Papers/2020/ryokka-master: paper/src/agda-hoare-soundness.agda.replaced comparison

comparison paper/src/agda-hoare-soundness.agda.replaced @ 13:e8655e0264b8

fix paper, slide

author	ryokka
date	Tue, 11 Feb 2020 02:31:26 +0900
parents	bf3288c36d7e
children

comparison

equal deleted inserted replaced

-:bf3288c36d7e
+:e8655e0264b8
 s1 s2 q1 q2
 = let hyp1 : Satisfies bPre cm1 bMid
 hyp1 = Soundness pr1
 hyp2 : Satisfies bMid cm2 bPost
 hyp2 = Soundness pr2
-sMid : State
+in hyp2 (proj@$\_{1}$@ q2) s2 (hyp1 s1 (proj@$\_{1}$@ q2) q1 (proj@$\_{1}$@ (proj@$\_{2}$@ q2))) (proj@$\_{2}$@ (proj@$\_{2}$@ q2))
-sMid = proj@$\_{1}$@ q2
-r1 : SemComm cm1 s1 sMid @$\times$@ SemComm cm2 sMid s2
-r1 = proj@$\_{2}$@ q2
-r2 : SemComm cm1 s1 sMid
-r2 = proj@$\_{1}$@ r1
-r3 : SemComm cm2 sMid s2
-r3 = proj@$\_{2}$@ r1
-r4 : SemCond bMid sMid
-r4 = hyp1 s1 sMid q1 r2
-in hyp2 sMid s2 r4 r3
 Soundness (IfRule {cmThen} {cmElse} {bPre} {bPost} {b} pThen pElse)
 s1 s2 q1 q2
-= let hypThen : Satisfies (bPre /\ b) cmThen bPost
+= let hypThen : Satisfies (bPre @$\wedge$@ b) cmThen bPost
 hypThen = Soundness pThen
-hypElse : Satisfies (bPre /\ neg b) cmElse bPost
+hypElse : Satisfies (bPre @$\wedge$@ neg b) cmElse bPost
 hypElse = Soundness pElse
-rThen : RelOpState.comp
+rThen : RelOpState.comp (RelOpState.delta (SemCond b))
-(RelOpState.delta (SemCond b))
+(SemComm cmThen) s1 s2 @$\rightarrow$@ SemCond bPost s2
-(SemComm cmThen) s1 s2 @$\rightarrow$@
+rThen = @$\lambda$@ h @$\rightarrow$@ hypThen s1 s2 ((proj@$\_{2}$@ (respAnd bPre b s1)) (q1 , proj@$\_{1}$@ t1))
-SemCond bPost s2
+(proj@$\_{2}$@ ((proj@$\_{2}$@ (RelOpState.deltaRestPre (SemCond b) (SemComm cmThen) s1 s2)) h))
-rThen = @$\lambda$@ h @$\rightarrow$@
+rElse : RelOpState.comp (RelOpState.delta (NotP (SemCond b)))
-let t1 : SemCond b s1 @$\times$@ SemComm cmThen s1 s2
+(SemComm cmElse) s1 s2 @$\rightarrow$@ SemCond bPost s2
-t1 = (proj@$\_{2}$@ (RelOpState.deltaRestPre
-(SemCond b)
-(SemComm cmThen) s1 s2)) h
-t2 : SemCond (bPre /\ b) s1
-t2 = (proj@$\_{2}$@ (respAnd bPre b s1))
-(q1 , proj@$\_{1}$@ t1)
-in hypThen s1 s2 t2 (proj@$\_{2}$@ t1)
-rElse : RelOpState.comp
-(RelOpState.delta (NotP (SemCond b)))
-(SemComm cmElse) s1 s2 @$\rightarrow$@
-SemCond bPost s2
 rElse = @$\lambda$@ h @$\rightarrow$@
-let t10 : (NotP (SemCond b) s1) @$\times$@
+let t10 : (NotP (SemCond b) s1) @$\times$@ (SemComm cmElse s1 s2)
-(SemComm cmElse s1 s2)
 t10 = proj@$\_{2}$@ (RelOpState.deltaRestPre
-(NotP (SemCond b)) (SemComm cmElse) s1 s2)
+(NotP (SemCond b)) (SemComm cmElse) s1 s2) h
-h
+in hypElse s1 s2 (proj@$\_{2}$@ (respAnd bPre (neg b) s1)
-t6 : SemCond (neg b) s1
+(q1 , (proj@$\_{2}$@ (respNeg b s1) (proj@$\_{1}$@ t10)))) (proj@$\_{2}$@ t10)
-t6 = proj@$\_{2}$@ (respNeg b s1) (proj@$\_{1}$@ t10)
-t7 : SemComm cmElse s1 s2
-t7 = proj@$\_{2}$@ t10
-t8 : SemCond (bPre /\ neg b) s1
-t8 = proj@$\_{2}$@ (respAnd bPre (neg b) s1)
-(q1 , t6)
-in hypElse s1 s2 t8 t7
 in when rThen rElse q2
 Soundness (WhileRule {cm'} {bInv} {b} pr) s1 s2 q1 q2
-= proj@$\_{2}$@ (respAnd bInv (neg b) s2) t20
+= proj@$\_{2}$@ (respAnd bInv (neg b) s2)
+(lem1 (proj@$\_{1}$@ q2) s2 (proj@$\_{1}$@ t15) , proj@$\_{2}$@ (respNeg b s2) (proj@$\_{2}$@ t15))
 where
-hyp : Satisfies (bInv /\ b) cm' bInv
+hyp : Satisfies (bInv @$\wedge$@ b) cm' bInv
 hyp = Soundness pr
-n : $mathbb{N}$
+Rel1 : @$\mathbb{N}$@ @$\rightarrow$@ Rel State (Level.zero)
-n = proj@$\_{1}$@ q2
-Rel1 : $mathbb{N}$ @$\rightarrow$@ Rel State (Level.zero)
 Rel1 = @$\lambda$@ m @$\rightarrow$@
 RelOpState.repeat
 m
 (RelOpState.comp (RelOpState.delta (SemCond b))
 (SemComm cm'))
-t1 : RelOpState.comp
+t15 : (Rel1 (proj@$\_{1}$@ q2) s1 s2) @$\times$@ (NotP (SemCond b) s2)
-(Rel1 n)
-(RelOpState.delta (NotP (SemCond b))) s1 s2
-t1 = proj@$\_{2}$@ q2
-t15 : (Rel1 n s1 s2) @$\times$@ (NotP (SemCond b) s2)
 t15 = proj@$\_{2}$@ (RelOpState.deltaRestPost
-(NotP (SemCond b)) (Rel1 n) s1 s2)
+(NotP (SemCond b)) (Rel1 (proj@$\_{1}$@ q2)) s1 s2) (proj@$\_{2}$@ q2)
-t1
+lem1 : (m : @$\mathbb{N}$@) @$\rightarrow$@ (ss2 : State) @$\rightarrow$@ Rel1 m s1 ss2 @$\rightarrow$@ SemCond bInv ss2
-t16 : Rel1 n s1 s2
+lem1 zero ss2 h = substId1 State (proj@$\_{2}$@ h) (SemCond bInv) q1
-t16 = proj@$\_{1}$@ t15
+lem1 (suc n) ss2 h
-t17 : NotP (SemCond b) s2
+= let hyp2 : (z : State) @$\rightarrow$@ Rel1 (proj@$\_{1}$@ q2) s1 z @$\rightarrow$@
-t17 = proj@$\_{2}$@ t15
-lem1 : (m : $mathbb{N}$) @$\rightarrow$@ (ss2 : State) @$\rightarrow$@ Rel1 m s1 ss2 @$\rightarrow$@
-SemCond bInv ss2
-lem1 $mathbb{N}$.zero ss2 h
-= substId1 State (proj@$\_{2}$@ h) (SemCond bInv) q1
-lem1 ($mathbb{N}$.suc n) ss2 h
-= let hyp2 : (z : State) @$\rightarrow$@ Rel1 n s1 z @$\rightarrow$@
 SemCond bInv z
 hyp2 = lem1 n
-s20 : State
+t22 : (SemCond b (proj@$\_{1}$@ h)) @$\times$@ (SemComm cm' (proj@$\_{1}$@ h) ss2)
-s20 = proj@$\_{1}$@ h
+t22 = proj@$\_{2}$@ (RelOpState.deltaRestPre (SemCond b) (SemComm cm') (proj@$\_{1}$@ h) ss2)
-t21 : Rel1 n s1 s20
-t21 = proj@$\_{1}$@ (proj@$\_{2}$@ h)
-t22 : (SemCond b s20) @$\times$@ (SemComm cm' s20 ss2)
-t22 = proj@$\_{2}$@ (RelOpState.deltaRestPre
-(SemCond b) (SemComm cm') s20 ss2)
 (proj@$\_{2}$@ (proj@$\_{2}$@ h))
-t23 : SemCond (bInv /\ b) s20
+t23 : SemCond (bInv @$\wedge$@ b) (proj@$\_{1}$@ h)
-t23 = proj@$\_{2}$@ (respAnd bInv b s20)
+t23 = proj@$\_{2}$@ (respAnd bInv b (proj@$\_{1}$@ h))
-(hyp2 s20 t21 , proj@$\_{1}$@ t22)
+(hyp2 (proj@$\_{1}$@ h) (proj@$\_{1}$@ (proj@$\_{2}$@ h)) , proj@$\_{1}$@ t22)
-in hyp s20 ss2 t23 (proj@$\_{2}$@ t22)
+in hyp (proj@$\_{1}$@ h) ss2 t23 (proj@$\_{2}$@ t22)
-t20 : SemCond bInv s2 @$\times$@ SemCond (neg b) s2
-t20 = lem1 n s2 t16 , proj@$\_{2}$@ (respNeg b s2) t17

Mercurial > hg > Papers > 2020 > ryokka-master

comparison paper/src/agda-hoare-soundness.agda.replaced @ 13:e8655e0264b8