isabelle: comparison src/HOLCF/Tools/Domain/domain

equal deleted inserted replaced

-:c7ddb7105dde
+:555f26f00e47
 |> Sign.parent_path
 |> pair (iso_rews @ when_rews @ con_rews @ sel_rews @ dis_rews @
 pat_rews @ dist_les @ dist_eqs)
 end; (* let *)
-fun prove_coinduction
+(******************************************************************************)
+(****************************** induction rules *******************************)
+(******************************************************************************)
+fun prove_induction
 (comp_dnam, eqs : eq list)
 (take_lemmas : thm list)
-(thy : theory) : thm * theory =
+(axs_reach : thm list)
+(take_rews : thm list)
+(thy : theory) =
 let
-val dnames = map (fst o fst) eqs;
-val comp_dname = Sign.full_bname thy comp_dnam;
-fun dc_take dn = %%:(dn^"_take");
-val x_name = idx_name dnames "x";
-val n_eqs = length eqs;
-val take_rews =
-maps (fn dn => PureThy.get_thms thy (dn ^ ".take_rews")) dnames;
-(* ----- define bisimulation predicate -------------------------------------- *)
-local
-open HOLCF_Library
-val dtypes  = map (Type o fst) eqs;
-val relprod = mk_tupleT (map (fn tp => tp --> tp --> boolT) dtypes);
-val bisim_bind = Binding.name (comp_dnam ^ "_bisim");
-val bisim_type = relprod --> boolT;
-in
-val (bisim_const, thy) =
-Sign.declare_const ((bisim_bind, bisim_type), NoSyn) thy;
-end;
-local
-fun legacy_infer_term thy t =
-singleton (Syntax.check_terms (ProofContext.init thy)) (Sign.intern_term thy t);
-fun legacy_infer_prop thy t = legacy_infer_term thy (TypeInfer.constrain propT t);
-fun infer_props thy = map (apsnd (legacy_infer_prop thy));
-fun add_defs_i x = PureThy.add_defs false (map Thm.no_attributes x);
-fun add_defs_infer defs thy = add_defs_i (infer_props thy defs) thy;
-val comp_dname = Sign.full_bname thy comp_dnam;
 val dnames = map (fst o fst) eqs;
+val conss  = map  snd        eqs;
+fun dc_take dn = %%:(dn^"_take");
 val x_name = idx_name dnames "x";
+val P_name = idx_name dnames "P";
-fun one_con (con, args) =
-let
-val nonrec_args = filter_out is_rec args;
-val    rec_args = filter is_rec args;
-val    recs_cnt = length rec_args;
-val allargs     = nonrec_args @ rec_args
-@ map (upd_vname (fn s=> s^"'")) rec_args;
-val allvns      = map vname allargs;
-fun vname_arg s arg = if is_rec arg then vname arg^s else vname arg;
-val vns1        = map (vname_arg "" ) args;
-val vns2        = map (vname_arg "'") args;
-val allargs_cnt = length nonrec_args + 2*recs_cnt;
-val rec_idxs    = (recs_cnt-1) downto 0;
-val nonlazy_idxs = map snd (filter_out (fn (arg,_) => is_lazy arg)
-(allargs~~((allargs_cnt-1) downto 0)));
-fun rel_app i ra = proj (Bound(allargs_cnt+2)) eqs (rec_of ra) $
-Bound (2*recs_cnt-i) $ Bound (recs_cnt-i);
-val capps =
-List.foldr
-mk_conj
-(mk_conj(
-Bound(allargs_cnt+1)===list_ccomb(%%:con,map (bound_arg allvns) vns1),
-Bound(allargs_cnt+0)===list_ccomb(%%:con,map (bound_arg allvns) vns2)))
-(mapn rel_app 1 rec_args);
-in
-List.foldr
-mk_ex
-(Library.foldr mk_conj
-(map (defined o Bound) nonlazy_idxs,capps)) allvns
-end;
-fun one_comp n (_,cons) =
-mk_all (x_name(n+1),
-mk_all (x_name(n+1)^"'",
-mk_imp (proj (Bound 2) eqs n $ Bound 1 $ Bound 0,
-foldr1 mk_disj (mk_conj(Bound 1 === UU,Bound 0 === UU)
-::map one_con cons))));
-val bisim_eqn =
-%%:(comp_dname^"_bisim") ==
-mk_lam("R", foldr1 mk_conj (mapn one_comp 0 eqs));
-in
-val ([ax_bisim_def], thy) =
-thy
-|> Sign.add_path comp_dnam
-|> add_defs_infer [(Binding.name "bisim_def", bisim_eqn)]
-||> Sign.parent_path;
-end; (* local *)
-(* ----- theorem concerning coinduction ------------------------------------- *)
-local
 val pg = pg' thy;
-val xs = mapn (fn n => K (x_name n)) 1 dnames;
-fun bnd_arg n i = Bound(2*(n_eqs - n)-i-1);
+local
-val take_ss = HOL_ss addsimps (@{thm Rep_CFun_strict1} :: take_rews);
+fun ga s dn = PureThy.get_thm thy (dn ^ "." ^ s);
-val sproj = prj (fn s => K("fst("^s^")")) (fn s => K("snd("^s^")"));
+fun gts s dn = PureThy.get_thms thy (dn ^ "." ^ s);
-val _ = trace " Proving coind_lemma...";
+in
-val coind_lemma =
+val axs_chain_take = map (ga "chain_take") dnames;
-let
+val axs_finite_def = map (ga "finite_def") dnames;
-fun mk_prj n _ = proj (%:"R") eqs n $ bnd_arg n 0 $ bnd_arg n 1;
+val cases = map (ga  "casedist" ) dnames;
-fun mk_eqn n dn =
+val con_rews  = maps (gts "con_rews" ) dnames;
-(dc_take dn $ %:"n" ` bnd_arg n 0) ===
+end;
-(dc_take dn $ %:"n" ` bnd_arg n 1);
-fun mk_all2 (x,t) = mk_all (x, mk_all (x^"'", t));
-val goal =
-mk_trp (mk_imp (%%:(comp_dname^"_bisim") $ %:"R",
-Library.foldr mk_all2 (xs,
-Library.foldr mk_imp (mapn mk_prj 0 dnames,
-foldr1 mk_conj (mapn mk_eqn 0 dnames)))));
-fun x_tacs ctxt n x = [
-rotate_tac (n+1) 1,
-etac all2E 1,
-eres_inst_tac ctxt [(("P", 1), sproj "R" eqs n^" "^x^" "^x^"'")] (mp RS disjE) 1,
-TRY (safe_tac HOL_cs),
-REPEAT (CHANGED (asm_simp_tac take_ss 1))];
-fun tacs ctxt = [
-rtac impI 1,
-InductTacs.induct_tac ctxt [[SOME "n"]] 1,
-simp_tac take_ss 1,
-safe_tac HOL_cs] @
-flat (mapn (x_tacs ctxt) 0 xs);
-in pg [ax_bisim_def] goal tacs end;
-in
-val _ = trace " Proving coind...";
-val coind =
-let
-fun mk_prj n x = mk_trp (proj (%:"R") eqs n $ %:x $ %:(x^"'"));
-fun mk_eqn x = %:x === %:(x^"'");
-val goal =
-mk_trp (%%:(comp_dname^"_bisim") $ %:"R") ===>
-Logic.list_implies (mapn mk_prj 0 xs,
-mk_trp (foldr1 mk_conj (map mk_eqn xs)));
-val tacs =
-TRY (safe_tac HOL_cs) ::
-maps (fn take_lemma => [
-rtac take_lemma 1,
-cut_facts_tac [coind_lemma] 1,
-fast_tac HOL_cs 1])
-take_lemmas;
-in pg [] goal (K tacs) end;
-end; (* local *)
-in
-(coind, thy)
-end;
-fun comp_theorems (comp_dnam, eqs: eq list) thy =
-let
-val map_tab = Domain_Take_Proofs.get_map_tab thy;
-val dnames = map (fst o fst) eqs;
-val conss  = map  snd        eqs;
-val comp_dname = Sign.full_bname thy comp_dnam;
-val _ = message ("Proving induction properties of domain "^comp_dname^" ...");
-val pg = pg' thy;
-(* ----- getting the composite axiom and definitions ------------------------ *)
-local
-fun ga s dn = PureThy.get_thm thy (dn ^ "." ^ s);
-in
-val axs_take_def   = map (ga "take_def"  ) dnames;
-val axs_chain_take = map (ga "chain_take") dnames;
-val axs_lub_take   = map (ga "lub_take"  ) dnames;
-val axs_finite_def = map (ga "finite_def") dnames;
-end;
-local
-fun gt  s dn = PureThy.get_thm  thy (dn ^ "." ^ s);
-fun gts s dn = PureThy.get_thms thy (dn ^ "." ^ s);
-in
-val cases = map (gt  "casedist" ) dnames;
-val con_rews  = maps (gts "con_rews" ) dnames;
-end;
-fun dc_take dn = %%:(dn^"_take");
-val x_name = idx_name dnames "x";
-val P_name = idx_name dnames "P";
-val n_eqs = length eqs;
-(* ----- theorems concerning finite approximation and finite induction ------ *)
-val take_rews =
-maps (fn dn => PureThy.get_thms thy (dn ^ ".take_rews")) dnames;
-local
 fun one_con p (con, args) =
 let
 val P_names = map P_name (1 upto (length dnames));
 val vns = Name.variant_list P_names (map vname args);
 val nonlazy_vns = map snd (filter_out (is_lazy o fst) (args ~~ vns));
 in
 val n__eqs = mapn (fn n => fn (_,cons) => (n,cons)) 0 eqs;
 val is_emptys = map warn n__eqs;
 val is_finite = forall (not o lazy_rec_to [] false) n__eqs;
 end;
-in (* local *)
 val _ = trace " Proving finite_ind...";
 val finite_ind =
 let
 fun concf n dn = %:(P_name n) $ (dc_take dn $ %:"n" `%(x_name n));
 val goal = ind_term concf;
 tacs1 @ maps cases_tacs (conss ~~ cases)
 end;
 in pg'' thy [] goal tacf
 handle ERROR _ => (warning "Proof of finite_ind failed."; TrueI)
 end;
-val _ = trace " Proving take_lemmas...";
-val take_lemmas =
-let
-fun take_lemma (ax_chain_take, ax_lub_take) =
-Drule.export_without_context
-(@{thm lub_ID_take_lemma} OF [ax_chain_take, ax_lub_take]);
-in map take_lemma (axs_chain_take ~~ axs_lub_take) end;
-val axs_reach =
-let
-fun reach (ax_chain_take, ax_lub_take) =
-Drule.export_without_context
-(@{thm lub_ID_reach} OF [ax_chain_take, ax_lub_take]);
-in map reach (axs_chain_take ~~ axs_lub_take) end;
 (* ----- theorems concerning finiteness and induction ----------------------- *)
 val global_ctxt = ProofContext.init thy;
 handle THM _ =>
 (warning "Induction proofs failed (THM raised)."; ([], TrueI))
 | ERROR _ =>
 (warning "Cannot prove induction rule"; ([], TrueI));
-end; (* local *)
-val (coind, thy) = prove_coinduction (comp_dnam, eqs) take_lemmas thy;
 val inducts = Project_Rule.projections (ProofContext.init thy) ind;
 fun ind_rule (dname, rule) = ((Binding.empty, [rule]), [Induct.induct_type dname]);
 val induct_failed = (Thm.prop_of ind = Thm.prop_of TrueI);
+in thy |> Sign.add_path comp_dnam
+|> snd o PureThy.add_thmss [
+((Binding.name "finites"    , finites     ), []),
+((Binding.name "finite_ind" , [finite_ind]), []),
+((Binding.name "ind"        , [ind]       ), [])]
+|> (if induct_failed then I
+else snd o PureThy.add_thmss (map ind_rule (dnames ~~ inducts)))
+|> Sign.parent_path
+end; (* prove_induction *)
+(******************************************************************************)
+(************************ bisimulation and coinduction ************************)
+(******************************************************************************)
+fun prove_coinduction
+(comp_dnam, eqs : eq list)
+(take_lemmas : thm list)
+(thy : theory) : thm * theory =
+let
+val dnames = map (fst o fst) eqs;
+val comp_dname = Sign.full_bname thy comp_dnam;
+fun dc_take dn = %%:(dn^"_take");
+val x_name = idx_name dnames "x";
+val n_eqs = length eqs;
+val take_rews =
+maps (fn dn => PureThy.get_thms thy (dn ^ ".take_rews")) dnames;
+(* ----- define bisimulation predicate -------------------------------------- *)
+local
+open HOLCF_Library
+val dtypes  = map (Type o fst) eqs;
+val relprod = mk_tupleT (map (fn tp => tp --> tp --> boolT) dtypes);
+val bisim_bind = Binding.name (comp_dnam ^ "_bisim");
+val bisim_type = relprod --> boolT;
+in
+val (bisim_const, thy) =
+Sign.declare_const ((bisim_bind, bisim_type), NoSyn) thy;
+end;
+local
+fun legacy_infer_term thy t =
+singleton (Syntax.check_terms (ProofContext.init thy)) (Sign.intern_term thy t);
+fun legacy_infer_prop thy t = legacy_infer_term thy (TypeInfer.constrain propT t);
+fun infer_props thy = map (apsnd (legacy_infer_prop thy));
+fun add_defs_i x = PureThy.add_defs false (map Thm.no_attributes x);
+fun add_defs_infer defs thy = add_defs_i (infer_props thy defs) thy;
+val comp_dname = Sign.full_bname thy comp_dnam;
+val dnames = map (fst o fst) eqs;
+val x_name = idx_name dnames "x";
+fun one_con (con, args) =
+let
+val nonrec_args = filter_out is_rec args;
+val    rec_args = filter is_rec args;
+val    recs_cnt = length rec_args;
+val allargs     = nonrec_args @ rec_args
+@ map (upd_vname (fn s=> s^"'")) rec_args;
+val allvns      = map vname allargs;
+fun vname_arg s arg = if is_rec arg then vname arg^s else vname arg;
+val vns1        = map (vname_arg "" ) args;
+val vns2        = map (vname_arg "'") args;
+val allargs_cnt = length nonrec_args + 2*recs_cnt;
+val rec_idxs    = (recs_cnt-1) downto 0;
+val nonlazy_idxs = map snd (filter_out (fn (arg,_) => is_lazy arg)
+(allargs~~((allargs_cnt-1) downto 0)));
+fun rel_app i ra = proj (Bound(allargs_cnt+2)) eqs (rec_of ra) $
+Bound (2*recs_cnt-i) $ Bound (recs_cnt-i);
+val capps =
+List.foldr
+mk_conj
+(mk_conj(
+Bound(allargs_cnt+1)===list_ccomb(%%:con,map (bound_arg allvns) vns1),
+Bound(allargs_cnt+0)===list_ccomb(%%:con,map (bound_arg allvns) vns2)))
+(mapn rel_app 1 rec_args);
+in
+List.foldr
+mk_ex
+(Library.foldr mk_conj
+(map (defined o Bound) nonlazy_idxs,capps)) allvns
+end;
+fun one_comp n (_,cons) =
+mk_all (x_name(n+1),
+mk_all (x_name(n+1)^"'",
+mk_imp (proj (Bound 2) eqs n $ Bound 1 $ Bound 0,
+foldr1 mk_disj (mk_conj(Bound 1 === UU,Bound 0 === UU)
+::map one_con cons))));
+val bisim_eqn =
+%%:(comp_dname^"_bisim") ==
+mk_lam("R", foldr1 mk_conj (mapn one_comp 0 eqs));
+in
+val ([ax_bisim_def], thy) =
+thy
+|> Sign.add_path comp_dnam
+|> add_defs_infer [(Binding.name "bisim_def", bisim_eqn)]
+||> Sign.parent_path;
+end; (* local *)
+(* ----- theorem concerning coinduction ------------------------------------- *)
+local
+val pg = pg' thy;
+val xs = mapn (fn n => K (x_name n)) 1 dnames;
+fun bnd_arg n i = Bound(2*(n_eqs - n)-i-1);
+val take_ss = HOL_ss addsimps (@{thm Rep_CFun_strict1} :: take_rews);
+val sproj = prj (fn s => K("fst("^s^")")) (fn s => K("snd("^s^")"));
+val _ = trace " Proving coind_lemma...";
+val coind_lemma =
+let
+fun mk_prj n _ = proj (%:"R") eqs n $ bnd_arg n 0 $ bnd_arg n 1;
+fun mk_eqn n dn =
+(dc_take dn $ %:"n" ` bnd_arg n 0) ===
+(dc_take dn $ %:"n" ` bnd_arg n 1);
+fun mk_all2 (x,t) = mk_all (x, mk_all (x^"'", t));
+val goal =
+mk_trp (mk_imp (%%:(comp_dname^"_bisim") $ %:"R",
+Library.foldr mk_all2 (xs,
+Library.foldr mk_imp (mapn mk_prj 0 dnames,
+foldr1 mk_conj (mapn mk_eqn 0 dnames)))));
+fun x_tacs ctxt n x = [
+rotate_tac (n+1) 1,
+etac all2E 1,
+eres_inst_tac ctxt [(("P", 1), sproj "R" eqs n^" "^x^" "^x^"'")] (mp RS disjE) 1,
+TRY (safe_tac HOL_cs),
+REPEAT (CHANGED (asm_simp_tac take_ss 1))];
+fun tacs ctxt = [
+rtac impI 1,
+InductTacs.induct_tac ctxt [[SOME "n"]] 1,
+simp_tac take_ss 1,
+safe_tac HOL_cs] @
+flat (mapn (x_tacs ctxt) 0 xs);
+in pg [ax_bisim_def] goal tacs end;
+in
+val _ = trace " Proving coind...";
+val coind =
+let
+fun mk_prj n x = mk_trp (proj (%:"R") eqs n $ %:x $ %:(x^"'"));
+fun mk_eqn x = %:x === %:(x^"'");
+val goal =
+mk_trp (%%:(comp_dname^"_bisim") $ %:"R") ===>
+Logic.list_implies (mapn mk_prj 0 xs,
+mk_trp (foldr1 mk_conj (map mk_eqn xs)));
+val tacs =
+TRY (safe_tac HOL_cs) ::
+maps (fn take_lemma => [
+rtac take_lemma 1,
+cut_facts_tac [coind_lemma] 1,
+fast_tac HOL_cs 1])
+take_lemmas;
+in pg [] goal (K tacs) end;
+end; (* local *)
+in
+(coind, thy)
+end;
+fun comp_theorems (comp_dnam, eqs: eq list) thy =
+let
+val map_tab = Domain_Take_Proofs.get_map_tab thy;
+val dnames = map (fst o fst) eqs;
+val comp_dname = Sign.full_bname thy comp_dnam;
+val _ = message ("Proving induction properties of domain "^comp_dname^" ...");
+(* ----- getting the composite axiom and definitions ------------------------ *)
+(* Test for indirect recursion *)
+local
+fun indirect_arg arg =
+rec_of arg = ~1 andalso Datatype_Aux.is_rec_type (dtyp_of arg);
+fun indirect_con (_, args) = exists indirect_arg args;
+fun indirect_eq (_, cons) = exists indirect_con cons;
+in
+val is_indirect = exists indirect_eq eqs;
+val _ = if is_indirect
+then message "Definition uses indirect recursion."
+else ();
+end;
+(* theorems about take *)
+local
+fun ga s dn = PureThy.get_thm thy (dn ^ "." ^ s);
+val axs_chain_take = map (ga "chain_take") dnames;
+val axs_lub_take   = map (ga "lub_take"  ) dnames;
+in
+val _ = trace " Proving take_lemmas...";
+val take_lemmas =
+let
+fun take_lemma (ax_chain_take, ax_lub_take) =
+Drule.export_without_context
+(@{thm lub_ID_take_lemma} OF [ax_chain_take, ax_lub_take]);
+in map take_lemma (axs_chain_take ~~ axs_lub_take) end;
+val axs_reach =
+let
+fun reach (ax_chain_take, ax_lub_take) =
+Drule.export_without_context
+(@{thm lub_ID_reach} OF [ax_chain_take, ax_lub_take]);
+in map reach (axs_chain_take ~~ axs_lub_take) end;
+end;
+val take_rews =
+maps (fn dn => PureThy.get_thms thy (dn ^ ".take_rews")) dnames;
+(* prove induction rules, unless definition is indirect recursive *)
+val thy =
+if is_indirect then thy else
+prove_induction (comp_dnam, eqs) take_lemmas axs_reach take_rews thy;
+val (coind, thy) = prove_coinduction (comp_dnam, eqs) take_lemmas thy;
 in thy |> Sign.add_path comp_dnam
 |> snd o PureThy.add_thmss [
 ((Binding.name "take_lemmas", take_lemmas ), []),
 ((Binding.name "reach"      , axs_reach   ), []),
-((Binding.name "finites"    , finites     ), []),
-((Binding.name "finite_ind" , [finite_ind]), []),
-((Binding.name "ind"        , [ind]       ), []),
 ((Binding.name "coind"      , [coind]     ), [])]
-|> (if induct_failed then I
-else snd o PureThy.add_thmss (map ind_rule (dnames ~~ inducts)))
 |> Sign.parent_path |> pair take_rews
 end; (* let *)
 end; (* struct *)

changeset 35585	555f26f00e47
parent 35574	ee5df989b7c4
child 35590	f638444c9667