864 questions
1
vote
1
answer
69
views
Array Reverse Proof by Dafny
Regarding the array reversal problem, I guess loop invariants are logically correct, based on the symmetry of the elements in the array and their relationship after reversal.
However, I don’t ...
- 13
3
votes
1
answer
93
views
Is there a way to check for an instance of a class (with Haskell extensions)?
I am currently writing common theorems of intuitionistic logic in Haskell using the Curry-Howard isomorphism:
import Data.Void
type a :> b = a -> b -- implies
type a :+ b = Either a b -- or
data ...
1
vote
2
answers
60
views
Trying to prove the multiset of a sequence is equal to the multiset of that sequence broken up
I'm having trouble proving this within a while loop in Dafny:
assert multiset(seqa) == multiset(seqa[..i] + seqa[i..]);
Note:
An invariant exists ensuring that 0 <= i <= |seqa|.
There are no ...
- 11
0
votes
1
answer
116
views
Providing and using proofs as arguments to a function in Rocq
I am having trouble with a piece of Rocq code that I think has to do with providing a proof argument to a function, but I am not sure.
Here's the relevant code. The code below typechecks:
Require ...
- 361
0
votes
0
answers
37
views
Proving the Log Matching property in Raft consensus protocol
I have been trying to understand the Raft protocol for quite some time now. One thing that has always stumped me is the proof of the Log Matching property. One of my concerns is that the proof in the ...
- 118
2
votes
2
answers
89
views
Inductive Proof for a Recursive Prefix Checking Function
The problem involves proving, using mathematical induction, the correctness of the recursive function presenza_strg (comments are in italian sorry for that)
/*Controlla in maniera ricorsiva se s1 è ...
0
votes
0
answers
50
views
Linearizability proof of a toy SET implementation over a filesystem
I'm currently studying concepts related to linearizability and I struggle with going from the linearization points of an implementation to the actual proof of linearizability.
As far as I have ...
- 1
1
vote
1
answer
164
views
Unexpected token in Hyperbolic geometry undecidability proof with lean 4
I am trying to use Lean 4 to reduce the halting problem to hyperbolic geometry to prove the undecidability of hyperbolic geometry, having problems with the diagonalization of the Turing machines, also ...
0
votes
2
answers
81
views
I'm having difficulty definining a property in Coq, not sure how to approach
I've implemented a proof system from a paper in Coq, as shown below.
Term proof System
Require Import Ensembles.
Definition Var := nat.
Definition Name := nat.
Inductive Term: Type :=
| VarTerm (v: ...
1
vote
0
answers
99
views
What is the proper why to generate an instance from Lean4 GetElm class type?
Trigger
I am writing an exercise in Functional Programming in Lean. The example shows a way to generate an instance for GetElem' (NonEmptyList α) Nat α .. with a bound. I explain it as to implement ...
6
votes
2
answers
148
views
substitution in proofs with recursive formulas
The following problem and partial solution are from Richard Bird's Thinking Functionally with Haskell (pp 132-133, 139)
given
foldl f e (x:xs) = foldl f (f e x) xs
foldl f e [] = e
Prove foldl (@) e ...
- 2,183
0
votes
0
answers
103
views
How to prove the sliding window algorithm works to find the largest non repeating substring
Doing the leetcode problem https://leetcode.com/problems/longest-substring-without-repeating-characters/ I found this solution:
def lengthOfLongestSubstring(self, s: str) -> int:
left = 0
...
1
vote
0
answers
52
views
Expected number of full neighbors of a Voronoi cell in $\mathbb{R}^3$
Given a Voronoi diagram in three dimensions, what is the expected number of full neighbors E(C) of a Voronoi cell?
Two adjacent cells are considered full (or Gabriel) neighbours in R^3 if the line ...
- 33
0
votes
3
answers
181
views
Time complexity analysis of data structures
I got a bit confused about analzsis of data structure basic operation like inserting or deleting.
when I am asked about creating an data structure that support deleting operation, or inserting in O(1),...
- 119
0
votes
1
answer
95
views
Dafny simple proof about giving change not working
I want to prove that the following code returns a given amount (money) in 5 and 3 bills/coins:
function sum(ns: seq<nat>): nat
{
if |ns| == 0 then
0
else
ns[0] + sum(ns[1..])
}
...
- 106k
2
votes
1
answer
95
views
WP Plugin: Why does the following simplified code fail to verify
I am a new Frama-C User and I am trying to prove certain properties for a large project. I was seeing a particular proof fail, and tried reducing the problem to a minimum reproducible example, and the ...
0
votes
1
answer
114
views
How to instruct `auto` to simplify the goal during proof search?
A minimal example of my issue looks as follows:
Goal let x := True in x.
This is immediately solved by simpl. auto., but auto. does not work.
In my actual case, the search tree is a bit bigger than ...
- 7,413
1
vote
1
answer
60
views
Prove max x y = y given that x <= y in Idris 2?
I am new to Idris2 and need some guidance on proving the following relationship:
simplify_max : (LTE x y) -> (max x y) = y
simplify_max prf = ?code
I read in the docs that the constructors for LTE ...
- 21
0
votes
1
answer
318
views
Is is possible to rename a coq term?
Sorry, I'm not sure if the title is the adequate question.
I have been going through Logical Foundations. In the Lemma "double_plus" i solved it with this solution:
Lemma double_plus : ...
- 131
1
vote
1
answer
79
views
How to extract a variable from an exist clause
I am triying to make a simple reduction to absurd proof with Dafny, normally when I do so (in real life mathematics) I use arguments like "ok, now lets choose a p that fullfills this property ...
0
votes
1
answer
109
views
Proof by reductio ad absurdum in Isabelle
I understand how ccontr works, however I am unsure how (or even if it is possible) to use it on a lemma declared with assumption(s).
Take this simple example, all is good:
lemma l1: "A⊆B ⟶ A ∩ B =...
- 39
1
vote
0
answers
48
views
I have a problem in Isabelle related to 'Clash of types' that I am unable to solve. Could someone help me?
I would want to formalise a calculus in Isabelle. I started with this definitions:
type_synonym Signature = "string ⇀ nat"
type_synonym 'a Interpretation = "string ⇀ 'a list set"
...
0
votes
2
answers
612
views
How to prove that nat_to_bin combines bin_to_nat b = normalize b in Coq
I am a green hand in studying Coq with the reference book softwarefoundation-induction
In the last part of this phrase, there is an exercise about proving that
change a binary to a nature number and ...
-2
votes
3
answers
93
views
Is this the best loop variant for the following code which takes in a sorted array of integers and determines if theres are ints x,y that equal k
Would "there exists a pair x,y in the subarray arr[left:right+1] that sums up to k." be a good loop variant for the code below which determines given a sorted array of integers if there is a ...
- 9
-1
votes
2
answers
113
views
Sledgehammer output with vampire
I tried to use sledgehammer in proof and got such output
Sledgehammering...
vampire found a proof...
Derived "False" from these facts alone: SymbolicE, const_bool_simp, ptype_bool_not, ...
- 23
0
votes
1
answer
58
views
Agda Recursion on Proof
I have created a recursive Datatype „Positive“ in Agda. Im using this datatype to Index some Tree.
On those trees I am trying to proof that a set operation on some Index q doesnt affect a get ...
- 57
0
votes
1
answer
128
views
What is the simplest AVL tree structure to demonstrate a complete right rotation?
I'm learning about AVL trees and their rotations in data structures. I wish my lectures had showcased the simplest complete right rotation because I found the topic became way easier for me when I ...
0
votes
1
answer
142
views
Agda Unresolved Metas
I have created a Tree datatype. And a get function that should retrieve a value from it. I now want to create a Proof that retrieving any Value from an Empty Tree will return "nothing".
(I ...
- 57
-1
votes
1
answer
557
views
lean4 prove that the set of prime numbers has at least two distinct elements
my example: seems to throw an error. am i doing something wrong? is my syntax the error? if so, how do i fix it? or how do i change me logic if i'm making a logical error?
/-
## Problem 2
-/
/-
1. ...
0
votes
0
answers
58
views
Josephus Problem - Is there a position with 0 chance of surviving, regardless of any skip interval?
Consider a variant of Josephus Problem. Instead of finding the initial position p_survive of the survivor, I want vary the skip interval k and determine if the following is true:
For all positions p ...
- 23
-2
votes
1
answer
75
views
Does this DFA satisfy the complement of the given language?
I got this challenge:
Given 𝐿 = { 𝑤 ∊ {0, 1}* : 01 is a substring of 𝑤 }
Show 𝐿 compliment is regular.
My understanding is that a DFA for the compliment of this language would need to reject 01 ...
- 9
1
vote
0
answers
69
views
How can i view all the state for NEAR blockchain and respectively for arbitrary smart contract and prove some value takes part in calculation root
I want to prove that some value that is stored in smart contract on Near is takes part of calcualtion in whole blockchain state root.
I have found the view-state function that odes the job of the ...
2
votes
1
answer
834
views
Proof of dynamic programming solution for Leetcode 818: Racecar
The problem is as follows:
Problem:
"Your car starts at position 0 and speed +1 on an infinite number line. Your car can go into negative positions. Your car drives automatically according to a ...
- 135
1
vote
1
answer
98
views
Counterexample for first-order logic assertion
I have the following assertion:
∀x(E(x) ↔ ¬F (x)), ∀x(E(x) → G(x)) |= ∃x(F (x) ∧ ¬G(x))
Using the semantic tableaux method, I was able to get a counterexample in the form of G(a)=true, E(a)=true and ...
user20677792
0
votes
1
answer
61
views
Is there a way for Coq to recall it already proved a property for the same element in the same proof?
In Coq, I have an inductive property on elements which may appear many times in the same proof. I would like to know if it is possible for Coq to memorize elements for which the property has already ...
- 57
0
votes
0
answers
85
views
Lagrange Inversion Formula
Is there any simple way to prove the Taylor's Expansion Formula of inverse functions ? How Lagrange Inversion Formula can be proven ? Is there any easy way to make it ?
thank you
Since if f(a) = b ...
1
vote
1
answer
80
views
Proving n + S n = S (n + n) without n + S m = S (n + m)
Is it possible to prove forall n, n + S n = S (n + n) (with or without induction) without using forall n m, n + S m = S (n + m)?
Looking at the proof, if I start by using induction on n, we end up in ...
0
votes
0
answers
46
views
Why did I get that the relation between distance covered and number of steps for random motion is quadratic although it should be linear?
I was working on a problem, where I was proving that for someone taking random-sized steps in 2-D, the relation between the total distance covered and the square root of the number of steps is linear. ...
- 15
0
votes
1
answer
39
views
How to form a greedy argument in Dafny?
I am trying to verify the following solution to this problem.
https://leetcode.com/problems/diameter-of-binary-tree/description/
function diameter(node: TreeNode | null): [number, number] {
if(node =...
- 1,308
0
votes
0
answers
49
views
Gödel didn’t prove the incompleteness?
Gödel’s proof considers an arbitrary system K containing natural number. The proof defines a relation Q(x,y) then considers ∀x(Q(x,p)) where p is a particular natural number. The proof shows that the ...
6
votes
2
answers
263
views
Is it possible to disambiguate instances with an intermediate step?
Suppose a scenario where you have an application config, the structure of which has changed a few times. To provide ease of use for users, you wish to allow automatic migration from each version to ...
- 1,169
-2
votes
1
answer
156
views
Why can't all existential binders be replaced by unique constants during skolemization?
When using skolemization to replace existentially quantified variables in an expression, any existential bound at the top level can be replaced by a new globally unique constant, however if the ...
0
votes
0
answers
323
views
Finding a loop invariant to prove a simple summing algorithm
I am currently learning Loop Invariants and is wondering whether I have generated them correctly here. The algorithm pseudocode is:
**EvenSumming(A)**
outcome=0
for i=1 to n
if A[i] is even
outcome=...
- 103
-1
votes
1
answer
335
views
Prove (p → ¬ q) → ¬ (p ∧ q) in Lean4
I get as far as this
theorem problem_2 : (p → ¬ q) → ¬ (p ∧ q) := by
intro hp
intro hpw
which gets me to ⊢ False
- 45
0
votes
2
answers
691
views
Lean4: Proving that `(xs = ys) = (reverse xs = reverse ys)`
Intuitively stating that xs is equal to ys is the same as saying that the respective reverse lists are equal to each other.
I'm currently learning Lean 4 and so I set myself the following exercise. I ...
- 275
4
votes
2
answers
500
views
How does prolog resolution use proof by contradiction?
I'm learning prolog, and I'm confused by the claim that prolog uses proof by contradiction:
The resolution proof process makes use of a technique that is known as reduction to the absurd: suppose ...
- 22.3k
0
votes
1
answer
90
views
Dafny existence statement cause slowness?
apowAddition verifies when I comment out containsInverses(g) in my definition of a valid group theory algebra, but when I uncomment it fails to verify, death by timeout. I can guess that Dafny is ...
- 1,308
1
vote
3
answers
115
views
How do I write proofs about private implementations?
I want to write a proof about my function
export
foo : Nat -> Nat
but since it's only export not public export, how can I do that? Afaik public makes the implementation public.
- 8,122
0
votes
2
answers
738
views
Lean prover: prove existential quantifier by providing an example
I am a beginner in lean prover and I have struggled a bit with the following example:
I need to proof the following
∃ x, f x
Where f is a function defined earlier in the lean file. This seems simple ...
- 75
0
votes
1
answer
88
views
Why idris2 can't proof that div 1 2 < 1 = True?
When I write:
div_1_2_lower_than_1 : div (S Z) 2 < (S Z) = True
div_1_2_lower_than_1 = Refl
I get error:
While processing right hand side of div_1_2_lower_than_1. Can't solve constraint
between: ...
- 65