357 ORELSE (*subgoal may involve LeadsTo, leadsTo or ensures*) |
357 ORELSE (*subgoal may involve LeadsTo, leadsTo or ensures*) |
358 REPEAT (ares_tac [@{thm LeadsTo_Basis}, @{thm leadsTo_Basis}, |
358 REPEAT (ares_tac [@{thm LeadsTo_Basis}, @{thm leadsTo_Basis}, |
359 @{thm EnsuresI}, @{thm ensuresI}] 1), |
359 @{thm EnsuresI}, @{thm ensuresI}] 1), |
360 (*now there are two subgoals: co & transient*) |
360 (*now there are two subgoals: co & transient*) |
361 simp_tac (ctxt addsimps (Named_Theorems.get ctxt @{named_theorems program})) 2, |
361 simp_tac (ctxt addsimps (Named_Theorems.get ctxt @{named_theorems program})) 2, |
362 res_inst_tac ctxt [((("act", 0), Position.none), sact)] @{thm transientI} 2, |
362 Rule_Insts.res_inst_tac ctxt [((("act", 0), Position.none), sact)] @{thm transientI} 2, |
363 (*simplify the command's domain*) |
363 (*simplify the command's domain*) |
364 simp_tac (ctxt addsimps [@{thm domain_def}]) 3, |
364 simp_tac (ctxt addsimps [@{thm domain_def}]) 3, |
365 (* proving the domain part *) |
365 (* proving the domain part *) |
366 clarify_tac ctxt 3, dtac @{thm swap} 3, force_tac ctxt 4, |
366 clarify_tac ctxt 3, dtac @{thm swap} 3, force_tac ctxt 4, |
367 rtac @{thm ReplaceI} 3, force_tac ctxt 3, force_tac ctxt 4, |
367 rtac @{thm ReplaceI} 3, force_tac ctxt 3, force_tac ctxt 4, |