diff -r 0318b43ee95c -r 750c533459b1 src/HOL/TLA/Action.thy --- a/src/HOL/TLA/Action.thy Fri Jun 26 11:44:22 2015 +0200 +++ b/src/HOL/TLA/Action.thy Fri Jun 26 14:53:15 2015 +0200 @@ -12,40 +12,40 @@ (** abstract syntax **) -type_synonym 'a trfun = "(state * state) => 'a" +type_synonym 'a trfun = "(state * state) \ 'a" type_synonym action = "bool trfun" instance prod :: (world, world) world .. consts (** abstract syntax **) - before :: "'a stfun => 'a trfun" - after :: "'a stfun => 'a trfun" - unch :: "'a stfun => action" + before :: "'a stfun \ 'a trfun" + after :: "'a stfun \ 'a trfun" + unch :: "'a stfun \ action" - SqAct :: "[action, 'a stfun] => action" - AnAct :: "[action, 'a stfun] => action" - enabled :: "action => stpred" + SqAct :: "[action, 'a stfun] \ action" + AnAct :: "[action, 'a stfun] \ action" + enabled :: "action \ stpred" (** concrete syntax **) syntax (* Syntax for writing action expressions in arbitrary contexts *) - "_ACT" :: "lift => 'a" ("(ACT _)") + "_ACT" :: "lift \ 'a" ("(ACT _)") - "_before" :: "lift => lift" ("($_)" [100] 99) - "_after" :: "lift => lift" ("(_$)" [100] 99) - "_unchanged" :: "lift => lift" ("(unchanged _)" [100] 99) + "_before" :: "lift \ lift" ("($_)" [100] 99) + "_after" :: "lift \ lift" ("(_$)" [100] 99) + "_unchanged" :: "lift \ lift" ("(unchanged _)" [100] 99) (*** Priming: same as "after" ***) - "_prime" :: "lift => lift" ("(_`)" [100] 99) + "_prime" :: "lift \ lift" ("(_`)" [100] 99) - "_SqAct" :: "[lift, lift] => lift" ("([_]'_(_))" [0,1000] 99) - "_AnAct" :: "[lift, lift] => lift" ("(<_>'_(_))" [0,1000] 99) - "_Enabled" :: "lift => lift" ("(Enabled _)" [100] 100) + "_SqAct" :: "[lift, lift] \ lift" ("([_]'_(_))" [0,1000] 99) + "_AnAct" :: "[lift, lift] \ lift" ("(<_>'_(_))" [0,1000] 99) + "_Enabled" :: "lift \ lift" ("(Enabled _)" [100] 100) translations - "ACT A" => "(A::state*state => _)" + "ACT A" => "(A::state*state \ _)" "_before" == "CONST before" "_after" == "CONST after" "_prime" => "_after" @@ -59,16 +59,16 @@ "w |= unchanged f" <= "_unchanged f w" axiomatization where - unl_before: "(ACT $v) (s,t) == v s" and - unl_after: "(ACT v$) (s,t) == v t" and + unl_before: "(ACT $v) (s,t) \ v s" and + unl_after: "(ACT v$) (s,t) \ v t" and - unchanged_def: "(s,t) |= unchanged v == (v t = v s)" + unchanged_def: "(s,t) \ unchanged v \ (v t = v s)" defs - square_def: "ACT [A]_v == ACT (A | unchanged v)" - angle_def: "ACT _v == ACT (A & \ unchanged v)" + square_def: "ACT [A]_v \ ACT (A \ unchanged v)" + angle_def: "ACT _v \ ACT (A \ \ unchanged v)" - enabled_def: "s |= Enabled A == \u. (s,u) |= A" + enabled_def: "s \ Enabled A \ \u. (s,u) \ A" (* The following assertion specializes "intI" for any world type @@ -76,22 +76,22 @@ *) lemma actionI [intro!]: - assumes "\s t. (s,t) |= A" - shows "|- A" + assumes "\s t. (s,t) \ A" + shows "\ A" apply (rule assms intI prod.induct)+ done -lemma actionD [dest]: "|- A ==> (s,t) |= A" +lemma actionD [dest]: "\ A \ (s,t) \ A" apply (erule intD) done lemma pr_rews [int_rewrite]: - "|- (#c)` = #c" - "\f. |- f` = f" - "\f. |- f` = f" - "\f. |- f` = f" - "|- (\x. P x)` = (\x. (P x)`)" - "|- (\x. P x)` = (\x. (P x)`)" + "\ (#c)` = #c" + "\f. \ f` = f" + "\f. \ f` = f" + "\f. \ f` = f" + "\ (\x. P x)` = (\x. (P x)`)" + "\ (\x. P x)` = (\x. (P x)`)" by (rule actionI, unfold unl_after intensional_rews, rule refl)+ @@ -112,7 +112,7 @@ (rewrite_rule ctxt @{thms action_rews} (th RS @{thm actionD})) handle THM _ => int_unlift ctxt th; -(* Turn |- A = B into meta-level rewrite rule A == B *) +(* Turn \ A = B into meta-level rewrite rule A == B *) val action_rewrite = int_rewrite fun action_use ctxt th = @@ -132,69 +132,69 @@ (* =========================== square / angle brackets =========================== *) -lemma idle_squareI: "(s,t) |= unchanged v ==> (s,t) |= [A]_v" +lemma idle_squareI: "(s,t) \ unchanged v \ (s,t) \ [A]_v" by (simp add: square_def) -lemma busy_squareI: "(s,t) |= A ==> (s,t) |= [A]_v" +lemma busy_squareI: "(s,t) \ A \ (s,t) \ [A]_v" by (simp add: square_def) lemma squareE [elim]: - "[| (s,t) |= [A]_v; A (s,t) ==> B (s,t); v t = v s ==> B (s,t) |] ==> B (s,t)" + "\ (s,t) \ [A]_v; A (s,t) \ B (s,t); v t = v s \ B (s,t) \ \ B (s,t)" apply (unfold square_def action_rews) apply (erule disjE) apply simp_all done -lemma squareCI [intro]: "[| v t \ v s ==> A (s,t) |] ==> (s,t) |= [A]_v" +lemma squareCI [intro]: "\ v t \ v s \ A (s,t) \ \ (s,t) \ [A]_v" apply (unfold square_def action_rews) apply (rule disjCI) apply (erule (1) meta_mp) done -lemma angleI [intro]: "\s t. [| A (s,t); v t \ v s |] ==> (s,t) |= _v" +lemma angleI [intro]: "\s t. \ A (s,t); v t \ v s \ \ (s,t) \ _v" by (simp add: angle_def) -lemma angleE [elim]: "[| (s,t) |= _v; [| A (s,t); v t \ v s |] ==> R |] ==> R" +lemma angleE [elim]: "\ (s,t) \ _v; \ A (s,t); v t \ v s \ \ R \ \ R" apply (unfold angle_def action_rews) apply (erule conjE) apply simp done lemma square_simulation: - "\f. [| |- unchanged f & \B --> unchanged g; - |- A & \unchanged g --> B - |] ==> |- [A]_f --> [B]_g" + "\f. \ \ unchanged f & \B \ unchanged g; + \ A & \unchanged g \ B + \ \ \ [A]_f \ [B]_g" apply clarsimp apply (erule squareE) apply (auto simp add: square_def) done -lemma not_square: "|- (\ [A]_v) = <\A>_v" +lemma not_square: "\ (\ [A]_v) = <\A>_v" by (auto simp: square_def angle_def) -lemma not_angle: "|- (\ _v) = [\A]_v" +lemma not_angle: "\ (\ _v) = [\A]_v" by (auto simp: square_def angle_def) (* ============================== Facts about ENABLED ============================== *) -lemma enabledI: "|- A --> $Enabled A" +lemma enabledI: "\ A \ $Enabled A" by (auto simp add: enabled_def) -lemma enabledE: "[| s |= Enabled A; \u. A (s,u) ==> Q |] ==> Q" +lemma enabledE: "\ s \ Enabled A; \u. A (s,u) \ Q \ \ Q" apply (unfold enabled_def) apply (erule exE) apply simp done -lemma notEnabledD: "|- \$Enabled G --> \ G" +lemma notEnabledD: "\ \$Enabled G \ \ G" by (auto simp add: enabled_def) (* Monotonicity *) lemma enabled_mono: - assumes min: "s |= Enabled F" - and maj: "|- F --> G" - shows "s |= Enabled G" + assumes min: "s \ Enabled F" + and maj: "\ F \ G" + shows "s \ Enabled G" apply (rule min [THEN enabledE]) apply (rule enabledI [action_use]) apply (erule maj [action_use]) @@ -202,50 +202,50 @@ (* stronger variant *) lemma enabled_mono2: - assumes min: "s |= Enabled F" - and maj: "\t. F (s,t) ==> G (s,t)" - shows "s |= Enabled G" + assumes min: "s \ Enabled F" + and maj: "\t. F (s,t) \ G (s,t)" + shows "s \ Enabled G" apply (rule min [THEN enabledE]) apply (rule enabledI [action_use]) apply (erule maj) done -lemma enabled_disj1: "|- Enabled F --> Enabled (F | G)" +lemma enabled_disj1: "\ Enabled F \ Enabled (F | G)" by (auto elim!: enabled_mono) -lemma enabled_disj2: "|- Enabled G --> Enabled (F | G)" +lemma enabled_disj2: "\ Enabled G \ Enabled (F | G)" by (auto elim!: enabled_mono) -lemma enabled_conj1: "|- Enabled (F & G) --> Enabled F" +lemma enabled_conj1: "\ Enabled (F & G) \ Enabled F" by (auto elim!: enabled_mono) -lemma enabled_conj2: "|- Enabled (F & G) --> Enabled G" +lemma enabled_conj2: "\ Enabled (F & G) \ Enabled G" by (auto elim!: enabled_mono) lemma enabled_conjE: - "[| s |= Enabled (F & G); [| s |= Enabled F; s |= Enabled G |] ==> Q |] ==> Q" + "\ s \ Enabled (F & G); \ s \ Enabled F; s \ Enabled G \ \ Q \ \ Q" apply (frule enabled_conj1 [action_use]) apply (drule enabled_conj2 [action_use]) apply simp done -lemma enabled_disjD: "|- Enabled (F | G) --> Enabled F | Enabled G" +lemma enabled_disjD: "\ Enabled (F | G) \ Enabled F | Enabled G" by (auto simp add: enabled_def) -lemma enabled_disj: "|- Enabled (F | G) = (Enabled F | Enabled G)" +lemma enabled_disj: "\ Enabled (F | G) = (Enabled F | Enabled G)" apply clarsimp apply (rule iffI) apply (erule enabled_disjD [action_use]) apply (erule disjE enabled_disj1 [action_use] enabled_disj2 [action_use])+ done -lemma enabled_ex: "|- Enabled (\x. F x) = (\x. Enabled (F x))" +lemma enabled_ex: "\ Enabled (\x. F x) = (\x. Enabled (F x))" by (force simp add: enabled_def) (* A rule that combines enabledI and baseE, but generates fewer instantiations *) lemma base_enabled: - "[| basevars vs; \c. \u. vs u = c --> A(s,u) |] ==> s |= Enabled A" + "\ basevars vs; \c. \u. vs u = c \ A(s,u) \ \ s \ Enabled A" apply (erule exE) apply (erule baseE) apply (rule enabledI [action_use]) @@ -294,7 +294,7 @@ lemma assumes "basevars (x,y,z)" - shows "|- x --> Enabled ($x & (y$ = #False))" + shows "\ x \ Enabled ($x & (y$ = #False))" apply (enabled assms) apply auto done