(* Title: Provers/hypsubst.ML 
2 
Authors: Martin D Coen, Tobias Nipkow and Lawrence C Paulson 

1011
3 
Copyright 1995 University of Cambridge 
4 

48107
5 
Basic equational reasoning: hyp_subst_tac and methods "hypsubst", "simplesubst". 
9628  6 

7 
Tactic to substitute using (at least) the assumption x=t in the rest 

8 
of the subgoal, and to delete (at least) that assumption. Original 

9 
version due to Martin Coen. 

10 

11 
This version uses the simplifier, and requires it to be already present. 
12 

13 
Test data: 
0  14 

9532  15 
Goal "!!x.[ Q(x,y,z); y=x; a=x; z=y; P(y) ] ==> P(z)"; 
16 
Goal "!!x.[ Q(x,y,z); z=f(x); x=z ] ==> P(z)"; 

17 
Goal "!!y. [ ?x=y; P(?x) ] ==> y = a"; 

18 
Goal "!!z. [ ?x=y; P(?x) ] ==> y = a"; 

19 

20 
Goal "!!x a. [ x = f(b); g(a) = b ] ==> P(x)"; 
21 

22 
by (bound_hyp_subst_tac 1); 
23 
by (hyp_subst_tac 1); 
24 

25 
Here hyp_subst_tac goes wrong; harder still to prove P(f(f(a))) & P(f(a)) 
9532  26 
Goal "P(a) > (EX y. a=y > P(f(a)))"; 
27 

9532  28 
Goal "!!x. [ Q(x,h1); P(a,h2); R(x,y,h3); R(y,z,h4); x=f(y); \ 
29 
\ P(x,h5); P(y,h6); K(x,h7) ] ==> Q(x,c)"; 
23908  30 
by (blast_hyp_subst_tac true 1); 
0  31 
*) 
32 

33 
signature HYPSUBST_DATA = 

21221  34 
sig 
35 
val dest_Trueprop : term > term 
21221  36 
val dest_eq : term > term * term 
20974  37 
val dest_imp : term > term * term 
9532  38 
val eq_reflection : thm (* a=b ==> a==b *) 
39 
val rev_eq_reflection: thm (* a==b ==> a=b *) 

40 
val imp_intr : thm (* (P ==> Q) ==> P>Q *) 

41 
val rev_mp : thm (* [ P; P>Q ] ==> Q *) 

42 
val subst : thm (* [ a=b; P(a) ] ==> P(b) *) 

43 
val sym : thm (* a=b ==> b=a *) 

4223  44 
val thin_refl : thm (* [x=x; PROP W] ==> PROP W *) 
21221  45 
end; 
46 

0  47 
signature HYPSUBST = 
21221  48 
sig 
51798  49 
val bound_hyp_subst_tac : Proof.context > int > tactic 
57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

50 
val hyp_subst_tac_thin : bool > Proof.context > int > tactic 
57509  51 
val hyp_subst_thin : bool Config.T 
51798  52 
val hyp_subst_tac : Proof.context > int > tactic 
23908  53 
val blast_hyp_subst_tac : bool > int > tactic 
20945  54 
val stac : thm > int > tactic 
18708  55 
val hypsubst_setup : theory > theory 
21221  56 
end; 
57 

42799  58 
functor Hypsubst(Data: HYPSUBST_DATA): HYPSUBST = 
0  59 
struct 
60 

61 
exception EQ_VAR; 

62 

16979  63 
(*Simplifier turns Bound variables to special Free variables: 
64 
change it back (any Bound variable will do)*) 

65 
fun contract t = 
26833
7c3757fccf0e
Added function for computing instantiation for the subst rule, which is used
berghofe
parents:
23908
diff
changeset

66 
(case Envir.eta_contract t of 
20074  67 
Free (a, T) => if Name.is_bound a then Bound 0 else Free (a, T) 
16979  68 
 t' => t'); 
1011
5c9654e2e3de
Recoded with help from Toby to use rewriting instead of the
lcp
parents:
704
diff
changeset

69 

21221  70 
val has_vars = Term.exists_subterm Term.is_Var; 
71 
val has_tvars = Term.exists_type (Term.exists_subtype Term.is_TVar); 

72 

73 
(*If novars then we forbid Vars in the equality. 
16979  74 
If bnd then we only look for Bound variables to eliminate. 
75 
When can we safely delete the equality? 
76 
Not if it equates two constants; consider 0=1. 
77 
Not if it resembles x=t[x], since substitution does not eliminate x. 
4299  78 
Not if it resembles ?x=0; consider ?x=0 ==> ?x=1 or even ?x=0 ==> P 
9532  79 
Not if it involves a variable free in the premises, 
80 
but we can't check for this  hence bnd and bound_hyp_subst_tac 
81 
Prefer to eliminate Bound variables if possible. 
82 
Result: true = use as is, false = reorient first 
83 
also returns var to substitute, relevant if it is Free *) 
21221  84 
fun inspect_pair bnd novars (t, u) = 
85 
if novars andalso (has_tvars t orelse has_tvars u) 

86 
then raise Match (*variables in the type!*) 
87 
else 
42082  88 
(case (contract t, contract u) of 
89 
(Bound i, _) => 

90 
if loose_bvar1 (u, i) orelse novars andalso has_vars u 

91 
then raise Match 

92 
else (true, Bound i) (*eliminates t*) 
42082  93 
 (_, Bound i) => 
94 
if loose_bvar1 (t, i) orelse novars andalso has_vars t 

95 
then raise Match 

96 
else (false, Bound i) (*eliminates u*) 
42082  97 
 (t' as Free _, _) => 
98 
if bnd orelse Logic.occs (t', u) orelse novars andalso has_vars u 

99 
then raise Match 

100 
else (true, t') (*eliminates t*) 
42082  101 
 (_, u' as Free _) => 
102 
if bnd orelse Logic.occs (u', t) orelse novars andalso has_vars t 

103 
then raise Match 

104 
else (false, u') (*eliminates u*) 
42082  105 
 _ => raise Match); 
0  106 

680
f9e24455bbd1
Provers/hypsubst: greatly simplified! No longer simulates a
lcp
parents:
646
diff
changeset

107 
(*Locates a substitutable variable on the left (resp. right) of an equality 
108 
assumption. Returns the number of intervening assumptions. *) 
109 
fun eq_var bnd novars check_frees t = 
110 
let 
111 
fun check_free ts (orient, Free f) 
112 
= if not check_frees orelse not orient 
113 
orelse exists (curry Logic.occs (Free f)) ts 
114 
then (orient, true) else raise Match 
115 
 check_free ts (orient, _) = (orient, false) 
116 
fun eq_var_aux k (Const(@{const_name Pure.all},_) $ Abs(_,_,t)) hs = eq_var_aux k t hs 
117 
 eq_var_aux k (Const(@{const_name Pure.imp},_) $ A $ B) hs = 
118 
((k, check_free (B :: hs) (inspect_pair bnd novars 
119 
(Data.dest_eq (Data.dest_Trueprop A)))) 
120 
handle TERM _ => eq_var_aux (k+1) B (A :: hs) 
121 
 Match => eq_var_aux (k+1) B (A :: hs)) 
122 
 eq_var_aux k _ _ = raise EQ_VAR 
123 

124 
in eq_var_aux 0 t [] end; 
125 

74bf65a1910a
126 
val thin_free_eq_tac = SUBGOAL (fn (t, i) => let 
127 
val (k, _) = eq_var false false false t 
128 
val ok = (eq_var false false true t > fst) > k 
129 
handle EQ_VAR => true 
130 
in if ok then EVERY [rotate_tac k i, etac thin_rl i, rotate_tac (~k) i] 
131 
else no_tac 
132 
end handle EQ_VAR => no_tac) 
0  133 

134 
(*For the simpset. Adds ALL suitable equalities, even if not first! 
135 
No vars are allowed here, as simpsets are built from metaassumptions*) 
136 
fun mk_eqs bnd th = 
137 
[ if inspect_pair bnd false (Data.dest_eq (Data.dest_Trueprop (Thm.prop_of th))) > fst 
138 
then th RS Data.eq_reflection 
36945  139 
else Thm.symmetric(th RS Data.eq_reflection) (*reorient*) ] 
21227  140 
handle TERM _ => []  Match => []; 
141 

57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

142 
fun bool2s true = "true"  bool2s false = "false" 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

143 

17896  144 
local 
145 
in 
146 

147 
(*Select a suitable equality assumption; substitute throughout the subgoal 
148 
If bnd is true, then it replaces Bound variables only. *) 
51798  149 
fun gen_hyp_subst_tac ctxt bnd = 
57492
150 
SUBGOAL (fn (Bi, i) => 
152 
val (k, (orient, is_free)) = eq_var bnd true true Bi 
153 
val hyp_subst_ctxt = empty_simpset ctxt > Simplifier.set_mksimps (K (mk_eqs bnd)) 
9e7d1c139569
simplifier uses proper Proof.context instead of historic type simpset;
wenzelm
parents:
50035
diff
changeset

154 
in EVERY [rotate_tac k i, asm_lr_simp_tac hyp_subst_ctxt i, 
57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

155 
if not is_free then etac thin_rl i 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

156 
else if orient then etac Data.rev_mp i 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

157 
else etac (Data.sym RS Data.rev_mp) i, 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

158 
rotate_tac (~k) i, 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

159 
if is_free then rtac Data.imp_intr i else all_tac] 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

160 
161 

162 
end; 
163 

164 
val ssubst = Drule.zero_var_indexes (Data.sym RS Data.subst); 
165 

166 
fun inst_subst_tac b rl = CSUBGOAL (fn (cBi, i) => 
167 
case try (Logic.strip_assums_hyp #> hd #> 
168 
Data.dest_Trueprop #> Data.dest_eq #> pairself contract) (Thm.term_of cBi) of 
169 
SOME (t, t') => 
170 
let 
171 
val Bi = Thm.term_of cBi; 
172 
val ps = Logic.strip_params Bi; 
173 
val U = Term.fastype_of1 (rev (map snd ps), t); 
174 
val Q = Data.dest_Trueprop (Logic.strip_assums_concl Bi); 
175 
val rl' = Thm.lift_rule cBi rl; 
val Var (ixn, T) = Term.head_of (Data.dest_Trueprop 
(Logic.strip_assums_concl (Thm.prop_of rl'))); 
26833
178 
val (v1, v2) = Data.dest_eq (Data.dest_Trueprop 
179 
(Logic.strip_assums_concl (hd (Thm.prems_of rl')))); 
180 
val (Ts, V) = split_last (Term.binder_types T); 
181 
val u = 
182 
fold_rev Term.abs (ps @ [("x", U)]) 
183 
(case (if b then t else t') of 
184 
Bound j => subst_bounds (map Bound ((1 upto j) @ 0 :: (j + 2 upto length ps)), Q) 
185 
 t => Term.abstract_over (t, Term.incr_boundvars 1 Q)); 
186 
val thy = Thm.theory_of_thm rl'; 
187 
val (instT, _) = Thm.match (pairself (cterm_of thy o Logic.mk_type) (V, U)); 
188 
in 
189 
compose_tac (true, Drule.instantiate_normalize (instT, 
190 
map (pairself (cterm_of thy)) 
191 
[(Var (ixn, Ts > U > body_type T), u), 
192 
(Var (fst (dest_Var (head_of v1)), Ts > U), fold_rev Term.abs ps t), 
193 
(Var (fst (dest_Var (head_of v2)), Ts > U), fold_rev Term.abs ps t')]) rl', 
194 
nprems_of rl) i 
195 
end 
196 
 NONE => no_tac); 
197 

4466
198 
val imp_intr_tac = rtac Data.imp_intr; 
199 

57492
200 
fun rev_dup_elim th = (th RSN (2, revcut_rl)) > Thm.assumption 2 > Seq.hd; 
201 
val dup_subst = rev_dup_elim ssubst 
202 

26833
203 
(* FIXME: "etac Data.rev_mp i" will not behave as expected if goal has *) 
204 
(* premises containing metaimplications or quantifiers *) 
205 

1011
206 
(*Old version of the tactic above  slower but the only way 
207 
to handle equalities containing Vars.*) 
3537  208 
fun vars_gen_hyp_subst_tac bnd = SUBGOAL(fn (Bi,i) => 
209 
let val n = length(Logic.strip_assums_hyp Bi)  1 

57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

210 
val (k, (orient, is_free)) = eq_var bnd false true Bi 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

211 
val rl = if is_free then dup_subst else ssubst 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

212 
val rl = if orient then rl else Data.sym RS rl 
9532  213 
in 
214 
DETERM 

4466
305390f23734
215 
(EVERY [REPEAT_DETERM_N k (etac Data.rev_mp i), 
9532  216 
rotate_tac 1 i, 
217 
REPEAT_DETERM_N (nk) (etac Data.rev_mp i), 

57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

218 
inst_subst_tac orient rl i, 
9532  219 
REPEAT_DETERM_N n (imp_intr_tac i THEN rotate_tac ~1 i)]) 
0  220 
end 
3537  221 
handle THM _ => no_tac  EQ_VAR => no_tac); 
0  222 

57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

223 
(*Substitutes for Free or Bound variables, 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

224 
discarding equalities on Bound variables 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

225 
and on Free variables if thin=true*) 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

226 
fun hyp_subst_tac_thin thin ctxt = 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

227 
REPEAT_DETERM1 o FIRST' [ematch_tac [Data.thin_refl], 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

228 
gen_hyp_subst_tac ctxt false, vars_gen_hyp_subst_tac false, 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

229 
if thin then thin_free_eq_tac else K no_tac]; 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

230 

57509  231 
val (hyp_subst_thin, hyp_subst_thin_setup) = Attrib.config_bool 
57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

232 
@{binding hypsubst_thin} (K false); 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

233 

74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

234 
fun hyp_subst_tac ctxt = hyp_subst_tac_thin 
57509  235 
(Config.get ctxt hyp_subst_thin) ctxt 
0  236 

237 
(*Substitutes for Bound variables only  this is always safe*) 

51798  238 
fun bound_hyp_subst_tac ctxt = 
57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

239 
REPEAT_DETERM1 o (gen_hyp_subst_tac ctxt true 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

240 
ORELSE' vars_gen_hyp_subst_tac true); 
4466
243 
moved to the front. Defect: even trivial changes are noticed, such as 
244 
substitutions in the arguments of a function Var. **) 
245 

305390f23734
246 
(*final rereversal of the changed assumptions*) 
305390f23734
247 
fun reverse_n_tac 0 i = all_tac 
305390f23734
248 
 reverse_n_tac 1 i = rotate_tac ~1 i 
9532  249 
 reverse_n_tac n i = 
4466
250 
REPEAT_DETERM_N n (rotate_tac ~1 i THEN etac Data.rev_mp i) THEN 
251 
REPEAT_DETERM_N n (imp_intr_tac i THEN rotate_tac ~1 i); 
252 

305390f23734
253 
(*Use imp_intr, comparing the old hyps with the new ones as they come out.*) 
9532  254 
fun all_imp_intr_tac hyps i = 
42364  255 
let 
256 
fun imptac (r, []) st = reverse_n_tac r i st 

257 
 imptac (r, hyp::hyps) st = 

258 
let 

259 
val (hyp', _) = 

42366
2305c70ec9b1
more direct Thm.cprem_of (with exception THM instead of Subscript);
wenzelm
parents:
42364
diff
changeset

260 
term_of (Thm.cprem_of st i) 
42364  261 
> Logic.strip_assums_concl 
262 
> Data.dest_Trueprop > Data.dest_imp; 

263 
val (r', tac) = 

52131  264 
if Envir.aeconv (hyp, hyp') 
42364  265 
then (r, imp_intr_tac i THEN rotate_tac ~1 i) 
266 
else (*leave affected hyps at end*) (r + 1, imp_intr_tac i); 

267 
in 

268 
(case Seq.pull (tac st) of 

269 
NONE => Seq.single st 

270 
 SOME (st', _) => imptac (r', hyps) st') 

271 
end 

272 
in imptac (0, rev hyps) end; 

4466
273 

305390f23734
274 

305390f23734
275 
fun blast_hyp_subst_tac trace = SUBGOAL(fn (Bi,i) => 
57492
276 
let val (k, (symopt, _)) = eq_var false false false Bi 
9532  277 
val hyps0 = map Data.dest_Trueprop (Logic.strip_assums_hyp Bi) 
4466
278 
(*omit selected equality, returning other hyps*) 
9532  279 
val hyps = List.take(hyps0, k) @ List.drop(hyps0, k+1) 
280 
val n = length hyps 

281 
in 

23908  282 
if trace then tracing "Substituting an equality" else (); 
9532  283 
DETERM 
4466
284 
(EVERY [REPEAT_DETERM_N k (etac Data.rev_mp i), 
9532  285 
rotate_tac 1 i, 
286 
REPEAT_DETERM_N (nk) (etac Data.rev_mp i), 

26833
287 
inst_subst_tac symopt (if symopt then ssubst else Data.subst) i, 
9532  288 
all_imp_intr_tac hyps i]) 
4466
289 
end 
305390f23734
290 
handle THM _ => no_tac  EQ_VAR => no_tac); 
305390f23734
291 

9532  292 
(*apply an equality or definition ONCE; 
293 
fails unless the substitution has an effect*) 

294 
fun stac th = 

295 
let val th' = th RS Data.rev_eq_reflection handle THM _ => th 

296 
in CHANGED_GOAL (rtac (th' RS ssubst)) end; 

297 

298 

9628  299 
(* theory setup *) 
300 

9532  301 
val hypsubst_setup = 
30515  302 
Method.setup @{binding hypsubst} 
51798  303 
(Scan.succeed (fn ctxt => SIMPLE_METHOD' (CHANGED_PROP o hyp_subst_tac ctxt))) 
30515  304 
"substitution using an assumption (improper)" #> 
57492
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

305 
Method.setup @{binding hypsubst_thin} 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

306 
(Scan.succeed (fn ctxt => SIMPLE_METHOD' 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

307 
(CHANGED_PROP o hyp_subst_tac_thin true ctxt))) 
74bf65a1910a
Hypsubst preserves equality hypotheses
Thomas Sewell <thomas.sewell@nicta.com.au>
parents:
56245
diff
changeset

308 
"substitution using an assumption, eliminating assumptions" #> 
57509  309 
hyp_subst_thin_setup #> 
30515  310 
Method.setup @{binding simplesubst} (Attrib.thm >> (fn th => K (SIMPLE_METHOD' (stac th)))) 
311 
"simple substitution"; 

9532  312 

0  313 
end; 