isabelle: src/HOL/Hoare/HeapSyntaxAbort.thy@17ddfd0c3506 (annotated)

13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	1	(* Title: HOL/Hoare/HeapSyntax.thy
12997e3ddd8d * empty log message * nipkow parents: diff changeset	2	ID: $Id$
12997e3ddd8d * empty log message * nipkow parents: diff changeset	3	Author: Tobias Nipkow
12997e3ddd8d * empty log message * nipkow parents: diff changeset	4	Copyright 2002 TUM
12997e3ddd8d * empty log message * nipkow parents: diff changeset	5	*)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	6
16417 9bc16273c2d4 migrated theory headers to new format haftmann parents: 13875 diff changeset	7	theory HeapSyntaxAbort imports HoareAbort Heap begin
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	8
12997e3ddd8d * empty log message * nipkow parents: diff changeset	9	subsection "Field access and update"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	10
12997e3ddd8d * empty log message * nipkow parents: diff changeset	11	text{* Heap update @{text"p^.h := e"} is now guarded against @{term p}
12997e3ddd8d * empty log message * nipkow parents: diff changeset	12	being Null. However, @{term p} may still be illegal,
12997e3ddd8d * empty log message * nipkow parents: diff changeset	13	e.g. uninitialized or dangling. To guard against that, one needs a
12997e3ddd8d * empty log message * nipkow parents: diff changeset	14	more detailed model of the heap where allocated and free addresses are
12997e3ddd8d * empty log message * nipkow parents: diff changeset	15	distinguished, e.g. by making the heap a map, or by carrying the set
12997e3ddd8d * empty log message * nipkow parents: diff changeset	16	of free addresses around. This is needed anyway as soon as we want to
12997e3ddd8d * empty log message * nipkow parents: diff changeset	17	reason about storage allocation/deallocation. *}
12997e3ddd8d * empty log message * nipkow parents: diff changeset	18
12997e3ddd8d * empty log message * nipkow parents: diff changeset	19	syntax
12997e3ddd8d * empty log message * nipkow parents: diff changeset	20	"refupdate" :: "('a \<Rightarrow> 'b) \<Rightarrow> 'a ref \<Rightarrow> 'b \<Rightarrow> ('a \<Rightarrow> 'b)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	21	("_/'((_ \<rightarrow> _)')" [1000,0] 900)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	22	"@fassign" :: "'a ref => id => 'v => 's com"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	23	("(2_^._ :=/ _)" [70,1000,65] 61)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	24	"@faccess" :: "'a ref => ('a ref \<Rightarrow> 'v) => 'v"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	25	("_^._" [65,1000] 65)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	26	translations
12997e3ddd8d * empty log message * nipkow parents: diff changeset	27	"refupdate f r v" == "f(addr r := v)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	28	"p^.f := e" => "(p \<noteq> Null) \<rightarrow> (f := refupdate f p e)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	29	"p^.f" => "f(addr p)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	30
12997e3ddd8d * empty log message * nipkow parents: diff changeset	31
12997e3ddd8d * empty log message * nipkow parents: diff changeset	32	declare fun_upd_apply[simp del] fun_upd_same[simp] fun_upd_other[simp]
12997e3ddd8d * empty log message * nipkow parents: diff changeset	33
12997e3ddd8d * empty log message * nipkow parents: diff changeset	34
12997e3ddd8d * empty log message * nipkow parents: diff changeset	35	text "An example due to Suzuki:"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	36
12997e3ddd8d * empty log message * nipkow parents: diff changeset	37	lemma "VARS v n
12997e3ddd8d * empty log message * nipkow parents: diff changeset	38	{w = Ref w0 & x = Ref x0 & y = Ref y0 & z = Ref z0 &
12997e3ddd8d * empty log message * nipkow parents: diff changeset	39	distinct[w0,x0,y0,z0]}
12997e3ddd8d * empty log message * nipkow parents: diff changeset	40	w^.v := (1::int); w^.n := x;
12997e3ddd8d * empty log message * nipkow parents: diff changeset	41	x^.v := 2; x^.n := y;
12997e3ddd8d * empty log message * nipkow parents: diff changeset	42	y^.v := 3; y^.n := z;
12997e3ddd8d * empty log message * nipkow parents: diff changeset	43	z^.v := 4; x^.n := z
12997e3ddd8d * empty log message * nipkow parents: diff changeset	44	{w^.n^.n^.v = 4}"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	45	by vcg_simp
12997e3ddd8d * empty log message * nipkow parents: diff changeset	46
12997e3ddd8d * empty log message * nipkow parents: diff changeset	47	end

author	huffman
	Wed, 18 Feb 2009 14:17:04 -0800
changeset 29980	17ddfd0c3506
parent 16417	9bc16273c2d4
child 35101	6ce9177d6b38
permissions	-rw-r--r--