--> **************************************************************** --> Proof scores for verifying: --> eq rev1(rev1(S:Seq) = S . --> eq[rev2(S1:Seq,S2:Seq) = rev1(S1) S2 . --> **************************************************************** --> ---------------------------------------------------------------- --> parametrized sequence (i.e. generic sequence) --> ---------------------------------------------------------------- --> ---------------------------------------------------------------- --> parametrized sequence (i.e. generic sequence) --> ---------------------------------------------------------------- mod! SEQ (X :: TRIV) { [Elt < Seq] -- constructors of sequences op nil : -> Seq {constr} . op __ : Seq Seq -> Seq {constr assoc id: nil} . } --> ---------------------------------------------------------------- --> SEQ with reverse operations --> ---------------------------------------------------------------- mod! SEQrev(X :: TRIV) { pr(SEQ(X)) -- one argument reverse operation op rev1 : Seq -> Seq . eq rev1(nil) = nil . eq rev1(E:Elt S:Seq) = rev1(S) E . -- two arguments reverse operation op rev2 : Seq Seq -> Seq . eq rev2(nil,S2:Seq) = S2 . eq rev2(E:Elt S1:Seq,S2:Seq) = rev2(S1,E S2) . } --> ---------------------------------------------------------------- --> SEQrev with _if_ --> ---------------------------------------------------------------- mod SEQrevif {inc(SEQrev) op _if_ : Bool Bool -> Bool . eq (B1:Bool if B2:Bool) = (B2 implies B1) . } --> **************************************************************** set trace whole on --> set trace whole on --> ---------------------------------------------------------------- --> ================================================================ --> proof score for property of SEQrev: --> rev1 distributes over __ reversely (r1d) --> cq[r1d]: rev1(S1:Seq S2:Seq) = rev1(S2) rev1(S1) --> if not((S1 == nil) or (S2 == nil)) . --> ---------------------------------------------------------------- -- Proof: By induction on the length of S1:Seq --> induction base (the case in which the length of S1 is 1) open SEQrevif . op e1 : -> Elt . op s2 : -> Seq . red (rev1(e1 s2) = rev1(s2) rev1(e1)) if (not((e1 == nil) or (s2 == nil))) . close --> induction step open SEQrevif . -- induction hypothesis op s1 : -> Seq . cq rev1(s1 S2:Seq) = rev1(S2) rev1(s1) if not((s1 == nil) or (S2 == nil)) . -- check the step op e : -> Elt . op s2 : -> Seq . red (rev1((e s1) s2) = rev1(s2) rev1(e s1)) if (not(((e s1) == nil) or (s2 == nil))) . close --> QED --> ============================================================= --> ============================================================= --> proof score for property of SEQrev: --> rev1(rev1(_)) is identity function (rev1rev1) --> 'eq[rev1rev1]: rev1(rev1(S:Seq) = S .' --> ============================================================= -- Proof: By induction on the length of S:Seq --> induction base select SEQrev . -- check the base red rev1(rev1(nil)) = nil . --> induction step open SEQrev . -- already proved property cq[r1d]: rev1(S1:Seq S2:Seq) = rev1(S2) rev1(S1) if not((S1 == nil) or (S2 == nil)) . -- induction hypothesis op s : -> Seq . eq rev1(rev1(s)) = s . -- check the step op e : -> Elt . red rev1(rev1(e s)) = (e s) . close --> QED --> ============================================================= --> ============================================================= --> proof score for property of SEQrev: r2r1 --> eq[r2r1]: rev2(S1:Set,S2:Seq) = rev1(S1) S2 . --> ============================================================= -- proof: By induction on the length of S1:Seq --> induction base open SEQrev . op s2 : -> Seq . -- check the base red rev2(nil,s2) = rev1(nil) s2 . close --> induction step open SEQrev . -- induction hypothesis op s1 : -> Seq . eq rev2(s1,S2:Seq) = rev1(s1) S2 . -- check the step op e : -> Elt . op s2 : -> Seq . red rev2((e s1),s2) = rev1(e s1) s2 . close --> QED --> ============================================================= --> ---------------------------------------------------------------- set trace whole off --> set trace whole off --> **************************************************************** --> **************************************************************** --> end of file eof --> ****************************************************************