isabelle: src/HOL/MicroJava/BV/LBVComplete.thy@0abf74bdf712 (annotated)

8388 b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	1	(* Title: HOL/MicroJava/BV/LBVComplete.thy
b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	2	ID: $Id$
b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	3	Author: Gerwin Klein
b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	4	Copyright 2000 Technische Universitaet Muenchen
9054 0e48e7d4d4f9 minor tuning for pdf documents kleing parents: 9012 diff changeset	5	*)
8388 b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	6
12911 704713ca07ea new document kleing parents: 12516 diff changeset	7	header {* \isaheader{Completeness of the LBV} *}
8388 b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	8
16417 9bc16273c2d4 migrated theory headers to new format haftmann parents: 15425 diff changeset	9	theory LBVComplete imports LBVSpec Typing_Framework begin
9549 40d64cb4f4e6 BV and LBV specified in terms of app and step functions kleing parents: 9376 diff changeset	10
8388 b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	11	constdefs
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	12	is_target :: "['s step_type, 's list, nat] \<Rightarrow> bool"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	13	"is_target step phi pc' \<equiv>
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	14	\<exists>pc s'. pc' \<noteq> pc+1 \<and> pc < length phi \<and> (pc',s') \<in> set (step pc (phi!pc))"
8388 b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	15
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	16	make_cert :: "['s step_type, 's list, 's] \<Rightarrow> 's certificate"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	17	"make_cert step phi B \<equiv>
15425 6356d2523f73 [ .. (] -> [ ..< ] nipkow parents: 13365 diff changeset	18	map (\<lambda>pc. if is_target step phi pc then phi!pc else B) [0..<length phi] @ [B]"
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	19
13101 90b31354fe15 tuned kleing parents: 13078 diff changeset	20	constdefs
90b31354fe15 tuned kleing parents: 13078 diff changeset	21	list_ex :: "('a \<Rightarrow> bool) \<Rightarrow> 'a list \<Rightarrow> bool"
90b31354fe15 tuned kleing parents: 13078 diff changeset	22	"list_ex P xs \<equiv> \<exists>x \<in> set xs. P x"
90b31354fe15 tuned kleing parents: 13078 diff changeset	23
90b31354fe15 tuned kleing parents: 13078 diff changeset	24	lemma [code]: "list_ex P [] = False" by (simp add: list_ex_def)
90b31354fe15 tuned kleing parents: 13078 diff changeset	25	lemma [code]: "list_ex P (x#xs) = (P x \<or> list_ex P xs)" by (simp add: list_ex_def)
90b31354fe15 tuned kleing parents: 13078 diff changeset	26
90b31354fe15 tuned kleing parents: 13078 diff changeset	27	lemma [code]:
90b31354fe15 tuned kleing parents: 13078 diff changeset	28	"is_target step phi pc' =
15425 6356d2523f73 [ .. (] -> [ ..< ] nipkow parents: 13365 diff changeset	29	list_ex (\<lambda>pc. pc' \<noteq> pc+1 \<and> pc' mem (map fst (step pc (phi!pc)))) [0..<length phi]"
17087 0abf74bdf712 name fix nipkow parents: 16417 diff changeset	30	apply (simp add: list_ex_def is_target_def mem_iff)
13101 90b31354fe15 tuned kleing parents: 13078 diff changeset	31	apply force
90b31354fe15 tuned kleing parents: 13078 diff changeset	32	done
90b31354fe15 tuned kleing parents: 13078 diff changeset	33
13365 a2c4faad4d35 adapted to locale defs; wenzelm parents: 13101 diff changeset	34	locale (open) lbvc = lbv +
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	35	fixes phi :: "'a list" ("\<phi>")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	36	fixes c :: "'a list"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	37	defines cert_def: "c \<equiv> make_cert step \<phi> \<bottom>"
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	38
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	39	assumes mono: "mono r step (length \<phi>) A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	40	assumes pres: "pres_type step (length \<phi>) A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	41	assumes phi: "\<forall>pc < length \<phi>. \<phi>!pc \<in> A \<and> \<phi>!pc \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	42	assumes bounded: "bounded step (length \<phi>)"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	43
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	44	assumes B_neq_T: "\<bottom> \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	45
8388 b66d3c49cb8d completeness of the lightweight bytecode verifier kleing parents: diff changeset	46
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	47	lemma (in lbvc) cert: "cert_ok c (length \<phi>) \<top> \<bottom> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	48	proof (unfold cert_ok_def, intro strip conjI)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	49	note [simp] = make_cert_def cert_def nth_append
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	50
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	51	show "c!length \<phi> = \<bottom>" by simp
9757 1024a2d80ac0 functional LBV style, dead code, type safety -> Isar kleing parents: 9664 diff changeset	52
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	53	fix pc assume pc: "pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	54	from pc phi B_A show "c!pc \<in> A" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	55	from pc phi B_neq_T show "c!pc \<noteq> \<top>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	56	qed
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	57
9559 1f99296758c2 tuned kleing parents: 9549 diff changeset	58	lemmas [simp del] = split_paired_Ex
1f99296758c2 tuned kleing parents: 9549 diff changeset	59
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	60
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	61	lemma (in lbvc) cert_target [intro?]:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	62	"\<lbrakk> (pc',s') \<in> set (step pc (\<phi>!pc));
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	63	pc' \<noteq> pc+1; pc < length \<phi>; pc' < length \<phi> \<rbrakk>
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	64	\<Longrightarrow> c!pc' = \<phi>!pc'"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	65	by (auto simp add: cert_def make_cert_def nth_append is_target_def)
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	66
9549 40d64cb4f4e6 BV and LBV specified in terms of app and step functions kleing parents: 9376 diff changeset	67
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	68	lemma (in lbvc) cert_approx [intro?]:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	69	"\<lbrakk> pc < length \<phi>; c!pc \<noteq> \<bottom> \<rbrakk>
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	70	\<Longrightarrow> c!pc = \<phi>!pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	71	by (auto simp add: cert_def make_cert_def nth_append)
13064 1f54a5fecaa6 first steps in semilattices.. kleing parents: 13006 diff changeset	72
1f54a5fecaa6 first steps in semilattices.. kleing parents: 13006 diff changeset	73
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	74	lemma (in lbv) le_top [simp, intro]:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	75	"x <=_r \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	76	by (insert top) simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	77
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	78
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	79	lemma (in lbv) merge_mono:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	80	assumes less: "ss2 <=\|r\| ss1"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	81	assumes x: "x \<in> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	82	assumes ss1: "snd`set ss1 \<subseteq> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	83	assumes ss2: "snd`set ss2 \<subseteq> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	84	shows "merge c pc ss2 x <=_r merge c pc ss1 x" (is "?s2 <=_r ?s1")
13064 1f54a5fecaa6 first steps in semilattices.. kleing parents: 13006 diff changeset	85	proof-
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	86	have "?s1 = \<top> \<Longrightarrow> ?thesis" by simp
13070 fcfdefa4617b merge mono kleing parents: 13066 diff changeset	87	moreover {
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	88	assume merge: "?s1 \<noteq> T"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	89	from x ss1 have "?s1 =
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	90	(if \<forall>(pc', s')\<in>set ss1. pc' \<noteq> pc + 1 \<longrightarrow> s' <=_r c!pc'
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	91	then (map snd [(p', t')\<in>ss1 . p'=pc+1]) ++_f x
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	92	else \<top>)"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	93	by (rule merge_def)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	94	with merge obtain
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	95	app: "\<forall>(pc',s')\<in>set ss1. pc' \<noteq> pc+1 \<longrightarrow> s' <=_r c!pc'"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	96	(is "?app ss1") and
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	97	sum: "(map snd [(p',t')\<in>ss1 . p' = pc+1] ++_f x) = ?s1"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	98	(is "?map ss1 ++_f x = _" is "?sum ss1 = _")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	99	by (simp split: split_if_asm)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	100	from app less
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	101	have "?app ss2" by (blast dest: trans_r lesub_step_typeD)
13070 fcfdefa4617b merge mono kleing parents: 13066 diff changeset	102	moreover {
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	103	from ss1 have map1: "set (?map ss1) \<subseteq> A" by auto
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	104	with x have "?sum ss1 \<in> A" by (auto intro!: plusplus_closed)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	105	with sum have "?s1 \<in> A" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	106	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	107	have mapD: "\<And>x ss. x \<in> set (?map ss) \<Longrightarrow> \<exists>p. (p,x) \<in> set ss \<and> p=pc+1" by auto
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	108	from x map1
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	109	have "\<forall>x \<in> set (?map ss1). x <=_r ?sum ss1"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	110	by clarify (rule pp_ub1)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	111	with sum have "\<forall>x \<in> set (?map ss1). x <=_r ?s1" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	112	with less have "\<forall>x \<in> set (?map ss2). x <=_r ?s1"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	113	by (fastsimp dest!: mapD lesub_step_typeD intro: trans_r)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	114	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	115	from map1 x have "x <=_r (?sum ss1)" by (rule pp_ub2)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	116	with sum have "x <=_r ?s1" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	117	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	118	from ss2 have "set (?map ss2) \<subseteq> A" by auto
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	119	ultimately
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	120	have "?sum ss2 <=_r ?s1" using x by - (rule pp_lub)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	121	}
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	122	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	123	from x ss2 have
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	124	"?s2 =
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	125	(if \<forall>(pc', s')\<in>set ss2. pc' \<noteq> pc + 1 \<longrightarrow> s' <=_r c!pc'
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	126	then map snd [(p', t')\<in>ss2 . p' = pc + 1] ++_f x
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	127	else \<top>)"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	128	by (rule merge_def)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	129	ultimately have ?thesis by simp
13070 fcfdefa4617b merge mono kleing parents: 13066 diff changeset	130	}
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	131	ultimately show ?thesis by (cases "?s1 = \<top>") auto
13064 1f54a5fecaa6 first steps in semilattices.. kleing parents: 13006 diff changeset	132	qed
1f54a5fecaa6 first steps in semilattices.. kleing parents: 13006 diff changeset	133
1f54a5fecaa6 first steps in semilattices.. kleing parents: 13006 diff changeset	134
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	135	lemma (in lbvc) wti_mono:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	136	assumes less: "s2 <=_r s1"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	137	assumes pc: "pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	138	assumes s1: "s1 \<in> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	139	assumes s2: "s2 \<in> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	140	shows "wti c pc s2 <=_r wti c pc s1" (is "?s2' <=_r ?s1'")
9549 40d64cb4f4e6 BV and LBV specified in terms of app and step functions kleing parents: 9376 diff changeset	141	proof -
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	142	from mono s2 have "step pc s2 <=\|r\| step pc s1" by - (rule monoD)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	143	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	144	from pc cert have "c!Suc pc \<in> A" by - (rule cert_okD3)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	145	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	146	from pres s1 pc
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	147	have "snd`set (step pc s1) \<subseteq> A" by (rule pres_typeD2)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	148	moreover
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	149	from pres s2 pc
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	150	have "snd`set (step pc s2) \<subseteq> A" by (rule pres_typeD2)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	151	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	152	show ?thesis by (simp add: wti merge_mono)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	153	qed
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	154
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	155	lemma (in lbvc) wtc_mono:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	156	assumes less: "s2 <=_r s1"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	157	assumes pc: "pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	158	assumes s1: "s1 \<in> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	159	assumes s2: "s2 \<in> A"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	160	shows "wtc c pc s2 <=_r wtc c pc s1" (is "?s2' <=_r ?s1'")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	161	proof (cases "c!pc = \<bottom>")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	162	case True
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	163	moreover have "wti c pc s2 <=_r wti c pc s1" by (rule wti_mono)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	164	ultimately show ?thesis by (simp add: wtc)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	165	next
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	166	case False
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	167	have "?s1' = \<top> \<Longrightarrow> ?thesis" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	168	moreover {
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	169	assume "?s1' \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	170	with False have c: "s1 <=_r c!pc" by (simp add: wtc split: split_if_asm)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	171	with less have "s2 <=_r c!pc" ..
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	172	with False c have ?thesis by (simp add: wtc)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	173	}
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	174	ultimately show ?thesis by (cases "?s1' = \<top>") auto
9376 c32c5696ec2a flat instruction set kleing parents: 9260 diff changeset	175	qed
9757 1024a2d80ac0 functional LBV style, dead code, type safety -> Isar kleing parents: 9664 diff changeset	176
9559 1f99296758c2 tuned kleing parents: 9549 diff changeset	177
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	178	lemma (in lbv) top_le_conv [simp]:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	179	"\<top> <=_r x = (x = \<top>)"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	180	by (insert semilat) (simp add: top top_le_conv)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	181
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	182	lemma (in lbv) neq_top [simp, elim]:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	183	"\<lbrakk> x <=_r y; y \<noteq> \<top> \<rbrakk> \<Longrightarrow> x \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	184	by (cases "x = T") auto
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	185
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	186
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	187	lemma (in lbvc) stable_wti:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	188	assumes stable: "stable r step \<phi> pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	189	assumes pc: "pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	190	shows "wti c pc (\<phi>!pc) \<noteq> \<top>"
9559 1f99296758c2 tuned kleing parents: 9549 diff changeset	191	proof -
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	192	let ?step = "step pc (\<phi>!pc)"
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	193	from stable
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	194	have less: "\<forall>(q,s')\<in>set ?step. s' <=_r \<phi>!q" by (simp add: stable_def)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	195
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	196	from cert pc
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	197	have cert_suc: "c!Suc pc \<in> A" by - (rule cert_okD3)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	198	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	199	from phi pc have "\<phi>!pc \<in> A" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	200	with pres pc
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	201	have stepA: "snd`set ?step \<subseteq> A" by - (rule pres_typeD2)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	202	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	203	have "merge c pc ?step (c!Suc pc) =
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	204	(if \<forall>(pc',s')\<in>set ?step. pc'\<noteq>pc+1 \<longrightarrow> s' <=_r c!pc'
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	205	then map snd [(p',t')\<in>?step.p'=pc+1] ++_f c!Suc pc
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	206	else \<top>)" by (rule merge_def)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	207	moreover {
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	208	fix pc' s' assume s': "(pc', s') \<in> set ?step" and suc_pc: "pc' \<noteq> pc+1"
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	209	with less have "s' <=_r \<phi>!pc'" by auto
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	210	also
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	211	from bounded pc s' have "pc' < length \<phi>" by (rule boundedD)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	212	with s' suc_pc pc have "c!pc' = \<phi>!pc'" ..
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	213	hence "\<phi>!pc' = c!pc'" ..
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	214	finally have "s' <=_r c!pc'" .
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	215	} hence "\<forall>(pc',s')\<in>set ?step. pc'\<noteq>pc+1 \<longrightarrow> s' <=_r c!pc'" by auto
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	216	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	217	from pc have "Suc pc = length \<phi> \<or> Suc pc < length \<phi>" by auto
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	218	hence "map snd [(p',t')\<in>?step.p'=pc+1] ++_f c!Suc pc \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	219	(is "?map ++_f _ \<noteq> _")
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	220	proof (rule disjE)
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	221	assume pc': "Suc pc = length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	222	with cert have "c!Suc pc = \<bottom>" by (simp add: cert_okD2)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	223	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	224	from pc' bounded pc
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	225	have "\<forall>(p',t')\<in>set ?step. p'\<noteq>pc+1" by clarify (drule boundedD, auto)
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	226	hence "[(p',t')\<in>?step.p'=pc+1] = []" by (blast intro: filter_False)
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	227	hence "?map = []" by simp
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	228	ultimately show ?thesis by (simp add: B_neq_T)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	229	next
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	230	assume pc': "Suc pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	231	from pc' phi have "\<phi>!Suc pc \<in> A" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	232	moreover note cert_suc
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	233	moreover from stepA
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	234	have "set ?map \<subseteq> A" by auto
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	235	moreover
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	236	have "\<And>s. s \<in> set ?map \<Longrightarrow> \<exists>t. (Suc pc, t) \<in> set ?step" by auto
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	237	with less have "\<forall>s' \<in> set ?map. s' <=_r \<phi>!Suc pc" by auto
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	238	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	239	from pc' have "c!Suc pc <=_r \<phi>!Suc pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	240	by (cases "c!Suc pc = \<bottom>") (auto dest: cert_approx)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	241	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	242	have "?map ++_f c!Suc pc <=_r \<phi>!Suc pc" by (rule pp_lub)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	243	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	244	from pc' phi have "\<phi>!Suc pc \<noteq> \<top>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	245	ultimately
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	246	show ?thesis by auto
9559 1f99296758c2 tuned kleing parents: 9549 diff changeset	247	qed
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	248	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	249	have "merge c pc ?step (c!Suc pc) \<noteq> \<top>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	250	thus ?thesis by (simp add: wti)
9376 c32c5696ec2a flat instruction set kleing parents: 9260 diff changeset	251	qed
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	252
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	253	lemma (in lbvc) wti_less:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	254	assumes stable: "stable r step \<phi> pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	255	assumes suc_pc: "Suc pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	256	shows "wti c pc (\<phi>!pc) <=_r \<phi>!Suc pc" (is "?wti <=_r _")
9757 1024a2d80ac0 functional LBV style, dead code, type safety -> Isar kleing parents: 9664 diff changeset	257	proof -
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	258	let ?step = "step pc (\<phi>!pc)"
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	259
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	260	from stable
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	261	have less: "\<forall>(q,s')\<in>set ?step. s' <=_r \<phi>!q" by (simp add: stable_def)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	262
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	263	from suc_pc have pc: "pc < length \<phi>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	264	with cert have cert_suc: "c!Suc pc \<in> A" by - (rule cert_okD3)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	265	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	266	from phi pc have "\<phi>!pc \<in> A" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	267	with pres pc have stepA: "snd`set ?step \<subseteq> A" by - (rule pres_typeD2)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	268	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	269	from stable pc have "?wti \<noteq> \<top>" by (rule stable_wti)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	270	hence "merge c pc ?step (c!Suc pc) \<noteq> \<top>" by (simp add: wti)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	271	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	272	have "merge c pc ?step (c!Suc pc) =
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	273	map snd [(p',t')\<in>?step.p'=pc+1] ++_f c!Suc pc" by (rule merge_not_top_s)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	274	hence "?wti = \<dots>" (is "_ = (?map ++_f _)" is "_ = ?sum") by (simp add: wti)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	275	also {
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	276	from suc_pc phi have "\<phi>!Suc pc \<in> A" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	277	moreover note cert_suc
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	278	moreover from stepA have "set ?map \<subseteq> A" by auto
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	279	moreover
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	280	have "\<And>s. s \<in> set ?map \<Longrightarrow> \<exists>t. (Suc pc, t) \<in> set ?step" by auto
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	281	with less have "\<forall>s' \<in> set ?map. s' <=_r \<phi>!Suc pc" by auto
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	282	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	283	from suc_pc have "c!Suc pc <=_r \<phi>!Suc pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	284	by (cases "c!Suc pc = \<bottom>") (auto dest: cert_approx)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	285	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	286	have "?sum <=_r \<phi>!Suc pc" by (rule pp_lub)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	287	}
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	288	finally show ?thesis .
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	289	qed
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	290
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	291	lemma (in lbvc) stable_wtc:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	292	assumes stable: "stable r step phi pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	293	assumes pc: "pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	294	shows "wtc c pc (\<phi>!pc) \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	295	proof -
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	296	have wti: "wti c pc (\<phi>!pc) \<noteq> \<top>" by (rule stable_wti)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	297	show ?thesis
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	298	proof (cases "c!pc = \<bottom>")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	299	case True with wti show ?thesis by (simp add: wtc)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	300	next
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	301	case False
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	302	with pc have "c!pc = \<phi>!pc" ..
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	303	with False wti show ?thesis by (simp add: wtc)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	304	qed
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	305	qed
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	306
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	307	lemma (in lbvc) wtc_less:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	308	assumes stable: "stable r step \<phi> pc"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	309	assumes suc_pc: "Suc pc < length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	310	shows "wtc c pc (\<phi>!pc) <=_r \<phi>!Suc pc" (is "?wtc <=_r _")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	311	proof (cases "c!pc = \<bottom>")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	312	case True
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	313	moreover have "wti c pc (\<phi>!pc) <=_r \<phi>!Suc pc" by (rule wti_less)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	314	ultimately show ?thesis by (simp add: wtc)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	315	next
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	316	case False
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	317	from suc_pc have pc: "pc < length \<phi>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	318	hence "?wtc \<noteq> \<top>" by - (rule stable_wtc)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	319	with False have "?wtc = wti c pc (c!pc)"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	320	by (unfold wtc) (simp split: split_if_asm)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	321	also from pc False have "c!pc = \<phi>!pc" ..
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	322	finally have "?wtc = wti c pc (\<phi>!pc)" .
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	323	also have "wti c pc (\<phi>!pc) <=_r \<phi>!Suc pc" by (rule wti_less)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	324	finally show ?thesis .
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	325	qed
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	326
f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	327
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	328	lemma (in lbvc) wt_step_wtl_lemma:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	329	assumes wt_step: "wt_step r \<top> step \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	330	shows "\<And>pc s. pc+length ls = length \<phi> \<Longrightarrow> s <=_r \<phi>!pc \<Longrightarrow> s \<in> A \<Longrightarrow> s\<noteq>\<top> \<Longrightarrow>
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	331	wtl ls c pc s \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	332	(is "\<And>pc s. _ \<Longrightarrow> _ \<Longrightarrow> _ \<Longrightarrow> _ \<Longrightarrow> ?wtl ls pc s \<noteq> _")
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	333	proof (induct ls)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	334	fix pc s assume "s\<noteq>\<top>" thus "?wtl [] pc s \<noteq> \<top>" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	335	next
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	336	fix pc s i ls
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	337	assume "\<And>pc s. pc+length ls=length \<phi> \<Longrightarrow> s <=_r \<phi>!pc \<Longrightarrow> s \<in> A \<Longrightarrow> s\<noteq>\<top> \<Longrightarrow>
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	338	?wtl ls pc s \<noteq> \<top>"
9757 1024a2d80ac0 functional LBV style, dead code, type safety -> Isar kleing parents: 9664 diff changeset	339	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	340	assume pc_l: "pc + length (i#ls) = length \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	341	hence suc_pc_l: "Suc pc + length ls = length \<phi>" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	342	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	343	have IH: "\<And>s. s <=_r \<phi>!Suc pc \<Longrightarrow> s \<in> A \<Longrightarrow> s \<noteq> \<top> \<Longrightarrow> ?wtl ls (Suc pc) s \<noteq> \<top>" .
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	344
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	345	from pc_l obtain pc: "pc < length \<phi>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	346	with wt_step have stable: "stable r step \<phi> pc" by (simp add: wt_step_def)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	347	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	348	assume s_phi: "s <=_r \<phi>!pc"
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	349	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	350	have wt_phi: "wtc c pc (\<phi>!pc) \<noteq> \<top>" by - (rule stable_wtc)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	351
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	352	from phi pc have phi_pc: "\<phi>!pc \<in> A" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	353	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	354	assume s: "s \<in> A"
9757 1024a2d80ac0 functional LBV style, dead code, type safety -> Isar kleing parents: 9664 diff changeset	355	ultimately
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	356	have wt_s_phi: "wtc c pc s <=_r wtc c pc (\<phi>!pc)" using s_phi by - (rule wtc_mono)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	357	with wt_phi have wt_s: "wtc c pc s \<noteq> \<top>" by simp
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	358	moreover
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	359	assume s: "s \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	360	ultimately
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	361	have "ls = [] \<Longrightarrow> ?wtl (i#ls) pc s \<noteq> \<top>" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	362	moreover {
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	363	assume "ls \<noteq> []"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	364	with pc_l have suc_pc: "Suc pc < length \<phi>" by (auto simp add: neq_Nil_conv)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	365	with stable have "wtc c pc (phi!pc) <=_r \<phi>!Suc pc" by (rule wtc_less)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	366	with wt_s_phi have "wtc c pc s <=_r \<phi>!Suc pc" by (rule trans_r)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	367	moreover
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	368	from cert suc_pc have "c!pc \<in> A" "c!(pc+1) \<in> A"
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	369	by (auto simp add: cert_ok_def)
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	370	with pres have "wtc c pc s \<in> A" by (rule wtc_pres)
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	371	ultimately
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	372	have "?wtl ls (Suc pc) (wtc c pc s) \<noteq> \<top>" using IH wt_s by blast
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	373	with s wt_s have "?wtl (i#ls) pc s \<noteq> \<top>" by simp
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	374	}
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	375	ultimately show "?wtl (i#ls) pc s \<noteq> \<top>" by (cases ls) blast+
9580 d955914193e0 tuned kleing parents: 9559 diff changeset	376	qed
9012 d1bd2144ab5d switched to Isar proofs kleing parents: 8388 diff changeset	377
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	378
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	379	theorem (in lbvc) wtl_complete:
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	380	assumes "wt_step r \<top> step \<phi>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	381	assumes "s <=_r \<phi>!0" and "s \<in> A" and "s \<noteq> \<top>" and "length ins = length phi"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	382	shows "wtl ins c 0 s \<noteq> \<top>"
1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	383	proof -
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	384	have "0+length ins = length phi" by simp
13078 1dd711c6b93c flattened, uses locales kleing parents: 13074 diff changeset	385	thus ?thesis by - (rule wt_step_wtl_lemma)
13071 f538a1dba7ee finished lbv completeness kleing parents: 13070 diff changeset	386	qed
10592 fc0b575a2cf7 BCV Integration kleing parents: 10496 diff changeset	387
9549 40d64cb4f4e6 BV and LBV specified in terms of app and step functions kleing parents: 9376 diff changeset	388
40d64cb4f4e6 BV and LBV specified in terms of app and step functions kleing parents: 9376 diff changeset	389	end

author	nipkow
	Tue, 16 Aug 2005 19:25:42 +0200
changeset 17087	0abf74bdf712
parent 16417	9bc16273c2d4
child 17090	603f23d71ada
permissions	-rw-r--r--