isabelle: src/HOL/Hoare/Separation.thy@aa4ea5398ab8 (annotated)

13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	1	(* Title: HOL/Hoare/Separation.thy
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	2	Author: Tobias Nipkow
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	3	Copyright 2003 TUM
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	4
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	5	A first attempt at a nice syntactic embedding of separation logic.
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	6	Already builds on the theory for list abstractions.
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	7
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	8	If we suppress the H parameter for "List", we have to hardwired this
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	9	into parser and pretty printer, which is not very modular.
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	10	Alternative: some syntax like <P> which stands for P H. No more
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	11	compact, but avoids the funny H.
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	12	*)
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	13
72990 db8f94656024 tuned document, notably authors and sections; wenzelm parents: 69597 diff changeset	14	section \<open>Separation logic\<close>
db8f94656024 tuned document, notably authors and sections; wenzelm parents: 69597 diff changeset	15
db8f94656024 tuned document, notably authors and sections; wenzelm parents: 69597 diff changeset	16	theory Separation
db8f94656024 tuned document, notably authors and sections; wenzelm parents: 69597 diff changeset	17	imports Hoare_Logic_Abort SepLogHeap
db8f94656024 tuned document, notably authors and sections; wenzelm parents: 69597 diff changeset	18	begin
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	19
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	20	text\<open>The semantic definition of a few connectives:\<close>
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	21
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	22	definition ortho :: "heap \<Rightarrow> heap \<Rightarrow> bool" (infix "\<bottom>" 55)
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	23	where "h1 \<bottom> h2 \<longleftrightarrow> dom h1 \<inter> dom h2 = {}"
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	24
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	25	definition is_empty :: "heap \<Rightarrow> bool"
68451 c34aa23a1fb6 empty -> Map.empty nipkow parents: 67444 diff changeset	26	where "is_empty h \<longleftrightarrow> h = Map.empty"
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	27
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	28	definition singl:: "heap \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> bool"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	29	where "singl h x y \<longleftrightarrow> dom h = {x} & h x = Some y"
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	30
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	31	definition star:: "(heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool)"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	32	where "star P Q = (\<lambda>h. \<exists>h1 h2. h = h1++h2 \<and> h1 \<bottom> h2 \<and> P h1 \<and> Q h2)"
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	33
38353 d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	34	definition wand:: "(heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool) \<Rightarrow> (heap \<Rightarrow> bool)"
d98baa2cf589 modernized specifications; wenzelm parents: 35416 diff changeset	35	where "wand P Q = (\<lambda>h. \<forall>h'. h' \<bottom> h \<and> P h' \<longrightarrow> Q(h++h'))"
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	36
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	37	text\<open>This is what assertions look like without any syntactic sugar:\<close>
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	38
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	39	lemma "VARS x y z w h
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	40	{star (%h. singl h x y) (%h. singl h z w) h}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	41	SKIP
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	42	{x \<noteq> z}"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	43	apply vcg
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	44	apply(auto simp:star_def ortho_def singl_def)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	45	done
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	46
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	47	text\<open>Now we add nice input syntax. To suppress the heap parameter
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	48	of the connectives, we assume it is always called H and add/remove it
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	49	upon parsing/printing. Thus every pointer program needs to have a
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	50	program variable H, and assertions should not contain any locally
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	51	bound Hs - otherwise they may bind the implicit H.\<close>
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	52
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	53	syntax
35101 6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	54	"_emp" :: "bool" ("emp")
6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	55	"_singl" :: "nat \<Rightarrow> nat \<Rightarrow> bool" ("[_ \<mapsto> _]")
6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	56	"_star" :: "bool \<Rightarrow> bool \<Rightarrow> bool" (infixl "**" 60)
6ce9177d6b38 modernized translations; wenzelm parents: 18447 diff changeset	57	"_wand" :: "bool \<Rightarrow> bool \<Rightarrow> bool" (infixl "-*" 60)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	58
17781 32bb237158a5 print_translation: does not handle _idtdummy; wenzelm parents: 16417 diff changeset	59	(* FIXME does not handle "_idtdummy" *)
67444 100247708f31 clarified comments; wenzelm parents: 67410 diff changeset	60	ML \<open>
100247708f31 clarified comments; wenzelm parents: 67410 diff changeset	61	\<comment> \<open>\<open>free_tr\<close> takes care of free vars in the scope of separation logic connectives:
100247708f31 clarified comments; wenzelm parents: 67410 diff changeset	62	they are implicitly applied to the heap\<close>
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	63	fun free_tr(t as Free _) = t $ Syntax.free "H"
67444 100247708f31 clarified comments; wenzelm parents: 67410 diff changeset	64	\<^cancel>\<open>\| free_tr((list as Free("List",_))$ p $ ps) = list $ Syntax.free "H" $ p $ ps\<close>
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	65	\| free_tr t = t
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	66
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	67	fun emp_tr [] = Syntax.const \<^const_syntax>\<open>is_empty\<close> $ Syntax.free "H"
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	68	\| emp_tr ts = raise TERM ("emp_tr", ts);
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	69	fun singl_tr [p, q] = Syntax.const \<^const_syntax>\<open>singl\<close> $ Syntax.free "H" $ p $ q
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	70	\| singl_tr ts = raise TERM ("singl_tr", ts);
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	71	fun star_tr [P,Q] = Syntax.const \<^const_syntax>\<open>star\<close> $
44241 7943b69f0188 modernized signature of Term.absfree/absdummy; wenzelm parents: 38353 diff changeset	72	absfree ("H", dummyT) (free_tr P) $ absfree ("H", dummyT) (free_tr Q) $
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	73	Syntax.free "H"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	74	\| star_tr ts = raise TERM ("star_tr", ts);
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	75	fun wand_tr [P, Q] = Syntax.const \<^const_syntax>\<open>wand\<close> $
44241 7943b69f0188 modernized signature of Term.absfree/absdummy; wenzelm parents: 38353 diff changeset	76	absfree ("H", dummyT) P $ absfree ("H", dummyT) Q $ Syntax.free "H"
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	77	\| wand_tr ts = raise TERM ("wand_tr", ts);
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	78	\<close>
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	79
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	80	parse_translation \<open>
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	81	[(\<^syntax_const>\<open>_emp\<close>, K emp_tr),
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	82	(\<^syntax_const>\<open>_singl\<close>, K singl_tr),
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	83	(\<^syntax_const>\<open>_star\<close>, K star_tr),
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	84	(\<^syntax_const>\<open>_wand\<close>, K wand_tr)]
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	85	\<close>
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	86
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	87	text\<open>Now it looks much better:\<close>
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	88
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	89	lemma "VARS H x y z w
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	90	{[x\<mapsto>y] ** [z\<mapsto>w]}
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	91	SKIP
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	92	{x \<noteq> z}"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	93	apply vcg
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	94	apply(auto simp:star_def ortho_def singl_def)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	95	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	96
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	97	lemma "VARS H x y z w
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	98	{emp ** emp}
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	99	SKIP
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	100	{emp}"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	101	apply vcg
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	102	apply(auto simp:star_def ortho_def is_empty_def)
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	103	done
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	104
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	105	text\<open>But the output is still unreadable. Thus we also strip the heap
6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	106	parameters upon output:\<close>
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	107
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	108	ML \<open>
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	109	local
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	110
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	111	fun strip (Abs(_,_,(t as Const("_free",_) $ Free _) $ Bound 0)) = t
ad1c28671a93 First working version nipkow parents: 13875 diff changeset	112	\| strip (Abs(_,_,(t as Free _) $ Bound 0)) = t
67444 100247708f31 clarified comments; wenzelm parents: 67410 diff changeset	113	\<^cancel>\<open>\| strip (Abs(_,_,((list as Const("List",_))$ Bound 0 $ p $ ps))) = list$p$ps\<close>
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	114	\| strip (Abs(_,_,(t as Const("_var",_) $ Var _) $ Bound 0)) = t
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	115	\| strip (Abs(_,_,P)) = P
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	116	\| strip (Const(\<^const_syntax>\<open>is_empty\<close>,_)) = Syntax.const \<^syntax_const>\<open>_emp\<close>
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	117	\| strip t = t;
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	118
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	119	in
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	120
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	121	fun is_empty_tr' [_] = Syntax.const \<^syntax_const>\<open>_emp\<close>
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	122	fun singl_tr' [_,p,q] = Syntax.const \<^syntax_const>\<open>_singl\<close> $ p $ q
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	123	fun star_tr' [P,Q,_] = Syntax.const \<^syntax_const>\<open>_star\<close> $ strip P $ strip Q
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	124	fun wand_tr' [P,Q,_] = Syntax.const \<^syntax_const>\<open>_wand\<close> $ strip P $ strip Q
35113 1a0c129bb2e0 modernized translations; wenzelm parents: 35101 diff changeset	125
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	126	end
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	127	\<close>
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	128
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	129	print_translation \<open>
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	130	[(\<^const_syntax>\<open>is_empty\<close>, K is_empty_tr'),
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	131	(\<^const_syntax>\<open>singl\<close>, K singl_tr'),
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	132	(\<^const_syntax>\<open>star\<close>, K star_tr'),
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 68451 diff changeset	133	(\<^const_syntax>\<open>wand\<close>, K wand_tr')]
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	134	\<close>
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	135
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	136	text\<open>Now the intermediate proof states are also readable:\<close>
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	137
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	138	lemma "VARS H x y z w
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	139	{[x\<mapsto>y] ** [z\<mapsto>w]}
13867 1fdecd15437f just a few mods to a few thms nipkow parents: 13857 diff changeset	140	y := w
13857 11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	141	{x \<noteq> z}"
11d7c5a8dbb7 * empty log message * nipkow parents: diff changeset	142	apply vcg
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	143	apply(auto simp:star_def ortho_def singl_def)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	144	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	145
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	146	lemma "VARS H x y z w
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	147	{emp ** emp}
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	148	SKIP
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	149	{emp}"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	150	apply vcg
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	151	apply(auto simp:star_def ortho_def is_empty_def)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	152	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	153
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	154	text\<open>So far we have unfolded the separation logic connectives in
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	155	proofs. Here comes a simple example of a program proof that uses a law
62042 6c6ccf573479 isabelle update_cartouches -c -t; wenzelm parents: 52143 diff changeset	156	of separation logic instead.\<close>
13903 ad1c28671a93 First working version nipkow parents: 13875 diff changeset	157
67410 64d928bacddd prefer formal comments; wenzelm parents: 62042 diff changeset	158	\<comment> \<open>a law of separation logic\<close>
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	159	lemma star_comm: "P Q = Q P"
18447 da548623916a removed or modified some instances of [iff] paulson parents: 17781 diff changeset	160	by(auto simp add:star_def ortho_def dest: map_add_comm)
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	161
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	162	lemma "VARS H x y z w
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	163	{P ** Q}
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	164	SKIP
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	165	{Q ** P}"
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	166	apply vcg
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	167	apply(simp add: star_comm)
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	168	done
12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	169
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	170
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	171	lemma "VARS H
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	172	{p\<noteq>0 \<and> [p \<mapsto> x] ** List H q qs}
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	173	H := H(p \<mapsto> q)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	174	{List H p (p#qs)}"
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	175	apply vcg
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	176	apply(simp add: star_def ortho_def singl_def)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	177	apply clarify
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	178	apply(subgoal_tac "p \<notin> set qs")
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	179	prefer 2
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	180	apply(blast dest:list_in_heap)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	181	apply simp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	182	done
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	183
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	184	lemma "VARS H p q r
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	185	{List H p Ps ** List H q Qs}
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	186	WHILE p \<noteq> 0
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	187	INV {\<exists>ps qs. (List H p ps ** List H q qs) \<and> rev ps @ qs = rev Ps @ Qs}
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	188	DO r := p; p := the(H p); H := H(r \<mapsto> q); q := r OD
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	189	{List H q (rev Ps @ Qs)}"
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	190	apply vcg
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	191	apply(simp_all add: star_def ortho_def singl_def)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	192
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 44241 diff changeset	193	apply fastforce
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	194
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	195	apply (clarsimp simp add:List_non_null)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	196	apply(rename_tac ps')
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	197	apply(rule_tac x = ps' in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	198	apply(rule_tac x = "p#qs" in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	199	apply simp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	200	apply(rule_tac x = "h1(p:=None)" in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	201	apply(rule_tac x = "h2(p\<mapsto>q)" in exI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	202	apply simp
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	203	apply(rule conjI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	204	apply(rule ext)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	205	apply(simp add:map_add_def split:option.split)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	206	apply(rule conjI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	207	apply blast
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	208	apply(simp add:map_add_def split:option.split)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	209	apply(rule conjI)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	210	apply(subgoal_tac "p \<notin> set qs")
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	211	prefer 2
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	212	apply(blast dest:list_in_heap)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	213	apply(simp)
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	214	apply fast
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	215
44890 22f665a2e91c new fastforce replacing fastsimp - less confusing name nipkow parents: 44241 diff changeset	216	apply(fastforce)
14074 93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	217	done
93dfce3b6f86 * empty log message * nipkow parents: 14028 diff changeset	218
13875 12997e3ddd8d * empty log message * nipkow parents: 13867 diff changeset	219	end

author	wenzelm
	Sun, 16 Jul 2023 15:53:13 +0200
changeset 78366	aa4ea5398ab8
parent 72990	db8f94656024
child 80914	d97fdabd9e2b
permissions	-rw-r--r--