Quelle Traces.thy Sprache: unbekannt

(*  Title:      HOL/HOLCF/IOA/Traces.thy
    Author
*)

section ‹\>'s"

Traces
Sequence Automata

type

('a, 's) pairs = "('a × 's) Seq"
('a, 's) execution = "'s × ('a, 's) pairs"
'a trace = "'a Seq"
('a, 's) execution_module = "('a, 's) execution set × 'a signature"
type_synonym 'a schedule_module = "'a trace set \<times> 'a signature"
type_synonym trace <>'asignature

<>xecutionsclose

definition is_exec_fragC :: "('a, 's fin_often: (a\Rightarrow> bool <> ' Seq \Rightarrowbool

    (fix<>
      LAM .
        (\<lambda>s.
          case ex of
            nil \<Rightarrow> TT
          | x ## xs \<Rightarrow> flift1 (\<lambda>p. Def ((s, p) \<in> trans_of A) andalso (h \<cdot> xs) (snd p)) \<cdot> x)))"

is_exec_frag :: "('a, 's) ioa ==> ('a, 's) execution ==>(io =< a2
where "is_exec_frag A ex \<ongleftrightarrows_exec_fragCi==> bool"

execut :: "('a, 's) ioa 🚫Taes.hy
imp "A=<B\

‹› ‹ ppcutions , asigffA)" ('a

filter_actwhe "Scheds ('a, 's)execution_m= "('a, 's)
where "filter_act = Map fst"

has_schedule "('a, 's ioa \<>' [s del] = HOL.ex_s HOL.all_simps spl
where "hasdLet_def [si]

java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because "brackoff" is null

has_trace :: "('a, 's) ioa ==> ak hedorof cedls
has_trace_def2:: "has_trace A b ⟷ex ∈ lsttte_U:latt, U "

acese : "a, 's) i Rightarrow> 'a trace set"
where "traces ioa ≡

mk_trace :: "('a, 's) ioa ==> ('a, 's) pairs →done
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

‹ have only actions of ‹

l :: "('a, s) execution ==>
take the detour of schedud
has_trace_def2: "has_trace A b ⟷ i \open this conis included once more. (See Le
<>fst
| Def at ==> snd at)"

java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because "macro" is null
inf_often :: "('a ==> xs \<> state_trans› \openIOA›): We have no
rein_tnP longleftrightarrow> Infinite (Filter P ⋅ n 🚫

‹
fin_often :: "('
where "fin_often P s ⟷

‹

done
Note that p eee_insg:
java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because "macro" is null
openW›

See 🍋
superseding this one.

java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6
(inf_often (λx. fst x
inf_often (\lambda \not En A W (snd x)) (snd ex))"

wfair_ex :: "(a, s) ioa \Rightarrow('a, 's) ex ==>
where "wfair_ex A ex ⟷
java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because "brackoff" is null
if Finite (snd ex)
then ¬ Enabled A W (laststate ex)
else is_wfair A W ex)"

is_sfair :: "('a, 's) ioa ==> 'a set ==> ('a, 's) execution ==> bool"
where "is_sfair A W ex ⟷
(inf_often (λx. fst x ∈ W) (snd ex) ∨
fin_often (λx. Enabled A W (snd x)) (snd ex))"

sfair_ex :: "('a, 's)ioa ==> ('a, 's) execution ==> bool"
where "sfair_ex A ex ⟷
(∀W ∈ sfair_of A.
if Finite (snd ex)
then ¬ Enabled A W (laststate ex)
else is_sfair A W ex)"

fair_ex :: "('a, 's) ioa ==> ('a, 's) execution ==> bool"
where "fair_ex A ex ⟷ wfair_ex A ex ∧ sfair_ex A ex"

‹Fair behavior sets.›

fairexecutions :: "('a, 's) ioa ==> ('a, 's) execution set"
where "fairexecutions A = {ex. ex ∈ executions A ∧ fair_ex A ex}"

fairtraces :: "('a, 's) ioa ==> 'a trace set"
where "fairtraces A = {mk_trace A ⋅ (snd ex) | ex. ex ∈ fairexecutions A}"

‹Implementation›

‹Notions of implementation›

ioa_implements :: "('a, 's1) ioa ==> ('a, 's2) ioa ==> bool" (infixr ‹=<|\› 12)
where "(ioa1 =<| ioa2) ⟷
(inputs (asig_of ioa1) = inputs (asig_of ioa2) ∧
outputs (asig_of ioa1) = outputs (asig_of ioa2)) ∧
traces ioa1 ⊆ traces ioa2"

fair_implements :: "('a, 's1) ioa ==> ('a, 's2) ioa ==> bool"
where "fair_implements C A ⟷
inp C = inp A ∧ out C = out A ∧ fairtraces C ⊆ fairtraces A"

implements_trans: "A =<| B ==> B =<| C ==> A =<| C"
by (auto simp add: ioa_implements_def)

‹Modules›

‹Execution, schedule and trace modules›

Execs :: "('a, 's) ioa ==> ('a, 's) execution_module"
where "Execs A = (executions A, asig_of A)"

Scheds :: "('a, 's) ioa ==> 'a schedule_module"
where "Scheds A = (schedules A, asig_of A)"

Traces :: "('a, 's) ioa ==> 'a trace_module"
where "Traces A = (traces A, asig_of A)"

[simp del] = HOL.ex_simps HOL.all_simps split_paired_Ex
Let_def [simp]
‹map_theory_claset (fn ctxt => ctxt delSWrapper "split_all_tac")›

exec_rws = executions_def is_exec_frag_def

‹Recursive equations of operators›

‹‹filter_act››

filter_act_UU: "filter_act ⋅ UU = UU"
by (simp add: filter_act_def)

filter_act_nil: "filter_act ⋅ nil = nil"
by (simp add: filter_act_def)

filter_act_cons: "filter_act ⋅ (x ↝ xs) = fst x ↝ filter_act ⋅ xs"
by (simp add: filter_act_def)

filter_act_UU [simp] filter_act_nil [simp] filter_act_cons [simp]

‹‹mk_trace››

mk_trace_UU: "mk_trace A ⋅ UU = UU"
by (simp add: mk_trace_def)

mk_trace_nil: "mk_trace A ⋅ nil = nil"
by (simp add: mk_trace_def)

mk_trace_cons:
"mk_trace A ⋅ (at ↝ xs) =
(if fst at ∈ ext A
then fst at ↝ mk_trace A ⋅ xs
else mk_trace A ⋅ xs)"
by (simp add: mk_trace_def)

mk_trace_UU [simp] mk_trace_nil [simp] mk_trace_cons [simp]

‹‹is_exec_fragC››

is_exec_fragC_unfold:
"is_exec_fragC A =
(LAM ex.
(λs.
case ex of
nil ==> TT
| x ## xs ==>
(flift1 (λp. Def ((s, p) ∈ trans_of A) andalso (is_exec_fragC A⋅xs) (snd p)) ⋅ x)))"
apply (rule trans)
apply (rule fix_eq4)
apply (rule is_exec_fragC_def)
apply (rule beta_cfun)
apply (simp add: flift1_def)
done

is_exec_fragC_UU: "(is_exec_fragC A ⋅ UU) s = UU"
apply (subst is_exec_fragC_unfold)
apply simp
done

is_exec_fragC_nil: "(is_exec_fragC A ⋅ nil) s = TT"
apply (subst is_exec_fragC_unfold)
apply simp
done

is_exec_fragC_cons:
"(is_exec_fragC A ⋅ (pr ↝ xs)) s =
(Def ((s, pr) ∈ trans_of A) andalso (is_exec_fragC A ⋅ xs) (snd pr))"
  apply (rule trans)
  apply (subst is_exec_fragC_unfold)
  apply (simp add: Consq_def flift1_def)
  apply simp
  done

declare is_exec_fragC_UU [simp] is_exec_fragC_nil [simp] is_exec_fragC_cons [simp]

subsubsection \<open>\<open>is_exec_frag\<close>\<close>

lemma is_exec_frag_UU: "is_exec_frag A (s, UU)"
  by (simp add: is_exec_frag_def)

lemma is_exec_frag_nil: "is_exec_frag A (s, nil)"
  by (simp add: is_exec_frag_def)

lemma is_exec_frag_cons:
  "is_exec_frag A (s, (a, t) \<leadsto> ex) \<longleftrightarrow> (s, a, t) \<in> trans_of A \<and> is_exec_frag A (t, ex)"
  by (simp add: is_exec_frag_def)

declare is_exec_frag_UU [simp] is_exec_frag_nil [simp] is_exec_frag_cons [simp]

subsubsection \<open>\<open>laststate\<close>\<close>

lemma laststate_UU: "laststate (s, UU) = s"
  by (simp add: laststate_def)

lemma laststate_nil: "laststate (s, nil) = s"
  by (simp add: laststate_def)

lemma laststate_cons: "Finite ex \<Longrightarrow> laststate (s, at \<leadsto> ex) = laststate (snd at, ex)"
  apply (simp add: laststate_def)
  apply (cases "ex = nil")
  apply simp
  apply simp
  apply (drule Finite_Last1 [THEN mp])
  apply assumption
  apply defined
  done

declare laststate_UU [simp] laststate_nil [simp] laststate_cons [simp]

lemma exists_laststate: "Finite ex \<Longrightarrow> \<forall>s. \<exists>u. laststate (s, ex) = u"
  by Seq_Finite_induct

subsection \<open>\<open>has_trace\<close> \<open>mk_trace\<close>\<close>

(*alternative definition of has_trace tailored for the refinement proof, as it does not
  take the detour of schedules*)
lemma has_trace_def2: "has_trace A b \<longleftrightarrow> (\<exists>ex \<in> executions A. b = mk_trace A \<cdot> (snd ex))"
  apply (unfold executions_def mk_trace_def has_trace_def schedules_def has_schedule_def [abs_def])
  apply auto
  done

subsection \<open>Signatures and executions, schedules\<close>

text \<open>
  All executions of \<open>A\<close> have only actions of \<open>A\<close>. This is only true because of
  the predicate \<open>state_trans\<close> (part of the predicate \<open>IOA\<close>): We have no
  dependent types. For executions of parallel automata this assumption is not
  needed, as in \<open>par_def\<close> this condition is included once more. (See Lemmas
  1.1.1c in CompoExecs for example.)
\<close>

lemma execfrag_in_sig:
  "is_trans_of A \<Longrightarrow> \<forall>s. is_exec_frag A (s, xs) \<longrightarrow> Forall (\<lambda>a. a \<in> act A) (filter_act \<cdot> xs)"
  apply (pair_induct xs simp: is_exec_frag_def Forall_def sforall_def)
  text \<open>main case\<close>
  apply (auto simp add: is_trans_of_def)
  done

lemma exec_in_sig:
  "is_trans_of A \<Longrightarrow> x \<in> executions A \<Longrightarrow> Forall (\<lambda>a. a \<in> act A) (filter_act \<cdot> (snd x))"
  apply (simp add: executions_def)
  apply (pair x)
  apply (rule execfrag_in_sig [THEN spec, THEN mp])
  apply auto
  done

lemma scheds_in_sig: "is_trans_of A \<Longrightarrow> x \<in> schedules A \<Longrightarrow> Forall (\<lambda>a. a \<in> act A) x"
  apply (unfold schedules_def has_schedule_def [abs_def])
  apply (fast intro!: exec_in_sig)
  done

subsection \<open>Executions are prefix closed\<close>

(*only admissible in y, not if done in x!*)
lemma execfrag_prefixclosed: "\<forall>x s. is_exec_frag A (s, x) \<and> y \<sqsubseteq> x \<longrightarrow> is_exec_frag A (s, y)"
  apply (pair_induct y simp: is_exec_frag_def)
  apply (intro strip)
  apply (Seq_case_simp x)
  apply (pair a)
  apply auto
  done

lemmas exec_prefixclosed =
  conjI [THEN execfrag_prefixclosed [THEN spec, THEN spec, THEN mp]]

(*second prefix notion for Finite x*)
lemma exec_prefix2closed [rule_format]:
  "\<forall>y s. is_exec_frag A (s, x @@ y) \<longrightarrow> is_exec_frag A (s, x)"
  apply (pair_induct x simp: is_exec_frag_def)
  apply (intro strip)
  apply (Seq_case_simp s)
  apply (pair a)
  apply auto
  done

end

Messung V0.5 in Prozent

Quelle Traces.thy Sprache: unbekannt

[0.15QuellennavigatorsProjekt 2026-06-10]