Wiki Agenda Contact Version française

Pigeonhole principle

Pigeonhole principle (aka Dirichlet's drawer principle) proved using a lemma function.


Authors: Jean-Christophe Filliâtre

Topics: Mathematics / Ghost code

Tools: Why3

see also the index (by topic, by tool, by reference, by year)


Pigeonhole principle (also know as Dirichlet's drawer principle)

Proved using a lemma function.

module Pigeonhole

  use int.Int
  use set.Fset
  use ref.Ref

  let rec below (n: int) : set int
    requires { 0 <= n }
    ensures  { forall i. mem i result <-> 0 <= i < n }
    ensures  { cardinal result = n }
    variant  { n }
  = if n = 0 then empty else add (n-1) (below (n-1))

  let lemma pigeonhole (n m: int) (f: int -> int)
    requires { 0 <= m < n }
    requires { forall i. 0 <= i < n -> 0 <= f i < m }
    ensures  { exists i1, i2. 0 <= i1 < i2 < n /\ f i1 = f i2 }
  =
    let s = ref empty in
    for i = 0 to n-1 do
      invariant { cardinal !s = i }
      invariant { forall x. mem x !s <-> (exists j. 0 <= j < i /\ x = f j) }
      if mem (f i) !s then return;
      s := add (f i) !s
    done;
    let b = below m in assert { subset !s b };
    absurd

end

download ZIP archive

Why3 Proof Results for Project "pigeonhole"

Theory "pigeonhole.Pigeonhole": not fully verified

ObligationsAlt-Ergo 1.30
VC below0.02
VC pigeonhole---
split_goal_right
VC pigeonhole.10.01
VC pigeonhole.20.00
VC pigeonhole.30.00
VC pigeonhole.40.00
VC pigeonhole.50.01
VC pigeonhole.60.00
VC pigeonhole.70.00
VC pigeonhole.80.00
VC pigeonhole.90.00