Day19_arithmetic

Exercise: 4 stars, standard (s_compiler_correct)

Now we'll prove the correctness of the compiler implemented in the back on Day 10. We give our implementation of the compiler and stack machine here, but it might be different from yours---so look closely!

Prove the following theorem. You will need to start by stating a more general lemma to get a usable induction hypothesis; the main theorem will then be a simple corollary of this lemma.

Fixpoint s_compile (e : aexp) : list sinstr :=
  match e with
  | ANum n ⇒ [SPush n]
  | AId x ⇒ [SLoad x]
  | APlus a₁ a₂ ⇒ s_compile a₁ ++ s_compile a₂ ++ [SPlus ]
  | AMinus a₁ a₂ ⇒ s_compile a₁ ++ s_compile a₂ ++ [SMinus ]
  | AMult a₁ a₂ ⇒ s_compile a₁ ++ s_compile a₂ ++ [SMult ]
  end.

Fixpoint s_execute (st : state) (stack : list nat) (prog : list sinstr) : list nat :=
  let s_insn (st : state) (stack : list nat) (insn : sinstr) : list nat :=
      match (insn , stack ) with
      | (SPush n, _) ⇒ n :: stack
      | (SLoad x, _) ⇒ st x :: stack
      | (SPlus , n::m::stack') ⇒ (m+n)::stack'
      | (SMinus , n::m::stack') ⇒ (m-n)::stack'
      | (SMult , n::m::stack') ⇒ (m×n)::stack'
      | (_, _) ⇒ stack
      end
  in
  match prog with
  | nil ⇒ stack
  | insn::prog' ⇒ s_execute st (s_insn st stack insn) prog'
  end.

Theorem s_compile_correct : ∀ (st : state) (e : aexp),
s_execute st [] (s_compile e) = [ aeval st e ].
Proof.
(* FILL IN HERE *) Admitted.
☐

(* Mon Oct 12 08:48:50 PDT 2020 *)