isabelle: src/HOL/Hoare/Separation.thy@870dfea4f9c0 (annotated)

13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	1	(* Title: HOL/Hoare/Separation.thy
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	2	Author: Tobias Nipkow
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	3	Copyright 2003 TUM
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	4
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	5	A first attempt at a nice syntactic embedding of separation logic.
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	6	Already builds on the theory for list abstractions.
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	7
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	8	If we suppress the H parameter for "List", we have to hardwired this
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	9	into parser and pretty printer, which is not very modular.
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	10	Alternative: some syntax like <P> which stands for P H. No more
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	11	compact, but avoids the funny H.
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	12
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	13	*)
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	14
35316 870dfea4f9c0 dropped axclass; dropped Id; session theory Hoare.thy haftmann parents: 35113 diff changeset	15	theory Separation imports Hoare_Logic_Abort SepLogHeap begin
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	16
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	17	text{* The semantic definition of a few connectives: *}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	18
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	19	constdefs
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	20	ortho:: "heap \<Rightarrow> heap \<Rightarrow> bool" (infix "\<bottom>" 55)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	21	"h1 \<bottom> h2 == dom h1 \<inter> dom h2 = {}"
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	22
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	23	is_empty :: "heap \<Rightarrow> bool"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	24	"is_empty h == h = empty"
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	25
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	26	singl:: "heap \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> bool"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	27	"singl h x y == dom h = {x} & h x = Some y"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	28
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	29	star:: "(heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool)"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	30	"star P Q == \<lambda>h. \<exists>h1 h2. h = h1++h2 \<and> h1 \<bottom> h2 \<and> P h1 \<and> Q h2"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	31
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	32	wand:: "(heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool)"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	33	"wand P Q == \<lambda>h. \<forall>h'. h' \<bottom> h \<and> P h' \<longrightarrow> Q(h++h')"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	34
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	35	text{This is what assertions look like without any syntactic sugar: }
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	36
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	37	lemma "VARS x y z w h
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	38	{star (%h. singl h x y) (%h. singl h z w) h}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	39	SKIP
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	40	{x \<noteq> z}"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	41	apply vcg
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	42	apply(auto simp:star_def ortho_def singl_def)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	43	done
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	44
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	45	text{* Now we add nice input syntax. To suppress the heap parameter
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	46	of the connectives, we assume it is always called H and add/remove it
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	47	upon parsing/printing. Thus every pointer program needs to have a
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	48	program variable H, and assertions should not contain any locally
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	49	bound Hs - otherwise they may bind the implicit H. *}
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	50
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	51	syntax
35101 6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	52	"_emp" :: "bool" ("emp")
6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	53	"_singl" :: "nat \<Rightarrow> nat \<Rightarrow> bool" ("[_ \<mapsto> _]")
6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	54	"_star" :: "bool \<Rightarrow> bool \<Rightarrow> bool" (infixl "**" 60)
6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	55	"_wand" :: "bool \<Rightarrow> bool \<Rightarrow> bool" (infixl "-*" 60)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	56
17781 32bb237158a5 print_translation: does not handle _idtdummy; wenzelm parents: 16417 diff changeset	57	(* FIXME does not handle "_idtdummy" *)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	58	ML{*
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	59	(* free_tr takes care of free vars in the scope of sep. logic connectives:
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	60	they are implicitly applied to the heap *)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	61	fun free_tr(t as Free _) = t $ Syntax.free "H"
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	62	(*
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	63	\| free_tr((list as Free("List",_))$ p $ ps) = list $ Syntax.free "H" $ p $ ps
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	64	*)
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	65	\| free_tr t = t
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	66
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	67	fun emp_tr [] = Syntax.const @{const_syntax is_empty} $ Syntax.free "H"
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	68	\| emp_tr ts = raise TERM ("emp_tr", ts);
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	69	fun singl_tr [p, q] = Syntax.const @{const_syntax singl} $ Syntax.free "H" $ p $ q
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	70	\| singl_tr ts = raise TERM ("singl_tr", ts);
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	71	fun star_tr [P,Q] = Syntax.const @{const_syntax star} $
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	72	absfree ("H", dummyT, free_tr P) $ absfree ("H", dummyT, free_tr Q) $
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	73	Syntax.free "H"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	74	\| star_tr ts = raise TERM ("star_tr", ts);
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	75	fun wand_tr [P, Q] = Syntax.const @{const_syntax wand} $
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	76	absfree ("H", dummyT, P) $ absfree ("H", dummyT, Q) $ Syntax.free "H"
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	77	\| wand_tr ts = raise TERM ("wand_tr", ts);
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	78	*}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	79
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	80	parse_translation {*
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	81	[(@{syntax_const "_emp"}, emp_tr),
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	82	(@{syntax_const "_singl"}, singl_tr),
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	83	(@{syntax_const "_star"}, star_tr),
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	84	(@{syntax_const "_wand"}, wand_tr)]
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	85	*}
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	86
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	87	text{* Now it looks much better: *}
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	88
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	89	lemma "VARS H x y z w
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	90	{[x\<mapsto>y] ** [z\<mapsto>w]}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	91	SKIP
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	92	{x \<noteq> z}"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	93	apply vcg
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	94	apply(auto simp:star_def ortho_def singl_def)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	95	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	96
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	97	lemma "VARS H x y z w
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	98	{emp ** emp}
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	99	SKIP
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	100	{emp}"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	101	apply vcg
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	102	apply(auto simp:star_def ortho_def is_empty_def)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	103	done
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	104
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	105	text{* But the output is still unreadable. Thus we also strip the heap
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	106	parameters upon output: *}
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	107
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	108	ML {*
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	109	local
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	110
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	111	fun strip (Abs(_,_,(t as Const("_free",_) $ Free _) $ Bound 0)) = t
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	112	\| strip (Abs(_,_,(t as Free _) $ Bound 0)) = t
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	113	(*
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	114	\| strip (Abs(_,_,((list as Const("List",_))$ Bound 0 $ p $ ps))) = list$p$ps
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	115	*)
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	116	\| strip (Abs(_,_,(t as Const("_var",_) $ Var _) $ Bound 0)) = t
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	117	\| strip (Abs(_,_,P)) = P
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	118	\| strip (Const(@{const_syntax is_empty},_)) = Syntax.const @{syntax_const "_emp"}
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	119	\| strip t = t;
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	120
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	121	in
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	122
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	123	fun is_empty_tr' [_] = Syntax.const @{syntax_const "_emp"}
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	124	fun singl_tr' [_,p,q] = Syntax.const @{syntax_const "_singl"} $ p $ q
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	125	fun star_tr' [P,Q,_] = Syntax.const @{syntax_const "_star"} $ strip P $ strip Q
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	126	fun wand_tr' [P,Q,_] = Syntax.const @{syntax_const "_wand"} $ strip P $ strip Q
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	127
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	128	end
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	129	*}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	130
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	131	print_translation {*
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	132	[(@{const_syntax is_empty}, is_empty_tr'),
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	133	(@{const_syntax singl}, singl_tr'),
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	134	(@{const_syntax star}, star_tr'),
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	135	(@{const_syntax wand}, wand_tr')]
1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	136	*}
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	137
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	138	text{* Now the intermediate proof states are also readable: *}
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	139
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	140	lemma "VARS H x y z w
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	141	{[x\<mapsto>y] ** [z\<mapsto>w]}
13867 1fdecd15437f just a few mods to a few thms nipkow parents: 13857 diff changeset	142	y := w
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	143	{x \<noteq> z}"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	144	apply vcg
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	145	apply(auto simp:star_def ortho_def singl_def)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	146	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	147
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	148	lemma "VARS H x y z w
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	149	{emp ** emp}
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	150	SKIP
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	151	{emp}"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	152	apply vcg
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	153	apply(auto simp:star_def ortho_def is_empty_def)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	154	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	155
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	156	text{* So far we have unfolded the separation logic connectives in
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	157	proofs. Here comes a simple example of a program proof that uses a law
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	158	of separation logic instead. *}
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	159
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	160	(* a law of separation logic *)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	161	lemma star_comm: "P Q = Q P"
18447 da548623916a removed or modified some instances of [iff] paulson parents: 17781 diff changeset	162	by(auto simp add:star_def ortho_def dest: map_add_comm)
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	163
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	164	lemma "VARS H x y z w
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	165	{P ** Q}
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	166	SKIP
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	167	{Q ** P}"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	168	apply vcg
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	169	apply(simp add: star_comm)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	170	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	171
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	172
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	173	lemma "VARS H
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	174	{p\<noteq>0 \<and> [p \<mapsto> x] ** List H q qs}
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	175	H := H(p \<mapsto> q)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	176	{List H p (p#qs)}"
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	177	apply vcg
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	178	apply(simp add: star_def ortho_def singl_def)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	179	apply clarify
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	180	apply(subgoal_tac "p \<notin> set qs")
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	181	prefer 2
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	182	apply(blast dest:list_in_heap)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	183	apply simp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	184	done
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	185
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	186	lemma "VARS H p q r
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	187	{List H p Ps ** List H q Qs}
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	188	WHILE p \<noteq> 0
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	189	INV {\<exists>ps qs. (List H p ps ** List H q qs) \<and> rev ps @ qs = rev Ps @ Qs}
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	190	DO r := p; p := the(H p); H := H(r \<mapsto> q); q := r OD
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	191	{List H q (rev Ps @ Qs)}"
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	192	apply vcg
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	193	apply(simp_all add: star_def ortho_def singl_def)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	194
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	195	apply fastsimp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	196
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	197	apply (clarsimp simp add:List_non_null)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	198	apply(rename_tac ps')
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	199	apply(rule_tac x = ps' in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	200	apply(rule_tac x = "p#qs" in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	201	apply simp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	202	apply(rule_tac x = "h1(p:=None)" in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	203	apply(rule_tac x = "h2(p\<mapsto>q)" in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	204	apply simp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	205	apply(rule conjI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	206	apply(rule ext)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	207	apply(simp add:map_add_def split:option.split)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	208	apply(rule conjI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	209	apply blast
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	210	apply(simp add:map_add_def split:option.split)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	211	apply(rule conjI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	212	apply(subgoal_tac "p \<notin> set qs")
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	213	prefer 2
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	214	apply(blast dest:list_in_heap)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	215	apply(simp)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	216	apply fast
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	217
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	218	apply(fastsimp)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	219	done
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	220
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	221	end

author	haftmann
	Tue, 23 Feb 2010 10:11:15 +0100
changeset 35316	870dfea4f9c0
parent 35113	1a0c129bb2e0
child 35416	d8d7d1b785af
permissions	-rw-r--r--