Skip to content

Commit

Permalink
annotate humaneval-verus files
Browse files Browse the repository at this point in the history
  • Loading branch information
WeetHet committed Sep 25, 2024
1 parent 2aebc92 commit ffc525d
Show file tree
Hide file tree
Showing 43 changed files with 746 additions and 134 deletions.
16 changes: 13 additions & 3 deletions benches/HumanEval-RustBench/000-has_close_elements.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,26 +4,34 @@ use vstd::slice::*;

verus! {
fn has_close_elements(numbers: &[i64], threshold: i64) -> (result: bool)
// post-conditions-start
ensures
result == exists|i: int, j: int|
0 <= i < j < numbers@.len() && abs(numbers[i] - numbers[j]) < threshold,
// post-conditions-end
{
// impl-start
if threshold <= 0 {
// assert-start
assert(forall|i: int, j: int|
0 <= i < j < numbers@.len() ==> abs(numbers[i] - numbers[j]) >= 0 >= threshold);
// assert-end
return false;
}
let max_minus_threshold: i64 = i64::MAX - threshold;
let numbers_len: usize = numbers.len();
for x in 0..numbers_len
// invariants-start
invariant
max_minus_threshold == i64::MAX - threshold,
numbers_len == numbers@.len(),
forall|i: int, j: int|
0 <= i < j < numbers@.len() && i < x ==> abs(numbers[i] - numbers[j]) >= threshold,
// invariants-end
{
let numbers_x: i64 = *slice_index_get(numbers, x);
let numbers_x: i64 = *slice_index_get(numbers, x);
for y in x + 1..numbers_len
// invariants-start
invariant
max_minus_threshold == i64::MAX - threshold,
numbers_len == numbers@.len(),
Expand All @@ -33,8 +41,9 @@ fn has_close_elements(numbers: &[i64], threshold: i64) -> (result: bool)
0 <= i < j < numbers@.len() && i < x ==> abs(numbers[i] - numbers[j])
>= threshold,
forall|j: int| x < j < y ==> abs(numbers_x - numbers[j]) >= threshold,
// invariants-end
{
let numbers_y = *slice_index_get(numbers, y);
let numbers_y = *slice_index_get(numbers, y);
if numbers_x > numbers_y {
if numbers_y > max_minus_threshold {
return true;
Expand All @@ -53,7 +62,8 @@ fn has_close_elements(numbers: &[i64], threshold: i64) -> (result: bool)
}
}
false
// impl-end
}

}
}
fn main() {}
53 changes: 43 additions & 10 deletions benches/HumanEval-RustBench/001-separate-paren-groups.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ verus! {
pub open spec fn nesting_level(input: Seq<char>) -> int
decreases input.len(),
{
// impl-start
if input.len() == 0 {
0
} else {
Expand All @@ -17,6 +18,7 @@ pub open spec fn nesting_level(input: Seq<char>) -> int
prev_nesting_level
}
}
// impl-end
}

pub open spec fn is_paren_char(c: char) -> bool {
Expand All @@ -41,8 +43,11 @@ pub open spec fn remove_nonparens(s: Seq<char>) -> Seq<char> {
s.filter(|c| is_paren_char(c))
}
proof fn lemma_remove_nonparens_maintained_by_push(s: Seq<char>, pos: int)
// pre-conditions-start
requires
0 <= pos < s.len(),
// pre-conditions-end
// post-conditions-start
ensures
({
let s1 = remove_nonparens(s.take(pos as int));
Expand All @@ -53,34 +58,45 @@ proof fn lemma_remove_nonparens_maintained_by_push(s: Seq<char>, pos: int)
s2 == s1
}
}),
// post-conditions-end
decreases pos,
{
// impl-start
reveal(Seq::filter);
assert(s.take((pos + 1) as int).drop_last() =~= s.take(pos as int));
assert(s.take((pos + 1) as int).drop_last() =~= s.take(pos as int)); // assert-line
if pos != 0 {
lemma_remove_nonparens_maintained_by_push(s, pos - 1);
}
// impl-end
}
fn separate_paren_groups(input: &Vec<char>) -> (groups: Vec<Vec<char>>)
// pre-conditions-start
requires
is_sequence_of_balanced_groups(input@),
// pre-conditions-end
// post-conditions-start
ensures
forall|i: int|
#![trigger groups[i]]
0 <= i < groups.len() ==> is_balanced_group(groups[i]@),
vecs_to_seqs(groups@).flatten() == remove_nonparens(input@),
// post-conditions-end
{
// impl-start
let mut groups: Vec<Vec<char>> = Vec::new();
let mut current_group: Vec<char> = Vec::new();
let input_len = input.len();
let ghost mut ghost_groups: Seq<Seq<char>> = Seq::empty();
// assert-start
proof {
assert(vecs_to_seqs(groups@) =~= ghost_groups);
assert(remove_nonparens(input@.take(0)) =~= Seq::<char>::empty());
assert(ghost_groups.flatten() + current_group@ =~= Seq::<char>::empty());
}
// assert-end
let mut current_nesting_level: usize = 0;
for pos in 0..input_len
// invariants-start
invariant
input_len == input.len(),
ghost_groups == vecs_to_seqs(groups@),
Expand All @@ -90,66 +106,83 @@ fn separate_paren_groups(input: &Vec<char>) -> (groups: Vec<Vec<char>>)
0 <= i < ghost_groups.len() ==> is_balanced_group(ghost_groups[i]),
current_nesting_level == nesting_level(input@.take(pos as int)),
current_nesting_level == nesting_level(current_group@),
current_nesting_level <= pos,
current_nesting_level <= pos,
current_group@.len() == 0 <==> current_nesting_level == 0,
forall|i| 0 <= i < current_group@.len() ==> is_paren_char(#[trigger] current_group@[i]),
forall|i|
0 < i < current_group@.len() ==> nesting_level(#[trigger] current_group@.take(i))
> 0,
is_sequence_of_balanced_groups(input@),
// invariants-end
{
let ghost prev_group = current_group@;
let ghost prev_groups = ghost_groups;
let c = input[pos];
proof {
assert(input@.take((pos + 1) as int) == input@.take(pos as int).push(c));
assert(input@.take((pos + 1) as int).drop_last() == input@.take(pos as int));
assert(input@.take((pos + 1) as int) == input@.take(pos as int).push(c)); // assert-line
assert(input@.take((pos + 1) as int).drop_last() == input@.take(pos as int)); // assert-line
lemma_remove_nonparens_maintained_by_push(input@, pos as int);
}
if c == '(' {
current_nesting_level = current_nesting_level + 1;
current_group.push('(');
assert(current_group@.drop_last() == prev_group);
assert(current_group@.drop_last() == prev_group); // assert-line
// assert-start
assert(ghost_groups.flatten() + current_group@ =~= (ghost_groups.flatten()
+ prev_group).push('('));
));
// assert-end
// assert-start
assert(forall|i|
0 < i < prev_group.len() ==> #[trigger] current_group@.take(i) == prev_group.take(
i,
));
// assert-end
} else if c == ')' {
current_nesting_level = current_nesting_level - 1;
current_group.push(')');
assert(current_group@.drop_last() == prev_group);
assert(current_group@.drop_last() == prev_group); // assert-line
// assert-start
assert(ghost_groups.flatten() + current_group@ =~= (ghost_groups.flatten()
+ prev_group).push(')'));
// assert-end
// assert-start
assert(forall|i|
0 < i < prev_group.len() ==> #[trigger] current_group@.take(i) == prev_group.take(
i,
));
// assert-end
if current_nesting_level == 0 {
proof {
ghost_groups = ghost_groups.push(current_group@);
// assert-start
assert(vecs_to_seqs(groups@.push(current_group)) =~= vecs_to_seqs(groups@).push(
current_group@,
));
assert(ghost_groups.drop_last() == prev_groups);
// assert-end
assert(ghost_groups.drop_last() == prev_groups); // assert-line
// assert-start
assert(ghost_groups.flatten() =~= prev_groups.flatten() + current_group@) by {
prev_groups.lemma_flatten_and_flatten_alt_are_equivalent();
ghost_groups.lemma_flatten_and_flatten_alt_are_equivalent();
}
// assert-end
}
groups.push(current_group);
current_group = Vec::<char>::new();
// assert-start
assert(ghost_groups.flatten() + current_group@ =~= remove_nonparens(
input@.take((pos + 1) as int),
));
// assert-end
}
}
}
assert(input@.take(input_len as int) =~= input@);
assert(ghost_groups.flatten() + current_group@ == ghost_groups.flatten());
assert(input@.take(input_len as int) =~= input@); // assert-line
assert(ghost_groups.flatten() + current_group@ == ghost_groups.flatten()); // assert-line
groups
// impl-end
}

}
}
fn main() {}
Loading

0 comments on commit ffc525d

Please sign in to comment.