isabelle: src/HOL/SPARK/Examples/Liseq/Longest_Increasing_Subsequence.thy@939e88e79724 (annotated)

41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	1	(* Title: HOL/SPARK/Examples/Liseq/Longest_Increasing_Subsequence.thy
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	2	Author: Stefan Berghofer
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	3	Copyright: secunet Security Networks AG
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	4	*)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	5
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	6	theory Longest_Increasing_Subsequence
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	7	imports SPARK
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	8	begin
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	9
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	10	text {*
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	11	Set of all increasing subsequences in a prefix of an array
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	12	*}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	13
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	14	definition iseq :: "(nat \<Rightarrow> 'a::linorder) \<Rightarrow> nat \<Rightarrow> nat set set" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	15	"iseq xs l = {is. (\<forall>i\<in>is. i < l) \<and>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	16	(\<forall>i\<in>is. \<forall>j\<in>is. i \<le> j \<longrightarrow> xs i \<le> xs j)}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	17
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	18	text {*
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	19	Length of longest increasing subsequence in a prefix of an array
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	20	*}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	21
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	22	definition liseq :: "(nat \<Rightarrow> 'a::linorder) \<Rightarrow> nat \<Rightarrow> nat" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	23	"liseq xs i = Max (card ` iseq xs i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	24
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	25	text {*
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	26	Length of longest increasing subsequence ending at a particular position
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	27	*}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	28
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	29	definition liseq' :: "(nat \<Rightarrow> 'a::linorder) \<Rightarrow> nat \<Rightarrow> nat" where
56798 939e88e79724 Discontinued old spark_open; spark_open_siv is now spark_open berghofe parents: 44890 diff changeset	30	"liseq' xs i = Max (card ` (iseq xs (Suc i) \<inter> {is. Max is = i}))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	31
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	32	lemma iseq_finite: "finite (iseq xs i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	33	apply (simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	34	apply (rule finite_subset [OF _
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	35	finite_Collect_subsets [of "{j. j < i}"]])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	36	apply auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	37	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	38
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	39	lemma iseq_finite': "is \<in> iseq xs i \<Longrightarrow> finite is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	40	by (auto simp add: iseq_def bounded_nat_set_is_finite)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	41
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	42	lemma iseq_singleton: "i < l \<Longrightarrow> {i} \<in> iseq xs l"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	43	by (simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	44
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	45	lemma iseq_trivial: "{} \<in> iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	46	by (simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	47
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	48	lemma iseq_nonempty: "iseq xs i \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	49	by (auto intro: iseq_trivial)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	50
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	51	lemma liseq'_ge1: "1 \<le> liseq' xs x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	52	apply (simp add: liseq'_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	53	apply (subgoal_tac "iseq xs (Suc x) \<inter> {is. Max is = x} \<noteq> {}")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	54	apply (simp add: Max_ge_iff iseq_finite)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	55	apply (rule_tac x="{x}" in bexI)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	56	apply (auto intro: iseq_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	57	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	58
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	59	lemma liseq_expand:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	60	assumes R: "\<And>is. liseq xs i = card is \<Longrightarrow> is \<in> iseq xs i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	61	(\<And>js. js \<in> iseq xs i \<Longrightarrow> card js \<le> card is) \<Longrightarrow> P"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	62	shows "P"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	63	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	64	have "Max (card ` iseq xs i) \<in> card ` iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	65	by (rule Max_in) (simp_all add: iseq_finite iseq_nonempty)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	66	then obtain js where js: "liseq xs i = card js" and "js \<in> iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	67	by (rule imageE) (simp add: liseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	68	moreover {
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	69	fix js'
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	70	assume "js' \<in> iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	71	then have "card js' \<le> card js"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	72	by (simp add: js [symmetric] liseq_def iseq_finite iseq_trivial)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	73	}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	74	ultimately show ?thesis by (rule R)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	75	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	76
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	77	lemma liseq'_expand:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	78	assumes R: "\<And>is. liseq' xs i = card is \<Longrightarrow> is \<in> iseq xs (Suc i) \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	79	finite is \<Longrightarrow> Max is = i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	80	(\<And>js. js \<in> iseq xs (Suc i) \<Longrightarrow> Max js = i \<Longrightarrow> card js \<le> card is) \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	81	is \<noteq> {} \<Longrightarrow> P"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	82	shows "P"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	83	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	84	have "Max (card ` (iseq xs (Suc i) \<inter> {is. Max is = i})) \<in>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	85	card ` (iseq xs (Suc i) \<inter> {is. Max is = i})"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	86	by (auto simp add: iseq_finite intro!: iseq_singleton Max_in)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	87	then obtain js where js: "liseq' xs i = card js" and "js \<in> iseq xs (Suc i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	88	and "finite js" and "Max js = i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	89	by (auto simp add: liseq'_def intro: iseq_finite')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	90	moreover {
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	91	fix js'
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	92	assume "js' \<in> iseq xs (Suc i)" "Max js' = i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	93	then have "card js' \<le> card js"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	94	by (auto simp add: js [symmetric] liseq'_def iseq_finite intro!: iseq_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	95	}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	96	note max = this
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	97	moreover have "card {i} \<le> card js"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	98	by (rule max) (simp_all add: iseq_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	99	then have "js \<noteq> {}" by auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	100	ultimately show ?thesis by (rule R)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	101	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	102
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	103	lemma liseq'_ge:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	104	"j = card js \<Longrightarrow> js \<in> iseq xs (Suc i) \<Longrightarrow> Max js = i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	105	js \<noteq> {} \<Longrightarrow> j \<le> liseq' xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	106	by (simp add: liseq'_def iseq_finite)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	107
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	108	lemma liseq'_eq:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	109	"j = card js \<Longrightarrow> js \<in> iseq xs (Suc i) \<Longrightarrow> Max js = i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	110	js \<noteq> {} \<Longrightarrow> (\<And>js'. js' \<in> iseq xs (Suc i) \<Longrightarrow> Max js' = i \<Longrightarrow> finite js' \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	111	js' \<noteq> {} \<Longrightarrow> card js' \<le> card js) \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	112	j = liseq' xs i"
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 41588 diff changeset	113	by (fastforce simp add: liseq'_def iseq_finite
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	114	intro: Max_eqI [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	115
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	116	lemma liseq_ge:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	117	"j = card js \<Longrightarrow> js \<in> iseq xs i \<Longrightarrow> j \<le> liseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	118	by (auto simp add: liseq_def iseq_finite)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	119
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	120	lemma liseq_eq:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	121	"j = card js \<Longrightarrow> js \<in> iseq xs i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	122	(\<And>js'. js' \<in> iseq xs i \<Longrightarrow> finite js' \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	123	js' \<noteq> {} \<Longrightarrow> card js' \<le> card js) \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	124	j = liseq xs i"
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 41588 diff changeset	125	by (fastforce simp add: liseq_def iseq_finite
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	126	intro: Max_eqI [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	127
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	128	lemma max_notin: "finite xs \<Longrightarrow> Max xs < x \<Longrightarrow> x \<notin> xs"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	129	by (cases "xs = {}") auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	130
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	131	lemma iseq_insert:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	132	"xs (Max is) \<le> xs i \<Longrightarrow> is \<in> iseq xs i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	133	is \<union> {i} \<in> iseq xs (Suc i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	134	apply (frule iseq_finite')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	135	apply (cases "is = {}")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	136	apply (auto simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	137	apply (rule order_trans [of _ "xs (Max is)"])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	138	apply auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	139	apply (thin_tac "\<forall>a\<in>is. a < i")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	140	apply (drule_tac x=ia in bspec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	141	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	142	apply (drule_tac x="Max is" in bspec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	143	apply (auto intro: Max_in)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	144	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	145
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	146	lemma iseq_diff: "is \<in> iseq xs (Suc (Max is)) \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	147	is - {Max is} \<in> iseq xs (Suc (Max (is - {Max is})))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	148	apply (frule iseq_finite')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	149	apply (simp add: iseq_def less_Suc_eq_le)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	150	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	151
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	152	lemma iseq_butlast:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	153	assumes "js \<in> iseq xs (Suc i)" and "js \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	154	and "Max js \<noteq> i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	155	shows "js \<in> iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	156	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	157	from assms have fin: "finite js"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	158	by (simp add: iseq_finite')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	159	with assms have "Max js \<in> js"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	160	by auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	161	with assms have "Max js < i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	162	by (auto simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	163	with fin assms have "\<forall>j\<in>js. j < i"
41588 9546828c0eb3 tuned; wenzelm parents: 41561 diff changeset	164	by simp
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	165	with assms show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	166	by (simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	167	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	168
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	169	lemma iseq_mono: "is \<in> iseq xs i \<Longrightarrow> i \<le> j \<Longrightarrow> is \<in> iseq xs j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	170	by (auto simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	171
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	172	lemma diff_nonempty:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	173	assumes "1 < card is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	174	shows "is - {i} \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	175	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	176	from assms have fin: "finite is" by (auto intro: card_ge_0_finite)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	177	with assms fin have "card is - 1 \<le> card (is - {i})"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	178	by (simp add: card_Diff_singleton_if)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	179	with assms have "0 < card (is - {i})" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	180	then show ?thesis by (simp add: card_gt_0_iff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	181	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	182
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	183	lemma Max_diff:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	184	assumes "1 < card is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	185	shows "Max (is - {Max is}) < Max is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	186	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	187	from assms have "finite is" by (auto intro: card_ge_0_finite)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	188	moreover from assms have "is - {Max is} \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	189	by (rule diff_nonempty)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	190	ultimately show ?thesis using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	191	apply (auto simp add: not_less)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	192	apply (subgoal_tac "a \<le> Max is")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	193	apply auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	194	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	195	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	196
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	197	lemma iseq_nth: "js \<in> iseq xs l \<Longrightarrow> 1 < card js \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	198	xs (Max (js - {Max js})) \<le> xs (Max js)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	199	apply (auto simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	200	apply (subgoal_tac "Max (js - {Max js}) \<in> js")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	201	apply (thin_tac "\<forall>i\<in>js. i < l")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	202	apply (drule_tac x="Max (js - {Max js})" in bspec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	203	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	204	apply (drule_tac x="Max js" in bspec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	205	using card_gt_0_iff [of js]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	206	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	207	using Max_diff [of js]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	208	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	209	using Max_in [of "js - {Max js}", OF _ diff_nonempty] card_gt_0_iff [of js]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	210	apply auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	211	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	212
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	213	lemma card_leq1_singleton:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	214	assumes "finite xs" "xs \<noteq> {}" "card xs \<le> 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	215	obtains x where "xs = {x}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	216	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	217	by induct simp_all
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	218
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	219	lemma longest_iseq1:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	220	"liseq' xs i =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	221	Max ({0} \<union> {liseq' xs j \|j. j < i \<and> xs j \<le> xs i}) + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	222	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	223	have "Max ({0} \<union> {liseq' xs j \|j. j < i \<and> xs j \<le> xs i}) = liseq' xs i - 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	224	proof (rule Max_eqI)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	225	fix y
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	226	assume "y \<in> {0} \<union> {liseq' xs j \|j. j < i \<and> xs j \<le> xs i}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	227	then show "y \<le> liseq' xs i - 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	228	proof
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	229	assume "y \<in> {liseq' xs j \|j. j < i \<and> xs j \<le> xs i}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	230	then obtain j where j: "j < i" "xs j \<le> xs i" "y = liseq' xs j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	231	by auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	232	have "liseq' xs j + 1 \<le> liseq' xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	233	proof (rule liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	234	fix "is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	235	assume H: "liseq' xs j = card is" "is \<in> iseq xs (Suc j)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	236	"finite is" "Max is = j" "is \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	237	from H j have "card is + 1 = card (is \<union> {i})"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	238	by (simp add: card_insert max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	239	moreover {
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	240	from H j have "xs (Max is) \<le> xs i" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	241	moreover from `j < i` have "Suc j \<le> i" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	242	with `is \<in> iseq xs (Suc j)` have "is \<in> iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	243	by (rule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	244	ultimately have "is \<union> {i} \<in> iseq xs (Suc i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	245	by (rule iseq_insert)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	246	} moreover from H j have "Max (is \<union> {i}) = i" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	247	moreover have "is \<union> {i} \<noteq> {}" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	248	ultimately have "card is + 1 \<le> liseq' xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	249	by (rule liseq'_ge)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	250	with H show ?thesis by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	251	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	252	with j show "y \<le> liseq' xs i - 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	253	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	254	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	255	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	256	have "liseq' xs i \<le> 1 \<or>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	257	(\<exists>j. liseq' xs i - 1 = liseq' xs j \<and> j < i \<and> xs j \<le> xs i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	258	proof (rule liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	259	fix "is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	260	assume H: "liseq' xs i = card is" "is \<in> iseq xs (Suc i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	261	"finite is" "Max is = i" "is \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	262	assume R: "\<And>js. js \<in> iseq xs (Suc i) \<Longrightarrow> Max js = i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	263	card js \<le> card is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	264	show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	265	proof (cases "card is \<le> 1")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	266	case True with H show ?thesis by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	267	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	268	case False
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	269	then have "1 < card is" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	270	then have "Max (is - {Max is}) < Max is"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	271	by (rule Max_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	272	from `is \<in> iseq xs (Suc i)` `1 < card is`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	273	have "xs (Max (is - {Max is})) \<le> xs (Max is)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	274	by (rule iseq_nth)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	275	have "card is - 1 = liseq' xs (Max (is - {i}))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	276	proof (rule liseq'_eq)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	277	from `Max is = i` [symmetric] `finite is` `is \<noteq> {}`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	278	show "card is - 1 = card (is - {i})" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	279	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	280	from `is \<in> iseq xs (Suc i)` `Max is = i` [symmetric]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	281	show "is - {i} \<in> iseq xs (Suc (Max (is - {i})))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	282	by simp (rule iseq_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	283	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	284	from `1 < card is`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	285	show "is - {i} \<noteq> {}" by (rule diff_nonempty)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	286	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	287	fix js
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	288	assume "js \<in> iseq xs (Suc (Max (is - {i})))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	289	"Max js = Max (is - {i})" "finite js" "js \<noteq> {}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	290	from `xs (Max (is - {Max is})) \<le> xs (Max is)`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	291	`Max js = Max (is - {i})` `Max is = i`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	292	have "xs (Max js) \<le> xs i" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	293	moreover from `Max is = i` `Max (is - {Max is}) < Max is`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	294	have "Suc (Max (is - {i})) \<le> i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	295	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	296	with `js \<in> iseq xs (Suc (Max (is - {i})))`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	297	have "js \<in> iseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	298	by (rule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	299	ultimately have "js \<union> {i} \<in> iseq xs (Suc i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	300	by (rule iseq_insert)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	301	moreover from `js \<noteq> {}` `finite js` `Max js = Max (is - {i})`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	302	`Max is = i` [symmetric] `Max (is - {Max is}) < Max is`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	303	have "Max (js \<union> {i}) = i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	304	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	305	ultimately have "card (js \<union> {i}) \<le> card is" by (rule R)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	306	moreover from `Max is = i` [symmetric] `finite js`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	307	`Max (is - {Max is}) < Max is` `Max js = Max (is - {i})`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	308	have "i \<notin> js" by (simp add: max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	309	with `finite js`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	310	have "card (js \<union> {i}) = card ((js \<union> {i}) - {i}) + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	311	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	312	ultimately show "card js \<le> card (is - {i})"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	313	using `i \<notin> js` `Max is = i` [symmetric] `is \<noteq> {}` `finite is`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	314	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	315	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	316	with H `Max (is - {Max is}) < Max is`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	317	`xs (Max (is - {Max is})) \<le> xs (Max is)`
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	318	show ?thesis by auto
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	319	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	320	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	321	then show "liseq' xs i - 1 \<in> {0} \<union>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	322	{liseq' xs j \|j. j < i \<and> xs j \<le> xs i}" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	323	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	324	moreover have "1 \<le> liseq' xs i" by (rule liseq'_ge1)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	325	ultimately show ?thesis by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	326	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	327
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	328	lemma longest_iseq2': "liseq xs i < liseq' xs i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	329	liseq xs (Suc i) = liseq' xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	330	apply (rule_tac xs=xs and i=i in liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	331	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	332	apply (rule liseq_eq [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	333	apply (rule refl)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	334	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	335	apply (case_tac "Max js' = i")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	336	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	337	apply (drule_tac js=js' in iseq_butlast)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	338	apply assumption+
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	339	apply (drule_tac js=js' in liseq_ge [OF refl])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	340	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	341	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	342
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	343	lemma longest_iseq2: "liseq xs i < liseq' xs i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	344	liseq xs i + 1 = liseq' xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	345	apply (rule_tac xs=xs and i=i in liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	346	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	347	apply (rule_tac xs=xs and i=i in liseq_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	348	apply (drule_tac s="Max is" in sym)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	349	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	350	apply (case_tac "card is \<le> 1")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	351	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	352	apply (drule iseq_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	353	apply (drule_tac i="Suc (Max (is - {Max is}))" and j="Max is" in iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	354	apply (simp add: less_eq_Suc_le [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	355	apply (rule Max_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	356	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	357	apply (drule_tac x="is - {Max is}" in meta_spec,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	358	drule meta_mp, assumption)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	359	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	360	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	361
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	362	lemma longest_iseq3:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	363	"liseq xs j = liseq' xs i \<Longrightarrow> xs i \<le> xs j \<Longrightarrow> i < j \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	364	liseq xs (Suc j) = liseq xs j + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	365	apply (rule_tac xs=xs and i=j in liseq_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	366	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	367	apply (rule_tac xs=xs and i=i in liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	368	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	369	apply (rule_tac js="isa \<union> {j}" in liseq_eq [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	370	apply (simp add: card_insert card_Diff_singleton_if max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	371	apply (rule iseq_insert)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	372	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	373	apply (erule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	374	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	375	apply (case_tac "j = Max js'")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	376	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	377	apply (drule iseq_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	378	apply (drule_tac x="js' - {j}" in meta_spec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	379	apply (drule meta_mp)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	380	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	381	apply (case_tac "card js' \<le> 1")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	382	apply (erule_tac xs=js' in card_leq1_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	383	apply assumption+
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	384	apply (simp add: iseq_trivial)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	385	apply (erule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	386	apply (simp add: less_eq_Suc_le [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	387	apply (rule Max_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	388	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	389	apply (rule le_diff_iff [THEN iffD1, of 1])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	390	apply (simp add: card_0_eq [symmetric] del: card_0_eq)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	391	apply (simp add: card_insert)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	392	apply (subgoal_tac "card (js' - {j}) = card js' - 1")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	393	apply (simp add: card_insert card_Diff_singleton_if max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	394	apply (frule_tac A=js' in Max_in)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	395	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	396	apply (simp add: card_Diff_singleton_if)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	397	apply (drule_tac js=js' in iseq_butlast)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	398	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	399	apply (erule not_sym)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	400	apply (drule_tac x=js' in meta_spec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	401	apply (drule meta_mp)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	402	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	403	apply (simp add: card_insert_disjoint max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	404	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	405
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	406	lemma longest_iseq4:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	407	"liseq xs j = liseq' xs i \<Longrightarrow> xs i \<le> xs j \<Longrightarrow> i < j \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	408	liseq' xs j = liseq' xs i + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	409	apply (rule_tac xs=xs and i=j in liseq_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	410	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	411	apply (rule_tac xs=xs and i=i in liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	412	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	413	apply (rule_tac js="isa \<union> {j}" in liseq'_eq [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	414	apply (simp add: card_insert card_Diff_singleton_if max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	415	apply (rule iseq_insert)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	416	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	417	apply (erule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	418	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	419	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	420	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	421	apply (drule_tac s="Max js'" in sym)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	422	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	423	apply (drule iseq_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	424	apply (drule_tac x="js' - {j}" in meta_spec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	425	apply (drule meta_mp)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	426	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	427	apply (case_tac "card js' \<le> 1")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	428	apply (erule_tac xs=js' in card_leq1_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	429	apply assumption+
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	430	apply (simp add: iseq_trivial)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	431	apply (erule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	432	apply (simp add: less_eq_Suc_le [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	433	apply (rule Max_diff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	434	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	435	apply (rule le_diff_iff [THEN iffD1, of 1])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	436	apply (simp add: card_0_eq [symmetric] del: card_0_eq)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	437	apply (simp add: card_insert)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	438	apply (subgoal_tac "card (js' - {j}) = card js' - 1")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	439	apply (simp add: card_insert card_Diff_singleton_if max_notin)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	440	apply (frule_tac A=js' in Max_in)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	441	apply assumption
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	442	apply (simp add: card_Diff_singleton_if)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	443	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	444
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	445	lemma longest_iseq5: "liseq' xs i \<le> liseq xs i \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	446	liseq xs (Suc i) = liseq xs i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	447	apply (rule_tac i=i and xs=xs in liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	448	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	449	apply (rule_tac xs=xs and i=i in liseq_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	450	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	451	apply (rule liseq_eq [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	452	apply (rule refl)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	453	apply (erule iseq_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	454	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	455	apply (case_tac "Max js' = i")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	456	apply (drule_tac x=js' in meta_spec)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	457	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	458	apply (drule iseq_butlast, assumption, assumption)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	459	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	460	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	461
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	462	lemma liseq_empty: "liseq xs 0 = 0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	463	apply (rule_tac js="{}" in liseq_eq [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	464	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	465	apply (rule iseq_trivial)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	466	apply (simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	467	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	468
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	469	lemma liseq'_singleton: "liseq' xs 0 = 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	470	by (simp add: longest_iseq1 [of _ 0])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	471
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	472	lemma liseq_singleton: "liseq xs (Suc 0) = Suc 0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	473	by (simp add: longest_iseq2' liseq_empty liseq'_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	474
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	475	lemma liseq'_Suc_unfold:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	476	"A j \<le> x \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	477	(insert 0 {liseq' A j' \|j'. j' < Suc j \<and> A j' \<le> x}) =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	478	(insert 0 {liseq' A j' \|j'. j' < j \<and> A j' \<le> x}) \<union>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	479	{liseq' A j}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	480	by (auto simp add: less_Suc_eq)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	481
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	482	lemma liseq'_Suc_unfold':
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	483	"\<not> (A j \<le> x) \<Longrightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	484	{liseq' A j' \|j'. j' < Suc j \<and> A j' \<le> x} =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	485	{liseq' A j' \|j'. j' < j \<and> A j' \<le> x}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	486	by (auto simp add: less_Suc_eq)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	487
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	488	lemma iseq_card_limit:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	489	assumes "is \<in> iseq A i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	490	shows "card is \<le> i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	491	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	492	from assms have "is \<subseteq> {0..<i}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	493	by (auto simp add: iseq_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	494	with finite_atLeastLessThan have "card is \<le> card {0..<i}"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	495	by (rule card_mono)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	496	with card_atLeastLessThan show ?thesis by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	497	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	498
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	499	lemma liseq_limit: "liseq A i \<le> i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	500	by (rule_tac xs=A and i=i in liseq_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	501	(simp add: iseq_card_limit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	502
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	503	lemma liseq'_limit: "liseq' A i \<le> i + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	504	by (rule_tac xs=A and i=i in liseq'_expand)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	505	(simp add: iseq_card_limit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	506
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	507	definition max_ext :: "(nat \<Rightarrow> 'a::linorder) \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> nat" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	508	"max_ext A i j = Max ({0} \<union> {liseq' A j' \|j'. j' < j \<and> A j' \<le> A i})"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	509
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	510	lemma max_ext_limit: "max_ext A i j \<le> j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	511	apply (auto simp add: max_ext_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	512	apply (drule Suc_leI)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	513	apply (cut_tac i=j' and A=A in liseq'_limit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	514	apply simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	515	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	516
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	517
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	518	text {* Proof functions *}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	519
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	520	abbreviation (input)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	521	"arr_conv a \<equiv> (\<lambda>n. a (int n))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	522
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	523	lemma idx_conv_suc:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	524	"0 \<le> i \<Longrightarrow> nat (i + 1) = nat i + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	525	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	526
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	527	abbreviation liseq_ends_at' :: "(int \<Rightarrow> 'a::linorder) \<Rightarrow> int \<Rightarrow> int" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	528	"liseq_ends_at' A i \<equiv> int (liseq' (\<lambda>l. A (int l)) (nat i))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	529
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	530	abbreviation liseq_prfx' :: "(int \<Rightarrow> 'a::linorder) \<Rightarrow> int \<Rightarrow> int" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	531	"liseq_prfx' A i \<equiv> int (liseq (\<lambda>l. A (int l)) (nat i))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	532
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	533	abbreviation max_ext' :: "(int \<Rightarrow> 'a::linorder) \<Rightarrow> int \<Rightarrow> int \<Rightarrow> int" where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	534	"max_ext' A i j \<equiv> int (max_ext (\<lambda>l. A (int l)) (nat i) (nat j))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	535
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	536	spark_proof_functions
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	537	liseq_ends_at = "liseq_ends_at' :: (int \<Rightarrow> int) \<Rightarrow> int \<Rightarrow> int"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	538	liseq_prfx = "liseq_prfx' :: (int \<Rightarrow> int) \<Rightarrow> int \<Rightarrow> int"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	539	max_ext = "max_ext' :: (int \<Rightarrow> int) \<Rightarrow> int \<Rightarrow> int \<Rightarrow> int"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	540
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	541
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	542	text {* The verification conditions *}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	543
56798 939e88e79724 Discontinued old spark_open; spark_open_siv is now spark_open berghofe parents: 44890 diff changeset	544	spark_open "liseq/liseq_length"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	545
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	546	spark_vc procedure_liseq_length_5
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	547	by (simp_all add: liseq_singleton liseq'_singleton)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	548
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	549	spark_vc procedure_liseq_length_6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	550	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	551	from H1 H2 H3 H4
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	552	have eq: "liseq (arr_conv a) (nat i) =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	553	liseq' (arr_conv a) (nat pmax)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	554	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	555	from H14 H3 H4
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	556	have pmax1: "arr_conv a (nat pmax) \<le> arr_conv a (nat i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	557	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	558	from H3 H4 have pmax2: "nat pmax < nat i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	559	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	560	{
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	561	fix i2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	562	assume i2: "0 \<le> i2" "i2 \<le> i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	563	have "(l(i := l pmax + 1)) i2 =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	564	int (liseq' (arr_conv a) (nat i2))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	565	proof (cases "i2 = i")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	566	case True
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	567	from eq pmax1 pmax2 have "liseq' (arr_conv a) (nat i) =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	568	liseq' (arr_conv a) (nat pmax) + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	569	by (rule longest_iseq4)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	570	with True H1 H3 H4 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	571	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	572	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	573	case False
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	574	with H1 i2 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	575	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	576	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	577	}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	578	then show ?C1 by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	579	from eq pmax1 pmax2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	580	have "liseq (arr_conv a) (Suc (nat i)) =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	581	liseq (arr_conv a) (nat i) + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	582	by (rule longest_iseq3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	583	with H2 H3 H4 show ?C2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	584	by (simp add: idx_conv_suc)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	585	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	586
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	587	spark_vc procedure_liseq_length_7
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	588	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	589	from H1 show ?C1
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	590	by (simp add: max_ext_def longest_iseq1 [of _ "nat i"])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	591	from H6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	592	have m: "max_ext (arr_conv a) (nat i) (nat i) + 1 =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	593	liseq' (arr_conv a) (nat i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	594	by (simp add: max_ext_def longest_iseq1 [of _ "nat i"])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	595	with H2 H18
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	596	have gt: "liseq (arr_conv a) (nat i) < liseq' (arr_conv a) (nat i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	597	by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	598	then have "liseq' (arr_conv a) (nat i) = liseq (arr_conv a) (nat i) + 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	599	by (rule longest_iseq2 [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	600	with H2 m show ?C2 by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	601	from gt have "liseq (arr_conv a) (Suc (nat i)) = liseq' (arr_conv a) (nat i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	602	by (rule longest_iseq2')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	603	with m H6 show ?C3 by (simp add: idx_conv_suc)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	604	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	605
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	606	spark_vc procedure_liseq_length_8
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	607	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	608	{
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	609	fix i2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	610	assume i2: "0 \<le> i2" "i2 \<le> i"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	611	have "(l(i := max_ext' a i i + 1)) i2 =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	612	int (liseq' (arr_conv a) (nat i2))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	613	proof (cases "i2 = i")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	614	case True
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	615	with H1 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	616	by (simp add: max_ext_def longest_iseq1 [of _ "nat i"])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	617	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	618	case False
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	619	with H1 i2 show ?thesis by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	620	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	621	}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	622	then show ?C1 by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	623	from H2 H6 H18
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	624	have "liseq' (arr_conv a) (nat i) \<le> liseq (arr_conv a) (nat i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	625	by (simp add: max_ext_def longest_iseq1 [of _ "nat i"])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	626	then have "liseq (arr_conv a) (Suc (nat i)) = liseq (arr_conv a) (nat i)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	627	by (rule longest_iseq5)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	628	with H2 H6 show ?C2 by (simp add: idx_conv_suc)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	629	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	630
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	631	spark_vc procedure_liseq_length_12
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	632	by (simp add: max_ext_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	633
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	634	spark_vc procedure_liseq_length_13
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	635	using H1 H6 H13 H21 H22
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	636	by (simp add: max_ext_def
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	637	idx_conv_suc liseq'_Suc_unfold max_def del: Max_less_iff)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	638
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	639	spark_vc procedure_liseq_length_14
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	640	using H1 H6 H13 H21
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	641	by (cases "a j \<le> a i")
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	642	(simp_all add: max_ext_def
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	643	idx_conv_suc liseq'_Suc_unfold liseq'_Suc_unfold')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	644
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	645	spark_vc procedure_liseq_length_19
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	646	using H3 H4 H5 H8 H9
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	647	apply (rule_tac y="int (nat i)" in order_trans)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	648	apply (cut_tac A="arr_conv a" and i="nat i" and j="nat i" in max_ext_limit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	649	apply simp_all
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	650	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	651
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	652	spark_vc procedure_liseq_length_23
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	653	using H2 H3 H4 H7 H8 H11
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	654	apply (rule_tac y="int (nat i)" in order_trans)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	655	apply (cut_tac A="arr_conv a" and i="nat i" in liseq_limit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	656	apply simp_all
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	657	done
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	658
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	659	spark_vc procedure_liseq_length_29
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	660	using H2 H3 H8 H13
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	661	by (simp add: add1_zle_eq [symmetric])
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	662
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	663	spark_end
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	664
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	665	end

author	berghofe
	Wed, 30 Apr 2014 15:43:44 +0200
changeset 56798	939e88e79724
parent 44890	22f665a2e91c
child 58130	5e9170812356
permissions	-rw-r--r--