Extensibella: Extensibella Example: exactEval:assert

Language Specification

File: defs.sos

Module exactEval:assert

Builds on exactEval:host

stmt ::= ...
       | assert(expr, expr)


-------------------------------------------- [Proj-Assert]
Names |{stmt}- assert(E, Msg) ~~>
         ifThenElse(E, noop,
            /*printVal(error) never succeeds*/
            printVal(errorExpr(Msg, intTy)))



typeOf FC TC E boolTy
typeOf FC TC Msg stringTy
------------------------------ [T-Assert]
stmtOK FC TC assert(E, Msg) TC



exprNames Ctx E NE
exprNames Ctx Msg NM
NE ++ NM = N
---------------------------------- [SN-Assert]
stmtNames Ctx assert(E, Msg) N Ctx



evalExpr FE EE E trueVal EE2 O
----------------------------------- [E-Assert]
evalStmt FE EE assert(E, Msg) EE2 O

Reasoning

[Show All Proofs] [Hide All Proofs] [Raw File]

Click on a command or tactic to see a detailed view of its use.

Module exactEval:assert.

/********************************************************************
 Basic Projection Constraints
 ********************************************************************/
Prove_Constraint exactEval:host:proj_expr_unique.
Prove_Constraint exactEval:host:proj_expr_is.
Prove_Constraint exactEval:host:proj_expr_other.

Prove_Constraint exactEval:host:proj_stmt_unique. [Show Proof]

 %Proj-Assert
  case PrB. search.
Prove_Constraint exactEval:host:proj_stmt_is. [Show Proof]

 %Proj-Assert
  case IsS. search.
Prove_Constraint exactEval:host:proj_stmt_other. [Show Proof]

 %Proj-Assert
  search.

Prove_Constraint exactEval:host:proj_fun_unique.
Prove_Constraint exactEval:host:proj_fun_is.

Prove_Constraint exactEval:host:proj_param_unique.
Prove_Constraint exactEval:host:proj_param_is.

Prove_Constraint exactEval:host:proj_program_unique.
Prove_Constraint exactEval:host:proj_program_is.

Prove_Constraint exactEval:host:proj_typ_unique.
Prove_Constraint exactEval:host:proj_typ_is.




/********************************************************************
 Decidable Equality
 ********************************************************************/
Add_Proj_Rel exactEval:host:is_expr, exactEval:host:is_args,
             exactEval:host:is_recFieldExprs, exactEval:host:is_stmt.
Prove_Ext_Ind exactEval:host:is_expr, exactEval:host:is_args,
              exactEval:host:is_recFieldExprs, exactEval:host:is_stmt. [Show Proof]

apply IH to R1. apply IH to R2. search.

Prove exactEval:host:is_args_nilArgs_or_consArgs.
Prove exactEval:host:is_recFieldExprs_nilRecFieldExprs_or_consRecFieldExprs.




/********************************************************************
 Variables
 ********************************************************************/
Prove exactEval:host:vars_unique.

Prove exactEval:host:vars_is.

Prove exactEval:host:vars_exist,
      exactEval:host:varsArgs_exist,
      exactEval:host:varsRecFields_exist.




/********************************************************************
 Statement Names
 ********************************************************************/
Prove exactEval:host:stmtNames_is,
      exactEval:host:stmtNames_isCtx,
      exactEval:host:exprNames_is. [Show Proof]

%stmtNames_is
 case IsS. apply IH_E to _ _ SN1. apply IH_E to _ _ SN2.
 apply append_list_string_is to _ _ SN3. search.
%stmtNames_isCtx
 search.

Prove exactEval:host:stmtNames_unique,
      exactEval:host:exprNames_unique. [Show Proof]

case IsS. SNB: case SNB. apply IH_E to _ _ SNA1 SNB.
apply IH_E to _ _ SNA2 SNB1. apply append_unique to SNA3 SNB2. search.

Prove exactEval:host:stmtNames_keep_older. [Show Proof]

search.

Prove exactEval:host:stmtNames_exists,
      exactEval:host:exprNames_exists,
      exactEval:host:argsNames_exists,
      exactEval:host:recFieldNames_exists. [Show Proof]

ENE: apply IH_E to IsS1 IsCtx. ENM: apply IH_E to IsS2 IsCtx.
Is1: apply exprNames_is to _ _ ENE.
Is2: apply exprNames_is to _ _ ENM.
apply append_list_string_total to Is1 Is2. search.

Prove exactEval:host:stmtNames_not_in_ctx,
      exactEval:host:exprNames_not_in_ctx. [Show Proof]

case IsS.  Or: apply mem_append to MemN SN3. M: case Or.
  %mem X NE
   apply IH_E to _ _ SN1 M MemsCtx.
  %mem X NM
   apply IH_E to _ _ SN2 M MemsCtx.


Prove exactEval:host:stmtNames_relatedCtxs,
      exactEval:host:stmtNames_relatedCtxs_ctx_fwd,
      exactEval:host:stmtNames_relatedCtxs_ctx_back,
      exactEval:host:exprNames_relatedCtxs. [Show Proof]

%stmtNames_relatedCtxs
 case IsS. apply IH_E to _ _ _ RelAB RelBA SN1.
 apply IH_E to _ _ _ RelAB RelBA SN2. search.
%stmtNames_relatedCtxs_ctx_fwd
 case IsS. SNB: case SNB. backchain RelAB.
%stmtNames_relatedCtxs_ctx_back
 SNB: case SNB. backchain RelBA.


Prove exactEval:host:stmtNames_increaseCtxs,
      exactEval:host:stmtNames_increaseCtxs_ctxs,
      exactEval:host:exprNames_increaseCtxs. [Show Proof]

%stmtNames_increaseCtxs
 case IsS. SNB: case SNB. Or: apply mem_append to M SNB2.
 M': case Or.
   %mem X NE1
    ME: apply IH_E to _ _ _ _ SNA1 SNB M'.
    apply mem_append_left to ME SNA3. search.
   %mem X NM1
    MM: apply IH_E to _ _ _ _ SNA2 SNB1 M'.
    apply mem_append_right to MM SNA3. search.
%stmtNames_increaseCtxs_ctxs
 case SNB. apply RelAB to M. search.


Prove_Constraint exactEval:host:proj_exprNames.
Prove_Constraint exactEval:host:proj_stmtNames. [Show Proof]

case IsS. SN: case SN. SN_P: case SN_P. case SN_P1. SN_P: case SN_P2.
SN_P: case SN_P1. apply exprNames_unique to _ _ SN SN_P.
apply append_nil_right to SN_P3. clear SN_P3.
SN': apply exprNames_relatedCtxs to _ _ _ _ _ SN_P1 with
        CtxB = Scope::Ctx.
  %mems ->
   intros M'. M': case M'. case M'. search.
apply exprNames_unique to _ _ SN1 SN'.
apply append_unique to SN2 SN_P4. search.
Prove_Constraint exactEval:host:proj_stmtNames_names_forward. [Show Proof]

case IsS. SN: case SN. SN_P: case SN_P. search.
Prove_Constraint exactEval:host:proj_stmtNames_names_backward. [Show Proof]

case IsS. SN: case SN. SN_P: case SN_P. search.




/********************************************************************
 Typing
 ********************************************************************/
Prove exactEval:host:typeOf_isTy,
      exactEval:host:stmtOK_isCtx. [Show Proof]

%stmtOK_isCtx
 %T-Assert
  search.


Prove exactEval:host:stmtOK_keep_scopes. [Show Proof]

%T-Assert
 search.


Prove exactEval:host:stmtOK_older_scopes_same. [Show Proof]

%T-Assert
 search.


Prove exactEval:host:stmtOK_first_scope_lookup_same. [Show Proof]

%T-Assert
 search.


Prove exactEval:host:typeOf_unique,
      exactEval:host:stmtOK_unique. [Show Proof]

%stmtOK_unique
 case TyB. search.


Prove exactEval:host:paramTy_is.
Prove exactEval:host:getFunInfo_is.


Prove exactEval:host:paramTy_exists.
Prove exactEval:host:getFunInfo_exists.




/********************************************************************
 Evaluation
 ********************************************************************/
Prove exactEval:host:evalExpr_isCtx,
      exactEval:host:evalExpr_isValue,
      exactEval:host:evalStmt_isCtx,
      exactEval:host:evalArgs_isCtx,
      exactEval:host:evalArgs_isValue,
      exactEval:host:evalRecFields_isCtx,
      exactEval:host:evalRecFields_isValue. [Show Proof]

%evalStmt_isCtx
 %E-Assert
  case IsS. apply IH_C_E to _ _ _ Ev1. search.


Prove exactEval:host:evalExpr_isOutput,
      exactEval:host:evalStmt_isOutput,
      exactEval:host:evalArgs_isOutput,
      exactEval:host:evalRecFields_isOutput. [Show Proof]

%evalStmt_isOutput
 %E-Assert
  case IsS. apply IH_E to _ _ _ Ev1. search.


Prove exactEval:host:paramName_is.
Prove exactEval:host:getFunEvalInfo_is.

Prove exactEval:host:evalProgram_isOutput.


Prove exactEval:host:evalExpr_names_same,
      exactEval:host:evalStmt_names_same,
      exactEval:host:evalArgs_names_same,
      exactEval:host:evalRecFields_names_same. [Show Proof]

%evalStmt_names_same
 %E-Assert
  case IsS. NS: apply IH_E to _ _ _ Ev1. case NS. search.


Prove exactEval:host:evalExpr_newNameScopes,
      exactEval:host:evalExpr_newNameScopes_output,
      exactEval:host:evalExpr_newNameScopes_ctx,
      exactEval:host:evalStmt_newNameScopes_output,
      exactEval:host:evalStmt_newNameScopes,
      exactEval:host:evalArgs_newNameScopes,
      exactEval:host:evalArgs_newNameScopes_output,
      exactEval:host:evalArgs_newNameScopes_ctx,
      exactEval:host:evalRecFields_newNameScopes,
      exactEval:host:evalRecFields_newNameScopes_output,
      exactEval:host:evalRecFields_newNameScopes_ctx. [Show Proof]

%evalStmt_newNameScopes_output
 case IsS. EvB: case EvB. apply IH_O_E to _ _ _ _ EvA1 EvB _. search.
%evalStmt_newNameScopes
 case IsS. EvB: case EvB. apply IH_C_E to _ _ _ _ EvA1 EvB _. search.


Add_Ext_Size exactEval:host:evalExpr,
             exactEval:host:evalArgs,
             exactEval:host:evalRecFields,
             exactEval:host:evalStmt.
Add_Proj_Rel exactEval:host:evalExpr,
             exactEval:host:evalArgs,
             exactEval:host:evalRecFields,
             exactEval:host:evalStmt.


Prove exactEval:host:evalExpr_newNameScopes_exists_ES,
      exactEval:host:evalStmt_newNameScopes_exists_ES,
      exactEval:host:evalArgs_newNameScopes_exists_ES,
      exactEval:host:evalRecFields_newNameScopes_exists_ES. [Show Proof]

case IsS. apply ext_size_is_int_evalExpr to EvB2.
apply IH_E to _ _ _ _ EvB2 _. search.


Prove exactEval:host:evalExpr_ctx_names,
      exactEval:host:evalStmt_ctx_names,
      exactEval:host:evalArgs_ctx_names,
      exactEval:host:evalRecFields_ctx_names. [Show Proof]

case IsS. SN: case SN. apply IH_E to _ _ _ _ Ctxs SN Ev1. search.


Prove exactEval:host:evalExpr_newNameScopes_exists_back,
      exactEval:host:evalStmt_newNameScopes_exists_back,
      exactEval:host:evalArgs_newNameScopes_exists_back,
      exactEval:host:evalRecFields_newNameScopes_exists_back. [Show Proof]

case IsS. SN: case SN. case SN2.
apply IH_E to _ _ _ _ _ Ctxs SN EvA1 _. search.


Prove exactEval:host:evalExpr_scopes_same,
      exactEval:host:evalExpr_scopes_same_ctx,
      exactEval:host:evalStmt_scopes_same,
      exactEval:host:evalStmt_scopes_same_ctx,
      exactEval:host:evalArgs_scopes_same,
      exactEval:host:evalArgs_scopes_same_ctx,
      exactEval:host:evalRecFields_scopes_same,
      exactEval:host:evalRecFields_scopes_same_ctx. [Show Proof]

%evalStmt_scopes_same
 case IsS. EvB: case EvB. apply IH_E to _ _ _ _ SS EvA1 EvB. search.
%evalStmt_scopes_same_ctx
 case IsS. EvB: case EvB. apply IH_E_C to _ _ _ _ _ EvA1 EvB. search.

Prove exactEval:host:evalExpr_scopes_same_exists,
      exactEval:host:evalStmt_scopes_same_exists,
      exactEval:host:evalArgs_scopes_same_exists,
      exactEval:host:evalRecFields_scopes_same_exists. [Show Proof]

case IsS. apply IH_E to _ _ _ _ SS EvA1. search.


Prove_Constraint exactEval:host:proj_evalExpr_forward.
Prove_Constraint exactEval:host:proj_evalExpr_backward.

Theorem is_list_values_append_nil : forall L,
  is_list is_value L -> L ++ [] = L. [Show Proof]

induction on 1. intros IsL. Is: case IsL.
  %nil
   search.
  %cons
   apply IH to Is1. search.

Prove_Constraint exactEval:host:proj_evalStmt_forward. [Show Proof]

case IsS. Ev: case Ev. IsEE': apply evalExpr_isCtx to _ _ _ Ev.
apply scopes_same_reflexive to IsEE'. exists EE'. split.
  %eval
   unfold. exists EE', O, [], []. split.
     %eval E
      search.
     %eval noop
      search.
     %append
      IsO: apply evalExpr_isOutput to _ _ _ Ev.
      backchain is_list_values_append_nil.
  %scopes_same
   search.

Prove_Constraint exactEval:host:proj_evalStmt_backward. [Show Proof]

case IsS. Ev: case Ev.
  %E-If-True
   case Ev1. apply append_nil_right to Ev2.
   IsEE': apply evalExpr_isCtx to _ _ _ Ev.
   apply scopes_same_reflexive to IsEE'. search.
  %E-If-False
   Ev': case Ev1. case Ev'. case Ev'. case Ev'. case Ev'.


Prove_Ext_Ind exactEval:host:evalExpr,
              exactEval:host:evalArgs,
              exactEval:host:evalRecFields,
              exactEval:host:evalStmt. [Show Proof]

case IsS. apply ext_size_is_int_evalExpr to R2. Acc: case Acc.
L: apply lt_plus_one to R1 _. apply ext_size_pos_evalExpr to R2.
A: apply Acc to _ L. apply IH to R2 A _ _ _.
Names: apply names_exists to IsEE. unfold.
exists N1, ifThenElse E noop (printVal (errorExpr Msg intTy)), EE', O.
split.
  %eval E
   search.
  %names
   search.
  %proj
   search.
  %eval proj
   unfold. exists EE', O, [], []. split.
     %eval E
      search.
     %eval noop
      search.
     %append output
      Ev: apply drop_ext_size_evalExpr to R2.
      apply evalExpr_isOutput to _ _ _ Ev.
      backchain is_list_values_append_nil.


Prove exactEval:host:paramName_unique.
Prove_Constraint exactEval:host:proj_paramName_forward.
Prove_Constraint exactEval:host:proj_paramName_back.
Prove exactEval:host:getFunEvalInfo_unique.
Prove_Constraint exactEval:host:proj_getFunEvalInfo_forward.
Prove_Constraint exactEval:host:proj_getFunEvalInfo_back.

Prove exactEval:host:evalProgram_unique.
Prove_Constraint exactEval:host:proj_evalProgram_forward.
Prove_Constraint exactEval:host:proj_evalProgram_back.


Prove exactEval:host:evalExpr_typePres_ctx,
      exactEval:host:evalExpr_typePres,
      exactEval:host:evalStmt_typePres,
      exactEval:host:evalArgs_typePres_Ctx,
      exactEval:host:evalArgs_typePres,
      exactEval:host:evalRecFields_typePres_Ctx,
      exactEval:host:evalRecFields_typePres. [Show Proof]

%evalStmt_typePres
 %E-Assert
  case IsS. Ty: case Ty. apply IH_C_E to _ _ _ _ _ Ty Ev1 _ _. search.


Prove exactEval:host:paramTy_paramName_same.
Prove exactEval:host:funOK_getFunEvalInfo_related.


Prove exactEval:host:evalExpr_output_forms,
      exactEval:host:evalStmt_output_forms,
      exactEval:host:evalArgs_output_forms,
      exactEval:host:evalRecFields_output_forms. [Show Proof]

%evalStmt_output_forms
 %E-Assert
  case IsS. apply IH_E to _ _ _ Ev1. search.


Prove exactEval:host:evalProgram_output_forms.


Prove exactEval:host:paramName_exists.
Prove exactEval:host:getFunEvalInfo_exists.