Re: SPARK : surprising failure with implication

comp.lang.ada
 help / color / mirror / Atom feed

From: "Yannick Duchêne (Hibou57)" <yannick_duchene@yahoo.fr>
Subject: Re: SPARK : surprising failure with implication
Date: Wed, 02 Jun 2010 06:34:54 +0200
Date: 2010-06-02T06:34:54+02:00	[thread overview]
Message-ID: <op.vdnocgnzule2fv@garhos> (raw)
In-Reply-To: op.vdmxbejnule2fv@garhos

Le Tue, 01 Jun 2010 20:51:04 +0200, Yannick Duchêne (Hibou57)  
<yannick_duchene@yahoo.fr> a écrit:

> Hi all,
>
> In an Ada/SPARK source, I had something like this:
>
>     --# check (Source = 1) -> ((Source mod 2) = 1); -- (1)
>     --# check (Source mod 2) /= 1;                  -- (2)
>     --# check Source /= 1;                          -- (3)
>
> 1) Was proved by the simplifier (note that I needed a user rule for  
> that).
> 2) Is a valid hypothesis ; an already proved conclusion (in some prior  
> check clauses)
> 3) Failed to be proved, while I expected this to be proved from (1) and  
> (2).
>
> [...]

Although late, I'm back to this topic.

I added this user rule:

    my_logic(1): not B -> not A may_be_deduced_from [ (A -> B) ].

While this was looking so much obvious, I though the Simplifier already  
knew it and this would probably change nothing. But this did change  
something! Now the above sequence of hypothesis->conclusion is proved.

Did I made something wrong somewhere ? Did I brake something somewhere ?  
Why is not this fundamental rule embedded in the Simplifier ?

I was so much surprised, that I checked it (yes, what looks obvious is  
sometimes good to check). Can't say anything else that “yes, this is true”.

(A) (B) (A->B)
  F   F    T
  F   T    T
  T   F    F
  T   T    T

(not B) (not A) (not B -> not A)
  T       T       T
  F       T       T
  T       F       F
  F       F       T

(A -> B) (not B -> not A) ((A -> B) -> (not B -> not A))
  T        T                T
  T        T                T
  F        F                T
  T        T                T

This is indeed tautology.

OK, that is solved, but I'm still somewhat frightened by what I don't  
understand in this experience : why did I need to add a user rule for that  
? What was wrong ?

-- 
There is even better than a pragma Assert: a SPARK --# check.
--# check C and WhoKnowWhat and YouKnowWho;
--# assert Ada;
--  i.e. forget about previous premises which leads to conclusion
--  and start with new conclusion as premise.

next prev parent reply	other threads:[~2010-06-02  4:34 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-06-01 18:51 SPARK : surprising failure with implication Yannick Duchêne (Hibou57)
2010-06-02  4:34 ` Yannick Duchêne (Hibou57) [this message]
2010-06-02  7:42   ` Dmitry A. Kazakov
2010-06-02  7:56     ` Yannick Duchêne (Hibou57)
2010-06-02  8:55       ` Dmitry A. Kazakov
2010-06-02  8:59         ` Yannick Duchêne (Hibou57)
2010-06-02  8:50 ` Yannick Duchêne (Hibou57)
2010-06-03  8:54   ` Yannick Duchêne (Hibou57)
2010-06-03  9:06     ` Yannick Duchêne (Hibou57)
2010-06-03 11:19     ` Yannick Duchêne (Hibou57)
2010-06-03 16:45   ` Yannick Duchêne (Hibou57)

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox