Commit 11482afa authored by Jean-Christophe Filliâtre's avatar Jean-Christophe Filliâtre
Browse files

vstte'10 : problem 2 : unproved VC discharged with Coq

parent 6640a5c5
(* Beware! Only edit allowed sections below *)
(* This file is generated by Why3's Coq driver *)
Require Import ZArith.
Require Import Rbase.
Definition unit := unit.
Parameter ignore: forall (a:Type), a -> unit.
Implicit Arguments ignore.
Parameter arrow : forall (a:Type) (b:Type), Type.
Parameter ref : forall (a:Type), Type.
Parameter prefix_ex: forall (a:Type), (ref a) -> a.
Implicit Arguments prefix_ex.
Parameter label : Type.
Parameter at1: forall (a:Type), a -> label -> a.
Implicit Arguments at1.
Parameter old: forall (a:Type), a -> a.
Implicit Arguments old.
Parameter exn : Type.
Definition lt_nat(x:Z) (y:Z): Prop := (0%Z <= y)%Z /\ (x < y)%Z.
Parameter t : forall (a:Type) (b:Type), Type.
Parameter get: forall (a:Type) (b:Type), (t a b) -> a -> b.
Implicit Arguments get.
Parameter set: forall (a:Type) (b:Type), (t a b) -> a -> b -> (t a b).
Implicit Arguments set.
Axiom Select_eq : forall (a:Type) (b:Type), forall (m:(t a b)), forall (a1:a)
(a2:a), forall (b1:b), (a1 = a2) -> ((get (set m a1 b1) a2) = b1).
Axiom Select_neq : forall (a:Type) (b:Type), forall (m:(t a b)),
forall (a1:a) (a2:a), forall (b1:b), (~ (a1 = a2)) -> ((get (set m a1 b1)
a2) = (get m a2)).
Parameter create_const: forall (b:Type) (a:Type), b -> (t a b).
Set Contextual Implicit.
Implicit Arguments create_const.
Unset Contextual Implicit.
Axiom Const : forall (b:Type) (a:Type), forall (b1:b) (a1:a),
((get (create_const(b1):(t a b)) a1) = b1).
Parameter length: forall (a:Type), (t Z a) -> Z.
Implicit Arguments length.
Axiom Length_non_negative : forall (a:Type), forall (a1:(t Z a)),
(0%Z <= (length a1))%Z.
Axiom Length_set : forall (a:Type), forall (a1:(t Z a)), forall (k:Z),
forall (v:a), ((length (set a1 k v)) = (length a1)).
Parameter create_const_length: forall (a:Type), a -> Z -> (t Z a).
Implicit Arguments create_const_length.
Axiom Create_const_length_get : forall (a:Type), forall (b:a), forall (n:Z)
(i:Z), ((get (create_const_length b n) i) = b).
Axiom Create_const_length_length : forall (a:Type), forall (a1:a),
forall (n:Z), (0%Z <= n)%Z -> ((length (create_const_length a1 n)) = n).
Parameter create_length: forall (a:Type), Z -> (t Z a).
Set Contextual Implicit.
Implicit Arguments create_length.
Unset Contextual Implicit.
Axiom Create_length_length : forall (a:Type), forall (n:Z), (0%Z <= n)%Z ->
((length (create_length(n):(t Z a))) = n).
Definition array a := (t Z a).
Definition injective(a1:(t Z Z)) (n:Z): Prop := forall (i:Z) (j:Z),
((0%Z <= i)%Z /\ (i < n)%Z) -> (((0%Z <= j)%Z /\ (j < n)%Z) ->
((~ (i = j)) -> ~ ((get a1 i) = (get a1 j)))).
Definition surjective(a2:(t Z Z)) (n:Z): Prop := forall (i:Z),
((0%Z <= i)%Z /\ (i < n)%Z) -> exists j:Z, ((0%Z <= j)%Z /\ (j < n)%Z) /\
((get a2 j) = i).
Definition range(a3:(t Z Z)) (n:Z): Prop := forall (i:Z), ((0%Z <= i)%Z /\
(i < n)%Z) -> ((0%Z <= (get a3 i))%Z /\ ((get a3 i) < n)%Z).
Axiom Injective_surjective : forall (a4:(t Z Z)) (n:Z), (injective a4 n) ->
((range a4 n) -> (surjective a4 n)).
Theorem WP_inverting : forall (n:Z), forall (b:(t Z Z)), forall (a5:(t Z Z)),
((**) (0%Z <= n)%Z /\ ((**) ((**) ((length a5) = n)) /\
((**) ((**) ((length b) = n)) /\ ((**) ((**) (injective a5 n)) /\
((**) (range a5 n)))))) -> ((0%Z <= (n - 1%Z)%Z)%Z -> forall (b1:(t Z Z)),
((**) ((**) ((length b1) = n)) /\ forall (j:Z),
((**) ((**) ((**) (0%Z <= j)%Z) /\
((**) (j < ((n - 1%Z)%Z + 1%Z)%Z)%Z)) -> ((**) ((get b1 (get a5
j)) = j)))) -> ((**) (injective b1 n))).
unfold injective; intros.
assert (Hs : surjective a5 n).
apply Injective_surjective; auto.
unfold surjective in Hs.
generalize (Hs i H4); intros (i0, (hi01, hi02)).
generalize (Hs j H8); intros (j0, (hj01, hj02)).
rewrite <- hi02.
rewrite <- hj02.
rewrite H7.
rewrite H7.
red; intro.
rewrite H10 in hi02.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment