169 |
169 |
170 Because of these problems to do with representing automata, there seems |
170 Because of these problems to do with representing automata, there seems |
171 to be no substantial formalisation of automata theory and regular languages |
171 to be no substantial formalisation of automata theory and regular languages |
172 carried out in HOL-based theorem provers. Nipkow establishes in |
172 carried out in HOL-based theorem provers. Nipkow establishes in |
173 \cite{Nipkow98} the link between regular expressions and automata in |
173 \cite{Nipkow98} the link between regular expressions and automata in |
174 the restricted context of lexing. The only larger formalisations of automata theory |
174 the context of lexing. The only larger formalisations of automata theory |
175 are carried out in Nuprl \cite{Constable00} and in Coq (for example |
175 are carried out in Nuprl \cite{Constable00} and in Coq (for example |
176 \cite{Filliatre97}). |
176 \cite{Filliatre97}). |
177 |
177 |
178 In this paper, we will not attempt to formalise automata theory in |
178 In this paper, we will not attempt to formalise automata theory in |
179 Isabelle/HOL, but take a completely different approach to regular |
179 Isabelle/HOL, but take a completely different approach to regular |
237 (iii) & @{thm seq_Union_left} \\ |
237 (iii) & @{thm seq_Union_left} \\ |
238 \end{tabular} |
238 \end{tabular} |
239 \end{proposition} |
239 \end{proposition} |
240 |
240 |
241 \noindent |
241 \noindent |
242 In @{text "(ii)"} we use the notation @{term "length s"} for the length of a string. |
242 In @{text "(ii)"} we use the notation @{term "length s"} for the length of a |
243 We omit the proofs for these properties, but invite the reader to consult |
243 string. This property states that if @{term "[] \<notin> A"} then the lengths of |
244 our formalisation.\footnote{Available at ???} |
244 the strings in @{term "A \<up> (Suc n)"} must be longer than @{text n}. We omit |
245 |
245 the proofs for these properties, but invite the reader to consult our |
|
246 formalisation.\footnote{Available at ???} |
246 |
247 |
247 The notation in Isabelle/HOL for the quotient of a language @{text A} according to an |
248 The notation in Isabelle/HOL for the quotient of a language @{text A} according to an |
248 equivalence relation @{term REL} is @{term "A // REL"}. We will write |
249 equivalence relation @{term REL} is @{term "A // REL"}. We will write |
249 @{text "\<lbrakk>x\<rbrakk>\<^isub>\<approx>"} for the equivalence class defined |
250 @{text "\<lbrakk>x\<rbrakk>\<^isub>\<approx>"} for the equivalence class defined |
250 as @{text "{y | y \<approx> x}"}. |
251 as @{text "{y | y \<approx> x}"}. |
325 @{thm (rhs) L_rexp.simps(6)[where r="r"]}\\ |
326 @{thm (rhs) L_rexp.simps(6)[where r="r"]}\\ |
326 \end{tabular} |
327 \end{tabular} |
327 \end{tabular} |
328 \end{tabular} |
328 \end{center} |
329 \end{center} |
329 |
330 |
330 Given a set of regular expressions @{text rs}, we will make use of the operation of generating |
331 Given a finite set of regular expressions @{text rs}, we will make use of the operation of generating |
331 a regular expression that matches all languages of @{text rs}. We only need to know the existence |
332 a regular expression that matches all languages of @{text rs}. We only need to know the existence |
332 of such a regular expression and therefore we use Isabelle/HOL's @{const "fold_graph"} and Hilbert's |
333 of such a regular expression and therefore we use Isabelle/HOL's @{const "fold_graph"} and Hilbert's |
333 @{text "\<epsilon>"} to define @{term "\<Uplus>rs"}. This operation, roughly speaking, folds @{const ALT} over the |
334 @{text "\<epsilon>"} to define @{term "\<Uplus>rs"}. This operation, roughly speaking, folds @{const ALT} over the |
334 set @{text rs} with @{const NULL} for the empty set. We can prove that for finite sets @{text rs} |
335 set @{text rs} with @{const NULL} for the empty set. We can prove that for a finite set @{text rs} |
335 |
336 |
336 \begin{center} |
337 \begin{center} |
337 @{thm (lhs) folds_alt_simp} @{text "= \<Union> (\<calL> ` rs)"} |
338 @{thm (lhs) folds_alt_simp} @{text "= \<Union> (\<calL> ` rs)"} |
338 \end{center} |
339 \end{center} |
339 |
340 |
340 \noindent |
341 \noindent |
341 holds, whereby @{text "\<calL> ` rs"} stands for the |
342 holds, whereby @{text "\<calL> ` rs"} stands for the |
342 image of the set @{text rs} under function @{text "\<calL>"}. |
343 image of the set @{text rs} under function @{text "\<calL>"}. |
343 *} |
344 *} |
344 |
345 |
345 section {* Finite Partitions Imply Regularity of a Language *} |
346 section {* The Myhill-Nerode Theorem, First Part *} |
346 |
347 |
347 text {* |
348 text {* |
348 The key definition in the Myhill-Nerode theorem is the |
349 The key definition in the Myhill-Nerode theorem is the |
349 \emph{Myhill-Nerode relation}, which states that w.r.t.~a language two |
350 \emph{Myhill-Nerode relation}, which states that w.r.t.~a language two |
350 strings are related, provided there is no distinguishing extension in this |
351 strings are related, provided there is no distinguishing extension in this |
376 @{thm[mode=IfThen] Myhill_Nerode1} |
377 @{thm[mode=IfThen] Myhill_Nerode1} |
377 \end{theorem} |
378 \end{theorem} |
378 |
379 |
379 \noindent |
380 \noindent |
380 To prove this theorem, we first define the set @{term "finals A"} as those equivalence |
381 To prove this theorem, we first define the set @{term "finals A"} as those equivalence |
381 classes that contain strings of @{text A}, namely |
382 classes from @{term "UNIV // \<approx>A"} that contain strings of @{text A}, namely |
382 % |
383 % |
383 \begin{equation} |
384 \begin{equation} |
384 @{thm finals_def} |
385 @{thm finals_def} |
385 \end{equation} |
386 \end{equation} |
386 |
387 |
387 \noindent |
388 \noindent |
388 In our running example, @{text "X\<^isub>2"} is the only equivalence class in @{term "finals {[c]}"}. |
389 In our running example, @{text "X\<^isub>2"} is the only equivalence class in @{term "finals {[c]}"}. |
389 It is straightforward to show that in general @{thm lang_is_union_of_finals} and |
390 It is straightforward to show that in general @{thm lang_is_union_of_finals} and |
390 @{thm finals_in_partitions} hold. |
391 @{thm finals_in_partitions} hold. |
391 Therefore if we know that there exists a regular expression for every |
392 Therefore if we know that there exists a regular expression for every |
392 equivalence class in @{term "finals A"} (which by assumption must be |
393 equivalence class in \mbox{@{term "finals A"}} (which by assumption must be |
393 a finite set), then we can use @{text "\<bigplus>"} to obtain a regular expression |
394 a finite set), then we can use @{text "\<bigplus>"} to obtain a regular expression |
394 that matches every string in @{text A}. |
395 that matches every string in @{text A}. |
395 |
396 |
396 |
397 |
397 Our proof of Thm.~\ref{myhillnerodeone} relies on a method that can calculate a |
398 Our proof of Thm.~\ref{myhillnerodeone} relies on a method that can calculate a |
410 @{text X}. Note that we do not define an automaton here, we merely relate two sets |
411 @{text X}. Note that we do not define an automaton here, we merely relate two sets |
411 (with respect to a character). In our concrete example we have |
412 (with respect to a character). In our concrete example we have |
412 @{term "X\<^isub>1 \<Turnstile>c\<Rightarrow> X\<^isub>2"}, @{term "X\<^isub>1 \<Turnstile>d\<Rightarrow> X\<^isub>3"} with @{text d} being any |
413 @{term "X\<^isub>1 \<Turnstile>c\<Rightarrow> X\<^isub>2"}, @{term "X\<^isub>1 \<Turnstile>d\<Rightarrow> X\<^isub>3"} with @{text d} being any |
413 other character than @{text c}, and @{term "X\<^isub>3 \<Turnstile>d\<Rightarrow> X\<^isub>3"} for any @{text d}. |
414 other character than @{text c}, and @{term "X\<^isub>3 \<Turnstile>d\<Rightarrow> X\<^isub>3"} for any @{text d}. |
414 |
415 |
415 Next we build an equational system that |
416 Next we build an \emph{initial} equational system that |
416 contains an equation for each equivalence class. Suppose we have |
417 contains an equation for each equivalence class. Suppose we have |
417 the equivalence classes @{text "X\<^isub>1,\<dots>,X\<^isub>n"}, there must be one and only one that |
418 the equivalence classes @{text "X\<^isub>1,\<dots>,X\<^isub>n"}, there must be one and only one that |
418 contains the empty string @{text "[]"} (since equivalence classes are disjoint). |
419 contains the empty string @{text "[]"} (since equivalence classes are disjoint). |
419 Let us assume @{text "[] \<in> X\<^isub>1"}. We build the following equational system |
420 Let us assume @{text "[] \<in> X\<^isub>1"}. We build the following equational system |
420 |
421 |
426 @{text "X\<^isub>n"} & @{text "="} & @{text "(Y\<^isub>n\<^isub>1, CHAR c\<^isub>n\<^isub>1) + \<dots> + (Y\<^isub>n\<^isub>q, CHAR c\<^isub>n\<^isub>q)"}\\ |
427 @{text "X\<^isub>n"} & @{text "="} & @{text "(Y\<^isub>n\<^isub>1, CHAR c\<^isub>n\<^isub>1) + \<dots> + (Y\<^isub>n\<^isub>q, CHAR c\<^isub>n\<^isub>q)"}\\ |
427 \end{tabular} |
428 \end{tabular} |
428 \end{center} |
429 \end{center} |
429 |
430 |
430 \noindent |
431 \noindent |
431 where the terms @{text "(Y\<^isub>i\<^isub>j, CHAR c\<^isub>i\<^isub>j)"} stand for all transitions |
432 where the terms @{text "(Y\<^isub>i\<^isub>j, CHAR c\<^isub>i\<^isub>j)"} |
432 @{term "Y\<^isub>i\<^isub>j \<Turnstile>c\<^isub>i\<^isub>j\<Rightarrow> X\<^isub>i"}. Our internal represeantation for the right-hand |
433 stand for all transitions @{term "Y\<^isub>i\<^isub>j \<Turnstile>c\<^isub>i\<^isub>j\<Rightarrow> |
433 sides are sets of terms. |
434 X\<^isub>i"}. There can only be |
434 There can only be finitely many such |
435 finitely many such terms in a right-hand side since there are only finitely many |
435 terms since there are only finitely many equivalence classes |
436 equivalence classes and only finitely many characters. The term @{text |
436 and only finitely many characters. |
437 "\<lambda>(EMPTY)"} in the first equation acts as a marker for the equivalence class |
437 The term @{text "\<lambda>(EMPTY)"} in the first equation acts as a marker for the equivalence |
438 containing @{text "[]"}.\footnote{Note that we mark, roughly speaking, the |
438 class containing @{text "[]"}.\footnote{Note that we mark, roughly speaking, the |
|
439 single ``initial'' state in the equational system, which is different from |
439 single ``initial'' state in the equational system, which is different from |
440 the method by Brzozowski \cite{Brzozowski64}, where he marks the ``terminal'' |
440 the method by Brzozowski \cite{Brzozowski64}, where he marks the |
441 states. We are forced to set up the equational system in our way, because |
441 ``terminal'' states. We are forced to set up the equational system in our |
442 the Myhill-Nerode relation determines the ``direction'' of the transitions. |
442 way, because the Myhill-Nerode relation determines the ``direction'' of the |
443 The successor ``state'' of an equivalence class @{text Y} can be reached by adding |
443 transitions. The successor ``state'' of an equivalence class @{text Y} can |
444 characters to the end of @{text Y}. This is also the reason why we have to use |
444 be reached by adding characters to the end of @{text Y}. This is also the |
445 our reverse version of Arden's lemma.} |
445 reason why we have to use our reverse version of Arden's lemma.} |
446 Overloading the function @{text \<calL>} for the two kinds of terms in the |
446 Overloading the function @{text \<calL>} for the two kinds of terms in the |
447 equational system, we have |
447 equational system, we have |
448 |
448 |
449 \begin{center} |
449 \begin{center} |
450 @{text "\<calL>(Y, r) \<equiv>"} % |
450 @{text "\<calL>(Y, r) \<equiv>"} % |
451 @{thm (rhs) L_rhs_item.simps(2)[where X="Y" and r="r", THEN eq_reflection]}\hspace{10mm} |
451 @{thm (rhs) L_rhs_item.simps(2)[where X="Y" and r="r", THEN eq_reflection]}\hspace{10mm} |
452 @{thm L_rhs_item.simps(1)[where r="r", THEN eq_reflection]} |
452 @{thm L_rhs_item.simps(1)[where r="r", THEN eq_reflection]} |
453 \end{center} |
453 \end{center} |
454 |
454 |
455 \noindent |
455 \noindent |
456 we can prove for @{text "X\<^isub>2\<^isub>.\<^isub>.\<^isub>n"} that the following equations |
456 and we can prove for @{text "X\<^isub>2\<^isub>.\<^isub>.\<^isub>n"} that the following equations |
457 % |
457 % |
458 \begin{equation}\label{inv1} |
458 \begin{equation}\label{inv1} |
459 @{text "X\<^isub>i = \<calL>(Y\<^isub>i\<^isub>1, CHAR c\<^isub>i\<^isub>1) \<union> \<dots> \<union> \<calL>(Y\<^isub>i\<^isub>q, CHAR c\<^isub>i\<^isub>q)"}. |
459 @{text "X\<^isub>i = \<calL>(Y\<^isub>i\<^isub>1, CHAR c\<^isub>i\<^isub>1) \<union> \<dots> \<union> \<calL>(Y\<^isub>i\<^isub>q, CHAR c\<^isub>i\<^isub>q)"}. |
460 \end{equation} |
460 \end{equation} |
461 |
461 |
467 \end{equation} |
467 \end{equation} |
468 |
468 |
469 \noindent |
469 \noindent |
470 The reason for adding the @{text \<lambda>}-marker to our equational system is |
470 The reason for adding the @{text \<lambda>}-marker to our equational system is |
471 to obtain this equation: it only holds in this form since none of |
471 to obtain this equation: it only holds in this form since none of |
472 the other terms contain the empty string. Since we use sets for representing |
472 the other terms contain the empty string. |
473 the right-hans side we can write \eqref{inv1} and \eqref{inv2} more |
473 |
474 concisely for an equation of the form @{text "X = rhs"} as |
474 Our represeantation of the equations are pairs, |
|
475 where the first component is an equivalence class and the second component |
|
476 is a set of terms standing for the right-hand side. Given a set of equivalence |
|
477 classes @{text CS}, our initial equational system @{term "Init CS"} is thus |
|
478 defined as |
|
479 |
|
480 \begin{center} |
|
481 \begin{tabular}{rcl} |
|
482 @{thm (lhs) Init_rhs_def} & @{text "\<equiv>"} & |
|
483 @{text "if"}~@{term "[] \<in> X"}\\ |
|
484 & & @{text "then"}~@{term "{Trn Y (CHAR c) | Y c. Y \<in> CS \<and> Y \<Turnstile>c\<Rightarrow> X} \<union> {Lam EMPTY}"}\\ |
|
485 & & @{text "else"}~@{term "{Trn Y (CHAR c)| Y c. Y \<in> CS \<and> Y \<Turnstile>c\<Rightarrow> X}"}\\ |
|
486 @{thm (lhs) Init_def} & @{text "\<equiv>"} & @{thm (rhs) Init_def} |
|
487 \end{tabular} |
|
488 \end{center} |
|
489 |
|
490 |
|
491 |
|
492 \noindent |
|
493 Because we use sets of terms |
|
494 for representing the right-hand sides in the equational system we can |
|
495 prove \eqref{inv1} and \eqref{inv2} more concisely as |
475 % |
496 % |
476 \begin{equation}\label{inv} |
497 \begin{lemma}\label{inv} |
477 \mbox{@{text "X = \<Union> (\<calL> ` rhs)"}} |
498 If @{thm (prem 1) test} then @{text "X = \<Union> \<calL> ` rhs"}. |
478 \end{equation} |
499 \end{lemma} |
479 |
500 |
480 \noindent |
501 \noindent |
481 Our proof of Thm.~\ref{myhillnerodeone} will proceed by transforming the |
502 Our proof of Thm.~\ref{myhillnerodeone} will proceed by transforming the |
482 equational system into a \emph{solved form} maintaining the invariant |
503 initial equational system into one in \emph{solved form} maintaining the invariant |
483 \eqref{inv}. From the solved form we will be able to read |
504 in Lemma \ref{inv}. From the solved form we will be able to read |
484 off the regular expressions. |
505 off the regular expressions. |
485 |
506 |
486 In order to transform an equational system into solved form, we have two main |
507 In order to transform an equational system into solved form, we have two |
487 operations: one that takes an equation of the form @{text "X = rhs"} and removes |
508 operations: one that takes an equation of the form @{text "X = rhs"} and removes |
488 the recursive occurences of @{text X} in the @{text rhs} using our variant of Arden's |
509 the recursive occurences of @{text X} in the @{text rhs} using our variant of Arden's |
489 Lemma. The other operation takes an equation @{text "X = rhs"} |
510 Lemma. The other operation takes an equation @{text "X = rhs"} |
490 and substitutes @{text X} throughout the rest of the equational system |
511 and substitutes @{text X} throughout the rest of the equational system |
491 adjusting the remaining regular expressions approriately. To define this adjustment |
512 adjusting the remaining regular expressions approriately. To define this adjustment |
533 the regular expression corresponding to the deleted terms; finally we append this |
554 the regular expression corresponding to the deleted terms; finally we append this |
534 regular expression to @{text "xrhs"} and union it up with @{text rhs'}. When we use |
555 regular expression to @{text "xrhs"} and union it up with @{text rhs'}. When we use |
535 the substitution operation we will arrange it so that @{text "xrhs"} does not contain |
556 the substitution operation we will arrange it so that @{text "xrhs"} does not contain |
536 any occurence of @{text X}. |
557 any occurence of @{text X}. |
537 |
558 |
538 We lift these two operation to work over equational systems @{text ES}: @{const Subst_all} |
559 With these two operation in place, we can define the operation that removes one equation |
|
560 from an equational systems @{text ES}. The operation @{const Subst_all} |
539 substitutes an equation @{text "X = xrhs"} throughout an equational system @{text ES}; |
561 substitutes an equation @{text "X = xrhs"} throughout an equational system @{text ES}; |
540 @{const Remove} completely removes such an equaution from @{text ES} by substituting |
562 @{const Remove} then completely removes such an equation from @{text ES} by substituting |
541 it to the rest of the equational system, but first removing all recursive occurences |
563 it to the rest of the equational system, but first eliminating all recursive occurences |
542 of @{text X} by applying @{const Arden} to @{text "xrhs"}. |
564 of @{text X} by applying @{const Arden} to @{text "xrhs"}. |
543 |
565 |
544 \begin{center} |
566 \begin{center} |
545 \begin{tabular}{rcl} |
567 \begin{tabular}{rcl} |
546 @{thm (lhs) Subst_all_def} & @{text "\<equiv>"} & @{thm (rhs) Subst_all_def}\\ |
568 @{thm (lhs) Subst_all_def} & @{text "\<equiv>"} & @{thm (rhs) Subst_all_def}\\ |
547 @{thm (lhs) Remove_def} & @{text "\<equiv>"} & @{thm (rhs) Remove_def} |
569 @{thm (lhs) Remove_def} & @{text "\<equiv>"} & @{thm (rhs) Remove_def} |
548 \end{tabular} |
570 \end{tabular} |
549 \end{center} |
571 \end{center} |
|
572 |
|
573 \noindent |
|
574 Finially, we can define how an equational system should be solved. For this |
|
575 we will iterate the elimination of an equation until only one equation |
|
576 will be left in the system. However, we not just want to have any equation |
|
577 as being the last one, but the one for which we want to calculate the regular |
|
578 expression. Therefore we define the iteration step so that it chooses an |
|
579 equation with an equivalence class that is not @{text X}. This allows us to |
|
580 control, which equation will be the last. We use again Hilbert's choice operator, |
|
581 written @{text SOME}, to chose an equation in a equational system @{text ES}. |
|
582 |
|
583 \begin{center} |
|
584 \begin{tabular}{rc@ {\hspace{4mm}}r@ {\hspace{1mm}}l} |
|
585 @{thm (lhs) Iter_def} & @{text "\<equiv>"}~~\mbox{} & \multicolumn{2}{@ {\hspace{-4mm}}l}{@{text "let"}}\\ |
|
586 & & @{text "(Y, yrhs) ="} & @{term "SOME (Y, yrhs). (Y, yrhs) \<in> ES \<and> X \<noteq> Y"} \\ |
|
587 & & \multicolumn{2}{@ {\hspace{-4mm}}l}{@{text "in"}~~@{term "Remove ES Y yrhs"}}\\ |
|
588 \end{tabular} |
|
589 \end{center} |
|
590 |
|
591 \noindent |
|
592 The last definition in our |
|
593 |
|
594 \begin{center} |
|
595 @{thm Solve_def} |
|
596 \end{center} |
|
597 |
|
598 |
|
599 \begin{center} |
|
600 @{thm while_rule} |
|
601 \end{center} |
550 *} |
602 *} |
551 |
603 |
552 section {* Regular Expressions Generate Finitely Many Partitions *} |
604 |
|
605 |
|
606 |
|
607 section {* Myhill-Nerode, Second Part *} |
553 |
608 |
554 text {* |
609 text {* |
555 |
610 |
556 \begin{theorem} |
611 \begin{theorem} |
557 Given @{text "r"} is a regular expressions, then @{thm rexp_imp_finite}. |
612 Given @{text "r"} is a regular expressions, then @{thm rexp_imp_finite}. |