merged
authorwenzelm
Tue Aug 13 17:45:22 2013 +0200 (2013-08-13)
changeset 530170f376701e83b
parent 53014 2b5580da3874
parent 53016 fa9c38891cf2
child 53018 11ebef554439
child 53020 afdabfeb5e94
merged
src/HOL/List.thy
src/HOL/Rat.thy
     1.1 --- a/NEWS	Tue Aug 13 16:53:23 2013 +0200
     1.2 +++ b/NEWS	Tue Aug 13 17:45:22 2013 +0200
     1.3 @@ -6,6 +6,17 @@
     1.4  
     1.5  *** General ***
     1.6  
     1.7 +* Simplified subscripts within identifiers, using plain \<^sub>
     1.8 +instead of the second copy \<^isub> and \<^isup>.  Superscripts are
     1.9 +only for literal tokens within notation; explicit mixfix annotations
    1.10 +for consts or fixed variables may be used as fall-back for unusual
    1.11 +names.  Obsolete \<twosuperior> has been expanded to \<^sup>2 in
    1.12 +Isabelle/HOL.  INCOMPATIBILITY, use "isabelle update_sub_sup" to
    1.13 +standardize symbols as a starting point for further manual cleanup.
    1.14 +The ML reference variable "legacy_isub_isup" may be set as temporary
    1.15 +workaround, to make the prover accept a subset of the old identifier
    1.16 +syntax.
    1.17 +
    1.18  * Uniform management of "quick_and_dirty" as system option (see also
    1.19  "isabelle options"), configuration option within the context (see also
    1.20  Config.get in Isabelle/ML), and attribute in Isabelle/Isar.  Minor
     2.1 --- a/src/Doc/Classes/Classes.thy	Tue Aug 13 16:53:23 2013 +0200
     2.2 +++ b/src/Doc/Classes/Classes.thy	Tue Aug 13 17:45:22 2013 +0200
     2.3 @@ -195,11 +195,11 @@
     2.4  begin
     2.5  
     2.6  definition %quote
     2.7 -  mult_prod_def: "p\<^isub>1 \<otimes> p\<^isub>2 = (fst p\<^isub>1 \<otimes> fst p\<^isub>2, snd p\<^isub>1 \<otimes> snd p\<^isub>2)"
     2.8 +  mult_prod_def: "p\<^sub>1 \<otimes> p\<^sub>2 = (fst p\<^sub>1 \<otimes> fst p\<^sub>2, snd p\<^sub>1 \<otimes> snd p\<^sub>2)"
     2.9  
    2.10  instance %quote proof
    2.11 -  fix p\<^isub>1 p\<^isub>2 p\<^isub>3 :: "\<alpha>\<Colon>semigroup \<times> \<beta>\<Colon>semigroup"
    2.12 -  show "p\<^isub>1 \<otimes> p\<^isub>2 \<otimes> p\<^isub>3 = p\<^isub>1 \<otimes> (p\<^isub>2 \<otimes> p\<^isub>3)"
    2.13 +  fix p\<^sub>1 p\<^sub>2 p\<^sub>3 :: "\<alpha>\<Colon>semigroup \<times> \<beta>\<Colon>semigroup"
    2.14 +  show "p\<^sub>1 \<otimes> p\<^sub>2 \<otimes> p\<^sub>3 = p\<^sub>1 \<otimes> (p\<^sub>2 \<otimes> p\<^sub>3)"
    2.15      unfolding mult_prod_def by (simp add: assoc)
    2.16  qed      
    2.17  
     3.1 --- a/src/Doc/Codegen/Foundations.thy	Tue Aug 13 16:53:23 2013 +0200
     3.2 +++ b/src/Doc/Codegen/Foundations.thy	Tue Aug 13 17:45:22 2013 +0200
     3.3 @@ -56,8 +56,8 @@
     3.4  
     3.5    \noindent Central to code generation is the notion of \emph{code
     3.6    equations}.  A code equation as a first approximation is a theorem
     3.7 -  of the form @{text "f t\<^isub>1 t\<^isub>2 \<dots> t\<^isub>n \<equiv> t"} (an equation headed by a
     3.8 -  constant @{text f} with arguments @{text "t\<^isub>1 t\<^isub>2 \<dots> t\<^isub>n"} and right
     3.9 +  of the form @{text "f t\<^sub>1 t\<^sub>2 \<dots> t\<^sub>n \<equiv> t"} (an equation headed by a
    3.10 +  constant @{text f} with arguments @{text "t\<^sub>1 t\<^sub>2 \<dots> t\<^sub>n"} and right
    3.11    hand side @{text t}).
    3.12  
    3.13    \begin{itemize}
     4.1 --- a/src/Doc/Codegen/Refinement.thy	Tue Aug 13 16:53:23 2013 +0200
     4.2 +++ b/src/Doc/Codegen/Refinement.thy	Tue Aug 13 17:45:22 2013 +0200
     4.3 @@ -116,8 +116,8 @@
     4.4    to be.
     4.5  
     4.6    The prerequisite for datatype constructors is only syntactical: a
     4.7 -  constructor must be of type @{text "\<tau> = \<dots> \<Rightarrow> \<kappa> \<alpha>\<^isub>1 \<dots> \<alpha>\<^isub>n"} where @{text
     4.8 -  "{\<alpha>\<^isub>1, \<dots>, \<alpha>\<^isub>n}"} is exactly the set of \emph{all} type variables in
     4.9 +  constructor must be of type @{text "\<tau> = \<dots> \<Rightarrow> \<kappa> \<alpha>\<^sub>1 \<dots> \<alpha>\<^sub>n"} where @{text
    4.10 +  "{\<alpha>\<^sub>1, \<dots>, \<alpha>\<^sub>n}"} is exactly the set of \emph{all} type variables in
    4.11    @{text "\<tau>"}; then @{text "\<kappa>"} is its corresponding datatype.  The
    4.12    HOL datatype package by default registers any new datatype with its
    4.13    constructors, but this may be changed using @{command_def
     5.1 --- a/src/Doc/IsarImplementation/Logic.thy	Tue Aug 13 16:53:23 2013 +0200
     5.2 +++ b/src/Doc/IsarImplementation/Logic.thy	Tue Aug 13 17:45:22 2013 +0200
     5.3 @@ -38,18 +38,18 @@
     5.4  
     5.5    \medskip A \emph{type class} is an abstract syntactic entity
     5.6    declared in the theory context.  The \emph{subclass relation} @{text
     5.7 -  "c\<^isub>1 \<subseteq> c\<^isub>2"} is specified by stating an acyclic
     5.8 +  "c\<^sub>1 \<subseteq> c\<^sub>2"} is specified by stating an acyclic
     5.9    generating relation; the transitive closure is maintained
    5.10    internally.  The resulting relation is an ordering: reflexive,
    5.11    transitive, and antisymmetric.
    5.12  
    5.13 -  A \emph{sort} is a list of type classes written as @{text "s = {c\<^isub>1,
    5.14 -  \<dots>, c\<^isub>m}"}, it represents symbolic intersection.  Notationally, the
    5.15 +  A \emph{sort} is a list of type classes written as @{text "s = {c\<^sub>1,
    5.16 +  \<dots>, c\<^sub>m}"}, it represents symbolic intersection.  Notationally, the
    5.17    curly braces are omitted for singleton intersections, i.e.\ any
    5.18    class @{text "c"} may be read as a sort @{text "{c}"}.  The ordering
    5.19    on type classes is extended to sorts according to the meaning of
    5.20 -  intersections: @{text "{c\<^isub>1, \<dots> c\<^isub>m} \<subseteq> {d\<^isub>1, \<dots>, d\<^isub>n}"} iff @{text
    5.21 -  "\<forall>j. \<exists>i. c\<^isub>i \<subseteq> d\<^isub>j"}.  The empty intersection @{text "{}"} refers to
    5.22 +  intersections: @{text "{c\<^sub>1, \<dots> c\<^sub>m} \<subseteq> {d\<^sub>1, \<dots>, d\<^sub>n}"} iff @{text
    5.23 +  "\<forall>j. \<exists>i. c\<^sub>i \<subseteq> d\<^sub>j"}.  The empty intersection @{text "{}"} refers to
    5.24    the universal sort, which is the largest element wrt.\ the sort
    5.25    order.  Thus @{text "{}"} represents the ``full sort'', not the
    5.26    empty one!  The intersection of all (finitely many) classes declared
    5.27 @@ -57,10 +57,10 @@
    5.28  
    5.29    \medskip A \emph{fixed type variable} is a pair of a basic name
    5.30    (starting with a @{text "'"} character) and a sort constraint, e.g.\
    5.31 -  @{text "('a, s)"} which is usually printed as @{text "\<alpha>\<^isub>s"}.
    5.32 +  @{text "('a, s)"} which is usually printed as @{text "\<alpha>\<^sub>s"}.
    5.33    A \emph{schematic type variable} is a pair of an indexname and a
    5.34    sort constraint, e.g.\ @{text "(('a, 0), s)"} which is usually
    5.35 -  printed as @{text "?\<alpha>\<^isub>s"}.
    5.36 +  printed as @{text "?\<alpha>\<^sub>s"}.
    5.37  
    5.38    Note that \emph{all} syntactic components contribute to the identity
    5.39    of type variables: basic name, index, and sort constraint.  The core
    5.40 @@ -70,7 +70,7 @@
    5.41  
    5.42    A \emph{type constructor} @{text "\<kappa>"} is a @{text "k"}-ary operator
    5.43    on types declared in the theory.  Type constructor application is
    5.44 -  written postfix as @{text "(\<alpha>\<^isub>1, \<dots>, \<alpha>\<^isub>k)\<kappa>"}.  For
    5.45 +  written postfix as @{text "(\<alpha>\<^sub>1, \<dots>, \<alpha>\<^sub>k)\<kappa>"}.  For
    5.46    @{text "k = 0"} the argument tuple is omitted, e.g.\ @{text "prop"}
    5.47    instead of @{text "()prop"}.  For @{text "k = 1"} the parentheses
    5.48    are omitted, e.g.\ @{text "\<alpha> list"} instead of @{text "(\<alpha>)list"}.
    5.49 @@ -79,7 +79,7 @@
    5.50    \<beta>)fun"}.
    5.51    
    5.52    The logical category \emph{type} is defined inductively over type
    5.53 -  variables and type constructors as follows: @{text "\<tau> = \<alpha>\<^isub>s | ?\<alpha>\<^isub>s |
    5.54 +  variables and type constructors as follows: @{text "\<tau> = \<alpha>\<^sub>s | ?\<alpha>\<^sub>s |
    5.55    (\<tau>\<^sub>1, \<dots>, \<tau>\<^sub>k)\<kappa>"}.
    5.56  
    5.57    A \emph{type abbreviation} is a syntactic definition @{text
    5.58 @@ -89,27 +89,27 @@
    5.59    logical core.
    5.60  
    5.61    A \emph{type arity} declares the image behavior of a type
    5.62 -  constructor wrt.\ the algebra of sorts: @{text "\<kappa> :: (s\<^isub>1, \<dots>,
    5.63 -  s\<^isub>k)s"} means that @{text "(\<tau>\<^isub>1, \<dots>, \<tau>\<^isub>k)\<kappa>"} is
    5.64 -  of sort @{text "s"} if every argument type @{text "\<tau>\<^isub>i"} is
    5.65 -  of sort @{text "s\<^isub>i"}.  Arity declarations are implicitly
    5.66 +  constructor wrt.\ the algebra of sorts: @{text "\<kappa> :: (s\<^sub>1, \<dots>,
    5.67 +  s\<^sub>k)s"} means that @{text "(\<tau>\<^sub>1, \<dots>, \<tau>\<^sub>k)\<kappa>"} is
    5.68 +  of sort @{text "s"} if every argument type @{text "\<tau>\<^sub>i"} is
    5.69 +  of sort @{text "s\<^sub>i"}.  Arity declarations are implicitly
    5.70    completed, i.e.\ @{text "\<kappa> :: (\<^vec>s)c"} entails @{text "\<kappa> ::
    5.71    (\<^vec>s)c'"} for any @{text "c' \<supseteq> c"}.
    5.72  
    5.73    \medskip The sort algebra is always maintained as \emph{coregular},
    5.74    which means that type arities are consistent with the subclass
    5.75    relation: for any type constructor @{text "\<kappa>"}, and classes @{text
    5.76 -  "c\<^isub>1 \<subseteq> c\<^isub>2"}, and arities @{text "\<kappa> ::
    5.77 -  (\<^vec>s\<^isub>1)c\<^isub>1"} and @{text "\<kappa> ::
    5.78 -  (\<^vec>s\<^isub>2)c\<^isub>2"} holds @{text "\<^vec>s\<^isub>1 \<subseteq>
    5.79 -  \<^vec>s\<^isub>2"} component-wise.
    5.80 +  "c\<^sub>1 \<subseteq> c\<^sub>2"}, and arities @{text "\<kappa> ::
    5.81 +  (\<^vec>s\<^sub>1)c\<^sub>1"} and @{text "\<kappa> ::
    5.82 +  (\<^vec>s\<^sub>2)c\<^sub>2"} holds @{text "\<^vec>s\<^sub>1 \<subseteq>
    5.83 +  \<^vec>s\<^sub>2"} component-wise.
    5.84  
    5.85    The key property of a coregular order-sorted algebra is that sort
    5.86    constraints can be solved in a most general fashion: for each type
    5.87    constructor @{text "\<kappa>"} and sort @{text "s"} there is a most general
    5.88 -  vector of argument sorts @{text "(s\<^isub>1, \<dots>, s\<^isub>k)"} such
    5.89 -  that a type scheme @{text "(\<alpha>\<^bsub>s\<^isub>1\<^esub>, \<dots>,
    5.90 -  \<alpha>\<^bsub>s\<^isub>k\<^esub>)\<kappa>"} is of sort @{text "s"}.
    5.91 +  vector of argument sorts @{text "(s\<^sub>1, \<dots>, s\<^sub>k)"} such
    5.92 +  that a type scheme @{text "(\<alpha>\<^bsub>s\<^sub>1\<^esub>, \<dots>,
    5.93 +  \<alpha>\<^bsub>s\<^sub>k\<^esub>)\<kappa>"} is of sort @{text "s"}.
    5.94    Consequently, type unification has most general solutions (modulo
    5.95    equivalence of sorts), so type-inference produces primary types as
    5.96    expected \cite{nipkow-prehofer}.
    5.97 @@ -159,8 +159,8 @@
    5.98    TVar}) in @{text "\<tau>"}; the type structure is traversed from left to
    5.99    right.
   5.100  
   5.101 -  \item @{ML Sign.subsort}~@{text "thy (s\<^isub>1, s\<^isub>2)"}
   5.102 -  tests the subsort relation @{text "s\<^isub>1 \<subseteq> s\<^isub>2"}.
   5.103 +  \item @{ML Sign.subsort}~@{text "thy (s\<^sub>1, s\<^sub>2)"}
   5.104 +  tests the subsort relation @{text "s\<^sub>1 \<subseteq> s\<^sub>2"}.
   5.105  
   5.106    \item @{ML Sign.of_sort}~@{text "thy (\<tau>, s)"} tests whether type
   5.107    @{text "\<tau>"} is of sort @{text "s"}.
   5.108 @@ -172,13 +172,13 @@
   5.109    \item @{ML Sign.add_type_abbrev}~@{text "ctxt (\<kappa>, \<^vec>\<alpha>, \<tau>)"}
   5.110    defines a new type abbreviation @{text "(\<^vec>\<alpha>)\<kappa> = \<tau>"}.
   5.111  
   5.112 -  \item @{ML Sign.primitive_class}~@{text "(c, [c\<^isub>1, \<dots>,
   5.113 -  c\<^isub>n])"} declares a new class @{text "c"}, together with class
   5.114 -  relations @{text "c \<subseteq> c\<^isub>i"}, for @{text "i = 1, \<dots>, n"}.
   5.115 +  \item @{ML Sign.primitive_class}~@{text "(c, [c\<^sub>1, \<dots>,
   5.116 +  c\<^sub>n])"} declares a new class @{text "c"}, together with class
   5.117 +  relations @{text "c \<subseteq> c\<^sub>i"}, for @{text "i = 1, \<dots>, n"}.
   5.118  
   5.119 -  \item @{ML Sign.primitive_classrel}~@{text "(c\<^isub>1,
   5.120 -  c\<^isub>2)"} declares the class relation @{text "c\<^isub>1 \<subseteq>
   5.121 -  c\<^isub>2"}.
   5.122 +  \item @{ML Sign.primitive_classrel}~@{text "(c\<^sub>1,
   5.123 +  c\<^sub>2)"} declares the class relation @{text "c\<^sub>1 \<subseteq>
   5.124 +  c\<^sub>2"}.
   5.125  
   5.126    \item @{ML Sign.primitive_arity}~@{text "(\<kappa>, \<^vec>s, s)"} declares
   5.127    the arity @{text "\<kappa> :: (\<^vec>s)s"}.
   5.128 @@ -258,25 +258,25 @@
   5.129    without any loose variables.
   5.130  
   5.131    A \emph{fixed variable} is a pair of a basic name and a type, e.g.\
   5.132 -  @{text "(x, \<tau>)"} which is usually printed @{text "x\<^isub>\<tau>"} here.  A
   5.133 +  @{text "(x, \<tau>)"} which is usually printed @{text "x\<^sub>\<tau>"} here.  A
   5.134    \emph{schematic variable} is a pair of an indexname and a type,
   5.135    e.g.\ @{text "((x, 0), \<tau>)"} which is likewise printed as @{text
   5.136 -  "?x\<^isub>\<tau>"}.
   5.137 +  "?x\<^sub>\<tau>"}.
   5.138  
   5.139    \medskip A \emph{constant} is a pair of a basic name and a type,
   5.140 -  e.g.\ @{text "(c, \<tau>)"} which is usually printed as @{text "c\<^isub>\<tau>"}
   5.141 +  e.g.\ @{text "(c, \<tau>)"} which is usually printed as @{text "c\<^sub>\<tau>"}
   5.142    here.  Constants are declared in the context as polymorphic families
   5.143    @{text "c :: \<sigma>"}, meaning that all substitution instances @{text
   5.144 -  "c\<^isub>\<tau>"} for @{text "\<tau> = \<sigma>\<vartheta>"} are valid.
   5.145 +  "c\<^sub>\<tau>"} for @{text "\<tau> = \<sigma>\<vartheta>"} are valid.
   5.146  
   5.147 -  The vector of \emph{type arguments} of constant @{text "c\<^isub>\<tau>"} wrt.\
   5.148 +  The vector of \emph{type arguments} of constant @{text "c\<^sub>\<tau>"} wrt.\
   5.149    the declaration @{text "c :: \<sigma>"} is defined as the codomain of the
   5.150 -  matcher @{text "\<vartheta> = {?\<alpha>\<^isub>1 \<mapsto> \<tau>\<^isub>1, \<dots>, ?\<alpha>\<^isub>n \<mapsto> \<tau>\<^isub>n}"} presented in
   5.151 -  canonical order @{text "(\<tau>\<^isub>1, \<dots>, \<tau>\<^isub>n)"}, corresponding to the
   5.152 -  left-to-right occurrences of the @{text "\<alpha>\<^isub>i"} in @{text "\<sigma>"}.
   5.153 +  matcher @{text "\<vartheta> = {?\<alpha>\<^sub>1 \<mapsto> \<tau>\<^sub>1, \<dots>, ?\<alpha>\<^sub>n \<mapsto> \<tau>\<^sub>n}"} presented in
   5.154 +  canonical order @{text "(\<tau>\<^sub>1, \<dots>, \<tau>\<^sub>n)"}, corresponding to the
   5.155 +  left-to-right occurrences of the @{text "\<alpha>\<^sub>i"} in @{text "\<sigma>"}.
   5.156    Within a given theory context, there is a one-to-one correspondence
   5.157 -  between any constant @{text "c\<^isub>\<tau>"} and the application @{text "c(\<tau>\<^isub>1,
   5.158 -  \<dots>, \<tau>\<^isub>n)"} of its type arguments.  For example, with @{text "plus :: \<alpha>
   5.159 +  between any constant @{text "c\<^sub>\<tau>"} and the application @{text "c(\<tau>\<^sub>1,
   5.160 +  \<dots>, \<tau>\<^sub>n)"} of its type arguments.  For example, with @{text "plus :: \<alpha>
   5.161    \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>"}, the instance @{text "plus\<^bsub>nat \<Rightarrow> nat \<Rightarrow> nat\<^esub>"} corresponds to
   5.162    @{text "plus(nat)"}.
   5.163  
   5.164 @@ -290,7 +290,7 @@
   5.165    \medskip An \emph{atomic term} is either a variable or constant.
   5.166    The logical category \emph{term} is defined inductively over atomic
   5.167    terms, with abstraction and application as follows: @{text "t = b |
   5.168 -  x\<^isub>\<tau> | ?x\<^isub>\<tau> | c\<^isub>\<tau> | \<lambda>\<^isub>\<tau>. t | t\<^isub>1 t\<^isub>2"}.  Parsing and printing takes care of
   5.169 +  x\<^sub>\<tau> | ?x\<^sub>\<tau> | c\<^sub>\<tau> | \<lambda>\<^sub>\<tau>. t | t\<^sub>1 t\<^sub>2"}.  Parsing and printing takes care of
   5.170    converting between an external representation with named bound
   5.171    variables.  Subsequently, we shall use the latter notation instead
   5.172    of internal de-Bruijn representation.
   5.173 @@ -299,7 +299,7 @@
   5.174    term according to the structure of atomic terms, abstractions, and
   5.175    applicatins:
   5.176    \[
   5.177 -  \infer{@{text "a\<^isub>\<tau> :: \<tau>"}}{}
   5.178 +  \infer{@{text "a\<^sub>\<tau> :: \<tau>"}}{}
   5.179    \qquad
   5.180    \infer{@{text "(\<lambda>x\<^sub>\<tau>. t) :: \<tau> \<Rightarrow> \<sigma>"}}{@{text "t :: \<sigma>"}}
   5.181    \qquad
   5.182 @@ -315,7 +315,7 @@
   5.183  
   5.184    The identity of atomic terms consists both of the name and the type
   5.185    component.  This means that different variables @{text
   5.186 -  "x\<^bsub>\<tau>\<^isub>1\<^esub>"} and @{text "x\<^bsub>\<tau>\<^isub>2\<^esub>"} may become the same after
   5.187 +  "x\<^bsub>\<tau>\<^sub>1\<^esub>"} and @{text "x\<^bsub>\<tau>\<^sub>2\<^esub>"} may become the same after
   5.188    type instantiation.  Type-inference rejects variables of the same
   5.189    name, but different types.  In contrast, mixed instances of
   5.190    polymorphic constants occur routinely.
   5.191 @@ -329,11 +329,11 @@
   5.192    pathological situation notoriously demands additional care.
   5.193  
   5.194    \medskip A \emph{term abbreviation} is a syntactic definition @{text
   5.195 -  "c\<^isub>\<sigma> \<equiv> t"} of a closed term @{text "t"} of type @{text "\<sigma>"},
   5.196 +  "c\<^sub>\<sigma> \<equiv> t"} of a closed term @{text "t"} of type @{text "\<sigma>"},
   5.197    without any hidden polymorphism.  A term abbreviation looks like a
   5.198    constant in the syntax, but is expanded before entering the logical
   5.199    core.  Abbreviations are usually reverted when printing terms, using
   5.200 -  @{text "t \<rightarrow> c\<^isub>\<sigma>"} as rules for higher-order rewriting.
   5.201 +  @{text "t \<rightarrow> c\<^sub>\<sigma>"} as rules for higher-order rewriting.
   5.202  
   5.203    \medskip Canonical operations on @{text "\<lambda>"}-terms include @{text
   5.204    "\<alpha>\<beta>\<eta>"}-conversion: @{text "\<alpha>"}-conversion refers to capture-free
   5.205 @@ -428,7 +428,7 @@
   5.206    introduces a new term abbreviation @{text "c \<equiv> t"}.
   5.207  
   5.208    \item @{ML Sign.const_typargs}~@{text "thy (c, \<tau>)"} and @{ML
   5.209 -  Sign.const_instance}~@{text "thy (c, [\<tau>\<^isub>1, \<dots>, \<tau>\<^isub>n])"}
   5.210 +  Sign.const_instance}~@{text "thy (c, [\<tau>\<^sub>1, \<dots>, \<tau>\<^sub>n])"}
   5.211    convert between two representations of polymorphic constants: full
   5.212    type instance vs.\ compact type arguments form.
   5.213  
   5.214 @@ -497,7 +497,7 @@
   5.215    The theory @{text "Pure"} contains constant declarations for the
   5.216    primitive connectives @{text "\<And>"}, @{text "\<Longrightarrow>"}, and @{text "\<equiv>"} of
   5.217    the logical framework, see \figref{fig:pure-connectives}.  The
   5.218 -  derivability judgment @{text "A\<^isub>1, \<dots>, A\<^isub>n \<turnstile> B"} is
   5.219 +  derivability judgment @{text "A\<^sub>1, \<dots>, A\<^sub>n \<turnstile> B"} is
   5.220    defined inductively by the primitive inferences given in
   5.221    \figref{fig:prim-rules}, with the global restriction that the
   5.222    hypotheses must \emph{not} contain any schematic variables.  The
   5.223 @@ -564,7 +564,7 @@
   5.224    "\<And>\<hyphen>intro"}) need not be recorded in the hypotheses, because
   5.225    the simple syntactic types of Pure are always inhabitable.
   5.226    ``Assumptions'' @{text "x :: \<tau>"} for type-membership are only
   5.227 -  present as long as some @{text "x\<^isub>\<tau>"} occurs in the statement
   5.228 +  present as long as some @{text "x\<^sub>\<tau>"} occurs in the statement
   5.229    body.\footnote{This is the key difference to ``@{text "\<lambda>HOL"}'' in
   5.230    the PTS framework \cite{Barendregt-Geuvers:2001}, where hypotheses
   5.231    @{text "x : A"} are treated uniformly for propositions and types.}
   5.232 @@ -625,7 +625,7 @@
   5.233    "c((\<^vec>\<alpha>)\<kappa>) \<equiv> t"} for each type constructor @{text "\<kappa>"} (for
   5.234    distinct variables @{text "\<^vec>\<alpha>"}).  The RHS may mention
   5.235    previously defined constants as above, or arbitrary constants @{text
   5.236 -  "d(\<alpha>\<^isub>i)"} for some @{text "\<alpha>\<^isub>i"} projected from @{text
   5.237 +  "d(\<alpha>\<^sub>i)"} for some @{text "\<alpha>\<^sub>i"} projected from @{text
   5.238    "\<^vec>\<alpha>"}.  Thus overloaded definitions essentially work by
   5.239    primitive recursion over the syntactic structure of a single type
   5.240    argument.  See also \cite[\S4.3]{Haftmann-Wenzel:2006:classes}.
   5.241 @@ -738,10 +738,10 @@
   5.242    variables are generalized simultaneously, specified by the given
   5.243    basic names.
   5.244  
   5.245 -  \item @{ML Thm.instantiate}~@{text "(\<^vec>\<alpha>\<^isub>s,
   5.246 -  \<^vec>x\<^isub>\<tau>)"} corresponds to the @{text "instantiate"} rules
   5.247 +  \item @{ML Thm.instantiate}~@{text "(\<^vec>\<alpha>\<^sub>s,
   5.248 +  \<^vec>x\<^sub>\<tau>)"} corresponds to the @{text "instantiate"} rules
   5.249    of \figref{fig:subst-rules}.  Type variables are substituted before
   5.250 -  term variables.  Note that the types in @{text "\<^vec>x\<^isub>\<tau>"}
   5.251 +  term variables.  Note that the types in @{text "\<^vec>x\<^sub>\<tau>"}
   5.252    refer to the instantiated versions.
   5.253  
   5.254    \item @{ML Thm.add_axiom}~@{text "ctxt (name, A)"} declares an
   5.255 @@ -761,10 +761,10 @@
   5.256    low-level representation in the axiom table may differ slightly from
   5.257    the returned theorem.
   5.258  
   5.259 -  \item @{ML Theory.add_deps}~@{text "ctxt name c\<^isub>\<tau> \<^vec>d\<^isub>\<sigma>"}
   5.260 +  \item @{ML Theory.add_deps}~@{text "ctxt name c\<^sub>\<tau> \<^vec>d\<^sub>\<sigma>"}
   5.261    declares dependencies of a named specification for constant @{text
   5.262 -  "c\<^isub>\<tau>"}, relative to existing specifications for constants @{text
   5.263 -  "\<^vec>d\<^isub>\<sigma>"}.
   5.264 +  "c\<^sub>\<tau>"}, relative to existing specifications for constants @{text
   5.265 +  "\<^vec>d\<^sub>\<sigma>"}.
   5.266  
   5.267    \end{description}
   5.268  *}
   5.269 @@ -1188,7 +1188,7 @@
   5.270    \item @{text "rules\<^sub>1 RL rules\<^sub>2"} abbreviates @{text "rules\<^sub>1 RLN (1,
   5.271    rules\<^sub>2)"}.
   5.272  
   5.273 -  \item @{text "[rule\<^sub>1, \<dots>, rule\<^sub>n] MRS rule"} resolves @{text "rule\<^isub>i"}
   5.274 +  \item @{text "[rule\<^sub>1, \<dots>, rule\<^sub>n] MRS rule"} resolves @{text "rule\<^sub>i"}
   5.275    against premise @{text "i"} of @{text "rule"}, for @{text "i = n, \<dots>,
   5.276    1"}.  By working from right to left, newly emerging premises are
   5.277    concatenated in the result, without interfering.
     6.1 --- a/src/Doc/IsarImplementation/Prelim.thy	Tue Aug 13 16:53:23 2013 +0200
     6.2 +++ b/src/Doc/IsarImplementation/Prelim.thy	Tue Aug 13 17:45:22 2013 +0200
     6.3 @@ -844,7 +844,7 @@
     6.4    \item @{ML Long_Name.qualifier}~@{text "name"} returns the qualifier
     6.5    of a long name.
     6.6  
     6.7 -  \item @{ML Long_Name.append}~@{text "name\<^isub>1 name\<^isub>2"} appends two long
     6.8 +  \item @{ML Long_Name.append}~@{text "name\<^sub>1 name\<^sub>2"} appends two long
     6.9    names.
    6.10  
    6.11    \item @{ML Long_Name.implode}~@{text "names"} and @{ML
    6.12 @@ -989,7 +989,7 @@
    6.13    \item Type @{ML_type Name_Space.T} represents name spaces.
    6.14  
    6.15    \item @{ML Name_Space.empty}~@{text "kind"} and @{ML Name_Space.merge}~@{text
    6.16 -  "(space\<^isub>1, space\<^isub>2)"} are the canonical operations for
    6.17 +  "(space\<^sub>1, space\<^sub>2)"} are the canonical operations for
    6.18    maintaining name spaces according to theory data management
    6.19    (\secref{sec:context-data}); @{text "kind"} is a formal comment
    6.20    to characterize the purpose of a name space.
     7.1 --- a/src/Doc/IsarImplementation/Proof.thy	Tue Aug 13 16:53:23 2013 +0200
     7.2 +++ b/src/Doc/IsarImplementation/Proof.thy	Tue Aug 13 17:45:22 2013 +0200
     7.3 @@ -10,7 +10,7 @@
     7.4    Any variable that is not explicitly bound by @{text "\<lambda>"}-abstraction
     7.5    is considered as ``free''.  Logically, free variables act like
     7.6    outermost universal quantification at the sequent level: @{text
     7.7 -  "A\<^isub>1(x), \<dots>, A\<^isub>n(x) \<turnstile> B(x)"} means that the result
     7.8 +  "A\<^sub>1(x), \<dots>, A\<^sub>n(x) \<turnstile> B(x)"} means that the result
     7.9    holds \emph{for all} values of @{text "x"}.  Free variables for
    7.10    terms (not types) can be fully internalized into the logic: @{text
    7.11    "\<turnstile> B(x)"} and @{text "\<turnstile> \<And>x. B(x)"} are interchangeable, provided
    7.12 @@ -35,26 +35,26 @@
    7.13    depend on type variables, which means that type variables would have
    7.14    to be declared first.  For example, a raw type-theoretic framework
    7.15    would demand the context to be constructed in stages as follows:
    7.16 -  @{text "\<Gamma> = \<alpha>: type, x: \<alpha>, a: A(x\<^isub>\<alpha>)"}.
    7.17 +  @{text "\<Gamma> = \<alpha>: type, x: \<alpha>, a: A(x\<^sub>\<alpha>)"}.
    7.18  
    7.19    We allow a slightly less formalistic mode of operation: term
    7.20    variables @{text "x"} are fixed without specifying a type yet
    7.21    (essentially \emph{all} potential occurrences of some instance
    7.22 -  @{text "x\<^isub>\<tau>"} are fixed); the first occurrence of @{text "x"}
    7.23 +  @{text "x\<^sub>\<tau>"} are fixed); the first occurrence of @{text "x"}
    7.24    within a specific term assigns its most general type, which is then
    7.25    maintained consistently in the context.  The above example becomes
    7.26 -  @{text "\<Gamma> = x: term, \<alpha>: type, A(x\<^isub>\<alpha>)"}, where type @{text
    7.27 +  @{text "\<Gamma> = x: term, \<alpha>: type, A(x\<^sub>\<alpha>)"}, where type @{text
    7.28    "\<alpha>"} is fixed \emph{after} term @{text "x"}, and the constraint
    7.29    @{text "x :: \<alpha>"} is an implicit consequence of the occurrence of
    7.30 -  @{text "x\<^isub>\<alpha>"} in the subsequent proposition.
    7.31 +  @{text "x\<^sub>\<alpha>"} in the subsequent proposition.
    7.32  
    7.33    This twist of dependencies is also accommodated by the reverse
    7.34    operation of exporting results from a context: a type variable
    7.35    @{text "\<alpha>"} is considered fixed as long as it occurs in some fixed
    7.36    term variable of the context.  For example, exporting @{text "x:
    7.37 -  term, \<alpha>: type \<turnstile> x\<^isub>\<alpha> \<equiv> x\<^isub>\<alpha>"} produces in the first step @{text "x: term
    7.38 -  \<turnstile> x\<^isub>\<alpha> \<equiv> x\<^isub>\<alpha>"} for fixed @{text "\<alpha>"}, and only in the second step
    7.39 -  @{text "\<turnstile> ?x\<^isub>?\<^isub>\<alpha> \<equiv> ?x\<^isub>?\<^isub>\<alpha>"} for schematic @{text "?x"} and @{text "?\<alpha>"}.
    7.40 +  term, \<alpha>: type \<turnstile> x\<^sub>\<alpha> \<equiv> x\<^sub>\<alpha>"} produces in the first step @{text "x: term
    7.41 +  \<turnstile> x\<^sub>\<alpha> \<equiv> x\<^sub>\<alpha>"} for fixed @{text "\<alpha>"}, and only in the second step
    7.42 +  @{text "\<turnstile> ?x\<^sub>?\<^sub>\<alpha> \<equiv> ?x\<^sub>?\<^sub>\<alpha>"} for schematic @{text "?x"} and @{text "?\<alpha>"}.
    7.43    The following Isar source text illustrates this scenario.
    7.44  *}
    7.45  
    7.46 @@ -92,9 +92,9 @@
    7.47  
    7.48    The @{text "focus"} operation provides a variant of @{text "import"}
    7.49    for nested propositions (with explicit quantification): @{text
    7.50 -  "\<And>x\<^isub>1 \<dots> x\<^isub>n. B(x\<^isub>1, \<dots>, x\<^isub>n)"} is
    7.51 -  decomposed by inventing fixed variables @{text "x\<^isub>1, \<dots>,
    7.52 -  x\<^isub>n"} for the body.
    7.53 +  "\<And>x\<^sub>1 \<dots> x\<^sub>n. B(x\<^sub>1, \<dots>, x\<^sub>n)"} is
    7.54 +  decomposed by inventing fixed variables @{text "x\<^sub>1, \<dots>,
    7.55 +  x\<^sub>n"} for the body.
    7.56  *}
    7.57  
    7.58  text %mlref {*
    7.59 @@ -234,8 +234,8 @@
    7.60    quantifiers stripped.  For example, by assuming @{text "\<And>x :: \<alpha>. P
    7.61    x"} we get @{text "\<And>x :: \<alpha>. P x \<turnstile> P ?x"} for schematic @{text "?x"}
    7.62    of fixed type @{text "\<alpha>"}.  Local derivations accumulate more and
    7.63 -  more explicit references to hypotheses: @{text "A\<^isub>1, \<dots>,
    7.64 -  A\<^isub>n \<turnstile> B"} where @{text "A\<^isub>1, \<dots>, A\<^isub>n"} needs to
    7.65 +  more explicit references to hypotheses: @{text "A\<^sub>1, \<dots>,
    7.66 +  A\<^sub>n \<turnstile> B"} where @{text "A\<^sub>1, \<dots>, A\<^sub>n"} needs to
    7.67    be covered by the assumptions of the current context.
    7.68  
    7.69    \medskip The @{text "add_assms"} operation augments the context by
     8.1 --- a/src/Doc/IsarImplementation/Tactic.thy	Tue Aug 13 16:53:23 2013 +0200
     8.2 +++ b/src/Doc/IsarImplementation/Tactic.thy	Tue Aug 13 17:45:22 2013 +0200
     8.3 @@ -509,7 +509,7 @@
     8.4    regarded as an atomic formula, to solve premise @{text "i"} of
     8.5    @{text "thm\<^sub>2"}.  Let @{text "thm\<^sub>1"} and @{text "thm\<^sub>2"} be @{text
     8.6    "\<psi>"} and @{text "\<phi>\<^sub>1 \<Longrightarrow> \<dots> \<phi>\<^sub>n \<Longrightarrow> \<phi>"}.  The unique @{text "s"} that
     8.7 -  unifies @{text "\<psi>"} and @{text "\<phi>\<^isub>i"} yields the theorem @{text "(\<phi>\<^sub>1 \<Longrightarrow>
     8.8 +  unifies @{text "\<psi>"} and @{text "\<phi>\<^sub>i"} yields the theorem @{text "(\<phi>\<^sub>1 \<Longrightarrow>
     8.9    \<dots> \<phi>\<^sub>i\<^sub>-\<^sub>1 \<Longrightarrow> \<phi>\<^sub>i\<^sub>+\<^sub>1 \<Longrightarrow> \<dots> \<phi>\<^sub>n \<Longrightarrow> \<phi>)s"}.  Multiple results are considered as
    8.10    error (exception @{ML THM}).
    8.11  
     9.1 --- a/src/Doc/IsarRef/First_Order_Logic.thy	Tue Aug 13 16:53:23 2013 +0200
     9.2 +++ b/src/Doc/IsarRef/First_Order_Logic.thy	Tue Aug 13 17:45:22 2013 +0200
     9.3 @@ -183,15 +183,15 @@
     9.4  
     9.5  axiomatization
     9.6    disj :: "o \<Rightarrow> o \<Rightarrow> o"  (infixr "\<or>" 30) where
     9.7 -  disjI\<^isub>1 [intro]: "A \<Longrightarrow> A \<or> B" and
     9.8 -  disjI\<^isub>2 [intro]: "B \<Longrightarrow> A \<or> B" and
     9.9 +  disjI\<^sub>1 [intro]: "A \<Longrightarrow> A \<or> B" and
    9.10 +  disjI\<^sub>2 [intro]: "B \<Longrightarrow> A \<or> B" and
    9.11    disjE [elim]: "A \<or> B \<Longrightarrow> (A \<Longrightarrow> C) \<Longrightarrow> (B \<Longrightarrow> C) \<Longrightarrow> C"
    9.12  
    9.13  axiomatization
    9.14    conj :: "o \<Rightarrow> o \<Rightarrow> o"  (infixr "\<and>" 35) where
    9.15    conjI [intro]: "A \<Longrightarrow> B \<Longrightarrow> A \<and> B" and
    9.16 -  conjD\<^isub>1: "A \<and> B \<Longrightarrow> A" and
    9.17 -  conjD\<^isub>2: "A \<and> B \<Longrightarrow> B"
    9.18 +  conjD\<^sub>1: "A \<and> B \<Longrightarrow> A" and
    9.19 +  conjD\<^sub>2: "A \<and> B \<Longrightarrow> B"
    9.20  
    9.21  text {*
    9.22    \noindent The conjunctive destructions have the disadvantage that
    9.23 @@ -205,8 +205,8 @@
    9.24    assumes "A \<and> B"
    9.25    obtains A and B
    9.26  proof
    9.27 -  from `A \<and> B` show A by (rule conjD\<^isub>1)
    9.28 -  from `A \<and> B` show B by (rule conjD\<^isub>2)
    9.29 +  from `A \<and> B` show A by (rule conjD\<^sub>1)
    9.30 +  from `A \<and> B` show B by (rule conjD\<^sub>2)
    9.31  qed
    9.32  
    9.33  text {*
    9.34 @@ -378,8 +378,8 @@
    9.35    @{text "impI: \<ASSUMES> A \<Longrightarrow> B \<SHOWS> A \<longrightarrow> B"} \\
    9.36    @{text "impD: \<ASSUMES> A \<longrightarrow> B \<AND> A \<SHOWS> B"} \\[1ex]
    9.37  
    9.38 -  @{text "disjI\<^isub>1: \<ASSUMES> A \<SHOWS> A \<or> B"} \\
    9.39 -  @{text "disjI\<^isub>2: \<ASSUMES> B \<SHOWS> A \<or> B"} \\
    9.40 +  @{text "disjI\<^sub>1: \<ASSUMES> A \<SHOWS> A \<or> B"} \\
    9.41 +  @{text "disjI\<^sub>2: \<ASSUMES> B \<SHOWS> A \<or> B"} \\
    9.42    @{text "disjE: \<ASSUMES> A \<or> B \<OBTAINS> A \<BBAR> B"} \\[1ex]
    9.43  
    9.44    @{text "conjI: \<ASSUMES> A \<AND> B \<SHOWS> A \<and> B"} \\
    10.1 --- a/src/Doc/IsarRef/Framework.thy	Tue Aug 13 16:53:23 2013 +0200
    10.2 +++ b/src/Doc/IsarRef/Framework.thy	Tue Aug 13 17:45:22 2013 +0200
    10.3 @@ -270,8 +270,8 @@
    10.4    :: \<alpha>. B(x)"} and @{text "A \<Longrightarrow> B"}.  Primitive reasoning operates on
    10.5    judgments of the form @{text "\<Gamma> \<turnstile> \<phi>"}, with standard introduction
    10.6    and elimination rules for @{text "\<And>"} and @{text "\<Longrightarrow>"} that refer to
    10.7 -  fixed parameters @{text "x\<^isub>1, \<dots>, x\<^isub>m"} and hypotheses
    10.8 -  @{text "A\<^isub>1, \<dots>, A\<^isub>n"} from the context @{text "\<Gamma>"};
    10.9 +  fixed parameters @{text "x\<^sub>1, \<dots>, x\<^sub>m"} and hypotheses
   10.10 +  @{text "A\<^sub>1, \<dots>, A\<^sub>n"} from the context @{text "\<Gamma>"};
   10.11    the corresponding proof terms are left implicit.  The subsequent
   10.12    inference rules define @{text "\<Gamma> \<turnstile> \<phi>"} inductively, relative to a
   10.13    collection of axioms:
   10.14 @@ -327,11 +327,11 @@
   10.15    quantifiers are pulled in front of implications at each level of
   10.16    nesting.  This means that any Pure proposition may be presented as a
   10.17    \emph{Hereditary Harrop Formula} \cite{Miller:1991} which is of the
   10.18 -  form @{text "\<And>x\<^isub>1 \<dots> x\<^isub>m. H\<^isub>1 \<Longrightarrow> \<dots> H\<^isub>n \<Longrightarrow>
   10.19 +  form @{text "\<And>x\<^sub>1 \<dots> x\<^sub>m. H\<^sub>1 \<Longrightarrow> \<dots> H\<^sub>n \<Longrightarrow>
   10.20    A"} for @{text "m, n \<ge> 0"}, and @{text "A"} atomic, and @{text
   10.21 -  "H\<^isub>1, \<dots>, H\<^isub>n"} being recursively of the same format.
   10.22 +  "H\<^sub>1, \<dots>, H\<^sub>n"} being recursively of the same format.
   10.23    Following the convention that outermost quantifiers are implicit,
   10.24 -  Horn clauses @{text "A\<^isub>1 \<Longrightarrow> \<dots> A\<^isub>n \<Longrightarrow> A"} are a special
   10.25 +  Horn clauses @{text "A\<^sub>1 \<Longrightarrow> \<dots> A\<^sub>n \<Longrightarrow> A"} are a special
   10.26    case of this.
   10.27  
   10.28    For example, @{text "\<inter>"}-introduction rule encountered before is
   10.29 @@ -348,9 +348,9 @@
   10.30    @{text "InterI:"}~@{prop "(\<And>A. A \<in> \<A> \<Longrightarrow> x \<in> A) \<Longrightarrow> x \<in> \<Inter>\<A>"}
   10.31    \]
   10.32  
   10.33 -  \medskip Goals are also represented as rules: @{text "A\<^isub>1 \<Longrightarrow>
   10.34 -  \<dots> A\<^isub>n \<Longrightarrow> C"} states that the sub-goals @{text "A\<^isub>1, \<dots>,
   10.35 -  A\<^isub>n"} entail the result @{text "C"}; for @{text "n = 0"} the
   10.36 +  \medskip Goals are also represented as rules: @{text "A\<^sub>1 \<Longrightarrow>
   10.37 +  \<dots> A\<^sub>n \<Longrightarrow> C"} states that the sub-goals @{text "A\<^sub>1, \<dots>,
   10.38 +  A\<^sub>n"} entail the result @{text "C"}; for @{text "n = 0"} the
   10.39    goal is finished.  To allow @{text "C"} being a rule statement
   10.40    itself, we introduce the protective marker @{text "# :: prop \<Rightarrow>
   10.41    prop"}, which is defined as identity and hidden from the user.  We
   10.42 @@ -369,7 +369,7 @@
   10.43    sub-goal (replacing it by zero or more sub-goals), and @{inference
   10.44    assumption}, for solving a sub-goal (finding a short-circuit with
   10.45    local assumptions).  Below @{text "\<^vec>x"} stands for @{text
   10.46 -  "x\<^isub>1, \<dots>, x\<^isub>n"} (@{text "n \<ge> 0"}).
   10.47 +  "x\<^sub>1, \<dots>, x\<^sub>n"} (@{text "n \<ge> 0"}).
   10.48  
   10.49    \[
   10.50    \infer[(@{inference_def resolution})]
    11.1 --- a/src/Doc/IsarRef/HOL_Specific.thy	Tue Aug 13 16:53:23 2013 +0200
    11.2 +++ b/src/Doc/IsarRef/HOL_Specific.thy	Tue Aug 13 17:45:22 2013 +0200
    11.3 @@ -1212,16 +1212,16 @@
    11.4  
    11.5    \begin{matharray}{lll}
    11.6      @{text "m"} & @{text "::"} &
    11.7 -      @{text "\<sigma>\<^isub>1 \<Rightarrow> \<dots> \<sigma>\<^isub>k \<Rightarrow> (\<^vec>\<alpha>\<^isub>n) t \<Rightarrow> (\<^vec>\<beta>\<^isub>n) t"} \\
    11.8 +      @{text "\<sigma>\<^sub>1 \<Rightarrow> \<dots> \<sigma>\<^sub>k \<Rightarrow> (\<^vec>\<alpha>\<^sub>n) t \<Rightarrow> (\<^vec>\<beta>\<^sub>n) t"} \\
    11.9    \end{matharray}
   11.10  
   11.11    \noindent where @{text t} is the type constructor, @{text
   11.12 -  "\<^vec>\<alpha>\<^isub>n"} and @{text "\<^vec>\<beta>\<^isub>n"} are distinct
   11.13 -  type variables free in the local theory and @{text "\<sigma>\<^isub>1"},
   11.14 -  \ldots, @{text "\<sigma>\<^isub>k"} is a subsequence of @{text "\<alpha>\<^isub>1 \<Rightarrow>
   11.15 -  \<beta>\<^isub>1"}, @{text "\<beta>\<^isub>1 \<Rightarrow> \<alpha>\<^isub>1"}, \ldots,
   11.16 -  @{text "\<alpha>\<^isub>n \<Rightarrow> \<beta>\<^isub>n"}, @{text "\<beta>\<^isub>n \<Rightarrow>
   11.17 -  \<alpha>\<^isub>n"}.
   11.18 +  "\<^vec>\<alpha>\<^sub>n"} and @{text "\<^vec>\<beta>\<^sub>n"} are distinct
   11.19 +  type variables free in the local theory and @{text "\<sigma>\<^sub>1"},
   11.20 +  \ldots, @{text "\<sigma>\<^sub>k"} is a subsequence of @{text "\<alpha>\<^sub>1 \<Rightarrow>
   11.21 +  \<beta>\<^sub>1"}, @{text "\<beta>\<^sub>1 \<Rightarrow> \<alpha>\<^sub>1"}, \ldots,
   11.22 +  @{text "\<alpha>\<^sub>n \<Rightarrow> \<beta>\<^sub>n"}, @{text "\<beta>\<^sub>n \<Rightarrow>
   11.23 +  \<alpha>\<^sub>n"}.
   11.24  
   11.25    \end{description}
   11.26  *}
   11.27 @@ -1441,7 +1441,7 @@
   11.28  
   11.29    \begin{description}
   11.30  
   11.31 -  \item @{command "adhoc_overloading"}~@{text "c v\<^isub>1 ... v\<^isub>n"}
   11.32 +  \item @{command "adhoc_overloading"}~@{text "c v\<^sub>1 ... v\<^sub>n"}
   11.33    associates variants with an existing constant.
   11.34  
   11.35    \item @{command "no_adhoc_overloading"} is similar to
   11.36 @@ -1687,8 +1687,8 @@
   11.37    \begin{description}
   11.38  
   11.39    \item @{attribute (HOL) "coercion"}~@{text "f"} registers a new
   11.40 -  coercion function @{text "f :: \<sigma>\<^isub>1 \<Rightarrow> \<sigma>\<^isub>2"} where @{text "\<sigma>\<^isub>1"} and
   11.41 -  @{text "\<sigma>\<^isub>2"} are type constructors without arguments.  Coercions are
   11.42 +  coercion function @{text "f :: \<sigma>\<^sub>1 \<Rightarrow> \<sigma>\<^sub>2"} where @{text "\<sigma>\<^sub>1"} and
   11.43 +  @{text "\<sigma>\<^sub>2"} are type constructors without arguments.  Coercions are
   11.44    composed by the inference algorithm if needed.  Note that the type
   11.45    inference algorithm is complete only if the registered coercions
   11.46    form a lattice.
   11.47 @@ -1699,11 +1699,11 @@
   11.48  
   11.49    \begin{matharray}{lll}
   11.50      @{text "map"} & @{text "::"} &
   11.51 -      @{text "f\<^isub>1 \<Rightarrow> \<dots> \<Rightarrow> f\<^isub>n \<Rightarrow> (\<alpha>\<^isub>1, \<dots>, \<alpha>\<^isub>n) t \<Rightarrow> (\<beta>\<^isub>1, \<dots>, \<beta>\<^isub>n) t"} \\
   11.52 +      @{text "f\<^sub>1 \<Rightarrow> \<dots> \<Rightarrow> f\<^sub>n \<Rightarrow> (\<alpha>\<^sub>1, \<dots>, \<alpha>\<^sub>n) t \<Rightarrow> (\<beta>\<^sub>1, \<dots>, \<beta>\<^sub>n) t"} \\
   11.53    \end{matharray}
   11.54  
   11.55 -  where @{text "t"} is a type constructor and @{text "f\<^isub>i"} is of type
   11.56 -  @{text "\<alpha>\<^isub>i \<Rightarrow> \<beta>\<^isub>i"} or @{text "\<beta>\<^isub>i \<Rightarrow> \<alpha>\<^isub>i"}.  Registering a map function
   11.57 +  where @{text "t"} is a type constructor and @{text "f\<^sub>i"} is of type
   11.58 +  @{text "\<alpha>\<^sub>i \<Rightarrow> \<beta>\<^sub>i"} or @{text "\<beta>\<^sub>i \<Rightarrow> \<alpha>\<^sub>i"}.  Registering a map function
   11.59    overwrites any existing map function for this particular type
   11.60    constructor.
   11.61  
   11.62 @@ -1881,7 +1881,7 @@
   11.63      (Ax - Bx) * (By - Cy) = (Ay - By) * (Bx - Cx)"
   11.64  
   11.65  lemma collinear_inv_rotation:
   11.66 -  assumes "collinear (Ax, Ay) (Bx, By) (Cx, Cy)" and "c\<twosuperior> + s\<twosuperior> = 1"
   11.67 +  assumes "collinear (Ax, Ay) (Bx, By) (Cx, Cy)" and "c\<^sup>2 + s\<^sup>2 = 1"
   11.68    shows "collinear (Ax * c - Ay * s, Ay * c + Ax * s)
   11.69      (Bx * c - By * s, By * c + Bx * s) (Cx * c - Cy * s, Cy * c + Cx * s)"
   11.70    using assms by (algebra add: collinear.simps)
    12.1 --- a/src/Doc/IsarRef/Misc.thy	Tue Aug 13 16:53:23 2013 +0200
    12.2 +++ b/src/Doc/IsarRef/Misc.thy	Tue Aug 13 17:45:22 2013 +0200
    12.3 @@ -93,9 +93,9 @@
    12.4    visualizes dependencies of facts, using Isabelle's graph browser
    12.5    tool (see also \cite{isabelle-sys}).
    12.6  
    12.7 -  \item @{command "unused_thms"}~@{text "A\<^isub>1 \<dots> A\<^isub>m - B\<^isub>1 \<dots> B\<^isub>n"}
    12.8 -  displays all unused theorems in theories @{text "B\<^isub>1 \<dots> B\<^isub>n"}
    12.9 -  or their parents, but not in @{text "A\<^isub>1 \<dots> A\<^isub>m"} or their parents.
   12.10 +  \item @{command "unused_thms"}~@{text "A\<^sub>1 \<dots> A\<^sub>m - B\<^sub>1 \<dots> B\<^sub>n"}
   12.11 +  displays all unused theorems in theories @{text "B\<^sub>1 \<dots> B\<^sub>n"}
   12.12 +  or their parents, but not in @{text "A\<^sub>1 \<dots> A\<^sub>m"} or their parents.
   12.13    If @{text n} is @{text 0}, the end of the range of theories
   12.14    defaults to the current theory. If no range is specified,
   12.15    only the unused theorems in the current theory are displayed.
    13.1 --- a/src/Doc/IsarRef/Outer_Syntax.thy	Tue Aug 13 16:53:23 2013 +0200
    13.2 +++ b/src/Doc/IsarRef/Outer_Syntax.thy	Tue Aug 13 17:45:22 2013 +0200
    13.3 @@ -150,7 +150,7 @@
    13.4      @{syntax_def verbatim} & = & @{verbatim "{*"} @{text "\<dots>"} @{verbatim "*"}@{verbatim "}"} \\[1ex]
    13.5  
    13.6      @{text letter} & = & @{text "latin  |  "}@{verbatim "\\"}@{verbatim "<"}@{text latin}@{verbatim ">"}@{text "  |  "}@{verbatim "\\"}@{verbatim "<"}@{text "latin latin"}@{verbatim ">"}@{text "  |  greek  |"} \\
    13.7 -          &   & @{verbatim "\<^isub>"}@{text "  |  "}@{verbatim "\<^isup>"} \\
    13.8 +          &   & @{verbatim "\<^sub>"}@{text "  |  "}@{verbatim "\<^sup>"} \\
    13.9      @{text quasiletter} & = & @{text "letter  |  digit  |  "}@{verbatim "_"}@{text "  |  "}@{verbatim "'"} \\
   13.10      @{text latin} & = & @{verbatim a}@{text "  | \<dots> |  "}@{verbatim z}@{text "  |  "}@{verbatim A}@{text "  |  \<dots> |  "}@{verbatim Z} \\
   13.11      @{text digit} & = & @{verbatim "0"}@{text "  |  \<dots> |  "}@{verbatim "9"} \\
    14.1 --- a/src/Doc/IsarRef/Proof.thy	Tue Aug 13 16:53:23 2013 +0200
    14.2 +++ b/src/Doc/IsarRef/Proof.thy	Tue Aug 13 17:45:22 2013 +0200
    14.3 @@ -1224,8 +1224,8 @@
    14.4    \item @{attribute case_names}~@{text "c\<^sub>1 \<dots> c\<^sub>k"} declares names for
    14.5    the local contexts of premises of a theorem; @{text "c\<^sub>1, \<dots>, c\<^sub>k"}
    14.6    refers to the \emph{prefix} of the list of premises. Each of the
    14.7 -  cases @{text "c\<^isub>i"} can be of the form @{text "c[h\<^isub>1 \<dots> h\<^isub>n]"} where
    14.8 -  the @{text "h\<^isub>1 \<dots> h\<^isub>n"} are the names of the hypotheses in case @{text "c\<^isub>i"}
    14.9 +  cases @{text "c\<^sub>i"} can be of the form @{text "c[h\<^sub>1 \<dots> h\<^sub>n]"} where
   14.10 +  the @{text "h\<^sub>1 \<dots> h\<^sub>n"} are the names of the hypotheses in case @{text "c\<^sub>i"}
   14.11    from left to right.
   14.12    
   14.13    \item @{attribute case_conclusion}~@{text "c d\<^sub>1 \<dots> d\<^sub>k"} declares
    15.1 --- a/src/Doc/IsarRef/Spec.thy	Tue Aug 13 16:53:23 2013 +0200
    15.2 +++ b/src/Doc/IsarRef/Spec.thy	Tue Aug 13 17:45:22 2013 +0200
    15.3 @@ -844,7 +844,7 @@
    15.4  
    15.5    A weakend form of this is available through a further variant of
    15.6    @{command instance}:  @{command instance}~@{text "c\<^sub>1 \<subseteq> c\<^sub>2"} opens
    15.7 -  a proof that class @{text "c\<^isub>2"} implies @{text "c\<^isub>1"} without reference
    15.8 +  a proof that class @{text "c\<^sub>2"} implies @{text "c\<^sub>1"} without reference
    15.9    to the underlying locales;  this is useful if the properties to prove
   15.10    the logical connection are not sufficent on the locale level but on
   15.11    the theory level.
    16.1 --- a/src/Doc/LaTeXsugar/Sugar.thy	Tue Aug 13 16:53:23 2013 +0200
    16.2 +++ b/src/Doc/LaTeXsugar/Sugar.thy	Tue Aug 13 17:45:22 2013 +0200
    16.3 @@ -57,10 +57,10 @@
    16.4  @{text"case"} are set in sans serif font to distinguish them from
    16.5  other functions. This improves readability:
    16.6  \begin{itemize}
    16.7 -\item @{term"if b then e\<^isub>1 else e\<^isub>2"} instead of @{text"if b then e\<^isub>1 else e\<^isub>2"}.
    16.8 -\item @{term"let x = e\<^isub>1 in e\<^isub>2"} instead of @{text"let x = e\<^isub>1 in e\<^isub>2"}.
    16.9 -\item @{term"case x of True \<Rightarrow> e\<^isub>1 | False \<Rightarrow> e\<^isub>2"} instead of\\
   16.10 -      @{text"case x of True \<Rightarrow> e\<^isub>1 | False \<Rightarrow> e\<^isub>2"}.
   16.11 +\item @{term"if b then e\<^sub>1 else e\<^sub>2"} instead of @{text"if b then e\<^sub>1 else e\<^sub>2"}.
   16.12 +\item @{term"let x = e\<^sub>1 in e\<^sub>2"} instead of @{text"let x = e\<^sub>1 in e\<^sub>2"}.
   16.13 +\item @{term"case x of True \<Rightarrow> e\<^sub>1 | False \<Rightarrow> e\<^sub>2"} instead of\\
   16.14 +      @{text"case x of True \<Rightarrow> e\<^sub>1 | False \<Rightarrow> e\<^sub>2"}.
   16.15  \end{itemize}
   16.16  
   16.17  \subsection{Sets}
   16.18 @@ -99,7 +99,7 @@
   16.19  line. To avoid this, \texttt{OptionalSugar} contains syntax to group
   16.20  @{text"@"}-terms to the left before printing, which leads to better
   16.21  line breaking behaviour:
   16.22 -@{term[display]"term\<^isub>0 @ term\<^isub>1 @ term\<^isub>2 @ term\<^isub>3 @ term\<^isub>4 @ term\<^isub>5 @ term\<^isub>6 @ term\<^isub>7 @ term\<^isub>8 @ term\<^isub>9 @ term\<^isub>1\<^isub>0"}
   16.23 +@{term[display]"term\<^sub>0 @ term\<^sub>1 @ term\<^sub>2 @ term\<^sub>3 @ term\<^sub>4 @ term\<^sub>5 @ term\<^sub>6 @ term\<^sub>7 @ term\<^sub>8 @ term\<^sub>9 @ term\<^sub>1\<^sub>0"}
   16.24  
   16.25  \end{itemize}
   16.26  
   16.27 @@ -140,8 +140,8 @@
   16.28  suppresses question marks; variables that end in digits,
   16.29  e.g. @{text"x1"}, are still printed with a trailing @{text".0"},
   16.30  e.g. @{text"x1.0"}, their internal index. This can be avoided by
   16.31 -turning the last digit into a subscript: write \verb!x\<^isub>1! and
   16.32 -obtain the much nicer @{text"x\<^isub>1"}. *}
   16.33 +turning the last digit into a subscript: write \verb!x\<^sub>1! and
   16.34 +obtain the much nicer @{text"x\<^sub>1"}. *}
   16.35  
   16.36  (*<*)declare [[show_question_marks = false]](*>*)
   16.37  
    17.1 --- a/src/Doc/Main/Main_Doc.thy	Tue Aug 13 16:53:23 2013 +0200
    17.2 +++ b/src/Doc/Main/Main_Doc.thy	Tue Aug 13 17:45:22 2013 +0200
    17.3 @@ -45,7 +45,7 @@
    17.4  @{term"~(x = y)"} & @{term[source]"\<not> (x = y)"} & (\verb$~=$)\\
    17.5  @{term[source]"P \<longleftrightarrow> Q"} & @{term"P \<longleftrightarrow> Q"} \\
    17.6  @{term"If x y z"} & @{term[source]"If x y z"}\\
    17.7 -@{term"Let e\<^isub>1 (%x. e\<^isub>2)"} & @{term[source]"Let e\<^isub>1 (\<lambda>x. e\<^isub>2)"}\\
    17.8 +@{term"Let e\<^sub>1 (%x. e\<^sub>2)"} & @{term[source]"Let e\<^sub>1 (\<lambda>x. e\<^sub>2)"}\\
    17.9  \end{supertabular}
   17.10  
   17.11  
   17.12 @@ -131,7 +131,7 @@
   17.13  \subsubsection*{Syntax}
   17.14  
   17.15  \begin{supertabular}{@ {} l @ {\quad$\equiv$\quad} l l @ {}}
   17.16 -@{text"{x\<^isub>1,\<dots>,x\<^isub>n}"} & @{text"insert x\<^isub>1 (\<dots> (insert x\<^isub>n {})\<dots>)"}\\
   17.17 +@{text"{x\<^sub>1,\<dots>,x\<^sub>n}"} & @{text"insert x\<^sub>1 (\<dots> (insert x\<^sub>n {})\<dots>)"}\\
   17.18  @{term"x ~: A"} & @{term[source]"\<not>(x \<in> A)"}\\
   17.19  @{term"A \<subseteq> B"} & @{term[source]"A \<le> B"}\\
   17.20  @{term"A \<subset> B"} & @{term[source]"A < B"}\\
   17.21 @@ -165,7 +165,7 @@
   17.22  
   17.23  \begin{tabular}{@ {} l @ {\quad$\equiv$\quad} l @ {}}
   17.24  @{term"fun_upd f x y"} & @{term[source]"fun_upd f x y"}\\
   17.25 -@{text"f(x\<^isub>1:=y\<^isub>1,\<dots>,x\<^isub>n:=y\<^isub>n)"} & @{text"f(x\<^isub>1:=y\<^isub>1)\<dots>(x\<^isub>n:=y\<^isub>n)"}\\
   17.26 +@{text"f(x\<^sub>1:=y\<^sub>1,\<dots>,x\<^sub>n:=y\<^sub>n)"} & @{text"f(x\<^sub>1:=y\<^sub>1)\<dots>(x\<^sub>n:=y\<^sub>n)"}\\
   17.27  \end{tabular}
   17.28  
   17.29  
   17.30 @@ -545,7 +545,7 @@
   17.31  \subsubsection*{Syntax}
   17.32  
   17.33  \begin{supertabular}{@ {} l @ {\quad$\equiv$\quad} l @ {}}
   17.34 -@{text"[x\<^isub>1,\<dots>,x\<^isub>n]"} & @{text"x\<^isub>1 # \<dots> # x\<^isub>n # []"}\\
   17.35 +@{text"[x\<^sub>1,\<dots>,x\<^sub>n]"} & @{text"x\<^sub>1 # \<dots> # x\<^sub>n # []"}\\
   17.36  @{term"[m..<n]"} & @{term[source]"upt m n"}\\
   17.37  @{term"[i..j]"} & @{term[source]"upto i j"}\\
   17.38  @{text"[e. x \<leftarrow> xs]"} & @{term"map (%x. e) xs"}\\
   17.39 @@ -555,8 +555,8 @@
   17.40  \end{supertabular}
   17.41  \medskip
   17.42  
   17.43 -List comprehension: @{text"[e. q\<^isub>1, \<dots>, q\<^isub>n]"} where each
   17.44 -qualifier @{text q\<^isub>i} is either a generator \mbox{@{text"pat \<leftarrow> e"}} or a
   17.45 +List comprehension: @{text"[e. q\<^sub>1, \<dots>, q\<^sub>n]"} where each
   17.46 +qualifier @{text q\<^sub>i} is either a generator \mbox{@{text"pat \<leftarrow> e"}} or a
   17.47  guard, i.e.\ boolean expression.
   17.48  
   17.49  \section*{Map}
   17.50 @@ -581,8 +581,8 @@
   17.51  \begin{tabular}{@ {} l @ {\quad$\equiv$\quad} l @ {}}
   17.52  @{term"Map.empty"} & @{term"\<lambda>x. None"}\\
   17.53  @{term"m(x:=Some y)"} & @{term[source]"m(x:=Some y)"}\\
   17.54 -@{text"m(x\<^isub>1\<mapsto>y\<^isub>1,\<dots>,x\<^isub>n\<mapsto>y\<^isub>n)"} & @{text[source]"m(x\<^isub>1\<mapsto>y\<^isub>1)\<dots>(x\<^isub>n\<mapsto>y\<^isub>n)"}\\
   17.55 -@{text"[x\<^isub>1\<mapsto>y\<^isub>1,\<dots>,x\<^isub>n\<mapsto>y\<^isub>n]"} & @{text[source]"Map.empty(x\<^isub>1\<mapsto>y\<^isub>1,\<dots>,x\<^isub>n\<mapsto>y\<^isub>n)"}\\
   17.56 +@{text"m(x\<^sub>1\<mapsto>y\<^sub>1,\<dots>,x\<^sub>n\<mapsto>y\<^sub>n)"} & @{text[source]"m(x\<^sub>1\<mapsto>y\<^sub>1)\<dots>(x\<^sub>n\<mapsto>y\<^sub>n)"}\\
   17.57 +@{text"[x\<^sub>1\<mapsto>y\<^sub>1,\<dots>,x\<^sub>n\<mapsto>y\<^sub>n]"} & @{text[source]"Map.empty(x\<^sub>1\<mapsto>y\<^sub>1,\<dots>,x\<^sub>n\<mapsto>y\<^sub>n)"}\\
   17.58  @{term"map_upds m xs ys"} & @{term[source]"map_upds m xs ys"}\\
   17.59  \end{tabular}
   17.60  
    18.1 --- a/src/Doc/ProgProve/Basics.thy	Tue Aug 13 16:53:23 2013 +0200
    18.2 +++ b/src/Doc/ProgProve/Basics.thy	Tue Aug 13 17:45:22 2013 +0200
    18.3 @@ -35,8 +35,8 @@
    18.4  
    18.5  \concept{Terms} are formed as in functional programming by
    18.6  applying functions to arguments. If @{text f} is a function of type
    18.7 -@{text"\<tau>\<^isub>1 \<Rightarrow> \<tau>\<^isub>2"} and @{text t} is a term of type
    18.8 -@{text"\<tau>\<^isub>1"} then @{term"f t"} is a term of type @{text"\<tau>\<^isub>2"}. We write @{text "t :: \<tau>"} to mean that term @{text t} has type @{text \<tau>}.
    18.9 +@{text"\<tau>\<^sub>1 \<Rightarrow> \<tau>\<^sub>2"} and @{text t} is a term of type
   18.10 +@{text"\<tau>\<^sub>1"} then @{term"f t"} is a term of type @{text"\<tau>\<^sub>2"}. We write @{text "t :: \<tau>"} to mean that term @{text t} has type @{text \<tau>}.
   18.11  
   18.12  \begin{warn}
   18.13  There are many predefined infix symbols like @{text "+"} and @{text"\<le>"}.
   18.14 @@ -47,9 +47,9 @@
   18.15  
   18.16  HOL also supports some basic constructs from functional programming:
   18.17  \begin{quote}
   18.18 -@{text "(if b then t\<^isub>1 else t\<^isub>2)"}\\
   18.19 +@{text "(if b then t\<^sub>1 else t\<^sub>2)"}\\
   18.20  @{text "(let x = t in u)"}\\
   18.21 -@{text "(case t of pat\<^isub>1 \<Rightarrow> t\<^isub>1 | \<dots> | pat\<^isub>n \<Rightarrow> t\<^isub>n)"}
   18.22 +@{text "(case t of pat\<^sub>1 \<Rightarrow> t\<^sub>1 | \<dots> | pat\<^sub>n \<Rightarrow> t\<^sub>n)"}
   18.23  \end{quote}
   18.24  \begin{warn}
   18.25  The above three constructs must always be enclosed in parentheses
   18.26 @@ -86,11 +86,11 @@
   18.27  \begin{warn}
   18.28  Right-arrows of all kinds always associate to the right. In particular,
   18.29  the formula
   18.30 -@{text"A\<^isub>1 \<Longrightarrow> A\<^isub>2 \<Longrightarrow> A\<^isub>3"} means @{text "A\<^isub>1 \<Longrightarrow> (A\<^isub>2 \<Longrightarrow> A\<^isub>3)"}.
   18.31 -The (Isabelle specific) notation \mbox{@{text"\<lbrakk> A\<^isub>1; \<dots>; A\<^isub>n \<rbrakk> \<Longrightarrow> A"}}
   18.32 -is short for the iterated implication \mbox{@{text"A\<^isub>1 \<Longrightarrow> \<dots> \<Longrightarrow> A\<^isub>n \<Longrightarrow> A"}}.
   18.33 +@{text"A\<^sub>1 \<Longrightarrow> A\<^sub>2 \<Longrightarrow> A\<^sub>3"} means @{text "A\<^sub>1 \<Longrightarrow> (A\<^sub>2 \<Longrightarrow> A\<^sub>3)"}.
   18.34 +The (Isabelle specific) notation \mbox{@{text"\<lbrakk> A\<^sub>1; \<dots>; A\<^sub>n \<rbrakk> \<Longrightarrow> A"}}
   18.35 +is short for the iterated implication \mbox{@{text"A\<^sub>1 \<Longrightarrow> \<dots> \<Longrightarrow> A\<^sub>n \<Longrightarrow> A"}}.
   18.36  Sometimes we also employ inference rule notation:
   18.37 -\inferrule{\mbox{@{text "A\<^isub>1"}}\\ \mbox{@{text "\<dots>"}}\\ \mbox{@{text "A\<^isub>n"}}}
   18.38 +\inferrule{\mbox{@{text "A\<^sub>1"}}\\ \mbox{@{text "\<dots>"}}\\ \mbox{@{text "A\<^sub>n"}}}
   18.39  {\mbox{@{text A}}}
   18.40  \end{warn}
   18.41  
   18.42 @@ -104,13 +104,13 @@
   18.43  The general format of a theory @{text T} is
   18.44  \begin{quote}
   18.45  \isacom{theory} @{text T}\\
   18.46 -\isacom{imports} @{text "T\<^isub>1 \<dots> T\<^isub>n"}\\
   18.47 +\isacom{imports} @{text "T\<^sub>1 \<dots> T\<^sub>n"}\\
   18.48  \isacom{begin}\\
   18.49  \emph{definitions, theorems and proofs}\\
   18.50  \isacom{end}
   18.51  \end{quote}
   18.52 -where @{text "T\<^isub>1 \<dots> T\<^isub>n"} are the names of existing
   18.53 -theories that @{text T} is based on. The @{text "T\<^isub>i"} are the
   18.54 +where @{text "T\<^sub>1 \<dots> T\<^sub>n"} are the names of existing
   18.55 +theories that @{text T} is based on. The @{text "T\<^sub>i"} are the
   18.56  direct \concept{parent theories} of @{text T}.
   18.57  Everything defined in the parent theories (and their parents, recursively) is
   18.58  automatically visible. Each theory @{text T} must
    19.1 --- a/src/Doc/ProgProve/Bool_nat_list.thy	Tue Aug 13 16:53:23 2013 +0200
    19.2 +++ b/src/Doc/ProgProve/Bool_nat_list.thy	Tue Aug 13 17:45:22 2013 +0200
    19.3 @@ -385,7 +385,7 @@
    19.4  \begin{itemize}
    19.5  \item @{text "[]"} is @{const Nil},
    19.6  \item @{term"x # xs"} is @{term"Cons x xs"},
    19.7 -\item @{text"[x\<^isub>1, \<dots>, x\<^isub>n]"} is @{text"x\<^isub>1 # \<dots> # x\<^isub>n # []"}, and
    19.8 +\item @{text"[x\<^sub>1, \<dots>, x\<^sub>n]"} is @{text"x\<^sub>1 # \<dots> # x\<^sub>n # []"}, and
    19.9  \item @{term "xs @ ys"} is @{term"app xs ys"}.
   19.10  \end{itemize}
   19.11  There is also a large library of predefined functions.
    20.1 --- a/src/Doc/ProgProve/Isar.thy	Tue Aug 13 16:53:23 2013 +0200
    20.2 +++ b/src/Doc/ProgProve/Isar.thy	Tue Aug 13 17:45:22 2013 +0200
    20.3 @@ -443,8 +443,8 @@
    20.4  @{text"\<longleftrightarrow>"}:
    20.5  \end{isamarkuptext}%
    20.6  *}
    20.7 -(*<*)lemma "formula\<^isub>1 \<longleftrightarrow> formula\<^isub>2" proof-(*>*)
    20.8 -show "formula\<^isub>1 \<longleftrightarrow> formula\<^isub>2" (is "?L \<longleftrightarrow> ?R")
    20.9 +(*<*)lemma "formula\<^sub>1 \<longleftrightarrow> formula\<^sub>2" proof-(*>*)
   20.10 +show "formula\<^sub>1 \<longleftrightarrow> formula\<^sub>2" (is "?L \<longleftrightarrow> ?R")
   20.11  proof
   20.12    assume "?L"
   20.13    txt_raw{*\\\mbox{}\quad$\vdots$\\\mbox{}\hspace{-1.4ex}*}
   20.14 @@ -455,7 +455,7 @@
   20.15    show "?L" (*<*)sorry(*>*) txt_raw{*\ $\dots$\\*}
   20.16  qed(*<*)qed(*>*)
   20.17  
   20.18 -text{* Instead of duplicating @{text"formula\<^isub>i"} in the text, we introduce
   20.19 +text{* Instead of duplicating @{text"formula\<^sub>i"} in the text, we introduce
   20.20  the two abbreviations @{text"?L"} and @{text"?R"} by pattern matching.
   20.21  Pattern matching works wherever a formula is stated, in particular
   20.22  with \isacom{have} and \isacom{lemma}.
   20.23 @@ -513,11 +513,11 @@
   20.24  \isa{%
   20.25  *}
   20.26  (*<*)lemma "P" proof-(*>*)
   20.27 -have "P\<^isub>1" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.28 -moreover have "P\<^isub>2" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.29 +have "P\<^sub>1" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.30 +moreover have "P\<^sub>2" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.31  moreover
   20.32  txt_raw{*\\$\vdots$\\\hspace{-1.4ex}*}(*<*)have "True" ..(*>*)
   20.33 -moreover have "P\<^isub>n" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.34 +moreover have "P\<^sub>n" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.35  ultimately have "P"  (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.36  (*<*)oops(*>*)
   20.37  
   20.38 @@ -529,11 +529,11 @@
   20.39  \isa{%
   20.40  *}
   20.41  (*<*)lemma "P" proof-(*>*)
   20.42 -have lab\<^isub>1: "P\<^isub>1" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.43 -have lab\<^isub>2: "P\<^isub>2" (*<*)sorry(*>*)txt_raw{*\ $\dots$*}
   20.44 +have lab\<^sub>1: "P\<^sub>1" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.45 +have lab\<^sub>2: "P\<^sub>2" (*<*)sorry(*>*)txt_raw{*\ $\dots$*}
   20.46  txt_raw{*\\$\vdots$\\\hspace{-1.4ex}*}
   20.47 -have lab\<^isub>n: "P\<^isub>n" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.48 -from lab\<^isub>1 lab\<^isub>2 txt_raw{*\ $\dots$\\*}
   20.49 +have lab\<^sub>n: "P\<^sub>n" (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.50 +from lab\<^sub>1 lab\<^sub>2 txt_raw{*\ $\dots$\\*}
   20.51  have "P"  (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
   20.52  (*<*)oops(*>*)
   20.53  
   20.54 @@ -551,14 +551,14 @@
   20.55  has its own assumptions and is generalized over its locally fixed
   20.56  variables at the end. This is what a \concept{raw proof block} does:
   20.57  \begin{quote}
   20.58 -@{text"{"} \isacom{fix} @{text"x\<^isub>1 \<dots> x\<^isub>n"}\\
   20.59 -\mbox{}\ \ \ \isacom{assume} @{text"A\<^isub>1 \<dots> A\<^isub>m"}\\
   20.60 +@{text"{"} \isacom{fix} @{text"x\<^sub>1 \<dots> x\<^sub>n"}\\
   20.61 +\mbox{}\ \ \ \isacom{assume} @{text"A\<^sub>1 \<dots> A\<^sub>m"}\\
   20.62  \mbox{}\ \ \ $\vdots$\\
   20.63  \mbox{}\ \ \ \isacom{have} @{text"B"}\\
   20.64  @{text"}"}
   20.65  \end{quote}
   20.66 -proves @{text"\<lbrakk> A\<^isub>1; \<dots> ; A\<^isub>m \<rbrakk> \<Longrightarrow> B"}
   20.67 -where all @{text"x\<^isub>i"} have been replaced by unknowns @{text"?x\<^isub>i"}.
   20.68 +proves @{text"\<lbrakk> A\<^sub>1; \<dots> ; A\<^sub>m \<rbrakk> \<Longrightarrow> B"}
   20.69 +where all @{text"x\<^sub>i"} have been replaced by unknowns @{text"?x\<^sub>i"}.
   20.70  \begin{warn}
   20.71  The conclusion of a raw proof block is \emph{not} indicated by \isacom{show}
   20.72  but is simply the final \isacom{have}.
   20.73 @@ -642,15 +642,15 @@
   20.74  This proof pattern works for any term @{text t} whose type is a datatype.
   20.75  The goal has to be proved for each constructor @{text C}:
   20.76  \begin{quote}
   20.77 -\isacom{fix} \ @{text"x\<^isub>1 \<dots> x\<^isub>n"} \isacom{assume} @{text"\"t = C x\<^isub>1 \<dots> x\<^isub>n\""}
   20.78 +\isacom{fix} \ @{text"x\<^sub>1 \<dots> x\<^sub>n"} \isacom{assume} @{text"\"t = C x\<^sub>1 \<dots> x\<^sub>n\""}
   20.79  \end{quote}
   20.80  Each case can be written in a more compact form by means of the \isacom{case}
   20.81  command:
   20.82  \begin{quote}
   20.83 -\isacom{case} @{text "(C x\<^isub>1 \<dots> x\<^isub>n)"}
   20.84 +\isacom{case} @{text "(C x\<^sub>1 \<dots> x\<^sub>n)"}
   20.85  \end{quote}
   20.86  This is equivalent to the explicit \isacom{fix}-\isacom{assume} line
   20.87 -but also gives the assumption @{text"\"t = C x\<^isub>1 \<dots> x\<^isub>n\""} a name: @{text C},
   20.88 +but also gives the assumption @{text"\"t = C x\<^sub>1 \<dots> x\<^sub>n\""} a name: @{text C},
   20.89  like the constructor.
   20.90  Here is the \isacom{case} version of the proof above:
   20.91  *}
   20.92 @@ -782,16 +782,16 @@
   20.93  (here @{text"A(Suc n)"}).
   20.94  
   20.95  Induction works for any datatype.
   20.96 -Proving a goal @{text"\<lbrakk> A\<^isub>1(x); \<dots>; A\<^isub>k(x) \<rbrakk> \<Longrightarrow> P(x)"}
   20.97 +Proving a goal @{text"\<lbrakk> A\<^sub>1(x); \<dots>; A\<^sub>k(x) \<rbrakk> \<Longrightarrow> P(x)"}
   20.98  by induction on @{text x} generates a proof obligation for each constructor
   20.99 -@{text C} of the datatype. The command @{text"case (C x\<^isub>1 \<dots> x\<^isub>n)"}
  20.100 +@{text C} of the datatype. The command @{text"case (C x\<^sub>1 \<dots> x\<^sub>n)"}
  20.101  performs the following steps:
  20.102  \begin{enumerate}
  20.103 -\item \isacom{fix} @{text"x\<^isub>1 \<dots> x\<^isub>n"}
  20.104 +\item \isacom{fix} @{text"x\<^sub>1 \<dots> x\<^sub>n"}
  20.105  \item \isacom{assume} the induction hypotheses (calling them @{text C.IH})
  20.106 - and the premises \mbox{@{text"A\<^isub>i(C x\<^isub>1 \<dots> x\<^isub>n)"}} (calling them @{text"C.prems"})
  20.107 + and the premises \mbox{@{text"A\<^sub>i(C x\<^sub>1 \<dots> x\<^sub>n)"}} (calling them @{text"C.prems"})
  20.108   and calling the whole list @{text C}
  20.109 -\item \isacom{let} @{text"?case = \"P(C x\<^isub>1 \<dots> x\<^isub>n)\""}
  20.110 +\item \isacom{let} @{text"?case = \"P(C x\<^sub>1 \<dots> x\<^sub>n)\""}
  20.111  \end{enumerate}
  20.112  
  20.113  \subsection{Rule Induction}
  20.114 @@ -889,34 +889,34 @@
  20.115  \indent
  20.116  In general, let @{text I} be a (for simplicity unary) inductively defined
  20.117  predicate and let the rules in the definition of @{text I}
  20.118 -be called @{text "rule\<^isub>1"}, \dots, @{text "rule\<^isub>n"}. A proof by rule
  20.119 +be called @{text "rule\<^sub>1"}, \dots, @{text "rule\<^sub>n"}. A proof by rule
  20.120  induction follows this pattern:
  20.121  *}
  20.122  
  20.123  (*<*)
  20.124 -inductive I where rule\<^isub>1: "I()" |  rule\<^isub>2: "I()" |  rule\<^isub>n: "I()"
  20.125 +inductive I where rule\<^sub>1: "I()" |  rule\<^sub>2: "I()" |  rule\<^sub>n: "I()"
  20.126  lemma "I x \<Longrightarrow> P x" proof-(*>*)
  20.127  show "I x \<Longrightarrow> P x"
  20.128  proof(induction rule: I.induct)
  20.129 -  case rule\<^isub>1
  20.130 +  case rule\<^sub>1
  20.131    txt_raw{*\\[-.4ex]\mbox{}\ \ $\vdots$\\[-.4ex]\mbox{}\hspace{-1ex}*}
  20.132    show ?case (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
  20.133  next
  20.134    txt_raw{*\\[-.4ex]$\vdots$\\[-.4ex]\mbox{}\hspace{-1ex}*}
  20.135  (*<*)
  20.136 -  case rule\<^isub>2
  20.137 +  case rule\<^sub>2
  20.138    show ?case sorry
  20.139  (*>*)
  20.140  next
  20.141 -  case rule\<^isub>n
  20.142 +  case rule\<^sub>n
  20.143    txt_raw{*\\[-.4ex]\mbox{}\ \ $\vdots$\\[-.4ex]\mbox{}\hspace{-1ex}*}
  20.144    show ?case (*<*)sorry(*>*)txt_raw{*\ $\dots$\\*}
  20.145  qed(*<*)qed(*>*)
  20.146  
  20.147  text{*
  20.148  One can provide explicit variable names by writing
  20.149 -\isacom{case}~@{text"(rule\<^isub>i x\<^isub>1 \<dots> x\<^isub>k)"}, thus renaming the first @{text k}
  20.150 -free variables in rule @{text i} to @{text"x\<^isub>1 \<dots> x\<^isub>k"},
  20.151 +\isacom{case}~@{text"(rule\<^sub>i x\<^sub>1 \<dots> x\<^sub>k)"}, thus renaming the first @{text k}
  20.152 +free variables in rule @{text i} to @{text"x\<^sub>1 \<dots> x\<^sub>k"},
  20.153  going through rule @{text i} from left to right.
  20.154  
  20.155  \subsection{Assumption Naming}
  20.156 @@ -930,8 +930,8 @@
  20.157  induction rule. For rule inductions these are the hypotheses of rule
  20.158  @{text name}, for structural inductions these are empty.
  20.159  \item[@{text name.prems}] contains the (suitably instantiated) premises
  20.160 -of the statement being proved, i.e. the @{text A\<^isub>i} when
  20.161 -proving @{text"\<lbrakk> A\<^isub>1; \<dots>; A\<^isub>n \<rbrakk> \<Longrightarrow> A"}.
  20.162 +of the statement being proved, i.e. the @{text A\<^sub>i} when
  20.163 +proving @{text"\<lbrakk> A\<^sub>1; \<dots>; A\<^sub>n \<rbrakk> \<Longrightarrow> A"}.
  20.164  \end{description}
  20.165  \begin{warn}
  20.166  Proof method @{text induct} differs from @{text induction}
    21.1 --- a/src/Doc/ProgProve/Logic.thy	Tue Aug 13 16:53:23 2013 +0200
    21.2 +++ b/src/Doc/ProgProve/Logic.thy	Tue Aug 13 17:45:22 2013 +0200
    21.3 @@ -72,8 +72,8 @@
    21.4  theorems and proof states, separating assumptions from conclusions.
    21.5  The implication @{text"\<longrightarrow>"} is part of the logic HOL and can occur inside the
    21.6  formulas that make up the assumptions and conclusion.
    21.7 -Theorems should be of the form @{text"\<lbrakk> A\<^isub>1; \<dots>; A\<^isub>n \<rbrakk> \<Longrightarrow> A"},
    21.8 -not @{text"A\<^isub>1 \<and> \<dots> \<and> A\<^isub>n \<longrightarrow> A"}. Both are logically equivalent
    21.9 +Theorems should be of the form @{text"\<lbrakk> A\<^sub>1; \<dots>; A\<^sub>n \<rbrakk> \<Longrightarrow> A"},
   21.10 +not @{text"A\<^sub>1 \<and> \<dots> \<and> A\<^sub>n \<longrightarrow> A"}. Both are logically equivalent
   21.11  but the first one works better when using the theorem in further proofs.
   21.12  \end{warn}
   21.13  
   21.14 @@ -83,7 +83,7 @@
   21.15  Sets of elements of type @{typ 'a} have type @{typ"'a set"}.
   21.16  They can be finite or infinite. Sets come with the usual notation:
   21.17  \begin{itemize}
   21.18 -\item @{term"{}"},\quad @{text"{e\<^isub>1,\<dots>,e\<^isub>n}"}
   21.19 +\item @{term"{}"},\quad @{text"{e\<^sub>1,\<dots>,e\<^sub>n}"}
   21.20  \item @{prop"e \<in> A"},\quad @{prop"A \<subseteq> B"}
   21.21  \item @{term"A \<union> B"},\quad @{term"A \<inter> B"},\quad @{term"A - B"},\quad @{term"-A"}
   21.22  \end{itemize}
   21.23 @@ -319,9 +319,9 @@
   21.24  two formulas @{text"a=b"} and @{text False}, yielding the rule
   21.25  @{thm[display,mode=Rule]conjI[of "a=b" False]}
   21.26  
   21.27 -In general, @{text"th[of string\<^isub>1 \<dots> string\<^isub>n]"} instantiates
   21.28 +In general, @{text"th[of string\<^sub>1 \<dots> string\<^sub>n]"} instantiates
   21.29  the unknowns in the theorem @{text th} from left to right with the terms
   21.30 -@{text string\<^isub>1} to @{text string\<^isub>n}.
   21.31 +@{text string\<^sub>1} to @{text string\<^sub>n}.
   21.32  
   21.33  \item By unification. \concept{Unification} is the process of making two
   21.34  terms syntactically equal by suitable instantiations of unknowns. For example,
   21.35 @@ -346,13 +346,13 @@
   21.36  @{text"1.  \<dots>  \<Longrightarrow> A"}\\
   21.37  @{text"2.  \<dots>  \<Longrightarrow> B"}
   21.38  \end{quote}
   21.39 -In general, the application of a rule @{text"\<lbrakk> A\<^isub>1; \<dots>; A\<^isub>n \<rbrakk> \<Longrightarrow> A"}
   21.40 +In general, the application of a rule @{text"\<lbrakk> A\<^sub>1; \<dots>; A\<^sub>n \<rbrakk> \<Longrightarrow> A"}
   21.41  to a subgoal \mbox{@{text"\<dots> \<Longrightarrow> C"}} proceeds in two steps:
   21.42  \begin{enumerate}
   21.43  \item
   21.44  Unify @{text A} and @{text C}, thus instantiating the unknowns in the rule.
   21.45  \item
   21.46 -Replace the subgoal @{text C} with @{text n} new subgoals @{text"A\<^isub>1"} to @{text"A\<^isub>n"}.
   21.47 +Replace the subgoal @{text C} with @{text n} new subgoals @{text"A\<^sub>1"} to @{text"A\<^sub>n"}.
   21.48  \end{enumerate}
   21.49  This is the command to apply rule @{text xyz}:
   21.50  \begin{quote}
   21.51 @@ -430,10 +430,10 @@
   21.52  premises.
   21.53  \end{warn}
   21.54  
   21.55 -In general @{text r} can be of the form @{text"\<lbrakk> A\<^isub>1; \<dots>; A\<^isub>n \<rbrakk> \<Longrightarrow> A"}
   21.56 -and there can be multiple argument theorems @{text r\<^isub>1} to @{text r\<^isub>m}
   21.57 -(with @{text"m \<le> n"}), in which case @{text "r[OF r\<^isub>1 \<dots> r\<^isub>m]"} is obtained
   21.58 -by unifying and thus proving @{text "A\<^isub>i"} with @{text "r\<^isub>i"}, @{text"i = 1\<dots>m"}.
   21.59 +In general @{text r} can be of the form @{text"\<lbrakk> A\<^sub>1; \<dots>; A\<^sub>n \<rbrakk> \<Longrightarrow> A"}
   21.60 +and there can be multiple argument theorems @{text r\<^sub>1} to @{text r\<^sub>m}
   21.61 +(with @{text"m \<le> n"}), in which case @{text "r[OF r\<^sub>1 \<dots> r\<^sub>m]"} is obtained
   21.62 +by unifying and thus proving @{text "A\<^sub>i"} with @{text "r\<^sub>i"}, @{text"i = 1\<dots>m"}.
   21.63  Here is an example, where @{thm[source]refl} is the theorem
   21.64  @{thm[show_question_marks] refl}:
   21.65  *}
   21.66 @@ -739,7 +739,7 @@
   21.67  \end{quote}
   21.68  followed by a sequence of (possibly named) rules of the form
   21.69  \begin{quote}
   21.70 -@{text "\<lbrakk> I a\<^isub>1; \<dots>; I a\<^isub>n \<rbrakk> \<Longrightarrow> I a"}
   21.71 +@{text "\<lbrakk> I a\<^sub>1; \<dots>; I a\<^sub>n \<rbrakk> \<Longrightarrow> I a"}
   21.72  \end{quote}
   21.73  separated by @{text"|"}. As usual, @{text n} can be 0.
   21.74  The corresponding rule induction principle
   21.75 @@ -755,7 +755,7 @@
   21.76  Proving @{prop "I x \<Longrightarrow> P x"} by rule induction means proving
   21.77  for every rule of @{text I} that @{text P} is invariant:
   21.78  \begin{quote}
   21.79 -@{text "\<lbrakk> I a\<^isub>1; P a\<^isub>1; \<dots>; I a\<^isub>n; P a\<^isub>n \<rbrakk> \<Longrightarrow> P a"}
   21.80 +@{text "\<lbrakk> I a\<^sub>1; P a\<^sub>1; \<dots>; I a\<^sub>n; P a\<^sub>n \<rbrakk> \<Longrightarrow> P a"}
   21.81  \end{quote}
   21.82  
   21.83  The above format for inductive definitions is simplified in a number of
    22.1 --- a/src/Doc/ProgProve/Types_and_funs.thy	Tue Aug 13 16:53:23 2013 +0200
    22.2 +++ b/src/Doc/ProgProve/Types_and_funs.thy	Tue Aug 13 17:45:22 2013 +0200
    22.3 @@ -21,14 +21,14 @@
    22.4  The general form of a datatype definition looks like this:
    22.5  \begin{quote}
    22.6  \begin{tabular}{@ {}rclcll}
    22.7 -\isacom{datatype} @{text "('a\<^isub>1,\<dots>,'a\<^isub>n)t"}
    22.8 +\isacom{datatype} @{text "('a\<^sub>1,\<dots>,'a\<^sub>n)t"}
    22.9       & = & $C_1 \ @{text"\""}\tau_{1,1}@{text"\""} \dots @{text"\""}\tau_{1,n_1}@{text"\""}$ \\
   22.10       & $|$ & \dots \\
   22.11       & $|$ & $C_k \ @{text"\""}\tau_{k,1}@{text"\""} \dots @{text"\""}\tau_{k,n_k}@{text"\""}$
   22.12  \end{tabular}
   22.13  \end{quote}
   22.14  It introduces the constructors \
   22.15 -$C_i :: \tau_{i,1}\Rightarrow \cdots \Rightarrow \tau_{i,n_i} \Rightarrow$~@{text "('a\<^isub>1,\<dots>,'a\<^isub>n)t"} \ and expresses that any value of this type is built from these constructors in a unique manner. Uniqueness is implied by the following
   22.16 +$C_i :: \tau_{i,1}\Rightarrow \cdots \Rightarrow \tau_{i,n_i} \Rightarrow$~@{text "('a\<^sub>1,\<dots>,'a\<^sub>n)t"} \ and expresses that any value of this type is built from these constructors in a unique manner. Uniqueness is implied by the following
   22.17  properties of the constructors:
   22.18  \begin{itemize}
   22.19  \item \emph{Distinctness:} $C_i\ \ldots \neq C_j\ \dots$ \quad if $i \neq j$
   22.20 @@ -40,9 +40,9 @@
   22.21  \end{itemize}
   22.22  The fact that any value of the datatype is built from the constructors implies
   22.23  the structural induction rule: to show
   22.24 -$P~x$ for all $x$ of type @{text "('a\<^isub>1,\<dots>,'a\<^isub>n)t"},
   22.25 +$P~x$ for all $x$ of type @{text "('a\<^sub>1,\<dots>,'a\<^sub>n)t"},
   22.26  one needs to show $P(C_i\ x_1 \dots x_{n_i})$ (for each $i$) assuming
   22.27 -$P(x_j)$ for all $j$ where $\tau_{i,j} =$~@{text "('a\<^isub>1,\<dots>,'a\<^isub>n)t"}.
   22.28 +$P(x_j)$ for all $j$ where $\tau_{i,j} =$~@{text "('a\<^sub>1,\<dots>,'a\<^sub>n)t"}.
   22.29  Distinctness and injectivity are applied automatically by @{text auto}
   22.30  and other proof methods. Induction must be applied explicitly.
   22.31  
   22.32 @@ -91,11 +91,11 @@
   22.33  "lookup ((a,b) # ps) x = (if a = x then Some b else lookup ps x)"
   22.34  
   22.35  text{*
   22.36 -Note that @{text"\<tau>\<^isub>1 * \<tau>\<^isub>2"} is the type of pairs, also written @{text"\<tau>\<^isub>1 \<times> \<tau>\<^isub>2"}.
   22.37 +Note that @{text"\<tau>\<^sub>1 * \<tau>\<^sub>2"} is the type of pairs, also written @{text"\<tau>\<^sub>1 \<times> \<tau>\<^sub>2"}.
   22.38  Pairs can be taken apart either by pattern matching (as above) or with the
   22.39  projection functions @{const fst} and @{const snd}: @{thm fst_conv} and @{thm snd_conv}. Tuples are simulated by pairs nested to the right: @{term"(a,b,c)"}
   22.40 -abbreviates @{text"(a, (b, c))"} and @{text "\<tau>\<^isub>1 \<times> \<tau>\<^isub>2 \<times> \<tau>\<^isub>3"} abbreviates
   22.41 -@{text "\<tau>\<^isub>1 \<times> (\<tau>\<^isub>2 \<times> \<tau>\<^isub>3)"}.
   22.42 +abbreviates @{text"(a, (b, c))"} and @{text "\<tau>\<^sub>1 \<times> \<tau>\<^sub>2 \<times> \<tau>\<^sub>3"} abbreviates
   22.43 +@{text "\<tau>\<^sub>1 \<times> (\<tau>\<^sub>2 \<times> \<tau>\<^sub>3)"}.
   22.44  
   22.45  \subsection{Definitions}
   22.46  
   22.47 @@ -106,7 +106,7 @@
   22.48  "sq n = n * n"
   22.49  
   22.50  text{* Such definitions do not allow pattern matching but only
   22.51 -@{text"f x\<^isub>1 \<dots> x\<^isub>n = t"}, where @{text f} does not occur in @{text t}.
   22.52 +@{text"f x\<^sub>1 \<dots> x\<^sub>n = t"}, where @{text f} does not occur in @{text t}.
   22.53  
   22.54  \subsection{Abbreviations}
   22.55  
   22.56 @@ -185,18 +185,18 @@
   22.57  because the induction follows the (terminating!) computation.
   22.58  For every defining equation
   22.59  \begin{quote}
   22.60 -@{text "f(e) = \<dots> f(r\<^isub>1) \<dots> f(r\<^isub>k) \<dots>"}
   22.61 +@{text "f(e) = \<dots> f(r\<^sub>1) \<dots> f(r\<^sub>k) \<dots>"}
   22.62  \end{quote}
   22.63 -where @{text"f(r\<^isub>i)"}, @{text"i=1\<dots>k"}, are all the recursive calls,
   22.64 +where @{text"f(r\<^sub>i)"}, @{text"i=1\<dots>k"}, are all the recursive calls,
   22.65  the induction rule @{text"f.induct"} contains one premise of the form
   22.66  \begin{quote}
   22.67 -@{text"P(r\<^isub>1) \<Longrightarrow> \<dots> \<Longrightarrow> P(r\<^isub>k) \<Longrightarrow> P(e)"}
   22.68 +@{text"P(r\<^sub>1) \<Longrightarrow> \<dots> \<Longrightarrow> P(r\<^sub>k) \<Longrightarrow> P(e)"}
   22.69  \end{quote}
   22.70 -If @{text "f :: \<tau>\<^isub>1 \<Rightarrow> \<dots> \<Rightarrow> \<tau>\<^isub>n \<Rightarrow> \<tau>"} then @{text"f.induct"} is applied like this:
   22.71 +If @{text "f :: \<tau>\<^sub>1 \<Rightarrow> \<dots> \<Rightarrow> \<tau>\<^sub>n \<Rightarrow> \<tau>"} then @{text"f.induct"} is applied like this:
   22.72  \begin{quote}
   22.73 -\isacom{apply}@{text"(induction x\<^isub>1 \<dots> x\<^isub>n rule: f.induct)"}
   22.74 +\isacom{apply}@{text"(induction x\<^sub>1 \<dots> x\<^sub>n rule: f.induct)"}
   22.75  \end{quote}
   22.76 -where typically there is a call @{text"f x\<^isub>1 \<dots> x\<^isub>n"} in the goal.
   22.77 +where typically there is a call @{text"f x\<^sub>1 \<dots> x\<^sub>n"} in the goal.
   22.78  But note that the induction rule does not mention @{text f} at all,
   22.79  except in its name, and is applicable independently of @{text f}.
   22.80  
   22.81 @@ -300,7 +300,7 @@
   22.82  \emph{Generalize induction by generalizing all free
   22.83  variables\\ {\em(except the induction variable itself)}.}
   22.84  \end{quote}
   22.85 -Generalization is best performed with @{text"arbitrary: y\<^isub>1 \<dots> y\<^isub>k"}. 
   22.86 +Generalization is best performed with @{text"arbitrary: y\<^sub>1 \<dots> y\<^sub>k"}. 
   22.87  This heuristic prevents trivial failures like the one above.
   22.88  However, it should not be applied blindly.
   22.89  It is not always required, and the additional quantifiers can complicate
   22.90 @@ -410,16 +410,16 @@
   22.91  In such cases the more predictable @{text simp} method should be used.
   22.92  Given a goal
   22.93  \begin{quote}
   22.94 -@{text"1. \<lbrakk> P\<^isub>1; \<dots>; P\<^isub>m \<rbrakk> \<Longrightarrow> C"}
   22.95 +@{text"1. \<lbrakk> P\<^sub>1; \<dots>; P\<^sub>m \<rbrakk> \<Longrightarrow> C"}
   22.96  \end{quote}
   22.97  the command
   22.98  \begin{quote}
   22.99 -\isacom{apply}@{text"(simp add: th\<^isub>1 \<dots> th\<^isub>n)"}
  22.100 +\isacom{apply}@{text"(simp add: th\<^sub>1 \<dots> th\<^sub>n)"}
  22.101  \end{quote}
  22.102 -simplifies the assumptions @{text "P\<^isub>i"} and the conclusion @{text C} using
  22.103 +simplifies the assumptions @{text "P\<^sub>i"} and the conclusion @{text C} using
  22.104  \begin{itemize}
  22.105  \item all simplification rules, including the ones coming from \isacom{datatype} and \isacom{fun},
  22.106 -\item the additional lemmas @{text"th\<^isub>1 \<dots> th\<^isub>n"}, and
  22.107 +\item the additional lemmas @{text"th\<^sub>1 \<dots> th\<^sub>n"}, and
  22.108  \item the assumptions.
  22.109  \end{itemize}
  22.110  In addition to or instead of @{text add} there is also @{text del} for removing
    23.1 --- a/src/Doc/Tutorial/Documents/Documents.thy	Tue Aug 13 16:53:23 2013 +0200
    23.2 +++ b/src/Doc/Tutorial/Documents/Documents.thy	Tue Aug 13 17:45:22 2013 +0200
    23.3 @@ -126,10 +126,10 @@
    23.4    in the trailing part of an identifier. This means that the input
    23.5  
    23.6    \medskip
    23.7 -  {\small\noindent \verb,\,\verb,<forall>\,\verb,<alpha>\<^isub>1.,~\verb,\,\verb,<alpha>\<^isub>1 = \,\verb,<Pi>\<^isub>\<A>,}
    23.8 +  {\small\noindent \verb,\,\verb,<forall>\,\verb,<alpha>\<^sub>1.,~\verb,\,\verb,<alpha>\<^sub>1 = \,\verb,<Pi>\<^sub>\<A>,}
    23.9  
   23.10    \medskip
   23.11 -  \noindent is recognized as the term @{term "\<forall>\<alpha>\<^isub>1. \<alpha>\<^isub>1 = \<Pi>\<^isub>\<A>"} 
   23.12 +  \noindent is recognized as the term @{term "\<forall>\<alpha>\<^sub>1. \<alpha>\<^sub>1 = \<Pi>\<^sub>\<A>"} 
   23.13    by Isabelle.
   23.14  
   23.15    Replacing our previous definition of @{text xor} by the
    24.1 --- a/src/Doc/Tutorial/Inductive/Mutual.thy	Tue Aug 13 16:53:23 2013 +0200
    24.2 +++ b/src/Doc/Tutorial/Inductive/Mutual.thy	Tue Aug 13 17:45:22 2013 +0200
    24.3 @@ -69,11 +69,11 @@
    24.4  you write \commdx{inductive} instead of \isacommand{inductive\_set} and
    24.5  @{prop"evn n"} instead of @{prop"n : even"}.
    24.6  When defining an n-ary relation as a predicate, it is recommended to curry
    24.7 -the predicate: its type should be \mbox{@{text"\<tau>\<^isub>1 \<Rightarrow> \<dots> \<Rightarrow> \<tau>\<^isub>n \<Rightarrow> bool"}}
    24.8 +the predicate: its type should be \mbox{@{text"\<tau>\<^sub>1 \<Rightarrow> \<dots> \<Rightarrow> \<tau>\<^sub>n \<Rightarrow> bool"}}
    24.9  rather than
   24.10 -@{text"\<tau>\<^isub>1 \<times> \<dots> \<times> \<tau>\<^isub>n \<Rightarrow> bool"}. The curried version facilitates inductions.
   24.11 +@{text"\<tau>\<^sub>1 \<times> \<dots> \<times> \<tau>\<^sub>n \<Rightarrow> bool"}. The curried version facilitates inductions.
   24.12  
   24.13 -When should you choose sets and when predicates? If you intend to combine your notion with set theoretic notation, define it as an inductive set. If not, define it as an inductive predicate, thus avoiding the @{text"\<in>"} notation. But note that predicates of more than one argument cannot be combined with the usual set theoretic operators: @{term"P \<union> Q"} is not well-typed if @{text"P, Q :: \<tau>\<^isub>1 \<Rightarrow> \<tau>\<^isub>2 \<Rightarrow> bool"}, you have to write @{term"%x y. P x y & Q x y"} instead.
   24.14 +When should you choose sets and when predicates? If you intend to combine your notion with set theoretic notation, define it as an inductive set. If not, define it as an inductive predicate, thus avoiding the @{text"\<in>"} notation. But note that predicates of more than one argument cannot be combined with the usual set theoretic operators: @{term"P \<union> Q"} is not well-typed if @{text"P, Q :: \<tau>\<^sub>1 \<Rightarrow> \<tau>\<^sub>2 \<Rightarrow> bool"}, you have to write @{term"%x y. P x y & Q x y"} instead.
   24.15  \index{inductive predicates|)}
   24.16  *}
   24.17  
    25.1 --- a/src/Doc/Tutorial/Types/Axioms.thy	Tue Aug 13 16:53:23 2013 +0200
    25.2 +++ b/src/Doc/Tutorial/Types/Axioms.thy	Tue Aug 13 17:45:22 2013 +0200
    25.3 @@ -63,9 +63,9 @@
    25.4  begin
    25.5  
    25.6  instance proof
    25.7 -  fix p\<^isub>1 p\<^isub>2 p\<^isub>3 :: "'a\<Colon>semigroup \<times> 'b\<Colon>semigroup"
    25.8 -  show "p\<^isub>1 \<oplus> p\<^isub>2 \<oplus> p\<^isub>3 = p\<^isub>1 \<oplus> (p\<^isub>2 \<oplus> p\<^isub>3)"
    25.9 -    by (cases p\<^isub>1, cases p\<^isub>2, cases p\<^isub>3) (simp add: assoc)
   25.10 +  fix p\<^sub>1 p\<^sub>2 p\<^sub>3 :: "'a\<Colon>semigroup \<times> 'b\<Colon>semigroup"
   25.11 +  show "p\<^sub>1 \<oplus> p\<^sub>2 \<oplus> p\<^sub>3 = p\<^sub>1 \<oplus> (p\<^sub>2 \<oplus> p\<^sub>3)"
   25.12 +    by (cases p\<^sub>1, cases p\<^sub>2, cases p\<^sub>3) (simp add: assoc)
   25.13  
   25.14  txt {* \noindent Associativity of product semigroups is established
   25.15  using the hypothetical associativity @{fact assoc} of the type
    26.1 --- a/src/HOL/Complete_Lattices.thy	Tue Aug 13 16:53:23 2013 +0200
    26.2 +++ b/src/HOL/Complete_Lattices.thy	Tue Aug 13 17:45:22 2013 +0200
    26.3 @@ -1033,8 +1033,8 @@
    26.4  
    26.5  text {*
    26.6    Note the difference between ordinary xsymbol syntax of indexed
    26.7 -  unions and intersections (e.g.\ @{text"\<Union>a\<^isub>1\<in>A\<^isub>1. B"})
    26.8 -  and their \LaTeX\ rendition: @{term"\<Union>a\<^isub>1\<in>A\<^isub>1. B"}. The
    26.9 +  unions and intersections (e.g.\ @{text"\<Union>a\<^sub>1\<in>A\<^sub>1. B"})
   26.10 +  and their \LaTeX\ rendition: @{term"\<Union>a\<^sub>1\<in>A\<^sub>1. B"}. The
   26.11    former does not make the index expression a subscript of the
   26.12    union/intersection symbol because this leads to problems with nested
   26.13    subscripts in Proof General.
    27.1 --- a/src/HOL/Complex.thy	Tue Aug 13 16:53:23 2013 +0200
    27.2 +++ b/src/HOL/Complex.thy	Tue Aug 13 17:45:22 2013 +0200
    27.3 @@ -103,7 +103,7 @@
    27.4  
    27.5  definition complex_inverse_def:
    27.6    "inverse x =
    27.7 -    Complex (Re x / ((Re x)\<twosuperior> + (Im x)\<twosuperior>)) (- Im x / ((Re x)\<twosuperior> + (Im x)\<twosuperior>))"
    27.8 +    Complex (Re x / ((Re x)\<^sup>2 + (Im x)\<^sup>2)) (- Im x / ((Re x)\<^sup>2 + (Im x)\<^sup>2))"
    27.9  
   27.10  definition complex_divide_def:
   27.11    "x / (y\<Colon>complex) = x * inverse y"
   27.12 @@ -128,15 +128,15 @@
   27.13    by (simp add: complex_mult_def)
   27.14  
   27.15  lemma complex_inverse [simp]:
   27.16 -  "inverse (Complex a b) = Complex (a / (a\<twosuperior> + b\<twosuperior>)) (- b / (a\<twosuperior> + b\<twosuperior>))"
   27.17 +  "inverse (Complex a b) = Complex (a / (a\<^sup>2 + b\<^sup>2)) (- b / (a\<^sup>2 + b\<^sup>2))"
   27.18    by (simp add: complex_inverse_def)
   27.19  
   27.20  lemma complex_Re_inverse:
   27.21 -  "Re (inverse x) = Re x / ((Re x)\<twosuperior> + (Im x)\<twosuperior>)"
   27.22 +  "Re (inverse x) = Re x / ((Re x)\<^sup>2 + (Im x)\<^sup>2)"
   27.23    by (simp add: complex_inverse_def)
   27.24  
   27.25  lemma complex_Im_inverse:
   27.26 -  "Im (inverse x) = - Im x / ((Re x)\<twosuperior> + (Im x)\<twosuperior>)"
   27.27 +  "Im (inverse x) = - Im x / ((Re x)\<^sup>2 + (Im x)\<^sup>2)"
   27.28    by (simp add: complex_inverse_def)
   27.29  
   27.30  instance
   27.31 @@ -267,7 +267,7 @@
   27.32  begin
   27.33  
   27.34  definition complex_norm_def:
   27.35 -  "norm z = sqrt ((Re z)\<twosuperior> + (Im z)\<twosuperior>)"
   27.36 +  "norm z = sqrt ((Re z)\<^sup>2 + (Im z)\<^sup>2)"
   27.37  
   27.38  abbreviation cmod :: "complex \<Rightarrow> real"
   27.39    where "cmod \<equiv> norm"
   27.40 @@ -283,7 +283,7 @@
   27.41  
   27.42  lemmas cmod_def = complex_norm_def
   27.43  
   27.44 -lemma complex_norm [simp]: "cmod (Complex x y) = sqrt (x\<twosuperior> + y\<twosuperior>)"
   27.45 +lemma complex_norm [simp]: "cmod (Complex x y) = sqrt (x\<^sup>2 + y\<^sup>2)"
   27.46    by (simp add: complex_norm_def)
   27.47  
   27.48  instance proof
   27.49 @@ -439,7 +439,7 @@
   27.50  lemma i_squared [simp]: "ii * ii = -1"
   27.51    by (simp add: i_def)
   27.52  
   27.53 -lemma power2_i [simp]: "ii\<twosuperior> = -1"
   27.54 +lemma power2_i [simp]: "ii\<^sup>2 = -1"
   27.55    by (simp add: power2_eq_square)
   27.56  
   27.57  lemma inverse_i [simp]: "inverse ii = - ii"
   27.58 @@ -529,10 +529,10 @@
   27.59  lemma complex_diff_cnj: "z - cnj z = complex_of_real (2 * Im z) * ii"
   27.60    by (simp add: complex_eq_iff)
   27.61  
   27.62 -lemma complex_mult_cnj: "z * cnj z = complex_of_real ((Re z)\<twosuperior> + (Im z)\<twosuperior>)"
   27.63 +lemma complex_mult_cnj: "z * cnj z = complex_of_real ((Re z)\<^sup>2 + (Im z)\<^sup>2)"
   27.64    by (simp add: complex_eq_iff power2_eq_square)
   27.65  
   27.66 -lemma complex_mod_mult_cnj: "cmod (z * cnj z) = (cmod z)\<twosuperior>"
   27.67 +lemma complex_mod_mult_cnj: "cmod (z * cnj z) = (cmod z)\<^sup>2"
   27.68    by (simp add: norm_mult power2_eq_square)
   27.69  
   27.70  lemma complex_mod_sqrt_Re_mult_cnj: "cmod z = sqrt (Re (z * cnj z))"
    28.1 --- a/src/HOL/Decision_Procs/Cooper.thy	Tue Aug 13 16:53:23 2013 +0200
    28.2 +++ b/src/HOL/Decision_Procs/Cooper.thy	Tue Aug 13 17:45:22 2013 +0200
    28.3 @@ -1110,7 +1110,7 @@
    28.4    "plusinf (Ge  (CN 0 c e)) = T"
    28.5    "plusinf p = p"
    28.6  
    28.7 -consts \<delta> :: "fm \<Rightarrow> int"  -- {* Compute @{text "lcm {d| N\<^isup>? Dvd c*x+t \<in> p}"} *}
    28.8 +consts \<delta> :: "fm \<Rightarrow> int"  -- {* Compute @{text "lcm {d| N\<^sup>? Dvd c*x+t \<in> p}"} *}
    28.9  recdef \<delta> "measure size"
   28.10    "\<delta> (And p q) = lcm (\<delta> p) (\<delta> q)"
   28.11    "\<delta> (Or p q) = lcm (\<delta> p) (\<delta> q)"
    29.1 --- a/src/HOL/Decision_Procs/ex/Approximation_Ex.thy	Tue Aug 13 16:53:23 2013 +0200
    29.2 +++ b/src/HOL/Decision_Procs/ex/Approximation_Ex.thy	Tue Aug 13 17:45:22 2013 +0200
    29.3 @@ -17,8 +17,8 @@
    29.4  variables can be used, but each one need to be bounded by an upper and lower
    29.5  bound.
    29.6  
    29.7 -To specify the bounds either @{term "l\<^isub>1 \<le> x \<and> x \<le> u\<^isub>1"},
    29.8 -@{term "x \<in> { l\<^isub>1 .. u\<^isub>1 }"} or @{term "x = bnd"} can be used. Where the
    29.9 +To specify the bounds either @{term "l\<^sub>1 \<le> x \<and> x \<le> u\<^sub>1"},
   29.10 +@{term "x \<in> { l\<^sub>1 .. u\<^sub>1 }"} or @{term "x = bnd"} can be used. Where the
   29.11  bound specification are again arithmetic formulas containing variables. They can
   29.12  be connected using either meta level or HOL equivalence.
   29.13  
    30.1 --- a/src/HOL/Enum.thy	Tue Aug 13 16:53:23 2013 +0200
    30.2 +++ b/src/HOL/Enum.thy	Tue Aug 13 17:45:22 2013 +0200
    30.3 @@ -438,25 +438,25 @@
    30.4  
    30.5  text {* We define small finite types for the use in Quickcheck *}
    30.6  
    30.7 -datatype finite_1 = a\<^isub>1
    30.8 +datatype finite_1 = a\<^sub>1
    30.9  
   30.10 -notation (output) a\<^isub>1  ("a\<^isub>1")
   30.11 +notation (output) a\<^sub>1  ("a\<^sub>1")
   30.12  
   30.13  lemma UNIV_finite_1:
   30.14 -  "UNIV = {a\<^isub>1}"
   30.15 +  "UNIV = {a\<^sub>1}"
   30.16    by (auto intro: finite_1.exhaust)
   30.17  
   30.18  instantiation finite_1 :: enum
   30.19  begin
   30.20  
   30.21  definition
   30.22 -  "enum = [a\<^isub>1]"
   30.23 +  "enum = [a\<^sub>1]"
   30.24  
   30.25  definition
   30.26 -  "enum_all P = P a\<^isub>1"
   30.27 +  "enum_all P = P a\<^sub>1"
   30.28  
   30.29  definition
   30.30 -  "enum_ex P = P a\<^isub>1"
   30.31 +  "enum_ex P = P a\<^sub>1"
   30.32  
   30.33  instance proof
   30.34  qed (simp_all only: enum_finite_1_def enum_all_finite_1_def enum_ex_finite_1_def UNIV_finite_1, simp_all)
   30.35 @@ -482,28 +482,28 @@
   30.36  
   30.37  end
   30.38  
   30.39 -hide_const (open) a\<^isub>1
   30.40 +hide_const (open) a\<^sub>1
   30.41  
   30.42 -datatype finite_2 = a\<^isub>1 | a\<^isub>2
   30.43 +datatype finite_2 = a\<^sub>1 | a\<^sub>2
   30.44  
   30.45 -notation (output) a\<^isub>1  ("a\<^isub>1")
   30.46 -notation (output) a\<^isub>2  ("a\<^isub>2")
   30.47 +notation (output) a\<^sub>1  ("a\<^sub>1")
   30.48 +notation (output) a\<^sub>2  ("a\<^sub>2")
   30.49  
   30.50  lemma UNIV_finite_2:
   30.51 -  "UNIV = {a\<^isub>1, a\<^isub>2}"
   30.52 +  "UNIV = {a\<^sub>1, a\<^sub>2}"
   30.53    by (auto intro: finite_2.exhaust)
   30.54  
   30.55  instantiation finite_2 :: enum
   30.56  begin
   30.57  
   30.58  definition
   30.59 -  "enum = [a\<^isub>1, a\<^isub>2]"
   30.60 +  "enum = [a\<^sub>1, a\<^sub>2]"
   30.61  
   30.62  definition
   30.63 -  "enum_all P \<longleftrightarrow> P a\<^isub>1 \<and> P a\<^isub>2"
   30.64 +  "enum_all P \<longleftrightarrow> P a\<^sub>1 \<and> P a\<^sub>2"
   30.65  
   30.66  definition
   30.67 -  "enum_ex P \<longleftrightarrow> P a\<^isub>1 \<or> P a\<^isub>2"
   30.68 +  "enum_ex P \<longleftrightarrow> P a\<^sub>1 \<or> P a\<^sub>2"
   30.69  
   30.70  instance proof
   30.71  qed (simp_all only: enum_finite_2_def enum_all_finite_2_def enum_ex_finite_2_def UNIV_finite_2, simp_all)
   30.72 @@ -515,7 +515,7 @@
   30.73  
   30.74  definition less_finite_2 :: "finite_2 \<Rightarrow> finite_2 \<Rightarrow> bool"
   30.75  where
   30.76 -  "x < y \<longleftrightarrow> x = a\<^isub>1 \<and> y = a\<^isub>2"
   30.77 +  "x < y \<longleftrightarrow> x = a\<^sub>1 \<and> y = a\<^sub>2"
   30.78  
   30.79  definition less_eq_finite_2 :: "finite_2 \<Rightarrow> finite_2 \<Rightarrow> bool"
   30.80  where
   30.81 @@ -529,29 +529,29 @@
   30.82  
   30.83  end
   30.84  
   30.85 -hide_const (open) a\<^isub>1 a\<^isub>2
   30.86 +hide_const (open) a\<^sub>1 a\<^sub>2
   30.87  
   30.88 -datatype finite_3 = a\<^isub>1 | a\<^isub>2 | a\<^isub>3
   30.89 +datatype finite_3 = a\<^sub>1 | a\<^sub>2 | a\<^sub>3
   30.90  
   30.91 -notation (output) a\<^isub>1  ("a\<^isub>1")
   30.92 -notation (output) a\<^isub>2  ("a\<^isub>2")
   30.93 -notation (output) a\<^isub>3  ("a\<^isub>3")
   30.94 +notation (output) a\<^sub>1  ("a\<^sub>1")
   30.95 +notation (output) a\<^sub>2  ("a\<^sub>2")
   30.96 +notation (output) a\<^sub>3  ("a\<^sub>3")
   30.97  
   30.98  lemma UNIV_finite_3:
   30.99 -  "UNIV = {a\<^isub>1, a\<^isub>2, a\<^isub>3}"
  30.100 +  "UNIV = {a\<^sub>1, a\<^sub>2, a\<^sub>3}"
  30.101    by (auto intro: finite_3.exhaust)
  30.102  
  30.103  instantiation finite_3 :: enum
  30.104  begin
  30.105  
  30.106  definition
  30.107 -  "enum = [a\<^isub>1, a\<^isub>2, a\<^isub>3]"
  30.108 +  "enum = [a\<^sub>1, a\<^sub>2, a\<^sub>3]"
  30.109  
  30.110  definition
  30.111 -  "enum_all P \<longleftrightarrow> P a\<^isub>1 \<and> P a\<^isub>2 \<and> P a\<^isub>3"
  30.112 +  "enum_all P \<longleftrightarrow> P a\<^sub>1 \<and> P a\<^sub>2 \<and> P a\<^sub>3"
  30.113  
  30.114  definition
  30.115 -  "enum_ex P \<longleftrightarrow> P a\<^isub>1 \<or> P a\<^isub>2 \<or> P a\<^isub>3"
  30.116 +  "enum_ex P \<longleftrightarrow> P a\<^sub>1 \<or> P a\<^sub>2 \<or> P a\<^sub>3"
  30.117  
  30.118  instance proof
  30.119  qed (simp_all only: enum_finite_3_def enum_all_finite_3_def enum_ex_finite_3_def UNIV_finite_3, simp_all)
  30.120 @@ -563,7 +563,7 @@
  30.121  
  30.122  definition less_finite_3 :: "finite_3 \<Rightarrow> finite_3 \<Rightarrow> bool"
  30.123  where
  30.124 -  "x < y = (case x of a\<^isub>1 \<Rightarrow> y \<noteq> a\<^isub>1 | a\<^isub>2 \<Rightarrow> y = a\<^isub>3 | a\<^isub>3 \<Rightarrow> False)"
  30.125 +  "x < y = (case x of a\<^sub>1 \<Rightarrow> y \<noteq> a\<^sub>1 | a\<^sub>2 \<Rightarrow> y = a\<^sub>3 | a\<^sub>3 \<Rightarrow> False)"
  30.126  
  30.127  definition less_eq_finite_3 :: "finite_3 \<Rightarrow> finite_3 \<Rightarrow> bool"
  30.128  where
  30.129 @@ -574,69 +574,69 @@
  30.130  
  30.131  end
  30.132  
  30.133 -hide_const (open) a\<^isub>1 a\<^isub>2 a\<^isub>3
  30.134 +hide_const (open) a\<^sub>1 a\<^sub>2 a\<^sub>3
  30.135  
  30.136 -datatype finite_4 = a\<^isub>1 | a\<^isub>2 | a\<^isub>3 | a\<^isub>4
  30.137 +datatype finite_4 = a\<^sub>1 | a\<^sub>2 | a\<^sub>3 | a\<^sub>4
  30.138  
  30.139 -notation (output) a\<^isub>1  ("a\<^isub>1")
  30.140 -notation (output) a\<^isub>2  ("a\<^isub>2")
  30.141 -notation (output) a\<^isub>3  ("a\<^isub>3")
  30.142 -notation (output) a\<^isub>4  ("a\<^isub>4")
  30.143 +notation (output) a\<^sub>1  ("a\<^sub>1")
  30.144 +notation (output) a\<^sub>2  ("a\<^sub>2")
  30.145 +notation (output) a\<^sub>3  ("a\<^sub>3")
  30.146 +notation (output) a\<^sub>4  ("a\<^sub>4")
  30.147  
  30.148  lemma UNIV_finite_4:
  30.149 -  "UNIV = {a\<^isub>1, a\<^isub>2, a\<^isub>3, a\<^isub>4}"
  30.150 +  "UNIV = {a\<^sub>1, a\<^sub>2, a\<^sub>3, a\<^sub>4}"
  30.151    by (auto intro: finite_4.exhaust)
  30.152  
  30.153  instantiation finite_4 :: enum
  30.154  begin
  30.155  
  30.156  definition
  30.157 -  "enum = [a\<^isub>1, a\<^isub>2, a\<^isub>3, a\<^isub>4]"
  30.158 +  "enum = [a\<^sub>1, a\<^sub>2, a\<^sub>3, a\<^sub>4]"
  30.159  
  30.160  definition
  30.161 -  "enum_all P \<longleftrightarrow> P a\<^isub>1 \<and> P a\<^isub>2 \<and> P a\<^isub>3 \<and> P a\<^isub>4"
  30.162 +  "enum_all P \<longleftrightarrow> P a\<^sub>1 \<and> P a\<^sub>2 \<and> P a\<^sub>3 \<and> P a\<^sub>4"
  30.163  
  30.164  definition
  30.165 -  "enum_ex P \<longleftrightarrow> P a\<^isub>1 \<or> P a\<^isub>2 \<or> P a\<^isub>3 \<or> P a\<^isub>4"
  30.166 +  "enum_ex P \<longleftrightarrow> P a\<^sub>1 \<or> P a\<^sub>2 \<or> P a\<^sub>3 \<or> P a\<^sub>4"
  30.167  
  30.168  instance proof
  30.169  qed (simp_all only: enum_finite_4_def enum_all_finite_4_def enum_ex_finite_4_def UNIV_finite_4, simp_all)
  30.170  
  30.171  end
  30.172  
  30.173 -hide_const (open) a\<^isub>1 a\<^isub>2 a\<^isub>3 a\<^isub>4
  30.174 +hide_const (open) a\<^sub>1 a\<^sub>2 a\<^sub>3 a\<^sub>4
  30.175  
  30.176  
  30.177 -datatype finite_5 = a\<^isub>1 | a\<^isub>2 | a\<^isub>3 | a\<^isub>4 | a\<^isub>5
  30.178 +datatype finite_5 = a\<^sub>1 | a\<^sub>2 | a\<^sub>3 | a\<^sub>4 | a\<^sub>5
  30.179  
  30.180 -notation (output) a\<^isub>1  ("a\<^isub>1")
  30.181 -notation (output) a\<^isub>2  ("a\<^isub>2")
  30.182 -notation (output) a\<^isub>3  ("a\<^isub>3")
  30.183 -notation (output) a\<^isub>4  ("a\<^isub>4")
  30.184 -notation (output) a\<^isub>5  ("a\<^isub>5")
  30.185 +notation (output) a\<^sub>1  ("a\<^sub>1")
  30.186 +notation (output) a\<^sub>2  ("a\<^sub>2")
  30.187 +notation (output) a\<^sub>3  ("a\<^sub>3")
  30.188 +notation (output) a\<^sub>4  ("a\<^sub>4")
  30.189 +notation (output) a\<^sub>5  ("a\<^sub>5")
  30.190  
  30.191  lemma UNIV_finite_5:
  30.192 -  "UNIV = {a\<^isub>1, a\<^isub>2, a\<^isub>3, a\<^isub>4, a\<^isub>5}"
  30.193 +  "UNIV = {a\<^sub>1, a\<^sub>2, a\<^sub>3, a\<^sub>4, a\<^sub>5}"
  30.194    by (auto intro: finite_5.exhaust)
  30.195  
  30.196  instantiation finite_5 :: enum
  30.197  begin
  30.198  
  30.199  definition
  30.200 -  "enum = [a\<^isub>1, a\<^isub>2, a\<^isub>3, a\<^isub>4, a\<^isub>5]"
  30.201 +  "enum = [a\<^sub>1, a\<^sub>2, a\<^sub>3, a\<^sub>4, a\<^sub>5]"
  30.202  
  30.203  definition
  30.204 -  "enum_all P \<longleftrightarrow> P a\<^isub>1 \<and> P a\<^isub>2 \<and> P a\<^isub>3 \<and> P a\<^isub>4 \<and> P a\<^isub>5"
  30.205 +  "enum_all P \<longleftrightarrow> P a\<^sub>1 \<and> P a\<^sub>2 \<and> P a\<^sub>3 \<and> P a\<^sub>4 \<and> P a\<^sub>5"
  30.206  
  30.207  definition
  30.208 -  "enum_ex P \<longleftrightarrow> P a\<^isub>1 \<or> P a\<^isub>2 \<or> P a\<^isub>3 \<or> P a\<^isub>4 \<or> P a\<^isub>5"
  30.209 +  "enum_ex P \<longleftrightarrow> P a\<^sub>1 \<or> P a\<^sub>2 \<or> P a\<^sub>3 \<or> P a\<^sub>4 \<or> P a\<^sub>5"
  30.210  
  30.211  instance proof
  30.212  qed (simp_all only: enum_finite_5_def enum_all_finite_5_def enum_ex_finite_5_def UNIV_finite_5, simp_all)
  30.213  
  30.214  end
  30.215  
  30.216 -hide_const (open) a\<^isub>1 a\<^isub>2 a\<^isub>3 a\<^isub>4 a\<^isub>5
  30.217 +hide_const (open) a\<^sub>1 a\<^sub>2 a\<^sub>3 a\<^sub>4 a\<^sub>5
  30.218  
  30.219  
  30.220  subsection {* Closing up *}
    31.1 --- a/src/HOL/Finite_Set.thy	Tue Aug 13 16:53:23 2013 +0200
    31.2 +++ b/src/HOL/Finite_Set.thy	Tue Aug 13 17:45:22 2013 +0200
    31.3 @@ -566,7 +566,7 @@
    31.4  subsection {* A basic fold functional for finite sets *}
    31.5  
    31.6  text {* The intended behaviour is
    31.7 -@{text "fold f z {x\<^isub>1, ..., x\<^isub>n} = f x\<^isub>1 (\<dots> (f x\<^isub>n z)\<dots>)"}
    31.8 +@{text "fold f z {x\<^sub>1, ..., x\<^sub>n} = f x\<^sub>1 (\<dots> (f x\<^sub>n z)\<dots>)"}
    31.9  if @{text f} is ``left-commutative'':
   31.10  *}
   31.11  
    32.1 --- a/src/HOL/IMP/ACom.thy	Tue Aug 13 16:53:23 2013 +0200
    32.2 +++ b/src/HOL/IMP/ACom.thy	Tue Aug 13 17:45:22 2013 +0200
    32.3 @@ -19,9 +19,9 @@
    32.4  fun strip :: "'a acom \<Rightarrow> com" where
    32.5  "strip (SKIP {P}) = com.SKIP" |
    32.6  "strip (x ::= e {P}) = x ::= e" |
    32.7 -"strip (C\<^isub>1;;C\<^isub>2) = strip C\<^isub>1;; strip C\<^isub>2" |
    32.8 -"strip (IF b THEN {P\<^isub>1} C\<^isub>1 ELSE {P\<^isub>2} C\<^isub>2 {P}) =
    32.9 -  IF b THEN strip C\<^isub>1 ELSE strip C\<^isub>2" |
   32.10 +"strip (C\<^sub>1;;C\<^sub>2) = strip C\<^sub>1;; strip C\<^sub>2" |
   32.11 +"strip (IF b THEN {P\<^sub>1} C\<^sub>1 ELSE {P\<^sub>2} C\<^sub>2 {P}) =
   32.12 +  IF b THEN strip C\<^sub>1 ELSE strip C\<^sub>2" |
   32.13  "strip ({I} WHILE b DO {P} C {Q}) = WHILE b DO strip C"
   32.14  text_raw{*}%endsnip*}
   32.15  
   32.16 @@ -29,8 +29,8 @@
   32.17  fun asize :: "com \<Rightarrow> nat" where
   32.18  "asize com.SKIP = 1" |
   32.19  "asize (x ::= e) = 1" |
   32.20 -"asize (C\<^isub>1;;C\<^isub>2) = asize C\<^isub>1 + asize C\<^isub>2" |
   32.21 -"asize (IF b THEN C\<^isub>1 ELSE C\<^isub>2) = asize C\<^isub>1 + asize C\<^isub>2 + 3" |
   32.22 +"asize (C\<^sub>1;;C\<^sub>2) = asize C\<^sub>1 + asize C\<^sub>2" |
   32.23 +"asize (IF b THEN C\<^sub>1 ELSE C\<^sub>2) = asize C\<^sub>1 + asize C\<^sub>2 + 3" |
   32.24  "asize (WHILE b DO C) = asize C + 3"
   32.25  text_raw{*}%endsnip*}
   32.26  
   32.27 @@ -41,11 +41,11 @@
   32.28  fun annotate :: "(nat \<Rightarrow> 'a) \<Rightarrow> com \<Rightarrow> 'a acom" where
   32.29  "annotate f com.SKIP = SKIP {f 0}" |
   32.30  "annotate f (x ::= e) = x ::= e {f 0}" |
   32.31 -"annotate f (c\<^isub>1;;c\<^isub>2) = annotate f c\<^isub>1;; annotate (shift f (asize c\<^isub>1)) c\<^isub>2" |
   32.32 -"annotate f (IF b THEN c\<^isub>1 ELSE c\<^isub>2) =
   32.33 -  IF b THEN {f 0} annotate (shift f 1) c\<^isub>1
   32.34 -  ELSE {f(asize c\<^isub>1 + 1)} annotate (shift f (asize c\<^isub>1 + 2)) c\<^isub>2
   32.35 -  {f(asize c\<^isub>1 + asize c\<^isub>2 + 2)}" |
   32.36 +"annotate f (c\<^sub>1;;c\<^sub>2) = annotate f c\<^sub>1;; annotate (shift f (asize c\<^sub>1)) c\<^sub>2" |
   32.37 +"annotate f (IF b THEN c\<^sub>1 ELSE c\<^sub>2) =
   32.38 +  IF b THEN {f 0} annotate (shift f 1) c\<^sub>1
   32.39 +  ELSE {f(asize c\<^sub>1 + 1)} annotate (shift f (asize c\<^sub>1 + 2)) c\<^sub>2
   32.40 +  {f(asize c\<^sub>1 + asize c\<^sub>2 + 2)}" |
   32.41  "annotate f (WHILE b DO c) =
   32.42    {f 0} WHILE b DO {f 1} annotate (shift f 2) c {f(asize c + 2)}"
   32.43  text_raw{*}%endsnip*}
   32.44 @@ -54,9 +54,9 @@
   32.45  fun annos :: "'a acom \<Rightarrow> 'a list" where
   32.46  "annos (SKIP {P}) = [P]" |
   32.47  "annos (x ::= e {P}) = [P]" |
   32.48 -"annos (C\<^isub>1;;C\<^isub>2) = annos C\<^isub>1 @ annos C\<^isub>2" |
   32.49 -"annos (IF b THEN {P\<^isub>1} C\<^isub>1 ELSE {P\<^isub>2} C\<^isub>2 {Q}) =
   32.50 -  P\<^isub>1 # annos C\<^isub>1 @  P\<^isub>2 # annos C\<^isub>2 @ [Q]" |
   32.51 +"annos (C\<^sub>1;;C\<^sub>2) = annos C\<^sub>1 @ annos C\<^sub>2" |
   32.52 +"annos (IF b THEN {P\<^sub>1} C\<^sub>1 ELSE {P\<^sub>2} C\<^sub>2 {Q}) =
   32.53 +  P\<^sub>1 # annos C\<^sub>1 @  P\<^sub>2 # annos C\<^sub>2 @ [Q]" |
   32.54  "annos ({I} WHILE b DO {P} C {Q}) = I # P # annos C @ [Q]"
   32.55  text_raw{*}%endsnip*}
   32.56  
   32.57 @@ -70,9 +70,9 @@
   32.58  fun map_acom :: "('a \<Rightarrow> 'b) \<Rightarrow> 'a acom \<Rightarrow> 'b acom" where
   32.59  "map_acom f (SKIP {P}) = SKIP {f P}" |
   32.60  "map_acom f (x ::= e {P}) = x ::= e {f P}" |
   32.61 -"map_acom f (C\<^isub>1;;C\<^isub>2) = map_acom f C\<^isub>1;; map_acom f C\<^isub>2" |
   32.62 -"map_acom f (IF b THEN {P\<^isub>1} C\<^isub>1 ELSE {P\<^isub>2} C\<^isub>2 {Q}) =
   32.63 -  IF b THEN {f P\<^isub>1} map_acom f C\<^isub>1 ELSE {f P\<^isub>2} map_acom f C\<^isub>2
   32.64 +"map_acom f (C\<^sub>1;;C\<^sub>2) = map_acom f C\<^sub>1;; map_acom f C\<^sub>2" |
   32.65 +"map_acom f (IF b THEN {P\<^sub>1} C\<^sub>1 ELSE {P\<^sub>2} C\<^sub>2 {Q}) =
   32.66 +  IF b THEN {f P\<^sub>1} map_acom f C\<^sub>1 ELSE {f P\<^sub>2} map_acom f C\<^sub>2
   32.67    {f Q}" |
   32.68  "map_acom f ({I} WHILE b DO {P} C {Q}) =
   32.69    {f I} WHILE b DO {f P} map_acom f C {f Q}"
    33.1 --- a/src/HOL/IMP/AExp.thy	Tue Aug 13 16:53:23 2013 +0200
    33.2 +++ b/src/HOL/IMP/AExp.thy	Tue Aug 13 17:45:22 2013 +0200
    33.3 @@ -16,7 +16,7 @@
    33.4  fun aval :: "aexp \<Rightarrow> state \<Rightarrow> val" where
    33.5  "aval (N n) s = n" |
    33.6  "aval (V x) s = s x" |
    33.7 -"aval (Plus a\<^isub>1 a\<^isub>2) s = aval a\<^isub>1 s + aval a\<^isub>2 s"
    33.8 +"aval (Plus a\<^sub>1 a\<^sub>2) s = aval a\<^sub>1 s + aval a\<^sub>2 s"
    33.9  text_raw{*}%endsnip*}
   33.10  
   33.11  
   33.12 @@ -48,7 +48,7 @@
   33.13  value "aval (Plus (V ''x'') (N 5)) <''y'' := 7>"
   33.14  
   33.15  text{* Note that this @{text"<\<dots>>"} syntax works for any function space
   33.16 -@{text"\<tau>\<^isub>1 \<Rightarrow> \<tau>\<^isub>2"} where @{text "\<tau>\<^isub>2"} has a @{text 0}. *}
   33.17 +@{text"\<tau>\<^sub>1 \<Rightarrow> \<tau>\<^sub>2"} where @{text "\<tau>\<^sub>2"} has a @{text 0}. *}
   33.18  
   33.19  
   33.20  subsection "Constant Folding"
   33.21 @@ -59,10 +59,10 @@
   33.22  fun asimp_const :: "aexp \<Rightarrow> aexp" where
   33.23  "asimp_const (N n) = N n" |
   33.24  "asimp_const (V x) = V x" |
   33.25 -"asimp_const (Plus a\<^isub>1 a\<^isub>2) =
   33.26 -  (case (asimp_const a\<^isub>1, asimp_const a\<^isub>2) of
   33.27 -    (N n\<^isub>1, N n\<^isub>2) \<Rightarrow> N(n\<^isub>1+n\<^isub>2) |
   33.28 -    (b\<^isub>1,b\<^isub>2) \<Rightarrow> Plus b\<^isub>1 b\<^isub>2)"
   33.29 +"asimp_const (Plus a\<^sub>1 a\<^sub>2) =
   33.30 +  (case (asimp_const a\<^sub>1, asimp_const a\<^sub>2) of
   33.31 +    (N n\<^sub>1, N n\<^sub>2) \<Rightarrow> N(n\<^sub>1+n\<^sub>2) |
   33.32 +    (b\<^sub>1,b\<^sub>2) \<Rightarrow> Plus b\<^sub>1 b\<^sub>2)"
   33.33  text_raw{*}%endsnip*}
   33.34  
   33.35  theorem aval_asimp_const:
   33.36 @@ -76,10 +76,10 @@
   33.37  
   33.38  text_raw{*\snip{AExpplusdef}{0}{2}{% *}
   33.39  fun plus :: "aexp \<Rightarrow> aexp \<Rightarrow> aexp" where
   33.40 -"plus (N i\<^isub>1) (N i\<^isub>2) = N(i\<^isub>1+i\<^isub>2)" |
   33.41 +"plus (N i\<^sub>1) (N i\<^sub>2) = N(i\<^sub>1+i\<^sub>2)" |
   33.42  "plus (N i) a = (if i=0 then a else Plus (N i) a)" |
   33.43  "plus a (N i) = (if i=0 then a else Plus a (N i))" |
   33.44 -"plus a\<^isub>1 a\<^isub>2 = Plus a\<^isub>1 a\<^isub>2"
   33.45 +"plus a\<^sub>1 a\<^sub>2 = Plus a\<^sub>1 a\<^sub>2"
   33.46  text_raw{*}%endsnip*}
   33.47  
   33.48  lemma aval_plus[simp]:
   33.49 @@ -92,7 +92,7 @@
   33.50  fun asimp :: "aexp \<Rightarrow> aexp" where
   33.51  "asimp (N n) = N n" |
   33.52  "asimp (V x) = V x" |
   33.53 -"asimp (Plus a\<^isub>1 a\<^isub>2) = plus (asimp a\<^isub>1) (asimp a\<^isub>2)"
   33.54 +"asimp (Plus a\<^sub>1 a\<^sub>2) = plus (asimp a\<^sub>1) (asimp a\<^sub>2)"
   33.55  text_raw{*}%endsnip*}
   33.56  
   33.57  text{* Note that in @{const asimp_const} the optimized constructor was
    34.1 --- a/src/HOL/IMP/ASM.thy	Tue Aug 13 16:53:23 2013 +0200
    34.2 +++ b/src/HOL/IMP/ASM.thy	Tue Aug 13 17:45:22 2013 +0200
    34.3 @@ -47,7 +47,7 @@
    34.4  fun comp :: "aexp \<Rightarrow> instr list" where
    34.5  "comp (N n) = [LOADI n]" |
    34.6  "comp (V x) = [LOAD x]" |
    34.7 -"comp (Plus e\<^isub>1 e\<^isub>2) = comp e\<^isub>1 @ comp e\<^isub>2 @ [ADD]"
    34.8 +"comp (Plus e\<^sub>1 e\<^sub>2) = comp e\<^sub>1 @ comp e\<^sub>2 @ [ADD]"
    34.9  text_raw{*}%endsnip*}
   34.10  
   34.11  value "comp (Plus (Plus (V ''x'') (N 1)) (V ''z''))"
    35.1 --- a/src/HOL/IMP/Abs_Int0.thy	Tue Aug 13 16:53:23 2013 +0200
    35.2 +++ b/src/HOL/IMP/Abs_Int0.thy	Tue Aug 13 17:45:22 2013 +0200
    35.3 @@ -183,63 +183,63 @@
    35.4  "AI c = pfp (step' \<top>) (bot c)"
    35.5  
    35.6  
    35.7 -abbreviation \<gamma>\<^isub>s :: "'av st \<Rightarrow> state set"
    35.8 -where "\<gamma>\<^isub>s == \<gamma>_fun \<gamma>"
    35.9 +abbreviation \<gamma>\<^sub>s :: "'av st \<Rightarrow> state set"
   35.10 +where "\<gamma>\<^sub>s == \<gamma>_fun \<gamma>"
   35.11  
   35.12 -abbreviation \<gamma>\<^isub>o :: "'av st option \<Rightarrow> state set"
   35.13 -where "\<gamma>\<^isub>o == \<gamma>_option \<gamma>\<^isub>s"
   35.14 +abbreviation \<gamma>\<^sub>o :: "'av st option \<Rightarrow> state set"
   35.15 +where "\<gamma>\<^sub>o == \<gamma>_option \<gamma>\<^sub>s"
   35.16  
   35.17 -abbreviation \<gamma>\<^isub>c :: "'av st option acom \<Rightarrow> state set acom"
   35.18 -where "\<gamma>\<^isub>c == map_acom \<gamma>\<^isub>o"
   35.19 +abbreviation \<gamma>\<^sub>c :: "'av st option acom \<Rightarrow> state set acom"
   35.20 +where "\<gamma>\<^sub>c == map_acom \<gamma>\<^sub>o"
   35.21  
   35.22 -lemma gamma_s_Top[simp]: "\<gamma>\<^isub>s \<top> = UNIV"
   35.23 +lemma gamma_s_Top[simp]: "\<gamma>\<^sub>s \<top> = UNIV"
   35.24  by(simp add: top_fun_def \<gamma>_fun_def)
   35.25  
   35.26 -lemma gamma_o_Top[simp]: "\<gamma>\<^isub>o \<top> = UNIV"
   35.27 +lemma gamma_o_Top[simp]: "\<gamma>\<^sub>o \<top> = UNIV"
   35.28  by (simp add: top_option_def)
   35.29  
   35.30 -lemma mono_gamma_s: "f1 \<le> f2 \<Longrightarrow> \<gamma>\<^isub>s f1 \<subseteq> \<gamma>\<^isub>s f2"
   35.31 +lemma mono_gamma_s: "f1 \<le> f2 \<Longrightarrow> \<gamma>\<^sub>s f1 \<subseteq> \<gamma>\<^sub>s f2"
   35.32  by(auto simp: le_fun_def \<gamma>_fun_def dest: mono_gamma)
   35.33  
   35.34  lemma mono_gamma_o:
   35.35 -  "S1 \<le> S2 \<Longrightarrow> \<gamma>\<^isub>o S1 \<subseteq> \<gamma>\<^isub>o S2"
   35.36 +  "S1 \<le> S2 \<Longrightarrow> \<gamma>\<^sub>o S1 \<subseteq> \<gamma>\<^sub>o S2"
   35.37  by(induction S1 S2 rule: less_eq_option.induct)(simp_all add: mono_gamma_s)
   35.38  
   35.39 -lemma mono_gamma_c: "C1 \<le> C2 \<Longrightarrow> \<gamma>\<^isub>c C1 \<le> \<gamma>\<^isub>c C2"
   35.40 +lemma mono_gamma_c: "C1 \<le> C2 \<Longrightarrow> \<gamma>\<^sub>c C1 \<le> \<gamma>\<^sub>c C2"
   35.41  by (simp add: less_eq_acom_def mono_gamma_o size_annos anno_map_acom size_annos_same[of C1 C2])
   35.42  
   35.43  text{* Correctness: *}
   35.44  
   35.45 -lemma aval'_correct: "s : \<gamma>\<^isub>s S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
   35.46 +lemma aval'_correct: "s : \<gamma>\<^sub>s S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
   35.47  by (induct a) (auto simp: gamma_num' gamma_plus' \<gamma>_fun_def)
   35.48  
   35.49 -lemma in_gamma_update: "\<lbrakk> s : \<gamma>\<^isub>s S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^isub>s(S(x := a))"
   35.50 +lemma in_gamma_update: "\<lbrakk> s : \<gamma>\<^sub>s S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^sub>s(S(x := a))"
   35.51  by(simp add: \<gamma>_fun_def)
   35.52  
   35.53  lemma gamma_Step_subcomm:
   35.54 -  assumes "!!x e S. f1 x e (\<gamma>\<^isub>o S) \<subseteq> \<gamma>\<^isub>o (f2 x e S)"  "!!b S. g1 b (\<gamma>\<^isub>o S) \<subseteq> \<gamma>\<^isub>o (g2 b S)"
   35.55 -  shows "Step f1 g1 (\<gamma>\<^isub>o S) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (Step f2 g2 S C)"
   35.56 +  assumes "!!x e S. f1 x e (\<gamma>\<^sub>o S) \<subseteq> \<gamma>\<^sub>o (f2 x e S)"  "!!b S. g1 b (\<gamma>\<^sub>o S) \<subseteq> \<gamma>\<^sub>o (g2 b S)"
   35.57 +  shows "Step f1 g1 (\<gamma>\<^sub>o S) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (Step f2 g2 S C)"
   35.58  proof(induction C arbitrary: S)
   35.59  qed  (auto simp: mono_gamma_o assms)
   35.60  
   35.61 -lemma step_step': "step (\<gamma>\<^isub>o S) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (step' S C)"
   35.62 +lemma step_step': "step (\<gamma>\<^sub>o S) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' S C)"
   35.63  unfolding step_def step'_def
   35.64  by(rule gamma_Step_subcomm)
   35.65    (auto simp: aval'_correct in_gamma_update asem_def split: option.splits)
   35.66  
   35.67 -lemma AI_correct: "AI c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c C"
   35.68 +lemma AI_correct: "AI c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c C"
   35.69  proof(simp add: CS_def AI_def)
   35.70    assume 1: "pfp (step' \<top>) (bot c) = Some C"
   35.71    have pfp': "step' \<top> C \<le> C" by(rule pfp_pfp[OF 1])
   35.72 -  have 2: "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c C"  --"transfer the pfp'"
   35.73 +  have 2: "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c C"  --"transfer the pfp'"
   35.74    proof(rule order_trans)
   35.75 -    show "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (step' \<top> C)" by(rule step_step')
   35.76 -    show "... \<le> \<gamma>\<^isub>c C" by (metis mono_gamma_c[OF pfp'])
   35.77 +    show "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' \<top> C)" by(rule step_step')
   35.78 +    show "... \<le> \<gamma>\<^sub>c C" by (metis mono_gamma_c[OF pfp'])
   35.79    qed
   35.80 -  have 3: "strip (\<gamma>\<^isub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
   35.81 -  have "lfp c (step (\<gamma>\<^isub>o \<top>)) \<le> \<gamma>\<^isub>c C"
   35.82 -    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^isub>o \<top>)", OF 3 2])
   35.83 -  thus "lfp c (step UNIV) \<le> \<gamma>\<^isub>c C" by simp
   35.84 +  have 3: "strip (\<gamma>\<^sub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
   35.85 +  have "lfp c (step (\<gamma>\<^sub>o \<top>)) \<le> \<gamma>\<^sub>c C"
   35.86 +    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^sub>o \<top>)", OF 3 2])
   35.87 +  thus "lfp c (step UNIV) \<le> \<gamma>\<^sub>c C" by simp
   35.88  qed
   35.89  
   35.90  end
   35.91 @@ -314,20 +314,20 @@
   35.92  assumes h: "m x \<le> h"
   35.93  begin
   35.94  
   35.95 -definition m_s :: "'av st \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^isub>s") where
   35.96 +definition m_s :: "'av st \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^sub>s") where
   35.97  "m_s S X = (\<Sum> x \<in> X. m(S x))"
   35.98  
   35.99  lemma m_s_h: "finite X \<Longrightarrow> m_s S X \<le> h * card X"
  35.100  by(simp add: m_s_def) (metis nat_mult_commute of_nat_id setsum_bounded[OF h])
  35.101  
  35.102 -fun m_o :: "'av st option \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^isub>o") where
  35.103 +fun m_o :: "'av st option \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^sub>o") where
  35.104  "m_o (Some S) X = m_s S X" |
  35.105  "m_o None X = h * card X + 1"
  35.106  
  35.107  lemma m_o_h: "finite X \<Longrightarrow> m_o opt X \<le> (h*card X + 1)"
  35.108  by(cases opt)(auto simp add: m_s_h le_SucI dest: m_s_h)
  35.109  
  35.110 -definition m_c :: "'av st option acom \<Rightarrow> nat" ("m\<^isub>c") where
  35.111 +definition m_c :: "'av st option acom \<Rightarrow> nat" ("m\<^sub>c") where
  35.112  "m_c C = listsum (map (\<lambda>a. m_o a (vars C)) (annos C))"
  35.113  
  35.114  text{* Upper complexity bound: *}
  35.115 @@ -356,14 +356,14 @@
  35.116  the finitely many variables in the program change. That the others do not change
  35.117  follows because they remain @{term \<top>}. *}
  35.118  
  35.119 -fun top_on_st :: "'av st \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^isub>s") where
  35.120 +fun top_on_st :: "'av st \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^sub>s") where
  35.121  "top_on_st S X = (\<forall>x\<in>X. S x = \<top>)"
  35.122  
  35.123 -fun top_on_opt :: "'av st option \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^isub>o") where
  35.124 +fun top_on_opt :: "'av st option \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^sub>o") where
  35.125  "top_on_opt (Some S) X = top_on_st S X" |
  35.126  "top_on_opt None X = True"
  35.127  
  35.128 -definition top_on_acom :: "'av st option acom \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^isub>c") where
  35.129 +definition top_on_acom :: "'av st option acom \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^sub>c") where
  35.130  "top_on_acom C X = (\<forall>a \<in> set(annos C). top_on_opt a X)"
  35.131  
  35.132  lemma top_on_top: "top_on_opt \<top> X"
    36.1 --- a/src/HOL/IMP/Abs_Int1.thy	Tue Aug 13 16:53:23 2013 +0200
    36.2 +++ b/src/HOL/IMP/Abs_Int1.thy	Tue Aug 13 17:45:22 2013 +0200
    36.3 @@ -16,17 +16,17 @@
    36.4  "aval' (V x) S = fun S x" |
    36.5  "aval' (Plus a1 a2) S = plus' (aval' a1 S) (aval' a2 S)"
    36.6  
    36.7 -lemma aval'_correct: "s : \<gamma>\<^isub>s S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
    36.8 +lemma aval'_correct: "s : \<gamma>\<^sub>s S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
    36.9  by (induction a) (auto simp: gamma_num' gamma_plus' \<gamma>_st_def)
   36.10  
   36.11  lemma gamma_Step_subcomm: fixes C1 C2 :: "'a::semilattice_sup acom"
   36.12 -  assumes "!!x e S. f1 x e (\<gamma>\<^isub>o S) \<subseteq> \<gamma>\<^isub>o (f2 x e S)"
   36.13 -          "!!b S. g1 b (\<gamma>\<^isub>o S) \<subseteq> \<gamma>\<^isub>o (g2 b S)"
   36.14 -  shows "Step f1 g1 (\<gamma>\<^isub>o S) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (Step f2 g2 S C)"
   36.15 +  assumes "!!x e S. f1 x e (\<gamma>\<^sub>o S) \<subseteq> \<gamma>\<^sub>o (f2 x e S)"
   36.16 +          "!!b S. g1 b (\<gamma>\<^sub>o S) \<subseteq> \<gamma>\<^sub>o (g2 b S)"
   36.17 +  shows "Step f1 g1 (\<gamma>\<^sub>o S) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (Step f2 g2 S C)"
   36.18  proof(induction C arbitrary: S)
   36.19  qed (auto simp: assms intro!: mono_gamma_o sup_ge1 sup_ge2)
   36.20  
   36.21 -lemma in_gamma_update: "\<lbrakk> s : \<gamma>\<^isub>s S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^isub>s(update S x a)"
   36.22 +lemma in_gamma_update: "\<lbrakk> s : \<gamma>\<^sub>s S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^sub>s(update S x a)"
   36.23  by(simp add: \<gamma>_st_def)
   36.24  
   36.25  end
   36.26 @@ -50,24 +50,24 @@
   36.27  
   36.28  text{* Correctness: *}
   36.29  
   36.30 -lemma step_step': "step (\<gamma>\<^isub>o S) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (step' S C)"
   36.31 +lemma step_step': "step (\<gamma>\<^sub>o S) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' S C)"
   36.32  unfolding step_def step'_def
   36.33  by(rule gamma_Step_subcomm)
   36.34    (auto simp: intro!: aval'_correct in_gamma_update split: option.splits)
   36.35  
   36.36 -lemma AI_correct: "AI c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c C"
   36.37 +lemma AI_correct: "AI c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c C"
   36.38  proof(simp add: CS_def AI_def)
   36.39    assume 1: "pfp (step' \<top>) (bot c) = Some C"
   36.40    have pfp': "step' \<top> C \<le> C" by(rule pfp_pfp[OF 1])
   36.41 -  have 2: "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c C"  --"transfer the pfp'"
   36.42 +  have 2: "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c C"  --"transfer the pfp'"
   36.43    proof(rule order_trans)
   36.44 -    show "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (step' \<top> C)" by(rule step_step')
   36.45 -    show "... \<le> \<gamma>\<^isub>c C" by (metis mono_gamma_c[OF pfp'])
   36.46 +    show "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' \<top> C)" by(rule step_step')
   36.47 +    show "... \<le> \<gamma>\<^sub>c C" by (metis mono_gamma_c[OF pfp'])
   36.48    qed
   36.49 -  have 3: "strip (\<gamma>\<^isub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
   36.50 -  have "lfp c (step (\<gamma>\<^isub>o \<top>)) \<le> \<gamma>\<^isub>c C"
   36.51 -    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^isub>o \<top>)", OF 3 2])
   36.52 -  thus "lfp c (step UNIV) \<le> \<gamma>\<^isub>c C" by simp
   36.53 +  have 3: "strip (\<gamma>\<^sub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
   36.54 +  have "lfp c (step (\<gamma>\<^sub>o \<top>)) \<le> \<gamma>\<^sub>c C"
   36.55 +    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^sub>o \<top>)", OF 3 2])
   36.56 +  thus "lfp c (step UNIV) \<le> \<gamma>\<^sub>c C" by simp
   36.57  qed
   36.58  
   36.59  end
   36.60 @@ -105,19 +105,19 @@
   36.61  assumes h: "m x \<le> h"
   36.62  begin
   36.63  
   36.64 -definition m_s :: "'av st \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^isub>s") where
   36.65 +definition m_s :: "'av st \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^sub>s") where
   36.66  "m_s S X = (\<Sum> x \<in> X. m(fun S x))"
   36.67  
   36.68  lemma m_s_h: "finite X \<Longrightarrow> m_s S X \<le> h * card X"
   36.69  by(simp add: m_s_def) (metis nat_mult_commute of_nat_id setsum_bounded[OF h])
   36.70  
   36.71 -definition m_o :: "'av st option \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^isub>o") where
   36.72 +definition m_o :: "'av st option \<Rightarrow> vname set \<Rightarrow> nat" ("m\<^sub>o") where
   36.73  "m_o opt X = (case opt of None \<Rightarrow> h * card X + 1 | Some S \<Rightarrow> m_s S X)"
   36.74  
   36.75  lemma m_o_h: "finite X \<Longrightarrow> m_o opt X \<le> (h*card X + 1)"
   36.76  by(auto simp add: m_o_def m_s_h le_SucI split: option.split dest:m_s_h)
   36.77  
   36.78 -definition m_c :: "'av st option acom \<Rightarrow> nat" ("m\<^isub>c") where
   36.79 +definition m_c :: "'av st option acom \<Rightarrow> nat" ("m\<^sub>c") where
   36.80  "m_c C = listsum (map (\<lambda>a. m_o a (vars C)) (annos C))"
   36.81  
   36.82  text{* Upper complexity bound: *}
   36.83 @@ -134,14 +134,14 @@
   36.84  
   36.85  end
   36.86  
   36.87 -fun top_on_st :: "'a::order_top st \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^isub>s") where
   36.88 +fun top_on_st :: "'a::order_top st \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^sub>s") where
   36.89  "top_on_st S X = (\<forall>x\<in>X. fun S x = \<top>)"
   36.90  
   36.91 -fun top_on_opt :: "'a::order_top st option \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^isub>o") where
   36.92 +fun top_on_opt :: "'a::order_top st option \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^sub>o") where
   36.93  "top_on_opt (Some S)  X = top_on_st S X" |
   36.94  "top_on_opt None X = True"
   36.95  
   36.96 -definition top_on_acom :: "'a::order_top st option acom \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^isub>c") where
   36.97 +definition top_on_acom :: "'a::order_top st option acom \<Rightarrow> vname set \<Rightarrow> bool" ("top'_on\<^sub>c") where
   36.98  "top_on_acom C X = (\<forall>a \<in> set(annos C). top_on_opt a X)"
   36.99  
  36.100  lemma top_on_top: "top_on_opt (\<top>::_ st option) X"
    37.1 --- a/src/HOL/IMP/Abs_Int2.thy	Tue Aug 13 16:53:23 2013 +0200
    37.2 +++ b/src/HOL/IMP/Abs_Int2.thy	Tue Aug 13 17:45:22 2013 +0200
    37.3 @@ -51,10 +51,10 @@
    37.4  and inv_plus' :: "'av \<Rightarrow> 'av \<Rightarrow> 'av \<Rightarrow> 'av * 'av"
    37.5  and inv_less' :: "bool \<Rightarrow> 'av \<Rightarrow> 'av \<Rightarrow> 'av * 'av"
    37.6  assumes test_num': "test_num' i a = (i : \<gamma> a)"
    37.7 -and inv_plus': "inv_plus' a a1 a2 = (a\<^isub>1',a\<^isub>2') \<Longrightarrow>
    37.8 -  i1 : \<gamma> a1 \<Longrightarrow> i2 : \<gamma> a2 \<Longrightarrow> i1+i2 : \<gamma> a \<Longrightarrow> i1 : \<gamma> a\<^isub>1' \<and> i2 : \<gamma> a\<^isub>2'"
    37.9 -and inv_less': "inv_less' (i1<i2) a1 a2 = (a\<^isub>1',a\<^isub>2') \<Longrightarrow>
   37.10 -  i1 : \<gamma> a1 \<Longrightarrow> i2 : \<gamma> a2 \<Longrightarrow> i1 : \<gamma> a\<^isub>1' \<and> i2 : \<gamma> a\<^isub>2'"
   37.11 +and inv_plus': "inv_plus' a a1 a2 = (a\<^sub>1',a\<^sub>2') \<Longrightarrow>
   37.12 +  i1 : \<gamma> a1 \<Longrightarrow> i2 : \<gamma> a2 \<Longrightarrow> i1+i2 : \<gamma> a \<Longrightarrow> i1 : \<gamma> a\<^sub>1' \<and> i2 : \<gamma> a\<^sub>2'"
   37.13 +and inv_less': "inv_less' (i1<i2) a1 a2 = (a\<^sub>1',a\<^sub>2') \<Longrightarrow>
   37.14 +  i1 : \<gamma> a1 \<Longrightarrow> i2 : \<gamma> a2 \<Longrightarrow> i1 : \<gamma> a\<^sub>1' \<and> i2 : \<gamma> a\<^sub>2'"
   37.15  
   37.16  
   37.17  locale Abs_Int_inv = Val_inv where \<gamma> = \<gamma>
   37.18 @@ -62,14 +62,14 @@
   37.19  begin
   37.20  
   37.21  lemma in_gamma_sup_UpI:
   37.22 -  "s : \<gamma>\<^isub>o S1 \<or> s : \<gamma>\<^isub>o S2 \<Longrightarrow> s : \<gamma>\<^isub>o(S1 \<squnion> S2)"
   37.23 +  "s : \<gamma>\<^sub>o S1 \<or> s : \<gamma>\<^sub>o S2 \<Longrightarrow> s : \<gamma>\<^sub>o(S1 \<squnion> S2)"
   37.24  by (metis (hide_lams, no_types) sup_ge1 sup_ge2 mono_gamma_o subsetD)
   37.25  
   37.26  fun aval'' :: "aexp \<Rightarrow> 'av st option \<Rightarrow> 'av" where
   37.27  "aval'' e None = \<bottom>" |
   37.28  "aval'' e (Some S) = aval' e S"
   37.29  
   37.30 -lemma aval''_correct: "s : \<gamma>\<^isub>o S \<Longrightarrow> aval a s : \<gamma>(aval'' a S)"
   37.31 +lemma aval''_correct: "s : \<gamma>\<^sub>o S \<Longrightarrow> aval a s : \<gamma>(aval'' a S)"
   37.32  by(cases S)(auto simp add: aval'_correct split: option.splits)
   37.33  
   37.34  subsubsection "Backward analysis"
   37.35 @@ -103,12 +103,12 @@
   37.36    (let (a1,a2) = inv_less' res (aval'' e1 S) (aval'' e2 S)
   37.37     in inv_aval'' e1 a1 (inv_aval'' e2 a2 S))"
   37.38  
   37.39 -lemma inv_aval''_correct: "s : \<gamma>\<^isub>o S \<Longrightarrow> aval e s : \<gamma> a \<Longrightarrow> s : \<gamma>\<^isub>o (inv_aval'' e a S)"
   37.40 +lemma inv_aval''_correct: "s : \<gamma>\<^sub>o S \<Longrightarrow> aval e s : \<gamma> a \<Longrightarrow> s : \<gamma>\<^sub>o (inv_aval'' e a S)"
   37.41  proof(induction e arbitrary: a S)
   37.42    case N thus ?case by simp (metis test_num')
   37.43  next
   37.44    case (V x)
   37.45 -  obtain S' where "S = Some S'" and "s : \<gamma>\<^isub>s S'" using `s : \<gamma>\<^isub>o S`
   37.46 +  obtain S' where "S = Some S'" and "s : \<gamma>\<^sub>s S'" using `s : \<gamma>\<^sub>o S`
   37.47      by(auto simp: in_gamma_option_iff)
   37.48    moreover hence "s x : \<gamma> (fun S' x)"
   37.49      by(simp add: \<gamma>_st_def)
   37.50 @@ -122,7 +122,7 @@
   37.51      by (auto split: prod.split)
   37.52  qed
   37.53  
   37.54 -lemma inv_bval''_correct: "s : \<gamma>\<^isub>o S \<Longrightarrow> bv = bval b s \<Longrightarrow> s : \<gamma>\<^isub>o(inv_bval'' b bv S)"
   37.55 +lemma inv_bval''_correct: "s : \<gamma>\<^sub>o S \<Longrightarrow> bv = bval b s \<Longrightarrow> s : \<gamma>\<^sub>o(inv_bval'' b bv S)"
   37.56  proof(induction b arbitrary: S bv)
   37.57    case Bc thus ?case by simp
   37.58  next
   37.59 @@ -159,24 +159,24 @@
   37.60  
   37.61  subsubsection "Correctness"
   37.62  
   37.63 -lemma step_step': "step (\<gamma>\<^isub>o S) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (step' S C)"
   37.64 +lemma step_step': "step (\<gamma>\<^sub>o S) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' S C)"
   37.65  unfolding step_def step'_def
   37.66  by(rule gamma_Step_subcomm)
   37.67    (auto simp: intro!: aval'_correct inv_bval''_correct in_gamma_update split: option.splits)
   37.68  
   37.69 -lemma AI_correct: "AI c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c C"
   37.70 +lemma AI_correct: "AI c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c C"
   37.71  proof(simp add: CS_def AI_def)
   37.72    assume 1: "pfp (step' \<top>) (bot c) = Some C"
   37.73    have pfp': "step' \<top> C \<le> C" by(rule pfp_pfp[OF 1])
   37.74 -  have 2: "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c C"  --"transfer the pfp'"
   37.75 +  have 2: "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c C"  --"transfer the pfp'"
   37.76    proof(rule order_trans)
   37.77 -    show "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c (step' \<top> C)" by(rule step_step')
   37.78 -    show "... \<le> \<gamma>\<^isub>c C" by (metis mono_gamma_c[OF pfp'])
   37.79 +    show "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c (step' \<top> C)" by(rule step_step')
   37.80 +    show "... \<le> \<gamma>\<^sub>c C" by (metis mono_gamma_c[OF pfp'])
   37.81    qed
   37.82 -  have 3: "strip (\<gamma>\<^isub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
   37.83 -  have "lfp c (step (\<gamma>\<^isub>o \<top>)) \<le> \<gamma>\<^isub>c C"
   37.84 -    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^isub>o \<top>)", OF 3 2])
   37.85 -  thus "lfp c (step UNIV) \<le> \<gamma>\<^isub>c C" by simp
   37.86 +  have 3: "strip (\<gamma>\<^sub>c C) = c" by(simp add: strip_pfp[OF _ 1] step'_def)
   37.87 +  have "lfp c (step (\<gamma>\<^sub>o \<top>)) \<le> \<gamma>\<^sub>c C"
   37.88 +    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^sub>o \<top>)", OF 3 2])
   37.89 +  thus "lfp c (step UNIV) \<le> \<gamma>\<^sub>c C" by simp
   37.90  qed
   37.91  
   37.92  end
    38.1 --- a/src/HOL/IMP/Abs_Int3.thy	Tue Aug 13 16:53:23 2013 +0200
    38.2 +++ b/src/HOL/IMP/Abs_Int3.thy	Tue Aug 13 17:45:22 2013 +0200
    38.3 @@ -240,22 +240,22 @@
    38.4  definition AI_wn :: "com \<Rightarrow> 'av st option acom option" where
    38.5  "AI_wn c = pfp_wn (step' \<top>) (bot c)"
    38.6  
    38.7 -lemma AI_wn_correct: "AI_wn c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c C"
    38.8 +lemma AI_wn_correct: "AI_wn c = Some C \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c C"
    38.9  proof(simp add: CS_def AI_wn_def)
   38.10    assume 1: "pfp_wn (step' \<top>) (bot c) = Some C"
   38.11    have 2: "strip C = c \<and> step' \<top> C \<le> C"
   38.12      by(rule pfp_wn_pfp[where x="bot c"]) (simp_all add: 1 mono_step'_top)
   38.13 -  have pfp: "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le> \<gamma>\<^isub>c C"
   38.14 +  have pfp: "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le> \<gamma>\<^sub>c C"
   38.15    proof(rule order_trans)
   38.16 -    show "step (\<gamma>\<^isub>o \<top>) (\<gamma>\<^isub>c C) \<le>  \<gamma>\<^isub>c (step' \<top> C)"
   38.17 +    show "step (\<gamma>\<^sub>o \<top>) (\<gamma>\<^sub>c C) \<le>  \<gamma>\<^sub>c (step' \<top> C)"
   38.18        by(rule step_step')
   38.19 -    show "... \<le> \<gamma>\<^isub>c C"
   38.20 +    show "... \<le> \<gamma>\<^sub>c C"
   38.21        by(rule mono_gamma_c[OF conjunct2[OF 2]])
   38.22    qed
   38.23 -  have 3: "strip (\<gamma>\<^isub>c C) = c" by(simp add: strip_pfp_wn[OF _ 1])
   38.24 -  have "lfp c (step (\<gamma>\<^isub>o \<top>)) \<le> \<gamma>\<^isub>c C"
   38.25 -    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^isub>o \<top>)", OF 3 pfp])
   38.26 -  thus "lfp c (step UNIV) \<le> \<gamma>\<^isub>c C" by simp
   38.27 +  have 3: "strip (\<gamma>\<^sub>c C) = c" by(simp add: strip_pfp_wn[OF _ 1])
   38.28 +  have "lfp c (step (\<gamma>\<^sub>o \<top>)) \<le> \<gamma>\<^sub>c C"
   38.29 +    by(rule lfp_lowerbound[simplified,where f="step (\<gamma>\<^sub>o \<top>)", OF 3 pfp])
   38.30 +  thus "lfp c (step UNIV) \<le> \<gamma>\<^sub>c C" by simp
   38.31  qed
   38.32  
   38.33  end
   38.34 @@ -405,8 +405,8 @@
   38.35  done
   38.36  
   38.37  
   38.38 -definition n_s :: "'av st \<Rightarrow> vname set \<Rightarrow> nat" ("n\<^isub>s") where
   38.39 -"n\<^isub>s S X = (\<Sum>x\<in>X. n(fun S x))"
   38.40 +definition n_s :: "'av st \<Rightarrow> vname set \<Rightarrow> nat" ("n\<^sub>s") where
   38.41 +"n\<^sub>s S X = (\<Sum>x\<in>X. n(fun S x))"
   38.42  
   38.43  lemma n_s_narrow_rep:
   38.44  assumes "finite X"  "S1 = S2 on -X"  "\<forall>x. S2 x \<le> S1 x"  "\<forall>x. S1 x \<triangle> S2 x \<le> S1 x"
   38.45 @@ -423,25 +423,25 @@
   38.46  qed
   38.47  
   38.48  lemma n_s_narrow: "finite X \<Longrightarrow> fun S1 = fun S2 on -X \<Longrightarrow> S2 \<le> S1 \<Longrightarrow> S1 \<triangle> S2 < S1
   38.49 -  \<Longrightarrow> n\<^isub>s (S1 \<triangle> S2) X < n\<^isub>s S1 X"
   38.50 +  \<Longrightarrow> n\<^sub>s (S1 \<triangle> S2) X < n\<^sub>s S1 X"
   38.51  apply(auto simp add: less_st_def n_s_def)
   38.52  apply (transfer fixing: n)
   38.53  apply(auto simp add: less_eq_st_rep_iff eq_st_def fun_eq_iff n_s_narrow_rep)
   38.54  done
   38.55  
   38.56 -definition n_o :: "'av st option \<Rightarrow> vname set \<Rightarrow> nat" ("n\<^isub>o") where
   38.57 -"n\<^isub>o opt X = (case opt of None \<Rightarrow> 0 | Some S \<Rightarrow> n\<^isub>s S X + 1)"
   38.58 +definition n_o :: "'av st option \<Rightarrow> vname set \<Rightarrow> nat" ("n\<^sub>o") where
   38.59 +"n\<^sub>o opt X = (case opt of None \<Rightarrow> 0 | Some S \<Rightarrow> n\<^sub>s S X + 1)"
   38.60  
   38.61  lemma n_o_narrow:
   38.62    "top_on_opt S1 (-X) \<Longrightarrow> top_on_opt S2 (-X) \<Longrightarrow> finite X
   38.63 -  \<Longrightarrow> S2 \<le> S1 \<Longrightarrow> S1 \<triangle> S2 < S1 \<Longrightarrow> n\<^isub>o (S1 \<triangle> S2) X < n\<^isub>o S1 X"
   38.64 +  \<Longrightarrow> S2 \<le> S1 \<Longrightarrow> S1 \<triangle> S2 < S1 \<Longrightarrow> n\<^sub>o (S1 \<triangle> S2) X < n\<^sub>o S1 X"
   38.65  apply(induction S1 S2 rule: narrow_option.induct)
   38.66  apply(auto simp: n_o_def n_s_narrow)
   38.67  done
   38.68  
   38.69  
   38.70 -definition n_c :: "'av st option acom \<Rightarrow> nat" ("n\<^isub>c") where
   38.71 -"n\<^isub>c C = listsum (map (\<lambda>a. n\<^isub>o a (vars C)) (annos C))"
   38.72 +definition n_c :: "'av st option acom \<Rightarrow> nat" ("n\<^sub>c") where
   38.73 +"n\<^sub>c C = listsum (map (\<lambda>a. n\<^sub>o a (vars C)) (annos C))"
   38.74  
   38.75  lemma less_annos_iff: "(C1 < C2) = (C1 \<le> C2 \<and>
   38.76    (\<exists>i<length (annos C1). annos C1 ! i < annos C2 ! i))"
   38.77 @@ -449,7 +449,7 @@
   38.78  
   38.79  lemma n_c_narrow: "strip C1 = strip C2
   38.80    \<Longrightarrow> top_on_acom C1 (- vars C1) \<Longrightarrow> top_on_acom C2 (- vars C2)
   38.81 -  \<Longrightarrow> C2 \<le> C1 \<Longrightarrow> C1 \<triangle> C2 < C1 \<Longrightarrow> n\<^isub>c (C1 \<triangle> C2) < n\<^isub>c C1"
   38.82 +  \<Longrightarrow> C2 \<le> C1 \<Longrightarrow> C1 \<triangle> C2 < C1 \<Longrightarrow> n\<^sub>c (C1 \<triangle> C2) < n\<^sub>c C1"
   38.83  apply(auto simp: n_c_def narrow_acom_def listsum_setsum_nth)
   38.84  apply(subgoal_tac "length(annos C2) = length(annos C1)")
   38.85  prefer 2 apply (simp add: size_annos_same2)
    39.1 --- a/src/HOL/IMP/Abs_Int_Den/Abs_Int_den1.thy	Tue Aug 13 16:53:23 2013 +0200
    39.2 +++ b/src/HOL/IMP/Abs_Int_Den/Abs_Int_den1.thy	Tue Aug 13 17:45:22 2013 +0200
    39.3 @@ -102,7 +102,7 @@
    39.4  lemma in_rep_join_UpI: "s <:: S1 | s <:: S2 \<Longrightarrow> s <:: S1 \<squnion> S2"
    39.5  by (metis in_rep_up_trans SL_top_class.join_ge1 SL_top_class.join_ge2)
    39.6  
    39.7 -fun aval' :: "aexp \<Rightarrow> 'a astate up \<Rightarrow> 'a" ("aval\<^isup>#") where
    39.8 +fun aval' :: "aexp \<Rightarrow> 'a astate up \<Rightarrow> 'a" ("aval\<^sup>#") where
    39.9  "aval' _ bot = Bot" |
   39.10  "aval' (N n) _ = num' n" |
   39.11  "aval' (V x) (Up S) = lookup S x" |
    40.1 --- a/src/HOL/IMP/Abs_Int_ITP/Abs_Int0_ITP.thy	Tue Aug 13 16:53:23 2013 +0200
    40.2 +++ b/src/HOL/IMP/Abs_Int_ITP/Abs_Int0_ITP.thy	Tue Aug 13 17:45:22 2013 +0200
    40.3 @@ -203,26 +203,26 @@
    40.4  qed
    40.5  
    40.6  definition
    40.7 - lpfp\<^isub>c :: "(('a::SL_top)option acom \<Rightarrow> 'a option acom) \<Rightarrow> com \<Rightarrow> 'a option acom option" where
    40.8 -"lpfp\<^isub>c f c = pfp f (\<bottom>\<^sub>c c)"
    40.9 + lpfp\<^sub>c :: "(('a::SL_top)option acom \<Rightarrow> 'a option acom) \<Rightarrow> com \<Rightarrow> 'a option acom option" where
   40.10 +"lpfp\<^sub>c f c = pfp f (\<bottom>\<^sub>c c)"
   40.11  
   40.12 -lemma lpfpc_pfp: "lpfp\<^isub>c f c0 = Some c \<Longrightarrow> f c \<sqsubseteq> c"
   40.13 -by(simp add: pfp_pfp lpfp\<^isub>c_def)
   40.14 +lemma lpfpc_pfp: "lpfp\<^sub>c f c0 = Some c \<Longrightarrow> f c \<sqsubseteq> c"
   40.15 +by(simp add: pfp_pfp lpfp\<^sub>c_def)
   40.16  
   40.17  lemma strip_pfp:
   40.18  assumes "\<And>x. g(f x) = g x" and "pfp f x0 = Some x" shows "g x = g x0"
   40.19  using assms while_option_rule[where P = "%x. g x = g x0" and c = f]
   40.20  unfolding pfp_def by metis
   40.21  
   40.22 -lemma strip_lpfpc: assumes "\<And>c. strip(f c) = strip c" and "lpfp\<^isub>c f c = Some c'"
   40.23 +lemma strip_lpfpc: assumes "\<And>c. strip(f c) = strip c" and "lpfp\<^sub>c f c = Some c'"
   40.24  shows "strip c' = c"
   40.25 -using assms(1) strip_pfp[OF _ assms(2)[simplified lpfp\<^isub>c_def]]
   40.26 +using assms(1) strip_pfp[OF _ assms(2)[simplified lpfp\<^sub>c_def]]
   40.27  by(metis strip_bot_acom)
   40.28  
   40.29  lemma lpfpc_least:
   40.30  assumes mono: "\<And>x y. x \<sqsubseteq> y \<Longrightarrow> f x \<sqsubseteq> f y"
   40.31 -and "strip p = c0" and "f p \<sqsubseteq> p" and lp: "lpfp\<^isub>c f c0 = Some c" shows "c \<sqsubseteq> p"
   40.32 -using pfp_least[OF _ _ bot_acom[OF `strip p = c0`] lp[simplified lpfp\<^isub>c_def]]
   40.33 +and "strip p = c0" and "f p \<sqsubseteq> p" and lp: "lpfp\<^sub>c f c0 = Some c" shows "c \<sqsubseteq> p"
   40.34 +using pfp_least[OF _ _ bot_acom[OF `strip p = c0`] lp[simplified lpfp\<^sub>c_def]]
   40.35    mono `f p \<sqsubseteq> p`
   40.36  by blast
   40.37  
   40.38 @@ -270,51 +270,51 @@
   40.39    {S \<squnion> post c} WHILE b DO (step' Inv c) {Inv}"
   40.40  
   40.41  definition AI :: "com \<Rightarrow> 'av st option acom option" where
   40.42 -"AI = lpfp\<^isub>c (step' \<top>)"
   40.43 +"AI = lpfp\<^sub>c (step' \<top>)"
   40.44  
   40.45  
   40.46  lemma strip_step'[simp]: "strip(step' S c) = strip c"
   40.47  by(induct c arbitrary: S) (simp_all add: Let_def)
   40.48  
   40.49  
   40.50 -abbreviation \<gamma>\<^isub>f :: "'av st \<Rightarrow> state set"
   40.51 -where "\<gamma>\<^isub>f == \<gamma>_fun \<gamma>"
   40.52 +abbreviation \<gamma>\<^sub>f :: "'av st \<Rightarrow> state set"
   40.53 +where "\<gamma>\<^sub>f == \<gamma>_fun \<gamma>"
   40.54  
   40.55 -abbreviation \<gamma>\<^isub>o :: "'av st option \<Rightarrow> state set"
   40.56 -where "\<gamma>\<^isub>o == \<gamma>_option \<gamma>\<^isub>f"
   40.57 +abbreviation \<gamma>\<^sub>o :: "'av st option \<Rightarrow> state set"
   40.58 +where "\<gamma>\<^sub>o == \<gamma>_option \<gamma>\<^sub>f"
   40.59  
   40.60 -abbreviation \<gamma>\<^isub>c :: "'av st option acom \<Rightarrow> state set acom"
   40.61 -where "\<gamma>\<^isub>c == map_acom \<gamma>\<^isub>o"
   40.62 +abbreviation \<gamma>\<^sub>c :: "'av st option acom \<Rightarrow> state set acom"
   40.63 +where "\<gamma>\<^sub>c == map_acom \<gamma>\<^sub>o"
   40.64  
   40.65 -lemma gamma_f_Top[simp]: "\<gamma>\<^isub>f Top = UNIV"
   40.66 +lemma gamma_f_Top[simp]: "\<gamma>\<^sub>f Top = UNIV"
   40.67  by(simp add: Top_fun_def \<gamma>_fun_def)
   40.68  
   40.69 -lemma gamma_o_Top[simp]: "\<gamma>\<^isub>o Top = UNIV"
   40.70 +lemma gamma_o_Top[simp]: "\<gamma>\<^sub>o Top = UNIV"
   40.71  by (simp add: Top_option_def)
   40.72  
   40.73  (* FIXME (maybe also le \<rightarrow> sqle?) *)
   40.74  
   40.75 -lemma mono_gamma_f: "f \<sqsubseteq> g \<Longrightarrow> \<gamma>\<^isub>f f \<subseteq> \<gamma>\<^isub>f g"
   40.76 +lemma mono_gamma_f: "f \<sqsubseteq> g \<Longrightarrow> \<gamma>\<^sub>f f \<subseteq> \<gamma>\<^sub>f g"
   40.77  by(auto simp: le_fun_def \<gamma>_fun_def dest: mono_gamma)
   40.78  
   40.79  lemma mono_gamma_o:
   40.80 -  "sa \<sqsubseteq> sa' \<Longrightarrow> \<gamma>\<^isub>o sa \<subseteq> \<gamma>\<^isub>o sa'"
   40.81 +  "sa \<sqsubseteq> sa' \<Longrightarrow> \<gamma>\<^sub>o sa \<subseteq> \<gamma>\<^sub>o sa'"
   40.82  by(induction sa sa' rule: le_option.induct)(simp_all add: mono_gamma_f)
   40.83  
   40.84 -lemma mono_gamma_c: "ca \<sqsubseteq> ca' \<Longrightarrow> \<gamma>\<^isub>c ca \<le> \<gamma>\<^isub>c ca'"
   40.85 +lemma mono_gamma_c: "ca \<sqsubseteq> ca' \<Longrightarrow> \<gamma>\<^sub>c ca \<le> \<gamma>\<^sub>c ca'"
   40.86  by (induction ca ca' rule: le_acom.induct) (simp_all add:mono_gamma_o)
   40.87  
   40.88  text{* Soundness: *}
   40.89  
   40.90 -lemma aval'_sound: "s : \<gamma>\<^isub>f S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
   40.91 +lemma aval'_sound: "s : \<gamma>\<^sub>f S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
   40.92  by (induct a) (auto simp: gamma_num' gamma_plus' \<gamma>_fun_def)
   40.93  
   40.94  lemma in_gamma_update:
   40.95 -  "\<lbrakk> s : \<gamma>\<^isub>f S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^isub>f(S(x := a))"
   40.96 +  "\<lbrakk> s : \<gamma>\<^sub>f S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^sub>f(S(x := a))"
   40.97  by(simp add: \<gamma>_fun_def)
   40.98  
   40.99  lemma step_preserves_le:
  40.100 -  "\<lbrakk> S \<subseteq> \<gamma>\<^isub>o S'; c \<le> \<gamma>\<^isub>c c' \<rbrakk> \<Longrightarrow> step S c \<le> \<gamma>\<^isub>c (step' S' c')"
  40.101 +  "\<lbrakk> S \<subseteq> \<gamma>\<^sub>o S'; c \<le> \<gamma>\<^sub>c c' \<rbrakk> \<Longrightarrow> step S c \<le> \<gamma>\<^sub>c (step' S' c')"
  40.102  proof(induction c arbitrary: c' S S')
  40.103    case SKIP thus ?case by(auto simp:SKIP_le map_acom_SKIP)
  40.104  next
  40.105 @@ -328,40 +328,40 @@
  40.106    case (If b c1 c2 P)
  40.107    then obtain c1' c2' P' where
  40.108        "c' = IF b THEN c1' ELSE c2' {P'}"
  40.109 -      "P \<subseteq> \<gamma>\<^isub>o P'" "c1 \<le> \<gamma>\<^isub>c c1'" "c2 \<le> \<gamma>\<^isub>c c2'"
  40.110 +      "P \<subseteq> \<gamma>\<^sub>o P'" "c1 \<le> \<gamma>\<^sub>c c1'" "c2 \<le> \<gamma>\<^sub>c c2'"
  40.111      by (fastforce simp: If_le map_acom_If)
  40.112 -  moreover have "post c1 \<subseteq> \<gamma>\<^isub>o(post c1' \<squnion> post c2')"
  40.113 -    by (metis (no_types) `c1 \<le> \<gamma>\<^isub>c c1'` join_ge1 le_post mono_gamma_o order_trans post_map_acom)
  40.114 -  moreover have "post c2 \<subseteq> \<gamma>\<^isub>o(post c1' \<squnion> post c2')"
  40.115 -    by (metis (no_types) `c2 \<le> \<gamma>\<^isub>c c2'` join_ge2 le_post mono_gamma_o order_trans post_map_acom)
  40.116 -  ultimately show ?case using `S \<subseteq> \<gamma>\<^isub>o S'` by (simp add: If.IH subset_iff)
  40.117 +  moreover have "post c1 \<subseteq> \<gamma>\<^sub>o(post c1' \<squnion> post c2')"
  40.118 +    by (metis (no_types) `c1 \<le> \<gamma>\<^sub>c c1'` join_ge1 le_post mono_gamma_o order_trans post_map_acom)
  40.119 +  moreover have "post c2 \<subseteq> \<gamma>\<^sub>o(post c1' \<squnion> post c2')"
  40.120 +    by (metis (no_types) `c2 \<le> \<gamma>\<^sub>c c2'` join_ge2 le_post mono_gamma_o order_trans post_map_acom)
  40.121 +  ultimately show ?case using `S \<subseteq> \<gamma>\<^sub>o S'` by (simp add: If.IH subset_iff)
  40.122  next
  40.123    case (While I b c1 P)
  40.124    then obtain c1' I' P' where
  40.125      "c' = {I'} WHILE b DO c1' {P'}"
  40.126 -    "I \<subseteq> \<gamma>\<^isub>o I'" "P \<subseteq> \<gamma>\<^isub>o P'" "c1 \<le> \<gamma>\<^isub>c c1'"
  40.127 +    "I \<subseteq> \<gamma>\<^sub>o I'" "P \<subseteq> \<gamma>\<^sub>o P'" "c1 \<le> \<gamma>\<^sub>c c1'"
  40.128      by (fastforce simp: map_acom_While While_le)
  40.129 -  moreover have "S \<union> post c1 \<subseteq> \<gamma>\<^isub>o (S' \<squnion> post c1')"
  40.130 -    using `S \<subseteq> \<gamma>\<^isub>o S'` le_post[OF `c1 \<le> \<gamma>\<^isub>c c1'`, simplified]
  40.131 +  moreover have "S \<union> post c1 \<subseteq> \<gamma>\<^sub>o (S' \<squnion> post c1')"
  40.132 +    using `S \<subseteq> \<gamma>\<^sub>o S'` le_post[OF `c1 \<le> \<gamma>\<^sub>c c1'`, simplified]
  40.133      by (metis (no_types) join_ge1 join_ge2 le_sup_iff mono_gamma_o order_trans)
  40.134    ultimately show ?case by (simp add: While.IH subset_iff)
  40.135  qed
  40.136  
  40.137 -lemma AI_sound: "AI c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c c'"
  40.138 +lemma AI_sound: "AI c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c c'"
  40.139  proof(simp add: CS_def AI_def)
  40.140 -  assume 1: "lpfp\<^isub>c (step' \<top>) c = Some c'"
  40.141 +  assume 1: "lpfp\<^sub>c (step' \<top>) c = Some c'"
  40.142    have 2: "step' \<top> c' \<sqsubseteq> c'" by(rule lpfpc_pfp[OF 1])
  40.143 -  have 3: "strip (\<gamma>\<^isub>c (step' \<top> c')) = c"
  40.144 +  have 3: "strip (\<gamma>\<^sub>c (step' \<top> c')) = c"
  40.145      by(simp add: strip_lpfpc[OF _ 1])
  40.146 -  have "lfp (step UNIV) c \<le> \<gamma>\<^isub>c (step' \<top> c')"
  40.147 +  have "lfp (step UNIV) c \<le> \<gamma>\<^sub>c (step' \<top> c')"
  40.148    proof(rule lfp_lowerbound[simplified,OF 3])
  40.149 -    show "step UNIV (\<gamma>\<^isub>c (step' \<top> c')) \<le> \<gamma>\<^isub>c (step' \<top> c')"
  40.150 +    show "step UNIV (\<gamma>\<^sub>c (step' \<top> c')) \<le> \<gamma>\<^sub>c (step' \<top> c')"
  40.151      proof(rule step_preserves_le[OF _ _])
  40.152 -      show "UNIV \<subseteq> \<gamma>\<^isub>o \<top>" by simp
  40.153 -      show "\<gamma>\<^isub>c (step' \<top> c') \<le> \<gamma>\<^isub>c c'" by(rule mono_gamma_c[OF 2])
  40.154 +      show "UNIV \<subseteq> \<gamma>\<^sub>o \<top>" by simp
  40.155 +      show "\<gamma>\<^sub>c (step' \<top> c') \<le> \<gamma>\<^sub>c c'" by(rule mono_gamma_c[OF 2])
  40.156      qed
  40.157    qed
  40.158 -  with 2 show "lfp (step UNIV) c \<le> \<gamma>\<^isub>c c'"
  40.159 +  with 2 show "lfp (step UNIV) c \<le> \<gamma>\<^sub>c c'"
  40.160      by (blast intro: mono_gamma_c order_trans)
  40.161  qed
  40.162  
    41.1 --- a/src/HOL/IMP/Abs_Int_ITP/Abs_Int1_ITP.thy	Tue Aug 13 16:53:23 2013 +0200
    41.2 +++ b/src/HOL/IMP/Abs_Int_ITP/Abs_Int1_ITP.thy	Tue Aug 13 17:45:22 2013 +0200
    41.3 @@ -17,7 +17,7 @@
    41.4  "aval' (V x) S = lookup S x" |
    41.5  "aval' (Plus a1 a2) S = plus' (aval' a1 S) (aval' a2 S)"
    41.6  
    41.7 -lemma aval'_sound: "s : \<gamma>\<^isub>f S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
    41.8 +lemma aval'_sound: "s : \<gamma>\<^sub>f S \<Longrightarrow> aval a s : \<gamma>(aval' a S)"
    41.9  by (induction a) (auto simp: gamma_num' gamma_plus' \<gamma>_st_def lookup_def)
   41.10  
   41.11  end
   41.12 @@ -41,7 +41,7 @@
   41.13     {S \<squnion> post c} WHILE b DO step' Inv c {Inv}"
   41.14  
   41.15  definition AI :: "com \<Rightarrow> 'av st option acom option" where
   41.16 -"AI = lpfp\<^isub>c (step' \<top>)"
   41.17 +"AI = lpfp\<^sub>c (step' \<top>)"
   41.18  
   41.19  
   41.20  lemma strip_step'[simp]: "strip(step' S c) = strip c"
   41.21 @@ -51,14 +51,14 @@
   41.22  text{* Soundness: *}
   41.23  
   41.24  lemma in_gamma_update:
   41.25 -  "\<lbrakk> s : \<gamma>\<^isub>f S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^isub>f(update S x a)"
   41.26 +  "\<lbrakk> s : \<gamma>\<^sub>f S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^sub>f(update S x a)"
   41.27  by(simp add: \<gamma>_st_def lookup_update)
   41.28  
   41.29  text{* The soundness proofs are textually identical to the ones for the step
   41.30  function operating on states as functions. *}
   41.31  
   41.32  lemma step_preserves_le:
   41.33 -  "\<lbrakk> S \<subseteq> \<gamma>\<^isub>o S'; c \<le> \<gamma>\<^isub>c c' \<rbrakk> \<Longrightarrow> step S c \<le> \<gamma>\<^isub>c (step' S' c')"
   41.34 +  "\<lbrakk> S \<subseteq> \<gamma>\<^sub>o S'; c \<le> \<gamma>\<^sub>c c' \<rbrakk> \<Longrightarrow> step S c \<le> \<gamma>\<^sub>c (step' S' c')"
   41.35  proof(induction c arbitrary: c' S S')
   41.36    case SKIP thus ?case by(auto simp:SKIP_le map_acom_SKIP)
   41.37  next
   41.38 @@ -72,40 +72,40 @@
   41.39    case (If b c1 c2 P)
   41.40    then obtain c1' c2' P' where
   41.41        "c' = IF b THEN c1' ELSE c2' {P'}"
   41.42 -      "P \<subseteq> \<gamma>\<^isub>o P'" "c1 \<le> \<gamma>\<^isub>c c1'" "c2 \<le> \<gamma>\<^isub>c c2'"
   41.43 +      "P \<subseteq> \<gamma>\<^sub>o P'" "c1 \<le> \<gamma>\<^sub>c c1'" "c2 \<le> \<gamma>\<^sub>c c2'"
   41.44      by (fastforce simp: If_le map_acom_If)
   41.45 -  moreover have "post c1 \<subseteq> \<gamma>\<^isub>o(post c1' \<squnion> post c2')"
   41.46 -    by (metis (no_types) `c1 \<le> \<gamma>\<^isub>c c1'` join_ge1 le_post mono_gamma_o order_trans post_map_acom)
   41.47 -  moreover have "post c2 \<subseteq> \<gamma>\<^isub>o(post c1' \<squnion> post c2')"
   41.48 -    by (metis (no_types) `c2 \<le> \<gamma>\<^isub>c c2'` join_ge2 le_post mono_gamma_o order_trans post_map_acom)
   41.49 -  ultimately show ?case using `S \<subseteq> \<gamma>\<^isub>o S'` by (simp add: If.IH subset_iff)
   41.50 +  moreover have "post c1 \<subseteq> \<gamma>\<^sub>o(post c1' \<squnion> post c2')"
   41.51 +    by (metis (no_types) `c1 \<le> \<gamma>\<^sub>c c1'` join_ge1 le_post mono_gamma_o order_trans post_map_acom)
   41.52 +  moreover have "post c2 \<subseteq> \<gamma>\<^sub>o(post c1' \<squnion> post c2')"
   41.53 +    by (metis (no_types) `c2 \<le> \<gamma>\<^sub>c c2'` join_ge2 le_post mono_gamma_o order_trans post_map_acom)
   41.54 +  ultimately show ?case using `S \<subseteq> \<gamma>\<^sub>o S'` by (simp add: If.IH subset_iff)
   41.55  next
   41.56    case (While I b c1 P)
   41.57    then obtain c1' I' P' where
   41.58      "c' = {I'} WHILE b DO c1' {P'}"
   41.59 -    "I \<subseteq> \<gamma>\<^isub>o I'" "P \<subseteq> \<gamma>\<^isub>o P'" "c1 \<le> \<gamma>\<^isub>c c1'"
   41.60 +    "I \<subseteq> \<gamma>\<^sub>o I'" "P \<subseteq> \<gamma>\<^sub>o P'" "c1 \<le> \<gamma>\<^sub>c c1'"
   41.61      by (fastforce simp: map_acom_While While_le)
   41.62 -  moreover have "S \<union> post c1 \<subseteq> \<gamma>\<^isub>o (S' \<squnion> post c1')"
   41.63 -    using `S \<subseteq> \<gamma>\<^isub>o S'` le_post[OF `c1 \<le> \<gamma>\<^isub>c c1'`, simplified]
   41.64 +  moreover have "S \<union> post c1 \<subseteq> \<gamma>\<^sub>o (S' \<squnion> post c1')"
   41.65 +    using `S \<subseteq> \<gamma>\<^sub>o S'` le_post[OF `c1 \<le> \<gamma>\<^sub>c c1'`, simplified]
   41.66      by (metis (no_types) join_ge1 join_ge2 le_sup_iff mono_gamma_o order_trans)
   41.67    ultimately show ?case by (simp add: While.IH subset_iff)
   41.68  qed
   41.69  
   41.70 -lemma AI_sound: "AI c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c c'"
   41.71 +lemma AI_sound: "AI c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c c'"
   41.72  proof(simp add: CS_def AI_def)
   41.73 -  assume 1: "lpfp\<^isub>c (step' \<top>) c = Some c'"
   41.74 +  assume 1: "lpfp\<^sub>c (step' \<top>) c = Some c'"
   41.75    have 2: "step' \<top> c' \<sqsubseteq> c'" by(rule lpfpc_pfp[OF 1])
   41.76 -  have 3: "strip (\<gamma>\<^isub>c (step' \<top> c')) = c"
   41.77 +  have 3: "strip (\<gamma>\<^sub>c (step' \<top> c')) = c"
   41.78      by(simp add: strip_lpfpc[OF _ 1])
   41.79 -  have "lfp (step UNIV) c \<le> \<gamma>\<^isub>c (step' \<top> c')"
   41.80 +  have "lfp (step UNIV) c \<le> \<gamma>\<^sub>c (step' \<top> c')"
   41.81    proof(rule lfp_lowerbound[simplified,OF 3])
   41.82 -    show "step UNIV (\<gamma>\<^isub>c (step' \<top> c')) \<le> \<gamma>\<^isub>c (step' \<top> c')"
   41.83 +    show "step UNIV (\<gamma>\<^sub>c (step' \<top> c')) \<le> \<gamma>\<^sub>c (step' \<top> c')"
   41.84      proof(rule step_preserves_le[OF _ _])
   41.85 -      show "UNIV \<subseteq> \<gamma>\<^isub>o \<top>" by simp
   41.86 -      show "\<gamma>\<^isub>c (step' \<top> c') \<le> \<gamma>\<^isub>c c'" by(rule mono_gamma_c[OF 2])
   41.87 +      show "UNIV \<subseteq> \<gamma>\<^sub>o \<top>" by simp
   41.88 +      show "\<gamma>\<^sub>c (step' \<top> c') \<le> \<gamma>\<^sub>c c'" by(rule mono_gamma_c[OF 2])
   41.89      qed
   41.90    qed
   41.91 -  from this 2 show "lfp (step UNIV) c \<le> \<gamma>\<^isub>c c'"
   41.92 +  from this 2 show "lfp (step UNIV) c \<le> \<gamma>\<^sub>c c'"
   41.93      by (blast intro: mono_gamma_c order_trans)
   41.94  qed
   41.95  
   41.96 @@ -367,8 +367,8 @@
   41.97    fixes f :: "(('a::SL_top)option acom \<Rightarrow> 'a option acom)"
   41.98    assumes "acc {(x::'a,y). x \<sqsubseteq> y}" and "\<And>x y. x \<sqsubseteq> y \<Longrightarrow> f x \<sqsubseteq> f y"
   41.99    and "\<And>c. strip(f c) = strip c"
  41.100 -  shows "\<exists>c'. lpfp\<^isub>c f c = Some c'"
  41.101 -unfolding lpfp\<^isub>c_def
  41.102 +  shows "\<exists>c'. lpfp\<^sub>c f c = Some c'"
  41.103 +unfolding lpfp\<^sub>c_def
  41.104  apply(rule pfp_termination)
  41.105    apply(erule assms(2))
  41.106   apply(rule acc_acom[OF acc_option[OF assms(1)]])
    42.1 --- a/src/HOL/IMP/Abs_Int_ITP/Abs_Int2_ITP.thy	Tue Aug 13 16:53:23 2013 +0200
    42.2 +++ b/src/HOL/IMP/Abs_Int_ITP/Abs_Int2_ITP.thy	Tue Aug 13 17:45:22 2013 +0200
    42.3 @@ -70,14 +70,14 @@
    42.4    Val_abs1 where \<gamma> = \<gamma> for \<gamma> :: "'av::L_top_bot \<Rightarrow> val set"
    42.5  begin
    42.6  
    42.7 -lemma in_gamma_join_UpI: "s : \<gamma>\<^isub>o S1 \<or> s : \<gamma>\<^isub>o S2 \<Longrightarrow> s : \<gamma>\<^isub>o(S1 \<squnion> S2)"
    42.8 +lemma in_gamma_join_UpI: "s : \<gamma>\<^sub>o S1 \<or> s : \<gamma>\<^sub>o S2 \<Longrightarrow> s : \<gamma>\<^sub>o(S1 \<squnion> S2)"
    42.9  by (metis (no_types) join_ge1 join_ge2 mono_gamma_o set_rev_mp)
   42.10  
   42.11  fun aval'' :: "aexp \<Rightarrow> 'av st option \<Rightarrow> 'av" where
   42.12  "aval'' e None = \<bottom>" |
   42.13  "aval'' e (Some sa) = aval' e sa"
   42.14  
   42.15 -lemma aval''_sound: "s : \<gamma>\<^isub>o S \<Longrightarrow> aval a s : \<gamma>(aval'' a S)"
   42.16 +lemma aval''_sound: "s : \<gamma>\<^sub>o S \<Longrightarrow> aval a s : \<gamma>(aval'' a S)"
   42.17  by(cases S)(simp add: aval'_sound)+
   42.18  
   42.19  subsubsection "Backward analysis"
   42.20 @@ -111,12 +111,12 @@
   42.21    (let (res1,res2) = filter_less' res (aval'' e1 S) (aval'' e2 S)
   42.22     in afilter e1 res1 (afilter e2 res2 S))"
   42.23  
   42.24 -lemma afilter_sound: "s : \<gamma>\<^isub>o S \<Longrightarrow> aval e s : \<gamma> a \<Longrightarrow> s : \<gamma>\<^isub>o (afilter e a S)"
   42.25 +lemma afilter_sound: "s : \<gamma>\<^sub>o S \<Longrightarrow> aval e s : \<gamma> a \<Longrightarrow> s : \<gamma>\<^sub>o (afilter e a S)"
   42.26  proof(induction e arbitrary: a S)
   42.27    case N thus ?case by simp (metis test_num')
   42.28  next
   42.29    case (V x)
   42.30 -  obtain S' where "S = Some S'" and "s : \<gamma>\<^isub>f S'" using `s : \<gamma>\<^isub>o S`
   42.31 +  obtain S' where "S = Some S'" and "s : \<gamma>\<^sub>f S'" using `s : \<gamma>\<^sub>o S`
   42.32      by(auto simp: in_gamma_option_iff)
   42.33    moreover hence "s x : \<gamma> (lookup S' x)" by(simp add: \<gamma>_st_def)
   42.34    moreover have "s x : \<gamma> a" using V by simp
   42.35 @@ -129,7 +129,7 @@
   42.36      by (auto split: prod.split)
   42.37  qed
   42.38  
   42.39 -lemma bfilter_sound: "s : \<gamma>\<^isub>o S \<Longrightarrow> bv = bval b s \<Longrightarrow> s : \<gamma>\<^isub>o(bfilter b bv S)"
   42.40 +lemma bfilter_sound: "s : \<gamma>\<^sub>o S \<Longrightarrow> bv = bval b s \<Longrightarrow> s : \<gamma>\<^sub>o(bfilter b bv S)"
   42.41  proof(induction b arbitrary: S bv)
   42.42    case Bc thus ?case by simp
   42.43  next
   42.44 @@ -158,7 +158,7 @@
   42.45     {bfilter b False Inv}"
   42.46  
   42.47  definition AI :: "com \<Rightarrow> 'av st option acom option" where
   42.48 -"AI = lpfp\<^isub>c (step' \<top>)"
   42.49 +"AI = lpfp\<^sub>c (step' \<top>)"
   42.50  
   42.51  lemma strip_step'[simp]: "strip(step' S c) = strip c"
   42.52  by(induct c arbitrary: S) (simp_all add: Let_def)
   42.53 @@ -167,11 +167,11 @@
   42.54  subsubsection "Soundness"
   42.55  
   42.56  lemma in_gamma_update:
   42.57 -  "\<lbrakk> s : \<gamma>\<^isub>f S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^isub>f(update S x a)"
   42.58 +  "\<lbrakk> s : \<gamma>\<^sub>f S; i : \<gamma> a \<rbrakk> \<Longrightarrow> s(x := i) : \<gamma>\<^sub>f(update S x a)"
   42.59  by(simp add: \<gamma>_st_def lookup_update)
   42.60  
   42.61  lemma step_preserves_le:
   42.62 -  "\<lbrakk> S \<subseteq> \<gamma>\<^isub>o S'; cs \<le> \<gamma>\<^isub>c ca \<rbrakk> \<Longrightarrow> step S cs \<le> \<gamma>\<^isub>c (step' S' ca)"
   42.63 +  "\<lbrakk> S \<subseteq> \<gamma>\<^sub>o S'; cs \<le> \<gamma>\<^sub>c ca \<rbrakk> \<Longrightarrow> step S cs \<le> \<gamma>\<^sub>c (step' S' ca)"
   42.64  proof(induction cs arbitrary: ca S S')
   42.65    case SKIP thus ?case by(auto simp:SKIP_le map_acom_SKIP)
   42.66  next
   42.67 @@ -185,41 +185,41 @@
   42.68    case (If b cs1 cs2 P)
   42.69    then obtain ca1 ca2 Pa where
   42.70        "ca= IF b THEN ca1 ELSE ca2 {Pa}"
   42.71 -      "P \<subseteq> \<gamma>\<^isub>o Pa" "cs1 \<le> \<gamma>\<^isub>c ca1" "cs2 \<le> \<gamma>\<^isub>c ca2"
   42.72 +      "P \<subseteq> \<gamma>\<^sub>o Pa" "cs1 \<le> \<gamma>\<^sub>c ca1" "cs2 \<le> \<gamma>\<^sub>c ca2"
   42.73      by (fastforce simp: If_le map_acom_If)
   42.74 -  moreover have "post cs1 \<subseteq> \<gamma>\<^isub>o(post ca1 \<squnion> post ca2)"
   42.75 -    by (metis (no_types) `cs1 \<le> \<gamma>\<^isub>c ca1` join_ge1 le_post mono_gamma_o order_trans post_map_acom)
   42.76 -  moreover have "post cs2 \<subseteq> \<gamma>\<^isub>o(post ca1 \<squnion> post ca2)"
   42.77 -    by (metis (no_types) `cs2 \<le> \<gamma>\<^isub>c ca2` join_ge2 le_post mono_gamma_o order_trans post_map_acom)
   42.78 -  ultimately show ?case using `S \<subseteq> \<gamma>\<^isub>o S'`
   42.79 +  moreover have "post cs1 \<subseteq> \<gamma>\<^sub>o(post ca1 \<squnion> post ca2)"
   42.80 +    by (metis (no_types) `cs1 \<le> \<gamma>\<^sub>c ca1` join_ge1 le_post mono_gamma_o order_trans post_map_acom)
   42.81 +  moreover have "post cs2 \<subseteq> \<gamma>\<^sub>o(post ca1 \<squnion> post ca2)"
   42.82 +    by (metis (no_types) `cs2 \<le> \<gamma>\<^sub>c ca2` join_ge2 le_post mono_gamma_o order_trans post_map_acom)
   42.83 +  ultimately show ?case using `S \<subseteq> \<gamma>\<^sub>o S'`
   42.84      by (simp add: If.IH subset_iff bfilter_sound)
   42.85  next
   42.86    case (While I b cs1 P)
   42.87    then obtain ca1 Ia Pa where
   42.88      "ca = {Ia} WHILE b DO ca1 {Pa}"
   42.89 -    "I \<subseteq> \<gamma>\<^isub>o Ia" "P \<subseteq> \<gamma>\<^isub>o Pa" "cs1 \<le> \<gamma>\<^isub>c ca1"
   42.90 +    "I \<subseteq> \<gamma>\<^sub>o Ia" "P \<subseteq> \<gamma>\<^sub>o Pa" "cs1 \<le> \<gamma>\<^sub>c ca1"
   42.91      by (fastforce simp: map_acom_While While_le)
   42.92 -  moreover have "S \<union> post cs1 \<subseteq> \<gamma>\<^isub>o (S' \<squnion> post ca1)"
   42.93 -    using `S \<subseteq> \<gamma>\<^isub>o S'` le_post[OF `cs1 \<le> \<gamma>\<^isub>c ca1`, simplified]
   42.94 +  moreover have "S \<union> post cs1 \<subseteq> \<gamma>\<^sub>o (S' \<squnion> post ca1)"
   42.95 +    using `S \<subseteq> \<gamma>\<^sub>o S'` le_post[OF `cs1 \<le> \<gamma>\<^sub>c ca1`, simplified]
   42.96      by (metis (no_types) join_ge1 join_ge2 le_sup_iff mono_gamma_o order_trans)
   42.97    ultimately show ?case by (simp add: While.IH subset_iff bfilter_sound)
   42.98  qed
   42.99  
  42.100 -lemma AI_sound: "AI c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c c'"
  42.101 +lemma AI_sound: "AI c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c c'"
  42.102  proof(simp add: CS_def AI_def)
  42.103 -  assume 1: "lpfp\<^isub>c (step' \<top>) c = Some c'"
  42.104 +  assume 1: "lpfp\<^sub>c (step' \<top>) c = Some c'"
  42.105    have 2: "step' \<top> c' \<sqsubseteq> c'" by(rule lpfpc_pfp[OF 1])
  42.106 -  have 3: "strip (\<gamma>\<^isub>c (step' \<top> c')) = c"
  42.107 +  have 3: "strip (\<gamma>\<^sub>c (step' \<top> c')) = c"
  42.108      by(simp add: strip_lpfpc[OF _ 1])
  42.109 -  have "lfp (step UNIV) c \<le> \<gamma>\<^isub>c (step' \<top> c')"
  42.110 +  have "lfp (step UNIV) c \<le> \<gamma>\<^sub>c (step' \<top> c')"
  42.111    proof(rule lfp_lowerbound[simplified,OF 3])
  42.112 -    show "step UNIV (\<gamma>\<^isub>c (step' \<top> c')) \<le> \<gamma>\<^isub>c (step' \<top> c')"
  42.113 +    show "step UNIV (\<gamma>\<^sub>c (step' \<top> c')) \<le> \<gamma>\<^sub>c (step' \<top> c')"
  42.114      proof(rule step_preserves_le[OF _ _])
  42.115 -      show "UNIV \<subseteq> \<gamma>\<^isub>o \<top>" by simp
  42.116 -      show "\<gamma>\<^isub>c (step' \<top> c') \<le> \<gamma>\<^isub>c c'" by(rule mono_gamma_c[OF 2])
  42.117 +      show "UNIV \<subseteq> \<gamma>\<^sub>o \<top>" by simp
  42.118 +      show "\<gamma>\<^sub>c (step' \<top> c') \<le> \<gamma>\<^sub>c c'" by(rule mono_gamma_c[OF 2])
  42.119      qed
  42.120    qed
  42.121 -  from this 2 show "lfp (step UNIV) c \<le> \<gamma>\<^isub>c c'"
  42.122 +  from this 2 show "lfp (step UNIV) c \<le> \<gamma>\<^sub>c c'"
  42.123      by (blast intro: mono_gamma_c order_trans)
  42.124  qed
  42.125  
    43.1 --- a/src/HOL/IMP/Abs_Int_ITP/Abs_Int3_ITP.thy	Tue Aug 13 16:53:23 2013 +0200
    43.2 +++ b/src/HOL/IMP/Abs_Int_ITP/Abs_Int3_ITP.thy	Tue Aug 13 17:45:22 2013 +0200
    43.3 @@ -205,21 +205,21 @@
    43.4  definition AI_wn :: "com \<Rightarrow> 'av st option acom option" where
    43.5  "AI_wn = pfp_wn (step' \<top>)"
    43.6  
    43.7 -lemma AI_wn_sound: "AI_wn c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^isub>c c'"
    43.8 +lemma AI_wn_sound: "AI_wn c = Some c' \<Longrightarrow> CS c \<le> \<gamma>\<^sub>c c'"
    43.9  proof(simp add: CS_def AI_wn_def)
   43.10    assume 1: "pfp_wn (step' \<top>) c = Some c'"
   43.11    from pfp_wn_pfp[OF mono_step'2 1]
   43.12    have 2: "step' \<top> c' \<sqsubseteq> c'" .
   43.13 -  have 3: "strip (\<gamma>\<^isub>c (step' \<top> c')) = c" by(simp add: strip_pfp_wn[OF _ 1])
   43.14 -  have "lfp (step UNIV) c \<le> \<gamma>\<^isub>c (step' \<top> c')"
   43.15 +  have 3: "strip (\<gamma>\<^sub>c (step' \<top> c')) = c" by(simp add: strip_pfp_wn[OF _ 1])
   43.16 +  have "lfp (step UNIV) c \<le> \<gamma>\<^sub>c (step' \<top> c')"
   43.17    proof(rule lfp_lowerbound[simplified,OF 3])
   43.18 -    show "step UNIV (\<gamma>\<^isub>c (step' \<top> c')) \<le> \<gamma>\<^isub>c (step' \<top> c')"
   43.19 +    show "step UNIV (\<gamma>\<^sub>c (step' \<top> c')) \<le> \<gamma>\<^sub>c (step' \<top> c')"
   43.20      proof(rule step_preserves_le[OF _ _])
   43.21 -      show "UNIV \<subseteq> \<gamma>\<^isub>o \<top>" by simp
   43.22 -      show "\<gamma>\<^isub>c (step' \<top> c') \<le> \<gamma>\<^isub>c c'" by(rule mono_gamma_c[OF 2])
   43.23 +      show "UNIV \<subseteq> \<gamma>\<^sub>o \<top>" by simp
   43.24 +      show "\<gamma>\<^sub>c (step' \<top> c') \<le> \<gamma>\<^sub>c c'" by(rule mono_gamma_c[OF 2])
   43.25      qed
   43.26    qed
   43.27 -  from this 2 show "lfp (step UNIV) c \<le> \<gamma>\<^isub>c c'"
   43.28 +  from this 2 show "lfp (step UNIV) c \<le> \<gamma>\<^sub>c c'"
   43.29      by (blast intro: mono_gamma_c order_trans)
   43.30  qed
   43.31  
    44.1 --- a/src/HOL/IMP/Abs_Int_ITP/Abs_State_ITP.thy	Tue Aug 13 16:53:23 2013 +0200
    44.2 +++ b/src/HOL/IMP/Abs_Int_ITP/Abs_State_ITP.thy	Tue Aug 13 17:45:22 2013 +0200
    44.3 @@ -61,32 +61,32 @@
    44.4  locale Gamma = Val_abs where \<gamma>=\<gamma> for \<gamma> :: "'av::SL_top \<Rightarrow> val set"
    44.5  begin
    44.6  
    44.7 -abbreviation \<gamma>\<^isub>f :: "'av st \<Rightarrow> state set"
    44.8 -where "\<gamma>\<^isub>f == \<gamma>_st \<gamma>"
    44.9 +abbreviation \<gamma>\<^sub>f :: "'av st \<Rightarrow> state set"
   44.10 +where "\<gamma>\<^sub>f == \<gamma>_st \<gamma>"
   44.11  
   44.12 -abbreviation \<gamma>\<^isub>o :: "'av st option \<Rightarrow> state set"
   44.13 -where "\<gamma>\<^isub>o == \<gamma>_option \<gamma>\<^isub>f"
   44.14 +abbreviation \<gamma>\<^sub>o :: "'av st option \<Rightarrow> state set"
   44.15 +where "\<gamma>\<^sub>o == \<gamma>_option \<gamma>\<^sub>f"
   44.16  
   44.17 -abbreviation \<gamma>\<^isub>c :: "'av st option acom \<Rightarrow> state set acom"
   44.18 -where "\<gamma>\<^isub>c == map_acom \<gamma>\<^isub>o"
   44.19 +abbreviation \<gamma>\<^sub>c :: "'av st option acom \<Rightarrow> state set acom"
   44.20 +where "\<gamma>\<^sub>c == map_acom \<gamma>\<^sub>o"
   44.21  
   44.22 -lemma gamma_f_Top[simp]: "\<gamma>\<^isub>f Top = UNIV"
   44.23 +lemma gamma_f_Top[simp]: "\<gamma>\<^sub>f Top = UNIV"
   44.24  by(auto simp: Top_st_def \<gamma>_st_def lookup_def)
   44.25  
   44.26 -lemma gamma_o_Top[simp]: "\<gamma>\<^isub>o Top = UNIV"
   44.27 +lemma gamma_o_Top[simp]: "\<gamma>\<^sub>o Top = UNIV"
   44.28  by (simp add: Top_option_def)
   44.29  
   44.30  (* FIXME (maybe also le \<rightarrow> sqle?) *)
   44.31  
   44.32 -lemma mono_gamma_f: "f \<sqsubseteq> g \<Longrightarrow> \<gamma>\<^isub>f f \<subseteq> \<gamma>\<^isub>f g"
   44.33 +lemma mono_gamma_f: "f \<sqsubseteq> g \<Longrightarrow> \<gamma>\<^sub>f f \<subseteq> \<gamma>\<^sub>f g"
   44.34  apply(simp add:\<gamma>_st_def subset_iff lookup_def le_st_def split: if_splits)
   44.35  by (metis UNIV_I mono_gamma gamma_Top subsetD)
   44.36  
   44.37  lemma mono_gamma_o:
   44.38 -  "sa \<sqsubseteq> sa' \<Longrightarrow> \<gamma>\<^isub>o sa \<subseteq> \<gamma>\<^isub>o sa'"
   44.39 +  "sa \<sqsubseteq> sa' \<Longrightarrow> \<gamma>\<^sub>o sa \<subseteq> \<gamma>\<^sub>o sa'"
   44.40  by(induction sa sa' rule: le_option.induct)(simp_all add: mono_gamma_f)
   44.41  
   44.42 -lemma mono_gamma_c: "ca \<sqsubseteq> ca' \<Longrightarrow> \<gamma>\<^isub>c ca \<le> \<gamma>\<^isub>c ca'"
   44.43 +lemma mono_gamma_c: "ca \<sqsubseteq> ca' \<Longrightarrow> \<gamma>\<^sub>c ca \<le> \<gamma>\<^sub>c ca'"
   44.44  by (induction ca ca' rule: le_acom.induct) (simp_all add:mono_gamma_o)
   44.45  
   44.46  lemma in_gamma_option_iff:
    45.1 --- a/src/HOL/IMP/Abs_Int_ITP/Collecting_ITP.thy	Tue Aug 13 16:53:23 2013 +0200
    45.2 +++ b/src/HOL/IMP/Abs_Int_ITP/Collecting_ITP.thy	Tue Aug 13 17:45:22 2013 +0200
    45.3 @@ -63,14 +63,14 @@
    45.4  
    45.5  end
    45.6  
    45.7 -fun sub\<^isub>1 :: "'a acom \<Rightarrow> 'a acom" where
    45.8 -"sub\<^isub>1(c1;;c2) = c1" |
    45.9 -"sub\<^isub>1(IF b THEN c1 ELSE c2 {S}) = c1" |
   45.10 -"sub\<^isub>1({I} WHILE b DO c {P}) = c"
   45.11 +fun sub\<^sub>1 :: "'a acom \<Rightarrow> 'a acom" where
   45.12 +"sub\<^sub>1(c1;;c2) = c1" |
   45.13 +"sub\<^sub>1(IF b THEN c1 ELSE c2 {S}) = c1" |
   45.14 +"sub\<^sub>1({I} WHILE b DO c {P}) = c"
   45.15  
   45.16 -fun sub\<^isub>2 :: "'a acom \<Rightarrow> 'a acom" where
   45.17 -"sub\<^isub>2(c1;;c2) = c2" |
   45.18 -"sub\<^isub>2(IF b THEN c1 ELSE c2 {S}) = c2"
   45.19 +fun sub\<^sub>2 :: "'a acom \<Rightarrow> 'a acom" where
   45.20 +"sub\<^sub>2(c1;;c2) = c2" |
   45.21 +"sub\<^sub>2(IF b THEN c1 ELSE c2 {S}) = c2"
   45.22  
   45.23  fun invar :: "'a acom \<Rightarrow> 'a" where
   45.24  "invar({I} WHILE b DO c {P}) = I"
   45.25 @@ -80,13 +80,13 @@
   45.26  "lift F com.SKIP M = (SKIP {F (post ` M)})" |
   45.27  "lift F (x ::= a) M = (x ::= a {F (post ` M)})" |
   45.28  "lift F (c1;;c2) M =
   45.29 -  lift F c1 (sub\<^isub>1 ` M);; lift F c2 (sub\<^isub>2 ` M)" |
   45.30 +  lift F c1 (sub\<^sub>1 ` M);; lift F c2 (sub\<^sub>2 ` M)" |
   45.31  "lift F (IF b THEN c1 ELSE c2) M =
   45.32 -  IF b THEN lift F c1 (sub\<^isub>1 ` M) ELSE lift F c2 (sub\<^isub>2 ` M)
   45.33 +  IF b THEN lift F c1 (sub\<^sub>1 ` M) ELSE lift F c2 (sub\<^sub>2 ` M)
   45.34    {F (post ` M)}" |
   45.35  "lift F (WHILE b DO c) M =
   45.36   {F (invar ` M)}
   45.37 - WHILE b DO lift F c (sub\<^isub>1 ` M)
   45.38 + WHILE b DO lift F c (sub\<^sub>1 ` M)
   45.39   {F (post ` M)}"
   45.40  
   45.41  interpretation Complete_Lattice_ix "%c. {c'. strip c' = c}" "lift Inter"
    46.1 --- a/src/HOL/IMP/Abs_State.thy	Tue Aug 13 16:53:23 2013 +0200
    46.2 +++ b/src/HOL/IMP/Abs_State.thy	Tue Aug 13 17:45:22 2013 +0200
    46.3 @@ -132,29 +132,29 @@
    46.4    for \<gamma> :: "'av::semilattice_sup_top \<Rightarrow> val set"
    46.5  begin
    46.6  
    46.7 -abbreviation \<gamma>\<^isub>s :: "'av st \<Rightarrow> state set"
    46.8 -where "\<gamma>\<^isub>s == \<gamma>_st \<gamma>"
    46.9 +abbreviation \<gamma>\<^sub>s :: "'av st \<Rightarrow> state set"
   46.10 +where "\<gamma>\<^sub>s == \<gamma>_st \<gamma>"
   46.11  
   46.12 -abbreviation \<gamma>\<^isub>o :: "'av st option \<Rightarrow> state set"
   46.13 -where "\<gamma>\<^isub>o == \<gamma>_option \<gamma>\<^isub>s"
   46.14 +abbreviation \<gamma>\<^sub>o :: "'av st option \<Rightarrow> state set"
   46.15 +where "\<gamma>\<^sub>o == \<gamma>_option \<gamma>\<^sub>s"
   46.16  
   46.17 -abbreviation \<gamma>\<^isub>c :: "'av st option acom \<Rightarrow> state set acom"
   46.18 -where "\<gamma>\<^isub>c == map_acom \<gamma>\<^isub>o"
   46.19 +abbreviation \<gamma>\<^sub>c :: "'av st option acom \<Rightarrow> state set acom"
   46.20 +where "\<gamma>\<^sub>c == map_acom \<gamma>\<^sub>o"
   46.21  
   46.22 -lemma gamma_s_top[simp]: "\<gamma>\<^isub>s \<top> = UNIV"
   46.23 +lemma gamma_s_top[simp]: "\<gamma>\<^sub>s \<top> = UNIV"
   46.24  by(auto simp: \<gamma>_st_def fun_top)
   46.25  
   46.26 -lemma gamma_o_Top[simp]: "\<gamma>\<^isub>o \<top> = UNIV"
   46.27 +lemma gamma_o_Top[simp]: "\<gamma>\<^sub>o \<top> = UNIV"
   46.28  by (simp add: top_option_def)
   46.29  
   46.30 -lemma mono_gamma_s: "f \<le> g \<Longrightarrow> \<gamma>\<^isub>s f \<subseteq> \<gamma>\<^isub>s g"
   46.31 +lemma mono_gamma_s: "f \<le> g \<Longrightarrow> \<gamma>\<^sub>s f \<subseteq> \<gamma>\<^sub>s g"
   46.32  by(simp add:\<gamma>_st_def le_st_iff subset_iff) (metis mono_gamma subsetD)
   46.33  
   46.34  lemma mono_gamma_o:
   46.35 -  "S1 \<le> S2 \<Longrightarrow> \<gamma>\<^isub>o S1 \<subseteq> \<gamma>\<^isub>o S2"
   46.36 +  "S1 \<le> S2 \<Longrightarrow> \<gamma>\<^sub>o S1 \<subseteq> \<gamma>\<^sub>o S2"
   46.37  by(induction S1 S2 rule: less_eq_option.induct)(simp_all add: mono_gamma_s)
   46.38  
   46.39 -lemma mono_gamma_c: "C1 \<le> C2 \<Longrightarrow> \<gamma>\<^isub>c C1 \<le> \<gamma>\<^isub>c C2"
   46.40 +lemma mono_gamma_c: "C1 \<le> C2 \<Longrightarrow> \<gamma>\<^sub>c C1 \<le> \<gamma>\<^sub>c C2"
   46.41  by (simp add: less_eq_acom_def mono_gamma_o size_annos anno_map_acom size_annos_same[of C1 C2])
   46.42  
   46.43  lemma in_gamma_option_iff:
    47.1 --- a/src/HOL/IMP/BExp.thy	Tue Aug 13 16:53:23 2013 +0200
    47.2 +++ b/src/HOL/IMP/BExp.thy	Tue Aug 13 17:45:22 2013 +0200
    47.3 @@ -10,8 +10,8 @@
    47.4  fun bval :: "bexp \<Rightarrow> state \<Rightarrow> bool" where
    47.5  "bval (Bc v) s = v" |
    47.6  "bval (Not b) s = (\<not> bval b s)" |
    47.7 -"bval (And b\<^isub>1 b\<^isub>2) s = (bval b\<^isub>1 s \<and> bval b\<^isub>2 s)" |
    47.8 -"bval (Less a\<^isub>1 a\<^isub>2) s = (aval a\<^isub>1 s < aval a\<^isub>2 s)"
    47.9 +"bval (And b\<^sub>1 b\<^sub>2) s = (bval b\<^sub>1 s \<and> bval b\<^sub>2 s)" |
   47.10 +"bval (Less a\<^sub>1 a\<^sub>2) s = (aval a\<^sub>1 s < aval a\<^sub>2 s)"
   47.11  text_raw{*}%endsnip*}
   47.12  
   47.13  value "bval (Less (V ''x'') (Plus (N 3) (V ''y'')))
   47.14 @@ -33,8 +33,8 @@
   47.15  
   47.16  text_raw{*\snip{BExplessdef}{0}{2}{% *}
   47.17  fun less :: "aexp \<Rightarrow> aexp \<Rightarrow> bexp" where
   47.18 -"less (N n\<^isub>1) (N n\<^isub>2) = Bc(n\<^isub>1 < n\<^isub>2)" |
   47.19 -"less a\<^isub>1 a\<^isub>2 = Less a\<^isub>1 a\<^isub>2"
   47.20 +"less (N n\<^sub>1) (N n\<^sub>2) = Bc(n\<^sub>1 < n\<^sub>2)" |
   47.21 +"less a\<^sub>1 a\<^sub>2 = Less a\<^sub>1 a\<^sub>2"
   47.22  text_raw{*}%endsnip*}
   47.23  
   47.24  lemma [simp]: "bval (less a1 a2) s = (aval a1 s < aval a2 s)"
   47.25 @@ -48,7 +48,7 @@
   47.26  "and b (Bc True) = b" |
   47.27  "and (Bc False) b = Bc False" |
   47.28  "and b (Bc False) = Bc False" |
   47.29 -"and b\<^isub>1 b\<^isub>2 = And b\<^isub>1 b\<^isub>2"
   47.30 +"and b\<^sub>1 b\<^sub>2 = And b\<^sub>1 b\<^sub>2"
   47.31  text_raw{*}%endsnip*}
   47.32  
   47.33  lemma bval_and[simp]: "bval (and b1 b2) s = (bval b1 s \<and> bval b2 s)"
   47.34 @@ -74,8 +74,8 @@
   47.35  fun bsimp :: "bexp \<Rightarrow> bexp" where
   47.36  "bsimp (Bc v) = Bc v" |
   47.37  "bsimp (Not b) = not(bsimp b)" |
   47.38 -"bsimp (And b\<^isub>1 b\<^isub>2) = and (bsimp b\<^isub>1) (bsimp b\<^isub>2)" |
   47.39 -"bsimp (Less a\<^isub>1 a\<^isub>2) = less (asimp a\<^isub>1) (asimp a\<^isub>2)"
   47.40 +"bsimp (And b\<^sub>1 b\<^sub>2) = and (bsimp b\<^sub>1) (bsimp b\<^sub>2)" |
   47.41 +"bsimp (Less a\<^sub>1 a\<^sub>2) = less (asimp a\<^sub>1) (asimp a\<^sub>2)"
   47.42  text_raw{*}%endsnip*}
   47.43  
   47.44  value "bsimp (And (Less (N 0) (N 1)) b)"
    48.1 --- a/src/HOL/IMP/Big_Step.thy	Tue Aug 13 16:53:23 2013 +0200
    48.2 +++ b/src/HOL/IMP/Big_Step.thy	Tue Aug 13 17:45:22 2013 +0200
    48.3 @@ -16,13 +16,13 @@
    48.4  where
    48.5  Skip: "(SKIP,s) \<Rightarrow> s" |
    48.6  Assign: "(x ::= a,s) \<Rightarrow> s(x := aval a s)" |
    48.7 -Seq: "\<lbrakk> (c\<^isub>1,s\<^isub>1) \<Rightarrow> s\<^isub>2;  (c\<^isub>2,s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow> (c\<^isub>1;;c\<^isub>2, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
    48.8 -IfTrue: "\<lbrakk> bval b s;  (c\<^isub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
    48.9 -IfFalse: "\<lbrakk> \<not>bval b s;  (c\<^isub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   48.10 +Seq: "\<lbrakk> (c\<^sub>1,s\<^sub>1) \<Rightarrow> s\<^sub>2;  (c\<^sub>2,s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow> (c\<^sub>1;;c\<^sub>2, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   48.11 +IfTrue: "\<lbrakk> bval b s;  (c\<^sub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   48.12 +IfFalse: "\<lbrakk> \<not>bval b s;  (c\<^sub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   48.13  WhileFalse: "\<not>bval b s \<Longrightarrow> (WHILE b DO c,s) \<Rightarrow> s" |
   48.14  WhileTrue:
   48.15 -"\<lbrakk> bval b s\<^isub>1;  (c,s\<^isub>1) \<Rightarrow> s\<^isub>2;  (WHILE b DO c, s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> 
   48.16 -\<Longrightarrow> (WHILE b DO c, s\<^isub>1) \<Rightarrow> s\<^isub>3"
   48.17 +"\<lbrakk> bval b s\<^sub>1;  (c,s\<^sub>1) \<Rightarrow> s\<^sub>2;  (WHILE b DO c, s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> 
   48.18 +\<Longrightarrow> (WHILE b DO c, s\<^sub>1) \<Rightarrow> s\<^sub>3"
   48.19  text_raw{*}%endsnip*}
   48.20  
   48.21  text_raw{*\snip{BigStepEx}{1}{2}{% *}
   48.22 @@ -283,19 +283,19 @@
   48.23    "(c,s) \<Rightarrow> t  \<Longrightarrow>  (c,s) \<Rightarrow> t'  \<Longrightarrow>  t' = t"
   48.24  proof (induction arbitrary: t' rule: big_step.induct)
   48.25    -- "the only interesting case, @{text WhileTrue}:"
   48.26 -  fix b c s s\<^isub>1 t t'
   48.27 +  fix b c s s\<^sub>1 t t'
   48.28    -- "The assumptions of the rule:"
   48.29 -  assume "bval b s" and "(c,s) \<Rightarrow> s\<^isub>1" and "(WHILE b DO c,s\<^isub>1) \<Rightarrow> t"
   48.30 +  assume "bval b s" and "(c,s) \<Rightarrow> s\<^sub>1" and "(WHILE b DO c,s\<^sub>1) \<Rightarrow> t"
   48.31    -- {* Ind.Hyp; note the @{text"\<And>"} because of arbitrary: *}
   48.32 -  assume IHc: "\<And>t'. (c,s) \<Rightarrow> t' \<Longrightarrow> t' = s\<^isub>1"
   48.33 -  assume IHw: "\<And>t'. (WHILE b DO c,s\<^isub>1) \<Rightarrow> t' \<Longrightarrow> t' = t"
   48.34 +  assume IHc: "\<And>t'. (c,s) \<Rightarrow> t' \<Longrightarrow> t' = s\<^sub>1"
   48.35 +  assume IHw: "\<And>t'. (WHILE b DO c,s\<^sub>1) \<Rightarrow> t' \<Longrightarrow> t' = t"
   48.36    -- "Premise of implication:"
   48.37    assume "(WHILE b DO c,s) \<Rightarrow> t'"
   48.38 -  with `bval b s` obtain s\<^isub>1' where
   48.39 -      c: "(c,s) \<Rightarrow> s\<^isub>1'" and
   48.40 -      w: "(WHILE b DO c,s\<^isub>1') \<Rightarrow> t'"
   48.41 +  with `bval b s` obtain s\<^sub>1' where
   48.42 +      c: "(c,s) \<Rightarrow> s\<^sub>1'" and
   48.43 +      w: "(WHILE b DO c,s\<^sub>1') \<Rightarrow> t'"
   48.44      by auto
   48.45 -  from c IHc have "s\<^isub>1' = s\<^isub>1" by blast
   48.46 +  from c IHc have "s\<^sub>1' = s\<^sub>1" by blast
   48.47    with w IHw show "t' = t" by blast
   48.48  qed blast+ -- "prove the rest automatically"
   48.49  text_raw{*}%endsnip*}
    49.1 --- a/src/HOL/IMP/C_like.thy	Tue Aug 13 16:53:23 2013 +0200
    49.2 +++ b/src/HOL/IMP/C_like.thy	Tue Aug 13 17:45:22 2013 +0200
    49.3 @@ -9,15 +9,15 @@
    49.4  fun aval :: "aexp \<Rightarrow> state \<Rightarrow> nat" where
    49.5  "aval (N n) s = n" |
    49.6  "aval (!a) s = s(aval a s)" |
    49.7 -"aval (Plus a\<^isub>1 a\<^isub>2) s = aval a\<^isub>1 s + aval a\<^isub>2 s"
    49.8 +"aval (Plus a\<^sub>1 a\<^sub>2) s = aval a\<^sub>1 s + aval a\<^sub>2 s"
    49.9  
   49.10  datatype bexp = Bc bool | Not bexp | And bexp bexp | Less aexp aexp
   49.11  
   49.12  primrec bval :: "bexp \<Rightarrow> state \<Rightarrow> bool" where
   49.13  "bval (Bc v) _ = v" |
   49.14  "bval (Not b) s = (\<not> bval b s)" |
   49.15 -"bval (And b\<^isub>1 b\<^isub>2) s = (if bval b\<^isub>1 s then bval b\<^isub>2 s else False)" |
   49.16 -"bval (Less a\<^isub>1 a\<^isub>2) s = (aval a\<^isub>1 s < aval a\<^isub>2 s)"
   49.17 +"bval (And b\<^sub>1 b\<^sub>2) s = (if bval b\<^sub>1 s then bval b\<^sub>2 s else False)" |
   49.18 +"bval (Less a\<^sub>1 a\<^sub>2) s = (aval a\<^sub>1 s < aval a\<^sub>2 s)"
   49.19  
   49.20  
   49.21  datatype
   49.22 @@ -34,18 +34,18 @@
   49.23  Skip:    "(SKIP,sn) \<Rightarrow> sn" |
   49.24  Assign:  "(lhs ::= a,s,n) \<Rightarrow> (s(aval lhs s := aval a s),n)" |
   49.25  New:     "(New lhs a,s,n) \<Rightarrow> (s(aval lhs s := n), n+aval a s)"  |
   49.26 -Seq:    "\<lbrakk> (c\<^isub>1,sn\<^isub>1) \<Rightarrow> sn\<^isub>2;  (c\<^isub>2,sn\<^isub>2) \<Rightarrow> sn\<^isub>3 \<rbrakk> \<Longrightarrow>
   49.27 -          (c\<^isub>1;c\<^isub>2, sn\<^isub>1) \<Rightarrow> sn\<^isub>3" |
   49.28 +Seq:    "\<lbrakk> (c\<^sub>1,sn\<^sub>1) \<Rightarrow> sn\<^sub>2;  (c\<^sub>2,sn\<^sub>2) \<Rightarrow> sn\<^sub>3 \<rbrakk> \<Longrightarrow>
   49.29 +          (c\<^sub>1;c\<^sub>2, sn\<^sub>1) \<Rightarrow> sn\<^sub>3" |
   49.30  
   49.31 -IfTrue:  "\<lbrakk> bval b s;  (c\<^isub>1,s,n) \<Rightarrow> tn \<rbrakk> \<Longrightarrow>
   49.32 -         (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s,n) \<Rightarrow> tn" |
   49.33 -IfFalse: "\<lbrakk> \<not>bval b s;  (c\<^isub>2,s,n) \<Rightarrow> tn \<rbrakk> \<Longrightarrow>
   49.34 -         (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s,n) \<Rightarrow> tn" |
   49.35 +IfTrue:  "\<lbrakk> bval b s;  (c\<^sub>1,s,n) \<Rightarrow> tn \<rbrakk> \<Longrightarrow>
   49.36 +         (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s,n) \<Rightarrow> tn" |
   49.37 +IfFalse: "\<lbrakk> \<not>bval b s;  (c\<^sub>2,s,n) \<Rightarrow> tn \<rbrakk> \<Longrightarrow>
   49.38 +         (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s,n) \<Rightarrow> tn" |
   49.39  
   49.40  WhileFalse: "\<not>bval b s \<Longrightarrow> (WHILE b DO c,s,n) \<Rightarrow> (s,n)" |
   49.41  WhileTrue:
   49.42 -  "\<lbrakk> bval b s\<^isub>1;  (c,s\<^isub>1,n) \<Rightarrow> sn\<^isub>2;  (WHILE b DO c, sn\<^isub>2) \<Rightarrow> sn\<^isub>3 \<rbrakk> \<Longrightarrow>
   49.43 -   (WHILE b DO c, s\<^isub>1,n) \<Rightarrow> sn\<^isub>3"
   49.44 +  "\<lbrakk> bval b s\<^sub>1;  (c,s\<^sub>1,n) \<Rightarrow> sn\<^sub>2;  (WHILE b DO c, sn\<^sub>2) \<Rightarrow> sn\<^sub>3 \<rbrakk> \<Longrightarrow>
   49.45 +   (WHILE b DO c, s\<^sub>1,n) \<Rightarrow> sn\<^sub>3"
   49.46  
   49.47  code_pred big_step .
   49.48  
    50.1 --- a/src/HOL/IMP/Compiler.thy	Tue Aug 13 16:53:23 2013 +0200
    50.2 +++ b/src/HOL/IMP/Compiler.thy	Tue Aug 13 17:45:22 2013 +0200
    50.3 @@ -201,10 +201,10 @@
    50.4  fun ccomp :: "com \<Rightarrow> instr list" where
    50.5  "ccomp SKIP = []" |
    50.6  "ccomp (x ::= a) = acomp a @ [STORE x]" |
    50.7 -"ccomp (c\<^isub>1;;c\<^isub>2) = ccomp c\<^isub>1 @ ccomp c\<^isub>2" |
    50.8 -"ccomp (IF b THEN c\<^isub>1 ELSE c\<^isub>2) =
    50.9 -  (let cc\<^isub>1 = ccomp c\<^isub>1; cc\<^isub>2 = ccomp c\<^isub>2; cb = bcomp b False (size cc\<^isub>1 + 1)
   50.10 -   in cb @ cc\<^isub>1 @ JMP (size cc\<^isub>2) # cc\<^isub>2)" |
   50.11 +"ccomp (c\<^sub>1;;c\<^sub>2) = ccomp c\<^sub>1 @ ccomp c\<^sub>2" |
   50.12 +"ccomp (IF b THEN c\<^sub>1 ELSE c\<^sub>2) =
   50.13 +  (let cc\<^sub>1 = ccomp c\<^sub>1; cc\<^sub>2 = ccomp c\<^sub>2; cb = bcomp b False (size cc\<^sub>1 + 1)
   50.14 +   in cb @ cc\<^sub>1 @ JMP (size cc\<^sub>2) # cc\<^sub>2)" |
   50.15  "ccomp (WHILE b DO c) =
   50.16   (let cc = ccomp c; cb = bcomp b False (size cc + 1)
   50.17    in cb @ cc @ [JMP (-(size cb + size cc + 1))])"
    51.1 --- a/src/HOL/IMP/Def_Init.thy	Tue Aug 13 16:53:23 2013 +0200
    51.2 +++ b/src/HOL/IMP/Def_Init.thy	Tue Aug 13 17:45:22 2013 +0200
    51.3 @@ -7,9 +7,9 @@
    51.4  inductive D :: "vname set \<Rightarrow> com \<Rightarrow> vname set \<Rightarrow> bool" where
    51.5  Skip: "D A SKIP A" |
    51.6  Assign: "vars a \<subseteq> A \<Longrightarrow> D A (x ::= a) (insert x A)" |
    51.7 -Seq: "\<lbrakk> D A\<^isub>1 c\<^isub>1 A\<^isub>2;  D A\<^isub>2 c\<^isub>2 A\<^isub>3 \<rbrakk> \<Longrightarrow> D A\<^isub>1 (c\<^isub>1;; c\<^isub>2) A\<^isub>3" |
    51.8 -If: "\<lbrakk> vars b \<subseteq> A;  D A c\<^isub>1 A\<^isub>1;  D A c\<^isub>2 A\<^isub>2 \<rbrakk> \<Longrightarrow>
    51.9 -  D A (IF b THEN c\<^isub>1 ELSE c\<^isub>2) (A\<^isub>1 Int A\<^isub>2)" |
   51.10 +Seq: "\<lbrakk> D A\<^sub>1 c\<^sub>1 A\<^sub>2;  D A\<^sub>2 c\<^sub>2 A\<^sub>3 \<rbrakk> \<Longrightarrow> D A\<^sub>1 (c\<^sub>1;; c\<^sub>2) A\<^sub>3" |
   51.11 +If: "\<lbrakk> vars b \<subseteq> A;  D A c\<^sub>1 A\<^sub>1;  D A c\<^sub>2 A\<^sub>2 \<rbrakk> \<Longrightarrow>
   51.12 +  D A (IF b THEN c\<^sub>1 ELSE c\<^sub>2) (A\<^sub>1 Int A\<^sub>2)" |
   51.13  While: "\<lbrakk> vars b \<subseteq> A;  D A c A' \<rbrakk> \<Longrightarrow> D A (WHILE b DO c) A"
   51.14  
   51.15  inductive_cases [elim!]:
    52.1 --- a/src/HOL/IMP/Def_Init_Big.thy	Tue Aug 13 16:53:23 2013 +0200
    52.2 +++ b/src/HOL/IMP/Def_Init_Big.thy	Tue Aug 13 17:45:22 2013 +0200
    52.3 @@ -13,13 +13,13 @@
    52.4  Skip: "(SKIP,s) \<Rightarrow> s" |
    52.5  AssignNone: "aval a s = None \<Longrightarrow> (x ::= a, Some s) \<Rightarrow> None" |
    52.6  Assign: "aval a s = Some i \<Longrightarrow> (x ::= a, Some s) \<Rightarrow> Some(s(x := Some i))" |
    52.7 -Seq:    "(c\<^isub>1,s\<^isub>1) \<Rightarrow> s\<^isub>2 \<Longrightarrow> (c\<^isub>2,s\<^isub>2) \<Rightarrow> s\<^isub>3 \<Longrightarrow> (c\<^isub>1;;c\<^isub>2,s\<^isub>1) \<Rightarrow> s\<^isub>3" |
    52.8 +Seq:    "(c\<^sub>1,s\<^sub>1) \<Rightarrow> s\<^sub>2 \<Longrightarrow> (c\<^sub>2,s\<^sub>2) \<Rightarrow> s\<^sub>3 \<Longrightarrow> (c\<^sub>1;;c\<^sub>2,s\<^sub>1) \<Rightarrow> s\<^sub>3" |
    52.9  
   52.10 -IfNone:  "bval b s = None \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2,Some s) \<Rightarrow> None" |
   52.11 -IfTrue:  "\<lbrakk> bval b s = Some True;  (c\<^isub>1,Some s) \<Rightarrow> s' \<rbrakk> \<Longrightarrow>
   52.12 -  (IF b THEN c\<^isub>1 ELSE c\<^isub>2,Some s) \<Rightarrow> s'" |
   52.13 -IfFalse: "\<lbrakk> bval b s = Some False;  (c\<^isub>2,Some s) \<Rightarrow> s' \<rbrakk> \<Longrightarrow>
   52.14 -  (IF b THEN c\<^isub>1 ELSE c\<^isub>2,Some s) \<Rightarrow> s'" |
   52.15 +IfNone:  "bval b s = None \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2,Some s) \<Rightarrow> None" |
   52.16 +IfTrue:  "\<lbrakk> bval b s = Some True;  (c\<^sub>1,Some s) \<Rightarrow> s' \<rbrakk> \<Longrightarrow>
   52.17 +  (IF b THEN c\<^sub>1 ELSE c\<^sub>2,Some s) \<Rightarrow> s'" |
   52.18 +IfFalse: "\<lbrakk> bval b s = Some False;  (c\<^sub>2,Some s) \<Rightarrow> s' \<rbrakk> \<Longrightarrow>
   52.19 +  (IF b THEN c\<^sub>1 ELSE c\<^sub>2,Some s) \<Rightarrow> s'" |
   52.20  
   52.21  WhileNone: "bval b s = None \<Longrightarrow> (WHILE b DO c,Some s) \<Rightarrow> None" |
   52.22  WhileFalse: "bval b s = Some False \<Longrightarrow> (WHILE b DO c,Some s) \<Rightarrow> Some s" |
    53.1 --- a/src/HOL/IMP/Def_Init_Exp.thy	Tue Aug 13 16:53:23 2013 +0200
    53.2 +++ b/src/HOL/IMP/Def_Init_Exp.thy	Tue Aug 13 17:45:22 2013 +0200
    53.3 @@ -12,18 +12,18 @@
    53.4  fun aval :: "aexp \<Rightarrow> state \<Rightarrow> val option" where
    53.5  "aval (N i) s = Some i" |
    53.6  "aval (V x) s = s x" |
    53.7 -"aval (Plus a\<^isub>1 a\<^isub>2) s =
    53.8 -  (case (aval a\<^isub>1 s, aval a\<^isub>2 s) of
    53.9 -     (Some i\<^isub>1,Some i\<^isub>2) \<Rightarrow> Some(i\<^isub>1+i\<^isub>2) | _ \<Rightarrow> None)"
   53.10 +"aval (Plus a\<^sub>1 a\<^sub>2) s =
   53.11 +  (case (aval a\<^sub>1 s, aval a\<^sub>2 s) of
   53.12 +     (Some i\<^sub>1,Some i\<^sub>2) \<Rightarrow> Some(i\<^sub>1+i\<^sub>2) | _ \<Rightarrow> None)"
   53.13  
   53.14  
   53.15  fun bval :: "bexp \<Rightarrow> state \<Rightarrow> bool option" where
   53.16  "bval (Bc v) s = Some v" |
   53.17  "bval (Not b) s = (case bval b s of None \<Rightarrow> None | Some bv \<Rightarrow> Some(\<not> bv))" |
   53.18 -"bval (And b\<^isub>1 b\<^isub>2) s = (case (bval b\<^isub>1 s, bval b\<^isub>2 s) of
   53.19 -  (Some bv\<^isub>1, Some bv\<^isub>2) \<Rightarrow> Some(bv\<^isub>1 & bv\<^isub>2) | _ \<Rightarrow> None)" |
   53.20 -"bval (Less a\<^isub>1 a\<^isub>2) s = (case (aval a\<^isub>1 s, aval a\<^isub>2 s) of
   53.21 - (Some i\<^isub>1, Some i\<^isub>2) \<Rightarrow> Some(i\<^isub>1 < i\<^isub>2) | _ \<Rightarrow> None)"
   53.22 +"bval (And b\<^sub>1 b\<^sub>2) s = (case (bval b\<^sub>1 s, bval b\<^sub>2 s) of
   53.23 +  (Some bv\<^sub>1, Some bv\<^sub>2) \<Rightarrow> Some(bv\<^sub>1 & bv\<^sub>2) | _ \<Rightarrow> None)" |
   53.24 +"bval (Less a\<^sub>1 a\<^sub>2) s = (case (aval a\<^sub>1 s, aval a\<^sub>2 s) of
   53.25 + (Some i\<^sub>1, Some i\<^sub>2) \<Rightarrow> Some(i\<^sub>1 < i\<^sub>2) | _ \<Rightarrow> None)"
   53.26  
   53.27  
   53.28  lemma aval_Some: "vars a \<subseteq> dom s \<Longrightarrow> \<exists> i. aval a s = Some i"
    54.1 --- a/src/HOL/IMP/Def_Init_Small.thy	Tue Aug 13 16:53:23 2013 +0200
    54.2 +++ b/src/HOL/IMP/Def_Init_Small.thy	Tue Aug 13 17:45:22 2013 +0200
    54.3 @@ -12,10 +12,10 @@
    54.4  Assign:  "aval a s = Some i \<Longrightarrow> (x ::= a, s) \<rightarrow> (SKIP, s(x := Some i))" |
    54.5  
    54.6  Seq1:   "(SKIP;;c,s) \<rightarrow> (c,s)" |
    54.7 -Seq2:   "(c\<^isub>1,s) \<rightarrow> (c\<^isub>1',s') \<Longrightarrow> (c\<^isub>1;;c\<^isub>2,s) \<rightarrow> (c\<^isub>1';;c\<^isub>2,s')" |
    54.8 +Seq2:   "(c\<^sub>1,s) \<rightarrow> (c\<^sub>1',s') \<Longrightarrow> (c\<^sub>1;;c\<^sub>2,s) \<rightarrow> (c\<^sub>1';;c\<^sub>2,s')" |
    54.9  
   54.10 -IfTrue:  "bval b s = Some True \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2,s) \<rightarrow> (c\<^isub>1,s)" |
   54.11 -IfFalse: "bval b s = Some False \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2,s) \<rightarrow> (c\<^isub>2,s)" |
   54.12 +IfTrue:  "bval b s = Some True \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2,s) \<rightarrow> (c\<^sub>1,s)" |
   54.13 +IfFalse: "bval b s = Some False \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2,s) \<rightarrow> (c\<^sub>2,s)" |
   54.14  
   54.15  While:   "(WHILE b DO c,s) \<rightarrow> (IF b THEN c;; WHILE b DO c ELSE SKIP,s)"
   54.16  
    55.1 --- a/src/HOL/IMP/Hoare.thy	Tue Aug 13 16:53:23 2013 +0200
    55.2 +++ b/src/HOL/IMP/Hoare.thy	Tue Aug 13 17:45:22 2013 +0200
    55.3 @@ -23,11 +23,11 @@
    55.4  
    55.5  Assign:  "\<turnstile> {\<lambda>s. P(s[a/x])} x::=a {P}"  |
    55.6  
    55.7 -Seq: "\<lbrakk> \<turnstile> {P} c\<^isub>1 {Q};  \<turnstile> {Q} c\<^isub>2 {R} \<rbrakk>
    55.8 -      \<Longrightarrow> \<turnstile> {P} c\<^isub>1;;c\<^isub>2 {R}"  |
    55.9 +Seq: "\<lbrakk> \<turnstile> {P} c\<^sub>1 {Q};  \<turnstile> {Q} c\<^sub>2 {R} \<rbrakk>
   55.10 +      \<Longrightarrow> \<turnstile> {P} c\<^sub>1;;c\<^sub>2 {R}"  |
   55.11  
   55.12 -If: "\<lbrakk> \<turnstile> {\<lambda>s. P s \<and> bval b s} c\<^isub>1 {Q};  \<turnstile> {\<lambda>s. P s \<and> \<not> bval b s} c\<^isub>2 {Q} \<rbrakk>
   55.13 -     \<Longrightarrow> \<turnstile> {P} IF b THEN c\<^isub>1 ELSE c\<^isub>2 {Q}"  |
   55.14 +If: "\<lbrakk> \<turnstile> {\<lambda>s. P s \<and> bval b s} c\<^sub>1 {Q};  \<turnstile> {\<lambda>s. P s \<and> \<not> bval b s} c\<^sub>2 {Q} \<rbrakk>
   55.15 +     \<Longrightarrow> \<turnstile> {P} IF b THEN c\<^sub>1 ELSE c\<^sub>2 {Q}"  |
   55.16  
   55.17  While: "\<turnstile> {\<lambda>s. P s \<and> bval b s} c {P} \<Longrightarrow>
   55.18          \<turnstile> {P} WHILE b DO c {\<lambda>s. P s \<and> \<not> bval b s}"  |
    56.1 --- a/src/HOL/IMP/Hoare_Sound_Complete.thy	Tue Aug 13 16:53:23 2013 +0200
    56.2 +++ b/src/HOL/IMP/Hoare_Sound_Complete.thy	Tue Aug 13 17:45:22 2013 +0200
    56.3 @@ -31,12 +31,12 @@
    56.4  lemma wp_Ass[simp]: "wp (x::=a) Q = (\<lambda>s. Q(s[a/x]))"
    56.5  by (rule ext) (auto simp: wp_def)
    56.6  
    56.7 -lemma wp_Seq[simp]: "wp (c\<^isub>1;;c\<^isub>2) Q = wp c\<^isub>1 (wp c\<^isub>2 Q)"
    56.8 +lemma wp_Seq[simp]: "wp (c\<^sub>1;;c\<^sub>2) Q = wp c\<^sub>1 (wp c\<^sub>2 Q)"
    56.9  by (rule ext) (auto simp: wp_def)
   56.10  
   56.11  lemma wp_If[simp]:
   56.12 - "wp (IF b THEN c\<^isub>1 ELSE c\<^isub>2) Q =
   56.13 - (\<lambda>s. if bval b s then wp c\<^isub>1 Q s else wp c\<^isub>2 Q s)"
   56.14 + "wp (IF b THEN c\<^sub>1 ELSE c\<^sub>2) Q =
   56.15 + (\<lambda>s. if bval b s then wp c\<^sub>1 Q s else wp c\<^sub>2 Q s)"
   56.16  by (rule ext) (auto simp: wp_def)
   56.17  
   56.18  lemma wp_While_If:
    57.1 --- a/src/HOL/IMP/Hoare_Total.thy	Tue Aug 13 16:53:23 2013 +0200
    57.2 +++ b/src/HOL/IMP/Hoare_Total.thy	Tue Aug 13 17:45:22 2013 +0200
    57.3 @@ -25,10 +25,10 @@
    57.4  
    57.5  Assign:  "\<turnstile>\<^sub>t {\<lambda>s. P(s[a/x])} x::=a {P}"  |
    57.6  
    57.7 -Seq: "\<lbrakk> \<turnstile>\<^sub>t {P\<^isub>1} c\<^isub>1 {P\<^isub>2}; \<turnstile>\<^sub>t {P\<^isub>2} c\<^isub>2 {P\<^isub>3} \<rbrakk> \<Longrightarrow> \<turnstile>\<^sub>t {P\<^isub>1} c\<^isub>1;;c\<^isub>2 {P\<^isub>3}"  |
    57.8 +Seq: "\<lbrakk> \<turnstile>\<^sub>t {P\<^sub>1} c\<^sub>1 {P\<^sub>2}; \<turnstile>\<^sub>t {P\<^sub>2} c\<^sub>2 {P\<^sub>3} \<rbrakk> \<Longrightarrow> \<turnstile>\<^sub>t {P\<^sub>1} c\<^sub>1;;c\<^sub>2 {P\<^sub>3}"  |
    57.9  
   57.10 -If: "\<lbrakk> \<turnstile>\<^sub>t {\<lambda>s. P s \<and> bval b s} c\<^isub>1 {Q}; \<turnstile>\<^sub>t {\<lambda>s. P s \<and> \<not> bval b s} c\<^isub>2 {Q} \<rbrakk>
   57.11 -  \<Longrightarrow> \<turnstile>\<^sub>t {P} IF b THEN c\<^isub>1 ELSE c\<^isub>2 {Q}"  |
   57.12 +If: "\<lbrakk> \<turnstile>\<^sub>t {\<lambda>s. P s \<and> bval b s} c\<^sub>1 {Q}; \<turnstile>\<^sub>t {\<lambda>s. P s \<and> \<not> bval b s} c\<^sub>2 {Q} \<rbrakk>
   57.13 +  \<Longrightarrow> \<turnstile>\<^sub>t {P} IF b THEN c\<^sub>1 ELSE c\<^sub>2 {Q}"  |
   57.14  
   57.15  While:
   57.16    "(\<And>n::nat.
   57.17 @@ -119,14 +119,14 @@
   57.18  lemma [simp]: "wp\<^sub>t (x ::= e) Q = (\<lambda>s. Q(s(x := aval e s)))"
   57.19  by(auto intro!: ext simp: wpt_def)
   57.20  
   57.21 -lemma [simp]: "wp\<^sub>t (c\<^isub>1;;c\<^isub>2) Q = wp\<^sub>t c\<^isub>1 (wp\<^sub>t c\<^isub>2 Q)"
   57.22 +lemma [simp]: "wp\<^sub>t (c\<^sub>1;;c\<^sub>2) Q = wp\<^sub>t c\<^sub>1 (wp\<^sub>t c\<^sub>2 Q)"
   57.23  unfolding wpt_def
   57.24  apply(rule ext)
   57.25  apply auto
   57.26  done
   57.27  
   57.28  lemma [simp]:
   57.29 - "wp\<^sub>t (IF b THEN c\<^isub>1 ELSE c\<^isub>2) Q = (\<lambda>s. wp\<^sub>t (if bval b s then c\<^isub>1 else c\<^isub>2) Q s)"
   57.30 + "wp\<^sub>t (IF b THEN c\<^sub>1 ELSE c\<^sub>2) Q = (\<lambda>s. wp\<^sub>t (if bval b s then c\<^sub>1 else c\<^sub>2) Q s)"
   57.31  apply(unfold wpt_def)
   57.32  apply(rule ext)
   57.33  apply auto
    58.1 --- a/src/HOL/IMP/Live.thy	Tue Aug 13 16:53:23 2013 +0200
    58.2 +++ b/src/HOL/IMP/Live.thy	Tue Aug 13 17:45:22 2013 +0200
    58.3 @@ -10,8 +10,8 @@
    58.4  fun L :: "com \<Rightarrow> vname set \<Rightarrow> vname set" where
    58.5  "L SKIP X = X" |
    58.6  "L (x ::= a) X = vars a \<union> (X - {x})" |
    58.7 -"L (c\<^isub>1;; c\<^isub>2) X = L c\<^isub>1 (L c\<^isub>2 X)" |
    58.8 -"L (IF b THEN c\<^isub>1 ELSE c\<^isub>2) X = vars b \<union> L c\<^isub>1 X \<union> L c\<^isub>2 X" |
    58.9 +"L (c\<^sub>1;; c\<^sub>2) X = L c\<^sub>1 (L c\<^sub>2 X)" |
   58.10 +"L (IF b THEN c\<^sub>1 ELSE c\<^sub>2) X = vars b \<union> L c\<^sub>1 X \<union> L c\<^sub>2 X" |
   58.11  "L (WHILE b DO c) X = vars b \<union> X \<union> L c X"
   58.12  
   58.13  value "show (L (''y'' ::= V ''z'';; ''x'' ::= Plus (V ''y'') (V ''z'')) {''x''})"
   58.14 @@ -21,15 +21,15 @@
   58.15  fun "kill" :: "com \<Rightarrow> vname set" where
   58.16  "kill SKIP = {}" |
   58.17  "kill (x ::= a) = {x}" |
   58.18 -"kill (c\<^isub>1;; c\<^isub>2) = kill c\<^isub>1 \<union> kill c\<^isub>2" |
   58.19 -"kill (IF b THEN c\<^isub>1 ELSE c\<^isub>2) = kill c\<^isub>1 \<inter> kill c\<^isub>2" |
   58.20 +"kill (c\<^sub>1;; c\<^sub>2) = kill c\<^sub>1 \<union> kill c\<^sub>2" |
   58.21 +"kill (IF b THEN c\<^sub>1 ELSE c\<^sub>2) = kill c\<^sub>1 \<inter> kill c\<^sub>2" |
   58.22  "kill (WHILE b DO c) = {}"
   58.23  
   58.24  fun gen :: "com \<Rightarrow> vname set" where
   58.25  "gen SKIP = {}" |
   58.26  "gen (x ::= a) = vars a" |
   58.27 -"gen (c\<^isub>1;; c\<^isub>2) = gen c\<^isub>1 \<union> (gen c\<^isub>2 - kill c\<^isub>1)" |
   58.28 -"gen (IF b THEN c\<^isub>1 ELSE c\<^isub>2) = vars b \<union> gen c\<^isub>1 \<union> gen c\<^isub>2" |
   58.29 +"gen (c\<^sub>1;; c\<^sub>2) = gen c\<^sub>1 \<union> (gen c\<^sub>2 - kill c\<^sub>1)" |
   58.30 +"gen (IF b THEN c\<^sub>1 ELSE c\<^sub>2) = vars b \<union> gen c\<^sub>1 \<union> gen c\<^sub>2" |
   58.31  "gen (WHILE b DO c) = vars b \<union> gen c"
   58.32  
   58.33  lemma L_gen_kill: "L c X = gen c \<union> (X - kill c)"
   58.34 @@ -110,8 +110,8 @@
   58.35  fun bury :: "com \<Rightarrow> vname set \<Rightarrow> com" where
   58.36  "bury SKIP X = SKIP" |
   58.37  "bury (x ::= a) X = (if x \<in> X then x ::= a else SKIP)" |
   58.38 -"bury (c\<^isub>1;; c\<^isub>2) X = (bury c\<^isub>1 (L c\<^isub>2 X);; bury c\<^isub>2 X)" |
   58.39 -"bury (IF b THEN c\<^isub>1 ELSE c\<^isub>2) X = IF b THEN bury c\<^isub>1 X ELSE bury c\<^isub>2 X" |
   58.40 +"bury (c\<^sub>1;; c\<^sub>2) X = (bury c\<^sub>1 (L c\<^sub>2 X);; bury c\<^sub>2 X)" |
   58.41 +"bury (IF b THEN c\<^sub>1 ELSE c\<^sub>2) X = IF b THEN bury c\<^sub>1 X ELSE bury c\<^sub>2 X" |
   58.42  "bury (WHILE b DO c) X = WHILE b DO bury c (L (WHILE b DO c) X)"
   58.43  
   58.44  text{* We could prove the analogous lemma to @{thm[source]L_correct}, and the
   58.45 @@ -182,8 +182,8 @@
   58.46  lemma Assign_bury[simp]: "x::=a = bury c X \<longleftrightarrow> c = x::=a & x : X"
   58.47  by (cases c) auto
   58.48  
   58.49 -lemma Seq_bury[simp]: "bc\<^isub>1;;bc\<^isub>2 = bury c X \<longleftrightarrow>
   58.50 -  (EX c\<^isub>1 c\<^isub>2. c = c\<^isub>1;;c\<^isub>2 & bc\<^isub>2 = bury c\<^isub>2 X & bc\<^isub>1 = bury c\<^isub>1 (L c\<^isub>2 X))"
   58.51 +lemma Seq_bury[simp]: "bc\<^sub>1;;bc\<^sub>2 = bury c X \<longleftrightarrow>
   58.52 +  (EX c\<^sub>1 c\<^sub>2. c = c\<^sub>1;;c\<^sub>2 & bc\<^sub>2 = bury c\<^sub>2 X & bc\<^sub>1 = bury c\<^sub>1 (L c\<^sub>2 X))"
   58.53  by (cases c) auto
   58.54  
   58.55  lemma If_bury[simp]: "IF b THEN bc1 ELSE bc2 = bury c X \<longleftrightarrow>
    59.1 --- a/src/HOL/IMP/Live_True.thy	Tue Aug 13 16:53:23 2013 +0200
    59.2 +++ b/src/HOL/IMP/Live_True.thy	Tue Aug 13 17:45:22 2013 +0200
    59.3 @@ -9,8 +9,8 @@
    59.4  fun L :: "com \<Rightarrow> vname set \<Rightarrow> vname set" where
    59.5  "L SKIP X = X" |
    59.6  "L (x ::= a) X = (if x \<in> X then vars a \<union> (X - {x}) else X)" |
    59.7 -"L (c\<^isub>1;; c\<^isub>2) X = L c\<^isub>1 (L c\<^isub>2 X)" |
    59.8 -"L (IF b THEN c\<^isub>1 ELSE c\<^isub>2) X = vars b \<union> L c\<^isub>1 X \<union> L c\<^isub>2 X" |
    59.9 +"L (c\<^sub>1;; c\<^sub>2) X = L c\<^sub>1 (L c\<^sub>2 X)" |
   59.10 +"L (IF b THEN c\<^sub>1 ELSE c\<^sub>2) X = vars b \<union> L c\<^sub>1 X \<union> L c\<^sub>2 X" |
   59.11  "L (WHILE b DO c) X = lfp(\<lambda>Y. vars b \<union> X \<union> L c Y)"
   59.12  
   59.13  lemma L_mono: "mono (L c)"
   59.14 @@ -171,8 +171,8 @@
   59.15  fun Lb :: "com \<Rightarrow> vname set \<Rightarrow> vname set" where
   59.16  "Lb SKIP X = X" |
   59.17  "Lb (x ::= a) X = (if x \<in> X then X - {x} \<union> vars a else X)" |
   59.18 -"Lb (c\<^isub>1;; c\<^isub>2) X = (Lb c\<^isub>1 \<circ> Lb c\<^isub>2) X" |
   59.19 -"Lb (IF b THEN c\<^isub>1 ELSE c\<^isub>2) X = vars b \<union> Lb c\<^isub>1 X \<union> Lb c\<^isub>2 X" |
   59.20 +"Lb (c\<^sub>1;; c\<^sub>2) X = (Lb c\<^sub>1 \<circ> Lb c\<^sub>2) X" |
   59.21 +"Lb (IF b THEN c\<^sub>1 ELSE c\<^sub>2) X = vars b \<union> Lb c\<^sub>1 X \<union> Lb c\<^sub>2 X" |
   59.22  "Lb (WHILE b DO c) X = iter (\<lambda>A. vars b \<union> X \<union> Lb c A) 2 {} (vars b \<union> rvars c \<union> X)"
   59.23  
   59.24  text{* @{const Lb} (and @{const iter}) is not monotone! *}
    60.1 --- a/src/HOL/IMP/OO.thy	Tue Aug 13 16:53:23 2013 +0200
    60.2 +++ b/src/HOL/IMP/OO.thy	Tue Aug 13 17:45:22 2013 +0200
    60.3 @@ -48,33 +48,33 @@
    60.4  "me \<turnstile> (e,c) \<Rightarrow> (r,ve',sn') \<Longrightarrow>
    60.5   me \<turnstile> (x ::= e,c) \<Rightarrow> (r,ve'(x:=r),sn')" |
    60.6  Fassign:
    60.7 -"\<lbrakk> me \<turnstile> (oe,c\<^isub>1) \<Rightarrow> (Ref a,c\<^isub>2);  me \<turnstile> (e,c\<^isub>2) \<Rightarrow> (r,ve\<^isub>3,s\<^isub>3,n\<^isub>3) \<rbrakk> \<Longrightarrow>
    60.8 - me \<turnstile> (oe\<bullet>f ::= e,c\<^isub>1) \<Rightarrow> (r,ve\<^isub>3,s\<^isub>3(a,f := r),n\<^isub>3)" |
    60.9 +"\<lbrakk> me \<turnstile> (oe,c\<^sub>1) \<Rightarrow> (Ref a,c\<^sub>2);  me \<turnstile> (e,c\<^sub>2) \<Rightarrow> (r,ve\<^sub>3,s\<^sub>3,n\<^sub>3) \<rbrakk> \<Longrightarrow>
   60.10 + me \<turnstile> (oe\<bullet>f ::= e,c\<^sub>1) \<Rightarrow> (r,ve\<^sub>3,s\<^sub>3(a,f := r),n\<^sub>3)" |
   60.11  Mcall:
   60.12 -"\<lbrakk> me \<turnstile> (oe,c\<^isub>1) \<Rightarrow> (or,c\<^isub>2);  me \<turnstile> (pe,c\<^isub>2) \<Rightarrow> (pr,ve\<^isub>3,sn\<^isub>3);
   60.13 +"\<lbrakk> me \<turnstile> (oe,c\<^sub>1) \<Rightarrow> (or,c\<^sub>2);  me \<turnstile> (pe,c\<^sub>2) \<Rightarrow> (pr,ve\<^sub>3,sn\<^sub>3);
   60.14     ve = (\<lambda>x. null)(''this'' := or, ''param'' := pr);
   60.15 -   me \<turnstile> (me m,ve,sn\<^isub>3) \<Rightarrow> (r,ve',sn\<^isub>4) \<rbrakk>
   60.16 +   me \<turnstile> (me m,ve,sn\<^sub>3) \<Rightarrow> (r,ve',sn\<^sub>4) \<rbrakk>
   60.17    \<Longrightarrow>
   60.18 - me \<turnstile> (oe\<bullet>m<pe>,c\<^isub>1) \<Rightarrow> (r,ve\<^isub>3,sn\<^isub>4)" |
   60.19 + me \<turnstile> (oe\<bullet>m<pe>,c\<^sub>1) \<Rightarrow> (r,ve\<^sub>3,sn\<^sub>4)" |
   60.20  Seq:
   60.21 -"\<lbrakk> me \<turnstile> (e\<^isub>1,c\<^isub>1) \<Rightarrow> (r,c\<^isub>2);  me \<turnstile> (e\<^isub>2,c\<^isub>2) \<Rightarrow> c\<^isub>3 \<rbrakk> \<Longrightarrow>
   60.22 - me \<turnstile> (e\<^isub>1; e\<^isub>2,c\<^isub>1) \<Rightarrow> c\<^isub>3" |
   60.23 +"\<lbrakk> me \<turnstile> (e\<^sub>1,c\<^sub>1) \<Rightarrow> (r,c\<^sub>2);  me \<turnstile> (e\<^sub>2,c\<^sub>2) \<Rightarrow> c\<^sub>3 \<rbrakk> \<Longrightarrow>
   60.24 + me \<turnstile> (e\<^sub>1; e\<^sub>2,c\<^sub>1) \<Rightarrow> c\<^sub>3" |
   60.25  IfTrue:
   60.26 -"\<lbrakk> me \<turnstile> (b,c\<^isub>1) \<rightarrow> (True,c\<^isub>2);  me \<turnstile> (e\<^isub>1,c\<^isub>2) \<Rightarrow> c\<^isub>3 \<rbrakk> \<Longrightarrow>
   60.27 - me \<turnstile> (IF b THEN e\<^isub>1 ELSE e\<^isub>2,c\<^isub>1) \<Rightarrow> c\<^isub>3" |
   60.28 +"\<lbrakk> me \<turnstile> (b,c\<^sub>1) \<rightarrow> (True,c\<^sub>2);  me \<turnstile> (e\<^sub>1,c\<^sub>2) \<Rightarrow> c\<^sub>3 \<rbrakk> \<Longrightarrow>
   60.29 + me \<turnstile> (IF b THEN e\<^sub>1 ELSE e\<^sub>2,c\<^sub>1) \<Rightarrow> c\<^sub>3" |
   60.30  IfFalse:
   60.31 -"\<lbrakk> me \<turnstile> (b,c\<^isub>1) \<rightarrow> (False,c\<^isub>2);  me \<turnstile> (e\<^isub>2,c\<^isub>2) \<Rightarrow> c\<^isub>3 \<rbrakk> \<Longrightarrow>
   60.32 - me \<turnstile> (IF b THEN e\<^isub>1 ELSE e\<^isub>2,c\<^isub>1) \<Rightarrow> c\<^isub>3" |
   60.33 +"\<lbrakk> me \<turnstile> (b,c\<^sub>1) \<rightarrow> (False,c\<^sub>2);  me \<turnstile> (e\<^sub>2,c\<^sub>2) \<Rightarrow> c\<^sub>3 \<rbrakk> \<Longrightarrow>
   60.34 + me \<turnstile> (IF b THEN e\<^sub>1 ELSE e\<^sub>2,c\<^sub>1) \<Rightarrow> c\<^sub>3" |
   60.35  
   60.36  "me \<turnstile> (B bv,c) \<rightarrow> (bv,c)" |
   60.37  
   60.38 -"me \<turnstile> (b,c\<^isub>1) \<rightarrow> (bv,c\<^isub>2) \<Longrightarrow> me \<turnstile> (Not b,c\<^isub>1) \<rightarrow> (\<not>bv,c\<^isub>2)" |
   60.39 +"me \<turnstile> (b,c\<^sub>1) \<rightarrow> (bv,c\<^sub>2) \<Longrightarrow> me \<turnstile> (Not b,c\<^sub>1) \<rightarrow> (\<not>bv,c\<^sub>2)" |
   60.40  
   60.41 -"\<lbrakk> me \<turnstile> (b\<^isub>1,c\<^isub>1) \<rightarrow> (bv\<^isub>1,c\<^isub>2);  me \<turnstile> (b\<^isub>2,c\<^isub>2) \<rightarrow> (bv\<^isub>2,c\<^isub>3) \<rbrakk> \<Longrightarrow>
   60.42 - me \<turnstile> (And b\<^isub>1 b\<^isub>2,c\<^isub>1) \<rightarrow> (bv\<^isub>1\<and>bv\<^isub>2,c\<^isub>3)" |
   60.43 +"\<lbrakk> me \<turnstile> (b\<^sub>1,c\<^sub>1) \<rightarrow> (bv\<^sub>1,c\<^sub>2);  me \<turnstile> (b\<^sub>2,c\<^sub>2) \<rightarrow> (bv\<^sub>2,c\<^sub>3) \<rbrakk> \<Longrightarrow>
   60.44 + me \<turnstile> (And b\<^sub>1 b\<^sub>2,c\<^sub>1) \<rightarrow> (bv\<^sub>1\<and>bv\<^sub>2,c\<^sub>3)" |
   60.45  
   60.46 -"\<lbrakk> me \<turnstile> (e\<^isub>1,c\<^isub>1) \<Rightarrow> (r\<^isub>1,c\<^isub>2);  me \<turnstile> (e\<^isub>2,c\<^isub>2) \<Rightarrow> (r\<^isub>2,c\<^isub>3) \<rbrakk> \<Longrightarrow>
   60.47 - me \<turnstile> (Eq e\<^isub>1 e\<^isub>2,c\<^isub>1) \<rightarrow> (r\<^isub>1=r\<^isub>2,c\<^isub>3)"
   60.48 +"\<lbrakk> me \<turnstile> (e\<^sub>1,c\<^sub>1) \<Rightarrow> (r\<^sub>1,c\<^sub>2);  me \<turnstile> (e\<^sub>2,c\<^sub>2) \<Rightarrow> (r\<^sub>2,c\<^sub>3) \<rbrakk> \<Longrightarrow>
   60.49 + me \<turnstile> (Eq e\<^sub>1 e\<^sub>2,c\<^sub>1) \<rightarrow> (r\<^sub>1=r\<^sub>2,c\<^sub>3)"
   60.50  
   60.51  
   60.52  code_pred (modes: i => i => o => bool) big_step .
    61.1 --- a/src/HOL/IMP/Procs_Dyn_Vars_Dyn.thy	Tue Aug 13 16:53:23 2013 +0200
    61.2 +++ b/src/HOL/IMP/Procs_Dyn_Vars_Dyn.thy	Tue Aug 13 17:45:22 2013 +0200
    61.3 @@ -10,18 +10,18 @@
    61.4  where
    61.5  Skip:    "pe \<turnstile> (SKIP,s) \<Rightarrow> s" |
    61.6  Assign:  "pe \<turnstile> (x ::= a,s) \<Rightarrow> s(x := aval a s)" |
    61.7 -Seq:     "\<lbrakk> pe \<turnstile> (c\<^isub>1,s\<^isub>1) \<Rightarrow> s\<^isub>2;  pe \<turnstile> (c\<^isub>2,s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow>
    61.8 -          pe \<turnstile> (c\<^isub>1;;c\<^isub>2, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
    61.9 +Seq:     "\<lbrakk> pe \<turnstile> (c\<^sub>1,s\<^sub>1) \<Rightarrow> s\<^sub>2;  pe \<turnstile> (c\<^sub>2,s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow>
   61.10 +          pe \<turnstile> (c\<^sub>1;;c\<^sub>2, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   61.11  
   61.12 -IfTrue:  "\<lbrakk> bval b s;  pe \<turnstile> (c\<^isub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   61.13 -         pe \<turnstile> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   61.14 -IfFalse: "\<lbrakk> \<not>bval b s;  pe \<turnstile> (c\<^isub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   61.15 -         pe \<turnstile> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   61.16 +IfTrue:  "\<lbrakk> bval b s;  pe \<turnstile> (c\<^sub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   61.17 +         pe \<turnstile> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   61.18 +IfFalse: "\<lbrakk> \<not>bval b s;  pe \<turnstile> (c\<^sub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   61.19 +         pe \<turnstile> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   61.20  
   61.21  WhileFalse: "\<not>bval b s \<Longrightarrow> pe \<turnstile> (WHILE b DO c,s) \<Rightarrow> s" |
   61.22  WhileTrue:
   61.23 -  "\<lbrakk> bval b s\<^isub>1;  pe \<turnstile> (c,s\<^isub>1) \<Rightarrow> s\<^isub>2;  pe \<turnstile> (WHILE b DO c, s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow>
   61.24 -   pe \<turnstile> (WHILE b DO c, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
   61.25 +  "\<lbrakk> bval b s\<^sub>1;  pe \<turnstile> (c,s\<^sub>1) \<Rightarrow> s\<^sub>2;  pe \<turnstile> (WHILE b DO c, s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow>
   61.26 +   pe \<turnstile> (WHILE b DO c, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   61.27  
   61.28  Var: "pe \<turnstile> (c,s) \<Rightarrow> t  \<Longrightarrow>  pe \<turnstile> ({VAR x; c}, s) \<Rightarrow> t(x := s x)" |
   61.29  
    62.1 --- a/src/HOL/IMP/Procs_Stat_Vars_Dyn.thy	Tue Aug 13 16:53:23 2013 +0200
    62.2 +++ b/src/HOL/IMP/Procs_Stat_Vars_Dyn.thy	Tue Aug 13 17:45:22 2013 +0200
    62.3 @@ -10,18 +10,18 @@
    62.4  where
    62.5  Skip:    "pe \<turnstile> (SKIP,s) \<Rightarrow> s" |
    62.6  Assign:  "pe \<turnstile> (x ::= a,s) \<Rightarrow> s(x := aval a s)" |
    62.7 -Seq:     "\<lbrakk> pe \<turnstile> (c\<^isub>1,s\<^isub>1) \<Rightarrow> s\<^isub>2;  pe \<turnstile> (c\<^isub>2,s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow>
    62.8 -          pe \<turnstile> (c\<^isub>1;;c\<^isub>2, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
    62.9 +Seq:     "\<lbrakk> pe \<turnstile> (c\<^sub>1,s\<^sub>1) \<Rightarrow> s\<^sub>2;  pe \<turnstile> (c\<^sub>2,s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow>
   62.10 +          pe \<turnstile> (c\<^sub>1;;c\<^sub>2, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   62.11  
   62.12 -IfTrue:  "\<lbrakk> bval b s;  pe \<turnstile> (c\<^isub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   62.13 -         pe \<turnstile> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   62.14 -IfFalse: "\<lbrakk> \<not>bval b s;  pe \<turnstile> (c\<^isub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   62.15 -         pe \<turnstile> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   62.16 +IfTrue:  "\<lbrakk> bval b s;  pe \<turnstile> (c\<^sub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   62.17 +         pe \<turnstile> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   62.18 +IfFalse: "\<lbrakk> \<not>bval b s;  pe \<turnstile> (c\<^sub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   62.19 +         pe \<turnstile> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   62.20  
   62.21  WhileFalse: "\<not>bval b s \<Longrightarrow> pe \<turnstile> (WHILE b DO c,s) \<Rightarrow> s" |
   62.22  WhileTrue:
   62.23 -  "\<lbrakk> bval b s\<^isub>1;  pe \<turnstile> (c,s\<^isub>1) \<Rightarrow> s\<^isub>2;  pe \<turnstile> (WHILE b DO c, s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow>
   62.24 -   pe \<turnstile> (WHILE b DO c, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
   62.25 +  "\<lbrakk> bval b s\<^sub>1;  pe \<turnstile> (c,s\<^sub>1) \<Rightarrow> s\<^sub>2;  pe \<turnstile> (WHILE b DO c, s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow>
   62.26 +   pe \<turnstile> (WHILE b DO c, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   62.27  
   62.28  Var: "pe \<turnstile> (c,s) \<Rightarrow> t  \<Longrightarrow>  pe \<turnstile> ({VAR x; c}, s) \<Rightarrow> t(x := s x)" |
   62.29  
    63.1 --- a/src/HOL/IMP/Procs_Stat_Vars_Stat.thy	Tue Aug 13 16:53:23 2013 +0200
    63.2 +++ b/src/HOL/IMP/Procs_Stat_Vars_Stat.thy	Tue Aug 13 17:45:22 2013 +0200
    63.3 @@ -17,19 +17,19 @@
    63.4  where
    63.5  Skip:    "e \<turnstile> (SKIP,s) \<Rightarrow> s" |
    63.6  Assign:  "(pe,ve,f) \<turnstile> (x ::= a,s) \<Rightarrow> s(ve x := aval a (s o ve))" |
    63.7 -Seq:     "\<lbrakk> e \<turnstile> (c\<^isub>1,s\<^isub>1) \<Rightarrow> s\<^isub>2;  e \<turnstile> (c\<^isub>2,s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow>
    63.8 -          e \<turnstile> (c\<^isub>1;;c\<^isub>2, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
    63.9 +Seq:     "\<lbrakk> e \<turnstile> (c\<^sub>1,s\<^sub>1) \<Rightarrow> s\<^sub>2;  e \<turnstile> (c\<^sub>2,s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow>
   63.10 +          e \<turnstile> (c\<^sub>1;;c\<^sub>2, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   63.11  
   63.12 -IfTrue:  "\<lbrakk> bval b (s \<circ> venv e);  e \<turnstile> (c\<^isub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   63.13 -         e \<turnstile> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   63.14 -IfFalse: "\<lbrakk> \<not>bval b (s \<circ> venv e);  e \<turnstile> (c\<^isub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   63.15 -         e \<turnstile> (IF b THEN c\<^isub>1 ELSE c\<^isub>2, s) \<Rightarrow> t" |
   63.16 +IfTrue:  "\<lbrakk> bval b (s \<circ> venv e);  e \<turnstile> (c\<^sub>1,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   63.17 +         e \<turnstile> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   63.18 +IfFalse: "\<lbrakk> \<not>bval b (s \<circ> venv e);  e \<turnstile> (c\<^sub>2,s) \<Rightarrow> t \<rbrakk> \<Longrightarrow>
   63.19 +         e \<turnstile> (IF b THEN c\<^sub>1 ELSE c\<^sub>2, s) \<Rightarrow> t" |
   63.20  
   63.21  WhileFalse: "\<not>bval b (s \<circ> venv e) \<Longrightarrow> e \<turnstile> (WHILE b DO c,s) \<Rightarrow> s" |
   63.22  WhileTrue:
   63.23 -  "\<lbrakk> bval b (s\<^isub>1 \<circ> venv e);  e \<turnstile> (c,s\<^isub>1) \<Rightarrow> s\<^isub>2;
   63.24 -     e \<turnstile> (WHILE b DO c, s\<^isub>2) \<Rightarrow> s\<^isub>3 \<rbrakk> \<Longrightarrow>
   63.25 -   e \<turnstile> (WHILE b DO c, s\<^isub>1) \<Rightarrow> s\<^isub>3" |
   63.26 +  "\<lbrakk> bval b (s\<^sub>1 \<circ> venv e);  e \<turnstile> (c,s\<^sub>1) \<Rightarrow> s\<^sub>2;
   63.27 +     e \<turnstile> (WHILE b DO c, s\<^sub>2) \<Rightarrow> s\<^sub>3 \<rbrakk> \<Longrightarrow>
   63.28 +   e \<turnstile> (WHILE b DO c, s\<^sub>1) \<Rightarrow> s\<^sub>3" |
   63.29  
   63.30  Var: "(pe,ve(x:=f),f+1) \<turnstile> (c,s) \<Rightarrow> t  \<Longrightarrow>
   63.31        (pe,ve,f) \<turnstile> ({VAR x; c}, s) \<Rightarrow> t" |
    64.1 --- a/src/HOL/IMP/Sec_Type_Expr.thy	Tue Aug 13 16:53:23 2013 +0200
    64.2 +++ b/src/HOL/IMP/Sec_Type_Expr.thy	Tue Aug 13 17:45:22 2013 +0200
    64.3 @@ -29,7 +29,7 @@
    64.4  fun sec_aexp :: "aexp \<Rightarrow> level" where
    64.5  "sec (N n) = 0" |
    64.6  "sec (V x) = sec x" |
    64.7 -"sec (Plus a\<^isub>1 a\<^isub>2) = max (sec a\<^isub>1) (sec a\<^isub>2)"
    64.8 +"sec (Plus a\<^sub>1 a\<^sub>2) = max (sec a\<^sub>1) (sec a\<^sub>2)"
    64.9  
   64.10  instance ..
   64.11  
   64.12 @@ -41,8 +41,8 @@
   64.13  fun sec_bexp :: "bexp \<Rightarrow> level" where
   64.14  "sec (Bc v) = 0" |
   64.15  "sec (Not b) = sec b" |
   64.16 -"sec (And b\<^isub>1 b\<^isub>2) = max (sec b\<^isub>1) (sec b\<^isub>2)" |
   64.17 -"sec (Less a\<^isub>1 a\<^isub>2) = max (sec a\<^isub>1) (sec a\<^isub>2)"
   64.18 +"sec (And b\<^sub>1 b\<^sub>2) = max (sec b\<^sub>1) (sec b\<^sub>2)" |
   64.19 +"sec (Less a\<^sub>1 a\<^sub>2) = max (sec a\<^sub>1) (sec a\<^sub>2)"
   64.20  
   64.21  instance ..
   64.22  
   64.23 @@ -58,11 +58,11 @@
   64.24  "s = s' (< l) == (\<forall> x. sec x < l \<longrightarrow> s x = s' x)"
   64.25  
   64.26  lemma aval_eq_if_eq_le:
   64.27 -  "\<lbrakk> s\<^isub>1 = s\<^isub>2 (\<le> l);  sec a \<le> l \<rbrakk> \<Longrightarrow> aval a s\<^isub>1 = aval a s\<^isub>2"
   64.28 +  "\<lbrakk> s\<^sub>1 = s\<^sub>2 (\<le> l);  sec a \<le> l \<rbrakk> \<Longrightarrow> aval a s\<^sub>1 = aval a s\<^sub>2"
   64.29  by (induct a) auto
   64.30  
   64.31  lemma bval_eq_if_eq_le:
   64.32 -  "\<lbrakk> s\<^isub>1 = s\<^isub>2 (\<le> l);  sec b \<le> l \<rbrakk> \<Longrightarrow> bval b s\<^isub>1 = bval b s\<^isub>2"
   64.33 +  "\<lbrakk> s\<^sub>1 = s\<^sub>2 (\<le> l);  sec b \<le> l \<rbrakk> \<Longrightarrow> bval b s\<^sub>1 = bval b s\<^sub>2"
   64.34  by (induct b) (auto simp add: aval_eq_if_eq_le)
   64.35  
   64.36  end
    65.1 --- a/src/HOL/IMP/Sec_Typing.thy	Tue Aug 13 16:53:23 2013 +0200
    65.2 +++ b/src/HOL/IMP/Sec_Typing.thy	Tue Aug 13 17:45:22 2013 +0200
    65.3 @@ -11,9 +11,9 @@
    65.4  Assign:
    65.5    "\<lbrakk> sec x \<ge> sec a;  sec x \<ge> l \<rbrakk> \<Longrightarrow> l \<turnstile> x ::= a" |
    65.6  Seq:
    65.7 -  "\<lbrakk> l \<turnstile> c\<^isub>1;  l \<turnstile> c\<^isub>2 \<rbrakk> \<Longrightarrow> l \<turnstile> c\<^isub>1;;c\<^isub>2" |
    65.8 +  "\<lbrakk> l \<turnstile> c\<^sub>1;  l \<turnstile> c\<^sub>2 \<rbrakk> \<Longrightarrow> l \<turnstile> c\<^sub>1;;c\<^sub>2" |
    65.9  If:
   65.10 -  "\<lbrakk> max (sec b) l \<turnstile> c\<^isub>1;  max (sec b) l \<turnstile> c\<^isub>2 \<rbrakk> \<Longrightarrow> l \<turnstile> IF b THEN c\<^isub>1 ELSE c\<^isub>2" |
   65.11 +  "\<lbrakk> max (sec b) l \<turnstile> c\<^sub>1;  max (sec b) l \<turnstile> c\<^sub>2 \<rbrakk> \<Longrightarrow> l \<turnstile> IF b THEN c\<^sub>1 ELSE c\<^sub>2" |
   65.12  While:
   65.13    "max (sec b) l \<turnstile> c \<Longrightarrow> l \<turnstile> WHILE b DO c"
   65.14  
   65.15 @@ -24,7 +24,7 @@
   65.16  value "2 \<turnstile> IF Less (V ''x1'') (V ''x'') THEN ''x1'' ::= N 0 ELSE SKIP"
   65.17  
   65.18  inductive_cases [elim!]:
   65.19 -  "l \<turnstile> x ::= a"  "l \<turnstile> c\<^isub>1;;c\<^isub>2"  "l \<turnstile> IF b THEN c\<^isub>1 ELSE c\<^isub>2"  "l \<turnstile> WHILE b DO c"
   65.20 +  "l \<turnstile> x ::= a"  "l \<turnstile> c\<^sub>1;;c\<^sub>2"  "l \<turnstile> IF b THEN c\<^sub>1 ELSE c\<^sub>2"  "l \<turnstile> WHILE b DO c"
   65.21  
   65.22  
   65.23  text{* An important property: anti-monotonicity. *}
   65.24 @@ -187,9 +187,9 @@
   65.25  Assign':
   65.26    "\<lbrakk> sec x \<ge> sec a; sec x \<ge> l \<rbrakk> \<Longrightarrow> l \<turnstile>' x ::= a" |
   65.27  Seq':
   65.28 -  "\<lbrakk> l \<turnstile>' c\<^isub>1;  l \<turnstile>' c\<^isub>2 \<rbrakk> \<Longrightarrow> l \<turnstile>' c\<^isub>1;;c\<^isub>2" |
   65.29 +  "\<lbrakk> l \<turnstile>' c\<^sub>1;  l \<turnstile>' c\<^sub>2 \<rbrakk> \<Longrightarrow> l \<turnstile>' c\<^sub>1;;c\<^sub>2" |
   65.30  If':
   65.31 -  "\<lbrakk> sec b \<le> l;  l \<turnstile>' c\<^isub>1;  l \<turnstile>' c\<^isub>2 \<rbrakk> \<Longrightarrow> l \<turnstile>' IF b THEN c\<^isub>1 ELSE c\<^isub>2" |
   65.32 +  "\<lbrakk> sec b \<le> l;  l \<turnstile>' c\<^sub>1;  l \<turnstile>' c\<^sub>2 \<rbrakk> \<Longrightarrow> l \<turnstile>' IF b THEN c\<^sub>1 ELSE c\<^sub>2" |
   65.33  While':
   65.34    "\<lbrakk> sec b \<le> l;  l \<turnstile>' c \<rbrakk> \<Longrightarrow> l \<turnstile>' WHILE b DO c" |
   65.35  anti_mono':
   65.36 @@ -221,10 +221,10 @@
   65.37  Assign2:
   65.38    "sec x \<ge> sec a \<Longrightarrow> \<turnstile> x ::= a : sec x" |
   65.39  Seq2:
   65.40 -  "\<lbrakk> \<turnstile> c\<^isub>1 : l\<^isub>1;  \<turnstile> c\<^isub>2 : l\<^isub>2 \<rbrakk> \<Longrightarrow> \<turnstile> c\<^isub>1;;c\<^isub>2 : min l\<^isub>1 l\<^isub>2 " |
   65.41 +  "\<lbrakk> \<turnstile> c\<^sub>1 : l\<^sub>1;  \<turnstile> c\<^sub>2 : l\<^sub>2 \<rbrakk> \<Longrightarrow> \<turnstile> c\<^sub>1;;c\<^sub>2 : min l\<^sub>1 l\<^sub>2 " |
   65.42  If2:
   65.43 -  "\<lbrakk> sec b \<le> min l\<^isub>1 l\<^isub>2;  \<turnstile> c\<^isub>1 : l\<^isub>1;  \<turnstile> c\<^isub>2 : l\<^isub>2 \<rbrakk>
   65.44 -  \<Longrightarrow> \<turnstile> IF b THEN c\<^isub>1 ELSE c\<^isub>2 : min l\<^isub>1 l\<^isub>2" |
   65.45 +  "\<lbrakk> sec b \<le> min l\<^sub>1 l\<^sub>2;  \<turnstile> c\<^sub>1 : l\<^sub>1;  \<turnstile> c\<^sub>2 : l\<^sub>2 \<rbrakk>
   65.46 +  \<Longrightarrow> \<turnstile> IF b THEN c\<^sub>1 ELSE c\<^sub>2 : min l\<^sub>1 l\<^sub>2" |
   65.47  While2:
   65.48    "\<lbrakk> sec b \<le> l;  \<turnstile> c : l \<rbrakk> \<Longrightarrow> \<turnstile> WHILE b DO c : l"
   65.49  
    66.1 --- a/src/HOL/IMP/Sec_TypingT.thy	Tue Aug 13 16:53:23 2013 +0200
    66.2 +++ b/src/HOL/IMP/Sec_TypingT.thy	Tue Aug 13 17:45:22 2013 +0200
    66.3 @@ -9,17 +9,17 @@
    66.4  Assign:
    66.5    "\<lbrakk> sec x \<ge> sec a;  sec x \<ge> l \<rbrakk> \<Longrightarrow> l \<turnstile> x ::= a"  |
    66.6  Seq:
    66.7 -  "l \<turnstile> c\<^isub>1 \<Longrightarrow> l \<turnstile> c\<^isub>2 \<Longrightarrow> l \<turnstile> c\<^isub>1;;c\<^isub>2"  |
    66.8 +  "l \<turnstile> c\<^sub>1 \<Longrightarrow> l \<turnstile> c\<^sub>2 \<Longrightarrow> l \<turnstile> c\<^sub>1;;c\<^sub>2"  |
    66.9  If:
   66.10 -  "\<lbrakk> max (sec b) l \<turnstile> c\<^isub>1;  max (sec b) l \<turnstile> c\<^isub>2 \<rbrakk>
   66.11 -   \<Longrightarrow> l \<turnstile> IF b THEN c\<^isub>1 ELSE c\<^isub>2"  |
   66.12 +  "\<lbrakk> max (sec b) l \<turnstile> c\<^sub>1;  max (sec b) l \<turnstile> c\<^sub>2 \<rbrakk>
   66.13 +   \<Longrightarrow> l \<turnstile> IF b THEN c\<^sub>1 ELSE c\<^sub>2"  |
   66.14  While:
   66.15    "sec b = 0 \<Longrightarrow> 0 \<turnstile> c \<Longrightarrow> 0 \<turnstile> WHILE b DO c"
   66.16  
   66.17  code_pred (expected_modes: i => i => bool) sec_type .
   66.18  
   66.19  inductive_cases [elim!]:
   66.20 -  "l \<turnstile> x ::= a"  "l \<turnstile> c\<^isub>1;;c\<^isub>2"  "l \<turnstile> IF b THEN c\<^isub>1 ELSE c\<^isub>2"  "l \<turnstile> WHILE b DO c"
   66.21 +  "l \<turnstile> x ::= a"  "l \<turnstile> c\<^sub>1;;c\<^sub>2"  "l \<turnstile> IF b THEN c\<^sub>1 ELSE c\<^sub>2"  "l \<turnstile> WHILE b DO c"
   66.22  
   66.23  
   66.24  lemma anti_mono: "l \<turnstile> c \<Longrightarrow> l' \<le> l \<Longrightarrow> l' \<turnstile> c"
   66.25 @@ -176,9 +176,9 @@
   66.26  Assign':
   66.27    "\<lbrakk> sec x \<ge> sec a;  sec x \<ge> l \<rbrakk> \<Longrightarrow> l \<turnstile>' x ::= a"  |
   66.28  Seq':
   66.29 -  "l \<turnstile>' c\<^isub>1 \<Longrightarrow> l \<turnstile>' c\<^isub>2 \<Longrightarrow> l \<turnstile>' c\<^isub>1;;c\<^isub>2"  |
   66.30 +  "l \<turnstile>' c\<^sub>1 \<Longrightarrow> l \<turnstile>' c\<^sub>2 \<Longrightarrow> l \<turnstile>' c\<^sub>1;;c\<^sub>2"  |
   66.31  If':
   66.32 -  "\<lbrakk> sec b \<le> l;  l \<turnstile>' c\<^isub>1;  l \<turnstile>' c\<^isub>2 \<rbrakk> \<Longrightarrow> l \<turnstile>' IF b THEN c\<^isub>1 ELSE c\<^isub>2"  |
   66.33 +  "\<lbrakk> sec b \<le> l;  l \<turnstile>' c\<^sub>1;  l \<turnstile>' c\<^sub>2 \<rbrakk> \<Longrightarrow> l \<turnstile>' IF b THEN c\<^sub>1 ELSE c\<^sub>2"  |
   66.34  While':
   66.35    "\<lbrakk> sec b = 0;  0 \<turnstile>' c \<rbrakk> \<Longrightarrow> 0 \<turnstile>' WHILE b DO c"  |
   66.36  anti_mono':
    67.1 --- a/src/HOL/IMP/Small_Step.thy	Tue Aug 13 16:53:23 2013 +0200
    67.2 +++ b/src/HOL/IMP/Small_Step.thy	Tue Aug 13 17:45:22 2013 +0200
    67.3 @@ -10,11 +10,11 @@
    67.4  where
    67.5  Assign:  "(x ::= a, s) \<rightarrow> (SKIP, s(x := aval a s))" |
    67.6  
    67.7 -Seq1:    "(SKIP;;c\<^isub>2,s) \<rightarrow> (c\<^isub>2,s)" |
    67.8 -Seq2:    "(c\<^isub>1,s) \<rightarrow> (c\<^isub>1',s') \<Longrightarrow> (c\<^isub>1;;c\<^isub>2,s) \<rightarrow> (c\<^isub>1';;c\<^isub>2,s')" |
    67.9 +Seq1:    "(SKIP;;c\<^sub>2,s) \<rightarrow> (c\<^sub>2,s)" |
   67.10 +Seq2:    "(c\<^sub>1,s) \<rightarrow> (c\<^sub>1',s') \<Longrightarrow> (c\<^sub>1;;c\<^sub>2,s) \<rightarrow> (c\<^sub>1';;c\<^sub>2,s')" |
   67.11  
   67.12 -IfTrue:  "bval b s \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2,s) \<rightarrow> (c\<^isub>1,s)" |
   67.13 -IfFalse: "\<not>bval b s \<Longrightarrow> (IF b THEN c\<^isub>1 ELSE c\<^isub>2,s) \<rightarrow> (c\<^isub>2,s)" |
   67.14 +IfTrue:  "bval b s \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2,s) \<rightarrow> (c\<^sub>1,s)" |
   67.15 +IfFalse: "\<not>bval b s \<Longrightarrow> (IF b THEN c\<^sub>1 ELSE c\<^sub>2,s) \<rightarrow> (c\<^sub>2,s)" |
   67.16  
   67.17  While:   "(WHILE b DO c,s) \<rightarrow>
   67.18              (IF b THEN c;; WHILE b DO c ELSE SKIP,s)"
    68.1 --- a/src/HOL/IMP/VCG.thy	Tue Aug 13 16:53:23 2013 +0200
    68.2 +++ b/src/HOL/IMP/VCG.thy	Tue Aug 13 17:45:22 2013 +0200
    68.3 @@ -20,8 +20,8 @@
    68.4  fun strip :: "acom \<Rightarrow> com" where
    68.5  "strip SKIP = com.SKIP" |
    68.6  "strip (x ::= a) = (x ::= a)" |
    68.7 -"strip (C\<^isub>1;; C\<^isub>2) = (strip C\<^isub>1;; strip C\<^isub>2)" |
    68.8 -"strip (IF b THEN C\<^isub>1 ELSE C\<^isub>2) = (IF b THEN strip C\<^isub>1 ELSE strip C\<^isub>2)" |
    68.9 +"strip (C\<^sub>1;; C\<^sub>2) = (strip C\<^sub>1;; strip C\<^sub>2)" |
   68.10 +"strip (IF b THEN C\<^sub>1 ELSE C\<^sub>2) = (IF b THEN strip C\<^sub>1 ELSE strip C\<^sub>2)" |
   68.11  "strip ({_} WHILE b DO C) = (WHILE b DO strip C)"
   68.12  
   68.13  text{* Weakest precondition from annotated commands: *}
   68.14 @@ -29,9 +29,9 @@
   68.15  fun pre :: "acom \<Rightarrow> assn \<Rightarrow> assn" where
   68.16  "pre SKIP Q = Q" |
   68.17  "pre (x ::= a) Q = (\<lambda>s. Q(s(x := aval a s)))" |
   68.18 -"pre (C\<^isub>1;; C\<^isub>2) Q = pre C\<^isub>1 (pre C\<^isub>2 Q)" |
   68.19 -"pre (IF b THEN C\<^isub>1 ELSE C\<^isub>2) Q =
   68.20 -  (\<lambda>s. if bval b s then pre C\<^isub>1 Q s else pre C\<^isub>2 Q s)" |
   68.21 +"pre (C\<^sub>1;; C\<^sub>2) Q = pre C\<^sub>1 (pre C\<^sub>2 Q)" |
   68.22 +"pre (IF b THEN C\<^sub>1 ELSE C\<^sub>2) Q =
   68.23 +  (\<lambda>s. if bval b s then pre C\<^sub>1 Q s else pre C\<^sub>2 Q s)" |
   68.24  "pre ({I} WHILE b DO C) Q = I"
   68.25  
   68.26  text{* Verification condition: *}
   68.27 @@ -39,8 +39,8 @@
   68.28  fun vc :: "acom \<Rightarrow> assn \<Rightarrow> assn" where
   68.29  "vc SKIP Q = (\<lambda>s. True)" |
   68.30  "vc (x ::= a) Q = (\<lambda>s. True)" |
   68.31 -"vc (C\<^isub>1;; C\<^isub>2) Q = (\<lambda>s. vc C\<^isub>1 (pre C\<^isub>2 Q) s \<and> vc C\<^isub>2 Q s)" |
   68.32 -"vc (IF b THEN C\<^isub>1 ELSE C\<^isub>2) Q = (\<lambda>s. vc C\<^isub>1 Q s \<and> vc C\<^isub>2 Q s)" |
   68.33 +"vc (C\<^sub>1;; C\<^sub>2) Q = (\<lambda>s. vc C\<^sub>1 (pre C\<^sub>2 Q) s \<and> vc C\<^sub>2 Q s)" |
   68.34 +"vc (IF b THEN C\<^sub>1 ELSE C\<^sub>2) Q = (\<lambda>s. vc C\<^sub>1 Q s \<and> vc C\<^sub>2 Q s)" |
   68.35  "vc ({I} WHILE b DO C) Q =
   68.36    (\<lambda>s. (I s \<and> bval b s \<longrightarrow> pre C I s) \<and>
   68.37         (I s \<and> \<not> bval b s \<longrightarrow> Q s) \<and>
    69.1 --- a/src/HOL/IMP/Vars.thy	Tue Aug 13 16:53:23 2013 +0200
    69.2 +++ b/src/HOL/IMP/Vars.thy	Tue Aug 13 17:45:22 2013 +0200
    69.3 @@ -25,7 +25,7 @@
    69.4  fun vars_aexp :: "aexp \<Rightarrow> vname set" where
    69.5  "vars (N n) = {}" |
    69.6  "vars (V x) = {x}" |
    69.7 -"vars (Plus a\<^isub>1 a\<^isub>2) = vars a\<^isub>1 \<union> vars a\<^isub>2"
    69.8 +"vars (Plus a\<^sub>1 a\<^sub>2) = vars a\<^sub>1 \<union> vars a\<^sub>2"
    69.9  
   69.10  instance ..
   69.11  
   69.12 @@ -39,8 +39,8 @@
   69.13  fun vars_bexp :: "bexp \<Rightarrow> vname set" where
   69.14  "vars (Bc v) = {}" |
   69.15  "vars (Not b) = vars b" |
   69.16 -"vars (And b\<^isub>1 b\<^isub>2) = vars b\<^isub>1 \<union> vars b\<^isub>2" |
   69.17 -"vars (Less a\<^isub>1 a\<^isub>2) = vars a\<^isub>1 \<union> vars a\<^isub>2"
   69.18 +"vars (And b\<^sub>1 b\<^sub>2) = vars b\<^sub>1 \<union> vars b\<^sub>2" |
   69.19 +"vars (Less a\<^sub>1 a\<^sub>2) = vars a\<^sub>1 \<union> vars a\<^sub>2"
   69.20  
   69.21  instance ..
   69.22  
   69.23 @@ -54,16 +54,16 @@
   69.24  "f = g on X == \<forall> x \<in> X. f x = g x"
   69.25  
   69.26  lemma aval_eq_if_eq_on_vars[simp]:
   69.27 -  "s\<^isub>1 = s\<^isub>2 on vars a \<Longrightarrow> aval a s\<^isub>1 = aval a s\<^isub>2"
   69.28 +  "s\<^sub>1 = s\<^sub>2 on vars a \<Longrightarrow> aval a s\<^sub>1 = aval a s\<^sub>2"
   69.29  apply(induction a)
   69.30  apply simp_all
   69.31  done
   69.32  
   69.33  lemma bval_eq_if_eq_on_vars:
   69.34 -  "s\<^isub>1 = s\<^isub>2 on vars b \<Longrightarrow> bval b s\<^isub>1 = bval b s\<^isub>2"
   69.35 +  "s\<^sub>1 = s\<^sub>2 on vars b \<Longrightarrow> bval b s\<^sub>1 = bval b s\<^sub>2"
   69.36  proof(induction b)
   69.37    case (Less a1 a2)
   69.38 -  hence "aval a1 s\<^isub>1 = aval a1 s\<^isub>2" and "aval a2 s\<^isub>1 = aval a2 s\<^isub>2" by simp_all
   69.39 +  hence "aval a1 s\<^sub>1 = aval a1 s\<^sub>2" and "aval a2 s\<^sub>1 = aval a2 s\<^sub>2" by simp_all
   69.40    thus ?case by simp
   69.41  qed simp_all
   69.42  
    70.1 --- a/src/HOL/Induct/Ordinals.thy	Tue Aug 13 16:53:23 2013 +0200
    70.2 +++ b/src/HOL/Induct/Ordinals.thy	Tue Aug 13 17:45:22 2013 +0200
    70.3 @@ -56,7 +56,7 @@
    70.4  | "veblen (Limit f) = \<nabla>(OpLim (\<lambda>n. veblen (f n)))"
    70.5  
    70.6  definition "veb a = veblen a Zero"
    70.7 -definition "\<epsilon>\<^isub>0 = veb Zero"
    70.8 -definition "\<Gamma>\<^isub>0 = Limit (\<lambda>n. iter veb n Zero)"
    70.9 +definition "\<epsilon>\<^sub>0 = veb Zero"
   70.10 +definition "\<Gamma>\<^sub>0 = Limit (\<lambda>n. iter veb n Zero)"
   70.11  
   70.12  end
    71.1 --- a/src/HOL/Library/Cardinality.thy	Tue Aug 13 16:53:23 2013 +0200
    71.2 +++ b/src/HOL/Library/Cardinality.thy	Tue Aug 13 17:45:22 2013 +0200
    71.3 @@ -345,20 +345,20 @@
    71.4  instance by intro_classes (simp add: card_UNIV_set_def card_UNIV_set card_UNIV)
    71.5  end
    71.6  
    71.7 -lemma UNIV_finite_1: "UNIV = set [finite_1.a\<^isub>1]"
    71.8 +lemma UNIV_finite_1: "UNIV = set [finite_1.a\<^sub>1]"
    71.9  by(auto intro: finite_1.exhaust)
   71.10  
   71.11 -lemma UNIV_finite_2: "UNIV = set [finite_2.a\<^isub>1, finite_2.a\<^isub>2]"
   71.12 +lemma UNIV_finite_2: "UNIV = set [finite_2.a\<^sub>1, finite_2.a\<^sub>2]"
   71.13  by(auto intro: finite_2.exhaust)
   71.14  
   71.15 -lemma UNIV_finite_3: "UNIV = set [finite_3.a\<^isub>1, finite_3.a\<^isub>2, finite_3.a\<^isub>3]"
   71.16 +lemma UNIV_finite_3: "UNIV = set [finite_3.a\<^sub>1, finite_3.a\<^sub>2, finite_3.a\<^sub>3]"
   71.17  by(auto intro: finite_3.exhaust)
   71.18  
   71.19 -lemma UNIV_finite_4: "UNIV = set [finite_4.a\<^isub>1, finite_4.a\<^isub>2, finite_4.a\<^isub>3, finite_4.a\<^isub>4]"
   71.20 +lemma UNIV_finite_4: "UNIV = set [finite_4.a\<^sub>1, finite_4.a\<^sub>2, finite_4.a\<^sub>3, finite_4.a\<^sub>4]"
   71.21  by(auto intro: finite_4.exhaust)
   71.22  
   71.23  lemma UNIV_finite_5:
   71.24 -  "UNIV = set [finite_5.a\<^isub>1, finite_5.a\<^isub>2, finite_5.a\<^isub>3, finite_5.a\<^isub>4, finite_5.a\<^isub>5]"
   71.25 +  "UNIV = set [finite_5.a\<^sub>1, finite_5.a\<^sub>2, finite_5.a\<^sub>3, finite_5.a\<^sub>4, finite_5.a\<^sub>5]"
   71.26  by(auto intro: finite_5.exhaust)
   71.27  
   71.28  instantiation Enum.finite_1 :: card_UNIV begin
    72.1 --- a/src/HOL/Library/Discrete.thy	Tue Aug 13 16:53:23 2013 +0200
    72.2 +++ b/src/HOL/Library/Discrete.thy	Tue Aug 13 17:45:22 2013 +0200
    72.3 @@ -76,32 +76,32 @@
    72.4  
    72.5  definition sqrt :: "nat \<Rightarrow> nat"
    72.6  where
    72.7 -  "sqrt n = Max {m. m\<twosuperior> \<le> n}"
    72.8 +  "sqrt n = Max {m. m\<^sup>2 \<le> n}"
    72.9  
   72.10  lemma sqrt_aux:
   72.11    fixes n :: nat
   72.12 -  shows "finite {m. m\<twosuperior> \<le> n}" and "{m. m\<twosuperior> \<le> n} \<noteq> {}"
   72.13 +  shows "finite {m. m\<^sup>2 \<le> n}" and "{m. m\<^sup>2 \<le> n} \<noteq> {}"
   72.14  proof -
   72.15    { fix m
   72.16 -    assume "m\<twosuperior> \<le> n"
   72.17 +    assume "m\<^sup>2 \<le> n"
   72.18      then have "m \<le> n"
   72.19        by (cases m) (simp_all add: power2_eq_square)
   72.20    } note ** = this
   72.21 -  then have "{m. m\<twosuperior> \<le> n} \<subseteq> {m. m \<le> n}" by auto
   72.22 -  then show "finite {m. m\<twosuperior> \<le> n}" by (rule finite_subset) rule
   72.23 -  have "0\<twosuperior> \<le> n" by simp
   72.24 -  then show *: "{m. m\<twosuperior> \<le> n} \<noteq> {}" by blast
   72.25 +  then have "{m. m\<^sup>2 \<le> n} \<subseteq> {m. m \<le> n}" by auto
   72.26 +  then show "finite {m. m\<^sup>2 \<le> n}" by (rule finite_subset) rule
   72.27 +  have "0\<^sup>2 \<le> n" by simp
   72.28 +  then show *: "{m. m\<^sup>2 \<le> n} \<noteq> {}" by blast
   72.29  qed
   72.30  
   72.31  lemma [code]:
   72.32 -  "sqrt n = Max (Set.filter (\<lambda>m. m\<twosuperior> \<le> n) {0..n})"
   72.33 +  "sqrt n = Max (Set.filter (\<lambda>m. m\<^sup>2 \<le> n) {0..n})"
   72.34  proof -
   72.35 -  from power2_nat_le_imp_le [of _ n] have "{m. m \<le> n \<and> m\<twosuperior> \<le> n} = {m. m\<twosuperior> \<le> n}" by auto
   72.36 +  from power2_nat_le_imp_le [of _ n] have "{m. m \<le> n \<and> m\<^sup>2 \<le> n} = {m. m\<^sup>2 \<le> n}" by auto
   72.37    then show ?thesis by (simp add: sqrt_def Set.filter_def)
   72.38  qed
   72.39  
   72.40  lemma sqrt_inverse_power2 [simp]:
   72.41 -  "sqrt (n\<twosuperior>) = n"
   72.42 +  "sqrt (n\<^sup>2) = n"
   72.43  proof -
   72.44    have "{m. m \<le> n} \<noteq> {}" by auto
   72.45    then have "Max {m. m \<le> n} \<le> n" by auto
   72.46 @@ -121,30 +121,30 @@
   72.47  lemma sqrt_greater_zero_iff [simp]:
   72.48    "sqrt n > 0 \<longleftrightarrow> n > 0"
   72.49  proof -
   72.50 -  have *: "0 < Max {m. m\<twosuperior> \<le> n} \<longleftrightarrow> (\<exists>a\<in>{m. m\<twosuperior> \<le> n}. 0 < a)"
   72.51 +  have *: "0 < Max {m. m\<^sup>2 \<le> n} \<longleftrightarrow> (\<exists>a\<in>{m. m\<^sup>2 \<le> n}. 0 < a)"
   72.52      by (rule Max_gr_iff) (fact sqrt_aux)+
   72.53    show ?thesis
   72.54    proof
   72.55      assume "0 < sqrt n"
   72.56 -    then have "0 < Max {m. m\<twosuperior> \<le> n}" by (simp add: sqrt_def)
   72.57 +    then have "0 < Max {m. m\<^sup>2 \<le> n}" by (simp add: sqrt_def)
   72.58      with * show "0 < n" by (auto dest: power2_nat_le_imp_le)
   72.59    next
   72.60      assume "0 < n"
   72.61 -    then have "1\<twosuperior> \<le> n \<and> 0 < (1::nat)" by simp
   72.62 -    then have "\<exists>q. q\<twosuperior> \<le> n \<and> 0 < q" ..
   72.63 -    with * have "0 < Max {m. m\<twosuperior> \<le> n}" by blast
   72.64 +    then have "1\<^sup>2 \<le> n \<and> 0 < (1::nat)" by simp
   72.65 +    then have "\<exists>q. q\<^sup>2 \<le> n \<and> 0 < q" ..
   72.66 +    with * have "0 < Max {m. m\<^sup>2 \<le> n}" by blast
   72.67      then show "0 < sqrt n" by  (simp add: sqrt_def)
   72.68    qed
   72.69  qed
   72.70  
   72.71  lemma sqrt_power2_le [simp]: (* FIXME tune proof *)
   72.72 -  "(sqrt n)\<twosuperior> \<le> n"
   72.73 +  "(sqrt n)\<^sup>2 \<le> n"
   72.74  proof (cases "n > 0")
   72.75    case False then show ?thesis by (simp add: sqrt_def)
   72.76  next
   72.77    case True then have "sqrt n > 0" by simp
   72.78 -  then have "mono (times (Max {m. m\<twosuperior> \<le> n}))" by (auto intro: mono_times_nat simp add: sqrt_def)
   72.79 -  then have *: "Max {m. m\<twosuperior> \<le> n} * Max {m. m\<twosuperior> \<le> n} = Max (times (Max {m. m\<twosuperior> \<le> n}) ` {m. m\<twosuperior> \<le> n})"
   72.80 +  then have "mono (times (Max {m. m\<^sup>2 \<le> n}))" by (auto intro: mono_times_nat simp add: sqrt_def)
   72.81 +  then have *: "Max {m. m\<^sup>2 \<le> n} * Max {m. m\<^sup>2 \<le> n} = Max (times (Max {m. m\<^sup>2 \<le> n}) ` {m. m\<^sup>2 \<le> n})"
   72.82      using sqrt_aux [of n] by (rule mono_Max_commute)
   72.83    have "Max (op * (Max {m. m * m \<le> n}) ` {m. m * m \<le> n}) \<le> n"
   72.84      apply (subst Max_le_iff)
    73.1 --- a/src/HOL/Library/FuncSet.thy	Tue Aug 13 16:53:23 2013 +0200
    73.2 +++ b/src/HOL/Library/FuncSet.thy	Tue Aug 13 17:45:22 2013 +0200
    73.3 @@ -342,21 +342,21 @@
    73.4  definition PiE :: "'a set \<Rightarrow> ('a \<Rightarrow> 'b set) \<Rightarrow> ('a \<Rightarrow> 'b) set" where
    73.5    "PiE S T = Pi S T \<inter> extensional S"
    73.6  
    73.7 -abbreviation "Pi\<^isub>E A B \<equiv> PiE A B"
    73.8 +abbreviation "Pi\<^sub>E A B \<equiv> PiE A B"
    73.9  
   73.10  syntax "_PiE"  :: "[pttrn, 'a set, 'b set] => ('a => 'b) set"  ("(3PIE _:_./ _)" 10)
   73.11  
   73.12 -syntax (xsymbols) "_PiE" :: "[pttrn, 'a set, 'b set] => ('a => 'b) set"  ("(3\<Pi>\<^isub>E _\<in>_./ _)" 10)
   73.13 +syntax (xsymbols) "_PiE" :: "[pttrn, 'a set, 'b set] => ('a => 'b) set"  ("(3\<Pi>\<^sub>E _\<in>_./ _)" 10)
   73.14  
   73.15 -syntax (HTML output) "_PiE" :: "[pttrn, 'a set, 'b set] => ('a => 'b) set"  ("(3\<Pi>\<^isub>E _\<in>_./ _)" 10)
   73.16 +syntax (HTML output) "_PiE" :: "[pttrn, 'a set, 'b set] => ('a => 'b) set"  ("(3\<Pi>\<^sub>E _\<in>_./ _)" 10)
   73.17  
   73.18 -translations "PIE x:A. B" == "CONST Pi\<^isub>E A (%x. B)"
   73.19 +translations "PIE x:A. B" == "CONST Pi\<^sub>E A (%x. B)"
   73.20  
   73.21 -abbreviation extensional_funcset :: "'a set \<Rightarrow> 'b set \<Rightarrow> ('a \<Rightarrow> 'b) set" (infixr "->\<^isub>E" 60) where
   73.22 -  "A ->\<^isub>E B \<equiv> (\<Pi>\<^isub>E i\<in>A. B)"
   73.23 +abbreviation extensional_funcset :: "'a set \<Rightarrow> 'b set \<Rightarrow> ('a \<Rightarrow> 'b) set" (infixr "->\<^sub>E" 60) where
   73.24 +  "A ->\<^sub>E B \<equiv> (\<Pi>\<^sub>E i\<in>A. B)"
   73.25  
   73.26  notation (xsymbols)
   73.27 -  extensional_funcset  (infixr "\<rightarrow>\<^isub>E" 60)
   73.28 +  extensional_funcset  (infixr "\<rightarrow>\<^sub>E" 60)
   73.29  
   73.30  lemma extensional_funcset_def: "extensional_funcset S T = (S -> T) \<inter> extensional S"
   73.31    by (simp add: PiE_def)
   73.32 @@ -368,16 +368,16 @@
   73.33    unfolding PiE_def by auto
   73.34  
   73.35  lemma PiE_eq_empty_iff:
   73.36 -  "Pi\<^isub>E I F = {} \<longleftrightarrow> (\<exists>i\<in>I. F i = {})"
   73.37 +  "Pi\<^sub>E I F = {} \<longleftrightarrow> (\<exists>i\<in>I. F i = {})"
   73.38  proof
   73.39 -  assume "Pi\<^isub>E I F = {}"
   73.40 +  assume "Pi\<^sub>E I F = {}"
   73.41    show "\<exists>i\<in>I. F i = {}"
   73.42    proof (rule ccontr)
   73.43      assume "\<not> ?thesis"
   73.44      then have "\<forall>i. \<exists>y. (i \<in> I \<longrightarrow> y \<in> F i) \<and> (i \<notin> I \<longrightarrow> y = undefined)" by auto
   73.45      from choice[OF this] guess f ..
   73.46 -    then have "f \<in> Pi\<^isub>E I F" by (auto simp: extensional_def PiE_def)
   73.47 -    with `Pi\<^isub>E I F = {}` show False by auto
   73.48 +    then have "f \<in> Pi\<^sub>E I F" by (auto simp: extensional_def PiE_def)
   73.49 +    with `Pi\<^sub>E I F = {}` show False by auto
   73.50    qed
   73.51  qed (auto simp: PiE_def)
   73.52  
   73.53 @@ -405,11 +405,11 @@
   73.54    then show ?thesis using assms by (auto intro: PiE_fun_upd)
   73.55  qed
   73.56  
   73.57 -lemma PiE_Int: "(Pi\<^isub>E I A) \<inter> (Pi\<^isub>E I B) = Pi\<^isub>E I (\<lambda>x. A x \<inter> B x)"
   73.58 +lemma PiE_Int: "(Pi\<^sub>E I A) \<inter> (Pi\<^sub>E I B) = Pi\<^sub>E I (\<lambda>x. A x \<inter> B x)"
   73.59    by (auto simp: PiE_def)
   73.60  
   73.61  lemma PiE_cong:
   73.62 -  "(\<And>i. i\<in>I \<Longrightarrow> A i = B i) \<Longrightarrow> Pi\<^isub>E I A = Pi\<^isub>E I B"
   73.63 +  "(\<And>i. i\<in>I \<Longrightarrow> A i = B i) \<Longrightarrow> Pi\<^sub>E I A = Pi\<^sub>E I B"
   73.64    unfolding PiE_def by (auto simp: Pi_cong)
   73.65  
   73.66  lemma PiE_E [elim]:
   73.67 @@ -433,22 +433,22 @@
   73.68  
   73.69  lemma PiE_eq_subset:
   73.70    assumes ne: "\<And>i. i \<in> I \<Longrightarrow> F i \<noteq> {}" "\<And>i. i \<in> I \<Longrightarrow> F' i \<noteq> {}"
   73.71 -  assumes eq: "Pi\<^isub>E I F = Pi\<^isub>E I F'" and "i \<in> I"
   73.72 +  assumes eq: "Pi\<^sub>E I F = Pi\<^sub>E I F'" and "i \<in> I"
   73.73    shows "F i \<subseteq> F' i"
   73.74  proof
   73.75    fix x assume "x \<in> F i"
   73.76    with ne have "\<forall>j. \<exists>y. ((j \<in> I \<longrightarrow> y \<in> F j \<and> (i = j \<longrightarrow> x = y)) \<and> (j \<notin> I \<longrightarrow> y = undefined))" by auto
   73.77    from choice[OF this] guess f .. note f = this
   73.78 -  then have "f \<in> Pi\<^isub>E I F" by (auto simp: extensional_def PiE_def)
   73.79 -  then have "f \<in> Pi\<^isub>E I F'" using assms by simp
   73.80 +  then have "f \<in> Pi\<^sub>E I F" by (auto simp: extensional_def PiE_def)
   73.81 +  then have "f \<in> Pi\<^sub>E I F'" using assms by simp
   73.82    then show "x \<in> F' i" using f `i \<in> I` by (auto simp: PiE_def)
   73.83  qed
   73.84  
   73.85  lemma PiE_eq_iff_not_empty:
   73.86    assumes ne: "\<And>i. i \<in> I \<Longrightarrow> F i \<noteq> {}" "\<And>i. i \<in> I \<Longrightarrow> F' i \<noteq> {}"
   73.87 -  shows "Pi\<^isub>E I F = Pi\<^isub>E I F' \<longleftrightarrow> (\<forall>i\<in>I. F i = F' i)"
   73.88 +  shows "Pi\<^sub>E I F = Pi\<^sub>E I F' \<longleftrightarrow> (\<forall>i\<in>I. F i = F' i)"
   73.89  proof (intro iffI ballI)
   73.90 -  fix i assume eq: "Pi\<^isub>E I F = Pi\<^isub>E I F'" and i: "i \<in> I"
   73.91 +  fix i assume eq: "Pi\<^sub>E I F = Pi\<^sub>E I F'" and i: "i \<in> I"
   73.92    show "F i = F' i"
   73.93      using PiE_eq_subset[of I F F', OF ne eq i]
   73.94      using PiE_eq_subset[of I F' F, OF ne(2,1) eq[symmetric] i]
   73.95 @@ -456,21 +456,21 @@
   73.96  qed (auto simp: PiE_def)
   73.97  
   73.98  lemma PiE_eq_iff:
   73.99 -  "Pi\<^isub>E I F = Pi\<^isub>E I F' \<longleftrightarrow> (\<forall>i\<in>I. F i = F' i) \<or> ((\<exists>i\<in>I. F i = {}) \<and> (\<exists>i\<in>I. F' i = {}))"
  73.100 +  "Pi\<^sub>E I F = Pi\<^sub>E I F' \<longleftrightarrow> (\<forall>i\<in>I. F i = F' i) \<or> ((\<exists>i\<in>I. F i = {}) \<and> (\<exists>i\<in>I. F' i = {}))"
  73.101  proof (intro iffI disjCI)
  73.102 -  assume eq[simp]: "Pi\<^isub>E I F = Pi\<^isub>E I F'"
  73.103 +  assume eq[simp]: "Pi\<^sub>E I F = Pi\<^sub>E I F'"
  73.104    assume "\<not> ((\<exists>i\<in>I. F i = {}) \<and> (\<exists>i\<in>I. F' i = {}))"
  73.105    then have "(\<forall>i\<in>I. F i \<noteq> {}) \<and> (\<forall>i\<in>I. F' i \<noteq> {})"
  73.106      using PiE_eq_empty_iff[of I F] PiE_eq_empty_iff[of I F'] by auto
  73.107    with PiE_eq_iff_not_empty[of I F F'] show "\<forall>i\<in>I. F i = F' i" by auto
  73.108  next
  73.109    assume "(\<forall>i\<in>I. F i = F' i) \<or> (\<exists>i\<in>I. F i = {}) \<and> (\<exists>i\<in>I. F' i = {})"
  73.110 -  then show "Pi\<^isub>E I F = Pi\<^isub>E I F'"
  73.111 +  then show "Pi\<^sub>E I F = Pi\<^sub>E I F'"
  73.112      using PiE_eq_empty_iff[of I F] PiE_eq_empty_iff[of I F'] by (auto simp: PiE_def)
  73.113  qed
  73.114  
  73.115  lemma extensional_funcset_fun_upd_restricts_rangeI: 
  73.116 -  "\<forall>y \<in> S. f x \<noteq> f y \<Longrightarrow> f : (insert x S) \<rightarrow>\<^isub>E T ==> f(x := undefined) : S \<rightarrow>\<^isub>E (T - {f x})"
  73.117 +  "\<forall>y \<in> S. f x \<noteq> f y \<Longrightarrow> f : (insert x S) \<rightarrow>\<^sub>E T ==> f(x := undefined) : S \<rightarrow>\<^sub>E (T - {f x})"
  73.118    unfolding extensional_funcset_def extensional_def
  73.119    apply auto
  73.120    apply (case_tac "x = xa")
  73.121 @@ -478,21 +478,21 @@
  73.122    done
  73.123  
  73.124  lemma extensional_funcset_fun_upd_extends_rangeI:
  73.125 -  assumes "a \<in> T" "f \<in> S \<rightarrow>\<^isub>E (T - {a})"
  73.126 -  shows "f(x := a) \<in> (insert x S) \<rightarrow>\<^isub>E  T"
  73.127 +  assumes "a \<in> T" "f \<in> S \<rightarrow>\<^sub>E (T - {a})"
  73.128 +  shows "f(x := a) \<in> (insert x S) \<rightarrow>\<^sub>E  T"
  73.129    using assms unfolding extensional_funcset_def extensional_def by auto
  73.130  
  73.131  subsubsection {* Injective Extensional Function Spaces *}
  73.132  
  73.133  lemma extensional_funcset_fun_upd_inj_onI:
  73.134 -  assumes "f \<in> S \<rightarrow>\<^isub>E (T - {a})" "inj_on f S"
  73.135 +  assumes "f \<in> S \<rightarrow>\<^sub>E (T - {a})" "inj_on f S"
  73.136    shows "inj_on (f(x := a)) S"
  73.137    using assms unfolding extensional_funcset_def by (auto intro!: inj_on_fun_updI)
  73.138  
  73.139  lemma extensional_funcset_extend_domain_inj_on_eq:
  73.140    assumes "x \<notin> S"
  73.141 -  shows"{f. f \<in> (insert x S) \<rightarrow>\<^isub>E T \<and> inj_on f (insert x S)} =
  73.142 -    (%(y, g). g(x:=y)) ` {(y, g). y \<in> T \<and> g \<in> S \<rightarrow>\<^isub>E (T - {y}) \<and> inj_on g S}"
  73.143 +  shows"{f. f \<in> (insert x S) \<rightarrow>\<^sub>E T \<and> inj_on f (insert x S)} =
  73.144 +    (%(y, g). g(x:=y)) ` {(y, g). y \<in> T \<and> g \<in> S \<rightarrow>\<^sub>E (T - {y}) \<and> inj_on g S}"
  73.145  proof -
  73.146    from assms show ?thesis
  73.147      apply (auto del: PiE_I PiE_E)
  73.148 @@ -508,7 +508,7 @@
  73.149  
  73.150  lemma extensional_funcset_extend_domain_inj_onI:
  73.151    assumes "x \<notin> S"
  73.152 -  shows "inj_on (\<lambda>(y, g). g(x := y)) {(y, g). y \<in> T \<and> g \<in> S \<rightarrow>\<^isub>E (T - {y}) \<and> inj_on g S}"
  73.153 +  shows "inj_on (\<lambda>(y, g). g(x := y)) {(y, g). y \<in> T \<and> g \<in> S \<rightarrow>\<^sub>E (T - {y}) \<and> inj_on g S}"
  73.154  proof -
  73.155    from assms show ?thesis
  73.156      apply (auto intro!: inj_onI)
  73.157 @@ -522,9 +522,9 @@
  73.158  lemma finite_PiE: "finite S \<Longrightarrow> (\<And>i. i \<in> S \<Longrightarrow> finite (T i)) \<Longrightarrow> finite (PIE i : S. T i)"
  73.159    by (induct S arbitrary: T rule: finite_induct) (simp_all add: PiE_insert_eq)
  73.160  
  73.161 -lemma inj_combinator: "x \<notin> S \<Longrightarrow> inj_on (\<lambda>(y, g). g(x := y)) (T x \<times> Pi\<^isub>E S T)"
  73.162 +lemma inj_combinator: "x \<notin> S \<Longrightarrow> inj_on (\<lambda>(y, g). g(x := y)) (T x \<times> Pi\<^sub>E S T)"
  73.163  proof (safe intro!: inj_onI ext)
  73.164 -  fix f y g z assume "x \<notin> S" and fg: "f \<in> Pi\<^isub>E S T" "g \<in> Pi\<^isub>E S T"
  73.165 +  fix f y g z assume "x \<notin> S" and fg: "f \<in> Pi\<^sub>E S T" "g \<in> Pi\<^sub>E S T"
  73.166    assume "f(x := y) = g(x := z)"
  73.167    then have *: "\<And>i. (f(x := y)) i = (g(x := z)) i"
  73.168      unfolding fun_eq_iff by auto
    74.1 --- a/src/HOL/Library/Function_Growth.thy	Tue Aug 13 16:53:23 2013 +0200
    74.2 +++ b/src/HOL/Library/Function_Growth.thy	Tue Aug 13 17:45:22 2013 +0200
    74.3 @@ -73,35 +73,35 @@
    74.4  definition equiv_fun :: "(nat \<Rightarrow> nat) \<Rightarrow> (nat \<Rightarrow> nat) \<Rightarrow> bool" (infix "\<cong>" 50)
    74.5  where
    74.6    "f \<cong> g \<longleftrightarrow>
    74.7 -    (\<exists>c\<^isub>1>0. \<exists>c\<^isub>2>0. \<exists>n. \<forall>m>n. f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m)"
    74.8 +    (\<exists>c\<^sub>1>0. \<exists>c\<^sub>2>0. \<exists>n. \<forall>m>n. f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m)"
    74.9  
   74.10  text {*
   74.11 -  This yields @{text "f \<cong> g \<longleftrightarrow> f \<in> \<Theta>(g)"}.  Concerning @{text "c\<^isub>1"} and @{text "c\<^isub>2"}
   74.12 +  This yields @{text "f \<cong> g \<longleftrightarrow> f \<in> \<Theta>(g)"}.  Concerning @{text "c\<^sub>1"} and @{text "c\<^sub>2"}
   74.13    restricted to @{typ nat}, see note above on @{text "(\<lesssim>)"}.
   74.14  *}
   74.15  
   74.16  lemma equiv_funI [intro?]:
   74.17 -  assumes "\<exists>c\<^isub>1>0. \<exists>c\<^isub>2>0. \<exists>n. \<forall>m>n. f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m"
   74.18 +  assumes "\<exists>c\<^sub>1>0. \<exists>c\<^sub>2>0. \<exists>n. \<forall>m>n. f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m"
   74.19    shows "f \<cong> g"
   74.20    unfolding equiv_fun_def by (rule assms)
   74.21  
   74.22  lemma not_equiv_funI:
   74.23 -  assumes "\<And>c\<^isub>1 c\<^isub>2 n. c\<^isub>1 > 0 \<Longrightarrow> c\<^isub>2 > 0 \<Longrightarrow>
   74.24 -    \<exists>m>n. c\<^isub>1 * f m < g m \<or> c\<^isub>2 * g m < f m"
   74.25 +  assumes "\<And>c\<^sub>1 c\<^sub>2 n. c\<^sub>1 > 0 \<Longrightarrow> c\<^sub>2 > 0 \<Longrightarrow>
   74.26 +    \<exists>m>n. c\<^sub>1 * f m < g m \<or> c\<^sub>2 * g m < f m"
   74.27    shows "\<not> f \<cong> g"
   74.28    using assms unfolding equiv_fun_def linorder_not_le [symmetric] by blast
   74.29  
   74.30  lemma equiv_funE [elim?]:
   74.31    assumes "f \<cong> g"
   74.32 -  obtains n c\<^isub>1 c\<^isub>2 where "c\<^isub>1 > 0" and "c\<^isub>2 > 0"
   74.33 -    and "\<And>m. m > n \<Longrightarrow> f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m"
   74.34 +  obtains n c\<^sub>1 c\<^sub>2 where "c\<^sub>1 > 0" and "c\<^sub>2 > 0"
   74.35 +    and "\<And>m. m > n \<Longrightarrow> f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m"
   74.36    using assms unfolding equiv_fun_def by blast
   74.37  
   74.38  lemma not_equiv_funE:
   74.39 -  fixes n c\<^isub>1 c\<^isub>2
   74.40 -  assumes "\<not> f \<cong> g" and "c\<^isub>1 > 0" and "c\<^isub>2 > 0"
   74.41 +  fixes n c\<^sub>1 c\<^sub>2
   74.42 +  assumes "\<not> f \<cong> g" and "c\<^sub>1 > 0" and "c\<^sub>2 > 0"
   74.43    obtains m where "m > n"
   74.44 -    and "c\<^isub>1 * f m < g m \<or> c\<^isub>2 * g m < f m"
   74.45 +    and "c\<^sub>1 * f m < g m \<or> c\<^sub>2 * g m < f m"
   74.46    using assms unfolding equiv_fun_def linorder_not_le [symmetric] by blast
   74.47  
   74.48  
   74.49 @@ -207,23 +207,23 @@
   74.50      assume "f \<lesssim> g" and "g \<lesssim> h"
   74.51      show "f \<lesssim> h"
   74.52      proof
   74.53 -      from `f \<lesssim> g` obtain n\<^isub>1 c\<^isub>1
   74.54 -        where "c\<^isub>1 > 0" and P\<^isub>1: "\<And>m. m > n\<^isub>1 \<Longrightarrow> f m \<le> c\<^isub>1 * g m"
   74.55 +      from `f \<lesssim> g` obtain n\<^sub>1 c\<^sub>1
   74.56 +        where "c\<^sub>1 > 0" and P\<^sub>1: "\<And>m. m > n\<^sub>1 \<Longrightarrow> f m \<le> c\<^sub>1 * g m"
   74.57          by rule blast
   74.58 -      from `g \<lesssim> h` obtain n\<^isub>2 c\<^isub>2
   74.59 -        where "c\<^isub>2 > 0" and P\<^isub>2: "\<And>m. m > n\<^isub>2 \<Longrightarrow> g m \<le> c\<^isub>2 * h m"
   74.60 +      from `g \<lesssim> h` obtain n\<^sub>2 c\<^sub>2
   74.61 +        where "c\<^sub>2 > 0" and P\<^sub>2: "\<And>m. m > n\<^sub>2 \<Longrightarrow> g m \<le> c\<^sub>2 * h m"
   74.62          by rule blast
   74.63 -      have "\<forall>m>max n\<^isub>1 n\<^isub>2. f m \<le> (c\<^isub>1 * c\<^isub>2) * h m"
   74.64 +      have "\<forall>m>max n\<^sub>1 n\<^sub>2. f m \<le> (c\<^sub>1 * c\<^sub>2) * h m"
   74.65        proof (rule allI, rule impI)
   74.66          fix m
   74.67 -        assume Q: "m > max n\<^isub>1 n\<^isub>2"
   74.68 -        from P\<^isub>1 Q have *: "f m \<le> c\<^isub>1 * g m" by simp
   74.69 -        from P\<^isub>2 Q have "g m \<le> c\<^isub>2 * h m" by simp
   74.70 -        with `c\<^isub>1 > 0` have "c\<^isub>1 * g m \<le> (c\<^isub>1 * c\<^isub>2) * h m" by simp
   74.71 -        with * show "f m \<le> (c\<^isub>1 * c\<^isub>2) * h m" by (rule order_trans)
   74.72 +        assume Q: "m > max n\<^sub>1 n\<^sub>2"
   74.73 +        from P\<^sub>1 Q have *: "f m \<le> c\<^sub>1 * g m" by simp
   74.74 +        from P\<^sub>2 Q have "g m \<le> c\<^sub>2 * h m" by simp
   74.75 +        with `c\<^sub>1 > 0` have "c\<^sub>1 * g m \<le> (c\<^sub>1 * c\<^sub>2) * h m" by simp
   74.76 +        with * show "f m \<le> (c\<^sub>1 * c\<^sub>2) * h m" by (rule order_trans)
   74.77        qed
   74.78 -      then have "\<exists>n. \<forall>m>n. f m \<le> (c\<^isub>1 * c\<^isub>2) * h m" by rule
   74.79 -      moreover from `c\<^isub>1 > 0` `c\<^isub>2 > 0` have "c\<^isub>1 * c\<^isub>2 > 0" by (rule mult_pos_pos)
   74.80 +      then have "\<exists>n. \<forall>m>n. f m \<le> (c\<^sub>1 * c\<^sub>2) * h m" by rule
   74.81 +      moreover from `c\<^sub>1 > 0` `c\<^sub>2 > 0` have "c\<^sub>1 * c\<^sub>2 > 0" by (rule mult_pos_pos)
   74.82        ultimately show "\<exists>c>0. \<exists>n. \<forall>m>n. f m \<le> c * h m" by blast
   74.83      qed
   74.84    qed
   74.85 @@ -234,43 +234,43 @@
   74.86      show "f \<lesssim> g \<and> g \<lesssim> f \<longleftrightarrow> f \<cong> g"
   74.87      proof
   74.88        assume "f \<cong> g"
   74.89 -      then obtain n c\<^isub>1 c\<^isub>2 where "c\<^isub>1 > 0" and "c\<^isub>2 > 0"
   74.90 -        and *: "\<And>m. m > n \<Longrightarrow> f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m"
   74.91 +      then obtain n c\<^sub>1 c\<^sub>2 where "c\<^sub>1 > 0" and "c\<^sub>2 > 0"
   74.92 +        and *: "\<And>m. m > n \<Longrightarrow> f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m"
   74.93          by rule blast
   74.94 -      have "\<forall>m>n. f m \<le> c\<^isub>1 * g m"
   74.95 +      have "\<forall>m>n. f m \<le> c\<^sub>1 * g m"
   74.96        proof (rule allI, rule impI)
   74.97          fix m
   74.98          assume "m > n"
   74.99 -        with * show "f m \<le> c\<^isub>1 * g m" by simp
  74.100 +        with * show "f m \<le> c\<^sub>1 * g m" by simp
  74.101        qed
  74.102 -      with `c\<^isub>1 > 0` have "\<exists>c>0. \<exists>n. \<forall>m>n. f m \<le> c * g m" by blast
  74.103 +      with `c\<^sub>1 > 0` have "\<exists>c>0. \<exists>n. \<forall>m>n. f m \<le> c * g m" by blast
  74.104        then have "f \<lesssim> g" ..
  74.105 -      have "\<forall>m>n. g m \<le> c\<^isub>2 * f m"
  74.106 +      have "\<forall>m>n. g m \<le> c\<^sub>2 * f m"
  74.107        proof (rule allI, rule impI)
  74.108          fix m
  74.109          assume "m > n"
  74.110 -        with * show "g m \<le> c\<^isub>2 * f m" by simp
  74.111 +        with * show "g m \<le> c\<^sub>2 * f m" by simp
  74.112        qed
  74.113 -      with `c\<^isub>2 > 0` have "\<exists>c>0. \<exists>n. \<forall>m>n. g m \<le> c * f m" by blast
  74.114 +      with `c\<^sub>2 > 0` have "\<exists>c>0. \<exists>n. \<forall>m>n. g m \<le> c * f m" by blast
  74.115        then have "g \<lesssim> f" ..
  74.116        from `f \<lesssim> g` and `g \<lesssim> f` show "f \<lesssim> g \<and> g \<lesssim> f" ..
  74.117      next
  74.118        assume "f \<lesssim> g \<and> g \<lesssim> f"
  74.119        then have "f \<lesssim> g" and "g \<lesssim> f" by auto
  74.120 -      from `f \<lesssim> g` obtain n\<^isub>1 c\<^isub>1 where "c\<^isub>1 > 0"
  74.121 -        and P\<^isub>1: "\<And>m. m > n\<^isub>1 \<Longrightarrow> f m \<le> c\<^isub>1 * g m" by rule blast
  74.122 -      from `g \<lesssim> f` obtain n\<^isub>2 c\<^isub>2 where "c\<^isub>2 > 0"
  74.123 -        and P\<^isub>2: "\<And>m. m > n\<^isub>2 \<Longrightarrow> g m \<le> c\<^isub>2 * f m" by rule blast
  74.124 -      have "\<forall>m>max n\<^isub>1 n\<^isub>2. f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m"
  74.125 +      from `f \<lesssim> g` obtain n\<^sub>1 c\<^sub>1 where "c\<^sub>1 > 0"
  74.126 +        and P\<^sub>1: "\<And>m. m > n\<^sub>1 \<Longrightarrow> f m \<le> c\<^sub>1 * g m" by rule blast
  74.127 +      from `g \<lesssim> f` obtain n\<^sub>2 c\<^sub>2 where "c\<^sub>2 > 0"
  74.128 +        and P\<^sub>2: "\<And>m. m > n\<^sub>2 \<Longrightarrow> g m \<le> c\<^sub>2 * f m" by rule blast
  74.129 +      have "\<forall>m>max n\<^sub>1 n\<^sub>2. f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m"
  74.130        proof (rule allI, rule impI)
  74.131          fix m
  74.132 -        assume Q: "m > max n\<^isub>1 n\<^isub>2"
  74.133 -        from P\<^isub>1 Q have "f m \<le> c\<^isub>1 * g m" by simp
  74.134 -        moreover from P\<^isub>2 Q have "g m \<le> c\<^isub>2 * f m" by simp
  74.135 -        ultimately show "f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m" ..
  74.136 +        assume Q: "m > max n\<^sub>1 n\<^sub>2"
  74.137 +        from P\<^sub>1 Q have "f m \<le> c\<^sub>1 * g m" by simp
  74.138 +        moreover from P\<^sub>2 Q have "g m \<le> c\<^sub>2 * f m" by simp
  74.139 +        ultimately show "f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m" ..
  74.140        qed
  74.141 -      with `c\<^isub>1 > 0` `c\<^isub>2 > 0` have "\<exists>c\<^isub>1>0. \<exists>c\<^isub>2>0. \<exists>n.
  74.142 -        \<forall>m>n. f m \<le> c\<^isub>1 * g m \<and> g m \<le> c\<^isub>2 * f m" by blast
  74.143 +      with `c\<^sub>1 > 0` `c\<^sub>2 > 0` have "\<exists>c\<^sub>1>0. \<exists>c\<^sub>2>0. \<exists>n.
  74.144 +        \<forall>m>n. f m \<le> c\<^sub>1 * g m \<and> g m \<le> c\<^sub>2 * f m" by blast
  74.145        then show "f \<cong> g" ..
  74.146      qed
  74.147    qed
  74.148 @@ -318,15 +318,15 @@
  74.149  proof (rule less_fun_strongI)
  74.150    fix c :: nat
  74.151    assume "0 < c"
  74.152 -  have "\<forall>m>(Suc c)\<twosuperior>. c * Discrete.sqrt m < id m"
  74.153 +  have "\<forall>m>(Suc c)\<^sup>2. c * Discrete.sqrt m < id m"
  74.154    proof (rule allI, rule impI)
  74.155      fix m
  74.156 -    assume "(Suc c)\<twosuperior> < m"
  74.157 -    then have "(Suc c)\<twosuperior> \<le> m" by simp
  74.158 -    with mono_sqrt have "Discrete.sqrt ((Suc c)\<twosuperior>) \<le> Discrete.sqrt m" by (rule monoE)
  74.159 +    assume "(Suc c)\<^sup>2 < m"
  74.160 +    then have "(Suc c)\<^sup>2 \<le> m" by simp
  74.161 +    with mono_sqrt have "Discrete.sqrt ((Suc c)\<^sup>2) \<le> Discrete.sqrt m" by (rule monoE)
  74.162      then have "Suc c \<le> Discrete.sqrt m" by simp
  74.163      then have "c < Discrete.sqrt m" by simp
  74.164 -    moreover from `(Suc c)\<twosuperior> < m` have "Discrete.sqrt m > 0" by simp
  74.165 +    moreover from `(Suc c)\<^sup>2 < m` have "Discrete.sqrt m > 0" by simp
  74.166      ultimately have "c * Discrete.sqrt m < Discrete.sqrt m * Discrete.sqrt m" by simp
  74.167      also have "\<dots> \<le> m" by (simp add: power2_eq_square [symmetric])
  74.168      finally show "c * Discrete.sqrt m < id m" by simp
  74.169 @@ -334,7 +334,7 @@
  74.170    then show "\<exists>n. \<forall>m>n. c * Discrete.sqrt m < id m" ..
  74.171  qed
  74.172  
  74.173 -lemma "id \<prec> (\<lambda>n. n\<twosuperior>)"
  74.174 +lemma "id \<prec> (\<lambda>n. n\<^sup>2)"
  74.175    by (rule less_fun_strongI) (auto simp add: power2_eq_square)
  74.176  
  74.177  lemma "(\<lambda>n. n ^ k) \<prec> (\<lambda>n. n ^ Suc k)"
    75.1 --- a/src/HOL/Library/Inner_Product.thy	Tue Aug 13 16:53:23 2013 +0200
    75.2 +++ b/src/HOL/Library/Inner_Product.thy	Tue Aug 13 17:45:22 2013 +0200
    75.3 @@ -78,11 +78,11 @@
    75.4  lemma inner_gt_zero_iff [simp]: "0 < inner x x \<longleftrightarrow> x \<noteq> 0"
    75.5    by (simp add: order_less_le)
    75.6  
    75.7 -lemma power2_norm_eq_inner: "(norm x)\<twosuperior> = inner x x"
    75.8 +lemma power2_norm_eq_inner: "(norm x)\<^sup>2 = inner x x"
    75.9    by (simp add: norm_eq_sqrt_inner)
   75.10  
   75.11  lemma Cauchy_Schwarz_ineq:
   75.12 -  "(inner x y)\<twosuperior> \<le> inner x x * inner y y"
   75.13 +  "(inner x y)\<^sup>2 \<le> inner x x * inner y y"
   75.14  proof (cases)
   75.15    assume "y = 0"
   75.16    thus ?thesis by simp
   75.17 @@ -93,21 +93,21 @@
   75.18      by (rule inner_ge_zero)
   75.19    also have "\<dots> = inner x x - inner y x * ?r"
   75.20      by (simp add: inner_diff)
   75.21 -  also have "\<dots> = inner x x - (inner x y)\<twosuperior> / inner y y"
   75.22 +  also have "\<dots> = inner x x - (inner x y)\<^sup>2 / inner y y"
   75.23      by (simp add: power2_eq_square inner_commute)
   75.24 -  finally have "0 \<le> inner x x - (inner x y)\<twosuperior> / inner y y" .
   75.25 -  hence "(inner x y)\<twosuperior> / inner y y \<le> inner x x"
   75.26 +  finally have "0 \<le> inner x x - (inner x y)\<^sup>2 / inner y y" .
   75.27 +  hence "(inner x y)\<^sup>2 / inner y y \<le> inner x x"
   75.28      by (simp add: le_diff_eq)
   75.29 -  thus "(inner x y)\<twosuperior> \<le> inner x x * inner y y"
   75.30 +  thus "(inner x y)\<^sup>2 \<le> inner x x * inner y y"
   75.31      by (simp add: pos_divide_le_eq y)
   75.32  qed
   75.33  
   75.34  lemma Cauchy_Schwarz_ineq2:
   75.35    "\<bar>inner x y\<bar> \<le> norm x * norm y"
   75.36  proof (rule power2_le_imp_le)
   75.37 -  have "(inner x y)\<twosuperior> \<le> inner x x * inner y y"
   75.38 +  have "(inner x y)\<^sup>2 \<le> inner x x * inner y y"
   75.39      using Cauchy_Schwarz_ineq .
   75.40 -  thus "\<bar>inner x y\<bar>\<twosuperior> \<le> (norm x * norm y)\<twosuperior>"
   75.41 +  thus "\<bar>inner x y\<bar>\<^sup>2 \<le> (norm x * norm y)\<^sup>2"
   75.42      by (simp add: power_mult_distrib power2_norm_eq_inner)
   75.43    show "0 \<le> norm x * norm y"
   75.44      unfolding norm_eq_sqrt_inner
   75.45 @@ -123,13 +123,13 @@
   75.46      proof (rule power2_le_imp_le)
   75.47        have "inner x y \<le> norm x * norm y"
   75.48          by (rule order_trans [OF abs_ge_self Cauchy_Schwarz_ineq2])
   75.49 -      thus "(norm (x + y))\<twosuperior> \<le> (norm x + norm y)\<twosuperior>"
   75.50 +      thus "(norm (x + y))\<^sup>2 \<le> (norm x + norm y)\<^sup>2"
   75.51          unfolding power2_sum power2_norm_eq_inner
   75.52          by (simp add: inner_add inner_commute)
   75.53        show "0 \<le> norm x + norm y"
   75.54          unfolding norm_eq_sqrt_inner by simp
   75.55      qed
   75.56 -  have "sqrt (a\<twosuperior> * inner x x) = \<bar>a\<bar> * sqrt (inner x x)"
   75.57 +  have "sqrt (a\<^sup>2 * inner x x) = \<bar>a\<bar> * sqrt (inner x x)"
   75.58      by (simp add: real_sqrt_mult_distrib)
   75.59    then show "norm (a *\<^sub>R x) = \<bar>a\<bar> * norm x"
   75.60      unfolding norm_eq_sqrt_inner
   75.61 @@ -324,7 +324,7 @@
   75.62  
   75.63  lemma GDERIV_inverse:
   75.64      "\<lbrakk>GDERIV f x :> df; f x \<noteq> 0\<rbrakk>
   75.65 -     \<Longrightarrow> GDERIV (\<lambda>x. inverse (f x)) x :> - (inverse (f x))\<twosuperior> *\<^sub>R df"
   75.66 +     \<Longrightarrow> GDERIV (\<lambda>x. inverse (f x)) x :> - (inverse (f x))\<^sup>2 *\<^sub>R df"
   75.67    apply (erule GDERIV_DERIV_compose)
   75.68    apply (erule DERIV_inverse [folded numeral_2_eq_2])
   75.69    done
    76.1 --- a/src/HOL/Library/Kleene_Algebra.thy	Tue Aug 13 16:53:23 2013 +0200
    76.2 +++ b/src/HOL/Library/Kleene_Algebra.thy	Tue Aug 13 17:45:22 2013 +0200
    76.3 @@ -321,10 +321,10 @@
    76.4  lemma ka25: "star y * star x \<le> star x * star y \<Longrightarrow> star (star y * star x) \<le> star x * star y"
    76.5  proof -
    76.6    assume "star y * star x \<le> star x * star y"
    76.7 -  hence "\<forall>x\<^isub>1. star y * (star x * x\<^isub>1) \<le> star x * (star y * x\<^isub>1)" by (metis mult_assoc mult_right_mono zero_minimum)
    76.8 +  hence "\<forall>x\<^sub>1. star y * (star x * x\<^sub>1) \<le> star x * (star y * x\<^sub>1)" by (metis mult_assoc mult_right_mono zero_minimum)
    76.9    hence "star y * (star x * star y) \<le> star x * star y" by (metis star_mult_idem)
   76.10 -  hence "\<exists>x\<^isub>1. star (star y * star x) * star x\<^isub>1 \<le> star x * star y" by (metis star_decomp star_idemp star_simulation_leq_2 star_slide)
   76.11 -  hence "\<exists>x\<^isub>1\<ge>star (star y * star x). x\<^isub>1 \<le> star x * star y" by (metis x_less_star)
   76.12 +  hence "\<exists>x\<^sub>1. star (star y * star x) * star x\<^sub>1 \<le> star x * star y" by (metis star_decomp star_idemp star_simulation_leq_2 star_slide)
   76.13 +  hence "\<exists>x\<^sub>1\<ge>star (star y * star x). x\<^sub>1 \<le> star x * star y" by (metis x_less_star)
   76.14    thus "star (star y * star x) \<le> star x * star y" by (metis order_trans)
   76.15  qed
   76.16  
    77.1 --- a/src/HOL/Library/Product_Lexorder.thy	Tue Aug 13 16:53:23 2013 +0200
    77.2 +++ b/src/HOL/Library/Product_Lexorder.thy	Tue Aug 13 17:45:22 2013 +0200
    77.3 @@ -94,23 +94,23 @@
    77.4      case (Pair a b)
    77.5      show "P (a, b)"
    77.6      proof (induct a arbitrary: b rule: less_induct)
    77.7 -      case (less a\<^isub>1) note a\<^isub>1 = this
    77.8 -      show "P (a\<^isub>1, b)"
    77.9 +      case (less a\<^sub>1) note a\<^sub>1 = this
   77.10 +      show "P (a\<^sub>1, b)"
   77.11        proof (induct b rule: less_induct)
   77.12 -        case (less b\<^isub>1) note b\<^isub>1 = this
   77.13 -        show "P (a\<^isub>1, b\<^isub>1)"
   77.14 +        case (less b\<^sub>1) note b\<^sub>1 = this
   77.15 +        show "P (a\<^sub>1, b\<^sub>1)"
   77.16          proof (rule P)
   77.17 -          fix p assume p: "p < (a\<^isub>1, b\<^isub>1)"
   77.18 +          fix p assume p: "p < (a\<^sub>1, b\<^sub>1)"
   77.19            show "P p"
   77.20 -          proof (cases "fst p < a\<^isub>1")
   77.21 +          proof (cases "fst p < a\<^sub>1")
   77.22              case True
   77.23 -            then have "P (fst p, snd p)" by (rule a\<^isub>1)
   77.24 +            then have "P (fst p, snd p)" by (rule a\<^sub>1)
   77.25              then show ?thesis by simp
   77.26            next
   77.27              case False
   77.28 -            with p have 1: "a\<^isub>1 = fst p" and 2: "snd p < b\<^isub>1"
   77.29 +            with p have 1: "a\<^sub>1 = fst p" and 2: "snd p < b\<^sub>1"
   77.30                by (simp_all add: less_prod_def')
   77.31 -            from 2 have "P (a\<^isub>1, snd p)" by (rule b\<^isub>1)
   77.32 +            from 2 have "P (a\<^sub>1, snd p)" by (rule b\<^sub>1)
   77.33              with 1 show ?thesis by simp
   77.34            qed
   77.35          qed
    78.1 --- a/src/HOL/Library/Product_Vector.thy	Tue Aug 13 16:53:23 2013 +0200
    78.2 +++ b/src/HOL/Library/Product_Vector.thy	Tue Aug 13 17:45:22 2013 +0200
    78.3 @@ -275,9 +275,9 @@
    78.4  begin
    78.5  
    78.6  definition dist_prod_def:
    78.7 -  "dist x y = sqrt ((dist (fst x) (fst y))\<twosuperior> + (dist (snd x) (snd y))\<twosuperior>)"
    78.8 +  "dist x y = sqrt ((dist (fst x) (fst y))\<^sup>2 + (dist (snd x) (snd y))\<^sup>2)"
    78.9  
   78.10 -lemma dist_Pair_Pair: "dist (a, b) (c, d) = sqrt ((dist a c)\<twosuperior> + (dist b d)\<twosuperior>)"
   78.11 +lemma dist_Pair_Pair: "dist (a, b) (c, d) = sqrt ((dist a c)\<^sup>2 + (dist b d)\<^sup>2)"
   78.12    unfolding dist_prod_def by simp
   78.13  
   78.14  lemma dist_fst_le: "dist (fst x) (fst y) \<le> dist x y"
   78.15 @@ -335,7 +335,7 @@
   78.16        def r \<equiv> "e / sqrt 2" and s \<equiv> "e / sqrt 2"
   78.17        from `0 < e` have "0 < r" and "0 < s"
   78.18          unfolding r_def s_def by (simp_all add: divide_pos_pos)
   78.19 -      from `0 < e` have "e = sqrt (r\<twosuperior> + s\<twosuperior>)"
   78.20 +      from `0 < e` have "e = sqrt (r\<^sup>2 + s\<^sup>2)"
   78.21          unfolding r_def s_def by (simp add: power_divide)
   78.22        def A \<equiv> "{y. dist (fst x) y < r}" and B \<equiv> "{y. dist (snd x) y < s}"
   78.23        have "open A" and "open B"
   78.24 @@ -349,7 +349,7 @@
   78.25          hence "dist a (fst x) < r" and "dist b (snd x) < s"
   78.26            unfolding A_def B_def by (simp_all add: dist_commute)
   78.27          hence "dist (a, b) x < e"
   78.28 -          unfolding dist_prod_def `e = sqrt (r\<twosuperior> + s\<twosuperior>)`
   78.29 +          unfolding dist_prod_def `e = sqrt (r\<^sup>2 + s\<^sup>2)`
   78.30            by (simp add: add_strict_mono power_strict_mono)
   78.31          thus "(a, b) \<in> S"
   78.32            by (simp add: S)
   78.33 @@ -406,12 +406,12 @@
   78.34  begin
   78.35  
   78.36  definition norm_prod_def:
   78.37 -  "norm x = sqrt ((norm (fst x))\<twosuperior> + (norm (snd x))\<twosuperior>)"
   78.38 +  "norm x = sqrt ((norm (fst x))\<^sup>2 + (norm (snd x))\<^sup>2)"
   78.39  
   78.40  definition sgn_prod_def:
   78.41    "sgn (x::'a \<times> 'b) = scaleR (inverse (norm x)) x"
   78.42  
   78.43 -lemma norm_Pair: "norm (a, b) = sqrt ((norm a)\<twosuperior> + (norm b)\<twosuperior>)"
   78.44 +lemma norm_Pair: "norm (a, b) = sqrt ((norm a)\<^sup>2 + (norm b)\<^sup>2)"
   78.45    unfolding norm_prod_def by simp
   78.46  
   78.47  instance proof
    79.1 --- a/src/HOL/Library/Sublist.thy	Tue Aug 13 16:53:23 2013 +0200
    79.2 +++ b/src/HOL/Library/Sublist.thy	Tue Aug 13 17:45:22 2013 +0200
    79.3 @@ -115,7 +115,7 @@
    79.4    by (auto simp add: prefixeq_def)
    79.5  
    79.6  lemma prefixeq_same_cases:
    79.7 -  "prefixeq (xs\<^isub>1::'a list) ys \<Longrightarrow> prefixeq xs\<^isub>2 ys \<Longrightarrow> prefixeq xs\<^isub>1 xs\<^isub>2 \<or> prefixeq xs\<^isub>2 xs\<^isub>1"
    79.8 +  "prefixeq (xs\<^sub>1::'a list) ys \<Longrightarrow> prefixeq xs\<^sub>2 ys \<Longrightarrow> prefixeq xs\<^sub>1 xs\<^sub>2 \<or> prefixeq xs\<^sub>2 xs\<^sub>1"
    79.9    unfolding prefixeq_def by (metis append_eq_append_conv2)
   79.10  
   79.11  lemma set_mono_prefixeq: "prefixeq xs ys \<Longrightarrow> set xs \<subseteq> set ys"
    80.1 --- a/src/HOL/List.thy	Tue Aug 13 16:53:23 2013 +0200
    80.2 +++ b/src/HOL/List.thy	Tue Aug 13 17:45:22 2013 +0200
    80.3 @@ -2095,13 +2095,13 @@
    80.4  done
    80.5  
    80.6  lemma append_eq_append_conv_if:
    80.7 - "(xs\<^isub>1 @ xs\<^isub>2 = ys\<^isub>1 @ ys\<^isub>2) =
    80.8 -  (if size xs\<^isub>1 \<le> size ys\<^isub>1
    80.9 -   then xs\<^isub>1 = take (size xs\<^isub>1) ys\<^isub>1 \<and> xs\<^isub>2 = drop (size xs\<^isub>1) ys\<^isub>1 @ ys\<^isub>2
   80.10 -   else take (size ys\<^isub>1) xs\<^isub>1 = ys\<^isub>1 \<and> drop (size ys\<^isub>1) xs\<^isub>1 @ xs\<^isub>2 = ys\<^isub>2)"
   80.11 -apply(induct xs\<^isub>1 arbitrary: ys\<^isub>1)
   80.12 + "(xs\<^sub>1 @ xs\<^sub>2 = ys\<^sub>1 @ ys\<^sub>2) =
   80.13 +  (if size xs\<^sub>1 \<le> size ys\<^sub>1
   80.14 +   then xs\<^sub>1 = take (size xs\<^sub>1) ys\<^sub>1 \<and> xs\<^sub>2 = drop (size xs\<^sub>1) ys\<^sub>1 @ ys\<^sub>2
   80.15 +   else take (size ys\<^sub>1) xs\<^sub>1 = ys\<^sub>1 \<and> drop (size ys\<^sub>1) xs\<^sub>1 @ xs\<^sub>2 = ys\<^sub>2)"
   80.16 +apply(induct xs\<^sub>1 arbitrary: ys\<^sub>1)
   80.17   apply simp
   80.18 -apply(case_tac ys\<^isub>1)
   80.19 +apply(case_tac ys\<^sub>1)
   80.20  apply simp_all
   80.21  done
   80.22  
    81.1 --- a/src/HOL/Map.thy	Tue Aug 13 16:53:23 2013 +0200
    81.2 +++ b/src/HOL/Map.thy	Tue Aug 13 17:45:22 2013 +0200
    81.3 @@ -48,7 +48,7 @@
    81.4  
    81.5  definition
    81.6    map_le :: "('a ~=> 'b) => ('a ~=> 'b) => bool"  (infix "\<subseteq>\<^sub>m" 50) where
    81.7 -  "(m\<^isub>1 \<subseteq>\<^sub>m m\<^isub>2) = (\<forall>a \<in> dom m\<^isub>1. m\<^isub>1 a = m\<^isub>2 a)"
    81.8 +  "(m\<^sub>1 \<subseteq>\<^sub>m m\<^sub>2) = (\<forall>a \<in> dom m\<^sub>1. m\<^sub>1 a = m\<^sub>2 a)"
    81.9  
   81.10  nonterminal maplets and maplet
   81.11  
    82.1 --- a/src/HOL/Metis_Examples/Big_O.thy	Tue Aug 13 16:53:23 2013 +0200
    82.2 +++ b/src/HOL/Metis_Examples/Big_O.thy	Tue Aug 13 17:45:22 2013 +0200
    82.3 @@ -42,20 +42,20 @@
    82.4  proof -
    82.5    fix c :: 'a and x :: 'b
    82.6    assume A1: "\<forall>x. \<bar>h x\<bar> \<le> c * \<bar>f x\<bar>"
    82.7 -  have F1: "\<forall>x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 0 \<le> \<bar>x\<^isub>1\<bar>" by (metis abs_ge_zero)
    82.8 -  have F2: "\<forall>x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^isub>1 = x\<^isub>1" by (metis mult_1)
    82.9 -  have F3: "\<forall>x\<^isub>1 x\<^isub>3. x\<^isub>3 \<le> \<bar>h x\<^isub>1\<bar> \<longrightarrow> x\<^isub>3 \<le> c * \<bar>f x\<^isub>1\<bar>" by (metis A1 order_trans)
   82.10 -  have F4: "\<forall>x\<^isub>2 x\<^isub>3\<Colon>'a\<Colon>linordered_idom. \<bar>x\<^isub>3\<bar> * \<bar>x\<^isub>2\<bar> = \<bar>x\<^isub>3 * x\<^isub>2\<bar>"
   82.11 +  have F1: "\<forall>x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 0 \<le> \<bar>x\<^sub>1\<bar>" by (metis abs_ge_zero)
   82.12 +  have F2: "\<forall>x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^sub>1 = x\<^sub>1" by (metis mult_1)
   82.13 +  have F3: "\<forall>x\<^sub>1 x\<^sub>3. x\<^sub>3 \<le> \<bar>h x\<^sub>1\<bar> \<longrightarrow> x\<^sub>3 \<le> c * \<bar>f x\<^sub>1\<bar>" by (metis A1 order_trans)
   82.14 +  have F4: "\<forall>x\<^sub>2 x\<^sub>3\<Colon>'a\<Colon>linordered_idom. \<bar>x\<^sub>3\<bar> * \<bar>x\<^sub>2\<bar> = \<bar>x\<^sub>3 * x\<^sub>2\<bar>"
   82.15      by (metis abs_mult)
   82.16 -  have F5: "\<forall>x\<^isub>3 x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 0 \<le> x\<^isub>1 \<longrightarrow> \<bar>x\<^isub>3 * x\<^isub>1\<bar> = \<bar>x\<^isub>3\<bar> * x\<^isub>1"
   82.17 +  have F5: "\<forall>x\<^sub>3 x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 0 \<le> x\<^sub>1 \<longrightarrow> \<bar>x\<^sub>3 * x\<^sub>1\<bar> = \<bar>x\<^sub>3\<bar> * x\<^sub>1"
   82.18      by (metis abs_mult_pos)
   82.19 -  hence "\<forall>x\<^isub>1\<ge>0. \<bar>x\<^isub>1\<Colon>'a\<Colon>linordered_idom\<bar> = \<bar>1\<bar> * x\<^isub>1" by (metis F2)
   82.20 -  hence "\<forall>x\<^isub>1\<ge>0. \<bar>x\<^isub>1\<Colon>'a\<Colon>linordered_idom\<bar> = x\<^isub>1" by (metis F2 abs_one)
   82.21 -  hence "\<forall>x\<^isub>3. 0 \<le> \<bar>h x\<^isub>3\<bar> \<longrightarrow> \<bar>c * \<bar>f x\<^isub>3\<bar>\<bar> = c * \<bar>f x\<^isub>3\<bar>" by (metis F3)
   82.22 -  hence "\<forall>x\<^isub>3. \<bar>c * \<bar>f x\<^isub>3\<bar>\<bar> = c * \<bar>f x\<^isub>3\<bar>" by (metis F1)
   82.23 -  hence "\<forall>x\<^isub>3. (0\<Colon>'a) \<le> \<bar>f x\<^isub>3\<bar> \<longrightarrow> c * \<bar>f x\<^isub>3\<bar> = \<bar>c\<bar> * \<bar>f x\<^isub>3\<bar>" by (metis F5)
   82.24 -  hence "\<forall>x\<^isub>3. (0\<Colon>'a) \<le> \<bar>f x\<^isub>3\<bar> \<longrightarrow> c * \<bar>f x\<^isub>3\<bar> = \<bar>c * f x\<^isub>3\<bar>" by (metis F4)
   82.25 -  hence "\<forall>x\<^isub>3. c * \<bar>f x\<^isub>3\<bar> = \<bar>c * f x\<^isub>3\<bar>" by (metis F1)
   82.26 +  hence "\<forall>x\<^sub>1\<ge>0. \<bar>x\<^sub>1\<Colon>'a\<Colon>linordered_idom\<bar> = \<bar>1\<bar> * x\<^sub>1" by (metis F2)
   82.27 +  hence "\<forall>x\<^sub>1\<ge>0. \<bar>x\<^sub>1\<Colon>'a\<Colon>linordered_idom\<bar> = x\<^sub>1" by (metis F2 abs_one)
   82.28 +  hence "\<forall>x\<^sub>3. 0 \<le> \<bar>h x\<^sub>3\<bar> \<longrightarrow> \<bar>c * \<bar>f x\<^sub>3\<bar>\<bar> = c * \<bar>f x\<^sub>3\<bar>" by (metis F3)
   82.29 +  hence "\<forall>x\<^sub>3. \<bar>c * \<bar>f x\<^sub>3\<bar>\<bar> = c * \<bar>f x\<^sub>3\<bar>" by (metis F1)
   82.30 +  hence "\<forall>x\<^sub>3. (0\<Colon>'a) \<le> \<bar>f x\<^sub>3\<bar> \<longrightarrow> c * \<bar>f x\<^sub>3\<bar> = \<bar>c\<bar> * \<bar>f x\<^sub>3\<bar>" by (metis F5)
   82.31 +  hence "\<forall>x\<^sub>3. (0\<Colon>'a) \<le> \<bar>f x\<^sub>3\<bar> \<longrightarrow> c * \<bar>f x\<^sub>3\<bar> = \<bar>c * f x\<^sub>3\<bar>" by (metis F4)
   82.32 +  hence "\<forall>x\<^sub>3. c * \<bar>f x\<^sub>3\<bar> = \<bar>c * f x\<^sub>3\<bar>" by (metis F1)
   82.33    hence "\<bar>h x\<bar> \<le> \<bar>c * f x\<bar>" by (metis A1)
   82.34    thus "\<bar>h x\<bar> \<le> \<bar>c\<bar> * \<bar>f x\<bar>" by (metis F4)
   82.35  qed
   82.36 @@ -73,12 +73,12 @@
   82.37  proof -
   82.38    fix c :: 'a and x :: 'b
   82.39    assume A1: "\<forall>x. \<bar>h x\<bar> \<le> c * \<bar>f x\<bar>"
   82.40 -  have F1: "\<forall>x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^isub>1 = x\<^isub>1" by (metis mult_1)
   82.41 -  have F2: "\<forall>x\<^isub>2 x\<^isub>3\<Colon>'a\<Colon>linordered_idom. \<bar>x\<^isub>3\<bar> * \<bar>x\<^isub>2\<bar> = \<bar>x\<^isub>3 * x\<^isub>2\<bar>"
   82.42 +  have F1: "\<forall>x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^sub>1 = x\<^sub>1" by (metis mult_1)
   82.43 +  have F2: "\<forall>x\<^sub>2 x\<^sub>3\<Colon>'a\<Colon>linordered_idom. \<bar>x\<^sub>3\<bar> * \<bar>x\<^sub>2\<bar> = \<bar>x\<^sub>3 * x\<^sub>2\<bar>"
   82.44      by (metis abs_mult)
   82.45 -  have "\<forall>x\<^isub>1\<ge>0. \<bar>x\<^isub>1\<Colon>'a\<Colon>linordered_idom\<bar> = x\<^isub>1" by (metis F1 abs_mult_pos abs_one)
   82.46 -  hence "\<forall>x\<^isub>3. \<bar>c * \<bar>f x\<^isub>3\<bar>\<bar> = c * \<bar>f x\<^isub>3\<bar>" by (metis A1 abs_ge_zero order_trans)
   82.47 -  hence "\<forall>x\<^isub>3. 0 \<le> \<bar>f x\<^isub>3\<bar> \<longrightarrow> c * \<bar>f x\<^isub>3\<bar> = \<bar>c * f x\<^isub>3\<bar>" by (metis F2 abs_mult_pos)
   82.48 +  have "\<forall>x\<^sub>1\<ge>0. \<bar>x\<^sub>1\<Colon>'a\<Colon>linordered_idom\<bar> = x\<^sub>1" by (metis F1 abs_mult_pos abs_one)
   82.49 +  hence "\<forall>x\<^sub>3. \<bar>c * \<bar>f x\<^sub>3\<bar>\<bar> = c * \<bar>f x\<^sub>3\<bar>" by (metis A1 abs_ge_zero order_trans)
   82.50 +  hence "\<forall>x\<^sub>3. 0 \<le> \<bar>f x\<^sub>3\<bar> \<longrightarrow> c * \<bar>f x\<^sub>3\<bar> = \<bar>c * f x\<^sub>3\<bar>" by (metis F2 abs_mult_pos)
   82.51    hence "\<bar>h x\<bar> \<le> \<bar>c * f x\<bar>" by (metis A1 abs_ge_zero)
   82.52    thus "\<bar>h x\<bar> \<le> \<bar>c\<bar> * \<bar>f x\<bar>" by (metis F2)
   82.53  qed
   82.54 @@ -96,10 +96,10 @@
   82.55  proof -
   82.56    fix c :: 'a and x :: 'b
   82.57    assume A1: "\<forall>x. \<bar>h x\<bar> \<le> c * \<bar>f x\<bar>"
   82.58 -  have F1: "\<forall>x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^isub>1 = x\<^isub>1" by (metis mult_1)
   82.59 -  have F2: "\<forall>x\<^isub>3 x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 0 \<le> x\<^isub>1 \<longrightarrow> \<bar>x\<^isub>3 * x\<^isub>1\<bar> = \<bar>x\<^isub>3\<bar> * x\<^isub>1" by (metis abs_mult_pos)
   82.60 -  hence "\<forall>x\<^isub>1\<ge>0. \<bar>x\<^isub>1\<Colon>'a\<Colon>linordered_idom\<bar> = x\<^isub>1" by (metis F1 abs_one)
   82.61 -  hence "\<forall>x\<^isub>3. 0 \<le> \<bar>f x\<^isub>3\<bar> \<longrightarrow> c * \<bar>f x\<^isub>3\<bar> = \<bar>c\<bar> * \<bar>f x\<^isub>3\<bar>" by (metis F2 A1 abs_ge_zero order_trans)
   82.62 +  have F1: "\<forall>x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^sub>1 = x\<^sub>1" by (metis mult_1)
   82.63 +  have F2: "\<forall>x\<^sub>3 x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 0 \<le> x\<^sub>1 \<longrightarrow> \<bar>x\<^sub>3 * x\<^sub>1\<bar> = \<bar>x\<^sub>3\<bar> * x\<^sub>1" by (metis abs_mult_pos)
   82.64 +  hence "\<forall>x\<^sub>1\<ge>0. \<bar>x\<^sub>1\<Colon>'a\<Colon>linordered_idom\<bar> = x\<^sub>1" by (metis F1 abs_one)
   82.65 +  hence "\<forall>x\<^sub>3. 0 \<le> \<bar>f x\<^sub>3\<bar> \<longrightarrow> c * \<bar>f x\<^sub>3\<bar> = \<bar>c\<bar> * \<bar>f x\<^sub>3\<bar>" by (metis F2 A1 abs_ge_zero order_trans)
   82.66    thus "\<bar>h x\<bar> \<le> \<bar>c\<bar> * \<bar>f x\<bar>" by (metis A1 abs_ge_zero)
   82.67  qed
   82.68  
   82.69 @@ -116,8 +116,8 @@
   82.70  proof -
   82.71    fix c :: 'a and x :: 'b
   82.72    assume A1: "\<forall>x. \<bar>h x\<bar> \<le> c * \<bar>f x\<bar>"
   82.73 -  have "\<forall>x\<^isub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^isub>1 = x\<^isub>1" by (metis mult_1)
   82.74 -  hence "\<forall>x\<^isub>3. \<bar>c * \<bar>f x\<^isub>3\<bar>\<bar> = c * \<bar>f x\<^isub>3\<bar>"
   82.75 +  have "\<forall>x\<^sub>1\<Colon>'a\<Colon>linordered_idom. 1 * x\<^sub>1 = x\<^sub>1" by (metis mult_1)
   82.76 +  hence "\<forall>x\<^sub>3. \<bar>c * \<bar>f x\<^sub>3\<bar>\<bar> = c * \<bar>f x\<^sub>3\<bar>"
   82.77      by (metis A1 abs_ge_zero order_trans abs_mult_pos abs_one)
   82.78    hence "\<bar>h x\<bar> \<le> \<bar>c * f x\<bar>" by (metis A1 abs_ge_zero abs_mult_pos abs_mult)
   82.79    thus "\<bar>h x\<bar> \<le> \<bar>c\<bar> * \<bar>f x\<bar>" by (metis abs_mult)
   82.80 @@ -459,11 +459,11 @@
   82.81    have "(0\<Colon>'a) < \<bar>c\<bar> \<longrightarrow> (0\<Colon>'a) < \<bar>inverse c\<bar>" using F1 by (metis positive_imp_inverse_positive)
   82.82    hence "(0\<Colon>'a) < \<bar>inverse c\<bar>" using F2 by metis
   82.83    hence F3: "(0\<Colon>'a) \<le> \<bar>inverse c\<bar>" by (metis order_le_less)
   82.84 -  have "\<exists>(u\<Colon>'a) SKF\<^isub>7\<Colon>'a \<Rightarrow> 'b. \<bar>g (SKF\<^isub>7 (\<bar>inverse c\<bar> * u))\<bar> \<le> u * \<bar>f (SKF\<^isub>7 (\<bar>inverse c\<bar> * u))\<bar>"
   82.85 +  have "\<exists>(u\<Colon>'a) SKF\<^sub>7\<Colon>'a \<Rightarrow> 'b. \<bar>g (SKF\<^sub>7 (\<bar>inverse c\<bar> * u))\<bar> \<le> u * \<bar>f (SKF\<^sub>7 (\<bar>inverse c\<bar> * u))\<bar>"
   82.86      using A2 by metis
   82.87 -  hence F4: "\<exists>(u\<Colon>'a) SKF\<^isub>7\<Colon>'a \<Rightarrow> 'b. \<bar>g (SKF\<^isub>7 (\<bar>inverse c\<bar> * u))\<bar> \<le> u * \<bar>f (SKF\<^isub>7 (\<bar>inverse c\<bar> * u))\<bar> \<and> (0\<Colon>'a) \<le> \<bar>inverse c\<bar>"
   82.88 +  hence F4: "\<exists>(u\<Colon>'a) SKF\<^sub>7\<Colon>'a \<Rightarrow> 'b. \<bar>g (SKF\<^sub>7 (\<bar>inverse c\<bar> * u))\<bar> \<le> u * \<bar>f (SKF\<^sub>7 (\<bar>inverse c\<bar> * u))\<bar> \<and> (0\<Colon>'a) \<le> \<bar>inverse c\<bar>"
   82.89      using F3 by metis
   82.90 -  hence "\<exists>(v\<Colon>'a) (u\<Colon>'a) SKF\<^isub>7\<Colon>'a \<Rightarrow> 'b. \<bar>inverse c\<bar> * \<bar>g (SKF\<^isub>7 (u * v))\<bar> \<le> u * (v * \<bar>f (SKF\<^isub>7 (u * v))\<bar>)"
   82.91 +  hence "\<exists>(v\<Colon>'a) (u\<Colon>'a) SKF\<^sub>7\<Colon>'a \<Rightarrow> 'b. \<bar>inverse c\<bar> * \<bar>g (SKF\<^sub>7 (u * v))\<bar> \<le> u * (v * \<bar>f (SKF\<^sub>7 (u * v))\<bar>)"
   82.92      by (metis comm_mult_left_mono)
   82.93    thus "\<exists>ca\<Colon>'a. \<forall>x\<Colon>'b. \<bar>inverse c\<bar> * \<bar>g x\<bar> \<le> ca * \<bar>f x\<bar>"
   82.94      using A2 F4 by (metis ab_semigroup_mult_class.mult_ac(1) comm_mult_left_mono)
    83.1 --- a/src/HOL/Metis_Examples/Binary_Tree.thy	Tue Aug 13 16:53:23 2013 +0200
    83.2 +++ b/src/HOL/Metis_Examples/Binary_Tree.thy	Tue Aug 13 17:45:22 2013 +0200
    83.3 @@ -59,9 +59,9 @@
    83.4  proof (induct t)
    83.5    case Lf thus ?case
    83.6    proof -
    83.7 -    let "?p\<^isub>1 x\<^isub>1" = "x\<^isub>1 \<noteq> n_leaves (reflect (Lf::'a bt))"
    83.8 -    have "\<not> ?p\<^isub>1 (Suc 0)" by (metis reflect.simps(1) n_leaves.simps(1))
    83.9 -    hence "\<not> ?p\<^isub>1 (n_leaves (Lf::'a bt))" by (metis n_leaves.simps(1))
   83.10 +    let "?p\<^sub>1 x\<^sub>1" = "x\<^sub>1 \<noteq> n_leaves (reflect (Lf::'a bt))"
   83.11 +    have "\<not> ?p\<^sub>1 (Suc 0)" by (metis reflect.simps(1) n_leaves.simps(1))
   83.12 +    hence "\<not> ?p\<^sub>1 (n_leaves (Lf::'a bt))" by (metis n_leaves.simps(1))
   83.13      thus "n_leaves (reflect (Lf::'a bt)) = n_leaves (Lf::'a bt)" by metis
   83.14    qed
   83.15  next
    84.1 --- a/src/HOL/Metis_Examples/Message.thy	Tue Aug 13 16:53:23 2013 +0200
    84.2 +++ b/src/HOL/Metis_Examples/Message.thy	Tue Aug 13 17:45:22 2013 +0200
    84.3 @@ -677,10 +677,10 @@
    84.4  
    84.5  lemma analz_synth [simp]: "analz (synth H) = analz H \<union> synth H"
    84.6  proof -
    84.7 -  have "\<forall>x\<^isub>2 x\<^isub>1. synth x\<^isub>1 \<union> analz (x\<^isub>1 \<union> x\<^isub>2) = analz (synth x\<^isub>1 \<union> x\<^isub>2)" by (metis Un_commute analz_synth_Un)
    84.8 -  hence "\<forall>x\<^isub>1. synth x\<^isub>1 \<union> analz x\<^isub>1 = analz (synth x\<^isub>1 \<union> {})" by (metis Un_empty_right)
    84.9 -  hence "\<forall>x\<^isub>1. synth x\<^isub>1 \<union> analz x\<^isub>1 = analz (synth x\<^isub>1)" by (metis Un_empty_right)
   84.10 -  hence "\<forall>x\<^isub>1. analz x\<^isub>1 \<union> synth x\<^isub>1 = analz (synth x\<^isub>1)" by (metis Un_commute)
   84.11 +  have "\<forall>x\<^sub>2 x\<^sub>1. synth x\<^sub>1 \<union> analz (x\<^sub>1 \<union> x\<^sub>2) = analz (synth x\<^sub>1 \<union> x\<^sub>2)" by (metis Un_commute analz_synth_Un)
   84.12 +  hence "\<forall>x\<^sub>1. synth x\<^sub>1 \<union> analz x\<^sub>1 = analz (synth x\<^sub>1 \<union> {})" by (metis Un_empty_right)
   84.13 +  hence "\<forall>x\<^sub>1. synth x\<^sub>1 \<union> analz x\<^sub>1 = analz (synth x\<^sub>1)" by (metis Un_empty_right)
   84.14 +  hence "\<forall>x\<^sub>1. analz x\<^sub>1 \<union> synth x\<^sub>1 = analz (synth x\<^sub>1)" by (metis Un_commute)
   84.15    thus "analz (synth H) = analz H \<union> synth H" by metis
   84.16  qed
   84.17  
   84.18 @@ -690,8 +690,8 @@
   84.19  lemma parts_insert_subset_Un: "X \<in> G ==> parts(insert X H) \<subseteq> parts G \<union> parts H"
   84.20  proof -
   84.21    assume "X \<in> G"
   84.22 -  hence "\<forall>x\<^isub>1. G \<subseteq> x\<^isub>1 \<longrightarrow> X \<in> x\<^isub>1 " by auto
   84.23 -  hence "\<forall>x\<^isub>1. X \<in> G \<union> x\<^isub>1" by (metis Un_upper1)
   84.24 +  hence "\<forall>x\<^sub>1. G \<subseteq> x\<^sub>1 \<longrightarrow> X \<in> x\<^sub>1 " by auto
   84.25 +  hence "\<forall>x\<^sub>1. X \<in> G \<union> x\<^sub>1" by (metis Un_upper1)
   84.26    hence "insert X H \<subseteq> G \<union> H" by (metis Un_upper2 insert_subset)
   84.27    hence "parts (insert X H) \<subseteq> parts (G \<union> H)" by (metis parts_mono)
   84.28    thus "parts (insert X H) \<subseteq> parts G \<union> parts H" by (metis parts_Un)
   84.29 @@ -702,22 +702,22 @@
   84.30        parts (insert X H) \<subseteq> synth (analz H) \<union> parts H"
   84.31  proof -
   84.32    assume A1: "X \<in> synth (analz H)"
   84.33 -  have F1: "\<forall>x\<^isub>1. analz x\<^isub>1 \<union> synth (analz x\<^isub>1) = analz (synth (analz x\<^isub>1))"
   84.34 +  have F1: "\<forall>x\<^sub>1. analz x\<^sub>1 \<union> synth (analz x\<^sub>1) = analz (synth (analz x\<^sub>1))"
   84.35      by (metis analz_idem analz_synth)
   84.36 -  have F2: "\<forall>x\<^isub>1. parts x\<^isub>1 \<union> synth (analz x\<^isub>1) = parts (synth (analz x\<^isub>1))"
   84.37 +  have F2: "\<forall>x\<^sub>1. parts x\<^sub>1 \<union> synth (analz x\<^sub>1) = parts (synth (analz x\<^sub>1))"
   84.38      by (metis parts_analz parts_synth)
   84.39    have F3: "X \<in> synth (analz H)" using A1 by metis
   84.40 -  have "\<forall>x\<^isub>2 x\<^isub>1\<Colon>msg set. x\<^isub>1 \<le> sup x\<^isub>1 x\<^isub>2" by (metis inf_sup_ord(3))
   84.41 -  hence F4: "\<forall>x\<^isub>1. analz x\<^isub>1 \<subseteq> analz (synth x\<^isub>1)" by (metis analz_synth)
   84.42 +  have "\<forall>x\<^sub>2 x\<^sub>1\<Colon>msg set. x\<^sub>1 \<le> sup x\<^sub>1 x\<^sub>2" by (metis inf_sup_ord(3))
   84.43 +  hence F4: "\<forall>x\<^sub>1. analz x\<^sub>1 \<subseteq> analz (synth x\<^sub>1)" by (metis analz_synth)
   84.44    have F5: "X \<in> synth (analz H)" using F3 by metis
   84.45 -  have "\<forall>x\<^isub>1. analz x\<^isub>1 \<subseteq> synth (analz x\<^isub>1)
   84.46 -         \<longrightarrow> analz (synth (analz x\<^isub>1)) = synth (analz x\<^isub>1)"
   84.47 +  have "\<forall>x\<^sub>1. analz x\<^sub>1 \<subseteq> synth (analz x\<^sub>1)
   84.48 +         \<longrightarrow> analz (synth (analz x\<^sub>1)) = synth (analz x\<^sub>1)"
   84.49      using F1 by (metis subset_Un_eq)
   84.50 -  hence F6: "\<forall>x\<^isub>1. analz (synth (analz x\<^isub>1)) = synth (analz x\<^isub>1)"
   84.51 +  hence F6: "\<forall>x\<^sub>1. analz (synth (analz x\<^sub>1)) = synth (analz x\<^sub>1)"
   84.52      by (metis synth_increasing)
   84.53 -  have "\<forall>x\<^isub>1. x\<^isub>1 \<subseteq> analz (synth x\<^isub>1)" using F4 by (metis analz_subset_iff)
   84.54 -  hence "\<forall>x\<^isub>1. x\<^isub>1 \<subseteq> analz (synth (analz x\<^isub>1))" by (metis analz_subset_iff)
   84.55 -  hence "\<forall>x\<^isub>1. x\<^isub>1 \<subseteq> synth (analz x\<^isub>1)" using F6 by metis
   84.56 +  have "\<forall>x\<^sub>1. x\<^sub>1 \<subseteq> analz (synth x\<^sub>1)" using F4 by (metis analz_subset_iff)
   84.57 +  hence "\<forall>x\<^sub>1. x\<^sub>1 \<subseteq> analz (synth (analz x\<^sub>1))" by (metis analz_subset_iff)
   84.58 +  hence "\<forall>x\<^sub>1. x\<^sub>1 \<subseteq> synth (analz x\<^sub>1)" using F6 by metis
   84.59    hence "H \<subseteq> synth (analz H)" by metis
   84.60    hence "H \<subseteq> synth (analz H) \<and> X \<in> synth (analz H)" using F5 by metis
   84.61    hence "insert X H \<subseteq> synth (analz H)" by (metis insert_subset)
    85.1 --- a/src/HOL/Metis_Examples/Sets.thy	Tue Aug 13 16:53:23 2013 +0200
    85.2 +++ b/src/HOL/Metis_Examples/Sets.thy	Tue Aug 13 17:45:22 2013 +0200
    85.3 @@ -27,9 +27,9 @@
    85.4  lemma (*equal_union: *)
    85.5     "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))"
    85.6  proof -
    85.7 -  have F1: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>1 \<union> x\<^isub>2" by (metis Un_commute Un_upper2)
    85.8 -  have F2a: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>2 \<longrightarrow> x\<^isub>2 = x\<^isub>2 \<union> x\<^isub>1" by (metis Un_commute subset_Un_eq)
    85.9 -  have F2: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>2 \<and> x\<^isub>2 \<subseteq> x\<^isub>1 \<longrightarrow> x\<^isub>1 = x\<^isub>2" by (metis F2a subset_Un_eq)
   85.10 +  have F1: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>1 \<union> x\<^sub>2" by (metis Un_commute Un_upper2)
   85.11 +  have F2a: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>2 \<longrightarrow> x\<^sub>2 = x\<^sub>2 \<union> x\<^sub>1" by (metis Un_commute subset_Un_eq)
   85.12 +  have F2: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>2 \<and> x\<^sub>2 \<subseteq> x\<^sub>1 \<longrightarrow> x\<^sub>1 = x\<^sub>2" by (metis F2a subset_Un_eq)
   85.13    { assume "\<not> Z \<subseteq> X"
   85.14      hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.15    moreover
   85.16 @@ -44,12 +44,12 @@
   85.17        { assume "(Z \<subseteq> X \<and> Y \<subseteq> X) \<and> Y \<union> Z \<noteq> X"
   85.18          hence "Y \<union> Z \<subseteq> X \<and> X \<noteq> Y \<union> Z" by (metis Un_subset_iff)
   85.19          hence "Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> Y \<union> Z" by (metis F2)
   85.20 -        hence "\<exists>x\<^isub>1\<Colon>'a set. Y \<subseteq> x\<^isub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^isub>1 \<union> Z" by (metis F1)
   85.21 +        hence "\<exists>x\<^sub>1\<Colon>'a set. Y \<subseteq> x\<^sub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^sub>1 \<union> Z" by (metis F1)
   85.22          hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.23        ultimately have "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AAA1) }
   85.24      ultimately have "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AA1) }
   85.25    moreover
   85.26 -  { assume "\<exists>x\<^isub>1\<Colon>'a set. (Z \<subseteq> x\<^isub>1 \<and> Y \<subseteq> x\<^isub>1) \<and> \<not> X \<subseteq> x\<^isub>1"
   85.27 +  { assume "\<exists>x\<^sub>1\<Colon>'a set. (Z \<subseteq> x\<^sub>1 \<and> Y \<subseteq> x\<^sub>1) \<and> \<not> X \<subseteq> x\<^sub>1"
   85.28      { assume "\<not> Y \<subseteq> X"
   85.29        hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis F1) }
   85.30      moreover
   85.31 @@ -60,7 +60,7 @@
   85.32        { assume "(Z \<subseteq> X \<and> Y \<subseteq> X) \<and> Y \<union> Z \<noteq> X"
   85.33          hence "Y \<union> Z \<subseteq> X \<and> X \<noteq> Y \<union> Z" by (metis Un_subset_iff)
   85.34          hence "Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> Y \<union> Z" by (metis F2)
   85.35 -        hence "\<exists>x\<^isub>1\<Colon>'a set. Y \<subseteq> x\<^isub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^isub>1 \<union> Z" by (metis F1)
   85.36 +        hence "\<exists>x\<^sub>1\<Colon>'a set. Y \<subseteq> x\<^sub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^sub>1 \<union> Z" by (metis F1)
   85.37          hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.38        ultimately have "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AAA1) }
   85.39      ultimately have "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by blast }
   85.40 @@ -75,14 +75,14 @@
   85.41  lemma (*equal_union: *)
   85.42     "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))"
   85.43  proof -
   85.44 -  have F1: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>2 \<and> x\<^isub>2 \<subseteq> x\<^isub>1 \<longrightarrow> x\<^isub>1 = x\<^isub>2" by (metis Un_commute subset_Un_eq)
   85.45 -  { assume AA1: "\<exists>x\<^isub>1\<Colon>'a set. (Z \<subseteq> x\<^isub>1 \<and> Y \<subseteq> x\<^isub>1) \<and> \<not> X \<subseteq> x\<^isub>1"
   85.46 +  have F1: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>2 \<and> x\<^sub>2 \<subseteq> x\<^sub>1 \<longrightarrow> x\<^sub>1 = x\<^sub>2" by (metis Un_commute subset_Un_eq)
   85.47 +  { assume AA1: "\<exists>x\<^sub>1\<Colon>'a set. (Z \<subseteq> x\<^sub>1 \<and> Y \<subseteq> x\<^sub>1) \<and> \<not> X \<subseteq> x\<^sub>1"
   85.48      { assume AAA1: "Y \<subseteq> X \<and> Y \<union> Z \<noteq> X"
   85.49        { assume "\<not> Z \<subseteq> X"
   85.50          hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.51        moreover
   85.52        { assume "Y \<union> Z \<subseteq> X \<and> X \<noteq> Y \<union> Z"
   85.53 -        hence "\<exists>x\<^isub>1\<Colon>'a set. Y \<subseteq> x\<^isub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^isub>1 \<union> Z" by (metis F1 Un_commute Un_upper2)
   85.54 +        hence "\<exists>x\<^sub>1\<Colon>'a set. Y \<subseteq> x\<^sub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^sub>1 \<union> Z" by (metis F1 Un_commute Un_upper2)
   85.55          hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.56        ultimately have "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AAA1 Un_subset_iff) }
   85.57      moreover
   85.58 @@ -101,7 +101,7 @@
   85.59        hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.60      moreover
   85.61      { assume "Y \<union> Z \<subseteq> X \<and> X \<noteq> Y \<union> Z"
   85.62 -      hence "\<exists>x\<^isub>1\<Colon>'a set. Y \<subseteq> x\<^isub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^isub>1 \<union> Z" by (metis F1 Un_commute Un_upper2)
   85.63 +      hence "\<exists>x\<^sub>1\<Colon>'a set. Y \<subseteq> x\<^sub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^sub>1 \<union> Z" by (metis F1 Un_commute Un_upper2)
   85.64        hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.65      ultimately have "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AA1 Un_subset_iff) }
   85.66    ultimately show "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by metis
   85.67 @@ -112,12 +112,12 @@
   85.68  lemma (*equal_union: *)
   85.69     "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))"
   85.70  proof -
   85.71 -  have F1a: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>2 \<longrightarrow> x\<^isub>2 = x\<^isub>2 \<union> x\<^isub>1" by (metis Un_commute subset_Un_eq)
   85.72 -  have F1: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>2 \<and> x\<^isub>2 \<subseteq> x\<^isub>1 \<longrightarrow> x\<^isub>1 = x\<^isub>2" by (metis F1a subset_Un_eq)
   85.73 +  have F1a: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>2 \<longrightarrow> x\<^sub>2 = x\<^sub>2 \<union> x\<^sub>1" by (metis Un_commute subset_Un_eq)
   85.74 +  have F1: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>2 \<and> x\<^sub>2 \<subseteq> x\<^sub>1 \<longrightarrow> x\<^sub>1 = x\<^sub>2" by (metis F1a subset_Un_eq)
   85.75    { assume "(Z \<subseteq> X \<and> Y \<subseteq> X) \<and> Y \<union> Z \<noteq> X"
   85.76      hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis F1 Un_commute Un_subset_iff Un_upper2) }
   85.77    moreover
   85.78 -  { assume AA1: "\<exists>x\<^isub>1\<Colon>'a set. (Z \<subseteq> x\<^isub>1 \<and> Y \<subseteq> x\<^isub>1) \<and> \<not> X \<subseteq> x\<^isub>1"
   85.79 +  { assume AA1: "\<exists>x\<^sub>1\<Colon>'a set. (Z \<subseteq> x\<^sub>1 \<and> Y \<subseteq> x\<^sub>1) \<and> \<not> X \<subseteq> x\<^sub>1"
   85.80      { assume "(Z \<subseteq> X \<and> Y \<subseteq> X) \<and> Y \<union> Z \<noteq> X"
   85.81        hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis F1 Un_commute Un_subset_iff Un_upper2) }
   85.82      hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AA1 Un_commute Un_subset_iff Un_upper2) }
   85.83 @@ -129,12 +129,12 @@
   85.84  lemma (*equal_union: *)
   85.85     "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))"
   85.86  proof -
   85.87 -  have F1: "\<forall>(x\<^isub>2\<Colon>'b set) x\<^isub>1\<Colon>'b set. x\<^isub>1 \<subseteq> x\<^isub>2 \<and> x\<^isub>2 \<subseteq> x\<^isub>1 \<longrightarrow> x\<^isub>1 = x\<^isub>2" by (metis Un_commute subset_Un_eq)
   85.88 +  have F1: "\<forall>(x\<^sub>2\<Colon>'b set) x\<^sub>1\<Colon>'b set. x\<^sub>1 \<subseteq> x\<^sub>2 \<and> x\<^sub>2 \<subseteq> x\<^sub>1 \<longrightarrow> x\<^sub>1 = x\<^sub>2" by (metis Un_commute subset_Un_eq)
   85.89    { assume "\<not> Y \<subseteq> X"
   85.90      hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_commute Un_upper2) }
   85.91    moreover
   85.92    { assume AA1: "Y \<subseteq> X \<and> Y \<union> Z \<noteq> X"
   85.93 -    { assume "\<exists>x\<^isub>1\<Colon>'a set. Y \<subseteq> x\<^isub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^isub>1 \<union> Z"
   85.94 +    { assume "\<exists>x\<^sub>1\<Colon>'a set. Y \<subseteq> x\<^sub>1 \<union> Z \<and> Y \<union> Z \<noteq> X \<and> \<not> X \<subseteq> x\<^sub>1 \<union> Z"
   85.95        hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_upper2) }
   85.96      hence "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis AA1 F1 Un_commute Un_subset_iff Un_upper2) }
   85.97    ultimately show "(X = Y \<union> Z) = (Y \<subseteq> X \<and> Z \<subseteq> X \<and> (\<forall>V\<Colon>'a set. Y \<subseteq> V \<and> Z \<subseteq> V \<longrightarrow> X \<subseteq> V))" by (metis Un_subset_iff Un_upper2)
   85.98 @@ -170,10 +170,10 @@
   85.99       "\<forall>x \<in> S. \<Union>S \<subseteq> x \<Longrightarrow> \<exists>z. S \<subseteq> {z}"
  85.100  proof -
  85.101    assume "\<forall>x \<in> S. \<Union>S \<subseteq> x"
  85.102 -  hence "\<forall>x\<^isub>1. x\<^isub>1 \<subseteq> \<Union>S \<and> x\<^isub>1 \<in> S \<longrightarrow> x\<^isub>1 = \<Union>S" by (metis set_eq_subset)
  85.103 -  hence "\<forall>x\<^isub>1. x\<^isub>1 \<in> S \<longrightarrow> x\<^isub>1 = \<Union>S" by (metis Union_upper)
  85.104 -  hence "\<forall>x\<^isub>1\<Colon>('a set) set. \<Union>S \<in> x\<^isub>1 \<longrightarrow> S \<subseteq> x\<^isub>1" by (metis subsetI)
  85.105 -  hence "\<forall>x\<^isub>1\<Colon>('a set) set. S \<subseteq> insert (\<Union>S) x\<^isub>1" by (metis insert_iff)
  85.106 +  hence "\<forall>x\<^sub>1. x\<^sub>1 \<subseteq> \<Union>S \<and> x\<^sub>1 \<in> S \<longrightarrow> x\<^sub>1 = \<Union>S" by (metis set_eq_subset)
  85.107 +  hence "\<forall>x\<^sub>1. x\<^sub>1 \<in> S \<longrightarrow> x\<^sub>1 = \<Union>S" by (metis Union_upper)
  85.108 +  hence "\<forall>x\<^sub>1\<Colon>('a set) set. \<Union>S \<in> x\<^sub>1 \<longrightarrow> S \<subseteq> x\<^sub>1" by (metis subsetI)
  85.109 +  hence "\<forall>x\<^sub>1\<Colon>('a set) set. S \<subseteq> insert (\<Union>S) x\<^sub>1" by (metis insert_iff)
  85.110    thus "\<exists>z. S \<subseteq> {z}" by metis
  85.111  qed
  85.112  
    86.1 --- a/src/HOL/Metis_Examples/Trans_Closure.thy	Tue Aug 13 16:53:23 2013 +0200
    86.2 +++ b/src/HOL/Metis_Examples/Trans_Closure.thy	Tue Aug 13 17:45:22 2013 +0200
    86.3 @@ -51,7 +51,7 @@
    86.4    assume A3: "(a, b) \<in> R\<^sup>*"
    86.5    assume A4: "(b, c) \<in> R\<^sup>*"
    86.6    have "b \<noteq> c" using A1 A2 by metis
    86.7 -  hence "\<exists>x\<^isub>1. (b, x\<^isub>1) \<in> R" using A4 by (metis converse_rtranclE)
    86.8 +  hence "\<exists>x\<^sub>1. (b, x\<^sub>1) \<in> R" using A4 by (metis converse_rtranclE)
    86.9    thus "\<exists>c. (b, c) \<in> R \<and> (a, c) \<in> R\<^sup>*" using A3 by (metis transitive_closure_trans(6))
   86.10  qed
   86.11  
    87.1 --- a/src/HOL/MicroJava/DFA/Product.thy	Tue Aug 13 16:53:23 2013 +0200
    87.2 +++ b/src/HOL/MicroJava/DFA/Product.thy	Tue Aug 13 17:45:22 2013 +0200
    87.3 @@ -47,7 +47,7 @@
    87.4  done 
    87.5  
    87.6  lemma acc_le_prodI [intro!]:
    87.7 -  "\<lbrakk> acc r\<^isub>A; acc r\<^isub>B \<rbrakk> \<Longrightarrow> acc(Product.le r\<^isub>A r\<^isub>B)"
    87.8 +  "\<lbrakk> acc r\<^sub>A; acc r\<^sub>B \<rbrakk> \<Longrightarrow> acc(Product.le r\<^sub>A r\<^sub>B)"
    87.9  apply (unfold acc_def)
   87.10  apply (rule wf_subset)
   87.11   apply (erule wf_lex_prod)
    88.1 --- a/src/HOL/Multivariate_Analysis/Convex_Euclidean_Space.thy	Tue Aug 13 16:53:23 2013 +0200
    88.2 +++ b/src/HOL/Multivariate_Analysis/Convex_Euclidean_Space.thy	Tue Aug 13 17:45:22 2013 +0200
    88.3 @@ -3352,7 +3352,7 @@
    88.4  next
    88.5    case False obtain y where "y\<in>s" and y:"\<forall>x\<in>s. dist z y \<le> dist z x"
    88.6      using distance_attains_inf[OF assms(2) False] by auto
    88.7 -  show ?thesis apply(rule_tac x="y - z" in exI, rule_tac x="inner (y - z) z + (norm(y - z))\<twosuperior> / 2" in exI)
    88.8 +  show ?thesis apply(rule_tac x="y - z" in exI, rule_tac x="inner (y - z) z + (norm(y - z))\<^sup>2 / 2" in exI)
    88.9      apply rule defer apply rule proof-
   88.10      fix x assume "x\<in>s"
   88.11      have "\<not> 0 < inner (z - y) (x - y)" apply(rule_tac notI) proof(drule closer_point_lemma)
   88.12 @@ -3363,7 +3363,7 @@
   88.13          using `x\<in>s` `y\<in>s` by (auto simp add: dist_commute algebra_simps) qed
   88.14      moreover have "0 < norm (y - z) ^ 2" using `y\<in>s` `z\<notin>s` by auto
   88.15      hence "0 < inner (y - z) (y - z)" unfolding power2_norm_eq_inner by simp
   88.16 -    ultimately show "inner (y - z) z + (norm (y - z))\<twosuperior> / 2 < inner (y - z) x"
   88.17 +    ultimately show "inner (y - z) z + (norm (y - z))\<^sup>2 / 2 < inner (y - z) x"
   88.18        unfolding power2_norm_eq_inner and not_less by (auto simp add: field_simps inner_commute inner_diff)
   88.19    qed(insert `y\<in>s` `z\<notin>s`, auto)
   88.20  qed
    89.1 --- a/src/HOL/Multivariate_Analysis/Integration.thy	Tue Aug 13 16:53:23 2013 +0200
    89.2 +++ b/src/HOL/Multivariate_Analysis/Integration.thy	Tue Aug 13 17:45:22 2013 +0200
    89.3 @@ -879,7 +879,7 @@
    89.4    obtains p where "p division_of {a..b}" "{c..d} \<in> p"
    89.5  proof
    89.6    let ?B = "\<lambda>f::'a\<Rightarrow>'a \<times> 'a. {(\<Sum>i\<in>Basis. (fst (f i) \<bullet> i) *\<^sub>R i) .. (\<Sum>i\<in>Basis. (snd (f i) \<bullet> i) *\<^sub>R i)}"
    89.7 -  def p \<equiv> "?B ` (Basis \<rightarrow>\<^isub>E {(a, c), (c, d), (d, b)})"
    89.8 +  def p \<equiv> "?B ` (Basis \<rightarrow>\<^sub>E {(a, c), (c, d), (d, b)})"
    89.9  
   89.10    show "{c .. d} \<in> p"
   89.11      unfolding p_def
   89.12 @@ -900,7 +900,7 @@
   89.13      {
   89.14        fix k
   89.15        assume "k \<in> p"
   89.16 -      then obtain f where f: "f \<in> Basis \<rightarrow>\<^isub>E {(a, c), (c, d), (d, b)}" and k: "k = ?B f"
   89.17 +      then obtain f where f: "f \<in> Basis \<rightarrow>\<^sub>E {(a, c), (c, d), (d, b)}" and k: "k = ?B f"
   89.18          by (auto simp: p_def)
   89.19        then show "\<exists>a b. k = {a..b}" by auto
   89.20        have "k \<subseteq> {a..b} \<and> k \<noteq> {}"
   89.21 @@ -917,7 +917,7 @@
   89.22        then show "k \<noteq> {}" "k \<subseteq> {a .. b}" by auto
   89.23        {
   89.24          fix l assume "l \<in> p"
   89.25 -        then obtain g where g: "g \<in> Basis \<rightarrow>\<^isub>E {(a, c), (c, d), (d, b)}" and l: "l = ?B g"
   89.26 +        then obtain g where g: "g \<in> Basis \<rightarrow>\<^sub>E {(a, c), (c, d), (d, b)}" and l: "l = ?B g"
   89.27            by (auto simp: p_def)
   89.28          assume "l \<noteq> k"
   89.29          have "\<exists>i\<in>Basis. f i \<noteq> g i"
   89.30 @@ -952,7 +952,7 @@
   89.31            by auto
   89.32        qed
   89.33        then guess f unfolding bchoice_iff .. note f = this
   89.34 -      moreover then have "restrict f Basis \<in> Basis \<rightarrow>\<^isub>E {(a, c), (c, d), (d, b)}"
   89.35 +      moreover then have "restrict f Basis \<in> Basis \<rightarrow>\<^sub>E {(a, c), (c, d), (d, b)}"
   89.36          by auto
   89.37        moreover from f have "x \<in> ?B (restrict f Basis)"
   89.38          by (auto simp: mem_interval eucl_le[where 'a='a])
    90.1 --- a/src/HOL/Multivariate_Analysis/L2_Norm.thy	Tue Aug 13 16:53:23 2013 +0200
    90.2 +++ b/src/HOL/Multivariate_Analysis/L2_Norm.thy	Tue Aug 13 17:45:22 2013 +0200
    90.3 @@ -9,7 +9,7 @@
    90.4  begin
    90.5  
    90.6  definition
    90.7 -  "setL2 f A = sqrt (\<Sum>i\<in>A. (f i)\<twosuperior>)"
    90.8 +  "setL2 f A = sqrt (\<Sum>i\<in>A. (f i)\<^sup>2)"
    90.9  
   90.10  lemma setL2_cong:
   90.11    "\<lbrakk>A = B; \<And>x. x \<in> B \<Longrightarrow> f x = g x\<rbrakk> \<Longrightarrow> setL2 f A = setL2 g B"
   90.12 @@ -27,7 +27,7 @@
   90.13  
   90.14  lemma setL2_insert [simp]:
   90.15    "\<lbrakk>finite F; a \<notin> F\<rbrakk> \<Longrightarrow>
   90.16 -    setL2 f (insert a F) = sqrt ((f a)\<twosuperior> + (setL2 f F)\<twosuperior>)"
   90.17 +    setL2 f (insert a F) = sqrt ((f a)\<^sup>2 + (setL2 f F)\<^sup>2)"
   90.18    unfolding setL2_def by (simp add: setsum_nonneg)
   90.19  
   90.20  lemma setL2_nonneg [simp]: "0 \<le> setL2 f A"
   90.21 @@ -94,12 +94,12 @@
   90.22      show ?case by simp
   90.23    next
   90.24      case (insert x F)
   90.25 -    hence "sqrt ((f x + g x)\<twosuperior> + (setL2 (\<lambda>i. f i + g i) F)\<twosuperior>) \<le>
   90.26 -           sqrt ((f x + g x)\<twosuperior> + (setL2 f F + setL2 g F)\<twosuperior>)"
   90.27 +    hence "sqrt ((f x + g x)\<^sup>2 + (setL2 (\<lambda>i. f i + g i) F)\<^sup>2) \<le>
   90.28 +           sqrt ((f x + g x)\<^sup>2 + (setL2 f F + setL2 g F)\<^sup>2)"
   90.29        by (intro real_sqrt_le_mono add_left_mono power_mono insert
   90.30                  setL2_nonneg add_increasing zero_le_power2)
   90.31      also have
   90.32 -      "\<dots> \<le> sqrt ((f x)\<twosuperior> + (setL2 f F)\<twosuperior>) + sqrt ((g x)\<twosuperior> + (setL2 g F)\<twosuperior>)"
   90.33 +      "\<dots> \<le> sqrt ((f x)\<^sup>2 + (setL2 f F)\<^sup>2) + sqrt ((g x)\<^sup>2 + (setL2 g F)\<^sup>2)"
   90.34        by (rule real_sqrt_sum_squares_triangle_ineq)
   90.35      finally show ?case
   90.36        using insert by simp
   90.37 @@ -107,7 +107,7 @@
   90.38  qed
   90.39  
   90.40  lemma sqrt_sum_squares_le_sum:
   90.41 -  "\<lbrakk>0 \<le> x; 0 \<le> y\<rbrakk> \<Longrightarrow> sqrt (x\<twosuperior> + y\<twosuperior>) \<le> x + y"
   90.42 +  "\<lbrakk>0 \<le> x; 0 \<le> y\<rbrakk> \<Longrightarrow> sqrt (x\<^sup>2 + y\<^sup>2) \<le> x + y"
   90.43    apply (rule power2_le_imp_le)
   90.44    apply (simp add: power2_sum mult_nonneg_nonneg)
   90.45    apply simp
   90.46 @@ -125,7 +125,7 @@
   90.47    apply simp
   90.48    done
   90.49  
   90.50 -lemma sqrt_sum_squares_le_sum_abs: "sqrt (x\<twosuperior> + y\<twosuperior>) \<le> \<bar>x\<bar> + \<bar>y\<bar>"
   90.51 +lemma sqrt_sum_squares_le_sum_abs: "sqrt (x\<^sup>2 + y\<^sup>2) \<le> \<bar>x\<bar> + \<bar>y\<bar>"
   90.52    apply (rule power2_le_imp_le)
   90.53    apply (simp add: power2_sum mult_nonneg_nonneg)
   90.54    apply simp
   90.55 @@ -143,14 +143,14 @@
   90.56  
   90.57  lemma setL2_mult_ineq_lemma:
   90.58    fixes a b c d :: real
   90.59 -  shows "2 * (a * c) * (b * d) \<le> a\<twosuperior> * d\<twosuperior> + b\<twosuperior> * c\<twosuperior>"
   90.60 +  shows "2 * (a * c) * (b * d) \<le> a\<^sup>2 * d\<^sup>2 + b\<^sup>2 * c\<^sup>2"
   90.61  proof -
   90.62 -  have "0 \<le> (a * d - b * c)\<twosuperior>" by simp
   90.63 -  also have "\<dots> = a\<twosuperior> * d\<twosuperior> + b\<twosuperior> * c\<twosuperior> - 2 * (a * d) * (b * c)"
   90.64 +  have "0 \<le> (a * d - b * c)\<^sup>2" by simp
   90.65 +  also have "\<dots> = a\<^sup>2 * d\<^sup>2 + b\<^sup>2 * c\<^sup>2 - 2 * (a * d) * (b * c)"
   90.66      by (simp only: power2_diff power_mult_distrib)
   90.67 -  also have "\<dots> = a\<twosuperior> * d\<twosuperior> + b\<twosuperior> * c\<twosuperior> - 2 * (a * c) * (b * d)"
   90.68 +  also have "\<dots> = a\<^sup>2 * d\<^sup>2 + b\<^sup>2 * c\<^sup>2 - 2 * (a * c) * (b * d)"
   90.69      by simp
   90.70 -  finally show "2 * (a * c) * (b * d) \<le> a\<twosuperior> * d\<twosuperior> + b\<twosuperior> * c\<twosuperior>"
   90.71 +  finally show "2 * (a * c) * (b * d) \<le> a\<^sup>2 * d\<^sup>2 + b\<^sup>2 * c\<^sup>2"
   90.72      by simp
   90.73  qed
   90.74  
    91.1 --- a/src/HOL/Multivariate_Analysis/Linear_Algebra.thy	Tue Aug 13 16:53:23 2013 +0200
    91.2 +++ b/src/HOL/Multivariate_Analysis/Linear_Algebra.thy	Tue Aug 13 17:45:22 2013 +0200
    91.3 @@ -94,11 +94,11 @@
    91.4  lemma real_abs_le_square_iff: "\<bar>x\<bar> \<le> \<bar>y\<bar> \<longleftrightarrow> (x::real)^2 \<le> y^2"
    91.5  proof
    91.6    assume "\<bar>x\<bar> \<le> \<bar>y\<bar>"
    91.7 -  then have "\<bar>x\<bar>\<twosuperior> \<le> \<bar>y\<bar>\<twosuperior>" by (rule power_mono, simp)
    91.8 -  then show "x\<twosuperior> \<le> y\<twosuperior>" by simp
    91.9 +  then have "\<bar>x\<bar>\<^sup>2 \<le> \<bar>y\<bar>\<^sup>2" by (rule power_mono, simp)
   91.10 +  then show "x\<^sup>2 \<le> y\<^sup>2" by simp
   91.11  next
   91.12 -  assume "x\<twosuperior> \<le> y\<twosuperior>"
   91.13 -  then have "sqrt (x\<twosuperior>) \<le> sqrt (y\<twosuperior>)" by (rule real_sqrt_le_mono)
   91.14 +  assume "x\<^sup>2 \<le> y\<^sup>2"
   91.15 +  then have "sqrt (x\<^sup>2) \<le> sqrt (y\<^sup>2)" by (rule real_sqrt_le_mono)
   91.16    then show "\<bar>x\<bar> \<le> \<bar>y\<bar>" by simp
   91.17  qed
   91.18  
   91.19 @@ -2601,7 +2601,7 @@
   91.20      unfolding real_of_nat_def
   91.21      apply(subst euclidean_inner)
   91.22      apply (subst power2_abs[symmetric])
   91.23 -    apply (rule order_trans[OF setsum_bounded[where K="\<bar>infnorm x\<bar>\<twosuperior>"]])
   91.24 +    apply (rule order_trans[OF setsum_bounded[where K="\<bar>infnorm x\<bar>\<^sup>2"]])
   91.25      apply (auto simp add: power2_eq_square[symmetric])
   91.26      apply (subst power2_abs[symmetric])
   91.27      apply (rule power_mono)
    92.1 --- a/src/HOL/Multivariate_Analysis/Topology_Euclidean_Space.thy	Tue Aug 13 16:53:23 2013 +0200
    92.2 +++ b/src/HOL/Multivariate_Analysis/Topology_Euclidean_Space.thy	Tue Aug 13 17:45:22 2013 +0200
    92.3 @@ -745,7 +745,7 @@
    92.4    show ?thesis
    92.5    proof (rule exI[of _ ?a], rule exI[of _ ?b], safe)
    92.6      fix y :: 'a assume *: "y \<in> box ?a ?b"
    92.7 -    have "dist x y = sqrt (\<Sum>i\<in>Basis. (dist (x \<bullet> i) (y \<bullet> i))\<twosuperior>)"
    92.8 +    have "dist x y = sqrt (\<Sum>i\<in>Basis. (dist (x \<bullet> i) (y \<bullet> i))\<^sup>2)"
    92.9        unfolding setL2_def[symmetric] by (rule euclidean_dist_l2)
   92.10      also have "\<dots> < sqrt (\<Sum>(i::'a)\<in>Basis. e^2 / real (DIM('a)))"
   92.11      proof (rule real_sqrt_less_mono, rule setsum_strict_mono)
   92.12 @@ -756,9 +756,9 @@
   92.13        ultimately have "\<bar>x\<bullet>i - y\<bullet>i\<bar> < 2 * e'" by auto
   92.14        then have "dist (x \<bullet> i) (y \<bullet> i) < e/sqrt (real (DIM('a)))"
   92.15          unfolding e'_def by (auto simp: dist_real_def)
   92.16 -      then have "(dist (x \<bullet> i) (y \<bullet> i))\<twosuperior> < (e/sqrt (real (DIM('a))))\<twosuperior>"
   92.17 +      then have "(dist (x \<bullet> i) (y \<bullet> i))\<^sup>2 < (e/sqrt (real (DIM('a))))\<^sup>2"
   92.18          by (rule power_strict_mono) auto
   92.19 -      then show "(dist (x \<bullet> i) (y \<bullet> i))\<twosuperior> < e\<twosuperior> / real DIM('a)"
   92.20 +      then show "(dist (x \<bullet> i) (y \<bullet> i))\<^sup>2 < e\<^sup>2 / real DIM('a)"
   92.21          by (simp add: power_divide)
   92.22      qed auto
   92.23      also have "\<dots> = e" using `0 < e` by (simp add: real_eq_of_nat)
   92.24 @@ -771,7 +771,7 @@
   92.25    assumes "open M" 
   92.26    defines "a' \<equiv> \<lambda>f :: 'a \<Rightarrow> real \<times> real. (\<Sum>(i::'a)\<in>Basis. fst (f i) *\<^sub>R i)"
   92.27    defines "b' \<equiv> \<lambda>f :: 'a \<Rightarrow> real \<times> real. (\<Sum>(i::'a)\<in>Basis. snd (f i) *\<^sub>R i)"
   92.28 -  defines "I \<equiv> {f\<in>Basis \<rightarrow>\<^isub>E \<rat> \<times> \<rat>. box (a' f) (b' f) \<subseteq> M}"
   92.29 +  defines "I \<equiv> {f\<in>Basis \<rightarrow>\<^sub>E \<rat> \<times> \<rat>. box (a' f) (b' f) \<subseteq> M}"
   92.30    shows "M = (\<Union>f\<in>I. box (a' f) (b' f))"
   92.31  proof -
   92.32    {
   92.33 @@ -4747,7 +4747,7 @@
   92.34  proof-
   92.35    obtain x y a b where "\<forall>z\<in>s. dist x z \<le> a" "\<forall>z\<in>t. dist y z \<le> b"
   92.36      using assms [unfolded bounded_def] by auto
   92.37 -  then have "\<forall>z\<in>s \<times> t. dist (x, y) z \<le> sqrt (a\<twosuperior> + b\<twosuperior>)"
   92.38 +  then have "\<forall>z\<in>s \<times> t. dist (x, y) z \<le> sqrt (a\<^sup>2 + b\<^sup>2)"
   92.39      by (auto simp add: dist_Pair_Pair real_sqrt_le_mono add_mono power_mono)
   92.40    thus ?thesis unfolding bounded_any_center [where a="(x, y)"] by auto
   92.41  qed
   92.42 @@ -5500,7 +5500,7 @@
   92.43    then have a: "\<And>f. (\<Sum>i\<in>Basis. fst (f i) *\<^sub>R i) = a f" by simp
   92.44    def b \<equiv> "\<lambda>f :: 'a \<Rightarrow> (real \<times> real). \<Sum>i\<in>Basis. snd (f i) *\<^sub>R i"
   92.45    then have b: "\<And>f. (\<Sum>i\<in>Basis. snd (f i) *\<^sub>R i) = b f" by simp
   92.46 -  def B \<equiv> "(\<lambda>f. box (a f) (b f)) ` (Basis \<rightarrow>\<^isub>E (\<rat> \<times> \<rat>))"
   92.47 +  def B \<equiv> "(\<lambda>f. box (a f) (b f)) ` (Basis \<rightarrow>\<^sub>E (\<rat> \<times> \<rat>))"
   92.48  
   92.49    have "Ball B open" by (simp add: B_def open_box)
   92.50    moreover have "(\<forall>A. open A \<longrightarrow> (\<exists>B'\<subseteq>B. \<Union>B' = A))"
    93.1 --- a/src/HOL/NSA/NSCA.thy	Tue Aug 13 16:53:23 2013 +0200
    93.2 +++ b/src/HOL/NSA/NSCA.thy	Tue Aug 13 17:45:22 2013 +0200
    93.3 @@ -256,12 +256,12 @@
    93.4  apply (erule (1) InfinitesimalD2)
    93.5  done
    93.6  
    93.7 -lemma real_sqrt_lessI: "\<lbrakk>0 < u; x < u\<twosuperior>\<rbrakk> \<Longrightarrow> sqrt x < u"
    93.8 +lemma real_sqrt_lessI: "\<lbrakk>0 < u; x < u\<^sup>2\<rbrakk> \<Longrightarrow> sqrt x < u"
    93.9  (* TODO: this belongs somewhere else *)
   93.10  by (frule real_sqrt_less_mono) simp
   93.11  
   93.12  lemma hypreal_sqrt_lessI:
   93.13 -  "\<And>x u. \<lbrakk>0 < u; x < u\<twosuperior>\<rbrakk> \<Longrightarrow> ( *f* sqrt) x < u"
   93.14 +  "\<And>x u. \<lbrakk>0 < u; x < u\<^sup>2\<rbrakk> \<Longrightarrow> ( *f* sqrt) x < u"
   93.15  by transfer (rule real_sqrt_lessI)
   93.16   
   93.17  lemma hypreal_sqrt_ge_zero: "\<And>x. 0 \<le> x \<Longrightarrow> 0 \<le> ( *f* sqrt) x"
   93.18 @@ -270,7 +270,7 @@
   93.19  lemma Infinitesimal_sqrt:
   93.20    "\<lbrakk>x \<in> Infinitesimal; 0 \<le> x\<rbrakk> \<Longrightarrow> ( *f* sqrt) x \<in> Infinitesimal"
   93.21  apply (rule InfinitesimalI2)
   93.22 -apply (drule_tac r="r\<twosuperior>" in InfinitesimalD2, simp)
   93.23 +apply (drule_tac r="r\<^sup>2" in InfinitesimalD2, simp)
   93.24  apply (simp add: hypreal_sqrt_ge_zero)
   93.25  apply (rule hypreal_sqrt_lessI, simp_all)
   93.26  done
    94.1 --- a/src/HOL/Nitpick_Examples/Manual_Nits.thy	Tue Aug 13 16:53:23 2013 +0200
    94.2 +++ b/src/HOL/Nitpick_Examples/Manual_Nits.thy	Tue Aug 13 17:45:22 2013 +0200
    94.3 @@ -250,25 +250,25 @@
    94.4  "loose (Lam t) k = loose t (Suc k)" |
    94.5  "loose (App t u) k = (loose t k \<or> loose u k)"
    94.6  
    94.7 -primrec subst\<^isub>1 where
    94.8 -"subst\<^isub>1 \<sigma> (Var j) = \<sigma> j" |
    94.9 -"subst\<^isub>1 \<sigma> (Lam t) =
   94.10 - Lam (subst\<^isub>1 (\<lambda>n. case n of 0 \<Rightarrow> Var 0 | Suc m \<Rightarrow> lift (\<sigma> m) 1) t)" |
   94.11 -"subst\<^isub>1 \<sigma> (App t u) = App (subst\<^isub>1 \<sigma> t) (subst\<^isub>1 \<sigma> u)"
   94.12 +primrec subst\<^sub>1 where
   94.13 +"subst\<^sub>1 \<sigma> (Var j) = \<sigma> j" |
   94.14 +"subst\<^sub>1 \<sigma> (Lam t) =
   94.15 + Lam (subst\<^sub>1 (\<lambda>n. case n of 0 \<Rightarrow> Var 0 | Suc m \<Rightarrow> lift (\<sigma> m) 1) t)" |
   94.16 +"subst\<^sub>1 \<sigma> (App t u) = App (subst\<^sub>1 \<sigma> t) (subst\<^sub>1 \<sigma> u)"
   94.17  
   94.18 -lemma "\<not> loose t 0 \<Longrightarrow> subst\<^isub>1 \<sigma> t = t"
   94.19 +lemma "\<not> loose t 0 \<Longrightarrow> subst\<^sub>1 \<sigma> t = t"
   94.20  nitpick [verbose, expect = genuine]
   94.21 -nitpick [eval = "subst\<^isub>1 \<sigma> t", expect = genuine]
   94.22 +nitpick [eval = "subst\<^sub>1 \<sigma> t", expect = genuine]
   94.23  (* nitpick [dont_box, expect = unknown] *)
   94.24  oops
   94.25  
   94.26 -primrec subst\<^isub>2 where
   94.27 -"subst\<^isub>2 \<sigma> (Var j) = \<sigma> j" |
   94.28 -"subst\<^isub>2 \<sigma> (Lam t) =
   94.29 - Lam (subst\<^isub>2 (\<lambda>n. case n of 0 \<Rightarrow> Var 0 | Suc m \<Rightarrow> lift (\<sigma> m) 0) t)" |
   94.30 -"subst\<^isub>2 \<sigma> (App t u) = App (subst\<^isub>2 \<sigma> t) (subst\<^isub>2 \<sigma> u)"
   94.31 +primrec subst\<^sub>2 where
   94.32 +"subst\<^sub>2 \<sigma> (Var j) = \<sigma> j" |
   94.33 +"subst\<^sub>2 \<sigma> (Lam t) =
   94.34 + Lam (subst\<^sub>2 (\<lambda>n. case n of 0 \<Rightarrow> Var 0 | Suc m \<Rightarrow> lift (\<sigma> m) 0) t)" |
   94.35 +"subst\<^sub>2 \<sigma> (App t u) = App (subst\<^sub>2 \<sigma> t) (subst\<^sub>2 \<sigma> u)"
   94.36  
   94.37 -lemma "\<not> loose t 0 \<Longrightarrow> subst\<^isub>2 \<sigma> t = t"
   94.38 +lemma "\<not> loose t 0 \<Longrightarrow> subst\<^sub>2 \<sigma> t = t"
   94.39  nitpick [card = 1\<emdash>5, expect = none]
   94.40  sorry
   94.41  
   94.42 @@ -354,73 +354,73 @@
   94.43  
   94.44  datatype alphabet = a | b
   94.45  
   94.46 -inductive_set S\<^isub>1 and A\<^isub>1 and B\<^isub>1 where
   94.47 -  "[] \<in> S\<^isub>1"
   94.48 -| "w \<in> A\<^isub>1 \<Longrightarrow> b # w \<in> S\<^isub>1"
   94.49 -| "w \<in> B\<^isub>1 \<Longrightarrow> a # w \<in> S\<^isub>1"
   94.50 -| "w \<in> S\<^isub>1 \<Longrightarrow> a # w \<in> A\<^isub>1"
   94.51 -| "w \<in> S\<^isub>1 \<Longrightarrow> b # w \<in> S\<^isub>1"
   94.52 -| "\<lbrakk>v \<in> B\<^isub>1; v \<in> B\<^isub>1\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^isub>1"
   94.53 +inductive_set S\<^sub>1 and A\<^sub>1 and B\<^sub>1 where
   94.54 +  "[] \<in> S\<^sub>1"
   94.55 +| "w \<in> A\<^sub>1 \<Longrightarrow> b # w \<in> S\<^sub>1"
   94.56 +| "w \<in> B\<^sub>1 \<Longrightarrow> a # w \<in> S\<^sub>1"
   94.57 +| "w \<in> S\<^sub>1 \<Longrightarrow> a # w \<in> A\<^sub>1"
   94.58 +| "w \<in> S\<^sub>1 \<Longrightarrow> b # w \<in> S\<^sub>1"
   94.59 +| "\<lbrakk>v \<in> B\<^sub>1; v \<in> B\<^sub>1\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^sub>1"
   94.60  
   94.61 -theorem S\<^isub>1_sound:
   94.62 -"w \<in> S\<^isub>1 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
   94.63 +theorem S\<^sub>1_sound:
   94.64 +"w \<in> S\<^sub>1 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
   94.65  nitpick [expect = genuine]
   94.66  oops
   94.67  
   94.68 -inductive_set S\<^isub>2 and A\<^isub>2 and B\<^isub>2 where
   94.69 -  "[] \<in> S\<^isub>2"
   94.70 -| "w \<in> A\<^isub>2 \<Longrightarrow> b # w \<in> S\<^isub>2"
   94.71 -| "w \<in> B\<^isub>2 \<Longrightarrow> a # w \<in> S\<^isub>2"
   94.72 -| "w \<in> S\<^isub>2 \<Longrightarrow> a # w \<in> A\<^isub>2"
   94.73 -| "w \<in> S\<^isub>2 \<Longrightarrow> b # w \<in> B\<^isub>2"
   94.74 -| "\<lbrakk>v \<in> B\<^isub>2; v \<in> B\<^isub>2\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^isub>2"
   94.75 +inductive_set S\<^sub>2 and A\<^sub>2 and B\<^sub>2 where
   94.76 +  "[] \<in> S\<^sub>2"
   94.77 +| "w \<in> A\<^sub>2 \<Longrightarrow> b # w \<in> S\<^sub>2"
   94.78 +| "w \<in> B\<^sub>2 \<Longrightarrow> a # w \<in> S\<^sub>2"
   94.79 +| "w \<in> S\<^sub>2 \<Longrightarrow> a # w \<in> A\<^sub>2"
   94.80 +| "w \<in> S\<^sub>2 \<Longrightarrow> b # w \<in> B\<^sub>2"
   94.81 +| "\<lbrakk>v \<in> B\<^sub>2; v \<in> B\<^sub>2\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^sub>2"
   94.82  
   94.83 -theorem S\<^isub>2_sound:
   94.84 -"w \<in> S\<^isub>2 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
   94.85 +theorem S\<^sub>2_sound:
   94.86 +"w \<in> S\<^sub>2 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
   94.87  nitpick [expect = genuine]
   94.88  oops
   94.89  
   94.90 -inductive_set S\<^isub>3 and A\<^isub>3 and B\<^isub>3 where
   94.91 -  "[] \<in> S\<^isub>3"
   94.92 -| "w \<in> A\<^isub>3 \<Longrightarrow> b # w \<in> S\<^isub>3"
   94.93 -| "w \<in> B\<^isub>3 \<Longrightarrow> a # w \<in> S\<^isub>3"
   94.94 -| "w \<in> S\<^isub>3 \<Longrightarrow> a # w \<in> A\<^isub>3"
   94.95 -| "w \<in> S\<^isub>3 \<Longrightarrow> b # w \<in> B\<^isub>3"
   94.96 -| "\<lbrakk>v \<in> B\<^isub>3; w \<in> B\<^isub>3\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^isub>3"
   94.97 +inductive_set S\<^sub>3 and A\<^sub>3 and B\<^sub>3 where
   94.98 +  "[] \<in> S\<^sub>3"
   94.99 +| "w \<in> A\<^sub>3 \<Longrightarrow> b # w \<in> S\<^sub>3"
  94.100 +| "w \<in> B\<^sub>3 \<Longrightarrow> a # w \<in> S\<^sub>3"
  94.101 +| "w \<in> S\<^sub>3 \<Longrightarrow> a # w \<in> A\<^sub>3"
  94.102 +| "w \<in> S\<^sub>3 \<Longrightarrow> b # w \<in> B\<^sub>3"
  94.103 +| "\<lbrakk>v \<in> B\<^sub>3; w \<in> B\<^sub>3\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^sub>3"
  94.104  
  94.105 -theorem S\<^isub>3_sound:
  94.106 -"w \<in> S\<^isub>3 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
  94.107 +theorem S\<^sub>3_sound:
  94.108 +"w \<in> S\<^sub>3 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
  94.109  nitpick [card = 1\<emdash>5, expect = none]
  94.110  sorry
  94.111  
  94.112 -theorem S\<^isub>3_complete:
  94.113 -"length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b] \<longrightarrow> w \<in> S\<^isub>3"
  94.114 +theorem S\<^sub>3_complete:
  94.115 +"length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b] \<longrightarrow> w \<in> S\<^sub>3"
  94.116  nitpick [expect = genuine]
  94.117  oops
  94.118  
  94.119 -inductive_set S\<^isub>4 and A\<^isub>4 and B\<^isub>4 where
  94.120 -  "[] \<in> S\<^isub>4"
  94.121 -| "w \<in> A\<^isub>4 \<Longrightarrow> b # w \<in> S\<^isub>4"
  94.122 -| "w \<in> B\<^isub>4 \<Longrightarrow> a # w \<in> S\<^isub>4"
  94.123 -| "w \<in> S\<^isub>4 \<Longrightarrow> a # w \<in> A\<^isub>4"
  94.124 -| "\<lbrakk>v \<in> A\<^isub>4; w \<in> A\<^isub>4\<rbrakk> \<Longrightarrow> b # v @ w \<in> A\<^isub>4"
  94.125 -| "w \<in> S\<^isub>4 \<Longrightarrow> b # w \<in> B\<^isub>4"
  94.126 -| "\<lbrakk>v \<in> B\<^isub>4; w \<in> B\<^isub>4\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^isub>4"
  94.127 +inductive_set S\<^sub>4 and A\<^sub>4 and B\<^sub>4 where
  94.128 +  "[] \<in> S\<^sub>4"
  94.129 +| "w \<in> A\<^sub>4 \<Longrightarrow> b # w \<in> S\<^sub>4"
  94.130 +| "w \<in> B\<^sub>4 \<Longrightarrow> a # w \<in> S\<^sub>4"
  94.131 +| "w \<in> S\<^sub>4 \<Longrightarrow> a # w \<in> A\<^sub>4"
  94.132 +| "\<lbrakk>v \<in> A\<^sub>4; w \<in> A\<^sub>4\<rbrakk> \<Longrightarrow> b # v @ w \<in> A\<^sub>4"
  94.133 +| "w \<in> S\<^sub>4 \<Longrightarrow> b # w \<in> B\<^sub>4"
  94.134 +| "\<lbrakk>v \<in> B\<^sub>4; w \<in> B\<^sub>4\<rbrakk> \<Longrightarrow> a # v @ w \<in> B\<^sub>4"
  94.135  
  94.136 -theorem S\<^isub>4_sound:
  94.137 -"w \<in> S\<^isub>4 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
  94.138 +theorem S\<^sub>4_sound:
  94.139 +"w \<in> S\<^sub>4 \<longrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
  94.140  nitpick [card = 1\<emdash>5, expect = none]
  94.141  sorry
  94.142  
  94.143 -theorem S\<^isub>4_complete:
  94.144 -"length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b] \<longrightarrow> w \<in> S\<^isub>4"
  94.145 +theorem S\<^sub>4_complete:
  94.146 +"length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b] \<longrightarrow> w \<in> S\<^sub>4"
  94.147  nitpick [card = 1\<emdash>5, expect = none]
  94.148  sorry
  94.149  
  94.150 -theorem S\<^isub>4_A\<^isub>4_B\<^isub>4_sound_and_complete:
  94.151 -"w \<in> S\<^isub>4 \<longleftrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
  94.152 -"w \<in> A\<^isub>4 \<longleftrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b] + 1"
  94.153 -"w \<in> B\<^isub>4 \<longleftrightarrow> length [x \<leftarrow> w. x = b] = length [x \<leftarrow> w. x = a] + 1"
  94.154 +theorem S\<^sub>4_A\<^sub>4_B\<^sub>4_sound_and_complete:
  94.155 +"w \<in> S\<^sub>4 \<longleftrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b]"
  94.156 +"w \<in> A\<^sub>4 \<longleftrightarrow> length [x \<leftarrow> w. x = a] = length [x \<leftarrow> w. x = b] + 1"
  94.157 +"w \<in> B\<^sub>4 \<longleftrightarrow> length [x \<leftarrow> w. x = b] = length [x \<leftarrow> w. x = a] + 1"
  94.158  nitpick [card = 1\<emdash>5, expect = none]
  94.159  sorry
  94.160  
  94.161 @@ -442,11 +442,11 @@
  94.162  
  94.163  primrec left where
  94.164  "left \<Lambda> = \<Lambda>" |
  94.165 -"left (N _ _ t\<^isub>1 _) = t\<^isub>1"
  94.166 +"left (N _ _ t\<^sub>1 _) = t\<^sub>1"
  94.167  
  94.168  primrec right where
  94.169  "right \<Lambda> = \<Lambda>" |
  94.170 -"right (N _ _ _ t\<^isub>2) = t\<^isub>2"
  94.171 +"right (N _ _ _ t\<^sub>2) = t\<^sub>2"
  94.172  
  94.173  fun wf where
  94.174  "wf \<Lambda> = True" |
  94.175 @@ -484,31 +484,31 @@
  94.176  nitpick [card = 1\<emdash>5, expect = none]
  94.177  sorry
  94.178  
  94.179 -primrec insort\<^isub>1 where
  94.180 -"insort\<^isub>1 \<Lambda> x = N x 1 \<Lambda> \<Lambda>" |
  94.181 -"insort\<^isub>1 (N y k t u) x =
  94.182 - (* (split \<circ> skew) *) (N y k (if x < y then insort\<^isub>1 t x else t)
  94.183 -                             (if x > y then insort\<^isub>1 u x else u))"
  94.184 +primrec insort\<^sub>1 where
  94.185 +"insort\<^sub>1 \<Lambda> x = N x 1 \<Lambda> \<Lambda>" |
  94.186 +"insort\<^sub>1 (N y k t u) x =
  94.187 + (* (split \<circ> skew) *) (N y k (if x < y then insort\<^sub>1 t x else t)
  94.188 +                             (if x > y then insort\<^sub>1 u x else u))"
  94.189  
  94.190 -theorem wf_insort\<^isub>1: "wf t \<Longrightarrow> wf (insort\<^isub>1 t x)"
  94.191 +theorem wf_insort\<^sub>1: "wf t \<Longrightarrow> wf (insort\<^sub>1 t x)"
  94.192  nitpick [expect = genuine]
  94.193  oops
  94.194  
  94.195 -theorem wf_insort\<^isub>1_nat: "wf t \<Longrightarrow> wf (insort\<^isub>1 t (x\<Colon>nat))"
  94.196 -nitpick [eval = "insort\<^isub>1 t x", expect = genuine]
  94.197 +theorem wf_insort\<^sub>1_nat: "wf t \<Longrightarrow> wf (insort\<^sub>1 t (x\<Colon>nat))"
  94.198 +nitpick [eval = "insort\<^sub>1 t x", expect = genuine]
  94.199  oops
  94.200  
  94.201 -primrec insort\<^isub>2 where
  94.202 -"insort\<^isub>2 \<Lambda> x = N x 1 \<Lambda> \<Lambda>" |
  94.203 -"insort\<^isub>2 (N y k t u) x =
  94.204 - (split \<circ> skew) (N y k (if x < y then insort\<^isub>2 t x else t)
  94.205 -                       (if x > y then insort\<^isub>2 u x else u))"
  94.206 +primrec insort\<^sub>2 where
  94.207 +"insort\<^sub>2 \<Lambda> x = N x 1 \<Lambda> \<Lambda>" |
  94.208 +"insort\<^sub>2 (N y k t u) x =
  94.209 + (split \<circ> skew) (N y k (if x < y then insort\<^sub>2 t x else t)
  94.210 +                       (if x > y then insort\<^sub>2 u x else u))"
  94.211  
  94.212 -theorem wf_insort\<^isub>2: "wf t \<Longrightarrow> wf (insort\<^isub>2 t x)"
  94.213 +theorem wf_insort\<^sub>2: "wf t \<Longrightarrow> wf (insort\<^sub>2 t x)"
  94.214  nitpick [card = 1\<emdash>5, expect = none]
  94.215  sorry
  94.216  
  94.217 -theorem dataset_insort\<^isub>2: "dataset (insort\<^isub>2 t x) = {x} \<union> dataset t"
  94.218 +theorem dataset_insort\<^sub>2: "dataset (insort\<^sub>2 t x) = {x} \<union> dataset t"
  94.219  nitpick [card = 1\<emdash>5, expect = none]
  94.220  sorry
  94.221  
    95.1 --- a/src/HOL/Nitpick_Examples/Special_Nits.thy	Tue Aug 13 16:53:23 2013 +0200
    95.2 +++ b/src/HOL/Nitpick_Examples/Special_Nits.thy	Tue Aug 13 17:45:22 2013 +0200
    95.3 @@ -131,8 +131,8 @@
    95.4  sorry
    95.5  
    95.6  lemma "\<forall>a. g a = a
    95.7 -       \<Longrightarrow> \<exists>b\<^isub>1 b\<^isub>2 b\<^isub>3 b\<^isub>4 b\<^isub>5 b\<^isub>6 b\<^isub>7 b\<^isub>8 b\<^isub>9 b\<^isub>10 (b\<^isub>11\<Colon>nat).
    95.8 -           b\<^isub>1 < b\<^isub>11 \<and> f5 g x = f5 (\<lambda>a. if b\<^isub>1 < b\<^isub>11 then a else h b\<^isub>2) x"
    95.9 +       \<Longrightarrow> \<exists>b\<^sub>1 b\<^sub>2 b\<^sub>3 b\<^sub>4 b\<^sub>5 b\<^sub>6 b\<^sub>7 b\<^sub>8 b\<^sub>9 b\<^sub>10 (b\<^sub>11\<Colon>nat).
   95.10 +           b\<^sub>1 < b\<^sub>11 \<and> f5 g x = f5 (\<lambda>a. if b\<^sub>1 < b\<^sub>11 then a else h b\<^sub>2) x"
   95.11  nitpick [expect = potential]
   95.12  nitpick [dont_specialize, expect = none]
   95.13  nitpick [dont_box, expect = none]
   95.14 @@ -140,13 +140,13 @@
   95.15  sorry
   95.16  
   95.17  lemma "\<forall>a. g a = a
   95.18 -       \<Longrightarrow> \<exists>b\<^isub>1 b\<^isub>2 b\<^isub>3 b\<^isub>4 b\<^isub>5 b\<^isub>6 b\<^isub>7 b\<^isub>8 b\<^isub>9 b\<^isub>10 (b\<^isub>11\<Colon>nat).
   95.19 -           b\<^isub>1 < b\<^isub>11
   95.20 -           \<and> f5 g x = f5 (\<lambda>a. if b\<^isub>1 < b\<^isub>11 then
   95.21 +       \<Longrightarrow> \<exists>b\<^sub>1 b\<^sub>2 b\<^sub>3 b\<^sub>4 b\<^sub>5 b\<^sub>6 b\<^sub>7 b\<^sub>8 b\<^sub>9 b\<^sub>10 (b\<^sub>11\<Colon>nat).
   95.22 +           b\<^sub>1 < b\<^sub>11
   95.23 +           \<and> f5 g x = f5 (\<lambda>a. if b\<^sub>1 < b\<^sub>11 then
   95.24                                  a
   95.25                                else
   95.26 -                                h b\<^isub>2 + h b\<^isub>3 + h b\<^isub>4 + h b\<^isub>5 + h b\<^isub>6 + h b\<^isub>7 + h b\<^isub>8
   95.27 -                                + h b\<^isub>9 + h b\<^isub>10) x"
   95.28 +                                h b\<^sub>2 + h b\<^sub>3 + h b\<^sub>4 + h b\<^sub>5 + h b\<^sub>6 + h b\<^sub>7 + h b\<^sub>8
   95.29 +                                + h b\<^sub>9 + h b\<^sub>10) x"
   95.30  nitpick [card nat = 2, card 'a = 1, expect = none]
   95.31  nitpick [card nat = 2, card 'a = 1, dont_box, expect = none]
   95.32  nitpick [card nat = 2, card 'a = 1, dont_specialize, expect = none]
   95.33 @@ -154,13 +154,13 @@
   95.34  sorry
   95.35  
   95.36  lemma "\<forall>a. g a = a
   95.37 -       \<Longrightarrow> \<exists>b\<^isub>1 b\<^isub>2 b\<^isub>3 b\<^isub>4 b\<^isub>5 b\<^isub>6 b\<^isub>7 b\<^isub>8 b\<^isub>9 b\<^isub>10 (b\<^isub>11\<Colon>nat).
   95.38 -           b\<^isub>1 < b\<^isub>11
   95.39 -           \<and> f5 g x = f5 (\<lambda>a. if b\<^isub>1 \<ge> b\<^isub>11 then
   95.40 +       \<Longrightarrow> \<exists>b\<^sub>1 b\<^sub>2 b\<^sub>3 b\<^sub>4 b\<^sub>5 b\<^sub>6 b\<^sub>7 b\<^sub>8 b\<^sub>9 b\<^sub>10 (b\<^sub>11\<Colon>nat).
   95.41 +           b\<^sub>1 < b\<^sub>11
   95.42 +           \<and> f5 g x = f5 (\<lambda>a. if b\<^sub>1 \<ge> b\<^sub>11 then
   95.43                                  a
   95.44                                else
   95.45 -                                h b\<^isub>2 + h b\<^isub>3 + h b\<^isub>4 + h b\<^isub>5 + h b\<^isub>6 + h b\<^isub>7 + h b\<^isub>8
   95.46 -                                + h b\<^isub>9 + h b\<^isub>10) x"
   95.47 +                                h b\<^sub>2 + h b\<^sub>3 + h b\<^sub>4 + h b\<^sub>5 + h b\<^sub>6 + h b\<^sub>7 + h b\<^sub>8
   95.48 +                                + h b\<^sub>9 + h b\<^sub>10) x"
   95.49  nitpick [card nat = 2, card 'a = 1, expect = potential]
   95.50  nitpick [card nat = 2, card 'a = 1, dont_box, expect = potential]
   95.51  nitpick [card nat = 2, card 'a = 1, dont_specialize, expect = potential]
    96.1 --- a/src/HOL/Nominal/Examples/CK_Machine.thy	Tue Aug 13 16:53:23 2013 +0200
    96.2 +++ b/src/HOL/Nominal/Examples/CK_Machine.thy	Tue Aug 13 17:45:22 2013 +0200
    96.3 @@ -43,11 +43,11 @@
    96.4    subst :: "lam \<Rightarrow> name \<Rightarrow> lam \<Rightarrow> lam"  ("_[_::=_]" [100,100,100] 100)
    96.5  where
    96.6    "(VAR x)[y::=s] = (if x=y then s else (VAR x))"
    96.7 -| "(APP t\<^isub>1 t\<^isub>2)[y::=s] = APP (t\<^isub>1[y::=s]) (t\<^isub>2[y::=s])"
    96.8 +| "(APP t\<^sub>1 t\<^sub>2)[y::=s] = APP (t\<^sub>1[y::=s]) (t\<^sub>2[y::=s])"
    96.9  | "x\<sharp>(y,s) \<Longrightarrow> (LAM [x].t)[y::=s] = LAM [x].(t[y::=s])"
   96.10  | "(NUM n)[y::=s] = NUM n"
   96.11 -| "(t\<^isub>1 -- t\<^isub>2)[y::=s] = (t\<^isub>1[y::=s]) -- (t\<^isub>2[y::=s])"
   96.12 -| "(t\<^isub>1 ++ t\<^isub>2)[y::=s] = (t\<^isub>1[y::=s]) ++ (t\<^isub>2[y::=s])"
   96.13 +| "(t\<^sub>1 -- t\<^sub>2)[y::=s] = (t\<^sub>1[y::=s]) -- (t\<^sub>2[y::=s])"
   96.14 +| "(t\<^sub>1 ++ t\<^sub>2)[y::=s] = (t\<^sub>1[y::=s]) ++ (t\<^sub>2[y::=s])"
   96.15  | "x\<sharp>(y,s) \<Longrightarrow> (FIX [x].t)[y::=s] = FIX [x].(t[y::=s])"
   96.16  | "TRUE[y::=s] = TRUE"
   96.17  | "FALSE[y::=s] = FALSE"
   96.18 @@ -387,7 +387,7 @@
   96.19  abbreviation
   96.20    "sub_tctx" :: "tctx \<Rightarrow> tctx \<Rightarrow> bool" ("_ \<subseteq> _") 
   96.21  where
   96.22 -  "\<Gamma>\<^isub>1 \<subseteq> \<Gamma>\<^isub>2 \<equiv> \<forall>x. x \<in> set \<Gamma>\<^isub>1 \<longrightarrow> x \<in> set \<Gamma>\<^isub>2"
   96.23 +  "\<Gamma>\<^sub>1 \<subseteq> \<Gamma>\<^sub>2 \<equiv> \<forall>x. x \<in> set \<Gamma>\<^sub>1 \<longrightarrow> x \<in> set \<Gamma>\<^sub>2"
   96.24  
   96.25  text {* Valid Typing Contexts *}
   96.26  
   96.27 @@ -429,11 +429,11 @@
   96.28    typing :: "tctx \<Rightarrow> lam \<Rightarrow> ty \<Rightarrow> bool" ("_ \<turnstile> _ : _") 
   96.29  where
   96.30    t_VAR[intro]:  "\<lbrakk>valid \<Gamma>; (x,T)\<in>set \<Gamma>\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> VAR x : T"
   96.31 -| t_APP[intro]:  "\<lbrakk>\<Gamma> \<turnstile> t\<^isub>1 : T\<^isub>1\<rightarrow>T\<^isub>2; \<Gamma> \<turnstile> t\<^isub>2 : T\<^isub>1\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> APP t\<^isub>1 t\<^isub>2 : T\<^isub>2"
   96.32 -| t_LAM[intro]:  "\<lbrakk>x\<sharp>\<Gamma>; (x,T\<^isub>1)#\<Gamma> \<turnstile> t : T\<^isub>2\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> LAM [x].t : T\<^isub>1 \<rightarrow> T\<^isub>2"
   96.33 +| t_APP[intro]:  "\<lbrakk>\<Gamma> \<turnstile> t\<^sub>1 : T\<^sub>1\<rightarrow>T\<^sub>2; \<Gamma> \<turnstile> t\<^sub>2 : T\<^sub>1\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> APP t\<^sub>1 t\<^sub>2 : T\<^sub>2"
   96.34 +| t_LAM[intro]:  "\<lbrakk>x\<sharp>\<Gamma>; (x,T\<^sub>1)#\<Gamma> \<turnstile> t : T\<^sub>2\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> LAM [x].t : T\<^sub>1 \<rightarrow> T\<^sub>2"
   96.35  | t_NUM[intro]:  "\<Gamma> \<turnstile> (NUM n) : tINT"
   96.36 -| t_DIFF[intro]: "\<lbrakk>\<Gamma> \<turnstile> t\<^isub>1 : tINT; \<Gamma> \<turnstile> t\<^isub>2 : tINT\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> t\<^isub>1 -- t\<^isub>2 : tINT"
   96.37 -| t_PLUS[intro]: "\<lbrakk>\<Gamma> \<turnstile> t\<^isub>1 : tINT; \<Gamma> \<turnstile> t\<^isub>2 : tINT\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> t\<^isub>1 ++ t\<^isub>2 : tINT"
   96.38 +| t_DIFF[intro]: "\<lbrakk>\<Gamma> \<turnstile> t\<^sub>1 : tINT; \<Gamma> \<turnstile> t\<^sub>2 : tINT\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> t\<^sub>1 -- t\<^sub>2 : tINT"
   96.39 +| t_PLUS[intro]: "\<lbrakk>\<Gamma> \<turnstile> t\<^sub>1 : tINT; \<Gamma> \<turnstile> t\<^sub>2 : tINT\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> t\<^sub>1 ++ t\<^sub>2 : tINT"
   96.40  | t_TRUE[intro]:  "\<Gamma> \<turnstile> TRUE : tBOOL"
   96.41  | t_FALSE[intro]: "\<Gamma> \<turnstile> FALSE : tBOOL"
   96.42  | t_IF[intro]:    "\<lbrakk>\<Gamma> \<turnstile> t1 : tBOOL; \<Gamma> \<turnstile> t2 : T; \<Gamma> \<turnstile> t3 : T\<rbrakk> \<Longrightarrow> \<Gamma> \<turnstile> IF t1 t2 t3 : T"
   96.43 @@ -443,8 +443,8 @@
   96.44  
   96.45  declare lam.inject[simp]
   96.46  inductive_cases typing_inversion[elim]:
   96.47 -  "\<Gamma> \<turnstile> t\<^isub>1 -- t\<^isub>2 : T"
   96.48 -  "\<Gamma> \<turnstile> t\<^isub>1 ++ t\<^isub>2 : T"
   96.49 +  "\<Gamma> \<turnstile> t\<^sub>1 -- t\<^sub>2 : T"
   96.50 +  "\<Gamma> \<turnstile> t\<^sub>1 ++ t\<^sub>2 : T"
   96.51    "\<Gamma> \<turnstile> IF t1 t2 t3 : T"
   96.52    "\<Gamma> \<turnstile> ZET t : T"
   96.53    "\<Gamma> \<turnstile> EQI t1 t2 : T"
   96.54 @@ -461,7 +461,7 @@
   96.55  lemma t_LAM_inversion[dest]:
   96.56    assumes ty: "\<Gamma> \<turnstile> LAM [x].t : T" 
   96.57    and     fc: "x\<sharp>\<Gamma>" 
   96.58 -  shows "\<exists>T\<^isub>1 T\<^isub>2. T = T\<^isub>1 \<rightarrow> T\<^isub>2 \<and> (x,T\<^isub>1)#\<Gamma> \<turnstile> t : T\<^isub>2"
   96.59 +  shows "\<exists>T\<^sub>1 T\<^sub>2. T = T\<^sub>1 \<rightarrow> T\<^sub>2 \<and> (x,T\<^sub>1)#\<Gamma> \<turnstile> t : T\<^sub>2"
   96.60  using ty fc 
   96.61  by (cases rule: typing.strong_cases) 
   96.62     (auto simp add: alpha lam.inject abs_fresh ty_fresh)
    97.1 --- a/src/HOL/Nominal/Examples/CR.thy	Tue Aug 13 16:53:23 2013 +0200
    97.2 +++ b/src/HOL/Nominal/Examples/CR.thy	Tue Aug 13 17:45:22 2013 +0200
    97.3 @@ -146,12 +146,12 @@
    97.4  section {* Beta Reduction *}
    97.5  
    97.6  inductive
    97.7 -  "Beta" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>\<beta> _" [80,80] 80)
    97.8 +  "Beta" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>\<beta> _" [80,80] 80)
    97.9  where
   97.10 -    b1[intro]: "s1\<longrightarrow>\<^isub>\<beta>s2 \<Longrightarrow> (App s1 t)\<longrightarrow>\<^isub>\<beta>(App s2 t)"
   97.11 -  | b2[intro]: "s1\<longrightarrow>\<^isub>\<beta>s2 \<Longrightarrow> (App t s1)\<longrightarrow>\<^isub>\<beta>(App t s2)"
   97.12 -  | b3[intro]: "s1\<longrightarrow>\<^isub>\<beta>s2 \<Longrightarrow> (Lam [a].s1)\<longrightarrow>\<^isub>\<beta> (Lam [a].s2)"
   97.13 -  | b4[intro]: "a\<sharp>s2 \<Longrightarrow> (App (Lam [a].s1) s2)\<longrightarrow>\<^isub>\<beta>(s1[a::=s2])"
   97.14 +    b1[intro]: "s1\<longrightarrow>\<^sub>\<beta>s2 \<Longrightarrow> (App s1 t)\<longrightarrow>\<^sub>\<beta>(App s2 t)"
   97.15 +  | b2[intro]: "s1\<longrightarrow>\<^sub>\<beta>s2 \<Longrightarrow> (App t s1)\<longrightarrow>\<^sub>\<beta>(App t s2)"
   97.16 +  | b3[intro]: "s1\<longrightarrow>\<^sub>\<beta>s2 \<Longrightarrow> (Lam [a].s1)\<longrightarrow>\<^sub>\<beta> (Lam [a].s2)"
   97.17 +  | b4[intro]: "a\<sharp>s2 \<Longrightarrow> (App (Lam [a].s1) s2)\<longrightarrow>\<^sub>\<beta>(s1[a::=s2])"
   97.18  
   97.19  equivariance Beta
   97.20  
   97.21 @@ -159,29 +159,29 @@
   97.22    by (simp_all add: abs_fresh fresh_fact')
   97.23  
   97.24  inductive
   97.25 -  "Beta_star"  :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>\<beta>\<^sup>* _" [80,80] 80)
   97.26 +  "Beta_star"  :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>\<beta>\<^sup>* _" [80,80] 80)
   97.27  where
   97.28 -    bs1[intro, simp]: "M \<longrightarrow>\<^isub>\<beta>\<^sup>* M"
   97.29 -  | bs2[intro]: "\<lbrakk>M1\<longrightarrow>\<^isub>\<beta>\<^sup>* M2; M2 \<longrightarrow>\<^isub>\<beta> M3\<rbrakk> \<Longrightarrow> M1 \<longrightarrow>\<^isub>\<beta>\<^sup>* M3"
   97.30 +    bs1[intro, simp]: "M \<longrightarrow>\<^sub>\<beta>\<^sup>* M"
   97.31 +  | bs2[intro]: "\<lbrakk>M1\<longrightarrow>\<^sub>\<beta>\<^sup>* M2; M2 \<longrightarrow>\<^sub>\<beta> M3\<rbrakk> \<Longrightarrow> M1 \<longrightarrow>\<^sub>\<beta>\<^sup>* M3"
   97.32  
   97.33  equivariance Beta_star
   97.34  
   97.35  lemma beta_star_trans:
   97.36 -  assumes a1: "M1\<longrightarrow>\<^isub>\<beta>\<^sup>* M2"
   97.37 -  and     a2: "M2\<longrightarrow>\<^isub>\<beta>\<^sup>* M3"
   97.38 -  shows "M1 \<longrightarrow>\<^isub>\<beta>\<^sup>* M3"
   97.39 +  assumes a1: "M1\<longrightarrow>\<^sub>\<beta>\<^sup>* M2"
   97.40 +  and     a2: "M2\<longrightarrow>\<^sub>\<beta>\<^sup>* M3"
   97.41 +  shows "M1 \<longrightarrow>\<^sub>\<beta>\<^sup>* M3"
   97.42  using a2 a1
   97.43  by (induct) (auto)
   97.44  
   97.45  section {* One-Reduction *}
   97.46  
   97.47  inductive
   97.48 -  One :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>1 _" [80,80] 80)
   97.49 +  One :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>1 _" [80,80] 80)
   97.50  where
   97.51 -    o1[intro!]:      "M\<longrightarrow>\<^isub>1M"
   97.52 -  | o2[simp,intro!]: "\<lbrakk>t1\<longrightarrow>\<^isub>1t2;s1\<longrightarrow>\<^isub>1s2\<rbrakk> \<Longrightarrow> (App t1 s1)\<longrightarrow>\<^isub>1(App t2 s2)"
   97.53 -  | o3[simp,intro!]: "s1\<longrightarrow>\<^isub>1s2 \<Longrightarrow> (Lam [a].s1)\<longrightarrow>\<^isub>1(Lam [a].s2)"
   97.54 -  | o4[simp,intro!]: "\<lbrakk>a\<sharp>(s1,s2); s1\<longrightarrow>\<^isub>1s2;t1\<longrightarrow>\<^isub>1t2\<rbrakk> \<Longrightarrow> (App (Lam [a].t1) s1)\<longrightarrow>\<^isub>1(t2[a::=s2])"
   97.55 +    o1[intro!]:      "M\<longrightarrow>\<^sub>1M"
   97.56 +  | o2[simp,intro!]: "\<lbrakk>t1\<longrightarrow>\<^sub>1t2;s1\<longrightarrow>\<^sub>1s2\<rbrakk> \<Longrightarrow> (App t1 s1)\<longrightarrow>\<^sub>1(App t2 s2)"
   97.57 +  | o3[simp,intro!]: "s1\<longrightarrow>\<^sub>1s2 \<Longrightarrow> (Lam [a].s1)\<longrightarrow>\<^sub>1(Lam [a].s2)"
   97.58 +  | o4[simp,intro!]: "\<lbrakk>a\<sharp>(s1,s2); s1\<longrightarrow>\<^sub>1s2;t1\<longrightarrow>\<^sub>1t2\<rbrakk> \<Longrightarrow> (App (Lam [a].t1) s1)\<longrightarrow>\<^sub>1(t2[a::=s2])"
   97.59  
   97.60  equivariance One
   97.61  
   97.62 @@ -189,23 +189,23 @@
   97.63    by (simp_all add: abs_fresh fresh_fact')
   97.64  
   97.65  inductive
   97.66 -  "One_star"  :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>1\<^sup>* _" [80,80] 80)
   97.67 +  "One_star"  :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>1\<^sup>* _" [80,80] 80)
   97.68  where
   97.69 -    os1[intro, simp]: "M \<longrightarrow>\<^isub>1\<^sup>* M"
   97.70 -  | os2[intro]: "\<lbrakk>M1\<longrightarrow>\<^isub>1\<^sup>* M2; M2 \<longrightarrow>\<^isub>1 M3\<rbrakk> \<Longrightarrow> M1 \<longrightarrow>\<^isub>1\<^sup>* M3"
   97.71 +    os1[intro, simp]: "M \<longrightarrow>\<^sub>1\<^sup>* M"
   97.72 +  | os2[intro]: "\<lbrakk>M1\<longrightarrow>\<^sub>1\<^sup>* M2; M2 \<longrightarrow>\<^sub>1 M3\<rbrakk> \<Longrightarrow> M1 \<longrightarrow>\<^sub>1\<^sup>* M3"
   97.73  
   97.74  equivariance One_star 
   97.75  
   97.76  lemma one_star_trans:
   97.77 -  assumes a1: "M1\<longrightarrow>\<^isub>1\<^sup>* M2" 
   97.78 -  and     a2: "M2\<longrightarrow>\<^isub>1\<^sup>* M3"
   97.79 -  shows "M1\<longrightarrow>\<^isub>1\<^sup>* M3"
   97.80 +  assumes a1: "M1\<longrightarrow>\<^sub>1\<^sup>* M2" 
   97.81 +  and     a2: "M2\<longrightarrow>\<^sub>1\<^sup>* M3"
   97.82 +  shows "M1\<longrightarrow>\<^sub>1\<^sup>* M3"
   97.83  using a2 a1
   97.84  by (induct) (auto)
   97.85  
   97.86  lemma one_fresh_preserv:
   97.87    fixes a :: "name"
   97.88 -  assumes a: "t\<longrightarrow>\<^isub>1s"
   97.89 +  assumes a: "t\<longrightarrow>\<^sub>1s"
   97.90    and     b: "a\<sharp>t"
   97.91    shows "a\<sharp>s"
   97.92  using a b
   97.93 @@ -247,7 +247,7 @@
   97.94  
   97.95  lemma one_fresh_preserv_automatic:
   97.96    fixes a :: "name"
   97.97 -  assumes a: "t\<longrightarrow>\<^isub>1s"
   97.98 +  assumes a: "t\<longrightarrow>\<^sub>1s"
   97.99    and     b: "a\<sharp>t"
  97.100    shows "a\<sharp>s"
  97.101  using a b
  97.102 @@ -263,8 +263,8 @@
  97.103     (auto simp add: calc_atm fresh_atm abs_fresh)
  97.104  
  97.105  lemma one_abs: 
  97.106 -  assumes a: "Lam [a].t\<longrightarrow>\<^isub>1t'"
  97.107 -  shows "\<exists>t''. t'=Lam [a].t'' \<and> t\<longrightarrow>\<^isub>1t''"
  97.108 +  assumes a: "Lam [a].t\<longrightarrow>\<^sub>1t'"
  97.109 +  shows "\<exists>t''. t'=Lam [a].t'' \<and> t\<longrightarrow>\<^sub>1t''"
  97.110  proof -
  97.111    have "a\<sharp>Lam [a].t" by (simp add: abs_fresh)
  97.112    with a have "a\<sharp>t'" by (simp add: one_fresh_preserv)
  97.113 @@ -274,15 +274,15 @@
  97.114  qed
  97.115  
  97.116  lemma one_app: 
  97.117 -  assumes a: "App t1 t2 \<longrightarrow>\<^isub>1 t'"
  97.118 -  shows "(\<exists>s1 s2. t' = App s1 s2 \<and> t1 \<longrightarrow>\<^isub>1 s1 \<and> t2 \<longrightarrow>\<^isub>1 s2) \<or> 
  97.119 -         (\<exists>a s s1 s2. t1 = Lam [a].s \<and> t' = s1[a::=s2] \<and> s \<longrightarrow>\<^isub>1 s1 \<and> t2 \<longrightarrow>\<^isub>1 s2 \<and> a\<sharp>(t2,s2))"
  97.120 +  assumes a: "App t1 t2 \<longrightarrow>\<^sub>1 t'"
  97.121 +  shows "(\<exists>s1 s2. t' = App s1 s2 \<and> t1 \<longrightarrow>\<^sub>1 s1 \<and> t2 \<longrightarrow>\<^sub>1 s2) \<or> 
  97.122 +         (\<exists>a s s1 s2. t1 = Lam [a].s \<and> t' = s1[a::=s2] \<and> s \<longrightarrow>\<^sub>1 s1 \<and> t2 \<longrightarrow>\<^sub>1 s2 \<and> a\<sharp>(t2,s2))"
  97.123  using a by (erule_tac One.cases) (auto simp add: lam.inject)
  97.124  
  97.125  lemma one_red: 
  97.126 -  assumes a: "App (Lam [a].t1) t2 \<longrightarrow>\<^isub>1 M" "a\<sharp>(t2,M)"
  97.127 -  shows "(\<exists>s1 s2. M = App (Lam [a].s1) s2 \<and> t1 \<longrightarrow>\<^isub>1 s1 \<and> t2 \<longrightarrow>\<^isub>1 s2) \<or> 
  97.128 -         (\<exists>s1 s2. M = s1[a::=s2] \<and> t1 \<longrightarrow>\<^isub>1 s1 \<and> t2 \<longrightarrow>\<^isub>1 s2)" 
  97.129 +  assumes a: "App (Lam [a].t1) t2 \<longrightarrow>\<^sub>1 M" "a\<sharp>(t2,M)"
  97.130 +  shows "(\<exists>s1 s2. M = App (Lam [a].s1) s2 \<and> t1 \<longrightarrow>\<^sub>1 s1 \<and> t2 \<longrightarrow>\<^sub>1 s2) \<or> 
  97.131 +         (\<exists>s1 s2. M = s1[a::=s2] \<and> t1 \<longrightarrow>\<^sub>1 s1 \<and> t2 \<longrightarrow>\<^sub>1 s2)" 
  97.132  using a
  97.133  by (cases rule: One.strong_cases [where a="a" and aa="a"])
  97.134     (auto dest: one_abs simp add: lam.inject abs_fresh alpha fresh_prod)
  97.135 @@ -290,31 +290,31 @@
  97.136  text {* first case in Lemma 3.2.4*}
  97.137  
  97.138  lemma one_subst_aux:
  97.139 -  assumes a: "N\<longrightarrow>\<^isub>1N'"
  97.140 -  shows "M[x::=N] \<longrightarrow>\<^isub>1 M[x::=N']"
  97.141 +  assumes a: "N\<longrightarrow>\<^sub>1N'"
  97.142 +  shows "M[x::=N] \<longrightarrow>\<^sub>1 M[x::=N']"
  97.143  using a
  97.144  proof (nominal_induct M avoiding: x N N' rule: lam.strong_induct)
  97.145    case (Var y) 
  97.146 -  thus "Var y[x::=N] \<longrightarrow>\<^isub>1 Var y[x::=N']" by (cases "x=y") auto
  97.147 +  thus "Var y[x::=N] \<longrightarrow>\<^sub>1 Var y[x::=N']" by (cases "x=y") auto
  97.148  next
  97.149    case (App P Q) (* application case - third line *)
  97.150 -  thus "(App P Q)[x::=N] \<longrightarrow>\<^isub>1  (App P Q)[x::=N']" using o2 by simp
  97.151 +  thus "(App P Q)[x::=N] \<longrightarrow>\<^sub>1  (App P Q)[x::=N']" using o2 by simp
  97.152  next 
  97.153    case (Lam y P) (* abstraction case - fourth line *)
  97.154 -  thus "(Lam [y].P)[x::=N] \<longrightarrow>\<^isub>1 (Lam [y].P)[x::=N']" using o3 by simp
  97.155 +  thus "(Lam [y].P)[x::=N] \<longrightarrow>\<^sub>1 (Lam [y].P)[x::=N']" using o3 by simp
  97.156  qed
  97.157  
  97.158  lemma one_subst_aux_automatic:
  97.159 -  assumes a: "N\<longrightarrow>\<^isub>1N'"
  97.160 -  shows "M[x::=N] \<longrightarrow>\<^isub>1 M[x::=N']"
  97.161 +  assumes a: "N\<longrightarrow>\<^sub>1N'"
  97.162 +  shows "M[x::=N] \<longrightarrow>\<^sub>1 M[x::=N']"
  97.163  using a
  97.164  by (nominal_induct M avoiding: x N N' rule: lam.strong_induct)
  97.165     (auto simp add: fresh_prod fresh_atm)
  97.166  
  97.167  lemma one_subst: 
  97.168 -  assumes a: "M\<longrightarrow>\<^isub>1M'"
  97.169 -  and     b: "N\<longrightarrow>\<^isub>1N'"
  97.170 -  shows "M[x::=N]\<longrightarrow>\<^isub>1M'[x::=N']" 
  97.171 +  assumes a: "M\<longrightarrow>\<^sub>1M'"
  97.172 +  and     b: "N\<longrightarrow>\<^sub>1N'"
  97.173 +  shows "M[x::=N]\<longrightarrow>\<^sub>1M'[x::=N']" 
  97.174  using a b
  97.175  proof (nominal_induct M M' avoiding: N N' x rule: One.strong_induct)
  97.176    case (o1 M)
  97.177 @@ -328,22 +328,22 @@
  97.178  next
  97.179    case (o4 a N1 N2 M1 M2 N N' x)
  97.180    have vc: "a\<sharp>N" "a\<sharp>N'" "a\<sharp>x" "a\<sharp>N1" "a\<sharp>N2" by fact+
  97.181 -  have asm: "N\<longrightarrow>\<^isub>1N'" by fact
  97.182 +  have asm: "N\<longrightarrow>\<^sub>1N'" by fact
  97.183    show ?case
  97.184    proof -
  97.185      have "(App (Lam [a].M1) N1)[x::=N] = App (Lam [a].(M1[x::=N])) (N1[x::=N])" using vc by simp
  97.186 -    moreover have "App (Lam [a].(M1[x::=N])) (N1[x::=N]) \<longrightarrow>\<^isub>1 M2[x::=N'][a::=N2[x::=N']]" 
  97.187 +    moreover have "App (Lam [a].(M1[x::=N])) (N1[x::=N]) \<longrightarrow>\<^sub>1 M2[x::=N'][a::=N2[x::=N']]" 
  97.188        using o4 asm by (simp add: fresh_fact)
  97.189      moreover have "M2[x::=N'][a::=N2[x::=N']] = M2[a::=N2][x::=N']" 
  97.190        using vc by (simp add: substitution_lemma fresh_atm)
  97.191 -    ultimately show "(App (Lam [a].M1) N1)[x::=N] \<longrightarrow>\<^isub>1 M2[a::=N2][x::=N']" by simp
  97.192 +    ultimately show "(App (Lam [a].M1) N1)[x::=N] \<longrightarrow>\<^sub>1 M2[a::=N2][x::=N']" by simp
  97.193    qed
  97.194  qed
  97.195  
  97.196  lemma one_subst_automatic: 
  97.197 -  assumes a: "M\<longrightarrow>\<^isub>1M'" 
  97.198 -  and     b: "N\<longrightarrow>\<^isub>1N'"
  97.199 -  shows "M[x::=N]\<longrightarrow>\<^isub>1M'[x::=N']" 
  97.200 +  assumes a: "M\<longrightarrow>\<^sub>1M'" 
  97.201 +  and     b: "N\<longrightarrow>\<^sub>1N'"
  97.202 +  shows "M[x::=N]\<longrightarrow>\<^sub>1M'[x::=N']" 
  97.203  using a b
  97.204  by (nominal_induct M M' avoiding: N N' x rule: One.strong_induct)
  97.205     (auto simp add: one_subst_aux substitution_lemma fresh_atm fresh_fact)
  97.206 @@ -351,122 +351,122 @@
  97.207  lemma diamond[rule_format]:
  97.208    fixes    M :: "lam"
  97.209    and      M1:: "lam"
  97.210 -  assumes a: "M\<longrightarrow>\<^isub>1M1" 
  97.211 -  and     b: "M\<longrightarrow>\<^isub>1M2"
  97.212 -  shows "\<exists>M3. M1\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3"
  97.213 +  assumes a: "M\<longrightarrow>\<^sub>1M1" 
  97.214 +  and     b: "M\<longrightarrow>\<^sub>1M2"
  97.215 +  shows "\<exists>M3. M1\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3"
  97.216    using a b
  97.217  proof (nominal_induct avoiding: M1 M2 rule: One.strong_induct)
  97.218    case (o1 M) (* case 1 --- M1 = M *)
  97.219 -  thus "\<exists>M3. M\<longrightarrow>\<^isub>1M3 \<and>  M2\<longrightarrow>\<^isub>1M3" by blast
  97.220 +  thus "\<exists>M3. M\<longrightarrow>\<^sub>1M3 \<and>  M2\<longrightarrow>\<^sub>1M3" by blast
  97.221  next
  97.222    case (o4 x Q Q' P P') (* case 2 --- a beta-reduction occurs*)
  97.223    have vc: "x\<sharp>Q" "x\<sharp>Q'" "x\<sharp>M2" by fact+
  97.224 -  have i1: "\<And>M2. Q \<longrightarrow>\<^isub>1M2 \<Longrightarrow> (\<exists>M3. Q'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3)" by fact
  97.225 -  have i2: "\<And>M2. P \<longrightarrow>\<^isub>1M2 \<Longrightarrow> (\<exists>M3. P'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3)" by fact
  97.226 -  have "App (Lam [x].P) Q \<longrightarrow>\<^isub>1 M2" by fact
  97.227 -  hence "(\<exists>P' Q'. M2 = App (Lam [x].P') Q' \<and> P\<longrightarrow>\<^isub>1P' \<and> Q\<longrightarrow>\<^isub>1Q') \<or> 
  97.228 -         (\<exists>P' Q'. M2 = P'[x::=Q'] \<and> P\<longrightarrow>\<^isub>1P' \<and> Q\<longrightarrow>\<^isub>1Q')" using vc by (simp add: one_red)
  97.229 +  have i1: "\<And>M2. Q \<longrightarrow>\<^sub>1M2 \<Longrightarrow> (\<exists>M3. Q'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3)" by fact
  97.230 +  have i2: "\<And>M2. P \<longrightarrow>\<^sub>1M2 \<Longrightarrow> (\<exists>M3. P'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3)" by fact
  97.231 +  have "App (Lam [x].P) Q \<longrightarrow>\<^sub>1 M2" by fact
  97.232 +  hence "(\<exists>P' Q'. M2 = App (Lam [x].P') Q' \<and> P\<longrightarrow>\<^sub>1P' \<and> Q\<longrightarrow>\<^sub>1Q') \<or> 
  97.233 +         (\<exists>P' Q'. M2 = P'[x::=Q'] \<and> P\<longrightarrow>\<^sub>1P' \<and> Q\<longrightarrow>\<^sub>1Q')" using vc by (simp add: one_red)
  97.234    moreover (* subcase 2.1 *)
  97.235 -  { assume "\<exists>P' Q'. M2 = App (Lam [x].P') Q' \<and> P\<longrightarrow>\<^isub>1P' \<and> Q\<longrightarrow>\<^isub>1Q'"
  97.236 +  { assume "\<exists>P' Q'. M2 = App (Lam [x].P') Q' \<and> P\<longrightarrow>\<^sub>1P' \<and> Q\<longrightarrow>\<^sub>1Q'"
  97.237      then obtain P'' and Q'' where 
  97.238 -      b1: "M2=App (Lam [x].P'') Q''" and b2: "P\<longrightarrow>\<^isub>1P''" and b3: "Q\<longrightarrow>\<^isub>1Q''" by blast
  97.239 -    from b2 i2 have "(\<exists>M3. P'\<longrightarrow>\<^isub>1M3 \<and> P''\<longrightarrow>\<^isub>1M3)" by simp
  97.240 +      b1: "M2=App (Lam [x].P'') Q''" and b2: "P\<longrightarrow>\<^sub>1P''" and b3: "Q\<longrightarrow>\<^sub>1Q''" by blast
  97.241 +    from b2 i2 have "(\<exists>M3. P'\<longrightarrow>\<^sub>1M3 \<and> P''\<longrightarrow>\<^sub>1M3)" by simp
  97.242      then obtain P''' where
  97.243 -      c1: "P'\<longrightarrow>\<^isub>1P'''" and c2: "P''\<longrightarrow>\<^isub>1P'''" by force
  97.244 -    from b3 i1 have "(\<exists>M3. Q'\<longrightarrow>\<^isub>1M3 \<and> Q''\<longrightarrow>\<^isub>1M3)" by simp
  97.245 +      c1: "P'\<longrightarrow>\<^sub>1P'''" and c2: "P''\<longrightarrow>\<^sub>1P'''" by force
  97.246 +    from b3 i1 have "(\<exists>M3. Q'\<longrightarrow>\<^sub>1M3 \<and> Q''\<longrightarrow>\<^sub>1M3)" by simp
  97.247      then obtain Q''' where
  97.248 -      d1: "Q'\<longrightarrow>\<^isub>1Q'''" and d2: "Q''\<longrightarrow>\<^isub>1Q'''" by force
  97.249 +      d1: "Q'\<longrightarrow>\<^sub>1Q'''" and d2: "Q''\<longrightarrow>\<^sub>1Q'''" by force
  97.250      from c1 c2 d1 d2 
  97.251 -    have "P'[x::=Q']\<longrightarrow>\<^isub>1P'''[x::=Q'''] \<and> App (Lam [x].P'') Q'' \<longrightarrow>\<^isub>1 P'''[x::=Q''']" 
  97.252 +    have "P'[x::=Q']\<longrightarrow>\<^sub>1P'''[x::=Q'''] \<and> App (Lam [x].P'') Q'' \<longrightarrow>\<^sub>1 P'''[x::=Q''']" 
  97.253        using vc b3 by (auto simp add: one_subst one_fresh_preserv)
  97.254 -    hence "\<exists>M3. P'[x::=Q']\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" using b1 by blast
  97.255 +    hence "\<exists>M3. P'[x::=Q']\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" using b1 by blast
  97.256    }
  97.257    moreover (* subcase 2.2 *)
  97.258 -  { assume "\<exists>P' Q'. M2 = P'[x::=Q'] \<and> P\<longrightarrow>\<^isub>1P' \<and> Q\<longrightarrow>\<^isub>1Q'"
  97.259 +  { assume "\<exists>P' Q'. M2 = P'[x::=Q'] \<and> P\<longrightarrow>\<^sub>1P' \<and> Q\<longrightarrow>\<^sub>1Q'"
  97.260      then obtain P'' Q'' where
  97.261 -      b1: "M2=P''[x::=Q'']" and b2: "P\<longrightarrow>\<^isub>1P''" and  b3: "Q\<longrightarrow>\<^isub>1Q''" by blast
  97.262 -    from b2 i2 have "(\<exists>M3. P'\<longrightarrow>\<^isub>1M3 \<and> P''\<longrightarrow>\<^isub>1M3)" by simp
  97.263 +      b1: "M2=P''[x::=Q'']" and b2: "P\<longrightarrow>\<^sub>1P''" and  b3: "Q\<longrightarrow>\<^sub>1Q''" by blast
  97.264 +    from b2 i2 have "(\<exists>M3. P'\<longrightarrow>\<^sub>1M3 \<and> P''\<longrightarrow>\<^sub>1M3)" by simp
  97.265      then obtain P''' where
  97.266 -      c1: "P'\<longrightarrow>\<^isub>1P'''" and c2: "P''\<longrightarrow>\<^isub>1P'''" by blast
  97.267 -    from b3 i1 have "(\<exists>M3. Q'\<longrightarrow>\<^isub>1M3 \<and> Q''\<longrightarrow>\<^isub>1M3)" by simp
  97.268 +      c1: "P'\<longrightarrow>\<^sub>1P'''" and c2: "P''\<longrightarrow>\<^sub>1P'''" by blast
  97.269 +    from b3 i1 have "(\<exists>M3. Q'\<longrightarrow>\<^sub>1M3 \<and> Q''\<longrightarrow>\<^sub>1M3)" by simp
  97.270      then obtain Q''' where
  97.271 -      d1: "Q'\<longrightarrow>\<^isub>1Q'''" and d2: "Q''\<longrightarrow>\<^isub>1Q'''" by blast
  97.272 +      d1: "Q'\<longrightarrow>\<^sub>1Q'''" and d2: "Q''\<longrightarrow>\<^sub>1Q'''" by blast
  97.273      from c1 c2 d1 d2 
  97.274 -    have "P'[x::=Q']\<longrightarrow>\<^isub>1P'''[x::=Q'''] \<and> P''[x::=Q'']\<longrightarrow>\<^isub>1P'''[x::=Q''']" 
  97.275 +    have "P'[x::=Q']\<longrightarrow>\<^sub>1P'''[x::=Q'''] \<and> P''[x::=Q'']\<longrightarrow>\<^sub>1P'''[x::=Q''']" 
  97.276        by (force simp add: one_subst)
  97.277 -    hence "\<exists>M3. P'[x::=Q']\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" using b1 by blast
  97.278 +    hence "\<exists>M3. P'[x::=Q']\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" using b1 by blast
  97.279    }
  97.280 -  ultimately show "\<exists>M3. P'[x::=Q']\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" by blast
  97.281 +  ultimately show "\<exists>M3. P'[x::=Q']\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" by blast
  97.282  next
  97.283    case (o2 P P' Q Q') (* case 3 *)
  97.284 -  have i0: "P\<longrightarrow>\<^isub>1P'" by fact
  97.285 -  have i0': "Q\<longrightarrow>\<^isub>1Q'" by fact
  97.286 -  have i1: "\<And>M2. Q \<longrightarrow>\<^isub>1M2 \<Longrightarrow> (\<exists>M3. Q'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3)" by fact
  97.287 -  have i2: "\<And>M2. P \<longrightarrow>\<^isub>1M2 \<Longrightarrow> (\<exists>M3. P'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3)" by fact
  97.288 -  assume "App P Q \<longrightarrow>\<^isub>1 M2"
  97.289 -  hence "(\<exists>P'' Q''. M2 = App P'' Q'' \<and> P\<longrightarrow>\<^isub>1P'' \<and> Q\<longrightarrow>\<^isub>1Q'') \<or> 
  97.290 -         (\<exists>x P' P'' Q'. P = Lam [x].P' \<and> M2 = P''[x::=Q'] \<and> P'\<longrightarrow>\<^isub>1 P'' \<and> Q\<longrightarrow>\<^isub>1Q' \<and> x\<sharp>(Q,Q'))" 
  97.291 +  have i0: "P\<longrightarrow>\<^sub>1P'" by fact
  97.292 +  have i0': "Q\<longrightarrow>\<^sub>1Q'" by fact
  97.293 +  have i1: "\<And>M2. Q \<longrightarrow>\<^sub>1M2 \<Longrightarrow> (\<exists>M3. Q'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3)" by fact
  97.294 +  have i2: "\<And>M2. P \<longrightarrow>\<^sub>1M2 \<Longrightarrow> (\<exists>M3. P'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3)" by fact
  97.295 +  assume "App P Q \<longrightarrow>\<^sub>1 M2"
  97.296 +  hence "(\<exists>P'' Q''. M2 = App P'' Q'' \<and> P\<longrightarrow>\<^sub>1P'' \<and> Q\<longrightarrow>\<^sub>1Q'') \<or> 
  97.297 +         (\<exists>x P' P'' Q'. P = Lam [x].P' \<and> M2 = P''[x::=Q'] \<and> P'\<longrightarrow>\<^sub>1 P'' \<and> Q\<longrightarrow>\<^sub>1Q' \<and> x\<sharp>(Q,Q'))" 
  97.298      by (simp add: one_app[simplified])
  97.299    moreover (* subcase 3.1 *)
  97.300 -  { assume "\<exists>P'' Q''. M2 = App P'' Q'' \<and> P\<longrightarrow>\<^isub>1P'' \<and> Q\<longrightarrow>\<^isub>1Q''"
  97.301 +  { assume "\<exists>P'' Q''. M2 = App P'' Q'' \<and> P\<longrightarrow>\<^sub>1P'' \<and> Q\<longrightarrow>\<^sub>1Q''"
  97.302      then obtain P'' and Q'' where 
  97.303 -      b1: "M2=App P'' Q''" and b2: "P\<longrightarrow>\<^isub>1P''" and b3: "Q\<longrightarrow>\<^isub>1Q''" by blast
  97.304 -    from b2 i2 have "(\<exists>M3. P'\<longrightarrow>\<^isub>1M3 \<and> P''\<longrightarrow>\<^isub>1M3)" by simp
  97.305 +      b1: "M2=App P'' Q''" and b2: "P\<longrightarrow>\<^sub>1P''" and b3: "Q\<longrightarrow>\<^sub>1Q''" by blast
  97.306 +    from b2 i2 have "(\<exists>M3. P'\<longrightarrow>\<^sub>1M3 \<and> P''\<longrightarrow>\<^sub>1M3)" by simp
  97.307      then obtain P''' where
  97.308 -      c1: "P'\<longrightarrow>\<^isub>1P'''" and c2: "P''\<longrightarrow>\<^isub>1P'''" by blast
  97.309 -    from b3 i1 have "\<exists>M3. Q'\<longrightarrow>\<^isub>1M3 \<and> Q''\<longrightarrow>\<^isub>1M3" by simp
  97.310 +      c1: "P'\<longrightarrow>\<^sub>1P'''" and c2: "P''\<longrightarrow>\<^sub>1P'''" by blast
  97.311 +    from b3 i1 have "\<exists>M3. Q'\<longrightarrow>\<^sub>1M3 \<and> Q''\<longrightarrow>\<^sub>1M3" by simp
  97.312      then obtain Q''' where
  97.313 -      d1: "Q'\<longrightarrow>\<^isub>1Q'''" and d2: "Q''\<longrightarrow>\<^isub>1Q'''" by blast
  97.314 +      d1: "Q'\<longrightarrow>\<^sub>1Q'''" and d2: "Q''\<longrightarrow>\<^sub>1Q'''" by blast
  97.315      from c1 c2 d1 d2 
  97.316 -    have "App P' Q'\<longrightarrow>\<^isub>1App P''' Q''' \<and> App P'' Q'' \<longrightarrow>\<^isub>1 App P''' Q'''" by blast
  97.317 -    hence "\<exists>M3. App P' Q'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" using b1 by blast
  97.318 +    have "App P' Q'\<longrightarrow>\<^sub>1App P''' Q''' \<and> App P'' Q'' \<longrightarrow>\<^sub>1 App P''' Q'''" by blast
  97.319 +    hence "\<exists>M3. App P' Q'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" using b1 by blast
  97.320    }
  97.321    moreover (* subcase 3.2 *)
  97.322 -  { assume "\<exists>x P1 P'' Q''. P = Lam [x].P1 \<and> M2 = P''[x::=Q''] \<and> P1\<longrightarrow>\<^isub>1 P'' \<and> Q\<longrightarrow>\<^isub>1Q'' \<and> x\<sharp>(Q,Q'')"
  97.323 +  { assume "\<exists>x P1 P'' Q''. P = Lam [x].P1 \<and> M2 = P''[x::=Q''] \<and> P1\<longrightarrow>\<^sub>1 P'' \<and> Q\<longrightarrow>\<^sub>1Q'' \<and> x\<sharp>(Q,Q'')"
  97.324      then obtain x P1 P1'' Q'' where
  97.325        b0: "P = Lam [x].P1" and b1: "M2 = P1''[x::=Q'']" and 
  97.326 -      b2: "P1\<longrightarrow>\<^isub>1P1''" and  b3: "Q\<longrightarrow>\<^isub>1Q''" and vc: "x\<sharp>(Q,Q'')" by blast
  97.327 -    from b0 i0 have "\<exists>P1'. P'=Lam [x].P1' \<and> P1\<longrightarrow>\<^isub>1P1'" by (simp add: one_abs)      
  97.328 -    then obtain P1' where g1: "P'=Lam [x].P1'" and g2: "P1\<longrightarrow>\<^isub>1P1'" by blast 
  97.329 -    from g1 b0 b2 i2 have "(\<exists>M3. (Lam [x].P1')\<longrightarrow>\<^isub>1M3 \<and> (Lam [x].P1'')\<longrightarrow>\<^isub>1M3)" by simp
  97.330 +      b2: "P1\<longrightarrow>\<^sub>1P1''" and  b3: "Q\<longrightarrow>\<^sub>1Q''" and vc: "x\<sharp>(Q,Q'')" by blast
  97.331 +    from b0 i0 have "\<exists>P1'. P'=Lam [x].P1' \<and> P1\<longrightarrow>\<^sub>1P1'" by (simp add: one_abs)      
  97.332 +    then obtain P1' where g1: "P'=Lam [x].P1'" and g2: "P1\<longrightarrow>\<^sub>1P1'" by blast 
  97.333 +    from g1 b0 b2 i2 have "(\<exists>M3. (Lam [x].P1')\<longrightarrow>\<^sub>1M3 \<and> (Lam [x].P1'')\<longrightarrow>\<^sub>1M3)" by simp
  97.334      then obtain P1''' where
  97.335 -      c1: "(Lam [x].P1')\<longrightarrow>\<^isub>1P1'''" and c2: "(Lam [x].P1'')\<longrightarrow>\<^isub>1P1'''" by blast
  97.336 -    from c1 have "\<exists>R1. P1'''=Lam [x].R1 \<and> P1'\<longrightarrow>\<^isub>1R1" by (simp add: one_abs)
  97.337 -    then obtain R1 where r1: "P1'''=Lam [x].R1" and r2: "P1'\<longrightarrow>\<^isub>1R1" by blast
  97.338 -    from c2 have "\<exists>R2. P1'''=Lam [x].R2 \<and> P1''\<longrightarrow>\<^isub>1R2" by (simp add: one_abs)
  97.339 -    then obtain R2 where r3: "P1'''=Lam [x].R2" and r4: "P1''\<longrightarrow>\<^isub>1R2" by blast
  97.340 +      c1: "(Lam [x].P1')\<longrightarrow>\<^sub>1P1'''" and c2: "(Lam [x].P1'')\<longrightarrow>\<^sub>1P1'''" by blast
  97.341 +    from c1 have "\<exists>R1. P1'''=Lam [x].R1 \<and> P1'\<longrightarrow>\<^sub>1R1" by (simp add: one_abs)
  97.342 +    then obtain R1 where r1: "P1'''=Lam [x].R1" and r2: "P1'\<longrightarrow>\<^sub>1R1" by blast
  97.343 +    from c2 have "\<exists>R2. P1'''=Lam [x].R2 \<and> P1''\<longrightarrow>\<^sub>1R2" by (simp add: one_abs)
  97.344 +    then obtain R2 where r3: "P1'''=Lam [x].R2" and r4: "P1''\<longrightarrow>\<^sub>1R2" by blast
  97.345      from r1 r3 have r5: "R1=R2" by (simp add: lam.inject alpha)
  97.346 -    from b3 i1 have "(\<exists>M3. Q'\<longrightarrow>\<^isub>1M3 \<and> Q''\<longrightarrow>\<^isub>1M3)" by simp
  97.347 +    from b3 i1 have "(\<exists>M3. Q'\<longrightarrow>\<^sub>1M3 \<and> Q''\<longrightarrow>\<^sub>1M3)" by simp
  97.348      then obtain Q''' where
  97.349 -      d1: "Q'\<longrightarrow>\<^isub>1Q'''" and d2: "Q''\<longrightarrow>\<^isub>1Q'''" by blast
  97.350 +      d1: "Q'\<longrightarrow>\<^sub>1Q'''" and d2: "Q''\<longrightarrow>\<^sub>1Q'''" by blast
  97.351      from g1 r2 d1 r4 r5 d2 
  97.352 -    have "App P' Q'\<longrightarrow>\<^isub>1R1[x::=Q'''] \<and> P1''[x::=Q'']\<longrightarrow>\<^isub>1R1[x::=Q''']" 
  97.353 +    have "App P' Q'\<longrightarrow>\<^sub>1R1[x::=Q'''] \<and> P1''[x::=Q'']\<longrightarrow>\<^sub>1R1[x::=Q''']" 
  97.354        using vc i0' by (simp add: one_subst one_fresh_preserv)
  97.355 -    hence "\<exists>M3. App P' Q'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" using b1 by blast
  97.356 +    hence "\<exists>M3. App P' Q'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" using b1 by blast
  97.357    }
  97.358 -  ultimately show "\<exists>M3. App P' Q'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" by blast
  97.359 +  ultimately show "\<exists>M3. App P' Q'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" by blast
  97.360  next
  97.361    case (o3 P P' x) (* case 4 *)
  97.362 -  have i1: "P\<longrightarrow>\<^isub>1P'" by fact
  97.363 -  have i2: "\<And>M2. P \<longrightarrow>\<^isub>1M2 \<Longrightarrow> (\<exists>M3. P'\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3)" by fact
  97.364 -  have "(Lam [x].P)\<longrightarrow>\<^isub>1 M2" by fact
  97.365 -  hence "\<exists>P''. M2=Lam [x].P'' \<and> P\<longrightarrow>\<^isub>1P''" by (simp add: one_abs)
  97.366 -  then obtain P'' where b1: "M2=Lam [x].P''" and b2: "P\<longrightarrow>\<^isub>1P''" by blast
  97.367 -  from i2 b1 b2 have "\<exists>M3. (Lam [x].P')\<longrightarrow>\<^isub>1M3 \<and> (Lam [x].P'')\<longrightarrow>\<^isub>1M3" by blast
  97.368 -  then obtain M3 where c1: "(Lam [x].P')\<longrightarrow>\<^isub>1M3" and c2: "(Lam [x].P'')\<longrightarrow>\<^isub>1M3" by blast
  97.369 -  from c1 have "\<exists>R1. M3=Lam [x].R1 \<and> P'\<longrightarrow>\<^isub>1R1" by (simp add: one_abs)
  97.370 -  then obtain R1 where r1: "M3=Lam [x].R1" and r2: "P'\<longrightarrow>\<^isub>1R1" by blast
  97.371 -  from c2 have "\<exists>R2. M3=Lam [x].R2 \<and> P''\<longrightarrow>\<^isub>1R2" by (simp add: one_abs)
  97.372 -  then obtain R2 where r3: "M3=Lam [x].R2" and r4: "P''\<longrightarrow>\<^isub>1R2" by blast
  97.373 +  have i1: "P\<longrightarrow>\<^sub>1P'" by fact
  97.374 +  have i2: "\<And>M2. P \<longrightarrow>\<^sub>1M2 \<Longrightarrow> (\<exists>M3. P'\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3)" by fact
  97.375 +  have "(Lam [x].P)\<longrightarrow>\<^sub>1 M2" by fact
  97.376 +  hence "\<exists>P''. M2=Lam [x].P'' \<and> P\<longrightarrow>\<^sub>1P''" by (simp add: one_abs)
  97.377 +  then obtain P'' where b1: "M2=Lam [x].P''" and b2: "P\<longrightarrow>\<^sub>1P''" by blast
  97.378 +  from i2 b1 b2 have "\<exists>M3. (Lam [x].P')\<longrightarrow>\<^sub>1M3 \<and> (Lam [x].P'')\<longrightarrow>\<^sub>1M3" by blast
  97.379 +  then obtain M3 where c1: "(Lam [x].P')\<longrightarrow>\<^sub>1M3" and c2: "(Lam [x].P'')\<longrightarrow>\<^sub>1M3" by blast
  97.380 +  from c1 have "\<exists>R1. M3=Lam [x].R1 \<and> P'\<longrightarrow>\<^sub>1R1" by (simp add: one_abs)
  97.381 +  then obtain R1 where r1: "M3=Lam [x].R1" and r2: "P'\<longrightarrow>\<^sub>1R1" by blast
  97.382 +  from c2 have "\<exists>R2. M3=Lam [x].R2 \<and> P''\<longrightarrow>\<^sub>1R2" by (simp add: one_abs)
  97.383 +  then obtain R2 where r3: "M3=Lam [x].R2" and r4: "P''\<longrightarrow>\<^sub>1R2" by blast
  97.384    from r1 r3 have r5: "R1=R2" by (simp add: lam.inject alpha)
  97.385 -  from r2 r4 have "(Lam [x].P')\<longrightarrow>\<^isub>1(Lam [x].R1) \<and> (Lam [x].P'')\<longrightarrow>\<^isub>1(Lam [x].R2)" 
  97.386 +  from r2 r4 have "(Lam [x].P')\<longrightarrow>\<^sub>1(Lam [x].R1) \<and> (Lam [x].P'')\<longrightarrow>\<^sub>1(Lam [x].R2)" 
  97.387      by (simp add: one_subst)
  97.388 -  thus "\<exists>M3. (Lam [x].P')\<longrightarrow>\<^isub>1M3 \<and> M2\<longrightarrow>\<^isub>1M3" using b1 r5 by blast
  97.389 +  thus "\<exists>M3. (Lam [x].P')\<longrightarrow>\<^sub>1M3 \<and> M2\<longrightarrow>\<^sub>1M3" using b1 r5 by blast
  97.390  qed
  97.391  
  97.392  lemma one_lam_cong: 
  97.393 -  assumes a: "t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t2" 
  97.394 -  shows "(Lam [a].t1)\<longrightarrow>\<^isub>\<beta>\<^sup>*(Lam [a].t2)"
  97.395 +  assumes a: "t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t2" 
  97.396 +  shows "(Lam [a].t1)\<longrightarrow>\<^sub>\<beta>\<^sup>*(Lam [a].t2)"
  97.397    using a
  97.398  proof induct
  97.399    case bs1 thus ?case by simp
  97.400 @@ -476,8 +476,8 @@
  97.401  qed
  97.402  
  97.403  lemma one_app_congL: 
  97.404 -  assumes a: "t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t2" 
  97.405 -  shows "App t1 s\<longrightarrow>\<^isub>\<beta>\<^sup>* App t2 s"
  97.406 +  assumes a: "t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t2" 
  97.407 +  shows "App t1 s\<longrightarrow>\<^sub>\<beta>\<^sup>* App t2 s"
  97.408    using a
  97.409  proof induct
  97.410    case bs1 thus ?case by simp
  97.411 @@ -486,8 +486,8 @@
  97.412  qed
  97.413    
  97.414  lemma one_app_congR: 
  97.415 -  assumes a: "t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t2" 
  97.416 -  shows "App s t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* App s t2"
  97.417 +  assumes a: "t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t2" 
  97.418 +  shows "App s t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* App s t2"
  97.419  using a
  97.420  proof induct
  97.421    case bs1 thus ?case by simp
  97.422 @@ -496,19 +496,19 @@
  97.423  qed
  97.424  
  97.425  lemma one_app_cong: 
  97.426 -  assumes a1: "t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t2" 
  97.427 -  and     a2: "s1\<longrightarrow>\<^isub>\<beta>\<^sup>*s2" 
  97.428 -  shows "App t1 s1\<longrightarrow>\<^isub>\<beta>\<^sup>* App t2 s2"
  97.429 +  assumes a1: "t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t2" 
  97.430 +  and     a2: "s1\<longrightarrow>\<^sub>\<beta>\<^sup>*s2" 
  97.431 +  shows "App t1 s1\<longrightarrow>\<^sub>\<beta>\<^sup>* App t2 s2"
  97.432  proof -
  97.433 -  have "App t1 s1 \<longrightarrow>\<^isub>\<beta>\<^sup>* App t2 s1" using a1 by (rule one_app_congL)
  97.434 +  have "App t1 s1 \<longrightarrow>\<^sub>\<beta>\<^sup>* App t2 s1" using a1 by (rule one_app_congL)
  97.435    moreover
  97.436 -  have "App t2 s1 \<longrightarrow>\<^isub>\<beta>\<^sup>* App t2 s2" using a2 by (rule one_app_congR)
  97.437 +  have "App t2 s1 \<longrightarrow>\<^sub>\<beta>\<^sup>* App t2 s2" using a2 by (rule one_app_congR)
  97.438    ultimately show ?thesis by (rule beta_star_trans)
  97.439  qed
  97.440  
  97.441  lemma one_beta_star: 
  97.442 -  assumes a: "(t1\<longrightarrow>\<^isub>1t2)" 
  97.443 -  shows "(t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t2)"
  97.444 +  assumes a: "(t1\<longrightarrow>\<^sub>1t2)" 
  97.445 +  shows "(t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t2)"
  97.446    using a
  97.447  proof(nominal_induct rule: One.strong_induct)
  97.448    case o1 thus ?case by simp
  97.449 @@ -519,16 +519,16 @@
  97.450  next 
  97.451    case (o4 a s1 s2 t1 t2)
  97.452    have vc: "a\<sharp>s1" "a\<sharp>s2" by fact+
  97.453 -  have a1: "t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t2" and a2: "s1\<longrightarrow>\<^isub>\<beta>\<^sup>*s2" by fact+
  97.454 -  have c1: "(App (Lam [a].t2) s2) \<longrightarrow>\<^isub>\<beta> (t2 [a::= s2])" using vc by (simp add: b4)
  97.455 -  from a1 a2 have c2: "App (Lam [a].t1 ) s1 \<longrightarrow>\<^isub>\<beta>\<^sup>* App (Lam [a].t2 ) s2" 
  97.456 +  have a1: "t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t2" and a2: "s1\<longrightarrow>\<^sub>\<beta>\<^sup>*s2" by fact+
  97.457 +  have c1: "(App (Lam [a].t2) s2) \<longrightarrow>\<^sub>\<beta> (t2 [a::= s2])" using vc by (simp add: b4)
  97.458 +  from a1 a2 have c2: "App (Lam [a].t1 ) s1 \<longrightarrow>\<^sub>\<beta>\<^sup>* App (Lam [a].t2 ) s2" 
  97.459      by (blast intro!: one_app_cong one_lam_cong)
  97.460    show ?case using c2 c1 by (blast intro: beta_star_trans)
  97.461  qed
  97.462   
  97.463  lemma one_star_lam_cong: 
  97.464 -  assumes a: "t1\<longrightarrow>\<^isub>1\<^sup>*t2" 
  97.465 -  shows "(Lam  [a].t1)\<longrightarrow>\<^isub>1\<^sup>* (Lam [a].t2)"
  97.466 +  assumes a: "t1\<longrightarrow>\<^sub>1\<^sup>*t2" 
  97.467 +  shows "(Lam  [a].t1)\<longrightarrow>\<^sub>1\<^sup>* (Lam [a].t2)"
  97.468    using a
  97.469  proof induct
  97.470    case os1 thus ?case by simp
  97.471 @@ -537,8 +537,8 @@
  97.472  qed
  97.473  
  97.474  lemma one_star_app_congL: 
  97.475 -  assumes a: "t1\<longrightarrow>\<^isub>1\<^sup>*t2" 
  97.476 -  shows "App t1 s\<longrightarrow>\<^isub>1\<^sup>* App t2 s"
  97.477 +  assumes a: "t1\<longrightarrow>\<^sub>1\<^sup>*t2" 
  97.478 +  shows "App t1 s\<longrightarrow>\<^sub>1\<^sup>* App t2 s"
  97.479    using a
  97.480  proof induct
  97.481    case os1 thus ?case by simp
  97.482 @@ -547,8 +547,8 @@
  97.483  qed
  97.484  
  97.485  lemma one_star_app_congR: 
  97.486 -  assumes a: "t1\<longrightarrow>\<^isub>1\<^sup>*t2" 
  97.487 -  shows "App s t1 \<longrightarrow>\<^isub>1\<^sup>* App s t2"
  97.488 +  assumes a: "t1\<longrightarrow>\<^sub>1\<^sup>*t2" 
  97.489 +  shows "App s t1 \<longrightarrow>\<^sub>1\<^sup>* App s t2"
  97.490    using a
  97.491  proof induct
  97.492    case os1 thus ?case by simp
  97.493 @@ -557,8 +557,8 @@
  97.494  qed
  97.495  
  97.496  lemma beta_one_star: 
  97.497 -  assumes a: "t1\<longrightarrow>\<^isub>\<beta>t2" 
  97.498 -  shows "t1\<longrightarrow>\<^isub>1\<^sup>*t2"
  97.499 +  assumes a: "t1\<longrightarrow>\<^sub>\<beta>t2" 
  97.500 +  shows "t1\<longrightarrow>\<^sub>1\<^sup>*t2"
  97.501    using a
  97.502  proof(induct)
  97.503    case b1 thus ?case by (blast intro!: one_star_app_congL)
  97.504 @@ -571,88 +571,88 @@
  97.505  qed
  97.506  
  97.507  lemma trans_closure: 
  97.508 -  shows "(M1\<longrightarrow>\<^isub>1\<^sup>*M2) = (M1\<longrightarrow>\<^isub>\<beta>\<^sup>*M2)"
  97.509 +  shows "(M1\<longrightarrow>\<^sub>1\<^sup>*M2) = (M1\<longrightarrow>\<^sub>\<beta>\<^sup>*M2)"
  97.510  proof
  97.511 -  assume "M1 \<longrightarrow>\<^isub>1\<^sup>* M2"
  97.512 -  then show "M1\<longrightarrow>\<^isub>\<beta>\<^sup>*M2"
  97.513 +  assume "M1 \<longrightarrow>\<^sub>1\<^sup>* M2"
  97.514 +  then show "M1\<longrightarrow>\<^sub>\<beta>\<^sup>*M2"
  97.515    proof induct
  97.516 -    case (os1 M1) thus "M1\<longrightarrow>\<^isub>\<beta>\<^sup>*M1" by simp
  97.517 +    case (os1 M1) thus "M1\<longrightarrow>\<^sub>\<beta>\<^sup>*M1" by simp
  97.518    next
  97.519      case (os2 M1 M2 M3)
  97.520 -    have "M2\<longrightarrow>\<^isub>1M3" by fact
  97.521 -    then have "M2\<longrightarrow>\<^isub>\<beta>\<^sup>*M3" by (rule one_beta_star)
  97.522 -    moreover have "M1\<longrightarrow>\<^isub>\<beta>\<^sup>*M2" by fact
  97.523 -    ultimately show "M1\<longrightarrow>\<^isub>\<beta>\<^sup>*M3" by (auto intro: beta_star_trans)
  97.524 +    have "M2\<longrightarrow>\<^sub>1M3" by fact
  97.525 +    then have "M2\<longrightarrow>\<^sub>\<beta>\<^sup>*M3" by (rule one_beta_star)
  97.526 +    moreover have "M1\<longrightarrow>\<^sub>\<beta>\<^sup>*M2" by fact
  97.527 +    ultimately show "M1\<longrightarrow>\<^sub>\<beta>\<^sup>*M3" by (auto intro: beta_star_trans)
  97.528    qed
  97.529  next
  97.530 -  assume "M1 \<longrightarrow>\<^isub>\<beta>\<^sup>* M2" 
  97.531 -  then show "M1\<longrightarrow>\<^isub>1\<^sup>*M2"
  97.532 +  assume "M1 \<longrightarrow>\<^sub>\<beta>\<^sup>* M2" 
  97.533 +  then show "M1\<longrightarrow>\<^sub>1\<^sup>*M2"
  97.534    proof induct
  97.535 -    case (bs1 M1) thus  "M1\<longrightarrow>\<^isub>1\<^sup>*M1" by simp
  97.536 +    case (bs1 M1) thus  "M1\<longrightarrow>\<^sub>1\<^sup>*M1" by simp
  97.537    next
  97.538      case (bs2 M1 M2 M3) 
  97.539 -    have "M2\<longrightarrow>\<^isub>\<beta>M3" by fact
  97.540 -    then have "M2\<longrightarrow>\<^isub>1\<^sup>*M3" by (rule beta_one_star)
  97.541 -    moreover have "M1\<longrightarrow>\<^isub>1\<^sup>*M2" by fact
  97.542 -    ultimately show "M1\<longrightarrow>\<^isub>1\<^sup>*M3" by (auto intro: one_star_trans)
  97.543 +    have "M2\<longrightarrow>\<^sub>\<beta>M3" by fact
  97.544 +    then have "M2\<longrightarrow>\<^sub>1\<^sup>*M3" by (rule beta_one_star)
  97.545 +    moreover have "M1\<longrightarrow>\<^sub>1\<^sup>*M2" by fact
  97.546 +    ultimately show "M1\<longrightarrow>\<^sub>1\<^sup>*M3" by (auto intro: one_star_trans)
  97.547    qed
  97.548  qed
  97.549  
  97.550  lemma cr_one:
  97.551 -  assumes a: "t\<longrightarrow>\<^isub>1\<^sup>*t1" 
  97.552 -  and     b: "t\<longrightarrow>\<^isub>1t2"
  97.553 -  shows "\<exists>t3. t1\<longrightarrow>\<^isub>1t3 \<and> t2\<longrightarrow>\<^isub>1\<^sup>*t3"
  97.554 +  assumes a: "t\<longrightarrow>\<^sub>1\<^sup>*t1" 
  97.555 +  and     b: "t\<longrightarrow>\<^sub>1t2"
  97.556 +  shows "\<exists>t3. t1\<longrightarrow>\<^sub>1t3 \<and> t2\<longrightarrow>\<^sub>1\<^sup>*t3"
  97.557    using a b
  97.558  proof (induct arbitrary: t2)
  97.559    case os1 thus ?case by force
  97.560  next
  97.561    case (os2 t s1 s2 t2)  
  97.562 -  have b: "s1 \<longrightarrow>\<^isub>1 s2" by fact
  97.563 -  have h: "\<And>t2. t \<longrightarrow>\<^isub>1 t2 \<Longrightarrow> (\<exists>t3. s1 \<longrightarrow>\<^isub>1 t3 \<and> t2 \<longrightarrow>\<^isub>1\<^sup>* t3)" by fact
  97.564 -  have c: "t \<longrightarrow>\<^isub>1 t2" by fact
  97.565 -  show "\<exists>t3. s2 \<longrightarrow>\<^isub>1 t3 \<and>  t2 \<longrightarrow>\<^isub>1\<^sup>* t3" 
  97.566 +  have b: "s1 \<longrightarrow>\<^sub>1 s2" by fact
  97.567 +  have h: "\<And>t2. t \<longrightarrow>\<^sub>1 t2 \<Longrightarrow> (\<exists>t3. s1 \<longrightarrow>\<^sub>1 t3 \<and> t2 \<longrightarrow>\<^sub>1\<^sup>* t3)" by fact
  97.568 +  have c: "t \<longrightarrow>\<^sub>1 t2" by fact
  97.569 +  show "\<exists>t3. s2 \<longrightarrow>\<^sub>1 t3 \<and>  t2 \<longrightarrow>\<^sub>1\<^sup>* t3" 
  97.570    proof -
  97.571 -    from c h have "\<exists>t3. s1 \<longrightarrow>\<^isub>1 t3 \<and> t2 \<longrightarrow>\<^isub>1\<^sup>* t3" by blast
  97.572 -    then obtain t3 where c1: "s1 \<longrightarrow>\<^isub>1 t3" and c2: "t2 \<longrightarrow>\<^isub>1\<^sup>* t3" by blast
  97.573 -    have "\<exists>t4. s2 \<longrightarrow>\<^isub>1 t4 \<and> t3 \<longrightarrow>\<^isub>1 t4" using b c1 by (blast intro: diamond)
  97.574 +    from c h have "\<exists>t3. s1 \<longrightarrow>\<^sub>1 t3 \<and> t2 \<longrightarrow>\<^sub>1\<^sup>* t3" by blast
  97.575 +    then obtain t3 where c1: "s1 \<longrightarrow>\<^sub>1 t3" and c2: "t2 \<longrightarrow>\<^sub>1\<^sup>* t3" by blast
  97.576 +    have "\<exists>t4. s2 \<longrightarrow>\<^sub>1 t4 \<and> t3 \<longrightarrow>\<^sub>1 t4" using b c1 by (blast intro: diamond)
  97.577      thus ?thesis using c2 by (blast intro: one_star_trans)
  97.578    qed
  97.579  qed
  97.580  
  97.581  lemma cr_one_star: 
  97.582 -  assumes a: "t\<longrightarrow>\<^isub>1\<^sup>*t2"
  97.583 -      and b: "t\<longrightarrow>\<^isub>1\<^sup>*t1"
  97.584 -    shows "\<exists>t3. t1\<longrightarrow>\<^isub>1\<^sup>*t3\<and>t2\<longrightarrow>\<^isub>1\<^sup>*t3"
  97.585 +  assumes a: "t\<longrightarrow>\<^sub>1\<^sup>*t2"
  97.586 +      and b: "t\<longrightarrow>\<^sub>1\<^sup>*t1"
  97.587 +    shows "\<exists>t3. t1\<longrightarrow>\<^sub>1\<^sup>*t3\<and>t2\<longrightarrow>\<^sub>1\<^sup>*t3"
  97.588  using a b
  97.589  proof (induct arbitrary: t1)
  97.590    case (os1 t) then show ?case by force
  97.591  next 
  97.592    case (os2 t s1 s2 t1)
  97.593 -  have c: "t \<longrightarrow>\<^isub>1\<^sup>* s1" by fact
  97.594 -  have c': "t \<longrightarrow>\<^isub>1\<^sup>* t1" by fact
  97.595 -  have d: "s1 \<longrightarrow>\<^isub>1 s2" by fact
  97.596 -  have "t \<longrightarrow>\<^isub>1\<^sup>* t1 \<Longrightarrow> (\<exists>t3.  t1 \<longrightarrow>\<^isub>1\<^sup>* t3 \<and> s1 \<longrightarrow>\<^isub>1\<^sup>* t3)" by fact
  97.597 -  then obtain t3 where f1: "t1 \<longrightarrow>\<^isub>1\<^sup>* t3"
  97.598 -                   and f2: "s1 \<longrightarrow>\<^isub>1\<^sup>* t3" using c' by blast
  97.599 -  from cr_one d f2 have "\<exists>t4. t3\<longrightarrow>\<^isub>1t4 \<and> s2\<longrightarrow>\<^isub>1\<^sup>*t4" by blast
  97.600 -  then obtain t4 where g1: "t3\<longrightarrow>\<^isub>1t4"
  97.601 -                   and g2: "s2\<longrightarrow>\<^isub>1\<^sup>*t4" by blast
  97.602 -  have "t1\<longrightarrow>\<^isub>1\<^sup>*t4" using f1 g1 by (blast intro: one_star_trans)
  97.603 +  have c: "t \<longrightarrow>\<^sub>1\<^sup>* s1" by fact
  97.604 +  have c': "t \<longrightarrow>\<^sub>1\<^sup>* t1" by fact
  97.605 +  have d: "s1 \<longrightarrow>\<^sub>1 s2" by fact
  97.606 +  have "t \<longrightarrow>\<^sub>1\<^sup>* t1 \<Longrightarrow> (\<exists>t3.  t1 \<longrightarrow>\<^sub>1\<^sup>* t3 \<and> s1 \<longrightarrow>\<^sub>1\<^sup>* t3)" by fact
  97.607 +  then obtain t3 where f1: "t1 \<longrightarrow>\<^sub>1\<^sup>* t3"
  97.608 +                   and f2: "s1 \<longrightarrow>\<^sub>1\<^sup>* t3" using c' by blast
  97.609 +  from cr_one d f2 have "\<exists>t4. t3\<longrightarrow>\<^sub>1t4 \<and> s2\<longrightarrow>\<^sub>1\<^sup>*t4" by blast
  97.610 +  then obtain t4 where g1: "t3\<longrightarrow>\<^sub>1t4"
  97.611 +                   and g2: "s2\<longrightarrow>\<^sub>1\<^sup>*t4" by blast
  97.612 +  have "t1\<longrightarrow>\<^sub>1\<^sup>*t4" using f1 g1 by (blast intro: one_star_trans)
  97.613    thus ?case using g2 by blast
  97.614  qed
  97.615    
  97.616  lemma cr_beta_star: 
  97.617 -  assumes a1: "t\<longrightarrow>\<^isub>\<beta>\<^sup>*t1" 
  97.618 -  and     a2: "t\<longrightarrow>\<^isub>\<beta>\<^sup>*t2" 
  97.619 -  shows "\<exists>t3. t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t3\<and>t2\<longrightarrow>\<^isub>\<beta>\<^sup>*t3"
  97.620 +  assumes a1: "t\<longrightarrow>\<^sub>\<beta>\<^sup>*t1" 
  97.621 +  and     a2: "t\<longrightarrow>\<^sub>\<beta>\<^sup>*t2" 
  97.622 +  shows "\<exists>t3. t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t3\<and>t2\<longrightarrow>\<^sub>\<beta>\<^sup>*t3"
  97.623  proof -
  97.624 -  from a1 have "t\<longrightarrow>\<^isub>1\<^sup>*t1" by (simp only: trans_closure)
  97.625 +  from a1 have "t\<longrightarrow>\<^sub>1\<^sup>*t1" by (simp only: trans_closure)
  97.626    moreover
  97.627 -  from a2 have "t\<longrightarrow>\<^isub>1\<^sup>*t2" by (simp only: trans_closure)
  97.628 -  ultimately have "\<exists>t3. t1\<longrightarrow>\<^isub>1\<^sup>*t3 \<and> t2\<longrightarrow>\<^isub>1\<^sup>*t3" by (blast intro: cr_one_star) 
  97.629 -  then obtain t3 where "t1\<longrightarrow>\<^isub>1\<^sup>*t3" and "t2\<longrightarrow>\<^isub>1\<^sup>*t3" by blast
  97.630 -  hence "t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t3" and "t2\<longrightarrow>\<^isub>\<beta>\<^sup>*t3" by (simp_all only: trans_closure)
  97.631 -  then show "\<exists>t3. t1\<longrightarrow>\<^isub>\<beta>\<^sup>*t3\<and>t2\<longrightarrow>\<^isub>\<beta>\<^sup>*t3" by blast
  97.632 +  from a2 have "t\<longrightarrow>\<^sub>1\<^sup>*t2" by (simp only: trans_closure)
  97.633 +  ultimately have "\<exists>t3. t1\<longrightarrow>\<^sub>1\<^sup>*t3 \<and> t2\<longrightarrow>\<^sub>1\<^sup>*t3" by (blast intro: cr_one_star) 
  97.634 +  then obtain t3 where "t1\<longrightarrow>\<^sub>1\<^sup>*t3" and "t2\<longrightarrow>\<^sub>1\<^sup>*t3" by blast
  97.635 +  hence "t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t3" and "t2\<longrightarrow>\<^sub>\<beta>\<^sup>*t3" by (simp_all only: trans_closure)
  97.636 +  then show "\<exists>t3. t1\<longrightarrow>\<^sub>\<beta>\<^sup>*t3\<and>t2\<longrightarrow>\<^sub>\<beta>\<^sup>*t3" by blast
  97.637  qed
  97.638  
  97.639  end
    98.1 --- a/src/HOL/Nominal/Examples/CR_Takahashi.thy	Tue Aug 13 16:53:23 2013 +0200
    98.2 +++ b/src/HOL/Nominal/Examples/CR_Takahashi.thy	Tue Aug 13 17:45:22 2013 +0200
    98.3 @@ -22,7 +22,7 @@
    98.4    subst :: "lam \<Rightarrow> name \<Rightarrow> lam \<Rightarrow> lam"  ("_[_::=_]" [100,100,100] 100)
    98.5  where
    98.6    "(Var x)[y::=s] = (if x=y then s else (Var x))"
    98.7 -| "(App t\<^isub>1 t\<^isub>2)[y::=s] = App (t\<^isub>1[y::=s]) (t\<^isub>2[y::=s])"
    98.8 +| "(App t\<^sub>1 t\<^sub>2)[y::=s] = App (t\<^sub>1[y::=s]) (t\<^sub>2[y::=s])"
    98.9  | "x\<sharp>(y,s) \<Longrightarrow> (Lam [x].t)[y::=s] = Lam [x].(t[y::=s])"
   98.10  apply(finite_guess)+
   98.11  apply(rule TrueI)+
   98.12 @@ -66,81 +66,81 @@
   98.13  section {* Beta-Reduction *}
   98.14  
   98.15  inductive 
   98.16 -  "Beta" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>\<beta> _" [80,80] 80)
   98.17 +  "Beta" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>\<beta> _" [80,80] 80)
   98.18  where
   98.19 -  b1[intro]: "t1 \<longrightarrow>\<^isub>\<beta> t2 \<Longrightarrow> App t1 s \<longrightarrow>\<^isub>\<beta> App t2 s"
   98.20 -| b2[intro]: "s1 \<longrightarrow>\<^isub>\<beta> s2 \<Longrightarrow> App t s1 \<longrightarrow>\<^isub>\<beta> App t s2"
   98.21 -| b3[intro]: "t1 \<longrightarrow>\<^isub>\<beta> t2 \<Longrightarrow> Lam [x].t1 \<longrightarrow>\<^isub>\<beta> Lam [x].t2"
   98.22 -| b4[intro]: "App (Lam [x].t) s \<longrightarrow>\<^isub>\<beta> t[x::=s]"
   98.23 +  b1[intro]: "t1 \<longrightarrow>\<^sub>\<beta> t2 \<Longrightarrow> App t1 s \<longrightarrow>\<^sub>\<beta> App t2 s"
   98.24 +| b2[intro]: "s1 \<longrightarrow>\<^sub>\<beta> s2 \<Longrightarrow> App t s1 \<longrightarrow>\<^sub>\<beta> App t s2"
   98.25 +| b3[intro]: "t1 \<longrightarrow>\<^sub>\<beta> t2 \<Longrightarrow> Lam [x].t1 \<longrightarrow>\<^sub>\<beta> Lam [x].t2"
   98.26 +| b4[intro]: "App (Lam [x].t) s \<longrightarrow>\<^sub>\<beta> t[x::=s]"
   98.27  
   98.28  section {* Transitive Closure of Beta *}
   98.29  
   98.30  inductive 
   98.31 -  "Beta_star" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>\<beta>\<^sup>* _" [80,80] 80)
   98.32 +  "Beta_star" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>\<beta>\<^sup>* _" [80,80] 80)
   98.33  where
   98.34 -  bs1[intro]: "t \<longrightarrow>\<^isub>\<beta>\<^sup>* t"
   98.35 -| bs2[intro]: "t \<longrightarrow>\<^isub>\<beta> s \<Longrightarrow> t \<longrightarrow>\<^isub>\<beta>\<^sup>* s"
   98.36 -| bs3[intro,trans]: "\<lbrakk>t1\<longrightarrow>\<^isub>\<beta>\<^sup>* t2; t2 \<longrightarrow>\<^isub>\<beta>\<^sup>* t3\<rbrakk> \<Longrightarrow> t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t3"
   98.37 +  bs1[intro]: "t \<longrightarrow>\<^sub>\<beta>\<^sup>* t"
   98.38 +| bs2[intro]: "t \<longrightarrow>\<^sub>\<beta> s \<Longrightarrow> t \<longrightarrow>\<^sub>\<beta>\<^sup>* s"
   98.39 +| bs3[intro,trans]: "\<lbrakk>t1\<longrightarrow>\<^sub>\<beta>\<^sup>* t2; t2 \<longrightarrow>\<^sub>\<beta>\<^sup>* t3\<rbrakk> \<Longrightarrow> t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t3"
   98.40  
   98.41  section {* One-Reduction *}
   98.42  
   98.43  inductive 
   98.44 -  One :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>1 _" [80,80] 80)
   98.45 +  One :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>1 _" [80,80] 80)
   98.46  where
   98.47 -  o1[intro]: "Var x\<longrightarrow>\<^isub>1 Var x"
   98.48 -| o2[intro]: "\<lbrakk>t1\<longrightarrow>\<^isub>1t2; s1\<longrightarrow>\<^isub>1s2\<rbrakk> \<Longrightarrow> App t1 s1 \<longrightarrow>\<^isub>1 App t2 s2"
   98.49 -| o3[intro]: "t1\<longrightarrow>\<^isub>1t2 \<Longrightarrow> Lam [x].t1 \<longrightarrow>\<^isub>1 Lam [x].t2"
   98.50 -| o4[intro]: "\<lbrakk>x\<sharp>(s1,s2); t1\<longrightarrow>\<^isub>1t2; s1\<longrightarrow>\<^isub>1s2\<rbrakk> \<Longrightarrow> App (Lam [x].t1) s1 \<longrightarrow>\<^isub>1 t2[x::=s2]"
   98.51 +  o1[intro]: "Var x\<longrightarrow>\<^sub>1 Var x"
   98.52 +| o2[intro]: "\<lbrakk>t1\<longrightarrow>\<^sub>1t2; s1\<longrightarrow>\<^sub>1s2\<rbrakk> \<Longrightarrow> App t1 s1 \<longrightarrow>\<^sub>1 App t2 s2"
   98.53 +| o3[intro]: "t1\<longrightarrow>\<^sub>1t2 \<Longrightarrow> Lam [x].t1 \<longrightarrow>\<^sub>1 Lam [x].t2"
   98.54 +| o4[intro]: "\<lbrakk>x\<sharp>(s1,s2); t1\<longrightarrow>\<^sub>1t2; s1\<longrightarrow>\<^sub>1s2\<rbrakk> \<Longrightarrow> App (Lam [x].t1) s1 \<longrightarrow>\<^sub>1 t2[x::=s2]"
   98.55  
   98.56  equivariance One
   98.57  nominal_inductive One 
   98.58    by (simp_all add: abs_fresh fresh_fact)
   98.59  
   98.60  lemma One_refl:
   98.61 -  shows "t \<longrightarrow>\<^isub>1 t"
   98.62 +  shows "t \<longrightarrow>\<^sub>1 t"
   98.63  by (nominal_induct t rule: lam.strong_induct) (auto)
   98.64  
   98.65  lemma One_subst: 
   98.66 -  assumes a: "t1 \<longrightarrow>\<^isub>1 t2" "s1 \<longrightarrow>\<^isub>1 s2"
   98.67 -  shows "t1[x::=s1] \<longrightarrow>\<^isub>1 t2[x::=s2]" 
   98.68 +  assumes a: "t1 \<longrightarrow>\<^sub>1 t2" "s1 \<longrightarrow>\<^sub>1 s2"
   98.69 +  shows "t1[x::=s1] \<longrightarrow>\<^sub>1 t2[x::=s2]" 
   98.70  using a 
   98.71  by (nominal_induct t1 t2 avoiding: s1 s2 x rule: One.strong_induct)
   98.72     (auto simp add: substitution_lemma fresh_atm fresh_fact)
   98.73  
   98.74  lemma better_o4_intro:
   98.75 -  assumes a: "t1 \<longrightarrow>\<^isub>1 t2" "s1 \<longrightarrow>\<^isub>1 s2"
   98.76 -  shows "App (Lam [x].t1) s1 \<longrightarrow>\<^isub>1 t2[x::=s2]"
   98.77 +  assumes a: "t1 \<longrightarrow>\<^sub>1 t2" "s1 \<longrightarrow>\<^sub>1 s2"
   98.78 +  shows "App (Lam [x].t1) s1 \<longrightarrow>\<^sub>1 t2[x::=s2]"
   98.79  proof -
   98.80    obtain y::"name" where fs: "y\<sharp>(x,t1,s1,t2,s2)" by (rule exists_fresh, rule fin_supp, blast)
   98.81    have "App (Lam [x].t1) s1 = App (Lam [y].([(y,x)]\<bullet>t1)) s1" using fs
   98.82      by (auto simp add: lam.inject alpha' fresh_prod fresh_atm)
   98.83 -  also have "\<dots> \<longrightarrow>\<^isub>1  ([(y,x)]\<bullet>t2)[y::=s2]" using fs a by (auto simp add: One.eqvt)
   98.84 +  also have "\<dots> \<longrightarrow>\<^sub>1  ([(y,x)]\<bullet>t2)[y::=s2]" using fs a by (auto simp add: One.eqvt)
   98.85    also have "\<dots> = t2[x::=s2]" using fs by (simp add: subst_rename[symmetric])
   98.86 -  finally show "App (Lam [x].t1) s1 \<longrightarrow>\<^isub>1 t2[x::=s2]" by simp
   98.87 +  finally show "App (Lam [x].t1) s1 \<longrightarrow>\<^sub>1 t2[x::=s2]" by simp
   98.88  qed
   98.89  
   98.90  lemma One_Var:
   98.91 -  assumes a: "Var x \<longrightarrow>\<^isub>1 M"
   98.92 +  assumes a: "Var x \<longrightarrow>\<^sub>1 M"
   98.93    shows "M = Var x"
   98.94  using a by (cases rule: One.cases) (simp_all) 
   98.95  
   98.96  lemma One_Lam: 
   98.97 -  assumes a: "Lam [x].t \<longrightarrow>\<^isub>1 s" "x\<sharp>s"
   98.98 -  shows "\<exists>t'. s = Lam [x].t' \<and> t \<longrightarrow>\<^isub>1 t'"
   98.99 +  assumes a: "Lam [x].t \<longrightarrow>\<^sub>1 s" "x\<sharp>s"
  98.100 +  shows "\<exists>t'. s = Lam [x].t' \<and> t \<longrightarrow>\<^sub>1 t'"
  98.101  using a
  98.102  by (cases rule: One.strong_cases)
  98.103     (auto simp add: lam.inject abs_fresh alpha)
  98.104  
  98.105  lemma One_App: 
  98.106 -  assumes a: "App t s \<longrightarrow>\<^isub>1 r"
  98.107 -  shows "(\<exists>t' s'. r = App t' s' \<and> t \<longrightarrow>\<^isub>1 t' \<and> s \<longrightarrow>\<^isub>1 s') \<or> 
  98.108 -         (\<exists>x p p' s'. r = p'[x::=s'] \<and> t = Lam [x].p \<and> p \<longrightarrow>\<^isub>1 p' \<and> s \<longrightarrow>\<^isub>1 s' \<and> x\<sharp>(s,s'))" 
  98.109 +  assumes a: "App t s \<longrightarrow>\<^sub>1 r"
  98.110 +  shows "(\<exists>t' s'. r = App t' s' \<and> t \<longrightarrow>\<^sub>1 t' \<and> s \<longrightarrow>\<^sub>1 s') \<or> 
  98.111 +         (\<exists>x p p' s'. r = p'[x::=s'] \<and> t = Lam [x].p \<and> p \<longrightarrow>\<^sub>1 p' \<and> s \<longrightarrow>\<^sub>1 s' \<and> x\<sharp>(s,s'))" 
  98.112  using a by (cases rule: One.cases) (auto simp add: lam.inject)
  98.113  
  98.114  lemma One_Redex: 
  98.115 -  assumes a: "App (Lam [x].t) s \<longrightarrow>\<^isub>1 r" "x\<sharp>(s,r)"
  98.116 -  shows "(\<exists>t' s'. r = App (Lam [x].t') s' \<and> t \<longrightarrow>\<^isub>1 t' \<and> s \<longrightarrow>\<^isub>1 s') \<or> 
  98.117 -         (\<exists>t' s'. r = t'[x::=s'] \<and> t \<longrightarrow>\<^isub>1 t' \<and> s \<longrightarrow>\<^isub>1 s')" 
  98.118 +  assumes a: "App (Lam [x].t) s \<longrightarrow>\<^sub>1 r" "x\<sharp>(s,r)"
  98.119 +  shows "(\<exists>t' s'. r = App (Lam [x].t') s' \<and> t \<longrightarrow>\<^sub>1 t' \<and> s \<longrightarrow>\<^sub>1 s') \<or> 
  98.120 +         (\<exists>t' s'. r = t'[x::=s'] \<and> t \<longrightarrow>\<^sub>1 t' \<and> s \<longrightarrow>\<^sub>1 s')" 
  98.121  using a
  98.122  by (cases rule: One.strong_cases)
  98.123     (auto dest: One_Lam simp add: lam.inject abs_fresh alpha fresh_prod)
  98.124 @@ -148,162 +148,162 @@
  98.125  section {* Transitive Closure of One *}
  98.126  
  98.127  inductive 
  98.128 -  "One_star" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^isub>1\<^sup>* _" [80,80] 80)
  98.129 +  "One_star" :: "lam\<Rightarrow>lam\<Rightarrow>bool" (" _ \<longrightarrow>\<^sub>1\<^sup>* _" [80,80] 80)
  98.130  where
  98.131 -  os1[intro]: "t \<longrightarrow>\<^isub>1\<^sup>* t"
  98.132 -| os2[intro]: "t \<longrightarrow>\<^isub>1 s \<Longrightarrow> t \<longrightarrow>\<^isub>1\<^sup>* s"
  98.133 -| os3[intro]: "\<lbrakk>t1\<longrightarrow>\<^isub>1\<^sup>* t2; t2 \<longrightarrow>\<^isub>1\<^sup>* t3\<rbrakk> \<Longrightarrow> t1 \<longrightarrow>\<^isub>1\<^sup>* t3"
  98.134 +  os1[intro]: "t \<longrightarrow>\<^sub>1\<^sup>* t"
  98.135 +| os2[intro]: "t \<longrightarrow>\<^sub>1 s \<Longrightarrow> t \<longrightarrow>\<^sub>1\<^sup>* s"
  98.136 +| os3[intro]: "\<lbrakk>t1\<longrightarrow>\<^sub>1\<^sup>* t2; t2 \<longrightarrow>\<^sub>1\<^sup>* t3\<rbrakk> \<Longrightarrow> t1 \<longrightarrow>\<^sub>1\<^sup>* t3"
  98.137  
  98.138  section {* Complete Development Reduction *}
  98.139  
  98.140  inductive 
  98.141 -  Dev :: "lam \<Rightarrow> lam \<Rightarrow> bool" (" _ \<longrightarrow>\<^isub>d _" [80,80]80)
  98.142 +  Dev :: "lam \<Rightarrow> lam \<Rightarrow> bool" (" _ \<longrightarrow>\<^sub>d _" [80,80]80)
  98.143  where
  98.144 -  d1[intro]: "Var x \<longrightarrow>\<^isub>d Var x"
  98.145 -| d2[intro]: "t \<longrightarrow>\<^isub>d s \<Longrightarrow> Lam [x].t \<longrightarrow>\<^isub>d Lam[x].s"
  98.146 -| d3[intro]: "\<lbrakk>\<not>(\<exists>y t'. t1 = Lam [y].t'); t1 \<longrightarrow>\<^isub>d t2; s1 \<longrightarrow>\<^isub>d s2\<rbrakk> \<Longrightarrow> App t1 s1 \<longrightarrow>\<^isub>d App t2 s2"
  98.147 -| d4[intro]: "\<lbrakk>x\<sharp>(s1,s2); t1 \<longrightarrow>\<^isub>d t2; s1 \<longrightarrow>\<^isub>d s2\<rbrakk> \<Longrightarrow> App (Lam [x].t1) s1 \<longrightarrow>\<^isub>d t2[x::=s2]"
  98.148 +  d1[intro]: "Var x \<longrightarrow>\<^sub>d Var x"
  98.149 +| d2[intro]: "t \<longrightarrow>\<^sub>d s \<Longrightarrow> Lam [x].t \<longrightarrow>\<^sub>d Lam[x].s"
  98.150 +| d3[intro]: "\<lbrakk>\<not>(\<exists>y t'. t1 = Lam [y].t'); t1 \<longrightarrow>\<^sub>d t2; s1 \<longrightarrow>\<^sub>d s2\<rbrakk> \<Longrightarrow> App t1 s1 \<longrightarrow>\<^sub>d App t2 s2"
  98.151 +| d4[intro]: "\<lbrakk>x\<sharp>(s1,s2); t1 \<longrightarrow>\<^sub>d t2; s1 \<longrightarrow>\<^sub>d s2\<rbrakk> \<Longrightarrow> App (Lam [x].t1) s1 \<longrightarrow>\<^sub>d t2[x::=s2]"
  98.152  
  98.153  equivariance Dev
  98.154  nominal_inductive Dev 
  98.155    by (simp_all add: abs_fresh fresh_fact)
  98.156  
  98.157  lemma better_d4_intro:
  98.158 -  assumes a: "t1 \<longrightarrow>\<^isub>d t2" "s1 \<longrightarrow>\<^isub>d s2"
  98.159 -  shows "App (Lam [x].t1) s1 \<longrightarrow>\<^isub>d t2[x::=s2]"
  98.160 +  assumes a: "t1 \<longrightarrow>\<^sub>d t2" "s1 \<longrightarrow>\<^sub>d s2"
  98.161 +  shows "App (Lam [x].t1) s1 \<longrightarrow>\<^sub>d t2[x::=s2]"
  98.162  proof -
  98.163    obtain y::"name" where fs: "y\<sharp>(x,t1,s1,t2,s2)" by (rule exists_fresh, rule fin_supp,blast)
  98.164    have "App (Lam [x].t1) s1 = App (Lam [y].([(y,x)]\<bullet>t1)) s1" using fs
  98.165      by (auto simp add: lam.inject alpha' fresh_prod fresh_atm)
  98.166 -  also have "\<dots> \<longrightarrow>\<^isub>d  ([(y,x)]\<bullet>t2)[y::=s2]" using fs a by (auto simp add: Dev.eqvt)
  98.167 +  also have "\<dots> \<longrightarrow>\<^sub>d  ([(y,x)]\<bullet>t2)[y::=s2]" using fs a by (auto simp add: Dev.eqvt)
  98.168    also have "\<dots> = t2[x::=s2]" using fs by (simp add: subst_rename[symmetric])
  98.169 -  finally show "App (Lam [x].t1) s1 \<longrightarrow>\<^isub>d t2[x::=s2]" by simp
  98.170 +  finally show "App (Lam [x].t1) s1 \<longrightarrow>\<^sub>d t2[x::=s2]" by simp
  98.171  qed
  98.172  
  98.173  lemma Dev_preserves_fresh:
  98.174    fixes x::"name"
  98.175 -  assumes a: "M\<longrightarrow>\<^isub>d N"  
  98.176 +  assumes a: "M\<longrightarrow>\<^sub>d N"  
  98.177    shows "x\<sharp>M \<Longrightarrow> x\<sharp>N"
  98.178  using a
  98.179  by (induct) (auto simp add: abs_fresh fresh_fact)
  98.180  
  98.181  lemma Dev_Lam:
  98.182 -  assumes a: "Lam [x].M \<longrightarrow>\<^isub>d N" 
  98.183 -  shows "\<exists>N'. N = Lam [x].N' \<and> M \<longrightarrow>\<^isub>d N'"
  98.184 +  assumes a: "Lam [x].M \<longrightarrow>\<^sub>d N" 
  98.185 +  shows "\<exists>N'. N = Lam [x].N' \<and> M \<longrightarrow>\<^sub>d N'"
  98.186  proof -
  98.187    from a have "x\<sharp>Lam [x].M" by (simp add: abs_fresh)
  98.188    with a have "x\<sharp>N" by (simp add: Dev_preserves_fresh)
  98.189 -  with a show "\<exists>N'. N = Lam [x].N' \<and> M \<longrightarrow>\<^isub>d N'"
  98.190 +  with a show "\<exists>N'. N = Lam [x].N' \<and> M \<longrightarrow>\<^sub>d N'"
  98.191      by (cases rule: Dev.strong_cases)
  98.192         (auto simp add: lam.inject abs_fresh alpha)
  98.193  qed
  98.194  
  98.195  lemma Development_existence:
  98.196 -  shows "\<exists>M'. M \<longrightarrow>\<^isub>d M'"
  98.197 +  shows "\<exists>M'. M \<longrightarrow>\<^sub>d M'"
  98.198  by (nominal_induct M rule: lam.strong_induct)
  98.199     (auto dest!: Dev_Lam intro: better_d4_intro)
  98.200  
  98.201  lemma Triangle:
  98.202 -  assumes a: "t \<longrightarrow>\<^isub>d t1" "t \<longrightarrow>\<^isub>1 t2"
  98.203 -  shows "t2 \<longrightarrow>\<^isub>1 t1"
  98.204 +  assumes a: "t \<longrightarrow>\<^sub>d t1" "t \<longrightarrow>\<^sub>1 t2"
  98.205 +  shows "t2 \<longrightarrow>\<^sub>1 t1"
  98.206  using a 
  98.207  proof(nominal_induct avoiding: t2 rule: Dev.strong_induct)
  98.208    case (d4 x s1 s2 t1 t1' t2) 
  98.209    have  fc: "x\<sharp>t2" "x\<sharp>s1" by fact+ 
  98.210 -  have "App (Lam [x].t1) s1 \<longrightarrow>\<^isub>1 t2" by fact
  98.211 +  have "App (Lam [x].t1) s1 \<longrightarrow>\<^sub>1 t2" by fact
  98.212    then obtain t' s' where reds: 
  98.213 -             "(t2 = App (Lam [x].t') s' \<and> t1 \<longrightarrow>\<^isub>1 t' \<and> s1 \<longrightarrow>\<^isub>1 s') \<or> 
  98.214 -              (t2 = t'[x::=s'] \<and> t1 \<longrightarrow>\<^isub>1 t' \<and> s1 \<longrightarrow>\<^isub>1 s')"
  98.215 +             "(t2 = App (Lam [x].t') s' \<and> t1 \<longrightarrow>\<^sub>1 t' \<and> s1 \<longrightarrow>\<^sub>1 s') \<or> 
  98.216 +              (t2 = t'[x::=s'] \<and> t1 \<longrightarrow>\<^sub>1 t' \<and> s1 \<longrightarrow>\<^sub>1 s')"
  98.217    using fc by (auto dest!: One_Redex)
  98.218 -  have ih1: "t1 \<longrightarrow>\<^isub>1 t' \<Longrightarrow>  t' \<longrightarrow>\<^isub>1 t1'" by fact
  98.219 -  have ih2: "s1 \<longrightarrow>\<^isub>1 s' \<Longrightarrow>  s' \<longrightarrow>\<^isub>1 s2" by fact
  98.220 -  { assume "t1 \<longrightarrow>\<^isub>1 t'" "s1 \<longrightarrow>\<^isub>1 s'"
  98.221 -    then have "App (Lam [x].t') s' \<longrightarrow>\<^isub>1 t1'[x::=s2]" 
  98.222 +  have ih1: "t1 \<longrightarrow>\<^sub>1 t' \<Longrightarrow>  t' \<longrightarrow>\<^sub>1 t1'" by fact
  98.223 +  have ih2: "s1 \<longrightarrow>\<^sub>1 s' \<Longrightarrow>  s' \<longrightarrow>\<^sub>1 s2" by fact
  98.224 +  { assume "t1 \<longrightarrow>\<^sub>1 t'" "s1 \<longrightarrow>\<^sub>1 s'"
  98.225 +    then have "App (Lam [x].t') s' \<longrightarrow>\<^sub>1 t1'[x::=s2]" 
  98.226        using ih1 ih2 by (auto intro: better_o4_intro)
  98.227    }
  98.228    moreover
  98.229 -  { assume "t1 \<longrightarrow>\<^isub>1 t'" "s1 \<longrightarrow>\<^isub>1 s'"
  98.230 -    then have "t'[x::=s'] \<longrightarrow>\<^isub>1 t1'[x::=s2]" 
  98.231 +  { assume "t1 \<longrightarrow>\<^sub>1 t'" "s1 \<longrightarrow>\<^sub>1 s'"
  98.232 +    then have "t'[x::=s'] \<longrightarrow>\<^sub>1 t1'[x::=s2]" 
  98.233        using ih1 ih2 by (auto intro: One_subst)
  98.234    }
  98.235 -  ultimately show "t2 \<longrightarrow>\<^isub>1 t1'[x::=s2]" using reds by auto 
  98.236 +  ultimately show "t2 \<longrightarrow>\<^sub>1 t1'[x::=s2]" using reds by auto 
  98.237  qed (auto dest!: One_Lam One_Var One_App)
  98.238  
  98.239  lemma Diamond_for_One:
  98.240 -  assumes a: "t \<longrightarrow>\<^isub>1 t1" "t \<longrightarrow>\<^isub>1 t2"
  98.241 -  shows "\<exists>t3. t2 \<longrightarrow>\<^isub>1 t3 \<and> t1 \<longrightarrow>\<^isub>1 t3"
  98.242 +  assumes a: "t \<longrightarrow>\<^sub>1 t1" "t \<longrightarrow>\<^sub>1 t2"
  98.243 +  shows "\<exists>t3. t2 \<longrightarrow>\<^sub>1 t3 \<and> t1 \<longrightarrow>\<^sub>1 t3"
  98.244  proof -
  98.245 -  obtain tc where "t \<longrightarrow>\<^isub>d tc" using Development_existence by blast
  98.246 -  with a have "t2 \<longrightarrow>\<^isub>1 tc" and "t1 \<longrightarrow>\<^isub>1 tc" by (simp_all add: Triangle)
  98.247 -  then show "\<exists>t3. t2 \<longrightarrow>\<^isub>1 t3 \<and> t1 \<longrightarrow>\<^isub>1 t3" by blast
  98.248 +  obtain tc where "t \<longrightarrow>\<^sub>d tc" using Development_existence by blast
  98.249 +  with a have "t2 \<longrightarrow>\<^sub>1 tc" and "t1 \<longrightarrow>\<^sub>1 tc" by (simp_all add: Triangle)
  98.250 +  then show "\<exists>t3. t2 \<longrightarrow>\<^sub>1 t3 \<and> t1 \<longrightarrow>\<^sub>1 t3" by blast
  98.251  qed
  98.252  
  98.253  lemma Rectangle_for_One:
  98.254 -  assumes a:  "t \<longrightarrow>\<^isub>1\<^sup>* t1" "t \<longrightarrow>\<^isub>1 t2" 
  98.255 -  shows "\<exists>t3. t1 \<longrightarrow>\<^isub>1 t3 \<and> t2 \<longrightarrow>\<^isub>1\<^sup>* t3"
  98.256 +  assumes a:  "t \<longrightarrow>\<^sub>1\<^sup>* t1" "t \<longrightarrow>\<^sub>1 t2" 
  98.257 +  shows "\<exists>t3. t1 \<longrightarrow>\<^sub>1 t3 \<and> t2 \<longrightarrow>\<^sub>1\<^sup>* t3"
  98.258  using a Diamond_for_One by (induct arbitrary: t2) (blast)+
  98.259  
  98.260  lemma CR_for_One_star: 
  98.261 -  assumes a: "t \<longrightarrow>\<^isub>1\<^sup>* t1" "t \<longrightarrow>\<^isub>1\<^sup>* t2"
  98.262 -    shows "\<exists>t3. t2 \<longrightarrow>\<^isub>1\<^sup>* t3 \<and> t1 \<longrightarrow>\<^isub>1\<^sup>* t3"
  98.263 +  assumes a: "t \<longrightarrow>\<^sub>1\<^sup>* t1" "t \<longrightarrow>\<^sub>1\<^sup>* t2"
  98.264 +    shows "\<exists>t3. t2 \<longrightarrow>\<^sub>1\<^sup>* t3 \<and> t1 \<longrightarrow>\<^sub>1\<^sup>* t3"
  98.265  using a Rectangle_for_One by (induct arbitrary: t2) (blast)+
  98.266  
  98.267  section {* Establishing the Equivalence of Beta-star and One-star *}
  98.268  
  98.269  lemma Beta_Lam_cong: 
  98.270 -  assumes a: "t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t2" 
  98.271 -  shows "Lam [x].t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* Lam [x].t2"
  98.272 +  assumes a: "t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t2" 
  98.273 +  shows "Lam [x].t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* Lam [x].t2"
  98.274  using a by (induct) (blast)+
  98.275  
  98.276  lemma Beta_App_cong_aux: 
  98.277 -  assumes a: "t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t2" 
  98.278 -  shows "App t1 s\<longrightarrow>\<^isub>\<beta>\<^sup>* App t2 s"
  98.279 -    and "App s t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* App s t2"
  98.280 +  assumes a: "t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t2" 
  98.281 +  shows "App t1 s\<longrightarrow>\<^sub>\<beta>\<^sup>* App t2 s"
  98.282 +    and "App s t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* App s t2"
  98.283  using a by (induct) (blast)+
  98.284  
  98.285  lemma Beta_App_cong: 
  98.286 -  assumes a: "t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t2" "s1 \<longrightarrow>\<^isub>\<beta>\<^sup>* s2" 
  98.287 -  shows "App t1 s1 \<longrightarrow>\<^isub>\<beta>\<^sup>* App t2 s2"
  98.288 +  assumes a: "t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t2" "s1 \<longrightarrow>\<^sub>\<beta>\<^sup>* s2" 
  98.289 +  shows "App t1 s1 \<longrightarrow>\<^sub>\<beta>\<^sup>* App t2 s2"
  98.290  using a by (blast intro: Beta_App_cong_aux)
  98.291  
  98.292  lemmas Beta_congs = Beta_Lam_cong Beta_App_cong
  98.293  
  98.294  lemma One_implies_Beta_star: 
  98.295 -  assumes a: "t \<longrightarrow>\<^isub>1 s"
  98.296 -  shows "t \<longrightarrow>\<^isub>\<beta>\<^sup>* s"
  98.297 +  assumes a: "t \<longrightarrow>\<^sub>1 s"
  98.298 +  shows "t \<longrightarrow>\<^sub>\<beta>\<^sup>* s"
  98.299  using a by (induct) (auto intro!: Beta_congs)
  98.300  
  98.301  lemma One_congs: 
  98.302 -  assumes a: "t1 \<longrightarrow>\<^isub>1\<^sup>* t2" 
  98.303 -  shows "Lam [x].t1 \<longrightarrow>\<^isub>1\<^sup>* Lam [x].t2"
  98.304 -  and   "App t1 s \<longrightarrow>\<^isub>1\<^sup>* App t2 s"
  98.305 -  and   "App s t1 \<longrightarrow>\<^isub>1\<^sup>* App s t2"
  98.306 +  assumes a: "t1 \<longrightarrow>\<^sub>1\<^sup>* t2" 
  98.307 +  shows "Lam [x].t1 \<longrightarrow>\<^sub>1\<^sup>* Lam [x].t2"
  98.308 +  and   "App t1 s \<longrightarrow>\<^sub>1\<^sup>* App t2 s"
  98.309 +  and   "App s t1 \<longrightarrow>\<^sub>1\<^sup>* App s t2"
  98.310  using a by (induct) (auto intro: One_refl)
  98.311  
  98.312  lemma Beta_implies_One_star: 
  98.313 -  assumes a: "t1 \<longrightarrow>\<^isub>\<beta> t2" 
  98.314 -  shows "t1 \<longrightarrow>\<^isub>1\<^sup>* t2"
  98.315 +  assumes a: "t1 \<longrightarrow>\<^sub>\<beta> t2" 
  98.316 +  shows "t1 \<longrightarrow>\<^sub>1\<^sup>* t2"
  98.317  using a by (induct) (auto intro: One_refl One_congs better_o4_intro)
  98.318  
  98.319  lemma Beta_star_equals_One_star: 
  98.320 -  shows "t1 \<longrightarrow>\<^isub>1\<^sup>* t2 = t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t2"
  98.321 +  shows "t1 \<longrightarrow>\<^sub>1\<^sup>* t2 = t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t2"
  98.322  proof
  98.323 -  assume "t1 \<longrightarrow>\<^isub>1\<^sup>* t2"
  98.324 -  then show "t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t2" by (induct) (auto intro: One_implies_Beta_star)
  98.325 +  assume "t1 \<longrightarrow>\<^sub>1\<^sup>* t2"
  98.326 +  then show "t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t2" by (induct) (auto intro: One_implies_Beta_star)
  98.327  next
  98.328 -  assume "t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t2" 
  98.329 -  then show "t1 \<longrightarrow>\<^isub>1\<^sup>* t2" by (induct) (auto intro: Beta_implies_One_star)
  98.330 +  assume "t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t2" 
  98.331 +  then show "t1 \<longrightarrow>\<^sub>1\<^sup>* t2" by (induct) (auto intro: Beta_implies_One_star)
  98.332  qed
  98.333  
  98.334  section {* The Church-Rosser Theorem *}
  98.335  
  98.336  theorem CR_for_Beta_star: 
  98.337 -  assumes a: "t \<longrightarrow>\<^isub>\<beta>\<^sup>* t1" "t\<longrightarrow>\<^isub>\<beta>\<^sup>* t2" 
  98.338 -  shows "\<exists>t3. t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t3 \<and> t2 \<longrightarrow>\<^isub>\<beta>\<^sup>* t3"
  98.339 +  assumes a: "t \<longrightarrow>\<^sub>\<beta>\<^sup>* t1" "t\<longrightarrow>\<^sub>\<beta>\<^sup>* t2" 
  98.340 +  shows "\<exists>t3. t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t3 \<and> t2 \<longrightarrow>\<^sub>\<beta>\<^sup>* t3"
  98.341  proof -
  98.342 -  from a have "t \<longrightarrow>\<^isub>1\<^sup>* t1" and "t\<longrightarrow>\<^isub>1\<^sup>* t2" by (simp_all add: Beta_star_equals_One_star)
  98.343 -  then have "\<exists>t3. t1 \<longrightarrow>\<^isub>1\<^sup>* t3 \<and> t2 \<longrightarrow>\<^isub>1\<^sup>* t3" by (simp add: CR_for_One_star) 
  98.344 -  then show "\<exists>t3. t1 \<longrightarrow>\<^isub>\<beta>\<^sup>* t3 \<and> t2 \<longrightarrow>\<^isub>\<beta>\<^sup>* t3" by (simp add: Beta_star_equals_One_star)
  98.345 +  from a have "t \<longrightarrow>\<^sub>1\<^sup>* t1" and "t\<longrightarrow>\<^sub>1\<^sup>* t2" by (simp_all add: Beta_star_equals_One_star)
  98.346 +  then have "\<exists>t3. t1 \<longrightarrow>\<^sub>1\<^sup>* t3 \<and> t2 \<longrightarrow>\<^sub>1\<^sup>* t3" by (simp add: CR_for_One_star) 
  98.347 +  then show "\<exists>t3. t1 \<longrightarrow>\<^sub>\<beta>\<^sup>* t3 \<and> t2 \<longrightarrow>\<^sub>\<beta>\<^sup>* t3" by (simp add: Beta_star_equals_One_star)
  98.348  qed
  98.349  
  98.350  
    99.1 --- a/src/HOL/Nominal/Examples/Class1.thy	Tue Aug 13 16:53:23 2013 +0200
    99.2 +++ b/src/HOL/Nominal/Examples/Class1.thy	Tue Aug 13 17:45:22 2013 +0200
    99.3 @@ -3770,31 +3770,31 @@
    99.4  done
    99.5  
    99.6  inductive
    99.7 -  l_redu :: "trm \<Rightarrow> trm \<Rightarrow> bool" ("_ \<longrightarrow>\<^isub>l _" [100,100] 100)
    99.8 +  l_redu :: "trm \<Rightarrow> trm \<Rightarrow> bool" ("_ \<longrightarrow>\<^sub>l _" [100,100] 100)
    99.9  where
   99.10 -  LAxR:  "\<lbrakk>x\<sharp>M; a\<sharp>b; fic M a\<rbrakk> \<Longrightarrow> Cut <a>.M (x).(Ax x b) \<longrightarrow>\<^isub>l M[a\<turnstile>c>b]"
   99.11 -| LAxL:  "\<lbrakk>a\<sharp>M; x\<sharp>y; fin M x\<rbrakk> \<Longrightarrow> Cut <a>.(Ax y a) (x).M \<longrightarrow>\<^isub>l M[x\<turnstile>n>y]"
   99.12 +  LAxR:  "\<lbrakk>x\<sharp>M; a\<sharp>b; fic M a\<rbrakk> \<Longrightarrow> Cut <a>.M (x).(Ax x b) \<longrightarrow>\<^sub>l M[a\<turnstile>c>b]"
   99.13 +| LAxL:  "\<lbrakk>a\<sharp>M; x\<sharp>y; fin M x\<rbrakk> \<Longrightarrow> Cut <a>.(Ax y a) (x).M \<longrightarrow>\<^sub>l M[x\<turnstile>n>y]"
   99.14  | LNot:  "\<lbrakk>y\<sharp>(M,N); x\<sharp>(N,y); a\<sharp>(M,N,b); b\<sharp>M; y\<noteq>x; b\<noteq>a\<rbrakk> \<Longrightarrow>
   99.15 -          Cut <a>.(NotR (x).M a) (y).(NotL <b>.N y) \<longrightarrow>\<^isub>l Cut <b>.N (x).M" 
   99.16 +          Cut <a>.(NotR (x).M a) (y).(NotL <b>.N y) \<longrightarrow>\<^sub>l Cut <b>.N (x).M" 
   99.17  | LAnd1: "\<lbrakk>b\<sharp>([a1].M1,[a2].M2,N,a1,a2); y\<sharp>([x].N,M1,M2,x); x\<sharp>(M1,M2); a1\<sharp>(M2,N); a2\<sharp>(M1,N); a1\<noteq>a2\<rbrakk> \<Longrightarrow>
   99.18 -          Cut <b>.(AndR <a1>.M1 <a2>.M2 b) (y).(AndL1 (x).N y) \<longrightarrow>\<^isub>l Cut <a1>.M1 (x).N"
   99.19 +          Cut <b>.(AndR <a1>.M1 <a2>.M2 b) (y).(AndL1 (x).N y) \<longrightarrow>\<^sub>l Cut <a1>.M1 (x).N"
   99.20  | LAnd2: "\<lbrakk>b\<sharp>([a1].M1,[a2].M2,N,a1,a2); y\<sharp>([x].N,M1,M2,x); x\<sharp>(M1,M2); a1\<sharp>(M2,N); a2\<sharp>(M1,N); a1\<noteq>a2\<rbrakk> \<Longrightarrow>
   99.21 -          Cut <b>.(AndR <a1>.M1 <a2>.M2 b) (y).(AndL2 (x).N y) \<longrightarrow>\<^isub>l Cut <a2>.M2 (x).N"
   99.22 +          Cut <b>.(AndR <a1>.M1 <a2>.M2 b) (y).(AndL2 (x).N y) \<longrightarrow>\<^sub>l Cut <a2>.M2 (x).N"
   99.23  | LOr1:  "\<lbrakk>b\<sharp>([a].M,N1,N2,a); y\<sharp>([x1].N1,[x2].N2,M,x1,x2); x1\<sharp>(M,N2); x2\<sharp>(M,N1); a\<sharp>(N1,N2); x1\<noteq>x2\<rbrakk> \<Longrightarrow>
   99.24 -          Cut <b>.(OrR1 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^isub>l Cut <a>.M (x1).N1"
   99.25 +          Cut <b>.(OrR1 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^sub>l Cut <a>.M (x1).N1"
   99.26  | LOr2:  "\<lbrakk>b\<sharp>([a].M,N1,N2,a); y\<sharp>([x1].N1,[x2].N2,M,x1,x2); x1\<sharp>(M,N2); x2\<sharp>(M,N1); a\<sharp>(N1,N2); x1\<noteq>x2\<rbrakk> \<Longrightarrow>
   99.27 -          Cut <b>.(OrR2 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^isub>l Cut <a>.M (x2).N2"
   99.28 +          Cut <b>.(OrR2 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^sub>l Cut <a>.M (x2).N2"
   99.29  | LImp:  "\<lbrakk>z\<sharp>(N,[y].P,[x].M,y,x); b\<sharp>([a].M,[c].N,P,c,a); x\<sharp>(N,[y].P,y); 
   99.30            c\<sharp>(P,[a].M,b,a); a\<sharp>([c].N,P); y\<sharp>(N,[x].M)\<rbrakk> \<Longrightarrow>
   99.31 -          Cut <b>.(ImpR (x).<a>.M b) (z).(ImpL <c>.N (y).P z) \<longrightarrow>\<^isub>l Cut <a>.(Cut <c>.N (x).M) (y).P"
   99.32 +          Cut <b>.(ImpR (x).<a>.M b) (z).(ImpL <c>.N (y).P z) \<longrightarrow>\<^sub>l Cut <a>.(Cut <c>.N (x).M) (y).P"
   99.33  
   99.34  equivariance l_redu
   99.35  
   99.36  lemma l_redu_eqvt':
   99.37    fixes pi1::"name prm"
   99.38    and   pi2::"coname prm"
   99.39 -  shows "(pi1\<bullet>M) \<longrightarrow>\<^isub>l (pi1\<bullet>M') \<Longrightarrow> M \<longrightarrow>\<^isub>l M'"
   99.40 -  and   "(pi2\<bullet>M) \<longrightarrow>\<^isub>l (pi2\<bullet>M') \<Longrightarrow> M \<longrightarrow>\<^isub>l M'"
   99.41 +  shows "(pi1\<bullet>M) \<longrightarrow>\<^sub>l (pi1\<bullet>M') \<Longrightarrow> M \<longrightarrow>\<^sub>l M'"
   99.42 +  and   "(pi2\<bullet>M) \<longrightarrow>\<^sub>l (pi2\<bullet>M') \<Longrightarrow> M \<longrightarrow>\<^sub>l M'"
   99.43  apply -
   99.44  apply(drule_tac pi="rev pi1" in l_redu.eqvt(1))
   99.45  apply(perm_simp)
   99.46 @@ -3810,8 +3810,8 @@
   99.47  lemma fresh_l_redu:
   99.48    fixes x::"name"
   99.49    and   a::"coname"
   99.50 -  shows "M \<longrightarrow>\<^isub>l M' \<Longrightarrow> x\<sharp>M \<Longrightarrow> x\<sharp>M'"
   99.51 -  and   "M \<longrightarrow>\<^isub>l M' \<Longrightarrow> a\<sharp>M \<Longrightarrow> a\<sharp>M'"
   99.52 +  shows "M \<longrightarrow>\<^sub>l M' \<Longrightarrow> x\<sharp>M \<Longrightarrow> x\<sharp>M'"
   99.53 +  and   "M \<longrightarrow>\<^sub>l M' \<Longrightarrow> a\<sharp>M \<Longrightarrow> a\<sharp>M'"
   99.54  apply -
   99.55  apply(induct rule: l_redu.induct)
   99.56  apply(auto simp add: abs_fresh rename_fresh)
   99.57 @@ -3828,35 +3828,35 @@
   99.58  done
   99.59  
   99.60  lemma better_LAxR_intro[intro]:
   99.61 -  shows "fic M a \<Longrightarrow> Cut <a>.M (x).(Ax x b) \<longrightarrow>\<^isub>l M[a\<turnstile>c>b]"
   99.62 +  shows "fic M a \<Longrightarrow> Cut <a>.M (x).(Ax x b) \<longrightarrow>\<^sub>l M[a\<turnstile>c>b]"
   99.63  proof -
   99.64    assume fin: "fic M a"
   99.65    obtain x'::"name" where fs1: "x'\<sharp>(M,x)" by (rule exists_fresh(1), rule fin_supp, blast)
   99.66    obtain a'::"coname" where fs2: "a'\<sharp>(a,M,b)" by (rule exists_fresh(2), rule fin_supp, blast)
   99.67    have "Cut <a>.M (x).(Ax x b) =  Cut <a'>.([(a',a)]\<bullet>M) (x').(Ax x' b)"
   99.68      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
   99.69 -  also have "\<dots> \<longrightarrow>\<^isub>l ([(a',a)]\<bullet>M)[a'\<turnstile>c>b]" using fs1 fs2 fin
   99.70 +  also have "\<dots> \<longrightarrow>\<^sub>l ([(a',a)]\<bullet>M)[a'\<turnstile>c>b]" using fs1 fs2 fin
   99.71      by (auto intro: l_redu.intros simp add: fresh_left calc_atm fic_rename)
   99.72    also have "\<dots> = M[a\<turnstile>c>b]" using fs1 fs2 by (simp add: crename_rename)
   99.73    finally show ?thesis by simp
   99.74  qed
   99.75      
   99.76  lemma better_LAxL_intro[intro]:
   99.77 -  shows "fin M x \<Longrightarrow> Cut <a>.(Ax y a) (x).M \<longrightarrow>\<^isub>l M[x\<turnstile>n>y]"
   99.78 +  shows "fin M x \<Longrightarrow> Cut <a>.(Ax y a) (x).M \<longrightarrow>\<^sub>l M[x\<turnstile>n>y]"
   99.79  proof -
   99.80    assume fin: "fin M x"
   99.81    obtain x'::"name" where fs1: "x'\<sharp>(y,M,x)" by (rule exists_fresh(1), rule fin_supp, blast)
   99.82    obtain a'::"coname" where fs2: "a'\<sharp>(a,M)" by (rule exists_fresh(2), rule fin_supp, blast)
   99.83    have "Cut <a>.(Ax y a) (x).M = Cut <a'>.(Ax y a') (x').([(x',x)]\<bullet>M)"
   99.84      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
   99.85 -  also have "\<dots> \<longrightarrow>\<^isub>l ([(x',x)]\<bullet>M)[x'\<turnstile>n>y]" using fs1 fs2 fin
   99.86 +  also have "\<dots> \<longrightarrow>\<^sub>l ([(x',x)]\<bullet>M)[x'\<turnstile>n>y]" using fs1 fs2 fin
   99.87      by (auto intro: l_redu.intros simp add: fresh_left calc_atm fin_rename)
   99.88    also have "\<dots> = M[x\<turnstile>n>y]" using fs1 fs2 by (simp add: nrename_rename)
   99.89    finally show ?thesis by simp
   99.90  qed
   99.91  
   99.92  lemma better_LNot_intro[intro]:
   99.93 -  shows "\<lbrakk>y\<sharp>N; a\<sharp>M\<rbrakk> \<Longrightarrow> Cut <a>.(NotR (x).M a) (y).(NotL <b>.N y) \<longrightarrow>\<^isub>l Cut <b>.N (x).M"
   99.94 +  shows "\<lbrakk>y\<sharp>N; a\<sharp>M\<rbrakk> \<Longrightarrow> Cut <a>.(NotR (x).M a) (y).(NotL <b>.N y) \<longrightarrow>\<^sub>l Cut <b>.N (x).M"
   99.95  proof -
   99.96    assume fs: "y\<sharp>N" "a\<sharp>M"
   99.97    obtain x'::"name" where f1: "x'\<sharp>(y,N,M,x)" by (rule exists_fresh(1), rule fin_supp, blast)
   99.98 @@ -3872,7 +3872,7 @@
   99.99    also have "\<dots> = Cut <a'>.(NotR (x').([(x',x)]\<bullet>M) a') (y').(NotL <b'>.([(b',b)]\<bullet>N) y')"
  99.100      using f1 f2 f3 f4 
  99.101      by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.102 -  also have "\<dots> \<longrightarrow>\<^isub>l Cut <b'>.([(b',b)]\<bullet>N) (x').([(x',x)]\<bullet>M)"
  99.103 +  also have "\<dots> \<longrightarrow>\<^sub>l Cut <b'>.([(b',b)]\<bullet>N) (x').([(x',x)]\<bullet>M)"
  99.104      using f1 f2 f3 f4 fs
  99.105      by (auto intro:  l_redu.intros simp add: fresh_prod fresh_left calc_atm fresh_atm)
  99.106    also have "\<dots> = Cut <b>.N (x).M"
  99.107 @@ -3882,7 +3882,7 @@
  99.108  
  99.109  lemma better_LAnd1_intro[intro]:
  99.110    shows "\<lbrakk>a\<sharp>([b1].M1,[b2].M2); y\<sharp>[x].N\<rbrakk> 
  99.111 -         \<Longrightarrow> Cut <a>.(AndR <b1>.M1 <b2>.M2 a) (y).(AndL1 (x).N y) \<longrightarrow>\<^isub>l Cut <b1>.M1 (x).N"
  99.112 +         \<Longrightarrow> Cut <a>.(AndR <b1>.M1 <b2>.M2 a) (y).(AndL1 (x).N y) \<longrightarrow>\<^sub>l Cut <b1>.M1 (x).N"
  99.113  proof -
  99.114    assume fs: "a\<sharp>([b1].M1,[b2].M2)" "y\<sharp>[x].N"
  99.115    obtain x'::"name" where f1: "x'\<sharp>(y,N,M1,M2,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.116 @@ -3903,7 +3903,7 @@
  99.117      apply(rule_tac sym)
  99.118      apply(perm_simp add: trm.inject alpha calc_atm fresh_prod fresh_left fresh_atm abs_fresh)
  99.119      done
  99.120 -  also have "\<dots> \<longrightarrow>\<^isub>l Cut <b1'>.([(b1',b1)]\<bullet>M1) (x').([(x',x)]\<bullet>N)"
  99.121 +  also have "\<dots> \<longrightarrow>\<^sub>l Cut <b1'>.([(b1',b1)]\<bullet>M1) (x').([(x',x)]\<bullet>N)"
  99.122      using f1 f2 f3 f4 f5 fs
  99.123      apply -
  99.124      apply(rule l_redu.intros)
  99.125 @@ -3916,7 +3916,7 @@
  99.126  
  99.127  lemma better_LAnd2_intro[intro]:
  99.128    shows "\<lbrakk>a\<sharp>([b1].M1,[b2].M2); y\<sharp>[x].N\<rbrakk> 
  99.129 -         \<Longrightarrow> Cut <a>.(AndR <b1>.M1 <b2>.M2 a) (y).(AndL2 (x).N y) \<longrightarrow>\<^isub>l Cut <b2>.M2 (x).N"
  99.130 +         \<Longrightarrow> Cut <a>.(AndR <b1>.M1 <b2>.M2 a) (y).(AndL2 (x).N y) \<longrightarrow>\<^sub>l Cut <b2>.M2 (x).N"
  99.131  proof -
  99.132    assume fs: "a\<sharp>([b1].M1,[b2].M2)" "y\<sharp>[x].N"
  99.133    obtain x'::"name" where f1: "x'\<sharp>(y,N,M1,M2,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.134 @@ -3937,7 +3937,7 @@
  99.135      apply(rule_tac sym)
  99.136      apply(perm_simp add: trm.inject alpha calc_atm fresh_prod fresh_left fresh_atm abs_fresh)
  99.137      done
  99.138 -  also have "\<dots> \<longrightarrow>\<^isub>l Cut <b2'>.([(b2',b2)]\<bullet>M2) (x').([(x',x)]\<bullet>N)"
  99.139 +  also have "\<dots> \<longrightarrow>\<^sub>l Cut <b2'>.([(b2',b2)]\<bullet>M2) (x').([(x',x)]\<bullet>N)"
  99.140      using f1 f2 f3 f4 f5 fs
  99.141      apply -
  99.142      apply(rule l_redu.intros)
  99.143 @@ -3950,7 +3950,7 @@
  99.144  
  99.145  lemma better_LOr1_intro[intro]:
  99.146    shows "\<lbrakk>y\<sharp>([x1].N1,[x2].N2); b\<sharp>[a].M\<rbrakk> 
  99.147 -         \<Longrightarrow> Cut <b>.(OrR1 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^isub>l Cut <a>.M (x1).N1"
  99.148 +         \<Longrightarrow> Cut <b>.(OrR1 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^sub>l Cut <a>.M (x1).N1"
  99.149  proof -
  99.150    assume fs: "y\<sharp>([x1].N1,[x2].N2)" "b\<sharp>[a].M"
  99.151    obtain y'::"name" where f1: "y'\<sharp>(y,M,N1,N2,x1,x2)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.152 @@ -3971,7 +3971,7 @@
  99.153      apply(rule_tac sym)
  99.154      apply(perm_simp add: trm.inject alpha calc_atm fresh_prod fresh_left fresh_atm abs_fresh)
  99.155      done
  99.156 -  also have "\<dots> \<longrightarrow>\<^isub>l Cut <a'>.([(a',a)]\<bullet>M) (x1').([(x1',x1)]\<bullet>N1)"
  99.157 +  also have "\<dots> \<longrightarrow>\<^sub>l Cut <a'>.([(a',a)]\<bullet>M) (x1').([(x1',x1)]\<bullet>N1)"
  99.158      using f1 f2 f3 f4 f5 fs
  99.159      apply -
  99.160      apply(rule l_redu.intros)
  99.161 @@ -3984,7 +3984,7 @@
  99.162  
  99.163  lemma better_LOr2_intro[intro]:
  99.164    shows "\<lbrakk>y\<sharp>([x1].N1,[x2].N2); b\<sharp>[a].M\<rbrakk> 
  99.165 -         \<Longrightarrow> Cut <b>.(OrR2 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^isub>l Cut <a>.M (x2).N2"
  99.166 +         \<Longrightarrow> Cut <b>.(OrR2 <a>.M b) (y).(OrL (x1).N1 (x2).N2 y) \<longrightarrow>\<^sub>l Cut <a>.M (x2).N2"
  99.167  proof -
  99.168    assume fs: "y\<sharp>([x1].N1,[x2].N2)" "b\<sharp>[a].M"
  99.169    obtain y'::"name" where f1: "y'\<sharp>(y,M,N1,N2,x1,x2)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.170 @@ -4005,7 +4005,7 @@
  99.171      apply(rule_tac sym)
  99.172      apply(perm_simp add: trm.inject alpha calc_atm fresh_prod fresh_left fresh_atm abs_fresh)
  99.173      done
  99.174 -  also have "\<dots> \<longrightarrow>\<^isub>l Cut <a'>.([(a',a)]\<bullet>M) (x2').([(x2',x2)]\<bullet>N2)"
  99.175 +  also have "\<dots> \<longrightarrow>\<^sub>l Cut <a'>.([(a',a)]\<bullet>M) (x2').([(x2',x2)]\<bullet>N2)"
  99.176      using f1 f2 f3 f4 f5 fs
  99.177      apply -
  99.178      apply(rule l_redu.intros)
  99.179 @@ -4018,7 +4018,7 @@
  99.180  
  99.181  lemma better_LImp_intro[intro]:
  99.182    shows "\<lbrakk>z\<sharp>(N,[y].P); b\<sharp>[a].M; a\<sharp>N\<rbrakk> 
  99.183 -         \<Longrightarrow> Cut <b>.(ImpR (x).<a>.M b) (z).(ImpL <c>.N (y).P z) \<longrightarrow>\<^isub>l Cut <a>.(Cut <c>.N (x).M) (y).P"
  99.184 +         \<Longrightarrow> Cut <b>.(ImpR (x).<a>.M b) (z).(ImpL <c>.N (y).P z) \<longrightarrow>\<^sub>l Cut <a>.(Cut <c>.N (x).M) (y).P"
  99.185  proof -
  99.186    assume fs: "z\<sharp>(N,[y].P)" "b\<sharp>[a].M" "a\<sharp>N"
  99.187    obtain y'::"name" where f1: "y'\<sharp>(y,M,N,P,z,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.188 @@ -4049,7 +4049,7 @@
  99.189      apply(simp add: alpha fresh_prod fresh_atm abs_perm calc_atm fresh_left abs_fresh)
  99.190      apply(simp add: alpha fresh_prod fresh_atm abs_perm calc_atm fresh_left abs_fresh)
  99.191      done
  99.192 -  also have "\<dots> \<longrightarrow>\<^isub>l Cut <a'>.(Cut <c'>.([(c',c)]\<bullet>N) (x').([(a',a)]\<bullet>[(x',x)]\<bullet>M)) (y').([(y',y)]\<bullet>P)"
  99.193 +  also have "\<dots> \<longrightarrow>\<^sub>l Cut <a'>.(Cut <c'>.([(c',c)]\<bullet>N) (x').([(a',a)]\<bullet>[(x',x)]\<bullet>M)) (y').([(y',y)]\<bullet>P)"
  99.194      using f1 f2 f3 f4 f5 f6 fs
  99.195      apply -
  99.196      apply(rule l_redu.intros)
  99.197 @@ -4118,7 +4118,7 @@
  99.198  done 
  99.199  
  99.200  lemma Cut_l_redu_elim:
  99.201 -  assumes a: "Cut <a>.M (x).N \<longrightarrow>\<^isub>l R"
  99.202 +  assumes a: "Cut <a>.M (x).N \<longrightarrow>\<^sub>l R"
  99.203    shows "(\<exists>b. R = M[a\<turnstile>c>b]) \<or> (\<exists>y. R = N[x\<turnstile>n>y]) \<or>
  99.204    (\<exists>y M' b N'. M = NotR (y).M' a \<and> N = NotL <b>.N' x \<and> R = Cut <b>.N' (y).M' \<and> fic M a \<and> fin N x) \<or>
  99.205    (\<exists>b M1 c M2 y N'. M = AndR <b>.M1 <c>.M2 a \<and> N = AndL1 (y).N' x \<and> R = Cut <b>.M1 (y).N' 
  99.206 @@ -4471,10 +4471,10 @@
  99.207  done
  99.208  
  99.209  inductive
  99.210 -  c_redu :: "trm \<Rightarrow> trm \<Rightarrow> bool" ("_ \<longrightarrow>\<^isub>c _" [100,100] 100)
  99.211 +  c_redu :: "trm \<Rightarrow> trm \<Rightarrow> bool" ("_ \<longrightarrow>\<^sub>c _" [100,100] 100)
  99.212  where
  99.213 -  left[intro]:  "\<lbrakk>\<not>fic M a; a\<sharp>N; x\<sharp>M\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>c M{a:=(x).N}"
  99.214 -| right[intro]: "\<lbrakk>\<not>fin N x; a\<sharp>N; x\<sharp>M\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>c N{x:=<a>.M}"
  99.215 +  left[intro]:  "\<lbrakk>\<not>fic M a; a\<sharp>N; x\<sharp>M\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>c M{a:=(x).N}"
  99.216 +| right[intro]: "\<lbrakk>\<not>fin N x; a\<sharp>N; x\<sharp>M\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>c N{x:=<a>.M}"
  99.217  
  99.218  equivariance c_redu
  99.219  
  99.220 @@ -4482,14 +4482,14 @@
  99.221   by (simp_all add: abs_fresh subst_fresh)
  99.222  
  99.223  lemma better_left[intro]:
  99.224 -  shows "\<not>fic M a \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>c M{a:=(x).N}"
  99.225 +  shows "\<not>fic M a \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>c M{a:=(x).N}"
  99.226  proof -
  99.227    assume not_fic: "\<not>fic M a"
  99.228    obtain x'::"name" where fs1: "x'\<sharp>(N,M,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.229    obtain a'::"coname" where fs2: "a'\<sharp>(a,M,N)" by (rule exists_fresh(2), rule fin_supp, blast)
  99.230    have "Cut <a>.M (x).N =  Cut <a'>.([(a',a)]\<bullet>M) (x').([(x',x)]\<bullet>N)"
  99.231      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.232 -  also have "\<dots> \<longrightarrow>\<^isub>c ([(a',a)]\<bullet>M){a':=(x').([(x',x)]\<bullet>N)}" using fs1 fs2 not_fic
  99.233 +  also have "\<dots> \<longrightarrow>\<^sub>c ([(a',a)]\<bullet>M){a':=(x').([(x',x)]\<bullet>N)}" using fs1 fs2 not_fic
  99.234      apply -
  99.235      apply(rule left)
  99.236      apply(clarify)
  99.237 @@ -4503,14 +4503,14 @@
  99.238  qed
  99.239  
  99.240  lemma better_right[intro]:
  99.241 -  shows "\<not>fin N x \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>c N{x:=<a>.M}"
  99.242 +  shows "\<not>fin N x \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>c N{x:=<a>.M}"
  99.243  proof -
  99.244    assume not_fin: "\<not>fin N x"
  99.245    obtain x'::"name" where fs1: "x'\<sharp>(N,M,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.246    obtain a'::"coname" where fs2: "a'\<sharp>(a,M,N)" by (rule exists_fresh(2), rule fin_supp, blast)
  99.247    have "Cut <a>.M (x).N =  Cut <a'>.([(a',a)]\<bullet>M) (x').([(x',x)]\<bullet>N)"
  99.248      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.249 -  also have "\<dots> \<longrightarrow>\<^isub>c ([(x',x)]\<bullet>N){x':=<a'>.([(a',a)]\<bullet>M)}" using fs1 fs2 not_fin
  99.250 +  also have "\<dots> \<longrightarrow>\<^sub>c ([(x',x)]\<bullet>N){x':=<a'>.([(a',a)]\<bullet>M)}" using fs1 fs2 not_fin
  99.251      apply -
  99.252      apply(rule right)
  99.253      apply(clarify)
  99.254 @@ -4526,8 +4526,8 @@
  99.255  lemma fresh_c_redu:
  99.256    fixes x::"name"
  99.257    and   c::"coname"
  99.258 -  shows "M \<longrightarrow>\<^isub>c M' \<Longrightarrow> x\<sharp>M \<Longrightarrow> x\<sharp>M'"
  99.259 -  and   "M \<longrightarrow>\<^isub>c M' \<Longrightarrow> c\<sharp>M \<Longrightarrow> c\<sharp>M'"
  99.260 +  shows "M \<longrightarrow>\<^sub>c M' \<Longrightarrow> x\<sharp>M \<Longrightarrow> x\<sharp>M'"
  99.261 +  and   "M \<longrightarrow>\<^sub>c M' \<Longrightarrow> c\<sharp>M \<Longrightarrow> c\<sharp>M'"
  99.262  apply -
  99.263  apply(induct rule: c_redu.induct)
  99.264  apply(auto simp add: abs_fresh rename_fresh subst_fresh)
  99.265 @@ -4536,31 +4536,31 @@
  99.266  done
  99.267  
  99.268  inductive
  99.269 -  a_redu :: "trm \<Rightarrow> trm \<Rightarrow> bool" ("_ \<longrightarrow>\<^isub>a _" [100,100] 100)
  99.270 +  a_redu :: "trm \<Rightarrow> trm \<Rightarrow> bool" ("_ \<longrightarrow>\<^sub>a _" [100,100] 100)
  99.271  where
  99.272 -  al_redu[intro]: "M\<longrightarrow>\<^isub>l M' \<Longrightarrow> M \<longrightarrow>\<^isub>a M'"
  99.273 -| ac_redu[intro]: "M\<longrightarrow>\<^isub>c M' \<Longrightarrow> M \<longrightarrow>\<^isub>a M'"
  99.274 -| a_Cut_l: "\<lbrakk>a\<sharp>N; x\<sharp>M; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>a Cut <a>.M' (x).N"
  99.275 -| a_Cut_r: "\<lbrakk>a\<sharp>N; x\<sharp>M; N\<longrightarrow>\<^isub>a N'\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>a Cut <a>.M (x).N'"
  99.276 -| a_NotL[intro]: "M\<longrightarrow>\<^isub>a M' \<Longrightarrow> NotL <a>.M x \<longrightarrow>\<^isub>a NotL <a>.M' x"
  99.277 -| a_NotR[intro]: "M\<longrightarrow>\<^isub>a M' \<Longrightarrow> NotR (x).M a \<longrightarrow>\<^isub>a NotR (x).M' a"
  99.278 -| a_AndR_l: "\<lbrakk>a\<sharp>(N,c); b\<sharp>(M,c); b\<noteq>a; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^isub>a AndR <a>.M' <b>.N c"
  99.279 -| a_AndR_r: "\<lbrakk>a\<sharp>(N,c); b\<sharp>(M,c); b\<noteq>a; N\<longrightarrow>\<^isub>a N'\<rbrakk> \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^isub>a AndR <a>.M <b>.N' c"
  99.280 -| a_AndL1: "\<lbrakk>x\<sharp>y; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> AndL1 (x).M y \<longrightarrow>\<^isub>a AndL1 (x).M' y"
  99.281 -| a_AndL2: "\<lbrakk>x\<sharp>y; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> AndL2 (x).M y \<longrightarrow>\<^isub>a AndL2 (x).M' y"
  99.282 -| a_OrL_l: "\<lbrakk>x\<sharp>(N,z); y\<sharp>(M,z); y\<noteq>x; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> OrL (x).M (y).N z \<longrightarrow>\<^isub>a OrL (x).M' (y).N z"
  99.283 -| a_OrL_r: "\<lbrakk>x\<sharp>(N,z); y\<sharp>(M,z); y\<noteq>x; N\<longrightarrow>\<^isub>a N'\<rbrakk> \<Longrightarrow> OrL (x).M (y).N z \<longrightarrow>\<^isub>a OrL (x).M (y).N' z"
  99.284 -| a_OrR1: "\<lbrakk>a\<sharp>b; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> OrR1 <a>.M b \<longrightarrow>\<^isub>a OrR1 <a>.M' b"
  99.285 -| a_OrR2: "\<lbrakk>a\<sharp>b; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> OrR2 <a>.M b \<longrightarrow>\<^isub>a OrR2 <a>.M' b"
  99.286 -| a_ImpL_l: "\<lbrakk>a\<sharp>N; x\<sharp>(M,y); M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> ImpL <a>.M (x).N y \<longrightarrow>\<^isub>a ImpL <a>.M' (x).N y"
  99.287 -| a_ImpL_r: "\<lbrakk>a\<sharp>N; x\<sharp>(M,y); N\<longrightarrow>\<^isub>a N'\<rbrakk> \<Longrightarrow> ImpL <a>.M (x).N y \<longrightarrow>\<^isub>a ImpL <a>.M (x).N' y"
  99.288 -| a_ImpR: "\<lbrakk>a\<sharp>b; M\<longrightarrow>\<^isub>a M'\<rbrakk> \<Longrightarrow> ImpR (x).<a>.M b \<longrightarrow>\<^isub>a ImpR (x).<a>.M' b"
  99.289 +  al_redu[intro]: "M\<longrightarrow>\<^sub>l M' \<Longrightarrow> M \<longrightarrow>\<^sub>a M'"
  99.290 +| ac_redu[intro]: "M\<longrightarrow>\<^sub>c M' \<Longrightarrow> M \<longrightarrow>\<^sub>a M'"
  99.291 +| a_Cut_l: "\<lbrakk>a\<sharp>N; x\<sharp>M; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>a Cut <a>.M' (x).N"
  99.292 +| a_Cut_r: "\<lbrakk>a\<sharp>N; x\<sharp>M; N\<longrightarrow>\<^sub>a N'\<rbrakk> \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>a Cut <a>.M (x).N'"
  99.293 +| a_NotL[intro]: "M\<longrightarrow>\<^sub>a M' \<Longrightarrow> NotL <a>.M x \<longrightarrow>\<^sub>a NotL <a>.M' x"
  99.294 +| a_NotR[intro]: "M\<longrightarrow>\<^sub>a M' \<Longrightarrow> NotR (x).M a \<longrightarrow>\<^sub>a NotR (x).M' a"
  99.295 +| a_AndR_l: "\<lbrakk>a\<sharp>(N,c); b\<sharp>(M,c); b\<noteq>a; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^sub>a AndR <a>.M' <b>.N c"
  99.296 +| a_AndR_r: "\<lbrakk>a\<sharp>(N,c); b\<sharp>(M,c); b\<noteq>a; N\<longrightarrow>\<^sub>a N'\<rbrakk> \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^sub>a AndR <a>.M <b>.N' c"
  99.297 +| a_AndL1: "\<lbrakk>x\<sharp>y; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> AndL1 (x).M y \<longrightarrow>\<^sub>a AndL1 (x).M' y"
  99.298 +| a_AndL2: "\<lbrakk>x\<sharp>y; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> AndL2 (x).M y \<longrightarrow>\<^sub>a AndL2 (x).M' y"
  99.299 +| a_OrL_l: "\<lbrakk>x\<sharp>(N,z); y\<sharp>(M,z); y\<noteq>x; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> OrL (x).M (y).N z \<longrightarrow>\<^sub>a OrL (x).M' (y).N z"
  99.300 +| a_OrL_r: "\<lbrakk>x\<sharp>(N,z); y\<sharp>(M,z); y\<noteq>x; N\<longrightarrow>\<^sub>a N'\<rbrakk> \<Longrightarrow> OrL (x).M (y).N z \<longrightarrow>\<^sub>a OrL (x).M (y).N' z"
  99.301 +| a_OrR1: "\<lbrakk>a\<sharp>b; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> OrR1 <a>.M b \<longrightarrow>\<^sub>a OrR1 <a>.M' b"
  99.302 +| a_OrR2: "\<lbrakk>a\<sharp>b; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> OrR2 <a>.M b \<longrightarrow>\<^sub>a OrR2 <a>.M' b"
  99.303 +| a_ImpL_l: "\<lbrakk>a\<sharp>N; x\<sharp>(M,y); M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> ImpL <a>.M (x).N y \<longrightarrow>\<^sub>a ImpL <a>.M' (x).N y"
  99.304 +| a_ImpL_r: "\<lbrakk>a\<sharp>N; x\<sharp>(M,y); N\<longrightarrow>\<^sub>a N'\<rbrakk> \<Longrightarrow> ImpL <a>.M (x).N y \<longrightarrow>\<^sub>a ImpL <a>.M (x).N' y"
  99.305 +| a_ImpR: "\<lbrakk>a\<sharp>b; M\<longrightarrow>\<^sub>a M'\<rbrakk> \<Longrightarrow> ImpR (x).<a>.M b \<longrightarrow>\<^sub>a ImpR (x).<a>.M' b"
  99.306  
  99.307  lemma fresh_a_redu:
  99.308    fixes x::"name"
  99.309    and   c::"coname"
  99.310 -  shows "M \<longrightarrow>\<^isub>a M' \<Longrightarrow> x\<sharp>M \<Longrightarrow> x\<sharp>M'"
  99.311 -  and   "M \<longrightarrow>\<^isub>a M' \<Longrightarrow> c\<sharp>M \<Longrightarrow> c\<sharp>M'"
  99.312 +  shows "M \<longrightarrow>\<^sub>a M' \<Longrightarrow> x\<sharp>M \<Longrightarrow> x\<sharp>M'"
  99.313 +  and   "M \<longrightarrow>\<^sub>a M' \<Longrightarrow> c\<sharp>M \<Longrightarrow> c\<sharp>M'"
  99.314  apply -
  99.315  apply(induct rule: a_redu.induct)
  99.316  apply(simp add: fresh_l_redu)
  99.317 @@ -4578,14 +4578,14 @@
  99.318    by (simp_all add: abs_fresh fresh_atm fresh_prod abs_supp fin_supp fresh_a_redu)
  99.319  
  99.320  lemma better_CutL_intro[intro]:
  99.321 -  shows "M\<longrightarrow>\<^isub>a M' \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>a Cut <a>.M' (x).N"
  99.322 +  shows "M\<longrightarrow>\<^sub>a M' \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>a Cut <a>.M' (x).N"
  99.323  proof -
  99.324 -  assume red: "M\<longrightarrow>\<^isub>a M'"
  99.325 +  assume red: "M\<longrightarrow>\<^sub>a M'"
  99.326    obtain x'::"name"   where fs1: "x'\<sharp>(M,N,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.327    obtain a'::"coname" where fs2: "a'\<sharp>(M,N,a)" by (rule exists_fresh(2), rule fin_supp, blast)
  99.328    have "Cut <a>.M (x).N =  Cut <a'>.([(a',a)]\<bullet>M) (x').([(x',x)]\<bullet>N)"
  99.329      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.330 -  also have "\<dots> \<longrightarrow>\<^isub>a  Cut <a'>.([(a',a)]\<bullet>M') (x').([(x',x)]\<bullet>N)" using fs1 fs2 red
  99.331 +  also have "\<dots> \<longrightarrow>\<^sub>a  Cut <a'>.([(a',a)]\<bullet>M') (x').([(x',x)]\<bullet>N)" using fs1 fs2 red
  99.332      by (auto intro: a_redu.intros simp add: fresh_left calc_atm a_redu.eqvt)
  99.333    also have "\<dots> = Cut <a>.M' (x).N" 
  99.334      using fs1 fs2 red by (auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm fresh_a_redu)
  99.335 @@ -4593,14 +4593,14 @@
  99.336  qed
  99.337  
  99.338  lemma better_CutR_intro[intro]:
  99.339 -  shows "N\<longrightarrow>\<^isub>a N' \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^isub>a Cut <a>.M (x).N'"
  99.340 +  shows "N\<longrightarrow>\<^sub>a N' \<Longrightarrow> Cut <a>.M (x).N \<longrightarrow>\<^sub>a Cut <a>.M (x).N'"
  99.341  proof -
  99.342 -  assume red: "N\<longrightarrow>\<^isub>a N'"
  99.343 +  assume red: "N\<longrightarrow>\<^sub>a N'"
  99.344    obtain x'::"name"   where fs1: "x'\<sharp>(M,N,x)" by (rule exists_fresh(1), rule fin_supp, blast)
  99.345    obtain a'::"coname" where fs2: "a'\<sharp>(M,N,a)" by (rule exists_fresh(2), rule fin_supp, blast)
  99.346    have "Cut <a>.M (x).N =  Cut <a'>.([(a',a)]\<bullet>M) (x').([(x',x)]\<bullet>N)"
  99.347      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.348 -  also have "\<dots> \<longrightarrow>\<^isub>a  Cut <a'>.([(a',a)]\<bullet>M) (x').([(x',x)]\<bullet>N')" using fs1 fs2 red
  99.349 +  also have "\<dots> \<longrightarrow>\<^sub>a  Cut <a'>.([(a',a)]\<bullet>M) (x').([(x',x)]\<bullet>N')" using fs1 fs2 red
  99.350      by (auto intro: a_redu.intros simp add: fresh_left calc_atm a_redu.eqvt)
  99.351    also have "\<dots> = Cut <a>.M (x).N'" 
  99.352      using fs1 fs2 red by (auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm fresh_a_redu)
  99.353 @@ -4608,14 +4608,14 @@
  99.354  qed
  99.355      
  99.356  lemma better_AndRL_intro[intro]:
  99.357 -  shows "M\<longrightarrow>\<^isub>a M' \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^isub>a AndR <a>.M' <b>.N c"
  99.358 +  shows "M\<longrightarrow>\<^sub>a M' \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^sub>a AndR <a>.M' <b>.N c"
  99.359  proof -
  99.360 -  assume red: "M\<longrightarrow>\<^isub>a M'"
  99.361 +  assume red: "M\<longrightarrow>\<^sub>a M'"
  99.362    obtain b'::"coname" where fs1: "b'\<sharp>(M,N,a,b,c)" by (rule exists_fresh(2), rule fin_supp, blast)
  99.363    obtain a'::"coname" where fs2: "a'\<sharp>(M,N,a,b,c,b')" by (rule exists_fresh(2), rule fin_supp, blast)
  99.364    have "AndR <a>.M <b>.N c =  AndR <a'>.([(a',a)]\<bullet>M) <b'>.([(b',b)]\<bullet>N) c"
  99.365      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.366 -  also have "\<dots> \<longrightarrow>\<^isub>a  AndR <a'>.([(a',a)]\<bullet>M') <b'>.([(b',b)]\<bullet>N) c" using fs1 fs2 red
  99.367 +  also have "\<dots> \<longrightarrow>\<^sub>a  AndR <a'>.([(a',a)]\<bullet>M') <b'>.([(b',b)]\<bullet>N) c" using fs1 fs2 red
  99.368      by (auto intro: a_redu.intros simp add: fresh_left calc_atm a_redu.eqvt fresh_atm fresh_prod)
  99.369    also have "\<dots> = AndR <a>.M' <b>.N c" 
  99.370      using fs1 fs2 red by (auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm fresh_a_redu)
  99.371 @@ -4623,14 +4623,14 @@
  99.372  qed
  99.373  
  99.374  lemma better_AndRR_intro[intro]:
  99.375 -  shows "N\<longrightarrow>\<^isub>a N' \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^isub>a AndR <a>.M <b>.N' c"
  99.376 +  shows "N\<longrightarrow>\<^sub>a N' \<Longrightarrow> AndR <a>.M <b>.N c \<longrightarrow>\<^sub>a AndR <a>.M <b>.N' c"
  99.377  proof -
  99.378 -  assume red: "N\<longrightarrow>\<^isub>a N'"
  99.379 +  assume red: "N\<longrightarrow>\<^sub>a N'"
  99.380    obtain b'::"coname" where fs1: "b'\<sharp>(M,N,a,b,c)" by (rule exists_fresh(2), rule fin_supp, blast)
  99.381    obtain a'::"coname" where fs2: "a'\<sharp>(M,N,a,b,c,b')" by (rule exists_fresh(2), rule fin_supp, blast)
  99.382    have "AndR <a>.M <b>.N c =  AndR <a'>.([(a',a)]\<bullet>M) <b'>.([(b',b)]\<bullet>N) c"
  99.383      using fs1 fs2 by (rule_tac sym, auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm)
  99.384 -  also have "\<dots> \<longrightarrow>\<^isub>a  AndR <a'>.([(a',a)]\<bullet>M) <b'>.([(b',b)]\<bullet>N') c" using fs1 fs2 red
  99.385 +  also have "\<dots> \<longrightarrow>\<^sub>a  AndR <a'>.([(a',a)]\<bullet>M) <b'>.([(b',b)]\<bullet>N') c" using fs1 fs2 red
  99.386      by (auto intro: a_redu.intros simp add: fresh_left calc_atm a_redu.eqvt fresh_atm fresh_prod)
  99.387    also have "\<dots> = AndR <a>.M <b>.N' c" 
  99.388      using fs1 fs2 red by (auto simp add: trm.inject alpha fresh_atm fresh_prod calc_atm fresh_a_redu)
  99.389 @@ -4638,13 +4638,13 @@
  99.390  qed
  99.391  
  99.392  lemma better_AndL1_intro[intro]:
  99.393 -  shows "M\<longrightarrow>\<^isub>a M' \<Longrightarrow> AndL1 (x).M y \<longrightarrow>\<^isub>a AndL1 (x).M' y"
  99.394 +  shows "M\<longrightarrow>\<^sub>a M' \<Longrightarrow> AndL1 (x).M y \<longrightarrow>\<^sub>a AndL1 (x).M' y"
  99.395  proof -
  99.396 -  assume red: "M\<longrightarrow>\<^isub>a M'"
  99.397 +  assume red: "M\<longrightarrow>\<^sub>a M'"