zs4zsllzTe1n)daW)+h{lC4Cqt2*-~pDm>?MvHI|5w9kGZ6-EWaP2je93Ze*gv<&Da6xBnLWDr?26IQI#nz6mCVqV; z7G6`Uf-$twSr(DBio$qw*Yr1Z zd3%+wns+tzD>rrFzL)~u2Cp(xiD|GFj1rJjGP*QVo7LQZ409_Jql?)E9NUnXGKqehV_i}AL~saTf4`m7A&eZDLhtfu_7O{u-- z$ri<&pqHSFMr;e?yg)9PE5~tuyqfcyH>WCAhp2;g*=7-P3OWcUx!1+g2%YD{t4Y6k zlg69_`dKbL2m?MzoFEa7WDUpQsySQ1=m%+|x~oaQd6Oo=JlF(02V0WNE`nx7<3P1K z7Mq$$#cI~qWmbiOugpv#Yk) zqi%_b=2Q_T0dh6d*Zh+e7?{eWMM&H`=Tfvdu9QvI6_MH^pg^crQ+;()1b3rF>JX5MD3qHgIivCV<4L<~u5J*FCDiaT6 zf^-BD5=coPsnv{Mcho8Fd??0xl}xc^DL6of@hh1H@PE2 zfgBx~cI^Uxur6Rsaw6l*UuSs+QYof!M&K+I7ac$PqPmcL?F)arzVQD6IpBp7-T?ss Dqq45@ literal 8611 zcmV;UAza=ciwFP!00000|LuKiZ`?St=y(5$d^_jNU;tL}eKA?U7#yPm9P9<|z37iI z_?-1_VrOknvit9Ek(AVuTHS7YoW!2d&N`+fvRE(HgDlDa`NNyLzqwE8?#<_Pdv|qn z{lDI*H$VK>nS1N*Z!WK{@3-hax_|W-tZ%@(EBAJbbff$W?q~NK-B#j1TCdRsTwI)O ze|eK{Zr>1~v-^L#tLx8f%P!8`U*2wcU=6p?*F->Q5^-Jz zh`|2a)p2EJ_aR;XdjB_??!tYzOQYsJsZ9|VfvCT+ z4J2s0IWFp)YL1GkxAhzqT~JYDR4N~OjF#tnH<_@aUG%I>z~}Sw11uQv(BGwhUf!n9 zo$f->-Cm8UAK|d$Gl_D`uSl8OI%$erA2kFCfk|f~hY+sHyhCk(+3675imjXj9jy*} zI_pkgWe0W;x~MB|+EHzFVN9h;y_-lt^%A%^yK*}wu&vqJEs%C@fduitr;lh}8({bN zyb}v{faGp(?5lvKYiI6k5UV8LgeHp=cxUO6yET$iUDfb|2&Vqzn^B zt>F&xn6M7)c-jK3*Q&ux^#VueiL+!>_p#(#Bqo^!EZdVAU%R{0=?BY){Srp(r|13j zrr7lP>~f1@QL5dO`RwiPbapY!F8kRa@Y zR**A;+V!>wO<5LbI?XJKSZyyfn>J+-r~Y<}dY?h<$(%vmUEE?bwK%Le-Wxr%9dkJA zn1i|yI;FEhE&$X%0jd(9mIzn|!eI{xuf~DHB9LBCLr780K?C6^lKJrA=F8>Bo0vYx zAy_Hv6)F(`dwnX!q_=}jFFHK5p%~+?O_=pgF7ZMii=TWsyn z=48}{3#{g?yCCw1sf*zo<}Q-GI7l@V`!pxp?)Rx=lcEi%Q(GMdOL*#iZnFJO6|OFJ zvx7_RfppRfdw32}jMaP&zTc-#L92aWoGg~CYg31TZM>M6I$ccZQv*OK-@DuU%MUld z7Gp4ZlCEQazr+mg>h3aq{B-~Cp>vIVsxHt~b<(%)`qxAlhY!EqU42fML{~9I#e40I zmy_|tc=ze{CjJ)E9h9~7BL$qgEK%O+WZ!^cVbU-&+|vCm@>L^1rUx+wULl*wjI{77 za@6Rj+o}DQ?{sg=`Dh?50#Q)q6dvj=H(f-`2fVoMZ>iyy>~D#8V?e40F$P{CtLcok zN7eR#>@ETmY#yKp*a}J)IN1y#<{^pz^4o$!`(1}VNU7smYxn5qa<7k|poF@!OEC{s z`swM>UT`SnR;a__VSPLsP|#IfEGGt&E963usJFr#3lq!p`H%wM^xy}VB=kbCDC}0U zE?gw)YWPBThB3C!DpKIF%%_-XYG)!hTs&zVV&%iyy*$*K3(`yXW&s z4!ZVnuNEm|Xjy56K|!_LN>x*}sSqVud_C^7?}BR=dNOsv-Q6;(rKv-(Eltlm-LY4i zi;H)iCy?S@_q4_6a){}r=*Ja(_<7N;vP$_~0M`Cj`t8hYhx7R9+XWt9UB~pVV#uz7 zXz;eu4ueX=k1WinVxvx51qJs?9_&W+^g*M~j7ChzJSzP% zwDi1Bx0fUe=6<>SKgDwr0yMG$Ubr`mxVgKZJuYBxyK$}gw*J1n`4HW8`ZCzo10H>Xr#Nna@Y6Ny1E~E8-jVAZg;@i2Wx>HPU&u;^7z zzhBManG_CA*Ekrf+!I&<-$0}=m+4cmR9huS5~CXpD|r~J7Ir9gf~QvM;-WLKKe$US zPBxLy_iq*%-248r+~=dGv0f9+m$g}M(k~L`&F$^YmlXfw<3H+X?()^O`%oUbzH3dG z%d@jzT)6r8=|j3tk=4$>T>kauI*ssc6W?83|4O}XuD42eV1K#%zc(M#mfF}L^47df zcQ+qCCsxsEXkiC-;`G=9&iz25Tj2lp;hy4>n!a|It$V)jW7I{H_xDrR{>dH3Q!W_W znuFgSPTD)<`-iu)2m`z4TV<+t-%_J4WOEc;uY_i|-P_03lye_NWS^`B5P>bxI*;O& zS?aeR?LR=w0!rtHxYV}Em7!K;({flfXOpdmDyImjvcD!6mAA`SXx7O}*Kkm?Q;^VX zp6xy)sYBj)(BLIe&SoG19RhPi|CghRagL|ib3uN$2l?5#a!8wWI~CJ3X+0Cu%U*Xb zNH|@abiW(WNq-Rw?6s-7aJ}rp=SURqJ<6RQ(xsy;n?VYX7wg2bE_3m?X@zfSZ(wQu z13ChaH97DIn*)c8&Wl)S@ZeH=93vmO+Tan(4VKs2cyCGL6V&?M48#LS9B0;H#_+}% zq*i4NKaDZ`F^s{UF*VZ+;}R6YZM@I&)AZ5aHp|~}smm~)l@5nCIX)|Tdgch*riBMP zQ}76;#hhKUgv(v~{@q&1eo(3iJU)z z#M1d>dU)BRTr0ZN9vh!szaJG<)}ZJF=gV8-VWaC zeeKny{i6$nuKjin_kBm`^-Y-Vd9n7SEZ&`ms8)J$9+p73!d;*yuKX9chje+`ZvXN_boG%?$EWQ|Bq&L-!*|algYe z>O8r9GVk{4MfFe>NUf*A+&5qopbPu&6YUjGS^!Ov#6{;lh_b8cjxo9$em+Y8_>)|~ z`NW}|4^iUz)BMx<*x#KG?hr?JYS$ZaUXKZGcIn-Wz_~r^0S%esGTwW!ZEp{j?MSb= zvydt25R}(VF1`$De>stb6lcn->p{- zKEbU&gy_<22euK239^}KL9NOKc^Vhw!`leBTfF0Sb_fyGOG8yWmXFi+@KBH3AIAsX z`~hjr%$@pb5y}IEKMnuG^4CrNidvQL`ZT`l$H-sx@>fUX-ydb^dX%M)@5T;zm`Cks zAJ{e;ShqWsEJv8`U-kMj+@{~|ZtgEX-QI*&Jd-}8kM54TT(Wkyx#L8C9(r(G+fO>B zBRlwLG~tgw?j03B40>0BFdus|8I_19O-}p3HG9CpstlwPl7+L&nidxx~{k*-A8+{SI4$suO>UN%U#{2=(oQv+Zq4W zeQWJ@TSdR$IXfpDD#)pe47J>^uN^OU#@+Yo$ZLmI2tF-Lr!_P#MxUL*V;MIqql3MB zloQmOt?~l8k^RN4L=J`;xpse$8jR}XcE#eef)AL>8U|3U#0zRw+c&HZs#88wq0!MZ z@1;Vcn&7s&tiEpcX@y5$tw;@OZhP>&t37RR|1F$T4vBwzLvwK2SG%Lyi@sX#rvvt) zJ7swSPj=PpB+4V)ne}^y*~&h^DYLa*gSVyo5%PCC2Tv^c`dTG=_)IGYPhUAWUO7+T z1%3m4ehOM&OMUS7t4~RvN;)>G7pz&-+XMR*T>{xyw47*7>jf#zy6F7P5AIU2N4Sq+ zL{~9b_XXNDJ&<&tiL*|=m7YUf$WAaoP&N(L#{ zdEfQyN(QAFN(M`_iyE+^Q_+%UC>iYbAtw9uqv~}yxwsPh{wMj@XIt9O=U?%7^0sIt z^t|qQ#*-&5*01Gli9}nH!h_byw#4ym>2z@EnYQ!}g!cn)>{APf@sK}hdfSppIF?ny zkXB0bsI(GJ&MVzy@7ixWZq%CE`HD4<|GkN zlBo~nx;Wkccp@f8@=R>oCdJ6}1BvEIQ%sT^UZ9mbUycp<%i;a;@slr;f|6OTsiwww zUQRQuqB%C!U1}T(Oj>iOFZr@pC(`v*gxp^rLC5L1*c~qRAzbXFzGbNc{pg{jr8G}Q z#OMK$)?7UI{&JWD`}I<%j~tObFM!ewpAp@QJ?KXcgqv|;)a*q+BM*FMgz$JmEW?&! znWttF1l{W26&+Lv#}A;pX?ADOkMPVL_;Lt)*eCN=ojlG5_I)y*cY*pmW8ja<7%D=u z96+3yD~LX3KOt8Tj|vSsHmMTskF$jCvp|R6D$?z(q64P^vn-*!RrE{lbo8nk_EJuG zzT@7__=97`9t;l_4mVF;CiRSwo|hxWw%|%@yg=pB0&ORf<2mKY7NSi_Fw}Wxq)O|U zZEK2AdcCcL-{=8Zeg2>oEq&g$mKkO=C(UR&L0oFqU@&)Mhq>)Tb7SrEwzYr_lb7ZR zvjaQXNu3|}+UI+2{(KZW+(7M6e%IjVrhbrT7rxv8pT;wFz%DkS=OrB3!LY8~tMx{^ zQ2l23aE-RL_YU07#!{zUv+93+{9}DE+~EtsU!5I~MaGjkv3=m;=G0j1w19u^JH~GL zee(zhoY~dFd+lPO%eYFJI!si@^fP>hU9%{h7*cG)`0mT!QhC{YdHCGHyzl+kvj3@% z7oT+)jO(G7CoJl&j(6Ptef?)$*}_?#IbJu9PeAl`U$7jEPR^1W?HOY z&!zT~som)kul(a?N`B_p~Z-bdKN zvDi+vXh#j&8t|Lb0 z)auik37W%4YNj2jnY|-5bHWiZf8r4_e$yl3*%_ZX@r=*3Gd^?pjE@g_yWx}~Prq2p z_Di@Aes7B&yqk|+t~A@uS40Kcu-;lbFT|tn1Pi+F_!hYBL(A;II|JKczlORTslnS0 zadiRP)!$L8rcRR&{W4rCWjw}-o*KpG#ft>&FglBK42&6CW|>92V-c2iW6^;(3dSrt z_DaEoML4hsFNSZ^?Y?=;cD1>c?1c`8CwYJ}*-<7+yHR$a2zN}`u>#x)Wn!RAv>^jJ zJAx+nk1T=msb*`ofG~CF<<7*TZ|!~%(U?Ve*#F*@l$Xoq=~`>Q6rNzS#Y*_{U>Gi2 z$Mb@q-nDBNC=*hu*MHvjAJ^{FoeTe9a2fx7eRk$hCrl{>L$pgLgwUE&U}n8CNr?Og zHtb9qt*z3LNzNbz!gv4oWVC@!#8+_IS3ng^3gCfQtD)d@X8V*-YDd6)JC4^ zfXJhuPywAs>mmdtqh>Tj3+~e!v(aZU8YiR4J_l)x;MzcTQVXXdW*5R6P#cgN5F6kd zzzx6#*v6g-=R;IJLbfS^U_6>=Fw-D~*>drQE7)+wHd1b+*hs#SxRJ1tY$NPOn2pdI zp*BKpgxCna5x5bs5p2WlhMNu7GFdNWkIY}m!HVPms1v+avm0qPQg5XCK6u7xy|B)ciDFr0 zXQati2@Omq6`gvc#76Or!tal&a4e`OVvaTi6}S{Jn7{>Bm;%eTph`$8y-{kTP#I%NUMJ%eEv;C!LT@yC zahOXhX!R!_(2-rqPDDl)P9APq zNQDF~H(I=CD$w{8a{|kV>q>**Nk>Wk1R|+^VwDQ@3J8$_V%A)GsVup%tUP96l?`4c z9h`Y%2yL@5Y@=;yX#LVDa*`CvSsu%}Fvzu!QA(#tF4U&UJ5jZNv zO~_p3#4XE`~Zz*l61X|o!`j>5t-58=yze-BI%M=TuG_=+bC>D+$wLveKBA<$?QYt%2 zttgaQ{#uE3(OI9R0|(wvtV011MdlQur(_`tU+h0H3hf!i_N=rix@Q#Lvl8DE{dQxC ze!a2kHIePLw3NJfFUiSKAWd--c|l2}bBBr2rxt$zr7)Dz(GQJc`j5ti;6O8{9a%2Q zHj(^{)q+K3WlB*=IdFj}E?Heo>)?;h6_A2yq;MJ|>{<#Vlu) zJv0ok{HB3rWEuMBWm!hXKtx4JRM8<0L3>JP5wvv5gK8`z)({LzbayO6{%2+zWj5ra zZPqDrn*?X1U&^EyOtuufxXLyH2Lun$jM%3C?5vXxxs}19<~*jH1Q->KLPcgjNyf`w z56~PylK{;EyliO_=`;~=_%pIhAvYq)%qUCGgv^df5sYwJ(sBh+*hh5I)a^H{Je=jl-Y21W%0fg=v2HTpm>?Zw z4AJoBC1`pOa%JTM`INTNOIpZ+3?e4xqZeoOqd3kf4H3%4ViKx6Gr6hH=3fTXALW z6HY^wBWjrpq@~Ix#Yta*k>k%orqB-5L9Xn5YGBG!vKB39rYIWah5{?5oa4?hh1eni z!VhGrC6X(99~l`i&8+u|GNTm0Xm69IoKrJb*e>G`8LTXRdZYlQwu#v6Jmk!SBeiA1 zCqsJ7wCWSnmCe6zBb^KBqy{K|idKn;6geo%BBQuh873;56%8mG0EFtw=BH(5M#)l5 zVvV&CJQoVGF*ysbB*nkB*<-u1`Z>=HIzM_mG8fE+l*_TEGl73u&0DbQTiY_ z^PbY{s^)|}5c(7a63dIa(@>%Uh>YhE#h;e_GLx^=I>!)&$9jS)C=j$+F&~0y)jUP( zR}p-*94AQ>Ng2(w^O!7UI-Kl0CFp@G9{tYp5EZKozEUwJPm*EaE|ThVNr@%}Hp)@9 z8KhEBH}7>3!77TcEQ%y;W-;gcpZaG+&Kk_3w#5H=rlxUDfA%1Ko=gGDJ%c9>~o=1|C=bRjLu6QW%LjcIVWaj z=-DS$79OtoV1hY;7?P)mB5{v*B4bg6hS4OTZJszF;pretJT#l8V z2Oqig$$F)Ni!OI8wKT%mm6gZqx4kImbmY^8K~2#XSe3}t+Z;f<7~X&_tRy-utohwD zx^o?~WDy;Ov(hCp5FUllE~M-!-4h+(#mf7yQLP_D)=Wv4CD??eio$6Yy~)&oj`yX! zm`J1bKtF{?W|ha+Du&mNGCfN0G$v*ehhUNiGU>u*hpv+c!C+;S9m!*r$=5m?XU;^- z%&D^TX92W#T6!4-`3V%V$)vy|da=;k$pj1Ct6aX?!Fu#o@L3TL&A`f1qB$yC{;;f)+GZjv@^a9{txOKc)(fe>* zDQo3c3rIqYv@Vt76jM8Aa?!A4v$29v0?nFY$(3WHB8-r%k(nElD1i3PDXSHya1ND; z+0-2w1OijcV*RaFzL5zFl(2ctk|I7S6&)rBo*8Kb^NI296D$aJ<=#T@s!Z924cb$# zYocP5?^5y*40GfKd_5RK8nANk;JOvrMnNl93y7St5KYp$d~Js%sXI$o#uoq;0)Z$n zR(3A#AYd{&`TFgN7?fbyF>Sms-UX(eZ0uZF`k3IGtYQj=!WS+jlbF4>JO@T*Qw5Ep zyp)IqN`Y4Z*0x&Nd*Y5Ps1z|-r?fO+Y<&a3+Xy_H5Nv%f9SgXX#ZR`eQX0*Hyt+~* z#K4W^9?)gv-eQdP(;sT(^6yU4z2dr*o>>{m`U;d;Vhs#<3e8RsTqMBASB^i!`;-}6 z=GJQNj6=$kI7<){4~|6$(KU{%?wdA9^B96kbFHlZ{YBY~8?A%&)&a>u3R3-GS)eQo zeNK(_1dFDsyw@w^pXnW9!xkdQ*c3JEPFyigQL5OhKfMS)NK2s;$GisFgcj!G1X zQ?Qt|mKYfmQF|$(@|1@|wr$gga7029Wr0P&q*!J14dQyTPUSOfNHkj^gS3%?PnWY3 zE-A!%W`T;}l}*f5M&D(d8C?+8l&!6eOnRA4=Gu9Fe0a{AuohAh?(@LGzl zY>>nnjD1SPIRCBa%&zCae4R4!vSz1)UuQnhTd1beFhUxEO+Q##75jEM|bRIK#7a=pwJ*7DJ*3i6GPkAVJgwQWH#~ z4T(4;>X67oT~?`GMfi>FsFNZ|@3XT;u;f#grMx<$$2&>%<^PP7H`L zO(NJ;j4xJ6> zKJ(x@KUrWAFr!ydzFbj;n4`p;bId*}sSUT8XX{N6l1JO^@R(JcuS1-M0vn%|b}We^ zShBG$dliIdLdn2(5$r0`S0YlT8Ldx;mZ@A`(uz!(Q2xF#$EYI05W!j+S587!k-l`1 z0$_BBOCGcV5^2bRTVoxQ*(qdx649<=eJx^j4MB&1WubB0lK?WAFLFT!0# z`&vXBkp=6>iGug&WoFt4<)ZamdEuff-}*vJgUgww#Z|PgN3`BY4jNPWyuHf7X0+Z@ z3}tosl1^^^wUp^vxr+DoiI+2H4U;iz7Lyh%3&w+Y;8cu4gm&6e#kz|4)r#1Fw_ZyT zSouqZmV#vzS&67p`2ceNhgDWFziKhZ=mH3mE6P~@aHq5(BoNu46IL^5KA2z;aY)py zVt$ok29p(V&M84kA~At62a>f4NqA~u5i_lL`k{G}rRkjMbD97DiM}sUWrMXG<$eR;uII&z6Q;sLgADIo=`|=T# z97A#@MCUZ)w!PuQ3rK>=2`DG1oWOE|%dyC~ELpzF_~pvj0|~*Ew^uEM2udVkg4Qxe zNpiNjlQFJxe%*3L52<{-pHUWQ1hP>69F{;Cq>f24J-iXS%KFvInnGY9lIA?CAXT8S zilQnjN+^{z$#e0I+EwnaUhYh5;u^ZdT`~aP3Tb#qf|(e&vT^=KZu`CyFFU8J0{jsa zKu629%M@&5w!(9WI)Tbrau<^1d#_}73Lt)`1t3Dnz%&IQa=C=207a-LZsD(r@@*{z zh>)ey(mN(a#*8v$?@SgtqAY)%?yD$DLBHT%6r~VRs3?k3NGY`N_Qnn`AN_m88#}A= zeB goto BB1 - | False -> switch (([#"../branch_borrow_2.rs" 13 10 13 11] [#"../branch_borrow_2.rs" 13 10 13 11] (3 : int32)) = 2) + | False -> switch ((3 : int32) = 2) | True -> goto BB2 | False -> goto BB12 end @@ -49,39 +50,40 @@ module BranchBorrow2_F goto BB5 } BB3 { - [#"../branch_borrow_2.rs" 23 12 23 18] z <- { z with current = ([#"../branch_borrow_2.rs" 23 12 23 18] [#"../branch_borrow_2.rs" 23 17 23 18] (8 : int32)) ; }; + [#"../branch_borrow_2.rs" 23 12 23 18] z <- { z with current = ([#"../branch_borrow_2.rs" 23 12 23 18] (8 : int32)) ; }; [#"../branch_borrow_2.rs" 24 16 24 17] _12 <- Borrow.borrow_final ( * z) (Borrow.get_id z); [#"../branch_borrow_2.rs" 24 16 24 17] z <- { z with current = ( ^ _12) ; }; [#"../branch_borrow_2.rs" 24 12 24 17] w <- ([#"../branch_borrow_2.rs" 24 12 24 17] _12); - [#"../branch_borrow_2.rs" 24 12 24 17] _12 <- any borrowed int32; + _12 <- any borrowed int32; [#"../branch_borrow_2.rs" 22 13 25 9] _8 <- ([#"../branch_borrow_2.rs" 22 13 25 9] ()); goto BB6 } BB4 { assume { resolve0 z }; assume { resolve0 y }; - [#"../branch_borrow_2.rs" 15 12 15 18] x <- { x with current = ([#"../branch_borrow_2.rs" 15 12 15 18] [#"../branch_borrow_2.rs" 15 17 15 18] (6 : int32)) ; }; - [#"../branch_borrow_2.rs" 16 12 16 17] w <- ([#"../branch_borrow_2.rs" 16 16 16 17] x); - [#"../branch_borrow_2.rs" 16 16 16 17] x <- any borrowed int32; + [#"../branch_borrow_2.rs" 15 12 15 18] x <- { x with current = ([#"../branch_borrow_2.rs" 15 12 15 18] (6 : int32)) ; }; + [#"../branch_borrow_2.rs" 16 12 16 17] w <- ([#"../branch_borrow_2.rs" 16 12 16 17] x); + x <- any borrowed int32; [#"../branch_borrow_2.rs" 14 13 17 9] _8 <- ([#"../branch_borrow_2.rs" 14 13 17 9] ()); goto BB6 } BB5 { assume { resolve0 z }; - [#"../branch_borrow_2.rs" 19 12 19 18] y <- { y with current = ([#"../branch_borrow_2.rs" 19 12 19 18] [#"../branch_borrow_2.rs" 19 17 19 18] (7 : int32)) ; }; + [#"../branch_borrow_2.rs" 19 12 19 18] y <- { y with current = ([#"../branch_borrow_2.rs" 19 12 19 18] (7 : int32)) ; }; [#"../branch_borrow_2.rs" 20 16 20 17] _11 <- Borrow.borrow_final ( * y) (Borrow.get_id y); [#"../branch_borrow_2.rs" 20 16 20 17] y <- { y with current = ( ^ _11) ; }; [#"../branch_borrow_2.rs" 20 12 20 17] w <- ([#"../branch_borrow_2.rs" 20 12 20 17] _11); - [#"../branch_borrow_2.rs" 20 12 20 17] _11 <- any borrowed int32; + _11 <- any borrowed int32; [#"../branch_borrow_2.rs" 18 13 21 9] _8 <- ([#"../branch_borrow_2.rs" 18 13 21 9] ()); goto BB6 } BB6 { - [#"../branch_borrow_2.rs" 28 4 28 10] w <- { w with current = ([#"../branch_borrow_2.rs" 28 4 28 10] [#"../branch_borrow_2.rs" 28 9 28 10] (5 : int32)) ; }; + [#"../branch_borrow_2.rs" 28 4 28 10] w <- { w with current = ([#"../branch_borrow_2.rs" 28 4 28 10] (5 : int32)) ; }; assume { resolve0 w }; assume { resolve0 z }; assume { resolve0 y }; - switch ([#"../branch_borrow_2.rs" 30 12 30 18] ([#"../branch_borrow_2.rs" 30 12 30 13] c) = ([#"../branch_borrow_2.rs" 30 17 30 18] [#"../branch_borrow_2.rs" 30 17 30 18] (5 : int32))) + [#"../branch_borrow_2.rs" 30 12 30 18] _14 <- ([#"../branch_borrow_2.rs" 30 12 30 18] c = (5 : int32)); + switch (_14) | False -> goto BB8 | True -> goto BB7 end @@ -149,6 +151,8 @@ module BranchBorrow2_G = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var a : (BranchBorrow2_MyInt_Type.t_myint, BranchBorrow2_MyInt_Type.t_myint); + var _2 : BranchBorrow2_MyInt_Type.t_myint; + var _3 : BranchBorrow2_MyInt_Type.t_myint; var b : borrowed (BranchBorrow2_MyInt_Type.t_myint, BranchBorrow2_MyInt_Type.t_myint); var c : borrowed (BranchBorrow2_MyInt_Type.t_myint); var d : borrowed (BranchBorrow2_MyInt_Type.t_myint); @@ -156,7 +160,11 @@ module BranchBorrow2_G goto BB0 } BB0 { - [#"../branch_borrow_2.rs" 36 16 36 37] a <- ([#"../branch_borrow_2.rs" 36 16 36 37] (([#"../branch_borrow_2.rs" 36 17 36 26] BranchBorrow2_MyInt_Type.C_MyInt ([#"../branch_borrow_2.rs" 36 23 36 25] [#"../branch_borrow_2.rs" 36 23 36 25] (10 : usize))), ([#"../branch_borrow_2.rs" 36 28 36 36] BranchBorrow2_MyInt_Type.C_MyInt ([#"../branch_borrow_2.rs" 36 34 36 35] [#"../branch_borrow_2.rs" 36 34 36 35] (5 : usize))))); + [#"../branch_borrow_2.rs" 36 17 36 26] _2 <- ([#"../branch_borrow_2.rs" 36 17 36 26] BranchBorrow2_MyInt_Type.C_MyInt (10 : usize)); + [#"../branch_borrow_2.rs" 36 28 36 36] _3 <- ([#"../branch_borrow_2.rs" 36 28 36 36] BranchBorrow2_MyInt_Type.C_MyInt (5 : usize)); + [#"../branch_borrow_2.rs" 36 16 36 37] a <- ([#"../branch_borrow_2.rs" 36 16 36 37] (_2, _3)); + _2 <- any BranchBorrow2_MyInt_Type.t_myint; + _3 <- any BranchBorrow2_MyInt_Type.t_myint; [#"../branch_borrow_2.rs" 37 12 37 18] b <- Borrow.borrow_mut a; [#"../branch_borrow_2.rs" 37 12 37 18] a <- ^ b; [#"../branch_borrow_2.rs" 39 12 39 20] c <- Borrow.borrow_final (let (_, a) = * b in a) (Borrow.inherit_id (Borrow.get_id b) 2); @@ -195,32 +203,32 @@ module BranchBorrow2_H goto BB0 } BB0 { - [#"../branch_borrow_2.rs" 46 16 46 18] a <- ([#"../branch_borrow_2.rs" 46 16 46 18] [#"../branch_borrow_2.rs" 46 16 46 18] (10 : int32)); - [#"../branch_borrow_2.rs" 47 16 47 18] b <- ([#"../branch_borrow_2.rs" 47 16 47 18] [#"../branch_borrow_2.rs" 47 16 47 18] (10 : int32)); + [#"../branch_borrow_2.rs" 46 16 46 18] a <- ([#"../branch_borrow_2.rs" 46 16 46 18] (10 : int32)); + [#"../branch_borrow_2.rs" 47 16 47 18] b <- ([#"../branch_borrow_2.rs" 47 16 47 18] (10 : int32)); [#"../branch_borrow_2.rs" 49 12 49 18] x <- Borrow.borrow_mut a; [#"../branch_borrow_2.rs" 49 12 49 18] a <- ^ x; [#"../branch_borrow_2.rs" 50 12 50 18] y <- Borrow.borrow_mut b; [#"../branch_borrow_2.rs" 50 12 50 18] b <- ^ y; - switch ([#"../branch_borrow_2.rs" 52 7 52 11] [#"../branch_borrow_2.rs" 52 7 52 11] true) + switch (true) | False -> goto BB2 | True -> goto BB1 end } BB1 { assume { resolve0 y }; - [#"../branch_borrow_2.rs" 53 8 53 14] x <- { x with current = ([#"../branch_borrow_2.rs" 53 8 53 14] [#"../branch_borrow_2.rs" 53 13 53 14] (5 : int32)) ; }; - [#"../branch_borrow_2.rs" 54 8 54 13] w <- ([#"../branch_borrow_2.rs" 54 12 54 13] x); - [#"../branch_borrow_2.rs" 54 12 54 13] x <- any borrowed int32; + [#"../branch_borrow_2.rs" 53 8 53 14] x <- { x with current = ([#"../branch_borrow_2.rs" 53 8 53 14] (5 : int32)) ; }; + [#"../branch_borrow_2.rs" 54 8 54 13] w <- ([#"../branch_borrow_2.rs" 54 8 54 13] x); + x <- any borrowed int32; [#"../branch_borrow_2.rs" 52 12 55 5] _6 <- ([#"../branch_borrow_2.rs" 52 12 55 5] ()); goto BB3 } BB2 { assume { resolve0 x }; - [#"../branch_borrow_2.rs" 56 8 56 14] y <- { y with current = ([#"../branch_borrow_2.rs" 56 8 56 14] [#"../branch_borrow_2.rs" 56 13 56 14] (6 : int32)) ; }; + [#"../branch_borrow_2.rs" 56 8 56 14] y <- { y with current = ([#"../branch_borrow_2.rs" 56 8 56 14] (6 : int32)) ; }; [#"../branch_borrow_2.rs" 57 12 57 13] _9 <- Borrow.borrow_final ( * y) (Borrow.get_id y); [#"../branch_borrow_2.rs" 57 12 57 13] y <- { y with current = ( ^ _9) ; }; [#"../branch_borrow_2.rs" 57 8 57 13] w <- ([#"../branch_borrow_2.rs" 57 8 57 13] _9); - [#"../branch_borrow_2.rs" 57 8 57 13] _9 <- any borrowed int32; + _9 <- any borrowed int32; [#"../branch_borrow_2.rs" 55 11 60 5] _6 <- ([#"../branch_borrow_2.rs" 55 11 60 5] ()); goto BB3 } diff --git a/creusot/tests/should_succeed/lang/const.mlcfg b/creusot/tests/should_succeed/lang/const.mlcfg index a792facef9..f70cc9cd93 100644 --- a/creusot/tests/should_succeed/lang/const.mlcfg +++ b/creusot/tests/should_succeed/lang/const.mlcfg @@ -11,7 +11,7 @@ module Const_Foo goto BB0 } BB0 { - [#"../const.rs" 9 4 9 7] _0 <- ([#"../const.rs" 9 4 9 7] [#"../const.rs" 9 4 9 7] (42 : usize)); + [#"../const.rs" 9 4 9 7] _0 <- ([#"../const.rs" 9 4 9 7] (42 : usize)); return _0 } diff --git a/creusot/tests/should_succeed/lang/float_ops.mlcfg b/creusot/tests/should_succeed/lang/float_ops.mlcfg index bca734789b..fb0bf00ad0 100644 --- a/creusot/tests/should_succeed/lang/float_ops.mlcfg +++ b/creusot/tests/should_succeed/lang/float_ops.mlcfg @@ -10,7 +10,7 @@ module FloatOps_Eq goto BB0 } BB0 { - [#"../float_ops.rs" 6 4 6 14] _0 <- ([#"../float_ops.rs" 6 4 6 14] ([#"../float_ops.rs" 6 4 6 7] [#"../float_ops.rs" 6 4 6 7] (1.0 : Float64.t)) .= ([#"../float_ops.rs" 6 11 6 14] [#"../float_ops.rs" 6 11 6 14] (2.0 : Float64.t))); + [#"../float_ops.rs" 6 4 6 14] _0 <- ([#"../float_ops.rs" 6 4 6 14] (1.0 : Float64.t) .= (2.0 : Float64.t)); return _0 } @@ -26,7 +26,7 @@ module FloatOps_Lt goto BB0 } BB0 { - [#"../float_ops.rs" 11 4 11 13] _0 <- ([#"../float_ops.rs" 11 4 11 13] ([#"../float_ops.rs" 11 4 11 7] [#"../float_ops.rs" 11 4 11 7] (1.0 : Float64.t)) .< ([#"../float_ops.rs" 11 10 11 13] [#"../float_ops.rs" 11 10 11 13] (2.0 : Float64.t))); + [#"../float_ops.rs" 11 4 11 13] _0 <- ([#"../float_ops.rs" 11 4 11 13] (1.0 : Float64.t) .< (2.0 : Float64.t)); return _0 } @@ -42,7 +42,7 @@ module FloatOps_Le goto BB0 } BB0 { - [#"../float_ops.rs" 16 4 16 14] _0 <- ([#"../float_ops.rs" 16 4 16 14] ([#"../float_ops.rs" 16 4 16 7] [#"../float_ops.rs" 16 4 16 7] (1.0 : Float64.t)) .<= ([#"../float_ops.rs" 16 11 16 14] [#"../float_ops.rs" 16 11 16 14] (2.0 : Float64.t))); + [#"../float_ops.rs" 16 4 16 14] _0 <- ([#"../float_ops.rs" 16 4 16 14] (1.0 : Float64.t) .<= (2.0 : Float64.t)); return _0 } @@ -58,7 +58,7 @@ module FloatOps_Gt goto BB0 } BB0 { - [#"../float_ops.rs" 21 4 21 13] _0 <- ([#"../float_ops.rs" 21 4 21 13] ([#"../float_ops.rs" 21 4 21 7] [#"../float_ops.rs" 21 4 21 7] (2.0 : Float64.t)) .> ([#"../float_ops.rs" 21 10 21 13] [#"../float_ops.rs" 21 10 21 13] (1.0 : Float64.t))); + [#"../float_ops.rs" 21 4 21 13] _0 <- ([#"../float_ops.rs" 21 4 21 13] (2.0 : Float64.t) .> (1.0 : Float64.t)); return _0 } @@ -74,7 +74,7 @@ module FloatOps_Ge goto BB0 } BB0 { - [#"../float_ops.rs" 26 4 26 14] _0 <- ([#"../float_ops.rs" 26 4 26 14] ([#"../float_ops.rs" 26 4 26 7] [#"../float_ops.rs" 26 4 26 7] (2.0 : Float64.t)) .>= ([#"../float_ops.rs" 26 11 26 14] [#"../float_ops.rs" 26 11 26 14] (1.0 : Float64.t))); + [#"../float_ops.rs" 26 4 26 14] _0 <- ([#"../float_ops.rs" 26 4 26 14] (2.0 : Float64.t) .>= (1.0 : Float64.t)); return _0 } @@ -90,7 +90,7 @@ module FloatOps_Neg goto BB0 } BB0 { - [#"../float_ops.rs" 31 4 31 15] _0 <- ([#"../float_ops.rs" 31 4 31 15] ([#"../float_ops.rs" 31 4 31 8] [#"../float_ops.rs" 31 4 31 8] (-2.0 : Float64.t)) .<= ([#"../float_ops.rs" 31 12 31 15] [#"../float_ops.rs" 31 12 31 15] (1.0 : Float64.t))); + [#"../float_ops.rs" 31 4 31 15] _0 <- ([#"../float_ops.rs" 31 4 31 15] (-2.0 : Float64.t) .<= (1.0 : Float64.t)); return _0 } diff --git a/creusot/tests/should_succeed/lang/literals.mlcfg b/creusot/tests/should_succeed/lang/literals.mlcfg index 5fa569fbe6..9d41184fea 100644 --- a/creusot/tests/should_succeed/lang/literals.mlcfg +++ b/creusot/tests/should_succeed/lang/literals.mlcfg @@ -6,22 +6,27 @@ module Literals_FloatOperation = [@vc:do_not_keep_trace] [@vc:sp] var _0 : Float32.t; var x : Float32.t; + var _2 : bool; + var _3 : Float32.t; { goto BB0 } BB0 { - [#"../literals.rs" 4 17 4 20] x <- ([#"../literals.rs" 4 17 4 20] [#"../literals.rs" 4 17 4 20] (0.0 : Float32.t)); - switch ([#"../literals.rs" 6 7 6 24] ([#"../literals.rs" 6 7 6 17] ([#"../literals.rs" 6 7 6 8] x) .+ ([#"../literals.rs" 6 11 6 17] [#"../literals.rs" 6 11 6 17] (0x1.020c40000000p0 : Float32.t))) .= ([#"../literals.rs" 6 21 6 24] [#"../literals.rs" 6 21 6 24] (2.0 : Float32.t))) + [#"../literals.rs" 4 17 4 20] x <- ([#"../literals.rs" 4 17 4 20] (0.0 : Float32.t)); + [#"../literals.rs" 6 7 6 17] _3 <- ([#"../literals.rs" 6 7 6 17] x .+ (0x1.020c40000000p0 : Float32.t)); + [#"../literals.rs" 6 7 6 24] _2 <- ([#"../literals.rs" 6 7 6 24] _3 .= (2.0 : Float32.t)); + _3 <- any Float32.t; + switch (_2) | False -> goto BB2 | True -> goto BB1 end } BB1 { - [#"../literals.rs" 7 8 7 17] _0 <- ([#"../literals.rs" 7 8 7 17] ([#"../literals.rs" 7 8 7 11] [#"../literals.rs" 7 8 7 11] (3.0 : Float32.t)) .- ([#"../literals.rs" 7 14 7 17] [#"../literals.rs" 7 14 7 17] (1.0 : Float32.t))); + [#"../literals.rs" 7 8 7 17] _0 <- ([#"../literals.rs" 7 8 7 17] (3.0 : Float32.t) .- (1.0 : Float32.t)); goto BB3 } BB2 { - [#"../literals.rs" 9 8 9 11] _0 <- ([#"../literals.rs" 9 8 9 11] [#"../literals.rs" 9 8 9 11] (0.0 : Float32.t)); + [#"../literals.rs" 9 8 9 11] _0 <- ([#"../literals.rs" 9 8 9 11] (0.0 : Float32.t)); goto BB3 } BB3 { diff --git a/creusot/tests/should_succeed/lang/modules.mlcfg b/creusot/tests/should_succeed/lang/modules.mlcfg index a353e82c30..b99b2775c1 100644 --- a/creusot/tests/should_succeed/lang/modules.mlcfg +++ b/creusot/tests/should_succeed/lang/modules.mlcfg @@ -25,7 +25,7 @@ module Modules_Nested_InnerFunc BB0 { [#"../modules.rs" 14 16 14 28] _2 <- ([#"../modules.rs" 14 16 14 28] Modules_Nested_Nested_Type.C_Test); assume { resolve0 _2 }; - [#"../modules.rs" 15 8 15 12] _0 <- ([#"../modules.rs" 15 8 15 12] [#"../modules.rs" 15 8 15 12] true); + [#"../modules.rs" 15 8 15 12] _0 <- ([#"../modules.rs" 15 8 15 12] true); return _0 } @@ -38,7 +38,7 @@ module Modules_Nested_Further_Another goto BB0 } BB0 { - [#"../modules.rs" 20 12 20 17] _0 <- ([#"../modules.rs" 20 12 20 17] [#"../modules.rs" 20 12 20 17] false); + [#"../modules.rs" 20 12 20 17] _0 <- ([#"../modules.rs" 20 12 20 17] false); return _0 } diff --git a/creusot/tests/should_succeed/lang/move_path.mlcfg b/creusot/tests/should_succeed/lang/move_path.mlcfg index bebe98b778..47fdd9eba6 100644 --- a/creusot/tests/should_succeed/lang/move_path.mlcfg +++ b/creusot/tests/should_succeed/lang/move_path.mlcfg @@ -19,14 +19,14 @@ module MovePath_F goto BB0 } BB0 { - [#"../move_path.rs" 4 16 4 17] x <- ([#"../move_path.rs" 4 16 4 17] [#"../move_path.rs" 4 16 4 17] (1 : int32)); + [#"../move_path.rs" 4 16 4 17] x <- ([#"../move_path.rs" 4 16 4 17] (1 : int32)); [#"../move_path.rs" 6 12 6 18] y <- Borrow.borrow_mut x; [#"../move_path.rs" 6 12 6 18] x <- ^ y; [#"../move_path.rs" 7 12 7 13] d <- ([#"../move_path.rs" 7 12 7 13] y); - [#"../move_path.rs" 7 12 7 13] y <- any borrowed int32; + y <- any borrowed int32; [#"../move_path.rs" 8 12 8 13] z <- ([#"../move_path.rs" 8 12 8 13] d); - [#"../move_path.rs" 8 12 8 13] d <- any borrowed int32; - [#"../move_path.rs" 10 12 10 18] z <- { z with current = ([#"../move_path.rs" 10 12 10 18] [#"../move_path.rs" 10 17 10 18] (2 : int32)) ; }; + d <- any borrowed int32; + [#"../move_path.rs" 10 12 10 18] z <- { z with current = ([#"../move_path.rs" 10 12 10 18] (2 : int32)) ; }; assume { resolve0 z }; [#"../move_path.rs" 3 11 15 1] _0 <- ([#"../move_path.rs" 3 11 15 1] ()); return _0 diff --git a/creusot/tests/should_succeed/lang/multiple_scopes.mlcfg b/creusot/tests/should_succeed/lang/multiple_scopes.mlcfg index 6ad2202d29..e6ae9886b7 100644 --- a/creusot/tests/should_succeed/lang/multiple_scopes.mlcfg +++ b/creusot/tests/should_succeed/lang/multiple_scopes.mlcfg @@ -13,10 +13,10 @@ module MultipleScopes_MultipleScopes goto BB0 } BB0 { - [#"../multiple_scopes.rs" 5 17 5 18] _x <- ([#"../multiple_scopes.rs" 5 17 5 18] [#"../multiple_scopes.rs" 5 17 5 18] (1 : int32)); - [#"../multiple_scopes.rs" 6 13 6 14] _y <- ([#"../multiple_scopes.rs" 6 13 6 14] [#"../multiple_scopes.rs" 6 13 6 14] (2 : int32)); - [#"../multiple_scopes.rs" 8 17 8 18] _y1 <- ([#"../multiple_scopes.rs" 8 17 8 18] [#"../multiple_scopes.rs" 8 17 8 18] (3 : int32)); - [#"../multiple_scopes.rs" 9 8 9 15] _x <- ([#"../multiple_scopes.rs" 9 13 9 15] _y1); + [#"../multiple_scopes.rs" 5 17 5 18] _x <- ([#"../multiple_scopes.rs" 5 17 5 18] (1 : int32)); + [#"../multiple_scopes.rs" 6 13 6 14] _y <- ([#"../multiple_scopes.rs" 6 13 6 14] (2 : int32)); + [#"../multiple_scopes.rs" 8 17 8 18] _y1 <- ([#"../multiple_scopes.rs" 8 17 8 18] (3 : int32)); + [#"../multiple_scopes.rs" 9 8 9 15] _x <- ([#"../multiple_scopes.rs" 9 8 9 15] _y1); [#"../multiple_scopes.rs" 7 4 10 5] _0 <- ([#"../multiple_scopes.rs" 7 4 10 5] ()); return _0 } diff --git a/creusot/tests/should_succeed/lang/promoted_constants.mlcfg b/creusot/tests/should_succeed/lang/promoted_constants.mlcfg index 1ee6a720cd..d1c5522c1c 100644 --- a/creusot/tests/should_succeed/lang/promoted_constants.mlcfg +++ b/creusot/tests/should_succeed/lang/promoted_constants.mlcfg @@ -22,10 +22,10 @@ module PromotedConstants_PromotedNone use prelude.Int let constant promoted0 [#"../promoted_constants.rs" 3 0 3 22] : Core_Option_Option_Type.t_option int32 = [@vc:do_not_keep_trace] [@vc:sp] - let _1 = [#"../promoted_constants.rs" 6 23 6 31] Core_Option_Option_Type.C_Some ([#"../promoted_constants.rs" 6 28 6 30] [#"../promoted_constants.rs" 6 28 6 30] (43 : int32)) in let _0 = [#"../promoted_constants.rs" 6 22 6 31] _1 in _0 + let _1 = [#"../promoted_constants.rs" 6 23 6 31] Core_Option_Option_Type.C_Some (43 : int32) in let _0 = [#"../promoted_constants.rs" 6 22 6 31] _1 in _0 let constant promoted1 [#"../promoted_constants.rs" 3 0 3 22] : Core_Option_Option_Type.t_option int32 = [@vc:do_not_keep_trace] [@vc:sp] - let _1 = [#"../promoted_constants.rs" 6 12 6 20] Core_Option_Option_Type.C_Some ([#"../promoted_constants.rs" 6 17 6 19] [#"../promoted_constants.rs" 6 17 6 19] (42 : int32)) in let _0 = [#"../promoted_constants.rs" 6 11 6 20] _1 in _0 + let _1 = [#"../promoted_constants.rs" 6 12 6 20] Core_Option_Option_Type.C_Some (42 : int32) in let _0 = [#"../promoted_constants.rs" 6 11 6 20] _1 in _0 let rec cfg promoted_none [#"../promoted_constants.rs" 3 0 3 22] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] @@ -38,10 +38,10 @@ module PromotedConstants_PromotedNone goto BB0 } BB0 { - [#"../promoted_constants.rs" 4 14 4 21] _ix <- ([#"../promoted_constants.rs" 4 14 4 21] Core_Option_Option_Type.C_Some ([#"../promoted_constants.rs" 4 19 4 20] [#"../promoted_constants.rs" 4 19 4 20] (0 : int32))); - [#"../promoted_constants.rs" 6 11 6 20] _11 <- ([#"../promoted_constants.rs" 6 11 6 20] [#"../promoted_constants.rs" 6 11 6 20] promoted1); - [#"../promoted_constants.rs" 6 22 6 31] _10 <- ([#"../promoted_constants.rs" 6 22 6 31] [#"../promoted_constants.rs" 6 22 6 31] promoted0); - [#"../promoted_constants.rs" 6 10 6 32] _2 <- ([#"../promoted_constants.rs" 6 10 6 32] (([#"../promoted_constants.rs" 6 11 6 20] _11), ([#"../promoted_constants.rs" 6 22 6 31] _10))); + [#"../promoted_constants.rs" 4 14 4 21] _ix <- ([#"../promoted_constants.rs" 4 14 4 21] Core_Option_Option_Type.C_Some (0 : int32)); + [#"../promoted_constants.rs" 6 11 6 20] _11 <- ([#"../promoted_constants.rs" 6 11 6 20] promoted1); + [#"../promoted_constants.rs" 6 22 6 31] _10 <- ([#"../promoted_constants.rs" 6 22 6 31] promoted0); + [#"../promoted_constants.rs" 6 10 6 32] _2 <- ([#"../promoted_constants.rs" 6 10 6 32] (_11, _10)); switch (let (a, _) = _2 in a) | Core_Option_Option_Type.C_None -> goto BB1 | _ -> goto BB6 @@ -76,20 +76,22 @@ module PromotedConstants_PromotedInt use prelude.Int32 use prelude.Int let constant promoted0 [#"../promoted_constants.rs" 12 0 12 21] : int32 = [@vc:do_not_keep_trace] [@vc:sp] - let _2 = [#"../promoted_constants.rs" 13 15 13 20] ([#"../promoted_constants.rs" 13 15 13 16] [#"../promoted_constants.rs" 13 15 13 16] (1 : int32)) + ([#"../promoted_constants.rs" 13 19 13 20] [#"../promoted_constants.rs" 13 19 13 20] (5 : int32)) in let _1 = [#"../promoted_constants.rs" 13 14 13 26] _2 + ([#"../promoted_constants.rs" 13 23 13 25] [#"../promoted_constants.rs" 13 23 13 25] (10 : int32)) in let _2 = any int32 in let _0 = [#"../promoted_constants.rs" 13 13 13 26] _1 in _0 + let _2 = [#"../promoted_constants.rs" 13 15 13 20] (1 : int32) + (5 : int32) in let _1 = [#"../promoted_constants.rs" 13 14 13 26] _2 + (10 : int32) in let _2 = any int32 in let _0 = [#"../promoted_constants.rs" 13 13 13 26] _1 in _0 let rec cfg promoted_int [#"../promoted_constants.rs" 12 0 12 21] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var ix : int32; + var _4 : bool; var _9 : int32; { goto BB0 } BB0 { - [#"../promoted_constants.rs" 13 13 13 26] _9 <- ([#"../promoted_constants.rs" 13 13 13 26] [#"../promoted_constants.rs" 13 13 13 26] promoted0); + [#"../promoted_constants.rs" 13 13 13 26] _9 <- ([#"../promoted_constants.rs" 13 13 13 26] promoted0); [#"../promoted_constants.rs" 13 13 13 26] ix <- ([#"../promoted_constants.rs" 13 13 13 26] _9); - switch ([#"../promoted_constants.rs" 15 7 15 16] ([#"../promoted_constants.rs" 15 7 15 10] ix) <> ([#"../promoted_constants.rs" 15 14 15 16] [#"../promoted_constants.rs" 15 14 15 16] (16 : int32))) + [#"../promoted_constants.rs" 15 7 15 16] _4 <- ([#"../promoted_constants.rs" 15 7 15 16] ix <> (16 : int32)); + switch (_4) | False -> goto BB2 | True -> goto BB1 end @@ -180,7 +182,7 @@ module PromotedConstants_Str goto BB0 } BB0 { - [#"../promoted_constants.rs" 23 13 23 115] _s <- ([#"../promoted_constants.rs" 23 13 23 115] [#"../promoted_constants.rs" 23 13 23 115] "1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890"); + [#"../promoted_constants.rs" 23 13 23 115] _s <- ([#"../promoted_constants.rs" 23 13 23 115] "1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890"); [#"../promoted_constants.rs" 22 13 24 1] _0 <- ([#"../promoted_constants.rs" 22 13 24 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/lang/unary_op.mlcfg b/creusot/tests/should_succeed/lang/unary_op.mlcfg index fc10b391f0..658fdcaece 100644 --- a/creusot/tests/should_succeed/lang/unary_op.mlcfg +++ b/creusot/tests/should_succeed/lang/unary_op.mlcfg @@ -7,7 +7,7 @@ module UnaryOp_F goto BB0 } BB0 { - switch ([#"../unary_op.rs" 5 13 5 18] [#"../unary_op.rs" 5 13 5 18] false) + switch (false) | False -> goto BB2 | True -> goto BB1 end diff --git a/creusot/tests/should_succeed/lang/while_let.mlcfg b/creusot/tests/should_succeed/lang/while_let.mlcfg index ed500058c6..fd16a49e54 100644 --- a/creusot/tests/should_succeed/lang/while_let.mlcfg +++ b/creusot/tests/should_succeed/lang/while_let.mlcfg @@ -20,11 +20,12 @@ module WhileLet_F var _0 : (); var a : Core_Option_Option_Type.t_option int32; var b : borrowed (Core_Option_Option_Type.t_option int32); + var _6 : Core_Option_Option_Type.t_option int32; { goto BB0 } BB0 { - [#"../while_let.rs" 5 16 5 24] a <- ([#"../while_let.rs" 5 16 5 24] Core_Option_Option_Type.C_Some ([#"../while_let.rs" 5 21 5 23] [#"../while_let.rs" 5 21 5 23] (10 : int32))); + [#"../while_let.rs" 5 16 5 24] a <- ([#"../while_let.rs" 5 16 5 24] Core_Option_Option_Type.C_Some (10 : int32)); [#"../while_let.rs" 6 12 6 18] b <- Borrow.borrow_mut a; [#"../while_let.rs" 6 12 6 18] a <- ^ b; goto BB1 @@ -43,7 +44,9 @@ module WhileLet_F goto BB4 } BB4 { - [#"../while_let.rs" 10 8 10 17] b <- { b with current = ([#"../while_let.rs" 10 13 10 17] Core_Option_Option_Type.C_None) ; }; + [#"../while_let.rs" 10 13 10 17] _6 <- ([#"../while_let.rs" 10 13 10 17] Core_Option_Option_Type.C_None); + [#"../while_let.rs" 10 8 10 17] b <- { b with current = ([#"../while_let.rs" 10 8 10 17] _6) ; }; + _6 <- any Core_Option_Option_Type.t_option int32; goto BB1 } BB5 { diff --git a/creusot/tests/should_succeed/list_index_mut.mlcfg b/creusot/tests/should_succeed/list_index_mut.mlcfg index dfacf48032..63d4c7f073 100644 --- a/creusot/tests/should_succeed/list_index_mut.mlcfg +++ b/creusot/tests/should_succeed/list_index_mut.mlcfg @@ -138,6 +138,7 @@ module ListIndexMut_IndexMut var _3 : borrowed uint32; var old_l : Snapshot.snap_ty (borrowed (ListIndexMut_List_Type.t_list)); var old_ix : Snapshot.snap_ty usize; + var _20 : bool; var _22 : borrowed (ListIndexMut_List_Type.t_list); var _23 : borrowed (ListIndexMut_List_Type.t_list); var _24 : Core_Option_Option_Type.t_option (borrowed (ListIndexMut_List_Type.t_list)); @@ -166,7 +167,8 @@ module ListIndexMut_IndexMut goto BB4 } BB4 { - switch ([#"../list_index_mut.rs" 49 10 49 16] ([#"../list_index_mut.rs" 49 10 49 12] ix) > ([#"../list_index_mut.rs" 49 15 49 16] [#"../list_index_mut.rs" 49 15 49 16] (0 : usize))) + [#"../list_index_mut.rs" 49 10 49 16] _20 <- ([#"../list_index_mut.rs" 49 10 49 16] ix > (0 : usize)); + switch (_20) | False -> goto BB8 | True -> goto BB5 end @@ -188,9 +190,9 @@ module ListIndexMut_IndexMut [#"../list_index_mut.rs" 50 12 50 33] _23 <- { _23 with current = ( ^ _22) ; }; assume { resolve1 l }; [#"../list_index_mut.rs" 50 8 50 33] l <- ([#"../list_index_mut.rs" 50 8 50 33] _22); - [#"../list_index_mut.rs" 50 8 50 33] _22 <- any borrowed (ListIndexMut_List_Type.t_list); + _22 <- any borrowed (ListIndexMut_List_Type.t_list); assume { resolve2 _23 }; - [#"../list_index_mut.rs" 52 8 52 15] ix <- ([#"../list_index_mut.rs" 52 8 52 15] ix - ([#"../list_index_mut.rs" 52 14 52 15] [#"../list_index_mut.rs" 52 14 52 15] (1 : usize))); + [#"../list_index_mut.rs" 52 8 52 15] ix <- ([#"../list_index_mut.rs" 52 8 52 15] ix - (1 : usize)); goto BB3 } BB8 { @@ -273,12 +275,12 @@ module ListIndexMut_Write BB0 { [#"../list_index_mut.rs" 64 15 64 16] _10 <- Borrow.borrow_final ( * l) (Borrow.get_id l); [#"../list_index_mut.rs" 64 15 64 16] l <- { l with current = ( ^ _10) ; }; - [#"../list_index_mut.rs" 64 5 64 21] _9 <- ([#"../list_index_mut.rs" 64 5 64 21] index_mut0 _10 ([#"../list_index_mut.rs" 64 18 64 20] ix)); + [#"../list_index_mut.rs" 64 5 64 21] _9 <- ([#"../list_index_mut.rs" 64 5 64 21] index_mut0 _10 ix); _10 <- any borrowed (ListIndexMut_List_Type.t_list); goto BB1 } BB1 { - [#"../list_index_mut.rs" 64 4 64 25] _9 <- { _9 with current = ([#"../list_index_mut.rs" 64 24 64 25] v) ; }; + [#"../list_index_mut.rs" 64 4 64 25] _9 <- { _9 with current = ([#"../list_index_mut.rs" 64 4 64 25] v) ; }; assume { resolve0 _9 }; assume { resolve1 l }; [#"../list_index_mut.rs" 63 46 65 1] _0 <- ([#"../list_index_mut.rs" 63 46 65 1] ()); @@ -331,6 +333,9 @@ module ListIndexMut_F = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var l : ListIndexMut_List_Type.t_list; + var _2 : Core_Option_Option_Type.t_option (ListIndexMut_List_Type.t_list); + var _4 : ListIndexMut_List_Type.t_list; + var _5 : Core_Option_Option_Type.t_option (ListIndexMut_List_Type.t_list); var _6 : (); var _7 : borrowed (ListIndexMut_List_Type.t_list); var _8 : borrowed (ListIndexMut_List_Type.t_list); @@ -338,16 +343,22 @@ module ListIndexMut_F goto BB0 } BB0 { + [#"../list_index_mut.rs" 68 47 68 51] _5 <- ([#"../list_index_mut.rs" 68 47 68 51] Core_Option_Option_Type.C_None); + [#"../list_index_mut.rs" 68 38 68 52] _4 <- ([#"../list_index_mut.rs" 68 38 68 52] ListIndexMut_List_Type.C_List (10 : uint32) _5); + _5 <- any Core_Option_Option_Type.t_option (ListIndexMut_List_Type.t_list); goto BB1 } BB1 { goto BB2 } BB2 { + [#"../list_index_mut.rs" 68 24 68 54] _2 <- ([#"../list_index_mut.rs" 68 24 68 54] Core_Option_Option_Type.C_Some _4); + _4 <- any ListIndexMut_List_Type.t_list; goto BB3 } BB3 { - [#"../list_index_mut.rs" 68 16 68 55] l <- ([#"../list_index_mut.rs" 68 16 68 55] ListIndexMut_List_Type.C_List ([#"../list_index_mut.rs" 68 21 68 22] [#"../list_index_mut.rs" 68 21 68 22] (1 : uint32)) ([#"../list_index_mut.rs" 68 24 68 54] Core_Option_Option_Type.C_Some ([#"../list_index_mut.rs" 68 38 68 52] ListIndexMut_List_Type.C_List ([#"../list_index_mut.rs" 68 43 68 45] [#"../list_index_mut.rs" 68 43 68 45] (10 : uint32)) ([#"../list_index_mut.rs" 68 47 68 51] Core_Option_Option_Type.C_None)))); + [#"../list_index_mut.rs" 68 16 68 55] l <- ([#"../list_index_mut.rs" 68 16 68 55] ListIndexMut_List_Type.C_List (1 : uint32) _2); + _2 <- any Core_Option_Option_Type.t_option (ListIndexMut_List_Type.t_list); goto BB4 } BB4 { @@ -355,7 +366,7 @@ module ListIndexMut_F [#"../list_index_mut.rs" 69 10 69 16] l <- ^ _8; [#"../list_index_mut.rs" 69 10 69 16] _7 <- Borrow.borrow_final ( * _8) (Borrow.get_id _8); [#"../list_index_mut.rs" 69 10 69 16] _8 <- { _8 with current = ( ^ _7) ; }; - [#"../list_index_mut.rs" 69 4 69 23] _6 <- ([#"../list_index_mut.rs" 69 4 69 23] write0 _7 ([#"../list_index_mut.rs" 69 18 69 19] [#"../list_index_mut.rs" 69 18 69 19] (0 : usize)) ([#"../list_index_mut.rs" 69 21 69 22] [#"../list_index_mut.rs" 69 21 69 22] (2 : uint32))); + [#"../list_index_mut.rs" 69 4 69 23] _6 <- ([#"../list_index_mut.rs" 69 4 69 23] write0 _7 (0 : usize) (2 : uint32)); _7 <- any borrowed (ListIndexMut_List_Type.t_list); goto BB5 } diff --git a/creusot/tests/should_succeed/list_index_mut/why3session.xml b/creusot/tests/should_succeed/list_index_mut/why3session.xml index 7236aee344..a7d03fcecf 100644 --- a/creusot/tests/should_succeed/list_index_mut/why3session.xml +++ b/creusot/tests/should_succeed/list_index_mut/why3session.xml @@ -7,7 +7,7 @@ - + @@ -17,7 +17,7 @@ - + diff --git a/creusot/tests/should_succeed/list_index_mut/why3shapes.gz b/creusot/tests/should_succeed/list_index_mut/why3shapes.gz index 53c1b2df3779ed9f430a1759a3ce1913c6a1b57d..623415d5847fad4da31e274035e1b83687ede508 100644 GIT binary patch literal 748 zcmV3irX*{efL-RZCgV@7wh7(c~}A_fwC_JJ+4t=xohg! zZIa#X=XZ3Cl9Uo+q?yqZ!XT7qf^U{s;S=CSa(QYR*yJ*<1_5gz0C%|x4IG4Fs zdfk0r4hGD)Nx&Ig3aC;*l?80|(VUj)-9XZp4KSi?gT>ZniS%wc9+wZ(KOBB~!eN~C zq%hZG58u{?;YML;SI#CaW#_y$m&#hI6e?~Jc|^qSH1=U!VU`eCLc{@)*-r?quMpSW zxAAngz)&6y*uuhyHaL}n)2==ngAxq_`CiR&v{aE%>?0-86P)erT>?_8r;|w{zre}a z92HYkgbU9sPH=EQD^1h#(H)lFOjvO%Jea+*F+Rvog-a`{TPrG)l6K=UWfYZqFqzt< zjyN)FqsVbXxy|~l&Ji;H3(-x*|ETKH`FF>v{~UYFf^W*uZ(!&3gZEnHC|A@sNbX|# zOTL$TJ4EB$?UuK>KixS~zY|5NLxrm)Z8jjplhK=|r6e>KMYeOO>mjfz>UvUFg<6-x zaxBNWH-Ear+qt;h3Q}omVd;cyV(Hk**u?Tt5V6Uh0+e~@-&V)@Fo z*JDkIAd>PL553t5Em2u-=!R_Y1{H{rnht^uqUVTd+SIVn4Q7aNiT9-B8&+tIxsj|v e91T=JOtT|RBjHB`XBwAsBZ|Lm#}=4J2LJ$ppLUA? literal 727 zcmV;|0x10-iwFP!00000|BX~jYuqppzWZ1Bmex?vTUN;)!h+d_l1o9y7_BWgre3@C zI!S+iC0WvHowoEMMl+*tUZ3VekzbzG4}HmB^?d24@pI1d;$yb_RQ>phB&fUyB@7~v zsLJ}i+Np1P0jiK#BCyI&PCh=WomDMU-H(eT59;1t2R%A(bKNxt1XK?O!)eXC#Jp4c z`s;MoMh(jdoWMngB03a_!%@xpG7YcVB#q+*NGQ?^JDMz^P^W30r#Ic+oxiUEyM9!I zgjDsdIV=2SWOXK*%pxoMBrY7)s0F>A|i>1z#|fScvpObxUawT zm&F2`B9O=C7KT^eD5ZJL-CH08bv;{fet#pGd@m^v^X*%8=- zdBUC$V-xb2&Pq-`&x(IMyHA`qWvCaUXXI|R+JRxy*p(NliKtKM zy=_6Pang|E^P>I@`f=r;uD8AON=DuWQnneo1i5-jKv(Hy-H{U zBdSfCZbn9YWp25w3xh};{yYvJ-R~7_+iHyO!9g79n^_S$i!KfLulUFj=CAS5HU8>^ zB=nSmK5gK)R|7+9!rfXPr%}fgyDVdr63#o&oftc{f@y#NK}5h(a3QeH$pIhG0UkgG zC?dGywBs!URAE7kpai46#S Jj599>004z9VmJT* diff --git a/creusot/tests/should_succeed/list_reversal_lasso.mlcfg b/creusot/tests/should_succeed/list_reversal_lasso.mlcfg index a3f62bf56b..d87a7114c1 100644 --- a/creusot/tests/should_succeed/list_reversal_lasso.mlcfg +++ b/creusot/tests/should_succeed/list_reversal_lasso.mlcfg @@ -179,7 +179,7 @@ module ListReversalLasso_Impl1_Index goto BB0 } BB0 { - [#"../list_reversal_lasso.rs" 31 15 31 18] _6 <- ([#"../list_reversal_lasso.rs" 31 15 31 18] index0 ([#"../list_reversal_lasso.rs" 31 9 31 15] ListReversalLasso_Memory_Type.memory_0 self) ([#"../list_reversal_lasso.rs" 31 16 31 17] i)); + [#"../list_reversal_lasso.rs" 31 15 31 18] _6 <- ([#"../list_reversal_lasso.rs" 31 15 31 18] index0 (ListReversalLasso_Memory_Type.memory_0 self) i); goto BB1 } BB1 { @@ -343,7 +343,7 @@ module ListReversalLasso_Impl2_IndexMut BB0 { [#"../list_reversal_lasso.rs" 42 13 42 19] _11 <- Borrow.borrow_final (ListReversalLasso_Memory_Type.memory_0 ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../list_reversal_lasso.rs" 42 13 42 19] self <- { self with current = (let ListReversalLasso_Memory_Type.C_Memory x0 = * self in ListReversalLasso_Memory_Type.C_Memory ( ^ _11)) ; }; - [#"../list_reversal_lasso.rs" 42 19 42 22] _10 <- ([#"../list_reversal_lasso.rs" 42 19 42 22] index_mut0 _11 ([#"../list_reversal_lasso.rs" 42 20 42 21] i)); + [#"../list_reversal_lasso.rs" 42 19 42 22] _10 <- ([#"../list_reversal_lasso.rs" 42 19 42 22] index_mut0 _11 i); _11 <- any borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); goto BB1 } @@ -444,7 +444,7 @@ module ListReversalLasso_Impl4_ListReversalSafe ensures { result = resolve0 self } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] - [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) + (18446744073709551615 : usize) predicate mem_is_well_formed0 [#"../list_reversal_lasso.rs" 55 4 55 43] (self : ListReversalLasso_Memory_Type.t_memory) = @@ -461,6 +461,7 @@ module ListReversalLasso_Impl4_ListReversalSafe var self : borrowed (ListReversalLasso_Memory_Type.t_memory) = self; var l : usize = l; var r : usize; + var _12 : bool; var tmp : usize; var _16 : usize; var _20 : borrowed usize; @@ -469,7 +470,7 @@ module ListReversalLasso_Impl4_ListReversalSafe goto BB0 } BB0 { - [#"../list_reversal_lasso.rs" 66 20 66 24] r <- ([#"../list_reversal_lasso.rs" 66 20 66 24] [#"../list_reversal_lasso.rs" 66 20 66 24] (18446744073709551615 : usize)); + [#"../list_reversal_lasso.rs" 66 20 66 24] r <- ([#"../list_reversal_lasso.rs" 66 20 66 24] (18446744073709551615 : usize)); goto BB1 } BB1 { @@ -479,28 +480,29 @@ module ListReversalLasso_Impl4_ListReversalSafe goto BB2 } BB2 { - switch ([#"../list_reversal_lasso.rs" 71 14 71 23] ([#"../list_reversal_lasso.rs" 71 14 71 15] l) <> ([#"../list_reversal_lasso.rs" 71 19 71 23] [#"../list_reversal_lasso.rs" 71 19 71 23] (18446744073709551615 : usize))) + [#"../list_reversal_lasso.rs" 71 14 71 23] _12 <- ([#"../list_reversal_lasso.rs" 71 14 71 23] l <> (18446744073709551615 : usize)); + switch (_12) | False -> goto BB6 | True -> goto BB3 end } BB3 { [#"../list_reversal_lasso.rs" 72 22 72 23] tmp <- ([#"../list_reversal_lasso.rs" 72 22 72 23] l); - [#"../list_reversal_lasso.rs" 73 20 73 23] _16 <- ([#"../list_reversal_lasso.rs" 73 20 73 23] index0 ([#"../list_reversal_lasso.rs" 73 16 73 20] * self) ([#"../list_reversal_lasso.rs" 73 21 73 22] l)); + [#"../list_reversal_lasso.rs" 73 20 73 23] _16 <- ([#"../list_reversal_lasso.rs" 73 20 73 23] index0 ( * self) l); goto BB4 } BB4 { - [#"../list_reversal_lasso.rs" 73 12 73 23] l <- ([#"../list_reversal_lasso.rs" 73 16 73 23] _16); + [#"../list_reversal_lasso.rs" 73 12 73 23] l <- ([#"../list_reversal_lasso.rs" 73 12 73 23] _16); [#"../list_reversal_lasso.rs" 74 12 74 16] _21 <- Borrow.borrow_mut ( * self); [#"../list_reversal_lasso.rs" 74 12 74 16] self <- { self with current = ( ^ _21) ; }; - [#"../list_reversal_lasso.rs" 74 16 74 21] _20 <- ([#"../list_reversal_lasso.rs" 74 16 74 21] index_mut0 _21 ([#"../list_reversal_lasso.rs" 74 17 74 20] tmp)); + [#"../list_reversal_lasso.rs" 74 16 74 21] _20 <- ([#"../list_reversal_lasso.rs" 74 16 74 21] index_mut0 _21 tmp); _21 <- any borrowed (ListReversalLasso_Memory_Type.t_memory); goto BB5 } BB5 { - [#"../list_reversal_lasso.rs" 74 12 74 25] _20 <- { _20 with current = ([#"../list_reversal_lasso.rs" 74 24 74 25] r) ; }; + [#"../list_reversal_lasso.rs" 74 12 74 25] _20 <- { _20 with current = ([#"../list_reversal_lasso.rs" 74 12 74 25] r) ; }; assume { resolve1 _20 }; - [#"../list_reversal_lasso.rs" 75 12 75 19] r <- ([#"../list_reversal_lasso.rs" 75 16 75 19] tmp); + [#"../list_reversal_lasso.rs" 75 12 75 19] r <- ([#"../list_reversal_lasso.rs" 75 12 75 19] tmp); goto BB1 } BB6 { @@ -606,7 +608,7 @@ module ListReversalLasso_Impl4_ListReversalList ensures { result = list_seg0 self first s last l h } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] - [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) + (18446744073709551615 : usize) predicate list0 [#"../list_reversal_lasso.rs" 91 4 91 54] (self : ListReversalLasso_Memory_Type.t_memory) (first : usize) (s : Seq.seq usize) = @@ -655,6 +657,7 @@ module ListReversalLasso_Impl4_ListReversalList var s : Snapshot.snap_ty (Seq.seq usize) = s; var r : usize; var n : Snapshot.snap_ty int; + var _15 : bool; var _17 : usize; var _18 : borrowed usize; var _19 : borrowed usize; @@ -668,7 +671,7 @@ module ListReversalLasso_Impl4_ListReversalList goto BB0 } BB0 { - [#"../list_reversal_lasso.rs" 100 20 100 24] r <- ([#"../list_reversal_lasso.rs" 100 20 100 24] [#"../list_reversal_lasso.rs" 100 20 100 24] (18446744073709551615 : usize)); + [#"../list_reversal_lasso.rs" 100 20 100 24] r <- ([#"../list_reversal_lasso.rs" 100 20 100 24] (18446744073709551615 : usize)); [#"../list_reversal_lasso.rs" 101 20 101 35] n <- ([#"../list_reversal_lasso.rs" 101 20 101 35] Snapshot.new 0); goto BB1 } @@ -682,7 +685,8 @@ module ListReversalLasso_Impl4_ListReversalList goto BB3 } BB3 { - switch ([#"../list_reversal_lasso.rs" 107 14 107 23] ([#"../list_reversal_lasso.rs" 107 14 107 15] l) <> ([#"../list_reversal_lasso.rs" 107 19 107 23] [#"../list_reversal_lasso.rs" 107 19 107 23] (18446744073709551615 : usize))) + [#"../list_reversal_lasso.rs" 107 14 107 23] _15 <- ([#"../list_reversal_lasso.rs" 107 14 107 23] l <> (18446744073709551615 : usize)); + switch (_15) | False -> goto BB9 | True -> goto BB4 end @@ -690,7 +694,7 @@ module ListReversalLasso_Impl4_ListReversalList BB4 { [#"../list_reversal_lasso.rs" 108 39 108 43] _21 <- Borrow.borrow_mut ( * self); [#"../list_reversal_lasso.rs" 108 39 108 43] self <- { self with current = ( ^ _21) ; }; - [#"../list_reversal_lasso.rs" 108 43 108 46] _20 <- ([#"../list_reversal_lasso.rs" 108 43 108 46] index_mut0 _21 ([#"../list_reversal_lasso.rs" 108 44 108 45] l)); + [#"../list_reversal_lasso.rs" 108 43 108 46] _20 <- ([#"../list_reversal_lasso.rs" 108 43 108 46] index_mut0 _21 l); _21 <- any borrowed (ListReversalLasso_Memory_Type.t_memory); goto BB5 } @@ -703,7 +707,7 @@ module ListReversalLasso_Impl4_ListReversalList [#"../list_reversal_lasso.rs" 108 66 108 72] r <- ^ _25; [#"../list_reversal_lasso.rs" 108 66 108 72] _24 <- Borrow.borrow_final ( * _25) (Borrow.get_id _25); [#"../list_reversal_lasso.rs" 108 66 108 72] _25 <- { _25 with current = ( ^ _24) ; }; - [#"../list_reversal_lasso.rs" 108 48 108 76] _23 <- ([#"../list_reversal_lasso.rs" 108 48 108 76] replace0 _24 ([#"../list_reversal_lasso.rs" 108 74 108 75] l)); + [#"../list_reversal_lasso.rs" 108 48 108 76] _23 <- ([#"../list_reversal_lasso.rs" 108 48 108 76] replace0 _24 l); _24 <- any borrowed usize; goto BB6 } @@ -718,13 +722,13 @@ module ListReversalLasso_Impl4_ListReversalList assume { resolve1 _20 }; assume { resolve1 _19 }; [#"../list_reversal_lasso.rs" 108 12 108 77] l <- ([#"../list_reversal_lasso.rs" 108 12 108 77] _17); - [#"../list_reversal_lasso.rs" 108 12 108 77] _17 <- any usize; + _17 <- any usize; [#"../list_reversal_lasso.rs" 109 16 109 36] _27 <- ([#"../list_reversal_lasso.rs" 109 16 109 36] Snapshot.new (Snapshot.inner n + 1)); goto BB8 } BB8 { [#"../list_reversal_lasso.rs" 109 12 109 36] n <- ([#"../list_reversal_lasso.rs" 109 12 109 36] _27); - [#"../list_reversal_lasso.rs" 109 12 109 36] _27 <- any Snapshot.snap_ty int; + _27 <- any Snapshot.snap_ty int; goto BB2 } BB9 { @@ -873,7 +877,7 @@ module ListReversalLasso_Impl4_ListReversalLoop ensures { result = index_logic0 self ix } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] - [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) + (18446744073709551615 : usize) use prelude.Snapshot use prelude.Snapshot let rec cfg list_reversal_loop [#"../list_reversal_lasso.rs" 125 4 125 82] [@cfg:stackify] [@cfg:subregion_analysis] (self : borrowed (ListReversalLasso_Memory_Type.t_memory)) (l : usize) (s : Snapshot.snap_ty (Seq.seq usize)) : usize @@ -888,6 +892,7 @@ module ListReversalLasso_Impl4_ListReversalLoop var s : Snapshot.snap_ty (Seq.seq usize) = s; var r : usize; var n : Snapshot.snap_ty int; + var _17 : bool; var _21 : usize; var _22 : borrowed usize; var _23 : borrowed usize; @@ -901,7 +906,7 @@ module ListReversalLasso_Impl4_ListReversalLoop goto BB0 } BB0 { - [#"../list_reversal_lasso.rs" 126 20 126 24] r <- ([#"../list_reversal_lasso.rs" 126 20 126 24] [#"../list_reversal_lasso.rs" 126 20 126 24] (18446744073709551615 : usize)); + [#"../list_reversal_lasso.rs" 126 20 126 24] r <- ([#"../list_reversal_lasso.rs" 126 20 126 24] (18446744073709551615 : usize)); [#"../list_reversal_lasso.rs" 127 20 127 35] n <- ([#"../list_reversal_lasso.rs" 127 20 127 35] Snapshot.new 0); goto BB1 } @@ -916,7 +921,8 @@ module ListReversalLasso_Impl4_ListReversalLoop goto BB3 } BB3 { - switch ([#"../list_reversal_lasso.rs" 137 14 137 23] ([#"../list_reversal_lasso.rs" 137 14 137 15] l) <> ([#"../list_reversal_lasso.rs" 137 19 137 23] [#"../list_reversal_lasso.rs" 137 19 137 23] (18446744073709551615 : usize))) + [#"../list_reversal_lasso.rs" 137 14 137 23] _17 <- ([#"../list_reversal_lasso.rs" 137 14 137 23] l <> (18446744073709551615 : usize)); + switch (_17) | False -> goto BB9 | True -> goto BB4 end @@ -925,7 +931,7 @@ module ListReversalLasso_Impl4_ListReversalLoop assert { [@expl:assertion] [#"../list_reversal_lasso.rs" 138 12 138 77] Snapshot.inner n = Seq.length (Snapshot.inner s) -> l = Seq.get (Reverse.reverse (Snapshot.inner s)) (Seq.length (Snapshot.inner s) - 1) }; [#"../list_reversal_lasso.rs" 139 39 139 43] _25 <- Borrow.borrow_mut ( * self); [#"../list_reversal_lasso.rs" 139 39 139 43] self <- { self with current = ( ^ _25) ; }; - [#"../list_reversal_lasso.rs" 139 43 139 46] _24 <- ([#"../list_reversal_lasso.rs" 139 43 139 46] index_mut0 _25 ([#"../list_reversal_lasso.rs" 139 44 139 45] l)); + [#"../list_reversal_lasso.rs" 139 43 139 46] _24 <- ([#"../list_reversal_lasso.rs" 139 43 139 46] index_mut0 _25 l); _25 <- any borrowed (ListReversalLasso_Memory_Type.t_memory); goto BB5 } @@ -938,7 +944,7 @@ module ListReversalLasso_Impl4_ListReversalLoop [#"../list_reversal_lasso.rs" 139 66 139 72] r <- ^ _29; [#"../list_reversal_lasso.rs" 139 66 139 72] _28 <- Borrow.borrow_final ( * _29) (Borrow.get_id _29); [#"../list_reversal_lasso.rs" 139 66 139 72] _29 <- { _29 with current = ( ^ _28) ; }; - [#"../list_reversal_lasso.rs" 139 48 139 76] _27 <- ([#"../list_reversal_lasso.rs" 139 48 139 76] replace0 _28 ([#"../list_reversal_lasso.rs" 139 74 139 75] l)); + [#"../list_reversal_lasso.rs" 139 48 139 76] _27 <- ([#"../list_reversal_lasso.rs" 139 48 139 76] replace0 _28 l); _28 <- any borrowed usize; goto BB6 } @@ -953,13 +959,13 @@ module ListReversalLasso_Impl4_ListReversalLoop assume { resolve1 _24 }; assume { resolve1 _23 }; [#"../list_reversal_lasso.rs" 139 12 139 77] l <- ([#"../list_reversal_lasso.rs" 139 12 139 77] _21); - [#"../list_reversal_lasso.rs" 139 12 139 77] _21 <- any usize; + _21 <- any usize; [#"../list_reversal_lasso.rs" 140 16 140 36] _31 <- ([#"../list_reversal_lasso.rs" 140 16 140 36] Snapshot.new (Snapshot.inner n + 1)); goto BB8 } BB8 { [#"../list_reversal_lasso.rs" 140 12 140 36] n <- ([#"../list_reversal_lasso.rs" 140 12 140 36] _31); - [#"../list_reversal_lasso.rs" 140 12 140 36] _31 <- any Snapshot.snap_ty int; + _31 <- any Snapshot.snap_ty int; goto BB2 } BB9 { @@ -1107,7 +1113,7 @@ module ListReversalLasso_Impl4_ListReversalLasso ensures { result = resolve0 self } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] - [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) + (18446744073709551615 : usize) use seq.Reverse use prelude.Snapshot function index_logic0 [@inline:trivial] (self : Snapshot.snap_ty (Seq.seq usize)) (ix : int) : usize = @@ -1129,6 +1135,7 @@ module ListReversalLasso_Impl4_ListReversalLasso var s2 : Snapshot.snap_ty (Seq.seq usize) = s2; var r : usize; var n : Snapshot.snap_ty int; + var _17 : bool; var _19 : usize; var _20 : borrowed usize; var _21 : borrowed usize; @@ -1142,7 +1149,7 @@ module ListReversalLasso_Impl4_ListReversalLasso goto BB0 } BB0 { - [#"../list_reversal_lasso.rs" 169 20 169 24] r <- ([#"../list_reversal_lasso.rs" 169 20 169 24] [#"../list_reversal_lasso.rs" 169 20 169 24] (18446744073709551615 : usize)); + [#"../list_reversal_lasso.rs" 169 20 169 24] r <- ([#"../list_reversal_lasso.rs" 169 20 169 24] (18446744073709551615 : usize)); [#"../list_reversal_lasso.rs" 170 20 170 35] n <- ([#"../list_reversal_lasso.rs" 170 20 170 35] Snapshot.new 0); goto BB1 } @@ -1165,7 +1172,8 @@ module ListReversalLasso_Impl4_ListReversalLasso goto BB3 } BB3 { - switch ([#"../list_reversal_lasso.rs" 190 14 190 23] ([#"../list_reversal_lasso.rs" 190 14 190 15] l) <> ([#"../list_reversal_lasso.rs" 190 19 190 23] [#"../list_reversal_lasso.rs" 190 19 190 23] (18446744073709551615 : usize))) + [#"../list_reversal_lasso.rs" 190 14 190 23] _17 <- ([#"../list_reversal_lasso.rs" 190 14 190 23] l <> (18446744073709551615 : usize)); + switch (_17) | False -> goto BB9 | True -> goto BB4 end @@ -1173,7 +1181,7 @@ module ListReversalLasso_Impl4_ListReversalLasso BB4 { [#"../list_reversal_lasso.rs" 191 39 191 43] _23 <- Borrow.borrow_mut ( * self); [#"../list_reversal_lasso.rs" 191 39 191 43] self <- { self with current = ( ^ _23) ; }; - [#"../list_reversal_lasso.rs" 191 43 191 46] _22 <- ([#"../list_reversal_lasso.rs" 191 43 191 46] index_mut0 _23 ([#"../list_reversal_lasso.rs" 191 44 191 45] l)); + [#"../list_reversal_lasso.rs" 191 43 191 46] _22 <- ([#"../list_reversal_lasso.rs" 191 43 191 46] index_mut0 _23 l); _23 <- any borrowed (ListReversalLasso_Memory_Type.t_memory); goto BB5 } @@ -1186,7 +1194,7 @@ module ListReversalLasso_Impl4_ListReversalLasso [#"../list_reversal_lasso.rs" 191 66 191 72] r <- ^ _27; [#"../list_reversal_lasso.rs" 191 66 191 72] _26 <- Borrow.borrow_final ( * _27) (Borrow.get_id _27); [#"../list_reversal_lasso.rs" 191 66 191 72] _27 <- { _27 with current = ( ^ _26) ; }; - [#"../list_reversal_lasso.rs" 191 48 191 76] _25 <- ([#"../list_reversal_lasso.rs" 191 48 191 76] replace0 _26 ([#"../list_reversal_lasso.rs" 191 74 191 75] l)); + [#"../list_reversal_lasso.rs" 191 48 191 76] _25 <- ([#"../list_reversal_lasso.rs" 191 48 191 76] replace0 _26 l); _26 <- any borrowed usize; goto BB6 } @@ -1201,13 +1209,13 @@ module ListReversalLasso_Impl4_ListReversalLasso assume { resolve1 _22 }; assume { resolve1 _21 }; [#"../list_reversal_lasso.rs" 191 12 191 77] l <- ([#"../list_reversal_lasso.rs" 191 12 191 77] _19); - [#"../list_reversal_lasso.rs" 191 12 191 77] _19 <- any usize; + _19 <- any usize; [#"../list_reversal_lasso.rs" 192 16 192 36] _29 <- ([#"../list_reversal_lasso.rs" 192 16 192 36] Snapshot.new (Snapshot.inner n + 1)); goto BB8 } BB8 { [#"../list_reversal_lasso.rs" 192 12 192 36] n <- ([#"../list_reversal_lasso.rs" 192 12 192 36] _29); - [#"../list_reversal_lasso.rs" 192 12 192 36] _29 <- any Snapshot.snap_ty int; + _29 <- any Snapshot.snap_ty int; goto BB2 } BB9 { @@ -1419,7 +1427,7 @@ module ListReversalLasso_Impl4_FindLassoAux_Impl ensures { result = lasso0 self first s1 s2 } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] - [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) + (18446744073709551615 : usize) predicate list0 [#"../list_reversal_lasso.rs" 91 4 91 54] (self : ListReversalLasso_Memory_Type.t_memory) (first : usize) (s : Seq.seq usize) = @@ -1583,7 +1591,7 @@ module ListReversalLasso_Impl4_FindLasso_Impl ensures { result = lasso0 self first s1 s2 } let constant null0 [#"../list_reversal_lasso.rs" 13 0 13 15] : usize = [@vc:do_not_keep_trace] [@vc:sp] - [#"../list_reversal_lasso.rs" 13 0 13 15] [#"../list_reversal_lasso.rs" 13 0 13 15] (18446744073709551615 : usize) + (18446744073709551615 : usize) predicate list0 [#"../list_reversal_lasso.rs" 91 4 91 54] (self : ListReversalLasso_Memory_Type.t_memory) (first : usize) (s : Seq.seq usize) = diff --git a/creusot/tests/should_succeed/list_reversal_lasso/why3session.xml b/creusot/tests/should_succeed/list_reversal_lasso/why3session.xml index 0d10576edc..322885afcb 100644 --- a/creusot/tests/should_succeed/list_reversal_lasso/why3session.xml +++ b/creusot/tests/should_succeed/list_reversal_lasso/why3session.xml @@ -20,7 +20,7 @@ - + @@ -36,16 +36,16 @@ - + - + - + - + @@ -54,7 +54,7 @@ - + @@ -63,16 +63,16 @@ - + - + - + - + @@ -81,7 +81,7 @@ - + @@ -102,7 +102,7 @@ - + @@ -115,7 +115,7 @@ - + @@ -124,10 +124,10 @@ - + - + @@ -140,7 +140,7 @@ - + @@ -149,7 +149,7 @@ - + @@ -164,55 +164,55 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -221,10 +221,10 @@ - + - + @@ -249,18 +249,18 @@ - + - + - + - + @@ -271,31 +271,31 @@ - + - + - + - + - + @@ -304,29 +304,29 @@ - + - + - + - + - + - + @@ -335,10 +335,10 @@ - + - + @@ -347,38 +347,38 @@ - + - + - + - + - + - + - + - + - + - + @@ -391,13 +391,13 @@ - + - + - + @@ -411,24 +411,24 @@ - + - + - + - + @@ -439,16 +439,16 @@ - + - + - + - + @@ -463,7 +463,7 @@ - + @@ -472,10 +472,10 @@ - + - + @@ -484,10 +484,10 @@ - + - + @@ -498,7 +498,7 @@ - + @@ -507,10 +507,10 @@ - + - + @@ -523,14 +523,14 @@ - + - + @@ -541,16 +541,16 @@ - + - + - + - + diff --git a/creusot/tests/should_succeed/list_reversal_lasso/why3shapes.gz b/creusot/tests/should_succeed/list_reversal_lasso/why3shapes.gz index 4a7b1a8df3b4a7141a17c5bb492171bd18dea85a..a2551c2dbda295b54ac3ec112947c6ca4424a1ad 100644 GIT binary patch literal 13005 zcmV;;GBV8{iwFP!00000|LuL-ZyYz)=ezz2zh&3K0K8uolLZ6=LJP>w_pl%OF#^dV zXEZC@8Ocdz{`>tMR#kU(UHW2o%d(XqZFN_Xhlhvf&fEWZ`{wB%;n)21=J)*gbpP?g z|9WHIy#1e7pZ*o@Km4xN?B*)`^{4QVKm7gEKLUzAJbe7)?)}FmKkzjVpFZB*fA|#M zhkvu{T47S;mLAJBzv)2AwdlW!wd}w0wd%jJwMLsit+~LjCja~H;p5-$6I;8ry{(Ve zoZr-MfX>=)Z0&DuTaf-b0MEPM!^3Zxt?e#8Y;92Tx^2;3x6K*)dlx_c_Mv&2t8p7X zeEjg?w}*$jUq3xoJbn)E?*31H|MBrZYjbn8e)pz)e0)=pT_hGeOe{7e*1Pc2PWQtv zKwZe)XK(AX+rNPX7GJJ+5bfTgw+k4(TMM=A2o+x}rw8SJA%gvcKY~v&wDjujmclS?s ze`MeT1m5SSGO(ElIXB>y|Ee4l=sBA!AsCf_4Ac@;Tv)3;w=(IcqOo>!k~WZwUHJ!l zPbI%TtU3y6TJR}$^nS0F5<3G0$yzEXchpoXr@xS#PVwYyBg9jDL6|u-IomJl9aruO zdMDLpN2sUP4aUrl8m-TM?l~L8vp3m`n+Wy6(c|M)8DTIkw&@S+(Svz{|+Sj1OJlv^`lWRp4 z)dF0(*7RC$8DB3E>Hy#cgf<%D;r{8<-D4&ghg_1WO&xxu+&Z`QsRTX0EMDeW? z#mI>YgaR;m(#G`w8_3-iI zuh5CVhsXQy;S;{ye`;I4d&+;Gw%*ck0rX78$Iucoj{y8-RCN*J5LrI#7C+cHO7MBS zr*%7d=<031UsbW`9(P~p*#kd96qia7fIF^t<^Dk7w%FCirD{={>+~Hvk>>N1gnDg< za0>70*N;!1(#H?Y{U^j3b2vQmFUFzmHBpGZzYTXVNN@XI|5U$>+{s#GIE?+kU5zwC zE%?B%etpb?UM!leq0ijaoi8}_Ln<~`yOx!=PuF($;oJ5hSyo_04%QT1a$q_#u$kJ_ z8#0m8*S`#2qbR(B3Zvs|`rUd|{X_iWW3uwjTWg_jiV`^20^NXf8*uGI{F#DtJvadF zi%xln@YH8uqsNvAx~HFNA@?W?wWUBSY(h^^MxmYpI`lCNmBzO6(ORe$ zKSs4I7o68F`^zu#)h}%a_psKc#A%FPtL@?SO47GI>^pdb-H+bQt>e@W0(V^v6zs4C zm(?FVASyzHvHgz$AjXG3!LqH2r_ycfmdtASaWitMmiQp()zB!3y~b9Itt}MLQ-1tC zv3Imvq{hl(lf^>v%Ol+9;x-*95c89Gq_o1a5q;YBJQDg zJ8t(R(PPyhI^p|iL3N0E_m6%}>_=;S291y>|JQB!J{bKC__e>85M~zAF7`jJJqmWH zqlK~NOZ=#oiOR!PI2)ngg>{JP4??3NsK2ia;;w0%e&<&mc?$ChoZAb{9f8zM4LlE0 zm$NZ>IUCTIPfbgj1iG_eZ;v9%^_TGH#JY$@2X`tL)4C`7XcM6CdPi}sDR$n0*5!D0 z8zyfPfvmGg1AHhAA^f=dEHc%i&|m3C&#%W2r5!<9tk{py{JXTRNj;K&E!*UYbVH-C z<}$U}Y-!ih4D&I<41dU4#;m1obAkx_D7}GyDYw~WI)q+J)o0wK>QZh(4**F~0jaf= z8$hxGk`&GI7LcSAZ4Zd^4v^%v?l>JQ`*f_RNg~np6M#4ASh-2ZiY^^1iQZjNLFvT) zI|kKui4$S_Y>61>TtuI95u&!)71L|6Nw01^G`#Inz?6vTi^?%X(L-cy0=X?FC^^+b zX8i}QO)jw-f!sFovXRStfB#7hMsWRb1tEax}&fOju*Tt;W z-kj99!3)B;-G|~ZIdu%z@@F2|nwR;!v8AflZ7@AMynHgg$C6;+!Yqx!I8eSlF%9^| z*{J;u)~NE7WS;Gld9BLB-*7(zm7K&Me+*CeAO8N3KYjc#rBC0hr{CgJ{?~8$L&^iz z8TYMqJI9pxOCScBfJT2wmp>ss?bBoD#b<36@S(ZA8GP`#I@x9fr!^cjeSZoc{zPfb zaU%z7%?ifdF|Ex?;{=7-=(gcuN{4I zz9yIRPBfzir}S5i;G+bL+F?kooEeTz@9rc9cz5;M_fUj#elW@Yl6HKSOq! z-;VQYazfY3Skf~>{IMG03n-rZt*SjEA> z?EjO@(LXO>oc~sN@SmHc`&sSWnE_q`%e6bd*`lPLt6AVnvc}H*$JxQV!9>iT)P4qP zPjWAp(b)b18rxq+WBbc!?Ca<7U3ceo&(1HtvdgnXvBUU$yRz$y{B!OeBz6Had45f( zm(o~zK8>Z@G?t!c2z~Ps(!|FkrWVq~ckFsTxprEbxK1Hmf=&AjY`?H@PjcyjFCTYj@LFWF3BISZPc@?eDvIsFTH6v+BwC;waAFHic8k)c;KT-;41LkB zFVNHx|JgEKYhQO%8H4%a37{6}W%I<{8c^R4t!rD|4DEK=YWom>rbD|~wkq0Xt5mdG z1L|JIAh$&L+;MJeFLm{EN47#ecERj?!TA}y{pEk@ndUqie^&4P(lXW_)wd~enj)^% z_UPix+FRGJe(in?mdyIi+FKzuYj16jZMQIX14y)hHa`Y{)Xv&lsMLP#ZM%^44mx&e z?XBdyYe5gKDiK#FGVziyeBMN1h4r~}g+~haLGb(OHSma*UiX^*YJN4q!dltKrJjkS z)+C&;PI=LT8Lv}b@?d7xDeJ*HWjDJ{S=V*SKOOGLY_yQ3?lNFaD=(6F24)|+&KZC% z_T0N3c>-=e&S|p-GjR^JJktYy7^^;AHO8P@vpntR?%L&L(A~o2#R5C4mM6{3J{_%M zUIgt9;dWsC@{|@!!%^2W&x}Xy_}qZ(S>8Nt_4Y6cub)K>rt6t6zCZsV;0(f2AJEhXOGLfK0VSdyI;(WtnI$sNS&V>Lf&1me;`kG zGVC>#@+>BuLy2eypb8bBCBA#{uPut;X7x1(PcR&bQlYiO{ z2sItO%|?dFyX#47egJONqcgxC0iE<=tUYGXm}n2GHPs#+=?=CxS@2%#)%_CFL9LJd zNN-TDf1H8)*Msi|G$j#Jv`?TeqE~ET3rV-hWV>s`4Srlv-tXz-bP@AL&xp}t`?qPV zM8<)r7_YxyT;@Et`hK#@pD*NZ_!7|TDbV-#%?7)X;^b4nYSs?u0u{^f%g)#k;oEIhM?Mb|Ry;mrX@9@kZl1BR+Iv=H29(Oh8Uyd^?C+Pc! zWet1uP)rs1?w*_@Fs7skI(Sw!xNq0Xjv*Rj!}q1XXS3{IZZ%JCa=Oa@pl$r}er^eP zqBKvS@9+PY$n%lZI=e1>?k=6vc$^j0D#?5z$`b^|BxUxc!hKkk9pu9q%ACLg3#>O( zI{Z{6J}0$bh*Cx4JT~i8WX4;U`Qn}$iniu9>G7S#yyISs&%fYdHt8v7P4L{(tev5n z3QEV_qQ1V$|N0F;KK zZ1o$z9_;xWjLKvHj@cG6<-LVb+U^`U(EY(qfC&l4vtZ&IL1kgHCQzxnH4meLvD|~o zk%PT3H6zw`iHX_+mCf}r@OKs-FBG!N6GUik{;{rDn6r-0R9)7qog=~52n6;I#kUnnK}}vN*|Fm)SJU-ne)0m@zj}}`6`@OoMy(oz z?mwdryx!~J)~T%VIE-EL`Bfca?QVzLgcc0d?6Gt^3p!>(jGr%M)Y>Vb8AtyZ(=k0E zJl$Q= z(CsDJzY|6dcEX66+Jl`iVy4BxPME=}>$+2+Kksn66kAO9H}K8=1`)PJ+oPf1ZVvXX z$A53Z@or`J6dc=tZC$9e+itx72=(gyK4uxYW4n@)YqV(d`W#~& zi@;=Y2se|y)T2gBy^;PHpx4vw>(f%^=4P|$Xwcpl*_%THBbElHU)*x!h=}osh<-$l zLVa$;#KMRTF&hn)7!8#;JXBj~vtzV*-3`v;{9@FZZf#Y@{C$r5s#G1b2jV`7n_zZI z;r(K|jL|_hnQ3T&kR97>ZsI&uln)@euxfiF_-DAws^?7aObWJF?V>h5BKAmB6oI$^y zo(3~5W%m!oaaZ;p3>arPe+u^!M{S6uJSDf6>7O{mc+^oN3m&F8Ws>hW zyyoa|d=tk9lLr*x@l96Mcw(LT+jRGA1>e_^0~@f9Bl`WE7@ZO`zZ5hUP5{2JB|42= z7WZb)pB;RxtvUsXz1HglK>H3O7R&qAj<823AhFj%oisEjWeCL5`No&FVKaE_wPmM` z=bnth3)J_=1Po_iuQIloW6izP#(bIv#TT+Mr<|nD=MCE8IqC`IWmcBn@Qi=$8ik3M!C$(+h#I(j`S2dn@z~*T1HPrb2u{eKV^_;EU zo|ekmv!wFHSltVE>6{#XR#Z<&5bvZUXXb~F=bt?@MyIfRbx2QW^?tOpWIBP|S2=Bo z%4fql|5B9`9J!Nd_ac10lQF)8dw3!edncw(0CXXz^E4!u{nJy2=9_e7Pad)B7p5?0 zeT2hnRu7{$ahkVb{{YpKCNt{{p`7jVX>c|f)sq@OYN_8|<$79!Qw6(_vfUb)@w&j8 z8|{cTO@8tN$ zdlmo5Lvhq>-d5?4m3_xDC+qrSb^Pgra{aRO-E2g)saKmh8Mzq^-|n+mINR;~>v&I? zbUQgm`8B3`_GU1@X#Qp~gDI{LXE48Dre!IEx$W+EI482rZ(c?oW>-#~Ya`;H$+%P6 zKh_<-a4zYRm)=ZF#TQ$O1=3$4>Ug&~6O`_W>^69gPhh2!PTNK9a_5plK66PS_jJYG zsQM16XK&sc5t@|Z2&(Mw$FtPH9EsPXs};KgA?O0V-C|SNqa$So*DC&H3COsu-M7XM0CcL}* z+s6-iTtTnJ@Y;e+1v)MB|9*U**K2uue?M)=whh_cdS-2x8ggwzZd}1_8~T|Xo$ABL z{vjWO;cL;oZyQ0)ij@=&$b_KI+i8o%9)Px8CTc@NFg5xJ7=` z-!oG%q~ve`2!{M$(A{mhFN4|I4RG3E#{VGK#vQw%TRSj$Q*wKntPB{9Ht zcat4gust?Yge6|LYr%bTTbdp4g&zP-*i%|n^2#aor{UvZ8w8EiMNgaxGl2zCcr{JRxtQB zxRjU_J52BB84WYB{ifI3A#J562cr(omqqLtcuiE_KCrpjxT+n;xbzsFOU zwQ!qnb(J?B;2YH!8-5k0Z=!wSrZ3zCSAyu*qVkLI(;B|VR@7}+bV68~(PotUqC%kHl3?GtOk3ZZF z^?Q#K>Gz#G@t!t$wWsd(yC=HtZZp{U8Goo_Jv>_Q!^hOoB>cGHQo`=1u=BEiQGbo! z5_T2Yy_jyC=+T0M?v&#xLdR7YxsCe^U;Q2)@56^rZpOPaEG zrqxaBy^F1u>{*AXw4*HaJV;#=D;tlvQzb)%r8f$z(tD_u;AaTf#(Bt|oF=i+yh5~) zw+vNWawP zTf56&DtseEq}*2O!L~2d^o5#WNDwtOMm6-bhVC(x;%1^fr6KJpYn&s^SbIv-=?9pv zPOoq4VyK{}=G6K2hSfU4H9vV5e*5>F!W#iy%a+o125gU%9nW$tf|}qAMwFC6BE+eY zzszCJkHKJL@P-Y#x$e}lcKCLE5Ns{s_LOip^DVbGf9yVL4+;?+->!#I*9_dQ#GEDU zOH2>{SfIKPb5s|ir@9aeRKGrgJ4EI3O^7jvXnUf^XRz#o(>CZv`XS8`@#_BFJiWKrT(MF55>0Ieetygy0HxyF0YQfSStfI#1h} z5pRY*7rpqn)7PQzw$HoiRDTyNZD>Fk4~+<*?8KLClN$;R3nsQ3El%yktoOTb0CwH% zFBuLYM#IrVt0tFG%)bL;^O%D4KE)~YZDkoUv>R+|8F4f;H-Oe=4J=u->P`4j;zDfA zTUT`Z3X~pZ66}C2YT!;h(H0xpU@^}V#H~9F(e`l63{)SAmFePO0A%rs92h_+9X*=Y^i=jkLcU!vi47en=d#ivtvjo@!0 zsEwbq_1wuCLel^Hw_hK!Xq875jM?(L#HC04H1XT4ogB+y+y0zz3Aqujse}qSWP}5B zX~%^So%D7fds}s>YG%^)rN@e{eO;&8wj~Db4~W;5t!dz)WVer@7R^?&smQKmlV&E# zhJLOn-p)(5+M-^S1@Z1K%Kc;V;5L(4=JwOi)v>GY<{0y?3d!rweK!e!xw-!I^S;u9 z`NRIP+SOpAW2)Oyhc%d#KZpGO*H8bs{p{+SdmrRz2CR1F>eE$)e+Sn6HD6sZo?>Z4 zHcEyhoi))L!E{hQu|_EI#;(jtuhdGe#EP%jRp#DtZ%w1PPQfrCRT#2xLr@)aqs*geFVnvx^{*05zg4k!i`iu@TBenF_%k03uzn z9^{WU8qTceky${=Dl_Iql5eD6Nw<=ACCy6el?0vTN{W@_E6G;EuY_9!E`rIP1(uZ( zO@nbWt}(%jpfqPXl{X6GrdCR>lvpXg16;Ag@MU9)&sqj!qR7z|m4qzJCmBL6B@ukX zSB9-LSj4TgU1@NaUTL+`a;3#e^Oa^R;h%TeUKB z8Ob4T6|4Oy1z8|aTC2n$yVjemjPpK$f0dUxR+Qv(V?}IUj0r`koUJRYK)FaSqfHn@ zC*L@^a!@LK<=D#lm31p?SJtd7uvO1Xz^t9OjcgQ@hJ?5`LUX9#2&N-lN~m(iUJANV zaY%lOQ9&77P4W&po6@kXlQFtS*UOcE85ncoMrd>eB_)F7=z$R_+EaqJi0O zU}PFzU;|-5U4iYF5$s|s&gNy|Y=IlpgiDSwYZzP#r(Kd-Nof^_$3i&U7lyOeaG98) z34J4?^3EA@oJ0YOgp@1J?q%T|ngDBHglen^L5Jj2g43Yjc-!DiZdC?lnHLKFru+Vfhx%*-;~Zdt?)QM4yH@+c$L!DWeGfm<4!Qo zT?9vKUGf`_A>vetYM~ljR!&v9*?Lc$ynk~4$^SQkMw<{FJoSutTGN<%>!D&9 zQ`zEw@5n*s@Yy&3aYY}y(5^bFJrB+33=<-=Y&8s0qn%|*2;ayEJ%8@@5WQls19!Y+ zG~HOZL(zK>)%$2l*Pc0Bdl+rsP;})qTxA7bQ;1j+W3EIQd9%|VafqPr7&8PhTu{s= zPHTV03VAOCFJ3t4Z_gxxwZ=M5u^uU(+@hc_iGt;YH;rj{li|E6hG0bn$8+={79M5Q z99;NI;sCHsNdbW|Lj>7KZyL>|wxU3xG|)m72YJz<2;k~0V@!yilx847YNA0vzz~Kj z5jq^uW`*l6i3>uc)EIczLc>%hEtrmwcNbaaCAn@)qYJ zzAX-D3tk?Fo5vM<7I{|2Bi;$ZYTH=Pl<+|_7o>`gc`aJk1&%1!^p|~^&ypDFPp@)T zAtaR{G}1;27!BHyma;7z9x&JR7a-sSe{rM5bK5x8q!i(DLYEr}9R{9&6A`&nwNVRL z79ilIbGYdoemaML4$l`KAOshk!$;?E(h+{+gK}`>Azt{P96a{}NFV2gWYfS2RoVN1 zF^TYY$Y(bh(t{d}>GE|i24Alo;tSAJSe0@y*7fI9_++}~sm;k3Y=&q8`HV{u*}z)j%709);Bt{FX1=XEHs zXRF$=3v`k!ipO)0=bpZs3wFBL>=73$Q@j$af#+I$a8Sf>Zc|9U?X>*9It_nNH(nJ6 z1KR}415b!*icXfRM#bEAT774oMzfJ2c;qa@v&rCf1JBPFmy;2^6<|uKd{3Ruuz?cZ zgmoGr5gZG+QfOU<5;JV6YPHsP#@^7#*}}2%G;!X5)irl9D;OmotuU$W^mnGnd;lXW zxUpOX1`kL0Y_w(yf*l&E+Gs*BcaB~QN|T(suH#1YXnA9s!ZZmsB_R>(H>swyndq|V?7QnY<5C%ixZPV=tm0x}DGOJi z&4Y=tbRFm4UB?@Ru)DAlO5!owVlrYfZ4Ed*Gla*jVyp9kf}+uH(hW77L6DU;j5BRh zqmvI_`JxenHc;gKyjJa`{f0Y=(5P|FHwYxSbg?m6YG9rk=r0D#^+wR-+H^L|W~g`1 zoNkH;rpYnd!UO#h-h^c9R1xa*vv7Xm2}xS*lU;x@3{E(eVJti-?HjHT*0%sqm1gkv z0V*LzqePQ*w!->Go01`whQrdr*GMfOgAe_MKUpE|0hsEVAR(Mf#cOH3EY36r-Wp&> zbW#zJ)@nz|5%R*nGzMpR%#=TcXKG>Y5P zj#V*f+a#llNQD_6m@#m&VoWZ^P{&e$b-uJA*fa!Yxt&sjvD1xYA_f(#7THPHHl$Ej z0hl7v0EQ%pAQxH`l4cEQfg8%9O(8!I5y>oCHeO`nTorsyH2J9!HA!J4rkH%TuTb-9(cdxue1skrQGMl_TWW zVgNe|*^46*AxBV=5h4f!SxU${K>(C3G6c8_Km>KvGYk#fFzbxO2qh^wk6zd)8>o3N z8rD<9Tz+VBOiG$01UMvWW3o|&7Y3v14Y-7NJmN1;k$^bN29AMXnKjV+&~;o|`0-i# z(lhJjheoLAp=Ft)wZJho(6)kReWA?@lU8#XJWtCBa4q%~IpD!)QeYf;28j ztFyMe6Cd~@f>P&~P_yn)jlz%@oWZ6QGsGEVxJYdCApbU3N!#L1CRmz;r96N^t4 zfsqs;d&Z)J?(1;6fa0B*fPE>t7j97C9Evv?cudR(1IX~P6dX=xWkd4{0zR>zpoe_k z@zjfe6D$m^k2eP!(@-Z_lT!fyRu|fjpcJ>zDJ&S}>)e)bv{np2KrR7#2}jS+Q3_%l zxzA`5jyW7ld{7RKxqxFXEFp?=7Ukf`FC%;aNn<>GmDs>n&l#a&f}uT>H7}-}os^8$xzj>-RQGNdVT7iL4DbO$h>`?FPKc7= zAmPKh4lQ+J7x5#lTI7;;n<$U)qEMX1!NwrFN7)U$CmTV8tv z+a<-f*0Yja&Iy5)i%HUSbYq1>467g$Dj3`LOn-wtOFp6!A{OOjX#!WeGzc2Ah#3PZ zY&BjI!F25!V0iJ_y^|E+k9sG84=ffwtqqc#J}Aopj{_df7VPP@-#*+{RfpcKR zG|4gRY|J7z#cLg#0I3nBct>ZF9%GL8s({BO#Qqp1|shqW(T;8tZyhhNHFgpVQ z$g>y|fVQjEjZ^d;u*uUP^oPU{Xbb&8h>s8b*3~1q2w`BD6&whUh#BTCsHlU?nn#&o zMR;)?Vc4r9j1vK{6_;QZV~iDG6D4v$P|m@}D<&k*xYUW)EQannuD`pE^AeRulv^5QtO+7>CF;nS>^kngyN;J!La^;VAOv=qmalO*&(L{ZC)s;ie+j0H<#R^brv~DZ$$dcBOY+<5N$>x%HQMS|Sx{DPm?qsWYDI2T1eKcAMlfd@=; zl1T>I{D=@xODhlv0;o&c`LFqBAF;1{0#V?^W5P^1Cw9vm>lmMJ)ABEpjB&;oO?JFVCN>}wJm1JO`c zS-cfR>d35UKozZ%GRF03C(BN|zg3W=B^W)qK z84r?sNeC%&5wt_A7oXRaWU?t2C3JE@B+Ijk!O{-AWV6pY zHg%VxB7{80U-J!SpP4egKmr)p-)E_8j^2V1thXunSna9;w$wuj45Xuz&)xTLPOO!h zWemQ_S~PSGq%Ph>I)z?|Mz;8#HN_W2ZTB{BLbw88(ZR-S4o`YQ$R%1z;87nYubY0XktSK9t~XA z-Dz!_b$o?HYNXTxl!9lUisq5701K8&pNdK_(H#fr*G;5`1;$GfO~^7g3C1{tcBpKRmh5VOTI#J@=&*0>e4VDnQU|}!P12t_^q_=wgD;jI;|9Au?b4B!g3Nm z!;3CXXxiA3U88zM+-)9H>~+Roj*eSl+A&~5nLV!(-Gq^th|XDEb~ci|Rw5~tKo%K{ zFDdAl1Xm`YrQ+!P`rvjv=hsT4VkL*5(ai^R*N)CUI+a8!jk6}lW@m%hYbBD&LMymC zOu?W9OY88wQbl_Ms)_77h5b5H9ih-QCb3X19rWR*(ZP~%Q`c-of?O=g< z7c^rRIZrC2*dQKj=$cKzY)2&Zs)=N@gQI96X_9VlpnWfl!H+h@r67FoG``LNmDAOo z+LWXU2xK_V77WE3ZzBb&ZKy$86kc1Xp$y%Gsp?iSMD42N!hMc#AZ6CkH!We*>my8q zki5uHg0e~-O=TdD+Ew3E5s-B*e8I;|8ek&DvB*wC5OE~X-l&W;-f6im~Z za{fA_cTG2PMUC(jrrZW0WGc!><>@Y_q}3Zl_8^YGij8Y*L>LAKnkAW2$QcGdYi1R6 zcY}g(galp2De&P}R{sxN^n=vBrxOLj-$@H_D)}!f0g7JyA=^)hl0NTIh1-BswW0?`%$8fIfd849WCQd_N}DRhZqV2$vM zH7!8;sN;cp6-nrrDzRwI9nVUGf`X2MYItd{Oqb>~ps5(0q>Ww!XyFYP$@35(-gF*M z$SqJ*ri;S3JG}wA(9zXv`&hP2m}CVt0K)~>jRoFb^v>(8TZ(SnQf$zeKfOVXNM0oE zlSkO$=t`cHz`=>`siRxP-zd63o$hn3Edw%1CAEG^D}@J_B4k~cLsNv~vd zsh+4;0en#-24bKjNM==1+$5C{R0aeLMhM%qY(zK0e`!NeG!o;k;9f@!ihHkv^oZQJ zL)b6tDR#=ZZ?G|ySg~0smVL?^@@=#bIY+1$1qET+#_V|-6WSKzq3IHxRzx@XYH3Sj zB`wr7Hn*C{h;3_zA8rlCLBTjE7ze~a_@Gq{EH%n%)YB-hQJ!uoR{jbWC&H5p$~SOZ zg4D$%hmasdBcU66B-BNbP$FjdmCTkDG1Q3r(RgH%(J^09vknP;Q6%VGU8uC!Sa@_2 z@idI5^A_=uL_CyChlIH(62`-^4p0yxOIR|fhbB249OpW-!~z}54j&wF{gDb4-Y9%@ zxLk%6N4F literal 12905 zcmV-vGM3FBiwFP!00000|LuL*Zd^yQ;5)xUZ=SJXATx3w*aHv-h$7(Wewd4TG?8mJ zdnn0GO7`u)pNKq5owXLRN}@y?F0tyI%*e>d*mL_I-@keKr~f@az4;?QKHa~6_rKog zH{buys}KM7_wW9YTXu8hfBM-!#TL4+uoc}`zLniqwpG~X&sz@oE9L*bdwBnk`^dI-Yi{e~E$27& z8$xHzH@0;*w+%>l?GewrKm5bT%(iBX58G-idEK;VuAAmG{k;qCKfX&(OEqr&yZ7(j zeSCPh`~AaX#p751%iaIUZ{I)uXRB|nw!ge7?;qb(WLJsB4ik$FiS>*BdDMOX8=?+k z{OtSs?DlU+0)tv9~K2{jvqQ>j)KJEvE+Mej|eYjDLX7F*Nk*``If(1xN2O zKfQnWBjdR7{s-Fv41RDo{Gn-d0epD>`1t3N0z`^25`g|ICkbiNI0|0QbsJZSl8? z(|Rd_`#tqwB5ZD-uwkV}ut&t~Sg*F*5LFZX^v#%isjA!Bj=abl@371FMB$FmI`W3n z7MWU)tKZzt#m9`L`|j<>552i$ zCfvkJ@b^Yh(sQ<0!u`GB_gbRi{i-W>qG%gdACi3Ai-T!czu`!OY~E0JEcRTIbWH@l zKCG(A;g>mX^m?yu;-ld~(O4@8BjvdxA^C^9Ctq^!%$%qN#IhEEofd$df5dnG5hMS|6CQ|}f65QV zKj8Cs`O!b2v*aHadroiO`FHux$SRgig?AmcZT)L}6f!zS-%;KD;UDk)yASy7 z{zKF9-BbR@y!D2LE1(xDKKh1`c>>_aN!3+|LuC1|Tl`?-e344aJ()vmC8U8g_mK4CJ|!z}J;DZhUzEVv251k?_TZX__-78zcHj_jS9H#l zgr_2*ZbJ$x28XPIH@mj8ei9Hdsw?t@cRz-9me48kIsdz!_v{5+qMQ4Y_UbAsy{kF zRD{^ibUy}w7$5#b4sFyIm2O%$WX}B${XoT9;vLYdp)rKLMjobC9`(&re*D8X`lk16 z4tOl9an4&S#MEIYxKwRdVJ?C1;nI!48plwN)pcQq+w6=o}%M1jyl)xPB-HfaN)wn7dwHXw&Tcr7EhLNv)j z3>qn$i2qX3Q?#jCu@!wPPC%QB12F(3Y6LA%JM$h8uYfoKaxEZ7*^Cwt=N+J$B@t|z zr|r^pP?HSM^b8M!)3S(8CRYR+tLMr_*P1!3IoLvffIJBDld zXCB#_-TAb!rK;CW1idi4%W1yph#yIm{W-(6ahgWZx2Gj4pP%>I-(aKM@UOpL2wcc1 z{NV@xbpP%j5BbCUck^C$xIKLgPx;>;^ShV_Ofto=aWkj=`Oy)MWK8G zCeKcU?-wW<#QQTdYGmgJ*t?DAgu0TjK)-9GVb0g&dgh7d^3b8Z>nAJ*c_>1r{dsN; zcN{Wb9D(akq}xc@v<1%HgU`_lg$+M#&G{L!wFPFHSraq5UdFbb5#kTkEMGwJ-0xKF z86htvdH*8x*GuTFIX|Ik1=4ol?VUTr`^wL=gti9 z5?F5S`OOw31Z~YAUy?OOGazRNZwFH`e^L80PJHO%c}#rAsjGOCb1#a`Lo7;1e_O!^H*X$+z!)^}tus)k^`<(S>jKH`**I zJh+Nf9lMHDwF@g(=6JKKeW3w!OcVbGauT1O)xZTf~jb`z}CKsL2iifspH(# zKDYj^P>)@Wyj-wfjlA-@@A=sj{Gyust>L3RnyxQ#n%=F|_Nd-|VYBU)7PmhJ>ycf* zuo<9V*lap%+f~OsAZP&fKL&v0XkjyI&~9OKvr6|4RqEQpX2Hh`Z4WKhfvXdFc8&Kx zZ4S1=`qXLIBW3v@`2F-6I6!N!JH>vr?9i<&M1EZB864$Sp0Egf)nS<~0$+1j78Zf4 z!6IJ?Z4cpgU~%}I7Hh*%7mF{9 zNA391fb3a2K5zB*FbS_eix|uoi(kmQ`ixDja=<4?-f&#x{Tljsd&soy-MX;mogTA` z;S<2z`aK(n&cCN&*W79Q9fsZ6nz*|4;S~52ptC+q8E*lN8RJo{IpejYJJ{ZQ2|Lxh zZnhyz+pZfUrujnZ^$!bhe>(U+{zDT@RI564F@O_+WlW9Z> z)BO#r%gC2@H_Xm(;466>z6SJq4)pDP>am+>P(BAt?!mlI>kI1n0RETi;#OUKqbD~x-&=9eT0Xm zPm$-y{E_rKyT1I~T{@?MIV-AF+WAb}X9&V9zjl5Fa99Bzw~mR-rDZcd7iSLwluWUU_{V(6lU_k~!FxIek6Y zpE($n*#I1~VQ0>JE2FgA({Z5tgFPBE5=to=LmV~bqGVAk8*xd4CRk6@pbv;~=xzd0-3f0+M)BeFTtAl5b8$7db z@YYvI&k?yjipJNMRYEhhxNL+DHL_ElbH%gN1YD|#bNcG@XpUbXw{;+D+U2`WizUvR z@w%+%yFipL5-glLIA2%%g{t&YX_S#WUCrC`eCeYH;){nCb1}PAh}9_1tvRRWyx!{; z*GbUn$V?si<)tLBwYS4o@WV|=$lE#F{{>__?-L8=XyKTg=yKTg2yKTf;!Rc-ru@HXa)A3@M zcE8I0-8N#d+XfbD4|dzYLW_glHiM2q#>cK=^GzF{#S#0<{+wigW_zm6$fC{o z3_RSwOwgyApmuAT>GYs(h}-Kyz0-r;(f@NjsCzwVd{?yHuA@J*Ml=^-x2B7`sOvAK z_=T0?Xh6O)y=Xt5UbGj{iw*H#foiNBJ$7&Ba>0IY=gRASp73vt_T1wP_azowbGHDp z*}T+Lqy0$>-nkoY$kgp+Ki!YP#!0i=kjeTDnf+c>=DX{E8bGYQ=&1WK00iR=nS6KC zOt%wy{iYc=-C%g~f@3>KVw0G~MdAxaEFgLtdt1UAg8tO6iLlz%zLjU$hTjv1R*G z4#I_d^-9d$L1%))XI_Ez*?Uaa<$j6PU6=P{7W@M){epwQ<-kLrD~uOh1TJqr!S3$6 zq>L}zQpR_MX(jQrW4qUfjqP*RHLonwJg?HPOFAxSc)Qhi-+=vXyCOcjHhdvwpzXi> z!q%YT@Yz@7)~>71-gRp93oZLyRNdAuXl^@D+)GD>i1yydom#y==JtYaSNZz&1v_~@ z64rC;A9H!YBHD*8E#$Mq|Cb7FDg6IwaGzQCVsf{knjUxpYv3k!?}shjv)x!dYG#44 zjzwU$7KH0rU+Qrtx?a0>4A5F?dIin2l)ky?_cIOJdzQU9G%&C>Fx^^~BS!?LBLdxs z9EJMQh{4K;4KbSx6-RUzMt3_CVYxaWl+L zDZF1y*D*TCCJPO%5VB>P{wmc|Mfm`dD@(h3Azz}%F~YvL**)UFuby6CicUv0tUPDk z{ga$6Ua@<)-KO3`TKhmfzOZP0KNG+@6TpxO=HALlhayo+m1SmL*TFu)&Gly!`{^n~ zpm=lqTQq|!@mn1vv8Jz@*K+N(JTO!jRqKauLO#YUU7y!h&X<64Gj#(R;v4*SoI$Up z%z;v7|4)FR{ov~wgi zj%xE9+;pJP)#NekKkagH!~Z1b1-mrDoF_g>8SDXgj7L4b>S3t3_5hwA^|+#t-Ao_P z4|iNs$MeGtp*!sHbZqCwicRS-KJ@X_CKkPygVpK*ktZ*_Y*GNLYcFSgb>p9tBPLHo zd2zqM5kqjS31@Q?K0knR)r8O0z_BL0JBjl25xoB5V!lu5pE$#K)F~z_9wwYJ$#)!H zOLRECiQ|LG1B&qYCaY>ZvCi`K$b0sS@9W5cUE0SH{eDS|PKlXc3K}b?3}4t1oyIP! z8@QLxCqC9zor1((>vaO4eFq-H`Zl#A?9mBG?6puQ4b4dz0$4jk`O-FQ0gt`5?6mRR zlTmnq`u>=J;q2>GrZ#h`x!2lQPSarVm2Au@r?vBCgSL8B`+?-wvKr;B8tqbFb4AIQ z73JZ>+4+k0;|H|g^lbL!xBK+e%63}5Ur$ZWWnb&=sX51Gjlw&P(&ro(!rv2fj>|e@ z?=kFWW9mbPg+Fhl`)5o_5dlxpGAHMxb`6}E*0}7d#`6x?5)HnD8s9$_=MSttXKS~o zrLy)cseCb3_rhH|Cx@RE)e{oLqm<;r{Lu0IvuDQW6qc_J=?SggPnMRCTb4Ol*B`6nPal-)m!)A ze=S-Ws)hzv6^Sq|qi&yKCaNwSgu2Y$w-B zb`^x36q~^olRbok%QJsm12S!E{C2(ubRD}%o_}_Q@YYV0?(&V8KTj*MX+MtuvPg#M z;LHgK_Vgj2sg`5MZ_XP+pVaJeBRagW)E+{0s!ewHtS)l$8n>;0I7EKQj_?0rN$aUO z06fECN1dx*$fwyQX18oBw{<&2w>w}<8$Qq@*vcFK%iZ7Jzsu7KY74`w4f+anHs=3* z|2A*8;`aW2-jHb;GUIxBYt|aFO+$8C!R{LRmHeFQ!ier6pMv3AXx}%DY z-23~57Y!cR;eEtdBE*a_1YKb{zEYIZOVVJ zz<)60zcJlE?BPDTjJXv)6ncQ!=#n5bz#AZ)Ui|(3ANl>eMRiz}$dWn~2uj9*Ws*~s zCF{FZc6KUgt`0SY^}|F(y+DX=8*weeQpTB z>ZVRWJ-GW#8Vm-?uYH39I~qNde%cc_c}8kM?1pp-?SNL<)$ePq^p9Ha3bjfFzq6aG zk%F%KWCwk%N}7t_b}~(mO#f|dH(sl_s}>$@z#F_UH#fIqnI?#~+jVH?HR$5+-G=zL z`R(2P)7_u>;o%NB^=(e9262-_UA=PQ!9RWYI|(EHZ5+vA_*#pU`$v5DREzBVzo(jv z8dj@LNcXnEtU0P^N^<{%1qWv>Rv^u&wkHs_hoM)9;k(gd`KQT5{u91xiVPo;S`Xjd z4)uG76Y2NSy?IZ4TJ5R5A@7N<#Ontee}?bsSPxGYeD^-KH1R+5TuRve>_;!V7xmZl zEn!!Y-HU1OhELWTv}YR65jw8I#BJPP`05Y;c<om3H&Wu2O4YgG*_2YY)5M-+6vGBWTX|Bv@fdAtzOc;=;&-!EB~4A{juMO%SfP%zlv%u8Ld%e!*g~)B)Q)OW=w2y-+K0~US^`luENRNl znU*(=_YONP*|82$X{0RFGDuYq59mGOR+S7Dmg*H&rT0)Rp`QV08 zq-*5vjqOJD*LGfE;|n6~?5fLmz3SOb?MC(G$iZCj-N+GRo!tO4vUh@S1@suwFWG-< zHu(#Q-v|*Qc9lA?%?mkyA!is8L`98J4K=T!It&He%(SP_q&-EAbA+C1PoZ1=faa^! z>$|!*RH&zx)cNif);hxVhN3(F@xPZ8-UR4YG?X?AU^}GDbdqZo)C^~2L_s+yLYx}; zaS3~V3Lv6;ZtyBm#@WDwp>m#uB2;3^+?O!VB5!mist3caJyygYSrRmgV^N1k(_cWX+xWI15LpuzpsodCk+Qp3c zX6SR#i}$0x4t=+M-c76e+hD1u0bx8eA_!#^Up7tl6dD$cY#c4l?Zl$@yKex-ZuWDA z17I>79kgn48O8h~82w`k(z_HVsN2diWN3SAYZ*8injJuEvId4MTJaJF%M4U09b zH6St0ky&vNkW_IzC}|_Gpqv(OxY}^J;bOzF34WE6QG#V&ywE{tjin3}5S9s@Sn_Wi zmS?a5w&8BW?S`8T*HZqF0(hFHXt{EXklGGtuDFeh?El1 zF=ef^5S2#S7~`1JblC#FO4dx+ z=(rDAf($_;AZy+Tvk`hD)J7nM#YVtJ@Qq*_a2v3zU<(+Rf-zF7grR^@Qb!?i03274 zqkbcC#N`)C*`$EqEUk+9^aZqb9N{Bu030#$E)jrl96w78DnW zTZ!mO=aHmR8lNKP9j;Dn+zUWgIpr8HC2159m5R?O961NAtyh{?7I5yRU<(Q<>r$~P zSzUB=#>VIqFA)keT9Q?A@?>lsKNefZ_F-$?#@dZF8>=@~ZLGY?XvuW&!4_N4<1M*l zD>(;dB8UL7BCKB!!X~)FP#dAL5}fk_4w*Qj7DajU2}DKMydZ?5-)2RD?!z z7g3wJER=@os5twA5Y~ZNAx&YN32&oHNi&IVLGoH!Uu2^o_={0!ISPlGR)EvVxZs84 z_!lA?c8~1A-f*gnWv8APDrm1$6ucM=l6p=Q?qVG&jlSFEGtqVE296d0O z{xX;JQIq!MQSC&*KxWj0iFp%qh&ZlVDJF6RYZORmrJ7aK6glutui{bznODpE0W+tOfiYaQIJPLzF2H>g1fn5>@ zRNWCJ+vqG@(ZCq;q&28tI7U;-@)ievNgPlWYgE%H`_>Q#A}1!3K!G$mB3)V>E+PjB zU3KH56WlXnf|uNu!X-E(BG09jL7^|%{|JUjjK(w?Iw7<`O`b6B57vhOLUeqfE{TH% z^r$664gEm5nUv7Nt9p73Ux2ofWweN_88+)SlaTSM3@p~ zK_Cr;y(mATS7iea7L}5W2~Ztq3^sy`Nue8J8kYfGKTf{iAcs=j1&QyZJ<9B<7qJ zbcQ*4!yMgVj&3menD{|DqbJPK73Sy*bB*ORmP3D;E20OMLkAg6*gC$1>k)XO3Dz22 zOAMQE*q9I57UjHCQaMpnYLi|s0acS}BbSB<(g|T?Vku!LBCT8cgw-+h|pYqQn~QIjrjFFM`3qlVeE9EdfC&DCis|{blt^ zMpq<83cwP_h^zoQ-Kch@ml-fjQ`9STOtBjK8heMT9phG%5NATjtQeyLrLlEp812=Z z7%<-U&TVSPF3>@;5)Pj`eD3f$O}SjA!x-<8A7Mp^4#mo0@W+BC-D?2D!luLU?Q|HW z&jeYrvB@}v;wZc>)?-K~P+z-tgvGbh;anVefocc?2%WP_LU3{qgpCS9F-?c%x6|PQ zMPQiVg;bsaI)vbr#K>7G>`NBB(NNzIOAE-(SOdam?Ie1jk|t~|b57_0tYK;X4JoaF zT`S&dQv!LsD8kaAZ^|+TBNz}i5dbiAjvfQ07th#ZVCtA2FND9?!Q^m^lPJt-X0>Lj z2vlb*`J_YJY5Prex@HTl5k7J*yva&qtb^*z7bRUvy6v?4raFxQ9EVsK%gE4PF`b3N zz@m7irIRAIX?ONbbvgjel=^5>;OJNy83jYt9nfY$W~|lPie__w;^VK*wREv~sf%K! zV7y`^GoV;77|odAGV|T!Pwk-oN;?TfVoVm8jp$Ux;2B0b!7C<{eJsj~AW;TK3Q#*%0n0B}SBM-y-~L66f*FrM_A z!Os|E8zw9(K}g1wvB(Q(e1xSOA6In@0omnK8$ex#VvSyzK&%6zFHyz~R2&BUDFwz@ zDjs=+E3ZRoD4;Gk1gdb6fUKQS#=GpLhvGb!IeCN5Zi|4u7y@3zqIIFpm&5^eB1B^oni}Jj@|>fl zRJ4puGjD9Gk!QDJIKy^5;vU zC`t}q%MzqlNX8Nze&HBLD~FB-I^?trhSBnMgyU#owHf1zaUVGPi?~o|f}sdFS~!Mv ztZVzShW`%dD}G#Ee?hF-Wx4YvFRVJxiFCPpVsM5c6Tt`zMU zuqH)~Ix0|9CoohO%;5*2GJ_wDALOT2#*uj!`>bXez3<2 zt`S2kfZgUH#GrvkhsH;s@y+P1OKqD@qk{aVI_(@gVOv0G&~I7Yi?b6YB#;R^TOfHxc@OC& zrN?9TNGW3)qLB0RiinbZ5IR$yNjeR|kVnY1_UMvGhAv`D6!WTxg27{8=tn8$83wgQ zTZ|zvs1~6V3^+?m6#J@(f}v8$t{@ErMwCohQ?v*o1_)9*(J4~+rWC2+5!FLdIVAkg zM(?flG72cDVUw-FCY5{iS;y z&I@#cWtNq$^4(1t4CR}q433fO(}`gmbHQNT>N2g% zEwn6G%H(qiB4AwG5W~CMc{tRSEm1lJ0?hKo^S!33O(8lR*H zQkDr#Ur}1em>ha{z8EjOk9 z)SH@L7N{{2uTN{qt$3@WiG1Etr_f@p}+jq5GDt&jMvx)#v_s?Yb262!5NyU z4Q+zLh*w7#S1@XgSqB@nq)qeL1s5Zjl%WI;En)QQA&5t=(18+K0+~T2#zRaRBYVT0 z4ZMlvFXynnC=)C(fT3Ns&M}|85gE{Hmo8+jM9^RwVq7kqd0E5|B5A`5t@X9CXqFtt zxypmEXoy8SFK1qlKf-lDGn-gR98wOZXeVU!+UJybV6E=3ug4$ZC>bdln)TpL(aB2? z(Ihhno^!=o4zaJtx)hL_`DlgW0b-=Xp^S?@TgDTe>)aCL^(2V0;zn~HrRBg>F^Tqx zqSJ=TH0#uywjl`_I<%1x`l>R;K4g{*+KfQE1%r}_=6aEkhB1Y5QOyNnO1%@7&WuLL zi0!v+HfX~Ls!0Ad9`?`n{wcsK#N6G>9f;H%Bf%4c-%|iBV zZ14ERsq)ek1W)LT=csiE!P4RAMS7OFG^j}F#Ql~q>eUgZcoY_0SeDLNZ6IUV5)5rF zbsz;V<0)q9`70w3x6aXG)8wTVG1+7_DjC`&Y+N$!?o2`0zET1~Dxr8=xS`xgf?%DM z5yh*-f;HlJ+371J5Mx1jWEZAwEYb$)&}hq?HF|3notBn^#H%Gx$%1F;L21VdDrf73 zQPSi(AD$#{38Y^gVQ6)m4vHx)J*|4lv?m!#QdSgK+P$Cxd-2)`!%g8JP>e#77EQQ7 zCFCp}y$H$rW~-89ugv)?MH{AQ!Hkfc`HYIjqDu_1BpD32hA5Y3mKQ}7S)55KD?!%+ zBwAQQyW2s=jByli7eGtKUY!VKfg8{|&SnJR5*Jq7TwSt!#XyQ_`j7A$nPUq-0u>i%SmN2g` z3RjFl2+9Ow0gVrG3&sd8Naq=2QOP$FHIn4^Dxhm@f-OEJU{U1gbB-xw)JGEKF1LkB84QdDYy!=9FDS~@fVN#(FdbZcg96$gNvW|Bxch3%A93imb!iyU2|tM_E1cNJ3aqG9#nJ$dN9E%08;30ZeMxi0;*XZbJc*z;TzTv(T&w?VR$$(JE=1 zT@dwXKB>)D*qEfP5g9dKc9AX=2wDN;98kSTR1nQo?OLCwF;KL&4>er`%H88oDPc;Y z1MiK)P`}Ycn(tcE>~L#n7|@L12kW5rmI_-{h^4}^ba|A*@^l{kQ)0lOR$61@feFS@tpvqdB;-YrD8>P*w2%y4 zA|f+3udFjXBj=%l*DVt2qDW|GOYx{6APcl)s2);&N#}DQFNnb4hj4lX%HKO*cdW@VLOj@Gb^qT T64o;6_=5i*B<6*5<6Qv&)pYo2 diff --git a/creusot/tests/should_succeed/loop.mlcfg b/creusot/tests/should_succeed/loop.mlcfg index c501790634..f5384ca1dd 100644 --- a/creusot/tests/should_succeed/loop.mlcfg +++ b/creusot/tests/should_succeed/loop.mlcfg @@ -17,10 +17,10 @@ module Loop_F goto BB0 } BB0 { - [#"../loop.rs" 4 16 4 18] a <- ([#"../loop.rs" 4 16 4 18] [#"../loop.rs" 4 16 4 18] (10 : int32)); + [#"../loop.rs" 4 16 4 18] a <- ([#"../loop.rs" 4 16 4 18] (10 : int32)); [#"../loop.rs" 5 12 5 18] b <- Borrow.borrow_mut a; [#"../loop.rs" 5 12 5 18] a <- ^ b; - [#"../loop.rs" 6 4 6 10] b <- { b with current = ([#"../loop.rs" 6 4 6 10] [#"../loop.rs" 6 9 6 10] (5 : int32)) ; }; + [#"../loop.rs" 6 4 6 10] b <- { b with current = ([#"../loop.rs" 6 4 6 10] (5 : int32)) ; }; assume { resolve0 b }; goto BB1 } @@ -28,7 +28,7 @@ module Loop_F goto BB2 } BB2 { - switch ([#"../loop.rs" 8 11 8 15] [#"../loop.rs" 8 11 8 15] true) + switch (true) | False -> goto BB4 | True -> goto BB3 end diff --git a/creusot/tests/should_succeed/mapping_test.mlcfg b/creusot/tests/should_succeed/mapping_test.mlcfg index e44734dd03..e754183262 100644 --- a/creusot/tests/should_succeed/mapping_test.mlcfg +++ b/creusot/tests/should_succeed/mapping_test.mlcfg @@ -69,7 +69,7 @@ module MappingTest_Incr goto BB1 } BB1 { - [#"../mapping_test.rs" 32 4 32 15] t <- { t with current = (let MappingTest_T_Type.C_T x0 = * t in MappingTest_T_Type.C_T ([#"../mapping_test.rs" 32 4 32 15] MappingTest_T_Type.t_a ( * t) + ([#"../mapping_test.rs" 32 14 32 15] [#"../mapping_test.rs" 32 14 32 15] (1 : int32)))) ; }; + [#"../mapping_test.rs" 32 4 32 15] t <- { t with current = (let MappingTest_T_Type.C_T x0 = * t in MappingTest_T_Type.C_T ([#"../mapping_test.rs" 32 4 32 15] MappingTest_T_Type.t_a ( * t) + (1 : int32))) ; }; assume { resolve0 t }; assert { [@expl:assertion] [#"../mapping_test.rs" 35 19 35 50] shallow_model0 ( ^ t) = Map.set (shallow_model1 old_t) (Int32.to_int (MappingTest_T_Type.t_a ( * Snapshot.inner old_t))) 1 }; [#"../mapping_test.rs" 30 19 36 1] _0 <- ([#"../mapping_test.rs" 30 19 36 1] ()); @@ -122,7 +122,7 @@ module MappingTest_F goto BB0 } BB0 { - [#"../mapping_test.rs" 39 16 39 27] x <- ([#"../mapping_test.rs" 39 16 39 27] MappingTest_T_Type.C_T ([#"../mapping_test.rs" 39 23 39 25] [#"../mapping_test.rs" 39 23 39 25] (42 : int32))); + [#"../mapping_test.rs" 39 16 39 27] x <- ([#"../mapping_test.rs" 39 16 39 27] MappingTest_T_Type.C_T (42 : int32)); assert { [@expl:assertion] [#"../mapping_test.rs" 40 19 40 34] Map.get (shallow_model0 x) 13 = 1 }; assert { [@expl:assertion] [#"../mapping_test.rs" 41 19 41 34] Map.get (shallow_model0 x) 42 = 0 }; [#"../mapping_test.rs" 42 9 42 15] _8 <- Borrow.borrow_mut x; diff --git a/creusot/tests/should_succeed/match_int.mlcfg b/creusot/tests/should_succeed/match_int.mlcfg index 7454523f38..96b4b86e70 100644 --- a/creusot/tests/should_succeed/match_int.mlcfg +++ b/creusot/tests/should_succeed/match_int.mlcfg @@ -6,18 +6,22 @@ module MatchInt_F = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var _1 : int32; + var _2 : bool; + var _3 : bool; { goto BB0 } BB0 { - [#"../match_int.rs" 8 10 8 11] _1 <- ([#"../match_int.rs" 8 10 8 11] [#"../match_int.rs" 8 10 8 11] (1 : int32)); - switch ([#"../match_int.rs" 9 8 9 13] ([#"../match_int.rs" 9 8 9 13] [#"../match_int.rs" 9 8 9 13] (0 : int32)) <= _1) + [#"../match_int.rs" 8 10 8 11] _1 <- ([#"../match_int.rs" 8 10 8 11] (1 : int32)); + [#"../match_int.rs" 9 8 9 13] _2 <- ([#"../match_int.rs" 9 8 9 13] (0 : int32) <= _1); + switch (_2) | False -> goto BB3 | True -> goto BB1 end } BB1 { - switch ([#"../match_int.rs" 9 8 9 13] _1 < ([#"../match_int.rs" 9 8 9 13] [#"../match_int.rs" 9 8 9 13] (10 : int32))) + [#"../match_int.rs" 9 8 9 13] _3 <- ([#"../match_int.rs" 9 8 9 13] _1 < (10 : int32)); + switch (_3) | False -> goto BB3 | True -> goto BB2 end @@ -41,13 +45,13 @@ module MatchInt_F goto BB10 } BB6 { - switch ([#"../match_int.rs" 16 20 16 25] [#"../match_int.rs" 16 20 16 25] false) + switch (false) | False -> goto BB13 | True -> goto BB14 end } BB7 { - switch ([#"../match_int.rs" 10 20 10 24] [#"../match_int.rs" 10 20 10 24] true) + switch (true) | False -> goto BB8 | True -> goto BB9 end @@ -61,7 +65,7 @@ module MatchInt_F goto BB15 } BB10 { - switch ([#"../match_int.rs" 13 20 13 25] [#"../match_int.rs" 13 20 13 25] false) + switch (false) | False -> goto BB11 | True -> goto BB12 end diff --git a/creusot/tests/should_succeed/match_int/why3session.xml b/creusot/tests/should_succeed/match_int/why3session.xml index 029b3bfa46..da3aef9e74 100644 --- a/creusot/tests/should_succeed/match_int/why3session.xml +++ b/creusot/tests/should_succeed/match_int/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/match_int/why3shapes.gz b/creusot/tests/should_succeed/match_int/why3shapes.gz index 9bda644fe123fd1c646ac82c9dee788e226518b5..a6d77063dbd99c60772923c5efd1cefbf1a15a6e 100644 GIT binary patch literal 241 zcmVCtSqsw8*2fcVakP#3j)w*^GtusocW{^ot_XIrw+#Df*90C9U?JaIX literal 182 zcmV;n07?HJiwFP!00000|80#i6M`@dh4=o7Y${VjDToI{&(pIDBYRru$pRj5{(hll z0M8{ac`wO#j9`4xyBXor3}f4O7f2yGF{hn!n#!8nR0WwQYP(6qhq-#A@_`Jw{LQ7R zsMtBkH5H}hTQeNvO$Fle5c_Pf&0zNqV0*!S4RyF|u0IQ! ([#"../mc91.rs" 8 11 8 14] [#"../mc91.rs" 8 11 8 14] (100 : uint32))) + [#"../mc91.rs" 8 7 8 14] _3 <- ([#"../mc91.rs" 8 7 8 14] x > (100 : uint32)); + switch (_3) | False -> goto BB2 | True -> goto BB1 end } BB1 { - [#"../mc91.rs" 9 8 9 14] _0 <- ([#"../mc91.rs" 9 8 9 14] ([#"../mc91.rs" 9 8 9 9] x) - ([#"../mc91.rs" 9 12 9 14] [#"../mc91.rs" 9 12 9 14] (10 : uint32))); + [#"../mc91.rs" 9 8 9 14] _0 <- ([#"../mc91.rs" 9 8 9 14] x - (10 : uint32)); goto BB5 } BB2 { - [#"../mc91.rs" 11 13 11 25] _6 <- ([#"../mc91.rs" 11 13 11 25] mc91 ([#"../mc91.rs" 11 18 11 24] ([#"../mc91.rs" 11 18 11 19] x) + ([#"../mc91.rs" 11 22 11 24] [#"../mc91.rs" 11 22 11 24] (11 : uint32)))); + [#"../mc91.rs" 11 18 11 24] _7 <- ([#"../mc91.rs" 11 18 11 24] x + (11 : uint32)); + [#"../mc91.rs" 11 13 11 25] _6 <- ([#"../mc91.rs" 11 13 11 25] mc91 _7); + _7 <- any uint32; goto BB3 } BB3 { diff --git a/creusot/tests/should_succeed/mc91/why3session.xml b/creusot/tests/should_succeed/mc91/why3session.xml index bfb5658fb7..55e9bbc6ef 100644 --- a/creusot/tests/should_succeed/mc91/why3session.xml +++ b/creusot/tests/should_succeed/mc91/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/mc91/why3shapes.gz b/creusot/tests/should_succeed/mc91/why3shapes.gz index e9497767199efb59ce8cf4e57337b280f410f122..6ebd1aec4ccc9d9ab55c5e685415c931f65a5990 100644 GIT binary patch literal 248 zcmVb7~u5-%4BQt0dE%%Yd!H569=zhp;A2^+se zGDr>GCA5Tf8iZv&rbcB`w3?!2h?aM>nn7PfJ*LtK?Xks_%|kZ7v&9UXKiJ$bpUvRS zTajug;LF+Tnz7d&hZofF(e>6uqadnpvtw!IvbxA}sGHBK?VG&|)wk)tj==USOUgl( yJdqUzGC4l99sVA!f)JqxMJfTLii8D8Y+R`Xn6;cSr37HQCFln>+qYXu0ssIAM|mv( literal 212 zcmV;_04x6=iwFP!00000|83CU3W6{c2Jrhm#qKI2*k5&#frODSu-iE5q+O(;+4HA@ zpw64Y&Ug61clI7`U+^(4{+Xt=b#=x*_6`Ul=xp`nY}dbThf>H)F%ghLC?YX^ O5cCJFd;3!Z0ssI_GG*NW diff --git a/creusot/tests/should_succeed/mutex.mlcfg b/creusot/tests/should_succeed/mutex.mlcfg index fdb4f10ec5..ece0d14179 100644 --- a/creusot/tests/should_succeed/mutex.mlcfg +++ b/creusot/tests/should_succeed/mutex.mlcfg @@ -143,24 +143,27 @@ module Mutex_Impl3_Call var v : Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even); var val' : uint32; var _5 : uint32; + var _7 : bool; var _9 : (); var _10 : borrowed (Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even)); + var _11 : uint32; var _13 : (); var _14 : borrowed (Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even)); { goto BB0 } BB0 { - [#"../mutex.rs" 101 20 101 37] v <- ([#"../mutex.rs" 101 20 101 37] lock0 ([#"../mutex.rs" 101 20 101 30] Mutex_AddsTwo_Type.addstwo_mutex self)); + [#"../mutex.rs" 101 20 101 37] v <- ([#"../mutex.rs" 101 20 101 37] lock0 (Mutex_AddsTwo_Type.addstwo_mutex self)); goto BB1 } BB1 { - [#"../mutex.rs" 102 19 102 28] _5 <- ([#"../mutex.rs" 102 19 102 28] deref0 ([#"../mutex.rs" 102 19 102 20] v)); + [#"../mutex.rs" 102 19 102 28] _5 <- ([#"../mutex.rs" 102 19 102 28] deref0 v); goto BB2 } BB2 { [#"../mutex.rs" 102 18 102 28] val' <- ([#"../mutex.rs" 102 18 102 28] _5); - switch ([#"../mutex.rs" 103 11 103 23] ([#"../mutex.rs" 103 11 103 14] val') < ([#"../mutex.rs" 103 17 103 23] [#"../mutex.rs" 103 17 103 23] (100000 : uint32))) + [#"../mutex.rs" 103 11 103 23] _7 <- ([#"../mutex.rs" 103 11 103 23] val' < (100000 : uint32)); + switch (_7) | False -> goto BB5 | True -> goto BB3 end @@ -168,8 +171,10 @@ module Mutex_Impl3_Call BB3 { [#"../mutex.rs" 104 12 104 13] _10 <- Borrow.borrow_mut v; [#"../mutex.rs" 104 12 104 13] v <- ^ _10; - [#"../mutex.rs" 104 12 104 26] _9 <- ([#"../mutex.rs" 104 12 104 26] set0 _10 ([#"../mutex.rs" 104 18 104 25] ([#"../mutex.rs" 104 18 104 21] val') + ([#"../mutex.rs" 104 24 104 25] [#"../mutex.rs" 104 24 104 25] (2 : uint32)))); + [#"../mutex.rs" 104 18 104 25] _11 <- ([#"../mutex.rs" 104 18 104 25] val' + (2 : uint32)); + [#"../mutex.rs" 104 12 104 26] _9 <- ([#"../mutex.rs" 104 12 104 26] set0 _10 _11); _10 <- any borrowed (Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even)); + _11 <- any uint32; goto BB4 } BB4 { @@ -179,7 +184,7 @@ module Mutex_Impl3_Call BB5 { [#"../mutex.rs" 106 12 106 13] _14 <- Borrow.borrow_mut v; [#"../mutex.rs" 106 12 106 13] v <- ^ _14; - [#"../mutex.rs" 106 12 106 20] _13 <- ([#"../mutex.rs" 106 12 106 20] set0 _14 ([#"../mutex.rs" 106 18 106 19] [#"../mutex.rs" 106 18 106 19] (0 : uint32))); + [#"../mutex.rs" 106 12 106 20] _13 <- ([#"../mutex.rs" 106 12 106 20] set0 _14 (0 : uint32)); _14 <- any borrowed (Mutex_MutexGuard_Type.t_mutexguard uint32 (Mutex_Even_Type.t_even)); goto BB6 } @@ -405,6 +410,7 @@ module Mutex_Concurrent var m : Mutex_Mutex_Type.t_mutex uint32 (Mutex_Even_Type.t_even); var _2 : borrowed (Mutex_Mutex_Type.t_mutex uint32 (Mutex_Even_Type.t_even)); var _4 : Mutex_Mutex_Type.t_mutex uint32 (Mutex_Even_Type.t_even); + var _5 : Mutex_Even_Type.t_even; var t1 : Mutex_AddsTwo_Type.t_addstwo; var _8 : Mutex_Mutex_Type.t_mutex uint32 (Mutex_Even_Type.t_even); var j1 : Mutex_JoinHandle_Type.t_joinhandle () (Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo)); @@ -417,7 +423,9 @@ module Mutex_Concurrent goto BB0 } BB0 { - [#"../mutex.rs" 164 38 164 57] _4 <- ([#"../mutex.rs" 164 38 164 57] new0 ([#"../mutex.rs" 164 49 164 50] [#"../mutex.rs" 164 49 164 50] (0 : uint32)) ([#"../mutex.rs" 164 52 164 56] Mutex_Even_Type.C_Even)); + [#"../mutex.rs" 164 52 164 56] _5 <- ([#"../mutex.rs" 164 52 164 56] Mutex_Even_Type.C_Even); + [#"../mutex.rs" 164 38 164 57] _4 <- ([#"../mutex.rs" 164 38 164 57] new0 (0 : uint32) _5); + _5 <- any Mutex_Even_Type.t_even; goto BB1 } BB1 { @@ -432,26 +440,26 @@ module Mutex_Concurrent [#"../mutex.rs" 164 24 164 59] m <- ([#"../mutex.rs" 164 24 164 59] * _2); assume { resolve0 _2 }; [#"../mutex.rs" 165 30 165 32] _8 <- ([#"../mutex.rs" 165 30 165 32] m); - [#"../mutex.rs" 165 13 165 34] t1 <- ([#"../mutex.rs" 165 13 165 34] Mutex_AddsTwo_Type.C_AddsTwo ([#"../mutex.rs" 165 30 165 32] _8)); - [#"../mutex.rs" 166 13 166 22] j1 <- ([#"../mutex.rs" 166 13 166 22] spawn0 ([#"../mutex.rs" 166 19 166 21] t1)); - [#"../mutex.rs" 166 19 166 21] t1 <- any Mutex_AddsTwo_Type.t_addstwo; + [#"../mutex.rs" 165 13 165 34] t1 <- ([#"../mutex.rs" 165 13 165 34] Mutex_AddsTwo_Type.C_AddsTwo _8); + [#"../mutex.rs" 166 13 166 22] j1 <- ([#"../mutex.rs" 166 13 166 22] spawn0 t1); + t1 <- any Mutex_AddsTwo_Type.t_addstwo; goto BB4 } BB4 { [#"../mutex.rs" 167 30 167 32] _13 <- ([#"../mutex.rs" 167 30 167 32] m); - [#"../mutex.rs" 167 13 167 34] t2 <- ([#"../mutex.rs" 167 13 167 34] Mutex_AddsTwo_Type.C_AddsTwo ([#"../mutex.rs" 167 30 167 32] _13)); - [#"../mutex.rs" 168 13 168 22] j2 <- ([#"../mutex.rs" 168 13 168 22] spawn0 ([#"../mutex.rs" 168 19 168 21] t2)); - [#"../mutex.rs" 168 19 168 21] t2 <- any Mutex_AddsTwo_Type.t_addstwo; + [#"../mutex.rs" 167 13 167 34] t2 <- ([#"../mutex.rs" 167 13 167 34] Mutex_AddsTwo_Type.C_AddsTwo _13); + [#"../mutex.rs" 168 13 168 22] j2 <- ([#"../mutex.rs" 168 13 168 22] spawn0 t2); + t2 <- any Mutex_AddsTwo_Type.t_addstwo; goto BB5 } BB5 { - [#"../mutex.rs" 171 12 171 21] _16 <- ([#"../mutex.rs" 171 12 171 21] join0 ([#"../mutex.rs" 171 12 171 14] j1)); - [#"../mutex.rs" 171 12 171 14] j1 <- any Mutex_JoinHandle_Type.t_joinhandle () (Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo)); + [#"../mutex.rs" 171 12 171 21] _16 <- ([#"../mutex.rs" 171 12 171 21] join0 j1); + j1 <- any Mutex_JoinHandle_Type.t_joinhandle () (Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo)); goto BB6 } BB6 { - [#"../mutex.rs" 172 12 172 21] _18 <- ([#"../mutex.rs" 172 12 172 21] join0 ([#"../mutex.rs" 172 12 172 14] j2)); - [#"../mutex.rs" 172 12 172 14] j2 <- any Mutex_JoinHandle_Type.t_joinhandle () (Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo)); + [#"../mutex.rs" 172 12 172 21] _18 <- ([#"../mutex.rs" 172 12 172 21] join0 j2); + j2 <- any Mutex_JoinHandle_Type.t_joinhandle () (Mutex_SpawnPostCond_Type.t_spawnpostcond (Mutex_AddsTwo_Type.t_addstwo)); goto BB7 } BB7 { diff --git a/creusot/tests/should_succeed/mutex/why3session.xml b/creusot/tests/should_succeed/mutex/why3session.xml index 559a6ed8d4..d91e9c0791 100644 --- a/creusot/tests/should_succeed/mutex/why3session.xml +++ b/creusot/tests/should_succeed/mutex/why3session.xml @@ -9,12 +9,12 @@ - + - + diff --git a/creusot/tests/should_succeed/mutex/why3shapes.gz b/creusot/tests/should_succeed/mutex/why3shapes.gz index 3db86a94df61bc03e1c694befe3a50acf929d89e..b1886030a6767f8d48fed2ff65857faf7c004899 100644 GIT binary patch literal 593 zcmV-X0 zkWBmc^#ej?`p5!K%)Q6Q_Z)b;DaS{1@?&}N!+7Ys4<#=*?~3V%Idm7UQ8PoPVS!ZR z1!7GW2%0VsY1R~XiJ(RG+)Wc8;nMlRJe?>1^Xu6RZU<%)p0;RfK83pm(gYOOh^`vb znB(ZP7N{03{$H+GnaC;)B9WaB-9+%4a1ATw{fqz5;wIAVY=7?D_~+9^6*$?Vi$z@z z!`W-d5Ak7^85hmRR|J6KuSu1lVMa*H0Maz&KTo5pP*vwarz2HbMe=hF6Q&qe9;t{3X^T7$FxovsAg^7 z`a}0DG0q1S5!JIasLg5cZQr@W6tarK%I82* zJ2yT&_Zp`RVWdIkAU*C^yY#6lQ@^pX(xEg`Vf9Mjv}#&hsvf4q3K1c1a?;9P=( z%Xz2J26c{1^1aTZ1oSchOiLs8^5`+S-fGMB~h=R}t3XqbjDyWr|T1583c_T&Z feT#ToRm@3-q_-sog^>cOpelX?mKP39vjhMDOywt@ literal 571 zcmV-B0>u3viwFP!00000|9w+UZ=5g`yz?u#wM{R6{&v+KP!!}ym3pasT^TUVwj0<2 zyJ`P@A2x*Dq%8*+%)IgN=K1YSK0f$k81r)&#(m#?$Yp->E}MS(eRr0QlnWFNR>&P) zA$4qp;P?uO6J@rK0yQa?Y8C;*TNeiZc$&hmZzn%AJMcI7wI=ue6Fwc#64AUyoi39L zkgJOLuL=_6TzuMh6QghNjtl<%)jQO*oJDq3f9jg?_1EYFmH6s|&ptlBpaGe$$OQ+a zjEFdcAhyW-)2P$PDpL3KT&A5$Rp3;CTShYS6z3 zCoCs{I9-$3&fPh5&k6QjeHw<)P0y_-+hM{S{jndX%NDtGoWRY_U$k%82Qv?k$LaSj z9`G!yf;WcIn#oGEQkcLMBE goto BB2 | True -> goto BB1 end @@ -39,7 +40,9 @@ module OneSideUpdate_F goto BB3 } BB2 { - [#"../one_side_update.rs" 11 8 11 21] b <- { b with current = ([#"../one_side_update.rs" 11 13 11 21] OneSideUpdate_MyInt_Type.C_MyInt ([#"../one_side_update.rs" 11 19 11 20] [#"../one_side_update.rs" 11 19 11 20] (5 : usize))) ; }; + [#"../one_side_update.rs" 11 13 11 21] _6 <- ([#"../one_side_update.rs" 11 13 11 21] OneSideUpdate_MyInt_Type.C_MyInt (5 : usize)); + [#"../one_side_update.rs" 11 8 11 21] b <- { b with current = ([#"../one_side_update.rs" 11 8 11 21] _6) ; }; + _6 <- any OneSideUpdate_MyInt_Type.t_myint; assume { resolve0 b }; [#"../one_side_update.rs" 10 11 12 5] _0 <- ([#"../one_side_update.rs" 10 11 12 5] ()); goto BB3 diff --git a/creusot/tests/should_succeed/option.mlcfg b/creusot/tests/should_succeed/option.mlcfg index a20c0465cf..8091735123 100644 --- a/creusot/tests/should_succeed/option.mlcfg +++ b/creusot/tests/should_succeed/option.mlcfg @@ -242,8 +242,11 @@ module Option_TestOption var _6 : bool; var _10 : bool; var _12 : bool; + var _16 : bool; var _17 : int32; + var _21 : bool; var _22 : int32; + var _26 : bool; var _27 : int32; var _31 : bool; var _33 : Core_Option_Option_Type.t_option (borrowed int32); @@ -251,56 +254,78 @@ module Option_TestOption var _36 : borrowed int32; var _37 : Core_Option_Option_Type.t_option (borrowed int32); var _38 : borrowed (Core_Option_Option_Type.t_option int32); + var _40 : bool; var _41 : int32; var _44 : borrowed int32; var _45 : Core_Option_Option_Type.t_option (borrowed int32); var _46 : borrowed (Core_Option_Option_Type.t_option int32); + var _48 : bool; var _49 : int32; var _53 : bool; var _55 : Core_Option_Option_Type.t_option int32; + var _59 : bool; var _61 : int32; var _62 : Core_Option_Option_Type.t_option int32; var _66 : bool; var _68 : Core_Option_Option_Type.t_option int32; var _73 : bool; var _75 : Core_Option_Option_Type.t_option int32; + var _77 : Core_Option_Option_Type.t_option int32; var _80 : bool; var _82 : Core_Option_Option_Type.t_option int32; + var _87 : bool; var _88 : int32; var _89 : Core_Option_Option_Type.t_option int32; + var _91 : Core_Option_Option_Type.t_option int32; var _94 : bool; var _96 : Core_Option_Option_Type.t_option int32; + var _101 : bool; var _102 : int32; var _103 : Core_Option_Option_Type.t_option int32; + var _105 : Core_Option_Option_Type.t_option int32; + var _108 : bool; var _109 : int32; var _110 : Core_Option_Option_Type.t_option int32; + var _115 : bool; var _116 : int32; var _117 : Core_Option_Option_Type.t_option int32; + var _119 : Core_Option_Option_Type.t_option int32; var _122 : bool; var _124 : Core_Option_Option_Type.t_option int32; var _125 : borrowed (Core_Option_Option_Type.t_option int32); var _128 : bool; + var _132 : bool; var _133 : int32; var _134 : Core_Option_Option_Type.t_option int32; var _135 : borrowed (Core_Option_Option_Type.t_option int32); var _138 : bool; + var _141 : Core_Option_Option_Type.t_option int32; var _143 : bool; var _145 : Core_Option_Option_Type.t_option int32; var _146 : borrowed (Core_Option_Option_Type.t_option int32); + var _149 : bool; var _150 : int32; + var _153 : Core_Option_Option_Type.t_option int32; + var _155 : bool; var _156 : int32; var _157 : Core_Option_Option_Type.t_option int32; var _158 : borrowed (Core_Option_Option_Type.t_option int32); + var _161 : bool; var _162 : int32; + var _166 : bool; var _167 : int32; var _168 : Core_Option_Option_Type.t_option int32; var _169 : borrowed (Core_Option_Option_Type.t_option int32); + var _172 : bool; var _173 : int32; + var _177 : bool; var _178 : int32; + var _182 : bool; var _183 : int32; var _187 : bool; var _189 : Core_Option_Option_Type.t_option int32; var _190 : Core_Option_Option_Type.t_option int32; + var _194 : bool; var _195 : int32; var _196 : Core_Option_Option_Type.t_option int32; var _197 : Core_Option_Option_Type.t_option int32; @@ -308,6 +333,7 @@ module Option_TestOption var _203 : Core_Option_Option_Type.t_option int32; var _204 : Core_Option_Option_Type.t_option (borrowed int32); var _205 : borrowed (Core_Option_Option_Type.t_option int32); + var _208 : bool; var _209 : int32; var _210 : Core_Option_Option_Type.t_option int32; var _211 : Core_Option_Option_Type.t_option (borrowed int32); @@ -315,6 +341,7 @@ module Option_TestOption var _215 : bool; var _217 : Core_Option_Option_Type.t_option int32; var _218 : Core_Option_Option_Type.t_option int32; + var _222 : bool; var _223 : int32; var _224 : Core_Option_Option_Type.t_option int32; var _225 : Core_Option_Option_Type.t_option int32; @@ -322,6 +349,7 @@ module Option_TestOption var _231 : Core_Option_Option_Type.t_option int32; var _232 : Core_Option_Option_Type.t_option (borrowed int32); var _233 : borrowed (Core_Option_Option_Type.t_option int32); + var _236 : bool; var _237 : int32; var _238 : Core_Option_Option_Type.t_option int32; var _239 : Core_Option_Option_Type.t_option (borrowed int32); @@ -330,9 +358,12 @@ module Option_TestOption var _244 : bool; var _246 : Core_Option_Option_Type.t_option int32; var opt1 : Core_Option_Option_Type.t_option (Core_Option_Option_Type.t_option int32); + var _250 : Core_Option_Option_Type.t_option int32; var _252 : bool; var _254 : Core_Option_Option_Type.t_option int32; var opt2 : Core_Option_Option_Type.t_option (Core_Option_Option_Type.t_option int32); + var _258 : Core_Option_Option_Type.t_option int32; + var _260 : bool; var _261 : int32; var _262 : Core_Option_Option_Type.t_option int32; { @@ -340,8 +371,8 @@ module Option_TestOption } BB0 { [#"../option.rs" 5 32 5 36] none <- ([#"../option.rs" 5 32 5 36] Core_Option_Option_Type.C_None); - [#"../option.rs" 6 32 6 39] some <- ([#"../option.rs" 6 32 6 39] Core_Option_Option_Type.C_Some ([#"../option.rs" 6 37 6 38] [#"../option.rs" 6 37 6 38] (1 : int32))); - [#"../option.rs" 9 12 9 26] _4 <- ([#"../option.rs" 9 12 9 26] is_some0 ([#"../option.rs" 9 12 9 16] some)); + [#"../option.rs" 6 32 6 39] some <- ([#"../option.rs" 6 32 6 39] Core_Option_Option_Type.C_Some (1 : int32)); + [#"../option.rs" 9 12 9 26] _4 <- ([#"../option.rs" 9 12 9 26] is_some0 some); goto BB1 } BB1 { @@ -351,7 +382,7 @@ module Option_TestOption end } BB2 { - [#"../option.rs" 9 31 9 45] _6 <- ([#"../option.rs" 9 31 9 45] is_some0 ([#"../option.rs" 9 31 9 35] none)); + [#"../option.rs" 9 31 9 45] _6 <- ([#"../option.rs" 9 31 9 45] is_some0 none); goto BB3 } BB3 { @@ -364,7 +395,7 @@ module Option_TestOption goto BB7 } BB5 { - [#"../option.rs" 11 12 11 26] _10 <- ([#"../option.rs" 11 12 11 26] is_none0 ([#"../option.rs" 11 12 11 16] none)); + [#"../option.rs" 11 12 11 26] _10 <- ([#"../option.rs" 11 12 11 26] is_none0 none); goto BB8 } BB6 { @@ -381,7 +412,7 @@ module Option_TestOption end } BB9 { - [#"../option.rs" 11 31 11 45] _12 <- ([#"../option.rs" 11 31 11 45] is_none0 ([#"../option.rs" 11 31 11 35] some)); + [#"../option.rs" 11 31 11 45] _12 <- ([#"../option.rs" 11 31 11 45] is_none0 some); goto BB10 } BB10 { @@ -394,7 +425,7 @@ module Option_TestOption goto BB14 } BB12 { - [#"../option.rs" 14 12 14 25] _17 <- ([#"../option.rs" 14 12 14 25] unwrap0 ([#"../option.rs" 14 12 14 16] some)); + [#"../option.rs" 14 12 14 25] _17 <- ([#"../option.rs" 14 12 14 25] unwrap0 some); goto BB15 } BB13 { @@ -405,13 +436,15 @@ module Option_TestOption absurd } BB15 { - switch ([#"../option.rs" 14 12 14 30] _17 = ([#"../option.rs" 14 29 14 30] [#"../option.rs" 14 29 14 30] (1 : int32))) + [#"../option.rs" 14 12 14 30] _16 <- ([#"../option.rs" 14 12 14 30] _17 = (1 : int32)); + _17 <- any int32; + switch (_16) | False -> goto BB17 | True -> goto BB16 end } BB16 { - [#"../option.rs" 19 12 19 29] _22 <- ([#"../option.rs" 19 12 19 29] unwrap_or0 ([#"../option.rs" 19 12 19 16] some) ([#"../option.rs" 19 27 19 28] [#"../option.rs" 19 27 19 28] (2 : int32))); + [#"../option.rs" 19 12 19 29] _22 <- ([#"../option.rs" 19 12 19 29] unwrap_or0 some (2 : int32)); goto BB18 } BB17 { @@ -419,13 +452,15 @@ module Option_TestOption absurd } BB18 { - switch ([#"../option.rs" 19 12 19 34] _22 = ([#"../option.rs" 19 33 19 34] [#"../option.rs" 19 33 19 34] (1 : int32))) + [#"../option.rs" 19 12 19 34] _21 <- ([#"../option.rs" 19 12 19 34] _22 = (1 : int32)); + _22 <- any int32; + switch (_21) | False -> goto BB20 | True -> goto BB19 end } BB19 { - [#"../option.rs" 20 12 20 29] _27 <- ([#"../option.rs" 20 12 20 29] unwrap_or0 ([#"../option.rs" 20 12 20 16] none) ([#"../option.rs" 20 27 20 28] [#"../option.rs" 20 27 20 28] (2 : int32))); + [#"../option.rs" 20 12 20 29] _27 <- ([#"../option.rs" 20 12 20 29] unwrap_or0 none (2 : int32)); goto BB21 } BB20 { @@ -433,7 +468,9 @@ module Option_TestOption absurd } BB21 { - switch ([#"../option.rs" 20 12 20 34] _27 = ([#"../option.rs" 20 33 20 34] [#"../option.rs" 20 33 20 34] (2 : int32))) + [#"../option.rs" 20 12 20 34] _26 <- ([#"../option.rs" 20 12 20 34] _27 = (2 : int32)); + _27 <- any int32; + switch (_26) | False -> goto BB23 | True -> goto BB22 end @@ -450,7 +487,7 @@ module Option_TestOption absurd } BB24 { - [#"../option.rs" 23 12 23 35] _31 <- ([#"../option.rs" 23 12 23 35] is_none1 ([#"../option.rs" 23 12 23 25] _33)); + [#"../option.rs" 23 12 23 35] _31 <- ([#"../option.rs" 23 12 23 35] is_none1 _33); goto BB25 } BB25 { @@ -476,13 +513,15 @@ module Option_TestOption goto BB29 } BB29 { - [#"../option.rs" 24 4 24 31] _36 <- { _36 with current = ([#"../option.rs" 24 4 24 31] [#"../option.rs" 24 30 24 31] (2 : int32)) ; }; + [#"../option.rs" 24 4 24 31] _36 <- { _36 with current = ([#"../option.rs" 24 4 24 31] (2 : int32)) ; }; assume { resolve0 _36 }; - [#"../option.rs" 25 12 25 25] _41 <- ([#"../option.rs" 25 12 25 25] unwrap0 ([#"../option.rs" 25 12 25 16] some)); + [#"../option.rs" 25 12 25 25] _41 <- ([#"../option.rs" 25 12 25 25] unwrap0 some); goto BB30 } BB30 { - switch ([#"../option.rs" 25 12 25 30] _41 = ([#"../option.rs" 25 29 25 30] [#"../option.rs" 25 29 25 30] (2 : int32))) + [#"../option.rs" 25 12 25 30] _40 <- ([#"../option.rs" 25 12 25 30] _41 = (2 : int32)); + _41 <- any int32; + switch (_40) | False -> goto BB32 | True -> goto BB31 end @@ -504,19 +543,21 @@ module Option_TestOption goto BB34 } BB34 { - [#"../option.rs" 26 4 26 31] _44 <- { _44 with current = ([#"../option.rs" 26 4 26 31] [#"../option.rs" 26 30 26 31] (1 : int32)) ; }; + [#"../option.rs" 26 4 26 31] _44 <- { _44 with current = ([#"../option.rs" 26 4 26 31] (1 : int32)) ; }; assume { resolve0 _44 }; - [#"../option.rs" 27 12 27 25] _49 <- ([#"../option.rs" 27 12 27 25] unwrap0 ([#"../option.rs" 27 12 27 16] some)); + [#"../option.rs" 27 12 27 25] _49 <- ([#"../option.rs" 27 12 27 25] unwrap0 some); goto BB35 } BB35 { - switch ([#"../option.rs" 27 12 27 30] _49 = ([#"../option.rs" 27 29 27 30] [#"../option.rs" 27 29 27 30] (1 : int32))) + [#"../option.rs" 27 12 27 30] _48 <- ([#"../option.rs" 27 12 27 30] _49 = (1 : int32)); + _49 <- any int32; + switch (_48) | False -> goto BB37 | True -> goto BB36 end } BB36 { - [#"../option.rs" 29 12 29 25] _55 <- ([#"../option.rs" 29 12 29 25] as_ref0 ([#"../option.rs" 29 12 29 16] none)); + [#"../option.rs" 29 12 29 25] _55 <- ([#"../option.rs" 29 12 29 25] as_ref0 none); goto BB38 } BB37 { @@ -524,7 +565,7 @@ module Option_TestOption absurd } BB38 { - [#"../option.rs" 29 12 29 35] _53 <- ([#"../option.rs" 29 12 29 35] is_none2 ([#"../option.rs" 29 12 29 25] _55)); + [#"../option.rs" 29 12 29 35] _53 <- ([#"../option.rs" 29 12 29 35] is_none2 _55); goto BB39 } BB39 { @@ -534,7 +575,7 @@ module Option_TestOption end } BB40 { - [#"../option.rs" 30 13 30 26] _62 <- ([#"../option.rs" 30 13 30 26] as_ref0 ([#"../option.rs" 30 13 30 17] some)); + [#"../option.rs" 30 13 30 26] _62 <- ([#"../option.rs" 30 13 30 26] as_ref0 some); goto BB42 } BB41 { @@ -547,13 +588,14 @@ module Option_TestOption goto BB43 } BB43 { - switch ([#"../option.rs" 30 12 30 40] ([#"../option.rs" 30 12 30 35] _61) = ([#"../option.rs" 30 39 30 40] [#"../option.rs" 30 39 30 40] (1 : int32))) + [#"../option.rs" 30 12 30 40] _59 <- ([#"../option.rs" 30 12 30 40] _61 = (1 : int32)); + switch (_59) | False -> goto BB45 | True -> goto BB44 end } BB44 { - [#"../option.rs" 33 12 33 26] _68 <- ([#"../option.rs" 33 12 33 26] and0 ([#"../option.rs" 33 12 33 16] none) ([#"../option.rs" 33 21 33 25] none)); + [#"../option.rs" 33 12 33 26] _68 <- ([#"../option.rs" 33 12 33 26] and0 none none); goto BB46 } BB45 { @@ -561,7 +603,7 @@ module Option_TestOption absurd } BB46 { - [#"../option.rs" 33 12 33 36] _66 <- ([#"../option.rs" 33 12 33 36] is_none0 ([#"../option.rs" 33 12 33 26] _68)); + [#"../option.rs" 33 12 33 36] _66 <- ([#"../option.rs" 33 12 33 36] is_none0 _68); goto BB47 } BB47 { @@ -571,7 +613,9 @@ module Option_TestOption end } BB48 { - [#"../option.rs" 34 12 34 29] _75 <- ([#"../option.rs" 34 12 34 29] and0 ([#"../option.rs" 34 12 34 16] none) ([#"../option.rs" 34 21 34 28] Core_Option_Option_Type.C_Some ([#"../option.rs" 34 26 34 27] [#"../option.rs" 34 26 34 27] (2 : int32)))); + [#"../option.rs" 34 21 34 28] _77 <- ([#"../option.rs" 34 21 34 28] Core_Option_Option_Type.C_Some (2 : int32)); + [#"../option.rs" 34 12 34 29] _75 <- ([#"../option.rs" 34 12 34 29] and0 none _77); + _77 <- any Core_Option_Option_Type.t_option int32; goto BB50 } BB49 { @@ -579,7 +623,7 @@ module Option_TestOption absurd } BB50 { - [#"../option.rs" 34 12 34 39] _73 <- ([#"../option.rs" 34 12 34 39] is_none0 ([#"../option.rs" 34 12 34 29] _75)); + [#"../option.rs" 34 12 34 39] _73 <- ([#"../option.rs" 34 12 34 39] is_none0 _75); goto BB51 } BB51 { @@ -589,7 +633,7 @@ module Option_TestOption end } BB52 { - [#"../option.rs" 35 12 35 26] _82 <- ([#"../option.rs" 35 12 35 26] and0 ([#"../option.rs" 35 12 35 16] some) ([#"../option.rs" 35 21 35 25] none)); + [#"../option.rs" 35 12 35 26] _82 <- ([#"../option.rs" 35 12 35 26] and0 some none); goto BB54 } BB53 { @@ -597,7 +641,7 @@ module Option_TestOption absurd } BB54 { - [#"../option.rs" 35 12 35 36] _80 <- ([#"../option.rs" 35 12 35 36] is_none0 ([#"../option.rs" 35 12 35 26] _82)); + [#"../option.rs" 35 12 35 36] _80 <- ([#"../option.rs" 35 12 35 36] is_none0 _82); goto BB55 } BB55 { @@ -607,7 +651,9 @@ module Option_TestOption end } BB56 { - [#"../option.rs" 36 12 36 29] _89 <- ([#"../option.rs" 36 12 36 29] and0 ([#"../option.rs" 36 12 36 16] some) ([#"../option.rs" 36 21 36 28] Core_Option_Option_Type.C_Some ([#"../option.rs" 36 26 36 27] [#"../option.rs" 36 26 36 27] (2 : int32)))); + [#"../option.rs" 36 21 36 28] _91 <- ([#"../option.rs" 36 21 36 28] Core_Option_Option_Type.C_Some (2 : int32)); + [#"../option.rs" 36 12 36 29] _89 <- ([#"../option.rs" 36 12 36 29] and0 some _91); + _91 <- any Core_Option_Option_Type.t_option int32; goto BB58 } BB57 { @@ -620,13 +666,15 @@ module Option_TestOption goto BB59 } BB59 { - switch ([#"../option.rs" 36 12 36 43] _88 = ([#"../option.rs" 36 42 36 43] [#"../option.rs" 36 42 36 43] (2 : int32))) + [#"../option.rs" 36 12 36 43] _87 <- ([#"../option.rs" 36 12 36 43] _88 = (2 : int32)); + _88 <- any int32; + switch (_87) | False -> goto BB61 | True -> goto BB60 end } BB60 { - [#"../option.rs" 38 12 38 25] _96 <- ([#"../option.rs" 38 12 38 25] or0 ([#"../option.rs" 38 12 38 16] none) ([#"../option.rs" 38 20 38 24] none)); + [#"../option.rs" 38 12 38 25] _96 <- ([#"../option.rs" 38 12 38 25] or0 none none); goto BB62 } BB61 { @@ -634,7 +682,7 @@ module Option_TestOption absurd } BB62 { - [#"../option.rs" 38 12 38 35] _94 <- ([#"../option.rs" 38 12 38 35] is_none0 ([#"../option.rs" 38 12 38 25] _96)); + [#"../option.rs" 38 12 38 35] _94 <- ([#"../option.rs" 38 12 38 35] is_none0 _96); goto BB63 } BB63 { @@ -644,7 +692,9 @@ module Option_TestOption end } BB64 { - [#"../option.rs" 39 12 39 28] _103 <- ([#"../option.rs" 39 12 39 28] or0 ([#"../option.rs" 39 12 39 16] none) ([#"../option.rs" 39 20 39 27] Core_Option_Option_Type.C_Some ([#"../option.rs" 39 25 39 26] [#"../option.rs" 39 25 39 26] (2 : int32)))); + [#"../option.rs" 39 20 39 27] _105 <- ([#"../option.rs" 39 20 39 27] Core_Option_Option_Type.C_Some (2 : int32)); + [#"../option.rs" 39 12 39 28] _103 <- ([#"../option.rs" 39 12 39 28] or0 none _105); + _105 <- any Core_Option_Option_Type.t_option int32; goto BB66 } BB65 { @@ -657,13 +707,15 @@ module Option_TestOption goto BB67 } BB67 { - switch ([#"../option.rs" 39 12 39 42] _102 = ([#"../option.rs" 39 41 39 42] [#"../option.rs" 39 41 39 42] (2 : int32))) + [#"../option.rs" 39 12 39 42] _101 <- ([#"../option.rs" 39 12 39 42] _102 = (2 : int32)); + _102 <- any int32; + switch (_101) | False -> goto BB69 | True -> goto BB68 end } BB68 { - [#"../option.rs" 40 12 40 25] _110 <- ([#"../option.rs" 40 12 40 25] or0 ([#"../option.rs" 40 12 40 16] some) ([#"../option.rs" 40 20 40 24] none)); + [#"../option.rs" 40 12 40 25] _110 <- ([#"../option.rs" 40 12 40 25] or0 some none); goto BB70 } BB69 { @@ -676,13 +728,17 @@ module Option_TestOption goto BB71 } BB71 { - switch ([#"../option.rs" 40 12 40 39] _109 = ([#"../option.rs" 40 38 40 39] [#"../option.rs" 40 38 40 39] (1 : int32))) + [#"../option.rs" 40 12 40 39] _108 <- ([#"../option.rs" 40 12 40 39] _109 = (1 : int32)); + _109 <- any int32; + switch (_108) | False -> goto BB73 | True -> goto BB72 end } BB72 { - [#"../option.rs" 41 12 41 28] _117 <- ([#"../option.rs" 41 12 41 28] or0 ([#"../option.rs" 41 12 41 16] some) ([#"../option.rs" 41 20 41 27] Core_Option_Option_Type.C_Some ([#"../option.rs" 41 25 41 26] [#"../option.rs" 41 25 41 26] (2 : int32)))); + [#"../option.rs" 41 20 41 27] _119 <- ([#"../option.rs" 41 20 41 27] Core_Option_Option_Type.C_Some (2 : int32)); + [#"../option.rs" 41 12 41 28] _117 <- ([#"../option.rs" 41 12 41 28] or0 some _119); + _119 <- any Core_Option_Option_Type.t_option int32; goto BB74 } BB73 { @@ -695,7 +751,9 @@ module Option_TestOption goto BB75 } BB75 { - switch ([#"../option.rs" 41 12 41 42] _116 = ([#"../option.rs" 41 41 41 42] [#"../option.rs" 41 41 41 42] (1 : int32))) + [#"../option.rs" 41 12 41 42] _115 <- ([#"../option.rs" 41 12 41 42] _116 = (1 : int32)); + _116 <- any int32; + switch (_115) | False -> goto BB77 | True -> goto BB76 end @@ -712,7 +770,7 @@ module Option_TestOption absurd } BB78 { - [#"../option.rs" 44 12 44 33] _122 <- ([#"../option.rs" 44 12 44 33] is_none0 ([#"../option.rs" 44 12 44 23] _124)); + [#"../option.rs" 44 12 44 33] _122 <- ([#"../option.rs" 44 12 44 33] is_none0 _124); goto BB79 } BB79 { @@ -722,7 +780,7 @@ module Option_TestOption end } BB80 { - [#"../option.rs" 45 12 45 26] _128 <- ([#"../option.rs" 45 12 45 26] is_none0 ([#"../option.rs" 45 12 45 16] none)); + [#"../option.rs" 45 12 45 26] _128 <- ([#"../option.rs" 45 12 45 26] is_none0 none); goto BB82 } BB81 { @@ -752,13 +810,15 @@ module Option_TestOption goto BB86 } BB86 { - switch ([#"../option.rs" 46 12 46 37] _133 = ([#"../option.rs" 46 36 46 37] [#"../option.rs" 46 36 46 37] (1 : int32))) + [#"../option.rs" 46 12 46 37] _132 <- ([#"../option.rs" 46 12 46 37] _133 = (1 : int32)); + _133 <- any int32; + switch (_132) | False -> goto BB88 | True -> goto BB87 end } BB87 { - [#"../option.rs" 47 12 47 26] _138 <- ([#"../option.rs" 47 12 47 26] is_none0 ([#"../option.rs" 47 12 47 16] some)); + [#"../option.rs" 47 12 47 26] _138 <- ([#"../option.rs" 47 12 47 26] is_none0 some); goto BB89 } BB88 { @@ -772,10 +832,12 @@ module Option_TestOption end } BB90 { - [#"../option.rs" 48 4 48 18] some <- ([#"../option.rs" 48 11 48 18] Core_Option_Option_Type.C_Some ([#"../option.rs" 48 16 48 17] [#"../option.rs" 48 16 48 17] (1 : int32))); + [#"../option.rs" 48 11 48 18] _141 <- ([#"../option.rs" 48 11 48 18] Core_Option_Option_Type.C_Some (1 : int32)); + [#"../option.rs" 48 4 48 18] some <- ([#"../option.rs" 48 4 48 18] _141); + _141 <- any Core_Option_Option_Type.t_option int32; [#"../option.rs" 50 12 50 16] _146 <- Borrow.borrow_mut none; [#"../option.rs" 50 12 50 16] none <- ^ _146; - [#"../option.rs" 50 12 50 27] _145 <- ([#"../option.rs" 50 12 50 27] replace0 _146 ([#"../option.rs" 50 25 50 26] [#"../option.rs" 50 25 50 26] (2 : int32))); + [#"../option.rs" 50 12 50 27] _145 <- ([#"../option.rs" 50 12 50 27] replace0 _146 (2 : int32)); _146 <- any borrowed (Core_Option_Option_Type.t_option int32); goto BB92 } @@ -784,7 +846,7 @@ module Option_TestOption absurd } BB92 { - [#"../option.rs" 50 12 50 37] _143 <- ([#"../option.rs" 50 12 50 37] is_none0 ([#"../option.rs" 50 12 50 27] _145)); + [#"../option.rs" 50 12 50 37] _143 <- ([#"../option.rs" 50 12 50 37] is_none0 _145); goto BB93 } BB93 { @@ -794,7 +856,7 @@ module Option_TestOption end } BB94 { - [#"../option.rs" 51 12 51 25] _150 <- ([#"../option.rs" 51 12 51 25] unwrap0 ([#"../option.rs" 51 12 51 16] none)); + [#"../option.rs" 51 12 51 25] _150 <- ([#"../option.rs" 51 12 51 25] unwrap0 none); goto BB96 } BB95 { @@ -802,16 +864,20 @@ module Option_TestOption absurd } BB96 { - switch ([#"../option.rs" 51 12 51 30] _150 = ([#"../option.rs" 51 29 51 30] [#"../option.rs" 51 29 51 30] (2 : int32))) + [#"../option.rs" 51 12 51 30] _149 <- ([#"../option.rs" 51 12 51 30] _150 = (2 : int32)); + _150 <- any int32; + switch (_149) | False -> goto BB98 | True -> goto BB97 end } BB97 { - [#"../option.rs" 52 4 52 15] none <- ([#"../option.rs" 52 11 52 15] Core_Option_Option_Type.C_None); + [#"../option.rs" 52 11 52 15] _153 <- ([#"../option.rs" 52 11 52 15] Core_Option_Option_Type.C_None); + [#"../option.rs" 52 4 52 15] none <- ([#"../option.rs" 52 4 52 15] _153); + _153 <- any Core_Option_Option_Type.t_option int32; [#"../option.rs" 53 12 53 16] _158 <- Borrow.borrow_mut some; [#"../option.rs" 53 12 53 16] some <- ^ _158; - [#"../option.rs" 53 12 53 27] _157 <- ([#"../option.rs" 53 12 53 27] replace0 _158 ([#"../option.rs" 53 25 53 26] [#"../option.rs" 53 25 53 26] (2 : int32))); + [#"../option.rs" 53 12 53 27] _157 <- ([#"../option.rs" 53 12 53 27] replace0 _158 (2 : int32)); _158 <- any borrowed (Core_Option_Option_Type.t_option int32); goto BB99 } @@ -825,13 +891,15 @@ module Option_TestOption goto BB100 } BB100 { - switch ([#"../option.rs" 53 12 53 41] _156 = ([#"../option.rs" 53 40 53 41] [#"../option.rs" 53 40 53 41] (1 : int32))) + [#"../option.rs" 53 12 53 41] _155 <- ([#"../option.rs" 53 12 53 41] _156 = (1 : int32)); + _156 <- any int32; + switch (_155) | False -> goto BB102 | True -> goto BB101 end } BB101 { - [#"../option.rs" 54 12 54 25] _162 <- ([#"../option.rs" 54 12 54 25] unwrap0 ([#"../option.rs" 54 12 54 16] some)); + [#"../option.rs" 54 12 54 25] _162 <- ([#"../option.rs" 54 12 54 25] unwrap0 some); goto BB103 } BB102 { @@ -839,7 +907,9 @@ module Option_TestOption absurd } BB103 { - switch ([#"../option.rs" 54 12 54 30] _162 = ([#"../option.rs" 54 29 54 30] [#"../option.rs" 54 29 54 30] (2 : int32))) + [#"../option.rs" 54 12 54 30] _161 <- ([#"../option.rs" 54 12 54 30] _162 = (2 : int32)); + _162 <- any int32; + switch (_161) | False -> goto BB105 | True -> goto BB104 end @@ -847,7 +917,7 @@ module Option_TestOption BB104 { [#"../option.rs" 55 12 55 16] _169 <- Borrow.borrow_mut some; [#"../option.rs" 55 12 55 16] some <- ^ _169; - [#"../option.rs" 55 12 55 27] _168 <- ([#"../option.rs" 55 12 55 27] replace0 _169 ([#"../option.rs" 55 25 55 26] [#"../option.rs" 55 25 55 26] (1 : int32))); + [#"../option.rs" 55 12 55 27] _168 <- ([#"../option.rs" 55 12 55 27] replace0 _169 (1 : int32)); _169 <- any borrowed (Core_Option_Option_Type.t_option int32); goto BB106 } @@ -861,13 +931,15 @@ module Option_TestOption goto BB107 } BB107 { - switch ([#"../option.rs" 55 12 55 41] _167 = ([#"../option.rs" 55 40 55 41] [#"../option.rs" 55 40 55 41] (2 : int32))) + [#"../option.rs" 55 12 55 41] _166 <- ([#"../option.rs" 55 12 55 41] _167 = (2 : int32)); + _167 <- any int32; + switch (_166) | False -> goto BB109 | True -> goto BB108 end } BB108 { - [#"../option.rs" 56 12 56 25] _173 <- ([#"../option.rs" 56 12 56 25] unwrap0 ([#"../option.rs" 56 12 56 16] some)); + [#"../option.rs" 56 12 56 25] _173 <- ([#"../option.rs" 56 12 56 25] unwrap0 some); goto BB110 } BB109 { @@ -875,13 +947,15 @@ module Option_TestOption absurd } BB110 { - switch ([#"../option.rs" 56 12 56 30] _173 = ([#"../option.rs" 56 29 56 30] [#"../option.rs" 56 29 56 30] (1 : int32))) + [#"../option.rs" 56 12 56 30] _172 <- ([#"../option.rs" 56 12 56 30] _173 = (1 : int32)); + _173 <- any int32; + switch (_172) | False -> goto BB112 | True -> goto BB111 end } BB111 { - [#"../option.rs" 59 12 59 36] _178 <- ([#"../option.rs" 59 12 59 36] unwrap_or_default0 ([#"../option.rs" 59 12 59 16] none)); + [#"../option.rs" 59 12 59 36] _178 <- ([#"../option.rs" 59 12 59 36] unwrap_or_default0 none); goto BB113 } BB112 { @@ -889,13 +963,15 @@ module Option_TestOption absurd } BB113 { - switch ([#"../option.rs" 59 12 59 41] _178 = ([#"../option.rs" 59 40 59 41] [#"../option.rs" 59 40 59 41] (0 : int32))) + [#"../option.rs" 59 12 59 41] _177 <- ([#"../option.rs" 59 12 59 41] _178 = (0 : int32)); + _178 <- any int32; + switch (_177) | False -> goto BB115 | True -> goto BB114 end } BB114 { - [#"../option.rs" 60 12 60 36] _183 <- ([#"../option.rs" 60 12 60 36] unwrap_or_default0 ([#"../option.rs" 60 12 60 16] some)); + [#"../option.rs" 60 12 60 36] _183 <- ([#"../option.rs" 60 12 60 36] unwrap_or_default0 some); goto BB116 } BB115 { @@ -903,13 +979,15 @@ module Option_TestOption absurd } BB116 { - switch ([#"../option.rs" 60 12 60 41] _183 = ([#"../option.rs" 60 40 60 41] [#"../option.rs" 60 40 60 41] (1 : int32))) + [#"../option.rs" 60 12 60 41] _182 <- ([#"../option.rs" 60 12 60 41] _183 = (1 : int32)); + _183 <- any int32; + switch (_182) | False -> goto BB118 | True -> goto BB117 end } BB117 { - [#"../option.rs" 63 12 63 25] _190 <- ([#"../option.rs" 63 12 63 25] as_ref0 ([#"../option.rs" 63 12 63 16] none)); + [#"../option.rs" 63 12 63 25] _190 <- ([#"../option.rs" 63 12 63 25] as_ref0 none); goto BB119 } BB118 { @@ -922,7 +1000,7 @@ module Option_TestOption goto BB120 } BB120 { - [#"../option.rs" 63 12 63 44] _187 <- ([#"../option.rs" 63 12 63 44] is_none0 ([#"../option.rs" 63 12 63 34] _189)); + [#"../option.rs" 63 12 63 44] _187 <- ([#"../option.rs" 63 12 63 44] is_none0 _189); goto BB121 } BB121 { @@ -932,7 +1010,7 @@ module Option_TestOption end } BB122 { - [#"../option.rs" 64 12 64 25] _197 <- ([#"../option.rs" 64 12 64 25] as_ref0 ([#"../option.rs" 64 12 64 16] some)); + [#"../option.rs" 64 12 64 25] _197 <- ([#"../option.rs" 64 12 64 25] as_ref0 some); goto BB124 } BB123 { @@ -950,7 +1028,9 @@ module Option_TestOption goto BB126 } BB126 { - switch ([#"../option.rs" 64 12 64 48] _195 = ([#"../option.rs" 64 47 64 48] [#"../option.rs" 64 47 64 48] (1 : int32))) + [#"../option.rs" 64 12 64 48] _194 <- ([#"../option.rs" 64 12 64 48] _195 = (1 : int32)); + _195 <- any int32; + switch (_194) | False -> goto BB128 | True -> goto BB127 end @@ -972,7 +1052,7 @@ module Option_TestOption goto BB130 } BB130 { - [#"../option.rs" 65 12 65 44] _201 <- ([#"../option.rs" 65 12 65 44] is_none0 ([#"../option.rs" 65 12 65 34] _203)); + [#"../option.rs" 65 12 65 44] _201 <- ([#"../option.rs" 65 12 65 44] is_none0 _203); goto BB131 } BB131 { @@ -1003,13 +1083,15 @@ module Option_TestOption goto BB136 } BB136 { - switch ([#"../option.rs" 66 12 66 48] _209 = ([#"../option.rs" 66 47 66 48] [#"../option.rs" 66 47 66 48] (1 : int32))) + [#"../option.rs" 66 12 66 48] _208 <- ([#"../option.rs" 66 12 66 48] _209 = (1 : int32)); + _209 <- any int32; + switch (_208) | False -> goto BB138 | True -> goto BB137 end } BB137 { - [#"../option.rs" 68 12 68 25] _218 <- ([#"../option.rs" 68 12 68 25] as_ref0 ([#"../option.rs" 68 12 68 16] none)); + [#"../option.rs" 68 12 68 25] _218 <- ([#"../option.rs" 68 12 68 25] as_ref0 none); goto BB139 } BB138 { @@ -1022,7 +1104,7 @@ module Option_TestOption goto BB140 } BB140 { - [#"../option.rs" 68 12 68 44] _215 <- ([#"../option.rs" 68 12 68 44] is_none0 ([#"../option.rs" 68 12 68 34] _217)); + [#"../option.rs" 68 12 68 44] _215 <- ([#"../option.rs" 68 12 68 44] is_none0 _217); goto BB141 } BB141 { @@ -1032,7 +1114,7 @@ module Option_TestOption end } BB142 { - [#"../option.rs" 69 12 69 25] _225 <- ([#"../option.rs" 69 12 69 25] as_ref0 ([#"../option.rs" 69 12 69 16] some)); + [#"../option.rs" 69 12 69 25] _225 <- ([#"../option.rs" 69 12 69 25] as_ref0 some); goto BB144 } BB143 { @@ -1050,7 +1132,9 @@ module Option_TestOption goto BB146 } BB146 { - switch ([#"../option.rs" 69 12 69 48] _223 = ([#"../option.rs" 69 47 69 48] [#"../option.rs" 69 47 69 48] (1 : int32))) + [#"../option.rs" 69 12 69 48] _222 <- ([#"../option.rs" 69 12 69 48] _223 = (1 : int32)); + _223 <- any int32; + switch (_222) | False -> goto BB148 | True -> goto BB147 end @@ -1072,7 +1156,7 @@ module Option_TestOption goto BB150 } BB150 { - [#"../option.rs" 70 12 70 44] _229 <- ([#"../option.rs" 70 12 70 44] is_none0 ([#"../option.rs" 70 12 70 34] _231)); + [#"../option.rs" 70 12 70 44] _229 <- ([#"../option.rs" 70 12 70 44] is_none0 _231); goto BB151 } BB151 { @@ -1103,14 +1187,16 @@ module Option_TestOption goto BB156 } BB156 { - switch ([#"../option.rs" 71 12 71 48] _237 = ([#"../option.rs" 71 47 71 48] [#"../option.rs" 71 47 71 48] (1 : int32))) + [#"../option.rs" 71 12 71 48] _236 <- ([#"../option.rs" 71 12 71 48] _237 = (1 : int32)); + _237 <- any int32; + switch (_236) | False -> goto BB158 | True -> goto BB157 end } BB157 { [#"../option.rs" 74 35 74 39] opt <- ([#"../option.rs" 74 35 74 39] Core_Option_Option_Type.C_None); - [#"../option.rs" 75 12 75 25] _246 <- ([#"../option.rs" 75 12 75 25] flatten0 ([#"../option.rs" 75 12 75 15] opt)); + [#"../option.rs" 75 12 75 25] _246 <- ([#"../option.rs" 75 12 75 25] flatten0 opt); goto BB159 } BB158 { @@ -1118,7 +1204,7 @@ module Option_TestOption absurd } BB159 { - [#"../option.rs" 75 12 75 35] _244 <- ([#"../option.rs" 75 12 75 35] is_none0 ([#"../option.rs" 75 12 75 25] _246)); + [#"../option.rs" 75 12 75 35] _244 <- ([#"../option.rs" 75 12 75 35] is_none0 _246); goto BB160 } BB160 { @@ -1128,8 +1214,10 @@ module Option_TestOption end } BB161 { - [#"../option.rs" 76 35 76 45] opt1 <- ([#"../option.rs" 76 35 76 45] Core_Option_Option_Type.C_Some ([#"../option.rs" 76 40 76 44] Core_Option_Option_Type.C_None)); - [#"../option.rs" 77 12 77 25] _254 <- ([#"../option.rs" 77 12 77 25] flatten0 ([#"../option.rs" 77 12 77 15] opt1)); + [#"../option.rs" 76 40 76 44] _250 <- ([#"../option.rs" 76 40 76 44] Core_Option_Option_Type.C_None); + [#"../option.rs" 76 35 76 45] opt1 <- ([#"../option.rs" 76 35 76 45] Core_Option_Option_Type.C_Some _250); + _250 <- any Core_Option_Option_Type.t_option int32; + [#"../option.rs" 77 12 77 25] _254 <- ([#"../option.rs" 77 12 77 25] flatten0 opt1); goto BB163 } BB162 { @@ -1137,7 +1225,7 @@ module Option_TestOption absurd } BB163 { - [#"../option.rs" 77 12 77 35] _252 <- ([#"../option.rs" 77 12 77 35] is_none0 ([#"../option.rs" 77 12 77 25] _254)); + [#"../option.rs" 77 12 77 35] _252 <- ([#"../option.rs" 77 12 77 35] is_none0 _254); goto BB164 } BB164 { @@ -1147,8 +1235,10 @@ module Option_TestOption end } BB165 { - [#"../option.rs" 78 35 78 48] opt2 <- ([#"../option.rs" 78 35 78 48] Core_Option_Option_Type.C_Some ([#"../option.rs" 78 40 78 47] Core_Option_Option_Type.C_Some ([#"../option.rs" 78 45 78 46] [#"../option.rs" 78 45 78 46] (1 : int32)))); - [#"../option.rs" 79 12 79 25] _262 <- ([#"../option.rs" 79 12 79 25] flatten0 ([#"../option.rs" 79 12 79 15] opt2)); + [#"../option.rs" 78 40 78 47] _258 <- ([#"../option.rs" 78 40 78 47] Core_Option_Option_Type.C_Some (1 : int32)); + [#"../option.rs" 78 35 78 48] opt2 <- ([#"../option.rs" 78 35 78 48] Core_Option_Option_Type.C_Some _258); + _258 <- any Core_Option_Option_Type.t_option int32; + [#"../option.rs" 79 12 79 25] _262 <- ([#"../option.rs" 79 12 79 25] flatten0 opt2); goto BB167 } BB166 { @@ -1161,7 +1251,9 @@ module Option_TestOption goto BB168 } BB168 { - switch ([#"../option.rs" 79 12 79 39] _261 = ([#"../option.rs" 79 38 79 39] [#"../option.rs" 79 38 79 39] (1 : int32))) + [#"../option.rs" 79 12 79 39] _260 <- ([#"../option.rs" 79 12 79 39] _261 = (1 : int32)); + _261 <- any int32; + switch (_260) | False -> goto BB170 | True -> goto BB169 end diff --git a/creusot/tests/should_succeed/option/why3session.xml b/creusot/tests/should_succeed/option/why3session.xml index bf75572f37..f9f1151e66 100644 --- a/creusot/tests/should_succeed/option/why3session.xml +++ b/creusot/tests/should_succeed/option/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/option/why3shapes.gz b/creusot/tests/should_succeed/option/why3shapes.gz index 367c3c03ee565526cf8fdda3ac74be0ee4e4790c..9ba0082fdccdf797b2403248084891c492fb1000 100644 GIT binary patch literal 365 zcmV-z0h0b7iwFP!00000|Lv5$PQx$|$M-yiH=vV0Vmm=%up%O7DFeuB<)*f%1Wjo| zpP!3kr;v&lKn%8jKK*?k%3W?(sDHIb*Q2vL_51E{j|5uXWy6QvAI_!0b;QDugwoK2 z!mxzg-*QzXQutTW$u<(q1-wSDVd<)?G7FQ-pu2vha}_WfiH#`S2y zw%V+_gL{lR8g%qZN0LsZ+jIBsS~A^dFDhmcqgTJBQ-){d_b{V@FS03utXRtOSr+U* zs%22itK9R2R}pmLO2>cH$QL!vUesLF1wz@W)PMd999xw#*}&(AW6_0_iI&t&A^;f0 zfzcb-XVVC)&v45-%OP3pDDLk^2g9!60ZWyn z6B=AUY`WtB|Di0igtdOlEJUKz7s3fi${oSGtrW7wTSSN^SeLrcQVY#>u9>EqXq=0TP)6h-Dfek~BalS%5(DA~L1POqqA8P+zUijsNY``|(#xh%@zKW9?Z-u6qWk ze7kP;`gPDDr$ZMy7<5_Ky*1yuf_^``WJ49h?fJEGxI4zD*YrfPsD?QiTgu2NbG#YU z)T!x3?PTGaI$e69OJ+SLiylXpY;0--wQGACa~FO3Ha}&q;oF|KeeTKL6Yr_#zswZ- z$>|>gK~TYR0_==;7(LiH%Si-yQTorqLi34Qf@6e0f z{2-8?UFc?H`cpnnXC5I}l(WO*@DzUN5J goto BB2 | True -> goto BB1 end @@ -131,12 +131,13 @@ module ProjectionToggle_F var _5 : borrowed int32; var _6 : borrowed int32; var _7 : borrowed int32; + var _9 : bool; { goto BB0 } BB0 { - [#"../projection_toggle.rs" 14 16 14 18] a <- ([#"../projection_toggle.rs" 14 16 14 18] [#"../projection_toggle.rs" 14 16 14 18] (10 : int32)); - [#"../projection_toggle.rs" 15 16 15 17] b <- ([#"../projection_toggle.rs" 15 16 15 17] [#"../projection_toggle.rs" 15 16 15 17] (5 : int32)); + [#"../projection_toggle.rs" 14 16 14 18] a <- ([#"../projection_toggle.rs" 14 16 14 18] (10 : int32)); + [#"../projection_toggle.rs" 15 16 15 17] b <- ([#"../projection_toggle.rs" 15 16 15 17] (5 : int32)); [#"../projection_toggle.rs" 17 30 17 36] _5 <- Borrow.borrow_mut a; [#"../projection_toggle.rs" 17 30 17 36] a <- ^ _5; [#"../projection_toggle.rs" 17 30 17 36] _4 <- Borrow.borrow_final ( * _5) (Borrow.get_id _5); @@ -145,7 +146,7 @@ module ProjectionToggle_F [#"../projection_toggle.rs" 17 38 17 44] b <- ^ _7; [#"../projection_toggle.rs" 17 38 17 44] _6 <- Borrow.borrow_final ( * _7) (Borrow.get_id _7); [#"../projection_toggle.rs" 17 38 17 44] _7 <- { _7 with current = ( ^ _6) ; }; - [#"../projection_toggle.rs" 17 12 17 45] x <- ([#"../projection_toggle.rs" 17 12 17 45] proj_toggle0 ([#"../projection_toggle.rs" 17 24 17 28] [#"../projection_toggle.rs" 17 24 17 28] true) _4 _6); + [#"../projection_toggle.rs" 17 12 17 45] x <- ([#"../projection_toggle.rs" 17 12 17 45] proj_toggle0 true _4 _6); _4 <- any borrowed int32; _6 <- any borrowed int32; goto BB1 @@ -153,9 +154,10 @@ module ProjectionToggle_F BB1 { assume { resolve0 _7 }; assume { resolve0 _5 }; - [#"../projection_toggle.rs" 19 4 19 11] x <- { x with current = ([#"../projection_toggle.rs" 19 4 19 11] * x + ([#"../projection_toggle.rs" 19 10 19 11] [#"../projection_toggle.rs" 19 10 19 11] (5 : int32))) ; }; + [#"../projection_toggle.rs" 19 4 19 11] x <- { x with current = ([#"../projection_toggle.rs" 19 4 19 11] * x + (5 : int32)) ; }; assume { resolve0 x }; - switch ([#"../projection_toggle.rs" 20 12 20 19] ([#"../projection_toggle.rs" 20 12 20 13] a) = ([#"../projection_toggle.rs" 20 17 20 19] [#"../projection_toggle.rs" 20 17 20 19] (15 : int32))) + [#"../projection_toggle.rs" 20 12 20 19] _9 <- ([#"../projection_toggle.rs" 20 12 20 19] a = (15 : int32)); + switch (_9) | False -> goto BB3 | True -> goto BB2 end diff --git a/creusot/tests/should_succeed/projection_toggle/why3shapes.gz b/creusot/tests/should_succeed/projection_toggle/why3shapes.gz index 8e63fe15980395f3a1c1c978c19c12f155bb5b04..b71a8e4fd42381bba0a0157246801d58ed38c6f5 100644 GIT binary patch literal 661 zcmV;G0&4vqiwFP!00000|9w7ZCsQvAvc6ZuaOI66_Ggt`7$d5 z`1EXfLgtaJZ^pKKtx_r-vz5J!4c>skuT|8kc>0kD=y#Za^jFJmB%=};mB@gMY!v=s zVCo7wj94~BMr4LCL0r;+*d}0+fLX*9D8hM`JSM@t_6)7c&12gBh4OnFDZ?I7zMw)` zq(TYaOo?wLWrot!OiB|QN&+2cS%uI9PW)G}1Sb!92549K;x4{onP`EDRx{D_sQG2W z3p1-Sv&q|j$e)M)*J0|<=Sy>+YB%7UcHfq5D9#ixAV|CDV#&~m-Ks%&s(A23uM?wB z?mt>)Qrf@K4Qe3DMuc8gj~LGXW&SE_QDG8?WB+nJjc=UaeE(;+>cz%z41}A5DlG>d z7Z++V2%F;?Sch$}!p#Rn49{;oZ{|~$PCv~{H>KBZoQ}i!IhASlIl25b$MY35slt|MsFJXu z<_W}=@wKbX*iFOf+7T^kk0Hvi&U`ZXWbnzE4_I&l zE8}MFCeclz+grer0$L*@W}0CfhkxDv>CbOxHvREzPP#D1y)LTS(+0pDngGn9yX??u zQ?i*^L*@blaN&L-3)~{WD#TC@w$OP5%_FArn7Msy(Aq``?Q=tD^lG_4RsoqKkh^B3 z0awSCM`Rw@x?*g~`z^(*W2Q2vslyX6_JUz6%_~ItMVwq@xiB>bw^Pu@< z!V5F261`6QVN74f;n(gm91f@M*44Jb`?@dt`WsfG1ySEu8*yRu$-aYSrj+`PEU?5u z6~dRQdc?5)FY`~?iV8XIn&I`lpWZmXy7JCW%@+f~G7whgRqTBp<`PQH>y~4euY9v- zIJmq~U8?dn%lt-tJR`tq0LVvE0?2Gk#8BcV3l0wLbfe$vCEwL9L}?k}<)W)4Hnj^9 zIB(sKdjX+7G goto BB1 | Core_Option_Option_Type.C_Some _ -> goto BB2 end } BB1 { - [#"../projections.rs" 26 16 26 21] _1 <- ([#"../projections.rs" 26 16 26 21] [#"../projections.rs" 26 16 26 21] false); + [#"../projections.rs" 26 16 26 21] _1 <- ([#"../projections.rs" 26 16 26 21] false); goto BB5 } BB2 { @@ -186,7 +186,7 @@ module Projections_F } BB4 { [#"../projections.rs" 25 13 25 14] x <- ([#"../projections.rs" 25 13 25 14] Core_Option_Option_Type.some_0 _2); - [#"../projections.rs" 25 19 25 25] _1 <- ([#"../projections.rs" 25 19 25 25] ([#"../projections.rs" 25 19 25 20] x) = ([#"../projections.rs" 25 24 25 25] [#"../projections.rs" 25 24 25 25] (0 : int32))); + [#"../projections.rs" 25 19 25 25] _1 <- ([#"../projections.rs" 25 19 25 25] x = (0 : int32)); goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/prophecy.mlcfg b/creusot/tests/should_succeed/prophecy.mlcfg index 3bfc023793..a25acd9ae6 100644 --- a/creusot/tests/should_succeed/prophecy.mlcfg +++ b/creusot/tests/should_succeed/prophecy.mlcfg @@ -17,10 +17,10 @@ module Prophecy_F goto BB0 } BB0 { - [#"../prophecy.rs" 4 16 4 17] x <- ([#"../prophecy.rs" 4 16 4 17] [#"../prophecy.rs" 4 16 4 17] (0 : int32)); + [#"../prophecy.rs" 4 16 4 17] x <- ([#"../prophecy.rs" 4 16 4 17] (0 : int32)); [#"../prophecy.rs" 5 12 5 18] y <- Borrow.borrow_mut x; [#"../prophecy.rs" 5 12 5 18] x <- ^ y; - [#"../prophecy.rs" 9 4 9 10] y <- { y with current = ([#"../prophecy.rs" 9 4 9 10] [#"../prophecy.rs" 9 9 9 10] (5 : int32)) ; }; + [#"../prophecy.rs" 9 4 9 10] y <- { y with current = ([#"../prophecy.rs" 9 4 9 10] (5 : int32)) ; }; assume { resolve0 y }; [#"../prophecy.rs" 3 11 10 1] _0 <- ([#"../prophecy.rs" 3 11 10 1] ()); return _0 diff --git a/creusot/tests/should_succeed/red_black_tree.mlcfg b/creusot/tests/should_succeed/red_black_tree.mlcfg index 5a1b50dfbf..c75504381d 100644 --- a/creusot/tests/should_succeed/red_black_tree.mlcfg +++ b/creusot/tests/should_succeed/red_black_tree.mlcfg @@ -1073,7 +1073,7 @@ module RedBlackTree_Impl13_IsRed end } BB1 { - [#"../red_black_tree.rs" 391 17 391 22] _0 <- ([#"../red_black_tree.rs" 391 17 391 22] [#"../red_black_tree.rs" 391 17 391 22] false); + [#"../red_black_tree.rs" 391 17 391 22] _0 <- ([#"../red_black_tree.rs" 391 17 391 22] false); goto BB5 } BB2 { @@ -1088,7 +1088,7 @@ module RedBlackTree_Impl13_IsRed goto BB4 } BB4 { - [#"../red_black_tree.rs" 390 49 390 53] _0 <- ([#"../red_black_tree.rs" 390 49 390 53] [#"../red_black_tree.rs" 390 49 390 53] true); + [#"../red_black_tree.rs" 390 49 390 53] _0 <- ([#"../red_black_tree.rs" 390 49 390 53] true); goto BB5 } BB5 { @@ -1521,6 +1521,8 @@ module RedBlackTree_Impl14_RotateRight var _28 : borrowed (RedBlackTree_Color_Type.t_color); var _29 : borrowed (RedBlackTree_Color_Type.t_color); var _30 : borrowed (RedBlackTree_Color_Type.t_color); + var _33 : RedBlackTree_Tree_Type.t_tree k v; + var _34 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); { goto BB0 } @@ -1605,17 +1607,21 @@ module RedBlackTree_Impl14_RotateRight assume { resolve4 _30 }; assume { resolve4 _28 }; assert { [@expl:assertion] [#"../red_black_tree.rs" 441 8 441 90] has_mapping0 (RedBlackTree_Node_Type.node_left ( * Snapshot.inner old_self)) (deep_model0 (RedBlackTree_Node_Type.node_key ( * self))) (RedBlackTree_Node_Type.node_val ( * self)) }; + [#"../red_black_tree.rs" 442 34 442 41] _34 <- ([#"../red_black_tree.rs" 442 34 442 41] Core_Option_Option_Type.C_Some x); + x <- any RedBlackTree_Node_Type.t_node k v; goto BB7 } BB7 { + [#"../red_black_tree.rs" 442 21 442 43] _33 <- ([#"../red_black_tree.rs" 442 21 442 43] RedBlackTree_Tree_Type.C_Tree _34); + _34 <- any Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); goto BB8 } BB8 { goto BB9 } BB9 { - [#"../red_black_tree.rs" 442 8 442 18] self <- { self with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * self in RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 ([#"../red_black_tree.rs" 442 21 442 43] RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 442 34 442 41] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 442 39 442 40] x)))) ; }; - [#"../red_black_tree.rs" 442 39 442 40] x <- any RedBlackTree_Node_Type.t_node k v; + [#"../red_black_tree.rs" 442 8 442 18] self <- { self with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * self in RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 ([#"../red_black_tree.rs" 442 8 442 18] _33)) ; }; + _33 <- any RedBlackTree_Tree_Type.t_tree k v; assert { [@expl:type invariant] inv3 (RedBlackTree_Node_Type.node_right ( * self)) }; assume { resolve5 (RedBlackTree_Node_Type.node_right ( * self)) }; assert { [@expl:type invariant] inv8 self }; @@ -2051,6 +2057,8 @@ module RedBlackTree_Impl14_RotateLeft var _28 : borrowed (RedBlackTree_Color_Type.t_color); var _29 : borrowed (RedBlackTree_Color_Type.t_color); var _30 : borrowed (RedBlackTree_Color_Type.t_color); + var _33 : RedBlackTree_Tree_Type.t_tree k v; + var _34 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); { goto BB0 } @@ -2135,17 +2143,21 @@ module RedBlackTree_Impl14_RotateLeft assume { resolve4 _30 }; assume { resolve4 _28 }; assert { [@expl:assertion] [#"../red_black_tree.rs" 468 8 468 91] has_mapping0 (RedBlackTree_Node_Type.node_right ( * Snapshot.inner old_self)) (deep_model0 (RedBlackTree_Node_Type.node_key ( * self))) (RedBlackTree_Node_Type.node_val ( * self)) }; + [#"../red_black_tree.rs" 469 33 469 40] _34 <- ([#"../red_black_tree.rs" 469 33 469 40] Core_Option_Option_Type.C_Some x); + x <- any RedBlackTree_Node_Type.t_node k v; goto BB7 } BB7 { + [#"../red_black_tree.rs" 469 20 469 42] _33 <- ([#"../red_black_tree.rs" 469 20 469 42] RedBlackTree_Tree_Type.C_Tree _34); + _34 <- any Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); goto BB8 } BB8 { goto BB9 } BB9 { - [#"../red_black_tree.rs" 469 8 469 17] self <- { self with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * self in RedBlackTree_Node_Type.C_Node ([#"../red_black_tree.rs" 469 20 469 42] RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 469 33 469 40] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 469 38 469 39] x))) x1 x2 x3 x4) ; }; - [#"../red_black_tree.rs" 469 38 469 39] x <- any RedBlackTree_Node_Type.t_node k v; + [#"../red_black_tree.rs" 469 8 469 17] self <- { self with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * self in RedBlackTree_Node_Type.C_Node ([#"../red_black_tree.rs" 469 8 469 17] _33) x1 x2 x3 x4) ; }; + _33 <- any RedBlackTree_Tree_Type.t_tree k v; assert { [@expl:type invariant] inv3 (RedBlackTree_Node_Type.node_left ( * self)) }; assume { resolve5 (RedBlackTree_Node_Type.node_left ( * self)) }; assert { [@expl:type invariant] inv8 self }; @@ -2544,7 +2556,7 @@ module RedBlackTree_Impl14_FlipColors goto BB2 } BB2 { - [#"../red_black_tree.rs" 487 8 487 59] _13 <- { _13 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _13 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 487 49 487 59] RedBlackTree_Node_Type.node_color ( * self)) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 487 8 487 59] _13 <- { _13 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _13 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 487 8 487 59] RedBlackTree_Node_Type.node_color ( * self)) x2 x3 x4) ; }; assert { [@expl:type invariant] inv1 _13 }; assume { resolve0 _13 }; [#"../red_black_tree.rs" 488 23 488 38] _18 <- Borrow.borrow_final (RedBlackTree_Node_Type.node_color ( * self)) (Borrow.inherit_id (Borrow.get_id self) 2); @@ -3027,7 +3039,7 @@ module RedBlackTree_Impl14_Balance goto BB0 } BB0 { - [#"../red_black_tree.rs" 511 11 511 30] _15 <- ([#"../red_black_tree.rs" 511 11 511 30] is_red0 ([#"../red_black_tree.rs" 511 11 511 21] RedBlackTree_Node_Type.node_right ( * self))); + [#"../red_black_tree.rs" 511 11 511 30] _15 <- ([#"../red_black_tree.rs" 511 11 511 30] is_red0 (RedBlackTree_Node_Type.node_right ( * self))); goto BB1 } BB1 { @@ -3037,7 +3049,7 @@ module RedBlackTree_Impl14_Balance end } BB2 { - [#"../red_black_tree.rs" 511 35 511 53] _17 <- ([#"../red_black_tree.rs" 511 35 511 53] is_red0 ([#"../red_black_tree.rs" 511 35 511 44] RedBlackTree_Node_Type.node_left ( * self))); + [#"../red_black_tree.rs" 511 35 511 53] _17 <- ([#"../red_black_tree.rs" 511 35 511 53] is_red0 (RedBlackTree_Node_Type.node_left ( * self))); goto BB3 } BB3 { @@ -3069,7 +3081,7 @@ module RedBlackTree_Impl14_Balance goto BB9 } BB9 { - [#"../red_black_tree.rs" 515 11 515 29] _22 <- ([#"../red_black_tree.rs" 515 11 515 29] is_red0 ([#"../red_black_tree.rs" 515 11 515 20] RedBlackTree_Node_Type.node_left ( * self))); + [#"../red_black_tree.rs" 515 11 515 29] _22 <- ([#"../red_black_tree.rs" 515 11 515 29] is_red0 (RedBlackTree_Node_Type.node_left ( * self))); goto BB10 } BB10 { @@ -3079,7 +3091,7 @@ module RedBlackTree_Impl14_Balance end } BB11 { - [#"../red_black_tree.rs" 515 33 515 56] _27 <- ([#"../red_black_tree.rs" 515 33 515 56] as_ref0 ([#"../red_black_tree.rs" 515 33 515 47] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * self)))); + [#"../red_black_tree.rs" 515 33 515 56] _27 <- ([#"../red_black_tree.rs" 515 33 515 56] as_ref0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * self)))); goto BB12 } BB12 { @@ -3090,7 +3102,7 @@ module RedBlackTree_Impl14_Balance BB13 { assert { [@expl:type invariant] inv1 _26 }; assume { resolve0 _26 }; - [#"../red_black_tree.rs" 515 33 515 79] _24 <- ([#"../red_black_tree.rs" 515 33 515 79] is_red0 ([#"../red_black_tree.rs" 515 33 515 70] RedBlackTree_Node_Type.node_left _26)); + [#"../red_black_tree.rs" 515 33 515 79] _24 <- ([#"../red_black_tree.rs" 515 33 515 79] is_red0 (RedBlackTree_Node_Type.node_left _26)); goto BB14 } BB14 { @@ -3122,7 +3134,7 @@ module RedBlackTree_Impl14_Balance goto BB20 } BB20 { - [#"../red_black_tree.rs" 519 11 519 29] _31 <- ([#"../red_black_tree.rs" 519 11 519 29] is_red0 ([#"../red_black_tree.rs" 519 11 519 20] RedBlackTree_Node_Type.node_left ( * self))); + [#"../red_black_tree.rs" 519 11 519 29] _31 <- ([#"../red_black_tree.rs" 519 11 519 29] is_red0 (RedBlackTree_Node_Type.node_left ( * self))); goto BB21 } BB21 { @@ -3132,7 +3144,7 @@ module RedBlackTree_Impl14_Balance end } BB22 { - [#"../red_black_tree.rs" 519 33 519 52] _33 <- ([#"../red_black_tree.rs" 519 33 519 52] is_red0 ([#"../red_black_tree.rs" 519 33 519 43] RedBlackTree_Node_Type.node_right ( * self))); + [#"../red_black_tree.rs" 519 33 519 52] _33 <- ([#"../red_black_tree.rs" 519 33 519 52] is_red0 (RedBlackTree_Node_Type.node_right ( * self))); goto BB23 } BB23 { @@ -3650,7 +3662,7 @@ module RedBlackTree_Impl14_MoveRedLeft goto BB3 } BB3 { - [#"../red_black_tree.rs" 544 11 544 58] _18 <- ([#"../red_black_tree.rs" 544 11 544 58] is_red0 ([#"../red_black_tree.rs" 544 11 544 49] RedBlackTree_Node_Type.node_left ( * _20))); + [#"../red_black_tree.rs" 544 11 544 58] _18 <- ([#"../red_black_tree.rs" 544 11 544 58] is_red0 (RedBlackTree_Node_Type.node_left ( * _20))); goto BB4 } BB4 { @@ -3725,7 +3737,7 @@ module RedBlackTree_Impl14_MoveRedLeft assert { [@expl:type invariant] inv2 _20 }; assume { resolve0 _20 }; [#"../red_black_tree.rs" 550 15 550 19] _0 <- ([#"../red_black_tree.rs" 550 15 550 19] self); - [#"../red_black_tree.rs" 550 15 550 19] self <- any borrowed (RedBlackTree_Node_Type.t_node k v); + self <- any borrowed (RedBlackTree_Node_Type.t_node k v); goto BB14 } BB14 { @@ -4197,7 +4209,7 @@ module RedBlackTree_Impl14_MoveRedRight goto BB3 } BB3 { - [#"../red_black_tree.rs" 573 11 573 57] _18 <- ([#"../red_black_tree.rs" 573 11 573 57] is_red0 ([#"../red_black_tree.rs" 573 11 573 48] RedBlackTree_Node_Type.node_left ( * _20))); + [#"../red_black_tree.rs" 573 11 573 57] _18 <- ([#"../red_black_tree.rs" 573 11 573 57] is_red0 (RedBlackTree_Node_Type.node_left ( * _20))); goto BB4 } BB4 { @@ -4249,7 +4261,7 @@ module RedBlackTree_Impl14_MoveRedRight assert { [@expl:type invariant] inv2 _20 }; assume { resolve0 _20 }; [#"../red_black_tree.rs" 578 15 578 19] _0 <- ([#"../red_black_tree.rs" 578 15 578 19] self); - [#"../red_black_tree.rs" 578 15 578 19] self <- any borrowed (RedBlackTree_Node_Type.t_node k v); + self <- any borrowed (RedBlackTree_Node_Type.t_node k v); goto BB11 } BB11 { @@ -4500,11 +4512,14 @@ module RedBlackTree_Impl15_New = [@vc:do_not_keep_trace] [@vc:sp] var _0 : RedBlackTree_Tree_Type.t_tree k v; + var _3 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); { goto BB0 } BB0 { - [#"../red_black_tree.rs" 589 8 589 27] _0 <- ([#"../red_black_tree.rs" 589 8 589 27] RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 589 21 589 25] Core_Option_Option_Type.C_None)); + [#"../red_black_tree.rs" 589 21 589 25] _3 <- ([#"../red_black_tree.rs" 589 21 589 25] Core_Option_Option_Type.C_None); + [#"../red_black_tree.rs" 589 8 589 27] _0 <- ([#"../red_black_tree.rs" 589 8 589 27] RedBlackTree_Tree_Type.C_Tree _3); + _3 <- any Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); goto BB1 } BB1 { @@ -4954,6 +4969,13 @@ module RedBlackTree_Impl15_InsertRec var _25 : borrowed (RedBlackTree_Tree_Type.t_tree k v); var _28 : (); var _29 : borrowed (RedBlackTree_Node_Type.t_node k v); + var _31 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); + var _33 : RedBlackTree_Node_Type.t_node k v; + var _34 : RedBlackTree_Tree_Type.t_tree k v; + var _35 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); + var _36 : RedBlackTree_Color_Type.t_color; + var _39 : RedBlackTree_Tree_Type.t_tree k v; + var _40 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); { goto BB0 } @@ -4982,7 +5004,7 @@ module RedBlackTree_Impl15_InsertRec [#"../red_black_tree.rs" 602 26 602 35] _18 <- ([#"../red_black_tree.rs" 602 26 602 35] RedBlackTree_Node_Type.node_key ( * node)); assert { [@expl:type invariant] inv2 _18 }; assume { resolve0 _18 }; - [#"../red_black_tree.rs" 602 18 602 36] _15 <- ([#"../red_black_tree.rs" 602 18 602 36] cmp0 ([#"../red_black_tree.rs" 602 18 602 21] key) ([#"../red_black_tree.rs" 602 26 602 35] _18)); + [#"../red_black_tree.rs" 602 18 602 36] _15 <- ([#"../red_black_tree.rs" 602 18 602 36] cmp0 key _18); goto BB5 } BB5 { @@ -5002,10 +5024,10 @@ module RedBlackTree_Impl15_InsertRec [#"../red_black_tree.rs" 608 27 608 37] _25 <- Borrow.borrow_mut (RedBlackTree_Node_Type.node_right ( * node)); [#"../red_black_tree.rs" 608 27 608 37] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 ( ^ _25)) ; }; assume { inv3 ( ^ _25) }; - [#"../red_black_tree.rs" 608 27 608 58] _14 <- ([#"../red_black_tree.rs" 608 27 608 58] insert_rec _25 ([#"../red_black_tree.rs" 608 49 608 52] key) ([#"../red_black_tree.rs" 608 54 608 57] val')); + [#"../red_black_tree.rs" 608 27 608 58] _14 <- ([#"../red_black_tree.rs" 608 27 608 58] insert_rec _25 key val'); _25 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); - [#"../red_black_tree.rs" 608 49 608 52] key <- any k; - [#"../red_black_tree.rs" 608 54 608 57] val' <- any v; + key <- any k; + val' <- any v; goto BB16 } BB9 { @@ -5026,10 +5048,10 @@ module RedBlackTree_Impl15_InsertRec [#"../red_black_tree.rs" 603 24 603 33] _20 <- Borrow.borrow_mut (RedBlackTree_Node_Type.node_left ( * node)); [#"../red_black_tree.rs" 603 24 603 33] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node ( ^ _20) x1 x2 x3 x4) ; }; assume { inv3 ( ^ _20) }; - [#"../red_black_tree.rs" 603 24 603 54] _14 <- ([#"../red_black_tree.rs" 603 24 603 54] insert_rec _20 ([#"../red_black_tree.rs" 603 45 603 48] key) ([#"../red_black_tree.rs" 603 50 603 53] val')); + [#"../red_black_tree.rs" 603 24 603 54] _14 <- ([#"../red_black_tree.rs" 603 24 603 54] insert_rec _20 key val'); _20 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); - [#"../red_black_tree.rs" 603 45 603 48] key <- any k; - [#"../red_black_tree.rs" 603 50 603 53] val' <- any v; + key <- any k; + val' <- any v; goto BB11 } BB11 { @@ -5041,8 +5063,8 @@ module RedBlackTree_Impl15_InsertRec goto BB13 } BB13 { - [#"../red_black_tree.rs" 605 20 605 28] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 x1 x2 ([#"../red_black_tree.rs" 605 31 605 34] val') x4) ; }; - [#"../red_black_tree.rs" 605 31 605 34] val' <- any v; + [#"../red_black_tree.rs" 605 20 605 28] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 x1 x2 ([#"../red_black_tree.rs" 605 20 605 28] val') x4) ; }; + val' <- any v; assert { [@expl:type invariant] inv5 (RedBlackTree_Node_Type.node_val ( * node)) }; assume { resolve2 (RedBlackTree_Node_Type.node_val ( * node)) }; assert { [@expl:type invariant] inv6 node }; @@ -5081,12 +5103,25 @@ module RedBlackTree_Impl15_InsertRec BB19 { assert { [@expl:type invariant] inv7 _11 }; assume { resolve4 _11 }; + [#"../red_black_tree.rs" 613 35 613 39] _35 <- ([#"../red_black_tree.rs" 613 35 613 39] Core_Option_Option_Type.C_None); + [#"../red_black_tree.rs" 613 22 613 41] _34 <- ([#"../red_black_tree.rs" 613 22 613 41] RedBlackTree_Tree_Type.C_Tree _35); + _35 <- any Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); goto BB20 } BB20 { + [#"../red_black_tree.rs" 614 23 614 26] _36 <- ([#"../red_black_tree.rs" 614 23 614 26] RedBlackTree_Color_Type.C_Red); + [#"../red_black_tree.rs" 617 36 617 40] _40 <- ([#"../red_black_tree.rs" 617 36 617 40] Core_Option_Option_Type.C_None); + [#"../red_black_tree.rs" 617 23 617 42] _39 <- ([#"../red_black_tree.rs" 617 23 617 42] RedBlackTree_Tree_Type.C_Tree _40); + _40 <- any Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); goto BB21 } BB21 { + [#"../red_black_tree.rs" 612 38 618 13] _33 <- ([#"../red_black_tree.rs" 612 38 618 13] RedBlackTree_Node_Type.C_Node _34 _36 key val' _39); + _34 <- any RedBlackTree_Tree_Type.t_tree k v; + _36 <- any RedBlackTree_Color_Type.t_color; + key <- any k; + val' <- any v; + _39 <- any RedBlackTree_Tree_Type.t_tree k v; goto BB22 } BB22 { @@ -5102,15 +5137,16 @@ module RedBlackTree_Impl15_InsertRec goto BB26 } BB26 { + [#"../red_black_tree.rs" 612 24 618 15] _31 <- ([#"../red_black_tree.rs" 612 24 618 15] Core_Option_Option_Type.C_Some _33); + _33 <- any RedBlackTree_Node_Type.t_node k v; goto BB27 } BB27 { goto BB28 } BB28 { - [#"../red_black_tree.rs" 612 12 612 21] self <- { self with current = (let RedBlackTree_Tree_Type.C_Tree x0 = * self in RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 612 24 618 15] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 612 38 618 13] RedBlackTree_Node_Type.C_Node ([#"../red_black_tree.rs" 613 22 613 41] RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 613 35 613 39] Core_Option_Option_Type.C_None)) ([#"../red_black_tree.rs" 614 23 614 26] RedBlackTree_Color_Type.C_Red) ([#"../red_black_tree.rs" 615 16 615 19] key) ([#"../red_black_tree.rs" 616 16 616 19] val') ([#"../red_black_tree.rs" 617 23 617 42] RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 617 36 617 40] Core_Option_Option_Type.C_None))))) ; }; - [#"../red_black_tree.rs" 615 16 615 19] key <- any k; - [#"../red_black_tree.rs" 616 16 616 19] val' <- any v; + [#"../red_black_tree.rs" 612 12 612 21] self <- { self with current = (let RedBlackTree_Tree_Type.C_Tree x0 = * self in RedBlackTree_Tree_Type.C_Tree ([#"../red_black_tree.rs" 612 12 612 21] _31)) ; }; + _31 <- any Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); assert { [@expl:type invariant] inv0 (RedBlackTree_Tree_Type.tree_node ( * self)) }; assume { resolve6 (RedBlackTree_Tree_Type.tree_node ( * self)) }; assert { [@expl:type invariant] inv8 self }; @@ -5561,6 +5597,7 @@ module RedBlackTree_Impl15_Insert var val' : v = val'; var _7 : (); var _8 : borrowed (RedBlackTree_Tree_Type.t_tree k v); + var _11 : RedBlackTree_Color_Type.t_color; var _12 : borrowed (RedBlackTree_Node_Type.t_node k v); var _13 : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v)); var _14 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -5575,13 +5612,14 @@ module RedBlackTree_Impl15_Insert [#"../red_black_tree.rs" 627 8 627 12] _8 <- Borrow.borrow_mut ( * self); [#"../red_black_tree.rs" 627 8 627 12] self <- { self with current = ( ^ _8) ; }; assume { inv0 ( ^ _8) }; - [#"../red_black_tree.rs" 627 8 627 33] _7 <- ([#"../red_black_tree.rs" 627 8 627 33] insert_rec0 _8 ([#"../red_black_tree.rs" 627 24 627 27] key) ([#"../red_black_tree.rs" 627 29 627 32] val')); + [#"../red_black_tree.rs" 627 8 627 33] _7 <- ([#"../red_black_tree.rs" 627 8 627 33] insert_rec0 _8 key val'); _8 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); - [#"../red_black_tree.rs" 627 24 627 27] key <- any k; - [#"../red_black_tree.rs" 627 29 627 32] val' <- any v; + key <- any k; + val' <- any v; goto BB2 } BB2 { + [#"../red_black_tree.rs" 628 44 628 49] _11 <- ([#"../red_black_tree.rs" 628 44 628 49] RedBlackTree_Color_Type.C_Black); [#"../red_black_tree.rs" 628 8 628 17] _14 <- Borrow.borrow_final (RedBlackTree_Tree_Type.tree_node ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../red_black_tree.rs" 628 8 628 17] self <- { self with current = (let RedBlackTree_Tree_Type.C_Tree x0 = * self in RedBlackTree_Tree_Type.C_Tree ( ^ _14)) ; }; assume { inv1 ( ^ _14) }; @@ -5595,7 +5633,8 @@ module RedBlackTree_Impl15_Insert goto BB4 } BB4 { - [#"../red_black_tree.rs" 628 8 628 49] _12 <- { _12 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _12 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 628 44 628 49] RedBlackTree_Color_Type.C_Black) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 628 8 628 49] _12 <- { _12 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _12 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 628 8 628 49] _11) x2 x3 x4) ; }; + _11 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv2 _12 }; assume { resolve0 _12 }; assert { [@expl:type invariant] inv3 self }; @@ -6211,7 +6250,7 @@ module RedBlackTree_Impl15_DeleteMaxRec BB3 { assert { [@expl:type invariant] inv2 _13 }; assume { resolve0 _13 }; - [#"../red_black_tree.rs" 645 11 645 29] _17 <- ([#"../red_black_tree.rs" 645 11 645 29] is_red0 ([#"../red_black_tree.rs" 645 11 645 20] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 645 11 645 29] _17 <- ([#"../red_black_tree.rs" 645 11 645 29] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB4 } BB4 { @@ -6269,9 +6308,9 @@ module RedBlackTree_Impl15_DeleteMaxRec BB12 { assert { [@expl:type invariant] inv1 node1 }; assume { resolve4 node1 }; - [#"../red_black_tree.rs" 650 19 650 39] _0 <- ([#"../red_black_tree.rs" 650 19 650 39] (([#"../red_black_tree.rs" 650 20 650 28] RedBlackTree_Node_Type.node_key node1), ([#"../red_black_tree.rs" 650 30 650 38] RedBlackTree_Node_Type.node_val node1))); - [#"../red_black_tree.rs" 650 20 650 28] node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 (any k) x3 x4); - [#"../red_black_tree.rs" 650 30 650 38] node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 x2 (any v) x4); + [#"../red_black_tree.rs" 650 19 650 39] _0 <- ([#"../red_black_tree.rs" 650 19 650 39] (RedBlackTree_Node_Type.node_key node1, RedBlackTree_Node_Type.node_val node1)); + node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 (any k) x3 x4); + node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 x2 (any v) x4); goto BB13 } BB13 { @@ -6281,7 +6320,7 @@ module RedBlackTree_Impl15_DeleteMaxRec goto BB30 } BB15 { - [#"../red_black_tree.rs" 652 12 652 31] _30 <- ([#"../red_black_tree.rs" 652 12 652 31] is_red0 ([#"../red_black_tree.rs" 652 12 652 22] RedBlackTree_Node_Type.node_right ( * node))); + [#"../red_black_tree.rs" 652 12 652 31] _30 <- ([#"../red_black_tree.rs" 652 12 652 31] is_red0 (RedBlackTree_Node_Type.node_right ( * node))); goto BB16 } BB16 { @@ -6294,7 +6333,7 @@ module RedBlackTree_Impl15_DeleteMaxRec goto BB25 } BB18 { - [#"../red_black_tree.rs" 652 36 652 60] _35 <- ([#"../red_black_tree.rs" 652 36 652 60] as_ref0 ([#"../red_black_tree.rs" 652 36 652 51] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_right ( * node)))); + [#"../red_black_tree.rs" 652 36 652 60] _35 <- ([#"../red_black_tree.rs" 652 36 652 60] as_ref0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_right ( * node)))); goto BB19 } BB19 { @@ -6305,7 +6344,7 @@ module RedBlackTree_Impl15_DeleteMaxRec BB20 { assert { [@expl:type invariant] inv7 _34 }; assume { resolve5 _34 }; - [#"../red_black_tree.rs" 652 36 652 83] _32 <- ([#"../red_black_tree.rs" 652 36 652 83] is_red0 ([#"../red_black_tree.rs" 652 36 652 74] RedBlackTree_Node_Type.node_left _34)); + [#"../red_black_tree.rs" 652 36 652 83] _32 <- ([#"../red_black_tree.rs" 652 36 652 83] is_red0 (RedBlackTree_Node_Type.node_left _34)); goto BB21 } BB21 { @@ -6332,7 +6371,7 @@ module RedBlackTree_Impl15_DeleteMaxRec assert { [@expl:type invariant] inv4 node }; assume { resolve1 node }; [#"../red_black_tree.rs" 653 12 653 40] node <- ([#"../red_black_tree.rs" 653 12 653 40] _37); - [#"../red_black_tree.rs" 653 12 653 40] _37 <- any borrowed (RedBlackTree_Node_Type.t_node k v); + _37 <- any borrowed (RedBlackTree_Node_Type.t_node k v); assert { [@expl:type invariant] inv4 _38 }; assume { resolve1 _38 }; [#"../red_black_tree.rs" 652 84 654 9] _29 <- ([#"../red_black_tree.rs" 652 84 654 9] ()); @@ -6364,7 +6403,7 @@ module RedBlackTree_Impl15_DeleteMaxRec assert { [@expl:type invariant] inv6 self }; assume { resolve3 self }; [#"../red_black_tree.rs" 657 8 657 9] _0 <- ([#"../red_black_tree.rs" 657 8 657 9] r); - [#"../red_black_tree.rs" 657 8 657 9] r <- any (k, v); + r <- any (k, v); goto BB29 } BB29 { @@ -6857,10 +6896,12 @@ module RedBlackTree_Impl15_DeleteMax var _8 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var node : borrowed (RedBlackTree_Node_Type.t_node k v); var _11 : bool; + var _13 : RedBlackTree_Color_Type.t_color; var r : (k, v); var _18 : borrowed (RedBlackTree_Tree_Type.t_tree k v); var _19 : (); var _20 : bool; + var _22 : RedBlackTree_Color_Type.t_color; var _23 : borrowed (RedBlackTree_Node_Type.t_node k v); var _24 : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v)); var _25 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -6890,7 +6931,7 @@ module RedBlackTree_Impl15_DeleteMax [#"../red_black_tree.rs" 669 20 669 24] node <- Borrow.borrow_final (Core_Option_Option_Type.some_0 ( * _8)) (Borrow.inherit_id (Borrow.get_id _8) 1); [#"../red_black_tree.rs" 669 20 669 24] _8 <- { _8 with current = (let Core_Option_Option_Type.C_Some x0 = * _8 in Core_Option_Option_Type.C_Some ( ^ node)) ; }; assume { inv2 ( ^ node) }; - [#"../red_black_tree.rs" 670 16 670 34] _11 <- ([#"../red_black_tree.rs" 670 16 670 34] is_red0 ([#"../red_black_tree.rs" 670 16 670 25] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 670 16 670 34] _11 <- ([#"../red_black_tree.rs" 670 16 670 34] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB4 } BB4 { @@ -6908,7 +6949,9 @@ module RedBlackTree_Impl15_DeleteMax goto BB7 } BB6 { - [#"../red_black_tree.rs" 671 16 671 32] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 671 29 671 32] RedBlackTree_Color_Type.C_Red) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 671 29 671 32] _13 <- ([#"../red_black_tree.rs" 671 29 671 32] RedBlackTree_Color_Type.C_Red); + [#"../red_black_tree.rs" 671 16 671 32] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 671 16 671 32] _13) x2 x3 x4) ; }; + _13 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv3 node }; assume { resolve1 node }; assert { [@expl:type invariant] inv4 _8 }; @@ -6934,7 +6977,7 @@ module RedBlackTree_Impl15_DeleteMax goto BB19 } BB9 { - [#"../red_black_tree.rs" 678 11 678 24] _20 <- ([#"../red_black_tree.rs" 678 11 678 24] is_red0 ([#"../red_black_tree.rs" 678 11 678 15] * self)); + [#"../red_black_tree.rs" 678 11 678 24] _20 <- ([#"../red_black_tree.rs" 678 11 678 24] is_red0 ( * self)); goto BB10 } BB10 { @@ -6944,6 +6987,7 @@ module RedBlackTree_Impl15_DeleteMax end } BB11 { + [#"../red_black_tree.rs" 679 48 679 53] _22 <- ([#"../red_black_tree.rs" 679 48 679 53] RedBlackTree_Color_Type.C_Black); [#"../red_black_tree.rs" 679 12 679 21] _25 <- Borrow.borrow_final (RedBlackTree_Tree_Type.tree_node ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../red_black_tree.rs" 679 12 679 21] self <- { self with current = (let RedBlackTree_Tree_Type.C_Tree x0 = * self in RedBlackTree_Tree_Type.C_Tree ( ^ _25)) ; }; assume { inv1 ( ^ _25) }; @@ -6957,7 +7001,8 @@ module RedBlackTree_Impl15_DeleteMax goto BB13 } BB13 { - [#"../red_black_tree.rs" 679 12 679 53] _23 <- { _23 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _23 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 679 48 679 53] RedBlackTree_Color_Type.C_Black) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 679 12 679 53] _23 <- { _23 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _23 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 679 12 679 53] _22) x2 x3 x4) ; }; + _22 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv3 _23 }; assume { resolve1 _23 }; assert { [@expl:type invariant] inv6 self }; @@ -6977,8 +7022,8 @@ module RedBlackTree_Impl15_DeleteMax } BB16 { assume { resolve4 _26 }; - [#"../red_black_tree.rs" 682 8 682 15] _0 <- ([#"../red_black_tree.rs" 682 8 682 15] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 682 13 682 14] r)); - [#"../red_black_tree.rs" 682 13 682 14] r <- any (k, v); + [#"../red_black_tree.rs" 682 8 682 15] _0 <- ([#"../red_black_tree.rs" 682 8 682 15] Core_Option_Option_Type.C_Some r); + r <- any (k, v); goto BB17 } BB17 { @@ -7605,9 +7650,9 @@ module RedBlackTree_Impl15_DeleteMinRec BB7 { assert { [@expl:type invariant] inv1 node1 }; assume { resolve4 node1 }; - [#"../red_black_tree.rs" 700 19 700 39] _0 <- ([#"../red_black_tree.rs" 700 19 700 39] (([#"../red_black_tree.rs" 700 20 700 28] RedBlackTree_Node_Type.node_key node1), ([#"../red_black_tree.rs" 700 30 700 38] RedBlackTree_Node_Type.node_val node1))); - [#"../red_black_tree.rs" 700 20 700 28] node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 (any k) x3 x4); - [#"../red_black_tree.rs" 700 30 700 38] node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 x2 (any v) x4); + [#"../red_black_tree.rs" 700 19 700 39] _0 <- ([#"../red_black_tree.rs" 700 19 700 39] (RedBlackTree_Node_Type.node_key node1, RedBlackTree_Node_Type.node_val node1)); + node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 (any k) x3 x4); + node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 x2 (any v) x4); goto BB8 } BB8 { @@ -7617,7 +7662,7 @@ module RedBlackTree_Impl15_DeleteMinRec goto BB25 } BB10 { - [#"../red_black_tree.rs" 702 12 702 30] _26 <- ([#"../red_black_tree.rs" 702 12 702 30] is_red0 ([#"../red_black_tree.rs" 702 12 702 21] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 702 12 702 30] _26 <- ([#"../red_black_tree.rs" 702 12 702 30] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB11 } BB11 { @@ -7630,7 +7675,7 @@ module RedBlackTree_Impl15_DeleteMinRec goto BB20 } BB13 { - [#"../red_black_tree.rs" 702 35 702 58] _31 <- ([#"../red_black_tree.rs" 702 35 702 58] as_ref0 ([#"../red_black_tree.rs" 702 35 702 49] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * node)))); + [#"../red_black_tree.rs" 702 35 702 58] _31 <- ([#"../red_black_tree.rs" 702 35 702 58] as_ref0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * node)))); goto BB14 } BB14 { @@ -7641,7 +7686,7 @@ module RedBlackTree_Impl15_DeleteMinRec BB15 { assert { [@expl:type invariant] inv6 _30 }; assume { resolve5 _30 }; - [#"../red_black_tree.rs" 702 35 702 81] _28 <- ([#"../red_black_tree.rs" 702 35 702 81] is_red0 ([#"../red_black_tree.rs" 702 35 702 72] RedBlackTree_Node_Type.node_left _30)); + [#"../red_black_tree.rs" 702 35 702 81] _28 <- ([#"../red_black_tree.rs" 702 35 702 81] is_red0 (RedBlackTree_Node_Type.node_left _30)); goto BB16 } BB16 { @@ -7668,7 +7713,7 @@ module RedBlackTree_Impl15_DeleteMinRec assert { [@expl:type invariant] inv3 node }; assume { resolve1 node }; [#"../red_black_tree.rs" 703 12 703 39] node <- ([#"../red_black_tree.rs" 703 12 703 39] _33); - [#"../red_black_tree.rs" 703 12 703 39] _33 <- any borrowed (RedBlackTree_Node_Type.t_node k v); + _33 <- any borrowed (RedBlackTree_Node_Type.t_node k v); assert { [@expl:type invariant] inv3 _34 }; assume { resolve1 _34 }; [#"../red_black_tree.rs" 702 82 704 9] _25 <- ([#"../red_black_tree.rs" 702 82 704 9] ()); @@ -7700,7 +7745,7 @@ module RedBlackTree_Impl15_DeleteMinRec assert { [@expl:type invariant] inv5 self }; assume { resolve3 self }; [#"../red_black_tree.rs" 707 8 707 9] _0 <- ([#"../red_black_tree.rs" 707 8 707 9] r); - [#"../red_black_tree.rs" 707 8 707 9] r <- any (k, v); + r <- any (k, v); goto BB24 } BB24 { @@ -8171,10 +8216,12 @@ module RedBlackTree_Impl15_DeleteMin var _8 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var node : borrowed (RedBlackTree_Node_Type.t_node k v); var _11 : bool; + var _13 : RedBlackTree_Color_Type.t_color; var r : (k, v); var _16 : borrowed (RedBlackTree_Tree_Type.t_tree k v); var _17 : (); var _18 : bool; + var _20 : RedBlackTree_Color_Type.t_color; var _21 : borrowed (RedBlackTree_Node_Type.t_node k v); var _22 : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v)); var _23 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -8202,7 +8249,7 @@ module RedBlackTree_Impl15_DeleteMin [#"../red_black_tree.rs" 722 20 722 24] node <- Borrow.borrow_final (Core_Option_Option_Type.some_0 ( * _8)) (Borrow.inherit_id (Borrow.get_id _8) 1); [#"../red_black_tree.rs" 722 20 722 24] _8 <- { _8 with current = (let Core_Option_Option_Type.C_Some x0 = * _8 in Core_Option_Option_Type.C_Some ( ^ node)) ; }; assume { inv1 ( ^ node) }; - [#"../red_black_tree.rs" 723 16 723 34] _11 <- ([#"../red_black_tree.rs" 723 16 723 34] is_red0 ([#"../red_black_tree.rs" 723 16 723 25] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 723 16 723 34] _11 <- ([#"../red_black_tree.rs" 723 16 723 34] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB4 } BB4 { @@ -8220,7 +8267,9 @@ module RedBlackTree_Impl15_DeleteMin goto BB7 } BB6 { - [#"../red_black_tree.rs" 724 16 724 32] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 724 29 724 32] RedBlackTree_Color_Type.C_Red) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 724 29 724 32] _13 <- ([#"../red_black_tree.rs" 724 29 724 32] RedBlackTree_Color_Type.C_Red); + [#"../red_black_tree.rs" 724 16 724 32] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 724 16 724 32] _13) x2 x3 x4) ; }; + _13 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv2 node }; assume { resolve1 node }; assert { [@expl:type invariant] inv3 _8 }; @@ -8245,7 +8294,7 @@ module RedBlackTree_Impl15_DeleteMin goto BB18 } BB9 { - [#"../red_black_tree.rs" 730 11 730 24] _18 <- ([#"../red_black_tree.rs" 730 11 730 24] is_red0 ([#"../red_black_tree.rs" 730 11 730 15] * self)); + [#"../red_black_tree.rs" 730 11 730 24] _18 <- ([#"../red_black_tree.rs" 730 11 730 24] is_red0 ( * self)); goto BB10 } BB10 { @@ -8255,6 +8304,7 @@ module RedBlackTree_Impl15_DeleteMin end } BB11 { + [#"../red_black_tree.rs" 731 48 731 53] _20 <- ([#"../red_black_tree.rs" 731 48 731 53] RedBlackTree_Color_Type.C_Black); [#"../red_black_tree.rs" 731 12 731 21] _23 <- Borrow.borrow_final (RedBlackTree_Tree_Type.tree_node ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../red_black_tree.rs" 731 12 731 21] self <- { self with current = (let RedBlackTree_Tree_Type.C_Tree x0 = * self in RedBlackTree_Tree_Type.C_Tree ( ^ _23)) ; }; assume { inv0 ( ^ _23) }; @@ -8268,7 +8318,8 @@ module RedBlackTree_Impl15_DeleteMin goto BB13 } BB13 { - [#"../red_black_tree.rs" 731 12 731 53] _21 <- { _21 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _21 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 731 48 731 53] RedBlackTree_Color_Type.C_Black) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 731 12 731 53] _21 <- { _21 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _21 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 731 12 731 53] _20) x2 x3 x4) ; }; + _20 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv2 _21 }; assume { resolve1 _21 }; assert { [@expl:type invariant] inv5 self }; @@ -8283,8 +8334,8 @@ module RedBlackTree_Impl15_DeleteMin goto BB15 } BB15 { - [#"../red_black_tree.rs" 733 8 733 15] _0 <- ([#"../red_black_tree.rs" 733 8 733 15] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 733 13 733 14] r)); - [#"../red_black_tree.rs" 733 13 733 14] r <- any (k, v); + [#"../red_black_tree.rs" 733 8 733 15] _0 <- ([#"../red_black_tree.rs" 733 8 733 15] Core_Option_Option_Type.C_Some r); + r <- any (k, v); goto BB16 } BB16 { @@ -9085,6 +9136,7 @@ module RedBlackTree_Impl15_DeleteRec var _57 : Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v); var _58 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var _59 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); + var _60 : (k, v); var _63 : (); var _64 : bool; var _66 : RedBlackTree_Node_Type.t_node k v; @@ -9105,6 +9157,7 @@ module RedBlackTree_Impl15_DeleteRec var _84 : borrowed v; var _85 : borrowed v; var _86 : borrowed v; + var _87 : Core_Option_Option_Type.t_option (k, v); var _89 : Core_Option_Option_Type.t_option (k, v); var _90 : borrowed (RedBlackTree_Tree_Type.t_tree k v); var _92 : (); @@ -9139,7 +9192,7 @@ module RedBlackTree_Impl15_DeleteRec [#"../red_black_tree.rs" 751 22 751 31] _21 <- ([#"../red_black_tree.rs" 751 22 751 31] RedBlackTree_Node_Type.node_key ( * node)); assert { [@expl:type invariant] inv3 _21 }; assume { resolve1 _21 }; - [#"../red_black_tree.rs" 751 14 751 32] _18 <- ([#"../red_black_tree.rs" 751 14 751 32] cmp0 ([#"../red_black_tree.rs" 751 14 751 17] key) ([#"../red_black_tree.rs" 751 22 751 31] _21)); + [#"../red_black_tree.rs" 751 14 751 32] _18 <- ([#"../red_black_tree.rs" 751 14 751 32] cmp0 key _21); goto BB4 } BB4 { @@ -9153,11 +9206,11 @@ module RedBlackTree_Impl15_DeleteRec } BB6 { [#"../red_black_tree.rs" 761 12 761 15] ord <- ([#"../red_black_tree.rs" 761 12 761 15] _18); - [#"../red_black_tree.rs" 762 19 762 37] _42 <- ([#"../red_black_tree.rs" 762 19 762 37] is_red0 ([#"../red_black_tree.rs" 762 19 762 28] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 762 19 762 37] _42 <- ([#"../red_black_tree.rs" 762 19 762 37] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB26 } BB7 { - [#"../red_black_tree.rs" 753 19 753 43] _24 <- ([#"../red_black_tree.rs" 753 19 753 43] is_none0 ([#"../red_black_tree.rs" 753 19 753 33] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * node)))); + [#"../red_black_tree.rs" 753 19 753 43] _24 <- ([#"../red_black_tree.rs" 753 19 753 43] is_none0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * node)))); goto BB8 } BB8 { @@ -9177,7 +9230,7 @@ module RedBlackTree_Impl15_DeleteRec goto BB74 } BB10 { - [#"../red_black_tree.rs" 756 20 756 38] _28 <- ([#"../red_black_tree.rs" 756 20 756 38] is_red0 ([#"../red_black_tree.rs" 756 20 756 29] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 756 20 756 38] _28 <- ([#"../red_black_tree.rs" 756 20 756 38] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB11 } BB11 { @@ -9190,7 +9243,7 @@ module RedBlackTree_Impl15_DeleteRec goto BB20 } BB13 { - [#"../red_black_tree.rs" 756 43 756 66] _33 <- ([#"../red_black_tree.rs" 756 43 756 66] as_ref0 ([#"../red_black_tree.rs" 756 43 756 57] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * node)))); + [#"../red_black_tree.rs" 756 43 756 66] _33 <- ([#"../red_black_tree.rs" 756 43 756 66] as_ref0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_left ( * node)))); goto BB14 } BB14 { @@ -9201,7 +9254,7 @@ module RedBlackTree_Impl15_DeleteRec BB15 { assert { [@expl:type invariant] inv4 _32 }; assume { resolve2 _32 }; - [#"../red_black_tree.rs" 756 43 756 89] _30 <- ([#"../red_black_tree.rs" 756 43 756 89] is_red0 ([#"../red_black_tree.rs" 756 43 756 80] RedBlackTree_Node_Type.node_left _32)); + [#"../red_black_tree.rs" 756 43 756 89] _30 <- ([#"../red_black_tree.rs" 756 43 756 89] is_red0 (RedBlackTree_Node_Type.node_left _32)); goto BB16 } BB16 { @@ -9228,7 +9281,7 @@ module RedBlackTree_Impl15_DeleteRec assert { [@expl:type invariant] inv6 node }; assume { resolve3 node }; [#"../red_black_tree.rs" 757 20 757 47] node <- ([#"../red_black_tree.rs" 757 20 757 47] _35); - [#"../red_black_tree.rs" 757 20 757 47] _35 <- any borrowed (RedBlackTree_Node_Type.t_node k v); + _35 <- any borrowed (RedBlackTree_Node_Type.t_node k v); assert { [@expl:type invariant] inv6 _36 }; assume { resolve3 _36 }; [#"../red_black_tree.rs" 756 90 758 17] _27 <- ([#"../red_black_tree.rs" 756 90 758 17] ()); @@ -9244,7 +9297,7 @@ module RedBlackTree_Impl15_DeleteRec assume { inv7 ( ^ _39) }; assert { [@expl:type invariant] inv3 key }; assume { resolve1 key }; - [#"../red_black_tree.rs" 759 20 759 45] _38 <- ([#"../red_black_tree.rs" 759 20 759 45] delete_rec _39 ([#"../red_black_tree.rs" 759 41 759 44] key)); + [#"../red_black_tree.rs" 759 20 759 45] _38 <- ([#"../red_black_tree.rs" 759 20 759 45] delete_rec _39 key); _39 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); goto BB22 } @@ -9253,7 +9306,7 @@ module RedBlackTree_Impl15_DeleteRec } BB23 { [#"../red_black_tree.rs" 759 16 759 17] r <- ([#"../red_black_tree.rs" 759 16 759 17] _38); - [#"../red_black_tree.rs" 759 16 759 17] _38 <- any Core_Option_Option_Type.t_option (k, v); + _38 <- any Core_Option_Option_Type.t_option (k, v); [#"../red_black_tree.rs" 759 16 759 45] _17 <- ([#"../red_black_tree.rs" 759 16 759 45] ()); goto BB25 } @@ -9280,7 +9333,7 @@ module RedBlackTree_Impl15_DeleteRec assume { inv7 ( ^ _47) }; assert { [@expl:type invariant] inv3 key }; assume { resolve1 key }; - [#"../red_black_tree.rs" 764 24 764 50] _46 <- ([#"../red_black_tree.rs" 764 24 764 50] delete_rec _47 ([#"../red_black_tree.rs" 764 46 764 49] key)); + [#"../red_black_tree.rs" 764 24 764 50] _46 <- ([#"../red_black_tree.rs" 764 24 764 50] delete_rec _47 key); _47 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); goto BB29 } @@ -9289,7 +9342,7 @@ module RedBlackTree_Impl15_DeleteRec } BB30 { [#"../red_black_tree.rs" 764 20 764 21] r <- ([#"../red_black_tree.rs" 764 20 764 21] _46); - [#"../red_black_tree.rs" 764 20 764 21] _46 <- any Core_Option_Option_Type.t_option (k, v); + _46 <- any Core_Option_Option_Type.t_option (k, v); [#"../red_black_tree.rs" 764 20 764 50] _17 <- ([#"../red_black_tree.rs" 764 20 764 50] ()); goto BB32 } @@ -9297,7 +9350,7 @@ module RedBlackTree_Impl15_DeleteRec goto BB68 } BB33 { - [#"../red_black_tree.rs" 766 23 766 48] _50 <- ([#"../red_black_tree.rs" 766 23 766 48] is_none0 ([#"../red_black_tree.rs" 766 23 766 38] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_right ( * node)))); + [#"../red_black_tree.rs" 766 23 766 48] _50 <- ([#"../red_black_tree.rs" 766 23 766 48] is_none0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_right ( * node)))); goto BB34 } BB34 { @@ -9348,22 +9401,24 @@ module RedBlackTree_Impl15_DeleteRec BB40 { assert { [@expl:type invariant] inv1 node1 }; assume { resolve9 node1 }; + [#"../red_black_tree.rs" 771 36 771 56] _60 <- ([#"../red_black_tree.rs" 771 36 771 56] (RedBlackTree_Node_Type.node_key node1, RedBlackTree_Node_Type.node_val node1)); + node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 (any k) x3 x4); + node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 x2 (any v) x4); goto BB41 } BB41 { goto BB42 } BB42 { - [#"../red_black_tree.rs" 771 31 771 57] _0 <- ([#"../red_black_tree.rs" 771 31 771 57] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 771 36 771 56] (([#"../red_black_tree.rs" 771 37 771 45] RedBlackTree_Node_Type.node_key node1), ([#"../red_black_tree.rs" 771 47 771 55] RedBlackTree_Node_Type.node_val node1)))); - [#"../red_black_tree.rs" 771 37 771 45] node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 (any k) x3 x4); - [#"../red_black_tree.rs" 771 47 771 55] node1 <- (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = node1 in RedBlackTree_Node_Type.C_Node x0 x1 x2 (any v) x4); + [#"../red_black_tree.rs" 771 31 771 57] _0 <- ([#"../red_black_tree.rs" 771 31 771 57] Core_Option_Option_Type.C_Some _60); + _60 <- any (k, v); goto BB43 } BB43 { goto BB72 } BB44 { - [#"../red_black_tree.rs" 773 24 773 48] _67 <- ([#"../red_black_tree.rs" 773 24 773 48] as_ref0 ([#"../red_black_tree.rs" 773 24 773 39] RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_right ( * node)))); + [#"../red_black_tree.rs" 773 24 773 48] _67 <- ([#"../red_black_tree.rs" 773 24 773 48] as_ref0 (RedBlackTree_Tree_Type.tree_node (RedBlackTree_Node_Type.node_right ( * node)))); goto BB45 } BB45 { @@ -9374,7 +9429,7 @@ module RedBlackTree_Impl15_DeleteRec BB46 { assert { [@expl:type invariant] inv4 _66 }; assume { resolve2 _66 }; - [#"../red_black_tree.rs" 773 24 773 71] _64 <- ([#"../red_black_tree.rs" 773 24 773 71] is_red0 ([#"../red_black_tree.rs" 773 24 773 62] RedBlackTree_Node_Type.node_left _66)); + [#"../red_black_tree.rs" 773 24 773 71] _64 <- ([#"../red_black_tree.rs" 773 24 773 71] is_red0 (RedBlackTree_Node_Type.node_left _66)); goto BB47 } BB47 { @@ -9402,7 +9457,7 @@ module RedBlackTree_Impl15_DeleteRec assert { [@expl:type invariant] inv6 node }; assume { resolve3 node }; [#"../red_black_tree.rs" 774 24 774 52] node <- ([#"../red_black_tree.rs" 774 24 774 52] _69); - [#"../red_black_tree.rs" 774 24 774 52] _69 <- any borrowed (RedBlackTree_Node_Type.t_node k v); + _69 <- any borrowed (RedBlackTree_Node_Type.t_node k v); assert { [@expl:type invariant] inv6 _70 }; assume { resolve3 _70 }; [#"../red_black_tree.rs" 773 72 775 21] _63 <- ([#"../red_black_tree.rs" 773 72 775 21] ()); @@ -9477,14 +9532,16 @@ module RedBlackTree_Impl15_DeleteRec assume { resolve7 _86 }; assert { [@expl:type invariant] inv12 _84 }; assume { resolve7 _84 }; + [#"../red_black_tree.rs" 781 28 781 36] _87 <- ([#"../red_black_tree.rs" 781 28 781 36] Core_Option_Option_Type.C_Some kv); + kv <- any (k, v); goto BB58 } BB58 { goto BB59 } BB59 { - [#"../red_black_tree.rs" 781 24 781 25] r <- ([#"../red_black_tree.rs" 781 28 781 36] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 781 33 781 35] kv)); - [#"../red_black_tree.rs" 781 33 781 35] kv <- any (k, v); + [#"../red_black_tree.rs" 781 24 781 25] r <- ([#"../red_black_tree.rs" 781 24 781 25] _87); + _87 <- any Core_Option_Option_Type.t_option (k, v); [#"../red_black_tree.rs" 781 24 781 36] _17 <- ([#"../red_black_tree.rs" 781 24 781 36] ()); goto BB61 } @@ -9500,7 +9557,7 @@ module RedBlackTree_Impl15_DeleteRec assume { inv7 ( ^ _90) }; assert { [@expl:type invariant] inv3 key }; assume { resolve1 key }; - [#"../red_black_tree.rs" 783 28 783 54] _89 <- ([#"../red_black_tree.rs" 783 28 783 54] delete_rec _90 ([#"../red_black_tree.rs" 783 50 783 53] key)); + [#"../red_black_tree.rs" 783 28 783 54] _89 <- ([#"../red_black_tree.rs" 783 28 783 54] delete_rec _90 key); _90 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); goto BB64 } @@ -9509,7 +9566,7 @@ module RedBlackTree_Impl15_DeleteRec } BB65 { [#"../red_black_tree.rs" 783 24 783 25] r <- ([#"../red_black_tree.rs" 783 24 783 25] _89); - [#"../red_black_tree.rs" 783 24 783 25] _89 <- any Core_Option_Option_Type.t_option (k, v); + _89 <- any Core_Option_Option_Type.t_option (k, v); [#"../red_black_tree.rs" 783 24 783 54] _17 <- ([#"../red_black_tree.rs" 783 24 783 54] ()); goto BB67 } @@ -9533,7 +9590,7 @@ module RedBlackTree_Impl15_DeleteRec assert { [@expl:type invariant] inv8 self }; assume { resolve4 self }; [#"../red_black_tree.rs" 789 8 789 9] _0 <- ([#"../red_black_tree.rs" 789 8 789 9] r); - [#"../red_black_tree.rs" 789 8 789 9] r <- any Core_Option_Option_Type.t_option (k, v); + r <- any Core_Option_Option_Type.t_option (k, v); goto BB71 } BB71 { @@ -10028,10 +10085,12 @@ module RedBlackTree_Impl15_Delete var _10 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); var node : borrowed (RedBlackTree_Node_Type.t_node k v); var _13 : bool; + var _15 : RedBlackTree_Color_Type.t_color; var r : Core_Option_Option_Type.t_option (k, v); var _18 : borrowed (RedBlackTree_Tree_Type.t_tree k v); var _20 : (); var _21 : bool; + var _23 : RedBlackTree_Color_Type.t_color; var _24 : borrowed (RedBlackTree_Node_Type.t_node k v); var _25 : Core_Option_Option_Type.t_option (borrowed (RedBlackTree_Node_Type.t_node k v)); var _26 : borrowed (Core_Option_Option_Type.t_option (RedBlackTree_Node_Type.t_node k v)); @@ -10059,7 +10118,7 @@ module RedBlackTree_Impl15_Delete [#"../red_black_tree.rs" 803 20 803 24] node <- Borrow.borrow_final (Core_Option_Option_Type.some_0 ( * _10)) (Borrow.inherit_id (Borrow.get_id _10) 1); [#"../red_black_tree.rs" 803 20 803 24] _10 <- { _10 with current = (let Core_Option_Option_Type.C_Some x0 = * _10 in Core_Option_Option_Type.C_Some ( ^ node)) ; }; assume { inv1 ( ^ node) }; - [#"../red_black_tree.rs" 804 16 804 34] _13 <- ([#"../red_black_tree.rs" 804 16 804 34] is_red0 ([#"../red_black_tree.rs" 804 16 804 25] RedBlackTree_Node_Type.node_left ( * node))); + [#"../red_black_tree.rs" 804 16 804 34] _13 <- ([#"../red_black_tree.rs" 804 16 804 34] is_red0 (RedBlackTree_Node_Type.node_left ( * node))); goto BB4 } BB4 { @@ -10077,7 +10136,9 @@ module RedBlackTree_Impl15_Delete goto BB7 } BB6 { - [#"../red_black_tree.rs" 805 16 805 32] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 805 29 805 32] RedBlackTree_Color_Type.C_Red) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 805 29 805 32] _15 <- ([#"../red_black_tree.rs" 805 29 805 32] RedBlackTree_Color_Type.C_Red); + [#"../red_black_tree.rs" 805 16 805 32] node <- { node with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * node in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 805 16 805 32] _15) x2 x3 x4) ; }; + _15 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv2 node }; assume { resolve1 node }; assert { [@expl:type invariant] inv3 _10 }; @@ -10091,7 +10152,7 @@ module RedBlackTree_Impl15_Delete assume { inv4 ( ^ _18) }; assert { [@expl:type invariant] inv5 key }; assume { resolve3 key }; - [#"../red_black_tree.rs" 810 16 810 36] r <- ([#"../red_black_tree.rs" 810 16 810 36] delete_rec0 _18 ([#"../red_black_tree.rs" 810 32 810 35] key)); + [#"../red_black_tree.rs" 810 16 810 36] r <- ([#"../red_black_tree.rs" 810 16 810 36] delete_rec0 _18 key); _18 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); goto BB9 } @@ -10106,7 +10167,7 @@ module RedBlackTree_Impl15_Delete goto BB17 } BB9 { - [#"../red_black_tree.rs" 811 11 811 24] _21 <- ([#"../red_black_tree.rs" 811 11 811 24] is_red0 ([#"../red_black_tree.rs" 811 11 811 15] * self)); + [#"../red_black_tree.rs" 811 11 811 24] _21 <- ([#"../red_black_tree.rs" 811 11 811 24] is_red0 ( * self)); goto BB10 } BB10 { @@ -10116,6 +10177,7 @@ module RedBlackTree_Impl15_Delete end } BB11 { + [#"../red_black_tree.rs" 812 48 812 53] _23 <- ([#"../red_black_tree.rs" 812 48 812 53] RedBlackTree_Color_Type.C_Black); [#"../red_black_tree.rs" 812 12 812 21] _26 <- Borrow.borrow_final (RedBlackTree_Tree_Type.tree_node ( * self)) (Borrow.inherit_id (Borrow.get_id self) 1); [#"../red_black_tree.rs" 812 12 812 21] self <- { self with current = (let RedBlackTree_Tree_Type.C_Tree x0 = * self in RedBlackTree_Tree_Type.C_Tree ( ^ _26)) ; }; assume { inv0 ( ^ _26) }; @@ -10129,7 +10191,8 @@ module RedBlackTree_Impl15_Delete goto BB13 } BB13 { - [#"../red_black_tree.rs" 812 12 812 53] _24 <- { _24 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _24 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 812 48 812 53] RedBlackTree_Color_Type.C_Black) x2 x3 x4) ; }; + [#"../red_black_tree.rs" 812 12 812 53] _24 <- { _24 with current = (let RedBlackTree_Node_Type.C_Node x0 x1 x2 x3 x4 = * _24 in RedBlackTree_Node_Type.C_Node x0 ([#"../red_black_tree.rs" 812 12 812 53] _23) x2 x3 x4) ; }; + _23 <- any RedBlackTree_Color_Type.t_color; assert { [@expl:type invariant] inv2 _24 }; assume { resolve1 _24 }; assert { [@expl:type invariant] inv6 self }; @@ -10145,7 +10208,7 @@ module RedBlackTree_Impl15_Delete } BB15 { [#"../red_black_tree.rs" 814 8 814 9] _0 <- ([#"../red_black_tree.rs" 814 8 814 9] r); - [#"../red_black_tree.rs" 814 8 814 9] r <- any Core_Option_Option_Type.t_option (k, v); + r <- any Core_Option_Option_Type.t_option (k, v); goto BB16 } BB16 { @@ -10597,7 +10660,7 @@ module RedBlackTree_Impl15_Get [#"../red_black_tree.rs" 829 26 829 35] _19 <- ([#"../red_black_tree.rs" 829 26 829 35] RedBlackTree_Node_Type.node_key node); assert { [@expl:type invariant] inv3 _19 }; assume { resolve3 _19 }; - [#"../red_black_tree.rs" 829 18 829 36] _16 <- ([#"../red_black_tree.rs" 829 18 829 36] cmp0 ([#"../red_black_tree.rs" 829 18 829 21] key) ([#"../red_black_tree.rs" 829 26 829 35] _19)); + [#"../red_black_tree.rs" 829 18 829 36] _16 <- ([#"../red_black_tree.rs" 829 18 829 36] cmp0 key _19); goto BB6 } BB6 { @@ -10619,7 +10682,7 @@ module RedBlackTree_Impl15_Get assume { resolve4 node }; assert { [@expl:type invariant] inv0 _27 }; assume { resolve1 _27 }; - [#"../red_black_tree.rs" 832 27 832 45] tree <- ([#"../red_black_tree.rs" 832 34 832 45] _27); + [#"../red_black_tree.rs" 832 27 832 45] tree <- ([#"../red_black_tree.rs" 832 27 832 45] _27); [#"../red_black_tree.rs" 832 27 832 45] _12 <- ([#"../red_black_tree.rs" 832 27 832 45] ()); goto BB13 } @@ -10637,7 +10700,7 @@ module RedBlackTree_Impl15_Get assume { resolve4 node }; assert { [@expl:type invariant] inv0 _22 }; assume { resolve1 _22 }; - [#"../red_black_tree.rs" 830 24 830 41] tree <- ([#"../red_black_tree.rs" 830 31 830 41] _22); + [#"../red_black_tree.rs" 830 24 830 41] tree <- ([#"../red_black_tree.rs" 830 24 830 41] _22); [#"../red_black_tree.rs" 830 24 830 41] _12 <- ([#"../red_black_tree.rs" 830 24 830 41] ()); goto BB13 } @@ -10649,7 +10712,7 @@ module RedBlackTree_Impl15_Get assume { resolve4 node }; assert { [@expl:type invariant] inv5 _25 }; assume { resolve5 _25 }; - [#"../red_black_tree.rs" 831 32 831 47] _0 <- ([#"../red_black_tree.rs" 831 32 831 47] Core_Option_Option_Type.C_Some ([#"../red_black_tree.rs" 831 37 831 46] _25)); + [#"../red_black_tree.rs" 831 32 831 47] _0 <- ([#"../red_black_tree.rs" 831 32 831 47] Core_Option_Option_Type.C_Some _25); goto BB15 } BB13 { @@ -11141,7 +11204,7 @@ module RedBlackTree_Impl15_GetMut assert { [@expl:type invariant] inv0 old_self }; assume { resolve1 old_self }; [#"../red_black_tree.rs" 848 23 848 27] tree <- ([#"../red_black_tree.rs" 848 23 848 27] self); - [#"../red_black_tree.rs" 848 23 848 27] self <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); + self <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); goto BB3 } BB3 { @@ -11175,7 +11238,7 @@ module RedBlackTree_Impl15_GetMut [#"../red_black_tree.rs" 863 26 863 35] _29 <- ([#"../red_black_tree.rs" 863 26 863 35] RedBlackTree_Node_Type.node_key ( * node)); assert { [@expl:type invariant] inv5 _29 }; assume { resolve2 _29 }; - [#"../red_black_tree.rs" 863 18 863 36] _26 <- ([#"../red_black_tree.rs" 863 18 863 36] cmp0 ([#"../red_black_tree.rs" 863 18 863 21] key) ([#"../red_black_tree.rs" 863 26 863 35] _29)); + [#"../red_black_tree.rs" 863 18 863 36] _26 <- ([#"../red_black_tree.rs" 863 18 863 36] cmp0 key _29); goto BB7 } BB7 { @@ -11201,7 +11264,7 @@ module RedBlackTree_Impl15_GetMut assert { [@expl:type invariant] inv7 tree }; assume { resolve3 tree }; [#"../red_black_tree.rs" 866 27 866 49] tree <- ([#"../red_black_tree.rs" 866 27 866 49] _36); - [#"../red_black_tree.rs" 866 27 866 49] _36 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); + _36 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); [#"../red_black_tree.rs" 866 27 866 49] _22 <- ([#"../red_black_tree.rs" 866 27 866 49] ()); assert { [@expl:type invariant] inv7 _37 }; assume { resolve3 _37 }; @@ -11229,7 +11292,7 @@ module RedBlackTree_Impl15_GetMut assert { [@expl:type invariant] inv7 tree }; assume { resolve3 tree }; [#"../red_black_tree.rs" 864 24 864 45] tree <- ([#"../red_black_tree.rs" 864 24 864 45] _31); - [#"../red_black_tree.rs" 864 24 864 45] _31 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); + _31 <- any borrowed (RedBlackTree_Tree_Type.t_tree k v); [#"../red_black_tree.rs" 864 24 864 45] _22 <- ([#"../red_black_tree.rs" 864 24 864 45] ()); assert { [@expl:type invariant] inv7 _32 }; assume { resolve3 _32 }; diff --git a/creusot/tests/should_succeed/red_black_tree/why3session.xml b/creusot/tests/should_succeed/red_black_tree/why3session.xml index 4cac005cfb..76ce5a3f71 100644 --- a/creusot/tests/should_succeed/red_black_tree/why3session.xml +++ b/creusot/tests/should_succeed/red_black_tree/why3session.xml @@ -119,31 +119,31 @@ - + - + - + - + - + - + - + - + - + @@ -197,31 +197,31 @@ - + - + - + - + - + - + - + - + - + @@ -1576,7 +1576,7 @@ - + @@ -1643,10 +1643,10 @@ - + - + @@ -1693,7 +1693,7 @@ - + @@ -1707,7 +1707,7 @@ - + @@ -1717,7 +1717,7 @@ - + @@ -1736,7 +1736,7 @@ - + @@ -1748,7 +1748,7 @@ - + @@ -1780,19 +1780,19 @@ - + - + - + - + - + @@ -2327,10 +2327,10 @@ - + - + @@ -2348,40 +2348,40 @@ - + - + - + - + - + - + - + - + - + - + @@ -2389,7 +2389,7 @@ - + @@ -2403,7 +2403,7 @@ - + @@ -2412,10 +2412,10 @@ - + - + @@ -2428,7 +2428,7 @@ - + @@ -2778,10 +2778,10 @@ - + - + @@ -2799,10 +2799,10 @@ - + - + @@ -2811,30 +2811,30 @@ - + - + - + - + - + - + - + - + @@ -2846,14 +2846,14 @@ - + - + @@ -2891,10 +2891,10 @@ - + - + @@ -2913,14 +2913,14 @@ - + - + @@ -2933,10 +2933,10 @@ - + - + @@ -3256,10 +3256,10 @@ - + - + @@ -3276,7 +3276,7 @@ - + @@ -3343,7 +3343,7 @@ - + @@ -3367,7 +3367,7 @@ - + @@ -3397,10 +3397,10 @@ - + - + @@ -3427,7 +3427,7 @@ - + @@ -3439,7 +3439,7 @@ - + @@ -3449,12 +3449,12 @@ - + - + @@ -3492,7 +3492,7 @@ - + @@ -3502,7 +3502,7 @@ - + @@ -3535,7 +3535,7 @@ - + @@ -3549,7 +3549,7 @@ - + @@ -3588,7 +3588,7 @@ - + @@ -3596,7 +3596,7 @@ - + @@ -3630,7 +3630,7 @@ - + @@ -3642,7 +3642,7 @@ - + @@ -3691,7 +3691,7 @@ - + @@ -3735,7 +3735,7 @@ - + @@ -3744,7 +3744,7 @@ - + @@ -3846,7 +3846,7 @@ - + @@ -3864,10 +3864,10 @@ - + - + @@ -3880,7 +3880,7 @@ - + @@ -3930,7 +3930,7 @@ - + @@ -3946,14 +3946,14 @@ - + - + @@ -4001,7 +4001,7 @@ - + @@ -4025,7 +4025,7 @@ - + @@ -4070,7 +4070,7 @@ - + @@ -4094,7 +4094,7 @@ - + @@ -4104,7 +4104,7 @@ - + @@ -4116,10 +4116,10 @@ - + - + @@ -4143,45 +4143,45 @@ - + - + - + - + - + - + - + - + - + - + - + @@ -4193,14 +4193,14 @@ - + - + @@ -4218,14 +4218,14 @@ - + - + @@ -4265,10 +4265,10 @@ - + - + @@ -4287,14 +4287,14 @@ - + - + diff --git a/creusot/tests/should_succeed/red_black_tree/why3shapes.gz b/creusot/tests/should_succeed/red_black_tree/why3shapes.gz index a8000c348a3b326dde55d09a9628c73c22cd0bad..406cbb9607e1cb48a8c38a07c5708a676cae06d4 100644 GIT binary patch delta 79047 zcmV)2K+M0W=>*~H1b-ik2mk;800030?7dx&9J#S5_};(5Z)dmfOEUS9nG5LR);6R? z1IEl^_n;oTQAg8bYe!bwEqO-g-!I9CAcJHuGpo8a(%3RQ>a1iWzZs10_}{Mo^zpB! zzdwBZ)2|OtAKyKG_&@&S{&fAnU!7hZ)p5AJ34c#F_y5nsPk;C?{Qf`RpWgmLe~-hP zH&@4-KmGjp^ryG)A3r?&$JM8QoZfx-Rr?Zr9FK|~)p4Z9;i%tSo&I|Ic>lN4-~ayZ z!(WEubaco0aC&w6%fqMB-yVN@cz=I-`!>9{N9SAoe;@z$5CCHJ^Xngbkp5-(dwcWA zfAoXz)J@rrGJn1y<%E`eiDGR9nAn(dQfmYq+6xbVK7FhJhNC_G^ziWa`}oqo7*o~y zP<3huotmUh4Sf6o1o||IeH!=_#PR?1aE$+3sEVUGu&IeF1Orvg0G4V1qoPX2@c_#> z>f350iyz5oq>(IqBmpFjWHjPP7Cw?g(a)pB#??{`QGd;OjJNU^)1N)ae?C1t98KD} zsnvTn5PuF%Z~yl9`}dE2OherIumADS)BAt;bKrks_4L>8b`I|c<>CMQ@bM#-Yy3Oj zaxnkigZ*Dm52sHLPh}1EXmSyLZ1JxtDlvYIpslh7f0&L7elg?UiDsp!VFJkF+v&KJ z)v54*ntucueKl;QV2fk7{}ER86EFJDr++@swG_Q?VX=B%%Tm{(V=W8Svb-s?nnXnUPdUNPEa5(+f$4~eE$LZBFb+ zs(-n4jH+kV=+wHAx~R%|GWBc+fF-_$F3wFC$C^|n`!9-4aekWlwH zCEU$AdY{I$2Y0LVcO7>t#NFySxLY0R(4C9B72?9EjW)-cSpK-Nu<(@EfT* zTH!olqn;&r|Nil}gpf5ugWCL~L7>_-K2tUEkdn zK%JTrlJNIY7fF;mE*|)VAmTx%liLF&e~h09n1X@M2wEWx>HMo2M^qzMfz;~Yh*-oA zmQKi`KAwSZl5j+P&#SNrSycT9tdfKy;(K1hl#oT;i5Zv&2}i^tUdxh@MfaR2eol0K zPEw{o2PKnUq66IP$75wRDur=aL45yzwF_LLC8swc!-f7(f( zm4gVC$1kMUPG}?_MI#=?cOU-066GR%;`PJ!4@Z*L^p!t*M1{<6Zr{BNW$#XJPVYZH z;GYQTU%S%>KPUIUp5FUo_^M=Mq3D-~|BgjadD)K$@bvC4fBh7$XkXb1*!zc{5$a8c z=M+bun1FB&|L3dY_!eX?{x1=le>eC($zR6P|2QshJ&EPtFK>s}Nep94!ZlG?>J6h? zZ;)pusZRa{mBj0xG1Hk)14@aO=g1K2Lztt)=P)*hb2)Kq`_qHJBYt}K>D}W8`O`S4Q1tZh@t^NMe^L8&MIiVH zF9U4+mVQ(p7Ml}*{{Hy!Q_&6l@Vfo}HXWLPufw|`UeLaRfD3fO1sYEL;pPVC z?9*?>O!(p6`we~w6Z!c5f7b_J4auxyGf2JZyGED+R$q#E( zNup~isw9&oK$l2lNkiFGG)X2(fGR0EGNPbXplzUt*E6Q+&Qhv5N~Yj>iYy5{2e~di zd(Ozxv*&1BmVAv9lYGrg^0hGG|G+N=zcm%!3L5F2d|iwLRAI6}PQ7Aul}mJ$Cr4_* zTK(+=L`y-Z`Cb@!e;q3}f$qYJCnVU0Scs>|Qe!6GV}7PToZd4E=yaVfHb7$xfnV1b z+?-$^-~V(E*O12->53ZC`>Rj?{r87IrDm=Y63P(1mh02KayOm`BmB}d4p7*QaP6Ny zpFXS8=kfGepFW#(sh0hXv-sK4U8zq0_4xGk_}jxz|M9n9f2baWx(i+4Ri1u+=Vu6N zdiN8*ej_M#+d}8VPY)G-ds6p4KE{{+Puc8U1cJ&#lLVTown#(3)5rUt9)3Rgt94+7 z3Yv!c4gJ8coJzB-;O7qr2c#9&;9rFAkwEzD;6>O${s)b2X=YXBl~8FZrqk#7^m*~q zH~9Y)&G#tHfA?Liwt#0-t!S>*74X&(oVqhZr_yB4d9oLnjHR9IIZgI*BG6Rzj8%_{ zka`{z$8=o9=41pd&5l z7^{Yv(NtNO$_b`&jwKeiAU*?>0a%zG+fI*3(_>+JENjak#)_@tlcD+0P(S^Ih5&Ag zZKX-j_!D|Ga|#RQL#HL3{pWvuczPF?6<0Sxyd9I<2pNCHR@fJ8!Zl5Jn&b((occHA zEjPoQ&h4B|X-?-;2K5!`fsg$&oS@H9gbDrgv-mkI?C24RujVs+`FUJ8#9geYf(hMR zppDeoC3O~F`af-F7wW99lRyL68OD*G7FuPPkMwhaNlGhiVjKLYpP#D^FYUj5_u<3C zQ@#i#)*XM>+$1)iUR<3%etdW$e(YYGgpZ+r_gaUydE1yYiDCM*-vBz?S03>IRDiMK zwyEIp+6xWjy<=$a7{o6OCqnx+&5IQa6LF9M9sT}z@|*}x;YT7k{1VXB+R`LcmIy5R zh<;`Oq&?;72e7rJiBx7y{J_}m3hJj|-tRICUf_R%1Qx_LdZ`;bP%#K?2!Kyz0*Sn5 z0dX`#QCjo@Sk(Y<1G+3mPF2G}H6wtIUCJvd+J*zrm+3(-uU}u?!2kGwmA@AAh@)(- z7;h@a0dt7h{}RCeoT~u`N|A%laS$ppBkh2Jt^|XWXtd%%$3Yr!0XgF^`P20J^`Y7V zsV{%H0dO?JK7!i)E;?-P*8nQ-)=(1m>VY4M@G>2V*a7i0#gh6IhHpd3?WfyxV*N;g zbC|=^AwAv7hd+Vq=Ji2-9e5W1M?h5mb>OOlrG;mQBhd;H2Zcn?aS2$;|6Az4eYJ~$ zS_8|yyot|4(m|=gzPa7N;o+EdCVkZmTjQG>y<0}u773o3$eVh zqXwmEpuC!jtCTM1>h>~RtjtRB=52;5Ud3fM)BP&k#MQn}m-gPPcwW1T+3l6C=H{|4 zuiB};s%Ji8XhFD&^S#aQSLr6sL_vRXX}{1_%=@wDCcf_8#CPA+O^nlDUBvnAL44c4 zhS{~tZ)5+T{Sw!3fzqCN4_{i>zuH9{mU)kD*^>UQ+mRPWfHdIz*HmNYKDMKrJox|_HvH^HWOg~^Vhd4OA?hm#DyucqnI-KZeo z^sc=L_;F3=f;tT*(3EAHZ`FTWwMvXL3f%5dvv75XA!P@AO@?+{sd1asF?oUrIttY8 zP;7F|UtZ%&sE3O=lz)iEk!7V(s$6PL?mfXys*|8qA+f8<5?)vE381LZGRxvxVUl7j z25B-hER4>rDyCY4pQJKrD`ff;c{LT6RA)7hQnj9AojFnpbr77XS>b<=)I{nD>|d5t z!%P3C)$b%pwVF>EGz#*2GBBpWh(cz)y}`$~_AS$Wjd_qRGI5{dFrz46pxIJa%sv#!}_Q~c5uA8qVRP&nc z;OFi6nGQP|z!@p{a#OM0hBM^`WZFiSewV`rP%HD?B`7(s=7&iZGAx=sk1bO^@i|y@ zJxw*hc-T=nOv|E+Ut>8*i{?MZIP%4alLWL`95(@4af&#g#(BvPqa>3kM^|s8X85ig z{=}YLJ^VsV!is-k#1sGFU{sQYO)+|e6RAQDN1na;!Lh-k=!EHk?xHbvEAp7Iq>!OZ zT!u1rWhfJql#IuT+#@IQZ<(@~L>=A4ek|%Xn?ugziZIUydH{}p3B7U1@Vm%`lf*4O zxJdffb|>LeVD{&5Q~Q4-_rCbn7Gm{hx>I~9aQgnuHGzN5v!orFwXb^~kF!0_o;N0m z!aT$Zhgujj53wo_uVSnIjVgEFJV0xnfnLbae~N+!Te%Sia!jx%MpSi7BG>W+kYY$+UB> z{ZSO!p|^j+iXbO5WOO+bXFrp7$y{53Mp;0FuiaK6D}SoYHC-XNm|JtqmfKH)i;~-) ziQAtew_nN(0;4YpF5-Ju#W+wEm5^ohto(Rt1sCw1*D%sUEj@`oXtLk}ig+zF%~|%K znY>|S@&?7^4MUVSaK?XJknvwY{J{ABp~v?tk~Dw7W--yR7^;tQg*6d|jZ%!pO>KnN zWG`x|Vw(gCG+-2O3}8VT4X7EC>qiN1fKqC+OzQ&+zwC93fof{@-(k{Te@Y@l$u!LcIQwI#3X#Msq48czIV! zFT<@pk*O`X5l&rKRHZ4kD6#gNz_3V!l}RB;I!p|al?)I#Y7@VJ2Z^jS)jbZQ6jWVC z?N)Vp(2lChC_&ZbUuH5bv@ersp`@Yv{I`Gf&94L`?(hKFZt$>IOq9_9;biEXyoT-Y zGj6ISZmQ*y{W!-@=kxYs2OFSe@3^lYis1viFhP{E%GqKYQF5nP#Ty+q13;qO5x{U$=91Tc?x0QDGJEfZ_UODm z?7FT@tlR9YyFd>ix{3evJi4KCUD&hlCS_@JTD~e05IiSK@%F?}Mm2h3zQl5*W6s{{f?7psS*LuT&c7|RBI+^8f)y3i#A<(Imm4AKoaDe1umOTmmD#;Z?Fh`}tf- z`KVnhl1TSRBE6p^(p{2B zOC*t|A3MZ{8#etZf=Per*Y(4fmFkJRhwGi9G^^e|*}edcylc&x=DIUoDb{#ls=wpC zeuu&|bmRv>QBiwcK+so>(gGCSUfb@JOgautIL{ zyZOwqVET4m^6Y;j&Jd0=L)Z@~P%wnt^lhD%H#N22(DKY`CmxlBJ=cD#ru4$CoL0@k ze}HpKZD-T+IRq&A2NjgOS!m~{hq>Z&EHjm{jU7(I#WaRE4Mb^))2SW_u96%cxiel#ia4dWOp1aJlLL5#JwTBgl z9#dg_uCIz3*|iWg!i-~pg{9#?;izOGIUg25ikPgJfTwB#p7;bj)f4bkOu$n)0Z(iK zo;D|-foLWm4uai}^%1JC%SJF-la*!YQnf)=qN0CY6nd3pC3@1z&F;+@)6 zObJ_Bwo0zIbdMeucZn!rsCP*zxQUkIvP|dMe2>Ue{EIIBcb;MwPf>E&B}cJJklRgy z+>`{lWzV&g&)DKuCFV0+21u-?DC8^X>Y&7Nwxqgy?Kpq7<-+@0ho6KoZvF2T^MG9i^OsQh?>y zZ`*Sytc4EAiU{g)Q63WCfnWqL)W-mm*qcYNWpMG~)#)*d_T%^-NB%o9Ko-13AGy2T zBlor|OLUjzF9y$U`9sCa9k1*m_d0Gm_Lxa6#;%j2+_PmZlM2e$CZv6bq; za=n5Dydvtj%Nanx9s~o&k*%%%$OnhcjdX09Qv+X}X+%n2 zhg>to5mW4lsoEH=2l4Yub!Np#p{tX}7#n|oRePCrNp7up>B{B{#Y@+zMi32eS-B?B z@Fs3eqTx=Ahf0C4qCLF*g1XA0Lix*3=f3aS)=~ZW-PG&5sn-ruuTm2GFKPm{=DjB% zBrzzffRK9eVOoSF^HYLGGk7v4i-lEQa#I{*N^y)~;uuq(Zc~V3Om(~sKl>!+-4uVv zY{`Q&pePS6ZFUrUt|{S`T~J$d!|GV6o*c=FU)7GcivK{jv9A6t6U(xLnZzz6&$09{ zG&VaUxoXnhS+S&Ow)+-kpYGpHM~Za+iojul&yboCvxNzUBpV=ig$t;d4eS9`D!(5v{tLQO5HDcXM_W}>DbY|%ZYnG|dmMYCDKX0g7GB%4KBo7Gz~tG8%Y zFZx1Dt?e}l5+$r6nYG&_Xj@Jv*>8m*94&;w+Q(wWU;dMn-u1sc@%`cLL*pKF|JR47 zhvAgXXv3F3oYlgbUF{dBm!|BCR=jE~+yVIlQ>nOp^SLYkGP~#p|H*&RE=Lz|7;yR? z4cbLq;5*XCx!4K&Laf?i=Z?pngSl!opPTOB z-xymVh~QVkR_tObc;}f(nXQA`wsW&-v1Ut)wNCY=UuxsF+Bl{{VegJ8C&#Sla?06B z4yoKTwPLyUNaC}c{YpD>GHAtIC_5EH;B&!QZN2`!mcP{&;H>|UtKC_ z?`aCo7wq>H346clDg#zroLa)XhkY8tyqAHaCCp_3e@mFJun(0UO15+BH~^J2nqwr- z4n>at;7!ltiF?3tn)JeI8J$DGKT2cxicQwaloy+cz2yF-6|VD5&#bk_HN9Z9FUmeM zUD_{!V>)BsJ^L(r=EHdc4*0LkEluLmKDX9cUfPSQJ(p7&PYtJJr7e+*jj$WUs`aVn zlvamwRcH@yPm>QF9|7}|FC9XElBm?8sC3QRI7iFd5FhPAtox)|yQ_MEPF*6=y0q2} zdDeN=e$&#d4IKTV_x{;J=V#XXEaK@a2%LBK>k?M2WhXCV3;WC~|B6uK4}LO!JO1|D zZ<&&pOeA?x=dhf8jE43Y>GfkY?mb2-A0sySp50$eN_plqMzgdtmsxCoXJe7Yb~fb` zJ4UqG*4`<)#4r-=2xI6)sCy+I=8h;c$I1}=$nC(7T{G~bWLuv4R0jT>D7fd;2L7ze z_D9!G1D#Gq;Lq)lp)_#%up9VuUkq=!dg{QRMBh;K&|p)?V}YKMl^%oyeU(ChMl&7^ z$X)Rv;7?KN9Hs(BJjBljal|=u?~oJsDwel5=Vj74FO#X$ zHm6iWAp?^=f}KeITbYZ@(OM}Pby&>QY>%aV&U9qiiJH93EISi^tpkMn@+h{Zf3-Y8Vwg47Cx`cpUXfPQMh3cr7%|V`W0}tdz|z zrEE52++!)p5~fzVAT6^?X_<$9TIMPU7%(-`wYKBlSu>jt_C-Xk1inzYOufj02IbbX zCHI4(D<`LxCgxUul|j+FX6qSFMAs2O^0C3b{i^%D!~qoI3stx~DKRLza`{s(4^X9> zl@fxYt3r>f1t-=DqI6=_%!yUkPOQ3cV%3!stL9Fu8eCIFCE^{;wyBfD5JV zNDp+_QC`(NKN;5dKh7L zf^=r=EA>D-ergkA^MvM=HZOxl#PoS1Wp=I!Ke&sQ^WAI+3IM>s7@l6?H$3k%_aVPN zm6@0cI;xiL(Ek3Kzr0S#e+p73(u6?TRFwu&BS2%4A1)ihDuWa(W?K#fN-byu^T2KD zu=IHg`Mpb6W68HAIw90BD$2Y5tt@GT^?+xobr*)ob z<>q3Yr)r(&YMp1c&dY%T(K^>g3g`nrhTJ7THkIN!Pbp8FqZzjGUrfy8T9LU;nX(;Z z%63dfZu>dwZ13V3E$sxjW&)%jTeoWs+))Euf^G|c3A)`Bn#1V2@^mZuaAt|MJ;@S^ zP*TapZ7B|~8>)rf^_4u<{^7kWLrKJ4m?x=qkB~T!J+@m65aVUAhan}a2)hWghhg|h zm(==eL`|Xp@AyBdQvbhp&xuAN6$JJ3iTX*-BR#JwRa+HwgMg~Oxo^``$vC8fQ2f&C zIKiZUOK;yTviFwJ(k-LwTSgQ1(ZVg0ad{^ICvza$gBbTBPAehKT6co7g5K1H|&9yBP$wL@ZSh*igvh;?NdK`SUd0d}cKQn5O$p%eas% zV;D-`5#<-YT8WRg=0M*B`E4?hw4S5fV6HKL>MU(OvsEYmZOhfxgJ|_xbg>A_(KY(a zkcP0Sr3aJ9T|MHm8Co{mEE^|34K15t$+*UTGOiJ`Z1r4J(`o)eig1-j!%w|*{d)j; z4~=Q}bb5&cD8p=wMVO6Ij9ESAPm3KgmU~Vz(HlAE)TE@kZXim&(=xu()_kWe_)c4Y z@ts^-357R7*C_9`9OZ8AM@qRa0Eykq4>jNE7-Q(9@N~tk8Z$w5!_#F*VmI?c<~z0Zb@Y|=5hcfr3D$r5*N3NfF&+zhWD#2I zTlJRlsW!14%5#>=GpWk>|E&Mdl{ZCyhDSDLBCOyfHYT$!+SU~_oM8!P*v!gkORS8x zc*knXSs8808#$G7XuOdfv8?&!HNJ#;VETz=b%|wVl>#fH4X~`Kb3pLRD9`*Sf+4jd?x?c+ypAeRpz*XpqhGcqeP|zyKsx0L`#F9)tPtWyqdWc!nG| zEX-@8_r}Crm7^$a%+=L8MiW44w3zJB1CNoOXnJMC5{{--?KwIrWVQ7z}VC32S;-iGZ<_z?ovm!2iAo*OcA{s7G=yY~pciLu0~t z+%v}GuCcI0{=rKYshg-j+fskLPBD0Q37l!z!)ZmxaNZ#*XP$08g>iJR{305W1b zhX2t!m={|FHr?b3OyCNCa1nHuB~SHdHfk$##0oLt_M2rP4F^D286-3*u9EHfdc_Y>0{Js}!!2&Qqq*`3BmdWo` zu@)$RS|+N+$+b*><~V7o7AyecMuW9X`pui(bb{skOU&6}ZCScOIJ?n`dmTG}8Gf&h zoxQTZQ^(HVEEji-e->>3^M~Ziv2tZIl4;%JXp87+lqYcr37XO_+RImoNBP+&I8g0{8YzssxpgS;KY`a{8w?TLV0 za^C3*e#YXl$AUNnODk!gbL^#wvP*Om6#4}P&^*ncl{UaVP;&!cIM1bAws2Sz>^q7W z=!Qf0jP~D{fl(3zQ)L)(iWnI6Riqsl zA0P-; z%}dc2|2T($Ia(F9H{#77iiAd>Kx_tzh$x`@%EsIITsP)>la?nY1k*9Gw3EOm6o1Ic zk#NPdypeqM3#Ka}&$NympI`L&)Z_#%&R+HX6#HT*N_dh?g*R|LmL1{0=Hm7YrOaV{x-AQ5 zUO0EX*(b4oF3QP-rEnxbvm|MVG0@)}E^53}5-PZj+(>9MXoZt|xf_WH9|cC_xB!)< z<3svL4amQwCu;pwldvcte~q;-Q|3SXkK^J1#vK<6FdjOR{CCHhtlB9m_}?CX^@sT3 zCnUtSV?OM5mCYWozOMQ-I(mf^q{E$r=#_6=>e+l40WKRI%xWT1N zb^)8vR=g7hH@SKsST_t;f;)9Q$|m{3M0Ypc?mPMh+l#SUSpwFJoC zVN;=E7tE$Bh_8~2mW38uPe#iC$yPc)jJ0i%oR7OVH$r}?3gUN7_npsS9QJfmu-uNo+T4=fBA@Ft6`5k#d4c+64dPSi!})+XTMmx-!HcC8>$>oKr}TZWAcFv zrUoY6x*wNHyfvIko6cn6%;jt8CCS&Ip00o`SNab8Vi)v(URZ0%{}}*CR5^2Fa`@%{ z^o_~K8Qf;)Tti_&9)Bhor(N;$t1i@j4DQAettWdb9nn@if7_;1Aw|>fg@@0OlF4v! zd}aIT3WVD0*~aGvQ=spjsQ?4r?we@NT!CbB=Aoa7FP-0gdwb{Jx6!erda5&(f08>@l7E1;wu`XV@ba-XgCBzl z?TfFqq>@Yq*ZI`F+**T9ayVBfX$zg?+TC8N%$UuetCKY~D7A5`ZBVLHd#Wcl+2U7a zQs_qh16*cY&#f#YN`mZ6JBJ*TuPi+%F+FxUz?uzgr@)p|;Mj9bmrx=8s)!OQ1zDJ2 zg)v7K60>)T4#cjXcxe>t&!+3VYHOAFfe@teH9S84f@WnmUC zjrg(Uhy;V0t_X9bdUAIx#g!FD#GNASv?6vaIU;nQ=s86&Nb-fq5291Vw?V<2eertC zA)0<;0U#Mtn!4whev7EgMN534Uye-lEtxy}<~vr!NF?k;t@9dc?GrRzyQh84PUD(Q ze^K9p>gBC&q(lWBtD9&d+`0Qgk!V~L3OdF`U5jJU>Lyrot(bm^RyU!bV|CLv7u#)e zLeivd1D7-GSei;#%~)QB(2VT#?Dkdw2rs z80Yl}dW(;LJ-vVb_#1A0|I(w04by3?}Iw=8Y0}Ldelj<%$Sjr>PFvB2tc! zktGSK_qkTM&qLYBYDh?@&hQY^EsT`JL8T-Pi+@{Ffz`JYC7bNu!6{y$Jdqf`-0INPEHPTX%Xf0-@hW)U=~ z&t&GHD$bVJSYO*}DhHLiL@4Ytz6$r$>7#!GwgLd@D~Rvg9(sVcLS+yZSE;&xfGwdi z6h$b7<4*<`p%lI^EZN{S2s_lwtq~NNDa2_HAKJ8$3-TaT#DB*x0UnME88VdAA9V<4 zhpb7WJ>O>wW+gDml9LL>lKXo(1x`WS_xz;IV!nw3p)2c#l{KjUzc-6ISLu}n6EEEs;8|LyU8c7>H> zGe8Z+ow>GYt}Wlv(eU8stABp*oqYS((|^5x_|xAXJ-w3$S&k9nf57p$Zo%yiBT+); zZptZOh5~8{Z!pp$jSUYqRN>+lj;om7FYrM+d?|EfX|I}0qiTCqtVZ>-Knz7}^JJrn zV|GR8@l=|YdAz!5n86Vv5&WZJEvY0Xw6gW-P2@!)UQI)?!(pqBeV8+ucN>QvGY1BT zKQ2&Cowqj+Ats4ke@T$r6~UkgSm#>SkxAg0jEZcG7B+h&l*|Y$h-=gNg+|84e0E_q zDyou_Y21-vSv?K~)k~{wyQ^(qVzrwO*H+tBt8Fh|ZCkH)mCT{P+Lo=hU0ZE`@X}Iu zQJb{dH{TE4H*n}cL&CHxHCcgl$Io=Bi-#vfcT?iwi6vpxf9%*>wXElCr5pe1hbM?R zrlXmIg7S>R1FL3H<#ipjT@5{wiIzaZMCG1z-h!M(K5wBUo;TM$Zz+C>{dYZYc-Vqv z=I?plf^~p=-a<({Z@PQlNFWI21pi*=4G&u|3H_qy?QkZScPO|;QkkpyAhVfCiJW@3 zgO!b8Ph~9Nf9GV9u|Oz^SYYmAfn+-|{VQXE6(pdeoIMDtMY>ejP-+tosC|eaSl-Bp zAe2Nz&?T2FkxTYpnrhv$t*G(9o`qXS1?qRj1*$*>Y6TnA9M(PtE6XPulY}Kp3PcaW zRNicv3T_*sr}v~b1cQlA@3NJ~M)w%t4v=nufgL^ke|gX7F0DN74h5qSd@ffRW-Lmw zZ~TIOrD9gm`aJAN_6~K*dFr8omrGP%wY4)|!fH2G4JD-3wh^MxR)1ttOS|WA#WDn) z^+29FR`S&R+oD)5kQzVZ9d`5SP!%7Tko8c?Uk_O_dng+@XSIkg#&GL_I`Lms= zEBq0!8RSs7AEuHEq{USw7?+MqrVr-|w+~q`ekdg72QExMWFh;ZkiM6@KX3lD1X(3U zBR)%~R*krOEx z3ND7_@r(Y7yU!jt_l3Q+=j4Ti&djER<#~>k6hU5m$LP?33uV9_(s@hbfuN@FBht%j ze%2uMIvDG`hLaWqc+FAsaCp)}F&#BtTd|_(T{g#ue8`y7$u+?YMJPRVR11zQ?M@4^ ze>-t?RP3mF%{~m9=M^L&zzhP>JjD&=fr1E$^>GTWQE`t1OFwv`l%eozg2MzqLb?@r zvKc6CT+IAF`3IWecW9CWlP#a3ut4o0dR?8OXsok@r1H30dhRO6VZHQRgdl`!UjJAu z*F?)Tv2kE9^(j8212~a0P{E55#+U*?J@GZ)~4h9<6e zj*!^MQK%rCi(l#`sH;h)pLI2pXm!gEe=%6| zTylil0A_nFEpPi2h9e5YF$9O%!>0IyXRJBHn&87lH&~1sX6A;z z$c-wxIt-W?G}J}(jt_Dq>8yrt_)n`ialryf#5z<#T+EEPfPoDi;$jxarA%BPWikV0 z1H{E75EsTI;$q6gMXv3)o2}a_e-Iapf+v`vNHl_(N&UYfabamJE_T!v#D$9=rf3w- z0CACm@lYi(;&?nH>6Hdh9dgdbC-TpFod_19EZmR@5rMKWK-*4ao%-&>$A_m+_fHRR z3nRzjm~1kGk*fcB3p<+rR#u!k8nq@9Rd>|*cPtD*$0M`iENigbb`?LifB4rFm6#*h zlhr1!Ga98jv`KZx3IDpr4t2RLznzXtW#<|Gf8vIzPBdN}PqJNVEJ|ja{@alrRBa5Z zkII|`tJL_OS7GQuSN*U@FSj20g=~Yu@b~+^UYCTjY zqemSqN{Wm7+0e*=`G@GQ*aP?PnZ>G0rmG%gq<(<;Yh6Py zJq@k_)L@k+AOcMBHS}YCLro;3UbI~W)7Ag__=(*m{#9zVG9;&i4FOrI`!?C5GLr>)Z|HH_K*zGsV~Id#uc1jdBppiW|5nY7d9O%fFVBoj=7;ieR&-vzRpd>wA7|ED52m7;u>;hHBm<^1v*UqU@R zLX)RAlb^>Q%)hO2)6mMvSl; zV{W8~-KIt!yKN*R+z$`Go&NKme}DflFq_|C+H!hVGqQ2v3Zy|~{>K`fD48$C*+BMG zs4h_QZDlomZ}PgBL($Jb@PE2Z1BvdkQR0$^`Q|ngp=czfe@)X^xEqmvwI{S~x~K0BOq`Yy^DclVg0)A0shn&EW?S@}+GZ$!>Imm@(Yd z9fahfP)P>J&iw8g-a+tEo||C|G~bUII(gq0KjFJ{ta90##A@6UX&oLT`7TO>>_Ft` z1a$KoPL59Tf71|(A~-HZfJGv#r$ksUm7L8?(dEe`SIReyGn{ddw5ee$so+N-rps+d zL|bx4b^=#fT6TdJMC2-sE4WINgxcqFm63vHT&1rmbCtj!N?av!j+RbQ5R~FE2u1BB z+O6xFjMkvqTaf9N&UvH)3Wqr?-&j)mc|2L$44jQ;rmiP_dL*@G=vV zgi?bxJW-C>M<`;mMA0IRNR;6<{RFx$YlbxtZ@OWbJP=WX`b40KY#w>lWP1c(k@sEL zr1>%S2MKQ$42yRy*&cW7%Df^b&eco2|31>j~O@4gd67u zH}X1D^e@H$Rlp<`QYoKcAJMNw-e#`8Mbv3RR>5M+6`_wSVaVv#g&}K#kJ0r7e;;6p z>ryi|tz&ozw^Vdw{doV=!_TLGz9-vV{2KjSgO#nJANZBy-oEfN-Kg9m4SxTCb+8*O z#G^Az*b%q3f|qgM!izoA9>4#sxN&N4;Cnr+9KxzTa=6tPU=M0G{Rrr}6`S|kI(U}$ zwCO{H;ZfxClxUL_Rue`(?`Ib&e_D&oQgko=q3AD{I+6b|NXxWg_Jr|QeX+-vp|Wuc z&xNYl^o}&W5S5SL?=cm`Lfe(!`i+6K?%n!;)b)bNS30Q#^ui`bBox4D8c;9xq|HoF z+nm#$JZI}EJ~_oslJgtnuhLekuX(9k$oaFq#4O8TFZGfURP7bZrsQ?&f4dIrj_dFb z(vcUI>qS#N#Z~ST30;$HRhwkjRLRwgkUp~EJfpDM*k=Nrww3|mUxs46+OvWA@hnf; z%2iXGv^qb5c+%`pW9@8VfmnM5_ow#6>`@{D3+#&Sd)#YLjRg@<%P_zQE(96|=$S+gtxghZ*6Z;UU_%&z;osE|FuVKG|2Gp5Ne>o21n<$Rk!1J?lySFIX zhv?FG!6^R@e_V$j*9nFKrWwJxRfsdjO#;@#U}ea=SbK+wnxVLBIAc_iD+up*z+W`` zV?b+%66fhd#)taA@FY-7O*ndvT@|8Np>RT>9z*ps z0mi>BUUN}YAgqcb8A9ki-6__7b-cznu&<5{ETID{-~-zr1V;#=wae-v1h<6{+&V&V z7a#<8e-T1(0zz=-BLw$C2*G`02*I6!5Ztp6g5xK$$FRu=!SxV=+m8_THQy__rem^( z5F`RdVzgxXrO#+F@}(!}@qGg2{TbS|L!q!E*IbR6rcA^m@!cac9u5eEMMS_^QSkKY z^jM_beFbSo?XHHJYJKlVtFc4p!x5{r-KEsV9MpM_8)8 z>hqJLXi3omf5cb7WoTSMLjqc(xy~^iNL$~pMJ!fx%J75%jP5E=j4md5-aW}PDG$Ol ze-Ptp#avWIfy<*X$(6jGCfOw&L6Fze9c34A%SpY}yL+3mUFP_dON>t`ZwZTz2KAPx zBbnZ1a8YSgFYPEVEfbZmEiGpZ^DIo`-dV_byn;P9-NBH^O9GD>uG(3c>VSZE89dca z$Bt51@mWyvEcBJ?#Vqi6+;vPcqqE{zf6|)d^7Q~=;Z$rv^fWWn#$k8wk}`U$dkk;~ zNH_?`5pv}`*h;IXAz0y zV1Fzr1{*|*dW2xdru_tHSKI=>5?aEyOb$V>Q&1Ut@h+JHraYX%dK9TsBu^64t4O4SuTykW_CDBQ){#4tm*wa%gRaXlOK0Nc zXJ(X1y!;#+aV+E*maSWYo)Ks*06#9&2UWpUj_gmdM@x}nHPuuIJD98k3H_fv1@2ZU z@brbPbmF!$B85yT{!+cdy@LcI%2ukc^%dq%emW%ZYGWw2G3t>hHWby1>U8m0Yeghq z3Qe3NjCnqji$NuSQfc-&h(Dju3*bpnqV3E;JyKrobNEU*#B>NPCy~L^adHhA{OD=v zI->bqhEH@b8CXpYWITy#U#jX>$aeoVnNA@FKo4n;0(gW(9c@V7#ZU$#3owMCj7)s! z1ak|_+_~9QLze0@553sV#+et}**x+)Mzq=1-YL4|ykn|=@bDMw77shbB;0Y4<2TQf1OF?eUx%ccX4_|iurdVl*tS1k>#ol zO0=^GWtAyql}P20Nae9dDvw=Kxw-#1t&F5{qLejVewtCrc=u^o8cru~lgT?{6`tn@ z5%)(O8TpL;0SOQuAu`_g{qYCbA5w(MA{MA$mwQZq#M$#fm4uzhZ zS?qb=K=JDLQ0kISm*eq5qpOleS0VakepIi()QkI7O%%86k>YbEu%yu~O2)0jUa548 zMcl1UTbbtWZk4v5tWI0m+~4>jF4ZE|YWe+ti@2tiUtL7ITfeq;%6ochX%S`p+L~HB zJcbC=*-Yn`8d+BerU6hb3Yw%knvsW_0o-lU{w1M@ac>|3QB_Z=*q_Co$nC7Co!fR) z*^pVz7|%kdP^GgIUX=>ylH1$pdY|Dds?_IHsi~q+C8@PtP-}mEyT0#MzTd5Uzgzi# zer4~4E~a`mqH56gWmx;vweVW6apf}XlK<;9t}p;yVqm?-RiZ!D=+3Bd#rBNVc*ecG z<_(@}oYfhZ(yWei^0l7H*LohRd#+yW)qBp+?G|<NHKs z9yjS(cNN_Bt18sEBvvf+KNv5V>wiXB|1)+;J@~3ssf_47TI+v8o6UqJ@Q#0fXpiF$ zkpN`<&$!p~6Ne{+Q7*z9k37ur*bQ?$-rhhSI0wN7bada&>f?pf#|u**J4=4uwyPTr zhwNPSad1FCSA8tCv!yXy~VF?Y=#^|3PrwHiKT zAqz}5WPy=F7MS!6ge-ti1GWx-SU^b&ZA_D7=hqYn+wb#-Pod7wG3`wXd_Azh*NO$c z<^hUzj!$fIc;YIwvx|YQQ)q0;LNlemu7qD=yz3Mgd%`R>({V0>P0u{^bsNumIF)g+ zrx?K+9)>b%b@<>U#>Ec7tdGjlcZMD`J(T%;Vnpl+-$u$7;$5eR;Z$2fH4#D%niLbe z%t13z4w@eisq3<9k-cI8YT;>Yvds`gjuJVaNBphLIlXoIayIj^-ps z!;VF~7MhdYMk9Y?m}?uOVHa1!Q5%S6eK@t*a||TVA<3x*V~%h>CNW+f8oeORYz`|q4vln3)q8tZ?D95a=yB|kBWzn?g2C`Nc znQY0UZnVOIiV!>l8HMM}8OWqW+=Yn}d`6Y!s|=%O8w#oo->?j1V`U{YR#rkI3zcq{ z0|S4;Q0edz>Va^h7~MW3(fqNg^d01pD8g{xk2=NR4o~C(HtN0=iZATu92>_b=hz5Y zCPtkb;YOG6^BtL*>2&49{*k=HmYHjFO8Atr>-FI#v+I_uy)6cvzF~!Kz(O}LUVa*I z?!v>X5Mxicubd5%=8*eo4&nMRs9enb>P&x~%9g^&K?c-Vw_~yLi;Sp8r_jb16TAHiOWLNwcWM+AaK^brniwobwcoH*@7kWaeujc`?MvJfrQ=NWh6gqhPt z9kdOHS9Q@=LNv>w7+@rNNr+}~4_kz4lDowjuJS)eu%N)jP>gnvFhGpYAo4gvYk>Ee zGY??~PQP%!aQ~|U50m)gO69+d3^RYXT~o+gRM`!Cc@L!?C(B4k;2qENs{b0J%eirG zvS*mT3@!MqLGno)os?D5Q2vT$k|Q0llldr!eAx$!_zxHPk05bgQpUl8rxLi23rwH_ z4V84B6OXtcnm`5cGfbceoNCVz7jlS!NF3F?`X~`Ta0BlmPWBQnP9k1hO}u|NB3_(8 zywp^Q$&B#ld6g8-yLiQ}Y-KlPtFnnJOF9%e7;Qfm7{CA4xV|w3}-G;89w7B`v+Gm!2pWtJf)r&_h_Zh!L%ARTPQaWg0M5h>XT$(F#AxpffV07u=ac02;AQc6 zP15n2>f<%h@tSsER?U&?DrVJySxbQ=$E*@24Zal5M5J?z8W4Fi8c81t9`lfxPnevV ztq1llWT_e>JEoHk4#p2ds)do^)q$oc8KH^JRfU^WO1D<6r?bL(I&y!XBEHcQH))&Y zMKjf+8Co>+%`KYb zTGy48k*8gmPMcSh&Kb$k6_zhVR&FLY?)TD_FO1*X(D`#u)+^Z+C^dtx{ z{Yi{cy=n?gZwkfMF+t?!1cr~drY{b<`3m4EV;XmykLgTY)pVr1n4A*jU}INKIgy-l z66BPYeQ4ls+2`5e=4MmJ<7vxPOr(B|(a%tq0F`a*lTaIo{a>|*@Dd&(r zB*KKG_gPNqK&L;kr^Iv~^+ceY zl5T`3fDB^DLQWaw$Vm_z=Vz4UloQD*-FO3sH&^jGiBq|p(hVRz?aC>0rXCQ0#Z?F! zXs+dyGfMiioKk-Z+kDMl%W_IrivC)YA{HI)l3d}_@0crm0;7j0ZNyun>nWXhpG@wK zVswWSs)~dy01!L!vyOe;CU~Ti8}O*0C#hAH{n=4THnxuONsl~^Cjw1XC#`>cs+{nt z57+Pv+O+H9tFg@TIx057l+`s^13+zfyYsBB@a|m-K(K#fX;^-~(VcBeF}f;oYwZbN z+iPg1`&fm}yQZ6IpOT@-J=irL8k8Ru$8F zCa*GE{xm{jL@Oq9l`y@aP!A9Gd!ph$BaDp?uP&MH`8m z*XBf^32EpY5+nYg78NSdq&$j9Wi4BI6r(!4%A<&cnM1`mX}6JnX9RN!^95_4@+hL} zI?3gLM6{OwM#F@dN70fFCV^2N#Z(gVDAo}-`JGaX9pZ`UbMDuWMbVAj`dQjLOKItPZ83x#6L<@vShmNG_B{e@89Kd|2T4y|nI^%#XiD);JgBlWL2EUIb`~#rTq2x7o z&+wI^T$ry??n_{8AVkJpww)z5BUH**8(=+5UO|nmIE}20DOsB`HD;khW63coe$f#^ zNcOe1#}r6%MQeKie-<;MhTVAL*O?0F^^boyQtF%ILaLc1FYChXW@h5%@FB#<7tM=GyUF(xk9?+L&4N+pe0fRvVglM8vNbv>;)Kq`s z(499%Ki&Xc7+)pefOHY|(j`KUTj9cwC1ScnTbt94zDS!9l|-^rsu%gSM+o41)N4H>tTh;6O`6hqwYN(#Jx;0Y!v!w5=doYxq(D2atOa z^|Gr0yY``)3k;q0)Higl&{7rNXq4PyKRTJAnk>JUf!4;rzqJ!Sb&>djXC4j}(;oUWZ4(npEt4+oz1xhhxQcQpT5rgtm zSVN?i3~8nnQ;NY$mP=|%L>Vc?RHYOvei!MbN??+KsiYL^*|{mZ$Ivaxz2L-bT;EE# zzejd|kKga_FMfY_(jD9L(;eGqraP`9+wH!;&q;S|Um)G_SG~W#m2}6|{oQyf`AO*W z5-HZGWR^fTeB%!RC?kjD?D&5h>8bKJ(i8VL3dNGY5qy^Yjr1g(?Q8y?8%EcrrX8y( zJ)MGgn z+13L18OCM=o@y7et)&?mupM>4J1<^}lMr|B+ z_by9~H@e3FcYyST)7w4lrfB2eURpU3h>Mh>%|jvj=tkJ9RW?=NzI>GLwx?lNCY(@b zFOyGb;3YHp6m9L#QPh9$#%hitskP1AOHx~#xtA`R!!kI>`&M-iE1oB7lw3cCD5Hk!|dM*qP$nHEog4w}ph5-^ET*LFbWD$WT ziF*tw0945t1}OUyWEdD(6C*L4XPShZYU`7mP9DB?WdoDqS2lk-Fno(EtJun_a%JvbExek(2P*=ZK^%i4bfd zk|NV|5J}l*i=-S)gcC$kt`SL1B$Ar=?wbmc)SN_8vmlbPl1K_(J|drr*nIWf=AiAj&&b7F4i#B8ei zA~`Wj_U?-DhKUKh;;dof7&F1No=L4LuQRFT;wF=tjN(EXoF*wx6R;j2S~_?|Fu#H} z&q;C?z|Vh3az@}CyJzrUSR3wBpo07KUQbD;6n#h>`M( z==gslM#nc0IKPZHuOX2A;nc>e*AVdjMBd(D<~jQZF*rVf$Kd#eBH=rF@S8*%>W3DC z<4@rJO%0mTup0o919%9O|Av}aQWG;ZF}1Prr*3R~1$RC)tLxbK7(Abv)zqvRv9aK$ zUWdk4K+#(%xS^+NENbuP!XcX3oQ~NnEEs8@i&Sa0?{Sn}@*y(O1cDf@|>F^{* zKzF4@q7q|Q@b?#3Br3-&5*=B=%^icp0DXo*B7sxojw%;@`ysWWNjNufHELUm4ougKAn zST%}bF;Zv>2#>K6fn4vTrb4>Bu5;Xg_qDOQ+5fozFlH>0JPQE;Jk6B10 zY?Aa?FsblxDa5$B2{Dj(6)-iL4i|+O$EZ!c&^-oC{lIb9VytUpq60HO>J)zuiVGja z1Q6`CEPR+-etteqF=~AylOB9QD||q3Vo?+#v1wQlNrwRB9ofSiLrW1|JQ0~RjgshL zuB)}o+W;Y$=wa@P9&iU6gnAX0qGSgRg{3zx?ip8jfJgV|Dg5K#m*iAPLkZ;eJZ?qd zPCE0|DBQY?!u^62L74L@rg?uEX#1D(jF{%TiOPa_lQp?tJi_h;v_w&E5|q1R z(KafA6&fZ9i5h`#aB+i;=j|{?vxp(cYr?`wgoUdK3rB>7 z69|i%h7h9Kc4!Cx4lac^K3pLPqtw34@vo38juHM#h;WZL<@_*tK>$ zcI`73ZH7g|b^8j7rlm#G)uPo=O}?Q;gK_G!W7pQwmt>Ay#;#Sflyu^mm!pNtaY6&` zbCXUqZcr;1O7ewrbhCfV=n5r4$3Q*8h0XHrgqSVzh*D(_YNh6c>FP-k5)=Wueh2M-N<|!{IH# zSC!bPR4LxhpqVMOH}!O&-X#r#X>YbvFMkmaRd$L(S@{S<0!K8NGj!u{4n&s2a1Xp6b9g+9>mu z`(Rl7!YmngsWD59nYJ;*@<=zr>@|0dNH;58)6M(_1k#h=g)xkF`s58)x3$17i(ro~ ztU!5H3m=4pkRk4Rkg{Rz@iuKiV@&qrWMhs#R`=KepO4dWoc)ERj`O(U#6GWRM`m-J z>7tp5`JaCw0%}d+%p>N?(sPe|ilO@CdY}aAAxdd({b2w)Mh6s!6iXyW zdqR>69l3eQ>2^Hrztpam6m7f1wQvc=Rynd&%P6o_%UDS;mJ#`?W!xdb5Hg;1Bp3!H z7 z5+6$vA1lt+oD|Dq`J z#afz^C2xE&S}v9=LTVeXa(2Dn%Si7F@I<4NZ2Rp#q(r#`L5l zbI(e&pum>2s@)!=8+?``L}^27C_0^FBhXlsIM(p-l%8B|209-N z{cIiTSA&^{4$MAuiM&3UH0v?jG;3yys!g^<)i&FrYL{(M^^|Q<^~`Khmu!m~xq8ma zE9B)TGLWPsL(Ju%N))8y#ghy$RWiV|tvsOqb^_@@m1HP#_YiD3K2!E0gV}$Jlu8kl zlN=y~a&CkVbGBfpWdWq`F7w(3gBvAE9|%55ACizDpbmH%6-fz#ltB_dSj=OeY2;cC zFancKW3={7YQ#_@Id}BfvgxBNfEa+5P7PObaVSl$Ucu%lH#|{uu5AvawUJ4uPuWvC ze~z}4UFs17mp{s{1);}6?D~H%5C5IaEpOn)ZqlExMV57f@doAMK|@HgfFvp*2MnPA zB2>zuYZYsLNh;PH)I`#;vPvVO3E+@jNLkh#WfxK=0)T|X|Ds8WA#zm8;h}OE9eC;g zG>-i$siGC+@K6SmL&ZW~HR-wFt2_K1P*Z-4{ZZVeI{pL=Yw~Kn&L4khV0pP}7L6|x z>Sh#!3VWdV&EVmJfZk6<{>$2+1Uh6&nrZcmVtwXLg`3e`%G6lY&wdP*SgmH1=_+*I zDIRP!krnJi$V03(e-SSfH$gTmx9ppbCDel1u(YsWbjZzNo~RydH<1#Pkuzuo zv3AVzDOD9pgbZ5vjS!I=ze&wcsd;x<3N3e83a!?^fo*~~lR1T!DW&9ZmReRPvU$coRTW&h7+>vrS?Il^k@mtbOr@gnN z*cx7wZh~vlO{eyn^xX~scuhLTuSw^GYtq5Ca%S_Ij59(@=}eI{a#GcuIjLQDCJFpH zcjlzzJCnj$P3p99Wlrc2qR0RRBtcmYl%+tMGN9Wv8Bl+a=m-*?LOzmZL88Qmi;XtK zJ+k0vEG$#D#XSm)RRr0Q28)s`*hx=?JgGG{agtN9;2S*Eb0e9l6k;$YJK7fe{6&!N z2*RLhrglhv8Z(p)u@49JZ>(g965p50Kc)#EtNl0z+me%DiW1)!9Z3SU(Urz1^Ko2+ zNr|tkex!ei4I-%0WF(lKoMdy9Sj79H)652e6$c%UT1y5g@qM#GI!&&ovkNjUl&6t- ziZaPQMd@UqqQ+#QqEt3f8Iq040>Y~(K{F%SqM2m##IvjWbxQSjm@=qE?B=CRQy!3vS=6&roX5VN-7{L ziRTi05YNS@gx-_n%#q~GWic7ABAAZ=9RN+%!m0o;$Jf}CB}vKLoEjl{nQP@`&h^A| zpfi6XWmPQ>BU2T|L{!Yv6#1#DxoM~;oXlB73n45{y~w;n7DFOyF-4B1ZcfAf8EjzE zr}-&gnlwX`tH%kPMLqBMdTv{Er05Saz&R5aSq4~1tp`&}mZmrqwAG{QjJQZtBJ8 zIZr&{YkN~^1Vdn$mj8-vzjVW2dU!uX%c|wL3~#cVe@LHNP4^dS@x>}l{@yHD!Dn5u z&w+GLV_a(H`b!P+rjt-(7k^^Ej>qQ@aXmlAnbVb7Do0N;-!*ilev^X%D) zNc}vY$b@s#(3Sdy?v-Dv;!AbAUU4n;o60P3VPcvgs-Dzu8qSmY1^7zp*A@ANR(mPw zV%a%TztFHO^$S(WQa}2pmHN>)FDCVyhApX|7}GnfrX-$&O;AexrhimtFTGHPkcED5 zFyiSMkO*-LbpvE4E+y>3m;O&9IdS9@6j~%ulAE}N3H{uXTT~<)qhO>#qL;X={35dE zKc=6c6N{Y0P(gH)F!J|?b45JGXMbfVTPWhR_8Qf@Y4TjCd?)) z+0aP@O;yiHhZ`Tu6n`aHIzZddz(hajvn2~u=kljP^U)vhLnhA)@uDUszXKr|z6> z493^PbH=8rYGv_vd>HkSHnzHdjpf)q2%O7?(v2M}Pvz;tXMYf35=#KEU}RIwdH~R& z{O0H?Qo0;SVr~0cS`LV5eA$D2{hD^w)Drb7V-Gn3Pm0xZ7c1yxy@ZSaM$`?$wwbP0 zbmn;oQTx!7$@57$JzcHME@&~>w@=O56*v1+we%Oo)-o&Ux?yg9o#PWkBni0ohC87n z9RmnFMSAmS{eMs@a1=u2XS@pzaD}YhAPTP#;AowYjDZRM|C`G_U@pp%a{+8~RBP%M%15yt|N4vHm7CghT!sFRR5NRy_W)SsLC)F0MUh@wKX zVn*Ufh1bF@><|_p9XBvRSDljhvF>0^!LQQcds7k%EPqDm<#=og?pOhKKa0!0SWaS8 zZiyb?6%j@XHq)Z%bu69n^j-YCLm5m^+(ps8Xd4?T0UeDD9gW}7(RXz89Uc8a&`}+A zbOi;i=SQz7#R3U&O7Q}sYBGJI3b0uqs(N@0QC^XJeKP467E7T{;jSd5KqLjmojg`c~)>7WGmAMKy)414;#tZ%gldKYVk3^Z~s^PuDfFzU$+{Yi!^ zS(X4V{h!usCCL&dkR?nDt9r(&=P*;@`IleE7=QOq!4I8gZ^^F%JcJrf!jyT)L5X2v zXVr9N9#WJ#xHV^9^+0iHW3TXW9#F#tV^2S!eGbTCs5<;f)h$I){0W0VED=%+!E)-n zvN~gim>$Ug=kbH`2m*}D1B{U|Nru0RjrcFv5^GvwP4Q+U6!l3%&(g$Zqjq@d|FjdE zj9J=eFlwI-ubZseXBSo!7S@E7hR29fXUD%F8^77Ycd0ko#t&ZlKW%T4jo%D5er4Sj z?HizD^k`{eVf^VQbbtXeW55Z2QW03*7h*zDE?6sQ&LmJ5DS%{?v1b;4LbOOhb)2J@ z=&UzP=0Ld%ev@?wQWGD1B~e*SuUL$?7z$#D9+&fQoECItUHoJ8rA_7rQGe^-o@Dhc zK$3^*w49O}IhVZtbE_)uWMMr{(N}cp_=+~4!uSF9XRIN5k4~;pg>QN#yv8l}^Kap< z3zgVi4j%sge9hgG4Mu@~onY!reHUfmq4Hsl#pD(2(1rLe=mE1oaj=C9{=yV%^cX3t z+WYyAIXlPD#||PDN4l0Ad?&gAj=(luhd0**>Xs0rIYn#cZqR{}2AE(_f?aVae7wu{ zF~PI}vkvBW*YFO+ZLp^(s`WgP8??#0iYiQQ(1rg&E@N)chC%~>%6?WU3vea<)5v@Ya`jew@X22Um^fv)z@K%wx@VulwNaWxECUqHmAw){`6ua+P-4 zhg>e8iuBT_iU289$v9Io`Q2W2hr)3WW4*_xR}ttDU)4$JHF+9RQu?JyN)OjtPD+pZ zu5g&nO-f(u-}*`EF&V~Lew&;g3QnYZZj$x9^(~e9t*woJt=7iU+Ss$#W`$6E`L%&6 zT0h^F4T4dMh*%9SQ(!5&-yc~BG_84{>55`K6wcBVms*)bDLiVro`GaV_v=TB4IQ1c z5eVJ3q045?*;}EvcS;uZXozGm%x|1%1`}H%X#e%2rRdg{@2C*_){<@QBPy+3d}{sW zDML-+FCSljJ|_CL$!St~=+_?mk3A3C9Nk*EbrQA{D&SO`8UvphaO){#w!epnm;MhP zHicwZ7CD+uK6|r~&)x|6>G6g}MhAT-fd?3kq&otD+_z*H=* zYE@YUM0+3w(0a^wH&x5TyhhA|o{G{L^bO$|q^F60VEWfIj~2ONDM8RY`5FmTC}cuP z`?P58S2xNs(YpxO6@Xd*=o$n0BDzYx+NPA!-oV~z^4{bRIyRy^HzjwI*t;oFhOoXV z_1D^zVq8@UcpBJ+dQ;|&B5X>a0zCX9;d9lB{F0F59xzB{KvUUHO?6G}+1|_$i52CPMxog75h?we}wJ)|1cb+SV%%Yh!!R-C!Nt zgY^y8?DMo&jJ#Kjyr1j6!Zz-A`^#_L{t}2u(MmCtNQ$6Xe;~WXtvNgjZNnkk=M1P< zoB{iXb~9_gL{kgdusM{7y5LYC zn_y2#18kCdHYkrfy5J>hZugmBFDoY4OVR)v9oPsnmJN7)I0bQ4Jy~{Dba2gjahsNq)`pHZe*sJgzU!Hic`E9DE#Hu@>ehi#r9QF zwLJ#&U(G)TP21dP+PDQO_7Qbwv#e>GOHEt+nVT`4f8B**m|4dRQWjxDFc*o&6{I%Q ze}!ti>!87_IK7-XH(Co*+KBkbEsRqE*g`U^Wc*1s%MlQboT2?y(`d4d#`zminHc8J zF)M4DKNlNOinXF}QN!{XcpO~I~n8d0c;5?o;JQo%X1Z|4BtTY$_x8mJpXvMoTlj@*&_h$V=1zF#=eEnD=am`tYwB-%lvu0 zkr*SsbG;0^4)?BCj4HM%k9Tan?B;q!*`Tb7Sj6>O6DIB)dnRghR~1nY-GEekedy*? zt0KC?7HAFZoj`2R2R&kgHWgswC8b5D`}~~EDl3wfp;aWk@ajp5Bw_XDWL-HAdsi=F zfBa2Eqng!&*;~PmT}@Ib+R`K~!zxw65@|M=eJz#x&3D@KJMHlm1kmEx!itA4 z3`N~C9JR-2TtdXWC7cfbfA3bryk$By5%U&Gmb=8LWXp7197W7qT)yA@kKq~oMlC%Rg2 zyuH*Txx7IU72GyNFI^9{aoF9vJJqEY~q?<*2M-PA4n!um;4FA&BQT7u?+4_?& z5Z$vAYyyi4{@Q=R`0Ir^Ro!jRQ}0S?_DhnoaKQ>TAWL9`+-a>arVTTy&q-tjC9B<7 zO=Tsuw%*}RTm6wqe=Y5v!MK=gkfRN^)&LK6Iye-VT*LFbltd1`ZY-^M>N$nE=V0i*1h!?^ z^O|L`qdgzZe+n&HT45GEMO&wzNl%HX^s3#1T?m#{%%HEEzmLrOZh(I&YWgh%1iu(V zS`dG=*^%Wi8zqV?!u1&pQnXENQyoa#gm~s2xqcgn))J<*1*)|Lu0>PRD$5|{W(^hD zt8(HkD>GG@VP(21izL|n5TiCzW04aK=P5p<$jOd^e=COvnLdcxqch0^|4pk*+aPSj zb~fl5v7JqFZO4c<+uA!tmr$XxrO2yKShq+*gS2)B1&#G3nmv4&NcLDL()zKa<`Ae) zq;!J1gLJ+OmhL7JOxP%xutjw97%bhn6fE81cwLmFyguAOsPJeC8%Y^t5+ zk#bG^dez8LBUw^^9n+qyRC)S*B~ctPsK@4~PX5+n$?CVZ5$0F@SKv&x1Iz<5r0FW8 z+3BRG>OQM!Pbc;Q!jx@-#o1}4;L_?H=Oinge@#yaUbk?Z?Gc~^h39nS7q%VAuriwlAIf(AlX42*IlzkaB9*(x2T?3_@9$tvAMOz@=W$>W44 zf3qo6A>!bMbd-<{KQ*Tlg0Y;kbKAgcy!HmSm?{OI{Ma zz9e$r7DhDeM>9Je15@ATVFS(dLT=no9;402xi)^f<0VM{B#b#vwUJW@UBhF7h#rVo zbk+7j9fQYno5CXW0ZX6{OZKu{s&E+ze||hJYG>e;W$XuD!FsUWw8a)Bw(AQ#lx|G; zVvj|r}MA}tXHztf4#(q#3e_t5% zhk4Lx!}+&yH#Fg2)L?EKj2f#7|LI(n$yN1oRjR@H|7@o|ETj6eMaIzPrlfCX|KHRZ zYAll?+W4Z}%$%E<>hsXWw`y4OXUm&gE_&TyMUF~^CHH?4{iZ@SYRuI{6zc)nS!{5) z3WHDJNBEyYn2-Q}Qd_9boG2i)FZK3r?b@7s1{K5TDxPG@00 zx!E~A=nl5dem@I<=N@|c?8?JaGMDPNj>){{_{ob%cf*_kgf|y(FWmi zKtVXiiB2vdU9{mQq^spme~_-i*-K#esgRDFkgk^BM!MRfZKS(Cb2ZY{s0)G`BHf+CjSEl1Qyr0423uWI*L4oO#vUTs z3HP{oEh1AG`!6$cUhtD~if9k&nE{lc4Pblf6+8i1nQP>Ijnmche;WA|k{uw-Eq`Z| zj`8aO5Z%luug^^Q(rnka-dpOkdpg?lWZ>&FdQ>W%!|wgPZ69vCHy5nizlW~J-F9zf zSbr<-4l_#L^Tg^wuX2Wx`6}E!xlqqF#(j;`)w3Go^{Y%9M`T@r6ytn6^wUW3Ao4}z z1*pQ(ez4IE>rB?^HRsutCKTH@&^q&y79JY3H&`gMG5f5If?@|PG%vAIt_o~A-^=)x z$R@Krn*Tlj&(|9+Dlc^*8$&Hjl?8E!UvaZ5zv{)r1AiQB!`cX=Zh4`tdvv3tcX1|@E#Y@Wx*EwTOk zCoTk&v3W>g5^Cq4ejEw)l-v5BC-15g502oL(EgK_tA|TCqtCARh2Z^-Kqz-s>qgM! zlTU4L^J=Wn$u93{7}QL&gD@y}7zX7ohCxlhT|>U;z(q|Kch~95&P8oGWh+cyF8E(* z;FDTxpZXNbmz=PZE4faMQy5E7lV&o)MQCl@;JE)EWV?U z=1~{!{_tP_H~;m&@DzUjX&#j8U-QSK^6pU=%G9HKx$l<0Q@XNUF?v+FvG{Kv*T9c{ ze`|S|m%sj~6934{yN+uJkMS`rPsHV~EPumM4SzD1JbG3h({XiH|67T$_Wq>XlP$4t zHb|BK?YF~Q^Iq2cEUjPcY&7p{fzj!gE=^VR!|R7t`1OlBX$L<}-ui0|fBo(7`e6-W z{lce>fGUc|U0IjR=39rgtmK9H`Q^9&nxrhu$F%!lA7MtWKfrdo{z#8R>vs$ew|{_Q{r;L`4`|NX!7U;p~I zf2``p!1Al@b=exMPzSga;^|ZXq+kdl{dHcuZMCBzM@>j|K(f={)GxO!Z(R)ot zXU*>)z0aqofIkxoVm3lSrWen#BxYCns!;!F_XnTl|HhSH&0Jtfus#Q7o_YGCK(*(U zO*vA3)qvCE_RTRgb7gB#kC|h778G>uaz9t)Zt>4w9+{t*fAId!#rXDrx~bsg`G2Tq z#chS8{$+C2xAU2i`i}KDzLfy$y8m44%R$zSgI`mW!<2IR_eTYGu>jN8U68;o2!fWc zmrqjlQTy=7km~l4X*1KxTK4Q5)s;#MsjqCAJ!qO;!YbBit}EGQ^AcC_mpK~jph-`S zA$vB6*4aA#F*9TzceGFcbzu}Q(SIsOga5p`{S%o$nk^)w4NYAVPj-WC4XiKr(aL= zf3Ccy!_YfgnN6!4pvjMOF1HW*`;~aVbvd{1U`2W@y@Va|lFItv;_sG=b3M~IT_V#6 zU)H$8gGwiOpv5Qnv46e3ZmIKE@>79%Mr+*bQp>?3=@!%FISkWqp$>tu>FVZoSRf<_>T=TiVM6Zb4#B1sRf zErF!_$#Nb@I+xzXkske=pW6+n{k=b|a!ZAYmOCZHJdX8&x%(h7x_|HEANG@FqCXyW z&?;*H4fM;|ltH;gmg4qNLMN?aCe1E3<_~kmiYc7$@idxmzvSU#UXy(M3r5AGpNF|j zUk+AGww=k4 zX)&Ch6T5PDI>$n@{eOzdp)ddA#Z%sK=MP_x;LFz?j$JZ`%}@V}a_iX6U5|5r^iwF7 zpF^=gGar_mFka)X^!hO*I^CK3=V@P;aOQcxVk2-l9E7c&ML3`J;t=ob;m&tc{Tnui zIgi6pj_xt~4S?|omhExS7G?|+X7n&!AlR-vFy$Kn<3Yn-27ebf(Bku8@mZ|64ZtAa zPj@XAq_hz!vOcf^Fj~Qsy&izMJ!reM&3A^tcu_D(J!$ zosmVQKG_*L=u9~7%!>3RZy>!>SQWQmRXl}Nai{AyVAUx=TJg>K?61qHtY)BG0G{0Y6u*m>lK%l>^>49}8C9In(d^NYctj|0VVt&G{$?SQKTmB$k#>a2v z)@dk*uBBY&mVK33{ZXd%E1QllW5AhMGHFPs=!XP=ff8!ZA};Z;biYVLMiO694hbVL^FZj;%N*#(e#hE3}f7Wbq25M@q|A`{>N_ z)jYbzeIPwLn!m-_YhqdrcV~Va-a$e`jc)jH=q-PLfRFv^$Kf~qICjO=k7N3_&eNSA zhhP0T{H7nrPDiW~_|%U>3#1jQO$cp$#mgUw^y8R!!greY$^Jtg&o_<*babfFD;d)I~)*KpXqjMta>^OyNQ9yo)Xt!q8y)1X>S6?8DO zdB1<5pl9>=P*v+DR@y!C#{;K_^RfrWZL3%72_)PoALr=gIfuw*RQcq~ynzh&9_Mj& zcTU^>=2Ph~c|vd16ILH-{l3<-nJPd_pT%VE-mu{cZVw})bKzmsgN5X~14)@hf-|9S$z73;M7McVw&_~bgRpVw)Zq8sb9CyOTOlv5KycTqM; zF~n)CSBl%>>uGqni$Jvdc)=+O@idam*c+=~8FLgSw-@K@3P}CifBg4vO9|bv`Cor) zNYr2Q|Jr)f6xz5z%{k8T=@S0d(BRXd!RyfAjiK=(V1DMT&Sz{t0Oosx z@!Np;H5{14_9glU+LJ$=*_=nzKTZF;NqyR)KAlpZR_fF1Q2%ssWm-(ROnvtn)PK<^ zIWsfE6J}<3KQr@e^(Z{CdK6w~^=N-~;h5LpPnK8J<@J1VRj(e#gZNdHeBJKyX89TI zp7r-6@ti-;J9+gR4*I#m>H|LtHEgF+sTasrBbxiDSRJ;J5FCEjK_4(ea`r4PKD4t~zh9e6jb_YS<9CKsh}N{H3FDXz|4 z(@{n24!xTe$EekPYbqcc-c9Uw-c9m*Jznv!ia+d}u#UW&c=oxv>@@|@Jm~-!@{pC&XCKZ3ZCyqogceYN(($TwhFxFapU0Ye9_l0Azju$egI#(}% z3x{HTdHnq^<8Oce1?Bs1{dk4sakqw|!7%o5XZWv62*)c3ep+`ru=7_l|9E-I9Y(yI zhO!*2H0_s>*0rglrK>gW<8(nPZ7w3MD^sTnN9HU*W-Hd^U>WW&Ybbxq>3Y*agwIht z%yjE;4QJ)0rPE~~V7E2I=O`X#x_(&2YC&0l(vI+GC2z#TOxF)3 znCaGGEh~XFRl+W~#T*2;>;hoIK>!RN1i<(?0OtSOImJCvsx$v&UWYjjH^G1OIG>Ao z8mgizG>>k#*5H<-MDTxQGd5-|KE=l9w{@_tJ5J6n&2VNjG{(fMUI+~YmW;cIUw>z^0R}P#eA3ZGx zqxqds8~b5Cqh=MKTgOP~GlxIf9@fmumdW&GaRhmo&-%k3w_D8TEl$t3IIS&C7hBBnPm1OhmmHj> zv7_zc5@Qa3??IzoPvKqsa+V@{Z%T!5%a|YQfLvb28!zLNm+|v2zn9S+a}2WWqR1N2&OfW83^&Y++%>#Pxa(fK(s{UR_-^5@ zb{FnSYq)E8D%@3;jf$O2`P*OHuj}5$Z)%>+KTf3J@1}cS{`$AS{pT;c%lP&eNQIfP z8>P>Up!I)-HvB9Z(VuboKl#B-(n}h1Wb4H)vCY>zjjzGUVxb?4-YCf%a9eOLU^;620lhO0%h3#jT zk308lfzwgFRD8C#^y>XNJaS_q@BYk+O%%3j4;p_8_n{$2qwx$8u z#c%#LyVh!Z;nXKSGGO4&l8!Q&GD^g&x>4;bM~@Ovlpe> zsn^|0#m@QJP~RYTF3E?DmmCR*mrX>wITP&@Q_*j!TihC^0=sstYtkcjbR)n7*{%(Pk=+i`g^&JUw!_t9~JWMwpAP zubGn#@51oi{vhA^BL1A67w>kN9~|Yi=&owJV9se!9OT?se$S)D9Te18>}fEWRR;uJ zGPP(cd4C-36%^S;g8g}V^a4fZn*Ch=jtYKHg*nLH@i`UzjtZRDqJNoVB60J}p$C7! zd_h;?rm7A?%jTcD7&!N2cZ=8Gf0?o~==j|eX)(su=F9nUtJjg{pEJvz87ylu92e%d z?Z_1NWST?moSc&>?8qc}ExM~Z91e)E8xV3djraKz%se+25{2p4QP8qhGq04%{B0FZ z7;ayW$D;eXAE#>!*PrKd)3ASP)Z2e$*e_)d^PB9a&n~CQ@0MTt*|&4+zBrZb?9VpG zW8RiWMw|Dy{UO|2*HPnOn(B`Qs+M+XCH?E%e$ z?vQ@+6#Wjp=a$kp(hm>Jp=8s6&Sz8W;3V!fi0u|}|Mf^&eBCLLuiIM2em#FwMN8n{ zQ@YHaDYJD|VGgw>w~r}!`XK2^pDuLpM|$|Y#=SQGx|`8A0fKWpvJ;9YGV#mtY`6RA zZoeK#lhgT52Sb)N=KD2j?y2d1G}{j+`%@ttbBWmncJWfZGB)c_2HFcYjXPbu`A5@j< zBIC1~<0T{MO*F^l(PVEQPS@y-Th+!(2G3imjqNeCXj^q9JkuM`67LzMajY}GJP%oZ z%z@{2p7{5Hcm2SVozwsK9(dmwtQ=vL=b_58NaccFqswb`baAcj^o)P-7j8Y!x9>fK z?M1+|no)3By$P?i`LNyk3$%0>Y3Xk6@_D+Rd8(clT)Vt+X3ujkIX!0Jcb8tW?xO{_ zy)oj{bMuT%zdOA5uX9Sf?d8kBd&XVb8abum^WEEC*4-F3ySHE1_n|q({C0Koy{UVb zR%h3o^ixXu3*DoaE+~JW9#HgMntZw9Th}f})A@4r#><~tWu}Y8Ubbp| zP~WChy0j%T-I7U1C{z_a*q&9C66*BDlmGZ(#mjfT%5&wgFgem#F$|J-NE+i+a_;g=u| zz|_-A5VW}jv5t}>f4LK~eLWhN2gCA-<%=8lGq$!<_M`Wo*F}Gs!xTTio1Z$UBz{XO zoTIw`td(6qTkXMgwa4?-?kB9hX2xE#jQ-SwJ({nF)Ag$5fw|}nt1L(Kcdto*_vHm* z^9e?LK*4zhE9`%bOB7Fv%^RiWmzOB6pMe913uVfIn{4&hzB+yx2n?P)I1lOa$etUui6N()P(QrH+5;>BE&VpmgXQL^3O~7 zToKCx3gAv875r}g{=I`{%?{vG82}!`QMk$y_{wv%y{=B~1?=32S-vg}=F`6KQUt91odRFk|KU)u&T*Ez zg#B~u=f+_WD7TCK3_DBUptgUkY(KUH4(aptU~u`};PPuLW+Px}ke5vZKs&MYhL$A! z2QjE~43S@gQRg_|eh0kWx1>R_}O-lW1i0l$>+aaLN2)AIuk1gQemPr!uUIVYHNdK+}wI zu|@lfJcI{+@DJ{RzQpbZ6+yWy)VajU-h?u|m*|TvzYt2%1K9^M4>mp6_+aJ1h6l?J z)<1t(_h9M4+6QYM(nI{>hQnK1iY=fKhNvg%Xd8!-Sg8Ku!h_=nhnKsf8XY}2`{2w2 zr3Z=+Bo7oGh#$y*X+uKjmBmZ50ToHNJ=aoFlNPM`#m5IP4?dh$>(NR7;N63#2X7y| zd2s2$#RrGV(Nfz(vAqXvW}r%ejhC8RWi)?VeqrB(StBtC1u0Xh^b?4+caFrO)`gAMqM5ZbowAjYPz@VM{|Dy zslbD6t9Y3WUA)1A7$o5#@I&wq;q1NKd;!^d>e2edM!=VpeelhZbtN1>?lxLJobA5X zYALle4Lj?t$9S&PGKF?rL)_?sc=8>Dt#yo;Y;bjyRB4!upNaVwp$Dswt{$dlxONtLEJS2a9Nd6(YheQv_J|y!HF|Ol7l!q7|B0og`5Zyzh zhiD(7d64uV@j>K4!h`UG_y=)c{NRLPI+6*ty5JIK*hr)Da5)Yiez69V#^|iUv`G*8 zYI(J{OK2w6((Gu1B{qzr7$goo23n$AmGUfWb^OnA`@l+hBis8_aLx zzF$Kz%sJKQk{1d#*~Eju5DbZesUUSGlZqRaH!5&c;=FgOF+)Q2X80JPW;0=)QYNt6 z2N1oRnY?J23bv2d_|B~vvVu8kx-GtBXP_V;rBkT}!buyi0`#MHU`#E}Zsb(Nx!lQB zSJ07w4y7nl2O#F5(C|USpm2XIG>&zutk5th8tb$SIsjc`p=>O)jfJ|g&^MM)j#R6m z9NCXagj`c;wI?4(fZ%P>_W|9KsK%aMwG$Db?tXegSnhUsBRNZnW)$|6O&L(7)k4CmUcoI9CSjvUzR-t6N}Y3#faiUPFUn%2-$vHmD7Y2E)Dp7w|#3pbW5g zCS0Xznh|o&!OAtJKsaP00FyQ+m~~LZGZVs{5#O5;0aU1vA)zo;qnH@~AI3*6Ir{2< zv3TC10x$}cM+-&QTjb7_?>aqV^}ZAe$t0Ll#c;DJjMNMHYPx@)r9G;&sMDfSi&`zJ zy>sfV*C3q4=E+6CWLQtZ4a(famT1l3G8RthdSbkD>?3fDW8w~GLEDSVT%$&v=sxo?*nR#dE55v%|%Zkz~@Qo|E_v(LuSUn_fmD(H0FND?-TKj6^ zz=i>Qm9r_iG5CZbQf=(ci|;kLQ-=Z4Kd-o{nv$rmKynle_h1J8*BzBIatO6Q!arH?mO@kk+O3M7;()RM=4a(5|9jFZ#B+kl8@{> z@DqP=!BKXF8_cR6svF<}Y@aMlEGFjq(Y*(L9!_K$whj+j!Vc5GL0}Kxi(}?UrpL*B zfYko}0oEUW9=61k?a00u*t#JFNdgPT0d@$?$KhstN@yNw^A47Z?yP!q>}+5X2WNb7 zCbD&~FgF?AbXG5Sn>s*+*cRxSoH=N5H9CQm&?k5(7}Z84V_nj8hMSJLf(M z=PJNG^c_aG<*Zz#RA9&2hA6VCy1wAyQuUN89& z+&TDBIG94rzDjnMD#T?Vwy_BMZYr#)LCQhWR^GYzfw`C|ZjF3wRojrJ&LAvC?+N%3X^RDxqn?C|KJ%CM%V+5#2?;&Yp z>$b%hy5u@Vw&=X{caHur9LW7G(mrcl0s8tC@H2i9Vn-XItb;g4g-|4@&&^vi?b#4 zk`gN zBZbV-4V#$#F1{Yv10Ot#QT9Qa9%Af;#npkS(rBdED48B}D!!RIWnR!`f6#yCJC{P$ zOeHL7M9-$QY%<%<61lh83x!zovY;|dc*2AyrjOVcFPaD>v-2hR%7bO}ELB4~T5EIA zDv5sZ9ONBA-jT{z$UB0(Bgi{~yd%gv(z1|u#L705WBF0Y(72TpP=k#TB7Q)6qkB+p+u9O^kVCG_^Xf~LMB>uCJ1xA7I-V~pE z@yt@iDhzSGQ}lh#DS>bJpbp&>i256KK=F}i#wNTAy6+Q_%r+{+b(=d6jGt&rDYycN z)PmGGvj71p+{t!Cwo)6^A|w)po^x;Bj2<){Lvx)I&1ruKP>X=I2w;EfPP;wrV6kVX z>9%5G(19B4_Z)^5#@aC zZ5ZP?)*ff_@}0ylCvjJ=d>^9e&Kb!u)Bp@REENde9F`Fr?qvQ(L1B}mY)c!O12)Of z*o_d1B-qk%$S;hCg7ps$4>~;P@SxMowl?6y_~4#(_-LwIiw}Rw8I&_9XHX9P1N6WL zAa<=?BlFO-a66lWg)L zu~FuNnQbXYsQgk5rJ~DVOOy2dsAo#%`({m(Fox}Mkm*BU*4l*m0qd;w0Z|{PkS2#= z;WY8EW*)|{a2S6U4#VOdnj5?oR|T^;2gkhu*c-4pVp1j7*v`%MAF0W;LX_tLR`;$h z@*RRCXaXWi-SfhH&Gr1Tn(ZpJ(oJAryd9&LVsi={GgUJ}qPf|qN9D)cHLF2XR`2?V z&DJuy$)&YyT!w6-LDNE=(+t*{!di1!zisn;s=72>S1RZ1oJJyyk*Sz@tXjjjX1^hI3N)RB!Y2+kN(CxfJ8oEcZw&>$^sYwQ5yUR0SyB*2nP7Yhgr=5 zT>U^@YCUy{#z=PnS)-2z?ZUto6nk%R)+-!-v~F>a8e@XTsy7V=ytu9z?*(77q_ERF z3W?uvDjU$6eTU6ZYK94%3M7y#g=(xt`Ye6`*&Tl%J8ZVMZePzW<}@tGMBOKtjsp^> zIgpStRMJGYpiQ*z(L5J}&CT+t;<-a&3(y5w-)+pT*SIGitRM#~=$+cx0@xc$00g$0 z9NQVqKEh#0XOM5&RCl7yM4d3;91J)I1J1#Kd&g!Eb(CPs1R19qk^$yRidHk$C*PK4 zf5?BPTiCQdv{-zKF?&_%LojS(3k<+Hi!qqZAGG<7D|HU= z6W~;8+!}WuT;~9FGrKmgj&^U}v=Cis#>PrHSswr%Qt#kfXh1h-e)DhKyj)Z81eJ^- zSwfBm12$XdyD`2Ro|2Nei031o*K|hj*Ho{&%?2+EP>3)Ank~#Gp~+GM2A?+78$Ew2 zO3#W)?@QIvbqx!Xy)_Y^gEih|pR*b();-l!Kf&RHnH|GhG&xa$46UpwZY%@lT8ps| z1~sEzSn_0(6}6`Y$4$TEF-m`%E;R9hbW2?qR#|GP5K#$ccnt$)j`*`+6pm#8O~#l3&=5@o+|_BNy`jwEr2y+jv>L@5*q^I2TWFlyR0 zr15%Ao4=hjej>v*X*}BOwap7@JlgJcZRc&t!wy3v4TwM(r7BKLsmWAo$FM|$yWL9|X_Ss0o zi03D+y*X||J(}l{E#+$3DAt)`VjbLT)WgiCCSx#q7;#>~^!p;ybZTtqLq;t_Q=9?$=N^DwDkiuq@!4j7420@pwn2XyXJSBX&L(=X zQiK3hJNoqOVEMUGDoc-{bxmL=Y{H0+h8w!G7FskhUrU~giUlOXWPMt(h?e^X{V(>L z70W3rye@3Lk5XZcEZ~7R!gw8;Mwe2F9X6tk^C89G$dZ8HfuCkc(2sjPNEXnZU|$WA zov|yRE=FCGB1K({cQSwaq8nb%Ia0ip)&kBh5Ja2`Y#n1D`!$Pj77k;yXXWW9unEbx z$~I(8?p(8&TqtAw`_a4}zu>=lJeVA%BwRf0Pl81k3G}x9z5cnkBzt)p6!P2vPJ!?z)Ei3ar0X4?YqrXvWv{YqA@Um zd~H2Y>jpo0IyU^eZZjqjD+sx<+pM7FR_~m*A&qZ6CK%rwLeUhMHFu27;0xrrtxQ*s zi0>_Lo*Gs0LtB4ll(<@7QtHVJZ-%-HW9Fs7CFK#W9(@-{9Pu~0r%4>a2Cd^ekobdO zPJnUE;?!CyA#sLrWIQfVNki-v2JjC_=C=nZx+#t{t$`$%<)En|8)y%~*WwHlwGH={$W7Ug%K zH-kuQZ>Beco(y_2=*gfbtap5H9rR?-lR;0`sz6T$JsI@$AdQFh=kdHx=ngD24-3tM zTwX0gC0Bn!IUph*wb>|#*ZRm`n(^vx<6zsA+BlNsXzNJHWXhqtg%9D*hwsaW;03+X zv>+X_K2YurfF}1)dkHnQg%5n^!}sMwk=Vx|V@IwW9bQ>V=zUb%Yxl)0e4slYzB3=J z%ZUbhQB&jris{KOfbS>5OAMS5deacjKu z;rsHTilb(`5f~j(oTJP!=sA~(^vKawKfK&LzVqQKKEO_9C<9w6^&S&Ml5Hkf4`Bt^ z6rO+eba*HKGqlb{696Y_t6d{fP4)P#7(I5=t1+Aa_+k!ZoOBZ%xe{*e#s_!Qk~Z*Y#~jHy zINQ2#%9<;?_@Y6Rw{z{oyMqiWfa|e0+=zcR`4&tVdKg14u9kTFK>c}KGe#@Gan)sA z?+T-u9^;4r6kLh=^~>oy(tHj#iNYmtOojY_@Utb>41EwyZc zkE@+Y&IkL4hd6~`|1?0^Ize&MgzbOGA=}*XSifE&op$}_fjZfFUyP~MMgu4qgIKgA zQtBhL#4n#jp9At(7)8(@dX9V)_GF5lmE<((mCZH0oP0kY^r;X&DRyhDfvy^$O0rWX zyk<1K?Agh5W6> zh?^1CoPNH9T!n_F=nZUQ3^s;*O_Sd#T&|mtG65>XF1JAnj4%rj8jQ5eX^z@?w&@=u zWX|Snn`oLV;{jn}ZEQ4WLD4MV{W>oEUT+&p!33^PkPB~6N4+U(^RcWJ_ z+gQu!E-N{~+UYyG&f0a4d+0uE_ernu#99U!7^G#U$?Kd!US{(m)-qVakn0S#Fj&H1 z341>e6&+IF$XcF0v|}xMeJ9$C->ko#x*~@CQ2N+xAHCKF`X#i-rqX|`0cZ_+CU$qj zBy-b@{&^!O4H@sj#ksZI#VdR za8*}+%z&c~oI83ParmLj(vgZ7+ghqcLQVdruD_=%@k+k82WF$j&@f&`8bIVQc8AoE zZH+BMWyJOxB!nS_k34_9yB}1w@Hdn2y|QyzlRUfL2dlf5P?Z7u%Te##h^`X5AC8P~ zzxYyXb<(B5i1LLnCXKo#R!nRkg9Q2^$@qQ?G%lB1X&AsiOVtmbGSpiF`Wp)~5R7j>2NETN?bayp$*^XBvjC;`WrOzT*~%+MPh<1J!^kPYw-SgoAWfa|=bQ>VN4O^>a#&m2$k0gXGozW4hqf%I+ zP{e){?O1e4F})h?wmi6>pxs-0Zl~T;;vPp5?}e#4G%|mOVz_t_>ld1)J58^rsp$De z#-!5Rlu~`<7J>(0D4@0Dm8S7d(;FfTSQWC#-A7nD3Dk)>L4FRGjcK7QH03)@Z-`>* z!-UWP=%Onbf79@BeU8B|*&}d_fwKgv_r8`Zp zr>Ui=3%`HPbyJGB*<^x(viMED%Z{eshM7JaO$`)()rIsN8Ux7}7`5K{5mQd4&_dI2 zr|AtkDsa-X+FZjh4Z-vV{nSHeA7Mn>vCvfRG`%6>IY;WgSIVQc(7Ux}pj)vG*Cd$v z^l^^nPSab)DXg;&VnHGKGW;;fxoVsA(tK{b(DakTs1$!LCILWQB9Y@=@83exQbk5^ z!;6iQq(?nrOF(66CB~a}iGJchuVhKnni>yf(`1w}K%>FF=SnitRb=`g!Cs?qOw@=x zX$*--6?NMdJ1EC?-EQ?+SKh}3BsM>6f-NPzHY>KEFM7JL<*u12U&NIUyvJtkuzF_P z5bNydIro1Op=VMM-%|2d?XjJ4?qlb5g(-ruI%<}ZI#^BW+~a#0EtU+$`n|jSj_$eL zLb1i1s1h0DV4Ojoi|!Bw404$gCj|4fLH2`o9UpOyOR>=m!-ZizC0I|XXyz9Rv!YK= zFYevacUH}-j`yn{C^RTTgL2Y)(6m|~G$Rxg;17UtSu!K zA8n7hqzH0_VqG0EFF+|hz2N+b=@)_2Z7wZkYpej$G>)C9^{i*nhIw&0n5PY*PfS0{ z!HO<)5;0)9^$m@oYMGeoXtdDpY2)V;)35qcd>fi0#{wmKV4LDh1%?K)sUa-%d)m9=$8hi`+K8QmFYq}Q&@o^LzMkzJ=#_B}1tilM|FZ=aDl<$Pbqxh;Q@$`55UO2KrD-HY9qsp*3CiDmgGax2|%e8nil5xZG z_@?gvJdRF~RFqsQ&rQ&N*ufelctq+1=P?zBC2o@f9BHpP+|qzjV~tQUUH{YpWly79oiZXaM)RdYdEFowi5&45oBISrc$W-9QGcvIaVE zO)!&-yUn5MPTS*Sm4rz++t?cCQYtY}ZM1QeEFoVP5dC@5Nhaw2QKeEZo{36iJ>bG5 z6|2VktJX?CSW17%W+Yh6A!({D>{AZVw`6SSLCEK;G6r1i()&1E>4us{Q?`a76ik<_ ze9Fo9*laCVZO=U0rFTd@om0Skia|s-Ca4szhe!v}#M2m%uhFe{bf*!UT`Mj7YS@zu zS8Y!evpDL(_$&7XpXuKFY_W{)O3tD3h)$rlm|JJl5`=$j8N*%`Bz>uCAJ`L+D0^EZ z8Xx-;ozpjY2L6~NNG`|9zLT}A$^68Z)ItRv`sfa(>#S|N5NoAqq>x=iFjE;#WwK_%+cdQ$ESZ+r0;b6f~LldQ3%MYhd|~qm`&%L zB{yS7xy_^c^U~3E8k*Rs>VXN-bJe_Prbrpd*<8nMp4Fe1j+{!Q6xo%LpC~XQZ}YJJymYjkn-f1^`i}&}2;4J@CXJBVQ|?!#u6qd?KZu8?sacO_OMzgCM_;MK z3=d$V1W*Le%qPzo9Z3nFc##Bed~(dF(g0SwBN=G89>f9@DnY{)TYK==Hv64Uk1564 z*s32GY|K5jSg5+vdod>DG_G#`$2dVoKygjm&lpTX(2czWXKEY`#zQyu>Ou6A1Fuql z=RI1)XOIXLTJo)=BF#4wVjj*{K(lUMZ6u2{CDX)E2WIl+q*x zUpVXOj?Vj<0e|?_*y8lwGi)IhPT!zAK1VzTgapyZ#(JMywY_@Re8!WNL%}4w&!qSD z*T|I64HhZ{byk}-l)Gexu{v7L*P9T3_Cxq;z%X{XG8COH=vj^>+K^kanbBmrx;sDS zSxPXqOYR10s3O)sJnhYi@s zO#op5@f|}LOT8Mi{*aSqupoaQlHBiy4{L5xfZRorDXw#Exr#Uk_+G`E>(^-C=S-+k zDwqaPt1Hbe7aKu8*pD_)j7(QAdA#$vP`-%f@O813frh5#H$$(HI%yYs9BvkLNYhwp&b{0 zu2tw1LT6jspip7C6k~~s25FYstzq}_!T#Zw9aE*+O=>{OCBY8YKprQ(Sb_|$@x|im zoviUpn9Q+Y+-Jk4d5+RNtZ@k=b>pvA9`BvZ%1KK=c!o7=D-R-!%0MQh5?c3HbLGP& zv=Xo*4$IxxR$}N~5@dgJG1WzA$#3n}2bab*Cp}nQ4;IrC#%gG`W0q0oz|r-q_aQHG z_2-hxwGQG`M7+hcPTU-K@m+&AD<`=g2>!Tvz-%^El5>=rizPz10Zls7ll27}>*@*f z(c;@USF%zIm6#>fmJ*7P`s=ccISk>Oy7fM5p`%M3fhvZnI?#U_D4$qdp=?8TDc`P3 zf1I!)z-Y1{JJkS7fkL+y2)mjXf-VbRy)^NIh8EQvy{1RjY!evTCTW0UtG*dGIzY(x z?EVK4RR#Jiz+z0JN0%8&&ZKCXb=^iiOZ?4A@b(KvFd%}i3=y-$V1tmxZC8?3M;dk7 zcnqljXC^_awsn8j1kTPm$V2gYKpJ>RcXEF5jTfm(qr#Bk)328Hpkm#zXku)ih zcXpJKk{&=js(e@6@xj*33k++Jq$D$Rb*}_hT&{+*MmT>DZofpdB?2Y}hX>H!KnZ^V z6CK)#{zEF^L->GRr1zn&(2szA1oHSmb)g?YhZ{N(&SpHm#2w z=jO%tY@&aYl3Gj&?=ekt>j=2mz2?dw;K@2SF}-&)se`pHg+@YA)YT(b2g$8$F2>ra zncjSarur}%ra>B>rMA*@f^mZRQQE+CFK%w?hiNWThSY$NifTMrSDPOYas*J_GTAXT zmr)O+9@g)u2O=tX)B`aUAff_9RDcZ-Fy+HE<==m$D?QcH<~w+)==Y=sJVpe zb5~HFQJzsR`yZiOr2@T0su};nvZvNa4`(ikb;7dD-3mWq*OK9GL+>r3kq)9864R0~ zp-ORHmngOQs_(Q*@ki^PZ>2Wj-hiZhYEZ)t>NCfY0L+QnFIJVRwoCh|c;LtErxjg( z3Xy+<$N)#9DQ|WeUt`43$_}CT#bN)Egl`-_b|;^r_B`9BdABr&rFUC9od5|hQ-0? zh_IJh>mjp^$+$Kvd!f%nl1ha*0#!KCgYJKcf@A{T1r{2>6f;y4loym2)GJCFH`zI# zghVh)L7S9~FT+B)3rr? z2Y$9eX`Jwmr1$ZTq}S-k&o(5~l~8|I#PczJ6xNMmf$$7KeNp2XQl(P{_HEVWlxY&Y zqU(wG8FAbCL~LD+clC4a+@y!bQ211X&(67-tm#hL7szi8y>KUB&qmRyYlp+YEs2fz zW+wS9s8djvyolfh}l{ zIFK0a5wu6p9zlBq?Sa{FXVrI@HEeRIw#TATa6_}=#nQR!;Xp0$3`)^tL6Zed7Buv)rEZ;(;Zy5bPxA1k zPHT0d^kn@DTBCn2qN@$)%bk}WikA*3ug2zJ{}{jw_3&x9=ArC3RW1uJL3i}$&eI=) zr;W2Bl>uXF7-}J>T#eyaN3L#|DHd56A6?x0c+D@C1H&G)rBKacy6#CjX&7BLw9t0V zSFY?hW;fS8w>b8bu6e?C3y{IUsb0^D!rUk$RS+x@QI>z3$o9#Wi|?d+G3f$Ow)7yy zpwq2#lo5s_2^!N?P29_x>ozJr(S)^C&(;xFau06c;|By@3+NKe&axNNX!2DWIQh#O z7-SKUMUs751FPTo4H{S`lHR6)buVj61K;keZhUfeZli!tAMQnwhGuP%2I$T0ZS#I9M~$_t`MFc zYRYneE(!V__toG7%Y{(~$J>VCeY^EtjR<2ah8)KnMmFAsUacv~z?Mi6bkB9^Rz34(|Ew)BEz*dsAI}m@<$KAOD(xcsCH;N~Lv}%c+^R0tm z-L;l6CUQ03LdH)v!S1Ady~Qh|$*Eh+sfyGD$d#JyMq1V5ky6{sDtjWU?f~}GXU~t( zQ!G8ZltLdhdY@c%K8b_q40}?VV^ZD$?Pr~Ry|=6`inwpMWS=lLf}ZQcy+!Ai+2^L= z5*2@deO#1a47IG@@)5?br-CljWXRxRD8&A_EAEaEHlklEIFH$rZ1=r|?2A>;kD)brw^XTl!$ai&i!Pt%?v+J%VG*lC41&Ae= zG0jb{GM})vC!@csvd=y1*mHBkrs^VtR84 z2$q@mM9F$@5V76dBeB z1qkolo+j&E6<&hrqYuy4X(C`AZV-Q0oBL$l87>R9y-3!(YW(E0QZuqP^(}A1X*fUr z_7bCSX=Ecb=Ha75$1lTZ8AA4lvHmauGnzJPvXWr|`p(g{+^OWD`RFcp(cM+$Gr}iD zZa(z_32voQme9wD(z~mrI`i73{bZAqW6A`xrr2x%^YAJgb4@&9eM`&&{ssVMP9zE(7OuVZ%?#1g1VmPQ8WWibU?ULXxN&o zpRG%GfWFX{A4q+sI*f~{`Y|$NNDr4;!znzhp(^u1C%5-Nw&U8Ce(398PAe-42$`b^YESu;Z0Jq3&RW^BQ#fE zo3x)ye%;CYeaYL6KpJG&Qzq5W88l9?wb-;?ArQCaC*MKbl?$Mn0n83ll4p=}a7%jD z=J0*Q~bcB!euN%7ro4RU7#ob` zl0o1IITus+wE>QFJ|L^VtH!%(JWFZlz>t%Hy%T?Qrwl{J{jh4X4CY!=DWOFT{qmVJ z?4RU{Dc#J6V4rvMt}?GCZ_Hv1nSusEzT<20Ni^Qs>iJLKgS?+?qPi|N_0TG26-=Lw zZc?X)DgpOWzA%FCs`M5TgN%B_adpL)(PA`)dnqR5-d&%wB%PD^u2%1A^?Y53Tgbr@ z+nRrq1EGTPus2(71}c{4ja;xgg4I8&N-fSAi6yHj3dZR!UmXd5JvT%0OG1T7EBu}- z$5{^vq1>r+in`C3HB=I_F~sbgxpb&;1pPoGn$DH|o*v=8TA&Q$hB*ANu0?hk5X;!s zdVA_n<2PzzuhwFsr|NuVPbnEaYJ~=fNQHl0dG1i-H)>{e6|;w}XDS)9h!W|U4W$Pz ztr)rHP~$ghY8oO`dbD|T$K9bF-0}V`DKs zHNPU6!$XauSFsf)$sH##be%|gqpp|?l{id;6vD{WtOUhJOg1-w^PSX7hZ=wIZh4ap zzdwHf25T#@in?>->O+k`ct73X5u3D}qe5m6-Byx!mNdk=VuW6MsPPByryZtdsL8;? z7Coddz*O*sc~B0+`or^D`0@>kPFvVU4;GMhlZS_(8}pKtUp=z znY=3wO0qV~lD%oBGe{x{Fuj$wb-wCPMgk&gk;sIeWw5vwy3_(Q3{$)|DA%kcz=*&H zP15eL{x(mVnUn9o8h`k+lL>Hg43}zGN6~H~#*b|fqKRu(q%)H#+(`wE;}W!JDM08X zy<1089NIf7C3c$hTuCB#axGfQl_+|?Pa;2xDF7qMdWr#kNVSETT=7n_1Ea|sSW8il zoUiOci}cH!~!n*SQ4OND~J8YMZehBfjF_5Z2Q#lJOt0 z`P_Rm1qOO`DTJo}RMTRn38eR-Q*dU{wuR$PI<{@w>e#kz+xg>kY}SUv0_;U@s=QLl1EvcL-9lO^+pd=^QWpDB*5|BKc3#x__Vr!DB?hUe2K8w zW^CZWi6FB3I9t2U6SXCPr>by+~{YXA%YJfvt7<(4jC>bLzuGF>b9_zd32f7 z*>&Ml3{pqfPidwxm8&k-+8_ns0FRMALR%YG#erYWuKmlD6$p5iw7l<4OwH7CTDiIM z9*)nBEMVkQZs4>#?4}8U97b2Vdh>=Ub6Y1i1%42xjkE zpj^yx!mHESq|z7~(lnfNV*I#iO)1JB6|>|F3`3#YXG(oQt&?0= z;NWgzHL9=WmYl0r+O~3)`>|v+^Fot0HsRs=3_x&?aZwY|tkTpegs~QS?r+hms`xr> zq+|C;_RyF*k&*~J7oQ=Fj zDe6boW%CVIi#&>yLsHi)5t#Vf&HJ;wx=~&~yJ0x8pbTj`(^+Dao#{9s)1MAU+M25> zEbsK~`EWNbEjBF$yqfF4l5fQSd9=hB{6o8O;hf|-ND9yjNBjC?4JG?iCaj-G9xsf- zUD9k-tRTC%_%kGcPaRffNV!_+-dx)Rb*=KRShmf!KG6bxyaBjXxr!}JDubj6_FyAKStvyVPoaaCL+vwkbzd-<-m1eV(QA zbu$bY&z&a_fRYFAb7R|H8*f?1f4)s(ike|G7t~3BW=x0Mi#gxua(G1BJ@Zn}Rpg__ zOo;plb#)nbVdmkn8%Gy9A@MQ%d1S`Y$o(`)I}RYJ4cT_jnP-bDnR{s~KR?1{*txN0 zKt}F#O8TR-Q@BT6X|H>`4UO)AS^ufZ{>Si2N3Dbd)K~pE(GPZj_&pb0+%cLK@pIN* z^KKvb)lB@Ot|e-AQ<16JqNcF7iVkII$@zP$n3yKNibk2%uB1Zhw#J5h z-SQQ$yLTIOlP6?QNjdWUVBsr}%;L(b?vE9a&xL=Q_t66bNwvqnu^BklpKOR}Bb-5Z zcyW()I6|t*(;a_rF^dC5){YtdcHh=3xB&QTrcwCf^g*XdHg>ifenhWIrLxtS@kwlN31JOo^_R3l*ozg=a4^d`ox*DcLMKtZZ0-O6!b;}#_WSg z$X_tWdCaQXmUxH?gzGnso4+EBWf$by>0$4Y{Y6e6)KO^^=GYU;jcp&Z)m_;(+jUxM%~cs^WmS8V;V?_BmdipxR}azyBuN?><3%Qh{~H4rPS8cBcyWdVs5r{ z`p4&KKE)M5Oo-d0qTW=HS4sFbY8dL4NU)6U*N@dxYdbZ1!by`^d&?+XfsTM!xLP6? z?muR^kd43!2OG_+kYTJrhaf}cOE%~0j%wfvQgD0b>*)giV|j@Jog5v!?(Bpn^Qxmc?adP4&`);G=$;QJ$wSnT1TQxG{}_5F!o% z%ftLC9;752JZ%^|Fd^{dl40B@7Jak0`K`u}0v<%;$|SZ}mQ_T`5v}D`F zA6!WsdZ=aWnq0|UjhV@p6Lgb;pxd3|-G61@{()fT{vCR8OqSCzn@9!3muM`tyYr*g z96gObC`1suD6c(|T97jr55}X295){_pZxh)HkzNgG{cgL$CN9ukp|0H_DijE>*jf4! z?!uiE=gl>*QLx{MSH@O=tY;2WJ6QL5_n0mDHQ zQo~luVbN*BeTN3v*_ff_HCe^<=KDzwLr~xN9zxDr#fL*s?*n$++z{v|vo>XTa>S1hf zC9mvcf@F9qvyTR0&M0{J=!J(@^A!)zf-B3AF($FpSTC1hW87K86k@+I~ zYli$~qXB@8{WTLg9IpjqEwKuaT9C)88JwyQn68crj$oI1QLge=%zHiMJVgM61is$ z=TWWn87(im1{XCtzyf7!Ll-SI^t zu?T1r{DXBO(!S*$BI}3Ds5L10t57@6hUowkqu5aHWlEn0Pd4ZY0Pp#(dHQnZ6bu<> z`z-abZYD!PSkaCJKY`;}rW}Q9yeAj%=3(JpU{}1nw5h*S0iV$AOWnt^ajv;OJ>@>y zVX#9C+Sn>A%9C2!(-g;5HN(qkRxv_IJ4dy$@kFk;@w91tLZXzENlnAt6zldXbOS(S zkpkQvI_qZCAKxj>hCO;oK2V8O;1)P~arI{$8Nnk&Tzk+Qlt*w03Fd$QY~^Tm!|f^TQv+RHI^ikstPbrY~dBI16Hde1aot5bHPc%3TO9i^aE)5Sz4IPg)c zxe&w2kaqL0bHu5%dH&-9P}3QVXeGLZ2udUswfzzP@H|R)p?gf9?x5=;(E~U(_ng8% z%p8JY=Nz@Uidhj=V^>m}VvTsrmY#Hp03K61ceGQyRc7Q@WaLL=9FYnpgz8%WSLhxh z9l6MpSyQtc@Lu=6NtAPm+485_zZW_j;BO9pksF`7!)Dm9K;GfUAn?U8-kDv_g2BWQ zL{QX{_=&8gn2S_#Nk~i_i~-2^t;2BTUJD^w*h>)ZWFdwTC#&iY?Uu3jSAgA38yF|snkiVnvvpqF=lm>|lkCPmHD{&@(M*yTyT z5B0>{BqjRDCT!+0WTv%8uqOjG81d`|PxchFoDx`AVw77r@L@u;ukSLM7A+#TtAy&g zSoE;Qc}mY}=26+MbKK>+Xy4JsKw?+Q25~LR{g%*nk<$>a?Fl&OEC=y0pnssObE&%u z(kIOaZuCph>D=<)Qxi2m+^}tX_s?B;1?L{S*p8ciXC++OAPDje`&eilV0>xJ+*a!?Ps?kzzIO+E$z3%#o2OZurxE1kUmPvz(8Z=e zmpfu+6+i_dYypb*yOBjt60RpN){^3v{X(bF@r}^Nv%PX%^T6MbMdThk=(&D+C9@@k zvL}TqNKiAjPEFxLgd*!LX%4N5b14znkphpS62FBS%BHg$YnsHZEe^oE_= zx3UoX0(S3F^}JYMpi=CDV{g7X>;tyZ+}5oVw zi?dr-izf_1Q+h$(%HHiViY_aScdu4nMV$oQ^vKqINd}< z-NgG*PJq<60K-w3K?Iz!(Vlm5`q=T5K98IlhU?AN z7|)X%WC52>vtD%Qvs4dTq=T=}!c}hKDmHhMoVtq-C$EtqWRr#vlX1xaq?Vky{COB# z?z=9&ZJKY*N84P(aU+cgnkC8~ugw~2^Gy-pin|Zig;vZJk}7%LwhS~)aQhQa5B zm|OSr(@ShWTyWT-;`e|5Iei15u_xWnJ3GY{#|qGYnrxXZS>1f>NT&wq7c2`d8)Nxw zEX&%V!zzR~H6!m5g0_zWXwT6Fnj|;4Tk%?Sz)7)qXtQ?ftLF7p*tyM0 zYQ?~xaK|^>uc-hS$)vBNlyZ2db^il6@x%eaNQLX>U3-o9@Jm7NT4sCp<~v-}T-?j# z)1%R^0|%JcV_J(^^B1be#|1jWgZ^JIIA$F3clwcn?uow5v7uj2xL z$MBlQWBLdnAWQ1CGr@|O7oGFGPAW6zPvZ4+Z*v({$gV2yO7yt>z}!y)#FXA~Jn=^2eUymY6tTEL*EVq1^K)WpnEr)_AJkhB%A` z#P-H4{FO`E9Sr{moHoXps9Bwv53sX9_34C;NUK0%by&ohMXiM zooxwlhSzr-qP(Q}cGgVEzvI%gn7EF>6>z>sS??f9_nCqFsS zi$drZd;DF*tRPWJ-TJ5n1U2eX4bc@dZhD$+!jA$IJb7wH$=B-ZSCJ7u5#81dZu3yI z>x)XRd!%D!JlX}4Jf%A{0=OZJOK4%zR10;0d7aJTjn$;sTl0+NnZ@n{6Tigu(Z|;7 z(@VU^xd5JdospFHlGVMtM>%+{F_u!-JEm?iqVC{KyXV@~^|2?e>}+!{-A2t70Y=G$ zqn*z0%P8Or8ne&Vlw0*LrJPn(f~1v)?SVL=$F%e=L3N_LWG5d7yT{&j$PF6Z%&aH? z#LtoT1~a|49hbMeubs3@!&$l0#(e16_PFKXg+6;4yDhNuTt=@*q+SfhAU+=Rsya|N zqg`v|SWaySE(6jNYV{B$eSP+^mGn^X@hc!0a)lgYWAk@PJuQ~!R9p1&ioH!sP`yde z`tx`;H4P|^e@u#o=uO?)w&==fao;-t9SYxhBhkk$kXO14=wPexQ=p!o`fo=0m6W){ z$#vpocy!+S%l_!OBv<==L`aeX|LbC~g5x_$SxV>GSXFN4*-7UVpbq?&licD>HPeuk zgnE5E3y-9b#;3IwT}-0RCAJRxZy7X_le{H|_V&)e;(N<)w5VyVgIDLrJqsFuzgWa~ zrMsyJZWw{1d_lGKFep2eB%}clz}Qizc>9hb=Hr@H6W|A%I{$vb=Xz4CuJRglarMb} zdVX;=_80Zy!QG#+qNnlfrDw?`2QAMGI!+tt=@M9?KA55js1l9a)z|uEAkC&QBk)Th zxa?tAg_}>6$R^VZ{G37`*%KWQ^n2Fy=~X9%h_nV_r@i`}d_^HR!K^degnR}8e;KbT zNp0*Na+C5~zTLcdZZAb{wrBKlo%j7@{sfF>ag@w~JO_b=49-V|o~e4fgwP54WMZbo z3V)ro#9P=%pwkP8A_vvNY`HFa zl!or|9u7QDRwhNL+>Ez$=E#w-*U<)c{D3Ro9bQRg__6i3uU34lD+DO6GP-jvtdbu%3kDTu9`87*I z%Una~rbh!Bu`kqx_{yb5&GE%G$BQ-BjbQp)nAl$^^_>0+wBQgBQ=sb7vFvnSu4-Z? z{!2bG=Cpy#(GK?0P(#xs>UXK#@fh)6x)PE+Tqm=)m%b2R@+1IIShKe)&@8qF(u3Nl zC0cT|nz+u1mt^+V#jN*DcI|L3i$T?ntPQ-@k>k>V>G{|!+5<&ohwJ3I*;G2MeJgE) zs>M`h2PFWfZ#D&>KPntO>znseG-yZ&7y;&4_uCbdh4KN*4u2m6=K}X9=L$HRhW5LUBtyxwy=w>a<2h|O1}Y+eYnJljVnqxbK#pA5{py#Ih_ zyZJ9*cNKmyorNg03zoEB6hwhtv8W?y73t@{ma_o&bI9@6_{bZj4E@VAt?4f`G137~ z90nQ)AAaKr-d^~NZw=s{(Jqprrc+Q!tO}V~$Y*FsHV1BA_YO(Vz>}{kpfP7j&ZlR& zIqnGu?OExr5>|-b%i@Ch=a9>_L@SfcK;;#;QE<&%Ab6Usjn4^is!r*(dSgyM>iQBz zcnwemk3fihm!lb8%kAJN+arDr#QoelH&=L4Qng~xn9)g%@-fU57Y(%4Ke_>qJ(iP* z0jbIQf&)bLS`6K3*==tccAb0nS_%A%+cq^T z{ju2u#`-&~>A${wR%GIK_SPV8<|dKO@KnG-fT5dJ>8s5KE<44 zj$l)3o4ko2uE$0TsGBjvs)zj0mFkvf92@hP1Ujv@HqH*W^B&|hXMlD-56Ij89ByFT z@2e1x{H1R2s;jZ`y!bUnOTe2#iI))M|KZ;0pj+Kqxfx>o7mUds7<~`T6vY$` zI|H(?q>|=B&{ztISB=1ufSERkKJ=oAB<#@=J->2l_%Ocin;kRHre{SV~kRWd=ojlDoyRj4+7gk!YhiB z=%jK1#v7tiXjM8>fjbK7sF_-(U$Ejt)t}BV+b5<1>=1K8B7s?&`t7Wiv^fG^Ri5da zjos2Wkm6r!?uX+W!WsZ-lOV-S1yj69;v{;$?Q_ zZb>_7z%Bm*ZIG(MmT8=ugo|dj3|@$zPcJ_mhbsbOZ36&@O`14lxvT3mvSGrH(;3ZK z@$UDRP9OspGm6nXX8oI0e`)4D3>g_Ff99Qv%VB<`dMRF8V2*4LSv;5Ek#ZlcD z79`sy@ok&U&C%4>EpuP19CC}p0ug7=on=NE@l^W!3S2KEsY@oJ?p_@zQT)xgrzXoJ zjC8?sbqEAxF)g&1C7diM%M^LHtdy}+C#O+hsI%z7S{X+4M#eFz$l(fr3Nd5G7@C>r zxm7uA^JP{~UjBt!af{M@^ExcvNFWtNkFi<9ipDxHjHl#x{DL!?+~QR=@W9!)N9EDY z>R7Aom8)4RPfUzSseoqezi$p8P4UA;PRARA=8UAf$ZfgY6WxYCezdH`tJUp9C%evoeJtv65V`v@8@?V%lpJ`X8 z5)Dxy^`Lj}@4zX(sfjzFLX;ceSX3Lv%A$!N*Ud`t%#gE`Zf&`Z&mxQ$e{q5#zAVbD zrfZ}$uuJna_yx2@H8(rYiPyzw&%57Ultp4N(&oER7&L6aF<$WzbWRbyi7Q` zI?^@D8Gp1UgVDO@W|zopJkO@RQ7YC?ApBlwNo^s2Qk6M;`^m+-pOHVVOHz(CrDL~* z=_a9OE7u*YM;PbYL+Kg0O+-7f9A5(X17WIMg}iMIKe@i_@mCA55|~O1-13!$|MlyN z=qH+_Py}-o>UDzjgv2KgY@h<%jaL0X&RIO_lRv@5ctnsOqI;;mDbY@{kTV#>S0LQs z%}YkBAWsdn0Y$1~gw~C*m?V`hWz*A5CMW)k60yXmKB!PPmVDzUEa>g4=obNC%tE;k zF+Su}M|oU8``1C9Bz4*Cll$M|$=?udUVRkgwmg@ft)Y5#b}6qIWD*jV4jw!FwkEX5 zZEVpRhkKv;tE_I+=!- z5wj~>YdJ6P!EA)cyub+CdSPw=?(r6J$4aMZT)}**{!~4-RiCUMF^_()pGUZ+e|?0qUb_`VlTxNIJVyVkJRO#h6^6@ME=Hx{r2`hI>Fr%6?+EpptSG;(wyfo?zWKG*=FqXoxu2Up-j~14W6#)WoO3+=QNGSS zJ09jn%R|-9^}WO$B|+YkY4)f1DJQl<=y@xLQ^P9MZ@U%C8gRQR_;+=zs1cmHP07m? zbstzg0Oz7@E{dljCU^lbJz|rPJv_+Be(udi$D=N71DpI|Q4VL*_?%c^Y|k0Y#FD}F zuMpClyGc)Y&zz*V)wuy4R8!Qx&_8wvWfGiDQYtD3CeU&+`Q`mi$k~x2R^@iYhi49E z6ZS?&i!X=vua~r8WMZS1djpgiR9h@F{tPTytUmSc9~uOuL;=>mOCj}Oeq~Bf&k^wk zrh?S{=4+_yw71=q9VA9zto^2|4PU4|)2i1u-2|5Kgg!qGz5xaZk)!^vQrJ}y4 zvV-k_=ERjcXAaoH1V9$6ZvTehIl%5-FWc9Gg8~`QB$V(s6aHmLCh4XwF&p6V~dK=!a zrr#ND4=s-9<5WK(s@MPU-c^(0YDsW33S6+Y<7lC=m-91Nfqs?GZHDy@G{$PbjT=`K z4vAj3@J0#bCJ8VU^BUJf53bX-=~&5NhKE&=qP_6=eQ^6d?EZ5O*O<#hY^qw*HPfB4 zj{}5*h*G;HexKN{N>C`ni0hOnFGD>4E{O)=z zsVaL$TJlOVozkvJ2-SOh8oiy7%0$&NbHhC5ZNTd*y%oqCJ*(|IfLRlU)T@vO%Zlnp z05=Tf4sCG*{|ut{j+v^tu7xtv!@nk8WOdv+F%{3Iphzc6kX5*o79%70urg1@Z^29Rhxa z8a3Cc7A9%@bo=33J{s8zGT6%uTe#plg%sXGXS}DD{qr?uSRb*Mu`uUn=SU*p@ zCQ&xL$X>ZMCfkjt(OqiOU531q5w-!?->H!gXG;=9Qo!L+bC-k2a$V5Bp@6YqI_h?= z*GdJfUwjzA7XFS8rc@X#BV-=Y5Dy!+93$M^@^hgIA{u!70haS>B36=zxfD9o)FI4& z1FdD~_dt;hJq=i}c%7YX;UNzWV52cvW@e){HcDQ-k(SG(14Q?Jaf3 z@h6q5gOihrv1gcAM3<}5a~#~Z2J(dj z>@)H(!Qs;(^s>(?f8f%bs1Td1m<9|Nua2I`Wft79J67~}e4jyRUmnv7IK~%FFeBCn z@qL>ucSwu+&yyXX2znMY|205twY6he-vC#T8S91Uj{?Y}#>#M#(O;%gBXK!W|8OhO zY~E^NMKJY&2Zy>CgMr;eec8)ToM7hjKeyn)x7CTy?Hpi&j{42jw6;UXN7;(D$3uDI zq4pyw1`JSM7Xb(@K(!hnj-Bfv7_Sp}HW1cLUO)Mho{d!* z5E3xL(MQ@tzV3DGtF`_}4@<8poe^Tnh#QC%&Ou zvA)22nf(Q84eWOhr|TecI;6N>gQID91w!LMVp?F!*$ZHL$(eYl=Q-ZU$JNt9 z**2G5&&Zp1Vp+Q-`HPp^PiXjBmh;-Kfn&41POBNb;ekKX9ZqM}z6!G7d+hZt5tzwu z!=6W3&q<-ZEsSVB_;@%P{bx8{al6y~;GN3%MKh1r$|KSdXuDbhzrb?RU$aFOaPN`m z75dF+4Gxn8!49a_($_+D`oYsr{=8J|qv6nY24R(Ltn*)zv!4M)S;bq#z|fOKZjV(~lG=b!seA8uc*Q@78yGQ4l2be^<2*?9Olva%S;@CDfRoS{3q=w1BX$p0%YWe`iG zS`YrEFC73Hdp$Ytq(5h#Z?c|hUX$dJ#Jp;LTZ>4s%vTjwmeKF=`_a9W9&p4n_>PYZ zTOg?)NEF&j4Poo$yYgdMYxt8V_Q!k(-Y%Z;2Z3DvGs9+=l*lWn2h5k;F+W&1M`XTm zpZ!h6fdwFFh>zoqF9I@;clp5)@mh4Y#BG3XZXycgNOvWRENs|u`r2x&+PZ0t>1O|* z`~_#KcAl(9j=Q`vMyHS_+LwVT1vF1;xXro-%IgT2kgWkd;T#*)#OV}E)LFkRNk(olX$pWbZlrLhU4p|9GwH?`z6(C6Zu4e9Ty(d03{ zMFQAosjo%HgYlY)g(v@L7|@f!yUM`(rYuszcN;dSzyNx>u+58FD2%c;r&Gy$YI`*< z9+Ub%`-ZJ?!yhlZ!l%cMm5!e(ZguK@?*8l|*y5Ij1H(b8T3l)tgsXb;PFyx z);N50fvA^~S-Xg85vg%e&pDK30yCSo;sk(>(zmC@zeVUh%(mbP7u+ZZ?(*Sb6du#p zt@8}DO8E&0Zh7tZGoxFtXm5r=!uIk}pf`-|%*tp?ja9*yl};;pr)?dBOuTo(u$`c{ zNT`2vnB=kjj7+x(vzxX#bSG@IHI}hKp4-v4yJGx3OpEqLZW#H)v8DNXIhtA6kr-e{ zr*a-!ceJ70wqGE@NuQylnNK{1Uz#-tg>h>Hno$<xafN}h^SFDFe z66;{IWbLH`=Kb4D=>A<_DGVp)>>iMaEvynoE$PE{+I2UsnhfL@XB4|KEtP`%CtI_$ zUTvKabgvEPuW1j07|~E@+#CT^#}SqMprNh*rGp}xrw6Y= zp~o3XQtUOrRG_EVl-}0U;L4hCqz|hcB*2$4|M%LKDMkw?pv(j-^&4Pj`0u1uUQI*4 zbM~=lOr;sXBeym8PoVf$vWtpajX{ri*WoB(t&)U5@e#z!P-%8nEr7S3zq9$o3laei zBGWF9vvzC|3XPWWvSu3np@20}MC1&B=r&LJ34Kt=)l>;g1AKO8D#D#LmMv~`p5 zWXPrN<$ZUQp>_|Lh5^7e!>&H2$%>jmKDNGrl}Maa-$pr#%5*j$*R3+^Xv`-RMrDx! z>FU%q@pj!SM%pGpJRU|4I^M<%%kaqaA{NO%>;}4N0wm)B>&n970SeM3751aHAFkOk zqg4!ZL=^F-^8yZu4BXSi_g1IYCaFX;rWgq=v!_cU$t=x|`T&kEsRiLtDgqYfCtuTP zY}09cGg-f_asYbHnUT}lMf-#&V{Nbk>0tQcq*xAvQ!KDLA zn@yacqFvVcmgI1>mViRmV_4p-{B+hrgl%UBINwG~1!*GfR@(!kb!#^oZIVfRBc0*D zH_lOn_w@v34*=PAq>5~ZdpG9~nC}dUp&P^7vO@jIp|1T+YP~4U9rdi3P|mCRCPD`g zLBax2WQPRAPS=MEtQBw}x@jt(M)|_+%pd7(RzkgPsRIj6*%_u~54p)yQT-pe%sX^( zL8zNkejY^E{Zn(x_N3P{Ilsdt=nbSEZzT6So^r8U905Nd?69muK$TmpIL=&aS&gwq zlNGv{&-d3Ubw#v5b)}CkMA5UyN@GFKq(#MD;?^7}B3QtMxos*>HWv9i+g?BkUFwjp z;?N5kuzf-%LDZGbFV-V_9B=Dwbw56M{rj~!%HTA0RxzKlOH~P2_4UtdJ{1xMc)ZIq zHVEh!yZ|{G9NT$QCFlKNCTi!;(kA0uQ@1J<(nMcw1?ru zf*PDF>vR)zOkAAQNyk;LLV)g^H=Pz=E?-1kSs%0?`p7qro&D-7 zxyn%fS)7DCX`OZ-ikq?x(pqFc+3t^d(~BN2=4w-}WN|zw=Ein>DU(>vMJzU+uG2-^ zT^@=n`13mKsk%&`bsYHb5wtvE3#<-(KDSV+uW1R8X+?Br!PG;RA^p{~YCwEMsrMr-<~09vbQLnsm~R}8a;MtapGbXyDN z^2Rpj;cVRbiW~AJO1X@=ChZTbQG77)ZMd)mx`vY3_w2um8safjVuOf(mf49;MS(}9AEVEti-ii zpz2xFG6=bOq&ivb4(zwa+MPVu)7DtbvUo&%DMa!f!S5Df#9{gqpAXj-zgo>tnPd0? z^i}itBXp8cX+>#w{wj2|4gAZ8``&8{{pCTW@M|M|4q0!JAzU{LWMVe7Et`en3xGn6 zS(JQT5`bT@Y5GYHL+o~yb=DMOzr-D(EI+mcyii5Y<%`M!l_n>)1~8(OsV2wfgO>jh^0 z=sbMDZA$X#h0ag%SdzuaME}Q!iI+Ele$kUZ+8Lv!{%*;hwyYbY))MjU21q;IJ-2yF zZ_jxN-NjCuT7KYC&+oly6iZTS7u^3tIf@uc2PvbtYNjXVCqtBwQT-?tIgcQmp&}Jz zzC-o8i@8%oI-0W`7fDV&IXjglotac7_$q_L{+q1b8(8!jals|CCYrjN{{7Tr%S<#7 z;0vr|YF*g|k>Kkby$~ET2gLU1MeQWsqO$<3`Gvp}>6X+d9I0rdz-^-oHo)_eeTcZO zD%!(0S)m=JwK0R1+fz}!5$i5n26?ZfJaBFjtjdc^R|~8pMeoFaYwi~8c7%9iZwEfZ z}eJBj@>^u`KSPQhBGG(&@LI)7+N542YZ zQFvtAi)Nq;T++Z@F<{G!+wOHSde%{lwYcNS8m%wQ<)r}9oq-K4n3vQ!}~>aMdOLi%0kq9!zh=tT=niB69N;>^hNKv)`s=%!^Scsql6UML&FbwT+FDzOq&2 zDP_d#P-gzyd6+Q!_6K-3XRVpJOqWFyjUy&)AM1r)t6AN$HK3J6dzvbiHS!>O|K(*pcqb6+epKUn!97I4$9k}sQFjuVmF*ZVhOzVuUS(=vSIjaXGM97t5#?&z zV$gt&=)nB)ZLdOi^D}%?j_9ChnZ@qZnn3X|yE6@%Yq)*Cz5C|D_!g1IG3Pj&8E$%O zF>1fMRxV2O1F-9Eo5;F+w4rgde~%a%nr#%@+kdjm*E6%sucjtk*?*k~G>!A3&(9!GXS^cSZCFy@xUaFibMN z6q-*z5e}{B8p!Po{aJy~6~6m$dn?43rs$ud*jY;*TuE<%V~P~Om!EhwHB{Q%0USrP zD7{IX2HHzz8pIZog)8$5@k7hHDjwbJxO_o@ee8#Rgdt2Gn zNT8xZ0ci0tM$FH0$nWmP!A{QtzA!gRkfV0=Y6gB+^Q^ZN-OFd@%hrU>aRn|LM~V9f z(oSjXb1mz!ff@&-N|t7e_>#~YxbY-;BO91z2{|hS(lV>-ur$p>pk zuL$a9BRq};8m^NAK!UllM%v~J8P@YYFz1jI0GrE`*O7>ueUOW~jpKjoD#B&i(lOQ6 zF*VK+L;t^}i*sX%qlh^NQENY?ZnXvqH=#)K+mV`WKMaZ-peOA}Z0hlM0C)LE%P+QC znac1yb^M{bunh{YZ=M7Hwftbg_cpFCm3+a}bVid0P+pML@$9hk?K;xSHicc-nbiF{zHxz&pv!6(W%;BUmjH_F4Y+}#55RqKnx z>G)gYpDRtK9bZ7S4BNL-p}Ejn{YDu3Kuo;5ZNELNoj_uvD-EQ=qK<9{#+=7~0W=u<(S5Wdguc?#lWux#wQ$JMpeI9sr*m%F( z2pUs@SpQDL+j_2N?5oQhYotsOOR#Vo1WJMbj)Z(qzIfHAPeIJ6CGdyNsQ|~d+U{41 zR5gcZ^}hhoz;~E3Kr7M2bE6Lx{++zQmQ?EoG+gPL_@BEgzsHU=(@uytGB7(+D$0VKaZ0I#;yWpty#KfGDi_n$+0iOprgel0I6QxUjE?Rk^Pj<(XH-hIUq|y%IelI^B^!o&eI`%!?a|^!xp$ zfz>qLtrYSdn8%394rz-!v5P*tyYu;S;mqZ;>+2*>^}hz&-YAs`|MQCSlIIsEr=9rX zPg`S3%q1Y02q4}&cK8$Ja|8L4W_$~uKcs-qeH&7$rowW=i}nydZF+Bmfe|sDaqc=w3(yuFm@NQ0U(NkahwiHORnOsbUOSJ@jaBj^T#pm|; zr)F+MdIsscjqK*0+|UbMB!E_(-p3Nqwh;?of~Jq`f%&3+bV43wKnfdggr?g$8ZMR5XvOM&+v-Fs}^qq~i(c@-UIxjyK@VhVjsBe<$E&<~QN^DMBo1d`czGE* zorkbc`QQSD)#|TVzzIH?+7{Io-)m=#K;A9z*5txl?5}k0jb{Z*56={Uu;oXlwK_P z`A3So)ZWR``0Qlt(Vhl%VQIVU$o2qo7>rMN2O5LY#}BbWfd;wR0=Ga&66Wn3u;S{Y zY4z(u%QU_(QgGnFH`{1xK)xy61hnme?Y?lmAjN=oV6ya;&m$?40G=78)pM8Gb^_Q#9K-j&EkMf2B49RE4MgZ{ z7y-3kwttcZaj*mJ2<2!XYQCoa7dBPEP}73Nzoa2A)aCIb!U&XU#8U+>C4pixV)6{U zOYS-U!jBQOC!dOeZnA&+7uj~d_)09ul1H6D)bj9#4X%tMLzk3q@`SlyIGZ@r_082(L!fJa zSoi+~3p4c0T6hjp3b;Mm*hEri-QD`#R;6x^)Xh|=b};w&Ou^qUi=e61v43O9WU;-Y zf;Dj8WTqN_d1Dcl_s%Eki_12*6*SY_tTWgURx_+(20UNqlf2l(!GGlwUH0y$WdgjJ z)!^%tCbj}U0>Q3*10j@`g?_2>VbAEC_h2@3CvGmegg9on4iG> z1m-6&KY{HX3klYujyCSpZP$`6{?mbML?A-hYjk!~^p&@&Wni`N&V?iGzBo1ti5F z$xBHwNQyzmr4o;*5=yJgq8mq-a1b=ynnL@-aDTrjI|?t_xLAU z%NE*svZHENg3L~LK8=f6>AJ#S4dAiVhY0ERMuQ5pQq_dz<96M}u^Y#Hd8=~=G8oyi zqK6^hXbx+)K$7%HjbGjkoDAU)tVy4KhtFyAO-dr&JuKObsN01t4qtzTV`M zO8NJ}7>wWy8h`d3$g!H*^c_}v)jAnA%RRr)+xz5>m%MEcB5odP3v|q`3uP|?ayR=n zcY6JdJBP|QXKK{Nt#lg}i;7%$5E?Y+Ii@%NX9{#9|E;m8ld)D(gNYr=MDIFQ*|e9W zC;J;Mib3%c7M(rQ^T^?^-P0c|>8d-do%ewlOL|A#8h;K!%Z^ADbxyg<1mCgoUSrR1!EQBtCq!K zHA~8B7Js(>*7z}nnym<`WKbBmqCKLD#@Tmm)k)34*Jq~H*EaxRy!QwRe9>VokX z{mk0VnzfzvX6sI&_Jh}ZzMINy$lJxTt0iavmvrJ~nAN5s+*#|Fvdl#CM_IN^R=?2{ zK;<~m@=L36;H2nrk-T`yMIY~Tknm-bH^_cDpX&*ZMSZHEkSHw zGAp+ZYHl6W+&ZYabx?EbpyDsxL#byPSc(y5&V zDo=F6MK5PCt_AQT3!tXfwUfFU?Jo;poDQT{r{;IJ;vy!cnRDKm_Y_u_Jnxjc524b3 z38PX!YwAWN{4ZDBSqP`h=|8Bas#!`^Z-1p!U#qA3u;S>jq`b1?@O76HoJtm)yB@Ap z@Y`2`Z>8x0iQ95+=1tZD^F6q^w3oW`*OFxIDC}FWvOr%Enr_w=3on-Y@VthvN#`*O z+h0;FS^QXYvDULMl8d$GVy(GYYcAGS&LjDDRs(<1y6;}Zk{33fB~*EQVDE*Ze}Cd; zZ66*+nEFH&oXrebNNhX1@A=P#T93IF{%1nHQ01?aF_?{&B?^1#*g;zHVOj427|WUE zM`V1~to%b6UnuJ_6k^QKg$Yip`z}xwG~REnt}9jK%PrjY+3sBHXPf(NZf|nM5LhOGD z7s^h?nQ=Q##!ei!CX-6r-Bm4pyb(g6nQ+}$1j`C}CvSE4qI3MK$ly)5AV+m2CtJCG zyd1sD4J=>Nk>POWR5JfKFMpIX|2Q-MI5Yn^Gyga<|2Q-MI5Yn^GygdAY{{8tOV0F4 zXS$&?kBy(#L-U-_%;6li`@NB<(r`uB23!lvw2EXEsPD1b`lnU-r&IbI+ht8s%j%?? zuGd`@WKSKN!rf}pT=Iz563*C;FdthmTl;xrUvz56spEbJQubZDY=3JI)_F*4L$`Za z=eFyj>A!%K?Lz2izc&s%i$UGE`?4`?h1SBkxGkZ8zVkm5(61qEZVqhiCGGbQ!d_?` z8~8ixKO`QA%nPfPq9K;8xR}h{7VdvJ;P1c%p{V=eg5S#pjd~pg#j_7{*{gR$M!{LO zas*;OqvX>8Z!b9D|9{d2C%%3MB`-b$EwQl?3nDcosN7qN76Rd>y z0=kX++9_VeVSmkZ{I^IA6S!B{ycH3DMQ7iy!00}l+|4^&0}*XNig{Yaw!%$I^A>ln z*8p`t{?sBfYubgzMAOl|cisS{+0@ov!&dj?RN+ul@Y30PFd0%GAlRwZP+m4(!&}F* zdUa4_SC|?Ix)P6q(_k$t0JiG>8q)s=ZyqCj6YbG?Wq&!JqZ1X*gCyct*LmEs)???T zw?g|Y{{3q53Ye*Fl@d3^7nDwY`Pd}k&knf?@N>h}qc8h}#N+;)tp(l;=FECSW8}um zI+eCvBhEs9lm+-6PISby>m(T8k4EXIG}l%_motRq zFRh?ua)0wL7gsk3IyO_dDLe#=vo;%MF zjZj~uX^Su|+Z6NbmBStGnk%$@g^aR?*)gxJ$}|n7h037RUklzHg=pHFuibXRA>m?5 z&GoG^#)vRC`-%Q6znwVkCgi;p6TsotbL&>G;eS{n<+&L|n_&Dbm!4qlCgiPb0CFqT zIo+8U0f%O--falCS9AG^*gh_eM+tPt4qZ>SyCGS+5~0l&YH9E#E1m^6={VnIpccXG z6bx^+U+0qVR#{6Q>+0RtDqhX|uWlqQn<}*IZ_*$cI$f@ojZ0d_Xl-0U@4Oe>#x8@n zM}Nd7C{}n&xD`0(Fba1A+5>L0{@u;x;P=gH3>R#S0pBKdnT%XRBQwLK*>mSR{dMhl zZur@zt}}aDGx=Hz-DfzYm6%5-3kM+kKYp1ye9CNxV;+f-4MJDUYc$}PxfPjS`UIU% z=AVx`cJRL+-mScsx=Y(@R2C2Whrl#?#DCcToqsud%PsRYrrTCGc1 z*zL>wYvW5h^HJQl!HlmM8b)ppY8$CTNDq7NY}y7$`aGD~&nhqd2jRSr{BNm-yOnNb z^s#MH_K|CDvW4a@@;s(t8m~+FQB3bB1Gz=5t%w5}g~vf8J!a9pHV0X`IRB2o)_?oT zQ;yMPqi4g8UfV=(bIq}aR}9VttRfG3h8MxJ_twUUO34J1e1!h1wyukg0^_>S`6RHu1g3t;p>(&A45 zylSWJuDiXjK0Dd++eUrDworw6bbskqn_lCmIy531DdQY6Cy?rn;Eqb& z3t0MSi&l$UyjGX;#<9p*U3tBTc2Fx?q&a~{UQ)54o&M*{_kT`V#lmxH z19h*M=?;fAoT>;YybbVwU~qE2Z<10P)VWt&w!m0Mk&=VrVix*$&3}OYDf7P2S0xB_ z9-&c>0egPI^2xG@tLsw?PVV;=fYwYj)FF($Hdsa1*uH#wvra&E8_<*gebJ8{25d3F zt(ZMpr#CGXq;}j*=e&*U$$tUAqG{Kts!T;e@|=v~KEnVFG!+W0-yPg~UwPo=xMC1i zTMf++0Zu$&Oj|P#q2175#QWreUv1#8N{L3CC&)kz{TpspA>C3P&Ef5J@g3#!`GYyo;5^kbAQhxzh5BE$pL;c zZm?`7(E*j&f^3^}Yk%nyIxq-8^8R}8M(+)Rgtw??kR;G8cVnf{RnYS4u9`E_P}TE+ybnfs)m=p z**u%>i^h1d|7xu3eWmm=8Nw8*J{4aJ;IFI(`K8QvmvD?GTetb~Mzzrzu*@Bk1UrNZ7Ew6knda@Q>Odu;5*ouvCpv zU~`ihCMmeB7JqKPToIl$@$F25Z{)dg)rECgl|UOZi1bFt`-hzGlQsTi%)uC}KlZ55 z+QJdiz=#q57P4B+Uhll0B=Wn{D*F*&StFdFQCbiC!ZsJfD%oQ0VZZPPq1CA`{pHD1 z+Yt6x7=~04>0M+v_wbPm_KlCs5lOJ-vHbj5d4-Os)Y+MdZNetA77C8lN(qUSd?dpofnty2@BUl-;S7ebdJAJQ^pH z{t9TZ$Y$%it*W^tbL4?ieQL%Bh7ZLE--Grf(O+EPx3G6>4}zNaNz2ysz*E6+sPxw$ zd{V66Uw;znOCnq{g4M&65>6@w7Bm*x!Ori=$aj=Mz?sQ{(qQ?XP0&{amYs5kgfD52 z`hpTNYA1Q{yU5f-orCJ?g_u=B(FDOF3}+2ocs(vaQzDjUm!G`BorD`OR@uXg?aa+f z=ivW5C3KUk4VbSH-;*+U|J>h-0b(9nGZ90M>wk)WmzqIwX;WV#z9(Do`S_xQ3yAUi zx-wrda`m`LghlaQo*ns^Ey&}SKY6x*;+3ekVj#`9jgcGX!_TXAHSKf@h|ifVFv=4# zz1H2m^-b*A$_)BK3=F>1>Ci|t=9YDx@u_8MqUvgYMh zo3LtxwGq|UY*97_YJ~x-@3CFhYY;xkn(wcAjOjwanMxQumbd`;o>^1xDE*+)m1p}!0XHN z0g%;O8K9J$P|0GjlD4>HF<9ZeV^Ur)FZsFTmU8jP%+KZY%goOuMun1H5{;5*6o1OG zK#mV`d~p3P@1VQ`^NyT($(ff#qa+$7*M3U^QSjot{7Cv?SN@~G{5NmXsXu!&@6C3n zT5TC6GtH_2FS&5>A&umfy6Dt}zB*d5MUc&t*to_Y%Ux6wvgj*f7=E;|DP!-Rn>;0< zACg0=)i6_Yt-5UQK5-SF3_jT8;_P>Nut>om|?)-gj9M%DSd^@F<9v z!9Qy`zl}`lSe7VIw#TT}=MHVNiY*M!gT5@e{Stk7)^a`&Us#v!5j?Sa9Wqi|ZfG)< zckN$GH~t{LxX=o9GG=*y2AS98^K;2wE6e?9aucRTd$V^4tm&GKrGEk%!@`|5kC;-dYPrcWEhGI;zFs%h&N84tWEFG~_fiJ* zLTysh={Ln`+{zE1)w|~fltCzu$8xq+bvxQtf)LRv#C99#^413bKGyQU2?yj!fu;1^ z?k|0pO(R@k5L`DE;%&T78gJ=c6PubAT7F7YkbN>9s=r1xAB+F!yU_YwwsZ&J9hH?@vk#`GG7j(AXY z@SAMX5`nKCz?HRlm|lgI7$+hX)T2 z9v(bA_@<8eFz^P8DwdjNxq#K|e;j|6Z#(8W$WwCnvkp*?=`D1OF-q0qVz@xD=Xq9N zSBri<==Ht|@EqB7L++N0VJr`wz(p2U3)RH<0v&G0E2kXqlz-!W7Wn`JCKwtb5spA_ z5u{~tyYRq;^tC$d#Z>K)kGGePIa9EaO>uxRm}*QBb!+R@ zNR4CGrQS3r^;CDitGK}R;qf!#LYZ=^*Ch>0a?Rr<1t+!_3xaL?}jbyZ& ztKPl-UH$V$i(e@_HMzAC{z`3d2`OFTkMFMyvVVhMrTp;2<(BhL7bLfI0N&1$)rZa5 z7o#4B{I@>8Xh+cM0<=YZn@&);;>n%`3rdw^uc9o7>Y;;nna@3wXlTkKSaO>S(%F z#XUlf!nd)XSu{Hh7Cx`IN~q-`v|3oW)sfLbZ2^?MN^u*v#kK!>eyNxJ;`w9zauyxm zk$-)F!?{~??e4}6WU&&mhwACMc>kImc)yT+E=|Kf$UbKg?ql$pZs6H1tedO`NM#I% zi0a9aZS~u`J+IK>IbJ)RVP0{VLeGupU{Z3a6UibZ*ordO3P10rJNKeL@h0xv=@WBX zQZxcJUk)PS!!V7dTdtMr>DBfNWwq~Y)PGOcn2*FIQ-^{yX}T-81|?NC6jzCu!EUEQ z{tPZTJ!IZvxvfnvtRl#{)skJ>TBCIw9+!TzCiC6>y=QqQvt+IO2+!oy>AK|St_11B z<>H(K3oo{c+u-7Z!(eaR<-~=t`&>+otz>hvK0+x$h4`trKaIh1!q?(OE7y-#D1UGT z3gzo^MYcH1OQLiUFbflA7ADLrOqe;Xne&=im@u<2Vdh%IoO#F0JJQ>l8K}(c)jO|; z=8{8ZR1Zi0UX{s+drutGA}G!yws-tkb(v?|zIk&c@^JLw=nu)!B5HN2Kp7%VSeF!C zDwrp*6lga&IwR(u5py5E!G-L(O@FkH>s36UXDHb-l29cW)}7weZ}3HkY&u{1aTfG0#ZB8oaQUvBMq#kXNB* z3#LQ8%`@ZHg428QOv~rBm(0OGc;*87M6bWobS(<1_z+e^r#ZyY2uf|$f)uy+N&g89 zR{KSU!(hMl^!4wqpES-~X+F`TC-OzQfVBZ>Lu_Sj$}ryY3Q7#hiTG($K$o?26pfEBI7+=4XUP z3t(e02pa^zg$O;c>A9Cu0dGNbjsW;kgC7IRvyWHvxkqU4mD>%4NSN8zx`p#O0pRD# zN)V`1F>F+2U{NU*-G5Yq+f|3(^snme1(=`P^>;sgMs0G$+I7|G2C%&h?O;m=I0%oM zX7RKceN!@Ql<=I17IHYyilJP@y6>3;nYT5~=`#AR+uu)@(T^b>SgEY3qAbA6yzhvj z>e#M(#DM23e8D3gZ!aG8G#UMf(voe%6)LX+rEezQMBX$zj(_r({eI6GlhZoweWm5} z82#f#OZqSxUd!siGPIl5+9~;YmDO+`(fWX*b-EHBS$;0`4W3%0YlYTb08mz*@hE*( z-%Z=i(DyVMI!%U-e7z!Q!&UYQm1_&xV7OLk((@IncDG4T`=?chrhfppGD@e#(0yiDG@RNt>e8ZhFD0ejy)X~zd* zk_l^v|2@XAzQ}hq%T`DNZFTh7|7<2XJv-i`9yPo(-hXp@c&8o9keb`NECU(p;x`jZ zA9VluY1#3?_-pExF51}k%#+53@epjHQ*8}?P3`JO;;+-+;NBU!XQ70x8iv+Z5i6SI zoPfI<&Up31*}JnL_5GdaAWnGA#bJlLT-1tjbDE13HDvmMW_;1@+I(?8RrFYgQyVce z?pRx9%YWkG8$y(`7O1=g%{`RTujae#?X^a@%&W515cyszK`*1W7g^`j)4#*&iOsf` zhna)WXKskqP4XaMbnLahmLR97{+HGndJUBu{+^3vVh@Xs_+wJa>at&?+C5a(N2pbs z%kE9K7@4`#4%bj?UB!mH%+;s7{>Q+cf@R0=+9x$n$8Z_m>wYT08o@|PL>Cgwk%c>czBu2<)pv!e4hTj)!Kue{eP7;zCST}z33 zrJ=OPm@hlq?_A#hnYUDMFH=?(=>@{fMxaw9Y-i41N%dvV=8s5#DuJ1>@0+0C9}MNXx>_@N%e1r)=kE zf$zQVGF8l}3|zaFjX{7#Ysd(h{b^x6wSPPB9T6eJn6O1N;}^Gf4KICd*eJ{|=aB!5 z+Kf}c^ESn^b&H2TK1`_Ts9yU@C)g=F(gDB7DQAW8_Yn^Iim|4BgKorY`w%ySJvMIm zPQ3R=G&DVJZ{NrmWFN^Tv~5J_(_Cz+I0Qdf@BFx+c(ql}aJJ1)z52YpQ>R%L&wsgU zX*P>C3e!lqw5|FCj7x4l|9UfyK_vuuEkL&rtKKGgN2{7eM(_lYdRCaK}hzdT)hnKdz%DjP5IF2(CMFaLd%L7wlHWztU7F(KG8?565nD^=+ytZi`9Mu z;XZA*>kJEP;pW@WRj^cmIiDbs(SO}p-~Z7JRh6-|YOmSF3i9yDn6CRQ9xfL@b+O>A z=>IIrp#Y)cbOai_t+#>hrE?iQ{1tyS%4ZG#SfZ{zEYEAf3r(NC9&N}gd>@`$R3 zW!{Ug#`OmMHR{D`$yTXaN|LuHU_G-Yhx2}~VTZCq`{Zda%YpYWg{tB0m$|f+r)udG z6aB}jtwt$!OJ62K1kxj(=Hh2)u)n>h9vx zckjal!=Q#UTz)_xPvOryFK@CLhDV_-{AjPV>aZcuyJImb{)AL~N`3B2WAdWaN41XP zyZAJ(tjj`(htz>jRKE*x1v$zL`2f(-tS6jmt;uRZL)NT4S7XIC&I^{gS+!~9T zjx5M^-h&Z0>T1(x*MA8*FZVb*b?2qtPhn3mhD}(IUC1OnLhv?dQ{fO9qTQZ_=HmBIWkRojZCw??Zl^M9^rS++p>EEAs6g`dZJ zQ{^J1W%m(YKxJ!4y;m{XVX1x`?^DF^@u(aUMSVo1y*q~-MQlakz}w=w#`1?VQ+^ed zPdUSfWs^A>hsqcjzUrW+9==tP{0AI)J2Dk1GUL0(XvZ zvzIxupRD`#!Yxz)RC_l3JS%Ab`TPsg@C#w$Hntj}ZMQD9Y!hW#*Ro8&oXRQm+TG;r z(9jo`U1oD#(ysIMX1yowU0;7$L<@z1L(tH$J2GBH&w=KiU1k2uA&BPe&30Gv6>+=GkYk#l!F6Tu6F;=aHVph#T7Y_Pg9u}Hs zg~sgLpFP!DwJWZ=i%hC}M9{9}g$Npf@AZY|{mWecq{&SbZM0NJw=K0b896(*7A}jI z`Y^d1bxdyjvC|A)J|KG<)ruBgDY(^OR11%1ZC#IQD}&C5y}P5pCz!SM!5k5OcrC%K zV}FqkH|`iNmUI#NhPaedzve&lNBr=!t3K!6;X`g<@ycPNS9ZVX)d$b9(nYJI*Keu$ z$4#?=EHpB2p;*)Tmo)|y$pd}k-}X4o_8I0X5e~?dfe}FQ+9Q+`@bbp-Yx7(j1=_gFH+emNvE37_V86 zdRH{8WgR&y) zvx5?x(2Id_X%yOyaCOpnXV=Ezb-^QhWL^X=Omga(Xu9&hBdbV9?im_c$aWWqMSsl6 zK5Z_Dm}CgB_RX`m=39}*BVt)KJ+f+gwCl%m0Q{Qn(W%pHWa0D-CwPz9)P2@vVQnLv zc>u5-6km*vYX~Y$vfR0byG`7VRVUX>Kf6ChO4oEU^*b^r{NQi5aZtU1DoXY1yw$e5 zQ9{bie9Sr30j56Ki1EOoeDM9@On=|h4Kf>A7#_oBxYoi@pQMErKGaKIdqYPrA8`0} z+Flj*63~beWWc}(YD?tkgQ4kf5cYm1Is*KN1 zfhM%)B1fKf?*Q6Ma|%jjc?arQ`8`#36fxO4Q|C z;@_JPm3Avu>GQLK6<@KyTT_g9mA1i9=#FT}b&rQFcIHn@QdDFP6_ zdTADsCl|@m1%3gx<9`Oc-#S-3i}G+41&KLeL!=(cv{5rFk5(otWRxY1B&79BSZy5!^i|$*eE<{u<0?*`E*|8ab8&n{pl)2 z4iE>31H`jHaLeOsi2^C&KQaIxF#vbk~ck<9rxO(-# zNW0oMUJ1SqNq}#Vgz-8g@$(gUub6ktKes;w#KIJQ{@80vmB1V4uLBn@By((^a6iS) z1*6FPhR%1EOax4*(*3#=#0H; zBZ_HM!>7DlzDE>D_Z%Jyw7wwD6SieWW!M6x_S-5PYJosBuUc*RIjO$d%R}l4b z+k#p#^?$56N$keM&g7pZ^vEVGHwitG4aU5_CTEuKQjjAqGcP%a>|{U)dAZ*0dAXjP zGn?0|9Ci|aB=H|GOX81f0!jRl#2-ogk;ETK{E@^TN&JDA)yO;Y9F399X$Fq}Q*fd& zy`ba)$Q+zPD}0yW5wKO@snY!q#IOCk()&Q|=YOR4xa%*;aiiWM8j5G5jO;ui@eG4m zhtCcVtqY0&kaZL-Mzb=P)q8x9*92KKn-|(eod4G#JJLWlDS~7N$TlgEoB+N5)q|6I z#rO;H_xfdWU+xEkoGv7*!o{jt{ta3F4ausItO~hv0WN;c8gR(Y?2w(=ng6ftLS7bf zjDM@z!WfHh4Kek;nl$=f!vytWGq}VhTf9KFc!6A0{4Xd%=1E~(uX3!}9tK8^HNynR zFaa_yfb7nLSpF{q<55@DX~g0ypvh_*v{DU}ANDNQtJ*yS0{>R(+By~t)8vLcHwd!L4!||`{(mRT%cqhfhCVlzZf%=+1wj=ClCr+ei~hjL znQq8-U_Oy|$Zr^xOpeXaL8EluUne*J)ETzjDpl0Z+T}VQY}B>O5GM{JuR?T8g*<8Grsp0)O>{+v|!fd6<*ZJpj zuWumuBK7IxeKI)KZt>U^p>b})Uw`2?uI(HF)7VS6JT?b`JT?(Bc!YGaA*0mmybs9m z0y4Y+zCM>cxYpXneo8uhRiJ-=wEi6 zhs9J^3~>5zY}#9|eaUX3i`)1DePUX#SM^ZhT`0k8Zxbm5W$p;paucf*8$Gubhuiz4 z@fFr_FntZC)4^6VGE))SM1Mtet^l)-W>z2D;9(}2uwAbb(@Zj9CYi9#zi3=sPme5} zy#}ztA;gan0$Ne)vsr|0xy4Vp%<7(fF` z*OfCxq`UPmBuU+#N!df3Um5pSZZ^2jjhZ5(&^Y4zu0DFM4?XpWGJoBUnQq5yaE_T? z$4sy1!G;e+$P_!ad7ys{^iZ>QpO!;oQFg zyElYdt`0bK&5a$kYJce1vU{TenNifIor7_d`^E~xXAV!TOUY8xQ9|fiw@L&Afc7OQ zzs&u0_veSC0xoo-$(d-MiOb)NNT4^ioOtCLx>s ze}O~-ljFnzcZ<``7zi}9%1}mQl!Bn6PS@>o&o4OTBcI^(w|@(Mjs4zj9ko#n-6(8a zUEv(JNi#PgtTuxI>vvHce4MaXv1=Gg-hoAx0DSaad2J}*uh_u>@Ckrpglo>Q%9_3h*X5F(&|;Reb|3o@ zz^i-;vwRA(dx@y}(mxEMtxqtLqC=-~h1Hc?RKCoumV>s^p zcPj#xqxU&=Mf3=H(5`O}lhXoaHu)m-SKS+4nboXu!UxUHAR2uTB%Rh zvXWh&=ccbZAnWMx0aQMC-o~?FZf=;O;uSrY>vijn|2$i1JAK77(Rrv#%;#P@fa-zw zJMhZPLw{(ohq^1nAOzpsTb^GyhBWb~%U@UN=jVsS<8x(;bPNBn7@@)%ahnvPEuH@E z`2S=<>Q1mJHZ26FH|ZO&=FvN=>E>2MR+$fNKl8BDdj&`ke67`HL93+~AlYTD@Ci4u zmWTG}*LOzDd$%YRu{!6XmW=S1Lw^xHvJu@kN@FY0S|tLmHQUu2(s6ot zYRwo-9#P5=V)lQdbU|?M?ycMCuB=OiXV|knDaN!XkKE?F^by00tDezX^GfKQtlsxv zhKL(Dq6l2ohSqec$g=Wp)-1C`E#yGr|P6dT!ss_7{2$=1$10g=R z$A9>5=${LWPwCmO$#HNASIVrH(pnx0GU`&~6}}Wy!TKmP3GRe{QtqLN<`dNKy^3Nq zEt`3OgaaS0C=G2qgS9doAO6Lsm`{3K-=R-YVXK;I58WKd#3W{JXI)fX1Dwl0t=aG7 zu2C{Ytg>e~4+~_LCe;=hd1H>3<2xuF&t)rDVwfGWb42NTmD0JjbFj1b-ik2mk;800030?7dx&95=Ek_^w|uZ)dmfOEUS9nG5LR);6R? z0|R@pdr*(vs3W&#wAQFSEsd@7@0VmSfNwn7hrg%myZ`6@r+@S>{Qf`RpWgh8e~-iK z*DsFOe|h`x_?I{DA3ogw$BR$@JiYtytM(=7aXcz~RL2n?hogS|;`H~^$Gd-=e);9y zhrbQS>FAF0;q>zKxBE}0e?0tj|Nidu=1q8SkIuLF|33WVJ^;k(=T|@WApOhm_vZSO z|L6zbsq3;GWq*7_$_Xv`62;mIFtIV^q}C8Rv=<)!diq!a3`cwV>HhwgyZF+-7^!M~ zs5&)-PEAs$20s1(0)3jqJ`H>d;`o2MKgRzpSjEvC*wn-of`O`L082H1QDG(Hcz|Ub z^-VRB#gAk((nuCQk^mA%G8%Ct3m?g$=;zU<#??{`QGd;Oj5qQZ(_cNve?H#d9}VqX zYW0o{#GixHn}7Ur_x{0;X^30@)j$7rdjC&<4*btlJ^uB(ox}S5Do2op4r)8YX}&zMYOs zS)B_1$A3w{(O1J(3buIa_CLd_e&R*{`S`DU{C30#j~;#~YVn)fq#?yB?)iIO1unAE zRX?mhvaE*ppZI%TgTn_~cVdFw#D?X%w*&frk?mpKuGpgYOAUUw;6N(^plXeZhPj32kUq9rOUO#MiMK zTD|5dx2{80rsulpDKMpNrX>Y^&=$<(tQ0G9X~x;Qso9B1sJYP+b4Sv3Qj)tg>DdT8p=1EKD5 zBHYb7dPig0gS!>|UB}%j;coR5+^vpy=+4F6D&cOGaJPCM+^wE~yA|SYbusQ%h`ZIL zxLYCaR!_m*3URlJxcjNNcsvgmD}2yfxMFymDpWR9M|1>)I3T$(yv7y~yNxrp;5Slr zw8D8xje3^g{riXC2q9~R2DSNTgFv-!46k8rUZ-=cfjZQuHxC~^BI3lOt=prmcYSwL z0Cj32B;oI)E|MsBTs-iEAmTyCliLF&f1ExMFa-mh6KI7rr1P(898ry21yZYnBVrLh zSelSUeLMr-B;knoo>yTBSycT9tdfKy;(K1hM98A<#0<=Xgd<`RuVo=*(LE=MpA%i5 z6BW-1G67n@rmdU~WuT(!tsEym5JGy&gw-c(MC`@vDJVQj$nog8Jtau6>M7wZf9<5t z%0Yz6;}_CvCp40eq7jecyAS_giE@%mx=ha-t=`qH00q(bJ`H}BqsvUjJ~r}rQ4 z)1L_GU%S%>KPPv;p5FUo__AbUq3GxP|BgjadD)K$@c8a;fBzJ&XkXb1*!%mp3F>u+ z=M+azOh7n?|MTT>d;>BU{}&0(f9v#~f*(s*`^~CGq-a%ycHyfKtNcIWok0ALfYo9LDBwE+-D~1h9TzyrEml7sPr$-oJkv z4pyAcHxKV09^)(MXM`E^Tm$qkkN5tL`03rJcMl)rPvf9M(c}Hcf4%>Nf9=;5f#4&& z46yNA{84>aY)%0B<>BL}q8sUx|Iumfje2pt)gxT(?Yc-BR}KC}-0)(zBlYNaE8aGK z&t4bMY)jL&vr-?9M(lv!?1$@W#i%Obb^HAd9h!iz!@D6~(7u9z3pC*Z4JZC^eVyj) z({II0_~G994Som{`SAYNe|ujI%B<3C{3aCrc2qxJUsFR+^V_p)e*0TIe06)&1`=a` zZ4cGEk9UuL+ozMH*r^)wv0CD>YRC(i$~8qD!Ji;5ZUJB2hIJe@T*Q5+F)`Sffga zuBoV!OqKv$B9SExWmC~4nJ59Or0B?)1hoQf14X=^k)}IKspcq|g6Ao+B=8*My7=rl zBa6?Tqj6dCHBL$_lyEMUD3q`XpAB7tNMbQ z3HIUrPj_$)d3-@v)IjfFeERQS?*Br~ydWf$A$%=Yr#t1YJrRcZrD+_XQa8f2fBJm- ztWKZD(`SA9Z0J%g`x|HRv&Fkoo&M|L@$uoe`=9>fA3tL~e+lX~bb(iSdi&1L5Y+VU zCw~1#Q0%sa&WE2KD*X1O?p=J0Fa4jg+1m&Nm4_w~l&ZFghJdG!cR$^~J^8D3V1){r zhWZWuNMAWcv#j9f4+#!Pt5k!35x!3Z!e<9B!VdC3aCA#Et17RAqNSKlpXbx(#ZTYh z|5G^Mqcq>Qf3eyEo=vsFxmGWLw~pZ0of$eslRf9jUSKkocCu%h?B#@@RP~&y9u*^_ z(*%5WG(b;ne)hQev!BGze)T@X+J250RD`$LETG7z{jxcQ4c6uh>s$ox!QRSH|=+)wL8QWbr2qK&RCoag}w`UCkDB#04E= z)i5&}D+^OO!Boz%#HKBno&m}LEKHAWr^nFrSePEm+A;}a#a7dk!THcoKmLS<0B(wH z(In{f6M8gr3Jc~#(~{2q^S|FezKhG6RyRVt8I#-y8GpuB*cWWVHBLB9@&sL`{!Mwy z%`m5PJEs%P>3qtdz9K#Fv44gW^f`(!p?`iBKZk`KJtFbde1b| zL7iQwv+&aYX*;`MXMLRr8pzHt4tiQ}m0>>U=K_;ND{W#M{HLFv7ad;OfBWvkhx^BT z5lXCkT7PpxY(Bntar*f2{t@{xgu;0WGo<|*>u@D`+@cNc3@h%83ch3kKhrEhBWahI zgh?3ogKk)w0V@^~8IS=T{{DFKJV%B*YRfwA2dbWXvh-)3gJIQ0Y;1T=c78#`bzh<|4gfKMfXL@u*{IGUj-EqVb=X#lte ztra7js^KJsB7lxv8jDnF!vQEsdeFFtz7$`_EJyAA+ibQ1r>C!OylYRB-P;CL~OWFWwG{QcD+Wjs%Z0^?p zDu3_RP!jg)fgg(Sl8!{|fOwi>Nqq{#x1r?b(+!##{Spg`KqG1 zGsk6OKh!V>A;7JFm;zwj>$m=In5hAT+kXptS|V%bzbfy$_<5R{CC<$98UQE%Uy$pD zt1~>NtJ4F7magKfs|;@QLWC`|gtmj3jQ0PPlYN{$*NPIK$A?dzQHM2_@#s~BM?35t z2Yyi?j`KJ;#t9b8oW#HtYz=Q~ooOjJ9N=JNo~2+W;{N$uvkH+NXxWL5NdL(M#(xUI z&=Lq0xv@zwu-l`d7s|2?Jb1NoZ{POsZGJ13*LGBxG!2yZQ*oc-4P9MfhD(uIX}W%! zp^Eo$*-g4+h3mN5{&aKiy^r16eax;fx}TdH+m+XIeP261VrW6QkMrftFInk2&XhrM zb3fC4%=@wDI=<>&$G6|qb)2TZx_^!H+k^PFe;2oRFTa`nfBK@kxWHgfyo@ic>rZ+c zzdTm=aaiU(req8KT{k6Lk}28p6jQP#nUXDMo02U_F|#C7vgLV9$(ARWk}atBSuQpu zThNqjxzvfz!c=x#!=jjmWn>x_%`_~AX;>`NuzxtFVVRhQ zWoBCUrBs2m>Ju0(jA z;#*Ai6hT!JSLHgG5U+6BQ4$YuD`YW=?E6}o9{HX00i5i$*8y*?saTQ{_BP2*uK3HV^b+dfvJT}RqAg@u zX%r%tijq5j6{4mjC{a+#s1&CA7@BxK^U17^i`X3k?gSbE}GJ(%>g*NZJaS zx!9}lu9ZG&fBc8NoqoEMCxA_Ov6k6r&Z^WV1HW8rwkh9_B}xu zQ&>cqvfkd{;~V>isk+8INEdmz&vBShaxb#3B+d9d(m~Pktd$k!gR`ba8BmRq^f)>z zG}v(&$MU#PDTl`6G9DNZ9+xrK1IJ~=<1*rLVU@yh8Anh!QtSNmc+NKfqcrhzc_X4u2{yu90ZFN9p`Ib_ zcKW%%5y(?f9BKYj#nua@?yMMk*GyAKil3UZuDIzf@%GV}iru9C`LG$RFH&Wd45 zxDY%R`cW?us;edlK<&`SiUf+js`+7(g$#>k&tuD!Pkas*T~AXDFdlYP4%4#e;@4PC z(xUl~F^+sO9X-K><3>O$P7w#xX^aIH5P>gzhZi z4dTe7o7j&<-DK;>89fi?`G5}~30OjJToMGh$ep9ajUHSi{cAIm@F@rZ=5SN{ePoCjUE_2pDp^)M2`**)UB_D}FWc(p#4>Nbjm_x=J+M4B` zxR}Bvet)LFmC@lshMB2+Nq^_sk)$W4h{l?gpkhW#&bf9!QOWGQ6;=enm_ZxM`Isel z8Xro@Nq>|DMEKfEC9?9T$~w~(f{VGezHGUD5?qwr{*2uI9J&2cW)K*CNpKP0vns{` ztEhx5qi5yEQ!BWD_q>J?A8P4IbUBj+7f{4&!D-I22hHRSBa=5MCT|#`yn!?Rhdo$nHJiY z$+S??(0%?}{N`5#5_fojY&Uq=D<;b5fPZi@curoyc6ggM)e<+=a>;(2}%! zk|FQ7uOEuxgLGknC}owiO>InB!m|#ZWii)*om_*W0LNh} z&>7Rw8}xxUI&21jOmas6OPey6y!vYgZQ_>MdoQ#{=hb1?b!B4RW@p_6dI-Tx{HN#9 z4V~-CjvNWwp}DSX;nHiX`;5Mii+|5b;rCcvR~D>HtQM~;OHQ*Eq##xlmt1i`m2N4E z_m)+{b!AI=ZW^U=o+| z;eyxIB3@Tfgy{bTvvzg1TbS1MF|7kFs+GjW&?~NNwNBjO9Il7BolHDK-y$mS^fC>Ao3@AAvSoWLZfxcQ z41LPP`Qbg2=5qiPRuc#a8Lg`h=v4!e?Ytt2a_qS_5yQgttFjQYj{g7~Y%5xar8x(* zk^p7GgabN6JM>^HLB3-l6MyVdqo#V~ZrGfg<*=iAm3@x`aZb(V{26rK7i(nZxTdwVXWeAKR_vG=lz`NKnxHrl?A zQL)t0Mh0mY6DtX<7tuzV(?&Y*VnBp>5(;UfL{ia}n8*sne?w(4ynhlvB5h<8qm8H} z(ng}WNSKQAcpEl(k&;>`iDIqh5{?OPuV*2N3O5p4DG$RnTWEf)sZo;U2g_6#skE82 zz?s(<0n#J7MoFTl$rT4Qgo*IMNF?Cr z>xVBZ)f0CQ*E>aNR)4*HvVB1^@~$;&n(NMVrC8&IRDZ`={Wb~HlHWc6ii+B+0unE? z6ynG~xONLkW)dB`I?MF7cTt4x7~bEF0%;xJGU{dQ5!X=E5;i0I>{og|N8$;xiQ)7B zMk^1vOV}L|gsX@1#j^OVmENu397!^cejgi1h0xwBM7_=3QFftvJFG>TDvRxzxL`0e&1dLj{BGX7D$4-*FY@P>z z?Hv^@o(El=2i-ppT09S$efBFopC^`zyUCY5sB|P$Ay`2#_uYKvSTKD%FM0M6X9!1` zA?!yGC>TO+`hT`g%bS|oZ)kaDwG)rZ!k%mARa3g+R-UV7;Xl9)rna+b`5Xk4{DTTg z-YmHD>0z$;9Lr2)Y-5Mha50S`P6JU|;&iG{1XoFqRXP*P6)LNurIOD{kh0FCfJ9wM zei*~-kcAwX!4=fWhQ>0IG>1Ku(LYX~-u(UU!*F`@%YTOfzr-JqgW&rA{%iG&xd`~L zrb7N76Qol~6l$Md?}vpiu>&lL}zPnmo7G$9H{k$xw?+Dg?VD z4!{m9-irdjg!DVEoMeRinEt+hu|g{3OAg_>>^}iMzBsMizp)0v`DUJk}HNSWLiUIRTGs0vA8t#fO)thb-EU<9itS@5lgI@D_dG?sgB{+pa9pU6#KXJiFx& z6)$_pI=s^B>bn%6k^*c_LF1CMqAriaW`908w$>cj!Y9X8ssqdQ3KsB+sN*hYAOZFe zPzFT2lOGzd9Kl>bJlhV-R?QUp7{f8F;1Db973=|4@aHccfB*Ku6oSHpEDVVm;lOC! zv7P%Ohy?KnMSq;AkK(`zzB;JC1aOP*@;C)hDFL_{+)EGNNkrs z8X^_2h>S-CEV7P9zdjb(YcEDvL?af_h5cE=BDy*-0gF_0>i&b%v6T9Q7-C7+uWX4W zUB99!*47k!YxY*c!I90a+JhroTm6v_4xSt7*fggGzB<#06u%CsWr`!F*b!5;F{rw1+oeP*+)0 zD1RC1-1lAEdQyLWH}(2%>b1kvtCYn4Nll>Ey!QlzBnc2Cgw%@<(;_69pAs~h!IP0J z7FK!5O>vAV#W9A7V@!RzO(Bjk)$um`?4y`>QyhP@B@fPkqCB{?*-`Adri5E|L2bBftknrIyOg;(Pab~(~BTu6gd9Ghh&d{5oF9p1Q}za zOHvhSJ31%9Yj9M;2r`Bu$QT@`!3Z*@PC4kWDt~SH+wf+!2MYqdj2|r6)Iv?+4l#cd zHU(je?ow7s!Ddl3n-y#p>+49eS+uoTy+yNno6PD(Uudbdy(U4TgjFQ7cAErk%jqQh ztuTb6g)mtASgiQVe?r+@|H~8KAKu(I?m>5dzkj?RPT7n$eEGv!Ev(tqet~*%%D!mD ztH#0|kS{QmirY7zyYkPoi+=E*9PNK{bODC}r|;3AUBpFxa=osz$QM?8-J8&cK#!9X zMNDD(a)%1OgFep1PS_V>)i!nRc-%Rd7p>-V(;fU9V=Dv^{7Tr0T}%bWP^dSSJU&OzWG zr7?WPCTnHNv(3a_a{tl_*ZHO=*4pEmp0V0zTI(z??M2m|%PEbghEuZAmdM3M*bQRU`c!jDt3!EFXb*2rlO7!(0n?K{9YTMi zsMID=>6*21j+VC}KH7y?_er&OSM>~?x&Ix^ zdyG^*Mr`msyT6!}^2}+BW@%?Gv)F&m#v+UDY|1BgjA*m1y;F3FVPvu+jG-5y?v;3$ zJEF`SD?{)jw*xcF2!-(d96U{l9qfu6`p4?=>zq!6Idj3)(TFGJ)5k0V9M&#^uUi~@guVo41A zDN3EgRKSRb`1v4?IA`u1a^haa^7iJuOgiUfGIiQ!N;MQRFxey6iR8bPxyT%?mB^^W zrcBNDSlZ`IN0yza$;-^LGo`Q9kRD1SrzM*%wMI=Evo2Y*Lb8~o*+vtmHq%mNS)?G1 zQ=5y~p12W_6;m`#CprC6EFyn<6^oWmHs)|D(=P?XqLYw*DZb}bEcj3vGmXLM=p>|H zitkwsqr!)wHbNSYqdv*$mtqmG1*dteOh}%Tve{9}W`o8(7LzQc)JhkmWpsiM4_#ome$+mWxf81f*Hlr7c$?-NwsQjP1Pf$<3#RR$hdNjw%aO!W9ChZ#2;Qv~MCCs$ zSD(zV3-8vo1WQoZ3$cGyOb$Z!!UQl#jrTV_j4(SvIy3f_dY~OYwTZELLi0+Smq8<9 z`n-`cJJ*yxxQ&+c-E0U70KmW)o?fPJc;093LwHJfpW&T~J%H>~qa>pbJi&BZ!T)jH4BI?rsKmjeUBb*_yR zk`MeCa+mzrRGQX#qC9a9XV}JnQ(`99ip(u#%65<`+c6or?dPnsy^CkGxD()-36O$p z-L5roiw$rIx-EYs=yp?R4x{VJ)2-;knI+ctBugklNhKS%r8vB9s1|nDSMpf?b;p^t`H6ZB@_>0;>AvzD-Xh(KwWW5q(}1L1n6;2E$D5X+D5 zW)RpCu~b1|Lm`iggIkF5=V`q8%xVNMjrW_DaUoj9FqFO{$}fDi5+7~NfxZdy+hihX zJx960Tw{OKS=xMNt4{vgmaDA?(dx74ViA_3YxJ2R4PsM^4~EEHJ*H(dxNNprHcoyT zTsFg!agF_CTw}_z)pJp$)BJ-J;VO@YpL*%~_W<%98fo`*dYJ}LhS?a4FdL&7vwF;* z7CU4t_nc&+H*(IYNlA6pK$Lu^WqhZt`A%E#owk4CJGr(J3a^8%QQm7g%H757p%DXLNlQSzOg>Qiu-g70({-|0Bt>42Mb-SBiYW`yj9r^}GY zZsv!~cWUeF=qu?XN{$&5tpD`y_mA&lJQnuIBDB~y>J8&lEwLTSbC$|8sml2OtpCrI zH${JjPi)MDSiwnbOlDoQtt)0Y!y?YGnU&ENSs8899jh&8Wwa@8WGdy*=|*7oMqKI0wj7=r*r~$fDPg=|EFPf@X`yP#|6|Ga}K#O z#jn-)ljMWIMGcu76jAMfRE0*e0&Mg9!9{31AfCe2rjTOS5s@2~zKMujv-F!0kqef7D0gY1(W%Swpf)v-(<`((c|f$XzA4r7aE z{ezIi0@>H0i3PH+PZT5B*LP#L0@8nRTB3GzP3@rQ#OW64T>Jk?@uW3Ab5i6$G)j)y zG(c-jIA2EWs6_36|9ugziQWdN2XrrN;&E$(V@mP3=M;~-#=;W$2QOKqZlwNfOa1XW z#o*l~aHe4orxhVTr;a_o@tDLPi*OVrZo0bz(1`6A{)g{iUThKAbdxJEfh&JVi=ewK zIn|%psIBzLB|j#G^Xwh&-yxi*bac1UCufcgF*`jJ0X=(DP&*a3Olujk-5K_*>nSKA zkFjEy0>gi3kriz*dq4n;rzj#_4|v|kAsJl#sgQ+}NH%zxk%dEw&9xNU?|>}a;J2~g zpFt$?Z6J#k$wY-LX7*f1a%+E2N=*s0CuQ1GeL5R+@oTD1%FKTNsq4Dln|Uh$+`3!h>iig9OELu$wGn z5Jgxlh_+if3XysJTB^nQeJ|FM3cvsnYjM3=Ccjt3TA%=GnXnco*D`;Z`yb?p4ja&gD_XVC^Qe~7*u zD<`+mQ^e0Xl%FzT6`d-Y82I9YM?KmqI#hkL}zXemTnn|T~O zvuw`KL0**w1G8Bcw5{#_ZC>3U zfk}|vKt&l64Mp;U-XZPyN<7@zWZDohmq4Zsh|(-#8;{$TXTC_LF=8;GUn8P6-~5O; zPOUN~47Hj|QEQWHClM&v?DYEebI}+7JcoceS{1c7;>{n5ghrr1YzB&uD8T#5#@qQ^ zH|9H&q$ehS<1w+ggMH&;r}5d>waAUfBB}9MAU7V1(8&>T#k9PZeDw>ai;yR+W5*|$ zL5OvN%U7r1<|)kyF34n}qUj+zA+>-6y?gw- z5SCjvyT=a|3hKQ>U(|btzCex(caDy?jL_}~altcxqc?W&EqVouog6W!xNj0~7Nevl zCvb7D@2A)ogHggsG8Nvy^;mX<|C)>2Gn6ui_35T8oO$8g^=6;M{<$b86PCiE0L`ML zA;v&|eYmLcPD!ZXCUPU8&7c(~_i{HP5k3lx$Z-KGOUDQLNDYa9p(kwpWq4DvAffY- zzCJFK$tV_om1?|csPnB{!m<<{j^Esj07Y+E$+ zESZ>p%SRMj4SVD%mfMu0pk|j}tRbA7{bKEYzu3ZWsB%C7(bPc38*3_WX#;vwNsZQ;w9^GV%UzJIr8~G1#nQ=Y0 zvWzGZvNP=*awK0_d{AO~>~erL8`w^PEvLY-=bA3T!t|>mO0X1UVS*LL94(E11jDr% zO^_^FR~Y~1d}G4%TX=#68mHhI&EMJ9J^qM}qIC}xfF=#KJa&9i&(WxCO>_D4icwj> zB(-TIi~w-E>RV7fztxSD zsGwtY6HSCWcV8$Hjf+A-$GE6#aV%Qh1Z%Dp(=XBLCKPn6Zu;h8yG>3|nzU`;a)upC zQ|YQ1%d=RoU_AD(VZ0)yHTbrTSNfJKK^O6j7_ZD_&%PV42*xYfbY+^8>B_`EnN9j6 zJ!Hd`+4SsI=3pb?|3$lhl^Mi_{%`mPUeCTpg?1}5qjLR^<2(RNFw8@{m1zOHl?ek$ z1{)UJ7_UTnAmu<9k7~hu2r34|hvyJ8-{ZLdnS;%bCwc8kDn49{8yx%LIC}j5N|)ce~tb8aQ|C0O`yzw0LMTFQ&tB5Gj>A_ z`9YPL0Q?y}vAhf(z~F-}k{;+|ppwPR44z;+m5CYr*A5?SQ4QpcXcIF`F=qpQv*5#w z4`rH&IYF11BmAp2+k-mslnh}4su_qW9!_#jhFC<248q5np2j*WgMs`HO;(2ZzNo~~ zQ=LO1<%g*AGE~WbA;OmvJ@wK<2$>nG3=!dLn(B}vf--}QEHy~IyR}NYJ0xphNftte z20}G;UWb@uVZ_u8ic&W${%uYBRo_mKouRmNd<6!RHoT0_6IMLE##9ir1+~StjAVt& zvMrdCNAJnI@z>M)|44cnrHT;3*#a%_-+qh9%pf<0z(IX~M&kxm@w3Rh`r1|#I4J58 zBCgNrRk)o_AN?D!5CBMDL44o#&;z^?DuZCSO4a=X90`>r0fbU%{A6YkO5yv$ehprO zh(pcX20@{5LY(&Sp{0#n5Cx$k{yTmN@Nitve4(WIutRBf(1s*h@qM;nOoHTTJ>m#@ z8>?i{Y49+AsXwI#ge?_A$-e_5k0Ez8q9UdNPvh>kPhAbWvDbXuu5s8NDvdRpdW=F* zV6!VQ&B~^@1E|QPpK&;3?Fa)(SSFi47HmGw|MvJkyTUfI8K8#Z&RkoXYsjWpiE0WZRXMBw4M_wXC22z}y%W`3)`X&q{ijaZZq{(vgEk z#>UQnbzwCstP-vXsNr{NLuad?}zRiICP-OU}}(>5=f-NTfB$G!xO@=De>^clCWxa?5$c>NVZ~# zKl|Yc@`&kZ=AcPD zUC&!OY{7)`_dIVwjW3_KP!i9Z?w&W4+=1Tz-|M`k!xn5ezvy{8oXMCS3I-2#+iE_@ zoFQp@sdqcL&lsOn#sYp$CK(Hal86Q7E*2mohw0CZ1y+!Njso!@Q5NY^VMD1+JfQY} zA%b8cBO`)P5)na{T(U?m**`Vax@81WDKxeN z%ZW1kh^~HA-fWo)ZX2Sfpu{!=%Z5(xvN^>@_ZZ*~kZvS^9X))zXLOfV9(RX=Q3%eF zs|<50B5`&40)J64t7v^5c4TFTI^~3a^3cHZWt6Yl+8NkjwHvDz4N_~{2vKOOKQgJM z-E+8N!jZh{Km?E2H8Dn2l|=%Eyu9O@#6t$&A|}n6&#Krb8AkAhf9Ye z6yxdOwG}IBU0PA=__<)YLaq>ID16@G^~+#A`|QUd1KdRnbPf6no-3h_ixhwg0 zXBU-(s8Blr_xo-^-M4hPUnK8Yx!GTwaVIybQ@WGuoAE2&$!LE9+|JO1+0FqA8)*p^ zgv0c6y>4|iWQkcL?L(Da#UNg0Zb*{csKPtT zfFVIckVI$oAT5#(c=(3@w2IRsEUrVWLlyMM%;*sq*wCRzW`V+g%JfJgW@aFUfF79y zdc+u_N2W}VI`53=oGS*-HikQvdS?HZ}gOEG%_2I3@E@ zchu?cSQuxHM`mGvS=L~=U1|E*roX1B#2nGqt2RHKlfkG<_M+}MrN6GR5nXP|Z>Qr@ z*>uXstq;uQJIrqF&f|VDhxj8svq{K+)1z(jqiC4 z4j*jYiRq~3lWZ*-i+C+Ky=tmVLI*N<)9`* zex3L>{}4S0d*J>(vnF+9R_Z}U><5^p)-?pP&|s{O4OW5sBfu12LqF!%*aR8eCc9EF zEB&vJpV)QcUs0=-X*VJP2$51mQC<~W{h~(`4Z|ZbRjcWg-F$g*QF}vQsN-iUn_+gEnqVFZQ!CzP0&%Nf=DIF zDr(1kOGfa73N))JLTIs2m65_V9hR`j*qsd&SM3vTV|`s?Lj?e24{1`wCxsbsfj&pa zgB$GssfZ7yFr{R;dC*fhzr0E>p&lM2$jl{c$hS+G-I**N}#t4AC#)vaJ z;zi8kbwZp^UnrZPD%vMxjfy4pa4DWhO>AADkI zn6GbtGVz&$nroyLb$pYZhM;)l;qhX9BEK6QsN>q?m^?t(*pM>b|NFWkgo7gZC1{La zr~*?(>aBQx&@JK8McVMOHqr!3tf&{1kmIOU;Kpc z=zQg}*GT*&o-2NL19Z1c_AN+QPCzuj=7eQ`@S%Z74zF(#RV_%LJRDKga}j?fRPnm; zL^BS2i5n&o3j%s{uG(x!pHZSE!Ro5A)&k9j$U_=e@Q^W_+eJKN%v#NONMBRtA%Po| zc*w*jT0A>JlA1PuC~EJ^Ze3Sshz8Z(fY7(}j6=0fIKpAQ!ft&DHf|+(kN!ONNbWp; z!5fL5J@rn{o|>X(j~r?u-Ep?SX78@-=2d<%AJLC#!Nc^#vor=jY|ID$8#z%@WoQ4dXj_&9POGsAq$EI!Z2(c$xS94CDCEG0Rp+2cr_ zm?m-@@C*)V=&h-9W5L~wyfvc}7-wE=VqRt>-^riN_59f)D%GxaJM&#|>;7y;0kvQI zv(51O2Ao_IE1-xKSdbM^B!dgC>J-4>(-|p1K-^B>mCAAA0~}{3lr6%-uJIOsjPkTS z9>W4T^fEzZ>JdW%DweqlUS@(4k!#R(6ZJ@m%K@7aRh#HUqzp~=EvBdM0~SYlkDp|HN69W>UfG|YnmkKPbNX31GOPk zI}q6rs^eRtmYyY);>I{8LPolOGgb>NL+|@xT~(dLy9w*6syyDCVO>=b)N~`PtD-=) z8)01;AaE>-Js2rU4fca;$wNlNawG(R?LXFUji8%62AjY8M`s3IO7^_S^h$&TdyYSB(9lRD6m;#8R|>E0fF`@i3y1 zBOKL-Y+~YHAa}ZQ^po}}<>~V!5GO0xk#H=6#v=*SBl&==g4uEkYjxLka6RTxN&Z9Bd?Q!a3R}$(*UC^NKsn9KB8XR>lm2n%PJz$0#L1ux^ig%^9KJ%0aNapTnPxp#V4IfPYx z>COqU(c&jiv*`yS&#lTAq)=#kW;=(6h2HT0C_)u$w$#zWR^lTup~MY z6_$K&^V%*e3dcICHzWB#mrw>}_s zy`&r{orwN=VUr^g3VO*DN9swNAfUD=$31z@)>C|Pik&2<8OUGJR;sUgsar_~!1fX| zLW8~3%L!1mS1g-6 zh1G^26X>+HLcdD2#{n&PC@X#&KPW``PUXUmF&wO4RIwI?QV5)oKn zS9IT>UW>Xb2t-;&<4xc~ykCHxS-{`yowOwHq~b)7nM(S9vP-AyxjIX_I7@oDS+BT` z%&f~CV_{yJ5iUY6Vi701y>Hjq12aU07?ldGO(laANCMG8tD<*+b<7oyMns^bdw!+~K_FIvN z_!Kt|*<5dsT!2OWw7%j-UlU&U$>uuT`^*fTR7p|d9z)B;cn-<<$)agaR;VTOYW_Rv zbzc35kf;kXj33J-ul~A0FBgN4_FZO;-fT(wSHG=)BkcppctY_0M!@3=%XC-gKyy=3 zBL{#8yG4#PmMz=-#X8|7A@$e+@v?{|HMthP#c#r?V~bEJm>epYT#$GsCxK#WqQZ0R zsuFrlJn_Ulo-&#yFQ+R8I#<%Oowv+`+PGwYGJsfTXzJX{^Fdv5clwqZBH=*+CKqXh z6gi}#1n?7)M96Vjb6An34J(38&!Cv!Llzk!vNm-T>Uqb*7%XiV1EQjaXiCubClw^} zYQTDyIvy@Li&OV%x^|U1^w*mHa7?$F6G8kMxGk_z7OU_46-#&bdQy%LfiCm9NV zPE8|0Mkam*ON|*#tr#zbV##%_0If0Ah^T73L`!&QR98v(9k2Z%@LD{~{qry3wOAnH zwKdGpJ)-;AJt4+7b#&!KOW-EP1QPmVFj!Ei$6!58obRuT*IX182&>{yh7fv>cZ#)N z9j`GC?5kq~i|D`#_`o&@!68CuEws9S2*GV31hEqIa6N?J_9KLS&G$;K@R+P21c`u=7%iE8=`&i4eCY{#e4jvh ze};DLP$=xsk5{LJPbT7#_zn;XYU-n25arcrRunwFJUtZIZ(jl)kc2$|Ny>MBmxVo5 z$+TbKb4qEl&eh^>NPJ|?)S3LT>vPA6aV}g!jG|wuSaJ%1&(h$a`4%l-@%Jw>-U+Hs zj(Q%GtzzxmVb*AdHd~QNmvk^FFYEX3n}j(8E*@d2_Nvd13S%Kf3;Z#?0xmQk zk{#&?g1jE@D7%0!4)s>=?ky#q%+V*87=2RS5?!+(WSu?5l7%wQXb-Mu4a^j7y6;0};(7_=Qd{9$VXyYb?9<(Iae zxR5Z))_TFLqO@B?X^hnKUocY7=)50qx94eBxVTVfFVtCR;5oy^6>aSg7uWB`s@76! zZPRO0YHKrG++}mPqNjy_Et1UlAROGM6L&j{NF+yYp$KabRO$gj8JqSKpk31z_!ZGo zdduVx_?jZn;EQ);3P|ZNgY{^lP7`s86s!y8gNMra0DVA$zwp2e6Ay*W;(?4AV}C|Z z8BfV5G(OZ;k%*o(TbCn}&dAHp%qSCi`8hV?e^_*~RJLvj zszg)JQ)P9Uy6Y!z!9FafuKj81(NbhOtz)af5;0jvBJ|(>R)n7rC~*41RyuK88IeLp z7JsR}NP8y{h)K3meXU=lG{%ny0~r`^Ie>JCCnu4? z({XYQ8T{aB={jEdZH6a07!9l@2QnU_+Lx-j6|&ubjiyrx1EeJ09tH4ViaOemyo>P* zMiy8og)lPlp%XnWFmvZdj|<77&ph;EI~!+SY-jVx?-fw>iF*jo}$%(5aVTVTci+tV0KN zo7~g=n=1khG**1@n-gtA@N7q!vF2wROvam|&0foX=C(;KYpg7i2yM192?7^I68u=Z zv8qix*0H`34G}|q$c#HFe-Cb%ZfKXKJ~N$7ta3>TFb^JPhJTew<$aWLOlEOtWwMR@8OrQi8?gQSzei@zFm+Q#;e;W=2l1 z-1F)MKMHh0Nb*T1jT;`FKD!tBFcjqv-Qwx=c|Lt!PM_7_|J$_@LdRaTioF%1DVFj! zcU&}@lC@VWMpLC!f0#4`!)^^hS1T@S2x2TvK|@f-8@tWmqV^koGSMFjdtRkHTj_b< za8c}ev^W%cZf3FPeFMc8zlTy6b-Emn7aCnf8eNspFY}{%38r4$uWG{BWe*s=iNHvs zTa=7jhrLqi7K^xBowhQ~-Q6l}KUtl&vbn$UMO>;ytkv@SI~Q?HEx)>mcDH_Q?UeWQ z)Y2l#`n5H+c6bbtr?Z*P&o#2H5KIH0S`;)%bu=RnHv_oa(EdfChjFhVlifrYe}bn_ z(brPVviCw4Q#~0` zHE8=XtbOWQc&*pCav65X|MePI7=SJ@uwLUT(N8tHGiqG1J!3VVac{4AgXbD&b;hMM ztK&?*)-(EA&qH<3)r-A)&l$Ykf5MK$)pn9aAEwf1=&DE#G=vp`i}iG@)`HeWuv^Pt zbPU(JBa>TbslZF-;^=Jf^b}iYt=aMy)B>8bIn!;SGfQ85lAdjjVsHYf0lUZztVA=A z&xAhCqqqpOmRpEl&?!RFZk8+-VaPEzl(@{T9c%uACJB*=OUR_o=|uLpf23#KRdCa< zs!-#iSh3Lmq{zWs|1-+^pRr5o!B?$HWlY|qwf-lx*-RLLcl<+p9Dj%eAnSj|y`GZDtyth|9-vs~_{1iMC$2&}yBO%2LStj< znTh_o5`KyCt|>6~lv3AB$GHeLJ@e4lZ9MDYRK~@gVgze=7|N*CWZ{F87#BMPvpy<| z-x+++_)sSCi4n0Qd>biSh<8m9!?Ct%B80><6cf8lJTqb9nJFfoDI;Pp#}UJR7ZI`J zdsf9bU=>xqpV2S+coO1a$M?L35g+PAKBGR4<|IeMjzzo{oReQiBY&qb*EUAOF0O{7 zHW1DFaB5TL7|5D~l2Z-F9N~OSVv-(&k4btgrpuY|!EYCBu_H!I(lgiDa_S^KGs~6} zF1-{Zd!iWG8e?SJn9HY5oHNT=dKBbOrgkf$kg_XNyN24$Szemf%!qyqvtT2E0Zerrj}tfK{}IpM`}ih=QOAI)-3MzQpnNZ zbk9Ld_Zf#hqKpi>QdpusfxT_s*~6YKFhYYN(xkW z#orf_DO;+#I)AD(#p5teT;wImAR>4WV@aws!9-W_7>E-WOx7_FaU`M-=aRMs;M=j| z!<%3jN*srb67R;Wmy1?IWkT&-e+qOh`!kF@!5Bu~%n8PH&m@Sac^Glmj`@~Kfw2w7 z%Z6`Qg0ZnO02(U;ppivEx66S6r6}m|66%3SqA75_e}BL*=wp*2qKL44H);y69iGs+ zYt(%M6JL04O0f}=NQ^o+#BD0!=R33{({#DSKB73oR#`$RIXq?LdUd$Y+_*(!Zku9C zU-Lp_)osD5I77 zCOh5{5`VCQoiJ^LX&|#_+6NORYEAV`LuzFjQXVeLz3gv`pYUDI!$oB|t!*-2u4f~q z-^y0ZF)@=Jd0y9)b+THLw}o7BdjEFWS_GK@K`xK*s3;JG8XEy z=sxW0Biuh3K{94l-9=kT#w-g>kiyGLlCfxy4%am%NgiuscU32Ij$lD6o8l|l0n;g$ zB!+|yVkicYof%qNyU(0Y2=j9KnY)1dUln+m+8Mf zrE$d>ed4f|j7=`!i)9Bz8rYhBSioLEzHQVbWP&h(*7^!Z0u{WKuBkfF`1a zVE{kF!Vtl+_8ibemxsL;g^kk5bkfOm^~rR2GF^KzcgthWSn3IvdPyEjzspjeC4Y?( zgfW}4m~~Oi1rc+?UZ99M6SuSxBjzB#zB6LZ278}(nv-@~jnu^LH%Z%Xs<+>S+i%)& zF=&n~S23l|n6eaTZehycfbm2`Ik$*1T{?`~(uaa`JrGL^6I2TffN3PbROI$FDeqt& zU|6*{GrT(BRFUxc9)E!Rhh#%Z z-f`S9{=+#Fn!Z7sqnRFph)$ZwpaN{Cv2x7@3ZtIH((fR^^d~V2372vT&C;1dvGtTr za&rR1$6M1E2i<%H@R(nXyV*lR^Q!4cX)&>9lBkVcvFC)6&8Zc8CLH171BpE+#2izU zm`zg1Qb;@kh;V{fcpAl?QGcN0=0@xp)6uv&7_6&nZeZr$X!* zC8i|Tjq{@zw@#%NWDn5aEL=<7B8>8z}O?*zKb4M`_#3^Z>#?D>0CzI>g z*NuYjIywxG3VK4Vs_glmlx$<`LQi_=aXcX?RZXS>@u_mx$39%aGic+kim%2pAMB{u z1Y`bJG9iH4(#_8EzkkBJcND5%$I`G&exp0v>SA5S;Rmy=U!>s?Cks#1Da?q5&oU55ye^xk?X(z^~)dRLIjk6XFMV%2PF=Q6#k zWz!ga+$;}fC7Zq6MzD^J%LK)8zEBELpt(|1PKs#dxQ)BBhkv%YL@nw*;Yn`R^m8%R z&QlRwOlfn=OWw&jZMfH$DZIXVwyLL;)0cl~i!W`Ri?OO0*OUCuZ28j&DHN@k_9l&e zpTjVLgM6;*F;#V~M+=cJ=!5OZkkM?xGq&I@LqHZ9s9)?J$uf)diuIe13=fi0?} zgOf5YCR%IR%D5QKQmTxLi9B=h;Uzfvy&~G3(aEGehqb4Si%B0&0y!WQt>wRg*pFra z7>gCiU(3kfToN)a*0DMHol=Y)B9G~F?$?lS(T&~uS$~2&iwW{938m4Z157)j9Ydr> zN2WfeC}^=1DB@ZXJ&20vfGv?$H<+y&QfdaZ^n$wSm*9HxDs|8BmBOr=)QZ!Iqv2UIu|i6sS#mTvjV4AqIzq6?zS8$dAtzUqzRB~& zj7e>8Jb&@)Oa=7n$7?A`&T&C);*ytj85l1*qf#S1gh+ZzT*#$f$ORX2jte=%>MX-? zriGkoA?LJ^b6Cg(I?u1T7IAA`qxZ9}A%g6cWx+O^meG@TEc%B<@Aj!e;8^VpMa1p|qa* zhJVr(TB-sejq~A54zUP?lxUYz&hnE2A-N_Hl0q(dB@hzmN)-PMjI=pBn$-$>Urs>M z*PkVT_^l0>CDKQyJC$eycuJ`M0hL;yXbIZlpay@y(Aa8>nw6~KNzo!z69q$|;K`T4 z6`;~Y2PKukJHXH-kczLuyDJ7A*2Si-Hh;OL6llPdq3Hc%3g3?b5EHdzP$jLH1`J-Z ztWy&aWvBsDl?JT%T_mC^fl&sgNCVb0lT&t&om`ZA!HL;)zu(_q{QmAF zMz-fCMz&8(j9kaS+kJnZlNi}PLt^BwdVhZ_iIJ=OyYY1LlhEfSC@QIBhk!TySbw`# z0LsY0J3IbLdaC@D^u+y@Lb2qp1fOMpB|Qme`-;EkcGb1jT*q8WPiN(v3*cwuoI~)A z$gHhh@K=H*Thc;l5;`qhT21n!79B5avGgg!)0SCQrcJi=hk>1umo0#wVP%HkRJ)Lu zjb>z&XQZE(t(XxpFI!_@-JgZEV1I+sECj43&4Q9=q00mGd%LWx*`kjNt=WQWw)EC) zvByPPvqfIB2u`)*nk{L~*gXx)x0>xOm#-&D3A=X-qL=Or+c@m*U6vYebdLe<0O<>- zw|m%4=ElFhv~na67b%&Whf3(98;h@2*;FC^@=?Cso`zjHb3&cHoIjy~=YP!kQ?#`| zn^C_TtJ#dC);6;=No{RrX}W9<*AzVqbMPOT9=?~2AhRR;a#f%UQrrqT(mK4Ya}lUI z7XfA*$REMeS}uY?%tc`FxiCCHgY);_O3p=qd72;> z!N{5zk>NbkB;-_EpImn`_J6f28<-ToveAR%TU=SiR#ufOn-}(3)^%-Jld&(t_7+x^ zE6ZDfvNd7CII1)3X+s~FBxcK?)=1tbD-IYrU7vl5NXnuJ!4@JZv_%Jzlzp;D%Hc#f zK_ulGk<^4Dsfq8tsSrucB$Ap1k(8B0Qt4&=;{FjiEK?CmqOMB~ zoe0;VMqhYb5F_l%o@vGGnfiP7%+5g34Fm> zL*f`S!L*)pttzi`uI1t;=bDV-Lc*LTeNPkG9w1secttS3f`2y8Nrx7|&q#-c;2pbX z@LyOP?qi^W`}E}*>CliI-I)$;gL>^QPVm89Nx`rZOTJfSKqgO2x6#x%JvB{4Q)4Hm zHPpB#IYv`sM=b$0uIQ5bOQVLhUiwo1ANAA!Ox60A>-D;hvT!p$!OAYWbj^!v;g1(o zzo|-|hi^QnzJC>i>g(@8^}h$zKR>Ac^pv3b?>_LL`XdXfuUJt1AqUl8a!ma>$JC#8 z#?;S$*JJ9t6jR?lEvCN1nELL*nEDQ5>N||7@18ZLzI#GUeTOmi-NiBW9mdpmm&Vk0 z7*pRpC8oZ^nEH;z)OReVzGX4>4U4I-Sxo(r#ne|UrhonrW9k=i^v4uO-$01{GBUk} zkoSjE8`WMzX#5j;dxM$h>>tE1`UoDw=o^fg@9@EI5^b;_S`4EGd3}`QS_&76nzDEJ~XTADEcYPJ~pedSu>`_f}46BL|*|#Z>89Xo~p4) zdp{Qr(SOY5bj)U9!H8g1>}@Y-yY9v18q?!S(Dvl!21?>U!9F!;yVM!Qdh-lH+k?oF z6rh74m>j2M6d zf?%wKEmvoUEl)asl^ZI za({ugO#ym_7=UJI0`#QFG9g?%&i9h_vmjalQE7Hg_CzBHdvCMraiE(~pltH8IuP7a zSS5$ba5rIGa^{kZ6_STC27|gOL9;t61o*b~Y+zh+q~!fPN1t9EpvNpI_|+sV7WTh~ zqqyWD9@$(}fpN)GM5bPV9!zBdj=?qs$bU8_Iw=qCtKmVNjtt8u3MMkx__UM z3<$Gd1wSt%a{oM@5&V2N`B+eFvd;F)gcIJNWuF{l7HP*#(s6f;*+v7fLamSt*rDil z?gcY;=LIufC55Eet78g}E$*uEylusZm2R+PPEk0CqHr}ufmbLCmaMB5Gw~oqtL+dE zE758*@z9x<`P}0sg*LT9Xj43IcYoPf@yyVs3OnD1HdR_{;tt=*1E`-Fv?^TG|Vc3)xPw6t)# zTDUrZ$v3ocFiw4TOxjw|f-z~;3L5WfT$N)=9EUobxub9m&}S%I5gaR@v48TZhsFcm zdtwM}-J+{!BMvMQ2U9Xu|6PcKmD^dZ+|J}T=J1-HliQdC9fKMPw{x4{oWQYilqsUF z_6duZ?_knxWX(p_YmiohbQ)V4jhntkBWNfDjRlwZlV(HKUoaiWmhwW@gXp6gTRlim zdl3{BvL3`leFctAIeg%n5q}PE5x%O#M)gGTb_N|sp$Dm_BWW;b7)%ecrNsD~psNs6 z8|4gb>oH(uvNB~|iNOJb`T_vUisSoY$w!>#vD$v)bR1{a3DU>J_q-FR6dGaH3DEEH zL70sAy6A((=?wamqQhDp^;j+nYILB8^+V%)YQ-%XKr13l2E4CVMStUz>U2PZ_9Vr& zg^0RIw*gO@BHxZjy`)nf)FKd(6?70x6J)X`$TXUuU3S?+^jkpQ!}*->K_8#8TVhUIQ<1jZ}ZVb4iB+*o9$ z<vZYG3`DA%LWPu-Z-CG zq*Zue{UC_>UondO^6vD%#H0xhBmP6q&MKo9pLrG$ctxNvNCJhS7AOoTP#DCy+cT<& z3VNfmV;)tN;);(duaA(7tg|*N$;kM^pcJOzc%(_Q(xlmX(kxDzZ71z%2{>ll1U>Qe zyo3;vTM0Op?0-K7q^H`QfMcesW~r4xUpfKDL=T{Bl5$ZPF#(4u&G>{YCKUkM5B3sp z7*I~IDKxztCSvO;lGo-0hL5)sa2Vk$Ouzwqk*N#J4UfJ`3cNrg6d5)Q>gbG+VIv9p zxe=o}P8iL0in^akWN#g5uL0d1Ck$}vY*gUcMuC?yV1ER;7)i*O0xufMLWYf;d|0WJ zefSn6fS6$e!{{#g{7#SogO2Ys;xI;3;PF#;Tl~x^HEv2!roe+V%bj4fc0p4-6ZLbZ z$glyrKh#iyt)8I3vxXFSo|u_*Q3WdSlAf}gVZ)qQhK&J)%W+@WT7hSi9AOUfi zVS`@F8Gkl(n_)vkX5UtU=igSrU|N$!H26~4TyY$jx#E(|6+Np-24!kGnv$vVd+o%m z6#Y-2l}&!A*swWD0f<@h05d+6obPmGR(us}J8&yT{9FzAR0}!3TrydVMMXU{;bY!!K?*=WEHhyYU}VGSS0NiQ z`q|G`jD9tk8RNk07?;RNqv@?4v+b>BHj~<9n@Mf6&7^kOW>QbtW>U}0W^&0klaXiU zoPV-PobrT*e3%S}nZ{QMZFIbX$WTy`p`dNK?fTmZc<(A1PUM{-C~$nnEITG;*-?rj z{SucQLJl{q{hT%NHK&cb+A?KuuoO`uZ;$Yiw!1Y`vV5;aKy`xY0p^TJwtHx_honLd zY=MC;u#`jBI>P)Cb%Z(ihNL89l}1Dpz#$8cvaC7Gf}>0Xh_!@YI4Lodi=tc;Du0K2 zftUVIKDcO%$*81qmYy-oUot$SRb)k&BQ6I z(0Qj67GMGx301IqE@d%E%5n|zihmvRv4mPu)+R0NSDiDJnDC2d+tOn@r}1SB$Fd#P zrL-K?)2T|-H0?{&G>L&v!WEOki^fDv(@;)Gjy5r|36V1$AFyu{QXRRNaY#yB@#R$Kd4H-Z#_d3% zfv57P6VfwHo;QnjfzseLS`3CEY8qlKvL*PyCvi>7WDDF@^{o>`dBS>9yF^M%M$Yu) z8}{EgxvEeiWO_>92$7@HH`M$@&AZD|J-N$LJ+&tJY!k$p%&DFvv;68n_cKe<=1IrL zA?~r*k2*(Odg=f4GsJ}!5r34>4h3%-Pnef2wwNzWo$m?mTlOQph)iB6e|Y=}Z9ncz z#|F4}Q^iksvO(c`#i^tI*kS8_<)1J#=)bJnavN}Xr;^EW}dBM5`4 znc5-wX^cEJ#6BFToMc;K zD~XxS5;I#$%xq6$7BhM>g9=3k6&6G|D-tt1p$SDHF=Lh$@fjs%HcQNGMsz4Kvz5e5 zLAvcIuvzJYQwS8jtWeMsVlk2MCyU1xY;3N@bHRMuq}1t^tSnk~gWW1LX-N-cCGi}= z2k~5dBJ@s@Gk=GYGnd6=yb2eyyOW=TtA$koU`GF<(36FvWNxNLP+sO*d6{!P@!T{V zCyEt1)#9*NO6){rA}Z!-iu_d7+%(h^9+(o~3gljdV(LZa9kLiQu@+P0XzJ!P+@JGt zqA6le`O?H0np{0j;4JESPp{{;MTZszK?XQy;v&lcD}SlntOTjttSYJ8jGE6`2~s(c zoSmx#p*?c8Bu;0&=PM7lPAo&GO+}o}CK0Ez0pfJtK?+AQZI;t~b26au2DS0e2|N76m zVxI%)PJd%uYUcV&4f49PRSweH#*G~oKX-I8O-B!`RM$%-*E^tUwiZ9j8dd0QWZz{8ug^6i~ zsCrVrX*f^n7vL+YUsvQ8TJ5Dyi)H6X{X)aC)PFBjB}@JAn^x+F-#nYtZyL6weq!wD zu$q#14mLq4^_!^9UK*SXAq)NBV8qiiBqGEu*bR`KI7%#)Uiv?cK7GKJdx>*}o3x)eH!c2G$(t+D2c5jRL8v3-&7D$-ls7jPh;)!6|Ct~YawI6~ zB+d=eq-iJh=jJ~3m+C1*QK4BebAN86!fWAH>QD}!6X>{s3A*akxes**YYKjq4&R$P zS70$hFCi*VyD&LiPw0LYmwmC^xkBAHbjH)S@$(L4FhOw_Mf;*{ zY@`HqG%|EFen&^&(b0Ew^anvlb)d`@6ttelyP^~eB*ZDj3y7-8^oc6KW`BXG>fyD7 z@`@zklc8U!Sc=XGpXKPBlMxWd6@UMtb1;7XHOLBOAL5{F$#Ni4pM*^y2IvgH!4$0W zmw`rv2%QK|_0t)j#8@noscQBAPlgo~r4wHUEG)+GwV?p_(!$SO+;mU^`w#a|cJVxY zUe>o-1ig(lL#7lt=XOx?0)H6xWQP8b;YyYzz)Sz9HCrKB!UVE}X<=2*sp>h*RCxaR z*D*$|Q}9F6>@E3qfQRU~Butry97h)>c2-SS=7GYk!L2#-ss{|E8he!<=OJmhVC?i0 z+UI~Q0;o$rvAU%wia%ix2}^`jI4p&Hdd!%iaIOwczPP+b#v~d3Hh(tazvw5LR|=r8 zPa1kg6Pu0N;ido6PAnO<&tTL(8(ueBwa+fBC@icAD-DkkrOu9jfi`}#h3}|0*~SlE z`af-N$i{C58^5w{o9r8)WB6!sVPX9A6FR^EnK9s$eqs?=-WOs*Q7%|3XwD>17b*B* zCQuhqoiISd7hNFB(0{)`ptW#;_@@{Ovq+V6oMR@fS#OxkfpQmoDRU^z5w)w)-*k@3 zVtmB{l=&aWd5B(^^KhI}&|0))Pa^({c6o9cvqsW-gj)n8jxaVJ~o zaf<$823Ck?K^Q}DlrA6Mar|3|;Vpqc0gU6EBsw0#W5pTXmKc?Is$ zo?=BW-wAJkBd|?Z;ms9-y2Vq;U+6$d157X|NnLSC_;{P`V}fZz3TEtBFyr_R z#BH#rFm}d_!GDZh8O)gfgzvI1v}=PIgFjQ>&x$gWtVMW@O`+3wjK}Bq&|Cq%`mqRQ ztB*>}Y4PGyT2ZB@1BcNBgLqyq&90Q?@GL9tQc%D$eiLz;Udn_88eJH`bUOPr?c5^{N!@B zJMh+*cz&G4b_Z9Dr?cIam&`-WcCY*3>}9(J_o8o)?beeV26B~l+J{^&po;X;r-}e6 zRY@Z$>G^IiyF=l)mtvO3rAS*VIyZTGt$*t$ zPv4t8o_`ZWoE{2JqC z&fY3{dnZF!zy1bE2E+Wuk!CQlC4}~0KUfUSY=8NV3fXZi+SWcKrL~Jst-n0xSSkGF z!e-Q^PtV4nUz~7VLPD$PPM5q@Rac;ICLpAT&=AhC&q#nLvq)7R~+Y zMp-6$8{xVFPzwNEV<2CISIJk~l!2O*H>Hv{<%*5y&P~bPB=&B~Btux=l=^FJN;&eH z%^oZDrpy~f*pxs8c=!jz=c*O?k&xsLFf~YJKvUUHO$zGvDFzv8c;51ZUq2CJ%9u)2i_hn@MjU9!4)c;5d{aL_H z2v3m)2s_OKh2w6O?xJcoYutm{bzLnRVUyM!LT1Z4*^X-1RkcfUdx&OPV8lC z2|KZWkIAMb!8u7ZEfEs7Abii6sWtMD_nUk`*Y;a^LK}mF?yl+>9IWrEW^>bCG4ft9 z@+PkL3fryUjV`}+qf4M5MbpGkB58kOf$R%^x8~(2v<-)Bp9i2`@c`@})-{hop+hTT zp;Mv#`Km^jP51y@n7%9GS24N_KBV96uD^K{5bY~uYvxcQDu6?QY$vbhcCyxXk*0IGbSb2e2V*i$vH8@)_*EN(#HHpsTBRx}4-S z+680Mi1^5DiKzgr9+~}d`ia)b5iprEL;I^n&}apn=5I)9!!Uo2*;C{Ex!8zOtQD0O zH7uWj$B`ApHXc&WsfQ`>i}_>dec(@4OvckSyQI5wK0VCXMQ(kLT}&40tc$6Ctj8xo zETse(1p}kVVhAg2QuqA`m(+YCHOQwmn)JgLrOE#uR;T9IL=)n(983x$;?fmalyojE z3P`dg<}%V?{M(9km!TEw&P&}#I<;YBY{T5tWJiZL^WVe}B zLlO6C&;$d!}o2R|QcI-GDTEedy*?t020= z7RZg%JAvN74|?nqy9eJ4M^lb_$o&wpp~leJSa%Gb+<#AWf}6NyVbx3{)l&Ll4JgL8;Wn6i9d z>qWk=^LrvL^_+-H|FGqMHlqZ;nU2)-yWh+iV$(DHW;&V^J)NyN(d%|OJ2WRjJ#taT zlyfvEIm60RG$&uxZ|2+5oam0}?d>V0Ns>|ix;$YGQ;_s}VEhY(b+mbNJAR4irydhRBqIZs+XOG&8PInGn zLZ{a#O@lo%cb&4fWpuJmO)srZ&Ciq?t^ZF(T)s@4-SiF4uNnz?`M0uaO_*Udy8Kz+ zExDRwHBSD&O~+(4ZhI!z^5L#}O)uN(HN9kNyeH`Jy$VTxBSY^-|DWVpBdXZK)_`zW z5Hlr(m$GTM;og9-?#$1<_LvA^-(fb&N-*V?44-1Lt3a6%St+ zjJRbuYLAhBxP)kVOE?|=->qnQ%XDg@;fcZm_nmg%@SjFz{!e82f0$Hm5oXNx^9 zhN9&yF~r+K`RSJ!J#R7mH`KPoXnBjy*BF3dv^**a(el(FW~2?1Rt!BJl4UznGR$@p zDlh8U{J(YZ5jCh@^G&3@sAv!Qvvx(wn-?A_Z-&`_(edFWB^vV|b#st(9Q5iWS4$di zFYQP!Z%{-9w++!t)q`yucK42)NVmGj0C#|NGl=i#;SXCA_;%0mFKs=^e!?hQU-AVa zdv*d%q@seq_FpjmdSSj*x7+j7yHc9{LQ)nkSV;}Y5*Q(GS}TlcLyYQkl2}2>YByHX zSV^sat#`Q7R)1ttOS|WAC2x*!%xW7md0Q7~tJ7(Nw*UcA*a z^MD~8LOh4lL!uKKcvzQ;mCU;gV6v$eev>-5(2KZ*a*gRblvkuZf@>WUrB$OG*(gUU ziwW7F4h@fxi7joS0Uqk4Z%H(A1<&s&RUCZXm{{=yb1G$+gL&~KumQvF)+|>Y?(S%R zPiT{gRmydzaFg`&wwMsIGsaZn{_C>iOmX(>R z%&;7=uv7HUlMr>!3 zV%ssI&9?SV(ItdvY$>wqQ>t5}qCsH0gNRP`5!oI-B&t0YisXJQshI@q6Y8Cy?jWEq zW2L(ZWfL~aCTtPhJjP0Qj$)YGSg2mZs1>w@_9cL1Mm(Hdq2d`T=&h`lI601AOo*HF?J>;Pd~p9&ar>Hv+KKTxZ5dxiV=4wVajbvy1Et_PEtt;!R&Ue zM;*=XNy}ketBwnC`GOKc)(wnuAisX3ciAuy+MsVD{Bti(s9ZRy)vL!ExUSATqZwn(D z_M@4d{(;oDdDuWRz2F;nlgDWDajxy3Zh1+fe+XmFQ*GxIg4porAfh8;DtgiOK^=qR zbDO~;^dXf%AC~NFxm1CFGYEb>E^228mSyaRU`h3)c4><(N^I8`cqrXi@x>m65@CK7 zmZUc5j$cAX!N!I#Ruyz=awDNcZUjnFBcxGZ>a>CcKOYx)JEW3S6K#iO>eQqL|IKnE zjs(iYnNOdg?Z7~5zAVCRfIGXVb(#8}#IzxIhDO>|S2sG08peKqco<(8RET-dwBh{Q zxEq>4FlsP24MvSsh5vM}%H*ngsVddr{C~DnUn;};vQfs+rl!PiX8+&R8EPz(V%zwl z+{~PtndB8v3@?JPDpT!ld>3pMIo zV|?4xsD&jyhn$^%X}`>8+=0>Qck`ZMci?={9k|EnzP+EHVs*d2Z`q>s3=U>mj`JqT zJTa1anlI=ZyKv87QT%5l#8Qf|A|{l?aGzGO|MhzvXWwomTD z`lc@FTlTp+Wm?1QZDjHxhJ^_}rU&9rCNfB?3CK3Y#*$&+NJ>ZL51d$Lb< zDP6&y|4zFerJGB3P`cU`4hOF9Q{Y-UQBOTe*Z1KpN;kk)lx`qrd&KUVSI1eDZh)65 z-OwYM(#3CfQ@WulnbO4)xsh`y-2g9Bx}lA8C|zGum(ta)OX=p%&Y^Vu&aNq4vboW2 zojeUYa;Lw4)t`t_{Fc>OBV#tB(hAjLSJ4*fJzJP3Xfc>$`hv>$AA!#b07dOf?+gkt*! zT4!E=(!xW7_67@OHfEo-QBdrlh2|wz%2lyV=X)7H65M3ANAv&4|95Ma=KpcFfVvjn ztmn41*!>e17Gt+xamzaY{)tNq{adfNDaXzJiAzatHhXbPP~!fH3sH&Nz0j6y_u?#A z;^2v0FZSlv))LPAfSy~w{fY~`n4Z|ZV!wh0aFG|ussEEtdLtK)X4*fod&MpcC2l2e zp2x>6;r;t3F2s|GdPsj5YUiSU91Qi8=lWkK@2V3Ij^LK){*#ughf6r4&#w4|`2CGo zD0f!tM%?9-Pi=4WYPitJF7Ih1)J(I3NGNw03FR(ELQTM3qrT|CMNJlu*XhH~MQu4` zD@-3Q_+M%4*R3vUy1jR+i`v$Eo^w&#de8GNYR~uR*>_z_q8F1;dkueu4j#Iw2_G$_ z=!1I~HMw+R*>va3MQv%*&P8piTNi_mUDRaBSn@cz3M@{gkLFPq?*8<@|4;t6|Ba{c z^)K_FT>qLsAC-5Hx=^N0-OGKq{GBqE?TXQ(%8kW^`?v;v^!r=O!@T_UN0sva zM@$9M^z+mXuU7Q@inM!0Twj4vS^o3)10jH)c5nU9|2O~Jzy0ICR(0d?|1QsgKS7Z5 zUHrVh)~&Dgw7h@J+q0K>`{(6A2dq!Fq*ltHLl0Z zVLb~9I`_q&t8%wE?k|tbPfYc?sWt2G>tT9pqt~_ix!8ZVgJc=@Fg2{QY>HMsDzJ0x zpFZw9{&x`#w0yjL_^FR`vmY6<*gi6Crbx+$Av8;B!i6SRHpd>c$1Z^pYly&=^tE}3 zjQIN;Vz3MSd79bwjN9w98viwOVIMxUPt|o{xGnJ}N2Bz-y8T#xHgsxhvYbsgozYY2 zjRYSS`VxPt@zmIv_Q-MP+_7wZU{$t$5hCoi(|bS%oK?%~GnbMLoIHlH6(0Fyd-F7I zMGKud)BVTPds+V4)f}29Ioa)zvy?fQkYv{hIe$5rg%tky$nk{cyA$jwYz&2|#4LOC z<7slvmAP~n7e_01X`Ssfd05Wn_7Qo1Bi?T+&h39YSSwyjFEN343r;vq zTdLJfB=`Fl*>8t&O!FzIe}gLX-~YHbo%|Zd17S7?79QMWzuaVhkSZYfHBNHMxDd8Z z)dYXJ)}}rNJVI*V&7c|M4SG4O;!krTi7EE(@ig>qzYMV| zt%;Hz17IHDGJQB$#n^Uyeth}__Q&%B*zwb}n!VweH6?mFTgF(+uVzSG2d<4Fz2>L?MY(@< zYTd*)Ju+YP%fS$kdK$F`r;X!L&h6pzR z;q!R#Sva_ju~e{aW2}v+jrD;QW6^(#m+bWz%k6R5r7gEJkj2m|&w{K2Unt)DLjA`} zM&ITUR@VW>=Q|^_I(@n`a?qJ@+?f^IN#4MAr$8!h0jYQjq~fa7;|7pAg+wd5*~JN7 zghabl^3R;^nIn(KURTtmPvtlWzBkimR(Y7oG^BmHG|HxW*p^_{QGg%3_8i0arAwc zJ@OQy?==GLvS!?99h|deD`iAj3ZKH=S7F>m-20}C^IMGbCyd*}_z%apxu4-Em&Qd? za?Px9lxk-+W0&MS_O>}c38jBO-Yh2OVyk(c$ECt`R{aKr>(pTiOUARxi-0}}q@Mcm?3UwO5hFLHm2?Q3xBrx*de z8UZrf0dHjlY$I^1eB4Cf8{xC-11kczD*)XNp4|kkJJf#JDenxl`eiNWNzi)WkjL&v z2is{jUj@9E2U~ch!FGE)&qNqMA;S1oMA%E(8BPO)9>aOErF}coE2);PE%?7&-h$UH z^^Gm|!%gemR{Yk6`@w&f{ZqT`n_Kqs81m_s{q}}?c$B=gWgn+q_Fc!;NqVr0e^5BB zg^wyo(|-ElZ@K_|K!U#&O(!(4C!Jrn+;@#X*tmag*Zp5NHrF@y;*aU_{KostiG$t$ zCwJWs3#LahbHU?^r{9lQOe=-$iL(RQN1}s9tPTY8?+1;b)r)~bx+0TIcD` zdBLyF3x3miVW+iM34H2*yr2crsv{@WxV~cNyx>>o1%K|m;4eBa%p1u&G<5RX>F&|` z*6}i#pS1PK%h;ZhdQ!DeXn(oT27jM5w>Lsw_IG9>yMmdp8SJ8^9nALgP?z<8&h|FOsxZRJnXnn- zvIUjGx``a-_?G`TSQL8-3577bLaqvR%G>Y4XkgmxE}6>8F#L;-3!| zz~nUZ>JmOE8rnHrRU7-Gy9_A!mNZhtCcp7Y}SMt9cM5=4-Ks>EE+*tFpgQCnF+A{i+()E*?v0ZlL$}vZfASEyMEywyFVsJ`Z~lCLK2P>5@A;qc$vNWpb7U#L zIYCzDo~D`IWUg#6S5BELI~Rf1VQx6{VdwM&bK`3;_eJeIGX=vFreJtKQ}E2R4o{fY z;Z;oQ#gAcLgg#krRA0>V#YX-0Fi^p-8tnUamp9ALi1e(#CmGTFc|ydi-*C{+75W}H z6R7bytq!JtL&qL=tM886aO_Fz&2;G4v-&zsgG{3~wsxj=bACn~I{uCilR0(lSx%Et z@U%Migo8}((OU*)0Ku*>6sN2nANdom4F8o zu8uun)lGjnE_&eDGkIe0DK%Edp4B0Pr|z>mbnKabRx|gWOH+Xjr#O_`Irf~utEs}- zv1jpLy5!iy>$x(MLr7Ykw`BTo;Mg-+7w3*W`=2)*dsLgA_|PzI9*?GDcH?xkUGa6* zV@1l->6YhyJ;%$wQ=KbNmJ7K`zdio(xABkv_ze&A-}~|6#p7;yLxVHyvA6BuN=GLFIBRpEk z8}S*_?}s(4>t{BcHbNI|@^*a2bnCE|mB1Q*y1xsyFbBaFyMT;v5RkzK0U3S{$oPMD z4q=a!>dZfxmq?DoAMigt&PO$#hEC|>$)npX1GwdM3w+p&)mV#9u^Rem9jxmryt7L) zoY@T3@N?M6?tO9^s(}Jw`gv}K>_Rox#epR(M5d^a(?|_}X|dxZK;$G+W4gNrh}iRg z01=tuLrz~7=M|Gc(QfVRpqlpsAVhsP3`v=ta zTwcZ-FXNM!@$)a^gW%BRZR==X(dFi7Ul9SO@-=XPc7LCS1GK<_(~YE?-~cUffNqBa zw7>yc-~hcA9H1Y71GK^cdNCZJ6%No#;Q+00fPMrH&d*A-;AOHCG-*!La)88Q#X2x!mKDUC_8`|)*k)(ahbRmJO$7f61(^M;Py*!DkM*Y@Y?1>U-<;@!TT`a7M`=l4l}C(F6t)E^FR z{r5>VpH{pMy%pH{DTT<%==tly_OqXlJNImX(^0)te70rv>is!90%9WX{tSq@XXkU^ zsXM3Le!k3KF23RW^NpKxPyD{7rPzfj{yw{uZWh{~dwJT}D+~VRy4NbT^Z(c!k(xhi zdvKp8);gQxThE>sxgh6%>}8>5FG{sjC&ibFo%6Gben9SAk`Eg%IT8>rn}~LECfX;a zqP=}C{>Wsp=d;D0Oc(n~Bi!!mdvaLJ2G}!WbuM&?x|y8AmnwpO-;Bu@o@cI{eMr!S;um`gs9 zo`KvhJ;Om|%Qm~aB0@_$-{u$neU5;{A! zP2+vm05i|cg+yWcb`-Fy)yykpGJjfy6NcOOluvrFCahvnOT_U*jjFHU7UyPC~0iC1Sx`M%EBf9%hN-b!k6wCHq1JlPRX4v818 zBwmX2j&o}>Ez+F zsdaET^cuW%i@5)Oq%6Mgl*spOEn~kQs-h*}?I~Sm&y?A^sxXHeliP=2JbmKvq)!(* z_#-`hUgKVyf8WjMn*hN%9@z=S6Pft!c(&X9bhqDs52VTIe5ZpUOB?h38a4OSbU&Ky zhm-xOh?lvax4Sw1)Ij5F5dh*p6dVcfAjBu|HuD2CZp`hC`V*Go%xr@ z72W2$Izl})oJBSZ#+x9XOzaV&iM8`Wcf7*p4&Oe-v{3H18*61>Q(iV2i{Kx zD@R!6d8qO%Qn{el=<-?}U0ka>J+u0STMzW(dkb!+ZaI4kOuK zz6`u)+@-CN^O)o3y0^WoyD@BbZ@;kbLvzaW?ds-xQ}-^d&aOGqrxfWIx<@ZvP(F+bu}V%YcHD%tnb1+-n(t?Bc$DEHKw+@iL5QQLkC@bD4fS^T)> zSMbwo3@gf+i{8FQ!{?A^zpiP&AFY4x)5C2zuKn^$5C>rD=_Lr-T!L6f$&tU@3E93M zjmv{!`NZ-W&DX=}de!p4T=a%jmLvMR*QCGu_5!i_1S3A6;Jktr_QoZOC&lKC zQuEtO6xV0qz~Mrfa^NOg{WUr8%UPpG;(%UL9MDPS_BAVi)yi&DWxJekuk-qUC8^J? zs`NN(&V{C&*LT~iHsUHZ&H4ICUD~$@aZQY+IS7RO>k>8jTomNtGk-WtF?OK|r&ZnX zj%On+_hAgO#GrUt6KKm{woQmN+|ruEcuQX6Ez|U2f0)(0su$;M2Xi*zIj(Uh8Rulx zC~$f(kv$E?oQmm5i);9ym^J2qFw9GB`pX~YqD$qANBxE9&uPsdEXR$lp`R>MXrr9v zbeHc3p`ZG;KnId`PW8Tz0a;F7nptrc*D{3!XlB&yxE4P88jiwMf>~+~Ypm#A!0z(R z`^&MOyV&%#zkcek|I?vhodYeeiT3pSXwRJ`a8TQSt!zKG1PG zoXW5+hS5^;0ZlW;#TM;?82OAzNKUn`@-GikEYagt6NDuLw8xC)6DYk${7^0r2qiq~UVxjt*3lEMT z9A55@YIOAA?1M88lpZKPkUUU$AbueKtqlpGR~9eL22>>7_FPMUNljX?<~JW7ygc}D zTCGPX{eyQ8o*uk?@aDm#2Nxe4Do0Cg55@K#w3&e_1vXx4Zk5q&`HjtkPdhr55>v`O za;4bVF&S>9a!N6IA42(!-2>AD+i!R{_twP5nsO+yxi(xMSps+GebSO*9#|e2Y~Tm> z--h@o*-*^fS%#Q@5nXg7#(86#^xuMg2zUg|iAN8@aFvt|OCzR^xoy*MAveh!Vi|RL zFwp6PAgSrzvLDR}qyi7Nt>R@ibnylcVvvM~zz@McgtPZ@^95wmY^5VqDaVzR;2QBtL0GQK9} z--I5-Do1>bWPC>ZqFCQXEE(dZSBS%m8Df942}3%C2mPNPl7C3ku;F*<91Fm2L9iVtYPYrS1UGqILtM;k1$VHCw6sd%p7Ekzv^RwwQ>bM-SOjKPdC zn283IFqqv2)7xNv8~5`Xieb*FMwh%$u*oJK;FH6UD3}UTXELd{QF)^RM zD!H}bhwldP!~g@^R+6pB3S@_6J4*~!K#RsO8UuW00p)NH7a9!|2xNi_jRwg4as+Id zNnB{q2}591RLXt8oPaG6DJva?Vl(r}ipo0qy7X1wkhACrVP1v9| zEE){^0$jj_azPnj?@YK#)ifjIoP(8XOo4F7MgS&lPB81Bh-W5*J0pHJBLb*UAwxoc zVX8(kG5#CIM=m+~>VLC%-l7693Y13+Mb}&8&Xu2vIk@yJ)EJ zEbUR5MQs+<-8uBe9EvuzK-7aBP$-x_k}ze48O$BP*)AMHi%{pCQ}4*Bl%)y`8Rv+h zX4tc>gJJuM)abp@l|mbJ!8hI+_7NC=)=j4*E`{RoU+D%Mnw$Zh8iP+5BGtz3y!c*|JKgBFue=$WlIR|Pauf{rV4(U(cT@^! z5NdyFr=N_v^q843+O%WFymCu_Db<_`BxH+mR2XuQk}(=KnSAp+uHNc@+h#|uwT_<0 zC=E;wy8jW%=*%LvxP0qg{~HtCRsy6*m2B^LJs^F}In}_GT(b0%&HlITL4n~fl``7j zhaa_;A@~n?mjdh*|I}_jX$v9MNTtq(R3mLUX*s%Cs=e_j459Qk0`x+E@}}nCVr$iV zM|KEa|J-)}=b=Og1ss}Cqm+W~$HcB?7gOatTn<<5_kSL81VEN%*r!0jG3At8kk+G1 z_*BH)wBi4G$daH46Q)a-(F#+N(9p5Y5?~is!aqMzUTjmNZGjrjJW2EqZF!X2}lO8 zw;Ja%$w%Jw|3qAHlwINGgnFoMfD5pFvM{ljnCnO1_5VDa$gpYa@Q@|!Fby08_VBQ9 znK_c_aoYALwYz_T^@q>H7H517CMIKPbXy{X6UEdsV44?e`XupxX=;{COGI}Ty*W56 z-sU!7KIIr;K=_^`aAA;08d>Fb8~=pn-C6anC{$8UCQ9x;h6;|^oTDGkGubARPIvzA z9D8q$wLvlWGzMjk93*t^BemXIi^W#Awe^4J+Iw@&jbNPgk#i^-s7WIvAB1}d#iST7 z?fu_5_uiZf(QwLtx(F5%C=bSPHHKpoGR@hpoFi@BoqHdUdu&FjLfLfN0_U2AVo%fn zPfWJi&fK$i4t`h;nl_jcc^65yg^0(*IW*bp; zy}~LG8%LIT9@3qYAD)vL^RP)W-lm$s!jh{=u*OHo8B;TV{ziBc;Z>wLAV30g`Wao* zyb($QhvsS)3Qa?yc_=gyg_1y1Q78$fbQmb72{8!eEXsitWOaz3oaJvmwk*z;&`W}9 zCaE!lTy;e81-7QHk`dTLUejBsOT_FR0WpFLb$h*!x*h6v6McSWb5jRu@Kj+F2hH7J z+(-fN-3^<6nEfuEoxEOn7NhHfG(E)F3yZ4*Q>D>Ju~9NTW*GU+)HqW*ebnYVmqOLd zAS`J_&!)6&GFu3u$i2-=5rm0OnCQ?gxKJ4;`UmWb7frm8+4&ND<-sy~mO8i$7=Lq+ zC_&B<(RU3Df&L=a3Ed8kNOvNK;e;SW+c=Bokvi51g-alNM_Zu)^(fJ$36CFODXsT z5UB-!sdFShDek(H?T~DxHmF5NBnmy}-n<~Z}0cBzE-D!6~I|7<; zn%*iV20f^?r2eJsTg*IWha+GP&`a}{;bFA{?zG&ZB?rTyTi^oMrF4NQWlV3?8KBH0 zbzL0BSiO_v zue}Xp9LL(@OkQ^<@ykiv)tlajXu5Moatt*9gAPjtf;Wd{1p7Oge^5}^Bq`g{hUQ#< zO)@m*B50ll*wS&xZ;Xe6)wHn@m*5Jx7?;Q8aOpjZ%RD%faG{(*IrIyV0~g8}lmmiu zMsv?9f6$PGh9vpctG9JzZ`HNjL>sNO-KC&;c3tUBtqn&rT^#9!_n=Klep-`k@*=TO zW?iGUlp|DrsfJR~Ww515s0TE5O5?YGYnp^HY>$IX9|E%$qa7L)bD|H3`Z$FmInD5k zVc{?=9EOD>&HEePqq)IbaaAyjb8y@nfV}~mBPLdIjqTiA`bbT#6{0*3u)243ZSN2+ zK@Yf+oV*-A#X1hwQbQ9PYZ^!7R*qj2#Ox28#Xl^#@QTg$9&1w*t)w@1_Vzaf3 zZgOcY8g59g^UJkb(x#`VVdh8(|eSdO|P24EKv{6<&C5k?sJpMjs8@g@G+7_TJ*GSAZFRv2JmX8XJPgt2Ye>ytu9z<^>-nvZS!nI|_;4 za4H+nntg}OP-=z=oC+k6D}`#TMP?6i*lM^?DTk9Cofv;MSQZYJ#XB_5#b9%@JgRu^ zkk|rrLDqL0bL%zk$pe zvlxTf{6T-4@3;bj_6SrAz0$b~z%op8pZwtL%G~@9-37(bLrBBI0_pAKS!nzL;HdsmF}1UP?{8n?#X2iG}3-3&Sm6?pTeh3HB% zHde~X`T+2ddWS|14M?Y+`oq6*^KwnW6I3#WWC=MM4A^X)@5cCQcse@AMLZwzyrv*} zzovTKZ8nZvXc|}Gnk~#Gp~+GM2H(_Fly@la(mPYNbX~*3WN%Hx=U|QI@YTeXHCgvm zQ@tm`;lr67{aZ9SQGqP2tf^@%1Lj(bu@D9|qh46@WRn%Orv=AN-@}vJo*sXv9_oen zB)=_(6aFT=JK0$dA9UHpCybY?OK5Bub$`nAhT3hEdb5 zA&sAoK)anZej>v*X*}BOwap7@FzisC-kLn@FhtUT2!wH};>47iOr=J?lo0Jz-j7c}vp zi3d%*)iVQ8FKF^f*u=I=6)Ls`^b+XXrUsVSUbAZFA7j(6JYy!1ak76o@!WJ|f4Hi~tom{01p+yt(wdA>|SU@5#^t56TE%yWZKcpX4ET^pS zy0G;=N`*DDfCqt;IS-#T3uuWQHlmI5p};@Ll7R2QJZ&e+9z zTr}!ZMG86T8SiBDMK`>jbEJ4Htp%K2Ac!~>*gD2Q_G|XvEF8vY&&ty;U=xyWm2JqH zl(}XxxlqRV_oMmDQ{u-T9QnU8%6)r-qZncnLxdDcVPG0-BJK+P*)`-TUq52+w&Bl5 z@#@}=Cz1eD>hUM>kSq~KiH6n&vR``Uyq|rTYBjZYm{XF6X*AfDL=gBS-Q+Qz$Iz3W zp&5V1w9BS{aeo>Sx9zxjE%)}_W-1wwoP$M!U;_EtdZ5+~zVdWT_jTQ7OdwVea$~ny zLCdY)Id4N6-+D|izFAXDK{wRgVWtLOAS`TUx_U(XYB86~dPm!vuLhBrgq zg)#He;F9tPSC77nB#!tS?b9TVV1w526G(sjK`*hi{UY#G~^)0@#~R;%#|dNVr2lSTRZ^kxu=?alON(33$=Snas*9rR?-lR-}g zJsI?5tqSz?pr;2tJ)ZNh{(M6B61oEm&BH?TAeUE*P{|ch4v5GD5qTgXkJtL>zBS|3 z-NwPTDYbDV%hA@6lF5`qcQYT9W_N!+{7gOsFX)}71?iCWfpTvEG`WY`OQ@+Wd~kO@ z{9Ha1iG2(*cI3*@>7nr@^ggQXwfkZgKA1Znelj1d%ZY~bsiw#Snm|u%0i;iuD4bS4 z*gGG7E+3p?qFT*pF4k^1q(LZ~d#BN<^@R^~=fltCLq{JYC))*2d-l1K@!mee94lR# z#Dx!h=fltC19U?wmVlk%Xae9wZMADes;M6TRtlz4d3INa9c_n*zL6t> z@pYJHm>QT!-oavy*$g`z#hjnrWnTyX)cp5z?9%hTd+es`i3tgSFXljc4u**s-X+}H zjSudqC2gRJjyaNZaJF^flr>j&@kN6sZ|B;FcLy0%0DsqGZzvFL@-3J!GKHLrt0mq( zP(P1r#%KjNuDY!2U13zyV;m8Hf-6zKemQ+dny=v|QMd$-sgNHKezwG#p|^s?ecxf1 ze3%jSeme)*!#b-yHO+~UjOh|`i;-n86-v*F)l=p6PA&`4bxY94J{sx;`k+M0hI4hX zKu3a`AIHJfqH0YmiP( zk*LUsKA4#GKn2&w)y^d6gZ;xpoI!xw*DIvcu74h=lhLMP zOszH=K*1QqqGgd%AE70F`6T)pkjKI(g8tC+-=nZ61KucFKg;jE0vzI~jM-=OlO0J3*k4fZ|d&Dc4fFCsn{TB%2*x%x$s}7)=HK z#eZeC{es^%RF1eAVa@61OUPAdXo}vzCdOc6$k#OaoxPRaozX1RHT?@=}OQU;>=# znWNS8ug(;TE?m`>Uo+sS1Luw&M;w0WvUH>(#v)% z8_`u__rsC#?H6Batxmc$7*W0u#-vf##EOaSV~{|fIX5}^M5${CK0;0 zB-ci)A*JgUqwISuMzM*;W#0=`c`G&2NW+m`XwHrnjF)Nv z!~!>;%#{ndzn;gEO@;4l3~sMW&uj=%LeV|*~%+MPh<1J!^kPYw-Sgo zP2 zp@7zoSDJ=9O>c-WU{%N_cOPNtBrhrE1o=5!Hl~HL(A3>&dP9E{Qy(UT20#~G$@rUw zk0VE)T5#ObLen2p<6n%XO>InAX3$S0r0W{B#=sW!8*6P|Xlm{>y`H9)qAvV8*G(zj zW|IjD%HliuE<2k37-srvG&NBCRTt88XbdD@VAOi&M@%`HLJLj(ou)VFsK80jYI6<4 zGz8Nd^ivO=QJ^Y%I~JPqou)TLJm*N=_ey!R7J9eV4967Pa7}`dg{JXN(_6+VUff}y zLzC~RB!3`{0H7|B$nmcCZ=q?aA|trr#YRceqn@xOpfa@*<4wCnpE%GfS<AkDZ0DT&&|4!gMKD%J z%~Dbat4W=Ed@rNLlA&0Cc9-ALJ-1sZwwM!DB4ZqkGstz(9io6iE>q%!V4gO}e$lSu zvpC14*l32~!myqatfy2o^9zMp(Wj>u_ipJsLvyk^-miY3(4Y(r%1Q4*BWr!opd5AM z0Dt!}6BxAMh;n-J=*LPGLRoULwv<$Sv_0mMBBvONb#=tN0HyTwg7X)qUj$OOxwMq6 zvEq_#96M3#S_)eO>w3IO9R=|Fw4JSo;Gy8Fn|5@$mP^Clt%RAn~x@nG?RSQ(^Ic=4ZekZ zAH<=8HQkGX_&ACUqm-I_H!0ezSvJj84i)d5%7HY|lA% ze2jDs1AV9^8xlR+(3-A$m7JlSDUeUMxw-sWDIKP8&R8HpMhRn}tgC_k7VhzOSqVTSDc>0oh?h%Fe%PK(b;Ehq}{ zHpi!DX!ykznKh-fM3X6H=)Il^)_+y-0h*!L-g>*u0qRcML)v;6RzXrKm2*lSkV)5d zBc=ch*bwb)j!<{n9yyuSIyA$Z=z-tfiveo!ITqNk2~a!S<`8wK?ICT|frm>ZHiH5l zNX2?L+=zyAw`*GAYaOHRv^_fFBEjSn5U0gJ#lZGx_-9blL2J{E4pMj89)HOMrDoMt z`9?foBDXTQB@RxbZH&3iQR+_HBgZ~RQWEgLZb&=FPHK`WumP%-bgRSEowmo$6AggC zrdTq=nhJop0!!RA0)@r)+Z?Cvv^}D&cREN7M`lS`fN5>@15!ZJa5>-RKy|0>QSd}+ z8nNu9!BA{ge5-o8XCE|xdw*TM&5`O(+oOF3Q#zom2`Hd$AOlue13kDVn9If8=1_H~ z?eVcn!X%t+Y>jg%l^Cct+BiyY&8ww9~5 zXP)iSJEWe@DL^d6Afg)+REpO_q=RVUX$;8M=+-;B(}>Nkm6m-q>`8{JwkL{N9Q9!Q zmHUFvbnkt(SVngx=TLb>C(v8Wt+QzfLbi-yuL_dB)U^-n2}qQ^EfS57eMD1Z^R+Y= zTg;iN`JrxqaF4)DHh(lRC6?iZZLQ))x6L#R?E)qIR$YHj_qe7xR*DTJnNk|YL7?HQ z_0+A->6<(Qe@zl3mt$q$$y(NAe&S1Np@I&5bdB)8$wTl48hkQO8QX!hGL(b$=zWZU zTM+}w^;Au^5^nPp{JL~ZL}H?0lTD}=YS!p>OphT6@Py&TV}I-E)s;IPzq#QRod}V} zCqS#mFrrN{#YS0DS?Kus;{B7+aa4>$DkG$!so{<71GKd0WlDfbexc*jJ6Cr)eoLBl zs%lO!R|0oe*=erWCZ2&gdR*xE^osPIj^EJam@x_gS@jUe90s%LoU`O+>?pT+RDWGM zx=uqA8&y3pA%A+VnitI!DI+$uIc`s>n>Q;EQm?8?YcFI*^3`8b+%YEa#`d02m4 zI@-?7i67qkk$@P1dq&Zu5mI}~{i@V;FCpUx@$fV?>+x(U5G?WND|MLRVUz%h;MvI- zbxB8(T4doO3EueRm{Fwxtae8-&~QD71twI2hAX!A;5e^s_B)*(Q;M~*RX;G;n0suo zP<5sEVobfEgXoh!uu^~X9xdWCNQ8vI59cde>gLsEg4cWL>6zeg&&kVY!siJwX?@fdvmTVvBn4kM>*oI?L`VhVvFpyoY3`J)PdX{5}HsqFUW^{wD?#{1ymXeRAO+EA~>NeMN&`k=yT7^7&Ds&2=v#o7V zsIXj$u|!3KG)wK)uzUGn|M1I>sZ#AGH6Z1ZV25iUkCR?3K?c|OVsZ6O)_5jN=2$T9 zvtiRbM`<3`xP+0q@mDL4_fBTzq$MCc!% zG4w78GP!@4>LRq{k9O;WOXHf89;~hhi|GktH8k5X%P4c;==#5(nxBP6=&X(UZb%l4()*0d<8rtN7gQJe5r3xP zhN);(ouM2$5zvWX-8YeJS`MW{(p5ko>4`(ao5a^VYvvy#^jM&{67(NcdruC8I+`RCfO>|OHiz(rirfF^+0T;X1Tp0vBS?4Co zdpDChSnE<~BoswmJ#uxB+{)%+tbd)G89zc(eHabXAPvt_Tj@E$IKliVZMdMhil(Nf zkJ4PGOy2n*QH>|-YV!j^jsU7#COf9)vR�H_SLjx$KyQ(1#=o%ased)n!O1XH_|>}STd7UBHy|mW8Z@$l z8qIMe0CS@Do1OHz_6L0H&CsnxMR(yr5oD(%8w)`648Oc?#O3Y6-&766gno>JcvoSA}+xdZYH-F)MHS; zac3kK^EAoDpnV3v>$=`4*>ycp%PKu}P4U3bHYB_w;T=iu;~hzVGe>^5A)>B`x+0#B z;iIr_6bpoB0P2ex&yXseGO%x}E~iYB;1yj@yw8Z+)+b`?YJa?|pKIqPJv4^Gry6`l zpJuYkowP5I-yC}3PQadxqEpunhk;uX8}ZFd@>@`+piV)ZLi&AAsjgZjdoa|jTqgI?jLicEaP8T(nFVrZ!_Q{JsL@ENF@Qn${?@Tv8zCwcf%r?om!dZI6az6gK%BIt{tFLz#kC|)|Cyc(N> z{bK+#)WfIYHxFgUsd8C(3A*#0r@shK8)ro-1IE-a)Iv_V8pE-UT-`8JEV3|2sf&9b zuldDtVAzAU6slQF*F8xm4WrD47TT`)%9WL48~z8n?zzda&$;Fa+buu_1E+dDD+(n(HUrGfAJ zSm*m#MjZzVG$-tIK5%kt!s*xiRWRaxOh(9s_g*|ISY{v9qhBq;~P+E(vQ4X+` zWbJ>Bpe;w;xdYOp-C{S2Crsba5sveJ&+Mbl@L{{Aa?5WS5AET#OdUh#=K5Fznx$1lp2hkb!q>RU;yaU>= zI{SKWSzQ!S&Tz>-0TKi~*N1zH&MmXgPQ!mCDggVqD8U$NS-s^Wj9*U$U8u>B!H=O3 z`{S*^|-T)!7AOJC4k*yP7<)CeR8HODfJwwP?ZM3<{`C1mJ;DbZ@Qx_+B* zMO?p(YNKXJD34HG2EMaiveh&{#$o(=%1?LguIjc7-&jp;p+;C7tpYHZ0E>Q51yGK# zJzk5XUu+WgoT7*JGqvQ>+36`rkzsvMfbh=kX|mo`;U$CIaT+262D2xlh)e z;j&=ci)6j4#xFiAH6v?N-|{w`hV$cZFERR-Mm9oYMp76$mX=|(3?a+Eii*TY%#y;W z$x4O==sQQ(a;K7q=A*mZMSEA3&j_Csx%t!!B)FAISwbHpO7E_g>db4C_KQtUjwut& znqsp7%)?u4%r*I(v&&;X4SRo^y#B5_uOM$Xdbn~8v2cre@`8mBgc9+P4}C!-o8)zO z6?#{p`|XJqM^M-EJc?$(i4F)?3JqIx^|N(J2j~lJ`GwSHs>8ULsvjdWhW2ooHJrl3 z8mclML>{enNe;TGSJ-!v=AH4V@BW;lpm*!LcdfZL*m&LHYu*Z^OM`zU+4?4#P{$o* zJWJX!Yy^hO!+R=(mrBVl3^RC)&|H0O(ta`dbtmu7C2uzZX^>%0nN&k(&^W=?V$*ts zkldD^?hfLvTmaP!V0M_2JcFErThg;OhwmdM-)Nh>bO&*F5O=&q049qS85Z1dTs>KK zsj0(B@!f6@BM3k;`(b~ith`4n+@lrVSt2@@VzZ@^wJo8>R#Go5X32)3-{+yc4Ck*4 z*jpPNSV!upp3U&ByKanY!H-;EqivGu4%n~qa>(lV=$eK#8>&3HQDgK`YB3nwUz@aF zZh~8=7GJ7yz?7KhSx*@BwOUG++}NJrcSL#Zp#U)3lWDD%oEm>wakb_S+OccE0_&Fg zDS7XR@~(y-j(wDT8t4PcI_|^A5{w>cYLY<<;^aRMyBnAP)s_T@ZPmuoeR4gQ;W27* zF|}!sfWuJVcg@^Y=9MZlwv=+SLlYG?(|e7sC8@1r80FU^=@*-X1GW=I(NvouSL1>3 zthD5fb5>6v+LM3P-BslEWaXF($Jk&jmka_&^e3k7YXcnVd_Y#ZtH!%(JWFZlz_io= zTYE6NQ=*1}O(lCLrSiNa>h!{par~>Q$ugL0Nu`7qHT278&ai)yE2eZaAA)_}&AZCH zn!GWKHDn6-4*8Cc#V65tXRGHw{S5Mcv5D$BBxVn-Vs?MQ^y%n6b!w;@a4+QxBlxaL zZy_QMq{{_VnXiS^*Kw@If?IT^{!UW*M+!+94xV|IXMt47!P~1vN>LqaHb>YSqPGiD8y z1Q|oj&Y6EphZ;xFFKKh)&jshhR|}M3+z^K^*0snk17aE5T5nGsYWzk`?A2OK_*9** z>?tLqN3GBR5vi~%&mC&~M$N3QV)n50OeJF$5k^+>rS!n16(iRiYWzk`O+$oAk2a4k zSsI0$$VN>a9`bPQ+Cz=ssJWq<7y;%gE^ z*NLPz>WaxiJd-!TSASsI)K*{>b?3&_hZ=wIe!9UUHfcFWh0Gqhtt3D=(h%#45qj;R z#vi<&c9@!>CIb&!^pL&)Q^6PJK{*WT56^3jQy0S3nZ7@G*98Wn9clC!a^c#li?Ad7 z(2$c9S~)$3^^u+80>~H8r2tX{kS~CIQyG7B z6)-k}6cLd9OOq5rO)wBkf#t6@XeR5SHl20S++?st0qF#!6a8%NcM7E}o zQ%^~=RwT+c=U`;kvJ+|VBz`H}72x{8rDUryRtgB;t~2StD)GTeXSaKn4CX{LEpdZ#<>UwJb_B6^=oaE&x!u&=fm z>p|6ue?wSLzevi0kJo(ey_o_7y}A@aQ-7*yG2g3GM<4Db=U5$a3?twzcj?}UY(q4w z6me@K0b4hplO_}&0&8v9{b5YW*lF^>oO_4~lOx5aCr^5MbM>0Z^Tk-fUZ{UFfgzBA zdcsGR49l6b_zr7lHvyw&#JxraCcZ2K(;UndL7te7gSjHe6Jy*3bH%8?g`;3DhzeYO z7tHn4P&f_1ic#yNs{*jD9VUl+>tA4~jLwOAOSh)Le z`Fz7ga?K6qLdnLKqC4@%iZhc$!zzD)QPD@r;D2KiI?!He0)rA354ar$wfb7e+}ufd zC*}2|^s#W#1c1Ti(M;nMBxo8CYQyG{_oR#`vg!^{e==*b>!3#DR{Su`?2V=mX{iOg z4N&6n$cD6d?tM@d(tH~&30l@$gyn0rQv&@+p|Q^s)=rZHB7gX|>q}HKsc?E3a{-I%XUqkq;LkVOrC01^z99`%wT)kCP9bMEViUyYu zT!RNsaCdhJ4hIPi2X`yn-CaK16Wrb1U4uIu+(Pqr--p{h#;jE})^m+rwb!09BpZ%3 zKVngo${_$|J&n@|ReM(7mc*l%uyX3GgXiO;)|KYAUe`v)Yb)LHa$CNpvW#ZYn5uFW zov&NgV$!t!CL?RacuWh5uQ#x9G&Aot)OU*ePrIOf?kEGjyf5ckojGx7V`hVInFE+q zM>DFLR-w+w!*yn{$!y3tiDe#}b(ivRTky_t#%{K~C3eiOw$!b4-zq$w36sbWQh3Tf zV<}28Dv}*n#`)7KU5tk&0)^>slSs4Im|#RRAJ2H%W|7Kl6$LpYhR37_Ifh1a=NVeh z7ml3q%*0uVl!IB*`8-?9!WBH}Iu#rtNBMo$A<8JKIu!zgud9V`#*kCR&0N{d9TTdE zKYLo!{E7=re<^fkqj6ToOLG`EdUm{cY8U3~7W|&fbWy0+;#%)4Nc&qE*3N1ZTL&nC zN-^XueGW=q>yeLip76fue)KZbHhOFxS(z7jXpc(Vl!zj&f`f_rL7H0ixk&D%_734< zzOP-MW|d2pu^9E^QsgI!R{{hvSI$0MJ$ZaW*)O@i43_FUP6`~XM(wL)k#Y8GWD<>h zB!Zz^UObz7bud`)(g}<+rmtK5uvr@hI^eAfqq+B?<=r{+a|~>%Q1o0D%eIKV>dF#e zp=~%F8FklR8=YsE#k8MBoCYb$Q-=JokpX{KW;p{bi4qsL{qSB-OuFFxOY)FvEmt}6 zr;b$RlU}%>OXe3GG`TOE3Rd$DOK5Hz_LfXP;Do-Z)@JJ|!DsZQkkWg=mU5GI1NY^9 zN45vPi}~U!FY)L2k~g@bHSvn6OW;K1s|q@Vk~u?`LO&+6YUJ zbiK+dfr=T1hjNcuuS0uymMVN$^;jW7)w?ZrrgrLR8G~}#0kT(toG-EAB|%mpAt7&} zM2Ji;x%C2~N~_Df1lXUsr~XbH!&Zd9YQWYGupo#KdQWc$(o|h*I{v`F1748AyUf3i zAB$h_J}w!?(^LeKWoRVWDKQ}VT6|c@t9nktzHf<|kMiAmYDyx{sR1c5S`;-6u;4xKYk^KDOK8BspEL5SEZ{| zf|*k!(nn5W!;+`7ECnzW5N-ufDN^lh8mus9z4EFMX@5gM{5v;&QxcYoC%OOgk<4Tr zWRWM_WUG~0A9B~U%h87jQAyX4d@hNvw)C_(!B8SoSXbr!ov3KEHdho)U`u5jS-WmR zt)%eFpzS}|(5tr5okH(wT=L}-_*XLf0+rkx#j9wrIB_*}o)f@($Ov{Ou8`S?o*b^K zi*XaKpo`Md1|QS&>L>*}9!;vX{x zjj3V&)F~}&tJc$qsJdb*-usMq|8~NQwM# zu6Y(9+0ldM=K%5xBtl{zWdC^R9K*L3k3r#F zU0(*4~` zyZWUzIzlCCE}Q+7>G>GgDWWWE>#pnnV@YmMS5Ne!O+Yb%^%% zE8Mk-$H>%xe*x|K#!H{}j%{a{`S!X#{6cl!vy1UT3)5ZjYx;WH<2A zyW4?`A>)_j&qWGNTN$6fw6o!f6S*g3^W49rBg@aCfn}iFY1r8fbZS`ZiV|`Aad@G~ z*B;!r_Wd)=w|nl>QQ!5*Sm>H18~jSwb}Af!k8i2xqlAFD}u4_`XcBQ!QfRw=U`W^HaRZLgihj5-wK_}fQXg?la(8et`W z2?BgS&E*`J{9{$gjoW8D6W&U>k=J3nud;(T35bXRjH2AXJ;X(F;;-=x`l)Hh-N7V_ zl{~E1h!mQsUVIo$|BRLeY8p`ss^Sl|y#sM)1b=f+ddSKCRjTgTUtN3R47ZYzP(VJ3 zpZSa-0HXq5VK+IuX;u5*uM+i027wOwT#8R6*l zG1q@C{RbC8hV`hGBh*W}B5c{SX?B^#CoY#8`$_b%8qkHITo4QZy1SJAg{zsj7$dcO!b%u(-fk#>*?o zQYP`!C79uIu?)8MtXctQv0FGw0V4R56;N~V^1-)#K*JfW94j9d1}$69wQG0}W94(n zSYW78*}}#f$q)r_(}YTpOM)mdr|JLgD~hg4DZL!MrSkDdly*>GM%ePTZ&nifi|I;> z%pbbdJd!*LUB`j8tjRBXu7QDh2}+FFSVW{MUlxXcUc0gFJea6W>+e$6`V+0OW!r?z z`Pz9NBc^i9L{9N>>mk@s?HgU|wL?5FnPRO>aH}!=>+}v9nHa>e7il|Iu;bR*Lb72Ik-1h6|j*y8Qc0#+iQk*g=R4f#$$4k z7S|Lpl)lk`5SBFk(@=Rz>O-D2f2I1as=n*yr}Dt}>9@yW=Sr;iP%H+Pq$bUglh$3L z>qWEvqfBNM=3Q>dQ9w#fFat7^6kF_ld;S2KNsE>AVB~cQQRC<5FH{xo$2kxJV-OYc zUp}BL^*)&i8tiAv>davkGb+_F-d^-R!kN^Hsz^KNm_cWP@gBNCaI z_;~G>Ic8K9fO_oQM3$!*_C=_lPYGl`%E>fFC5`{JXiW@QF>5&e$%s_ARYmuX_YU3T zn_O&}ey2d=+&0`u=j)BGv}O5md=2;W#6A&C8sXT&A8@=8!R|L2c(KT^w|~kjEM8T&y0?ipGJ3! zt$$G?pb@0SDE@I{cIL->+(em$Fv341Af;fZTK83D?TH>Q5k7qQ-q$X4kd|8LJ1}{K zY#L&8#)As&oOVE^9W#D`+h)y&H963rr&sVW8Ux~r-X4U?PUARTt(+(KLZ0+s;F`ZZ z2qOz)0(gkU8XrDambOC(t&xEy@Buz<>q{%6B?+#Hc7^0oU)@C%Ko+5!;1mP1ugGjI zdmSFXVefxc?9|&a)ntZqWxSGYYQE-ct=pTBO0b*ZPrBNu7*Bz?r7elK^>3K#^5Y2D zjAptn11GE9Uv$bjRk(=df^TVI3Pp%p!sX-^_)ZwRPG%ypx!jjFh`++qbhzQ}xccdk zE>%w=W@8veEcj+aX4fg(-j_}0_*qZ>sI$$10Ytd}gJZO7Jbdwc{f|pyg>jWHPCthS zsOdeXZ9Y@K!6;n}F4A~3edNoV1Pi8_{+|7LGJ3DV%n`W!y zf$7bNI1VG5f!Og9zv)%V*|WtjF$c;7tH**44jQYM-T{%?J(c=Q0_gbghGfKAsoodi z*jrWYo=3J$x5w~8yki;lVO_rH%2liyF&VA;r6l9lo>R$nzkfO%9$X`h8fkX~J4A^K zOSCGYa3DH2muTp41=zB*j51~kAX)mv0?Lbj@fGva_WdVZ6uYI+O*=0;x4)SzB3b`$ zUXdcXd2rJ4IWk`nISKF2UjRW~rN&q?%8%y&^lMKJc@_FG$ex z(xXI>3(?9Jb6#zh@5fO;nV=BUWfIpqhhJSeRe4T@B9b)p3Of@ofYJt~HC6&WI950v`9j=FNmif9!tt@Es6>*o3@B0Ma*;MRH z$(c|g!<+wG%Vzmu$y1Wv<*_!uLL|qMu2YAme#}2S#}mG*UnZKwg96!d{^&eA3Y80d z_?mBTj`U(`qave)6gdd|gSH-vN&?=I8+?{Jq`J1|-@pP}i{9ZMSvh(xW9m)+|H6kc ztlp$5ND=80c=>$`io4)mO(XW(5Tzmgw79R41BB(+LS|^-8u&tI{&2S51U2qq{<0!I zPB30KKk}9m)p+a1^rmlpxMpH|QPgy14g8#Kbv0p($3|0PW9swC1fSE?^>rrFOv!Hf zsaosWwTjbo=Vh&mKHN(qc#Z1W7-=V&$#;4zR&?Uj@JLx+4D9ae3WJ zHMhrRyY)@L;YD`x2=G`ZvUcsC1^Mkjd1|LPrOKr@p1A!`1G-eJx~c~JtS9!hSLxX( zNVF~Sw{!gpkBIJ(fh#F4T*20k0D5t%!j>X{lHM)tmAMqc!pQ7;pM!ZmR+*@ zzrF~!3BH2ymDGYe-6id@jiC8C<EbuAdHk z?jLSaEV_bkQc>I*_{!a-*;&S=iR!KX$ueyAz~YzAL$N+K=ai)%G|yQm{V@*jdq?}h z_?P5bn9OhTpAg{=VNEZt+CT?O5ZQzJbppHP_ir^fs$IuFbAJ4Nu7s_u4ioShs8dM6 z8~UL+VC+mJyo^=c7*uxtYp|Fc+m&<{7{9KBej_mo8%5TH@*p`hus`k#rmyR4aZ=lW zwdk>G4~La_K|Ixc#Cv_V*C=&5AGSAIoMt&^C}G6=WYyB&-TvQoOgc^7Q}M>d14 zkX)a^Ysao%vF%tv+?})tlHTeo$1snr`*XeBXtoBTberejr&z&fjpqe0<^;0<6<3OS z8z(zUJz0UHiX6Avi409WfH2$h!6=tth-{IU56(5W*kknD+ED;9!x@wh+Q%GAll@7~ z*N6MdK>JA^k@Gz@EUgr$67Gy4jEUg;M%IhH>#F0+CrVFFT^a)MA$scpuKBjpY^M)> ze=XY)Wu`f)U{5mMP@=_%5xEC|yrUQTMFw19a3OvWznjw5$m9mrwYBFE6p}vJ`=q)1 z-1A6l6xDG;C>P;gmZ>0765Bxbi52!oTmeulY`-^XJx+Ep&W^Ci}zUV`6E2 zNKz>h|Aarn+rQ5epW(__>_I4)Yfrlge<)Dp7~aIPlXN*!$O{4;`*WE&c4MLFWJHxq zS5zIX3T^t6E&h_}*xGOZWZ5SF+UXSvIbK6HwkEEj!ciwsw6whz7y1gE2hPECW15~X z#5`X5V7?e(75x+qkwl}m2SncfH)`{m*yJ#N)6Gp?B7xto`J53+jfWa&*ouv%rUuUj zPR|klwlvQ%uLgjmI`&<#H?#Lf&#@s_DyMC@%NT}71hyeM0jh_yO^hJsNnZED8J2Zc z{C2zKq?%U$Uc2L{J4QVPwCNJQf0*|wGjDsB=yEb@`;Ol4yFaVHH4rtF4}GF5(-YXH z3zxJ!OyS-$&J}zN%`rA(?T_NtQf94D)>U|8*TBRAbnbwWmy)a}Zn;;&Okz}y$*tHR z2C;X(lo{Q&FZ!}Kmc0_^orxL-XOFfr4@*nAiMo=;U0?Y-2>x$itmg?EU2ng1p?eGC zCMJ@)c7;n#VN6HHjQNpA6r0 zmKcGHA`(#OpNDf_`sTIbV;ZrgNvpHm#EftvSC+I{h4L(G$DVP@V&Z0Z7;IqfW=ES+ z*i?D=kYJ#xlKqd%b6I9ZLz$W)A$6m%_e$HDFY;YAoV2IINZ3G*9b-zcTRN~LYVZK- zGrb>2=G{o-4J$MwYJ6Uq%S(}LT)IZ!CHtxG$Q>|dVj@rQ@$*zA7HY)JJ5}z{F5Eg& zlVoj1*pYgfblTu@|4_sNuh-%LqTrn2{AR^{e*l6q?~oIMVDjM2n2XLTVLh@Z=bTr7 zi7Lk=!9-xzXVUfzQ!f2?MdVzHxvFXp|KIWz8{WKgInXR2pEgP6I};ZxNN;)FTx2hV^p~&|D)Y(2`l6~yFF4dt2#y=zQT5k+?3!+OlX~KTN`aW?G2g+<)J-$ha4qA%tC=r*T#g``zr3JTI2W4HNaK##%X|i2)X@-%I^9P{F zHT{qzUvJ!iXtb}uH@%_+KO#|AKQu#&>x2+4tygT+6EiIR9v>cBp_9{-lBBU{>qfJpO}5Y7g_YbM zf?0`&9@vXa&L$9ALO&dln<;pHcllRQ|3co7LG?*oxA4|sZK$Z~7|PK)m@e|M9LTeq zb+x=xVBMKA5rkK^xDaQWZ<;2y238nt0;*bKG-i$z0%D0;tPZ#O{;p6E)U_8kH_>@{ zR8^#^LxDAO-Eik}wWBbU30q~WQ>9trK@>is@iF_`?Rd_lQ6RSo5kz<$&=;j*JA@lZ z$?{+>zR!8gs~QT*{EUO`{zd5mbRWG9K3-gl#8%^XA1IWzMrq&9fFRc-z)V-7J)Z*o zlQ8GShTQ8JIO>|#%O}PsK|;~g-mm}I)Y3gYU)6QEv*0FxiwWjAP{SeDu?}wNh{Uh7 z2G`pJEl&@Ex8fbsvq19 zI1SMN&$v2K>ylYgO0-kM#3r(>d|cR#>4>z*p=>#`ql)P&KfbizuO(||75m=d+ zfd9L~{n1Dbw}9=;>8-m78Qb$YZ+f?>(wgwtCnl}t>1@%aHqhf>|F4>&B$d;PCC7`U zHCVS#+b6vzfaiM>ul+~{xT?MSiHSbfg~4;Fc4?K6*(y2&%j`3Rqx`7vjI-;O!?Py) z=&~`>wDwPPUGzC0V5iCKg;0z%HRNxzxp&ntaF>Tgom*V_SrX>6i@q#Rp|fgG6I4l) zT5Qd8n2`E-4M{awTvh#I-3tmzDX*4dSg>V$1}FLyligqu?M4^k1967N!TR?!uU9pZ zzL`NuW`&2$)rV5}x{~$IG}h+`{1r)BnvCzm?Go$6R24_=fEu!<|A`dE++elELcbSO za&O?x-?f$(Y`TT5q+a!0PiESwqd)(uOm+LUzaGj?Fm|r04rSRPKhrC9yf~w-t+EMc z#-G;~CL5c^EU4&NZ#);<>MfL+V{_R(EYOH7Qn*xLhw3-Nbz3>rG*MovXL)vA=g%9f zYBY3YV(V9q1JZTpjR?o*h$8g;Jj6*G@>9C`swTJ zmSaB$7Sp2Ob@NR8>D$|pF%{F-hPc8zt<<-otul-Y{1UJxf4t^Q{qS6iSA*5W`xh~B z`|=Up{^^fdzX?7QIaVPfhm_0ypzRiPUMKFUCi8B&4)7Mm`DEOH;>L+G-dd5NA<7mr zgk=BZ+U>bGyC5nqcF-yT^WPe4t^mu76>Q-P*T$H7*K_=T7Rlh6N5HzHqTqggl8Z3w zOVZlX^F#8t?bPtURy}W0m@QDk)}R}j`-|z`drr1!0f`DAn@uo$M?X8|9mM9`h_z@3 zTFMz{1!}q%*LuvUkiZXi)`RNf|NQ^+YZ*}YIlZ6ox`1-YX+zCOu5zhHOep-%9QtZR zx#B)gB4nXuvD;|Hs89?6?HIfna=R5K*CNEEDB&jvM>*a-IDGL_!*8Jzrkwc;gk|^) zkM)hOtzCCP_7wr!lGS#V(FF~qCVo!n880dr1*m_mq|a>B=8^xQipYfCXU6iGgu=40 zx`|KdQgoU&gzn-=Ge_ReDxa=X#PYJiGqmhYj`BciGByV*?Futg8@d7cT5t2T8x6;- zS@{+A<~V?2>QL;fRA1=XZ5cHK} zcTSQ!4;mlQx?|nvL5ek(Fo2ttS9&g;>-;OrAse|}5(#rtlqOPV_wd$QG_i-&(KmRs zB(LyGrV?<4(h&=rUzhPUyqxbQyq|w#8Ia1v+Rnvhlm_lbU5>6jsQBw{<~Qr0v#&l# z#g&c!$K0LH=-eq~xC%u5m|s^`5=0Mg_B*@6J*>}WFYgWKSk4nV=f;K0o|;vNe;chv z(JNXQbKdA7PNXpDEPCma*N^wxuK8T9c=8A7mG6If$4PX|tZhiB>f5zbpL7Rae*)u5 z=TE~qv1jJCi^qe*Qup2_Q&RWyl{ubEYL}iT`buM$mQMms**R9rYEPc@21@&LjSvSrDba`81oi{%JYgqxzu>X6}@1={7G?lOYO^;Sh>g2 zKB$o;Di*F%4V4#uvKw!~F1OT&9wLjB@V5%32^amEx-{ZUl49&A#touqi@Y+AlujhT z)R1s*W!$E-2MX3(CBy}IC?#|_*s>GEv^^nnL(fNWrZbac&IzBD<>ws`ar|xN#Dv~b zYD^q4?!uHI!MPEVy79s}9W7`sHQF1<10@YShSG|WeC(aDqAw{>2@Kw4><-cFg~1_{ z2?Cy8$$a_eKFWOlrCQ=M>ALjbFh@|P8T76Oft>C9Ci-;Y)CkavYhr{_`x{<+IiQkA z7`HL+uH-|QB@5RKU8x;J&of{Z;1+Ntrbj(735;&Kaa(}QGECl)NF&_ z^a`8>R^PWTHWXWvUC^bIFtnHb_*0-hDxMLy4jRpo5VBXjJ#tB|L|6IA?iWYwLI0~xl zO9R23h9txCgAFaV1vDoks7-e8Ywc0Bxj!{)J=4qaEOU*Wv~sCb)=Q*p$~xUvmXDx7 zCjYYT^^`@n00_gfP)qV@b%h4rn(3Iw!%^SoP?pw6fPj5r81L?V1S>gg!N94rKb}#h z5$bKHQhiW=i7 zV$i9d$++>|TD~MmI`t0yQcE0&`5j^8<(lh4WJ(Fjly0|SZd0SgP(sY?w&8IEe|8!c zd(b1n1!imrjsCfaDyE%1VV*Sn^1tq0+RPvb~M>)CuUgvawd7(R~ zZ^v}D`Wn>eg@~;y98|j@TPDA0fO9VM*O3ylmH;YAQ2uw_s%+Dun>CU#tQF=R37TW#XT z;pCvL^_kdZJXM)r9rZuLhsR{>hqDgLH>Ze96W{E=5uLvc_R#Kg&yn-Hdj9n_mTa!2 z^)2F`@vn9J;qW4-mg!PZPm)Y!+9);;V?5ceTzTXRjnN?azdCa({bT(4&xCAt3v1d# z_zmEL;nlUj1V1o&$Atd2ImbfxR{XrCLA!|P%MDVk^Txf}`ceAIy$vzX-!JK+XMctx zM%uz8B=LXfB4_tpk$mHBJMBEE1bxaB0m&@}TstYV^kOsgli7yY$==ox{6h_2eCYhK zdCKfR+<}3Mialmcxu`BIg~FHppykF58w*5bjKfi~jEl}8eix(@4Q%32=8I0Hky7?> z7p=eN;C8IAEm8}rw}dv7!?}g>x3|t1m@h)8NtFIP#QL|4PcZQ0tS)Jxc8-Ad9->>M z$GE@x0}Vw=x2n_%Rakp#o0`5Zw^cUcMLCo*T4ueUJoXnP81z+m$vhm*N%lW&Aok zJ9pPX6!#ds3Xsw>MD|Mp9LIWlaiAStvUGq#;>S{$zX3b9G2`)#N@i?#)@R}o(t;o1 zfoyvAoch+^S|`p?C4Sv*Fj@uAoNZ^HbDVcM;a-)$-gIpL=i$LR=+`w}`t{b{J z84gW2Ud{V}Rtwe@TddS<5HSc;P7#lP7mpXVGa*E*dTsoSVeAQacEZ;-6A3@KvY>Bo zJt3DRdU-y1>+A3@^j8J}clGE0YAm`W4KBEh9Cvpe zESJ+@lS){d+IuP{&`wC~$L)*Vw$c}r#(fme4%Z-m(ls=;p$dWv_VjzCiS5>{{~lSd z`Wor9aX)Yz;x;+w;O06kB zqiX8PTrRV{xkX>^{K1;J5yJpw1{WnkX%rD7F5d!up*y(CVV~sjVvOc?n0BO?8oV$wv~_ z>;~CPZS)YmK+e5O&wXb}SlPoU8Ax>CKG-Gji>lJpl>?w zdo%wela?D~UcDcBW0~l6z4E7CD@%mG@On}!L~eQ%Oz~+SL9NV1v%3iV%9FktZO3O?}izr-IypGM1Qdi*a)$`vV(JZ5@Y^>gkU!LP$6+lfb= zQ1dlm7c0M=x##Q)<|qM#%<%-i%28z)jlgrewLvAL??t2^_FC4c#q(gR^GU;27aTx( z4e|A>hf{6rCd|($CZqwz5_lzMZ=!%($GM?jw9dcHh+H^_TY%>d8=4Wi-(R{Z+Hc6{ zJRS?H6C?yh=@(~8E4w?**n;ZY7C4U?diW(0V7yYgE8+T@``a31Fa9y63>0*Ox97<& zQami8QTSH;{fQ0F1lu*Nn?pp=S0odjk$GZkToY3`hSS4%^1>+{t7k;t^+bBv+9l`U z=`Y6T)PJW2M*?0{yG0cZXE}a@?38QGTV=QVI2uXWn@I|&ADEAw%!P90CAgZCtA6p1 z?dCUC(qgVWUDfjpiUBv!eRT5)q$-=an~yPwpR79*@fIenJpD-1cQ zoWxIf53TF$Fy@m)SJGlc=N&t_Z1192UF>kc#}LCOX@V0sS>RKXEu+(PX_=SnI9k5Q12p)|M~}ZI<(2Oi9uU(6C7Zwa zw_AZcNqROLAJ(vr@O-_USIk}zFU~rabp=Wk2#m-ILd$x(n@r{K!d^uRN<`H>`D?Hz zEBY3kgPL}G+f^drUm5`S{Jsy$8xk#vA;Lr zpmu=EaNL?f4yQ)M=03Yne|ofKc9v)+^2ZEiD{E<}DyK=Du;CUr{tc*_vGI{$*Dsq^ zf>sOo$}`+=9-*m+CQZ=WY1O9vG{iOOH_qwuFF09W zW(GslyA5uSlBFT)^N0PFVYLskp=ID`Q;~ggA?d~_T#HULH%%48ETk3+#tn{-LWJ<98BUmWL)40)q>3}Ck`U8^JL$u93?@DL&BD)Nj*uA-kBdk zCON8}dZRNXNk|x`8Dcze$uYmAALNHz>)9mc z!2k2yd*3CGY8`Wv2`hE(F8PI{nr%oqa)ahX^tbGdiXA8y1j)~>Rw}u*bADZOuo$^< z>bqm1O_kCRI7B39v-xo`CQCI4!?SC3ftMG7%Z(ldl|BT*;9rum(Ps8Ga+nDLrzGq>NqOf@;lwF2HdM1iuv7lWJ z!fNx##?5mA{Xn2DiYss_ILy$A_Q(ZfCm-ewQWpJzE48Ybifn z@|=&z;x;&u<3Qi1H1r!RfPU$k=-h+Hnj2Cb0%!!3#%ZG+4lJLdtI&JKx9hw{iUh}5 z@|mpu^EQbIS&{o`4p+?_zwTxxhF9akXqs)g;xS7jJzQd9B|_UEJ$~J6(!fbfDYCl8 za30U~T>ojc>3me(R?|mqdF#vUC*r5A0~uM^2nCwH7J+TcMemc&xnd=`uXZ1^yB@k` z9KevzPisYM5e{k3r%e=gGQNF0hpx_i^ekObGJb_k;yx?8tK|A&q?F}4QiGUXJQL9* z)e@D|mzMbR-$SAA` z7t+h|DI6B`ckP!Mmw0wGxy&IO_>HT|a9Lo9fM0B?yosbE*&MNCDPsvJY)EkIU>SwzzF9Kq*r(nuT|@bNkb6{`&;I6RT83K-#C=>Autfl z;#3_;>?*i8O6fl+X*#*eL_Dq9ryR_CZ)`rlrcJ20_mVdDz|5ek@I8Ehg^^Vw^2oSA zq{g0)7S;nB(Xj(VCJ@PXnnxfSozgN#6$aurekM9VgqGzOU03|l98}MXn_YFT@x-YGH+4HIj%0nOzT0$9ThN1pu=kNY&h7!uW638B%qH@;u#^{mOMS)oA; z!n5%9(jKRbdvd)Yj%2Iy&E(20PH4AF!`!w|C$=dS^TF-s?>mIXgrUluJs(yPZ5`9%Qa1^h21tbqiqqGo06*7xeI~mx zcH*RhoRT-!dOeW8jFjDntF3nJVP7%O8SwFz0kTi!-r11s07Xdp>8ba>uP5ahYi%V$ z_>>J7#XKwwb{>o!nDt&d6tTn;KHqEp>hv!17m&@OZwcnPGyOb0W#@PPD&z$fyjH29 zi^P(E5MzD(3w1{QTv62)0_;Sh{9FGA8K=IDghWDO#ducj{~!V;js4zi$T;a7H5B4{ zH7(T`aTOJ)`~0wZrZcx#J-UaRAKMvfs#h9aLFo*Tc1n0MxMS}34Edox{b@A=`$-P( zou}zh4UC9RhWVOz+(I{Jyddfzya>EZu-B#s=;$RqmCwREMCTthaFfwqG8siz5Zj@U z(FDa`bclAz-&)$(`jjI|6Wb~K5h^+5$_>BOqm&mr2ZuA_L4>1cPSwaM;b!l{!-f(@ z{wB8nMmz4?R3+Iw;p&1^@}1vL*@Sks`4`tPOg=#Q4IsW1JdFwdrpWyL6Z*O78Qpg` zcNOr9LPeL~ORUN)ux&<4XKF!o$WExEI0(1>>zFA*q?*`qALx0fN_?7n6;kF2-w~4C znf5NkoV-`3^Io=ZCaFXogCm-Cgk<`0ut;m$XE6sGg-pB*VFY5gaNX<$A5TuEn|=Xr#R^( zn4Nf&m38>hV&mbNN|%LrbbEM{njP{#^m#mI++iyk4(mz38vcG;bHbg~Kdy z)6DLCi?zbyd1SGhoX?ohr!Egh-|@2i_Ge)CeiR5(KZnE3@oQ)_jyq2;QrY4mUjZtP zQFW&VWC`<3IDTUJ$nd@6=29ckQYo$G9&;vSE+#B|msyd4fg5=>s0De)5X$KkQn66^ zgce@L?M0X{r2h{J(hI9(SLsWtAP!h%D_Q6Pb0Sv`m`L8-+1w?8+x&sU;RafY2jlMm z%67fEN$}?e%r@c70$#gdR&mY|%c7(dpTp46mtzAN3zi*U$gY8+x*!K7e}GNe8nHF| zCX>`&9BSI(rf7CkL39E_cTsK)I^ONZjfC~#g4cPQQGYBFU++%ZS%R7w1mE_pKLKNi znBE`AlmT@u*1LPVhY$C`YQp8WXO;q+igO5Zj@s$g(g%bIEg{4gCe_z}nis)U!|6`n zaL%gg;HFC54A{(T7d@$#!WjXb)?23U{=+ z54&aZ4|PQurXPP^LJhTP#-^mi@OhEm>{D#fF38d_utg;`6--KieFPbjTqYsV2wpwP`4RCZH2T*qT_~O$0-(scaa>>JPpz3WwSFOr7vCpPd6HO!a-!$?fj&#^6UmQhlatEM- ztMAc~kNzRc8MNEF69#mq%3cO8{EMZ(`pm?sV#6J5T4zw zjyjW7d{VO|Z5=N412*-ac|OIB2_=kV+kb%Pa^ipPS8}kV3a}@JoN=w@F;QSI^C4(n zHt|+$LI=hchD+Kqf zhV&og*7$mLp-xHJ+&+ik&ywfi|New-tK`v|UmwGyNi7C03w701~0Y|WEXf$ioDY_f% z96J|`7my3G8=o|n5tM^yteU=o?p@d>Oq{d4lqkVEn<@b%?r-6A1Foq4jUp7?{V+&5P zMS9RD-NzaQ2*TO^vEDXj9t=sfZv7Ryjej$B0oGYnCX_n6>gCwqRr1Y*wSTV$7=4yp z=Ho~fKmboUc)NM^c>Bvqb`>-0z%VKi)KV5=C$@JdSN$3Ti)lBl%Q_|NOlc0aS$0Zy z+ILP<_ZXy+gnHoQY=*|FD2$G-jbQ576Bun)F{XNkU;7V)aW~)_Va&SbLnUVNmY=MP z0WBMe9gL!&T5o6V**xL`*#`2T9JsmPxSwr{7}k}zI}o&elQzW8NvWOL5L{d@Rn zWi_=sVtr#1)>-@o!-Wy>|5Vm$MEt(*__WyW9*O39ah9uAavi`zLH#&Hq0Wn8;TC^V zWed5HD8Fr#zOzyEp`LZ()xY*mMwuXC06wk>Te}Grs0@yYwJ#8hKruTNqtHu7&%CVWRdz_b=$Y;%9`^7$_XL*uuCZenM#Gb75{}j6>1Ts3& zM$JsVUSy-;S(yUQZTI84>i@n7$z-ztWnE-tYyH$Nwq*QPOVl0O6`9DF7j-AJWna_|SvZ0!E?)qo@HWYv zTuPk`R!}^SmKE|4m3JGjv@iHXbx-FO`qth$hW~pD^Tkf>WIfiW(@%iIRv489v|W1YaFH1rJr!zGgCZL3eW&K6YuYijQQO~05_ zW|Vq^HnBQfp7UWKxa`^t5|Cwt@xbjDn4Gtx|FzQCR!c5+TgT*FSeKkIqj;=Y zE3@*2`9N;*5)fV_@#=Ow27UVs+9{gg_sjhfh1~Q_?}uqT3;DIH%xf7nh@gZCt(v2} zUgwVpJOXq>QCpXm+h~2U{As-BXgx^v(Sd~3hNpy|f?lf8BY$gS-r71neH+##RHJQBHUI#X6j zC~qM=dmk%5KV7vv=4u*_aQI6S+NT|w9>=E8BW8(K@u#c**6YGVMO5=@ojT1gC8=uD zti1cTumIC3GPu6&;qnqHFIiTeRi}-&z1LW}v)EZ5ADPzznfBn=>TIYJP=_r8D6>+Z z2%Vb9Hi%hu&?#jX=sm5bbk4X2!BBS`4m zBcIu4_FSA)KeNa;n$Q))%K@j>A)!s}ezI((_0S}a2V!`>HLNDAYE}ptWBOJ5B(3Ll z_)cf%!JLCxYS+t;WWSArO8896IUX1xn7(o!=r2i1AN4 zlWpsN1!yss&bDBSkHA8PNE+)4_wgJ^845GKN=$?OPU&<~xrJ*!Iyduo>X|qKsN&aq%K|9@T7Atfx`&eX_;@ zajOCC%*uuZFl`zNpO7aWcH0K3^-E3pXe@sk0ShY(FT2#mI!Nl|GRkgUY)`tg=)?2L z0LO~-eaHWDplsolCpxNUCx~^v^Qm3T%Fq?@3PEuAMpgE;8zYB@F4d=se%`LTICkUM z9=larfebJwUG#9|i{^&0S|CaOqQ|ddM(CRBzp*CwCF>#LJuxJpas%lbXQV!*5>9^? zZlHw`c(!%7H~OMe{$ntP0wY4Bz5+Sc>C^TKuRUrtfhF4SjM0zDon7*dJ&3#+eGYK6 z?t^p<2Htzlzu=DikvsezU5#(uv-F8GjEc7kGEHb(3~jgl_Y~+x{(ECl=P6#={XvMAjMKKpA9W)qI(b8F|yX-8=E6EVG9Eg)HU$ z)^QyeDl{hw2J74d6ntME0m za@U~du0hRRgPOYr74&CrpVVyRtJ%m`fqwe-Nrj{Xl8)0h`1SV5=lzn;dnowI_Q}-? z`d?K@*^j?d9hUvfk&X5_C_)-{mp{3|OMh?rTk}!%JnHZ2Z$0;@U-y5T{FFvenU=^Q zD4XGidmRN8ByYJWbL>l<-%@8dzg+*3I^$!Hhy5tJzj;O`>$|!`>+uY(r?OgL4Z%NE z6E5BVF5R!GaP6eGUH_!}X9D~+i}~XjTg3la12N8oi#TYnGQ(UvppyaNp8`#)W=++s zM>YQoV>>H2jZFVR+f;weW~q8JvDezBJ{ep7Tm7Py>W{{j*EGBlXlmu-wcs*)`~w@+T3dmUk^ATk zJHtR5G;nn5qtW^&LOm7%e^00vjQoj)3w5y|@~EXaZ`?4Em^;kTxBqF+G z%J{-o51|lfVk<%(hxk``ZU+wn=JrsA;rO-Dx6@7dX%nus)28t*_pqn*K%6k0BJmBh zS#!epDrIgPd6IwR+j&6C!$vg^8`aErYv#Kxt)Z3kZL;hSS2%p2{wSMyk9~LHfb+ot zXrw$B$P{0T{=x~p&RNPAe4Dc^={QcPB@$_e)T?LcU-wFy*V;Byr7?!}Tr|k_jAcV=R#Ipu6T`=1CI;wn~l)e^Kj#oK})tjjo zet^DfaabJbRa5L)(8auGG7JU4Z^B!R8O@x4hrif<3|U zih;jQ3nJ>(Y@Z)gXDQx#NOs#aS#8kzQv&`Iv>={#X~D0q*K)5=$aaofE^G8YNy$jc zat$E%PqZNMb^TTX{2EZhHY?`jj{x>@!AyNWIWNr1!--faj8 z_P>9G3$l|st;crKIB`6uX->xDIcKDYZ-fw7h_(`k-zz?AdvL@~6jV<-vEny${_GoO zFur3mw<3Fs?y}p|Hi|omdS`kWp8ME8Q$Ty0vMb}RZMn^m&gC6TQJY||VRUV$c{kxM zfY5Pmi~rqR3r%ALZ#9O+uL$=Y?Z}X9%C>)M3D)H*V@teNiU4&QO?oUgx~&E8XEBP2 zNRfbhiTTseKFnM~EmClWtyeheTAO++&@N>ctI}3?ve2##B|WV=Q6eULg(I(}s*g+A z%4Jp$rGli!zS@}T-aPK?tW>^F*IYTq+xd$**V+z@v-M_uiwmqmUa^&`^%3X;)_8ve zx;|*AyYX+!bXpNrGuxacOrWi>c>xj^jtIcsfYE(8xob^``85vDY1XyEIq1LyBEz8I zn}E6>e`@u;chxpK4&I8*TN5LKx`)>K7PRiksbbWvzuu_^2X5bag$Ye;|pJ-m4t;hShxF5B1teY;(Xwi9T6zx+Ml^xk%ki<~1QQRw>{k*8KzHYCt#Cazjgj?+TUe^B z-8$4v%(Ti6E2Z_p+PwtSeRy2P!AmNrQw=QpfEfeC)SRLCrnjSYB^ckWKxTg_$J9DN zH?pNoT{>u;(@M23A=VpcbU&`~>A*Fo>LMjsQ)R%S)@e3GH~mq_?yDx|A1>1j8VNYW8-Eu=_D{VRVJRYNW>x4hbrB|?a6Y>g1)O|y5 zlKxOkL3YRDZR3>sW-h-XwvS8Wu#mvctG8Wa(#taE1iV*JDNiYSq;bnjz0*L=HFHA{ z@C55;*DmTI8n_7~u-*D_UUioLhXf>Am>8wERa?T7;aN?1>Vc=>z2JWaSqi)?54M_h z7PL)5PA09158RKq$=B@@7k=L+g3HqIDHN*$Ey=Zo2!3}TZH~ay{^FjSl4I)h*`}@| zTUSf>wHCXNa7go+*!m6!fa~8=KT7`7sb%Lp`C>M&E36e(l9>61IXr?8((z>e`MsAN z{O?t3ye)2EDr`k2n1+8Lv_5oQHQv zgr{7?%d7F7UczyPpB#%^t1E98(MGy6$6mdYM_@={`0;e9QVr$#n+S8Q!Tfrc)yJyg zqT;lsTx8LprrkDbyu0v$6Ut}J^)_yeLn*bs*rb~6fWUv}P>Sipq;IGHIrF_^F4*BY zML?~#N}v!9YdBRQi5{Zw|G?nN`TmrgXBHDyrrwGdsq60+_V| z;SmTG&Oe2{w_)EB6IpEietHbSdgUqG_wa^8a8;o}|v}z>&{@~tM9vH%j z_BIj#lE$X&GKuFZ-C$~Y3GXWx{C1cn!j^DggnFM;vZ{IkbhTNWx4&TAuH4`2hAte_ z7_35Es_@>e&<-Ff)R|J^2z?AaoYYLtKbZWsC*qmxHaCCj9Bcu}EWIlxcG z4Lh4jG-4ImL0*&G+7E4p4wT;de1AQ7fk8$q(#+$iEv>@m4E5%~dwJi@qAJPUK=pBIf;$7Hg~HoUM!lmjFTR(p#W zGLL`wcma*inIE&MgSyX}*|ECW%9yCoZIZ*RuR!uC17hL`iDN2UXY=kc?qVZh8LJmv z`T`_ZBIhkS35OQu9WeuW?mjXf0-6DFo96yze6PID%e5Je3U%;Cx#ZEvia`&hj$Bad z+u8Vsql#-o`1`5tmVNwp#NOR#awu$a3^RWgznh_|>UR+L%Hh3&H8#xSLdI<2?1#Hh znATXcXp8xchmh}=VtrpJy%8FWS!*%3*4CW4p?c)Wl_nDxy}us2#|&S~E={XjI6-}6 z6MCE;F3=icuo%CK>8}FNPiu#y&z>C()og6#9f$I7C_1#OK3s1n0weS{4r>C)tCMT z??+Ueh(T?0e4$(Tl<|L7dMJI#WW|32k;-RItfMKq==R_$4ar#joL2-e!}vvnbPI^j znNtt`=iL-+jkP2+d+@~Cj=ISi%xJ1Zy>32RO3kBbm;Hue`zCgd2nl3>~)V;4)jp8IY%h zT6f(@<1ONQr3~Ib_qT#A8Ki#(l{nJ$D^itg-x?=iMTg6%!i*>%BtG>Eg(K;wqW->5z|Yt=CxTD z&sJvC7IW?NrA{XgP>uf3{2yVD8|m+i2a#@Rgtonh;4Zk-?Yh(CYJjGr>zZLN-o zZiiX59g1HD2R~Jhu}6GX_VZ|5$(lDni%UYq?QjR&WY#s7Pq)(NAV-upL3<@@USwX( z6F;niwV97CV`|wNy0dL&9B)DRO4hs%vw7P#V`8+0R$JDX@(9ofLs@V{deTY z8rm}BTRQGSpp%3(y!wBl6u6Z~B2THGDT9Jc0F_JtmCP}elL>(Q z9OOqb;x94fG#+{BdC9sfN$O*8-%a&K^*-vcllcDwG;u5gd zo`-nPxg^4>&bUzCriQMP&^H5K2|;uM?Ci4I^4tcc5JmOA!UjBU6-x1X_q1fWszE;@ zhm;)v%2=zcZPtGVFPKKmJN(bEQuLlK?j0@T?AiNjxg%j|Fl-&%n!y@XU0bm)f_M^) z*D}s;Ba=GAno4_Tq3@`j^$VU!pIsWt1Nv&eUn zGUI=rc-c?T`i3@vB8r@zy~1#~uCBhU$m9BFaA!{82`mjhH7vSz?QNMiZR>QUjo_%M z3Wnl0)?0tD)G&gdeQi`{Ch=wUk^LbCOz2j<>ui~>EA=Ke8R>uWrMif*S44Z9r$SVY z7^AEvJDVC4$Y?jQY3){O_*%Goo(Y9!N87nfyo%;QPNto*o$>5}_)R7pKilBn$1)yy zXCwtCfF_Nz;~s?dj8D~-pe(g^pqi!i;$rWl>A7^kEHhu2ijl3A@>pn=jI_05U;u$w;3K| zambc_y*T*`Z1S{L>f}0pa^^FaAnJKuEf_PxZaU76*_019lI#OEYq_3;WiJ}-@t?Y z#FTXL;KhR%4_-X@Gb7GHb4ZT??$vE>2jq?sa*`E7zZnR%9N$%K_k#)Mww7!et1{LZ zE;294rsJlhqfhyLpx;;Ro#EJR*N8_WDqVk;l}4;PfVCBRSZ+q84Q|IPS0&z6iT4Ra z!xhkNg>m3jEPD^c7#glY)ZAgbB};pW#!nTEl8-9qQQs>Xg_B{D{6j7e>L(kK3TuWz zhmZ=7VXx9K9C_$@I)V7@oITvi*R?epVGe*lzCdl5! zxdro2QNAt5H7_MEa7pz0NOa8#(VBCsr$Y41?VV*izU5pV1w3AzOVUuzkj~;nj_cg} zMc(7b|0wUleR-*m@-AF{jl2urmUkifx4g?K;->Q|2YOn4P|hmb3QJZ!%GrN2b)J9; zLDuI=j$3lvlH-;fx8%4b$1OQ-$#F}LTMp53+>+y#9JicmupGCvyyFZ$m6g=IBbRBU z<{hb|B+Hg0HIt-flGIF+nn~&r*He&qiZxH}`H<}_!{enAE|qYpgi9qnRSC*t?r;}^ zUpAW}hS>X3+p>m3S+}G1ze|66e$vWTicLweDMxI6g(BdSr9HoG@2?25DPVaJe|gE< z&-V)56944D8_BTpuo3&P=jDO_b`Kn7ft%O@-f3rdnJNaMz{ldnw^xnJZ6kZNN_aE; zD>vhgu8uEnI3Jy1no(gp4{lexcOMpt89PBrezI7DN&*L>4n|` zACtjK&h=s4B9pRbbR*|F;3%jB#Eiu33pNvJzorCBhho0g@7j)3Op_)To^&c`2ZbCIDW0w*mWw1>>8=7+3SrcXxjQI~}Ajt8w;VM}Vdg5_y<93WwHVE*|Tq27B5#@E0;z-d0{p`2ACZUF&K; zpJy;!&ek_ght>$Z?%M0v)5ODf!n0zZL%XjA<%^wrTeZi3JHB}bf01Z#AApZ-;&IzH0UA&GCVlWYDs3 z+r!n_EzGZ#y|d%dq`DgWxSetPGnjwmDj|G_%8dv)#fEtvQOba`?@ruZ`%d4TW_62L&$arnZK00psO|_@s;qeb(RqHL+u37rKgIG~(0hNytbT7C zQ5d?$=!`;N`C1cRg61A7=2vwCGY>&wl2v4v5cvkBQ%eSVk#(-J`JYday+^g>gTt~x z_sv{|MLhAH)2I6VI(Z^_|Pn#n+0?&oR)Qc#h44U6E<%Y8u~Y!&XE} z`m!p!c24|h3DlyY^6g0`c&zR3>Zj2;bD3WJnFIwLU`z7QZMSSDnsJNo-JS+QppE zdjuRstj`|oUx~8&)>|X8t61lb#J0i|E4T}7!4_UdJgnB;6~fdBy&R=p6+8bSebNku z&h0&n)Upc3L4eg4PON{3KPs$O+0Hu?u7?LhILIRK8KFvGv^VpBGN)XNi@%L<)K;)-K-a15F3TLJ?@flrM*K>s z_uB|}HMafroPu&noykG5ny$SfGOtRCn|YiwJrb(itdL>;r(S<}HgCQ40ZYbM!RUK{ z)*hy@^U}J?-(Vbmzk{V_M(hw8buD7wgLLn`fI55 z-E4QRd19RiN`!xb)QTD4s`H5tFs`Nj@6S+`iKazc@!Uq8$4eFz_W|BEJjUA(@Fr~6 zV*U^AGhr$`oT;N&wi;%4Xad;6U-37id@bL9Jlf8p%rv3&H3nq>DcR+!&jK28?Rt0G z{$nvFMG*2m$oJr^$3484t9TisLMDD8(+rSp$sya4Lt1}%IDlST>wn^IA*29xmBMYK zkvNEyGTA4RwEa}@liE*O)5j0x=VzYBNvRyyA#clNq6a1%C-I%HzF8)Mnk%_^2-U+f z@8PR8d08 zk1lGSqC9`AGZfh~&!lL}d*4~KCxP{^hWfrLhiJ7Hs%M)aj+J@j&_AIkn$!{GuqWu( zt5)c$75em=-%wP7aYr~DC09>p!6J^E%MQga-)7CP>Y$&qA7SzAjWQKobkuxZm6r1i zmt(ozPTXAeK=&h>z07LJX07WCFS(KlY}?Cr+cbaRiD>q#0_eX+UPghpP%YM`54YBE zPY&3M0=!)yubQ9tHdwMZhfAV$ZTHew!Httz3y*qt@F!A1SC!9wX-rvtH7vXFbORsT zi|E>^`@*f^r?C}Zbv?f~5M#_^^>}Swb>Uvjjd`uYYFnFq7*bu8JilIyJIC)0*oK;| z+)IC&htV5{e{A|7#-(MSmd53NYI+9B9<(TXkInE1$t!m2AR#inTYV0ed#Ub;7?z;Q z1kCN-CfZqjYvtYv*Pv&yx$1o0hZt*4ZWVC_K}yxdilgH$V_L8ihA&>K8s9l|!O>c;v9HNyt&eRy`c}y`(H$&h`tbd{r`h zTs9d)7U(~;{602~w7RO*0IbWQ4K@F~ zX*w0})~73WA7NUw+cMd@z$E@WPV-aDb&riz!m@hy^3|flS4ER0g=WhW=gu_ir;&kh1}#uOvc@Lq@d%sQ3`{~YCE*14yn zWsOnGfD$t!gY~?3kifjOKO6}Vni4aH6)@l&mYbZXO^k4}^2P_dbaurwIdkIA4~nZm znCqz%R-Np*?=ILPkJ^w)vmf@r15Bm`G4m3bi6(?I;rx=5I=FuautsOB9zklC;T%zD zIH_&3WnN8H=n<@g4&?>&(k|=*I|8Z(Hfr!&?lK9tw+$Z=*v#yhu^zFb3&30Ux}rm7 zHg|ltjl$wp!n5u%MsRoxjj$w)*@_OcTpzPsA9FX;1?WEk4VbEi#&exvBYW)w${0pE ztOC^bU=J`?ibo(Na{9ho49U8xbn2&d@Gk)D?fi>ymiB$XZ4C`H9en7k0|C zr@1@TE>?$GTct)+*@0KvRiByH!{R13xD$QIko#Agub{LSmoOXd6f;!vIo7xd5#)N| zb0NuNbov>=0@XFSZs*XsgG$KC+%x>1OewC_AHd4>*M0{52C#CS_HVEr;CLOZ2gLs1 zYM=*Hmip+4XM2?nN=Pg7p%u;`Nnbi%)Hl1Esh*ElD12?9`1FF z-nGxQ#(dLKnIv>ssUm;4s!j3dC-U))KcqkDOP9&?h@Er< zb@Dto(IA$TXXbTx#(!I{yXASPJ1A}eS6i;K8xCLHZbEdI#@`c{80iZ3;oZ>;rWf6! z1f}B-fOV&;bL$4hP&yM~71-gDhXMtSJGYjH&6>|k=DiyKF3@L0Fuk^x-7uv(>;Ze1 z%v*oX^#Wp-@qZ7SDP&6nmOghcvQ*kq&4sHBqSqG=#t)y1>3!0kjH`vYG*$LBw;S3V zH3C6>IuZJljQ?h9=up|W%t3u|?aPSv@Dif&bY73%@~LS4bj2SR5El>^5YGbP%ds1W z0$kgxHUz2F2XRCPIA?nTg!DTN5Wt-08WDf$icAqH9k}`&F?iplKY<9}nDF|%PMV=> zsfs(Mm#ygvG||mv)zTxFT2H~c0)!U>1YS70kwcN5t*S8Gtcc@t(|l8-r%1N9A&K=H zB(b~=Njy64Q`KzeImgv{3Ds8$FXcW44f49Qjk5iz{+G9b+r~HG<|fCtfSYU3_q2a& zB7spZHs&=_1UOYaHhpXWmec|Pc1xOiH6j? zQden<*NBiXi>Tv%4Jl)R!}rA+B>bvdr{q?;Uiqy>bh5VekwOZ zUZvB?vW#cwl+o6+bmA}NTzF!!f6(c&&u=0k?oJ(9-CThu7V-vrbRES_Z9foE;3DD& zCL+V?NV`V#;Cp!7I_7FxCZ!t%kCK?l3LJ+TM;;hLTVRqH zlf;-LMn3PIhvxSti7^L?Nn%VAW0Dw?#F!+;^OQ4;Gtxt)YyyaQObh>C1CP*V!J1`E zsZh=dQ98|bhj44YPZi%ZnKyr>_-~W>9#Z_t9d>L`W%OF->cyw4NelO92LK+y)2Ytw z4>`Dxzqq2X`zRu?T5GvXG$^JuszcAEWBIF6_AH`oqfAL=%AP}%%PUmye=T0L^KXm4 zHQ#J`Ij>4yVknda-;}&b$(xir6et;#vg(`iyd28vd&-VSlx!*e|EhmMcUUYjuCf=$ zSi-=S&fZp?wf|KUrMxc}cs^=s5ZCOUg z2SqR}tLWHWrY~wCQ={;PvPtD(Z*m?7RN!A)E5_U&x#73Z!K#hi1;SNSa}Tq-+U)T+eE1oY)-O{(gQY|3oNKz0pJM)?13e2;2KP-V z%y3%O;M6>~@+;}nW1;j|C_U@XGyh%ouGCjdzrj!rw~K6?mg}QJonPml&!zKPhG8ZLBTT`Gv?9rr*A}FH>$|!;|ilB@lD5D6<_M4QRAsx>! z=SgRt>1k7X+LWWF95v;rDMw8?YC5A%51RNuEPob$#zWP0VsMGUpDD!$;<3b|aswSoZuAJwVb!G<$!c`6`;$i}k5{6YUv}Tm*6; zeUfa7Ak!YjIujTq2hN;e<}S`5J(PK{aP}T@MU;UxWp05+y`X;u`ieWyTy5~kt`t>U zjYxe>t5cU$`~rPGA{S3cE=s%)C1jcHIiV8_i(oBxu};|7z=nt0`=r4YWjmP*)7LQ_ zPCJic*;{|-%*|$yU752;AM4)bv8MxPl8H0P#1B7~yd0e6fBpDUG9FnvD;MY_LN7vm z2O;8x?l$U<(5+B5bAeIZa}B-c7K$%~;Jna9l3$^3SOx;PV+<-{Ywm;d$ofnXsXeym z2+&7f`bC^y8}}Be8>J0nO_9+ULQK12}VlX3q3FXL_AWc_0F3 zik(l2{eu4WluO|~jTcty8h$CS)(|%$OAY6!KFUQdcko&6kc$%Ul<4F&eMWpm8X?uj zh*x`)I;KK|2J1;*UOp>O_m0;rYB3z(;+YjO8Y})56J0Uh!jGJrEf*gFyElYtt`0ag z&ANZRQZ#fdSgRc=Gm84OLonx!_ly;X&m5jwn_-IvAcWA>woC6JXT;mSa8oL|bNA-jI9bL(q@3N4g}3koCdD#b&4-OIIOTsMpWyVj3x39a@3yX2ESr7zuyJLDb6iIs z;U2@PBN(u}j^fE)T~64m>>7qrECRPO18{5xZh`3RuuTfft3aP`xH5s?V`eH3^j;T% za46D>#svDSE%uQkdGPIIAc7UFjG< z`4ngQ6leJqBVJJc6Uu(tPAn};v?YIRT5a~@AVDsdehXy+lLa@NRfqh*nrWHa<=($q z5wM)SjiD=|$N0U}+|E?9@JVFPFG7Fn-Z)F%IBT5v0r!h>|DDW{QaeIP(MMe?_32t0 zJboP3zv_UjqvHc=78720-dvyI9L<C$ugK z54#CDRTLB5ElNPUj)k@7nHqnJqcM=ry(Wgg9E#`xB_8*U5}NkD76iMjkz4Fkori~~ zR=3cek0@mb!T4{K4g~k^-ulMoD!O#a2zzFuhbx;0=;^ExUp!)X@OnmTo$tJ|dT*#Y zlPVEK@G2X%WMJEOR{o8Wrc_>m`AqjJVEQqO(*PGxo`?f6Hl8wvYOsGhM!>u`JX)Ni zOP_IEo(qhx(z9Qa;}D2n?cD%s$i-$XOIcR? zq!|u;xS}1k$_TtN97q4+Q^=E^*LUbs6f)JV+Cn!6G9i~Ex3gyV1m!V~e_Bre(tAc} zYuKu3BbMvt>X}1f_ z3(X77J4ACxuf0f#SXHD?BpqJd(PDVvE!ty>t=xB>%@ub goto BB6 | True -> goto BB1 end @@ -51,7 +51,7 @@ module ResolveUninit_MaybeUninit } BB3 { [#"../resolve_uninit.rs" 8 8 8 9] x <- ([#"../resolve_uninit.rs" 8 8 8 9] _6); - [#"../resolve_uninit.rs" 8 8 8 9] _6 <- any t; + _6 <- any t; assert { [@expl:type invariant] inv0 x }; assume { resolve0 x }; goto BB5 @@ -68,13 +68,13 @@ module ResolveUninit_MaybeUninit goto BB8 } BB8 { - [#"../resolve_uninit.rs" 11 4 11 5] x <- ([#"../resolve_uninit.rs" 11 8 11 9] y); - [#"../resolve_uninit.rs" 11 8 11 9] y <- any t; + [#"../resolve_uninit.rs" 11 4 11 5] x <- ([#"../resolve_uninit.rs" 11 4 11 5] y); + y <- any t; goto BB10 } BB10 { [#"../resolve_uninit.rs" 12 4 12 5] _0 <- ([#"../resolve_uninit.rs" 12 4 12 5] x); - [#"../resolve_uninit.rs" 12 4 12 5] x <- any t; + x <- any t; goto BB11 } BB11 { @@ -109,11 +109,12 @@ module ResolveUninit_InitJoin var _10 : borrowed int32; var _11 : borrowed int32; var _12 : borrowed int32; + var _14 : bool; { goto BB0 } BB0 { - switch ([#"../resolve_uninit.rs" 19 7 19 8] b) + switch (b) | False -> goto BB2 | True -> goto BB1 end @@ -124,14 +125,14 @@ module ResolveUninit_InitJoin [#"../resolve_uninit.rs" 20 12 20 18] _7 <- Borrow.borrow_final ( * _8) (Borrow.get_id _8); [#"../resolve_uninit.rs" 20 12 20 18] _8 <- { _8 with current = ( ^ _7) ; }; [#"../resolve_uninit.rs" 20 8 20 18] z <- ([#"../resolve_uninit.rs" 20 8 20 18] _7); - [#"../resolve_uninit.rs" 20 8 20 18] _7 <- any borrowed int32; + _7 <- any borrowed int32; assume { resolve0 _8 }; [#"../resolve_uninit.rs" 21 12 21 19] _10 <- Borrow.borrow_final ( * z) (Borrow.get_id z); [#"../resolve_uninit.rs" 21 12 21 19] z <- { z with current = ( ^ _10) ; }; [#"../resolve_uninit.rs" 21 12 21 19] _9 <- Borrow.borrow_final ( * _10) (Borrow.get_id _10); [#"../resolve_uninit.rs" 21 12 21 19] _10 <- { _10 with current = ( ^ _9) ; }; [#"../resolve_uninit.rs" 21 8 21 19] y <- ([#"../resolve_uninit.rs" 21 8 21 19] _9); - [#"../resolve_uninit.rs" 21 8 21 19] _9 <- any borrowed int32; + _9 <- any borrowed int32; assume { resolve0 _10 }; [#"../resolve_uninit.rs" 19 9 23 5] _5 <- ([#"../resolve_uninit.rs" 19 9 23 5] ()); goto BB7 @@ -142,15 +143,16 @@ module ResolveUninit_InitJoin [#"../resolve_uninit.rs" 24 12 24 18] _11 <- Borrow.borrow_final ( * _12) (Borrow.get_id _12); [#"../resolve_uninit.rs" 24 12 24 18] _12 <- { _12 with current = ( ^ _11) ; }; [#"../resolve_uninit.rs" 24 8 24 18] y <- ([#"../resolve_uninit.rs" 24 8 24 18] _11); - [#"../resolve_uninit.rs" 24 8 24 18] _11 <- any borrowed int32; + _11 <- any borrowed int32; assume { resolve0 _12 }; [#"../resolve_uninit.rs" 23 11 25 5] _5 <- ([#"../resolve_uninit.rs" 23 11 25 5] ()); goto BB3 } BB3 { - [#"../resolve_uninit.rs" 27 4 27 10] y <- { y with current = ([#"../resolve_uninit.rs" 27 4 27 10] [#"../resolve_uninit.rs" 27 9 27 10] (5 : int32)) ; }; + [#"../resolve_uninit.rs" 27 4 27 10] y <- { y with current = ([#"../resolve_uninit.rs" 27 4 27 10] (5 : int32)) ; }; assume { resolve0 y }; - switch ([#"../resolve_uninit.rs" 28 12 28 18] ([#"../resolve_uninit.rs" 28 12 28 13] x) = ([#"../resolve_uninit.rs" 28 17 28 18] [#"../resolve_uninit.rs" 28 17 28 18] (5 : int32))) + [#"../resolve_uninit.rs" 28 12 28 18] _14 <- ([#"../resolve_uninit.rs" 28 12 28 18] x = (5 : int32)); + switch (_14) | False -> goto BB5 | True -> goto BB4 end diff --git a/creusot/tests/should_succeed/resolve_uninit/why3session.xml b/creusot/tests/should_succeed/resolve_uninit/why3session.xml index 6bf9ef09dc..84f5e9d973 100644 --- a/creusot/tests/should_succeed/resolve_uninit/why3session.xml +++ b/creusot/tests/should_succeed/resolve_uninit/why3session.xml @@ -12,7 +12,7 @@ - + diff --git a/creusot/tests/should_succeed/resolve_uninit/why3shapes.gz b/creusot/tests/should_succeed/resolve_uninit/why3shapes.gz index ae1eecd641ca164842f1b78d99a1d543ea6744b9..bc8d20db1215fa555b11076e86b6b906dce1251e 100644 GIT binary patch literal 466 zcmV;@0WJO?iwFP!00000|6NkSlAACLz4H~^w#&(~!8V=QLnad@xp#DI#st%4n}rrg zcKY{~uwmO=Ec;1%Pm=W|OQ%=&%TMXuk5f1FUsIiC&&mATb^TqSsFHBeC-;IHi;8W5 zvO4YQlB05!yH4JXej2WKFEHPQ1hVY6Y%H2Xgbms0-1yert}{Ik?%R0t2-R*sN2(+EXN1=Qbk_)K}VL5`@gw!S^qmbf5ZsS~VI%)UfM0pA0nu=;$Encbf+tBq%Vx_H3 z?p0eDVL;`zscoanw)B_0R9dF;2uG24Z;OV|LMRW7YK5w$Zc9oqzV=R}`B5c*0Xv|` Is*wW#01MONi~s-t literal 450 zcmV;z0X_a7iwFP!00000|6NkSj+`(Iz4H~^c9&C}kc3p)!)OE=E_?lCe(w&7C zn5p{rbx2^kbBSa7`90h6bC%9O%r85qH#^P!IDAP(n!O~;Z_^JqqDhs6kEqS77MfSy za!srHh@V_DQ<=+b&1C2CaHNEz1~|Xy^m@;kZPq z6$jvj05p(Q5{Op#S##<$hpIM?n5R{ukEt7{^uzpZ?D;zML%$@hb_Z9#AsKCXy&J4q z7=6Mw1n!e~Om3QSn#Mo2d-`~9xpDnqE;x1HY36sZqm>_&g?ZKgMdq6>Vwvz|qP(x< z)d!^cZkMyq_&|n!7C{tieb6ty3`wq`d|Wx8=~I4B0Qc|IB>(^b diff --git a/creusot/tests/should_succeed/result/own.mlcfg b/creusot/tests/should_succeed/result/own.mlcfg index a2be7e8a72..6371b85504 100644 --- a/creusot/tests/should_succeed/result/own.mlcfg +++ b/creusot/tests/should_succeed/result/own.mlcfg @@ -130,7 +130,7 @@ module Own_Impl0_IsErr BB0 { assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 31 9 31 21] _3 <- ([#"../own.rs" 31 9 31 21] is_ok0 ([#"../own.rs" 31 9 31 13] self)); + [#"../own.rs" 31 9 31 21] _3 <- ([#"../own.rs" 31 9 31 21] is_ok0 self); goto BB1 } BB1 { @@ -239,7 +239,7 @@ module Own_Impl0_Ok } BB4 { [#"../own.rs" 40 27 40 28] x1 <- ([#"../own.rs" 40 27 40 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 40 27 40 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv1 x1 }; assume { resolve1 x1 }; assert { [@expl:type invariant] inv0 self }; @@ -255,11 +255,11 @@ module Own_Impl0_Ok } BB6 { [#"../own.rs" 38 26 38 27] x <- ([#"../own.rs" 38 26 38 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 38 26 38 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 38 32 38 39] _0 <- ([#"../own.rs" 38 32 38 39] Core_Option_Option_Type.C_Some ([#"../own.rs" 38 37 38 38] x)); - [#"../own.rs" 38 37 38 38] x <- any t; + [#"../own.rs" 38 32 38 39] _0 <- ([#"../own.rs" 38 32 38 39] Core_Option_Option_Type.C_Some x); + x <- any t; goto BB7 } BB7 { @@ -367,11 +367,11 @@ module Own_Impl0_Err } BB4 { [#"../own.rs" 50 27 50 28] x1 <- ([#"../own.rs" 50 27 50 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 50 27 50 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; - [#"../own.rs" 50 33 50 40] _0 <- ([#"../own.rs" 50 33 50 40] Core_Option_Option_Type.C_Some ([#"../own.rs" 50 38 50 39] x1)); - [#"../own.rs" 50 38 50 39] x1 <- any e; + [#"../own.rs" 50 33 50 40] _0 <- ([#"../own.rs" 50 33 50 40] Core_Option_Option_Type.C_Some x1); + x1 <- any e; goto BB8 } BB5 { @@ -382,7 +382,7 @@ module Own_Impl0_Err } BB6 { [#"../own.rs" 49 26 49 27] x <- ([#"../own.rs" 49 26 49 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 49 26 49 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 x }; assume { resolve0 x }; assert { [@expl:type invariant] inv1 self }; @@ -489,7 +489,7 @@ module Own_Impl0_AsRef assume { resolve0 self }; assert { [@expl:type invariant] inv2 x1 }; assume { resolve2 x1 }; - [#"../own.rs" 59 37 59 54] _0 <- ([#"../own.rs" 59 37 59 54] Own_OwnResult_Type.C_Err ([#"../own.rs" 59 52 59 53] x1)); + [#"../own.rs" 59 37 59 54] _0 <- ([#"../own.rs" 59 37 59 54] Own_OwnResult_Type.C_Err x1); goto BB5 } BB3 { @@ -504,7 +504,7 @@ module Own_Impl0_AsRef assume { resolve0 self }; assert { [@expl:type invariant] inv1 x }; assume { resolve1 x }; - [#"../own.rs" 58 36 58 52] _0 <- ([#"../own.rs" 58 36 58 52] Own_OwnResult_Type.C_Ok ([#"../own.rs" 58 50 58 51] x)); + [#"../own.rs" 58 36 58 52] _0 <- ([#"../own.rs" 58 36 58 52] Own_OwnResult_Type.C_Ok x); goto BB5 } BB5 { @@ -727,7 +727,7 @@ module Own_Impl0_Unwrap } BB4 { [#"../own.rs" 86 27 86 29] _e <- ([#"../own.rs" 86 27 86 29] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 86 27 86 29] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv1 _e }; assume { resolve1 _e }; assert { [@expl:type invariant] inv0 self }; @@ -743,11 +743,11 @@ module Own_Impl0_Unwrap } BB6 { [#"../own.rs" 85 26 85 27] t <- ([#"../own.rs" 85 26 85 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 85 26 85 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; [#"../own.rs" 85 32 85 33] _0 <- ([#"../own.rs" 85 32 85 33] t); - [#"../own.rs" 85 32 85 33] t <- any t; + t <- any t; goto BB7 } BB7 { @@ -837,7 +837,7 @@ module Own_Impl0_Expect } BB4 { [#"../own.rs" 98 27 98 29] _e <- ([#"../own.rs" 98 27 98 29] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 98 27 98 29] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv1 _e }; assume { resolve1 _e }; assert { [@expl:type invariant] inv0 self }; @@ -853,11 +853,11 @@ module Own_Impl0_Expect } BB6 { [#"../own.rs" 97 26 97 27] t <- ([#"../own.rs" 97 26 97 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 97 26 97 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; [#"../own.rs" 97 32 97 33] _0 <- ([#"../own.rs" 97 32 97 33] t); - [#"../own.rs" 97 32 97 33] t <- any t; + t <- any t; goto BB7 } BB7 { @@ -946,11 +946,11 @@ module Own_Impl0_UnwrapErr } BB4 { [#"../own.rs" 110 27 110 28] e <- ([#"../own.rs" 110 27 110 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 110 27 110 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; [#"../own.rs" 110 33 110 34] _0 <- ([#"../own.rs" 110 33 110 34] e); - [#"../own.rs" 110 33 110 34] e <- any e; + e <- any e; goto BB7 } BB5 { @@ -961,7 +961,7 @@ module Own_Impl0_UnwrapErr } BB6 { [#"../own.rs" 109 26 109 28] _t <- ([#"../own.rs" 109 26 109 28] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 109 26 109 28] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 _t }; assume { resolve0 _t }; assert { [@expl:type invariant] inv1 self }; @@ -1057,13 +1057,13 @@ module Own_Impl0_UnwrapOr } BB4 { [#"../own.rs" 120 27 120 28] e <- ([#"../own.rs" 120 27 120 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 120 27 120 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv2 e }; assume { resolve2 e }; assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; [#"../own.rs" 120 33 120 40] _0 <- ([#"../own.rs" 120 33 120 40] default); - [#"../own.rs" 120 33 120 40] default <- any t; + default <- any t; goto BB8 } BB5 { @@ -1078,11 +1078,11 @@ module Own_Impl0_UnwrapOr assert { [@expl:type invariant] inv0 default }; assume { resolve0 default }; [#"../own.rs" 118 26 118 27] t <- ([#"../own.rs" 118 26 118 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 118 26 118 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; [#"../own.rs" 118 32 118 33] _0 <- ([#"../own.rs" 118 32 118 33] t); - [#"../own.rs" 118 32 118 33] t <- any t; + t <- any t; goto BB7 } BB7 { @@ -1199,11 +1199,11 @@ module Own_Impl0_UnwrapOrDefault } BB6 { [#"../own.rs" 131 26 131 27] x <- ([#"../own.rs" 131 26 131 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 131 26 131 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; [#"../own.rs" 131 32 131 33] _0 <- ([#"../own.rs" 131 32 131 33] x); - [#"../own.rs" 131 32 131 33] x <- any t; + x <- any t; goto BB7 } BB7 { @@ -1321,11 +1321,11 @@ module Own_Impl0_And assert { [@expl:type invariant] inv2 res }; assume { resolve2 res }; [#"../own.rs" 142 27 142 28] e <- ([#"../own.rs" 142 27 142 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 142 27 142 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; - [#"../own.rs" 142 33 142 50] _0 <- ([#"../own.rs" 142 33 142 50] Own_OwnResult_Type.C_Err ([#"../own.rs" 142 48 142 49] e)); - [#"../own.rs" 142 48 142 49] e <- any e; + [#"../own.rs" 142 33 142 50] _0 <- ([#"../own.rs" 142 33 142 50] Own_OwnResult_Type.C_Err e); + e <- any e; goto BB8 } BB5 { @@ -1338,13 +1338,13 @@ module Own_Impl0_And } BB6 { [#"../own.rs" 141 26 141 27] x <- ([#"../own.rs" 141 26 141 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 141 26 141 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv0 x }; assume { resolve0 x }; assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; [#"../own.rs" 141 32 141 35] _0 <- ([#"../own.rs" 141 32 141 35] res); - [#"../own.rs" 141 32 141 35] res <- any Own_OwnResult_Type.t_ownresult u e; + res <- any Own_OwnResult_Type.t_ownresult u e; goto BB7 } BB7 { @@ -1469,13 +1469,13 @@ module Own_Impl0_Or } BB4 { [#"../own.rs" 152 27 152 28] e <- ([#"../own.rs" 152 27 152 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 152 27 152 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv2 e }; assume { resolve2 e }; assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; [#"../own.rs" 152 33 152 36] _0 <- ([#"../own.rs" 152 33 152 36] res); - [#"../own.rs" 152 33 152 36] res <- any Own_OwnResult_Type.t_ownresult t f; + res <- any Own_OwnResult_Type.t_ownresult t f; goto BB9 } BB5 { @@ -1490,11 +1490,11 @@ module Own_Impl0_Or assert { [@expl:type invariant] inv0 res }; assume { resolve0 res }; [#"../own.rs" 150 26 150 27] v <- ([#"../own.rs" 150 26 150 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 150 26 150 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any t)); assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; - [#"../own.rs" 150 32 150 48] _0 <- ([#"../own.rs" 150 32 150 48] Own_OwnResult_Type.C_Ok ([#"../own.rs" 150 46 150 47] v)); - [#"../own.rs" 150 46 150 47] v <- any t; + [#"../own.rs" 150 32 150 48] _0 <- ([#"../own.rs" 150 32 150 48] Own_OwnResult_Type.C_Ok v); + v <- any t; goto BB7 } BB7 { @@ -1605,11 +1605,11 @@ module Own_Impl1_Copied } BB4 { [#"../own.rs" 167 27 167 28] e <- ([#"../own.rs" 167 27 167 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 167 27 167 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 167 33 167 50] _0 <- ([#"../own.rs" 167 33 167 50] Own_OwnResult_Type.C_Err ([#"../own.rs" 167 48 167 49] e)); - [#"../own.rs" 167 48 167 49] e <- any e; + [#"../own.rs" 167 33 167 50] _0 <- ([#"../own.rs" 167 33 167 50] Own_OwnResult_Type.C_Err e); + e <- any e; goto BB7 } BB5 { @@ -1624,7 +1624,7 @@ module Own_Impl1_Copied assume { resolve0 self }; assert { [@expl:type invariant] inv1 t }; assume { resolve1 t }; - [#"../own.rs" 166 32 166 49] _0 <- ([#"../own.rs" 166 32 166 49] Own_OwnResult_Type.C_Ok ([#"../own.rs" 166 46 166 48] t)); + [#"../own.rs" 166 32 166 49] _0 <- ([#"../own.rs" 166 32 166 49] Own_OwnResult_Type.C_Ok t); goto BB9 } BB7 { @@ -1744,11 +1744,11 @@ module Own_Impl1_Cloned } BB4 { [#"../own.rs" 180 27 180 28] e <- ([#"../own.rs" 180 27 180 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 180 27 180 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 180 33 180 50] _0 <- ([#"../own.rs" 180 33 180 50] Own_OwnResult_Type.C_Err ([#"../own.rs" 180 48 180 49] e)); - [#"../own.rs" 180 48 180 49] e <- any e; + [#"../own.rs" 180 33 180 50] _0 <- ([#"../own.rs" 180 33 180 50] Own_OwnResult_Type.C_Err e); + e <- any e; goto BB9 } BB5 { @@ -1763,7 +1763,7 @@ module Own_Impl1_Cloned assume { resolve0 self }; assert { [@expl:type invariant] inv1 t }; assume { resolve1 t }; - [#"../own.rs" 179 46 179 55] _6 <- ([#"../own.rs" 179 46 179 55] clone0 ([#"../own.rs" 179 46 179 47] t)); + [#"../own.rs" 179 46 179 55] _6 <- ([#"../own.rs" 179 46 179 55] clone0 t); goto BB7 } BB7 { @@ -1877,11 +1877,11 @@ module Own_Impl2_Copied } BB4 { [#"../own.rs" 195 27 195 28] e <- ([#"../own.rs" 195 27 195 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 195 27 195 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 195 33 195 50] _0 <- ([#"../own.rs" 195 33 195 50] Own_OwnResult_Type.C_Err ([#"../own.rs" 195 48 195 49] e)); - [#"../own.rs" 195 48 195 49] e <- any e; + [#"../own.rs" 195 33 195 50] _0 <- ([#"../own.rs" 195 33 195 50] Own_OwnResult_Type.C_Err e); + e <- any e; goto BB7 } BB5 { @@ -1892,12 +1892,12 @@ module Own_Impl2_Copied } BB6 { [#"../own.rs" 194 26 194 27] t <- ([#"../own.rs" 194 26 194 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 194 26 194 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any borrowed t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any borrowed t)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; assert { [@expl:type invariant] inv1 t }; assume { resolve1 t }; - [#"../own.rs" 194 32 194 49] _0 <- ([#"../own.rs" 194 32 194 49] Own_OwnResult_Type.C_Ok ([#"../own.rs" 194 46 194 48] * t)); + [#"../own.rs" 194 32 194 49] _0 <- ([#"../own.rs" 194 32 194 49] Own_OwnResult_Type.C_Ok ( * t)); goto BB9 } BB7 { @@ -2027,11 +2027,11 @@ module Own_Impl2_Cloned } BB4 { [#"../own.rs" 208 27 208 28] e <- ([#"../own.rs" 208 27 208 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 208 27 208 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 208 33 208 50] _0 <- ([#"../own.rs" 208 33 208 50] Own_OwnResult_Type.C_Err ([#"../own.rs" 208 48 208 49] e)); - [#"../own.rs" 208 48 208 49] e <- any e; + [#"../own.rs" 208 33 208 50] _0 <- ([#"../own.rs" 208 33 208 50] Own_OwnResult_Type.C_Err e); + e <- any e; goto BB9 } BB5 { @@ -2042,10 +2042,10 @@ module Own_Impl2_Cloned } BB6 { [#"../own.rs" 207 26 207 27] t <- ([#"../own.rs" 207 26 207 27] Own_OwnResult_Type.ok_0 self); - [#"../own.rs" 207 26 207 27] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any borrowed t)); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (any borrowed t)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../own.rs" 207 46 207 55] _6 <- ([#"../own.rs" 207 46 207 55] clone0 ([#"../own.rs" 207 46 207 47] * t)); + [#"../own.rs" 207 46 207 55] _6 <- ([#"../own.rs" 207 46 207 55] clone0 ( * t)); goto BB7 } BB7 { @@ -2142,7 +2142,9 @@ module Own_Impl3_Transpose var _0 : Core_Option_Option_Type.t_option (Own_OwnResult_Type.t_ownresult t e); var self : Own_OwnResult_Type.t_ownresult (Core_Option_Option_Type.t_option t) e = self; var x : t; + var _8 : Own_OwnResult_Type.t_ownresult t e; var e : e; + var _11 : Own_OwnResult_Type.t_ownresult t e; { goto BB0 } @@ -2181,21 +2183,25 @@ module Own_Impl3_Transpose } BB8 { [#"../own.rs" 221 27 221 28] e <- ([#"../own.rs" 221 27 221 28] Own_OwnResult_Type.err_0 self); - [#"../own.rs" 221 27 221 28] self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); + self <- (let Own_OwnResult_Type.C_Err x0 = self in Own_OwnResult_Type.C_Err (any e)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; + [#"../own.rs" 221 38 221 55] _11 <- ([#"../own.rs" 221 38 221 55] Own_OwnResult_Type.C_Err e); + e <- any e; goto BB14 } BB9 { [#"../own.rs" 219 31 219 32] x <- ([#"../own.rs" 219 31 219 32] Core_Option_Option_Type.some_0 (Own_OwnResult_Type.ok_0 self)); - [#"../own.rs" 219 31 219 32] self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (let Core_Option_Option_Type.C_Some x0 = Own_OwnResult_Type.ok_0 self in Core_Option_Option_Type.C_Some (any t))); + self <- (let Own_OwnResult_Type.C_Ok x0 = self in Own_OwnResult_Type.C_Ok (let Core_Option_Option_Type.C_Some x0 = Own_OwnResult_Type.ok_0 self in Core_Option_Option_Type.C_Some (any t))); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; + [#"../own.rs" 219 43 219 59] _8 <- ([#"../own.rs" 219 43 219 59] Own_OwnResult_Type.C_Ok x); + x <- any t; goto BB10 } BB10 { - [#"../own.rs" 219 38 219 60] _0 <- ([#"../own.rs" 219 38 219 60] Core_Option_Option_Type.C_Some ([#"../own.rs" 219 43 219 59] Own_OwnResult_Type.C_Ok ([#"../own.rs" 219 57 219 58] x))); - [#"../own.rs" 219 57 219 58] x <- any t; + [#"../own.rs" 219 38 219 60] _0 <- ([#"../own.rs" 219 38 219 60] Core_Option_Option_Type.C_Some _8); + _8 <- any Own_OwnResult_Type.t_ownresult t e; goto BB11 } BB11 { @@ -2211,8 +2217,8 @@ module Own_Impl3_Transpose goto BB17 } BB14 { - [#"../own.rs" 221 33 221 56] _0 <- ([#"../own.rs" 221 33 221 56] Core_Option_Option_Type.C_Some ([#"../own.rs" 221 38 221 55] Own_OwnResult_Type.C_Err ([#"../own.rs" 221 53 221 54] e))); - [#"../own.rs" 221 53 221 54] e <- any e; + [#"../own.rs" 221 33 221 56] _0 <- ([#"../own.rs" 221 33 221 56] Core_Option_Option_Type.C_Some _11); + _11 <- any Own_OwnResult_Type.t_ownresult t e; goto BB15 } BB15 { diff --git a/creusot/tests/should_succeed/result/result.mlcfg b/creusot/tests/should_succeed/result/result.mlcfg index 2606db84d6..b01063af64 100644 --- a/creusot/tests/should_succeed/result/result.mlcfg +++ b/creusot/tests/should_succeed/result/result.mlcfg @@ -355,92 +355,134 @@ module Result_TestResult var _6 : bool; var _10 : bool; var _12 : bool; + var _16 : bool; var _17 : int32; var _18 : Core_Option_Option_Type.t_option int32; var _22 : bool; var _24 : Core_Option_Option_Type.t_option int32; var _28 : bool; var _30 : Core_Option_Option_Type.t_option int32; + var _34 : bool; var _35 : int32; var _36 : Core_Option_Option_Type.t_option int32; + var _40 : bool; var _42 : int32; var _43 : Core_Result_Result_Type.t_result int32 int32; + var _47 : bool; var _49 : int32; var _50 : Core_Result_Result_Type.t_result int32 int32; var _53 : borrowed int32; var _54 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _55 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _57 : bool; var _58 : int32; var _61 : borrowed int32; var _62 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _63 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _65 : bool; var _66 : int32; var _69 : borrowed int32; var _70 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _71 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _73 : bool; var _74 : int32; var _77 : borrowed int32; var _78 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _79 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _81 : bool; var _82 : int32; + var _86 : bool; var _87 : int32; + var _91 : bool; var _92 : int32; + var _96 : bool; var _97 : int32; + var _101 : bool; var _102 : int32; + var _106 : bool; var _107 : int32; + var _111 : bool; var _112 : int32; + var _116 : bool; var _117 : int32; var _118 : Core_Result_Result_Type.t_result int32 int32; + var _120 : Core_Result_Result_Type.t_result int32 int32; + var _123 : bool; var _124 : int32; var _125 : Core_Result_Result_Type.t_result int32 int32; + var _127 : Core_Result_Result_Type.t_result int32 int32; + var _130 : bool; var _131 : int32; var _132 : Core_Result_Result_Type.t_result int32 int32; + var _134 : Core_Result_Result_Type.t_result int32 int32; + var _137 : bool; var _138 : int32; var _139 : Core_Result_Result_Type.t_result int32 int32; + var _141 : Core_Result_Result_Type.t_result int32 int32; + var _144 : bool; var _145 : int32; var _146 : Core_Result_Result_Type.t_result int32 int32; + var _148 : Core_Result_Result_Type.t_result int32 int32; + var _151 : bool; var _152 : int32; var _153 : Core_Result_Result_Type.t_result int32 int32; + var _155 : Core_Result_Result_Type.t_result int32 int32; + var _158 : bool; var _159 : int32; var _160 : Core_Result_Result_Type.t_result int32 int32; + var _162 : Core_Result_Result_Type.t_result int32 int32; + var _165 : bool; var _166 : int32; var _167 : Core_Result_Result_Type.t_result int32 int32; + var _169 : Core_Result_Result_Type.t_result int32 int32; + var _172 : bool; var _173 : int32; var _174 : Core_Result_Result_Type.t_result int32 int32; var _175 : Core_Result_Result_Type.t_result int32 int32; + var _179 : bool; var _181 : int32; var _182 : Core_Result_Result_Type.t_result int32 int32; var _183 : Core_Result_Result_Type.t_result int32 int32; + var _187 : bool; var _188 : int32; var _189 : Core_Result_Result_Type.t_result int32 (borrowed int32); var _190 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _191 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _194 : bool; var _196 : borrowed int32; var _197 : Core_Result_Result_Type.t_result int32 (borrowed int32); var _198 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _199 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _202 : bool; var _203 : int32; var _204 : Core_Result_Result_Type.t_result int32 int32; var _205 : Core_Result_Result_Type.t_result int32 int32; + var _209 : bool; var _211 : int32; var _212 : Core_Result_Result_Type.t_result int32 int32; var _213 : Core_Result_Result_Type.t_result int32 int32; + var _217 : bool; var _218 : int32; var _219 : Core_Result_Result_Type.t_result int32 (borrowed int32); var _220 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _221 : borrowed (Core_Result_Result_Type.t_result int32 int32); + var _224 : bool; var _226 : borrowed int32; var _227 : Core_Result_Result_Type.t_result int32 (borrowed int32); var _228 : Core_Result_Result_Type.t_result (borrowed int32) (borrowed int32); var _229 : borrowed (Core_Result_Result_Type.t_result int32 int32); var res : Core_Result_Result_Type.t_result (Core_Option_Option_Type.t_option int32) int32; + var _232 : Core_Option_Option_Type.t_option int32; var _234 : bool; var _236 : Core_Option_Option_Type.t_option (Core_Result_Result_Type.t_result int32 int32); var res1 : Core_Result_Result_Type.t_result (Core_Option_Option_Type.t_option int32) int32; + var _240 : Core_Option_Option_Type.t_option int32; + var _242 : bool; var _243 : int32; var _244 : Core_Result_Result_Type.t_result int32 int32; var _245 : Core_Option_Option_Type.t_option (Core_Result_Result_Type.t_result int32 int32); var res2 : Core_Result_Result_Type.t_result (Core_Option_Option_Type.t_option int32) int32; + var _250 : bool; var _251 : int32; var _252 : Core_Result_Result_Type.t_result int32 int32; var _253 : Core_Option_Option_Type.t_option (Core_Result_Result_Type.t_result int32 int32); @@ -448,9 +490,9 @@ module Result_TestResult goto BB0 } BB0 { - [#"../result.rs" 4 35 4 40] ok <- ([#"../result.rs" 4 35 4 40] Core_Result_Result_Type.C_Ok ([#"../result.rs" 4 38 4 39] [#"../result.rs" 4 38 4 39] (1 : int32))); - [#"../result.rs" 5 36 5 43] err <- ([#"../result.rs" 5 36 5 43] Core_Result_Result_Type.C_Err ([#"../result.rs" 5 40 5 42] [#"../result.rs" 5 40 5 42] (-1 : int32))); - [#"../result.rs" 8 12 8 22] _4 <- ([#"../result.rs" 8 12 8 22] is_ok0 ([#"../result.rs" 8 12 8 14] ok)); + [#"../result.rs" 4 35 4 40] ok <- ([#"../result.rs" 4 35 4 40] Core_Result_Result_Type.C_Ok (1 : int32)); + [#"../result.rs" 5 36 5 43] err <- ([#"../result.rs" 5 36 5 43] Core_Result_Result_Type.C_Err (-1 : int32)); + [#"../result.rs" 8 12 8 22] _4 <- ([#"../result.rs" 8 12 8 22] is_ok0 ok); goto BB1 } BB1 { @@ -460,7 +502,7 @@ module Result_TestResult end } BB2 { - [#"../result.rs" 8 27 8 38] _6 <- ([#"../result.rs" 8 27 8 38] is_ok0 ([#"../result.rs" 8 27 8 30] err)); + [#"../result.rs" 8 27 8 38] _6 <- ([#"../result.rs" 8 27 8 38] is_ok0 err); goto BB3 } BB3 { @@ -473,7 +515,7 @@ module Result_TestResult goto BB7 } BB5 { - [#"../result.rs" 10 12 10 24] _10 <- ([#"../result.rs" 10 12 10 24] is_err0 ([#"../result.rs" 10 12 10 15] err)); + [#"../result.rs" 10 12 10 24] _10 <- ([#"../result.rs" 10 12 10 24] is_err0 err); goto BB8 } BB6 { @@ -490,7 +532,7 @@ module Result_TestResult end } BB9 { - [#"../result.rs" 10 29 10 40] _12 <- ([#"../result.rs" 10 29 10 40] is_err0 ([#"../result.rs" 10 29 10 31] ok)); + [#"../result.rs" 10 29 10 40] _12 <- ([#"../result.rs" 10 29 10 40] is_err0 ok); goto BB10 } BB10 { @@ -503,7 +545,7 @@ module Result_TestResult goto BB14 } BB12 { - [#"../result.rs" 13 12 13 19] _18 <- ([#"../result.rs" 13 12 13 19] ok0 ([#"../result.rs" 13 12 13 14] ok)); + [#"../result.rs" 13 12 13 19] _18 <- ([#"../result.rs" 13 12 13 19] ok0 ok); goto BB15 } BB13 { @@ -519,13 +561,15 @@ module Result_TestResult goto BB16 } BB16 { - switch ([#"../result.rs" 13 12 13 33] _17 = ([#"../result.rs" 13 32 13 33] [#"../result.rs" 13 32 13 33] (1 : int32))) + [#"../result.rs" 13 12 13 33] _16 <- ([#"../result.rs" 13 12 13 33] _17 = (1 : int32)); + _17 <- any int32; + switch (_16) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../result.rs" 14 12 14 20] _24 <- ([#"../result.rs" 14 12 14 20] ok0 ([#"../result.rs" 14 12 14 15] err)); + [#"../result.rs" 14 12 14 20] _24 <- ([#"../result.rs" 14 12 14 20] ok0 err); goto BB19 } BB18 { @@ -533,7 +577,7 @@ module Result_TestResult absurd } BB19 { - [#"../result.rs" 14 12 14 30] _22 <- ([#"../result.rs" 14 12 14 30] is_none0 ([#"../result.rs" 14 12 14 20] _24)); + [#"../result.rs" 14 12 14 30] _22 <- ([#"../result.rs" 14 12 14 30] is_none0 _24); goto BB20 } BB20 { @@ -543,7 +587,7 @@ module Result_TestResult end } BB21 { - [#"../result.rs" 16 12 16 20] _30 <- ([#"../result.rs" 16 12 16 20] err0 ([#"../result.rs" 16 12 16 14] ok)); + [#"../result.rs" 16 12 16 20] _30 <- ([#"../result.rs" 16 12 16 20] err0 ok); goto BB23 } BB22 { @@ -551,7 +595,7 @@ module Result_TestResult absurd } BB23 { - [#"../result.rs" 16 12 16 30] _28 <- ([#"../result.rs" 16 12 16 30] is_none0 ([#"../result.rs" 16 12 16 20] _30)); + [#"../result.rs" 16 12 16 30] _28 <- ([#"../result.rs" 16 12 16 30] is_none0 _30); goto BB24 } BB24 { @@ -561,7 +605,7 @@ module Result_TestResult end } BB25 { - [#"../result.rs" 17 12 17 21] _36 <- ([#"../result.rs" 17 12 17 21] err0 ([#"../result.rs" 17 12 17 15] err)); + [#"../result.rs" 17 12 17 21] _36 <- ([#"../result.rs" 17 12 17 21] err0 err); goto BB27 } BB26 { @@ -574,13 +618,15 @@ module Result_TestResult goto BB28 } BB28 { - switch ([#"../result.rs" 17 12 17 36] _35 = ([#"../result.rs" 17 34 17 36] [#"../result.rs" 17 34 17 36] (-1 : int32))) + [#"../result.rs" 17 12 17 36] _34 <- ([#"../result.rs" 17 12 17 36] _35 = (-1 : int32)); + _35 <- any int32; + switch (_34) | False -> goto BB30 | True -> goto BB29 end } BB29 { - [#"../result.rs" 20 13 20 24] _43 <- ([#"../result.rs" 20 13 20 24] as_ref0 ([#"../result.rs" 20 13 20 15] ok)); + [#"../result.rs" 20 13 20 24] _43 <- ([#"../result.rs" 20 13 20 24] as_ref0 ok); goto BB31 } BB30 { @@ -593,13 +639,14 @@ module Result_TestResult goto BB32 } BB32 { - switch ([#"../result.rs" 20 12 20 38] ([#"../result.rs" 20 12 20 33] _42) = ([#"../result.rs" 20 37 20 38] [#"../result.rs" 20 37 20 38] (1 : int32))) + [#"../result.rs" 20 12 20 38] _40 <- ([#"../result.rs" 20 12 20 38] _42 = (1 : int32)); + switch (_40) | False -> goto BB34 | True -> goto BB33 end } BB33 { - [#"../result.rs" 21 13 21 25] _50 <- ([#"../result.rs" 21 13 21 25] as_ref0 ([#"../result.rs" 21 13 21 16] err)); + [#"../result.rs" 21 13 21 25] _50 <- ([#"../result.rs" 21 13 21 25] as_ref0 err); goto BB35 } BB34 { @@ -612,7 +659,8 @@ module Result_TestResult goto BB36 } BB36 { - switch ([#"../result.rs" 21 12 21 44] ([#"../result.rs" 21 12 21 38] _49) = ([#"../result.rs" 21 42 21 44] [#"../result.rs" 21 42 21 44] (-1 : int32))) + [#"../result.rs" 21 12 21 44] _47 <- ([#"../result.rs" 21 12 21 44] _49 = (-1 : int32)); + switch (_47) | False -> goto BB38 | True -> goto BB37 end @@ -634,13 +682,15 @@ module Result_TestResult goto BB40 } BB40 { - [#"../result.rs" 23 4 23 29] _53 <- { _53 with current = ([#"../result.rs" 23 4 23 29] [#"../result.rs" 23 28 23 29] (0 : int32)) ; }; + [#"../result.rs" 23 4 23 29] _53 <- { _53 with current = ([#"../result.rs" 23 4 23 29] (0 : int32)) ; }; assume { resolve0 _53 }; - [#"../result.rs" 24 12 24 23] _58 <- ([#"../result.rs" 24 12 24 23] unwrap3 ([#"../result.rs" 24 12 24 14] ok)); + [#"../result.rs" 24 12 24 23] _58 <- ([#"../result.rs" 24 12 24 23] unwrap3 ok); goto BB41 } BB41 { - switch ([#"../result.rs" 24 12 24 28] _58 = ([#"../result.rs" 24 27 24 28] [#"../result.rs" 24 27 24 28] (0 : int32))) + [#"../result.rs" 24 12 24 28] _57 <- ([#"../result.rs" 24 12 24 28] _58 = (0 : int32)); + _58 <- any int32; + switch (_57) | False -> goto BB43 | True -> goto BB42 end @@ -662,13 +712,15 @@ module Result_TestResult goto BB45 } BB45 { - [#"../result.rs" 25 4 25 29] _61 <- { _61 with current = ([#"../result.rs" 25 4 25 29] [#"../result.rs" 25 28 25 29] (1 : int32)) ; }; + [#"../result.rs" 25 4 25 29] _61 <- { _61 with current = ([#"../result.rs" 25 4 25 29] (1 : int32)) ; }; assume { resolve0 _61 }; - [#"../result.rs" 26 12 26 23] _66 <- ([#"../result.rs" 26 12 26 23] unwrap3 ([#"../result.rs" 26 12 26 14] ok)); + [#"../result.rs" 26 12 26 23] _66 <- ([#"../result.rs" 26 12 26 23] unwrap3 ok); goto BB46 } BB46 { - switch ([#"../result.rs" 26 12 26 28] _66 = ([#"../result.rs" 26 27 26 28] [#"../result.rs" 26 27 26 28] (1 : int32))) + [#"../result.rs" 26 12 26 28] _65 <- ([#"../result.rs" 26 12 26 28] _66 = (1 : int32)); + _66 <- any int32; + switch (_65) | False -> goto BB48 | True -> goto BB47 end @@ -690,13 +742,15 @@ module Result_TestResult goto BB50 } BB50 { - [#"../result.rs" 27 4 27 34] _69 <- { _69 with current = ([#"../result.rs" 27 4 27 34] [#"../result.rs" 27 33 27 34] (0 : int32)) ; }; + [#"../result.rs" 27 4 27 34] _69 <- { _69 with current = ([#"../result.rs" 27 4 27 34] (0 : int32)) ; }; assume { resolve0 _69 }; - [#"../result.rs" 28 12 28 28] _74 <- ([#"../result.rs" 28 12 28 28] unwrap_err2 ([#"../result.rs" 28 12 28 15] err)); + [#"../result.rs" 28 12 28 28] _74 <- ([#"../result.rs" 28 12 28 28] unwrap_err2 err); goto BB51 } BB51 { - switch ([#"../result.rs" 28 12 28 33] _74 = ([#"../result.rs" 28 32 28 33] [#"../result.rs" 28 32 28 33] (0 : int32))) + [#"../result.rs" 28 12 28 33] _73 <- ([#"../result.rs" 28 12 28 33] _74 = (0 : int32)); + _74 <- any int32; + switch (_73) | False -> goto BB53 | True -> goto BB52 end @@ -718,19 +772,21 @@ module Result_TestResult goto BB55 } BB55 { - [#"../result.rs" 29 4 29 35] _77 <- { _77 with current = ([#"../result.rs" 29 4 29 35] [#"../result.rs" 29 33 29 35] (-1 : int32)) ; }; + [#"../result.rs" 29 4 29 35] _77 <- { _77 with current = ([#"../result.rs" 29 4 29 35] (-1 : int32)) ; }; assume { resolve0 _77 }; - [#"../result.rs" 30 12 30 28] _82 <- ([#"../result.rs" 30 12 30 28] unwrap_err2 ([#"../result.rs" 30 12 30 15] err)); + [#"../result.rs" 30 12 30 28] _82 <- ([#"../result.rs" 30 12 30 28] unwrap_err2 err); goto BB56 } BB56 { - switch ([#"../result.rs" 30 12 30 34] _82 = ([#"../result.rs" 30 32 30 34] [#"../result.rs" 30 32 30 34] (-1 : int32))) + [#"../result.rs" 30 12 30 34] _81 <- ([#"../result.rs" 30 12 30 34] _82 = (-1 : int32)); + _82 <- any int32; + switch (_81) | False -> goto BB58 | True -> goto BB57 end } BB57 { - [#"../result.rs" 33 12 33 23] _87 <- ([#"../result.rs" 33 12 33 23] unwrap3 ([#"../result.rs" 33 12 33 14] ok)); + [#"../result.rs" 33 12 33 23] _87 <- ([#"../result.rs" 33 12 33 23] unwrap3 ok); goto BB59 } BB58 { @@ -738,13 +794,15 @@ module Result_TestResult absurd } BB59 { - switch ([#"../result.rs" 33 12 33 28] _87 = ([#"../result.rs" 33 27 33 28] [#"../result.rs" 33 27 33 28] (1 : int32))) + [#"../result.rs" 33 12 33 28] _86 <- ([#"../result.rs" 33 12 33 28] _87 = (1 : int32)); + _87 <- any int32; + switch (_86) | False -> goto BB61 | True -> goto BB60 end } BB60 { - [#"../result.rs" 37 12 37 28] _92 <- ([#"../result.rs" 37 12 37 28] unwrap_err2 ([#"../result.rs" 37 12 37 15] err)); + [#"../result.rs" 37 12 37 28] _92 <- ([#"../result.rs" 37 12 37 28] unwrap_err2 err); goto BB62 } BB61 { @@ -752,13 +810,15 @@ module Result_TestResult absurd } BB62 { - switch ([#"../result.rs" 37 12 37 34] _92 = ([#"../result.rs" 37 32 37 34] [#"../result.rs" 37 32 37 34] (-1 : int32))) + [#"../result.rs" 37 12 37 34] _91 <- ([#"../result.rs" 37 12 37 34] _92 = (-1 : int32)); + _92 <- any int32; + switch (_91) | False -> goto BB64 | True -> goto BB63 end } BB63 { - [#"../result.rs" 40 12 40 27] _97 <- ([#"../result.rs" 40 12 40 27] unwrap_or0 ([#"../result.rs" 40 12 40 14] ok) ([#"../result.rs" 40 25 40 26] [#"../result.rs" 40 25 40 26] (0 : int32))); + [#"../result.rs" 40 12 40 27] _97 <- ([#"../result.rs" 40 12 40 27] unwrap_or0 ok (0 : int32)); goto BB65 } BB64 { @@ -766,13 +826,15 @@ module Result_TestResult absurd } BB65 { - switch ([#"../result.rs" 40 12 40 32] _97 = ([#"../result.rs" 40 31 40 32] [#"../result.rs" 40 31 40 32] (1 : int32))) + [#"../result.rs" 40 12 40 32] _96 <- ([#"../result.rs" 40 12 40 32] _97 = (1 : int32)); + _97 <- any int32; + switch (_96) | False -> goto BB67 | True -> goto BB66 end } BB66 { - [#"../result.rs" 41 12 41 28] _102 <- ([#"../result.rs" 41 12 41 28] unwrap_or0 ([#"../result.rs" 41 12 41 15] err) ([#"../result.rs" 41 26 41 27] [#"../result.rs" 41 26 41 27] (0 : int32))); + [#"../result.rs" 41 12 41 28] _102 <- ([#"../result.rs" 41 12 41 28] unwrap_or0 err (0 : int32)); goto BB68 } BB67 { @@ -780,13 +842,15 @@ module Result_TestResult absurd } BB68 { - switch ([#"../result.rs" 41 12 41 33] _102 = ([#"../result.rs" 41 32 41 33] [#"../result.rs" 41 32 41 33] (0 : int32))) + [#"../result.rs" 41 12 41 33] _101 <- ([#"../result.rs" 41 12 41 33] _102 = (0 : int32)); + _102 <- any int32; + switch (_101) | False -> goto BB70 | True -> goto BB69 end } BB69 { - [#"../result.rs" 43 12 43 34] _107 <- ([#"../result.rs" 43 12 43 34] unwrap_or_default0 ([#"../result.rs" 43 12 43 14] ok)); + [#"../result.rs" 43 12 43 34] _107 <- ([#"../result.rs" 43 12 43 34] unwrap_or_default0 ok); goto BB71 } BB70 { @@ -794,13 +858,15 @@ module Result_TestResult absurd } BB71 { - switch ([#"../result.rs" 43 12 43 39] _107 = ([#"../result.rs" 43 38 43 39] [#"../result.rs" 43 38 43 39] (1 : int32))) + [#"../result.rs" 43 12 43 39] _106 <- ([#"../result.rs" 43 12 43 39] _107 = (1 : int32)); + _107 <- any int32; + switch (_106) | False -> goto BB73 | True -> goto BB72 end } BB72 { - [#"../result.rs" 44 12 44 35] _112 <- ([#"../result.rs" 44 12 44 35] unwrap_or_default0 ([#"../result.rs" 44 12 44 15] err)); + [#"../result.rs" 44 12 44 35] _112 <- ([#"../result.rs" 44 12 44 35] unwrap_or_default0 err); goto BB74 } BB73 { @@ -808,13 +874,17 @@ module Result_TestResult absurd } BB74 { - switch ([#"../result.rs" 44 12 44 40] _112 = ([#"../result.rs" 44 39 44 40] [#"../result.rs" 44 39 44 40] (0 : int32))) + [#"../result.rs" 44 12 44 40] _111 <- ([#"../result.rs" 44 12 44 40] _112 = (0 : int32)); + _112 <- any int32; + switch (_111) | False -> goto BB76 | True -> goto BB75 end } BB75 { - [#"../result.rs" 47 12 47 34] _118 <- ([#"../result.rs" 47 12 47 34] and0 ([#"../result.rs" 47 12 47 14] ok) ([#"../result.rs" 47 26 47 33] Core_Result_Result_Type.C_Err ([#"../result.rs" 47 30 47 32] [#"../result.rs" 47 30 47 32] (-2 : int32)))); + [#"../result.rs" 47 26 47 33] _120 <- ([#"../result.rs" 47 26 47 33] Core_Result_Result_Type.C_Err (-2 : int32)); + [#"../result.rs" 47 12 47 34] _118 <- ([#"../result.rs" 47 12 47 34] and0 ok _120); + _120 <- any Core_Result_Result_Type.t_result int32 int32; goto BB77 } BB76 { @@ -827,13 +897,17 @@ module Result_TestResult goto BB78 } BB78 { - switch ([#"../result.rs" 47 12 47 53] _117 = ([#"../result.rs" 47 51 47 53] [#"../result.rs" 47 51 47 53] (-2 : int32))) + [#"../result.rs" 47 12 47 53] _116 <- ([#"../result.rs" 47 12 47 53] _117 = (-2 : int32)); + _117 <- any int32; + switch (_116) | False -> goto BB80 | True -> goto BB79 end } BB79 { - [#"../result.rs" 48 12 48 25] _125 <- ([#"../result.rs" 48 12 48 25] and0 ([#"../result.rs" 48 12 48 14] ok) ([#"../result.rs" 48 19 48 24] Core_Result_Result_Type.C_Ok ([#"../result.rs" 48 22 48 23] [#"../result.rs" 48 22 48 23] (2 : int32)))); + [#"../result.rs" 48 19 48 24] _127 <- ([#"../result.rs" 48 19 48 24] Core_Result_Result_Type.C_Ok (2 : int32)); + [#"../result.rs" 48 12 48 25] _125 <- ([#"../result.rs" 48 12 48 25] and0 ok _127); + _127 <- any Core_Result_Result_Type.t_result int32 int32; goto BB81 } BB80 { @@ -846,13 +920,17 @@ module Result_TestResult goto BB82 } BB82 { - switch ([#"../result.rs" 48 12 48 39] _124 = ([#"../result.rs" 48 38 48 39] [#"../result.rs" 48 38 48 39] (2 : int32))) + [#"../result.rs" 48 12 48 39] _123 <- ([#"../result.rs" 48 12 48 39] _124 = (2 : int32)); + _124 <- any int32; + switch (_123) | False -> goto BB84 | True -> goto BB83 end } BB83 { - [#"../result.rs" 49 12 49 35] _132 <- ([#"../result.rs" 49 12 49 35] and0 ([#"../result.rs" 49 12 49 15] err) ([#"../result.rs" 49 27 49 34] Core_Result_Result_Type.C_Err ([#"../result.rs" 49 31 49 33] [#"../result.rs" 49 31 49 33] (-2 : int32)))); + [#"../result.rs" 49 27 49 34] _134 <- ([#"../result.rs" 49 27 49 34] Core_Result_Result_Type.C_Err (-2 : int32)); + [#"../result.rs" 49 12 49 35] _132 <- ([#"../result.rs" 49 12 49 35] and0 err _134); + _134 <- any Core_Result_Result_Type.t_result int32 int32; goto BB85 } BB84 { @@ -865,13 +943,17 @@ module Result_TestResult goto BB86 } BB86 { - switch ([#"../result.rs" 49 12 49 54] _131 = ([#"../result.rs" 49 52 49 54] [#"../result.rs" 49 52 49 54] (-1 : int32))) + [#"../result.rs" 49 12 49 54] _130 <- ([#"../result.rs" 49 12 49 54] _131 = (-1 : int32)); + _131 <- any int32; + switch (_130) | False -> goto BB88 | True -> goto BB87 end } BB87 { - [#"../result.rs" 50 12 50 26] _139 <- ([#"../result.rs" 50 12 50 26] and0 ([#"../result.rs" 50 12 50 15] err) ([#"../result.rs" 50 20 50 25] Core_Result_Result_Type.C_Ok ([#"../result.rs" 50 23 50 24] [#"../result.rs" 50 23 50 24] (2 : int32)))); + [#"../result.rs" 50 20 50 25] _141 <- ([#"../result.rs" 50 20 50 25] Core_Result_Result_Type.C_Ok (2 : int32)); + [#"../result.rs" 50 12 50 26] _139 <- ([#"../result.rs" 50 12 50 26] and0 err _141); + _141 <- any Core_Result_Result_Type.t_result int32 int32; goto BB89 } BB88 { @@ -884,13 +966,17 @@ module Result_TestResult goto BB90 } BB90 { - switch ([#"../result.rs" 50 12 50 45] _138 = ([#"../result.rs" 50 43 50 45] [#"../result.rs" 50 43 50 45] (-1 : int32))) + [#"../result.rs" 50 12 50 45] _137 <- ([#"../result.rs" 50 12 50 45] _138 = (-1 : int32)); + _138 <- any int32; + switch (_137) | False -> goto BB92 | True -> goto BB91 end } BB91 { - [#"../result.rs" 53 12 53 26] _146 <- ([#"../result.rs" 53 12 53 26] or0 ([#"../result.rs" 53 12 53 14] ok) ([#"../result.rs" 53 18 53 25] Core_Result_Result_Type.C_Err ([#"../result.rs" 53 22 53 24] [#"../result.rs" 53 22 53 24] (-2 : int32)))); + [#"../result.rs" 53 18 53 25] _148 <- ([#"../result.rs" 53 18 53 25] Core_Result_Result_Type.C_Err (-2 : int32)); + [#"../result.rs" 53 12 53 26] _146 <- ([#"../result.rs" 53 12 53 26] or0 ok _148); + _148 <- any Core_Result_Result_Type.t_result int32 int32; goto BB93 } BB92 { @@ -903,13 +989,17 @@ module Result_TestResult goto BB94 } BB94 { - switch ([#"../result.rs" 53 12 53 40] _145 = ([#"../result.rs" 53 39 53 40] [#"../result.rs" 53 39 53 40] (1 : int32))) + [#"../result.rs" 53 12 53 40] _144 <- ([#"../result.rs" 53 12 53 40] _145 = (1 : int32)); + _145 <- any int32; + switch (_144) | False -> goto BB96 | True -> goto BB95 end } BB95 { - [#"../result.rs" 54 12 54 31] _153 <- ([#"../result.rs" 54 12 54 31] or0 ([#"../result.rs" 54 12 54 14] ok) ([#"../result.rs" 54 25 54 30] Core_Result_Result_Type.C_Ok ([#"../result.rs" 54 28 54 29] [#"../result.rs" 54 28 54 29] (2 : int32)))); + [#"../result.rs" 54 25 54 30] _155 <- ([#"../result.rs" 54 25 54 30] Core_Result_Result_Type.C_Ok (2 : int32)); + [#"../result.rs" 54 12 54 31] _153 <- ([#"../result.rs" 54 12 54 31] or0 ok _155); + _155 <- any Core_Result_Result_Type.t_result int32 int32; goto BB97 } BB96 { @@ -922,13 +1012,17 @@ module Result_TestResult goto BB98 } BB98 { - switch ([#"../result.rs" 54 12 54 45] _152 = ([#"../result.rs" 54 44 54 45] [#"../result.rs" 54 44 54 45] (1 : int32))) + [#"../result.rs" 54 12 54 45] _151 <- ([#"../result.rs" 54 12 54 45] _152 = (1 : int32)); + _152 <- any int32; + switch (_151) | False -> goto BB100 | True -> goto BB99 end } BB99 { - [#"../result.rs" 55 12 55 27] _160 <- ([#"../result.rs" 55 12 55 27] or0 ([#"../result.rs" 55 12 55 15] err) ([#"../result.rs" 55 19 55 26] Core_Result_Result_Type.C_Err ([#"../result.rs" 55 23 55 25] [#"../result.rs" 55 23 55 25] (-2 : int32)))); + [#"../result.rs" 55 19 55 26] _162 <- ([#"../result.rs" 55 19 55 26] Core_Result_Result_Type.C_Err (-2 : int32)); + [#"../result.rs" 55 12 55 27] _160 <- ([#"../result.rs" 55 12 55 27] or0 err _162); + _162 <- any Core_Result_Result_Type.t_result int32 int32; goto BB101 } BB100 { @@ -941,13 +1035,17 @@ module Result_TestResult goto BB102 } BB102 { - switch ([#"../result.rs" 55 12 55 46] _159 = ([#"../result.rs" 55 44 55 46] [#"../result.rs" 55 44 55 46] (-2 : int32))) + [#"../result.rs" 55 12 55 46] _158 <- ([#"../result.rs" 55 12 55 46] _159 = (-2 : int32)); + _159 <- any int32; + switch (_158) | False -> goto BB104 | True -> goto BB103 end } BB103 { - [#"../result.rs" 56 12 56 32] _167 <- ([#"../result.rs" 56 12 56 32] or0 ([#"../result.rs" 56 12 56 15] err) ([#"../result.rs" 56 26 56 31] Core_Result_Result_Type.C_Ok ([#"../result.rs" 56 29 56 30] [#"../result.rs" 56 29 56 30] (2 : int32)))); + [#"../result.rs" 56 26 56 31] _169 <- ([#"../result.rs" 56 26 56 31] Core_Result_Result_Type.C_Ok (2 : int32)); + [#"../result.rs" 56 12 56 32] _167 <- ([#"../result.rs" 56 12 56 32] or0 err _169); + _169 <- any Core_Result_Result_Type.t_result int32 int32; goto BB105 } BB104 { @@ -960,13 +1058,15 @@ module Result_TestResult goto BB106 } BB106 { - switch ([#"../result.rs" 56 12 56 46] _166 = ([#"../result.rs" 56 45 56 46] [#"../result.rs" 56 45 56 46] (2 : int32))) + [#"../result.rs" 56 12 56 46] _165 <- ([#"../result.rs" 56 12 56 46] _166 = (2 : int32)); + _166 <- any int32; + switch (_165) | False -> goto BB108 | True -> goto BB107 end } BB107 { - [#"../result.rs" 59 12 59 23] _175 <- ([#"../result.rs" 59 12 59 23] as_ref0 ([#"../result.rs" 59 12 59 14] ok)); + [#"../result.rs" 59 12 59 23] _175 <- ([#"../result.rs" 59 12 59 23] as_ref0 ok); goto BB109 } BB108 { @@ -984,13 +1084,15 @@ module Result_TestResult goto BB111 } BB111 { - switch ([#"../result.rs" 59 12 59 46] _173 = ([#"../result.rs" 59 45 59 46] [#"../result.rs" 59 45 59 46] (1 : int32))) + [#"../result.rs" 59 12 59 46] _172 <- ([#"../result.rs" 59 12 59 46] _173 = (1 : int32)); + _173 <- any int32; + switch (_172) | False -> goto BB113 | True -> goto BB112 end } BB112 { - [#"../result.rs" 60 13 60 25] _183 <- ([#"../result.rs" 60 13 60 25] as_ref0 ([#"../result.rs" 60 13 60 16] err)); + [#"../result.rs" 60 13 60 25] _183 <- ([#"../result.rs" 60 13 60 25] as_ref0 err); goto BB114 } BB113 { @@ -1008,7 +1110,8 @@ module Result_TestResult goto BB116 } BB116 { - switch ([#"../result.rs" 60 12 60 53] ([#"../result.rs" 60 12 60 47] _181) = ([#"../result.rs" 60 51 60 53] [#"../result.rs" 60 51 60 53] (-1 : int32))) + [#"../result.rs" 60 12 60 53] _179 <- ([#"../result.rs" 60 12 60 53] _181 = (-1 : int32)); + switch (_179) | False -> goto BB118 | True -> goto BB117 end @@ -1035,7 +1138,9 @@ module Result_TestResult goto BB121 } BB121 { - switch ([#"../result.rs" 61 12 61 46] _188 = ([#"../result.rs" 61 45 61 46] [#"../result.rs" 61 45 61 46] (1 : int32))) + [#"../result.rs" 61 12 61 46] _187 <- ([#"../result.rs" 61 12 61 46] _188 = (1 : int32)); + _188 <- any int32; + switch (_187) | False -> goto BB123 | True -> goto BB122 end @@ -1063,13 +1168,14 @@ module Result_TestResult } BB126 { assume { resolve0 _196 }; - switch ([#"../result.rs" 62 12 62 53] ([#"../result.rs" 62 12 62 47] * _196) = ([#"../result.rs" 62 51 62 53] [#"../result.rs" 62 51 62 53] (-1 : int32))) + [#"../result.rs" 62 12 62 53] _194 <- ([#"../result.rs" 62 12 62 53] * _196 = (-1 : int32)); + switch (_194) | False -> goto BB128 | True -> goto BB127 end } BB127 { - [#"../result.rs" 64 12 64 23] _205 <- ([#"../result.rs" 64 12 64 23] as_ref0 ([#"../result.rs" 64 12 64 14] ok)); + [#"../result.rs" 64 12 64 23] _205 <- ([#"../result.rs" 64 12 64 23] as_ref0 ok); goto BB129 } BB128 { @@ -1087,13 +1193,15 @@ module Result_TestResult goto BB131 } BB131 { - switch ([#"../result.rs" 64 12 64 46] _203 = ([#"../result.rs" 64 45 64 46] [#"../result.rs" 64 45 64 46] (1 : int32))) + [#"../result.rs" 64 12 64 46] _202 <- ([#"../result.rs" 64 12 64 46] _203 = (1 : int32)); + _203 <- any int32; + switch (_202) | False -> goto BB133 | True -> goto BB132 end } BB132 { - [#"../result.rs" 65 13 65 25] _213 <- ([#"../result.rs" 65 13 65 25] as_ref0 ([#"../result.rs" 65 13 65 16] err)); + [#"../result.rs" 65 13 65 25] _213 <- ([#"../result.rs" 65 13 65 25] as_ref0 err); goto BB134 } BB133 { @@ -1111,7 +1219,8 @@ module Result_TestResult goto BB136 } BB136 { - switch ([#"../result.rs" 65 12 65 53] ([#"../result.rs" 65 12 65 47] _211) = ([#"../result.rs" 65 51 65 53] [#"../result.rs" 65 51 65 53] (-1 : int32))) + [#"../result.rs" 65 12 65 53] _209 <- ([#"../result.rs" 65 12 65 53] _211 = (-1 : int32)); + switch (_209) | False -> goto BB138 | True -> goto BB137 end @@ -1138,7 +1247,9 @@ module Result_TestResult goto BB141 } BB141 { - switch ([#"../result.rs" 66 12 66 46] _218 = ([#"../result.rs" 66 45 66 46] [#"../result.rs" 66 45 66 46] (1 : int32))) + [#"../result.rs" 66 12 66 46] _217 <- ([#"../result.rs" 66 12 66 46] _218 = (1 : int32)); + _218 <- any int32; + switch (_217) | False -> goto BB143 | True -> goto BB142 end @@ -1166,14 +1277,17 @@ module Result_TestResult } BB146 { assume { resolve0 _226 }; - switch ([#"../result.rs" 67 12 67 53] ([#"../result.rs" 67 12 67 47] * _226) = ([#"../result.rs" 67 51 67 53] [#"../result.rs" 67 51 67 53] (-1 : int32))) + [#"../result.rs" 67 12 67 53] _224 <- ([#"../result.rs" 67 12 67 53] * _226 = (-1 : int32)); + switch (_224) | False -> goto BB148 | True -> goto BB147 end } BB147 { - [#"../result.rs" 70 40 70 48] res <- ([#"../result.rs" 70 40 70 48] Core_Result_Result_Type.C_Ok ([#"../result.rs" 70 43 70 47] Core_Option_Option_Type.C_None)); - [#"../result.rs" 71 12 71 27] _236 <- ([#"../result.rs" 71 12 71 27] transpose0 ([#"../result.rs" 71 12 71 15] res)); + [#"../result.rs" 70 43 70 47] _232 <- ([#"../result.rs" 70 43 70 47] Core_Option_Option_Type.C_None); + [#"../result.rs" 70 40 70 48] res <- ([#"../result.rs" 70 40 70 48] Core_Result_Result_Type.C_Ok _232); + _232 <- any Core_Option_Option_Type.t_option int32; + [#"../result.rs" 71 12 71 27] _236 <- ([#"../result.rs" 71 12 71 27] transpose0 res); goto BB149 } BB148 { @@ -1181,7 +1295,7 @@ module Result_TestResult absurd } BB149 { - [#"../result.rs" 71 12 71 37] _234 <- ([#"../result.rs" 71 12 71 37] is_none1 ([#"../result.rs" 71 12 71 27] _236)); + [#"../result.rs" 71 12 71 37] _234 <- ([#"../result.rs" 71 12 71 37] is_none1 _236); goto BB150 } BB150 { @@ -1191,8 +1305,10 @@ module Result_TestResult end } BB151 { - [#"../result.rs" 72 40 72 51] res1 <- ([#"../result.rs" 72 40 72 51] Core_Result_Result_Type.C_Ok ([#"../result.rs" 72 43 72 50] Core_Option_Option_Type.C_Some ([#"../result.rs" 72 48 72 49] [#"../result.rs" 72 48 72 49] (1 : int32)))); - [#"../result.rs" 73 12 73 27] _245 <- ([#"../result.rs" 73 12 73 27] transpose0 ([#"../result.rs" 73 12 73 15] res1)); + [#"../result.rs" 72 43 72 50] _240 <- ([#"../result.rs" 72 43 72 50] Core_Option_Option_Type.C_Some (1 : int32)); + [#"../result.rs" 72 40 72 51] res1 <- ([#"../result.rs" 72 40 72 51] Core_Result_Result_Type.C_Ok _240); + _240 <- any Core_Option_Option_Type.t_option int32; + [#"../result.rs" 73 12 73 27] _245 <- ([#"../result.rs" 73 12 73 27] transpose0 res1); goto BB153 } BB152 { @@ -1210,14 +1326,16 @@ module Result_TestResult goto BB155 } BB155 { - switch ([#"../result.rs" 73 12 73 50] _243 = ([#"../result.rs" 73 49 73 50] [#"../result.rs" 73 49 73 50] (1 : int32))) + [#"../result.rs" 73 12 73 50] _242 <- ([#"../result.rs" 73 12 73 50] _243 = (1 : int32)); + _243 <- any int32; + switch (_242) | False -> goto BB157 | True -> goto BB156 end } BB156 { - [#"../result.rs" 74 40 74 47] res2 <- ([#"../result.rs" 74 40 74 47] Core_Result_Result_Type.C_Err ([#"../result.rs" 74 44 74 46] [#"../result.rs" 74 44 74 46] (-1 : int32))); - [#"../result.rs" 75 12 75 27] _253 <- ([#"../result.rs" 75 12 75 27] transpose0 ([#"../result.rs" 75 12 75 15] res2)); + [#"../result.rs" 74 40 74 47] res2 <- ([#"../result.rs" 74 40 74 47] Core_Result_Result_Type.C_Err (-1 : int32)); + [#"../result.rs" 75 12 75 27] _253 <- ([#"../result.rs" 75 12 75 27] transpose0 res2); goto BB158 } BB157 { @@ -1235,7 +1353,9 @@ module Result_TestResult goto BB160 } BB160 { - switch ([#"../result.rs" 75 12 75 55] _251 = ([#"../result.rs" 75 53 75 55] [#"../result.rs" 75 53 75 55] (-1 : int32))) + [#"../result.rs" 75 12 75 55] _250 <- ([#"../result.rs" 75 12 75 55] _251 = (-1 : int32)); + _251 <- any int32; + switch (_250) | False -> goto BB162 | True -> goto BB161 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_max.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_max.mlcfg index 8fbda132fa..6bc1d51054 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_max.mlcfg @@ -21,12 +21,14 @@ module IncMax_TakeMax var mb : borrowed uint32 = mb; var _3 : borrowed uint32; var _5 : borrowed uint32; + var _6 : bool; var _9 : borrowed uint32; { goto BB0 } BB0 { - switch ([#"../inc_max.rs" 7 7 7 17] ([#"../inc_max.rs" 7 7 7 10] * ma) >= ([#"../inc_max.rs" 7 14 7 17] * mb)) + [#"../inc_max.rs" 7 7 7 17] _6 <- ([#"../inc_max.rs" 7 7 7 17] * ma >= * mb); + switch (_6) | False -> goto BB2 | True -> goto BB1 end @@ -87,6 +89,7 @@ module IncMax_IncMax var _6 : borrowed uint32; var _7 : borrowed uint32; var _8 : borrowed uint32; + var _10 : bool; { goto BB0 } @@ -107,9 +110,10 @@ module IncMax_IncMax BB1 { assume { resolve0 _8 }; assume { resolve0 _6 }; - [#"../inc_max.rs" 17 4 17 12] mc <- { mc with current = ([#"../inc_max.rs" 17 4 17 12] * mc + ([#"../inc_max.rs" 17 11 17 12] [#"../inc_max.rs" 17 11 17 12] (1 : uint32))) ; }; + [#"../inc_max.rs" 17 4 17 12] mc <- { mc with current = ([#"../inc_max.rs" 17 4 17 12] * mc + (1 : uint32)) ; }; assume { resolve0 mc }; - switch ([#"../inc_max.rs" 18 12 18 18] ([#"../inc_max.rs" 18 12 18 13] a) <> ([#"../inc_max.rs" 18 17 18 18] b)) + [#"../inc_max.rs" 18 12 18 18] _10 <- ([#"../inc_max.rs" 18 12 18 18] a <> b); + switch (_10) | False -> goto BB3 | True -> goto BB2 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_max/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_max/why3session.xml index 15b2561ce5..d1ad93ed1a 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_max/why3session.xml @@ -7,12 +7,12 @@ - + - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_max/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_max/why3shapes.gz index 106d2706f0afbca3e6672d67b695b456424243bf..51a9ac3bf20929e5f0b9fe5dcf607b13b169f0b0 100644 GIT binary patch literal 549 zcmV+=0^0o_iwFP!00000|AkXckDD+Mz4I%$ZJS;^HW;XyN+=52NIh0QZZr_nqRm1D z$+kbg02U@M$;s^&E^)#GcHB)@H7qdOE*&#bn3}9Ff<2d}*r-zqkic?_Q z^>|hiyOWaD!RC>he`Cn;hrS%mjms>j&pBl)9O-cq^DMD0Ql$YW4LFIzN$De}9eHtE zwGu15#N&Z^ZirHe0$w^e-~rE5NCsN=<-J;l6`m(;kd4!w5>pAS?}fAZL$db~(-84i z0r(QY)ZiWY3Jn4rGjDBuKwx4Y&_qBB9T%p-^ZWt7k5{e0mJZPQa*Xl6%Gg&`q;_#T zjPV7Z_3;J&M7#FTmaRj%c7erHc*w=^~ZX+_NVFX?KeyPQr7n*giRtPwyQ(uS?7*oX+>&H@+O)mv#jZq zD>}Jl1J(+qm#(=eBn1EfzF-Lo literal 517 zcmV+g0{ZyO8=I;3s<7nvm z0iKM6zA^G#x;&KqTZ4ih?e$_$d}a!VcglA-a>2>$wamFlBLa>HIGM*0IMB(`z+Baa z@9?q(kJ{^&D3clL2(x<{@D>WufYYg1tF?r3d%Th%ED9Cx1>z2wpO#ozh?U)9@g-Ph zC-2C1Xo%wBh`sA7qnHLe1vD1W!do-@v~lMDfBEw{G2hZ|oYE^iwwGu4lXPWQbfwRn zME~d}RvK+K(xA#|L&e1yng?ct%iKR^43Wd9&0f~@TtGius_|uL=C`NcZT4cT$u$Y? zk`TzRR|drzm}f~kg*lVF@%CV+Jy&wa6?0OgdwJnaU!1nJY45~PM?tZx#B?OF#nE=G z-t-E#hN1s#3@0!CZe#GZF}zcTcm0YRw#2|*!PS@TE7X*@uh<=saBx#gKh#bvNuFy} zi6&PS?*Md_b5)_O>2h8XQHhk^lY~fBla>+9Q1GnMT#HWSk~gjH2 goto BB3 | True -> goto BB1 end @@ -77,7 +81,8 @@ module IncMax3_IncMax3 goto BB4 } BB4 { - switch ([#"../inc_max_3.rs" 16 7 16 16] ([#"../inc_max_3.rs" 16 7 16 10] * mb) < ([#"../inc_max_3.rs" 16 13 16 16] * mc)) + [#"../inc_max_3.rs" 16 7 16 16] _16 <- ([#"../inc_max_3.rs" 16 7 16 16] * mb < * mc); + switch (_16) | False -> goto BB7 | True -> goto BB5 end @@ -109,7 +114,8 @@ module IncMax3_IncMax3 goto BB8 } BB8 { - switch ([#"../inc_max_3.rs" 19 7 19 16] ([#"../inc_max_3.rs" 19 7 19 10] * ma) < ([#"../inc_max_3.rs" 19 13 19 16] * mb)) + [#"../inc_max_3.rs" 19 7 19 16] _25 <- ([#"../inc_max_3.rs" 19 7 19 16] * ma < * mb); + switch (_25) | False -> goto BB11 | True -> goto BB9 end @@ -139,9 +145,9 @@ module IncMax3_IncMax3 goto BB12 } BB12 { - [#"../inc_max_3.rs" 22 4 22 12] ma <- { ma with current = ([#"../inc_max_3.rs" 22 4 22 12] * ma + ([#"../inc_max_3.rs" 22 11 22 12] [#"../inc_max_3.rs" 22 11 22 12] (2 : uint32))) ; }; + [#"../inc_max_3.rs" 22 4 22 12] ma <- { ma with current = ([#"../inc_max_3.rs" 22 4 22 12] * ma + (2 : uint32)) ; }; assume { resolve1 ma }; - [#"../inc_max_3.rs" 23 4 23 12] mb <- { mb with current = ([#"../inc_max_3.rs" 23 4 23 12] * mb + ([#"../inc_max_3.rs" 23 11 23 12] [#"../inc_max_3.rs" 23 11 23 12] (1 : uint32))) ; }; + [#"../inc_max_3.rs" 23 4 23 12] mb <- { mb with current = ([#"../inc_max_3.rs" 23 4 23 12] * mb + (1 : uint32)) ; }; assume { resolve1 mb }; [#"../inc_max_3.rs" 12 80 24 1] _0 <- ([#"../inc_max_3.rs" 12 80 24 1] ()); return _0 @@ -176,6 +182,9 @@ module IncMax3_TestIncMax3 var _9 : borrowed uint32; var _10 : borrowed uint32; var _11 : borrowed uint32; + var _13 : bool; + var _16 : bool; + var _19 : bool; { goto BB0 } @@ -202,19 +211,22 @@ module IncMax3_TestIncMax3 assume { resolve0 _11 }; assume { resolve0 _9 }; assume { resolve0 _7 }; - switch ([#"../inc_max_3.rs" 29 12 29 18] ([#"../inc_max_3.rs" 29 12 29 13] a) <> ([#"../inc_max_3.rs" 29 17 29 18] b)) + [#"../inc_max_3.rs" 29 12 29 18] _13 <- ([#"../inc_max_3.rs" 29 12 29 18] a <> b); + switch (_13) | False -> goto BB7 | True -> goto BB2 end } BB2 { - switch ([#"../inc_max_3.rs" 29 22 29 28] ([#"../inc_max_3.rs" 29 22 29 23] b) <> ([#"../inc_max_3.rs" 29 27 29 28] c)) + [#"../inc_max_3.rs" 29 22 29 28] _16 <- ([#"../inc_max_3.rs" 29 22 29 28] b <> c); + switch (_16) | False -> goto BB6 | True -> goto BB3 end } BB3 { - switch ([#"../inc_max_3.rs" 29 32 29 38] ([#"../inc_max_3.rs" 29 32 29 33] c) <> ([#"../inc_max_3.rs" 29 37 29 38] a)) + [#"../inc_max_3.rs" 29 32 29 38] _19 <- ([#"../inc_max_3.rs" 29 32 29 38] c <> a); + switch (_19) | False -> goto BB5 | True -> goto BB4 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_3/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_max_3/why3session.xml index 8bfcc6d23d..6a0fbad5e5 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max_3/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_max_3/why3session.xml @@ -7,12 +7,12 @@ - + - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_3/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_max_3/why3shapes.gz index 864e153711fa844e45d6b58264920c68c1e7968d..427548bb446f72c799cfc200868172d479d637fa 100644 GIT binary patch literal 837 zcmV-L1G@YliwFP!00000|9w?WZ`&{oz2{ft)-Ah;q-5DcdkBga4KVC9=(s{j>@8TE z3`yGU=Z_*K*U_-GsLC(%(G>aoZZSW7k3aj<{Ix%xc8C4Pc{5+UpM8!u@oPZ-GfR~r z=~*^OU!7O+*q;thuRR1Xt9Zj_Tpy0d!>@jO_534raoFwSQ?PNj4fdWR;>&J-CcNU4 zy&tA(yMg;<-0dINhnM~K^q2EfTm(Bo^a;>k;58YK5+2of&1Fir!GGhiGvU$dmO*R) zT=IVk0P#LPo%&LR3D7Rz6r`oL4f$E{s(@z&B>~d3Tn*HU(WH{m+({S)gd~X#;G%e_j*cs=QEiib+)a#O2;U)?U>E*UTT4S{IVZ!%M*(SDOl z?dkGObm5QCXHA`X~4RZXfN;Xj0u#jM{Z!V|UnhhBF`P)bK z-#%=MFMU!hRE1kpctVzz{Jn%R<8<_O@ZXG6(ciIMNMs?CiyU+)3BC#CPNlVIQJ*U z9eH8adFcAVxvg!mwfyV1J#7ct3_~A%*UsU=%r>rfU5m^UO|y1uXRSjpmeydlXtrif P4>)-Ah;q-@zkdoYF+4KVbmV*@3&w_t5D zBx$#wKT=<@-8DdDilY1|>hby0vN->Azx#9X)}PM%o+I4r{%|3@;gMIr zjHmSu?pwD%Y_`YOLwA0+_}wk79w8b5G!wik;*sFd9Iu+bvfSavc)TchwB9p_wty`^ z$pR#NWx=%92}*zz2zVD%VFDFT5M(RjIMEOoa)m~cg=Xc$z@idMe5l-y{<86_;#!Jl znL@Pyh@VFb^(sU_&AIw@Ff&9*)d7DUphH+?p-hNSW<(v|SIQ7VNnWD;Cawr2M5)Tk z-Hxg!UYO0Xl}Z9yr1pA;cr^*e<*Y{&(xIG0QUVhTZRC2$=cQ*S<-o`T<%ys|`eX^y zNeR&fP9ns`=hY$z_)^XoJb5=(z|We77Ct9+eRg2Xbu&hsOLg0z}n z;L)N^h?)!buDVFGxi2pAP54&<_vf{G&8U<*mQqV8sg8B6rL%k~^`w*w`>hy`r(%ED zZC>2p4K0TC&e=OEl&iV7lG!DB0b{=PbUQZXO+P%o<_p zl}}m38XioVQ0SpBGv4DbK+Rhx2^sg0G)J|X_MQ0Z+&WciMK1-Z8K1J9J5Jgw5(?%V zhQwj;9ELzfX|~K^$Q*{qVGs_dP~mX0l}!}poV{yKU^9_wA7X6gZl-RO1tD$-Duqo! zkZh6!vI2X1Hzg^V9Vq|%&l-HZhGkk4;?X>DN|}>So&0Bpy_PEf0T5qKpJM(b2S}lE zgk= ([#"../inc_max_many.rs" 7 14 7 17] * mb)) + [#"../inc_max_many.rs" 7 7 7 17] _6 <- ([#"../inc_max_many.rs" 7 7 7 17] * ma >= * mb); + switch (_6) | False -> goto BB2 | True -> goto BB1 end @@ -88,6 +90,10 @@ module IncMaxMany_IncMaxMany var _7 : borrowed uint32; var _8 : borrowed uint32; var _9 : borrowed uint32; + var _12 : bool; + var _14 : uint32; + var _17 : bool; + var _19 : uint32; { goto BB0 } @@ -108,9 +114,12 @@ module IncMaxMany_IncMaxMany BB1 { assume { resolve0 _9 }; assume { resolve0 _7 }; - [#"../inc_max_many.rs" 17 4 17 12] mc <- { mc with current = ([#"../inc_max_many.rs" 17 4 17 12] * mc + ([#"../inc_max_many.rs" 17 11 17 12] k)) ; }; + [#"../inc_max_many.rs" 17 4 17 12] mc <- { mc with current = ([#"../inc_max_many.rs" 17 4 17 12] * mc + k) ; }; assume { resolve0 mc }; - switch ([#"../inc_max_many.rs" 18 12 18 22] ([#"../inc_max_many.rs" 18 12 18 13] a) >= ([#"../inc_max_many.rs" 18 17 18 22] ([#"../inc_max_many.rs" 18 17 18 18] b) + ([#"../inc_max_many.rs" 18 21 18 22] k))) + [#"../inc_max_many.rs" 18 17 18 22] _14 <- ([#"../inc_max_many.rs" 18 17 18 22] b + k); + [#"../inc_max_many.rs" 18 12 18 22] _12 <- ([#"../inc_max_many.rs" 18 12 18 22] a >= _14); + _14 <- any uint32; + switch (_12) | False -> goto BB3 | True -> goto BB2 end @@ -119,7 +128,10 @@ module IncMaxMany_IncMaxMany goto BB4 } BB3 { - switch ([#"../inc_max_many.rs" 18 26 18 36] ([#"../inc_max_many.rs" 18 26 18 27] b) >= ([#"../inc_max_many.rs" 18 31 18 36] ([#"../inc_max_many.rs" 18 31 18 32] a) + ([#"../inc_max_many.rs" 18 35 18 36] k))) + [#"../inc_max_many.rs" 18 31 18 36] _19 <- ([#"../inc_max_many.rs" 18 31 18 36] a + k); + [#"../inc_max_many.rs" 18 26 18 36] _17 <- ([#"../inc_max_many.rs" 18 26 18 36] b >= _19); + _19 <- any uint32; + switch (_17) | False -> goto BB5 | True -> goto BB4 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_many/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_max_many/why3session.xml index b220a46584..83d3114756 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max_many/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_max_many/why3session.xml @@ -8,12 +8,12 @@ - + - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_many/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_max_many/why3shapes.gz index 6af70ae55cef5861194b999f42fa21fb940baf09..baa7c69838c0f03bb8e46399bf676b94a9c296dd 100644 GIT binary patch literal 605 zcmV-j0;2sNiwFP!00000|BX~jZ`&{ozWZ1B)-Ah;lJ)Sg3^0Ni4Y1>&V*@(2H>0UN z#7VdP`{`k)vWm0|AVnfSeI(7thgCZM#9z&rJ~yYa8~V?wNLL?|4%a%@P~aL@n&5+3 zRzSP}i~#WK8ZTXcX7tYN4z{?$4o}TE9G@GaX>ex28Ax!EJ7WU~R>SEu{BG*Ir$=Ka z$F}S7s0DVl7Uj!vv%e8_aaXzIE||A!FN_jm>Ox#+glU=s)21)1}eiLI>!kaIEm%%Gj1= zqBm(foYFHsHv1?1lWaEat}R+mbN1wv+cZ&ro7`9qZ`3E2W|}gW+EB;vQ+VeKWm#a? z@2la`*W+8brGL~}qi^`Pd=1_`(3HG#k1Wkbf!+2m0*2j{yN=4kj30P*kAeL>;(f rinTI@dy*)inaX$$iZD(LvPMxedB93k70+qP?rHK5QWhQ4Q3e12V0$iS literal 558 zcmV+}0@3{+iwFP!00000|BX~pZ`&Xce)q5NTes|mGsfVlnG{WlYH8XdkBiPV?yR=< zl%(DE@5g~jFjcli!hyTv`ws3q-mUWEcl=?F`Kvh`hiUwnSNZCFHsD&<8aBAbm1g+O z4l*!r0BZpJw8ocVJn`bjeqGpN2@M|1ae8_+Oc&9dM{{7&LN=BI7`D^lF#R;$&GVz> zsj(kMe9{#TovwC`%R|vW85BO4)1Ev&Gi8Slk_k>VT z;ZCi2f>+LXK-=k}bg98z7_A}T%~xm*_OsnwPD>Zc$$hyDK`0=u5pjpiw=-86xXLpZ zpUF!4_`o7TvnU>p(O!2luxS+AfK~*wQ0sz98)yFS%I|iW{+##IAwS`x*+1j2tZ({F z-+WzerE7^+1yD5>2K*4O#lpGU;4tpn>1FJWe~Wv=x^%OYlr6!M9Ivw`fw9bMC+#|} zg$5N0>!b}%whKI!;LHC_WEuE{N>WAXs5rIKrB+$pdAWl)>quI?NNDujD(M#n_D&doFdtUnI!96BP&sV9+>-W5(iv!u;4g%$S~ehgV-_t&N3-$)rwB4miLHtE4gZ| wt?MOknP^20cP!(khn};})P{8e?TcBph6`D>s07qq&hLus4-s%$mf8gX0J!fQS^xk5 diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg index adeffc0c7b..b673e8b19e 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_max_repeat.mlcfg @@ -21,12 +21,14 @@ module IncMaxRepeat_TakeMax var mb : borrowed uint32 = mb; var _3 : borrowed uint32; var _5 : borrowed uint32; + var _6 : bool; var _9 : borrowed uint32; { goto BB0 } BB0 { - switch ([#"../inc_max_repeat.rs" 7 7 7 17] ([#"../inc_max_repeat.rs" 7 7 7 10] * ma) >= ([#"../inc_max_repeat.rs" 7 14 7 17] * mb)) + [#"../inc_max_repeat.rs" 7 7 7 17] _6 <- ([#"../inc_max_repeat.rs" 7 7 7 17] * ma >= * mb); + switch (_6) | False -> goto BB2 | True -> goto BB1 end @@ -231,6 +233,7 @@ module IncMaxRepeat_IncMaxRepeat var b : uint32 = b; var n : uint32 = n; var iter : Core_Ops_Range_Range_Type.t_range uint32; + var _7 : Core_Ops_Range_Range_Type.t_range uint32; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range uint32); var produced : Snapshot.snap_ty (Seq.seq uint32); var _18 : Core_Option_Option_Type.t_option uint32; @@ -243,11 +246,17 @@ module IncMaxRepeat_IncMaxRepeat var _27 : borrowed uint32; var _28 : borrowed uint32; var _29 : borrowed uint32; + var _32 : bool; + var _34 : uint32; + var _37 : bool; + var _39 : uint32; { goto BB0 } BB0 { - [#"../inc_max_repeat.rs" 16 4 16 86] iter <- ([#"../inc_max_repeat.rs" 16 4 16 86] into_iter0 ([#"../inc_max_repeat.rs" 18 13 18 17] Core_Ops_Range_Range_Type.C_Range ([#"../inc_max_repeat.rs" 18 13 18 14] [#"../inc_max_repeat.rs" 18 13 18 14] (0 : uint32)) ([#"../inc_max_repeat.rs" 18 16 18 17] n))); + [#"../inc_max_repeat.rs" 18 13 18 17] _7 <- ([#"../inc_max_repeat.rs" 18 13 18 17] Core_Ops_Range_Range_Type.C_Range (0 : uint32) n); + [#"../inc_max_repeat.rs" 16 4 16 86] iter <- ([#"../inc_max_repeat.rs" 16 4 16 86] into_iter0 _7); + _7 <- any Core_Ops_Range_Range_Type.t_range uint32; goto BB1 } BB1 { @@ -285,7 +294,10 @@ module IncMaxRepeat_IncMaxRepeat end } BB7 { - switch ([#"../inc_max_repeat.rs" 22 12 22 22] ([#"../inc_max_repeat.rs" 22 12 22 13] a) >= ([#"../inc_max_repeat.rs" 22 17 22 22] ([#"../inc_max_repeat.rs" 22 17 22 18] b) + ([#"../inc_max_repeat.rs" 22 21 22 22] n))) + [#"../inc_max_repeat.rs" 22 17 22 22] _34 <- ([#"../inc_max_repeat.rs" 22 17 22 22] b + n); + [#"../inc_max_repeat.rs" 22 12 22 22] _32 <- ([#"../inc_max_repeat.rs" 22 12 22 22] a >= _34); + _34 <- any uint32; + switch (_32) | False -> goto BB14 | True -> goto BB13 end @@ -304,7 +316,7 @@ module IncMaxRepeat_IncMaxRepeat } BB11 { [#"../inc_max_repeat.rs" 16 4 16 86] produced <- ([#"../inc_max_repeat.rs" 16 4 16 86] _23); - [#"../inc_max_repeat.rs" 16 4 16 86] _23 <- any Snapshot.snap_ty (Seq.seq uint32); + _23 <- any Snapshot.snap_ty (Seq.seq uint32); [#"../inc_max_repeat.rs" 19 26 19 32] _27 <- Borrow.borrow_mut a; [#"../inc_max_repeat.rs" 19 26 19 32] a <- ^ _27; [#"../inc_max_repeat.rs" 19 26 19 32] _26 <- Borrow.borrow_final ( * _27) (Borrow.get_id _27); @@ -321,7 +333,7 @@ module IncMaxRepeat_IncMaxRepeat BB12 { assume { resolve1 _29 }; assume { resolve1 _27 }; - [#"../inc_max_repeat.rs" 20 8 20 16] mc <- { mc with current = ([#"../inc_max_repeat.rs" 20 8 20 16] * mc + ([#"../inc_max_repeat.rs" 20 15 20 16] [#"../inc_max_repeat.rs" 20 15 20 16] (1 : uint32))) ; }; + [#"../inc_max_repeat.rs" 20 8 20 16] mc <- { mc with current = ([#"../inc_max_repeat.rs" 20 8 20 16] * mc + (1 : uint32)) ; }; assume { resolve1 mc }; goto BB4 } @@ -329,7 +341,10 @@ module IncMaxRepeat_IncMaxRepeat goto BB15 } BB14 { - switch ([#"../inc_max_repeat.rs" 22 26 22 36] ([#"../inc_max_repeat.rs" 22 26 22 27] b) >= ([#"../inc_max_repeat.rs" 22 31 22 36] ([#"../inc_max_repeat.rs" 22 31 22 32] a) + ([#"../inc_max_repeat.rs" 22 35 22 36] n))) + [#"../inc_max_repeat.rs" 22 31 22 36] _39 <- ([#"../inc_max_repeat.rs" 22 31 22 36] a + n); + [#"../inc_max_repeat.rs" 22 26 22 36] _37 <- ([#"../inc_max_repeat.rs" 22 26 22 36] b >= _39); + _39 <- any uint32; + switch (_37) | False -> goto BB16 | True -> goto BB15 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_repeat/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_max_repeat/why3session.xml index 67cd4d381e..9a95523da0 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_max_repeat/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_max_repeat/why3session.xml @@ -8,12 +8,12 @@ - + - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_max_repeat/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_max_repeat/why3shapes.gz index 0e80f8e5f62d652f3d2c704cbb94f695434c20ab..44dd6b46516ef03da06735c8f92f9b442d39a09e 100644 GIT binary patch literal 764 zcmVk0mHB$14Vl&c&tHNbRxu& zTv<-rzwdC7EvZOa1Cq(%n>UMx&+l&2)1x`sQ~F}NQ{6TnQkmYqPik|oa}5h~Z*Da) z-|=w<5)6O_FrV(txo&z!Z}9D5lP#=GXHV_n#S%?NYc^T~8EvvP#sFfrZP&FwZFTef zgmH4SuN!mF($tlf#oFhg+_y6*^I-dpI|-R7d;%z&@yN)-og4QMsl~t}1|A-G1U?8_ zB8vK|HJkDA$Oq2dHA-_0bP?!)4t%kNXu#KMajlk^!W>T4F+0$;C9V>DzZTBt4}29P ziXq~q0*EDmt04mEj12}l;(UF5fMjenu(5${_{Ev~fyeoS`PQAS246Zr9m{dXe@@1# zC=$I)_idN<=E-iJ&99{YVe00EX;Q=`)i5kU(;_j)uC2~Hd%_VicXwF4bR&buBz`k3 z<6gu)k9(ZCtG5V_BRb>~lK{%t=VSj{tLU$WOo+~lWVu}K*Zajjl-!3#FyTguiPsyU zAs_Ep7(&K1V}1Z zzjK@+&2salZG0wuyKy$*xZ|30bFj@r|A=&r?KFq4BP5>Qjl5>ah50z)+yU{Qw{VW} zb=+k}q75(VaHuI?gc+gyB5R<9axD~UdXn*QT>aYx*SF!8XeYFj?($Q(38~G)fS)6B$!%pQTWe uq@vX}+h!({1}b5}R@qKiZk2S~ElKlIm02lEQSy?NH2DMDfe{F#2LJ$csd*Ft literal 751 zcmV(*+L?Q4UX+DTDWM5L*E^W!3um^Nw) z8KLd=_q!Jx0#xl53Glr>KF7YcPd=T;$9sEl$N0sy$9+?Ojg$ENbF{ZtCNq3xuk5*D z_9s4+U_QYy!R@yz`@F9^5NG)AVY860ZR?KBLe48r~O-Vm|PN5@G^hH>=ZXsh~jJr(!5#;p#mh=$YXrXvslK zj#?1JB)vRPEZC66(=i&`uZ-g~#Ld7a2DV|Z1#Rtg=KtRLJdezETs3Xn*$20IvcIG5 zm)+MdU|1fS0%4)ajmRT=Xq(;h)*bPL*ozBXVL~SYyIJ^xNkXhbEJKV(>NHyUffG99 zQZoT<-P57_V{{m=hnX;w<&RgtjuWH&5zD6Uuz{jX8>-2^sN2fC(e{s5x3BWI>ZW za)8o*PH01BKnG3GcpH2+HQ=2d5?i}h1K!N>Ym~wd*e}%Z2gd+z{^c}Q{ZSixu`6Hs z;e&VW>n&N=rgaBryC_Q2OqXhx>JlnzvoZx;Vs2NZP%>4jm=`Q^P$m_Zn3SME+tO_% hQ>o goto BB7 | True -> goto BB6 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_list/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_some_2_list/why3session.xml index f7d1b6296f..cd3fc0a742 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_2_list/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_some_2_list/why3session.xml @@ -23,7 +23,7 @@ - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_list/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_some_2_list/why3shapes.gz index 9a7d3a8879379f61cc7208bfce08417dcfb4b837..2544af080016284cec23f7bab5ef83f6f98c18a2 100644 GIT binary patch literal 1026 zcmV+d1pWITiwFP!00000|D9G#kJ~m7zWZ0`mUfE(91cZEMYn(2Z)b))}$*5~Vy zDORyVKJB1lIxq5}Ki|}aR)4phV%t2|&k7ZvL`@LARo-n>9yP-$>df(|3-Vg@L*JV( z8~v;=L(%pZ1tavq`UNGoB)XCS`3EbO`nUO(&o}W4DXUls`#<;--XA&{>WU&NKry%F zeoJUCA=sNmb&2|jx4CZnq8zS$eO^K*^9`_rHDoH=9q!nf$4+-!{l{3uv;yY-tbRI$ zW39+z2xm8iGu7@exnRM?R8CvSe{2ocbtUEe!68gnqd#50b>^P#{qA{XcO#~LQgK+I zPv%v3-Eb?8Lv1=3tL&xE`lH`{rh12CI{QfV^MxUa2rBWruHu6}ne)(nH(beS%~Ue2 zL8XU0cP}uZ;``g@HUuRU=i6EMdvhoKC~d z)E|ytz2m0sb*CWKZB4)KMUtU=o7T=6gMHLf>cI3)cW2`hO~ypyhwhU{?i0mja4&;< z`|?)CaWH1i*p-$Oq;D-c;zEBhmm&zQKVkh*Cw)3yje^XYK&BvlaS(C=;oqMENnkL6 zp##GpRn5)1boU9df(aZ1HRY>0wKjk$4y?G3gv7qDoV7zIr*GjcHr14m@D3ecmgpXw z`Z{1|51_FEkDQGiYz^;}GBTn)BtFUW%L;Pvr6^#@zJe{r05R-4G`&)E05lG=H2`KSy9K@f!2d#T%oCIO z7{J6+YBHMx$$bt?B**!T*-$!Pi?&f1T7|mX-c<4?i+C9wik~dgO7Sn-&~u_ice{wo za6;=)57`dnZ^Gd#6!^)it`u!JaIX&YV~e}j?ItPGz>?ePCA;@#$u9OQN$eCT%r@C< zE{Ok_3;2KL0!~`u2M&b~j=wt?q^qj*YIZVAEy^a=lk;I=Ro69wlxX-clCc{Z_C)v^ zfh1=2Dc*H-Gsb0XYQPBhe3M~iATFy+NMK1>$&!J_tSUK_ wX~W_u*~@*r7X&GIDN3f36jM{hGK~|R&_^7D+Q=l1vVFSw7uIrIh3yIe0OK(8>Hq)$ literal 1008 zcmVqh;#Rp;xG zNK%s`4>zcZ%FBEl&Nq3%)2FVNWS8e^E19Ih)Oyo<=lw?JQ9GWZULTLDMAUK^he3bc zsI9t;Wj9^WvNywO3w0Uqa@7rGHC~72yrfR%7a)ZRBr@9>_a-CcSV389wM~UH1coL!*yTLIe+jF!mClAuitxpFZcfLX>D#3r+SgGKQLF! zo9g@VRvyPj_b_$YS-0w=yM4ia`^Wg~BlgcV1})sX#808(LY?$^?0;w~MK}|ggfqyr z$a6b^2{zxoeQHvWTvEE5rB6dD6dn~o>D)dmfx_LeF2VOCc5%ZvG?)B!fW4EE)4w z+1?DKeV-6Z2;{(VDc|&|GYNz|SWR6fXm)#Lqb)mvzNa_b*i$;uTXy!kWOwAa*Pc6j zK+S4!%-OWTCh#sPlOmdjs3&=TSy524{ESP+taune_K1c00vWp($f(s0MjsbQGs$34 z;C{t!qS1?{o}8vLaxXC#^-Y)O@u*82#>=KH+Fe_GGQ_FmR?PfiE{iOk-`<%ySxPF) z7TS)o`9ynHj%(Iz>CG2P{Ty}aH`TA<}^#C-!% zJE(4s@ViIs!cf}jHo6tNlR%;IYGn3hCh`0~B%b{riD$u!{|g{@$?_m zBrI!Mtt&+c6|ruBMeIN~8LKtKRh@AGB&ljq5l}3vD+*QGk~m5Z;t(JBCTSC%wxC4} e=$o~z<_uC!5{+;?uA=OaZvFvZh&&VQ3IG7F6!vfc diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.mlcfg index 2fb45cd06c..e8fccb745a 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree.mlcfg @@ -78,6 +78,7 @@ module IncSome2Tree_Impl0_SumX var tl : IncSome2Tree_Tree_Type.t_tree; var a : uint32; var tr : IncSome2Tree_Tree_Type.t_tree; + var _10 : uint32; var _11 : uint32; var _14 : uint32; { @@ -93,7 +94,7 @@ module IncSome2Tree_Impl0_SumX goto BB4 } BB2 { - [#"../inc_some_2_tree.rs" 55 20 55 21] _0 <- ([#"../inc_some_2_tree.rs" 55 20 55 21] [#"../inc_some_2_tree.rs" 55 20 55 21] (0 : uint32)); + [#"../inc_some_2_tree.rs" 55 20 55 21] _0 <- ([#"../inc_some_2_tree.rs" 55 20 55 21] (0 : uint32)); goto BB7 } BB3 { @@ -105,16 +106,18 @@ module IncSome2Tree_Impl0_SumX [#"../inc_some_2_tree.rs" 47 21 47 22] a <- ([#"../inc_some_2_tree.rs" 47 21 47 22] IncSome2Tree_Tree_Type.node_1 self); [#"../inc_some_2_tree.rs" 47 24 47 26] tr <- ([#"../inc_some_2_tree.rs" 47 24 47 26] IncSome2Tree_Tree_Type.node_2 self); assert { [@expl:assertion] [#"../inc_some_2_tree.rs" 49 20 49 41] let _ = lemma_sum_nonneg0 tl in let _ = lemma_sum_nonneg0 tr in true }; - [#"../inc_some_2_tree.rs" 53 16 53 26] _11 <- ([#"../inc_some_2_tree.rs" 53 16 53 26] sum_x ([#"../inc_some_2_tree.rs" 53 16 53 18] tl)); + [#"../inc_some_2_tree.rs" 53 16 53 26] _11 <- ([#"../inc_some_2_tree.rs" 53 16 53 26] sum_x tl); goto BB5 } BB5 { - [#"../inc_some_2_tree.rs" 53 34 53 44] _14 <- ([#"../inc_some_2_tree.rs" 53 34 53 44] sum_x ([#"../inc_some_2_tree.rs" 53 34 53 36] tr)); + [#"../inc_some_2_tree.rs" 53 16 53 31] _10 <- ([#"../inc_some_2_tree.rs" 53 16 53 31] _11 + a); + _11 <- any uint32; + [#"../inc_some_2_tree.rs" 53 34 53 44] _14 <- ([#"../inc_some_2_tree.rs" 53 34 53 44] sum_x tr); goto BB6 } BB6 { - [#"../inc_some_2_tree.rs" 53 16 53 44] _0 <- ([#"../inc_some_2_tree.rs" 53 16 53 44] ([#"../inc_some_2_tree.rs" 53 16 53 31] _11 + ([#"../inc_some_2_tree.rs" 53 29 53 31] a)) + _14); - _11 <- any uint32; + [#"../inc_some_2_tree.rs" 53 16 53 44] _0 <- ([#"../inc_some_2_tree.rs" 53 16 53 44] _10 + _14); + _10 <- any uint32; _14 <- any uint32; goto BB7 } @@ -373,7 +376,10 @@ module IncSome2Tree_IncSome2Tree var mb : borrowed uint32; var _12 : (borrowed uint32, borrowed (IncSome2Tree_Tree_Type.t_tree)); var _13 : borrowed (IncSome2Tree_Tree_Type.t_tree); + var _17 : bool; var _18 : uint32; + var _20 : uint32; + var _21 : uint32; { goto BB0 } @@ -381,7 +387,7 @@ module IncSome2Tree_IncSome2Tree goto BB1 } BB1 { - [#"../inc_some_2_tree.rs" 86 15 86 24] sum0 <- ([#"../inc_some_2_tree.rs" 86 15 86 24] sum_x0 ([#"../inc_some_2_tree.rs" 86 15 86 16] t)); + [#"../inc_some_2_tree.rs" 86 15 86 24] sum0 <- ([#"../inc_some_2_tree.rs" 86 15 86 24] sum_x0 t); goto BB2 } BB2 { @@ -393,9 +399,9 @@ module IncSome2Tree_IncSome2Tree } BB3 { [#"../inc_some_2_tree.rs" 87 9 87 11] ma <- ([#"../inc_some_2_tree.rs" 87 9 87 11] let (a, _) = _9 in a); - [#"../inc_some_2_tree.rs" 87 9 87 11] _9 <- (let (x0, x1) = _9 in (any borrowed uint32, x1)); + _9 <- (let (x0, x1) = _9 in (any borrowed uint32, x1)); [#"../inc_some_2_tree.rs" 87 13 87 15] mt <- ([#"../inc_some_2_tree.rs" 87 13 87 15] let (_, a) = _9 in a); - [#"../inc_some_2_tree.rs" 87 13 87 15] _9 <- (let (x0, x1) = _9 in (x0, any borrowed (IncSome2Tree_Tree_Type.t_tree))); + _9 <- (let (x0, x1) = _9 in (x0, any borrowed (IncSome2Tree_Tree_Type.t_tree))); assume { resolve0 _9 }; [#"../inc_some_2_tree.rs" 88 18 88 20] _13 <- Borrow.borrow_final ( * mt) (Borrow.get_id mt); [#"../inc_some_2_tree.rs" 88 18 88 20] mt <- { mt with current = ( ^ _13) ; }; @@ -405,18 +411,24 @@ module IncSome2Tree_IncSome2Tree } BB4 { [#"../inc_some_2_tree.rs" 88 9 88 11] mb <- ([#"../inc_some_2_tree.rs" 88 9 88 11] let (a, _) = _12 in a); - [#"../inc_some_2_tree.rs" 88 9 88 11] _12 <- (let (x0, x1) = _12 in (any borrowed uint32, x1)); + _12 <- (let (x0, x1) = _12 in (any borrowed uint32, x1)); assume { resolve0 _12 }; - [#"../inc_some_2_tree.rs" 89 4 89 12] ma <- { ma with current = ([#"../inc_some_2_tree.rs" 89 4 89 12] * ma + ([#"../inc_some_2_tree.rs" 89 11 89 12] j)) ; }; + [#"../inc_some_2_tree.rs" 89 4 89 12] ma <- { ma with current = ([#"../inc_some_2_tree.rs" 89 4 89 12] * ma + j) ; }; assume { resolve1 ma }; - [#"../inc_some_2_tree.rs" 90 4 90 12] mb <- { mb with current = ([#"../inc_some_2_tree.rs" 90 4 90 12] * mb + ([#"../inc_some_2_tree.rs" 90 11 90 12] k)) ; }; + [#"../inc_some_2_tree.rs" 90 4 90 12] mb <- { mb with current = ([#"../inc_some_2_tree.rs" 90 4 90 12] * mb + k) ; }; assume { resolve1 mb }; assume { resolve2 mt }; - [#"../inc_some_2_tree.rs" 91 12 91 21] _18 <- ([#"../inc_some_2_tree.rs" 91 12 91 21] sum_x0 ([#"../inc_some_2_tree.rs" 91 12 91 13] t)); + [#"../inc_some_2_tree.rs" 91 12 91 21] _18 <- ([#"../inc_some_2_tree.rs" 91 12 91 21] sum_x0 t); goto BB5 } BB5 { - switch ([#"../inc_some_2_tree.rs" 91 12 91 37] _18 = ([#"../inc_some_2_tree.rs" 91 25 91 37] ([#"../inc_some_2_tree.rs" 91 25 91 33] ([#"../inc_some_2_tree.rs" 91 25 91 29] sum0) + ([#"../inc_some_2_tree.rs" 91 32 91 33] j)) + ([#"../inc_some_2_tree.rs" 91 36 91 37] k))) + [#"../inc_some_2_tree.rs" 91 25 91 33] _21 <- ([#"../inc_some_2_tree.rs" 91 25 91 33] sum0 + j); + [#"../inc_some_2_tree.rs" 91 25 91 37] _20 <- ([#"../inc_some_2_tree.rs" 91 25 91 37] _21 + k); + _21 <- any uint32; + [#"../inc_some_2_tree.rs" 91 12 91 37] _17 <- ([#"../inc_some_2_tree.rs" 91 12 91 37] _18 = _20); + _18 <- any uint32; + _20 <- any uint32; + switch (_17) | False -> goto BB7 | True -> goto BB6 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree/why3session.xml index bb0f580289..5278b87c40 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree/why3session.xml @@ -13,7 +13,7 @@ - + @@ -23,7 +23,7 @@ - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_2_tree/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_some_2_tree/why3shapes.gz index 0569464489502f21fac72eac8acbe58f008cc00b..73fdd1b22853c18196dd4a1fbb79d302d5ea1fa3 100644 GIT binary patch literal 1153 zcmV-{1b+J;iwFP!00000|BY7Lj@vd6efL-RE$tQo$RQ_`x5YR1zM)E zMrokLktkQ&5#H`DI+Jn_M-Qn=Xnp%_9dTpL{uKBnBOLXbGzMKqE*5s-{N^5 zn{wa2H;3yqB$y-%d4Z;oYsj|65E8^(foxaiufFg|MT!6OHe3VqHe+|Q{9%$mRp{+e zSTjw(1!$m?up&}aj>4ich1IP(Z#MwwtkGLSFw6%Cw*!Q!su7ajciy{Bh3<;;zeTTL zp71#0AP*tEnbWDgm1lH%qOlZ%^x1q4vsay`WnBA=NQ4AYB6=11(3LFA#a`Rf4+~nQ zF~zz`6GVlMB~YyWpRX<~-Bsvz7nE!FY&A-VrQjI9mlDgy@=;QZ4}y7Gz0s?8|IlG< zJuv(Ba%pe&@ag<5c&?9)Ik~z#9`Nh57}qQ`AR03KfNR$wXKuFUbhV-5f{E0e#FW)I zWlmBA@@~p%EFY&V2f>GwRj=jTKXS+;n~-_RGNz1qV9Mdh7@nEvQx^E4e4H|(^X2kx zH3P2W{NMa zRK++Pf4YoK!%1}tz6Rk#I569V{vxU~MHdbo&>`WGgor6@>>{?er+Hifx%Kr1B3}2t zwRzvQ?lvDd5fYmNy~l~zs3ZA^6XPZA1#?d9jb6R`hYooNZhj4*zldt?Q4O~_Q1?tJ zBH@tK;(6p4=h3UqF`_cQGpGu0M8CoVM*jI1Mj7%+dhtamT9YuMS_J~v(&N|j!m+6W zEkM~_tX(WvEy$jjyb@3=keo3p01jL+Nr|}|?iIl*C9Gh%wR@9Wd64)|4dYPB TJgeDK?d0NrWjl9zgA4!w2j4t< literal 1125 zcmV-r1e*IFiwFP!00000|BY5lkK#BGzUNnPo84ZGr zKr(_b?9bowBaV}X)o=ip>*1=;RiF9oWpRDiKg@OU(_F5{uKjbt7cakO`tPN_-p)v& z8kOrPks7U{fNP}J)tByI)Lr$kd^NgJXtiGJrQ(YH13$T9qfHZS${2(~L~Ab;wf2Rg zkL(|vv(40c(R7!^$(+x+f@oFSwXOM<>7}0UK_P4X_4ear(CY&wd9;bgQ-f=Ab}S&T zt+dpAR~_446@HhOYgY~CE709QL&+zr$6Wt0k@JbfHgo%YW=~Q{T66GHm^#Oh1g7DJ zkk=E1@kEckUTjvqGeEk9LMx)UbC6!dK@?tusx|?V`~7aqt0N+O3%7V|t9^HC57%kR zgiRz`PAdfU)ErOh72DO*z%xq-4B-_a+j6Xxkbs4RKz|LbD{GA0$N6AI(8LD?vm*5= zqEEl-tsj;Vwyl#z#Lde^1a3P57dx1jF*YAU$ELQ8_-{5C=oh$zu;4zWcYQi__v#Em zPdK!l*Dm#EFTE)qw_)!ypyvw&O);2=r=bAPi@A2EpN1$I*BH7b3V;euHKbg-kLxMu z%axyOo0J{xe3cYLV{()|Dv9Q)J}HW_Q86!TaC&p$p9bV%F7&>;T)MkCd^&&kk(* z%fZTqe-@AhDnRp+MJO5SfRg={QMj{WD7ks2~derlgGY3b|8E0`Ntn?x zOsZpS*db!;o-$Iv!1)zSDH{fmZp(z;NF-*0AJH43sXn1Mf=9)i-Ug>P7yfBL=98N< zI>Za8a)+van8yd-UObA^$^%{4h|YA55f(7W{^^GS^+OEv>M^oI>oLMPP(%D@7PR1v z{0b}Sxmbw_e)4~xcrkh62U<9`wPyuV^%rBZj5Y<@BhBlAG?EBLDJ}>(Fi8bMreO=b zLs@MIuya%IIbt%;H8u<#v_KMJvqz#{ goto BB6 | True -> goto BB5 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_list/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_some_list/why3session.xml index 45737da04b..9e41983958 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_list/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_some_list/why3session.xml @@ -23,7 +23,7 @@ - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_list/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_some_list/why3shapes.gz index d213ec8f15f1e9e74e74bbd46104b1e2c8edc325..73c6652a9f171825d694c04e0ffee14f8ef7ed5c 100644 GIT binary patch literal 913 zcmV;C18)2uiwFP!00000|BY4Ks^c~kefL-RZQ2Y4-DM3ugJYw$7CW!?_=ytB8PsT^w64}EXHWaiC0 zhU(fsG@eSI0T*krcdn;%Q1SuX!hBpV$#TIDE?9HT;5Xv2fJeQLn%Xg{utt7K!qQbc zM6&Nt)o(N~-k0XuSC`@0H{-grTrMy=Ln6}Zc%EykP`fzp&F_m@ z=^PWCq}@3|pa_xV1R?(c4Y#_w;PO9=IDH!P`T4!G^LFQNPij~}&9A2GhWF|=G`7PU z7v67nnu5x|h1K6q+GuvRuzzQT=xzSl-0e7YKP=HKy*pBBxe#7YWiG@0KD^uJ!|hvu zYp=cOH0I{oxTn_*7aB{iJJ_W8Vjq?F0>K?vb}3YB5qU%;KAVIvt}#o9EFqE!k--B( z6Jeg-UC%BzLYIrsC3MSyOdJ%HQ-J}|7$*ieGEfr%>>g7f+MuZkOhTrYMJv~W6I2nA zWI!t1zY8i$KgV1Xyr20};fH3cnVc$628h&;o0gh-y}`m`5z0apXW7L-$~1*(d~Gc{ z_Yhh47MUH(?t+9Zgs-t>Oryd?06`M=MKr~Si696{#9^^{g3Zx%qXjshkvt4RI@=1L zWGTD|MU+KFSyYmxn5rsxgh0Nf99!M-0Ls`?E;N;gh?hFuI{^who#1&F7&iR*{gJF3yi+a)6l`& zd3}z%Ay}^Xdg_)gwmx>(dG2KWpW}HQ7io~?@r*-TX|Xt;#e6=`V;j=(QZbmjppyUE z#S3k;rlWq6_B!rQm{5OH_(^^p85swIuLg!E^Kx9|OSb9UobS+vY+|bGc9^NZq&_*%HIKRj%!s6itp# zC}Tv_24gVS2uZ4%*4m3fhzM>QOmli788?C}K^5bM))J`}vDzAUM!D}MNh@-B5+{CQ nnV>bfV5%-s8pN5Y3*1Q6SSxDA8&l`%RAm1G^*jr390>pbUX{R> literal 898 zcmV-|1AY7-iwFP!00000|BY2!tK&8he)q5N+qPK>y2~m(gcDU!Az1>XZvR3`j_x5XM-ppgD zuKh#fsq`80VlDR0^mGPFK7d)6k4up(1%7bOnrjBXF&_*0sJBs5J46-M$crS1uG%4j zeTS<4paJo|G}pem49~t9*QMoBz~~HtNUP&{uB}4t;dZ4HDG+X1Z>8uWmzQJFIcx z?PjMbu>4z)zBp>5+Udgioff>e@n>_lknK&ho5JfF&3hWmYZx6Oy!_mHl= z_NLRAn``5qo;O@*EIsd_ljf^^RNe{zcc9rNSFz2=V@BemNpRyDvy_pgjAY8l-~p}) zFi-EUXO{<|OCfX#-C`gU1_k9*KtMFc2?34>)C2&#$K;4M+0>LwLZqifE7yWksv>5R zAyeW0ol{x*Ip&(+{fw6iKQvp;5ouA87L{lzrm6}a!I5tv$5wYZ05bNF3r*!A=1ZOKjgSgDo#6Qt7!LgT{7H@7^^&oPFti{H&4fAC$4Qwe zez}0IeeK($>aOD>%W&IVsA(=2$^@w!cgKY+QRnuB~ zF$fXCZG&k}PbA|;a3!c>+|XJg)go3~;}(zmZj!VjmnU)JCzcV}D$$A-2`-zqAQ!5L YlA^`R77Y?OSEnNT2ZozY_3;P*0Ak_Hw*UYD diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_tree.mlcfg b/creusot/tests/should_succeed/rusthorn/inc_some_tree.mlcfg index 071b0dfed9..8855917e14 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_tree.mlcfg +++ b/creusot/tests/should_succeed/rusthorn/inc_some_tree.mlcfg @@ -78,6 +78,7 @@ module IncSomeTree_Impl0_SumX var tl : IncSomeTree_Tree_Type.t_tree; var a : uint32; var tr : IncSomeTree_Tree_Type.t_tree; + var _10 : uint32; var _11 : uint32; var _14 : uint32; { @@ -93,7 +94,7 @@ module IncSomeTree_Impl0_SumX goto BB4 } BB2 { - [#"../inc_some_tree.rs" 55 20 55 21] _0 <- ([#"../inc_some_tree.rs" 55 20 55 21] [#"../inc_some_tree.rs" 55 20 55 21] (0 : uint32)); + [#"../inc_some_tree.rs" 55 20 55 21] _0 <- ([#"../inc_some_tree.rs" 55 20 55 21] (0 : uint32)); goto BB7 } BB3 { @@ -105,16 +106,18 @@ module IncSomeTree_Impl0_SumX [#"../inc_some_tree.rs" 47 21 47 22] a <- ([#"../inc_some_tree.rs" 47 21 47 22] IncSomeTree_Tree_Type.node_1 self); [#"../inc_some_tree.rs" 47 24 47 26] tr <- ([#"../inc_some_tree.rs" 47 24 47 26] IncSomeTree_Tree_Type.node_2 self); assert { [@expl:assertion] [#"../inc_some_tree.rs" 49 20 49 41] let _ = lemma_sum_nonneg0 tl in let _ = lemma_sum_nonneg0 tr in true }; - [#"../inc_some_tree.rs" 53 16 53 26] _11 <- ([#"../inc_some_tree.rs" 53 16 53 26] sum_x ([#"../inc_some_tree.rs" 53 16 53 18] tl)); + [#"../inc_some_tree.rs" 53 16 53 26] _11 <- ([#"../inc_some_tree.rs" 53 16 53 26] sum_x tl); goto BB5 } BB5 { - [#"../inc_some_tree.rs" 53 34 53 44] _14 <- ([#"../inc_some_tree.rs" 53 34 53 44] sum_x ([#"../inc_some_tree.rs" 53 34 53 36] tr)); + [#"../inc_some_tree.rs" 53 16 53 31] _10 <- ([#"../inc_some_tree.rs" 53 16 53 31] _11 + a); + _11 <- any uint32; + [#"../inc_some_tree.rs" 53 34 53 44] _14 <- ([#"../inc_some_tree.rs" 53 34 53 44] sum_x tr); goto BB6 } BB6 { - [#"../inc_some_tree.rs" 53 16 53 44] _0 <- ([#"../inc_some_tree.rs" 53 16 53 44] ([#"../inc_some_tree.rs" 53 16 53 31] _11 + ([#"../inc_some_tree.rs" 53 29 53 31] a)) + _14); - _11 <- any uint32; + [#"../inc_some_tree.rs" 53 16 53 44] _0 <- ([#"../inc_some_tree.rs" 53 16 53 44] _10 + _14); + _10 <- any uint32; _14 <- any uint32; goto BB7 } @@ -353,7 +356,9 @@ module IncSomeTree_IncSomeTree var sum0 : uint32; var ma : borrowed uint32; var _7 : borrowed (IncSomeTree_Tree_Type.t_tree); + var _10 : bool; var _11 : uint32; + var _13 : uint32; { goto BB0 } @@ -361,7 +366,7 @@ module IncSomeTree_IncSomeTree goto BB1 } BB1 { - [#"../inc_some_tree.rs" 84 15 84 24] sum0 <- ([#"../inc_some_tree.rs" 84 15 84 24] sum_x0 ([#"../inc_some_tree.rs" 84 15 84 16] t)); + [#"../inc_some_tree.rs" 84 15 84 24] sum0 <- ([#"../inc_some_tree.rs" 84 15 84 24] sum_x0 t); goto BB2 } BB2 { @@ -372,13 +377,17 @@ module IncSomeTree_IncSomeTree goto BB3 } BB3 { - [#"../inc_some_tree.rs" 86 4 86 12] ma <- { ma with current = ([#"../inc_some_tree.rs" 86 4 86 12] * ma + ([#"../inc_some_tree.rs" 86 11 86 12] k)) ; }; + [#"../inc_some_tree.rs" 86 4 86 12] ma <- { ma with current = ([#"../inc_some_tree.rs" 86 4 86 12] * ma + k) ; }; assume { resolve0 ma }; - [#"../inc_some_tree.rs" 87 12 87 21] _11 <- ([#"../inc_some_tree.rs" 87 12 87 21] sum_x0 ([#"../inc_some_tree.rs" 87 12 87 13] t)); + [#"../inc_some_tree.rs" 87 12 87 21] _11 <- ([#"../inc_some_tree.rs" 87 12 87 21] sum_x0 t); goto BB4 } BB4 { - switch ([#"../inc_some_tree.rs" 87 12 87 33] _11 = ([#"../inc_some_tree.rs" 87 25 87 33] ([#"../inc_some_tree.rs" 87 25 87 29] sum0) + ([#"../inc_some_tree.rs" 87 32 87 33] k))) + [#"../inc_some_tree.rs" 87 25 87 33] _13 <- ([#"../inc_some_tree.rs" 87 25 87 33] sum0 + k); + [#"../inc_some_tree.rs" 87 12 87 33] _10 <- ([#"../inc_some_tree.rs" 87 12 87 33] _11 = _13); + _11 <- any uint32; + _13 <- any uint32; + switch (_10) | False -> goto BB6 | True -> goto BB5 end diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_tree/why3session.xml b/creusot/tests/should_succeed/rusthorn/inc_some_tree/why3session.xml index bca9d83a88..d9bab340bd 100644 --- a/creusot/tests/should_succeed/rusthorn/inc_some_tree/why3session.xml +++ b/creusot/tests/should_succeed/rusthorn/inc_some_tree/why3session.xml @@ -13,7 +13,7 @@ - + @@ -23,7 +23,7 @@ - + diff --git a/creusot/tests/should_succeed/rusthorn/inc_some_tree/why3shapes.gz b/creusot/tests/should_succeed/rusthorn/inc_some_tree/why3shapes.gz index 10e715f7e43d36779c3600bb2cfbcfdc1e7765b7..e6a10f17f39ca96c630862b6443c93be459dee50 100644 GIT binary patch literal 1011 zcmVDj{PxZKu($lDz1~h;`+F|()vuZP^Ud7u7o<^* z%1yFJjn>J)H8Pv(ukL8|L-+9dZcU@ndb2TaT4?q+{Bh03m?p)P34{Woi&vVuc&X{D z_*e7nGQG*0?wX(N<%N8d~)Mhn$I(v%`CBnc=*$pySD)q^C&qA<4j|^T_V#3 zGMQRMNF*BL888mOYP;@z05UCv?LcLw9eF zw>c#;E0%~7Qi;%n@5+%9iM0~6TbnlBK;IZ z6Fj38mBMO53#&w{U-v$56wqY@T2e6BqlCLr!qn9u$$%{e=+x-0IseUkz&CR~caQ1< z>1XT;a4BY`gv+I_WsH0yGIOVOGG*#VxNse7=<00 z5J^JB5s|nDgl_!LpPGcPNBYdE3(w_bI8Mf-17K-p8lyJZ|3h!>vT(5jZ(&#draX+cl))sqC(kg6PWWtDb11Ii2Ev z(w@h?!y2j5??AaLU+fGy^#6Qcq-`0=2dZ003fV`=0;+ literal 985 zcmV;~119_*iwFP!00000|BY73j@vj8z3VG<%Z!5oxG#h00Su!J3uq*lfX4`wL?uRS zDX`t~e15oz64h>Cd{C>3uO6!&OU3?UQ(nL8pXOTrGMDRd9R4m@x%sou|32yK>lrA} zf@+s6)Pij?U<>rF{xo(*-PO&$z8Kvru-)zSlVXZ|wtuK1Gp0|NDv@Bz=q+0n`Z(Ma4_;R7d^M15?b@qd!RUiqhfIIWY?@i*d5xzlJX%`P!EKa+*ayZWAdV*l z!a7nAX6rDli|6gl1ArcEp*2#>2gqQ;Xo_Iks-B}H_xs(I*Cs{S-k#!dsGIS1=&pIn zh-4P7@(S&84u@I2V!wTtc!jjYmR=#WujX12idslZ^v~3~vW39^d<;|wWHBJZ_%ep4 znA`T|;-E~j?Y%9MZo%eBxcw|#>R?tSZZ=V;rgn|^U*Q4Y_31R;>$43%!Kog-QNFeQ z3f5P}lH2-19oFm6>-b7v%ym5dGDz|C4*bE)Mi2(;X1rX+yXiihe+0VzIOvlr{n$B8 zJq%e1y?)kb59OP=)qd3_xN)9Mf`S#JC5nv9Ge+g4JNU?GWt|vVV6>i1fX0NO5{u;J z!Vke>0WRx>B%aYKAvPt1{pL6%#O#-t5~3*~9227M5us$wh$lwqqhWwy`&}kRlo(-T zMDAgsJOA?&64C9PK5^>W=Xx_3HzV8;6CNf2R77mUUL?s$c-V_LIU|yAMch~aw(&^n zFhaA=BXnL^_MQt^Q#{9UlP7KCLekhb0cJiEdv}C!Xo-n^U>BVZ7E!&|r>pUNJ|sy) z#nSL(RJ^AXrEW_~C!HvdI#E99L}|#vdNvc1vK1knYM{PvC=M{HXeh$@NMekALtR}H z6f24zDL;*boBmv%RrU-jF*`V_l}REw8vBI5jRSud{!Z;pO{?B=+h_o#X4FR1NKmuqQAli~1$N?WvfsAZ0 z6{zn(D@fNe!erY>i8K}%3R?05^FXNq$C3eIx{d%sC<6_{l55_89-*d`2T}Y6aYWEF HcM1Ri)q?7U diff --git a/creusot/tests/should_succeed/selection_sort_generic.mlcfg b/creusot/tests/should_succeed/selection_sort_generic.mlcfg index bc06c2fc5f..561b842d2c 100644 --- a/creusot/tests/should_succeed/selection_sort_generic.mlcfg +++ b/creusot/tests/should_succeed/selection_sort_generic.mlcfg @@ -561,6 +561,7 @@ module SelectionSortGeneric_SelectionSort var v : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)) = v; var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global))); var iter : Core_Ops_Range_Range_Type.t_range usize; + var _7 : Core_Ops_Range_Range_Type.t_range usize; var _8 : usize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced : Snapshot.snap_ty (Seq.seq usize); @@ -573,6 +574,8 @@ module SelectionSortGeneric_SelectionSort var i : usize; var min : usize; var iter1 : Core_Ops_Range_Range_Type.t_range usize; + var _31 : Core_Ops_Range_Range_Type.t_range usize; + var _32 : usize; var _34 : usize; var iter_old1 : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced1 : Snapshot.snap_ty (Seq.seq usize); @@ -599,12 +602,14 @@ module SelectionSortGeneric_SelectionSort BB1 { assert { [@expl:type invariant] inv0 old_v }; assume { resolve0 old_v }; - [#"../selection_sort_generic.rs" 38 16 38 23] _8 <- ([#"../selection_sort_generic.rs" 38 16 38 23] len0 ([#"../selection_sort_generic.rs" 38 16 38 17] * v)); + [#"../selection_sort_generic.rs" 38 16 38 23] _8 <- ([#"../selection_sort_generic.rs" 38 16 38 23] len0 ( * v)); goto BB2 } BB2 { - [#"../selection_sort_generic.rs" 35 4 35 43] iter <- ([#"../selection_sort_generic.rs" 35 4 35 43] into_iter0 ([#"../selection_sort_generic.rs" 38 13 38 23] Core_Ops_Range_Range_Type.C_Range ([#"../selection_sort_generic.rs" 38 13 38 14] [#"../selection_sort_generic.rs" 38 13 38 14] (0 : usize)) _8)); + [#"../selection_sort_generic.rs" 38 13 38 23] _7 <- ([#"../selection_sort_generic.rs" 38 13 38 23] Core_Ops_Range_Range_Type.C_Range (0 : usize) _8); _8 <- any usize; + [#"../selection_sort_generic.rs" 35 4 35 43] iter <- ([#"../selection_sort_generic.rs" 35 4 35 43] into_iter0 _7); + _7 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB3 } BB3 { @@ -662,15 +667,19 @@ module SelectionSortGeneric_SelectionSort } BB13 { [#"../selection_sort_generic.rs" 35 4 35 43] produced <- ([#"../selection_sort_generic.rs" 35 4 35 43] _25); - [#"../selection_sort_generic.rs" 35 4 35 43] _25 <- any Snapshot.snap_ty (Seq.seq usize); + _25 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../selection_sort_generic.rs" 39 22 39 23] min <- ([#"../selection_sort_generic.rs" 39 22 39 23] i); - [#"../selection_sort_generic.rs" 43 26 43 33] _34 <- ([#"../selection_sort_generic.rs" 43 26 43 33] len0 ([#"../selection_sort_generic.rs" 43 26 43 27] * v)); + [#"../selection_sort_generic.rs" 43 17 43 24] _32 <- ([#"../selection_sort_generic.rs" 43 17 43 24] i + (1 : usize)); + [#"../selection_sort_generic.rs" 43 26 43 33] _34 <- ([#"../selection_sort_generic.rs" 43 26 43 33] len0 ( * v)); goto BB14 } BB14 { - [#"../selection_sort_generic.rs" 41 8 41 121] iter1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] into_iter0 ([#"../selection_sort_generic.rs" 43 17 43 33] Core_Ops_Range_Range_Type.C_Range ([#"../selection_sort_generic.rs" 43 17 43 24] ([#"../selection_sort_generic.rs" 43 18 43 19] i) + ([#"../selection_sort_generic.rs" 43 22 43 23] [#"../selection_sort_generic.rs" 43 22 43 23] (1 : usize))) _34)); + [#"../selection_sort_generic.rs" 43 17 43 33] _31 <- ([#"../selection_sort_generic.rs" 43 17 43 33] Core_Ops_Range_Range_Type.C_Range _32 _34); + _32 <- any usize; _34 <- any usize; + [#"../selection_sort_generic.rs" 41 8 41 121] iter1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] into_iter0 _31); + _31 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB15 } BB15 { @@ -725,21 +734,21 @@ module SelectionSortGeneric_SelectionSort } BB24 { [#"../selection_sort_generic.rs" 41 8 41 121] produced1 <- ([#"../selection_sort_generic.rs" 41 8 41 121] _49); - [#"../selection_sort_generic.rs" 41 8 41 121] _49 <- any Snapshot.snap_ty (Seq.seq usize); + _49 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] j <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); - [#"../selection_sort_generic.rs" 44 16 44 19] _54 <- ([#"../selection_sort_generic.rs" 44 16 44 19] index0 ([#"../selection_sort_generic.rs" 44 15 44 16] * v) ([#"../selection_sort_generic.rs" 44 17 44 18] j)); + [#"../selection_sort_generic.rs" 44 16 44 19] _54 <- ([#"../selection_sort_generic.rs" 44 16 44 19] index0 ( * v) j); goto BB25 } BB25 { assert { [@expl:type invariant] inv2 _54 }; assume { resolve2 _54 }; - [#"../selection_sort_generic.rs" 44 23 44 28] _58 <- ([#"../selection_sort_generic.rs" 44 23 44 28] index0 ([#"../selection_sort_generic.rs" 44 22 44 23] * v) ([#"../selection_sort_generic.rs" 44 24 44 27] min)); + [#"../selection_sort_generic.rs" 44 23 44 28] _58 <- ([#"../selection_sort_generic.rs" 44 23 44 28] index0 ( * v) min); goto BB26 } BB26 { assert { [@expl:type invariant] inv2 _58 }; assume { resolve2 _58 }; - [#"../selection_sort_generic.rs" 44 15 44 28] _52 <- ([#"../selection_sort_generic.rs" 44 15 44 28] lt0 ([#"../selection_sort_generic.rs" 44 15 44 19] _54) ([#"../selection_sort_generic.rs" 44 22 44 28] _58)); + [#"../selection_sort_generic.rs" 44 15 44 28] _52 <- ([#"../selection_sort_generic.rs" 44 15 44 28] lt0 _54 _58); goto BB27 } BB27 { @@ -749,7 +758,7 @@ module SelectionSortGeneric_SelectionSort end } BB28 { - [#"../selection_sort_generic.rs" 45 16 45 23] min <- ([#"../selection_sort_generic.rs" 45 22 45 23] j); + [#"../selection_sort_generic.rs" 45 16 45 23] min <- ([#"../selection_sort_generic.rs" 45 16 45 23] j); [#"../selection_sort_generic.rs" 44 29 46 13] _19 <- ([#"../selection_sort_generic.rs" 44 29 46 13] ()); goto BB30 } @@ -764,7 +773,7 @@ module SelectionSortGeneric_SelectionSort [#"../selection_sort_generic.rs" 48 8 48 9] _64 <- Borrow.borrow_final ( * _65) (Borrow.get_id _65); [#"../selection_sort_generic.rs" 48 8 48 9] _65 <- { _65 with current = ( ^ _64) ; }; assume { inv4 ( ^ _64) }; - [#"../selection_sort_generic.rs" 48 8 48 22] _63 <- ([#"../selection_sort_generic.rs" 48 8 48 22] swap0 _64 ([#"../selection_sort_generic.rs" 48 15 48 16] i) ([#"../selection_sort_generic.rs" 48 18 48 21] min)); + [#"../selection_sort_generic.rs" 48 8 48 22] _63 <- ([#"../selection_sort_generic.rs" 48 8 48 22] swap0 _64 i min); _64 <- any borrowed (slice t); goto BB32 } diff --git a/creusot/tests/should_succeed/selection_sort_generic/why3session.xml b/creusot/tests/should_succeed/selection_sort_generic/why3session.xml index ececd1be15..6fb20cc0a2 100644 --- a/creusot/tests/should_succeed/selection_sort_generic/why3session.xml +++ b/creusot/tests/should_succeed/selection_sort_generic/why3session.xml @@ -18,25 +18,25 @@ - + - + - + - + - + - + @@ -45,64 +45,64 @@ - + - + - - + + - - + + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -111,27 +111,27 @@ - + - + - + - + - + @@ -142,53 +142,53 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/selection_sort_generic/why3shapes.gz b/creusot/tests/should_succeed/selection_sort_generic/why3shapes.gz index 937544f0779274d17a9878b2d7962abaeb0e6053..d22afe8c60b5af75d640fa439ef4c3fbb244d421 100644 GIT binary patch literal 4088 zcmVq)8N%n zEU6Vqb~68dKk{63y45YWY$fA34Mb|5BCA;Sonl?6cK+kL)4QMiO};z*m~Zbc*4O`a zs!zZB&y)LK{KfT0l07@0#-gWr%zHkMsTcE@^>P}!UQI*W>uG3uGYxfbr=jZIG?YDI zOaJ|Af0?h}-T&mF-sR=`*VWZJxW4yS{x^0uX!Cf{+d5GPlU$5vm3dE4 z*}wMj>SlGhe#d$kO3J@k{qV~NfBB1lJrLfG7%WC|i_i3=!S`dnyPMaTd8FTNEY_IA z;{U$Q{yyJsNpd~ehsjxln@4t2n8n<<^QI(@|L}gq#K`$PqItwNgmIc!w&Z}mg%k&~ zoRFHuZNb7-&-H^b0Mx&`Urzns?T0)w>v;r^`NxJF({no-*@WaJeM5+yM`lYG*9*3g zae2R_FJ%Ze%WzwY2sk<4H0Uxfr#9rwfD5>vzqwtf4>8|isqn8}^#XL=i_uHwfdF+P zshK1v65h>1keWm+g*VA+b4Tm*)y@6CFqj0*hYsWU)ZyH+2HWmKCuy2UIo}La0`;uD zllv`dFZqHZAwT8cDp(hh57Te`_jS>}&CYQABUIw&!}+GI4aUPQX@8(Fy%d{);`NRN z7YV<2#*jMwc8Eu^o`4#!{KtyW`ZBFP`s@5_eXP(8l#}~^-Q-g|``ZhDeShL_^WFOL zW1gm4@blk+>E<@a^>w-`tH6?`ua4k7>2Lg=L+gIYbN68JOi;g&&lO_ee+-%Mi=)BCxguEeET45c$~!y za&PkO)rWguZCgF;7Hr5uuS^Z;uofirZ zJKtSgzr(8abuZ;8_RZ>l*H^j6m^FcJ7>%c_ZA61sY?L}3TAEkM_AtD*CHU2HoJ*XP z#ld{iD@5gZR2grd&BWM6#r@3B`tHLko%M5aQp>LX|l-$$Ky;XXiAmCXe(EW zAwv=^(k0O{VbYv22l|XKEwbj`FihL;(S4At;O$=~hM7 zGRss6;Z^OJec#I0FA>p8GnT;L*WqD0pDoP=Tdn4n+kA$U1^dC~(3jZ5KVi>K)o9aD zI#B*Yl9&1!-o+=5G0pRuQHSR`p%&9MVS_N``GJa$M|mEL#ypRBHn8a_&r7wH=cU@2 z=RscNc{_@o^SqQ(p0A^aJP&OKt>m2Nn;}}yLEt0b))$j=2{qJBO}H55#!8`$w%UYB zRojVv*Fw`osmEo)Bwy9(Nmto^s~L0av^UUjiEOzN#w z&G(*IIBJbi{w@C0V(Jc?`KpE#y` zQOImMJ>Pqv>M^>z%e4eNEo+o`m;T8}!K*&IsC*2XP1xAV?U&N4T~d0*<}jn!ZX0V< z>7~Q`SzU$DJF(fRq0d+cAPuI>H}Nf0`J^kbcSShK)KS)c5d_?~WQ&)q^jv^(A| zHTsVGg+}ky{u_pALBn*<9m6PmKyl|SLt8Q2GqmC6b&wLhlDn^ihN=2e&quFr&Rl)@ z=lc2c-WT?y6JG3e!k<5#xB-RUNmUP?x2J68&EYiWC#dxK`IBug-`Do?{cSIQ0+1od z56u)k)lJddPSs@bjCP6+?x*O9hKio-sQ4k$pQr#1H)c!HB{9J?E=gSOac7(|s;DL+5OF!xpr z>vncN?T;@t!oW{fAN}Qryl1IjsUfrTVKnApKGElmT5<5iUPDG-Y`2dAlI^^s-PqBd zyeVT9_h#rM`5@-pU*6@3GDJBnZ~0(VgZglXzX&9v>c91D&o=ftn{^n(Sic@g_&mgp z^@cn-%aemV>DM#~q_a=Ih;_R@f8xELJ#v(@h4-x+8u)03XDv3)##(NkhBaS0_F7g~ zp4rJaO1qv=^swlm%s6`pZ|g;AwVu22wWv$#+^b3*ALWj4QTG&2h0^6-BDO~uchJ#2 zEI&MIF~&0KiHp-mJ(ZYQp5>4y2YLCY`hM{_eLsJJ#($TLT4T+H1V2#g%}yB=*k)7m zSz?y_!1+_xxAkUuvvdXJZ1?3bX5QYvoo|s*;I+ySmC+Cc^iU197I(6vxB8J4y|vS< zp$+x%{J?j%|9#Yr9^^ls?5&&M28Pd401PVk=8!=e;v+2#|=;Kx}t`_+)j)*8zU4@0~@cuA|}2^sbdy3j$UyqBZ90 z>D+5wK_;*&plQqamt}#<#56KF&glGYc7@(2t7?n>LBx zV_@x_{$UKPzhXS2O}%RnJKekSwP8DTw!9(go!D_fRH+Z!5h{*<4hviG9;898+`J{J zOWGyLN&lwy_osIV|FK1ZdbCeYhy@>%vN4m*MaW!ik+Jx!Jy2uvlq~PaQpat_O~-Y| zRmWw=MaOx^L1!H~tmw#eq&rd_$&N%vV55#$=Q`V&PIs!49hf@m*hvzBc?k#w&s-bF zgViyVRic;j5Q=w_3 z{$Qmz*TUq2Uk0brI(QE+&Sz*Pk~Fd@rT=)n92Y@R%+3T=@FGn#LKZ>7IqeNkO)v9r zQO%aj11EvEiO(c`%$_0480D=HVt~y4yR#uignWcp(=B&6NBCij#!k51)fM+dhKi62sLJFXe~P}I*l=X zRq8|Glze6!85Xf6*YKxhD9ReejY_B5b{b6jYc@h?kRl!XLM&&XJltYXLx6*Gwka$ zE=9pnQWe9LBtk%pNU(zI7^Nd5*?P9E?5y~c+GmQY9^qeP3g(=i($~es| zIl&biyl4}f(YkZ0bKju#EQ_LIP`M<9#?}PNIVluh0Vl46!ldf+1?VyIOP<#a;~yAZE} zz=Msb?o_v`d)3X3XijLNB~>C?g>Y2RmU!|CamZOMg+!Dd&^#jgjD}yMfRV~`8>BSO zOBDhRwa1zl$^PM`p6fY{}_DX(Px*7OQqe^5_TkPc|`P}e9Qu& z5aV2CG>K^5OEJRxAiYSSn^S@U1Pur(P=yzI5ELP3a)kN_^;ZdX2`(^Wv&tk;53qW% znH(#^M$Lp`fEsdyJVO2Dog6vuUDDjt`!g%G@b#}*l$B-0gt+kPBit`=-IaY2XcrVm z!t)`jdgFx$QB0I3@*~_Y+^J_R9b-j`;Ig$`Ip=FjW*L{R#%$<70&;~t!ux!9t#b-x zT!q+pZv$shpgOiP8dfqcttY-qzBPK^lGMDTEYH@`7 z%i9*0QZ7-6U?mH|%aT}e2pzfpjUtJmmX`7e_shU-gVWx+WSmRE+bEM}-tiQ8Dgb@q z-ABk@D4^(^Jo5&HwME&SiPhlkBgHHkX+EY%cZB@qygW0sE>U~!lgl2#+-WB`bJ1q0 zj2_<$m-+Sv#gsL(nlW2a z79r;1bYua(o0k+N5QzVls%zz zQ{E)6ZH`tt&gwa@D5~*C9ufVtiw33yN(1C2ZMEfDksz;h3?ddG+2Ep8pgtn|yf4~` zNT{{y|F1_CQ3I)03N-;kY!%U_Ig%d1{hTkQYM+Z?j0K6bFHHrXgiaH)Xe+ZFGL*_ z9t?Wn9DMO+Y<*z{nZGhjGV;Q+H}yM!X!Na8x)xrMi=xQLFv28{P@Q<6SPH>g>Ae<) z1#=7q&cr2VL22Xl;sFVF#) q!t37`m`)CX&?hd8FV=`$f+0Qr$|%UKQbScRjQJzCEH`W%V?>XK}Im*%V0dH@_&4DdjEsJ&G)CD^WFXB>gK;r z_31bNdGhd+zr6WOvS;VhSoAcHdC%uD^A!vJuky`@haWuDySiHad~v->`3gFae^^~y-aPng{|h@Cw0XSfeVwR-NiN2-%DgA2 z?BDu$eS2}W`oMY^O3J^x`0l4q{^}?Hb|AbTF<6Y`7N6-!gYWx%e?PA=^GLtnSgbLJ z#s7Vm{X@RnlH_`_>&aP!n@4t2n8n<<^QI(@e|SG)V&r@t(L7=s!Z=MVTXI0(LW+Y~ zPDst-wqW6^=Xz}n0QDapmQ(+G_bJcJdLF@J{;?s)^xTd{HX(UQ-wLy)2Alg=eqm~zTry;WOfV(b(>s^4oy7T||n-4iMur<;2h%~QX z-9KzH_(~tShT+@xc>ztEVH0umqk-7`=;Ug(x?Nj|(dEO!-yriQ->roWkF%IT?rpxi z{`BCh`4_9gHqB-J^Cp2N{O(tG4>?`jRWsPaA;1BvM(8#-#9sdHp#i#C-uSD!WE`}&m#9+O$M|Bu@fVyQ{A%X)gC~&xzv;2km$O(}2{`o^ zmuaHngM3)s-K~Dk>2KE`8~daoCPy~jbhCBt)Wdg*jQWq?&2S-o4inX*!lkQ z<^xu(Zh9$4vF|Saxw_6h#;gf+!)QEkZ6g}AVx!dQ{L;Kiwuj-hEy1sr4rwC9U>mp|RF9&mwLimE7sv`GJG#zY*rq!knNpX zZ20EQBd2&?w12b5RS!3#8S$dcd#U_38)z-Ns6Bd3xka77W?y{>?Edd{;chjWj`~&5 zpDl9VBM|iY;DM^e?ia~lW&mDAwe$bv@@pLU%XO-wWqK2Ge}1FNa}idbZqhwG>Ju2W z{99$agp=blf5>;IE3_yDj8*Dl$?7r3o^*+&P-8P+u4y|H<}f`3MOx%cqGi^kIc*N~ z8D?6f&b_giwqMSAi*INAF8xP5`j0Sn-;tX;qst*Oj1}ruh1Sx`R2kuY?U?=8%GuY5 z=%pD;;&1ElFrCkq=7OzOcgt;FAZ5XRusQS^d-yZ<>{N|54W$F+uQR>WU*KJQ;uv#1 zuW5C7t`ll8U9&a_Q?ehZ_;{4;v1m;82xhZY`p z*erMO?(zBwhIL&g#>bkZ{l|7NKH?P(q3{x+i8m5|+>hdz@GXW>fvU&o{yx__ z@U*N@=Uw?HBL%Pe?4t59Xf|PEYqwuYuXai46`RA1V!LguQKgp-^JjGxLX#V78b#;l z-|w-1nYy-{IHXAE{MnDi?qMARA7wq;GVwhv)1JGAdT4jNU260l_YIBStNk|)(}ITS zo;!z8_<-WhTZgt{xOZs7&Fdj0dL?&X4-HfGrJj#o-JH4l@{jfN$GtD?NhiGA>4ZN% zpSS^q-bqz!&)ZWw^X70G^AlA1{QSw@m+$L+`TpLQKLN-PA_8Kz!V!M3|kZk82?Z%Gwv9+P7D#dh^UqzERpWg`)MMb)|8( zj&Lin4pyr&<2vMc8Iv@**)ye&GDvHEz9O-mG3h zIoo|njG6Zj@8{cO)Of8pL~%3(0X-Cit;?P4=&gEWMQ_bCYiL7#Jg@oA_P>w1(OUlF z$==%eZD9CC3V;Czed`GHb{?4C>Y-T1;QcaoLzmw2$(`#HF=~2X0G_w?W7io0U2Hw8 z@77VaJ`NFe7*#n{w)}3U%4MLfN^D2k3d+E-kSb<=F-WaD^R?8C@ZF5rEw-{$cIusO zLx4n#4MbMMbnjf9@c0DD;L{*b*U|7^dS~mqS`yqMRAai%ov%e$KhQ=tyIwekYtR<) z8ceefV9h)--`BrRLsA`$FIWz{7zlBCDZ)hhesNvXCh>cWsl8L*jWHGGsu^g2($ICP zcjFs#7@aNehkD0%Tn|<1dOKncN3bnyaeI&kxnlE2#+$*@3B}j-4bCn3pz^;F)XVc(6K#l6+FydTmYx?*w&% zb^KS}8J?|zV>uY1T{Kb@T}sx8j1nNLQ=vM6<>EKm-#cfu@(4v-WPFlN-h>#fF@gy# z+Ww{!`nOXdCri%hoF#XOfQIv2sl=5gmy^j&1^ZiTQ5dsKIZ7gCsqxOW3o=GVky~a} zIhCT5tdqQxR0qQSrs{BGwX>-tqqVR?$YO19@KTpG`IwqI^7qszvn-Ws$rfs<>b% zgydMjyQHR<`M0RXsc=*oF8CCkkBliH86s>HaCa)99yjGWWjkd$1ztSLPKi$OPEn_z zsq3Wu-Sl5?&gWq=nK&r$U@jD-10D$v>%mQJ5lBi)C6m+w9YSY7==*L0OAd-WP)p<%$*>Sy3nFxDhoETH86+SyuLv`B(JN|jNLz?Xd}oGc1YBG&BIol}1$qj7WvX+ns~sT5(Dpp0&$SYf&4+|*D- z4ANNrgggd;47{w0giO~tKwSkd#+;(|nxO;`6+uYj>WJjiak7Mxy+A7$g7hL=G&w37l~pb#`gBUw zF+~*w8BlKcmL|4MrRD;41;+G~c zMKNocf@Ne;3X~K$3Ijsz$yuy_ADg}S2=i+$ZdqhbN{t?up)!E=TBJxRS&lHmk1+o# zFl)f&qVR&tU>t!+AXc=7g4Q2=wkSO#K*2DV+E`1O-qpn3n7SU5O#VC`!(Khom z!s?FDe)&a+@;0D%kWm3h$xt|G&veWx6>F^+poJbscwh8KX2m!cMhW2^*`%~27Dy%I zxz8rW5#A%juc(8gbDWb4T%zGMQWhZ1w6)4Aor+jMOh=esen*&;OGsyyn-sM5zJ9Hz zAYyQ*g;aT{g`v$6=2v}xDaKd;Uo0ghS7NkIvXG5ofjRE{!kdp!zYc08iKI{=t6(@o zH7Em#5Ct2B{QW#h?7+w1j=JD`8B?9 z0IxPVrA!fZh*F|(jr!REcl6t8gxwu0kk@s6nhT+M_N;iy#br2q6e=Q1vSi0UpFv?# z5Dl#fYLlwcL5Jo9)d{*2lqdByBIu0JMsqEaGd2dqg^)yc!jQ4d_%wc@=?LPJS7{kO zhoZqoX;GR5mVqIKm{2;PrbvSu(h1Q* z5y}0LQAvkp!8nghVnyI0mt?q9#>JAk9$d2i$RnbMeL>O*QHW`lTt?Pa!aJjsQLJ9< zhCp+qJc9ZKpek=n^1@rj5j=H~Lgt{Qv9{npKe(wr0{g{vKXU;ns#tRpq0-kS`C>IW zB&S;Uw@7NoA9FWL%O#8=uKVZwHsHD7quUFRMve_CC9)ge*Lh z4JC1zy(ktnJr8j}*d9@SU4*c{cwP)jf>iIfln?bgb|Op6cs}0V!T>T~BRtXM`b7gY zM`+JUh0H=MHfm-=V$o0V@UIvmEu>eBB;1CKN2`;RX>n0x&T=dxL=Xpq9RJGEQX-W4 zKLYzKi-<;`^EQP=vhXH@{JbA6$Tr7F_lhqQNzI&(#ZZ ([#"../01.rs" 21 17 21 18] [#"../01.rs" 21 17 21 18] (0 : usize))) + [#"../01.rs" 21 7 21 18] _3 <- ([#"../01.rs" 21 7 21 18] _4 > (0 : usize)); + _4 <- any usize; + switch (_3) | False -> goto BB4 | True -> goto BB2 end } BB2 { - [#"../01.rs" 22 16 22 17] _8 <- ([#"../01.rs" 22 16 22 17] [#"../01.rs" 22 16 22 17] (0 : usize)); - [#"../01.rs" 22 14 22 18] _10 <- ([#"../01.rs" 22 14 22 18] _8 < ([#"../01.rs" 22 14 22 18] Slice.length a)); + [#"../01.rs" 22 16 22 17] _8 <- ([#"../01.rs" 22 16 22 17] (0 : usize)); + [#"../01.rs" 22 14 22 18] _9 <- ([#"../01.rs" 22 14 22 18] Slice.length a); + [#"../01.rs" 22 14 22 18] _10 <- ([#"../01.rs" 22 14 22 18] _8 < _9); assert { [@expl:index in bounds] [#"../01.rs" 22 14 22 18] _10 }; goto BB3 } @@ -279,7 +288,7 @@ module C01_SliceFirst assume { resolve0 a }; assert { [@expl:type invariant] inv1 _7 }; assume { resolve1 _7 }; - [#"../01.rs" 22 8 22 19] _0 <- ([#"../01.rs" 22 8 22 19] Core_Option_Option_Type.C_Some ([#"../01.rs" 22 13 22 18] _7)); + [#"../01.rs" 22 8 22 19] _0 <- ([#"../01.rs" 22 8 22 19] Core_Option_Option_Type.C_Some _7); goto BB5 } BB4 { diff --git a/creusot/tests/should_succeed/slices/01/why3session.xml b/creusot/tests/should_succeed/slices/01/why3session.xml index 41fb5e6c61..c13a3cf1fb 100644 --- a/creusot/tests/should_succeed/slices/01/why3session.xml +++ b/creusot/tests/should_succeed/slices/01/why3session.xml @@ -8,17 +8,17 @@ - + - + - + diff --git a/creusot/tests/should_succeed/slices/01/why3shapes.gz b/creusot/tests/should_succeed/slices/01/why3shapes.gz index a9470216956977865a5e1748042159ee3e849287..88d5b3d07790f5cfcb2f2ae7e7c05b810515539f 100644 GIT binary patch literal 676 zcmV;V0$cqbiwFP!00000|E*L_kDM?Jz0a@U)^<;E5&~2^mC$MtNY!3i<=Bx2!Y(QU zEwCRyzb0Y%*zHU&y-Z@~`58ak^YO~-AMlsyy(iQ4Roi^_ly~)MH~hw`c>>Ln>B=-D zJG|awZJPVx0V%4k+vmfnEldrXX9N*pj|`%Ul9JCcsBxQSt-* zYWbSX)I+aDhI_5>d-rJK`DT3;CRq2zI^Hs@3_lss{zM8|SX<`6=yFZRUu$E8+vyvx zY&)-N3iER4>nb;Awc!8If?v>rZ?xD?Jb*55-QHI@!yj7YJQvxJVQ2cbelko)V8zF45oUgW0WplCa9EXnc*P^4h z>j2Sa9~>NJO{S~!UXUkRTb$WZ=WLP3Iv~nfGRYHKM|eS=Aa^uCe;De*&dmA{YAM>C z^D@~LI+Rt{54&9y$bu`$jW9kOODqDV!lN=JR|+C9o=io`Q%Kpa6w;R>R03HMm0Ti& zTn5LGfC7uc_kvWVzJ+oDhN#LiEDea_h{p*1vhaP3Oo=&oKscF#NP)N^1(rr>xcdWO KAyE7d2LJ$9kDckI7ZS(zGtYkhbnExe_}ldUtLgfxZNB)zzy0hDf3Rv^L6Ky>5(SBe zcN?rt^E5o8&8qA6ZM$m=Q-h*7wA-o~aEI?C#?86EDindJc2s zF@nv!GSj)hQNTC6{cp1#q2_5**NF?0*1^fFcQ3;{?@9iA-2^sn!gQtMy!NZY)>Yw` zSA|+K*JTonG6|ea_?a)8{=ok3RA0vTP63BXQNnige*3-M8Fi8J6!X|NM#-$Q7;-k_ zRb3*U=!n_v5P>Zb;0#Cp;PoJHoEWT>hG#?ZV|sR4xJrd4;q1kh2po z*nuS{oC8gqD^S3%sCyx8qgFoCxyas$eOp#tKX{&IJSRvHSs;Q4LRLg!kQ)|It~o~F z^OU7Dg_L*(%3MPsNmOWLVI*^mc*#SlrOnmo%T%O+3$-SMWu6O8tq7th2uel?VI>$& dG|PRkaXbZ (forall j : usize . i <= j /\ UIntSize.to_int j < Seq.length (shallow_model1 self) -> deep_model2 x < Seq.get (deep_model0 self) (UIntSize.to_int j)) } let constant promoted0 [#"../02_std.rs" 8 0 8 40] : uint32 = [@vc:do_not_keep_trace] [@vc:sp] - let _1 = [#"../02_std.rs" 9 30 9 31] [#"../02_std.rs" 9 30 9 31] (2 : uint32) in let _0 = [#"../02_std.rs" 9 29 9 31] _1 in _0 + let _1 = [#"../02_std.rs" 9 30 9 31] (2 : uint32) in let _0 = [#"../02_std.rs" 9 29 9 31] _1 in _0 let rec cfg binary_search [#"../02_std.rs" 8 0 8 40] [@cfg:stackify] [@cfg:subregion_analysis] (s : slice uint32) : usize requires {[#"../02_std.rs" 6 0 6 64] forall i : int . 0 <= i /\ i < Seq.length (shallow_model1 s) -> UInt32.to_int (index_logic0 s i) = i} requires {[#"../02_std.rs" 7 11 7 24] Seq.length (shallow_model1 s) = 5} @@ -181,9 +181,9 @@ module C02Std_BinarySearch goto BB0 } BB0 { - [#"../02_std.rs" 9 29 9 31] _12 <- ([#"../02_std.rs" 9 29 9 31] [#"../02_std.rs" 9 29 9 31] promoted0); + [#"../02_std.rs" 9 29 9 31] _12 <- ([#"../02_std.rs" 9 29 9 31] promoted0); [#"../02_std.rs" 9 29 9 31] _8 <- ([#"../02_std.rs" 9 29 9 31] _12); - [#"../02_std.rs" 9 13 9 32] _5 <- ([#"../02_std.rs" 9 13 9 32] binary_search0 ([#"../02_std.rs" 9 13 9 14] s) ([#"../02_std.rs" 9 29 9 31] _8)); + [#"../02_std.rs" 9 13 9 32] _5 <- ([#"../02_std.rs" 9 13 9 32] binary_search0 s _8); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/sparse_array.mlcfg b/creusot/tests/should_succeed/sparse_array.mlcfg index 05784a95c2..9c7fab2f30 100644 --- a/creusot/tests/should_succeed/sparse_array.mlcfg +++ b/creusot/tests/should_succeed/sparse_array.mlcfg @@ -335,6 +335,8 @@ module SparseArray_Impl2_Get var i : usize = i; var index : usize; var _7 : usize; + var _10 : bool; + var _13 : bool; var _15 : usize; var _20 : t; var _21 : t; @@ -342,22 +344,24 @@ module SparseArray_Impl2_Get goto BB0 } BB0 { - [#"../sparse_array.rs" 90 28 90 31] _7 <- ([#"../sparse_array.rs" 90 28 90 31] index0 ([#"../sparse_array.rs" 90 20 90 28] SparseArray_Sparse_Type.sparse_idx self) ([#"../sparse_array.rs" 90 29 90 30] i)); + [#"../sparse_array.rs" 90 28 90 31] _7 <- ([#"../sparse_array.rs" 90 28 90 31] index0 (SparseArray_Sparse_Type.sparse_idx self) i); goto BB1 } BB1 { [#"../sparse_array.rs" 90 20 90 31] index <- ([#"../sparse_array.rs" 90 20 90 31] _7); - switch ([#"../sparse_array.rs" 91 11 91 25] ([#"../sparse_array.rs" 91 11 91 16] index) < ([#"../sparse_array.rs" 91 19 91 25] SparseArray_Sparse_Type.sparse_n self)) + [#"../sparse_array.rs" 91 11 91 25] _10 <- ([#"../sparse_array.rs" 91 11 91 25] index < SparseArray_Sparse_Type.sparse_n self); + switch (_10) | False -> goto BB7 | True -> goto BB2 end } BB2 { - [#"../sparse_array.rs" 91 38 91 45] _15 <- ([#"../sparse_array.rs" 91 38 91 45] index0 ([#"../sparse_array.rs" 91 29 91 38] SparseArray_Sparse_Type.sparse_back self) ([#"../sparse_array.rs" 91 39 91 44] index)); + [#"../sparse_array.rs" 91 38 91 45] _15 <- ([#"../sparse_array.rs" 91 38 91 45] index0 (SparseArray_Sparse_Type.sparse_back self) index); goto BB3 } BB3 { - switch ([#"../sparse_array.rs" 91 29 91 50] ([#"../sparse_array.rs" 91 29 91 45] _15) = ([#"../sparse_array.rs" 91 49 91 50] i)) + [#"../sparse_array.rs" 91 29 91 50] _13 <- ([#"../sparse_array.rs" 91 29 91 50] _15 = i); + switch (_13) | False -> goto BB6 | True -> goto BB4 end @@ -365,7 +369,7 @@ module SparseArray_Impl2_Get BB4 { assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../sparse_array.rs" 92 29 92 32] _21 <- ([#"../sparse_array.rs" 92 29 92 32] index1 ([#"../sparse_array.rs" 92 18 92 29] SparseArray_Sparse_Type.sparse_values self) ([#"../sparse_array.rs" 92 30 92 31] i)); + [#"../sparse_array.rs" 92 29 92 32] _21 <- ([#"../sparse_array.rs" 92 29 92 32] index1 (SparseArray_Sparse_Type.sparse_values self) i); goto BB5 } BB5 { @@ -374,7 +378,7 @@ module SparseArray_Impl2_Get assume { resolve1 _21 }; assert { [@expl:type invariant] inv1 _20 }; assume { resolve1 _20 }; - [#"../sparse_array.rs" 92 12 92 33] _0 <- ([#"../sparse_array.rs" 92 12 92 33] Core_Option_Option_Type.C_Some ([#"../sparse_array.rs" 92 17 92 32] _20)); + [#"../sparse_array.rs" 92 12 92 33] _0 <- ([#"../sparse_array.rs" 92 12 92 33] Core_Option_Option_Type.C_Some _20); goto BB9 } BB6 { @@ -858,6 +862,8 @@ module SparseArray_Impl2_Set var _10 : borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); var index : usize; var _13 : usize; + var _16 : bool; + var _19 : bool; var _21 : usize; var _25 : Snapshot.snap_ty (); var _30 : borrowed usize; @@ -874,7 +880,7 @@ module SparseArray_Impl2_Set [#"../sparse_array.rs" 113 8 113 19] _10 <- Borrow.borrow_final (SparseArray_Sparse_Type.sparse_values ( * self)) (Borrow.inherit_id (Borrow.get_id self) 3); [#"../sparse_array.rs" 113 8 113 19] self <- { self with current = (let SparseArray_Sparse_Type.C_Sparse x0 x1 x2 x3 x4 = * self in SparseArray_Sparse_Type.C_Sparse x0 x1 ( ^ _10) x3 x4) ; }; assume { inv0 ( ^ _10) }; - [#"../sparse_array.rs" 113 19 113 22] _9 <- ([#"../sparse_array.rs" 113 19 113 22] index_mut0 _10 ([#"../sparse_array.rs" 113 20 113 21] i)); + [#"../sparse_array.rs" 113 19 113 22] _9 <- ([#"../sparse_array.rs" 113 19 113 22] index_mut0 _10 i); _10 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB2 } @@ -882,8 +888,8 @@ module SparseArray_Impl2_Set goto BB3 } BB3 { - [#"../sparse_array.rs" 113 8 113 22] _9 <- { _9 with current = ([#"../sparse_array.rs" 113 25 113 26] v) ; }; - [#"../sparse_array.rs" 113 25 113 26] v <- any t; + [#"../sparse_array.rs" 113 8 113 22] _9 <- { _9 with current = ([#"../sparse_array.rs" 113 8 113 22] v) ; }; + v <- any t; assert { [@expl:type invariant] inv1 ( * _9) }; assume { resolve0 ( * _9) }; assert { [@expl:type invariant] inv2 _9 }; @@ -891,22 +897,24 @@ module SparseArray_Impl2_Set goto BB5 } BB5 { - [#"../sparse_array.rs" 114 28 114 31] _13 <- ([#"../sparse_array.rs" 114 28 114 31] index0 ([#"../sparse_array.rs" 114 20 114 28] SparseArray_Sparse_Type.sparse_idx ( * self)) ([#"../sparse_array.rs" 114 29 114 30] i)); + [#"../sparse_array.rs" 114 28 114 31] _13 <- ([#"../sparse_array.rs" 114 28 114 31] index0 (SparseArray_Sparse_Type.sparse_idx ( * self)) i); goto BB6 } BB6 { [#"../sparse_array.rs" 114 20 114 31] index <- ([#"../sparse_array.rs" 114 20 114 31] _13); - switch ([#"../sparse_array.rs" 115 13 115 27] ([#"../sparse_array.rs" 115 13 115 18] index) < ([#"../sparse_array.rs" 115 21 115 27] SparseArray_Sparse_Type.sparse_n ( * self))) + [#"../sparse_array.rs" 115 13 115 27] _16 <- ([#"../sparse_array.rs" 115 13 115 27] index < SparseArray_Sparse_Type.sparse_n ( * self)); + switch (_16) | False -> goto BB11 | True -> goto BB7 end } BB7 { - [#"../sparse_array.rs" 115 40 115 47] _21 <- ([#"../sparse_array.rs" 115 40 115 47] index0 ([#"../sparse_array.rs" 115 31 115 40] SparseArray_Sparse_Type.sparse_back ( * self)) ([#"../sparse_array.rs" 115 41 115 46] index)); + [#"../sparse_array.rs" 115 40 115 47] _21 <- ([#"../sparse_array.rs" 115 40 115 47] index0 (SparseArray_Sparse_Type.sparse_back ( * self)) index); goto BB8 } BB8 { - switch ([#"../sparse_array.rs" 115 31 115 52] ([#"../sparse_array.rs" 115 31 115 47] _21) = ([#"../sparse_array.rs" 115 51 115 52] i)) + [#"../sparse_array.rs" 115 31 115 52] _19 <- ([#"../sparse_array.rs" 115 31 115 52] _21 = i); + switch (_19) | False -> goto BB10 | True -> goto BB9 end @@ -932,23 +940,23 @@ module SparseArray_Impl2_Set assert { [@expl:assertion] [#"../sparse_array.rs" 118 26 118 46] UIntSize.to_int (SparseArray_Sparse_Type.sparse_n ( * self)) < UIntSize.to_int (SparseArray_Sparse_Type.sparse_size ( * self)) }; [#"../sparse_array.rs" 120 12 120 20] _31 <- Borrow.borrow_final (SparseArray_Sparse_Type.sparse_idx ( * self)) (Borrow.inherit_id (Borrow.get_id self) 4); [#"../sparse_array.rs" 120 12 120 20] self <- { self with current = (let SparseArray_Sparse_Type.C_Sparse x0 x1 x2 x3 x4 = * self in SparseArray_Sparse_Type.C_Sparse x0 x1 x2 ( ^ _31) x4) ; }; - [#"../sparse_array.rs" 120 20 120 23] _30 <- ([#"../sparse_array.rs" 120 20 120 23] index_mut1 _31 ([#"../sparse_array.rs" 120 21 120 22] i)); + [#"../sparse_array.rs" 120 20 120 23] _30 <- ([#"../sparse_array.rs" 120 20 120 23] index_mut1 _31 i); _31 <- any borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); goto BB14 } BB14 { - [#"../sparse_array.rs" 120 12 120 32] _30 <- { _30 with current = ([#"../sparse_array.rs" 120 26 120 32] SparseArray_Sparse_Type.sparse_n ( * self)) ; }; + [#"../sparse_array.rs" 120 12 120 32] _30 <- { _30 with current = ([#"../sparse_array.rs" 120 12 120 32] SparseArray_Sparse_Type.sparse_n ( * self)) ; }; assume { resolve3 _30 }; [#"../sparse_array.rs" 121 12 121 21] _35 <- Borrow.borrow_final (SparseArray_Sparse_Type.sparse_back ( * self)) (Borrow.inherit_id (Borrow.get_id self) 5); [#"../sparse_array.rs" 121 12 121 21] self <- { self with current = (let SparseArray_Sparse_Type.C_Sparse x0 x1 x2 x3 x4 = * self in SparseArray_Sparse_Type.C_Sparse x0 x1 x2 x3 ( ^ _35)) ; }; - [#"../sparse_array.rs" 121 21 121 29] _34 <- ([#"../sparse_array.rs" 121 21 121 29] index_mut1 _35 ([#"../sparse_array.rs" 121 22 121 28] SparseArray_Sparse_Type.sparse_n ( * self))); + [#"../sparse_array.rs" 121 21 121 29] _34 <- ([#"../sparse_array.rs" 121 21 121 29] index_mut1 _35 (SparseArray_Sparse_Type.sparse_n ( * self))); _35 <- any borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); goto BB15 } BB15 { - [#"../sparse_array.rs" 121 12 121 33] _34 <- { _34 with current = ([#"../sparse_array.rs" 121 32 121 33] i) ; }; + [#"../sparse_array.rs" 121 12 121 33] _34 <- { _34 with current = ([#"../sparse_array.rs" 121 12 121 33] i) ; }; assume { resolve3 _34 }; - [#"../sparse_array.rs" 122 12 122 23] self <- { self with current = (let SparseArray_Sparse_Type.C_Sparse x0 x1 x2 x3 x4 = * self in SparseArray_Sparse_Type.C_Sparse x0 ([#"../sparse_array.rs" 122 12 122 23] SparseArray_Sparse_Type.sparse_n ( * self) + ([#"../sparse_array.rs" 122 22 122 23] [#"../sparse_array.rs" 122 22 122 23] (1 : usize))) x2 x3 x4) ; }; + [#"../sparse_array.rs" 122 12 122 23] self <- { self with current = (let SparseArray_Sparse_Type.C_Sparse x0 x1 x2 x3 x4 = * self in SparseArray_Sparse_Type.C_Sparse x0 ([#"../sparse_array.rs" 122 12 122 23] SparseArray_Sparse_Type.sparse_n ( * self) + (1 : usize)) x2 x3 x4) ; }; assert { [@expl:type invariant] inv3 self }; assume { resolve4 self }; [#"../sparse_array.rs" 115 54 123 9] _0 <- ([#"../sparse_array.rs" 115 54 123 9] ()); @@ -1132,19 +1140,19 @@ module SparseArray_Create BB0 { assert { [@expl:type invariant] inv0 dummy }; assume { resolve0 dummy }; - [#"../sparse_array.rs" 135 37 135 52] _6 <- ([#"../sparse_array.rs" 135 37 135 52] from_elem0 ([#"../sparse_array.rs" 135 42 135 47] dummy) ([#"../sparse_array.rs" 135 49 135 51] sz)); + [#"../sparse_array.rs" 135 37 135 52] _6 <- ([#"../sparse_array.rs" 135 37 135 52] from_elem0 dummy sz); goto BB1 } BB1 { - [#"../sparse_array.rs" 135 59 135 70] _9 <- ([#"../sparse_array.rs" 135 59 135 70] from_elem1 ([#"../sparse_array.rs" 135 64 135 65] [#"../sparse_array.rs" 135 64 135 65] (0 : usize)) ([#"../sparse_array.rs" 135 67 135 69] sz)); + [#"../sparse_array.rs" 135 59 135 70] _9 <- ([#"../sparse_array.rs" 135 59 135 70] from_elem1 (0 : usize) sz); goto BB2 } BB2 { - [#"../sparse_array.rs" 135 78 135 89] _11 <- ([#"../sparse_array.rs" 135 78 135 89] from_elem1 ([#"../sparse_array.rs" 135 83 135 84] [#"../sparse_array.rs" 135 83 135 84] (0 : usize)) ([#"../sparse_array.rs" 135 86 135 88] sz)); + [#"../sparse_array.rs" 135 78 135 89] _11 <- ([#"../sparse_array.rs" 135 78 135 89] from_elem1 (0 : usize) sz); goto BB3 } BB3 { - [#"../sparse_array.rs" 135 4 135 91] _0 <- ([#"../sparse_array.rs" 135 4 135 91] SparseArray_Sparse_Type.C_Sparse ([#"../sparse_array.rs" 135 19 135 21] sz) ([#"../sparse_array.rs" 135 26 135 27] [#"../sparse_array.rs" 135 26 135 27] (0 : usize)) _6 _9 _11); + [#"../sparse_array.rs" 135 4 135 91] _0 <- ([#"../sparse_array.rs" 135 4 135 91] SparseArray_Sparse_Type.C_Sparse sz (0 : usize) _6 _9 _11); _6 <- any Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global); _9 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); _11 <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); @@ -1390,20 +1398,20 @@ module SparseArray_F goto BB0 } BB0 { - [#"../sparse_array.rs" 141 18 141 19] default <- ([#"../sparse_array.rs" 141 18 141 19] [#"../sparse_array.rs" 141 18 141 19] (0 : int32)); - [#"../sparse_array.rs" 142 16 142 35] a <- ([#"../sparse_array.rs" 142 16 142 35] create0 ([#"../sparse_array.rs" 142 23 142 25] [#"../sparse_array.rs" 142 23 142 25] (10 : usize)) ([#"../sparse_array.rs" 142 27 142 34] default)); + [#"../sparse_array.rs" 141 18 141 19] default <- ([#"../sparse_array.rs" 141 18 141 19] (0 : int32)); + [#"../sparse_array.rs" 142 16 142 35] a <- ([#"../sparse_array.rs" 142 16 142 35] create0 (10 : usize) default); goto BB1 } BB1 { - [#"../sparse_array.rs" 143 16 143 35] b <- ([#"../sparse_array.rs" 143 16 143 35] create0 ([#"../sparse_array.rs" 143 23 143 25] [#"../sparse_array.rs" 143 23 143 25] (20 : usize)) ([#"../sparse_array.rs" 143 27 143 34] default)); + [#"../sparse_array.rs" 143 16 143 35] b <- ([#"../sparse_array.rs" 143 16 143 35] create0 (20 : usize) default); goto BB2 } BB2 { - [#"../sparse_array.rs" 144 16 144 24] x <- ([#"../sparse_array.rs" 144 16 144 24] get0 ([#"../sparse_array.rs" 144 16 144 17] a) ([#"../sparse_array.rs" 144 22 144 23] [#"../sparse_array.rs" 144 22 144 23] (5 : usize))); + [#"../sparse_array.rs" 144 16 144 24] x <- ([#"../sparse_array.rs" 144 16 144 24] get0 a (5 : usize)); goto BB3 } BB3 { - [#"../sparse_array.rs" 145 16 145 24] y <- ([#"../sparse_array.rs" 145 16 145 24] get0 ([#"../sparse_array.rs" 145 16 145 17] b) ([#"../sparse_array.rs" 145 22 145 23] [#"../sparse_array.rs" 145 22 145 23] (7 : usize))); + [#"../sparse_array.rs" 145 16 145 24] y <- ([#"../sparse_array.rs" 145 16 145 24] get0 b (7 : usize)); goto BB4 } BB4 { @@ -1411,7 +1419,7 @@ module SparseArray_F [#"../sparse_array.rs" 148 4 148 5] _13 <- Borrow.borrow_mut a; [#"../sparse_array.rs" 148 4 148 5] a <- ^ _13; assume { inv0 ( ^ _13) }; - [#"../sparse_array.rs" 148 4 148 15] _12 <- ([#"../sparse_array.rs" 148 4 148 15] set0 _13 ([#"../sparse_array.rs" 148 10 148 11] [#"../sparse_array.rs" 148 10 148 11] (5 : usize)) ([#"../sparse_array.rs" 148 13 148 14] [#"../sparse_array.rs" 148 13 148 14] (1 : int32))); + [#"../sparse_array.rs" 148 4 148 15] _12 <- ([#"../sparse_array.rs" 148 4 148 15] set0 _13 (5 : usize) (1 : int32)); _13 <- any borrowed (SparseArray_Sparse_Type.t_sparse int32); goto BB5 } @@ -1419,23 +1427,23 @@ module SparseArray_F [#"../sparse_array.rs" 149 4 149 5] _15 <- Borrow.borrow_mut b; [#"../sparse_array.rs" 149 4 149 5] b <- ^ _15; assume { inv0 ( ^ _15) }; - [#"../sparse_array.rs" 149 4 149 15] _14 <- ([#"../sparse_array.rs" 149 4 149 15] set0 _15 ([#"../sparse_array.rs" 149 10 149 11] [#"../sparse_array.rs" 149 10 149 11] (7 : usize)) ([#"../sparse_array.rs" 149 13 149 14] [#"../sparse_array.rs" 149 13 149 14] (2 : int32))); + [#"../sparse_array.rs" 149 4 149 15] _14 <- ([#"../sparse_array.rs" 149 4 149 15] set0 _15 (7 : usize) (2 : int32)); _15 <- any borrowed (SparseArray_Sparse_Type.t_sparse int32); goto BB6 } BB6 { - [#"../sparse_array.rs" 150 8 150 16] _16 <- ([#"../sparse_array.rs" 150 8 150 16] get0 ([#"../sparse_array.rs" 150 8 150 9] a) ([#"../sparse_array.rs" 150 14 150 15] [#"../sparse_array.rs" 150 14 150 15] (5 : usize))); + [#"../sparse_array.rs" 150 8 150 16] _16 <- ([#"../sparse_array.rs" 150 8 150 16] get0 a (5 : usize)); goto BB7 } BB7 { [#"../sparse_array.rs" 150 4 150 16] x <- ([#"../sparse_array.rs" 150 4 150 16] _16); - [#"../sparse_array.rs" 150 4 150 16] _16 <- any Core_Option_Option_Type.t_option int32; - [#"../sparse_array.rs" 151 8 151 16] _18 <- ([#"../sparse_array.rs" 151 8 151 16] get0 ([#"../sparse_array.rs" 151 8 151 9] b) ([#"../sparse_array.rs" 151 14 151 15] [#"../sparse_array.rs" 151 14 151 15] (7 : usize))); + _16 <- any Core_Option_Option_Type.t_option int32; + [#"../sparse_array.rs" 151 8 151 16] _18 <- ([#"../sparse_array.rs" 151 8 151 16] get0 b (7 : usize)); goto BB8 } BB8 { [#"../sparse_array.rs" 151 4 151 16] y <- ([#"../sparse_array.rs" 151 4 151 16] _18); - [#"../sparse_array.rs" 151 4 151 16] _18 <- any Core_Option_Option_Type.t_option int32; + _18 <- any Core_Option_Option_Type.t_option int32; assert { [@expl:assertion] [#"../sparse_array.rs" 152 18 155 5] match x with | Core_Option_Option_Type.C_None -> false | Core_Option_Option_Type.C_Some z -> shallow_model0 z = 1 @@ -1444,44 +1452,44 @@ module SparseArray_F | Core_Option_Option_Type.C_None -> false | Core_Option_Option_Type.C_Some z -> shallow_model0 z = 2 end }; - [#"../sparse_array.rs" 161 8 161 16] _24 <- ([#"../sparse_array.rs" 161 8 161 16] get0 ([#"../sparse_array.rs" 161 8 161 9] a) ([#"../sparse_array.rs" 161 14 161 15] [#"../sparse_array.rs" 161 14 161 15] (7 : usize))); + [#"../sparse_array.rs" 161 8 161 16] _24 <- ([#"../sparse_array.rs" 161 8 161 16] get0 a (7 : usize)); goto BB9 } BB9 { [#"../sparse_array.rs" 161 4 161 16] x <- ([#"../sparse_array.rs" 161 4 161 16] _24); - [#"../sparse_array.rs" 161 4 161 16] _24 <- any Core_Option_Option_Type.t_option int32; - [#"../sparse_array.rs" 162 8 162 16] _26 <- ([#"../sparse_array.rs" 162 8 162 16] get0 ([#"../sparse_array.rs" 162 8 162 9] b) ([#"../sparse_array.rs" 162 14 162 15] [#"../sparse_array.rs" 162 14 162 15] (5 : usize))); + _24 <- any Core_Option_Option_Type.t_option int32; + [#"../sparse_array.rs" 162 8 162 16] _26 <- ([#"../sparse_array.rs" 162 8 162 16] get0 b (5 : usize)); goto BB10 } BB10 { [#"../sparse_array.rs" 162 4 162 16] y <- ([#"../sparse_array.rs" 162 4 162 16] _26); - [#"../sparse_array.rs" 162 4 162 16] _26 <- any Core_Option_Option_Type.t_option int32; + _26 <- any Core_Option_Option_Type.t_option int32; assert { [@expl:assertion] [#"../sparse_array.rs" 163 18 163 40] x = Core_Option_Option_Type.C_None /\ y = Core_Option_Option_Type.C_None }; - [#"../sparse_array.rs" 165 8 165 16] _30 <- ([#"../sparse_array.rs" 165 8 165 16] get0 ([#"../sparse_array.rs" 165 8 165 9] a) ([#"../sparse_array.rs" 165 14 165 15] [#"../sparse_array.rs" 165 14 165 15] (0 : usize))); + [#"../sparse_array.rs" 165 8 165 16] _30 <- ([#"../sparse_array.rs" 165 8 165 16] get0 a (0 : usize)); goto BB11 } BB11 { [#"../sparse_array.rs" 165 4 165 16] x <- ([#"../sparse_array.rs" 165 4 165 16] _30); - [#"../sparse_array.rs" 165 4 165 16] _30 <- any Core_Option_Option_Type.t_option int32; - [#"../sparse_array.rs" 166 8 166 16] _32 <- ([#"../sparse_array.rs" 166 8 166 16] get0 ([#"../sparse_array.rs" 166 8 166 9] b) ([#"../sparse_array.rs" 166 14 166 15] [#"../sparse_array.rs" 166 14 166 15] (0 : usize))); + _30 <- any Core_Option_Option_Type.t_option int32; + [#"../sparse_array.rs" 166 8 166 16] _32 <- ([#"../sparse_array.rs" 166 8 166 16] get0 b (0 : usize)); goto BB12 } BB12 { [#"../sparse_array.rs" 166 4 166 16] y <- ([#"../sparse_array.rs" 166 4 166 16] _32); - [#"../sparse_array.rs" 166 4 166 16] _32 <- any Core_Option_Option_Type.t_option int32; + _32 <- any Core_Option_Option_Type.t_option int32; assert { [@expl:assertion] [#"../sparse_array.rs" 167 18 167 40] x = Core_Option_Option_Type.C_None /\ y = Core_Option_Option_Type.C_None }; - [#"../sparse_array.rs" 169 8 169 16] _36 <- ([#"../sparse_array.rs" 169 8 169 16] get0 ([#"../sparse_array.rs" 169 8 169 9] a) ([#"../sparse_array.rs" 169 14 169 15] [#"../sparse_array.rs" 169 14 169 15] (9 : usize))); + [#"../sparse_array.rs" 169 8 169 16] _36 <- ([#"../sparse_array.rs" 169 8 169 16] get0 a (9 : usize)); goto BB13 } BB13 { [#"../sparse_array.rs" 169 4 169 16] x <- ([#"../sparse_array.rs" 169 4 169 16] _36); - [#"../sparse_array.rs" 169 4 169 16] _36 <- any Core_Option_Option_Type.t_option int32; - [#"../sparse_array.rs" 170 8 170 16] _38 <- ([#"../sparse_array.rs" 170 8 170 16] get0 ([#"../sparse_array.rs" 170 8 170 9] b) ([#"../sparse_array.rs" 170 14 170 15] [#"../sparse_array.rs" 170 14 170 15] (9 : usize))); + _36 <- any Core_Option_Option_Type.t_option int32; + [#"../sparse_array.rs" 170 8 170 16] _38 <- ([#"../sparse_array.rs" 170 8 170 16] get0 b (9 : usize)); goto BB14 } BB14 { [#"../sparse_array.rs" 170 4 170 16] y <- ([#"../sparse_array.rs" 170 4 170 16] _38); - [#"../sparse_array.rs" 170 4 170 16] _38 <- any Core_Option_Option_Type.t_option int32; + _38 <- any Core_Option_Option_Type.t_option int32; assert { [@expl:assertion] [#"../sparse_array.rs" 171 18 171 40] x = Core_Option_Option_Type.C_None /\ y = Core_Option_Option_Type.C_None }; [#"../sparse_array.rs" 171 4 171 41] _0 <- ([#"../sparse_array.rs" 171 4 171 41] ()); goto BB15 diff --git a/creusot/tests/should_succeed/sparse_array/why3session.xml b/creusot/tests/should_succeed/sparse_array/why3session.xml index e28360c26e..beee7ce2f0 100644 --- a/creusot/tests/should_succeed/sparse_array/why3session.xml +++ b/creusot/tests/should_succeed/sparse_array/why3session.xml @@ -9,7 +9,7 @@ - + @@ -82,74 +82,74 @@ - + - - + + - - + + - + - + - - + + - + - + - - + + - - + + - - + + - + - + - + - + - + - - + + - - + + diff --git a/creusot/tests/should_succeed/sparse_array/why3shapes.gz b/creusot/tests/should_succeed/sparse_array/why3shapes.gz index e61ca48563f4bd55de36446d7f55d6f31b2e3f4e..6411368d4b4b4314e8e851204af6b3840086d3ce 100644 GIT binary patch literal 4259 zcmV;U5M1vciwFP!00000|LrKgi&gwuB)~R;7&35}eYk}lZBP<5 z(^^E&=WoL8&kw(NhP}Dj{d)ar*M%EhgMZjvZ*L#`C;ucidBqXT zWx6kFxF}dfEz7m5ah-sw>4<`%tHUI<5A1TYvjt zYMmhYyDVZpN1jv-Sgxst5i!=F%C)RvTnjZA79t@8n{KhRHs6x9gw1>Zj=z|rpLVxl z_(}}!K80WX&wM=-iV?a&@LGzv`Z<_6>KDOB+O?GBiut>oa>-Qh!u{^%F|aIdGYIAU zg}=EEr=IoxZ+Bl9Gv8-)Zkz9>oAHKa>K``cib?t}%#x-*CC2RRmnd-N!zLR>nvG{C zxqkFFUzoU5b0MX_PbR-^eEWCiD6SmX(FvEHvGaCDO-+6kJhzM_bIY_TUr{Y_c zh!uXe-BV%*Km7H5Kj?7yE=o^UK-SuzT1Y>Vd(H3Ka@R(7kR!+@#?aO{D2g9W6$M9( zVPPyizmL47wTos=3dE#9)CcxNRqUCr4(y5Q*q#iBRP={5(;v!b?8z$!b}-?>b$c?d z6ZS+|BjhVqmKgaFUu92Tc)@{k5F4|fXZ8E@es_1y0Xe1=G07P7su=fcSo=vD?NT?zvRCa-)ZGRtb`ts|3`_GVWMD|+YxBTt5g`Z=f zh;O)j=lht{{=!L`b8}g8oa3hMl9r}S?(e_ceGKix_A&T=$teaZ_xIuMA#~APpT6Aq zNY*n3E(h$TZ~0<%?IuaY5FaihAUz96Nlkx==(XP_?E2Y7`op-0hD9%+looC8ufxql zRwwH`M$6gf-TgzmyY03QT=pkGgOVf6<>1RQ5yJ&r+g>sA2*f>Mh&j{#O<$ETcJa zwnBWxUk3pe^M78ruW-xc*aq$tR3UMd;G)Z=i+B7vSM1}Uz-yN*=LSPZ{BZX0kI&(J z42)41Vt8Ee!uSNr{Xyq&$d{Uw=fMv$9=-Tr-ygjM5lf7@$8^Gw3Da+$eQ1OD55>DM7TEN7rT_hl#3NiCV~E3!5RfcXGfOFTOGTY<^49+q@_%Med%@af2|T zU_MnDcyi;xFGKPa$#dmGX_%M&N!7aM+47bL{l9(rd=tc&&t!Zssg{S{vD6xmL7ke_ zp>bn7A}pr3Trm+=DkikFFPZR6&6FoJ1Pp>dS~Q;(T1-^H)FV;$I9mXJe{Ew=X(OpA+|mvWLE z?W|VpEL*j=vz*vY`6un4jDNEJ$rVH6ilHaKSBco((y~}u&MbW(B_8WljfPi4p*mc% z|8t7gn)=t1BaD zzx_^uV z$H!BF@e?!faooW>TY8x|#@ENiP5AWWpg8C5a1v6o2)dGR&~iJFYeG$Ou@~5UZ40uf zm`S~k&C@1#Tx$&%3>_D2N@upCp#Y?-Z)`A^O2AGnb(TwbXW@CcY~Nb$=p-|1W{_+n+2p`oHjh~uR3R-78WXg_)l zwiSbI`S;F@wl$}1dt$bHNqJwLXrC$Y!^F8WCoB9gz-AfNd+=Q0YZMvp*z_C>^NSXQ zlZhg}*e|YfKU*CJARu z^3P|PBs|Szt<)-2r4m(!m{L{Cd1OXasa2}`_9<49au6g1)e3lQ5El-VqzBn{dXF&~ zZ@Jfn)D&jZ>5H{^8dzLIaCtcN*)sH{^AO4|yS9?GGCUHpW@@F&1ZL6%W{!qFvp)2h z#i7qkW(fs}ky!zcs?Ic3+~MKR)NS(+N^U>(xl;oKt)!TmmNE=axyNuzNaxd>U8H-J zSUUlikiUtt%%{Gk@pnImOAZbmAbD8KWQGY#=W%Xf>Pu%(Vm~0tNI?rP0~xMNeIyR2 zK0TZITs}gxI`tJt;btV_Jw9k7(%gJvR9|jDbvkKsY&3a1O^YR@^TRz$qdMpC^1}Uo zJbI${M^DtLqbIm<^h6(lT;?~^a{rPV_Xk^O9Xm(j5%$A_T(uewwoFdkJ@;-MhIi|* zf44630g!Z4%Ec5HAH;lP$a(g=T%lVC*jE>Z_uXo5YW30&sY zKvNylR3~VHU88B@5rx5Mc_f|C1ilr=6;PMCJRA`{Q4iwTm;<6BVcMToQ{|+JnmisZ z#)BvAUGNWKJSF;-hfNMM<8ao*?2nq5eJJQtr?B+GDJ*>ia+#xaavVfml*0$Z;VT{< zhl5wNKgo*qa2Qq8b_krwaS*oZANykOvHtKLBG*`6}DDP4=#pLC2KUHSy z$E$SURmm40c*U5nvPxRFeBN~i^89hvL-5q(aN|@?yE3pX4=M z?~{(m)TBop>8vCDO+K-526_habv`kkfaX?j)RA8FiIpv+!6%4Al(M`Od;KCWW_j_O zd}3AJ3CP#^#9m&zmlqd(VnyDPMfY4 z1yF&gTxBa$=}J{pVa0bVaprZPMz%(iR!WCfH?kq%Zp?Vm2kp*LSEwo}D+!ep6}Sp) z1*QUhMyf&STCYN{gYe2}0oF<9b?=O6nsa12Oh{LfF;FFO8BeFIRZ{2xPAP@XkrqVS z_)hc+w0bEXse-^pwIrNYt@XOoh75V*3;7;p%1BdbTiywn5YNA;{3^;H^VvScz;o z7a2qOQf#ItqeAC;*9J$9RFFP2l97>dki|r(P`n5mM!9s*vQqA#o6azA zS<;uY2io?=i3Z7OtBB=eer03Xz-`Y)J_lkCC#)3zmz9D_iHclBwjxuJu83WoDh41~ z5mY29WPxmj=FB%OnTB1qZykFrc3pth87Esp*LHZWvC^{AP-#&qS1DU5Qz?!fRVn%w ziW3Iw=!T_4;&? zIwuTCb_k<-A!Tn`Puyj*|AscGbAy$Um4V8LO1nziN^@?~ugQZ!!W*hK@g(YwBDIEx^nl!lY};HW>CE2VpEja0Um-ht{( zqm;!?GFygARUf&sR9XI%m4(WR%D5kBN6sm(gGMuJoU=Q@(Jmc8XTkSfmy~AJ@5!OH zF4Y8X34GVLwsAt~jyg_wmdgz!4)yQMBq{C@iTzC@2P(8NK0DL2T4}A2QnGTga!@%@ zS#G0jWzFx#tp<)&A}@mJxjjKAxEJ(R^kAsd!JIo&IbAtbIjS7KMlwe(7+h;LvNgdm znGl2sUXwr>+T>;+xSVvbr$~=63KETS3 z741Q4%WW#RT!OgUWiM&DKkS+zPyGm1f^9Tn@RGQ+Yc6a}Fq}O5PIhDvQfxsS1L7PI z2Z1yRFh4vCfZ#q$aHA!-(-NBhBG2?)`PB_JQg@sJz&O`=3elUKH7#{)O3M7|KNip2 zUx&bn09zNhY3E7HK_5ih@U4KDc{YDIzNIiNYnyt`x`8_mja|?Ex#T>DjraXIa0AXh z%zw-b_uwGoq{vKj8xFA#kBxZj#Q!J)S>!?@okH6x7kEbD#!|5<8t&`5PRAS#Jg9I+ zu-rWG15f<$N_2bfn9y)y;>yGWxsP+4=9!S?ZX0dPI^EaMZqtBjz;XOG zrtLkp)P^28ad+H%bE#jaZoiAQyC9{P(D$-aS~&1TJRNg9_Rx2QA6@_?Uq$;(5Ik8@ zFFA!N$pdF6xpV{iUi4NsVx-3_UQ_GB8J^D(l(m-KtCvc7=YsE|kajO6d{=D~aKA2O zkD{|Yb2h5$b?XTD16d31oTs1)7&kC-VC=x?K}E(`9ZUh31TYOCb=D(VVY%;VtPwn( zDD6ng-Zd-*M-wCCW)F1SxZnk`1>m6?VtL@n8o2)hZUA}W=RbyH$w29|e*w~1fIs^~ F002}`OFaMp literal 4259 zcmV;U5M1vciwFP!00000|J7PubK|&jeb=w>+f61fXnZ3zuDYtJanV(&n}^)uqg@~g z?rN{cn%Ew%lV6_$fRIRul;yde+0D*cqR2*npc~z%LHx^yi^pI6*YJ4p93CDw+xvgN z&=(*6b@lY$eslj!RI{s<|9I)|!u>B#zk1N#-EDur{j%-Covz70ZErXCPyUO4Ve35N zh~_%oXEj|FuB_(e+SOuNfU4z@0Cz-^_}f|*mbO+`t4~k<)9rtK^$(AsPXFmN+COak z{gbJ6qQrL@1U+{;shUK&mNo4di<(rq<~8lcQcVU%B!*OTrR86eL^Judqtl<)dB!>X1MlBH`@3&o&ec?V?jMscZyVqK z0}|s%|8c@ojeZsC`=ljAL4f?6u4K){PN8+`jLWR zdRLaaGKv=p7fBHzYcVK-hhs(PND)yKNzWgnE@|wnFCuR~OmVt6aE0K6JRiTonT~SLBsnmk?d^V5mEDrWMkJR&I*vQKlbA9LGZk*krS%aG$#H;&LWG$nNZ`0e4h&^~RRgYV}8bdd7+ z7#^NN7v1&c+ntYMJvg8$AT&PWVsY#`SpvY(DaeZp{EL4f|HA!?@GmkYCp;$KY#$!B zzlZKGU;c4Gdy_;Ya^G+6{oSx?x^Z4gM5}$~hfas3I}&_-2%{yIvh6VLS;Yi66f5}S z@pqUM=GhzsTM@nxuY&=z`9BZbm)m)9@PRu;RYcq*x)^fl;u4?JiG3a>@YW^Ixxvwq zKdqkr=WDpwEsWhmj?w4wNsFxaHg&__yA3ghEU+vFf1dBz+`uPgMc;AJW z{9}xQhWm4gd8E_chD1FtKGm^VLyn%P%xG%WnXLUSr(#;Xx{P0bGsTbT-q^|=-DoA# z>Qib7T&z#|`>-K!6D9|6&`jar`6fgT*Kc&gdhEma17Cid^@!hZjF0Vl9H{FOzw2pW zulGwJiF6AKhVqJ`^{}kAG;rLeTi>7~}VS;!0@-lu+1M9%oyev61ugPQkC=qFJar0c>;X6O81wZpv?fuM0 zzEl21`xoP1tbcLE(PF{TBjTGRZ0~7aJk2MbKCn_8&#T%wUJVuGaLimhoWXa_H|lhF zsKxM56ThD$J^D(%VN}uJCXXw@BXjV`Y4B`z(IT_oPTO~VViq8AjI z7m_1q`F}f6r9?|B+z!8lhl}lVc<7<`YFe1L{8bJ^c*%wEf_hs%)@~GEqQsXN)p@!4 z^y$;nuAazRvH zQA-mQk!H?)wbV(ZPTNswLulBMV`;Z&F;r_|7IwsiIj*j8Q|Xv)j_G9U>2S~>_a>=! zf-W)t5N-L7>0Biv=Tl29Y%N?ZVK-$ld4fbtEBHK~WWm#Bo~cEey+o#ulOO2XG?O3V z<4NX>Y)6iY+oo}YbRkJcRR*185_Y_e%F;gSveUR;a9Z4ae!b+y@iRP60mMP-&A|rm zEb9;1khmGU0DvMYj=(wctWoCjbnvunxHxtZPacn0Nfj6Infe5}R%RFRDWc6=8lw-EfS7J~nr79wp`{}x+?-%f=zx?T{JZLihbi@4p&_-%IQIz2fks~Ojg76)IS z>y!h$)o8S&}C1g=j)`}AT^r*e7>?PYPAob|yl>&kCc&hofe=tAUB zizCHx?voQ|vdos9YMSJ}X&QXX2H)cMR_}bPPy6;nS9nfgUhG9*Da}K#xIJ0IOY50! zSVqtBy{4d8yc6GuQs&z5Sr5|5M1iWmlqvA&I&HMsUCxQGXz+76N0t41dv!WJ?e^~T z%kI1_zpSKGi%LqBlmx|CNjblwCrV0nTFF{1OI2B_no3n?NL9;H_rNDsl5&V5Evg0b z2<>JLW26V!cY4n;Id2}NQi5~Yb^2;)Jq;=@F}OZ#*KBFmY--o+d}u3PD}!bZGgB*F zdMA^5Cv()UndNrP%(iQ0)CDL?icAW4oa!u7#l0DPCY+4+QM!G<=1xI>xsYONIhSG3 zpB~fAF`f2dc2@39Qtbp?V*Vl8GVRyq8rOY=A8LDCMoG-j8|mDL&Gc(Jv4eP4ngKcU z1`TwjUz6;xU(=I*EuZFai~U*&6jZdx*XHI1eWuy>YvyE=Jr6)pCTH*`#V9$Vn`1gX z-!a!@15K8<)Q`LK8hU?TL!COWA!g2N=p&Nr;rz({&92y=29e9$u@aBCAD)$})o>bQ zbXx7T7t%Dmkf!|$X_ik-q??@2rnvYZ=9_$EEWI_}<;QedBBd*FH98WIUk`IUPRGsm zTcNlUj}Mr1x`(dvVYK+Jx=a<@HCnfK+g~ z?az*>a=b&09uF70(;DqV@K0fP!t#wLG!8T4a6rTC&u5tZQqZT4F6o)0OZtf9IQ*6h}h)(6S1;%(iw}m0XiI~%vG%{ zl*?32MT+vc6Uwvq<5fB=s`%N5MMcb4c}iM0e^zut^7>KHL-GW20G!H6QD~cY5K=Pz zxF?+tdy!&1?)0*3Z!FfuUYS(J*Bk6b-~O7tBa(CMoswsJ_0C>sJJ`$38TN9M4i(yw z=cO9|n0=DRpx);riKdo%H%B_pk^ZijSU5jCA$eO&>`o5@>h0!8&&I^U7Sa$C<>2LI z0y1J}ugLa_?}~{j9ID zYxM=GieyEiB3=G|q0W?Mt8@4RhbI5Ej=XBD%8sTgDza4LeFDkUn#D}@VINmof* zNmEH(Nrbwrq^Lj#GRZ0dgKQ z!OZq;kfP;Ci`4dwVVVVNMFWQ?9aLrH57z`)NC@&mwY;HLaoLfynmfcZ^Co-2n9As% zrH>?Jd)o=byOLb@3|Z1P1~JmIAY9VN{#2DvCOL1NLWl;a(YwBDkVS+LoEs$bAy9v^ zR#GU9T1E`9B->V5;j9a?>!i|}H706h@jtIDRhCu8{XE^U!1~~&5~_E|y2#;-OKv;O z(Ax>0b(4RXdPbX|8jV_j>ZyQMT2w4%TH;+}dq+t<^@nOmjY95+Yk@NY7ib;=8KFCX zh|mH;AwM`)S>PsHSyNg4$LJaQ-dkmu1>CcyA(El*(Ajx_BV-kO;Z)^h<)AIE9KA=W zQVs7oa1KNP)bXwj4blQvy#ab@ZS);6AWBy`TRBrX{oWchtaXBzl0B9nsZKEmu+r+@ zb}ks6HJ~4?1$Ep330edSV-b*Ag%lv0o-5#mJ`73e$14(xr|z}Wy)r%iIoH|1wC{94 zaWx68P{jHP>_Z#CePV!83|NW*OfikWs3}?k7N?H?Ky8H+0PX-+C@u`BQV_r{i_jTQ zT0vP``DfC&b)9M2&XNSQWE4#ABxYEK(DR-Kjn$t_YeNPpfo#y!^<9sg-=Zf_P|5`W z9DYH-*93q~Jhp*Q85o-)$c`vG!t98%N&iXA;lVMup^aTEDjIJ(kHBeUuq}Y2@i8A0 zS_eY!KxiKRe^}LY0kGeaVaO#Gsf-6jUh9?Elh1u zW06Cf(0Z)FAhH}-oxWi;`mpzq+uB|NOmNImt$-_jp};cI!X8tfswl)FvW_)AJPE$5*VZP!XKssyh+AgGAJv>su#jCEi(b<5r7_AdHjJfEFzeM{tAC`^?&Y_?4uY% F0064{W|jZ| diff --git a/creusot/tests/should_succeed/specification/division.mlcfg b/creusot/tests/should_succeed/specification/division.mlcfg index 55664b635c..09d2b1353a 100644 --- a/creusot/tests/should_succeed/specification/division.mlcfg +++ b/creusot/tests/should_succeed/specification/division.mlcfg @@ -16,12 +16,12 @@ module Division_Divide } BB0 { [#"../division.rs" 7 8 7 9] _5 <- ([#"../division.rs" 7 8 7 9] x); - [#"../division.rs" 7 4 7 9] _6 <- ([#"../division.rs" 7 4 7 9] _5 = ([#"../division.rs" 7 4 7 9] [#"../division.rs" 7 4 7 9] (0 : uint32))); + [#"../division.rs" 7 4 7 9] _6 <- ([#"../division.rs" 7 4 7 9] _5 = (0 : uint32)); assert { [@expl:division by zero] [#"../division.rs" 7 4 7 9] not _6 }; goto BB1 } BB1 { - [#"../division.rs" 7 4 7 9] _0 <- ([#"../division.rs" 7 4 7 9] ([#"../division.rs" 7 4 7 5] y) / _5); + [#"../division.rs" 7 4 7 9] _0 <- ([#"../division.rs" 7 4 7 9] y / _5); _5 <- any uint32; return _0 } diff --git a/creusot/tests/should_succeed/specification/logic_call.mlcfg b/creusot/tests/should_succeed/specification/logic_call.mlcfg index 9f18d949a6..90835dd6b0 100644 --- a/creusot/tests/should_succeed/specification/logic_call.mlcfg +++ b/creusot/tests/should_succeed/specification/logic_call.mlcfg @@ -16,7 +16,7 @@ module LogicCall_Dummy goto BB0 } BB0 { - [#"../logic_call.rs" 12 4 12 5] _0 <- ([#"../logic_call.rs" 12 4 12 5] [#"../logic_call.rs" 12 4 12 5] (0 : uint32)); + [#"../logic_call.rs" 12 4 12 5] _0 <- ([#"../logic_call.rs" 12 4 12 5] (0 : uint32)); return _0 } diff --git a/creusot/tests/should_succeed/specification/loops.mlcfg b/creusot/tests/should_succeed/specification/loops.mlcfg index b94afea8f7..bdf5f2abd2 100644 --- a/creusot/tests/should_succeed/specification/loops.mlcfg +++ b/creusot/tests/should_succeed/specification/loops.mlcfg @@ -15,7 +15,7 @@ module Loops_WhileLoopVariant goto BB2 } BB2 { - switch ([#"../loops.rs" 6 10 6 11] x) + switch (x) | False -> goto BB4 | True -> goto BB3 end diff --git a/creusot/tests/should_succeed/split_borrow.mlcfg b/creusot/tests/should_succeed/split_borrow.mlcfg index 1ae2f34de1..ee3c4ab203 100644 --- a/creusot/tests/should_succeed/split_borrow.mlcfg +++ b/creusot/tests/should_succeed/split_borrow.mlcfg @@ -7,7 +7,7 @@ module SplitBorrow_Z goto BB0 } BB0 { - [#"../split_borrow.rs" 6 4 6 8] _0 <- ([#"../split_borrow.rs" 6 4 6 8] [#"../split_borrow.rs" 6 4 6 8] true); + [#"../split_borrow.rs" 6 4 6 8] _0 <- ([#"../split_borrow.rs" 6 4 6 8] true); return _0 } @@ -44,14 +44,22 @@ module SplitBorrow_F = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var x : (SplitBorrow_MyInt_Type.t_myint, SplitBorrow_MyInt_Type.t_myint); + var _2 : SplitBorrow_MyInt_Type.t_myint; + var _3 : SplitBorrow_MyInt_Type.t_myint; var y : borrowed (SplitBorrow_MyInt_Type.t_myint, SplitBorrow_MyInt_Type.t_myint); var _5 : (); var _6 : bool; + var _7 : SplitBorrow_MyInt_Type.t_myint; + var _8 : SplitBorrow_MyInt_Type.t_myint; { goto BB0 } BB0 { - [#"../split_borrow.rs" 10 16 10 36] x <- ([#"../split_borrow.rs" 10 16 10 36] (([#"../split_borrow.rs" 10 17 10 25] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 10 23 10 24] [#"../split_borrow.rs" 10 23 10 24] (1 : usize))), ([#"../split_borrow.rs" 10 27 10 35] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 10 33 10 34] [#"../split_borrow.rs" 10 33 10 34] (2 : usize))))); + [#"../split_borrow.rs" 10 17 10 25] _2 <- ([#"../split_borrow.rs" 10 17 10 25] SplitBorrow_MyInt_Type.C_MyInt (1 : usize)); + [#"../split_borrow.rs" 10 27 10 35] _3 <- ([#"../split_borrow.rs" 10 27 10 35] SplitBorrow_MyInt_Type.C_MyInt (2 : usize)); + [#"../split_borrow.rs" 10 16 10 36] x <- ([#"../split_borrow.rs" 10 16 10 36] (_2, _3)); + _2 <- any SplitBorrow_MyInt_Type.t_myint; + _3 <- any SplitBorrow_MyInt_Type.t_myint; [#"../split_borrow.rs" 11 12 11 18] y <- Borrow.borrow_mut x; [#"../split_borrow.rs" 11 12 11 18] x <- ^ y; [#"../split_borrow.rs" 13 7 13 10] _6 <- ([#"../split_borrow.rs" 13 7 13 10] z0 ()); @@ -64,12 +72,16 @@ module SplitBorrow_F end } BB2 { - [#"../split_borrow.rs" 14 8 14 25] y <- { y with current = (let (x0, x1) = * y in (x0, ([#"../split_borrow.rs" 14 17 14 25] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 14 23 14 24] [#"../split_borrow.rs" 14 23 14 24] (4 : usize))))) ; }; + [#"../split_borrow.rs" 14 17 14 25] _7 <- ([#"../split_borrow.rs" 14 17 14 25] SplitBorrow_MyInt_Type.C_MyInt (4 : usize)); + [#"../split_borrow.rs" 14 8 14 25] y <- { y with current = (let (x0, x1) = * y in (x0, ([#"../split_borrow.rs" 14 8 14 25] _7))) ; }; + _7 <- any SplitBorrow_MyInt_Type.t_myint; [#"../split_borrow.rs" 13 11 15 5] _5 <- ([#"../split_borrow.rs" 13 11 15 5] ()); goto BB4 } BB3 { - [#"../split_borrow.rs" 16 8 16 26] y <- { y with current = (let (x0, x1) = * y in (([#"../split_borrow.rs" 16 17 16 26] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 16 23 16 25] [#"../split_borrow.rs" 16 23 16 25] (10 : usize))), x1)) ; }; + [#"../split_borrow.rs" 16 17 16 26] _8 <- ([#"../split_borrow.rs" 16 17 16 26] SplitBorrow_MyInt_Type.C_MyInt (10 : usize)); + [#"../split_borrow.rs" 16 8 16 26] y <- { y with current = (let (x0, x1) = * y in (([#"../split_borrow.rs" 16 8 16 26] _8), x1)) ; }; + _8 <- any SplitBorrow_MyInt_Type.t_myint; [#"../split_borrow.rs" 15 11 17 5] _5 <- ([#"../split_borrow.rs" 15 11 17 5] ()); goto BB4 } @@ -110,19 +122,28 @@ module SplitBorrow_G = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var a : (SplitBorrow_MyInt_Type.t_myint, SplitBorrow_MyInt_Type.t_myint); + var _2 : SplitBorrow_MyInt_Type.t_myint; + var _3 : SplitBorrow_MyInt_Type.t_myint; var x : borrowed (SplitBorrow_MyInt_Type.t_myint, SplitBorrow_MyInt_Type.t_myint); var _z : borrowed (SplitBorrow_MyInt_Type.t_myint); + var _6 : SplitBorrow_MyInt_Type.t_myint; { goto BB0 } BB0 { - [#"../split_borrow.rs" 24 16 24 36] a <- ([#"../split_borrow.rs" 24 16 24 36] (([#"../split_borrow.rs" 24 17 24 25] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 24 23 24 24] [#"../split_borrow.rs" 24 23 24 24] (1 : usize))), ([#"../split_borrow.rs" 24 27 24 35] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 24 33 24 34] [#"../split_borrow.rs" 24 33 24 34] (2 : usize))))); + [#"../split_borrow.rs" 24 17 24 25] _2 <- ([#"../split_borrow.rs" 24 17 24 25] SplitBorrow_MyInt_Type.C_MyInt (1 : usize)); + [#"../split_borrow.rs" 24 27 24 35] _3 <- ([#"../split_borrow.rs" 24 27 24 35] SplitBorrow_MyInt_Type.C_MyInt (2 : usize)); + [#"../split_borrow.rs" 24 16 24 36] a <- ([#"../split_borrow.rs" 24 16 24 36] (_2, _3)); + _2 <- any SplitBorrow_MyInt_Type.t_myint; + _3 <- any SplitBorrow_MyInt_Type.t_myint; [#"../split_borrow.rs" 25 12 25 18] x <- Borrow.borrow_mut a; [#"../split_borrow.rs" 25 12 25 18] a <- ^ x; [#"../split_borrow.rs" 27 13 27 21] _z <- Borrow.borrow_final (let (_, a) = * x in a) (Borrow.inherit_id (Borrow.get_id x) 2); [#"../split_borrow.rs" 27 13 27 21] x <- { x with current = (let (x0, x1) = * x in (x0, ^ _z)) ; }; assume { resolve0 _z }; - [#"../split_borrow.rs" 29 4 29 21] x <- { x with current = (let (x0, x1) = * x in (([#"../split_borrow.rs" 29 13 29 21] SplitBorrow_MyInt_Type.C_MyInt ([#"../split_borrow.rs" 29 19 29 20] [#"../split_borrow.rs" 29 19 29 20] (3 : usize))), x1)) ; }; + [#"../split_borrow.rs" 29 13 29 21] _6 <- ([#"../split_borrow.rs" 29 13 29 21] SplitBorrow_MyInt_Type.C_MyInt (3 : usize)); + [#"../split_borrow.rs" 29 4 29 21] x <- { x with current = (let (x0, x1) = * x in (([#"../split_borrow.rs" 29 4 29 21] _6), x1)) ; }; + _6 <- any SplitBorrow_MyInt_Type.t_myint; assume { resolve1 x }; assume { resolve2 a }; [#"../split_borrow.rs" 23 11 32 1] _0 <- ([#"../split_borrow.rs" 23 11 32 1] ()); diff --git a/creusot/tests/should_succeed/sum.mlcfg b/creusot/tests/should_succeed/sum.mlcfg index f2f32e7f16..b17661743f 100644 --- a/creusot/tests/should_succeed/sum.mlcfg +++ b/creusot/tests/should_succeed/sum.mlcfg @@ -218,8 +218,8 @@ module Sum_SumFirstN goto BB0 } BB0 { - [#"../sum.rs" 7 18 7 19] sum <- ([#"../sum.rs" 7 18 7 19] [#"../sum.rs" 7 18 7 19] (0 : uint32)); - [#"../sum.rs" 9 13 9 18] _7 <- ([#"../sum.rs" 9 13 9 18] new0 ([#"../sum.rs" 9 13 9 14] [#"../sum.rs" 9 13 9 14] (1 : uint32)) ([#"../sum.rs" 9 17 9 18] n)); + [#"../sum.rs" 7 18 7 19] sum <- ([#"../sum.rs" 7 18 7 19] (0 : uint32)); + [#"../sum.rs" 9 13 9 18] _7 <- ([#"../sum.rs" 9 13 9 18] new0 (1 : uint32) n); goto BB1 } BB1 { @@ -278,9 +278,9 @@ module Sum_SumFirstN } BB12 { [#"../sum.rs" 8 4 8 67] produced <- ([#"../sum.rs" 8 4 8 67] _22); - [#"../sum.rs" 8 4 8 67] _22 <- any Snapshot.snap_ty (Seq.seq uint32); + _22 <- any Snapshot.snap_ty (Seq.seq uint32); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); - [#"../sum.rs" 10 8 10 16] sum <- ([#"../sum.rs" 10 8 10 16] sum + ([#"../sum.rs" 10 15 10 16] i)); + [#"../sum.rs" 10 8 10 16] sum <- ([#"../sum.rs" 10 8 10 16] sum + i); goto BB5 } diff --git a/creusot/tests/should_succeed/sum_of_odds.mlcfg b/creusot/tests/should_succeed/sum_of_odds.mlcfg index 06a4f1687d..4932dfaf12 100644 --- a/creusot/tests/should_succeed/sum_of_odds.mlcfg +++ b/creusot/tests/should_succeed/sum_of_odds.mlcfg @@ -216,6 +216,7 @@ module SumOfOdds_ComputeSumOfOdd var x : uint32 = x; var s : uint32; var iter : Core_Ops_Range_Range_Type.t_range uint32; + var _8 : Core_Ops_Range_Range_Type.t_range uint32; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range uint32); var produced : Snapshot.snap_ty (Seq.seq uint32); var _18 : Core_Option_Option_Type.t_option uint32; @@ -224,12 +225,16 @@ module SumOfOdds_ComputeSumOfOdd var __creusot_proc_iter_elem : uint32; var _23 : Snapshot.snap_ty (Seq.seq uint32); var i : uint32; + var _28 : uint32; + var _29 : uint32; { goto BB0 } BB0 { - [#"../sum_of_odds.rs" 37 21 37 22] s <- ([#"../sum_of_odds.rs" 37 21 37 22] [#"../sum_of_odds.rs" 37 21 37 22] (0 : uint32)); - [#"../sum_of_odds.rs" 38 4 38 50] iter <- ([#"../sum_of_odds.rs" 38 4 38 50] into_iter0 ([#"../sum_of_odds.rs" 39 13 39 17] Core_Ops_Range_Range_Type.C_Range ([#"../sum_of_odds.rs" 39 13 39 14] [#"../sum_of_odds.rs" 39 13 39 14] (0 : uint32)) ([#"../sum_of_odds.rs" 39 16 39 17] x))); + [#"../sum_of_odds.rs" 37 21 37 22] s <- ([#"../sum_of_odds.rs" 37 21 37 22] (0 : uint32)); + [#"../sum_of_odds.rs" 39 13 39 17] _8 <- ([#"../sum_of_odds.rs" 39 13 39 17] Core_Ops_Range_Range_Type.C_Range (0 : uint32) x); + [#"../sum_of_odds.rs" 38 4 38 50] iter <- ([#"../sum_of_odds.rs" 38 4 38 50] into_iter0 _8); + _8 <- any Core_Ops_Range_Range_Type.t_range uint32; goto BB1 } BB1 { @@ -283,10 +288,14 @@ module SumOfOdds_ComputeSumOfOdd } BB11 { [#"../sum_of_odds.rs" 38 4 38 50] produced <- ([#"../sum_of_odds.rs" 38 4 38 50] _23); - [#"../sum_of_odds.rs" 38 4 38 50] _23 <- any Snapshot.snap_ty (Seq.seq uint32); + _23 <- any Snapshot.snap_ty (Seq.seq uint32); [#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); assert { [@expl:assertion] [#"../sum_of_odds.rs" 41 12 41 33] let _ = sum_of_odd_is_sqr0 (UInt32.to_int i) in true }; - [#"../sum_of_odds.rs" 44 8 44 22] s <- ([#"../sum_of_odds.rs" 44 8 44 22] s + ([#"../sum_of_odds.rs" 44 13 44 22] ([#"../sum_of_odds.rs" 44 13 44 18] ([#"../sum_of_odds.rs" 44 13 44 14] [#"../sum_of_odds.rs" 44 13 44 14] (2 : uint32)) * ([#"../sum_of_odds.rs" 44 17 44 18] i)) + ([#"../sum_of_odds.rs" 44 21 44 22] [#"../sum_of_odds.rs" 44 21 44 22] (1 : uint32)))); + [#"../sum_of_odds.rs" 44 13 44 18] _29 <- ([#"../sum_of_odds.rs" 44 13 44 18] (2 : uint32) * i); + [#"../sum_of_odds.rs" 44 13 44 22] _28 <- ([#"../sum_of_odds.rs" 44 13 44 22] _29 + (1 : uint32)); + _29 <- any uint32; + [#"../sum_of_odds.rs" 44 8 44 22] s <- ([#"../sum_of_odds.rs" 44 8 44 22] s + _28); + _28 <- any uint32; goto BB4 } @@ -340,7 +349,7 @@ module SumOfOdds_Test goto BB0 } BB0 { - [#"../sum_of_odds.rs" 51 12 51 33] y <- ([#"../sum_of_odds.rs" 51 12 51 33] compute_sum_of_odd0 ([#"../sum_of_odds.rs" 51 31 51 32] x)); + [#"../sum_of_odds.rs" 51 12 51 33] y <- ([#"../sum_of_odds.rs" 51 12 51 33] compute_sum_of_odd0 x); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/sum_of_odds/why3session.xml b/creusot/tests/should_succeed/sum_of_odds/why3session.xml index 19cd4f6545..4644e4ffc6 100644 --- a/creusot/tests/should_succeed/sum_of_odds/why3session.xml +++ b/creusot/tests/should_succeed/sum_of_odds/why3session.xml @@ -20,46 +20,46 @@ - + - + - + - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/sum_of_odds/why3shapes.gz b/creusot/tests/should_succeed/sum_of_odds/why3shapes.gz index 0950c89fd2d39c7d67f326a048cf9756cf33cffc..189ce8519b1966de8fbfcc5c7cd7fa1fc3eef6e1 100644 GIT binary patch literal 1712 zcmV;h22c4PiwFP!00000|HW5ZZ|pP>e$TJS8_){L_V|igq^eTol@Jer{7B?DPFc}z z$|mhO{Cmbuvd!L3TaXSf@onat@p$}s^6f?0|KXovU%td`zwS0al(M||uJBj>dq)Cw z>Bqe}1gGw(6Ru@Ynuzgu-k8y}w*ejcEQNu+#>!!#dEU zzW-~B&1yXytgvx~{e(~yp?<_KI``wXgVbI*aCGvOPBN=eXqANMNyn>oUml1 z7jP&ucA2AdmpX=SK5e_^ImDhg@Ryg4JL%LaEt9DQC#SKP#(WyXYN0Jg#RVKJ}HJ$pi&IS$y#SkpP!bQf)U9PVlN2twEXx96vaNKULKxGCWD)QL?8L)jQ- zmSwK|&{gZr;6Dc`1jwuvNNOtWZ>wMY=02ihp9|br5*^~UdfK7`l`gOi-KJR&n2$x? zc$!@bcKwj%d>Ty>WA{3@Rrk>NP5iW*oPs+}=I9m=UH4R?rr)mpX29NhSR4XkZsPV8 zY#i=jX549${a*MV;^uz%<3MF8P2U!$)2=Rj#mKw;qO<%M2I_yGhd58oVztTR`#4mo zJ5FLlecf%h-KW@m^Y~}dMxl1S@egUy&!Xv4q^084hwc&6W{9|tBzs%^+->5*-O+Bp z-rS>9w{a9E)Z6OU?lC&-=aYS5V{aS#?%^e+0XmbNqIyDIM6e?7ir_i!vM~h6G zttHR==h1u>w(+^|229Q_jM*0-;-l|TrXr)$*Ruz^eV)||8TCDao` z-a^PM^{?=kT*nerzU=44k@EUJZfByc>h5{d^y%gB&v-?EeUmQAy1;L|kK3}tDxrPo zJ|)0A1(0%0txSqW!zk4(2;Y)z84~FE$k3o4S^RfwR z!Sd{Fj$+85vw{P9f~1fzR~}0oEJDcLOs_i?&d=I#pl%MGcgSw@qGRG_tSOjC7C3ht z?pAwo#F@P~q7Qqk?C$2w2^~ph6U=dXWP{oTgo48)bfEX3j#gL0 z&5*;Z9k9FHQx4?Vlj#~d5ZMg2jtgu68G_Fw;2;y%Vk{On99MA(J($#`&oeTs$XB6> z-nh)7JER>=qsXoYKc(suVN!2AOU6bAu?)stEFmCZCH(sKLOumx)7#}BXHhrJBQK3HnK;<%htkSdEvrlFBw2jOK zn5)ZZ@l(76xcRHyU@Y=iM>D%$t|9hAQPjSz+nOp(1wLoS6Q-qBoOuWhGfI}!l7h(E zfCzQ1DF_9E5Q7<~qTz~gBBA6KEGrr&YZQc9nz~USmBf$=2{rXXX<3(2S}80AOPQtA zQeutOR#|C9(Kb?WWP^w#3~dvYYK%t&6(Z8GASKn7DodrM2*J;ws1_JR0E0SGYe*kc z(~#T{jgT3|yaT9)rsk@S3L_z+iqwFNp4W}8IcYs98MlmDhWlo@L*7F4Ovai5skJdg zn6^cSg2Y4NA`m7`Mid_fRXlKLq^>0kEMPKtFF={-jfy0;8B~58H>yBQh(R`uQo1&R zD6X^*N;48AZ&MrrPaP~U3)BL!%vh!^Qy(#dxg@!2RZAnSl?p8o9i@VxJf0laC8w4X z3&sN4Qx>EJamwlkOk#F7x}ng}n)_DNx^9CYI3}u%T$Tc?U{+8oh~>s|ZMm{sS}rW- zmV@Q&i>`bq04ypViAg+b80J+71PBDfb*r?{=#8*~e?^BB#Z0O(`m!}5G$3^dx+Ou< znsCj0c1T$vzoJhyqYZ7M!Fw$m@Qo5a@)!&rrD~ZUeKJ<)uj>{^KA>C$E|6{nF^!-E zS&VZ$KY}b#N@gXsl6-Z~h!z~l*hB_IF%~1f5=h9}BkwT6L-q{*C+9R$aTG!{GQB#I zd10hcpc)==OhtB%|9}307B$BkATWAH8DB^6oJoeSAtw!~OGT_SR%$B|xA+ITk!`)N G6#xKr#aK=N literal 1706 zcmV;b237eViwFP!00000|HW5ZZ|gP^e)q4?Tek@caEA9qQXmKr&_L0L-GYxbD2hsr zCRS=I=bZibJESB>cI*?k1x{bY%glWII2;Z~|GKJnzlE2yt3IXeZryGEU8(Bo`$f13 zKX?|wv%7F}8<}UzpQ%Gr>|x>WtG3%#yVvJc*RHyzS%lm0HX`M9_#s@+rv|ie6*0Gw z?Xiw5A?*IxQnOt5M-m()_!B_^LH$TyBKPC1=efP{+{4HfMxEuLw9HCylK5)9TM_J{ z|0Aq7pSUNTp^F}-E_fuGFWatpjcLa`57*aTc;)pni`m$6ug0+)$6_4w<;+?RhBG+A zk_QWzke*-q|9Laon~4eY_PxVS`Whx@!`|EQ-reKw2?W;Rm)Do4#7;;v+~{yPbz)x+^?lx&gcUX6~ z-aL|4xADM7)ce(cyXWMoZwep|y=~fcPoF44GMPdO%!oSk;EG-3!E^dkj4pCO&0=p_ zEi(&WhUHgrn_hQaPjTDDAq>+~dJa3%S+Rli?ZjZe&$D*1pkAWL&WdIWUSGe9fRCXm zZJhSl<=ZHm_)Cj>5aHO2=9ZMnNphOkl;6d}-&t2);`W^NtKT6H?-w3_OPuxry@RGEj*_MF@MCvg+PMoL|FpeRoXWQ&O9R9_8IoQ=rT%2=oFT zmIrR6nFBWxhXW~lxI1$`?=+8r*`YeO5zd2U=@9_8N0H{aIRJPkUG{fELy2~kw{Nc&7o zD*GP)DOZ{VlY7ItAr1to?8;VnoDZBwT}AY9d8MG}ll!9Q++yOcO2h3S# zoOa5|g%Fk@h**o3NyRZXO;C+6($c!BfeN$(4p(zN6ni>9I9 z$yT<(>L3c7_%nzt9R})XSpo%&Xi6OzaEM6fRI>q5{z*`crqv)?0b22z8*UIa(^}RN zkq$EZj&sM+ad4b)twZBbJ5(315n2vXi9lQ}A!}X>gDgd%b!wvxm0*rr$BpB(m~vb? zE>10Z;d*F+;u%^@MztbH6*z!xbZdh^dW$NFPJ)xn3G0M$LOY?HkWL6ExD)6Ee3i%L zTQ@vu0X0gcd6QC1H6+WFZHx{9WLrt$B>z@yqEU?wm?8kzwG=io3sD-&ObF3HVMB`Y zTM??;Rw)*B(<-B|j%^bSZ-b6ClUmiG5He2cZ^%gpz=pLLYh`#N8>}hW8A@bzn6U-vtyJyT1LsOR+KbN z;weOH3N!u>k>f_zq7Fe4N2_h96Q?Agklr}K8dg`zI%S+9Z312VAB28Jb%YfF01df9 AlK=n! diff --git a/creusot/tests/should_succeed/swap_borrows.mlcfg b/creusot/tests/should_succeed/swap_borrows.mlcfg index 1d97767b47..1dfaf453a0 100644 --- a/creusot/tests/should_succeed/swap_borrows.mlcfg +++ b/creusot/tests/should_succeed/swap_borrows.mlcfg @@ -36,9 +36,9 @@ module SwapBorrows_Swap BB1 { assert { [@expl:type invariant] inv0 x }; assume { resolve0 x }; - [#"../swap_borrows.rs" 6 4 6 14] _0 <- ([#"../swap_borrows.rs" 6 4 6 14] (([#"../swap_borrows.rs" 6 5 6 8] let (_, a) = x in a), ([#"../swap_borrows.rs" 6 10 6 13] let (a, _) = x in a))); - [#"../swap_borrows.rs" 6 5 6 8] x <- (let (x0, x1) = x in (x0, any t)); - [#"../swap_borrows.rs" 6 10 6 13] x <- (let (x0, x1) = x in (any t, x1)); + [#"../swap_borrows.rs" 6 4 6 14] _0 <- ([#"../swap_borrows.rs" 6 4 6 14] ((let (_, a) = x in a), (let (a, _) = x in a))); + x <- (let (x0, x1) = x in (x0, any t)); + x <- (let (x0, x1) = x in (any t, x1)); goto BB2 } BB2 { @@ -98,6 +98,7 @@ module SwapBorrows_F var b : uint32; var _3 : (uint32, uint32); var p : (borrowed uint32, borrowed uint32); + var _5 : (borrowed uint32, borrowed uint32); var _6 : borrowed uint32; var _7 : borrowed uint32; var _8 : borrowed uint32; @@ -105,7 +106,7 @@ module SwapBorrows_F goto BB0 } BB0 { - [#"../swap_borrows.rs" 11 25 11 31] _3 <- ([#"../swap_borrows.rs" 11 25 11 31] (([#"../swap_borrows.rs" 11 26 11 27] [#"../swap_borrows.rs" 11 26 11 27] (0 : uint32)), ([#"../swap_borrows.rs" 11 29 11 30] [#"../swap_borrows.rs" 11 29 11 30] (0 : uint32)))); + [#"../swap_borrows.rs" 11 25 11 31] _3 <- ([#"../swap_borrows.rs" 11 25 11 31] ((0 : uint32), (0 : uint32))); [#"../swap_borrows.rs" 11 9 11 14] a <- ([#"../swap_borrows.rs" 11 9 11 14] let (a, _) = _3 in a); [#"../swap_borrows.rs" 11 16 11 21] b <- ([#"../swap_borrows.rs" 11 16 11 21] let (_, a) = _3 in a); assume { resolve0 _3 }; @@ -115,14 +116,16 @@ module SwapBorrows_F [#"../swap_borrows.rs" 12 26 12 32] b <- ^ _8; [#"../swap_borrows.rs" 12 26 12 32] _7 <- Borrow.borrow_final ( * _8) (Borrow.get_id _8); [#"../swap_borrows.rs" 12 26 12 32] _8 <- { _8 with current = ( ^ _7) ; }; - [#"../swap_borrows.rs" 12 12 12 34] p <- ([#"../swap_borrows.rs" 12 12 12 34] swap0 ([#"../swap_borrows.rs" 12 17 12 33] (_6, _7))); + [#"../swap_borrows.rs" 12 17 12 33] _5 <- ([#"../swap_borrows.rs" 12 17 12 33] (_6, _7)); _6 <- any borrowed uint32; _7 <- any borrowed uint32; + [#"../swap_borrows.rs" 12 12 12 34] p <- ([#"../swap_borrows.rs" 12 12 12 34] swap0 _5); + _5 <- any (borrowed uint32, borrowed uint32); goto BB1 } BB1 { assume { resolve1 _8 }; - [#"../swap_borrows.rs" 13 4 13 13] p <- (let (x0, x1) = p in ({ (let (a, _) = p in a) with current = ([#"../swap_borrows.rs" 13 4 13 13] [#"../swap_borrows.rs" 13 11 13 13] (10 : uint32)) ; }, x1)); + [#"../swap_borrows.rs" 13 4 13 13] p <- (let (x0, x1) = p in ({ (let (a, _) = p in a) with current = ([#"../swap_borrows.rs" 13 4 13 13] (10 : uint32)) ; }, x1)); assume { resolve2 p }; assert { [@expl:assertion] [#"../swap_borrows.rs" 15 20 15 30] b = (10 : uint32) }; assert { [@expl:assertion] [#"../swap_borrows.rs" 16 20 16 29] a = (0 : uint32) }; diff --git a/creusot/tests/should_succeed/swap_borrows/why3session.xml b/creusot/tests/should_succeed/swap_borrows/why3session.xml index a20fa9420b..59893a90fe 100644 --- a/creusot/tests/should_succeed/swap_borrows/why3session.xml +++ b/creusot/tests/should_succeed/swap_borrows/why3session.xml @@ -12,7 +12,7 @@ - + diff --git a/creusot/tests/should_succeed/swap_borrows/why3shapes.gz b/creusot/tests/should_succeed/swap_borrows/why3shapes.gz index 861ff8bfcef8535686f71a117cc0c34c4d3ad11f..52b7f61adc704c8b5ab2d18e63d7d4c72cd6379c 100644 GIT binary patch literal 347 zcmV-h0i^yPiwFP!00000|5Z`TPQx$|yyq)&19I~E6&tCC3MpzNj%bgdO=3etX-ZPc z?_)bnXfNK!?9AHZ`y!t{=;)^W?8d1d4v)Fci-+v=P5t4_kX2bq=;i0QcN`_EEp1RC z#2}H^AsE!LDiNxxzClAdx@p*-9Yayil45&_OZ~ivLm*`Ml>1@Kr(Zf|QM6@I5?Bjt zyCkbBU#SMcra_BPra?o^Fpk5o>+Zfj1BrZppgn@7z6xYIuN5RE?mj`sU%F z5_r>+p__;Sjwrxs0O z6v1?vI%UA-r5e=*Qz)*Szp}Spzh#30({kkPY;4O`^L>^X@>Xcqn376Mty04KrsGa< t1`V?&=R4T3jDaGht+WAZnobL2M9UOwytSTdk;|P3V}I1~!wqKw004Tzr~v=~ literal 340 zcmV-a0jvHWiwFP!00000|5Z`TZi6royz>>lwdLfsv9T-V5LJqT)MK^BRtwlIY8p~V zli#mx0;L!B<(b(X?sGPN(8-PL;)b#7kB>~V{2@DkQ+K>@5b?x2PX8@7!j&wjMsB6RbZ#6)W396<$pg@S5ukQvC zXX{Q7Ovi&<>(Fax-;`_=vdNJE2Z&kH26}hrw>S)Pl*dLsKjeX7N-dg%$b-K{>Xc!o zQ>IbfW(wuX{tm3&+0ssKkeWa5B diff --git a/creusot/tests/should_succeed/switch.mlcfg b/creusot/tests/should_succeed/switch.mlcfg index 700e0cee03..589df93f59 100644 --- a/creusot/tests/should_succeed/switch.mlcfg +++ b/creusot/tests/should_succeed/switch.mlcfg @@ -33,7 +33,7 @@ module Switch_Test goto BB4 } BB2 { - [#"../switch.rs" 12 16 12 21] _0 <- ([#"../switch.rs" 12 16 12 21] [#"../switch.rs" 12 16 12 21] false); + [#"../switch.rs" 12 16 12 21] _0 <- ([#"../switch.rs" 12 16 12 21] false); goto BB5 } BB3 { @@ -42,7 +42,7 @@ module Switch_Test } BB4 { [#"../switch.rs" 11 13 11 14] x <- ([#"../switch.rs" 11 13 11 14] Switch_Option_Type.some_0 o); - [#"../switch.rs" 11 19 11 24] _0 <- ([#"../switch.rs" 11 19 11 24] ([#"../switch.rs" 11 19 11 20] x) > ([#"../switch.rs" 11 23 11 24] [#"../switch.rs" 11 23 11 24] (0 : uint32))); + [#"../switch.rs" 11 19 11 24] _0 <- ([#"../switch.rs" 11 19 11 24] x > (0 : uint32)); goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/switch_struct.mlcfg b/creusot/tests/should_succeed/switch_struct.mlcfg index 49ec529774..dceefd3ca6 100644 --- a/creusot/tests/should_succeed/switch_struct.mlcfg +++ b/creusot/tests/should_succeed/switch_struct.mlcfg @@ -42,7 +42,7 @@ module SwitchStruct_Test } BB2 { [#"../switch_struct.rs" 12 12 12 18] field2 <- ([#"../switch_struct.rs" 12 12 12 18] SwitchStruct_M_Type.g_field2 o); - [#"../switch_struct.rs" 12 24 12 35] _0 <- ([#"../switch_struct.rs" 12 24 12 35] ([#"../switch_struct.rs" 12 24 12 30] field2) = ([#"../switch_struct.rs" 12 34 12 35] [#"../switch_struct.rs" 12 34 12 35] (0 : uint32))); + [#"../switch_struct.rs" 12 24 12 35] _0 <- ([#"../switch_struct.rs" 12 24 12 35] field2 = (0 : uint32)); goto BB5 } BB3 { @@ -51,7 +51,7 @@ module SwitchStruct_Test } BB4 { [#"../switch_struct.rs" 11 12 11 18] field1 <- ([#"../switch_struct.rs" 11 12 11 18] SwitchStruct_M_Type.f_field1 o); - [#"../switch_struct.rs" 11 24 11 34] _0 <- ([#"../switch_struct.rs" 11 24 11 34] ([#"../switch_struct.rs" 11 24 11 30] field1) > ([#"../switch_struct.rs" 11 33 11 34] [#"../switch_struct.rs" 11 33 11 34] (0 : uint32))); + [#"../switch_struct.rs" 11 24 11 34] _0 <- ([#"../switch_struct.rs" 11 24 11 34] field1 > (0 : uint32)); goto BB5 } BB5 { diff --git a/creusot/tests/should_succeed/syntax/02_operators.mlcfg b/creusot/tests/should_succeed/syntax/02_operators.mlcfg index 1417306221..6ff5206ef7 100644 --- a/creusot/tests/should_succeed/syntax/02_operators.mlcfg +++ b/creusot/tests/should_succeed/syntax/02_operators.mlcfg @@ -17,12 +17,12 @@ module C02Operators_Division } BB0 { [#"../02_operators.rs" 9 8 9 9] _5 <- ([#"../02_operators.rs" 9 8 9 9] y); - [#"../02_operators.rs" 9 4 9 9] _6 <- ([#"../02_operators.rs" 9 4 9 9] _5 = ([#"../02_operators.rs" 9 4 9 9] [#"../02_operators.rs" 9 4 9 9] (0 : usize))); + [#"../02_operators.rs" 9 4 9 9] _6 <- ([#"../02_operators.rs" 9 4 9 9] _5 = (0 : usize)); assert { [@expl:division by zero] [#"../02_operators.rs" 9 4 9 9] not _6 }; goto BB1 } BB1 { - [#"../02_operators.rs" 9 4 9 9] _0 <- ([#"../02_operators.rs" 9 4 9 9] ([#"../02_operators.rs" 9 4 9 5] x) / _5); + [#"../02_operators.rs" 9 4 9 9] _0 <- ([#"../02_operators.rs" 9 4 9 9] x / _5); _5 <- any usize; return _0 } @@ -46,12 +46,12 @@ module C02Operators_Modulus } BB0 { [#"../02_operators.rs" 24 8 24 9] _5 <- ([#"../02_operators.rs" 24 8 24 9] y); - [#"../02_operators.rs" 24 4 24 9] _6 <- ([#"../02_operators.rs" 24 4 24 9] _5 = ([#"../02_operators.rs" 24 4 24 9] [#"../02_operators.rs" 24 4 24 9] (0 : usize))); + [#"../02_operators.rs" 24 4 24 9] _6 <- ([#"../02_operators.rs" 24 4 24 9] _5 = (0 : usize)); assert { [@expl:remainder by zero] [#"../02_operators.rs" 24 4 24 9] not _6 }; goto BB1 } BB1 { - [#"../02_operators.rs" 24 4 24 9] _0 <- ([#"../02_operators.rs" 24 4 24 9] ([#"../02_operators.rs" 24 4 24 5] x) % _5); + [#"../02_operators.rs" 24 4 24 9] _0 <- ([#"../02_operators.rs" 24 4 24 9] x % _5); _5 <- any usize; return _0 } @@ -74,7 +74,7 @@ module C02Operators_Multiply goto BB0 } BB0 { - [#"../02_operators.rs" 39 4 39 9] _0 <- ([#"../02_operators.rs" 39 4 39 9] ([#"../02_operators.rs" 39 4 39 5] x) * ([#"../02_operators.rs" 39 8 39 9] y)); + [#"../02_operators.rs" 39 4 39 9] _0 <- ([#"../02_operators.rs" 39 4 39 9] x * y); return _0 } @@ -96,7 +96,7 @@ module C02Operators_Add goto BB0 } BB0 { - [#"../02_operators.rs" 49 4 49 9] _0 <- ([#"../02_operators.rs" 49 4 49 9] ([#"../02_operators.rs" 49 4 49 5] x) + ([#"../02_operators.rs" 49 8 49 9] y)); + [#"../02_operators.rs" 49 4 49 9] _0 <- ([#"../02_operators.rs" 49 4 49 9] x + y); return _0 } @@ -116,7 +116,7 @@ module C02Operators_Sub goto BB0 } BB0 { - [#"../02_operators.rs" 64 4 64 9] _0 <- ([#"../02_operators.rs" 64 4 64 9] ([#"../02_operators.rs" 64 4 64 5] x) - ([#"../02_operators.rs" 64 8 64 9] y)); + [#"../02_operators.rs" 64 4 64 9] _0 <- ([#"../02_operators.rs" 64 4 64 9] x - y); return _0 } @@ -137,8 +137,12 @@ module C02Operators_Expression var x : usize = x; var y : usize = y; var z : usize = z; + var _7 : usize; + var _8 : usize; var _10 : usize; var _11 : bool; + var _13 : usize; + var _14 : usize; var _16 : usize; var _17 : bool; { @@ -146,20 +150,28 @@ module C02Operators_Expression } BB0 { [#"../02_operators.rs" 78 8 78 9] _10 <- ([#"../02_operators.rs" 78 8 78 9] y); - [#"../02_operators.rs" 78 4 78 9] _11 <- ([#"../02_operators.rs" 78 4 78 9] _10 = ([#"../02_operators.rs" 78 4 78 9] [#"../02_operators.rs" 78 4 78 9] (0 : usize))); + [#"../02_operators.rs" 78 4 78 9] _11 <- ([#"../02_operators.rs" 78 4 78 9] _10 = (0 : usize)); assert { [@expl:division by zero] [#"../02_operators.rs" 78 4 78 9] not _11 }; goto BB1 } BB1 { + [#"../02_operators.rs" 78 4 78 9] _8 <- ([#"../02_operators.rs" 78 4 78 9] x / _10); + _10 <- any usize; + [#"../02_operators.rs" 78 4 78 13] _7 <- ([#"../02_operators.rs" 78 4 78 13] _8 * z); + _8 <- any usize; [#"../02_operators.rs" 78 22 78 23] _16 <- ([#"../02_operators.rs" 78 22 78 23] y); - [#"../02_operators.rs" 78 17 78 24] _17 <- ([#"../02_operators.rs" 78 17 78 24] _16 = ([#"../02_operators.rs" 78 17 78 24] [#"../02_operators.rs" 78 17 78 24] (0 : usize))); + [#"../02_operators.rs" 78 17 78 24] _17 <- ([#"../02_operators.rs" 78 17 78 24] _16 = (0 : usize)); assert { [@expl:division by zero] [#"../02_operators.rs" 78 17 78 24] not _17 }; goto BB2 } BB2 { - [#"../02_operators.rs" 78 4 78 28] _0 <- ([#"../02_operators.rs" 78 4 78 28] ([#"../02_operators.rs" 78 4 78 13] ([#"../02_operators.rs" 78 4 78 9] ([#"../02_operators.rs" 78 4 78 5] x) / _10) * ([#"../02_operators.rs" 78 12 78 13] z)) = ([#"../02_operators.rs" 78 17 78 28] ([#"../02_operators.rs" 78 17 78 24] ([#"../02_operators.rs" 78 18 78 19] x) / _16) * ([#"../02_operators.rs" 78 27 78 28] z))); - _10 <- any usize; + [#"../02_operators.rs" 78 17 78 24] _14 <- ([#"../02_operators.rs" 78 17 78 24] x / _16); _16 <- any usize; + [#"../02_operators.rs" 78 17 78 28] _13 <- ([#"../02_operators.rs" 78 17 78 28] _14 * z); + _14 <- any usize; + [#"../02_operators.rs" 78 4 78 28] _0 <- ([#"../02_operators.rs" 78 4 78 28] _7 = _13); + _7 <- any usize; + _13 <- any usize; return _0 } @@ -214,7 +226,7 @@ module C02Operators_BoolEq goto BB0 } BB0 { - [#"../02_operators.rs" 96 4 96 10] _0 <- ([#"../02_operators.rs" 96 4 96 10] Bool.eqb ([#"../02_operators.rs" 96 4 96 5] a) ([#"../02_operators.rs" 96 9 96 10] b)); + [#"../02_operators.rs" 96 4 96 10] _0 <- ([#"../02_operators.rs" 96 4 96 10] Bool.eqb a b); return _0 } diff --git a/creusot/tests/should_succeed/syntax/02_operators/why3session.xml b/creusot/tests/should_succeed/syntax/02_operators/why3session.xml index f6a9daf9e0..5c5f974fe6 100644 --- a/creusot/tests/should_succeed/syntax/02_operators/why3session.xml +++ b/creusot/tests/should_succeed/syntax/02_operators/why3session.xml @@ -34,7 +34,7 @@ - + diff --git a/creusot/tests/should_succeed/syntax/02_operators/why3shapes.gz b/creusot/tests/should_succeed/syntax/02_operators/why3shapes.gz index baeb8793d955ac25b3fbebe3c0d972fb8a09f29d..0c910d3b7bcb710d14daf3c18e388bb729088b53 100644 GIT binary patch literal 693 zcmV;m0!sZKiwFP!00000|IL)kZre%>hWGOn+VwO=fuYE`9W(`k0*1Wls?gTp+|Ci; zM6M+V?b~;x7>+GBX_nncBM$YG{Dz!=ZmQvb-ld^>O#7khAO5X$b@N_u_ptH(;UNwj zyGK5B52L1c<=M*fkNWN_-(DDkTo+S|{B3_ochAf9wCZ@p+ab+{@?D%)>!g%y?QX zAlr+0H2+U6;A-Iqc!?J3i=$fIy>tc($2mYbQn(5Lua1Mei14cCvK`&A9YH?#<8eJ_ zBNw>bu_N78M?P6vH+STO(=4knm&NNhLef`^bgP!y>eaIG&46$T2#EIQeCrgVnoq5!zEM6LkwmzSYyWbCZ`mx)mVZMyUYujeq|JMaE#d@h$xgJkqyM1@x zjoo9~g#LcV`)-)-xZ75?@O`>xP9@iil8eLYq~iO2yGh^0xISgnZ{uc6!ze@qqdZwt zTadv919f)VCAONQ0kRb|QaCA7G%f^Zy)nsnNro5#C5Z%5SJ>1dg@ojs%1|c{3Yd{% z;xbK^6FR6=LxN1KQYH}oh>^|8Zh~kr3uMZ zuCamR3KBvx-L*%16KS3(n~{Pa0dVY=66&u literal 670 zcmV;P0%83hiwFP!00000|IL(5kJ>O0hVT9rxwYM@lE>rEs;q=6t-__JDpxfANE-;;_h=>~c3^1`6cx4YB4~vP(aCYDu zyJv>Fv-^3NUo-wZZvu5U`yS7zH#4VwhZikm&t;i+$~U*=K zbg6oBr|LL1>Z0bCNTr6c85r^vCr>yz!Ql~iY2izx!ow6E252biTBBED-0}0b$2L80 zcd0u(G5uw1xoUqkfemL}vyLzN6KuO{)=l3$rDbT>TiP|<@N&&6Ucuw=dYnoYlah17 z!-?YCcC}28tY4fIwX3-7Q`a*V!6+}S5f*r`!GNfpc8RQ}Xh7NmO3obTDH<1ov)-6w zJeNii1erKW;JUz4uoMzX=Tr?Mc~C%vGA05+mJ&KBR4JJ>QKZNPX>=A{sR1?0T#@IY04zZ;3DGH6Coc_Ak diff --git a/creusot/tests/should_succeed/syntax/07_extern_spec.mlcfg b/creusot/tests/should_succeed/syntax/07_extern_spec.mlcfg index c1687a288a..bf420021a7 100644 --- a/creusot/tests/should_succeed/syntax/07_extern_spec.mlcfg +++ b/creusot/tests/should_succeed/syntax/07_extern_spec.mlcfg @@ -9,7 +9,7 @@ module C07ExternSpec_Impl0_Func goto BB0 } BB0 { - [#"../07_extern_spec.rs" 12 8 12 12] _0 <- ([#"../07_extern_spec.rs" 12 8 12 12] [#"../07_extern_spec.rs" 12 8 12 12] true); + [#"../07_extern_spec.rs" 12 8 12 12] _0 <- ([#"../07_extern_spec.rs" 12 8 12 12] true); return _0 } diff --git a/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg b/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg index 215afe36ae..d3af288582 100644 --- a/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg +++ b/creusot/tests/should_succeed/syntax/10_mutual_rec_types.mlcfg @@ -118,7 +118,7 @@ module C10MutualRecTypes_Impl0_Height } BB2 { [#"../10_mutual_rec_types.rs" 19 22 19 23] n <- ([#"../10_mutual_rec_types.rs" 19 22 19 23] Core_Option_Option_Type.some_0 (C10MutualRecTypes_Tree_Type.tree_0 self)); - [#"../10_mutual_rec_types.rs" 19 29 19 44] _5 <- ([#"../10_mutual_rec_types.rs" 19 29 19 44] height ([#"../10_mutual_rec_types.rs" 19 29 19 35] C10MutualRecTypes_Node_Type.node_left n)); + [#"../10_mutual_rec_types.rs" 19 29 19 44] _5 <- ([#"../10_mutual_rec_types.rs" 19 29 19 44] height (C10MutualRecTypes_Node_Type.node_left n)); goto BB5 } BB3 { @@ -126,11 +126,11 @@ module C10MutualRecTypes_Impl0_Height absurd } BB4 { - [#"../10_mutual_rec_types.rs" 18 26 18 27] _0 <- ([#"../10_mutual_rec_types.rs" 18 26 18 27] [#"../10_mutual_rec_types.rs" 18 26 18 27] (0 : uint64)); + [#"../10_mutual_rec_types.rs" 18 26 18 27] _0 <- ([#"../10_mutual_rec_types.rs" 18 26 18 27] (0 : uint64)); goto BB8 } BB5 { - [#"../10_mutual_rec_types.rs" 19 49 19 65] _7 <- ([#"../10_mutual_rec_types.rs" 19 49 19 65] height ([#"../10_mutual_rec_types.rs" 19 49 19 56] C10MutualRecTypes_Node_Type.node_right n)); + [#"../10_mutual_rec_types.rs" 19 49 19 65] _7 <- ([#"../10_mutual_rec_types.rs" 19 49 19 65] height (C10MutualRecTypes_Node_Type.node_right n)); goto BB6 } BB6 { @@ -140,7 +140,7 @@ module C10MutualRecTypes_Impl0_Height goto BB7 } BB7 { - [#"../10_mutual_rec_types.rs" 19 29 19 70] _0 <- ([#"../10_mutual_rec_types.rs" 19 29 19 70] _4 + ([#"../10_mutual_rec_types.rs" 19 69 19 70] [#"../10_mutual_rec_types.rs" 19 69 19 70] (1 : uint64))); + [#"../10_mutual_rec_types.rs" 19 29 19 70] _0 <- ([#"../10_mutual_rec_types.rs" 19 29 19 70] _4 + (1 : uint64)); _4 <- any uint64; goto BB8 } diff --git a/creusot/tests/should_succeed/syntax/11_array_types.mlcfg b/creusot/tests/should_succeed/syntax/11_array_types.mlcfg index 395084c784..1c35d39d16 100644 --- a/creusot/tests/should_succeed/syntax/11_array_types.mlcfg +++ b/creusot/tests/should_succeed/syntax/11_array_types.mlcfg @@ -36,18 +36,20 @@ module C11ArrayTypes_Omg var _0 : (); var x : C11ArrayTypes_UsesArray_Type.t_usesarray = x; var _3 : usize; + var _4 : usize; var _5 : bool; { goto BB0 } BB0 { - [#"../11_array_types.rs" 9 8 9 9] _3 <- ([#"../11_array_types.rs" 9 8 9 9] [#"../11_array_types.rs" 9 8 9 9] (0 : usize)); - [#"../11_array_types.rs" 9 4 9 10] _5 <- ([#"../11_array_types.rs" 9 4 9 10] _3 < ([#"../11_array_types.rs" 9 4 9 10] Slice.length (C11ArrayTypes_UsesArray_Type.usesarray_0 x))); + [#"../11_array_types.rs" 9 8 9 9] _3 <- ([#"../11_array_types.rs" 9 8 9 9] (0 : usize)); + [#"../11_array_types.rs" 9 4 9 10] _4 <- ([#"../11_array_types.rs" 9 4 9 10] Slice.length (C11ArrayTypes_UsesArray_Type.usesarray_0 x)); + [#"../11_array_types.rs" 9 4 9 10] _5 <- ([#"../11_array_types.rs" 9 4 9 10] _3 < _4); assert { [@expl:index in bounds] [#"../11_array_types.rs" 9 4 9 10] _5 }; goto BB1 } BB1 { - [#"../11_array_types.rs" 9 4 9 14] x <- (let C11ArrayTypes_UsesArray_Type.C_UsesArray x0 = x in C11ArrayTypes_UsesArray_Type.C_UsesArray (Slice.set (C11ArrayTypes_UsesArray_Type.usesarray_0 x) _3 ([#"../11_array_types.rs" 9 4 9 14] [#"../11_array_types.rs" 9 13 9 14] (5 : int64)))); + [#"../11_array_types.rs" 9 4 9 14] x <- (let C11ArrayTypes_UsesArray_Type.C_UsesArray x0 = x in C11ArrayTypes_UsesArray_Type.C_UsesArray (Slice.set (C11ArrayTypes_UsesArray_Type.usesarray_0 x) _3 ([#"../11_array_types.rs" 9 4 9 14] (5 : int64)))); assert { [@expl:assertion] [#"../11_array_types.rs" 11 20 11 32] Int64.to_int (index_logic0 (C11ArrayTypes_UsesArray_Type.usesarray_0 x) 0) = 5 }; [#"../11_array_types.rs" 8 29 12 1] _0 <- ([#"../11_array_types.rs" 8 29 12 1] ()); return _0 @@ -72,12 +74,15 @@ module C11ArrayTypes_CallOmg = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var arr : array int64; + var _2 : C11ArrayTypes_UsesArray_Type.t_usesarray; { goto BB0 } BB0 { - [#"../11_array_types.rs" 15 14 15 24] arr <- ([#"../11_array_types.rs" 15 14 15 24] Slice.create ([#"../11_array_types.rs" 15 14 15 24] [#"../11_array_types.rs" 15 14 15 24] (5 : usize)) (fun _ -> [#"../11_array_types.rs" 15 15 15 20] [#"../11_array_types.rs" 15 15 15 20] (3 : int64))); - [#"../11_array_types.rs" 16 4 16 23] _0 <- ([#"../11_array_types.rs" 16 4 16 23] omg0 ([#"../11_array_types.rs" 16 8 16 22] C11ArrayTypes_UsesArray_Type.C_UsesArray ([#"../11_array_types.rs" 16 18 16 21] arr))); + [#"../11_array_types.rs" 15 14 15 24] arr <- ([#"../11_array_types.rs" 15 14 15 24] Slice.create (5 : usize) (fun _ -> (3 : int64))); + [#"../11_array_types.rs" 16 8 16 22] _2 <- ([#"../11_array_types.rs" 16 8 16 22] C11ArrayTypes_UsesArray_Type.C_UsesArray arr); + [#"../11_array_types.rs" 16 4 16 23] _0 <- ([#"../11_array_types.rs" 16 4 16 23] omg0 _2); + _2 <- any C11ArrayTypes_UsesArray_Type.t_usesarray; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/syntax/11_array_types/why3session.xml b/creusot/tests/should_succeed/syntax/11_array_types/why3session.xml index 6e22e2d924..dd4d2d99d3 100644 --- a/creusot/tests/should_succeed/syntax/11_array_types/why3session.xml +++ b/creusot/tests/should_succeed/syntax/11_array_types/why3session.xml @@ -7,12 +7,12 @@ - + - + diff --git a/creusot/tests/should_succeed/syntax/11_array_types/why3shapes.gz b/creusot/tests/should_succeed/syntax/11_array_types/why3shapes.gz index 7bdaf6147c459a3287c90a2dcdd02c8b9773a767..725cf157bd145b242e245d8faa8b4fa74f62a294 100644 GIT binary patch literal 310 zcmV-60m=R!iwFP!00000|7}pqZo)teyyq+S)|S)0Nh_#|Dn)SVsqz(>jTa(?q)I}? z=huNiNy}xu9(!hNKTbru!!K&ZH#KchS1-bg$y0)J?CNzOErJ9WWN<5- zg9Dp!M5MB7!Ga%t68!3e>mCnG_V$5aPz#(fQc|_;c0(USa~Aa3;#XzF39hf)a_m@v znX?h&p24W0AKc()bD+ibcftzHux#lB{1v@PbiXp_!AJ23eXc?uXBYP(2RYnM;U14X z$m?y5yAya9v2H}Y-zFoXz8w8OPX~E22X!_*n-9BUXb3wBju?6a12&lKY7?+5*S%Nb zFyC0E^d^;&Y;IHOoUs_qluVrZT&Sf?h;@|44WSG+5B@m~J~h!tBDB*Og<0z42QWt{ IjW_}T04Pn3+W-In literal 303 zcmV+~0nq**iwFP!00000|80=VPQx$|Mfdp%?|`m6ezl+!Q6WX`h86O*8pciCt>5?o^6Y|FaGvJUaMt(u}F=?zJ; z8(ezhb;cDjR(yR7DeNb7d>c|5v5#aUOD|q|O**^S6IRuB$Vg<6i{KXe zBSd3lnCI~592oY@ty>rpu$Bn`=ol0c1Rzl8w1qipt+XO0rO<1Yd;_D}0!%0Z0051Z Blkfll diff --git a/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg b/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg index f9dfc6f983..62fe4c7f44 100644 --- a/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg +++ b/creusot/tests/should_succeed/syntax/12_ghost_code.mlcfg @@ -169,7 +169,7 @@ module C12GhostCode_GhostCopy goto BB0 } BB0 { - [#"../12_ghost_code.rs" 18 12 18 13] a <- ([#"../12_ghost_code.rs" 18 12 18 13] [#"../12_ghost_code.rs" 18 12 18 13] (0 : int32)); + [#"../12_ghost_code.rs" 18 12 18 13] a <- ([#"../12_ghost_code.rs" 18 12 18 13] (0 : int32)); [#"../12_ghost_code.rs" 19 17 19 52] _s <- ([#"../12_ghost_code.rs" 19 17 19 52] Snapshot.new (Seq.snoc (Seq.empty ) (0 : int32))); goto BB1 } @@ -179,7 +179,7 @@ module C12GhostCode_GhostCopy } BB2 { [#"../12_ghost_code.rs" 20 4 20 33] _s <- ([#"../12_ghost_code.rs" 20 4 20 33] _4); - [#"../12_ghost_code.rs" 20 4 20 33] _4 <- any Snapshot.snap_ty (Seq.seq int32); + _4 <- any Snapshot.snap_ty (Seq.seq int32); [#"../12_ghost_code.rs" 17 20 21 1] _0 <- ([#"../12_ghost_code.rs" 17 20 21 1] ()); return _0 } @@ -208,7 +208,7 @@ module C12GhostCode_GhostIsCopy goto BB0 } BB0 { - [#"../12_ghost_code.rs" 24 16 24 17] x <- ([#"../12_ghost_code.rs" 24 16 24 17] [#"../12_ghost_code.rs" 24 16 24 17] (0 : int32)); + [#"../12_ghost_code.rs" 24 16 24 17] x <- ([#"../12_ghost_code.rs" 24 16 24 17] (0 : int32)); [#"../12_ghost_code.rs" 25 12 25 18] r <- Borrow.borrow_mut x; [#"../12_ghost_code.rs" 25 12 25 18] x <- ^ r; assume { resolve0 r }; @@ -352,6 +352,7 @@ module C12GhostCode_GhostCheck var _2 : Snapshot.snap_ty (); var _4 : (); var _5 : borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); + var _7 : bool; var _8 : usize; { goto BB0 @@ -367,17 +368,19 @@ module C12GhostCode_GhostCheck BB2 { [#"../12_ghost_code.rs" 41 4 41 5] _5 <- Borrow.borrow_mut x; [#"../12_ghost_code.rs" 41 4 41 5] x <- ^ _5; - [#"../12_ghost_code.rs" 41 4 41 13] _4 <- ([#"../12_ghost_code.rs" 41 4 41 13] push0 _5 ([#"../12_ghost_code.rs" 41 11 41 12] [#"../12_ghost_code.rs" 41 11 41 12] (0 : int32))); + [#"../12_ghost_code.rs" 41 4 41 13] _4 <- ([#"../12_ghost_code.rs" 41 4 41 13] push0 _5 (0 : int32)); _5 <- any borrowed (Alloc_Vec_Vec_Type.t_vec int32 (Alloc_Alloc_Global_Type.t_global)); goto BB3 } BB3 { - [#"../12_ghost_code.rs" 43 12 43 19] _8 <- ([#"../12_ghost_code.rs" 43 12 43 19] len0 ([#"../12_ghost_code.rs" 43 12 43 13] x)); + [#"../12_ghost_code.rs" 43 12 43 19] _8 <- ([#"../12_ghost_code.rs" 43 12 43 19] len0 x); goto BB4 } BB4 { assume { resolve0 x }; - switch ([#"../12_ghost_code.rs" 43 12 43 24] _8 = ([#"../12_ghost_code.rs" 43 23 43 24] [#"../12_ghost_code.rs" 43 23 43 24] (1 : usize))) + [#"../12_ghost_code.rs" 43 12 43 24] _7 <- ([#"../12_ghost_code.rs" 43 12 43 24] _8 = (1 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB6 | True -> goto BB5 end @@ -447,7 +450,7 @@ module C12GhostCode_TakesStruct } BB1 { [#"../12_ghost_code.rs" 53 4 53 27] x <- (let C12GhostCode_MyStruct_Type.C_MyStruct x0 x1 = x in C12GhostCode_MyStruct_Type.C_MyStruct x0 ([#"../12_ghost_code.rs" 53 4 53 27] _3)); - [#"../12_ghost_code.rs" 53 4 53 27] _3 <- any Snapshot.snap_ty uint32; + _3 <- any Snapshot.snap_ty uint32; [#"../12_ghost_code.rs" 52 37 54 1] _0 <- ([#"../12_ghost_code.rs" 52 37 54 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/syntax/12_ghost_code/why3shapes.gz b/creusot/tests/should_succeed/syntax/12_ghost_code/why3shapes.gz index 4d445d9041dc1f2022b5c0b6c74ae95a2e51387a..5a543707039391ec3e2c95e1d528fe648e52be73 100644 GIT binary patch literal 362 zcmV-w0hRtAiwFP!00000|8-HxZi6roz56S;wav*Ji>u~5=98$6jYxR_yVZT}cV!RCSB79@m)Ga-nq@Zn+w_T~!Q`GXm4 zcQF+BjB{Y~KW=~l^_f)DjKD6a?GPLqJ5Kv{+-rOKAk!PR{YARG)fKLIb-C-ky3CCv z__W2&^oOZI$F%G0b$_&#=_p8??7r%!Z8*?qfjx!y!$i$^;~XL}kuH{3>Xw7DU;1qrJ3pg`p1lCCIluovJyKH1Ur zXG?+4JO?(v;|3VerIH$&6S$8WcZ&9{8>d}2?u&a}r5NeU__P1$5k`QTS%+_3Ts z@x{x<^2&b$_34q(wGP;7a~Y49i4ddHnu&@lDbh3%R93Z+6`D%u#QHR11tl6a sjkU6haTcp86l)}o%8`#-b(L|ed(mZvhhK| zqip8r+t{~oU!TKk5J0jMOea3k@2I6xTts^+ M06g53DxU)Y0E2^s6JFW2Pnbb+?-oW(l)}i#y!#rb27DXj)nHjV_;OqOu!-a{~%ZO3bo#DQN_bR?gA z>4P#QNw1aS!FA}WuJsN+cY)=9UCct3FZUoU-#(1~?ojj{Qo;PzVV_;rg}d&m=1^Kf zaRaesIc{hluVTQ9Y*Nd}lRc2*H~26R?rD}@41i@zTtoC$x-0(K25ZY diff --git a/creusot/tests/should_succeed/syntax/14_const_fns.mlcfg b/creusot/tests/should_succeed/syntax/14_const_fns.mlcfg index cc11542340..cf4c6cc585 100644 --- a/creusot/tests/should_succeed/syntax/14_const_fns.mlcfg +++ b/creusot/tests/should_succeed/syntax/14_const_fns.mlcfg @@ -13,7 +13,7 @@ module C14ConstFns_Omg goto BB0 } BB0 { - [#"../14_const_fns.rs" 6 4 6 9] _0 <- ([#"../14_const_fns.rs" 6 4 6 9] ([#"../14_const_fns.rs" 6 4 6 5] x) - ([#"../14_const_fns.rs" 6 8 6 9] [#"../14_const_fns.rs" 6 8 6 9] (1 : int32))); + [#"../14_const_fns.rs" 6 4 6 9] _0 <- ([#"../14_const_fns.rs" 6 4 6 9] x - (1 : int32)); return _0 } diff --git a/creusot/tests/should_succeed/syntax/derive_macros.mlcfg b/creusot/tests/should_succeed/syntax/derive_macros.mlcfg index e1ef4d7a89..48f558447b 100644 --- a/creusot/tests/should_succeed/syntax/derive_macros.mlcfg +++ b/creusot/tests/should_succeed/syntax/derive_macros.mlcfg @@ -112,7 +112,7 @@ module DeriveMacros_Impl2_Clone [#"../derive_macros.rs" 10 4 10 8] _5 <- ([#"../derive_macros.rs" 10 4 10 8] DeriveMacros_Product_Type.product_a self); assert { [@expl:type invariant] inv0 _5 }; assume { resolve0 _5 }; - [#"../derive_macros.rs" 10 4 10 8] _3 <- ([#"../derive_macros.rs" 10 4 10 8] clone0 ([#"../derive_macros.rs" 10 4 10 8] _5)); + [#"../derive_macros.rs" 10 4 10 8] _3 <- ([#"../derive_macros.rs" 10 4 10 8] clone0 _5); goto BB1 } BB1 { @@ -121,7 +121,7 @@ module DeriveMacros_Impl2_Clone assume { resolve1 self }; assert { [@expl:type invariant] inv2 _8 }; assume { resolve2 _8 }; - [#"../derive_macros.rs" 11 4 11 8] _6 <- ([#"../derive_macros.rs" 11 4 11 8] clone1 ([#"../derive_macros.rs" 11 4 11 8] _8)); + [#"../derive_macros.rs" 11 4 11 8] _6 <- ([#"../derive_macros.rs" 11 4 11 8] clone1 _8); goto BB2 } BB2 { @@ -245,7 +245,7 @@ module DeriveMacros_Impl3_Eq [#"../derive_macros.rs" 10 4 10 8] _7 <- ([#"../derive_macros.rs" 10 4 10 8] DeriveMacros_Product_Type.product_a rhs); assert { [@expl:type invariant] inv0 _7 }; assume { resolve0 _7 }; - [#"../derive_macros.rs" 10 4 10 8] _4 <- ([#"../derive_macros.rs" 10 4 10 8] eq0 ([#"../derive_macros.rs" 10 4 10 8] DeriveMacros_Product_Type.product_a self) ([#"../derive_macros.rs" 10 4 10 8] _7)); + [#"../derive_macros.rs" 10 4 10 8] _4 <- ([#"../derive_macros.rs" 10 4 10 8] eq0 (DeriveMacros_Product_Type.product_a self) _7); goto BB1 } BB1 { @@ -262,7 +262,7 @@ module DeriveMacros_Impl3_Eq assume { resolve1 rhs }; assert { [@expl:type invariant] inv2 _10 }; assume { resolve2 _10 }; - [#"../derive_macros.rs" 11 4 11 8] _0 <- ([#"../derive_macros.rs" 11 4 11 8] eq1 ([#"../derive_macros.rs" 11 4 11 8] DeriveMacros_Product_Type.product_b self) ([#"../derive_macros.rs" 11 4 11 8] _10)); + [#"../derive_macros.rs" 11 4 11 8] _0 <- ([#"../derive_macros.rs" 11 4 11 8] eq1 (DeriveMacros_Product_Type.product_b self) _10); goto BB4 } BB3 { @@ -270,7 +270,7 @@ module DeriveMacros_Impl3_Eq assume { resolve1 rhs }; assert { [@expl:type invariant] inv1 self }; assume { resolve1 self }; - [#"../derive_macros.rs" 10 4 11 8] _0 <- ([#"../derive_macros.rs" 10 4 11 8] [#"../derive_macros.rs" 10 4 11 8] false); + [#"../derive_macros.rs" 10 4 11 8] _0 <- ([#"../derive_macros.rs" 10 4 11 8] false); goto BB5 } BB4 { @@ -437,7 +437,7 @@ module DeriveMacros_Impl4_Clone [#"../derive_macros.rs" 28 9 28 14] _11 <- ([#"../derive_macros.rs" 28 9 28 14] v0_11); assert { [@expl:type invariant] inv3 _11 }; assume { resolve3 _11 }; - [#"../derive_macros.rs" 28 9 28 14] _9 <- ([#"../derive_macros.rs" 28 9 28 14] clone1 ([#"../derive_macros.rs" 28 9 28 14] _11)); + [#"../derive_macros.rs" 28 9 28 14] _9 <- ([#"../derive_macros.rs" 28 9 28 14] clone1 _11); goto BB7 } BB3 { @@ -453,7 +453,7 @@ module DeriveMacros_Impl4_Clone [#"../derive_macros.rs" 28 9 28 14] _7 <- ([#"../derive_macros.rs" 28 9 28 14] v0_1); assert { [@expl:type invariant] inv1 _7 }; assume { resolve1 _7 }; - [#"../derive_macros.rs" 28 9 28 14] _5 <- ([#"../derive_macros.rs" 28 9 28 14] clone0 ([#"../derive_macros.rs" 28 9 28 14] _7)); + [#"../derive_macros.rs" 28 9 28 14] _5 <- ([#"../derive_macros.rs" 28 9 28 14] clone0 _7); goto BB5 } BB5 { @@ -610,7 +610,7 @@ module DeriveMacros_Impl5_Eq assume { resolve0 self }; assert { [@expl:type invariant] inv0 rhs }; assume { resolve0 rhs }; - [#"../derive_macros.rs" 28 16 28 25] _4 <- ([#"../derive_macros.rs" 28 16 28 25] (([#"../derive_macros.rs" 28 16 28 25] self), ([#"../derive_macros.rs" 28 16 28 25] rhs))); + [#"../derive_macros.rs" 28 16 28 25] _4 <- ([#"../derive_macros.rs" 28 16 28 25] (self, rhs)); switch (let (a, _) = _4 in a) | DeriveMacros_Sum_Type.C_A _ -> goto BB1 | DeriveMacros_Sum_Type.C_B _ -> goto BB4 @@ -628,7 +628,7 @@ module DeriveMacros_Impl5_Eq BB3 { assert { [@expl:type invariant] inv1 _4 }; assume { resolve1 _4 }; - [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] [#"../derive_macros.rs" 28 16 28 25] false); + [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] false); goto BB16 } BB4 { @@ -649,7 +649,7 @@ module DeriveMacros_Impl5_Eq assume { resolve2 v0_1 }; assert { [@expl:type invariant] inv2 v0_2 }; assume { resolve2 v0_2 }; - [#"../derive_macros.rs" 28 16 28 25] _12 <- ([#"../derive_macros.rs" 28 16 28 25] eq0 ([#"../derive_macros.rs" 28 16 28 25] v0_1) ([#"../derive_macros.rs" 28 16 28 25] v0_2)); + [#"../derive_macros.rs" 28 16 28 25] _12 <- ([#"../derive_macros.rs" 28 16 28 25] eq0 v0_1 v0_2); goto BB7 } BB7 { @@ -659,11 +659,11 @@ module DeriveMacros_Impl5_Eq end } BB8 { - [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] [#"../derive_macros.rs" 28 16 28 25] true); + [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] true); goto BB10 } BB9 { - [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] [#"../derive_macros.rs" 28 16 28 25] false); + [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] false); goto BB10 } BB10 { @@ -678,7 +678,7 @@ module DeriveMacros_Impl5_Eq assume { resolve3 v0_11 }; assert { [@expl:type invariant] inv3 v0_21 }; assume { resolve3 v0_21 }; - [#"../derive_macros.rs" 28 16 28 25] _17 <- ([#"../derive_macros.rs" 28 16 28 25] eq1 ([#"../derive_macros.rs" 28 16 28 25] v0_11) ([#"../derive_macros.rs" 28 16 28 25] v0_21)); + [#"../derive_macros.rs" 28 16 28 25] _17 <- ([#"../derive_macros.rs" 28 16 28 25] eq1 v0_11 v0_21); goto BB12 } BB12 { @@ -688,11 +688,11 @@ module DeriveMacros_Impl5_Eq end } BB13 { - [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] [#"../derive_macros.rs" 28 16 28 25] true); + [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] true); goto BB15 } BB14 { - [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] [#"../derive_macros.rs" 28 16 28 25] false); + [#"../derive_macros.rs" 28 16 28 25] _0 <- ([#"../derive_macros.rs" 28 16 28 25] false); goto BB15 } BB15 { diff --git a/creusot/tests/should_succeed/take_first_mut.mlcfg b/creusot/tests/should_succeed/take_first_mut.mlcfg index 1f6c4962dc..8c80823cf2 100644 --- a/creusot/tests/should_succeed/take_first_mut.mlcfg +++ b/creusot/tests/should_succeed/take_first_mut.mlcfg @@ -206,16 +206,16 @@ module TakeFirstMut_TakeFirstMut } BB4 { [#"../take_first_mut.rs" 17 14 17 19] first <- ([#"../take_first_mut.rs" 17 14 17 19] let (a, _) = Core_Option_Option_Type.some_0 _3 in a); - [#"../take_first_mut.rs" 17 14 17 19] _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (let (x0, x1) = Core_Option_Option_Type.some_0 _3 in (any borrowed t, x1))); + _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (let (x0, x1) = Core_Option_Option_Type.some_0 _3 in (any borrowed t, x1))); [#"../take_first_mut.rs" 17 21 17 24] rem <- ([#"../take_first_mut.rs" 17 21 17 24] let (_, a) = Core_Option_Option_Type.some_0 _3 in a); - [#"../take_first_mut.rs" 17 21 17 24] _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (let (x0, x1) = Core_Option_Option_Type.some_0 _3 in (x0, any borrowed (slice t)))); + _3 <- (let Core_Option_Option_Type.C_Some x0 = _3 in Core_Option_Option_Type.C_Some (let (x0, x1) = Core_Option_Option_Type.some_0 _3 in (x0, any borrowed (slice t)))); assert { [@expl:type invariant] inv2 _3 }; assume { resolve0 _3 }; [#"../take_first_mut.rs" 18 21 18 24] _11 <- Borrow.borrow_final ( * rem) (Borrow.get_id rem); [#"../take_first_mut.rs" 18 21 18 24] rem <- { rem with current = ( ^ _11) ; }; assume { inv1 ( ^ _11) }; [#"../take_first_mut.rs" 18 12 18 24] self_ <- { self_ with current = ([#"../take_first_mut.rs" 18 12 18 24] _11) ; }; - [#"../take_first_mut.rs" 18 12 18 24] _11 <- any borrowed (slice t); + _11 <- any borrowed (slice t); assert { [@expl:type invariant] inv0 ( * self_) }; assume { resolve2 ( * self_) }; assert { [@expl:type invariant] inv3 self_ }; diff --git a/creusot/tests/should_succeed/traits/01.mlcfg b/creusot/tests/should_succeed/traits/01.mlcfg index 2aa032fa9e..cbf4812629 100644 --- a/creusot/tests/should_succeed/traits/01.mlcfg +++ b/creusot/tests/should_succeed/traits/01.mlcfg @@ -36,8 +36,8 @@ module C01_UsesGeneric goto BB0 } BB0 { - [#"../01.rs" 9 4 9 16] _0 <- ([#"../01.rs" 9 4 9 16] from_b0 ([#"../01.rs" 9 14 9 15] b)); - [#"../01.rs" 9 14 9 15] b <- any t; + [#"../01.rs" 9 4 9 16] _0 <- ([#"../01.rs" 9 4 9 16] from_b0 b); + b <- any t; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/traits/02.mlcfg b/creusot/tests/should_succeed/traits/02.mlcfg index 0df90390e3..12dce51990 100644 --- a/creusot/tests/should_succeed/traits/02.mlcfg +++ b/creusot/tests/should_succeed/traits/02.mlcfg @@ -39,7 +39,7 @@ module C02_Omg goto BB0 } BB0 { - [#"../02.rs" 12 4 12 15] _0 <- ([#"../02.rs" 12 4 12 15] is_true0 ([#"../02.rs" 12 4 12 5] a)); + [#"../02.rs" 12 4 12 15] _0 <- ([#"../02.rs" 12 4 12 15] is_true0 a); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/traits/03.mlcfg b/creusot/tests/should_succeed/traits/03.mlcfg index fecedca641..76415daf96 100644 --- a/creusot/tests/should_succeed/traits/03.mlcfg +++ b/creusot/tests/should_succeed/traits/03.mlcfg @@ -10,7 +10,7 @@ module C03_Impl0_F goto BB0 } BB0 { - [#"../03.rs" 10 8 10 9] _0 <- ([#"../03.rs" 10 8 10 9] [#"../03.rs" 10 8 10 9] (0 : int32)); + [#"../03.rs" 10 8 10 9] _0 <- ([#"../03.rs" 10 8 10 9] (0 : int32)); return _0 } @@ -26,7 +26,7 @@ module C03_Impl1_G goto BB0 } BB0 { - [#"../03.rs" 21 8 21 9] _0 <- ([#"../03.rs" 21 8 21 9] [#"../03.rs" 21 8 21 9] (1 : uint32)); + [#"../03.rs" 21 8 21 9] _0 <- ([#"../03.rs" 21 8 21 9] (1 : uint32)); return _0 } diff --git a/creusot/tests/should_succeed/traits/04.mlcfg b/creusot/tests/should_succeed/traits/04.mlcfg index 0bf0c30aef..f29b5ed62e 100644 --- a/creusot/tests/should_succeed/traits/04.mlcfg +++ b/creusot/tests/should_succeed/traits/04.mlcfg @@ -42,7 +42,7 @@ module C04_User goto BB0 } BB0 { - [#"../04.rs" 13 4 13 14] _4 <- ([#"../04.rs" 13 4 13 14] func10 ([#"../04.rs" 13 4 13 5] a) ([#"../04.rs" 13 12 13 13] b)); + [#"../04.rs" 13 4 13 14] _4 <- ([#"../04.rs" 13 4 13 14] func10 a b); goto BB1 } BB1 { @@ -52,7 +52,7 @@ module C04_User end } BB2 { - [#"../04.rs" 13 18 13 28] _7 <- ([#"../04.rs" 13 18 13 28] func20 ([#"../04.rs" 13 18 13 19] b) ([#"../04.rs" 13 26 13 27] a)); + [#"../04.rs" 13 18 13 28] _7 <- ([#"../04.rs" 13 18 13 28] func20 b a); goto BB3 } BB3 { @@ -66,7 +66,7 @@ module C04_User assume { resolve0 a }; assert { [@expl:type invariant] inv0 b }; assume { resolve0 b }; - [#"../04.rs" 13 32 13 42] _0 <- ([#"../04.rs" 13 32 13 42] func30 ([#"../04.rs" 13 32 13 33] a) ([#"../04.rs" 13 40 13 41] b)); + [#"../04.rs" 13 32 13 42] _0 <- ([#"../04.rs" 13 32 13 42] func30 a b); goto BB8 } BB5 { @@ -84,7 +84,7 @@ module C04_User goto BB7 } BB7 { - [#"../04.rs" 13 4 13 42] _0 <- ([#"../04.rs" 13 4 13 42] [#"../04.rs" 13 4 13 42] false); + [#"../04.rs" 13 4 13 42] _0 <- ([#"../04.rs" 13 4 13 42] false); goto BB9 } BB8 { diff --git a/creusot/tests/should_succeed/traits/06.mlcfg b/creusot/tests/should_succeed/traits/06.mlcfg index 460eeb1ee1..e1f7551ba1 100644 --- a/creusot/tests/should_succeed/traits/06.mlcfg +++ b/creusot/tests/should_succeed/traits/06.mlcfg @@ -44,7 +44,7 @@ module C06_Test BB0 { assert { [@expl:type invariant] inv0 a }; assume { resolve0 a }; - [#"../06.rs" 13 4 13 11] _0 <- ([#"../06.rs" 13 4 13 11] ix0 ([#"../06.rs" 13 4 13 5] a) ([#"../06.rs" 13 9 13 10] [#"../06.rs" 13 9 13 10] (0 : usize))); + [#"../06.rs" 13 4 13 11] _0 <- ([#"../06.rs" 13 4 13 11] ix0 a (0 : usize)); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/traits/07.mlcfg b/creusot/tests/should_succeed/traits/07.mlcfg index 1fbeef35ac..5b1ef00955 100644 --- a/creusot/tests/should_succeed/traits/07.mlcfg +++ b/creusot/tests/should_succeed/traits/07.mlcfg @@ -29,7 +29,7 @@ module C07_Test goto BB0 } BB0 { - [#"../07.rs" 17 4 17 8] _0 <- ([#"../07.rs" 17 4 17 8] [#"../07.rs" 17 4 17 8] true); + [#"../07.rs" 17 4 17 8] _0 <- ([#"../07.rs" 17 4 17 8] true); return _0 } @@ -47,7 +47,7 @@ module C07_Test2 goto BB0 } BB0 { - [#"../07.rs" 21 4 21 10] _0 <- ([#"../07.rs" 21 4 21 10] ix0 ([#"../07.rs" 21 4 21 5] a)); + [#"../07.rs" 21 4 21 10] _0 <- ([#"../07.rs" 21 4 21 10] ix0 a); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/traits/09.mlcfg b/creusot/tests/should_succeed/traits/09.mlcfg index e808e87016..df092dc7c1 100644 --- a/creusot/tests/should_succeed/traits/09.mlcfg +++ b/creusot/tests/should_succeed/traits/09.mlcfg @@ -11,7 +11,7 @@ module C09_Test goto BB0 } BB0 { - [#"../09.rs" 8 4 8 9] _0 <- ([#"../09.rs" 8 4 8 9] ([#"../09.rs" 8 4 8 5] t) + ([#"../09.rs" 8 8 8 9] [#"../09.rs" 8 8 8 9] (0 : uint32))); + [#"../09.rs" 8 4 8 9] _0 <- ([#"../09.rs" 8 4 8 9] t + (0 : uint32)); return _0 } @@ -41,7 +41,7 @@ module C09_Test2 } BB0 { [#"../09.rs" 12 4 12 5] _0 <- ([#"../09.rs" 12 4 12 5] t); - [#"../09.rs" 12 4 12 5] t <- any x0; + t <- any x0; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/traits/12_default_method.mlcfg b/creusot/tests/should_succeed/traits/12_default_method.mlcfg index 255d6e4713..d57d1dff80 100644 --- a/creusot/tests/should_succeed/traits/12_default_method.mlcfg +++ b/creusot/tests/should_succeed/traits/12_default_method.mlcfg @@ -27,7 +27,7 @@ module C12DefaultMethod_T_Default goto BB0 } BB0 { - [#"../12_default_method.rs" 7 8 7 9] _0 <- ([#"../12_default_method.rs" 7 8 7 9] [#"../12_default_method.rs" 7 8 7 9] (0 : uint32)); + [#"../12_default_method.rs" 7 8 7 9] _0 <- ([#"../12_default_method.rs" 7 8 7 9] (0 : uint32)); assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; return _0 @@ -67,7 +67,7 @@ module C12DefaultMethod_ShouldUseImpl goto BB0 } BB0 { - [#"../12_default_method.rs" 21 4 21 15] _3 <- ([#"../12_default_method.rs" 21 4 21 15] default0 ([#"../12_default_method.rs" 21 4 21 5] x)); + [#"../12_default_method.rs" 21 4 21 15] _3 <- ([#"../12_default_method.rs" 21 4 21 15] default0 x); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/traits/13_assoc_types.mlcfg b/creusot/tests/should_succeed/traits/13_assoc_types.mlcfg index 6d7855ec6e..93b5b4cce1 100644 --- a/creusot/tests/should_succeed/traits/13_assoc_types.mlcfg +++ b/creusot/tests/should_succeed/traits/13_assoc_types.mlcfg @@ -38,7 +38,7 @@ module C13AssocTypes_Impl0_Model BB0 { assert { [@expl:type invariant] inv0 self }; assume { resolve0 self }; - [#"../13_assoc_types.rs" 14 8 14 22] _0 <- ([#"../13_assoc_types.rs" 14 8 14 22] model ([#"../13_assoc_types.rs" 14 8 14 14] self)); + [#"../13_assoc_types.rs" 14 8 14 22] _0 <- ([#"../13_assoc_types.rs" 14 8 14 22] model self); goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/two_modules.mlcfg b/creusot/tests/should_succeed/two_modules.mlcfg index c461c70677..3852cf68b6 100644 --- a/creusot/tests/should_succeed/two_modules.mlcfg +++ b/creusot/tests/should_succeed/two_modules.mlcfg @@ -16,7 +16,7 @@ module TwoModules_Mod2_X goto BB0 } BB0 { - [#"../two_modules.rs" 16 8 16 12] _0 <- ([#"../two_modules.rs" 16 8 16 12] [#"../two_modules.rs" 16 8 16 12] true); + [#"../two_modules.rs" 16 8 16 12] _0 <- ([#"../two_modules.rs" 16 8 16 12] true); return _0 } @@ -28,11 +28,14 @@ module TwoModules_F = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); var _1 : bool; + var _2 : TwoModules_Mod1_T_Type.t_t; { goto BB0 } BB0 { - [#"../two_modules.rs" 23 4 23 14] _1 <- ([#"../two_modules.rs" 23 4 23 14] x0 ([#"../two_modules.rs" 23 12 23 13] TwoModules_Mod1_T_Type.C_B)); + [#"../two_modules.rs" 23 12 23 13] _2 <- ([#"../two_modules.rs" 23 12 23 13] TwoModules_Mod1_T_Type.C_B); + [#"../two_modules.rs" 23 4 23 14] _1 <- ([#"../two_modules.rs" 23 4 23 14] x0 _2); + _2 <- any TwoModules_Mod1_T_Type.t_t; goto BB1 } BB1 { diff --git a/creusot/tests/should_succeed/type_constructors.mlcfg b/creusot/tests/should_succeed/type_constructors.mlcfg index ac9d580983..7951a68f35 100644 --- a/creusot/tests/should_succeed/type_constructors.mlcfg +++ b/creusot/tests/should_succeed/type_constructors.mlcfg @@ -1,12 +1,22 @@ +module TypeConstructors_B_X_Type + type t_x = + | C_A + | C_B + | C_C + +end module TypeConstructors_F + use TypeConstructors_B_X_Type as TypeConstructors_B_X_Type let rec cfg f [#"../type_constructors.rs" 16 0 16 10] [@cfg:stackify] [@cfg:subregion_analysis] (_1 : ()) : () = [@vc:do_not_keep_trace] [@vc:sp] var _0 : (); + var _3 : TypeConstructors_B_X_Type.t_x; { goto BB0 } BB0 { + [#"../type_constructors.rs" 18 17 18 24] _3 <- ([#"../type_constructors.rs" 18 17 18 24] TypeConstructors_B_X_Type.C_B); [#"../type_constructors.rs" 16 11 19 1] _0 <- ([#"../type_constructors.rs" 16 11 19 1] ()); return _0 } diff --git a/creusot/tests/should_succeed/type_invariants/borrows.mlcfg b/creusot/tests/should_succeed/type_invariants/borrows.mlcfg index c1d0615fad..71892e8b47 100644 --- a/creusot/tests/should_succeed/type_invariants/borrows.mlcfg +++ b/creusot/tests/should_succeed/type_invariants/borrows.mlcfg @@ -39,7 +39,7 @@ module Borrows_Impl1_New goto BB0 } BB0 { - [#"../borrows.rs" 18 8 18 15] _0 <- ([#"../borrows.rs" 18 8 18 15] Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 18 13 18 14] n)); + [#"../borrows.rs" 18 8 18 15] _0 <- ([#"../borrows.rs" 18 8 18 15] Borrows_NonZero_Type.C_NonZero n); return _0 } @@ -139,7 +139,7 @@ module Borrows_Inc goto BB0 } BB0 { - [#"../borrows.rs" 102 4 102 11] x <- { x with current = ([#"../borrows.rs" 102 4 102 11] * x + ([#"../borrows.rs" 102 10 102 11] [#"../borrows.rs" 102 10 102 11] (1 : int32))) ; }; + [#"../borrows.rs" 102 4 102 11] x <- { x with current = ([#"../borrows.rs" 102 4 102 11] * x + (1 : int32)) ; }; assume { resolve0 x }; [#"../borrows.rs" 101 24 103 1] _0 <- ([#"../borrows.rs" 101 24 103 1] ()); return _0 @@ -407,7 +407,7 @@ module Borrows_Tuple goto BB0 } BB0 { - [#"../borrows.rs" 46 4 46 14] x <- (let (x0, x1) = x in ((let Borrows_NonZero_Type.C_NonZero x0 = let (a, _) = x in a in Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 46 4 46 14] [#"../borrows.rs" 46 13 46 14] (0 : int32))), x1)); + [#"../borrows.rs" 46 4 46 14] x <- (let (x0, x1) = x in ((let Borrows_NonZero_Type.C_NonZero x0 = let (a, _) = x in a in Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 46 4 46 14] (0 : int32))), x1)); [#"../borrows.rs" 47 8 47 19] _6 <- Borrow.borrow_final (Borrows_NonZero_Type.nonzero_0 ( * (let (_, a) = x in a))) (Borrow.inherit_id (Borrow.get_id (let (_, a) = x in a)) 1); [#"../borrows.rs" 47 8 47 19] x <- (let (x0, x1) = x in (x0, { (let (_, a) = x in a) with current = (let Borrows_NonZero_Type.C_NonZero x0 = * (let (_, a) = x in a) in Borrows_NonZero_Type.C_NonZero ( ^ _6)) ; })); [#"../borrows.rs" 47 8 47 19] _5 <- Borrow.borrow_final ( * _6) (Borrow.get_id _6); @@ -512,7 +512,7 @@ module Borrows_PartialMove } BB0 { [#"../borrows.rs" 54 16 54 19] a <- ([#"../borrows.rs" 54 16 54 19] let (a, _) = x in a); - [#"../borrows.rs" 54 16 54 19] x <- (let (x0, x1) = x in (any Borrows_NonZero_Type.t_nonzero, x1)); + x <- (let (x0, x1) = x in (any Borrows_NonZero_Type.t_nonzero, x1)); [#"../borrows.rs" 55 8 55 19] _7 <- Borrow.borrow_final (Borrows_NonZero_Type.nonzero_0 ( * (let (_, a) = x in a))) (Borrow.inherit_id (Borrow.get_id (let (_, a) = x in a)) 1); [#"../borrows.rs" 55 8 55 19] x <- (let (x0, x1) = x in (x0, { (let (_, a) = x in a) with current = (let Borrows_NonZero_Type.C_NonZero x0 = * (let (_, a) = x in a) in Borrows_NonZero_Type.C_NonZero ( ^ _7)) ; })); [#"../borrows.rs" 55 8 55 19] _6 <- Borrow.borrow_final ( * _7) (Borrow.get_id _7); @@ -525,7 +525,7 @@ module Borrows_PartialMove assume { resolve0 _7 }; assert { [@expl:type invariant] inv0 x }; assume { resolve1 x }; - [#"../borrows.rs" 56 4 56 11] a <- (let Borrows_NonZero_Type.C_NonZero x0 = a in Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 56 4 56 11] [#"../borrows.rs" 56 10 56 11] (0 : int32))); + [#"../borrows.rs" 56 4 56 11] a <- (let Borrows_NonZero_Type.C_NonZero x0 = a in Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 56 4 56 11] (0 : int32))); [#"../borrows.rs" 53 48 57 1] _0 <- ([#"../borrows.rs" 53 48 57 1] ()); return _0 } @@ -619,12 +619,12 @@ module Borrows_Destruct } BB0 { [#"../borrows.rs" 62 9 62 14] a <- ([#"../borrows.rs" 62 9 62 14] let (a, _) = x in a); - [#"../borrows.rs" 62 9 62 14] x <- (let (x0, x1) = x in (any Borrows_NonZero_Type.t_nonzero, x1)); + x <- (let (x0, x1) = x in (any Borrows_NonZero_Type.t_nonzero, x1)); [#"../borrows.rs" 62 16 62 17] b <- ([#"../borrows.rs" 62 16 62 17] let (_, a) = x in a); - [#"../borrows.rs" 62 16 62 17] x <- (let (x0, x1) = x in (x0, any borrowed (Borrows_NonZero_Type.t_nonzero))); + x <- (let (x0, x1) = x in (x0, any borrowed (Borrows_NonZero_Type.t_nonzero))); assert { [@expl:type invariant] inv0 x }; assume { resolve0 x }; - [#"../borrows.rs" 63 4 63 11] a <- (let Borrows_NonZero_Type.C_NonZero x0 = a in Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 63 4 63 11] [#"../borrows.rs" 63 10 63 11] (0 : int32))); + [#"../borrows.rs" 63 4 63 11] a <- (let Borrows_NonZero_Type.C_NonZero x0 = a in Borrows_NonZero_Type.C_NonZero ([#"../borrows.rs" 63 4 63 11] (0 : int32))); [#"../borrows.rs" 64 8 64 16] _8 <- Borrow.borrow_final (Borrows_NonZero_Type.nonzero_0 ( * b)) (Borrow.inherit_id (Borrow.get_id b) 1); [#"../borrows.rs" 64 8 64 16] b <- { b with current = (let Borrows_NonZero_Type.C_NonZero x0 = * b in Borrows_NonZero_Type.C_NonZero ( ^ _8)) ; }; [#"../borrows.rs" 64 8 64 16] _7 <- Borrow.borrow_final ( * _8) (Borrow.get_id _8); @@ -718,7 +718,7 @@ module Borrows_FrozenDead assert { [@expl:type invariant] inv1 x }; assume { resolve0 x }; [#"../borrows.rs" 73 4 74 9] x <- ([#"../borrows.rs" 73 4 74 9] _6); - [#"../borrows.rs" 73 4 74 9] _6 <- any borrowed (Borrows_NonZero_Type.t_nonzero); + _6 <- any borrowed (Borrows_NonZero_Type.t_nonzero); assert { [@expl:type invariant] inv1 x }; assume { resolve0 x }; [#"../borrows.rs" 75 8 75 10] _8 <- Borrow.borrow_final ( * _a) (Borrow.get_id _a); @@ -780,7 +780,7 @@ module Borrows_Dec goto BB0 } BB0 { - [#"../borrows.rs" 108 4 108 11] x <- { x with current = ([#"../borrows.rs" 108 4 108 11] * x - ([#"../borrows.rs" 108 10 108 11] [#"../borrows.rs" 108 10 108 11] (1 : int32))) ; }; + [#"../borrows.rs" 108 4 108 11] x <- { x with current = ([#"../borrows.rs" 108 4 108 11] * x - (1 : int32)) ; }; assume { resolve0 x }; [#"../borrows.rs" 107 24 109 1] _0 <- ([#"../borrows.rs" 107 24 109 1] ()); return _0 diff --git a/creusot/tests/should_succeed/type_invariants/non_zero.mlcfg b/creusot/tests/should_succeed/type_invariants/non_zero.mlcfg index b2658f8554..1b3b40db52 100644 --- a/creusot/tests/should_succeed/type_invariants/non_zero.mlcfg +++ b/creusot/tests/should_succeed/type_invariants/non_zero.mlcfg @@ -38,7 +38,7 @@ module NonZero_Impl1_New goto BB0 } BB0 { - [#"../non_zero.rs" 17 8 17 15] _0 <- ([#"../non_zero.rs" 17 8 17 15] NonZero_NonZeroU32_Type.C_NonZeroU32 ([#"../non_zero.rs" 17 13 17 14] n)); + [#"../non_zero.rs" 17 8 17 15] _0 <- ([#"../non_zero.rs" 17 8 17 15] NonZero_NonZeroU32_Type.C_NonZeroU32 n); return _0 } @@ -72,11 +72,14 @@ module NonZero_Impl1_Add var _0 : NonZero_NonZeroU32_Type.t_nonzerou32; var self : NonZero_NonZeroU32_Type.t_nonzerou32 = self; var rhs : NonZero_NonZeroU32_Type.t_nonzerou32 = rhs; + var _4 : uint32; { goto BB0 } BB0 { - [#"../non_zero.rs" 22 8 22 28] _0 <- ([#"../non_zero.rs" 22 8 22 28] NonZero_NonZeroU32_Type.C_NonZeroU32 ([#"../non_zero.rs" 22 13 22 27] ([#"../non_zero.rs" 22 13 22 19] NonZero_NonZeroU32_Type.nonzerou32_0 self) + ([#"../non_zero.rs" 22 22 22 27] NonZero_NonZeroU32_Type.nonzerou32_0 rhs))); + [#"../non_zero.rs" 22 13 22 27] _4 <- ([#"../non_zero.rs" 22 13 22 27] NonZero_NonZeroU32_Type.nonzerou32_0 self + NonZero_NonZeroU32_Type.nonzerou32_0 rhs); + [#"../non_zero.rs" 22 8 22 28] _0 <- ([#"../non_zero.rs" 22 8 22 28] NonZero_NonZeroU32_Type.C_NonZeroU32 _4); + _4 <- any uint32; return _0 } @@ -149,11 +152,14 @@ module NonZero_Impl1_Sub var _0 : NonZero_NonZeroU32_Type.t_nonzerou32; var self : NonZero_NonZeroU32_Type.t_nonzerou32 = self; var rhs : NonZero_NonZeroU32_Type.t_nonzerou32 = rhs; + var _4 : uint32; { goto BB0 } BB0 { - [#"../non_zero.rs" 41 8 41 28] _0 <- ([#"../non_zero.rs" 41 8 41 28] NonZero_NonZeroU32_Type.C_NonZeroU32 ([#"../non_zero.rs" 41 13 41 27] ([#"../non_zero.rs" 41 13 41 19] NonZero_NonZeroU32_Type.nonzerou32_0 self) - ([#"../non_zero.rs" 41 22 41 27] NonZero_NonZeroU32_Type.nonzerou32_0 rhs))); + [#"../non_zero.rs" 41 13 41 27] _4 <- ([#"../non_zero.rs" 41 13 41 27] NonZero_NonZeroU32_Type.nonzerou32_0 self - NonZero_NonZeroU32_Type.nonzerou32_0 rhs); + [#"../non_zero.rs" 41 8 41 28] _0 <- ([#"../non_zero.rs" 41 8 41 28] NonZero_NonZeroU32_Type.C_NonZeroU32 _4); + _4 <- any uint32; return _0 } diff --git a/creusot/tests/should_succeed/type_invariants/non_zero/why3session.xml b/creusot/tests/should_succeed/type_invariants/non_zero/why3session.xml index d303e5e495..4a34826995 100644 --- a/creusot/tests/should_succeed/type_invariants/non_zero/why3session.xml +++ b/creusot/tests/should_succeed/type_invariants/non_zero/why3session.xml @@ -23,7 +23,7 @@ - + diff --git a/creusot/tests/should_succeed/type_invariants/non_zero/why3shapes.gz b/creusot/tests/should_succeed/type_invariants/non_zero/why3shapes.gz index 4b83edb2081354e1d6e33ef789bc842cbdd6f77a..e69dd91a18b6dcc7c707bb67de58831cb4af4e19 100644 GIT binary patch literal 378 zcmV-=0fqh_iwFP!00000|BX>iPlG@Zz4I&frq-A&`;DZ{|I&7pQxKjqlLTw_VlL_eh|{O|o)RP_$p z3hEwf{1MPlvuNM^Cet-6HPs|r!z1)fQPsUBcHrt2Dw`J7{&Q|jgfXFc7An^)RM-x~ zlw1V~2Dj&soCBJL`wG)+Yu8=kt>^AdXC6rk56eO6c>l4XV*~H-^bLRfUsx?3vx2@%4oDZ@8qMt*Ptlwz+4TO>UyufV1McZCXIM9D z>}qTVZu!TE!a0vN#c#4);M7Vh<_mnpp)KlWu%ZlHJ7d1>SVN!ZWNMTt3qdx;RS-#W zHA(?*kD)jQaz5@=xOUZ4{UzSw+@9H)OOfHjG<4eSy({Flz<2yQSi!1_uwS`i*%7zN z=wTC#`e|+T_Dr$^OOLNd8vS&#!3mZp81~b*O^Ttzrau>HGDaFEoJOkg?w^rf;BBo! zwzs@D6@KwAQ^zKvNC>J#T2bPJin-&)LkZwZFvgMcB@=m^^GI?7#F1R89i;?`;~ID( zyjLX&gA8&RXr5B1l^~-fFCA(Ga898!m4Fyc%5<&*4NBuMm7Hr&RTyS41*MdvGVwAN Rj-`1LXx~@yYl|cU000w|vitx5 diff --git a/creusot/tests/should_succeed/type_invariants/type_invariants.mlcfg b/creusot/tests/should_succeed/type_invariants/type_invariants.mlcfg index c9c565eed0..cd9bd4371a 100644 --- a/creusot/tests/should_succeed/type_invariants/type_invariants.mlcfg +++ b/creusot/tests/should_succeed/type_invariants/type_invariants.mlcfg @@ -30,7 +30,7 @@ module TypeInvariants_Id } BB0 { [#"../type_invariants.rs" 15 4 15 5] _0 <- ([#"../type_invariants.rs" 15 4 15 5] x); - [#"../type_invariants.rs" 15 4 15 5] x <- any TypeInvariants_WithInvariant_Type.t_withinvariant; + x <- any TypeInvariants_WithInvariant_Type.t_withinvariant; return _0 } diff --git a/creusot/tests/should_succeed/unused_in_loop.mlcfg b/creusot/tests/should_succeed/unused_in_loop.mlcfg index 83cb0a9cd5..c8e939e91a 100644 --- a/creusot/tests/should_succeed/unused_in_loop.mlcfg +++ b/creusot/tests/should_succeed/unused_in_loop.mlcfg @@ -13,7 +13,7 @@ module UnusedInLoop_UnusedInLoop goto BB0 } BB0 { - [#"../unused_in_loop.rs" 6 12 6 14] x <- ([#"../unused_in_loop.rs" 6 12 6 14] [#"../unused_in_loop.rs" 6 12 6 14] (10 : uint32)); + [#"../unused_in_loop.rs" 6 12 6 14] x <- ([#"../unused_in_loop.rs" 6 12 6 14] (10 : uint32)); goto BB1 } BB1 { @@ -21,7 +21,7 @@ module UnusedInLoop_UnusedInLoop goto BB2 } BB2 { - switch ([#"../unused_in_loop.rs" 9 11 9 12] b) + switch (b) | False -> goto BB4 | True -> goto BB3 end diff --git a/creusot/tests/should_succeed/vecdeque.mlcfg b/creusot/tests/should_succeed/vecdeque.mlcfg index 3f9eee5c03..8405ef2b9c 100644 --- a/creusot/tests/should_succeed/vecdeque.mlcfg +++ b/creusot/tests/should_succeed/vecdeque.mlcfg @@ -231,10 +231,10 @@ module Vecdeque_TestDeque let constant promoted0 [#"../vecdeque.rs" 5 0 5 19] : Core_Option_Option_Type.t_option uint32 = [@vc:do_not_keep_trace] [@vc:sp] - let _1 = [#"../vecdeque.rs" 24 32 24 39] Core_Option_Option_Type.C_Some ([#"../vecdeque.rs" 24 37 24 38] [#"../vecdeque.rs" 24 37 24 38] (3 : uint32)) in let _0 = [#"../vecdeque.rs" 24 32 24 39] _1 in _0 + let _1 = [#"../vecdeque.rs" 24 32 24 39] Core_Option_Option_Type.C_Some (3 : uint32) in let _0 = [#"../vecdeque.rs" 24 32 24 39] _1 in _0 let constant promoted1 [#"../vecdeque.rs" 5 0 5 19] : Core_Option_Option_Type.t_option uint32 = [@vc:do_not_keep_trace] [@vc:sp] - let _1 = [#"../vecdeque.rs" 23 33 23 40] Core_Option_Option_Type.C_Some ([#"../vecdeque.rs" 23 38 23 39] [#"../vecdeque.rs" 23 38 23 39] (2 : uint32)) in let _0 = [#"../vecdeque.rs" 23 33 23 40] _1 in _0 + let _1 = [#"../vecdeque.rs" 23 33 23 40] Core_Option_Option_Type.C_Some (2 : uint32) in let _0 = [#"../vecdeque.rs" 23 33 23 40] _1 in _0 let constant promoted2 [#"../vecdeque.rs" 5 0 5 19] : Core_Option_Option_Type.t_option uint32 = [@vc:do_not_keep_trace] [@vc:sp] let _1 = [#"../vecdeque.rs" 17 32 17 36] Core_Option_Option_Type.C_None in let _0 = [#"../vecdeque.rs" 17 32 17 36] _1 in _0 @@ -246,9 +246,11 @@ module Vecdeque_TestDeque var _0 : (); var deque : Alloc_Collections_VecDeque_VecDeque_Type.t_vecdeque uint32 (Alloc_Alloc_Global_Type.t_global); var _3 : bool; + var _7 : bool; var _8 : usize; var deque1 : Alloc_Collections_VecDeque_VecDeque_Type.t_vecdeque uint32 (Alloc_Alloc_Global_Type.t_global); var _13 : bool; + var _17 : bool; var _18 : usize; var _22 : bool; var _24 : Core_Option_Option_Type.t_option uint32; @@ -279,11 +281,11 @@ module Vecdeque_TestDeque goto BB0 } BB0 { - [#"../vecdeque.rs" 6 31 6 57] deque <- ([#"../vecdeque.rs" 6 31 6 57] with_capacity0 ([#"../vecdeque.rs" 6 55 6 56] [#"../vecdeque.rs" 6 55 6 56] (5 : usize))); + [#"../vecdeque.rs" 6 31 6 57] deque <- ([#"../vecdeque.rs" 6 31 6 57] with_capacity0 (5 : usize)); goto BB1 } BB1 { - [#"../vecdeque.rs" 8 12 8 28] _3 <- ([#"../vecdeque.rs" 8 12 8 28] is_empty0 ([#"../vecdeque.rs" 8 12 8 17] deque)); + [#"../vecdeque.rs" 8 12 8 28] _3 <- ([#"../vecdeque.rs" 8 12 8 28] is_empty0 deque); goto BB2 } BB2 { @@ -293,7 +295,7 @@ module Vecdeque_TestDeque end } BB3 { - [#"../vecdeque.rs" 9 12 9 23] _8 <- ([#"../vecdeque.rs" 9 12 9 23] len0 ([#"../vecdeque.rs" 9 12 9 17] deque)); + [#"../vecdeque.rs" 9 12 9 23] _8 <- ([#"../vecdeque.rs" 9 12 9 23] len0 deque); goto BB5 } BB4 { @@ -301,7 +303,9 @@ module Vecdeque_TestDeque absurd } BB5 { - switch ([#"../vecdeque.rs" 9 12 9 28] _8 = ([#"../vecdeque.rs" 9 27 9 28] [#"../vecdeque.rs" 9 27 9 28] (0 : usize))) + [#"../vecdeque.rs" 9 12 9 28] _7 <- ([#"../vecdeque.rs" 9 12 9 28] _8 = (0 : usize)); + _8 <- any usize; + switch (_7) | False -> goto BB7 | True -> goto BB6 end @@ -315,7 +319,7 @@ module Vecdeque_TestDeque absurd } BB8 { - [#"../vecdeque.rs" 13 12 13 28] _13 <- ([#"../vecdeque.rs" 13 12 13 28] is_empty0 ([#"../vecdeque.rs" 13 12 13 17] deque1)); + [#"../vecdeque.rs" 13 12 13 28] _13 <- ([#"../vecdeque.rs" 13 12 13 28] is_empty0 deque1); goto BB9 } BB9 { @@ -325,7 +329,7 @@ module Vecdeque_TestDeque end } BB10 { - [#"../vecdeque.rs" 14 12 14 23] _18 <- ([#"../vecdeque.rs" 14 12 14 23] len0 ([#"../vecdeque.rs" 14 12 14 17] deque1)); + [#"../vecdeque.rs" 14 12 14 23] _18 <- ([#"../vecdeque.rs" 14 12 14 23] len0 deque1); goto BB12 } BB11 { @@ -333,7 +337,9 @@ module Vecdeque_TestDeque absurd } BB12 { - switch ([#"../vecdeque.rs" 14 12 14 28] _18 = ([#"../vecdeque.rs" 14 27 14 28] [#"../vecdeque.rs" 14 27 14 28] (0 : usize))) + [#"../vecdeque.rs" 14 12 14 28] _17 <- ([#"../vecdeque.rs" 14 12 14 28] _18 = (0 : usize)); + _18 <- any usize; + switch (_17) | False -> goto BB14 | True -> goto BB13 end @@ -350,8 +356,8 @@ module Vecdeque_TestDeque absurd } BB15 { - [#"../vecdeque.rs" 16 33 16 37] _68 <- ([#"../vecdeque.rs" 16 33 16 37] [#"../vecdeque.rs" 16 33 16 37] promoted3); - [#"../vecdeque.rs" 16 12 16 37] _22 <- ([#"../vecdeque.rs" 16 12 16 37] eq0 ([#"../vecdeque.rs" 16 12 16 29] _24) ([#"../vecdeque.rs" 16 33 16 37] _68)); + [#"../vecdeque.rs" 16 33 16 37] _68 <- ([#"../vecdeque.rs" 16 33 16 37] promoted3); + [#"../vecdeque.rs" 16 12 16 37] _22 <- ([#"../vecdeque.rs" 16 12 16 37] eq0 _24 _68); goto BB16 } BB16 { @@ -372,8 +378,8 @@ module Vecdeque_TestDeque absurd } BB19 { - [#"../vecdeque.rs" 17 32 17 36] _67 <- ([#"../vecdeque.rs" 17 32 17 36] [#"../vecdeque.rs" 17 32 17 36] promoted2); - [#"../vecdeque.rs" 17 12 17 36] _30 <- ([#"../vecdeque.rs" 17 12 17 36] eq0 ([#"../vecdeque.rs" 17 12 17 28] _32) ([#"../vecdeque.rs" 17 32 17 36] _67)); + [#"../vecdeque.rs" 17 32 17 36] _67 <- ([#"../vecdeque.rs" 17 32 17 36] promoted2); + [#"../vecdeque.rs" 17 12 17 36] _30 <- ([#"../vecdeque.rs" 17 12 17 36] eq0 _32 _67); goto BB20 } BB20 { @@ -385,7 +391,7 @@ module Vecdeque_TestDeque BB21 { [#"../vecdeque.rs" 19 4 19 9] _38 <- Borrow.borrow_mut deque1; [#"../vecdeque.rs" 19 4 19 9] deque1 <- ^ _38; - [#"../vecdeque.rs" 19 4 19 23] _37 <- ([#"../vecdeque.rs" 19 4 19 23] push_front0 _38 ([#"../vecdeque.rs" 19 21 19 22] [#"../vecdeque.rs" 19 21 19 22] (1 : uint32))); + [#"../vecdeque.rs" 19 4 19 23] _37 <- ([#"../vecdeque.rs" 19 4 19 23] push_front0 _38 (1 : uint32)); _38 <- any borrowed (Alloc_Collections_VecDeque_VecDeque_Type.t_vecdeque uint32 (Alloc_Alloc_Global_Type.t_global)); goto BB23 } @@ -396,14 +402,14 @@ module Vecdeque_TestDeque BB23 { [#"../vecdeque.rs" 20 4 20 9] _40 <- Borrow.borrow_mut deque1; [#"../vecdeque.rs" 20 4 20 9] deque1 <- ^ _40; - [#"../vecdeque.rs" 20 4 20 23] _39 <- ([#"../vecdeque.rs" 20 4 20 23] push_front0 _40 ([#"../vecdeque.rs" 20 21 20 22] [#"../vecdeque.rs" 20 21 20 22] (2 : uint32))); + [#"../vecdeque.rs" 20 4 20 23] _39 <- ([#"../vecdeque.rs" 20 4 20 23] push_front0 _40 (2 : uint32)); _40 <- any borrowed (Alloc_Collections_VecDeque_VecDeque_Type.t_vecdeque uint32 (Alloc_Alloc_Global_Type.t_global)); goto BB24 } BB24 { [#"../vecdeque.rs" 21 4 21 9] _42 <- Borrow.borrow_mut deque1; [#"../vecdeque.rs" 21 4 21 9] deque1 <- ^ _42; - [#"../vecdeque.rs" 21 4 21 22] _41 <- ([#"../vecdeque.rs" 21 4 21 22] push_back0 _42 ([#"../vecdeque.rs" 21 20 21 21] [#"../vecdeque.rs" 21 20 21 21] (3 : uint32))); + [#"../vecdeque.rs" 21 4 21 22] _41 <- ([#"../vecdeque.rs" 21 4 21 22] push_back0 _42 (3 : uint32)); _42 <- any borrowed (Alloc_Collections_VecDeque_VecDeque_Type.t_vecdeque uint32 (Alloc_Alloc_Global_Type.t_global)); goto BB25 } @@ -415,8 +421,8 @@ module Vecdeque_TestDeque goto BB26 } BB26 { - [#"../vecdeque.rs" 23 33 23 40] _66 <- ([#"../vecdeque.rs" 23 33 23 40] [#"../vecdeque.rs" 23 33 23 40] promoted1); - [#"../vecdeque.rs" 23 12 23 40] _44 <- ([#"../vecdeque.rs" 23 12 23 40] eq0 ([#"../vecdeque.rs" 23 12 23 29] _46) ([#"../vecdeque.rs" 23 33 23 40] _66)); + [#"../vecdeque.rs" 23 33 23 40] _66 <- ([#"../vecdeque.rs" 23 33 23 40] promoted1); + [#"../vecdeque.rs" 23 12 23 40] _44 <- ([#"../vecdeque.rs" 23 12 23 40] eq0 _46 _66); goto BB27 } BB27 { @@ -437,8 +443,8 @@ module Vecdeque_TestDeque absurd } BB30 { - [#"../vecdeque.rs" 24 32 24 39] _65 <- ([#"../vecdeque.rs" 24 32 24 39] [#"../vecdeque.rs" 24 32 24 39] promoted0); - [#"../vecdeque.rs" 24 12 24 39] _52 <- ([#"../vecdeque.rs" 24 12 24 39] eq0 ([#"../vecdeque.rs" 24 12 24 28] _54) ([#"../vecdeque.rs" 24 32 24 39] _65)); + [#"../vecdeque.rs" 24 32 24 39] _65 <- ([#"../vecdeque.rs" 24 32 24 39] promoted0); + [#"../vecdeque.rs" 24 12 24 39] _52 <- ([#"../vecdeque.rs" 24 12 24 39] eq0 _54 _65); goto BB31 } BB31 { @@ -459,7 +465,7 @@ module Vecdeque_TestDeque absurd } BB34 { - [#"../vecdeque.rs" 26 12 26 28] _62 <- ([#"../vecdeque.rs" 26 12 26 28] is_empty0 ([#"../vecdeque.rs" 26 12 26 17] deque1)); + [#"../vecdeque.rs" 26 12 26 28] _62 <- ([#"../vecdeque.rs" 26 12 26 28] is_empty0 deque1); goto BB35 } BB35 { diff --git a/creusot/tests/should_succeed/vecdeque/why3session.xml b/creusot/tests/should_succeed/vecdeque/why3session.xml index dc0909ad90..e57eda5377 100644 --- a/creusot/tests/should_succeed/vecdeque/why3session.xml +++ b/creusot/tests/should_succeed/vecdeque/why3session.xml @@ -21,119 +21,119 @@ - - + + - - + + - - + + - - + + - - + + - + - - + + - - + + - - + + - + - + - - + + - - + + - - + + - + - + - - + + - - + + - + - + - + - + - + - - + + - - + + - + - + - - + + - - + + - - + + - + - + - + - + - - + + - - + + - + - + diff --git a/creusot/tests/should_succeed/vecdeque/why3shapes.gz b/creusot/tests/should_succeed/vecdeque/why3shapes.gz index 45d982724d8c6be5b5263ee9efac743c1ecc6dfe..b344746472c9425d8c3c2c33306aecbaeece04ff 100644 GIT binary patch literal 2260 zcmV;_2rKs=iwFP!00000|J7JaZydQ1zUx=$mW_=7EV8OdE|P;_K%g$UBIzn=5?o4=mj z{~m8vfAF9#XORY2L>%-Yn!zlh9&iz1phZ*zU!KLk|0CYk)o=G7qBy&~UH|9$Y}@Rw&iMaZ^h0LGqKd)A8J---Q)Ci_UW$X^{U+5OHiZcwYiCx z@pe<=zwaLE5mT@;HEK)>XYDL*HubJsdRX1nm_NjHThBkO1^T>mG&+iNJlF1&{jTG( zx{`k%WIN+uCZ*Z2eFAm2Fe94e#pel9;4v%EHQ_6$fY~#cJ=gF&UN{->?Ds&(u!IKB zg5F!&_q~hzO}y5$=U|c`z8`<@VMCYR$=V}SrYpXE8#gzr-)`&udNsJG^mQW_Pc`S? z^t_Q&5_r9IZ=V~=%X7Or=+>k+9j3+*BuqFppMt93p= zsxgB{IR*o_CZ_NZpq5Nx}@ri$Yh3Z;$feCgsCgd-)=yKG&V0;!FLp7# z^TJ)%ZoSxp=^~nssuZY02<+j!5#>{PgZ6lt64lSk1tFF7+xW6tn4 zXJE;cdDECP(coS~&T@Q(M6l(yZ04tEF9JW{4e1|c}iH=S+^ zM5pQ$(U;UI+O-Cv+2_JJZCeA)t%0_jtA%OWwT6BfujyoKpr@^2QQG629<>HulHcw) zcOz2XCO@l_NzdxZ%rdnjehT!|xUozQya0XIuG&SLKEAhn-w_Tx&N}kbQhX!AK>BjRLflvR_*oB+k9r`Q;24n>0lSgC zTQ&K_fz0LA^adbv@jRafg2U+~3j-g_rmk`{nPl~NE{%(yO{H$(V&VxVcT*mXu`KjL z4^Q{yDOCAUE%d4ZX{Hy)6O+Fu=xqFV&pjqK*R$tT(Yd7&5i5WQ0M9(4)U z&-p|=NVBM(pc(O4ix?F@N3m$n6wBuKlSZdl;+ZMNex;E5@)Rx(Xl9C0Z0IgO$9?EV z$#%%*Vs6)qi++k{!@KjgzB|9KoBQkO4R)5j%?51JQKQRgjMXF5T2UbpxpPnuK&fB@ z2MQQW&;f!vE5&=~Jx9;Ysg|iWu0EUW8dUZuiopl>OfNbs-m=irQjz(9e9Ea6xr&sk zFQSJ5OaR#p2h?58IXY@3VdBiD#KMfKsYJ~PrgNaKe%yi*kTH>=tbJVV^S6< z6+>kSlY+)CwOLhlg&?#91zKGvp~FILo@0 zv;@vyVY6jdRccjEwJK|3bw>G^Nh#}-s!RArEc>8c(Dv)>+s44)v?~xz_P+X9yd|ep zE81|{QSql;FnR;kdn*?}PRv_{4w^;gF_cn9T8wNL7djaDlU~FD%0V*ch;r$gmigXT z@e9c`_N{wy!PsCp82W$RakADGTjZdLCE>l?A4O7QqxVuxYIo*z^|y2_)Jn1z)1(>Y80CuAWUL2cvhg+f?%D@*0c}A3 zE*Ma%lUE5ni9<#y!UR@FIdLbIu)v6czCR4kV5GBEEDhrb2uft+YRE#0+bc&p5PV-G zwQ|GcDzRlR7XlLi`>4<@)B&T>VvNT_m(Wh!H@4a%tFD^&8m=CckA zfd!inBnN}@UC70L0{SW@z_V>3Suo{+B3 zG@1_21r|LHOo8#|;6!UP6)w{JoOE`y&|*VWCDqK@bI0jl1k`L~lA-9Na!GpFsYjtbq1M%b&VtYJ@Ku3q2ML$C`TC}J?jQkO{+4=gOTZD9JhJycTPg^FA;x{ z=Q3HDs-2TCOq97>CzkFYWeu#sU6*{ZA$W(x=c{9Pa2+r$KWM2{hC5+%1c(YDE;1$ zMA@`5^4x>*e-WHZQ)o7LewER&PToi3EQ53-c~!TV8mKJ&G?!NOl4U-4_iAI5mlxIA il(Sf^RCo4Sp6R(N#OSTwOS;z_=Kla<`dVq4CIA5BQEHq3 literal 2253 zcmV;;2r~B{iwFP!00000|J7K_ZXCN2-Rmo~OJd^!Bve159g-7_O;W@H6^NQNO*ceAQa9kL$OU*DW>KE*F}bN*+&-CVC%e?RB*H-9_3 z`y*bj{^UVj&LRzZ5pgh!2m>sl8E_HxK#QmbzC4Tn_-DMStKaWFMR9g>v;NQ3=XI$! zYOwKceRaLMi=X3v)kSytXvzD@y%jr0%*0av_*%0%>mH}4voE(buUF;zPJ$XWui!df z#+yxz|GxcNkC@UsQ=`VDaMsS^W>aswrLU{o8uO=^ZtD4$wLqU&jz&juj_1mqvfp)F zR`2EaS6R;Zmq}@MJpVostiB(u?rQoOA?n$cUV@w-9>$?h1~U6S5Q<)6S%f$7%Fv$H zB+B|eAQ1=KH9k0#y0s}Cq9?lz4K9x6UkC!P?eKKc6f5{nH{&7~Cat3+HnNb>ZhPOGRmrR)#jX5(dLOhi- z$PaR6QQFHHdDzPtTABmzc<)GQ+a2g|cM#1ZWr}2K(TDk_(`|w1RGlLFmO4ed)<87- zTsWs~YoNI`(3W$xFipGG&=2Dkooo&Cur(}7dz{m~*1${h+a2d_M9SOb=M$4iU-)1U znc5LQ1bS+QSSAHtfPUD{4Ih?i=v{l?F52|{y342EJXgN!KnHR%$H>obK|he>)aAuA z<&u4WoTh;|Pt&a^ara>R+siKVKr~A6jR*s&%NYyyuP4%MAanl_CO9C{BA9Ljc86>7 zX$I1l@29z)^u^<}8qgokD)}(b!RFspj^>nnJ)TnI$0swYTj&Wjdg|_`bQ)us=|$he zo6z)71unXoUUUP(OfTC0)t;ai>HZ@x^dc_;bt8NAa`H(7;zBRtL3+*oX2Fk}g{(PD zvpGq#Io2sg#V08?TZ+x(YNlA?St#yD3ZZ|V!j&NPLa{99XY4UqTd6G8waKsfY{mDW_IQXG+x<(Zir2 zXj!cfsJonVbR=*wab_s7Fr#WJQ3JtruBodZx1a=MOazpTPpx@KI$58KHCaMPGy&Iq z#J?%2IZ)a|PQ?{vU2;~=cWOCTvZJ=q!Kk3chzr^tHDwz(9h+g#78}WI5vy>g90?Ob z$IOJ0|K{5a5~1SAKBC6#t7*=VQp#CYMq12{n{T%%d!$NaO`ugyD0^OgGR0&=B`3xu zUi@Z*vT3F&of`?`+~n+~$nuM)2sHc)*f0v9~I>s+5nhN+s(~MF9gsK=YlwC!3{? z^r{i1CN~0wd*>erKqu77#i&tAwkpOs;2L$xj^r)n`B0$?Xnzz2s-C3_ zXl->(CPtvj+WG2CDoL^1owOec!%G%}jXqjWt<@}WR6_(xo(dEg_kv6y9Y{9C|3D;8 zX=lB)fHJSU0?Jm|4~(e*M=9?e3H&55g)K-LdN3fOG?F5y&@>~JIz```9l1a@kSJ0h z{28dc%Oyu_#Um3~nFx%o))k}BHf1MN{ucnl3giikj0VO#t!2sq%P8mBD=XDy1jZN` z0-L}(u=?o;n^z@!$J%;RWR`JFw%37`JuOz3j*xyaNU2My$#kbv)G{2^3NjcffLwHA z%q3@;1@(AZoE#V*tSH+T zhaamna4o&uXDTIn<4Ia8St&44QS3F@VQ>(f2~NMzk+azjEpkAJFk2#$w@#t(E89F5**)G-p^57wO^UC5POunkdB%^whjKb`5vPv$Ixj^qPJ)1lQkFPH}4Ip!M zlR-t&sVPrdM_`!{$G;b}w3l43G{EYRP03_@O|4j^F;+>wh}Bz%8kX(j=TE2XWNK0% zb2F4E_j{)ijlA>?d`WSSy5}2bYLRknppB7B1tX3xus9{Na4dF#ZJ)e)tBNU;DpjLO biP6$H{wL0rx$T2|%GCb=2lCBHh9v+1boEV_ diff --git a/creusot/tests/should_succeed/vector/01.mlcfg b/creusot/tests/should_succeed/vector/01.mlcfg index 3312b54666..3a44f0ec81 100644 --- a/creusot/tests/should_succeed/vector/01.mlcfg +++ b/creusot/tests/should_succeed/vector/01.mlcfg @@ -346,6 +346,7 @@ module C01_AllZero var v : borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)) = v; var old_v : Snapshot.snap_ty (borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global))); var iter : Core_Ops_Range_Range_Type.t_range usize; + var _7 : Core_Ops_Range_Range_Type.t_range usize; var _8 : usize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced : Snapshot.snap_ty (Seq.seq usize); @@ -365,12 +366,14 @@ module C01_AllZero goto BB1 } BB1 { - [#"../01.rs" 11 16 11 23] _8 <- ([#"../01.rs" 11 16 11 23] len0 ([#"../01.rs" 11 16 11 17] * v)); + [#"../01.rs" 11 16 11 23] _8 <- ([#"../01.rs" 11 16 11 23] len0 ( * v)); goto BB2 } BB2 { - [#"../01.rs" 9 4 9 42] iter <- ([#"../01.rs" 9 4 9 42] into_iter0 ([#"../01.rs" 11 13 11 23] Core_Ops_Range_Range_Type.C_Range ([#"../01.rs" 11 13 11 14] [#"../01.rs" 11 13 11 14] (0 : usize)) _8)); + [#"../01.rs" 11 13 11 23] _7 <- ([#"../01.rs" 11 13 11 23] Core_Ops_Range_Range_Type.C_Range (0 : usize) _8); _8 <- any usize; + [#"../01.rs" 9 4 9 42] iter <- ([#"../01.rs" 9 4 9 42] into_iter0 _7); + _7 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB3 } BB3 { @@ -427,16 +430,16 @@ module C01_AllZero } BB13 { [#"../01.rs" 9 4 9 42] produced <- ([#"../01.rs" 9 4 9 42] _24); - [#"../01.rs" 9 4 9 42] _24 <- any Snapshot.snap_ty (Seq.seq usize); + _24 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] i <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../01.rs" 12 8 12 9] _28 <- Borrow.borrow_mut ( * v); [#"../01.rs" 12 8 12 9] v <- { v with current = ( ^ _28) ; }; - [#"../01.rs" 12 9 12 12] _27 <- ([#"../01.rs" 12 9 12 12] index_mut0 _28 ([#"../01.rs" 12 10 12 11] i)); + [#"../01.rs" 12 9 12 12] _27 <- ([#"../01.rs" 12 9 12 12] index_mut0 _28 i); _28 <- any borrowed (Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global)); goto BB14 } BB14 { - [#"../01.rs" 12 8 12 16] _27 <- { _27 with current = ([#"../01.rs" 12 8 12 16] [#"../01.rs" 12 15 12 16] (0 : uint32)) ; }; + [#"../01.rs" 12 8 12 16] _27 <- { _27 with current = ([#"../01.rs" 12 8 12 16] (0 : uint32)) ; }; assume { resolve1 _27 }; goto BB6 } diff --git a/creusot/tests/should_succeed/vector/01/why3session.xml b/creusot/tests/should_succeed/vector/01/why3session.xml index 6f49181aae..84847aa25e 100644 --- a/creusot/tests/should_succeed/vector/01/why3session.xml +++ b/creusot/tests/should_succeed/vector/01/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/vector/01/why3shapes.gz b/creusot/tests/should_succeed/vector/01/why3shapes.gz index 5dd4c5002dd83ee031709c1cb5ab5e00f7fb3580..9dc0c3f35e487785410751a470228078df5cd6aa 100644 GIT binary patch literal 648 zcmV;30(bo%iwFP!00000|9w(8( zKo2R}7uM}D0hXO%3_M%m z?Hx9zeHxyTvYN)8ioLB&BS7F_i@F_fkFP9s32#ESqd5ZMDI<^`hM+vupgmL&dMF|C zP(bVvg(d-Yy zZvvj^(mY}6euK-3kvCeF5+BHwQd-?s=Cx?-Q(ZD=1R0mq=Pm6YrrzF_jAF9wu*J^w zwmBM7Kf+D%-L~d`<~67ow3wK+@XU4FnhumY(`k{V?;b@h_d{~U>8#e7Qs@geNRdub zNpWeFgQi=#qZN0y>+H!?pY}hg(Z{;Q1~lDz;LRLzLF|5f;6yW`^E@R}gKQl7kZ5Pn36@N@;SF2F(s<7IbP$W?#9$8#5jKwZg74ERaB;YFN iGUp=aJm)M=@;Hz3FxR=tWlq+dt^NXX^-FKJ1poj^K0h9EqYAUzZiddMO2 zkU{Jrg#?>AwYGXGbw_{_b$17p0_8x3t4BOY(C979Td22?-7O9C1h>?Vm;GB$Dt$cl zzY%z%Yx9V)`>k454875^lS}0}^>ETr(GgwUcZ&O;GY)hl4O;S#Bgi#ir7Q zZo11sw;HYTZQK%Rs*tcatL9}PX{!6^TKgc*k*|lNq~i+^G9BlCC{UYXZ(mH+Ehi2- z;04@hHC7$v!fQvlSmfjq5r}X=L$MGSZ$=P$JyeD(yc1(@q|>m!VuwK z(>&hm!8(_d67PYF6>Nhi+Xi@R#UI_;)r#-qy^d+TCr>Ia_hn3|;*tqYbyCSV4yec} h&ne3(%_+%~JkFy$%w;Zeo})D goto BB16 | True -> goto BB5 end } BB5 { - switch ([#"../02_gnome.rs" 31 11 31 17] ([#"../02_gnome.rs" 31 11 31 12] i) = ([#"../02_gnome.rs" 31 16 31 17] [#"../02_gnome.rs" 31 16 31 17] (0 : usize))) + [#"../02_gnome.rs" 31 11 31 17] _14 <- ([#"../02_gnome.rs" 31 11 31 17] i = (0 : usize)); + switch (_14) | False -> goto BB7 | True -> goto BB6 end @@ -459,13 +466,15 @@ module C02Gnome_GnomeSort goto BB11 } BB7 { - [#"../02_gnome.rs" 31 22 31 29] _18 <- ([#"../02_gnome.rs" 31 22 31 29] index0 ([#"../02_gnome.rs" 31 21 31 22] * v) ([#"../02_gnome.rs" 31 23 31 28] ([#"../02_gnome.rs" 31 23 31 24] i) - ([#"../02_gnome.rs" 31 27 31 28] [#"../02_gnome.rs" 31 27 31 28] (1 : usize)))); + [#"../02_gnome.rs" 31 23 31 28] _20 <- ([#"../02_gnome.rs" 31 23 31 28] i - (1 : usize)); + [#"../02_gnome.rs" 31 22 31 29] _18 <- ([#"../02_gnome.rs" 31 22 31 29] index0 ( * v) _20); + _20 <- any usize; goto BB8 } BB8 { assert { [@expl:type invariant] inv2 _18 }; assume { resolve2 _18 }; - [#"../02_gnome.rs" 31 35 31 38] _24 <- ([#"../02_gnome.rs" 31 35 31 38] index0 ([#"../02_gnome.rs" 31 34 31 35] * v) ([#"../02_gnome.rs" 31 36 31 37] i)); + [#"../02_gnome.rs" 31 35 31 38] _24 <- ([#"../02_gnome.rs" 31 35 31 38] index0 ( * v) i); goto BB9 } BB9 { @@ -474,7 +483,7 @@ module C02Gnome_GnomeSort assume { resolve2 _24 }; assert { [@expl:type invariant] inv2 _23 }; assume { resolve2 _23 }; - [#"../02_gnome.rs" 31 21 31 39] _16 <- ([#"../02_gnome.rs" 31 21 31 39] le0 ([#"../02_gnome.rs" 31 21 31 29] _18) ([#"../02_gnome.rs" 31 33 31 38] _23)); + [#"../02_gnome.rs" 31 21 31 39] _16 <- ([#"../02_gnome.rs" 31 21 31 39] le0 _18 _23); goto BB10 } BB10 { @@ -484,7 +493,7 @@ module C02Gnome_GnomeSort end } BB11 { - [#"../02_gnome.rs" 32 12 32 18] i <- ([#"../02_gnome.rs" 32 12 32 18] i + ([#"../02_gnome.rs" 32 17 32 18] [#"../02_gnome.rs" 32 17 32 18] (1 : usize))); + [#"../02_gnome.rs" 32 12 32 18] i <- ([#"../02_gnome.rs" 32 12 32 18] i + (1 : usize)); [#"../02_gnome.rs" 31 40 33 9] _9 <- ([#"../02_gnome.rs" 31 40 33 9] ()); goto BB15 } @@ -500,14 +509,16 @@ module C02Gnome_GnomeSort [#"../02_gnome.rs" 34 12 34 13] _28 <- Borrow.borrow_final ( * _29) (Borrow.get_id _29); [#"../02_gnome.rs" 34 12 34 13] _29 <- { _29 with current = ( ^ _28) ; }; assume { inv4 ( ^ _28) }; - [#"../02_gnome.rs" 34 12 34 28] _27 <- ([#"../02_gnome.rs" 34 12 34 28] swap0 _28 ([#"../02_gnome.rs" 34 19 34 24] ([#"../02_gnome.rs" 34 19 34 20] i) - ([#"../02_gnome.rs" 34 23 34 24] [#"../02_gnome.rs" 34 23 34 24] (1 : usize))) ([#"../02_gnome.rs" 34 26 34 27] i)); + [#"../02_gnome.rs" 34 19 34 24] _31 <- ([#"../02_gnome.rs" 34 19 34 24] i - (1 : usize)); + [#"../02_gnome.rs" 34 12 34 28] _27 <- ([#"../02_gnome.rs" 34 12 34 28] swap0 _28 _31 i); _28 <- any borrowed (slice t); + _31 <- any usize; goto BB14 } BB14 { assert { [@expl:type invariant] inv5 _29 }; assume { resolve3 _29 }; - [#"../02_gnome.rs" 35 12 35 18] i <- ([#"../02_gnome.rs" 35 12 35 18] i - ([#"../02_gnome.rs" 35 17 35 18] [#"../02_gnome.rs" 35 17 35 18] (1 : usize))); + [#"../02_gnome.rs" 35 12 35 18] i <- ([#"../02_gnome.rs" 35 12 35 18] i - (1 : usize)); [#"../02_gnome.rs" 33 15 36 9] _9 <- ([#"../02_gnome.rs" 33 15 36 9] ()); goto BB15 } diff --git a/creusot/tests/should_succeed/vector/02_gnome/why3session.xml b/creusot/tests/should_succeed/vector/02_gnome/why3session.xml index ecaea744fe..14778d7a1f 100644 --- a/creusot/tests/should_succeed/vector/02_gnome/why3session.xml +++ b/creusot/tests/should_succeed/vector/02_gnome/why3session.xml @@ -23,87 +23,87 @@ - - + + - - + + - - + + - - + + - - + + - + - + - - + + - - + + - - + + - + - - + + - - + + - - + + - + - + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - + - + diff --git a/creusot/tests/should_succeed/vector/02_gnome/why3shapes.gz b/creusot/tests/should_succeed/vector/02_gnome/why3shapes.gz index 1767762b706cc76759256987226de14975ef819f..286c8469c90bc830fc24fd45f78b96e34d974543 100644 GIT binary patch literal 2635 zcmV-R3bgefiwFP!00000|J7JqZyUQ2e%G(i+i6`C;0*6Y@*o6G8K7uiihZm=F1d+N z#d2iDIsNw?axdCltsEDPb1?*Ib~v2-eB}BMH|vKF{ysgdAJg$+cewk@TCH#XxH^6E zySqnV6?@y!wt}8C751dAcu%TIyj}U%zW#W>-5=hwN><9h+1`Ho?DwDi>-_kxQ#ufG zy2DhOcKj_pJoEylC-l3qpsoxF{`HvrDIKReNYOQv((73dEp* z4-^g*OmqSETV{HQKT8cr`t->e)XlO1sseoug>vZMpT4T>}-tP}zwjU2M?RkaDpAOsI-N}FSzq3tg;Y*ofBNM$^qIFM`Po}4#Lfg}< z;;f`+*)oTIA*OWSa)G#;lKaz)TX7t5IO&h+_neen-7UZKud>iJV;jmrO)lZv5~P{w z?;_-IJy|rwe44D+3j(`H-%EMStMA&9a6*HUE&rJFbJ)l2qrXdE@?%b1%UPZNbD!4q z?2kKtcUt*ldN}MKQ@>0*cQsr2hr{ud;`Zq8-qYGSEao3;);qjg?GK0hvo@l3r1Cx; zKYl*>6G7Vc(6Fh;D2C&cF5hhg7D@zw)1HqY}Th{*RwXS+}Fz&{q(K!n6-< zZpK*w|1Wa){_t=bIr(H_c;0c5tKNL}v}A*Fol$h+a_)#MCMI#c9ihlYbXA(XHDw33RF`P% z`Gd6`JYg*N;mFpqEV&?hQ<uo0=gn4g=9nLGgsQYh5oEY6eP*%-MM>EeYzZYA!m~FY|KeE1L3c z`=QJX0`2WC_FVdbc@QMj29fQw+iX!S+SPfJ(GjuGWUq$tJ|7_$A)Arh?n$vOGNRJ& z^@ogTOL;L1d&ho^Ag@o=85nr`_@-&={iY{Q?Ql{fZ2q_Q*-UzGGxX$yF9yEYoZGo2 zg+Fww^!xSMIBX`Pw;4vV_1pLZ^y*;qoVh+g>j#}>xS3Y{fR{y|rK=5M5#l!2ak1ac z#>n@li~c%SDXS_8n)-L?-eywh&CmgxZ_`pGTHYsZ?8?G?Y)13c=GZNne}0=9|sk6Zb|O-5YU!S*82kLpnbC{(d*M zfD1GH+zTpphi%(3JFK{vW`!7+>Tfq!kh~H(z4X1*QkB5zqr5#=m!8@}7UIkmJy#UP zl8Devv<;nOga?X6!d((MJRf`X(4&iN#iGVt(PjU%Vzz|t9!*&ah0oz%c8xlKRrG1dT{%X*-20-GYeChg)q;DL8aQF%0gT{ z3MwULNSHaDi%L(<0eY^Knx|W-ML*hufRvSua*CVTMuE*rVTMimDM?bIQv9|%0*LI6 z09r0snmIRvEajv#L@~k={1f{E{wuYB{uhE|oZa^5-))(LKd~3EpSYE5d-8^ewwhxo zt7PduY5F<+`g?AfTe2=QQTjqcC0UOql1^%Z&ANz}!-i0QbrS)1axY~gl_PFaw(NMh#bR9M~S7OTZobjmpxyTe;o zIic_voy66DUQmEjbjr=4;B0xfYe?^K@&z z=tqZ6y7Z2o54MILooow4WuA#$X*QsfW&=9ecG`(^)5|JL06n0SSw<(bfKGY|oy-L~ zY0|x_-mII$asB@8@G))kT(4G1(m@q;6Cwf!6NLmXR4`mb9}?=dRnAI>=nxz-2iAdc zpdBa&(t&Wm9iRhnz?^l)X{VfY!f{7j$5u7eF)$B?r=%O6Vz5ygp?G5w7#Y{79Fhg$ zkpDk+f>ojxDJTSnkx}6q*|1bM)?1W8t~qmP9U6!Fn;2|tupA=StR`EK8m=`n$#@$C z_daBU9KNkh<&zI}iXy67Ti$qRViX*uw_2#g)?7QT9G8yMChjMSeGTM4)m=6@0^?F+rmhbz&-^WI7lV))Jg#PFN?5 z6WR&&qVA|$HihNku*=gk||#6&$G zFrTtD^ey(o95ld8v=N&~9mb`#QF=o41azq;uqa1}v_ICzCU9!G5VMiU8<7R~yCXie+Mr)-wVI!wD~Bq#F3{ z9-(O`g`%96P79~G)A%!orRhdQmo;Wl$r{mWWSk|bBGhz{*wRjh!m__yWS+%{#?XtY zN2ZW!CQ%5866+f1I#?ouUo<#j8{Q~sz0^t@I$Y62^rD7_OS($(5*+@z@hPk6jS&cz zu@(vvSei1%laTb9tX0UTh!M{4Uop6bDVsFm2fZIf76Sxg*vOeyK(`~_L5Y#SaEP^H z!hlvyQb`DUB}6J+V;WGkiYDd|4YlYCzuM5nBQzKUU6Oz$nhxI(rbTb)q)*bWEoIp{ z%U=py8}tD^rFq%aQ;S-7D?0neyew7_+*z-nj!l$`CmS@2$!e(yLK=?Q t3yaReOP50@Lp=^sCwd()wIL6bkW?5T2$R?pN5qR(X<%R@m>G>&Mrxbq-f{RCcXrarQz)CeC^C{hyK&m_VH)`kRG>B>F~Jk?*Fz`+p9ls zj=%W*{S&Z;y&q`Xz(|?~M^ZO@Bvm8cZ~R*yK0e&ubstzG8|B~KUjOpR-~Hm>mdBex z>4}i@9j4K=;~(kqaTG8kp>L*wx-lg9_e1i>beQWPS$kd^w*wm~J5xkavBBg*4K%XTK~^Pc%AYB*C(6uyLHfW%$K7$tpXxw3QEcG|VuO4h&|R7?&GeiSj;Csq4T_N# z4VHYpDLU>y9Dnvy$9H$#ueTq&nC^Ik${)Mi{r%B@^uMuPE#XU9>-UeHfN+{F@^5oUt9{AdpM= zz6NO)`iBTPJfAFTVm?pS+ZBO*r0=ynmerg7NI0QE&6a;E`RVTB?UTPxzm~_6xSq2) z{^ucW>DeFl{{Fb}hxFLpJ*9D(cJ2e)_{Z*WO!4;M??2GmIV|R%0vjFPZ|=J8;jE3Q zJ*j+1hmW6*{z#B^+hsQQnB1E)aJ2k_NtoD#&l`YeEWGu3fA8;#z(CY^W8G4JYO0jK zBF5(7kV1DK_r*++8yvWW^?H!~F8{`VA~7X?=)Ijj(bj5^!YM#ClcS{nIII;XZrkqD zeSGwPT}Z)(i1Z;HwjJFXnXGT-n!1%OXMJ?c>t2`p#CID{K~dSjqFG%uNcaIy-+pi@*1GkEuLd z`CHBgr{8+A&~}GI_iKtjeEhfnS6w_+Q(r>W6W*^4tyrl=M=LUCmo>X4sEewl=v2Qf z%Y(0I>bD&$x-bawZufEI(hn?yAfY~pVyE9`t7_4&E{hA+s_V_z8Xc^5hUzuFIk)gj zVnbX+rQgEO1q{}*VpjG}+?asHm?t=u2k#$${A{cCXnNk*KlC^?Ehr$Do;DBN<8cBQ zFM?D##itA0+Puqs{T=Id+=y}=(DzymH(bph?e*?d|Max$Z_z@Wxn|^=qL^DEt}A64 zuCK>Mz59G~_VQ=VYTT@8epPr^6LH$# zi6P2Dtbk4@Rx#&7R$WL!FL%bl-S5QC>Km~;IXFGs0ks`+ZHEHSFHQ+KnG$e0n$T_j zm<~^Vyv?U)fGZXBd&dzRZihaEJ(at-tm6yy*Slq_^V;fsz18jPQQ)-o1P*;xh%*;P zE>y*ZsI4x50A*~=0x+L%^(wy(EoTrp;mWkt^?IwDi&ob!wfgS)nQ8X|hA*&a9N_5b zh57CJpFMOmYSFpGSn=_U9gQ5IqY}>|M! zYosb|MnAO#q-mtS9w39r0WxU0_Fmy!on*9fE@@+V-Tro9=uQ};tej|9`25-dO^i8p2(lLBxCp5wjUY zj6fl#Gl&>x5K(JZSR#60GL1ORAVSZ9#9Z_$#nsE7HIFlhsC_R~BTh4jn9m^Mat5jT zE@luhpF#Q*6<{h9+YP@r3p6uJU@8GjwGLq4Bl!uK#IrA!W!fshRE|-ZB{Y~7A1A=1 z)X=_#cpjLPT(&E5Mqtt>@Vv0DSFI1gqzYn?;YClA<{p?7uNb6iD-*j>;si`ejKHLL z-{{1-I>}OCI0BQxRbWzh2~0h%FC)ce>nS(`Q{7UUaS_DuUxadd6@U9iQ?!>2z(k;3 zk8Tc3cEIYPp*GFCZSD@+5BJ^2bX%Hxvr%415Ex>xzycr($RcZ#Y=ev@wp%Nlx|P*Iq8I>O%5E}1PHNZ9t=-OXP#nfqc%eEY!Vn5 zx2POShr;3iWv8`D1d&>Wz%VkZjw~}vAzN=zwsOmvL+j8u)L+D4wyot5xn_ZELCRcf zW|Hx?rRmDI#UO_-Yg75;+mND&Drn2Iha98eD81D}CAQ_-apkyloHlXC@e3Na6lqk- z7_Qq)?}}bVW~}AHGA+rMt>8|e6W|0zZXGvY$&ofn6N3are^$0UK&yfWY;}}@?un8G zK^w#?_`<NPzAn=(_{c;V@2xJTduQuHmMj6g7@|Ana^{W>0H-X?EBNK{E`&{hygh&E$r!P9Y; z97*PceQm!KP|?JkfHNDku*zaI5VA;-8^(uH`XgLZs5k+RmYPM=GD;pJ+({WYCMkN? zB>Yj{F+xMDLtsou28{YINCBa>Od4TwE+rpN(o5RB!7nK8P{h195QOTbAt zWAwVM4$?>dv2H3FpK=yxY@3-jz)iEjSyr;wo8Ws9SpbByi!v zL`4U$sTy*uC8@q0e=`s!Bequ1`A6@AZ!xx6mwaoBwS^RS3Y`L{n3LAYZ^ic*FeG7H zC22SeUaFuNGn|K%B62T>n_n}htW(A*QlOlYPKj?bAd%6VkUZgplypxA)ndq0^wx+r z5n|9`XbK3vqnKKg!O-ntw9(Pf9Scmbmfn9_sgTB^8WaES!qOZ-h@^nJJO)NnM8=qz z5uA(I8mM83?=iA0mEtlm%mH&mnjD4lMiVK41J-Lx(?@<^VYP`tq*_E8vgkIEJn2@J zDVb&&Z-gDeLVu6JDV~%x6p^w@X&U!YNz@o58q8LPdS=#X^A+>UBfU!pp)*a>SqrJ? zy(hLo38T0{*cx;OoMB(v5#V&dTzQn5(}jy%&>Md8JSJAAom?H^uj5P1G6iFlY=NLI zO3y?TUTPu8t6)NlSrSW1P{>!q*x#WuTWT z8q$$&Xb`QY!|)M(vXQBz!eHO1Z>Oht5;23Nt1D4GS) - + diff --git a/creusot/tests/should_succeed/vector/03_knuth_shuffle/why3shapes.gz b/creusot/tests/should_succeed/vector/03_knuth_shuffle/why3shapes.gz index ac07e7a229696bb5e266d266028fc0c56b4b9be6..ccf2f3182a8db4ba5d41d7fb99d69da220b3909c 100644 GIT binary patch literal 651 zcmV;60(AW!iwFP!00000|9wu#z_jK6@YJw%m|kyd-0<06NcCMtn0 zkhc5pcQ7$&NZJd29*^J5yczRj8FX9oYP;agw%x9&?*kPqe=hpJW>>#Kh+%rf34(_) zG7lr<9x4mnCRn@%b`(|S+hOz0Jd{_5oZ$8463why^ z4Q5(BCBuX$U)yGLC~OxZgy!}Z0T4KXaNaNhI_BQQCKGs5n0+Qrhm-YcU(~sm{Msusk3@os zrG(6Zyp_0d%*@<<-b*MT9a6~G&7t0Om#1SVT|tf&%(`jY=G|^?_Ag_d<*qgr%3&mc zmel!?@`;P?jEQ-+eNH1I<6)YXgJtP`WsEXPkMhdsa@;74j4sDU$_rO@;YfMN^f)wf zd==we7g^1!k@8p#&DW4POU4Z8u5i^*(tiOY17q&VB(^a_HgWNPXk>yC7bzZ{~*j5 zsJ%4rbKAPEsa~8wp5}g%JY5A~AJ)H{+I`K=Q0emsASXeSWyDsy7I}OEQlXG5@0XBM z3mml{4Q&vt0?4g<+wN@r=w=R(COzv!4-s!FDiM(8fsC5Edyih7i$2dHmd~OXU38aE{rpB5#6?o=rfJ*e)fG2~C$FyD*S116ECSGxjd|pE zIv^iR?W610v?wYWc4#?7mLXRqsN(Eos){d{jLN9^a#@tRNYxjK)Q8GWtD^k3;NKl9 z>zNv*PHJeYhQ@j7JEV8zsD_%B^b_I&6({sQ2|giO4*IJ6ZTmiOo?VZ_$VXPOY&J8+ z&Zi>Nvzz{We)G(sgiKM6wuj0xxw6%Au5|Tda958Zr$yUWm&n!BH3)TiVM&i#|l<#H#(IGlaQ25mO_gN lv;k#68W0A!0WiQ!Y7!G0ZIqEl7>XLU_z(MQ3Hmk$002KKKLY>& diff --git a/creusot/tests/should_succeed/vector/04_binary_search.mlcfg b/creusot/tests/should_succeed/vector/04_binary_search.mlcfg index b7a25db7fd..4356c7b205 100644 --- a/creusot/tests/should_succeed/vector/04_binary_search.mlcfg +++ b/creusot/tests/should_succeed/vector/04_binary_search.mlcfg @@ -169,39 +169,47 @@ module C04BinarySearch_BinarySearch var _0 : Core_Result_Result_Type.t_result usize usize; var arr : Alloc_Vec_Vec_Type.t_vec uint32 (Alloc_Alloc_Global_Type.t_global) = arr; var elem : uint32 = elem; + var _9 : bool; var _10 : usize; var size : usize; var base : usize; + var _21 : bool; var half : usize; var _25 : bool; var mid : usize; var _29 : usize; + var _30 : bool; var _32 : uint32; var cmp : uint32; var _41 : uint32; + var _44 : bool; + var _48 : bool; + var _51 : usize; { goto BB0 } BB0 { - [#"../04_binary_search.rs" 27 7 27 16] _10 <- ([#"../04_binary_search.rs" 27 7 27 16] len0 ([#"../04_binary_search.rs" 27 7 27 10] arr)); + [#"../04_binary_search.rs" 27 7 27 16] _10 <- ([#"../04_binary_search.rs" 27 7 27 16] len0 arr); goto BB1 } BB1 { - switch ([#"../04_binary_search.rs" 27 7 27 21] _10 = ([#"../04_binary_search.rs" 27 20 27 21] [#"../04_binary_search.rs" 27 20 27 21] (0 : usize))) + [#"../04_binary_search.rs" 27 7 27 21] _9 <- ([#"../04_binary_search.rs" 27 7 27 21] _10 = (0 : usize)); + _10 <- any usize; + switch (_9) | False -> goto BB3 | True -> goto BB2 end } BB2 { - [#"../04_binary_search.rs" 28 15 28 21] _0 <- ([#"../04_binary_search.rs" 28 15 28 21] Core_Result_Result_Type.C_Err ([#"../04_binary_search.rs" 28 19 28 20] [#"../04_binary_search.rs" 28 19 28 20] (0 : usize))); + [#"../04_binary_search.rs" 28 15 28 21] _0 <- ([#"../04_binary_search.rs" 28 15 28 21] Core_Result_Result_Type.C_Err (0 : usize)); goto BB21 } BB3 { - [#"../04_binary_search.rs" 30 19 30 28] size <- ([#"../04_binary_search.rs" 30 19 30 28] len0 ([#"../04_binary_search.rs" 30 19 30 22] arr)); + [#"../04_binary_search.rs" 30 19 30 28] size <- ([#"../04_binary_search.rs" 30 19 30 28] len0 arr); goto BB4 } BB4 { - [#"../04_binary_search.rs" 31 19 31 20] base <- ([#"../04_binary_search.rs" 31 19 31 20] [#"../04_binary_search.rs" 31 19 31 20] (0 : usize)); + [#"../04_binary_search.rs" 31 19 31 20] base <- ([#"../04_binary_search.rs" 31 19 31 20] (0 : usize)); goto BB5 } BB5 { @@ -211,24 +219,26 @@ module C04BinarySearch_BinarySearch goto BB6 } BB6 { - switch ([#"../04_binary_search.rs" 36 10 36 18] ([#"../04_binary_search.rs" 36 10 36 14] size) > ([#"../04_binary_search.rs" 36 17 36 18] [#"../04_binary_search.rs" 36 17 36 18] (1 : usize))) + [#"../04_binary_search.rs" 36 10 36 18] _21 <- ([#"../04_binary_search.rs" 36 10 36 18] size > (1 : usize)); + switch (_21) | False -> goto BB13 | True -> goto BB7 end } BB7 { - [#"../04_binary_search.rs" 37 19 37 27] _25 <- ([#"../04_binary_search.rs" 37 19 37 27] ([#"../04_binary_search.rs" 37 26 37 27] [#"../04_binary_search.rs" 37 26 37 27] (2 : usize)) = ([#"../04_binary_search.rs" 37 19 37 27] [#"../04_binary_search.rs" 37 19 37 27] (0 : usize))); + [#"../04_binary_search.rs" 37 19 37 27] _25 <- ([#"../04_binary_search.rs" 37 19 37 27] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../04_binary_search.rs" 37 19 37 27] not _25 }; goto BB8 } BB8 { - [#"../04_binary_search.rs" 37 19 37 27] half <- ([#"../04_binary_search.rs" 37 19 37 27] ([#"../04_binary_search.rs" 37 19 37 23] size) / ([#"../04_binary_search.rs" 37 26 37 27] [#"../04_binary_search.rs" 37 26 37 27] (2 : usize))); - [#"../04_binary_search.rs" 38 18 38 29] mid <- ([#"../04_binary_search.rs" 38 18 38 29] ([#"../04_binary_search.rs" 38 18 38 22] base) + ([#"../04_binary_search.rs" 38 25 38 29] half)); - [#"../04_binary_search.rs" 40 21 40 26] _32 <- ([#"../04_binary_search.rs" 40 21 40 26] index0 ([#"../04_binary_search.rs" 40 18 40 21] arr) ([#"../04_binary_search.rs" 40 22 40 25] mid)); + [#"../04_binary_search.rs" 37 19 37 27] half <- ([#"../04_binary_search.rs" 37 19 37 27] size / (2 : usize)); + [#"../04_binary_search.rs" 38 18 38 29] mid <- ([#"../04_binary_search.rs" 38 18 38 29] base + half); + [#"../04_binary_search.rs" 40 21 40 26] _32 <- ([#"../04_binary_search.rs" 40 21 40 26] index0 arr mid); goto BB9 } BB9 { - switch ([#"../04_binary_search.rs" 40 18 40 33] ([#"../04_binary_search.rs" 40 18 40 26] _32) > ([#"../04_binary_search.rs" 40 29 40 33] elem)) + [#"../04_binary_search.rs" 40 18 40 33] _30 <- ([#"../04_binary_search.rs" 40 18 40 33] _32 > elem); + switch (_30) | False -> goto BB11 | True -> goto BB10 end @@ -243,37 +253,41 @@ module C04BinarySearch_BinarySearch } BB12 { [#"../04_binary_search.rs" 40 8 40 55] base <- ([#"../04_binary_search.rs" 40 8 40 55] _29); - [#"../04_binary_search.rs" 40 8 40 55] _29 <- any usize; - [#"../04_binary_search.rs" 41 8 41 20] size <- ([#"../04_binary_search.rs" 41 8 41 20] size - ([#"../04_binary_search.rs" 41 16 41 20] half)); + _29 <- any usize; + [#"../04_binary_search.rs" 41 8 41 20] size <- ([#"../04_binary_search.rs" 41 8 41 20] size - half); goto BB5 } BB13 { - [#"../04_binary_search.rs" 44 17 44 23] _41 <- ([#"../04_binary_search.rs" 44 17 44 23] index0 ([#"../04_binary_search.rs" 44 14 44 17] arr) ([#"../04_binary_search.rs" 44 18 44 22] base)); + [#"../04_binary_search.rs" 44 17 44 23] _41 <- ([#"../04_binary_search.rs" 44 17 44 23] index0 arr base); goto BB14 } BB14 { [#"../04_binary_search.rs" 44 14 44 23] cmp <- ([#"../04_binary_search.rs" 44 14 44 23] _41); - switch ([#"../04_binary_search.rs" 45 7 45 18] ([#"../04_binary_search.rs" 45 7 45 10] cmp) = ([#"../04_binary_search.rs" 45 14 45 18] elem)) + [#"../04_binary_search.rs" 45 7 45 18] _44 <- ([#"../04_binary_search.rs" 45 7 45 18] cmp = elem); + switch (_44) | False -> goto BB16 | True -> goto BB15 end } BB15 { - [#"../04_binary_search.rs" 46 8 46 16] _0 <- ([#"../04_binary_search.rs" 46 8 46 16] Core_Result_Result_Type.C_Ok ([#"../04_binary_search.rs" 46 11 46 15] base)); + [#"../04_binary_search.rs" 46 8 46 16] _0 <- ([#"../04_binary_search.rs" 46 8 46 16] Core_Result_Result_Type.C_Ok base); goto BB20 } BB16 { - switch ([#"../04_binary_search.rs" 47 14 47 24] ([#"../04_binary_search.rs" 47 14 47 17] cmp) < ([#"../04_binary_search.rs" 47 20 47 24] elem)) + [#"../04_binary_search.rs" 47 14 47 24] _48 <- ([#"../04_binary_search.rs" 47 14 47 24] cmp < elem); + switch (_48) | False -> goto BB18 | True -> goto BB17 end } BB17 { - [#"../04_binary_search.rs" 48 8 48 21] _0 <- ([#"../04_binary_search.rs" 48 8 48 21] Core_Result_Result_Type.C_Err ([#"../04_binary_search.rs" 48 12 48 20] ([#"../04_binary_search.rs" 48 12 48 16] base) + ([#"../04_binary_search.rs" 48 19 48 20] [#"../04_binary_search.rs" 48 19 48 20] (1 : usize)))); + [#"../04_binary_search.rs" 48 12 48 20] _51 <- ([#"../04_binary_search.rs" 48 12 48 20] base + (1 : usize)); + [#"../04_binary_search.rs" 48 8 48 21] _0 <- ([#"../04_binary_search.rs" 48 8 48 21] Core_Result_Result_Type.C_Err _51); + _51 <- any usize; goto BB19 } BB18 { - [#"../04_binary_search.rs" 50 8 50 17] _0 <- ([#"../04_binary_search.rs" 50 8 50 17] Core_Result_Result_Type.C_Err ([#"../04_binary_search.rs" 50 12 50 16] base)); + [#"../04_binary_search.rs" 50 8 50 17] _0 <- ([#"../04_binary_search.rs" 50 8 50 17] Core_Result_Result_Type.C_Err base); goto BB19 } BB19 { diff --git a/creusot/tests/should_succeed/vector/04_binary_search/why3session.xml b/creusot/tests/should_succeed/vector/04_binary_search/why3session.xml index 32032521f5..b7f40b7f4c 100644 --- a/creusot/tests/should_succeed/vector/04_binary_search/why3session.xml +++ b/creusot/tests/should_succeed/vector/04_binary_search/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/vector/04_binary_search/why3shapes.gz b/creusot/tests/should_succeed/vector/04_binary_search/why3shapes.gz index a9085a3afd52153cd776dbbda8579ba0c169b26b..60fe18e3929a7ec21dad323ba9edb028ba4a5bf6 100644 GIT binary patch literal 467 zcmV;^0WAI>iwFP!00000|CLfrbDKa6z4I%$wT&;U-369Tof*ah1E*d(x-tsJF%tqU z{%HE|y9ux`d%OWb3GiIzWeNl{@o|<_=B46ERkg%eOXgm zcaO(CX=vN_Kg;KSTelp6j(yp5M|!3gmW+gVkiwJ&LS`ie@;T%v<`7WMA;ZA*q>~mF z{Db~tv`92$TfdZT|JYOvLpuQiD>Ubl{BdBwFtNg+9EIa$0xT*Ev&5rsYpPB2 zwBM42)^+F<Dh91V8++X_8foT42jW^gIh85VUe~R`A#zDxlN1y0?5_ zHPv)xw7v!(Q2_A}fd(F{ajC!+*~#Yzs$UH28$I8`0KTX1&S;{7tN&g*1dFvpaBc0Y zBa9tK9Gyx(xNVTvwmsb*hdz?7-qE|}&|=ZxFkXIJurUZVmwj{u$V)u&uuvWpOigFz zTI6)4xo|keMb3wl9})Xvl%o~;^UN?P-x$WCFc= goto BB7 | True -> goto BB5 end @@ -377,7 +382,7 @@ module C05BinarySearchGeneric_BinarySearch assume { resolve2 elem }; assert { [@expl:type invariant] inv0 arr }; assume { resolve0 arr }; - [#"../05_binary_search_generic.rs" 32 15 32 21] _0 <- ([#"../05_binary_search_generic.rs" 32 15 32 21] Core_Result_Result_Type.C_Err ([#"../05_binary_search_generic.rs" 32 19 32 20] [#"../05_binary_search_generic.rs" 32 19 32 20] (0 : usize))); + [#"../05_binary_search_generic.rs" 32 15 32 21] _0 <- ([#"../05_binary_search_generic.rs" 32 15 32 21] Core_Result_Result_Type.C_Err (0 : usize)); goto BB29 } BB6 { @@ -385,11 +390,11 @@ module C05BinarySearchGeneric_BinarySearch absurd } BB7 { - [#"../05_binary_search_generic.rs" 34 26 34 35] size <- ([#"../05_binary_search_generic.rs" 34 26 34 35] len0 ([#"../05_binary_search_generic.rs" 34 26 34 29] arr)); + [#"../05_binary_search_generic.rs" 34 26 34 35] size <- ([#"../05_binary_search_generic.rs" 34 26 34 35] len0 arr); goto BB8 } BB8 { - [#"../05_binary_search_generic.rs" 35 26 35 27] base <- ([#"../05_binary_search_generic.rs" 35 26 35 27] [#"../05_binary_search_generic.rs" 35 26 35 27] (0 : usize)); + [#"../05_binary_search_generic.rs" 35 26 35 27] base <- ([#"../05_binary_search_generic.rs" 35 26 35 27] (0 : usize)); goto BB9 } BB9 { @@ -405,26 +410,27 @@ module C05BinarySearchGeneric_BinarySearch goto BB12 } BB12 { - switch ([#"../05_binary_search_generic.rs" 40 10 40 18] ([#"../05_binary_search_generic.rs" 40 10 40 14] size) > ([#"../05_binary_search_generic.rs" 40 17 40 18] [#"../05_binary_search_generic.rs" 40 17 40 18] (1 : usize))) + [#"../05_binary_search_generic.rs" 40 10 40 18] _21 <- ([#"../05_binary_search_generic.rs" 40 10 40 18] size > (1 : usize)); + switch (_21) | False -> goto BB20 | True -> goto BB13 end } BB13 { - [#"../05_binary_search_generic.rs" 41 19 41 27] _25 <- ([#"../05_binary_search_generic.rs" 41 19 41 27] ([#"../05_binary_search_generic.rs" 41 26 41 27] [#"../05_binary_search_generic.rs" 41 26 41 27] (2 : usize)) = ([#"../05_binary_search_generic.rs" 41 19 41 27] [#"../05_binary_search_generic.rs" 41 19 41 27] (0 : usize))); + [#"../05_binary_search_generic.rs" 41 19 41 27] _25 <- ([#"../05_binary_search_generic.rs" 41 19 41 27] (2 : usize) = (0 : usize)); assert { [@expl:division by zero] [#"../05_binary_search_generic.rs" 41 19 41 27] not _25 }; goto BB14 } BB14 { - [#"../05_binary_search_generic.rs" 41 19 41 27] half <- ([#"../05_binary_search_generic.rs" 41 19 41 27] ([#"../05_binary_search_generic.rs" 41 19 41 23] size) / ([#"../05_binary_search_generic.rs" 41 26 41 27] [#"../05_binary_search_generic.rs" 41 26 41 27] (2 : usize))); - [#"../05_binary_search_generic.rs" 42 18 42 29] mid <- ([#"../05_binary_search_generic.rs" 42 18 42 29] ([#"../05_binary_search_generic.rs" 42 18 42 22] base) + ([#"../05_binary_search_generic.rs" 42 25 42 29] half)); - [#"../05_binary_search_generic.rs" 44 21 44 26] _32 <- ([#"../05_binary_search_generic.rs" 44 21 44 26] index0 ([#"../05_binary_search_generic.rs" 44 18 44 21] arr) ([#"../05_binary_search_generic.rs" 44 22 44 25] mid)); + [#"../05_binary_search_generic.rs" 41 19 41 27] half <- ([#"../05_binary_search_generic.rs" 41 19 41 27] size / (2 : usize)); + [#"../05_binary_search_generic.rs" 42 18 42 29] mid <- ([#"../05_binary_search_generic.rs" 42 18 42 29] base + half); + [#"../05_binary_search_generic.rs" 44 21 44 26] _32 <- ([#"../05_binary_search_generic.rs" 44 21 44 26] index0 arr mid); goto BB15 } BB15 { assert { [@expl:type invariant] inv1 _32 }; assume { resolve1 _32 }; - [#"../05_binary_search_generic.rs" 44 18 44 33] _30 <- ([#"../05_binary_search_generic.rs" 44 18 44 33] gt0 ([#"../05_binary_search_generic.rs" 44 18 44 26] _32) ([#"../05_binary_search_generic.rs" 44 29 44 33] elem)); + [#"../05_binary_search_generic.rs" 44 18 44 33] _30 <- ([#"../05_binary_search_generic.rs" 44 18 44 33] gt0 _32 elem); goto BB16 } BB16 { @@ -443,14 +449,14 @@ module C05BinarySearchGeneric_BinarySearch } BB19 { [#"../05_binary_search_generic.rs" 44 8 44 55] base <- ([#"../05_binary_search_generic.rs" 44 8 44 55] _29); - [#"../05_binary_search_generic.rs" 44 8 44 55] _29 <- any usize; - [#"../05_binary_search_generic.rs" 46 8 46 20] size <- ([#"../05_binary_search_generic.rs" 46 8 46 20] size - ([#"../05_binary_search_generic.rs" 46 16 46 20] half)); + _29 <- any usize; + [#"../05_binary_search_generic.rs" 46 8 46 20] size <- ([#"../05_binary_search_generic.rs" 46 8 46 20] size - half); goto BB11 } BB20 { assert { [@expl:type invariant] inv0 arr }; assume { resolve0 arr }; - [#"../05_binary_search_generic.rs" 49 18 49 24] _41 <- ([#"../05_binary_search_generic.rs" 49 18 49 24] index0 ([#"../05_binary_search_generic.rs" 49 15 49 18] arr) ([#"../05_binary_search_generic.rs" 49 19 49 23] base)); + [#"../05_binary_search_generic.rs" 49 18 49 24] _41 <- ([#"../05_binary_search_generic.rs" 49 18 49 24] index0 arr base); goto BB21 } BB21 { @@ -462,7 +468,7 @@ module C05BinarySearchGeneric_BinarySearch [#"../05_binary_search_generic.rs" 51 18 51 23] _47 <- ([#"../05_binary_search_generic.rs" 51 18 51 23] elem); assert { [@expl:type invariant] inv1 _47 }; assume { resolve1 _47 }; - [#"../05_binary_search_generic.rs" 51 10 51 24] _44 <- ([#"../05_binary_search_generic.rs" 51 10 51 24] cmp0 ([#"../05_binary_search_generic.rs" 51 10 51 13] cmp) ([#"../05_binary_search_generic.rs" 51 18 51 23] _47)); + [#"../05_binary_search_generic.rs" 51 10 51 24] _44 <- ([#"../05_binary_search_generic.rs" 51 10 51 24] cmp0 cmp _47); goto BB22 } BB22 { @@ -481,15 +487,17 @@ module C05BinarySearchGeneric_BinarySearch goto BB26 } BB25 { - [#"../05_binary_search_generic.rs" 54 29 54 38] _0 <- ([#"../05_binary_search_generic.rs" 54 29 54 38] Core_Result_Result_Type.C_Err ([#"../05_binary_search_generic.rs" 54 33 54 37] base)); + [#"../05_binary_search_generic.rs" 54 29 54 38] _0 <- ([#"../05_binary_search_generic.rs" 54 29 54 38] Core_Result_Result_Type.C_Err base); goto BB28 } BB26 { - [#"../05_binary_search_generic.rs" 52 27 52 35] _0 <- ([#"../05_binary_search_generic.rs" 52 27 52 35] Core_Result_Result_Type.C_Ok ([#"../05_binary_search_generic.rs" 52 30 52 34] base)); + [#"../05_binary_search_generic.rs" 52 27 52 35] _0 <- ([#"../05_binary_search_generic.rs" 52 27 52 35] Core_Result_Result_Type.C_Ok base); goto BB28 } BB27 { - [#"../05_binary_search_generic.rs" 53 26 53 39] _0 <- ([#"../05_binary_search_generic.rs" 53 26 53 39] Core_Result_Result_Type.C_Err ([#"../05_binary_search_generic.rs" 53 30 53 38] ([#"../05_binary_search_generic.rs" 53 30 53 34] base) + ([#"../05_binary_search_generic.rs" 53 37 53 38] [#"../05_binary_search_generic.rs" 53 37 53 38] (1 : usize)))); + [#"../05_binary_search_generic.rs" 53 30 53 38] _50 <- ([#"../05_binary_search_generic.rs" 53 30 53 38] base + (1 : usize)); + [#"../05_binary_search_generic.rs" 53 26 53 39] _0 <- ([#"../05_binary_search_generic.rs" 53 26 53 39] Core_Result_Result_Type.C_Err _50); + _50 <- any usize; goto BB28 } BB28 { diff --git a/creusot/tests/should_succeed/vector/05_binary_search_generic/why3session.xml b/creusot/tests/should_succeed/vector/05_binary_search_generic/why3session.xml index a08f3afa12..42a6120b1e 100644 --- a/creusot/tests/should_succeed/vector/05_binary_search_generic/why3session.xml +++ b/creusot/tests/should_succeed/vector/05_binary_search_generic/why3session.xml @@ -13,107 +13,107 @@ - - + + - - + + - - + + - + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - + - + - + - - + + - - + + - - + + - - + + - - + + - + - - + + - - + + - + - + - + - - + + - - + + - - + + - + - - + + - - + + - + - + diff --git a/creusot/tests/should_succeed/vector/05_binary_search_generic/why3shapes.gz b/creusot/tests/should_succeed/vector/05_binary_search_generic/why3shapes.gz index d3fe3766c33e4533ef103ff53a5b5e7187447b6e..3969b8deb4a329251aa1341000080cb4dfcfbd1f 100644 GIT binary patch literal 2603 zcmV+`3e@!~5*MC5^S~v24KBP$aABuz2c1{q?8$_Pu*b+xc_aY?tfDf6nFnr@zg1 zAKmitSvBOY8_I_EL(#z9%)NQ*R_XEG?!7|=tJV5{4B}xb@$g@>O_xd zC~nuioazU%ABeFg+3%ky!TE`ID7wS+?&-Bn+yVHH9*%)dbnkYOG7Qan?Y6_r}+%J zUx+C^9cCBxh`Y&b17bqlYCP>n;L<96m_2P$SU<+)4%0z#OQ-1pqwK7?vJW=|QW*IO zw@dz)PAHJNXqN8It+uINK)<_PX%_~jw#(ns%eK7RrXr3m`1?qz8<+L-8qmjq48>-v z_4;X!E^wQrd)(n@xkKf{lPrf{iu&1sS`!|S;RP&5bSMt49=J@pVdS*<{RmvyHbHkc z_D%K22|q2%DfdWUba@wy$9P^me0$c3yXo=8(IHa$1tj0lZ}jd@p0#0gZ{aZW5(OvM zLr=K_byPqPKu7WOuOaR#5NNlri>BRgPwBwuncJl8di9+4(f;7qpC03ubhb}VzK zdFJp856^D(DV-N^51dvZ+Ky^gZik(5I@p41gZcUm;d9mIpk9p{$*Oh_->3W01r=+< z??dS>wRPfcg&BAOZ(_;=^e2wfyR@0Fu{X+i*51Kg{06A$uKa0N#5l#(g`eA%Rwgc= zm!-*?``_ljr_H*ow&DjQxaat8VKz>y==*$j=S!!WDw*j0u#6W84d_!u&XNZgN7OmJ z**!4mZ@i2SH@=^*w|A3U|K3!enyRgJc>BEtTb=*FNU6{Gr|)D2)L=#N=zCGW7};Iy z@w9rtt-C4w`{fg@i&R-#)5X}uYkGl)i%h-aHB80f%)Kv$Ok14e<6=bH&R0PDk_yF- zLk9ih$kG=WRQA9{V$%u$!(<45pm@WydSe5#O`B)eHZU(&ak#Xgz-0vmjtrcr#BlQ5 z%dQ)$sp96Qvb;WQHk*bEygB@AIKLe;0%t~qYM2W2wo7rnieLVV)BPi0sFw|T<%YAx zIA1OfU12rPPA1-l)A3ihJ;V}zYvZO4P)Dn7w1f6L=x~GAVyrEQo*-!A@SgTUpqLBN^I8iaDNek2dlcZRNJ`Bb=4f~^BHJv^_ z>QuXgjo!%W3on`5U-~jLh?An{G=a`XObc671cFRpbJM{tg9+?1wU`}3*L|KHJvB#N z_UEJ9ojt9$yU`==1$GE}B!53h9HQ$$J69Am=TqwE3)87!7cmmI4Zp$N{V;inF1HTt zkC2^d%uh(S*Ao~ku+^i51` ziM!)pC`LBa#KvB{R*Sp)T7nJ=1*=SE==Ny|5-=`7TntOlUMUxc5_Hg8XZsQ)4kZ8( zQX5Wn@V4;ubom+m;)1a@EH0uiBYhyEvQhCdeVH-CS>4a-Hb`;MhO5Rb*%u$KM#YDV zV}7)|`_xehQ-8w5YZxXsE~|2RzVdK>zVf`xXK}=5@dZBbGd`ZEAMu0mg&Y>*0uJM* z5pO0X=U^70yny*oaoYX}Ta}t$XU)w#uQzkQd~}=N9?-L!@P0N+kqKrT!%aznjzS40 zh07{Atz8UrqpeYvYD@7`S}H8%mNHAhQfeu&#%imqw8C=BEY4aoGf{{bgp7ssI zAZOyV0x4AVbHJU{0@P1psrjQ8GCByq%z=;D(3n(^y#-}KS`Zfa*H~ka zxN{IVGlFX!g4bEah}A-AC%Kw4Y8kO$Ea=y=iEi@3D^I-ARAs89Fbc{sMKDJBYLi(8 zuWmUL?J<*3&{SlTqHr4B%(MzdP#I;ltSpn33CsAa+m}A+WLW0h8yZqn%!8*)#-OE? zl*~CVx;e8PEXM({%vh#h83kYj1m&F|(lEt2a0I1Y_E~|^v@ncI%f%J2cweHJB<78A z98*C;j|9TB4*{c8bZoyC9Fj?pg0q|h2Dx%V3&nGgK6|E(Z(XCViO6W?G3OAxA&EI4 zOCodDG*S;H0^x-++*m=%C)d{jg;|dqB#tv)Mr}BzRFN5$FU17qG!;++tf1G2hCB|L zVgAfPL3Ap40+3izOvk{1RcOKr{AAw?BN9mm6F83qbDvYvN23yD$#WeO=Y?ejn*8oa zrI(nfX=Y68Oe7OR7*2ImAsMY`s7S>R0#-|pX~Y?s89G;Bf(;sr8s-zD2#GaRP`yw; z0$9#vR)k>}p_KNC%krx@AW02Pn1|C`QY(oSh)e%Ks42eIl8B}-fS`|)1Lm-NGR#om z*j!30g_Yb&W+i-6EGi0*F@#APW1R`^9S35tc=&7#X3UC3T@Q{+lsfIOff3kH1O`Ew zOf}&kGBu%IsJhC7OB21(70FnyVp_2D>cuhsGisR7^;G z!<}Z52A(q1-d2HC^qQbzl#ylZfTN^>6TCkx6GTyk4+jLAx)$W>xCBy2du4!mp>)8i z9|HES3ZDf?C|6q}^?jf@0+a-i@Wp^nhky-};UYUjA|b?!Tr#Z^^&h`7v=BKyC>%Dk ziY5jU9~I7*Xv79Ur<|+T5SRR30I_e&QYVSkU+~hF;Qvev#aO`J#l;FxeP4_b(>lJy z@KVcfcocI50Md{~9?`22O6JhSDr1%Ywk19Cz^QXA;gb|dq|sq-mjwjI9KM<6npq82 z(<@*B#K3hTo)K4mQBV>2u0_f?<%x*}3qD&lzaAnVJ>C*N*i{5U2)>u_DMta5yee&Z zMO2@&8vlu_;gT)_&r%sD86n(diH`+g@YUdA3Xyb;n0_UWkPsyv9-ks!$s8H-l?mq@ zct9MidsMe=)GOJ9WRfybN=*qUz@9_0ASE{T0bgtQgf`R~Vl~R@ud<_r#^yT|k})Z; zyG?*k1n)(uR6Z9w$T`EU!B6;FYXn;;z%wO$hUXly$;ak2Wg(>l%|f+S`DA1@D8An2 N{{i$1!RMVS006>s`UC&~ literal 2488 zcmV;p2}kxHiwFP!00000|IJugj~lrWe%G(iTasM_Ad7ck2M~-=I6$!b67=hUr!7Pt zjU{>F-Cv&~yIbmR9jjg2Giwh#)npwXi*?a|{b9cQ;GWWM{+zbE)#mXZb2sOgUFLwkoPyN3?RJ=i zGq>Ap_bHNrE>f6gHJ=U?xU^0mXHVM{Hji<&$8u2I(rJ3YEW2o~@F7DWB_cl~yX1fA zgaSEi&i21Nr8!!1+m(CV&)hccHtXlq8UE?OceJ`&{hF?u^=_An2zukkkyJ;Q{mUBA z-GL0nX6w!7>4*`j6#{)TJk)CVQPj_lQ8oz)GQ5k`C^E{CYc$>_-7s=q{C)(kuuae{ z$G)llIOC^PIpqQARhM^pd5Y)i;oGxL+)Ym}jt-I1-$3#m{YIC6@T?7^2MfoQYauwf z9(v9lr~?80bBMBT2Xx`v05$c>ubOQjR&MFmc+&+)xA9ZE(_TbeJ+Df`pZj0tzozY` z?6%^o#|OXp{1|r*c}~s24C(YfZRZ=D88V(_HqLoGV7??eQ2yhIzo$wjdOxn>O+p6~ zq>7vioHA#W%^8a99-iI$bGpRr9$1C_Ok1ieS#+@86|eJG)A1jw>;YSg{vx`%J;HZM zz&&u+yhAnvndtkx6!Fv6|sNkwSMXyGUWL3+<4{dgo4aM5eS^0jE6AB8|2q^cWo zFw=1q;<&2&)iNjI9ujwz(hXC0{ia$B61*JeG%{NDVHH^%rnben=rl|Oy7+@Vi?eCZ z!j;>4Rsr5q;wZgb+!lpcCvJ&CWE;iFa)Ln&(A<<~DAHaD52Pg+hI*j}`EgOx9XcOH zXsCfveve1r!4}RIBdu5F=)0c>@m=IET>SM&m#yXUdjjgX)o?Kc#l;m+vtuT@FSC<( z&uGs3a&noor_F9ZdQn^p26ZBTKd1v-EoTD{6*QMi;g=iBAUC%Kpc#GX<^8C#buY4^ z{SmSY!(i?l3F=-y0U2GoLV^o~HcEp9(P9LK`4od&A*&Kv#j7tGG#HE07Tui#g(Ja53SI4Ho zS$hxAH4Wa4497}(p}aS<=G{DRwsXIFblYDZaBAI#53?C4P?|@Xq!OHQMzqT;N|lwy zT#qm}${J~@wp3Y)gs_xb$}9y-sinjktF5xq3d=3CxN6DFL?L1jG8!I$h#+!;oQcy4 zq)^e%0XeA!sQ(g6&F{4!cxK*E#4L59Nq~(GA2_E3d{JnHJh^t z%4Ok1Wbli$|3@t#o3*qBWw#50;b%Q<4qlEj^-bFM8{ zmP^Y~j9bnu2g|AD_g>Tu>{>3tRyf8={gR+? zkc=`4N26hclH?Op9utTO!d#M}fKp%;wTiqvI+da@L}g7VXN;noa0bK?)Hs}pf(bR6 zj8*IvF&Y6z1)8(MQIV!BaZZ+|4E~N~+NK_&du^C1CuNK#2JvER5ulQZK2vQnBtb;? z{8IdNVFs$pGZE(otX`O-IMZQ^Mxc=fiBGFC-YIF7=w5HHjn`>TWc0c;LdtaTI3ME? zoX0;Jm??NQu?lY=h1Kh{NRB-qWv#G9Fd>5^0=p#^M@Lu=OwBd38my+T3sWg#bmX8o zj;jo3{Dglq2*Wcv)#(BgADWu~8Ng!Fd!9>CGFZc%&Ya?_$S9n>qtvGQw0)jxX|?z> zK<0r^S}s0@%p&0HP2d!+jU!PTjNrK;R-+(7R$rCEoEz`})Crex&=0{IhVNj>o=vP|9w^tC a end end -module CreusotContracts_Std1_Iter_MapInv_MapInv_Type - use seq.Seq - use prelude.Snapshot - type t_mapinv 'i 'b 'f = - | C_MapInv 'i 'f (Snapshot.snap_ty (Seq.seq 'b)) - - let function mapinv_iter (self : t_mapinv 'i 'b 'f) : 'i = [@vc:do_not_keep_trace] [@vc:sp] - match self with - | C_MapInv a _ _ -> a - end - let function mapinv_func (self : t_mapinv 'i 'b 'f) : 'f = [@vc:do_not_keep_trace] [@vc:sp] - match self with - | C_MapInv _ a _ -> a - end - let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Snapshot.snap_ty (Seq.seq 'b) - = [@vc:do_not_keep_trace] [@vc:sp] - match self with - | C_MapInv _ _ a -> a - end -end module Core_Ops_Range_Range_Type type t_range 'idx = | C_Range 'idx 'idx @@ -277,7 +263,7 @@ module C06KnightsTour_Impl1_New_Closure3 } BB0 { assume { resolve0 _1 }; - [#"../06_knights_tour.rs" 44 23 44 36] res <- ([#"../06_knights_tour.rs" 44 23 44 36] from_elem0 ([#"../06_knights_tour.rs" 44 28 44 29] [#"../06_knights_tour.rs" 44 28 44 29] (0 : usize)) ([#"../06_knights_tour.rs" 44 31 44 35] field_00 ( * _1))); + [#"../06_knights_tour.rs" 44 23 44 36] res <- ([#"../06_knights_tour.rs" 44 23 44 36] from_elem0 (0 : usize) (field_00 ( * _1))); goto BB1 } BB1 { @@ -285,7 +271,7 @@ module C06KnightsTour_Impl1_New_Closure3 } BB2 { [#"../06_knights_tour.rs" 43 16 43 50] _0 <- ([#"../06_knights_tour.rs" 43 16 43 50] res); - [#"../06_knights_tour.rs" 43 16 43 50] res <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + res <- any Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); goto BB3 } BB3 { @@ -293,6 +279,26 @@ module C06KnightsTour_Impl1_New_Closure3 } end +module CreusotContracts_Std1_Iter_MapInv_MapInv_Type + use seq.Seq + use prelude.Snapshot + type t_mapinv 'i 'b 'f = + | C_MapInv 'i 'f (Snapshot.snap_ty (Seq.seq 'b)) + + let function mapinv_iter (self : t_mapinv 'i 'b 'f) : 'i = [@vc:do_not_keep_trace] [@vc:sp] + match self with + | C_MapInv a _ _ -> a + end + let function mapinv_func (self : t_mapinv 'i 'b 'f) : 'f = [@vc:do_not_keep_trace] [@vc:sp] + match self with + | C_MapInv _ a _ -> a + end + let function mapinv_produced (self : t_mapinv 'i 'b 'f) : Snapshot.snap_ty (Seq.seq 'b) + = [@vc:do_not_keep_trace] [@vc:sp] + match self with + | C_MapInv _ _ a -> a + end +end module C06KnightsTour_Impl1_New use prelude.UIntSize use seq.Seq @@ -683,11 +689,17 @@ module C06KnightsTour_Impl1_New var size : usize = size; var rows : Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global); var _6 : CreusotContracts_Std1_Iter_MapInv_MapInv_Type.t_mapinv (Core_Ops_Range_Range_Type.t_range usize) usize C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3; + var _7 : Core_Ops_Range_Range_Type.t_range usize; + var _9 : C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3; { goto BB0 } BB0 { - [#"../06_knights_tour.rs" 41 19 45 13] _6 <- ([#"../06_knights_tour.rs" 41 19 45 13] map_inv0 ([#"../06_knights_tour.rs" 41 19 41 28] Core_Ops_Range_Range_Type.C_Range ([#"../06_knights_tour.rs" 41 20 41 21] [#"../06_knights_tour.rs" 41 20 41 21] (0 : usize)) ([#"../06_knights_tour.rs" 41 23 41 27] size)) ([#"../06_knights_tour.rs" 43 16 43 50] C06KnightsTour_Impl1_New_Closure3.C06KnightsTour_Impl1_New_Closure3 ([#"../06_knights_tour.rs" 43 16 43 50] size))); + [#"../06_knights_tour.rs" 41 19 41 28] _7 <- ([#"../06_knights_tour.rs" 41 19 41 28] Core_Ops_Range_Range_Type.C_Range (0 : usize) size); + [#"../06_knights_tour.rs" 43 16 43 50] _9 <- ([#"../06_knights_tour.rs" 43 16 43 50] C06KnightsTour_Impl1_New_Closure3.C06KnightsTour_Impl1_New_Closure3 size); + [#"../06_knights_tour.rs" 41 19 45 13] _6 <- ([#"../06_knights_tour.rs" 41 19 45 13] map_inv0 _7 _9); + _7 <- any Core_Ops_Range_Range_Type.t_range usize; + _9 <- any C06KnightsTour_Impl1_New_Closure3.c06knightstour_impl1_new_closure3; goto BB1 } BB1 { @@ -696,8 +708,8 @@ module C06KnightsTour_Impl1_New goto BB2 } BB2 { - [#"../06_knights_tour.rs" 47 8 47 34] _0 <- ([#"../06_knights_tour.rs" 47 8 47 34] C06KnightsTour_Board_Type.C_Board ([#"../06_knights_tour.rs" 47 15 47 19] size) ([#"../06_knights_tour.rs" 47 28 47 32] rows)); - [#"../06_knights_tour.rs" 47 28 47 32] rows <- any Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global); + [#"../06_knights_tour.rs" 47 8 47 34] _0 <- ([#"../06_knights_tour.rs" 47 8 47 34] C06KnightsTour_Board_Type.C_Board size rows); + rows <- any Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global); goto BB3 } BB3 { @@ -903,37 +915,55 @@ module C06KnightsTour_Impl1_Available var _0 : bool; var self : C06KnightsTour_Board_Type.t_board = self; var p : C06KnightsTour_Point_Type.t_point = p; + var _5 : bool; + var _7 : bool; + var _8 : usize; + var _11 : bool; + var _13 : bool; + var _14 : usize; var _18 : usize; var _20 : Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global); + var _22 : usize; + var _24 : usize; { goto BB0 } BB0 { - switch ([#"../06_knights_tour.rs" 53 8 53 16] ([#"../06_knights_tour.rs" 53 8 53 9] [#"../06_knights_tour.rs" 53 8 53 9] (0 : isize)) <= ([#"../06_knights_tour.rs" 53 13 53 16] C06KnightsTour_Point_Type.point_x p)) + [#"../06_knights_tour.rs" 53 8 53 16] _5 <- ([#"../06_knights_tour.rs" 53 8 53 16] (0 : isize) <= C06KnightsTour_Point_Type.point_x p); + switch (_5) | False -> goto BB8 | True -> goto BB1 end } BB1 { - switch ([#"../06_knights_tour.rs" 54 15 54 41] ([#"../06_knights_tour.rs" 54 15 54 29] UIntSize.of_int (IntSize.to_int ([#"../06_knights_tour.rs" 54 16 54 19] C06KnightsTour_Point_Type.point_x p))) < ([#"../06_knights_tour.rs" 54 32 54 41] C06KnightsTour_Board_Type.board_size self)) + [#"../06_knights_tour.rs" 54 15 54 29] _8 <- ([#"../06_knights_tour.rs" 54 15 54 29] UIntSize.of_int (IntSize.to_int (C06KnightsTour_Point_Type.point_x p))); + [#"../06_knights_tour.rs" 54 15 54 41] _7 <- ([#"../06_knights_tour.rs" 54 15 54 41] _8 < C06KnightsTour_Board_Type.board_size self); + _8 <- any usize; + switch (_7) | False -> goto BB7 | True -> goto BB2 end } BB2 { - switch ([#"../06_knights_tour.rs" 55 15 55 23] ([#"../06_knights_tour.rs" 55 15 55 16] [#"../06_knights_tour.rs" 55 15 55 16] (0 : isize)) <= ([#"../06_knights_tour.rs" 55 20 55 23] C06KnightsTour_Point_Type.point_y p)) + [#"../06_knights_tour.rs" 55 15 55 23] _11 <- ([#"../06_knights_tour.rs" 55 15 55 23] (0 : isize) <= C06KnightsTour_Point_Type.point_y p); + switch (_11) | False -> goto BB6 | True -> goto BB3 end } BB3 { - switch ([#"../06_knights_tour.rs" 56 15 56 41] ([#"../06_knights_tour.rs" 56 15 56 29] UIntSize.of_int (IntSize.to_int ([#"../06_knights_tour.rs" 56 16 56 19] C06KnightsTour_Point_Type.point_y p))) < ([#"../06_knights_tour.rs" 56 32 56 41] C06KnightsTour_Board_Type.board_size self)) + [#"../06_knights_tour.rs" 56 15 56 29] _14 <- ([#"../06_knights_tour.rs" 56 15 56 29] UIntSize.of_int (IntSize.to_int (C06KnightsTour_Point_Type.point_y p))); + [#"../06_knights_tour.rs" 56 15 56 41] _13 <- ([#"../06_knights_tour.rs" 56 15 56 41] _14 < C06KnightsTour_Board_Type.board_size self); + _14 <- any usize; + switch (_13) | False -> goto BB5 | True -> goto BB4 end } BB4 { - [#"../06_knights_tour.rs" 57 25 57 39] _20 <- ([#"../06_knights_tour.rs" 57 25 57 39] index0 ([#"../06_knights_tour.rs" 57 15 57 25] C06KnightsTour_Board_Type.board_field self) ([#"../06_knights_tour.rs" 57 26 57 38] UIntSize.of_int (IntSize.to_int ([#"../06_knights_tour.rs" 57 26 57 29] C06KnightsTour_Point_Type.point_x p)))); + [#"../06_knights_tour.rs" 57 26 57 38] _22 <- ([#"../06_knights_tour.rs" 57 26 57 38] UIntSize.of_int (IntSize.to_int (C06KnightsTour_Point_Type.point_x p))); + [#"../06_knights_tour.rs" 57 25 57 39] _20 <- ([#"../06_knights_tour.rs" 57 25 57 39] index0 (C06KnightsTour_Board_Type.board_field self) _22); + _22 <- any usize; goto BB10 } BB5 { @@ -949,15 +979,17 @@ module C06KnightsTour_Impl1_Available goto BB9 } BB9 { - [#"../06_knights_tour.rs" 53 8 57 58] _0 <- ([#"../06_knights_tour.rs" 53 8 57 58] [#"../06_knights_tour.rs" 53 8 57 58] false); + [#"../06_knights_tour.rs" 53 8 57 58] _0 <- ([#"../06_knights_tour.rs" 53 8 57 58] false); goto BB12 } BB10 { - [#"../06_knights_tour.rs" 57 39 57 53] _18 <- ([#"../06_knights_tour.rs" 57 39 57 53] index1 ([#"../06_knights_tour.rs" 57 15 57 39] _20) ([#"../06_knights_tour.rs" 57 40 57 52] UIntSize.of_int (IntSize.to_int ([#"../06_knights_tour.rs" 57 40 57 43] C06KnightsTour_Point_Type.point_y p)))); + [#"../06_knights_tour.rs" 57 40 57 52] _24 <- ([#"../06_knights_tour.rs" 57 40 57 52] UIntSize.of_int (IntSize.to_int (C06KnightsTour_Point_Type.point_y p))); + [#"../06_knights_tour.rs" 57 39 57 53] _18 <- ([#"../06_knights_tour.rs" 57 39 57 53] index1 _20 _24); + _24 <- any usize; goto BB11 } BB11 { - [#"../06_knights_tour.rs" 57 15 57 58] _0 <- ([#"../06_knights_tour.rs" 57 15 57 58] ([#"../06_knights_tour.rs" 57 15 57 53] _18) = ([#"../06_knights_tour.rs" 57 57 57 58] [#"../06_knights_tour.rs" 57 57 57 58] (0 : usize))); + [#"../06_knights_tour.rs" 57 15 57 58] _0 <- ([#"../06_knights_tour.rs" 57 15 57 58] _18 = (0 : usize)); goto BB12 } BB12 { @@ -1309,7 +1341,7 @@ module C06KnightsTour_Impl1_CountDegree goto BB0 } BB0 { - [#"../06_knights_tour.rs" 71 24 71 25] count <- ([#"../06_knights_tour.rs" 71 24 71 25] [#"../06_knights_tour.rs" 71 24 71 25] (0 : usize)); + [#"../06_knights_tour.rs" 71 24 71 25] count <- ([#"../06_knights_tour.rs" 71 24 71 25] (0 : usize)); [#"../06_knights_tour.rs" 74 17 74 24] _8 <- ([#"../06_knights_tour.rs" 74 17 74 24] moves0 ()); goto BB1 } @@ -1376,16 +1408,16 @@ module C06KnightsTour_Impl1_CountDegree } BB14 { [#"../06_knights_tour.rs" 73 8 73 46] produced <- ([#"../06_knights_tour.rs" 73 8 73 46] _22); - [#"../06_knights_tour.rs" 73 8 73 46] _22 <- any Snapshot.snap_ty (Seq.seq (isize, isize)); + _22 <- any Snapshot.snap_ty (Seq.seq (isize, isize)); [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] m <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); assume { resolve1 __creusot_proc_iter_elem }; [#"../06_knights_tour.rs" 75 29 75 31] _28 <- ([#"../06_knights_tour.rs" 75 29 75 31] m); - [#"../06_knights_tour.rs" 75 23 75 32] next <- ([#"../06_knights_tour.rs" 75 23 75 32] mov0 ([#"../06_knights_tour.rs" 75 23 75 24] p) ([#"../06_knights_tour.rs" 75 29 75 31] _28)); + [#"../06_knights_tour.rs" 75 23 75 32] next <- ([#"../06_knights_tour.rs" 75 23 75 32] mov0 p _28); goto BB15 } BB15 { assume { resolve1 m }; - [#"../06_knights_tour.rs" 76 15 76 35] _29 <- ([#"../06_knights_tour.rs" 76 15 76 35] available0 ([#"../06_knights_tour.rs" 76 15 76 19] self) ([#"../06_knights_tour.rs" 76 30 76 34] next)); + [#"../06_knights_tour.rs" 76 15 76 35] _29 <- ([#"../06_knights_tour.rs" 76 15 76 35] available0 self next); goto BB16 } BB16 { @@ -1395,7 +1427,7 @@ module C06KnightsTour_Impl1_CountDegree end } BB17 { - [#"../06_knights_tour.rs" 77 16 77 26] count <- ([#"../06_knights_tour.rs" 77 16 77 26] count + ([#"../06_knights_tour.rs" 77 25 77 26] [#"../06_knights_tour.rs" 77 25 77 26] (1 : usize))); + [#"../06_knights_tour.rs" 77 16 77 26] count <- ([#"../06_knights_tour.rs" 77 16 77 26] count + (1 : usize)); [#"../06_knights_tour.rs" 76 36 78 13] _16 <- ([#"../06_knights_tour.rs" 76 36 78 13] ()); goto BB19 } @@ -1649,25 +1681,31 @@ module C06KnightsTour_Impl1_Set var _10 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _11 : borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); var _12 : borrowed (Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global)); + var _13 : usize; + var _15 : usize; { goto BB0 } BB0 { [#"../06_knights_tour.rs" 88 8 88 18] _12 <- Borrow.borrow_final (C06KnightsTour_Board_Type.board_field ( * self)) (Borrow.inherit_id (Borrow.get_id self) 2); [#"../06_knights_tour.rs" 88 8 88 18] self <- { self with current = (let C06KnightsTour_Board_Type.C_Board x0 x1 = * self in C06KnightsTour_Board_Type.C_Board x0 ( ^ _12)) ; }; - [#"../06_knights_tour.rs" 88 18 88 32] _11 <- ([#"../06_knights_tour.rs" 88 18 88 32] index_mut0 _12 ([#"../06_knights_tour.rs" 88 19 88 31] UIntSize.of_int (IntSize.to_int ([#"../06_knights_tour.rs" 88 19 88 22] C06KnightsTour_Point_Type.point_x p)))); + [#"../06_knights_tour.rs" 88 19 88 31] _13 <- ([#"../06_knights_tour.rs" 88 19 88 31] UIntSize.of_int (IntSize.to_int (C06KnightsTour_Point_Type.point_x p))); + [#"../06_knights_tour.rs" 88 18 88 32] _11 <- ([#"../06_knights_tour.rs" 88 18 88 32] index_mut0 _12 _13); _12 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)) (Alloc_Alloc_Global_Type.t_global)); + _13 <- any usize; goto BB1 } BB1 { [#"../06_knights_tour.rs" 88 8 88 32] _10 <- Borrow.borrow_final ( * _11) (Borrow.get_id _11); [#"../06_knights_tour.rs" 88 8 88 32] _11 <- { _11 with current = ( ^ _10) ; }; - [#"../06_knights_tour.rs" 88 32 88 46] _9 <- ([#"../06_knights_tour.rs" 88 32 88 46] index_mut1 _10 ([#"../06_knights_tour.rs" 88 33 88 45] UIntSize.of_int (IntSize.to_int ([#"../06_knights_tour.rs" 88 33 88 36] C06KnightsTour_Point_Type.point_y p)))); + [#"../06_knights_tour.rs" 88 33 88 45] _15 <- ([#"../06_knights_tour.rs" 88 33 88 45] UIntSize.of_int (IntSize.to_int (C06KnightsTour_Point_Type.point_y p))); + [#"../06_knights_tour.rs" 88 32 88 46] _9 <- ([#"../06_knights_tour.rs" 88 32 88 46] index_mut1 _10 _15); _10 <- any borrowed (Alloc_Vec_Vec_Type.t_vec usize (Alloc_Alloc_Global_Type.t_global)); + _15 <- any usize; goto BB2 } BB2 { - [#"../06_knights_tour.rs" 88 8 88 50] _9 <- { _9 with current = ([#"../06_knights_tour.rs" 88 49 88 50] v) ; }; + [#"../06_knights_tour.rs" 88 8 88 50] _9 <- { _9 with current = ([#"../06_knights_tour.rs" 88 8 88 50] v) ; }; assume { resolve0 _9 }; [#"../06_knights_tour.rs" 88 8 88 50] _0 <- ([#"../06_knights_tour.rs" 88 8 88 50] ()); assume { resolve1 _11 }; @@ -1938,13 +1976,16 @@ module C06KnightsTour_Min var _20 : Snapshot.snap_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); var x : (usize, C06KnightsTour_Point_Type.t_point); var _23 : (); + var _25 : Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); var m : (usize, C06KnightsTour_Point_Type.t_point); + var _28 : bool; + var _31 : Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); { goto BB0 } BB0 { [#"../06_knights_tour.rs" 112 18 112 22] min <- ([#"../06_knights_tour.rs" 112 18 112 22] Core_Option_Option_Type.C_None); - [#"../06_knights_tour.rs" 113 4 114 74] iter <- ([#"../06_knights_tour.rs" 113 4 114 74] into_iter0 ([#"../06_knights_tour.rs" 115 13 115 14] v)); + [#"../06_knights_tour.rs" 113 4 114 74] iter <- ([#"../06_knights_tour.rs" 113 4 114 74] into_iter0 v); goto BB1 } BB1 { @@ -1998,7 +2039,7 @@ module C06KnightsTour_Min } BB11 { [#"../06_knights_tour.rs" 113 4 114 74] produced <- ([#"../06_knights_tour.rs" 113 4 114 74] _20); - [#"../06_knights_tour.rs" 113 4 114 74] _20 <- any Snapshot.snap_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); + _20 <- any Snapshot.snap_ty (Seq.seq (usize, C06KnightsTour_Point_Type.t_point)); [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] x <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); switch (min) | Core_Option_Option_Type.C_None -> goto BB12 @@ -2010,18 +2051,23 @@ module C06KnightsTour_Min } BB13 { [#"../06_knights_tour.rs" 118 17 118 18] m <- ([#"../06_knights_tour.rs" 118 17 118 18] Core_Option_Option_Type.some_0 min); - switch ([#"../06_knights_tour.rs" 119 19 119 28] ([#"../06_knights_tour.rs" 119 19 119 22] let (a, _) = x in a) < ([#"../06_knights_tour.rs" 119 25 119 28] let (a, _) = m in a)) + [#"../06_knights_tour.rs" 119 19 119 28] _28 <- ([#"../06_knights_tour.rs" 119 19 119 28] (let (a, _) = x in a) < (let (a, _) = m in a)); + switch (_28) | False -> goto BB16 | True -> goto BB15 end } BB14 { - [#"../06_knights_tour.rs" 117 20 117 33] min <- ([#"../06_knights_tour.rs" 117 26 117 33] Core_Option_Option_Type.C_Some ([#"../06_knights_tour.rs" 117 31 117 32] x)); + [#"../06_knights_tour.rs" 117 26 117 33] _25 <- ([#"../06_knights_tour.rs" 117 26 117 33] Core_Option_Option_Type.C_Some x); + [#"../06_knights_tour.rs" 117 20 117 33] min <- ([#"../06_knights_tour.rs" 117 20 117 33] _25); + _25 <- any Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); [#"../06_knights_tour.rs" 117 20 117 33] _23 <- ([#"../06_knights_tour.rs" 117 20 117 33] ()); goto BB18 } BB15 { - [#"../06_knights_tour.rs" 120 20 120 33] min <- ([#"../06_knights_tour.rs" 120 26 120 33] Core_Option_Option_Type.C_Some ([#"../06_knights_tour.rs" 120 31 120 32] x)); + [#"../06_knights_tour.rs" 120 26 120 33] _31 <- ([#"../06_knights_tour.rs" 120 26 120 33] Core_Option_Option_Type.C_Some x); + [#"../06_knights_tour.rs" 120 20 120 33] min <- ([#"../06_knights_tour.rs" 120 20 120 33] _31); + _31 <- any Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); [#"../06_knights_tour.rs" 120 20 120 33] _23 <- ([#"../06_knights_tour.rs" 120 20 120 33] ()); goto BB17 } @@ -2596,10 +2642,14 @@ module C06KnightsTour_KnightsTour var y : usize = y; var board : C06KnightsTour_Board_Type.t_board; var p : C06KnightsTour_Point_Type.t_point; + var _10 : isize; + var _12 : isize; var _14 : (); var _15 : borrowed (C06KnightsTour_Board_Type.t_board); var _17 : Snapshot.snap_ty (); var iter : Core_Ops_Range_Range_Type.t_range usize; + var _21 : Core_Ops_Range_Range_Type.t_range usize; + var _22 : usize; var iter_old : Snapshot.snap_ty (Core_Ops_Range_Range_Type.t_range usize); var produced : Snapshot.snap_ty (Seq.seq usize); var _34 : (); @@ -2626,6 +2676,7 @@ module C06KnightsTour_KnightsTour var degree : usize; var _72 : (); var _73 : borrowed (Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global)); + var _74 : (usize, C06KnightsTour_Point_Type.t_point); var _79 : Core_Option_Option_Type.t_option (usize, C06KnightsTour_Point_Type.t_point); var _81 : Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global); var adj1 : C06KnightsTour_Point_Type.t_point; @@ -2635,14 +2686,18 @@ module C06KnightsTour_KnightsTour goto BB0 } BB0 { - [#"../06_knights_tour.rs" 137 20 137 36] board <- ([#"../06_knights_tour.rs" 137 20 137 36] new0 ([#"../06_knights_tour.rs" 137 31 137 35] size)); + [#"../06_knights_tour.rs" 137 20 137 36] board <- ([#"../06_knights_tour.rs" 137 20 137 36] new0 size); goto BB1 } BB1 { - [#"../06_knights_tour.rs" 138 16 138 54] p <- ([#"../06_knights_tour.rs" 138 16 138 54] C06KnightsTour_Point_Type.C_Point ([#"../06_knights_tour.rs" 138 27 138 37] IntSize.of_int (UIntSize.to_int ([#"../06_knights_tour.rs" 138 27 138 28] x))) ([#"../06_knights_tour.rs" 138 42 138 52] IntSize.of_int (UIntSize.to_int ([#"../06_knights_tour.rs" 138 42 138 43] y)))); + [#"../06_knights_tour.rs" 138 27 138 37] _10 <- ([#"../06_knights_tour.rs" 138 27 138 37] IntSize.of_int (UIntSize.to_int x)); + [#"../06_knights_tour.rs" 138 42 138 52] _12 <- ([#"../06_knights_tour.rs" 138 42 138 52] IntSize.of_int (UIntSize.to_int y)); + [#"../06_knights_tour.rs" 138 16 138 54] p <- ([#"../06_knights_tour.rs" 138 16 138 54] C06KnightsTour_Point_Type.C_Point _10 _12); + _10 <- any isize; + _12 <- any isize; [#"../06_knights_tour.rs" 139 4 139 9] _15 <- Borrow.borrow_mut board; [#"../06_knights_tour.rs" 139 4 139 9] board <- ^ _15; - [#"../06_knights_tour.rs" 139 4 139 19] _14 <- ([#"../06_knights_tour.rs" 139 4 139 19] set0 _15 ([#"../06_knights_tour.rs" 139 14 139 15] p) ([#"../06_knights_tour.rs" 139 17 139 18] [#"../06_knights_tour.rs" 139 17 139 18] (1 : usize))); + [#"../06_knights_tour.rs" 139 4 139 19] _14 <- ([#"../06_knights_tour.rs" 139 4 139 19] set0 _15 p (1 : usize)); _15 <- any borrowed (C06KnightsTour_Board_Type.t_board); goto BB2 } @@ -2651,7 +2706,11 @@ module C06KnightsTour_KnightsTour goto BB3 } BB3 { - [#"../06_knights_tour.rs" 142 4 142 36] iter <- ([#"../06_knights_tour.rs" 142 4 142 36] into_iter0 ([#"../06_knights_tour.rs" 145 16 145 32] Core_Ops_Range_Range_Type.C_Range ([#"../06_knights_tour.rs" 145 16 145 17] [#"../06_knights_tour.rs" 145 16 145 17] (2 : usize)) ([#"../06_knights_tour.rs" 145 19 145 32] ([#"../06_knights_tour.rs" 145 20 145 24] size) * ([#"../06_knights_tour.rs" 145 27 145 31] size)))); + [#"../06_knights_tour.rs" 145 19 145 32] _22 <- ([#"../06_knights_tour.rs" 145 19 145 32] size * size); + [#"../06_knights_tour.rs" 145 16 145 32] _21 <- ([#"../06_knights_tour.rs" 145 16 145 32] Core_Ops_Range_Range_Type.C_Range (2 : usize) _22); + _22 <- any usize; + [#"../06_knights_tour.rs" 142 4 142 36] iter <- ([#"../06_knights_tour.rs" 142 4 142 36] into_iter0 _21); + _21 <- any Core_Ops_Range_Range_Type.t_range usize; goto BB4 } BB4 { @@ -2696,8 +2755,8 @@ module C06KnightsTour_KnightsTour end } BB12 { - [#"../06_knights_tour.rs" 163 4 163 15] _0 <- ([#"../06_knights_tour.rs" 163 4 163 15] Core_Option_Option_Type.C_Some ([#"../06_knights_tour.rs" 163 9 163 14] board)); - [#"../06_knights_tour.rs" 163 9 163 14] board <- any C06KnightsTour_Board_Type.t_board; + [#"../06_knights_tour.rs" 163 4 163 15] _0 <- ([#"../06_knights_tour.rs" 163 4 163 15] Core_Option_Option_Type.C_Some board); + board <- any C06KnightsTour_Board_Type.t_board; goto BB46 } BB13 { @@ -2714,7 +2773,7 @@ module C06KnightsTour_KnightsTour } BB16 { [#"../06_knights_tour.rs" 142 4 142 36] produced <- ([#"../06_knights_tour.rs" 142 4 142 36] _40); - [#"../06_knights_tour.rs" 142 4 142 36] _40 <- any Snapshot.snap_ty (Seq.seq usize); + _40 <- any Snapshot.snap_ty (Seq.seq usize); [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] step <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem); [#"../06_knights_tour.rs" 147 50 147 60] candidates <- ([#"../06_knights_tour.rs" 147 50 147 60] new4 ()); goto BB17 @@ -2784,16 +2843,16 @@ module C06KnightsTour_KnightsTour } BB31 { [#"../06_knights_tour.rs" 148 8 149 54] produced1 <- ([#"../06_knights_tour.rs" 148 8 149 54] _59); - [#"../06_knights_tour.rs" 148 8 149 54] _59 <- any Snapshot.snap_ty (Seq.seq (isize, isize)); + _59 <- any Snapshot.snap_ty (Seq.seq (isize, isize)); [#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] m <- ([#"../../../../../creusot-contracts-proc/src/lib.rs" 654 0 654 51] __creusot_proc_iter_elem1); assume { resolve2 __creusot_proc_iter_elem1 }; [#"../06_knights_tour.rs" 151 28 151 30] _65 <- ([#"../06_knights_tour.rs" 151 28 151 30] m); - [#"../06_knights_tour.rs" 151 22 151 31] adj <- ([#"../06_knights_tour.rs" 151 22 151 31] mov0 ([#"../06_knights_tour.rs" 151 22 151 23] p) ([#"../06_knights_tour.rs" 151 28 151 30] _65)); + [#"../06_knights_tour.rs" 151 22 151 31] adj <- ([#"../06_knights_tour.rs" 151 22 151 31] mov0 p _65); goto BB32 } BB32 { assume { resolve2 m }; - [#"../06_knights_tour.rs" 152 15 152 35] _66 <- ([#"../06_knights_tour.rs" 152 15 152 35] available0 ([#"../06_knights_tour.rs" 152 15 152 20] board) ([#"../06_knights_tour.rs" 152 31 152 34] adj)); + [#"../06_knights_tour.rs" 152 15 152 35] _66 <- ([#"../06_knights_tour.rs" 152 15 152 35] available0 board adj); goto BB33 } BB33 { @@ -2803,14 +2862,16 @@ module C06KnightsTour_KnightsTour end } BB34 { - [#"../06_knights_tour.rs" 153 29 153 52] degree <- ([#"../06_knights_tour.rs" 153 29 153 52] count_degree0 ([#"../06_knights_tour.rs" 153 29 153 34] board) ([#"../06_knights_tour.rs" 153 48 153 51] adj)); + [#"../06_knights_tour.rs" 153 29 153 52] degree <- ([#"../06_knights_tour.rs" 153 29 153 52] count_degree0 board adj); goto BB35 } BB35 { [#"../06_knights_tour.rs" 154 16 154 26] _73 <- Borrow.borrow_mut candidates; [#"../06_knights_tour.rs" 154 16 154 26] candidates <- ^ _73; - [#"../06_knights_tour.rs" 154 16 154 46] _72 <- ([#"../06_knights_tour.rs" 154 16 154 46] push0 _73 ([#"../06_knights_tour.rs" 154 32 154 45] (([#"../06_knights_tour.rs" 154 33 154 39] degree), ([#"../06_knights_tour.rs" 154 41 154 44] adj)))); + [#"../06_knights_tour.rs" 154 32 154 45] _74 <- ([#"../06_knights_tour.rs" 154 32 154 45] (degree, adj)); + [#"../06_knights_tour.rs" 154 16 154 46] _72 <- ([#"../06_knights_tour.rs" 154 16 154 46] push0 _73 _74); _73 <- any borrowed (Alloc_Vec_Vec_Type.t_vec (usize, C06KnightsTour_Point_Type.t_point) (Alloc_Alloc_Global_Type.t_global)); + _74 <- any (usize, C06KnightsTour_Point_Type.t_point); goto BB36 } BB36 { @@ -2826,7 +2887,7 @@ module C06KnightsTour_KnightsTour } BB39 { [#"../06_knights_tour.rs" 157 18 157 29] _81 <- ([#"../06_knights_tour.rs" 157 18 157 29] candidates); - [#"../06_knights_tour.rs" 157 14 157 30] _79 <- ([#"../06_knights_tour.rs" 157 14 157 30] min0 ([#"../06_knights_tour.rs" 157 18 157 29] _81)); + [#"../06_knights_tour.rs" 157 14 157 30] _79 <- ([#"../06_knights_tour.rs" 157 14 157 30] min0 _81); goto BB40 } BB40 { @@ -2846,10 +2907,10 @@ module C06KnightsTour_KnightsTour BB43 { [#"../06_knights_tour.rs" 158 22 158 25] adj1 <- ([#"../06_knights_tour.rs" 158 22 158 25] let (_, a) = Core_Option_Option_Type.some_0 _79 in a); assume { resolve4 candidates }; - [#"../06_knights_tour.rs" 158 31 158 38] p <- ([#"../06_knights_tour.rs" 158 35 158 38] adj1); + [#"../06_knights_tour.rs" 158 31 158 38] p <- ([#"../06_knights_tour.rs" 158 31 158 38] adj1); [#"../06_knights_tour.rs" 161 8 161 13] _87 <- Borrow.borrow_mut board; [#"../06_knights_tour.rs" 161 8 161 13] board <- ^ _87; - [#"../06_knights_tour.rs" 161 8 161 26] _86 <- ([#"../06_knights_tour.rs" 161 8 161 26] set0 _87 ([#"../06_knights_tour.rs" 161 18 161 19] p) ([#"../06_knights_tour.rs" 161 21 161 25] step)); + [#"../06_knights_tour.rs" 161 8 161 26] _86 <- ([#"../06_knights_tour.rs" 161 8 161 26] set0 _87 p step); _87 <- any borrowed (C06KnightsTour_Board_Type.t_board); goto BB44 } diff --git a/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml b/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml index 08fc5c9d89..e4acf26148 100644 --- a/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml +++ b/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml @@ -14,7 +14,7 @@ - + @@ -26,35 +26,35 @@ - + - + - + - + - + - + - + - + - + @@ -188,7 +188,7 @@ - + @@ -218,7 +218,7 @@ - + @@ -227,9 +227,23 @@ + + + + + + + + + + + - - + + + + + @@ -237,6 +251,19 @@ + + + + + + + + + + + + + @@ -244,10 +271,10 @@ - + - + @@ -274,7 +301,7 @@ - + @@ -283,7 +310,7 @@ - + @@ -292,83 +319,83 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -383,7 +410,7 @@ - + @@ -398,7 +425,7 @@ - + @@ -421,7 +448,7 @@ - + @@ -436,7 +463,7 @@ - + @@ -449,28 +476,28 @@ - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/vector/06_knights_tour/why3shapes.gz b/creusot/tests/should_succeed/vector/06_knights_tour/why3shapes.gz index b1bd941858bb601550aea8f8ffd570cbc21aa0ea..2d6a58801383f436c450ea9cd8c27ef68364d191 100644 GIT binary patch literal 11336 zcmV-OEVt7iiwFP!00000|LuL-avZmk;5)xUZ)aByM<8*>hW)@*kkO3Q&TPy~^rINK zl@Dhqwhk%D@_hYf0;pSeb(4}vi}Y!STV0Jx010FwkvD+<|n8+g#mzT=TU&rxLjqZTK&{@LxuFpzhs(uv*)KkX;-4 z_E@In-{_6OM#f)y^32aq@z-V8e7Z?@`=Q>B$d*Z}Q!{~(v$|sP410T+LA@P^cj15e zb(oR}4F5aDqWE)poJ`gT27AF^0yYj}ANUBdTkXre)rbRn26(^ueDd)hIKt1IN~yK$ zeDmAKzk6iB>+8+$m+vNobJjty!(&Mr`yYm_aCm|@?Y}rmv62&cb{&vSW{aQ zj#`_wK5w|_(?b80zg%8#e!Gfnt=GUJ5f8un*;i$*a0KjpKTdjpF0AqyTY39t4e$^I zUlW42`EGOlIWy$SVg21#wV%mCo%TGPVMbHDk7^uwcbjTv2c*oDBl^@f9pP6WEsnK4 z(wy$?2yp3ccO-W}N=F)L)SA>N2u}Qm+fDiu^Bs^3`3Xs|#=%0xO7ssB3;Po2OIRy$ z7n4S4c53}e!=+W2bq3Ps_a8p~fe(GdIPCI->;&qxKEB4sf~>-a9&zkjm&Wp4zWwY! zqJYNs%^K`KW`&o9@ym-fxFUpI?e(HgDHWEb2lm1@;PaC=A5m8RU;p9a=JOi=<8?m$ z?UldzDDdY$D!zQ+2)^cWGC1T3MN`T3n%gyZt?Bk)u&^&NeTnW%)Wx(J(>E|}y0mL% z{R!44Q?S;M7}<3#U?K(hyrLjP1@2vXElgjxM@#f*3DuX#zC=us5~^=t+H`4G&HJ-G zqWv5QTiLp?@7>jZ=OR97PrNiph=21pzvalvn^Nf7BUSfTygY!8dcx{UU?9`HxQ@t~1B_H~II9_Q|xB?`U%^+1TjC9>fu7EnJhMav-cj z?EyvE)eUy*uW=?=ZIo>-h%$Q*K&egSr8%ja%7g2OVU;|ztI0$XA@z4PP%yaEC%(Jg zyuZBqm~SsXY;beK8S=NA-|tRGVS`{)ikko~<+#C?^T(W6`Ppv@w1?G&uKEY$UUzm@ zdeWuIf;AHQ@_%pqZ7OUylm{xhEJc@%SqYs9xBTAWEVJ^xmgaO;2MY?VQH?Zx`&h7+ zy6TpCE!BCG-x6ix_L!wD#iMwY63b}BZa!i+AF=C4?AnN>Jv*!0tH3r&-&iQln~av? z?I;_OKP4YYQk4=cs=ITU#kq(s6;2nK_jJCPsNuF$6f7QvQdK+u1Kdrfk4!T4f=roCKvQKvjfry4C4kp=x?g%Z+lwD zA?&oSc0k&;EyrDS*iZ#27yVvl#+}2C8;2{KbJNdR-O$U9iiEoTl-uLEzrM?-xPg|3 zecxTFQZ`n!kJwc$ErtFU|7oJ`yUDNVashUBTDEiCx#?+E$&LoYpr`|!)lR{bie}y^ zDxU`{=~77_z*OCXDe5nB2UEGz>6b~TqEr<3V_GWx>zl64@}BQPp;=>Stm;^ZK;IX0 znfk@CyBF+5E-!h=o|5=28Kx!da6d0wx_51!ryz zv?=bc@^vC+6s-+Xv$i|s?$9)ITe#5fr!6;!X-jIF-sw~yVkoXkMfFu&$YrS{4`3?p z!4$PtzJn=0I6Y7*LhH1bd;YV(y7u8Z50=US>8BQ?pWOlJb@I{T;iDitApPWm^wT>a z7j2^(1?t3{(4!zUqad`03@&%S!PV<-ZWO4%X6i5+uViwe{ejY7^(Khw4Xj?--ZsLj z?42|t`Ua*=S37LppYDyWUb6>1ig>bpik5Phue+(VF9rSssW}l#KE|S*FV2gxm@DxA(5=g{j3zdx{XeyBomOW+84e}pZ&9#t;7 z)@>%ZW^vSq;T`E=Smx z^6l7I{W&yK+Z`>bLaClebJ!g)ScZc(j@SMY+=DTJ9=;A7{JZ`qmD|bNRDS=KKVFu{ zQixxGlIs@r>YV=e{=Z6X>$|HPe@!oa4_b^Be0B0>qTm+TH<$mixyciBYrmtmh+^_x zgZ%f+`@F_y(;F1@G-$|#Ohw8xSpS87H_PzyGT!D-cbkvM8Jk%7AYbSAdtZRR!!|Bi z?Pgp;gRT0_4ab7#qqM}nz3ya8KmD}B7LS0O|7j1WKH^lCiF_LLar5@u?P3{89elGq zvL=d(hv^9sQ;)(t{%2}wc_3w!>S_7obh2UZ%(E&pc*(2H`ZNekB|E3Ss9-;Qc?*Y{ zYqAKw52Z_P{rmO+p325ewAcCkhkbF23CKdlKkl#i2UQ%j#Cx>A{aPfS>Ri3+v^Hpp zhFJY0?O|I5R2PHZw_laiJ6)*acrOp8KFGCgp6X^5lLNU8Y)1)%Au4lVXr!y{bWDY{ zQP|PrWYHT{^=&1;&47!7*Q1NuPq`k^~G3UEFhrwtB~YlCrLCmptcdP2Wp#!fEnu(U(9uoi$Q51 zRpjK5F5;>#axqggu=q*EJ=)Vd@==ta9KJcY4^d#@DG`Im+K0qGrM8R`e%wAJpz-U& zMeHD(_gDPmuxv(}_4P($A2)-4^}lSlhowV!l#GMRlz+R;dD6lJa!>sQG)wWX^WH0N z*v1rUKzO%s59BWkpv$F8TU14Cadu#Nc(6Pd`=J**g`Meu#ZkiIgxmxB%M$RO;ysfB z(;j<1yvbia4yh&+_S`1(HXAP1`(s{jLECv>bd_yS1T|LVB??b+Qk~46r&%NuZ&)>S z(N4l2`L}%gYV$eYcDMzfyy=>pe$zWRcyAUr$7x@>nY+&XX1R;%nL~_D8)6$c-8+a) z1wUOJJ2gx8K-Z<@0-)zT3?oGZBY}7Xl+YVRI>1m}`%&?KzmrE_TMza} z@rK>D(~B=}(0l^8tqrXOKi%$@xT=3y!WK154;NFhQUViZh{ND7rMBGgO3emL3TE$v zSH+J5eCdcGf5bmSu@>C<>*XEl3fHu#@DihmOOs1mBufDi(K_9w8X1_ znf_LjMNV;SRab7QZhR>*rHUDW+9FqGvdFQ*u*eZ)coJ{P3@ZWhw>>ks+JlHS);%^M zBD|d@cks8{Gcfzz)*GcDwDtBoK9AA+wJ3p1;nuBMEEP)gkEQS2868?KOjSc=<%2adZ;#(?uO(m}fP@q=iJTmy2vV^!jJ3lQs zS7ouZ81bHMyex~lDs16=%hwi4dct&7*ph#0DbfSPfmWn#@}U}<;^fsUc3SQu*vrQI7x&QC4?_# z4tH`zG*Yud)|$p#BCCBGNagay*}?8dSLRl#BLy&9-?*vV{r>lSOE}qGxTQvCk>~A7 zt>1SAwF7Xa@z*qz)9P6v6{)50O++hStXR^y$pvt}6)P_h;AsLg{(QR_$}LT(t;K~X z)fuNyY{GwQ;G;&|)x*WLFx0d@%) zeAisM_IwgY!sc#scX^lp!Pah%KrYe; z%{bcS3s;jZNTOFEi7 zkS-|H>{rbU>|3&w0^E#P>i=w@I{j+eY*B2eS6(X*M&Y2k7CWS=ucW<7?n#0AnI4*| zFG_%5@_XuRC^ij0AF2yqN<^t5MxZvgQcUd-F*+L%WO#yNhZOVk?UIWD%ZulJ+7iso z5y1v?q#QYz%v|~1n7h}rnyZuFcFI}G;H&eY zy7Hx@c)qk6ff{FNHRUX{1AiJph9_M(3!71TnX{CRy)R>^Gvlm@gNT2n%Z5LORB9YI zl}lf}Pas1q>=XTV@Th4)>PeG4U?KaYg=6o@K7psrKH-m+eX_@^S4TO#`~le~yk(!T zKQa5H1dYDz_qUhV`#Wl>BWf<}sKGD%q~G!J{qTH9dl5~05%*~?;_PHl6fR4m^gbLG z8@t`Eb8m}2Dw}{7d z8B~akxNkiip4V@#JQ2#W-UkJ^NULH+7||6N3uecHT)$xaZ3OwB_~fwTnpdOn&uw zfbBrXmh2vy8zbui4sQSgdVxJ@Woq6PnA81D^)WrWAZvF_#fP?a`jxYCx;)EMtG4bh zUt`xEK$iM{IIiD>>T%ckEAKj5*Ih^Jdqj)YXWP{&Mkb)R1g6Pw+fMa9!%@Ilajy@d ze?d;toj^Drf}nj^h0$dPiwma2Oym#|$6uU^j!d?~3_#0b>KpJ#p_DJSvg5t!HbvnWq(>UHgb$3Cb$0B^;gVQ~1+Ide93mAP`b zy2YREB>rrt@#hklC%2jz4sDvP_;c?qoyVWmH2zEuA2G0cZH!!T+wo`B2PH-E?Nkq3 z@ej(u;UnY_ffg;iEK7{J60?N5%b{Ajn}YWdXmV7|T|LB&rf{R#=0@$-hHX1~dJZzU z)=K*brFqXmx}-m7TR2FY%0U`?Kn~IhImiqgqf5@we5j5bL?wlTj2M9$ z2bmcM4fhRQ-IVCf>psI}xPzzNTEu4eDzW)#_w?y~xV+iiTwftgZ!i7r)yKd0aUpf+ z1n5%G9AG(WPEnE}+9b!&6o^BoK>0#A9mEby?SYR`E__y#n|<`;W*;-&$YaMFdE9tD z71(${^-y}h+Dh-Q$f;eR7L9|+v41!)<`OTxC&tJ6c$6#`>(lf9iF5tbhReCZ>&-mf5UF)EjE_i;KQ(F~%Oh;+`FV zor`v;=v!{u87|LhG#(a@;N#QM@@b`1D-M@{)!S?Kt9J|U|JZ#$O9lzUeI)e&Z}~mV zgq`-am39nl>+NE#KelV}owpzQ8|F%z2+@c5RF6-?xkdn0MfG(bbQ@#drOJo;`dzR5 zOjBRRHe2q?RvTEbHD62fHz}eV(g)SK5iS09WYA+f;t{@!ML6Upw(zF~o0$@jYmb zy9&MKpkGX4E5(!Om1wOF8naOSfnG5S*+VFNTj!*D?Knw9vGl|}M_t83j=JveS3P9f>44CogR0_T2UYi*fCtY1 zv~#HP0g-@1beY)ZvN-zhKIRV(VWurJG5VW?Yw%;fqkA378OE__Up0lD>g}5za4|2P zn-c^}_sQ(u#vqnY+VwT&cRh&V`n2C4*t}#1YZOB3;T)gP+qXRc0oKEx{nJ#Om)BJ$ zLd(SIe~gztz;NpW%;GZu)7#7j1!zkY!!~n_UDWGhNK?4Fm$D1H!5hl9SU%=B)}!{9 zYVvz)Lb+D!7wY6bl4mc2IxQ3pIJ2%I|)Qs)hKqvqdS@ zZ&6D79<-$T;;ZQv1qF6%i-Okg)ZT8b4qKFx?I?748Zwg!nTnJga*f(c(MGr947#*X z-2kW4ERy+*TY?(0N@@a@5bTE4&B7sHzjw{9p+3wpN?0~l0JYj#ymYj%e9Eo>l` z*r2EOWa7Wsfe2$ZL2deLZ^k&(^w(Z9a<0_?n@!xVtdkycd@YkiV|7gip0dtIcZ4tO-vgvEz5b2rgvbPzM-B%Yd*bjojjE# zZ?yOLA%xBUqiirB=-IW{DqZ(`bbX&GicivHI1@gi^8U*saxws%vHPmA77 z-Fr9Z{+f%y!Lo4q$=q*as^4a;QKO6IyBq*^!SPUT_7nCV$AkT@e%(VI5BrjF3XbmS z91m{yq8zz=e`2+eWjQV**& z8w#V9FZKDdO}p=!%9%}D_(<+MDzjkI+UfErM#9CGakt-CP^=mY7c&Ea?zMhmrA+N6 z3iEQW_Am76u*#_RrV2kAc3+b%e2>bg_T>xnSuFntsf?;$E?=Ppjr!BU%YqK;Psz5xlpKh0~$k|(e=>i(9wn9!?EnIoi7tU_Sxd-x>1<>Wv#hY;o zVvDo0cmWU=FVDq(=*3RAuM5JG#ZfL@7j!S|FH69CiuX*);&nkj{pZqMGq6qOZ9ZJ8 z_s3Sf1+!%5x}fIr!RCq#)q2co9G(}!pW5o>OE&rZ+}K{5oIkluE*{Y)7YA)}@q=x0 zu}2x$=Xb;{+KBr+j|FJ%L78XK1OLbANZUiSsw6lyCKPIzj7nhVbcD&+qDxe=V()wE-L&guD6Yv`OP+Z?kU?$QyB3rIkAT7bWawk*j2$Efks7p znrka3>ASN_waPtLl)tO{pL#*`QJ;zuc+Ip?)e?9oT62TgnC~UQ<9OhA;yo|~aULAr z8sk0>iS;d|e(W`qW)=O_$#4(Pq>Z&wZ`O8?d9=1_ZHrZ8_gF;;(Ky1|^V987uWg?` zY|Yy0cJYVR^Xs#y6TVlZt$`d^yCSWWH~SRmvfK8@U+B_X=ISGr*8EVbYD=|T;YYR< zQGCMg>)&yqYaD=|^?#$KunK+Qhs`hNQi^&hSAviXpIy&2+>Z;4{*Yenlaag5E?&`v zU4-sBNj0V<+{)r+?uShE(sykE8$kcu7p_$y%K6Auv4)T z{4u&VHdvdTR;ddja@BPZIBqzgah7B0TEa@Q$Ly46p#?DCX|>XFrNv6~m4=mOE9F+ou9R6ReWH|<$?#;ObDSHcf(kwaWg{9; zI->~0VSr^T3oHEBxRpUcW>!Y8j9MAFGGb-;%D~F7m3Av_PqG#n7r$pX8=}*?OB%n7 z3c^a6O<_rER#va9T3NZWVrBVPw4buqxWwEd6h$iS+wbZk3k8}9 zOAIBLHk>Pz(cF1l;1*nd<;2RdmE$W1^kCh$_Z6i9+(~kWTZ)4&x-JUnz-Iv&gbk%H z`Dooau+agk zpny6kpb`qGg-(YGv?|aL0klK_O%Xs_1O#b2SVz!%tb^JTZjksPyb%sHCg8+(L@9B? zW2dF%HgPSHywRe@fpxP+36pRZ+9dG5^dxAfbccp1?sWmJP$3yN!ugI#h8u3zv^iy8 z4sQpkeaD033C(bYR*e!N=$Im^N{WMTBQh^%M8G@Tw9!rzCIRYVofgT3jKe`A(hE6` z=r7Euj%5wto#)7+namF1jIyYTah+^7Z4&ffdJ@n`=RtQ;3n_xkJWD0fmJ11)BGFDn zeQ5o%6o!oEqeP8VI29lzp$+PBU2qv8oFghj{ixt&jjG5HuRG5qYDErpS0KX=STcZ;H%>-n ztLFL_7BNU$lW_5QYrO!G1oCU*psh(A7~4+<`=^);@0jbXS4!b8pEO59z~gThu}5o~ zim27g;`d}2smq(1J(v3|3s`rR0&NloOzzXW#)WVxH+oa+2}-USlK@x zvj{#pX8^L*&e;edqhX(Mn+nM0S#M!xULHqe6+BN}l+vR?51r;lp-v)X=QA1*{oK1B zGylk#JSo9&`-z=qQaaQXc(NXlEHe59>|P)Zf-+oLw7W%@kOa&#ZyZ{l0*8o-QFsN| zC}68w0Yt!FY6KCmGo?=q?n^OvkFr>6>5Re3xUz*bsFir;UUA%=xGK1T!!{j`9)|#q ze>A)3DT>p@soR1UMvYIT>rgCZ<_n&iXDRlL+M`Dg!1+ZNI(cY%O<2a_eG=LCBnP zWSLQPC`a2BD-~xNciXRT93{5VAiQ^0O2(qfiU}P|FixVbRs&v0$#3pJi)hgJM3(FV z?s(Q496-(-a$t~on1v?++2)&iu_DLLM2ebFaJYM%4z*GpswT!Ik8(9{$+&6sc~c?_0B%dGTTISobbaFiuz zz~Kk`Cs~5)`+Mgf70Hg0l5B^|-$ceCW~n;cF&m|ltzY{TeFvjV&M{=6w3kwH&rtzF zb*`ffDd}q8sLpa!6Q2kNXQB+u2gy=S#gGyPB>^|M6-g#S#Q{}T!l9S>TWD}DfqNFvZ#0FxPY1DwbZHFqXylMEdd zXec5uGRcoaGg?$ipbJRUgzSgPj7QU3N2gHkk+!=Y@RW z!CDjviA5`4SBg zd8VUqva>-s7LCu!TTiDbOqVPUz~m@$;ULCdz(_)}31zp8-diofTZdLWfFc6v7F}LE4Zyi1@~{I5$RAR^-Uq~UGq#BuueY}Z=y z6gpgBB1cKqf=6XaIG$Bf(v*m^pc@3}E&;kspghatRPIh?=QP^)xUpi_CdepdL`5j( zPHCP)?CMn7<8(eyB@WI2`6b9LkR4~y;if>Rr!CswP&rc~Ms)K*S>(s5edsRh9W#Jh z1ZqZrc88FP86ToYMOUN3RAi>44-Qe{5G4+=+;M=@C289Eahf0C(1^Nos9<**%{UcR z%26?{JByZsPbrpZ#<~LA!guoB>8yvGnNJ~r7CcvN0oyu~eVX@e?fr2GUUxen4qE@WiVNXfYp9XGL?C6piObEMCaK6C3=d5-!n z$0^aELKiu!>D{``0OVri6fTm$K#&w{KNsUHFI{j$X zIxtBW6J{r!j>@22iQrl}gEfPLMkjNm)sLr@>x2Qutrs}Zqye&GXcjp-q!HUqegZKQ zh?yYF5G{dd2}75P;#3eRiFAmQK%4~Pge~F+;j|k`qwUd&@V#C|=R0qZKF-q_og{N` z+C`*Or=_pyI*8qoT+f1Bpb|%c=Au`zgU;eqMwSBr&R^yXj^uh)_{YmX#*J|v4Gh%P3`q3bj_%fR>!gieYDX6h}mN0L1&l6h3&IY<#1 z)^ExV+cDRS;@JO@gLbDKflBjtmWx%oyY)V;0qXLW4rH}@i9R=yj6r|e4 zsH5>lsvyxc%#;*P_hWV`sFZp^s*VJHp#OVz?sxeqv%aC`QW30oE5KsA4wfu z0nbbDW~sC3EHExzi48d$6m+EIc)GdkNVaE5w$1@#$$A~5i#lmwUK>XDWAH$iw^ngV ze}?Qxx93DR#dBmzGbK8@8Nqkt;O5MlE=Z|;^SnuRq}%hNn+5?KH<_o_E~k6tLA09Ws+ibg4QQyLcefA zvmAxa!gvVAqd5}*=&!7U(gByZ4)u-{?3?~3GyQRDqQg-T|7by+MKn@&(k0Iz=guKb zg9tWf9#J70$wq%roBpEqk$lgId{S%gP?|c9$R}a4WdUu|oUBTYiIRURX{wJTe6A!+ zOhW1$8Xn$sE~*f$qQ7(BG5pd(R1zY|5MC-GBMNUNznYvPdN zthVTEN(zV1qx2zzkpcS-?fkM-M{>Rpa&{Ulk}_x;>Ea_#*Z)`>B9a79bdf{!CHle8i=~1O$|l*~b)Bn|FSk`=-;ys4Id6y_&T<=;k$Ja>kIbca$Wz^as5wIeNNrm5n*ZOJdbO~84+Q`|nI0<=C>!)e>FT)Q%j#Cgh!+)13 zir?4A+2l;s_{nN~R&DCyRQ0LGakEc1HY17;1b=h*c=6$%7~w}jr3CGDzW(LIKLQrq z>(__huHGC{e$B94dKhoQCw5sI994Nq#T-QHL2}G$|H!Z!FT$_a*ZKVi7M_9-KkpT- zo9*6Q-`lgj56_tSU)QgG`NxO%|9<%O-POxCZ(sAPzvthsp1nT2|Mgv#dxAx4%I$4k z+IDYV^thPIO8=BUUA;d1@+vYcH_jpv55I@m*LAKi0`}rGPG+oKm&!*#`RUo7^V=Z! zln{KE-ydFo%na*&+;2BE9cHppr+=Q$Frz6xMKyu7yQZ2ws#0gl6MY&?Px!S*hq3mL zG^Zy!;@HmXj?__=+K~Z`dXQ%C0P^j-L;5x5_Z+1D?mLiRkHPYWl^h-v3WpLtl(4?U zznlS~*=g-(fGbqK=!~n7-@N_sJ01qW7>eP zV90=P_uTz+QFv7se*LiLzA|0kdVSfZlnU$C*iP=nB^^ z`jf1mOv!pca$2r?$!AOOCA8$3NGq#Lx39ARgzNlUL-Jw{=c}OZ6`R1myv0D!U@v{oL)A!B4@m)R?A0}p z2(QtCwGP;7Gpym>4%vRnmu)ZFQS%uPB9a28ydI|Ns;yD}G{ygR(Pdi5c{ zyLx-Tfryz6?+(AcznmBps!=Hp4s8E;0POrBCstpFgM`k##vJtUfEDkbKd(KR3bKxY zCiQ!E4E%6Ty8G<%jK3N!2Nd9+uIGmW?M|-eb{1p*kTG>?5Am=VLpGlg?vF| zn50bUD+e2e44^U|;%8($wISo#qbfZ?`E-bnGM=t7-U;ZS!x40SRHZ-K)pXL1hpr?6 zWH|5abh^0daPjp3?`3$_4*h!Sitz96e$D;ki}3n=zWjUmA^bX18Px1;zQ{SFRllq` zRUG7S&Y!=mBIM?`m#eTX%&f zn-g=nnrU66HxqH1Gr5T#^4g_6(IRY7vpib9gF2ux#+~pu}&U)jU&3;;udc8OuNt$zpbc+XZWAq;D7F@${@KjAmN06UbDrXC!87eL*X4tpj|9VhV^q__fBKcZXYutARMh*bxpqsX~?9U9U z*&zROGckG6kg8nrKEEz=eqRg1TM}#{Nh#($%|6^?JRfJ&fN-@+Ae(0@hwfFb(dcZ&gYS zL|WE8s>ZkL@qQdn!xi_p#)J>`+rWAFd3dFAH~X6E`!D&!Reh|5_{G7x-a(Si>2GiT zv$l4jyt)pr>0=nGR^p1s1Wot z%EW|BL(2Ab!zX(0HOi~2_%8qY{_p`S;}F|A$glI8lOG_Y0>%|<-Ar3()N;QVaIARV z2_*LAZD(Wp?z^L9aR3XWy-;Bd7iGkC@MU{sJu9kqsBegvzLUih zz9&fA1F56b-*$am&JOIOdDe9XuW$ko%l$S8%sIQDzNp}I{rZ)k1K0B+{&gr_K}3Ah zKkz_h(;+&@dg1LU@5ZdkM#JB4ZumPj9Hqn?q`%Wrq?pTGgMqaHv{gcE7Lop8EduJ7 zquh5|lr%?O=xUy?54Jt1z3c7SyPVMCe0_L;`NtSrxL=ynLM!=nEZF>al)SlMGQU-ZB3JoNRT%40de3M09 zF2oEJe^YiZ+3`6ftLqM5&YnZ$e)yJ%@w+;Q>-_1% z7=SWco@+9%m*Hl+-$>0yFjBXH>3cU0QH>fS%X4rUHh#rg?@n9ibB<6ypS^6$cOabz}WmM*@wU(MZp7k9q5Zf%beJ$7rOm)Jg_ z#jN658rn;7x$c%$)$p-*9*{$yznrrb0D_n}44K}vUimJxUJRH7O#Zx%cCTsq;NQKL z&*zMUqF=PAL5i~0e15b?t1sBq=3=j#V`;@OP<+fqNaXK}_L^;Qk*!vr=B<>k?kUas z{*@H!vKb!`o-W|4-znxn1hg!|1=K+5kIYG zVDaAXHwrrF_uFrHp8WNDY3mI6y>x?fQM${yF?27@hAoszXRdM=es1;ZmTtfR)-G+Z zRHd3=_fmyd3IDcgW-l8_s7&{!TzsXXr&RKEtjY;WUC0zXB%k+Hz;E627ne0Mt8SJL z{Vv%)#_P6dyTa9#@5J8m>Q0;Q3RgpSU8@O7Qj`VhSnI`Sq12mNmF=ys!Lt4OJ>zb_ z(U~vj&ivCl|BY^YK6l$cTZWbVOhJ~j_ovkxO5U5FtGBNosi@X~Vc2AA{4fib6g9{M z0?LfoWQu5{#`zCo3fF?0tHZDl{1En3Feioh33(!BQpj=r;!t`2+duLZ9J|vKasiTm?YKSb5w5&=rY*AZ}$6h zMeR(z3j8Szr6&pZmxHxx;pX0IxFSgnhFFk}3T)sPa*->d4*>gmQ=6peEDJoCs`5DT_dOKR`~ZQ}ZQP{ZHn52GXe z3`Y@51L>9{994RwrkK3nYVv;T$@^_4ueCkhrx^pv`#yg>{*GyITgc#BZ^U&kW}YK} zdzZ`A`}|L~_a|6zJ!LV)%gU8jlf6#Xl0F`N3-~-Xy?Xx^UwhW;Z}Qm7S)jA{TDN?i zh&NbxgXM7Leg4=xpFbY^oz;^Heo7q=XrGn7~YIaHgI6squJ%2fbi`I^Lv+s@tn}ou_PzfdYP2lszf86O9PJv?bV!^5jqOSG!}b3fu<1gjC|%YZMb7jJGR8%syAyS*+- zK%bAKq_Y%#CtlTwszv^^Whp>;HNejy@ugNF*{D_2`vtR^tM7wW zAeUKQxKTn>{LXx~>UN9##@=+5=Q4I1>co^;j1pg_`k(x$B^ zZT1EWLX!>3jEg~68`SLG%-56F`1E3IEoruC%t_@wH30vLMQ zT2ES$rYq-=)N(y(Ij$$o+cYfRhxMdJEp=uP5}#?J5qH6p`lUJNN}qj7VC8I_62oC| zr(r<)n+A38jcAkJ{dz;R3IDdyCgRSbO-@+x+9=15e?qj0=%Y>89~f;?okX8b+t=&o z(;e}P<)Jl+X65XSmg7IZD!m$+hoQUs|K4Gs2+n83h#u0dVX=k zxez`PGAE9ObJJWupSQy=sCGG9D2L_~peZER(D$>sJoJ$dz*#7-D!6+YSth89c~2MBY0v=BvEbILMop`}ukO;>I(cyXNcb zHKhABq;Fb7`uVryk~s2?*a`*U%n!qD_RYU-^az&fU9s;|(Izh!TGgMxzFU~fdS!?z zXU@NXymaT9&8<)LK6+-| z%rooep4sZMCQFqaY$(#MJhOvUap{@WbJd%y8gg8}4H#Ls)}C2CcxGiamo%eRHLI!7 zh9cGIo0YxeRaNh6BW861%i4_YG7i33vi&TrC&vrT*u8NpA$eFg#_dftp-?3@tQ%9O z$25<=={@>J?~M<%4Zo*{o;0R1wb}c^qi+;Gy%?HXEIX9gYVfygs?@I=JI_Fa2GhDR zqetH~k3IpGt94^!WMgWdSJ%}c@^lCj8PnbL34+)ng%Mj`8c)Bz>8`F1*RNlJ{O_*9 zyH_9nF}PavxoebLo@dUtUC-or7#%oj^7e3f?kc6&@JVxdRHyYICdUz;^(={wnI+M& zQ}P=(CBO00B~Q+#Tb}1)z9FZNEAdK!f2_UPpdZk=;PZVa~pj;4E{1bVA5mT+-bTY`E>ALO>X4c z^C0%jBS$8fedx#v1`1X)wKa3|P(5**CM!?okck5Vru8H$$v&H2~S)w!l0 zUlVW{KHS%NyVX>zn~LM6BD|elij|+~5|vArs2p6P(#*c5`aXC>TOocOc|_&t5tTL! zRhuVMnw8OeGZ3s6&s;~chdK((QV*A6<-#>8d)KI(tl_QTCTU#i%}cMR+8y0#Jz0^R zwRqmfh;S13+g~_6hr*Y2PD0v|WkOb&NZxQ=RNm&g=;?m-ZKjGu2#G;W}Xte#q}5>+bo+bZXYw60n)K z?w(1i3*mnwqk-JMtv0k+=1Y)6GKS^dx-;OX+)JA+DxuAI7fzaW#sp3k+Xc$uY0lT{ z=f)FxAKNm#Oo)+7bAXNV&x#fE_2QViXlY?cPfbI-uY*a>Kq?yuUI^{9T*Rm=rOz=uap?$3c6i4|?`F)%W3uYK8c9bVO-A z98ubYp=u46#i#iZ#cSQw5yks{=bCvBbv&Z9>aP>mr!l&hkZDM%F?y%}DErYJ*@CWI z%acYsU@|2vXWUV(VWwpZ>9Kx5NA)hhv84B!4acALqis@#kp5%3@1zKBUD&+;@Z(BA zb9N@3)c3W}hZ=9iap5zv(44x>%KMmkb;?^d8*V#LdMW7VQyB13?sWE8?sWEOSYNUX zolLC~u(@8xc?A*~H zXoDPqKH59$3d^1IEwTHY;^*zBlF`PQsGa}s`jpmHlCny7E+v)y<+;>MvEQAb6 z{hiO_!EZ|BG4XowwRl|_-RJT!`gAUjGk1HZI@>qKZ*2Pepau8#${X#Fr!ATrX)n}} z(}SxasRx%sR*z$Aq#mr1XYzW8jl3RQ42eCs7&3csKBV^GL(a>Oe$4IRntifaEya*- zgbz3#n<9s#b2b0o$#s0}`<}+bKnh({?ji;@f?g+dZ5}VPJA99%pHY76< z%Y@!SR0E-G#=OCxXh!>`9*WdhBxhF686Y))m;XrK_?M_O1fYi@JN zYTT@x<*;t#ltacm$;To#vvE#<$de~l*{^H%#b&XbRUGo0Pbst2kPJoYwQUL07a3-5sQJT2)$P*F>@pRx z&Dq&ZqJ!e?xj0>Wv(t6T9h7X2ax3M|jdg$6s(hmO#H4Jd+zIJFw(_;`HJR7zaI4+# zt9Bb|$x+Ik-sA&tm4_NL<=h#cH>-bZtygU6*Vr; zFmTH5h$Gs{n=FsD($a!5lMLugx3cMH;}ai^VJ%}>U4zTyP9p@dfHtI}S>aGS3Gc5D zarwp8@}s^kS3UgPhVWyp-6A5NQcUDR!ufFka8P|}n;IWg_trsQp5BNDz04c6*uXVb z6Z^j<4LV92Wo~2)8yR1=nyvXzOBY23is5OVIO?lRAD1^-ST4_7Xy%c)&7^ZVvm_mC z3vad6n09arOW46LZC_M*7L8l~Fw5ASvPYrBG?96#G>Ojh;8{D1#~rnnLygU(Z{JaA z|LQlG8TIKXBA3t8KcJ|E-HBAAH8V}U^65_8BSDRRQ8@kLay{z3wf%!rdnfzc7)~zp zN}&_$Px7xlrxW0qf7S9{>Ex7kg4LKzCt4GF=9H$O{fQAuMu8K}w#eUB-#_njQ*l@q!-ro6Z{y$(LD5>!q7Gy1a#txraOLQroesY3ZimMT5`89sucHkj6CyHCq@ zEeICvCp;vfwSlZxd#_s+F+On=R}hXMuvS@K*0JZxX*P7z;i10jIwG#erFY zpGUZQGC8(L{{}*ZR;F4rHB}sL{_uIYKN?M8uHKDLwuZR^lD9*cYs>kE0s!%54#Fc84KE;-&N4aFEG>RasL-GR z?#c^IRa$(sYnez|f-8?r=ZDNy&JWSi&b9UK=gnA-(;=()bxXnHW=CG)Q^(+S!ol{*`GPh6s&h6~Z?DS4uz`24~SbNN!py1-6u2^j-+7b*H<~b=pN0lF49c z7y!3mMt(>C+MP8!t9MrItlU|#vwUaS&iI{iI|GhoF2L)u>p+gub+Q;!lEE*lJL#0l zR?!l0dgs*6$(<8B$9Il>2Kx5&?j`u6gB+!Kin8t}XTGY7EHyVwI?lQ% znE~6@$}{1EP1bRrpLhUtJI{8`(}S~L-d9wX3+ZzSTzFohFH!QsLzX;q={oAmi#zMi z8y1u?(o4&Nj$Cjsd?T_Ij0r7W?M~ihj~&*PP}rcIm#Hh>;5aMUfg2SaxMM^wNMZP4 zJMVWM-P)ZuJFjlr-9@43R%2>mf`jnJQD~#5eB$ zP`cD^l22)4`w*rfE7bJ43Lw$qU&1ENu*LtFwv_AHk^oK z)HtC{r(#mtv4A&-r&<)HO7`tk(DI>-$Gc=pgt*Kgo7)JsC!=9G`lunQWYv#HJe2V` z$rI~R(a&wh#vxjA$d(+! zC62MhKsoIOC=wi+1eYY$04ii64xxxcD#AgCA7CJ8$DkfWBM#XJ=OliJO8i2^0%={i z1fdsDPVu$DKK6`)OG@ATL&EyGPbag?h8{4$7|_jH*Frus)jrp zpgJg#Q~?z&)P}AzF-3?)TJX@1M?aMDa8YnXYo4V|98wqb+2p&7!PppsRMU9=vP;yn zY&Z`-2rSM_>V@=HI|yCEB$sVJ1?n$61vXgH#g&mtb}Eakv|^p<5*9?FvxoYCp7wym zgA5f>LGqMdcN{vlv5?qG=L7GgDKx{6 zR(i4w61-#(b9E

8y2_8y!07f`^9O#v~rnn6!&BGR>3r*?Aw51>ut7(Mrg#-p%wD#snPE>;a7p=WWQHQKAz; z7cG^S92z(SDv&o6v@|s4Xw9wo!*G&OCn#5#b&-bLPJDD4@?QitW8%?dC5(AGlMT@a~6r2>?7UW~9B@`qF%+MgZl2x^e!b?yPvW9%3LcLWS$r(?na zoYMrDV?-Q70%QZ8E^?cz<%i;V)OPqAH5mIcQ`Q8@guO-))m7r(e83ZylmV9hJ=TqC73 zSww6tjNI+yZ}(q~R>ra4b!d>lcf5i4ju}xpV#}Gx8`lxwB!bg# z^iP}w`}-^V%^@0WE1PTv3jhz!LUdY`oUPT)bbY_(TlDQpkev}>AWIEA*5;6IFof?V!=EcS6M(^$MPB?J4wf+$Qy%`EGL z?}Eo+BXZo{14{i->!t`FnDi8H$2^xE)1k{0ViTj!Ci(3>pyYkr1IC1?aGn+n2ErEP z4=IbsAiQ%Xv9!Hz6pamd$&K{`C0dXYeQr$O?%d+woFzKlWe?8Wr6i!kdd@qUGLKxH z-Urg(*DOUSH=k*E|U#I)Q!Q5ckh1|VqA&@PCU&@cp43>;4Q z!T1dYCZY;7Az?5cs1X8sgn%L;ph*a*5|Fj4 z@cTU=4%Od#a40XkB4tRTfI<{S+9_};PXiKU41Gw0GISftXCR|Xj3|*1?zrMQ1rfdN z2W1}Kz+4d6HoO3iR5=x`lng)zL!~Gm)&^!D=HRpmkbqNXV>DWH4BCLq*-7P{w_4U{ zbIIt(;0KsNc$W~~C4_g$=%x-`)j?nW!3^0MRsuAg6io0;ghjMiRMJ&u43q9;K2Gbcv}TOYvTU>pJm-$55}k2Qde<=st4;S*7@orL=z1~TFQyB| zR8IHD=>qxV6ra_QS&kVzfcualcPh(zQHf$%oPpp{rx@*|rr&fWU-$1AHst~U9H}ui z3R9ynHHt`rdW!DuqaIyCK1rTGjx-O193Au+7b5pO#$?ILl||tYltYY=s9Yn5dnCyp zC~a7sutyB^No90Q+z4i&VHyB8kU+*TGzp**Kp*MyNSA+My2MVH;yWJ-WXMkEY!in9 z928weGi4cy_(+>a+C0*x@iSM1$T11i$tYaPo{}(GS(w7C`O=)o-aXRiPue?Hr6^d8 zBGS!%s3lH09~d_>mc;tNg!eMTkxg|vVxFXP9hae*$$^z5tcYYpBA_IJj|4sv_(VmO zk2FL|F_FdaN8`X(Xrsnio>P}P8C2;?&2)yn1vUt>#g;M8K9cGlkcx%KlC_=5+IYq+ zvz+-Z#lWIunU_aW-5XNjYznNTP<-i;++^^7O zbWseZDkPh|RN2O)3rmsr^fHh1x+nBf5Zi;Q3Bb5kS_tl(H3||uE7pdQUJ7%jFlP#L zrfAO2&`ojracAkKIAt$3CuyhnG3}sO;0Jhc%0SFd(oum{ifDC)jtX>Ce_-g2LO%-q zC`Qj11Nu>n(kN3NW#Ec_q^FeCz{jH*x{@CFc;G|+W*{LQC0s^5hk6e6(7i2*KorGvHsB#K~~ znzHdi>NFr7I0I|-C%luER-^)v&NZD#9(CyVbqzJ z4AX*v__8OmcqH-zCUOj^7-nq;5_gLJNl!RQXUV^H!Nk@X{yA25+^N<2laU2=-tl2BG$WQkHCf)7gH@{M3F z=xq5d9_DN7CIF(s3@LV48(a z>7=24CYpLj=Sg@^0_Ptf`8vu;Wpc+t@YsR53n*YV3mmc{`R28tze)W_!uv`>!;4Qj zY2mU;%s?g;P(O@vm{S$|Kii ([#"../08_haystack.rs" 26 28 26 43] _59)) + [#"../08_haystack.rs" 26 15 26 43] _53 <- ([#"../08_haystack.rs" 26 15 26 43] _55 <> _59); + switch (_53) | False -> goto BB29 | True -> goto BB28 end diff --git a/creusot/tests/should_succeed/vector/08_haystack/why3session.xml b/creusot/tests/should_succeed/vector/08_haystack/why3session.xml index 95fccb047c..2e26adc058 100644 --- a/creusot/tests/should_succeed/vector/08_haystack/why3session.xml +++ b/creusot/tests/should_succeed/vector/08_haystack/why3session.xml @@ -27,94 +27,94 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + diff --git a/creusot/tests/should_succeed/vector/08_haystack/why3shapes.gz b/creusot/tests/should_succeed/vector/08_haystack/why3shapes.gz index a6b9967caaab931a9cce81e7592a32ff16c13a36..27247e78f752725780ea05c532b0d0115fb1acb5 100644 GIT binary patch literal 2920 zcmV-u3zzgCiwFP!00000|LqysZW~APU0>1Olg#^3p$*mciwKyzF0wt<^L zsBLfrO~Xe}H(~@;BS%m+Y6L~2N02vW1hKJX;QLjV?qgmytj;z2E#yz$j>IJi)5>Uds7>?+Aju2 zOe6mGTYu%}>sgh(CH~*)K36SeMUt=l$}it$x`DX3U(Y|}8C?_YnaF-TtOL0NJ`E6cZcJxeJl2p{}k-(!O>dT3&|1BIv#x5EO!^-Z}HVzA> z(j5e2-RYxgKe{8^i|DGPTxnq_Q1Q$ruV&=yLtMAs^peYR;OoJw`aA0uiCp(_iyY#q zM^@`D7G3xLk~sZp?w1>a=9@{}k<4XY?S%Eqt(ac!t1CJMUFs|U!+3rBbmWgazlrZ= zezOg=F&1__pT6=FtPQG@yyWW%$-YT&UCpNbo567}{0!CEM~9KV_cZwL#%00F$!@Ca zw|O(GU`5go_|UCZ-N&5%cK1W&mcE@Y{i1C8k+h`ovUTy=$L{X^B5!hHmG<@Q+isaB z=JtBm^W|Hj>Xr@aLF((-f4jTf5Zs5f?4ea&cZ&}ts>qn$C^1OgtqQ0Asjg>nmG9Tx zhC;E6eE{Y~zVmA$nXz8xF1?Iq9Oa8u=Q)Jz=+;Ex%a;ci^tfpM@|49XP?>^bu%lp86vB(`<)DRDFvl z$;TqZPiK{C8ZXc4Kc$x_;mOs5R1JlqKDI41P1+UN=M5OB#>Fmi!!~pG`0eRolD&70 z)q`{e4}G>%aXb|d9+)4wn5XdKa8AlnLVt$YIC2bm7E4m=*JVRZwo_e?iMB`5&q1Ok zq9M@=?MKqmMVGBKPAko60cb8~68>DU%t&n4)Ezpo?p&HX0CAX;+PUTkECf6e8 zGmy;A5H}dPE$`zF0`lS8(t{(3_rm^Cflv?w!aQpz}vw< z)7wYL>1v?l^EzAj8^2iR9q+K&qo;KSA9npzvetR^!S|Eg*~yuY;=a5t@X^R}fXN60 zXLsT_(jOf^kditnVZOWGmHFgGa4)vYzANaf>Zl5Q#|P5!im#v0He7#pmx9;RXuY1M z7Tk3|qxlcICB8it_njCd^}t~hR`8$b=XxahQBFffo@@-SPj;BoL)3=!deY){RU!S< za@FZl5w^vtGyBD=5bx4?XG)pcvQxz=mS zJoRmZ^GCmJ5Xn~6c)$GSjF)=UvNOK9{El|revWTH=LY*PSo2y#=J14DJI;OR*#=dE zdNN1vbI|twnEh~Dj~@f<&F%KElTQbS^oPp%5!VdLX?rVnyht{^$X?9jy4CLLPFlD} zb@UY%mB$oK-|i_@w^Z0^zma^G;AwG`{>`o*C~S&7Xb3(wTJQRSMwhxls79+deLFzV zUOUie@riDrV0X=cHvYSwt|q!(7>Skpy+9$Utw2*70s7mMiAM7`eIG#3&<8X_7f>)S zwxn333^19--V8LXQRdCj3s-EfaPbxI+($>wue$l+XY`fJZ_35kl?&89?&{{AIq!yf6V}wyEnWPb|76LB; ztphX;v;*ZpIuH&xp&Wn%=BzVLJLRMkjyu9Sb`cn$6qZXHB#W&^i!nx?xioDXEM6iw zWDZF3=Ltq{tS}}U$Xp8uQ7Awi80WeLl|&Ux#P|iWTZO@9rbD)|jVk+?>;H`y$y+NW zzeMFwIuu_fUTWJKuOlT?joF0O^K1n8AVl&UR5jf=)L*PYcyfU^5|WU*O|7;jg(NeA ziD25^>-LFCvP?>c7*J^?c=Rf_QL~t&$q_lGqJ$GUcN`rjm_0>X(3t2&MPo>%Y!Q{h zXrgZ0$ddQ6YU974LKZ+LVPk9)NVF9ENot^p1PpH}ATGIeTsdwW*AwRD);TFw;{YuIy$XkZm7%v0`rl1oC&X7W%&aI@X%DEHh1pIndM8W6{ z2Td2OrRDS#SqcVyrgW54Tc3!ef6NIo$2g&#P)?8t@oShPMdSvQu~Bjpkgg)=D8E?Ux)W(ugBrg{|lM>$Pm^oCO_ln5yc z35uEMbF_g|W7%dX@569s&=~@l({wnJqMcS>|KVZ=%3Ham&d_?LGL0@?w<7Q?61O6k z!&&XDa#lJkoaN4MkU-;%c1AfPoe_UfA4qO7AvFgqOF`$Rf7CFv*>Eipq8>`l zpWO{~RFu>b`3ztK{q-e>Ca<*(mU{de3g$U@LJC2X5sfa?F4A~m4E3%Npp{1Dy6AvI5We=se=Y5EX=jIlzLZB8pP%W{LsI<`3 z&5R7%Q~MxNxP-zB#VI74k#I)RSxGJO**M92loo^nMjfJ!)KW#DhS6G?MU2T0PQqvJ zC{#4lsLX6qt>&OK1r!a$mS*BIz}vx5{4ZybvkcAQ2B}anRn2(8jBg5@4^>q9hJP?pbJ2EZ)%C6s2M$R)wQ{e{{P(Pya< zLGj2@1`lXsXt|LpV{cs%T{@TF%StMVCZ`+y4m6rB@MYgbMG$QJT5-0KRV={&%4jl+b+a8G}NuT>1?rfx9&GGsXO*~Zt}co z=yfmDG%%35VFRfeK9I5z11TCgki1a?$r?S7&=@rEZrO!aXh_>>ol8S;^y~ zE=NI}cc9q4crB7@!0kQ&PrexRnZFpfp|Tg(aXH0%*`MoH>#8CT`+b$XEWguk9?;F7 zH+)NDP9QIxre%dN0F+=!`i-(BKyFaX}UUxusR=)GKvZfOSKa(mjw&>!8pV65+fm->ek

;5(Bq=r#ev{B{TSsC z&r;rib`Q7VTnSqJNYLu*m*_R8xZSv0m}->RU@ScbvUG#8S(;oOUpAqAKS3$00{CO1YNAye?CK;SxrB=`F%Xd ziz@50Qv)^h7Z>9qel{Nbyw^$`sZe^T=C=ub-?7wWd}^g(K;Dp1#HWi!Tbm158E6In|Izzs>HGSDsx;` zN{r(~9If*vM+?TW<)yxyj4IYn<`Mpsq|>R4>zfqQ>D`o*nYW6~mf+c9tCnFrwC z=^-ycVckgDX4!7jLUbj5^V&t8?T325wa6;fkt$%UN%^t?k9JC_e^U3j+o!(Ul;Z>s z_4ctRef%TYzed$PdF(q@j-b&euy?2LJoc%Au}42uAj?M8aKG&Ogy(tCvJ*a`{DpSi zJjJ(9xxxBDYE}}*jK1L34)5OgYy+|ZHEN4@ci{4F*Zgo<4ZXd&zS$gh^d(@Qe_uH} z;F?}JE^ovR7fHq!S;aiATW+uJsD(RR2VZekc}UUt?H*HggV`L{8v$E@$H77Vt8Ecb zwwVW2z~@GdihxGt%!5;n;#ai>Kx(H3XcT;*1jw`73P4HsQ{^i_SB0Tiwp##XmXiM) zX)w{_-<1s-MXze|N2*W$xLWdgo_Vuj#ZqISrD>$TsytFRQeGXraIyQnr;%zezc-R^ z7ExAB!Br@#659-3CwQJ{B&#FVNVpodz>%!oNLpDh3q`I*mnsj(c-bIKBdR`u_o^zT ziXEbGIQ(st!XJ)#Sq-t*2$A2&Xgto#xQa{Ho9)__8GY8gKTqBAd==f&e>^)AlIUbO z0mE5KB;|?lmf^^8V;C3b6r`mfELD~wg#@>h;gqG+QeutOR#|C<<(65TwdAZNxPu!e zOe=^_3JiGfS!6<|)EYPkYJpg4EY(jE3{D%ab<{L6#cAugq@Y^Dm`YRzUIZgEJVSPp z(3(h88;wt1M(1PsHxDgXGD5I(bOibV`18aIWs-KvBcLjXx=oHn&8cfS4~|h;OxG6F zvo&ysE^u1Vz=cX7DWgLhLjyikeo-l1o_Fu~yUk~T&~TX0xYCLWE+N*J;; z%fK?E$+K0pQR=o8S_mS6kyc@x0vCcuXYlfUQN_NNHjMu06z9$m*HTFtOVn{j0+TJ1 zlAJSRnY2t>rV1gxids-Ua7GE!QDhG~K?sjr6O2TN#ALOc{1KY*6(t`a(8Rg$A$lg! z*RAx4E40cL&CGJJoc=*30F%BY$#{}DTA@@7hA{&SVk_Dt@(m08k64bjXv>x5(sC5R zzq&1W#{vURP?O`HR&Puy6bjm={fI@fb-cCZpGZh?XTOwUZo7 zJp}*u&ml0QBM3{TTFSDXYM2AmX$5#8o@puuYV8_$7fLJ`U;X_fevk7Zg-v2sy7 zsl;j2Oa?3|fOumRVYP5E(i&k6w}x2**5C}W8l`EgmDSQ}VKuj!{okFQvS=h;sMm@L z#()R!q-#AzpmUh<`z-SPIzYEXQI3D`vL(m5BLp4-wh|y{Qm&x8QQx-@uwf!VBw;|b zH?0>0^F#=_x&cQCnk@!G0xT@C!k85D|Prq+R zIM0D%KgzHQ7v2R8)G^Mn4G9d>t{Iy2*Winodspi7>)>tcIJSR6CZ}6S0koDw>-l;@P7K!OrUMhuimP$*&Fzh|&hZJ83x2qa?ki7BQO z)h(mgw6oNE#=K7N1Wj8RTH++ujgALL6Smb!VKb<(dKA?=l)PRKnFIpim1A{HeH)1( zIk*gRAd bQ96Yz2{+|pIafu0iMjs+oKOEP1~&izQn`_& diff --git a/creusot/tests/should_succeed/vector/09_capacity.mlcfg b/creusot/tests/should_succeed/vector/09_capacity.mlcfg index 0dac7152e5..d4206d382b 100644 --- a/creusot/tests/should_succeed/vector/09_capacity.mlcfg +++ b/creusot/tests/should_succeed/vector/09_capacity.mlcfg @@ -142,7 +142,7 @@ module C09Capacity_ChangeCapacity [#"../09_capacity.rs" 7 4 7 5] _5 <- Borrow.borrow_mut ( * v); [#"../09_capacity.rs" 7 4 7 5] v <- { v with current = ( ^ _5) ; }; assume { inv0 ( ^ _5) }; - [#"../09_capacity.rs" 7 4 7 18] _4 <- ([#"../09_capacity.rs" 7 4 7 18] reserve0 _5 ([#"../09_capacity.rs" 7 14 7 17] [#"../09_capacity.rs" 7 14 7 17] (100 : usize))); + [#"../09_capacity.rs" 7 4 7 18] _4 <- ([#"../09_capacity.rs" 7 4 7 18] reserve0 _5 (100 : usize)); _5 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB1 } @@ -150,7 +150,7 @@ module C09Capacity_ChangeCapacity [#"../09_capacity.rs" 8 4 8 5] _7 <- Borrow.borrow_mut ( * v); [#"../09_capacity.rs" 8 4 8 5] v <- { v with current = ( ^ _7) ; }; assume { inv0 ( ^ _7) }; - [#"../09_capacity.rs" 8 4 8 24] _6 <- ([#"../09_capacity.rs" 8 4 8 24] reserve_exact0 _7 ([#"../09_capacity.rs" 8 20 8 23] [#"../09_capacity.rs" 8 20 8 23] (200 : usize))); + [#"../09_capacity.rs" 8 4 8 24] _6 <- ([#"../09_capacity.rs" 8 4 8 24] reserve_exact0 _7 (200 : usize)); _7 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB2 } @@ -166,7 +166,7 @@ module C09Capacity_ChangeCapacity [#"../09_capacity.rs" 10 4 10 5] _11 <- Borrow.borrow_final ( * v) (Borrow.get_id v); [#"../09_capacity.rs" 10 4 10 5] v <- { v with current = ( ^ _11) ; }; assume { inv0 ( ^ _11) }; - [#"../09_capacity.rs" 10 4 10 18] _10 <- ([#"../09_capacity.rs" 10 4 10 18] shrink_to0 _11 ([#"../09_capacity.rs" 10 16 10 17] [#"../09_capacity.rs" 10 16 10 17] (1 : usize))); + [#"../09_capacity.rs" 10 4 10 18] _10 <- ([#"../09_capacity.rs" 10 4 10 18] shrink_to0 _11 (1 : usize)); _11 <- any borrowed (Alloc_Vec_Vec_Type.t_vec t (Alloc_Alloc_Global_Type.t_global)); goto BB4 } From 9b15290f1ed4ee8300e54794eb01d2a94e504299 Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Thu, 29 Feb 2024 13:15:34 +0100 Subject: [PATCH 28/66] fix warnings --- creusot/src/backend/clone_map/elaborator.rs | 1 - creusot/src/backend/term.rs | 2 -- 2 files changed, 3 deletions(-) diff --git a/creusot/src/backend/clone_map/elaborator.rs b/creusot/src/backend/clone_map/elaborator.rs index 1f705477a9..bc5982c441 100644 --- a/creusot/src/backend/clone_map/elaborator.rs +++ b/creusot/src/backend/clone_map/elaborator.rs @@ -24,7 +24,6 @@ use crate::{ }, ctx::*, translation::{ - fmir::LocalDecls, pearlite::{normalize, Term}, specification::PreContract, }, diff --git a/creusot/src/backend/term.rs b/creusot/src/backend/term.rs index 00e64398ca..7aabc5f5f7 100644 --- a/creusot/src/backend/term.rs +++ b/creusot/src/backend/term.rs @@ -30,11 +30,9 @@ pub(crate) fn lower_impure<'tcx, N: Namer<'tcx>>( names: &mut N, term: &Term<'tcx>, ) -> Exp { - let span = term.span; let mut term = Lower { ctx, names, pure: Purity::Program }.lower_term(term); term.reassociate(); term - // ctx.attach_span(span, term) } pub(super) struct Lower<'a, 'tcx, N: Namer<'tcx>> { From 13d5f3677ddc615cd2d440219a5ebcf9f0778e5a Mon Sep 17 00:00:00 2001 From: Xavier Denis Date: Thu, 29 Feb 2024 13:40:59 +0100 Subject: [PATCH 29/66] Fix sessions --- .../should_succeed/cell/02/why3session.xml | 55 ++++++++---------- .../should_succeed/cell/02/why3shapes.gz | Bin 2032 -> 2154 bytes .../ghost_ptr_token/why3session.xml | 2 +- .../ghost_ptr_token/why3shapes.gz | Bin 775 -> 766 bytes .../vector/06_knights_tour/why3session.xml | 31 ---------- .../vector/06_knights_tour/why3shapes.gz | Bin 11336 -> 11330 bytes 6 files changed, 26 insertions(+), 62 deletions(-) diff --git a/creusot/tests/should_succeed/cell/02/why3session.xml b/creusot/tests/should_succeed/cell/02/why3session.xml index c3d695a13c..abd75c4f6b 100644 --- a/creusot/tests/should_succeed/cell/02/why3session.xml +++ b/creusot/tests/should_succeed/cell/02/why3session.xml @@ -35,55 +35,50 @@ - + - + - + - + - + - + - + - + - + - - - - - - - - - + - - - - - + + + + + + + + @@ -98,22 +93,22 @@ - + - + - - + + - - + + - + diff --git a/creusot/tests/should_succeed/cell/02/why3shapes.gz b/creusot/tests/should_succeed/cell/02/why3shapes.gz index 8c9f7ec2e6675fd522d42cb9ac297e5f177ebb98..6dbc9f005fd6a05eb13f345ed64be946c480a4e3 100644 GIT binary patch literal 2154 zcmV-w2$lCAiwFP!00000|Ls^yZyU)GzVlb`mSh(TbanMJFb{+vV*~`7Ll$!-`e_r8 zL`RbC{QOjR&kQ-FxS}lilmG^&r>FX>$5&Nd@?U>hK7Mvz(&O@5dU)LK?*G12%U}Ms za39=nJqysYwfnFNtUl`&-*4Ug?p8&Jo*&ABeO&Zc%e;G7=B;12m7@oVZMW{%x@?g9 zC8w7P5ZDAji*^j$m)-aDK>FZ@5XNnsw(%bX0s+?3H$Hvi?Hhk0d=hDo(QZl4UiL7& z!hmx#;fM)G3^L`}i{m4_1^{XRs)C#0^Av~Mba&@A1iJCNulI5B^l!Jl|EBuE(c5(Y z>FKj025xV6-#2%=m~P2m_q5w=@1NYA`w!V%4xEVGlxaVdHnm*l{>gkFwI z)~k;bJNl3vy=O-c?C6mlUD+u%&s<`?A%x>i0x*H1^z1%&e|-INn;4;!(BaFBf3{D6 zDX>*w+z$$eNChxLC@lojsF{@#6p*_GXcN-yEpvD2uACeKyL~qDFi5Q?G19Q0h&AIM z8J&CPz?X*fNz}!Pe%;mP_uYLeFWZuLEBBQwR^l(sZdRp0Zrw+B`qgd$%f0*Gkb>0=ZiQZ!OGIX2DTjD3;cvLSM&t=DuJ(-^W z+TEpoNUOoLia#@!viR{aJ+us;fi>BetRIr5ShkoPfW_6gcDwZ)cJ~rw^_fDtgZ19< z9UO9M3f{l3W$gbD&Zve6G@&-=k`6IzuOH=`fi zyzB=_UoeZI9EY*8qB=n{*x4LEGohg@lH-h4R&{@noeD*DFM_437}?0SfVgiVC^LMwoZbzlc4Nz>LhrklOQ&s zRb5S;1TW|$Bu!rAL3^tZQEp87b&q67c_*qzt3)MOKrg1gAkOp!v`uJLRyg$qyr3^& z=?nWYogEFnUr5ElpLhEroaZy(%~05_DVwR}(;#RvGtx)3^ro0Q;g%X`A&_h;?VsAV}h2Z^z6mOno#LCZ3t!s(n*AGH>+*>o|j&+Q?M?>P(@@CN%37ympJ1{2=LB`Il-rDSv)FStV+8 z1us2eEdMjn6|4!Z$_l6G;swzq>5n729?pp~&I@($|C<|X9=pXNWapL0Ja`uw4sfb(!nIXgpMt8j>dS7UNe-@IxkZ2iGH>B8G~Pn4m-X8r@RhAfZ!_S5Jfb?>zr(Y ztRfRjB|9ZLkR8x3cECG;4p?V9)9FriauEqT^T@#X2tjhDB6nH>6V5SD=5W@5?Z9-P zJ5Ya$B{3qiK}RElCrgx#Rz{IbFvbCzg2mxtxXgmG+JtDV@?ersUPejwqH==CSmF3< z5UtC`D~(=p%Zv*eQF#_(lC-bES42_&;bn+S7}SoeVo6$>vn(cb)WBF&i6g@$$_|Mv z?2vZ|9g+guano_#an*788fC#~tvuc2Dk%|TRGRC=tO3dr9xzp|REO%F^yO$NqkK>% zaUU(DsD)-)=IAB!SrmP!-&G|B6@m}J1*(hWrOHw&o`g&}fyk<=H1Dl73r_K)U&|$G zn%o6Lm1Cw609Z<{uqa5eeLs~6N>v!3luk@)FC??pNt*-r$r%{96!5NEbMO{5Rbv*} zWGhot3N=SbUIy)1(JJ^)P;5bHl_C)NIl4Wuo2+H2DDo=$ zWT-NeGCWW@sam6g{)u;Y+9vADr4w=+CG`iYA7QdA`DHxVr7)e)os<`nCq;ndP(&nW zsOtm`Li%KV4B1;YzzOwwOF0KkiBDK`ZA5@bi5aEU(u(AWu+dWSdT4Dmz`FpU+h)a!%+F?={gH6g? z9vve-oKP$l8m^a3m+NzDyjWr)n^3R{v_g~#@x?g`!clZ0l&A-=b{nNiz z?t}ZKWdT~Ybssi?)n}dJ)70f>w<$*S{7?q$)2jWr&WF2o-uso?IC_xTe(!#+!wzy9 za(bx%fsFt(=$3)IJ^V;_X8$A#Gq7LMw+M zYt^T*I{LUeda91@tD}eN=vti;^K473HH5I7BmfgAOOMWT_up@~SBVii86CgO>dz(u zjESuV!+cQKXDWaZLTMqGM$N30pn$epfOa8WT`_l^uFJ|kvHM3e553i9G$Riy%2*ft zJ)?DxEV#W(;cyf852T(|&2NWOlJ52^M_zW{-PO1B_HW2MXgm z&AXkhpF|yO=&$>@`+T@b?>T5Jv~~^E~YKg+wm4#uonwhuqU~yNMKsf$4H>( zNa_Shon-6c?@Lz;vW7`Vv$)uH$1#ZQV|~2^?2I;b#5;33?I^|1oEgRXw>LD1wlbLh zwpOqUL?t?-O&yIV3*z%pk@cq@T|mE1JW(RS$mZ9fEubk%qdBynE_;V(q=Brr-S7Q! z@YP@YN%%$v;MXSk8RC$fqAa4*FBxu`k({SBz)o}SD zHwK6?Jm%;$NS(Y-+1lWdOW`%9S|!z>c(W&BlFC^mWgxJqh=veFz?_ru8B|RX%6D>x z4kCx79Ox`cv3*n~DHXVkTFTCudOv?0vt}d>1+<-r&Pc&S3_3Bc(P>_*Wg67)vN@4r zCQ|U=j0xn#vV?{Sfr9);Hq^|%lRqnncnWx8(bIL_s$`M}B1m9Jg04yy@9UCzFFn_W zT81-3M#f31mg_9JF7n3qQ?xBw$4 zLkbjWm&g_nz0Hw?M)}eMv}}ZUZ8rWFKB%yoB|62ZxB?k^Pse7~S{R)*=s08?Un3MD zWempBF)5|c0mus-T7oWH4wW3B`5X1`c}^*DrL9PUF%{^5r)Fxw2NtFskVNbomG6`l z9GD9bAS?P+8okg0sl`dBSr|OQyK2H~nKkumADObj8ZOF_PxlEKq!JHr#OeO<0?J)kJy{A;M(RDn)9p_)?Q}hErFkv7_rb-O8C|K6IdFB9RL6qQ|Y(> diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml index 5692257551..6dc293cec8 100644 --- a/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml +++ b/creusot/tests/should_succeed/ghost_ptr_token/why3session.xml @@ -7,7 +7,7 @@ - + diff --git a/creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz b/creusot/tests/should_succeed/ghost_ptr_token/why3shapes.gz index 9971c808685c2af25d79de29a05bb20364d21df4..8c53fe111a71848e47b6cb092d0f897bf071b42e 100644 GIT binary patch literal 766 zcmVj*&4|%q!1Q@4P`Gab8OH$a@WMM zQ`<>szrG_W@;XVE7J_+tnt3zNGx58{ynoRL)6Y+)>#Mf;G?(+m``PeQSItQwTVJ3= z9w1;8pujl57)5{)LVz4)fDF}oR<0b>$EGv7c+tqrcaeQGvxN?66MI`zC%uS^yj6nO+zd%MxJ{Oy)&D> z`fav!8`1Al{+iFdMIN~vSAm$`bOYUzmOu`=H$y0HsbK9&30B&-a-Z%SjB^So+Gel; zLFrp}G;b$<2&o0P@92$eYx*uX_p`kKVnld5@x*Co_U(yg#%Uqc)TTT8fsE~41y`5W zr2ZIC!LM6%8j}{U@G5(sdo1&ERpwN! zZ|jqZP=H?Rx;OV1Yb{zuMysz_sv}$e&buFsC)|!UHg{l)Hl2LEfvbd=`sRAMkd0aDUzJC?mZqq-gJBE3+EoS!C-mShidq-!_tvxa{ zXvXM)sbW{Ay0^DzDB-?2xRASlV)ndq&kVU=AyJJ?6+7f)$9}%GwL1{Y*CWrPhJA9Y zZui@5=rp4>l)vPwXpv_jCsZJ&b8Szjq$QDq?OdOVdn#GGP=ck6tz4(a21P{y>*mn= zfTZ-TJ-N3NKcv((_jmM0wl{s1TgA5>05LM%j+i)Y-M%@~n{gTlJ+&G3@j=G+E`oPM zYs!91Xw5HM3>uRbFY;4cI<=)jTcMEKANyYvm#^7!Y;`1kiLM`;3)16ZG23mc?Q&aD zwXUhpE<*{|6pK{k{q$*xny%^vkZv!s8~P<`x`9!L+i$01O>&x+2+2U8NHSSO0ySTH zKv67G+#cIz-}E#%kzlAyF^r-zUu@kpPp9MRbcoYs>0e#f>yCY+TJz2o&LJ#@l{1 zB3wSnD~&3zCSc-6>FFlFHm3lU3duQvBFR8R3YGNcd{lI<qoNuW*`TPrA}f5PL2OljuJOM}3w37AxrW?G(ImzNr47(rkJ zia|!|h;o$5mzO%44Wt^&`*sIG$__3hpplw6ivlsqdrFF7ksnU}g$C6uxhC9x%&{Q>RDQ6gdo F005N8cJu%M diff --git a/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml b/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml index e4acf26148..6f7baff70d 100644 --- a/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml +++ b/creusot/tests/should_succeed/vector/06_knights_tour/why3session.xml @@ -221,37 +221,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/creusot/tests/should_succeed/vector/06_knights_tour/why3shapes.gz b/creusot/tests/should_succeed/vector/06_knights_tour/why3shapes.gz index 2d6a58801383f436c450ea9cd8c27ef68364d191..a185e4dae05f3fcbacb248dd4bd90b85ac0ba024 100644 GIT binary patch literal 11330 zcmV-IEWOhoiwFP!00000|LuKSa~!vl<~x6d-p;NZjzHp$4f}zskfIf zm;dXDee(2wp2c6cW-DIuSA2Hy|8{RKKW^n#zu*$RRrOoN_gsGQ$5zzea!d7_`tmO* ze{r^b_N3iiJ;`r(m*sDO8$a$Y@OEq);!pcUqA%FW^Zoi?4(orJ>JxV#Mug4QSA_i5 z@pnX-)qmqR4nU?~cJ?e^oa5I;+I_lgJ{+(0YC^V7Qa3fT8hX)I&7SFK4~tr_rs2Je zzx+B*NhX2+&QX+qu8*_HnyS&!YBZ}h4dPh!sm5WmFV{9>4j35V-R|?*$A4gipCy+v zw72E*w~v31V8FL;cfVh}+co8_0Q>YX-o-ECyf!$f@{)@QQ`v(g(5-(I;Lfx7>GHCC z_$cC25aRV#Gas$@=KJ2BG2aOLe=gtr_Vf+_Q_iyRqU&`+n&))7ne7Y)X z%dln~wRKzjqQ}LaSNb>Q%f;K>Z*Q{L+AWF9#KZS6`=-tnMj&1s$H|VhE3144lvmHT zL^nb3DI<7QKJ4CpE&^ORuD|P=4l`M)(?8E=Snw1dqnZTo?o-VjRH-u+m_8lM!1#5K z9%Jnvc}|aZL|D4}9qEHAwId4}^&l+-!C8ENwQD}*@_|@}`~(tgF<9!bQp1Br;ZQ|J)N+|YJFOATl#GnD9|M9q;>W&kh;UE!K# ze||u8m;>cIw(i;Y!<+vuRebWEc;P^Ze~XvDl`QI;S{V9AZXVyr`arSFy5WW&-dz6n zwtU=O#!@SRFY@lPc~hC?dXd51{Ku#FZ;M3x%kq1N_SqcDcfj0gF#&yf1aVZ_s?f_( zJrXuRdw?i=bBS)_Tg-&$fQr2ZQD^T4DD@M0;m*2E<;HE)xJqu?)odb}koLO(R17Zc zS!}O%?=IeaELRurci7x8L-A_&`-k&M*q|DhViUkp&O1OZA4?kW_SSi zhUd>~Pqu=rScA|P|9cm&n#zV_dE%mrT6EDfE2A^xmfu^QXd;xLRj^dr{(`SWgjRe(|ZMxlDq z%V@1$O|lXEspUkHPANfAw>#HaT#D%0;Cz*N&zFmd0ryMA(CSj*B{VG+Lt7*IrDCXG zDh7)7s~czsx+=(;cx}}uF^Qe7Y|uDDqH&n&S#juyTY3K0M#u4h~-0SC}+tBNd3PN3dD*fY&`1V6N z#|By-j(xYaN!?gsABi_zX)TPu#7{GIKg@p3mkWvK=XE>B&dpDYMt(9FMn#?IdDkhq z+R!aKh4Oi_k*$sF2~5p3m_mQi2bk)EPQT1LRkfkI9@El%DreMA59H zs^BcGfqshHH|1@^%&2-8tY+CjeC;tF!FmBo0+**6RJR01F!&>U z-SxO})wQk)*Xu2g?qPh#dKk(g{~C;w`uJ=8zSzBOsv)|Jt``O#3 z{{F3eyr_@05MKnzbp^e;G=F>dU$wQ5?VHQ^mS4u9YBg5y>g?G}!L4dpu8>b zj=rGy0WdB^*UhwqMqBlp0q2V6tw0jr-gY*opME-Ei(5c0{&a*>Z*eN?MBWYh*u3LD zT$HiY!JGAw^`fYHnC=iUb1Tdfe`ZMQ1F54lcgr8=vkm)To=u&>3)$JMcZ0xOvP!dAeAhovHd)A_asRn8Auq8pXFp=8u8^+HFq1AsZ`3fC_C3xnP`IJ2oA zxu|aNuTipOCkSX%vLwA&DvS_?$6Ko`YkM`dS1SnE<0>Tk*jW-y0L(rD{zPlnBjBd? z%oj@?V#ZV z_m{QGM~aV33e9^Q`0%oP`8cMU%-D0E%=>J(+U}2KyA^HcUDZ|gJrNA7%1a1Oc2b=! zp66L4GjCXD=)z9IkMdi&db0amu3ButXV2PRPCpwQ9C9#=d&lWex?8%=;%>c*&NBy$ z&U?gmbbfRYyRQ2A>ev}Tox0sD>1Ue0oxE;N4_kd%Yqdu~Iv;e#;R#CPA%@=~7fP2_MKjGeS?;>iu>BoR>|}IZkelwmo;qBh3V<#T&&c5xuW7ypTP!>Z-NY~Jtw!Fr-x`vh_zPHBW zOJR|lVTIOs^)K_^X12&Vj%~V?TbsLBOI&T@rb_)HH*U7b(O_KUs4_mOS8RsW0Qswd z8A8{C%3Z8`0--X!nkRS2SNk)t_}#BJPC@9`+wXXuqW4=>1DPspl^>&X{(SBX-734{ z3+2*T;M~X8UA?-bJ756omOfanQeChd@_W zy{%Qn*460$z`rMg?bn9#)jX7c+~&VFXixK?{j+6~$!kuZoc(@^-*uez%{Wq7y#d3p z+4lW7ON3N4gs&D3cXmbeq!yK|T^e(ZtPW`)9ha}p4!WOQnR}^@9Kh`R#-{S&_rI4b z#>pSnTLZd?JnuK^`+Z$eJ5jF!f67BS?>sB4BK0YJGtnwn8`gAgb^*NDiW7QVol%(|VqA$!Xz!FYu@?A16d_xrk{cA{Pd{*;F@5J#L3eyiE!(rUvx57jZXN1U1@ zvLFumL*jfH@>!OWZ^*?W(~Y5{6V;VL;>GxWTNhvjpxIm3lZ`mv0Wn&O7G&7Q!HFhv2ZiR!tE5pcE|g) zW8!$<=dXwFF#&!J8NBOVy8gv1js$R5rM>u2{vo#Eh(NB=2$Q?4T&Xm9?^G@6^Ul|R z&vVdgEO7C*7sTPZ_`RAXG|TS|($|T22bLTBhlCE>Ifz2I`H)TD~Qt@M~8e7x?~I1>91joP=^CPqj5l3!;}3p_phLq?5Ym-AD0Z8 z{{Udn&uU_MZw2X^j;2qf3o5ht)nx__kUXaV_eL!D|9qr6|LV2bs@QO^vTHmVg`?_P z?T}u5W$jhV$O_cY{LriVss;#Vzvs?|YSYLUV{;X2iKg^t>$)!nw$-&GConY zL#p}tYR$!f^6I&tL!zZQqQq#9)FTJ8nXA7Cb41#4-tas#NBZP6OraTa_@r5yBT}uI zBPg9&MO8~sQx{z>Arz!NjY$m}6Y=_ImS5(#)j~PyOw{X4vZ@zd4e-6}brMc+<5k($ z>irotrEb}E z=7*kYow+*u?dP0j9A3Q`o10ims^`m^sZ!5b*33BzcHmD_mGQ||&H@-?*E!4BJoqxk zHVe+0If&#}x@_caNTr_R=5pz)_X#k>%04k{2e+CQWbQP{gI2On`f%(u*(Y?j*(dVW zvQLh9^}11xFMmMxiR`ma#GjabQiDccj{Do|>*F2usUv17>=@t|c{c3$ct1X$(q2@r zy{PN77xnyXR1_|1qVzEwR^{#4(DoEEx<}@SF+3ropPwD7FUPTBypC)Fr|3{$pLX0Y z$a+5Gq+J(8;ECl}($BLQ-u0;xRcbW4;W!8as8}dN@6=-`sd6l=lVyK0BG7oy>LYWS-xp7{#7= zAa^)pXTDpm%XhllbQ7@ZZOQjz=_xN4hSv{}?_FNZK4*09xcSy|j5TDhu5{|er~>yp z?<^)f@a0&w&+9vC7qR4-{TlKB`vV<&vU>zKMb;Ia-T)L00(%B!Zr;^8=f^<}F+IN` zYY$Ato5DK(%2_#IpXIq#+wCu3W7nQQmixasuHS^}IoQ)Su3pH+S8r`~ow z$UFp<$I5&0XBr(oe9m0VU1gyjuI}T{eincB^Z0WO%(Gj~jfXbfUi^9RmM-JZW*&cL zhmRUry#vOsxc&IE8G@3k`gS@GT=fs?(cz=?7=c!Ocv;sNb4Sb?>aK@s`ECk1M4;JG zwRH6`H@eD=Zl4=%*gCQA=ovW3VXam8sAc8ALAItpSYJ8Fx{iY^dH@Gm0}gT{$Jm;4 zH2dx59AqtCy%?K=gSez}kW*8oo`c+igU0)Y-dxt`&C?;nWxRu@zqLp#?o|@Y)9%fu zcj@ACclq`WXnJ)Kuikw8`w$m0r%r&b1Bqt{T*`Vuu>n5quH^4Ix*%NFTEzl zCx&>Gt{3c#7wF8+{?qL6Kg}m<=kzol7mt$D)7tXsOSx4ZF9GXr zuQ{&Xt-Sx^@ckkgB#rlxbO(6r?|CNdysy2qV-kCBS6ltD-%1|5eLvhVS7D;Y5aKff zK0VG|1kiM-J{^K?Q_QU2+g2ZSY!f!Tcm(mn;3sn30#_iIh%ep7kaRL1wS1HI}i1Gs7#z*R#4 zSJ~Oyrv4t{w_PE=4&t|JjNd93hpJuNRoOiU{b~|hEuKZMR1bC3n3Wk0^r}T5SM`Bh zHF@s4g6q_AWmXUD9&2}S9`|TPand_`6Mx20+;4tZ_7n==);X(Q2Tl@IEj@M3QCD@7 zqprvMH8+`dJ|J}JpsKprLDl0X;ED4;{W(;9gGj(By3A~IT^;=&K9=`4VWvGZF~`dW zYw%Y}?YhBbvZ*HU(6H+aU`7VF0xr*;f~t);xSCDm)Se&J58LvC32n)>6eEZ>d&ib;_} zi++cayd8AE`GuLiZtCx0i|PvTb+APlGi*`D#-VCW^~J0C7Dcu0-WElDzjJ%LhdORi zM)yad>(iK-%*b>|=`q)+f2sP>9XNw7Jauk>^LZA@a>hN^8na5e1SA&*baWq{97}o+ z@38&3@jApWD#qqNr?Xm`;a0|`{>86*x|w$~?WF$R*Y{B4y*w;@#(tM$CvmCI_t(c_ zc(dVl8%nPQy*`EkjVh;ihbpIc2gCXnHc)G9Fi?9o@!#w~q$!)A1O2r(W1Is0wbzWC zgmvvjBd1!QRF35BV0cu4lD9gkN0gmg8U!zp1JDO+XTQR7<=iE9Uvu%uNn-uXu#OC; z4)%mfcT1x=q4r6>!LwWG;fUUMOGqq~48{GOzJr9WyM$zt_40f1y0E5?KU#DA9+DI1 zlBYWBr`@k@`o~}e_YTWz9g)Xfnk!d!=;1yR(!+%$q=p+w4&9Mva7UiFlSHoENkVeC zl!WAPD+$qXEeQ>`b$$-xy(GSKPUG;t&B_aA3Lt&_JQBoL{)kp30iHD{AVln%%73ky8z~{V5uY#LUS#0a7%8 zm;fN-1cXR2lc{w^*RxUqT`fXh2x0zaW(M9)N z4gkO6c&In~DSwUQ!GBl3;iisBYo_s%!*Cx z=gXrS2`~4IyW_@!5uLH{a$z9wz1DZEl$pasVOj6h{)JziRvFFFRN-60?rXAzuTdGz zv3y~nIqa*noN zyMV@;y^xbND_7nOg^Sy9uBrLUO4aq!)thlDVym;WdI1oM*XQDR?bS~AuM0xS>L}N) z3%a)MFKd;L6d#$C)$4*{^Pg*X&CouX_xW(G-5-1HR?L!v>wkuG!?vb7Mzsa(U-Axw=K0T%EMZ)epAG)e&XjnBNgwv{To49&4qg2W6%i@Sg6v zEL*4Jc)1$?qK@_0a_j0;Yi=Aps&l2i3#&%Ra?#6>hPsDa?L2h7Y#S9QJZ z%))QBvrA9eZl1!3x9r3koAW(ctYUWx_Ec$7wCB0DdX~PsxKyj&bH(|)cKB&mL?8EQ zIDyyAfto&nccwM>HFoZMNpL$J_=9*4jX|6nhqtD<&rM=|YpEYc&7?)c_~vZ9hi3+3 zYs|B)KVlwjz1jL|75O7p5o+`t;r)yA{ZViIkUs3)*4zH#4{w*(XK^R;s7TuqJFpH# zS}pJGQ{u~R`#=7|m)?rdJ#uN6AL>m9sVg`5=srahPw2k;J1%^U1Ig#Z-)O0g$)a4+>r5SHPK>$%4JaY^tW((C#Z?5^{xS9GC#<&G{hIB56}OSlz5w%YE?vYqY5 zCESDu|A|Juf^2Zx;JYeje9|cH=8qwCf3rrYn(RuVOS0t$OoHbJ0eM5?T@xs%R^_5Z z&XZnIf#1HE!3nW1?T$8$XPdZmIL}03p8bk;Qvx+=O^@PL_eT$@d+s?=_q_>#3Sj|A zEYqk%c(p$}i{C>Ub+A(!b(qf0(>B!1;b6C+KR563G*6>Om4kEh1f~r0bMwSUl)H*u z9(Cvr&WHVj^IC$te~Nw2UhHcD({*hs&TZX@kRnvK*Oi4NsP(ng96g$?-)xeeJ3nGNX;sSU{u(T2pCYg(If zu)rc`WkQ=;hpovw9~z~!d7{Eb`HgZLWjD%f6gpKKC2yl^=acs(SktsgWog=$lEj8X z7PFjd*P1q3+-9e;D61%gm%MR>L?dM@T;r5VMLR>aQ+fOS`s{KB{Wbb(vTa(CT3ce% zIvsdhto^Dx={mMetAo~>T*4OyS*(!cqD!Qm(6wuQSG}jKTH|BV)D+zqucYv;l7+kq zBA8fvcN=Xt`c}ECmD#ui2D3VpfF*~Oqzx#ZvQe%yPmJ6c+8D9XK)~NV0=bAFqL;Y@ z-{wfZB`+H+u;gR5k}3k~ZgB{%=wzI2M6x1EXkQW%M=KkRYo)PIECi0-ShKNuW7WpW zjirqh8xuChZ;aa*duEK*jgyVfAxPGFvyFIrw#sfVdEgk+{W3B zGaIKjPHmjrINCU|v0-EVS+S~M@kfE#P_4CXWAWuoQeNxgDoc8|@pj|Q#_Nq&8!x{C zep8~w8dD0KrmV&e3OQ`N3(-)MRa4>n@9Lr`Lslry45fs1QX0r;86pFE_)6;3`V>@?+F;ud+TvXdt-;C>OfM*6_<*wovo<;oo8ULWZGycWB+#?c zjl#ZegvV&Dal9XSOR;rrkQE86I^t!=>y8&5uRLCQy!LqU@#?F~5A_K31S5`m0`&yy z3Dgt%ZU@pj3n8OhY~fhy#_IxmqiI}#1))_FyMf4uF__dO6N`{g2`DtegzO|Szl3N( zqmC-(0S$<(#WrMPBm-s3RGu%5Y}(dF3&rHY4JeDIu^zig(z($FHZXo+n=!K0x-FsG zAE2;4m=OivxHd~CL~`UZM4-x6lpL~=33_5bBK>eirBLsznppg(%l9MBY-bUJ<9+~FP%|=I1K?yo2K?x;jq4S{