-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathBigStep.hs
115 lines (84 loc) · 3.62 KB
/
BigStep.hs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
{-@ LIQUID "--reflection" @-}
{-@ LIQUID "--diff" @-}
{-@ LIQUID "--ple" @-}
{-@ LIQUID "--short-names" @-}
{-@ infixr ++ @-} -- TODO: Silly to have to rewrite this annotation!
{-# LANGUAGE GADTs #-}
module BigStep where
import Prelude hiding ((++))
import ProofCombinators
import qualified State as S
import Expressions hiding (And)
import Imp
{-
BStep c s1 s2
------------------[BSkip]
BStep Skip s s
s' = set x (aval a s) s
----------------------------------[BAssign]
BStep (x := a) s s'
BStep c1 s smid BStep c2 smid s'
----------------------------------------[BSeq]
BStep (c1; c2) s s'
bval b s1 = TRUE BStep c1 s s'
----------------------------------------
BStep (If b c1 c2) s s'
bval b s = FALSE BStep c2 s s'
-------------------------------
BStep (If b c1 c2) s s'
WHILE
-}
--------------------------------------------------------------------------------
-- | Big-step Semantics
--------------------------------------------------------------------------------
data BStepP where
BStep :: Com -> State -> State -> BStepP
data BStep where
BSkip :: State -> BStep
BAssign :: Vname -> AExp -> State -> BStep
BSeq :: Com -> Com -> State -> State -> State -> BStep -> BStep -> BStep
BIfT :: BExp -> Com -> Com -> State -> State -> BStep -> BStep
BIfF :: BExp -> Com -> Com -> State -> State -> BStep -> BStep
BWhileF :: BExp -> Com -> State -> BStep
BWhileT :: BExp -> Com -> State -> State -> State -> BStep -> BStep -> BStep
{-@ data BStep where
BSkip :: s:State
-> Prop (BStep Skip s s)
| BAssign :: x:Vname -> a:AExp -> s:State
-> Prop (BStep (Assign x a) s (asgn x a s))
| BSeq :: c1:Com -> c2:Com -> s1:State -> s2:State -> s3:State
-> Prop (BStep c1 s1 s2) -> Prop (BStep c2 s2 s3)
-> Prop (BStep (Seq c1 c2) s1 s3)
| BIfT :: b:BExp -> c1:Com -> c2:Com -> s:{State | bval b s} -> s1:State
-> Prop (BStep c1 s s1) -> Prop (BStep (If b c1 c2) s s1)
| BIfF :: b:BExp -> c1:Com -> c2:Com -> s:{State | not (bval b s)} -> s2:State
-> Prop (BStep c2 s s2) -> Prop (BStep (If b c1 c2) s s2)
| BWhileF :: b:BExp -> c:Com -> s:{State | not (bval b s)}
-> Prop (BStep (While b c) s s)
| BWhileT :: b:BExp -> c:Com -> s1:{State | bval b s1} -> s1':State -> s2:State
-> Prop (BStep c s1 s1') -> Prop (BStep (While b c) s1' s2)
-> Prop (BStep (While b c) s1 s2)
@-}
{-@ reflect cmd_1 @-}
cmd_1 = "x" <~ N 5
{-@ reflect cmd_2 @-}
cmd_2 = "y" <~ (V "x")
{-@ reflect cmd_1_2 @-}
cmd_1_2 = cmd_1 @@ cmd_2
{-@ reflect prop_set @-}
prop_set cmd x v s = BStep cmd s (S.set s x v)
{-@ step_1 :: s:State -> Prop (prop_set cmd_1 {"x"} 5 s) @-}
step_1 s = BAssign "x" (N 5) s
{-@ step_2 :: s:{State | S.get s "x" == 5} -> Prop (prop_set cmd_2 {"y"} 5 s) @-}
step_2 s = BAssign "y" (V "x") s
{-@ step_1_2 :: s:State -> Prop (BStep cmd_1_2 s (S.set (S.set s {"x"} 5) {"y"} 5)) @-}
step_1_2 s = BSeq cmd_1 cmd_2 s s1 s2 (step_1 s) (step_2 s1)
where
s1 = S.set s "x" 5
s2 = S.set s1 "y" 5
-------------------------------------------------------------------------------
-- | We say `Sim c1 c2` or `c1` is simulated by `c2` if
-- the transitions of `c1` are contained within those of `c2`
-------------------------------------------------------------------------------
{-@ type Sim C1 C2 = s:State -> t:State -> Prop (BStep C1 s t) -> Prop (BStep C2 s t) @-}
type SimT = State -> State -> BStep -> BStep