(*  Title:      HOL/UNITY/FP
```
Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
```
Copyright   1998  University of Cambridge
```
```     4
```
From Misra, "A Logic for Concurrent Programming", 1994
```
)
```
```     7
```
header{*Fixed Point of a Program*}
```
```     9
```
theory FP imports UNITY begin
```
```    11
```
definition FP_Orig :: "'a program => 'a set" where
```
"FP_Orig F == Union{A. ALL B. F : stable (A Int B)}"
```
```    14
```
definition FP :: "'a program => 'a set" where
```
"FP F == {s. F : stable {s}}"
```
```    17
```
lemma stable_FP_Orig_Int: "F : stable (FP_Orig F Int B)"
```
apply (simp only: FP_Orig_def stable_def Int_Union2)
```
apply (blast intro: constrains_UN)
```
done
```
```    22
```
lemma FP_Orig_weakest:
```
"(!!B. F : stable (A Int B)) ==> A <= FP_Orig F"
```
by (simp add: FP_Orig_def stable_def, blast)
```
```    26
```
lemma stable_FP_Int: "F : stable (FP F Int B)"
```
apply (subgoal_tac "FP F Int B = (UN x:B. FP F Int {x}) ")
```
prefer 2 apply blast
```
apply (simp (no_asm_simp) add: Int_insert_right)
```
apply (simp add: FP_def stable_def)
```
apply (rule constrains_UN)
```
apply (simp (no_asm))
```
done
```
```    35
```
lemma FP_equivalence: "FP F = FP_Orig F"
```
apply (rule equalityI)
```
apply (rule stable_FP_Int [THEN FP_Orig_weakest])
```
apply (simp add: FP_Orig_def FP_def, clarify)
```
apply (drule_tac x = "{x}" in spec)
```
apply (simp add: Int_insert_right)
```
done
```
```    43
```
lemma FP_weakest:
```
"(!!B. F : stable (A Int B)) ==> A <= FP F"
```
by (simp add: FP_equivalence FP_Orig_weakest)
```
```    47
```
lemma Compl_FP:
```
"-(FP F) = (UN act: Acts F. -{s. act``{s} <= {s}})"
```
by (simp add: FP_def stable_def constrains_def, blast)
```
```    51
```
lemma Diff_FP: "A - (FP F) = (UN act: Acts F. A - {s. act``{s} <= {s}})"
```
by (simp add: Diff_eq Compl_FP)
```
```    54
```
lemma totalize_FP [simp]: "FP (totalize F) = FP F"
```
by (simp add: FP_def)
```
```    57
```
end
```