@@ -201,6 +201,8 @@ Right-hand sides of sums can take a step only when the
201201> (C (0 + 3 )))
202202> test_step_2 = ? test_step_2_rhs
203203
204+ $\ square$
205+
204206== Relations
205207
206208We will be working with several different single- step relations,
@@ -391,6 +393,7 @@ Most of this proof is the same as the one above. But to get
391393> step_deterministic' = ?step_deterministic_rhs
392394>
393395
396+ $\square$
394397
395398=== Strong Progress and Normal Forms
396399
@@ -529,6 +532,8 @@ We might, for example, mistakenly define `value` so that it
529532> value_not_same_as_normal_form : (v : Tm ** (Value' v, Not (normal_form Step'' v)))
530533> value_not_same_as_normal_form = ?value_not_same_as_normal_form_rhs
531534
535+ $\square$
536+
532537==== Exercise: 2 stars, optional (value_not_same_as_normal_form2)
533538
534539Alternatively, we might mistakenly define `step` so that it
@@ -553,6 +558,8 @@ Alternatively, we might mistakenly define `step` so that it
553558> value_not_same_as_normal_form''' : (v : Tm ** (Value v, Not (normal_form Step''' v)))
554559> value_not_same_as_normal_form''' = ?value_not_same_as_normal_form_rhs'''
555560
561+ $\square$
562+
556563==== Exercise: 3 stars, optional (value_not_same_as_normal_form3)
557564
558565Finally, we might define `value` and `step` so that there is some
@@ -578,6 +585,8 @@ Finally, we might define `value` and `step` so that there is some
578585> value_not_same_as_normal_form'''' : (t : Tm ** (Not (Value t), normal_form Step'''' t))
579586> value_not_same_as_normal_form'''' = ?value_not_same_as_normal_form_rhs''''
580587
588+ $\square$
589+
581590
582591=== Additional Exercises
583592
@@ -636,6 +645,8 @@ Which of the following propositions are provable? (This is just a
636645> Tfalse
637646> bool_step_prop3 = ?bool_step_prop3_rhs
638647
648+ $\square$
649+
639650
640651==== Exercise: 3 stars, optional (progress_bool)
641652
@@ -693,6 +704,8 @@ Write an extra clause for the step relation that achieves this
693704> bool_step_prop4_holds : bool_step_prop4
694705> bool_step_prop4_holds = ?bool_step_prop4_holds_rhs
695706
707+ $\square$
708+
696709
697710==== Exercise: 3 stars, optional (properties_of_altered_step)
698711It can be shown that the determinism and strong progress theorems
@@ -711,9 +724,11 @@ Optional: prove your answer correct in Idris.
711724 Optional: prove your answer correct in Idris.
712725
713726In general, is there any way we could cause strong progress to
714- fail if we took away one or more constructors from the original
715- step relation? Write yes or no and briefly (1 sentence) explain
716- your answer.
727+ fail if we took away one or more constructors from the original
728+ step relation? Write yes or no and briefly (1 sentence) explain
729+ your answer.
730+
731+ $\square$
717732
718733== Multi-Step Reduction
719734
@@ -823,6 +838,8 @@ Here's a specific instance of the `multi step` relation:
823838> test_multistep_2: C 3 ->>* C 3
824839> test_multistep_2 = ?test_multistep_2_rhs
825840
841+ $\square$
842+
826843==== Exercise: 1 star, optional (test_multistep_3)
827844
828845> test_multistep_3:
@@ -831,6 +848,8 @@ Here's a specific instance of the `multi step` relation:
831848> P (C 0) (C 3)
832849> test_multistep_3 = ?test_multistep_3_rhs
833850
851+ $\square$
852+
834853==== Exercise: 2 stars (test_multistep_4)
835854
836855> test_multistep_4:
@@ -845,6 +864,8 @@ Here's a specific instance of the `multi step` relation:
845864> (C (2 + (0 + 3)))
846865> test_multistep_4 = ?test_multistep_4_rhs
847866
867+ $\square$
868+
848869=== Normal Forms Again
849870
850871If `t` reduces to `t'` in zero or more steps and `t'` is a
@@ -868,6 +889,7 @@ We have already seen that, for our language, single-step reduction is
868889> normal_forms_unique : deterministic Smallstep.normal_form_of
869890> normal_forms_unique (l,r) (l2,r2) = ?normal_forms_unique_rhs
870891
892+ $\square$
871893
872894Indeed, something stronger is true for this language (though not
873895 for all languages): the reduction of _any_ term `t` will
@@ -900,6 +922,8 @@ node whose left-hand child is a value.
900922> multistep_congr_2 : {v:Value t1} -> (t2 ->>* t2') -> ((P t1 t2) ->>* P t1 t2')
901923> multistep_congr_2 {v=V_const i} mult = ?multistep_congr_2_rhs
902924
925+ $\square$
926+
903927With these lemmas in hand, the main proof is a straightforward
904928 induction.
905929
@@ -978,6 +1002,8 @@ Having defined the operational semantics of our tiny programming
9781002> eval__multistep: {t: Tm} -> {n: Nat} -> t >>> n -> t ->>* C n
9791003> eval__multistep hyp = ?eval__multistep_rhs
9801004
1005+ $\square$
1006+
9811007The key ideas in the proof can be seen in the following picture:
9821008
9831009```
@@ -1016,7 +1042,7 @@ To formalize this intuition, you'll need to use the congruence
10161042
10171043Write a detailed informal version of the proof of `eval__multistep`
10181044
1019- (* FILL IN HERE *)
1045+ $\square$
10201046
10211047For the other direction, we need one lemma, which establishes a
10221048 relation between single-step reduction and big-step evaluation.
@@ -1029,39 +1055,44 @@ For the other direction, we need one lemma, which establishes a
10291055> t >>> n
10301056> step__eval h1 h2 = ?step__eval_rhs
10311057
1058+ $\square$
1059+
10321060The fact that small-step reduction implies big-step evaluation is
1033- now straightforward to prove, once it is stated correctly.
1061+ now straightforward to prove, once it is stated correctly.
10341062
10351063The proof proceeds by induction on the multi-step reduction
1036- sequence that is buried in the hypothesis `normal_form_of t t'`.
1064+ sequence that is buried in the hypothesis `normal_form_of t t'`.
10371065
10381066Make sure you understand the statement before you start to
1039- work on the proof.
1067+ work on the proof.
10401068
10411069==== Exercise: 3 stars (multistep__eval)
10421070
10431071> multistep__eval : {t, t': Tm} ->
10441072> normal_form_of t t' -> (n : Nat ** (t' = C n, t >>> n))
10451073> multistep__eval hyp = ?multistep__eval_rhs
10461074
1075+ $\square$
10471076
10481077=== Additional Exercises
10491078
10501079==== Exercise: 3 stars, optional (interp_tm)
10511080
10521081Remember that we also defined big-step evaluation of terms as a
1053- function `evalF`. Prove that it is equivalent to the existing
1054- semantics. (Hint: we just proved that `eval` and `multistep` are
1055- equivalent, so logically it doesn't matter which you choose.
1056- One will be easier than the other, though!)
1082+ function `evalF`. Prove that it is equivalent to the existing
1083+ semantics. (Hint: we just proved that `eval` and `multistep` are
1084+ equivalent, so logically it doesn't matter which you choose.
1085+ One will be easier than the other, though!)
10571086
10581087> evalF_eval : {t: Tm} -> {n: Nat} -> ((evalF t = n) <-> (t >>> n))
1088+ > evalF_eval = ?evalF_eval_rhs
1089+
1090+ $\square$
10591091
10601092==== Exercise: 4 stars (combined_properties)
10611093
10621094We've considered arithmetic and conditional expressions
1063- separately. This exercise explores how the two interact.
1064-
1095+ separately. This exercise explores how the two interact.
10651096
10661097> data TmC : Type where
10671098> CC : Nat -> TmC
@@ -1075,7 +1106,6 @@ We've considered arithmetic and conditional expressions
10751106> V_trueC : ValueC TtrueC
10761107> V_falseC : ValueC TfalseC
10771108
1078-
10791109> mutual
10801110> infixl 6 >>->
10811111> (>>->) : TmC -> TmC -> Type
@@ -1101,7 +1131,7 @@ Formally prove or disprove these two properties for the combined
11011131language. (That is, state a theorem saying that the property
11021132holds or does not hold, and prove your theorem.)
11031133
1104- (* FILL IN HERE *)
1134+ $\square$
11051135
11061136 <!--
11071137
@@ -1510,6 +1540,4 @@ Proof.
15101540(* FILL IN HERE *) Admitted.
15111541(** [] *)
15121542
1513- (** $Date$ *)
1514-
15151543-->
0 commit comments