annotate slide/slide.html @ 11:17b7605a5deb

add figures, some slides
author ryokka
date Sun, 13 Jan 2019 23:42:16 +0900
parents a87fec07fd78
children e8fe28afe61e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
1
a87fec07fd78 add slide
ryokka
parents:
diff changeset
2
a87fec07fd78 add slide
ryokka
parents:
diff changeset
3
a87fec07fd78 add slide
ryokka
parents:
diff changeset
4
a87fec07fd78 add slide
ryokka
parents:
diff changeset
5
a87fec07fd78 add slide
ryokka
parents:
diff changeset
6 <!DOCTYPE html>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
7 <html>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
8 <head>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
9 <meta http-equiv="content-type" content="text/html;charset=utf-8">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
10 <title>GearsOS の Hoare triple を用いた検証</title>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
11
a87fec07fd78 add slide
ryokka
parents:
diff changeset
12 <meta name="generator" content="Slide Show (S9) v4.0.1 on Ruby 2.4.1 (2017-03-22) [x86_64-darwin16]">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
13 <meta name="author" content="Masataka Hokama" >
a87fec07fd78 add slide
ryokka
parents:
diff changeset
14
a87fec07fd78 add slide
ryokka
parents:
diff changeset
15 <!-- style sheet links -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
16 <link rel="stylesheet" href="s6/themes/projection.css" media="screen,projection">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
17 <link rel="stylesheet" href="s6/themes/screen.css" media="screen">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
18 <link rel="stylesheet" href="s6/themes/print.css" media="print">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
19 <link rel="stylesheet" href="s6/themes/blank.css" media="screen,projection">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
20
a87fec07fd78 add slide
ryokka
parents:
diff changeset
21 <!-- JS -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
22 <script src="s6/js/jquery-1.11.3.min.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
23 <script src="s6/js/jquery.slideshow.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
24 <script src="s6/js/jquery.slideshow.counter.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
25 <script src="s6/js/jquery.slideshow.controls.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
26 <script src="s6/js/jquery.slideshow.footer.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
27 <script src="s6/js/jquery.slideshow.autoplay.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
28
a87fec07fd78 add slide
ryokka
parents:
diff changeset
29 <!-- prettify -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
30 <link rel="stylesheet" href="scripts/prettify.css">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
31 <script src="scripts/prettify.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
32
a87fec07fd78 add slide
ryokka
parents:
diff changeset
33 <script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
34 $(document).ready( function() {
a87fec07fd78 add slide
ryokka
parents:
diff changeset
35 Slideshow.init();
a87fec07fd78 add slide
ryokka
parents:
diff changeset
36
a87fec07fd78 add slide
ryokka
parents:
diff changeset
37 $('code').each(function(_, el) {
a87fec07fd78 add slide
ryokka
parents:
diff changeset
38 if (!el.classList.contains('noprettyprint')) {
a87fec07fd78 add slide
ryokka
parents:
diff changeset
39 el.classList.add('prettyprint');
a87fec07fd78 add slide
ryokka
parents:
diff changeset
40 }
a87fec07fd78 add slide
ryokka
parents:
diff changeset
41 });
a87fec07fd78 add slide
ryokka
parents:
diff changeset
42 prettyPrint();
a87fec07fd78 add slide
ryokka
parents:
diff changeset
43 } );
a87fec07fd78 add slide
ryokka
parents:
diff changeset
44
a87fec07fd78 add slide
ryokka
parents:
diff changeset
45 </script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
46
a87fec07fd78 add slide
ryokka
parents:
diff changeset
47 <!-- Better Browser Banner for Microsoft Internet Explorer (IE) -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
48 <!--[if IE]>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
49 <script src="s6/js/jquery.microsoft.js"></script>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
50 <![endif]-->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
51
a87fec07fd78 add slide
ryokka
parents:
diff changeset
52
a87fec07fd78 add slide
ryokka
parents:
diff changeset
53
a87fec07fd78 add slide
ryokka
parents:
diff changeset
54 </head>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
55 <body>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
56
a87fec07fd78 add slide
ryokka
parents:
diff changeset
57 <div class="layout">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
58 <div id="header"></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
59 <div id="footer">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
60 <div align="right">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
61 <img src="s6/images/logo.svg" width="200px">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
62 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
63 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
64 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
65
a87fec07fd78 add slide
ryokka
parents:
diff changeset
66 <div class="presentation">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
67
a87fec07fd78 add slide
ryokka
parents:
diff changeset
68 <div class='slide cover'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
69 <table width="90%" height="90%" border="0" align="center">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
70 <tr>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
71 <td>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
72 <div align="center">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
73 <h1><font color="#808db5">GearsOS の Hoare triple を用いた検証</font></h1>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
74 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
75 </td>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
76 </tr>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
77 <tr>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
78 <td>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
79 <div align="left">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
80 Masataka Hokama
a87fec07fd78 add slide
ryokka
parents:
diff changeset
81 琉球大学 : 並列信頼研究室
a87fec07fd78 add slide
ryokka
parents:
diff changeset
82 <hr style="color:#ffcc00;background-color:#ffcc00;text-align:left;border:none;width:100%;height:0.2em;">
a87fec07fd78 add slide
ryokka
parents:
diff changeset
83 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
84 </td>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
85 </tr>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
86 </table>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
87 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
88
a87fec07fd78 add slide
ryokka
parents:
diff changeset
89
a87fec07fd78 add slide
ryokka
parents:
diff changeset
90
a87fec07fd78 add slide
ryokka
parents:
diff changeset
91 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
92 <!-- 発表20分、質疑応答5分 -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
93
a87fec07fd78 add slide
ryokka
parents:
diff changeset
94
a87fec07fd78 add slide
ryokka
parents:
diff changeset
95 <!-- _S9SLIDE_ -->
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
96 <h2 id="研究背景">研究背景</h2>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
97 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
98 <li>OS やアプリケーションなどの信頼性は重要な課題</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
99 <li>信頼性を上げるために仕様を検証する必要</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
100 <li>仕様検証の手法として Floyd-Hoare Logic (以下 HoareLogic) がある
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
101 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
102 <li>事前条件(PreCondition)が成り立つとき、関数(Command)を実行、それが停止したとき、事後条件(PostCondition)を満たす</li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
103 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
104 </li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
105 <li>既存の言語ではあまり利用されていない(python の pyrefine ってコードチェッカーくらい…?)</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
106 </ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
107
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
108
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
109
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
110 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
111
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
112 <div class='slide'>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
113 <!-- _S9SLIDE_ -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
114 <h2 id="背景">背景</h2>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
115 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
116 <li>当研究室では 処理の単位を <strong>CodeGear</strong>、データの単位を <strong>DataGear</strong> としてプログラムを記述する手法を提案</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
117 <li>CodeGear は Input DataGear を受け取り、処理を行って Output DataGear に書き込む</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
118 <li>Gear 間の接続処理はメタ計算として定義
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
119 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
120 <li>メタ計算部分に検証を埋め込むことで通常処理に手を加えずに検証</li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
121 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
122 </li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
123 <li>本研究では Gears OS の信頼性を高めるため、 Gears の単位を用いた HoareLogic ベースの検証手法を提案する</li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
124 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
125
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
126 <p style="text-align:center;"><img src="./pic/cgdg-small.svg" alt="" width="75%" height="75%" /></p>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
127
a87fec07fd78 add slide
ryokka
parents:
diff changeset
128
a87fec07fd78 add slide
ryokka
parents:
diff changeset
129
a87fec07fd78 add slide
ryokka
parents:
diff changeset
130 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
131
a87fec07fd78 add slide
ryokka
parents:
diff changeset
132 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
133 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
134 <h2 id="gears-について">Gears について</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
135 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
136 <li><strong>Gears</strong> は当研究室で提案しているプログラム記述手法</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
137 <li>計算の単位を <strong>CodeGear</strong> 、データの単位を <strong>DataGear</strong></li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
138 <li>CodeGear は引数として Input の DataGear を受け取り、 Output の DataGear を返す</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
139 <li>Output の DataGear は次の CodeGear の Input として接続される
a87fec07fd78 add slide
ryokka
parents:
diff changeset
140 <!-- [fig1](file://./fig/cgdg.pdf) --></li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
141 <li>CodeGear の接続処理は通常の計算とは異なるメタ計算として定義
a87fec07fd78 add slide
ryokka
parents:
diff changeset
142 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
143 <li>メタ計算で信頼性の検証を行う</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
144 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
145 </li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
146 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
147
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
148 <!-- ![cgdg](./pic/codeGear_dataGear.pdf){} -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
149 <p style="text-align:center;"><img src="./pic/cgdg.svg" alt="" width="30%" height="30%" /></p>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
150
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
151
a87fec07fd78 add slide
ryokka
parents:
diff changeset
152
a87fec07fd78 add slide
ryokka
parents:
diff changeset
153 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
154
a87fec07fd78 add slide
ryokka
parents:
diff changeset
155 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
156 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
157 <h2 id="cbc-について">CbC について</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
158 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
159 <li>Gears の単位でプログラミングできる言語として CbC (Continuation based C) が存在</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
160 <li>現在の CbC では assert での検証ができる</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
161 <li>将来的には証明も扱えるようにしたいが現段階では未実装</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
162 <li>そのため Gears の単位を定理証明支援系の言語である <strong>Agda</strong> で記述し、 Agda 上で証明</li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
163 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
164
a87fec07fd78 add slide
ryokka
parents:
diff changeset
165
a87fec07fd78 add slide
ryokka
parents:
diff changeset
166
a87fec07fd78 add slide
ryokka
parents:
diff changeset
167 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
168
a87fec07fd78 add slide
ryokka
parents:
diff changeset
169 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
170 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
171 <h2 id="agda">Agda</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
172 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
173 <li>Agda は定理証明支援系の言語</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
174 <li>依存型を持つ関数型言語</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
175 <li>型を明記する必要がある</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
176 <li>Agda の文法については次のスライドから軽く説明する</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
177 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
178
a87fec07fd78 add slide
ryokka
parents:
diff changeset
179
a87fec07fd78 add slide
ryokka
parents:
diff changeset
180
a87fec07fd78 add slide
ryokka
parents:
diff changeset
181 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
182
a87fec07fd78 add slide
ryokka
parents:
diff changeset
183 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
184 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
185 <h2 id="agda-のデータ型">Agda のデータ型</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
186 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
187 <li>データ型は代数的なデータ構造</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
188 <li><strong>data</strong> キーワードの後に、<strong>名前 : 型</strong>、 where 句</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
189 <li>次の行以降は<strong>コンストラクタ名 : 型</strong></li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
190 <li>型は<strong>-&gt;</strong>または<strong>→</strong>で繋げる</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
191 <li>例えば、型<strong>PrimComm -&gt; Comm</strong>は<strong>PrimComm</strong> を受け取り<strong>Comm</strong>を返す型</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
192 <li>再帰的な定義も可能
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
193 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
194 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> data Comm : Set where
a87fec07fd78 add slide
ryokka
parents:
diff changeset
195 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> Skip : Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
196 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> Abort : Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
197 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> PComm : PrimComm -&gt; Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
198 <span class="line-numbers"><a href="#n5" name="n5">5</a></span> Seq : Comm -&gt; Comm -&gt; Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
199 <span class="line-numbers"><a href="#n6" name="n6">6</a></span> If : Cond -&gt; Comm -&gt; Comm -&gt; Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
200 <span class="line-numbers"><a href="#n7" name="n7">7</a></span> While : Cond -&gt; Comm -&gt; Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
201 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
202 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
203 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
204 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
205 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
206
a87fec07fd78 add slide
ryokka
parents:
diff changeset
207 <!-- - where は宣言した部分に束縛する -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
208
a87fec07fd78 add slide
ryokka
parents:
diff changeset
209
a87fec07fd78 add slide
ryokka
parents:
diff changeset
210
a87fec07fd78 add slide
ryokka
parents:
diff changeset
211 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
212
a87fec07fd78 add slide
ryokka
parents:
diff changeset
213 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
214 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
215 <h2 id="agda-のレコード型">Agda のレコード型</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
216 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
217 <li>C 言語での構造体に近い</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
218 <li>複数のデータをまとめる</li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
219 <li>関数内で構築できる</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
220 <li>構築時は<strong>レコード名 {フィールド名 = 値}</strong></li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
221 <li>複数ある場合は <strong>{フィールド1 = 1 ; フィールド2 = 2}</strong>のように <strong>;</strong> を使って列挙
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
222 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
223 <li>(varn,vari の型 <strong>ℕ</strong> は Agda 上の 自然数、 データ型で zero : ℕ と succ : ℕ -&gt; ℕ で定義されてる)
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
224 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
225 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span>record Env : Set where
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
226 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> field
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
227 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> varn : ℕ
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
228 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> vari : ℕ
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
229 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
230 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
231 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
232 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
233 </ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
234 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
235 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
236
a87fec07fd78 add slide
ryokka
parents:
diff changeset
237
a87fec07fd78 add slide
ryokka
parents:
diff changeset
238
a87fec07fd78 add slide
ryokka
parents:
diff changeset
239 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
240
a87fec07fd78 add slide
ryokka
parents:
diff changeset
241 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
242 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
243 <h2 id="agda-の関数">Agda の関数</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
244 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
245 <li>関数にも型が必要</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
246 <li>関数は <strong>関数名 = 値</strong></li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
247 <li>関数ではパターンマッチがかける</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
248 <li><strong>_</strong> は任意の引数
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
249 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
250 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> _-_ : ℕ → ℕ → ℕ
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
251 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> x - zero = x
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
252 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> zero - _ = zero
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
253 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> (suc x) - (suc y) = x - y
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
254 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
255 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
256 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
257 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
258 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
259
a87fec07fd78 add slide
ryokka
parents:
diff changeset
260
a87fec07fd78 add slide
ryokka
parents:
diff changeset
261
a87fec07fd78 add slide
ryokka
parents:
diff changeset
262 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
263
a87fec07fd78 add slide
ryokka
parents:
diff changeset
264 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
265 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
266 <h2 id="agda-での証明">Agda での証明</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
267 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
268 <li>関数の型に論理式</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
269 <li>関数自体にそれを満たす導出</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
270 <li>完成した関数は証明</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
271 <li><strong>{}</strong> は暗黙的(推論される)</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
272 <li>下のコードは自然数に 0 を足したとき値が変わらないことの証明
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
273 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
274 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> +zero : { y : ℕ } → y + zero ≡ y
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
275 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> +zero {zero} = refl
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
276 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> +zero {suc y} = cong ( λ x → suc x ) ( +zero {y} )
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
277 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
278 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
279 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
280 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
281 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
282
a87fec07fd78 add slide
ryokka
parents:
diff changeset
283
a87fec07fd78 add slide
ryokka
parents:
diff changeset
284
a87fec07fd78 add slide
ryokka
parents:
diff changeset
285 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
286
a87fec07fd78 add slide
ryokka
parents:
diff changeset
287 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
288 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
289 <h2 id="agda-上での-hoarelogic">Agda 上での HoareLogic</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
290 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
291 <li>現在 Agda での HoareLogic は初期のAgda の実装である Agda1(現在のものはAgda2)で実装されたものと
a87fec07fd78 add slide
ryokka
parents:
diff changeset
292 それを Agda2 に書き写したものが存在している。</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
293 <li>今回はAgda2側の HoareLogic で使うコマンド定義の一部と、コマンドの証明に使うルールを借りて説明を行う。</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
294 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
295
a87fec07fd78 add slide
ryokka
parents:
diff changeset
296
a87fec07fd78 add slide
ryokka
parents:
diff changeset
297
a87fec07fd78 add slide
ryokka
parents:
diff changeset
298 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
299
a87fec07fd78 add slide
ryokka
parents:
diff changeset
300 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
301 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
302 <h2 id="agda-での-hoarelogic-の理解">Agda での HoareLogic の理解</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
303 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
304 <li>HoareLogic を用いて次のようなプログラム(while Program)を検証した。
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
305 <div class="language-C highlighter-coderay"><div class="CodeRay">
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
306 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> n = <span style="color:#00D">10</span>;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
307 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> i = <span style="color:#00D">0</span>;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
308 <span class="line-numbers"><a href="#n3" name="n3">3</a></span>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
309 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> <span style="color:#080;font-weight:bold">while</span> (n&gt;<span style="color:#00D">0</span>)
a87fec07fd78 add slide
ryokka
parents:
diff changeset
310 <span class="line-numbers"><a href="#n5" name="n5">5</a></span> {
a87fec07fd78 add slide
ryokka
parents:
diff changeset
311 <span class="line-numbers"><a href="#n6" name="n6">6</a></span> i++;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
312 <span class="line-numbers"><a href="#n7" name="n7">7</a></span> n--;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
313 <span class="line-numbers"><a href="#n8" name="n8">8</a></span> }
a87fec07fd78 add slide
ryokka
parents:
diff changeset
314 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
315 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
316 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
317 </li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
318 <li>このプログラムは変数iとnをもち、 n&gt;0 の間nの値を減らし、i の値を増やす</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
319 <li>n==0のとき停止するため、終了時の変数の結果はi==10、n==0 になるはずである。</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
320 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
321
a87fec07fd78 add slide
ryokka
parents:
diff changeset
322
a87fec07fd78 add slide
ryokka
parents:
diff changeset
323
a87fec07fd78 add slide
ryokka
parents:
diff changeset
324 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
325
a87fec07fd78 add slide
ryokka
parents:
diff changeset
326 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
327 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
328 <h2 id="hoarelogic">HoareLogic</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
329 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
330 <li>Floyd-Hoare Logic (以下HoareLogic)は部分的な正当性を検証する</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
331 <li>プログラムは事前条件(Pre Condition)、事後条件(Post Condition)を持ち、条件がコマンドで更新され、事後条件になる</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
332 <li>事前、事後条件には変数や論理式、コマンドには代入や、繰り返し、条件分岐などがある。</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
333 <li>コマンドが正しく成り立つことを保証することで、このコマンドを用いて記述されたプログラムの部分的な正しさを検証する</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
334 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
335
a87fec07fd78 add slide
ryokka
parents:
diff changeset
336
a87fec07fd78 add slide
ryokka
parents:
diff changeset
337
a87fec07fd78 add slide
ryokka
parents:
diff changeset
338 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
339
a87fec07fd78 add slide
ryokka
parents:
diff changeset
340 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
341 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
342 <h2 id="agda-上での-hoarelogicコマンド定義">Agda 上での HoareLogic(コマンド定義)</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
343 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
344 <li>Env は while Program の変数である var n, i</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
345 <li><strong>PrimComm</strong> は代入時に使用される</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
346 <li><strong>Cond</strong> は Condition で Env を受け取って Boolean の値を返す
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
347 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
348 <div class="code"><pre><span class="line-numbers"> <a href="#n1" name="n1">1</a></span> record Env : Set where
a87fec07fd78 add slide
ryokka
parents:
diff changeset
349 <span class="line-numbers"> <a href="#n2" name="n2">2</a></span> field
a87fec07fd78 add slide
ryokka
parents:
diff changeset
350 <span class="line-numbers"> <a href="#n3" name="n3">3</a></span> varn : ℕ
a87fec07fd78 add slide
ryokka
parents:
diff changeset
351 <span class="line-numbers"> <a href="#n4" name="n4">4</a></span> vari : ℕ
a87fec07fd78 add slide
ryokka
parents:
diff changeset
352 <span class="line-numbers"> <a href="#n5" name="n5">5</a></span>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
353 <span class="line-numbers"> <a href="#n6" name="n6">6</a></span> PrimComm : Set
a87fec07fd78 add slide
ryokka
parents:
diff changeset
354 <span class="line-numbers"> <a href="#n7" name="n7">7</a></span> PrimComm = Env → Env
a87fec07fd78 add slide
ryokka
parents:
diff changeset
355 <span class="line-numbers"> <a href="#n8" name="n8">8</a></span>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
356 <span class="line-numbers"> <a href="#n9" name="n9">9</a></span> Cond : Set
a87fec07fd78 add slide
ryokka
parents:
diff changeset
357 <span class="line-numbers"><strong><a href="#n10" name="n10">10</a></strong></span> Cond = (Env → Bool)
a87fec07fd78 add slide
ryokka
parents:
diff changeset
358 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
359 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
360 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
361 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
362 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
363
a87fec07fd78 add slide
ryokka
parents:
diff changeset
364
a87fec07fd78 add slide
ryokka
parents:
diff changeset
365
a87fec07fd78 add slide
ryokka
parents:
diff changeset
366 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
367
a87fec07fd78 add slide
ryokka
parents:
diff changeset
368 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
369 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
370 <h2 id="agda-上での-hoarelogicコマンド定義-1">Agda 上での HoareLogic(コマンド定義)</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
371 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
372 <li><strong>Comm</strong> は Agda のデータ型で定義した HoareLogic の Command
a87fec07fd78 add slide
ryokka
parents:
diff changeset
373 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
374 <li><strong>Skip</strong> は何も変更しない</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
375 <li><strong>PComm</strong> は変数を代入する</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
376 <li><strong>Seq</strong> は Command を実行して次の Command に移す</li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
377 <li><strong>If</strong> は Cond と2つの Comm を受け取り Cond の状態により実行する Comm を変える</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
378 <li><strong>while</strong> は Cond と Comm を受け取り Cond の中身が真である間 Comm を繰り返す
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
379 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
380 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span>data Comm : Set where
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
381 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> Skip : Comm
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
382 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> Abort : Comm
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
383 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> PComm : PrimComm -&gt; Comm
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
384 <span class="line-numbers"><a href="#n5" name="n5">5</a></span> Seq : Comm -&gt; Comm -&gt; Comm
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
385 <span class="line-numbers"><a href="#n6" name="n6">6</a></span> If : Cond -&gt; Comm -&gt; Comm -&gt; Comm
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
386 <span class="line-numbers"><a href="#n7" name="n7">7</a></span> While : Cond -&gt; Comm -&gt; Comm
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
387 </pre></div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
388 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
389 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
390 </li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
391 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
392 </li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
393 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
394
a87fec07fd78 add slide
ryokka
parents:
diff changeset
395
a87fec07fd78 add slide
ryokka
parents:
diff changeset
396
a87fec07fd78 add slide
ryokka
parents:
diff changeset
397 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
398
a87fec07fd78 add slide
ryokka
parents:
diff changeset
399 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
400 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
401 <h2 id="agda-上での-hoarelogic実際のプログラムの記述">Agda 上での HoareLogic(実際のプログラムの記述)</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
402 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
403 <li>Command を使って while Program を記述した。</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
404 <li><strong>$</strong> は <strong>()</strong> の糖衣で行頭から行末までを ( ) で囲う
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
405 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
406 <li>見やすさのため改行しているため 3~7 行はまとまっている</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
407 </ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
408 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
409 <li>Seq は Comm を2つ取って次の Comm に移行する
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
410 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
411 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> program : Comm
a87fec07fd78 add slide
ryokka
parents:
diff changeset
412 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> program =
a87fec07fd78 add slide
ryokka
parents:
diff changeset
413 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> Seq ( PComm (λ env → record env {varn = 10}))
a87fec07fd78 add slide
ryokka
parents:
diff changeset
414 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> $ Seq ( PComm (λ env → record env {vari = 0}))
a87fec07fd78 add slide
ryokka
parents:
diff changeset
415 <span class="line-numbers"><a href="#n5" name="n5">5</a></span> $ While (λ env → lt zero (varn env ) )
a87fec07fd78 add slide
ryokka
parents:
diff changeset
416 <span class="line-numbers"><a href="#n6" name="n6">6</a></span> (Seq (PComm (λ env → record env {vari = ((vari env) + 1)} ))
a87fec07fd78 add slide
ryokka
parents:
diff changeset
417 <span class="line-numbers"><a href="#n7" name="n7">7</a></span> $ PComm (λ env → record env {varn = ((varn env) - 1)} ))
a87fec07fd78 add slide
ryokka
parents:
diff changeset
418 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
419 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
420 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
421 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
422 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
423
a87fec07fd78 add slide
ryokka
parents:
diff changeset
424
a87fec07fd78 add slide
ryokka
parents:
diff changeset
425
a87fec07fd78 add slide
ryokka
parents:
diff changeset
426 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
427
a87fec07fd78 add slide
ryokka
parents:
diff changeset
428 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
429 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
430 <h2 id="agda-上での-hoarelogicの理解">Agda 上での HoareLogicの理解</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
431 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
432 <li>規則は HTProof にまとめられてる</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
433 <li><strong>PrimRule</strong> は <strong>PComm</strong> で行う代入を保証する</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
434 <li>3行目の pr の型 Axiom は PreCondition に PrimComm が適用されると PostCondition になることの記述
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
435 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
436 <li><strong><em>⇒</em></strong> は pre, post の Condition をとって post の Condition が成り立つときに True を返す関数</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
437 </ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
438 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
439 <li>SkipRule は PreCondition を変更しないことの保証</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
440 <li>AbortRule は プログラムが停止するときのルール
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
441 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
442 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> data HTProof : Cond -&gt; Comm -&gt; Cond -&gt; Set where
a87fec07fd78 add slide
ryokka
parents:
diff changeset
443 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> PrimRule : {bPre : Cond} -&gt; {pcm : PrimComm} -&gt; {bPost : Cond} -&gt;
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
444 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> (pr : Axiom bPre pcm bPost) -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
445 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> HTProof bPre (PComm pcm) bPost
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
446 <span class="line-numbers"><a href="#n5" name="n5">5</a></span> SkipRule : (b : Cond) -&gt; HTProof b Skip b
a87fec07fd78 add slide
ryokka
parents:
diff changeset
447 <span class="line-numbers"><a href="#n6" name="n6">6</a></span> AbortRule : (bPre : Cond) -&gt; (bPost : Cond) -&gt;
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
448 <span class="line-numbers"><a href="#n7" name="n7">7</a></span> HTProof bPre Abort bPost
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
449 <span class="line-numbers"><a href="#n8" name="n8">8</a></span>-- 次のスライドに続く
a87fec07fd78 add slide
ryokka
parents:
diff changeset
450 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
451 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
452 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
453 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
454 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> Axiom : Cond -&gt; PrimComm -&gt; Cond -&gt; Set
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
455 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> Axiom pre comm post = ∀ (env : Env) → (pre env) ⇒ ( post (comm env)) ≡ true
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
456 </pre></div>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
457 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
458 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
459 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
460 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
461
a87fec07fd78 add slide
ryokka
parents:
diff changeset
462
a87fec07fd78 add slide
ryokka
parents:
diff changeset
463
a87fec07fd78 add slide
ryokka
parents:
diff changeset
464 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
465
a87fec07fd78 add slide
ryokka
parents:
diff changeset
466 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
467 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
468 <h2 id="agda-上での-hoarelogicの理解-1">Agda 上での HoareLogicの理解</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
469 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
470 <li><strong>SeqRule</strong> は Command を推移させる Seq の保証</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
471 <li><strong>IfRule</strong> は If の Command が正しく動くことを保証
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
472 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
473 <div class="code"><pre><span class="line-numbers"> <a href="#n1" name="n1">1</a></span>-- HTProof の続き
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
474 <span class="line-numbers"> <a href="#n2" name="n2">2</a></span> SeqRule : {bPre : Cond} -&gt; {cm1 : Comm} -&gt; {bMid : Cond} -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
475 <span class="line-numbers"> <a href="#n3" name="n3">3</a></span> {cm2 : Comm} -&gt; {bPost : Cond} -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
476 <span class="line-numbers"> <a href="#n4" name="n4">4</a></span> HTProof bPre cm1 bMid -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
477 <span class="line-numbers"> <a href="#n5" name="n5">5</a></span> HTProof bMid cm2 bPost -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
478 <span class="line-numbers"> <a href="#n6" name="n6">6</a></span> HTProof bPre (Seq cm1 cm2) bPost
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
479 <span class="line-numbers"> <a href="#n7" name="n7">7</a></span> IfRule : {cmThen : Comm} -&gt; {cmElse : Comm} -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
480 <span class="line-numbers"> <a href="#n8" name="n8">8</a></span> {bPre : Cond} -&gt; {bPost : Cond} -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
481 <span class="line-numbers"> <a href="#n9" name="n9">9</a></span> {b : Cond} -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
482 <span class="line-numbers"><strong><a href="#n10" name="n10">10</a></strong></span> HTProof (bPre /\ b) cmThen bPost -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
483 <span class="line-numbers"><a href="#n11" name="n11">11</a></span> HTProof (bPre /\ neg b) cmElse bPost -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
484 <span class="line-numbers"><a href="#n12" name="n12">12</a></span> HTProof bPre (If b cmThen cmElse) bPost
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
485 </pre></div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
486 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
487 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
488 </li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
489 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
490
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
491
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
492
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
493 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
494
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
495 <div class='slide'>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
496 <!-- _S9SLIDE_ -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
497 <h2 id="agda-上での-hoarelogicの理解-2">Agda 上での HoareLogicの理解</h2>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
498 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
499 <li><strong>WeakeningRule</strong> は通常の Condition からループ不変条件(Loop Invaliant)に変換</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
500 <li>Tautology は Condition と不変条件が等しく成り立つ</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
501 <li><strong>WhileRule</strong> はループ不変条件が成り立つ間 Comm を繰り返す
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
502 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
503 <div class="code"><pre><span class="line-numbers"> <a href="#n1" name="n1">1</a></span>-- HTProof の続き
a87fec07fd78 add slide
ryokka
parents:
diff changeset
504 <span class="line-numbers"> <a href="#n2" name="n2">2</a></span> WeakeningRule : {bPre : Cond} -&gt; {bPre' : Cond} -&gt; {cm : Comm} -&gt;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
505 <span class="line-numbers"> <a href="#n3" name="n3">3</a></span> {bPost' : Cond} -&gt; {bPost : Cond} -&gt;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
506 <span class="line-numbers"> <a href="#n4" name="n4">4</a></span> Tautology bPre bPre' -&gt;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
507 <span class="line-numbers"> <a href="#n5" name="n5">5</a></span> HTProof bPre' cm bPost' -&gt;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
508 <span class="line-numbers"> <a href="#n6" name="n6">6</a></span> Tautology bPost' bPost -&gt;
a87fec07fd78 add slide
ryokka
parents:
diff changeset
509 <span class="line-numbers"> <a href="#n7" name="n7">7</a></span> HTProof bPre cm bPost
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
510 <span class="line-numbers"> <a href="#n8" name="n8">8</a></span> WhileRule : {cm : Comm} -&gt; {bInv : Cond} -&gt; {b : Cond} -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
511 <span class="line-numbers"> <a href="#n9" name="n9">9</a></span> HTProof (bInv /\ b) cm bInv -&gt;
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
512 <span class="line-numbers"><strong><a href="#n10" name="n10">10</a></strong></span> HTProof bInv (While b cm) (bInv /\ neg b)
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
513 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
514 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
515 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
516 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
517 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> Tautology : Cond -&gt; Cond -&gt; Set
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
518 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> Tautology pre post = ∀ (env : Env) → (pre env) ⇒ (post env) ≡ true
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
519 </pre></div>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
520 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
521 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
522 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
523 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
524
a87fec07fd78 add slide
ryokka
parents:
diff changeset
525
a87fec07fd78 add slide
ryokka
parents:
diff changeset
526
a87fec07fd78 add slide
ryokka
parents:
diff changeset
527 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
528
a87fec07fd78 add slide
ryokka
parents:
diff changeset
529 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
530 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
531 <h2 id="agda-上での-hoarelogic証明">Agda 上での HoareLogic(証明)</h2>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
532 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
533 <li><strong>proof1</strong> は while Program の証明</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
534 <li>HTProof に 初期状態とコマンドで書かれた <strong>program</strong> と終了状態を渡す</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
535 <li>lemma1~5は rule それぞれの証明</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
536 <li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
537 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
538 <div class="code"><pre><span class="line-numbers"> <a href="#n1" name="n1">1</a></span>proof1 : HTProof initCond program termCond
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
539 <span class="line-numbers"> <a href="#n2" name="n2">2</a></span>proof1 =
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
540 <span class="line-numbers"> <a href="#n3" name="n3">3</a></span> SeqRule {λ e → true} ( PrimRule empty-case )
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
541 <span class="line-numbers"> <a href="#n4" name="n4">4</a></span> $ SeqRule {λ e → Equal (varn e) 10} ( PrimRule lemma1 )
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
542 <span class="line-numbers"> <a href="#n5" name="n5">5</a></span> $ WeakeningRule {λ e → (Equal (varn e) 10) ∧ (Equal (vari e) 0)} lemma2 (
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
543 <span class="line-numbers"> <a href="#n6" name="n6">6</a></span> WhileRule {_} {λ e → Equal ((varn e) + (vari e)) 10}
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
544 <span class="line-numbers"> <a href="#n7" name="n7">7</a></span> $ SeqRule (PrimRule {λ e → whileInv e ∧ lt zero (varn e) } lemma3 )
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
545 <span class="line-numbers"> <a href="#n8" name="n8">8</a></span> $ PrimRule {whileInv'} {_} {whileInv} lemma4 ) lemma5
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
546 <span class="line-numbers"> <a href="#n9" name="n9">9</a></span>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
547 <span class="line-numbers"><strong><a href="#n10" name="n10">10</a></strong></span>initCond : Cond
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
548 <span class="line-numbers"><a href="#n11" name="n11">11</a></span>initCond env = true
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
549 <span class="line-numbers"><a href="#n12" name="n12">12</a></span>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
550 <span class="line-numbers"><a href="#n13" name="n13">13</a></span>termCond : {c10 : ℕ} → Cond
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
551 <span class="line-numbers"><a href="#n14" name="n14">14</a></span>termCond {c10} env = Equal (vari env) c10
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
552 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
553 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
554 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
555 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
556 </ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
557
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
558 <p><!-- program : Comm -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
559 <!-- program = -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
560 <!-- Seq ( PComm (λ env → record env {varn = 10})) -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
561 <!-- $ Seq ( PComm (λ env → record env {vari = 0})) -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
562 <!-- $ While (λ env → lt zero (varn env ) ) -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
563 <!-- (Seq (PComm (λ env → record env {vari = ((vari env) + 1)} )) -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
564 <!-- $ PComm (λ env → record env {varn = ((varn env) - 1)} )) --></p>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
565
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
566
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
567
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
568 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
569
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
570 <div class='slide'>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
571 <!-- _S9SLIDE_ -->
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
572 <h2 id="証明の一部">証明の一部</h2>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
573 <ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
574 <li>型だけ載せる</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
575 <li>基本的な証明方法は Condtition を変化させて次の Condition が成り立つように変形する</li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
576 <li>impl⇒
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
577 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
578 <div class="code"><pre><span class="line-numbers"> <a href="#n1" name="n1">1</a></span> lemma1 : {c10 : ℕ} → Axiom (stmt1Cond {c10}) (λ env → record { varn = varn env ; vari = 0 }) (stmt2Cond {c10})
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
579 <span class="line-numbers"> <a href="#n2" name="n2">2</a></span> lemma1 {c10} env = impl⇒ ( λ cond → let open ≡-Reasoning in
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
580 <span class="line-numbers"> <a href="#n3" name="n3">3</a></span> begin
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
581 <span class="line-numbers"> <a href="#n4" name="n4">4</a></span> (Equal (varn env) c10 ) ∧ true
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
582 <span class="line-numbers"> <a href="#n5" name="n5">5</a></span> ≡⟨ ∧true ⟩
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
583 <span class="line-numbers"> <a href="#n6" name="n6">6</a></span> Equal (varn env) c10
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
584 <span class="line-numbers"> <a href="#n7" name="n7">7</a></span> ≡⟨ cond ⟩
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
585 <span class="line-numbers"> <a href="#n8" name="n8">8</a></span> true
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
586 <span class="line-numbers"> <a href="#n9" name="n9">9</a></span> ∎ )
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
587 </pre></div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
588 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
589 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
590
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
591 <p><!-- lemma2 : {c10 : ℕ} → Tautology stmt2Cond whileInv --></p>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
592
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
593 <p><!-- lemma3 : Axiom (λ e → whileInv e ∧ lt zero (varn e)) (λ env → record { varn = varn env ; vari = vari env + 1 }) whileInv' --></p>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
594
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
595 <p><!-- lemma4 : {c10 : ℕ} → Axiom whileInv' (λ env → record { varn = varn env - 1 ; vari = vari env }) whileInv --></p>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
596
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
597 <p><!-- lemma5 : {c10 : ℕ} → Tautology ((λ e → Equal (varn e + vari e) c10) and (neg (λ z → lt zero (varn z)))) termCond --></p>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
598 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
599 </ul>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
600
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
601
a87fec07fd78 add slide
ryokka
parents:
diff changeset
602
a87fec07fd78 add slide
ryokka
parents:
diff changeset
603 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
604
a87fec07fd78 add slide
ryokka
parents:
diff changeset
605 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
606 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
607 <h2 id="agda-での-gears">Agda での Gears</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
608 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
609 <li>Agda での CodeGear は通常の関数とは異なり、継続渡し (CPS : Continuation Passing Style) で記述された関数</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
610 <li>CPS の関数は引数として継続を受け取って継続に計算結果を渡す</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
611 <li><strong>名前 : 引数 -&gt; (Code : fa -&gt; t) -&gt; t</strong></li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
612 <li><strong>t</strong> は継続</li>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
613 <li><strong>(Code : fa -&gt; t)</strong> は次の継続先</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
614 <li>DataGear は Agda での CodeGear に使われる引数
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
615 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
616 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span>_g-_ : {t : Set} → ℕ → ℕ → (Code : ℕ → t) → t
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
617 <span class="line-numbers"><a href="#n2" name="n2">2</a></span>x g- zero next = next x
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
618 <span class="line-numbers"><a href="#n3" name="n3">3</a></span>zero g- _ = next zero
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
619 <span class="line-numbers"><a href="#n4" name="n4">4</a></span>(suc x) g- (suc y) = next (x g- y)
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
620 </pre></div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
621 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
622 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
623 </li>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
624 </ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
625
a87fec07fd78 add slide
ryokka
parents:
diff changeset
626
a87fec07fd78 add slide
ryokka
parents:
diff changeset
627
a87fec07fd78 add slide
ryokka
parents:
diff changeset
628 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
629
a87fec07fd78 add slide
ryokka
parents:
diff changeset
630 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
631 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
632 <h2 id="gears-をベースにした-hoarelogic">Gears をベースにした HoareLogic</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
633 <ul>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
634 <li>次に Gears をベースにした while Program をみる。</li>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
635 <li>このプログラムは自然数と継続先を受け取って t を返す
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
636 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
637 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> {-# TERMINATING #-}
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
638 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> whileLoop : {l : Level} {t : Set l} -&gt; Env -&gt; (Code : Env -&gt; t) -&gt; t
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
639 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> whileLoop env next with lt 0 (varn env)
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
640 <span class="line-numbers"><a href="#n4" name="n4">4</a></span> whileLoop env next | false = next env
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
641 <span class="line-numbers"><a href="#n5" name="n5">5</a></span> whileLoop env next | true =
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
642 <span class="line-numbers"><a href="#n6" name="n6">6</a></span> whileLoop (record {varn = (varn env) - 1 ; vari = (vari env) + 1}) next
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
643 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
644 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
645 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
646 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
647 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
648
a87fec07fd78 add slide
ryokka
parents:
diff changeset
649
a87fec07fd78 add slide
ryokka
parents:
diff changeset
650
a87fec07fd78 add slide
ryokka
parents:
diff changeset
651 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
652
a87fec07fd78 add slide
ryokka
parents:
diff changeset
653 <div class='slide'>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
654 <!-- _S9SLIDE_ -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
655 <h2 id="gears-と-hoarelogic-をベースにした証明">Gears と HoareLogic をベースにした証明</h2>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
656 <ul>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
657 <li>ここでは
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
658 <div class="language-AGDA highlighter-coderay"><div class="CodeRay">
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
659 <div class="code"><pre><span class="line-numbers"><a href="#n1" name="n1">1</a></span> proofGears : {c10 : ℕ } → Set
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
660 <span class="line-numbers"><a href="#n2" name="n2">2</a></span> proofGears {c10} = whileTest' {_} {_} {c10} (λ n p1 → conversion1 n p1
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
661 <span class="line-numbers"><a href="#n3" name="n3">3</a></span> (λ n1 p2 → whileLoop' n1 p2 (λ n2 → ( vari n2 ≡ c10 ))))
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
662 </pre></div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
663 </div>
11
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
664 </div>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
665 </li>
17b7605a5deb add figures, some slides
ryokka
parents: 10
diff changeset
666 </ul>
10
a87fec07fd78 add slide
ryokka
parents:
diff changeset
667
a87fec07fd78 add slide
ryokka
parents:
diff changeset
668 <p>&lt;–!
a87fec07fd78 add slide
ryokka
parents:
diff changeset
669 [論文目次]
a87fec07fd78 add slide
ryokka
parents:
diff changeset
670 まえがき</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
671
a87fec07fd78 add slide
ryokka
parents:
diff changeset
672 <p>現状</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
673
a87fec07fd78 add slide
ryokka
parents:
diff changeset
674 <p>Agda</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
675
a87fec07fd78 add slide
ryokka
parents:
diff changeset
676 <p>GearsOS</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
677
a87fec07fd78 add slide
ryokka
parents:
diff changeset
678 <p>CodeGear DataGear</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
679
a87fec07fd78 add slide
ryokka
parents:
diff changeset
680 <p>Gears と Agda</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
681
a87fec07fd78 add slide
ryokka
parents:
diff changeset
682 <p>Agda での HoareLogic</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
683
a87fec07fd78 add slide
ryokka
parents:
diff changeset
684 <p>Gears ベースの HoareLogic</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
685
a87fec07fd78 add slide
ryokka
parents:
diff changeset
686 <p>まとめと課題</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
687
a87fec07fd78 add slide
ryokka
parents:
diff changeset
688 <p>–&gt;</p>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
689
a87fec07fd78 add slide
ryokka
parents:
diff changeset
690 </div>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
691
a87fec07fd78 add slide
ryokka
parents:
diff changeset
692
a87fec07fd78 add slide
ryokka
parents:
diff changeset
693 </div><!-- presentation -->
a87fec07fd78 add slide
ryokka
parents:
diff changeset
694 </body>
a87fec07fd78 add slide
ryokka
parents:
diff changeset
695 </html>