Commit 3180aa4b by Jean-Christophe Filliâtre

### gallery: dirichlet renamed into pigeonhole

`(there is already something called dirichlet in the gallery)`
parent f1363461
 ... @@ -3,7 +3,7 @@ ... @@ -3,7 +3,7 @@ Proved using a lemma function. *) Proved using a lemma function. *) module Dirichlet module Pigeonhole use import HighOrd use import HighOrd use import int.Int use import int.Int ... @@ -19,7 +19,7 @@ module Dirichlet ... @@ -19,7 +19,7 @@ module Dirichlet variant { n } variant { n } = if n = 0 then empty else add (n-1) (below (n-1)) = if n = 0 then empty else add (n-1) (below (n-1)) let lemma dirichlet (n m: int) (f: int -> int) let lemma pigeonhole (n m: int) (f: int -> int) requires { 0 <= m < n } requires { 0 <= m < n } requires { forall i. 0 <= i < n -> 0 <= f i < m } requires { forall i. 0 <= i < n -> 0 <= f i < m } ensures { exists i1, i2. 0 <= i1 < i2 < n /\ f i1 = f i2 } ensures { exists i1, i2. 0 <= i1 < i2 < n /\ f i1 = f i2 } ... ...
 ... @@ -4,44 +4,44 @@ ... @@ -4,44 +4,44 @@ ... ...
 (** Random Access Lists. (** Random Access Lists. (Okasaki, "Purely Functional Data Structures", 10.1.2.) The code below uses polymorphic recursion (both in the logic The code below uses polymorphic recursion (both in the logic and in the programs). and in the programs). BUGS: Author: Jean-Christophe Filliâtre (CNRS) - induction_ty_lex has no effect on a goal involving polymorphic recursion - a lemma function is not allowed to perform polymorphic recursion? *) *) module RandomAccessList module RandomAccessList ... @@ -24,13 +22,13 @@ module RandomAccessList ... @@ -24,13 +22,13 @@ module RandomAccessList | Zero (ral ('a, 'a)) | Zero (ral ('a, 'a)) | One 'a (ral ('a, 'a)) | One 'a (ral ('a, 'a)) function flatten (l: list ('a , 'a)) : list 'a function flatten (l: list ('a, 'a)) : list 'a = match l with = match l with | Nil -> Nil | Nil -> Nil | Cons (x, y) l1 -> Cons x (Cons y (flatten l1)) | Cons (x, y) l1 -> Cons x (Cons y (flatten l1)) end end let rec lemma length_flatten (l:list ('a,'a)) let rec lemma length_flatten (l:list ('a, 'a)) ensures { length (flatten l) = 2 * length l } ensures { length (flatten l) = 2 * length l } variant { l } variant { l } = match l with = match l with ... ...
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!