Start of topic | Skip to actions

Braun Trees Status

Copy2

Angela Implemented Copy2 using 2 different versions. The first one using odd-even natural encoding and the other one using existential types. The one with existential was easier to implement.

Joseph implemented it by converting Ocaml int to an existential even odd snat.

Walid: when you have a there exists, you have to take things out and put them back. Using forall is more efficient because you don't have to take off the constructors and put them back. This should be make a time performance difference. Using forall should work much faster than there exists. This is actually very exciting and should be tried out.

Joseph: How to handel negative integers in Make_snat. There is no way to get around that. The most straight forward thing to do, is to check that they are not negative.

Walid: It is much harder to prove that programs are correct. We want to focus more on understanding the cases where you can prove some properties (usually simple) using little effort. To be able to prove properties on integers functions you have to describe all integer properties in your program.

Xavier Leroy has a Coq library formalizing what you can do with C types and their properties. Emir has a hack to allow them to be used with OCaml types. Here is a link for Leroy's library.

Delete

Delete function still problematic. Trying to do a match with succesor of m is not possible (even using "as"). The problem when using "as" is that it does more than you expect it to do. It disable some of the type checking.

match a as T in S
 |   ->
 |   ->

match a in T*S
 |   -> (a, )
 |   -> (a, )

This is a limitation of context refinement but still we can do what we want using a trick. So here is an example of the Zip function using context refinement and another one using this trick instead of context refinement.

Zip: a list -> b list -> (a*b) list

Unsized Lists:

let rec zip xs ys =
   match (xs,ys) with
   |[],_ -> []
   | _,[]-> []
   |x::xs, y::ys -> (x,y)::(zip xs ys)

Sized Lists using context refinement:

let rec zip .|n| xs ys =
   match (xs,ys) in (a*b) n list with
   |Nil,_ -> Nil
   |Cons .|m| (x,xs), Cons .|n| (y,ys) -> Cons .|m|((x,y),(zip .|m| xs ys)

Note that if we used the same variable n instead of using m and n, concoqtion wouldn't recognize that this is same variable. The second n will hide the first one.

Sized List without context refinement (Note this is just to show the idea, many details are left out for us to figure out as a homework)

let rec zip .|m| (xs: '(m) list) (ys: '(m) list) : '(m) list=
  (match xs, ys as 'i lisst * 'j list in forall p:'(i=j).'(i) list with
| Nil, Nil -> /\ p:'(0=0). Nil
| Cons .|i'|(x,xs), Cons .|j'| (y,ys) -> /\p:'(S i' = S j'). 
   let ys' = cast .|'(j') list,'(i') list,(lemma1 (S i') (S j'))| ys
   in let r = zip .|i'| xs ys' 
   in Cons .|'(i')| ((x,y), r)) .|'(refl-equal m)|

Note in the above r is of type '(i') list.

To Do Some speed tests comparing use of existensial and universal quantifiers.

Homework Try to write zip without the context refinement.

-- CherifAndraos - 21 Feb 2007

End of topic
Skip to actions | Back to top
Topic Actions: Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r4 < r3 < r2 < r1 | More topic actions
Webs: Main | TWiki | Africa | EmbeddedSystems | Gpce | Houston | International | K12 | MetaOCaml | MulticoreOCR | ProgrammingLanguages | RAP | RIDL | Sandbox | SpeechClub | Teaching | Texbot | WG211
Web Actions: home Teaching Web newtopic Create New Topic index Index searchtopic Search changes Changes notify Notifications statistics Statistics wrench Preferences
Creative Commons LicenseThis work is licensed under a Creative Commons Attribution 2.5 License. Please follow our citation guidelines.