ada/why3
0
0
Fork 0
mirror of https://github.com/AdaCore/why3.git synced 2026-02-12 12:34:55 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
why3/examples_in_progress/ladderstring.mlw
MARCHE Claude 72a423af11 move examples in progress outside the examples directory
2023-03-08 12:26:34 +00:00

152 lines
5.7 KiB
Plaintext
Raw Permalink Blame History

module LadderStringMelseqiQR
(* According to MELSEQ iQ-R programming manual *)
use string.String as S
use int.Int
type astring = String string
| WString string
(** type for MELSEQ iQ-R any_string *)
type aint = int
(** type for MELSEQ iQ-R any_int TODO *)
let function string_of_astring (s: astring) =
match s with
| String s -> s
| WString s -> s
end
meta coercion function string_of_astring
predicate satisfy_size (s: astring) =
match s with
| String s -> S.length s <= 255
| WString s -> S.length s < 128
end
val function length (s: astring) : aint
requires {satisfy_size s}
ensures {result = S.length s}
val function left (s: astring) (x: aint) : astring
requires {satisfy_size s}
requires {0 <= x < S.length s}
ensures {result = S.substring s 0 x}
val function right (s: astring) (x: aint) : astring
requires {satisfy_size s}
requires {0 <= x <= S.length s}
ensures {result = S.substring s (S.length s - x) x}
val function middle (s: astring) (x i: aint) : astring
requires {satisfy_size s}
requires {0 < i <= S.length s}
requires {0 <= x <= S.length s - i + 1}
ensures {result = S.substring s (i-1) x}
val function concat2 (s1 s2: astring) : astring
requires {satisfy_size s1 && satisfy_size s2}
ensures {result = S.substring (S.concat s1 s2) 0 256}
(* TODO check if this actually happens in iQ-R *)
val function concat3 (s1 s2 s3: astring) : astring
requires {satisfy_size s1 && satisfy_size s2 && satisfy_size s3}
ensures {result = S.substring (S.concat (S.concat s1 s2) s3) 0 256}
(* TODO check if this actually happens in iQ-R *)
val function concat4 (s1 s2 s3 s4: astring) : astring
requires {satisfy_size s1 && satisfy_size s2 && satisfy_size s3 &&
satisfy_size s4}
ensures {result = S.substring (S.concat (S.concat s1 s2) (S.concat s3 s4)) 0 256}
(* TODO check if this actually happens in iQ-R *)
val function concat5 (s1 s2 s3 s4 s5: astring) : astring
requires {satisfy_size s1 && satisfy_size s2 && satisfy_size s3 &&
satisfy_size s4 && satisfy_size s5}
ensures {result =
S.substring (S.concat (S.concat s1 s2) (S.concat s3 (S.concat s4 s5))) 0 256}
(* TODO check if this actually happens in iQ-R *)
val function insert (s1: astring) (s2: astring) (i: aint) : astring
requires {satisfy_size s1 && satisfy_size s2}
requires {0 < i <= S.length s1}
requires {length s1 + length s2 < 256}
ensures {result = S.concat (S.concat (S.substring s1 0 i)
s2)
(S.substring s1 i (length s1))}
val function delete (s: astring) (x i: aint) : astring
requires {satisfy_size s}
requires {0 < i < S.length s}
requires {0 <= x <= S.length s - i + 1}
ensures {result = S.concat (S.substring s 0 (i - 1))
(S.substring s (i + x - 1)
(S.length s - i - x + 1))}
val function replace (s1: astring) (s2: astring) (x i: aint) : astring
requires {satisfy_size s1 && satisfy_size s2}
requires {0 < i < S.length s1}
requires {0 <= x <= length s1 - i + 1}
requires {S.length s2 >= x}
(* this is not part of MELSEQ iQ-R manual, but the simulator seems
to have this behavior *)
ensures {result = S.concat (S.concat (S.substring s1 0 i)
(S.substring s2 0 x))
(S.substring s1 (i + x - 1) (S.length s1))}
val function find (s1: astring) (s2: astring) : aint
requires {satisfy_size s1 && satisfy_size s2}
ensures {result = S.indexof s1 s2 0 + 1}
end
(* module LadderString1 (* According to IEC 61131-3 *) *)
(* type char *)
(* type wchar *)
(* type string *)
(* type wstring *)
(* type any_char = Char char *)
(* | WChar wchar *)
(* type any_string = String string *)
(* | WString wstring *)
(* type any_chars = AChar any_char *)
(* | AString any_string *)
(* type any_int *)
(* function len (s: any_string) : any_int *)
(* function left (s: any_string) (i: any_int) : any_string *)
(* function right (s: any_string) (i: any_int) : any_string *)
(* function middle (s: any_string) (i o: any_int) : any_string *)
(* function concat2 (s1 s2: any_chars) : any_string *)
(* function concat3 (s1 s2 s3: any_chars) : any_string *)
(* function concat4 (s1 s2 s3 s4: any_chars) : any_string *)
(* function concat5 (s1 s2 s3 s4 s5: any_chars) : any_string *)
(* function insert (s1: any_string) (s2: any_chars) (i: any_int) : any_string *)
(* function delete (s: any_string) (o i: any_int) : any_string *)
(* function replace (s1: any_string) (s2: any_chars) (o i: any_int) : any_string *)
(* function find (s1: any_string) (s2: any_chars) : any_int *)
(* end *)
(* module LaddeeString2 *)
(* type char *)
(* type wchar *)
(* type string *)
(* type wstring *)
(* function len (s: wstring) : int *)
(* function left (s: wstring) (i: int) : wstring *)
(* function right (s: wstring) (i: int) : wstring *)
(* function middle (s: wstring) (i o: int) : wstring *)
(* function concat2 (s1 s2: wstring) : wstring *)
(* function concat3 (s1 s2 s3: wstring) : wstring *)
(* function concat4 (s1 s2 s3 s4: wstring) : wstring *)
(* function concat5 (s1 s2 s3 s4 s5: wstring) : wstring *)
(* function insert (s1 s2: wstring) (i: int) : wstring *)
(* function delete (s: wstring) (o i: int) : wstring *)
(* function replace (s1 s2: wstring) (o i: int) : wstring *)
(* function find (s1 s2: wstring) : int *)
(* end *)
Reference in New Issue View Git Blame Copy Permalink