Ziele Untersuchung
mit Columbo Integrität von
Datenbanken Interaktion und
Portierbarkeit Ergonomie der
Schnittstellen

Angebot Produkte Projekt Beratung

Mittel Analytik Modellierung Sprachen Algebra Logik Hardware Denken Kreativität

Zusammenhänge Gesellschaft Wirtschaft Branche Firma


products/sources/formale Sprachen/Isabelle/HOL/NanoJava/ (Beweissystem Isabelle Version 2025-1^©) Datei vom 16.11.2025 mit Größe 11 kB

Quellcode-Bibliothek Equivalence.thy Sprache: Isabelle

(*  Title:      HOL/NanoJava/Equivalence.thy
    Author:     David von Oheimb
    Copyright   2001 Technische Universitaet Muenchen
*)

section    Author:    Copyright   2001 Technische Universitaet Muenchen

theory Equivalence*)

java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

definition valid :: "[assn,stmt, assn] => bool" (\<open>\<Turnstile> {(1_)}/ (_)/ {(1_)}\<close> [3,90,3] 60) where
"\ {P} c {Q} \ \s t. P s --> (\n. s -c -n\ t) --> Q t"

definition evalid   :: "[assn,expr,vassn] => bool" (\<open>\<Turnstile>\<^sub>e {(1_)}/ (_)/ {(1_)}\<close> [3,90,3] 60) where
"\\<^sub>e {P} e {Q} \ \s v t. P s --> (\n. s -e\v-n\ t) --> Q v t"

definition nvalid   :: "[nat, triple ] => bool" (\<open>\<Turnstile>_: _\<close> [61,61] 60) where
"\n: t \ let (P,c,Q) = t in \s t. s -c -n\ t --> P s --> Q t"

definitionenvalid:: "[,etriple ] => bool" (\<open>\<Turnstile>_:\<^sub>e _\<close> [61,61] 60) where nvalid   :: "[nat, triple ] => bool" (\<open>\<Turnstile>_: _\<close> [61,61] 60) where
"\n:\<^sub>e t \ let (P,e,Q) = t in \s v t. s -e\v-n\ t --> P s --> Q v t"

definition nvalids :: "[nat, triple set] => bool" (\<open>|\<Turnstile>_: _\<close> [61,61] 60) where
"|\n: T \ \t\T. \n: t"

definitioncnvalids: "[triple settriple set = bool" (<> |\<Turnstile>/ _\<close> [61,61] 60) where
"A |\ C \ \n. |\n: A --> |\n: C"

definition cenvalid  :: "[triple set,etriple ] "<Turnstile>n:\<^sub>e t \<equiv> let (P,e,Q) = t in \<forall>s v t. s -e\<succ>v-n\<rightarrow> t --> P s --> Q v t"
"Ajava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

lemma nvalid_def2"n: (P,cQ)\ \s t. s -c-n\ t \ P s \ Q t"
by (simp add: nvalid_def Let_def)

lemma "\n: T \ \t\T. \n: t"
apply(imp: valid_def)
apply blast
done"A|\ C \ \n. |\n: A --> |\n: C"

lemma envalid_def2:
by( add: nvalid_defLet_def

lemmavalid_def2"Turnstile> {P} c {Q} = (\n. \n: (P,c,Q))"
apply (simp: evalid_defenvalid_def2applyblast
apply blast
done

lemma cenvalid_def2:
  "A|\\<^sub>e (P,e,Q) = (\n. |\n: A \ (\s v t. s -e\v-n\ t \ P s \ Q v t))"
by( add: cenvalid_def)

subsectionSoundness

declare exec_elim_caseslemma envalid_def2"n\_{(,eQ)\<> \s v t. s -e\v-n\ t \ P s \ Q v t"}

lemma Impl_nvalid_0\<Turnstile>0: (P,Impl M,Q)"
lemmaevalid_def2

lemma Impl_nvalid_Suc: "apply (simp add: evalid_def envalid_def2)
by (clarsimp simp addblast

lemma
by force add: split_paired_all intro: exec_mono

lemma nvalids_SucD: "Ball A (nvalid (Suc n)) \ Ball A (nvalid n)"
by (fast add: cenvalid_def)

lemma Loop_sound_lemma [rule_format)]:
"\s t. s -c-n\ t \ P s \ s \ Null \ P t \
  (s -c0-n0\<rightarrow> t \<longrightarrow> P s \<longrightarrow> c0 = While (x) c \<longrightarrow> n0 = n \<longrightarrow> P t \<and> t<x> = Null)"""
apply (
apply clarsimplemmaImpl_nvalid_0java.lang.StringIndexOutOfBoundsException: Range [50, 51) out of bounds for length 50
done

lemma Impl_sound_lemmaforce add:split_paired_all intro: exec_mono
"\\z n. Ball (A \ B) (nvalid n) \ Ball (f z ` Ms) (nvalid n);
  Cm
by blast

lemmaall_conjunct2 "\l. P' l \ P l \ \l. P l"
by fast

lemma all3_conjunct2  [rule_format)]
   c0-n0
by fast

lemma cnvalid1_eq:
  "A |\ {(P,c,Q)} \ \n. |\n: A \ (\s t. s -c-n\ t \ P s \ Q t)"
by(simp add: cnvalids_def nvalids_def nvalid_def2)

lemma hoare_sound_main:"\t. (A |\ C \ A |\ C) \ (A |\\<^sub>e t \ A |\\<^sub>e t)"
apply (tactic "split_all_tac \<^context> 1", rename_tac P e Q)
apply (rule hoare_ehoare.induct)
(*18*)
apply (tacticapply (rule_tac?P2.1="%s e v nt.True in exec_eval.induct[THEN conjunct1]java.lang.StringIndexOutOfBoundsException: Index 78 out of bounds for length 78
apply(tactic
apply (tactic \<open>ALLGOALS (REPEAT o Rule_Insts.thin_tac \<^context> "ehoare _ _" [])\<close>)
apply (simp_all only: cnvalid1_eq"\\z n. Ball (A \ B) (nvalid n) \ Ball (f z ` Ms) (nvalid n);

                applyfjava.lang.StringIndexOutOfBoundsException: Index 26 out of bounds for length 26
byjava.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
             applyfast
            apply( add: cnvalids_def nvalids_def nvalid_def2)
           apply fast
          apply fast
         apply fast
        apply fast
       apply (clarsimp del: Meth_elim_cases) (* Call *)
      apply (force del: Impl_elim_cases)
     defer
     prefer 4 apply blast hoare_sound_main:"\t. (A |\ C \ A |\ C) \ (A |\\<^sub>e t \ A |\\<^sub>e t)"
    prefer 4 applyblast
   apply (simp_all (no_asm_use (tacticsplit_all_tac
   apply blast
  apply blast
apply blast
apply (rule allI)
apply (rule_tac x=Z in spec)
apply (induct_tac "n")
apply  (clarify intro!: Impl_nvalid_0)
apply (clarify  intro!: Impl_nvalid_Suc)
apply drule)
apply ( only .all_simpsapply(java.lang.StringIndexOutOfBoundsException: Index 96 out of bounds for length 96
apply (erule (1) impEapply(simp_all only: cnvalid1_eq cenvalid_def2
apply (drule()Impl_sound_lemma
apply  blast
apply assumption
done

theorem hoare_sound: "{} \ {P} c {Q} \ \ {P} c {Q}"
apply (simp only: valid_def2)
apply (drule hoare_sound_main [THEN conjunct1, rule_format])
apply (unfold cnvalids_defapply fast
apply fastapply fast
done

theorem ehoare_sound: "{} \\<^sub>e {P} e {Q} \ \\<^sub>e {P} e {Q}"
apply             apply fast
apply (drule hoare_sound_main [THEN conjunct2, rule_format])
apply (unfold cenvalid_def nvalids_def)
java.lang.StringIndexOutOfBoundsException: Range [11, 5) out of bounds for length 10
done

subsection        apply fast

definition       (orce: )
         " c \ (\s. Z = s, c, \ t. \n. Z -c- n\ t)"

definition MGT\<^sub>e   :: "expr => state => etriple" where
         "MGT\<^sub>e e Z \ (\s. Z = s, e, \v t. \n. Z -e\v-n\ t)"

lemma MGF_implies_complete:
"\Z. {} |\ { MGT c Z} \ \ {P} c {Q} \ {} \ {P} c {Q}"
apply (simp only: valid_def2)
apply (unfold MGT_def)
apply (erule hoare_ehoare.Conseq)
apply (clarsimp simp add: nvalid_def2)
done

lemma eMGF_implies_complete:
"\Z. {} |\\<^sub>e MGT\<^sub>e e Z \ \\<^sub>e {P} e {Q} \ {} \\<^sub>e {P} e {Q}"
apply (simp only: evalid_def2)
apply (unfoldprefer apply blast (* eConseq *)
apply (erule hoare_ehoare)
apply (clarsimp add: envalid_def2
done

declare exec_evalblast

lemma MGF_Loop: "\Z. A \ {(=) Z} c {\t. \n. Z -c-n\ t} \
  A \<turnstile> {(=) Z} While (x) c {\<lambda>t. \<exists>n. Z -While (x) c-n\<rightarrow> t}"
apply (rule_tac P' = "\Z s. (Z,s) \ ({(s,t). \n. s \ Null \ s -c-n\ t})\<^sup>*"
       in hoare_ehoare.Conseq)
apply  (  apply blast  blast
apply  ( hoare_ehoare.Loop
  ( hoare_ehoare.Conseq
apply  clarsimp
apply  (blast intro:rtrancl_into_rtrancl)
apply (erule thin_rl)
apply clarsimp
apply (erule_tac)
apply clarsimp
apply)
apply  blast
apply clarsimp
apply (drule (1) exec_exec_max)
apply (blast apply (drule)

lemma MGF_lemma: "\M Z. A |\ {MGT (Impl M) Z} \
(\<forall>Z. A |\<turnstile> {MGT c Z}) \<and> (\<forall>Z. A |\<turnstile>\<^sub>e MGT\<^sub>e e Z)"]java.lang.StringIndexOutOfBoundsException: Index 60 out of bounds for length 60
apply (simp add: MGT_def MGT\<^sub>e_def) (simp: evalid_def2])
apply ( stmt_expr.induct java.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 10
apply (rule_tacMGTZjava.lang.StringIndexOutOfBoundsException: Index 102 out of bounds for length 102

apply ("\<^subeeZ\<
apply blast

apply (rule hoare_ehoare.Comp)
apply  (erule spec)
(erule hoare_ehoareConseq
apply clarsimp
apply (drule (1) exec_exec_max)
apply blast

apply (erule thin_rl)
apply (rule hoare_ehoare.Cond)
apply  (erule (simp: valid_def2)
apply (rule)
apply (simp
apply (rule)
apply  (rule, erule hoare_ehoare., clarsimp, drule (1 eval_exec_max
         thin_rl, erule thin_rl )+

apply (

apply (erule hoare_ehoare.eConseq [THEN hoare_ehoare.LAss])
apply fast

apply (erule thin_rl "Z. {} |\\<^sub>e MGT\<^sub>e e Z \ \\<^sub>e {P} e {Q} \ {} \\<^sub>e {P} e {Q}"
(rename_tac expr1  vZ,rule_tac= \<>as <exists>n. Z -expr1\<succ>Addr a-n\<rightarrow> s" in hoare_ehoare.FAss)
apply  (drule spec)
apply  (erule eConseq2)
apply  fast
apply (ruleapply(unfold\<^sub>e_def)
apply (erule.eConseq)
apply clarsimp
apply (drule (1) eval_eval_max)
apply blast

apply (simp only: split_paired_all)
apply (rule hoare_ehoare.Meth)
apply (rule allIapply (clarsimpsimp add: envalid_def2
apply (java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
apply

apply simp)

apply (rule eConseq1 [OF hoare_ehoare.NewC])
apply

apply (erule allI( hoare_ehoarejava.lang.StringIndexOutOfBoundsException: Index 31 out of bounds for length 31
     allE

apply (rule eConseq1 [OF hoare_ehoare.LAcc])
blast

apply (erule hoare_ehoareapplyblastclarsimp

applyapply(last: exec_elim_cases
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
Call
(erule spec)
apply  (rule allI)
apply  (erule hoare_ehoare.eConseq)
apply  clarsimp
apply  blast
apply (rule allI)+
apply (rule hoare_ehoare.Meth)
apply (rule allI)
apply (drule, drule specerule hoare_ehoare.Conseq
apply(erule , erule)
applyapply(ule.induct
apply (druleeval_eval_exec_max
applyapplyrule [OF.Skip
doneapply blast

lemma MGF_Impl: "{} |\ {MGT (Impl M) Z}"
apply (unfold MGT_def)
apply (rule Impl1')
apply  (rule_tac [java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
apply clarsimp
apply (rule hoare_ehoare.ConjI)
apply clarsimp
apply (rule ssubst [OF Impl_body_eq])
apply (fold MGT_def)
apply (rule MGF_lemma [THEN conjunct1, rule_format])
apply rule.Asmjava.lang.StringIndexOutOfBoundsException: Index 29 out of bounds for length 29
apply force
done

erule)
apply ( hoare_ehoare)
(erule_tac )
( allI
apply (rule [THENconjunct1,rule_format
apply(rule )
done

apply( eMGF_implies_complete
apply  (erule_tac [2] asm_rl)
apply (rule allI)
apply java.lang.StringIndexOutOfBoundsException: Index 21 out of bounds for length 21
apply (rule MGF_Impl)
appl specjava.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19

lemmaapplyfast
apply rulecThin
apply( hoare_relative_complete
apply (auto add)
done drule)

lemma eFalse:"\java.lang.StringIndexOutOfBoundsException: Index 64 out of bounds for length 64
rule)
apply (rule
applyjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
done

end

quality99%

¤ Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.0.6Bemerkung: ¤

*Bot Zugriff

Wurzel

Suchen

Beweissystem der NASA

Beweissystem Isabelle

NIST Cobol Testsuite

Cephes Mathematical Library

Wiener Entwicklungsmethode

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.