src/CCL/CCL.thy
author wenzelm
Sat Jun 14 23:52:51 2008 +0200 (2008-06-14)
changeset 27221 31328dc30196
parent 27208 5fe899199f85
child 27239 f2f42f9fa09d
permissions -rw-r--r--
proper context for tactics derived from res_inst_tac;
wenzelm@17456
     1
(*  Title:      CCL/CCL.thy
clasohm@0
     2
    ID:         $Id$
clasohm@1474
     3
    Author:     Martin Coen
clasohm@0
     4
    Copyright   1993  University of Cambridge
clasohm@0
     5
*)
clasohm@0
     6
wenzelm@17456
     7
header {* Classical Computational Logic for Untyped Lambda Calculus
wenzelm@17456
     8
  with reduction to weak head-normal form *}
clasohm@0
     9
wenzelm@17456
    10
theory CCL
wenzelm@17456
    11
imports Gfp
wenzelm@17456
    12
begin
clasohm@0
    13
wenzelm@17456
    14
text {*
wenzelm@17456
    15
  Based on FOL extended with set collection, a primitive higher-order
wenzelm@17456
    16
  logic.  HOL is too strong - descriptions prevent a type of programs
wenzelm@17456
    17
  being defined which contains only executable terms.
wenzelm@17456
    18
*}
clasohm@0
    19
wenzelm@17456
    20
classes prog < "term"
wenzelm@17456
    21
defaultsort prog
wenzelm@17456
    22
wenzelm@24825
    23
arities "fun" :: (prog, prog) prog
wenzelm@17456
    24
wenzelm@17456
    25
typedecl i
wenzelm@17456
    26
arities i :: prog
wenzelm@17456
    27
clasohm@0
    28
clasohm@0
    29
consts
clasohm@0
    30
  (*** Evaluation Judgement ***)
wenzelm@24825
    31
  Eval      ::       "[i,i]=>prop"          (infixl "--->" 20)
clasohm@0
    32
clasohm@0
    33
  (*** Bisimulations for pre-order and equality ***)
wenzelm@24825
    34
  po          ::       "['a,'a]=>o"           (infixl "[=" 50)
clasohm@0
    35
  SIM         ::       "[i,i,i set]=>o"
wenzelm@17456
    36
  POgen       ::       "i set => i set"
wenzelm@17456
    37
  EQgen       ::       "i set => i set"
wenzelm@17456
    38
  PO          ::       "i set"
wenzelm@17456
    39
  EQ          ::       "i set"
clasohm@0
    40
clasohm@0
    41
  (*** Term Formers ***)
wenzelm@17456
    42
  true        ::       "i"
wenzelm@17456
    43
  false       ::       "i"
clasohm@0
    44
  pair        ::       "[i,i]=>i"             ("(1<_,/_>)")
clasohm@0
    45
  lambda      ::       "(i=>i)=>i"            (binder "lam " 55)
wenzelm@17456
    46
  "case"      ::       "[i,i,i,[i,i]=>i,(i=>i)=>i]=>i"
wenzelm@24825
    47
  "apply"     ::       "[i,i]=>i"             (infixl "`" 56)
clasohm@0
    48
  bot         ::       "i"
wenzelm@17456
    49
  "fix"       ::       "(i=>i)=>i"
clasohm@0
    50
clasohm@0
    51
  (*** Defined Predicates ***)
wenzelm@17456
    52
  Trm         ::       "i => o"
wenzelm@17456
    53
  Dvg         ::       "i => o"
clasohm@0
    54
wenzelm@17456
    55
axioms
clasohm@0
    56
clasohm@0
    57
  (******* EVALUATION SEMANTICS *******)
clasohm@0
    58
clasohm@0
    59
  (**  This is the evaluation semantics from which the axioms below were derived.  **)
clasohm@0
    60
  (**  It is included here just as an evaluator for FUN and has no influence on    **)
clasohm@0
    61
  (**  inference in the theory CCL.                                                **)
clasohm@0
    62
wenzelm@17456
    63
  trueV:       "true ---> true"
wenzelm@17456
    64
  falseV:      "false ---> false"
wenzelm@17456
    65
  pairV:       "<a,b> ---> <a,b>"
wenzelm@17456
    66
  lamV:        "lam x. b(x) ---> lam x. b(x)"
wenzelm@17456
    67
  caseVtrue:   "[| t ---> true;  d ---> c |] ==> case(t,d,e,f,g) ---> c"
wenzelm@17456
    68
  caseVfalse:  "[| t ---> false;  e ---> c |] ==> case(t,d,e,f,g) ---> c"
wenzelm@17456
    69
  caseVpair:   "[| t ---> <a,b>;  f(a,b) ---> c |] ==> case(t,d,e,f,g) ---> c"
wenzelm@17456
    70
  caseVlam:    "[| t ---> lam x. b(x);  g(b) ---> c |] ==> case(t,d,e,f,g) ---> c"
clasohm@0
    71
clasohm@0
    72
  (*** Properties of evaluation: note that "t ---> c" impies that c is canonical ***)
clasohm@0
    73
wenzelm@17456
    74
  canonical:  "[| t ---> c; c==true ==> u--->v;
wenzelm@17456
    75
                          c==false ==> u--->v;
wenzelm@17456
    76
                    !!a b. c==<a,b> ==> u--->v;
wenzelm@17456
    77
                      !!f. c==lam x. f(x) ==> u--->v |] ==>
clasohm@1149
    78
             u--->v"
clasohm@0
    79
clasohm@0
    80
  (* Should be derivable - but probably a bitch! *)
wenzelm@17456
    81
  substitute: "[| a==a'; t(a)--->c(a) |] ==> t(a')--->c(a')"
clasohm@0
    82
clasohm@0
    83
  (************** LOGIC ***************)
clasohm@0
    84
clasohm@0
    85
  (*** Definitions used in the following rules ***)
clasohm@0
    86
wenzelm@17456
    87
  apply_def:     "f ` t == case(f,bot,bot,%x y. bot,%u. u(t))"
wenzelm@17456
    88
  bot_def:         "bot == (lam x. x`x)`(lam x. x`x)"
wenzelm@17456
    89
  fix_def:      "fix(f) == (lam x. f(x`x))`(lam x. f(x`x))"
clasohm@0
    90
clasohm@0
    91
  (*  The pre-order ([=) is defined as a simulation, and behavioural equivalence (=) *)
clasohm@0
    92
  (*  as a bisimulation.  They can both be expressed as (bi)simulations up to        *)
clasohm@0
    93
  (*  behavioural equivalence (ie the relations PO and EQ defined below).            *)
clasohm@0
    94
wenzelm@17456
    95
  SIM_def:
wenzelm@17456
    96
  "SIM(t,t',R) ==  (t=true & t'=true) | (t=false & t'=false) |
wenzelm@17456
    97
                  (EX a a' b b'. t=<a,b> & t'=<a',b'> & <a,a'> : R & <b,b'> : R) |
wenzelm@3837
    98
                  (EX f f'. t=lam x. f(x) & t'=lam x. f'(x) & (ALL x.<f(x),f'(x)> : R))"
clasohm@0
    99
wenzelm@17456
   100
  POgen_def:  "POgen(R) == {p. EX t t'. p=<t,t'> & (t = bot | SIM(t,t',R))}"
wenzelm@17456
   101
  EQgen_def:  "EQgen(R) == {p. EX t t'. p=<t,t'> & (t = bot & t' = bot | SIM(t,t',R))}"
clasohm@0
   102
wenzelm@17456
   103
  PO_def:    "PO == gfp(POgen)"
wenzelm@17456
   104
  EQ_def:    "EQ == gfp(EQgen)"
clasohm@0
   105
clasohm@0
   106
  (*** Rules ***)
clasohm@0
   107
clasohm@0
   108
  (** Partial Order **)
clasohm@0
   109
wenzelm@17456
   110
  po_refl:        "a [= a"
wenzelm@17456
   111
  po_trans:       "[| a [= b;  b [= c |] ==> a [= c"
wenzelm@17456
   112
  po_cong:        "a [= b ==> f(a) [= f(b)"
clasohm@0
   113
clasohm@0
   114
  (* Extend definition of [= to program fragments of higher type *)
wenzelm@17456
   115
  po_abstractn:   "(!!x. f(x) [= g(x)) ==> (%x. f(x)) [= (%x. g(x))"
clasohm@0
   116
clasohm@0
   117
  (** Equality - equivalence axioms inherited from FOL.thy   **)
clasohm@0
   118
  (**          - congruence of "=" is axiomatised implicitly **)
clasohm@0
   119
wenzelm@17456
   120
  eq_iff:         "t = t' <-> t [= t' & t' [= t"
clasohm@0
   121
clasohm@0
   122
  (** Properties of canonical values given by greatest fixed point definitions **)
wenzelm@17456
   123
wenzelm@17456
   124
  PO_iff:         "t [= t' <-> <t,t'> : PO"
wenzelm@17456
   125
  EQ_iff:         "t =  t' <-> <t,t'> : EQ"
clasohm@0
   126
clasohm@0
   127
  (** Behaviour of non-canonical terms (ie case) given by the following beta-rules **)
clasohm@0
   128
wenzelm@17456
   129
  caseBtrue:            "case(true,d,e,f,g) = d"
wenzelm@17456
   130
  caseBfalse:          "case(false,d,e,f,g) = e"
wenzelm@17456
   131
  caseBpair:           "case(<a,b>,d,e,f,g) = f(a,b)"
wenzelm@17456
   132
  caseBlam:       "case(lam x. b(x),d,e,f,g) = g(b)"
wenzelm@17456
   133
  caseBbot:              "case(bot,d,e,f,g) = bot"            (* strictness *)
clasohm@0
   134
clasohm@0
   135
  (** The theory is non-trivial **)
wenzelm@17456
   136
  distinctness:   "~ lam x. b(x) = bot"
clasohm@0
   137
clasohm@0
   138
  (*** Definitions of Termination and Divergence ***)
clasohm@0
   139
wenzelm@17456
   140
  Dvg_def:  "Dvg(t) == t = bot"
wenzelm@17456
   141
  Trm_def:  "Trm(t) == ~ Dvg(t)"
clasohm@0
   142
wenzelm@17456
   143
text {*
clasohm@0
   144
Would be interesting to build a similar theory for a typed programming language:
clasohm@0
   145
    ie.     true :: bool,      fix :: ('a=>'a)=>'a  etc......
clasohm@0
   146
clasohm@0
   147
This is starting to look like LCF.
wenzelm@17456
   148
What are the advantages of this approach?
wenzelm@17456
   149
        - less axiomatic
clasohm@0
   150
        - wfd induction / coinduction and fixed point induction available
wenzelm@17456
   151
*}
wenzelm@17456
   152
wenzelm@20140
   153
wenzelm@20140
   154
lemmas ccl_data_defs = apply_def fix_def
wenzelm@20140
   155
  and [simp] = po_refl
wenzelm@20140
   156
wenzelm@20140
   157
wenzelm@20140
   158
subsection {* Congruence Rules *}
wenzelm@20140
   159
wenzelm@20140
   160
(*similar to AP_THM in Gordon's HOL*)
wenzelm@20140
   161
lemma fun_cong: "(f::'a=>'b) = g ==> f(x)=g(x)"
wenzelm@20140
   162
  by simp
wenzelm@20140
   163
wenzelm@20140
   164
(*similar to AP_TERM in Gordon's HOL and FOL's subst_context*)
wenzelm@20140
   165
lemma arg_cong: "x=y ==> f(x)=f(y)"
wenzelm@20140
   166
  by simp
wenzelm@20140
   167
wenzelm@20140
   168
lemma abstractn: "(!!x. f(x) = g(x)) ==> f = g"
wenzelm@20140
   169
  apply (simp add: eq_iff)
wenzelm@20140
   170
  apply (blast intro: po_abstractn)
wenzelm@20140
   171
  done
wenzelm@20140
   172
wenzelm@20140
   173
lemmas caseBs = caseBtrue caseBfalse caseBpair caseBlam caseBbot
wenzelm@20140
   174
wenzelm@20140
   175
wenzelm@20140
   176
subsection {* Termination and Divergence *}
wenzelm@20140
   177
wenzelm@20140
   178
lemma Trm_iff: "Trm(t) <-> ~ t = bot"
wenzelm@20140
   179
  by (simp add: Trm_def Dvg_def)
wenzelm@20140
   180
wenzelm@20140
   181
lemma Dvg_iff: "Dvg(t) <-> t = bot"
wenzelm@20140
   182
  by (simp add: Trm_def Dvg_def)
wenzelm@20140
   183
wenzelm@20140
   184
wenzelm@20140
   185
subsection {* Constructors are injective *}
wenzelm@20140
   186
wenzelm@20140
   187
lemma eq_lemma: "[| x=a;  y=b;  x=y |] ==> a=b"
wenzelm@20140
   188
  by simp
wenzelm@20140
   189
wenzelm@20140
   190
ML {*
wenzelm@24825
   191
  fun mk_inj_rl thy rews s =
wenzelm@24825
   192
    let
wenzelm@24825
   193
      fun mk_inj_lemmas r = [@{thm arg_cong}] RL [r RS (r RS @{thm eq_lemma})]
wenzelm@24825
   194
      val inj_lemmas = List.concat (map mk_inj_lemmas rews)
wenzelm@24825
   195
      val tac = REPEAT (ares_tac [iffI, allI, conjI] 1 ORELSE
wenzelm@24825
   196
        eresolve_tac inj_lemmas 1 ORELSE
wenzelm@24825
   197
        asm_simp_tac (Simplifier.theory_context thy @{simpset} addsimps rews) 1)
wenzelm@24825
   198
    in prove_goal thy s (fn _ => [tac]) end  
wenzelm@20140
   199
*}
wenzelm@20140
   200
wenzelm@20140
   201
ML {*
wenzelm@20140
   202
  bind_thms ("ccl_injs",
wenzelm@24825
   203
    map (mk_inj_rl @{theory} @{thms caseBs})
wenzelm@20140
   204
      ["<a,b> = <a',b'> <-> (a=a' & b=b')",
wenzelm@20140
   205
       "(lam x. b(x) = lam x. b'(x)) <-> ((ALL z. b(z)=b'(z)))"])
wenzelm@20140
   206
*}
wenzelm@20140
   207
wenzelm@20140
   208
wenzelm@20140
   209
lemma pair_inject: "<a,b> = <a',b'> \<Longrightarrow> (a = a' \<Longrightarrow> b = b' \<Longrightarrow> R) \<Longrightarrow> R"
wenzelm@20140
   210
  by (simp add: ccl_injs)
wenzelm@20140
   211
wenzelm@20140
   212
wenzelm@20140
   213
subsection {* Constructors are distinct *}
wenzelm@20140
   214
wenzelm@20140
   215
lemma lem: "t=t' ==> case(t,b,c,d,e) = case(t',b,c,d,e)"
wenzelm@20140
   216
  by simp
wenzelm@20140
   217
wenzelm@20140
   218
ML {*
wenzelm@20140
   219
wenzelm@20140
   220
local
wenzelm@20140
   221
  fun pairs_of f x [] = []
wenzelm@20140
   222
    | pairs_of f x (y::ys) = (f x y) :: (f y x) :: (pairs_of f x ys)
wenzelm@20140
   223
wenzelm@20140
   224
  fun mk_combs ff [] = []
wenzelm@20140
   225
    | mk_combs ff (x::xs) = (pairs_of ff x xs) @ mk_combs ff xs
wenzelm@20140
   226
wenzelm@20140
   227
  (* Doesn't handle binder types correctly *)
wenzelm@20140
   228
  fun saturate thy sy name =
wenzelm@20140
   229
       let fun arg_str 0 a s = s
wenzelm@20140
   230
         | arg_str 1 a s = "(" ^ a ^ "a" ^ s ^ ")"
wenzelm@20140
   231
         | arg_str n a s = arg_str (n-1) a ("," ^ a ^ (chr((ord "a")+n-1)) ^ s)
wenzelm@20140
   232
           val T = Sign.the_const_type thy (Sign.intern_const thy sy);
wenzelm@20140
   233
           val arity = length (fst (strip_type T))
wenzelm@20140
   234
       in sy ^ (arg_str arity name "") end
wenzelm@20140
   235
wenzelm@20140
   236
  fun mk_thm_str thy a b = "~ " ^ (saturate thy a "a") ^ " = " ^ (saturate thy b "b")
wenzelm@20140
   237
wenzelm@20140
   238
  val lemma = thm "lem";
wenzelm@20140
   239
  val eq_lemma = thm "eq_lemma";
wenzelm@20140
   240
  val distinctness = thm "distinctness";
wenzelm@20140
   241
  fun mk_lemma (ra,rb) = [lemma] RL [ra RS (rb RS eq_lemma)] RL
wenzelm@20140
   242
                           [distinctness RS notE,sym RS (distinctness RS notE)]
wenzelm@20140
   243
in
wenzelm@20140
   244
  fun mk_lemmas rls = List.concat (map mk_lemma (mk_combs pair rls))
wenzelm@20140
   245
  fun mk_dstnct_rls thy xs = mk_combs (mk_thm_str thy) xs
wenzelm@20140
   246
end
wenzelm@20140
   247
wenzelm@20140
   248
*}
wenzelm@20140
   249
wenzelm@20140
   250
ML {*
wenzelm@20140
   251
wenzelm@20140
   252
val caseB_lemmas = mk_lemmas (thms "caseBs")
wenzelm@20140
   253
wenzelm@20140
   254
val ccl_dstncts =
wenzelm@20140
   255
        let fun mk_raw_dstnct_thm rls s =
wenzelm@20140
   256
                  prove_goal (the_context ()) s (fn _=> [rtac notI 1,eresolve_tac rls 1])
wenzelm@20140
   257
        in map (mk_raw_dstnct_thm caseB_lemmas)
wenzelm@20140
   258
                (mk_dstnct_rls (the_context ()) ["bot","true","false","pair","lambda"]) end
wenzelm@20140
   259
wenzelm@20140
   260
fun mk_dstnct_thms thy defs inj_rls xs =
wenzelm@20140
   261
          let fun mk_dstnct_thm rls s = prove_goalw thy defs s
wenzelm@20140
   262
                               (fn _ => [simp_tac (simpset_of thy addsimps (rls@inj_rls)) 1])
wenzelm@20140
   263
          in map (mk_dstnct_thm ccl_dstncts) (mk_dstnct_rls thy xs) end
wenzelm@20140
   264
wenzelm@20140
   265
fun mkall_dstnct_thms thy defs i_rls xss = List.concat (map (mk_dstnct_thms thy defs i_rls) xss)
wenzelm@20140
   266
wenzelm@20140
   267
(*** Rewriting and Proving ***)
wenzelm@20140
   268
wenzelm@20140
   269
fun XH_to_I rl = rl RS iffD2
wenzelm@20140
   270
fun XH_to_D rl = rl RS iffD1
wenzelm@20140
   271
val XH_to_E = make_elim o XH_to_D
wenzelm@20140
   272
val XH_to_Is = map XH_to_I
wenzelm@20140
   273
val XH_to_Ds = map XH_to_D
wenzelm@20140
   274
val XH_to_Es = map XH_to_E;
wenzelm@20140
   275
wenzelm@20140
   276
bind_thms ("ccl_rews", thms "caseBs" @ ccl_injs @ ccl_dstncts);
wenzelm@20140
   277
bind_thms ("ccl_dstnctsEs", ccl_dstncts RL [notE]);
wenzelm@20140
   278
bind_thms ("ccl_injDs", XH_to_Ds (thms "ccl_injs"));
wenzelm@20140
   279
*}
wenzelm@20140
   280
wenzelm@20140
   281
lemmas [simp] = ccl_rews
wenzelm@20140
   282
  and [elim!] = pair_inject ccl_dstnctsEs
wenzelm@20140
   283
  and [dest!] = ccl_injDs
wenzelm@20140
   284
wenzelm@20140
   285
wenzelm@20140
   286
subsection {* Facts from gfp Definition of @{text "[="} and @{text "="} *}
wenzelm@20140
   287
wenzelm@20140
   288
lemma XHlemma1: "[| A=B;  a:B <-> P |] ==> a:A <-> P"
wenzelm@20140
   289
  by simp
wenzelm@20140
   290
wenzelm@20140
   291
lemma XHlemma2: "(P(t,t') <-> Q) ==> (<t,t'> : {p. EX t t'. p=<t,t'> &  P(t,t')} <-> Q)"
wenzelm@20140
   292
  by blast
wenzelm@20140
   293
wenzelm@20140
   294
wenzelm@20140
   295
subsection {* Pre-Order *}
wenzelm@20140
   296
wenzelm@20140
   297
lemma POgen_mono: "mono(%X. POgen(X))"
wenzelm@20140
   298
  apply (unfold POgen_def SIM_def)
wenzelm@20140
   299
  apply (rule monoI)
wenzelm@20140
   300
  apply blast
wenzelm@20140
   301
  done
wenzelm@20140
   302
wenzelm@20140
   303
lemma POgenXH: 
wenzelm@20140
   304
  "<t,t'> : POgen(R) <-> t= bot | (t=true & t'=true)  | (t=false & t'=false) |  
wenzelm@20140
   305
           (EX a a' b b'. t=<a,b> &  t'=<a',b'>  & <a,a'> : R & <b,b'> : R) |  
wenzelm@20140
   306
           (EX f f'. t=lam x. f(x) &  t'=lam x. f'(x) & (ALL x. <f(x),f'(x)> : R))"
wenzelm@20140
   307
  apply (unfold POgen_def SIM_def)
wenzelm@20140
   308
  apply (rule iff_refl [THEN XHlemma2])
wenzelm@20140
   309
  done
wenzelm@20140
   310
wenzelm@20140
   311
lemma poXH: 
wenzelm@20140
   312
  "t [= t' <-> t=bot | (t=true & t'=true) | (t=false & t'=false) |  
wenzelm@20140
   313
                 (EX a a' b b'. t=<a,b> &  t'=<a',b'>  & a [= a' & b [= b') |  
wenzelm@20140
   314
                 (EX f f'. t=lam x. f(x) &  t'=lam x. f'(x) & (ALL x. f(x) [= f'(x)))"
wenzelm@20140
   315
  apply (simp add: PO_iff del: ex_simps)
wenzelm@20140
   316
  apply (rule POgen_mono
wenzelm@20140
   317
    [THEN PO_def [THEN def_gfp_Tarski], THEN XHlemma1, unfolded POgen_def SIM_def])
wenzelm@20140
   318
  apply (rule iff_refl [THEN XHlemma2])
wenzelm@20140
   319
  done
wenzelm@20140
   320
wenzelm@20140
   321
lemma po_bot: "bot [= b"
wenzelm@20140
   322
  apply (rule poXH [THEN iffD2])
wenzelm@20140
   323
  apply simp
wenzelm@20140
   324
  done
wenzelm@20140
   325
wenzelm@20140
   326
lemma bot_poleast: "a [= bot ==> a=bot"
wenzelm@20140
   327
  apply (drule poXH [THEN iffD1])
wenzelm@20140
   328
  apply simp
wenzelm@20140
   329
  done
wenzelm@20140
   330
wenzelm@20140
   331
lemma po_pair: "<a,b> [= <a',b'> <->  a [= a' & b [= b'"
wenzelm@20140
   332
  apply (rule poXH [THEN iff_trans])
wenzelm@20140
   333
  apply simp
wenzelm@20140
   334
  done
wenzelm@20140
   335
wenzelm@20140
   336
lemma po_lam: "lam x. f(x) [= lam x. f'(x) <-> (ALL x. f(x) [= f'(x))"
wenzelm@20140
   337
  apply (rule poXH [THEN iff_trans])
wenzelm@20140
   338
  apply fastsimp
wenzelm@20140
   339
  done
wenzelm@20140
   340
wenzelm@20140
   341
lemmas ccl_porews = po_bot po_pair po_lam
wenzelm@20140
   342
wenzelm@20140
   343
lemma case_pocong:
wenzelm@20140
   344
  assumes 1: "t [= t'"
wenzelm@20140
   345
    and 2: "a [= a'"
wenzelm@20140
   346
    and 3: "b [= b'"
wenzelm@20140
   347
    and 4: "!!x y. c(x,y) [= c'(x,y)"
wenzelm@20140
   348
    and 5: "!!u. d(u) [= d'(u)"
wenzelm@20140
   349
  shows "case(t,a,b,c,d) [= case(t',a',b',c',d')"
wenzelm@20140
   350
  apply (rule 1 [THEN po_cong, THEN po_trans])
wenzelm@20140
   351
  apply (rule 2 [THEN po_cong, THEN po_trans])
wenzelm@20140
   352
  apply (rule 3 [THEN po_cong, THEN po_trans])
wenzelm@20140
   353
  apply (rule 4 [THEN po_abstractn, THEN po_abstractn, THEN po_cong, THEN po_trans])
wenzelm@20140
   354
  apply (rule_tac f1 = "%d. case (t',a',b',c',d)" in
wenzelm@20140
   355
    5 [THEN po_abstractn, THEN po_cong, THEN po_trans])
wenzelm@20140
   356
  apply (rule po_refl)
wenzelm@20140
   357
  done
wenzelm@20140
   358
wenzelm@20140
   359
lemma apply_pocong: "[| f [= f';  a [= a' |] ==> f ` a [= f' ` a'"
wenzelm@20140
   360
  unfolding ccl_data_defs
wenzelm@20140
   361
  apply (rule case_pocong, (rule po_refl | assumption)+)
wenzelm@20140
   362
  apply (erule po_cong)
wenzelm@20140
   363
  done
wenzelm@20140
   364
wenzelm@20140
   365
lemma npo_lam_bot: "~ lam x. b(x) [= bot"
wenzelm@20140
   366
  apply (rule notI)
wenzelm@20140
   367
  apply (drule bot_poleast)
wenzelm@20140
   368
  apply (erule distinctness [THEN notE])
wenzelm@20140
   369
  done
wenzelm@20140
   370
wenzelm@20140
   371
lemma po_lemma: "[| x=a;  y=b;  x[=y |] ==> a[=b"
wenzelm@20140
   372
  by simp
wenzelm@20140
   373
wenzelm@20140
   374
lemma npo_pair_lam: "~ <a,b> [= lam x. f(x)"
wenzelm@20140
   375
  apply (rule notI)
wenzelm@20140
   376
  apply (rule npo_lam_bot [THEN notE])
wenzelm@20140
   377
  apply (erule case_pocong [THEN caseBlam [THEN caseBpair [THEN po_lemma]]])
wenzelm@20140
   378
  apply (rule po_refl npo_lam_bot)+
wenzelm@20140
   379
  done
wenzelm@20140
   380
wenzelm@20140
   381
lemma npo_lam_pair: "~ lam x. f(x) [= <a,b>"
wenzelm@20140
   382
  apply (rule notI)
wenzelm@20140
   383
  apply (rule npo_lam_bot [THEN notE])
wenzelm@20140
   384
  apply (erule case_pocong [THEN caseBpair [THEN caseBlam [THEN po_lemma]]])
wenzelm@20140
   385
  apply (rule po_refl npo_lam_bot)+
wenzelm@20140
   386
  done
wenzelm@20140
   387
wenzelm@20140
   388
ML {*
wenzelm@20140
   389
wenzelm@20140
   390
local
wenzelm@20140
   391
  fun mk_thm s = prove_goal (the_context ()) s (fn _ =>
wenzelm@20140
   392
                          [rtac notI 1,dtac (thm "case_pocong") 1,etac rev_mp 5,
wenzelm@26342
   393
                           ALLGOALS (simp_tac @{simpset}),
wenzelm@20140
   394
                           REPEAT (resolve_tac [thm "po_refl", thm "npo_lam_bot"] 1)])
wenzelm@20140
   395
in
wenzelm@20140
   396
wenzelm@20140
   397
val npo_rls = [thm "npo_pair_lam", thm "npo_lam_pair"] @ map mk_thm
wenzelm@20140
   398
            ["~ true [= false",          "~ false [= true",
wenzelm@20140
   399
             "~ true [= <a,b>",          "~ <a,b> [= true",
wenzelm@20140
   400
             "~ true [= lam x. f(x)","~ lam x. f(x) [= true",
wenzelm@20140
   401
            "~ false [= <a,b>",          "~ <a,b> [= false",
wenzelm@20140
   402
            "~ false [= lam x. f(x)","~ lam x. f(x) [= false"]
wenzelm@20140
   403
end;
wenzelm@20140
   404
wenzelm@20140
   405
bind_thms ("npo_rls", npo_rls);
wenzelm@20140
   406
*}
wenzelm@20140
   407
wenzelm@20140
   408
wenzelm@20140
   409
subsection {* Coinduction for @{text "[="} *}
wenzelm@20140
   410
wenzelm@20140
   411
lemma po_coinduct: "[|  <t,u> : R;  R <= POgen(R) |] ==> t [= u"
wenzelm@20140
   412
  apply (rule PO_def [THEN def_coinduct, THEN PO_iff [THEN iffD2]])
wenzelm@20140
   413
   apply assumption+
wenzelm@20140
   414
  done
wenzelm@20140
   415
wenzelm@20140
   416
ML {*
wenzelm@27208
   417
  fun po_coinduct_tac ctxt s i =
wenzelm@27208
   418
    RuleInsts.res_inst_tac ctxt [(("R", 0), s)] @{thm po_coinduct} i
wenzelm@20140
   419
*}
wenzelm@20140
   420
wenzelm@20140
   421
wenzelm@20140
   422
subsection {* Equality *}
wenzelm@20140
   423
wenzelm@20140
   424
lemma EQgen_mono: "mono(%X. EQgen(X))"
wenzelm@20140
   425
  apply (unfold EQgen_def SIM_def)
wenzelm@20140
   426
  apply (rule monoI)
wenzelm@20140
   427
  apply blast
wenzelm@20140
   428
  done
wenzelm@20140
   429
wenzelm@20140
   430
lemma EQgenXH: 
wenzelm@20140
   431
  "<t,t'> : EQgen(R) <-> (t=bot & t'=bot)  | (t=true & t'=true)  |  
wenzelm@20140
   432
                                             (t=false & t'=false) |  
wenzelm@20140
   433
                 (EX a a' b b'. t=<a,b> &  t'=<a',b'>  & <a,a'> : R & <b,b'> : R) |  
wenzelm@20140
   434
                 (EX f f'. t=lam x. f(x) &  t'=lam x. f'(x) & (ALL x.<f(x),f'(x)> : R))"
wenzelm@20140
   435
  apply (unfold EQgen_def SIM_def)
wenzelm@20140
   436
  apply (rule iff_refl [THEN XHlemma2])
wenzelm@20140
   437
  done
wenzelm@20140
   438
wenzelm@20140
   439
lemma eqXH: 
wenzelm@20140
   440
  "t=t' <-> (t=bot & t'=bot)  | (t=true & t'=true)  | (t=false & t'=false) |  
wenzelm@20140
   441
                     (EX a a' b b'. t=<a,b> &  t'=<a',b'>  & a=a' & b=b') |  
wenzelm@20140
   442
                     (EX f f'. t=lam x. f(x) &  t'=lam x. f'(x) & (ALL x. f(x)=f'(x)))"
wenzelm@20140
   443
  apply (subgoal_tac "<t,t'> : EQ <-> (t=bot & t'=bot) | (t=true & t'=true) | (t=false & t'=false) | (EX a a' b b'. t=<a,b> & t'=<a',b'> & <a,a'> : EQ & <b,b'> : EQ) | (EX f f'. t=lam x. f (x) & t'=lam x. f' (x) & (ALL x. <f (x) ,f' (x) > : EQ))")
wenzelm@20140
   444
  apply (erule rev_mp)
wenzelm@20140
   445
  apply (simp add: EQ_iff [THEN iff_sym])
wenzelm@20140
   446
  apply (rule EQgen_mono [THEN EQ_def [THEN def_gfp_Tarski], THEN XHlemma1,
wenzelm@20140
   447
    unfolded EQgen_def SIM_def])
wenzelm@20140
   448
  apply (rule iff_refl [THEN XHlemma2])
wenzelm@20140
   449
  done
wenzelm@20140
   450
wenzelm@20140
   451
lemma eq_coinduct: "[|  <t,u> : R;  R <= EQgen(R) |] ==> t = u"
wenzelm@20140
   452
  apply (rule EQ_def [THEN def_coinduct, THEN EQ_iff [THEN iffD2]])
wenzelm@20140
   453
   apply assumption+
wenzelm@20140
   454
  done
wenzelm@20140
   455
wenzelm@20140
   456
lemma eq_coinduct3:
wenzelm@20140
   457
  "[|  <t,u> : R;  R <= EQgen(lfp(%x. EQgen(x) Un R Un EQ)) |] ==> t = u"
wenzelm@20140
   458
  apply (rule EQ_def [THEN def_coinduct3, THEN EQ_iff [THEN iffD2]])
wenzelm@20140
   459
  apply (rule EQgen_mono | assumption)+
wenzelm@20140
   460
  done
wenzelm@20140
   461
wenzelm@20140
   462
ML {*
wenzelm@27208
   463
  fun eq_coinduct_tac ctxt s i =
wenzelm@27208
   464
    RuleInsts.res_inst_tac ctxt [(("R", 0), s)] @{thm eq_coinduct} i
wenzelm@27208
   465
wenzelm@27208
   466
  fun eq_coinduct3_tac ctxt s i =
wenzelm@27208
   467
    RuleInsts.res_inst_tac ctxt [(("R", 0), s)] @{thm eq_coinduct3} i
wenzelm@20140
   468
*}
wenzelm@20140
   469
wenzelm@20140
   470
wenzelm@20140
   471
subsection {* Untyped Case Analysis and Other Facts *}
wenzelm@20140
   472
wenzelm@20140
   473
lemma cond_eta: "(EX f. t=lam x. f(x)) ==> t = lam x.(t ` x)"
wenzelm@20140
   474
  by (auto simp: apply_def)
wenzelm@20140
   475
wenzelm@20140
   476
lemma exhaustion: "(t=bot) | (t=true) | (t=false) | (EX a b. t=<a,b>) | (EX f. t=lam x. f(x))"
wenzelm@20140
   477
  apply (cut_tac refl [THEN eqXH [THEN iffD1]])
wenzelm@20140
   478
  apply blast
wenzelm@20140
   479
  done
wenzelm@20140
   480
wenzelm@20140
   481
lemma term_case:
wenzelm@20140
   482
  "[| P(bot);  P(true);  P(false);  !!x y. P(<x,y>);  !!b. P(lam x. b(x)) |] ==> P(t)"
wenzelm@20140
   483
  using exhaustion [of t] by blast
wenzelm@17456
   484
wenzelm@17456
   485
end