Home
Tutorial
Examples (new)
Implementation
Resources
Libraries
Papers
Changes
FAQ
Mailing List

New Examples in ATS/Anairiats

In this page, we primarily present some newly constructed examples in ATS that are relatively short but interesting. 

(*
**
** A proof sketch for the representation
** of Pythagorean triangluar integer triples
**
** Suppose that a and b are positive integers
** satisfying gcd (a, b) = 1.
**
** If a*a + b*b = c*c for some integer c, then
**
** 1. either a or b is even
** 2. if a is even, then there exist integers
**    p, q such that:
**
**    a = 2*p*q
**    b = p*p - q*q
**    c = p*p + q*q
**
*)

(* ****** ****** *)

(*
** Author: Hongwei Xi (hwxi AT cs DOT bu DOT edu)
** Time: February 7, 2010
*)

(* ****** ****** *)

(*
**
** HX-2010-02-08:
**
** What is written as follows is not really a proof in any rigourous
** sense. However, it is close to a style we as human being do mathematics.
** I envision a system (ATS/LF) where refinement can be done gradually to
** remove the number of __assert functions used in such a proof. Who will
** take the grand challenge :)
**
*)

(* ****** ****** *)

absprop MOD (n:int, p:int, r:int) // n mod p = r

(* ****** ****** *)

extern prfun lemma1 {n:nat} {n2:int}
  (pf1: MOD (n, 2, 0), pf2: MUL (n, n, n2)): MOD (n2, 4, 0)
// end of [lemma1]

extern prfun lemma2 {n:nat} {n2:int}
  (pf1: MOD (n, 2, 1), pf2: MUL (n, n, n2)): MOD (n2, 4, 1)
// end of [lemma2]

(* ****** ****** *)

dataprop por (A: prop, B: prop) = inl (A, B) of A | inr (A, B) of B

extern prfun lemma3 {a,b,c:nat} {a2,b2:int}
  (pfa: MUL (a, a, a2), pfb: MUL (b, b, b2), pfc: MUL (c, c, a2+b2))
  : por (MOD (a, 2, 0), MOD (b, 2, 0))

(* ****** ****** *)

extern prfun lemma5 {P,Q:pos} {n:nat}
  (pf: GCD (P, Q, 1), pf: MUL (P, Q, n*n))
  : [p,q:nat] (MUL (p, p, P), MUL (p, q, n), MUL (q, q, Q))
// end of [lemma5]

(* ****** ****** *)

extern prfun PyTri {a,b,c:pos} {a2,b2:int} (
    pfa_mod: MOD (a, 2, 0)
  , pfab_gcd: GCD (a, b, 1)
  , pfa: MUL (a, a, a2)
  , pfb: MUL (b, b, b2)
  , pfc: MUL (c, c, a2+b2)
  ) : [p,q:nat]
    [p2,pq,q2:int | a == 2*pq; b == p2-q2; c == p2+q2]
    (MUL (p, p, p2), MUL (p, q, pq), MUL (q, q, q2))
// end of [PyTri]

(* ****** ****** *)

implement PyTri {a,b,c} {a2,b2}
  (pfa_mod, pfab_gcd, pfa, pfb, pfc) = let
  prval [ha:int] () = __assert (pfa_mod) where {
    extern prfun __assert (pf: MOD (a, 2, 0)): [ha:int | 2*ha==a] void
  }
  prval [hb:int] () = __assert (pfb_mod) where {
    extern prfun __assert (pf: MOD (b, 2, 1)): [hb:int | 2*hb+1==b] void
    prval pfb_mod = __assert (pfa_mod, pfab_gcd) where {
      extern prfun __assert (pf1: MOD (a, 2, 0), pf2: GCD (a, b, 1)): MOD (b, 2, 1)
    } // end of [prval]
  } // end of [prval]
  prval [hc:int] () = __assert () where {
    extern prfun __assert (): [hc:int | 2*hc+1==c] void
  } // end of [prval]
  prval () = __assert () where {
    extern prfun __assert (): [a < c; b < c] void
  }
//
  prval [ha2:int] _pf = mul_istot {ha,ha} ()
  prval () = mul_elim (_pf)
  prval () = __assert () where {
    extern prfun __assert (): [4*ha2 == a2] void
  }
//
  prval [_a2:int] _pf = mul_istot {c+b,c-b} ()
  prval () = mul_elim (_pf)
  prval () = __assert () where {
    extern prfun __assert (): [_a2 == a2] void // (c+b)*(c-b) = c*c - b*b
  } // end of [prval]
  stadef P = hc+hb+1 and Q = hc-hb
  prval [PQ:int] pfPQ_mul = mul_istot {P,Q} ()
  prval () = mul_elim (_pf)
  prval () = __assert () where {
    extern prfun __assert (): [4*PQ == a2] void
  }
  prval pfPQ_gcd = __assert () where {
    extern prfun __assert (): GCD (P, Q, 1)
  }
  prval [p,q:int] (pfpp, pfpq, pfqq) = lemma5 {P,Q} {ha} (pfPQ_gcd, pfPQ_mul)
  // prval () = verify_constraint {false} () // check for sanity
in
  (pfpp, pfpq, pfqq)
end // end of [PyTri]

(* ****** ****** *)

(* end of [PyTri.dats] *)


(*
**
** A proof of the equivalence of two definitions
** of the Ackermann function
**
** Author: Hongwei Xi (hwxi AT cs DOT bu DOT edu)
** Time: December 2, 2009
**
*)

(* ****** ****** *)

(*

The following two functions are proven to be the same
(in the set-theoretic sense):

fun ack
  (m:int, n:int): int =
  case+ m of
  | 0 => n+1
  | _ => begin case+ n of
    | 0 => ack (m-1, 1) | _ => ack (m-1, ack (m, n-1))
    end // end of [_]
// end of [ack1]

fun ackf (m: int): int -<cloref1> int = let
  fun helper
    (f: int -<cloref1> int): int -<cloref1> int =
    lam n => if n = 0 then f (1) else f (helper f (n-1))
  // end of [helper]
in
  case+ m of
  | 0 => lam n => n+1 | _ => helper (ackf (m-1))
end // end of [ackf]

*)

(* ****** ****** *)

dataprop ACK (int, int, int) =
  | {n:nat} ACK1 (0, n, n+1) of ()
  | {m:nat} {r:int} ACK2 (m+1, 0, r) of ACK (m, 1, r)
  | {m,n:nat} {r1,r2:int}
    ACK3 (m+1, n+1, r2) of (ACK (m+1, n, r1), ACK (m, r1, r2))
// end of [ACK]

prfun ACK_nat_nat_nat {m,n:nat}
  {r:int} .<m,n>. (pf: ACK (m, n, r)): [r >= 0] void =
  case+ pf of
  | ACK1 () => ()
  | ACK2 pf1 => ACK_nat_nat_nat (pf1)
  | ACK3 (pf1, pf2) => let
      prval () = ACK_nat_nat_nat pf1
      prval () = ACK_nat_nat_nat pf2
    in
      // nothing
    end // end of [ACK3]
// end of [ACK_nat_nat_nat]

prfun ACK_isfun {m,n:nat} {r1,r2:int} .<m,n>.
  (pf1: ACK (m, n, r1), pf2: ACK (m, n, r2)): [r1==r2] void =
  case+ (pf1, pf2) of
  | (ACK1 (), ACK1 ()) => ()
  | (ACK2 (pf11), ACK2 (pf12)) => ACK_isfun (pf11, pf12)
  | (ACK3 (pf11, pf12), ACK3 (pf21, pf22)) => let
      prval () = ACK_nat_nat_nat (pf11)
      prval () = ACK_isfun (pf11, pf21) in ACK_isfun (pf12, pf22)
    end // end of [ACK3, ACK3]
// end of [ACK_isfun]

(* ****** ****** *)

sortdef int2rel = (int, int) -> prop

dataprop SUCC (int, int) = {n:nat} SUCC1 (n, n+1) of ()

dataprop HELPER (rel:int2rel, int, int) =
  | {r:int} HELPER1 (rel, 0, r) of rel (1, r)
  | {n:nat} {r1,r2:int}
    HELPER2 (rel, n+1, r2) of (HELPER (rel, n, r1), rel (r1, r2))
// end of [HELPER]

dataprop ACKF (int, int2rel) =
  | ACKF1 (0, SUCC) of ()
  | {m:nat} {rel:int2rel}
    ACKF2 (m+1, lam (r1:int, r2:int) => HELPER (rel, r1, r2)) of ACKF (m, rel)
// end of [ACKF]

prfun ACKF_istot
  {m:nat} .<m>. (): [rel:int2rel] ACKF (m, rel) =
  sif m > 0 then ACKF2 (ACKF_istot {m-1} ()) else ACKF1 ()
// end of [ACKF_istot]

propdef int2rel_istot
  (rel: int2rel) = {n:nat} () -<prf> [r:nat] rel (n, r)
// end of [int2rel_istot]

prfn HELPER_istot
  {rel:int2rel} (fpf: int2rel_istot rel)
  : int2rel_istot (lam (r1:int,r2:int) => HELPER (rel, r1, r2)) = let
  prfun fpf_res {n:nat} .<n>. (): [r:nat] HELPER (rel, n, r) =
    sif n > 0 then let
      prval [r1:int] pf1 = fpf_res {n-1} ()
    in
      HELPER2 (pf1, fpf {r1} ())
    end else // n = 0
      HELPER1 (fpf {1} ())
    // end of [sif]
  // end of [pf_res]
in
  fpf_res
end // end of [HELPER_istot]

prfun ACKF_rel_istot
  {m:nat} {rel:int2rel} .<m>.
  (pf: ACKF (m, rel)): int2rel_istot (rel) =
  sif m > 0 then let
    prval ACKF2 pf1 = pf
    prval fpf1 = ACKF_rel_istot {m-1} (pf1)
  in
    HELPER_istot (fpf1)
  end else let // m = 0
    prval ACKF1 () = pf // rel = SUCC
  in
    lam {n:nat} () =<prf> SUCC1 {n} ()
  end // end of [sif]
// end of [ACKF_rel_istot]

(*
** this lemma means that applying ackf (m) to n gives
** ack (m, n)
*)
prfun ackf_ack_lemma
  {m,n:nat} {rel:int2rel} {r:int} .<m,n+1>.
  (pf1: ACKF (m, rel), pf2: rel (n, r)): ACK (m, n, r) =
  case pf1 of
  | ACKF1 () => let
      prval SUCC1 () = pf2 in ACK1 {n} ()
    end // end of [ACKF1]
  | ACKF2 pf11 => ackf_ack_lemma2 (pf11, pf2)
// end of [ackf_ack_lemma]

(*
** this lemma means that applying ackf (m) n times to 1 
** gives ack (m+1, n)
*)
and ackf_ack_lemma2
  {m,n:nat} {rel:int2rel} {r:int} .<m+1,n>.
  (pf1: ACKF (m, rel), pf2: HELPER (rel, n, r)): ACK (m+1, n, r) =
  sif n > 0 then let
    prval HELPER2 (pf21, pf22) = pf2
    prval pf_ack = ackf_ack_lemma2 (pf1, pf21) // ACK (m+1, n-1)
    prval () = ACK_nat_nat_nat (pf_ack)
  in
    ACK3 (pf_ack, ackf_ack_lemma (pf1, pf22))
  end else let // n == 0
    prval HELPER1 (pf21) = pf2
  in
    ACK2 (ackf_ack_lemma (pf1, pf21))
  end // end of [sif]
// end of [ackf_ack_lemma2]

(* ****** ****** *)

prfun ack_ackf_lemma
  {m,n:nat} {r:int} .<>. (pf: ACK (m, n, r))
  : [rel:int2rel] (ACKF (m, rel), rel (n, r)) = let
  prval pf_ackf = ACKF_istot {m} ()
  prval fpf_rel = ACKF_rel_istot (pf_ackf)
  prval pf_rel = fpf_rel {n} ()
  prval pf_alt = ackf_ack_lemma (pf_ackf, pf_rel)
  prval () = ACK_isfun (pf, pf_alt)
in
  (pf_ackf, pf_rel)
end // end of [ack_ackf_lemma]

(* ****** ****** *)

(*
**
** By [ackf_ack_lemma] and [ack_ackf_lemma], it is clearly
** one can go from ACKF to ACK and vice versa.
**
*)

(* ****** ****** *)

(* end of [Ackermann.dats] *)


(*
**
** [infprime] proves that for any given natural number [n], there exists a
** prime number [p] that is greater than [n]
**
** Author: Hongwei Xi (hwxi AT cs DOT bu DOT edu)
** Time: October 7, 2009
**
*)

propdef PRIME (p:int) = // if p >= 2
  {x,y:nat | x <= y} MUL (x, y, p) -<> [x==1] void
// end of [propdef]

(*

extern prval prime2: PRIME (2)
extern prval prime3: PRIME (3)
extern prval prime5: PRIME (5)
extern prval prime7: PRIME (7)

*)

extern // this one is not proven
prfun lemma10 {n:nat | n >= 2} (): [p,q:int | p >= 2] (PRIME p, MUL (p, q, n))

(* ****** ****** *)

dataprop FACT (int, int) = 
  | FACTbas (0, 1)
  | {n:nat} {r,r1:int} FACTind (n+1, r) of (FACT (n, r1), MUL (n+1, r1, r))
// end of [FACT]

prfun fact_istot
  {n:nat} .<n>. (): [r:nat] FACT (n, r) =
  sif n == 0 then FACTbas ()
  else let
    prval pf_fac = fact_istot {n-1} ()
    prval pf_mul = mul_istot (); prval () = mul_nat_nat_nat (pf_mul)
  in
    FACTind (pf_fac, pf_mul)
  end // end of [sif]
// end of [fact_istot]

prfun fact_isfun {n:nat} {r1,r2:int} .<n>.
  (pf1: FACT (n, r1), pf2: FACT (n, r2)): [r1==r2] void =
  case+ (pf1, pf2) of
  | (FACTbas (), FACTbas ()) => ()
  | (FACTind (pf11, pf12), FACTind (pf21, pf22)) => let
      prval () = fact_isfun (pf11, pf21); prval () = mul_isfun (pf12, pf22)
    in
      // nothing
    end // end of [FACTind, FACTind]
// end of [fact_isfun]

(* ****** ****** *)

prfun lemma20 {n,r:int}
  {i:pos | i <= n} .<n>.
  (pf_fac: FACT (n, r)): [k:nat] MUL (k, i, r) = let
  prval FACTind (pf1_fac, pf2_mul) = pf_fac // r = n*r1
in
  sif i < n then let
    prval [k1:int] pf3_res = lemma20 {..} {i} (pf1_fac) // pf3_res: k1 * i = r1
    prval [k:int] pf4_mul = mul_istot {n,k1} () // k = n*k1
    prval () = mul_nat_nat_nat (pf4_mul)
    prval pf5_res = mul_istot {k,i} ()
    prval () = mul_nat_nat_nat (pf5_res)
    prval () = mul_associate (pf4_mul, pf3_res, pf5_res, pf2_mul)
  in
    pf5_res
  end else let
    prval pf1_fac_another = fact_istot {n-1} ()
    prval () = fact_isfun (pf1_fac, pf1_fac_another)
  in
    mul_commute (pf2_mul)
  end // end of [sif]
end (* end of [lemma20] *)

(* ****** ****** *)

extern
prfun infprime {n:int | n >= 1} (): [p:int | p > n] PRIME p

implement infprime {n} () = let
  prval [r:int] pf_fac = fact_istot {n} ()
  prval () = lemma (pf_fac) where {
    prfun lemma {n,r:int | n >= 1} .<n>. (pf_fac: FACT (n, r)): [r >= n] void =
      sif n >= 2 then let
        prval FACTind (pf1_fac, pf2_mul) = pf_fac
        prval () = lemma (pf1_fac)
        prval pf2_mul = mul_commute (pf2_mul)
        prval MULind (pf3_mul) = pf2_mul
        prval () = mul_nat_nat_nat (pf3_mul)
      in
        // nothing
      end else let
        prval FACTind (pf1_fac, pf1_mul) = pf_fac
        prval FACTbas () = pf1_fac
        prval () = mul_elim {1,1} (pf1_mul)
      in
        // nothing
      end // end of [sif]
   // end of [lemma]
  }
  prval [p,q:int]
    (pf_prime, pf1_mul) = lemma10 {r+1} () // pf1_mul: p * q = r+1
  prval () = (sif p <= n then let
    prval [k:int] pf2_mul = lemma20 {n,r} {p} (pf_fac) // pf2_mul: k * p = r
    prval pf2_mul = mul_negate (pf2_mul) // pf2_mul: ~k * p = ~r
    prval pf2_mul = mul_commute (pf2_mul) // pf2_mul: p * ~k = ~r
    prval pf3_mul = mul_distribute (pf1_mul, pf2_mul) // pf3_mul: p * (q-k) = 1
    prval pf3_mul = mul_commute (pf3_mul) // pf3_mul : (q-k) * p = 1
  in
    sif q > k then let
      prval MULind pf4_mul = pf3_mul
      prval () = mul_nat_nat_nat (pf4_mul)
    in
      // nothing
    end else sif q < k then let
      prval pf3_mul = mul_negate (pf3_mul) // pf3_mul: (k-q) * p = 1
      prval MULind pf4_mul = pf3_mul
      prval () = mul_nat_nat_nat (pf4_mul)
    in
      // nothing
    end else let // q = k
      prval MULbas () = pf3_mul in ()
    end // end of [sif]
  end else begin
    // nothing
  end) : [p > n] void // end of [prval]
in
  #[p | pf_prime]
end // end of [infprime]

(* ****** ****** *)

(* end of [infprime.dats] *)


(*
**
** A proof of the pigeonhole principle in ATS
**
**
** Author: Hongwei Xi (hwxi AT cs DOT bu DOT edu)
** Time: September 28, 2009
**
*)

(*

What is encoded and proven in ATS is the following formulation of
pigeonhole principle:

Let P be a relation on pairs of integers and m and n be two naturnal
numbers satisfying m > n and n >= 1. If there exists a natural number
j < n for each given naturnal number i < m such that P (i, j) holds,
then there exists i1, i2 and j satisfying 0 <= i1 < i2 < m and j < n
such that both P (i1, j) and P (i2, j) hold.

*)

sortdef int2rel = (int, int) -> prop // for binary relations on integers

prfun pigeonhole
  {P: int2rel} {m,n:nat | m > n; n >= 1} .<m>. (
    fpf: {i:nat | i < m} () -> [j:nat | j < n] P (i, j)
  ) : [i1,i2,j:nat | i1 < i2; i2 < m] (P (i1, j), P (i2, j)) = sif n >= 2 then let
  val [x:int] pf0 = fpf {m-1} ()
  dataprop P1 (i:int, int) =
    | P1r1 (i, 0) of P (i, x)
    | {x>0} P1r2 (i, x-1) of P (i, 0)
    | {j:int | j > 0; j <> x} P1r3 (i, j-1) of P (i, j)
  prfn fpf1 {i:nat | i < m-1} (): [j:nat | j < n-1] P1 (i, j) = let
    val [j:int] pf = fpf {i} ()
  in
    sif j == 0 then
      (sif x == 0 then P1r1 (pf) else P1r2 (pf))
    else
      (sif j == x then P1r1 (pf) else P1r3 (pf))
    // end of [sif]
  end // end of [fpf1]
  val [i1,i2,j:int] (pf1, pf2) = pigeonhole {P1} {m-1,n-1} (fpf1)
in
  case+ pf1 of
  | P1r1 (pf1) => (pf1, pf0)
  | P1r2 (pf1) => begin case+ pf2 of
    | P1r1 pf2 => (pf2, pf0) | P1r2 pf2 => (pf1, pf2)
    end // end of [P1r2]
  | P1r3 (pf1) => begin case+ pf2 of
    | P1r1 pf2 => (pf2, pf0) | P1r3 pf2 => (pf1, pf2)
    end // end of [P1r3]
end else begin // n = 1
  (fpf {0} (), fpf {1} ())
end // end of [pigenhole]

(* ****** ****** *)

(* end of [pigeonhole.dats] *)

This page is maintained by Hongwei Xi. As always, your comments are welcome.

SourceForge.net Logo