diff -r f92bf6674699 -r 846c72206207 src/HOL/Isar_Examples/Expr_Compiler.thy --- a/src/HOL/Isar_Examples/Expr_Compiler.thy Mon Nov 02 11:43:02 2015 +0100 +++ b/src/HOL/Isar_Examples/Expr_Compiler.thy Mon Nov 02 13:58:19 2015 +0100 @@ -10,17 +10,16 @@ imports Main begin -text \This is a (rather trivial) example of program verification. - We model a compiler for translating expressions to stack machine - instructions, and prove its correctness wrt.\ some evaluation - semantics.\ +text \This is a (rather trivial) example of program verification. We model a + compiler for translating expressions to stack machine instructions, and + prove its correctness wrt.\ some evaluation semantics.\ subsection \Binary operations\ -text \Binary operations are just functions over some type of values. - This is both for abstract syntax and semantics, i.e.\ we use a - ``shallow embedding'' here.\ +text \Binary operations are just functions over some type of values. This is + both for abstract syntax and semantics, i.e.\ we use a ``shallow + embedding'' here.\ type_synonym 'val binop = "'val \ 'val \ 'val" @@ -28,16 +27,15 @@ subsection \Expressions\ text \The language of expressions is defined as an inductive type, - consisting of variables, constants, and binary operations on - expressions.\ + consisting of variables, constants, and binary operations on expressions.\ datatype (dead 'adr, dead 'val) expr = Variable 'adr | Constant 'val | Binop "'val binop" "('adr, 'val) expr" "('adr, 'val) expr" -text \Evaluation (wrt.\ some environment of variable assignments) is - defined by primitive recursion over the structure of expressions.\ +text \Evaluation (wrt.\ some environment of variable assignments) is defined + by primitive recursion over the structure of expressions.\ primrec eval :: "('adr, 'val) expr \ ('adr \ 'val) \ 'val" where @@ -48,16 +46,15 @@ subsection \Machine\ -text \Next we model a simple stack machine, with three - instructions.\ +text \Next we model a simple stack machine, with three instructions.\ datatype (dead 'adr, dead 'val) instr = Const 'val | Load 'adr | Apply "'val binop" -text \Execution of a list of stack machine instructions is easily - defined as follows.\ +text \Execution of a list of stack machine instructions is easily defined as + follows.\ primrec exec :: "(('adr, 'val) instr) list \ 'val list \ ('adr \ 'val) \ 'val list" where @@ -75,8 +72,8 @@ subsection \Compiler\ -text \We are ready to define the compilation function of expressions - to lists of stack machine instructions.\ +text \We are ready to define the compilation function of expressions to + lists of stack machine instructions.\ primrec compile :: "('adr, 'val) expr \ (('adr, 'val) instr) list" where @@ -85,9 +82,8 @@ | "compile (Binop f e1 e2) = compile e2 @ compile e1 @ [Apply f]" -text \The main result of this development is the correctness theorem - for @{text compile}. We first establish a lemma about @{text exec} - and list append.\ +text \The main result of this development is the correctness theorem for + \compile\. We first establish a lemma about \exec\ and list append.\ lemma exec_append: "exec (xs @ ys) stack env = @@ -127,11 +123,14 @@ qed -text \\bigskip In the proofs above, the @{text simp} method does - quite a lot of work behind the scenes (mostly ``functional program - execution''). Subsequently, the same reasoning is elaborated in - detail --- at most one recursive function definition is used at a - time. Thus we get a better idea of what is actually going on.\ +text \ + \<^bigskip> + In the proofs above, the \simp\ method does quite a lot of work behind the + scenes (mostly ``functional program execution''). Subsequently, the same + reasoning is elaborated in detail --- at most one recursive function + definition is used at a time. Thus we get a better idea of what is + actually going on. +\ lemma exec_append': "exec (xs @ ys) stack env = exec ys (exec xs stack env) env"