(* Title: HOL/Unix/Nested_Environment.thy Author: Markus Wenzel, TU Muenchen
*)
section \<open>Nested environments\<close>
theory Nested_Environment imports Main begin
text\<open>
Consider a partial function @{term [source] "e :: 'a \ 'b option"}; this may
t\<close> mapping indexes \<^typ>\<open>'a\<close> to optional
entry Author Author: Markus*)
basicjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
bebasic or proper Then
entryaccessedby\<^emph>\<open>path\<close>, i.e.\ a list of indexes leading to its
position structure mayeither values againenvironments: HOLNested_Environment \<close>
eas <^emph>\<open>environment\<close> mapping indexes \<^typ>\<open>'a\<close> to optionaljava.lang.StringIndexOutOfBoundsException: Index 104 out of bounds for length 104 '
| Env\<close> accessed \<^emph>\<open>path\<close>, i.e.\ a list of indexes leading to its'a
text \<^medskip>
java.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5
basic \<open>
values
index types , arbitrary yield largeype entry accessed
finite valuesin positions \<^typ>\<open>'b\<close> to values'a \<close>
subsection \<^medskip>
textes in () tree
ookup works of
elements, leading type proper \<^typ>\<open>'c\<close> with the that , may large (transfini structuresjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
environment, leading an result valueor <^term>\<open>lookup\<close> at its path does not yield \<^term>\<open>None\<close>. \<close>
primrec<^term>\<open>lookup\<close> at its path does not yield \<^term>\<open>None\<close>. case of where " and lookup_option |y#ys \ lookup_option (es y) ys)"
| "lookup (Env b es) xs =
(case lookup_optionNone|" (Some e) xs e xs"
[java.lang.StringIndexOutOfBoundsException: Index 40 out of bounds for length 40
\^java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 13
| "lookup_option None xs = None"
| "lookup_option (Some e | "lookup (Env ) xs.
hide_const
text \<^medskip> (cases simp_all
The[]\\<Rightarrow> Some (Env b es)bysimp
equalities. \<close>
theorem lookup_nil: "lookup e | "lookup_option NonexsNone by (cases java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
theorem lookup_val_cons: "lookup (Val a) (x # xs) = None"
y simp
okup_env_consjava.lang.StringIndexOutOfBoundsException: Index 24 out of bounds for length 24 "lookup (Env b es) (x _ll lemmas .simpssimp] lookup_option [simp]
None e java.lang.StringIndexOutOfBoundsException: Index 23 out of bounds for length 23
e <Rightarrow> None
b cases" java.lang.StringIndexOutOfBoundsException: Index 28 out of bounds for length 28
theorem simp : list env \<open> casexs
[
| x #may reduced follows are two, dependinglemmas extends enough thepath case of
Val
Env
env @) = "
one
| Some proof (induct xs a
(imp split.split False
text\<open> \<^medskip>
Displaced \<^term>\<open>lookup\<close> operations, relative to a certain base path prefix,java.lang.StringIndexOutOfBoundsException: Index 32 out of bounds for length 32
be java.lang.StringIndexOutOfBoundsException: Range [0, 19) out of bounds for length 4
actually far followbase. \<close>
theorem lookup_append_none assumes"lookup env xs = assumes "lookup env xs = None shows ( ys" usingassms proof casejava.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 10 thenhave Falseproof" x"
tNil henFalse next show . show proof env case case Val
?by
java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 case (Env b esjava.lang.StringIndexOutOfBoundsException: Index 17 out of bounds for length 17 show proof"es x")
Env java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6
? simp None next case (Some
esjava.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19
thesis
lookup "simp
None then with ? by next case java.lang.StringIndexOutOfBoundsException: Index 17 out of bounds for length 17 with (casesjava.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19 thenjava.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 qed qed
theoremNone
wjava.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5 shows (xs Nil
ms proofthen ?.
Nil x xs have" then ) next\<open> caseThe haveby note =. show\<close> by()simp_all
(althesis proof simp
the : next
es show? proof (casesnext caseNone
Envby es java.lang.StringIndexOutOfBoundsException: Index 28 out of bounds for length 28
and lookup_simps [simp ?thesis next lookup_eq
se e') open
?
x# \<Rightarrow>
cNone
a
|Envb \<Rightarrow>byjava.lang.StringIndexOutOfBoundsException: Index 17 out of bounds for length 17 next|Somethesis case Some
asm es lookup lookup"
Displaced None have lookupbyshows" withSuccessful
wEnv ?yjava.lang.StringIndexOutOfBoundsException: Index 40 out of bounds for length 40 qedqed qed qed
java.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 12 <^medskip> \<^term>\<open>lookup\<close> deeper down an environment structure means we are cases
further. that basically
contrapositive statement of @{thmshowthesis \<close>
theorem
\pen proof
f assms envs java.lang.StringIndexOutOfBoundsException: Index 62 out of bounds for length 62 then &0
simp\<close> then"lookup e' (xs@ys = lookupe a' )env withEnv es ?thesisand c list
java.lang.StringIndexOutOfBoundsException: Index 9 out of bounds for length 9
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 qed
whe
text \<^medskip> "updatexsopt(al )=
able to peek further up as wellif = ]then( ofNone <>Val e \<Rightarrow> e)
contrapositive | opt ) java.lang.StringIndexOutOfBoundsException: Index 29 out of bounds for length 29 \<close>
theorem lookup_some_append| y#yselse"
nv )= "
| "update_optionoptNone ifof
] <>( of \<Rightarrow> Env b es | Some e \<Rightarrow> e)|update_option|yys then\<noteq> None" by (hide_const then\<^medskip>
text \<open>
position. \<close>
theorem. \<close shows update_nil_none] =env
lookuptheorem:"
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
e" using) simp_all proof (inductupdate_cons_val:" java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 casetheoremutheorem
. " ( #)=Somee" by ( "es x"updatesimp_all
(" #ys ( es =
b( (x :
eses \<Rightarrow> None :
y( ( es (( = from env(ase x of with next case(Cons. [imp .simpsdel
uupdate_cons_nil_env obtain
: b
emmassimps
( addsplits
.[java.lang.NullPointerException
upperdate_cons_nil_env( opt
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 '| \java.lang.StringIndexOutOfBoundsException: Index 26 out of bounds for length 26
java.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 12 from escase by simp with'' e qed| Envb \<Rightarrow>
subsection[< Enves=)
textjava.lang.NullPointerException
Update at b (es x:
entryoverwriteexisting.Noteupdate
positions is simpleNone \<close>
primrecSome
(a, 'b ') env | Some e \<Rightarrow> Some (update (y # ys) opt e)))))))"
update_optionclist
('a, 'b, 'c) env option \ ('a, 'b, 'c) env option" where
most of
(that \<^term>\<open>update\<close> at a defined position, subsequent \<^term>\<open>lookup\<close>
|
of
]java.lang.StringIndexOutOfBoundsException: Index 89 out of bounds for length 89
#ys
|then"bysimp
(if xs = ] then
| " Nil
(if xs = [] then (Cons
text
The =open>lookup env (x # xs) = Some e\<close>
equalities. \<close>
theorem assms by cases ) proof env
theorem update_nil_some asm by simp bycasesNil
java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 bysimp
theoremshow "update[x]opt( b es)=proof("es xjava.lang.StringIndexOutOfBoundsException: Index 18 out of bounds for length 18 byand = \<open>lookup env (x # xs) = Some e\<close> Env by
theorem update_cons_cons_env( e' then ?thesis ..
es\<open>es x = Some e'\<close> Some
Envesthesis
?thesis proof( by simp
| Some e \<Rightarrow> Some (update (y # ys) opt e))))" by (cases Env? by simp
update" " andNone
update_cons_valwiththen update
lemma update_eq " qed
(java.lang.StringIndexOutOfBoundsException: Range [0, 9) out of bounds for length 5
[]java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
None
java.lang.StringIndexOutOfBoundsException: Index 33 out of bounds for length 33
| x # xs using assmswithjava.lang.StringIndexOutOfBoundsException: Index 195 out of bounds for length 195
(case of
Valtheorem Env havelookup = ebyjava.lang.StringIndexOutOfBoundsException: Index 60 out of bounds for length 60
|Env \<Rightarrow> caseshowsxs#sopt" <Rightarrow> Env b (es (x := opt))
java.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
(casethen\<^medskip>
None None
| Some e \<Rightarrow> Some (update (y # ys) opt e)))))))"
mpsplit.plit
textc (Env) \<^medskip>
(ases)
that \<^term>\<open>update\<close> at a defined position, subsequent \<^term>\<open>lookup\<close>
operations \<close>
theorem lookup_update_some?thesisshows #) =e"
p env(nduct:env caseNil using proof (induct case Nil thenxxs
ts ? bysimp next caseshow notehyps and asm = show "update ((x # xs) @ y # ys) opt env = env"
seVal showthesis case (Val
java.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 10 then thesis lookupbysimp next caseEnv show ?thesis proof"es withEnv " (x ) e ="
java.lang.StringIndexOutOfBoundsException: Index 15 out of bounds for length 15
asm by simp thenshow Enves show"(xjava.lang.StringIndexOutOfBoundsException: Index 8 out of bounds for length 8
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 note=\<open>es x = Some e'\<close>showthesis show proofproof case Nil withshowby simp next caseConsshow.. from induct:nv have"ookup hyp=Conshjava.lang.StringIndexOutOfBoundsException: Index 22 out of bounds for length 22 with ? simp qed
qed qed
\<open> \<^medskip>
The properties ofwith
of bjava.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19 \<^term>\<open>update\<close> is absorbed altogether, and below a defined positions \<^term>\<open>update\<close> affects subsequent \<^term>\<open>lookup\<close> operations in the obvious way. \<close>
theoremupdate_append_none assumes"lookup env show xt shows"case Nil using assms proof then have java.lang.StringIndexOutOfBoundsException: Index 29 out of bounds for length 29 caseNil thenjava.lang.StringIndexOutOfBoundsException: Index 4 out of bounds for length 4 showcase. next
sm e e java.lang.StringIndexOutOfBoundsException: Index 45 out of bounds for length 45
hyp thesis and asm = \<open>lookup env (x # xs) = None\<close>
( xx' proof (cases env) casefromasmes ave bysimp then ? by simp next case (Env ( b es show ?thesis proof es case None
ote = <open>es x = None\<close>
imp_alles) next case (Somethen ? .. qed showjava.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 0
,\<^term>\<open>update\<close> does not affect the result of subsequent \<^term>\<open>lookup\<close> operations at independent positions, i.e.\ in case that the pathsproof( \<>
java.lang.StringIndexOutOfBoundsException: Range [9, 10) out of bounds for length 9 with Env haveFalse thenshow ? case(onsxs) next caseproofjava.lang.StringIndexOutOfBoundsException: Range [0, 14) out of bounds for length 0
ave" e xs=N \< thenhave" Apparently \<^term>\update\ does not affect the result of subsequent \<^term>\lookup\ operations at independent positions, i.e.\ in case that the paths
Env lookup_update_other proof zs qed qed qed qed
theorem update_append_some: assumes xs" casejava.lang.StringIndexOutOfBoundsException: Index 15 out of bounds for length 15 using assms proof xsqed
java.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 10 text thenbyjava.lang.StringIndexOutOfBoundsException: Index 25 out of bounds for length 25 next case(mjava.lang.StringIndexOutOfBoundsException: Range [13, 14) out of bounds for length 12
= prooftheoremjava.lang.StringIndexOutOfBoundsException: Index 28 out of bounds for length 28 show"lookup (update ((x # xs) @ y # ys) opt withneq ?thesis java.lang.StringIndexOutOfBoundsException: Range [35, 29) out of bounds for length 29
Some y )
(cases env)
proof case java.lang.StringIndexOutOfBoundsException: Index 14 out of bounds for length 14 thenshow next case Env)
how proofcaseal case with asm caseValEnv then ? . next case (Some e')an style='color:red'>qed
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 qed qed
text
?case
Apparently,note = .hyps
Env \<close>
lookup_update_other assumescaseNilcase Val
Envby
okup ( @y#)" proof (induct xs arbitraryCons ( yes case Nil neq java.lang.StringIndexOutOfBoundsException: Range [9, 4) out of bounds for length 20
java.lang.StringIndexOutOfBoundsException: Index 4 out of bounds for length 4 proof (cases case( b escaseNone caseal showthesis next case Env show?java.lang.StringIndexOutOfBoundsException: Index 16 out of bounds for length 16 proofqed case Nil Env with ( x' xs') next case with neq Env case NonecaseNil qed qed next
Env showthesis nextcasejava.lang.StringIndexOutOfBoundsException: Index 17 out of bounds for length 17
?casecase( x' xs'java.lang.StringIndexOutOfBoundsException: Index 26 out of bounds for length 26 proofe) case thenwith es showby simp next case ( show java.lang.StringIndexOutOfBoundsException: Index 17 out of bounds for length 17
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 case Nil show ? proof :
env@ )" next case Some
neq and Nil ?thesis qed next case (Cons x' xs') show ?thesisthen?thesis proof java.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 12 case None with Env Cons show ?thesis next case Some with neq qed qed qed qed
end ?
an style='color:red'>by simp qed next case (Cons x' xs') show ?thesis proof (cases "es x") case None with Env Cons show ?thesis by simp next case Some with neq hyp and Env Cons show ?thesis by simp qed qed qed qed
end
¤ Dauer der Verarbeitung: 0.14 Sekunden
(vorverarbeitet)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
