# HG changeset patch # User nipkow # Date 1370234467 -7200 # Node ID 9be30aa5a39b1e2ace6d16317b9f78eebc789102 # Parent 83ce5d2841e72a3b4933f0da492bac2d0ecee25d tuned proofs diff -r 83ce5d2841e7 -r 9be30aa5a39b src/HOL/IMP/Hoare_Total.thy --- a/src/HOL/IMP/Hoare_Total.thy Sun Jun 02 20:44:55 2013 +0200 +++ b/src/HOL/IMP/Hoare_Total.thy Mon Jun 03 06:41:07 2013 +0200 @@ -112,7 +112,7 @@ to take termination into account: *} definition wpt :: "com \ assn \ assn" ("wp\<^sub>t") where -"wp\<^sub>t c Q \ \s. \t. (c,s) \ t \ Q t" +"wp\<^sub>t c Q = (\s. \t. (c,s) \ t \ Q t)" lemma [simp]: "wp\<^sub>t SKIP Q = Q" by(auto intro!: ext simp: wpt_def) @@ -173,30 +173,29 @@ case (While b c) let ?w = "WHILE b DO c" let ?T = "Its b c" - have "\s. wp\<^sub>t (WHILE b DO c) Q s \ wp\<^sub>t (WHILE b DO c) Q s \ (\n. Its b c s n)" + have "\s. wp\<^sub>t ?w Q s \ wp\<^sub>t ?w Q s \ (\n. Its b c s n)" unfolding wpt_def by (metis WHILE_Its) moreover { fix n - { fix s t - assume "bval b s" "?T s n" "(?w, s) \ t" "Q t" - from `bval b s` `(?w, s) \ t` obtain s' where - "(c,s) \ s'" "(?w,s') \ t" by auto - from `(?w, s') \ t` obtain n'' where "?T s' n''" by (blast dest: WHILE_Its) - with `bval b s` `(c, s) \ s'` - have "?T s (Suc n'')" by (rule Its_Suc) - with `?T s n` have "n = Suc n''" by (rule Its_fun) - with `(c,s) \ s'` `(?w,s') \ t` `Q t` `?T s' n''` - have "wp\<^sub>t c (\s'. wp\<^sub>t ?w Q s' \ (\n'. ?T s' n' \ n' < n)) s" - by (auto simp: wpt_def) - } - hence "\s. wp\<^sub>t ?w Q s \ bval b s \ ?T s n \ - wp\<^sub>t c (\s'. wp\<^sub>t ?w Q s' \ (\n'. ?T s' n' \ n' < n)) s" + let ?R = "\s'. wp\<^sub>t ?w Q s' \ (\n'. ?T s' n' \ n' < n)" + { fix s t assume "bval b s" and "?T s n" and "(?w, s) \ t" and "Q t" + from `bval b s` and `(?w, s) \ t` obtain s' where + "(c,s) \ s'" "(?w,s') \ t" by auto + from `(?w, s') \ t` obtain n' where "?T s' n'" + by (blast dest: WHILE_Its) + with `bval b s` and `(c, s) \ s'` have "?T s (Suc n')" by (rule Its_Suc) + with `?T s n` have "n = Suc n'" by (rule Its_fun) + with `(c,s) \ s'` and `(?w,s') \ t` and `Q t` and `?T s' n'` + have "wp\<^sub>t c ?R s" by (auto simp: wpt_def) + } + hence "\s. wp\<^sub>t ?w Q s \ bval b s \ ?T s n \ wp\<^sub>t c ?R s" unfolding wpt_def by auto (* by (metis WhileE Its_Suc Its_fun WHILE_Its lessI) *) - note strengthen_pre[OF this While] + note strengthen_pre[OF this While.IH] } note hoaret.While[OF this] - moreover have "\s. wp\<^sub>t ?w Q s \ \ bval b s \ Q s" by (auto simp add:wpt_def) - ultimately show ?case by (rule conseq) + moreover have "\s. wp\<^sub>t ?w Q s \ \ bval b s \ Q s" + by (auto simp add:wpt_def) + ultimately show ?case by (rule conseq) qed @@ -208,7 +207,7 @@ theorem hoaret_complete: "\\<^sub>t {P}c{Q} \ \\<^sub>t {P}c{Q}" apply(rule strengthen_pre[OF _ wpt_is_pre]) -apply(auto simp: hoare_tvalid_def hoare_valid_def wpt_def) +apply(auto simp: hoare_tvalid_def wpt_def) done end