isabelle: src/HOL/IMP/Transition.ML@3d15596ee644 (annotated)

1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	1	(* Title: HOL/IMP/Transition.ML
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	2	ID: $Id$
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	3	Author: Tobias Nipkow & Robert Sandner, TUM
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	4	Copyright 1996 TUM
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	5
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	6	Equivalence of Natural and Transition semantics
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	7	*)
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	8
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	9	section "Winskel's Proof";
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	10
1973 8c94c9a5be10 Converted proofs to use default clasets. nipkow parents: 1939 diff changeset	11	AddSEs [rel_pow_0_E];
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	12
6141 a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	13	val evalc1_SEs =
a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	14	map evalc1.mk_cases
a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	15	["(SKIP,s) -1-> t",
9241 f961c1fdff50 disambiguated := ; added Examples (factorial) oheimb parents: 8442 diff changeset	16	"(x:==a,s) -1-> t",
6141 a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	17	"(c1;c2, s) -1-> t",
8016 b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	18	"(IF b THEN c1 ELSE c2, s) -1-> t",
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	19	"(WHILE b DO c, s) -1-> t"];
6141 a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	20
a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	21	val evalc1_E = evalc1.mk_cases "(WHILE b DO c,s) -1-> t";
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	22
1973 8c94c9a5be10 Converted proofs to use default clasets. nipkow parents: 1939 diff changeset	23	AddSEs evalc1_SEs;
8c94c9a5be10 Converted proofs to use default clasets. nipkow parents: 1939 diff changeset	24
8c94c9a5be10 Converted proofs to use default clasets. nipkow parents: 1939 diff changeset	25	AddIs evalc1.intrs;
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	26
5278 a903b66822e2 even more tidying of Goal commands paulson parents: 5223 diff changeset	27	Goal "!s t u c d. (c,s) -n-> (SKIP,t) --> (d,t) -*-> (SKIP,u) --> \
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	28	\ (c;d, s) -*-> (SKIP, u)";
5183 89f162de39cf Adapted to new datatype package. berghofe parents: 5117 diff changeset	29	by (induct_tac "n" 1);
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	30	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2])1);
4772 8c7e7eaffbdf split_all_tac now fails if there is nothing to split oheimb parents: 4746 diff changeset	31	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]addSDs [rel_pow_Suc_D2])1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	32	qed_spec_mp "lemma1";
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	33
5117 7b5efef2ca74 Removed leading !! in goals. nipkow parents: 5069 diff changeset	34	Goal "<c,s> -c-> s1 ==> (c,s) -*-> (SKIP,s1)";
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	35	by (etac evalc.induct 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	36
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	37	(* SKIP *)
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	38	by (rtac rtrancl_refl 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	39
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	40	(* ASSIGN *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	41	by (fast_tac (claset() addSIs [r_into_rtrancl]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	42
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	43	(* SEMI *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	44	by (fast_tac (claset() addDs [rtrancl_imp_UN_rel_pow] addIs [lemma1]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	45
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	46	(* IF *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	47	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]) 1);
96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	48	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	49
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	50	(* WHILE *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	51	by (fast_tac (claset() addSIs [r_into_rtrancl]) 1);
96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	52	by (fast_tac (claset() addDs [rtrancl_imp_UN_rel_pow]
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	53	addIs [rtrancl_into_rtrancl2,lemma1]) 1);
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	54
1730 1c7f793fc374 Updated for new form of induction rules paulson parents: 1707 diff changeset	55	qed "evalc_impl_evalc1";
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	56
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	57
9556 dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	58	Goal "(SKIP,s) -m-> (SKIP,t) ==> s = t & m = 0";
dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	59	by (etac rel_pow_E2 1);
dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	60	by (Asm_full_simp_tac 1);
dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	61	by (Fast_tac 1);
dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	62	val hlemma = result();
dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	63
5278 a903b66822e2 even more tidying of Goal commands paulson parents: 5223 diff changeset	64	Goal "!c d s u. (c;d,s) -n-> (SKIP,u) --> \
1701 a26fbeaaaabd Streamlined syntax: -(n)-> is now -n->. nipkow parents: 1700 diff changeset	65	\ (? t m. (c,s) -*-> (SKIP,t) & (d,t) -m-> (SKIP,u) & m <= n)";
4897 be11be0b6ea1 Changed [/] to [:=] and removed actual definition. nipkow parents: 4772 diff changeset	66	by (induct_tac "n" 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	67	(* case n = 0 *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	68	by (fast_tac (claset() addss simpset()) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	69	(* induction step *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	70	by (fast_tac (claset() addSIs [le_SucI,le_refl]
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	71	addSDs [rel_pow_Suc_D2]
1973 8c94c9a5be10 Converted proofs to use default clasets. nipkow parents: 1939 diff changeset	72	addSEs [rel_pow_imp_rtrancl,rtrancl_into_rtrancl2]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	73	qed_spec_mp "lemma2";
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	74
5069 3ea049f7979d isatool fixgoal; wenzelm parents: 4897 diff changeset	75	Goal "!s t. (c,s) -*-> (SKIP,t) --> <c,s> -c-> t";
4897 be11be0b6ea1 Changed [/] to [:=] and removed actual definition. nipkow parents: 4772 diff changeset	76	by (induct_tac "c" 1);
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	77	by (safe_tac (claset() addSDs [rtrancl_imp_UN_rel_pow]));
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	78
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	79	(* SKIP *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	80	by (fast_tac (claset() addSEs [rel_pow_E2]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	81
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	82	(* ASSIGN *)
4897 be11be0b6ea1 Changed [/] to [:=] and removed actual definition. nipkow parents: 4772 diff changeset	83	by (fast_tac (claset() addSDs [hlemma] addSEs [rel_pow_E2]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	84
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	85	(* SEMI *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	86	by (fast_tac (claset() addSDs [lemma2,rel_pow_imp_rtrancl]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	87
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	88	(* IF *)
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	89	by (etac rel_pow_E2 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	90	by (Asm_full_simp_tac 1);
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	91	by (fast_tac (claset() addSDs [rel_pow_imp_rtrancl]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	92
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	93	(* WHILE, induction on the length of the computation *)
4153 e534c4c32d54 Ran expandshort, especially to introduce Safe_tac paulson parents: 4089 diff changeset	94	by (eres_inst_tac [("P","?X -n-> ?Y")] rev_mp 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	95	by (res_inst_tac [("x","s")] spec 1);
9870 2374ba026fc6 less_induct -> nat_less_induct nipkow parents: 9747 diff changeset	96	by (induct_thm_tac nat_less_induct "n" 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	97	by (strip_tac 1);
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	98	by (etac rel_pow_E2 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	99	by (Asm_full_simp_tac 1);
6141 a6922171b396 removal of the (thm list) argument of mk_cases paulson parents: 5278 diff changeset	100	by (etac evalc1_E 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	101
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	102	(* WhileFalse *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	103	by (fast_tac (claset() addSDs [hlemma]) 1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	104
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	105	(* WhileTrue *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	106	by (fast_tac(claset() addSDs[lemma2,le_imp_less_or_eq,less_Suc_eq RS iffD2])1);
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	107
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	108	qed_spec_mp "evalc1_impl_evalc";
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	109
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	110
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	111	(** proof of the equivalence of evalc and evalc1 **)
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	112
5069 3ea049f7979d isatool fixgoal; wenzelm parents: 4897 diff changeset	113	Goal "((c, s) -*-> (SKIP, t)) = (<c,s> -c-> t)";
1700 afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	114	by (fast_tac (HOL_cs addSEs [evalc1_impl_evalc,evalc_impl_evalc1]) 1);
afd3b60660db Natural and Transition semantics. nipkow parents: diff changeset	115	qed "evalc1_eq_evalc";
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	116
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	117
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	118	section "A Proof Without -n->";
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	119
5278 a903b66822e2 even more tidying of Goal commands paulson parents: 5223 diff changeset	120	Goal "(c1,s1) -*-> (SKIP,s2) ==> \
1939 ad5bb12605fb Generalized my_lemma1: (c3,s3) \|--> cs3 nipkow parents: 1730 diff changeset	121	\ (c2,s2) --> cs3 --> (c1;c2,s1) --> cs3";
4746 a5dcd7e4a37d inverse -> converse paulson parents: 4651 diff changeset	122	by (etac converse_rtrancl_induct2 1);
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	123	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]) 1);
96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	124	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	125	qed_spec_mp "my_lemma1";
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	126
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	127
5117 7b5efef2ca74 Removed leading !! in goals. nipkow parents: 5069 diff changeset	128	Goal "<c,s> -c-> s1 ==> (c,s) -*-> (SKIP,s1)";
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	129	by (etac evalc.induct 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	130
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	131	(* SKIP *)
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	132	by (rtac rtrancl_refl 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	133
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	134	(* ASSIGN *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	135	by (fast_tac (claset() addSIs [r_into_rtrancl]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	136
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	137	(* SEMI *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	138	by (fast_tac (claset() addIs [my_lemma1]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	139
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	140	(* IF *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	141	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]) 1);
96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	142	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	143
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	144	(* WHILE *)
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	145	by (fast_tac (claset() addSIs [r_into_rtrancl]) 1);
96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	146	by (fast_tac (claset() addIs [rtrancl_into_rtrancl2,my_lemma1]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	147
1730 1c7f793fc374 Updated for new form of induction rules paulson parents: 1707 diff changeset	148	qed "evalc_impl_evalc1";
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	149
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	150	(* The opposite direction is based on a Coq proof done by Ranan Fraer and
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	151	Yves Bertot. The following sketch is from an email by Ranan Fraer.
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	152	*)
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	153	(*
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	154	First we've broke it into 2 lemmas:
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	155
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	156	Lemma 1
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	157	((c,s) --> (SKIP,t)) => (<c,s> -c-> t)
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	158
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	159	This is a quick one, dealing with the cases skip, assignment
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	160	and while_false.
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	161
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	162	Lemma 2
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	163	((c,s) -*-> (c',s')) /\ <c',s'> -c'-> t
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	164	=>
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	165	<c,s> -c-> t
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	166
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	167	This is proved by rule induction on the -*-> relation
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	168	and the induction step makes use of a third lemma:
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	169
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	170	Lemma 3
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	171	((c,s) --> (c',s')) /\ <c',s'> -c'-> t
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	172	=>
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	173	<c,s> -c-> t
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	174
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	175	This captures the essence of the proof, as it shows that <c',s'>
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	176	behaves as the continuation of <c,s> with respect to the natural
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	177	semantics.
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	178	The proof of Lemma 3 goes by rule induction on the --> relation,
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	179	dealing with the cases sequence1, sequence2, if_true, if_false and
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	180	while_true. In particular in the case (sequence1) we make use again
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	181	of Lemma 1.
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	182	*)
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	183
4897 be11be0b6ea1 Changed [/] to [:=] and removed actual definition. nipkow parents: 4772 diff changeset	184	(Delsimps [update_apply];)
5278 a903b66822e2 even more tidying of Goal commands paulson parents: 5223 diff changeset	185	Goal "((c,s) -1-> (c',s')) ==> (!t. <c',s'> -c-> t --> <c,s> -c-> t)";
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	186	by (etac evalc1.induct 1);
4477 b3e5857d8d99 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort paulson parents: 4153 diff changeset	187	by Auto_tac;
1730 1c7f793fc374 Updated for new form of induction rules paulson parents: 1707 diff changeset	188	qed_spec_mp "FB_lemma3";
4897 be11be0b6ea1 Changed [/] to [:=] and removed actual definition. nipkow parents: 4772 diff changeset	189	(Addsimps [update_apply];)
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	190
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	191	val [major] = goal Transition.thy
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	192	"(c,s) -*-> (c',s') ==> <c',s'> -c-> t --> <c,s> -c-> t";
2031 03a843f0f447 Ran expandshort paulson parents: 1973 diff changeset	193	by (rtac (major RS rtrancl_induct2) 1);
4897 be11be0b6ea1 Changed [/] to [:=] and removed actual definition. nipkow parents: 4772 diff changeset	194	by (Fast_tac 1);
4651 70dd492a1698 changed wrapper mechanism of classical reasoner oheimb parents: 4477 diff changeset	195	by (fast_tac (claset() addIs [FB_lemma3]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	196	qed_spec_mp "FB_lemma2";
e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	197
5117 7b5efef2ca74 Removed leading !! in goals. nipkow parents: 5069 diff changeset	198	Goal "(c,s) -*-> (SKIP,t) ==> <c,s> -c-> t";
4089 96fba19bcbe2 isatool fixclasimp; wenzelm parents: 3439 diff changeset	199	by (fast_tac (claset() addEs [FB_lemma2]) 1);
1707 e1a64a6c454d Added an equivalence proof which avoids the use of -n-> nipkow parents: 1701 diff changeset	200	qed "evalc1_impl_evalc";
8016 b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	201
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	202
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	203	section "The proof in Nielson and Nielson";
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	204
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	205	(* The more precise n=i1+i2+1 is proved by the same script but complicates
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	206	life further down, where i1,i2 < n is needed.
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	207	*)
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	208	Goal "!c1 s. (c1;c2,s) -n-> (SKIP,t) --> \
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	209	\ (? i1 i2 u. (c1,s) -i1-> (SKIP,u) & (c2,u) -i2-> (SKIP,t) & i1<n & i2<n)";
8064 357652a08ee0 expandshort paulson parents: 8016 diff changeset	210	by (induct_tac "n" 1);
9556 dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	211	by (Fast_tac 1);
8064 357652a08ee0 expandshort paulson parents: 8016 diff changeset	212	by (fast_tac (claset() addSIs [rel_pow_0_I,rel_pow_Suc_I2]
8016 b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	213	addSDs [rel_pow_Suc_D2] addss simpset()) 1);
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	214	qed_spec_mp "comp_decomp_lemma";
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	215
b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	216	Goal "!c s t. (c,s) -n-> (SKIP,t) --> <c,s> -c-> t";
9870 2374ba026fc6 less_induct -> nat_less_induct nipkow parents: 9747 diff changeset	217	by (induct_thm_tac nat_less_induct "n" 1);
8064 357652a08ee0 expandshort paulson parents: 8016 diff changeset	218	by (Clarify_tac 1);
357652a08ee0 expandshort paulson parents: 8016 diff changeset	219	by (etac rel_pow_E2 1);
8016 b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	220	by (asm_full_simp_tac (simpset() addsimps evalc.intrs) 1);
8442 96023903c2df case_tac now subsumes both boolean and datatype cases; wenzelm parents: 8423 diff changeset	221	by (case_tac "c" 1);
9556 dcdcfb0545e0 moved Hoare_example to Examples; other minor improvements oheimb parents: 9241 diff changeset	222	by (Fast_tac 1);
8064 357652a08ee0 expandshort paulson parents: 8016 diff changeset	223	by (Blast_tac 1);
357652a08ee0 expandshort paulson parents: 8016 diff changeset	224	by (blast_tac (claset() addSDs [rel_pow_Suc_I2 RS comp_decomp_lemma]) 1);
357652a08ee0 expandshort paulson parents: 8016 diff changeset	225	by (Blast_tac 1);
357652a08ee0 expandshort paulson parents: 8016 diff changeset	226	by (Blast_tac 1);
8016 b7713108ffd8 Added the proof by Nielson & Nielson. nipkow parents: 6141 diff changeset	227	qed_spec_mp "evalc1_impl_evalc";

author	wenzelm
	Wed, 06 Dec 2000 22:08:49 +0100
changeset 10621	3d15596ee644
parent 9870	2374ba026fc6
permissions	-rw-r--r--