wneuper/isa: src/HOL/IMP/Compiler.thy@aa2b7b475a94 (annotated)

nipkow@10343	1	(* Title: HOL/IMP/Compiler.thy
nipkow@10343	2	ID: $Id$
nipkow@10343	3	Author: Tobias Nipkow, TUM
nipkow@10343	4	Copyright 1996 TUM
nipkow@10343	5
nipkow@10343	6	A simple compiler for a simplistic machine.
nipkow@10343	7	*)
nipkow@10343	8
nipkow@10342	9	theory Compiler = Natural:
nipkow@10342	10
nipkow@10342	11	datatype instr = ASIN loc aexp \| JMPF bexp nat \| JMPB nat
nipkow@10342	12
nipkow@10342	13	consts stepa1 :: "instr list => ((statenat) (state*nat))set"
nipkow@10342	14
nipkow@10342	15	syntax
nipkow@10342	16	"@stepa1" :: "[instr list,state,nat,state,nat] => bool"
nipkow@12275	17	("_ \<turnstile> <_,_>/ -1\<rightarrow> <_,_>" [50,0,0,0,0] 50)
nipkow@10342	18	"@stepa" :: "[instr list,state,nat,state,nat] => bool"
nipkow@12275	19	("_ \<turnstile>/ <_,_>/ -*\<rightarrow> <_,_>" [50,0,0,0,0] 50)
nipkow@10342	20
nipkow@12275	21	translations "P \<turnstile> <s,m> -1\<rightarrow> <t,n>" == "((s,m),t,n) : stepa1 P"
nipkow@12275	22	"P \<turnstile> <s,m> -\<rightarrow> <t,n>" == "((s,m),t,n) : ((stepa1 P)^)"
nipkow@10342	23
nipkow@10342	24
nipkow@10342	25	inductive "stepa1 P"
nipkow@10342	26	intros
nipkow@12275	27	ASIN[simp]:
nipkow@12275	28	"\<lbrakk> n<size P; P!n = ASIN x a \<rbrakk> \<Longrightarrow> P \<turnstile> <s,n> -1\<rightarrow> <s[x::= a s],Suc n>"
nipkow@12275	29	JMPFT[simp,intro]:
nipkow@12275	30	"\<lbrakk> n<size P; P!n = JMPF b i; b s \<rbrakk> \<Longrightarrow> P \<turnstile> <s,n> -1\<rightarrow> <s,Suc n>"
nipkow@12275	31	JMPFF[simp,intro]:
nipkow@12275	32	"\<lbrakk> n<size P; P!n = JMPF b i; ~b s; m=n+i \<rbrakk> \<Longrightarrow> P \<turnstile> <s,n> -1\<rightarrow> <s,m>"
nipkow@12275	33	JMPB[simp]:
nipkow@12275	34	"\<lbrakk> n<size P; P!n = JMPB i; i <= n; j = n-i \<rbrakk> \<Longrightarrow> P \<turnstile> <s,n> -1\<rightarrow> <s,j>"
nipkow@10342	35
nipkow@10342	36	consts compile :: "com => instr list"
nipkow@10342	37	primrec
nipkow@10342	38	"compile SKIP = []"
nipkow@10342	39	"compile (x:==a) = [ASIN x a]"
nipkow@10342	40	"compile (c1;c2) = compile c1 @ compile c2"
nipkow@10342	41	"compile (IF b THEN c1 ELSE c2) =
wenzelm@11704	42	[JMPF b (length(compile c1) + 2)] @ compile c1 @
nipkow@10342	43	[JMPF (%x. False) (length(compile c2)+1)] @ compile c2"
wenzelm@11704	44	"compile (WHILE b DO c) = [JMPF b (length(compile c) + 2)] @ compile c @
nipkow@10342	45	[JMPB (length(compile c)+1)]"
nipkow@10342	46
nipkow@10342	47	declare nth_append[simp];
nipkow@10342	48
nipkow@11275	49	(* Lemmas for lifting an execution into a prefix and suffix
nipkow@11275	50	of instructions; only needed for the first proof *)
nipkow@10342	51
nipkow@11275	52	lemma app_right_1:
nipkow@12275	53	"is1 \<turnstile> <s1,i1> -1\<rightarrow> <s2,i2> \<Longrightarrow> is1 @ is2 \<turnstile> <s1,i1> -1\<rightarrow> <s2,i2>"
nipkow@12275	54	(is "?P \<Longrightarrow> _")
nipkow@12275	55	proof -
nipkow@12275	56	assume ?P
nipkow@12275	57	then show ?thesis
nipkow@12275	58	by induct force+
nipkow@12275	59	qed
nipkow@12275	60
nipkow@11275	61	lemma app_left_1:
nipkow@12275	62	"is2 \<turnstile> <s1,i1> -1\<rightarrow> <s2,i2> \<Longrightarrow>
nipkow@12275	63	is1 @ is2 \<turnstile> <s1,size is1+i1> -1\<rightarrow> <s2,size is1+i2>"
nipkow@12275	64	(is "?P \<Longrightarrow> _")
nipkow@12275	65	proof -
nipkow@12275	66	assume ?P
nipkow@12275	67	then show ?thesis
nipkow@12275	68	by induct force+
nipkow@12275	69	qed
nipkow@12275	70
nipkow@12275	71	declare rtrancl_induct2 [induct set: rtrancl]
nipkow@11275	72
nipkow@11275	73	lemma app_right:
nipkow@12275	74	"is1 \<turnstile> <s1,i1> -\<rightarrow> <s2,i2> \<Longrightarrow> is1 @ is2 \<turnstile> <s1,i1> -\<rightarrow> <s2,i2>"
nipkow@12275	75	(is "?P \<Longrightarrow> _")
nipkow@12275	76	proof -
nipkow@12275	77	assume ?P
nipkow@12275	78	then show ?thesis
nipkow@12275	79	proof induct
nipkow@12275	80	show "is1 @ is2 \<turnstile> <s1,i1> -*\<rightarrow> <s1,i1>" by simp
nipkow@12275	81	next
nipkow@12275	82	fix s1' i1' s2 i2
nipkow@12275	83	assume "is1 @ is2 \<turnstile> <s1,i1> -*\<rightarrow> <s1',i1'>"
nipkow@12275	84	"is1 \<turnstile> <s1',i1'> -1\<rightarrow> <s2,i2>"
nipkow@12275	85	thus "is1 @ is2 \<turnstile> <s1,i1> -*\<rightarrow> <s2,i2>"
nipkow@12275	86	by(blast intro:app_right_1 rtrancl_trans)
nipkow@12275	87	qed
nipkow@12275	88	qed
nipkow@11275	89
nipkow@11275	90	lemma app_left:
nipkow@12275	91	"is2 \<turnstile> <s1,i1> -*\<rightarrow> <s2,i2> \<Longrightarrow>
nipkow@12275	92	is1 @ is2 \<turnstile> <s1,size is1+i1> -*\<rightarrow> <s2,size is1+i2>"
nipkow@12275	93	(is "?P \<Longrightarrow> _")
nipkow@12275	94	proof -
nipkow@12275	95	assume ?P
nipkow@12275	96	then show ?thesis
nipkow@12275	97	proof induct
nipkow@12275	98	show "is1 @ is2 \<turnstile> <s1,length is1 + i1> -*\<rightarrow> <s1,length is1 + i1>" by simp
nipkow@12275	99	next
nipkow@12275	100	fix s1' i1' s2 i2
nipkow@12275	101	assume "is1 @ is2 \<turnstile> <s1,length is1 + i1> -*\<rightarrow> <s1',length is1 + i1'>"
nipkow@12275	102	"is2 \<turnstile> <s1',i1'> -1\<rightarrow> <s2,i2>"
nipkow@12275	103	thus "is1 @ is2 \<turnstile> <s1,length is1 + i1> -*\<rightarrow> <s2,length is1 + i2>"
nipkow@12275	104	by(blast intro:app_left_1 rtrancl_trans)
nipkow@12275	105	qed
nipkow@12275	106	qed
nipkow@11275	107
nipkow@11275	108	lemma app_left2:
nipkow@12275	109	"\<lbrakk> is2 \<turnstile> <s1,i1> -*\<rightarrow> <s2,i2>; j1 = size is1+i1; j2 = size is1+i2 \<rbrakk> \<Longrightarrow>
nipkow@12275	110	is1 @ is2 \<turnstile> <s1,j1> -*\<rightarrow> <s2,j2>"
nipkow@11275	111	by (simp add:app_left)
nipkow@11275	112
nipkow@11275	113	lemma app1_left:
nipkow@12275	114	"is \<turnstile> <s1,i1> -*\<rightarrow> <s2,i2> \<Longrightarrow>
nipkow@12275	115	instr # is \<turnstile> <s1,Suc i1> -*\<rightarrow> <s2,Suc i2>"
nipkow@11275	116	by(erule app_left[of _ _ _ _ _ "[instr]",simplified])
nipkow@11275	117
nipkow@12275	118	declare rtrancl_into_rtrancl[trans]
nipkow@12275	119	rtrancl_into_rtrancl2[trans]
nipkow@12275	120	rtrancl_trans[trans]
nipkow@11275	121	(* The first proof; statement very intuitive,
nipkow@11275	122	but application of induction hypothesis requires the above lifting lemmas
nipkow@11275	123	*)
nipkow@12275	124	theorem "<c,s> -c-> t \<Longrightarrow> compile c \<turnstile> <s,0> -*\<rightarrow> <t,length(compile c)>"
nipkow@12275	125	(is "?P \<Longrightarrow> ?Q c s t")
nipkow@12275	126	proof -
nipkow@12275	127	assume ?P
nipkow@12275	128	then show ?thesis
nipkow@12275	129	proof induct
nipkow@12275	130	show "\<And>s. ?Q SKIP s s" by simp
nipkow@12275	131	next
nipkow@12275	132	show "\<And>a s x. ?Q (x :== a) s (s[x::= a s])" by force
nipkow@12275	133	next
nipkow@12275	134	fix c0 c1 s0 s1 s2
nipkow@12275	135	assume "?Q c0 s0 s1"
nipkow@12275	136	hence "compile c0 @ compile c1 \<turnstile> <s0,0> -*\<rightarrow> <s1,length(compile c0)>"
nipkow@12275	137	by(rule app_right)
nipkow@12275	138	moreover assume "?Q c1 s1 s2"
nipkow@12275	139	hence "compile c0 @ compile c1 \<turnstile> <s1,length(compile c0)> -*\<rightarrow>
nipkow@12275	140	<s2,length(compile c0)+length(compile c1)>"
nipkow@12275	141	proof -
nipkow@12275	142	note app_left[of _ 0]
nipkow@12275	143	thus
nipkow@12275	144	"\<And>is1 is2 s1 s2 i2.
nipkow@12275	145	is2 \<turnstile> <s1,0> -*\<rightarrow> <s2,i2> \<Longrightarrow>
nipkow@12275	146	is1 @ is2 \<turnstile> <s1,size is1> -*\<rightarrow> <s2,size is1+i2>"
nipkow@12275	147	by simp
nipkow@12275	148	qed
nipkow@12275	149	ultimately have "compile c0 @ compile c1 \<turnstile> <s0,0> -*\<rightarrow>
nipkow@12275	150	<s2,length(compile c0)+length(compile c1)>"
nipkow@12275	151	by (rule rtrancl_trans)
nipkow@12275	152	thus "?Q (c0; c1) s0 s2" by simp
nipkow@12275	153	next
nipkow@12275	154	fix b c0 c1 s0 s1
nipkow@12275	155	let ?comp = "compile(IF b THEN c0 ELSE c1)"
nipkow@12275	156	assume "b s0" and IH: "?Q c0 s0 s1"
nipkow@12275	157	hence "?comp \<turnstile> <s0,0> -1\<rightarrow> <s0,1>" by auto
nipkow@12275	158	also from IH
nipkow@12275	159	have "?comp \<turnstile> <s0,1> -*\<rightarrow> <s1,length(compile c0)+1>"
nipkow@12275	160	by(auto intro:app1_left app_right)
nipkow@12275	161	also have "?comp \<turnstile> <s1,length(compile c0)+1> -1\<rightarrow> <s1,length ?comp>"
nipkow@12275	162	by(auto)
nipkow@12275	163	finally show "?Q (IF b THEN c0 ELSE c1) s0 s1" .
nipkow@12275	164	next
nipkow@12275	165	fix b c0 c1 s0 s1
nipkow@12275	166	let ?comp = "compile(IF b THEN c0 ELSE c1)"
nipkow@12275	167	assume "\<not>b s0" and IH: "?Q c1 s0 s1"
nipkow@12275	168	hence "?comp \<turnstile> <s0,0> -1\<rightarrow> <s0,length(compile c0) + 2>" by auto
nipkow@12275	169	also from IH
nipkow@12275	170	have "?comp \<turnstile> <s0,length(compile c0)+2> -*\<rightarrow> <s1,length ?comp>"
nipkow@12275	171	by(force intro!:app_left2 app1_left)
nipkow@12275	172	finally show "?Q (IF b THEN c0 ELSE c1) s0 s1" .
nipkow@12275	173	next
nipkow@12275	174	fix b c and s::state
nipkow@12275	175	assume "\<not>b s"
nipkow@12275	176	thus "?Q (WHILE b DO c) s s" by force
nipkow@12275	177	next
nipkow@12275	178	fix b c and s0::state and s1 s2
nipkow@12275	179	let ?comp = "compile(WHILE b DO c)"
nipkow@12275	180	assume "b s0" and
nipkow@12275	181	IHc: "?Q c s0 s1" and IHw: "?Q (WHILE b DO c) s1 s2"
nipkow@12275	182	hence "?comp \<turnstile> <s0,0> -1\<rightarrow> <s0,1>" by auto
nipkow@12275	183	also from IHc
nipkow@12275	184	have "?comp \<turnstile> <s0,1> -*\<rightarrow> <s1,length(compile c)+1>"
nipkow@12275	185	by(auto intro:app1_left app_right)
nipkow@12275	186	also have "?comp \<turnstile> <s1,length(compile c)+1> -1\<rightarrow> <s1,0>" by simp
nipkow@12275	187	also note IHw
nipkow@12275	188	finally show "?Q (WHILE b DO c) s0 s2".
nipkow@12275	189	qed
nipkow@12275	190	qed
nipkow@11275	191
nipkow@11275	192	(* Second proof; statement is generalized to cater for prefixes and suffixes;
nipkow@11275	193	needs none of the lifting lemmas, but instantiations of pre/suffix.
nipkow@11275	194	*)
nipkow@10342	195	theorem "<c,s> -c-> t ==>
nipkow@12275	196	!a z. a@compile c@z \<turnstile> <s,length a> -*\<rightarrow> <t,length a + length(compile c)>";
nipkow@10342	197	apply(erule evalc.induct);
nipkow@10342	198	apply simp;
nipkow@10342	199	apply(force intro!: ASIN);
nipkow@10342	200	apply(intro strip);
nipkow@10342	201	apply(erule_tac x = a in allE);
nipkow@10342	202	apply(erule_tac x = "a@compile c0" in allE);
nipkow@10342	203	apply(erule_tac x = "compile c1@z" in allE);
nipkow@10342	204	apply(erule_tac x = z in allE);
nipkow@10342	205	apply(simp add:add_assoc[THEN sym]);
nipkow@10342	206	apply(blast intro:rtrancl_trans);
nipkow@10342	207	(* IF b THEN c0 ELSE c1; case b is true *)
nipkow@10342	208	apply(intro strip);
nipkow@10342	209	(* instantiate assumption sufficiently for later: *)
nipkow@10342	210	apply(erule_tac x = "a@[?I]" in allE);
nipkow@10342	211	apply(simp);
nipkow@10342	212	(* execute JMPF: *)
nipkow@10342	213	apply(rule rtrancl_into_rtrancl2);
nipkow@11275	214	apply(force intro!: JMPFT);
nipkow@10342	215	(* execute compile c0: *)
nipkow@10342	216	apply(rule rtrancl_trans);
nipkow@10342	217	apply(erule allE);
nipkow@10342	218	apply assumption;
nipkow@10342	219	(* execute JMPF: *)
nipkow@10342	220	apply(rule r_into_rtrancl);
nipkow@11275	221	apply(force intro!: JMPFF);
nipkow@10342	222	(* end of case b is true *)
nipkow@10342	223	apply(intro strip);
nipkow@10342	224	apply(erule_tac x = "a@[?I]@compile c0@[?J]" in allE);
nipkow@10342	225	apply(simp add:add_assoc);
nipkow@10342	226	apply(rule rtrancl_into_rtrancl2);
nipkow@11275	227	apply(force intro!: JMPFF);
nipkow@10342	228	apply(blast);
nipkow@10342	229	apply(force intro: JMPFF);
nipkow@10342	230	apply(intro strip);
nipkow@10342	231	apply(erule_tac x = "a@[?I]" in allE);
nipkow@10342	232	apply(erule_tac x = a in allE);
nipkow@10342	233	apply(simp);
nipkow@10342	234	apply(rule rtrancl_into_rtrancl2);
nipkow@11275	235	apply(force intro!: JMPFT);
nipkow@10342	236	apply(rule rtrancl_trans);
nipkow@10342	237	apply(erule allE);
nipkow@10342	238	apply assumption;
nipkow@10342	239	apply(rule rtrancl_into_rtrancl2);
nipkow@11275	240	apply(force intro!: JMPB);
nipkow@10342	241	apply(simp);
nipkow@10342	242	done
nipkow@10342	243
nipkow@10342	244	(* Missing: the other direction! *)
nipkow@10342	245
nipkow@10342	246	end

author	nipkow
	Fri, 23 Nov 2001 17:19:14 +0100
changeset 12275	aa2b7b475a94
parent 11704	3c50a2cd6f00
child 12429	15c13bdc94c8
permissions	-rw-r--r--