updated proof for VSTTE'10 problem 4

9ac18bf3 · Jean-Christophe Filliâtre · be01c33b · 9ac18bf3 · 9ac18bf3 · 9ac18bf3
Commit 9ac18bf3 authored Jun 22, 2011 by Jean-Christophe Filliâtre
--- a/examples/programs/vstte10_queens.mlw
+++ b/examples/programs/vstte10_queens.mlw
 (* VSTTE'10 competition http://www.macs.hw.ac.uk/vstte10/Competition.html
   Problem 4: N-queens *)

-module M
+module NQueens

  use import int.Int
  use import module array.Array
@@ -47,7 +47,7 @@ module M
  let check_is_consistent (board: array int) pos =
    { 0 <= pos < length board }
    try
-      for q = 0 to pos-1 do
+      for q = 0 to pos - 1 do
        invariant { forall j:int. 0 <= j < q -> consistent_row board pos j }
        let bq   = board[q]   in
        let bpos = board[pos] in

--- a/examples/programs/vstte10_queens/vstte10_queens.mlw_NQueens_solution_eq_board_1.v
+++ b/examples/programs/vstte10_queens/vstte10_queens.mlw_NQueens_solution_eq_board_1.v
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below    *)
+Require Import ZArith.
+Require Import Rbase.
+Definition unit  := unit.
+
+Parameter label : Type.
+
+Parameter at1: forall (a:Type), a -> label  -> a.
+
+Implicit Arguments at1.
+
+Parameter old: forall (a:Type), a  -> a.
+
+Implicit Arguments old.
+
+Parameter map : forall (a:Type) (b:Type), Type.
+
+Parameter get: forall (a:Type) (b:Type), (map a b) -> a  -> b.
+
+Implicit Arguments get.
+
+Parameter set: forall (a:Type) (b:Type), (map a b) -> a -> b  -> (map a b).
+
+Implicit Arguments set.
+
+Axiom Select_eq : forall (a:Type) (b:Type), forall (m:(map a b)),
+  forall (a1:a) (a2:a), forall (b1:b), (a1 = a2) -> ((get (set m a1 b1)
+  a2) = b1).
+
+Axiom Select_neq : forall (a:Type) (b:Type), forall (m:(map a b)),
+  forall (a1:a) (a2:a), forall (b1:b), (~ (a1 = a2)) -> ((get (set m a1 b1)
+  a2) = (get m a2)).
+
+Parameter const: forall (b:Type) (a:Type), b  -> (map a b).
+
+Set Contextual Implicit.
+Implicit Arguments const.
+Unset Contextual Implicit.
+
+Axiom Const : forall (b:Type) (a:Type), forall (b1:b) (a1:a), ((get (const(
+  b1):(map a b)) a1) = b1).
+
+Inductive array (a:Type) :=
+  | mk_array : Z -> (map Z a) -> array a.
+Implicit Arguments mk_array.
+
+Definition elts (a:Type)(u:(array a)): (map Z a) :=
+  match u with
+  | mk_array _ elts1 => elts1
+  end.
+Implicit Arguments elts.
+
+Definition length (a:Type)(u:(array a)): Z :=
+  match u with
+  | mk_array length1 _ => length1
+  end.
+Implicit Arguments length.
+
+Definition get1 (a:Type)(a1:(array a)) (i:Z): a := (get (elts a1) i).
+Implicit Arguments get1.
+
+Definition set1 (a:Type)(a1:(array a)) (i:Z) (v:a): (array a) :=
+  match a1 with
+  | mk_array xcl0 _ => (mk_array xcl0 (set (elts a1) i v))
+  end.
+Implicit Arguments set1.
+
+Definition eq_board(b1:(array Z)) (b2:(array Z)) (pos:Z): Prop :=
+  forall (q:Z), ((0%Z <= q)%Z /\ (q <  pos)%Z) -> ((get1 b1 q) = (get1 b2
+  q)).
+
+Axiom eq_board_set : forall (b:(array Z)) (pos:Z) (q:Z) (i:Z),
+  (pos <= q)%Z -> (eq_board b (set1 b q i) pos).
+
+Axiom eq_board_sym : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
+  (eq_board b1 b2 pos) -> (eq_board b2 b1 pos).
+
+Axiom eq_board_trans : forall (b1:(array Z)) (b2:(array Z)) (b3:(array Z))
+  (pos:Z), (eq_board b1 b2 pos) -> ((eq_board b2 b3 pos) -> (eq_board b1 b3
+  pos)).
+
+Axiom eq_board_extension : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
+  (eq_board b1 b2 pos) -> (((get1 b1 pos) = (get1 b2 pos)) -> (eq_board b1 b2
+  (pos + 1%Z)%Z)).
+
+Definition consistent_row(board:(array Z)) (pos:Z) (q:Z): Prop :=
+  (~ ((get1 board q) = (get1 board pos))) /\ ((~ (((get1 board
+  q) - (get1 board pos))%Z = (pos - q)%Z)) /\ ~ (((get1 board
+  pos) - (get1 board q))%Z = (pos - q)%Z)).
+
+Axiom consistent_row_eq : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
+  (eq_board b1 b2 (pos + 1%Z)%Z) -> forall (q:Z), ((0%Z <= q)%Z /\
+  (q <  pos)%Z) -> ((consistent_row b1 pos q) -> (consistent_row b2 pos q)).
+
+Definition is_consistent(board:(array Z)) (pos:Z): Prop := forall (q:Z),
+  ((0%Z <= q)%Z /\ (q <  pos)%Z) -> (consistent_row board pos q).
+
+Axiom is_consistent_eq : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
+  (eq_board b1 b2 (pos + 1%Z)%Z) -> ((is_consistent b1 pos) ->
+  (is_consistent b2 pos)).
+
+Definition is_board(board:(array Z)) (pos:Z): Prop := forall (q:Z),
+  ((0%Z <= q)%Z /\ (q <  pos)%Z) -> ((0%Z <= (get1 board q))%Z /\
+  ((get1 board q) <  (length board))%Z).
+
+Definition solution(board:(array Z)) (pos:Z): Prop := (is_board board pos) /\
+  forall (q:Z), ((0%Z <= q)%Z /\ (q <  pos)%Z) -> (is_consistent board q).
+
+Theorem solution_eq_board : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
+  ((length b1) = (length b2)) -> ((eq_board b1 b2 pos) -> ((solution b1
+  pos) -> (solution b2 pos))).
+(* YOU MAY EDIT THE PROOF BELOW *)
+unfold solution, eq_board, is_board, is_consistent; intuition.
+rewrite <- H0; generalize (H2 q); auto with *.
+rewrite <- H0; generalize (H2 q); auto with *.
+unfold consistent_row in *.
+assert (hq: (0 <= q < pos)%Z) by omega.
+assert (hq0: (0 <= q0 < q)%Z) by omega.
+generalize (H3 q hq q0 hq0).
+do 2 (rewrite <- H0; try omega).
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
--- a/examples/programs/vstte10_queens/why3session.xml
+++ b/examples/programs/vstte10_queens/why3session.xml
@@ -2,136 +2,56 @@
 <!DOCTYPE why3session SYSTEM "why3session.dtd">
 <why3session name="examples/programs/vstte10_queens/why3session.xml">
 <file name="../vstte10_queens.mlw" verified="true" expanded="true">
-  <theory name="M" verified="true" expanded="true">
-   <goal name="eq_board_set" sum="5a0d75d0eac71d57f1acabc952568bfa" proved="true" expanded="true">
-    <proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
+  <theory name="NQueens" verified="true" expanded="true">
+   <goal name="eq_board_set" sum="138449ac130d14e5d07c8279ca0afcd6" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
     <result status="valid" time="0.02"/>
    </proof>
   </goal>
-   <goal name="eq_board_sym" sum="405f7d6fa7f1cd214d57be56a03a90c6" proved="true" expanded="true">
-    <proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
-     <result status="valid" time="0.03"/>
+   <goal name="eq_board_sym" sum="4db24064e6f431db66f70d3abc00f260" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.00"/>
    </proof>
   </goal>
-   <goal name="eq_board_trans" sum="4f4b4df9a06df487228e3b7a5e299786" proved="true" expanded="true">
-    <proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
+   <goal name="eq_board_trans" sum="3af1e2dcede08fa003a851263151388b" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
     <result status="valid" time="0.02"/>
    </proof>
   </goal>
-   <goal name="eq_board_extension" sum="b146f07adfca2961090acaf226f1472b" proved="true" expanded="true">
-    <proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
-     <result status="valid" time="0.02"/>
+   <goal name="eq_board_extension" sum="0fe0f7c66cd0d689fb5269f407d95473" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.01"/>
    </proof>
   </goal>
-   <goal name="consistent_row_eq" sum="5cdbdd0e4d2d069953d7d298438e53eb" proved="true" expanded="true">
-    <proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
-     <result status="valid" time="0.05"/>
+   <goal name="consistent_row_eq" sum="60a91480743e21cc711af0c8570d29be" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.04"/>
    </proof>
   </goal>
-   <goal name="is_consistent_eq" sum="0cdac2dc0783cb8971d9b2bc165b1dbb" proved="true" expanded="true">
-    <proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
-     <result status="valid" time="0.15"/>
+   <goal name="is_consistent_eq" sum="8a624176fb3447a1a0f9656f14831c65" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.16"/>
    </proof>
   </goal>
-   <goal name="WP_parameter check_is_consistent" expl="correctness of parameter check_is_consistent" sum="650b8d34506ab14116907ee9a6c5293a" proved="true" expanded="true">
-    <transf name="split_goal" proved="true" expanded="true">
-     <goal name="WP_parameter check_is_consistent.1" expl="normal postcondition" sum="4cc7de5ca077c383b2e8c319e5fe2772" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.02"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter check_is_consistent.2" expl="for loop initialization" sum="80722d6f340ea1606df6b1de6a061b02" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.02"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter check_is_consistent.3" expl="for loop preservation" sum="1e68880955d1ba458aaac7db11bfadf1" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.10"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter check_is_consistent.4" expl="normal postcondition" sum="19580c6a17a5572d4a5e3517d7284f33" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.02"/>
-      </proof>
-     </goal>
-    </transf>
+   <goal name="WP_parameter check_is_consistent" expl="correctness of parameter check_is_consistent" sum="7f5ce8fe43d016e6a4150d41b5612118" proved="true" expanded="true">
+    <proof prover="cvc3" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.05"/>
+    </proof>
   </goal>
-   <goal name="solution_eq_board" sum="d370041b6257114a528593f9179b707e" proved="true" expanded="true">
-    <transf name="split_goal" proved="true" expanded="true">
-     <goal name="solution_eq_board.1" sum="d370041b6257114a528593f9179b707e" proved="true" expanded="true">
-      <proof prover="z3" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.06"/>
-      </proof>
-     </goal>
-    </transf>
+   <goal name="solution_eq_board" sum="b9d1019b6d99c0a051ebcaaa83115667" proved="true" expanded="true">
+    <proof prover="coq" timelimit="20" edited="vstte10_queens.mlw_NQueens_solution_eq_board_1.v" obsolete="false">
+     <result status="valid" time="0.60"/>
+    </proof>
   </goal>
-   <goal name="WP_parameter bt_queens" expl="correctness of parameter bt_queens" sum="efdafb18184a557c0bd125c5402c13b4" proved="true" expanded="true">
-    <transf name="split_goal" proved="true" expanded="true">
-     <goal name="WP_parameter bt_queens.1" expl="exceptional postcondition" sum="2a6ac1e487ce8b58509cbc4b3ca2a6ad" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.03"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter bt_queens.2" expl="normal postcondition" sum="d310f725c1974ea14c328be34508ffdc" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.02"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter bt_queens.3" expl="for loop initialization" sum="dd318c0d700fee0e567d4f117338842f" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.03"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter bt_queens.4" expl="for loop preservation" sum="78dd8b8c60afd7e97ffcd6f038cdda81" proved="true" expanded="true">
-      <proof prover="cvc3" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="1.08"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter bt_queens.5" expl="normal postcondition" sum="4394063341332481cf8bfa9f973e760d" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-       <result status="valid" time="0.12"/>
-      </proof>
-     </goal>
-    </transf>
+   <goal name="WP_parameter bt_queens" expl="correctness of parameter bt_queens" sum="b59f9ab1ac42b3755b8e06f7dc04fc2a" proved="true" expanded="true">
+    <proof prover="cvc3" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.96"/>
+    </proof>
   </goal>
-   <goal name="WP_parameter queens" expl="correctness of parameter queens" sum="1518431140950e60159267f1ed47140d" proved="true" expanded="true">
-    <transf name="split_goal" proved="true" expanded="true">
-     <goal name="WP_parameter queens.1" expl="precondition" sum="9176784c479b4a2ff97029b001dad298" proved="true" expanded="true">
-      <transf name="split_goal" proved="true" expanded="true">
-       <goal name="WP_parameter queens.1.1" expl="correctness of parameter queens" sum="8539b23d3510fd4f1de63ea1997ce50d" proved="true" expanded="true">
-        <proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
-         <result status="valid" time="0.02"/>
-        </proof>
-       </goal>
-       <goal name="WP_parameter queens.1.2" expl="correctness of parameter queens" sum="8ade4db49784f57307243eebbcb198d5" proved="true" expanded="true">
-        <proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
-         <result status="valid" time="0.02"/>
-        </proof>
-       </goal>
-       <goal name="WP_parameter queens.1.3" expl="correctness of parameter queens" sum="3de11924bbf3959c8f7fdc4cdf27f0cb" proved="true" expanded="true">
-        <proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
-         <result status="valid" time="0.02"/>
-        </proof>
-       </goal>
-       <goal name="WP_parameter queens.1.4" expl="correctness of parameter queens" sum="2d57043056ef40059532b1cb570c9882" proved="true" expanded="true">
-        <proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
-         <result status="valid" time="0.03"/>
-        </proof>
-       </goal>
-      </transf>
-     </goal>
-     <goal name="WP_parameter queens.2" expl="normal postcondition" sum="36d4e9c3b144d3d58c150fa7126ef877" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
-       <result status="valid" time="0.02"/>
-      </proof>
-     </goal>
-     <goal name="WP_parameter queens.3" expl="exceptional postcondition" sum="0bb3a16f6adf6b874b658f9dea10cbdb" proved="true" expanded="true">
-      <proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
-       <result status="valid" time="0.02"/>
-      </proof>
-     </goal>
-    </transf>
+   <goal name="WP_parameter queens" expl="correctness of parameter queens" sum="fa29a0090876c2c2eae4d8423017ff3c" proved="true" expanded="true">
+    <proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
+     <result status="valid" time="0.03"/>
+    </proof>
   </goal>
  </theory>
 </file>