(* Title: HOL/Quickcheck_Examples/Quickcheck_Examples.thy 
Author: Stefan Berghofer, Lukas Bulwahn 
Copyright 2004  2010 TU Muenchen 
*) 
6 
header {* Examples for the 'quickcheck' command *} 

28314  8 
theory Quickcheck_Examples 
57645  9 
imports Complex_Main "~~/src/HOL/Library/Dlist" "~~/src/HOL/Library/DAList_Multiset" 
28314  10 
begin 
12 
text {* 

The 'quickcheck' command allows to find counterexamples by evaluating 

40654  14 
formulae. 
Currently, there are two different exploration schemes: 

 random testing: this is incomplete, but explores the search space faster. 

 exhaustive testing: this is complete, but increasing the depth leads to 

exponentially many assignments. 

20 
quickcheck can handle quantifiers on finite universes. 

14592  22 
*} 
43803  24 
declare [[quickcheck_timeout = 3600]] 
14592  26 
subsection {* Lists *} 
28 
theorem "map g (map f xs) = map (g o f) xs" 

40917  29 
quickcheck[random, expect = no_counterexample] 
30 
quickcheck[exhaustive, size = 3, expect = no_counterexample] 

14592  31 
oops 
33 
theorem "map g (map f xs) = map (f o g) xs" 

40917  34 
quickcheck[random, expect = counterexample] 
35 
quickcheck[exhaustive, expect = counterexample] 

14592  36 
oops 
38 
theorem "rev (xs @ ys) = rev ys @ rev xs" 

40917  39 
quickcheck[random, expect = no_counterexample] 
40 
quickcheck[exhaustive, expect = no_counterexample] 

quickcheck[exhaustive, size = 1000, timeout = 0.1] 
14592  42 
oops 
44 
theorem "rev (xs @ ys) = rev xs @ rev ys" 

40917  45 
quickcheck[random, expect = counterexample] 
46 
quickcheck[exhaustive, expect = counterexample] 

14592  47 
oops 
49 
theorem "rev (rev xs) = xs" 

40917  50 
quickcheck[random, expect = no_counterexample] 
51 
quickcheck[exhaustive, expect = no_counterexample] 

14592  52 
oops 
54 
theorem "rev xs = xs" 

quickcheck[tester = random, finite_types = true, report = false, expect = counterexample] 
quickcheck[tester = random, finite_types = false, report = false, expect = counterexample] 
quickcheck[tester = random, finite_types = true, report = true, expect = counterexample] 
quickcheck[tester = random, finite_types = false, report = true, expect = counterexample] 
quickcheck[tester = exhaustive, finite_types = true, expect = counterexample] 
quickcheck[tester = exhaustive, finite_types = false, expect = counterexample] 
oops 
25891  64 
text {* An example involving functions inside other data structures *} 
28314  66 
primrec app :: "('a \<Rightarrow> 'a) list \<Rightarrow> 'a \<Rightarrow> 'a" where 
25891  67 
"app [] x = x" 
28314  68 
 "app (f # fs) x = app fs (f x)" 
25891  69 

70 
lemma "app (fs @ gs) x = app gs (app fs x)" 

40917  71 
quickcheck[random, expect = no_counterexample] 
47348
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

72 
quickcheck[exhaustive, size = 2, expect = no_counterexample] 
25891  73 
by (induct fs arbitrary: x) simp_all 
75 
lemma "app (fs @ gs) x = app fs (app gs x)" 

40917  76 
quickcheck[random, expect = counterexample] 
77 
quickcheck[exhaustive, expect = counterexample] 

25891  78 
oops 
28314  80 
primrec occurs :: "'a \<Rightarrow> 'a list \<Rightarrow> nat" where 
14592  81 
"occurs a [] = 0" 
28314  82 
 "occurs a (x#xs) = (if (x=a) then Suc(occurs a xs) else occurs a xs)" 
14592  83 

28314  84 
primrec del1 :: "'a \<Rightarrow> 'a list \<Rightarrow> 'a list" where 
14592  85 
"del1 a [] = []" 
28314  86 
 "del1 a (x#xs) = (if (x=a) then xs else (x#del1 a xs))" 
14592  87 

25891  88 
text {* A lemma, you'd think to be true from our experience with delAll *} 
14592  89 
lemma "Suc (occurs a (del1 a xs)) = occurs a xs" 
90 
 {* Wrong. Precondition needed.*} 

40917  91 
quickcheck[random, expect = counterexample] 
92 
quickcheck[exhaustive, expect = counterexample] 

14592  93 
oops 
95 
lemma "xs ~= [] \<longrightarrow> Suc (occurs a (del1 a xs)) = occurs a xs" 

40917  96 
quickcheck[random, expect = counterexample] 
97 
quickcheck[exhaustive, expect = counterexample] 

14592  98 
 {* Also wrong.*} 
99 
oops 

101 
lemma "0 < occurs a xs \<longrightarrow> Suc (occurs a (del1 a xs)) = occurs a xs" 

40917  102 
quickcheck[random, expect = no_counterexample] 
103 
quickcheck[exhaustive, expect = no_counterexample] 

28314  104 
by (induct xs) auto 
14592  105 

28314  106 
primrec replace :: "'a \<Rightarrow> 'a \<Rightarrow> 'a list \<Rightarrow> 'a list" where 
14592  107 
"replace a b [] = []" 
28314  108 
 "replace a b (x#xs) = (if (x=a) then (b#(replace a b xs)) 
14592  109 
else (x#(replace a b xs)))" 
111 
lemma "occurs a xs = occurs b (replace a b xs)" 

40917  112 
quickcheck[random, expect = counterexample] 
113 
quickcheck[exhaustive, expect = counterexample] 

14592  114 
 {* Wrong. Precondition needed.*} 
115 
oops 

116 

117 
lemma "occurs b xs = 0 \<or> a=b \<longrightarrow> occurs a xs = occurs b (replace a b xs)" 

40917  118 
quickcheck[random, expect = no_counterexample] 
119 
quickcheck[exhaustive, expect = no_counterexample] 

28314  120 
by (induct xs) simp_all 
14592  121 

123 
subsection {* Trees *} 

124 

58310  125 
datatype 'a tree = Twig  Leaf 'a  Branch "'a tree" "'a tree" 
14592  126 

28314  127 
primrec leaves :: "'a tree \<Rightarrow> 'a list" where 
14592  128 
"leaves Twig = []" 
28314  129 
 "leaves (Leaf a) = [a]" 
130 
 "leaves (Branch l r) = (leaves l) @ (leaves r)" 

14592  131 

28314  132 
primrec plant :: "'a list \<Rightarrow> 'a tree" where 
14592  133 
"plant [] = Twig " 
28314  134 
 "plant (x#xs) = Branch (Leaf x) (plant xs)" 
14592  135 

28314  136 
primrec mirror :: "'a tree \<Rightarrow> 'a tree" where 
14592  137 
"mirror (Twig) = Twig " 
28314  138 
 "mirror (Leaf a) = Leaf a " 
139 
 "mirror (Branch l r) = Branch (mirror r) (mirror l)" 

141 
theorem "plant (rev (leaves xt)) = mirror xt" 

40917  142 
quickcheck[random, expect = counterexample] 
143 
quickcheck[exhaustive, expect = counterexample] 

14592  144 
{* Wrong! *} 
145 
oops 

146 

147 
theorem "plant((leaves xt) @ (leaves yt)) = Branch xt yt" 

40917  148 
quickcheck[random, expect = counterexample] 
149 
quickcheck[exhaustive, expect = counterexample] 

14592  150 
{* Wrong! *} 
151 
oops 

58310  153 
datatype 'a ntree = Tip "'a"  Node "'a" "'a ntree" "'a ntree" 
14592  154 

28314  155 
primrec inOrder :: "'a ntree \<Rightarrow> 'a list" where 
14592  156 
"inOrder (Tip a)= [a]" 
28314  157 
 "inOrder (Node f x y) = (inOrder x)@[f]@(inOrder y)" 
14592  158 

28314  159 
primrec root :: "'a ntree \<Rightarrow> 'a" where 
14592  160 
"root (Tip a) = a" 
28314  161 
 "root (Node f x y) = f" 
14592  162 

28314  163 
theorem "hd (inOrder xt) = root xt" 
40917  164 
quickcheck[random, expect = counterexample] 
165 
quickcheck[exhaustive, expect = counterexample] 

166 
{* Wrong! *} 

14592  167 
oops 
subsection {* Exhaustive Testing beats Random Testing *} 
text {* Here are some examples from mutants from the List theory 
where exhaustive testing beats random testing *} 
lemma 
"[] ~= xs ==> hd xs = last (x # xs)" 
40917  177 
quickcheck[random] 
178 
quickcheck[exhaustive, expect = counterexample] 

oops 
lemma 
assumes "!!i. [ i < n; i < length xs ] ==> P (xs ! i)" "n < length xs ==> ~ P (xs ! n)" 
shows "drop n xs = takeWhile P xs" 
oops 
lemma 
"i < length (List.transpose (List.transpose xs)) ==> xs ! i = map (%xs. xs ! i) [ys<xs. i < length ys]" 
oops 
lemma 
"i < n  m ==> f (lcm m i) = map f [m..<n] ! i" 
oops 
lemma 
"i < n  m ==> f (lcm m i) = map f [m..<n] ! i" 
oops 
lemma 
"ns ! k < length ns ==> k <= listsum ns" 
oops 
lemma 
"[ ys = x # xs1; zs = xs1 @ xs ] ==> ys @ zs = x # xs" 
oops 
lemma 
"i < length xs ==> take (Suc i) xs = [] @ xs ! i # take i xs" 
oops 
lemma 
"i < length xs ==> take (Suc i) xs = (xs ! i # xs) @ take i []" 
oops 
lemma 
"[ sorted (rev (map length xs)); i < length xs ] ==> xs ! i = map (%ys. ys ! i) [ys<remdups xs. i < length ys]" 
oops 
lemma 
"[ sorted (rev (map length xs)); i < length xs ] ==> xs ! i = map (%ys. ys ! i) [ys<List.transpose xs. length ys \<in> {..<i}]" 
oops 
lemma 
"(ys = zs) = (xs @ ys = splice xs zs)" 
oops 
subsection {* Random Testing beats Exhaustive Testing *} 
lemma mult_inj_if_coprime_nat: 
"inj_on f A \<Longrightarrow> inj_on g B 
\<Longrightarrow> inj_on (%(a,b). f a * g b::nat) (A \<times> B)" 
quickcheck[exhaustive] 
quickcheck[random] 
oops 
subsection {* Examples with quantifiers *} 
259 
text {* 

260 
These examples show that we can handle quantifiers. 

261 
*} 

263 
lemma "(\<exists>x. P x) \<longrightarrow> (\<forall>x. P x)" 

40917  264 
quickcheck[random, expect = counterexample] 
265 
quickcheck[exhaustive, expect = counterexample] 

40654  266 
oops 
268 
lemma "(\<forall>x. \<exists>y. P x y) \<longrightarrow> (\<exists>y. \<forall>x. P x y)" 

40917  269 
quickcheck[random, expect = counterexample] 
40654  270 
quickcheck[expect = counterexample] 
271 
oops 

273 
lemma "(\<exists>x. P x) \<longrightarrow> (EX! x. P x)" 

40917  274 
quickcheck[random, expect = counterexample] 
40654  275 
quickcheck[expect = counterexample] 
276 
oops 

46397  279 
subsection {* Examples with sets *} 
280 

281 
lemma 

282 
"{} = A Un  A" 

283 
quickcheck[exhaustive, expect = counterexample] 

284 
oops 

lemma 
"[ bij_betw f A B; bij_betw f C D ] ==> bij_betw f (A Un C) (B Un D)" 
quickcheck[exhaustive, expect = counterexample] 
oops 
subsection {* Examples with relations *} 
lemma 
"acyclic (R :: ('a * 'a) set) ==> acyclic S ==> acyclic (R Un S)" 
quickcheck[exhaustive, expect = counterexample] 
oops 
lemma 
"acyclic (R :: (nat * nat) set) ==> acyclic S ==> acyclic (R Un S)" 
quickcheck[exhaustive, expect = counterexample] 
oops 
(* FIXME: some dramatic performance decrease after changing the code equation of the ntrancl *) 
lemma 
"(x, z) : rtrancl (R Un S) ==> \<exists> y. (x, y) : rtrancl R & (y, z) : rtrancl S" 
(*quickcheck[exhaustive, expect = counterexample]*) 
oops 
lemma 
"wf (R :: ('a * 'a) set) ==> wf S ==> wf (R Un S)" 
quickcheck[exhaustive, expect = counterexample] 
oops 
lemma 
"wf (R :: (nat * nat) set) ==> wf S ==> wf (R Un S)" 
quickcheck[exhaustive, expect = counterexample] 
oops 
lemma 
"wf (R :: (int * int) set) ==> wf S ==> wf (R Un S)" 
quickcheck[exhaustive, expect = counterexample] 
oops 
subsection {* Examples with the descriptive operator *} 
327 

328 
lemma 

329 
"(THE x. x = a) = b" 

330 
quickcheck[random, expect = counterexample] 

331 
quickcheck[exhaustive, expect = counterexample] 

332 
oops 

333 

46169  334 
subsection {* Examples with Multisets *} 
335 

336 
lemma 

337 
"X + Y = Y + (Z :: 'a multiset)" 

338 
quickcheck[random, expect = counterexample] 

339 
quickcheck[exhaustive, expect = counterexample] 

340 
341 

342 
lemma 

343 
"X  Y = Y  (Z :: 'a multiset)" 

344 
quickcheck[random, expect = counterexample] 

345 
quickcheck[exhaustive, expect = counterexample] 

346 
oops 

348 
lemma 

349 
"N + M  N = (N::'a multiset)" 

350 
quickcheck[random, expect = counterexample] 

351 
quickcheck[exhaustive, expect = counterexample] 

352 
oops 

subsection {* Examples with numerical types *} 
text {* 
Quickcheck supports the common types nat, int, rat and real. 
*} 
lemma 
"(x :: nat) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" 
quickcheck[exhaustive, size = 10, expect = counterexample] 
quickcheck[random, size = 10] 
oops 
lemma 
"(x :: int) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" 
quickcheck[exhaustive, size = 10, expect = counterexample] 
quickcheck[random, size = 10] 
oops 
lemma 
"(x :: rat) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" 
quickcheck[exhaustive, size = 10, expect = counterexample] 
quickcheck[random, size = 10] 
oops 
lemma "(x :: rat) >= 0" 
quickcheck[random, expect = counterexample] 
quickcheck[exhaustive, expect = counterexample] 
oops 
lemma 
"(x :: real) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" 
quickcheck[exhaustive, size = 10, expect = counterexample] 
quickcheck[random, size = 10] 
oops 
lemma "(x :: real) >= 0" 
quickcheck[random, expect = counterexample] 
quickcheck[exhaustive, expect = counterexample] 
oops 
subsubsection {* floor and ceiling functions *} 
lemma 
"floor x + floor y = floor (x + y :: rat)" 
quickcheck[expect = counterexample] 
oops 
lemma 
"floor x + floor y = floor (x + y :: real)" 
quickcheck[expect = counterexample] 
oops 
lemma 
"ceiling x + ceiling y = ceiling (x + y :: rat)" 
quickcheck[expect = counterexample] 
oops 
lemma 
"ceiling x + ceiling y = ceiling (x + y :: real)" 
quickcheck[expect = counterexample] 
oops 
subsection {* Examples with abstract types *} 
lemma 
"Dlist.length (Dlist.remove x xs) = Dlist.length xs  1" 
quickcheck[exhaustive] 
45942  421 
quickcheck[random] 
45927
e0305e4f02c9
adding quickcheck generator for distinct lists; adding examples
bulwahn
parents:
45765
diff
changeset

422 
oops 
e0305e4f02c9
adding quickcheck generator for distinct lists; adding examples
bulwahn
parents:
45765
diff
changeset

lemma 
"Dlist.length (Dlist.insert x xs) = Dlist.length xs + 1" 
quickcheck[exhaustive] 
45942  427 
quickcheck[random] 
45927
e0305e4f02c9
adding quickcheck generator for distinct lists; adding examples
bulwahn
parents:
45765
diff
changeset

428 
oops 
subsection {* Examples with Records *} 
record point = 
xpos :: nat 
ypos :: nat 
lemma 
"xpos r = xpos r' ==> r = r'" 
quickcheck[exhaustive, expect = counterexample] 
quickcheck[random, expect = counterexample] 
oops 
58310  442 
datatype colour = Red  Green  Blue 
record cpoint = point + 
colour :: colour 
lemma 
"xpos r = xpos r' ==> ypos r = ypos r' ==> (r :: cpoint) = r'" 
quickcheck[exhaustive, expect = counterexample] 
quickcheck[random, expect = counterexample] 
oops 
subsection {* Examples with locales *} 
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

455 
locale Truth 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

456 

1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

457 
context Truth 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

458 
begin 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

459 

1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

460 
lemma "False" 
46344
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

461 
quickcheck[exhaustive, expect = counterexample] 
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

462 
oops 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

463 

14592  464 
end 
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

465 

1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

466 
interpretation Truth . 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

467 

1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

468 
context Truth 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

469 
begin 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

470 

1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

471 
lemma "False" 
43890  472 
quickcheck[exhaustive, expect = counterexample] 
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

473 
oops 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

474 

1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

475 
end 
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

476 

46344
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

477 
locale antisym = 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

478 
fixes R 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

479 
assumes "R x y > R y x > x = y" 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

480 

47348
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

481 
interpretation equal : antisym "op =" by default simp 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

482 
interpretation order_nat : antisym "op <= :: nat => _ => _" by default simp 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

483 

9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

484 
lemma (in antisym) 
46344
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

485 
"R x y > R y z > R x z" 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

486 
quickcheck[exhaustive, finite_type_size = 2, expect = no_counterexample] 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

487 
quickcheck[exhaustive, expect = counterexample] 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

488 
oops 
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

489 

47348
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

490 
declare [[quickcheck_locale = "interpret"]] 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

491 

9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

492 
lemma (in antisym) 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

493 
"R x y > R y z > R x z" 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

494 
quickcheck[exhaustive, expect = no_counterexample] 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

495 
oops 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

496 

9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

497 
declare [[quickcheck_locale = "expand"]] 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

498 

9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

499 
lemma (in antisym) 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

500 
"R x y > R y z > R x z" 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

501 
quickcheck[exhaustive, finite_type_size = 2, expect = no_counterexample] 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

502 
quickcheck[exhaustive, expect = counterexample] 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

503 
oops 
9a82999ebbd6
added option quickcheck_locale to allow different behaviours for handling locales in Quickcheck;
bulwahn
parents:
46879
diff
changeset

504 

46344
b6fbdd3d0915
corrected expectation; added an example for quickcheck
bulwahn
parents:
46337
diff
changeset

505 

45441
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

506 
subsection {* Examples with HOL quantifiers *} 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

507 

fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

508 
lemma 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

509 
"\<forall> xs ys. xs = [] > xs = ys" 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

510 
quickcheck[exhaustive, expect = counterexample] 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

511 
oops 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

512 

fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

513 
lemma 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

514 
"ys = [] > (\<forall>xs. xs = [] > xs = y # ys)" 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

515 
quickcheck[exhaustive, expect = counterexample] 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

516 
oops 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

517 

fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

518 
lemma 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

519 
"\<forall>xs. (\<exists> ys. ys = []) > xs = ys" 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

520 
quickcheck[exhaustive, expect = counterexample] 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

521 
oops 
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

522 

45684
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

523 
subsection {* Examples with underspecified/partial functions *} 
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

524 

3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

525 
lemma 
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

526 
"xs = [] ==> hd xs \<noteq> x" 
45762
daf57640d4df
the reporting random testing also returns if the counterexample is genuine or potentially spurious
bulwahn
parents:
45720
diff
changeset

527 
quickcheck[exhaustive, expect = no_counterexample] 
daf57640d4df
the reporting random testing also returns if the counterexample is genuine or potentially spurious
bulwahn
parents:
45720
diff
changeset

528 
quickcheck[random, report = false, expect = no_counterexample] 
45765
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

529 
quickcheck[random, report = true, expect = no_counterexample] 
45684
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

530 
oops 
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

531 

3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

532 
lemma 
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

533 
"xs = [] ==> hd xs = x" 
45765
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

534 
quickcheck[exhaustive, expect = no_counterexample] 
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

535 
quickcheck[random, report = false, expect = no_counterexample] 
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

536 
quickcheck[random, report = true, expect = no_counterexample] 
45684
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

537 
oops 
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

538 

3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

539 
lemma "xs = [] ==> hd xs = x ==> x = y" 
45765
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

540 
quickcheck[exhaustive, expect = no_counterexample] 
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

541 
quickcheck[random, report = false, expect = no_counterexample] 
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

542 
quickcheck[random, report = true, expect = no_counterexample] 
45684
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

543 
oops 
3d6ee9c7d7ef
adding a exceptionsafe term reification step in quickcheck; adding examples
bulwahn
parents:
45507
diff
changeset

544 

45689
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

545 
text {* with the simple testing scheme *} 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

546 

58813  547 
setup Exhaustive_Generators.setup_exhaustive_datatype_interpretation 
45689
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

548 
declare [[quickcheck_full_support = false]] 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

549 

4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

550 
lemma 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

551 
"xs = [] ==> hd xs \<noteq> x" 
45765
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

552 
quickcheck[exhaustive, expect = no_counterexample] 
45689
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

553 
oops 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

554 

4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

555 
lemma 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

556 
"xs = [] ==> hd xs = x" 
45765
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

557 
quickcheck[exhaustive, expect = no_counterexample] 
45689
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

558 
oops 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

559 

4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

560 
lemma "xs = [] ==> hd xs = x ==> x = y" 
45765
cb6ddee6a463
making the default behaviour of quickcheck a little bit less verbose;
bulwahn
parents:
45762
diff
changeset

561 
quickcheck[exhaustive, expect = no_counterexample] 
45689
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

562 
oops 
4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

563 

4c25ba9f3c23
adding examples for the potential counterexamples in the simple scheme
bulwahn
parents:
45684
diff
changeset

564 
declare [[quickcheck_full_support = true]] 
45441
fb4ac1dd4fde
adding some test cases for preprocessing and narrowing
bulwahn
parents:
45118
diff
changeset

565 

48013
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

566 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

567 
subsection {* Equality Optimisation *} 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

568 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

569 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

570 
"f x = y ==> y = (0 :: nat)" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

571 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

572 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

573 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

574 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

575 
"y = f x ==> y = (0 :: nat)" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

576 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

577 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

578 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

579 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

580 
"f y = zz # zzs ==> zz = (0 :: nat) \<and> zzs = []" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

581 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

582 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

583 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

584 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

585 
"f y = x # x' # xs ==> x = (0 :: nat) \<and> x' = 0 \<and> xs = []" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

586 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

587 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

588 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

589 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

590 
"x = f x \<Longrightarrow> x = (0 :: nat)" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

591 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

592 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

593 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

594 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

595 
"f y = x # x # xs ==> x = (0 :: nat) \<and> xs = []" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

596 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

597 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

598 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

599 
lemma 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

600 
"m1 k = Some v \<Longrightarrow> (m1 ++ m2) k = Some v" 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

601 
quickcheck 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

602 
oops 
44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

603 

44de84112a67
added optimisation for equational premises in Quickcheck; added some Quickcheck examples; NEWS
bulwahn
parents:
47348
diff
changeset

604 

42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset

605 
end 