Documentation

Std.Do.WP.SimpLemmas

Simp lemmas for working with weakest preconditions #

Many weakest preconditions are so simple that we can compute them directly or express them in terms of "simpler" weakest preconditions. This module provides simp lemmas targeting expressions of the form wp⟦x⟧ Q and rewrites them to expressions of simpler weakest preconditions.

`WP` #

@[simp]

theorem Std.Do.WP.ReaderT_run {m : Type → Type u} {ps : PostShape} {ρ α : Type} {r : ρ} {Q : PostCond α ps} [WP m ps] (x : ReaderT ρ m α) :

wp⟦x.run r⟧ Q = wp⟦x⟧ (fun (a : α) (x : ρ) => Q.fst a, Q.snd) r

@[simp]

theorem Std.Do.WP.StateT_run {m : Type → Type u} {ps : PostShape} {σ α : Type} {s : σ} {Q : PostCond (α × σ) ps} [WP m ps] (x : StateT σ m α) :

wp⟦x.run s⟧ Q = wp⟦x⟧ (fun (a : α) (s : σ) => Q.fst (a, s), Q.snd) s

@[simp]

theorem Std.Do.WP.ExceptT_run {m : Type → Type u} {ps : PostShape} {ε α : Type} {Q : PostCond (Except ε α) ps} [WP m ps] (x : ExceptT ε m α) :

wp⟦x.run⟧ Q = wp⟦x⟧ (fun (a : α) => Q.fst (Except.ok a), fun (e : ε) => Q.fst (Except.error e), Q.snd)

`WPMonad` #

@[simp]

theorem Std.Do.WP.pure {m : Type → Type u} {ps : PostShape} {α : Type} [Monad m] [WPMonad m ps] (a : α) (Q : PostCond α ps) :

wp⟦Pure.pure a⟧ Q = Q.fst a

@[simp]

theorem Std.Do.WP.bind {m : Type → Type u} {ps : PostShape} {α β : Type} [Monad m] [WPMonad m ps] (x : m α) (f : α → m β) (Q : PostCond β ps) :

wp⟦x >>= f⟧ Q = wp⟦x⟧ (fun (a : α) => wp⟦f a⟧ Q, Q.snd)

@[simp]

theorem Std.Do.WP.map {m : Type → Type u} {ps : PostShape} {α β : Type} [Monad m] [WPMonad m ps] (f : α → β) (x : m α) (Q : PostCond β ps) :

wp⟦f <$> x⟧ Q = wp⟦x⟧ (fun (a : α) => Q.fst (f a), Q.snd)

@[simp]

theorem Std.Do.WP.seq {m : Type → Type u} {ps : PostShape} {α β : Type} [Monad m] [WPMonad m ps] (f : m (α → β)) (x : m α) (Q : PostCond β ps) :

wp⟦f <*> x⟧ Q = wp⟦f⟧ (fun (f : α → β) => wp⟦x⟧ (fun (a : α) => Q.fst (f a), Q.snd), Q.snd)

`MonadLift` #

The definitions that follow interpret liftM and thus instances of, e.g., MonadStateOf.

@[simp]

theorem Std.Do.WP.monadLift_StateT {m : Type → Type u} {ps : PostShape} {α σ : Type} [Monad m] [WPMonad m ps] (x : m α) (Q : PostCond α (PostShape.arg σ ps)) :

wp⟦MonadLift.monadLift x⟧ Q = fun (s : σ) => wp⟦x⟧ (fun (a : α) => Q.fst a s, Q.snd)

@[simp]

theorem Std.Do.WP.monadLift_ReaderT {m : Type → Type u} {ps : PostShape} {α ρ : Type} [Monad m] [WPMonad m ps] (x : m α) (Q : PostCond α (PostShape.arg ρ ps)) :

wp⟦MonadLift.monadLift x⟧ Q = fun (s : ρ) => wp⟦x⟧ (fun (a : α) => Q.fst a s, Q.snd)

@[simp]

theorem Std.Do.WP.monadLift_ExceptT {m : Type → Type u} {ps : PostShape} {α ε : Type} [Monad m] [WPMonad m ps] (x : m α) (Q : PostCond α (PostShape.except ε ps)) :

wp⟦MonadLift.monadLift x⟧ Q = wp⟦x⟧ (fun (a : α) => Q.fst a, Q.snd.snd)

@[simp]

theorem Std.Do.WP.monadLift_trans {m : Type → Type u} {ps : PostShape} {o : Type → Type u_1} {n : Type → Type u_2} {α : Type} {x : m α} {Q : PostCond α ps} [WP o ps] [MonadLift n o] [MonadLiftT m n] :

wp⟦monadLift x⟧ Q = wp⟦MonadLift.monadLift (monadLift x)⟧ Q

@[simp]

theorem Std.Do.WP.monadLift_refl {m : Type → Type u} {ps : PostShape} {α : Type} {x : m α} {Q : PostCond α ps} [WP m ps] :

wp⟦monadLift x⟧ Q = wp⟦x⟧ Q

@[simp]

theorem Std.Do.WP.lift_StateT {m : Type → Type u} {ps : PostShape} {α σ : Type} {Q : PostCond α (PostShape.arg σ ps)} [WP m ps] [Monad m] (x : m α) :

wp⟦StateT.lift x⟧ Q = wp⟦MonadLift.monadLift x⟧ Q

@[simp]

theorem Std.Do.WP.lift_ExceptT {m : Type → Type u} {ps : PostShape} {α ε : Type} {Q : PostCond α (PostShape.except ε ps)} [WP m ps] [Monad m] (x : m α) :

wp⟦ExceptT.lift x⟧ Q = wp⟦MonadLift.monadLift x⟧ Q

@[simp]

theorem Std.Do.WP.read_MonadReaderOf {m : Type → Type u} {ρ : Type} {n : Type → Type u_1} {s✝ : PostShape} {Q : PostCond ρ s✝} [MonadReaderOf ρ m] [MonadLift m n] [WP n s✝] :

wp⟦MonadReaderOf.read ⟧ Q = wp⟦MonadLift.monadLift read⟧ Q

@[simp]

theorem Std.Do.WP.readThe {m : Type → Type u} {ps : PostShape} {ρ : Type} {Q : PostCond ρ ps} [MonadReaderOf ρ m] [WP m ps] :

wp⟦_root_.readThe ρ⟧ Q = wp⟦MonadReaderOf.read ⟧ Q

@[simp]

theorem Std.Do.WP.read_MonadReader {m : Type → Type u} {ps : PostShape} {ρ : Type} {Q : PostCond ρ ps} [MonadReaderOf ρ m] [WP m ps] :

wp⟦read ⟧ Q = wp⟦MonadReaderOf.read ⟧ Q

@[simp]

theorem Std.Do.WP.get_MonadStateOf {m : Type → Type u} {σ : Type} {n : Type → Type u_1} {s✝ : PostShape} {Q : PostCond σ s✝} [MonadStateOf σ m] [MonadLift m n] [WP n s✝] :

wp⟦MonadStateOf.get ⟧ Q = wp⟦MonadLift.monadLift MonadStateOf.get⟧ Q

@[simp]

theorem Std.Do.WP.get_MonadState {m : Type → Type u} {ps : PostShape} {σ : Type} {Q : PostCond σ ps} [WP m ps] [MonadStateOf σ m] :

wp⟦get ⟧ Q = wp⟦MonadStateOf.get ⟧ Q

@[simp]

theorem Std.Do.WP.getThe_MonadStateOf {m : Type → Type u} {ps : PostShape} {σ : Type} {Q : PostCond σ ps} [WP m ps] [MonadStateOf σ m] :

wp⟦getThe σ⟧ Q = wp⟦MonadStateOf.get ⟧ Q

@[simp]

theorem Std.Do.WP.set_MonadStateOf {m : Type → Type u} {σ : Type} {n : Type → Type u_1} {x : σ} {s✝ : PostShape} {Q : PostCond PUnit s✝} [MonadStateOf σ m] [MonadLift m n] [WP n s✝] :

wp⟦set x⟧ Q = wp⟦MonadLift.monadLift (set x)⟧ Q

@[simp]

theorem Std.Do.WP.set_MonadState {m : Type → Type u} {ps : PostShape} {σ : Type} {x : σ} {Q : PostCond PUnit ps} [WP m ps] [MonadStateOf σ m] :

wp⟦MonadState.set x⟧ Q = wp⟦set x⟧ Q

@[simp]

theorem Std.Do.WP.modifyGet_MonadStateOf {m : Type → Type u} {σ : Type} {n : Type → Type u_1} {α : Type} {s✝ : PostShape} {Q : PostCond α s✝} [MonadStateOf σ m] [MonadLift m n] [WP n s✝] (f : σ → α × σ) :

wp⟦MonadStateOf.modifyGet f⟧ Q = wp⟦MonadLift.monadLift (modifyGet f)⟧ Q

@[simp]

theorem Std.Do.WP.modifyGet_MonadState {m : Type → Type u} {ps : PostShape} {σ α : Type} {Q : PostCond α ps} [WP m ps] [MonadStateOf σ m] (f : σ → α × σ) :

wp⟦modifyGet f⟧ Q = wp⟦MonadStateOf.modifyGet f⟧ Q

@[simp]

theorem Std.Do.WP.modifyGetThe_MonadStateOf {m : Type → Type u} {ps : PostShape} {σ α : Type} {Q : PostCond α ps} [WP m ps] [MonadStateOf σ m] (f : σ → α × σ) :

wp⟦modifyGetThe σ f⟧ Q = wp⟦MonadStateOf.modifyGet f⟧ Q

@[simp]

theorem Std.Do.WP.modify_MonadStateOf {m : Type → Type u} {ps : PostShape} {σ : Type} {Q : PostCond PUnit ps} [WP m ps] [MonadStateOf σ m] (f : σ → σ) :

wp⟦modify f⟧ Q = wp⟦MonadStateOf.modifyGet fun (s : σ) => ((), f s)⟧ Q

@[simp]

theorem Std.Do.WP.modifyThe_MonadStateOf {m : Type → Type u} {ps : PostShape} {σ : Type} {Q : PostCond PUnit ps} [WP m ps] [MonadStateOf σ m] (f : σ → σ) :

wp⟦modifyThe σ f⟧ Q = wp⟦MonadStateOf.modifyGet fun (s : σ) => ((), f s)⟧ Q

@[simp]

theorem Std.Do.WP.read_ReaderT {m : Type → Type u} {ps : PostShape} {ρ : Type} {Q : PostCond ρ (PostShape.arg ρ ps)} [Monad m] [WPMonad m ps] :

wp⟦MonadReaderOf.read ⟧ Q = fun (r : ρ) => Q.fst r r

@[simp]

theorem Std.Do.WP.get_StateT {m : Type → Type u} {ps : PostShape} {σ : Type} {Q : PostCond σ (PostShape.arg σ ps)} [Monad m] [WPMonad m ps] :

wp⟦MonadStateOf.get ⟧ Q = fun (s : σ) => Q.fst s s

@[simp]

theorem Std.Do.WP.set_StateT {m : Type → Type u} {ps : PostShape} {σ : Type} {Q : PostCond PUnit (PostShape.arg σ ps)} [Monad m] [WPMonad m ps] (x : σ) :

wp⟦set x⟧ Q = fun (x_1 : σ) => Q.fst PUnit.unit x

@[simp]

theorem Std.Do.WP.modifyGet_StateT {m : Type → Type u} {ps : PostShape} {σ α : Type} {Q : PostCond α (PostShape.arg σ ps)} [Monad m] [WPMonad m ps] (f : σ → α × σ) :

wp⟦MonadStateOf.modifyGet f⟧ Q = fun (s : σ) => Q.fst (f s).fst (f s).snd

@[simp]

theorem Std.Do.WP.get_EStateM {ε σ : Type} {Q : PostCond σ (PostShape.except ε (PostShape.arg σ PostShape.pure))} :

wp⟦MonadStateOf.get ⟧ Q = fun (s : σ) => Q.fst s s

@[simp]

theorem Std.Do.WP.set_EStateM {σ ε : Type} {Q : PostCond PUnit (PostShape.except ε (PostShape.arg σ PostShape.pure))} (x : σ) :

wp⟦set x⟧ Q = fun (x_1 : σ) => Q.fst PUnit.unit x

@[simp]

theorem Std.Do.WP.modifyGet_EStateM {σ α ε : Type} {Q : PostCond α (PostShape.except ε (PostShape.arg σ PostShape.pure))} (f : σ → α × σ) :

wp⟦MonadStateOf.modifyGet f⟧ Q = fun (s : σ) => Q.fst (f s).fst (f s).snd

`MonadFunctor` #

The definitions that follow interpret monadMap and thus instances of, e.g., MonadReaderWithOf.

@[simp]

theorem Std.Do.WP.monadMap_StateT {ps : PostShape} {σ : Type} (m : Type → Type u) [Monad m] [WP m ps] (f : {β : Type} → m β → m β) {α : Type} (x : StateT σ m α) (Q : PostCond α (PostShape.arg σ ps)) :

wp⟦MonadFunctor.monadMap (fun {β : Type} => f) x⟧ Q = fun (s : σ) => wp⟦f (x.run s)⟧ (fun (x : α × σ) => match x with | (a, s) => Q.fst a s, Q.snd)

@[simp]

theorem Std.Do.WP.monadMap_ReaderT {ps : PostShape} {ρ : Type} (m : Type → Type u) [Monad m] [WP m ps] (f : {β : Type} → m β → m β) {α : Type} (x : ReaderT ρ m α) (Q : PostCond α (PostShape.arg ρ ps)) :

wp⟦MonadFunctor.monadMap (fun {β : Type} => f) x⟧ Q = fun (s : ρ) => wp⟦f (x.run s)⟧ (fun (a : α) => Q.fst a s, Q.snd)

@[simp]

theorem Std.Do.WP.monadMap_ExceptT {ps : PostShape} {ε : Type} (m : Type → Type u) [Monad m] [WP m ps] (f : {β : Type} → m β → m β) {α : Type} (x : ExceptT ε m α) (Q : PostCond α (PostShape.except ε ps)) :

wp⟦MonadFunctor.monadMap (fun {β : Type} => f) x⟧ Q = wp⟦f x.run⟧ (fun (x : Except ε α) => match x with | Except.ok a => Q.fst a | Except.error e => Q.snd.fst e, Q.snd.snd)

@[simp]

theorem Std.Do.WP.monadMap_trans {m : Type → Type u} {ps : PostShape} {o : Type → Type u_1} {n : Type → Type u_2} {α : Type} {f : {β : Type} → m β → m β} {x : o α} {Q : PostCond α ps} [WP o ps] [MonadFunctor n o] [MonadFunctorT m n] :

wp⟦monadMap f x⟧ Q = wp⟦MonadFunctor.monadMap (fun {β : Type} => monadMap fun {β : Type} => f) x⟧ Q

@[simp]

theorem Std.Do.WP.monadMap_refl {m : Type → Type u} {ps : PostShape} {α : Type} {f : {β : Type} → m β → m β} {x : m α} {Q : PostCond α ps} [WP m ps] :

wp⟦monadMap f x⟧ Q = wp⟦f x⟧ Q

@[simp]

theorem Std.Do.WP.withReader_ReaderT {m : Type → Type u} {ps : PostShape} {ρ α : Type} {f : ρ → ρ} {x : ReaderT ρ m α} {Q : PostCond α (PostShape.arg ρ ps)} [WP m ps] :

wp⟦MonadWithReaderOf.withReader f x⟧ Q = fun (r : ρ) => wp⟦x⟧ (fun (a : α) (x : ρ) => Q.fst a r, Q.snd) (f r)

@[simp]

theorem Std.Do.WP.withReader_MonadWithReaderOf {m : Type → Type u} {ρ : Type} {n : Type → Type u} {nsh : PostShape} {α : Type} {Q : PostCond α nsh} [MonadWithReaderOf ρ m] [WP n nsh] [MonadFunctor m n] (f : ρ → ρ) (x : n α) :

wp⟦MonadWithReaderOf.withReader f x⟧ Q = wp⟦MonadFunctor.monadMap (fun {β : Type} => MonadWithReaderOf.withReader f) x⟧ Q

@[simp]

theorem Std.Do.WP.withReader_MonadWithReader {m : Type → Type u} {ps : PostShape} {ρ α : Type} {Q : PostCond α ps} [MonadWithReaderOf ρ m] [WP m ps] (f : ρ → ρ) (x : m α) :

wp⟦withReader f x⟧ Q = wp⟦MonadWithReaderOf.withReader f x⟧ Q

@[simp]

theorem Std.Do.WP.withTheReader {m : Type → Type u} {ps : PostShape} {ρ α : Type} {Q : PostCond α ps} [MonadWithReaderOf ρ m] [WP m ps] (f : ρ → ρ) (x : m α) :

wp⟦_root_.withTheReader ρ f x⟧ Q = wp⟦MonadWithReaderOf.withReader f x⟧ Q

`MonadExceptOf` #

The definitions that follow interpret throw, throwThe, tryCatch, etc.

Since MonadExceptOf cannot be lifted through MonadLift or MonadFunctor, there is one lemma per MonadExceptOf operation and instance to lift through; the classic m*n instances problem.

@[simp]

theorem Std.Do.WP.throw_MonadExcept {m : Type → Type u} {ps : PostShape} {ε : Type u_1} {α : Type} {e : ε} {Q : PostCond α ps} [MonadExceptOf ε m] [WP m ps] :

wp⟦throw e⟧ Q = wp⟦MonadExceptOf.throw e⟧ Q

@[simp]

theorem Std.Do.WP.throwThe {m : Type → Type u} {ps : PostShape} {ε : Type u_1} {α : Type} {e : ε} {Q : PostCond α ps} [MonadExceptOf ε m] [WP m ps] :

wp⟦_root_.throwThe ε e⟧ Q = wp⟦MonadExceptOf.throw e⟧ Q

@[simp]

theorem Std.Do.WP.throw_Except {ε α : Type} {e : ε} {Q : PostCond α (PostShape.except ε PostShape.pure)} :

wp⟦MonadExceptOf.throw e⟧ Q = Q.snd.fst e

@[simp]

theorem Std.Do.WP.throw_ExceptT {m : Type → Type u} {ps : PostShape} {ε α : Type} {e : ε} {Q : PostCond α (PostShape.except ε ps)} [Monad m] [WPMonad m ps] :

wp⟦MonadExceptOf.throw e⟧ Q = Q.snd.fst e

@[simp]

theorem Std.Do.WP.throw_EStateM {ε σ α : Type} {e : ε} {Q : PostCond α (PostShape.except ε (PostShape.arg σ PostShape.pure))} :

wp⟦MonadExceptOf.throw e⟧ Q = Q.snd.fst e

@[simp]

theorem Std.Do.WP.throw_ReaderT {m : Type → Type u} {sh : PostShape} {ε : Type u_1} {ρ α : Type} {e : ε} {Q : PostCond α (PostShape.arg ρ sh)} [WP m sh] [Monad m] [MonadExceptOf ε m] :

wp⟦MonadExceptOf.throw e⟧ Q = wp⟦MonadLift.monadLift (MonadExceptOf.throw e)⟧ Q

@[simp]

theorem Std.Do.WP.throw_StateT {m : Type → Type u} {sh : PostShape} {ε : Type u_1} {ρ α : Type} {e : ε} {Q : PostCond α (PostShape.arg ρ sh)} [WP m sh] [Monad m] [MonadExceptOf ε m] :

wp⟦MonadExceptOf.throw e⟧ Q = wp⟦MonadLift.monadLift (MonadExceptOf.throw e)⟧ Q

@[simp]

theorem Std.Do.WP.throw_lift_ExceptT {m : Type → Type u} {sh : PostShape} {ε ε' α : Type} {e : ε} {Q : PostCond α (PostShape.except ε' sh)} [WP m sh] [Monad m] [MonadExceptOf ε m] :

wp⟦MonadExceptOf.throw e⟧ Q = wp⟦MonadExceptOf.throw e⟧ (fun (x : Except ε' α) => match x with | Except.ok a => Q.fst a | Except.error e => Q.snd.fst e, Q.snd.snd)

@[simp]

theorem Std.Do.WP.tryCatch_MonadExcept {m : Type → Type u} {ps : PostShape} {ε : Type u_1} {α : Type} {x : m α} {h : ε → m α} {Q : PostCond α ps} [MonadExceptOf ε m] [WP m ps] :

wp⟦tryCatch x h⟧ Q = wp⟦MonadExceptOf.tryCatch x h⟧ Q

@[simp]

theorem Std.Do.WP.tryCatchThe {m : Type → Type u} {ps : PostShape} {ε : Type u_1} {α : Type} {x : m α} {h : ε → m α} {Q : PostCond α ps} [MonadExceptOf ε m] [WP m ps] :

wp⟦_root_.tryCatchThe ε x h⟧ Q = wp⟦MonadExceptOf.tryCatch x h⟧ Q

@[simp]

theorem Std.Do.WP.tryCatch_Except {ε α : Type} {x : Except ε α} {h : ε → Except ε α} {Q : PostCond α (PostShape.except ε PostShape.pure)} :

wp⟦MonadExceptOf.tryCatch x h⟧ Q = wp⟦x⟧ (Q.fst, fun (e : ε) => wp⟦h e⟧ Q, Q.snd.snd)

@[simp]

theorem Std.Do.WP.tryCatch_ExceptT {m : Type → Type u} {ps : PostShape} {ε α : Type} {x : ExceptT ε m α} {h : ε → ExceptT ε m α} {Q : PostCond α (PostShape.except ε ps)} [Monad m] [WPMonad m ps] :

wp⟦MonadExceptOf.tryCatch x h⟧ Q = wp⟦x⟧ (Q.fst, fun (e : ε) => wp⟦h e⟧ Q, Q.snd.snd)

@[simp]

theorem Std.Do.WP.tryCatch_EStateM {ε σ δ α : Type} {x : EStateM ε σ α} {h : ε → EStateM ε σ α} {Q : PostCond α (PostShape.except ε (PostShape.arg σ PostShape.pure))} [EStateM.Backtrackable δ σ] :

wp⟦MonadExceptOf.tryCatch x h⟧ Q = fun (s : σ) => wp⟦x⟧ (Q.fst, fun (e : ε) (s' : σ) => wp⟦h e⟧ Q (EStateM.Backtrackable.restore s' (EStateM.Backtrackable.save s)), Q.snd.snd) s

@[simp]

theorem Std.Do.WP.tryCatch_ReaderT {m : Type → Type u} {sh : PostShape} {ε : Type u_1} {ρ α : Type} {x : ReaderT ρ m α} {h : ε → ReaderT ρ m α} {Q : PostCond α (PostShape.arg ρ sh)} [WP m sh] [Monad m] [MonadExceptOf ε m] :

wp⟦MonadExceptOf.tryCatch x h⟧ Q = fun (r : ρ) => wp⟦MonadExceptOf.tryCatch (x.run r) fun (e : ε) => (h e).run r⟧ (fun (a : α) => Q.fst a r, Q.snd)

@[simp]

theorem Std.Do.WP.tryCatch_StateT {m : Type → Type u} {sh : PostShape} {ε : Type u_1} {σ α : Type} {x : StateT σ m α} {h : ε → StateT σ m α} {Q : PostCond α (PostShape.arg σ sh)} [WP m sh] [Monad m] [MonadExceptOf ε m] :

wp⟦MonadExceptOf.tryCatch x h⟧ Q = fun (s : σ) => wp⟦MonadExceptOf.tryCatch (x.run s) fun (e : ε) => (h e).run s⟧ (fun (xs : α × σ) => Q.fst xs.fst xs.snd, Q.snd)

@[simp]

theorem Std.Do.WP.tryCatch_lift_ExceptT {m : Type → Type u} {sh : PostShape} {ε ε' α : Type} {x : ExceptT ε' m α} {h : ε → ExceptT ε' m α} {Q : PostCond α (PostShape.except ε' sh)} [WP m sh] [Monad m] [MonadExceptOf ε m] :

wp⟦MonadExceptOf.tryCatch x h⟧ Q = wp⟦MonadExceptOf.tryCatch x h⟧ (fun (x : Except ε' α) => match x with | Except.ok a => Q.fst a | Except.error e => Q.snd.fst e, Q.snd.snd)