Base types
Most type have a very simple interpretation in Why3:
-
The interpretation for a scalar type (
i32,bool,f64, ...) is itself. -
The interpretation of
[T]isSeq<T>, the type of sequences. -
The interpretation of
&Tis the interpretation ofT.Creusot is able to assume that
Tand&Tbehave the same, because of the "shared xor mutable" rule of Rust: we won't be able to change the value (interior mutability is handled by defining a special model for e.g.Cell<T>), so we may as well be manipulating an exact copy of the value. -
The interpretation of
Box<T>is the interpretation ofT.This is because a
Boxuniquely own its content: it really acts exactly the same asT. -
Structures and enums are interpreted by products and sum types.
-
The interpretation of
&mut Tis a bit more complicated: see the next section.