Integer Module Interface Specification

(0) CHARACTERISTICS

-type specified: int

-features: deterministic, non-parameterized

-foreign types:

(1) SYNTAX

ACCESS-PROGRAMS

Program Name
Arg#1Arg#2Result Type
ASSIGNint:Oint:V 
DIVint:Vint:Vint
EQUALint:Vint:Vbool
LESSint:Vint:Vbool
MINUSint:Vint:Vint
MODint:Vint:Vint
NEGint:VO   
PLUSint:Vint:Vint
PREDint:VO   
SUCCint:VO   
TIMESint:Vint:Vint

(2) CANONICAL TRACES

canonical(T) T = _ T = SUCC(*).NEG(*) T1:<<int>>T = SUCC(*).T1 [canonical(T1)]

AUXILIARY FUNCTIONS

pred: <int> <int>

pred(x) =

ConditionValue
! x1:<int> [x = x1.NEG(*) ]SUCC(*).x
x = _ SUCC(*).NEG(*)
! x1:<int> [x = x1.SUCC(*) ]x1

succ: <int> <int>

succ(x) =

ConditionValue
¬ ! x1:<int> [x = x1.NEG(*) ]x.SUCC(*)
x = SUCC(*).NEG(*) _
! x1:<int> [x = x1.SUCC(*).SUCC(*).NEG(*) ]x1.SUCC(*).NEG(*)

plus: <int> × <int> <int>

plus(x, y) =

ConditionValue
x = _ y
x = SUCC(*).NEG(*) pred(y)
! x1:<int> [x = x1.SUCC(*) ]succ(plus(x1, y))
! x1:<int> [x = x1.SUCC(*).SUCC(*).NEG(*) ]pred(plus(x1.SUCC(*).NEG(*), y))

negate: <int> <int>

negate(x) =

ConditionValue
x = _ _
! x1:<int> [x = x1.SUCC(*) ]x.NEG(*)
! x1:<int> [x = x1.NEG(*) ]x1

minus: <int> × <int> <int>

minus(x, y) = plus(x, negate(y))

times: <int> × <int> <int>

times(x, y) =

ConditionValue
x = _ _
! x1:<int> [x = x1.SUCC(*) ]plus(times(x1, y), y)
! x1:<int> [x = x1.NEG(*) ]negate(times(x1, y))

div: <int> × <int> <int>

div(x, y) (y _) = z where z,r:<int> [plus(times(z, y), r) = x less(SUCC(*).NEG(*), r) less(r, y)]

modulo: <int> × <int> <int>

modulo(x, y) (y _) = minus(x, times(y, div(x, y)))

less: <int> × <int> <bool>

less(x, y) = z:<int> [minus(x, y) = z.NEG(*) ]

leq: <int> × <int> <bool>

leq(x, y) = x = y less(x, y)

geq: <int> × <int> <bool>

geq(x, y) = ¬less(x, y)

greater: <int> × <int> <bool>

greater(x, y) = ¬leq(x, y)

(3) SEMANTICS

ACCESS-PROGRAMS

Legality(ASSIGN(n, T)) = %legal%

ASSIGN(n , T) = T

Legality(DIV(T, U)) =

ConditionValue
U = _ %fatal%
U _%legal%

DIV(T, U) = div(T, U)

Legality(EQUAL(T, U)) = %legal%

EQUAL(T, U) = T = U

Legality(LESS(T, U)) = %legal%

LESS(T, U) = less(T, U)

Legality(MINUS(T, U)) = %legal%

MINUS(T, U) = minus(T, U)

Legality(MOD(T, U)) =

ConditionValue
U = _ %fatal%
U _%legal%

MOD(T, U) = modulo(T, U)

Legality(NEG((n, U))) = %legal%

NEG((n, U) ) = negate(U)

Legality(PLUS(T, U)) = %legal%

PLUS(T, U) = plus(T, U)

Legality(PRED((n, T))) = %legal%

PRED((n, T) ) = pred(T)

Legality(SUCC((n, T))) = %legal%

SUCC((n, T) ) = succ(T)

Legality(TIMES(T, U)) = %legal%

TIMES(T, U) = times(T, U)