Mercurial Mercurial > repos > isabelle / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/HOLCF/IOA/meta_theory/RefCorrectness.thy
changeset 17233 41eee2e7b465
parent 14981 e73f8140af78
child 19741 f65265d71426
equal deleted inserted replaced
17232:148c241d2492 17233:41eee2e7b465 
     1 (*  Title:      HOLCF/IOA/meta_theory/RefCorrectness.thy
 
     1 (*  Title:      HOLCF/IOA/meta_theory/RefCorrectness.thy
 
     2     ID:         $Id$
 
     2     ID:         $Id$
 
     3     Author:     Olaf Müller
 
     3     Author:     Olaf Müller
 
     4 
       
     5 Correctness of Refinement Mappings in HOLCF/IOA.
 
       
     6 *)
 
     4 *)
 
     7 
     5 
       
     6 header {* Correctness of Refinement Mappings in HOLCF/IOA *}
 
     8 
     7 
     9 RefCorrectness = RefMappings + 
     8 theory RefCorrectness
 
    10    
     9 imports RefMappings
 
       
    10 begin
 
       
    11 
    11 consts
 
    12 consts
 
    12 
    13 
    13   corresp_ex   ::"('a,'s2)ioa => ('s1 => 's2) => 
    14   corresp_ex   ::"('a,'s2)ioa => ('s1 => 's2) =>
 
    14                   ('a,'s1)execution => ('a,'s2)execution"
 
    15                   ('a,'s1)execution => ('a,'s2)execution"
 
    15   corresp_exC  ::"('a,'s2)ioa => ('s1 => 's2) => ('a,'s1)pairs
 
    16   corresp_exC  ::"('a,'s2)ioa => ('s1 => 's2) => ('a,'s1)pairs
 
    16                    -> ('s1 => ('a,'s2)pairs)"
 
    17                    -> ('s1 => ('a,'s2)pairs)"
 
    17   is_fair_ref_map  :: "('s1 => 's2) => ('a,'s1)ioa => ('a,'s2)ioa => bool"
 
    18   is_fair_ref_map  :: "('s1 => 's2) => ('a,'s1)ioa => ('a,'s2)ioa => bool"
 
    18 
    19 
    19 defs
 
    20 defs
 
    20 
    21 
    21 corresp_ex_def
 
    22 corresp_ex_def:
 
    22   "corresp_ex A f ex == (f (fst ex),(corresp_exC A f$(snd ex)) (fst ex))"
 
    23   "corresp_ex A f ex == (f (fst ex),(corresp_exC A f$(snd ex)) (fst ex))"
 
    23 
    24 
    24 
    25 
    25 corresp_exC_def
 
    26 corresp_exC_def:
 
    26   "corresp_exC A f  == (fix$(LAM h ex. (%s. case ex of 
    27   "corresp_exC A f  == (fix$(LAM h ex. (%s. case ex of
 
    27       nil =>  nil
 
    28       nil =>  nil
 
    28     | x##xs => (flift1 (%pr. (@cex. move A cex (f s) (fst pr) (f (snd pr)))
 
    29     | x##xs => (flift1 (%pr. (@cex. move A cex (f s) (fst pr) (f (snd pr)))
 
    29                               @@ ((h$xs) (snd pr)))
 
    30                               @@ ((h$xs) (snd pr)))
 
    30                         $x) )))"
 
    31                         $x) )))"
 
    31  
    32 
    32 is_fair_ref_map_def
 
    33 is_fair_ref_map_def:
 
    33   "is_fair_ref_map f C A == 
    34   "is_fair_ref_map f C A ==
 
    34        is_ref_map f C A &
 
    35        is_ref_map f C A &
 
    35        (! ex : executions(C). fair_ex C ex --> fair_ex A (corresp_ex A f ex))"
 
    36        (! ex : executions(C). fair_ex C ex --> fair_ex A (corresp_ex A f ex))"
 
    36 
    37 
    37 
    38 
    38 
    39 
    39 rules
 
    40 axioms
 
    40 (* Axioms for fair trace inclusion proof support, not for the correctness proof
 
    41 (* Axioms for fair trace inclusion proof support, not for the correctness proof
 
    41    of refinement mappings ! 
    42    of refinement mappings!
 
    42    Note: Everything is superseded by LiveIOA.thy! *)
 
    43    Note: Everything is superseded by LiveIOA.thy! *)
 
    43 
    44 
    44 corresp_laststate
 
    45 corresp_laststate:
 
    45   "Finite ex ==> laststate (corresp_ex A f (s,ex)) = f (laststate (s,ex))"
 
    46   "Finite ex ==> laststate (corresp_ex A f (s,ex)) = f (laststate (s,ex))"
 
    46 
    47 
    47 corresp_Finite
 
    48 corresp_Finite:
 
    48   "Finite (snd (corresp_ex A f (s,ex))) = Finite ex"
 
    49   "Finite (snd (corresp_ex A f (s,ex))) = Finite ex"
 
    49 
    50 
    50 FromAtoC
 
    51 FromAtoC:
 
    51   "fin_often (%x. P (snd x)) (snd (corresp_ex A f (s,ex))) ==> fin_often (%y. P (f (snd y))) ex"
 
    52   "fin_often (%x. P (snd x)) (snd (corresp_ex A f (s,ex))) ==> fin_often (%y. P (f (snd y))) ex"
 
    52 
    53 
    53 FromCtoA
 
    54 FromCtoA:
 
    54   "inf_often (%y. P (fst y)) ex ==> inf_often (%x. P (fst x)) (snd (corresp_ex A f (s,ex)))"
 
    55   "inf_often (%y. P (fst y)) ex ==> inf_often (%x. P (fst x)) (snd (corresp_ex A f (s,ex)))"
 
    55 
    56 
    56 
    57 
    57 (* Proof by case on inf W in ex: If so, ok. If not, only fin W in ex, ie there is
 
    58 (* Proof by case on inf W in ex: If so, ok. If not, only fin W in ex, ie there is
 
    58    an index i from which on no W in ex. But W inf enabled, ie at least once after i
 
    59    an index i from which on no W in ex. But W inf enabled, ie at least once after i
 
    59    W is enabled. As W does not occur after i and W is enabling_persistent, W keeps
 
    60    W is enabled. As W does not occur after i and W is enabling_persistent, W keeps
 
    60    enabled until infinity, ie. indefinitely *)
 
    61    enabled until infinity, ie. indefinitely *)
 
    61 persistent
 
    62 persistent:
 
    62   "[|inf_often (%x. Enabled A W (snd x)) ex; en_persistent A W|]
 
    63   "[|inf_often (%x. Enabled A W (snd x)) ex; en_persistent A W|]
 
    63    ==> inf_often (%x. fst x :W) ex | fin_often (%x. ~Enabled A W (snd x)) ex"
 
    64    ==> inf_often (%x. fst x :W) ex | fin_often (%x. ~Enabled A W (snd x)) ex"
 
    64 
    65 
    65 infpostcond
 
    66 infpostcond:
 
    66   "[| is_exec_frag A (s,ex); inf_often (%x. fst x:W) ex|]
 
    67   "[| is_exec_frag A (s,ex); inf_often (%x. fst x:W) ex|]
 
    67     ==> inf_often (% x. set_was_enabled A W (snd x)) ex"
 
    68     ==> inf_often (% x. set_was_enabled A W (snd x)) ex"
 
    68 
    69 
       
    70 ML {* use_legacy_bindings (the_context ()) *}
 
       
    71 
    69 end
 
    72 end
isabelle