22 by (rewtac Gamma_def); |
22 by (rewtac Gamma_def); |
23 by (Fast_tac 1); |
23 by (Fast_tac 1); |
24 qed "hoare_sound"; |
24 qed "hoare_sound"; |
25 |
25 |
26 goalw Hoare.thy [swp_def] "swp SKIP Q = Q"; |
26 goalw Hoare.thy [swp_def] "swp SKIP Q = Q"; |
27 by(Simp_tac 1); |
27 by (Simp_tac 1); |
28 br ext 1; |
28 by (rtac ext 1); |
29 by (Fast_tac 1); |
29 by (Fast_tac 1); |
30 qed "swp_SKIP"; |
30 qed "swp_SKIP"; |
31 |
31 |
32 goalw Hoare.thy [swp_def] "swp (x:=a) Q = (%s.Q(s[a s/x]))"; |
32 goalw Hoare.thy [swp_def] "swp (x:=a) Q = (%s.Q(s[a s/x]))"; |
33 by(Simp_tac 1); |
33 by (Simp_tac 1); |
34 qed "swp_Ass"; |
34 qed "swp_Ass"; |
35 |
35 |
36 goalw Hoare.thy [swp_def] "swp (c;d) Q = swp c (swp d Q)"; |
36 goalw Hoare.thy [swp_def] "swp (c;d) Q = swp c (swp d Q)"; |
37 by(Simp_tac 1); |
37 by (Simp_tac 1); |
38 br ext 1; |
38 by (rtac ext 1); |
39 by (Fast_tac 1); |
39 by (Fast_tac 1); |
40 qed "swp_Semi"; |
40 qed "swp_Semi"; |
41 |
41 |
42 goalw Hoare.thy [swp_def] |
42 goalw Hoare.thy [swp_def] |
43 "swp (IF b THEN c ELSE d) Q = (%s. (b s --> swp c Q s) & \ |
43 "swp (IF b THEN c ELSE d) Q = (%s. (b s --> swp c Q s) & \ |
44 \ (~b s --> swp d Q s))"; |
44 \ (~b s --> swp d Q s))"; |
45 by(Simp_tac 1); |
45 by (Simp_tac 1); |
46 br ext 1; |
46 by (rtac ext 1); |
47 by (Fast_tac 1); |
47 by (Fast_tac 1); |
48 qed "swp_If"; |
48 qed "swp_If"; |
49 |
49 |
50 goalw Hoare.thy [swp_def] |
50 goalw Hoare.thy [swp_def] |
51 "!!s. b s ==> swp (WHILE b DO c) Q s = swp (c;WHILE b DO c) Q s"; |
51 "!!s. b s ==> swp (WHILE b DO c) Q s = swp (c;WHILE b DO c) Q s"; |
52 by(stac C_While_If 1); |
52 by (stac C_While_If 1); |
53 by(Asm_simp_tac 1); |
53 by (Asm_simp_tac 1); |
54 qed "swp_While_True"; |
54 qed "swp_While_True"; |
55 |
55 |
56 goalw Hoare.thy [swp_def] "!!s. ~b s ==> swp (WHILE b DO c) Q s = Q s"; |
56 goalw Hoare.thy [swp_def] "!!s. ~b s ==> swp (WHILE b DO c) Q s = Q s"; |
57 by(stac C_While_If 1); |
57 by (stac C_While_If 1); |
58 by(Asm_simp_tac 1); |
58 by (Asm_simp_tac 1); |
59 by (Fast_tac 1); |
59 by (Fast_tac 1); |
60 qed "swp_While_False"; |
60 qed "swp_While_False"; |
61 |
61 |
62 Addsimps [swp_SKIP,swp_Ass,swp_Semi,swp_If,swp_While_True,swp_While_False]; |
62 Addsimps [swp_SKIP,swp_Ass,swp_Semi,swp_If,swp_While_True,swp_While_False]; |
63 |
63 |
71 Delsimps [C_while]; |
71 Delsimps [C_while]; |
72 |
72 |
73 AddSIs [hoare.skip, hoare.ass, hoare.semi, hoare.If]; |
73 AddSIs [hoare.skip, hoare.ass, hoare.semi, hoare.If]; |
74 |
74 |
75 goal Hoare.thy "!Q. |- {swp c Q} c {Q}"; |
75 goal Hoare.thy "!Q. |- {swp c Q} c {Q}"; |
76 by(com.induct_tac "c" 1); |
76 by (com.induct_tac "c" 1); |
77 by(ALLGOALS Simp_tac); |
77 by (ALLGOALS Simp_tac); |
78 by (REPEAT_FIRST Fast_tac); |
78 by (REPEAT_FIRST Fast_tac); |
79 by (deepen_tac (!claset addIs [hoare.conseq]) 0 1); |
79 by (deepen_tac (!claset addIs [hoare.conseq]) 0 1); |
80 by (Step_tac 1); |
80 by (Step_tac 1); |
81 br hoare.conseq 1; |
81 by (rtac hoare.conseq 1); |
82 be thin_rl 1; |
82 be thin_rl 1; |
83 by (Fast_tac 1); |
83 by (Fast_tac 1); |
84 br hoare.While 1; |
84 br hoare.While 1; |
85 br hoare.conseq 1; |
85 br hoare.conseq 1; |
86 be thin_rl 3; |
86 be thin_rl 3; |
89 ba 3; |
89 ba 3; |
90 by (Fast_tac 2); |
90 by (Fast_tac 2); |
91 by(safe_tac HOL_cs); |
91 by(safe_tac HOL_cs); |
92 by(rotate_tac ~1 1); |
92 by(rotate_tac ~1 1); |
93 by(Asm_full_simp_tac 1); |
93 by(Asm_full_simp_tac 1); |
94 by(rotate_tac ~1 1); |
94 by (rotate_tac ~1 1); |
95 by(Asm_full_simp_tac 1); |
95 by (Asm_full_simp_tac 1); |
96 qed_spec_mp "swp_is_pre"; |
96 qed_spec_mp "swp_is_pre"; |
97 |
97 |
98 goal Hoare.thy "!!c. |= {P}c{Q} ==> |- {P}c{Q}"; |
98 goal Hoare.thy "!!c. |= {P}c{Q} ==> |- {P}c{Q}"; |
99 br (swp_is_pre RSN (2,hoare.conseq)) 1; |
99 by (rtac (swp_is_pre RSN (2,hoare.conseq)) 1); |
100 by (Fast_tac 2); |
100 by (Fast_tac 2); |
101 by(rewrite_goals_tac [hoare_valid_def,swp_def]); |
101 by (rewrite_goals_tac [hoare_valid_def,swp_def]); |
102 by (Fast_tac 1); |
102 by (Fast_tac 1); |
103 qed "hoare_relative_complete"; |
103 qed "hoare_relative_complete"; |