|
18106
|
1 |
|
|
|
2 |
theory lambda_mu
|
|
|
3 |
imports "../nominal"
|
|
|
4 |
begin
|
|
|
5 |
|
|
|
6 |
section {* Mu-Calculus from Gavin's cilmu-Paper*}
|
|
|
7 |
|
|
|
8 |
atom_decl var mvar
|
|
|
9 |
|
|
|
10 |
nominal_datatype trm = Var "var"
|
|
|
11 |
| Lam "\<guillemotleft>var\<guillemotright>trm" ("Lam [_]._" [100,100] 100)
|
|
|
12 |
| App "trm" "trm"
|
|
|
13 |
| Pss "mvar" "trm"
|
|
|
14 |
| Act "\<guillemotleft>mvar\<guillemotright>trm" ("Act [_]._" [100,100] 100)
|
|
|
15 |
|
|
|
16 |
section {* strong induction principle *}
|
|
|
17 |
|
|
|
18 |
lemma trm_induct_aux:
|
|
|
19 |
fixes P :: "trm \<Rightarrow> 'a \<Rightarrow> bool"
|
|
|
20 |
and f1 :: "'a \<Rightarrow> var set"
|
|
|
21 |
and f2 :: "'a \<Rightarrow> mvar set"
|
|
|
22 |
assumes fs1: "\<And>x. finite (f1 x)"
|
|
|
23 |
and fs2: "\<And>x. finite (f2 x)"
|
|
|
24 |
and h1: "\<And>k x. P (Var x) k"
|
|
|
25 |
and h2: "\<And>k x t. x\<notin>f1 k \<Longrightarrow> (\<forall>l. P t l) \<Longrightarrow> P (Lam [x].t) k"
|
|
|
26 |
and h3: "\<And>k t1 t2. (\<forall>l. P t1 l) \<Longrightarrow> (\<forall>l. P t2 l) \<Longrightarrow> P (App t1 t2) k"
|
|
|
27 |
and h4: "\<And>k a t1. (\<forall>l. P t1 l) \<Longrightarrow> P (Pss a t1) k"
|
|
|
28 |
and h5: "\<And>k a t1. a\<notin>f2 k \<Longrightarrow> (\<forall>l. P t1 l) \<Longrightarrow> P (Act [a].t1) k"
|
|
|
29 |
shows "\<forall>(pi1::var prm) (pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t)) k"
|
|
|
30 |
proof (induct rule: trm.induct_weak)
|
|
|
31 |
case (goal1 a)
|
|
|
32 |
show ?case using h1 by simp
|
|
|
33 |
next
|
|
|
34 |
case (goal2 x t)
|
|
|
35 |
assume i1: "\<forall>(pi1::var prm)(pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t)) k"
|
|
|
36 |
show ?case
|
|
|
37 |
proof (intro strip, simp add: abs_perm)
|
|
|
38 |
fix pi1::"var prm" and pi2::"mvar prm" and k::"'a"
|
|
|
39 |
have f: "\<exists>c::var. c\<sharp>(f1 k,pi1\<bullet>(pi2\<bullet>x),pi1\<bullet>(pi2\<bullet>t))"
|
|
|
40 |
by (rule at_exists_fresh[OF at_var_inst], simp add: supp_prod fs_var1
|
|
|
41 |
at_fin_set_supp[OF at_var_inst, OF fs1] fs1)
|
|
|
42 |
then obtain c::"var"
|
|
|
43 |
where f1: "c\<noteq>(pi1\<bullet>(pi2\<bullet>x))" and f2: "c\<sharp>(f1 k)" and f3: "c\<sharp>(pi1\<bullet>(pi2\<bullet>t))"
|
|
|
44 |
by (force simp add: fresh_prod at_fresh[OF at_var_inst])
|
|
|
45 |
have g: "Lam [c].([(c,pi1\<bullet>(pi2\<bullet>x))]\<bullet>(pi1\<bullet>(pi2\<bullet>t))) = Lam [(pi1\<bullet>(pi2\<bullet>x))].(pi1\<bullet>(pi2\<bullet>t))" using f1 f3
|
|
|
46 |
by (simp add: trm.inject alpha)
|
|
|
47 |
from i1 have "\<forall>k. P (([(c,pi1\<bullet>(pi2\<bullet>x))]@pi1)\<bullet>(pi2\<bullet>t)) k" by force
|
|
|
48 |
hence i1b: "\<forall>k. P ([(c,pi1\<bullet>(pi2\<bullet>x))]\<bullet>(pi1\<bullet>(pi2\<bullet>t))) k" by (simp add: pt_var2[symmetric])
|
|
|
49 |
with h3 f2 have "P (Lam [c].([(c,pi1\<bullet>(pi2\<bullet>x))]\<bullet>(pi1\<bullet>(pi2\<bullet>t)))) k"
|
|
|
50 |
by (auto simp add: fresh_def at_fin_set_supp[OF at_var_inst, OF fs1])
|
|
|
51 |
with g show "P (Lam [(pi1\<bullet>(pi2\<bullet>x))].(pi1\<bullet>(pi2\<bullet>t))) k" by simp
|
|
|
52 |
qed
|
|
|
53 |
next
|
|
|
54 |
case (goal3 t1 t2)
|
|
|
55 |
assume i1: "\<forall>(pi1::var prm)(pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t1)) k"
|
|
|
56 |
assume i2: "\<forall>(pi1::var prm)(pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t2)) k"
|
|
|
57 |
show ?case
|
|
|
58 |
proof (intro strip)
|
|
|
59 |
fix pi1::"var prm" and pi2::"mvar prm" and k::"'a"
|
|
|
60 |
from h3 i1 i2 have "P (App (pi1\<bullet>(pi2\<bullet>t1)) (pi1\<bullet>(pi2\<bullet>t2))) k" by force
|
|
|
61 |
thus "P (pi1\<bullet>(pi2\<bullet>(App t1 t2))) k" by simp
|
|
|
62 |
qed
|
|
|
63 |
next
|
|
|
64 |
case (goal4 b t)
|
|
|
65 |
assume i1: "\<forall>(pi1::var prm)(pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t)) k"
|
|
|
66 |
show ?case
|
|
|
67 |
proof (intro strip)
|
|
|
68 |
fix pi1::"var prm" and pi2::"mvar prm" and k::"'a"
|
|
|
69 |
from h4 i1 have "P (Pss (pi1\<bullet>(pi2\<bullet>b)) (pi1\<bullet>(pi2\<bullet>t))) k" by force
|
|
|
70 |
thus "P (pi1\<bullet>(pi2\<bullet>(Pss b t))) k" by simp
|
|
|
71 |
qed
|
|
|
72 |
next
|
|
|
73 |
case (goal5 b t)
|
|
|
74 |
assume i1: "\<forall>(pi1::var prm)(pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t)) k"
|
|
|
75 |
show ?case
|
|
|
76 |
proof (intro strip, simp add: abs_perm)
|
|
|
77 |
fix pi1::"var prm" and pi2::"mvar prm" and k::"'a"
|
|
|
78 |
have f: "\<exists>c::mvar. c\<sharp>(f2 k,pi1\<bullet>(pi2\<bullet>b),pi1\<bullet>(pi2\<bullet>t))"
|
|
|
79 |
by (rule at_exists_fresh[OF at_mvar_inst], simp add: supp_prod fs_mvar1
|
|
|
80 |
at_fin_set_supp[OF at_mvar_inst, OF fs2] fs2)
|
|
|
81 |
then obtain c::"mvar"
|
|
|
82 |
where f1: "c\<noteq>(pi1\<bullet>(pi2\<bullet>b))" and f2: "c\<sharp>(f2 k)" and f3: "c\<sharp>(pi1\<bullet>(pi2\<bullet>t))"
|
|
|
83 |
by (force simp add: fresh_prod at_fresh[OF at_mvar_inst])
|
|
|
84 |
have g: "Act [c].(pi1\<bullet>([(c,pi1\<bullet>(pi2\<bullet>b))]\<bullet>(pi2\<bullet>t))) = Act [(pi1\<bullet>(pi2\<bullet>b))].(pi1\<bullet>(pi2\<bullet>t))" using f1 f3
|
|
|
85 |
by (simp add: trm.inject alpha, simp add: dj_cp[OF cp_mvar_var_inst, OF dj_var_mvar])
|
|
|
86 |
from i1 have "\<forall>k. P (pi1\<bullet>(([(c,pi1\<bullet>(pi2\<bullet>b))]@pi2)\<bullet>t)) k" by force
|
|
|
87 |
hence i1b: "\<forall>k. P (pi1\<bullet>([(c,pi1\<bullet>(pi2\<bullet>b))]\<bullet>(pi2\<bullet>t))) k" by (simp add: pt_mvar2[symmetric])
|
|
|
88 |
with h5 f2 have "P (Act [c].(pi1\<bullet>([(c,pi1\<bullet>(pi2\<bullet>b))]\<bullet>(pi2\<bullet>t)))) k"
|
|
|
89 |
by (auto simp add: fresh_def at_fin_set_supp[OF at_mvar_inst, OF fs2])
|
|
|
90 |
with g show "P (Act [(pi1\<bullet>(pi2\<bullet>b))].(pi1\<bullet>(pi2\<bullet>t))) k" by simp
|
|
|
91 |
qed
|
|
|
92 |
qed
|
|
|
93 |
|
|
|
94 |
lemma trm_induct'[case_names Var Lam App Pss Act]:
|
|
|
95 |
fixes P :: "trm \<Rightarrow> 'a \<Rightarrow> bool"
|
|
|
96 |
and f1 :: "'a \<Rightarrow> var set"
|
|
|
97 |
and f2 :: "'a \<Rightarrow> mvar set"
|
|
|
98 |
assumes fs1: "\<And>x. finite (f1 x)"
|
|
|
99 |
and fs2: "\<And>x. finite (f2 x)"
|
|
|
100 |
and h1: "\<And>k x. P (Var x) k"
|
|
|
101 |
and h2: "\<And>k x t. x\<notin>f1 k \<Longrightarrow> (\<forall>l. P t l) \<Longrightarrow> P (Lam [x].t) k"
|
|
|
102 |
and h3: "\<And>k t1 t2. (\<forall>l. P t1 l) \<Longrightarrow> (\<forall>l. P t2 l) \<Longrightarrow> P (App t1 t2) k"
|
|
|
103 |
and h4: "\<And>k a t1. (\<forall>l. P t1 l) \<Longrightarrow> P (Pss a t1) k"
|
|
|
104 |
and h5: "\<And>k a t1. a\<notin>f2 k \<Longrightarrow> (\<forall>l. P t1 l) \<Longrightarrow> P (Act [a].t1) k"
|
|
|
105 |
shows "P t k"
|
|
|
106 |
proof -
|
|
|
107 |
have "\<forall>(pi1::var prm)(pi2::mvar prm) k. P (pi1\<bullet>(pi2\<bullet>t)) k"
|
|
|
108 |
using fs1 fs2 h1 h2 h3 h4 h5 by (rule trm_induct_aux, auto)
|
|
|
109 |
hence "P (([]::var prm)\<bullet>(([]::mvar prm)\<bullet>t)) k" by blast
|
|
|
110 |
thus "P t k" by simp
|
|
|
111 |
qed
|
|
|
112 |
|
|
|
113 |
lemma trm_induct[case_names Var Lam App Pss Act]:
|
|
|
114 |
fixes P :: "trm \<Rightarrow> ('a::{fs_var,fs_mvar}) \<Rightarrow> bool"
|
|
|
115 |
assumes h1: "\<And>k x. P (Var x) k"
|
|
|
116 |
and h2: "\<And>k x t. x\<sharp>k \<Longrightarrow> (\<forall>l. P t l) \<Longrightarrow> P (Lam [x].t) k"
|
|
|
117 |
and h3: "\<And>k t1 t2. (\<forall>l. P t1 l) \<Longrightarrow> (\<forall>l. P t2 l) \<Longrightarrow> P (App t1 t2) k"
|
|
|
118 |
and h4: "\<And>k a t1. (\<forall>l. P t1 l) \<Longrightarrow> P (Pss a t1) k"
|
|
|
119 |
and h5: "\<And>k a t1. a\<sharp>k \<Longrightarrow> (\<forall>l. P t1 l) \<Longrightarrow> P (Act [a].t1) k"
|
|
|
120 |
shows "P t k"
|
|
|
121 |
by (rule trm_induct'[of "\<lambda>x. ((supp x)::var set)" "\<lambda>x. ((supp x)::mvar set)" "P"],
|
|
|
122 |
simp_all add: fs_var1 fs_mvar1 fresh_def[symmetric], auto intro: h1 h2 h3 h4 h5)
|