author | haftmann |
Thu, 26 Aug 2010 13:50:58 +0200 | |
changeset 38779 | 89f654951200 |
parent 36862 | 952b2b102a0a |
child 41818 | 6d4c3ee8219d |
permissions | -rw-r--r-- |
36862 | 1 |
(* Title: HOL/Induct/Com.thy |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
2 |
Author: Lawrence C Paulson, Cambridge University Computer Laboratory |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
3 |
Copyright 1997 University of Cambridge |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
4 |
|
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
5 |
Example of Mutual Induction via Iteratived Inductive Definitions: Commands |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
6 |
*) |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
7 |
|
14527 | 8 |
header{*Mutual Induction via Iteratived Inductive Definitions*} |
9 |
||
16417 | 10 |
theory Com imports Main begin |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
11 |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
12 |
typedecl loc |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
13 |
types state = "loc => nat" |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
14 |
|
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
15 |
datatype |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
16 |
exp = N nat |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
17 |
| X loc |
24824 | 18 |
| Op "nat => nat => nat" exp exp |
10759 | 19 |
| valOf com exp ("VALOF _ RESULTIS _" 60) |
20 |
and |
|
21 |
com = SKIP |
|
24824 | 22 |
| Assign loc exp (infixl ":=" 60) |
23 |
| Semi com com ("_;;_" [60, 60] 60) |
|
24 |
| Cond exp com com ("IF _ THEN _ ELSE _" 60) |
|
10759 | 25 |
| While exp com ("WHILE _ DO _" 60) |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
26 |
|
14527 | 27 |
|
28 |
subsection {* Commands *} |
|
29 |
||
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
30 |
text{* Execution of commands *} |
4264 | 31 |
|
19736 | 32 |
abbreviation (input) |
23746 | 33 |
generic_rel ("_/ -|[_]-> _" [50,0,50] 50) where |
19736 | 34 |
"esig -|[eval]-> ns == (esig,ns) \<in> eval" |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
35 |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
36 |
text{*Command execution. Natural numbers represent Booleans: 0=True, 1=False*} |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
37 |
|
23746 | 38 |
inductive_set |
39 |
exec :: "((exp*state) * (nat*state)) set => ((com*state)*state)set" |
|
40 |
and exec_rel :: "com * state => ((exp*state) * (nat*state)) set => state => bool" |
|
41 |
("_/ -[_]-> _" [50,0,50] 50) |
|
42 |
for eval :: "((exp*state) * (nat*state)) set" |
|
43 |
where |
|
44 |
"csig -[eval]-> s == (csig,s) \<in> exec eval" |
|
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
45 |
|
23746 | 46 |
| Skip: "(SKIP,s) -[eval]-> s" |
47 |
||
48 |
| Assign: "(e,s) -|[eval]-> (v,s') ==> (x := e, s) -[eval]-> s'(x:=v)" |
|
49 |
||
50 |
| Semi: "[| (c0,s) -[eval]-> s2; (c1,s2) -[eval]-> s1 |] |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
51 |
==> (c0 ;; c1, s) -[eval]-> s1" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
52 |
|
23746 | 53 |
| IfTrue: "[| (e,s) -|[eval]-> (0,s'); (c0,s') -[eval]-> s1 |] |
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
54 |
==> (IF e THEN c0 ELSE c1, s) -[eval]-> s1" |
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
55 |
|
23746 | 56 |
| IfFalse: "[| (e,s) -|[eval]-> (Suc 0, s'); (c1,s') -[eval]-> s1 |] |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
57 |
==> (IF e THEN c0 ELSE c1, s) -[eval]-> s1" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
58 |
|
23746 | 59 |
| WhileFalse: "(e,s) -|[eval]-> (Suc 0, s1) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
60 |
==> (WHILE e DO c, s) -[eval]-> s1" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
61 |
|
23746 | 62 |
| WhileTrue: "[| (e,s) -|[eval]-> (0,s1); |
18260 | 63 |
(c,s1) -[eval]-> s2; (WHILE e DO c, s2) -[eval]-> s3 |] |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
64 |
==> (WHILE e DO c, s) -[eval]-> s3" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
65 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
66 |
declare exec.intros [intro] |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
67 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
68 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
69 |
inductive_cases |
18260 | 70 |
[elim!]: "(SKIP,s) -[eval]-> t" |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
71 |
and [elim!]: "(x:=a,s) -[eval]-> t" |
18260 | 72 |
and [elim!]: "(c1;;c2, s) -[eval]-> t" |
73 |
and [elim!]: "(IF e THEN c1 ELSE c2, s) -[eval]-> t" |
|
74 |
and exec_WHILE_case: "(WHILE b DO c,s) -[eval]-> t" |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
75 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
76 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
77 |
text{*Justifies using "exec" in the inductive definition of "eval"*} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
78 |
lemma exec_mono: "A<=B ==> exec(A) <= exec(B)" |
23746 | 79 |
apply (rule subsetI) |
80 |
apply (simp add: split_paired_all) |
|
81 |
apply (erule exec.induct) |
|
82 |
apply blast+ |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
83 |
done |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
84 |
|
23746 | 85 |
lemma [pred_set_conv]: |
86 |
"((\<lambda>x x' y y'. ((x, x'), (y, y')) \<in> R) <= (\<lambda>x x' y y'. ((x, x'), (y, y')) \<in> S)) = (R <= S)" |
|
26806 | 87 |
by (auto simp add: le_fun_def le_bool_def mem_def) |
23746 | 88 |
|
89 |
lemma [pred_set_conv]: |
|
90 |
"((\<lambda>x x' y. ((x, x'), y) \<in> R) <= (\<lambda>x x' y. ((x, x'), y) \<in> S)) = (R <= S)" |
|
26806 | 91 |
by (auto simp add: le_fun_def le_bool_def mem_def) |
23746 | 92 |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
93 |
text{*Command execution is functional (deterministic) provided evaluation is*} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
94 |
theorem single_valued_exec: "single_valued ev ==> single_valued(exec ev)" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
95 |
apply (simp add: single_valued_def) |
18260 | 96 |
apply (intro allI) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
97 |
apply (rule impI) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
98 |
apply (erule exec.induct) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
99 |
apply (blast elim: exec_WHILE_case)+ |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
100 |
done |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
101 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
102 |
|
14527 | 103 |
subsection {* Expressions *} |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
104 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
105 |
text{* Evaluation of arithmetic expressions *} |
18260 | 106 |
|
23746 | 107 |
inductive_set |
108 |
eval :: "((exp*state) * (nat*state)) set" |
|
109 |
and eval_rel :: "[exp*state,nat*state] => bool" (infixl "-|->" 50) |
|
110 |
where |
|
111 |
"esig -|-> ns == (esig, ns) \<in> eval" |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
112 |
|
23746 | 113 |
| N [intro!]: "(N(n),s) -|-> (n,s)" |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
114 |
|
23746 | 115 |
| X [intro!]: "(X(x),s) -|-> (s(x),s)" |
116 |
||
117 |
| Op [intro]: "[| (e0,s) -|-> (n0,s0); (e1,s0) -|-> (n1,s1) |] |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
118 |
==> (Op f e0 e1, s) -|-> (f n0 n1, s1)" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
119 |
|
23746 | 120 |
| valOf [intro]: "[| (c,s) -[eval]-> s0; (e,s0) -|-> (n,s1) |] |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
121 |
==> (VALOF c RESULTIS e, s) -|-> (n, s1)" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
122 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
123 |
monos exec_mono |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
124 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
125 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
126 |
inductive_cases |
18260 | 127 |
[elim!]: "(N(n),sigma) -|-> (n',s')" |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
128 |
and [elim!]: "(X(x),sigma) -|-> (n,s')" |
18260 | 129 |
and [elim!]: "(Op f a1 a2,sigma) -|-> (n,s')" |
130 |
and [elim!]: "(VALOF c RESULTIS e, s) -|-> (n, s1)" |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
131 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
132 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
133 |
lemma var_assign_eval [intro!]: "(X x, s(x:=n)) -|-> (n, s(x:=n))" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
134 |
by (rule fun_upd_same [THEN subst], fast) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
135 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
136 |
|
23746 | 137 |
text{* Make the induction rule look nicer -- though @{text eta_contract} makes the new |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
138 |
version look worse than it is...*} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
139 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
140 |
lemma split_lemma: |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
141 |
"{((e,s),(n,s')). P e s n s'} = Collect (split (%v. split (split P v)))" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
142 |
by auto |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
143 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
144 |
text{*New induction rule. Note the form of the VALOF induction hypothesis*} |
18260 | 145 |
lemma eval_induct |
146 |
[case_names N X Op valOf, consumes 1, induct set: eval]: |
|
147 |
"[| (e,s) -|-> (n,s'); |
|
148 |
!!n s. P (N n) s n s; |
|
149 |
!!s x. P (X x) s (s x) s; |
|
150 |
!!e0 e1 f n0 n1 s s0 s1. |
|
151 |
[| (e0,s) -|-> (n0,s0); P e0 s n0 s0; |
|
152 |
(e1,s0) -|-> (n1,s1); P e1 s0 n1 s1 |
|
153 |
|] ==> P (Op f e0 e1) s (f n0 n1) s1; |
|
154 |
!!c e n s s0 s1. |
|
155 |
[| (c,s) -[eval Int {((e,s),(n,s')). P e s n s'}]-> s0; |
|
156 |
(c,s) -[eval]-> s0; |
|
157 |
(e,s0) -|-> (n,s1); P e s0 n s1 |] |
|
158 |
==> P (VALOF c RESULTIS e) s n s1 |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
159 |
|] ==> P e s n s'" |
18260 | 160 |
apply (induct set: eval) |
161 |
apply blast |
|
162 |
apply blast |
|
163 |
apply blast |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
164 |
apply (frule Int_lower1 [THEN exec_mono, THEN subsetD]) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
165 |
apply (auto simp add: split_lemma) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
166 |
done |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
167 |
|
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
168 |
|
23746 | 169 |
text{*Lemma for @{text Function_eval}. The major premise is that @{text "(c,s)"} executes to @{text "s1"} |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
170 |
using eval restricted to its functional part. Note that the execution |
23746 | 171 |
@{text "(c,s) -[eval]-> s2"} can use unrestricted @{text eval}! The reason is that |
172 |
the execution @{text "(c,s) -[eval Int {...}]-> s1"} assures us that execution is |
|
173 |
functional on the argument @{text "(c,s)"}. |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
174 |
*} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
175 |
lemma com_Unique: |
18260 | 176 |
"(c,s) -[eval Int {((e,s),(n,t)). \<forall>nt'. (e,s) -|-> nt' --> (n,t)=nt'}]-> s1 |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
177 |
==> \<forall>s2. (c,s) -[eval]-> s2 --> s2=s1" |
18260 | 178 |
apply (induct set: exec) |
179 |
apply simp_all |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
180 |
apply blast |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
181 |
apply force |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
182 |
apply blast |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
183 |
apply blast |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
184 |
apply blast |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
185 |
apply (blast elim: exec_WHILE_case) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
186 |
apply (erule_tac V = "(?c,s2) -[?ev]-> s3" in thin_rl) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
187 |
apply clarify |
18260 | 188 |
apply (erule exec_WHILE_case, blast+) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
189 |
done |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
190 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
191 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
192 |
text{*Expression evaluation is functional, or deterministic*} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
193 |
theorem single_valued_eval: "single_valued eval" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
194 |
apply (unfold single_valued_def) |
18260 | 195 |
apply (intro allI, rule impI) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
196 |
apply (simp (no_asm_simp) only: split_tupled_all) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
197 |
apply (erule eval_induct) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
198 |
apply (drule_tac [4] com_Unique) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
199 |
apply (simp_all (no_asm_use)) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
200 |
apply blast+ |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
201 |
done |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
202 |
|
18260 | 203 |
lemma eval_N_E [dest!]: "(N n, s) -|-> (v, s') ==> (v = n & s' = s)" |
204 |
by (induct e == "N n" s v s' set: eval) simp_all |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
205 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
206 |
text{*This theorem says that "WHILE TRUE DO c" cannot terminate*} |
18260 | 207 |
lemma while_true_E: |
208 |
"(c', s) -[eval]-> t ==> c' = WHILE (N 0) DO c ==> False" |
|
209 |
by (induct set: exec) auto |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
210 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
211 |
|
18260 | 212 |
subsection{* Equivalence of IF e THEN c;;(WHILE e DO c) ELSE SKIP and |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
213 |
WHILE e DO c *} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
214 |
|
18260 | 215 |
lemma while_if1: |
216 |
"(c',s) -[eval]-> t |
|
217 |
==> c' = WHILE e DO c ==> |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
218 |
(IF e THEN c;;c' ELSE SKIP, s) -[eval]-> t" |
18260 | 219 |
by (induct set: exec) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
220 |
|
18260 | 221 |
lemma while_if2: |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
222 |
"(c',s) -[eval]-> t |
18260 | 223 |
==> c' = IF e THEN c;;(WHILE e DO c) ELSE SKIP ==> |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
224 |
(WHILE e DO c, s) -[eval]-> t" |
18260 | 225 |
by (induct set: exec) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
226 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
227 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
228 |
theorem while_if: |
18260 | 229 |
"((IF e THEN c;;(WHILE e DO c) ELSE SKIP, s) -[eval]-> t) = |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
230 |
((WHILE e DO c, s) -[eval]-> t)" |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
231 |
by (blast intro: while_if1 while_if2) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
232 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
233 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
234 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
235 |
subsection{* Equivalence of (IF e THEN c1 ELSE c2);;c |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
236 |
and IF e THEN (c1;;c) ELSE (c2;;c) *} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
237 |
|
18260 | 238 |
lemma if_semi1: |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
239 |
"(c',s) -[eval]-> t |
18260 | 240 |
==> c' = (IF e THEN c1 ELSE c2);;c ==> |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
241 |
(IF e THEN (c1;;c) ELSE (c2;;c), s) -[eval]-> t" |
18260 | 242 |
by (induct set: exec) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
243 |
|
18260 | 244 |
lemma if_semi2: |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
245 |
"(c',s) -[eval]-> t |
18260 | 246 |
==> c' = IF e THEN (c1;;c) ELSE (c2;;c) ==> |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
247 |
((IF e THEN c1 ELSE c2);;c, s) -[eval]-> t" |
18260 | 248 |
by (induct set: exec) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
249 |
|
18260 | 250 |
theorem if_semi: "(((IF e THEN c1 ELSE c2);;c, s) -[eval]-> t) = |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
251 |
((IF e THEN (c1;;c) ELSE (c2;;c), s) -[eval]-> t)" |
18260 | 252 |
by (blast intro: if_semi1 if_semi2) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
253 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
254 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
255 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
256 |
subsection{* Equivalence of VALOF c1 RESULTIS (VALOF c2 RESULTIS e) |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
257 |
and VALOF c1;;c2 RESULTIS e |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
258 |
*} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
259 |
|
18260 | 260 |
lemma valof_valof1: |
261 |
"(e',s) -|-> (v,s') |
|
262 |
==> e' = VALOF c1 RESULTIS (VALOF c2 RESULTIS e) ==> |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
263 |
(VALOF c1;;c2 RESULTIS e, s) -|-> (v,s')" |
18260 | 264 |
by (induct set: eval) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
265 |
|
18260 | 266 |
lemma valof_valof2: |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
267 |
"(e',s) -|-> (v,s') |
18260 | 268 |
==> e' = VALOF c1;;c2 RESULTIS e ==> |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
269 |
(VALOF c1 RESULTIS (VALOF c2 RESULTIS e), s) -|-> (v,s')" |
18260 | 270 |
by (induct set: eval) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
271 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
272 |
theorem valof_valof: |
18260 | 273 |
"((VALOF c1 RESULTIS (VALOF c2 RESULTIS e), s) -|-> (v,s')) = |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
274 |
((VALOF c1;;c2 RESULTIS e, s) -|-> (v,s'))" |
18260 | 275 |
by (blast intro: valof_valof1 valof_valof2) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
276 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
277 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
278 |
subsection{* Equivalence of VALOF SKIP RESULTIS e and e *} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
279 |
|
18260 | 280 |
lemma valof_skip1: |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
281 |
"(e',s) -|-> (v,s') |
18260 | 282 |
==> e' = VALOF SKIP RESULTIS e ==> |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
283 |
(e, s) -|-> (v,s')" |
18260 | 284 |
by (induct set: eval) auto |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
285 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
286 |
lemma valof_skip2: |
18260 | 287 |
"(e,s) -|-> (v,s') ==> (VALOF SKIP RESULTIS e, s) -|-> (v,s')" |
288 |
by blast |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
289 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
290 |
theorem valof_skip: |
18260 | 291 |
"((VALOF SKIP RESULTIS e, s) -|-> (v,s')) = ((e, s) -|-> (v,s'))" |
292 |
by (blast intro: valof_skip1 valof_skip2) |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
293 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
294 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
295 |
subsection{* Equivalence of VALOF x:=e RESULTIS x and e *} |
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
296 |
|
18260 | 297 |
lemma valof_assign1: |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
298 |
"(e',s) -|-> (v,s'') |
18260 | 299 |
==> e' = VALOF x:=e RESULTIS X x ==> |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
300 |
(\<exists>s'. (e, s) -|-> (v,s') & (s'' = s'(x:=v)))" |
18260 | 301 |
by (induct set: eval) (simp_all del: fun_upd_apply, clarify, auto) |
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
302 |
|
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
303 |
lemma valof_assign2: |
18260 | 304 |
"(e,s) -|-> (v,s') ==> (VALOF x:=e RESULTIS X x, s) -|-> (v,s'(x:=v))" |
305 |
by blast |
|
13075
d3e1d554cd6d
conversion of some HOL/Induct proof scripts to Isar
paulson
parents:
12338
diff
changeset
|
306 |
|
3120
c58423c20740
New directory to contain examples of (co)inductive definitions
paulson
parents:
diff
changeset
|
307 |
end |