updated proof for VSTTE'10 problem 4

parent be01c33b
(* VSTTE'10 competition http://www.macs.hw.ac.uk/vstte10/Competition.html
Problem 4: N-queens *)
module M
module NQueens
use import int.Int
use import module array.Array
......@@ -47,7 +47,7 @@ module M
let check_is_consistent (board: array int) pos =
{ 0 <= pos < length board }
try
for q = 0 to pos-1 do
for q = 0 to pos - 1 do
invariant { forall j:int. 0 <= j < q -> consistent_row board pos j }
let bq = board[q] in
let bpos = board[pos] in
......
(* This file is generated by Why3's Coq driver *)
(* Beware! Only edit allowed sections below *)
Require Import ZArith.
Require Import Rbase.
Definition unit := unit.
Parameter label : Type.
Parameter at1: forall (a:Type), a -> label -> a.
Implicit Arguments at1.
Parameter old: forall (a:Type), a -> a.
Implicit Arguments old.
Parameter map : forall (a:Type) (b:Type), Type.
Parameter get: forall (a:Type) (b:Type), (map a b) -> a -> b.
Implicit Arguments get.
Parameter set: forall (a:Type) (b:Type), (map a b) -> a -> b -> (map a b).
Implicit Arguments set.
Axiom Select_eq : forall (a:Type) (b:Type), forall (m:(map a b)),
forall (a1:a) (a2:a), forall (b1:b), (a1 = a2) -> ((get (set m a1 b1)
a2) = b1).
Axiom Select_neq : forall (a:Type) (b:Type), forall (m:(map a b)),
forall (a1:a) (a2:a), forall (b1:b), (~ (a1 = a2)) -> ((get (set m a1 b1)
a2) = (get m a2)).
Parameter const: forall (b:Type) (a:Type), b -> (map a b).
Set Contextual Implicit.
Implicit Arguments const.
Unset Contextual Implicit.
Axiom Const : forall (b:Type) (a:Type), forall (b1:b) (a1:a), ((get (const(
b1):(map a b)) a1) = b1).
Inductive array (a:Type) :=
| mk_array : Z -> (map Z a) -> array a.
Implicit Arguments mk_array.
Definition elts (a:Type)(u:(array a)): (map Z a) :=
match u with
| mk_array _ elts1 => elts1
end.
Implicit Arguments elts.
Definition length (a:Type)(u:(array a)): Z :=
match u with
| mk_array length1 _ => length1
end.
Implicit Arguments length.
Definition get1 (a:Type)(a1:(array a)) (i:Z): a := (get (elts a1) i).
Implicit Arguments get1.
Definition set1 (a:Type)(a1:(array a)) (i:Z) (v:a): (array a) :=
match a1 with
| mk_array xcl0 _ => (mk_array xcl0 (set (elts a1) i v))
end.
Implicit Arguments set1.
Definition eq_board(b1:(array Z)) (b2:(array Z)) (pos:Z): Prop :=
forall (q:Z), ((0%Z <= q)%Z /\ (q < pos)%Z) -> ((get1 b1 q) = (get1 b2
q)).
Axiom eq_board_set : forall (b:(array Z)) (pos:Z) (q:Z) (i:Z),
(pos <= q)%Z -> (eq_board b (set1 b q i) pos).
Axiom eq_board_sym : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
(eq_board b1 b2 pos) -> (eq_board b2 b1 pos).
Axiom eq_board_trans : forall (b1:(array Z)) (b2:(array Z)) (b3:(array Z))
(pos:Z), (eq_board b1 b2 pos) -> ((eq_board b2 b3 pos) -> (eq_board b1 b3
pos)).
Axiom eq_board_extension : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
(eq_board b1 b2 pos) -> (((get1 b1 pos) = (get1 b2 pos)) -> (eq_board b1 b2
(pos + 1%Z)%Z)).
Definition consistent_row(board:(array Z)) (pos:Z) (q:Z): Prop :=
(~ ((get1 board q) = (get1 board pos))) /\ ((~ (((get1 board
q) - (get1 board pos))%Z = (pos - q)%Z)) /\ ~ (((get1 board
pos) - (get1 board q))%Z = (pos - q)%Z)).
Axiom consistent_row_eq : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
(eq_board b1 b2 (pos + 1%Z)%Z) -> forall (q:Z), ((0%Z <= q)%Z /\
(q < pos)%Z) -> ((consistent_row b1 pos q) -> (consistent_row b2 pos q)).
Definition is_consistent(board:(array Z)) (pos:Z): Prop := forall (q:Z),
((0%Z <= q)%Z /\ (q < pos)%Z) -> (consistent_row board pos q).
Axiom is_consistent_eq : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
(eq_board b1 b2 (pos + 1%Z)%Z) -> ((is_consistent b1 pos) ->
(is_consistent b2 pos)).
Definition is_board(board:(array Z)) (pos:Z): Prop := forall (q:Z),
((0%Z <= q)%Z /\ (q < pos)%Z) -> ((0%Z <= (get1 board q))%Z /\
((get1 board q) < (length board))%Z).
Definition solution(board:(array Z)) (pos:Z): Prop := (is_board board pos) /\
forall (q:Z), ((0%Z <= q)%Z /\ (q < pos)%Z) -> (is_consistent board q).
Theorem solution_eq_board : forall (b1:(array Z)) (b2:(array Z)) (pos:Z),
((length b1) = (length b2)) -> ((eq_board b1 b2 pos) -> ((solution b1
pos) -> (solution b2 pos))).
(* YOU MAY EDIT THE PROOF BELOW *)
unfold solution, eq_board, is_board, is_consistent; intuition.
rewrite <- H0; generalize (H2 q); auto with *.
rewrite <- H0; generalize (H2 q); auto with *.
unfold consistent_row in *.
assert (hq: (0 <= q < pos)%Z) by omega.
assert (hq0: (0 <= q0 < q)%Z) by omega.
generalize (H3 q hq q0 hq0).
do 2 (rewrite <- H0; try omega).
Qed.
(* DO NOT EDIT BELOW *)
......@@ -2,136 +2,56 @@
<!DOCTYPE why3session SYSTEM "why3session.dtd">
<why3session name="examples/programs/vstte10_queens/why3session.xml">
<file name="../vstte10_queens.mlw" verified="true" expanded="true">
<theory name="M" verified="true" expanded="true">
<goal name="eq_board_set" sum="5a0d75d0eac71d57f1acabc952568bfa" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
<theory name="NQueens" verified="true" expanded="true">
<goal name="eq_board_set" sum="138449ac130d14e5d07c8279ca0afcd6" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="eq_board_sym" sum="405f7d6fa7f1cd214d57be56a03a90c6" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
<result status="valid" time="0.03"/>
<goal name="eq_board_sym" sum="4db24064e6f431db66f70d3abc00f260" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.00"/>
</proof>
</goal>
<goal name="eq_board_trans" sum="4f4b4df9a06df487228e3b7a5e299786" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
<goal name="eq_board_trans" sum="3af1e2dcede08fa003a851263151388b" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="eq_board_extension" sum="b146f07adfca2961090acaf226f1472b" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
<result status="valid" time="0.02"/>
<goal name="eq_board_extension" sum="0fe0f7c66cd0d689fb5269f407d95473" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.01"/>
</proof>
</goal>
<goal name="consistent_row_eq" sum="5cdbdd0e4d2d069953d7d298438e53eb" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
<result status="valid" time="0.05"/>
<goal name="consistent_row_eq" sum="60a91480743e21cc711af0c8570d29be" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.04"/>
</proof>
</goal>
<goal name="is_consistent_eq" sum="0cdac2dc0783cb8971d9b2bc165b1dbb" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="25" edited="" obsolete="false">
<result status="valid" time="0.15"/>
<goal name="is_consistent_eq" sum="8a624176fb3447a1a0f9656f14831c65" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.16"/>
</proof>
</goal>
<goal name="WP_parameter check_is_consistent" expl="correctness of parameter check_is_consistent" sum="650b8d34506ab14116907ee9a6c5293a" proved="true" expanded="true">
<transf name="split_goal" proved="true" expanded="true">
<goal name="WP_parameter check_is_consistent.1" expl="normal postcondition" sum="4cc7de5ca077c383b2e8c319e5fe2772" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter check_is_consistent.2" expl="for loop initialization" sum="80722d6f340ea1606df6b1de6a061b02" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter check_is_consistent.3" expl="for loop preservation" sum="1e68880955d1ba458aaac7db11bfadf1" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.10"/>
</proof>
</goal>
<goal name="WP_parameter check_is_consistent.4" expl="normal postcondition" sum="19580c6a17a5572d4a5e3517d7284f33" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
</transf>
<goal name="WP_parameter check_is_consistent" expl="correctness of parameter check_is_consistent" sum="7f5ce8fe43d016e6a4150d41b5612118" proved="true" expanded="true">
<proof prover="cvc3" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.05"/>
</proof>
</goal>
<goal name="solution_eq_board" sum="d370041b6257114a528593f9179b707e" proved="true" expanded="true">
<transf name="split_goal" proved="true" expanded="true">
<goal name="solution_eq_board.1" sum="d370041b6257114a528593f9179b707e" proved="true" expanded="true">
<proof prover="z3" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.06"/>
</proof>
</goal>
</transf>
<goal name="solution_eq_board" sum="b9d1019b6d99c0a051ebcaaa83115667" proved="true" expanded="true">
<proof prover="coq" timelimit="20" edited="vstte10_queens.mlw_NQueens_solution_eq_board_1.v" obsolete="false">
<result status="valid" time="0.60"/>
</proof>
</goal>
<goal name="WP_parameter bt_queens" expl="correctness of parameter bt_queens" sum="efdafb18184a557c0bd125c5402c13b4" proved="true" expanded="true">
<transf name="split_goal" proved="true" expanded="true">
<goal name="WP_parameter bt_queens.1" expl="exceptional postcondition" sum="2a6ac1e487ce8b58509cbc4b3ca2a6ad" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.03"/>
</proof>
</goal>
<goal name="WP_parameter bt_queens.2" expl="normal postcondition" sum="d310f725c1974ea14c328be34508ffdc" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter bt_queens.3" expl="for loop initialization" sum="dd318c0d700fee0e567d4f117338842f" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.03"/>
</proof>
</goal>
<goal name="WP_parameter bt_queens.4" expl="for loop preservation" sum="78dd8b8c60afd7e97ffcd6f038cdda81" proved="true" expanded="true">
<proof prover="cvc3" timelimit="10" edited="" obsolete="false">
<result status="valid" time="1.08"/>
</proof>
</goal>
<goal name="WP_parameter bt_queens.5" expl="normal postcondition" sum="4394063341332481cf8bfa9f973e760d" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.12"/>
</proof>
</goal>
</transf>
<goal name="WP_parameter bt_queens" expl="correctness of parameter bt_queens" sum="b59f9ab1ac42b3755b8e06f7dc04fc2a" proved="true" expanded="true">
<proof prover="cvc3" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.96"/>
</proof>
</goal>
<goal name="WP_parameter queens" expl="correctness of parameter queens" sum="1518431140950e60159267f1ed47140d" proved="true" expanded="true">
<transf name="split_goal" proved="true" expanded="true">
<goal name="WP_parameter queens.1" expl="precondition" sum="9176784c479b4a2ff97029b001dad298" proved="true" expanded="true">
<transf name="split_goal" proved="true" expanded="true">
<goal name="WP_parameter queens.1.1" expl="correctness of parameter queens" sum="8539b23d3510fd4f1de63ea1997ce50d" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter queens.1.2" expl="correctness of parameter queens" sum="8ade4db49784f57307243eebbcb198d5" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter queens.1.3" expl="correctness of parameter queens" sum="3de11924bbf3959c8f7fdc4cdf27f0cb" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="false">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter queens.1.4" expl="correctness of parameter queens" sum="2d57043056ef40059532b1cb570c9882" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
<result status="valid" time="0.03"/>
</proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter queens.2" expl="normal postcondition" sum="36d4e9c3b144d3d58c150fa7126ef877" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
<result status="valid" time="0.02"/>
</proof>
</goal>
<goal name="WP_parameter queens.3" expl="exceptional postcondition" sum="0bb3a16f6adf6b874b658f9dea10cbdb" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="10" edited="" obsolete="true">
<result status="valid" time="0.02"/>
</proof>
</goal>
</transf>
<goal name="WP_parameter queens" expl="correctness of parameter queens" sum="fa29a0090876c2c2eae4d8423017ff3c" proved="true" expanded="true">
<proof prover="alt-ergo" timelimit="20" edited="" obsolete="false">
<result status="valid" time="0.03"/>
</proof>
</goal>
</theory>
</file>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment