Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
C
cpdt
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
research
cpdt
Commits
ff307eca
Commit
ff307eca
authored
Sep 03, 2008
by
Adam Chlipala
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Finished typed example
parent
ec72cd0d
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
45 additions
and
9 deletions
+45
-9
Intro.v
src/Intro.v
+1
-1
StackMachine.v
src/StackMachine.v
+44
-8
No files found.
src/Intro.v
View file @
ff307eca
...
...
@@ -131,7 +131,7 @@ If I do that job well, then this book should be of interest even to people who h
*
)
(
**
*
Prerequisites
for
This
Book
*
)
(
**
*
Prerequisites
*
)
(
**
I
try
to
keep
the
required
background
knowledge
to
a
minimum
in
this
book
.
I
will
assume
familiarity
with
the
material
from
usual
discrete
math
and
logic
courses
taken
by
all
undergraduate
computer
science
majors
,
and
I
will
assume
that
readers
have
significant
experience
programming
in
one
of
the
ML
dialects
,
in
Haskell
,
or
in
some
other
,
closely
-
related
language
.
Experience
with
only
dynamically
-
typed
functional
languages
might
lead
to
befuddlement
in
some
places
,
but
a
reader
who
has
come
to
grok
Scheme
deeply
will
probably
be
fine
.
...
...
src/StackMachine.v
View file @
ff307eca
...
...
@@ -23,11 +23,11 @@ As always, you can step through the source file %\texttt{%#<tt>#StackMachine.v#<
With
Proof
General
,
the
portion
of
a
buffer
that
Coq
has
processed
is
highlighted
in
some
way
,
like
being
given
a
blue
background
.
You
step
through
Coq
source
files
by
positioning
the
point
at
the
position
you
want
Coq
to
run
to
and
pressing
C
-
C
C
-
RET
.
This
can
be
used
both
for
normal
step
-
by
-
step
coding
,
by
placing
the
point
inside
some
command
past
the
end
of
the
highlighted
region
;
and
for
undoing
,
by
placing
the
point
inside
the
highlighted
region
.
*
)
(
**
*
Arithmetic
expressions
over
natural
n
umbers
*
)
(
**
*
Arithmetic
Expressions
Over
Natural
N
umbers
*
)
(
**
We
will
begin
with
that
staple
of
compiler
textbooks
,
arithemtic
expressions
over
a
single
type
of
numbers
.
*
)
(
**
**
Source
l
anguage
*
)
(
**
**
Source
L
anguage
*
)
(
**
We
begin
with
the
syntax
of
the
source
language
.
*
)
...
...
@@ -108,7 +108,7 @@ Eval simpl in expDenote (Binop Times (Binop Plus (Const 2) (Const 2)) (Const 7))
=
28
:
nat
]]
*
)
(
**
**
Target
l
anguage
*
)
(
**
**
Target
L
anguage
*
)
(
**
We
will
compile
our
source
programs
onto
a
simple
stack
machine
,
whose
syntax
is
:
*
)
...
...
@@ -190,7 +190,7 @@ Eval simpl in progDenote (compile (Binop Times (Binop Plus (Const 2) (Const 2))
]]
*
)
(
**
**
Translation
c
orrectness
*
)
(
**
**
Translation
C
orrectness
*
)
(
**
We
are
ready
to
prove
that
our
compiler
is
implemented
correctly
.
We
can
use
a
new
vernacular
command
[
Theorem
]
to
start
a
correctness
proof
,
in
terms
of
the
semantics
we
defined
earlier
:
*
)
...
...
@@ -513,11 +513,11 @@ We are almost done. The lefthand and righthand sides can be seen to match by si
Qed
.
(
**
*
Typed
e
xpressions
*
)
(
**
*
Typed
E
xpressions
*
)
(
**
In
this
section
,
we
will
build
on
the
initial
example
by
adding
additional
expression
forms
that
depend
on
static
typing
of
terms
for
safety
.
*
)
(
**
**
Source
l
anguage
*
)
(
**
**
Source
L
anguage
*
)
(
**
We
define
a
trivial
language
of
types
to
classify
our
expressions
:
*
)
...
...
@@ -631,7 +631,7 @@ Eval simpl in texpDenote (TBinop TLt (TBinop TPlus (TNConst 2) (TNConst 2)) (TNC
]]
*
)
(
**
**
Target
l
anguage
*
)
(
**
**
Target
L
anguage
*
)
(
**
Now
we
want
to
define
a
suitable
stack
machine
target
for
compilation
.
In
the
example
of
the
untyped
language
,
stack
machine
programs
could
encounter
stack
underflows
and
"get stuck."
This
was
unfortunate
,
since
we
had
to
deal
with
this
complication
even
though
we
proved
that
our
compiler
never
produced
underflowing
programs
.
We
could
have
used
dependent
types
to
force
all
stack
machine
programs
to
be
underflow
-
free
.
...
...
@@ -785,13 +785,41 @@ Eval simpl in tprogDenote (tcompile (TBinop TLt (TBinop TPlus (TNConst 2) (TNCon
]]
*
)
(
**
**
Translation
correctness
*
)
(
**
**
Translation
Correctness
*
)
(
**
We
can
state
a
correctness
theorem
similar
to
the
last
one
.
*
)
Theorem
tcompileCorrect
:
forall
t
(
e
:
texp
t
)
,
tprogDenote
(
tcompile
e
nil
)
tt
=
(
texpDenote
e
,
tt
)
.
(
*
begin
hide
*
)
Abort
.
(
*
end
hide
*
)
(
**
Again
,
we
need
to
strengthen
the
theorem
statement
so
that
the
induction
will
go
through
.
This
time
,
I
will
develop
an
alternative
approach
to
this
kind
of
proof
,
stating
the
key
lemma
as
:
*
)
Lemma
tcompileCorrect
'
:
forall
t
(
e
:
texp
t
)
ts
(
s
:
vstack
ts
)
,
tprogDenote
(
tcompile
e
ts
)
s
=
(
texpDenote
e
,
s
)
.
(
**
While
lemma
[
compileCorrect
'
]
quantified
over
a
program
that
is
the
"continuation"
for
the
expression
we
are
considering
,
here
we
avoid
drawing
in
any
extra
syntactic
elements
.
In
addition
to
the
source
expression
and
its
type
,
we
also
quantify
over
an
initial
stack
type
and
a
stack
compatible
with
it
.
Running
the
compilation
of
the
program
starting
from
that
stack
,
we
should
arrive
at
a
stack
that
differs
only
in
having
the
program
'
s
denotation
pushed
onto
it
.
Let
us
try
to
prove
this
theorem
in
the
same
way
that
we
settled
on
in
the
last
section
.
*
)
induction
e
;
crush
.
(
**
We
are
left
with
this
unproved
conclusion
:
[[
tprogDenote
(
tconcat
(
tcompile
e2
ts
)
(
tconcat
(
tcompile
e1
(
arg2
::
ts
))
(
TCons
(
TIBinop
ts
t
)
(
TNil
(
res
::
ts
)))))
s
=
(
tbinopDenote
t
(
texpDenote
e1
)
(
texpDenote
e2
)
,
s
)
]]
We
need
an
analogue
to
the
[
app_ass
]
theorem
that
we
used
to
rewrite
the
goal
in
the
last
section
.
We
can
abort
this
proof
and
prove
such
a
lemma
about
[
tconcat
]
.
*
)
Abort
.
Lemma
tconcatCorrect
:
forall
ts
ts
'
ts
''
(
p
:
tprog
ts
ts
'
)
(
p
'
:
tprog
ts
'
ts
''
)
...
...
@@ -801,8 +829,14 @@ Lemma tconcatCorrect : forall ts ts' ts'' (p : tprog ts ts') (p' : tprog ts' ts'
induction
p
;
crush
.
Qed
.
(
**
This
one
goes
through
completely
automatically
.
Some
code
behind
the
scenes
registers
[
app_ass
]
for
use
by
[
crush
]
.
We
must
register
[
tconcatCorrect
]
similarly
to
get
the
same
effect
:
*
)
Hint
Rewrite
tconcatCorrect
:
cpdt
.
(
**
We
ask
that
the
lemma
be
used
for
left
-
to
-
right
rewriting
,
and
we
ask
for
the
hint
to
be
added
to
the
hint
database
called
[
cpdt
]
,
which
is
the
database
used
by
[
crush
]
.
Now
we
are
ready
to
return
to
[
tcompileCorrect
'
]
,
proving
it
automatically
this
time
.
*
)
Lemma
tcompileCorrect
'
:
forall
t
(
e
:
texp
t
)
ts
(
s
:
vstack
ts
)
,
tprogDenote
(
tcompile
e
ts
)
s
...
...
@@ -810,6 +844,8 @@ Lemma tcompileCorrect' : forall t (e : texp t)
induction
e
;
crush
.
Qed
.
(
**
We
can
register
this
main
lemma
as
another
hint
,
allowing
us
to
prove
the
final
theorem
trivially
.
*
)
Hint
Rewrite
tcompileCorrect
'
:
cpdt
.
Theorem
tcompileCorrect
:
forall
t
(
e
:
texp
t
)
,
tprogDenote
(
tcompile
e
nil
)
tt
=
(
texpDenote
e
,
tt
)
.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
