-----------------------------------------------------------------------------
-- |
-- Module    : Documentation.SBV.Examples.Uninterpreted.AUF
-- Copyright : (c) Levent Erkok
-- License   : BSD3
-- Maintainer: erkokl@gmail.com
-- Stability : experimental
--
-- Formalizes and proves the following theorem about arithmetic,
-- uninterpreted functions, and arrays. (For reference, see <http://research.microsoft.com/en-us/um/redmond/projects/z3/fmcad06-slides.pdf>
-- slide number 24):
--
-- @
--    x + 2 = y  implies  f (read (write (a, x, 3), y - 2)) = f (y - x + 1)
-- @
--
-- We interpret the types as follows (other interpretations certainly possible):
--
--    [/x/] 'SWord32' (32-bit unsigned address)
--
--    [/y/] 'SWord32' (32-bit unsigned address)
--
--    [/a/] An array, indexed by 32-bit addresses, returning 32-bit unsigned integers
--
--    [/f/] An uninterpreted function of type @'SWord32' -> 'SWord64'@
--
-- The function @read@ and @write@ are usual array operations.
-----------------------------------------------------------------------------

{-# LANGUAGE CPP                 #-}
{-# LANGUAGE ScopedTypeVariables #-}

{-# OPTIONS_GHC -Wall -Werror #-}

module Documentation.SBV.Examples.Uninterpreted.AUF where

import Data.SBV

#ifndef HADDOCK
-- $setup
-- >>> -- For doctest purposes only:
-- >>> import Data.SBV
#endif

-- | Uninterpreted function in the theorem
f :: SWord32 -> SWord64
f :: SWord32 -> SWord64
f = String -> SWord32 -> SWord64
forall a. SMTDefinable a => String -> a
uninterpret String
"f"

-- | Correctness theorem. We state it for all values of @x@, @y@, and the given array @a@. We have:
--
-- >>> prove thm
-- Q.E.D.
thm :: SWord32 -> SWord32 -> SArray Word32 Word32 -> SBool
thm :: SWord32 -> SWord32 -> SArray Word32 Word32 -> SBool
thm SWord32
x SWord32
y SArray Word32 Word32
a = SBool
lhs SBool -> SBool -> SBool
.=> SBool
rhs
  where lhs :: SBool
lhs = SWord32
x SWord32 -> SWord32 -> SWord32
forall a. Num a => a -> a -> a
+ SWord32
2 SWord32 -> SWord32 -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SWord32
y
        rhs :: SBool
rhs =     SWord32 -> SWord64
f (SArray Word32 Word32 -> SWord32 -> SWord32
forall key val.
(Eq key, SymVal key, SymVal val, HasKind val) =>
SArray key val -> SBV key -> SBV val
readArray (SArray Word32 Word32 -> SWord32 -> SWord32 -> SArray Word32 Word32
forall key val.
(HasKind key, SymVal key, SymVal val, HasKind val) =>
SArray key val -> SBV key -> SBV val -> SArray key val
writeArray SArray Word32 Word32
a SWord32
x SWord32
3) (SWord32
y SWord32 -> SWord32 -> SWord32
forall a. Num a => a -> a -> a
- SWord32
2))
              SWord64 -> SWord64 -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SWord32 -> SWord64
f (SWord32
y SWord32 -> SWord32 -> SWord32
forall a. Num a => a -> a -> a
- SWord32
x SWord32 -> SWord32 -> SWord32
forall a. Num a => a -> a -> a
+ SWord32
1)