src/HOL/Quickcheck.thy
 author huffman Fri Aug 19 14:17:28 2011 -0700 (2011-08-19) changeset 44311 42c5cbf68052 parent 42175 32c3bb5e1b1a child 44845 5e51075cbd97 permissions -rw-r--r--
new isCont theorems;
simplify some proofs.
```     1 (* Author: Florian Haftmann & Lukas Bulwahn, TU Muenchen *)
```
```     2
```
```     3 header {* A simple counterexample generator performing random testing *}
```
```     4
```
```     5 theory Quickcheck
```
```     6 imports Random Code_Evaluation Enum
```
```     7 uses
```
```     8   "Tools/Quickcheck/quickcheck_common.ML"
```
```     9   ("Tools/Quickcheck/random_generators.ML")
```
```    10 begin
```
```    11
```
```    12 notation fcomp (infixl "\<circ>>" 60)
```
```    13 notation scomp (infixl "\<circ>\<rightarrow>" 60)
```
```    14
```
```    15
```
```    16 subsection {* The @{text random} class *}
```
```    17
```
```    18 class random = typerep +
```
```    19   fixes random :: "code_numeral \<Rightarrow> Random.seed \<Rightarrow> ('a \<times> (unit \<Rightarrow> term)) \<times> Random.seed"
```
```    20
```
```    21
```
```    22 subsection {* Fundamental and numeric types*}
```
```    23
```
```    24 instantiation bool :: random
```
```    25 begin
```
```    26
```
```    27 definition
```
```    28   "random i = Random.range 2 \<circ>\<rightarrow>
```
```    29     (\<lambda>k. Pair (if k = 0 then Code_Evaluation.valtermify False else Code_Evaluation.valtermify True))"
```
```    30
```
```    31 instance ..
```
```    32
```
```    33 end
```
```    34
```
```    35 instantiation itself :: (typerep) random
```
```    36 begin
```
```    37
```
```    38 definition random_itself :: "code_numeral \<Rightarrow> Random.seed \<Rightarrow> ('a itself \<times> (unit \<Rightarrow> term)) \<times> Random.seed" where
```
```    39   "random_itself _ = Pair (Code_Evaluation.valtermify TYPE('a))"
```
```    40
```
```    41 instance ..
```
```    42
```
```    43 end
```
```    44
```
```    45 instantiation char :: random
```
```    46 begin
```
```    47
```
```    48 definition
```
```    49   "random _ = Random.select chars \<circ>\<rightarrow> (\<lambda>c. Pair (c, \<lambda>u. Code_Evaluation.term_of c))"
```
```    50
```
```    51 instance ..
```
```    52
```
```    53 end
```
```    54
```
```    55 instantiation String.literal :: random
```
```    56 begin
```
```    57
```
```    58 definition
```
```    59   "random _ = Pair (STR '''', \<lambda>u. Code_Evaluation.term_of (STR ''''))"
```
```    60
```
```    61 instance ..
```
```    62
```
```    63 end
```
```    64
```
```    65 instantiation nat :: random
```
```    66 begin
```
```    67
```
```    68 definition random_nat :: "code_numeral \<Rightarrow> Random.seed \<Rightarrow> (nat \<times> (unit \<Rightarrow> Code_Evaluation.term)) \<times> Random.seed" where
```
```    69   "random_nat i = Random.range (i + 1) \<circ>\<rightarrow> (\<lambda>k. Pair (
```
```    70      let n = Code_Numeral.nat_of k
```
```    71      in (n, \<lambda>_. Code_Evaluation.term_of n)))"
```
```    72
```
```    73 instance ..
```
```    74
```
```    75 end
```
```    76
```
```    77 instantiation int :: random
```
```    78 begin
```
```    79
```
```    80 definition
```
```    81   "random i = Random.range (2 * i + 1) \<circ>\<rightarrow> (\<lambda>k. Pair (
```
```    82      let j = (if k \<ge> i then Code_Numeral.int_of (k - i) else - Code_Numeral.int_of (i - k))
```
```    83      in (j, \<lambda>_. Code_Evaluation.term_of j)))"
```
```    84
```
```    85 instance ..
```
```    86
```
```    87 end
```
```    88
```
```    89
```
```    90 subsection {* Complex generators *}
```
```    91
```
```    92 text {* Towards @{typ "'a \<Rightarrow> 'b"} *}
```
```    93
```
```    94 axiomatization random_fun_aux :: "typerep \<Rightarrow> typerep \<Rightarrow> ('a \<Rightarrow> 'a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> term)
```
```    95   \<Rightarrow> (Random.seed \<Rightarrow> ('b \<times> (unit \<Rightarrow> term)) \<times> Random.seed) \<Rightarrow> (Random.seed \<Rightarrow> Random.seed \<times> Random.seed)
```
```    96   \<Rightarrow> Random.seed \<Rightarrow> (('a \<Rightarrow> 'b) \<times> (unit \<Rightarrow> term)) \<times> Random.seed"
```
```    97
```
```    98 definition random_fun_lift :: "(Random.seed \<Rightarrow> ('b \<times> (unit \<Rightarrow> term)) \<times> Random.seed)
```
```    99   \<Rightarrow> Random.seed \<Rightarrow> (('a\<Colon>term_of \<Rightarrow> 'b\<Colon>typerep) \<times> (unit \<Rightarrow> term)) \<times> Random.seed" where
```
```   100   "random_fun_lift f = random_fun_aux TYPEREP('a) TYPEREP('b) (op =) Code_Evaluation.term_of f Random.split_seed"
```
```   101
```
```   102 instantiation "fun" :: ("{equal, term_of}", random) random
```
```   103 begin
```
```   104
```
```   105 definition random_fun :: "code_numeral \<Rightarrow> Random.seed \<Rightarrow> (('a \<Rightarrow> 'b) \<times> (unit \<Rightarrow> term)) \<times> Random.seed" where
```
```   106   "random i = random_fun_lift (random i)"
```
```   107
```
```   108 instance ..
```
```   109
```
```   110 end
```
```   111
```
```   112 text {* Towards type copies and datatypes *}
```
```   113
```
```   114 definition collapse :: "('a \<Rightarrow> ('a \<Rightarrow> 'b \<times> 'a) \<times> 'a) \<Rightarrow> 'a \<Rightarrow> 'b \<times> 'a" where
```
```   115   "collapse f = (f \<circ>\<rightarrow> id)"
```
```   116
```
```   117 definition beyond :: "code_numeral \<Rightarrow> code_numeral \<Rightarrow> code_numeral" where
```
```   118   "beyond k l = (if l > k then l else 0)"
```
```   119
```
```   120 lemma beyond_zero:
```
```   121   "beyond k 0 = 0"
```
```   122   by (simp add: beyond_def)
```
```   123
```
```   124 lemma random_aux_rec:
```
```   125   fixes random_aux :: "code_numeral \<Rightarrow> 'a"
```
```   126   assumes "random_aux 0 = rhs 0"
```
```   127     and "\<And>k. random_aux (Suc_code_numeral k) = rhs (Suc_code_numeral k)"
```
```   128   shows "random_aux k = rhs k"
```
```   129   using assms by (rule code_numeral.induct)
```
```   130
```
```   131 use "Tools/Quickcheck/random_generators.ML"
```
```   132 setup Random_Generators.setup
```
```   133
```
```   134
```
```   135 subsection {* Code setup *}
```
```   136
```
```   137 code_const random_fun_aux (Quickcheck "Random'_Generators.random'_fun")
```
```   138   -- {* With enough criminal energy this can be abused to derive @{prop False};
```
```   139   for this reason we use a distinguished target @{text Quickcheck}
```
```   140   not spoiling the regular trusted code generation *}
```
```   141
```
```   142 code_reserved Quickcheck Random_Generators
```
```   143
```
```   144 no_notation fcomp (infixl "\<circ>>" 60)
```
```   145 no_notation scomp (infixl "\<circ>\<rightarrow>" 60)
```
```   146
```
```   147
```
```   148 subsection {* The Random-Predicate Monad *}
```
```   149
```
```   150 fun iter' ::
```
```   151   "'a itself => code_numeral => code_numeral => code_numeral * code_numeral => ('a::random) Predicate.pred"
```
```   152 where
```
```   153   "iter' T nrandom sz seed = (if nrandom = 0 then bot_class.bot else
```
```   154      let ((x, _), seed') = random sz seed
```
```   155    in Predicate.Seq (%u. Predicate.Insert x (iter' T (nrandom - 1) sz seed')))"
```
```   156
```
```   157 definition iter :: "code_numeral => code_numeral => code_numeral * code_numeral => ('a::random) Predicate.pred"
```
```   158 where
```
```   159   "iter nrandom sz seed = iter' (TYPE('a)) nrandom sz seed"
```
```   160
```
```   161 lemma [code]:
```
```   162   "iter nrandom sz seed = (if nrandom = 0 then bot_class.bot else
```
```   163      let ((x, _), seed') = random sz seed
```
```   164    in Predicate.Seq (%u. Predicate.Insert x (iter (nrandom - 1) sz seed')))"
```
```   165 unfolding iter_def iter'.simps[of _ nrandom] ..
```
```   166
```
```   167 type_synonym 'a randompred = "Random.seed \<Rightarrow> ('a Predicate.pred \<times> Random.seed)"
```
```   168
```
```   169 definition empty :: "'a randompred"
```
```   170   where "empty = Pair (bot_class.bot)"
```
```   171
```
```   172 definition single :: "'a => 'a randompred"
```
```   173   where "single x = Pair (Predicate.single x)"
```
```   174
```
```   175 definition bind :: "'a randompred \<Rightarrow> ('a \<Rightarrow> 'b randompred) \<Rightarrow> 'b randompred"
```
```   176   where
```
```   177     "bind R f = (\<lambda>s. let
```
```   178        (P, s') = R s;
```
```   179        (s1, s2) = Random.split_seed s'
```
```   180      in (Predicate.bind P (%a. fst (f a s1)), s2))"
```
```   181
```
```   182 definition union :: "'a randompred \<Rightarrow> 'a randompred \<Rightarrow> 'a randompred"
```
```   183 where
```
```   184   "union R1 R2 = (\<lambda>s. let
```
```   185      (P1, s') = R1 s; (P2, s'') = R2 s'
```
```   186    in (semilattice_sup_class.sup P1 P2, s''))"
```
```   187
```
```   188 definition if_randompred :: "bool \<Rightarrow> unit randompred"
```
```   189 where
```
```   190   "if_randompred b = (if b then single () else empty)"
```
```   191
```
```   192 definition iterate_upto :: "(code_numeral => 'a) => code_numeral => code_numeral => 'a randompred"
```
```   193 where
```
```   194   "iterate_upto f n m = Pair (Code_Numeral.iterate_upto f n m)"
```
```   195
```
```   196 definition not_randompred :: "unit randompred \<Rightarrow> unit randompred"
```
```   197 where
```
```   198   "not_randompred P = (\<lambda>s. let
```
```   199      (P', s') = P s
```
```   200    in if Predicate.eval P' () then (Orderings.bot, s') else (Predicate.single (), s'))"
```
```   201
```
```   202 definition Random :: "(Random.seed \<Rightarrow> ('a \<times> (unit \<Rightarrow> term)) \<times> Random.seed) \<Rightarrow> 'a randompred"
```
```   203   where "Random g = scomp g (Pair o (Predicate.single o fst))"
```
```   204
```
```   205 definition map :: "('a \<Rightarrow> 'b) \<Rightarrow> ('a randompred \<Rightarrow> 'b randompred)"
```
```   206   where "map f P = bind P (single o f)"
```
```   207
```
```   208 hide_fact (open) iter'.simps iter_def empty_def single_def bind_def union_def if_randompred_def iterate_upto_def not_randompred_def Random_def map_def
```
```   209 hide_type (open) randompred
```
```   210 hide_const (open) random collapse beyond random_fun_aux random_fun_lift
```
```   211   iter' iter empty single bind union if_randompred iterate_upto not_randompred Random map
```
```   212
```
```   213 end
```