├── .github
├── CODE_OF_CONDUCT.md
└── workflows
│ ├── ci.yml
│ ├── release.yml
│ └── rolling-prerelease.yml
├── .gitignore
├── .nojekyll
├── .ocamlformat
├── .vscode
├── cspell.json
└── launch.json
├── CNAME
├── CONTRIBUTING.md
├── DEVELOPING.md
├── LICENSE
├── Makefile
├── README.md
├── deps
├── Makefile.post-install
├── README.md
├── dune
├── isabelle
│ ├── .gitignore
│ ├── README.md
│ ├── dune
│ └── dune.mk
├── ls4
│ ├── Makefile
│ ├── dune
│ └── ls4.patch
├── z3
│ ├── Makefile
│ └── dune
└── zenon
│ ├── Makefile
│ ├── dune
│ └── zenon-src
├── doc
├── arqnl14
│ ├── abbrev.sty
│ ├── amsbsy.sty
│ ├── amsfonts.sty
│ ├── amsgen.sty
│ ├── amsmath.sty
│ ├── amsopn.sty
│ ├── amstex.sty
│ ├── amsthm.sty
│ ├── atbegshi.sty
│ ├── bib.bib
│ ├── bigintcalc.sty
│ ├── bitset.sty
│ ├── calc.sty
│ ├── color.cfg
│ ├── easychair.cls
│ ├── empheq.sty
│ ├── etexcmds.sty
│ ├── fancyhdr.sty
│ ├── final.tex
│ ├── footmisc.sty
│ ├── geometry.sty
│ ├── graphics.cfg
│ ├── graphicx.sty
│ ├── helvet.sty
│ ├── hpdftex.def
│ ├── hycolor.sty
│ ├── hyperref.sty
│ ├── ifluatex.sty
│ ├── ifpdf.sty
│ ├── ifvtex.sty
│ ├── ifxetex.sty
│ ├── infwarerr.sty
│ ├── intcalc.sty
│ ├── keyval.sty
│ ├── kvoptions.sty
│ ├── lastpage.sty
│ ├── listings.cfg
│ ├── listings.sty
│ ├── llncs.cls
│ ├── lstmisc.sty
│ ├── ltxcmds.sty
│ ├── mathtools.sty
│ ├── mhsetup.sty
│ ├── nameref.sty
│ ├── pd1enc.def
│ ├── pdftex.def
│ ├── pdftexcmds.sty
│ ├── pf2.sty
│ ├── refcount.sty
│ ├── reviews
│ ├── submission.pdf
│ ├── submission.tex
│ ├── tla2.sty
│ ├── trig.sty
│ ├── url.sty
│ ├── xcolor-patch.sty
│ └── xspace.sty
├── fm2012
│ ├── Peterson.tla
│ ├── aliascnt.sty
│ ├── amsbsy.sty
│ ├── amsgen.sty
│ ├── amsmath.sty
│ ├── amsopn.sty
│ ├── amstext.sty
│ ├── ecom.sty
│ ├── final.tex
│ ├── fm-long.tex
│ ├── llncs.cls
│ ├── multicol.sty
│ ├── proof.sty
│ ├── remreset.sty
│ ├── submission.bib
│ ├── submission.sty
│ ├── syn.sty
│ ├── tlaps.tex
│ ├── tlatex.sty
│ ├── verbatim.sty
│ └── xspace.sty
├── ijcar14
│ ├── abbrev.sty
│ ├── bib.bib
│ ├── front-ends2.tex
│ ├── pf2.sty
│ ├── reviews.txt
│ ├── submission.tex
│ └── tla2.sty
├── keappa08
│ ├── Makefile
│ ├── README
│ ├── abstract.tex
│ ├── appendix-discarded.tex
│ ├── appendix-ll.tex
│ ├── appendix-sm.tex
│ ├── appendix.tex
│ ├── backend.tex
│ ├── conclusion.tex
│ ├── easychair.cls
│ ├── ecom.sty
│ ├── frontmatter.tex
│ ├── introduction.tex
│ ├── keappa08.dvi
│ ├── keappa08.pdf
│ ├── main.tex
│ ├── obligations.tex
│ ├── outline.tex
│ ├── proof-language.tex
│ ├── proof.sty
│ ├── rearmatter.tex
│ ├── section-template.tex
│ ├── submission.sty
│ └── syn.sty
├── online-doc-typos.txt
├── presentations
│ ├── 2010-ifm
│ │ ├── Euclid.tla
│ │ ├── Euclid2.tla
│ │ ├── Logo-INRIA-MSR.pdf
│ │ ├── architecture.pdf
│ │ ├── architecture.svg
│ │ ├── figs
│ │ │ ├── leslie.pdf
│ │ │ └── tla-book-cover.jpg
│ │ ├── hints.tex
│ │ ├── intro.tex
│ │ ├── language.tex
│ │ ├── tla.tex
│ │ ├── tutorial.sty
│ │ ├── tutorial.tex
│ │ └── tutoriel-Peterson
│ │ │ ├── Peterson.tla
│ │ │ ├── Peterson_IFM2010.pdf
│ │ │ ├── Peterson_IFM2010.tex
│ │ │ ├── enonce.cls
│ │ │ └── tutorial.sty
│ ├── 20101123-CEA
│ │ ├── figs
│ │ │ ├── architecture.pdf
│ │ │ ├── architecture.svg
│ │ │ ├── leslie.pdf
│ │ │ └── tla-book-cover.jpg
│ │ ├── tlaps.sty
│ │ └── tlaps.tex
│ ├── 2011-augsburg
│ │ ├── Euclid.tla
│ │ ├── Euclid2.tla
│ │ └── tlaps.tex
│ ├── 2013-afadl
│ │ ├── abstract.bib
│ │ └── abstract.tex
│ └── 2014-QM
│ │ ├── cea.tex
│ │ ├── implementation.tex
│ │ ├── slides.tex
│ │ ├── tla.tex
│ │ └── tlapm.tex
├── tutorial-CEA14
│ ├── Basics.tla
│ ├── exercise_Euclid.tla
│ └── faq.tex
├── vstte12
│ ├── Peterson.tla
│ ├── RawPeterson.tla
│ ├── aliascnt.sty
│ ├── amsbsy.sty
│ ├── amsgen.sty
│ ├── amsmath.sty
│ ├── amsopn.sty
│ ├── amstext.sty
│ ├── ecom.sty
│ ├── llncs.cls
│ ├── multicol.sty
│ ├── proof.sty
│ ├── remreset.sty
│ ├── reviews.txt
│ ├── submission.bib
│ ├── submission.sty
│ ├── syn.sty
│ ├── tlaps.tex
│ ├── tlatex.sty
│ ├── verbatim.sty
│ └── xspace.sty
└── web
│ ├── .exclude
│ ├── README
│ ├── assets
│ ├── checkhtml.sh
│ ├── checklinks.sh
│ ├── css
│ │ └── common.css
│ ├── footer.js
│ ├── header.js
│ ├── images
│ │ ├── MSR_bg-global.gif
│ │ ├── Windows_logo.png
│ │ ├── bg-menu-1.gif
│ │ ├── bg-menu-2.gif
│ │ ├── bg-menu-3.gif
│ │ ├── bg-menu-4.gif
│ │ ├── bg-menu-last.gif
│ │ ├── bg-nav.gif
│ │ ├── bg-nav2.gif
│ │ ├── bg-nav2ombre.png
│ │ ├── bg-nav2ombre36.png
│ │ ├── bg_blockquote_side.gif
│ │ ├── bg_blockquote_side_small.png
│ │ ├── bg_content.gif
│ │ ├── bg_content1024.gif
│ │ ├── bg_content2.gif
│ │ ├── bg_content2light.gif
│ │ ├── bg_header.gif
│ │ ├── bg_left.gif
│ │ ├── bg_left_nav_on.gif
│ │ ├── bg_nav.gif
│ │ ├── bg_nav_on.gif
│ │ ├── bg_nav_on_2.gif
│ │ ├── bg_page.gif
│ │ ├── bg_subnav.gif
│ │ ├── blanctransp.png
│ │ ├── blanctransp18.png
│ │ ├── blanctransp25.png
│ │ ├── blanctransp36.png
│ │ ├── hr.png
│ │ ├── hr2.png
│ │ ├── hr2c.png
│ │ ├── hr2l.png
│ │ ├── logo-MS-Research-Inria-Joint-Centre-Small.png
│ │ ├── logo_linux.png
│ │ ├── logo_macosx.png
│ │ ├── logo_macosx30.png
│ │ ├── logoplusnom.gif
│ │ ├── msrinria.png
│ │ ├── msrinriamed.png
│ │ ├── msrinriamedlight.png
│ │ ├── ombre.png
│ │ ├── prod_cons.png
│ │ ├── windows_logo_only.gif
│ │ └── windows_logo_only_original.png
│ ├── screenshots
│ │ ├── ops1.png
│ │ ├── ops1s.png
│ │ └── tla-mode-0.png
│ ├── template-redirect.html
│ └── template.html
│ ├── content
│ ├── Community.html
│ ├── Community
│ │ ├── Contact.html
│ │ ├── Developers.html
│ │ └── TLA+_net.html
│ ├── Documentation.html
│ ├── Documentation
│ │ ├── Misc.html
│ │ ├── Publications.html
│ │ ├── Publications
│ │ │ ├── Peterson.tla
│ │ │ └── fm-long.pdf
│ │ ├── TLA+_Hyperbook.html
│ │ ├── TLA+_Video_Course.html
│ │ ├── Tutorial.html
│ │ ├── Tutorial
│ │ │ ├── A_simple_proof.html
│ │ │ ├── Advanced_options.html
│ │ │ ├── Hierarchical_proofs.html
│ │ │ ├── Other_proof_constructs.html
│ │ │ ├── Practical_hints.html
│ │ │ ├── Tactics.html
│ │ │ ├── The_example.html
│ │ │ └── screenshots
│ │ │ │ ├── addnewspec.png
│ │ │ │ ├── addnewspecs.png
│ │ │ │ ├── ao0.png
│ │ │ │ ├── ao0s.png
│ │ │ │ ├── ao1.png
│ │ │ │ ├── ao1s.png
│ │ │ │ ├── ao2.png
│ │ │ │ ├── ao2s.png
│ │ │ │ ├── name.png
│ │ │ │ ├── names.png
│ │ │ │ ├── ops2.png
│ │ │ │ ├── ops2s.png
│ │ │ │ ├── ops3.png
│ │ │ │ ├── ops3s.png
│ │ │ │ ├── ops4.png
│ │ │ │ ├── ops4s.png
│ │ │ │ ├── ops5.png
│ │ │ │ ├── ops5s.png
│ │ │ │ ├── ops6.png
│ │ │ │ ├── ops6s.png
│ │ │ │ ├── prove1.png
│ │ │ │ ├── prove1s.png
│ │ │ │ ├── prove2.png
│ │ │ │ ├── prove2s.png
│ │ │ │ ├── prove3.png
│ │ │ │ ├── prove3s.png
│ │ │ │ ├── prove4.png
│ │ │ │ ├── prove4s.png
│ │ │ │ ├── qed.png
│ │ │ │ ├── qeds.png
│ │ │ │ ├── result.png
│ │ │ │ └── results.png
│ │ ├── Unsupported_features.html
│ │ └── img
│ │ │ └── tlaps_arch.svg
│ ├── Download.html
│ ├── Download
│ │ ├── Binaries.html
│ │ ├── Binaries
│ │ │ ├── Linux.html
│ │ │ ├── MacOS.html
│ │ │ ├── Windows.html
│ │ │ └── images
│ │ │ │ ├── logo_linux35.png
│ │ │ │ ├── logo_macosx30s.png
│ │ │ │ └── windows_logo_only.png
│ │ ├── License.html
│ │ ├── Previous_releases.html
│ │ ├── Source.html
│ │ ├── Unsupported.html
│ │ └── What_s_new.html
│ └── Home.html
│ ├── doc
│ ├── FORUM2011
│ │ ├── poster_TLA_FORUM2011.jpg
│ │ └── poster_TLA_FORUM2011.pdf
│ └── IFM2010
│ │ ├── Peterson.tla
│ │ ├── Peterson_IFM2010.pdf
│ │ └── tutorial.pdf
│ ├── fancybox
│ ├── blank.gif
│ ├── fancy_close.png
│ ├── fancy_loading.png
│ ├── fancy_nav_left.png
│ ├── fancy_nav_right.png
│ ├── fancy_shadow_e.png
│ ├── fancy_shadow_n.png
│ ├── fancy_shadow_ne.png
│ ├── fancy_shadow_nw.png
│ ├── fancy_shadow_s.png
│ ├── fancy_shadow_se.png
│ ├── fancy_shadow_sw.png
│ ├── fancy_shadow_w.png
│ ├── fancy_title_left.png
│ ├── fancy_title_main.png
│ ├── fancy_title_over.png
│ ├── fancy_title_right.png
│ ├── fancybox-x.png
│ ├── fancybox-y.png
│ ├── fancybox.png
│ ├── jquery.easing-1.3.pack.js
│ ├── jquery.fancybox-1.3.1.css
│ ├── jquery.fancybox-1.3.1.js
│ ├── jquery.fancybox-1.3.1.pack.js
│ └── jquery.mousewheel-3.0.2.pack.js
│ ├── index.html
│ └── sany.xsd
├── dune
├── dune-project
├── examples
├── Allocator.tla
├── AtomicBakery.tla
├── AtomicBakeryWithoutSMT.tla
├── Bakery.tla
├── BubbleSort.tla
├── ByzPaxos
│ ├── BPConProof.tla
│ ├── Consensus.tla
│ ├── PConProof.tla
│ ├── README.md
│ └── VoteProof.tla
├── Dekker
│ ├── Dekker.cfg
│ └── Dekker.tla
├── EWD840.tla
├── Euclid.tla
├── GraphTheorem.tla
├── LamportMutex.tla
├── Makefile
├── Peterson.tla
├── README
├── SimpleEventually.tla
├── SimpleEventuallyInt.tla
├── SimpleMutex.tla
├── SumAndMax.tla
├── cantor
│ ├── Cantor1.tla
│ ├── Cantor10.tla
│ ├── Cantor2.tla
│ ├── Cantor3.tla
│ ├── Cantor4.tla
│ ├── Cantor5.tla
│ ├── Cantor6.tla
│ ├── Cantor7.tla
│ ├── Cantor8.tla
│ └── Cantor9.tla
├── paxos
│ ├── Consensus.tla
│ └── Paxos.tla
└── two_phase
│ ├── Alternate.tla
│ └── TwoPhase.tla
├── examples_draft
├── FOLTL.tla
├── FiniteSetTheoremsLL.tla
├── FiniteSetTheorems_1.tla
├── SimpleExampleWF.tla
├── bySMT
│ ├── AtomicBakery.tla
│ ├── Bakery.tla
│ ├── Channel
│ │ ├── BoundedBuffer.tla
│ │ └── PCalBoundedChannel.tla
│ ├── Euclid.tla
│ ├── OneBitMutex.tla
│ ├── Peterson.tla
│ ├── TwoPhase
│ │ ├── PTCommit.tla
│ │ ├── PTwoPhase.tla
│ │ ├── TCommit.tla
│ │ └── TwoPhase.tla
│ └── consensus
│ │ ├── Consensus.tla
│ │ ├── PaxosProof.tla
│ │ ├── PaxosTuple.tla
│ │ ├── Sets.tla
│ │ └── Voting.tla
├── consensus
│ ├── Consensus.tla
│ ├── PaxosProof.tla
│ ├── PaxosTuple.tla
│ ├── Sets.tla
│ └── Voting.tla
├── quicksort
│ ├── Quicksort01.tla
│ ├── Quicksort02.tla
│ ├── Quicksort03.tla
│ ├── Quicksort04.tla
│ ├── Quicksort05.tla
│ ├── Quicksort06.tla
│ ├── Quicksort07.tla
│ ├── Quicksort07d.tla
│ ├── Quicksort21.tla
│ └── Utils.tla
└── simple_liveness
│ ├── SimpleSpec.tla
│ ├── SimpleSpecAction.tla
│ └── SimpleSpecTrans.tla
├── hints.txt
├── index.html
├── isabelle
├── .gitignore
├── CaseExpressions.thy
├── Constant.thy
├── FixedPoints.thy
├── Functions.thy
├── IntegerArithmetic.thy
├── IntegerDivision.thy
├── Integers.thy
├── Makefile
├── NewSMT.thy
├── PredicateLogic.thy
├── README.html
├── ROOT
├── SMT.thy
├── SetTheory.thy
├── Strings.thy
├── Tuples.thy
├── Zenon.thy
├── document
│ └── root.tex
├── dune
├── dune.mk
├── examples
│ ├── Allocator.thy
│ ├── AtomicBakeryG.thy
│ └── document
│ │ └── root.tex
├── simplifier_setup.ML
└── tests
│ └── Tests.thy
├── library
├── Bags.tla
├── BagsTheorems.tla
├── BagsTheorems_proofs.tla
├── FiniteSetTheorems.tla
├── FiniteSetTheorems_proofs.tla
├── FiniteSets.tla
├── FunctionTheorems.tla
├── FunctionTheorems_proofs.tla
├── Functions.tla
├── NaturalsInduction.tla
├── NaturalsInduction_proofs.tla
├── RealTime.tla
├── SequenceTheorems.tla
├── SequenceTheorems_proofs.tla
├── SequencesExt.tla
├── SequencesExtTheorems.tla
├── SequencesExtTheorems_proofs.tla
├── TLAPS.tla
├── WellFoundedInduction.tla
├── WellFoundedInduction_proofs.tla
└── dune
├── lsp
├── README.md
├── bin
│ ├── dune
│ ├── tlapm_lsp.ml
│ └── tlapm_lsp.mli
├── components.puml
├── doc
│ ├── proof_step_rename.gif
│ └── proof_step_renumber.gif
├── lib
│ ├── analysis
│ │ ├── step_rename.ml
│ │ ├── step_rename.mli
│ │ ├── step_renumber.ml
│ │ └── step_renumber.mli
│ ├── const.ml
│ ├── const.mli
│ ├── debug.ml
│ ├── debug.mli
│ ├── docs
│ │ ├── doc.ml
│ │ ├── doc.mli
│ │ ├── doc_actual.ml
│ │ ├── doc_actual.mli
│ │ ├── doc_proof_res.ml
│ │ ├── doc_proof_res.mli
│ │ ├── doc_vsn.ml
│ │ ├── doc_vsn.mli
│ │ ├── docs.ml
│ │ ├── docs.mli
│ │ ├── obl.ml
│ │ ├── obl.mli
│ │ ├── proof_status.ml
│ │ ├── proof_status.mli
│ │ ├── proof_step.ml
│ │ ├── proof_step.mli
│ │ └── util.ml
│ ├── dune
│ ├── parser
│ │ ├── parser.ml
│ │ └── parser.mli
│ ├── prover
│ │ ├── progress.ml
│ │ ├── progress.mli
│ │ ├── prover.ml
│ │ ├── prover.mli
│ │ ├── toolbox.ml
│ │ └── toolbox.mli
│ ├── range.ml
│ ├── range.mli
│ ├── server
│ │ ├── codec.ml
│ │ ├── codec.mli
│ │ ├── handlers.ml
│ │ ├── handlers.mli
│ │ ├── server.ml
│ │ ├── server.mli
│ │ ├── session.ml
│ │ └── session.mli
│ ├── structs.ml
│ ├── structs.mli
│ ├── tlapm_lsp_lib.ml
│ └── tlapm_lsp_lib.mli
└── test
│ ├── test_obl_expand.tla
│ ├── test_proof_steps.tla
│ ├── test_use.tla
│ └── tlapm_mock.sh
├── misc
└── tla_mode
│ ├── doc.txt
│ ├── dune
│ └── tla-mode.el
├── src
├── abstractor.ml
├── abstractor.mli
├── alexer.mli
├── alexer.mll
├── backend.ml
├── backend.mli
├── backend
│ ├── fingerprints.ml
│ ├── fingerprints.mli
│ ├── fpfile.ml
│ ├── fpfile.mli
│ ├── interrupted.ml
│ ├── interrupted.mli
│ ├── isabelle.ml
│ ├── isabelle.mli
│ ├── ls4.ml
│ ├── ls4.mli
│ ├── prep.ml
│ ├── prep.mli
│ ├── schedule.ml
│ ├── schedule.mli
│ ├── smt.ml
│ ├── smt.mli
│ ├── smtlib.ml
│ ├── smtlib.mli
│ ├── smtlib.mlt
│ ├── test_schedule.ml
│ ├── thf.ml
│ ├── thf.mli
│ ├── thf.mlt
│ ├── toolbox.ml
│ ├── toolbox.mli
│ ├── types.ml
│ ├── types.mli
│ ├── zenon.ml
│ └── zenon.mli
├── builtin.ml
├── builtin.mli
├── ctx.ml
├── ctx.mli
├── dumpfp.ml
├── dumpfp.mli
├── dune
├── encode.ml
├── encode.mli
├── encode.mlt
├── encode
│ ├── n_axiomatize.ml
│ ├── n_axiomatize.mli
│ ├── n_axiomatize.mlt
│ ├── n_axioms.ml
│ ├── n_axioms.mli
│ ├── n_axioms.mlt
│ ├── n_data.ml
│ ├── n_data.mli
│ ├── n_data.mlt
│ ├── n_flatten.ml
│ ├── n_flatten.mli
│ ├── n_flatten.mlt
│ ├── n_rewrite.ml
│ ├── n_rewrite.mli
│ ├── n_rewrite.mlt
│ ├── n_smb.ml
│ ├── n_smb.mli
│ ├── n_smb.mlt
│ ├── n_standardize.ml
│ ├── n_standardize.mli
│ ├── n_standardize.mlt
│ ├── n_subst.ml
│ ├── n_subst.mli
│ ├── n_subst.mlt
│ ├── n_table.ml
│ ├── n_table.mli
│ └── n_table.mlt
├── errors.ml
├── errors.mli
├── expr.ml
├── expr.mli
├── expr
│ ├── e_action.ml
│ ├── e_action.mli
│ ├── e_anon.ml
│ ├── e_anon.mli
│ ├── e_collect.ml
│ ├── e_collect.mli
│ ├── e_collect.mlt
│ ├── e_constness.ml
│ ├── e_constness.mli
│ ├── e_deref.ml
│ ├── e_deref.mli
│ ├── e_elab.ml
│ ├── e_elab.mli
│ ├── e_eq.ml
│ ├── e_eq.mli
│ ├── e_fmt.ml
│ ├── e_fmt.mli
│ ├── e_leibniz.ml
│ ├── e_leibniz.mli
│ ├── e_level_comparison.ml
│ ├── e_level_comparison.mli
│ ├── e_levels.ml
│ ├── e_levels.mli
│ ├── e_parser.ml
│ ├── e_parser.mli
│ ├── e_subst.ml
│ ├── e_subst.mli
│ ├── e_substitutive.ml
│ ├── e_substitutive.mli
│ ├── e_t.ml
│ ├── e_t.mli
│ ├── e_temporal_props.ml
│ ├── e_temporal_props.mli
│ ├── e_tla_norm.ml
│ ├── e_tla_norm.mli
│ ├── e_tuply_declarations.ml
│ ├── e_tuply_declarations.mli
│ ├── e_tuply_declarations.mlt
│ ├── e_visit.ml
│ └── e_visit.mli
├── frontend
│ ├── action.ml
│ ├── action.mli
│ ├── coalesce.ml
│ ├── coalesce.mli
│ ├── pltl.ml
│ ├── pltl.mli
│ ├── symbol_commute.ml
│ └── symbol_commute.mli
├── global
│ ├── intermediate.ml
│ └── intermediate.mli
├── isabelle_keywords.ml
├── isabelle_keywords.mli
├── isabelle_keywords_update.py
├── loader.ml
├── loader.mli
├── loc.ml
├── loc.mli
├── method.ml
├── method.mli
├── method_old.ml
├── method_old.mli
├── method_prs.ml
├── method_prs.mli
├── module.ml
├── module.mli
├── module
│ ├── m_dep.ml
│ ├── m_dep.mli
│ ├── m_elab.ml
│ ├── m_elab.mli
│ ├── m_flatten.ml
│ ├── m_flatten.mli
│ ├── m_fmt.ml
│ ├── m_fmt.mli
│ ├── m_gen.ml
│ ├── m_gen.mli
│ ├── m_globalness.ml
│ ├── m_globalness.mli
│ ├── m_parser.ml
│ ├── m_parser.mli
│ ├── m_save.ml
│ ├── m_save.mli
│ ├── m_standard.ml
│ ├── m_standard.mli
│ ├── m_subst.ml
│ ├── m_subst.mli
│ ├── m_t.ml
│ ├── m_t.mli
│ ├── m_visit.ml
│ └── m_visit.mli
├── optable.ml
├── optable.mli
├── outer_keywords.scala
├── params.ml
├── params.mli
├── pars.ml
├── pars.mli
├── pars
│ ├── error.ml
│ ├── error.mli
│ ├── intf.ml
│ ├── intf.mli
│ ├── lazyList.ml
│ ├── lazyList.mli
│ ├── pco.ml
│ └── pco.mli
├── paths.ml
├── paths.mli
├── proof.ml
├── proof.mli
├── proof
│ ├── p_anon.ml
│ ├── p_anon.mli
│ ├── p_fmt.ml
│ ├── p_fmt.mli
│ ├── p_gen.ml
│ ├── p_gen.mli
│ ├── p_parser.ml
│ ├── p_parser.mli
│ ├── p_simplify.ml
│ ├── p_simplify.mli
│ ├── p_subst.ml
│ ├── p_subst.mli
│ ├── p_t.ml
│ ├── p_t.mli
│ ├── p_visit.ml
│ └── p_visit.mli
├── smt
│ ├── axioms.ml
│ ├── axioms.mli
│ ├── boolify.ml
│ ├── boolify.mli
│ ├── ectx.ml
│ ├── ectx.mli
│ ├── fmt.ml
│ ├── fmt.mli
│ ├── preprocess.ml
│ ├── preprocess.mli
│ ├── rewrite.ml
│ ├── rewrite.mli
│ ├── rewrite_arith.ml
│ ├── rewrite_arith.mli
│ ├── rewrite_trivial.ml
│ ├── rewrite_trivial.mli
│ ├── smtcommons.ml
│ └── smtcommons.mli
├── sysconf.ml
├── sysconf.mli
├── sysconf_stubs.c
├── system.ml
├── system.mli
├── tla_parser.ml
├── tla_parser.mli
├── tlapm.ml
├── tlapm.mli
├── tlapm.t
├── tlapm_args.ml
├── tlapm_args.mli
├── tlapm_lib.ml
├── tlapm_lib.mli
├── toolbox_msg.ml
├── toolbox_msg.mli
├── type.ml
├── type.mli
├── type.mlt
├── type
│ ├── t_collect.ml
│ ├── t_collect.mli
│ ├── t_collect.mlt
│ ├── t_hyps.ml
│ ├── t_hyps.mli
│ ├── t_hyps.mlt
│ ├── t_synth.ml
│ ├── t_synth.mli
│ ├── t_synth.mlt
│ ├── t_t.ml
│ ├── t_t.mli
│ ├── t_t.mlt
│ ├── t_visit.ml
│ ├── t_visit.mli
│ └── t_visit.mlt
├── typesystem
│ ├── typ_c.ml
│ ├── typ_c.mli
│ ├── typ_cg1.ml
│ ├── typ_cg1.mli
│ ├── typ_cg2.ml
│ ├── typ_cg2.mli
│ ├── typ_e.ml
│ ├── typ_e.mli
│ ├── typ_impgraph.ml
│ ├── typ_impgraph.mli
│ ├── typ_system.ml
│ ├── typ_system.mli
│ ├── typ_t.ml
│ ├── typ_t.mli
│ ├── why3_interface.ml
│ └── why3_interface.mli
└── util
│ ├── deque.ml
│ ├── deque.mli
│ ├── ext.ml
│ ├── ext.mli
│ ├── fmtutil.ml
│ ├── fmtutil.mli
│ ├── kwdregs.el
│ ├── property.ml
│ ├── property.mli
│ ├── timing.ml
│ ├── timing.mli
│ ├── util.ml
│ ├── util.mli
│ ├── worklist.ml
│ └── worklist.mli
├── test
├── Makefile
├── README
├── TOOLS
│ ├── do_junit_tests
│ ├── do_one_test
│ ├── do_soundness_tests
│ ├── do_tests
│ ├── env_setup
│ ├── separator
│ └── time_one_test
├── bugs
│ ├── README.md
│ ├── constantfcn_test.tla
│ ├── everythingisafcn_test.tla
│ ├── excappbad_test.tla
│ ├── hidedef_test.tla
│ ├── hidedefpred_test.tla
│ ├── instance_mutate.tla
│ ├── instance_mutate_test.tla
│ ├── noteqfalse_test.tla
│ ├── quant_level_test.tla
│ ├── sndord_bis_test.tla
│ └── sndord_test.tla
├── dune
├── fast
│ ├── README.txt
│ ├── basic
│ │ ├── cvc3_false_test.tla
│ │ ├── instantiate_backend_pragmas.tla
│ │ ├── isa_false_test.tla
│ │ ├── isa_true_test.tla
│ │ ├── nonexistent_test.tla
│ │ ├── smt_arith_test.tla
│ │ ├── smt_false_test.tla
│ │ ├── tab_character_test.tla
│ │ ├── true_test.tla
│ │ ├── z3_arith_test.tla
│ │ ├── z3_false_test.tla
│ │ ├── zen_false_test.tla
│ │ └── zen_true_test.tla
│ ├── enabled_cdot
│ │ ├── Cdot_test.tla
│ │ ├── ENABLED_INSTANCE_nullary_op_test.tla
│ │ ├── ENABLED_INSTANCE_nullary_op_two_vars_test.tla
│ │ ├── ENABLED_INSTANCE_op_with_args_test.tla
│ │ ├── ENABLEDaxioms_test.tla
│ │ ├── Enabled_test.tla
│ │ ├── ExpandENABLED_LET_test.tla
│ │ ├── ExpandOnlyCdot_test.tla
│ │ ├── ExpandOnlyENABLED_test.tla
│ │ ├── InstantiateTLAPS.tla
│ │ ├── Level_of_parametric_INSTANCE_test.tla
│ │ ├── Level_test.tla
│ │ ├── NestedCdot_test.tla
│ │ ├── NestedENABLED_from_AutoUSE_test.tla
│ │ └── NestedENABLED_test.tla
│ ├── fingerprint
│ │ ├── FingerprintVariablesParameters_test.tla
│ │ ├── load_v8_test.tla.disabled
│ │ ├── load_v8_test.tlaps.testbase
│ │ │ └── fingerprints
│ │ ├── load_v8old_test.tla.disabled
│ │ ├── load_v8old_test.tlaps.testbase
│ │ │ └── fingerprints
│ │ ├── load_v9_test.tla.disabled
│ │ └── load_v9_test.tlaps.testbase
│ │ │ └── fingerprints
│ ├── language
│ │ ├── CHOOSEsyntax.tla
│ │ ├── ConstantQuantifierBoundeds.tla
│ │ ├── ConstantQuantifierUnboundeds.tla
│ │ ├── DuplicateEXCEPT.tla
│ │ ├── EXCEPTMultipleBrackets_test.tla
│ │ ├── EXTENDS_in_submodule_test.tla
│ │ ├── ExistsNotBothBoundedAndUnbounded.tla
│ │ ├── ForallNotBothBoundedAndUnbounded.tla
│ │ ├── FunctionConstructorBoundeds.tla
│ │ ├── FunctionConstructorOnlyBoundeds.tla
│ │ ├── FunctionDefinitionBoundeds.tla
│ │ ├── FunctionDefinitionOnlyBoundeds_1.tla
│ │ ├── FunctionDefinitionOnlyBoundeds_2.tla
│ │ ├── INSTANCE_inside_LET_fingerprint_test.tla
│ │ ├── INSTANCE_inside_LET_test.tla
│ │ ├── INSTANCE_shift_due_to_omitted_modunits_test.tla
│ │ ├── Operators_test.tla
│ │ ├── SetConstructorsTupleDeclarations.tla
│ │ ├── SubrefLL_test.tla
│ │ ├── Subref_test.tla
│ │ ├── WFTRUE_test.tla
│ │ ├── nary_fcnapp_test.tla
│ │ ├── parse_function_comma_args.tla
│ │ └── unary_fcnapp_test.tla
│ └── regression
│ │ ├── MiniProducerConsumer_test.tla
│ │ ├── consensus
│ │ ├── PaxosProof.tla
│ │ ├── PaxosTuple.tla
│ │ ├── Sets.tla
│ │ ├── Voting.tla
│ │ └── consensus_test.tla
│ │ ├── cooper_instantiation_test.tla
│ │ ├── higher_order_statement_test.tla
│ │ ├── parameterized_instantiation_aux.tla
│ │ ├── parameterized_instantiation_test.tla
│ │ ├── setEuclid_test.tla
│ │ ├── smt_domain_check_test.tla
│ │ └── z3_fingerprint_test.tla
├── medium
│ ├── README.txt
│ └── regression
│ │ ├── select_bug_test.tla
│ │ └── snapshot
│ │ ├── GFXSpec.tla
│ │ ├── GFX_test.tla
│ │ ├── SnapShot_test.tla
│ │ └── SnapSpec.tla
├── parser
│ ├── dune
│ ├── parser_tests.ml
│ ├── syntax_corpus
│ │ ├── assume-prove.txt
│ │ ├── assume.txt
│ │ ├── case.txt
│ │ ├── conjlist.txt
│ │ ├── disjlist.txt
│ │ ├── except.txt
│ │ ├── expressions.txt
│ │ ├── fairness.txt
│ │ ├── functions.txt
│ │ ├── if_then_else.txt
│ │ ├── infix_op.txt
│ │ ├── jlist.txt
│ │ ├── labels.txt
│ │ ├── let_in.txt
│ │ ├── modules.txt
│ │ ├── number.txt
│ │ ├── operators.txt
│ │ ├── postfix_op.txt
│ │ ├── prefix_op.txt
│ │ ├── proofs.txt
│ │ ├── quantification.txt
│ │ ├── records.txt
│ │ ├── recursive.txt
│ │ ├── sets.txt
│ │ ├── step_expressions.txt
│ │ ├── string.txt
│ │ ├── subexpressions.txt
│ │ ├── tuples.txt
│ │ ├── unit.txt
│ │ └── use_or_hide.txt
│ └── syntax_corpus_file_parser.ml
├── regression_tests
│ ├── fingerprint_13_12_07_test-disabled.tla
│ ├── function_except_tuple_soundness_gh201_test.tla
│ └── nat_comparison_soundness_gh200_test.tla
├── resources
│ └── module
│ │ └── m_save
│ │ └── TLC.tla
├── slow
│ └── README.txt
├── soundness_tests
│ ├── prime_dist_bound_var_stest.tla
│ └── variable_capture_stest.tla
└── unit
│ ├── README.md
│ ├── a_lang
│ ├── binary_test.tla
│ ├── bounded_test.tla
│ ├── constant_test.tla
│ ├── ditto_test.tla
│ ├── extends_test.tla
│ ├── hidedef_test.tla
│ ├── letchain_test.tla
│ ├── letconstant_test.tla
│ ├── letfunction_test.tla
│ ├── letsndord_test.tla
│ ├── nothing_test.tla
│ ├── nusedef_test.tla
│ ├── nusefact_test.tla
│ ├── nusesndord_test.tla
│ ├── predarg_test.tla
│ ├── prime_test.tla
│ ├── secondord_test.tla
│ ├── sndordthm_test.tla
│ ├── tempop_test.tla
│ ├── unary_test.tla
│ ├── usedef_test.tla
│ ├── usefact_test.tla
│ ├── userops_test.tla
│ ├── usethm_test.tla
│ ├── variable_test.tla
│ ├── witness_bounded_test.tla
│ └── witness_test.tla
│ ├── b_logic
│ ├── critical_bounded_test.tla
│ ├── critical_test.tla
│ ├── existential_bounded_test.tla
│ ├── existential_test.tla
│ ├── notfalse_test.tla
│ ├── predicate_test.tla
│ ├── props_test.tla
│ ├── true_test.tla
│ ├── universal_bounded_test.tla
│ └── universal_test.tla
│ ├── c_sets
│ ├── cap_test.tla
│ ├── cup_test.tla
│ ├── empty_test.tla
│ ├── pair_test.tla
│ ├── power_test.tla
│ ├── setext_test.tla
│ ├── setminus_test.tla
│ ├── setof_test.tla
│ ├── setst_test.tla
│ ├── singleton_test.tla
│ ├── subset_test.tla
│ └── union_test.tla
│ ├── d_funcs
│ ├── arrow_test.tla
│ ├── domain_test.tla
│ ├── excapp1_test.tla
│ ├── excapp2_test.tla
│ ├── excapp3_test.tla
│ ├── excapp4_test.tla
│ ├── excdom_test.tla
│ ├── fcnapp_test.tla
│ └── funext_test.tla
│ ├── e_arith
│ ├── intlit0_test.tla
│ ├── intlit1_test.tla
│ ├── intlitminus1_test.tla
│ ├── nat_test.tla
│ ├── range_test.tla
│ ├── typingexp_test.tla
│ ├── typingminus_test.tla
│ ├── typingplus_test.tla
│ ├── typingquotient_test.tla
│ ├── typingremainder_test.tla
│ ├── typingtimes_test.tla
│ └── typinguminus_test.tla
│ ├── f_data
│ ├── boolcar_test.tla
│ ├── booldistinct_test.tla
│ ├── boolean_test.tla
│ ├── string_test.tla
│ └── stringdistinct_test.tla
│ ├── g_tuples
│ ├── productset_test.tla
│ ├── tupleapp_test.tla
│ ├── tupledom_test.tla
│ └── tupleext_test.tla
│ ├── h_records
│ ├── recorddom_test.tla
│ ├── recorddot_test.tla
│ ├── recordext_test.tla
│ └── rectset_test.tla
│ └── i_sequences
│ └── sequences_test.tla
├── tlapm.opam
├── tlapm.opam.template
├── todo.txt
├── tools
├── all_defs.sml
├── change_blank_space.py
├── clean.sh
├── install-sh
├── newversion.ml
└── source_clean.pl
├── translate
├── README
├── build.sh
├── buildAll.sh
├── buildb.sh
├── buildbs.sh
├── clean.sh
├── dune
├── fofunctions.ml
├── folex.mll
├── fotypes.mli
├── foyacc.mly
└── main.ml
└── zenon
├── .gitignore
├── INSTALL
├── LICENSE
├── Makefile
├── README.md
├── checksum.mli
├── config.mli
├── configure
├── configure-for-focalize
├── coqterm.ml
├── coqterm.mli
├── doc
├── .gitignore
├── Makefile
├── input-coq.tex
├── input-tptp.tex
├── input-zen.tex
├── install.tex
├── intro.tex
├── macros.tex
├── messages.tex
├── options.tex
├── reference.tex
└── zenon-logo.ps
├── enum.ml
├── enum.mli
├── eqrel.ml
├── eqrel.mli
├── error.ml
├── error.mli
├── expr.ml
├── expr.mli
├── ext_equiv.ml
├── ext_equiv.mli
├── ext_focal.ml
├── ext_focal.mli
├── ext_induct.ml
├── ext_induct.mli
├── ext_recfun.ml
├── ext_recfun.mli
├── ext_tla.ml
├── ext_tla.mli
├── extension.ml
├── extension.mli
├── globals.ml
├── globals.mli
├── heap.ml
├── heap.mli
├── index.ml
├── index.mli
├── isar_case.ml
├── isar_case.mli
├── lexcoq.mli
├── lexcoq.mll
├── lextptp.mli
├── lextptp.mll
├── lexzen.mli
├── lexzen.mll
├── llproof.ml
├── llproof.mli
├── lltocoq.ml
├── lltocoq.mli
├── lltoisar.ml
├── lltoisar.mli
├── main.ml
├── main.mli
├── misc.ml
├── misc.mli
├── mlproof.ml
├── mlproof.mli
├── mltoll.ml
├── mltoll.mli
├── namespace.ml
├── namespace.mli
├── node.ml
├── node.mli
├── parsecoq.mly
├── parsetptp.mly
├── parsezen.mly
├── phrase.ml
├── phrase.mli
├── print.ml
├── print.mli
├── progress.ml
├── progress.mli
├── prove.ml
├── prove.mli
├── regression
├── .svnignore
├── Makefile
├── backend
│ ├── testarith.tla
│ ├── testball.tla
│ ├── testbchoose.tla
│ ├── testbex.tla
│ ├── testbool.tla
│ ├── testnat.tla
│ └── testsubset.tla
├── examples
│ ├── Allocator.tla
│ ├── AtomicBakeryG.tla
│ ├── AtomicBakeryGInitialized.tla
│ ├── SimpleMutex.tla
│ ├── cantor
│ │ ├── Cantor1.tla
│ │ ├── Cantor2.tla
│ │ ├── Cantor3.tla
│ │ ├── Cantor4.tla
│ │ ├── Cantor5.tla
│ │ ├── Cantor6.tla
│ │ ├── Cantor7.tla
│ │ ├── Cantor8.tla
│ │ └── Cantor9.tla
│ ├── consensus
│ │ ├── Consensus.tla
│ │ ├── PaxosProof.tla
│ │ ├── PaxosTuple.tla
│ │ ├── Sets.tla
│ │ └── Voting.tla
│ ├── data
│ │ ├── GraphTheorem.tla
│ │ ├── SequencesTheorems.tla
│ │ └── Sets.tla
│ └── two-phase
│ │ ├── Alternate.tla
│ │ ├── TLAProofRules.tla
│ │ └── TwoPhase.tla
├── features
│ ├── .svnignore
│ ├── test_case.tla
│ ├── test_choose_in.tla
│ └── test_record.tla
├── misc
│ ├── .svnignore
│ ├── Bug08_11_20.tla
│ ├── Bug08_11_20a.tla
│ ├── Bug1.tla
│ ├── Contra.tla
│ ├── Forall.tla
│ ├── test1.tla
│ ├── test2.tla
│ ├── test3.tla
│ ├── test4.tla
│ └── test5.tla
├── peterson
│ ├── .svnignore
│ ├── MutexQ.tla
│ └── Peterson.tla
├── sets
│ ├── .svnignore
│ └── singleton.tla
└── test.sh
├── step.ml
├── step.mli
├── test
├── .gitignore
├── Makefile
├── basics.v
├── coq_builtins.v
├── equivbench.sh
├── test00.znn
├── test01.znn
├── test02.znn
├── test03.znn
├── test04.znn
├── test05.znn
├── test06.znn
├── test07.znn
├── test08.znn
├── test09.znn
├── test10.znn
├── test11.znn
├── test12.znn
├── test13.znn
├── test14.znn
├── test15.znn
├── test16.znn
├── test17.znn
├── test18.znn
├── test19.znn
├── test20.znn
├── test21.znn
├── test22.znn
├── test23.znn
├── test24.znn
├── test25.znn
├── test26.znn
├── test27.znn
├── test28.znn
├── test29.znn
├── test30.znn
├── test31.znn
├── test32.znn
├── test33.znn
├── test34.znn
├── test35.znn
├── test36.znn
├── test37.znn
├── test38.znn
├── test39.znn
├── test40.znn
├── test41.znn
├── test42.znn
├── test43.znn
├── test44.znn
├── test45.znn
├── test46.znn
├── test47.znn
├── test48.znn
├── test49.coz
├── test50.coz
├── test51.coz
├── test52.coz
├── test53.coz
├── test54.coz
├── test55.coz
├── test56.coz
├── test57.coz
├── test58.coz
├── test59.coz
├── test60.coz
├── test61.coz
├── test62.coz
├── test63.coz
├── test64.coz
├── test65.coz
├── test66.coz
├── test67.coz
├── test68.coz
├── test69.coz
├── test70.coz
├── test71.znn
├── test72.znn
├── test73.znn
├── test74.znn
├── test75.znn
└── test76.coz
├── tptp.ml
├── tptp.mli
├── version.ml
├── version.mli
├── versionnum.ml
├── versionnum.mli
├── watch.ml
├── watch.mli
├── www
└── index.html
├── zenon.ml
├── zenon.mli
├── zenon.spec
├── zenon.v
├── zenon_coqbool.v
├── zenon_equiv.v
├── zenon_focal.v
└── zenon_induct.v
/.github/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | The code of conduct for the `tlapm` project is:
2 | https://github.com/tlaplus/tlaplus/blob/master/.github/CODE_OF_CONDUCT.md
3 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *.exe
2 | *.err
3 | *.out
4 | *.toolbox
5 | *.tlacache
6 | *.tlaps
7 | *.log
8 | .DS_Store
9 |
10 | /_build/
11 | /_build_cache/
12 | /.vscode/settings.json
13 | /tlaps-*.tar.gz
14 | /src/tlapm.bc
15 |
16 | __pycache__/
17 | *.pyc
18 |
--------------------------------------------------------------------------------
/.nojekyll:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/.ocamlformat:
--------------------------------------------------------------------------------
1 | version=0.27.0
2 | profile=default
3 |
--------------------------------------------------------------------------------
/.vscode/cspell.json:
--------------------------------------------------------------------------------
1 | {
2 | "words": [
3 | "tlaplus",
4 | "tlaps",
5 | "tlapm",
6 | "zenon",
7 | "opam",
8 | "ocaml",
9 | "caml",
10 | "sandboxing",
11 | "sprintf",
12 | "printexc"
13 | ]
14 | }
15 |
--------------------------------------------------------------------------------
/.vscode/launch.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": "0.2.0",
3 | "configurations": [
4 | {
5 | "name": "TLAPM Debug",
6 | "type": "ocaml.earlybird",
7 | "request": "launch",
8 | "program": "${workspaceFolder}/src/tlapm.bc",
9 | "stopOnEntry": true,
10 | "env": {
11 | "CAML_LD_LIBRARY_PATH": "${workspaceFolder}/_build/default/src:${env:CAML_LD_LIBRARY_PATH}"
12 | }
13 | }
14 | ]
15 | }
--------------------------------------------------------------------------------
/CNAME:
--------------------------------------------------------------------------------
1 | proofs.tlapl.us
--------------------------------------------------------------------------------
/deps/Makefile.post-install:
--------------------------------------------------------------------------------
1 | all:
2 | chmod +x backends/bin/*
3 | cd backends && cat Isabelle.exec-files | xargs chmod +x
4 |
--------------------------------------------------------------------------------
/deps/README.md:
--------------------------------------------------------------------------------
1 | Here we build all the dependencies / backends.
2 |
--------------------------------------------------------------------------------
/deps/dune:
--------------------------------------------------------------------------------
1 | (install
2 | (section lib)
3 | (files Makefile.post-install))
4 |
--------------------------------------------------------------------------------
/deps/isabelle/.gitignore:
--------------------------------------------------------------------------------
1 | /Isabelle.exec-files
2 | /Isabelle/
3 | /Isabelle-test/
4 |
--------------------------------------------------------------------------------
/deps/isabelle/README.md:
--------------------------------------------------------------------------------
1 | ## Debugging Isabelle prover
2 |
3 | Run the `tlapm` with the `--debug=tempfiles` option, e.g.:
4 |
5 | (cd ../tlaplus-examples/specifications/MisraReachability/ \
6 | && rm -rf .tlacache/ && tlapm --toolbox 228 228 --debug=tempfiles ReachabilityProofs.tla)
7 |
8 | Then look for the corresponding `*.thy` files and open them with Isabelle, e.g.
9 |
10 | ./_build/default/deps/isabelle/Isabelle/bin/isabelle jedit \
11 | -d ./_build/default/deps/isabelle/Isabelle/src/TLA+/ \
12 | ../tlaplus-examples/specifications/MisraReachability/.tlacache/ReachabilityProofs.tlaps/tlapm_624cb2.thy
13 |
14 |
--------------------------------------------------------------------------------
/deps/isabelle/dune:
--------------------------------------------------------------------------------
1 | ; Download the Isabelle and build the TLA+ theory with it.
2 | ; The source code for the TLA+ theory is in the $PROJECT_ROOT/isabelle directory.
3 | ; The generated heaps (Pure and TLA+) are in Isabelle/heaps/polyml-*/.
4 | (rule
5 | (alias default)
6 | (deps
7 | "dune.mk"
8 | (source_tree ../../isabelle)
9 | (sandbox none))
10 | (targets
11 | (dir "Isabelle")
12 | (dir "Isabelle-test")
13 | "Isabelle.exec-files")
14 | (action (run "make" "-f" "dune.mk")))
15 |
16 | (install
17 | (section (site (tlapm backends)))
18 | (dirs Isabelle))
19 |
20 | (install
21 | (section (site (tlapm backends)))
22 | (files ("Isabelle.exec-files" as "Isabelle.exec-files")))
23 |
--------------------------------------------------------------------------------
/deps/ls4/dune:
--------------------------------------------------------------------------------
1 | ; Download and build the LS4 prover.
2 | (rule
3 | (deps "Makefile" "ls4.patch")
4 | (targets ls4)
5 | (action (run "make" "-C" "." "ls4")))
6 |
7 | (install
8 | (section (site (tlapm backends)))
9 | (files (ls4 as bin/ls4)))
10 |
--------------------------------------------------------------------------------
/deps/z3/dune:
--------------------------------------------------------------------------------
1 | ; Download the Z3 prover.
2 | (rule
3 | (deps "Makefile")
4 | (targets z3)
5 | (action (run "make" "-C" "." "z3")))
6 |
7 | (install
8 | (section (site (tlapm backends)))
9 | (files (z3 as bin/z3)))
10 |
--------------------------------------------------------------------------------
/deps/zenon/dune:
--------------------------------------------------------------------------------
1 | ; Build the zenon prover, the source is at $PROJECT_ROOT/zenon.
2 | (rule
3 | (deps "Makefile" (source_tree "zenon-src"))
4 | (targets zenon)
5 | (action (run "make" "-C" "." "zenon")))
6 |
7 | (install
8 | (section (site (tlapm backends)))
9 | (files (zenon as bin/zenon)))
10 |
--------------------------------------------------------------------------------
/deps/zenon/zenon-src:
--------------------------------------------------------------------------------
1 | ../../zenon
--------------------------------------------------------------------------------
/doc/arqnl14/submission.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/arqnl14/submission.pdf
--------------------------------------------------------------------------------
/doc/keappa08/keappa08.dvi:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/keappa08/keappa08.dvi
--------------------------------------------------------------------------------
/doc/keappa08/keappa08.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/keappa08/keappa08.pdf
--------------------------------------------------------------------------------
/doc/keappa08/rearmatter.tex:
--------------------------------------------------------------------------------
1 | %%% -*- mode: LaTeX; TeX-master: "main.tex"; -*-
2 |
3 | \ifx\master\undefined
4 | \documentclass[a4paper]{easychair}
5 | \usepackage{submission}
6 | \begin{document}
7 | {\let\master\relax \input{frontmatter}}
8 | \fi
9 | %%%% PLEASE DO NOT EDIT ABOVE THIS LINE
10 |
11 | \bibliographystyle{plain}
12 | \bibliography{submission}
13 |
14 | %%%% PLEASE DO NOT EDIT BELOW THIS LINE
15 | \ifx\master\undefined
16 | \end{document}
17 | \fi
18 |
19 | % LocalWords: tex Paxos
20 |
--------------------------------------------------------------------------------
/doc/keappa08/section-template.tex:
--------------------------------------------------------------------------------
1 | %%% -*- mode: LaTeX; TeX-master: "main.tex"; -*-
2 |
3 | \ifx\master\undefined
4 | \documentclass[a4paper]{easychair}
5 | \usepackage{submission}
6 | \begin{document}
7 | {\let\master\relax\input{frontmatter}}
8 | \fi
9 | %%%% PLEASE DO NOT EDIT ABOVE THIS LINE
10 |
11 | \section{Section title}
12 | \label{sec:section-key}
13 |
14 | %%%% PLEASE DO NOT EDIT BELOW THIS LINE
15 | \ifx\master\undefined
16 | {\let\master\relax\input{rearmatter}}
17 | \end{document}
18 | \fi
19 |
--------------------------------------------------------------------------------
/doc/online-doc-typos.txt:
--------------------------------------------------------------------------------
1 | https://tla.msr-inria.inria.fr/tlatoolbox/doc/gettingstarted/gettingstarted.html
2 | bottom line "emergence use"
3 |
4 | https://tla.msr-inria.inria.fr/tlatoolbox/doc/gettingstarted/views.html
5 | top paragraph "Toobox"
6 |
7 |
8 |
--------------------------------------------------------------------------------
/doc/presentations/2010-ifm/Logo-INRIA-MSR.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/2010-ifm/Logo-INRIA-MSR.pdf
--------------------------------------------------------------------------------
/doc/presentations/2010-ifm/architecture.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/2010-ifm/architecture.pdf
--------------------------------------------------------------------------------
/doc/presentations/2010-ifm/figs/leslie.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/2010-ifm/figs/leslie.pdf
--------------------------------------------------------------------------------
/doc/presentations/2010-ifm/figs/tla-book-cover.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/2010-ifm/figs/tla-book-cover.jpg
--------------------------------------------------------------------------------
/doc/presentations/2010-ifm/tutoriel-Peterson/Peterson_IFM2010.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/2010-ifm/tutoriel-Peterson/Peterson_IFM2010.pdf
--------------------------------------------------------------------------------
/doc/presentations/20101123-CEA/figs/architecture.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/20101123-CEA/figs/architecture.pdf
--------------------------------------------------------------------------------
/doc/presentations/20101123-CEA/figs/leslie.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/20101123-CEA/figs/leslie.pdf
--------------------------------------------------------------------------------
/doc/presentations/20101123-CEA/figs/tla-book-cover.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/presentations/20101123-CEA/figs/tla-book-cover.jpg
--------------------------------------------------------------------------------
/doc/web/.exclude:
--------------------------------------------------------------------------------
1 | .svn
2 | *.in
3 | *.log
4 | *.thy*
5 | *.pl
6 | .exclude
7 | Makefile
8 | msr-inria-blurb.html
9 | template.html
10 |
--------------------------------------------------------------------------------
/doc/web/assets/footer.js:
--------------------------------------------------------------------------------
1 | document.write (" \n")
2 | document.write (" \n")
3 | document.write ("\n")
4 |
--------------------------------------------------------------------------------
/doc/web/assets/images/MSR_bg-global.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/MSR_bg-global.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/Windows_logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/Windows_logo.png
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-menu-1.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-menu-1.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-menu-2.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-menu-2.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-menu-3.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-menu-3.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-menu-4.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-menu-4.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-menu-last.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-menu-last.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-nav.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-nav.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-nav2.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-nav2.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-nav2ombre.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-nav2ombre.png
--------------------------------------------------------------------------------
/doc/web/assets/images/bg-nav2ombre36.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg-nav2ombre36.png
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_blockquote_side.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_blockquote_side.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_blockquote_side_small.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_blockquote_side_small.png
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_content.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_content.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_content1024.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_content1024.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_content2.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_content2.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_content2light.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_content2light.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_header.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_header.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_left.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_left.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_left_nav_on.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_left_nav_on.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_nav.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_nav.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_nav_on.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_nav_on.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_nav_on_2.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_nav_on_2.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_page.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_page.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/bg_subnav.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/bg_subnav.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/blanctransp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/blanctransp.png
--------------------------------------------------------------------------------
/doc/web/assets/images/blanctransp18.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/blanctransp18.png
--------------------------------------------------------------------------------
/doc/web/assets/images/blanctransp25.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/blanctransp25.png
--------------------------------------------------------------------------------
/doc/web/assets/images/blanctransp36.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/blanctransp36.png
--------------------------------------------------------------------------------
/doc/web/assets/images/hr.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/hr.png
--------------------------------------------------------------------------------
/doc/web/assets/images/hr2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/hr2.png
--------------------------------------------------------------------------------
/doc/web/assets/images/hr2c.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/hr2c.png
--------------------------------------------------------------------------------
/doc/web/assets/images/hr2l.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/hr2l.png
--------------------------------------------------------------------------------
/doc/web/assets/images/logo-MS-Research-Inria-Joint-Centre-Small.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/logo-MS-Research-Inria-Joint-Centre-Small.png
--------------------------------------------------------------------------------
/doc/web/assets/images/logo_linux.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/logo_linux.png
--------------------------------------------------------------------------------
/doc/web/assets/images/logo_macosx.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/logo_macosx.png
--------------------------------------------------------------------------------
/doc/web/assets/images/logo_macosx30.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/logo_macosx30.png
--------------------------------------------------------------------------------
/doc/web/assets/images/logoplusnom.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/logoplusnom.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/msrinria.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/msrinria.png
--------------------------------------------------------------------------------
/doc/web/assets/images/msrinriamed.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/msrinriamed.png
--------------------------------------------------------------------------------
/doc/web/assets/images/msrinriamedlight.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/msrinriamedlight.png
--------------------------------------------------------------------------------
/doc/web/assets/images/ombre.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/ombre.png
--------------------------------------------------------------------------------
/doc/web/assets/images/prod_cons.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/prod_cons.png
--------------------------------------------------------------------------------
/doc/web/assets/images/windows_logo_only.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/windows_logo_only.gif
--------------------------------------------------------------------------------
/doc/web/assets/images/windows_logo_only_original.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/images/windows_logo_only_original.png
--------------------------------------------------------------------------------
/doc/web/assets/screenshots/ops1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/screenshots/ops1.png
--------------------------------------------------------------------------------
/doc/web/assets/screenshots/ops1s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/screenshots/ops1s.png
--------------------------------------------------------------------------------
/doc/web/assets/screenshots/tla-mode-0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/assets/screenshots/tla-mode-0.png
--------------------------------------------------------------------------------
/doc/web/assets/template-redirect.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Community.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Community/TLA+_net.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirecting to www.tlaplus.net
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Documentation.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Publications/fm-long.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Publications/fm-long.pdf
--------------------------------------------------------------------------------
/doc/web/content/Documentation/TLA+_Hyperbook.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Documentation/TLA+_Video_Course.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/addnewspec.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/addnewspec.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/addnewspecs.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/addnewspecs.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ao0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ao0.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ao0s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ao0s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ao1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ao1.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ao1s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ao1s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ao2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ao2.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ao2s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ao2s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/name.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/name.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/names.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/names.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops2.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops2s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops2s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops3.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops3s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops3s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops4.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops4s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops4s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops5.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops5s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops5s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops6.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/ops6s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/ops6s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove1.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove1s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove1s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove2.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove2s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove2s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove3.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove3s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove3s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove4.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/prove4s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/prove4s.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/qed.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/qed.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/qeds.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/qeds.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/result.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/result.png
--------------------------------------------------------------------------------
/doc/web/content/Documentation/Tutorial/screenshots/results.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Documentation/Tutorial/screenshots/results.png
--------------------------------------------------------------------------------
/doc/web/content/Download.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirection
13 |
14 |
15 |
--------------------------------------------------------------------------------
/doc/web/content/Download/Binaries/images/logo_linux35.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Download/Binaries/images/logo_linux35.png
--------------------------------------------------------------------------------
/doc/web/content/Download/Binaries/images/logo_macosx30s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Download/Binaries/images/logo_macosx30s.png
--------------------------------------------------------------------------------
/doc/web/content/Download/Binaries/images/windows_logo_only.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/content/Download/Binaries/images/windows_logo_only.png
--------------------------------------------------------------------------------
/doc/web/content/Download/Unsupported.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 | Redirection
8 |
9 |
10 |
11 |
12 | Redirecting to
13 | ../Documentation/Unsupported_features.html
14 |
15 |
16 |
--------------------------------------------------------------------------------
/doc/web/doc/FORUM2011/poster_TLA_FORUM2011.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/doc/FORUM2011/poster_TLA_FORUM2011.jpg
--------------------------------------------------------------------------------
/doc/web/doc/FORUM2011/poster_TLA_FORUM2011.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/doc/FORUM2011/poster_TLA_FORUM2011.pdf
--------------------------------------------------------------------------------
/doc/web/doc/IFM2010/Peterson_IFM2010.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/doc/IFM2010/Peterson_IFM2010.pdf
--------------------------------------------------------------------------------
/doc/web/doc/IFM2010/tutorial.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/doc/IFM2010/tutorial.pdf
--------------------------------------------------------------------------------
/doc/web/fancybox/blank.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/blank.gif
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_close.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_close.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_loading.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_loading.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_nav_left.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_nav_left.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_nav_right.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_nav_right.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_e.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_e.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_n.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_n.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_ne.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_ne.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_nw.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_nw.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_s.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_s.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_se.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_se.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_sw.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_sw.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_shadow_w.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_shadow_w.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_title_left.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_title_left.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_title_main.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_title_main.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_title_over.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_title_over.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancy_title_right.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancy_title_right.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancybox-x.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancybox-x.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancybox-y.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancybox-y.png
--------------------------------------------------------------------------------
/doc/web/fancybox/fancybox.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/doc/web/fancybox/fancybox.png
--------------------------------------------------------------------------------
/doc/web/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
6 | Redirection
7 |
8 |
9 |
10 |
11 | Redirection
12 |
13 |
14 |
--------------------------------------------------------------------------------
/dune:
--------------------------------------------------------------------------------
1 | (data_only_dirs zenon)
2 |
--------------------------------------------------------------------------------
/examples/ByzPaxos/README.md:
--------------------------------------------------------------------------------
1 | Specification and proof of Byzantine Paxos
2 |
--------------------------------------------------------------------------------
/examples/Dekker/Dekker.cfg:
--------------------------------------------------------------------------------
1 | SPECIFICATION Sys
2 | PROPERTY Spec
3 |
--------------------------------------------------------------------------------
/examples/Makefile:
--------------------------------------------------------------------------------
1 |
2 |
3 | default:
4 | : This makefile only supports 'make clean'.
5 |
6 | clean:
7 | find . -name '*.tlaps' -o -name '*.toolbox' | xargs rm -rf
8 |
--------------------------------------------------------------------------------
/examples/cantor/Cantor1.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor1 -----------------
4 | THEOREM cantor ==
5 | \A S :
6 | \A f \in [S -> SUBSET S] :
7 | \E A \in SUBSET S :
8 | \A x \in S :
9 | f [x] # A
10 | PROOF
11 | <1>1. TAKE S
12 | <1>2. TAKE f \in [S -> SUBSET S]
13 | <1>3. DEFINE T == { z \in S : z \notin f[z] }
14 | <1>4. WITNESS T \in SUBSET S
15 | <1>5. TAKE x \in S
16 | <1>6. QED BY x \in T \/ x \notin T
17 | ===============================================
18 |
--------------------------------------------------------------------------------
/examples/cantor/Cantor5.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor5 ------------------
4 | THEOREM cantor ==
5 | \A S, f :
6 | \E A \in SUBSET S :
7 | \A x \in S :
8 | f [x] # A
9 | <1>1. ASSUME NEW S, NEW f
10 | PROVE \E A \in SUBSET S : \A x \in S : f[x] # A
11 | <2> WITNESS { z \in S : z \notin f[z] } \in SUBSET S
12 | <2> QED OBVIOUS
13 | <1> QED BY <1>1
14 | ===============================================
15 |
--------------------------------------------------------------------------------
/examples/cantor/Cantor6.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor6 ------------------
4 | THEOREM cantor ==
5 | \A S, f :
6 | \E A \in SUBSET S :
7 | \A x \in S :
8 | f [x] # A
9 | <1> TAKE S
10 | <1> TAKE f
11 | <1> WITNESS { z \in S : z \notin f[z] } \in SUBSET S
12 | <1> QED OBVIOUS
13 | ===============================================
14 |
--------------------------------------------------------------------------------
/examples/cantor/Cantor7.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor7 ------------------
4 | THEOREM cantor ==
5 | \A S, f :
6 | \E A \in SUBSET S :
7 | \A x \in S :
8 | f [x] # A
9 | <1> SUFFICES
10 | ASSUME NEW S, NEW f
11 | PROVE \E A \in SUBSET S : \A x \in S : f[x] # A
12 | OBVIOUS
13 | <1> WITNESS { z \in S : z \notin f[z] } \in SUBSET S
14 | <1> QED OBVIOUS
15 | ===============================================
16 |
--------------------------------------------------------------------------------
/examples/cantor/Cantor9.tla:
--------------------------------------------------------------------------------
1 | -------------- MODULE Cantor9 --------------
2 |
3 | Range (f) == { f[x] : x \in DOMAIN f }
4 |
5 | Surj (f, S) == S \subseteq Range (f)
6 |
7 | THEOREM Cantor ==
8 | ~ \E f : Surj (f, SUBSET (DOMAIN f))
9 | <1>1. SUFFICES ASSUME \E f : Surj (f, SUBSET (DOMAIN f))
10 | PROVE FALSE
11 | OBVIOUS
12 | <1>. PICK f : Surj (f, SUBSET (DOMAIN f))
13 | BY <1>1!1!1
14 | <1>3. ~ Surj (f, SUBSET (DOMAIN f))
15 | <2>1. DEFINE D == {x \in DOMAIN f : x \notin f[x]}
16 | <2>2. D \in SUBSET (DOMAIN f) OBVIOUS
17 | <2>3. D \notin Range (f) BY DEF Range
18 | <2>4. QED BY <2>2, <2>3 DEF Surj
19 | <1>4. QED BY <1>3
20 |
21 | ====
22 |
--------------------------------------------------------------------------------
/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
6 | Redirection
7 |
8 |
9 |
10 |
11 | Redirection
12 |
13 |
14 |
--------------------------------------------------------------------------------
/isabelle/.gitignore:
--------------------------------------------------------------------------------
1 | output/
2 | *~
3 | *#
4 |
--------------------------------------------------------------------------------
/isabelle/Constant.thy:
--------------------------------------------------------------------------------
1 | (* Title: TLA+/Constant.thy
2 | Author: Stephan Merz, LORIA
3 | Copyright (C) 2008-2024 INRIA and Microsoft Corporation
4 | License: BSD
5 | Version: Isabelle2024
6 | *)
7 |
8 | section \ Main theory for constant-level Isabelle/\tlaplus{} \
9 |
10 | theory Constant
11 | imports IntegerDivision CaseExpressions Strings
12 | begin
13 |
14 | text \
15 | This is just an umbrella for the component theories.
16 | \
17 |
18 |
19 | end
20 |
--------------------------------------------------------------------------------
/isabelle/ROOT:
--------------------------------------------------------------------------------
1 | (* See also Makefile. *)
2 | chapter "TLA+"
3 | session "TLA+" = "Pure" +
4 | options [document_output = "output", document_variants="document:outline=/proof"]
5 |
6 | theories
7 | Constant (global)
8 | Zenon (global)
9 | (* NewSMT (global) *)
10 |
11 | document_files
12 | "root.tex"
13 |
14 | session "TLA+Tests" in tests = "TLA+" +
15 | options [document=false]
16 | theories
17 | Tests
18 |
19 | session "TLA+Examples" in examples = "TLA+" +
20 | options [document_output = "output", document_variants="document:outline=/proof"]
21 |
22 | theories
23 | Allocator
24 | AtomicBakeryG
25 |
26 | document_files
27 | "root.tex"
28 |
--------------------------------------------------------------------------------
/isabelle/dune:
--------------------------------------------------------------------------------
1 | ; We use the promoted version of the Isabelle here to have proper file permissions.
2 | ; The promoted version is in the source tree, which is located based on ${DUNE_SOURCEROOT} environment variable.
3 | ; We assume the project will be built before running the tests, otherwise the Isabelle is always rebuilt.
4 |
5 | (rule
6 | (alias runtest)
7 | (deps
8 | (source_tree ".")
9 | (sandbox none))
10 | (action
11 | (run make -f dune.mk runtest)))
12 |
13 | (data_only_dirs document examples tests)
14 |
--------------------------------------------------------------------------------
/isabelle/dune.mk:
--------------------------------------------------------------------------------
1 | ##
2 | ## This Makefile is called from the dune script.
3 | ## We call the Isabelle via make to avoid dune attempts to
4 | ## find a rule for building $(ISABELLE). It is already built.
5 | ##
6 |
7 | ISABELLE_TEST=../deps/isabelle/Isabelle-test
8 | ISABELLE=$(ISABELLE_TEST)/bin/isabelle
9 |
10 | runtest:
11 | $(ISABELLE) build -o document=false -o browser_info=false -c -v -D .
12 |
--------------------------------------------------------------------------------
/library/dune:
--------------------------------------------------------------------------------
1 | (install
2 | (section
3 | (site
4 | (tlapm stdlib)))
5 | (files
6 | (glob_files "*.tla")))
7 |
--------------------------------------------------------------------------------
/lsp/bin/dune:
--------------------------------------------------------------------------------
1 | (executable
2 | (name tlapm_lsp)
3 | (public_name tlapm_lsp)
4 | (optional) ; Only build, if eio is available, which is only the case for ocaml > 5.
5 | (enabled_if
6 | (>= %{ocaml_version}, "5.0.0"))
7 | (libraries tlapm_lsp_lib eio_main cmdliner))
8 |
--------------------------------------------------------------------------------
/lsp/bin/tlapm_lsp.mli:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/lsp/bin/tlapm_lsp.mli
--------------------------------------------------------------------------------
/lsp/doc/proof_step_rename.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/lsp/doc/proof_step_rename.gif
--------------------------------------------------------------------------------
/lsp/doc/proof_step_renumber.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/lsp/doc/proof_step_renumber.gif
--------------------------------------------------------------------------------
/lsp/lib/analysis/step_renumber.mli:
--------------------------------------------------------------------------------
1 | open Tlapm_lib
2 |
3 | module StepInfo : sig
4 | type t = {
5 | name : string;
6 | target_name : string;
7 | level : int;
8 | prefix_len : int;
9 | ranges : Range.t list;
10 | }
11 | [@@deriving show]
12 | end
13 |
14 | val find_ranges : Range.t -> Module.T.mule -> StepInfo.t list
15 |
--------------------------------------------------------------------------------
/lsp/lib/const.ml:
--------------------------------------------------------------------------------
1 | let diagnostic_source = "TLAPM"
2 |
--------------------------------------------------------------------------------
/lsp/lib/const.mli:
--------------------------------------------------------------------------------
1 | val diagnostic_source : string
2 |
--------------------------------------------------------------------------------
/lsp/lib/docs/doc.mli:
--------------------------------------------------------------------------------
1 | (** Represents a document identified by its uri. It can contain multiple
2 | versions and all the related info. *)
3 |
4 | open Util
5 |
6 | type t
7 |
8 | val make : LspT.DocumentUri.t -> Doc_vsn.t -> Util.parser_fun -> t
9 | val with_parser : t -> Util.parser_fun -> t
10 | val add : t -> Doc_vsn.t -> t
11 | val latest_vsn : t -> int
12 | val set_actual_vsn : t -> int -> t option
13 | val with_actual : t -> (t -> Doc_actual.t -> t * Doc_actual.t * 'a) -> t * 'a
14 |
--------------------------------------------------------------------------------
/lsp/lib/docs/doc_proof_res.mli:
--------------------------------------------------------------------------------
1 | (** Proof results of a document. Includes the errors returned from the prover as
2 | well as all the proof steps with their current state. *)
3 |
4 | open Util
5 | open Prover
6 |
7 | type t
8 |
9 | val make : Toolbox.tlapm_notif list -> Proof_step.t option -> t
10 | val empty : t
11 | val as_lsp : t -> LspT.Diagnostic.t list * Structs.TlapsProofStepMarker.t list
12 |
--------------------------------------------------------------------------------
/lsp/lib/docs/doc_vsn.ml:
--------------------------------------------------------------------------------
1 | type t = {
2 | text : string; (* Contents of the file at the specific version. *)
3 | version : int;
4 | }
5 |
6 | let make txt vsn = { text = txt; version = vsn }
7 | let text tv = tv.text
8 | let version tv = tv.version
9 | let diff_pos a b = Range.first_diff_pos a.text b.text
10 |
--------------------------------------------------------------------------------
/lsp/lib/docs/doc_vsn.mli:
--------------------------------------------------------------------------------
1 | (** Versions that are collected after the last prover launch or client asks for
2 | diagnostics. We store some limited number of versions here, just to cope
3 | with async events from the client. *)
4 |
5 | type t
6 |
7 | val make : string -> int -> t
8 | val text : t -> string
9 | val version : t -> int
10 | val diff_pos : t -> t -> Range.Position.t
11 |
--------------------------------------------------------------------------------
/lsp/lib/docs/proof_status.mli:
--------------------------------------------------------------------------------
1 | open Prover
2 |
3 | type t = Proved | Failed | Omitted | Missing | Pending | Progress
4 | [@@deriving show]
5 |
6 | val of_tlapm_obl_state : Toolbox.tlapm_obl_state -> t
7 | val to_string : t -> string
8 | val to_message : t -> string
9 | val to_order : t -> int
10 | val of_order : int -> t
11 | val bot : t
12 | val top : t
13 | val min : t -> t -> t
14 | val max : t -> t -> t
15 | val yojson_of_t : t -> Yojson.Safe.t
16 |
17 | val is_diagnostic : t -> bool
18 | (** Returns true, if this state should be shown as a diagnostic. *)
19 |
--------------------------------------------------------------------------------
/lsp/lib/dune:
--------------------------------------------------------------------------------
1 | (library
2 | (name tlapm_lsp_lib)
3 | (optional) ; Only build, if eio is available, which is only the case for ocaml > 5.
4 | (enabled_if
5 | (>= %{ocaml_version}, "5.0.0"))
6 | (libraries tlapm_lib lsp eio_main dune-build-info re2)
7 | (inline_tests
8 | (deps "../test/tlapm_mock.sh" "../../src/tlapm.exe")
9 | ; (flags -only-test docs/proof_step.ml -verbose)
10 | )
11 | (preprocess
12 | (pps ppx_inline_test ppx_deriving.show)))
13 |
14 | (include_subdirs qualified)
15 |
--------------------------------------------------------------------------------
/lsp/lib/parser/parser.ml:
--------------------------------------------------------------------------------
1 | let module_of_string ~content ~filename ~loader_paths =
2 | match
3 | Tlapm_lib.modctx_of_string ~content ~filename ~loader_paths
4 | ~prefer_stdlib:true
5 | with
6 | | Ok (_mcx, mule) -> Ok mule
7 | | Error err -> Error err
8 |
--------------------------------------------------------------------------------
/lsp/lib/parser/parser.mli:
--------------------------------------------------------------------------------
1 | (** Responsible for parsing the TLA+ documents.
2 |
3 | TODO: SANY integration should be added here as well. *)
4 |
5 | val module_of_string :
6 | content:string ->
7 | filename:string ->
8 | loader_paths:string list ->
9 | (Tlapm_lib.Module.T.mule, string option * string) result
10 |
--------------------------------------------------------------------------------
/lsp/lib/server/codec.mli:
--------------------------------------------------------------------------------
1 | (** Here we construct a decoder/encoder for the LSP protocol on top of Eio
2 | flows. We use the lsp module from the ocaml-lsp server and configure it to
3 | run over Eio. *)
4 |
5 | type trace_fun = string -> unit
6 | type input_chan = Eio.Buf_read.t * trace_fun
7 | type output_chan = Eio.Buf_write.t * trace_fun
8 |
9 | val read : input_chan -> (Jsonrpc.Packet.t option, exn) result
10 | val write : output_chan -> Jsonrpc.Packet.t -> (unit, exn) result
11 |
--------------------------------------------------------------------------------
/lsp/lib/server/server.mli:
--------------------------------------------------------------------------------
1 | (** Here we serve the LSP RPC over TCP. This module contains only the generic
2 | server-related functions. *)
3 |
4 | type transport = Stdio | Socket of int
5 |
6 | val run :
7 | transport -> bool -> Eio_unix.Stdenv.base -> string Eio.Std.Promise.t -> unit
8 |
--------------------------------------------------------------------------------
/lsp/lib/server/session.mli:
--------------------------------------------------------------------------------
1 | (** State of a single session/connection with the LSP client. *)
2 |
3 | open Prover
4 | module LspT := Lsp.Types
5 |
6 | type doc_ref = LspT.DocumentUri.t * int * int
7 |
8 | type events =
9 | | LspEOF
10 | | LspPacket of Jsonrpc.Packet.t
11 | | TlapmEvent of doc_ref * Toolbox.Msg.t
12 | | TimerTick
13 |
14 | val run :
15 | (unit -> events) ->
16 | (events -> unit) ->
17 | (Jsonrpc.Packet.t option -> unit) ->
18 | Eio.Switch.t ->
19 | Eio__.Fs.dir_ty Eio.Path.t ->
20 | Eio_unix.Process.mgr_ty Eio.Process.mgr ->
21 | unit
22 |
--------------------------------------------------------------------------------
/lsp/lib/tlapm_lsp_lib.ml:
--------------------------------------------------------------------------------
1 | module Server = Server
2 |
--------------------------------------------------------------------------------
/lsp/lib/tlapm_lsp_lib.mli:
--------------------------------------------------------------------------------
1 | module Server : sig
2 | type transport = Stdio | Socket of int
3 |
4 | val run :
5 | transport ->
6 | bool ->
7 | Eio_unix.Stdenv.base ->
8 | string Eio.Std.Promise.t ->
9 | unit
10 | end
11 |
--------------------------------------------------------------------------------
/lsp/test/test_obl_expand.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE test_obl_expand ----
2 | EXTENDS FiniteSetTheorems
3 | THEOREM FALSE
4 | <1>1. TRUE OBVIOUS
5 | <1>2. TRUE
6 | <1>3. TRUE
7 | <1>q. QED BY <1>1, <1>2, <1>3
8 | THEOREM FALSE
9 | <1>q. QED
10 | <2>1. TRUE
11 | <2>q. QED BY <2>1
12 | ----- MODULE sub ------
13 | VARIABLE X
14 | LEMMA X = X
15 | =======================
16 | ====
17 |
--------------------------------------------------------------------------------
/lsp/test/test_use.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE test_use ----
2 | op == TRUE
3 | USE DEF op
4 | USE TRUE
5 | USE FALSE
6 | HIDE TRUE
7 | THEOREM TRUE
8 | <1> USE TRUE
9 | <1> USE FALSE
10 | <1> HIDE TRUE
11 | <1> QED
12 | ====
13 |
--------------------------------------------------------------------------------
/misc/tla_mode/dune:
--------------------------------------------------------------------------------
1 | (install
2 | (section lib)
3 | (files
4 | ("tla-mode.el" as "emacs/tla-mode/tla-mode.el")))
5 |
--------------------------------------------------------------------------------
/src/abstractor.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011 INRIA and Microsoft Corporation *)
2 | val abstract: (Expr.T.expr -> bool) -> Expr.T.expr -> Expr.T.expr
3 |
--------------------------------------------------------------------------------
/src/alexer.mli:
--------------------------------------------------------------------------------
1 | (* Lexer interface.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open Pars
6 | open Tla_parser
7 |
8 |
9 | (** Lex a channel *)
10 | val lex_channel:
11 | string -> Stdlib.in_channel ->
12 | Token.token LazyList.t * Loc.locus
13 |
14 | (** Main lexing function *)
15 | val lex:
16 | string -> Token.token LazyList.t * Loc.locus
17 |
18 | (** For debugging: lexing function that takes a string as input.
19 | NOTE: does not handle the beginning-of-file stuff.
20 | *)
21 | val lex_string:
22 | ?fn:string -> string -> Token.token LazyList.t * Loc.locus
23 |
--------------------------------------------------------------------------------
/src/backend.ml:
--------------------------------------------------------------------------------
1 | (* Communication to external solvers.
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 | module Types = Types
6 | module Toolbox = Toolbox
7 | module Zenon = Zenon
8 | module Fingerprints = Fingerprints
9 | module Fpfile = Fpfile
10 | module Smtlib = Smtlib
11 | module Prep = Prep
12 | module Interrupted = Interrupted
13 |
--------------------------------------------------------------------------------
/src/backend/fingerprints.mli:
--------------------------------------------------------------------------------
1 | (* Computing fingerprints of proof obligations.
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 |
6 | (* tlapm.ml *)
7 | val write_fingerprint:
8 | Proof.T.obligation -> Proof.T.obligation
9 |
--------------------------------------------------------------------------------
/src/backend/interrupted.ml:
--------------------------------------------------------------------------------
1 | let state = Atomic.make false
2 | let is_interrupted () = Atomic.get state
3 | let mark_interrupted () = Atomic.exchange state true
4 |
--------------------------------------------------------------------------------
/src/backend/interrupted.mli:
--------------------------------------------------------------------------------
1 | val is_interrupted : unit -> bool
2 | val mark_interrupted : unit -> bool
3 |
--------------------------------------------------------------------------------
/src/backend/ls4.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011 INRIA and Microsoft Corporation *)
2 | val pp_print_obligation:
3 | Format.formatter -> Proof.T.obligation -> unit
4 |
--------------------------------------------------------------------------------
/src/backend/smt.mli:
--------------------------------------------------------------------------------
1 | (* Interface to SMT solver.
2 |
3 | Created by Hernán Vanzetto on 9 Dec 2013.
4 | Copyright (c) 2013 INRIA and Microsoft Corporation
5 | *)
6 | val encode_smtlib:
7 | ?solver:string ->
8 | Format.formatter -> Proof.T.obligation -> unit
9 | val encode_fof:
10 | Format.formatter -> Proof.T.obligation -> unit
11 |
12 |
13 | (*
14 | type smt_logic =
15 | | AUFNIRA
16 | | UFNIA
17 |
18 | val to_string: smt_logic -> string
19 |
20 | val pp_print_obligation:
21 | ?solver:string -> ?logic:smt_logic ->
22 | Format.formatter -> Proof.T.obligation -> unit
23 | *)
24 |
--------------------------------------------------------------------------------
/src/backend/smtlib.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * backend/smtlib.ml --- direct translation to SMT-LIB
3 | *
4 | *
5 | * Copyright (C) 2022 INRIA and Microsoft Corporation
6 | *)
7 |
8 | (** Replacement strings for special characters.
9 | Shared with module Thf *)
10 | val repls : (char * string) list
11 |
12 | (** Print in SMT-LIB format a sequent reduced to first-order logic
13 | without TLA+ primitives
14 | *)
15 | val pp_print_obligation : ?solver:string -> Format.formatter -> Proof.T.obligation -> unit;;
16 |
17 |
--------------------------------------------------------------------------------
/src/backend/smtlib.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/backend/thf.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * backend/thf.ml --- translation to TPTP/THF
3 | *
4 | *
5 | * Copyright (C) 2022 INRIA and Microsoft Corporation
6 | *)
7 |
8 | (** Print in THF format a sequent (possibly higher-order)
9 | without TLA+ primitives
10 | *)
11 | val pp_print_obligation : ?solver:string -> Format.formatter -> Proof.T.obligation -> unit;;
12 |
13 |
--------------------------------------------------------------------------------
/src/backend/thf.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/backend/types.ml:
--------------------------------------------------------------------------------
1 | (* Backend types.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open Proof.T
6 |
7 |
8 | type reason =
9 | | False
10 | | Timeout
11 | | Cantwork of string
12 |
13 |
14 | type status_type_aux6 =
15 | | RSucc
16 | | RFail of reason option
17 | | RInt
18 |
19 |
20 | type status_type6 =
21 | | Triv
22 | | NTriv of status_type_aux6 * Method.t
23 |
24 |
25 | type package = {
26 | final_form: obligation;
27 | log: string list;
28 | proof: string;
29 | results: status_type6 list;
30 | }
31 |
--------------------------------------------------------------------------------
/src/backend/types.mli:
--------------------------------------------------------------------------------
1 | (* Backend types.
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 | type reason =
6 | | False
7 | | Timeout
8 | | Cantwork of string
9 | type status_type_aux6 =
10 | | RSucc
11 | | RFail of reason option
12 | | RInt
13 | type status_type6 =
14 | | Triv
15 | | NTriv of
16 | status_type_aux6 * Method.t
17 | type package = {
18 | final_form: Proof.T.obligation;
19 | (* print_form: Proof.T.obligation; *)
20 | log: string list;
21 | proof: string;
22 | results: status_type6 list}
23 |
--------------------------------------------------------------------------------
/src/backend/zenon.mli:
--------------------------------------------------------------------------------
1 | (* Interface to Zenon.
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 | val pp_print_obligation:
6 | Format.formatter -> Proof.T.obligation -> unit
7 |
--------------------------------------------------------------------------------
/src/dumpfp.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2011 INRIA and Microsoft Corporation
3 | *)
4 | val dump: Obj.t -> int -> unit
5 |
--------------------------------------------------------------------------------
/src/encode.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 | (* Packaging module for the modules that implement PO transformations *)
6 |
7 | module Rewrite = N_rewrite
8 | module Table = N_table
9 | module Smb = N_smb
10 | module Standardize = N_standardize
11 | module Axiomatize = N_axiomatize
12 | module Flatten = N_flatten
13 |
14 |
--------------------------------------------------------------------------------
/src/encode.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_axiomatize.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_axioms.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_data.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_flatten.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_rewrite.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_smb.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_standardize.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_subst.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * encode/subst.ml --- expressions (substitution)
3 | *
4 | *
5 | * Copyright (C) 2022 INRIA and Microsoft Corporation
6 | *)
7 |
8 | open Property
9 | open Expr.T
10 | open Expr.Subst
11 |
12 | class map_encode = object (self: 'self)
13 | inherit map as super
14 |
15 | method expr scx oe =
16 | begin
17 | match oe.core with
18 | | Apply (op, []) ->
19 | self#expr scx op $$ oe
20 | | _ ->
21 | super#expr scx oe
22 |
23 | end |> map_pats (List.map (self#expr scx))
24 |
25 | end
26 |
27 | let subst = new map_encode
28 |
--------------------------------------------------------------------------------
/src/encode/n_subst.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * encode/subst.ml --- substitutions
3 | *
4 | *
5 | * Copyright (C) 2022 INRIA and Microsoft Corporation
6 | *)
7 |
8 | open Expr.T
9 | open Expr.Subst
10 |
11 | (** A modified version of substitution for the {!Encode} package *)
12 | val subst : map
13 | (** Substitutions are applied to SMT patterns.
14 | Applications to 0 arguments are normalized in such a way that annotations
15 | are no longer discarded.
16 | *)
17 |
--------------------------------------------------------------------------------
/src/encode/n_subst.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/encode/n_table.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/expr/e_anon.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * expr/anon.mli --- expressions (anonymization)
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | open E_t
9 |
10 | val hyp_is_named: string -> hyp -> bool
11 |
12 | class anon: [string list] E_visit.map
13 |
14 | val anon: anon
15 |
--------------------------------------------------------------------------------
/src/expr/e_collect.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2008-2013 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/expr/e_constness.mli:
--------------------------------------------------------------------------------
1 | (* Detect constant operators.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open E_t
6 | open E_visit
7 |
8 |
9 | (* returns the const value of the term *)
10 | val is_const : 'a Property.wrapped -> bool
11 | (* checks if const was already computed for this term *)
12 | val has_const : 'a Property.wrapped -> bool
13 |
14 | class virtual const_visitor : [unit] E_visit.map
15 |
--------------------------------------------------------------------------------
/src/expr/e_deref.mli:
--------------------------------------------------------------------------------
1 | (* Dereferencing subexpression references.
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 | open E_t
6 |
7 |
8 | val resolve_bang:
9 | hyp Deque.dq -> expr ->
10 | expr list -> sel list -> expr
11 | val is_badexp: expr -> bool
12 | val badexp: expr
13 |
--------------------------------------------------------------------------------
/src/expr/e_elab.mli:
--------------------------------------------------------------------------------
1 | (* Elaborate expressions
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open Deque
6 | open E_t
7 |
8 | val desugar : (string list E_visit.scx -> expr -> expr) ->
9 | (string list E_visit.scx -> expr -> expr) ->
10 | string list E_visit.scx -> expr -> expr
11 |
12 | (* moved to action frontend *)
13 | (* val prime_normalize : hyp Deque.dq -> expr -> expr *)
14 | val normalize : hyp Deque.dq -> expr -> expr
15 |
16 | val replace_at : unit E_visit.scx -> expr -> expr -> expr
17 | val get_at : expr -> expr
18 |
--------------------------------------------------------------------------------
/src/expr/e_eq.mli:
--------------------------------------------------------------------------------
1 | (* Equality of expressions up to alpha-equivalence.
2 |
3 | When comparing expressions, this module
4 | does not take into account any annotations
5 | of the syntax-tree nodes.
6 |
7 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
8 | *)
9 | open E_t
10 |
11 |
12 | val expr : expr -> expr -> bool
13 | val exprs : expr list -> expr list -> bool
14 | val bounds : bound list -> bound list -> bool
15 | val bound : bound -> bound -> bool
16 | val defns : defn list -> defn list -> bool
17 | val defn : defn -> defn -> bool
18 | val sequent : sequent -> sequent -> bool
19 | val hyp : hyp -> hyp -> bool
20 | val instance : instance -> instance -> bool
21 |
--------------------------------------------------------------------------------
/src/expr/e_leibniz.mli:
--------------------------------------------------------------------------------
1 | (* Detect Leibniz positions in operators.
2 |
3 | Copyright (C) 2008-2014 INRIA and Microsoft Corporation
4 | *)
5 | open E_t
6 | open E_visit
7 |
8 |
9 | val is_leibniz: 'a Property.wrapped -> int -> bool
10 |
11 | class virtual leibniz_visitor: [unit] E_visit.map
12 |
--------------------------------------------------------------------------------
/src/expr/e_substitutive.mli:
--------------------------------------------------------------------------------
1 | (* Compute substitutivity information. *)
2 | open Property
3 |
4 | open E_t
5 |
6 |
7 | type substitutive_args = bool array
8 |
9 |
10 | val substitutive_arg: substitutive_args pfuncs
11 | val has_substitutive: 'a Property.wrapped -> bool
12 | val get_substitutive: 'a Property.wrapped -> substitutive_args
13 | val get_substitutive_arg: 'a Property.wrapped -> int -> bool
14 |
15 | val compute_subst: ctx -> expr -> expr
16 |
--------------------------------------------------------------------------------
/src/expr/e_temporal_props.mli:
--------------------------------------------------------------------------------
1 | (* Functions for checking temporal properties.
2 |
3 | Copyright (C) 2013 INRIA and Microsoft Corporation
4 | *)
5 | val box_closure : E_t.hyp Deque.dq -> E_t.expr -> bool
6 | val diamond_closure : E_t.hyp Deque.dq -> E_t.expr -> bool
7 | val compute_time : E_t.hyp Deque.dq -> E_t.expr -> E_t.time
8 | val check_time_change : E_t.hyp Deque.dq -> E_t.time -> E_t.time
9 |
--------------------------------------------------------------------------------
/src/expr/e_tla_norm.mli:
--------------------------------------------------------------------------------
1 | (* A set of normalization functions for expanding TLA built-in formulas.
2 |
3 | Copyright (C) 2013 INRIA and Microsoft Corporation
4 | *)
5 | val rewrite_unch : E_t.expr -> E_t.expr
6 | val expand_unchanged : unit E_visit.scx -> E_t.expr -> E_t.expr
7 | val expand_action : unit E_visit.scx -> E_t.expr -> E_t.expr
8 | val expand_leadsto : unit E_visit.scx -> E_t.expr -> E_t.expr
9 | val expand_fairness : unit E_visit.scx -> E_t.expr -> E_t.expr
10 |
--------------------------------------------------------------------------------
/src/expr/e_tuply_declarations.mli:
--------------------------------------------------------------------------------
1 | (* Translation of tuple declarations to simpler expressions.
2 |
3 | Example of a tuply declaration:
4 |
5 | ```tla
6 | \E <> \in A \X B: x = y
7 | ```
8 | *)
9 | open E_t
10 |
11 |
12 | val expand_tuply_declarations:
13 | expr -> expr
14 | val tuplify_functions:
15 | expr -> expr
16 |
--------------------------------------------------------------------------------
/src/expr/e_tuply_declarations.mlt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/src/expr/e_tuply_declarations.mlt
--------------------------------------------------------------------------------
/src/frontend/action.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * The action frontend is responsible on transforming obligations containing
3 | * actions to purely first-order obligations
4 | * Copyright (C) 2013 INRIA and Microsoft Corporation
5 | *)
6 |
7 | val process_obligation : Proof.T.obligation -> Proof.T.obligation
8 |
--------------------------------------------------------------------------------
/src/frontend/coalesce.mli:
--------------------------------------------------------------------------------
1 | (* Coalescing of formulas.
2 |
3 | Coalescing transforms a formula to
4 | a satisfying-equivalent formula.
5 | Coalescing non-Leibniz formulas into
6 | Leibniz formulas. The resulting
7 | formulas can then be used in
8 | first-order theorem provers.
9 |
10 | Copyright (C) 2013 INRIA and Microsoft Corporation
11 | *)
12 | open Expr.T
13 |
14 |
15 | val coalesce: ctx -> expr -> expr
16 | val coalesce_modal: ctx -> expr -> expr
17 | val coalesce_apply: ctx -> expr -> expr
18 | val rename_with_loc: ctx -> expr -> expr
19 |
--------------------------------------------------------------------------------
/src/frontend/pltl.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2013 INRIA and Microsoft Corporation
3 | *)
4 |
5 | val process_obligation : Proof.T.obligation -> Proof.T.obligation
6 |
--------------------------------------------------------------------------------
/src/frontend/symbol_commute.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2014 INRIA and Microsoft Corporation
3 | *)
4 |
5 | open Expr.T
6 | open Expr.Visit
7 |
8 | module OrderedSymbol :
9 | sig type t = expr val compare : expr -> expr -> int
10 | end
11 |
12 | module SymbolMap : Map.S with type key = OrderedSymbol.t
13 |
14 | val symbol_commute : (unit Expr.Visit.map * (expr -> expr)) SymbolMap.t -> expr -> expr;;
15 |
16 |
--------------------------------------------------------------------------------
/src/global/intermediate.mli:
--------------------------------------------------------------------------------
1 | (* Intermediate syntax-tree transformations.
2 |
3 | These transformations are applicable
4 | before conversion of identifiers to
5 | positional indices.
6 |
7 | The expansions include:
8 | - expansion of tuply declarations
9 | *)
10 | type mule = Module.T.mule
11 |
12 |
13 | val expand:
14 | mule -> mule
15 |
--------------------------------------------------------------------------------
/src/isabelle_keywords.mli:
--------------------------------------------------------------------------------
1 | (* Keywords of Isabelle.
2 |
3 | The implementation file (`.ml`) that corresponds to
4 | this interface file (`.mli`) is automatically generated.
5 |
6 | Copyright (C) 2012 INRIA and Microsoft Corporation
7 | *)
8 | val v: string list
9 |
--------------------------------------------------------------------------------
/src/isabelle_keywords_update.py:
--------------------------------------------------------------------------------
1 | """Generate OCaml list of Isabelle keywords.
2 |
3 | This script reads the output of the invocation:
4 | isabelle outer_keywords Pure > isabelle_keywords.txt
5 | The script `outer_keywords.scala` is present in this directory,
6 | and contains its installation and usage documentation.
7 | """
8 | infile = 'isabelle_keywords.txt'
9 |
10 |
11 | def main():
12 | with open(infile, 'r') as f:
13 | text = f.read()
14 | for line in text.split('\n'):
15 | s = '"{line}";'.format(line=line)
16 | if not s:
17 | continue
18 | print(s)
19 |
20 |
21 | if __name__ == '__main__':
22 | main()
23 |
--------------------------------------------------------------------------------
/src/method_old.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2011 INRIA and Microsoft Corporation
3 | *)
4 |
5 | (* backend/types.mli *)
6 | type t =
7 | | Isabelle of string
8 | | Zenon of zenon
9 | | Smt
10 | | Yices
11 | | Z3
12 | | Cooper
13 | | Sorry
14 | and zenon = {
15 | zenon_timeout : float;
16 | zenon_fallback : t;
17 | }
18 | type status_type =
19 | | Trivial
20 | | BeingProved
21 | | Success of t
22 | | Fail of t
23 | | Checked
24 | | Interrupted of t
25 |
26 | (* fingerprints.ml *)
27 | val pp_print_tactic_fp: Format.formatter -> t -> unit
28 |
--------------------------------------------------------------------------------
/src/method_prs.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2011 INRIA and Microsoft Corporation
3 | *)
4 | val read_method: (Tla_parser.pcx, Method.t) Tla_parser.P.prs lazy_t
5 |
--------------------------------------------------------------------------------
/src/module.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2011 INRIA and Microsoft Corporation
3 | *)
4 | module T = M_t
5 | module Fmt = M_fmt
6 | module Gen = M_gen
7 | module Elab = M_elab
8 | module Standard = M_standard
9 | module Flatten = M_flatten
10 | module Dep = M_dep
11 | module Parser = M_parser
12 | module Save = M_save
13 | module Globalness = M_globalness
14 | module Subst = M_subst
15 | module Visit = M_visit
16 |
--------------------------------------------------------------------------------
/src/module/m_dep.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2011 INRIA and Microsoft Corporation
3 | *)
4 | open Util.Coll
5 |
6 | open M_t
7 |
8 |
9 | (* module/save.ml *)
10 | val external_deps: mule_ Property.wrapped ->
11 | Hs.t * Hs.t * mule Sm.t
12 | (* tlapm.ml *)
13 | val schedule: modctx -> modctx * mule list
14 |
--------------------------------------------------------------------------------
/src/module/m_elab.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * module/m_elab.mli --- module elaboration
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 | open Deque
8 | open Expr.T
9 | open Expr.Visit
10 |
11 | open M_t
12 |
13 |
14 | val normalize:
15 | modctx -> Expr.T.ctx -> mule ->
16 | modctx * mule * summary
17 |
--------------------------------------------------------------------------------
/src/module/m_flatten.mli:
--------------------------------------------------------------------------------
1 | (* Flatten modules (i.e., remove `EXTENDS` statements).
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 | open M_t
6 |
7 |
8 | val flatten:
9 | modctx -> mule -> Util.Coll.Ss.t ->
10 | (mule_ Property.wrapped * Util.Coll.Ss.t)
11 |
--------------------------------------------------------------------------------
/src/module/m_fmt.mli:
--------------------------------------------------------------------------------
1 | (* Formatting of modules.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open Ctx
6 | open M_t
7 |
8 |
9 | val pp_print_modunit:
10 | ?force:bool -> Expr.Fmt.ctx ->
11 | Format.formatter -> modunit -> Expr.Fmt.ctx
12 | val pp_print_module:
13 | ?force:bool -> Expr.Fmt.ctx ->
14 | Format.formatter -> mule -> unit
15 | val pp_print_modctx:
16 | Format.formatter -> modctx -> unit
17 | val summary: mule -> unit
18 |
--------------------------------------------------------------------------------
/src/module/m_gen.mli:
--------------------------------------------------------------------------------
1 | (* Generation of proof obligations.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open Proof.T
6 | open M_t
7 |
8 |
9 | val generate:
10 | Expr.T.hyp Deque.dq -> mule ->
11 | mule * obligation list * summary
12 | val collect_usables: mule -> usable option
13 |
--------------------------------------------------------------------------------
/src/module/m_globalness.mli:
--------------------------------------------------------------------------------
1 | (* Detect global operators.
2 |
3 | Copyright (C) 2008-2013 INRIA and Microsoft Corporation
4 | *)
5 | open M_t
6 |
7 |
8 | val is_global: 'a Property.wrapped -> bool
9 | val globalness: mule -> mule
10 |
--------------------------------------------------------------------------------
/src/module/m_parser.mli:
--------------------------------------------------------------------------------
1 | (* Parsing of modules.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open Tla_parser
6 | open M_t
7 |
8 |
9 | val parse: mule lprs
10 |
--------------------------------------------------------------------------------
/src/module/m_save.mli:
--------------------------------------------------------------------------------
1 | (* Writing and loading of modules.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open M_t
6 |
7 | type module_content = Channel of in_channel | String of string | Filesystem
8 |
9 | val module_content_prop : module_content Property.pfuncs
10 | val parse_file : ?clock:Timing.clock -> Util.hint -> mule
11 | val store_module : ?clock:Timing.clock -> mule -> unit
12 | val complete_load : ?clock:Timing.clock -> ?root:string -> modctx -> modctx
13 |
--------------------------------------------------------------------------------
/src/module/m_standard.mli:
--------------------------------------------------------------------------------
1 | (* Standard TLA+ modules.
2 |
3 | Copyright (C) 2008-2010 INRIA and Microsoft Corporation
4 | *)
5 | open M_t
6 |
7 |
8 | (* all TLAPM builtin operators, including TLA+ builtins *)
9 | val tlapm: mule
10 | (* natural numbers *)
11 | val naturals: mule
12 | (* integers *)
13 | val integers: mule
14 | (* real numbers *)
15 | val reals: mule
16 | (* sequences *)
17 | val sequences: mule
18 | (* TLC *)
19 | val tlc: mule
20 | (* the initial module context, constructed at startup *)
21 | val initctx: modctx
22 |
--------------------------------------------------------------------------------
/src/module/m_subst.mli:
--------------------------------------------------------------------------------
1 | (* Utilities for performing substitutions in module syntax graphs. *)
2 | open Expr.Subst
3 |
4 | open M_t
5 |
6 |
7 | val app_modunits: sub -> modunit list -> sub * modunit list
8 | val app_modunit: sub -> modunit -> sub * modunit
9 | val app_mule: sub -> mule -> mule
10 |
--------------------------------------------------------------------------------
/src/optable.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2011 INRIA and Microsoft Corporation
3 | *)
4 |
5 | (* tla_parser.ml *)
6 | type fixity =
7 | | Nonfix
8 | | Prefix | Postfix
9 | | Infix of assoc
10 |
11 | and assoc =
12 | | Left | Non | Right
13 |
14 | and dom =
15 | (* primitive operators *)
16 | | Logic | Sets | Modal
17 | (* user-definable operators *)
18 | | User
19 | type prec = int * int
20 | type tlaop = {
21 | name: string;
22 | prec: prec;
23 | fix: fixity;
24 | dom: dom;
25 | defn: Builtin.builtin option}
26 | val optable: (string, tlaop) Hashtbl.t
27 |
28 | (* fmt.ml *)
29 | val lookup: string -> tlaop
30 | val standard_form: Builtin.builtin -> tlaop
31 |
--------------------------------------------------------------------------------
/src/pars.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2012 INRIA and Microsoft Corporation
3 | *)
4 | module Error = Error
5 | module Intf = Intf
6 | module LazyList = LazyList
7 | module Pco = Pco
8 |
--------------------------------------------------------------------------------
/src/paths.mli:
--------------------------------------------------------------------------------
1 | val backend_path_string : string
2 | val backend_paths : string list
3 | val stdlib_paths : string list
4 | val find_path_containing : string list -> string -> string option
5 |
--------------------------------------------------------------------------------
/src/proof.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2012 INRIA and Microsoft Corporation
3 | *)
4 | module T = P_t
5 | module Fmt = P_fmt
6 | module Subst = P_subst
7 | module Visit = P_visit
8 | module Simplify = P_simplify
9 | module Anon = P_anon
10 | module Gen = P_gen
11 | module Parser = P_parser
12 |
--------------------------------------------------------------------------------
/src/proof/p_anon.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * proof/anon.mli --- anonymise proofs
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | (** Anonymize proofs *)
9 |
10 | class anon : [string list] P_visit.map
11 | val anon : anon
12 |
--------------------------------------------------------------------------------
/src/proof/p_fmt.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * proof/fmt.mli --- proofs (pretty printing)
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | open Ctx
9 |
10 | open P_t
11 |
12 | val pp_print_obligation : Format.formatter -> obligation -> unit
13 | val pp_print_proof : Expr.Fmt.ctx -> Format.formatter -> proof -> unit
14 | val pp_print_step : Expr.Fmt.ctx -> Format.formatter -> step -> Expr.Fmt.ctx
15 | val pp_print_usable : Expr.Fmt.ctx -> Format.formatter -> usable -> unit
16 |
17 | val string_of_step : Expr.T.hyp Deque.dq -> step -> string
18 |
--------------------------------------------------------------------------------
/src/proof/p_parser.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * concept.mli --- conceptualizing
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | type supp = Emit | Suppress
9 |
10 | val qed_loc_prop : Loc.locus Property.pfuncs
11 | (** Represents the location of the QED step, excluding its proof. *)
12 |
13 | val usebody : P_t.usable Tla_parser.lprs
14 | val proof : P_t.proof Tla_parser.lprs
15 | val suppress : supp Tla_parser.lprs
16 |
--------------------------------------------------------------------------------
/src/proof/p_simplify.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * proof/simplify.mli --- simplify proofs
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | (** Simplify proofs *)
9 |
10 | open Property
11 | open Deque
12 |
13 | open Expr.T
14 |
15 | open P_t
16 |
17 | val simplify : hyp dq -> expr -> proof -> time -> proof
18 |
--------------------------------------------------------------------------------
/src/proof/p_subst.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * proof/subst.mli --- substitution in proofs
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | open Expr.Subst
9 |
10 | open P_t
11 |
12 | val app_proof : sub -> proof -> proof
13 | val app_step : sub -> step -> sub * step
14 | val app_inits : sub -> step list -> sub * step list
15 | val app_usable : sub -> usable -> usable
16 |
--------------------------------------------------------------------------------
/src/smt/boolify.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2012 INRIA and Microsoft Corporation *)
2 |
3 | open Expr.T
4 |
5 | val boolify: sequent -> sequent
6 | val eboo: expr -> expr
7 | val mk_bool: expr -> expr
8 |
--------------------------------------------------------------------------------
/src/smt/ectx.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2014 INRIA and Microsoft Corporation *)
2 | open Expr.T
3 |
4 | type t = hyp Deque.dq * int Ctx.ctx
5 |
6 | val dot : t
7 | val length : t -> int
8 | val bump : t -> t
9 | val adj : t -> hyp -> t * (string * hyp)
10 | val adjs : t -> hyp list -> t * (string * hyp) list
11 | val adj_bs : t -> bounds -> t * (string * Axioms.smtsort) list * hyp list
12 | val is_bounded : hyp Deque.dq -> int -> bool
13 | val tla_id : t -> int -> string
14 | val smt_id : t -> int -> string
15 | val from_hyps : t -> hyp Deque.dq -> t
16 |
--------------------------------------------------------------------------------
/src/smt/fmt.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2012 INRIA and Microsoft Corporation *)
2 | open Expr.T
3 |
4 | val lift_sq : hyp Deque.dq -> expr list * expr -> expr list * expr
5 |
--------------------------------------------------------------------------------
/src/smt/preprocess.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2012 INRIA and Microsoft Corporation *)
2 | open Expr.T
3 |
4 | val prepreproc : sequent -> sequent
5 | val skolemize : sequent -> sequent
6 | val simpl_eq : unit Expr.Visit.scx -> (expr list * expr) -> (expr list * expr)
7 | val abstract : unit Expr.Visit.scx -> (expr list * expr) -> (expr list * expr)
8 | val abstract2 : unit Expr.Visit.scx -> (expr list * expr) -> (expr list * expr)
9 |
--------------------------------------------------------------------------------
/src/smt/rewrite_arith.mli:
--------------------------------------------------------------------------------
1 | open Expr.T
2 |
3 | class rw : object
4 | inherit [unit] Expr.Visit.map
5 | end
6 |
--------------------------------------------------------------------------------
/src/smt/rewrite_trivial.mli:
--------------------------------------------------------------------------------
1 | open Expr.T
2 |
3 | val rw : expr -> expr
4 | val range2set : int -> int -> expr list
5 |
--------------------------------------------------------------------------------
/src/sysconf.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * sysconf.ml --- thin interface to POSIX.1 sysconf(2)
3 | *
4 | * Author: Kaustuv Chaudhuri
5 | *
6 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
7 | *)
8 | external nprocs_internal: unit -> int = "sysconf_nprocs"
9 |
10 | let nprocs ?(default=0) () =
11 | try nprocs_internal () with _ -> default
12 |
--------------------------------------------------------------------------------
/src/sysconf.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * sysconf.ml --- thin interface to POSIX.1 sysconf(2)
3 | *
4 | * Author: Kaustuv Chaudhuri
5 | *
6 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
7 | *)
8 |
9 | val nprocs: ?default:int -> unit -> int
10 |
--------------------------------------------------------------------------------
/src/sysconf_stubs.c:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 | #include
5 | #include
6 |
7 | CAMLprim value sysconf_nprocs (value unit)
8 | {
9 | CAMLparam1 (unit);
10 | long ret;
11 | #if defined(_SC_NPROCESSORS_ONLN)
12 | ret = sysconf (_SC_NPROCESSORS_ONLN);
13 | #else
14 | ret = -1;
15 | #endif
16 | if (ret == -1){
17 | caml_failwith ("Sysconf.nprocs : sysconf() system call failed");
18 | }
19 | CAMLreturn (Val_int (ret));
20 | }
21 |
--------------------------------------------------------------------------------
/src/tlapm.ml:
--------------------------------------------------------------------------------
1 | let main fs =
2 | Tlapm_lib.main fs;
3 |
4 | exception Stacktrace;;
5 |
6 | let () =
7 | Sys.set_signal
8 | Sys.sigusr1
9 | (Sys.Signal_handle (fun _ -> raise Stacktrace));
10 | Tlapm_lib.init ();
11 |
--------------------------------------------------------------------------------
/src/tlapm.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * tlapm.mli --- driver (interface)
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 | val main: string list -> unit
8 |
--------------------------------------------------------------------------------
/src/tlapm_args.mli:
--------------------------------------------------------------------------------
1 | (* Command-line arguments to `tlapm`.
2 |
3 | Copyright (C) 2011 INRIA and Microsoft Corporation
4 | *)
5 | val init: unit -> string list
6 |
--------------------------------------------------------------------------------
/src/type.ml:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 | module T = T_t
6 | module Visit = T_visit
7 | module Collect = T_collect
8 | module Hyps = T_hyps
9 | module Synthesize = T_synth
10 |
11 |
--------------------------------------------------------------------------------
/src/type.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/type/t_collect.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * encode/coltypes.mli --- collect types in an expression
3 | *
4 | *
5 | * Copyright (C) 2022 INRIA and Microsoft Corporation
6 | *)
7 |
8 | open Expr.T
9 | open T_t
10 |
11 | (** Collect all constant types (also called "sorts") found in an expression *)
12 | val main : sequent -> Ts.t
13 |
14 |
--------------------------------------------------------------------------------
/src/type/t_collect.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/type/t_hyps.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/type/t_synth.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/type/t_t.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/type/t_visit.mlt:
--------------------------------------------------------------------------------
1 | (*
2 | * Copyright (C) 2022 INRIA and Microsoft Corporation
3 | *)
4 |
5 |
--------------------------------------------------------------------------------
/src/typesystem/typ_cg1.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2012 INRIA and Microsoft Corporation *)
2 | open Expr.T
3 |
4 |
5 | val cg:
6 | sequent -> sequent * Typ_e.t * Typ_c.t
7 |
--------------------------------------------------------------------------------
/src/typesystem/typ_cg2.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2012 INRIA and Microsoft Corporation *)
2 | open Expr.T
3 |
4 |
5 | val cg:
6 | sequent -> sequent * Typ_e.t * Typ_c.t
7 | (*
8 | val cg:
9 | Typ_c.cg_mode -> Typ_e.t ->
10 | Typ_t.t -> hyp list -> expr ->
11 | expr * Typ_c.t
12 | *)
13 |
--------------------------------------------------------------------------------
/src/typesystem/typ_impgraph.mli:
--------------------------------------------------------------------------------
1 | (*
2 | Created by Hernán Vanzetto on 4 Nov 2013.
3 | Copyright (c) 2013 INRIA and Microsoft Corporation
4 | *)
5 |
6 | open Expr.T
7 | open Typ_t
8 | open Typ_e
9 |
10 | val solve:
11 | (hyp list * expr) SMap.t ->
12 | (Builtin.builtin * Typ_e.t * tref * tref) list ->
13 | string list ->
14 | (hyp list * expr) SMap.t
15 |
--------------------------------------------------------------------------------
/src/typesystem/typ_system.mli:
--------------------------------------------------------------------------------
1 | (* Copyright (C) 2011-2012 INRIA and Microsoft Corporation *)
2 | open Expr.T
3 |
4 | open Typ_t
5 | open Typ_e
6 | open Typ_c
7 |
8 | (* val boolify: expr -> expr *)
9 |
10 | (*
11 | val cg:
12 | hyp list -> expr ->
13 | (Typ_e.t * Typ_c.t)
14 | *)
15 | (*
16 | val solve:
17 | hyp list -> expr list ->
18 | expr list
19 | *)
20 |
21 | val type_construct: sequent -> sequent
22 |
--------------------------------------------------------------------------------
/src/typesystem/why3_interface.mli:
--------------------------------------------------------------------------------
1 | (*
2 | Created by Hernán Vanzetto on 2 Nov 2013.
3 | Copyright (c) 2013 INRIA and Microsoft Corporation
4 | *)
5 | open Expr.T
6 |
7 | val solve: (Typ_e.t * expr) -> string
8 |
--------------------------------------------------------------------------------
/src/util/worklist.mli:
--------------------------------------------------------------------------------
1 | (*
2 | * worklist.mli --- work lists
3 | *
4 | *
5 | * Copyright (C) 2008-2010 INRIA and Microsoft Corporation
6 | *)
7 |
8 | type 'a wl = { add : 'a -> unit ;
9 | next : unit -> 'a ;
10 | get : unit -> 'a list ;
11 | clear : unit -> unit }
12 |
13 | val create : unit -> 'a wl
14 |
15 | val with_wl : ('a wl -> unit) -> 'a list
16 |
--------------------------------------------------------------------------------
/test/Makefile:
--------------------------------------------------------------------------------
1 | #
2 | # See test logs in ../_build/default/test/tests.log
3 | #
4 | TEST_DIRS=$(shell find . -type d | grep -v 'TOOLS')
5 | TEST_FILES=$(shell find . -name '*.tla')
6 |
7 | all:
8 | dune runtest -f
9 |
10 | $(TEST_DIRS) $(TEST_FILES):
11 | env TEST_CASE=$@ dune runtest -f
12 |
13 | .PHONY: all $(TEST_DIRS) $(TEST_FILES)
14 |
--------------------------------------------------------------------------------
/test/TOOLS/env_setup:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | # To avoid using realpath, it is unavailable on older MacOS.
4 | abspath() {
5 | (cd "$(dirname $1)" && echo "$(pwd)/$(basename $1)")
6 | }
7 |
8 | if [ -z "$USE_TLAPM" ]; then
9 | TLAPM_BIN=$BASEDIR/../tlapm
10 | else
11 | TLAPM_BIN="$(abspath $USE_TLAPM)"
12 | fi
13 |
14 | if [ -z "$USE_LIB" ]; then
15 | LIBRARY_DIR=$BASEDIR/../library
16 | else
17 | LIBRARY_DIR="$(abspath $USE_LIB)"
18 | fi
19 |
--------------------------------------------------------------------------------
/test/TOOLS/separator:
--------------------------------------------------------------------------------
1 | This is a single-line file used by do_one_test. Contents is irrelevant.
2 |
--------------------------------------------------------------------------------
/test/TOOLS/time_one_test:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | FILE="$1"
4 | TOOLDIR="$2"
5 |
6 | "$TOOLDIR"/do_one_test "$FILE" "$TOOLDIR/separator" \
7 | "$FILE.out" "$FILE.err" \
8 | >"$FILE.out" 2>"$FILE.err"
9 | retcode=$?
10 | case $retcode in
11 | 0) ;;
12 | *)
13 | printf "failed with return code %d\n" $retcode
14 | printf "#### stdout:\n"
15 | cat "$FILE.out"
16 | printf "#### stderr:\n"
17 | cat "$FILE.err"
18 | exit $retcode
19 | ;;
20 | esac
21 |
--------------------------------------------------------------------------------
/test/bugs/README.md:
--------------------------------------------------------------------------------
1 | Like the unit/ directory, this directory is for unit tests (one PO per test), but it is for negative tests. A test succeeds if the test script returns the message 'FAILED'
2 |
3 | (Note: Currently it does not seem possible to change the test script so that a test succeeds if the provers fail to prove something. In the case of SMT solvers, the intented output for these unit tests is SAT, because the theorems are effectively unprovable.)
4 |
--------------------------------------------------------------------------------
/test/bugs/excappbad_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE excapp3_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW f \in [ A -> B ],
8 | NEW x \in A,
9 | NEW y \in A,
10 | NEW a,
11 | NEW b
12 | PROVE LET g == [ f EXCEPT ![x] = a, ![y] = b ] IN
13 | g[x] = a
14 | OBVIOUS
15 |
16 | ====
17 | stderr: status:failed
18 |
--------------------------------------------------------------------------------
/test/bugs/hidedef_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE hidedef_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | C == TRUE
6 | HIDE DEF C
7 |
8 | THEOREM C
9 | OBVIOUS
10 |
11 | ====
12 | stderr: status:failed
13 |
--------------------------------------------------------------------------------
/test/bugs/hidedefpred_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE hidedefpred_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | C == TRUE
6 | HIDE DEF C
7 |
8 | (** The following result might be solved if C is given the type bool.
9 | This must not happen, as C's defn is hidden.
10 | *)
11 | THEOREM C = TRUE \/ C = FALSE
12 | OBVIOUS
13 |
14 | ====
15 | stderr: status:failed
16 |
--------------------------------------------------------------------------------
/test/bugs/instance_mutate.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE instance_mutate ----
2 | Op(x) == TRUE
3 | USE TRUE
4 | OpAll == \A x : Op(x)
5 | ====
6 |
--------------------------------------------------------------------------------
/test/bugs/instance_mutate_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE instance_mutate_test ----
2 | (*
3 | Instantiation was failing on use of an operator if there was
4 | a Mutation (USE) involved in the instantiated module.
5 | *)
6 | INSTANCE instance_mutate
7 | ====
8 |
--------------------------------------------------------------------------------
/test/bugs/noteqfalse_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE noteqfalse_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | (** 'x \/ ~ x' is a theorem of TLA+, but 'x = TRUE \/ x = FALSE' is
6 | inconsistent, because it would imply that BOOLEAN is the set of all sets.
7 | Thus the theorem below cannot be true.
8 | *)
9 |
10 | THEOREM ASSUME NEW x
11 | PROVE ~ x => x = FALSE
12 | OBVIOUS
13 |
14 | ====
15 | stderr: status:failed
16 |
--------------------------------------------------------------------------------
/test/bugs/quant_level_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE quant_level_test ----
2 | (*
3 | The levels of quantifier bounds were ignored.
4 | That lead to considering formulas as being constant level
5 | leading to proofs passing were they must fail.
6 | *)
7 | VARIABLE v
8 | I == \A y \in v: y = y
9 | LEMMA ASSUME I PROVE I' OBVIOUS
10 | ====
11 | stderr: status:failed
12 |
--------------------------------------------------------------------------------
/test/bugs/sndord_bis_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE sndord_bis_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | (** A simpler variant of sndord_test *)
6 |
7 | C == {}
8 |
9 | G(F(_)) == F(C)
10 |
11 | THEOREM Thm ==
12 | ASSUME NEW F(_)
13 | PROVE G(F) = F(C)
14 | (*BY DEF G*)
15 |
16 | THEOREM Cor ==
17 | ASSUME NEW F1(_),
18 | NEW F2(_)
19 | PROVE G(F1) = G(F2)
20 | BY Thm
21 |
22 | Z(x) == 0
23 | S(x) == 1
24 |
25 | THEOREM 0 = 1
26 | <1>1 G(Z) = 0 (*BY DEF G, Z*)
27 | <1>2 G(S) = 1 (*BY DEF G, S*)
28 | <1> QED (*BY ONLY Cor, <1>1, <1>2*)
29 |
30 | ====
31 | stderr: status:failed
32 |
--------------------------------------------------------------------------------
/test/dune:
--------------------------------------------------------------------------------
1 | (rule
2 | (alias runtest)
3 | (deps
4 | (alias_rec ../deps/all)
5 | (alias_rec ../src/all)
6 | (glob_files_rec "*.tla")
7 | (source_tree "TOOLS")
8 | (sandbox none))
9 | (action
10 | (setenv
11 | USE_TLAPM
12 | %{exe:../src/tlapm.exe}
13 | (setenv
14 | USE_LIB
15 | ../library
16 | (run "./TOOLS/do_tests" %{env:TEST_CASE=.})))))
17 |
--------------------------------------------------------------------------------
/test/fast/README.txt:
--------------------------------------------------------------------------------
1 | These are the "fast" tests: each test completes under 1 minute on my laptop
2 | (2017 macbook pro)
3 |
--------------------------------------------------------------------------------
/test/fast/basic/cvc3_false_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE cvc3_false_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == FALSE BY CVC3T(35)
6 |
7 | ====
8 | stderr: status:failed
9 |
--------------------------------------------------------------------------------
/test/fast/basic/isa_false_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE isa_false_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == FALSE BY Isa
6 |
7 | ====
8 | stderr: status:failed
9 |
--------------------------------------------------------------------------------
/test/fast/basic/isa_true_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE isa_true_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == TRUE /\ TRUE BY Isa
6 |
7 | ====
8 |
--------------------------------------------------------------------------------
/test/fast/basic/nonexistent_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nonexistent_test ----
2 | (* Run `tlapm` with a filename that does not
3 | end with `.tla`, to ensure that proof obligations
4 | are indeed generated.
5 |
6 | The TLA+ module's filename in the `command`
7 | below intentionally has no extension `.tla`,
8 | in order to test the behavior of `tlapm` when
9 | it automatically appends the extension `.tla`
10 | to the filename (filepath).
11 | *)
12 | THEOREM FALSE
13 | OBVIOUS
14 | =================================
15 | command: ${TLAPM} --toolbox 0 0 nonexistent_test
16 | stderr: obligation failed.
17 |
18 |
--------------------------------------------------------------------------------
/test/fast/basic/smt_arith_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE smt_arith_test ----
2 |
3 | EXTENDS TLAPS, Naturals
4 |
5 | THEOREM t == 2 + 2 = 4 BY SMT
6 |
7 | ====
8 |
--------------------------------------------------------------------------------
/test/fast/basic/smt_false_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE smt_false_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == FALSE BY SMT
6 |
7 | ====
8 | stderr: reason:false
9 |
--------------------------------------------------------------------------------
/test/fast/basic/tab_character_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE tab_character_test ----
2 |
3 | (* This line contains a tab character,
4 | in order to test that `tlapm` will exit
5 | with a message that informs about the
6 | presence of the tab character. *)
7 |
8 | ===================================
9 | result: 3
10 | stderr: Unexpected TAB character.
11 | stderr: TLAPS does not handle TAB characters in source files.
12 |
--------------------------------------------------------------------------------
/test/fast/basic/true_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE true_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == TRUE OBVIOUS
6 |
7 | ====
8 | \* No clause needed, this is supposed to work.
9 |
--------------------------------------------------------------------------------
/test/fast/basic/z3_arith_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE z3_arith_test ----
2 |
3 | EXTENDS TLAPS, Naturals
4 |
5 | THEOREM t == 2 + 2 = 4 BY Z3
6 |
7 | ====
8 |
--------------------------------------------------------------------------------
/test/fast/basic/z3_false_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE z3_false_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == FALSE BY Z3
6 |
7 | ====
8 | stderr: reason:false
9 |
--------------------------------------------------------------------------------
/test/fast/basic/zen_false_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE zen_false_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == FALSE BY ZenonT (5)
6 |
7 | ====
8 | stderr: status:failed
9 |
--------------------------------------------------------------------------------
/test/fast/basic/zen_true_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE zen_true_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM t == TRUE /\ TRUE BY ZenonT (5)
6 |
7 | ====
8 |
--------------------------------------------------------------------------------
/test/fast/enabled_cdot/ENABLED_INSTANCE_nullary_op_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE ENABLED_INSTANCE_nullary_op_test ----
2 | EXTENDS TLAPS
3 |
4 | ---- MODULE Inner ----
5 | VARIABLE x
6 |
7 | A == ENABLED (x')
8 |
9 | ======================
10 |
11 | VARIABLE x
12 |
13 | M == INSTANCE Inner
14 |
15 | THEOREM M!A
16 | BY ExpandENABLED DEF M!A
17 |
18 | =================================================
19 |
--------------------------------------------------------------------------------
/test/fast/enabled_cdot/ENABLED_INSTANCE_nullary_op_two_vars_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE ENABLED_INSTANCE_nullary_op_two_vars_test ----
2 | EXTENDS TLAPS
3 |
4 | ---- MODULE Inner ----
5 | VARIABLE x, y
6 |
7 | A == ENABLED (x' # y')
8 |
9 | ======================
10 |
11 | VARIABLE x
12 |
13 | M == INSTANCE Inner WITH y <- x
14 |
15 | THEOREM M!A
16 | BY ExpandENABLED DEF M!A
17 |
18 | ==========================================================
19 |
--------------------------------------------------------------------------------
/test/fast/enabled_cdot/ENABLED_INSTANCE_op_with_args_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE ENABLED_INSTANCE_op_with_args_test ----
2 | EXTENDS TLAPS
3 |
4 | ---- MODULE Inner ----
5 | VARIABLE x, y
6 |
7 | A(z) == ENABLED (x' # y')
8 |
9 | ======================
10 |
11 | VARIABLE x
12 |
13 | M == INSTANCE Inner WITH y <- x
14 |
15 | THEOREM M!A(x)
16 | BY ExpandENABLED DEF M!A
17 |
18 | ===================================================
19 |
--------------------------------------------------------------------------------
/test/fast/enabled_cdot/ExpandENABLED_LET_test.tla:
--------------------------------------------------------------------------------
1 | -------------------------- MODULE ExpandENABLED_LET_test -----------------------
2 | (* Unit test of `ExpandENABLED` with `LET` in proof obligation. *)
3 | EXTENDS TLAPS
4 |
5 |
6 | THEOREM
7 | ASSUME VARIABLE x
8 | PROVE
9 | LET
10 | Foo(r) == r
11 | IN
12 | x => ENABLED /\ Foo(x)
13 | /\ Foo(x')
14 | PROOF
15 | BY ExpandENABLED, Zenon
16 | ================================================================================
17 |
--------------------------------------------------------------------------------
/test/fast/enabled_cdot/ExpandOnlyCdot_test.tla:
--------------------------------------------------------------------------------
1 | ------------------------ MODULE ExpandOnlyCdot_test ----------------------------
2 | (* Test with `ExpandCdot` and `ENABLED` occurs in scope of `\cdot`.
3 |
4 | The proof directive `ExpandENABLED` is not given.
5 | *)
6 | EXTENDS TLAPS
7 |
8 |
9 | THEOREM ((ENABLED TRUE) \cdot TRUE)
10 | BY ExpandCdot
11 | ================================================================================
12 | stderr: status:failed
13 |
--------------------------------------------------------------------------------
/test/fast/enabled_cdot/ExpandOnlyENABLED_test.tla:
--------------------------------------------------------------------------------
1 | -------------------------- MODULE ExpandOnlyENABLED_test -----------------------
2 | (* Test with `ExpandENABLED` and `\cdot` occurs in scope of `ENABLED`.
3 |
4 | The proof directive `ExpandCdot` is not given.
5 | *)
6 | EXTENDS TLAPS
7 |
8 |
9 | THEOREM ENABLED (TRUE \cdot TRUE)
10 | BY ExpandENABLED
11 | ================================================================================
12 | stderr: status:failed
13 |
--------------------------------------------------------------------------------
/test/fast/fingerprint/load_v8_test.tlaps.testbase/fingerprints:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/test/fast/fingerprint/load_v8_test.tlaps.testbase/fingerprints
--------------------------------------------------------------------------------
/test/fast/fingerprint/load_v8old_test.tlaps.testbase/fingerprints:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/test/fast/fingerprint/load_v8old_test.tlaps.testbase/fingerprints
--------------------------------------------------------------------------------
/test/fast/fingerprint/load_v9_test.tlaps.testbase/fingerprints:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/test/fast/fingerprint/load_v9_test.tlaps.testbase/fingerprints
--------------------------------------------------------------------------------
/test/fast/language/CHOOSEsyntax.tla:
--------------------------------------------------------------------------------
1 | ----------------------------- MODULE CHOOSEsyntax ------------------------------
2 | a == CHOOSE x: TRUE
3 | b == CHOOSE x \in TRUE: TRUE
4 | c == CHOOSE <>: TRUE
5 | d == CHOOSE <> \in TRUE: TRUE
6 | ================================================================================
7 |
--------------------------------------------------------------------------------
/test/fast/language/ConstantQuantifierBoundeds.tla:
--------------------------------------------------------------------------------
1 | ---------------------- MODULE ConstantQuantifierBoundeds -----------------------
2 | (* Test that \E and \A allow bounded declarations. *)
3 | E == \E x \in TRUE, y, z \in TRUE, w \in TRUE: TRUE
4 | A == \A x \in TRUE, y, z \in TRUE, w \in TRUE: TRUE
5 |
6 | Etuples == \E x \in TRUE, <> \in TRUE \X TRUE, w \in TRUE: TRUE
7 | Atuples == \A x \in TRUE, <> \in TRUE \X TRUE, w \in TRUE: TRUE
8 | ================================================================================
9 |
--------------------------------------------------------------------------------
/test/fast/language/ConstantQuantifierUnboundeds.tla:
--------------------------------------------------------------------------------
1 | --------------------- MODULE ConstantQuantifierUnboundeds ----------------------
2 | (* Test that \E and \A allow unbounded declarations. *)
3 | E == \E x, y, z: TRUE
4 | A == \A x, y, z: TRUE
5 | ================================================================================
6 |
--------------------------------------------------------------------------------
/test/fast/language/EXTENDS_in_submodule_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE EXTENDS_in_submodule_test ----
2 | (* Ensure that modules listed in EXTENDS statements
3 | that are contained in submodules are loaded by `tlapm`.
4 | *)
5 |
6 |
7 | ---- MODULE Inner ----
8 | EXTENDS TLAPS
9 |
10 | ======================
11 |
12 | ==========================================
13 |
--------------------------------------------------------------------------------
/test/fast/language/ExistsNotBothBoundedAndUnbounded.tla:
--------------------------------------------------------------------------------
1 | ------------------- MODULE ExistsNotBothBoundedAndUnbounded --------------------
2 | (* Test that \E does not allow both bounded and unbounded declarations
3 | within the same quantifier.
4 | *)
5 | E == \E x \in TRUE, y: TRUE
6 | ================================================================================
7 | stderr: Error: Could not parse
8 |
--------------------------------------------------------------------------------
/test/fast/language/ForallNotBothBoundedAndUnbounded.tla:
--------------------------------------------------------------------------------
1 | ------------------- MODULE ForallNotBothBoundedAndUnbounded --------------------
2 | (* Test that \A does not allow both bounded and unbounded declarations
3 | within the same quantifier.
4 | *)
5 | A == \A x \in TRUE, y: TRUE
6 | ================================================================================
7 | stderr: Error: Could not parse
8 |
--------------------------------------------------------------------------------
/test/fast/language/FunctionConstructorBoundeds.tla:
--------------------------------------------------------------------------------
1 | ---------------------- MODULE FunctionConstructorBoundeds ----------------------
2 | (* Test that function constructors allow bounded declarations. *)
3 | f == [x \in {TRUE}, y \in TRUE |-> x /\ y]
4 | ================================================================================
5 |
--------------------------------------------------------------------------------
/test/fast/language/FunctionConstructorOnlyBoundeds.tla:
--------------------------------------------------------------------------------
1 | -------------------- MODULE FunctionConstructorOnlyBoundeds --------------------
2 | (* Test that function constructors allow only bounded declarations. *)
3 | f == [x \in TRUE, y |-> TRUE]
4 | ================================================================================
5 | stderr: Error: Could not parse
6 |
--------------------------------------------------------------------------------
/test/fast/language/FunctionDefinitionBoundeds.tla:
--------------------------------------------------------------------------------
1 | ---------------------- MODULE FunctionDefinitionBoundeds -----------------------
2 | (* Test that function definitions allow bounded declarations.
3 |
4 | Bounded declarations can include tuple declarations.
5 | *)
6 | f[x \in {TRUE}, y \in TRUE] == x
7 |
8 | g[x \in {TRUE}, <> \in TRUE \X FALSE] == x /\ (y \/ ~ z)
9 | ================================================================================
10 |
--------------------------------------------------------------------------------
/test/fast/language/FunctionDefinitionOnlyBoundeds_1.tla:
--------------------------------------------------------------------------------
1 | ------------------- MODULE FunctionDefinitionOnlyBoundeds_1 --------------------
2 | (* Test that function definitions allow only bounded declarations.
3 |
4 | The below form is a syntax error in TLA+.
5 | Previously, `tlapm` parsed this form.
6 | The syntax error is detected by SANY.
7 | *)
8 | f[x] == TRUE
9 | ================================================================================
10 | stderr: Error: Could not parse
11 |
--------------------------------------------------------------------------------
/test/fast/language/FunctionDefinitionOnlyBoundeds_2.tla:
--------------------------------------------------------------------------------
1 | ------------------- MODULE FunctionDefinitionOnlyBoundeds_2 --------------------
2 | (* Test that function definitions allow only bounded declarations.
3 |
4 | The below form is a syntax error in TLA+.
5 | Previously, `tlapm` parsed this form.
6 | The syntax error is detected by SANY.
7 | *)
8 | f[x \in TRUE, y] == TRUE
9 | ================================================================================
10 | stderr: Error: Could not parse
11 |
--------------------------------------------------------------------------------
/test/fast/language/INSTANCE_shift_due_to_omitted_modunits_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE INSTANCE_shift_due_to_omitted_modunits_test ----
2 |
3 |
4 | ---- MODULE Inner ----
5 | EXTENDS TLAPS
6 |
7 | VARIABLE y
8 |
9 | A == y'
10 | THEOREM B == []TRUE
11 | ======================
12 |
13 |
14 | VARIABLE z
15 |
16 |
17 | M == INSTANCE Inner WITH y <- z
18 |
19 |
20 | THEOREM
21 | \EE x:
22 | LET Q == INSTANCE Inner WITH y <- x
23 | IN Q!A
24 | OBVIOUS
25 |
26 |
27 | ============================================================
28 | command: ${TLAPM} --toolbox 0 0 ${FILE}
29 | nostderr: Assertion failed
30 |
--------------------------------------------------------------------------------
/test/fast/language/SetConstructorsTupleDeclarations.tla:
--------------------------------------------------------------------------------
1 | ------------------- MODULE SetConstructorsTupleDeclarations --------------------
2 | (* Test that tuple declarations can appear in set constructors. *)
3 | a == {x /\ y: <> \in TRUE \X FALSE}
4 | b == {x /\ y /\ z: <> \in TRUE \X FALSE, z \in TRUE}
5 |
6 | c == {<> \in TRUE \X FALSE: x /\ y}
7 | ================================================================================
8 |
--------------------------------------------------------------------------------
/test/fast/language/WFTRUE_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE WFTRUE_test ----
2 | (* The lexer was not identifying
3 | keywords in fairness subscripts.
4 | For example, WF_TRUE was lexed
5 | as [PUNCT "WF_"; ID "TRUE"],
6 | instead of [PUNCT "WF_"; KWD "TRUE"].
7 | *)
8 |
9 | THEOREM WF_TRUE(TRUE) <=> WF_(TRUE)(TRUE)
10 | OBVIOUS
11 |
12 | =============================
13 |
--------------------------------------------------------------------------------
/test/fast/language/nary_fcnapp_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nary_fcnappi_test ----
2 | EXTENDS TLAPS
3 |
4 |
5 | f == [x \in {TRUE} \X {TRUE} |-> TRUE]
6 |
7 | THEOREM f[TRUE, TRUE] = TRUE
8 | <1>1. <> \in {TRUE} \X {TRUE}
9 | OBVIOUS
10 | <1> QED
11 | BY <1>1, SMT DEF f
12 |
13 | ============================
14 |
--------------------------------------------------------------------------------
/test/fast/language/unary_fcnapp_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE unary_fcnapp_test ----
2 | EXTENDS TLAPS
3 |
4 |
5 | f == [x \in {TRUE} |-> TRUE]
6 |
7 | THEOREM f[TRUE] = TRUE
8 | BY SMT DEF f
9 |
10 | ============================
11 |
--------------------------------------------------------------------------------
/test/fast/regression/cooper_instantiation_test.tla:
--------------------------------------------------------------------------------
1 | ----------- MODULE cooper_instantiation_test ---------------
2 | EXTENDS Integers
3 |
4 | THEOREM SimpleArithmetic == TRUE (*{ by (cooper) }*)
5 |
6 | THEOREM ASSUME NEW CONSTANT XXX,
7 | NEW CONSTANT i \in Int
8 | PROVE XXX \in Int
9 | BY SimpleArithmetic
10 | ====================================
11 | stderr: status:failed
12 | nostderr: status:proved
13 |
--------------------------------------------------------------------------------
/test/fast/regression/parameterized_instantiation_aux.tla:
--------------------------------------------------------------------------------
1 | ---------- MODULE parameterized_instantiation_aux -----------
2 | VARIABLE y
3 | Foo == <>
4 | ====================================
5 |
--------------------------------------------------------------------------------
/test/fast/regression/parameterized_instantiation_test.tla:
--------------------------------------------------------------------------------
1 | ----------- MODULE parameterized_instantiation_test -----------------
2 | EXTENDS Integers, FiniteSets
3 |
4 | VARIABLE x, z
5 | F(y) == INSTANCE parameterized_instantiation_aux
6 |
7 | THEOREM (x = z) => (F(x)!Foo = F(z)!Foo)
8 | BY DEF F!Foo
9 | ==========================================
10 |
--------------------------------------------------------------------------------
/test/fast/regression/smt_domain_check_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE smt_domain_check_test ----
2 | EXTENDS Naturals, Integers, TLAPS
3 | LEMMA
4 | ASSUME NEW N \in Nat,
5 | NEW f \in [0 .. N-1 -> Int]
6 | PROVE \A i \in Nat : (IF i < N THEN f[i] ELSE 42) \in Int
7 | BY SMT
8 | ====
9 |
--------------------------------------------------------------------------------
/test/fast/regression/z3_fingerprint_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE z3_fingerprint_test ----
2 |
3 | EXTENDS TLAPS, Naturals
4 |
5 | THEOREM foo == 2 + 2 = 4 BY Z3
6 |
7 | ====
8 | command: ${TLAPM} --toolbox 0 0 --isaprove ${FILE} 2>/dev/null
9 | command: ${TLAPM} --toolbox 0 0 --noproving ${FILE}
10 | stderr: already:true
11 |
--------------------------------------------------------------------------------
/test/medium/README.txt:
--------------------------------------------------------------------------------
1 | These are the "medium" tests: each test completes in 1 to 10 minutes on my
2 | laptop (2017 macbook pro)
3 |
--------------------------------------------------------------------------------
/test/parser/dune:
--------------------------------------------------------------------------------
1 | (test
2 | (name parser_tests)
3 | (modes exe)
4 | (libraries tlapm_lib ounit2 sexplib)
5 | (deps (glob_files_rec syntax_corpus/*))
6 | (preprocess (pps ppx_deriving.show))
7 | )
8 |
--------------------------------------------------------------------------------
/test/regression_tests/fingerprint_13_12_07_test-disabled.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE fingerprint_13_12_07_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | CONSTANT S
6 |
7 | THEOREM ASSUME NEW x \in S
8 | PROVE S # {}
9 | OBVIOUS
10 |
11 | THEOREM S # {} OBVIOUS
12 |
13 | ====
14 | command: ${TLAPM} --toolbox 0 0 --threads 1 --cleanfp ${FILE}
15 | stderr: status:failed
16 |
--------------------------------------------------------------------------------
/test/regression_tests/function_except_tuple_soundness_gh201_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE function_except_tuple_soundness_gh201_test ----
2 | EXTENDS TLAPS, Naturals
3 |
4 | THEOREM SoundnessError == FALSE
5 | <1> DEFINE f1 == [i \in Nat |-> i]
6 | <1> DEFINE f2 == [f1 EXCEPT ![0] = << 0 >>]
7 | <1>1. f1 = f2 OBVIOUS
8 | <1> QED BY <1>1
9 |
10 | ====
11 | stderr: status:failed
12 |
13 |
--------------------------------------------------------------------------------
/test/regression_tests/nat_comparison_soundness_gh200_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nat_comparison_soundness_gh200_test ----
2 | EXTENDS TLAPS, Naturals
3 |
4 | THEOREM SoundnessError == FALSE
5 | <1> DEFINE Elt == CHOOSE x \in Nat : TRUE
6 | <1>1. Nat = {Elt} OBVIOUS
7 | <1>2. 0 \in Nat /\ 1 \in Nat /\ 0 # 1 OBVIOUS
8 | <1>3. FALSE BY <1>1, <1>2, Zenon
9 | <1> QED BY <1>3
10 |
11 | ====
12 | stderr: status:failed
13 |
14 |
--------------------------------------------------------------------------------
/test/resources/module/m_save/TLC.tla:
--------------------------------------------------------------------------------
1 | -------------------------- MODULE TLC -----------------------------
2 |
3 | (***********************************************************************)
4 | (* Test module. *)
5 | (***********************************************************************)
6 |
7 | VARIABLES m_save_t1
8 |
9 | ==========================
10 |
--------------------------------------------------------------------------------
/test/slow/README.txt:
--------------------------------------------------------------------------------
1 | These are the "slow" tests: each test completes in more than 10 minutes on my
2 | laptop (2017 macbook pro)
3 |
--------------------------------------------------------------------------------
/test/soundness_tests/prime_dist_bound_var_stest.tla:
--------------------------------------------------------------------------------
1 | ------------- MODULE prime_dist_bound_var_stest --------------
2 |
3 | VARIABLE Y
4 |
5 | P(a,x) == IF Y THEN x ELSE x
6 |
7 | THEOREM 1 = 2
8 | <1>1. \A z : P(Y,z)' = z
9 | BY DEF P
10 | <1>2. QED BY <1>1
11 |
12 | ===================
13 |
--------------------------------------------------------------------------------
/test/soundness_tests/variable_capture_stest.tla:
--------------------------------------------------------------------------------
1 | -------------- MODULE variable_capture_stest ---------------
2 | EXTENDS Integers, TLAPS
3 |
4 | VARIABLE x, x_prime
5 | CONSTANT 0m, x0m
6 | CONSTANT _ && _, a__andand(_,_)
7 |
8 | ---- MODULE bar ----
9 | andand(a, b) == 3
10 | ====
11 | a == INSTANCE bar
12 |
13 | THEOREM bug ==
14 | \/ x_prime = x'
15 | \/ 0m = x0m
16 | \/ a__andand (2, 1) = 2 && 1
17 | \/ a!andand(1,2) = 1 && 2
18 | BY SMT
19 |
20 | ===========================================
21 |
--------------------------------------------------------------------------------
/test/unit/README.md:
--------------------------------------------------------------------------------
1 | This directory contains unit tests. A unit test is a module from which a single PO is generated. The PO should be elementary, provable, and require one basic functionality of the language to be supported by the backends.
2 |
--------------------------------------------------------------------------------
/test/unit/a_lang/binary_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE binary_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW F(_, _),
6 | NEW a,
7 | NEW b
8 | PROVE F(a, b) = F(a, b)
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/a_lang/bounded_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE bounded_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW b \in a
7 | PROVE b \in a
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/constant_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE constant_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a
6 | PROVE a = a
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/a_lang/ditto_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE ditto_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A
6 | PROVE \A x, y \in A : x \in A /\ y \in A
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/a_lang/extends_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE extends_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM Nat = Nat
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/a_lang/hidedef_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE hidedef_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | C == TRUE
6 | HIDE DEF C
7 |
8 | THEOREM TRUE
9 | BY C = C
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/a_lang/letchain_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE letchain_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a
6 | PROVE LET b == a
7 | c == b
8 | IN
9 | a = c
10 | OBVIOUS
11 |
12 | ====
13 |
--------------------------------------------------------------------------------
/test/unit/a_lang/letconstant_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE letconstant_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM LET C == TRUE IN
6 | C
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/a_lang/letfunction_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE letfunction_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a
6 | PROVE LET F(x) == TRUE IN
7 | F(a)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/letsndord_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE letsndord_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW H(_)
6 | PROVE LET G(F(_)) == TRUE IN
7 | G(H)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/nothing_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nothing_test ----
2 |
3 | ====
4 |
--------------------------------------------------------------------------------
/test/unit/a_lang/nusedef_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nusedef_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | C == TRUE
6 |
7 | THEOREM TRUE
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/nusefact_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE usedef_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | ASSUME F == FALSE
6 |
7 | THEOREM TRUE
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/nusesndord_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nusesndord_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | G(F(_)) == TRUE
6 |
7 | THEOREM TRUE
8 | OBVIOUS
9 |
10 | ====
11 |
12 |
--------------------------------------------------------------------------------
/test/unit/a_lang/predarg_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE predarg_test ----
2 |
3 | (* NOTE: Requires higher-order unification *)
4 |
5 | EXTENDS TLAPS
6 |
7 | F(P(_), x) == P(x)
8 |
9 | THEOREM DefF ==
10 | ASSUME NEW P(_),
11 | NEW x,
12 | P(x)
13 | PROVE F(P, x)
14 | (*BY DEF F*)
15 |
16 | THEOREM ASSUME NEW x
17 | PROVE F(LAMBDA y : y = y, x)
18 | BY DefF
19 |
20 | ====
21 |
--------------------------------------------------------------------------------
/test/unit/a_lang/prime_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE prime_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | VARIABLE x
6 |
7 | THEOREM x' = x'
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/secondord_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE secondord_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | F(x, G(_), y) == TRUE
6 |
7 | THEOREM ASSUME NEW a,
8 | NEW G(_),
9 | NEW b
10 | PROVE F(a, G, b) = F(a, G, b)
11 | OBVIOUS
12 |
13 | ====
14 |
--------------------------------------------------------------------------------
/test/unit/a_lang/sndordthm_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE sndordthm_test ----
2 |
3 | (* NOTE: Requires higher-order unification *)
4 |
5 | EXTENDS TLAPS
6 |
7 | THEOREM Thm ==
8 | ASSUME NEW F(_),
9 | NEW a
10 | PROVE F(a)
11 |
12 | THEOREM ASSUME NEW F(_),
13 | NEW a
14 | PROVE F(a)
15 | BY Thm
16 |
17 | ====
18 |
--------------------------------------------------------------------------------
/test/unit/a_lang/tempop_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE tempop_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | VARIABLE v
6 |
7 | F(x) == x = v
8 |
9 | THEOREM ASSUME NEW x,
10 | F(x)'
11 | PROVE TRUE
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/a_lang/unary_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE unary_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW F(_),
6 | NEW a
7 | PROVE F(a) = F(a)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/usedef_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE usedef_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | C == TRUE
6 |
7 | THEOREM C
8 | BY DEF C
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/usefact_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE usedef_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | ASSUME F == FALSE
6 |
7 | THEOREM FALSE
8 | BY F
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/usethm_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE usethm_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM Thm == FALSE
6 |
7 | THEOREM FALSE
8 | BY Thm
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/variable_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE variable_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | VARIABLE x
6 |
7 | THEOREM x = x
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/a_lang/witness_bounded_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE witness_bounded_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW s,
7 | NEW a \in s,
8 | P(a)
9 | PROVE \E x \in s : P(x)
10 | <1> WITNESS a \in s
11 | <1> QED (*OBVIOUS*)
12 |
13 | ====
14 |
--------------------------------------------------------------------------------
/test/unit/a_lang/witness_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE witness_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW a,
7 | P(a)
8 | PROVE \E x : P(x)
9 | <1> WITNESS a
10 | <1> QED (*OBVIOUS*)
11 |
12 | ====
13 |
--------------------------------------------------------------------------------
/test/unit/b_logic/critical_bounded_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE critical_bounded_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW s,
7 | NEW a \in s,
8 | P(a)
9 | PROVE P(CHOOSE x \in s : P(x))
10 | OBVIOUS
11 |
12 | ====
13 |
--------------------------------------------------------------------------------
/test/unit/b_logic/critical_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE critical_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW a,
7 | P(a)
8 | PROVE P(CHOOSE x : P(x))
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/b_logic/existential_bounded_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE existential_bounded_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW s,
7 | NEW a \in s,
8 | P(a)
9 | PROVE \E x \in s : P(x)
10 | OBVIOUS
11 |
12 | ====
13 |
--------------------------------------------------------------------------------
/test/unit/b_logic/existential_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE existential_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW a,
7 | P(a)
8 | PROVE \E x : P(x)
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/b_logic/notfalse_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE notfalse_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ~ FALSE
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/b_logic/predicate_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE predicate_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW a
7 | PROVE P(a) => P(a)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/b_logic/props_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE props_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM FALSE => (TRUE /\ (TRUE \/ FALSE))
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/b_logic/true_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE true_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM TRUE
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/b_logic/universal_bounded_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE universal_bounded_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_),
6 | NEW s
7 | PROVE \A x \in s : P(x) => P(x)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/b_logic/universal_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE universal_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW P(_)
6 | PROVE \A x : P(x) => P(x)
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/c_sets/cap_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE cap_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW b
7 | PROVE \A x : x \in a \cap b <=> x \in a /\ x \in b
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/cup_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE cup_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW b
7 | PROVE \A x : x \in a \cup b <=> x \in a \/ x \in b
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/empty_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE empty_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM \A x : x \notin {}
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/c_sets/pair_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE pair_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW b
7 | PROVE \A x : x \in { a, b } <=> x = a \/ x = b
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/power_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE power_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a
6 | PROVE \A x : x \in SUBSET a <=> \A y : y \in x => y \in a
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/c_sets/setext_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE setext_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | \A x : x \notin a
7 | PROVE a = {}
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/setminus_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE setminus_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW b
7 | PROVE \A x : x \in a \ b <=> x \in a /\ x \notin b
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/setof_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE setof_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW F(_)
7 | PROVE \A x : x \in { F(y) : y \in a } <=> \E y : y \in a /\ x = F(y)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/setst_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE setst_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW P(_)
7 | PROVE \A x : x \in { y \in a : P(y) } <=> x \in a /\ P(x)
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/singleton_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE singleton_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a
6 | PROVE \A x : x \in { a } <=> x = a
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/c_sets/subset_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE subset_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a,
6 | NEW b
7 | PROVE a \subseteq b <=> \A x : x \in a => x \in b
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/c_sets/union_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE union_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW a
6 | PROVE \A x : x \in UNION a <=> \E y : y \in a /\ x \in y
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/arrow_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE arrow_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW C,
8 | NEW F(_)
9 | PROVE [ x \in C |-> F(x) ] \in [ A -> B ] <=>
10 | /\ A = C
11 | /\ \A x \in A : F(x) \in B
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/domain_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE domain_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW F(_)
7 | PROVE DOMAIN [ x \in A |-> F(x) ] = A
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/excapp1_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE excapp1_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW f \in [ A -> B ],
8 | NEW x \in A,
9 | NEW a
10 | PROVE LET g == [ f EXCEPT ![x] = a ] IN
11 | g[x] = a
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/excapp2_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE excapp_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW f \in [ A -> B ],
8 | NEW x \in A,
9 | NEW a,
10 | NEW y \in A,
11 | y # x
12 | PROVE LET g == [ f EXCEPT ![x] = a ] IN
13 | g[y] = f[y]
14 | OBVIOUS
15 |
16 | ====
17 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/excapp3_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE excapp3_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW f \in [ A -> B ],
8 | NEW x \in A,
9 | NEW y \in A,
10 | x # y,
11 | NEW a,
12 | NEW b
13 | PROVE LET g == [ f EXCEPT ![x] = a, ![y] = b ] IN
14 | g[x] = a
15 | OBVIOUS
16 |
17 | ====
18 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/excapp4_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE excapp4_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW C,
8 | NEW f \in [ A -> [ B -> C ] ],
9 | NEW x \in A,
10 | NEW y \in B,
11 | NEW a
12 | PROVE LET g == [ f EXCEPT ![x][y] = a ] IN
13 | g[x][y] = a
14 | OBVIOUS
15 |
16 | ====
17 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/excdom_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE excdom_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW f \in [ A -> B ],
8 | NEW x,
9 | NEW a
10 | PROVE LET g == [ f EXCEPT ![x] = a ] IN
11 | DOMAIN g = DOMAIN f
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/fcnapp_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE fcnapp_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW F(_),
7 | NEW z
8 | PROVE z \in A => [ x \in A |-> F(x) ][z] = F(z)
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/d_funcs/funext_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE funext_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW C,
8 | NEW f \in [ A -> B ],
9 | NEW g \in [ A -> C ],
10 | \A x \in A : f[x] = g[x]
11 | PROVE f = g
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/e_arith/intlit0_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE intlit_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM 0 \in Int
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/e_arith/intlit1_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE intlit_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM 1 \in Int
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/e_arith/intlitminus1_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE intlit_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM -1 \in Int
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/e_arith/nat_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE nat_test ----
2 |
3 | EXTENDS TLAPS, Integers, Naturals
4 |
5 | THEOREM ASSUME NEW n
6 | PROVE n \in Nat <=> n \in Int /\ n >= 0
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/e_arith/range_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE range_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int,
7 | NEW p
8 | PROVE p \in m..n <=> p \in Int /\ m <= p /\ p <= n
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typingexp_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typingexp_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int,
7 | m # 0 \/ n > 0
8 | PROVE (m ^ n) \in Int
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typingminus_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typingminus_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int
7 | PROVE (m - n) \in Int
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typingplus_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typingplus_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int
7 | PROVE (m + n) \in Int
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typingquotient_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typingquotient_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int,
7 | n > 0
8 | PROVE (m \div n) \in Int
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typingremainder_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typingremainder_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int,
7 | n > 0
8 | PROVE (m % n) \in 0..(n-1)
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typingtimes_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typingtimes_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW m \in Int,
6 | NEW n \in Int
7 | PROVE (m * n) \in Int
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/e_arith/typinguminus_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE typinguminus_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW n \in Int
6 | PROVE (-n) \in Int
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/test/unit/f_data/boolcar_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE boolcar_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM \A x : x \in BOOLEAN <=> x = TRUE \/ x = FALSE
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/f_data/booldistinct_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE booldistinct_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM TRUE /= FALSE
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/f_data/boolean_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE boolean_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM TRUE \in BOOLEAN /\ FALSE \in BOOLEAN
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/f_data/string_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE string_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM "foo" \in STRING /\ "bar" \in STRING /\ "baz" \in STRING
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/f_data/stringdistinct_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE stringdistinct_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM "foo" /= "bar"
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/test/unit/g_tuples/productset_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE productset_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW t
8 | PROVE t \in A \X B <=>
9 | \E x, y : /\ x \in A
10 | /\ y \in B
11 | /\ t = << x, y >>
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/g_tuples/tupleapp_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE tupleapp_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW x,
6 | NEW y
7 | PROVE /\ << x, y >>[1] = x
8 | /\ << x, y >>[2] = y
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/g_tuples/tupledom_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE tupledom_test ----
2 |
3 | EXTENDS TLAPS, Integers
4 |
5 | THEOREM ASSUME NEW x,
6 | NEW y
7 | PROVE DOMAIN << x, y >> = 1..2
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/g_tuples/tupleext_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE tupleext_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW x,
6 | NEW y,
7 | NEW u,
8 | NEW v
9 | PROVE << x, y >> = << u, v >>
10 | <=> /\ x = u
11 | /\ y = v
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/h_records/recorddom_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE recorddom_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW x,
6 | NEW y
7 | PROVE DOMAIN [ foo |-> x, bar |-> y ] = { "foo", "bar" }
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/test/unit/h_records/recorddot_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE recorddot_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW x,
6 | NEW y
7 | PROVE /\ [ foo |-> x, bar |-> y ].foo = x
8 | /\ [ foo |-> x, bar |-> y ].bar = y
9 | OBVIOUS
10 |
11 | ====
12 |
--------------------------------------------------------------------------------
/test/unit/h_records/recordext_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE recorddom_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW x,
6 | NEW y,
7 | NEW u,
8 | NEW v
9 | PROVE [ foo |-> x, bar |-> y ] = [ foo |-> u, bar |-> v ]
10 | <=> /\ x = u
11 | /\ y = v
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/test/unit/h_records/rectset_test.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE rectset_test ----
2 |
3 | EXTENDS TLAPS
4 |
5 | THEOREM ASSUME NEW A,
6 | NEW B,
7 | NEW r
8 | PROVE r \in [ foo : A, bar : B ] <=>
9 | \E x, y : /\ x \in A
10 | /\ y \in B
11 | /\ r = [ foo |-> x, bar |-> y ]
12 | OBVIOUS
13 |
14 | ====
15 |
--------------------------------------------------------------------------------
/tlapm.opam.template:
--------------------------------------------------------------------------------
1 | build: [ # This is to override the build step, add the invocation of `Makefile.post-install`.
2 | ["dune" "subst"] {dev}
3 | [
4 | "dune"
5 | "build"
6 | "-p"
7 | name
8 | "-j"
9 | jobs
10 | "--promote-install-files=false"
11 | "@install"
12 | "@runtest" {with-test}
13 | "@doc" {with-doc}
14 | ]
15 | ["dune" "install" "-p" name "--create-install-files" name]
16 | ["%{make}%" "-C" "%{lib}%/tlapm" "-f" "Makefile.post-install"]
17 | ]
18 |
--------------------------------------------------------------------------------
/tools/clean.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | cat >/tmp/lineclean.sh < ;
6 | close $f ;
7 | open ($f, '>', $file) || die "$file: $!" ;
8 | for (my $i = 0 ; $i <= $#lines ; $i ++) {
9 | $oldline = $lines[$i] ;
10 | chop ($oldline) ;
11 | $newline = $oldline ;
12 | $newline =~ s/ +$// ;
13 | if ($newline ne $oldline) {
14 | print "${file}:${i}\n" ;
15 | print "- ${oldline}-\n" ;
16 | print "+ ${newline}+\n" ;
17 | }
18 | print { $f } "$newline\n" ;
19 | }
20 | close $f ;
21 | }
22 |
--------------------------------------------------------------------------------
/translate/README:
--------------------------------------------------------------------------------
1 | The author of the translate utility, Boris Konev, has generously agreed to
2 | let us use this code under the terms of the BSD license.
3 |
--------------------------------------------------------------------------------
/translate/build.sh:
--------------------------------------------------------------------------------
1 | #/bin/bash
2 |
3 | ocamlc -c fotypes.mli
4 | ocamllex folex.mll
5 | ocamlc -c fofunctions.ml
6 | ocamlyacc foyacc.mly
7 | ocamlc -c foyacc.mli
8 | ocamlc -c folex.ml
9 | ocamlc -c foyacc.ml
10 | ocamlc -c main.ml
11 |
12 | ocamlc -o translate fofunctions.cmo folex.cmo foyacc.cmo main.cmo
13 | cp translate fotranslate
14 |
--------------------------------------------------------------------------------
/translate/buildAll.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | ./build.sh
4 | ./buildb.sh
5 | ./clean.sh
6 |
--------------------------------------------------------------------------------
/translate/buildb.sh:
--------------------------------------------------------------------------------
1 | #/bin/bash
2 |
3 | ocamlopt -c fotypes.mli
4 | ocamllex folex.mll
5 | ocamlopt -c fofunctions.ml
6 | ocamlyacc foyacc.mly
7 | ocamlopt -c foyacc.mli
8 | ocamlopt -c folex.ml
9 | ocamlopt -c foyacc.ml
10 | ocamlopt -c main.ml
11 |
12 | ocamlopt -o translate.bin fofunctions.cmx folex.cmx foyacc.cmx main.cmx
13 | strip translate.bin
14 | cp translate.bin fotranslate.bin
15 |
--------------------------------------------------------------------------------
/translate/buildbs.sh:
--------------------------------------------------------------------------------
1 | #/bin/bash
2 |
3 | ocamlopt -c fotypes.mli
4 | ocamllex folex.mll
5 | ocamlopt -c fofunctions.ml
6 | ocamlyacc foyacc.mly
7 | ocamlopt -c foyacc.mli
8 | ocamlopt -c folex.ml
9 | ocamlopt -c foyacc.ml
10 | ocamlopt -c main.ml
11 |
12 | ocamlopt -ccopt -static -o translate.static.bin fofunctions.cmx folex.cmx foyacc.cmx main.cmx
13 | strip translate.static.bin
14 | cp translate.static.bin fotranslate.static.bin
15 |
--------------------------------------------------------------------------------
/translate/clean.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -f fofunctions.o folex.o foyacc.o main.o
4 | rm -f fofunctions.cmi folex.cmi fotypes.cmi foyacc.cmx main.cmx
5 | rm -f fofunctions.cmo folex.cmo foyacc.cmi main.cmi
6 | rm -f fofunctions.cmx folex.cmx foyacc.cmo main.cmo
7 | rm -f folex.ml foyacc.ml foyacc.mli
8 |
--------------------------------------------------------------------------------
/translate/dune:
--------------------------------------------------------------------------------
1 | (env
2 | (_
3 | (flags
4 | (:standard -w +a-4-7-9-21-26-27-29-30-32..42-44-45-48-50-52-60-66..70))))
5 |
6 | (executable
7 | (name main)
8 | (public_name translate)
9 | (libraries cmdliner)
10 | (modules_without_implementation fotypes))
11 |
12 | (install ; It has to be installed under 2 names for some reason.
13 | (section
14 | (site
15 | (tlapm backends)))
16 | (files
17 | (main.exe as bin/ptl_to_trp)))
18 |
19 | (ocamllex folex)
20 |
21 | (ocamlyacc foyacc)
22 |
--------------------------------------------------------------------------------
/zenon/.gitignore:
--------------------------------------------------------------------------------
1 | *.cm[iox]
2 | *.o
3 | *.annot
4 | .*.aux
5 | *.vo
6 | *.glob
7 | .config_var
8 | .depend
9 | zenon.bin
10 | zenon.byt
11 | zenon
12 | *.output
13 | parsecoq.ml
14 | parsecoq.mli
15 | parsetptp.ml
16 | parsetptp.mli
17 | parsezen.ml
18 | parsezen.mli
19 | lexcoq.ml
20 | lextptp.ml
21 | lexzen.ml
22 | checksum.ml
23 | config.ml
24 | .svn
25 |
--------------------------------------------------------------------------------
/zenon/INSTALL:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 |
3 |
4 | Licence: New BSD Licence (see the file LICENSE for details)
5 |
6 |
7 | Prerequisites:
8 | - OCaml 3.08.x or 3.09.x (with ocamlopt)
9 | - Coq 8.0.x
10 | - ImageMagick (optional)
11 | - Ghostscript (optional)
12 |
13 |
14 | Compile and install with:
15 | configure
16 | make
17 | make install
18 |
19 |
20 | For checking the proofs with coqc, add this to your $HOME/.coqrc file:
21 | Add LoadPath "/usr/local/lib/zenon".
22 | If you specified an alternate libdir when configuring zenon, you will
23 | need to adjust this command accordingly.
24 |
25 |
26 | Contact: Damien Doligez
27 |
--------------------------------------------------------------------------------
/zenon/README.md:
--------------------------------------------------------------------------------
1 | This directory contains the sources for Zenon, which are developed at:
2 |
3 | https://github.com/zenon-prover/zenon
4 |
5 | This file (`README.md`) is not part of Zenon's files in the linked repository.
6 | For more information about Zenon, read the file `INSTALL`.
7 |
--------------------------------------------------------------------------------
/zenon/checksum.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 |
3 | val v : string;;
4 |
--------------------------------------------------------------------------------
/zenon/config.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 |
3 | (** configure variables needed at run-time. *)
4 | (** the library dir of zenon. *)
5 | val libdir: string;;
6 |
--------------------------------------------------------------------------------
/zenon/configure-for-focalize:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/zenon/configure-for-focalize
--------------------------------------------------------------------------------
/zenon/doc/.gitignore:
--------------------------------------------------------------------------------
1 | *.aux
2 | *.log
3 | *.toc
4 | reference.pdf
5 | .svn
6 |
--------------------------------------------------------------------------------
/zenon/doc/input-coq.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: input-coq.tex,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \chapter{The Coq-style input format}\label{chap:input-coq}
5 |
--------------------------------------------------------------------------------
/zenon/doc/input-tptp.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: input-tptp.tex,v 1.2 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \chapter{The TPTP input file format}\label{chap:input-tptp}
5 |
--------------------------------------------------------------------------------
/zenon/doc/input-zen.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: input-zen.tex,v 1.2 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \chapter{The native Zenon input file format}\label{chap:input-zen}
5 |
--------------------------------------------------------------------------------
/zenon/doc/install.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: install.tex,v 1.2 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \chapter{How to compile and install Zenon}\label{chap:install}
5 |
--------------------------------------------------------------------------------
/zenon/doc/macros.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: macros.tex,v 1.2 2006-03-01 14:39:03 doligez Exp $
3 |
--------------------------------------------------------------------------------
/zenon/doc/messages.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: messages.tex,v 1.2 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \chapter{Warnings and error messages}\label{chap:messages}
5 |
--------------------------------------------------------------------------------
/zenon/doc/options.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: options.tex,v 1.2 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \chapter{Command-line options}\label{chap:options}
5 |
6 |
--------------------------------------------------------------------------------
/zenon/doc/reference.tex:
--------------------------------------------------------------------------------
1 | % Copyright 2006 INRIA
2 | % $Id: reference.tex,v 1.4 2006-03-01 14:39:03 doligez Exp $
3 |
4 | \documentclass[a4paper]{report}
5 | \usepackage{fullpage}
6 |
7 | \input{macros.tex}
8 |
9 | \title{Zenon reference manual}
10 | \author{Damien Doligez \\ INRIA Rocquencourt}
11 | \date{\today}
12 |
13 | \begin{document}
14 |
15 | \maketitle
16 | \tableofcontents
17 |
18 | \input{intro.tex}
19 | \input{install.tex}
20 | \input{options.tex}
21 | \input{input-zen.tex}
22 | \input{input-tptp.tex}
23 | \input{input-coq.tex}
24 | \input{messages.tex}
25 |
26 | \end{document}
27 |
--------------------------------------------------------------------------------
/zenon/eqrel.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | val analyse : Expr.expr -> unit;;
4 | val subsumed : Expr.expr -> bool;;
5 |
6 | val refl : string -> bool;;
7 | val sym : string -> bool;;
8 | val trans : string -> bool;;
9 | val any : string -> bool;;
10 |
11 | val get_refl_hyp : string -> Expr.expr;;
12 | val get_sym_hyp : string -> Expr.expr;;
13 | val get_trans_hyp : string -> Expr.expr;;
14 |
15 | val get_proof : Expr.expr -> Mlproof.proof * Expr.expr list;;
16 |
17 | val print_rels : out_channel -> unit;;
18 |
--------------------------------------------------------------------------------
/zenon/error.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2005 INRIA *)
2 |
3 | val warnings_flag : bool ref;;
4 | val got_warning : bool ref;;
5 | val err_file : string ref;;
6 |
7 | val set_header : string -> unit;;
8 | val warn : string -> unit;;
9 | val err : string -> unit;;
10 | val errpos : Lexing.position -> string -> unit;;
11 |
12 | exception Lex_error of string;;
13 | exception Abort;;
14 |
--------------------------------------------------------------------------------
/zenon/ext_equiv.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | (* This file left blank intentionally. *)
4 |
--------------------------------------------------------------------------------
/zenon/ext_focal.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2008 INRIA *)
2 |
3 | (* This file left blank intentionally. *)
4 |
--------------------------------------------------------------------------------
/zenon/ext_induct.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 |
3 | val is_constr : string -> bool;;
4 |
5 |
--------------------------------------------------------------------------------
/zenon/ext_recfun.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2009 INRIA *)
2 |
3 | (* This file left blank intentionally. *)
4 |
--------------------------------------------------------------------------------
/zenon/ext_tla.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2008 INRIA *)
2 |
3 | (* This file left blank intentionally. *)
4 |
--------------------------------------------------------------------------------
/zenon/globals.ml:
--------------------------------------------------------------------------------
1 | (* Copyright 1997 INRIA *)
2 |
3 | let debug_flag = ref false;;
4 |
5 | let stats_flag = ref false;;
6 | let quiet_flag = ref false;;
7 | let size_limit = ref 1000_000_000.;;
8 | let step_limit = ref 10_000.;;
9 | let time_limit = ref 300.;;
10 | let short_flag = ref false;;
11 | let ctx_flag = ref false;;
12 | let random_flag = ref false;;
13 | let random_seed = ref 0;;
14 | let load_path = ref Config.libdir;;
15 | let namespace_flag = ref false;;
16 | let use_all_flag = ref false;;
17 |
18 | let inferences = ref 0;;
19 | let proof_nodes = ref 0;;
20 | let top_num_forms = ref 0;;
21 | let stored_lemmas = ref 0;;
22 | let num_expr = ref 0;;
23 |
--------------------------------------------------------------------------------
/zenon/globals.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 1997 INRIA *)
2 |
3 | val debug_flag : bool ref;;
4 |
5 | val stats_flag : bool ref;;
6 | val quiet_flag : bool ref;;
7 | val size_limit : float ref;;
8 | val step_limit : float ref;;
9 | val time_limit : float ref;;
10 | val short_flag : bool ref;;
11 | val ctx_flag : bool ref;;
12 | val random_flag : bool ref;;
13 | val random_seed : int ref;;
14 | val load_path : string ref;;
15 | val namespace_flag : bool ref;;
16 | val use_all_flag : bool ref;;
17 |
18 | val inferences : int ref;;
19 | val proof_nodes : int ref;;
20 | val top_num_forms : int ref;;
21 | val stored_lemmas : int ref;;
22 | val num_expr : int ref;;
23 |
--------------------------------------------------------------------------------
/zenon/heap.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2001 INRIA *)
2 |
3 | type 'a t;;
4 |
5 | val empty : ('a -> 'a -> int) -> 'a t;;
6 | val insert : 'a t -> 'a -> 'a t;;
7 | val remove : 'a t -> ('a * 'a t) option;;
8 | val head : 'a t -> 'a option;;
9 | val length : 'a t -> int;;
10 | val is_empty : 'a t -> bool;;
11 | val iter : ('a -> unit) -> 'a t -> unit;;
12 |
--------------------------------------------------------------------------------
/zenon/isar_case.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2009 INRIA *)
2 |
3 | (* Utility for printing and proving the lemmas for the CASE rule
4 | for the Isar format output.
5 | Also for the recordset intro rule.
6 | *)
7 |
8 | val print_case : string -> int -> bool -> out_channel -> unit;;
9 |
10 | val print_record : string -> int -> out_channel -> unit;;
11 |
--------------------------------------------------------------------------------
/zenon/lexcoq.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2005 INRIA *)
2 |
3 | val token : Lexing.lexbuf -> Parsecoq.token;;
4 |
--------------------------------------------------------------------------------
/zenon/lextptp.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2005 INRIA *)
2 |
3 | val token : Lexing.lexbuf -> Parsetptp.token;;
4 |
--------------------------------------------------------------------------------
/zenon/lexzen.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2005 INRIA *)
2 |
3 | val token : Lexing.lexbuf -> Parsezen.token;;
4 |
--------------------------------------------------------------------------------
/zenon/lltocoq.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | val output :
4 | out_channel ->
5 | Phrase.phrase list ->
6 | Phrase.phrase list ->
7 | Llproof.proof ->
8 | string list
9 | ;;
10 |
11 | val p_expr : out_channel -> Expr.expr -> unit;;
12 |
--------------------------------------------------------------------------------
/zenon/lltoisar.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2008 INRIA *)
2 |
3 | val output :
4 | out_channel ->
5 | Phrase.phrase list ->
6 | Phrase.phrase list ->
7 | Llproof.proof ->
8 | string list
9 | ;;
10 |
--------------------------------------------------------------------------------
/zenon/main.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2000 INRIA *)
2 |
3 | val argspec : (Arg.key * Arg.spec * Arg.doc) list;;
4 | val parse_command_line : (Arg.key * Arg.spec * Arg.doc) list -> unit;;
5 | val do_main : unit -> unit;;
6 |
--------------------------------------------------------------------------------
/zenon/mltoll.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | val translate : string -> Phrase.phrase list -> Mlproof.proof -> Llproof.proof;;
4 |
5 | val is_meta : string -> bool;;
6 | val get_meta_type : string -> string;;
7 |
--------------------------------------------------------------------------------
/zenon/namespace.ml:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 |
3 | let prefix = "zenon_";;
4 |
5 | let anon_prefix = prefix ^ "A";;
6 | let builtin_prefix = prefix ^ "B";;
7 | let dummy_prefix = prefix ^ "D";;
8 | let hyp_prefix = prefix ^ "H";;
9 | let lemma_prefix = prefix ^ "L";;
10 | let tau_prefix = prefix ^ "T";;
11 | let var_prefix = prefix ^ "V";;
12 | let meta_prefix = prefix ^ "X";;
13 |
14 | let goal_name = prefix ^ "G";;
15 | let any_name = prefix ^ "E";;
16 | let univ_name = prefix ^ "U";;
17 |
18 | let thm_default_name = prefix ^ "thm";;
19 |
20 | let tuple_name = builtin_prefix ^ "tuple";;
21 |
--------------------------------------------------------------------------------
/zenon/print.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | type output = Buff of Buffer.t | Chan of out_channel;;
4 |
5 | val expr : output -> Expr.expr -> unit;;
6 | val expr_soft : output -> Expr.expr -> unit;;
7 |
8 | val phrase : output -> Phrase.phrase -> unit;;
9 |
10 | val hlproof : output -> int -> Mlproof.proof -> unit;;
11 |
12 | val mlproof : output -> Mlproof.proof -> unit;;
13 | val mlproof_rule : output -> Mlproof.rule -> unit;;
14 | val mlproof_rule_soft : output -> Mlproof.rule -> unit;;
15 |
16 | val llproof : output -> Llproof.proof -> unit;;
17 |
--------------------------------------------------------------------------------
/zenon/progress.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2005 INRIA *)
2 |
3 | type progress = No | Bar | Msg;;
4 | val level : progress ref;;
5 | val do_progress : (unit -> unit) -> char -> unit;;
6 | val end_progress : string -> unit;;
7 |
--------------------------------------------------------------------------------
/zenon/regression/.svnignore:
--------------------------------------------------------------------------------
1 | ## after changing this file, do ". .svnignore"
2 | svn propset svn:ignore -F .svnignore . < x <= y
19 | /\ x < y <=> x < y
20 | /\ x >= y <=> x >= y
21 | /\ x > y <=> x > y
22 | \* /\ x .. y = x .. y
23 | OBVIOUS
24 |
25 | ====
26 |
--------------------------------------------------------------------------------
/zenon/regression/backend/testball.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE testball ----
2 |
3 | THEOREM foo ==
4 | ASSUME NEW S
5 | PROVE \A x \in S : x \in S
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/zenon/regression/backend/testbchoose.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE testbchoose ----
2 |
3 | THEOREM foo ==
4 | ASSUME NEW S, NEW v, NEW P(_),
5 | v \in S,
6 | P (v)
7 | PROVE P (CHOOSE x \in S : P (x))
8 | OBVIOUS
9 |
10 | ====
11 |
--------------------------------------------------------------------------------
/zenon/regression/backend/testbex.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE testbex ----
2 |
3 | THEOREM foo ==
4 | ASSUME NEW S, NEW v,
5 | v \in S
6 | PROVE \E x \in S : x = x
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/zenon/regression/backend/testbool.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE testbool ----
2 |
3 | THEOREM foo ==
4 | ASSUME NEW x \in BOOLEAN
5 | PROVE x = TRUE \/ x = FALSE
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/zenon/regression/backend/testnat.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE testnat ----
2 |
3 | EXTENDS Naturals
4 |
5 | THEOREM test == 0 \in Nat
6 | OBVIOUS
7 |
8 | ====
9 |
--------------------------------------------------------------------------------
/zenon/regression/backend/testsubset.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE testsubset ----
2 |
3 | THEOREM test ==
4 | ASSUME NEW A, NEW B,
5 | A \subseteq B
6 | PROVE \A x : x \in A => x \in B
7 | OBVIOUS
8 |
9 | ====
10 |
--------------------------------------------------------------------------------
/zenon/regression/examples/cantor/Cantor1.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor1 ------------------
4 | THEOREM cantor ==
5 | \A S :
6 | \A f \in [S -> SUBSET S] :
7 | \E A \in SUBSET S :
8 | \A x \in S :
9 | f [x] # A
10 | PROOF
11 | <1>. USE DEF cantor
12 | <1>2. TAKE S
13 | <1>3. TAKE f \in [S -> SUBSET S]
14 | <1>4. DEFINE T == { z \in S : z \notin f[z] }
15 | <1>5. WITNESS T \in SUBSET S
16 | <1>6. TAKE x \in S
17 | <1>7. QED BY x \in T \/ x \notin T
18 | ===============================================
19 |
--------------------------------------------------------------------------------
/zenon/regression/examples/cantor/Cantor5.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor5 ------------------
4 | THEOREM cantor ==
5 | \A S, f :
6 | \E A \in SUBSET S :
7 | \A x \in S :
8 | f [x] # A
9 | PROOF
10 | <1>1. ASSUME
11 | NEW S,
12 | NEW f
13 | PROVE \E A \in SUBSET S : \A x \in S : f[x] # A
14 | PROOF
15 | <2> WITNESS { z \in S : z \notin f[z] } \in SUBSET S
16 | <2> QED OBVIOUS
17 | <1> QED BY <1>1 DEF cantor
18 | ===============================================
19 |
--------------------------------------------------------------------------------
/zenon/regression/examples/cantor/Cantor6.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor6 ------------------
4 | THEOREM cantor ==
5 | \A S, f :
6 | \E A \in SUBSET S :
7 | \A x \in S :
8 | f [x] # A
9 | PROOF
10 | <1> USE DEF cantor
11 | <1> TAKE S
12 | <1> TAKE f
13 | <1> WITNESS { z \in S : z \notin f[z] } \in SUBSET S
14 | <1> QED OBVIOUS
15 | ===============================================
16 |
--------------------------------------------------------------------------------
/zenon/regression/examples/cantor/Cantor7.tla:
--------------------------------------------------------------------------------
1 | (* Contributed by Damien Doligez *)
2 |
3 | -------------- MODULE Cantor7 ------------------
4 | THEOREM cantor ==
5 | \A S, f :
6 | \E A \in SUBSET S :
7 | \A x \in S :
8 | f [x] # A
9 | PROOF
10 | <1> SUFFICES ASSUME
11 | NEW S,
12 | NEW f
13 | PROVE \E A \in SUBSET S : \A x \in S : f[x] # A
14 | BY DEF cantor
15 | <1> WITNESS { z \in S : z \notin f[z] } \in SUBSET S
16 | <1> QED OBVIOUS
17 | ===============================================
18 |
--------------------------------------------------------------------------------
/zenon/regression/features/.svnignore:
--------------------------------------------------------------------------------
1 | ## after changing this file, do ". .svnignore"
2 | svn propset svn:ignore -F .svnignore . < TRUE
4 | OBVIOUS
5 |
6 | CONSTANT x, A, B, C
7 |
8 | THEOREM
9 | ASSUME x = 1,
10 | 1 # 2,
11 | A
12 | PROVE CASE x = 1 -> A
13 | [] x = 2 -> B
14 | OBVIOUS
15 |
16 | THEOREM
17 | ASSUME x = 1,
18 | 1 # 2,
19 | A
20 | PROVE CASE x = 1 -> A
21 | [] x = 2 -> B
22 | [] OTHER -> C
23 | OBVIOUS
24 |
25 | ====
26 |
--------------------------------------------------------------------------------
/zenon/regression/features/test_choose_in.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE test_choose_in ----
2 |
3 | THEOREM CHOOSE x \in BOOLEAN : x = TRUE
4 | OBVIOUS
5 |
6 | ====
7 |
--------------------------------------------------------------------------------
/zenon/regression/misc/.svnignore:
--------------------------------------------------------------------------------
1 | ## after changing this file, do ". .svnignore"
2 | svn propset svn:ignore -F .svnignore . < ~ ~ A
6 | PROOF
7 | <1>. HAVE A
8 | <1>. ASSUME ~ A
9 | PROVE FALSE
10 | <2>. A /\ ~ A OBVIOUS
11 | <2>. QED OBVIOUS
12 | <1>. QED OBVIOUS
13 |
14 |
15 | ====================
16 |
--------------------------------------------------------------------------------
/zenon/regression/misc/Forall.tla:
--------------------------------------------------------------------------------
1 | ---- MODULE Forall ----
2 |
3 | CONSTANTS i, j, P(_), Q(_)
4 |
5 | THEOREM
6 | ASSUME
7 | i = j,
8 | \A i : P(i) => Q(j)
9 | PROVE
10 | P(i) => Q(i)
11 | OBVIOUS
12 |
13 |
14 | ====================
15 |
--------------------------------------------------------------------------------
/zenon/regression/misc/test1.tla:
--------------------------------------------------------------------------------
1 | ---------------------------- MODULE test1 ----------------------------
2 | CONSTANT Set
3 |
4 | P(x) == x
5 | Q(x) == {}
6 | A == {x \in Set : P(x)}
7 | B == {x \in Set : Q(x)}
8 |
9 | THEOREM A \cup B = {x \in Set : P(x) \/ Q(x)}
10 | PROOF <1>1. {x \in Set : P(x)} \cup {x \in Set : Q(x)}
11 | = {x \in Set : P(x) \/ Q(x)}
12 | PROOF OBVIOUS
13 | <1>2. QED
14 | PROOF BY <1>1 DEF A, B
15 | ======================================================================
16 |
--------------------------------------------------------------------------------
/zenon/regression/misc/test2.tla:
--------------------------------------------------------------------------------
1 | ---------------------------- MODULE test2 ----------------------------
2 | CONSTANT Set, A, B
3 |
4 | P(x) == x
5 | Q(x) == {}
6 | THEOREM THM1 == A = {x \in Set : P(x)}
7 | THEOREM THM2 == B = {x \in Set : Q(x)}
8 |
9 | THEOREM A \subseteq B <=> \A x \in Set : P(x) => Q(x)
10 | PROOF <1>1. {x \in Set : P(x)} \subseteq {x \in Set : Q(x)}
11 | <=> \A x \in Set : P(x) => Q(x)
12 | \* ETLA produces a parsing error ^ here
13 | PROOF OBVIOUS
14 | <1>2. QED
15 | PROOF BY <1>1, THM1, THM2 DEF THM1, THM2 \* DEF A, B
16 | ======================================================================
17 |
--------------------------------------------------------------------------------
/zenon/regression/misc/test3.tla:
--------------------------------------------------------------------------------
1 | ------------------- MODULE test3 --------------
2 |
3 | CONSTANT flag
4 |
5 | (***
6 | THEOREM (flag \in [{0,1} -> BOOLEAN]) =>
7 | \A i \in {0,1} : flag[i] \in BOOLEAN
8 | ****)
9 | THEOREM (flag \in [{0,1} -> BOOLEAN]) =>
10 | flag[0] \in BOOLEAN
11 | PROOF <1>1. 0 \in {0,1}
12 | PROOF OBVIOUS
13 | <1> QED
14 | PROOF BY <1>1
15 | =============================================================================
16 |
--------------------------------------------------------------------------------
/zenon/regression/misc/test4.tla:
--------------------------------------------------------------------------------
1 | ------------------ MODULE test4 -----------------
2 |
3 | CONSTANT flag
4 |
5 | ASSUME thm == flag = 1
6 |
7 | THEOREM \A a : a = 1 => a = flag
8 | BY thm
9 |
10 |
11 |
12 | ================================================
13 |
--------------------------------------------------------------------------------
/zenon/regression/peterson/.svnignore:
--------------------------------------------------------------------------------
1 | ## after changing this file, do ". .svnignore"
2 | svn propset svn:ignore -F .svnignore . < (Expr.expr * Expr.goalness) list -> unit;;
4 | val rule : string -> Mlproof.rule -> unit;;
5 |
--------------------------------------------------------------------------------
/zenon/test/.gitignore:
--------------------------------------------------------------------------------
1 | .svn
2 |
--------------------------------------------------------------------------------
/zenon/test/coq_builtins.v:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tlaplus/tlapm/e9b8bb51818f0b454384e8d94fe614899a0aaa78/zenon/test/coq_builtins.v
--------------------------------------------------------------------------------
/zenon/test/test00.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test00.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h" (A. ((x) (P x)))
5 |
6 | $goal (E. ((x) (P x)))
7 |
--------------------------------------------------------------------------------
/zenon/test/test01.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test01.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $sig P ("nat") "Prop"
5 | $sig Q ("nat") "Prop"
6 |
7 | $hyp "h1" (A. ((x "nat") (P x)))
8 | $hyp "h2" (A. ((x "nat") (Q x)))
9 | $goal (-. (\/ (A. ((x "nat") (-. (Q x)))) (A. ((x "nat") (-. (P x))))))
10 |
--------------------------------------------------------------------------------
/zenon/test/test02.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test02.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | $goal
5 | (<=> A
6 | (<=> B
7 | (<=> C
8 | (<=> D
9 | (<=> E
10 | (<=> A
11 | (<=> B
12 | (<=> C
13 | (<=> D
14 | E)))))))))
15 |
--------------------------------------------------------------------------------
/zenon/test/test03.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test03.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | $goal
5 | (<=> p_1
6 | (<=> p_2
7 | (<=> p_3
8 | (<=> p_4
9 | (<=> p_5
10 | (<=> p_6
11 | (<=> p_7
12 | (<=> p_8
13 | (<=> p_9
14 | (<=> p_10
15 | (<=> p_11
16 | (<=> p_12
17 | (<=> p_13
18 | (<=> p_14
19 | (<=> p_1
20 | (<=> p_2
21 | (<=> p_3
22 | (<=> p_4
23 | (<=> p_5
24 | (<=> p_6
25 | (<=> p_7
26 | (<=> p_8
27 | (<=> p_9
28 | (<=> p_10
29 | (<=> p_11
30 | (<=> p_12
31 | (<=> p_13
32 | p_14
33 | )))))))))))))))))))))))))))
34 |
--------------------------------------------------------------------------------
/zenon/test/test04.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test04.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | # TPTP syn036+1
5 |
6 | $goal
7 | (<=> (<=> (E. ((X) (A. ((Y) (<=> (big_p X) (big_p Y))))))
8 | (<=> (E. ((U) (big_q U))) (A. ((W) (big_q W)))))
9 | (<=> (E. ((X1) (A. ((Y1) (<=> (big_q X1) (big_q Y1))))))
10 | (<=> (E. ((U1) (big_p U1))) (A. ((W1) (big_p W1))))))
11 |
--------------------------------------------------------------------------------
/zenon/test/test05.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test05.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | # TPTP syn051+1
5 |
6 | $sig F ("nat") "Prop"
7 |
8 | $hyp "h1" (E. ((X "nat") (=> p (F X))))
9 | $hyp "h2" (E. ((X "nat") (=> (F X) p)))
10 |
11 | $goal (E. ((X "nat") (<=> p (F X))))
12 |
--------------------------------------------------------------------------------
/zenon/test/test06.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test06.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | # TPTP syn054+1
5 |
6 | $hyp "h1" (-. (E. ((X) (/\ (S X) (Q X)))))
7 | $hyp "h2" (A. ((X) (=> (P X) (\/ (Q X) (R X)))))
8 | $hyp "h3" (=> (-. (E. ((X) (P X)))) (E. ((Y) (Q Y))))
9 | $hyp "h4" (A. ((X) (=> (\/ (Q X) (R X)) (S X))))
10 |
11 | $goal (E. ((X) (/\ (P X) (R X))))
12 |
--------------------------------------------------------------------------------
/zenon/test/test07.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test07.znn,v 1.4 2006-03-01 14:39:03 doligez Exp $
3 |
4 | # TPTP syn064+1
5 |
6 | $sig P ("nat" "nat") "Prop"
7 |
8 | $goal
9 | (E. ((X "nat") (E. ((Y "nat")
10 | (=> (P X Y) (A. ((Z "nat") (A. ((W "nat") (P Z W))))))))))
11 |
--------------------------------------------------------------------------------
/zenon/test/test09.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test09.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | $goal
5 | (=> (P a)
6 | (E. ((x) (P x))))
7 |
--------------------------------------------------------------------------------
/zenon/test/test10.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test10.znn,v 1.7 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h" (A. ((x) (\/ (R x) (R (f x)))))
5 | $goal (E. ((x) (/\ (R x) (R (f (f x))))))
6 |
--------------------------------------------------------------------------------
/zenon/test/test11.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test11.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h1" (-. (E. ((x) (/\ (S x) (Q x)))))
5 | $hyp "h2" (A. ((x) (\/ (-. (P x)) (\/ (Q x) (R x)))))
6 | $hyp "h3" (\/ (E. ((x) (P x))) (E. ((x) (Q x))))
7 | $hyp "h4" (A. ((x) (\/ (-. (\/ (Q x) (R x))) (S x))))
8 | $goal (E. ((x) (/\ (P x) (R x))))
9 |
--------------------------------------------------------------------------------
/zenon/test/test12.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test12.znn,v 1.7 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h1" (\/ A B)
5 | $hyp "h2" (=> B C)
6 | $hyp "h3" (=> A C)
7 | $hyp "h4" (=> C D)
8 | $hyp "h5" (-. D)
9 |
10 | $goal F.
11 |
--------------------------------------------------------------------------------
/zenon/test/test13.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test13.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | # File : SYN548+1
5 | # Status : theorem
6 | # Rating : 0.67
7 | $hyp "reflexivity_of_reachable" (A. ((X) (reachable X X)))
8 | $hyp "transitivity_of_reachable" (A. ((X) (A. ((Y) (A. ((Z) (=> (/\ (reachable X Y) (reachable Y Z)) (reachable X Z))))))))
9 | # [negated] conjecture : prove_this
10 | $goal (E. ((X) (/\ (reachable (initial_world) X) (A. ((Y) (=> (reachable X Y) (<=> (A. ((Z) (=> (reachable Y Z) (\/ (p Z) (A. ((V) (=> (reachable Z V) (q V)))))))) (\/ (A. ((W) (=> (reachable Y W) (p W)))) (A. ((W) (=> (reachable Y W) (q W))))))))))))
11 |
--------------------------------------------------------------------------------
/zenon/test/test14.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test14.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | # File : SYN549+1
5 | # Status : theorem
6 | # Rating : 0.00
7 | $hyp "reflexivity_of_reachable" (A. ((X) (reachable X X)))
8 | $hyp "transitivity_of_reachable" (A. ((X) (A. ((Y) (A. ((Z) (=> (/\ (reachable X Y) (reachable Y Z)) (reachable X Z))))))))
9 | # [negated] conjecture : prove_this
10 | $goal (E. ((X) (/\ (reachable (initial_world) X) (A. ((Y) (=> (reachable X Y) (<=> (E. ((Z) (/\ (reachable Y Z) (\/ (p Z) (E. ((V) (/\ (reachable Z V) (q V)))))))) (\/ (E. ((W) (/\ (reachable Y W) (p W)))) (E. ((W) (/\ (reachable Y W) (q W))))))))))))
11 |
--------------------------------------------------------------------------------
/zenon/test/test15.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test15.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | # File : SYN550+1
5 | # Status : theorem
6 | # Rating : 0.33
7 | $hyp "reflexivity_of_reachable" (A. ((X) (reachable X X)))
8 | $hyp "transitivity_of_reachable" (A. ((X) (A. ((Y) (A. ((Z) (=> (/\ (reachable X Y) (reachable Y Z)) (reachable X Z))))))))
9 | # [negated] conjecture : prove_this
10 | $goal (<=> (E. ((X) (/\ (reachable (initial_world) X) (A. ((Y) (=> (reachable X Y) (p Y))))))) (E. ((X) (/\ (reachable (initial_world) X) (A. ((Y) (=> (reachable X Y) (E. ((Z) (/\ (reachable Y Z) (A. ((W) (=> (reachable Z W) (p W))))))))))))))
11 |
--------------------------------------------------------------------------------
/zenon/test/test17.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test17.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | # File : SYN723+1
5 | # Status : theorem
6 | # Rating : 0.67
7 | # [negated] conjecture : thm138
8 | $goal (<=> (E. ((X) (A. ((Y) (<=> (p X) (p Y)))))) (<=> (<=> (E. ((X) (q X))) (A. ((Y) (r Y)))) (<=> (<=> (E. ((X) (A. ((Y) (<=> (q X) (q Y)))))) (<=> (E. ((X) (r X))) (A. ((Y) (s Y))))) (<=> (E. ((X) (A. ((Y) (<=> (r X) (r Y)))))) (<=> (<=> (E. ((X) (s X))) (A. ((Y) (p Y)))) (<=> (E. ((X) (A. ((Y) (<=> (s X) (s Y)))))) (<=> (E. ((X) (p X))) (A. ((Y) (q Y))))))))))
9 |
--------------------------------------------------------------------------------
/zenon/test/test18.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test18.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | # buveurs
5 |
6 | $goal (E. ((x) (=> (P x) (A. ((y) (P y))))))
7 |
--------------------------------------------------------------------------------
/zenon/test/test19.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test19.znn,v 1.3 2006-03-01 14:39:03 doligez Exp $
3 |
4 | # trivial (Pierre Weis)
5 | $goal (=> (/\ (/\ (=> A B) (=> B C)) (=> C A))
6 | (/\ (/\ (<=> A B) (<=> B C)) (<=> A C)))
7 |
--------------------------------------------------------------------------------
/zenon/test/test21.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test21.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h1" (A. ((x) (= (p _0 x) x)))
5 | $hyp "h2" (A. ((x) (A. ((y) (= (p x y) (p y x))))))
6 |
7 | $goal (= (p (p _0 _1) _0) _1)
8 |
--------------------------------------------------------------------------------
/zenon/test/test22.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test22.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h1" (A. ((x) (= (p x _0) x)))
5 | $hyp "h2" (A. ((x) (A. ((y) (= (p x y) (p y x))))))
6 |
7 | $goal (= (p (p _0 _1) _0) _1)
8 |
--------------------------------------------------------------------------------
/zenon/test/test23.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test23.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $hyp "h1" (=> (<=> A B) (<=> B C))
5 | $hyp "h2" (=> (<=> B C) (<=> C A))
6 | $hyp "h3" (=> (<=> C A) (<=> A B))
7 |
8 | $goal (=> A B)
9 |
--------------------------------------------------------------------------------
/zenon/test/test24.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test24.znn,v 1.5 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $def "def_x" (x) _1
5 |
6 | $goal (= x _1)
7 |
--------------------------------------------------------------------------------
/zenon/test/test25.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test25.znn,v 1.4 2006-03-01 14:39:03 doligez Exp $
3 |
4 | $sig abst_T () "Type"
5 | $sig abst_p ("abst_T") "bool"
6 |
7 | $goal (A. ((x "abst_T") (=> (Is_true (abst_p x)) (Is_true (abst_p x)))))
8 |
--------------------------------------------------------------------------------
/zenon/test/test26.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test26.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $sig abst_T () "Type"
5 | $sig abst_equal ("abst_T" "abst_T") "bool"
6 |
7 | $def "d1" (abst_different x y) (coq_builtins.bi__not_b (abst_equal x y))
8 |
9 | $goal (A. ((x "abst_T") (A. ((y "abst_T")
10 | (=> (Is_true (abst_equal x y)) (-. (Is_true (abst_different x y))))))))
11 |
--------------------------------------------------------------------------------
/zenon/test/test27.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test27.znn,v 1.6 2011-12-28 16:43:33 doligez Exp $
3 |
4 | $sig abst_T () "Type"
5 | $sig not_b ("bool") "bool"
6 | $sig abst_equal ("abst_T" "abst_T") "bool"
7 |
8 | $hyp "h" (A. ((x "bool") (<=> (Is_true (not_b x)) (-. (Is_true x)))))
9 |
10 | $def "d" (abst_different x y) (not_b (abst_equal x y))
11 |
12 | $goal (A. ((x "abst_T") (A. ((y "abst_T")
13 | (=> (Is_true (abst_equal x y)) (-. (Is_true (abst_different x y))))))))
14 |
--------------------------------------------------------------------------------
/zenon/test/test50.coz:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 | (* $Id: test50.coz,v 1.7 2006-07-20 13:19:21 doligez Exp $ *)
3 |
4 | (*
5 | ; test du parseur de syntaxe Coq
6 | *)
7 |
8 | Parameter A : Prop.
9 | Parameter B : Prop.
10 |
11 | Theorem thm : forall (x: nat), A -> forall (y: nat), B -> A.
12 |
--------------------------------------------------------------------------------
/zenon/test/test71.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test71.znn,v 1.7 2008-08-14 14:02:09 doligez Exp $
3 |
4 | $sig p ("zenon_U") "Prop"
5 | $sig f ("zenon_U") "zenon_U"
6 | $goal
7 | (E. ((x) (-. (/\ (\/ (p x) (p (f (f (f (f (f (f (f (f x))))))))))
8 | (\/ (-. (p x)) (-. (p (f (f (f (f (f (f (f x))))))))))))))
9 |
--------------------------------------------------------------------------------
/zenon/test/test72.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test72.znn,v 1.6 2011-12-28 16:43:34 doligez Exp $
3 |
4 | ;$hyp (A. ((X) (= X X)))
5 | ;$hyp (A. ((X Y) (=> (= X Y) (= Y X))))
6 | ;$hyp (A. ((X Y Z) (=> (/\ (= X Y) (= Y Z)) (= X Z))))
7 |
8 | ;$hyp (A. ((A B C) (=> (/\ (= A B) (big_f A C)) (big_f B C))))
9 | ;$hyp (A. ((A B C) (=> (/\ (= A B) (big_f C A)) (big_f C B))))
10 |
11 | ;; zenon can't prove it any more :-(
12 | $hyp "h00" F.
13 |
14 | $hyp "h" (E. ((Z W) (A. ((X Y)
15 | (<=> (big_f X Y)
16 | (/\ (= X Z)
17 | (= Y W)))))))
18 | $goal
19 | (E. ((W) (A. ((Y)
20 | (<=> (E. ((Z) (A. ((X) (<=> (big_f X Y) (= X Z))))))
21 | (= Y W))))))
22 |
--------------------------------------------------------------------------------
/zenon/test/test73.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test73.znn,v 1.5 2011-12-28 16:43:34 doligez Exp $
3 |
4 | ;$hyp (A. ((y) (<=> (= y (f (g y))) (= x0 y))))
5 | ;$goal (E. ((x1) (A. ((y1) (=> (= y1 (g (f y1))) (= x1 y1))))))
6 |
7 | ;$hyp (= x (f y))
8 | ;$hyp (-. (= z (g (f y))))
9 | ;$hyp (= z (g x))
10 |
11 | $hyp "h" (E. ((x) (A. ((y) (<=> (= y (f (g y))) (= x y))))))
12 | ;$goal (E. ((x) (A. ((y) (=> (= y (g (f y))) (= x y))))))
13 | $goal (E. ((x) (A. ((y) (<=> (= x y) (= y (g (f y))))))))
14 |
--------------------------------------------------------------------------------
/zenon/test/test74.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test74.znn,v 1.6 2011-12-28 16:43:34 doligez Exp $
3 |
4 | ;; zenon fails on this one
5 | $hyp "h00" F.
6 |
7 | $hyp "h" (E. ((Z W) (A. ((X Y) (<=> (big_f X Y) (/\ (= X Z) (= Y W)))))))
8 |
9 | $goal
10 | (E. ((W) (A. ((Y) (<=> (E. ((Z) (A. ((X) (<=> (big_f X Y) (= X Z))))))
11 | (= Y W))))))
12 |
--------------------------------------------------------------------------------
/zenon/test/test75.znn:
--------------------------------------------------------------------------------
1 | ; Copyright 2006 INRIA
2 | ; $Id: test75.znn,v 1.7 2011-12-28 16:43:34 doligez Exp $
3 |
4 | $hyp "h1" (A. ((X) (A. ((Y) (A. ((Z) (=> (/\ (r X Y) (r Y Z)) (r X Z))))))))
5 | $hyp "h2" (A. ((X Y) (=> (r X Y) (r Y X))))
6 | $hyp "h3" (A. ((x) (r b x)))
7 | $hyp "h4" (=> T. (= a b))
8 | $goal (r c a)
9 |
--------------------------------------------------------------------------------
/zenon/test/test76.coz:
--------------------------------------------------------------------------------
1 | (* Copyright 2006 INRIA *)
2 | (* $Id: test76.coz,v 1.5 2008-08-14 14:02:09 doligez Exp $ *)
3 |
4 | (* Testing inductive types. *)
5 | (* Need "-x inductive" for this one *)
6 |
7 | Inductive foo : Set :=
8 | | A : foo -> foo
9 | | B : foo
10 | .
11 |
12 | Parameter x : foo.
13 |
14 | Theorem t : B = match x with | A x => B | B => B end.
15 |
--------------------------------------------------------------------------------
/zenon/tptp.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | open Phrase;;
4 |
5 | val translate : string list -> tpphrase list -> phrase list * string;;
6 |
--------------------------------------------------------------------------------
/zenon/version.ml:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 | open Printf;;
3 |
4 | let print_cvs ch =
5 | fprintf ch "CVS hash list not available\n"
6 | ;;
7 |
--------------------------------------------------------------------------------
/zenon/version.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2004 INRIA *)
2 |
3 | (* obsolete: file-by-file CVS version strings *)
4 |
5 | val print_cvs : out_channel -> unit;;
6 |
--------------------------------------------------------------------------------
/zenon/versionnum.ml:
--------------------------------------------------------------------------------
1 | (* Copyright 2008 INRIA *)
2 |
3 | open Printf;;
4 |
5 | let number = 268;; (* strictly increasing *)
6 | let date = "2017-11-14";;
7 |
8 | let major = 0;;
9 | let minor = 8;;
10 | let bugfix = 4;;
11 |
12 | let short = sprintf "%d.%d.%d" major minor bugfix;;
13 | let full = sprintf "%d.%d.%d [a%d] %s" major minor bugfix number date;;
14 |
--------------------------------------------------------------------------------
/zenon/versionnum.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2008 INRIA *)
2 |
3 | (* whole-program release and version numbers *)
4 |
5 | val number : int;;
6 | val date : string;;
7 |
8 | val major : int;;
9 | val minor : int;;
10 | val bugfix : int;;
11 |
12 | val short : string;;
13 | val full : string;;
14 |
--------------------------------------------------------------------------------
/zenon/watch.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2005 INRIA *)
2 |
3 | val warn :
4 | (Phrase.phrase * bool) list -> Llproof.proof Lazy.t -> string list -> unit
5 | ;;
6 | val warn_unused_var : (Phrase.phrase * bool) list -> unit;;
7 |
--------------------------------------------------------------------------------
/zenon/zenon.ml:
--------------------------------------------------------------------------------
1 | (* Copyright 2013 Inria *)
2 |
3 | Extension.activate "recfun";;
4 | Main.parse_command_line Main.argspec;;
5 | Main.do_main ();;
6 |
--------------------------------------------------------------------------------
/zenon/zenon.mli:
--------------------------------------------------------------------------------
1 | (* Copyright 2013 Inria *)
2 |
3 | (* This file left blank intentionally. *)
4 |
--------------------------------------------------------------------------------