author | wenzelm |
Sat, 20 Aug 2011 20:24:12 +0200 | |
changeset 44335 | 156be0e43336 |
parent 44189 | 4a80017c733f |
child 45118 | 7462f287189a |
permissions | -rw-r--r-- |
14592 | 1 |
(* Title: HOL/ex/Quickcheck_Examples.thy |
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
2 |
Author: Stefan Berghofer, Lukas Bulwahn |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
3 |
Copyright 2004 - 2010 TU Muenchen |
14592 | 4 |
*) |
5 |
||
6 |
header {* Examples for the 'quickcheck' command *} |
|
7 |
||
28314 | 8 |
theory Quickcheck_Examples |
41231
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
9 |
imports Complex_Main |
28314 | 10 |
begin |
14592 | 11 |
|
12 |
text {* |
|
13 |
The 'quickcheck' command allows to find counterexamples by evaluating |
|
40654 | 14 |
formulae. |
15 |
Currently, there are two different exploration schemes: |
|
16 |
- random testing: this is incomplete, but explores the search space faster. |
|
17 |
- exhaustive testing: this is complete, but increasing the depth leads to |
|
18 |
exponentially many assignments. |
|
19 |
||
20 |
quickcheck can handle quantifiers on finite universes. |
|
21 |
||
14592 | 22 |
*} |
23 |
||
43803 | 24 |
declare [[quickcheck_timeout = 3600]] |
25 |
||
14592 | 26 |
subsection {* Lists *} |
27 |
||
28 |
theorem "map g (map f xs) = map (g o f) xs" |
|
40917 | 29 |
quickcheck[random, expect = no_counterexample] |
30 |
quickcheck[exhaustive, size = 3, expect = no_counterexample] |
|
14592 | 31 |
oops |
32 |
||
33 |
theorem "map g (map f xs) = map (f o g) xs" |
|
40917 | 34 |
quickcheck[random, expect = counterexample] |
35 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 36 |
oops |
37 |
||
38 |
theorem "rev (xs @ ys) = rev ys @ rev xs" |
|
40917 | 39 |
quickcheck[random, expect = no_counterexample] |
40 |
quickcheck[exhaustive, expect = no_counterexample] |
|
42087
5e236f6ef04f
changing timeout behaviour of quickcheck to proceed after command rather than failing; adding a test case for timeout
bulwahn
parents:
41231
diff
changeset
|
41 |
quickcheck[exhaustive, size = 1000, timeout = 0.1] |
14592 | 42 |
oops |
43 |
||
44 |
theorem "rev (xs @ ys) = rev xs @ rev ys" |
|
40917 | 45 |
quickcheck[random, expect = counterexample] |
46 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 47 |
oops |
48 |
||
49 |
theorem "rev (rev xs) = xs" |
|
40917 | 50 |
quickcheck[random, expect = no_counterexample] |
51 |
quickcheck[exhaustive, expect = no_counterexample] |
|
14592 | 52 |
oops |
53 |
||
54 |
theorem "rev xs = xs" |
|
42159
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
55 |
quickcheck[tester = random, finite_types = true, report = false, expect = counterexample] |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
56 |
quickcheck[tester = random, finite_types = false, report = false, expect = counterexample] |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
57 |
quickcheck[tester = random, finite_types = true, report = true, expect = counterexample] |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
58 |
quickcheck[tester = random, finite_types = false, report = true, expect = counterexample] |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
59 |
quickcheck[tester = exhaustive, finite_types = true, expect = counterexample] |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
60 |
quickcheck[tester = exhaustive, finite_types = false, expect = counterexample] |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
61 |
oops |
234ec7011e5d
generalizing compilation scheme of quickcheck generators to multiple arguments; changing random and exhaustive tester to use one code invocation for polymorphic instances with multiple cardinalities
bulwahn
parents:
42087
diff
changeset
|
62 |
|
14592 | 63 |
|
25891 | 64 |
text {* An example involving functions inside other data structures *} |
65 |
||
28314 | 66 |
primrec app :: "('a \<Rightarrow> 'a) list \<Rightarrow> 'a \<Rightarrow> 'a" where |
25891 | 67 |
"app [] x = x" |
28314 | 68 |
| "app (f # fs) x = app fs (f x)" |
25891 | 69 |
|
70 |
lemma "app (fs @ gs) x = app gs (app fs x)" |
|
40917 | 71 |
quickcheck[random, expect = no_counterexample] |
72 |
quickcheck[exhaustive, size = 4, expect = no_counterexample] |
|
25891 | 73 |
by (induct fs arbitrary: x) simp_all |
74 |
||
75 |
lemma "app (fs @ gs) x = app fs (app gs x)" |
|
40917 | 76 |
quickcheck[random, expect = counterexample] |
77 |
quickcheck[exhaustive, expect = counterexample] |
|
25891 | 78 |
oops |
79 |
||
28314 | 80 |
primrec occurs :: "'a \<Rightarrow> 'a list \<Rightarrow> nat" where |
14592 | 81 |
"occurs a [] = 0" |
28314 | 82 |
| "occurs a (x#xs) = (if (x=a) then Suc(occurs a xs) else occurs a xs)" |
14592 | 83 |
|
28314 | 84 |
primrec del1 :: "'a \<Rightarrow> 'a list \<Rightarrow> 'a list" where |
14592 | 85 |
"del1 a [] = []" |
28314 | 86 |
| "del1 a (x#xs) = (if (x=a) then xs else (x#del1 a xs))" |
14592 | 87 |
|
25891 | 88 |
text {* A lemma, you'd think to be true from our experience with delAll *} |
14592 | 89 |
lemma "Suc (occurs a (del1 a xs)) = occurs a xs" |
90 |
-- {* Wrong. Precondition needed.*} |
|
40917 | 91 |
quickcheck[random, expect = counterexample] |
92 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 93 |
oops |
94 |
||
95 |
lemma "xs ~= [] \<longrightarrow> Suc (occurs a (del1 a xs)) = occurs a xs" |
|
40917 | 96 |
quickcheck[random, expect = counterexample] |
97 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 98 |
-- {* Also wrong.*} |
99 |
oops |
|
100 |
||
101 |
lemma "0 < occurs a xs \<longrightarrow> Suc (occurs a (del1 a xs)) = occurs a xs" |
|
40917 | 102 |
quickcheck[random, expect = no_counterexample] |
103 |
quickcheck[exhaustive, expect = no_counterexample] |
|
28314 | 104 |
by (induct xs) auto |
14592 | 105 |
|
28314 | 106 |
primrec replace :: "'a \<Rightarrow> 'a \<Rightarrow> 'a list \<Rightarrow> 'a list" where |
14592 | 107 |
"replace a b [] = []" |
28314 | 108 |
| "replace a b (x#xs) = (if (x=a) then (b#(replace a b xs)) |
14592 | 109 |
else (x#(replace a b xs)))" |
110 |
||
111 |
lemma "occurs a xs = occurs b (replace a b xs)" |
|
40917 | 112 |
quickcheck[random, expect = counterexample] |
113 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 114 |
-- {* Wrong. Precondition needed.*} |
115 |
oops |
|
116 |
||
117 |
lemma "occurs b xs = 0 \<or> a=b \<longrightarrow> occurs a xs = occurs b (replace a b xs)" |
|
40917 | 118 |
quickcheck[random, expect = no_counterexample] |
119 |
quickcheck[exhaustive, expect = no_counterexample] |
|
28314 | 120 |
by (induct xs) simp_all |
14592 | 121 |
|
122 |
||
123 |
subsection {* Trees *} |
|
124 |
||
125 |
datatype 'a tree = Twig | Leaf 'a | Branch "'a tree" "'a tree" |
|
126 |
||
28314 | 127 |
primrec leaves :: "'a tree \<Rightarrow> 'a list" where |
14592 | 128 |
"leaves Twig = []" |
28314 | 129 |
| "leaves (Leaf a) = [a]" |
130 |
| "leaves (Branch l r) = (leaves l) @ (leaves r)" |
|
14592 | 131 |
|
28314 | 132 |
primrec plant :: "'a list \<Rightarrow> 'a tree" where |
14592 | 133 |
"plant [] = Twig " |
28314 | 134 |
| "plant (x#xs) = Branch (Leaf x) (plant xs)" |
14592 | 135 |
|
28314 | 136 |
primrec mirror :: "'a tree \<Rightarrow> 'a tree" where |
14592 | 137 |
"mirror (Twig) = Twig " |
28314 | 138 |
| "mirror (Leaf a) = Leaf a " |
139 |
| "mirror (Branch l r) = Branch (mirror r) (mirror l)" |
|
14592 | 140 |
|
141 |
theorem "plant (rev (leaves xt)) = mirror xt" |
|
40917 | 142 |
quickcheck[random, expect = counterexample] |
143 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 144 |
--{* Wrong! *} |
145 |
oops |
|
146 |
||
147 |
theorem "plant((leaves xt) @ (leaves yt)) = Branch xt yt" |
|
40917 | 148 |
quickcheck[random, expect = counterexample] |
149 |
quickcheck[exhaustive, expect = counterexample] |
|
14592 | 150 |
--{* Wrong! *} |
151 |
oops |
|
152 |
||
153 |
datatype 'a ntree = Tip "'a" | Node "'a" "'a ntree" "'a ntree" |
|
154 |
||
28314 | 155 |
primrec inOrder :: "'a ntree \<Rightarrow> 'a list" where |
14592 | 156 |
"inOrder (Tip a)= [a]" |
28314 | 157 |
| "inOrder (Node f x y) = (inOrder x)@[f]@(inOrder y)" |
14592 | 158 |
|
28314 | 159 |
primrec root :: "'a ntree \<Rightarrow> 'a" where |
14592 | 160 |
"root (Tip a) = a" |
28314 | 161 |
| "root (Node f x y) = f" |
14592 | 162 |
|
28314 | 163 |
theorem "hd (inOrder xt) = root xt" |
40917 | 164 |
quickcheck[random, expect = counterexample] |
165 |
quickcheck[exhaustive, expect = counterexample] |
|
166 |
--{* Wrong! *} |
|
14592 | 167 |
oops |
168 |
||
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
169 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
170 |
subsection {* Exhaustive Testing beats Random Testing *} |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
171 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
172 |
text {* Here are some examples from mutants from the List theory |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
173 |
where exhaustive testing beats random testing *} |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
174 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
175 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
176 |
"[] ~= xs ==> hd xs = last (x # xs)" |
40917 | 177 |
quickcheck[random] |
178 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
179 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
180 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
181 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
182 |
assumes "!!i. [| i < n; i < length xs |] ==> P (xs ! i)" "n < length xs ==> ~ P (xs ! n)" |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
183 |
shows "drop n xs = takeWhile P xs" |
40917 | 184 |
quickcheck[random, iterations = 10000, quiet] |
185 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
186 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
187 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
188 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
189 |
"i < length (List.transpose (List.transpose xs)) ==> xs ! i = map (%xs. xs ! i) [ys<-xs. i < length ys]" |
40917 | 190 |
quickcheck[random, iterations = 10000] |
191 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
192 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
193 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
194 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
195 |
"i < n - m ==> f (lcm m i) = map f [m..<n] ! i" |
40917 | 196 |
quickcheck[random, iterations = 10000, finite_types = false] |
197 |
quickcheck[exhaustive, finite_types = false, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
198 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
199 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
200 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
201 |
"i < n - m ==> f (lcm m i) = map f [m..<n] ! i" |
40917 | 202 |
quickcheck[random, iterations = 10000, finite_types = false] |
203 |
quickcheck[exhaustive, finite_types = false, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
204 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
205 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
206 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
207 |
"ns ! k < length ns ==> k <= listsum ns" |
40917 | 208 |
quickcheck[random, iterations = 10000, finite_types = false, quiet] |
209 |
quickcheck[exhaustive, finite_types = false, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
210 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
211 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
212 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
213 |
"[| ys = x # xs1; zs = xs1 @ xs |] ==> ys @ zs = x # xs" |
40917 | 214 |
quickcheck[random, iterations = 10000] |
215 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
216 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
217 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
218 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
219 |
"i < length xs ==> take (Suc i) xs = [] @ xs ! i # take i xs" |
40917 | 220 |
quickcheck[random, iterations = 10000] |
221 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
222 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
223 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
224 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
225 |
"i < length xs ==> take (Suc i) xs = (xs ! i # xs) @ take i []" |
40917 | 226 |
quickcheck[random, iterations = 10000] |
227 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
228 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
229 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
230 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
231 |
"[| sorted (rev (map length xs)); i < length xs |] ==> xs ! i = map (%ys. ys ! i) [ys<-remdups xs. i < length ys]" |
40917 | 232 |
quickcheck[random] |
233 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
234 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
235 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
236 |
lemma |
44189
4a80017c733f
ex/Quickcheck_Examples.thy: respect distinction between sets and functions
huffman
parents:
43909
diff
changeset
|
237 |
"[| sorted (rev (map length xs)); i < length xs |] ==> xs ! i = map (%ys. ys ! i) [ys<-List.transpose xs. length ys \<in> {..<i}]" |
40917 | 238 |
quickcheck[random] |
239 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
240 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
241 |
|
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
242 |
lemma |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
243 |
"(ys = zs) = (xs @ ys = splice xs zs)" |
40917 | 244 |
quickcheck[random] |
245 |
quickcheck[exhaustive, expect = counterexample] |
|
40645
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
246 |
oops |
03ce94672ee6
adding test cases for smallcheck and adding examples where exhaustive testing is more successful
bulwahn
parents:
37929
diff
changeset
|
247 |
|
41231
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
248 |
subsection {* Examples with quantifiers *} |
40654 | 249 |
|
250 |
text {* |
|
251 |
These examples show that we can handle quantifiers. |
|
252 |
*} |
|
253 |
||
254 |
lemma "(\<exists>x. P x) \<longrightarrow> (\<forall>x. P x)" |
|
40917 | 255 |
quickcheck[random, expect = counterexample] |
256 |
quickcheck[exhaustive, expect = counterexample] |
|
40654 | 257 |
oops |
258 |
||
259 |
lemma "(\<forall>x. \<exists>y. P x y) \<longrightarrow> (\<exists>y. \<forall>x. P x y)" |
|
40917 | 260 |
quickcheck[random, expect = counterexample] |
40654 | 261 |
quickcheck[expect = counterexample] |
262 |
oops |
|
263 |
||
264 |
lemma "(\<exists>x. P x) \<longrightarrow> (EX! x. P x)" |
|
40917 | 265 |
quickcheck[random, expect = counterexample] |
40654 | 266 |
quickcheck[expect = counterexample] |
267 |
oops |
|
268 |
||
41231
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
269 |
subsection {* Examples with numerical types *} |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
270 |
|
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
271 |
text {* |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
272 |
Quickcheck supports the common types nat, int, rat and real. |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
273 |
*} |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
274 |
|
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
275 |
lemma |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
276 |
"(x :: nat) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
277 |
quickcheck[exhaustive, size = 10, expect = counterexample] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
278 |
quickcheck[random, size = 10] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
279 |
oops |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
280 |
|
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
281 |
lemma |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
282 |
"(x :: int) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
283 |
quickcheck[exhaustive, size = 10, expect = counterexample] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
284 |
quickcheck[random, size = 10] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
285 |
oops |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
286 |
|
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
287 |
lemma |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
288 |
"(x :: rat) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
289 |
quickcheck[exhaustive, size = 10, expect = counterexample] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
290 |
quickcheck[random, size = 10] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
291 |
oops |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
292 |
|
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
293 |
lemma |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
294 |
"(x :: real) > 0 ==> y > 0 ==> z > 0 ==> x * x + y * y \<noteq> z * z" |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
295 |
quickcheck[exhaustive, size = 10, expect = counterexample] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
296 |
quickcheck[random, size = 10] |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
297 |
oops |
2e901158675e
adding exhaustive tester instances for numeric types: code_numeral, nat, rat and real
bulwahn
parents:
40917
diff
changeset
|
298 |
|
43734
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
299 |
subsubsection {* floor and ceiling functions *} |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
300 |
|
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
301 |
lemma |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
302 |
"floor x + floor y = floor (x + y :: rat)" |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
303 |
quickcheck[expect = counterexample] |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
304 |
oops |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
305 |
|
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
306 |
lemma |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
307 |
"floor x + floor y = floor (x + y :: real)" |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
308 |
quickcheck[expect = counterexample] |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
309 |
oops |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
310 |
|
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
311 |
lemma |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
312 |
"ceiling x + ceiling y = ceiling (x + y :: rat)" |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
313 |
quickcheck[expect = counterexample] |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
314 |
oops |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
315 |
|
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
316 |
lemma |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
317 |
"ceiling x + ceiling y = ceiling (x + y :: real)" |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
318 |
quickcheck[expect = counterexample] |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
319 |
oops |
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
320 |
|
ea147bec4f72
adding quickcheck examples for evaluating floor and ceiling functions
bulwahn
parents:
42696
diff
changeset
|
321 |
|
42696
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
322 |
subsection {* Examples with Records *} |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
323 |
|
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
324 |
record point = |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
325 |
xpos :: nat |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
326 |
ypos :: nat |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
327 |
|
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
328 |
lemma |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
329 |
"xpos r = xpos r' ==> r = r'" |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
330 |
quickcheck[exhaustive, expect = counterexample] |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
331 |
quickcheck[random, expect = counterexample] |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
332 |
oops |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
333 |
|
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
334 |
datatype colour = Red | Green | Blue |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
335 |
|
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
336 |
record cpoint = point + |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
337 |
colour :: colour |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
338 |
|
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
339 |
lemma |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
340 |
"xpos r = xpos r' ==> ypos r = ypos r' ==> (r :: cpoint) = r'" |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
341 |
quickcheck[exhaustive, expect = counterexample] |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
342 |
quickcheck[random, expect = counterexample] |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
343 |
oops |
7c7ca3fc7ce5
adding examples for invoking quickcheck with records
bulwahn
parents:
42434
diff
changeset
|
344 |
|
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
345 |
subsection {* Examples with locales *} |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
346 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
347 |
locale Truth |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
348 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
349 |
context Truth |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
350 |
begin |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
351 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
352 |
lemma "False" |
43909
7feb72f7bc3e
only use exhaustive testing in this quickcheck example
bulwahn
parents:
43890
diff
changeset
|
353 |
quickcheck[exhaustive, expect = no_counterexample] |
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
354 |
oops |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
355 |
|
14592 | 356 |
end |
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
357 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
358 |
interpretation Truth . |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
359 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
360 |
context Truth |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
361 |
begin |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
362 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
363 |
lemma "False" |
43890 | 364 |
quickcheck[exhaustive, expect = counterexample] |
42434
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
365 |
oops |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
366 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
367 |
end |
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
368 |
|
1914fd5d7c0e
adding examples for Quickcheck used within locales
bulwahn
parents:
42159
diff
changeset
|
369 |
end |