44 lines
1.2 KiB
Text
44 lines
1.2 KiB
Text
import TsmLean.Core.Semantics
|
|
|
|
namespace TsmLean.Core
|
|
|
|
/-! # Fuel-bounded executable multi-step.
|
|
|
|
`run n s₀` executes up to `n` steps from `s₀`. Returns the final state
|
|
when execution halts (step returns `none`) within fuel, or `none` when
|
|
fuel is exhausted before halting.
|
|
|
|
Soundness: any successful run corresponds to a `MultiStep` derivation
|
|
ending at a halted state — same shape as TGC/TOC's eval_sound, but
|
|
phrased over the small-step closure rather than big-step. -/
|
|
|
|
def run : Nat → State → Option State
|
|
| 0, _ => none
|
|
| n + 1, s =>
|
|
match step s with
|
|
| none => some s -- halted
|
|
| some s' => run n s'
|
|
|
|
theorem run_sound :
|
|
∀ (n : Nat) (s s' : State),
|
|
run n s = some s' → MultiStep s s' ∧ step s' = none := by
|
|
intro n
|
|
induction n with
|
|
| zero =>
|
|
intros s s' heq
|
|
simp [run] at heq
|
|
| succ n ih =>
|
|
intros s s' heq
|
|
simp only [run] at heq
|
|
cases hstep : step s with
|
|
| none =>
|
|
rw [hstep] at heq
|
|
simp at heq
|
|
subst heq
|
|
exact ⟨.refl s, hstep⟩
|
|
| some s_next =>
|
|
rw [hstep] at heq
|
|
have ⟨hMS, hHalt⟩ := ih s_next s' heq
|
|
exact ⟨.cons hstep hMS, hHalt⟩
|
|
|
|
end TsmLean.Core
|