| 33192 |      1 | (*  Title:      HOL/Nitpick.thy
 | 
|  |      2 |     Author:     Jasmin Blanchette, TU Muenchen
 | 
|  |      3 |     Copyright   2008, 2009
 | 
|  |      4 | 
 | 
|  |      5 | Nitpick: Yet another counterexample generator for Isabelle/HOL.
 | 
|  |      6 | *)
 | 
|  |      7 | 
 | 
|  |      8 | header {* Nitpick: Yet Another Counterexample Generator for Isabelle/HOL *}
 | 
|  |      9 | 
 | 
|  |     10 | theory Nitpick
 | 
|  |     11 | imports Map SAT
 | 
|  |     12 | uses ("Tools/Nitpick/kodkod.ML")
 | 
|  |     13 |      ("Tools/Nitpick/kodkod_sat.ML")
 | 
|  |     14 |      ("Tools/Nitpick/nitpick_util.ML")
 | 
|  |     15 |      ("Tools/Nitpick/nitpick_hol.ML")
 | 
|  |     16 |      ("Tools/Nitpick/nitpick_mono.ML")
 | 
|  |     17 |      ("Tools/Nitpick/nitpick_scope.ML")
 | 
|  |     18 |      ("Tools/Nitpick/nitpick_peephole.ML")
 | 
|  |     19 |      ("Tools/Nitpick/nitpick_rep.ML")
 | 
|  |     20 |      ("Tools/Nitpick/nitpick_nut.ML")
 | 
|  |     21 |      ("Tools/Nitpick/nitpick_kodkod.ML")
 | 
|  |     22 |      ("Tools/Nitpick/nitpick_model.ML")
 | 
|  |     23 |      ("Tools/Nitpick/nitpick.ML")
 | 
|  |     24 |      ("Tools/Nitpick/nitpick_isar.ML")
 | 
|  |     25 |      ("Tools/Nitpick/nitpick_tests.ML")
 | 
|  |     26 |      ("Tools/Nitpick/minipick.ML")
 | 
|  |     27 | begin
 | 
|  |     28 | 
 | 
|  |     29 | typedecl bisim_iterator
 | 
|  |     30 | 
 | 
|  |     31 | axiomatization unknown :: 'a
 | 
|  |     32 |            and undefined_fast_The :: 'a
 | 
|  |     33 |            and undefined_fast_Eps :: 'a
 | 
|  |     34 |            and bisim :: "bisim_iterator \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> bool"
 | 
|  |     35 |            and bisim_iterator_max :: bisim_iterator
 | 
|  |     36 |            and Tha :: "('a \<Rightarrow> bool) \<Rightarrow> 'a"
 | 
|  |     37 | 
 | 
|  |     38 | datatype ('a, 'b) pair_box = PairBox 'a 'b
 | 
|  |     39 | datatype ('a, 'b) fun_box = FunBox "'a \<Rightarrow> 'b"
 | 
|  |     40 | 
 | 
|  |     41 | text {*
 | 
|  |     42 | Alternative definitions.
 | 
|  |     43 | *}
 | 
|  |     44 | 
 | 
|  |     45 | lemma If_def [nitpick_def]:
 | 
|  |     46 | "(if P then Q else R) \<equiv> (P \<longrightarrow> Q) \<and> (\<not> P \<longrightarrow> R)"
 | 
|  |     47 | by (rule eq_reflection) (rule if_bool_eq_conj)
 | 
|  |     48 | 
 | 
|  |     49 | lemma Ex1_def [nitpick_def]:
 | 
|  |     50 | "Ex1 P \<equiv> \<exists>x. P = {x}"
 | 
|  |     51 | apply (rule eq_reflection)
 | 
|  |     52 | apply (simp add: Ex1_def expand_set_eq)
 | 
|  |     53 | apply (rule iffI)
 | 
|  |     54 |  apply (erule exE)
 | 
|  |     55 |  apply (erule conjE)
 | 
|  |     56 |  apply (rule_tac x = x in exI)
 | 
|  |     57 |  apply (rule allI)
 | 
|  |     58 |  apply (rename_tac y)
 | 
|  |     59 |  apply (erule_tac x = y in allE)
 | 
|  |     60 | by (auto simp: mem_def)
 | 
|  |     61 | 
 | 
|  |     62 | lemma rtrancl_def [nitpick_def]: "r\<^sup>* \<equiv> (r\<^sup>+)\<^sup>="
 | 
|  |     63 | by simp
 | 
|  |     64 | 
 | 
|  |     65 | lemma rtranclp_def [nitpick_def]:
 | 
|  |     66 | "rtranclp r a b \<equiv> (a = b \<or> tranclp r a b)"
 | 
|  |     67 | by (rule eq_reflection) (auto dest: rtranclpD)
 | 
|  |     68 | 
 | 
|  |     69 | lemma tranclp_def [nitpick_def]:
 | 
|  |     70 | "tranclp r a b \<equiv> trancl (split r) (a, b)"
 | 
|  |     71 | by (simp add: trancl_def Collect_def mem_def)
 | 
|  |     72 | 
 | 
|  |     73 | definition refl' :: "('a \<times> 'a \<Rightarrow> bool) \<Rightarrow> bool" where
 | 
|  |     74 | "refl' r \<equiv> \<forall>x. (x, x) \<in> r"
 | 
|  |     75 | 
 | 
|  |     76 | definition wf' :: "('a \<times> 'a \<Rightarrow> bool) \<Rightarrow> bool" where
 | 
|  |     77 | "wf' r \<equiv> acyclic r \<and> (finite r \<or> unknown)"
 | 
|  |     78 | 
 | 
|  |     79 | axiomatization wf_wfrec :: "('a \<times> 'a \<Rightarrow> bool) \<Rightarrow> (('a \<Rightarrow> 'b) \<Rightarrow> 'a \<Rightarrow> 'b) \<Rightarrow> 'a \<Rightarrow> 'b"
 | 
|  |     80 | 
 | 
|  |     81 | definition wf_wfrec' :: "('a \<times> 'a \<Rightarrow> bool) \<Rightarrow> (('a \<Rightarrow> 'b) \<Rightarrow> 'a \<Rightarrow> 'b) \<Rightarrow> 'a \<Rightarrow> 'b" where
 | 
|  |     82 | [nitpick_simp]: "wf_wfrec' R F x = F (Recdef.cut (wf_wfrec R F) R x) x"
 | 
|  |     83 | 
 | 
|  |     84 | definition wfrec' ::  "('a \<times> 'a \<Rightarrow> bool) \<Rightarrow> (('a \<Rightarrow> 'b) \<Rightarrow> 'a \<Rightarrow> 'b) \<Rightarrow> 'a \<Rightarrow> 'b" where
 | 
|  |     85 | "wfrec' R F x \<equiv> if wf R then wf_wfrec' R F x
 | 
|  |     86 |                 else THE y. wfrec_rel R (%f x. F (Recdef.cut f R x) x) x y"
 | 
|  |     87 | 
 | 
|  |     88 | definition card' :: "('a \<Rightarrow> bool) \<Rightarrow> nat" where
 | 
|  |     89 | "card' X \<equiv> length (SOME xs. set xs = X \<and> distinct xs)"
 | 
|  |     90 | 
 | 
|  |     91 | definition setsum' :: "('a \<Rightarrow> 'b\<Colon>comm_monoid_add) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> 'b" where
 | 
|  |     92 | "setsum' f A \<equiv> if finite A then listsum (map f (SOME xs. set xs = A \<and> distinct xs)) else 0"
 | 
|  |     93 | 
 | 
|  |     94 | inductive fold_graph' :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'b \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> 'b \<Rightarrow> bool" where
 | 
|  |     95 | "fold_graph' f z {} z" |
 | 
|  |     96 | "\<lbrakk>x \<in> A; fold_graph' f z (A - {x}) y\<rbrakk> \<Longrightarrow> fold_graph' f z A (f x y)"
 | 
|  |     97 | 
 | 
|  |     98 | text {*
 | 
|  |     99 | The following lemmas are not strictly necessary but they help the
 | 
|  |    100 | \textit{special\_level} optimization.
 | 
|  |    101 | *}
 | 
|  |    102 | 
 | 
|  |    103 | lemma The_psimp [nitpick_psimp]:
 | 
|  |    104 | "P = {x} \<Longrightarrow> The P = x"
 | 
|  |    105 | by (subgoal_tac "{x} = (\<lambda>y. y = x)") (auto simp: mem_def)
 | 
|  |    106 | 
 | 
|  |    107 | lemma Eps_psimp [nitpick_psimp]:
 | 
|  |    108 | "\<lbrakk>P x; \<not> P y; Eps P = y\<rbrakk> \<Longrightarrow> Eps P = x"
 | 
|  |    109 | apply (case_tac "P (Eps P)")
 | 
|  |    110 |  apply auto
 | 
|  |    111 | apply (erule contrapos_np)
 | 
|  |    112 | by (rule someI)
 | 
|  |    113 | 
 | 
|  |    114 | lemma unit_case_def [nitpick_def]:
 | 
|  |    115 | "unit_case x u \<equiv> x"
 | 
|  |    116 | apply (subgoal_tac "u = ()")
 | 
|  |    117 |  apply (simp only: unit.cases)
 | 
|  |    118 | by simp
 | 
|  |    119 | 
 | 
|  |    120 | lemma nat_case_def [nitpick_def]:
 | 
|  |    121 | "nat_case x f n \<equiv> if n = 0 then x else f (n - 1)"
 | 
|  |    122 | apply (rule eq_reflection)
 | 
|  |    123 | by (case_tac n) auto
 | 
|  |    124 | 
 | 
|  |    125 | lemmas dvd_def = dvd_eq_mod_eq_0 [THEN eq_reflection, nitpick_def]
 | 
|  |    126 | 
 | 
|  |    127 | lemma list_size_simp [nitpick_simp]:
 | 
|  |    128 | "list_size f xs = (if xs = [] then 0
 | 
|  |    129 |                    else Suc (f (hd xs) + list_size f (tl xs)))"
 | 
|  |    130 | "size xs = (if xs = [] then 0 else Suc (size (tl xs)))"
 | 
|  |    131 | by (case_tac xs) auto
 | 
|  |    132 | 
 | 
|  |    133 | text {*
 | 
|  |    134 | Auxiliary definitions used to provide an alternative representation for
 | 
|  |    135 | @{text rat} and @{text real}.
 | 
|  |    136 | *}
 | 
|  |    137 | 
 | 
|  |    138 | function nat_gcd :: "nat \<Rightarrow> nat \<Rightarrow> nat" where
 | 
|  |    139 | [simp del]: "nat_gcd x y = (if y = 0 then x else nat_gcd y (x mod y))"
 | 
|  |    140 | by auto
 | 
|  |    141 | termination
 | 
|  |    142 | apply (relation "measure (\<lambda>(x, y). x + y + (if y > x then 1 else 0))")
 | 
|  |    143 |  apply auto
 | 
|  |    144 |  apply (metis mod_less_divisor xt1(9))
 | 
|  |    145 | by (metis mod_mod_trivial mod_self nat_neq_iff xt1(10))
 | 
|  |    146 | 
 | 
|  |    147 | definition nat_lcm :: "nat \<Rightarrow> nat \<Rightarrow> nat" where
 | 
|  |    148 | "nat_lcm x y = x * y div (nat_gcd x y)"
 | 
|  |    149 | 
 | 
|  |    150 | definition int_gcd :: "int \<Rightarrow> int \<Rightarrow> int" where
 | 
|  |    151 | "int_gcd x y = int (nat_gcd (nat (abs x)) (nat (abs y)))"
 | 
|  |    152 | 
 | 
|  |    153 | definition int_lcm :: "int \<Rightarrow> int \<Rightarrow> int" where
 | 
|  |    154 | "int_lcm x y = int (nat_lcm (nat (abs x)) (nat (abs y)))"
 | 
|  |    155 | 
 | 
|  |    156 | definition Frac :: "int \<times> int \<Rightarrow> bool" where
 | 
|  |    157 | "Frac \<equiv> \<lambda>(a, b). b > 0 \<and> int_gcd a b = 1"
 | 
|  |    158 | 
 | 
|  |    159 | axiomatization Abs_Frac :: "int \<times> int \<Rightarrow> 'a"
 | 
|  |    160 |            and Rep_Frac :: "'a \<Rightarrow> int \<times> int"
 | 
|  |    161 | 
 | 
|  |    162 | definition zero_frac :: 'a where
 | 
|  |    163 | "zero_frac \<equiv> Abs_Frac (0, 1)"
 | 
|  |    164 | 
 | 
|  |    165 | definition one_frac :: 'a where
 | 
|  |    166 | "one_frac \<equiv> Abs_Frac (1, 1)"
 | 
|  |    167 | 
 | 
|  |    168 | definition num :: "'a \<Rightarrow> int" where
 | 
|  |    169 | "num \<equiv> fst o Rep_Frac"
 | 
|  |    170 | 
 | 
|  |    171 | definition denom :: "'a \<Rightarrow> int" where
 | 
|  |    172 | "denom \<equiv> snd o Rep_Frac"
 | 
|  |    173 | 
 | 
|  |    174 | function norm_frac :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
 | 
|  |    175 | [simp del]: "norm_frac a b = (if b < 0 then norm_frac (- a) (- b)
 | 
|  |    176 |                               else if a = 0 \<or> b = 0 then (0, 1)
 | 
|  |    177 |                               else let c = int_gcd a b in (a div c, b div c))"
 | 
|  |    178 | by pat_completeness auto
 | 
|  |    179 | termination by (relation "measure (\<lambda>(_, b). if b < 0 then 1 else 0)") auto
 | 
|  |    180 | 
 | 
|  |    181 | definition frac :: "int \<Rightarrow> int \<Rightarrow> 'a" where
 | 
|  |    182 | "frac a b \<equiv> Abs_Frac (norm_frac a b)"
 | 
|  |    183 | 
 | 
|  |    184 | definition plus_frac :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" where
 | 
|  |    185 | [nitpick_simp]:
 | 
|  |    186 | "plus_frac q r = (let d = int_lcm (denom q) (denom r) in
 | 
|  |    187 |                     frac (num q * (d div denom q) + num r * (d div denom r)) d)"
 | 
|  |    188 | 
 | 
|  |    189 | definition times_frac :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" where
 | 
|  |    190 | [nitpick_simp]:
 | 
|  |    191 | "times_frac q r = frac (num q * num r) (denom q * denom r)"
 | 
|  |    192 | 
 | 
|  |    193 | definition uminus_frac :: "'a \<Rightarrow> 'a" where
 | 
|  |    194 | "uminus_frac q \<equiv> Abs_Frac (- num q, denom q)"
 | 
|  |    195 | 
 | 
|  |    196 | definition number_of_frac :: "int \<Rightarrow> 'a" where
 | 
|  |    197 | "number_of_frac n \<equiv> Abs_Frac (n, 1)"
 | 
|  |    198 | 
 | 
|  |    199 | definition inverse_frac :: "'a \<Rightarrow> 'a" where
 | 
|  |    200 | "inverse_frac q \<equiv> frac (denom q) (num q)"
 | 
|  |    201 | 
 | 
|  |    202 | definition less_eq_frac :: "'a \<Rightarrow> 'a \<Rightarrow> bool" where
 | 
|  |    203 | [nitpick_simp]:
 | 
|  |    204 | "less_eq_frac q r \<longleftrightarrow> num (plus_frac q (uminus_frac r)) \<le> 0"
 | 
|  |    205 | 
 | 
|  |    206 | definition of_frac :: "'a \<Rightarrow> 'b\<Colon>{inverse,ring_1}" where
 | 
|  |    207 | "of_frac q \<equiv> of_int (num q) / of_int (denom q)"
 | 
|  |    208 | 
 | 
|  |    209 | use "Tools/Nitpick/kodkod.ML"
 | 
|  |    210 | use "Tools/Nitpick/kodkod_sat.ML"
 | 
|  |    211 | use "Tools/Nitpick/nitpick_util.ML"
 | 
|  |    212 | use "Tools/Nitpick/nitpick_hol.ML"
 | 
|  |    213 | use "Tools/Nitpick/nitpick_mono.ML"
 | 
|  |    214 | use "Tools/Nitpick/nitpick_scope.ML"
 | 
|  |    215 | use "Tools/Nitpick/nitpick_peephole.ML"
 | 
|  |    216 | use "Tools/Nitpick/nitpick_rep.ML"
 | 
|  |    217 | use "Tools/Nitpick/nitpick_nut.ML"
 | 
|  |    218 | use "Tools/Nitpick/nitpick_kodkod.ML"
 | 
|  |    219 | use "Tools/Nitpick/nitpick_model.ML"
 | 
|  |    220 | use "Tools/Nitpick/nitpick.ML"
 | 
|  |    221 | use "Tools/Nitpick/nitpick_isar.ML"
 | 
|  |    222 | use "Tools/Nitpick/nitpick_tests.ML"
 | 
|  |    223 | use "Tools/Nitpick/minipick.ML"
 | 
|  |    224 | 
 | 
|  |    225 | hide (open) const unknown undefined_fast_The undefined_fast_Eps bisim 
 | 
|  |    226 |     bisim_iterator_max Tha refl' wf' wf_wfrec wf_wfrec' wfrec' card' setsum'
 | 
|  |    227 |     fold_graph' nat_gcd nat_lcm int_gcd int_lcm Frac Abs_Frac Rep_Frac zero_frac
 | 
|  |    228 |     one_frac num denom norm_frac frac plus_frac times_frac uminus_frac
 | 
|  |    229 |     number_of_frac inverse_frac less_eq_frac of_frac
 | 
|  |    230 | hide (open) type bisim_iterator pair_box fun_box
 | 
|  |    231 | hide (open) fact If_def Ex1_def rtrancl_def rtranclp_def tranclp_def refl'_def
 | 
|  |    232 |     wf'_def wf_wfrec'_def wfrec'_def card'_def setsum'_def fold_graph'_def
 | 
|  |    233 |     The_psimp Eps_psimp unit_case_def nat_case_def dvd_def list_size_simp
 | 
|  |    234 |     nat_gcd_def nat_lcm_def int_gcd_def int_lcm_def Frac_def zero_frac_def
 | 
|  |    235 |     one_frac_def num_def denom_def norm_frac_def frac_def plus_frac_def
 | 
|  |    236 |     times_frac_def uminus_frac_def number_of_frac_def inverse_frac_def
 | 
|  |    237 |     less_eq_frac_def of_frac_def
 | 
|  |    238 | 
 | 
|  |    239 | end
 |