thys/Paper/Paper.thy
author Christian Urban <christian.urban@kcl.ac.uk>
Sat, 30 Apr 2022 00:50:08 +0100
changeset 496 f493a20feeb3
parent 423 b7199d6c672d
permissions -rw-r--r--
updated to include the paper
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
95
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     1
(*<*)
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     2
theory Paper
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
     3
imports 
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
     4
   "../Lexer"
150
09f81fee11ce updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 149
diff changeset
     5
   "../Simplifying" 
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
     6
   "../Sulzmann" 
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
     7
   "~~/src/HOL/Library/LaTeXsugar"
95
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
     8
begin
97
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
     9
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
    10
declare [[show_question_marks = false]]
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
    11
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    12
abbreviation 
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    13
 "der_syn r c \<equiv> der c r"
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    14
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    15
abbreviation 
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    16
 "ders_syn r s \<equiv> ders s r"
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    17
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    18
(*
97
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
    19
notation (latex output)
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    20
  If  ("(\<^raw:\textrm{>if\<^raw:}> (_)/ \<^raw:\textrm{>then\<^raw:}> (_)/ \<^raw:\textrm{>else\<^raw:}> (_))" 10)
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    21
*)
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    22
(*
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    23
notation (latex output)
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
    24
  Cons ("_\<^raw:\mbox{$\,$}>::\<^raw:\mbox{$\,$}>_" [75,73] 73) and  
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    25
*)
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
    26
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    27
(*
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    28
notation (latex output)
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    29
  ZERO ("\<^bold>0" 78) and 
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    30
  ONE ("\<^bold>1" 78) and 
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    31
  CH ("_" [1000] 80) and
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    32
  ALT ("_ + _" [77,77] 78) and
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    33
  SEQ ("_ \<cdot> _" [77,77] 78) and
107
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    34
  STAR ("_\<^sup>\<star>" [1000] 78) and
111
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
    35
  
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
    36
  val.Void ("'(')" 1000) and
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
    37
  val.Char ("Char _" [1000] 78) and
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    38
  val.Left ("Left _" [79] 78) and
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
    39
  val.Right ("Right _" [1000] 78) and
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    40
  val.Seq ("Seq _ _" [79,79] 78) and
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    41
  val.Stars ("Stars _" [79] 78) and
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    42
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    43
  L ("L'(_')" [10] 78) and
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    44
  der_syn ("_\\_" [79, 1000] 76) and  
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    45
  ders_syn ("_\\_" [79, 1000] 76) and
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
    46
  flat ("|_|" [75] 74) and
97
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
    47
  Sequ ("_ @ _" [78,77] 63) and
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    48
  injval ("inj _ _ _" [79,77,79] 76) and 
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
    49
  mkeps ("mkeps _" [79] 76) and 
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
    50
  length ("len _" [73] 73) and
145
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
    51
 
420
b66a4305749c updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 362
diff changeset
    52
  Prf ("\<turnstile> _ : _" [75,75] 75) and  
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
    53
  Posix ("'(_, _') \<rightarrow> _" [63,75,75] 75) and
145
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
    54
 
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
    55
  lexer ("lexer _ _" [78,78] 77) and 
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    56
  F_RIGHT ("F\<^bsub>Right\<^esub> _") and
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    57
  F_LEFT ("F\<^bsub>Left\<^esub> _") and  
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    58
  F_ALT ("F\<^bsub>Alt\<^esub> _ _") and
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    59
  F_SEQ1 ("F\<^bsub>Seq1\<^esub> _ _") and
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    60
  F_SEQ2 ("F\<^bsub>Seq2\<^esub> _ _") and
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    61
  F_SEQ ("F\<^bsub>Seq\<^esub> _ _") and
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    62
  simp_SEQ ("simp\<^bsub>Seq\<^esub> _ _" [1000, 1000] 1) and
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
    63
  simp_ALT ("simp\<^bsub>Alt\<^esub> _ _" [1000, 1000] 1) and
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
    64
  slexer ("lexer\<^sup>+" 1000) and
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    65
*)
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
    66
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    67
(*
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    68
notation (latex output)
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
    69
  ValOrd ("_ >\<^bsub>_\<^esub> _" [77,77,77] 77) and
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
    70
  ValOrdEq ("_ \<ge>\<^bsub>_\<^esub> _" [77,77,77] 77)
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
    71
*)
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    72
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    73
definition 
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    74
  "match r s \<equiv> nullable (ders s r)"
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
    75
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    76
(*
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    77
comments not implemented
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    78
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    79
p9. The condtion "not exists s3 s4..." appears often enough (in particular in
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    80
the proof of Lemma 3) to warrant a definition.
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    81
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    82
*)
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
    83
95
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    84
(*>*)
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    85
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    86
section {* Introduction *}
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
    87
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
    88
97
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
    89
text {*
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    90
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    91
Brzozowski \cite{Brzozowski1964} introduced the notion of the {\em
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    92
derivative} @{term "der c r"} of a regular expression @{text r} w.r.t.\ a
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    93
character~@{text c}, and showed that it gave a simple solution to the
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    94
problem of matching a string @{term s} with a regular expression @{term r}:
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    95
if the derivative of @{term r} w.r.t.\ (in succession) all the characters of
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
    96
the string matches the empty string, then @{term r} matches @{term s} (and
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
    97
{\em vice versa}). The derivative has the property (which may almost be
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    98
regarded as its specification) that, for every string @{term s} and regular
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
    99
expression @{term r} and character @{term c}, one has @{term "cs \<in> L(r)"} if
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   100
and only if \mbox{@{term "s \<in> L(der c r)"}}. The beauty of Brzozowski's
109
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   101
derivatives is that they are neatly expressible in any functional language,
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   102
and easily definable and reasoned about in theorem provers---the definitions
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   103
just consist of inductive datatypes and simple recursive functions. A
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   104
mechanised correctness proof of Brzozowski's matcher in for example HOL4
152
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   105
has been mentioned by Owens and Slind~\cite{Owens2008}. Another one in Isabelle/HOL is part
169
072a701bb153 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 165
diff changeset
   106
of the work by Krauss and Nipkow \cite{Krauss2011}. And another one in Coq is given
072a701bb153 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 165
diff changeset
   107
by Coquand and Siles \cite{Coquand2012}.
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   108
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   109
If a regular expression matches a string, then in general there is more than
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   110
one way of how the string is matched. There are two commonly used
110
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   111
disambiguation strategies to generate a unique answer: one is called GREEDY
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   112
matching \cite{Frisch2004} and the other is POSIX
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   113
matching~\cite{Kuklewicz,Sulzmann2014,Vansummeren2006}. For example consider
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   114
the string @{term xy} and the regular expression \mbox{@{term "STAR (ALT
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   115
(ALT x y) xy)"}}. Either the string can be matched in two `iterations' by
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   116
the single letter-regular expressions @{term x} and @{term y}, or directly
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   117
in one iteration by @{term xy}. The first case corresponds to GREEDY
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   118
matching, which first matches with the left-most symbol and only matches the
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   119
next symbol in case of a mismatch (this is greedy in the sense of preferring
110
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   120
instant gratification to delayed repletion). The second case is POSIX
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   121
matching, which prefers the longest match.
109
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   122
112
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   123
In the context of lexing, where an input string needs to be split up into a
110
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   124
sequence of tokens, POSIX is the more natural disambiguation strategy for
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   125
what programmers consider basic syntactic building blocks in their programs.
112
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   126
These building blocks are often specified by some regular expressions, say
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   127
@{text "r\<^bsub>key\<^esub>"} and @{text "r\<^bsub>id\<^esub>"} for recognising keywords and
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   128
identifiers, respectively. There are two underlying (informal) rules behind
134
2f043f8be9a9 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 133
diff changeset
   129
tokenising a string in a POSIX fashion according to a collection of regular
2f043f8be9a9 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 133
diff changeset
   130
expressions:
109
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   131
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   132
\begin{itemize} 
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   133
\item[$\bullet$] \emph{The Longest Match Rule} (or \emph{``maximal munch rule''}):
109
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   134
The longest initial substring matched by any regular expression is taken as
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   135
next token.\smallskip
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   136
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   137
\item[$\bullet$] \emph{Priority Rule:}
109
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   138
For a particular longest initial substring, the first regular expression
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   139
that can match determines the token.
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   140
\end{itemize}
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   141
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   142
\noindent Consider for example a regular expression @{text "r\<^bsub>key\<^esub>"} for recognising keywords
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   143
such as @{text "if"}, @{text "then"} and so on; and @{text "r\<^bsub>id\<^esub>"}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   144
recognising identifiers (say, a single character followed by
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   145
characters or numbers).  Then we can form the regular expression
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   146
@{text "(r\<^bsub>key\<^esub> + r\<^bsub>id\<^esub>)\<^sup>\<star>"} and use POSIX matching to tokenise strings,
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   147
say @{text "iffoo"} and @{text "if"}.  For @{text "iffoo"} we obtain
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   148
by the Longest Match Rule a single identifier token, not a keyword
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   149
followed by an identifier. For @{text "if"} we obtain by the Priority
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   150
Rule a keyword token, not an identifier token---even if @{text "r\<^bsub>id\<^esub>"}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   151
matches also.
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   152
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   153
One limitation of Brzozowski's matcher is that it only generates a
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   154
YES/NO answer for whether a string is being matched by a regular
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   155
expression.  Sulzmann and Lu~\cite{Sulzmann2014} extended this matcher
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   156
to allow generation not just of a YES/NO answer but of an actual
269
12772d537b71 updated
Christian Urban <urbanc@in.tum.de>
parents: 193
diff changeset
   157
matching, called a [lexical] {\em value}. \marginpar{explain what values are} They give a simple algorithm
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   158
to calculate a value that appears to be the value associated with
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   159
POSIX matching.  The challenge then is to specify that value, in an
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   160
algorithm-independent fashion, and to show that Sulzmann and Lu's
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   161
derivative-based algorithm does indeed calculate a value that is
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   162
correct according to the specification.
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   163
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   164
The answer given by Sulzmann and Lu \cite{Sulzmann2014} is to define a
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   165
relation (called an ``order relation'') on the set of values of @{term
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   166
r}, and to show that (once a string to be matched is chosen) there is
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   167
a maximum element and that it is computed by their derivative-based
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   168
algorithm. This proof idea is inspired by work of Frisch and Cardelli
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   169
\cite{Frisch2004} on a GREEDY regular expression matching
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   170
algorithm. However, we were not able to establish transitivity and
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   171
totality for the ``order relation'' by Sulzmann and Lu. In Section
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   172
\ref{argu} we identify some inherent problems with their approach (of
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   173
which some of the proofs are not published in \cite{Sulzmann2014});
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   174
perhaps more importantly, we give a simple inductive (and
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   175
algorithm-independent) definition of what we call being a {\em POSIX
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   176
value} for a regular expression @{term r} and a string @{term s}; we
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   177
show that the algorithm computes such a value and that such a value is
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   178
unique. Our proofs are both done by hand and checked in Isabelle/HOL.  The
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   179
experience of doing our proofs has been that this mechanical checking
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   180
was absolutely essential: this subject area has hidden snares. This
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   181
was also noted by Kuklewicz \cite{Kuklewicz} who found that nearly all
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   182
POSIX matching implementations are ``buggy'' \cite[Page
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   183
203]{Sulzmann2014} and by Grathwohl et al \cite[Page 36]{CrashCourse2014}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   184
who wrote:
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   185
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   186
\begin{quote}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   187
\it{}``The POSIX strategy is more complicated than the greedy because of 
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   188
the dependence on information about the length of matched strings in the 
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   189
various subexpressions.''
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   190
\end{quote}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   191
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   192
%\footnote{The relation @{text "\<ge>\<^bsub>r\<^esub>"} defined by Sulzmann and Lu \cite{Sulzmann2014} 
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   193
%is a relation on the
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   194
%values for the regular expression @{term r}; but it only holds between
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   195
%@{term "v\<^sub>1"} and @{term "v\<^sub>2"} in cases where @{term "v\<^sub>1"} and @{term "v\<^sub>2"} have
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   196
%the same flattening (underlying string). So a counterexample to totality is
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   197
%given by taking two values @{term "v\<^sub>1"} and @{term "v\<^sub>2"} for @{term r} that
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   198
%have different flattenings (see Section~\ref{posixsec}). A different
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   199
%relation @{text "\<ge>\<^bsub>r,s\<^esub>"} on the set of values for @{term r}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   200
%with flattening @{term s} is definable by the same approach, and is indeed
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   201
%total; but that is not what Proposition 1 of \cite{Sulzmann2014} does.}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   202
109
2c38f10643ae updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 108
diff changeset
   203
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   204
\noindent {\bf Contributions:} We have implemented in Isabelle/HOL the
134
2f043f8be9a9 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 133
diff changeset
   205
derivative-based regular expression matching algorithm of
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   206
Sulzmann and Lu \cite{Sulzmann2014}. We have proved the correctness of this
178
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 177
diff changeset
   207
algorithm according to our specification of what a POSIX value is (inspired
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 177
diff changeset
   208
by work of Vansummeren \cite{Vansummeren2006}). Sulzmann
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   209
and Lu sketch in \cite{Sulzmann2014} an informal correctness proof: but to
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   210
us it contains unfillable gaps.\footnote{An extended version of
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   211
\cite{Sulzmann2014} is available at the website of its first author; this
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   212
extended version already includes remarks in the appendix that their
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   213
informal proof contains gaps, and possible fixes are not fully worked out.}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   214
Our specification of a POSIX value consists of a simple inductive definition
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   215
that given a string and a regular expression uniquely determines this value.
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   216
Derivatives as calculated by Brzozowski's method are usually more complex
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   217
regular expressions than the initial one; various optimisations are
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   218
possible. We prove the correctness when simplifications of @{term "ALT ZERO
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   219
r"}, @{term "ALT r ZERO"}, @{term "SEQ ONE r"} and @{term "SEQ r ONE"} to
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   220
@{term r} are applied.
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   221
107
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   222
*}
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   223
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   224
section {* Preliminaries *}
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   225
111
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   226
text {* \noindent Strings in Isabelle/HOL are lists of characters with the
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   227
empty string being represented by the empty list, written @{term "[]"}, and
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   228
list-cons being written as @{term "DUMMY # DUMMY"}. Often we use the usual
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   229
bracket notation for lists also for strings; for example a string consisting
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   230
of just a single character @{term c} is written @{term "[c]"}. By using the
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   231
type @{type char} for characters we have a supply of finitely many
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   232
characters roughly corresponding to the ASCII character set. Regular
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   233
expressions are defined as usual as the elements of the following inductive
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   234
datatype:
97
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   235
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   236
  \begin{center}
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   237
  @{text "r :="}
107
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   238
  @{const "ZERO"} $\mid$
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   239
  @{const "ONE"} $\mid$
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
   240
  @{term "CH c"} $\mid$
97
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   241
  @{term "ALT r\<^sub>1 r\<^sub>2"} $\mid$
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   242
  @{term "SEQ r\<^sub>1 r\<^sub>2"} $\mid$
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   243
  @{term "STAR r"} 
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   244
  \end{center}
38696f516c6b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 95
diff changeset
   245
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   246
  \noindent where @{const ZERO} stands for the regular expression that does
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   247
  not match any string, @{const ONE} for the regular expression that matches
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   248
  only the empty string and @{term c} for matching a character literal. The
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   249
  language of a regular expression is also defined as usual by the
178
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 177
diff changeset
   250
  recursive function @{term L} with the six clauses:
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   251
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   252
  \begin{center}
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   253
  \begin{tabular}{l@ {\hspace{3mm}}rcl}
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   254
  (1) & @{thm (lhs) L.simps(1)} & $\dn$ & @{thm (rhs) L.simps(1)}\\
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   255
  (2) & @{thm (lhs) L.simps(2)} & $\dn$ & @{thm (rhs) L.simps(2)}\\
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   256
  (3) & @{thm (lhs) L.simps(3)} & $\dn$ & @{thm (rhs) L.simps(3)}\\
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   257
  \end{tabular}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   258
  \hspace{14mm}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   259
  \begin{tabular}{l@ {\hspace{3mm}}rcl}
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   260
  (4) & @{thm (lhs) L.simps(4)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) L.simps(4)[of "r\<^sub>1" "r\<^sub>2"]}\\
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   261
  (5) & @{thm (lhs) L.simps(5)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) L.simps(5)[of "r\<^sub>1" "r\<^sub>2"]}\\
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   262
  (6) & @{thm (lhs) L.simps(6)} & $\dn$ & @{thm (rhs) L.simps(6)}\\
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   263
  \end{tabular}
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   264
  \end{center}
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   265
  
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   266
  \noindent In clause (4) we use the operation @{term "DUMMY ;;
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   267
  DUMMY"} for the concatenation of two languages (it is also list-append for
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   268
  strings). We use the star-notation for regular expressions and for
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   269
  languages (in the last clause above). The star for languages is defined
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   270
  inductively by two clauses: @{text "(i)"} the empty string being in
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   271
  the star of a language and @{text "(ii)"} if @{term "s\<^sub>1"} is in a
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   272
  language and @{term "s\<^sub>2"} in the star of this language, then also @{term
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   273
  "s\<^sub>1 @ s\<^sub>2"} is in the star of this language. It will also be convenient
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   274
  to use the following notion of a \emph{semantic derivative} (or \emph{left
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   275
  quotient}) of a language defined as
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   276
  %
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   277
  \begin{center}
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   278
  @{thm Der_def}\;.
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   279
  \end{center}
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   280
 
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   281
  \noindent
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   282
  For semantic derivatives we have the following equations (for example
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   283
  mechanically proved in \cite{Krauss2011}):
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   284
  %
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   285
  \begin{equation}\label{SemDer}
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   286
  \begin{array}{lcl}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   287
  @{thm (lhs) Der_null}  & \dn & @{thm (rhs) Der_null}\\
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   288
  @{thm (lhs) Der_empty}  & \dn & @{thm (rhs) Der_empty}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   289
  @{thm (lhs) Der_char}  & \dn & @{thm (rhs) Der_char}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   290
  @{thm (lhs) Der_union}  & \dn & @{thm (rhs) Der_union}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   291
  @{thm (lhs) Der_Sequ}  & \dn & @{thm (rhs) Der_Sequ}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   292
  @{thm (lhs) Der_star}  & \dn & @{thm (rhs) Der_star}
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   293
  \end{array}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   294
  \end{equation}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   295
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   296
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   297
  \noindent \emph{\Brz's derivatives} of regular expressions
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   298
  \cite{Brzozowski1964} can be easily defined by two recursive functions:
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   299
  the first is from regular expressions to booleans (implementing a test
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   300
  when a regular expression can match the empty string), and the second
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   301
  takes a regular expression and a character to a (derivative) regular
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   302
  expression:
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   303
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   304
  \begin{center}
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   305
  \begin{tabular}{lcl}
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   306
  @{thm (lhs) nullable.simps(1)} & $\dn$ & @{thm (rhs) nullable.simps(1)}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   307
  @{thm (lhs) nullable.simps(2)} & $\dn$ & @{thm (rhs) nullable.simps(2)}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   308
  @{thm (lhs) nullable.simps(3)} & $\dn$ & @{thm (rhs) nullable.simps(3)}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   309
  @{thm (lhs) nullable.simps(4)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) nullable.simps(4)[of "r\<^sub>1" "r\<^sub>2"]}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   310
  @{thm (lhs) nullable.simps(5)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) nullable.simps(5)[of "r\<^sub>1" "r\<^sub>2"]}\\
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   311
  @{thm (lhs) nullable.simps(6)} & $\dn$ & @{thm (rhs) nullable.simps(6)}\medskip\\
173
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   312
  
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   313
  %\end{tabular}
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   314
  %\end{center}
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   315
173
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   316
  %\begin{center}
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   317
  %\begin{tabular}{lcl}
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   318
  
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   319
  @{thm (lhs) der.simps(1)} & $\dn$ & @{thm (rhs) der.simps(1)}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   320
  @{thm (lhs) der.simps(2)} & $\dn$ & @{thm (rhs) der.simps(2)}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   321
  @{thm (lhs) der.simps(3)} & $\dn$ & @{thm (rhs) der.simps(3)}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   322
  @{thm (lhs) der.simps(4)[of c "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) der.simps(4)[of c "r\<^sub>1" "r\<^sub>2"]}\\
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   323
  @{thm (lhs) der.simps(5)[of c "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) der.simps(5)[of c "r\<^sub>1" "r\<^sub>2"]}\\
110
267afb7fb700 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 109
diff changeset
   324
  @{thm (lhs) der.simps(6)} & $\dn$ & @{thm (rhs) der.simps(6)}
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   325
  \end{tabular}
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   326
  \end{center}
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   327
 
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   328
  \noindent
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   329
  We may extend this definition to give derivatives w.r.t.~strings:
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   330
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   331
  \begin{center}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   332
  \begin{tabular}{lcl}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   333
  @{thm (lhs) ders.simps(1)} & $\dn$ & @{thm (rhs) ders.simps(1)}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   334
  @{thm (lhs) ders.simps(2)} & $\dn$ & @{thm (rhs) ders.simps(2)}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   335
  \end{tabular}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   336
  \end{center}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   337
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   338
  \noindent Given the equations in \eqref{SemDer}, it is a relatively easy
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   339
  exercise in mechanical reasoning to establish that
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   340
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   341
  \begin{proposition}\label{derprop}\mbox{}\\ 
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   342
  \begin{tabular}{ll}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   343
  @{text "(1)"} & @{thm (lhs) nullable_correctness} if and only if
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   344
  @{thm (rhs) nullable_correctness}, and \\ 
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   345
  @{text "(2)"} & @{thm[mode=IfThen] der_correctness}.
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   346
  \end{tabular}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   347
  \end{proposition}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   348
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   349
  \noindent With this in place it is also very routine to prove that the
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   350
  regular expression matcher defined as
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   351
  %
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   352
  \begin{center}
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   353
  @{thm match_def}
108
73f7dc60c285 updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 107
diff changeset
   354
  \end{center}
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   355
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   356
  \noindent gives a positive answer if and only if @{term "s \<in> L r"}.
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   357
  Consequently, this regular expression matching algorithm satisfies the
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   358
  usual specification for regular expression matching. While the matcher
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   359
  above calculates a provably correct YES/NO answer for whether a regular
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   360
  expression matches a string or not, the novel idea of Sulzmann and Lu
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   361
  \cite{Sulzmann2014} is to append another phase to this algorithm in order
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   362
  to calculate a [lexical] value. We will explain the details next.
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   363
107
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   364
*}
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   365
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   366
section {* POSIX Regular Expression Matching\label{posixsec} *}
107
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
   367
111
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   368
text {* 
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   369
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   370
  The clever idea by Sulzmann and Lu \cite{Sulzmann2014} is to define
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   371
  values for encoding \emph{how} a regular expression matches a string
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   372
  and then define a function on values that mirrors (but inverts) the
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   373
  construction of the derivative on regular expressions. \emph{Values}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   374
  are defined as the inductive datatype
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   375
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   376
  \begin{center}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   377
  @{text "v :="}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   378
  @{const "Void"} $\mid$
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   379
  @{term "val.Char c"} $\mid$
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   380
  @{term "Left v"} $\mid$
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   381
  @{term "Right v"} $\mid$
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   382
  @{term "Seq v\<^sub>1 v\<^sub>2"} $\mid$ 
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   383
  @{term "Stars vs"} 
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   384
  \end{center}  
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   385
152
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   386
  \noindent where we use @{term vs} to stand for a list of
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   387
  values. (This is similar to the approach taken by Frisch and
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   388
  Cardelli for GREEDY matching \cite{Frisch2004}, and Sulzmann and Lu
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   389
  for POSIX matching \cite{Sulzmann2014}). The string underlying a
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   390
  value can be calculated by the @{const flat} function, written
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   391
  @{term "flat DUMMY"} and defined as:
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   392
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   393
  \begin{center}
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   394
  \begin{tabular}[t]{lcl}
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   395
  @{thm (lhs) flat.simps(1)} & $\dn$ & @{thm (rhs) flat.simps(1)}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   396
  @{thm (lhs) flat.simps(2)} & $\dn$ & @{thm (rhs) flat.simps(2)}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   397
  @{thm (lhs) flat.simps(3)} & $\dn$ & @{thm (rhs) flat.simps(3)}\\
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   398
  @{thm (lhs) flat.simps(4)} & $\dn$ & @{thm (rhs) flat.simps(4)}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   399
  \end{tabular}\hspace{14mm}
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   400
  \begin{tabular}[t]{lcl}
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   401
  @{thm (lhs) flat.simps(5)[of "v\<^sub>1" "v\<^sub>2"]} & $\dn$ & @{thm (rhs) flat.simps(5)[of "v\<^sub>1" "v\<^sub>2"]}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   402
  @{thm (lhs) flat.simps(6)} & $\dn$ & @{thm (rhs) flat.simps(6)}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   403
  @{thm (lhs) flat.simps(7)} & $\dn$ & @{thm (rhs) flat.simps(7)}\\
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   404
  \end{tabular}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   405
  \end{center}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   406
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   407
  \noindent Sulzmann and Lu also define inductively an inhabitation relation
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   408
  that associates values to regular expressions:
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   409
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   410
  \begin{center}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   411
  \begin{tabular}{c}
176
f1d800062d4f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 175
diff changeset
   412
  \\[-8mm]
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   413
  @{thm[mode=Axiom] Prf.intros(4)} \qquad
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   414
  @{thm[mode=Axiom] Prf.intros(5)[of "c"]}\\[4mm]
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   415
  @{thm[mode=Rule] Prf.intros(2)[of "v\<^sub>1" "r\<^sub>1" "r\<^sub>2"]} \qquad 
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   416
  @{thm[mode=Rule] Prf.intros(3)[of "v\<^sub>2" "r\<^sub>1" "r\<^sub>2"]}\\[4mm]
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   417
  @{thm[mode=Rule] Prf.intros(1)[of "v\<^sub>1" "r\<^sub>1" "v\<^sub>2" "r\<^sub>2"]}\\[4mm]
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   418
  @{thm[mode=Axiom] Prf.intros(6)[of "r"]} \qquad  
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
   419
  %%@ { thm[mode=Rule] Prf.intros(7)[of "v" "r" "vs"]}
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   420
  \end{tabular}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   421
  \end{center}
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   422
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   423
  \noindent Note that no values are associated with the regular expression
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   424
  @{term ZERO}, and that the only value associated with the regular
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   425
  expression @{term ONE} is @{term Void}, pronounced (if one must) as @{text
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   426
  "Void"}. It is routine to establish how values ``inhabiting'' a regular
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   427
  expression correspond to the language of a regular expression, namely
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   428
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   429
  \begin{proposition}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   430
  @{thm L_flat_Prf}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   431
  \end{proposition}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   432
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   433
  In general there is more than one value associated with a regular
423
b7199d6c672d updated paper
Christian Urban <christian.urban@kcl.ac.uk>
parents: 420
diff changeset
   434
  expression (meaining regular expressions can typically match more
b7199d6c672d updated paper
Christian Urban <christian.urban@kcl.ac.uk>
parents: 420
diff changeset
   435
  than one string). But even given a string from the language of the
b7199d6c672d updated paper
Christian Urban <christian.urban@kcl.ac.uk>
parents: 420
diff changeset
   436
  regular expression, there are generally more than one way how the
b7199d6c672d updated paper
Christian Urban <christian.urban@kcl.ac.uk>
parents: 420
diff changeset
   437
  regular expression can match this string. POSIX lexing is about identifying
b7199d6c672d updated paper
Christian Urban <christian.urban@kcl.ac.uk>
parents: 420
diff changeset
   438
  a unique value that satisfies the (informal) POSIX. Graphically the POSIX value calculation algorithm by
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   439
  Sulzmann and Lu can be illustrated by the picture in Figure~\ref{Sulz}
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   440
  where the path from the left to the right involving @{term derivatives}/@{const
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   441
  nullable} is the first phase of the algorithm (calculating successive
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   442
  \Brz's derivatives) and @{const mkeps}/@{text inj}, the path from right to
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   443
  left, the second phase. This picture shows the steps required when a
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   444
  regular expression, say @{text "r\<^sub>1"}, matches the string @{term
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   445
  "[a,b,c]"}. We first build the three derivatives (according to @{term a},
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   446
  @{term b} and @{term c}). We then use @{const nullable} to find out
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   447
  whether the resulting derivative regular expression @{term "r\<^sub>4"}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   448
  can match the empty string. If yes, we call the function @{const mkeps}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   449
  that produces a value @{term "v\<^sub>4"} for how @{term "r\<^sub>4"} can
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   450
  match the empty string (taking into account the POSIX constraints in case
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   451
  there are several ways). This function is defined by the clauses:
113
90fe1a1d7d0e updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 112
diff changeset
   452
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   453
\begin{figure}[t]
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   454
\begin{center}
115
15ef2af1a6f2 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 114
diff changeset
   455
\begin{tikzpicture}[scale=2,node distance=1.3cm,
182
2e70c1b06ac0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 181
diff changeset
   456
                    every node/.style={minimum size=6mm}]
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   457
\node (r1)  {@{term "r\<^sub>1"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   458
\node (r2) [right=of r1]{@{term "r\<^sub>2"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   459
\draw[->,line width=1mm](r1)--(r2) node[above,midway] {@{term "der a DUMMY"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   460
\node (r3) [right=of r2]{@{term "r\<^sub>3"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   461
\draw[->,line width=1mm](r2)--(r3) node[above,midway] {@{term "der b DUMMY"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   462
\node (r4) [right=of r3]{@{term "r\<^sub>4"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   463
\draw[->,line width=1mm](r3)--(r4) node[above,midway] {@{term "der c DUMMY"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   464
\draw (r4) node[anchor=west] {\;\raisebox{3mm}{@{term nullable}}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   465
\node (v4) [below=of r4]{@{term "v\<^sub>4"}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   466
\draw[->,line width=1mm](r4) -- (v4);
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   467
\node (v3) [left=of v4] {@{term "v\<^sub>3"}};
115
15ef2af1a6f2 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 114
diff changeset
   468
\draw[->,line width=1mm](v4)--(v3) node[below,midway] {@{text "inj r\<^sub>3 c"}};
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   469
\node (v2) [left=of v3]{@{term "v\<^sub>2"}};
115
15ef2af1a6f2 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 114
diff changeset
   470
\draw[->,line width=1mm](v3)--(v2) node[below,midway] {@{text "inj r\<^sub>2 b"}};
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   471
\node (v1) [left=of v2] {@{term "v\<^sub>1"}};
115
15ef2af1a6f2 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 114
diff changeset
   472
\draw[->,line width=1mm](v2)--(v1) node[below,midway] {@{text "inj r\<^sub>1 a"}};
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   473
\draw (r4) node[anchor=north west] {\;\raisebox{-8mm}{@{term "mkeps"}}};
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   474
\end{tikzpicture}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   475
\end{center}
182
2e70c1b06ac0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 181
diff changeset
   476
\mbox{}\\[-13mm]
2e70c1b06ac0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 181
diff changeset
   477
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   478
\caption{The two phases of the algorithm by Sulzmann \& Lu \cite{Sulzmann2014},
115
15ef2af1a6f2 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 114
diff changeset
   479
matching the string @{term "[a,b,c]"}. The first phase (the arrows from 
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   480
left to right) is \Brz's matcher building successive derivatives. If the 
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   481
last regular expression is @{term nullable}, then the functions of the 
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   482
second phase are called (the top-down and right-to-left arrows): first 
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   483
@{term mkeps} calculates a value @{term "v\<^sub>4"} witnessing
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   484
how the empty string has been recognised by @{term "r\<^sub>4"}. After
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   485
that the function @{term inj} ``injects back'' the characters of the string into
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   486
the values.
114
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   487
\label{Sulz}}
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   488
\end{figure} 
8b41d01b5e5d updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 113
diff changeset
   489
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   490
  \begin{center}
111
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   491
  \begin{tabular}{lcl}
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   492
  @{thm (lhs) mkeps.simps(1)} & $\dn$ & @{thm (rhs) mkeps.simps(1)}\\
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   493
  @{thm (lhs) mkeps.simps(2)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) mkeps.simps(2)[of "r\<^sub>1" "r\<^sub>2"]}\\
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   494
  @{thm (lhs) mkeps.simps(3)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) mkeps.simps(3)[of "r\<^sub>1" "r\<^sub>2"]}\\
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   495
  @{thm (lhs) mkeps.simps(4)} & $\dn$ & @{thm (rhs) mkeps.simps(4)}\\
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   496
  \end{tabular}
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   497
  \end{center}
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   498
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   499
  \noindent Note that this function needs only to be partially defined,
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   500
  namely only for regular expressions that are nullable. In case @{const
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   501
  nullable} fails, the string @{term "[a,b,c]"} cannot be matched by @{term
178
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 177
diff changeset
   502
  "r\<^sub>1"} and the null value @{term "None"} is returned. Note also how this function
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   503
  makes some subtle choices leading to a POSIX value: for example if an
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   504
  alternative regular expression, say @{term "ALT r\<^sub>1 r\<^sub>2"}, can
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   505
  match the empty string and furthermore @{term "r\<^sub>1"} can match the
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   506
  empty string, then we return a @{text Left}-value. The @{text
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   507
  Right}-value will only be returned if @{term "r\<^sub>1"} cannot match the empty
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   508
  string.
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   509
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   510
  The most interesting idea from Sulzmann and Lu \cite{Sulzmann2014} is
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   511
  the construction of a value for how @{term "r\<^sub>1"} can match the
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   512
  string @{term "[a,b,c]"} from the value how the last derivative, @{term
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   513
  "r\<^sub>4"} in Fig.~\ref{Sulz}, can match the empty string. Sulzmann and
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   514
  Lu achieve this by stepwise ``injecting back'' the characters into the
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   515
  values thus inverting the operation of building derivatives, but on the level
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   516
  of values. The corresponding function, called @{term inj}, takes three
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   517
  arguments, a regular expression, a character and a value. For example in
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   518
  the first (or right-most) @{term inj}-step in Fig.~\ref{Sulz} the regular
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   519
  expression @{term "r\<^sub>3"}, the character @{term c} from the last
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   520
  derivative step and @{term "v\<^sub>4"}, which is the value corresponding
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   521
  to the derivative regular expression @{term "r\<^sub>4"}. The result is
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   522
  the new value @{term "v\<^sub>3"}. The final result of the algorithm is
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   523
  the value @{term "v\<^sub>1"}. The @{term inj} function is defined by recursion on regular
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   524
  expressions and by analysing the shape of values (corresponding to 
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   525
  the derivative regular expressions).
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   526
  %
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   527
  \begin{center}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   528
  \begin{tabular}{l@ {\hspace{5mm}}lcl}
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   529
  (1) & @{thm (lhs) injval.simps(1)} & $\dn$ & @{thm (rhs) injval.simps(1)}\\
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   530
  (2) & @{thm (lhs) injval.simps(2)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>1"]} & $\dn$ & 
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   531
      @{thm (rhs) injval.simps(2)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>1"]}\\
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   532
  (3) & @{thm (lhs) injval.simps(3)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>2"]} & $\dn$ & 
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   533
      @{thm (rhs) injval.simps(3)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>2"]}\\
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   534
  (4) & @{thm (lhs) injval.simps(4)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>1" "v\<^sub>2"]} & $\dn$ 
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   535
      & @{thm (rhs) injval.simps(4)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>1" "v\<^sub>2"]}\\
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   536
  (5) & @{thm (lhs) injval.simps(5)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>1" "v\<^sub>2"]} & $\dn$ 
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   537
      & @{thm (rhs) injval.simps(5)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>1" "v\<^sub>2"]}\\
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   538
  (6) & @{thm (lhs) injval.simps(6)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>2"]} & $\dn$ 
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   539
      & @{thm (rhs) injval.simps(6)[of "r\<^sub>1" "r\<^sub>2" "c" "v\<^sub>2"]}\\
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   540
  (7) & @{thm (lhs) injval.simps(7)[of "r" "c" "v" "vs"]} & $\dn$ 
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   541
      & @{thm (rhs) injval.simps(7)[of "r" "c" "v" "vs"]}\\
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   542
  \end{tabular}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   543
  \end{center}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   544
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   545
  \noindent To better understand what is going on in this definition it
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   546
  might be instructive to look first at the three sequence cases (clauses
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   547
  (4)--(6)). In each case we need to construct an ``injected value'' for
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   548
  @{term "SEQ r\<^sub>1 r\<^sub>2"}. This must be a value of the form @{term
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   549
  "Seq DUMMY DUMMY"}\,. Recall the clause of the @{text derivative}-function
117
2c4ffcc95399 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 116
diff changeset
   550
  for sequence regular expressions:
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   551
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   552
  \begin{center}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   553
  @{thm (lhs) der.simps(5)[of c "r\<^sub>1" "r\<^sub>2"]} $\dn$ @{thm (rhs) der.simps(5)[of c "r\<^sub>1" "r\<^sub>2"]}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   554
  \end{center}
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   555
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   556
  \noindent Consider first the @{text "else"}-branch where the derivative is @{term
117
2c4ffcc95399 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 116
diff changeset
   557
  "SEQ (der c r\<^sub>1) r\<^sub>2"}. The corresponding value must therefore
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   558
  be of the form @{term "Seq v\<^sub>1 v\<^sub>2"}, which matches the left-hand
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   559
  side in clause~(4) of @{term inj}. In the @{text "if"}-branch the derivative is an
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   560
  alternative, namely @{term "ALT (SEQ (der c r\<^sub>1) r\<^sub>2) (der c
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   561
  r\<^sub>2)"}. This means we either have to consider a @{text Left}- or
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   562
  @{text Right}-value. In case of the @{text Left}-value we know further it
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   563
  must be a value for a sequence regular expression. Therefore the pattern
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   564
  we match in the clause (5) is @{term "Left (Seq v\<^sub>1 v\<^sub>2)"},
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   565
  while in (6) it is just @{term "Right v\<^sub>2"}. One more interesting
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   566
  point is in the right-hand side of clause (6): since in this case the
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   567
  regular expression @{text "r\<^sub>1"} does not ``contribute'' to
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   568
  matching the string, that means it only matches the empty string, we need to
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   569
  call @{const mkeps} in order to construct a value for how @{term "r\<^sub>1"}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   570
  can match this empty string. A similar argument applies for why we can
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   571
  expect in the left-hand side of clause (7) that the value is of the form
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   572
  @{term "Seq v (Stars vs)"}---the derivative of a star is @{term "SEQ (der c r)
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   573
  (STAR r)"}. Finally, the reason for why we can ignore the second argument
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   574
  in clause (1) of @{term inj} is that it will only ever be called in cases
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   575
  where @{term "c=d"}, but the usual linearity restrictions in patterns do
135
fee5641c5994 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 134
diff changeset
   576
  not allow us to build this constraint explicitly into our function
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   577
  definition.\footnote{Sulzmann and Lu state this clause as @{thm (lhs)
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   578
  injval.simps(1)[of "c" "c"]} $\dn$ @{thm (rhs) injval.simps(1)[of "c"]},
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   579
  but our deviation is harmless.}
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   580
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   581
  The idea of the @{term inj}-function to ``inject'' a character, say
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   582
  @{term c}, into a value can be made precise by the first part of the
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   583
  following lemma, which shows that the underlying string of an injected
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   584
  value has a prepended character @{term c}; the second part shows that the
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   585
  underlying string of an @{const mkeps}-value is always the empty string
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   586
  (given the regular expression is nullable since otherwise @{text mkeps}
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   587
  might not be defined).
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   588
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   589
  \begin{lemma}\mbox{}\smallskip\\\label{Prf_injval_flat}
121
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   590
  \begin{tabular}{ll}
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   591
  (1) & @{thm[mode=IfThen] Prf_injval_flat}\\
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   592
  (2) & @{thm[mode=IfThen] mkeps_flat}
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   593
  \end{tabular}
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   594
  \end{lemma}
4c85af262ee7 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 120
diff changeset
   595
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   596
  \begin{proof}
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   597
  Both properties are by routine inductions: the first one can, for example,
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   598
  be proved by induction over the definition of @{term derivatives}; the second by
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   599
  an induction on @{term r}. There are no interesting cases.\qed
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   600
  \end{proof}
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   601
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   602
  Having defined the @{const mkeps} and @{text inj} function we can extend
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   603
  \Brz's matcher so that a [lexical] value is constructed (assuming the
137
4178b7e71809 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 136
diff changeset
   604
  regular expression matches the string). The clauses of the Sulzmann and Lu lexer are
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   605
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   606
  \begin{center}
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   607
  \begin{tabular}{lcl}
145
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
   608
  @{thm (lhs) lexer.simps(1)} & $\dn$ & @{thm (rhs) lexer.simps(1)}\\
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
   609
  @{thm (lhs) lexer.simps(2)} & $\dn$ & @{text "case"} @{term "lexer (der c r) s"} @{text of}\\
118
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   610
                     & & \phantom{$|$} @{term "None"}  @{text "\<Rightarrow>"} @{term None}\\
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   611
                     & & $|$ @{term "Some v"} @{text "\<Rightarrow>"} @{term "Some (injval r c v)"}                          
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   612
  \end{tabular}
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   613
  \end{center}
79efc0bcfc96 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 117
diff changeset
   614
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   615
  \noindent If the regular expression does not match the string, @{const None} is
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   616
  returned. If the regular expression \emph{does}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   617
  match the string, then @{const Some} value is returned. One important
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   618
  virtue of this algorithm is that it can be implemented with ease in any
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   619
  functional programming language and also in Isabelle/HOL. In the remaining
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   620
  part of this section we prove that this algorithm is correct.
116
022503caa187 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 115
diff changeset
   621
119
71e26f43c896 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 118
diff changeset
   622
  The well-known idea of POSIX matching is informally defined by the longest
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   623
  match and priority rule (see Introduction); as correctly argued in \cite{Sulzmann2014}, this
173
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   624
  needs formal specification. Sulzmann and Lu define an ``ordering
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   625
  relation'' between values and argue
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   626
  that there is a maximum value, as given by the derivative-based algorithm.
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   627
  In contrast, we shall introduce a simple inductive definition that
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   628
  specifies directly what a \emph{POSIX value} is, incorporating the
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   629
  POSIX-specific choices into the side-conditions of our rules. Our
152
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
   630
  definition is inspired by the matching relation given by Vansummeren
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   631
  \cite{Vansummeren2006}. The relation we define is ternary and written as
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   632
  \mbox{@{term "s \<in> r \<rightarrow> v"}}, relating strings, regular expressions and
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   633
  values.
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   634
  %
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
   635
  \begin{center}
112
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   636
  \begin{tabular}{c}
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   637
  @{thm[mode=Axiom] Posix.intros(1)}@{text "P"}@{term "ONE"} \qquad
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   638
  @{thm[mode=Axiom] Posix.intros(2)}@{text "P"}@{term "c"}\medskip\\
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   639
  @{thm[mode=Rule] Posix.intros(3)[of "s" "r\<^sub>1" "v" "r\<^sub>2"]}@{text "P+L"}\qquad
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   640
  @{thm[mode=Rule] Posix.intros(4)[of "s" "r\<^sub>2" "v" "r\<^sub>1"]}@{text "P+R"}\medskip\\
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   641
  $\mprset{flushleft}
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   642
   \inferrule
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   643
   {@{thm (prem 1) Posix.intros(5)[of "s\<^sub>1" "r\<^sub>1" "v\<^sub>1" "s\<^sub>2" "r\<^sub>2" "v\<^sub>2"]} \qquad
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   644
    @{thm (prem 2) Posix.intros(5)[of "s\<^sub>1" "r\<^sub>1" "v\<^sub>1" "s\<^sub>2" "r\<^sub>2" "v\<^sub>2"]} \\\\
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   645
    @{thm (prem 3) Posix.intros(5)[of "s\<^sub>1" "r\<^sub>1" "v\<^sub>1" "s\<^sub>2" "r\<^sub>2" "v\<^sub>2"]}}
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   646
   {@{thm (concl) Posix.intros(5)[of "s\<^sub>1" "r\<^sub>1" "v\<^sub>1" "s\<^sub>2" "r\<^sub>2" "v\<^sub>2"]}}$@{text "PS"}\\
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   647
  @{thm[mode=Axiom] Posix.intros(7)}@{text "P[]"}\medskip\\
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   648
  $\mprset{flushleft}
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   649
   \inferrule
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   650
   {@{thm (prem 1) Posix.intros(6)[of "s\<^sub>1" "r" "v" "s\<^sub>2" "vs"]} \qquad
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   651
    @{thm (prem 2) Posix.intros(6)[of "s\<^sub>1" "r" "v" "s\<^sub>2" "vs"]} \qquad
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   652
    @{thm (prem 3) Posix.intros(6)[of "s\<^sub>1" "r" "v" "s\<^sub>2" "vs"]} \\\\
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   653
    @{thm (prem 4) Posix.intros(6)[of "s\<^sub>1" "r" "v" "s\<^sub>2" "vs"]}}
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   654
   {@{thm (concl) Posix.intros(6)[of "s\<^sub>1" "r" "v" "s\<^sub>2" "vs"]}}$@{text "P\<star>"}
112
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   655
  \end{tabular}
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   656
  \end{center}
698967eceaf1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 111
diff changeset
   657
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   658
   \noindent
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   659
   We can prove that given a string @{term s} and regular expression @{term
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   660
   r}, the POSIX value @{term v} is uniquely determined by @{term "s \<in> r \<rightarrow> v"}.
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   661
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   662
  \begin{theorem}\mbox{}\smallskip\\\label{posixdeterm}
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   663
  \begin{tabular}{ll}
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   664
  @{text "(1)"} & If @{thm (prem 1) Posix1(1)} then @{thm (concl)
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   665
  Posix1(1)} and @{thm (concl) Posix1(2)}.\\
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   666
  @{text "(2)"} & @{thm[mode=IfThen] Posix_determ(1)[of _ _ "v" "v'"]}
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   667
  \end{tabular}
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   668
  \end{theorem}
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   669
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   670
  \begin{proof} Both by induction on the definition of @{term "s \<in> r \<rightarrow> v"}. 
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   671
  The second parts follows by a case analysis of @{term "s \<in> r \<rightarrow> v'"} and
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   672
  the first part.\qed
175
fc22ca36325c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 174
diff changeset
   673
  \end{proof}
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   674
175
fc22ca36325c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 174
diff changeset
   675
  \noindent
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
   676
  We claim that our @{term "s \<in> r \<rightarrow> v"} relation captures the idea behind the two
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   677
  informal POSIX rules shown in the Introduction: Consider for example the
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   678
  rules @{text "P+L"} and @{text "P+R"} where the POSIX value for a string
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   679
  and an alternative regular expression, that is @{term "(s, ALT r\<^sub>1 r\<^sub>2)"},
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   680
  is specified---it is always a @{text "Left"}-value, \emph{except} when the
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   681
  string to be matched is not in the language of @{term "r\<^sub>1"}; only then it
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   682
  is a @{text Right}-value (see the side-condition in @{text "P+R"}).
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   683
  Interesting is also the rule for sequence regular expressions (@{text
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   684
  "PS"}). The first two premises state that @{term "v\<^sub>1"} and @{term "v\<^sub>2"}
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   685
  are the POSIX values for @{term "(s\<^sub>1, r\<^sub>1)"} and @{term "(s\<^sub>2, r\<^sub>2)"}
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   686
  respectively. Consider now the third premise and note that the POSIX value
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   687
  of this rule should match the string \mbox{@{term "s\<^sub>1 @ s\<^sub>2"}}. According to the
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   688
  longest match rule, we want that the @{term "s\<^sub>1"} is the longest initial
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   689
  split of \mbox{@{term "s\<^sub>1 @ s\<^sub>2"}} such that @{term "s\<^sub>2"} is still recognised
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   690
  by @{term "r\<^sub>2"}. Let us assume, contrary to the third premise, that there
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   691
  \emph{exist} an @{term "s\<^sub>3"} and @{term "s\<^sub>4"} such that @{term "s\<^sub>2"}
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   692
  can be split up into a non-empty string @{term "s\<^sub>3"} and a possibly empty
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   693
  string @{term "s\<^sub>4"}. Moreover the longer string @{term "s\<^sub>1 @ s\<^sub>3"} can be
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   694
  matched by @{text "r\<^sub>1"} and the shorter @{term "s\<^sub>4"} can still be
136
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   695
  matched by @{term "r\<^sub>2"}. In this case @{term "s\<^sub>1"} would \emph{not} be the
fa0d8aa5d7de updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 135
diff changeset
   696
  longest initial split of \mbox{@{term "s\<^sub>1 @ s\<^sub>2"}} and therefore @{term "Seq v\<^sub>1
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   697
  v\<^sub>2"} cannot be a POSIX value for @{term "(s\<^sub>1 @ s\<^sub>2, SEQ r\<^sub>1 r\<^sub>2)"}. 
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   698
  The main point is that our side-condition ensures the longest 
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   699
  match rule is satisfied.
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   700
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   701
  A similar condition is imposed on the POSIX value in the @{text
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   702
  "P\<star>"}-rule. Also there we want that @{term "s\<^sub>1"} is the longest initial
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   703
  split of @{term "s\<^sub>1 @ s\<^sub>2"} and furthermore the corresponding value
135
fee5641c5994 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 134
diff changeset
   704
  @{term v} cannot be flattened to the empty string. In effect, we require
137
4178b7e71809 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 136
diff changeset
   705
  that in each ``iteration'' of the star, some non-empty substring needs to
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   706
  be ``chipped'' away; only in case of the empty string we accept @{term
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   707
  "Stars []"} as the POSIX value.
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   708
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   709
  Next is the lemma that shows the function @{term "mkeps"} calculates
135
fee5641c5994 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 134
diff changeset
   710
  the POSIX value for the empty string and a nullable regular expression.
122
7c6c907660d8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 121
diff changeset
   711
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   712
  \begin{lemma}\label{lemmkeps}
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   713
  @{thm[mode=IfThen] Posix_mkeps}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   714
  \end{lemma}
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   715
123
1bee7006b92b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 122
diff changeset
   716
  \begin{proof}
1bee7006b92b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 122
diff changeset
   717
  By routine induction on @{term r}.\qed 
1bee7006b92b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 122
diff changeset
   718
  \end{proof}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   719
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   720
  \noindent
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   721
  The central lemma for our POSIX relation is that the @{text inj}-function
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   722
  preserves POSIX values.
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   723
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   724
  \begin{lemma}\label{Posix2}
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   725
  @{thm[mode=IfThen] Posix_injval}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   726
  \end{lemma}
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   727
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   728
  \begin{proof}
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   729
  By induction on @{text r}. We explain two cases.
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   730
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   731
  \begin{itemize}
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   732
  \item[$\bullet$] Case @{term "r = ALT r\<^sub>1 r\<^sub>2"}. There are
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   733
  two subcases, namely @{text "(a)"} \mbox{@{term "v = Left v'"}} and @{term
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   734
  "s \<in> der c r\<^sub>1 \<rightarrow> v'"}; and @{text "(b)"} @{term "v = Right v'"}, @{term
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   735
  "s \<notin> L (der c r\<^sub>1)"} and @{term "s \<in> der c r\<^sub>2 \<rightarrow> v'"}. In @{text "(a)"} we
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   736
  know @{term "s \<in> der c r\<^sub>1 \<rightarrow> v'"}, from which we can infer @{term "(c # s)
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   737
  \<in> r\<^sub>1 \<rightarrow> injval r\<^sub>1 c v'"} by induction hypothesis and hence @{term "(c #
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   738
  s) \<in> ALT r\<^sub>1 r\<^sub>2 \<rightarrow> injval (ALT r\<^sub>1 r\<^sub>2) c (Left v')"} as needed. Similarly
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   739
  in subcase @{text "(b)"} where, however, in addition we have to use
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   740
  Prop.~\ref{derprop}(2) in order to infer @{term "c # s \<notin> L r\<^sub>1"} from @{term
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   741
  "s \<notin> L (der c r\<^sub>1)"}.
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   742
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   743
  \item[$\bullet$] Case @{term "r = SEQ r\<^sub>1 r\<^sub>2"}. There are three subcases:
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   744
  
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   745
  \begin{quote}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   746
  \begin{description}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   747
  \item[@{text "(a)"}] @{term "v = Left (Seq v\<^sub>1 v\<^sub>2)"} and @{term "nullable r\<^sub>1"} 
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   748
  \item[@{text "(b)"}] @{term "v = Right v\<^sub>1"} and @{term "nullable r\<^sub>1"} 
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   749
  \item[@{text "(c)"}] @{term "v = Seq v\<^sub>1 v\<^sub>2"} and @{term "\<not> nullable r\<^sub>1"} 
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   750
  \end{description}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   751
  \end{quote}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   752
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   753
  \noindent For @{text "(a)"} we know @{term "s\<^sub>1 \<in> der c r\<^sub>1 \<rightarrow> v\<^sub>1"} and
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   754
  @{term "s\<^sub>2 \<in> r\<^sub>2 \<rightarrow> v\<^sub>2"} as well as
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   755
  %
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   756
  \[@{term "\<not> (\<exists>s\<^sub>3 s\<^sub>4. s\<^sub>3 \<noteq> [] \<and> s\<^sub>3 @ s\<^sub>4 = s\<^sub>2 \<and> s\<^sub>1 @ s\<^sub>3 \<in> L (der c r\<^sub>1) \<and> s\<^sub>4 \<in> L r\<^sub>2)"}\]
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   757
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   758
  \noindent From the latter we can infer by Prop.~\ref{derprop}(2):
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   759
  %
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   760
  \[@{term "\<not> (\<exists>s\<^sub>3 s\<^sub>4. s\<^sub>3 \<noteq> [] \<and> s\<^sub>3 @ s\<^sub>4 = s\<^sub>2 \<and> (c # s\<^sub>1) @ s\<^sub>3 \<in> L r\<^sub>1 \<and> s\<^sub>4 \<in> L r\<^sub>2)"}\]
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   761
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   762
  \noindent We can use the induction hypothesis for @{text "r\<^sub>1"} to obtain
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   763
  @{term "(c # s\<^sub>1) \<in> r\<^sub>1 \<rightarrow> injval r\<^sub>1 c v\<^sub>1"}. Putting this all together allows us to infer
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   764
  @{term "((c # s\<^sub>1) @ s\<^sub>2) \<in> SEQ r\<^sub>1 r\<^sub>2 \<rightarrow> Seq (injval r\<^sub>1 c v\<^sub>1) v\<^sub>2"}. The case @{text "(c)"}
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   765
  is similar.
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   766
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   767
  For @{text "(b)"} we know @{term "s \<in> der c r\<^sub>2 \<rightarrow> v\<^sub>1"} and 
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   768
  @{term "s\<^sub>1 @ s\<^sub>2 \<notin> L (SEQ (der c r\<^sub>1) r\<^sub>2)"}. From the former
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   769
  we have @{term "(c # s) \<in> r\<^sub>2 \<rightarrow> (injval r\<^sub>2 c v\<^sub>1)"} by induction hypothesis
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   770
  for @{term "r\<^sub>2"}. From the latter we can infer
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   771
  %
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   772
  \[@{term "\<not> (\<exists>s\<^sub>3 s\<^sub>4. s\<^sub>3 \<noteq> [] \<and> s\<^sub>3 @ s\<^sub>4 = c # s \<and> s\<^sub>3 \<in> L r\<^sub>1 \<and> s\<^sub>4 \<in> L r\<^sub>2)"}\]
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   773
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   774
  \noindent By Lem.~\ref{lemmkeps} we know @{term "[] \<in> r\<^sub>1 \<rightarrow> (mkeps r\<^sub>1)"}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   775
  holds. Putting this all together, we can conclude with @{term "(c #
137
4178b7e71809 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 136
diff changeset
   776
  s) \<in> SEQ r\<^sub>1 r\<^sub>2 \<rightarrow> Seq (mkeps r\<^sub>1) (injval r\<^sub>2 c v\<^sub>1)"}, as required.
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   777
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   778
  Finally suppose @{term "r = STAR r\<^sub>1"}. This case is very similar to the
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   779
  sequence case, except that we need to also ensure that @{term "flat (injval r\<^sub>1
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   780
  c v\<^sub>1) \<noteq> []"}. This follows from @{term "(c # s\<^sub>1)
137
4178b7e71809 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 136
diff changeset
   781
  \<in> r\<^sub>1 \<rightarrow> injval r\<^sub>1 c v\<^sub>1"}  (which in turn follows from @{term "s\<^sub>1 \<in> der c
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   782
  r\<^sub>1 \<rightarrow> v\<^sub>1"} and the induction hypothesis).\qed
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   783
  \end{itemize}
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   784
  \end{proof}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   785
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   786
  \noindent
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   787
  With Lem.~\ref{Posix2} in place, it is completely routine to establish
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   788
  that the Sulzmann and Lu lexer satisfies our specification (returning
178
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 177
diff changeset
   789
  the null value @{term "None"} iff the string is not in the language of the regular expression,
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   790
  and returning a unique POSIX value iff the string \emph{is} in the language):
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   791
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   792
  \begin{theorem}\mbox{}\smallskip\\\label{lexercorrect}
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   793
  \begin{tabular}{ll}
151
5a1196466a9c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 150
diff changeset
   794
  (1) & @{thm (lhs) lexer_correct_None} if and only if @{thm (rhs) lexer_correct_None}\\
5a1196466a9c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 150
diff changeset
   795
  (2) & @{thm (lhs) lexer_correct_Some} if and only if @{thm (rhs) lexer_correct_Some}\\
120
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   796
  \end{tabular}
d74bfa11802c updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 119
diff changeset
   797
  \end{theorem}
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   798
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   799
  \begin{proof}
146
da81ffac4b10 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 145
diff changeset
   800
  By induction on @{term s} using Lem.~\ref{lemmkeps} and \ref{Posix2}.\qed  
124
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   801
  \end{proof}
5378ddbd1381 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 123
diff changeset
   802
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   803
  \noindent In (2) we further know by Thm.~\ref{posixdeterm} that the
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   804
  value returned by the lexer must be unique.   A simple corollary 
187
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 186
diff changeset
   805
  of our two theorems is:
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   806
193
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 192
diff changeset
   807
  \begin{corollary}\mbox{}\smallskip\\\label{lexercorrectcor}
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   808
  \begin{tabular}{ll}
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   809
  (1) & @{thm (lhs) lexer_correctness(2)} if and only if @{thm (rhs) lexer_correctness(2)}\\ 
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   810
  (2) & @{thm (lhs) lexer_correctness(1)} if and only if @{thm (rhs) lexer_correctness(1)}\\
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   811
  \end{tabular}
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   812
  \end{corollary}
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   813
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   814
  \noindent
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
   815
  This concludes our
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   816
  correctness proof. Note that we have not changed the algorithm of
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   817
  Sulzmann and Lu,\footnote{All deviations we introduced are
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   818
  harmless.} but introduced our own specification for what a correct
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   819
  result---a POSIX value---should be. A strong point in favour of
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   820
  Sulzmann and Lu's algorithm is that it can be extended in various
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   821
  ways.
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   822
111
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   823
*}
289728193164 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 110
diff changeset
   824
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   825
section {* Extensions and Optimisations*}
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   826
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   827
text {*
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   828
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   829
  If we are interested in tokenising a string, then we need to not just
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   830
  split up the string into tokens, but also ``classify'' the tokens (for
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   831
  example whether it is a keyword or an identifier). This can be done with
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   832
  only minor modifications to the algorithm by introducing \emph{record
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   833
  regular expressions} and \emph{record values} (for example
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   834
  \cite{Sulzmann2014b}):
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   835
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   836
  \begin{center}  
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   837
  @{text "r :="}
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   838
  @{text "..."} $\mid$
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   839
  @{text "(l : r)"} \qquad\qquad
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   840
  @{text "v :="}
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   841
  @{text "..."} $\mid$
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   842
  @{text "(l : v)"}
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   843
  \end{center}
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   844
  
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   845
  \noindent where @{text l} is a label, say a string, @{text r} a regular
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   846
  expression and @{text v} a value. All functions can be smoothly extended
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   847
  to these regular expressions and values. For example \mbox{@{text "(l :
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   848
  r)"}} is nullable iff @{term r} is, and so on. The purpose of the record
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   849
  regular expression is to mark certain parts of a regular expression and
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   850
  then record in the calculated value which parts of the string were matched
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   851
  by this part. The label can then serve as classification for the tokens.
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   852
  For this recall the regular expression @{text "(r\<^bsub>key\<^esub> + r\<^bsub>id\<^esub>)\<^sup>\<star>"} for
177
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   853
  keywords and identifiers from the Introduction. With the record regular
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   854
  expression we can form \mbox{@{text "((key : r\<^bsub>key\<^esub>) + (id : r\<^bsub>id\<^esub>))\<^sup>\<star>"}}
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   855
  and then traverse the calculated value and only collect the underlying
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   856
  strings in record values. With this we obtain finite sequences of pairs of
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   857
  labels and strings, for example
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   858
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   859
  \[@{text "(l\<^sub>1 : s\<^sub>1), ..., (l\<^sub>n : s\<^sub>n)"}\]
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   860
  
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   861
  \noindent from which tokens with classifications (keyword-token,
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   862
  identifier-token and so on) can be extracted.
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   863
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   864
  Derivatives as calculated by \Brz's method are usually more complex
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   865
  regular expressions than the initial one; the result is that the
160
6342d0570502 corrected typo and corrected proofs in Sulzmann.thy
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 154
diff changeset
   866
  derivative-based matching and lexing algorithms are often abysmally slow.
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   867
  However, various optimisations are possible, such as the simplifications
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   868
  of @{term "ALT ZERO r"}, @{term "ALT r ZERO"}, @{term "SEQ ONE r"} and
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   869
  @{term "SEQ r ONE"} to @{term r}. These simplifications can speed up the
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   870
  algorithms considerably, as noted in \cite{Sulzmann2014}. One of the
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   871
  advantages of having a simple specification and correctness proof is that
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   872
  the latter can be refined to prove the correctness of such simplification
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   873
  steps. While the simplification of regular expressions according to 
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   874
  rules like
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   875
177
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   876
  \begin{equation}\label{Simpl}
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   877
  \begin{array}{lcllcllcllcl}
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   878
  @{term "ALT ZERO r"} & @{text "\<Rightarrow>"} & @{term r} \hspace{8mm}%\\
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   879
  @{term "ALT r ZERO"} & @{text "\<Rightarrow>"} & @{term r} \hspace{8mm}%\\
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   880
  @{term "SEQ ONE r"}  & @{text "\<Rightarrow>"} & @{term r} \hspace{8mm}%\\
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   881
  @{term "SEQ r ONE"}  & @{text "\<Rightarrow>"} & @{term r}
177
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   882
  \end{array}
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   883
  \end{equation}
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   884
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   885
  \noindent is well understood, there is an obstacle with the POSIX value
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   886
  calculation algorithm by Sulzmann and Lu: if we build a derivative regular
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   887
  expression and then simplify it, we will calculate a POSIX value for this
137
4178b7e71809 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 136
diff changeset
   888
  simplified derivative regular expression, \emph{not} for the original (unsimplified)
173
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
   889
  derivative regular expression. Sulzmann and Lu \cite{Sulzmann2014} overcome this obstacle by
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   890
  not just calculating a simplified regular expression, but also calculating
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   891
  a \emph{rectification function} that ``repairs'' the incorrect value.
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   892
  
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   893
  The rectification functions can be (slightly clumsily) implemented  in
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   894
  Isabelle/HOL as follows using some auxiliary functions:
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   895
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
   896
  \begin{center}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   897
  \begin{tabular}{lcl}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   898
  @{thm (lhs) F_RIGHT.simps(1)} & $\dn$ & @{text "Right (f v)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   899
  @{thm (lhs) F_LEFT.simps(1)} & $\dn$ & @{text "Left (f v)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   900
  
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   901
  @{thm (lhs) F_ALT.simps(1)} & $\dn$ & @{text "Right (f\<^sub>2 v)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   902
  @{thm (lhs) F_ALT.simps(2)} & $\dn$ & @{text "Left (f\<^sub>1 v)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   903
  
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   904
  @{thm (lhs) F_SEQ1.simps(1)} & $\dn$ & @{text "Seq (f\<^sub>1 ()) (f\<^sub>2 v)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   905
  @{thm (lhs) F_SEQ2.simps(1)} & $\dn$ & @{text "Seq (f\<^sub>1 v) (f\<^sub>2 ())"}\\
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
   906
  @{thm (lhs) F_SEQ.simps(1)} & $\dn$ & @{text "Seq (f\<^sub>1 v\<^sub>1) (f\<^sub>2 v\<^sub>2)"}\medskip\\
184
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   907
  %\end{tabular}
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   908
  %
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   909
  %\begin{tabular}{lcl}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   910
  @{term "simp_ALT (ZERO, DUMMY) (r\<^sub>2, f\<^sub>2)"} & $\dn$ & @{term "(r\<^sub>2, F_RIGHT f\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   911
  @{term "simp_ALT (r\<^sub>1, f\<^sub>1) (ZERO, DUMMY)"} & $\dn$ & @{term "(r\<^sub>1, F_LEFT f\<^sub>1)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   912
  @{term "simp_ALT (r\<^sub>1, f\<^sub>1) (r\<^sub>2, f\<^sub>2)"} & $\dn$ & @{term "(ALT r\<^sub>1 r\<^sub>2, F_ALT f\<^sub>1 f\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   913
  @{term "simp_SEQ (ONE, f\<^sub>1) (r\<^sub>2, f\<^sub>2)"} & $\dn$ & @{term "(r\<^sub>2, F_SEQ1 f\<^sub>1 f\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   914
  @{term "simp_SEQ (r\<^sub>1, f\<^sub>1) (ONE, f\<^sub>2)"} & $\dn$ & @{term "(r\<^sub>1, F_SEQ2 f\<^sub>1 f\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   915
  @{term "simp_SEQ (r\<^sub>1, f\<^sub>1) (r\<^sub>2, f\<^sub>2)"} & $\dn$ & @{term "(SEQ r\<^sub>1 r\<^sub>2, F_SEQ f\<^sub>1 f\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   916
  \end{tabular}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   917
  \end{center}
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
   918
126
e866678c29cb updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 125
diff changeset
   919
  \noindent
165
ca4dcfd912cb updated literature
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 162
diff changeset
   920
  The functions @{text "simp\<^bsub>Alt\<^esub>"} and @{text "simp\<^bsub>Seq\<^esub>"} encode the simplification rules
177
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   921
  in \eqref{Simpl} and compose the rectification functions (simplifications can occur
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   922
  deep inside the regular expression). The main simplification function is then 
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   923
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   924
  \begin{center}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   925
  \begin{tabular}{lcl}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   926
  @{term "simp (ALT r\<^sub>1 r\<^sub>2)"} & $\dn$ & @{term "simp_ALT (simp r\<^sub>1) (simp r\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   927
  @{term "simp (SEQ r\<^sub>1 r\<^sub>2)"} & $\dn$ & @{term "simp_SEQ (simp r\<^sub>1) (simp r\<^sub>2)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   928
  @{term "simp r"} & $\dn$ & @{term "(r, id)"}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   929
  \end{tabular}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   930
  \end{center} 
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   931
184
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   932
  \noindent where @{term "id"} stands for the identity function. The
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   933
  function @{const simp} returns a simplified regular expression and a corresponding
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   934
  rectification function. Note that we do not simplify under stars: this
184
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   935
  seems to slow down the algorithm, rather than speed it up. The optimised
147
71f4ecc08849 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 146
diff changeset
   936
  lexer is then given by the clauses:
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   937
  
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   938
  \begin{center}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   939
  \begin{tabular}{lcl}
145
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
   940
  @{thm (lhs) slexer.simps(1)} & $\dn$ & @{thm (rhs) slexer.simps(1)}\\
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
   941
  @{thm (lhs) slexer.simps(2)} & $\dn$ & 
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   942
                         @{text "let (r\<^sub>s, f\<^sub>r) = simp (r "}$\backslash$@{text " c) in"}\\
145
97735ef233be updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 141
diff changeset
   943
                     & & @{text "case"} @{term "slexer r\<^sub>s s"} @{text of}\\
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   944
                     & & \phantom{$|$} @{term "None"}  @{text "\<Rightarrow>"} @{term None}\\
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   945
                     & & $|$ @{term "Some v"} @{text "\<Rightarrow>"} @{text "Some (inj r c (f\<^sub>r v))"}                          
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   946
  \end{tabular}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   947
  \end{center}
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   948
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   949
  \noindent
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   950
  In the second clause we first calculate the derivative @{term "der c r"}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   951
  and then simplify the result. This gives us a simplified derivative
138
a87b8a09ffe8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 137
diff changeset
   952
  @{text "r\<^sub>s"} and a rectification function @{text "f\<^sub>r"}. The lexer
a87b8a09ffe8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 137
diff changeset
   953
  is then recursively called with the simplified derivative, but before
177
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
   954
  we inject the character @{term c} into the value @{term v}, we need to rectify
179
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   955
  @{term v} (that is construct @{term "f\<^sub>r v"}). Before we can establish the correctness
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   956
  of @{term "slexer"}, we need to show that simplification preserves the language
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   957
  and simplification preserves our POSIX relation once the value is rectified
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
   958
  (recall @{const "simp"} generates a (regular expression, rectification function) pair):
179
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   959
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   960
  \begin{lemma}\mbox{}\smallskip\\\label{slexeraux}
179
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   961
  \begin{tabular}{ll}
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   962
  (1) & @{thm L_fst_simp[symmetric]}\\
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   963
  (2) & @{thm[mode=IfThen] Posix_simp}
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   964
  \end{tabular}
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   965
  \end{lemma}
85766e408c66 improved simplifying theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 178
diff changeset
   966
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   967
  \begin{proof} Both are by induction on @{text r}. There is no
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   968
  interesting case for the first statement. For the second statement,
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   969
  of interest are the @{term "r = ALT r\<^sub>1 r\<^sub>2"} and @{term "r = SEQ r\<^sub>1
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   970
  r\<^sub>2"} cases. In each case we have to analyse four subcases whether
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   971
  @{term "fst (simp r\<^sub>1)"} and @{term "fst (simp r\<^sub>2)"} equals @{const
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   972
  ZERO} (respectively @{const ONE}). For example for @{term "r = ALT
184
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
   973
  r\<^sub>1 r\<^sub>2"}, consider the subcase @{term "fst (simp r\<^sub>1) = ZERO"} and
181
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   974
  @{term "fst (simp r\<^sub>2) \<noteq> ZERO"}. By assumption we know @{term "s \<in>
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   975
  fst (simp (ALT r\<^sub>1 r\<^sub>2)) \<rightarrow> v"}. From this we can infer @{term "s \<in> fst (simp r\<^sub>2) \<rightarrow> v"}
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   976
  and by IH also (*) @{term "s \<in> r\<^sub>2 \<rightarrow> (snd (simp r\<^sub>2) v)"}. Given @{term "fst (simp r\<^sub>1) = ZERO"}
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   977
  we know @{term "L (fst (simp r\<^sub>1)) = {}"}. By the first statement
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   978
  @{term "L r\<^sub>1"} is the empty set, meaning (**) @{term "s \<notin> L r\<^sub>1"}.
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   979
  Taking (*) and (**) together gives by the \mbox{@{text "P+R"}}-rule 
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   980
  @{term "s \<in> ALT r\<^sub>1 r\<^sub>2 \<rightarrow> Right (snd (simp r\<^sub>2) v)"}. In turn this
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   981
  gives @{term "s \<in> ALT r\<^sub>1 r\<^sub>2 \<rightarrow> snd (simp (ALT r\<^sub>1 r\<^sub>2)) v"} as we need to show.
162f112b814b squeezed on 16 pages
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 180
diff changeset
   982
  The other cases are similar.\qed
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   983
  \end{proof}
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   984
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   985
  \noindent We can now prove relatively straightforwardly that the
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
   986
  optimised lexer produces the expected result:
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   987
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   988
  \begin{theorem}
149
ec3d221bfc45 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 148
diff changeset
   989
  @{thm slexer_correctness}
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
   990
  \end{theorem}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
   991
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   992
  \begin{proof} By induction on @{term s} generalising over @{term
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   993
  r}. The case @{term "[]"} is trivial. For the cons-case suppose the
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   994
  string is of the form @{term "c # s"}. By induction hypothesis we
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   995
  know @{term "slexer r s = lexer r s"} holds for all @{term r} (in
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   996
  particular for @{term "r"} being the derivative @{term "der c
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
   997
  r"}). Let @{term "r\<^sub>s"} be the simplified derivative regular expression, that is @{term
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
   998
  "fst (simp (der c r))"}, and @{term "f\<^sub>r"} be the rectification
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
   999
  function, that is @{term "snd (simp (der c r))"}.  We distinguish the cases
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1000
  whether (*) @{term "s \<in> L (der c r)"} or not. In the first case we
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1001
  have by Thm.~\ref{lexercorrect}(2) a value @{term "v"} so that @{term
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1002
  "lexer (der c r) s = Some v"} and @{term "s \<in> der c r \<rightarrow> v"} hold.
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1003
  By Lem.~\ref{slexeraux}(1) we can also infer from~(*) that @{term "s
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1004
  \<in> L r\<^sub>s"} holds.  Hence we know by Thm.~\ref{lexercorrect}(2) that
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1005
  there exists a @{term "v'"} with @{term "lexer r\<^sub>s s = Some v'"} and
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1006
  @{term "s \<in> r\<^sub>s \<rightarrow> v'"}. From the latter we know by
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1007
  Lem.~\ref{slexeraux}(2) that @{term "s \<in> der c r \<rightarrow> (f\<^sub>r v')"} holds.
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1008
  By the uniqueness of the POSIX relation (Thm.~\ref{posixdeterm}) we
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1009
  can infer that @{term v} is equal to @{term "f\<^sub>r v'"}---that is the 
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1010
  rectification function applied to @{term "v'"}
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1011
  produces the original @{term "v"}.  Now the case follows by the
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1012
  definitions of @{const lexer} and @{const slexer}.
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
  1013
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1014
  In the second case where @{term "s \<notin> L (der c r)"} we have that
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1015
  @{term "lexer (der c r) s = None"} by Thm.~\ref{lexercorrect}(1).  We
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1016
  also know by Lem.~\ref{slexeraux}(1) that @{term "s \<notin> L r\<^sub>s"}. Hence
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1017
  @{term "lexer r\<^sub>s s = None"} by Thm.~\ref{lexercorrect}(1) and
180
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1018
  by IH then also @{term "slexer r\<^sub>s s = None"}. With this we can
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1019
  conclude in this case too.\qed   
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1020
42ffaca7c85e isarfied the simplify theory
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 179
diff changeset
  1021
  \end{proof} 
125
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
  1022
*}
ff0844860981 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 124
diff changeset
  1023
172
cdc0bdcfba3f updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 171
diff changeset
  1024
section {* The Correctness Argument by Sulzmann and Lu\label{argu} *}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1025
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1026
text {*
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1027
%  \newcommand{\greedy}{\succcurlyeq_{gr}}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1028
 \newcommand{\posix}{>}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1029
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1030
  An extended version of \cite{Sulzmann2014} is available at the website of
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1031
  its first author; this includes some ``proofs'', claimed in
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1032
  \cite{Sulzmann2014} to be ``rigorous''. Since these are evidently not in
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1033
  final form, we make no comment thereon, preferring to give general reasons
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1034
  for our belief that the approach of \cite{Sulzmann2014} is problematic.
132
03ca57e3f199 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 131
diff changeset
  1035
  Their central definition is an ``ordering relation'' defined by the
03ca57e3f199 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 131
diff changeset
  1036
  rules (slightly adapted to fit our notation):
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1037
183
685bff2890d5 less squeezing
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 182
diff changeset
  1038
\begin{center}  
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1039
\begin{tabular}{@ {}c@ {\hspace{4mm}}c@ {}}	
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
  1040
??? &
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
  1041
??? \smallskip\\
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1042
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1043
\end{tabular}
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1044
\end{center}
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1045
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1046
  \noindent The idea behind the rules (A1) and (A2), for example, is that a
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1047
  @{text Left}-value is bigger than a @{text Right}-value, if the underlying
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1048
  string of the @{text Left}-value is longer or of equal length to the
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1049
  underlying string of the @{text Right}-value. The order is reversed,
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1050
  however, if the @{text Right}-value can match a longer string than a
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1051
  @{text Left}-value. In this way the POSIX value is supposed to be the
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1052
  biggest value for a given string and regular expression.
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1053
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1054
  Sulzmann and Lu explicitly refer to the paper \cite{Frisch2004} by Frisch
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1055
  and Cardelli from where they have taken the idea for their correctness
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1056
  proof. Frisch and Cardelli introduced a similar ordering for GREEDY
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1057
  matching and they showed that their GREEDY matching algorithm always
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1058
  produces a maximal element according to this ordering (from all possible
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1059
  solutions). The only difference between their GREEDY ordering and the
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1060
  ``ordering'' by Sulzmann and Lu is that GREEDY always prefers a @{text
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1061
  Left}-value over a @{text Right}-value, no matter what the underlying
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1062
  string is. This seems to be only a very minor difference, but it has
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1063
  drastic consequences in terms of what properties both orderings enjoy.
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1064
  What is interesting for our purposes is that the properties reflexivity,
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1065
  totality and transitivity for this GREEDY ordering can be proved
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1066
  relatively easily by induction.
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
  1067
*}
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1068
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
  1069
(*
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1070
  These properties of GREEDY, however, do not transfer to the POSIX
184
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
  1071
  ``ordering'' by Sulzmann and Lu, which they define as @{text "v\<^sub>1 \<ge>\<^sub>r v\<^sub>2"}. 
a42c773ec8ab Roy's comments
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 183
diff changeset
  1072
  To start with, @{text "v\<^sub>1 \<ge>\<^sub>r v\<^sub>2"} is
186
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
  1073
  not defined inductively, but as $($@{term "v\<^sub>1 = v\<^sub>2"}$)$ $\vee$ $($@{term "(v\<^sub>1 >r
0b94800eb616 added corollary
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 185
diff changeset
  1074
  v\<^sub>2) \<and> (flat v\<^sub>1 = flat (v\<^sub>2::val))"}$)$. This means that @{term "v\<^sub>1
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1075
  >(r::rexp) (v\<^sub>2::val)"} does not necessarily imply @{term "v\<^sub>1 \<ge>(r::rexp)
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1076
  (v\<^sub>2::val)"}. Moreover, transitivity does not hold in the ``usual''
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1077
  formulation, for example:
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
  1078
*)
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1079
362
e51c9a67a68d updated
Christian Urban <christian.urban@kcl.ac.uk>
parents: 269
diff changeset
  1080
text {*
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
  1081
  \begin{falsehood}
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1082
  Suppose @{term "\<turnstile> v\<^sub>1 : r"}, @{term "\<turnstile> v\<^sub>2 : r"} and @{term "\<turnstile> v\<^sub>3 : r"}.
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1083
  If @{term "v\<^sub>1 >(r::rexp) (v\<^sub>2::val)"} and @{term "v\<^sub>2 >(r::rexp) (v\<^sub>3::val)"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1084
  then @{term "v\<^sub>1 >(r::rexp) (v\<^sub>3::val)"}.
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
  1085
  \end{falsehood}
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1086
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1087
  \noindent If formulated in this way, then there are various counter
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1088
  examples: For example let @{term r} be @{text "a + ((a + a)\<cdot>(a + \<zero>))"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1089
  then the @{term "v\<^sub>1"}, @{term "v\<^sub>2"} and @{term "v\<^sub>3"} below are values
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1090
  of @{term r}:
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1091
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1092
  \begin{center}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1093
  \begin{tabular}{lcl}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1094
  @{term "v\<^sub>1"} & $=$ & @{term "Left(Char a)"}\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1095
  @{term "v\<^sub>2"} & $=$ & @{term "Right(Seq (Left(Char a)) (Right Void))"}\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1096
  @{term "v\<^sub>3"} & $=$ & @{term "Right(Seq (Right(Char a)) (Left(Char a)))"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1097
  \end{tabular}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1098
  \end{center}
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1099
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1100
  \noindent Moreover @{term "v\<^sub>1 >(r::rexp) v\<^sub>2"} and @{term "v\<^sub>2 >(r::rexp)
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1101
  v\<^sub>3"}, but \emph{not} @{term "v\<^sub>1 >(r::rexp) v\<^sub>3"}! The reason is that
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1102
  although @{term "v\<^sub>3"} is a @{text "Right"}-value, it can match a longer
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1103
  string, namely @{term "flat v\<^sub>3 = [a,a]"}, while @{term "flat v\<^sub>1"} (and
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1104
  @{term "flat v\<^sub>2"}) matches only @{term "[a]"}. So transitivity in this
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1105
  formulation does not hold---in this example actually @{term "v\<^sub>3
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1106
  >(r::rexp) v\<^sub>1"}!
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1107
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1108
  Sulzmann and Lu ``fix'' this problem by weakening the transitivity
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1109
  property. They require in addition that the underlying strings are of the
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1110
  same length. This excludes the counter example above and any
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1111
  counter-example we were able to find (by hand and by machine). Thus the
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1112
  transitivity lemma should be formulated as:
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1113
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
  1114
  \begin{conject}
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1115
  Suppose @{term "\<turnstile> v\<^sub>1 : r"}, @{term "\<turnstile> v\<^sub>2 : r"} and @{term "\<turnstile> v\<^sub>3 : r"},
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1116
  and also @{text "|v\<^sub>1| = |v\<^sub>2| = |v\<^sub>3|"}.\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1117
  If @{term "v\<^sub>1 >(r::rexp) (v\<^sub>2::val)"} and @{term "v\<^sub>2 >(r::rexp) (v\<^sub>3::val)"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1118
  then @{term "v\<^sub>1 >(r::rexp) (v\<^sub>3::val)"}.
174
4e3778f4a802 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 173
diff changeset
  1119
  \end{conject}
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1120
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1121
  \noindent While we agree with Sulzmann and Lu that this property
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1122
  probably(!) holds, proving it seems not so straightforward: although one
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1123
  begins with the assumption that the values have the same flattening, this
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1124
  cannot be maintained as one descends into the induction. This is a problem
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1125
  that occurs in a number of places in the proofs by Sulzmann and Lu.
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1126
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1127
  Although they do not give an explicit proof of the transitivity property,
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1128
  they give a closely related property about the existence of maximal
185
841f7b9c0a6a updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 184
diff changeset
  1129
  elements. They state that this can be verified by an induction on @{term r}. We
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1130
  disagree with this as we shall show next in case of transitivity. The case
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1131
  where the reasoning breaks down is the sequence case, say @{term "SEQ r\<^sub>1 r\<^sub>2"}.
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1132
  The induction hypotheses in this case are
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1133
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1134
\begin{center}
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1135
\begin{tabular}{@ {}c@ {\hspace{10mm}}c@ {}}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1136
\begin{tabular}{@ {}l@ {\hspace{-7mm}}l@ {}}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1137
IH @{term "r\<^sub>1"}:\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1138
@{text "\<forall> v\<^sub>1, v\<^sub>2, v\<^sub>3."} \\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1139
  & @{term "\<turnstile> v\<^sub>1 : r\<^sub>1"}\;@{text "\<and>"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1140
    @{term "\<turnstile> v\<^sub>2 : r\<^sub>1"}\;@{text "\<and>"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1141
    @{term "\<turnstile> v\<^sub>3 : r\<^sub>1"}\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1142
  & @{text "\<and>"} @{text "|v\<^sub>1| = |v\<^sub>2| = |v\<^sub>3|"}\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1143
  & @{text "\<and>"} @{term "v\<^sub>1 >(r\<^sub>1::rexp) v\<^sub>2 \<and> v\<^sub>2 >(r\<^sub>1::rexp) v\<^sub>3"}\medskip\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1144
  & $\Rightarrow$ @{term "v\<^sub>1 >(r\<^sub>1::rexp) v\<^sub>3"}
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1145
\end{tabular} &
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1146
\begin{tabular}{@ {}l@ {\hspace{-7mm}}l@ {}}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1147
IH @{term "r\<^sub>2"}:\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1148
@{text "\<forall> v\<^sub>1, v\<^sub>2, v\<^sub>3."}\\ 
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1149
  & @{term "\<turnstile> v\<^sub>1 : r\<^sub>2"}\;@{text "\<and>"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1150
    @{term "\<turnstile> v\<^sub>2 : r\<^sub>2"}\;@{text "\<and>"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1151
    @{term "\<turnstile> v\<^sub>3 : r\<^sub>2"}\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1152
  & @{text "\<and>"} @{text "|v\<^sub>1| = |v\<^sub>2| = |v\<^sub>3|"}\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1153
  & @{text "\<and>"} @{term "v\<^sub>1 >(r\<^sub>2::rexp) v\<^sub>2 \<and> v\<^sub>2 >(r\<^sub>2::rexp) v\<^sub>3"}\medskip\\
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1154
  & $\Rightarrow$ @{term "v\<^sub>1 >(r\<^sub>2::rexp) v\<^sub>3"}
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1155
\end{tabular}
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1156
\end{tabular}
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1157
\end{center} 
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1158
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1159
  \noindent We can assume that
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1160
  %
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1161
  \begin{equation}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1162
  @{term "(Seq (v\<^sub>1\<^sub>l) (v\<^sub>1\<^sub>r)) >(SEQ r\<^sub>1 r\<^sub>2) (Seq (v\<^sub>2\<^sub>l) (v\<^sub>2\<^sub>r))"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1163
  \qquad\textrm{and}\qquad
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1164
  @{term "(Seq (v\<^sub>2\<^sub>l) (v\<^sub>2\<^sub>r)) >(SEQ r\<^sub>1 r\<^sub>2) (Seq (v\<^sub>3\<^sub>l) (v\<^sub>3\<^sub>r))"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1165
  \label{assms}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1166
  \end{equation}
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1167
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1168
  \noindent hold, and furthermore that the values have equal length, namely:
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1169
  %
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1170
  \begin{equation}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1171
  @{term "flat (Seq (v\<^sub>1\<^sub>l) (v\<^sub>1\<^sub>r)) = flat (Seq (v\<^sub>2\<^sub>l) (v\<^sub>2\<^sub>r))"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1172
  \qquad\textrm{and}\qquad
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1173
  @{term "flat (Seq (v\<^sub>2\<^sub>l) (v\<^sub>2\<^sub>r)) = flat (Seq (v\<^sub>3\<^sub>l) (v\<^sub>3\<^sub>r))"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1174
  \label{lens}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1175
  \end{equation} 
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1176
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1177
  \noindent We need to show that @{term "(Seq (v\<^sub>1\<^sub>l) (v\<^sub>1\<^sub>r)) >(SEQ r\<^sub>1 r\<^sub>2)
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1178
  (Seq (v\<^sub>3\<^sub>l) (v\<^sub>3\<^sub>r))"} holds. We can proceed by analysing how the
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1179
  assumptions in \eqref{assms} have arisen. There are four cases. Let us
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1180
  assume we are in the case where we know
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1181
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1182
  \[
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1183
  @{term "v\<^sub>1\<^sub>l >(r\<^sub>1::rexp) v\<^sub>2\<^sub>l"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1184
  \qquad\textrm{and}\qquad
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1185
  @{term "v\<^sub>2\<^sub>l >(r\<^sub>1::rexp) v\<^sub>3\<^sub>l"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1186
  \]
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1187
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1188
  \noindent and also know the corresponding inhabitation judgements. This is
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1189
  exactly a case where we would like to apply the induction hypothesis
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1190
  IH~$r_1$. But we cannot! We still need to show that @{term "flat (v\<^sub>1\<^sub>l) =
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1191
  flat(v\<^sub>2\<^sub>l)"} and @{term "flat(v\<^sub>2\<^sub>l) = flat(v\<^sub>3\<^sub>l)"}. We know from
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1192
  \eqref{lens} that the lengths of the sequence values are equal, but from
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1193
  this we cannot infer anything about the lengths of the component values.
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1194
  Indeed in general they will be unequal, that is
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1195
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1196
  \[
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1197
  @{term "flat(v\<^sub>1\<^sub>l) \<noteq> flat(v\<^sub>2\<^sub>l)"}  
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1198
  \qquad\textrm{and}\qquad
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1199
  @{term "flat(v\<^sub>1\<^sub>r) \<noteq> flat(v\<^sub>2\<^sub>r)"}
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1200
  \]
128
f87e6e23bf17 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 127
diff changeset
  1201
148
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1202
  \noindent but still \eqref{lens} will hold. Now we are stuck, since the IH
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1203
  does not apply. As said, this problem where the induction hypothesis does
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1204
  not apply arises in several places in the proof of Sulzmann and Lu, not
702ed601349b updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 147
diff changeset
  1205
  just for proving transitivity.
127
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1206
b208bc047eed updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 126
diff changeset
  1207
*}
107
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
  1208
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
  1209
section {* Conclusion *}
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
  1210
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
  1211
text {*
6adda4a667b1 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
  1212
152
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
  1213
  We have implemented the POSIX value calculation algorithm introduced by
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
  1214
  Sulzmann and Lu
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1215
  \cite{Sulzmann2014}. Our implementation is nearly identical to the
138
a87b8a09ffe8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 137
diff changeset
  1216
  original and all modifications we introduced are harmless (like our char-clause for
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1217
  @{text inj}). We have proved this algorithm to be correct, but correct
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1218
  according to our own specification of what POSIX values are. Our
152
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
  1219
  specification (inspired from work by Vansummeren \cite{Vansummeren2006}) appears to be
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1220
  much simpler than in \cite{Sulzmann2014} and our proofs are nearly always
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1221
  straightforward. We have attempted to formalise the original proof
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1222
  by Sulzmann and Lu \cite{Sulzmann2014}, but we believe it contains
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1223
  unfillable gaps. In the online version of \cite{Sulzmann2014}, the authors
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1224
  already acknowledge some small problems, but our experience suggests
138
a87b8a09ffe8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 137
diff changeset
  1225
  that there are more serious problems. 
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1226
  
141
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1227
  Having proved the correctness of the POSIX lexing algorithm in
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1228
  \cite{Sulzmann2014}, which lessons have we learned? Well, this is a
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1229
  perfect example for the importance of the \emph{right} definitions. We
182
2e70c1b06ac0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 181
diff changeset
  1230
  have (on and off) explored mechanisations as soon as first versions
141
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1231
  of \cite{Sulzmann2014} appeared, but have made little progress with
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1232
  turning the relatively detailed proof sketch in \cite{Sulzmann2014} into a
173
80fe81a28a52 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 172
diff changeset
  1233
  formalisable proof. Having seen \cite{Vansummeren2006} and adapted the
141
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1234
  POSIX definition given there for the algorithm by Sulzmann and Lu made all
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1235
  the difference: the proofs, as said, are nearly straightforward. The
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1236
  question remains whether the original proof idea of \cite{Sulzmann2014},
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1237
  potentially using our result as a stepping stone, can be made to work?
182
2e70c1b06ac0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 181
diff changeset
  1238
  Alas, we really do not know despite considerable effort.
141
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1239
879d43256063 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 140
diff changeset
  1240
137
4178b7e71809 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 136
diff changeset
  1241
  Closely related to our work is an automata-based lexer formalised by
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1242
  Nipkow \cite{Nipkow98}. This lexer also splits up strings into longest
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1243
  initial substrings, but Nipkow's algorithm is not completely
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1244
  computational. The algorithm by Sulzmann and Lu, in contrast, can be
162
aa4fdba769ea some small typos
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 160
diff changeset
  1245
  implemented with ease in any functional language. A bespoke lexer for the
138
a87b8a09ffe8 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 137
diff changeset
  1246
  Imp-language is formalised in Coq as part of the Software Foundations book
162
aa4fdba769ea some small typos
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 160
diff changeset
  1247
  by Pierce et al \cite{Pierce2015}. The disadvantage of such bespoke lexers is that they
133
23e68b81a908 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 132
diff changeset
  1248
  do not generalise easily to more advanced features.
192
f101eac348f8 updated AFP link
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 190
diff changeset
  1249
  Our formalisation is available from the Archive of Formal Proofs \cite{aduAFP16}
f101eac348f8 updated AFP link
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 190
diff changeset
  1250
  under \url{http://www.isa-afp.org/entries/Posix-Lexing.shtml}.\medskip
98
8b4c8cdd0b51 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 97
diff changeset
  1251
152
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
  1252
  \noindent
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
  1253
  {\bf Acknowledgements:}
e3eb82ea2244 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 151
diff changeset
  1254
  We are very grateful to Martin Sulzmann for his comments on our work and 
189
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 187
diff changeset
  1255
  moreover for patiently explaining to us the details in \cite{Sulzmann2014}. We
177
e85d10b238d0 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 176
diff changeset
  1256
  also received very helpful comments from James Cheney and anonymous referees.
190
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 189
diff changeset
  1257
  %  \small
95
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1258
  \bibliographystyle{plain}
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1259
  \bibliography{root}
101
7f4f8c34da95 fixed inj function
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 100
diff changeset
  1260
95
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1261
*}
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1262
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1263
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1264
(*<*)
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1265
end
a33d3040bf7e started a paper and moved cruft to Attic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff changeset
  1266
(*>*)