Commit c5d97975 authored by Sylvain Dailler's avatar Sylvain Dailler

Add experimental coq realization for Fset and other Set theory

The underlying datastructure is not satisfying nor are the proofs but at
least there is a quick simple realization. It uses ClassicalEpsilon axioms
such as excluded middle, indefinite_description etc...
Some theory realizations are very far from reality because the axiom
characterization is small.
parent fb3da6dc
......@@ -31,6 +31,10 @@ Transformations
Counterexamples
* Improved display of counterexamples in Task view
Realizations
* Added experimental realizations for new Set theories in both Isabelle and
Coq
Version 1.2.0, February 11, 2019
--------------------------------
......
......@@ -974,7 +974,7 @@ COQLIBS_REAL = $(addprefix lib/coq/real/, $(COQLIBS_REAL_FILES))
COQLIBS_NUMBER_FILES = Divisibility Gcd Parity Prime Coprime
COQLIBS_NUMBER = $(addprefix lib/coq/number/, $(COQLIBS_NUMBER_FILES))
COQLIBS_SET_FILES = Set
COQLIBS_SET_FILES = Set Cardinal Fset FsetInduction FsetInt FsetSum SetApp SetAppInt SetImp SetImpInt
COQLIBS_SET = $(addprefix lib/coq/set/, $(COQLIBS_SET_FILES))
COQLIBS_MAP_FILES = Map Const Occ MapPermut MapInjection
......
This diff is collapsed.
This diff is collapsed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require HighOrd.
Require int.Int.
Require set.Fset.
(* Why3 goal *)
Definition t : Type.
Proof.
(* Example bool *)
apply bool.
Defined.
(* Why3 goal *)
Definition p : set.Fset.fset t -> Prop.
Proof.
intros f.
apply True.
Defined.
(* Why3 goal *)
Lemma Induction :
(forall (s:set.Fset.fset t), set.Fset.is_empty s -> p s) ->
(forall (s:set.Fset.fset t), p s -> (forall (t1:t), p (set.Fset.add t1 s))) ->
forall (s:set.Fset.fset t), p s.
Proof.
intros h1 h2 s.
(* TODO make something interesting *)
unfold p. constructor.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require HighOrd.
Require int.Int.
Require set.Fset.
(* Why3 goal *)
Definition min_elt : set.Fset.fset Numbers.BinNums.Z -> Numbers.BinNums.Z.
Proof.
intros.
destruct X as (fs, H).
(* We use the list to define the algorithm *)
eapply ClassicalEpsilon.constructive_indefinite_description in H.
destruct H as (l, Hl).
destruct l.
- apply Z.zero. (* If the list is empty the result is unspecified *)
- apply (List.fold_left (fun acc x => if Z_le_dec acc x then acc else x) l z).
Defined.
(* Why3 goal *)
Lemma min_elt_def :
forall (s:set.Fset.fset Numbers.BinNums.Z), ~ set.Fset.is_empty s ->
set.Fset.mem (min_elt s) s /\
(forall (x:Numbers.BinNums.Z), set.Fset.mem x s -> ((min_elt s) <= x)%Z).
Proof.
intros s h1.
unfold min_elt, Fset.is_empty, Fset.mem, set.Set.mem in *.
destruct s. simpl.
destruct ClassicalEpsilon.constructive_indefinite_description as [l [Hdupl Heql]].
destruct l.
{ destruct h1. intros. intro. apply Heql in H. destruct H. }
assert (forall l z,
forall x, List.In x l -> List.fold_left (fun x1 acc : int => if Z_le_dec x1 acc then x1 else acc) l z <= x)%Z.
{
induction l0; intros.
{ destruct H. }
assert (forall l z, List.fold_left (fun x1 acc : int => if Z_le_dec x1 acc then x1 else acc) l z <= z)%Z.
{
induction l1; intros; simpl; eauto. omega.
simpl. destruct Z_le_dec. eauto. eapply Z.le_trans with a0; eauto. omega.
}
simpl. destruct Z_le_dec.
destruct (Z_le_dec z0 x0).
eapply Z.le_trans with z0. eapply H0. assumption.
simpl in H. destruct H. subst. omega.
eapply IHl0; eauto.
destruct (Z_le_dec a x0).
eapply Z.le_trans with a. eapply H0. assumption.
simpl in H. destruct H. subst. omega.
eapply IHl0; eauto.
}
assert (forall l z, List.In (List.fold_left (fun x acc => if Z_le_dec x acc then x else acc) l z) l \/
List.fold_left (fun x acc => if Z_le_dec x acc then x else acc) l z = z).
{
induction l0; intros.
+ simpl. right. reflexivity.
+ simpl. destruct Z_le_dec.
- specialize (IHl0 z0). intuition.
- specialize (IHl0 a). intuition.
}
split.
rewrite <- Heql. simpl. specialize (H0 l z). intuition.
intros. eapply Heql in H1. eapply (H (List.cons z l) z) in H1; eauto. simpl in H1.
destruct Z_le_dec. assumption.
omega.
Qed.
(* Why3 goal *)
Definition max_elt : set.Fset.fset Numbers.BinNums.Z -> Numbers.BinNums.Z.
Proof.
intros.
apply (- min_elt (Fset.map (fun x => - x) X))%Z.
Defined.
(* Why3 goal *)
Lemma max_elt_def :
forall (s:set.Fset.fset Numbers.BinNums.Z), ~ set.Fset.is_empty s ->
set.Fset.mem (max_elt s) s /\
(forall (x:Numbers.BinNums.Z), set.Fset.mem x s -> (x <= (max_elt s))%Z).
Proof.
intros s h1.
unfold max_elt.
assert (~ Fset.is_empty (Fset.map (fun x : int => (- x)%Z) s))%Z.
{ unfold Fset.is_empty in *.
intro. destruct h1. intros. intro. specialize (H (-x)%Z).
apply H. eapply Fset.mem_map. assumption.
}
specialize (min_elt_def (Fset.map (fun x => -x)%Z s) H).
intros. destruct H0.
split.
clear H1 H h1.
rewrite Fset.map_def in H0. destruct H0.
destruct H. rewrite H0. replace ( - - x)%Z with x. assumption.
ring.
intros. clear H0. clear h1 H.
assert (min_elt (Fset.map (fun x => - x) s) <= -x)%Z.
{
eapply H1; eauto. apply Fset.mem_map. assumption.
}
omega.
Qed.
Fixpoint seqZ l len : list Numbers.BinNums.Z :=
match len with
| S n => List.cons l (seqZ (l + 1)%Z n)
| O => List.nil
end.
Lemma seqZ_le: forall len x l, List.In x (seqZ l len) -> (l <= x)%Z.
Proof.
induction len; simpl; intuition.
eapply IHlen in H0; intuition.
Qed.
Lemma seqZ_le2: forall len x l, List.In x (seqZ l len) -> (x < l + Z.of_nat len)%Z.
Proof.
induction len; simpl; intuition.
- subst. zify. omega.
- eapply IHlen in H0. zify. omega.
Qed.
Lemma seqZ_rev: forall len x l, (l <= x < l + Z.of_nat len)%Z -> List.In x (seqZ l len).
Proof.
induction len; intros; simpl in *.
+ omega.
+ destruct (Z_eq_dec l x); eauto.
right. eapply IHlen; eauto. zify; omega.
Qed.
Lemma seqZ_In_iff: forall l len x, List.In x (seqZ l len) <-> (l <= x < l + Z.of_nat len)%Z.
Proof.
split.
intros. eauto using seqZ_le, seqZ_le2.
eapply seqZ_rev.
Qed.
Lemma seqZ_NoDup: forall len l, List.NoDup (seqZ l len).
Proof.
induction len; intros.
+ constructor.
+ simpl. constructor; eauto.
intro Habs. eapply seqZ_le in Habs. omega.
Qed.
Lemma seqZ_length: forall len l, List.length (seqZ l len) = len.
Proof.
induction len; eauto.
intros. simpl. rewrite IHlen. reflexivity.
Qed.
(* Why3 goal *)
Definition interval :
Numbers.BinNums.Z -> Numbers.BinNums.Z -> set.Fset.fset Numbers.BinNums.Z.
Proof.
intros l r.
exists (fun x => if Z_le_dec l x then
if Z_lt_dec x r then true
else false
else false).
destruct (Z_le_dec l r).
+ exists (seqZ l (Z.to_nat (r - l))%Z).
split.
- eapply seqZ_NoDup.
- intros.
rewrite seqZ_In_iff.
rewrite Z2Nat.id; [|omega].
destruct Z_le_dec.
* destruct Z_lt_dec. split; intros; [reflexivity|].
intuition.
intuition. inversion H.
* intuition. inversion H.
+ exists List.nil.
split.
- constructor.
- intros.
destruct Z_le_dec; try destruct Z_lt_dec; intuition.
omega.
inversion H.
inversion H.
Defined.
(* Why3 goal *)
Lemma interval_def :
forall (l:Numbers.BinNums.Z) (r:Numbers.BinNums.Z) (x:Numbers.BinNums.Z),
set.Fset.mem x (interval l r) <-> (l <= x)%Z /\ (x < r)%Z.
Proof.
intros l r x.
unfold interval, Fset.mem, set.Set.mem.
destruct Z_le_dec; try destruct Z_lt_dec; intuition; try inversion H.
Qed.
Lemma interval_is_finite: forall l r,
Cardinal.is_finite (fun x : int =>
if Z_le_dec l x then if Z_lt_dec x r then true
else false else false).
Proof.
intros.
unfold Cardinal.is_finite.
destruct (Z_le_dec l r).
+ exists (seqZ l (Z.to_nat (r - l)%Z)).
split. apply seqZ_NoDup.
intros. rewrite seqZ_In_iff.
rewrite Z2Nat.id; [|omega].
destruct Z_le_dec; try destruct Z_lt_dec; intuition; try inversion H.
+ exists nil. split. constructor.
simpl. intros. destruct Z_le_dec; try destruct Z_lt_dec; intuition.
Qed.
(* Why3 goal *)
Lemma cardinal_interval :
forall (l:Numbers.BinNums.Z) (r:Numbers.BinNums.Z),
((l <= r)%Z -> ((set.Fset.cardinal (interval l r)) = (r - l)%Z)) /\
(~ (l <= r)%Z -> ((set.Fset.cardinal (interval l r)) = 0%Z)).
Proof.
intros l r.
unfold interval, Fset.mem, set.Set.mem, Fset.cardinal, Cardinal.cardinal.
assert (H := interval_is_finite l r).
destruct ClassicalEpsilon.excluded_middle_informative; [| intuition].
destruct ClassicalEpsilon.classical_indefinite_description.
specialize (a i).
split.
+ intros.
destruct a.
assert (length (seqZ l (Z.to_nat (r - l)%Z)) = length x).
{
eapply Nat.le_antisymm.
+ eapply List.NoDup_incl_length. eapply seqZ_NoDup. intro. rewrite H2.
rewrite seqZ_In_iff. destruct Z_le_dec; try destruct Z_lt_dec; intuition.
rewrite Z2Nat.id in H5; omega.
+ eapply List.NoDup_incl_length. assumption. intro. rewrite H2.
rewrite seqZ_In_iff. destruct Z_le_dec; try destruct Z_lt_dec; intuition.
rewrite Z2Nat.id; omega.
inversion H3.
inversion H3.
}
rewrite <- H3. rewrite seqZ_length. rewrite Z2Nat.id; omega.
+ intros. destruct a.
destruct x. reflexivity.
specialize (H2 z). contradict H2. destruct Z_le_dec.
destruct Z_lt_dec. omega. intuition. intuition.
Qed.
This diff is collapsed.
......@@ -385,7 +385,7 @@ set (P := fun (x:a) => mem x s /\ y = f x).
assert (inhabited a).
destruct a_WT.
exact (inhabits why_inhabitant).
set (x := epsilon H P).
set (x := epsilon H P).
destruct b_WT.
destruct (why_decidable_eq y (f x)).
exact (s x).
......
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require HighOrd.
Require int.Int.
Require set.Fset.
(* Why3 goal *)
Definition elt : Type.
Proof.
(* TODO find something more interesting *)
apply bool.
Defined.
(* Why3 goal *)
Definition set : Type.
Proof.
(* TODO find something more interesting *)
apply bool.
Defined.
(* Why3 goal *)
Definition to_fset : set -> set.Fset.fset elt.
Proof.
(* TODO find something more interesting *)
intros. exists (fun _ => false).
exists nil. split. constructor. intros. split.
intros. destruct H. intro. inversion H.
Defined.
(* Why3 goal *)
Definition choose : set -> elt.
Proof.
intros.
apply true.
Defined.
(* Why3 goal *)
Lemma choose_spec :
forall (s:set), ~ set.Fset.is_empty (to_fset s) ->
set.Fset.mem (choose s) (to_fset s).
Proof.
intros s h1.
destruct h1. unfold set.Fset.is_empty. intros.
unfold to_fset. simpl. unfold set.Set.mem.
intuition.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require HighOrd.
Require int.Int.
Require set.Fset.
Require set.FsetInt.
Require set.SetApp.
(* Why3 goal *)
Definition set : Type.
Proof.
(* TODO find something more interesting. *)
apply bool.
Defined.
(* Why3 goal *)
Definition to_fset : set -> set.Fset.fset Numbers.BinNums.Z.
Proof.
(* TODO find something more interesting. *)
intros. exists (fun _ => false).
exists nil. intuition.
constructor. inversion H.
Defined.
(* Why3 goal *)
Definition choose : set -> Numbers.BinNums.Z.
Proof.
(* TODO find something more interesting. *)
intros. apply Z.zero.
Defined.
(* Why3 goal *)
Lemma choose_spec :
forall (s:set), ~ set.Fset.is_empty (to_fset s) ->
set.Fset.mem (choose s) (to_fset s).
Proof.
intros s h1.
destruct h1. unfold to_fset, Fset.is_empty, Fset.mem, set.Set.mem.
intuition.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require HighOrd.
Require int.Int.
Require set.Fset.
(* Why3 goal *)
Definition elt : Type.
Proof.
(* TODO find something more interesting. *)
apply bool.
Defined.
(* Why3 goal *)
Definition set : Type.
Proof.
(* TODO find something more interesting. *)
apply bool.
Defined.
(* Why3 goal *)
Definition to_fset : set -> set.Fset.fset elt.
Proof.
(* TODO find something more interesting. *)
intros. exists (fun _ => false).
exists nil. intuition.
constructor. inversion H.
Defined.
(* Why3 goal *)
Definition choose : set -> elt.
Proof.
(* TODO find something more interesting. *)
intros. apply true.
Defined.
(* Why3 goal *)
Lemma choose_spec :
forall (s:set), ~ set.Fset.is_empty (to_fset s) ->
set.Fset.mem (choose s) (to_fset s).
Proof.
intros s h1.
destruct h1. unfold to_fset, Fset.is_empty, Fset.mem, set.Set.mem.
intuition.
Qed.
(* This file is generated by Why3's Coq-realize driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require HighOrd.
Require int.Int.
Require set.Fset.
Require set.FsetInt.
Require set.SetImp.
(* Why3 goal *)
Definition set : Type.
Proof.
(* TODO find something more interesting. *)
apply bool.
Defined.
(* Why3 goal *)
Definition to_fset : set -> set.Fset.fset Numbers.BinNums.Z.
Proof.
(* TODO find something more interesting. *)
intros. exists (fun _ => false).
exists nil. intuition.
constructor. inversion H.
Defined.
(* Why3 goal *)
Definition choose : set -> Numbers.BinNums.Z.
Proof.
(* TODO find something more interesting. *)
intros. apply Z.zero.
Defined.
(* Why3 goal *)
Lemma choose_spec :
forall (s:set), ~ set.Fset.is_empty (to_fset s) ->
set.Fset.mem (choose s) (to_fset s).
Proof.
intros s h1.
destruct h1. unfold to_fset, Fset.is_empty, Fset.mem, set.Set.mem.
intuition.
Qed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment