-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathInternaExternalVerif.agda
129 lines (101 loc) · 3.03 KB
/
InternaExternalVerif.agda
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
module InternaExternalVerif where
import Relation.Binary.PropositionalEquality as Eqq
open import Data.Nat using (ℕ; zero; suc; _+_;_∸_; _*_)
open import Data.Product using (_×_;_,_)
open import Data.List
open import Data.Maybe
open import Data.List.Relation.Unary.Any
open import Data.Bool using (true; false; _∧_; Bool)
open Eqq using (_≡_; refl; cong; cong₂; sym ; trans)
open Eqq.≡-Reasoning using (begin_; _≡⟨⟩_; step-≡; _∎)
open import Data.Product
data _≤_ : ℕ → ℕ → Set where
z≤n : ∀ {x : ℕ}
----------
→ zero ≤ x
s≤s : ∀ {x y : ℕ}
→ x ≤ y
--------------------
→ (suc x) ≤ (suc y)
x≤y⇒x≤sy : ∀ {x y : ℕ}
→ x ≤ y
------------
→ x ≤ suc y
x≤y⇒x≤sy z≤n = z≤n
x≤y⇒x≤sy (s≤s r) = s≤s (x≤y⇒x≤sy r)
record Eq {a} (A : Set a) : Set a where
field
_==_ : A → A → Bool
open Eq {{...}} public
natEquals : ℕ → ℕ → Bool
natEquals zero zero = true
natEquals (suc n) (suc m) = natEquals n m
natEquals _ _ = false
instance
eqList : ∀ {a} {A : Set a} → {{Eq A}} → Eq (List A)
_==_ {{eqList}} [] [] = true
_==_ {{eqList}} (x ∷ xs) (y ∷ ys) = x == y ∧ xs == ys
_==_ {{eqList}} _ _ = false
eqNat : Eq ℕ
_==_ {{eqNat}} = natEquals
len : {A : Set} → List A → ℕ
len [] = 0
len (x ∷ xs) = 1 + len xs
with-out : ∀ {A : Set} {{eqA : Eq A}} → A → List A → List A
with-out e [] = []
with-out e (x ∷ xs) with e == x
... | true = with-out e xs
... | false = x ∷ with-out e xs
-- prop: len (with-out e xs) ≤ (len xs)
--external verification of a prop
ex-verif : ∀ {A : Set} {{eqA : Eq A}}
→ (e : A)
→ (xs : List A)
----------------------------------------
→ (len (with-out e xs)) ≤ (len xs)
ex-verif e [] = z≤n
ex-verif e (x ∷ xs) with e == x
... | true = x≤y⇒x≤sy (ex-verif e xs)
... | false = s≤s (ex-verif e xs)
-- internal verif of a prop
with-out' : ∀ {A : Set} {{eqA : Eq A}}
→ A
→ (xs : List A)
------------------------------------------
→ Σ (List A) (λ ys → (len ys) ≤ (len xs))
with-out' e [] = ([] , z≤n)
with-out' e (x ∷ xs) with e == x
... | true = ( ys , proof )
where
hip = with-out' e xs
ys = proj₁ hip
proof = x≤y⇒x≤sy (proj₂ hip)
... | false = (ys , proof)
where
hip = with-out' e xs
ys = x ∷ (proj₁ hip)
proof = s≤s (proj₂ hip)
with-out'≡with-out : ∀ {A : Set} {{eqA : Eq A}}
→ (e : A)
→ (xs : List A)
-----------------------------------------
→ proj₁ (with-out' e xs ) ≡ with-out e xs
with-out'≡with-out e [] = refl
with-out'≡with-out e (x ∷ xs) with e == x
... | true =
begin
proj₁ (with-out' e xs)
≡⟨ hip ⟩
with-out e xs
∎
where
hip = with-out'≡with-out e xs
... | false =
begin
x ∷ proj₁ (with-out' e xs)
≡⟨ cong f hip ⟩
x ∷ with-out e ( xs)
∎
where
f = λ xs → x ∷ xs
hip = with-out'≡with-out e xs