Commit 3c0b61f8 authored by MARCHE Claude's avatar MARCHE Claude

moved set theory and its realizations into Bware repository

parent f3a91eff
......@@ -204,3 +204,4 @@ pvsbin/
/src/jessie/config.status
/src/jessie/Makefile
/src/jessie/ptests_local_config.ml
/src/jessie/tests/basic/result/*.log
\ No newline at end of file
......@@ -848,17 +848,13 @@ COQLIBS_NUMBER = $(addprefix lib/coq/number/, $(COQLIBS_NUMBER_FILES))
COQLIBS_SET_FILES = Set
COQLIBS_SET = $(addprefix lib/coq/set/, $(COQLIBS_SET_FILES))
COQLIBS_SETTHEORY_FILES = Interval PowerSet Relation Identity Image \
InverseDomRan Function
COQLIBS_SETTHEORY = $(addprefix lib/coq/settheory/, $(COQLIBS_SETTHEORY_FILES))
ifeq (@enable_coq_fp_libs@,yes)
COQLIBS_FP_FILES = Rounding SingleFormat Single DoubleFormat Double
COQLIBS_FP_ALL_FILES = GenFloat $(COQLIBS_FP_FILES)
COQLIBS_FP = $(addprefix lib/coq/floating_point/, $(COQLIBS_FP_ALL_FILES))
endif
COQLIBS_FILES = lib/coq/BuiltIn $(COQLIBS_INT) $(COQLIBS_REAL) $(COQLIBS_NUMBER) $(COQLIBS_SET) $(COQLIBS_SETTHEORY) $(COQLIBS_FP)
COQLIBS_FILES = lib/coq/BuiltIn $(COQLIBS_INT) $(COQLIBS_REAL) $(COQLIBS_NUMBER) $(COQLIBS_SET) $(COQLIBS_FP)
COQV = $(addsuffix .v, $(COQLIBS_FILES))
COQVO = $(addsuffix .vo, $(COQLIBS_FILES))
......@@ -884,8 +880,6 @@ drivers/coq-realizations.aux: Makefile
echo 'theory number.'"$$f"' meta "realized_theory" "number.'"$$f"'", "" end'; done; \
for f in $(COQLIBS_SET_FILES); do \
echo 'theory set.'"$$f"' meta "realized_theory" "set.'"$$f"'", "" end'; done; \
for f in $(COQLIBS_SETTHEORY_FILES); do \
echo 'theory settheory.'"$$f"' meta "realized_theory" "settheory.'"$$f"'", "" end'; done; \
for f in $(COQLIBS_FP_FILES); do \
echo 'theory floating_point.'"$$f"' meta "realized_theory" "floating_point.'"$$f"'", "" end'; done; \
) > $@
......@@ -903,8 +897,6 @@ install_no_local::
cp $(addsuffix .vo, $(COQLIBS_NUMBER)) $(LIBDIR)/why3/coq/number/
mkdir -p $(LIBDIR)/why3/coq/set
cp $(addsuffix .vo, $(COQLIBS_SET)) $(LIBDIR)/why3/coq/set/
mkdir -p $(LIBDIR)/why3/coq/settheory
cp $(addsuffix .vo, $(COQLIBS_SETTHEORY)) $(LIBDIR)/why3/coq/settheory/
ifeq (@enable_coq_fp_libs@,yes)
mkdir -p $(LIBDIR)/why3/coq/floating_point
cp $(addsuffix .vo, $(COQLIBS_FP)) $(LIBDIR)/why3/coq/floating_point/
......@@ -924,7 +916,7 @@ depend: $(COQVD)
clean::
rm -f $(COQVO) $(COQVD) $(addsuffix .glob, $(COQLIBS_FILES))
update-coq: update-coq-int update-coq-real update-coq-number update-coq-set update-coq-settheory update-coq-fp
update-coq: update-coq-int update-coq-real update-coq-number update-coq-set update-coq-fp
update-coq-int: bin/why3 drivers/coq-realizations.aux theories/int.why
for f in $(COQLIBS_INT_ALL_FILES); do WHY3CONFIG="" bin/why3.@OCAMLBEST@ --realize -L theories -D drivers/coq-realize.drv -T int.$$f -o lib/coq/int/; done
......@@ -938,9 +930,6 @@ update-coq-number: bin/why3 drivers/coq-realizations.aux theories/number.why
update-coq-set: bin/why3 drivers/coq-realizations.aux theories/set.why
for f in $(COQLIBS_SET_FILES); do WHY3CONFIG="" bin/why3.@OCAMLBEST@ --realize -L theories -D drivers/coq-realize.drv -T set.$$f -o lib/coq/set/; done
update-coq-settheory: bin/why3 drivers/coq-realizations.aux theories/settheory.why
for f in $(COQLIBS_SETTHEORY_FILES); do WHY3CONFIG="" bin/why3.@OCAMLBEST@ --realize -L theories -D drivers/coq-realize.drv -T settheory.$$f -o lib/coq/settheory/; done
update-coq-fp: bin/why3 drivers/coq-realizations.aux theories/floating_point.why
for f in $(COQLIBS_FP_FILES); do WHY3CONFIG="" bin/why3.@OCAMLBEST@ --realize -L theories -D drivers/coq-realize.drv -T floating_point.$$f -o lib/coq/floating_point/; done
......@@ -1293,8 +1282,7 @@ STDLIBS = algebra \
option \
real \
relations \
set \
settheory
set
# function ? sum ? tptp ?
STDMODS = arith array hashtbl impset pqueue queue random ref stack string
......
# Why version
VERSION=0.73+git
VERSION=0.80
......
......@@ -22,7 +22,7 @@ extended with
%\item Hilbert's epsilon construct
\end{itemize}
\todo{continue}
% \todo{continue}
\section{Organization of this document}
......
\newcommand{\todo}[1]{{\Huge\bfseries TODO: #1}}
% \newcommand{\todo}[1]{{\Huge\bfseries TODO: #1}}
\newcommand{\why}{\textsf{Why3}\xspace}
\newcommand{\whyml}{\textsf{WhyML}\xspace}
......
......@@ -91,7 +91,7 @@
\vfill
\todo{NE PAS DISTRIBUER TANT QU'IL RESTE DES TODOS}
% \todo{NE PAS DISTRIBUER TANT QU'IL RESTE DES TODOS}
%BEGIN LATEX
\begin{LARGE}
......@@ -121,15 +121,15 @@
\begin{flushleft}
\begin{tabular}{l}
$^1$ LRI, CNRS, Univ Paris-Sud, Orsay, F-91405 \\
$^2$ Inria Saclay -- \^Ile-de-France, Toccata, Palaiseau, F-91120
$^1$ LRI, CNRS \& University Paris-Sud, Orsay, F-91405 \\
$^2$ Inria Saclay -- \^Ile-de-France, Palaiseau, F-91120
\end{tabular}
%BEGIN LATEX
\bigskip
%END LATEX
\textcopyright 2010-2012 Univ Paris-Sud, CNRS, Inria
\textcopyright 2010-2012 University Paris-Sud, CNRS, Inria
\urldef{\urlutcat}{\url}{http://frama-c.cea.fr/u3cat}
\urldef{\urlhilite}{\url}{http://www.open-do.org/projects/hi-lite/}
......
This diff is collapsed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require set.Set.
Require settheory.Relation.
Require settheory.InverseDomRan.
Require settheory.Function.
Import set.Set.
(* Why3 goal *)
Definition id: forall {a:Type} {a_WT:WhyType a}, (set.Set.set a) ->
(set.Set.set (a* a)%type).
intros a a_WT s.
exact (fun p => match p with (x,y) => s x /\ x=y end).
Defined.
(* Why3 goal *)
Lemma id_def : forall {a:Type} {a_WT:WhyType a}, forall (x:a) (y:a)
(s:(set.Set.set a)), (set.Set.mem (x, y) (id s)) <-> ((set.Set.mem x s) /\
(x = y)).
intros a a_WT x y s.
unfold id, mem; tauto.
Qed.
Import settheory.InverseDomRan.
(* Why3 goal *)
Lemma id_dom : forall {a:Type} {a_WT:WhyType a}, forall (s:(set.Set.set a)),
((settheory.InverseDomRan.dom (id s)) = s).
intros a a_WT s.
apply predicate_extensionality.
unfold id, dom, mem; split.
unfold mem.
intros (y, (h1, h2)); auto.
unfold mem.
intro h.
exists x; tauto.
Qed.
(* Why3 goal *)
Lemma id_ran : forall {a:Type} {a_WT:WhyType a}, forall (s:(set.Set.set a)),
((settheory.InverseDomRan.ran (id s)) = s).
intros a a_WT s.
apply predicate_extensionality.
unfold id, ran, mem; split.
unfold mem.
intros (y, (h1, h2)); subst; auto.
unfold mem.
intro h.
exists x; tauto.
Qed.
(* Why3 goal *)
Lemma id_fun : forall {a:Type} {a_WT:WhyType a}, forall (s:(set.Set.set a)),
(set.Set.mem (id s) (settheory.Function.infix_plmngt s s)).
intros a a_WT s.
unfold Function.infix_plmngt, mem.
split.
rewrite id_dom.
apply subset_refl.
split.
rewrite id_ran.
apply subset_refl.
unfold id; intuition.
subst; auto.
Qed.
(* Why3 goal *)
Lemma id_total_fun : forall {a:Type} {a_WT:WhyType a}, forall (s:(set.Set.set
a)), (set.Set.mem (id s) (settheory.Function.infix_mnmngt s s)).
intros a a_WT s.
unfold Function.infix_mnmngt, mem.
split.
apply id_fun.
apply id_dom.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require set.Set.
Require settheory.Relation.
Import set.Set.
(* Why3 goal *)
Definition image: forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
(set.Set.set (a* b)%type) -> (set.Set.set a) -> (set.Set.set b).
intros a a_WT b b_WT r s.
exact (fun y => exists x:a, mem x s /\ mem (x,y) r).
Defined.
(* Why3 goal *)
Lemma mem_image : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
forall (r:(set.Set.set (a* b)%type)) (dom:(set.Set.set a)) (y:b),
(set.Set.mem y (image r dom)) <-> exists x:a, (set.Set.mem x dom) /\
(set.Set.mem (x, y) r).
intros a a_WT b b_WT r dom y.
unfold image, mem; intuition.
Qed.
(* Why3 goal *)
Lemma image_union : forall {a:Type} {a_WT:WhyType a}
{b:Type} {b_WT:WhyType b}, forall (r:(set.Set.set (a* b)%type))
(s:(set.Set.set a)) (t:(set.Set.set a)), ((image r (set.Set.union s
t)) = (set.Set.union (image r s) (image r t))).
intros a a_WT b b_WT r s t.
apply predicate_extensionality; intros y.
unfold image, union, mem.
split.
intros (x, ([h1 | h2] & h3)).
left; exists x; auto.
right; exists x; auto.
intros [(x, h) | (x, h)]; exists x; intuition.
Qed.
(* Why3 goal *)
Lemma image_add : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
forall (r:(set.Set.set (a* b)%type)) (dom:(set.Set.set a)) (x:a), ((image r
(set.Set.add x dom)) = (set.Set.union (image r (set.Set.add x
(set.Set.empty :(set.Set.set a)))) (image r dom))).
intros a a_WT b b_WT r dom z.
apply predicate_extensionality; intros y.
unfold image, union, add, mem.
split.
intros (x, ([h1 | h2] & h3)).
left; exists x; auto.
right; exists x; auto.
intros [(x, h) | (x, h)].
exists x; intuition.
elimtype False; apply H1.
exists x; intuition.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require int.Int.
Require set.Set.
Open Scope Z_scope.
Import set.Set.
(* Why3 goal *)
Definition integer: (set.Set.set Z).
exact (fun _ => True).
Defined.
(* Why3 goal *)
Lemma mem_integer : forall (x:Z), (set.Set.mem x integer).
easy.
Qed.
(* Why3 goal *)
Definition natural: (set.Set.set Z).
exact (fun n => n >= 0).
Defined.
(* Why3 goal *)
Lemma mem_natural : forall (x:Z), (set.Set.mem x natural) <-> (0%Z <= x)%Z.
intros x.
unfold natural, mem ; intuition.
Qed.
(* Why3 goal *)
Definition mk: Z -> Z -> (set.Set.set Z).
intros a b.
exact (fun n => a <= n <= b).
Defined.
(* Why3 goal *)
Lemma mem_interval : forall (x:Z) (a:Z) (b:Z), (set.Set.mem x (mk a b)) <->
((a <= x)%Z /\ (x <= b)%Z).
intros x a b.
unfold mk, mem ; tauto.
Qed.
(* Why3 goal *)
Lemma interval_empty : forall (a:Z) (b:Z), (b < a)%Z -> ((mk a
b) = (set.Set.empty :(set.Set.set Z))).
intros a b h1.
apply predicate_extensionality; intro x.
unfold empty, mk, mem; intuition.
Qed.
(* Why3 goal *)
Lemma interval_add : forall (a:Z) (b:Z), (a <= b)%Z -> ((mk a
b) = (set.Set.add b (mk a (b - 1%Z)%Z))).
intros a b h1.
apply predicate_extensionality; intro x.
unfold mk, add, mem; intuition; omega.
Qed.
(* Unused content named mem_interval_1
intros x a b (h1,h2).
Qed.
*)
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require set.Set.
Require settheory.Relation.
Import set.Set.
(* Why3 goal *)
Definition inverse: forall {a:Type} {a_WT:WhyType a}
{b:Type} {b_WT:WhyType b}, (set.Set.set (a* b)%type) -> (set.Set.set (b*
a)%type).
intros a a_WT b b_WT s.
exact (fun p => match p with (x,y) => mem (y,x) s end).
Defined.
(* Why3 goal *)
Lemma Inverse_def : forall {a:Type} {a_WT:WhyType a}
{b:Type} {b_WT:WhyType b}, forall (r:(set.Set.set (a* b)%type)),
forall (x:a) (y:b), (set.Set.mem (y, x) (inverse r)) <-> (set.Set.mem (x,
y) r).
intros a a_WT b b_WT r x y.
unfold inverse, mem; tauto.
Qed.
(* Why3 goal *)
Definition dom: forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
(set.Set.set (a* b)%type) -> (set.Set.set a).
intros a a_WT b b_WT s.
exact (fun x => exists y, mem (x,y) s).
Defined.
(* Why3 goal *)
Lemma dom_def : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
forall (r:(set.Set.set (a* b)%type)), forall (x:a), (set.Set.mem x
(dom r)) <-> exists y:b, (set.Set.mem (x, y) r).
intros a a_WT b b_WT r x.
unfold dom; intuition.
Qed.
(* Why3 goal *)
Definition ran: forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
(set.Set.set (a* b)%type) -> (set.Set.set b).
intros a a_WT b b_WT s.
exact (fun y => exists x, mem (x,y) s).
Defined.
(* Why3 goal *)
Lemma ran_def : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
forall (r:(set.Set.set (a* b)%type)), forall (y:b), (set.Set.mem y
(ran r)) <-> exists x:a, (set.Set.mem (x, y) r).
intros a a_WT b b_WT r y.
unfold ran; intuition.
Qed.
(* Why3 goal *)
Lemma dom_empty : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
((dom (set.Set.empty :(set.Set.set (a*
b)%type))) = (set.Set.empty :(set.Set.set a))).
intros a a_WT b b_WT.
apply extensionality; intro x.
rewrite dom_def.
split.
intros (y,h); auto.
unfold mem, empty; intuition.
Qed.
(* Why3 goal *)
Lemma dom_add : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b},
forall (f:(set.Set.set (a* b)%type)) (x:a) (y:b), ((dom (set.Set.add (x, y)
f)) = (set.Set.add x (dom f))).
intros a a_WT b b_WT f x y.
apply extensionality.
intro z.
rewrite add_def1.
do 2 rewrite dom_def.
split.
intro H; destruct H.
rewrite add_def1 in H.
destruct H.
inversion H; intuition.
right; exists x0; auto.
intro H; destruct H.
subst z.
exists y; rewrite add_def1; auto.
destruct H.
exists x0; rewrite add_def1; auto.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require set.Set.
Import set.Set.
(* Why3 goal *)
Definition power: forall {a:Type} {a_WT:WhyType a}, (set.Set.set a) ->
(set.Set.set (set.Set.set a)).
intros a a_WT s.
exact (fun x => subset x s).
Defined.
(* Why3 goal *)
Lemma mem_power : forall {a:Type} {a_WT:WhyType a}, forall (x:(set.Set.set
a)) (y:(set.Set.set a)), (set.Set.mem x (power y)) <-> (set.Set.subset x
y).
intros a a_WT x y.
now unfold power, mem.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require set.Set.
(* Why3 assumption *)
Definition rel (a:Type) {a_WT:WhyType a} (b:Type) {b_WT:WhyType b} :=
(set.Set.set (a* b)%type).
(* This file is generated by Why3's Coq driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require int.Int.
Require set.Set.
Require settheory.Interval.
Require settheory.Relation.
Require settheory.InverseDomRan.
Require settheory.Function.
Require settheory.Identity.
Import set.Set.
Open Scope Z_scope.
(* Why3 assumption *)
Definition seq_length {a:Type} {a_WT:WhyType a}(n:Z) (s:(set.Set.set
a)): (set.Set.set (set.Set.set (Z* a)%type)) :=
(settheory.Function.infix_mnmngt (settheory.Interval.mk 1%Z n) s).
(* Why3 goal *)
Definition seq: forall {a:Type} {a_WT:WhyType a}, (set.Set.set a) ->
(set.Set.set (set.Set.set (Z* a)%type)).
intros a a_WT s.
exact (fun f => exists n:Z, 0 <= n /\ mem f (seq_length n s)).
Defined.
(* Why3 goal *)
Definition size: forall {a:Type} {a_WT:WhyType a}, (set.Set.set (Z*
a)%type) -> Z.
Defined.
(* Why3 goal *)
Lemma mem_seq : forall {a:Type} {a_WT:WhyType a}, forall (s:(set.Set.set a))
(r:(set.Set.set (Z* a)%type)), (set.Set.mem r (seq s)) <->
((0%Z <= (size r))%Z /\ (set.Set.mem r (seq_length (size r) s))).
intros a a_WT s r.
Qed.
(* Why3 goal *)
Lemma seq_as_total_function : forall {a:Type} {a_WT:WhyType a},
forall (s:(set.Set.set a)) (r:(set.Set.set (Z* a)%type)), (set.Set.mem r
(seq s)) -> (set.Set.mem r
(settheory.Function.infix_mnmngt (settheory.Interval.mk 1%Z (size r)) s)).
intros a a_WT s r h1.
Qed.
(* Why3 goal *)
Lemma size_def : forall {a:Type} {a_WT:WhyType a}, forall (n:Z)
(r:(set.Set.set (Z* a)%type)), ((size r) = n) <-> exists s:(set.Set.set a),
(set.Set.mem r (seq_length n s)).
intros a a_WT n r.
Qed.
(* Unused content named mem_seq_length
intros a a_WT n s.
Qed.
*)
(** {1 A library for Set theory}
this library provides a few Why3 theories that formalize the set
theory as it is defined in the B-book.
Reference: {h <a href="http://hal.inria.fr/hal-00681781/en/">Discharging Proof Obligations from Atelier B using Multiple Automated Provers</a>}
*)
(** {2 Interval}
interval of integers, seen as sets
*)
theory Interval
use export int.Int
use export set.Set
function integer : set int
axiom mem_integer: forall x:int.mem x integer
function natural : set int
axiom mem_natural:
forall x:int. mem x natural <-> x >= 0
function mk int int : set int
axiom mem_interval:
forall x a b : int [mem x (mk a b)].
mem x (mk a b) <-> a <= x <= b
lemma interval_empty :
forall a b:int. a > b -> mk a b = empty
lemma interval_add :
forall a b:int. a <= b -> (mk a b) = add b (mk a (b-1))
end
(** {2 Power set}
the power set of some set S, i.e the set of subsets of S
*)
theory PowerSet
use export set.Set
function power (set 'a) : set (set 'a)
axiom mem_power : forall x y:set 'a [mem x (power y)].
mem x (power y) <-> subset x y
end
(** {2 Relations}
Relations between two sets
*)
theory Relation
use export set.Set
type rel 'a 'b = set ('a , 'b)
end
(** {2 Composition}
Composition of relations
*)
theory Composition
use import Relation
function semicolon (rel 'a 'b) (rel 'b 'c) : (rel 'a 'c)
axiom semicolon_def:
forall x:'a, z:'c, p:rel 'a 'b, q:rel 'b 'c.
mem (x,z) (semicolon p q) <->
exists y:'b. mem (x,y) p /\ mem (y,z) q
end
(** {2 Domain, Range, Inverse}
Domain, Range and inverse of a relation
*)
theory InverseDomRan
use export Relation
function inverse (rel 'a 'b) : rel 'b 'a
axiom Inverse_def:
forall r : rel 'a 'b. forall x : 'a, y : 'b.
mem (y,x) (inverse r) <-> mem (x,y) r
function dom (rel 'a 'b) : set 'a
axiom dom_def:
forall r : rel 'a 'b. forall x : 'a.
mem x (dom r) <-> exists y : 'b. mem (x,y) r
function ran (rel 'a 'b) : set 'b
axiom ran_def:
forall r : rel 'a 'b. forall y : 'b.
mem y (ran r) <-> exists x : 'a. mem (x,y) r
lemma dom_empty:
dom (empty : rel 'a 'b) = (empty : set 'a)
lemma dom_add:
forall f:rel 'a 'b, x:'a, y:'b.
dom (add (x,y) f) = add x (dom f)
end
(** {2 Image}
Image by a relation
*)
theory Image
use export Relation
function image (r : rel 'a 'b) (dom : set 'a) : set 'b
axiom mem_image:
forall r : rel 'a 'b, dom : set 'a, y : 'b [mem y (image r dom)].
mem y (image r dom) <-> exists x: 'a. mem x dom /\ mem (x,y) r
lemma image_union:
forall r : rel 'a 'b, s t: set 'a.
image r (union s t) = union (image r s) (image r t)
lemma image_add:
forall r : rel 'a 'b, dom : set 'a, x:'a.
image r (add x dom) = union (image r (singleton x))
(image r dom)
end
(** {2 Functions}
Partial functions as relations
*)
theory Function
use export Relation
(** operator A +-> B : set of partial functions from A to B,
seen as a relation
*)
function (+->) (s:set 'a) (t:set 'b) : set (rel 'a 'b)
axiom mem_function:
forall f:rel 'a 'b, s:set 'a, t:set 'b.
mem f (s +-> t) <->
(forall x:'a, y:'b. mem (x,y) f -> mem x s /\ mem y t)
/\
(forall x:'a, y1 y2:'b. mem (x,y1) f /\ mem (x,y2) f -> y1=y2)
lemma domain_function:
forall f:rel 'a 'b, s:set 'a, t:set 'b, x:'a, y:'b.
mem f (s +-> t) -> mem (x,y) f -> mem x s