stdlib/list: removed a Coq proof

parent 50429191
(* This file is generated by Why3's Coq driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require int.Int.
(* Why3 assumption *)
Inductive list (a:Type) :=
| Nil : list a
| Cons : a -> (list a) -> list a.
Axiom list_WhyType : forall (a:Type) {a_WT:WhyType a}, WhyType (list a).
Existing Instance list_WhyType.
Implicit Arguments Nil [[a]].
Implicit Arguments Cons [[a]].
Parameter num_occ: forall {a:Type} {a_WT:WhyType a}, a -> (list a) -> Z.
Axiom num_occ_def : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l:(list
a)),
match l with
| Nil => ((num_occ x l) = 0%Z)
| (Cons y r) => ((x = y) -> ((num_occ x l) = (1%Z + (num_occ x r))%Z)) /\
((~ (x = y)) -> ((num_occ x l) = (0%Z + (num_occ x r))%Z))
end.
Axiom Num_Occ_NonNeg : forall {a:Type} {a_WT:WhyType a}, forall (x:a)
(l:(list a)), (0%Z <= (num_occ x l))%Z.
(* Why3 assumption *)
Fixpoint mem {a:Type} {a_WT:WhyType a} (x:a) (l:(list a)) {struct l}: Prop :=
match l with
| Nil => False
| (Cons y r) => (x = y) \/ (mem x r)
end.
Axiom Mem_Num_Occ : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l:(list
a)), (mem x l) <-> (0%Z < (num_occ x l))%Z.
(* Why3 assumption *)
Fixpoint infix_plpl {a:Type} {a_WT:WhyType a} (l1:(list a)) (l2:(list
a)) {struct l1}: (list a) :=
match l1 with
| Nil => l2
| (Cons x1 r1) => (Cons x1 (infix_plpl r1 l2))
end.
Axiom Append_assoc : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (l3:(list a)), ((infix_plpl l1 (infix_plpl l2
l3)) = (infix_plpl (infix_plpl l1 l2) l3)).
Axiom Append_l_nil : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a)),
((infix_plpl l (Nil : (list a))) = l).
(* Why3 assumption *)
Fixpoint length {a:Type} {a_WT:WhyType a} (l:(list a)) {struct l}: Z :=
match l with
| Nil => 0%Z
| (Cons _ r) => (1%Z + (length r))%Z
end.
Axiom Length_nonnegative : forall {a:Type} {a_WT:WhyType a}, forall (l:(list
a)), (0%Z <= (length l))%Z.
Axiom Length_nil : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a)),
((length l) = 0%Z) <-> (l = (Nil : (list a))).
Axiom Append_length : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)), ((length (infix_plpl l1
l2)) = ((length l1) + (length l2))%Z).
Axiom mem_append : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l1:(list
a)) (l2:(list a)), (mem x (infix_plpl l1 l2)) <-> ((mem x l1) \/ (mem x
l2)).
Axiom mem_decomp : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l:(list
a)), (mem x l) -> exists l1:(list a), exists l2:(list a),
(l = (infix_plpl l1 (Cons x l2))).
Axiom Append_Num_Occ : forall {a:Type} {a_WT:WhyType a}, forall (x:a)
(l1:(list a)) (l2:(list a)), ((num_occ x (infix_plpl l1 l2)) = ((num_occ x
l1) + (num_occ x l2))%Z).
(* Why3 assumption *)
Fixpoint reverse {a:Type} {a_WT:WhyType a} (l:(list a)) {struct l}: (list
a) :=
match l with
| Nil => (Nil : (list a))
| (Cons x r) => (infix_plpl (reverse r) (Cons x (Nil : (list a))))
end.
Axiom reverse_append : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (x:a), ((infix_plpl (reverse (Cons x l1))
l2) = (infix_plpl (reverse l1) (Cons x l2))).
Axiom reverse_cons : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a))
(x:a), ((reverse (Cons x l)) = (infix_plpl (reverse l) (Cons x (Nil : (list
a))))).
Axiom cons_reverse : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a))
(x:a), ((Cons x (reverse l)) = (reverse (infix_plpl l (Cons x (Nil : (list
a)))))).
Axiom reverse_reverse : forall {a:Type} {a_WT:WhyType a}, forall (l:(list
a)), ((reverse (reverse l)) = l).
Axiom reverse_mem : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a))
(x:a), (mem x l) <-> (mem x (reverse l)).
Axiom Reverse_length : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a)),
((length (reverse l)) = (length l)).
Axiom reverse_num_occ : forall {a:Type} {a_WT:WhyType a}, forall (x:a)
(l:(list a)), ((num_occ x l) = (num_occ x (reverse l))).
(* Why3 assumption *)
Definition permut {a:Type} {a_WT:WhyType a} (l1:(list a)) (l2:(list
a)): Prop := forall (x:a), ((num_occ x l1) = (num_occ x l2)).
Axiom Permut_refl : forall {a:Type} {a_WT:WhyType a}, forall (l:(list a)),
(permut l l).
Axiom Permut_sym : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)), (permut l1 l2) -> (permut l2 l1).
Axiom Permut_trans : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (l3:(list a)), (permut l1 l2) -> ((permut l2 l3) -> (permut
l1 l3)).
Axiom Permut_cons : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l1:(list
a)) (l2:(list a)), (permut l1 l2) -> (permut (Cons x l1) (Cons x l2)).
Axiom Permut_swap : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (y:a)
(l:(list a)), (permut (Cons x (Cons y l)) (Cons y (Cons x l))).
Axiom Permut_cons_append : forall {a:Type} {a_WT:WhyType a}, forall (x:a)
(l1:(list a)) (l2:(list a)), (permut (infix_plpl (Cons x l1) l2)
(infix_plpl l1 (Cons x l2))).
Axiom Permut_assoc : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (l3:(list a)), (permut (infix_plpl (infix_plpl l1 l2) l3)
(infix_plpl l1 (infix_plpl l2 l3))).
Axiom Permut_append : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a))
(l2:(list a)) (k1:(list a)) (k2:(list a)), (permut l1 k1) -> ((permut l2
k2) -> (permut (infix_plpl l1 l2) (infix_plpl k1 k2))).
Axiom Permut_append_swap : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list
a)) (l2:(list a)), (permut (infix_plpl l1 l2) (infix_plpl l2 l1)).
Axiom Permut_mem : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l1:(list
a)) (l2:(list a)), (permut l1 l2) -> ((mem x l1) -> (mem x l2)).
Require Import Why3.
Ltac cvc := why3 "CVC4,1.4,"; admit.
(* Why3 goal *)
Theorem Permut_length : forall {a:Type} {a_WT:WhyType a}, forall (l1:(list
a)) (l2:(list a)), (permut l1 l2) -> ((length l1) = (length l2)).
(* Why3 intros l1 l2 h1. *)
intros l1 l2 h1.
generalize dependent l2.
induction l1; intros.
destruct l2.
trivial.
cvc.
pose (h2 := h1).
clearbody h2.
specialize (h1 a0).
assert (mem a0 l2).
cvc.
apply mem_decomp in H.
destruct H as [l3 [l4 H]].
assert (permut l1 (infix_plpl l3 l4)).
intro.
cvc.
cvc.
Admitted.
......@@ -2,18 +2,19 @@
<!DOCTYPE why3session PUBLIC "-//Why3//proof session v5//EN"
"http://why3.lri.fr/why3session.dtd">
<why3session shape_version="4">
<prover id="1" name="Coq" version="8.7.1" timelimit="5" steplimit="0" memlimit="4000"/>
<prover id="0" name="Z3" version="4.6.0" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="2" name="CVC4" version="1.4" timelimit="5" steplimit="0" memlimit="1000"/>
<prover id="3" name="Spass" version="3.7" timelimit="5" steplimit="0" memlimit="1000"/>
<prover id="4" name="Eprover" version="1.8-001" timelimit="5" steplimit="0" memlimit="1000"/>
<prover id="5" name="CVC4" version="1.5" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="6" name="Alt-Ergo" version="1.30" timelimit="5" steplimit="0" memlimit="1000"/>
<file name="../../../stdlib/list.mlw" proved="true">
<theory name="List" proved="true" sum="0837e0e504ae2d2a2dc07ff388fab3e5">
<theory name="List" proved="true">
<goal name="VC is_nil" expl="VC for is_nil" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="7"/></proof>
</goal>
</theory>
<theory name="Length" proved="true" sum="905c13f3b9a1d5b3685ef4b619a14b01">
<theory name="Length" proved="true">
<goal name="VC length" expl="VC for length" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
......@@ -36,7 +37,7 @@
</transf>
</goal>
</theory>
<theory name="Quant" proved="true" sum="cbe49ff1e6c76878e96cfcfaac826ecd">
<theory name="Quant" proved="true">
<goal name="VC for_all" expl="VC for for_all" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
......@@ -47,9 +48,7 @@
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
</theory>
<theory name="Mem" proved="true" sum="d41d8cd98f00b204e9800998ecf8427e">
</theory>
<theory name="Elements" proved="true" sum="bafb86c9c17211367a70c46cfeab34af">
<theory name="Elements" proved="true">
<goal name="elements_mem" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="elements_mem.0" proved="true">
......@@ -58,14 +57,12 @@
</transf>
</goal>
</theory>
<theory name="Nth" proved="true" sum="89ead29d253e40980e405711b3bd3eb0">
<theory name="Nth" proved="true">
<goal name="VC nth" expl="VC for nth" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
</theory>
<theory name="NthNoOpt" proved="true" sum="d41d8cd98f00b204e9800998ecf8427e">
</theory>
<theory name="NthLength" proved="true" sum="42dfb805196b03e25377b2c3e6c00a32">
<theory name="NthLength" proved="true">
<goal name="nth_none_1" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="nth_none_1.0" proved="true">
......@@ -88,7 +85,7 @@
</transf>
</goal>
</theory>
<theory name="HdTl" proved="true" sum="6a7bb36d89529a0f0ca85a317461a161">
<theory name="HdTl" proved="true">
<goal name="VC hd" expl="VC for hd" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
......@@ -96,9 +93,7 @@
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
</theory>
<theory name="HdTlNoOpt" proved="true" sum="d41d8cd98f00b204e9800998ecf8427e">
</theory>
<theory name="NthHdTl" proved="true" sum="766fb30d8551f2889072f5e06361ef9e">
<theory name="NthHdTl" proved="true">
<goal name="Nth_tl" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="21"/></proof>
</goal>
......@@ -106,7 +101,7 @@
<proof prover="4"><result status="valid" time="0.01"/></proof>
</goal>
</theory>
<theory name="Append" proved="true" sum="8b0fff794e6413ab8a5089b3e2554084">
<theory name="Append" proved="true">
<goal name="VC infix ++" expl="VC for infix ++" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
......@@ -160,7 +155,7 @@
</transf>
</goal>
</theory>
<theory name="NthLengthAppend" proved="true" sum="bed742aff2cd233b49310681fa413394">
<theory name="NthLengthAppend" proved="true">
<goal name="nth_append_1" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="nth_append_1.0" proved="true">
......@@ -176,7 +171,7 @@
</transf>
</goal>
</theory>
<theory name="Reverse" proved="true" sum="858eb8666f3cd57b232b01c6443f2a9c">
<theory name="Reverse" proved="true">
<goal name="VC reverse" expl="VC for reverse" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
......@@ -219,7 +214,7 @@
</transf>
</goal>
</theory>
<theory name="RevAppend" proved="true" sum="36f85557bbc717b5b32f39741cfb6f20">
<theory name="RevAppend" proved="true">
<goal name="VC rev_append" expl="VC for rev_append" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
......@@ -248,12 +243,12 @@
<proof prover="6"><result status="valid" time="0.01" steps="40"/></proof>
</goal>
</theory>
<theory name="Combine" proved="true" sum="fd1c76819779fd0bd76baa52457d5ac3">
<theory name="Combine" proved="true">
<goal name="VC combine" expl="VC for combine" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
</theory>
<theory name="Sorted" proved="true" sum="80571a008a6734ad8ebd9e35ecb9c0f3">
<theory name="Sorted" proved="true">
<goal name="sorted_mem" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="sorted_mem.0" proved="true">
......@@ -310,12 +305,12 @@
</transf>
</goal>
</theory>
<theory name="SortedInt" proved="true" sum="420fd9523aa8f4e7f3fc4144239e8ace">
<theory name="SortedInt" proved="true">
<goal name="Transitive.Trans" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="3"/></proof>
</goal>
</theory>
<theory name="RevSorted" proved="true" sum="d990cfc38eff35d4b5ee6eeea2be6a44">
<theory name="RevSorted" proved="true">
<goal name="Incr.Transitive.Trans" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="4"/></proof>
</goal>
......@@ -387,7 +382,7 @@
</transf>
</goal>
</theory>
<theory name="NumOcc" proved="true" sum="e5f20933ce7d0d92ce5290373d639f03">
<theory name="NumOcc" proved="true">
<goal name="Num_Occ_NonNeg" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="Num_Occ_NonNeg.0" proved="true">
......@@ -430,7 +425,7 @@
</transf>
</goal>
</theory>
<theory name="Permut" proved="true" sum="be179f9416f3dbffd7c5989459df9e5d">
<theory name="Permut" proved="true">
<goal name="Permut_refl" proved="true">
<proof prover="6"><result status="valid" time="0.01" steps="2"/></proof>
</goal>
......@@ -462,10 +457,72 @@
<proof prover="6"><result status="valid" time="0.01" steps="11"/></proof>
</goal>
<goal name="Permut_length" proved="true">
<proof prover="1" edited="list_Permut_Permut_length_2.v"><result status="valid" time="1.48"/></proof>
<transf name="induction_ty_lex" proved="true" >
<goal name="Permut_length.0" proved="true">
<transf name="split_vc" proved="true" >
<goal name="Permut_length.0.0" proved="true">
<transf name="destruct_alg" proved="true" arg1="l2">
<goal name="Permut_length.0.0.0" proved="true">
<proof prover="5"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="Permut_length.0.0.1" proved="true">
<proof prover="0"><result status="valid" time="0.02"/></proof>
</goal>
</transf>
</goal>
<goal name="Permut_length.0.1" proved="true">
<transf name="unfold" proved="true" arg1="permut" arg2="in" arg3="H">
<goal name="Permut_length.0.1.0" proved="true">
<transf name="assert" proved="true" arg1="(num_occ x1 l1 &gt;= 1)">
<goal name="Permut_length.0.1.0.0" proved="true">
<proof prover="5"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="Permut_length.0.1.0.1" proved="true">
<transf name="assert" proved="true" arg1="(mem x1 l2)">
<goal name="Permut_length.0.1.0.1.0" proved="true">
<proof prover="5"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="Permut_length.0.1.0.1.1" proved="true">
<transf name="instantiate" proved="true" arg1="mem_decomp" arg2="x1,l2">
<goal name="Permut_length.0.1.0.1.1.0" proved="true">
<transf name="destruct" proved="true" arg1="Hinst">
<goal name="Permut_length.0.1.0.1.1.0.0" proved="true">
<proof prover="5"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="Permut_length.0.1.0.1.1.0.1" proved="true">
<transf name="destruct" proved="true" arg1="Hinst">
<goal name="Permut_length.0.1.0.1.1.0.1.0" proved="true">
<transf name="destruct" proved="true" arg1="Hinst">
<goal name="Permut_length.0.1.0.1.1.0.1.0.0" proved="true">
<transf name="assert" proved="true" arg1="(permut x (l1 ++ l2))">
<goal name="Permut_length.0.1.0.1.1.0.1.0.0.0" proved="true">
<proof prover="5"><result status="valid" time="0.22"/></proof>
</goal>
<goal name="Permut_length.0.1.0.1.1.0.1.0.0.1" proved="true">
<proof prover="5"><result status="valid" time="0.19"/></proof>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
</theory>
<theory name="Distinct" proved="true" sum="2d43c8315958770c1d8477e3b5e70cae">
<theory name="Distinct" proved="true">
<goal name="distinct_append" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="distinct_append.0" proved="true">
......@@ -481,19 +538,17 @@
</transf>
</goal>
</theory>
<theory name="Prefix" proved="true" sum="5915981e098f39d20fd1e5fbf18b376d">
<theory name="Prefix" proved="true">
<goal name="VC prefix" expl="VC for prefix" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
</theory>
<theory name="Sum" proved="true" sum="5915981e098f39d20fd1e5fbf18b376d">
<theory name="Sum" proved="true">
<goal name="VC sum" expl="VC for sum" proved="true">
<proof prover="6"><result status="valid" time="0.00" steps="1"/></proof>
</goal>
</theory>
<theory name="Map" proved="true" sum="d41d8cd98f00b204e9800998ecf8427e">
</theory>
<theory name="FoldLeft" proved="true" sum="661a0a492e1d321d242ee343d62bb649">
<theory name="FoldLeft" proved="true">
<goal name="fold_left_append" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="fold_left_append.0" proved="true">
......@@ -502,7 +557,7 @@
</transf>
</goal>
</theory>
<theory name="FoldRight" proved="true" sum="9487d024f4d395375d20c6e19d6d450a">
<theory name="FoldRight" proved="true">
<goal name="fold_right_append" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="fold_right_append.0" proved="true">
......@@ -511,7 +566,5 @@
</transf>
</goal>
</theory>
<theory name="ListRich" proved="true" sum="d41d8cd98f00b204e9800998ecf8427e">
</theory>
</file>
</why3session>
......@@ -491,7 +491,7 @@ module Permut
use import Length
lemma Permut_length:
forall l1 l2: list 'a. permut l1 l2 -> length l1 = length l2
forall l1 [@induction] l2: list 'a. permut l1 l2 -> length l1 = length l2
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment