21 REPEAT (etac @{thm Always_ConstrainsI} 1 |
21 REPEAT (etac @{thm Always_ConstrainsI} 1 |
22 ORELSE |
22 ORELSE |
23 resolve_tac [@{thm StableI}, @{thm stableI}, |
23 resolve_tac [@{thm StableI}, @{thm stableI}, |
24 @{thm constrains_imp_Constrains}] 1), |
24 @{thm constrains_imp_Constrains}] 1), |
25 (*for safety, the totalize operator can be ignored*) |
25 (*for safety, the totalize operator can be ignored*) |
26 simp_tac (HOL_ss addsimps [@{thm mk_total_program_def}, @{thm totalize_constrains_iff}]) 1, |
26 simp_tac (put_simpset HOL_ss ctxt |
|
27 addsimps [@{thm mk_total_program_def}, @{thm totalize_constrains_iff}]) 1, |
27 rtac @{thm constrainsI} 1, |
28 rtac @{thm constrainsI} 1, |
28 full_simp_tac (simpset_of ctxt) 1, |
29 full_simp_tac ctxt 1, |
29 REPEAT (FIRSTGOAL (etac disjE)), |
30 REPEAT (FIRSTGOAL (etac disjE)), |
30 ALLGOALS (clarify_tac ctxt), |
31 ALLGOALS (clarify_tac ctxt), |
31 ALLGOALS (asm_full_simp_tac (simpset_of ctxt))]) i; |
32 ALLGOALS (asm_full_simp_tac ctxt)]) i; |
32 |
33 |
33 (*proves "ensures/leadsTo" properties when the program is specified*) |
34 (*proves "ensures/leadsTo" properties when the program is specified*) |
34 fun ensures_tac ctxt sact = |
35 fun ensures_tac ctxt sact = |
35 SELECT_GOAL |
36 SELECT_GOAL |
36 (EVERY |
37 (EVERY |
38 etac @{thm Always_LeadsTo_Basis} 1 |
39 etac @{thm Always_LeadsTo_Basis} 1 |
39 ORELSE (*subgoal may involve LeadsTo, leadsTo or ensures*) |
40 ORELSE (*subgoal may involve LeadsTo, leadsTo or ensures*) |
40 REPEAT (ares_tac [@{thm LeadsTo_Basis}, @{thm leadsTo_Basis}, |
41 REPEAT (ares_tac [@{thm LeadsTo_Basis}, @{thm leadsTo_Basis}, |
41 @{thm EnsuresI}, @{thm ensuresI}] 1), |
42 @{thm EnsuresI}, @{thm ensuresI}] 1), |
42 (*now there are two subgoals: co & transient*) |
43 (*now there are two subgoals: co & transient*) |
43 simp_tac (simpset_of ctxt addsimps [@{thm mk_total_program_def}]) 2, |
44 simp_tac (ctxt addsimps [@{thm mk_total_program_def}]) 2, |
44 res_inst_tac ctxt |
45 res_inst_tac ctxt |
45 [(("act", 0), sact)] @{thm totalize_transientI} 2 |
46 [(("act", 0), sact)] @{thm totalize_transientI} 2 |
46 ORELSE res_inst_tac ctxt |
47 ORELSE res_inst_tac ctxt |
47 [(("act", 0), sact)] @{thm transientI} 2, |
48 [(("act", 0), sact)] @{thm transientI} 2, |
48 (*simplify the command's domain*) |
49 (*simplify the command's domain*) |
49 simp_tac (simpset_of ctxt addsimps @{thms Domain_unfold}) 3, |
50 simp_tac (ctxt addsimps @{thms Domain_unfold}) 3, |
50 constrains_tac ctxt 1, |
51 constrains_tac ctxt 1, |
51 ALLGOALS (clarify_tac ctxt), |
52 ALLGOALS (clarify_tac ctxt), |
52 ALLGOALS (asm_lr_simp_tac (simpset_of ctxt))]); |
53 ALLGOALS (asm_lr_simp_tac ctxt)]); |
53 |
54 |
54 |
55 |
55 (*Composition equivalences, from Lift_prog*) |
56 (*Composition equivalences, from Lift_prog*) |
56 |
57 |
57 fun make_o_equivs th = |
58 fun make_o_equivs ctxt th = |
58 [th, |
59 [th, |
59 th RS @{thm o_equiv_assoc} |> simplify (HOL_ss addsimps [@{thm o_assoc}]), |
60 th RS @{thm o_equiv_assoc} |> simplify (put_simpset HOL_ss ctxt addsimps [@{thm o_assoc}]), |
60 th RS @{thm o_equiv_apply} |> simplify (HOL_ss addsimps [@{thm o_def}, @{thm sub_def}])]; |
61 th RS @{thm o_equiv_apply} |> simplify (put_simpset HOL_ss ctxt addsimps [@{thm o_def}, @{thm sub_def}])]; |
61 |
62 |