equal
deleted
inserted
replaced
385 by (subgoal_tac "P(zb) --> P(za)" 1); |
385 by (subgoal_tac "P(zb) --> P(za)" 1); |
386 (*now solve first subgoal: this formula is sufficient*) |
386 (*now solve first subgoal: this formula is sufficient*) |
387 by (blast_tac (claset() addIs leadsTo_refl::prems) 1); |
387 by (blast_tac (claset() addIs leadsTo_refl::prems) 1); |
388 by (rtac (major RS leadsTo_induct) 1); |
388 by (rtac (major RS leadsTo_induct) 1); |
389 by (REPEAT (blast_tac (claset() addIs prems) 1)); |
389 by (REPEAT (blast_tac (claset() addIs prems) 1)); |
390 qed "lemma"; |
390 qed "leadsTo_induct_pre_aux"; |
391 |
391 |
392 |
392 |
393 val [major, zb_prem, basis_prem, union_prem] = Goal |
393 val [major, zb_prem, basis_prem, union_prem] = Goal |
394 "[| F : za leadsTo zb; \ |
394 "[| F : za leadsTo zb; \ |
395 \ P(zb); \ |
395 \ P(zb); \ |
397 \ !!S. ALL A:S. F : A leadsTo zb & P(A) & st_set(A) ==> P(Union(S)) \ |
397 \ !!S. ALL A:S. F : A leadsTo zb & P(A) & st_set(A) ==> P(Union(S)) \ |
398 \ |] ==> P(za)"; |
398 \ |] ==> P(za)"; |
399 by (cut_facts_tac [major] 1); |
399 by (cut_facts_tac [major] 1); |
400 by (subgoal_tac "(F : za leadsTo zb) & P(za)" 1); |
400 by (subgoal_tac "(F : za leadsTo zb) & P(za)" 1); |
401 by (etac conjunct2 1); |
401 by (etac conjunct2 1); |
402 by (rtac (major RS lemma) 1); |
402 by (rtac (major RS leadsTo_induct_pre_aux) 1); |
403 by (blast_tac (claset() addDs [leadsToD2] |
403 by (blast_tac (claset() addDs [leadsToD2] |
404 addIs [leadsTo_Union,union_prem]) 3); |
404 addIs [leadsTo_Union,union_prem]) 3); |
405 by (blast_tac (claset() addIs [leadsTo_Trans,basis_prem, leadsTo_Basis]) 2); |
405 by (blast_tac (claset() addIs [leadsTo_Trans,basis_prem, leadsTo_Basis]) 2); |
406 by (blast_tac (claset() addIs [leadsTo_refl,zb_prem] |
406 by (blast_tac (claset() addIs [leadsTo_refl,zb_prem] |
407 addDs [leadsToD2]) 1); |
407 addDs [leadsToD2]) 1); |
499 by (asm_simp_tac (simpset() delsimps UN_simps |
499 by (asm_simp_tac (simpset() delsimps UN_simps |
500 addsimps [Int_UN_distrib]) 2); |
500 addsimps [Int_UN_distrib]) 2); |
501 by (blast_tac (claset() addIs [leadsTo_cancel1, leadsTo_Un_duplicate]) 1); |
501 by (blast_tac (claset() addIs [leadsTo_cancel1, leadsTo_Un_duplicate]) 1); |
502 by (auto_tac (claset() addIs [leadsTo_UN], |
502 by (auto_tac (claset() addIs [leadsTo_UN], |
503 simpset() delsimps UN_simps addsimps [Int_UN_distrib])); |
503 simpset() delsimps UN_simps addsimps [Int_UN_distrib])); |
504 qed "lemma1"; |
504 qed "leadsTo_wf_induct_aux"; |
505 |
505 |
506 (** Meta or object quantifier ? **) |
506 (** Meta or object quantifier ? **) |
507 Goal "[| wf(r); \ |
507 Goal "[| wf(r); \ |
508 \ field(r)<=I; \ |
508 \ field(r)<=I; \ |
509 \ A<=f-``I;\ |
509 \ A<=f-``I;\ |
513 \ ==> F : A leadsTo B"; |
513 \ ==> F : A leadsTo B"; |
514 by (res_inst_tac [("b", "A")] subst 1); |
514 by (res_inst_tac [("b", "A")] subst 1); |
515 by (res_inst_tac [("I", "I")] leadsTo_UN 2); |
515 by (res_inst_tac [("I", "I")] leadsTo_UN 2); |
516 by (REPEAT (assume_tac 2)); |
516 by (REPEAT (assume_tac 2)); |
517 by (Clarify_tac 2); |
517 by (Clarify_tac 2); |
518 by (eres_inst_tac [("I", "I")] lemma1 2); |
518 by (eres_inst_tac [("I", "I")] leadsTo_wf_induct_aux 2); |
519 by (REPEAT (assume_tac 2)); |
519 by (REPEAT (assume_tac 2)); |
520 by (rtac equalityI 1); |
520 by (rtac equalityI 1); |
521 by Safe_tac; |
521 by Safe_tac; |
522 by (thin_tac "field(r)<=I" 1); |
522 by (thin_tac "field(r)<=I" 1); |
523 by (dres_inst_tac [("c", "x")] subsetD 1); |
523 by (dres_inst_tac [("c", "x")] subsetD 1); |
600 \ F : (A1 - B) co (A1 Un B); \ |
600 \ F : (A1 - B) co (A1 Un B); \ |
601 \ F : (A2 - C) co (A2 Un C) |] \ |
601 \ F : (A2 - C) co (A2 Un C) |] \ |
602 \ ==> F : (A1 Un A2 - C) co (A1 Un A2 Un C)"; |
602 \ ==> F : (A1 Un A2 - C) co (A1 Un A2 Un C)"; |
603 by (Clarify_tac 1); |
603 by (Clarify_tac 1); |
604 by (Blast_tac 1); |
604 by (Blast_tac 1); |
605 qed "lemma1"; |
605 qed "leadsTo_123_aux"; |
606 |
606 |
607 (*Lemma (1,2,3) of Misra's draft book, Chapter 4, "Progress"*) |
607 (*Lemma (1,2,3) of Misra's draft book, Chapter 4, "Progress"*) |
608 (* slightly different from the HOL one: B here is bounded *) |
608 (* slightly different from the HOL one: B here is bounded *) |
609 Goal "F : A leadsTo A' \ |
609 Goal "F : A leadsTo A' \ |
610 \ ==> EX B:Pow(state). A<=B & F:B leadsTo A' & F : (B-A') co (B Un A')"; |
610 \ ==> EX B:Pow(state). A<=B & F:B leadsTo A' & F : (B-A') co (B Un A')"; |
613 (*Basis*) |
613 (*Basis*) |
614 by (blast_tac (claset() addDs [ensuresD, constrainsD2, st_setD]) 1); |
614 by (blast_tac (claset() addDs [ensuresD, constrainsD2, st_setD]) 1); |
615 (*Trans*) |
615 (*Trans*) |
616 by (Clarify_tac 1); |
616 by (Clarify_tac 1); |
617 by (res_inst_tac [("x", "Ba Un Bb")] bexI 1); |
617 by (res_inst_tac [("x", "Ba Un Bb")] bexI 1); |
618 by (blast_tac (claset() addIs [lemma1,leadsTo_Un_Un, leadsTo_cancel1, |
618 by (blast_tac (claset() addIs [leadsTo_123_aux,leadsTo_Un_Un, leadsTo_cancel1, |
619 leadsTo_Un_duplicate]) 1); |
619 leadsTo_Un_duplicate]) 1); |
620 by (Blast_tac 1); |
620 by (Blast_tac 1); |
621 (*Union*) |
621 (*Union*) |
622 by (clarify_tac (claset() addSDs [ball_conj_distrib RS iffD1]) 1); |
622 by (clarify_tac (claset() addSDs [ball_conj_distrib RS iffD1]) 1); |
623 by (subgoal_tac "EX y. y:Pi(S, %A. {Ba:Pow(state). A<=Ba & \ |
623 by (subgoal_tac "EX y. y:Pi(S, %A. {Ba:Pow(state). A<=Ba & \ |