isabelle: src/HOL/IMP/Def_Init_Sound_Small.thy@c68c1b89a0f1 (annotated)

43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	1	(* Author: Tobias Nipkow *)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	2
50161 4fc4237488ab tuned names nipkow parents: 47818 diff changeset	3	theory Def_Init_Sound_Small
4fc4237488ab tuned names nipkow parents: 47818 diff changeset	4	imports Def_Init Def_Init_Small
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	5	begin
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	6
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	7	subsection "Soundness wrt Small Steps"
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	8
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	9	theorem progress:
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	10	"D (dom s) c A' \<Longrightarrow> c \<noteq> SKIP \<Longrightarrow> EX cs'. (c,s) \<rightarrow> cs'"
45015 fdac1e9880eb Updated IMP to use new induction method nipkow parents: 44890 diff changeset	11	proof (induction c arbitrary: s A')
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	12	case Assign thus ?case by auto (metis aval_Some small_step.Assign)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	13	next
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	14	case (If b c1 c2)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	15	then obtain bv where "bval b s = Some bv" by (auto dest!:bval_Some)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	16	then show ?case
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	17	by(cases bv)(auto intro: small_step.IfTrue small_step.IfFalse)
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 43158 diff changeset	18	qed (fastforce intro: small_step.intros)+
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	19
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	20	lemma D_mono: "D A c M \<Longrightarrow> A \<subseteq> A' \<Longrightarrow> EX M'. D A' c M' & M <= M'"
45015 fdac1e9880eb Updated IMP to use new induction method nipkow parents: 44890 diff changeset	21	proof (induction c arbitrary: A A' M)
47818 151d137f1095 renamed Semi to Seq nipkow parents: 45015 diff changeset	22	case Seq thus ?case by auto (metis D.intros(3))
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	23	next
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	24	case (If b c1 c2)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	25	then obtain M1 M2 where "vars b \<subseteq> A" "D A c1 M1" "D A c2 M2" "M = M1 \<inter> M2"
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	26	by auto
45015 fdac1e9880eb Updated IMP to use new induction method nipkow parents: 44890 diff changeset	27	with If.IH `A \<subseteq> A'` obtain M1' M2'
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	28	where "D A' c1 M1'" "D A' c2 M2'" and "M1 \<subseteq> M1'" "M2 \<subseteq> M2'" by metis
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	29	hence "D A' (IF b THEN c1 ELSE c2) (M1' \<inter> M2')" and "M \<subseteq> M1' \<inter> M2'"
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 43158 diff changeset	30	using `vars b \<subseteq> A` `A \<subseteq> A'` `M = M1 \<inter> M2` by(fastforce intro: D.intros)+
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	31	thus ?case by metis
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	32	next
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	33	case While thus ?case by auto (metis D.intros(5) subset_trans)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	34	qed (auto intro: D.intros)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	35
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	36	theorem D_preservation:
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	37	"(c,s) \<rightarrow> (c',s') \<Longrightarrow> D (dom s) c A \<Longrightarrow> EX A'. D (dom s') c' A' & A <= A'"
45015 fdac1e9880eb Updated IMP to use new induction method nipkow parents: 44890 diff changeset	38	proof (induction arbitrary: A rule: small_step_induct)
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	39	case (While b c s)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	40	then obtain A' where "vars b \<subseteq> dom s" "A = dom s" "D (dom s) c A'" by blast
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	41	moreover
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	42	then obtain A'' where "D A' c A''" by (metis D_incr D_mono)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	43	ultimately have "D (dom s) (IF b THEN c; WHILE b DO c ELSE SKIP) (dom s)"
47818 151d137f1095 renamed Semi to Seq nipkow parents: 45015 diff changeset	44	by (metis D.If[OF `vars b \<subseteq> dom s` D.Seq[OF `D (dom s) c A'` D.While[OF _ `D A' c A''`]] D.Skip] D_incr Int_absorb1 subset_trans)
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	45	thus ?case by (metis D_incr `A = dom s`)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	46	next
47818 151d137f1095 renamed Semi to Seq nipkow parents: 45015 diff changeset	47	case Seq2 thus ?case by auto (metis D_mono D.intros(3))
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	48	qed (auto intro: D.intros)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	49
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	50	theorem D_sound:
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	51	"(c,s) \<rightarrow>* (c',s') \<Longrightarrow> D (dom s) c A' \<Longrightarrow> c' \<noteq> SKIP
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	52	\<Longrightarrow> \<exists>cs''. (c',s') \<rightarrow> cs''"
45015 fdac1e9880eb Updated IMP to use new induction method nipkow parents: 44890 diff changeset	53	apply(induction arbitrary: A' rule:star_induct)
43158 686fa0a0696e imported rest of new IMP kleing parents: diff changeset	54	apply (metis progress)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	55	by (metis D_preservation)
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	56
686fa0a0696e imported rest of new IMP kleing parents: diff changeset	57	end

author	wenzelm
	Sun, 24 Feb 2013 14:14:07 +0100
changeset 51267	c68c1b89a0f1
parent 50161	4fc4237488ab
child 51466	d53cdbca1be4
permissions	-rw-r--r--