header {* \isaheader{Program Semantics} *} theory Semantics = Main: text {* Here we declare a framework for program semantics in form of a state transition relation. A state consists of a position and a memory component. Note that we use type variables, hence one can instantiate programs, positions and memories with arbitrary types. *} consts ReachableFrom:: "('a \ 'a) set \ 'a set \ 'a set" inductive "ReachableFrom R S" intros init: "a \ S \ a \ ReachableFrom R S" step: "a \ ReachableFrom R S \ (a,b) \ R \ b \ ReachableFrom R S" consts ReachableFromInv:: "('a \ 'a) set \ ('a set) \ ('a set) \ 'a set" inductive "ReachableFromInv R S I" intros init: "a \ S \ a \ ReachableFromInv R S I" step: "a \ ReachableFromInv R S I \ (a,b) \ R \ a \ I \ b \ I \ b \ ReachableFromInv R S I" locale Semantics = fixes initS:: "'prog \ ('pos \ 'mem) set" fixes effS:: " 'prog \ (('pos \ 'mem) \ ('pos \ 'mem)) set" fixes Reachables:: "'prog \ ('pos \ 'mem) set" defines "Reachables \ \ \. ReachableFrom (effS \) (initS \)" lemma ReachableFromInv_ReachableFrom: "s \ ReachableFromInv R S I \ s \ ReachableFrom R S" (*<*) apply (erule ReachableFromInv.induct) apply (rule ReachableFrom.init) apply assumption apply (rule ReachableFrom.step) apply simp apply simp done (*>*) lemma ReachableFrom_conv: "s \ ReachableFrom R S = (\ s0. s0 \ S \ (s0,s) \ R\<^sup>*)" (*<*) apply (rule iffI) -- {* if *} apply (erule ReachableFrom.induct) apply (rule_tac x="a" in exI) apply simp apply (erule exE | erule conjE)+ apply (rule_tac x="s0" in exI) apply (rule conjI) apply assumption apply (rule_tac b="a" in rtrancl_into_rtrancl) apply assumption apply assumption --{* only if *} apply (erule exE | erule conjE)+ apply (erule rev_mp) apply (erule rtrancl.induct) apply (rule impI) apply (rule ReachableFrom.init) apply assumption apply (rule impI) apply (drule mp, assumption) apply (rule ReachableFrom.step) apply assumption apply assumption done (*>*) lemma (in Semantics) Reachables_conv: "Reachables \ = {s. \ s0. s0 \ initS \ \ (s0,s) \ (effS \)\<^sup>*}" (*<*) by (rule set_ext, simp only: mem_Collect_eq Reachables_def ReachableFrom_conv) (*>*) lemma (in Semantics) Reachables_induct [consumes 1, case_names init step]: "\ x \ Reachables \; \ s. s \ (initS \) \ P s; \ s s'. \ s \ Reachables \; P s; (s,s') \ (effS \) \ \ P s' \ \ P x" (*<*) apply (rule_tac R="effS \" and S="initS \" in ReachableFrom.induct) apply (unfold Reachables_def) apply assumption apply atomize apply (erule_tac x="a" in allE)+ apply simp apply atomize apply (erule_tac x="a" in allE) apply (erule_tac x="a" in allE) apply (erule_tac x="b" in allE) apply simp done (*>*) end