using imp
play

Using Imp Type Theory and Coq Tom Salet Radboud University - PowerPoint PPT Presentation

Nov 03, 2023 •388 likes •610 views

ImpParser Radboud University Nijmegen ImpCEvalFun Using Imp Type Theory and Coq Tom Salet Radboud University Nijmegen May 13, 2016 Tom Salet May 13, 2016 Using Imp 1 / 11 ImpParser Radboud University Nijmegen ImpCEvalFun Imp

  1. ImpParser Radboud University Nijmegen ImpCEvalFun Using Imp Type Theory and Coq Tom Salet Radboud University Nijmegen May 13, 2016 Tom Salet May 13, 2016 Using Imp 1 / 11

  2. ImpParser Radboud University Nijmegen ImpCEvalFun Imp – Previous lecture Formal Coq definition – Arithmetic expressions Arithmetic expressions Normal form Inductive aexp : Type := a ::= nat | ANum : nat − > aexp | a + a | APlus : aexp − > aexp − > aexp | a − a | AMinus : aexp − > aexp − > aexp | a * a | AMult : aexp − > aexp − > aexp . Tom Salet May 13, 2016 Using Imp 2 / 11

  3. ImpParser Radboud University Nijmegen ImpCEvalFun Imp – Previous lecture Formal Coq definition – Arithmetic expressions Arithmetic expressions Normal form Inductive aexp : Type := a ::= nat | ANum : nat − > aexp | a + a | APlus : aexp − > aexp − > aexp | a − a | AMinus : aexp − > aexp − > aexp | a * a | AMult : aexp − > aexp − > aexp . Evaluation Fixpoint aeval ( a : aexp ) : nat := match a with | ANum n = > n | APlus a1 a2 = > ( aeval a1 ) + ( aeval a2 ) | AMinus a1 a2 = > ( aeval a1 ) − ( aeval a2 ) | AMult a1 a2 = > ( aeval a1 ) * ( aeval a2 ) end . Tom Salet May 13, 2016 Using Imp 2 / 11

  4. ImpParser Radboud University Nijmegen ImpCEvalFun Imp – Previous lecture Formal Coq definition – Boolean expressions Boolean expressions Normal form Inductive bexp : Type := b ::= true | BTrue : bexp | false | BFalse : bexp | a = a | BEq : aexp − > aexp − > bexp | a <= a | BLe : aexp − > aexp − > bexp | not b | BNot : bexp − > bexp | b and b | BAnd : bexp − > bexp − > bexp . Tom Salet May 13, 2016 Using Imp 3 / 11

  5. ImpParser Radboud University Nijmegen ImpCEvalFun Imp – Previous lecture Formal Coq definition – Boolean expressions Boolean expressions Normal form Inductive bexp : Type := b ::= true | BTrue : bexp | false | BFalse : bexp | a = a | BEq : aexp − > aexp − > bexp | a <= a | BLe : aexp − > aexp − > bexp | not b | BNot : bexp − > bexp | b and b | BAnd : bexp − > bexp − > bexp . Evaluation Fixpoint beval ( b : bexp ) : bool := match b with | BTrue = > true | BFalse = > false > beq_nat ( aeval a1 ) | BEq a1 a2 = ( aeval a2 ) > ble_nat ( aeval a1 ) | BLe a1 a2 = ( aeval a2 ) | BNot b1 = > negb ( beval b1 ) | BAnd b1 b2 = > andb ( beval b1 ) ( beval b2 ) end . Tom Salet May 13, 2016 Using Imp 3 / 11

  6. ImpParser Radboud University Nijmegen ImpCEvalFun Imp – Previous lecture Formal Coq definition – Commands Commands Normal form Inductive com : Type := c ::= SKIP | CSkip : com | x ::= a | CAss : id − > aexp − > com | c ; ; c | CSeq : com − > com − > com | IF b THEN c ELSE c END | CIf : bexp − > com − > com − > com | WHILE b DO c END | CWhile : bexp − > com − > com . Tom Salet May 13, 2016 Using Imp 4 / 11

  7. ImpParser Radboud University Nijmegen ImpCEvalFun Imp – Previous lecture Formal Coq definition – Commands Commands Normal form Inductive com : Type := c ::= SKIP | CSkip : com | x ::= a | CAss : id − > aexp − > com | c ; ; c | CSeq : com − > com − > com | IF b THEN c ELSE c END | CIf : bexp − > com − > com − > com | WHILE b DO c END | CWhile : bexp − > com − > com . Evaluation Relation, no function, c1 / st ⇓ st’ : Inductive ceval : com − > state − > state − > Prop Tom Salet May 13, 2016 Using Imp 4 / 11

  8. ImpParser Radboud University Nijmegen ImpCEvalFun Contents ImpParser A parser for the Imp language Tom Salet May 13, 2016 Using Imp 5 / 11

  9. ImpParser Radboud University Nijmegen ImpCEvalFun Contents ImpParser A parser for the Imp language ImpCEvalFun Defining ceval as function Tom Salet May 13, 2016 Using Imp 5 / 11

  10. ImpParser Radboud University Nijmegen ImpCEvalFun Contents ImpParser A parser for the Imp language ImpCEvalFun Defining ceval as function Extraction Extracting into other languages, such as OCaml Tom Salet May 13, 2016 Using Imp 5 / 11

  11. ImpParser Radboud University Nijmegen ImpCEvalFun ImpParser Typical Imp program: z := x ; ; y := 1;; WHILE not ( z = = 0) DO y := y * z ; ; z := z − 1 END Tom Salet May 13, 2016 Using Imp 6 / 11

  12. ImpParser Radboud University Nijmegen ImpCEvalFun ImpParser Typical Imp program: Formalised in Coq: z := x ; ; Id 0 ::= AId ( Id 1) ; ; y := 1;; Id 2 ::= ANum 1;; WHILE not ( z = = 0) DO WHILE BNot ( BEq ( AId ( Id 0) ) ( ANum 0) ) DO y := y * z ; ; Id 2 ::= AMult ( AId ( Id 2) ) ( AId ( Id 0) ) ; ; z := z − 1 Id 0 ::= AMinus ( AId ( Id 0) ) ( ANum 1) END END Tom Salet May 13, 2016 Using Imp 6 / 11

  13. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun First attempt First try from last lecture Fixpoint ceval_step1 ( st : state ) ( c : com ) : state := match c with | SKIP = > st | l ::= a1 = > update st l ( aeval st a1 ) | c1 ; ; c2 = > let st ’ := ceval_step1 st c1 in ceval_step1 st ’ c2 | IFB b THEN c1 ELSE c2 FI = > if ( beval st b ) then ceval_step1 st c1 else ceval_step1 st c2 | WHILE b1 DO c1 END = > st (* bogus *) end . Tom Salet May 13, 2016 Using Imp 7 / 11

  14. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun Adding a step counter Fixpoint ceval_step2 ( st : state ) ( c : com ) ( i : nat ) : state := match i with Fixpoint ceval_step1 ( st : state ) > empty_state | O = ( c : com ) : state := | S i ’ = > match c with match c with | SKIP = > | SKIP = > st st | l ::= a1 = > | l ::= a1 = > update st l ( aeval st a1 ) update st l ( aeval st a1 ) | c1 ; ; c2 = > | c1 ; ; c2 = > let st ’ := ceval_step1 st let st ’ := ceval_step2 st c1 i ’ in c1 in ceval_step1 st ’ c2 ceval_step2 st ’ c2 i ’ | IFB b THEN c1 ELSE c2 FI = > | IFB b THEN c1 ELSE c2 FI = > if ( beval st b ) if ( beval st b ) then ceval_step1 st c1 then ceval_step2 st c1 i ’ else ceval_step2 st c2 i ’ else ceval_step1 st c2 | WHILE b1 DO c1 END = > | WHILE b1 DO c1 END = > if ( beval st b1 ) st (* bogus *) then let st ’ := ceval_step2 st c1 i ’ end . in ceval_step2 st ’ c i ’ else st end end . Tom Salet May 13, 2016 Using Imp 7 / 11

  15. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun Adding some error handling Fixpoint ceval_step2 ( st : state ) ( c : com ) ( i : nat ) : state := match i with > empty_state | O = | S i ’ = > match c with | SKIP = > st | l ::= a1 = > ( update st l ( aeval st a1 ) ) | c1 ; ; c2 = > let st ’ := ( ceval_step2 st c1 i ’ ) in ceval_step2 st ’ c2 i ’ | IFB b THEN c1 ELSE c2 FI = > if ( beval st b ) then ceval_step2 st c1 i ’ else ceval_step2 st c2 i ’ | WHILE b1 DO c1 END = > if ( beval st b1 ) then let st ’ := ( ceval_step2 st c1 i ’ ) in ceval_step2 st ’ c i ’ else st end end . Tom Salet May 13, 2016 Using Imp 8 / 11

  16. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun Adding some error handling Fixpoint ceval_step3 ( st : state ) ( c : com ) ( i : nat ) : option state := match i with | O = > None | S i ’ = > match c with | SKIP = > Some st | l ::= a1 = > Some ( update st l ( aeval st a1 ) ) | c1 ; ; c2 = > ( ceval_step3 st c1 i ’ ) with match > ceval_step3 st ’ c2 i ’ | Some st ’ = | None = > None end | IFB b THEN c1 ELSE c2 FI = > if ( beval st b ) then ceval_step3 st c1 i ’ else ceval_step3 st c2 i ’ | WHILE b1 DO c1 END = > if ( beval st b1 ) ( ceval_step3 st c1 i ’ ) with then match > ceval_step3 st ’ c i ’ | Some st ’ = | None = > None end else Some st end end . Tom Salet May 13, 2016 Using Imp 8 / 11

  17. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun Improving readability Notation "‘LETOPT’ x <== e1 ‘IN’ e2" := ( match e1 with | Some x = > e2 | None = > None end ) ( right associativity , at level 60) . Tom Salet May 13, 2016 Using Imp 9 / 11

  18. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun Defining the final ceval_step Fixpoint ceval_step ( st : state ) ( c : com ) ( i : nat ) : option state := match i with | O = > None | S i ’ = > match c with | SKIP = > Some st | l ::= a1 = > Some ( update st l ( aeval st a1 ) ) | c1 ; ; c2 = > LETOPT st ’ <== ceval_step st c1 i ’ IN ceval_step st ’ c2 i ’ | IFB b THEN c1 ELSE c2 FI = > if ( beval st b ) then ceval_step st c1 i ’ else ceval_step st c2 i ’ | WHILE b1 DO c1 END = > if ( beval st b1 ) then LETOPT st ’ <== ceval_step st c1 i ’ IN ceval_step st ’ c i ’ else Some st end end . Tom Salet May 13, 2016 Using Imp 10 / 11

  19. ImpParser Radboud University Nijmegen ImpCEvalFun ImpCEvalFun Defining the final ceval_step Fixpoint ceval_step2 ( st : state ) ( c : com ) ( i : nat ) : state := match i with > empty_state | O = | S i ’ = > match c with | SKIP = > st | l ::= a1 = > ( update st l ( aeval st a1 ) ) | c1 ; ; c2 = > ceval_step2 st c1 i ’ in let st ’ := ceval_step2 st ’ c2 i ’ | IFB b THEN c1 ELSE c2 FI = > if ( beval st b ) then ceval_step2 st c1 i ’ else ceval_step2 st c2 i ’ | WHILE b1 DO c1 END = > if ( beval st b1 ) ceval_step2 st c1 i ’ then let st ’ := in ceval_step2 st ’ c i ’ else st end end . Tom Salet May 13, 2016 Using Imp 10 / 11

Recommend

More recommend