Improved WD Lemma Generation: Difference between revisions
imported>Desaperh mNo edit summary |
imported>Laurent Added introduction + structure |
||
Line 1: | Line 1: | ||
This page describes work in progress for optimising well-definedness lemmas generated by the Core Rodin platform. | This page describes work in progress for optimising well-definedness lemmas generated by the Core Rodin platform. | ||
The lemmas are generated according to the <math>\mathcal{L}</math> operator defined in [[Well-definedness in Event-B]]. However, this operator being defined as a syntactic transformation, it sometimes generates lemmas that are unnecessarily complicated. We first give some motivating examples showing cases where this happens, then we describe what result shall be produced by the tool. Finally, we describe the design retained for development. | |||
== Motivating examples == | == Motivating examples == | ||
Line 18: | Line 20: | ||
<math> \forall x.\lnot b=0 </math> | <math> \forall x.\lnot b=0 </math> | ||
This predicate is sub-optimal as <math> \forall x </math> is | This predicate is sub-optimal as <math> \forall x </math> is unnecessary. | ||
== Improved Generation == | |||
{{TODO|Fill the specification for operator <math>\mathcal{L'}</math>}} | |||
== Design for Improved Generation == | |||
{{TODO|Do the design}} | |||
[[Category:Developer documentation]] | [[Category:Developer documentation]][[Category:Proof]][[Category:Work in progress]] |
Revision as of 15:38, 21 April 2010
This page describes work in progress for optimising well-definedness lemmas generated by the Core Rodin platform.
The lemmas are generated according to the operator defined in Well-definedness in Event-B. However, this operator being defined as a syntactic transformation, it sometimes generates lemmas that are unnecessarily complicated. We first give some motivating examples showing cases where this happens, then we describe what result shall be produced by the tool. Finally, we describe the design retained for development.
Motivating examples
With Rodin 1.3, the well-definedness lemma generated for predicate is
This predicate is sub-optimal as it contains twice the same sub-predicate (). Consequently, when the prover is fed with the generated lemma, it will have to prove twice the same goal.
The well-definedness lemma generated for predicate is
This predicate is sub-optimal as the sub-predicate is subsumed by the sub-predicate . The prover doesn't need to prove if has been proved.
The well-definedness lemma generated for predicate is
This predicate is sub-optimal as is unnecessary.
Improved Generation
TODO: Fill the specification for operator
Design for Improved Generation
TODO: Do the design