isabelle: src/ZF/Constructible/Internalize.thy@81a4b4a245b0 (annotated)

13505 52a16cb7fefb Relativized right up to L satisfies V=L! paulson parents: 13503 diff changeset	1	(* Title: ZF/Constructible/Internalize.thy
52a16cb7fefb Relativized right up to L satisfies V=L! paulson parents: 13503 diff changeset	2	ID: $Id$
52a16cb7fefb Relativized right up to L satisfies V=L! paulson parents: 13503 diff changeset	3	Author: Lawrence C Paulson, Cambridge University Computer Laboratory
52a16cb7fefb Relativized right up to L satisfies V=L! paulson parents: 13503 diff changeset	4	*)
52a16cb7fefb Relativized right up to L satisfies V=L! paulson parents: 13503 diff changeset	5
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	6	theory Internalize = L_axioms + Datatype_absolute:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	7
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	8	subsection{Internalized Forms of Data Structuring Operators}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	9
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	10	subsubsection{The Formula @{term is_Inl}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	11
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	12	(* is_Inl(M,a,z) == \<exists>zero[M]. empty(M,zero) & pair(M,zero,a,z) *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	13	constdefs Inl_fm :: "[i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	14	"Inl_fm(a,z) == Exists(And(empty_fm(0), pair_fm(0,succ(a),succ(z))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	15
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	16	lemma Inl_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	17	"[\| x \<in> nat; z \<in> nat \|] ==> Inl_fm(x,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	18	by (simp add: Inl_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	19
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	20	lemma sats_Inl_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	21	"[\| x \<in> nat; z \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	22	==> sats(A, Inl_fm(x,z), env) <-> is_Inl(##A, nth(x,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	23	by (simp add: Inl_fm_def is_Inl_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	24
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	25	lemma Inl_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	26	"[\| nth(i,env) = x; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	27	i \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	28	==> is_Inl(##A, x, z) <-> sats(A, Inl_fm(i,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	29	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	30
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	31	theorem Inl_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	32	"REFLECTS[\<lambda>x. is_Inl(L,f(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	33	\<lambda>i x. is_Inl(##Lset(i),f(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	34	apply (simp only: is_Inl_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	35	apply (intro FOL_reflections function_reflections)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	36	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	37
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	38
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	39	subsubsection{The Formula @{term is_Inr}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	40
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	41	(* is_Inr(M,a,z) == \<exists>n1[M]. number1(M,n1) & pair(M,n1,a,z) *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	42	constdefs Inr_fm :: "[i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	43	"Inr_fm(a,z) == Exists(And(number1_fm(0), pair_fm(0,succ(a),succ(z))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	44
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	45	lemma Inr_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	46	"[\| x \<in> nat; z \<in> nat \|] ==> Inr_fm(x,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	47	by (simp add: Inr_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	48
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	49	lemma sats_Inr_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	50	"[\| x \<in> nat; z \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	51	==> sats(A, Inr_fm(x,z), env) <-> is_Inr(##A, nth(x,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	52	by (simp add: Inr_fm_def is_Inr_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	53
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	54	lemma Inr_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	55	"[\| nth(i,env) = x; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	56	i \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	57	==> is_Inr(##A, x, z) <-> sats(A, Inr_fm(i,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	58	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	59
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	60	theorem Inr_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	61	"REFLECTS[\<lambda>x. is_Inr(L,f(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	62	\<lambda>i x. is_Inr(##Lset(i),f(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	63	apply (simp only: is_Inr_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	64	apply (intro FOL_reflections function_reflections)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	65	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	66
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	67
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	68	subsubsection{The Formula @{term is_Nil}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	69
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	70	(* is_Nil(M,xs) == \<exists>zero[M]. empty(M,zero) & is_Inl(M,zero,xs) *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	71
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	72	constdefs Nil_fm :: "i=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	73	"Nil_fm(x) == Exists(And(empty_fm(0), Inl_fm(0,succ(x))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	74
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	75	lemma Nil_type [TC]: "x \<in> nat ==> Nil_fm(x) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	76	by (simp add: Nil_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	77
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	78	lemma sats_Nil_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	79	"[\| x \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	80	==> sats(A, Nil_fm(x), env) <-> is_Nil(##A, nth(x,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	81	by (simp add: Nil_fm_def is_Nil_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	82
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	83	lemma Nil_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	84	"[\| nth(i,env) = x; i \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	85	==> is_Nil(##A, x) <-> sats(A, Nil_fm(i), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	86	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	87
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	88	theorem Nil_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	89	"REFLECTS[\<lambda>x. is_Nil(L,f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	90	\<lambda>i x. is_Nil(##Lset(i),f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	91	apply (simp only: is_Nil_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	92	apply (intro FOL_reflections function_reflections Inl_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	93	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	94
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	95
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	96	subsubsection{The Formula @{term is_Cons}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	97
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	98
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	99	(* "is_Cons(M,a,l,Z) == \<exists>p[M]. pair(M,a,l,p) & is_Inr(M,p,Z)" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	100	constdefs Cons_fm :: "[i,i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	101	"Cons_fm(a,l,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	102	Exists(And(pair_fm(succ(a),succ(l),0), Inr_fm(0,succ(Z))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	103
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	104	lemma Cons_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	105	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> Cons_fm(x,y,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	106	by (simp add: Cons_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	107
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	108	lemma sats_Cons_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	109	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	110	==> sats(A, Cons_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	111	is_Cons(##A, nth(x,env), nth(y,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	112	by (simp add: Cons_fm_def is_Cons_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	113
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	114	lemma Cons_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	115	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	116	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	117	==>is_Cons(##A, x, y, z) <-> sats(A, Cons_fm(i,j,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	118	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	119
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	120	theorem Cons_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	121	"REFLECTS[\<lambda>x. is_Cons(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	122	\<lambda>i x. is_Cons(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	123	apply (simp only: is_Cons_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	124	apply (intro FOL_reflections pair_reflection Inr_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	125	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	126
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	127	subsubsection{The Formula @{term is_quasilist}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	128
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	129	(* is_quasilist(M,xs) == is_Nil(M,z) \| (\<exists>x[M]. \<exists>l[M]. is_Cons(M,x,l,z))" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	130
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	131	constdefs quasilist_fm :: "i=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	132	"quasilist_fm(x) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	133	Or(Nil_fm(x), Exists(Exists(Cons_fm(1,0,succ(succ(x))))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	134
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	135	lemma quasilist_type [TC]: "x \<in> nat ==> quasilist_fm(x) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	136	by (simp add: quasilist_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	137
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	138	lemma sats_quasilist_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	139	"[\| x \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	140	==> sats(A, quasilist_fm(x), env) <-> is_quasilist(##A, nth(x,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	141	by (simp add: quasilist_fm_def is_quasilist_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	142
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	143	lemma quasilist_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	144	"[\| nth(i,env) = x; i \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	145	==> is_quasilist(##A, x) <-> sats(A, quasilist_fm(i), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	146	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	147
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	148	theorem quasilist_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	149	"REFLECTS[\<lambda>x. is_quasilist(L,f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	150	\<lambda>i x. is_quasilist(##Lset(i),f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	151	apply (simp only: is_quasilist_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	152	apply (intro FOL_reflections Nil_reflection Cons_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	153	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	154
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	155
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	156	subsection{Absoluteness for the Function @{term nth}}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	157
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	158
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	159	subsubsection{The Formula @{term is_hd}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	160
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	161	(* "is_hd(M,xs,H) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	162	(is_Nil(M,xs) --> empty(M,H)) &
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	163	(\<forall>x[M]. \<forall>l[M]. ~ is_Cons(M,x,l,xs) \| H=x) &
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	164	(is_quasilist(M,xs) \| empty(M,H))" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	165	constdefs hd_fm :: "[i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	166	"hd_fm(xs,H) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	167	And(Implies(Nil_fm(xs), empty_fm(H)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	168	And(Forall(Forall(Or(Neg(Cons_fm(1,0,xs#+2)), Equal(H#+2,1)))),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	169	Or(quasilist_fm(xs), empty_fm(H))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	170
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	171	lemma hd_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	172	"[\| x \<in> nat; y \<in> nat \|] ==> hd_fm(x,y) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	173	by (simp add: hd_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	174
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	175	lemma sats_hd_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	176	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	177	==> sats(A, hd_fm(x,y), env) <-> is_hd(##A, nth(x,env), nth(y,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	178	by (simp add: hd_fm_def is_hd_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	179
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	180	lemma hd_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	181	"[\| nth(i,env) = x; nth(j,env) = y;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	182	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	183	==> is_hd(##A, x, y) <-> sats(A, hd_fm(i,j), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	184	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	185
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	186	theorem hd_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	187	"REFLECTS[\<lambda>x. is_hd(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	188	\<lambda>i x. is_hd(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	189	apply (simp only: is_hd_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	190	apply (intro FOL_reflections Nil_reflection Cons_reflection
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	191	quasilist_reflection empty_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	192	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	193
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	194
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	195	subsubsection{The Formula @{term is_tl}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	196
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	197	(* "is_tl(M,xs,T) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	198	(is_Nil(M,xs) --> T=xs) &
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	199	(\<forall>x[M]. \<forall>l[M]. ~ is_Cons(M,x,l,xs) \| T=l) &
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	200	(is_quasilist(M,xs) \| empty(M,T))" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	201	constdefs tl_fm :: "[i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	202	"tl_fm(xs,T) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	203	And(Implies(Nil_fm(xs), Equal(T,xs)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	204	And(Forall(Forall(Or(Neg(Cons_fm(1,0,xs#+2)), Equal(T#+2,0)))),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	205	Or(quasilist_fm(xs), empty_fm(T))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	206
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	207	lemma tl_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	208	"[\| x \<in> nat; y \<in> nat \|] ==> tl_fm(x,y) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	209	by (simp add: tl_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	210
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	211	lemma sats_tl_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	212	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	213	==> sats(A, tl_fm(x,y), env) <-> is_tl(##A, nth(x,env), nth(y,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	214	by (simp add: tl_fm_def is_tl_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	215
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	216	lemma tl_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	217	"[\| nth(i,env) = x; nth(j,env) = y;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	218	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	219	==> is_tl(##A, x, y) <-> sats(A, tl_fm(i,j), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	220	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	221
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	222	theorem tl_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	223	"REFLECTS[\<lambda>x. is_tl(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	224	\<lambda>i x. is_tl(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	225	apply (simp only: is_tl_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	226	apply (intro FOL_reflections Nil_reflection Cons_reflection
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	227	quasilist_reflection empty_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	228	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	229
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	230
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	231	subsubsection{The Operator @{term is_bool_of_o}}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	232
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	233	(* is_bool_of_o :: "[i=>o, o, i] => o"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	234	"is_bool_of_o(M,P,z) == (P & number1(M,z)) \| (~P & empty(M,z))" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	235
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	236	text{The formula @{term p} has no free variables.}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	237	constdefs bool_of_o_fm :: "[i, i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	238	"bool_of_o_fm(p,z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	239	Or(And(p,number1_fm(z)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	240	And(Neg(p),empty_fm(z)))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	241
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	242	lemma is_bool_of_o_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	243	"[\| p \<in> formula; z \<in> nat \|] ==> bool_of_o_fm(p,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	244	by (simp add: bool_of_o_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	245
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	246	lemma sats_bool_of_o_fm:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	247	assumes p_iff_sats: "P <-> sats(A, p, env)"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	248	shows
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	249	"[\|z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	250	==> sats(A, bool_of_o_fm(p,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	251	is_bool_of_o(##A, P, nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	252	by (simp add: bool_of_o_fm_def is_bool_of_o_def p_iff_sats [THEN iff_sym])
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	253
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	254	lemma is_bool_of_o_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	255	"[\| P <-> sats(A, p, env); nth(k,env) = z; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	256	==> is_bool_of_o(##A, P, z) <-> sats(A, bool_of_o_fm(p,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	257	by (simp add: sats_bool_of_o_fm)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	258
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	259	theorem bool_of_o_reflection:
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	260	"REFLECTS [P(L), \<lambda>i. P(##Lset(i))] ==>
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	261	REFLECTS[\<lambda>x. is_bool_of_o(L, P(L,x), f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	262	\<lambda>i x. is_bool_of_o(##Lset(i), P(##Lset(i),x), f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	263	apply (simp (no_asm) only: is_bool_of_o_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	264	apply (intro FOL_reflections function_reflections, assumption+)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	265	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	266
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	267
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	268	subsection{More Internalizations}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	269
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	270	subsubsection{The Operator @{term is_lambda}}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	271
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	272	text{*The two arguments of @{term p} are always 1, 0. Remember that
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	273	@{term p} will be enclosed by three quantifiers.*}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	274
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	275	(* is_lambda :: "[i=>o, i, [i,i]=>o, i] => o"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	276	"is_lambda(M, A, is_b, z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	277	\<forall>p[M]. p \<in> z <->
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	278	(\<exists>u[M]. \<exists>v[M]. u\<in>A & pair(M,u,v,p) & is_b(u,v))" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	279	constdefs lambda_fm :: "[i, i, i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	280	"lambda_fm(p,A,z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	281	Forall(Iff(Member(0,succ(z)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	282	Exists(Exists(And(Member(1,A#+3),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	283	And(pair_fm(1,0,2), p))))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	284
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	285	text{*We call @{term p} with arguments x, y by equating them with
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	286	the corresponding quantified variables with de Bruijn indices 1, 0.*}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	287
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	288	lemma is_lambda_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	289	"[\| p \<in> formula; x \<in> nat; y \<in> nat \|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	290	==> lambda_fm(p,x,y) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	291	by (simp add: lambda_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	292
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	293	lemma sats_lambda_fm:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	294	assumes is_b_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	295	"!!a0 a1 a2.
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	296	[\|a0\<in>A; a1\<in>A; a2\<in>A\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	297	==> is_b(a1, a0) <-> sats(A, p, Cons(a0,Cons(a1,Cons(a2,env))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	298	shows
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	299	"[\|x \<in> nat; y \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	300	==> sats(A, lambda_fm(p,x,y), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	301	is_lambda(##A, nth(x,env), is_b, nth(y,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	302	by (simp add: lambda_fm_def is_lambda_def is_b_iff_sats [THEN iff_sym])
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	303
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	304	theorem is_lambda_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	305	assumes is_b_reflection:
13702 c7cf8fa66534 Polishing. paulson parents: 13655 diff changeset	306	"!!f g h. REFLECTS[\<lambda>x. is_b(L, f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	307	\<lambda>i x. is_b(##Lset(i), f(x), g(x), h(x))]"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	308	shows "REFLECTS[\<lambda>x. is_lambda(L, A(x), is_b(L,x), f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	309	\<lambda>i x. is_lambda(##Lset(i), A(x), is_b(##Lset(i),x), f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	310	apply (simp (no_asm_use) only: is_lambda_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	311	apply (intro FOL_reflections is_b_reflection pair_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	312	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	313
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	314	subsubsection{The Operator @{term is_Member}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	315
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	316	(* "is_Member(M,x,y,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	317	\<exists>p[M]. \<exists>u[M]. pair(M,x,y,p) & is_Inl(M,p,u) & is_Inl(M,u,Z)" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	318	constdefs Member_fm :: "[i,i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	319	"Member_fm(x,y,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	320	Exists(Exists(And(pair_fm(x#+2,y#+2,1),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	321	And(Inl_fm(1,0), Inl_fm(0,Z#+2)))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	322
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	323	lemma is_Member_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	324	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> Member_fm(x,y,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	325	by (simp add: Member_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	326
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	327	lemma sats_Member_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	328	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	329	==> sats(A, Member_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	330	is_Member(##A, nth(x,env), nth(y,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	331	by (simp add: Member_fm_def is_Member_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	332
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	333	lemma Member_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	334	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	335	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	336	==> is_Member(##A, x, y, z) <-> sats(A, Member_fm(i,j,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	337	by (simp add: sats_Member_fm)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	338
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	339	theorem Member_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	340	"REFLECTS[\<lambda>x. is_Member(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	341	\<lambda>i x. is_Member(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	342	apply (simp only: is_Member_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	343	apply (intro FOL_reflections pair_reflection Inl_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	344	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	345
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	346	subsubsection{The Operator @{term is_Equal}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	347
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	348	(* "is_Equal(M,x,y,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	349	\<exists>p[M]. \<exists>u[M]. pair(M,x,y,p) & is_Inr(M,p,u) & is_Inl(M,u,Z)" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	350	constdefs Equal_fm :: "[i,i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	351	"Equal_fm(x,y,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	352	Exists(Exists(And(pair_fm(x#+2,y#+2,1),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	353	And(Inr_fm(1,0), Inl_fm(0,Z#+2)))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	354
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	355	lemma is_Equal_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	356	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> Equal_fm(x,y,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	357	by (simp add: Equal_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	358
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	359	lemma sats_Equal_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	360	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	361	==> sats(A, Equal_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	362	is_Equal(##A, nth(x,env), nth(y,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	363	by (simp add: Equal_fm_def is_Equal_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	364
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	365	lemma Equal_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	366	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	367	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	368	==> is_Equal(##A, x, y, z) <-> sats(A, Equal_fm(i,j,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	369	by (simp add: sats_Equal_fm)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	370
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	371	theorem Equal_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	372	"REFLECTS[\<lambda>x. is_Equal(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	373	\<lambda>i x. is_Equal(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	374	apply (simp only: is_Equal_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	375	apply (intro FOL_reflections pair_reflection Inl_reflection Inr_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	376	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	377
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	378	subsubsection{The Operator @{term is_Nand}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	379
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	380	(* "is_Nand(M,x,y,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	381	\<exists>p[M]. \<exists>u[M]. pair(M,x,y,p) & is_Inl(M,p,u) & is_Inr(M,u,Z)" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	382	constdefs Nand_fm :: "[i,i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	383	"Nand_fm(x,y,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	384	Exists(Exists(And(pair_fm(x#+2,y#+2,1),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	385	And(Inl_fm(1,0), Inr_fm(0,Z#+2)))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	386
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	387	lemma is_Nand_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	388	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> Nand_fm(x,y,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	389	by (simp add: Nand_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	390
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	391	lemma sats_Nand_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	392	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	393	==> sats(A, Nand_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	394	is_Nand(##A, nth(x,env), nth(y,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	395	by (simp add: Nand_fm_def is_Nand_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	396
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	397	lemma Nand_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	398	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	399	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	400	==> is_Nand(##A, x, y, z) <-> sats(A, Nand_fm(i,j,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	401	by (simp add: sats_Nand_fm)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	402
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	403	theorem Nand_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	404	"REFLECTS[\<lambda>x. is_Nand(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	405	\<lambda>i x. is_Nand(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	406	apply (simp only: is_Nand_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	407	apply (intro FOL_reflections pair_reflection Inl_reflection Inr_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	408	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	409
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	410	subsubsection{The Operator @{term is_Forall}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	411
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	412	(* "is_Forall(M,p,Z) == \<exists>u[M]. is_Inr(M,p,u) & is_Inr(M,u,Z)" *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	413	constdefs Forall_fm :: "[i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	414	"Forall_fm(x,Z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	415	Exists(And(Inr_fm(succ(x),0), Inr_fm(0,succ(Z))))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	416
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	417	lemma is_Forall_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	418	"[\| x \<in> nat; y \<in> nat \|] ==> Forall_fm(x,y) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	419	by (simp add: Forall_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	420
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	421	lemma sats_Forall_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	422	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	423	==> sats(A, Forall_fm(x,y), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	424	is_Forall(##A, nth(x,env), nth(y,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	425	by (simp add: Forall_fm_def is_Forall_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	426
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	427	lemma Forall_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	428	"[\| nth(i,env) = x; nth(j,env) = y;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	429	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	430	==> is_Forall(##A, x, y) <-> sats(A, Forall_fm(i,j), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	431	by (simp add: sats_Forall_fm)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	432
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	433	theorem Forall_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	434	"REFLECTS[\<lambda>x. is_Forall(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	435	\<lambda>i x. is_Forall(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	436	apply (simp only: is_Forall_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	437	apply (intro FOL_reflections pair_reflection Inr_reflection)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	438	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	439
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	440
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	441	subsubsection{The Operator @{term is_and}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	442
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	443	(* is_and(M,a,b,z) == (number1(M,a) & z=b) \|
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	444	(~number1(M,a) & empty(M,z)) *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	445	constdefs and_fm :: "[i,i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	446	"and_fm(a,b,z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	447	Or(And(number1_fm(a), Equal(z,b)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	448	And(Neg(number1_fm(a)),empty_fm(z)))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	449
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	450	lemma is_and_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	451	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> and_fm(x,y,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	452	by (simp add: and_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	453
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	454	lemma sats_and_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	455	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	456	==> sats(A, and_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	457	is_and(##A, nth(x,env), nth(y,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	458	by (simp add: and_fm_def is_and_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	459
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	460	lemma is_and_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	461	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	462	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	463	==> is_and(##A, x, y, z) <-> sats(A, and_fm(i,j,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	464	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	465
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	466	theorem is_and_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	467	"REFLECTS[\<lambda>x. is_and(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	468	\<lambda>i x. is_and(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	469	apply (simp only: is_and_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	470	apply (intro FOL_reflections function_reflections)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	471	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	472
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	473
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	474	subsubsection{The Operator @{term is_or}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	475
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	476	(* is_or(M,a,b,z) == (number1(M,a) & number1(M,z)) \|
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	477	(~number1(M,a) & z=b) *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	478
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	479	constdefs or_fm :: "[i,i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	480	"or_fm(a,b,z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	481	Or(And(number1_fm(a), number1_fm(z)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	482	And(Neg(number1_fm(a)), Equal(z,b)))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	483
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	484	lemma is_or_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	485	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> or_fm(x,y,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	486	by (simp add: or_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	487
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	488	lemma sats_or_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	489	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	490	==> sats(A, or_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	491	is_or(##A, nth(x,env), nth(y,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	492	by (simp add: or_fm_def is_or_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	493
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	494	lemma is_or_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	495	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	496	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	497	==> is_or(##A, x, y, z) <-> sats(A, or_fm(i,j,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	498	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	499
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	500	theorem is_or_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	501	"REFLECTS[\<lambda>x. is_or(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	502	\<lambda>i x. is_or(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	503	apply (simp only: is_or_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	504	apply (intro FOL_reflections function_reflections)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	505	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	506
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	507
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	508
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	509	subsubsection{The Operator @{term is_not}, Internalized}
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	510
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	511	(* is_not(M,a,z) == (number1(M,a) & empty(M,z)) \|
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	512	(~number1(M,a) & number1(M,z)) *)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	513	constdefs not_fm :: "[i,i]=>i"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	514	"not_fm(a,z) ==
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	515	Or(And(number1_fm(a), empty_fm(z)),
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	516	And(Neg(number1_fm(a)), number1_fm(z)))"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	517
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	518	lemma is_not_type [TC]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	519	"[\| x \<in> nat; z \<in> nat \|] ==> not_fm(x,z) \<in> formula"
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	520	by (simp add: not_fm_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	521
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	522	lemma sats_is_not_fm [simp]:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	523	"[\| x \<in> nat; z \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	524	==> sats(A, not_fm(x,z), env) <-> is_not(##A, nth(x,env), nth(z,env))"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	525	by (simp add: not_fm_def is_not_def)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	526
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	527	lemma is_not_iff_sats:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	528	"[\| nth(i,env) = x; nth(k,env) = z;
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	529	i \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	530	==> is_not(##A, x, z) <-> sats(A, not_fm(i,k), env)"
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	531	by simp
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	532
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	533	theorem is_not_reflection:
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	534	"REFLECTS[\<lambda>x. is_not(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	535	\<lambda>i x. is_not(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	536	apply (simp only: is_not_def)
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	537	apply (intro FOL_reflections function_reflections)
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	538	done
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	539
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	540
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	541	lemmas extra_reflections =
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	542	Inl_reflection Inr_reflection Nil_reflection Cons_reflection
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	543	quasilist_reflection hd_reflection tl_reflection bool_of_o_reflection
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	544	is_lambda_reflection Member_reflection Equal_reflection Nand_reflection
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	545	Forall_reflection is_and_reflection is_or_reflection is_not_reflection
6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	546
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	547	subsection{Well-Founded Recursion!}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	548
13506 acc18a5d2b1a Various tweaks of the presentation paulson parents: 13505 diff changeset	549	subsubsection{The Operator @{term M_is_recfun}}
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	550
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	551	text{Alternative definition, minimizing nesting of quantifiers around MH}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	552	lemma M_is_recfun_iff:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	553	"M_is_recfun(M,MH,r,a,f) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	554	(\<forall>z[M]. z \<in> f <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	555	(\<exists>x[M]. \<exists>f_r_sx[M]. \<exists>y[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	556	MH(x, f_r_sx, y) & pair(M,x,y,z) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	557	(\<exists>xa[M]. \<exists>sx[M]. \<exists>r_sx[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	558	pair(M,x,a,xa) & upair(M,x,x,sx) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	559	pre_image(M,r,sx,r_sx) & restriction(M,f,r_sx,f_r_sx) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	560	xa \<in> r)))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	561	apply (simp add: M_is_recfun_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	562	apply (rule rall_cong, blast)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	563	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	564
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	565
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	566	(* M_is_recfun :: "[i=>o, [i,i,i]=>o, i, i, i] => o"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	567	"M_is_recfun(M,MH,r,a,f) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	568	\<forall>z[M]. z \<in> f <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	569	2 1 0
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	570	new def (\<exists>x[M]. \<exists>f_r_sx[M]. \<exists>y[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	571	MH(x, f_r_sx, y) & pair(M,x,y,z) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	572	(\<exists>xa[M]. \<exists>sx[M]. \<exists>r_sx[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	573	pair(M,x,a,xa) & upair(M,x,x,sx) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	574	pre_image(M,r,sx,r_sx) & restriction(M,f,r_sx,f_r_sx) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	575	xa \<in> r)"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	576	*)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	577
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	578	text{The three arguments of @{term p} are always 2, 1, 0 and z}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	579	constdefs is_recfun_fm :: "[i, i, i, i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	580	"is_recfun_fm(p,r,a,f) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	581	Forall(Iff(Member(0,succ(f)),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	582	Exists(Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	583	And(p,
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	584	And(pair_fm(2,0,3),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	585	Exists(Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	586	And(pair_fm(5,a#+7,2),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	587	And(upair_fm(5,5,1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	588	And(pre_image_fm(r#+7,1,0),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	589	And(restriction_fm(f#+7,0,4), Member(2,r#+7)))))))))))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	590
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	591	lemma is_recfun_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	592	"[\| p \<in> formula; x \<in> nat; y \<in> nat; z \<in> nat \|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	593	==> is_recfun_fm(p,x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	594	by (simp add: is_recfun_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	595
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	596
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	597	lemma sats_is_recfun_fm:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	598	assumes MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	599	"!!a0 a1 a2 a3.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	600	[\|a0\<in>A; a1\<in>A; a2\<in>A; a3\<in>A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	601	==> MH(a2, a1, a0) <-> sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,env)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	602	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	603	"[\|x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	604	==> sats(A, is_recfun_fm(p,x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	605	M_is_recfun(##A, MH, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	606	by (simp add: is_recfun_fm_def M_is_recfun_iff MH_iff_sats [THEN iff_sym])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	607
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	608	lemma is_recfun_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	609	assumes MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	610	"!!a0 a1 a2 a3.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	611	[\|a0\<in>A; a1\<in>A; a2\<in>A; a3\<in>A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	612	==> MH(a2, a1, a0) <-> sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,env)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	613	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	614	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	615	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	616	==> M_is_recfun(##A, MH, x, y, z) <-> sats(A, is_recfun_fm(p,i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	617	by (simp add: sats_is_recfun_fm [OF MH_iff_sats])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	618
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	619	text{*The additional variable in the premise, namely @{term f'}, is essential.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	620	It lets @{term MH} depend upon @{term x}, which seems often necessary.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	621	The same thing occurs in @{text is_wfrec_reflection}.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	622	theorem is_recfun_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	623	assumes MH_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	624	"!!f' f g h. REFLECTS[\<lambda>x. MH(L, f'(x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	625	\<lambda>i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	626	shows "REFLECTS[\<lambda>x. M_is_recfun(L, MH(L,x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	627	\<lambda>i x. M_is_recfun(##Lset(i), MH(##Lset(i),x), f(x), g(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	628	apply (simp (no_asm_use) only: M_is_recfun_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	629	apply (intro FOL_reflections function_reflections
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	630	restriction_reflection MH_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	631	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	632
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	633	subsubsection{The Operator @{term is_wfrec}}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	634
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	635	text{*The three arguments of @{term p} are always 2, 1, 0;
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	636	@{term p} is enclosed by 5 quantifiers.*}
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	637
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	638	(* is_wfrec :: "[i=>o, i, [i,i,i]=>o, i, i] => o"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	639	"is_wfrec(M,MH,r,a,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	640	\<exists>f[M]. M_is_recfun(M,MH,r,a,f) & MH(a,f,z)" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	641	constdefs is_wfrec_fm :: "[i, i, i, i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	642	"is_wfrec_fm(p,r,a,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	643	Exists(And(is_recfun_fm(p, succ(r), succ(a), 0),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	644	Exists(Exists(Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	645	And(Equal(2,a#+5), And(Equal(1,4), And(Equal(0,z#+5), p)))))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	646
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	647	text{*We call @{term p} with arguments a, f, z by equating them with
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	648	the corresponding quantified variables with de Bruijn indices 2, 1, 0.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	649
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	650	text{*There's an additional existential quantifier to ensure that the
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	651	environments in both calls to MH have the same length.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	652
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	653	lemma is_wfrec_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	654	"[\| p \<in> formula; x \<in> nat; y \<in> nat; z \<in> nat \|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	655	==> is_wfrec_fm(p,x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	656	by (simp add: is_wfrec_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	657
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	658	lemma sats_is_wfrec_fm:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	659	assumes MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	660	"!!a0 a1 a2 a3 a4.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	661	[\|a0\<in>A; a1\<in>A; a2\<in>A; a3\<in>A; a4\<in>A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	662	==> MH(a2, a1, a0) <-> sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,Cons(a4,env))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	663	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	664	"[\|x \<in> nat; y < length(env); z < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	665	==> sats(A, is_wfrec_fm(p,x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	666	is_wfrec(##A, MH, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	667	apply (frule_tac x=z in lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	668	apply (frule lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	669	apply (simp add: is_wfrec_fm_def sats_is_recfun_fm is_wfrec_def MH_iff_sats [THEN iff_sym], blast)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	670	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	671
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	672
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	673	lemma is_wfrec_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	674	assumes MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	675	"!!a0 a1 a2 a3 a4.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	676	[\|a0\<in>A; a1\<in>A; a2\<in>A; a3\<in>A; a4\<in>A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	677	==> MH(a2, a1, a0) <-> sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,Cons(a4,env))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	678	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	679	"[\|nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	680	i \<in> nat; j < length(env); k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	681	==> is_wfrec(##A, MH, x, y, z) <-> sats(A, is_wfrec_fm(p,i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	682	by (simp add: sats_is_wfrec_fm [OF MH_iff_sats])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	683
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	684	theorem is_wfrec_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	685	assumes MH_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	686	"!!f' f g h. REFLECTS[\<lambda>x. MH(L, f'(x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	687	\<lambda>i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	688	shows "REFLECTS[\<lambda>x. is_wfrec(L, MH(L,x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	689	\<lambda>i x. is_wfrec(##Lset(i), MH(##Lset(i),x), f(x), g(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	690	apply (simp (no_asm_use) only: is_wfrec_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	691	apply (intro FOL_reflections MH_reflection is_recfun_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	692	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	693
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	694
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	695	subsection{For Datatypes}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	696
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	697	subsubsection{Binary Products, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	698
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	699	constdefs cartprod_fm :: "[i,i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	700	(* "cartprod(M,A,B,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	701	\<forall>u[M]. u \<in> z <-> (\<exists>x[M]. x\<in>A & (\<exists>y[M]. y\<in>B & pair(M,x,y,u)))" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	702	"cartprod_fm(A,B,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	703	Forall(Iff(Member(0,succ(z)),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	704	Exists(And(Member(0,succ(succ(A))),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	705	Exists(And(Member(0,succ(succ(succ(B)))),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	706	pair_fm(1,0,2)))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	707
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	708	lemma cartprod_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	709	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> cartprod_fm(x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	710	by (simp add: cartprod_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	711
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	712	lemma sats_cartprod_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	713	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	714	==> sats(A, cartprod_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	715	cartprod(##A, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	716	by (simp add: cartprod_fm_def cartprod_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	717
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	718	lemma cartprod_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	719	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	720	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	721	==> cartprod(##A, x, y, z) <-> sats(A, cartprod_fm(i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	722	by (simp add: sats_cartprod_fm)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	723
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	724	theorem cartprod_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	725	"REFLECTS[\<lambda>x. cartprod(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	726	\<lambda>i x. cartprod(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	727	apply (simp only: cartprod_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	728	apply (intro FOL_reflections pair_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	729	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	730
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	731
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	732	subsubsection{Binary Sums, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	733
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	734	(* "is_sum(M,A,B,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	735	\<exists>A0[M]. \<exists>n1[M]. \<exists>s1[M]. \<exists>B1[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	736	3 2 1 0
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	737	number1(M,n1) & cartprod(M,n1,A,A0) & upair(M,n1,n1,s1) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	738	cartprod(M,s1,B,B1) & union(M,A0,B1,Z)" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	739	constdefs sum_fm :: "[i,i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	740	"sum_fm(A,B,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	741	Exists(Exists(Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	742	And(number1_fm(2),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	743	And(cartprod_fm(2,A#+4,3),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	744	And(upair_fm(2,2,1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	745	And(cartprod_fm(1,B#+4,0), union_fm(3,0,Z#+4)))))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	746
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	747	lemma sum_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	748	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> sum_fm(x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	749	by (simp add: sum_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	750
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	751	lemma sats_sum_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	752	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	753	==> sats(A, sum_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	754	is_sum(##A, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	755	by (simp add: sum_fm_def is_sum_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	756
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	757	lemma sum_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	758	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	759	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	760	==> is_sum(##A, x, y, z) <-> sats(A, sum_fm(i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	761	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	762
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	763	theorem sum_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	764	"REFLECTS[\<lambda>x. is_sum(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	765	\<lambda>i x. is_sum(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	766	apply (simp only: is_sum_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	767	apply (intro FOL_reflections function_reflections cartprod_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	768	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	769
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	770
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	771	subsubsection{The Operator @{term quasinat}}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	772
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	773	(* "is_quasinat(M,z) == empty(M,z) \| (\<exists>m[M]. successor(M,m,z))" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	774	constdefs quasinat_fm :: "i=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	775	"quasinat_fm(z) == Or(empty_fm(z), Exists(succ_fm(0,succ(z))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	776
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	777	lemma quasinat_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	778	"x \<in> nat ==> quasinat_fm(x) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	779	by (simp add: quasinat_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	780
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	781	lemma sats_quasinat_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	782	"[\| x \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	783	==> sats(A, quasinat_fm(x), env) <-> is_quasinat(##A, nth(x,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	784	by (simp add: quasinat_fm_def is_quasinat_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	785
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	786	lemma quasinat_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	787	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	788	i \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	789	==> is_quasinat(##A, x) <-> sats(A, quasinat_fm(i), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	790	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	791
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	792	theorem quasinat_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	793	"REFLECTS[\<lambda>x. is_quasinat(L,f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	794	\<lambda>i x. is_quasinat(##Lset(i),f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	795	apply (simp only: is_quasinat_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	796	apply (intro FOL_reflections function_reflections)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	797	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	798
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	799
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	800	subsubsection{The Operator @{term is_nat_case}}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	801	text{*I could not get it to work with the more natural assumption that
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	802	@{term is_b} takes two arguments. Instead it must be a formula where 1 and 0
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	803	stand for @{term m} and @{term b}, respectively.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	804
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	805	(* is_nat_case :: "[i=>o, i, [i,i]=>o, i, i] => o"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	806	"is_nat_case(M, a, is_b, k, z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	807	(empty(M,k) --> z=a) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	808	(\<forall>m[M]. successor(M,m,k) --> is_b(m,z)) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	809	(is_quasinat(M,k) \| empty(M,z))" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	810	text{The formula @{term is_b} has free variables 1 and 0.}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	811	constdefs is_nat_case_fm :: "[i, i, i, i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	812	"is_nat_case_fm(a,is_b,k,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	813	And(Implies(empty_fm(k), Equal(z,a)),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	814	And(Forall(Implies(succ_fm(0,succ(k)),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	815	Forall(Implies(Equal(0,succ(succ(z))), is_b)))),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	816	Or(quasinat_fm(k), empty_fm(z))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	817
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	818	lemma is_nat_case_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	819	"[\| is_b \<in> formula;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	820	x \<in> nat; y \<in> nat; z \<in> nat \|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	821	==> is_nat_case_fm(x,is_b,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	822	by (simp add: is_nat_case_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	823
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	824	lemma sats_is_nat_case_fm:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	825	assumes is_b_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	826	"!!a. a \<in> A ==> is_b(a,nth(z, env)) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	827	sats(A, p, Cons(nth(z,env), Cons(a, env)))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	828	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	829	"[\|x \<in> nat; y \<in> nat; z < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	830	==> sats(A, is_nat_case_fm(x,p,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	831	is_nat_case(##A, nth(x,env), is_b, nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	832	apply (frule lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	833	apply (simp add: is_nat_case_fm_def is_nat_case_def is_b_iff_sats [THEN iff_sym])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	834	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	835
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	836	lemma is_nat_case_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	837	"[\| (!!a. a \<in> A ==> is_b(a,z) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	838	sats(A, p, Cons(z, Cons(a,env))));
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	839	nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	840	i \<in> nat; j \<in> nat; k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	841	==> is_nat_case(##A, x, is_b, y, z) <-> sats(A, is_nat_case_fm(i,p,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	842	by (simp add: sats_is_nat_case_fm [of A is_b])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	843
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	844
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	845	text{*The second argument of @{term is_b} gives it direct access to @{term x},
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	846	which is essential for handling free variable references. Without this
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	847	argument, we cannot prove reflection for @{term iterates_MH}.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	848	theorem is_nat_case_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	849	assumes is_b_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	850	"!!h f g. REFLECTS[\<lambda>x. is_b(L, h(x), f(x), g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	851	\<lambda>i x. is_b(##Lset(i), h(x), f(x), g(x))]"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	852	shows "REFLECTS[\<lambda>x. is_nat_case(L, f(x), is_b(L,x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	853	\<lambda>i x. is_nat_case(##Lset(i), f(x), is_b(##Lset(i), x), g(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	854	apply (simp (no_asm_use) only: is_nat_case_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	855	apply (intro FOL_reflections function_reflections
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	856	restriction_reflection is_b_reflection quasinat_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	857	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	858
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	859
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	860	subsection{The Operator @{term iterates_MH}, Needed for Iteration}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	861
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	862	(* iterates_MH :: "[i=>o, [i,i]=>o, i, i, i, i] => o"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	863	"iterates_MH(M,isF,v,n,g,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	864	is_nat_case(M, v, \<lambda>m u. \<exists>gm[M]. fun_apply(M,g,m,gm) & isF(gm,u),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	865	n, z)" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	866	constdefs iterates_MH_fm :: "[i, i, i, i, i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	867	"iterates_MH_fm(isF,v,n,g,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	868	is_nat_case_fm(v,
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	869	Exists(And(fun_apply_fm(succ(succ(succ(g))),2,0),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	870	Forall(Implies(Equal(0,2), isF)))),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	871	n, z)"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	872
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	873	lemma iterates_MH_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	874	"[\| p \<in> formula;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	875	v \<in> nat; x \<in> nat; y \<in> nat; z \<in> nat \|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	876	==> iterates_MH_fm(p,v,x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	877	by (simp add: iterates_MH_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	878
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	879	lemma sats_iterates_MH_fm:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	880	assumes is_F_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	881	"!!a b c d. [\| a \<in> A; b \<in> A; c \<in> A; d \<in> A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	882	==> is_F(a,b) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	883	sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d,env)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	884	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	885	"[\|v \<in> nat; x \<in> nat; y \<in> nat; z < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	886	==> sats(A, iterates_MH_fm(p,v,x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	887	iterates_MH(##A, is_F, nth(v,env), nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	888	apply (frule lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	889	apply (simp add: iterates_MH_fm_def iterates_MH_def sats_is_nat_case_fm
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	890	is_F_iff_sats [symmetric])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	891	apply (rule is_nat_case_cong)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	892	apply (simp_all add: setclass_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	893	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	894
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	895	lemma iterates_MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	896	assumes is_F_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	897	"!!a b c d. [\| a \<in> A; b \<in> A; c \<in> A; d \<in> A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	898	==> is_F(a,b) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	899	sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d,env)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	900	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	901	"[\| nth(i',env) = v; nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	902	i' \<in> nat; i \<in> nat; j \<in> nat; k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	903	==> iterates_MH(##A, is_F, v, x, y, z) <->
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	904	sats(A, iterates_MH_fm(p,i',i,j,k), env)"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	905	by (simp add: sats_iterates_MH_fm [OF is_F_iff_sats])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	906
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	907	text{*The second argument of @{term p} gives it direct access to @{term x},
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	908	which is essential for handling free variable references. Without this
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	909	argument, we cannot prove reflection for @{term list_N}.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	910	theorem iterates_MH_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	911	assumes p_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	912	"!!f g h. REFLECTS[\<lambda>x. p(L, h(x), f(x), g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	913	\<lambda>i x. p(##Lset(i), h(x), f(x), g(x))]"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	914	shows "REFLECTS[\<lambda>x. iterates_MH(L, p(L,x), e(x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	915	\<lambda>i x. iterates_MH(##Lset(i), p(##Lset(i),x), e(x), f(x), g(x), h(x))]"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	916	apply (simp (no_asm_use) only: iterates_MH_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	917	apply (intro FOL_reflections function_reflections is_nat_case_reflection
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	918	restriction_reflection p_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	919	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	920
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	921
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	922	subsubsection{The Operator @{term is_iterates}}
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	923
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	924	text{*The three arguments of @{term p} are always 2, 1, 0;
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	925	@{term p} is enclosed by 9 (??) quantifiers.*}
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	926
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	927	(* "is_iterates(M,isF,v,n,Z) ==
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	928	\<exists>sn[M]. \<exists>msn[M]. successor(M,n,sn) & membership(M,sn,msn) &
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	929	1 0 is_wfrec(M, iterates_MH(M,isF,v), msn, n, Z)"*)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	930
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	931	constdefs is_iterates_fm :: "[i, i, i, i]=>i"
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	932	"is_iterates_fm(p,v,n,Z) ==
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	933	Exists(Exists(
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	934	And(succ_fm(n#+2,1),
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	935	And(Memrel_fm(1,0),
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	936	is_wfrec_fm(iterates_MH_fm(p, v#+7, 2, 1, 0),
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	937	0, n#+2, Z#+2)))))"
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	938
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	939	text{*We call @{term p} with arguments a, f, z by equating them with
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	940	the corresponding quantified variables with de Bruijn indices 2, 1, 0.*}
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	941
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	942
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	943	lemma is_iterates_type [TC]:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	944	"[\| p \<in> formula; x \<in> nat; y \<in> nat; z \<in> nat \|]
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	945	==> is_iterates_fm(p,x,y,z) \<in> formula"
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	946	by (simp add: is_iterates_fm_def)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	947
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	948	lemma sats_is_iterates_fm:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	949	assumes is_F_iff_sats:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	950	"!!a b c d e f g h i j k.
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	951	[\| a \<in> A; b \<in> A; c \<in> A; d \<in> A; e \<in> A; f \<in> A;
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	952	g \<in> A; h \<in> A; i \<in> A; j \<in> A; k \<in> A\|]
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	953	==> is_F(a,b) <->
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	954	sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d, Cons(e, Cons(f,
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	955	Cons(g, Cons(h, Cons(i, Cons(j, Cons(k, env))))))))))))"
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	956	shows
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	957	"[\|x \<in> nat; y < length(env); z < length(env); env \<in> list(A)\|]
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	958	==> sats(A, is_iterates_fm(p,x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	959	is_iterates(##A, is_F, nth(x,env), nth(y,env), nth(z,env))"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	960	apply (frule_tac x=z in lt_length_in_nat, assumption)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	961	apply (frule lt_length_in_nat, assumption)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	962	apply (simp add: is_iterates_fm_def is_iterates_def sats_is_nat_case_fm
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	963	is_F_iff_sats [symmetric] sats_is_wfrec_fm sats_iterates_MH_fm)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	964	done
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	965
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	966
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	967	lemma is_iterates_iff_sats:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	968	assumes is_F_iff_sats:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	969	"!!a b c d e f g h i j k.
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	970	[\| a \<in> A; b \<in> A; c \<in> A; d \<in> A; e \<in> A; f \<in> A;
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	971	g \<in> A; h \<in> A; i \<in> A; j \<in> A; k \<in> A\|]
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	972	==> is_F(a,b) <->
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	973	sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d, Cons(e, Cons(f,
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	974	Cons(g, Cons(h, Cons(i, Cons(j, Cons(k, env))))))))))))"
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	975	shows
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	976	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	977	i \<in> nat; j < length(env); k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	978	==> is_iterates(##A, is_F, x, y, z) <->
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	979	sats(A, is_iterates_fm(p,i,j,k), env)"
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	980	by (simp add: sats_is_iterates_fm [OF is_F_iff_sats])
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	981
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	982	text{*The second argument of @{term p} gives it direct access to @{term x},
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	983	which is essential for handling free variable references. Without this
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	984	argument, we cannot prove reflection for @{term list_N}.*}
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	985	theorem is_iterates_reflection:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	986	assumes p_reflection:
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	987	"!!f g h. REFLECTS[\<lambda>x. p(L, h(x), f(x), g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	988	\<lambda>i x. p(##Lset(i), h(x), f(x), g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	989	shows "REFLECTS[\<lambda>x. is_iterates(L, p(L,x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	990	\<lambda>i x. is_iterates(##Lset(i), p(##Lset(i),x), f(x), g(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	991	apply (simp (no_asm_use) only: is_iterates_def)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	992	apply (intro FOL_reflections function_reflections p_reflection
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	993	is_wfrec_reflection iterates_MH_reflection)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	994	done
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	995
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	996
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	997	subsubsection{The Formula @{term is_eclose_n}, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	998
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	999	(* is_eclose_n(M,A,n,Z) == is_iterates(M, big_union(M), A, n, Z) *)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1000
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1001	constdefs eclose_n_fm :: "[i,i,i]=>i"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1002	"eclose_n_fm(A,n,Z) == is_iterates_fm(big_union_fm(1,0), A, n, Z)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1003
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1004	lemma eclose_n_fm_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1005	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> eclose_n_fm(x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1006	by (simp add: eclose_n_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1007
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1008	lemma sats_eclose_n_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1009	"[\| x \<in> nat; y < length(env); z < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1010	==> sats(A, eclose_n_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1011	is_eclose_n(##A, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1012	apply (frule_tac x=z in lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1013	apply (frule_tac x=y in lt_length_in_nat, assumption)
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1014	apply (simp add: eclose_n_fm_def is_eclose_n_def
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1015	sats_is_iterates_fm)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1016	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1017
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1018	lemma eclose_n_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1019	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1020	i \<in> nat; j < length(env); k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1021	==> is_eclose_n(##A, x, y, z) <-> sats(A, eclose_n_fm(i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1022	by (simp add: sats_eclose_n_fm)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1023
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1024	theorem eclose_n_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1025	"REFLECTS[\<lambda>x. is_eclose_n(L, f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1026	\<lambda>i x. is_eclose_n(##Lset(i), f(x), g(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1027	apply (simp only: is_eclose_n_def)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1028	apply (intro FOL_reflections function_reflections is_iterates_reflection)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1029	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1030
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1031
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1032	subsubsection{Membership in @{term "eclose(A)"}}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1033
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1034	(* mem_eclose(M,A,l) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1035	\<exists>n[M]. \<exists>eclosen[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1036	finite_ordinal(M,n) & is_eclose_n(M,A,n,eclosen) & l \<in> eclosen *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1037	constdefs mem_eclose_fm :: "[i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1038	"mem_eclose_fm(x,y) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1039	Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1040	And(finite_ordinal_fm(1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1041	And(eclose_n_fm(x#+2,1,0), Member(y#+2,0)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1042
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1043	lemma mem_eclose_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1044	"[\| x \<in> nat; y \<in> nat \|] ==> mem_eclose_fm(x,y) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1045	by (simp add: mem_eclose_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1046
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1047	lemma sats_mem_eclose_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1048	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1049	==> sats(A, mem_eclose_fm(x,y), env) <-> mem_eclose(##A, nth(x,env), nth(y,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1050	by (simp add: mem_eclose_fm_def mem_eclose_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1051
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1052	lemma mem_eclose_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1053	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1054	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1055	==> mem_eclose(##A, x, y) <-> sats(A, mem_eclose_fm(i,j), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1056	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1057
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1058	theorem mem_eclose_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1059	"REFLECTS[\<lambda>x. mem_eclose(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1060	\<lambda>i x. mem_eclose(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1061	apply (simp only: mem_eclose_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1062	apply (intro FOL_reflections finite_ordinal_reflection eclose_n_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1063	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1064
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1065
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1066	subsubsection{The Predicate ``Is @{term "eclose(A)"}''}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1067
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1068	(* is_eclose(M,A,Z) == \<forall>l[M]. l \<in> Z <-> mem_eclose(M,A,l) *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1069	constdefs is_eclose_fm :: "[i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1070	"is_eclose_fm(A,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1071	Forall(Iff(Member(0,succ(Z)), mem_eclose_fm(succ(A),0)))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1072
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1073	lemma is_eclose_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1074	"[\| x \<in> nat; y \<in> nat \|] ==> is_eclose_fm(x,y) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1075	by (simp add: is_eclose_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1076
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1077	lemma sats_is_eclose_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1078	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1079	==> sats(A, is_eclose_fm(x,y), env) <-> is_eclose(##A, nth(x,env), nth(y,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1080	by (simp add: is_eclose_fm_def is_eclose_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1081
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1082	lemma is_eclose_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1083	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1084	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1085	==> is_eclose(##A, x, y) <-> sats(A, is_eclose_fm(i,j), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1086	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1087
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1088	theorem is_eclose_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1089	"REFLECTS[\<lambda>x. is_eclose(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1090	\<lambda>i x. is_eclose(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1091	apply (simp only: is_eclose_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1092	apply (intro FOL_reflections mem_eclose_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1093	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1094
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1095
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1096	subsubsection{The List Functor, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1097
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1098	constdefs list_functor_fm :: "[i,i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1099	(* "is_list_functor(M,A,X,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1100	\<exists>n1[M]. \<exists>AX[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1101	number1(M,n1) & cartprod(M,A,X,AX) & is_sum(M,n1,AX,Z)" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1102	"list_functor_fm(A,X,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1103	Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1104	And(number1_fm(1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1105	And(cartprod_fm(A#+2,X#+2,0), sum_fm(1,0,Z#+2)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1106
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1107	lemma list_functor_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1108	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> list_functor_fm(x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1109	by (simp add: list_functor_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1110
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1111	lemma sats_list_functor_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1112	"[\| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1113	==> sats(A, list_functor_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1114	is_list_functor(##A, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1115	by (simp add: list_functor_fm_def is_list_functor_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1116
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1117	lemma list_functor_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1118	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1119	i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1120	==> is_list_functor(##A, x, y, z) <-> sats(A, list_functor_fm(i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1121	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1122
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1123	theorem list_functor_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1124	"REFLECTS[\<lambda>x. is_list_functor(L,f(x),g(x),h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1125	\<lambda>i x. is_list_functor(##Lset(i),f(x),g(x),h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1126	apply (simp only: is_list_functor_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1127	apply (intro FOL_reflections number1_reflection
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1128	cartprod_reflection sum_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1129	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1130
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1131
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1132	subsubsection{The Formula @{term is_list_N}, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1133
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1134	(* "is_list_N(M,A,n,Z) ==
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1135	\<exists>zero[M]. empty(M,zero) &
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1136	is_iterates(M, is_list_functor(M,A), zero, n, Z)" *)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1137
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1138	constdefs list_N_fm :: "[i,i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1139	"list_N_fm(A,n,Z) ==
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1140	Exists(
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1141	And(empty_fm(0),
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1142	is_iterates_fm(list_functor_fm(A#+9#+3,1,0), 0, n#+1, Z#+1)))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1143
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1144	lemma list_N_fm_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1145	"[\| x \<in> nat; y \<in> nat; z \<in> nat \|] ==> list_N_fm(x,y,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1146	by (simp add: list_N_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1147
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1148	lemma sats_list_N_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1149	"[\| x \<in> nat; y < length(env); z < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1150	==> sats(A, list_N_fm(x,y,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1151	is_list_N(##A, nth(x,env), nth(y,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1152	apply (frule_tac x=z in lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1153	apply (frule_tac x=y in lt_length_in_nat, assumption)
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1154	apply (simp add: list_N_fm_def is_list_N_def sats_is_iterates_fm)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1155	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1156
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1157	lemma list_N_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1158	"[\| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1159	i \<in> nat; j < length(env); k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1160	==> is_list_N(##A, x, y, z) <-> sats(A, list_N_fm(i,j,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1161	by (simp add: sats_list_N_fm)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1162
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1163	theorem list_N_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1164	"REFLECTS[\<lambda>x. is_list_N(L, f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1165	\<lambda>i x. is_list_N(##Lset(i), f(x), g(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1166	apply (simp only: is_list_N_def)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1167	apply (intro FOL_reflections function_reflections
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1168	is_iterates_reflection list_functor_reflection)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1169	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1170
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1171
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1172
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1173	subsubsection{The Predicate ``Is A List''}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1174
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1175	(* mem_list(M,A,l) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1176	\<exists>n[M]. \<exists>listn[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1177	finite_ordinal(M,n) & is_list_N(M,A,n,listn) & l \<in> listn *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1178	constdefs mem_list_fm :: "[i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1179	"mem_list_fm(x,y) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1180	Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1181	And(finite_ordinal_fm(1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1182	And(list_N_fm(x#+2,1,0), Member(y#+2,0)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1183
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1184	lemma mem_list_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1185	"[\| x \<in> nat; y \<in> nat \|] ==> mem_list_fm(x,y) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1186	by (simp add: mem_list_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1187
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1188	lemma sats_mem_list_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1189	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1190	==> sats(A, mem_list_fm(x,y), env) <-> mem_list(##A, nth(x,env), nth(y,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1191	by (simp add: mem_list_fm_def mem_list_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1192
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1193	lemma mem_list_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1194	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1195	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1196	==> mem_list(##A, x, y) <-> sats(A, mem_list_fm(i,j), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1197	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1198
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1199	theorem mem_list_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1200	"REFLECTS[\<lambda>x. mem_list(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1201	\<lambda>i x. mem_list(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1202	apply (simp only: mem_list_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1203	apply (intro FOL_reflections finite_ordinal_reflection list_N_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1204	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1205
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1206
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1207	subsubsection{The Predicate ``Is @{term "list(A)"}''}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1208
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1209	(* is_list(M,A,Z) == \<forall>l[M]. l \<in> Z <-> mem_list(M,A,l) *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1210	constdefs is_list_fm :: "[i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1211	"is_list_fm(A,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1212	Forall(Iff(Member(0,succ(Z)), mem_list_fm(succ(A),0)))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1213
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1214	lemma is_list_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1215	"[\| x \<in> nat; y \<in> nat \|] ==> is_list_fm(x,y) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1216	by (simp add: is_list_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1217
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1218	lemma sats_is_list_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1219	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1220	==> sats(A, is_list_fm(x,y), env) <-> is_list(##A, nth(x,env), nth(y,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1221	by (simp add: is_list_fm_def is_list_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1222
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1223	lemma is_list_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1224	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1225	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1226	==> is_list(##A, x, y) <-> sats(A, is_list_fm(i,j), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1227	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1228
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1229	theorem is_list_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1230	"REFLECTS[\<lambda>x. is_list(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1231	\<lambda>i x. is_list(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1232	apply (simp only: is_list_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1233	apply (intro FOL_reflections mem_list_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1234	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1235
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1236
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1237	subsubsection{The Formula Functor, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1238
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1239	constdefs formula_functor_fm :: "[i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1240	(* "is_formula_functor(M,X,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1241	\<exists>nat'[M]. \<exists>natnat[M]. \<exists>natnatsum[M]. \<exists>XX[M]. \<exists>X3[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1242	4 3 2 1 0
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1243	omega(M,nat') & cartprod(M,nat',nat',natnat) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1244	is_sum(M,natnat,natnat,natnatsum) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1245	cartprod(M,X,X,XX) & is_sum(M,XX,X,X3) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1246	is_sum(M,natnatsum,X3,Z)" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1247	"formula_functor_fm(X,Z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1248	Exists(Exists(Exists(Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1249	And(omega_fm(4),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1250	And(cartprod_fm(4,4,3),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1251	And(sum_fm(3,3,2),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1252	And(cartprod_fm(X#+5,X#+5,1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1253	And(sum_fm(1,X#+5,0), sum_fm(2,0,Z#+5)))))))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1254
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1255	lemma formula_functor_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1256	"[\| x \<in> nat; y \<in> nat \|] ==> formula_functor_fm(x,y) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1257	by (simp add: formula_functor_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1258
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1259	lemma sats_formula_functor_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1260	"[\| x \<in> nat; y \<in> nat; env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1261	==> sats(A, formula_functor_fm(x,y), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1262	is_formula_functor(##A, nth(x,env), nth(y,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1263	by (simp add: formula_functor_fm_def is_formula_functor_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1264
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1265	lemma formula_functor_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1266	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1267	i \<in> nat; j \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1268	==> is_formula_functor(##A, x, y) <-> sats(A, formula_functor_fm(i,j), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1269	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1270
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1271	theorem formula_functor_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1272	"REFLECTS[\<lambda>x. is_formula_functor(L,f(x),g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1273	\<lambda>i x. is_formula_functor(##Lset(i),f(x),g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1274	apply (simp only: is_formula_functor_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1275	apply (intro FOL_reflections omega_reflection
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1276	cartprod_reflection sum_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1277	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1278
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1279
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1280	subsubsection{The Formula @{term is_formula_N}, Internalized}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1281
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1282	(* "is_formula_N(M,n,Z) ==
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1283	\<exists>zero[M]. empty(M,zero) &
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1284	is_iterates(M, is_formula_functor(M), zero, n, Z)" *)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1285	constdefs formula_N_fm :: "[i,i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1286	"formula_N_fm(n,Z) ==
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1287	Exists(
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1288	And(empty_fm(0),
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1289	is_iterates_fm(formula_functor_fm(1,0), 0, n#+1, Z#+1)))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1290
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1291	lemma formula_N_fm_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1292	"[\| x \<in> nat; y \<in> nat \|] ==> formula_N_fm(x,y) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1293	by (simp add: formula_N_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1294
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1295	lemma sats_formula_N_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1296	"[\| x < length(env); y < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1297	==> sats(A, formula_N_fm(x,y), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1298	is_formula_N(##A, nth(x,env), nth(y,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1299	apply (frule_tac x=y in lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1300	apply (frule lt_length_in_nat, assumption)
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1301	apply (simp add: formula_N_fm_def is_formula_N_def sats_is_iterates_fm)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1302	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1303
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1304	lemma formula_N_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1305	"[\| nth(i,env) = x; nth(j,env) = y;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1306	i < length(env); j < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1307	==> is_formula_N(##A, x, y) <-> sats(A, formula_N_fm(i,j), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1308	by (simp add: sats_formula_N_fm)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1309
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1310	theorem formula_N_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1311	"REFLECTS[\<lambda>x. is_formula_N(L, f(x), g(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1312	\<lambda>i x. is_formula_N(##Lset(i), f(x), g(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1313	apply (simp only: is_formula_N_def)
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1314	apply (intro FOL_reflections function_reflections
95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1315	is_iterates_reflection formula_functor_reflection)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1316	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1317
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1318
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1319
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1320	subsubsection{The Predicate ``Is A Formula''}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1321
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1322	(* mem_formula(M,p) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1323	\<exists>n[M]. \<exists>formn[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1324	finite_ordinal(M,n) & is_formula_N(M,n,formn) & p \<in> formn *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1325	constdefs mem_formula_fm :: "i=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1326	"mem_formula_fm(x) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1327	Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1328	And(finite_ordinal_fm(1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1329	And(formula_N_fm(1,0), Member(x#+2,0)))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1330
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1331	lemma mem_formula_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1332	"x \<in> nat ==> mem_formula_fm(x) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1333	by (simp add: mem_formula_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1334
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1335	lemma sats_mem_formula_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1336	"[\| x \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1337	==> sats(A, mem_formula_fm(x), env) <-> mem_formula(##A, nth(x,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1338	by (simp add: mem_formula_fm_def mem_formula_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1339
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1340	lemma mem_formula_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1341	"[\| nth(i,env) = x; i \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1342	==> mem_formula(##A, x) <-> sats(A, mem_formula_fm(i), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1343	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1344
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1345	theorem mem_formula_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1346	"REFLECTS[\<lambda>x. mem_formula(L,f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1347	\<lambda>i x. mem_formula(##Lset(i),f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1348	apply (simp only: mem_formula_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1349	apply (intro FOL_reflections finite_ordinal_reflection formula_N_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1350	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1351
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1352
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1353
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1354	subsubsection{The Predicate ``Is @{term "formula"}''}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1355
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1356	(* is_formula(M,Z) == \<forall>p[M]. p \<in> Z <-> mem_formula(M,p) *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1357	constdefs is_formula_fm :: "i=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1358	"is_formula_fm(Z) == Forall(Iff(Member(0,succ(Z)), mem_formula_fm(0)))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1359
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1360	lemma is_formula_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1361	"x \<in> nat ==> is_formula_fm(x) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1362	by (simp add: is_formula_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1363
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1364	lemma sats_is_formula_fm [simp]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1365	"[\| x \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1366	==> sats(A, is_formula_fm(x), env) <-> is_formula(##A, nth(x,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1367	by (simp add: is_formula_fm_def is_formula_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1368
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1369	lemma is_formula_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1370	"[\| nth(i,env) = x; i \<in> nat; env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1371	==> is_formula(##A, x) <-> sats(A, is_formula_fm(i), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1372	by simp
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1373
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1374	theorem is_formula_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1375	"REFLECTS[\<lambda>x. is_formula(L,f(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1376	\<lambda>i x. is_formula(##Lset(i),f(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1377	apply (simp only: is_formula_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1378	apply (intro FOL_reflections mem_formula_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1379	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1380
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1381
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1382	subsubsection{The Operator @{term is_transrec}}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1383
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1384	text{*The three arguments of @{term p} are always 2, 1, 0. It is buried
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1385	within eight quantifiers!
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1386	We call @{term p} with arguments a, f, z by equating them with
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1387	the corresponding quantified variables with de Bruijn indices 2, 1, 0.*}
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1388
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1389	(* is_transrec :: "[i=>o, [i,i,i]=>o, i, i] => o"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1390	"is_transrec(M,MH,a,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1391	\<exists>sa[M]. \<exists>esa[M]. \<exists>mesa[M].
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1392	2 1 0
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1393	upair(M,a,a,sa) & is_eclose(M,sa,esa) & membership(M,esa,mesa) &
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1394	is_wfrec(M,MH,mesa,a,z)" *)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1395	constdefs is_transrec_fm :: "[i, i, i]=>i"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1396	"is_transrec_fm(p,a,z) ==
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1397	Exists(Exists(Exists(
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1398	And(upair_fm(a#+3,a#+3,2),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1399	And(is_eclose_fm(2,1),
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1400	And(Memrel_fm(1,0), is_wfrec_fm(p,0,a#+3,z#+3)))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1401
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1402
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1403	lemma is_transrec_type [TC]:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1404	"[\| p \<in> formula; x \<in> nat; z \<in> nat \|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1405	==> is_transrec_fm(p,x,z) \<in> formula"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1406	by (simp add: is_transrec_fm_def)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1407
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1408	lemma sats_is_transrec_fm:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1409	assumes MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1410	"!!a0 a1 a2 a3 a4 a5 a6 a7.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1411	[\|a0\<in>A; a1\<in>A; a2\<in>A; a3\<in>A; a4\<in>A; a5\<in>A; a6\<in>A; a7\<in>A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1412	==> MH(a2, a1, a0) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1413	sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1414	Cons(a4,Cons(a5,Cons(a6,Cons(a7,env)))))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1415	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1416	"[\|x < length(env); z < length(env); env \<in> list(A)\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1417	==> sats(A, is_transrec_fm(p,x,z), env) <->
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1418	is_transrec(##A, MH, nth(x,env), nth(z,env))"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1419	apply (frule_tac x=z in lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1420	apply (frule_tac x=x in lt_length_in_nat, assumption)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1421	apply (simp add: is_transrec_fm_def sats_is_wfrec_fm is_transrec_def MH_iff_sats [THEN iff_sym])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1422	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1423
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1424
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1425	lemma is_transrec_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1426	assumes MH_iff_sats:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1427	"!!a0 a1 a2 a3 a4 a5 a6 a7.
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1428	[\|a0\<in>A; a1\<in>A; a2\<in>A; a3\<in>A; a4\<in>A; a5\<in>A; a6\<in>A; a7\<in>A\|]
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1429	==> MH(a2, a1, a0) <->
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1430	sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1431	Cons(a4,Cons(a5,Cons(a6,Cons(a7,env)))))))))"
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1432	shows
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1433	"[\|nth(i,env) = x; nth(k,env) = z;
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1434	i < length(env); k < length(env); env \<in> list(A)\|]
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1435	==> is_transrec(##A, MH, x, z) <-> sats(A, is_transrec_fm(p,i,k), env)"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1436	by (simp add: sats_is_transrec_fm [OF MH_iff_sats])
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1437
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1438	theorem is_transrec_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1439	assumes MH_reflection:
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1440	"!!f' f g h. REFLECTS[\<lambda>x. MH(L, f'(x), f(x), g(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1441	\<lambda>i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]"
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1442	shows "REFLECTS[\<lambda>x. is_transrec(L, MH(L,x), f(x), h(x)),
13807 a28a8fbc76d4 changed ** to ## to avoid conflict with new comment syntax paulson parents: 13702 diff changeset	1443	\<lambda>i x. is_transrec(##Lset(i), MH(##Lset(i),x), f(x), h(x))]"
13655 95b95cdb4704 Tidying up. New primitives is_iterates and is_iterates_fm. paulson parents: 13651 diff changeset	1444	apply (simp (no_asm_use) only: is_transrec_def)
13503 d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1445	apply (intro FOL_reflections function_reflections MH_reflection
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1446	is_wfrec_reflection is_eclose_reflection)
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1447	done
d93f41fe35d2 Relativization and absoluteness for DPow!! paulson parents: 13496 diff changeset	1448
13496 6f0c57def6d5 In ZF/Constructible, moved many results from Satisfies_absolute, etc., to paulson parents: diff changeset	1449	end

author	huffman
	Thu, 26 May 2005 02:23:27 +0200
changeset 16081	81a4b4a245b0
parent 13807	a28a8fbc76d4
child 16417	9bc16273c2d4
permissions	-rw-r--r--