coursework/cw05.tex
author Christian Urban <christian dot urban at kcl dot ac dot uk>
Mon, 20 Jul 2020 10:06:43 +0100
changeset 735 fc2e3609d5e5
parent 719 0de3527e6ae3
permissions -rw-r--r--
updatd
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
630
9b1c15c3eb6f updated
Christian Urban <urbanc@in.tum.de>
parents: 567
diff changeset
     1
% !TEX program = xelatex
253
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     2
\documentclass{article}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     3
\usepackage{../style}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     4
\usepackage{../langs}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     5
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     6
\begin{document}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     7
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
     8
\section*{Coursework (Strand 2)}
253
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     9
719
0de3527e6ae3 updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 649
diff changeset
    10
\noindent This coursework is worth 20\% and is due on \cwISABELLE{} at
649
e83afb44f276 updated
Christian Urban <urbanc@in.tum.de>
parents: 630
diff changeset
    11
18:00. You are asked to prove the correctness of the regular expression
e83afb44f276 updated
Christian Urban <urbanc@in.tum.de>
parents: 630
diff changeset
    12
matcher from the lectures using the Isabelle theorem prover. You need to
e83afb44f276 updated
Christian Urban <urbanc@in.tum.de>
parents: 630
diff changeset
    13
submit a theory file containing this proof and also a document
e83afb44f276 updated
Christian Urban <urbanc@in.tum.de>
parents: 630
diff changeset
    14
describing your proof. The Isabelle theorem prover is available from
253
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    15
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    16
\begin{center}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    17
\url{http://isabelle.in.tum.de}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    18
\end{center}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    19
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    20
\noindent This is an interactive theorem prover, meaning that
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    21
you can make definitions and state properties, and then help
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    22
the system with proving these properties. Sometimes the proofs
567
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    23
are also completely automatic. There is a shortish user guide for
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    24
Isabelle, called ``Programming and Proving in Isabelle/HOL''
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    25
at
253
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    26
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    27
\begin{center}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    28
\url{http://isabelle.in.tum.de/documentation.html}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    29
\end{center}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    30
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    31
\noindent
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    32
and also a longer (free) book at
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    33
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    34
\begin{center}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    35
\url{http://www.concrete-semantics.org}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    36
\end{center}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    37
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    38
\noindent The Isabelle theorem prover is operated through the
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    39
jEdit IDE, which might not be an editor that is widely known.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    40
JEdit is documented in
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    41
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    42
\begin{center}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    43
\url{http://isabelle.in.tum.de/dist/Isabelle2014/doc/jedit.pdf}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    44
\end{center}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    45
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    46
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    47
\noindent If you need more help or you are stuck somewhere,
567
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    48
please feel free to contact me (christian.urban at kcl.ac.uk). I
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
    49
am one of the main developers of Isabelle and have used it for
567
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    50
approximately 16 years. One of the success stories of
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    51
Isabelle is the recent verification of a microkernel operating
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    52
system by an Australian group, see \url{http://sel4.systems}.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    53
Their operating system is the only one that has been proved
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    54
correct according to its specification and is used for
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    55
application where high assurance, security and reliability is
567
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    56
needed (like in helicopters which fly over enemy territory).
253
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    57
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    58
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    59
\subsection*{The Task}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    60
567
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    61
In this coursework you are asked to prove the correctness of the
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    62
regular expression matcher from the lectures in Isabelle.  The matcher
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    63
should be able to deal with the usual (basic) regular expressions
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    64
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    65
\[
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    66
\ZERO,\; \ONE,\; c,\; r_1 + r_2,\; r_1 \cdot r_2,\; r^*
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    67
\]
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    68
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    69
\noindent
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    70
but also with the following extended regular expressions:
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    71
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    72
\begin{center}
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    73
\begin{tabular}{ll}
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    74
  $r^{\{n\}}$ & exactly $n$-times\\
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    75
  $r^{\{..m\}}$ & zero or more times $r$ but no more than $m$-times\\
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    76
  $r^{\{n..\}}$ & at least $n$-times $r$\\
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    77
  $r^{\{n..m\}}$ & at least $n$-times $r$ but no more than $m$-times\\
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    78
  $\sim{}r$ & not-regular-expression of $r$\\
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    79
\end{tabular}
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    80
\end{center}
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    81
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    82
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    83
\noindent
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    84
You need to first specify what the matcher is
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    85
supposed to do and then to implement the algorithm. Finally you need
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    86
to prove that the algorithm meets the specification.  The first two
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    87
parts are relatively easy, because the definitions in Isabelle will
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    88
look very similar to the mathematical definitions from the lectures or
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    89
the Scala code that is supplied at KEATS. For example very similar to
4573d36d0b2f updated
Christian Urban <urbanc@in.tum.de>
parents: 556
diff changeset
    90
Scala, regular expressions are defined in Isabelle as an inductive
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    91
datatype:
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    92
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    93
\begin{lstlisting}[language={},numbers=none]
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    94
datatype rexp =
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
    95
  ZERO
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
    96
| ONE
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    97
| CHAR char
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    98
| SEQ rexp rexp
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
    99
| ALT rexp rexp
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   100
| STAR rexp
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   101
\end{lstlisting}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   102
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   103
\noindent The meaning of regular expressions is given as 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   104
usual:
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   105
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   106
\begin{center}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   107
\begin{tabular}{rcl@{\hspace{10mm}}l}
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   108
$L(\ZERO)$  & $\dn$ & $\varnothing$   & \pcode{ZERO}\\
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   109
$L(\ONE)$     & $\dn$ & $\{[]\}$        & \pcode{ONE}\\ 
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   110
$L(c)$            & $\dn$ & $\{[c]\}$       & \pcode{CHAR}\\
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   111
$L(r_1 + r_2)$     & $\dn$ & $L(r_1) \cup L(r_2)$ & \pcode{ALT}\\
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   112
$L(r_1 \cdot r_2)$ & $\dn$ & $L(r_1) \,@\, L(r_2)$ & \pcode{SEQ}\\
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   113
$L(r^*)$           & $\dn$ & $(L(r))^*$ & \pcode{STAR}\\
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   114
\end{tabular}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   115
\end{center}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   116
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   117
\noindent You would need to implement this function in order
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   118
to state the theorem about the correctness of the algorithm.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   119
The function $L$ should in Isabelle take a \pcode{rexp} as
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   120
input and return a set of strings. Its type is
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   121
therefore 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   122
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   123
\begin{center}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   124
\pcode{L} \pcode{::} \pcode{rexp} $\Rightarrow$ \pcode{string set}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   125
\end{center}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   126
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   127
\noindent Isabelle treats strings as an abbreviation for lists
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   128
of characters. This means you can pattern-match strings like
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   129
lists. The union operation on sets (for the \pcode{ALT}-case)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   130
is a standard definition in Isabelle, but not the
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   131
concatenation operation on sets and also not the
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   132
star-operation. You would have to supply these definitions.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   133
The concatenation operation can be defined in terms of the
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   134
append function, written \code{_ @ _} in Isabelle, for lists.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   135
The star-operation can be defined as a ``big-union'' of 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   136
powers, like in the lectures, or directly as an inductive set.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   137
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   138
The functions for the matcher are shown in
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   139
Figure~\ref{matcher}. The theorem that needs to be proved is
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   140
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   141
\begin{lstlisting}[numbers=none,language={},keywordstyle=\color{black}\ttfamily,mathescape]
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   142
theorem 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   143
  "matches r s $\longleftrightarrow$ s $\in$ L r"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   144
\end{lstlisting}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   145
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   146
\noindent which states that the function \emph{matches} is
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   147
true if and only if the string is in the language of the
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   148
regular expression. A proof for this lemma will need
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   149
side-lemmas about \pcode{nullable} and \pcode{der}. An example
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   150
proof in Isabelle that will not be relevant for the theorem
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   151
above is given in Figure~\ref{proof}.
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   152
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   153
\begin{figure}[p]
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   154
\begin{lstlisting}[language={},keywordstyle=\color{black}\ttfamily,mathescape]
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   155
fun 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   156
  nullable :: "rexp $\Rightarrow$ bool"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   157
where
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   158
  "nullable ZERO = False"
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   159
| "nullable ONE = True"
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   160
| "nullable (CHAR _) = False"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   161
| "nullable (ALT r1 r2) = (nullable(r1) $\vee$ nullable(r2))"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   162
| "nullable (SEQ r1 r2) = (nullable(r1) $\wedge$ nullable(r2))"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   163
| "nullable (STAR _) = True"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   164
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   165
fun 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   166
  der :: "char $\Rightarrow$ rexp $\Rightarrow$ rexp"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   167
where
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   168
  "der c ZERO = ZERO"
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   169
| "der c ONE = ZERO"
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   170
| "der c (CHAR d) = (if c = d then ONE else ZERO)"
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   171
| "der c (ALT r1 r2) = ALT (der c r1) (der c r2)"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   172
| "der c (SEQ r1 r2) = 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   173
     (if (nullable r1) then ALT (SEQ (der c r1) r2) (der c r2)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   174
                       else SEQ (der c r1) r2)"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   175
| "der c (STAR r) = SEQ (der c r) (STAR r)"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   176
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   177
fun 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   178
  ders :: "rexp $\Rightarrow$ string $\Rightarrow$ rexp"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   179
where
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   180
  "ders r [] = r"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   181
| "ders r (c # s) = ders (der c r) s"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   182
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   183
fun 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   184
  matches :: "rexp $\Rightarrow$ string $\Rightarrow$ bool"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   185
where
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   186
  "matches r s = nullable (ders r s)" 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   187
\end{lstlisting}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   188
\caption{The definition of the matcher algorithm in 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   189
Isabelle.\label{matcher}}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   190
\end{figure}
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   191
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   192
\begin{figure}[p]
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   193
\begin{lstlisting}[language={},keywordstyle=\color{black}\ttfamily,mathescape]
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   194
fun 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   195
  zeroable :: "rexp $\Rightarrow$ bool"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   196
where
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   197
  "zeroable ZERO = True"
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   198
| "zeroable ONE = False"
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   199
| "zeroable (CHAR _) = False"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   200
| "zeroable (ALT r1 r2) = (zeroable(r1) $\wedge$ zeroable(r2))"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   201
| "zeroable (SEQ r1 r2) = (zeroable(r1) $\vee$ zeroable(r2))"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   202
| "zeroable (STAR _) = False"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   203
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   204
lemma
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   205
  "zeroable r $\longleftrightarrow$ L r = {}"
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   206
proof (induct)
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   207
  case (ZERO)
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   208
  have "zeroable ZERO" "L ZERO = {}" by simp_all
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   209
  then show "zeroable ZERO $\longleftrightarrow$ (L ZERO = {})" by simp
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   210
next
419
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   211
  case (ONE)
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   212
  have "$\neg$ zeroable ONE" "L ONE = {[]}" by simp_all
4110ab35e5d8 updated courseworks
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 333
diff changeset
   213
  then show "zeroable ONE $\longleftrightarrow$ (L ONE = {})" by simp
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   214
next
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   215
  case (CHAR c)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   216
  have "$\neg$ zeroable (CHAR c)" "L (CHAR c) = {[c]}" by simp_all
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   217
  then show "zeroable (CHAR c) $\longleftrightarrow$ (L (CHAR c) = {})" by simp
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   218
next 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   219
  case (ALT r1 r2)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   220
  have ih1: "zeroable r1 $\longleftrightarrow$ L r1 = {}" by fact
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   221
  have ih2: "zeroable r2 $\longleftrightarrow$ L r2 = {}" by fact
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   222
  show "zeroable (ALT r1 r2) $\longleftrightarrow$ (L (ALT r1 r2) = {})" 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   223
    using ih1 ih2 by simp
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   224
next
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   225
  case (SEQ r1 r2)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   226
  have ih1: "zeroable r1 $\longleftrightarrow$ L r1 = {}" by fact
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   227
  have ih2: "zeroable r2 $\longleftrightarrow$ L r2 = {}" by fact
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   228
  show "zeroable (SEQ r1 r2) $\longleftrightarrow$ (L (SEQ r1 r2) = {})" 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   229
    using ih1 ih2 by (auto simp add: Conc_def)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   230
next
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   231
  case (STAR r)
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   232
  have "$\neg$ zeroable (STAR r)" "[] $\in$ L (r) ^ 0" by simp_all
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   233
  then show "zeroable (STAR r) $\longleftrightarrow$ (L (STAR r) = {})" 
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   234
    by (simp (no_asm) add: Star_def) blast
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   235
qed
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   236
\end{lstlisting}
317
a61b50c5d57f updated all
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 298
diff changeset
   237
\caption{An Isabelle proof about the function \texttt{zeroable}.\label{proof}}
260
65d1ea0e989f updated cws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 253
diff changeset
   238
\end{figure}
253
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   239
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   240
\end{document}
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   241
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   242
%%% Local Variables: 
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   243
%%% mode: latex
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   244
%%% TeX-master: t
75c469893514 added coursework
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
   245
%%% End: