Mercurial > hg > Papers > 2022 > soto-sigos

annotate Paper/src/agda-hoare-soundness.agda @ 0:14a0e409d574

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ADD fast commit
author soto <soto@cr.ie.u-ryukyu.ac.jp>
date Sun, 24 Apr 2022 23:13:44 +0900
parents
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1 Soundness : {bPre : Cond} -> {cm : Comm} -> {bPost : Cond} ->
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
2 HTProof bPre cm bPost -> Satisfies bPre cm bPost
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
3 Soundness (PrimRule {bPre} {cm} {bPost} pr) s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
4 = axiomValid bPre cm bPost pr s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
5 Soundness {.bPost} {.Skip} {bPost} (SkipRule .bPost) s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
6 = substId1 State {Level.zero} {State} {s1} {s2} (proj₂ q2) (SemCond bPost) q1
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
7 Soundness {bPre} {.Abort} {bPost} (AbortRule .bPre .bPost) s1 s2 q1 ()
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
8 Soundness (WeakeningRule {bPre} {bPre'} {cm} {bPost'} {bPost} tautPre pr tautPost)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
9 s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
10 = let hyp : Satisfies bPre' cm bPost'
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
11 hyp = Soundness pr
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
12 in tautValid bPost' bPost tautPost s2 (hyp s1 s2 (tautValid bPre bPre' tautPre s1 q1) q2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
13 Soundness (SeqRule {bPre} {cm1} {bMid} {cm2} {bPost} pr1 pr2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
14 s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
15 = let hyp1 : Satisfies bPre cm1 bMid
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
16 hyp1 = Soundness pr1
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
17 hyp2 : Satisfies bMid cm2 bPost
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
18 hyp2 = Soundness pr2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
19 in hyp2 (proj₁ q2) s2 (hyp1 s1 (proj₁ q2) q1 (proj₁ (proj₂ q2))) (proj₂ (proj₂ q2))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
20 Soundness (IfRule {cmThen} {cmElse} {bPre} {bPost} {b} pThen pElse)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
21 s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
22 = let hypThen : Satisfies (bPre /\ b) cmThen bPost
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
23 hypThen = Soundness pThen
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
24 hypElse : Satisfies (bPre /\ neg b) cmElse bPost
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
25 hypElse = Soundness pElse
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
26 rThen : RelOpState.comp (RelOpState.delta (SemCond b))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
27 (SemComm cmThen) s1 s2 -> SemCond bPost s2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
28 rThen = λ h -> hypThen s1 s2 ((proj₂ (respAnd bPre b s1)) (q1 , proj₁ t1))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
29 (proj₂ ((proj₂ (RelOpState.deltaRestPre (SemCond b) (SemComm cmThen) s1 s2)) h))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
30 rElse : RelOpState.comp (RelOpState.delta (NotP (SemCond b)))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
31 (SemComm cmElse) s1 s2 -> SemCond bPost s2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
32 rElse = λ h ->
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
33 let t10 : (NotP (SemCond b) s1) × (SemComm cmElse s1 s2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
34 t10 = proj₂ (RelOpState.deltaRestPre
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
35 (NotP (SemCond b)) (SemComm cmElse) s1 s2) h
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
36 in hypElse s1 s2 (proj₂ (respAnd bPre (neg b) s1)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
37 (q1 , (proj₂ (respNeg b s1) (proj₁ t10)))) (proj₂ t10)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
38 in when rThen rElse q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
39 Soundness (WhileRule {cm'} {bInv} {b} pr) s1 s2 q1 q2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
40 = proj₂ (respAnd bInv (neg b) s2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
41 (lem1 (proj₁ q2) s2 (proj₁ t15) , proj₂ (respNeg b s2) (proj₂ t15))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
42 where
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
43 hyp : Satisfies (bInv /\ b) cm' bInv
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
44 hyp = Soundness pr
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
45 Rel1 : ℕ -> Rel State (Level.zero)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
46 Rel1 = λ m ->
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
47 RelOpState.repeat
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
48 m
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
49 (RelOpState.comp (RelOpState.delta (SemCond b))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
50 (SemComm cm'))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
51 t15 : (Rel1 (proj₁ q2) s1 s2) × (NotP (SemCond b) s2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
52 t15 = proj₂ (RelOpState.deltaRestPost
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
53 (NotP (SemCond b)) (Rel1 (proj₁ q2)) s1 s2) (proj₂ q2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
54 lem1 : (m : ℕ) -> (ss2 : State) -> Rel1 m s1 ss2 -> SemCond bInv ss2
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
55 lem1 zero ss2 h = substId1 State (proj₂ h) (SemCond bInv) q1
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
56 lem1 (suc n) ss2 h
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
57 = let hyp2 : (z : State) -> Rel1 (proj₁ q2) s1 z ->
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
58 SemCond bInv z
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
59 hyp2 = lem1 n
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
60 t22 : (SemCond b (proj₁ h)) × (SemComm cm' (proj₁ h) ss2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
61 t22 = proj₂ (RelOpState.deltaRestPre (SemCond b) (SemComm cm') (proj₁ h) ss2)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
62 (proj₂ (proj₂ h))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
63 t23 : SemCond (bInv /\ b) (proj₁ h)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
64 t23 = proj₂ (respAnd bInv b (proj₁ h))
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
65 (hyp2 (proj₁ h) (proj₁ (proj₂ h)) , proj₁ t22)
14a0e409d574 ADD fast commit
soto <soto@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
66 in hyp (proj₁ h) ss2 t23 (proj₂ t22)