Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
C
cpdt
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
research
cpdt
Commits
0985f7f8
Commit
0985f7f8
authored
Feb 11, 2013
by
Adam Chlipala
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Pass through Chapter 15
parent
3c1d84a9
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
2 additions
and
2 deletions
+2
-2
Reflection.v
src/Reflection.v
+2
-2
No files found.
src/Reflection.v
View file @
0985f7f8
...
...
@@ -52,7 +52,7 @@ Even_SS
It
is
also
unfortunate
not
to
have
static
typing
guarantees
that
our
tactic
always
behaves
appropriately
.
Other
invocations
of
similar
tactics
might
fail
with
dynamic
type
errors
,
and
we
would
not
know
about
the
bugs
behind
these
errors
until
we
happened
to
attempt
to
prove
complex
enough
goals
.
The
techniques
of
proof
by
reflection
address
both
complaints
.
We
will
be
able
to
write
proofs
like
this
with
constant
size
overhead
beyond
the
size
of
the
input
,
and
we
will
do
it
with
verified
decision
procedures
written
in
Gallina
.
The
techniques
of
proof
by
reflection
address
both
complaints
.
We
will
be
able
to
write
proofs
like
in
the
example
above
with
constant
size
overhead
beyond
the
size
of
the
input
,
and
we
will
do
it
with
verified
decision
procedures
written
in
Gallina
.
For
this
example
,
we
begin
by
using
a
type
from
the
[
MoreSpecif
]
module
(
included
in
the
book
source
)
to
write
a
certified
evenness
checker
.
*
)
...
...
@@ -245,7 +245,7 @@ tautTrue
:
True
/
\
True
->
True
\
/
True
/
\
(
True
->
True
)
]]
It
is
worth
considering
how
the
reflective
tactic
improves
on
a
pure
-
Ltac
implementation
.
The
formula
reification
process
is
just
as
ad
-
hoc
as
before
,
so
we
gain
little
there
.
In
general
,
proofs
will
be
more
complicated
than
formula
translation
,
and
the
"generic proof rule"
that
we
apply
here
_
is_
on
much
better
formal
footing
than
a
recursive
Ltac
function
.
The
dependent
type
of
the
proof
guarantees
that
it
"works"
on
any
input
formula
.
This
is
all
in
addition
to
the
proof
-
size
improvement
that
we
have
already
seen
.
It
is
worth
considering
how
the
reflective
tactic
improves
on
a
pure
-
Ltac
implementation
.
The
formula
reification
process
is
just
as
ad
-
hoc
as
before
,
so
we
gain
little
there
.
In
general
,
proofs
will
be
more
complicated
than
formula
translation
,
and
the
"generic proof rule"
that
we
apply
here
_
is_
on
much
better
formal
footing
than
a
recursive
Ltac
function
.
The
dependent
type
of
the
proof
guarantees
that
it
"works"
on
any
input
formula
.
This
benefit
is
in
addition
to
the
proof
-
size
improvement
that
we
have
already
seen
.
It
may
also
be
worth
pointing
out
that
our
previous
example
of
evenness
testing
used
a
function
[
partialOut
]
for
sound
handling
of
input
goals
that
the
verified
decision
procedure
fails
to
prove
.
Here
,
we
prove
that
our
procedure
[
tautTrue
]
(
recall
that
an
inductive
proof
may
be
viewed
as
a
recursive
procedure
)
is
able
to
prove
any
goal
representable
in
[
taut
]
,
so
no
extra
step
is
necessary
.
*
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment