diff --git a/c-refinement/Cogent_Corres.thy b/c-refinement/Cogent_Corres.thy index 73e4e35d7..f03f0bf0d 100644 --- a/c-refinement/Cogent_Corres.thy +++ b/c-refinement/Cogent_Corres.thy @@ -19,6 +19,8 @@ imports "../cogent/isa/AssocLookup" begin +declare singleton_def[simp] + locale update_sem_init = update_sem + constrains abs_typing :: "abstyp \ name \ type list \ sigil \ ptrtyp set \ ptrtyp set \ bool" and abs_repr :: "abstyp \ name \ repr list" @@ -592,6 +594,8 @@ shows "corres srel (Take (Var x) f e) (do z \ gets f'; e' z od) \ apply (insert split\) apply (erule uval_typing.cases; simp) apply (rename_tac \' \' fs' typ' r1' w1) + apply clarsimp + thm same_type_as_split_weakened_left apply (drule(2) same_type_as_split_weakened_left) apply clarsimp apply (insert x_unboxed[unfolded corres_def] typing_x) @@ -944,7 +948,8 @@ proof (clarsimp simp: corres_def in_monad snd_bind snd_modify snd_state_assert, have typing_var_elim_lems': "[] \ \3' \w (Cogent.empty (length \3'))[x := Some (TRecord typ' sgl)]" "x < length \3'" - using typing_put_elim_lems' by blast+ + using typing_put_elim_lems' singleton_def + by fastforce+ have ftag'_fty'_is: "ftag' = fst (typ!f)" diff --git a/c-refinement/TypeProofGen.thy b/c-refinement/TypeProofGen.thy index c0746bdd2..25f15d62e 100644 --- a/c-refinement/TypeProofGen.thy +++ b/c-refinement/TypeProofGen.thy @@ -125,7 +125,9 @@ fun cleanup_typing_tree_thm ctxt thm = t ) |> Simplifier.simplify (put_simpset cleanup_ss ctxt) - (* |> Simplifier.simplify ctxt *) (* Hopefully superflous. Didn't cause any changes when run on Bilby *) + |> Simplifier.simplify ctxt + (* TODO: CorresProof requires the goal to be in a certain shape; cleanup_ss does not + put the goals in that shape. Investigate and move the simp rules into cleanup_ss *) ) |> Thm.varifyT_global diff --git a/cogent/isa/Cogent.thy b/cogent/isa/Cogent.thy index d98bbc9fe..e7fa72240 100644 --- a/cogent/isa/Cogent.thy +++ b/cogent/isa/Cogent.thy @@ -533,8 +533,6 @@ definition empty :: "nat \ ctx" where definition singleton :: "nat \ index \ type \ ctx" where "singleton n i t \ (empty n)[i := Some t]" -declare singleton_def [simp] - definition instantiate_ctx :: "type substitution \ ctx \ ctx" where "instantiate_ctx \ \ \ map (map_option (instantiate \)) \" @@ -594,6 +592,9 @@ lemmas weakening_cons = List.list.rel_intros(2)[where R="weakening_comp K" for lemmas weakening_Cons = list_all2_Cons[where P="weakening_comp K" for K, simplified weakening_def[symmetric]] +lemmas weakening_Cons1 = list_all2_Cons1[where P="weakening_comp K" for K, simplified weakening_def[symmetric]] +lemmas weakening_Cons2 = list_all2_Cons2[where P="weakening_comp K" for K, simplified weakening_def[symmetric]] + lemmas weakening_conv_all_nth = list_all2_conv_all_nth[where P="weakening_comp K" for K, simplified weakening_def[symmetric]] @@ -1796,6 +1797,7 @@ lemma instantiate_ctx_singleton [simplified, simp]: shows "instantiate_ctx \ (singleton l i \) = singleton l i (instantiate \ \)" by (induct l arbitrary: i, simp_all add: instantiate_ctx_def empty_def + singleton_def split: nat.split) lemma instantiate_ctx_length [simp]: @@ -2090,7 +2092,7 @@ shows "\, K, \ \ e : t \ K \ and "\, K, \ \* es : ts \ K \* ts wellformed" proof (induct rule: typing_typing_all.inducts) case typing_var then show ?case - by (fastforce dest: weakening_nth elim: weakening_comp.cases simp add: kinding_defs empty_def) + by (fastforce dest: weakening_nth elim: weakening_comp.cases simp add: kinding_defs singleton_def empty_def) next case typing_afun then show ?case by (clarsimp simp add: kinding_defs instantiate_wellformed list_all2_kinding_wellformedD list_all2_lengthD) next case typing_fun then show ?case diff --git a/cogent/isa/CogentHelper.thy b/cogent/isa/CogentHelper.thy index c21f8f6ae..12d630f6f 100644 --- a/cogent/isa/CogentHelper.thy +++ b/cogent/isa/CogentHelper.thy @@ -15,6 +15,10 @@ theory CogentHelper keywords "ML_quiet" :: thy_decl % "ML" begin +(* This was in Cogent.thy, but it was removed to make some proofs nicer. Add it here in case + the automation depends on it *) +declare singleton_def[simp] + (* Rewrite rules to get expressions in the assumptions *) lemma typing_lit': "\ K \ \ consumed; t = lit_type l \ \ \, K, \ \ Lit l : TPrim t" diff --git a/cogent/isa/Correspondence.thy b/cogent/isa/Correspondence.thy index b3e471f76..a22a48160 100644 --- a/cogent/isa/Correspondence.thy +++ b/cogent/isa/Correspondence.thy @@ -128,6 +128,21 @@ and upd_val_rel_record :: "('f \ poly_type) ; upd.uval_repr_deep x = rp \ \ \, \ \* ((x,rp) # xs) \ (x' # xs') :r ((n, t, Taken) # ts) \r, w\" +lemmas upd_val_rel_record_simple_induct = + upd_val_rel_upd_val_rel_record.inducts(2)[where ?P1.0=\\_ _ _ _ _ _ _. True\, simplified, consumes 1] + +inductive_cases u_v_primE [elim] : "\, \ \ UPrim l \ VPrim l' : TPrim \ \r, w\" +inductive_cases u_v_functionE [elim] : "\, \ \ UFunction f ts \ VFunction f' ts' : TFun \ \ \r, w\" +inductive_cases u_v_afunE [elim] : "\, \ \ UAFunction f ts \ VAFunction f' ts' : TFun \ \ \r, w\" +inductive_cases u_v_sumE [elim] : "\, \ \ u \ v : TSum \s \r, w\" +inductive_cases u_v_productE [elim] : "\, \ \ UProduct a b \ VProduct a' b' : TProduct \ \ \r, w\" +inductive_cases u_v_recE [elim] : "\, \ \ URecord fs \ VRecord fs' : \ \r, w\" +inductive_cases u_v_p_recE [elim] : "\, \ \ UPtr p rp \ VRecord fs' : TRecord fs s \r, w\" +inductive_cases u_v_r_emptyE [elim] : "\, \ \* [] \ [] :r \s \r, w\" +inductive_cases u_v_r_consE [elim] : "\, \ \* (a # b) \ (a' # b') :r \s \r, w\" +inductive_cases u_v_r_consE' [elim] : "\, \ \* (a # b) \ xx :r \s \r, w\" + + lemma upd_val_rel_to_vval_typing: shows "\, \ \ u \ v : \ \r, w\ \ val.vval_typing \ v \" and "\, \ \* us \ vs :r \s \r, w\ \ val.vval_typing_record \ vs \s" @@ -164,20 +179,14 @@ next qed (auto intro!: upd.uval_typing_uval_typing_record.intros) +lemma upd_val_rel_record_length_same: + "\, \ \* us \ vs :r ts \r, w\ \ length us = length ts \ length vs = length ts" + by (induct rule: upd_val_rel_record_simple_induct) force+ + + lemma u_v_prim' : "\ = lit_type l \ l = l' \ \, \ \ UPrim l \ VPrim l' : TPrim \ \{}, {}\" by (simp add: u_v_prim) -inductive_cases u_v_primE [elim] : "\, \ \ UPrim l \ VPrim l' : TPrim \ \r, w\" -inductive_cases u_v_functionE [elim] : "\, \ \ UFunction f ts \ VFunction f' ts' : TFun \ \ \r, w\" -inductive_cases u_v_afunE [elim] : "\, \ \ UAFunction f ts \ VAFunction f' ts' : TFun \ \ \r, w\" -inductive_cases u_v_sumE [elim] : "\, \ \ u \ v : TSum \s \r, w\" -inductive_cases u_v_productE [elim] : "\, \ \ UProduct a b \ VProduct a' b' : TProduct \ \ \r, w\" -inductive_cases u_v_recE [elim] : "\, \ \ URecord fs \ VRecord fs' : \ \r, w\" -inductive_cases u_v_p_recE [elim] : "\, \ \ UPtr p rp \ VRecord fs' : TRecord fs s \r, w\" -inductive_cases u_v_r_emptyE [elim] : "\, \ \* [] \ [] :r \s \r, w\" -inductive_cases u_v_r_consE [elim] : "\, \ \* (a # b) \ (a' # b') :r \s \r, w\" -inductive_cases u_v_r_consE' [elim] : "\, \ \* (a # b) \ xx :r \s \r, w\" - lemma u_v_p_abs_ro': "\ s = Boxed ReadOnly ptrl ; abs_upd_val a a' n ts s r w ; [] \* ts wellformed @@ -252,6 +261,10 @@ inductive u_v_matches :: "('f \ poly_type) inductive_cases u_v_matches_consE: "\, \ \ \ \ \' matches (\ # \s) \ r , w \" +lemma u_v_matches_length_same: + "\, \ \ us \ vs matches \ \r, w\ \ length us = length \ \ length vs = length \" + by (induct rule: u_v_matches.inducts) force+ + lemma u_v_matches_to_matches: assumes "\, \ \ us \ vs matches \ \r, w\" shows "val.matches \ vs \" @@ -832,29 +845,29 @@ proof - from assms obtain env where "singleton (length \) i \ = env" by simp from I [simplified this] S assms(3-) this show ?thesis proof (induct arbitrary: i \ rule: u_v_matches.inducts ) - case u_v_matches_empty then moreover have "\ = []" by (simp add: empty_def) + case u_v_matches_empty then moreover have "\ = []" by (simp add: empty_def singleton_def) ultimately show ?case by simp next case (u_v_matches_none \ \ xs xs' \' r w x x' i \) show ?case proof (cases i) case 0 with u_v_matches_none show ?thesis by ( cases "length \" - , simp_all add: empty_def ) + , simp_all add: empty_def singleton_def) next case (Suc n) moreover with u_v_matches_none have "\' = (empty (length \ - 1))[n := Some \]" - by (cases "length \", simp_all add: empty_def) + by (cases "length \", simp_all add: empty_def singleton_def) moreover with u_v_matches_none have "length \ = Suc (length \')" - by (simp add: empty_def) + by (simp add: empty_def singleton_def) ultimately show ?thesis apply - apply (insert u_v_matches_none) - apply (auto). + apply (auto simp add: singleton_def). qed next case (u_v_matches_some) show ?case proof (cases i) case 0 with u_v_matches_some show ?thesis - apply (cases "length \", simp_all add: empty_def) + apply (cases "length \", simp_all add: empty_def singleton_def) apply (clarsimp dest!:u_v_matches_empty_env(2) [simplified empty_def]) apply (blast). next case (Suc n) with u_v_matches_some show ?thesis by ( cases "length \" - , simp_all add: empty_def ) + , simp_all add: empty_def singleton_def) qed qed qed @@ -1243,7 +1256,6 @@ lemma value_subtyping: and "\, \ \* vs \ vs' :r ts \r, w\ \ [] \ TRecord ts s \ TRecord ts' s \ \r'. r' \ r \ \, \ \* vs \ vs' :r ts' \r', w\" -(* TODO clean up and rewrite as Isar proof *) proof (induct arbitrary: t' and ts' s rule: upd_val_rel_upd_val_rel_record.inducts) case (u_v_product \ \ a a' t r w b b' u r' w') then show ?case @@ -1323,7 +1335,7 @@ next apply - apply (erule subtyping.cases; clarsimp) apply (rule_tac V="[] \ TRecord ts (Boxed ReadOnly ptrl) \ TRecord ts2 (Boxed ReadOnly ptrl)" in revcut_rl) - using u_v_p_rec_ro.prems apply blast + apply (fast intro!: subtyping.intros) apply (rule_tac V="\r'\r. \, \ \* fs \ fs' :r ts2 \r', {}\" in revcut_rl, blast) apply (erule exE) apply (erule conjE) @@ -1338,7 +1350,7 @@ next apply - apply (erule subtyping.cases; clarsimp) apply (rule_tac V="[] \ TRecord ts (Boxed Writable ptrl) \ TRecord ts2 (Boxed Writable ptrl)" in revcut_rl) - using u_v_p_rec_w.prems apply blast + apply (fast intro!: subtyping.intros) apply (rule_tac V="\r'\r. \, \ \* fs \ fs' :r ts2 \r', w\" in revcut_rl, blast) apply (erule exE) apply (erule conjE) @@ -1373,17 +1385,16 @@ next apply (elim exE) apply (elim conjE) apply (case_tac b; simp) - apply (rule_tac V="w = {}" in revcut_rl) - using u_v_discardable_not_writable(1) apply fastforce - apply (rule_tac x="r'aa" in exI) - apply (intro conjI, blast) - apply (intro upd_val_rel_upd_val_rel_record.intros) - apply simp - apply (metis kinding_to_wellformedD(1) record_state.distinct(1) snd_conv subtyping_wellformed_preservation(1)) - apply (simp add: subtyping_preserves_type_repr) - apply (metis subtyping_preserves_type_repr upd.type_repr_uval_repr(1) upd_val_rel_to_uval_typing(1)) - apply (metis subtyping_preserves_type_repr upd.type_repr_uval_repr_deep(1) upd_val_rel_to_uval_typing(1)) - + apply (subgoal_tac "w = {}") + apply (rule_tac x="r'aa" in exI) + apply (intro conjI, blast) + apply (intro upd_val_rel_upd_val_rel_record.intros) + apply simp + apply (metis kinding_to_wellformedD(1) record_state.distinct(1) snd_conv subtyping_wellformed_preservation(1)) + apply (simp add: subtyping_preserves_type_repr) + apply (metis subtyping_preserves_type_repr upd.type_repr_uval_repr(1) upd_val_rel_to_uval_typing(1)) + apply (metis subtyping_preserves_type_repr upd.type_repr_uval_repr_deep(1) upd_val_rel_to_uval_typing(1)) + apply (meson singletonI u_v_discardable_not_writable(1)) apply (rule_tac x="r'a \ r'aa" in exI) apply (intro conjI, blast) apply (intro upd_val_rel_upd_val_rel_record.intros; (simp add: subtyping_preserves_type_repr)?; blast?) @@ -1399,8 +1410,8 @@ next apply (rule_tac x="r'" in exI) apply (intro conjI, blast) apply (case_tac b; clarsimp) - using subtyping_wellformed_preservation(1) apply (fastforce + dest: subtyping_wellformed_preservation intro!: upd_val_rel_upd_val_rel_record.intros simp add: subtyping_preserves_type_repr) done @@ -2259,6 +2270,9 @@ and "\ \ , \ \* (\, es) \! (\,e)" "(\',v)" and "(\,es)" "(\', vs)" arbitrary: \ r w \ e v \ \' \' and \ r w \ es vs \s' \' \' rule: u_sem_u_sem_all.inducts) + case u_sem_var then show ?case + by (force dest: u_v_matches_length_same intro: v_sem_v_sem_all.intros) +next case u_sem_cast note IH = this(2) and rest = this(1,3-) @@ -2317,15 +2331,19 @@ next case (u_sem_abs_app _ _ _ _ _ f) apply (rule,erule(2) v_sem_abs_app) done next case u_sem_con then show ?case by (force intro!: v_sem_v_sem_all.intros) -next case u_sem_member +next case (u_sem_member \ \ \ e \' fs f) note IH = this(2) and rest = this(1,3-) from rest show ?case - apply (clarsimp elim!: typing_memberE) + apply - + apply (erule typing_memberE) apply (frule(3) IH, clarsimp) apply (frule(5) mono_correspondence, clarsimp) - apply (force elim: upd_val_rel.cases intro!: v_sem_v_sem_all.intros) - done + apply (force + intro!: v_sem_v_sem_all.intros + dest: upd_val_rel_record_length_same + elim: upd_val_rel.cases) + done next case u_sem_memb_b note IH = this(2) and rest = this(1,3-) @@ -2333,7 +2351,10 @@ next case u_sem_memb_b apply (clarsimp elim!: typing_memberE) apply (frule(3) IH, clarsimp) apply (frule(5) mono_correspondence, clarsimp) - apply (force elim: upd_val_rel.cases intro!: v_sem_v_sem_all.intros) + apply (force + intro!: v_sem_v_sem_all.intros + dest: upd_val_rel_record_length_same + elim: upd_val_rel.cases) done next case u_sem_esac note IH = this(2) @@ -2593,8 +2614,13 @@ next case u_sem_take apply (blast) apply (blast) apply (blast) - apply (force intro: v_sem_v_sem_all.intros) - done + apply (frule upd_val_rel_record_length_same; clarsimp) + apply (rule exI) + apply (rule v_sem_v_sem_all.intros) + apply blast + apply blast + apply argo + done next case u_sem_take_ub note IH1 = this(2) and IH2 = this(4) @@ -2647,7 +2673,12 @@ next case u_sem_take_ub apply (blast) apply (blast) apply (blast) - apply (force intro: v_sem_v_sem_all.intros) + apply (frule upd_val_rel_record_length_same; clarsimp) + apply (rule exI) + apply (rule v_sem_v_sem_all.intros) + apply blast + apply blast + apply argo done next case u_sem_put note IH1 = this(2) @@ -2661,7 +2692,12 @@ next case u_sem_put apply (drule(5) mono_correspondence [rotated -1], clarsimp) apply (frule(5) IH2 [OF _ _ u_v_matches_frame,rotated -1],force) apply (erule upd_val_rel.cases,simp_all) - apply (force intro: v_sem_v_sem_all.intros) + apply (frule upd_val_rel_record_length_same; clarsimp) + apply (rule exI) + apply (rule v_sem_v_sem_all.intros) + apply blast + apply blast + apply argo done next case u_sem_put_ub note IH1 = this(2) @@ -2675,7 +2711,12 @@ next case u_sem_put_ub apply (drule(5) mono_correspondence [rotated -1], clarsimp) apply (frule(5) IH2 [OF _ _ u_v_matches_frame,rotated -1],force) apply (erule upd_val_rel.cases,simp_all) - apply (force intro: v_sem_v_sem_all.intros) + apply (frule upd_val_rel_record_length_same; clarsimp) + apply (rule exI) + apply (rule v_sem_v_sem_all.intros) + apply blast + apply blast + apply argo done next case (u_sem_promote \ \ \ e t') diff --git a/cogent/isa/Subtyping.thy b/cogent/isa/Subtyping.thy index 243225f2e..08f1d78c0 100644 --- a/cogent/isa/Subtyping.thy +++ b/cogent/isa/Subtyping.thy @@ -1,5 +1,7 @@ theory Subtyping - imports Cogent + imports + Cogent + ValueSemantics begin text \ @@ -8,6 +10,8 @@ text \ the correct relation. \ +section \Subtyping As An Order and As A Lattice\ + inductive type_lub :: "kind env \ type \ type \ type \ bool" ("_ \ _ \ _ \ _" [60,0,0,60] 60) and type_glb :: "kind env \ type \ type \ type \ bool" ("_ \ _ \ _ \ _" [60,0,0,60] 60) where @@ -270,7 +274,8 @@ next "K \ TSum ts1 wellformed" "K \ TSum ts2 wellformed" using lub_tsum.hyps type_lub_type_glb_wellformed_produce_wellformed - by (metis (mono_tags, lifting) list_all3_conv_all_nth list_all_length type_wellformed.simps(6) type_wellformed_pretty_def)+ + by (metis (mono_tags, lifting) list_all3_conv_all_nth list_all_length + type_wellformed.simps(6) type_wellformed_pretty_def)+ have "K \ TSum ts1 :\ {D}" using lub_tsum proof (clarsimp simp: kinding_variant_conv_all_nth kinding_simps) @@ -531,4 +536,177 @@ theorem type_glb_type_lub_subtyping_equivalent: "K \ b \ a \ b \ K \ b \ a" using subtyping_to_type_lub type_lub_type_glb_to_subtyping subtyping_to_type_glb by blast+ +lemmas weakening_append1 = list_all2_append1[where P="weakening_comp K" for K, simplified weakening_def[symmetric]] +lemmas weakening_append2 = list_all2_append2[where P="weakening_comp K" for K, simplified weakening_def[symmetric]] + +lemma take_empty: + assumes \m < n\ + shows \take m (empty n) = empty m\ + unfolding empty_def + using assms by auto + +lemma drop_empty: + assumes \m < n\ + shows \drop m (empty n) = empty (n - m)\ + unfolding empty_def + using assms by auto + +lemma weaken_to_singleton_split: + assumes + \i < length \\ + shows + \(K \ \ \w (singleton (length \) i t)) + \ + (\\a \b. + \ = \a @ [\ ! i] @ \b \ + (K \ \a \w empty i) \ + weakening_comp K (\ ! i) (Some t) \ + (K \ \b \w empty (length \ - Suc i)))\ + using assms + apply (clarsimp simp add: + singleton_def upd_conv_take_nth_drop empty_length + weakening_append2 weakening_Cons2 min_absorb2 take_empty drop_empty) + apply safe + apply (metis Cogent.empty_def drop_replicate nth_append_length) + apply (metis (mono_tags, lifting) Cogent.empty_def drop_replicate empty_length length_Cons weakening_length) + done + +section \Subtyping and Value Semantics\ + +fun strip_promote :: \'f expr \ 'f expr\ where + \strip_promote (Var i) = (Var i)\ +| \strip_promote (AFun n ts) = (AFun n ts)\ +| \strip_promote (Fun e ts) = (Fun (strip_promote e) ts)\ +| \strip_promote (Prim p es) = (Prim p (map strip_promote es))\ +| \strip_promote (App ef ea) = (App (strip_promote ef) (strip_promote ea))\ +| \strip_promote (Con vs n e) = (Con vs n (strip_promote e))\ +| \strip_promote (Struct fs es) = (Struct fs (map strip_promote es))\ +| \strip_promote (Member e n) = (Member (strip_promote e) n)\ +| \strip_promote Unit = Unit\ +| \strip_promote (Lit l) = Lit l\ +| \strip_promote (SLit s) = SLit s\ +| \strip_promote (Cast m e) = (Cast m (strip_promote e))\ +| \strip_promote (Tuple ea eb) = (Tuple (strip_promote ea) (strip_promote eb))\ +| \strip_promote (Put er n ec) = (Put (strip_promote er) n (strip_promote ec))\ +| \strip_promote (Let ea ec) = (Let (strip_promote ea) (strip_promote ec))\ +| \strip_promote (LetBang is ea ec) = (LetBang is (strip_promote ea) (strip_promote ec))\ +| \strip_promote (Case ev n ecm ecnm) = (Case (strip_promote ev) n (strip_promote ecm) (strip_promote ecnm))\ +| \strip_promote (Esac ec n) = (Esac (strip_promote ec) n)\ +| \strip_promote (If ec et ef) = (If (strip_promote ec) (strip_promote et) (strip_promote ef))\ +| \strip_promote (Take er n ec) = (Take (strip_promote er) n (strip_promote ec))\ +| \strip_promote (Split et ec) = (Split (strip_promote et) (strip_promote ec))\ +| \strip_promote (Promote type e) = strip_promote e\ + + +fun strip_promote_val :: \('a, 'b) vval \ ('a, 'b) vval\ where + \strip_promote_val (VPrim l) = VPrim l\ +| \strip_promote_val (VProduct v1 v2) = VProduct (strip_promote_val v1) (strip_promote_val v2)\ +| \strip_promote_val (VSum n v) = VSum n (strip_promote_val v)\ +| \strip_promote_val (VRecord vs) = VRecord (map strip_promote_val vs)\ +| \strip_promote_val (VAbstract a) = (VAbstract a)\ +| \strip_promote_val (VFunction f ts) = VFunction (strip_promote f) ts\ +| \strip_promote_val (VAFunction n ts) = VAFunction n ts\ +| \strip_promote_val VUnit = VUnit\ + +lemma typing_promote_idem: + "\, K, \ \ e' : t \ e' = Promote t1 (Promote t2 e) \ \, K, \ \ Promote t1 e : t" + "\, K, \ \* es : ts \ True" + using subtyping_trans typing_promote + by (induct arbitrary: t1 t2 e rule: typing_typing_all.inducts) blast+ + +context value_sem +begin + +lemma strip_promote_val_eval_prim: + shows "strip_promote_val (eval_prim p vs) = eval_prim p (map strip_promote_val vs)" + unfolding eval_prim_def + apply clarsimp + apply (rule_tac f=\\f. eval_prim_op p (map f vs)\ in cong, simp) + apply (rule ext) + apply (rename_tac v) + apply (case_tac v; clarsimp) + done + +lemma specialise_strip_promote_eq_stip_promote_specialise: + shows "specialise ts (strip_promote e) = strip_promote (specialise ts e)" + by (induct e; clarsimp) + +lemma strip_promote_eval_same: + \\ , \ \ e \ v \ + (\f a r. \ f a r \ \ f (strip_promote_val a) (strip_promote_val r)) \ + \ , map strip_promote_val \ \ strip_promote e \ strip_promote_val v\ + \\ , \ \* es \ vs \ + (\f a r. \ f a r \ \ f (strip_promote_val a) (strip_promote_val r)) \ + \ , map strip_promote_val \ \* map strip_promote es \ map strip_promote_val vs\ +proof (induct rule: v_sem_v_sem_all.inducts) + case (v_sem_var i \ \) + then show ?case + by (simp add: v_sem_var_mapped_ctx) +next + case (v_sem_prim \ \ as as' p) + then show ?case + by (simp add: strip_promote_val_eval_prim v_sem_v_sem_all.v_sem_prim) +next + case (v_sem_app \ \ x e ts y a r) + then show ?case + by (fastforce + simp: specialise_strip_promote_eq_stip_promote_specialise + intro!:v_sem_v_sem_all.v_sem_app) +next + case (v_sem_member f fs \ \ e) + then show ?case + by (simp add: v_sem_member_mapped_fields) +next + case (v_sem_if \ \ x b t e r) + then show ?case + by (fastforce intro!:v_sem_v_sem_all.intros) +next + case (v_sem_put \ \ x fs e e' f) + then show ?case + by (simp add: map_update v_sem_v_sem_all.v_sem_put) +qed (simp_all add: v_sem_v_sem_all.intros) + +lemma val_eval_deterministic: + assumes "\f a r r'. \ f a r \ \ f a r' \ r = r'" + shows "\, \ \ e \ v \ \, \ \ e \ v' \ v' = v" + and "\, \ \* es \ vs \ \, \ \* es \ vs' \ vs' = vs" + using assms +proof (induct arbitrary: v' and vs' rule: v_sem_v_sem_all.inducts) + case (v_sem_cast \ \ e l \ l') + then show ?case by fastforce +next + case (v_sem_case_nm \ \ x t' v t n n' m) + then show ?case + by (blast elim!: v_sem_caseE) +qed blast+ + + +lemma coherence_of_subsumption: + assumes + \ \ , \ \ e \ v \ + \ \ , \ \ e' \ v' \ + \ strip_promote e' = strip_promote e \ + \ \f a r. \ f a r \ \ f (strip_promote_val a) (strip_promote_val r) \ + \ \f a r r'. \ f a r\ \ f a r' \ r = r' \ + shows \ strip_promote_val v = strip_promote_val v' \ + apply (insert assms) + apply (drule strip_promote_eval_same(1), simp) + apply (drule strip_promote_eval_same(1), simp) + by (rule val_eval_deterministic[where \ = \], simp_all) + +lemma coherence_of_subsumption_list: + assumes + \ \ , \ \* es \ vs \ + \ \ , \ \* es' \ vs' \ + \ map strip_promote es' = map strip_promote es \ + \ \f a r. \ f a r \ \ f (strip_promote_val a) (strip_promote_val r) \ + \ \f a r r'. \ f a r\ \ f a r' \ r = r' \ + shows \ map strip_promote_val vs = map strip_promote_val vs' \ + apply (insert assms) + apply (drule strip_promote_eval_same(2), simp) + apply (drule strip_promote_eval_same(2), simp) + by (rule val_eval_deterministic[where \ = \], simp_all) + +end + end \ No newline at end of file diff --git a/cogent/isa/TypeTrackingSemantics.thy b/cogent/isa/TypeTrackingSemantics.thy index 7ca30d00a..159938cea 100644 --- a/cogent/isa/TypeTrackingSemantics.thy +++ b/cogent/isa/TypeTrackingSemantics.thy @@ -608,8 +608,8 @@ next intro: u_sem_var[where \="x # xs" and i=0 for x xs, simplified] dest: u_tt_sem_pres_type_wellformed2 simp add: composite_anormal_expr_def empty_def weakening_def weakening_comp.simps - list_all2_same kinding_iff_wellformed) - apply (frule u_tt_sem_pres_preservation, (simp+)[3]) + singleton_def list_all2_same kinding_iff_wellformed) + apply (frule u_tt_sem_pres_preservation, (simp+)[3]) apply (force dest: u_tt_sem_pres_length intro: matches_ptrs_some matches_ptrs_replicate_None) done next diff --git a/cogent/isa/UpdateSemantics.thy b/cogent/isa/UpdateSemantics.thy index f9ba69cb1..3190fd8c6 100644 --- a/cogent/isa/UpdateSemantics.thy +++ b/cogent/isa/UpdateSemantics.thy @@ -970,29 +970,29 @@ proof - from assms obtain env where "singleton (length \) i \ = env" by simp from I [simplified this] S assms(3-) this show ?thesis proof (induct arbitrary: i \ rule: matches_ptrs.inducts ) - case matches_ptrs_empty then moreover have "\ = []" by (simp add: empty_def) + case matches_ptrs_empty then moreover have "\ = []" by (simp add: empty_def singleton_def) ultimately show ?case by simp next case (matches_ptrs_none \ \ xs \' r w x i \) show ?case proof (cases i) case 0 with matches_ptrs_none show ?thesis by ( cases "length \" - , simp_all add: empty_def ) + , simp_all add: empty_def singleton_def) next case (Suc n) moreover with matches_ptrs_none have "\' = (empty (length \ - 1))[n := Some \]" - by (cases "length \", simp_all add: empty_def) + by (cases "length \", simp_all add: empty_def singleton_def) moreover with matches_ptrs_none have "length \ = Suc (length \')" - by (simp add: empty_def) + by (simp add: empty_def singleton_def) ultimately show ?thesis apply - apply (insert matches_ptrs_none) - apply (auto). + apply (auto simp add: singleton_def) . qed next case (matches_ptrs_some) show ?case proof (cases i) case 0 with matches_ptrs_some show ?thesis - apply (cases "length \", simp_all add: empty_def) - apply (clarsimp dest!:matches_ptrs_empty_env(2) [simplified empty_def]) + apply (cases "length \", simp_all add: empty_def singleton_def) + apply (clarsimp dest!:matches_ptrs_empty_env(2)[simplified empty_def]) apply (blast). next case (Suc n) with matches_ptrs_some show ?thesis by ( cases "length \" - , simp_all add: empty_def ) + , simp_all add: empty_def singleton_def) qed qed qed diff --git a/cogent/isa/ValueSemantics.thy b/cogent/isa/ValueSemantics.thy index c3fa34b2a..58979a345 100644 --- a/cogent/isa/ValueSemantics.thy +++ b/cogent/isa/ValueSemantics.thy @@ -55,7 +55,7 @@ inductive v_sem :: "('f,'a) vabsfuns \ ('f, 'a) vval env \ ('f, 'a) vval list \ 'f expr list \ ('f, 'a) vval list \ bool" ("_ , _ \* _ \ _" [30,0,0,20] 60) where - v_sem_var : "\ , \ \ (Var i) \ (\ ! i)" + v_sem_var : "i < length \ \ \ , \ \ (Var i) \ (\ ! i)" | v_sem_lit : "\ , \ \ (Lit l) \ VPrim l" @@ -84,6 +84,7 @@ where \ \ \ , \ \ (Con _ t x) \ VSum t x'" | v_sem_member : "\ \ , \ \ e \ VRecord fs + ; f < length fs \ \ \ , \ \ Member e f \ fs ! f" | v_sem_unit : "\ , \ \ Unit \ VUnit" @@ -121,10 +122,12 @@ where | v_sem_take : "\ \ , \ \ x \ VRecord fs ; \ , (fs ! f # VRecord fs # \) \ e \ e' + ; f < length fs \ \ \ , \ \ Take x f e \ e'" | v_sem_put : "\ \ , \ \ x \ VRecord fs ; \ , \ \ e \ e' + ; f < length fs \ \ \ , \ \ Put x f e \ VRecord (fs [ f := e' ])" | v_sem_split : "\ \ , \ \ x \ VProduct a b @@ -141,11 +144,37 @@ where ; \ , \ \* xs \ vs \ \ \ , \ \* (x # xs) \ (v # vs)" -inductive_cases v_sem_varE [elim] : "\ , \ \ Var i \ v" -inductive_cases v_sem_funE [elim] : "\ , \ \ Fun f ts \ v" -inductive_cases v_sem_afunE [elim] : "\ , \ \ AFun f ts \ v" -inductive_cases v_sem_appE [elim] : "\ , \ \ App a b \ v" - +inductive_cases v_sem_varE [elim] : "\ , \ \ Var i \ v" +inductive_cases v_sem_litE [elim] : "\ , \ \ Lit l \ v" +inductive_cases v_sem_primE [elim] : "\ , \ \ Prim p as \ v" +inductive_cases v_sem_funE [elim] : "\ , \ \ Fun f ts \ v" +inductive_cases v_sem_afunE [elim] : "\ , \ \ AFun f ts \ v" +inductive_cases v_sem_appE [elim] : "\ , \ \ App a b \ v" +inductive_cases v_sem_castE [elim]: " \ , \ \ Cast \ e \ v" +inductive_cases v_sem_conE [elim]: " \ , \ \ Con l t x \ v" +inductive_cases v_sem_memberE [elim]: " \ , \ \ Member e f \ v" +inductive_cases v_sem_unitE [elim]: " \ , \ \ Unit \ v" +inductive_cases v_sem_tupleE [elim]: " \ , \ \ Tuple x y \ v" +inductive_cases v_sem_esacE [elim]: " \ , \ \ Esac t ts \ v" +inductive_cases v_sem_letE [elim]: " \ , \ \ Let a b \ v" +inductive_cases v_sem_letbangE[elim]: " \ , \ \ LetBang vs a b \ v" +inductive_cases v_sem_caseE [elim]: " \ , \ \ Case x t m n \ v" +inductive_cases v_sem_ifE [elim]: " \ , \ \ If x t e \ v" +inductive_cases v_sem_structE [elim]: " \ , \ \ Struct ts xs \ v" +inductive_cases v_sem_takeE [elim]: " \ , \ \ Take x f e \ v" +inductive_cases v_sem_putE [elim]: " \ , \ \ Put x f e \ v" +inductive_cases v_sem_splitE [elim]: " \ , \ \ Split x e \ v" +inductive_cases v_sem_promoteE[elim] : "\ , \ \ Promote t e \ v" +inductive_cases v_sem_emptyE [elim]: " \ , \ \* [] \ v" +inductive_cases v_sem_consE [elim]: " \ , \ \* x # xs \ v" + +lemma v_sem_var_mapped_ctx: + shows "i < length \ \ \' , map f \ \ Var i \ f (\ ! i)" + by (metis length_map nth_map v_sem_var) + +lemma v_sem_member_mapped_fields: + shows "f < length fs \ \ , \ \ e \ VRecord (map g fs) \ \ , \ \ Member e f \ g (fs ! f)" + by (metis length_map nth_map v_sem_member) locale value_sem = fixes abs_typing :: "'a \ name \ type list \ bool" @@ -812,7 +841,7 @@ using assms proof (induct "specialise \s e" v case v_sem_var then show ?case by ( case_tac e, simp_all , fastforce dest: matches_weakening intro: matches_proj - simp: empty_length empty_def) + simp: empty_length empty_def singleton_def) next case v_sem_lit then show ?case by ( case_tac e, simp_all , fastforce intro: vval_typing_vval_typing_record.intros) next case v_sem_prim then show ?case by ( case_tac e, simp_all @@ -960,7 +989,7 @@ next "spec_x = specialise \s x" "f' = f" "spec_y = specialise \s y" - using v_sem_take(5) Take by simp+ + using v_sem_take.hyps Take by simp+ obtain \1 \2 ts s n t k taken where typing_elims: @@ -1233,7 +1262,7 @@ then show ?case apply (rule v_sem_v_sem_all.v_sem_abs_app, erule(5) IH1 [OF _ _ _ matches_split'(1), simplified], erule(5) IH2 [OF _ _ _ matches_split'(2), simplified]) apply (simp add: monoprog_def) done -next case v_sem_var then show ?case by (simp, metis matches_length nth_map typing_varE v_sem_v_sem_all.v_sem_var) +next case v_sem_var then show ?case by (fastforce intro: v_sem_var_mapped_ctx) next case v_sem_lit then show ?case by (fastforce intro!: v_sem_v_sem_all.v_sem_lit) next case v_sem_fun then show ?case by (fastforce intro!: v_sem_v_sem_all.v_sem_fun) next case v_sem_afun then show ?case by (fastforce intro!: v_sem_v_sem_all.v_sem_afun) @@ -1297,11 +1326,7 @@ from rest show ?case elim: v_t_productE) done next case v_sem_member then show ?case - apply (clarsimp elim!: typing_memberE) - apply (subst member_nth_map - , (force dest:preservation [where \s = "[]" and K = "[]", simplified] elim!: v_t_recordE dest: vval_typing_record_length intro: v_sem_v_sem_all.intros)+ - ) -done + by (force intro: v_sem_member_mapped_fields elim!: typing_memberE) next case v_sem_prim note IH = this(2) and rest = this(1,3-)