Commit 5dc73a2e authored by MARCHE Claude's avatar MARCHE Claude

hoare logic: wp continued

parent d3fce80e
......@@ -26,7 +26,6 @@ use import int.Int
use import bool.Bool
type value =
| Verror
| Vint int
| Vbool bool
......@@ -36,55 +35,58 @@ type state = {| var_env : list value; ref_env: list value |}
(* semantics of formulas *)
function eval_bin (x:value) (op:operator) (y:value) : value =
predicate eval_bin (x:value) (op:operator) (y:value) (res:value) =
match x,y with
| Vint x,Vint y ->
match op with
| Oplus -> Vint (x+y)
| Ominus -> Vint (x-y)
| Omult -> Vint (x*y)
| Oplus -> res = Vint (x+y)
| Ominus -> res = Vint (x-y)
| Omult -> res = Vint (x*y)
end
| _,_ -> Verror
| _,_ -> false
end
use import list.Nth
function get_env (i:int) (env:list value) : value =
predicate get_env (i:int) (env:list value) (res:value) =
match nth i env with
| None -> Verror
| Some v -> v
end
function eval_term (s:state) (t:term) : value =
match t with
| Tconst n -> Vint n
| Tvar i -> get_env i (var_env s)
| Tderef i -> get_env i (ref_env s)
| Tbin t1 op t2 ->
eval_bin (eval_term s t1) op (eval_term s t2)
| None -> false
| Some v -> v = res
end
inductive eval_term state term value =
| eval_const :
forall s:state, n:int. eval_term s (Tconst n) (Vint n)
| eval_var :
forall s:state, i:int, res:value.
get_env i (var_env s) res -> eval_term s (Tvar i) res
| eval_deref :
forall s:state, i:int, res:value.
get_env i (ref_env s) res -> eval_term s (Tderef i) res
| eval_bin :
forall s:state, op:operator, t1 t2:term, r1 r2 r:value.
eval_term s t1 r1 -> eval_term s t2 r2 ->
eval_bin r1 op r2 r -> eval_term s (Tbin t1 op t2) r
function my_state :state =
{| var_env = Cons (Vint 42) Nil; ref_env = Nil |}
goal Test13 :
eval_term my_state (Tconst 13) = Vint 13
eval_term my_state (Tconst 13) (Vint 13)
goal Test42 :
eval_term my_state (Tvar 0) = Vint 42
eval_term my_state (Tvar 0) (Vint 42)
goal Test55 :
eval_term my_state (Tbin (Tvar 0) Oplus (Tconst 13)) = Vint 55
eval_term my_state (Tbin (Tvar 0) Oplus (Tconst 13)) (Vint 55)
(*
predicate eval_fmla (s:state) (f:fmla) =
match f with
| Fterm t ->
match eval_term s t with
| Verror -> false
| Vint n -> n <> 0
| Vbool b -> b = True
predicate eval_fmla (s:state) (f:fmla) (b:bool) =
match f with
| Fterm t -> eval_term s t with
| Verror -> false
| Vint n -> n <> 0
| Vbool b -> b = True
end
| Fand f1 f2 -> eval_fmla s f1 /\ eval_fmla s f2
| Fnot f -> not (eval_fmla s f)
......
......@@ -48,52 +48,73 @@
version="2.19"/>
<file
name="../wp.mlw"
verified="true"
verified="false"
expanded="true">
<theory
name="Imp"
verified="true"
verified="false"
expanded="true">
<goal
name="Test13"
sum="10a7fb7a54721cc5d2e8fe0ccc0a06dd"
sum="79f3fb3351626d34bfb37da12b0bd140"
proved="true"
expanded="true"
shape="ainfix =aeval_termamy_stateaTconstc13aVintc13">
shape="aeval_termamy_stateaTconstc13aVintc13">
<proof
prover="alt-ergo"
timelimit="3"
edited=""
obsolete="false">
<result status="valid" time="0.05"/>
<result status="valid" time="0.06"/>
</proof>
</goal>
<goal
name="Test42"
sum="8062e7b817a81543a8e958c35e86e92f"
sum="1f19dab18a6999ab7e11f82d7e74d850"
proved="true"
expanded="true"
shape="ainfix =aeval_termamy_stateaTvarc0aVintc42">
shape="aeval_termamy_stateaTvarc0aVintc42">
<proof
prover="alt-ergo"
timelimit="3"
edited=""
obsolete="false">
<result status="valid" time="0.07"/>
<result status="valid" time="0.05"/>
</proof>
</goal>
<goal
name="Test55"
sum="2890146a1089020f995c0962244237b7"
proved="true"
sum="0bf8af91734c8766090834ab82722ed2"
proved="false"
expanded="true"
shape="ainfix =aeval_termamy_stateaTbinaTvarc0aOplusaTconstc13aVintc55">
shape="aeval_termamy_stateaTbinaTvarc0aOplusaTconstc13aVintc55">
<proof
prover="coq"
timelimit="3"
edited="wp_Imp_Test55_1.v"
obsolete="true">
<result status="highfailure" time="0.63"/>
</proof>
<proof
prover="alt-ergo"
timelimit="5"
edited=""
obsolete="false">
<result status="timeout" time="5.08"/>
</proof>
<proof
prover="cvc3"
timelimit="5"
edited="wp-Imp-Test55_1.cvc"
obsolete="true">
<result status="timeout" time="5.29"/>
</proof>
<proof
prover="z3"
timelimit="5"
edited=""
obsolete="false">
<result status="valid" time="0.47"/>
<result status="timeout" time="5.48"/>
</proof>
</goal>
</theory>
......
......@@ -22,7 +22,6 @@ Inductive fmla :=
| Fforall : fmla -> fmla .
Inductive value :=
| Verror : value
| Vint : Z -> value
| Vbool : bool -> value .
......@@ -47,15 +46,16 @@ Definition var_env(u:state): (list value) :=
| (mk_state var_env1 _) => var_env1
end.
Definition eval_bin(x:value) (op:operator) (y:value): value := match (x,
Definition eval_bin(x:value) (op:operator) (y:value) (res:value): Prop :=
match (x,
y) with
| ((Vint x1), (Vint y1)) =>
match op with
| Oplus => (Vint (x1 + y1)%Z)
| Ominus => (Vint (x1 - y1)%Z)
| Omult => (Vint (x1 * y1)%Z)
| Oplus => (res = (Vint (x1 + y1)%Z))
| Ominus => (res = (Vint (x1 - y1)%Z))
| Omult => (res = (Vint (x1 * y1)%Z))
end
| (_, _) => Verror
| (_, _) => False
end.
Inductive option (a:Type) :=
......@@ -77,30 +77,34 @@ Axiom nth_def : forall (a:Type), forall (n:Z) (l:(list a)),
((nth n l) = (nth (n - 1%Z)%Z r)))
end.
Definition get_env(i:Z) (env:(list value)): value := match (nth i
Definition get_env(i:Z) (env:(list value)) (res:value): Prop := match (nth i
env) with
| None => Verror
| (Some v) => v
| None => False
| (Some v) => (v = res)
end.
Set Implicit Arguments.
Fixpoint eval_term(s:state) (t:term) {struct t}: value :=
match t with
| (Tconst n) => (Vint n)
| (Tvar i) => (get_env i (var_env s))
| (Tderef i) => (get_env i (ref_env s))
| (Tbin t1 op t2) => (eval_bin (eval_term s t1) op (eval_term s t2))
end.
Unset Implicit Arguments.
Inductive eval_term : state -> term -> value -> Prop :=
| eval_const : forall (s:state) (n:Z), (eval_term s (Tconst n) (Vint n))
| eval_var : forall (s:state) (i:Z) (res:value), (get_env i (var_env s)
res) -> (eval_term s (Tvar i) res)
| eval_deref : forall (s:state) (i:Z) (res:value), (get_env i (ref_env s)
res) -> (eval_term s (Tderef i) res)
| eval_bin1 : forall (s:state) (op:operator) (t1:term) (t2:term) (r1:value)
(r2:value) (r:value), (eval_term s t1 r1) -> ((eval_term s t2 r2) ->
((eval_bin r1 op r2 r) -> (eval_term s (Tbin t1 op t2) r))).
(* YOU MAY EDIT THE CONTEXT BELOW *)
(* DO NOT EDIT BELOW *)
Theorem Test55 : ((eval_term (mk_state (Cons (Vint 42%Z) (Nil:(list value)))
(Nil:(list value))) (Tbin (Tvar 0%Z) Oplus (Tconst 13%Z))) = (Vint 55%Z)).
Theorem Test55 : (eval_term (mk_state (Cons (Vint 42%Z) (Nil:(list value)))
(Nil:(list value))) (Tbin (Tvar 0%Z) Oplus (Tconst 13%Z)) (Vint 55%Z)).
(* YOU MAY EDIT THE PROOF BELOW *)
simpl.
apply eval_bin1 with (r1:=Vint 42) (r2:=Vint 13).
constructor.
red; simpl.
generalize (nth_def _ 0 (Cons (Vint 42) Nil)).
SearchAbout nth.
unfold eval_bin; simpl.
unfold get_env; simpl.
generalize (nth_def _ 0 (Cons (Vint 42) Nil)).
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment