source: CIVL/examples/verifyThis/2018/gap.cvl

main
Last change on this file was ea777aa, checked in by Alex Wilton <awilton@…>, 3 years ago

Moved examples, include, build_default.properties, common.xml, and README out from dev.civl.com into the root of the repo.

git-svn-id: svn://vsl.cis.udel.edu/civl/trunk@5704 fb995dde-84ed-4084-dfe6-e5aef3e2452c
  • Property mode set to 100644
File size: 4.1 KB
Line 
1#include<pointer.cvh>
2#include<string.h>
3#include<stdlib.h>
4
5$input int K; // growing step
6$assume(K > 0);
7int N; // initial length of the array, havoced at main
8int * a; // pointer to the arbitrary array of length N
9int l, r; // l and r, havoed at main
10
11void left() {
12 if (l != 0) {
13 l--;
14 r--;
15 a[r] = a[l];
16 }
17}
18
19void right() {
20 if (r < N) {
21 a[l] = a[r];
22 r++;
23 l++;
24 }
25}
26
27void delete() {
28 if (l > 0) {
29 l--;
30 }
31}
32
33void grow() {
34 int * b = (int *)malloc(sizeof(int) * (N + K));
35
36 memcpy(b, a, sizeof(int) * l);
37 memcpy(b+r+K, a+r, sizeof(int) * (N-r));
38 r += K;
39 N += K;
40 free(a);
41 a = b;
42}
43
44void insert(int x) {
45 if (l == r) grow();
46 a[l] = x;
47 l++;
48}
49
50/* ********************** Drivers ******************** */
51void left_driver() {
52 $assume_push(l <= r && 0 <= l && r < N);
53
54 int pre_text[N-r+l]; // the text content at pre-state
55
56 a = (int *)malloc(sizeof(int) * N);
57 memcpy(pre_text, a, l * sizeof(int));
58 memcpy(pre_text+l, a+r, (N-r) * sizeof(int));
59 // call left:
60 left();
61
62 int text[N-r+l]; // the text content at post-state
63
64 memcpy(text, a, l * sizeof(int));
65 memcpy(text+l, a+r, (N-r) * sizeof(int));
66 // text content preserves:
67 $assert_equals(&text, &pre_text);
68 free(a);
69 $assume_pop();
70}
71
72void right_driver() {
73 // assumptions and assertions are identical to left_driver.
74 $assume_push(l <= r && 0 <= l && r < N);
75
76 int pre_text[N-r+l];
77
78 a = (int *)malloc(sizeof(int) * N);
79 memcpy(pre_text, a, l * sizeof(int));
80 memcpy(pre_text+l, a+r, (N-r) * sizeof(int));
81 // call right:
82 right();
83
84 int text[N-r+l];
85
86 memcpy(text, a, l * sizeof(int));
87 memcpy(text+l, a+r, (N-r) * sizeof(int));
88 $assert_equals(&text, &pre_text);
89 free(a);
90 $assume_pop();
91}
92
93void delete_driver() {
94 $assume_push(l <= r && 0 <= l && r < N);
95
96 int pre_text[N-r+l]; // the text content at pre-state
97 int pre_l = l; // value of l at pre-state
98
99 a = (int *)malloc(sizeof(int) * N);
100 memcpy(pre_text, a, l * sizeof(int));
101 memcpy(pre_text+l, a+r, (N-r) * sizeof(int));
102 // call delete:
103 delete();
104
105 int text[N-r+l]; // the text content at post-state
106 int numDel = pre_l - l; // the number of deleted element, either 1 or 0
107
108 memcpy(text, a, l * sizeof(int));
109 memcpy(text+l, a+r, (N-r) * sizeof(int));
110 // text content before l - 1 preserves:
111 $assert($forall (int i : 0 .. l-2) pre_text[i] == text[i]);
112 // text content after l - 1 preserves but shift to left by numDel:
113 $assert($forall (int i : l .. (N-r+l-1)) pre_text[i+numDel] == text[i]);
114 free(a);
115 $assume_pop();
116}
117
118void insert_driver() {
119 $assume_push(l <= r && 0 <= l && r < N);
120
121 int pre_text[N-r+l]; // the text content at pre-state
122 int x; // the arbitrary inserted value
123
124 a = (int *)malloc(sizeof(int) * N);
125 $havoc(&x);
126 memcpy(pre_text, a, l * sizeof(int));
127 memcpy(pre_text+l, a+r, (N-r) * sizeof(int));
128 // call delete:
129 insert(x);
130
131 int text[N-r+l]; // the text content at post-state
132
133 memcpy(text, a, l * sizeof(int));
134 memcpy(text+l, a+r, (N-r) * sizeof(int));
135 // The text content before l-1 preserves:
136 $assert($forall (int i : 0 .. l-2) pre_text[i] == text[i]);
137 // The element at l-1 is the inserted one:
138 $assert(text[l-1] == x);
139 // The text content after l-1 preserves but shift to right by one:
140 $assert($forall (int i : l .. (N-r+l-1)) pre_text[i-1] == text[i]);
141 free(a);
142 $assume_pop();
143}
144
145void grow_driver() {
146 $assume_push(l <= r && 0 <= l && r < N);
147
148 int pre_text[N-r+l]; // the text content at pre-state
149
150 a = (int *)malloc(sizeof(int) * N);
151 memcpy(pre_text, a, l * sizeof(int));
152 memcpy(pre_text+l, a+r, (N-r) * sizeof(int));
153 // call grow:
154 grow();
155
156 int text[N-r+l]; // the text content at post-state
157
158 memcpy(text, a, l * sizeof(int));
159 memcpy(text+l, a+r, (N-r) * sizeof(int));
160 // the text content is preserved:
161 $assert_equals(&text, &pre_text);
162 free(a);
163 $assume_pop();
164}
165
166/* **************** Main: the Entry ************** */
167
168int main() {
169 $havoc(&N);
170 $assume(N > 0);
171 $havoc(&l);
172 $havoc(&r);
173 left_driver();
174 right_driver();
175 delete_driver();
176 grow_driver();
177 insert_driver();
178 return 0;
179}
Note: See TracBrowser for help on using the repository browser.