isabelle: src/HOL/TLA/TLA.ML@38f96394c099 (annotated)

3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1	(*
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	2	File: TLA/TLA.ML
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	3	Author: Stephan Merz
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	4	Copyright: 1998 University of Munich
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	5
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	6	Lemmas and tactics for temporal reasoning.
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	7	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	8
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	9	(* Specialize intensional introduction/elimination rules for temporal formulas *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	10
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	11	qed_goal "tempI" TLA.thy "(!!sigma. sigma \|= (F::temporal)) ==> \|- F"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	12	(fn [prem] => [ REPEAT (resolve_tac [prem,intI] 1) ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	13
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	14	qed_goal "tempD" TLA.thy "\|- (F::temporal) ==> sigma \|= F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	15	(fn [prem] => [ rtac (prem RS intD) 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	16
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	17
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	18	(* ======== Functions to "unlift" temporal theorems ====== *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	19
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	20	(* The following functions are specialized versions of the corresponding
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	21	functions defined in Intensional.ML in that they introduce a
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	22	"world" parameter of type "behavior".
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	23	*)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	24	fun temp_unlift th =
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	25	(rewrite_rule action_rews (th RS tempD))
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	26	handle _ => action_unlift th;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	27
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	28	(* Turn \|- F = G into meta-level rewrite rule F == G *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	29	val temp_rewrite = int_rewrite;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	30
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	31	fun temp_use th =
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	32	case (concl_of th) of
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	33	Const _ $ (Const ("Intensional.Valid", _) $ _) =>
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	34	((flatten (temp_unlift th)) handle _ => th)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	35	\| _ => th;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	36
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	37	(* Update classical reasoner---will be updated once more below! *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	38
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	39	AddSIs [tempI];
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	40	AddDs [tempD];
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	41
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	42	val temp_css = (claset(), simpset());
4651 70dd492a1698 changed wrapper mechanism of classical reasoner oheimb parents: 4477 diff changeset	43	val temp_cs = op addss temp_css;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	44
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	45	(* Modify the functions that add rules to simpsets, classical sets,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	46	and clasimpsets in order to accept "lifted" theorems
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	47	*)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	48
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	49	local
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	50	fun try_rewrite th =
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	51	(temp_rewrite th) handle _ => temp_use th
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	52	in
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	53	val op addsimps = fn (ss, ts) => ss addsimps (map try_rewrite ts)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	54	val op addsimps2 = fn (css, ts) => css addsimps2 (map try_rewrite ts)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	55	end;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	56
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	57	val op addSIs = fn (cs, ts) => cs addSIs (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	58	val op addSEs = fn (cs, ts) => cs addSEs (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	59	val op addSDs = fn (cs, ts) => cs addSDs (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	60	val op addIs = fn (cs, ts) => cs addIs (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	61	val op addEs = fn (cs, ts) => cs addEs (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	62	val op addDs = fn (cs, ts) => cs addDs (map temp_use ts);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	63
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	64	val op addSIs2 = fn (css, ts) => css addSIs2 (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	65	val op addSEs2 = fn (css, ts) => css addSEs2 (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	66	val op addSDs2 = fn (css, ts) => css addSDs2 (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	67	val op addIs2 = fn (css, ts) => css addIs2 (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	68	val op addEs2 = fn (css, ts) => css addEs2 (map temp_use ts);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	69	val op addDs2 = fn (css, ts) => css addDs2 (map temp_use ts);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	70
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	71
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	72	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	73	(* "Simple temporal logic": only [] and <> *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	74	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	75	section "Simple temporal logic";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	76
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	77	(* []~F == []~Init F *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	78	bind_thm("boxNotInit", rewrite_rule Init_simps (read_instantiate [("F", "LIFT ~F")] boxInit));
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	79
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	80	qed_goalw "dmdInit" TLA.thy [dmd_def] "TEMP <>F == TEMP <> Init F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	81	(fn _ => [rewtac (read_instantiate [("F", "LIFT ~F")] boxInit),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	82	simp_tac (simpset() addsimps Init_simps) 1]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	83
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	84	bind_thm("dmdNotInit", rewrite_rule Init_simps (read_instantiate [("F", "LIFT ~F")] dmdInit));
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	85
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	86	(* boxInit and dmdInit cannot be used as rewrites, because they loop.
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	87	Non-looping instances for state predicates and actions are occasionally useful.
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	88	*)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	89	bind_thm("boxInit_stp", read_instantiate [("'a","state")] boxInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	90	bind_thm("boxInit_act", read_instantiate [("'a","state * state")] boxInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	91	bind_thm("dmdInit_stp", read_instantiate [("'a","state")] dmdInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	92	bind_thm("dmdInit_act", read_instantiate [("'a","state * state")] dmdInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	93
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	94	(* The symmetric equations can be used to get rid of Init *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	95	bind_thm("boxInitD", symmetric boxInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	96	bind_thm("dmdInitD", symmetric dmdInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	97	bind_thm("boxNotInitD", symmetric boxNotInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	98	bind_thm("dmdNotInitD", symmetric dmdNotInit);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	99
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	100	val Init_simps = Init_simps @ [boxInitD, dmdInitD, boxNotInitD, dmdNotInitD];
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	101
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	102	(* ------------------------ STL2 ------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	103	bind_thm("STL2", reflT);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	104
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	105	(* The "polymorphic" (generic) variant *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	106	qed_goal "STL2_gen" TLA.thy "\|- []F --> Init F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	107	(fn _ => [rewtac (read_instantiate [("F", "F")] boxInit),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	108	rtac STL2 1]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	109
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	110	(* see also STL2_pr below: "\|- []P --> Init P & Init (P`)" *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	111
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	112
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	113	(* Dual versions for <> *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	114	qed_goalw "InitDmd" TLA.thy [dmd_def] "\|- F --> <> F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	115	(fn _ => [ auto_tac (temp_css addSDs2 [STL2]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	116
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	117	qed_goal "InitDmd_gen" TLA.thy "\|- Init F --> <>F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	118	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	119	dtac (temp_use InitDmd) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	120	asm_full_simp_tac (simpset() addsimps [dmdInitD]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	121
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	122
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	123	(* ------------------------ STL3 ------------------------------------------- *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	124	qed_goal "STL3" TLA.thy "\|- ([][]F) = ([]F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	125	(K [force_tac (temp_css addEs2 [transT,STL2]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	126
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	127	(* corresponding elimination rule introduces double boxes:
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	128	[\| (sigma \|= []F); (sigma \|= [][]F) ==> PROP W \|] ==> PROP W
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	129	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	130	bind_thm("dup_boxE", make_elim((temp_unlift STL3) RS iffD2));
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	131	bind_thm("dup_boxD", (temp_unlift STL3) RS iffD1);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	132
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	133	(* dual versions for <> *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	134	qed_goalw "DmdDmd" TLA.thy [dmd_def] "\|- (<><>F) = (<>F)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	135	(fn _ => [ auto_tac (temp_css addsimps2 [STL3]) ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	136	bind_thm("dup_dmdE", make_elim((temp_unlift DmdDmd) RS iffD2));
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	137	bind_thm("dup_dmdD", (temp_unlift DmdDmd) RS iffD1);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	138
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	139
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	140	(* ------------------------ STL4 ------------------------------------------- *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	141	qed_goal "STL4" TLA.thy "\|- F --> G ==> \|- []F --> []G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	142	(fn [prem] => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	143	rtac (temp_use normalT) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	144	rtac (temp_use (prem RS necT)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	145	atac 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	146	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	147
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	148	(* Unlifted version as an elimination rule *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	149	qed_goal "STL4E" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	150	"[\| sigma \|= []F; \|- F --> G \|] ==> sigma \|= []G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	151	(fn prems => [ REPEAT (resolve_tac (prems @ [temp_use STL4]) 1) ]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	152
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	153	qed_goal "STL4_gen" TLA.thy "\|- Init F --> Init G ==> \|- []F --> []G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	154	(fn [prem] => [rtac (rewrite_rule [boxInitD] (prem RS STL4)) 1]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	155
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	156	qed_goal "STL4E_gen" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	157	"[\| sigma \|= []F; \|- Init F --> Init G \|] ==> sigma \|= []G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	158	(fn prems => [ REPEAT (resolve_tac (prems @ [temp_use STL4_gen]) 1) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	159
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	160	(* see also STL4Edup below, which allows an auxiliary boxed formula:
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	161	[]A /\ F => G
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	162	-----------------
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	163	[]A /\ []F => []G
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	164	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	165
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	166	(* The dual versions for <> *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	167	qed_goalw "DmdImpl" TLA.thy [dmd_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	168	"\|- F --> G ==> \|- <>F --> <>G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	169	(fn [prem] => [fast_tac (temp_cs addSIs [prem] addSEs [STL4E]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	170
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	171	qed_goal "DmdImplE" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	172	"[\| sigma \|= <>F; \|- F --> G \|] ==> sigma \|= <>G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	173	(fn prems => [ REPEAT (resolve_tac (prems @ [temp_use DmdImpl]) 1) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	174
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	175
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	176	(* ------------------------ STL5 ------------------------------------------- *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	177	qed_goal "STL5" TLA.thy "\|- ([]F & []G) = ([](F & G))"
4477 b3e5857d8d99 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort paulson parents: 4423 diff changeset	178	(fn _ => [Auto_tac,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	179	subgoal_tac "sigma \|= [](G --> (F & G))" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	180	etac (temp_use normalT) 1, atac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	181	ALLGOALS (fast_tac (temp_cs addSEs [STL4E]))
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	182	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	183	(* rewrite rule to split conjunctions under boxes *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	184	bind_thm("split_box_conj", (temp_unlift STL5) RS sym);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	185
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	186	(* the corresponding elimination rule allows to combine boxes in the hypotheses
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	187	(NB: F and G must have the same type, i.e., both actions or temporals.)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	188	Use "addSE2" etc. if you want to add this to a claset, otherwise it will loop!
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	189	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	190	qed_goal "box_conjE" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	191	"[\| sigma \|= []F; sigma \|= []G; sigma \|= [](F&G) ==> PROP R \|] ==> PROP R"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	192	(fn prems => [ REPEAT (resolve_tac
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	193	(prems @ [(temp_unlift STL5) RS iffD1, conjI]) 1) ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	194
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	195	(* Instances of box_conjE for state predicates, actions, and temporals
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	196	in case the general rule is "too polymorphic".
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	197	*)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	198	bind_thm("box_conjE_temp", read_instantiate [("'a","behavior")] box_conjE);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	199	bind_thm("box_conjE_stp", read_instantiate [("'a","state")] box_conjE);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	200	bind_thm("box_conjE_act", read_instantiate [("'a","state * state")] box_conjE);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	201
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	202	(* Define a tactic that tries to merge all boxes in an antecedent. The definition is
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	203	a bit kludgy in order to simulate "double elim-resolution".
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	204	*)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	205
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	206	Goal "[\| sigma \|= []F; PROP W \|] ==> PROP W";
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	207	by (atac 1);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	208	val box_thin = result();
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	209
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	210	fun merge_box_tac i =
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	211	REPEAT_DETERM (EVERY [etac box_conjE i, atac i, etac box_thin i]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	212
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	213	fun merge_temp_box_tac i =
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	214	REPEAT_DETERM (EVERY [etac box_conjE_temp i, atac i,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	215	eres_inst_tac [("'a","behavior")] box_thin i]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	216
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	217	fun merge_stp_box_tac i =
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	218	REPEAT_DETERM (EVERY [etac box_conjE_stp i, atac i,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	219	eres_inst_tac [("'a","state")] box_thin i]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	220
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	221	fun merge_act_box_tac i =
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	222	REPEAT_DETERM (EVERY [etac box_conjE_act i, atac i,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	223	eres_inst_tac [("'a","state * state")] box_thin i]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	224
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	225
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	226	(* rewrite rule to push universal quantification through box:
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	227	(sigma \|= [](! x. F x)) = (! x. (sigma \|= []F x))
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	228	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	229	bind_thm("all_box", standard((temp_unlift allT) RS sym));
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	230
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	231
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	232	qed_goal "DmdOr" TLA.thy "\|- (<>(F \| G)) = (<>F \| <>G)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	233	(fn _ => [auto_tac (temp_css addsimps2 [dmd_def,split_box_conj]),
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	234	TRYALL (EVERY' [etac swap,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	235	merge_box_tac,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	236	fast_tac (temp_cs addSEs [STL4E])])
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	237	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	238
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	239	qed_goal "exT" TLA.thy "\|- (? x. <>(F x)) = (<>(? x. F x))"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	240	(fn _ => [ auto_tac (temp_css addsimps2 [dmd_def,Not_Rex,all_box]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	241
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	242	bind_thm("ex_dmd", standard((temp_unlift exT) RS sym));
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	243
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	244
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	245	qed_goal "STL4Edup" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	246	"!!sigma. [\| sigma \|= []A; sigma \|= []F; \|- F & []A --> G \|] ==> sigma \|= []G"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	247	(fn _ => [etac dup_boxE 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	248	merge_box_tac 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	249	etac STL4E 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	250	atac 1
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	251	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	252
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	253	qed_goalw "DmdImpl2" TLA.thy [dmd_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	254	"!!sigma. [\| sigma \|= <>F; sigma \|= [](F --> G) \|] ==> sigma \|= <>G"
4477 b3e5857d8d99 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort paulson parents: 4423 diff changeset	255	(fn _ => [Auto_tac,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	256	etac notE 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	257	merge_box_tac 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	258	fast_tac (temp_cs addSEs [STL4E]) 1
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	259	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	260
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	261	qed_goal "InfImpl" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	262	"[\| sigma \|= []<>F; sigma \|= []G; \|- F & G --> H \|] ==> sigma \|= []<>H"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	263	(fn [prem1,prem2,prem3]
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	264	=> [cut_facts_tac [prem1,prem2] 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	265	eres_inst_tac [("F","G")] dup_boxE 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	266	merge_box_tac 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	267	fast_tac (temp_cs addSEs [STL4E,DmdImpl2] addSIs [prem3]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	268	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	269
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	270	(* ------------------------ STL6 ------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	271	(* Used in the proof of STL6, but useful in itself. *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	272	qed_goalw "BoxDmd" TLA.thy [dmd_def] "\|- []F & <>G --> <>([]F & G)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	273	(fn _ => [ Clarsimp_tac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	274	etac dup_boxE 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	275	merge_box_tac 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	276	etac swap 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	277	fast_tac (temp_cs addSEs [STL4E]) 1 ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	278
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	279	(* weaker than BoxDmd, but more polymorphic (and often just right) *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	280	qed_goalw "BoxDmd_simple" TLA.thy [dmd_def] "\|- []F & <>G --> <>(F & G)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	281	(fn _ => [ Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	282	merge_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	283	fast_tac (temp_cs addSEs [notE,STL4E]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	284	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	285
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	286	qed_goalw "BoxDmd2_simple" TLA.thy [dmd_def] "\|- []F & <>G --> <>(G & F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	287	(fn _ => [ Clarsimp_tac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	288	merge_box_tac 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	289	fast_tac (temp_cs addSEs [notE,STL4E]) 1
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	290	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	291
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	292	qed_goal "DmdImpldup" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	293	"[\| sigma \|= []A; sigma \|= <>F; \|- []A & F --> G \|] ==> sigma \|= <>G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	294	(fn [p1,p2,p3] => [rtac ((p2 RS (p1 RS (temp_use BoxDmd))) RS DmdImplE) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	295	rtac p3 1]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	296
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	297	qed_goal "STL6" TLA.thy "\|- <>[]F & <>[]G --> <>[](F & G)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	298	(fn _ => [auto_tac (temp_css addsimps2 [symmetric (temp_rewrite STL5)]),
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	299	dtac (temp_use linT) 1, atac 1, etac thin_rl 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	300	rtac ((temp_unlift DmdDmd) RS iffD1) 1,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	301	etac disjE 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	302	etac DmdImplE 1, rtac BoxDmd 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	303	(* the second subgoal needs commutativity of &, which complicates the proof *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	304	etac DmdImplE 1,
4477 b3e5857d8d99 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort paulson parents: 4423 diff changeset	305	Auto_tac,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	306	dtac (temp_use BoxDmd) 1, atac 1, etac thin_rl 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	307	fast_tac (temp_cs addSEs [DmdImplE]) 1
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	308	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	309
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	310
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	311	(* ------------------------ True / False ----------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	312	section "Simplification of constants";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	313
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	314	qed_goal "BoxConst" TLA.thy "\|- ([]#P) = #P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	315	(fn _ => [rtac tempI 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	316	case_tac "P" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	317	auto_tac (temp_css addSIs2 [necT] addDs2 [STL2_gen]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	318	addsimps2 Init_simps)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	319	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	320
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	321	qed_goalw "DmdConst" TLA.thy [dmd_def] "\|- (<>#P) = #P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	322	(fn _ => [case_tac "P" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	323	ALLGOALS (asm_full_simp_tac (simpset() addsimps [BoxConst]))
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	324	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	325
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	326	val temp_simps = map temp_rewrite [BoxConst, DmdConst];
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	327
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	328	(* Make these rewrites active by default *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	329	Addsimps temp_simps;
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	330	val temp_css = temp_css addsimps2 temp_simps;
4651 70dd492a1698 changed wrapper mechanism of classical reasoner oheimb parents: 4477 diff changeset	331	val temp_cs = op addss temp_css;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	332
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	333
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	334	(* ------------------------ Further rewrites ----------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	335	section "Further rewrites";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	336
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	337	qed_goalw "NotBox" TLA.thy [dmd_def] "\|- (~[]F) = (<>~F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	338	(fn _ => [ Simp_tac 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	339
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	340	qed_goalw "NotDmd" TLA.thy [dmd_def] "\|- (~<>F) = ([]~F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	341	(fn _ => [ Simp_tac 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	342
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	343	(* These are not by default included in temp_css, because they could be harmful,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	344	e.g. []F & ~[]F becomes []F & <>~F !! *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	345	val more_temp_simps = (map temp_rewrite [STL3, DmdDmd, NotBox, NotDmd])
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	346	@ (map (fn th => (temp_unlift th) RS eq_reflection)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	347	[NotBox, NotDmd]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	348
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	349	qed_goal "BoxDmdBox" TLA.thy "\|- ([]<>[]F) = (<>[]F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	350	(fn _ => [ auto_tac (temp_css addSDs2 [STL2]),
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	351	rtac ccontr 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	352	subgoal_tac "sigma \|= <>[][]F & <>[]~[]F" 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	353	etac thin_rl 1,
4477 b3e5857d8d99 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort paulson parents: 4423 diff changeset	354	Auto_tac,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	355	dtac (temp_use STL6) 1, atac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	356	Asm_full_simp_tac 1,
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3807 diff changeset	357	ALLGOALS (asm_full_simp_tac (simpset() addsimps more_temp_simps))
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	358	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	359
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	360	qed_goalw "DmdBoxDmd" TLA.thy [dmd_def] "\|- (<>[]<>F) = ([]<>F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	361	(fn _ => [ auto_tac (temp_css addsimps2 [rewrite_rule [dmd_def] BoxDmdBox]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	362
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	363	val more_temp_simps = more_temp_simps @ (map temp_rewrite [BoxDmdBox, DmdBoxDmd]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	364
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	365
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	366	(* ------------------------ Miscellaneous ----------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	367
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	368	qed_goal "BoxOr" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	369	"!!sigma. [\| sigma \|= []F \| []G \|] ==> sigma \|= [](F \| G)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	370	(fn _ => [ fast_tac (temp_cs addSEs [STL4E]) 1 ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	371
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	372	(* "persistently implies infinitely often" *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	373	qed_goal "DBImplBD" TLA.thy "\|- <>[]F --> []<>F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	374	(fn _ => [Clarsimp_tac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	375	rtac ccontr 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	376	asm_full_simp_tac (simpset() addsimps more_temp_simps) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	377	dtac (temp_use STL6) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	378	Asm_full_simp_tac 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	379	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	380
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	381	qed_goal "BoxDmdDmdBox" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	382	"\|- []<>F & <>[]G --> []<>(F & G)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	383	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	384	rtac ccontr 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	385	rewrite_goals_tac more_temp_simps,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	386	dtac (temp_use STL6) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	387	subgoal_tac "sigma \|= <>[]~F" 1,
5755 22081de41254 corrected auto_tac (applications of unsafe wrappers) oheimb parents: 5525 diff changeset	388	force_tac (temp_css addsimps2 [dmd_def]) 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	389	fast_tac (temp_cs addEs [DmdImplE,STL4E]) 1
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	390	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	391
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	392
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	393	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	394	(* TLA-specific theorems: primed formulas *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	395	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	396	section "priming";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	397
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	398	(* ------------------------ TLA2 ------------------------------------------- *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	399	qed_goal "STL2_pr" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	400	"\|- []P --> Init P & Init P`"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	401	(fn _ => [fast_tac (temp_cs addSIs [primeI, STL2_gen]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	402
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	403	(* Auxiliary lemma allows priming of boxed actions *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	404	qed_goal "BoxPrime" TLA.thy "\|- []P --> []($P & P$)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	405	(fn _ => [Clarsimp_tac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	406	etac dup_boxE 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	407	rewtac boxInit_act,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	408	etac STL4E 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	409	auto_tac (temp_css addsimps2 Init_simps addSDs2 [STL2_pr])
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	410	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	411
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	412	qed_goal "TLA2" TLA.thy "\|- $P & P$ --> A ==> \|- []P --> []A"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	413	(fn prems => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	414	dtac (temp_use BoxPrime) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	415	auto_tac (temp_css addsimps2 [Init_stp_act_rev] addSIs2 prems addSEs2 [STL4E])
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	416	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	417
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	418	qed_goal "TLA2E" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	419	"[\| sigma \|= []P; \|- $P & P$ --> A \|] ==> sigma \|= []A"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	420	(fn prems => [REPEAT (resolve_tac (prems @ (prems RL [temp_use TLA2])) 1)]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	421
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	422	qed_goalw "DmdPrime" TLA.thy [dmd_def] "\|- (<>P`) --> (<>P)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	423	(fn _ => [ fast_tac (temp_cs addSEs [TLA2E]) 1 ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	424
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	425	bind_thm("PrimeDmd", (temp_use InitDmd_gen) RS (temp_use DmdPrime));
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	426
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	427	(* ------------------------ INV1, stable --------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	428	section "stable, invariant";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	429
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	430	qed_goal "ind_rule" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	431	"[\| sigma \|= []H; sigma \|= Init P; \|- H --> (Init P & ~[]F --> Init(P`) & F) \|] \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	432	\ ==> sigma \|= []F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	433	(fn prems => [rtac (temp_use indT) 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	434	REPEAT (resolve_tac (prems @ (prems RL [STL4E])) 1)]);
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	435
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	436	qed_goalw "box_stp_act" TLA.thy [boxInit_act] "\|- ([]$P) = ([]P)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	437	(K [simp_tac (simpset() addsimps Init_simps) 1]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	438	bind_thm("box_stp_actI", zero_var_indexes ((temp_use box_stp_act) RS iffD2));
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	439	bind_thm("box_stp_actD", zero_var_indexes ((temp_use box_stp_act) RS iffD1));
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	440
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	441	val more_temp_simps = (temp_rewrite box_stp_act)::more_temp_simps;
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	442
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	443	qed_goalw "INV1" TLA.thy [stable_def,boxInit_stp,boxInit_act]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	444	"\|- (Init P) --> (stable P) --> []P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	445	(K [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	446	etac ind_rule 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	447	auto_tac (temp_css addsimps2 Init_simps addEs2 [ind_rule])
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	448	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	449
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	450	qed_goalw "StableT" TLA.thy [stable_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	451	"\|- $P & A --> P` ==> \|- []A --> stable P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	452	(fn [prem] => [fast_tac (temp_cs addSEs [STL4E] addIs [prem]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	453
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	454	qed_goal "Stable" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	455	"[\| sigma \|= []A; \|- $P & A --> P` \|] ==> sigma \|= stable P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	456	(fn prems => [ REPEAT (resolve_tac (prems @ [temp_use StableT]) 1) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	457
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	458	(* Generalization of INV1 *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	459	qed_goalw "StableBox" TLA.thy [stable_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	460	"\|- (stable P) --> [](Init P --> []P)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	461	(K [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	462	etac dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	463	force_tac (temp_css addsimps2 [stable_def] addEs2 [STL4E, INV1]) 1]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	464
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	465	qed_goal "DmdStable" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	466	"\|- (stable P) & <>P --> <>[]P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	467	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	468	rtac DmdImpl2 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	469	etac (temp_use StableBox) 2,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	470	asm_simp_tac (simpset() addsimps [dmdInitD]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	471	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	472
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	473	(* ---------------- (Semi-)automatic invariant tactics ---------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	474
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	475	(* inv_tac reduces goals of the form ... ==> sigma \|= []P *)
5755 22081de41254 corrected auto_tac (applications of unsafe wrappers) oheimb parents: 5525 diff changeset	476	fun inv_tac css = SELECT_GOAL
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	477	(EVERY [auto_tac css,
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	478	TRY (merge_box_tac 1),
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	479	rtac (temp_use INV1) 1, (* fail if the goal is not a box *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	480	TRYALL (etac Stable)]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	481
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	482	(* auto_inv_tac applies inv_tac and then tries to attack the subgoals;
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	483	in simple cases it may be able to handle goals like \|- MyProg --> []Inv.
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	484	In these simple cases the simplifier seems to be more useful than the
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	485	auto-tactic, which applies too much propositional logic and simplifies
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	486	too late.
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	487	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	488
5755 22081de41254 corrected auto_tac (applications of unsafe wrappers) oheimb parents: 5525 diff changeset	489	fun auto_inv_tac ss = SELECT_GOAL
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3807 diff changeset	490	((inv_tac (claset(),ss) 1) THEN
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	491	(TRYALL (action_simp_tac (ss addsimps [Init_stp,Init_act]) [] [squareE])));
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	492
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	493
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	494	qed_goalw "unless" TLA.thy [dmd_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	495	"\|- []($P --> P` \| Q`) --> (stable P) \| <>Q"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	496	(fn _ => [clarsimp_tac (temp_css addSDs2 [BoxPrime]) 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	497	merge_box_tac 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	498	etac swap 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	499	fast_tac (temp_cs addSEs [Stable]) 1
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	500	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	501
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	502
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	503	(* --------------------- Recursive expansions --------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	504	section "recursive expansions";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	505
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	506	(* Recursive expansions of [] and <> for state predicates *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	507	qed_goal "BoxRec" TLA.thy "\|- ([]P) = (Init P & []P`)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	508	(fn _ => [auto_tac (temp_css addSIs2 [STL2_gen]),
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	509	fast_tac (temp_cs addSEs [TLA2E]) 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	510	auto_tac (temp_css addsimps2 [stable_def] addSEs2 [INV1,STL4E])
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	511	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	512
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	513	qed_goalw "DmdRec" TLA.thy [dmd_def, temp_rewrite BoxRec] "\|- (<>P) = (Init P \| <>P`)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	514	(K [ auto_tac (temp_css addsimps2 Init_simps) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	515
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	516	qed_goal "DmdRec2" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	517	"!!sigma. [\| sigma \|= <>P; sigma \|= []~P` \|] ==> sigma \|= Init P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	518	(K [ force_tac (temp_css addsimps2 [DmdRec,dmd_def]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	519
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	520	(* The "-->" part of the following is a little intricate. *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	521	qed_goal "InfinitePrime" TLA.thy "\|- ([]<>P) = ([]<>P`)"
4477 b3e5857d8d99 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort paulson parents: 4423 diff changeset	522	(fn _ => [Auto_tac,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	523	rtac classical 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	524	rtac (temp_use DBImplBD) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	525	subgoal_tac "sigma \|= <>[]P" 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	526	fast_tac (temp_cs addSEs [DmdImplE,TLA2E]) 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	527	subgoal_tac "sigma \|= <>[](<>P & []~P`)" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	528	force_tac (temp_css addsimps2 [boxInit_stp]
5755 22081de41254 corrected auto_tac (applications of unsafe wrappers) oheimb parents: 5525 diff changeset	529	addSEs2 [DmdImplE,STL4E,DmdRec2]) 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	530	force_tac (temp_css addSIs2 [STL6] addsimps2 more_temp_simps) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	531	fast_tac (temp_cs addIs [DmdPrime] addSEs [STL4E]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	532	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	533
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	534	qed_goal "InfiniteEnsures" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	535	"[\| sigma \|= []N; sigma \|= []<>A; \|- A & N --> P` \|] ==> sigma \|= []<>P"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	536	(fn prems => [rewtac (temp_rewrite InfinitePrime),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	537	rtac InfImpl 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	538	REPEAT (resolve_tac prems 1)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	539	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	540
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	541	(* ------------------------ fairness ------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	542	section "fairness";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	543
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	544	(* alternative definitions of fairness *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	545	qed_goalw "WF_alt" TLA.thy [WF_def,dmd_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	546	"\|- WF(A)_v = ([]<>~Enabled(<A>_v) \| []<><A>_v)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	547	(fn _ => [ fast_tac temp_cs 1 ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	548
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	549	qed_goalw "SF_alt" TLA.thy [SF_def,dmd_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	550	"\|- SF(A)_v = (<>[]~Enabled(<A>_v) \| []<><A>_v)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	551	(fn _ => [ fast_tac temp_cs 1 ]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	552
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	553	(* theorems to "box" fairness conditions *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	554	qed_goal "BoxWFI" TLA.thy "\|- WF(A)_v --> []WF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	555	(fn _ => [ auto_tac (temp_css addsimps2 (WF_alt::more_temp_simps)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	556	addSIs2 [BoxOr]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	557
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	558	qed_goal "WF_Box" TLA.thy "\|- ([]WF(A)_v) = WF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	559	(fn prems => [ fast_tac (temp_cs addSIs [BoxWFI] addSDs [STL2]) 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	560
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	561	qed_goal "BoxSFI" TLA.thy "\|- SF(A)_v --> []SF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	562	(fn _ => [ auto_tac (temp_css addsimps2 (SF_alt::more_temp_simps)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	563	addSIs2 [BoxOr]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	564
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	565	qed_goal "SF_Box" TLA.thy "\|- ([]SF(A)_v) = SF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	566	(fn prems => [ fast_tac (temp_cs addSIs [BoxSFI] addSDs [STL2]) 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	567
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	568	val more_temp_simps = more_temp_simps @ (map temp_rewrite [WF_Box, SF_Box]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	569
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	570	qed_goalw "SFImplWF" TLA.thy [SF_def,WF_def] "\|- SF(A)_v --> WF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	571	(fn _ => [ fast_tac (temp_cs addSDs [DBImplBD]) 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	572
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	573	(* A tactic that "boxes" all fairness conditions. Apply more_temp_simps to "unbox". *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	574	val box_fair_tac = SELECT_GOAL (REPEAT (dresolve_tac [BoxWFI,BoxSFI] 1));
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	575
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	576
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	577	(* ------------------------------ leads-to ------------------------------ *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	578
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	579	section "~>";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	580
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	581	qed_goalw "leadsto_init" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	582	"\|- (Init F) & (F ~> G) --> <>G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	583	(fn _ => [ auto_tac (temp_css addSDs2 [STL2]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	584
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	585	(* \|- F & (F ~> G) --> <>G *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	586	bind_thm("leadsto_init_temp",
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	587	rewrite_rule Init_simps (read_instantiate [("'a","behavior")] leadsto_init));
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	588
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	589	qed_goalw "streett_leadsto" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	590	"\|- ([]<>Init F --> []<>G) = (<>(F ~> G))" (K [
5755 22081de41254 corrected auto_tac (applications of unsafe wrappers) oheimb parents: 5525 diff changeset	591	Auto_tac,
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3807 diff changeset	592	asm_full_simp_tac (simpset() addsimps more_temp_simps) 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	593	fast_tac (temp_cs addSEs [DmdImplE,STL4E]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	594	fast_tac (temp_cs addSIs [InitDmd] addSEs [STL4E]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	595	subgoal_tac "sigma \|= []<><>G" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	596	asm_full_simp_tac (simpset() addsimps more_temp_simps) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	597	dtac (temp_use BoxDmdDmdBox) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	598	fast_tac (temp_cs addSEs [DmdImplE,STL4E]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	599	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	600
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	601	qed_goal "leadsto_infinite" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	602	"\|- []<>F & (F ~> G) --> []<>G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	603	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	604	etac ((temp_use InitDmd) RS
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	605	((temp_unlift streett_leadsto) RS iffD2 RS mp)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	606	asm_simp_tac (simpset() addsimps [dmdInitD]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	607	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	608
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	609	(* In particular, strong fairness is a Streett condition. The following
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	610	rules are sometimes easier to use than WF2 or SF2 below.
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	611	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	612	qed_goalw "leadsto_SF" TLA.thy [SF_def]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	613	"\|- (Enabled(<A>_v) ~> <A>_v) --> SF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	614	(K [clarsimp_tac (temp_css addSEs2 [leadsto_infinite]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	615
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	616	qed_goal "leadsto_WF" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	617	"\|- (Enabled(<A>_v) ~> <A>_v) --> WF(A)_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	618	(K [ clarsimp_tac (temp_css addSIs2 [SFImplWF, leadsto_SF]) 1 ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	619
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	620	(* introduce an invariant into the proof of a leadsto assertion.
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	621	[]I --> ((P ~> Q) = (P /\ I ~> Q))
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	622	*)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	623	qed_goalw "INV_leadsto" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	624	"\|- []I & (P & I ~> Q) --> (P ~> Q)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	625	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	626	etac STL4Edup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	627	auto_tac (temp_css addsimps2 Init_simps addSDs2 [STL2_gen])
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	628	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	629
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	630	qed_goalw "leadsto_classical" TLA.thy [leadsto_def,dmd_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	631	"\|- (Init F & []~G ~> G) --> (F ~> G)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	632	(fn _ => [force_tac (temp_css addsimps2 Init_simps addSEs2 [STL4E]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	633
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	634	qed_goalw "leadsto_false" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	635	"\|- (F ~> #False) = ([]~F)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	636	(fn _ => [ simp_tac (simpset() addsimps [boxNotInitD]) 1 ]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	637
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	638	qed_goalw "leadsto_exists" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	639	"\|- ((? x. F x) ~> G) = (!x. (F x ~> G))"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	640	(K [auto_tac (temp_css addsimps2 allT::Init_simps addSEs2 [STL4E])]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	641
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	642
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	643	(* basic leadsto properties, cf. Unity *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	644
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	645	qed_goalw "ImplLeadsto_gen" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	646	"\|- [](Init F --> Init G) --> (F ~> G)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	647	(fn _ => [auto_tac (temp_css addSIs2 [InitDmd_gen]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	648	addSEs2 [STL4E_gen] addsimps2 Init_simps)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	649	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	650
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	651	bind_thm("ImplLeadsto",
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	652	rewrite_rule Init_simps
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	653	(read_instantiate [("'a","behavior"), ("'b","behavior")] ImplLeadsto_gen));
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	654
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	655	qed_goal "ImplLeadsto_simple" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	656	"\|- F --> G ==> \|- F ~> G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	657	(fn [prem] => [auto_tac (temp_css addsimps2 [Init_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	658	addSIs2 [ImplLeadsto_gen,necT,prem])]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	659
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	660	qed_goalw "EnsuresLeadsto" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	661	"\|- A & $P --> Q` ==> \|- []A --> (P ~> Q)" (fn [prem] => [
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	662	clarsimp_tac (temp_css addSEs2 [INV_leadsto]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	663	etac STL4E_gen 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	664	auto_tac (temp_css addsimps2 Init_defs
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	665	addSIs2 [PrimeDmd, prem])
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	666	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	667
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	668	qed_goalw "EnsuresLeadsto2" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	669	"\|- []($P --> Q`) --> (P ~> Q)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	670	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	671	etac STL4E_gen 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	672	auto_tac (temp_css addsimps2 Init_simps addSIs2 [PrimeDmd])
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	673	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	674
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	675	qed_goalw "ensures" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	676	"[\| \|- $P & N --> P` \| Q`; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	677	\ \|- ($P & N) & A --> Q` \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	678	\ \|] ==> \|- []N & []([]P --> <>A) --> (P ~> Q)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	679	(fn [p1,p2] => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	680	etac STL4Edup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	681	Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	682	subgoal_tac "sigmaa \|= []($P --> P` \| Q`)" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	683	dtac (temp_use unless) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	684	clarsimp_tac (temp_css addSDs2 [INV1]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	685	rtac ((temp_use (p2 RS DmdImpl)) RS (temp_use DmdPrime)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	686	force_tac (temp_css addSIs2 [BoxDmd_simple]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	687	addsimps2 [split_box_conj,box_stp_act]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	688	force_tac (temp_css addEs2 [STL4E] addDs2 [p1]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	689	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	690
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	691	qed_goal "ensures_simple" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	692	"[\| \|- $P & N --> P` \| Q`; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	693	\ \|- ($P & N) & A --> Q` \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	694	\ \|] ==> \|- []N & []<>A --> (P ~> Q)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	695	(fn prems => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	696	rtac (temp_use ensures) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	697	TRYALL (ares_tac prems),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	698	force_tac (temp_css addSEs2 [STL4E]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	699	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	700
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	701	qed_goal "EnsuresInfinite" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	702	"[\| sigma \|= []<>P; sigma \|= []A; \|- A & $P --> Q` \|] ==> sigma \|= []<>Q"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	703	(fn prems => [REPEAT (resolve_tac (prems @ [temp_use leadsto_infinite,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	704	temp_use EnsuresLeadsto]) 1)]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	705
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	706
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	707	(* Gronning's lattice rules (taken from TLP) *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	708	section "Lattice rules";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	709
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	710	qed_goalw "LatticeReflexivity" TLA.thy [leadsto_def] "\|- F ~> F"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	711	(fn _ => [REPEAT (resolve_tac [necT,InitDmd_gen] 1)]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	712
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	713	qed_goalw "LatticeTransitivity" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	714	"\|- (G ~> H) & (F ~> G) --> (F ~> H)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	715	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	716	etac dup_boxE 1, (* [][](Init G --> H) *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	717	merge_box_tac 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	718	clarsimp_tac (temp_css addSEs2 [STL4E]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	719	rtac dup_dmdD 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	720	subgoal_tac "sigmaa \|= <>Init G" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	721	etac DmdImpl2 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	722	asm_simp_tac (simpset() addsimps [dmdInitD]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	723	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	724
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	725	qed_goalw "LatticeDisjunctionElim1" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	726	"\|- (F \| G ~> H) --> (F ~> H)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	727	(fn _ => [ auto_tac (temp_css addsimps2 Init_simps addSEs2 [STL4E]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	728
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	729	qed_goalw "LatticeDisjunctionElim2" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	730	"\|- (F \| G ~> H) --> (G ~> H)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	731	(fn _ => [ auto_tac (temp_css addsimps2 Init_simps addSEs2 [STL4E]) ]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	732
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	733	qed_goalw "LatticeDisjunctionIntro" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	734	"\|- (F ~> H) & (G ~> H) --> (F \| G ~> H)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	735	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	736	merge_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	737	auto_tac (temp_css addsimps2 Init_simps addSEs2 [STL4E])
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	738	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	739
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	740	qed_goal "LatticeDisjunction" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	741	"\|- (F \| G ~> H) = ((F ~> H) & (G ~> H))"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	742	(fn _ => [auto_tac (temp_css addIs2 [LatticeDisjunctionIntro,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	743	LatticeDisjunctionElim1, LatticeDisjunctionElim2])]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	744
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	745	qed_goal "LatticeDiamond" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	746	"\|- (A ~> B \| C) & (B ~> D) & (C ~> D) --> (A ~> D)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	747	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	748	subgoal_tac "sigma \|= (B \| C) ~> D" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	749	eres_inst_tac [("G", "LIFT (B \| C)")] (temp_use LatticeTransitivity) 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	750	ALLGOALS (fast_tac (temp_cs addSIs [LatticeDisjunctionIntro]))
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	751	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	752
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	753	qed_goal "LatticeTriangle" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	754	"\|- (A ~> D \| B) & (B ~> D) --> (A ~> D)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	755	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	756	subgoal_tac "sigma \|= (D \| B) ~> D" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	757	eres_inst_tac [("G", "LIFT (D \| B)")] (temp_use LatticeTransitivity) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	758	auto_tac (temp_css addSIs2 [LatticeDisjunctionIntro]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	759	addIs2 [LatticeReflexivity])
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	760	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	761
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	762	qed_goal "LatticeTriangle2" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	763	"\|- (A ~> B \| D) & (B ~> D) --> (A ~> D)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	764	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	765	subgoal_tac "sigma \|= B \| D ~> D" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	766	eres_inst_tac [("G", "LIFT (B \| D)")] (temp_use LatticeTransitivity) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	767	auto_tac (temp_css addSIs2 [LatticeDisjunctionIntro]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	768	addIs2 [LatticeReflexivity])
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	769	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	770
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	771	(* Lamport's fairness rules *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	772	section "Fairness rules";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	773
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	774	qed_goal "WF1" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	775	"[\| \|- $P & N --> P` \| Q`; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	776	\ \|- ($P & N) & <A>_v --> Q`; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	777	\ \|- $P & N --> $(Enabled(<A>_v)) \|] \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	778	\ ==> \|- []N & WF(A)_v --> (P ~> Q)" (fn prems => [
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	779	clarsimp_tac (temp_css addSDs2 [BoxWFI]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	780	rtac (temp_use ensures) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	781	TRYALL (ares_tac prems),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	782	etac STL4Edup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	783	clarsimp_tac (temp_css addsimps2 [WF_def]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	784	rtac (temp_use STL2) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	785	clarsimp_tac (temp_css addSEs2 [mp] addSIs2 [InitDmd]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	786	resolve_tac ((map temp_use (prems RL [STL4])) RL [box_stp_actD]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	787	asm_simp_tac (simpset() addsimps [split_box_conj,box_stp_actI]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	788	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	789
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	790	(* Sometimes easier to use; designed for action B rather than state predicate Q *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	791	qed_goalw "WF_leadsto" TLA.thy [leadsto_def]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	792	"[\| \|- N & $P --> $Enabled (<A>_v); \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	793	\ \|- N & <A>_v --> B; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	794	\ \|- [](N & [~A]_v) --> stable P \|] \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	795	\ ==> \|- []N & WF(A)_v --> (P ~> B)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	796	(fn [prem1,prem2,prem3]
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	797	=> [clarsimp_tac (temp_css addSDs2 [BoxWFI]) 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	798	etac STL4Edup 1, atac 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	799	Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	800	rtac (temp_use (prem2 RS DmdImpl)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	801	rtac (temp_use BoxDmd_simple) 1, atac 1,
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	802	rtac classical 1,
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	803	rtac (temp_use STL2) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	804	clarsimp_tac (temp_css addsimps2 [WF_def] addSEs2 [mp] addSIs2 [InitDmd]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	805	rtac ((temp_use (prem1 RS STL4)) RS box_stp_actD) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	806	asm_simp_tac (simpset() addsimps [split_box_conj,box_stp_act]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	807	etac (temp_use INV1) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	808	rtac (temp_use prem3) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	809	asm_full_simp_tac (simpset() addsimps [split_box_conj,temp_use NotDmd,not_angle]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	810	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	811
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	812	qed_goal "SF1" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	813	"[\| \|- $P & N --> P` \| Q`; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	814	\ \|- ($P & N) & <A>_v --> Q`; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	815	\ \|- []P & []N & []F --> <>Enabled(<A>_v) \|] \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	816	\ ==> \|- []N & SF(A)_v & []F --> (P ~> Q)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	817	(fn prems => [
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	818	clarsimp_tac (temp_css addSDs2 [BoxSFI]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	819	rtac (temp_use ensures) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	820	TRYALL (ares_tac prems),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	821	eres_inst_tac [("F","F")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	822	merge_temp_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	823	etac STL4Edup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	824	clarsimp_tac (temp_css addsimps2 [SF_def]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	825	rtac (temp_use STL2) 1, etac mp 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	826	resolve_tac (map temp_use (prems RL [STL4])) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	827	asm_simp_tac (simpset() addsimps [split_box_conj, STL3]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	828	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	829
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	830	qed_goal "WF2" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	831	"[\| \|- N & <B>_f --> <M>_g; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	832	\ \|- $P & P` & <N & A>_f --> B; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	833	\ \|- P & Enabled(<M>_g) --> Enabled(<A>_f); \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	834	\ \|- [](N & [~B]_f) & WF(A)_f & []F & <>[]Enabled(<M>_g) --> <>[]P \|] \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	835	\ ==> \|- []N & WF(A)_f & []F --> WF(M)_g"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	836	(fn [prem1,prem2,prem3,prem4] => [
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	837	clarsimp_tac (temp_css addSDs2 [BoxWFI, (temp_use BoxDmdBox) RS iffD2]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	838	addsimps2 [read_instantiate [("A","M")] WF_def]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	839	eres_inst_tac [("F","F")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	840	merge_temp_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	841	etac STL4Edup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	842	clarsimp_tac (temp_css addSIs2 [(temp_use BoxDmd_simple) RS (temp_use (prem1 RS DmdImpl))]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	843	rtac classical 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	844	subgoal_tac "sigmaa \|= <>(($P & P` & N) & <A>_f)" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	845	force_tac (temp_css addsimps2 [angle_def] addSIs2 [prem2] addSEs2 [DmdImplE]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	846	rtac (temp_use (rewrite_rule [temp_rewrite DmdDmd] (BoxDmd_simple RS DmdImpl))) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	847	asm_full_simp_tac (simpset() addsimps [temp_use NotDmd, not_angle]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	848	merge_act_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	849	forward_tac [temp_use prem4] 1, TRYALL atac,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	850	dtac (temp_use STL6) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	851	eres_inst_tac [("V","sigmaa \|= <>[]P")] thin_rl 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	852	eres_inst_tac [("V","sigmaa \|= []F")] thin_rl 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	853	dtac (temp_use BoxWFI) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	854	eres_inst_tac [("F", "ACT N & [~B]_f")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	855	merge_temp_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	856	etac DmdImpldup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	857	auto_tac (temp_css addsimps2 [split_box_conj,STL3,WF_Box,box_stp_act]),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	858	force_tac (temp_css addSEs2 [read_instantiate [("P","P")] TLA2E]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	859	rtac (temp_use STL2) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	860	force_tac (temp_css addsimps2 [WF_def,split_box_conj] addSEs2 [mp]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	861	addSIs2 [InitDmd, prem3 RS STL4]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	862	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	863
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	864	qed_goal "SF2" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	865	"[\| \|- N & <B>_f --> <M>_g; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	866	\ \|- $P & P` & <N & A>_f --> B; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	867	\ \|- P & Enabled(<M>_g) --> Enabled(<A>_f); \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	868	\ \|- [](N & [~B]_f) & SF(A)_f & []F & []<>Enabled(<M>_g) --> <>[]P \|] \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	869	\ ==> \|- []N & SF(A)_f & []F --> SF(M)_g"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	870	(fn [prem1,prem2,prem3,prem4] => [
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	871	clarsimp_tac (temp_css addSDs2 [BoxSFI]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	872	addsimps2 [read_instantiate [("A","M")] SF_def]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	873	eres_inst_tac [("F","F")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	874	eres_inst_tac [("F","TEMP <>Enabled(<M>_g)")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	875	merge_temp_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	876	etac STL4Edup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	877	clarsimp_tac (temp_css addSIs2 [(temp_use BoxDmd_simple) RS (temp_use (prem1 RS DmdImpl))]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	878	rtac classical 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	879	subgoal_tac "sigmaa \|= <>(($P & P` & N) & <A>_f)" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	880	force_tac (temp_css addsimps2 [angle_def] addSIs2 [prem2] addSEs2 [DmdImplE]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	881	rtac (temp_use (rewrite_rule [temp_rewrite DmdDmd] (BoxDmd_simple RS DmdImpl))) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	882	asm_full_simp_tac (simpset() addsimps [temp_use NotDmd, not_angle]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	883	merge_act_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	884	forward_tac [temp_use prem4] 1, TRYALL atac,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	885	eres_inst_tac [("V","sigmaa \|= []F")] thin_rl 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	886	dtac (temp_use BoxSFI) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	887	eres_inst_tac [("F","TEMP <>Enabled(<M>_g)")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	888	eres_inst_tac [("F", "ACT N & [~B]_f")] dup_boxE 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	889	merge_temp_box_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	890	etac DmdImpldup 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	891	auto_tac (temp_css addsimps2 [split_box_conj,STL3,SF_Box,box_stp_act]),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	892	force_tac (temp_css addSEs2 [read_instantiate [("P","P")] TLA2E]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	893	rtac (temp_use STL2) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	894	force_tac (temp_css addsimps2 [SF_def,split_box_conj] addSEs2 [mp,InfImpl]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	895	addSIs2 [prem3]) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	896	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	897
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	898	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	899	(* Liveness proofs by well-founded orderings *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	900	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	901	section "Well-founded orderings";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	902
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	903	qed_goal "wf_leadsto" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	904	"[\| wf r; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	905	\ !!x. sigma \|= F x ~> (G \| (? y. #((y,x):r) & F y)) \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	906	\ \|] ==> sigma \|= F x ~> G"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	907	(fn p1::prems =>
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	908	[rtac (p1 RS wf_induct) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	909	rtac (temp_use LatticeTriangle) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	910	resolve_tac prems 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	911	auto_tac (temp_css addsimps2 [leadsto_exists]),
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	912	case_tac "(y,x):r" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	913	Force_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	914	force_tac (temp_css addsimps2 leadsto_def::Init_simps addSIs2 [necT]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	915
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	916	(* If r is well-founded, state function v cannot decrease forever *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	917	qed_goal "wf_not_box_decrease" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	918	"!!r. wf r ==> \|- [][ (v`, $v) : #r ]_v --> <>[][#False]_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	919	(fn _ => [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	920	rtac ccontr 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	921	subgoal_tac "sigma \|= (? x. v=#x) ~> #False" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	922	dtac ((temp_use leadsto_false) RS iffD1 RS (temp_use STL2_gen)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	923	force_tac (temp_css addsimps2 Init_defs) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	924	clarsimp_tac (temp_css addsimps2 [leadsto_exists,not_square]@more_temp_simps) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	925	etac wf_leadsto 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	926	rtac (temp_use ensures_simple) 1, TRYALL atac,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	927	auto_tac (temp_css addsimps2 [square_def,angle_def])
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	928	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	929
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	930	(* "wf r ==> \|- <>[][ (v`, $v) : #r ]_v --> <>[][#False]_v" *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	931	bind_thm("wf_not_dmd_box_decrease",
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	932	standard(rewrite_rule more_temp_simps (wf_not_box_decrease RS DmdImpl)));
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	933
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	934	(* If there are infinitely many steps where v decreases, then there
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	935	have to be infinitely many non-stuttering steps where v doesn't decrease.
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	936	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	937	qed_goal "wf_box_dmd_decrease" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	938	"wf r ==> \|- []<>((v`, $v) : #r) --> []<><(v`, $v) ~: #r>_v"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	939	(fn [prem] => [
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	940	Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	941	rtac ccontr 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	942	asm_full_simp_tac (simpset() addsimps not_angle::more_temp_simps) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	943	dtac (prem RS (temp_use wf_not_dmd_box_decrease)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	944	dtac (temp_use BoxDmdDmdBox) 1, atac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	945	subgoal_tac "sigma \|= []<>((#False)::action)" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	946	Force_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	947	etac STL4E 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	948	rtac DmdImpl 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	949	force_tac (temp_css addSEs2 [prem RS wf_irrefl]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	950	]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	951
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	952	(* In particular, for natural numbers, if n decreases infinitely often
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	953	then it has to increase infinitely often.
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	954	*)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	955	qed_goal "nat_box_dmd_decrease" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	956	"!!n::nat stfun. \|- []<>(n` < $n) --> []<>($n < n`)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	957	(K [Clarsimp_tac 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	958	subgoal_tac "sigma \|= []<><~( (n`,$n) : #less_than )>_n" 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	959	etac thin_rl 1, etac STL4E 1, rtac DmdImpl 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	960	clarsimp_tac (temp_css addsimps2 [angle_def]) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	961	rtac nat_less_cases 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	962	Auto_tac,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	963	rtac (temp_use wf_box_dmd_decrease) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	964	auto_tac (temp_css addSEs2 [STL4E,DmdImplE])
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	965	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	966
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	967
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	968	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	969	(* Flexible quantification over state variables *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	970	(* ------------------------------------------------------------------------- *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	971	section "Flexible quantification";
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	972
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	973	qed_goal "aallI" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	974	"[\| basevars vs; (!!x. basevars (x,vs) ==> sigma \|= F x) \|] ==> sigma \|= (AALL x. F x)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	975	(fn prems => [auto_tac (temp_css addsimps2 [aall_def] addSEs2 [eexE]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	976	addSIs2 prems addSDs2 prems)]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	977
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	978	qed_goalw "aallE" TLA.thy [aall_def] "\|- (AALL x. F x) --> F x"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	979	(K [Clarsimp_tac 1, etac swap 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	980	force_tac (temp_css addSIs2 [eexI]) 1]);
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	981
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	982	(* monotonicity of quantification *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	983	qed_goal "eex_mono" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	984	"[\| sigma \|= EEX x. F x; !!x. sigma \|= F x --> G x \|] ==> sigma \|= EEX x. G x"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	985	(fn [min,maj] => [rtac (unit_base RS (min RS eexE)) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	986	rtac (temp_use eexI) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	987	etac ((rewrite_rule intensional_rews maj) RS mp) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	988	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	989
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	990	qed_goal "aall_mono" TLA.thy
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	991	"[\| sigma \|= AALL x. F(x); !!x. sigma \|= F(x) --> G(x) \|] ==> sigma \|= AALL x. G(x)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	992	(fn [min,maj] => [rtac (unit_base RS aallI) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	993	rtac ((rewrite_rule intensional_rews maj) RS mp) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	994	rtac (min RS (temp_use aallE)) 1
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	995	]);
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	996
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	997	(* Derived history introduction rule *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	998	qed_goal "historyI" TLA.thy
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	999	"[\| sigma \|= Init I; sigma \|= []N; basevars vs; \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1000	\ (!!h. basevars(h,vs) ==> \|- I & h = ha --> HI h); \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1001	\ (!!h s t. [\| basevars(h,vs); N (s,t); h t = hb (h s) (s,t) \|] ==> HN h (s,t)) \
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1002	\ \|] ==> sigma \|= EEX h. Init (HI h) & [](HN h)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1003	(fn [p1,p2,p3,p4,p5]
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1004	=> [rtac ((temp_use history) RS eexE) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1005	rtac p3 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1006	rtac (temp_use eexI) 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1007	Clarsimp_tac 1, rtac conjI 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1008	cut_facts_tac [p2] 2,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1009	merge_box_tac 2,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1010	force_tac (temp_css addSEs2 [STL4E,p5]) 2,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1011	cut_facts_tac [p1] 1,
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1012	force_tac (temp_css addsimps2 Init_defs addSEs2 [p4]) 1
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1013	]);
db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1014
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1015	(* ----------------------------------------------------------------------
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1016	example of a history variable: existence of a clock
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1017
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1018	Goal "\|- EEX h. Init(h = #True) & [](h` = (~$h))";
4423 a129b817b58a expandshort; wenzelm parents: 4089 diff changeset	1019	by (rtac tempI 1);
a129b817b58a expandshort; wenzelm parents: 4089 diff changeset	1020	by (rtac historyI 1);
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1021	by (REPEAT (force_tac (temp_css addsimps2 Init_defs addIs2 [unit_base, necT]) 1));
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1022	( solved )
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1023
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1024	---------------------------------------------------------------------- *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 5755 diff changeset	1025

author	paulson
	Fri, 18 Feb 2000 15:35:29 +0100
changeset 8255	38f96394c099
parent 6255	db63752140c7
child 9168	77658111e122
permissions	-rw-r--r--