isabelle: src/HOL/Boogie/Examples/VCC_Max.thy@8ae45e87b992 (annotated)

33419 8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	1	(* Title: HOL/Boogie/Examples/VCC_Max.thy
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	2	Author: Sascha Boehme, TU Muenchen
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	3	*)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	4
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	5	header {* Boogie example from VCC: get the greatest element of a list *}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	6
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	7	theory VCC_Max
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	8	imports Boogie
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	9	begin
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	10
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	11	text {*
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	12	We prove correct the verification condition generated from the following
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	13	C code:
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	14
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	15	\begin{verbatim}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	16	#include "vcc.h"
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	17
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	18	typedef unsigned char byte;
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	19	typedef unsigned long ulong;
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	20
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	21	static byte maximum(byte arr[], ulong len)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	22	requires(wrapped(as_array(arr, len)))
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	23	requires (0 < len && len < (1UI64 << 40))
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	24	ensures (forall(ulong i; i<len ==> arr[i] <= result))
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	25	ensures (exists(ulong i; i<len && arr[i] == result))
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	26	{
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	27	byte max = arr[0];
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	28	ulong p;
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	29	spec(ulong witness = 0;)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	30
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	31	for (p = 1; p < len; p++)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	32	invariant(p <= len)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	33	invariant(forall(ulong i; i < p ==> arr[i] <= max))
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	34	invariant(witness < len && arr[witness] == max)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	35	{
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	36	if (arr[p] > max)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	37	{
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	38	max = arr[p];
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	39	speconly(witness = p;)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	40	}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	41	}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	42	return max;
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	43	}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	44	\end{verbatim}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	45	*}
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	46
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	47	boogie_open (quiet) "~~/src/HOL/Boogie/Examples/VCC_Max"
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	48
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	49	boogie_status
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	50
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	51	boogie_vc b_maximum
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	52	unfolding labels
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	53	using [[smt_cert="~~/src/HOL/Boogie/Examples/cert/VCC_b_maximum"]]
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	54	using [[z3_proofs=true]]
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	55	by (smt boogie)
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	56
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	57	boogie_end
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	58
8ae45e87b992 added HOL-Boogie boehmes parents: diff changeset	59	end

author	boehmes
	Tue, 03 Nov 2009 17:54:24 +0100
changeset 33419	8ae45e87b992
child 33445	f0c78a28e18e
permissions	-rw-r--r--