src/HOL/IMP/Types.thy
author huffman
Thu Aug 11 09:11:15 2011 -0700 (2011-08-11)
changeset 44165 d26a45f3c835
parent 44020 376c1e7b320c
child 44890 22f665a2e91c
permissions -rw-r--r--
remove lemma stupid_ext
nipkow@43150
     1
header "A Typed Language"
nipkow@43150
     2
nipkow@43150
     3
theory Types imports Star Complex_Main begin
nipkow@43150
     4
nipkow@43150
     5
subsection "Arithmetic Expressions"
nipkow@43150
     6
nipkow@43150
     7
datatype val = Iv int | Rv real
nipkow@43150
     8
nipkow@43150
     9
type_synonym name = string
nipkow@43150
    10
type_synonym state = "name \<Rightarrow> val"
nipkow@43150
    11
nipkow@43150
    12
datatype aexp =  Ic int | Rc real | V name | Plus aexp aexp
nipkow@43150
    13
nipkow@43150
    14
inductive taval :: "aexp \<Rightarrow> state \<Rightarrow> val \<Rightarrow> bool" where
nipkow@43150
    15
"taval (Ic i) s (Iv i)" |
nipkow@43150
    16
"taval (Rc r) s (Rv r)" |
nipkow@43150
    17
"taval (V x) s (s x)" |
nipkow@43150
    18
"taval a1 s (Iv i1) \<Longrightarrow> taval a2 s (Iv i2)
nipkow@43150
    19
 \<Longrightarrow> taval (Plus a1 a2) s (Iv(i1+i2))" |
kleing@44020
    20
"taval a1 s (Rv r1) \<Longrightarrow> taval a2 s (Rv r2)
nipkow@43150
    21
 \<Longrightarrow> taval (Plus a1 a2) s (Rv(r1+r2))"
nipkow@43150
    22
nipkow@43150
    23
inductive_cases [elim!]:
nipkow@43150
    24
  "taval (Ic i) s v"  "taval (Rc i) s v"
nipkow@43150
    25
  "taval (V x) s v"
nipkow@43150
    26
  "taval (Plus a1 a2) s v"
nipkow@43150
    27
nipkow@43150
    28
subsection "Boolean Expressions"
nipkow@43150
    29
nipkow@43150
    30
datatype bexp = B bool | Not bexp | And bexp bexp | Less aexp aexp
nipkow@43150
    31
nipkow@43150
    32
inductive tbval :: "bexp \<Rightarrow> state \<Rightarrow> bool \<Rightarrow> bool" where
nipkow@43150
    33
"tbval (B bv) s bv" |
nipkow@43150
    34
"tbval b s bv \<Longrightarrow> tbval (Not b) s (\<not> bv)" |
kleing@44020
    35
"tbval b1 s bv1 \<Longrightarrow> tbval b2 s bv2 \<Longrightarrow> tbval (And b1 b2) s (bv1 & bv2)" |
kleing@44020
    36
"taval a1 s (Iv i1) \<Longrightarrow> taval a2 s (Iv i2) \<Longrightarrow> tbval (Less a1 a2) s (i1 < i2)" |
kleing@44020
    37
"taval a1 s (Rv r1) \<Longrightarrow> taval a2 s (Rv r2) \<Longrightarrow> tbval (Less a1 a2) s (r1 < r2)"
nipkow@43150
    38
nipkow@43150
    39
subsection "Syntax of Commands"
nipkow@43150
    40
(* a copy of Com.thy - keep in sync! *)
nipkow@43150
    41
nipkow@43150
    42
datatype
nipkow@43150
    43
  com = SKIP 
nipkow@43150
    44
      | Assign name aexp         ("_ ::= _" [1000, 61] 61)
nipkow@43150
    45
      | Semi   com  com          ("_; _"  [60, 61] 60)
nipkow@43150
    46
      | If     bexp com com     ("IF _ THEN _ ELSE _"  [0, 0, 61] 61)
nipkow@43150
    47
      | While  bexp com         ("WHILE _ DO _"  [0, 61] 61)
nipkow@43150
    48
nipkow@43150
    49
nipkow@43150
    50
subsection "Small-Step Semantics of Commands"
nipkow@43150
    51
nipkow@43150
    52
inductive
nipkow@43150
    53
  small_step :: "(com \<times> state) \<Rightarrow> (com \<times> state) \<Rightarrow> bool" (infix "\<rightarrow>" 55)
nipkow@43150
    54
where
nipkow@43150
    55
Assign:  "taval a s v \<Longrightarrow> (x ::= a, s) \<rightarrow> (SKIP, s(x := v))" |
nipkow@43150
    56
nipkow@43150
    57
Semi1:   "(SKIP;c,s) \<rightarrow> (c,s)" |
nipkow@43150
    58
Semi2:   "(c1,s) \<rightarrow> (c1',s') \<Longrightarrow> (c1;c2,s) \<rightarrow> (c1';c2,s')" |
nipkow@43150
    59
nipkow@43150
    60
IfTrue:  "tbval b s True \<Longrightarrow> (IF b THEN c1 ELSE c2,s) \<rightarrow> (c1,s)" |
nipkow@43150
    61
IfFalse: "tbval b s False \<Longrightarrow> (IF b THEN c1 ELSE c2,s) \<rightarrow> (c2,s)" |
nipkow@43150
    62
nipkow@43150
    63
While:   "(WHILE b DO c,s) \<rightarrow> (IF b THEN c; WHILE b DO c ELSE SKIP,s)"
nipkow@43150
    64
nipkow@43150
    65
lemmas small_step_induct = small_step.induct[split_format(complete)]
nipkow@43150
    66
nipkow@43150
    67
subsection "The Type System"
nipkow@43150
    68
nipkow@43150
    69
datatype ty = Ity | Rty
nipkow@43150
    70
nipkow@43150
    71
type_synonym tyenv = "name \<Rightarrow> ty"
nipkow@43150
    72
nipkow@43150
    73
inductive atyping :: "tyenv \<Rightarrow> aexp \<Rightarrow> ty \<Rightarrow> bool"
nipkow@43150
    74
  ("(1_/ \<turnstile>/ (_ :/ _))" [50,0,50] 50)
nipkow@43150
    75
where
nipkow@43150
    76
Ic_ty: "\<Gamma> \<turnstile> Ic i : Ity" |
nipkow@43150
    77
Rc_ty: "\<Gamma> \<turnstile> Rc r : Rty" |
nipkow@43150
    78
V_ty: "\<Gamma> \<turnstile> V x : \<Gamma> x" |
nipkow@43150
    79
Plus_ty: "\<Gamma> \<turnstile> a1 : \<tau> \<Longrightarrow> \<Gamma> \<turnstile> a2 : \<tau> \<Longrightarrow> \<Gamma> \<turnstile> Plus a1 a2 : \<tau>"
nipkow@43150
    80
nipkow@43150
    81
text{* Warning: the ``:'' notation leads to syntactic ambiguities,
nipkow@43150
    82
i.e. multiple parse trees, because ``:'' also stands for set membership.
nipkow@43150
    83
In most situations Isabelle's type system will reject all but one parse tree,
nipkow@43150
    84
but will still inform you of the potential ambiguity. *}
nipkow@43150
    85
nipkow@43150
    86
inductive btyping :: "tyenv \<Rightarrow> bexp \<Rightarrow> bool" (infix "\<turnstile>" 50)
nipkow@43150
    87
where
nipkow@43150
    88
B_ty: "\<Gamma> \<turnstile> B bv" |
nipkow@43150
    89
Not_ty: "\<Gamma> \<turnstile> b \<Longrightarrow> \<Gamma> \<turnstile> Not b" |
nipkow@43150
    90
And_ty: "\<Gamma> \<turnstile> b1 \<Longrightarrow> \<Gamma> \<turnstile> b2 \<Longrightarrow> \<Gamma> \<turnstile> And b1 b2" |
nipkow@43150
    91
Less_ty: "\<Gamma> \<turnstile> a1 : \<tau> \<Longrightarrow> \<Gamma> \<turnstile> a2 : \<tau> \<Longrightarrow> \<Gamma> \<turnstile> Less a1 a2"
nipkow@43150
    92
nipkow@43150
    93
inductive ctyping :: "tyenv \<Rightarrow> com \<Rightarrow> bool" (infix "\<turnstile>" 50) where
nipkow@43150
    94
Skip_ty: "\<Gamma> \<turnstile> SKIP" |
nipkow@43150
    95
Assign_ty: "\<Gamma> \<turnstile> a : \<Gamma>(x) \<Longrightarrow> \<Gamma> \<turnstile> x ::= a" |
nipkow@43150
    96
Semi_ty: "\<Gamma> \<turnstile> c1 \<Longrightarrow> \<Gamma> \<turnstile> c2 \<Longrightarrow> \<Gamma> \<turnstile> c1;c2" |
nipkow@43150
    97
If_ty: "\<Gamma> \<turnstile> b \<Longrightarrow> \<Gamma> \<turnstile> c1 \<Longrightarrow> \<Gamma> \<turnstile> c2 \<Longrightarrow> \<Gamma> \<turnstile> IF b THEN c1 ELSE c2" |
nipkow@43150
    98
While_ty: "\<Gamma> \<turnstile> b \<Longrightarrow> \<Gamma> \<turnstile> c \<Longrightarrow> \<Gamma> \<turnstile> WHILE b DO c"
nipkow@43150
    99
nipkow@43150
   100
inductive_cases [elim!]:
nipkow@43150
   101
  "\<Gamma> \<turnstile> x ::= a"  "\<Gamma> \<turnstile> c1;c2"
nipkow@43150
   102
  "\<Gamma> \<turnstile> IF b THEN c1 ELSE c2"
nipkow@43150
   103
  "\<Gamma> \<turnstile> WHILE b DO c"
nipkow@43150
   104
nipkow@43150
   105
subsection "Well-typed Programs Do Not Get Stuck"
nipkow@43150
   106
nipkow@43150
   107
fun type :: "val \<Rightarrow> ty" where
nipkow@43150
   108
"type (Iv i) = Ity" |
nipkow@43150
   109
"type (Rv r) = Rty"
nipkow@43150
   110
nipkow@43150
   111
lemma [simp]: "type v = Ity \<longleftrightarrow> (\<exists>i. v = Iv i)"
nipkow@43150
   112
by (cases v) simp_all
nipkow@43150
   113
nipkow@43150
   114
lemma [simp]: "type v = Rty \<longleftrightarrow> (\<exists>r. v = Rv r)"
nipkow@43150
   115
by (cases v) simp_all
nipkow@43150
   116
nipkow@43150
   117
definition styping :: "tyenv \<Rightarrow> state \<Rightarrow> bool" (infix "\<turnstile>" 50)
nipkow@43150
   118
where "\<Gamma> \<turnstile> s  \<longleftrightarrow>  (\<forall>x. type (s x) = \<Gamma> x)"
nipkow@43150
   119
nipkow@43150
   120
lemma apreservation:
nipkow@43150
   121
  "\<Gamma> \<turnstile> a : \<tau> \<Longrightarrow> taval a s v \<Longrightarrow> \<Gamma> \<turnstile> s \<Longrightarrow> type v = \<tau>"
nipkow@43150
   122
apply(induct arbitrary: v rule: atyping.induct)
nipkow@43150
   123
apply (fastsimp simp: styping_def)+
nipkow@43150
   124
done
nipkow@43150
   125
nipkow@43150
   126
lemma aprogress: "\<Gamma> \<turnstile> a : \<tau> \<Longrightarrow> \<Gamma> \<turnstile> s \<Longrightarrow> \<exists>v. taval a s v"
nipkow@43150
   127
proof(induct rule: atyping.induct)
nipkow@43150
   128
  case (Plus_ty \<Gamma> a1 t a2)
nipkow@43150
   129
  then obtain v1 v2 where v: "taval a1 s v1" "taval a2 s v2" by blast
nipkow@43150
   130
  show ?case
nipkow@43150
   131
  proof (cases v1)
nipkow@43150
   132
    case Iv
nipkow@43150
   133
    with Plus_ty(1,3,5) v show ?thesis
nipkow@43150
   134
      by(fastsimp intro: taval.intros(4) dest!: apreservation)
nipkow@43150
   135
  next
nipkow@43150
   136
    case Rv
nipkow@43150
   137
    with Plus_ty(1,3,5) v show ?thesis
nipkow@43150
   138
      by(fastsimp intro: taval.intros(5) dest!: apreservation)
nipkow@43150
   139
  qed
nipkow@43150
   140
qed (auto intro: taval.intros)
nipkow@43150
   141
nipkow@43150
   142
lemma bprogress: "\<Gamma> \<turnstile> b \<Longrightarrow> \<Gamma> \<turnstile> s \<Longrightarrow> \<exists>v. tbval b s v"
nipkow@43150
   143
proof(induct rule: btyping.induct)
nipkow@43150
   144
  case (Less_ty \<Gamma> a1 t a2)
nipkow@43150
   145
  then obtain v1 v2 where v: "taval a1 s v1" "taval a2 s v2"
nipkow@43150
   146
    by (metis aprogress)
nipkow@43150
   147
  show ?case
nipkow@43150
   148
  proof (cases v1)
nipkow@43150
   149
    case Iv
nipkow@43150
   150
    with Less_ty v show ?thesis
nipkow@43150
   151
      by (fastsimp intro!: tbval.intros(4) dest!:apreservation)
nipkow@43150
   152
  next
nipkow@43150
   153
    case Rv
nipkow@43150
   154
    with Less_ty v show ?thesis
nipkow@43150
   155
      by (fastsimp intro!: tbval.intros(5) dest!:apreservation)
nipkow@43150
   156
  qed
nipkow@43150
   157
qed (auto intro: tbval.intros)
nipkow@43150
   158
nipkow@43150
   159
theorem progress:
nipkow@43150
   160
  "\<Gamma> \<turnstile> c \<Longrightarrow> \<Gamma> \<turnstile> s \<Longrightarrow> c \<noteq> SKIP \<Longrightarrow> \<exists>cs'. (c,s) \<rightarrow> cs'"
nipkow@43150
   161
proof(induct rule: ctyping.induct)
nipkow@43150
   162
  case Skip_ty thus ?case by simp
nipkow@43150
   163
next
nipkow@43150
   164
  case Assign_ty 
nipkow@43150
   165
  thus ?case by (metis Assign aprogress)
nipkow@43150
   166
next
nipkow@43150
   167
  case Semi_ty thus ?case by simp (metis Semi1 Semi2)
nipkow@43150
   168
next
nipkow@43150
   169
  case (If_ty \<Gamma> b c1 c2)
nipkow@43150
   170
  then obtain bv where "tbval b s bv" by (metis bprogress)
nipkow@43150
   171
  show ?case
nipkow@43150
   172
  proof(cases bv)
nipkow@43150
   173
    assume "bv"
nipkow@43150
   174
    with `tbval b s bv` show ?case by simp (metis IfTrue)
nipkow@43150
   175
  next
nipkow@43150
   176
    assume "\<not>bv"
nipkow@43150
   177
    with `tbval b s bv` show ?case by simp (metis IfFalse)
nipkow@43150
   178
  qed
nipkow@43150
   179
next
nipkow@43150
   180
  case While_ty show ?case by (metis While)
nipkow@43150
   181
qed
nipkow@43150
   182
nipkow@43150
   183
theorem styping_preservation:
nipkow@43150
   184
  "(c,s) \<rightarrow> (c',s') \<Longrightarrow> \<Gamma> \<turnstile> c \<Longrightarrow> \<Gamma> \<turnstile> s \<Longrightarrow> \<Gamma> \<turnstile> s'"
nipkow@43150
   185
proof(induct rule: small_step_induct)
nipkow@43150
   186
  case Assign thus ?case
nipkow@43150
   187
    by (auto simp: styping_def) (metis Assign(1,3) apreservation)
nipkow@43150
   188
qed auto
nipkow@43150
   189
nipkow@43150
   190
theorem ctyping_preservation:
nipkow@43150
   191
  "(c,s) \<rightarrow> (c',s') \<Longrightarrow> \<Gamma> \<turnstile> c \<Longrightarrow> \<Gamma> \<turnstile> c'"
nipkow@43150
   192
by (induct rule: small_step_induct) (auto simp: ctyping.intros)
nipkow@43150
   193
nipkow@43150
   194
abbreviation small_steps :: "com * state \<Rightarrow> com * state \<Rightarrow> bool" (infix "\<rightarrow>*" 55)
nipkow@43150
   195
where "x \<rightarrow>* y == star small_step x y"
nipkow@43150
   196
nipkow@43150
   197
theorem type_sound:
nipkow@43150
   198
  "(c,s) \<rightarrow>* (c',s') \<Longrightarrow> \<Gamma> \<turnstile> c \<Longrightarrow> \<Gamma> \<turnstile> s \<Longrightarrow> c' \<noteq> SKIP
nipkow@43150
   199
   \<Longrightarrow> \<exists>cs''. (c',s') \<rightarrow> cs''"
nipkow@43150
   200
apply(induct rule:star_induct)
nipkow@43150
   201
apply (metis progress)
nipkow@43150
   202
by (metis styping_preservation ctyping_preservation)
nipkow@43150
   203
nipkow@43150
   204
end