[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PVS-Help] Induction hypothesis vs. specification

To: <pvs-help@csl.sri.com>
Subject: [PVS-Help] Induction hypothesis vs. specification
From: "Ingo Feinerer" <IngoFeinerer@web.de>
Date: Thu, 4 Nov 2004 13:04:37 +0100
List-Help: <mailto:pvs-help-request@csl.sri.com?subject=help>
List-Id: PVS-Help <pvs-help.csl.sri.com>
List-Post: <mailto:pvs-help@csl.sri.com>
List-Subscribe: <http://lists.csl.sri.com/mailman/listinfo/pvs-help>,<mailto:pvs-help-request@csl.sri.com?subject=subscribe>
List-Unsubscribe: <http://lists.csl.sri.com/mailman/listinfo/pvs-help>,<mailto:pvs-help-request@csl.sri.com?subject=unsubscribe>
Sender: pvs-help-bounces+archive=csl.sri.com@csl.sri.com

Hi!

Please consider following program:

mult: THEORY
  BEGIN
    x, y, z: VAR nat

    mult(x, y, z): RECURSIVE nat =
      IF y = 0 THEN z ELSE mult(x, y - 1, z + x) ENDIF
    MEASURE y

    mult_ok: LEMMA FORALL (x, y): mult(x, y, 0) = x * y
    mult_ok2: LEMMA FORALL (x, y, z): mult(x, y, z) = x * y + z

  END mult

"mult_ok2" can be easily proved by induction, but I wonder if it is possible
to prove "mult_ok". The thing I would need is to give PVS a hint by defining
the induction hypothesis. Possible? If yes, how?

Another question: Is there a repository of simple PVS examples (especially
loops)?

Thanks,

Ingo

Prev by Date: [PVS-Help] Prime factors
Next by Date: Re: [PVS-Help] Prime factors
Prev by thread: [PVS-Help] Re: Induction hypothesis vs. specification
Next by thread: [PVS-Help] Prime factors
Index(es):
- Date
- Thread