source: Deliverables/D3.1/C-semantics/IOMonad.ma @ 535

Last change on this file since 535 was 487, checked in by campbell, 9 years ago

Port Clight semantics to the new-new matita syntax.

File size: 8.2 KB
RevLine 
[24]1include "extralib.ma".
2include "Errors.ma".
3
4(* IO monad *)
5
[487]6inductive IO (output:Type[0]) (input:output → Type[0]) (T:Type[0]) : Type[0] ≝
[366]7| Interact : ∀o:output. (input o → IO output input T) → IO output input T
8| Value : T → IO output input T
9| Wrong : IO output input T.
[24]10
[487]11let rec bindIO (O:Type[0]) (I:O → Type[0]) (T,T':Type[0]) (v:IO O I T) (f:T → IO O I T') on v : IO O I T' ≝
[24]12match v with
[366]13[ Interact out k ⇒ (Interact ??? out (λres. bindIO O I T T' (k res) f))
[24]14| Value v' ⇒ (f v')
[366]15| Wrong ⇒ Wrong O I T'
[24]16].
17
[487]18let rec bindIO2 (O:Type[0]) (I:O → Type[0]) (T1,T2,T':Type[0]) (v:IO O I (T1×T2)) (f:T1 → T2 → IO O I T') on v : IO O I T' ≝
[24]19match v with
[25]20[ Interact out k ⇒ (Interact ??? out (λres. bindIO2 ?? T1 T2 T' (k res) f))
[487]21| Value v' ⇒ match v' with [ pair v1 v2 ⇒ f v1 v2 ]
[25]22| Wrong ⇒ Wrong ?? T'
[24]23].
24
[487]25definition err_to_io : ∀O,I,T. res T → IO O I T ≝
[366]26λO,I,T,v. match v with [ OK v' ⇒ Value O I T v' | Error ⇒ Wrong O I T ].
[487]27coercion err_to_io : ∀O,I,A.∀c:res A.IO O I A ≝ err_to_io on _c:res ? to IO ???.
28definition err_to_io_sig : ∀O,I,T.∀P:T → Prop. res (Sig T P) → IO O I (Sig T P) ≝
29λO,I,T,P,v. match v with [ OK v' ⇒ Value O I (Sig T P) v' | Error ⇒ Wrong O I (Sig T P) ].
30(*coercion err_to_io_sig : ∀O,I,A.∀P:A → Prop.∀c:res (Sig A P).IO O I (Sig A P) ≝ err_to_io_sig on _c:res (Sig ??) to IO ?? (Sig ??).*)
[24]31
32
33(* If the original definitions are vague enough, do I need to do this? *)
[208]34notation > "! ident v ← e; e'" with precedence 40 for @{'bindIO ${e} (λ${ident v}.${e'})}.
35notation > "! ident v : ty ← e; e'" with precedence 40 for @{'bindIO ${e} (λ${ident v} : ${ty}.${e'})}.
36notation < "vbox(! \nbsp ident v ← e; break e')" with precedence 40 for @{'bindIO ${e} (λ${ident v}.${e'})}.
37notation < "vbox(! \nbsp ident v : ty ← e; break e')" with precedence 40 for @{'bindIO ${e} (λ${ident v} : ${ty}.${e'})}.
38notation > "! 〈ident v1, ident v2〉 ← e; e'" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
39notation > "! 〈ident v1 : ty1, ident v2 : ty2〉 ← e; e'" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
40notation < "vbox(! \nbsp 〈ident v1, ident v2〉 ← e; break e')" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
41notation < "vbox(! \nbsp 〈ident v1 : ty1, ident v2 : ty2〉 ← e; break e')" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
[25]42interpretation "IO monad bind" 'bindIO e f = (bindIO ???? e f).
[487]43interpretation "IO monad Prod bind" 'bindIO2 e f = (bindIO2 ????? e f).
[24]44(**)
[487]45let rec P_io O I (A:Type[0]) (P:A → Prop) (v:IO O I A) on v : Prop ≝
[24]46match v return λ_.Prop with
47[ Wrong ⇒ True
48| Value z ⇒ P z
[366]49| Interact out k ⇒ ∀v'.P_io O I A P (k v')
[24]50].
51
[487]52let rec P_io' O I (A:Type[0]) (P:A → Prop) (v:IO O I A) on v : Prop ≝
[24]53match v return λ_.Prop with
54[ Wrong ⇒ False
55| Value z ⇒ P z
[366]56| Interact out k ⇒ ∀v'.P_io' O I A P (k v')
[24]57].
58
[487]59definition P_to_P_option_io : ∀O,I,A.∀P:A → Prop.option (IO O I A) → Prop ≝
[366]60  λO,I,A,P,a.match a with
[24]61   [ None ⇒ False
[366]62   | Some y ⇒ P_io O I A P y
[24]63   ].
64
[487]65let rec io_inject_0 O I (A:Type[0]) (P:A → Prop) (a:IO O I A) (p:P_io O I A P a) on a : IO O I (Sig A P) ≝
[366]66(match a return λa'.P_io O I A P a' → ? with
67 [ Wrong ⇒ λ_. Wrong O I ?
[487]68 | Value c ⇒ λp'. Value ??? (dp A P c p')
[366]69 | Interact out k ⇒ λp'. Interact ??? out (λv. io_inject_0 O I A P (k v) (p' v))
[211]70 ]) p.
[24]71
[487]72definition io_inject : ∀O,I,A.∀P:A → Prop.∀a:option (IO O I A).∀p:P_to_P_option_io O I A P a.IO O I (Sig A P) ≝
[366]73  λO,I,A.λP:A → Prop.λa:option (IO O I A).λp:P_to_P_option_io O I A P a.
[487]74  (match a return λa'.P_to_P_option_io O I A P a' → IO O I (Sig A P) with
[211]75   [ None ⇒ λp'.?
[366]76   | Some b ⇒ λp'. io_inject_0 O I A P b p'
[211]77   ]) p.
[487]78elim p'; qed.
[24]79
[487]80let rec io_eject O I (A:Type[0]) (P: A → Prop) (a:IO O I (Sig A P)) on a : IO O I A ≝
[24]81match a with
[25]82[ Wrong ⇒ Wrong ???
[487]83| Value b ⇒ match b with [ dp w p ⇒ Value ??? w]
[25]84| Interact out k ⇒ Interact ??? out (λv. io_eject ?? A P (k v))
[24]85].
86
[487]87coercion io_inject :
88  ∀O,I,A.∀P:A → Prop.∀a.∀p:P_to_P_option_io O I ? P a.IO O I (Sig A P) ≝ io_inject
89  on a:option (IO ???) to IO ?? (Sig ? ?).
90coercion io_eject : ∀O,I,A.∀P:A → Prop.∀c:IO O I (Sig A P).IO O I A ≝ io_eject
91  on _c:IO ?? (Sig ? ?) to IO ???.
[24]92
[487]93definition opt_to_io : ∀O,I,T.option T → IO O I T ≝
[366]94λO,I,T,v. match v with [ None ⇒ Wrong ?? T | Some v' ⇒ Value ??? v' ].
[487]95coercion opt_to_io : ∀O,I,T.∀v:option T. IO O I T ≝ opt_to_io on _v:option ? to IO ???.
[24]96
[487]97lemma sig_bindIO_OK: ∀O,I,A,B. ∀P:A → Prop. ∀P':B → Prop. ∀e:IO O I (Sig A P). ∀f:Sig A P → IO O I B.
98  (∀v:A. ∀p:P v. P_io O I ? P' (f (dp A P v p))) →
99  P_io O I ? P' (bindIO O I (Sig A P) B e f).
100#O #I #A #B #P #P' #e #f elim e;
101[ #out #k #IH #IH' whd; #res @IH //;
102| #v0 elim v0; #v #Hv #IH whd; @IH
103| //;
104] qed.
[24]105
[487]106lemma sig_bindIO2_OK: ∀O,I,A,B,C. ∀P:(A×B) → Prop. ∀P':C → Prop. ∀e:IO O I (Sig (A×B) P). ∀f: A → B → IO O I C.
[366]107  (∀vA:A.∀vB:B. ∀p:P 〈vA,vB〉. P_io O I ? P' (f vA vB)) →
108  P_io O I ? P' (bindIO2 O I A B C e f).
[487]109#I #O #A #B #C #P #P' #e #f elim e;
110[ #out #k #IH #IH' whd; #res @IH @IH'
111| #v0 elim v0; #v elim v; #vA #vB #Hv #IH @IH //;
112| //;
113] qed.
[24]114
[487]115lemma opt_bindIO_OK: ∀O,I,A,B. ∀P:B → Prop. ∀e:option A. ∀f: A → IO O I B.
[366]116  (∀v:A. e = Some A v → P_io O I ? P (f v)) →
117  P_io O I ? P (bindIO O I A B e f).
[487]118#I #O #A #B #P #e elim e; //; #v #f #H @H //;
119qed.
[24]120
[487]121lemma opt_bindIO2_OK: ∀O,I,A,B,C. ∀P:C → Prop. ∀e:option (A×B). ∀f: A → B → IO O I C.
[366]122  (∀vA:A.∀vB:B. e = Some (A×B) 〈vA,vB〉 → P_io O I ? P (f vA vB)) →
123  P_io O I ? P (bindIO2 O I A B C e f).
[487]124#I #O #A #B #C #P #e elim e; //; #v cases v; #vA #vB #f #H @H //;
125qed.
[125]126
[487]127lemma res_bindIO_OK: ∀O,I,A,B. ∀P:B → Prop. ∀e:res A. ∀f: A → IO O I B.
[366]128  (∀v:A. e = OK A v → P_io O I ? P (f v)) →
129  P_io O I ? P (bindIO O I A B e f).
[487]130#I #O #A #B #P #e elim e; //; #v #f #H @H //;
131qed.
[251]132
[487]133lemma res_bindIO2_OK: ∀O,I,A,B,C. ∀P:C → Prop. ∀e:res (A×B). ∀f: A → B → IO O I C.
[366]134  (∀vA:A.∀vB:B. e = OK (A×B) 〈vA,vB〉 → P_io O I ? P (f vA vB)) →
135  P_io O I ? P (bindIO2 O I A B C e f).
[487]136#I #O #A #B #C #P #e elim e; //; #v cases v; #vA #vB #f #H @H //;
137qed.
[251]138
[487]139lemma bindIO_OK: ∀O,I,A,B. ∀P:B → Prop. ∀e:IO O I A. ∀f: A → IO O I B.
[366]140  (∀v:A. P_io O I ? P (f v)) →
141  P_io O I ? P (bindIO O I A B e f).
[487]142#I #O #A #B #P #e elim e;
143[ #out #k #IH #f #H whd; #res @IH //;
144| #v #f #H @H
145| //;
146] qed.
[24]147
[487]148lemma bindIO2_OK: ∀O,I,A,B,C. ∀P:C → Prop. ∀e:IO O I (A×B). ∀f: A → B → IO O I C.
[366]149  (∀v1:A.∀v2:B. P_io O I ? P (f v1 v2)) →
150  P_io O I ? P (bindIO2 O I A B C e f).
[487]151#I #O #A #B #C #P #e elim e;
152[ #out #k #IH #f #H whd; #res @IH //;
153| #v cases v; #v1 #v2 #f #H @H
154| //;
155] qed.
[252]156
[487]157lemma P_bindIO_OK: ∀O,I,A,B. ∀P':A → Prop. ∀P:B → Prop. ∀e:IO O I A. ∀f: A → IO O I B.
[252]158  P_io … P' e →
[366]159  (∀v:A. P' v → P_io O I ? P (f v)) →
160  P_io O I ? P (bindIO O I A B e f).
[487]161#I #O #A #B #P' #P #e elim e;
162[ #out #k #IH #f #He #H whd in He ⊢ %; #res @IH /2/;
163| #v #f #He #H @H @He
164| //;
165] qed.
[252]166
[487]167lemma P_bindIO2_OK: ∀O,I,A,B,C. ∀P':A×B → Prop. ∀P:C → Prop. ∀e:IO O I (A×B). ∀f: A → B → IO O I C.
[252]168  P_io … P' e →
[366]169  (∀v1:A.∀v2:B. P' 〈v1,v2〉 → P_io O I ? P (f v1 v2)) →
170  P_io O I ? P (bindIO2 O I A B C e f).
[487]171#I #O #A #B #C #P' #P #e elim e;
172[ #out #k #IH #f #He #H whd in He ⊢ %; #res @IH /2/;
173| #v cases v; #v1 #v2 #f #He #H @H @He
174| //;
175] qed.
[252]176
177
[411]178(* Is there a way to prove this without extensionality? *)
[24]179
[487]180lemma bind_assoc_r: ∀O,I,A,B,C,e,f,g.
181  ∀ext:(∀T1,T2:Type[0].∀f,f':T1 → T2.(∀x.f x = f' x) → f = f').
[411]182  bindIO O I B C (bindIO O I A B e f) g = bindIO O I A C e (λx.bindIO O I B C (f x) g).
[487]183#O #I #A #B #C #e #f #g #ext elim e;
184[ #o #k #IH whd in ⊢ (??%%); @eq_f
185    @ext @IH
186| #v @refl
187| @refl
188] qed.
[24]189
[487]190(*
191lemma extract_subset_pair_io: ∀O,I,A,B,C,P. ∀e:{e:A×B | P e}. ∀Q:A→B→IO O I C. ∀R:C→Prop.
[366]192  (∀a,b. eject ?? e = 〈a,b〉 → P 〈a,b〉 → P_io O I ? R (Q a b)) →
[487]193  P_io O I ? R (match eject ?? e with [ pair a b ⇒ Q a b ]).
194#I #O #A #B #C #P #e #Q #R cases e; #e' cases e'; normalize;
195[ *;
196| #e'' cases e''; #a #b #Pab #H normalize; /2/;
197] qed.
198*)
Note: See TracBrowser for help on using the repository browser.