isabelle: src/HOL/SPARK/SPARK_Setup.thy@0dc67ae4a4c7 (annotated)

41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	1	(* Title: HOL/SPARK/SPARK_Setup.thy
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	2	Author: Stefan Berghofer
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	3	Copyright: secunet Security Networks AG
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	4
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	5	Setup for SPARK/Ada verification environment.
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	6	*)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	7
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	8	theory SPARK_Setup
70172 c247bf924d25 integrated Bit_Comparison into Word corpus haftmann parents: 69605 diff changeset	9	imports
c247bf924d25 integrated Bit_Comparison into Word corpus haftmann parents: 69605 diff changeset	10	"HOL-Word.Word"
46950 d0181abdbdac declare command keywords via theory header, including strict checking outside Pure; wenzelm parents: 42416 diff changeset	11	keywords
48908 713f24d7a40f added specific 'spark_open_vcg' and 'spark_open_siv' with formal management of corresponding source files; wenzelm parents: 48891 diff changeset	12	"spark_open_vcg" :: thy_load ("vcg", "fdl", "rls") and
56798 939e88e79724 Discontinued old spark_open; spark_open_siv is now spark_open berghofe parents: 55789 diff changeset	13	"spark_open" :: thy_load ("siv", "fdl", "rls") and
939e88e79724 Discontinued old spark_open; spark_open_siv is now spark_open berghofe parents: 55789 diff changeset	14	"spark_proof_functions" "spark_types" "spark_end" :: thy_decl and
63432 ba7901e94e7b tuned; wenzelm parents: 63167 diff changeset	15	"spark_vc" :: thy_goal and
ba7901e94e7b tuned; wenzelm parents: 63167 diff changeset	16	"spark_status" :: diag
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	17	begin
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	18
69605 a96320074298 isabelle update -u path_cartouches; wenzelm parents: 66453 diff changeset	19	ML_file \<open>Tools/fdl_lexer.ML\<close>
a96320074298 isabelle update -u path_cartouches; wenzelm parents: 66453 diff changeset	20	ML_file \<open>Tools/fdl_parser.ML\<close>
48891 c0eafbd55de3 prefer ML_file over old uses; wenzelm parents: 46950 diff changeset	21
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	22	text \<open>
41635 f938a6022d2e Replaced smod by standard mod operator to reflect actual behaviour berghofe parents: 41561 diff changeset	23	SPARK version of div, see section 4.4.1.1 of SPARK Proof Manual
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	24	\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	25
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	26	definition sdiv :: "int \<Rightarrow> int \<Rightarrow> int" (infixl "sdiv" 70) where
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	27	"a sdiv b = sgn a * sgn b * (\<bar>a\<bar> div \<bar>b\<bar>)"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	28
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	29	lemma sdiv_minus_dividend: "- a sdiv b = - (a sdiv b)"
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	30	by (simp add: sdiv_def sgn_if)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	31
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	32	lemma sdiv_minus_divisor: "a sdiv - b = - (a sdiv b)"
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	33	by (simp add: sdiv_def sgn_if)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	34
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	35	text \<open>
41635 f938a6022d2e Replaced smod by standard mod operator to reflect actual behaviour berghofe parents: 41561 diff changeset	36	Correspondence between HOL's and SPARK's version of div
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	37	\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	38
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	39	lemma sdiv_pos_pos: "0 \<le> a \<Longrightarrow> 0 \<le> b \<Longrightarrow> a sdiv b = a div b"
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	40	by (simp add: sdiv_def sgn_if)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	41
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	42	lemma sdiv_pos_neg: "0 \<le> a \<Longrightarrow> b < 0 \<Longrightarrow> a sdiv b = - (a div - b)"
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	43	by (simp add: sdiv_def sgn_if)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	44
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	45	lemma sdiv_neg_pos: "a < 0 \<Longrightarrow> 0 \<le> b \<Longrightarrow> a sdiv b = - (- a div b)"
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	46	by (simp add: sdiv_def sgn_if)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	47
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	48	lemma sdiv_neg_neg: "a < 0 \<Longrightarrow> b < 0 \<Longrightarrow> a sdiv b = - a div - b"
41637 55a45051b220 Tuned definition of sdiv. berghofe parents: 41635 diff changeset	49	by (simp add: sdiv_def sgn_if)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	50
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	51
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	52	text \<open>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	53	Updating a function at a set of points. Useful for building arrays.
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	54	\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	55
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	56	definition fun_upds :: "('a \<Rightarrow> 'b) \<Rightarrow> 'a set \<Rightarrow> 'b \<Rightarrow> 'a \<Rightarrow> 'b" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	57	"fun_upds f xs y z = (if z \<in> xs then y else f z)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	58
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	59	syntax
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	60	"_updsbind" :: "['a, 'a] => updbind" ("(2_ [:=]/ _)")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	61
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	62	translations
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	63	"f(xs[:=]y)" == "CONST fun_upds f xs y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	64
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	65	lemma fun_upds_in [simp]: "z \<in> xs \<Longrightarrow> (f(xs [:=] y)) z = y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	66	by (simp add: fun_upds_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	67
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	68	lemma fun_upds_notin [simp]: "z \<notin> xs \<Longrightarrow> (f(xs [:=] y)) z = f z"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	69	by (simp add: fun_upds_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	70
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	71	lemma upds_singleton [simp]: "f({x} [:=] y) = f(x := y)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	72	by (simp add: fun_eq_iff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	73
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	74
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	75	text \<open>Enumeration types\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	76
42416 a8a9f4d79196 - renamed enum type class to spark_enum, to avoid confusion with berghofe parents: 41637 diff changeset	77	class spark_enum = ord + finite +
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	78	fixes pos :: "'a \<Rightarrow> int"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	79	assumes range_pos: "range pos = {0..<int (card (UNIV::'a set))}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	80	and less_pos: "(x < y) = (pos x < pos y)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	81	and less_eq_pos: "(x \<le> y) = (pos x \<le> pos y)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	82	begin
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	83
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	84	definition "val = inv pos"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	85
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	86	definition "succ x = val (pos x + 1)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	87
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	88	definition "pred x = val (pos x - 1)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	89
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	90	lemma inj_pos: "inj pos"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	91	using finite_UNIV
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	92	by (rule eq_card_imp_inj_on) (simp add: range_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	93
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	94	lemma val_pos: "val (pos x) = x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	95	unfolding val_def using inj_pos
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	96	by (rule inv_f_f)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	97
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	98	lemma pos_val: "z \<in> range pos \<Longrightarrow> pos (val z) = z"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	99	unfolding val_def
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	100	by (rule f_inv_into_f)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	101
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	102	subclass linorder
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	103	proof
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	104	fix x::'a and y show "(x < y) = (x \<le> y \<and> \<not> y \<le> x)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	105	by (simp add: less_pos less_eq_pos less_le_not_le)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	106	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	107	fix x::'a show "x \<le> x" by (simp add: less_eq_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	108	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	109	fix x::'a and y z assume "x \<le> y" and "y \<le> z"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	110	then show "x \<le> z" by (simp add: less_eq_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	111	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	112	fix x::'a and y assume "x \<le> y" and "y \<le> x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	113	with inj_pos show "x = y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	114	by (auto dest: injD simp add: less_eq_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	115	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	116	fix x::'a and y show "x \<le> y \<or> y \<le> x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	117	by (simp add: less_eq_pos linear)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	118	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	119
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	120	definition "first_el = val 0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	121
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	122	definition "last_el = val (int (card (UNIV::'a set)) - 1)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	123
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	124	lemma first_el_smallest: "first_el \<le> x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	125	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	126	have "pos x \<in> range pos" by (rule rangeI)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	127	then have "pos (val 0) \<le> pos x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	128	by (simp add: range_pos pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	129	then show ?thesis by (simp add: first_el_def less_eq_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	130	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	131
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	132	lemma last_el_greatest: "x \<le> last_el"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	133	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	134	have "pos x \<in> range pos" by (rule rangeI)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	135	then have "pos x \<le> pos (val (int (card (UNIV::'a set)) - 1))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	136	by (simp add: range_pos pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	137	then show ?thesis by (simp add: last_el_def less_eq_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	138	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	139
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	140	lemma pos_succ:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	141	assumes "x \<noteq> last_el"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	142	shows "pos (succ x) = pos x + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	143	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	144	have "x \<le> last_el" by (rule last_el_greatest)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	145	with assms have "x < last_el" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	146	then have "pos x < pos last_el"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	147	by (simp add: less_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	148	with rangeI [of pos x]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	149	have "pos x + 1 \<in> range pos"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	150	by (simp add: range_pos last_el_def pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	151	then show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	152	by (simp add: succ_def pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	153	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	154
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	155	lemma pos_pred:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	156	assumes "x \<noteq> first_el"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	157	shows "pos (pred x) = pos x - 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	158	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	159	have "first_el \<le> x" by (rule first_el_smallest)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	160	with assms have "first_el < x" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	161	then have "pos first_el < pos x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	162	by (simp add: less_pos)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	163	with rangeI [of pos x]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	164	have "pos x - 1 \<in> range pos"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	165	by (simp add: range_pos first_el_def pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	166	then show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	167	by (simp add: pred_def pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	168	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	169
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	170	lemma succ_val: "x \<in> range pos \<Longrightarrow> succ (val x) = val (x + 1)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	171	by (simp add: succ_def pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	172
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	173	lemma pred_val: "x \<in> range pos \<Longrightarrow> pred (val x) = val (x - 1)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	174	by (simp add: pred_def pos_val)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	175
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	176	end
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	177
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	178	lemma interval_expand:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	179	"x < y \<Longrightarrow> (z::int) \<in> {x..<y} = (z = x \<or> z \<in> {x+1..<y})"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	180	by auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	181
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	182
63167 0909deb8059b isabelle update_cartouches -c -t; wenzelm parents: 56798 diff changeset	183	text \<open>Load the package\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	184
69605 a96320074298 isabelle update -u path_cartouches; wenzelm parents: 66453 diff changeset	185	ML_file \<open>Tools/spark_vcs.ML\<close>
a96320074298 isabelle update -u path_cartouches; wenzelm parents: 66453 diff changeset	186	ML_file \<open>Tools/spark_commands.ML\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	187
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	188	end

author	wenzelm
	Wed, 27 May 2020 16:09:25 +0200
changeset 71908	0dc67ae4a4c7
parent 70172	c247bf924d25
child 72515	c7038c397ae3
permissions	-rw-r--r--