Copyright | Levent Erkok |
---|---|
License | BSD3 |
Maintainer | erkokl@gmail.com |
Stability | experimental |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Proof of correctness of an imperative list-append algorithm, using weakest preconditions. Illustrates the use of SBV's symbolic lists together with the WP algorithm.
Program state
The state of the length program, paramaterized over the element type a
Instances
The concrete counterpart of AppS
. Again, we can't simply use the duality between
SBV a
and a
due to the difference between SList a
and [a]
.
AppC [a] [a] [a] [a] |
The algorithm
The imperative append algorithm:
zs = [] ts = xs while not (null ts) zs = zs ++ [head ts] ts = tail ts ts = ys while not (null ts) zs = zs ++ [head ts] ts = tail ts
imperativeAppend :: Program A Source #
A program is the algorithm, together with its pre- and post-conditions.
Correctness
correctness :: IO (ProofResult (AppC Integer)) Source #
We check that zs
is xs ++ ys
upon termination.
>>>
correctness
Total correctness is established. Q.E.D.