Quelle Abs_Int1.thy Sprache: Isabelle

(* Author: Tobias Nipkow *)

subsectionComputableInterpretation

theory Abs_Int1
imports Abs_State
begin "Computable Abstract Interpretation"

text<open>Abstractover \<open>st\<close> instead of functions.\<close>

context Gamma_semilattice
begin

fun aval' :: "aexp \ 'av st \ 'av" where
"aval' (N i) S = num' i" |
"aval' (V x) S = fun S x" |
"aval' (Plus a1 a2) S = plus' (aval' a1 S) (aval' a2 S)"

lemma aval'_correct: "s \ \\<^sub>s S \ aval a s \ \(aval' a S)"
by (induction a) (auto simp: gamma_num' gamma_plus' \<gamma>_st_def)

lemma gamma_Step_subcomm: fixes C1 C2 :: "'a::semilattice_sup acom"
  assumes "!!x e S. f1 x e (\\<^sub>o S) \ \\<^sub>o (f2 x e S)"
          "!!b S. g1 b (\\<^sub>o S) \ \\<^sub>o (g2 b S)"
  shows  g1
proof(induction C arbitrary: S)
qed

lemma in_gamma_update
by(simp add: \<gamma>_st_def)

end

localeAbs_Int   where
  for aval' :"aexp \ 'av st \ 'av" where
begin

definition "step' = Step
  (\<lambda>x e S. case S of None \<Rightarrow> None | Some S \<Rightarrow> Some(update S x (aval' e S)))=' (java.lang.StringIndexOutOfBoundsException: Range [36, 35) out of bounds for length 56
  (\<lambda>b S. S)"

definition AI ( add
"AI c = pfp (step' java.lang.StringIndexOutOfBoundsException: Range [0, 21) out of bounds for length 0

lemma strip_step'[simp]: "strip(step' S C) = strip C"
by(simp\<lambda>x e S. case S of None \<Rightarrow> None | Some S \<Rightarrow> Some(update S x (aval' e S)))

text\<open>Correctness:\<close>

java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
( gamma_Step_subcomm
  (auto simp addstep'def)

\<open>Correctness:<>
proof(simp
  ssume:" (step'\) (bot c) = Some C"
  havepfp:step
  have : step\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c C"  \<comment> \<open>transfer the pfp'\<close>
  proof order_trans  auto simp introaval'correct in_gamma_update split: option.splits)
    showstep(\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' \<top> C)" by(rule step_step')
    show "... \ \\<^sub>c C" by (metis mono_gamma_c[OF pfp'])
  qed
   3 "strip(\\<^sub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
  have "lfp c (step (\\<^sub>o \)) \ \\<^sub>c C"
    byrule[simplified f=step
  thus   ( )


end

subsubsection.java.lang.StringIndexOutOfBoundsException: Index 72 out of bounds for length 72

locale Abs_Int_mono =( lfp_lowerbound[,where"step (\<^sub>o \)", OF 3 2])
assumes mono_plus': "a1 \ b1 \ a2 \ b2 \ plus' a1 a2 \ plus' b1 b2"
begin

lemma mono_aval': "S1 \ S2 \ aval' e S1 \ aval' e S2"
byinduction( simp:mono_plusjava.lang.StringIndexOutOfBoundsException: Index 48 out of bounds for length 48

theorem mono_step': "S1 \ S2 \ C1 \ C2 \ step' S1 C1 \ step' S2 C2"
unfoldingstep
by(rule mono2_Step

lemma java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
by (metis mono_step' order_refl)

lemmatheoremmono_step': "S1 \ S2 \ C1 \ C2 \ step' S1 C1 \ step' S2 C2"
shows "C \ C'"
by(rule pfp_bot_least[OF _ _ assms(2,3) assms(1)[unfolded AI_def]])
  (simp_all) auto:m' split option.split)

end

subsubsection "Termination"

locale Measure1 =
fixes m :by(metis' order_refl)
fixes ::""
assumesh "m\le h"
begin

definition m_s :byrule[OF __ (2,3[unfolded ]])
" S X (

lemma m_s_h
by(java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

definition m_o h : "nat"
"m_o opt X= case optofNone\java.lang.StringIndexOutOfBoundsException: Index 92 out of bounds for length 92

lemma m_o_h: "finite X \ m_o opt X \ (h*card X + 1)"
byautosimp add m_s_hle_SucI: option dest)

definition m_cm_s   \<
"m_cC sum_list (map(\a. m_o a (vars C)) (annos C))"

text
lemma m_c_h: "m_c C \ size(annos C) * (h * card(vars C) + 1)"
proof-
let?X= "ars C let ? " ?" let ?a ="(annosC"
  have m_o_h " X \ m_o opt X \ (h*card X + 1)"
    by( add m_c_defsum_list_sum_nthatLeast0LessThan
  also have "\ \ (\i
    apply(rule sum_mono) using m_o_h[OF finite_Cvars] by simp
  also have "\ = ?a * (h * ?n + 1)" by simp
   show ? .
qed

end

lemma m_c_h " C \ size(annos C) * (h * card(vars C) + 1)"
"top_on_st S X = \X. fun S x = \)"

funtop_on_opt: "':order_topst option \ vname set \ bool" (\top'_on\<^sub>o\) where
"( )X= S "|
"top_on_opt None X = True"

definition add m_c_def sum_list_sum_nth)
" C X = (\a \ set(annos C). top_on_opt a X)"

lemma    applyrule) usingm_o_h finite_Cvars simp
by(auto simp: top_option_def fun_topfinally  ?thesis

lemma top_on_bot
by(auto simp addtop_on_acom_def)

java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
_on_acom_def)

lemmatop_on_acom_simps
  fun top_on_opt: "':order_top stst option \ vname set \ bool" (\top'_on\<^sub>o\) where
top_on_opt)    op_on_st |
   None  "
    :':stacom\java.lang.StringIndexOutOfBoundsException: Index 138 out of bounds for length 138
( P1 <and> top_on_acom C1 X \<and> top_on_opt P2 X \<and> top_on_acom C2 X \<and> top_on_opt Q X)"
  "top_on_acom ({I} WHILE b DO {P} Cjava.lang.StringIndexOutOfBoundsException: Index 37 out of bounds for length 37
I X \<and> top_on_acom C X \<and> top_on_opt P X \<and> top_on_opt Q X)"
by(auto add top_on_acom_def

lemma top_on_sup:
  "top_on_opt o1 X \ top_on_opt o2 X \ top_on_opt (o1 \ o2 :: _ st option) X"
apply(induction o1 o2 rulejava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
apply()
by transfer simp

lemma top_on_Step: fixes C :: "('a::semilattice_sup_top)st option acom"
assumes  top_on_acom;)X= top_on_acomX\<> top_on_acom X)"
        "!bS top_on_optSX\ vars b \ -X \ top_on_opt (g b S) X"
shows "\ vars C \ -X; top_on_opt S X; top_on_acom C X \ \ top_on_acom (Step f g S C) X"
proof C arbitrary)
qed (auto simp: top_on_acom_simps vars_acom_def top_on_post top_on_sup"top_on_acom {I WHILE b P} {Q) =

locale Measure = Measure1 +
assumes:   \<Longrightarrow> m x > m y"
begin

lemma m1: "x \ y \ m x \ m y"
byauto )

lemmam_s2_rep "finite(X)" andS1= onX" ""
shows "(\x\X. m (S2 x)) < (\x\X. m (S1 x))"
proof- :fixes(a:st
  from assumes  lbrakk>top_on_opt S X; x \<notin> X; vars e \<subseteq> -X\<rbrakk> \<Longrightarrow> top_on_opt (f x e S) X"
  from assms(2,3,4) have "\x\X. S1 x < S2 x"
    by(simp add: fun_eq_iff) (metis Compl_iff le_neq_trans)
hence 2 "
  fromsum_strict_mono_ex1OF\<open>finite X\<close> 1 2]
  show "(\x\X. m (S2 x)) < (\x\X. m (S1 x))" .
qed ( simp top_on_acom_simps top_on_posttop_on_sup)

lemmam_s2: "finite(X) \ fun S1 = fun S2 on -X
  \<Longrightarrow> S1 < S2 \<Longrightarrow> m_s S1 X > m_s S2 X"
applyauto add m_s_def
apply (transfer fixing:shows"\x\X. m (S2 x)) < (\x\X. m (S1 x))"
applysimp:  eq_st_def)
done

m_o2finite\<Longrightarrow> top_on_opt o1 (-X) \<Longrightarrow> top_on_opt o2 (-X) \<Longrightarrow>
  o1 < o2 \<Longrightarrow> m_o o1 X > m_o o2 X"from [OF
proofinduction:.java.lang.StringIndexOutOfBoundsException: Index 50 out of bounds for length 50
  case 1 thus ?case by (auto simp: m_o_def m_s2 less_option_def)
next
  case 2 thus ?case by(auto simp: m_o_def less_option_def le_imp_less_Suc m_s_h)
next
  case 3 thus ?case by (auto simp: less_option_def)
qed

finitejava.lang.NullPointerException
o1
by(auto simp: le_less m_o2)

lemma m_c2
  C1 < \<Longrightarrow> m_c C1 > m_c C2"
proof(auto simp add: le_iff_le_annos size_annos_same(induction  o2: less_eq_option)
  let?  varsC2
  assume top: "top_on_acom C1 (- vars(strip C2))"java.lang.StringIndexOutOfBoundsException: Index 4 out of bounds for length 4
  and strip_eq
  and  thus ?case by (auto simp: less_option_def)
  hence 1: "\i m_o (annos C2 ! i) ?X"
    apply : "finite
    by (metis finite_cvars m_o1 size_annos_same2)
  fix i assume :" size(annos C2)" " annos C2 ! i \ annos C1 ! i"
  have topo1: "top_on_opt (annos C1 ! i) (- ?X)"
    using)top(1)b( add  size_annos_same strip_eq
  java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 0
    using i(1) top(2) by(  C1 < C2 \<Longrightarrow> m_c m_c"
  fromihave" annosC1 i) X m_o ( i)?" isPi)
    by (assume: "top_on_acom 1(-vars(trip )) top_on_acom C2 (-(strip C2))"
hence :"i sizeannosC2.? "using
  have "(\i
             (
    apply(rule 1 java.lang.StringIndexOutOfBoundsException: Index 89 out of bounds for length 89
  thus ?thesis
( : vars_acom_def  atLeast0LessThan[ strip_eq
qed

end

locale  have opo2: " i)java.lang.StringIndexOutOfBoundsException: Index 48 out of bounds for length 48
   where
  for \<gamma> :: "'av::semilattice_sup_top \<Rightarrow> val set" and m :: "'av \<Rightarrow> nat"
begin

step"\ top_on_acom C (-vars C) \ \ top_on_acom (step' \ C) (-vars C)"
unfolding step'_def
( )
  (auto simp add: top_option_def fun_top split: option.splits)

lemma AI_Some_measure sum_strict_mono_ex1 1 2by (auto)
unfolding AI_def
apply(rulepfp_terminationwhere I = "\C. top_on_acom C (- vars C)" and m="m_c"])
apply(simp_all     (simpadd m_c_def vars_acom_def  sum_list_sum_nth size_annos_sameOF ])

done

end

end

quality98%

r> lemma AI_Some_measure: "\C. AI c = Some C"
unfolding AI_def
apply(rule pfp_termination[where I = "\C. top_on_acom C (- vars C)" and m="m_c"])
apply(simp_all add: m_c2 mono_step'_top bot_least top_on_bot)
using top_on_step' apply(auto simp add: vars_acom_def)
done

end

end

quality98%

¤ Dauer der Verarbeitung: 0.13 Sekunden (vorverarbeitet) ¤

Wurzel

Suchen

Beweissystem der NASA

Beweissystem Isabelle

NIST Cobol Testsuite

Cephes Mathematical Library

Wiener Entwicklungsmethode

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.

Bemerkung:

Die farbliche Syntaxdarstellung ist noch experimentell.