36 by (metis meet_greatest meet_le1 meet_le2 le_trans) |
36 by (metis meet_greatest meet_le1 meet_le2 le_trans) |
37 |
37 |
38 end |
38 end |
39 |
39 |
40 locale Val_abs1_gamma = |
40 locale Val_abs1_gamma = |
41 Val_abs \<gamma> num' plus' |
41 Val_abs where \<gamma> = \<gamma> for \<gamma> :: "'av::L_top_bot \<Rightarrow> val set" + |
42 for \<gamma> :: "'a::L_top_bot \<Rightarrow> val set" and num' plus' + |
|
43 assumes inter_gamma_subset_gamma_meet: |
42 assumes inter_gamma_subset_gamma_meet: |
44 "\<gamma> a1 \<inter> \<gamma> a2 \<subseteq> \<gamma>(a1 \<sqinter> a2)" |
43 "\<gamma> a1 \<inter> \<gamma> a2 \<subseteq> \<gamma>(a1 \<sqinter> a2)" |
45 and gamma_Bot[simp]: "\<gamma> \<bottom> = {}" |
44 and gamma_Bot[simp]: "\<gamma> \<bottom> = {}" |
46 begin |
45 begin |
47 |
46 |
52 by (metis equalityI inter_gamma_subset_gamma_meet le_inf_iff mono_gamma meet_le1 meet_le2) |
51 by (metis equalityI inter_gamma_subset_gamma_meet le_inf_iff mono_gamma meet_le1 meet_le2) |
53 |
52 |
54 end |
53 end |
55 |
54 |
56 |
55 |
57 locale Val_abs1 = Val_abs1_gamma + |
56 locale Val_abs1 = |
58 fixes filter_plus' :: "'a \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'a * 'a" |
57 Val_abs1_gamma where \<gamma> = \<gamma> |
59 and filter_less' :: "bool \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'a * 'a" |
58 for \<gamma> :: "'av::L_top_bot \<Rightarrow> val set" + |
|
59 fixes filter_plus' :: "'av \<Rightarrow> 'av \<Rightarrow> 'av \<Rightarrow> 'av * 'av" |
|
60 and filter_less' :: "bool \<Rightarrow> 'av \<Rightarrow> 'av \<Rightarrow> 'av * 'av" |
60 assumes filter_plus': "filter_plus' a a1 a2 = (a1',a2') \<Longrightarrow> |
61 assumes filter_plus': "filter_plus' a a1 a2 = (a1',a2') \<Longrightarrow> |
61 n1 : \<gamma> a1 \<Longrightarrow> n2 : \<gamma> a2 \<Longrightarrow> n1+n2 : \<gamma> a \<Longrightarrow> n1 : \<gamma> a1' \<and> n2 : \<gamma> a2'" |
62 n1 : \<gamma> a1 \<Longrightarrow> n2 : \<gamma> a2 \<Longrightarrow> n1+n2 : \<gamma> a \<Longrightarrow> n1 : \<gamma> a1' \<and> n2 : \<gamma> a2'" |
62 and filter_less': "filter_less' (n1<n2) a1 a2 = (a1',a2') \<Longrightarrow> |
63 and filter_less': "filter_less' (n1<n2) a1 a2 = (a1',a2') \<Longrightarrow> |
63 n1 : \<gamma> a1 \<Longrightarrow> n2 : \<gamma> a2 \<Longrightarrow> n1 : \<gamma> a1' \<and> n2 : \<gamma> a2'" |
64 n1 : \<gamma> a1 \<Longrightarrow> n2 : \<gamma> a2 \<Longrightarrow> n1 : \<gamma> a1' \<and> n2 : \<gamma> a2'" |
64 |
65 |
65 |
66 |
66 locale Abs_Int1 = Val_abs1 |
67 locale Abs_Int1 = |
|
68 Val_abs1 where \<gamma> = \<gamma> for \<gamma> :: "'av::L_top_bot \<Rightarrow> val set" |
67 begin |
69 begin |
68 |
70 |
69 lemma in_gamma_join_UpI: "s : \<gamma>\<^isub>o S1 \<or> s : \<gamma>\<^isub>o S2 \<Longrightarrow> s : \<gamma>\<^isub>o(S1 \<squnion> S2)" |
71 lemma in_gamma_join_UpI: "s : \<gamma>\<^isub>o S1 \<or> s : \<gamma>\<^isub>o S2 \<Longrightarrow> s : \<gamma>\<^isub>o(S1 \<squnion> S2)" |
70 by (metis (no_types) join_ge1 join_ge2 mono_gamma_o set_rev_mp) |
72 by (metis (no_types) join_ge1 join_ge2 mono_gamma_o set_rev_mp) |
71 |
73 |
72 fun aval'' :: "aexp \<Rightarrow> 'a st option \<Rightarrow> 'a" where |
74 fun aval'' :: "aexp \<Rightarrow> 'av st option \<Rightarrow> 'av" where |
73 "aval'' e None = \<bottom>" | |
75 "aval'' e None = \<bottom>" | |
74 "aval'' e (Some sa) = aval' e sa" |
76 "aval'' e (Some sa) = aval' e sa" |
75 |
77 |
76 lemma aval''_sound: "s : \<gamma>\<^isub>o S \<Longrightarrow> aval a s : \<gamma>(aval'' a S)" |
78 lemma aval''_sound: "s : \<gamma>\<^isub>o S \<Longrightarrow> aval a s : \<gamma>(aval'' a S)" |
77 by(cases S)(simp add: aval'_sound)+ |
79 by(cases S)(simp add: aval'_sound)+ |
78 |
80 |
79 subsubsection "Backward analysis" |
81 subsubsection "Backward analysis" |
80 |
82 |
81 fun afilter :: "aexp \<Rightarrow> 'a \<Rightarrow> 'a st option \<Rightarrow> 'a st option" where |
83 fun afilter :: "aexp \<Rightarrow> 'av \<Rightarrow> 'av st option \<Rightarrow> 'av st option" where |
82 "afilter (N n) a S = (if n : \<gamma> a then S else None)" | |
84 "afilter (N n) a S = (if n : \<gamma> a then S else None)" | |
83 "afilter (V x) a S = (case S of None \<Rightarrow> None | Some S \<Rightarrow> |
85 "afilter (V x) a S = (case S of None \<Rightarrow> None | Some S \<Rightarrow> |
84 let a' = lookup S x \<sqinter> a in |
86 let a' = lookup S x \<sqinter> a in |
85 if a' \<sqsubseteq> \<bottom> then None else Some(update S x a'))" | |
87 if a' \<sqsubseteq> \<bottom> then None else Some(update S x a'))" | |
86 "afilter (Plus e1 e2) a S = |
88 "afilter (Plus e1 e2) a S = |
95 bot} values. Otherwise the (pointwise) join of two abstract states, one of |
97 bot} values. Otherwise the (pointwise) join of two abstract states, one of |
96 which contains @{const bot} values, may produce too large a result, thus |
98 which contains @{const bot} values, may produce too large a result, thus |
97 making the analysis less precise. *} |
99 making the analysis less precise. *} |
98 |
100 |
99 |
101 |
100 fun bfilter :: "bexp \<Rightarrow> bool \<Rightarrow> 'a st option \<Rightarrow> 'a st option" where |
102 fun bfilter :: "bexp \<Rightarrow> bool \<Rightarrow> 'av st option \<Rightarrow> 'av st option" where |
101 "bfilter (Bc v) res S = (if v=res then S else None)" | |
103 "bfilter (Bc v) res S = (if v=res then S else None)" | |
102 "bfilter (Not b) res S = bfilter b (\<not> res) S" | |
104 "bfilter (Not b) res S = bfilter b (\<not> res) S" | |
103 "bfilter (And b1 b2) res S = |
105 "bfilter (And b1 b2) res S = |
104 (if res then bfilter b1 True (bfilter b2 True S) |
106 (if res then bfilter b1 True (bfilter b2 True S) |
105 else bfilter b1 False S \<squnion> bfilter b2 False S)" | |
107 else bfilter b1 False S \<squnion> bfilter b2 False S)" | |
137 by (auto split: prod.split) |
139 by (auto split: prod.split) |
138 (metis afilter_sound filter_less' aval''_sound Less) |
140 (metis afilter_sound filter_less' aval''_sound Less) |
139 qed |
141 qed |
140 |
142 |
141 |
143 |
142 fun step' :: "'a st option \<Rightarrow> 'a st option acom \<Rightarrow> 'a st option acom" |
144 fun step' :: "'av st option \<Rightarrow> 'av st option acom \<Rightarrow> 'av st option acom" |
143 where |
145 where |
144 "step' S (SKIP {P}) = (SKIP {S})" | |
146 "step' S (SKIP {P}) = (SKIP {S})" | |
145 "step' S (x ::= e {P}) = |
147 "step' S (x ::= e {P}) = |
146 x ::= e {case S of None \<Rightarrow> None | Some S \<Rightarrow> Some(update S x (aval' e S))}" | |
148 x ::= e {case S of None \<Rightarrow> None | Some S \<Rightarrow> Some(update S x (aval' e S))}" | |
147 "step' S (c1; c2) = step' S c1; step' (post c1) c2" | |
149 "step' S (c1; c2) = step' S c1; step' (post c1) c2" | |
151 "step' S ({Inv} WHILE b DO c {P}) = |
153 "step' S ({Inv} WHILE b DO c {P}) = |
152 {S \<squnion> post c} |
154 {S \<squnion> post c} |
153 WHILE b DO step' (bfilter b True Inv) c |
155 WHILE b DO step' (bfilter b True Inv) c |
154 {bfilter b False Inv}" |
156 {bfilter b False Inv}" |
155 |
157 |
156 definition AI :: "com \<Rightarrow> 'a st option acom option" where |
158 definition AI :: "com \<Rightarrow> 'av st option acom option" where |
157 "AI = lpfp\<^isub>c (step' \<top>)" |
159 "AI = lpfp\<^isub>c (step' \<top>)" |
158 |
160 |
159 lemma strip_step'[simp]: "strip(step' S c) = strip c" |
161 lemma strip_step'[simp]: "strip(step' S c) = strip c" |
160 by(induct c arbitrary: S) (simp_all add: Let_def) |
162 by(induct c arbitrary: S) (simp_all add: Let_def) |
161 |
163 |