Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions src/analyze/annot_fn.rs
Original file line number Diff line number Diff line change
Expand Up @@ -621,6 +621,30 @@ impl<'a, 'tcx> AnnotFnTranslator<'a, 'tcx> {
let terms = exprs.iter().map(|e| self.to_term(e)).collect();
FormulaOrTerm::Term(chc::Term::tuple(terms))
}
ExprKind::Struct(_qpath, fields, _tail) => {
// Structs are represented as tuples in the logic; a struct literal maps to a
// tuple with fields placed at their declaration position (named field order),
// regardless of the order they are written in the literal.
let adt = self
.expr_ty(hir)
.ty_adt_def()
.expect("struct literal on a non-ADT type");
let variant = adt.non_enum_variant();
let mut terms: Vec<_> = variant.fields.iter().map(|_| None).collect();
for field in fields.iter() {
let index = variant
.fields
.iter()
.position(|f| f.name == field.ident.name)
.expect("unknown named field in struct literal");
terms[index] = Some(self.to_term(field.expr));
}
let terms = terms
.into_iter()
.map(|t| t.expect("missing field in struct literal"))
.collect();
FormulaOrTerm::Term(chc::Term::tuple(terms))
}
ExprKind::Field(expr, field) => {
// Tuples use numeric field names (`.0`); structs (represented as
// tuples in the logic) use named fields resolved to their position.
Expand Down
131 changes: 67 additions & 64 deletions std.rs
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,10 @@ mod thrust_models {
}

#[thrust::def::seq_model]
pub struct Seq<T: ?Sized>(pub Array<Int, T>, pub Int);
pub struct Seq<T: ?Sized> {
pub array: Array<Int, T>,
pub length: Int,
}

impl<T, U> PartialEq<U> for Seq<T> where U: super::Model<Ty = Self> {
#[thrust::ignored]
Expand Down Expand Up @@ -716,14 +719,14 @@ fn _extern_spec_i32_is_negative(x: i32) -> bool {

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result.1 == 0)]
#[thrust_macros::ensures(result.length == 0)]
fn _extern_spec_vec_new<T>() -> Vec<T> where T: thrust_models::Model, T::Ty: PartialEq {
Vec::<T>::new()
}

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(!vec == thrust_models::model::Seq((*vec).0.store((*vec).1, elem), (*vec).1 + 1))]
#[thrust_macros::ensures(!vec == thrust_models::model::Seq { array: (*vec).array.store((*vec).length, elem), length: (*vec).length + 1 })]
fn _extern_spec_vec_push<T>(vec: &mut Vec<T>, elem: T)
where T: thrust_models::Model, T::Ty: PartialEq
{
Expand All @@ -732,24 +735,24 @@ fn _extern_spec_vec_push<T>(vec: &mut Vec<T>, elem: T)

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result == vec.1)]
#[thrust_macros::ensures(result == (*vec).length)]
fn _extern_spec_vec_len<T>(vec: &Vec<T>) -> usize where T: thrust_models::Model, T::Ty: PartialEq {
Vec::len(vec)
}

#[thrust::extern_spec_fn]
#[thrust_macros::requires(index < vec.1)]
#[thrust_macros::ensures(*result == vec.0[index])]
#[thrust_macros::requires(index < (*vec).length)]
#[thrust_macros::ensures(*result == (*vec).array[index])]
fn _extern_spec_vec_index<T>(vec: &Vec<T>, index: usize) -> &T where T: thrust_models::Model, T::Ty: PartialEq {
<Vec<T> as std::ops::Index<usize>>::index(vec, index)
}

#[thrust::extern_spec_fn]
#[thrust_macros::requires(index < (*vec).1)]
#[thrust_macros::requires(index < (*vec).length)]
#[thrust_macros::ensures(
*result == (*vec).0[index] &&
!result == (!vec).0[index] &&
!vec == thrust_models::model::Seq((*vec).0.store(index, !result), (*vec).1)
*result == (*vec).array[index] &&
!result == (!vec).array[index] &&
!vec == thrust_models::model::Seq { array: (*vec).array.store(index, !result), length: (*vec).length }
)]
fn _extern_spec_vec_index_mut<T>(vec: &mut Vec<T>, index: usize) -> &mut T
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -759,22 +762,22 @@ fn _extern_spec_vec_index_mut<T>(vec: &mut Vec<T>, index: usize) -> &mut T

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures((!vec).1 == 0)]
#[thrust_macros::ensures((!vec).length == 0)]
fn _extern_spec_vec_clear<T>(vec: &mut Vec<T>) where T: thrust_models::Model, T::Ty: PartialEq {
Vec::clear(vec)
}

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(!vec).0 == (*vec).0 && (
(!vec).array == (*vec).array && (
(
(*vec).1 > 0 &&
(!vec).1 == (*vec).1 - 1 &&
result == Some((*vec).0[(*vec).1 - 1])
(*vec).length > 0 &&
(!vec).length == (*vec).length - 1 &&
result == Some((*vec).array[(*vec).length - 1])
) || (
(*vec).1 == 0 &&
(!vec).1 == 0 &&
(*vec).length == 0 &&
(!vec).length == 0 &&
result == None
)
)
Expand All @@ -785,7 +788,7 @@ fn _extern_spec_vec_pop<T>(vec: &mut Vec<T>) -> Option<T> where T: thrust_models

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result == ((*vec).1 == 0))]
#[thrust_macros::ensures(result == ((*vec).length == 0))]
fn _extern_spec_vec_is_empty<T>(vec: &Vec<T>) -> bool where T: thrust_models::Model, T::Ty: PartialEq {
Vec::is_empty(vec)
}
Expand All @@ -794,10 +797,10 @@ fn _extern_spec_vec_is_empty<T>(vec: &Vec<T>) -> bool where T: thrust_models::Mo
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(
(*vec).1 > len &&
!vec == thrust_models::model::Seq((*vec).0, len)
(*vec).length > len &&
!vec == thrust_models::model::Seq { array: (*vec).array, length: len }
) || (
(*vec).1 <= len &&
(*vec).length <= len &&
!vec == *vec
)
)]
Expand Down Expand Up @@ -834,7 +837,7 @@ fn _extern_spec_vec_as_ref<T>(vec: &Vec<T>) -> &[T]

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result == slice.1)]
#[thrust_macros::ensures(result == (*slice).length)]
fn _extern_spec_slice_len<T>(slice: &[T]) -> usize
where T: thrust_models::Model, T::Ty: PartialEq
{
Expand All @@ -843,7 +846,7 @@ fn _extern_spec_slice_len<T>(slice: &[T]) -> usize

#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result == (slice.1 == 0))]
#[thrust_macros::ensures(result == ((*slice).length == 0))]
fn _extern_spec_slice_is_empty<T>(slice: &[T]) -> bool
where T: thrust_models::Model, T::Ty: PartialEq
{
Expand All @@ -853,8 +856,8 @@ fn _extern_spec_slice_is_empty<T>(slice: &[T]) -> bool
#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(index < slice.1 && result == Some(&slice.0[index]))
|| (slice.1 <= index && result == None)
(index < (*slice).length && result == Some(&(*slice).array[index]))
|| ((*slice).length <= index && result == None)
)]
fn _extern_spec_slice_get<T>(slice: &[T], index: usize) -> Option<&T>
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -865,17 +868,17 @@ fn _extern_spec_slice_get<T>(slice: &[T], index: usize) -> Option<&T>
#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(index < (*slice).1
(index < (*slice).length
&& result == Some(thrust_models::model::Mut::new(
(*slice).0[index],
(!slice).0[index],
(*slice).array[index],
(!slice).array[index],
))
&& !slice == thrust_models::model::Seq(
(*slice).0.store(index, (!slice).0[index]),
(*slice).1,
)
&& !slice == thrust_models::model::Seq {
array: (*slice).array.store(index, (!slice).array[index]),
length: (*slice).length,
}
)
|| ((*slice).1 <= index && result == None && !slice == *slice)
|| ((*slice).length <= index && result == None && !slice == *slice)
)]
fn _extern_spec_slice_get_mut<T>(slice: &mut [T], index: usize) -> Option<&mut T>
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -886,8 +889,8 @@ fn _extern_spec_slice_get_mut<T>(slice: &mut [T], index: usize) -> Option<&mut T
#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(slice.1 > 0 && result == Some(&slice.0[0]))
|| (slice.1 == 0 && result == None)
((*slice).length > 0 && result == Some(&(*slice).array[0]))
|| ((*slice).length == 0 && result == None)
)]
fn _extern_spec_slice_first<T>(slice: &[T]) -> Option<&T>
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -898,17 +901,17 @@ fn _extern_spec_slice_first<T>(slice: &[T]) -> Option<&T>
#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
((*slice).1 > 0
((*slice).length > 0
&& result == Some(thrust_models::model::Mut::new(
(*slice).0[0],
(!slice).0[0],
(*slice).array[0],
(!slice).array[0],
))
&& !slice == thrust_models::model::Seq(
(*slice).0.store(0, (!slice).0[0]),
(*slice).1,
)
&& !slice == thrust_models::model::Seq {
array: (*slice).array.store(0, (!slice).array[0]),
length: (*slice).length,
}
)
|| ((*slice).1 == 0 && result == None && !slice == *slice)
|| ((*slice).length == 0 && result == None && !slice == *slice)
)]
fn _extern_spec_slice_first_mut<T>(slice: &mut [T]) -> Option<&mut T>
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -919,8 +922,8 @@ fn _extern_spec_slice_first_mut<T>(slice: &mut [T]) -> Option<&mut T>
#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(slice.1 > 0 && result == Some(&slice.0[slice.1 - 1]))
|| (slice.1 == 0 && result == None)
((*slice).length > 0 && result == Some(&(*slice).array[(*slice).length - 1]))
|| ((*slice).length == 0 && result == None)
)]
fn _extern_spec_slice_last<T>(slice: &[T]) -> Option<&T>
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -931,20 +934,20 @@ fn _extern_spec_slice_last<T>(slice: &[T]) -> Option<&T>
#[thrust::extern_spec_fn]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
((*slice).1 > 0
((*slice).length > 0
&& result == Some(thrust_models::model::Mut::new(
(*slice).0[(*slice).1 - 1],
(!slice).0[(*slice).1 - 1],
(*slice).array[(*slice).length - 1],
(!slice).array[(*slice).length - 1],
))
&& !slice == thrust_models::model::Seq(
(*slice).0.store(
(*slice).1 - 1,
(!slice).0[(*slice).1 - 1],
&& !slice == thrust_models::model::Seq {
array: (*slice).array.store(
(*slice).length - 1,
(!slice).array[(*slice).length - 1],
),
(*slice).1,
)
length: (*slice).length,
}
)
|| ((*slice).1 == 0 && result == None && !slice == *slice)
|| ((*slice).length == 0 && result == None && !slice == *slice)
)]
fn _extern_spec_slice_last_mut<T>(slice: &mut [T]) -> Option<&mut T>
where T: thrust_models::Model, T::Ty: PartialEq
Expand All @@ -956,23 +959,23 @@ fn _extern_spec_slice_last_mut<T>(slice: &mut [T]) -> Option<&mut T>
// a generic index (I: SliceIndex) that isn't specific to usize, maybe once #83 is implemented.

#[thrust::extern_spec_fn]
#[thrust_macros::requires(index < slice.1)]
#[thrust_macros::ensures(*result == slice.0[index])]
#[thrust_macros::requires(index < (*slice).length)]
#[thrust_macros::ensures(*result == (*slice).array[index])]
fn _extern_spec_slice_index<T>(slice: &[T], index: usize) -> &T
where T: thrust_models::Model, T::Ty: PartialEq
{
<[T] as std::ops::Index<usize>>::index(slice, index)
}

#[thrust::extern_spec_fn]
#[thrust_macros::requires(index < (*slice).1)]
#[thrust_macros::requires(index < (*slice).length)]
#[thrust_macros::ensures(
*result == (*slice).0[index] &&
!result == (!slice).0[index] &&
!slice == thrust_models::model::Seq(
(*slice).0.store(index, !result),
(*slice).1,
)
*result == (*slice).array[index] &&
!result == (!slice).array[index] &&
!slice == thrust_models::model::Seq {
array: (*slice).array.store(index, !result),
length: (*slice).length,
}
)]
fn _extern_spec_slice_index_mut<T>(slice: &mut [T], index: usize) -> &mut T
where T: thrust_models::Model, T::Ty: PartialEq
Expand Down
4 changes: 2 additions & 2 deletions tests/ui/fail/loop_invariant_fn_param_at_entry.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@
//@compile-flags: -C debug-assertions=off

#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result.1 == v.1 + 2)]
#[thrust_macros::ensures(result.length == v.length + 2)]
#[thrust_macros::invariant_context]
fn push_two(v: Vec<i64>) -> Vec<i64> {
let mut w = v;
let mut i = 0_i64;
while i < 2 {
thrust_macros::invariant!(
|i: i64, w: Vec<i64>, v: thrust_models::FnParam<Vec<i64>>|
w.1 == v.at_entry().1 + i && i <= 2
w.length == v.at_entry().length + i && i <= 2
);
w.push(i);
w.push(i);
Expand Down
8 changes: 4 additions & 4 deletions tests/ui/fail/seq_specs_vec_build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ use thrust_models::model::Seq;

#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
result.1 == Seq::empty().push(10).push(20).push(30).len()
&& result.0[0] == Seq::empty().push(10).push(20).push(30)[0]
&& result.0[1] == Seq::empty().push(10).push(20).push(30)[1]
result.length == Seq::empty().push(10).push(20).push(30).len()
&& result.array[0] == Seq::empty().push(10).push(20).push(30)[0]
&& result.array[1] == Seq::empty().push(10).push(20).push(30)[1]
// wrong: last element should be 30, not 99
&& result.0[2] == Seq::empty().push(10).push(20).push(99)[2]
&& result.array[2] == Seq::empty().push(10).push(20).push(99)[2]
)]
fn build_three() -> Vec<i64> {
let mut v = Vec::new();
Expand Down
2 changes: 1 addition & 1 deletion tests/ui/fail/slice_first_mut.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
#[thrust::trusted]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(*result).1 > 0 && (*result).0[0] == 10
(*result).length > 0 && (*result).array[0] == 10
)]
fn slice() -> &'static mut [i32] {
unimplemented!()
Expand Down
2 changes: 1 addition & 1 deletion tests/ui/fail/slice_index.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

#[thrust::trusted]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(result.1 == 1 && result.0[0] == 10)]
#[thrust_macros::ensures((*result).length == 1 && (*result).array[0] == 10)]
fn slice() -> &'static [i32] {
unimplemented!()
}
Expand Down
2 changes: 1 addition & 1 deletion tests/ui/fail/slice_index_mut.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
#[thrust::trusted]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(*result).1 > 1 && (*result).0[1] == 20
(*result).length > 1 && (*result).array[1] == 20
)]
fn slice() -> &'static mut [i32] {
unimplemented!()
Expand Down
4 changes: 2 additions & 2 deletions tests/ui/fail/slice_last_mut.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
#[thrust::trusted]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
(*result).1 > 0
&& (*result).0[(*result).1 - 1] == 30
(*result).length > 0
&& (*result).array[(*result).length - 1] == 30
)]
fn slice() -> &'static mut [i32] {
unimplemented!()
Expand Down
6 changes: 3 additions & 3 deletions tests/ui/fail/slice_methods.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@
#[thrust::trusted]
#[thrust_macros::requires(true)]
#[thrust_macros::ensures(
result.1 == 2
&& result.0[0] == 10
&& result.0[1] == 20
(*result).length == 2
&& (*result).array[0] == 10
&& (*result).array[1] == 20
)]
fn slice() -> &'static [i32] {
unimplemented!()
Expand Down
Loading