tm2: thys2/Hoare_tm_basis.thy@1cde7bf45858 (annotated)

25 a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1	header {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2	Separation logic for TM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	3	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	4
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	5	theory Hoare_tm_basis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	6	imports Hoare_gen My_block Data_slot MLs Term_pat (* BaseSS *) Subgoal Sort_ops
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	7	Thm_inst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	8	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	9
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	10	section {* Aux lemmas on seperation algebra *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	11
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	12	lemma cond_eq: "((<b> \<and>* p) s) = (b \<and> (p s))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	13	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	14	assume "(<b> \<and>* p) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	15	from condD[OF this] show " b \<and> p s" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	16	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	17	assume "b \<and> p s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	18	hence b and "p s" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	19	from `b` have "(<b>) 0" by (auto simp:pasrt_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	20	moreover have "s = 0 + s" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	21	moreover have "0 ## s" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	22	moreover note `p s`
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	23	ultimately show "(<b> \<and>* p) s" by (auto intro!:sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	24	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	25
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	26	lemma cond_eqI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	27	assumes h: "b \<Longrightarrow> r = s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	28	shows "(<b> r) = (<b> s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	29	proof(cases b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	30	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	31	from h[OF this] show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	32	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	33	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	34	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	35	by (unfold sep_conj_def set_ins_def pasrt_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	36	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	37
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	38	lemma EXS_intro:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	39	assumes h: "(P x) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	40	shows "((EXS x. P(x))) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	41	by (smt h pred_ex_def sep_conj_impl)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	42
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	43	lemma EXS_elim:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	44	assumes "(EXS x. P x) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	45	obtains x where "P x s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	46	by (metis assms pred_ex_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	47
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	48	lemma EXS_eq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	49	fixes x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	50	assumes h: "Q (p x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	51	and h1: "\<And> y s. \<lbrakk>p y s\<rbrakk> \<Longrightarrow> y = x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	52	shows "p x = (EXS x. p x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	53	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	54	fix s
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	55	show "p x s = (EXS x. p x) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	56	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	57	assume "p x s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	58	thus "(EXS x. p x) s" by (auto simp:pred_ex_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	59	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	60	assume "(EXS x. p x) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	61	thus "p x s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	62	proof(rule EXS_elim)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	63	fix y
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	64	assume "p y s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	65	from this[unfolded h1[OF this]] show "p x s" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	66	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	67	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	68	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	69
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	70	section {* The TM assembly language *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	71
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	72	subsection {* The TM assembly language *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	73
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	74	datatype taction = W0 \| W1 \| L \| R
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	75
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	76	datatype tstate = St nat
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	77
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	78	fun nat_of :: "tstate \<Rightarrow> nat"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	79	where "nat_of (St n) = n"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	80
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	81	declare [[coercion_enabled]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	82
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	83	declare [[coercion "St :: nat \<Rightarrow> tstate"]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	84
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	85	type_synonym tm_inst = "(taction \<times> tstate) \<times> (taction \<times> tstate)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	86
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	87	datatype Block = Oc \| Bk
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	88
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	89	datatype tpg =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	90	TInstr tm_inst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	91	\| TLabel tstate
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	92	\| TSeq tpg tpg
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	93	\| TLocal "(tstate \<Rightarrow> tpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	94
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	95	notation TLocal (binder "TL " 10)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	96
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	97	abbreviation tprog_instr :: "tm_inst \<Rightarrow> tpg" ("\<guillemotright> _" [61] 61)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	98	where "\<guillemotright> i \<equiv> TInstr i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	99
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	100	abbreviation tprog_seq :: "tpg \<Rightarrow> tpg \<Rightarrow> tpg" (infixr ";" 52)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	101	where "c1 ; c2 \<equiv> TSeq c1 c2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	102
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	103	subsection {* The notion of assembling *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	104
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	105	datatype tresource =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	106	TM int Block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	107	\| TC nat tm_inst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	108	\| TAt nat
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	109	\| TPos int
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	110	\| TFaults nat
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	111
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	112	type_synonym tassert = "tresource set \<Rightarrow> bool"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	113
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	114	definition "sg e = (\<lambda> s. s = e)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	115
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	116	primrec tassemble_to :: "tpg \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> tassert"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	117	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	118	"tassemble_to (TInstr ai) i j = (sg ({TC i ai}) ** <(j = i + 1)>)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	119	"tassemble_to (TSeq p1 p2) i j = (EXS j'. (tassemble_to p1 i j') ** (tassemble_to p2 j' j))" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	120	"tassemble_to (TLocal fp) i j = (EXS l. (tassemble_to (fp l) i j))" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	121	"tassemble_to (TLabel l) i j = <(i = j \<and> j = nat_of l)>"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	122
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	123	declare tassemble_to.simps [simp del]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	124
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	125	lemmas tasmp = tassemble_to.simps (2, 3, 4)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	126
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	127	abbreviation tasmb_to :: "nat \<Rightarrow> tpg \<Rightarrow> nat \<Rightarrow> tassert" ("_ :[ _ ]: _" [60, 60, 60] 60)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	128	where "i :[ tpg ]: j \<equiv> tassemble_to tpg i j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	129
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	130	section {* Automatic checking of assemblility *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	131
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	132	subsection {* Basic theories *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	133
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	134	text {* @{text cpg} is the type for skeleton assembly language. Every constructor
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	135	corresponds to one in the definition of @{text tpg} *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	136
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	137	datatype cpg =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	138	CInstr tm_inst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	139	\| CLabel nat
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	140	\| CSeq cpg cpg
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	141	\| CLocal cpg
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	142
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	143	text {* Conversion from @{text cpg} to @{text tpg}*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	144
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	145	fun c2t :: "tstate list \<Rightarrow> cpg \<Rightarrow> tpg" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	146	"c2t env (CInstr ((act0, St st0), (act1, St st1))) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	147	TInstr ((act0, env!st0), (act1, env!st1))" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	148	"c2t env (CLabel l) = TLabel (env!l)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	149	"c2t env (CSeq cpg1 cpg2) = TSeq (c2t env cpg1) (c2t env cpg2)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	150	"c2t env (CLocal cpg) = TLocal (\<lambda> x. c2t (x#env) cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	151
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	152	text {* Well formedness checking of @{text cpg} *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	153
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	154	datatype status = Free \| Bound
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	155
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	156	text {* @{text wf_cpg_test} is the checking function *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	157
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	158	fun wf_cpg_test :: "status list \<Rightarrow> cpg \<Rightarrow> (bool \<times> status list)" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	159	"wf_cpg_test sts (CInstr ((a0, l0), (a1, l1))) = ((l0 < length sts \<and> l1 < length sts), sts)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	160	"wf_cpg_test sts (CLabel l) = ((l < length sts) \<and> sts!l = Free, sts[l:=Bound])" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	161	"wf_cpg_test sts (CSeq c1 c2) = (let (b1, sts1) = wf_cpg_test sts c1;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	162	(b2, sts2) = wf_cpg_test sts1 c2 in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	163	(b1 \<and> b2, sts2))" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	164	"wf_cpg_test sts (CLocal body) = (let (b, sts') = (wf_cpg_test (Free#sts) body) in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	165	(b, tl sts'))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	166
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	167	text {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	168	The meaning the following @{text "c2p"} has to be understood together with
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	169	the following lemma @{text "wf_cpg_test_correct"}. The intended use of @{text "c2p"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	170	is when the elements of @{text "sts"} are all @{text "Free"}, in which case,
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	171	the precondition on @{text "f"}, i.e.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	172	@{text "\<forall> x. ((length x = length sts \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	173	(\<forall> k < length sts. sts!k = Bound \<longrightarrow> (x!k = f i k))"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	174	is trivially true.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	175	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	176	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	177	"c2p sts i cpg j =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	178	(\<exists> f. \<forall> x. ((length x = length sts \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	179	(\<forall> k < length sts. sts!k = Bound \<longrightarrow> (x!k = f i k)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	180	\<longrightarrow> (\<exists> s. (i:[(c2t x cpg)]:j) s)))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	181
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	182	instantiation status :: order
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	183	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	184	definition less_eq_status_def: "((st1::status) \<le> st2) = (st1 = Free \<or> st2 = Bound)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	185	definition less_status_def: "((st1::status) < st2) = (st1 \<le> st2 \<and> st1 \<noteq> st2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	186	instance
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	187	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	188	fix x y
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	189	show "(x < (y::status)) = (x \<le> y \<and> \<not> y \<le> x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	190	by (metis less_eq_status_def less_status_def status.distinct(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	191	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	192	fix x show "x \<le> (x::status)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	193	by (metis (full_types) less_eq_status_def status.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	194	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	195	fix x y z
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	196	assume "x \<le> y" "y \<le> (z::status)" show "x \<le> (z::status)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	197	by (metis `x \<le> y` `y \<le> z` less_eq_status_def status.distinct(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	198	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	199	fix x y
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	200	assume "x \<le> y" "y \<le> (x::status)" show "x = y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	201	by (metis `x \<le> y` `y \<le> x` less_eq_status_def status.distinct(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	202	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	203	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	204
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	205	instantiation list :: (order)order
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	206	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	207	definition "((sts::('a::order) list) \<le> sts') =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	208	((length sts = length sts') \<and> (\<forall> i < length sts. sts!i \<le> sts'!i))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	209	definition "((sts::('a::order) list) < sts') = ((sts \<le> sts') \<and> sts \<noteq> sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	210
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	211	lemma anti_sym: assumes h: "x \<le> (y::'a list)" "y \<le> x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	212	shows "x = y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	213	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	214	from h have "length x = length y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	215	by (metis less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	216	moreover from h have " (\<forall> i < length x. x!i = y!i)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	217	by (metis (full_types) antisym_conv less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	218	ultimately show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	219	by (metis nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	220	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	221
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	222	lemma refl: "x \<le> (x::('a::order) list)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	223	apply (unfold less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	224	by (metis order_refl)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	225
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	226	instance
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	227	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	228	fix x y
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	229	show "((x::('a::order) list) < y) = (x \<le> y \<and> \<not> y \<le> x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	230	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	231	assume h: "x \<le> y \<and> \<not> y \<le> x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	232	have "x \<noteq> y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	233	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	234	assume "x = y" with h have "\<not> (x \<le> x)" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	235	with refl show False by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	236	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	237	moreover from h have "x \<le> y" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	238	ultimately show "x < y" by (auto simp:less_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	239	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	240	assume h: "x < y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	241	hence hh: "x \<le> y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	242	by (metis less_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	243	moreover have "\<not> y \<le> x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	244	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	245	assume "y \<le> x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	246	from anti_sym[OF hh this] have "x = y" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	247	with h show False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	248	by (metis less_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	249	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	250	ultimately show "x \<le> y \<and> \<not> y \<le> x" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	251	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	252	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	253	fix x from refl show "(x::'a list) \<le> x" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	254	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	255	fix x y assume "(x::'a list) \<le> y" "y \<le> x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	256	from anti_sym[OF this] show "x = y" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	257	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	258	fix x y z
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	259	assume h: "(x::'a list) \<le> y" "y \<le> z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	260	show "x \<le> z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	261	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	262	from h have "length x = length z" by (metis less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	263	moreover from h have "\<forall> i < length x. x!i \<le> z!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	264	by (metis less_eq_list_def order_trans)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	265	ultimately show "x \<le> z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	266	by (metis less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	267	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	268	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	269	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	270
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	271	lemma sts_bound_le: "sts \<le> sts[l := Bound]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	272	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	273	have "length sts = length (sts[l := Bound])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	274	by (metis length_list_update)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	275	moreover have "\<forall> i < length sts. sts!i \<le> (sts[l:=Bound])!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	276	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	277	{ fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	278	assume "i < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	279	have "sts ! i \<le> sts[l := Bound] ! i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	280	proof(cases "l < length sts")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	281	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	282	note le_l = this
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	283	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	284	proof(cases "l = i")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	285	case True with le_l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	286	have "sts[l := Bound] ! i = Bound" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	287	thus ?thesis by (metis less_eq_status_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	288	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	289	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	290	with le_l have "sts[l := Bound] ! i = sts!i" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	291	thus ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	292	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	293	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	294	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	295	hence "sts[l := Bound] = sts" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	296	thus ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	297	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	298	} thus ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	299	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	300	ultimately show ?thesis by (metis less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	301	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	302
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	303	lemma sts_tl_le:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	304	assumes "sts \<le> sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	305	shows "tl sts \<le> tl sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	306	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	307	from assms have "length (tl sts) = length (tl sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	308	by (metis (hide_lams, no_types) length_tl less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	309	moreover from assms have "\<forall> i < length (tl sts). (tl sts)!i \<le> (tl sts')!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	310	by (smt calculation length_tl less_eq_list_def nth_tl)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	311	ultimately show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	312	by (metis less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	313	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	314
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	315	lemma wf_cpg_test_le:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	316	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	317	shows "sts \<le> sts'" using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	318	proof(induct cpg arbitrary:sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	319	case (CInstr instr sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	320	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	321	by (metis surj_pair tstate.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	322	from CInstr[unfolded this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	323	show ?case by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	324	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	325	case (CLabel l sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	326	thus ?case by (auto simp:sts_bound_le)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	327	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	328	case (CLocal body sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	329	from this(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	330	obtain sts1 where h: "wf_cpg_test (Free # sts) body = (True, sts1)" "sts' = tl sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	331	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	332	from CLocal(1)[OF this(1)] have "Free # sts \<le> sts1" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	333	from sts_tl_le[OF this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	334	have "sts \<le> tl sts1" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	335	from this[folded h(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	336	show ?case .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	337	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	338	case (CSeq cpg1 cpg2 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	339	from this(3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	340	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	341	by (auto split:prod.splits dest!:CSeq(1, 2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	342	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	343
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	344	lemma c2p_assert:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	345	assumes "(c2p [] i cpg j)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	346	shows "\<exists> s. (i :[(c2t [] cpg)]: j) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	347	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	348	from assms obtain f where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	349	h [rule_format]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	350	"\<forall> x. length x = length [] \<and> (\<forall>k<length []. [] ! k = Bound \<longrightarrow> (x ! k = f i k)) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	351	(\<exists> s. (i :[ c2t [] cpg ]: j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	352	by (unfold c2p_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	353	have "length [] = length [] \<and> (\<forall>k<length []. [] ! k = Bound \<longrightarrow> ([] ! k = f i k))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	354	by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	355	from h[OF this] obtain s where "(i :[ c2t [] cpg ]: j) s" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	356	thus ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	357	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	358
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	359	definition "sts_disj sts sts' = ((length sts = length sts') \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	360	(\<forall> i < length sts. \<not>(sts!i = Bound \<and> sts'!i = Bound)))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	361
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	362	instantiation list :: (plus)plus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	363	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	364	fun plus_list :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	365	"plus_list [] ys = []" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	366	"plus_list (x#xs) [] = []" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	367	"plus_list (x#xs) (y#ys) = ((x + y)#plus_list xs ys)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	368	instance ..
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	369	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	370
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	371	instantiation list :: (minus)minus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	372	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	373	fun minus_list :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	374	"minus_list [] ys = []" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	375	"minus_list (x#xs) [] = []" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	376	"minus_list (x#xs) (y#ys) = ((x - y)#minus_list xs ys)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	377	instance ..
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	378	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	379
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	380	instantiation status :: minus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	381	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	382	fun minus_status :: "status \<Rightarrow> status \<Rightarrow> status" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	383	"minus_status Bound Bound = Free" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	384	"minus_status Bound Free = Bound" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	385	"minus_status Free x = Free "
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	386	instance ..
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	387	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	388
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	389	instantiation status :: plus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	390	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	391	fun plus_status :: "status \<Rightarrow> status \<Rightarrow> status" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	392	"plus_status Free x = x" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	393	"plus_status Bound x = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	394	instance ..
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	395	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	396
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	397	lemma length_sts_plus:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	398	assumes "length (sts1 :: status list) = length sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	399	shows "length (sts1 + sts2) = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	400	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	401	proof(induct sts1 arbitrary: sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	402	case Nil
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	403	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	404	by (metis plus_list.simps(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	405	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	406	case (Cons s' sts' sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	407	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	408	proof(cases "sts2 = []")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	409	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	410	with Cons show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	411	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	412	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	413	then obtain s'' sts'' where eq_sts2: "sts2 = s''#sts''"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	414	by (metis neq_Nil_conv)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	415	with Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	416	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	417	by (metis length_Suc_conv list.inject plus_list.simps(3))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	418	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	419	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	420
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	421	lemma nth_sts_plus:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	422	assumes "i < length ((sts1::status list) + sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	423	shows "(sts1 + sts2)!i = sts1!i + sts2!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	424	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	425	proof(induct sts1 arbitrary:i sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	426	case (Nil i sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	427	thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	428	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	429	case (Cons s' sts' i sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	430	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	431	proof(cases "sts2 = []")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	432	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	433	with Cons show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	434	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	435	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	436	then obtain s'' sts'' where eq_sts2: "sts2 = s''#sts''"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	437	by (metis neq_Nil_conv)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	438	with Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	439	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	440	by (smt list.size(4) nth_Cons' plus_list.simps(3))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	441	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	442	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	443
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	444	lemma nth_sts_minus:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	445	assumes "i < length ((sts1::status list) - sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	446	shows "(sts1 - sts2)!i = sts1!i - sts2!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	447	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	448	proof(induct arbitrary:i rule:minus_list.induct)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	449	case (3 x xs y ys i)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	450	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	451	proof(cases i)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	452	case 0
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	453	thus ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	454	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	455	case (Suc k)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	456	with 3(2) have "k < length (xs - ys)" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	457	from 3(1)[OF this] and Suc
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	458	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	459	by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	460	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	461	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	462
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	463	fun taddr :: "tresource \<Rightarrow> nat" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	464	"taddr (TC i instr) = i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	465
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	466	lemma tassemble_to_range:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	467	assumes "(i :[tpg]: j) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	468	shows "(i \<le> j) \<and> (\<forall> r \<in> s. i \<le> taddr r \<and> taddr r < j)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	469	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	470	proof(induct tpg arbitrary: i j s)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	471	case (TInstr instr i j s)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	472	obtain a0 l0 a1 l1 where "instr = ((a0, l0), (a1, l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	473	by (metis pair_collapse)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	474	with TInstr
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	475	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	476	apply (simp add:tassemble_to.simps sg_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	477	by (smt `instr = ((a0, l0), a1, l1)` cond_eq cond_true_eq1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	478	empty_iff insert_iff le_refl lessI sep.mult_commute taddr.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	479	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	480	case (TLabel l i j s)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	481	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	482	apply (simp add:tassemble_to.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	483	by (smt equals0D pasrt_def set_zero_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	484	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	485	case (TSeq c1 c2 i j s)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	486	from TSeq(3) obtain s1 s2 j' where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	487	h: "(i :[ c1 ]: j') s1" "(j' :[ c2 ]: j) s2" "s1 ## s2" "s = s1 + s2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	488	by (auto simp:tassemble_to.simps elim!:EXS_elim sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	489	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	490	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	491	{ fix r
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	492	assume "r \<in> s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	493	with h (3, 4) have "r \<in> s1 \<or> r \<in> s2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	494	by (auto simp:set_ins_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	495	hence "i \<le> j \<and> i \<le> taddr r \<and> taddr r < j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	496	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	497	assume " r \<in> s1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	498	from TSeq(1)[OF h(1)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	499	have "i \<le> j'" "(\<forall>r\<in>s1. i \<le> taddr r \<and> taddr r < j')" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	500	from this(2)[rule_format, OF `r \<in> s1`]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	501	have "i \<le> taddr r" "taddr r < j'" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	502	with TSeq(2)[OF h(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	503	show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	504	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	505	assume "r \<in> s2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	506	from TSeq(2)[OF h(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	507	have "j' \<le> j" "(\<forall>r\<in>s2. j' \<le> taddr r \<and> taddr r < j)" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	508	from this(2)[rule_format, OF `r \<in> s2`]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	509	have "j' \<le> taddr r" "taddr r < j" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	510	with TSeq(1)[OF h(1)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	511	show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	512	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	513	} thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	514	by (smt TSeq.hyps(1) TSeq.hyps(2) h(1) h(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	515	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	516	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	517	case (TLocal body i j s)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	518	from this(2) obtain l s' where "(i :[ body l ]: j) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	519	by (simp add:tassemble_to.simps, auto elim!:EXS_elim)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	520	from TLocal(1)[OF this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	521	show ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	522	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	523
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	524	lemma c2p_seq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	525	assumes "c2p sts1 i cpg1 j'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	526	"c2p sts2 j' cpg2 j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	527	"sts_disj sts1 sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	528	shows "(c2p (sts1 + sts2) i (CSeq cpg1 cpg2) j)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	529	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	530	from assms(1)[unfolded c2p_def]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	531	obtain f1 where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	532	h1[rule_format]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	533	"\<forall>x. length x = length sts1 \<and> (\<forall>k<length sts1. sts1 ! k = Bound \<longrightarrow> (x ! k = f1 i k)) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	534	Ex (i :[ c2t x cpg1 ]: j')" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	535	from assms(2)[unfolded c2p_def]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	536	obtain f2 where h2[rule_format]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	537	"\<forall>x. length x = length sts2 \<and> (\<forall>k<length sts2. sts2 ! k = Bound \<longrightarrow> (x ! k = f2 j' k)) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	538	Ex (j' :[ c2t x cpg2 ]: j)" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	539	from assms(3)[unfolded sts_disj_def]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	540	have h3: "length sts1 = length sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	541	and h4[rule_format]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	542	"(\<forall>i<length sts1. \<not> (sts1 ! i = Bound \<and> sts2 ! i = Bound))" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	543	let ?f = "\<lambda> i k. if (sts1!k = Bound) then f1 i k else f2 j' k"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	544	{ fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	545	assume h5: "length x = length (sts1 + sts2)" and
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	546	h6[rule_format]: "(\<forall>k<length (sts1 + sts2). (sts1 + sts2) ! k = Bound \<longrightarrow> x ! k = ?f i k)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	547	obtain s1 where h_s1: "(i :[ c2t x cpg1 ]: j') s1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	548	proof(atomize_elim, rule h1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	549	from h3 h5 have "length x = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	550	by (metis length_sts_plus)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	551	moreover {
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	552	fix k assume hh: "k<length sts1" "sts1 ! k = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	553	from hh(1) h3 h5 have p1: "k < length (sts1 + sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	554	by (metis calculation)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	555	from h3 hh(2) have p2: "(sts1 + sts2)!k = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	556	by (metis nth_sts_plus p1 plus_status.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	557	from h6[OF p1 p2] have "x ! k = (if sts1 ! k = Bound then f1 i k else f2 j' k)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	558	with hh(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	559	have "x ! k = f1 i k" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	560	} ultimately show "length x = length sts1 \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	561	(\<forall>k<length sts1. sts1 ! k = Bound \<longrightarrow> (x ! k = f1 i k))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	562	by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	563	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	564	obtain s2 where h_s2: "(j' :[ c2t x cpg2 ]: j) s2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	565	proof(atomize_elim, rule h2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	566	from h3 h5 have "length x = length sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	567	by (metis length_sts_plus)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	568	moreover {
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	569	fix k
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	570	assume hh: "k<length sts2" "sts2 ! k = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	571	from hh(1) h3 h5 have p1: "k < length (sts1 + sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	572	by (metis calculation)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	573	from hh(1) h3 h5 hh(2) have p2: "(sts1 + sts2)!k = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	574	by (metis `length sts1 = length sts2 \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	575	(\<forall>i<length sts1. \<not> (sts1 ! i = Bound \<and> sts2 ! i = Bound))`
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	576	calculation nth_sts_plus plus_status.simps(1) status.distinct(1) status.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	577	from h6[OF p1 p2] have "x ! k = (if sts1 ! k = Bound then f1 i k else f2 j' k)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	578	moreover from h4[OF hh(1)[folded h3]] hh(2) have "sts1!k \<noteq> Bound" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	579	ultimately have "x!k = f2 j' k" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	580	} ultimately show "length x = length sts2 \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	581	(\<forall>k<length sts2. sts2 ! k = Bound \<longrightarrow> (x ! k = f2 j' k))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	582	by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	583	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	584	have h_s12: "s1 ## s2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	585	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	586	{ fix r assume h: "r \<in> s1" "r \<in> s2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	587	with h_s1 h_s2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	588	have "False"by (smt tassemble_to_range)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	589	} thus ?thesis by (auto simp:set_ins_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	590	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	591	have "(EXS j'. i :[ c2t x cpg1 ]: j' \<and>* j' :[ c2t x cpg2 ]: j) (s1 + s2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	592	proof(rule_tac x = j' in EXS_intro)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	593	from h_s1 h_s2 h_s12
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	594	show "(i :[ c2t x cpg1 ]: j' \<and>* j' :[ c2t x cpg2 ]: j) (s1 + s2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	595	by (metis sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	596	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	597	hence "\<exists> s. (i :[ c2t x (CSeq cpg1 cpg2) ]: j) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	598	by (auto simp:tassemble_to.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	599	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	600	hence "\<exists>f. \<forall>x. length x = length (sts1 + sts2) \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	601	(\<forall>k<length (sts1 + sts2). (sts1 + sts2) ! k = Bound \<longrightarrow> x ! k = f i k) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	602	Ex (i :[ c2t x (CSeq cpg1 cpg2) ]: j)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	603	by (rule_tac x = ?f in exI, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	604	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	605	by(unfold c2p_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	606	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	607
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	608	lemma plus_list_len:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	609	"length ((sts1::status list) + sts2) = min (length sts1) (length sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	610	by(induct rule:plus_list.induct, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	611
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	612	lemma minus_list_len:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	613	"length ((sts1::status list) - sts2) = min (length sts1) (length sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	614	by(induct rule:minus_list.induct, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	615
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	616	lemma sts_le_comb:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	617	assumes "sts1 \<le> sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	618	and "sts2 \<le> sts3"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	619	shows "sts_disj (sts2 - sts1) (sts3 - sts2)" and
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	620	"(sts3 - sts1) = (sts2 - sts1) + (sts3 - sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	621	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	622	from assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	623	have h1: "length sts1 = length sts2" "\<forall>i<length sts1. sts1 ! i \<le> sts2 ! i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	624	and h2: "length sts2 = length sts3" "\<forall>i<length sts1. sts2 ! i \<le> sts3 ! i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	625	by (unfold less_eq_list_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	626	have "sts_disj (sts2 - sts1) (sts3 - sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	627	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	628	from h1(1) h2(1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	629	have "length (sts2 - sts1) = length (sts3 - sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	630	by (metis minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	631	moreover {
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	632	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	633	assume lt_i: "i<length (sts2 - sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	634	from lt_i h1(1) h2(1) have "i < length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	635	by (smt minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	636	from h1(2)[rule_format, of i, OF this] h2(2)[rule_format, of i, OF this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	637	have "sts1 ! i \<le> sts2 ! i" "sts2 ! i \<le> sts3 ! i" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	638	moreover have "(sts2 - sts1) ! i = sts2!i - sts1!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	639	by (metis lt_i nth_sts_minus)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	640	moreover have "(sts3 - sts2)!i = sts3!i - sts2!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	641	by (metis `length (sts2 - sts1) = length (sts3 - sts2)` lt_i nth_sts_minus)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	642	ultimately have " \<not> ((sts2 - sts1) ! i = Bound \<and> (sts3 - sts2) ! i = Bound)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	643	apply (cases "sts2!i", cases "sts1!i", cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	644	apply (cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	645	apply (cases "sts1!i", cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	646	by (cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	647	} ultimately show ?thesis by (unfold sts_disj_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	648	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	649	moreover have "(sts3 - sts1) = (sts2 - sts1) + (sts3 - sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	650	proof(induct rule:nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	651	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	652	show ?case by (metis h1(1) h2(1) length_sts_plus minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	653	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	654	case 2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	655	{ fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	656	assume lt_i: "i<length (sts3 - sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	657	have "(sts3 - sts1) ! i = (sts2 - sts1 + (sts3 - sts2)) ! i" (is "?L = ?R")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	658	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	659	have "?R = sts2!i - sts1!i + (sts3!i - sts2!i)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	660	by (smt `i < length (sts3 - sts1)` h2(1) minus_list_len nth_sts_minus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	661	nth_sts_plus plus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	662	moreover have "?L = sts3!i - sts1!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	663	by (metis `i < length (sts3 - sts1)` nth_sts_minus)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	664	moreover
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	665	have "sts2!i - sts1!i + (sts3!i - sts2!i) = sts3!i - sts1!i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	666	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	667	from lt_i h1(1) h2(1) have "i < length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	668	by (smt minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	669	from h1(2)[rule_format, of i, OF this] h2(2)[rule_format, of i, OF this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	670	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	671	apply (cases "sts2!i", cases "sts1!i", cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	672	apply (cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	673	apply (cases "sts1!i", cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	674	by (cases "sts3!i", simp, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	675	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	676	ultimately show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	677	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	678	} thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	679	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	680	ultimately show "sts_disj (sts2 - sts1) (sts3 - sts2)" and
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	681	"(sts3 - sts1) = (sts2 - sts1) + (sts3 - sts2)" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	682	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	683
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	684	lemma wf_cpg_test_correct:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	685	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	686	shows "(\<forall> i. \<exists> j. (c2p (sts' - sts) i cpg j))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	687	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	688	proof(induct cpg arbitrary:sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	689	case (CInstr instr sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	690	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	691	by (metis surj_pair tstate.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	692	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	693	proof(unfold eq_instr c2p_def, clarsimp simp:tassemble_to.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	694	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	695	let ?a = "(Suc i)" and ?f = "\<lambda> i k. St i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	696	show "\<exists>a f. \<forall>x. length x = length (sts' - sts) \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	697	(\<forall>k<length (sts' - sts). (sts' - sts) ! k = Bound \<longrightarrow> x ! k = f i k) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	698	Ex (sg {TC i ((a0, (x ! l0)), a1, (x ! l1))} \<and>* <(a = (Suc i))>)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	699	proof(rule_tac x = ?a in exI, rule_tac x = ?f in exI, default, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	700	fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	701	let ?j = "Suc i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	702	let ?s = " {TC i ((a0, x ! l0), a1, x ! l1)}"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	703	have "(sg {TC i ((a0, x ! l0), a1, x ! l1)} \<and>* <(Suc i = Suc i)>) ?s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	704	by (simp add:tassemble_to.simps sg_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	705	thus "Ex (sg {TC i ((a0, (x ! l0)), a1, (x ! l1))})"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	706	by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	707	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	708	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	709	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	710	case (CLabel l sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	711	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	712	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	713	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	714	from CLabel
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	715	have h1: "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	716	and h2: "sts ! l = Free"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	717	and h3: "sts[l := Bound] = sts'" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	718	let ?f = "\<lambda> i k. St i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	719	have "\<exists>a f. \<forall>x. length x = length (sts' - sts) \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	720	(\<forall>k<length (sts' - sts). (sts' - sts) ! k = Bound \<longrightarrow> x ! k = f (i::nat) k) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	721	Ex (<(i = a \<and> a = nat_of (x ! l))>)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	722	proof(rule_tac x = i in exI, rule_tac x = ?f in exI, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	723	fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	724	assume h[rule_format]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	725	"\<forall>k<length (sts' - sts). (sts' - sts) ! k = Bound \<longrightarrow> x ! k = St i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	726	from h1 h3 have p1: "l < length (sts' - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	727	by (metis length_list_update min_max.inf.idem minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	728	from p1 h2 h3 have p2: "(sts' - sts)!l = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	729	by (metis h1 minus_status.simps(2) nth_list_update_eq nth_sts_minus)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	730	from h[OF p1 p2] have "(<(i = nat_of (x ! l))>) 0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	731	by (simp add:set_ins_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	732	thus "\<exists> s. (<(i = nat_of (x ! l))>) s" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	733	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	734	thus "\<exists>a. c2p (sts' - sts) i (CLabel l) a"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	735	by (auto simp:c2p_def tassemble_to.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	736	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	737	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	738	case (CSeq cpg1 cpg2 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	739	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	740	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	741	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	742	from CSeq(3)[unfolded wf_cpg_test.simps]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	743	obtain b1 sts1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	744	where LetE: "(let (b2, y) = wf_cpg_test sts1 cpg2 in (b1 \<and> b2, y)) = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	745	"(b1, sts1) = wf_cpg_test sts cpg1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	746	by (auto simp:Let_def split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	747	show "\<exists> j. c2p (sts' - sts) i (CSeq cpg1 cpg2) j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	748	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	749	from LetE(1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	750	obtain b2 where h: "(b2, sts') = wf_cpg_test sts1 cpg2" "b1=True" "b2=True"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	751	by (atomize_elim, unfold Let_def, auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	752	from wf_cpg_test_le[OF LetE(2)[symmetric, unfolded h(2)]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	753	have sts_le1: "sts \<le> sts1" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	754	from CSeq(1)[OF LetE(2)[unfolded h(2), symmetric], rule_format, of i]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	755	obtain j1 where h1: "(c2p (sts1 - sts) i cpg1 j1)" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	756	from wf_cpg_test_le[OF h(1)[symmetric, unfolded h(3)]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	757	have sts_le2: "sts1 \<le> sts'" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	758	from sts_le_comb[OF sts_le1 sts_le2]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	759	have hh: "sts_disj (sts1 - sts) (sts' - sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	760	"sts' - sts = (sts1 - sts) + (sts' - sts1)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	761	from CSeq(2)[OF h(1)[symmetric, unfolded h(3)], rule_format, of j1]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	762	obtain j2 where h2: "(c2p (sts' - sts1) j1 cpg2 j2)" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	763	have "c2p (sts' - sts) i (CSeq cpg1 cpg2) j2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	764	by(unfold hh(2), rule c2p_seq[OF h1 h2 hh(1)])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	765	thus ?thesis by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	766	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	767	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	768	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	769	case (CLocal body sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	770	from this(2) obtain b sts1 s where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	771	h: "wf_cpg_test (Free # sts) body = (True, sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	772	"sts' = tl sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	773	by (unfold wf_cpg_test.simps, auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	774	from wf_cpg_test_le[OF h(1), unfolded less_eq_list_def] h(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	775	obtain s where eq_sts1: "sts1 = s#sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	776	by (metis Suc_length_conv list.size(4) tl.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	777	from CLocal(1)[OF h(1)] have p1: "\<forall>i. \<exists>a. c2p (sts1 - (Free # sts)) i body a" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	778	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	779	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	780	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	781	from p1[rule_format, of i] obtain j where "(c2p (sts1 - (Free # sts)) i body) j" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	782	then obtain f where hh [rule_format]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	783	"\<forall>x. length x = length (sts1 - (Free # sts)) \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	784	(\<forall>k<length (sts1 - (Free # sts)). (sts1 - (Free # sts)) ! k = Bound \<longrightarrow> x ! k = f i k) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	785	(\<exists>s. (i :[ c2t x body ]: j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	786	by (auto simp:c2p_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	787	let ?f = "\<lambda> i k. f i (Suc k)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	788	have "\<exists>j f. \<forall>x. length x = length (sts' - sts) \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	789	(\<forall>k<length (sts' - sts). (sts' - sts) ! k = Bound \<longrightarrow> x ! k = f i k) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	790	(\<exists>s. (i :[ (TL xa. c2t (xa # x) body) ]: j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	791	proof(rule_tac x = j in exI, rule_tac x = ?f in exI, default, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	792	fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	793	assume h1: "length x = length (sts' - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	794	and h2: "\<forall>k<length (sts' - sts). (sts' - sts) ! k = Bound \<longrightarrow> x ! k = f i (Suc k)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	795	let ?l = "f i 0" let ?x = " ?l#x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	796	from wf_cpg_test_le[OF h(1)] have "length (Free#sts) = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	797	by (unfold less_eq_list_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	798	with h1 h(2) have q1: "length (?l # x) = length (sts1 - (Free # sts))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	799	by (smt Suc_length_conv length_Suc_conv list.inject list.size(4)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	800	minus_list.simps(3) minus_list_len tl.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	801	have q2: "(\<forall>k<length (sts1 - (Free # sts)).
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	802	(sts1 - (Free # sts)) ! k = Bound \<longrightarrow> (f i 0 # x) ! k = f i k)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	803	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	804	{ fix k
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	805	assume lt_k: "k<length (sts1 - (Free # sts))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	806	and bd_k: "(sts1 - (Free # sts)) ! k = Bound"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	807	have "(f i 0 # x) ! k = f i k"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	808	proof(cases "k")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	809	case (Suc k')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	810	moreover have "x ! k' = f i (Suc k')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	811	proof(rule h2[rule_format])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	812	from bd_k Suc eq_sts1 show "(sts' - sts) ! k' = Bound" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	813	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	814	from Suc lt_k eq_sts1 show "k' < length (sts' - sts)" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	815	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	816	ultimately show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	817	qed simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	818	} thus ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	819	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	820	from conjI[THEN hh[of ?x], OF q1 q2] obtain s
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	821	where h_s: "(i :[ c2t (f i 0 # x) body ]: j) s" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	822	thus "(\<exists>s. (i :[ (TL xa. c2t (xa # x) body) ]: j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	823	apply (simp add:tassemble_to.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	824	by (rule_tac x = s in exI, rule_tac x = "?l::tstate" in EXS_intro, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	825	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	826	thus "\<exists>j. c2p (sts' - sts) i (CLocal body) j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	827	by (auto simp:c2p_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	828	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	829	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	830
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	831	lemma
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	832	assumes "wf_cpg_test [] cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	833	and "tpg = c2t [] cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	834	shows "\<forall> i. \<exists> j s. ((i:[tpg]:j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	835	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	836	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	837	have eq_sts_minus: "(sts' - []) = []"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	838	by (metis list.exhaust minus_list.simps(1) minus_list.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	839	from wf_cpg_test_correct[OF assms(1), rule_format, of i]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	840	obtain j where "c2p (sts' - []) i cpg j" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	841	from c2p_assert [OF this[unfolded eq_sts_minus]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	842	obtain s where "(i :[ c2t [] cpg ]: j) s" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	843	from this[folded assms(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	844	show " \<exists> j s. ((i:[tpg]:j) s)" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	845	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	846
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	847	lemma replicate_nth: "(replicate n x @ sts) ! (l + n) = sts!l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	848	by (smt length_replicate nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	849
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	850	lemma replicate_update:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	851	"(replicate n x @ sts)[l + n := v] = replicate n x @ sts[l := v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	852	by (smt length_replicate list_update_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	853
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	854	lemma nth_app: "length xs \<le> a \<Longrightarrow> (xs @ ys)!a = ys!(a - length xs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	855	by (metis not_less nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	856
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	857	lemma l_n_v_orig:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	858	assumes "l0 < length env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	859	and "t \<le> l0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	860	shows "(take t env @ es @ drop t env) ! (l0 + length es) = env ! l0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	861	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	862	from assms(1, 2) have "t < length env" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	863	hence h: "env = take t env @ drop t env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	864	"length (take t env) = t"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	865	apply (metis append_take_drop_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	866	by (smt `t < length env` length_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	867	with assms(2) have eq_sts_l: "env!l0 = (drop t env)!(l0 - t)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	868	by (metis nth_app)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	869	from h(2) have "length (take t env @ es) = t + length es"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	870	by (metis length_append length_replicate nat_add_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	871	moreover from assms(2) have "t + (length es) \<le> l0 + (length es)" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	872	ultimately have "((take t env @ es) @ drop t env)!(l0 + length es) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	873	(drop t env)!(l0+ length es - (t + length es))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	874	by (smt length_replicate length_splice nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	875	with eq_sts_l[symmetric, unfolded assms]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	876	show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	877	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	878
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	879	lemma l_n_v:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	880	assumes "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	881	and "sts!l = v"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	882	and "t \<le> l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	883	shows "(take t sts @ replicate n x @ drop t sts) ! (l + n) = v"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	884	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	885	from l_n_v_orig[OF assms(1) assms(3), of "replicate n x"]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	886	and assms(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	887	show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	888	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	889
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	890	lemma l_n_v_s:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	891	assumes "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	892	and "t \<le> l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	893	shows "(take t sts @ sts0 @ drop t sts)[l + length sts0 := v] =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	894	take t (sts[l:=v])@ sts0 @ drop t (sts[l:=v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	895	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	896	let ?n = "length sts0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	897	from assms(1, 2) have "t < length sts" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	898	hence h: "sts = take t sts @ drop t sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	899	"length (take t sts) = t"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	900	apply (metis append_take_drop_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	901	by (smt `t < length sts` length_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	902	with assms(2) have eq_sts_l: "sts[l:=v] = take t sts @ drop t sts [(l - t) := v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	903	by (smt list_update_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	904	with h(2) have eq_take_drop_t: "take t (sts[l:=v]) = take t sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	905	"drop t (sts[l:=v]) = (drop t sts)[l - t:=v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	906	apply (metis append_eq_conv_conj)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	907	by (metis append_eq_conv_conj eq_sts_l h(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	908	from h(2) have "length (take t sts @ sts0) = t + ?n"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	909	by (metis length_append length_replicate nat_add_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	910	moreover from assms(2) have "t + ?n \<le> l + ?n" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	911	ultimately have "((take t sts @ sts0) @ drop t sts)[l + ?n := v] =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	912	(take t sts @ sts0) @ (drop t sts)[(l + ?n - (t + ?n)) := v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	913	by (smt list_update_append replicate_nth)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	914	with eq_take_drop_t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	915	show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	916	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	917
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	918	lemma l_n_v_s1:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	919	assumes "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	920	and "\<not> t \<le> l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	921	shows "(take t sts @ sts0 @ drop t sts)[l := v] =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	922	take t (sts[l := v]) @ sts0 @ drop t (sts[l := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	923	proof(cases "t < length sts")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	924	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	925	hence h: "take t sts = sts" "drop t sts = []"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	926	"take t (sts[l:=v]) = sts [l:=v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	927	"drop t (sts[l:=v]) = []"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	928	by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	929	with assms(1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	930	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	931	by (metis list_update_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	932	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	933	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	934	with assms(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	935	have h: "(take t sts)[l:=v] = take t (sts[l:=v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	936	"(sts[l:=v]) = (take t sts)[l:=v]@drop t sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	937	"length (take t sts) = t"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	938	apply (smt length_list_update length_take nth_equalityI nth_list_update nth_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	939	apply (smt True append_take_drop_id assms(2) length_take list_update_append1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	940	by (smt True length_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	941	from h(2,3) have "drop t (sts[l := v]) = drop t sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	942	by (metis append_eq_conv_conj length_list_update)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	943	with h(1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	944	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	945	apply simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	946	by (metis assms(2) h(3) list_update_append1 not_leE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	947	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	948
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	949	lemma l_n_v_s2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	950	assumes "l0 < length env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	951	and "t \<le> l0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	952	and "\<not> t \<le> l1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	953	shows "(take t env @ es @ drop t env) ! l1 = env ! l1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	954	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	955	from assms(1, 2) have "t < length env" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	956	hence h: "env = take t env @ drop t env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	957	"length (take t env) = t"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	958	apply (metis append_take_drop_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	959	by (smt `t < length env` length_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	960	with assms(3) show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	961	by (smt nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	962	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	963
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	964	lemma l_n_v_s3:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	965	assumes "l0 < length env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	966	and "\<not> t \<le> l0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	967	shows "(take t env @ es @ drop t env) ! l0 = env ! l0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	968	proof(cases "t < length env")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	969	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	970	hence h: "env = take t env @ drop t env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	971	"length (take t env) = t"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	972	apply (metis append_take_drop_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	973	by (smt `t < length env` length_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	974	with assms(2) show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	975	by (smt nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	976	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	977	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	978	hence "take t env = env" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	979	with assms(1) show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	980	by (metis nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	981	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	982
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	983	subsection {* Invariant under lifts and perms *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	984
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	985	definition "lift_b t i j = (if (j \<ge> t) then (j + i) else j)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	986
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	987	fun lift_t :: "nat \<Rightarrow> nat \<Rightarrow> cpg \<Rightarrow> cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	988	where "lift_t t i (CInstr ((act0, l0), (act1, l1))) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	989	(CInstr ((act0, lift_b t i (nat_of l0)),
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	990	(act1, lift_b t i (nat_of l1))))" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	991	"lift_t t i (CLabel l) = CLabel (lift_b t i l)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	992	"lift_t t i (CSeq c1 c2) = CSeq (lift_t t i c1) (lift_t t i c2)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	993	"lift_t t i (CLocal c) = CLocal (lift_t (t + 1) i c)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	994
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	995	definition "lift0 (i::nat) cpg = lift_t 0 i cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	996
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	997	definition "perm_b t i j k = (if ((k::nat) = i \<and> i < t \<and> j < t) then j else
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	998	if (k = j \<and> i < t \<and> j < t) then i else k)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	999
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1000	fun perm :: "nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> cpg \<Rightarrow> cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1001	where "perm t i j (CInstr ((act0, l0), (act1, l1))) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1002	(CInstr ((act0, perm_b t i j l0), (act1, perm_b t i j l1)))" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1003	"perm t i j (CLabel l) = CLabel (perm_b t i j l)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1004	"perm t i j (CSeq c1 c2) = CSeq (perm t i j c1) (perm t i j c2)" \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1005	"perm t i j (CLocal c) = CLocal (perm (t + 1) (i + 1) (j + 1) c)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1006
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1007	definition "map_idx f sts = map (\<lambda> k. sts!(f (nat k))) [0 .. int (length sts) - 1]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1008
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1009	definition "perm_s i j sts = map_idx (perm_b (length sts) i j) sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1010
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1011	fun lift_es :: "(tstate list \<times> nat) list \<Rightarrow> tstate list \<Rightarrow> tstate list" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1012	"lift_es [] env = env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1013	\| "lift_es ((env', t)#ops) env = lift_es ops (take t env @ env' @ drop t env)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1014
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1015	fun lift_ss :: "(tstate list \<times> nat) list \<Rightarrow> status list \<Rightarrow> status list" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1016	"lift_ss [] sts = sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1017	\| "lift_ss ((env', t)#ops) sts = lift_ss ops (take t sts @ map (\<lambda> x. Free) env' @ drop t sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1018
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1019
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1020	fun lift_ts :: "(nat \<times> nat) list \<Rightarrow> cpg \<Rightarrow> cpg" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1021	"lift_ts [] cpg = cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1022	\| "lift_ts ((lenv, t)#ops) cpg = lift_ts ops (lift_t t lenv cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1023
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1024	fun perm_ss :: "(nat \<times> nat) list \<Rightarrow> 'a list \<Rightarrow> 'a list" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1025	"perm_ss [] env = env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1026	\| "perm_ss ((i, j)#ops) env = perm_ss ops (perm_s i j env)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1027
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1028	fun perms :: "nat => (nat \<times> nat) list \<Rightarrow> cpg \<Rightarrow> cpg" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1029	"perms n [] cpg = cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1030	\| "perms n ((i, j)#ops) cpg = perms n ops (perm n i j cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1031
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1032	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1033	"adjust_cpg len sps lfs cpg = lift_ts lfs (perms len sps cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1034
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1035	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1036	"red_lfs lfs = map (apfst length) lfs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1037
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1038	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1039	"adjust_env sps lfs env = lift_es lfs (perm_ss sps env)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1040
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1041	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1042	"adjust_sts sps lfs sts = lift_ss lfs (perm_ss sps sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1043
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1044	fun sts_disj_test :: "status list \<Rightarrow> status list \<Rightarrow> bool" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1045	"sts_disj_test [] [] = True"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1046	\| "sts_disj_test [] (s#ss) = False"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1047	\| "sts_disj_test (s#ss) [] = False"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1048	\| "sts_disj_test (s1#ss1) (s2#ss2) = (case (s1, s2) of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1049	(Bound, Bound) \<Rightarrow> False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1050	\| _ \<Rightarrow> sts_disj_test ss1 ss2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1051
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1052	lemma inj_perm_b: "inj (perm_b t i j)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1053	proof(induct rule:injI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1054	case (1 x y)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1055	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1056	by (unfold perm_b_def, auto split:if_splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1057	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1058
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1059	lemma lift_wf_cpg_test:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1060	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1061	shows "wf_cpg_test (take t sts @ sts0 @ drop t sts) (lift_t t (length sts0) cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1062	(True, take t sts' @ sts0 @ drop t sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1063	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1064	proof(induct cpg arbitrary:t sts0 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1065	case (CInstr instr t sts0 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1066	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1067	by (metis surj_pair tstate.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1068	from CInstr
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1069	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1070	by (auto simp:eq_instr lift_b_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1071	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1072	case (CLabel l t sts0 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1073	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1074	apply (auto simp:lift_b_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1075	replicate_nth replicate_update l_n_v_orig l_n_v_s)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1076	apply (metis (mono_tags) diff_diff_cancel length_drop length_rev
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1077	linear not_less nth_append nth_take rev_take take_all)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1078	by (simp add:l_n_v_s1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1079	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1080	case (CSeq c1 c2 sts0 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1081	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1082	by (auto simp: lift0_def lift_b_def split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1083	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1084	case (CLocal body t sts0 sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1085	from this(2) obtain sts1 where h: "wf_cpg_test (Free # sts) body = (True, sts1)" "tl sts1 = sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1086	by (auto simp:lift0_def lift_b_def split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1087	let ?lift_s = "\<lambda> t sts. take t sts @ sts0 @ drop t sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1088	have eq_lift_1: "(?lift_s (Suc t) (Free # sts)) = Free#?lift_s t sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1089	by (simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1090	from wf_cpg_test_le[OF h(1)] have "length (Free#sts) = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1091	by (unfold less_eq_list_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1092	hence eq_sts1: "sts1 = hd sts1 # tl sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1093	by (metis append_Nil append_eq_conv_conj hd.simps list.exhaust tl.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1094	from CLocal(1)[OF h(1), of "Suc t", of "sts0", unfolded eq_lift_1]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1095	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1096	apply (simp, subst eq_sts1, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1097	apply (simp add:h(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1098	by (subst eq_sts1, simp add:h(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1099	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1100
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1101	lemma lift_c2t:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1102	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1103	and "length env = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1104	shows "c2t (take t env @ es @ drop t env) (lift_t t (length es) cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1105	c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1106	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1107	proof(induct cpg arbitrary: t env es sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1108	case (CInstr instr t env es sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1109	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1110	by (metis nat_of.cases surj_pair)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1111	from CInstr have h: "l0 < length env" "l1 < length env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1112	by (auto simp:eq_instr)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1113	with CInstr(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1114	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1115	by (auto simp:eq_instr lift_b_def l_n_v_orig l_n_v_s2 l_n_v_s3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1116	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1117	case (CLabel l t env es sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1118	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1119	by (auto simp:lift_b_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1120	replicate_nth replicate_update l_n_v_orig l_n_v_s3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1121	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1122	case (CSeq c1 c2 t env es sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1123	from CSeq(3) obtain sts1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1124	where h: "wf_cpg_test sts c1 = (True, sts1)" "wf_cpg_test sts1 c2 = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1125	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1126	from wf_cpg_test_le[OF h(1)] have "length sts = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1127	by (auto simp:less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1128	from CSeq(4)[unfolded this] have eq_len_env: "length env = length sts1" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1129	from CSeq(1)[OF h(1) CSeq(4)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1130	CSeq(2)[OF h(2) eq_len_env]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1131	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1132	by (auto simp: lift0_def lift_b_def split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1133	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1134	case (CLocal body t env es sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1135	{ fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1136	from CLocal(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1137	obtain sts1 where h1: "wf_cpg_test (Free # sts) body = (True, sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1138	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1139	from CLocal(3) have "length (x#env) = length (Free # sts)" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1140	from CLocal(1)[OF h1 this, of "Suc t"]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1141	have "c2t (x # take t env @ es @ drop t env) (lift_t (Suc t) (length es) body) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1142	c2t (x # env) body"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1143	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1144	} thus ?case by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1145	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1146
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1147	lemma upto_len: "length [i .. j] = (if j < i then 0 else (nat (j - i + 1)))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1148	proof(induct i j rule:upto.induct)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1149	case (1 i j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1150	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1151	proof(cases "j < i")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1152	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1153	thus ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1154	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1155	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1156	hence eq_ij: "[i..j] = i # [i + 1..j]" by (simp add:upto.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1157	from 1 False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1158	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1159	by (auto simp:eq_ij)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1160	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1161	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1162
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1163	lemma upto_append:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1164	assumes "x \<le> y + 1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1165	shows "[x .. y + 1] = [x .. y]@[y + 1]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1166	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1167	by (induct x y rule:upto.induct, auto simp:upto.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1168
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1169	lemma nth_upto:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1170	assumes "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1171	shows "[0..(int (length sts)) - 1]!l = int l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1172	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1173	proof(induct sts arbitrary:l)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1174	case Nil
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1175	thus ?case by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1176	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1177	case (Cons s sts l)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1178	from Cons(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1179	have "0 \<le> (int (length sts) - 1) + 1" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1180	from upto_append[OF this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1181	have eq_upto: "[0..int (length sts)] = [0..int (length sts) - 1] @ [int (length sts)]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1182	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1183	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1184	proof(cases "l < length sts")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1185	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1186	with Cons(1)[OF True] eq_upto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1187	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1188	apply simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1189	by (smt nth_append take_eq_Nil upto_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1190	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1191	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1192	with Cons(2) have eq_l: "l = length sts" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1193	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1194	proof(cases sts)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1195	case (Cons x xs)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1196	have "[0..1 + int (length xs)] = [0 .. int (length xs)]@[1 + int (length xs)]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1197	by (smt upto_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1198	moreover have "length [0 .. int (length xs)] = Suc (length xs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1199	by (smt upto_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1200	moreover note Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1201	ultimately show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1202	apply (simp add:eq_l)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1203	by (smt nth_Cons' nth_append)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1204	qed (simp add:upto_len upto.simps eq_l)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1205	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1206	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1207
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1208	lemma map_idx_idx:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1209	assumes "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1210	shows "(map_idx f sts)!l = sts!(f l)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1211	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1212	from assms have lt_l: "l < length [0..int (length sts) - 1]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1213	by (smt upto_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1214	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1215	apply (unfold map_idx_def nth_map[OF lt_l])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1216	by (metis assms nat_int nth_upto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1217	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1218
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1219	lemma map_idx_len: "length (map_idx f sts) = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1220	apply (unfold map_idx_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1221	by (smt length_map upto_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1222
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1223	lemma map_idx_eq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1224	assumes "\<forall> l < length sts. f l = g l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1225	shows "map_idx f sts = map_idx g sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1226	proof(induct rule: nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1227	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1228	show "length (map_idx f sts) = length (map_idx g sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1229	by (metis map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1230	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1231	case 2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1232	{ fix l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1233	assume "l < length (map_idx f sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1234	hence "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1235	by (metis map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1236	from map_idx_idx[OF this] and assms and this
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1237	have "map_idx f sts ! l = map_idx g sts ! l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1238	by (smt list_eq_iff_nth_eq map_idx_idx map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1239	} thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1240	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1241
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1242	lemma perm_s_commut: "perm_s i j sts = perm_s j i sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1243	apply (unfold perm_s_def, rule map_idx_eq, unfold perm_b_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1244	by smt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1245
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1246	lemma map_idx_id: "map_idx id sts = sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1247	proof(induct rule:nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1248	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1249	from map_idx_len show "length (map_idx id sts) = length sts" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1250	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1251	case 2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1252	{ fix l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1253	assume "l < length (map_idx id sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1254	from map_idx_idx[OF this[unfolded map_idx_len]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1255	have "map_idx id sts ! l = sts ! l" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1256	} thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1257	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1258
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1259	lemma perm_s_lt_i:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1260	assumes "\<not> i < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1261	shows "perm_s i j sts = sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1262	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1263	have "map_idx (perm_b (length sts) i j) sts = map_idx id sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1264	proof(rule map_idx_eq, default, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1265	fix l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1266	assume "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1267	with assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1268	show "perm_b (length sts) i j l = l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1269	by (unfold perm_b_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1270	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1271	with map_idx_id
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1272	have "map_idx (perm_b (length sts) i j) sts = sts" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1273	thus ?thesis by (simp add:perm_s_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1274	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1275
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1276	lemma perm_s_lt:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1277	assumes "\<not> i < length sts \<or> \<not> j < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1278	shows "perm_s i j sts = sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1279	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1280	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1281	assume "\<not> i < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1282	from perm_s_lt_i[OF this] show ?thesis .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1283	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1284	assume "\<not> j < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1285	from perm_s_lt_i[OF this, of i, unfolded perm_s_commut]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1286	show ?thesis .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1287	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1288
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1289	lemma perm_s_update_i:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1290	assumes "i < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1291	and "j < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1292	shows "sts ! i = perm_s i j sts ! j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1293	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1294	from map_idx_idx[OF assms(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1295	have "map_idx (perm_b (length sts) i j) sts ! j = sts!(perm_b (length sts) i j j)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1296	with assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1297	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1298	by (auto simp:perm_s_def perm_b_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1299	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1300
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1301	lemma nth_perm_s_neq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1302	assumes "l \<noteq> j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1303	and "l \<noteq> i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1304	and "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1305	shows "sts ! l = perm_s i j sts ! l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1306	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1307	have "map_idx (perm_b (length sts) i j) sts ! l = sts!(perm_b (length sts) i j l)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1308	by (metis assms(3) map_idx_def map_idx_idx)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1309	with assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1310	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1311	by (unfold perm_s_def perm_b_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1312	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1313
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1314	lemma map_idx_update:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1315	assumes "f j = i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1316	and "inj f"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1317	and "i < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1318	and "j < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1319	shows "map_idx f (sts[i:=v]) = map_idx f sts[j := v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1320	proof(induct rule:nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1321	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1322	show "length (map_idx f (sts[i := v])) = length (map_idx f sts[j := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1323	by (metis length_list_update map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1324	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1325	case 2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1326	{ fix l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1327	assume lt_l: "l < length (map_idx f (sts[i := v]))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1328	have eq_nth: "sts[i := v] ! f l = map_idx f sts[j := v] ! l"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1329	proof(cases "f l = i")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1330	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1331	from lt_l have "l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1332	by (metis length_list_update map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1333	from map_idx_idx[OF this, of f] have " map_idx f sts ! l = sts ! f l" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1334	moreover from False assms have "l \<noteq> j" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1335	moreover note False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1336	ultimately show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1337	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1338	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1339	with assms have eq_l: "l = j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1340	by (metis inj_eq)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1341	moreover from lt_l eq_l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1342	have "j < length (map_idx f sts[j := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1343	by (metis length_list_update map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1344	moreover note True assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1345	ultimately show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1346	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1347	from lt_l have "l < length (sts[i := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1348	by (metis map_idx_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1349	from map_idx_idx[OF this] eq_nth
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1350	have "map_idx f (sts[i := v]) ! l = map_idx f sts[j := v] ! l" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1351	} thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1352	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1353
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1354	lemma perm_s_update:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1355	assumes "i < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1356	and "j < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1357	shows "(perm_s i j sts)[i := v] = perm_s i j (sts[j := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1358	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1359	have "map_idx (perm_b (length (sts[j := v])) i j) (sts[j := v]) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1360	map_idx (perm_b (length (sts[j := v])) i j) sts[i := v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1361	proof(rule map_idx_update[OF _ _ assms(2, 1)])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1362	from inj_perm_b show "inj (perm_b (length (sts[j := v])) i j)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1363	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1364	from assms show "perm_b (length (sts[j := v])) i j i = j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1365	by (auto simp:perm_b_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1366	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1367	hence "map_idx (perm_b (length sts) i j) sts[i := v] =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1368	map_idx (perm_b (length (sts[j := v])) i j) (sts[j := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1369	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1370	thus ?thesis by (simp add:perm_s_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1371	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1372
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1373	lemma perm_s_len: "length (perm_s i j sts') = length sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1374	apply (unfold perm_s_def map_idx_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1375	by (smt Nil_is_map_conv length_0_conv length_greater_0_conv length_map neq_if_length_neq upto_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1376
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1377	lemma perm_s_update_neq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1378	assumes "l \<noteq> i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1379	and "l \<noteq> j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1380	shows "perm_s i j sts[l := v] = perm_s i j (sts[l := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1381	proof(cases "i < length sts \<and> j < length sts")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1382	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1383	with perm_s_lt have "perm_s i j sts = sts" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1384	moreover have "perm_s i j (sts[l:=v]) = sts[l:=v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1385	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1386	have "length (sts[l:=v]) = length sts" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1387	from False[folded this] perm_s_lt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1388	show ?thesis by metis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1389	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1390	ultimately show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1391	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1392	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1393	note lt_ij = this
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1394	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1395	proof(cases "l < length sts")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1396	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1397	hence "sts[l:=v] = sts" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1398	moreover have "perm_s i j sts[l := v] = perm_s i j sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1399	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1400	from False and perm_s_len
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1401	have "\<not> l < length (perm_s i j sts)" by metis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1402	thus ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1403	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1404	ultimately show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1405	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1406	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1407	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1408	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1409	have "map_idx (perm_b (length (sts[l := v])) i j) (sts[l := v]) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1410	map_idx (perm_b (length (sts[l := v])) i j) sts[l := v]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1411	proof(induct rule:map_idx_update [OF _ inj_perm_b True True])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1412	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1413	from assms lt_ij
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1414	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1415	by (unfold perm_b_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1416	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1417	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1418	by (unfold perm_s_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1419	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1420	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1421	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1422
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1423	lemma perm_sb: "(perm_s i j sts)[perm_b (length sts) i j l := v] = perm_s i j (sts[l := v])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1424	apply(subst perm_b_def, auto simp:perm_s_len perm_s_lt perm_s_update)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1425	apply (subst perm_s_commut, subst (2) perm_s_commut, rule_tac perm_s_update, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1426	by (rule_tac perm_s_update_neq, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1427
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1428	lemma perm_s_id: "perm_s i i sts = sts" (is "?L = ?R")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1429	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1430	from map_idx_id have "?R = map_idx id sts" by metis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1431	also have "\<dots> = ?L"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1432	by (unfold perm_s_def, rule map_idx_eq, unfold perm_b_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1433	finally show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1434	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1435
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1436	lemma upto_map:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1437	assumes "i \<le> j"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1438	shows "[i .. j] = i # map (\<lambda> x. x + 1) [i .. (j - 1)]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1439	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1440	proof(induct i j rule:upto.induct)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1441	case (1 i j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1442	show ?case (is "?L = ?R")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1443	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1444	from 1(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1445	have eq_l: "?L = i # [i+1 .. j]" by (simp add:upto.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1446	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1447	proof(cases "i + 1 \<le> j")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1448	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1449	with eq_l show ?thesis by (auto simp:upto.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1450	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1451	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1452	have "[i + 1..j] = map (\<lambda>x. x + 1) [i..j - 1]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1453	by (smt "1.hyps" Cons_eq_map_conv True upto.simps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1454	with eq_l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1455	show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1456	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1457	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1458	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1459
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1460	lemma perm_s_cons: "(perm_s (Suc i) (Suc j) (s # sts)) = s#perm_s i j sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1461	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1462	have le_0: "0 \<le> int (length (s # sts)) - 1" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1463	have "map (\<lambda>k. (s # sts) ! perm_b (length (s # sts)) (Suc i) (Suc j) (nat k))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1464	[0..int (length (s # sts)) - 1] =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1465	s # map (\<lambda>k. sts ! perm_b (length sts) i j (nat k)) [0..int (length sts) - 1]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1466	by (unfold upto_map[OF le_0], auto simp:perm_b_def, smt+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1467	thus ?thesis by (unfold perm_s_def map_idx_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1468	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1469
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1470	lemma perm_wf_cpg_test:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1471	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1472	shows "wf_cpg_test (perm_s i j sts) (perm (length sts) i j cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1473	(True, perm_s i j sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1474	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1475	proof(induct cpg arbitrary:t i j sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1476	case (CInstr instr i j sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1477	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1478	by (metis surj_pair tstate.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1479	from CInstr
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1480	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1481	apply (unfold eq_instr, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1482	by (unfold perm_s_len perm_b_def, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1483	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1484	case (CLabel l i j sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1485	have "(perm_s i j sts)[perm_b (length sts) i j l := Bound] = perm_s i j (sts[l := Bound])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1486	by (metis perm_sb)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1487	with CLabel
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1488	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1489	apply (auto simp:perm_s_len perm_sb)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1490	apply (subst perm_b_def, auto simp:perm_sb)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1491	apply (subst perm_b_def, auto simp:perm_s_lt perm_s_update_i)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1492	apply (unfold perm_s_id, subst perm_s_commut, simp add: perm_s_update_i[symmetric])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1493	apply (simp add:perm_s_update_i[symmetric])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1494	by (simp add: nth_perm_s_neq[symmetric])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1495	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1496	case (CSeq c1 c2 i j sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1497	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1498	apply (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1499	apply (metis (hide_lams, no_types) less_eq_list_def prod.inject wf_cpg_test_le)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1500	by (metis (hide_lams, no_types) less_eq_list_def prod.inject wf_cpg_test_le)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1501	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1502	case (CLocal body i j sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1503	from this(2) obtain sts1 where h: "wf_cpg_test (Free # sts) body = (True, sts1)" "tl sts1 = sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1504	by (auto simp:lift0_def lift_b_def split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1505	from wf_cpg_test_le[OF h(1)] have "length (Free#sts) = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1506	by (unfold less_eq_list_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1507	hence eq_sts1: "sts1 = hd sts1 # tl sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1508	by (metis append_Nil append_eq_conv_conj hd.simps list.exhaust tl.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1509	from CLocal(1)[OF h(1), of "Suc i" "Suc j"] h(2) eq_sts1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1510	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1511	apply (auto split:prod.splits simp:perm_s_cons)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1512	by (metis perm_s_cons tl.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1513	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1514
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1515	lemma nth_perm_sb:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1516	assumes "l0 < length env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1517	shows "perm_s i j env ! perm_b (length env) i j l0 = env ! l0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1518	by (metis assms nth_perm_s_neq perm_b_def perm_s_commut perm_s_lt perm_s_update_i)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1519
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1520
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1521	lemma perm_c2t:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1522	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1523	and "length env = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1524	shows "c2t (perm_s i j env) (perm (length env) i j cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1525	c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1526	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1527	proof(induct cpg arbitrary:i j env sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1528	case (CInstr instr i j env sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1529	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1530	by (metis surj_pair tstate.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1531	from CInstr have h: "l0 < length env" "l1 < length env"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1532	by (auto simp:eq_instr)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1533	with CInstr(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1534	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1535	apply (auto simp:eq_instr)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1536	by (metis nth_perm_sb)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1537	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1538	case (CLabel l t env es sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1539	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1540	apply (auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1541	by (metis nth_perm_sb)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1542	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1543	case (CSeq c1 c2 i j env sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1544	from CSeq(3) obtain sts1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1545	where h: "wf_cpg_test sts c1 = (True, sts1)" "wf_cpg_test sts1 c2 = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1546	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1547	from wf_cpg_test_le[OF h(1)] have "length sts = length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1548	by (auto simp:less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1549	from CSeq(4)[unfolded this] have eq_len_env: "length env = length sts1" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1550	from CSeq(1)[OF h(1) CSeq(4)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1551	CSeq(2)[OF h(2) eq_len_env]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1552	show ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1553	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1554	case (CLocal body i j env sts sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1555	{ fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1556	from CLocal(2, 3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1557	obtain sts1 where "wf_cpg_test (Free # sts) body = (True, sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1558	"length (x#env) = length (Free # sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1559	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1560	from CLocal(1)[OF this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1561	have "(c2t (x # perm_s i j env) (perm (Suc (length env)) (Suc i) (Suc j) body)) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1562	(c2t (x # env) body)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1563	by (metis Suc_length_conv perm_s_cons)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1564	} thus ?case by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1565	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1566
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1567	lemma wf_cpg_test_disj_aux1:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1568	assumes "sts_disj sts1 (sts[l := Bound] - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1569	"l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1570	"sts ! l = Free"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1571	shows "(sts1 + sts) ! l = Free"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1572	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1573	from assms(1)[unfolded sts_disj_def]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1574	have h: "length sts1 = length (sts[l := Bound] - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1575	"(\<forall>i<length sts1. \<not> (sts1 ! i = Bound \<and> (sts[l := Bound] - sts) ! i = Bound))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1576	by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1577	from h(1) assms(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1578	have lt_l: "l < length sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1579	"l < length (sts[l := Bound] - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1580	"l < length (sts1 + sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1581	apply (smt length_list_update minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1582	apply (smt assms(2) length_list_update minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1583	by (smt assms(2) h(1) length_list_update length_sts_plus minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1584	from h(2)[rule_format, of l, OF this(1)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1585	have " \<not> (sts1 ! l = Bound \<and> (sts[l := Bound] - sts) ! l = Bound)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1586	with assms(3) nth_sts_minus[OF lt_l(2)] nth_sts_plus[OF lt_l(3)] assms(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1587	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1588	by (cases "sts1!l", auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1589	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1590
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1591	lemma wf_cpg_test_disj_aux2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1592	assumes "sts_disj sts1 (sts[l := Bound] - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1593	" l < length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1594	shows "(sts1 + sts)[l := Bound] = sts1 + sts[l := Bound]"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1595	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1596	from assms have lt_l: "l < length (sts1 + sts[l:=Bound])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1597	"l < length (sts1 + sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1598	apply (smt length_list_update length_sts_plus minus_list_len sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1599	by (smt assms(1) assms(2) length_list_update length_sts_plus minus_list_len sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1600	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1601	proof(induct rule:nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1602	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1603	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1604	by (smt assms(1) length_list_update length_sts_plus minus_list_len sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1605	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1606	case 2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1607	{ fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1608	assume lt_i: "i < length ((sts1 + sts)[l := Bound])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1609	have " (sts1 + sts)[l := Bound] ! i = (sts1 + sts[l := Bound]) ! i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1610	proof(cases "i = l")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1611	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1612	with nth_sts_plus[OF lt_l(1)] assms(2) nth_sts_plus[OF lt_l(2)] lt_l
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1613	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1614	by (cases "sts1 ! l", auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1615	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1616	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1617	from lt_i have "i < length (sts1 + sts)" "i < length (sts1 + sts[l := Bound])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1618	apply auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1619	by (metis length_list_update plus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1620	from nth_sts_plus[OF this(1)] nth_sts_plus[OF this(2)] lt_i lt_l False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1621	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1622	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1623	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1624	} thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1625	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1626	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1627
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1628	lemma sts_list_plus_commut:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1629	shows "sts1 + sts2 = sts2 + (sts1:: status list)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1630	proof(induct rule:nth_equalityI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1631	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1632	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1633	by (metis min_max.inf.commute plus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1634	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1635	case 2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1636	{ fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1637	assume lt_i1: "i<length (sts1 + sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1638	hence lt_i2: "i < length (sts2 + sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1639	by (smt plus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1640	from nth_sts_plus[OF this] nth_sts_plus[OF lt_i1]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1641	have "(sts1 + sts2) ! i = (sts2 + sts1) ! i"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1642	apply simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1643	apply (cases "sts1!i", cases "sts2!i", auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1644	by (cases "sts2!i", auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1645	} thus ?case by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1646	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1647
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1648	lemma sts_disj_cons:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1649	assumes "sts_disj sts1 sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1650	shows "sts_disj (Free # sts1) (s # sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1651	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1652	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1653	from assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1654	have h: "length sts1 = length sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1655	"(\<forall>i<length sts1. \<not> (sts1 ! i = Bound \<and> sts2 ! i = Bound))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1656	by (unfold sts_disj_def, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1657	from h(1) have "length (Free # sts1) = length (s # sts2)" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1658	moreover {
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1659	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1660	assume lt_i: "i<length (Free # sts1)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1661	have "\<not> ((Free # sts1) ! i = Bound \<and> (s # sts2) ! i = Bound)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1662	proof(cases "i")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1663	case 0
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1664	thus ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1665	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1666	case (Suc k)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1667	from h(2)[rule_format, of k] lt_i[unfolded Suc] Suc
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1668	show ?thesis by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1669	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1670	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1671	ultimately show ?thesis by (auto simp:sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1672	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1673
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1674	lemma sts_disj_uncomb:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1675	assumes "sts_disj sts (sts1 + sts2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1676	and "sts_disj sts1 sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1677	shows "sts_disj sts sts1" "sts_disj sts sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1678	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1679	apply (smt assms(1) assms(2) length_sts_plus nth_sts_plus plus_status.simps(2) sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1680	by (smt assms(1) assms(2) length_sts_plus nth_sts_plus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1681	plus_status.simps(2) sts_disj_def sts_list_plus_commut)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1682
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1683	lemma wf_cpg_test_disj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1684	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1685	and "sts_disj sts1 (sts' - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1686	shows "wf_cpg_test (sts1 + sts) cpg = (True, sts1 + sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1687	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1688	proof(induct cpg arbitrary:sts sts1 sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1689	case (CInstr instr sts sts1 sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1690	obtain a0 l0 a1 l1 where eq_instr: "instr = ((a0, St l0), (a1, St l1))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1691	by (metis nat_of.cases surj_pair)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1692	with CInstr(1) have h: "l0 < length sts" "l1 < length sts" "sts = sts'" by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1693	with CInstr eq_instr
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1694	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1695	apply (auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1696	by (smt length_sts_plus minus_list_len sts_disj_def)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1697	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1698	case (CLabel l sts sts1 sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1699	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1700	apply auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1701	apply (smt length_list_update length_sts_plus minus_list_len sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1702	by (auto simp: wf_cpg_test_disj_aux1 wf_cpg_test_disj_aux2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1703	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1704	case (CSeq c1 c2 sts sts1 sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1705	from CSeq(3) obtain sts''
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1706	where h: "wf_cpg_test sts c1 = (True, sts'')" "wf_cpg_test sts'' c2 = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1707	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1708	from wf_cpg_test_le[OF h(1)] have "length sts = length sts''"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1709	by (auto simp:less_eq_list_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1710	from sts_le_comb[OF wf_cpg_test_le[OF h(1)] wf_cpg_test_le[OF h(2)]]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1711	have " sts' - sts = (sts'' - sts) + (sts' - sts'')" "sts_disj (sts'' - sts) (sts' - sts'')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1712	by auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1713	from sts_disj_uncomb[OF CSeq(4)[unfolded this(1)] this(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1714	have "sts_disj sts1 (sts'' - sts)" "sts_disj sts1 (sts' - sts'')" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1715	from CSeq(1)[OF h(1) this(1)] CSeq(2)[OF h(2) this(2)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1716	have "wf_cpg_test (sts1 + sts) c1 = (True, sts1 + sts'')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1717	"wf_cpg_test (sts1 + sts'') c2 = (True, sts1 + sts')" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1718	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1719	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1720	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1721	case (CLocal body sts sts1 sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1722	from this(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1723	obtain sts'' where h: "wf_cpg_test (Free # sts) body = (True, sts'')" "sts' = tl sts''"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1724	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1725	from wf_cpg_test_le[OF h(1), unfolded less_eq_list_def] h(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1726	obtain s where eq_sts'': "sts'' = s#sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1727	by (metis Suc_length_conv list.size(4) tl.simps(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1728	let ?sts = "Free#sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1729	from CLocal(3) have "sts_disj ?sts (sts'' - (Free # sts))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1730	apply (unfold eq_sts'', simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1731	by (metis sts_disj_cons)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1732	from CLocal(1)[OF h(1) this] eq_sts''
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1733	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1734	by (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1735	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1736
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1737	lemma sts_disj_free:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1738	assumes "list_all (op = Free) sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1739	and "length sts' = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1740	shows "sts_disj sts' sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1741	by (metis (full_types) assms(1) assms(2) list_all_length
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1742	status.distinct(1) sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1743
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1744	lemma all_free_plus:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1745	assumes "length sts' = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1746	and "list_all (op = Free) sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1747	shows "sts' + sts = sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1748	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1749	proof(induct sts' arbitrary:sts)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1750	case (Cons s sts' sts)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1751	note cs = Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1752	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1753	proof(cases "sts")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1754	case (Cons s1 sts1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1755	with cs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1756	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1757	by (smt list.size(4) list_all_simps(1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1758	plus_list.simps(3) plus_status.simps(1) sts_list_plus_commut)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1759	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1760	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1761
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1762	lemma wf_cpg_test_extrapo:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1763	assumes "wf_cpg_test sts cpg = (True, sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1764	and "list_all (op = Free) sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1765	and "length sts' = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1766	shows "wf_cpg_test sts' cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1767	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1768	have "sts_disj sts' (sts - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1769	proof(rule sts_disj_free)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1770	from assms(2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1771	show "list_all (op = Free) (sts - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1772	by (induct sts, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1773	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1774	from assms(3) show "length sts' = length (sts - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1775	by (metis length_sts_plus minus_list_len plus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1776	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1777	from wf_cpg_test_disj [OF assms(1) this]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1778	have "wf_cpg_test (sts' + sts) cpg = (True, sts' + sts)" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1779	moreover from all_free_plus[OF assms(3, 2)] have "sts' + sts = sts'" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1780	finally show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1781	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1782
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1783	lemma perms_wf_cpg_test:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1784	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1785	shows "wf_cpg_test (perm_ss ops sts) (perms (length sts) ops cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1786	(True, perm_ss ops sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1787	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1788	proof(induct ops arbitrary:sts cpg sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1789	case (Cons sp ops sts cpg sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1790	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1791	proof(cases "sp")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1792	case (Pair i j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1793	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1794	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1795	let ?sts = "(perm_s i j sts)" and ?cpg = "(perm (length sts) i j cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1796	and ?sts' = "perm_s i j sts'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1797	have "wf_cpg_test (perm_ss ops ?sts) (perms (length ?sts) ops ?cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1798	(True, perm_ss ops ?sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1799	proof(rule Cons(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1800	show "wf_cpg_test (perm_s i j sts) (perm (length sts) i j cpg) = (True, perm_s i j sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1801	by (metis Cons.prems perm_wf_cpg_test)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1802	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1803	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1804	apply (unfold Pair)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1805	apply simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1806	by (metis perm_s_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1807	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1808	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1809	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1810
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1811	lemma perm_ss_len: "length (perm_ss ops xs) = length xs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1812	proof(induct ops arbitrary:xs)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1813	case (Cons sp ops xs)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1814	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1815	proof(cases "sp")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1816	case (Pair i j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1817	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1818	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1819	let ?xs = "(perm_s i j xs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1820	have "length (perm_ss ops ?xs) = length ?xs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1821	by (metis Cons.hyps)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1822	also have "\<dots> = length xs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1823	by (metis perm_s_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1824	finally show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1825	by (unfold Pair, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1826	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1827	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1828	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1829
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1830	lemma perms_c2t:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1831	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1832	and "length env = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1833	shows "c2t (perm_ss ops env) (perms (length env) ops cpg) = c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1834	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1835	proof(induct ops arbitrary:sts cpg sts' env)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1836	case (Cons sp ops sts cpg sts' env)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1837	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1838	proof(cases "sp")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1839	case (Pair i j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1840	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1841	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1842	let ?env = "(perm_s i j env)" and ?cpg = "(perm (length env) i j cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1843	have " c2t (perm_ss ops ?env) (perms (length ?env) ops ?cpg) = c2t ?env ?cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1844	proof(rule Cons(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1845	from perm_wf_cpg_test[OF Cons(2), of i j, folded Cons(3)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1846	show "wf_cpg_test (perm_s i j sts) (perm (length env) i j cpg) = (True, perm_s i j sts')" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1847	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1848	show "length (perm_s i j env) = length (perm_s i j sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1849	by (metis Cons.prems(2) perm_s_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1850	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1851	also have "\<dots> = c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1852	by (metis Cons.prems(1) Cons.prems(2) perm_c2t)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1853	finally show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1854	apply (unfold Pair)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1855	apply simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1856	by (metis perm_s_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1857	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1858	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1859	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1860
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1861	lemma red_lfs_nil: "red_lfs [] = []"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1862	by (simp add:red_lfs_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1863
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1864	lemma red_lfs_cons: "red_lfs ((env, t)#lfs) = (length env, t)#(red_lfs lfs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1865	by (simp add:red_lfs_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1866
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1867	lemmas red_lfs_simps [simp] = red_lfs_nil red_lfs_cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1868
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1869	lemma lifts_wf_cpg_test:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1870	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1871	shows "wf_cpg_test (lift_ss ops sts) (lift_ts (red_lfs ops) cpg)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1872	= (True, lift_ss ops sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1873	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1874	proof(induct ops arbitrary:sts cpg sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1875	case (Cons sp ops sts cpg sts')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1876	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1877	proof(cases "sp")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1878	case (Pair env' t)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1879	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1880	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1881	let ?sts = "(take t sts @ map (\<lambda>x. Free) env' @ drop t sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1882	and ?sts' = "(take t sts' @ map (\<lambda>x. Free) env' @ drop t sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1883	and ?cpg = "(lift_t t (length env') cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1884	have "wf_cpg_test (lift_ss ops ?sts) (lift_ts (red_lfs ops) ?cpg) = (True, lift_ss ops ?sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1885	proof(induct rule: Cons(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1886	case 1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1887	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1888	by (metis Cons.prems length_map lift_wf_cpg_test)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1889	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1890	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1891	by (unfold Pair, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1892	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1893	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1894	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1895
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1896	lemma lifts_c2t:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1897	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1898	and "length env = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1899	shows "c2t (lift_es ops env) (lift_ts (red_lfs ops) cpg) = c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1900	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1901	proof(induct ops arbitrary:sts cpg sts' env)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1902	case (Cons sp ops sts cpg sts' env)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1903	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1904	proof(cases "sp")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1905	case (Pair env' t)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1906	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1907	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1908	let ?env = "(take t env @ env' @ drop t env)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1909	and ?cpg = "(lift_t t (length env') cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1910	have "c2t (lift_es ops ?env) (lift_ts (red_lfs ops) ?cpg) = c2t ?env ?cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1911	proof(rule Cons(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1912	from lift_wf_cpg_test[OF Cons(2), of t "map (\<lambda> x. Free) env'", simplified length_map]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1913	show "wf_cpg_test (take t sts @ map (\<lambda>x. Free) env' @ drop t sts)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1914	(lift_t t (length env') cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1915	(True, take t sts' @ map (\<lambda>x. Free) env' @ drop t sts')" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1916	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1917	show "length (take t env @ env' @ drop t env) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1918	length (take t sts @ map (\<lambda>x. Free) env' @ drop t sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1919	by (metis (full_types) Cons.prems(2) Pair assms(2) length_append
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1920	length_drop length_map length_take)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1921	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1922	also have "\<dots> = c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1923	by (metis Cons.prems(1) Cons.prems(2) lift_c2t)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1924	finally show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1925	by (unfold Pair, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1926	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1927	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1928	qed auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1929
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1930	lemma adjust_c2t:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1931	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1932	and "length env = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1933	shows "c2t (adjust_env sps lfs env) (adjust_cpg (length sts) sps (red_lfs lfs) cpg) = c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1934	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1935	let ?cpg = "(perms (length sts) sps cpg)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1936	and ?env = "(perm_ss sps env)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1937	have "c2t (lift_es lfs ?env)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1938	(lift_ts (red_lfs lfs) ?cpg) = c2t ?env ?cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1939	proof (rule lifts_c2t)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1940	from perms_wf_cpg_test[OF assms(1), of sps]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1941	show "wf_cpg_test (perm_ss sps sts) (perms (length sts) sps cpg) = (True, perm_ss sps sts')" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1942	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1943	show "length (perm_ss sps env) = length (perm_ss sps sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1944	by (metis assms(2) perm_ss_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1945	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1946	also have "\<dots> = c2t env cpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1947	proof(fold assms(2), rule perms_c2t)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1948	from assms(1) show " wf_cpg_test sts cpg = (True, sts')" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1949	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1950	from assms(2) show "length env = length sts" .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1951	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1952	finally show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1953	by (unfold adjust_env_def adjust_cpg_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1954	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1955
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1956	lemma adjust_wf_cpg_test:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1957	assumes "wf_cpg_test sts cpg = (True, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1958	shows "wf_cpg_test (adjust_sts sps lfs sts) (adjust_cpg (length sts) sps (red_lfs lfs) cpg) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1959	(True, adjust_sts sps lfs sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1960	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1961	have " wf_cpg_test (lift_ss lfs (perm_ss sps sts)) (lift_ts (red_lfs lfs) (perms (length sts) sps cpg)) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1962	(True, lift_ss lfs (perm_ss sps sts'))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1963	proof(rule lifts_wf_cpg_test)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1964	show " wf_cpg_test (perm_ss sps sts) (perms (length sts) sps cpg) = (True, perm_ss sps sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1965	by (rule perms_wf_cpg_test[OF assms])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1966	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1967	thus ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1968	by (unfold adjust_sts_def adjust_cpg_def, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1969	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1970
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1971	lemma sts_disj_test_correct:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1972	assumes "sts_disj_test sts1 sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1973	shows "sts_disj sts1 sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1974	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1975	proof(induct sts1 arbitrary:sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1976	case (Nil sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1977	note Nil_1 = Nil
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1978	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1979	proof(cases sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1980	case Nil
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1981	with Nil_1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1982	show ?thesis by (simp add:sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1983	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1984	case (Cons s2 ss2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1985	with Nil_1 show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1986	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1987	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1988	case (Cons s1 ss1 sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1989	note Cons_1 = Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1990	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1991	proof(cases "sts2")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1992	case Nil
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1993	with Cons_1 show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1994	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1995	case (Cons s2 ss2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1996	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1997	proof(cases "s1 = Bound \<and> s2 = Bound")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1998	case True
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1999	with Cons_1 Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2000	show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2001	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2002	case False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2003	with Cons_1 Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2004	have "sts_disj_test ss1 ss2" by (auto split:status.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2005	from Cons_1(1) [OF this] False
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2006	show ?thesis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2007	apply (unfold Cons)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2008	apply (unfold sts_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2009	by (smt False length_Suc_conv list.size(4) nth_Cons')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2010	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2011	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2012	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2013
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2014	lemma sts_minus_free:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2015	assumes "length sts1 = length sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2016	and "list_all (op = Free) sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2017	shows "sts1 - sts2 = sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2018	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2019	proof(induct sts1 arbitrary:sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2020	case (Nil sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2021	thus ?case by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2022	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2023	case (Cons s1 ss1 sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2024	note Cons_1 = Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2025	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2026	proof(cases sts2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2027	case Nil
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2028	with Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2029	show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2030	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2031	case (Cons s2 ss2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2032	have "ss1 - ss2 = ss1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2033	proof(rule Cons_1(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2034	show "length ss1 = length ss2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2035	by (metis Cons Cons_1(2) Suc_length_conv list.inject)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2036	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2037	show "list_all (op = Free) ss2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2038	by (metis Cons Cons_1(3) list_all_simps(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2039	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2040	moreover from Cons_1(3) Cons have "s2 = Free"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2041	by (metis (full_types) list_all_simps(1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2042	ultimately show ?thesis using Cons
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2043	apply simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2044	by (metis (hide_lams, mono_tags) minus_status.simps(2) minus_status.simps(3) status.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2045	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2046	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2047
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2048	lemma st_simp [simp]: "St (nat_of x) = x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2049	by (metis nat_of.simps tstate.exhaust)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2050
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2051	lemma wf_cpg_test_len:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2052	assumes "wf_cpg_test sts cpg = (b, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2053	shows "length sts' = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2054	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2055	proof(induct cpg arbitrary:sts sts' b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2056	case (CInstr instr sts sts' b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2057	then obtain a1 s1 a2 s2 where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2058	eq_instr: "instr = ((a1, St s1), (a2, St s2))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2059	by (metis st_simp surj_pair)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2060	with CInstr
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2061	show ?case by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2062	qed (auto split:prod.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2063
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2064	lemma wf_cpg_test_seq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2065	assumes "wf_cpg_test sts1 c1 = (True, sts1')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2066	and "wf_cpg_test sts2 c2 = (True, sts2')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2067	and "length sts1 = length sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2068	and "list_all (op = Free) sts1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2069	and "list_all (op = Free) sts2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2070	and "sts_disj_test sts1' sts2'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2071	shows "wf_cpg_test sts1 (CSeq c1 c2) = (True, sts1' + sts2')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2072	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2073	have "wf_cpg_test (sts1' + sts2) c2 = (True, sts1' + sts2')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2074	by (metis add_imp_eq assms(2) assms(5) assms(6) length_sts_plus
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2075	plus_list_len sts_disj_test_correct sts_minus_free wf_cpg_test_disj wf_cpg_test_extrapo wf_cpg_test_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2076	hence "wf_cpg_test sts1' c2 = (True, sts1' + sts2')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2077	by (metis all_free_plus assms(1) assms(3) assms(5) wf_cpg_test_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2078	with assms(1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2079	show ?thesis by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2080	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2081
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2082	lemma c2t_seq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2083	assumes "c2t env c1 = t1"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2084	and "c2t env c2 = t2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2085	shows "c2t env (CSeq c1 c2) = (t1; t2)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2086	using assms by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2087
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2088	lemma c2t_local:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2089	assumes "\<And>x. (c2t (x#xs) cpg = body x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2090	shows "c2t xs (CLocal cpg) = (TL x. body x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2091	using assms
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2092	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2093
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2094	lemma wf_cpg_test_local:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2095	assumes "wf_cpg_test (Free#sts) cpg = (b, s'#sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2096	shows "wf_cpg_test sts (CLocal cpg) = (b, sts')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2097	by (simp add:assms)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2098
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2099	lemma wf_c2t_combined:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2100	assumes "wf_cpg_test sts cpg = (True, sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2101	and "c2t env cpg = tpg"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2102	and "list_all (op = Free) sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2103	and "length env = length sts"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2104	shows "\<forall> i. \<exists> j s. ((i:[tpg]:j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2105	proof
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2106	fix i
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2107	from wf_cpg_test_correct[OF assms(1), rule_format, of i]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2108	obtain j where "c2p (sts - sts) i cpg j" by metis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2109	from this[unfolded c2p_def]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2110	obtain f where h: "\<forall>x. length x = length (sts - sts) \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2111	(\<forall>k<length (sts - sts). (sts - sts) ! k = Bound \<longrightarrow> x ! k = f i k) \<longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2112	Ex (i :[ c2t x cpg ]: j)" by metis
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2113	have "\<exists> s. (i :[ c2t env cpg ]: j) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2114	proof(rule h[rule_format], rule conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2115	show "length env = length (sts - sts)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2116	by (smt assms(4) minus_list_len)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2117	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2118	show "\<forall>k<length (sts - sts). (sts - sts) ! k = Bound \<longrightarrow> env ! k = f i k"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2119	by (metis assms(3) minus_status.simps(1) nth_sts_minus status.distinct(1) sts_minus_free)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2120	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2121	show "\<exists> j s. ((i:[tpg]:j) s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2122	by (metis `\<exists>s. (i :[ c2t env cpg ]: j) s` assms(2))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2123	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2124
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2125	subsection {* The Checker *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2126
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2127	ML {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2128	print_depth 200
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2129	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2130
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2131	subsubsection {* Auxilary functions *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2132
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2133	ML {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2134	local
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2135	fun clear_binds ctxt = (ctxt \|> Variable.binds_of \|> Vartab.keys \|> map (fn xi => (xi, NONE))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2136	\|> fold Variable.bind_term) ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2137	fun get_binds ctxt = ctxt \|> Variable.binds_of \|> Vartab.dest \|> map (fn (xi, (_, tm)) => (xi, SOME tm))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2138	fun set_binds blist ctxt = (fold Variable.bind_term blist) (clear_binds ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2139	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2140	fun blocalM f = liftM (m2M (fn ctxt => returnM (get_binds ctxt)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2141	:\|-- (fn binds =>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2142	f
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2143	:\|-- (fn result =>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2144	liftM (m2M (fn ctxt' => s2M (set_binds binds ctxt') \|-- returnM result
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2145	)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2146	)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2147	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2148
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2149	fun condM bf scan = (fn v => m0M (fn st => if (bf (v, st)) then scan v else returnM v))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2150
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2151	local
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2152	val counter = Unsynchronized.ref 0
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2153	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2154	fun init_counter n = (counter := n)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2155	fun counter_test x =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2156	if !counter <= 1 then true
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2157	else (counter := !counter - 1; false)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2158	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2159
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2160	(* break point monad *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2161	fun bpM v' = (fn v => m0M (fn st => raiseM (v', (v, st))))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2162
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2163	fun the_theory () = ML_Context.the_local_context () \|> Proof_Context.theory_of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2164	fun the_context () = ML_Context.the_local_context ()
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2165
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2166	(* Calculating the numberal of integer [i] *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2167	fun nat_of i = if i = 0 then @{term "0::nat"} else
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2168	(Const ("Num.numeral_class.numeral", @{typ "num \<Rightarrow> nat"}) $
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2169	(Numeral.mk_cnumeral i \|> term_of))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2170
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2171	fun vfixM nm typ = (m2M' (fn ctxt => let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2172	val ([x], ctxt') = Variable.variant_fixes [nm] ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2173	val tm_x = Free (x, typ)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2174	in s2M ctxt' \|-- returnM tm_x end))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2175	fun fixM nm typ = (m2M' (fn ctxt => let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2176	val ([x], ctxt') = Variable.add_fixes [nm] ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2177	val tm_x = Free (x, typ)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2178	in s2M ctxt' \|-- returnM tm_x end))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2179	local
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2180	fun mk_listM l =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2181	case l of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2182	[] => @{fterm "[]"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2183	\| (tm::tms) => localM (@{match "?x"} tm
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2184	\|-- (mk_listM tms)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2185	:\|-- @{match "?xs"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2186	\|-- @{fterm "?x#?xs"})
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2187	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2188	fun mk_list_term ctxt l = [((), ctxt)] \|> mk_listM l \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2189	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2190	fun term_name (Const (x, _)) = Long_Name.base_name x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2191	\| term_name (Free (x, _)) = x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2192	\| term_name (Var ((x, _), _)) = x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2193	\| term_name _ = Name.uu;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2194
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2195	val rew_conv = Raw_Simplifier.rewrite_cterm (true, false, false) (K (K NONE));
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2196
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2197	fun simpl_conv ss thl ctm =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2198	rew_conv (ss addsimps thl) ctm RS meta_eq_to_obj_eq;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2199
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2200	fun find_thms ctxt pats =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2201	Find_Theorems.find_theorems ctxt NONE NONE true
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2202	(map (fn pat =>(true, Find_Theorems.Pattern
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2203	(Proof_Context.read_term_pattern ctxt pat))) pats) \|> snd \|> map snd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2204
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2205
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2206	fun local_on arg rhs = [((), @{context})] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2207	@{match "?body"} (Term.lambda arg rhs) \|--
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2208	@{fterm "TL x. ?body x"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2209	fun find_idx vars l = (nat_of (find_index (equal l) vars))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2210
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2211	local
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2212	fun mk_pair_term (i, j) = [((), @{context})] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2213	@{match "?i"} (nat_of i)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2214	\|-- @{match "?j"} (nat_of j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2215	\|-- @{fterm "(?i, ?j)"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2216	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2217	fun mk_npair_list_term ctxt pair_list =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2218	if pair_list = [] then @{term "[]::(nat \<times> nat) list"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2219	else pair_list \|> map mk_pair_term \|> mk_list_term ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2220	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2221
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2222	fun list_of_array ary = let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2223	val len = Array.length ary
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2224	val idx = upto (0, len - 1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2225	in map (fn i => Array.sub (ary, i)) idx end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2226
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2227	local
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2228	fun mk_env_term ctxt lst =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2229	if lst = [] then @{term "[]::tstate list"} else (mk_list_term ctxt lst)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2230	fun mk_pair_term ctxt (i, j) = [((), ctxt)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2231	@{match "?i"} (mk_env_term ctxt i)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2232	\|-- @{match "?j"} (nat_of j)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2233	\|-- @{fterm "(?i, ?j)"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2234	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2235	fun mk_tpair_list_term ctxt pair_list =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2236	if pair_list = [] then @{term "[] :: (tstate list \<times> nat) list"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2237	else pair_list \|> map (mk_pair_term ctxt) \|> mk_list_term ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2238	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2239
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2240	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2241
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2242	subsubsection {* The reifier *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2243
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2244	ML {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2245	fun locM (c2t_thm, test_thm) = (m1M' (fn env =>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2246	let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2247	val Free (x, _) = hd env
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2248	val c2t_thm = Drule.generalize ([], [x]) c2t_thm
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2249	val c2t_thm = @{thm c2t_local} OF [c2t_thm]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2250	val test_thm = @{thm wf_cpg_test_local} OF [test_thm]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2251	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2252	s1M (tl env) \|-- returnM (c2t_thm, test_thm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2253	end))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2254
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2255	fun reify_local reify t =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2256	( @{match "TL x . ?body (x::tstate)"} t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2257	\|-- vfixM "x" @{typ "tstate"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2258	:\|-- @{match "?x"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2259	:\|-- (fn tmx => m1M' (fn env => s1M (tmx::env)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2260	\|-- @{fterm "?body ?x"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2261	:\|-- reify
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2262	:\|-- locM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2263	(* :\|-- condM counter_test (bpM ("local", t)) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2264	)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2265
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2266	fun labelM exp = m0M' (fn (env, ctxt) => let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2267	(* The following three lines are used for debugging purpose
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2268	(* (* The following two lines are used to set breakpoint counter
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2269	and invoke the reifyer in debug mode *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2270	val _ = init_counter 3
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2271	val t = reify tpg_def_rhs [(rev tpg_def_largs_sufx, ctxt_tpg_def)] \|> normExcp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2272	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2273	(* The following line is used to extract break point information and
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2274	establish the environment to execute body statements *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2275	val ((brc, exp), (_, (env, ctxt)::_)) = t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2276	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2277	val c2t_thm = [((), ctxt)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2278	@{match "?cpg"} exp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2279	\|-- @{match "?env"} (env \|> mk_list_term ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2280	\|-- @{fterm "c2t ?env ?cpg"} \|> normVal \|> fst \|> cterm_of (Proof_Context.theory_of ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2281	\|> simpl_conv (simpset_of ctxt) []
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2282	val test_thm = [((), ctxt)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2283	@{match "?cpg"} exp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2284	\|-- @{match "?sts"} (env \|> map (fn _ => @{term "Free"}) \|> mk_list_term ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2285	\|-- @{fterm "wf_cpg_test ?sts ?cpg"} \|> normVal \|> fst \|> cterm_of (Proof_Context.theory_of ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2286	\|> simpl_conv (simpset_of ctxt) []
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2287	in returnM (c2t_thm, test_thm) end)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2288
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2289	fun reify_label t =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2290	@{match "TLabel ?L"} t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2291	\|-- @{fterm "?L"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2292	:\|-- (fn l => m1M' (fn st => returnM (find_idx st l)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2293	:\|-- @{match ?L1}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2294	\|-- @{fterm "CLabel ?L1"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2295	(* :\|-- condM counter_test (bpM ("label", t)) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2296	:\|-- labelM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2297
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2298	fun seqM ((c2t_thm1, test_thm1), (c2t_thm2, test_thm2)) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2299	m0M' (fn (env, ctxt) =>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2300	let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2301	val simp_trans = (simpset_of ctxt) delsimps @{thms wf_cpg_test.simps c2t.simps} \|> full_simplify
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2302	val ct2_thm = (@{thm c2t_seq} OF [c2t_thm1, c2t_thm2]) \|> simp_trans
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2303	val test_thm = (@{thm wf_cpg_test_seq} OF [test_thm1, test_thm2]) \|> simp_trans
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2304	in returnM (ct2_thm, test_thm) end)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2305
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2306	fun reify_seq reify t =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2307	@{match "?c1; ?c2"} t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2308	\|-- ((@{fterm "?c1"} :\|-- reify) --
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2309	(@{fterm "?c2"} :\|-- reify))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2310	(* :\|-- condM counter_test (bpM ("seq", t)) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2311	:\|-- seqM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2312
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2313	fun reify_instr t =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2314	@{match "\<guillemotright> ((?A0, ?L0), (?A1, ?L1))"} t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2315	\|-- @{fterm "?L0"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2316	:\|-- (fn l => m1M' (fn st => returnM (find_idx st l)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2317	:\|-- @{match ?L0'}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2318	\|-- @{fterm "?L1"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2319	:\|-- (fn l => m1M' (fn st => returnM (find_idx st l)))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2320	:\|-- @{match ?L1'}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2321	\|-- @{fterm "CInstr ((?A0, ?L0'), (?A1, St ?L1'))"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2322	:\|-- labelM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2323	(* :\|-- condM counter_test (bpM ("instr", t)) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2324
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2325	fun reify_var var =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2326	(* condM counter_test (bpM ("var", var)) () \|-- *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2327	(m0M' (fn (env, ctxt) => let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2328	(* The following three lines are used for debugging purpose
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2329	(* (* The following two lines are used to set breakpoint counter
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2330	and invoke the reifyer in debug mode *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2331	val _ = init_counter 3
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2332	val t = reify tpg_def_rhs [(rev tpg_def_largs_sufx, ctxt_tpg_def)] \|> normExcp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2333	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2334	(* The following line is used to extract break point information and
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2335	establish the environment to execute body statements *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2336	val ((brc, var), (_, (env, ctxt)::_)) = t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2337	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2338	val (var_hd, var_args) = Term.strip_comb var
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2339	val (var_args_prefx, var_args_sufx) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2340	take_suffix (fn tm => type_of tm = @{typ "tstate"}) var_args
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2341	val var_skel_hd_typ = var_args_prefx \|> map type_of \|> (fn typs => typs ---> @{typ "cpg"})
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2342	(* We discriminate two cases, one for tpg constants; the other for argument variable *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2343	val ([var_skel_hd_name], ctxt1) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2344	case var_hd of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2345	(Const (nm, _)) => ([((nm \|> Long_Name.base_name)^"_skel")], ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2346	\| _ => Variable.variant_fixes [(term_name var_hd^"_skel_")] ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2347	(* If [var_hd] is a constant, a corresponding skeleton constant is assumed to exist alrady *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2348	val var_skel_hd = if (Term.is_Const var_hd) then Syntax.read_term ctxt1 var_skel_hd_name
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2349	else Free (var_skel_hd_name, var_skel_hd_typ)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2350	(* [skel_tm] is the skeleton object the properties of which will either be assumed (in case of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2351	argument variable), or proved (in case of global constants ) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2352	val skel_tm = Term.list_comb (var_skel_hd, var_args_prefx)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2353	(* Start to prove or assume [c2t] property (named [c2t_thm]) of the skeleton object,
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2354	since the [c2t] property needs to be universally qantified, we
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2355	need to invent quantifier names: *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2356	val (var_skel_args_sufx_names, ctxt2) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2357	Variable.variant_fixes (var_args_sufx \|> map term_name) ctxt1
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2358	val var_skel_args_sufx = var_skel_args_sufx_names \|> map (fn nm => Free (nm, @{typ "tstate"}))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2359	val c2t_rhs = Term.list_comb (var_hd, var_args_prefx@var_skel_args_sufx)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2360	val c2t_env = mk_list_term ctxt2 (var_skel_args_sufx \|> rev)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2361	val eqn = [((), ctxt2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2362	@{match ?env} c2t_env
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2363	\|-- @{match ?skel_tm} skel_tm
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2364	\|-- @{match ?c2t_rhs} c2t_rhs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2365	\|-- @{fterm "Trueprop (c2t ?env ?skel_tm = ?c2t_rhs)"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2366	fun all_on ctxt arg body = Const ("all", dummyT) $ (Term.lambda arg body) \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2367	Syntax.check_term ctxt
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2368	val c2t_eqn = fold (all_on ctxt2) (rev var_skel_args_sufx) eqn \|> cterm_of (Proof_Context.theory_of ctxt2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2369	val ([c2t_thm], ctxt3) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2370	if (Term.is_Const var_hd) then
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2371	(* if [var_hd] is an constant, try to prove [c2t_eqn] by searching
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2372	into the facts database *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2373	let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2374	val pat_skel_args = fold (curry (op ^)) (map (K " _ ") var_args_prefx) ""
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2375	val pat_skel_str = "( "^ var_skel_hd_name ^ pat_skel_args ^" )"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2376	val test_pat = ("wf_cpg_test _ "^ pat_skel_str ^" = (True, _)")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2377	val c2t_pat = ("c2t _ "^ pat_skel_str ^" = _")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2378	val (wf_test_thms, c2t_thms) = ([test_pat], [c2t_pat]) \|> pairself (find_thms ctxt2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2379	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2380	([([((0, @{thm "refl"}), ctxt2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2381	goalM (c2t_eqn \|> term_of)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2382	\|-- tacM (fn ctxt => (Simplifier.simp_tac ((simpset_of ctxt) addsimps c2t_thms) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2383	>> Goal.conclude \|> normVal \|> fst \|> Raw_Simplifier.norm_hhf)], ctxt2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2384	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2385	else (* Otherwise, make [c2t_eqn] an assumption *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2386	Assumption.add_assumes [c2t_eqn] ctxt2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2387	(* Start to prove or assume [wf_cpg_test] property (named [wf_test_thm]) of the skeleton object. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2388	val sts = map (fn tm => @{term "Free"}) var_args_sufx \|> mk_list_term ctxt3
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2389	val wf_test_eqn = [((), ctxt3)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2390	@{match ?cpg} skel_tm
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2391	\|-- @{match ?sts} sts
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2392	\|-- @{fterm "Trueprop (wf_cpg_test ?sts ?cpg = (True, ?sts))"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2393	\|> cterm_of (Proof_Context.theory_of ctxt3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2394	val ([wf_test_thm], ctxt4) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2395	if (Term.is_Const var_hd) then
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2396	let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2397	val pat_skel_args = fold (curry (op ^)) (map (K " _ ") var_args_prefx) ""
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2398	val pat_skel_str = "( "^ var_skel_hd_name ^ pat_skel_args ^ " )"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2399	val test_pat = ("wf_cpg_test _ "^ pat_skel_str ^" = (True, _)")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2400	val c2t_pat = ("c2t _ "^ pat_skel_str ^" = _")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2401	val wf_test_thms = [test_pat] \|> (find_thms ctxt2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2402	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2403	([([((0, @{thm "refl"}), ctxt2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2404	goalM (wf_test_eqn \|> term_of)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2405	\|-- tacM (fn ctxt => (Simplifier.simp_tac ((simpset_of ctxt) addsimps wf_test_thms) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2406	>> Goal.conclude \|> normVal \|> fst \|> Raw_Simplifier.norm_hhf)], ctxt3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2407	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2408	else Assumption.add_assumes [wf_test_eqn] ctxt3
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2409	(* Start the derivation of the length theorem *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2410	val length_env = mk_list_term ctxt4 (var_args_sufx \|> rev)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2411	val length_thm = [((0, @{thm "init"}), ctxt4)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2412	@{match "(?env)"} length_env
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2413	\|-- @{match "(?sts)"} sts
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2414	\|-- @{fterm "Trueprop (length (?env::tstate list) = length (?sts::status list))"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2415	:\|-- goalM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2416	\|-- tacM (fn ctxt => (Simplifier.simp_tac (simpset_of ctxt) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2417	>> Goal.conclude \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2418	(* Start compute two adjust operations, namely [sps] and [lfs] *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2419	val locs = var_args_sufx \|> map (fn arg => find_index (equal arg) env) \|> rev
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2420	val swaps = swaps_of locs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2421	val sps = swaps \|> mk_npair_list_term @{context}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2422	val locs' = sexec swaps (Array.fromList locs) \|> list_of_array
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2423	val pairs = ((~1::locs') ~~ (locs' @ [length env]))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2424	fun lfs_of (t, ops) [] = ops \|> rev
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2425	\| lfs_of (t, ops) ((i, j)::pairs) = let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2426	val stuf = upto (i + 1, j - 1) \|> map (fn idx => nth env idx)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2427	in if (stuf <> []) then lfs_of (t + length stuf + 1, (stuf, t)::ops) pairs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2428	else lfs_of (t + length stuf + 1, ops) pairs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2429	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2430	val lfs = lfs_of (0, []) pairs \|> mk_tpair_list_term @{context}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2431	(* [simp_trans] is the simplification procedure used to simply the theorem after
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2432	instantiation.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2433	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2434	val simp_trans = full_simplify ((simpset_of @{context}) addsimps @{thms adjust_sts_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2435	adjust_env_def perm_s_def perm_b_def map_idx_len
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2436	map_idx_def upto_map upto_empty} @ [c2t_thm])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2437	(* Instantiating adjust theorems *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2438	val adjust_c2t_thm = [((), ctxt4)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2439	@{match "?sps"} sps
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2440	\|-- @{match "?lfs"} lfs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2441	\|-- thm_instM (@{thm adjust_c2t} OF [wf_test_thm, length_thm])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2442	\|> normVal \|> fst \|> simp_trans
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2443	val adjust_test_thm = [((), ctxt4)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2444	@{match "?sps"} sps
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2445	\|-- @{match "?lfs"} lfs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2446	\|-- thm_instM (@{thm adjust_wf_cpg_test} OF [wf_test_thm])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2447	\|> normVal \|> fst \|> simp_trans
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2448	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2449	(* s2M ctxt4 \|-- *) returnM (adjust_c2t_thm, adjust_test_thm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2450	end))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2451
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2452	fun reify t =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2453	localM (reify_seq reify t \|\|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2454	reify_local reify t \|\|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2455	reify_label t \|\|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2456	reify_instr t \|\|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2457	reify_var t
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2458	)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2459	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2460
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2461	subsubsection {* The Checker packed up as the asmb attribute *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2462
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2463	ML {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2464	fun asmb_attrib def_thm =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2465	Context.cases (fn thy =>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2466	(* val thy = @{theory} *) let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2467	fun thy_exit ctxt =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2468	Context.Theory (Local_Theory.exit_global (Local_Theory.assert_bottom true ctxt))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2469	val ctxt0 = Named_Target.theory_init thy
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2470	val (((x, y), [tpg_def]), ctxt_tpg_def) = Variable.import true [def_thm] ctxt0
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2471	val (tpg_def_lhs, tpg_def_rhs) = [((), ctxt_tpg_def)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2472	@{match "Trueprop (?L = ?R)"} (prop_of tpg_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2473	\|-- @{fterm "?L"} -- @{fterm "?R"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2474	val (tpg_def_lhd, tpg_def_largs) = Term.strip_comb tpg_def_lhs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2475	val (tpg_def_largs_prefx, tpg_def_largs_sufx) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2476	take_suffix (fn tm => type_of tm = @{typ "tstate"}) tpg_def_largs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2477	(* Invoking the reifyer in normal mode *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2478	val ((c2t_thm_1, test_thm_1), ((_, ctxt_r)::y)) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2479	reify tpg_def_rhs [(rev tpg_def_largs_sufx, ctxt_tpg_def)]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2480	\|> normVal
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2481	val asmb_thm_1 = (@{thm wf_c2t_combined} OF [test_thm_1, c2t_thm_1]) \|> (full_simplify (simpset_of ctxt_r))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2482	val (r_cpg, r_tpg) = [((), ctxt_r)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2483	@{match "Trueprop (c2t _ ?X = ?tpg)"} (c2t_thm_1 \|> prop_of)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2484	\|-- (@{fterm "?X"} -- @{fterm "?tpg"}) \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2485	val tpg_def_params = Variable.add_fixed ctxt_tpg_def (tpg_def_lhs) [] \|> map fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2486	\|> sort (Variable.fixed_ord ctxt_tpg_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2487	val r_cpg_frees = Term.add_frees r_cpg []
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2488	local fun condense [] = []
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2489	\| condense xs = [hd xs]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2490	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2491	val skel_def_params =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2492	tpg_def_params \|> map (fn nm => condense
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2493	(filter (fn (tnm, _) => String.isPrefix nm tnm) r_cpg_frees))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2494	\|> flat \|> map Free
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2495	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2496	val skel_def_rhs = fold Term.lambda (skel_def_params \|> rev) r_cpg
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2497	local
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2498	val Const (nm, _) = tpg_def_lhs \|> Term.head_of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2499	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2500	val tpg_def_name = nm \|> Long_Name.base_name
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2501	val skel_def_lhs = Free (tpg_def_name^"_skel", type_of skel_def_rhs)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2502	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2503	val skel_def_eqn = [((), ctxt_r)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2504	@{match "?lhs"} skel_def_lhs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2505	\|-- @{match "?rhs"} skel_def_rhs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2506	\|-- @{fterm "Trueprop (?lhs = ?rhs)"} \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2507	val ((skel_def_lhs, (skel_def_name, skel_def_thm)), lthy2) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2508	Specification.definition (NONE, (Attrib.empty_binding, skel_def_eqn)) ctxt_r
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2509	val c2t_thm_final = [((0, @{thm refl}), lthy2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2510	@{match "?env"} (mk_list_term lthy2 (rev tpg_def_largs_sufx))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2511	\|-- @{match "?skel"} (Term.list_comb (skel_def_lhs, skel_def_params))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2512	val c2t_thm_final = [((0, @{thm refl}), lthy2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2513	@{match "?env"} (mk_list_term lthy2 (rev tpg_def_largs_sufx))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2514	\|-- @{match "?skel"} (Term.list_comb (skel_def_lhs, skel_def_params))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2515	\|-- @{match "?tpg"} tpg_def_lhs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2516	\|-- @{fterm "Trueprop (c2t ?env ?skel = ?tpg)"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2517	:\|-- goalM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2518	\|-- tacM (fn ctxt => (Simplifier.simp_tac ((simpset_of ctxt \|> Simplifier.clear_ss)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2519	addsimps [skel_def_thm, c2t_thm_1]) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2520	\|-- tacM (fn ctxt => (Simplifier.simp_tac ((simpset_of ctxt \|> Simplifier.clear_ss)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2521	addsimps [def_thm]) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2522	>> Goal.conclude \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2523	val test_thm_final = [((0, @{thm refl}), lthy2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2524	@{match "?sts"} (tpg_def_largs_sufx \|> map (fn _ => @{term "Free"}) \|> mk_list_term lthy2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2525	\|-- @{match "?skel"} (Term.list_comb (skel_def_lhs, skel_def_params))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2526	\|-- @{fterm "Trueprop (wf_cpg_test ?sts ?skel = (True, ?sts))"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2527	:\|-- goalM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2528	\|-- tacM (fn ctxt => (Simplifier.simp_tac ((simpset_of ctxt \|> Simplifier.clear_ss)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2529	addsimps [skel_def_thm, test_thm_1]) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2530	>> Goal.conclude \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2531	val asmb_thm_final = [((0, @{thm refl}), lthy2)] \|>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2532	@{match "?tpg"} tpg_def_lhs
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2533	\|-- @{fterm "Trueprop (\<forall> i. \<exists> j s. (i:[?tpg]:j) s)"}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2534	:\|-- goalM
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2535	\|-- tacM (fn ctxt => (Simplifier.simp_tac ((simpset_of ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2536	addsimps [tpg_def, asmb_thm_1]) 1))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2537	>> Goal.conclude \|> normVal \|> fst
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2538	fun generalize thm = let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2539	val hyps = (#hyps (thm \|> Thm.crep_thm))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2540	val thm' = if (length hyps = 0) then thm
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2541	else (fold Thm.implies_intr (#hyps (thm \|> Thm.crep_thm) \|> rev \|> tl \|> rev) thm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2542	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2543	thm' \|> Thm.forall_intr_frees
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2544	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2545	val lthy3 =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2546	Local_Theory.note ((Binding.name ("c2t_" ^ tpg_def_name ^ "_skel"), []),
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2547	[c2t_thm_final \|> generalize]) lthy2 \|> snd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2548	val lthy4 =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2549	Local_Theory.note ((Binding.name ("wf_" ^ tpg_def_name ^ "_skel"), []),
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2550	[test_thm_final \|> generalize]) lthy3 \|> snd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2551	val lthy5 =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2552	Local_Theory.note ((Binding.name ("asmb_" ^ tpg_def_name), []),
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2553	[asmb_thm_final \|> Drule.export_without_context]) lthy4 \|> snd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2554	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2555	thy_exit lthy5
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2556	end) (fn ctxt => Context.Proof ctxt)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2557	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2558
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2559	setup {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2560	Attrib.setup @{binding asmb} (Scan.succeed (Thm.declaration_attribute asmb_attrib)) "asmb attribute"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2561	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2562
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2563
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2564	section {* Basic macros for TM *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2565
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2566	definition [asmb]: "write_zero = (TL exit. \<guillemotright>((W0, exit), (W0, exit)); TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2567
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2568	definition [asmb]: "write_one = (TL exit. \<guillemotright>((W1, exit), (W1, exit)); TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2569
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2570	definition [asmb]: "move_left = (TL exit . \<guillemotright>((L, exit), (L, exit)); TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2571
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2572	definition [asmb]: "move_right = (TL exit . \<guillemotright>((R, exit), (R, exit)); TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2573
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2574	definition [asmb]: "if_one e = (TL exit . \<guillemotright>((W0, exit), (W1, e)); TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2575
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2576	definition [asmb]: "if_zero e = (TL exit . \<guillemotright>((W0, e), (W1, exit)); TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2577
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2578	definition [asmb]: "jmp e = \<guillemotright>((W0, e), (W1, e))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2579
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2580	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2581	"right_until_zero =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2582	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2583	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2584	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2585	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2586	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2587	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2588	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2589
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2590	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2591	"left_until_zero =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2592	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2593	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2594	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2595	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2596	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2597	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2598	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2599
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2600	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2601	"right_until_one =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2602	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2603	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2604	if_one exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2605	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2606	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2607	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2608	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2609
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2610	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2611	"left_until_one =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2612	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2613	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2614	if_one exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2615	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2616	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2617	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2618	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2619
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2620	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2621	"left_until_double_zero =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2622	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2623	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2624	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2625	left_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2626	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2627	if_one start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2628	TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2629
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2630	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2631	"shift_right =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2632	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2633	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2634	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2635	write_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2636	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2637	right_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2638	write_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2639	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2640	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2641	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2642	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2643
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2644	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2645	"clear_until_zero =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2646	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2647	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2648	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2649	write_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2650	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2651	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2652	TLabel exit)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2653
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2654	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2655	"shift_left =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2656	(TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2657	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2658	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2659	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2660	write_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2661	right_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2662	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2663	write_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2664	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2665	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2666	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2667	TLabel exit)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2668	"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2669
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2670	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2671	"bone c1 c2 = (TL exit l_one.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2672	if_one l_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2673	(c1;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2674	jmp exit);
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2675	TLabel l_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2676	c2;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2677	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2678	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2679
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2680	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2681	"cfill_until_one = (TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2682	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2683	if_one exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2684	write_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2685	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2686	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2687	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2688	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2689
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2690	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2691	"cmove = (TL start exit.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2692	TLabel start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2693	left_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2694	left_until_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2695	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2696	if_zero exit;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2697	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2698	write_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2699	right_until_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2700	right_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2701	write_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2702	jmp start;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2703	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2704	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2705
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2706	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2707	"cinit = (right_until_zero; move_right; write_one)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2708
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2709	definition [asmb]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2710	"copy = (cinit; cmove; move_right; move_right; right_until_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2711	move_left; move_left; cfill_until_one)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2712
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2713	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2714	"bzero c1 c2 = (TL exit l_zero.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2715	if_zero l_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2716	(c1;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2717	jmp exit);
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2718	TLabel l_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2719	c2;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2720	TLabel exit
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2721	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2722
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2723	definition "if_reps_nz e = (move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2724	bzero (move_left; jmp e) (move_left)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2725	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2726
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2727	declare if_reps_nz_def[unfolded bzero_def, asmb]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2728
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2729	definition "if_reps_z e = (move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2730	bone (move_left; jmp e) (move_left)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2731	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2732
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2733	declare if_reps_z_def [unfolded bone_def, asmb]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2734
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2735	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2736	"skip_or_set = bone (write_one; move_right; move_right)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2737	(right_until_zero; move_right)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2738
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2739	declare skip_or_set_def[unfolded bone_def, asmb]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2740
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2741	definition "tpg_fold tpgs = foldr TSeq (butlast tpgs) (last tpgs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2742
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2743	definition "cpg_fold cpgs = foldr CSeq (butlast cpgs) (last cpgs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2744
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2745	definition "skip_or_sets n = tpg_fold (replicate n skip_or_set)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2746
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2747	definition "skip_or_sets_skel n = cpg_fold (replicate n skip_or_set_skel)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2748
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2749	lemma c2t_skip_or_sets_skel:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2750	"c2t [] (skip_or_sets_skel (Suc n)) = skip_or_sets (Suc n)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2751	proof(induct n)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2752	case (Suc k)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2753	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2754	apply (unfold skip_or_sets_skel_def cpg_fold_def skip_or_sets_def tpg_fold_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2755	my_block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2756	fix x k
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2757	have "(last (replicate (Suc k) x)) = x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2758	by (metis Suc_neq_Zero last_replicate)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2759	my_block_end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2760	apply (unfold this)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2761	my_block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2762	fix x k
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2763	have "(butlast (replicate (Suc k) x)) = replicate k x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2764	by (metis butlast_snoc replicate_Suc replicate_append_same)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2765	my_block_end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2766	apply (unfold this)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2767	my_block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2768	fix x k f y
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2769	have "foldr f (replicate (Suc k) x) y = f x (foldr f (replicate k x) y)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2770	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2771	my_block_end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2772	apply (unfold this)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2773	by (simp add:c2t_skip_or_set_skel)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2774	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2775	case 0
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2776	show ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2777	by (simp add:skip_or_sets_skel_def cpg_fold_def skip_or_sets_def tpg_fold_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2778	c2t_skip_or_set_skel)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2779	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2780
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2781	lemma wf_skip_or_sets_skel:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2782	"wf_cpg_test [] (skip_or_sets_skel (Suc n)) = (True, [])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2783	proof(induct n)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2784	case (Suc k)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2785	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2786	apply (unfold skip_or_sets_skel_def cpg_fold_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2787	my_block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2788	fix x k
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2789	have "(last (replicate (Suc k) x)) = x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2790	by (metis Suc_neq_Zero last_replicate)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2791	my_block_end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2792	apply (unfold this)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2793	my_block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2794	fix x k
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2795	have "(butlast (replicate (Suc k) x)) = replicate k x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2796	by (metis butlast_snoc replicate_Suc replicate_append_same)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2797	my_block_end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2798	apply (unfold this)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2799	my_block
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2800	fix x k f y
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2801	have "foldr f (replicate (Suc k) x) y = f x (foldr f (replicate k x) y)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2802	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2803	my_block_end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2804	apply (unfold this)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2805	by (simp add:wf_skip_or_set_skel)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2806	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2807	case 0
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2808	thus ?case
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2809	apply (unfold skip_or_sets_skel_def cpg_fold_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2810	by (simp add:wf_skip_or_set_skel)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2811	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2812
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2813	lemma asmb_skip_or_sets:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2814	"\<forall>i. \<exists>j s. (i :[ skip_or_sets (Suc n) ]: j) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2815	by (rule wf_c2t_combined[OF wf_skip_or_sets_skel c2t_skip_or_sets_skel], auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2816
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2817	definition [asmb]: "locate n = (skip_or_sets (Suc n);
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2818	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2819	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2820	left_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2821	move_right
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2822	)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2823
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2824	definition [asmb]: "Inc a = locate a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2825	right_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2826	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2827	shift_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2828	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2829	left_until_double_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2830	write_one;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2831	left_until_double_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2832	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2833	move_right
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2834	"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2835
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2836	definition [asmb]: "Dec a e = (TL continue.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2837	(locate a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2838	if_reps_nz continue;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2839	left_until_double_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2840	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2841	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2842	jmp e);
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2843	(TLabel continue;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2844	right_until_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2845	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2846	write_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2847	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2848	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2849	shift_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2850	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2851	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2852	move_left;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2853	left_until_double_zero;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2854	move_right;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2855	move_right))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2856
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2857	end

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Sat, 13 Sep 2014 04:39:07 +0100
changeset 26	1cde7bf45858
parent 25	a5f5b9336007
permissions	-rw-r--r--