isabelle: src/HOL/IMP/Hoare_Den.thy@aa8dce9ab8a9 (annotated)

35754 8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	1	(* Title: HOL/IMP/Hoare_Def.thy
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	2	Author: Tobias Nipkow
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	3	*)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	4
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	5	header "Soundness and Completeness wrt Denotational Semantics"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	6
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	7	theory Hoare_Den imports Hoare Denotation begin
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	8
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	9	definition
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	10	hoare_valid :: "[assn,com,assn] => bool" ("\|= {(1_)}/ (_)/ {(1_)}" 50) where
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	11	"\|= {P}c{Q} = (!s t. (s,t) : C(c) --> P s --> Q t)"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	12
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	13
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	14	lemma hoare_sound: "\|- {P}c{Q} ==> \|= {P}c{Q}"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	15	proof(induct rule: hoare.induct)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	16	case (While P b c)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	17	{ fix s t
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	18	let ?G = "Gamma b (C c)"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	19	assume "(s,t) \<in> lfp ?G"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	20	hence "P s \<longrightarrow> P t \<and> \<not> b t"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	21	proof(rule lfp_induct2)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	22	show "mono ?G" by(rule Gamma_mono)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	23	next
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	24	fix s t assume "(s,t) \<in> ?G (lfp ?G \<inter> {(s,t). P s \<longrightarrow> P t \<and> \<not> b t})"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	25	thus "P s \<longrightarrow> P t \<and> \<not> b t" using While.hyps
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	26	by(auto simp: hoare_valid_def Gamma_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	27	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	28	}
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	29	thus ?case by(simp add:hoare_valid_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	30	qed (auto simp: hoare_valid_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	31
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	32
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	33	definition
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	34	wp :: "com => assn => assn" where
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	35	"wp c Q = (%s. !t. (s,t) : C(c) --> Q t)"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	36
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	37	lemma wp_SKIP: "wp \<SKIP> Q = Q"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	38	by (simp add: wp_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	39
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	40	lemma wp_Ass: "wp (x:==a) Q = (%s. Q(s[x\<mapsto>a s]))"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	41	by (simp add: wp_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	42
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	43	lemma wp_Semi: "wp (c;d) Q = wp c (wp d Q)"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	44	by (rule ext) (auto simp: wp_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	45
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	46	lemma wp_If:
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	47	"wp (\<IF> b \<THEN> c \<ELSE> d) Q = (%s. (b s --> wp c Q s) & (~b s --> wp d Q s))"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	48	by (rule ext) (auto simp: wp_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	49
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	50	lemma wp_While_If:
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	51	"wp (\<WHILE> b \<DO> c) Q s =
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	52	wp (IF b THEN c;\<WHILE> b \<DO> c ELSE SKIP) Q s"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	53	by(simp only: wp_def C_While_If)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	54
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	55	(Not suitable for rewriting: LOOPS!)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	56	lemma wp_While_if:
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	57	"wp (\<WHILE> b \<DO> c) Q s = (if b s then wp (c;\<WHILE> b \<DO> c) Q s else Q s)"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	58	by(simp add:wp_While_If wp_If wp_SKIP)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	59
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	60	lemma wp_While_True: "b s ==>
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	61	wp (\<WHILE> b \<DO> c) Q s = wp (c;\<WHILE> b \<DO> c) Q s"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	62	by(simp add: wp_While_if)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	63
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	64	lemma wp_While_False: "~b s ==> wp (\<WHILE> b \<DO> c) Q s = Q s"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	65	by(simp add: wp_While_if)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	66
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	67	lemmas [simp] = wp_SKIP wp_Ass wp_Semi wp_If wp_While_True wp_While_False
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	68
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	69	lemma wp_While: "wp (\<WHILE> b \<DO> c) Q s =
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	70	(s : gfp(%S.{s. if b s then wp c (%s. s:S) s else Q s}))"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	71	apply (simp (no_asm))
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	72	apply (rule iffI)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	73	apply (rule weak_coinduct)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	74	apply (erule CollectI)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	75	apply safe
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	76	apply simp
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	77	apply simp
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	78	apply (simp add: wp_def Gamma_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	79	apply (intro strip)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	80	apply (rule mp)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	81	prefer 2 apply (assumption)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	82	apply (erule lfp_induct2)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	83	apply (fast intro!: monoI)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	84	apply (subst gfp_unfold)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	85	apply (fast intro!: monoI)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	86	apply fast
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	87	done
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	88
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	89	declare C_while [simp del]
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	90
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	91	lemma wp_is_pre: "\|- {wp c Q} c {Q}"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	92	proof(induct c arbitrary: Q)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	93	case SKIP show ?case by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	94	next
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	95	case Assign show ?case by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	96	next
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	97	case Semi thus ?case by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	98	next
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	99	case (Cond b c1 c2)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	100	let ?If = "IF b THEN c1 ELSE c2"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	101	show ?case
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	102	proof(rule If)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	103	show "\|- {\<lambda>s. wp ?If Q s \<and> b s} c1 {Q}"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	104	proof(rule strengthen_pre[OF _ Cond(1)])
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	105	show "\<forall>s. wp ?If Q s \<and> b s \<longrightarrow> wp c1 Q s" by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	106	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	107	show "\|- {\<lambda>s. wp ?If Q s \<and> \<not> b s} c2 {Q}"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	108	proof(rule strengthen_pre[OF _ Cond(2)])
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	109	show "\<forall>s. wp ?If Q s \<and> \<not> b s \<longrightarrow> wp c2 Q s" by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	110	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	111	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	112	next
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	113	case (While b c)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	114	let ?w = "WHILE b DO c"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	115	show ?case
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	116	proof(rule While')
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	117	show "\|- {\<lambda>s. wp ?w Q s \<and> b s} c {wp ?w Q}"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	118	proof(rule strengthen_pre[OF _ While(1)])
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	119	show "\<forall>s. wp ?w Q s \<and> b s \<longrightarrow> wp c (wp ?w Q) s" by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	120	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	121	show "\<forall>s. wp ?w Q s \<and> \<not> b s \<longrightarrow> Q s" by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	122	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	123	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	124
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	125	lemma hoare_relative_complete: assumes "\|= {P}c{Q}" shows "\|- {P}c{Q}"
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	126	proof(rule conseq)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	127	show "\<forall>s. P s \<longrightarrow> wp c Q s" using assms
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	128	by (auto simp: hoare_valid_def wp_def)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	129	show "\|- {wp c Q} c {Q}" by(rule wp_is_pre)
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	130	show "\<forall>s. Q s \<longrightarrow> Q s" by auto
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	131	qed
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	132
8e7dba5f00f5 Reorganized Hoare logic theories; added Hoare_Den nipkow parents: diff changeset	133	end

author	wenzelm
	Thu, 03 Mar 2011 18:10:28 +0100
changeset 41886	aa8dce9ab8a9
parent 41589	bbd861837ebc
child 41959	b460124855b8
permissions	-rw-r--r--