isabelle: src/HOL/NanoJava/AxSem.thy@c3fbfd472365 (annotated)

11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	1	(* Title: HOL/NanoJava/AxSem.thy
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	2	ID: $Id$
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	3	Author: David von Oheimb
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	4	Copyright 2001 Technische Universitaet Muenchen
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	5	*)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	6
11560 46d0bde121ab marginally improved comments oheimb parents: 11559 diff changeset	7	header "Axiomatic Semantics"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	8
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	9	theory AxSem = State:
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	10
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	11	types assn = "state => bool"
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	12	vassn = "val => assn"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	13	triple = "assn \<times> stmt \<times> assn"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	14	etriple = "assn \<times> expr \<times> vassn"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	15	translations
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	16	"assn" \<leftharpoondown> (type)"state => bool"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	17	"vassn" \<leftharpoondown> (type)"val => assn"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	18	"triple" \<leftharpoondown> (type)"assn \<times> stmt \<times> assn"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	19	"etriple" \<leftharpoondown> (type)"assn \<times> expr \<times> vassn"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	20
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	21	consts hoare :: "(triple set \<times> triple set) set"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	22	consts ehoare :: "(triple set \<times> etriple ) set"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	23	syntax (xsymbols)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	24	"@hoare" :: "[triple set, triple set ] => bool" ("_ \|\<turnstile>/ _" [61,61] 60)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	25	"@hoare1" :: "[triple set, assn,stmt,assn] => bool"
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	26	("_ \<turnstile>/ ({(1_)}/ (_)/ {(1_)})" [61,3,90,3]60)
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	27	"@ehoare" :: "[triple set, etriple ] => bool" ("_ \|\<turnstile>\<^sub>e/ _"[61,61]60)
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	28	"@ehoare1" :: "[triple set, assn,expr,vassn]=> bool"
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	29	("_ \<turnstile>\<^sub>e/ ({(1_)}/ (_)/ {(1_)})" [61,3,90,3]60)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	30	syntax
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	31	"@hoare" :: "[triple set, triple set ] => bool" ("_ \|\|-/ _" [61,61] 60)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	32	"@hoare1" :: "[triple set, assn,stmt,assn] => bool"
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	33	("_ \|-/ ({(1_)}/ (_)/ {(1_)})" [61,3,90,3] 60)
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	34	"@ehoare" :: "[triple set, etriple ] => bool" ("_ \|\|-e/ _"[61,61] 60)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	35	"@ehoare1" :: "[triple set, assn,expr,vassn]=> bool"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	36	("_ \|-e/ ({(1_)}/ (_)/ {(1_)})" [61,3,90,3] 60)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	37
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	38	translations "A \|\<turnstile> C" \<rightleftharpoons> "(A,C) \<in> hoare"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	39	"A \<turnstile> {P}c{Q}" \<rightleftharpoons> "A \|\<turnstile> {(P,c,Q)}"
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	40	"A \|\<turnstile>\<^sub>e t" \<rightleftharpoons> "(A,t) \<in> ehoare"
11558 6539627881e8 simplified vnam/vname, introduced fname, improved comments oheimb parents: 11508 diff changeset	41	"A \|\<turnstile>\<^sub>e (P,e,Q)" \<rightleftharpoons> "(A,P,e,Q) \<in> ehoare" (* shouldn't be necessary *)
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	42	"A \<turnstile>\<^sub>e {P}e{Q}" \<rightleftharpoons> "A \|\<turnstile>\<^sub>e (P,e,Q)"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	43
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	44
11560 46d0bde121ab marginally improved comments oheimb parents: 11559 diff changeset	45	subsection "Hoare Logic Rules"
46d0bde121ab marginally improved comments oheimb parents: 11559 diff changeset	46
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	47	inductive hoare ehoare
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	48	intros
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	49
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	50	Skip: "A \|- {P} Skip {P}"
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	51
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	52	Comp: "[\| A \|- {P} c1 {Q}; A \|- {Q} c2 {R} \|] ==> A \|- {P} c1;;c2 {R}"
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	53
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	54	Cond: "[\| A \|-e {P} e {Q};
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	55	\<forall>v. A \|- {Q v} (if v \<noteq> Null then c1 else c2) {R} \|] ==>
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	56	A \|- {P} If(e) c1 Else c2 {R}"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	57
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	58	Loop: "A \|- {\<lambda>s. P s \<and> s<x> \<noteq> Null} c {P} ==>
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	59	A \|- {P} While(x) c {\<lambda>s. P s \<and> s<x> = Null}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	60
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	61	LAcc: "A \|-e {\<lambda>s. P (s<x>) s} LAcc x {P}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	62
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	63	LAss: "A \|-e {P} e {\<lambda>v s. Q (lupd(x\<mapsto>v) s)} ==>
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	64	A \|- {P} x:==e {Q}"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	65
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	66	FAcc: "A \|-e {P} e {\<lambda>v s. \<forall>a. v=Addr a --> Q (get_field s a f) s} ==>
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	67	A \|-e {P} e..f {Q}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	68
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	69	FAss: "[\| A \|-e {P} e1 {\<lambda>v s. \<forall>a. v=Addr a --> Q a s};
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	70	\<forall>a. A \|-e {Q a} e2 {\<lambda>v s. R (upd_obj a f v s)} \|] ==>
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	71	A \|- {P} e1..f:==e2 {R}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	72
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	73	NewC: "A \|-e {\<lambda>s. \<forall>a. new_Addr s = Addr a --> P (Addr a) (new_obj a C s)}
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	74	new C {P}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	75
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	76	Cast: "A \|-e {P} e {\<lambda>v s. (case v of Null => True
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	77	\| Addr a => obj_class s a <=C C) --> Q v s} ==>
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	78	A \|-e {P} Cast C e {Q}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	79
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	80	Call: "[\| A \|-e {P} e1 {Q}; \<forall>a. A \|-e {Q a} e2 {R a};
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	81	\<forall>a p ls. A \|- {\<lambda>s'. \<exists>s. R a p s \<and> ls = s \<and>
11772 cf618fe8facd renamed reset_locs to del_locs oheimb parents: 11565 diff changeset	82	s' = lupd(This\<mapsto>a)(lupd(Par\<mapsto>p)(del_locs s))}
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	83	Meth (C,m) {\<lambda>s. S (s<Res>) (set_locs ls s)} \|] ==>
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	84	A \|-e {P} {C}e1..m(e2) {S}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	85
11497 0e66e0114d9a corrected initialization of locals, streamlined Impl oheimb parents: 11486 diff changeset	86	Meth: "\<forall>D. A \|- {\<lambda>s'. \<exists>s a. s<This> = Addr a \<and> D = obj_class s a \<and> D <=C C \<and>
0e66e0114d9a corrected initialization of locals, streamlined Impl oheimb parents: 11486 diff changeset	87	P s \<and> s' = init_locs D m s}
0e66e0114d9a corrected initialization of locals, streamlined Impl oheimb parents: 11486 diff changeset	88	Impl (D,m) {Q} ==>
11507 4b32a46ffd29 removed imname, uncurried Meth oheimb parents: 11497 diff changeset	89	A \|- {P} Meth (C,m) {Q}"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	90
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	91	--{* @{text "\<Union>Z"} instead of @{text "\<forall>Z"} in the conclusion and\\
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	92	Z restricted to type state due to limitations of the inductive package *}
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	93	Impl: "\<forall>Z::state. A\<union> (\<Union>Z. (\<lambda>Cm. (P Z Cm, Impl Cm, Q Z Cm))`Ms) \|\|-
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	94	(\<lambda>Cm. (P Z Cm, body Cm, Q Z Cm))`Ms ==>
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	95	A \|\|- (\<lambda>Cm. (P Z Cm, Impl Cm, Q Z Cm))`Ms"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	96
11558 6539627881e8 simplified vnam/vname, introduced fname, improved comments oheimb parents: 11508 diff changeset	97	--{* structural rules *}
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	98
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	99	Asm: " a \<in> A ==> A \|\|- {a}"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	100
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	101	ConjI: " \<forall>c \<in> C. A \|\|- {c} ==> A \|\|- C"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	102
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	103	ConjE: "[\|A \|\|- C; c \<in> C \|] ==> A \|\|- {c}"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	104
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	105	--{* Z restricted to type state due to limitations of the inductive package *}
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	106	Conseq:"[\| \<forall>Z::state. A \|- {P' Z} c {Q' Z};
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	107	\<forall>s t. (\<forall>Z. P' Z s --> Q' Z t) --> (P s --> Q t) \|] ==>
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	108	A \|- {P} c {Q }"
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	109
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	110	--{* Z restricted to type state due to limitations of the inductive package *}
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	111	eConseq:"[\| \<forall>Z::state. A \|-e {P' Z} e {Q' Z};
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	112	\<forall>s v t. (\<forall>Z. P' Z s --> Q' Z v t) --> (P s --> Q v t) \|] ==>
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	113	A \|-e {P} e {Q }"
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	114
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	115
12934 6003b4f916c0 Clarification wrt. use of polymorphic variants of Hoare logic rules oheimb parents: 11772 diff changeset	116	subsection "Fully polymorphic variants, required for Example only"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	117
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	118	axioms
12934 6003b4f916c0 Clarification wrt. use of polymorphic variants of Hoare logic rules oheimb parents: 11772 diff changeset	119
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	120	Conseq:"[\| \<forall>Z. A \|- {P' Z} c {Q' Z};
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	121	\<forall>s t. (\<forall>Z. P' Z s --> Q' Z t) --> (P s --> Q t) \|] ==>
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	122	A \|- {P} c {Q }"
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	123
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	124	eConseq:"[\| \<forall>Z. A \|-e {P' Z} e {Q' Z};
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	125	\<forall>s v t. (\<forall>Z. P' Z s --> Q' Z v t) --> (P s --> Q v t) \|] ==>
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	126	A \|-e {P} e {Q }"
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	127
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	128	Impl: "\<forall>Z. A\<union> (\<Union>Z. (\<lambda>Cm. (P Z Cm, Impl Cm, Q Z Cm))`Ms) \|\|-
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	129	(\<lambda>Cm. (P Z Cm, body Cm, Q Z Cm))`Ms ==>
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	130	A \|\|- (\<lambda>Cm. (P Z Cm, Impl Cm, Q Z Cm))`Ms"
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	131
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	132	subsection "Derived Rules"
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	133
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	134	lemma Conseq1: "\<lbrakk>A \<turnstile> {P'} c {Q}; \<forall>s. P s \<longrightarrow> P' s\<rbrakk> \<Longrightarrow> A \<turnstile> {P} c {Q}"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	135	apply (rule hoare_ehoare.Conseq)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	136	apply (rule allI, assumption)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	137	apply fast
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	138	done
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	139
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	140	lemma Conseq2: "\<lbrakk>A \<turnstile> {P} c {Q'}; \<forall>t. Q' t \<longrightarrow> Q t\<rbrakk> \<Longrightarrow> A \<turnstile> {P} c {Q}"
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	141	apply (rule hoare_ehoare.Conseq)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	142	apply (rule allI, assumption)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	143	apply fast
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	144	done
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	145
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	146	lemma eConseq1: "\<lbrakk>A \<turnstile>\<^sub>e {P'} e {Q}; \<forall>s. P s \<longrightarrow> P' s\<rbrakk> \<Longrightarrow> A \<turnstile>\<^sub>e {P} e {Q}"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	147	apply (rule hoare_ehoare.eConseq)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	148	apply (rule allI, assumption)
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	149	apply fast
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	150	done
06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	151
11486 8f32860eac3a layout, subscripts oheimb parents: 11476 diff changeset	152	lemma eConseq2: "\<lbrakk>A \<turnstile>\<^sub>e {P} e {Q'}; \<forall>v t. Q' v t \<longrightarrow> Q v t\<rbrakk> \<Longrightarrow> A \<turnstile>\<^sub>e {P} e {Q}"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	153	apply (rule hoare_ehoare.eConseq)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	154	apply (rule allI, assumption)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	155	apply fast
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	156	done
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	157
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	158	lemma Weaken: "\<lbrakk>A \|\<turnstile> C'; C \<subseteq> C'\<rbrakk> \<Longrightarrow> A \|\<turnstile> C"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	159	apply (rule hoare_ehoare.ConjI)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	160	apply clarify
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	161	apply (drule hoare_ehoare.ConjE)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	162	apply fast
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	163	apply assumption
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	164	done
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	165
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	166	lemma Thin_lemma:
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	167	"(A' \|\<turnstile> C \<longrightarrow> (\<forall>A. A' \<subseteq> A \<longrightarrow> A \|\<turnstile> C )) \<and>
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	168	(A' \<turnstile>\<^sub>e {P} e {Q} \<longrightarrow> (\<forall>A. A' \<subseteq> A \<longrightarrow> A \<turnstile>\<^sub>e {P} e {Q}))"
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	169	apply (rule hoare_ehoare.induct)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	170	apply (tactic "ALLGOALS(EVERY'[Clarify_tac, REPEAT o smp_tac 1])")
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	171	apply (blast intro: hoare_ehoare.Skip)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	172	apply (blast intro: hoare_ehoare.Comp)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	173	apply (blast intro: hoare_ehoare.Cond)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	174	apply (blast intro: hoare_ehoare.Loop)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	175	apply (blast intro: hoare_ehoare.LAcc)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	176	apply (blast intro: hoare_ehoare.LAss)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	177	apply (blast intro: hoare_ehoare.FAcc)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	178	apply (blast intro: hoare_ehoare.FAss)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	179	apply (blast intro: hoare_ehoare.NewC)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	180	apply (blast intro: hoare_ehoare.Cast)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	181	apply (erule hoare_ehoare.Call)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	182	apply (rule, drule spec, erule conjE, tactic "smp_tac 1 1", assumption)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	183	apply blast
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	184	apply (blast intro!: hoare_ehoare.Meth)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	185	apply (blast intro!: hoare_ehoare.Impl)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	186	apply (blast intro!: hoare_ehoare.Asm)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	187	apply (blast intro: hoare_ehoare.ConjI)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	188	apply (blast intro: hoare_ehoare.ConjE)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	189	apply (rule hoare_ehoare.Conseq)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	190	apply (rule, drule spec, erule conjE, tactic "smp_tac 1 1", assumption+)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	191	apply (rule hoare_ehoare.eConseq)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	192	apply (rule, drule spec, erule conjE, tactic "smp_tac 1 1", assumption+)
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	193	done
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	194
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	195	lemma cThin: "\<lbrakk>A' \|\<turnstile> C; A' \<subseteq> A\<rbrakk> \<Longrightarrow> A \|\<turnstile> C"
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	196	by (erule (1) conjunct1 [OF Thin_lemma, rule_format])
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	197
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	198	lemma eThin: "\<lbrakk>A' \<turnstile>\<^sub>e {P} e {Q}; A' \<subseteq> A\<rbrakk> \<Longrightarrow> A \<turnstile>\<^sub>e {P} e {Q}"
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	199	by (erule (1) conjunct2 [OF Thin_lemma, rule_format])
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	200
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	201
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	202	lemma Union: "A \|\<turnstile> (\<Union>Z. C Z) = (\<forall>Z. A \|\<turnstile> C Z)"
11476 06c1998340a8 changed to full expressions with side effects oheimb parents: 11449 diff changeset	203	by (auto intro: hoare_ehoare.ConjI hoare_ehoare.ConjE)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	204
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	205	lemma Impl1':
12934 6003b4f916c0 Clarification wrt. use of polymorphic variants of Hoare logic rules oheimb parents: 11772 diff changeset	206	"\<lbrakk>\<forall>Z::state. A\<union> (\<Union>Z. (\<lambda>Cm. (P Z Cm, Impl Cm, Q Z Cm))`Ms) \|\<turnstile>
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	207	(\<lambda>Cm. (P Z Cm, body Cm, Q Z Cm))`Ms;
11508 168dbdaedb71 cosmetics oheimb parents: 11507 diff changeset	208	Cm \<in> Ms\<rbrakk> \<Longrightarrow>
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	209	A \<turnstile> {P Z Cm} Impl Cm {Q Z Cm}"
12934 6003b4f916c0 Clarification wrt. use of polymorphic variants of Hoare logic rules oheimb parents: 11772 diff changeset	210	apply (drule AxSem.Impl)
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	211	apply (erule Weaken)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	212	apply (auto del: image_eqI intro: rev_image_eqI)
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	213	done
bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	214
11565 ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	215	lemmas Impl1 = AxSem.Impl [of _ _ _ "{Cm}", simplified, standard]
ab004c0ecc63 Minor improvements, added Example oheimb parents: 11560 diff changeset	216
11376 bf98ad1c22c6 added NanoJava oheimb parents: diff changeset	217	end

author	nipkow
	Fri, 07 Feb 2003 16:40:23 +0100
changeset 13810	c3fbfd472365
parent 12934	6003b4f916c0
child 16417	9bc16273c2d4
permissions	-rw-r--r--