• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
        • Crypto-hdwallet
        • Apt
        • Error-checking
        • Fty-extensions
        • Isar
        • Kestrel-utilities
        • Set
        • Soft
        • C
          • Syntax-for-tools
            • Disambiguator
            • Abstract-syntax
            • Parser
            • Validator
            • Printer
            • Formalized-subset
            • Mapping-to-language-definition
            • Input-files
            • Defpred
            • Output-files
            • Abstract-syntax-operations
            • Validation-information
            • Implementation-environments
            • Concrete-syntax
            • Unambiguity
              • Abstract-syntax-unambp
              • Unambiguity-predicate-theorems
              • Type-spec-list-unambp-of-sublists
              • Expr-unambp-of-operation-on-expr-unambp
            • Ascii-identifiers
            • Preprocessing
            • Abstraction-mapping
          • Atc
          • Language
          • Representation
          • Transformation-tools
          • Insertion-sort
          • Pack
        • Bv
        • Imp-language
        • Event-macros
        • Java
        • Bitcoin
        • Ethereum
        • Yul
        • Zcash
        • ACL2-programming-language
        • Prime-fields
        • Json
        • Syntheto
        • File-io-light
        • Cryptography
        • Number-theory
        • Lists-light
        • Axe
        • Builtins
        • Solidity
        • Helpers
        • Htclient
        • Typed-lists-light
        • Arithmetic-light
      • X86isa
      • Axe
      • Execloader
    • Math
    • Testing-utilities
  • Syntax-for-tools

Unambiguity

Unambiguity of the C abstract syntax for tools.

Our abstract syntax includes ambiguous constructs, i.e. constructs that capture syntactically ambiguous constructs; see the documentation of the abstract syntax for details. The disambiguator, if successful, removes those constructs, leaving only the unambiguous ones.

Here we define predicates over the abstract syntax that say whether the constructs are unambiguous, i.e. whether there are no ambiguous constructs.

For now we do not make any checks on GCC extensions, even though they may contain expressions. This mirrors the treatment in the disambiguator: the reason for this (temporary) limitation is explained there.

Besides defining the unambiguity predicates, we also provide rules to automate guard and return proofs that involve the unambiguity predicates. The rules about the fixtype deconstructors automate the guard proofs; the rules about the fixtype constructors automate the return proofs.

Subtopics

Abstract-syntax-unambp
Definition of the unambiguity predicates, with accompanying theorems.
Unambiguity-predicate-theorems
Theorems about the unambiguity predicates.
Type-spec-list-unambp-of-sublists
Theorems saying that the sublist of type specifiers extracted via some abstract syntax operations is unambiguous if the initial list is unambiguous.
Expr-unambp-of-operation-on-expr-unambp
Preservation of unambiguity by certain operations on expressions.