cs152-lecture-code/code01_simplified.dfy at main · HarvardPL/cs152-lecture-code · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
datatype exp =
| EInt(v: int)
| EVar(x: string)
| EAdd(e1: exp, e2: exp)

function eval(e: exp, env: string -> int): int
{
    match e
    case EInt(v) => v
    case EVar(x) => env(x)
    case EAdd(e1, e2) => eval(e1, env) + eval(e2, env)
}

function optimize(e: exp): exp
{
    match e
    case EInt(v) => e
    case EVar(x) => e
    case EAdd(e1, e2) => (match (optimize(e1), optimize(e2))
        case (EInt(0), e2) => e2
        case (e1, EInt(0)) => e1
        case (e1, e2) => EAdd(e1, e2))
}

lemma OptimizerPreservesSemantics(e: exp, env: string -> int)
ensures eval(optimize(e), env) == eval(e, env)
{
}

predicate {:spec} optimal(e: exp)
{
    match e
    case EInt(_) => true
    case EVar(_) => true
    case EAdd(EInt(0), _) => false
    case EAdd(_, EInt(0)) => false
    case EAdd(e1, e2) => optimal(e1) && optimal(e2)
}

lemma OptimizerIsOptimal(e: exp)
ensures optimal(optimize(e))
{
    // Structural induction on e
    match e {
        case EInt(v) => {
        }
        case EVar(x) => {
        }
        case EAdd(e1, e2) => {
            OptimizerIsOptimal(e1);
            OptimizerIsOptimal(e2);
        }
    }
}