12 |
12 |
13 section "corresp_ex"; |
13 section "corresp_ex"; |
14 |
14 |
15 |
15 |
16 (* ---------------------------------------------------------------- *) |
16 (* ---------------------------------------------------------------- *) |
17 (* corresp_ex2 *) |
17 (* corresp_exC *) |
18 (* ---------------------------------------------------------------- *) |
18 (* ---------------------------------------------------------------- *) |
19 |
19 |
20 |
20 |
21 goal thy "corresp_ex2 A f = (LAM ex. (%s. case ex of \ |
21 goal thy "corresp_exC A f = (LAM ex. (%s. case ex of \ |
22 \ nil => nil \ |
22 \ nil => nil \ |
23 \ | x##xs => (flift1 (%pr. (snd(@cex. move A cex s (fst pr) (f (snd pr)))) \ |
23 \ | x##xs => (flift1 (%pr. (@cex. move A cex (f s) (fst pr) (f (snd pr))) \ |
24 \ @@ ((corresp_ex2 A f `xs) (f (snd pr)))) \ |
24 \ @@ ((corresp_exC A f `xs) (snd pr))) \ |
25 \ `x) ))"; |
25 \ `x) ))"; |
26 by (rtac trans 1); |
26 by (rtac trans 1); |
27 br fix_eq2 1; |
27 br fix_eq2 1; |
28 br corresp_ex2_def 1; |
28 br corresp_exC_def 1; |
29 br beta_cfun 1; |
29 br beta_cfun 1; |
30 by (simp_tac (!simpset addsimps [flift1_def]) 1); |
30 by (simp_tac (!simpset addsimps [flift1_def]) 1); |
31 qed"corresp_ex2_unfold"; |
31 qed"corresp_exC_unfold"; |
32 |
32 |
33 goal thy "(corresp_ex2 A f`UU) s=UU"; |
33 goal thy "(corresp_exC A f`UU) s=UU"; |
34 by (stac corresp_ex2_unfold 1); |
34 by (stac corresp_exC_unfold 1); |
35 by (Simp_tac 1); |
35 by (Simp_tac 1); |
36 qed"corresp_ex2_UU"; |
36 qed"corresp_exC_UU"; |
37 |
37 |
38 goal thy "(corresp_ex2 A f`nil) s = nil"; |
38 goal thy "(corresp_exC A f`nil) s = nil"; |
39 by (stac corresp_ex2_unfold 1); |
39 by (stac corresp_exC_unfold 1); |
40 by (Simp_tac 1); |
40 by (Simp_tac 1); |
41 qed"corresp_ex2_nil"; |
41 qed"corresp_exC_nil"; |
42 |
42 |
43 goal thy "(corresp_ex2 A f`(at>>xs)) s = \ |
43 goal thy "(corresp_exC A f`(at>>xs)) s = \ |
44 \ (snd(@cex. move A cex s (fst at) (f (snd at)))) \ |
44 \ (@cex. move A cex (f s) (fst at) (f (snd at))) \ |
45 \ @@ ((corresp_ex2 A f`xs) (f (snd at)))"; |
45 \ @@ ((corresp_exC A f`xs) (snd at))"; |
46 br trans 1; |
46 br trans 1; |
47 by (stac corresp_ex2_unfold 1); |
47 by (stac corresp_exC_unfold 1); |
48 by (asm_full_simp_tac (!simpset addsimps [Cons_def,flift1_def]) 1); |
48 by (asm_full_simp_tac (!simpset addsimps [Cons_def,flift1_def]) 1); |
49 by (Simp_tac 1); |
49 by (Simp_tac 1); |
50 qed"corresp_ex2_cons"; |
50 qed"corresp_exC_cons"; |
51 |
51 |
52 |
52 |
53 Addsimps [corresp_ex2_UU,corresp_ex2_nil,corresp_ex2_cons]; |
53 Addsimps [corresp_exC_UU,corresp_exC_nil,corresp_exC_cons]; |
54 |
54 |
55 |
55 |
56 |
56 |
57 (* ------------------------------------------------------------------ *) |
57 (* ------------------------------------------------------------------ *) |
58 (* The following lemmata describe the definition *) |
58 (* The following lemmata describe the definition *) |
72 by (assume_tac 1); |
72 by (assume_tac 1); |
73 qed"move_is_move"; |
73 qed"move_is_move"; |
74 |
74 |
75 goal thy |
75 goal thy |
76 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
76 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
77 \ is_execution_fragment A (@x. move A x (f s) a (f t))"; |
77 \ is_exec_frag A (f s,@x. move A x (f s) a (f t))"; |
78 by (cut_inst_tac [] move_is_move 1); |
78 by (cut_inst_tac [] move_is_move 1); |
79 by (REPEAT (assume_tac 1)); |
79 by (REPEAT (assume_tac 1)); |
80 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
80 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
81 qed"move_subprop1"; |
81 qed"move_subprop1"; |
82 |
82 |
83 goal thy |
83 goal thy |
84 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
84 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
85 \ Finite (snd (@x. move A x (f s) a (f t)))"; |
85 \ Finite ((@x. move A x (f s) a (f t)))"; |
86 by (cut_inst_tac [] move_is_move 1); |
86 by (cut_inst_tac [] move_is_move 1); |
87 by (REPEAT (assume_tac 1)); |
87 by (REPEAT (assume_tac 1)); |
88 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
88 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
89 qed"move_subprop2"; |
89 qed"move_subprop2"; |
90 |
90 |
91 goal thy |
91 goal thy |
92 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
92 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
93 \ fst (@x. move A x (f s) a (f t)) = (f s)"; |
93 \ laststate (f s,@x. move A x (f s) a (f t)) = (f t)"; |
94 by (cut_inst_tac [] move_is_move 1); |
94 by (cut_inst_tac [] move_is_move 1); |
95 by (REPEAT (assume_tac 1)); |
95 by (REPEAT (assume_tac 1)); |
96 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
96 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
97 qed"move_subprop3"; |
97 qed"move_subprop3"; |
98 |
98 |
99 goal thy |
99 goal thy |
100 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
100 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
101 \ laststate (@x. move A x (f s) a (f t)) = (f t)"; |
101 \ mk_trace A`((@x. move A x (f s) a (f t))) = \ |
|
102 \ (if a:ext A then a>>nil else nil)"; |
|
103 |
102 by (cut_inst_tac [] move_is_move 1); |
104 by (cut_inst_tac [] move_is_move 1); |
103 by (REPEAT (assume_tac 1)); |
105 by (REPEAT (assume_tac 1)); |
104 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
106 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
105 qed"move_subprop4"; |
107 qed"move_subprop4"; |
106 |
|
107 goal thy |
|
108 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
|
109 \ mk_trace A`(snd(@x. move A x (f s) a (f t))) = \ |
|
110 \ (if a:ext A then a>>nil else nil)"; |
|
111 |
|
112 by (cut_inst_tac [] move_is_move 1); |
|
113 by (REPEAT (assume_tac 1)); |
|
114 by (asm_full_simp_tac (!simpset addsimps [move_def]) 1); |
|
115 qed"move_subprop5"; |
|
116 |
|
117 goal thy |
|
118 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
|
119 \ (is_execution_fragment A (f s,(snd (@x. move A x (f s) a (f t)))))"; |
|
120 by (cut_inst_tac [] move_subprop3 1); |
|
121 by (REPEAT (assume_tac 1)); |
|
122 by (cut_inst_tac [] move_subprop1 1); |
|
123 by (REPEAT (assume_tac 1)); |
|
124 by (res_inst_tac [("s","fst (@x. move A x (f s) a (f t))")] subst 1); |
|
125 back(); |
|
126 back(); |
|
127 back(); |
|
128 ba 1; |
|
129 by (simp_tac (HOL_basic_ss addsimps [surjective_pairing RS sym]) 1); |
|
130 qed"move_subprop_1and3"; |
|
131 |
|
132 goal thy |
|
133 "!!f. [|is_ref_map f C A; reachable C s; (s,a,t):trans_of C|] ==>\ |
|
134 \ (case Last`(snd (@x. move A x (f s) a (f t))) of \ |
|
135 \ Undef => (f s) \ |
|
136 \ | Def p => snd p) = (f t)"; |
|
137 by (cut_inst_tac [] move_subprop3 1); |
|
138 by (REPEAT (assume_tac 1)); |
|
139 by (cut_inst_tac [] move_subprop4 1); |
|
140 by (REPEAT (assume_tac 1)); |
|
141 by (asm_full_simp_tac (!simpset addsimps [laststate_def]) 1); |
|
142 qed"move_subprop_4and3"; |
|
143 |
|
144 |
108 |
145 |
109 |
146 (* ------------------------------------------------------------------ *) |
110 (* ------------------------------------------------------------------ *) |
147 (* The following lemmata contribute to *) |
111 (* The following lemmata contribute to *) |
148 (* TRACE INCLUSION Part 1: Traces coincide *) |
112 (* TRACE INCLUSION Part 1: Traces coincide *) |
166 Lemma 1 :Traces coincide |
130 Lemma 1 :Traces coincide |
167 ------------------------------------------------------- *) |
131 ------------------------------------------------------- *) |
168 |
132 |
169 goalw thy [corresp_ex_def] |
133 goalw thy [corresp_ex_def] |
170 "!!f.[|is_ref_map f C A; ext C = ext A|] ==> \ |
134 "!!f.[|is_ref_map f C A; ext C = ext A|] ==> \ |
171 \ !s. reachable C s & is_execution_fragment C (s,xs) --> \ |
135 \ !s. reachable C s & is_exec_frag C (s,xs) --> \ |
172 \ mk_trace C`xs = mk_trace A`(snd (corresp_ex A f (s,xs)))"; |
136 \ mk_trace C`xs = mk_trace A`(snd (corresp_ex A f (s,xs)))"; |
173 |
137 |
174 by (pair_induct_tac "xs" [is_execution_fragment_def] 1); |
138 by (pair_induct_tac "xs" [is_exec_frag_def] 1); |
175 (* cons case *) |
139 (* cons case *) |
176 by (safe_tac set_cs); |
140 by (safe_tac set_cs); |
177 by (asm_full_simp_tac (!simpset addsimps [mk_traceConc]) 1); |
141 by (asm_full_simp_tac (!simpset addsimps [mk_traceConc]) 1); |
178 by (forward_tac [reachable.reachable_n] 1); |
142 by (forward_tac [reachable.reachable_n] 1); |
179 ba 1; |
143 ba 1; |
180 by (eres_inst_tac [("x","y")] allE 1); |
144 by (eres_inst_tac [("x","y")] allE 1); |
181 by (Asm_full_simp_tac 1); |
145 by (Asm_full_simp_tac 1); |
182 by (asm_full_simp_tac (!simpset addsimps [move_subprop5] |
146 by (asm_full_simp_tac (!simpset addsimps [move_subprop4] |
183 setloop split_tac [expand_if] ) 1); |
147 setloop split_tac [expand_if] ) 1); |
184 qed"lemma_1"; |
148 qed"lemma_1"; |
185 |
149 |
186 |
150 |
187 (* ------------------------------------------------------------------ *) |
151 (* ------------------------------------------------------------------ *) |
195 (* Lemma 2.1 *) |
159 (* Lemma 2.1 *) |
196 (* -------------------------------------------------- *) |
160 (* -------------------------------------------------- *) |
197 |
161 |
198 goal thy |
162 goal thy |
199 "Finite xs --> \ |
163 "Finite xs --> \ |
200 \(!s .is_execution_fragment A (s,xs) & is_execution_fragment A (t,ys) & \ |
164 \(!s .is_exec_frag A (s,xs) & is_exec_frag A (t,ys) & \ |
201 \ t = laststate (s,xs) \ |
165 \ t = laststate (s,xs) \ |
202 \ --> is_execution_fragment A (s,xs @@ ys))"; |
166 \ --> is_exec_frag A (s,xs @@ ys))"; |
203 |
167 |
204 br impI 1; |
168 br impI 1; |
205 by (Seq_Finite_induct_tac 1); |
169 by (Seq_Finite_induct_tac 1); |
206 (* base_case *) |
170 (* base_case *) |
207 by (fast_tac HOL_cs 1); |
171 by (fast_tac HOL_cs 1); |
208 (* main case *) |
172 (* main case *) |
209 by (safe_tac set_cs); |
173 by (safe_tac set_cs); |
210 by (pair_tac "a" 1); |
174 by (pair_tac "a" 1); |
211 qed"lemma_2_1"; |
175 qed_spec_mp"lemma_2_1"; |
212 |
176 |
213 |
177 |
214 (* ----------------------------------------------------------- *) |
178 (* ----------------------------------------------------------- *) |
215 (* Lemma 2 : corresp_ex is execution *) |
179 (* Lemma 2 : corresp_ex is execution *) |
216 (* ----------------------------------------------------------- *) |
180 (* ----------------------------------------------------------- *) |
217 |
181 |
218 |
182 |
219 |
183 |
220 goalw thy [corresp_ex_def] |
184 goalw thy [corresp_ex_def] |
221 "!!f.[| is_ref_map f C A |] ==>\ |
185 "!!f.[| is_ref_map f C A |] ==>\ |
222 \ !s. reachable C s & is_execution_fragment C (s,xs) \ |
186 \ !s. reachable C s & is_exec_frag C (s,xs) \ |
223 \ --> is_execution_fragment A (corresp_ex A f (s,xs))"; |
187 \ --> is_exec_frag A (corresp_ex A f (s,xs))"; |
224 |
188 |
225 by (Asm_full_simp_tac 1); |
189 by (Asm_full_simp_tac 1); |
226 by (pair_induct_tac "xs" [is_execution_fragment_def] 1); |
190 by (pair_induct_tac "xs" [is_exec_frag_def] 1); |
227 (* main case *) |
191 (* main case *) |
228 by (safe_tac set_cs); |
192 by (safe_tac set_cs); |
229 by (res_inst_tac [("t3","f y")] (lemma_2_1 RS mp RS spec RS mp) 1); |
193 by (res_inst_tac [("t","f y")] lemma_2_1 1); |
230 |
194 |
231 (* Finite *) |
195 (* Finite *) |
232 be move_subprop2 1; |
196 be move_subprop2 1; |
233 by (REPEAT (atac 1)); |
197 by (REPEAT (atac 1)); |
234 by (rtac conjI 1); |
198 by (rtac conjI 1); |
235 |
199 |
236 (* is_execution_fragment *) |
200 (* is_exec_frag *) |
237 be move_subprop_1and3 1; |
201 be move_subprop1 1; |
238 by (REPEAT (atac 1)); |
202 by (REPEAT (atac 1)); |
239 by (rtac conjI 1); |
203 by (rtac conjI 1); |
240 |
204 |
241 (* Induction hypothesis *) |
205 (* Induction hypothesis *) |
242 (* reachable_n looping, therefore apply it manually *) |
206 (* reachable_n looping, therefore apply it manually *) |