isabelle: src/HOL/Hoare/Heap.thy@c81d76f7f63d (annotated)

13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	1	(* Title: HOL/Hoare/Heap.thy
12997e3ddd8d * empty log message * nipkow parents: diff changeset	2	Author: Tobias Nipkow
12997e3ddd8d * empty log message * nipkow parents: diff changeset	3	Copyright 2002 TUM
12997e3ddd8d * empty log message * nipkow parents: diff changeset	4
12997e3ddd8d * empty log message * nipkow parents: diff changeset	5	Pointers, heaps and heap abstractions.
12997e3ddd8d * empty log message * nipkow parents: diff changeset	6	See the paper by Mehta and Nipkow.
12997e3ddd8d * empty log message * nipkow parents: diff changeset	7	*)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	8
16417 9bc16273c2d4 migrated theory headers to new format haftmann parents: 13875 diff changeset	9	theory Heap imports Main begin
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	10
12997e3ddd8d * empty log message * nipkow parents: diff changeset	11	subsection "References"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	12
12997e3ddd8d * empty log message * nipkow parents: diff changeset	13	datatype 'a ref = Null \| Ref 'a
12997e3ddd8d * empty log message * nipkow parents: diff changeset	14
12997e3ddd8d * empty log message * nipkow parents: diff changeset	15	lemma not_Null_eq [iff]: "(x ~= Null) = (EX y. x = Ref y)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	16	by (induct x) auto
12997e3ddd8d * empty log message * nipkow parents: diff changeset	17
12997e3ddd8d * empty log message * nipkow parents: diff changeset	18	lemma not_Ref_eq [iff]: "(ALL y. x ~= Ref y) = (x = Null)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	19	by (induct x) auto
12997e3ddd8d * empty log message * nipkow parents: diff changeset	20
35416 d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 20503 diff changeset	21	primrec addr :: "'a ref \<Rightarrow> 'a" where
d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 20503 diff changeset	22	"addr (Ref a) = a"
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	23
12997e3ddd8d * empty log message * nipkow parents: diff changeset	24
12997e3ddd8d * empty log message * nipkow parents: diff changeset	25	section "The heap"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	26
12997e3ddd8d * empty log message * nipkow parents: diff changeset	27	subsection "Paths in the heap"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	28
35416 d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 20503 diff changeset	29	primrec Path :: "('a \<Rightarrow> 'a ref) \<Rightarrow> 'a ref \<Rightarrow> 'a list \<Rightarrow> 'a ref \<Rightarrow> bool" where
d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 20503 diff changeset	30	"Path h x [] y \<longleftrightarrow> x = y"
d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 20503 diff changeset	31	\| "Path h x (a#as) y \<longleftrightarrow> x = Ref a \<and> Path h (h a) as y"
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	32
12997e3ddd8d * empty log message * nipkow parents: diff changeset	33	lemma [iff]: "Path h Null xs y = (xs = [] \<and> y = Null)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	34	apply(case_tac xs)
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	35	apply fastforce
22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	36	apply fastforce
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	37	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	38
12997e3ddd8d * empty log message * nipkow parents: diff changeset	39	lemma [simp]: "Path h (Ref a) as z =
12997e3ddd8d * empty log message * nipkow parents: diff changeset	40	(as = [] \<and> z = Ref a \<or> (\<exists>bs. as = a#bs \<and> Path h (h a) bs z))"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	41	apply(case_tac as)
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	42	apply fastforce
22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	43	apply fastforce
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	44	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	45
12997e3ddd8d * empty log message * nipkow parents: diff changeset	46	lemma [simp]: "\<And>x. Path f x (as@bs) z = (\<exists>y. Path f x as y \<and> Path f y bs z)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	47	by(induct as, simp+)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	48
12997e3ddd8d * empty log message * nipkow parents: diff changeset	49	lemma Path_upd[simp]:
12997e3ddd8d * empty log message * nipkow parents: diff changeset	50	"\<And>x. u \<notin> set as \<Longrightarrow> Path (f(u := v)) x as y = Path f x as y"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	51	by(induct as, simp, simp add:eq_sym_conv)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	52
12997e3ddd8d * empty log message * nipkow parents: diff changeset	53	lemma Path_snoc:
12997e3ddd8d * empty log message * nipkow parents: diff changeset	54	"Path (f(a := q)) p as (Ref a) \<Longrightarrow> Path (f(a := q)) p (as @ [a]) q"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	55	by simp
12997e3ddd8d * empty log message * nipkow parents: diff changeset	56
12997e3ddd8d * empty log message * nipkow parents: diff changeset	57
19399 fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	58	subsection "Non-repeating paths"
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	59
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	60	definition distPath :: "('a \<Rightarrow> 'a ref) \<Rightarrow> 'a ref \<Rightarrow> 'a list \<Rightarrow> 'a ref \<Rightarrow> bool"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	61	where "distPath h x as y \<longleftrightarrow> Path h x as y \<and> distinct as"
19399 fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	62
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	63	text{* The term @{term"distPath h x as y"} expresses the fact that a
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	64	non-repeating path @{term as} connects location @{term x} to location
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	65	@{term y} by means of the @{term h} field. In the case where @{text "x
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	66	= y"}, and there is a cycle from @{term x} to itself, @{term as} can
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	67	be both @{term "[]"} and the non-repeating list of nodes in the
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	68	cycle. *}
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	69
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	70	lemma neq_dP: "p \<noteq> q \<Longrightarrow> Path h p Ps q \<Longrightarrow> distinct Ps \<Longrightarrow>
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	71	EX a Qs. p = Ref a & Ps = a#Qs & a \<notin> set Qs"
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	72	by (case_tac Ps, auto)
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	73
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	74
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	75	lemma neq_dP_disp: "\<lbrakk> p \<noteq> q; distPath h p Ps q \<rbrakk> \<Longrightarrow>
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	76	EX a Qs. p = Ref a \<and> Ps = a#Qs \<and> a \<notin> set Qs"
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	77	apply (simp only:distPath_def)
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	78	by (case_tac Ps, auto)
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	79
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	80
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	81	subsection "Lists on the heap"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	82
12997e3ddd8d * empty log message * nipkow parents: diff changeset	83	subsubsection "Relational abstraction"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	84
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	85	definition List :: "('a \<Rightarrow> 'a ref) \<Rightarrow> 'a ref \<Rightarrow> 'a list \<Rightarrow> bool"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	86	where "List h x as = Path h x as Null"
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	87
12997e3ddd8d * empty log message * nipkow parents: diff changeset	88	lemma [simp]: "List h x [] = (x = Null)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	89	by(simp add:List_def)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	90
12997e3ddd8d * empty log message * nipkow parents: diff changeset	91	lemma [simp]: "List h x (a#as) = (x = Ref a \<and> List h (h a) as)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	92	by(simp add:List_def)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	93
12997e3ddd8d * empty log message * nipkow parents: diff changeset	94	lemma [simp]: "List h Null as = (as = [])"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	95	by(case_tac as, simp_all)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	96
12997e3ddd8d * empty log message * nipkow parents: diff changeset	97	lemma List_Ref[simp]: "List h (Ref a) as = (\<exists>bs. as = a#bs \<and> List h (h a) bs)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	98	by(case_tac as, simp_all, fast)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	99
12997e3ddd8d * empty log message * nipkow parents: diff changeset	100	theorem notin_List_update[simp]:
12997e3ddd8d * empty log message * nipkow parents: diff changeset	101	"\<And>x. a \<notin> set as \<Longrightarrow> List (h(a := y)) x as = List h x as"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	102	apply(induct as)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	103	apply simp
12997e3ddd8d * empty log message * nipkow parents: diff changeset	104	apply(clarsimp simp add:fun_upd_apply)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	105	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	106
12997e3ddd8d * empty log message * nipkow parents: diff changeset	107	lemma List_unique: "\<And>x bs. List h x as \<Longrightarrow> List h x bs \<Longrightarrow> as = bs"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	108	by(induct as, simp, clarsimp)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	109
12997e3ddd8d * empty log message * nipkow parents: diff changeset	110	lemma List_unique1: "List h p as \<Longrightarrow> \<exists>!as. List h p as"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	111	by(blast intro:List_unique)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	112
12997e3ddd8d * empty log message * nipkow parents: diff changeset	113	lemma List_app: "\<And>x. List h x (as@bs) = (\<exists>y. Path h x as y \<and> List h y bs)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	114	by(induct as, simp, clarsimp)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	115
12997e3ddd8d * empty log message * nipkow parents: diff changeset	116	lemma List_hd_not_in_tl[simp]: "List h (h a) as \<Longrightarrow> a \<notin> set as"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	117	apply (clarsimp simp add:in_set_conv_decomp)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	118	apply(frule List_app[THEN iffD1])
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	119	apply(fastforce dest: List_unique)
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	120	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	121
12997e3ddd8d * empty log message * nipkow parents: diff changeset	122	lemma List_distinct[simp]: "\<And>x. List h x as \<Longrightarrow> distinct as"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	123	apply(induct as, simp)
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	124	apply(fastforce dest:List_hd_not_in_tl)
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	125	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	126
19399 fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	127	lemma Path_is_List:
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	128	"\<lbrakk>Path h b Ps (Ref a); a \<notin> set Ps\<rbrakk> \<Longrightarrow> List (h(a := Null)) b (Ps @ [a])"
20503 503ac4c5ef91 induct method: renamed 'fixing' to 'arbitrary'; wenzelm parents: 19399 diff changeset	129	apply (induct Ps arbitrary: b)
19399 fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	130	apply (auto simp add:fun_upd_apply)
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	131	done
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	132
fd2ba98056a2 Included cyclic list examples nipkow parents: 16417 diff changeset	133
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	134	subsection "Functional abstraction"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	135
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	136	definition islist :: "('a \<Rightarrow> 'a ref) \<Rightarrow> 'a ref \<Rightarrow> bool"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	137	where "islist h p \<longleftrightarrow> (\<exists>as. List h p as)"
35416 d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 20503 diff changeset	138
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	139	definition list :: "('a \<Rightarrow> 'a ref) \<Rightarrow> 'a ref \<Rightarrow> 'a list"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	140	where "list h p = (SOME as. List h p as)"
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	141
12997e3ddd8d * empty log message * nipkow parents: diff changeset	142	lemma List_conv_islist_list: "List h p as = (islist h p \<and> as = list h p)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	143	apply(simp add:islist_def list_def)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	144	apply(rule iffI)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	145	apply(rule conjI)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	146	apply blast
12997e3ddd8d * empty log message * nipkow parents: diff changeset	147	apply(subst some1_equality)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	148	apply(erule List_unique1)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	149	apply assumption
12997e3ddd8d * empty log message * nipkow parents: diff changeset	150	apply(rule refl)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	151	apply simp
12997e3ddd8d * empty log message * nipkow parents: diff changeset	152	apply(rule someI_ex)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	153	apply fast
12997e3ddd8d * empty log message * nipkow parents: diff changeset	154	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	155
12997e3ddd8d * empty log message * nipkow parents: diff changeset	156	lemma [simp]: "islist h Null"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	157	by(simp add:islist_def)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	158
12997e3ddd8d * empty log message * nipkow parents: diff changeset	159	lemma [simp]: "islist h (Ref a) = islist h (h a)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	160	by(simp add:islist_def)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	161
12997e3ddd8d * empty log message * nipkow parents: diff changeset	162	lemma [simp]: "list h Null = []"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	163	by(simp add:list_def)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	164
12997e3ddd8d * empty log message * nipkow parents: diff changeset	165	lemma list_Ref_conv[simp]:
12997e3ddd8d * empty log message * nipkow parents: diff changeset	166	"islist h (h a) \<Longrightarrow> list h (Ref a) = a # list h (h a)"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	167	apply(insert List_Ref[of h])
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 38353 diff changeset	168	apply(fastforce simp:List_conv_islist_list)
13875 12997e3ddd8d * empty log message * nipkow parents: diff changeset	169	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	170
12997e3ddd8d * empty log message * nipkow parents: diff changeset	171	lemma [simp]: "islist h (h a) \<Longrightarrow> a \<notin> set(list h (h a))"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	172	apply(insert List_hd_not_in_tl[of h])
12997e3ddd8d * empty log message * nipkow parents: diff changeset	173	apply(simp add:List_conv_islist_list)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	174	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	175
12997e3ddd8d * empty log message * nipkow parents: diff changeset	176	lemma list_upd_conv[simp]:
12997e3ddd8d * empty log message * nipkow parents: diff changeset	177	"islist h p \<Longrightarrow> y \<notin> set(list h p) \<Longrightarrow> list (h(y := q)) p = list h p"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	178	apply(drule notin_List_update[of _ _ h q p])
12997e3ddd8d * empty log message * nipkow parents: diff changeset	179	apply(simp add:List_conv_islist_list)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	180	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	181
12997e3ddd8d * empty log message * nipkow parents: diff changeset	182	lemma islist_upd[simp]:
12997e3ddd8d * empty log message * nipkow parents: diff changeset	183	"islist h p \<Longrightarrow> y \<notin> set(list h p) \<Longrightarrow> islist (h(y := q)) p"
12997e3ddd8d * empty log message * nipkow parents: diff changeset	184	apply(frule notin_List_update[of _ _ h q p])
12997e3ddd8d * empty log message * nipkow parents: diff changeset	185	apply(simp add:List_conv_islist_list)
12997e3ddd8d * empty log message * nipkow parents: diff changeset	186	done
12997e3ddd8d * empty log message * nipkow parents: diff changeset	187
12997e3ddd8d * empty log message * nipkow parents: diff changeset	188	end

author	wenzelm
	Fri, 05 Jul 2013 16:22:28 +0200
changeset 52532	c81d76f7f63d
parent 44890	22f665a2e91c
child 58249	180f1b3508ed
permissions	-rw-r--r--