RustBelt試行ä¸: get_x ã®ä¸€èˆ¬åŒ–
RustBeltã® examples/get_x.v ã‚’ã„ã˜ã£ã¦ã¿ãŸã€‚
From iris.proofmode Require Import tactics.
From lrust.typing Require Import typing.
Set Default Proof Using "Type".
Section get_x.
Context `{typeG Σ}.
Definition get_x : val :=
funrec: <> ["p"] :=
let: "p'" := !"p" in
letalloc: "r" <- "p'" +â‚— #0 in
delete [ #1; "p"] ;; return: ["r"].
Lemma get_x_type :
typed_val get_x (fn(∀ α, ∅; &uniq{α} Π[int; int]) → &shr{α} int).
Proof.
intros E L. iApply type_fn; [solve_typing..|]. iIntros "/= !#". iIntros (α Ï ret p).
inv_vec p=>p. simpl_subst.
iApply type_deref; [solve_typing..|]. iIntros (p'); simpl_subst.
iApply (type_letalloc_1 (&shr{α}int)); [solve_typing..|]. iIntros (r). simpl_subst.
iApply type_delete; [solve_typing..|].
iApply type_jump; solve_typing.
Qed.
End get_x.
ã“ã‚Œã¯ã ã„ãŸã„以下ã®ã‚ˆã†ãªãƒ—ãƒã‚°ãƒ©ãƒ を表ã—ã¦ã„るよã†ã 。
fn get_x<'a>(p: &'a mut (i32, i32)) -> &'a i32 { &p.0 }
ãŸã ã—ã€ç¾åœ¨ã®Î»Rustã§ã¯æ•´æ•°åž‹ã¯ã²ã¨ã¤ã—ã‹ãªãã€ç„¡é™ã«å¤§ããªæ•´æ•°ã‚’ä¿æŒå¯èƒ½ã§ã€ã‚µã‚¤ã‚ºã¯1ã§ã‚ã‚‹ (ãƒã‚¤ãƒ³ã‚¿ã®ã‚µã‚¤ã‚ºã‚‚1)。
ã“れを
fn fst<'a, T, U>(p: &'a mut (T, U)) -> &'a T { &p.0 }
ã«ä¸€èˆ¬åŒ–ã—ã¦ã¿ãŸã€‚試行錯誤ã®çµæžœã€ä»¥ä¸‹ã®ã‚ˆã†ã«ã™ã‚‹ã¨ä¸Šæ‰‹ãã„ãã“ã¨ãŒã‚ã‹ã£ãŸã€‚
From iris.proofmode Require Import tactics.
From lrust.typing Require Import typing.
Set Default Proof Using "Type".
Section get_x.
Context `{typeG Σ}.
Definition get_x T U `{!TyWf T} `{!TyWf U} : val :=
funrec: <> ["p"] :=
let: "p'" := !"p" in
letalloc: "r" <- "p'" +â‚— #0 in
delete [ #1; "p"] ;; return: ["r"].
Lemma get_x_type T U `{!TyWf T} `{!TyWf U} :
typed_val (get_x T U) (fn(∀ α, ∅; &uniq{α} Π[T; U]) → &shr{α} T).
Proof.
intros E L. iApply type_fn; [solve_typing..|]. iIntros "/= !#". iIntros (α Ï ret p).
inv_vec p=>p. simpl_subst.
iApply type_deref; [solve_typing..|]. iIntros (p'); simpl_subst.
iApply (type_letalloc_1 (&shr{α}T)); [solve_typing..|]. iIntros (r). simpl_subst.
iApply type_delete; [solve_typing..|].
iApply type_jump; solve_typing.
Qed.
End get_x.
åŒæ§˜ã«ã€
fn snd<'a, T, U>(p: &'a mut (T, U)) -> &'a U { &p.1 }
ã¯ä»¥ä¸‹ã®ã‚ˆã†ã«å®šç¾©ã§ããŸã€‚
From iris.proofmode Require Import tactics.
From lrust.typing Require Import typing.
Set Default Proof Using "Type".
Section snd.
Context `{typeG Σ}.
Definition snd T U `{!TyWf T} `{!TyWf U} : val :=
funrec: <> ["p"] :=
let: "p'" := !"p" in
letalloc: "r" <- "p'" +â‚— #(T.(ty_size)) in
delete [ #1; "p"] ;; return: ["r"].
Lemma snd_type T U `{!TyWf T} `{!TyWf U} :
typed_val (snd T U) (fn(∀ α, ∅; &uniq{α} Π[T; U]) → &shr{α} U).
Proof.
intros E L. iApply type_fn; [solve_typing..|]. iIntros "/= !#". iIntros (α Ï ret p).
inv_vec p=>p. simpl_subst.
iApply type_deref; [solve_typing..|]. iIntros (p'); simpl_subst.
iApply (type_letalloc_1 (&shr{α}U)); [solve_typing..|]. iIntros (r). simpl_subst.
iApply type_delete; [solve_typing..|].
iApply type_jump; solve_typing.
Qed.
End snd.
ã‚ã‹ã£ãŸã“ã¨
lrust.typing.typingをインãƒãƒ¼ãƒˆã™ã‚‹ã¨ã‚ˆãã¦ã€lrust.typing.lib.*ã«Cellç‰ã®ãƒ©ã‚¤ãƒ–ラリãŒã‚ã‚‹lrust.typing.examplesã«ä¾‹ãŒã‚ã‚‹`{typeG Σ}ã¯å…±é€šã®ã‚³ãƒ³ãƒ†ã‚ストã¨ã—ã¦å‡ºã¦ãã‚‹- ã¾ãšMIRã‚‚ã©ãã‚’
Definitionã§ä¸Žãˆã€ã‚ã¨ã‹ã‚‰Lemmaã§åž‹ã‚’ã¤ã‘る。 - ライフタイムã®å¤šç›¸æ€§ã¯Î»Rustã§æ‰±ã‚ã‚Œã¦ã„ã‚‹ãŒã€åž‹å¤šç›¸æ€§ã¯ãƒ¡ã‚¿ãƒ¬ãƒ™ãƒ«ã§è¡¨ç¾ã™ã‚‹ã€‚
funrecã¯é–¢æ•°å®šç¾©ã€‚!ã¯ãƒ¡ãƒ¢ãƒªã‚’èªã‚€ã€‚deleteã¯ã‚µã‚¤ã‚ºã¨å…ˆé 番地を引数ã«å–りヒープã¾ãŸã¯ã‚¹ã‚¿ãƒƒã‚¯ã‚’解放ã™ã‚‹ã€‚ (ヒープã¨ã‚¹ã‚¿ãƒƒã‚¯ã¯åŒç‰ã«æ‰±ã‚れる)#xã¯å®šæ•°ãƒªãƒ†ãƒ©ãƒ«ã€‚+â‚—ã¯ãƒã‚¤ãƒ³ã‚¿ã¨æ•´æ•°ã®è¶³ã—算。- åž‹ã¯
typeã§ã€ã“ã‚Œã¯@type _ H(Hã¯å†’é ã®Contextã§å®£è¨€ã•ã‚Œã¦ã„ã‚‹ã‚„ã¤) - ä¸æ£ãªå†å¸°åž‹ã‚’é¿ã‘ã‚‹ãŸã‚ã«ã€å„åž‹ãŒwell-formedã§ã‚ã‚‹ã“ã¨ã®ä¿è¨¼ã‚’æŒã¡å›žã™å¿…è¦ãŒã‚る。ã“ã‚Œã¯
`{!TyWf T}ã§å®Ÿç¾ã§ãる。 ∀α, ∅; Tã¯ç”Ÿå˜æœŸé–“ã«é–¢ã™ã‚‹é‡åŒ–ã§ã€âˆ…ã¯å¤šåˆ†å¢ƒç•ŒãŒãªã„ã“ã¨ã‚’æ„味ã—ã¦ã„る。&uniq{α} Tã¨&shr{α} Tã¯&'a mut Tã¨&'a T。Π[A; B; C]ã¯(A, B, C)std::mem::size_of::<T>()ãŒæ¬²ã—ã„ã¨ãã¯#(T.(ty_size))ã¨æ›¸ã- unsized typeã®ã‚µãƒãƒ¼ãƒˆã¯ä»Šã®ã¨ã“ã‚ãªãã¦ã€
typeã¯å…¨éƒ¨Sizedãªåž‹ã‚’表ã™
