tla-rs 0.1.0

Rust implementation of the IronFleet verified distributed systems framework
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

#![verus::trusted]

use vstd::prelude::*;
use vstd::seq_lib::*;

verus! {
    pub type AbstractArg = Seq<u8>;
    pub type AbstractArgs = Seq<AbstractArg>;

    pub type Arg = Vec<u8>;
    pub type Args = Vec<Arg>;

    pub fn clone_vec_u8(v: &Vec<u8>) -> (out: Vec<u8>)
    ensures
        out@ == v@
    {
        let mut out: Arg = Vec::with_capacity(v.len());
        let mut i = 0;
        while i < v.len()
            invariant
                i <= v.len(),
                i == out.len(),
                forall |j| #![auto] 0 <= j < i  ==> out@[j] == v@[j],
        {
            out.push(v[i]);
            i = i + 1;
        }
        proof {
            assert_seqs_equal!(out@, v@);
        }
        out
    }


    pub fn clone_arg(arg: &Arg) -> (out: Arg)
    ensures
        out@ == arg@
    {
        clone_vec_u8(arg)
    }

    pub open spec fn abstractify_args(args: Args) -> AbstractArgs
    {
        args@.map(|i, arg: Arg| arg@)
    }

}