Skip to main content

creusot_std/std/iter/
cloned.rs

1#[cfg(creusot)]
2use crate::resolve::structural_resolve;
3use crate::{invariant::*, prelude::*, std::iter::ExactSizeIteratorSpec};
4use core::iter::Cloned;
5
6pub trait ClonedExt<I> {
7    #[logic]
8    fn iter(self) -> I;
9}
10
11impl<I> ClonedExt<I> for Cloned<I> {
12    #[logic(opaque)]
13    fn iter(self) -> I {
14        dead
15    }
16}
17
18impl<I> Invariant for Cloned<I> {
19    #[logic(prophetic, open, inline)]
20    fn invariant(self) -> bool {
21        inv(self.iter())
22    }
23}
24
25impl<I> Resolve for Cloned<I> {
26    #[logic(open, prophetic, inline)]
27    fn resolve(self) -> bool {
28        resolve(self.iter())
29    }
30
31    #[trusted]
32    #[logic(prophetic)]
33    #[requires(structural_resolve(self))]
34    #[ensures(self.resolve())]
35    fn resolve_coherence(self) {}
36}
37
38impl<'a, I: IteratorSpec<Item = &'a T>, T: Clone + 'a> IteratorSpec for Cloned<I> {
39    #[logic(open, prophetic)]
40    fn completed(&mut self) -> bool {
41        pearlite! {
42            exists<inner: &mut _> *inner == self.iter() && ^inner == (^self).iter() && inner.completed()
43        }
44    }
45
46    #[logic(open, prophetic)]
47    fn produces(self, visited: Seq<T>, o: Self) -> bool {
48        pearlite! {
49            exists<s: Seq<&'a T>>
50                   self.iter().produces(s, o.iter())
51                && visited.len() == s.len()
52                && forall<i> 0 <= i && i < s.len() ==> T::clone.postcondition((s[i],), visited[i])
53        }
54    }
55
56    #[logic(law)]
57    #[ensures(self.produces(Seq::empty(), self))]
58    fn produces_refl(self) {}
59
60    #[logic(law)]
61    #[requires(a.produces(ab, b))]
62    #[requires(b.produces(bc, c))]
63    #[ensures(a.produces(ab.concat(bc), c))]
64    fn produces_trans(a: Self, ab: Seq<T>, b: Self, bc: Seq<T>, c: Self) {}
65}
66
67extern_spec! {
68    impl<'a, I: Iterator<Item = &'a T>, T: Clone + 'a> Iterator for Cloned<I> {
69        #[ensures(I::size_hint.postcondition((&self.iter(),), result))]
70        fn size_hint(&self) -> (usize, Option<usize>);
71    }
72}
73
74impl<'a, I: ExactSizeIteratorSpec<Item = &'a T>, T: Clone + 'a> ExactSizeIteratorSpec
75    for Cloned<I>
76{
77    #[logic(law)]
78    #[requires(Self::size_hint.postcondition((self,), r))]
79    #[ensures(r.1 == Some(r.0))]
80    fn size_hint_exact(&self, r: (usize, Option<usize>)) {
81        self.iter().size_hint_exact(r)
82    }
83}