anthem-rs/examples/example-2.spec

31 lines
1.5 KiB
RPMSpec
Raw Normal View History

2020-05-12 06:10:59 +02:00
# Perform the proofs under the assumption that n is a nonnegative integer input constant
2020-05-07 17:19:42 +02:00
input: n -> integer.
2020-05-12 06:10:59 +02:00
assume: n >= 0.
# p/1 is an auxiliary predicate, so replace all occurrences of p/1 with its completed definition
output: q/1.
2020-05-06 21:39:04 +02:00
2020-05-07 17:19:42 +02:00
axiom: forall N1, N2, N3 (N1 > N2 and N3 > 0 -> N1 * N3 > N2 * N3).
2020-05-12 06:10:59 +02:00
# Induction principle instantiated for p.
# This axiom is necessary because we use Vampire without higher-order reasoning
2020-05-11 02:21:24 +02:00
axiom: (p(0) and forall N (N >= 0 and p(N) -> p(N + 1))) -> (forall N p(N)).
2020-05-06 21:39:04 +02:00
spec: exists N (forall X (q(X) <-> X = N) and N >= 0 and N * N <= n and (N + 1) * (N + 1) > n).
2020-05-06 21:39:04 +02:00
2020-05-11 04:14:17 +02:00
2020-05-06 21:39:04 +02:00
lemma(forward): forall N N * N >= N.
lemma(forward): forall X (q(X) -> exists N X = N).
lemma(forward): forall X (p(X) <-> exists N2 (X = N2 and N2 >= 0 and N2 * N2 <= n)).
lemma(forward): forall X (q(X) <-> exists N2 (X = N2 and N2 >= 0 and N2 * N2 <= n and not p(N2 + 1))).
lemma(forward): forall N2 (N2 >= 0 and not p(N2 + 1) -> (N2 + 1) * (N2 + 1) > n).
lemma(forward): forall X (q(X) <-> exists N2 (X = N2 and N2 >= 0 and N2 * N2 <= n and (N2 + 1) * (N2 + 1) > n)).
lemma(forward): exists N2 (forall X (X = N2 -> (q(X) <-> N2 >= 0 and N2 * N2 <= n and (N2 + 1) * (N2 + 1) > n))).
lemma(forward): exists N2 p(N2).
lemma(forward): forall N1, N2 (N1 >= 0 and N2 >= 0 and N1 < N2 -> N1 * N1 < N2 * N2).
lemma(forward): forall N (N >= 0 and p(N + 1) -> p(N)).
lemma(forward): not p(n + 1).
lemma(forward): forall N1, N2 (N2 > N1 and N1 >= 0 and p(N2) -> p(N1)).
lemma(forward): forall N2, N3 (q(N2) and N3 > N2 -> not q(N3)).