--- a/src/HOL/UNITY/Lift.ML Wed Sep 02 16:52:06 1998 +0200
+++ b/src/HOL/UNITY/Lift.ML Thu Sep 03 16:40:02 1998 +0200
@@ -7,20 +7,38 @@
*)
-(*To move 0 < metric n s out of the assumptions for case splitting*)
-val rev_mp' = read_instantiate_sg (sign_of thy)
- [("P", "0 < metric ?n ?s")] rev_mp;
+(*split_all_tac causes a big blow-up*)
+claset_ref() := claset() delSWrapper "split_all_tac";
+
+
+(** Rules to move "metric n s" out of the assumptions, for case splitting **)
+val mov_metric1 = read_instantiate_sg (sign_of thy)
+ [("P", "?x < metric ?n ?s")] rev_mp;
+
+val mov_metric2 = read_instantiate_sg (sign_of thy)
+ [("P", "?x = metric ?n ?s")] rev_mp;
+
+val mov_metric3 = read_instantiate_sg (sign_of thy)
+ [("P", "~ (?x < metric ?n ?s)")] rev_mp;
+
+(*The order in which they are applied seems to be critical...*)
+val mov_metrics = [mov_metric2, mov_metric3, mov_metric1];
+
val Suc_lessD_contra = Suc_lessD COMP rev_contrapos;
val Suc_lessD_contra' = less_not_sym RS Suc_lessD_contra;
+Addsimps [Lprg_def RS def_prg_simps];
+
+Addsimps (map simp_of_act
+ [request_act_def, open_act_def, close_act_def,
+ req_up_def, req_down_def, move_up_def, move_down_def,
+ button_press_def]);
+
val always_defs = [above_def, below_def, queueing_def,
goingup_def, goingdown_def, ready_def];
-val cmd_defs = [Lprg_def,
- request_act_def, open_act_def, close_act_def,
- req_up_def, req_down_def, move_up_def, move_down_def,
- button_press_def];
+Addsimps (map simp_of_set always_defs);
Goalw [Lprg_def] "id : Acts Lprg";
by (Simp_tac 1);
@@ -40,9 +58,13 @@
less_not_refl2, less_not_refl3];
+(*Hoping to be faster than
+ asm_simp_tac (simpset() addsimps metric_simps
+ but sometimes it's slower*)
+val metric_simp_tac =
+ asm_simp_tac (simpset() addsimps [metric_def, vimage_def]) THEN'
+ asm_simp_tac (simpset() addsimps metric_simps);
-(*split_all_tac causes a big blow-up*)
-claset_ref() := claset() delSWrapper "split_all_tac";
(*Simplification for records*)
Addsimps (thms"state.update_defs");
@@ -65,38 +87,37 @@
by (asm_simp_tac (simpset() addsimps [gr_implies_gr0 RS le_pred_eq]) 1);
qed "less_imp_le_pred";
-Goalw [Lprg_def] "Invariant Lprg open_stop";
+Goal "Invariant Lprg open_stop";
by (rtac InvariantI 1);
by (Force_tac 1);
-by (constrains_tac (cmd_defs@always_defs) 1);
+by (constrains_tac 1);
qed "open_stop";
-Goalw [Lprg_def] "Invariant Lprg stop_floor";
+Goal "Invariant Lprg stop_floor";
by (rtac InvariantI 1);
by (Force_tac 1);
-by (constrains_tac (cmd_defs@always_defs) 1);
+by (constrains_tac 1);
qed "stop_floor";
(*This one needs open_stop, which was proved above*)
Goal "Invariant Lprg open_move";
by (rtac InvariantI 1);
-br (open_stop RS Invariant_ConstrainsI RS StableI) 2;
-bw Lprg_def;
+by (rtac (open_stop RS Invariant_ConstrainsI RS StableI) 2);
by (Force_tac 1);
-by (constrains_tac (cmd_defs@always_defs) 1);
+by (constrains_tac 1);
qed "open_move";
-Goalw [Lprg_def] "Invariant Lprg moving_up";
+Goal "Invariant Lprg moving_up";
by (rtac InvariantI 1);
by (Force_tac 1);
-by (constrains_tac (cmd_defs@always_defs) 1);
+by (constrains_tac 1);
by (blast_tac (claset() addDs [le_imp_less_or_eq]) 1);
qed "moving_up";
-Goalw [Lprg_def] "Invariant Lprg moving_down";
+Goal "Invariant Lprg moving_down";
by (rtac InvariantI 1);
by (Force_tac 1);
-by (constrains_tac (cmd_defs@always_defs) 1);
+by (constrains_tac 1);
by Safe_tac;
by (dres_inst_tac [("m","f")] le_imp_less_or_eq 3);
by (auto_tac (claset(),
@@ -105,10 +126,9 @@
Goal "Invariant Lprg bounded";
by (rtac InvariantI 1);
-br (Invariant_Int_rule [moving_up, moving_down] RS Invariant_StableI) 2;
-bw Lprg_def;
+by (rtac (Invariant_Int_rule [moving_up, moving_down] RS Invariant_StableI) 2);
by (Force_tac 1);
-by (constrains_tac (cmd_defs@always_defs) 1);
+by (constrains_tac 1);
by Safe_tac;
by (TRYALL (resolve_tac [nat_exhaust_le_pred, nat_exhaust_pred_le]));
by (auto_tac (claset(), simpset() addsimps [less_Suc_eq]));
@@ -123,42 +143,33 @@
val abbrev_defs = [moving_def, stopped_def,
opened_def, closed_def, atFloor_def, Req_def];
-val defs = cmd_defs@always_defs@abbrev_defs;
+Addsimps (map simp_of_set abbrev_defs);
(** The HUG'93 paper mistakenly omits the Req n from these! **)
(** Lift_1 **)
-(*lem_lift_1_5*)
Goal "LeadsTo Lprg (stopped Int atFloor n) (opened Int atFloor n)";
by (cut_facts_tac [stop_floor] 1);
-by (ensures_tac defs "open_act" 1);
-by Auto_tac;
-qed "E_thm01";
+by (ensures_tac "open_act" 1);
+qed "E_thm01"; (*lem_lift_1_5*)
-(*lem_lift_1_1*)
Goal "LeadsTo Lprg (Req n Int stopped - atFloor n) \
\ (Req n Int opened - atFloor n)";
by (cut_facts_tac [stop_floor] 1);
-by (ensures_tac defs "open_act" 1);
-by Auto_tac;
-qed "E_thm02";
+by (ensures_tac "open_act" 1);
+qed "E_thm02"; (*lem_lift_1_1*)
-(*lem_lift_1_2*)
Goal "LeadsTo Lprg (Req n Int opened - atFloor n) \
\ (Req n Int closed - (atFloor n - queueing))";
-by (ensures_tac defs "close_act" 1);
-by Auto_tac;
-qed "E_thm03";
+by (ensures_tac "close_act" 1);
+qed "E_thm03"; (*lem_lift_1_2*)
-
-(*lem_lift_1_7*)
Goal "LeadsTo Lprg (Req n Int closed Int (atFloor n - queueing)) \
\ (opened Int atFloor n)";
-by (ensures_tac defs "open_act" 1);
-by Auto_tac;
-qed "E_thm04";
+by (ensures_tac "open_act" 1);
+qed "E_thm04"; (*lem_lift_1_7*)
(** Lift 2. Statements of thm05a and thm05b were wrong! **)
@@ -182,16 +193,16 @@
Goal "LeadsTo Lprg (Req n Int closed - (atFloor n - queueing)) \
\ ((closed Int goingup Int Req n) Un \
\ (closed Int goingdown Int Req n))";
-br subset_imp_LeadsTo 1;
-by (auto_tac (claset() addSEs [nat_neqE], simpset() addsimps defs));
+by (rtac subset_imp_LeadsTo 1);
+by (auto_tac (claset() addSEs [nat_neqE], simpset()));
qed "E_thm05c";
(*lift_2*)
Goal "LeadsTo Lprg (Req n Int closed - (atFloor n - queueing)) \
\ (moving Int Req n)";
-br ([E_thm05c, LeadsTo_Un] MRS LeadsTo_Trans) 1;
-by (ensures_tac defs "req_down" 2);
-by (ensures_tac defs "req_up" 1);
+by (rtac ([E_thm05c, LeadsTo_Un] MRS LeadsTo_Trans) 1);
+by (ensures_tac "req_down" 2);
+by (ensures_tac "req_up" 1);
by Auto_tac;
qed "lift_2";
@@ -212,18 +223,16 @@
Goal "0 < N ==> \
\ LeadsTo Lprg \
\ (moving Int Req n Int (metric n -`` {N}) Int \
-\ {s. floor s ~: req s} Int {s. up s}) \
+\ {s. floor s ~: req s} Int {s. up s}) \
\ (moving Int Req n Int (metric n -`` lessThan N))";
by (cut_facts_tac [moving_up] 1);
-by (ensures_tac defs "move_up" 1);
-by Auto_tac;
+by (ensures_tac "move_up" 1);
+by Safe_tac;
(*this step consolidates two formulae to the goal metric n s' <= metric n s*)
-be (leI RS le_anti_sym RS sym) 1;
-by (eres_inst_tac [("P", "?x < metric n s")] notE 2);
-by (eres_inst_tac [("P", "?x = metric n ?y")] rev_notE 3);
-by (REPEAT_FIRST (etac rev_mp'));
-by (ALLGOALS (asm_simp_tac (simpset() addsimps metric_simps)));
-by (distinct_tac 1);
+by (etac (leI RS le_anti_sym RS sym) 1);
+by (REPEAT_FIRST (eresolve_tac mov_metrics));
+by (REPEAT_FIRST distinct_tac);
+by (ALLGOALS metric_simp_tac);
by (auto_tac
(claset() addEs [diff_Suc_less_diff RS less_not_refl3 RSN (2, rev_notE)]
addIs [diff_Suc_less_diff],
@@ -242,16 +251,14 @@
\ {s. floor s ~: req s} - {s. up s}) \
\ (moving Int Req n Int (metric n -`` lessThan N))";
by (cut_facts_tac [moving_down] 1);
-by (ensures_tac defs "move_down" 1);
-by Auto_tac;
+by (ensures_tac "move_down" 1);
+by Safe_tac;
by (ALLGOALS distinct_tac);
by (ALLGOALS (etac less_floor_imp THEN' Clarify_tac THEN' Asm_full_simp_tac));
(*this step consolidates two formulae to the goal metric n s' <= metric n s*)
-be (leI RS le_anti_sym RS sym) 1;
-by (eres_inst_tac [("P", "?x < metric n s")] notE 2);
-by (eres_inst_tac [("P", "?x = metric n ?y")] rev_notE 3);
-by (REPEAT_FIRST (etac rev_mp'));
-by (ALLGOALS (asm_simp_tac (simpset() addsimps metric_simps)));
+by (etac (leI RS le_anti_sym RS sym) 1);
+by (REPEAT_FIRST (eresolve_tac mov_metrics));
+by (ALLGOALS metric_simp_tac);
by (auto_tac
(claset() addEs [diff_less_Suc_diff RS less_not_refl3 RSN (2, rev_notE)]
addIs [diff_le_Suc_diff, diff_less_Suc_diff],
@@ -263,7 +270,7 @@
Goal "0<N ==> LeadsTo Lprg (moving Int Req n Int (metric n -`` {N}) Int \
\ {s. floor s ~: req s}) \
\ (moving Int Req n Int (metric n -`` lessThan N))";
-br ([subset_imp_LeadsTo, LeadsTo_Un] MRS LeadsTo_Trans) 1;
+by (rtac ([subset_imp_LeadsTo, LeadsTo_Un] MRS LeadsTo_Trans) 1);
by (etac E_thm12b 4);
by (etac E_thm12a 3);
by (rtac id_in_Acts 2);
@@ -278,11 +285,11 @@
\ ==> LeadsTo Lprg (closed Int Req n Int (metric n -`` {N}) Int goingup) \
\ (moving Int Req n Int (metric n -`` lessThan N))";
by (cut_facts_tac [bounded] 1);
-by (ensures_tac defs "req_up" 1);
+by (ensures_tac "req_up" 1);
by Auto_tac;
-by (ALLGOALS (eres_inst_tac [("P", "?x < metric n s")] notE));
-by (REPEAT_FIRST (etac rev_mp'));
+by (REPEAT_FIRST (eresolve_tac mov_metrics));
by (ALLGOALS (asm_simp_tac (simpset() addsimps metric_simps)));
+ (*faster than metric_simp_tac or than using just metric_def*)
by (auto_tac (claset() addIs [diff_Suc_less_diff],
simpset() addsimps [arith1, arith2]));
qed "E_thm16a";
@@ -311,12 +318,12 @@
\ LeadsTo Lprg (closed Int Req n Int (metric n -`` {N}) Int goingdown) \
\ (moving Int Req n Int (metric n -`` lessThan N))";
by (cut_facts_tac [bounded] 1);
-by (ensures_tac defs "req_down" 1);
+by (ensures_tac "req_down" 1);
by Auto_tac;
-by (ALLGOALS (eres_inst_tac [("P", "?x < metric n s")] notE));
by (ALLGOALS (etac less_floor_imp THEN' Clarify_tac THEN' Asm_full_simp_tac));
-by (REPEAT_FIRST (etac rev_mp'));
+by (REPEAT_FIRST (eresolve_tac mov_metrics));
by (ALLGOALS (asm_simp_tac (simpset() addsimps metric_simps)));
+ (*faster and better than metric_simp_tac *)
by (auto_tac (claset() addIs [diff_Suc_less_diff, diff_less_Suc_diff],
simpset() addsimps [trans_le_add1, arith3, arith4]));
qed "E_thm16b";
@@ -346,19 +353,20 @@
(*lem_lift_5_0 proves an intersection involving ~goingup and goingup,
i.e. the trivial disjunction, leading to an asymmetrical proof.*)
Goal "0<N ==> Req n Int (metric n -``{N}) <= goingup Un goingdown";
-by (asm_simp_tac (simpset() addsimps (defs@metric_simps)) 1);
-by (Blast_tac 1);
+by (asm_simp_tac
+ (simpset() addsimps (always_defs@abbrev_defs@[metric_def,vimage_def])) 1);
+by (auto_tac (claset(), simpset() addsimps metric_simps));
qed "E_thm16c";
(*lift_5*)
Goal "0<N ==> LeadsTo Lprg (closed Int Req n Int (metric n -`` {N})) \
\ (moving Int Req n Int (metric n -`` lessThan N))";
-br ([subset_imp_LeadsTo, LeadsTo_Un] MRS LeadsTo_Trans) 1;
+by (rtac ([subset_imp_LeadsTo, LeadsTo_Un] MRS LeadsTo_Trans) 1);
by (etac E_thm16b 4);
by (etac E_thm16a 3);
by (rtac id_in_Acts 2);
-bd E_thm16c 1;
+by (dtac E_thm16c 1);
by (Blast_tac 1);
qed "lift_5";
@@ -367,9 +375,10 @@
(*lemma used to prove lem_lift_3_1*)
Goal "[| metric n s = 0; Min <= floor s; floor s <= Max |] ==> floor s = n";
-be rev_mp 1;
-by (asm_simp_tac (simpset() addsimps metric_simps) 1);
-by Auto_tac;
+by (etac rev_mp 1);
+ (*MUCH faster than metric_simps*)
+by (asm_simp_tac (simpset() addsimps [metric_def]) 1);
+by (auto_tac (claset(), simpset() addsimps metric_simps));
qed "metric_eq_0D";
AddDs [metric_eq_0D];
@@ -379,7 +388,7 @@
Goal "LeadsTo Lprg (moving Int Req n Int (metric n -`` {0})) \
\ (stopped Int atFloor n)";
by (cut_facts_tac [bounded] 1);
-by (ensures_tac defs "request_act" 1);
+by (ensures_tac "request_act" 1);
by Auto_tac;
qed "E_thm11";
@@ -387,7 +396,7 @@
Goal "LeadsTo Lprg \
\ (moving Int Req n Int (metric n -`` {N}) Int {s. floor s : req s}) \
\ (stopped Int Req n Int (metric n -`` {N}) Int {s. floor s : req s})";
-by (ensures_tac defs "request_act" 1);
+by (ensures_tac "request_act" 1);
by (auto_tac (claset(), simpset() addsimps metric_simps));
qed "E_thm13";
@@ -396,8 +405,8 @@
\ LeadsTo Lprg \
\ (stopped Int Req n Int (metric n -`` {N}) Int {s. floor s : req s}) \
\ (opened Int Req n Int (metric n -`` {N}))";
-by (ensures_tac defs "open_act" 1);
-by (REPEAT_FIRST (etac rev_mp'));
+by (ensures_tac "open_act" 1);
+by (REPEAT_FIRST (eresolve_tac mov_metrics));
by (auto_tac (claset(), simpset() addsimps metric_simps));
qed "E_thm14";
@@ -405,7 +414,7 @@
Goal "LeadsTo Lprg \
\ (opened Int Req n Int (metric n -`` {N})) \
\ (closed Int Req n Int (metric n -`` {N}))";
-by (ensures_tac defs "close_act" 1);
+by (ensures_tac "close_act" 1);
by (auto_tac (claset(), simpset() addsimps metric_simps));
qed "E_thm15";
@@ -423,36 +432,35 @@
Goal "LeadsTo Lprg (moving Int Req n) (stopped Int atFloor n)";
-br (allI RS LessThan_induct) 1;
+by (rtac (allI RS LessThan_induct) 1);
by (exhaust_tac "m" 1);
-auto();
-br E_thm11 1;
-br ([asm_rl, Un_upper1] MRS LeadsTo_weaken_R) 1;
-br ([subset_imp_LeadsTo, LeadsTo_Un] MRS LeadsTo_Trans) 1;
-br lift_3_Req 4;
-br lift_4 3;
-auto();
+by Auto_tac;
+by (rtac E_thm11 1);
+by (rtac ([asm_rl, Un_upper1] MRS LeadsTo_weaken_R) 1);
+by (rtac ([subset_imp_LeadsTo, LeadsTo_Un] MRS LeadsTo_Trans) 1);
+by (rtac lift_3_Req 4);
+by (rtac lift_4 3);
+by Auto_tac;
qed "lift_3";
Goal "LeadsTo Lprg (Req n) (opened Int atFloor n)";
-br LeadsTo_Trans 1;
-br (E_thm04 RS LeadsTo_Un) 2;
-br LeadsTo_Un_post' 2;
-br (E_thm01 RS LeadsTo_Trans_Un') 2;
-br (lift_3 RS LeadsTo_Trans_Un') 2;
-br (lift_2 RS LeadsTo_Trans_Un') 2;
-br (E_thm03 RS LeadsTo_Trans_Un') 2;
-br E_thm02 2;
-br (open_move RS Invariant_LeadsToI) 1;
-br (open_stop RS Invariant_LeadsToI) 1;
-br subset_imp_LeadsTo 1;
+by (rtac LeadsTo_Trans 1);
+by (rtac (E_thm04 RS LeadsTo_Un) 2);
+by (rtac LeadsTo_Un_post' 2);
+by (rtac (E_thm01 RS LeadsTo_Trans_Un') 2);
+by (rtac (lift_3 RS LeadsTo_Trans_Un') 2);
+by (rtac (lift_2 RS LeadsTo_Trans_Un') 2);
+by (rtac (E_thm03 RS LeadsTo_Trans_Un') 2);
+by (rtac E_thm02 2);
+by (rtac (open_move RS Invariant_LeadsToI) 1);
+by (rtac (open_stop RS Invariant_LeadsToI) 1);
+by (rtac subset_imp_LeadsTo 1);
by (rtac id_in_Acts 2);
-bws defs;
by (Clarify_tac 1);
(*stops simplification from looping*)
by (Full_simp_tac 1);
-by (REPEAT (Safe_step_tac 1 ORELSE Blast_tac 1));
+by (Blast_tac 1);
qed "lift_1";
Close_locale;