| [260762f] | 1 | /*
|
|---|
| [76f18de] | 2 | Author: Yihao Yan
|
|---|
| [f3368e99] | 3 |
|
|---|
| [41eb9b6] | 4 | See challenge 1 of: http://etaps2015.verifythis.org/challenges
|
|---|
| 5 |
|
|---|
| 6 | -----------------
|
|---|
| 7 | Problem description:
|
|---|
| [260762f] | 8 |
|
|---|
| 9 | Verify a function isRelaxedPrefix determining if a list _pat_ (for
|
|---|
| 10 | pattern) is a relaxed prefix of another list _a_.
|
|---|
| 11 |
|
|---|
| 12 | The relaxed prefix property holds iff _pat_ is a prefix of _a_ after
|
|---|
| 13 | removing at most one element from _pat_.
|
|---|
| 14 |
|
|---|
| 15 | examples:
|
|---|
| 16 | pat = {1,3} is a relaxed prefix of a = {1,3,2,3} (standard prefix)
|
|---|
| 17 | pat = {1,2,3} is a relaxed prefix of a = {1,3,2,3} (remove 2 from pat)
|
|---|
| 18 | pat = {1,2,4} is not a relaxed prefix of a = {1,3,2,3}.
|
|---|
| 19 |
|
|---|
| [41eb9b6] | 20 | -----------------
|
|---|
| 21 | Verification Task:
|
|---|
| 22 |
|
|---|
| 23 | Implement the isRelaxedPrefix function which takes two arrays and their length
|
|---|
| 24 | as input and verify that it behaves as described.
|
|---|
| 25 |
|
|---|
| [0cdc417] | 26 | -----------------
|
|---|
| 27 | Result:
|
|---|
| [260762f] | 28 |
|
|---|
| [76f18de] | 29 | For any array X1 with length less than 5 and any array X2 with length less than 4,
|
|---|
| 30 | function isRelaxedPrefix will tell if X1 can become a prefix of X2 by removing at
|
|---|
| [0cdc417] | 31 | most one element. Therefore, the isRelaxedPrefix behaves correctly.
|
|---|
| 32 |
|
|---|
| 33 | -----------------
|
|---|
| 34 | command: civl verify relaxedPrefix.c
|
|---|
| [f7e5282] | 35 |
|
|---|
| [260762f] | 36 | */
|
|---|
| [0ae124a] | 37 |
|
|---|
| 38 | #include <stdio.h>
|
|---|
| 39 | #include <stdbool.h>
|
|---|
| 40 | #include <civlc.cvh>
|
|---|
| 41 |
|
|---|
| [260762f] | 42 | $input int N1_BOUND = 4;
|
|---|
| 43 | $input int N2_BOUND = 3;
|
|---|
| 44 | $input int n1;
|
|---|
| 45 | $input int n2;
|
|---|
| [f3282f0] | 46 | $assume (n2>0 && n2 < N2_BOUND);
|
|---|
| 47 | $assume (n1>0 && n1 < N1_BOUND);
|
|---|
| [260762f] | 48 | $input int X2[n2];
|
|---|
| [f3368e99] | 49 | $input int X1[n1];
|
|---|
| [260762f] | 50 |
|
|---|
| [0ae124a] | 51 | bool isRelaxedPrefix(int* pat, int patLen, int* a, int aLen) {
|
|---|
| [260762f] | 52 | int shift = 0;
|
|---|
| 53 | int i;
|
|---|
| [f3368e99] | 54 |
|
|---|
| [260762f] | 55 | if(patLen > aLen+1) return false;
|
|---|
| [f3368e99] | 56 |
|
|---|
| [4b8f2689] | 57 | if(aLen == 0) return true;
|
|---|
| [f3368e99] | 58 |
|
|---|
| [0ae124a] | 59 | for(i=0; i<patLen; i++) {
|
|---|
| 60 | if(pat[i] != a[i-shift]) {
|
|---|
| [260762f] | 61 | if(shift == 0)
|
|---|
| 62 | shift = 1;
|
|---|
| 63 | else
|
|---|
| 64 | return false;
|
|---|
| [f3368e99] | 65 | }
|
|---|
| [4b8f2689] | 66 | if(i == aLen - 1 && shift == 0) return true;
|
|---|
| 67 | }
|
|---|
| [260762f] | 68 | return true;
|
|---|
| 69 | }
|
|---|
| 70 |
|
|---|
| [0ae124a] | 71 | void main() {
|
|---|
| [4b8f2689] | 72 | bool result = isRelaxedPrefix(X1, n1, X2, n2);
|
|---|
| [f3368e99] | 73 |
|
|---|
| [0ae124a] | 74 | if(n1 > n2+1) {
|
|---|
| [260762f] | 75 | $assert(!result);
|
|---|
| [0ae124a] | 76 | } else if(n1 == n2+1) {
|
|---|
| [4b8f2689] | 77 | $assert( result ==
|
|---|
| [5cd8c92] | 78 | ($exists (int k: 0 .. n1-1)
|
|---|
| [260762f] | 79 | (
|
|---|
| [5cd8c92] | 80 | ($forall (int i: 0 .. k-1) X1[i] == X2[i]) &&
|
|---|
| 81 | ($forall (int i: k+1 .. n1-1) X1[i] == X2[i-1])
|
|---|
| [260762f] | 82 | )
|
|---|
| 83 | )
|
|---|
| 84 | );
|
|---|
| [0ae124a] | 85 | } else {
|
|---|
| [260762f] | 86 | $assert(result ==
|
|---|
| [8e3ba85] | 87 | ($exists (int k: 0 .. n1)
|
|---|
| [260762f] | 88 | (
|
|---|
| [5cd8c92] | 89 | ($forall (int i: 0 .. k-1) X1[i] == X2[i]) &&
|
|---|
| 90 | ($forall (int i: k+1 .. n1-1) X1[i] == X2[i-1])
|
|---|
| [260762f] | 91 | )
|
|---|
| 92 | )
|
|---|
| 93 | );
|
|---|
| [f3368e99] | 94 | }
|
|---|
| [260762f] | 95 | }
|
|---|
