-
Notifications
You must be signed in to change notification settings - Fork 0
/
Chapter13_5.thy
116 lines (95 loc) · 2.66 KB
/
Chapter13_5.thy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
theory Chapter13_5
imports Main "HOL-Library.Lattice_Syntax"
begin
text \<open>
0:
A1: None
A2: None
A3: None
A4: None
A5: None
1:
A1: Odd
2:
A2: Odd
3:
A3: Odd
4:
A4: Even
5:
A2: Either
6:
A3: Either
A5: Either
7:
A4: Either
8:
No change
\<close>
text\<open>
\setcounter{exercise}{10}
\begin{exercise}
Take the Isabelle theories that define commands, big-step semantics,
annotated commands and the collecting semantics and extend them with a
nondeterministic choice construct. Start with Exercise~\ref{exe:IMP:OR}
and extend type @{text com}, then extend type @{text acom} with a
corresponding construct:
\begin{alltt}
Or "'a acom" "'a acom" 'a ("_ OR// _//{_}" [60, 61, 0] 60)
\end{alltt}
Finally extend function @{text Step}. Update proofs as well.
Hint: think of @{text OR} as a nondeterministic conditional without a test.
\end{exercise}
\exercise
Prove the following lemmas in a detailed and readable style:
\<close>
lemma fixes x0 :: "'a :: order"
assumes "\<And>x y. x \<le> y \<Longrightarrow> f x \<le> f y" and "f q \<le> q" and "x0 \<le> q"
shows "(f ^^ i) x0 \<le> q"
proof (induction i)
case 0
then show ?case by (auto simp add: assms(3))
next
case (Suc i)
have "(f ^^ Suc i) x0 = f ((f ^^ i) x0)" by auto
also have "\<dots> \<le> f q" by (auto intro!: assms(1) simp add: Suc)
also from assms(2) have "\<dots> \<le> q" .
finally show ?case .
qed
lemma fixes x0 :: "'a :: order"
assumes "\<And>x y. x \<le> y \<Longrightarrow> f x \<le> f y" and "x0 \<le> f x0"
shows "(f ^^ i) x0 \<le> (f ^^ (i+1)) x0"
proof (induction i)
case 0
then show ?case by (auto simp add: assms(2))
next
case (Suc i)
have "(f ^^ Suc i) x0 = f ((f ^^ i) x0)" by auto
also have "\<dots> \<le> f ((f ^^ (i + 1)) x0)" by (intro assms(1), rule Suc)
also have "\<dots> = (f ^^ (Suc i + 1)) x0" by auto
finally show ?case .
qed
text\<open>
\endexercise
\exercise% needs Lattice_Syntax
Let @{typ 'a} be a complete lattice and
let @{text "f :: 'a \<Rightarrow> 'a"} be a monotone function.
Give a readable proof that if @{text P} is a set of pre-fixpoints of @{text f}
then @{text"\<Sqinter>P"} is also a pre-fixpoint of @{text f}:
\<close>
lemma fixes P :: "'a::complete_lattice set"
assumes "mono f" and "\<forall>p \<in> P. f p \<le> p"
shows "f(\<Sqinter> P) \<le> \<Sqinter> P" (is "f ?m \<le> ?m")
proof (intro Inf_greatest)
fix p
assume Hp: "p \<in> P"
then have "?m \<le> p" by (rule Inf_lower)
with assms(1) have "f ?m \<le> f p" unfolding mono_def by simp
also from Hp assms(2) have "f p \<le> p" by simp
finally show "f ?m \<le> p" .
qed
text\<open>
Sledgehammer should give you a proof you can start from.
\endexercise
\<close>
end