gdp-0.0.3.0: Reason about invariants and preconditions with ghosts of departed proofs.

Safe Haskell	None
Language	Haskell2010

Theory.Lists

Contents

Basic functions on lists
- Names for parts of a list
- Names for basic list operations
Reasoning about lists
Pattern-matching on lists
- Decompositions that use explicit evidence-passing
  - Pattern synonyms
- Decompositions that use implicit evidence-passing
  - Pattern synonyms

Synopsis

head :: Fact (IsCons xs) => ([a] ~~ xs) -> a ~~ Head xs
tail :: Fact (IsCons xs) => ([a] ~~ xs) -> [a] ~~ Tail xs
cons :: (a ~~ x) -> ([a] ~~ xs) -> [a] ~~ Cons' x xs
nil :: [a] ~~ Nil'
data Head xs
data Tail xs
data Cons' x xs
data Nil'
data IsList xs
data IsCons xs
data IsNil xs
consIsList :: Proof (IsCons xs) -> Proof (IsList xs)
nilIsList :: Proof (IsNil xs) -> Proof (IsList xs)
listIsList :: ([a] ~~ xs) -> Proof (IsList xs)
listShapes :: Proof (IsList xs) -> Proof ((IsNil xs && Not (IsCons xs)) || (IsCons xs && Not (IsNil xs)))
consIsCons :: Proof (IsCons (Cons' x xs))
headOfCons :: Proof (Head (Cons' x xs) == x)
tailOfCons :: Proof (Tail (Cons' x xs) == xs)
listInduction :: Proof (IsList xs) -> Proof (p Nil') -> Proof (ForAll ys ((IsList ys && p (Tail ys)) --> p ys)) -> Proof (p xs)
classify :: ([a] ~~ xs) -> ListCase a xs
data ListCase a xs
- = IsCons_ (Proof (IsCons xs)) (a ~~ Head xs) ([a] ~~ Tail xs)
- | IsNil_ (Proof (IsNil xs))
pattern IsCons :: Proof (IsCons xs) -> (a ~~ Head xs) -> ([a] ~~ Tail xs) -> [a] ~~ xs
pattern IsNil :: Proof (IsNil xs) -> [a] ~~ xs
classify' :: forall a xs. ([a] ~~ xs) -> ListCase' a xs
data ListCase' a xs where
- Cons_ :: Fact (IsCons xs) => (a ~~ Head xs) -> ([a] ~~ Tail xs) -> ListCase' a xs
- Nil_ :: Fact (IsNil xs) => ListCase' a xs
pattern Cons :: () => Fact (IsCons xs) => (a ~~ Head xs) -> ([a] ~~ Tail xs) -> [a] ~~ xs
pattern Nil :: () => Fact (IsNil xs) => [a] ~~ xs

Basic functions on lists

head :: Fact (IsCons xs) => ([a] ~~ xs) -> a ~~ Head xs Source #

Extract the first element from a non-empty list.

tail :: Fact (IsCons xs) => ([a] ~~ xs) -> [a] ~~ Tail xs Source #

Extract all but the first element from a non-empty list.

cons :: (a ~~ x) -> ([a] ~~ xs) -> [a] ~~ Cons' x xs Source #

Construct a list from an element and another list.

nil :: [a] ~~ Nil' Source #

The empty list, named Nil'.

Names for parts of a list

data Head xs Source #

Names for the parts of a list.

data Tail xs Source #

Names for basic list operations

data Cons' x xs Source #

A name for referring to the result of a cons operation.

data Nil' Source #

A name for referring to the empty list.

Reasoning about lists

Predicates about list shapes

data IsList xs Source #

Predicates about the possible shapes of lists.

data IsCons xs Source #

data IsNil xs Source #

Axioms about list shapes

consIsList :: Proof (IsCons xs) -> Proof (IsList xs) Source #

nilIsList :: Proof (IsNil xs) -> Proof (IsList xs) Source #

listIsList :: ([a] ~~ xs) -> Proof (IsList xs) Source #

listShapes :: Proof (IsList xs) -> Proof ((IsNil xs && Not (IsCons xs)) || (IsCons xs && Not (IsNil xs))) Source #

Axiom: a list xs satisfies exactly one of IsCons xs or IsNil xs.

consIsCons :: Proof (IsCons (Cons' x xs)) Source #

Axiom: The result of cons x y satisfies IsCons.

headOfCons :: Proof (Head (Cons' x xs) == x) Source #

Axiom: The head of cons x y is x.

tailOfCons :: Proof (Tail (Cons' x xs) == xs) Source #

Axiom: The tail of cons x y is y.

Induction principle

listInduction :: Proof (IsList xs) -> Proof (p Nil') -> Proof (ForAll ys ((IsList ys && p (Tail ys)) --> p ys)) -> Proof (p xs) Source #

Induction principle: If a predicate P is true for the empty list, and P is true for a list whenever it is true for the tail of the list, then P is true.

Pattern-matching on lists

Decompositions that use explicit evidence-passing

classify :: ([a] ~~ xs) -> ListCase a xs Source #

Classify a named list by shape, producing evidence that the list matches the corresponding case.

data ListCase a xs Source #

Possible shapes of a list, along with evidence that the list has the given shape.

Constructors

IsCons_ (Proof (IsCons xs)) (a ~~ Head xs) ([a] ~~ Tail xs)
IsNil_ (Proof (IsNil xs))

Pattern synonyms

pattern IsCons :: Proof (IsCons xs) -> (a ~~ Head xs) -> ([a] ~~ Tail xs) -> [a] ~~ xs Source #

pattern IsNil :: Proof (IsNil xs) -> [a] ~~ xs Source #

Decompositions that use implicit evidence-passing

classify' :: forall a xs. ([a] ~~ xs) -> ListCase' a xs Source #

Classify a named list by shape, producing implicit evidence that the list matches the corresponding case.

data ListCase' a xs where Source #

A variation on ListCase that passes the shape facts implicitly. Pattern-matching on a constructor of ListCase' will bring a shape proof into the implicit context.

Constructors

Cons_ :: Fact (IsCons xs) => (a ~~ Head xs) -> ([a] ~~ Tail xs) -> ListCase' a xs
Nil_ :: Fact (IsNil xs) => ListCase' a xs

Pattern synonyms

pattern Cons :: () => Fact (IsCons xs) => (a ~~ Head xs) -> ([a] ~~ Tail xs) -> [a] ~~ xs Source #

pattern Nil :: () => Fact (IsNil xs) => [a] ~~ xs Source #