diff -r bb18eed53ed6 -r a1119cf551e8 src/HOL/Nominal/Examples/Crary.thy --- a/src/HOL/Nominal/Examples/Crary.thy Tue Aug 13 14:20:22 2013 +0200 +++ b/src/HOL/Nominal/Examples/Crary.thy Tue Aug 13 16:25:47 2013 +0200 @@ -43,7 +43,7 @@ lemma ty_cases: fixes T::ty - shows "(\ T\<^isub>1 T\<^isub>2. T=T\<^isub>1\T\<^isub>2) \ T=TUnit \ T=TBase" + shows "(\ T\<^sub>1 T\<^sub>2. T=T\<^sub>1\T\<^sub>2) \ T=TUnit \ T=TBase" by (induct T rule:ty.induct) (auto) instantiation ty :: size @@ -53,7 +53,7 @@ where "size (TBase) = 1" | "size (TUnit) = 1" -| "size (T\<^isub>1\T\<^isub>2) = size T\<^isub>1 + size T\<^isub>2" +| "size (T\<^sub>1\T\<^sub>2) = size T\<^sub>1 + size T\<^sub>2" by (rule TrueI)+ instance .. @@ -97,7 +97,7 @@ psubst :: "Subst \ trm \ trm" ("_<_>" [100,100] 130) where "\<(Var x)> = (lookup \ x)" -| "\<(App t\<^isub>1 t\<^isub>2)> = App \1> \2>" +| "\<(App t\<^sub>1 t\<^sub>2)> = App \1> \2>" | "x\\ \ \<(Lam [x].t)> = Lam [x].(\)" | "\<(Const n)> = Const n" | "\<(Unit)> = Unit" @@ -114,7 +114,7 @@ lemma subst[simp]: shows "(Var x)[y::=t'] = (if x=y then t' else (Var x))" - and "(App t\<^isub>1 t\<^isub>2)[y::=t'] = App (t\<^isub>1[y::=t']) (t\<^isub>2[y::=t'])" + and "(App t\<^sub>1 t\<^sub>2)[y::=t'] = App (t\<^sub>1[y::=t']) (t\<^sub>2[y::=t'])" and "x\(y,t') \ (Lam [x].t)[y::=t'] = Lam [x].(t[y::=t'])" and "Const n[y::=t'] = Const n" and "Unit [y::=t'] = Unit" @@ -128,10 +128,10 @@ lemma subst_rename: fixes c::"name" - assumes a: "c\t\<^isub>1" - shows "t\<^isub>1[a::=t\<^isub>2] = ([(c,a)]\t\<^isub>1)[c::=t\<^isub>2]" + assumes a: "c\t\<^sub>1" + shows "t\<^sub>1[a::=t\<^sub>2] = ([(c,a)]\t\<^sub>1)[c::=t\<^sub>2]" using a -apply(nominal_induct t\<^isub>1 avoiding: a c t\<^isub>2 rule: trm.strong_induct) +apply(nominal_induct t\<^sub>1 avoiding: a c t\<^sub>2 rule: trm.strong_induct) apply(simp add: trm.inject calc_atm fresh_atm abs_fresh perm_nat_def)+ done @@ -145,24 +145,24 @@ lemma fresh_subst'': fixes z::"name" - assumes "z\t\<^isub>2" - shows "z\t\<^isub>1[z::=t\<^isub>2]" + assumes "z\t\<^sub>2" + shows "z\t\<^sub>1[z::=t\<^sub>2]" using assms -by (nominal_induct t\<^isub>1 avoiding: t\<^isub>2 z rule: trm.strong_induct) +by (nominal_induct t\<^sub>1 avoiding: t\<^sub>2 z rule: trm.strong_induct) (auto simp add: abs_fresh fresh_nat fresh_atm) lemma fresh_subst': fixes z::"name" - assumes "z\[y].t\<^isub>1" "z\t\<^isub>2" - shows "z\t\<^isub>1[y::=t\<^isub>2]" + assumes "z\[y].t\<^sub>1" "z\t\<^sub>2" + shows "z\t\<^sub>1[y::=t\<^sub>2]" using assms -by (nominal_induct t\<^isub>1 avoiding: y t\<^isub>2 z rule: trm.strong_induct) +by (nominal_induct t\<^sub>1 avoiding: y t\<^sub>2 z rule: trm.strong_induct) (auto simp add: abs_fresh fresh_nat fresh_atm) lemma fresh_subst: fixes z::"name" - assumes a: "z\t\<^isub>1" "z\t\<^isub>2" - shows "z\t\<^isub>1[y::=t\<^isub>2]" + assumes a: "z\t\<^sub>1" "z\t\<^sub>2" + shows "z\t\<^sub>1[y::=t\<^sub>2]" using a by (auto simp add: fresh_subst' abs_fresh) @@ -193,17 +193,17 @@ lemma subst_fun_eq: fixes u::trm - assumes h:"[x].t\<^isub>1 = [y].t\<^isub>2" - shows "t\<^isub>1[x::=u] = t\<^isub>2[y::=u]" + assumes h:"[x].t\<^sub>1 = [y].t\<^sub>2" + shows "t\<^sub>1[x::=u] = t\<^sub>2[y::=u]" proof - { - assume "x=y" and "t\<^isub>1=t\<^isub>2" + assume "x=y" and "t\<^sub>1=t\<^sub>2" then have ?thesis using h by simp } moreover { - assume h1:"x \ y" and h2:"t\<^isub>1=[(x,y)] \ t\<^isub>2" and h3:"x \ t\<^isub>2" - then have "([(x,y)] \ t\<^isub>2)[x::=u] = t\<^isub>2[y::=u]" by (simp add: subst_rename) + assume h1:"x \ y" and h2:"t\<^sub>1=[(x,y)] \ t\<^sub>2" and h3:"x \ t\<^sub>2" + then have "([(x,y)] \ t\<^sub>2)[x::=u] = t\<^sub>2[y::=u]" by (simp add: subst_rename) then have ?thesis using h2 by simp } ultimately show ?thesis using alpha h by blast @@ -275,13 +275,13 @@ abbreviation "sub_context" :: "Ctxt \ Ctxt \ bool" (" _ \ _ " [55,55] 55) where - "\\<^isub>1 \ \\<^isub>2 \ \a T. (a,T)\set \\<^isub>1 \ (a,T)\set \\<^isub>2" + "\\<^sub>1 \ \\<^sub>2 \ \a T. (a,T)\set \\<^sub>1 \ (a,T)\set \\<^sub>2" lemma valid_monotonicity[elim]: fixes \ \' :: Ctxt assumes a: "\ \ \'" and b: "x\\'" - shows "(x,T\<^isub>1)#\ \ (x,T\<^isub>1)#\'" + shows "(x,T\<^sub>1)#\ \ (x,T\<^sub>1)#\'" using a b by auto lemma fresh_context: @@ -295,9 +295,9 @@ lemma type_unicity_in_context: assumes a: "valid \" - and b: "(x,T\<^isub>1) \ set \" - and c: "(x,T\<^isub>2) \ set \" - shows "T\<^isub>1=T\<^isub>2" + and b: "(x,T\<^sub>1) \ set \" + and c: "(x,T\<^sub>2) \ set \" + shows "T\<^sub>1=T\<^sub>2" using a b c by (induct \) (auto dest!: fresh_context) @@ -306,8 +306,8 @@ typing :: "Ctxt\trm\ty\bool" (" _ \ _ : _ " [60,60,60] 60) where T_Var[intro]: "\valid \; (x,T)\set \\ \ \ \ Var x : T" -| T_App[intro]: "\\ \ e\<^isub>1 : T\<^isub>1\T\<^isub>2; \ \ e\<^isub>2 : T\<^isub>1\ \ \ \ App e\<^isub>1 e\<^isub>2 : T\<^isub>2" -| T_Lam[intro]: "\x\\; (x,T\<^isub>1)#\ \ t : T\<^isub>2\ \ \ \ Lam [x].t : T\<^isub>1\T\<^isub>2" +| T_App[intro]: "\\ \ e\<^sub>1 : T\<^sub>1\T\<^sub>2; \ \ e\<^sub>2 : T\<^sub>1\ \ \ \ App e\<^sub>1 e\<^sub>2 : T\<^sub>2" +| T_Lam[intro]: "\x\\; (x,T\<^sub>1)#\ \ t : T\<^sub>2\ \ \ \ Lam [x].t : T\<^sub>1\T\<^sub>2" | T_Const[intro]: "valid \ \ \ \ Const n : TBase" | T_Unit[intro]: "valid \ \ \ \ Unit : TUnit" @@ -344,12 +344,12 @@ Q_Refl[intro]: "\ \ t : T \ \ \ t \ t : T" | Q_Symm[intro]: "\ \ t \ s : T \ \ \ s \ t : T" | Q_Trans[intro]: "\\ \ s \ t : T; \ \ t \ u : T\ \ \ \ s \ u : T" -| Q_Abs[intro]: "\x\\; (x,T\<^isub>1)#\ \ s\<^isub>2 \ t\<^isub>2 : T\<^isub>2\ \ \ \ Lam [x]. s\<^isub>2 \ Lam [x]. t\<^isub>2 : T\<^isub>1 \ T\<^isub>2" -| Q_App[intro]: "\\ \ s\<^isub>1 \ t\<^isub>1 : T\<^isub>1 \ T\<^isub>2 ; \ \ s\<^isub>2 \ t\<^isub>2 : T\<^isub>1\ \ \ \ App s\<^isub>1 s\<^isub>2 \ App t\<^isub>1 t\<^isub>2 : T\<^isub>2" -| Q_Beta[intro]: "\x\(\,s\<^isub>2,t\<^isub>2); (x,T\<^isub>1)#\ \ s\<^isub>1 \ t\<^isub>1 : T\<^isub>2 ; \ \ s\<^isub>2 \ t\<^isub>2 : T\<^isub>1\ - \ \ \ App (Lam [x]. s\<^isub>1) s\<^isub>2 \ t\<^isub>1[x::=t\<^isub>2] : T\<^isub>2" -| Q_Ext[intro]: "\x\(\,s,t); (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2\ - \ \ \ s \ t : T\<^isub>1 \ T\<^isub>2" +| Q_Abs[intro]: "\x\\; (x,T\<^sub>1)#\ \ s\<^sub>2 \ t\<^sub>2 : T\<^sub>2\ \ \ \ Lam [x]. s\<^sub>2 \ Lam [x]. t\<^sub>2 : T\<^sub>1 \ T\<^sub>2" +| Q_App[intro]: "\\ \ s\<^sub>1 \ t\<^sub>1 : T\<^sub>1 \ T\<^sub>2 ; \ \ s\<^sub>2 \ t\<^sub>2 : T\<^sub>1\ \ \ \ App s\<^sub>1 s\<^sub>2 \ App t\<^sub>1 t\<^sub>2 : T\<^sub>2" +| Q_Beta[intro]: "\x\(\,s\<^sub>2,t\<^sub>2); (x,T\<^sub>1)#\ \ s\<^sub>1 \ t\<^sub>1 : T\<^sub>2 ; \ \ s\<^sub>2 \ t\<^sub>2 : T\<^sub>1\ + \ \ \ App (Lam [x]. s\<^sub>1) s\<^sub>2 \ t\<^sub>1[x::=t\<^sub>2] : T\<^sub>2" +| Q_Ext[intro]: "\x\(\,s,t); (x,T\<^sub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^sub>2\ + \ \ \ s \ t : T\<^sub>1 \ T\<^sub>2" | Q_Unit[intro]: "\\ \ s : TUnit; \ \ t: TUnit\ \ \ \ s \ t : TUnit" equivariance def_equiv @@ -367,8 +367,8 @@ inductive whr_def :: "trm\trm\bool" ("_ \ _" [80,80] 80) where - QAR_Beta[intro]: "App (Lam [x]. t\<^isub>1) t\<^isub>2 \ t\<^isub>1[x::=t\<^isub>2]" -| QAR_App[intro]: "t\<^isub>1 \ t\<^isub>1' \ App t\<^isub>1 t\<^isub>2 \ App t\<^isub>1' t\<^isub>2" + QAR_Beta[intro]: "App (Lam [x]. t\<^sub>1) t\<^sub>2 \ t\<^sub>1[x::=t\<^sub>2]" +| QAR_App[intro]: "t\<^sub>1 \ t\<^sub>1' \ App t\<^sub>1 t\<^sub>2 \ App t\<^sub>1' t\<^sub>2" declare trm.inject [simp add] declare ty.inject [simp add] @@ -448,11 +448,11 @@ alg_path_equiv :: "Ctxt\trm\trm\ty\bool" ("_ \ _ \ _ : _" [60,60,60,60] 60) where QAT_Base[intro]: "\s \ p; t \ q; \ \ p \ q : TBase\ \ \ \ s \ t : TBase" -| QAT_Arrow[intro]: "\x\(\,s,t); (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2\ - \ \ \ s \ t : T\<^isub>1 \ T\<^isub>2" +| QAT_Arrow[intro]: "\x\(\,s,t); (x,T\<^sub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^sub>2\ + \ \ \ s \ t : T\<^sub>1 \ T\<^sub>2" | QAT_One[intro]: "valid \ \ \ \ s \ t : TUnit" | QAP_Var[intro]: "\valid \;(x,T) \ set \\ \ \ \ Var x \ Var x : T" -| QAP_App[intro]: "\\ \ p \ q : T\<^isub>1 \ T\<^isub>2; \ \ s \ t : T\<^isub>1\ \ \ \ App p s \ App q t : T\<^isub>2" +| QAP_App[intro]: "\\ \ p \ q : T\<^sub>1 \ T\<^sub>2; \ \ s \ t : T\<^sub>1\ \ \ \ App p s \ App q t : T\<^sub>2" | QAP_Const[intro]: "valid \ \ \ \ Const n \ Const n : TBase" equivariance alg_equiv @@ -466,10 +466,10 @@ inductive_cases alg_equiv_inv_auto[elim]: "\ \ s\t : TBase" - "\ \ s\t : T\<^isub>1 \ T\<^isub>2" + "\ \ s\t : T\<^sub>1 \ T\<^sub>2" "\ \ s\t : TBase" "\ \ s\t : TUnit" - "\ \ s\t : T\<^isub>1 \ T\<^isub>2" + "\ \ s\t : T\<^sub>1 \ T\<^sub>2" "\ \ Var x \ t : T" "\ \ Var x \ t : T'" @@ -487,12 +487,12 @@ lemma Q_Arrow_strong_inversion: assumes fs: "x\\" "x\t" "x\u" - and h: "\ \ t \ u : T\<^isub>1\T\<^isub>2" - shows "(x,T\<^isub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^isub>2" + and h: "\ \ t \ u : T\<^sub>1\T\<^sub>2" + shows "(x,T\<^sub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^sub>2" proof - - obtain y where fs2: "y\(\,t,u)" and "(y,T\<^isub>1)#\ \ App t (Var y) \ App u (Var y) : T\<^isub>2" + obtain y where fs2: "y\(\,t,u)" and "(y,T\<^sub>1)#\ \ App t (Var y) \ App u (Var y) : T\<^sub>2" using h by auto - then have "([(x,y)]\((y,T\<^isub>1)#\)) \ [(x,y)]\ App t (Var y) \ [(x,y)]\ App u (Var y) : T\<^isub>2" + then have "([(x,y)]\((y,T\<^sub>1)#\)) \ [(x,y)]\ App t (Var y) \ [(x,y)]\ App u (Var y) : T\<^sub>2" using alg_equiv.eqvt[simplified] by blast then show ?thesis using fs fs2 by (perm_simp) qed @@ -518,12 +518,12 @@ moreover have "valid \" "(x,T) \ set \" by fact+ ultimately show "T=T'" using type_unicity_in_context by auto next - case (QAP_App \ p q T\<^isub>1 T\<^isub>2 s t u T\<^isub>2') - have ih:"\u T. \ \ p \ u : T \ T\<^isub>1\T\<^isub>2 = T" by fact - have "\ \ App p s \ u : T\<^isub>2'" by fact - then obtain r t T\<^isub>1' where "u = App r t" "\ \ p \ r : T\<^isub>1' \ T\<^isub>2'" by auto - with ih have "T\<^isub>1\T\<^isub>2 = T\<^isub>1' \ T\<^isub>2'" by auto - then show "T\<^isub>2=T\<^isub>2'" using ty.inject by auto + case (QAP_App \ p q T\<^sub>1 T\<^sub>2 s t u T\<^sub>2') + have ih:"\u T. \ \ p \ u : T \ T\<^sub>1\T\<^sub>2 = T" by fact + have "\ \ App p s \ u : T\<^sub>2'" by fact + then obtain r t T\<^sub>1' where "u = App r t" "\ \ p \ r : T\<^sub>1' \ T\<^sub>2'" by auto + with ih have "T\<^sub>1\T\<^sub>2 = T\<^sub>1' \ T\<^sub>2'" by auto + then show "T\<^sub>2=T\<^sub>2'" using ty.inject by auto qed (auto) lemma alg_path_equiv_implies_valid: @@ -552,28 +552,28 @@ have "s \ p" by fact ultimately show "\ \ s \ u : TBase" using b2 by auto next - case (QAT_Arrow x \ s t T\<^isub>1 T\<^isub>2 u) - have ih:"(x,T\<^isub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^isub>2 - \ (x,T\<^isub>1)#\ \ App s (Var x) \ App u (Var x) : T\<^isub>2" by fact + case (QAT_Arrow x \ s t T\<^sub>1 T\<^sub>2 u) + have ih:"(x,T\<^sub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^sub>2 + \ (x,T\<^sub>1)#\ \ App s (Var x) \ App u (Var x) : T\<^sub>2" by fact have fs: "x\\" "x\s" "x\t" "x\u" by fact+ - have "\ \ t \ u : T\<^isub>1\T\<^isub>2" by fact - then have "(x,T\<^isub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^isub>2" using fs + have "\ \ t \ u : T\<^sub>1\T\<^sub>2" by fact + then have "(x,T\<^sub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^sub>2" using fs by (simp add: Q_Arrow_strong_inversion) - with ih have "(x,T\<^isub>1)#\ \ App s (Var x) \ App u (Var x) : T\<^isub>2" by simp - then show "\ \ s \ u : T\<^isub>1\T\<^isub>2" using fs by (auto simp add: fresh_prod) + with ih have "(x,T\<^sub>1)#\ \ App s (Var x) \ App u (Var x) : T\<^sub>2" by simp + then show "\ \ s \ u : T\<^sub>1\T\<^sub>2" using fs by (auto simp add: fresh_prod) next - case (QAP_App \ p q T\<^isub>1 T\<^isub>2 s t u) - have "\ \ App q t \ u : T\<^isub>2" by fact - then obtain r T\<^isub>1' v where ha: "\ \ q \ r : T\<^isub>1'\T\<^isub>2" and hb: "\ \ t \ v : T\<^isub>1'" and eq: "u = App r v" + case (QAP_App \ p q T\<^sub>1 T\<^sub>2 s t u) + have "\ \ App q t \ u : T\<^sub>2" by fact + then obtain r T\<^sub>1' v where ha: "\ \ q \ r : T\<^sub>1'\T\<^sub>2" and hb: "\ \ t \ v : T\<^sub>1'" and eq: "u = App r v" by auto - have ih1: "\ \ q \ r : T\<^isub>1\T\<^isub>2 \ \ \ p \ r : T\<^isub>1\T\<^isub>2" by fact - have ih2:"\ \ t \ v : T\<^isub>1 \ \ \ s \ v : T\<^isub>1" by fact - have "\ \ p \ q : T\<^isub>1\T\<^isub>2" by fact - then have "\ \ q \ p : T\<^isub>1\T\<^isub>2" by (simp add: algorithmic_symmetry) - with ha have "T\<^isub>1'\T\<^isub>2 = T\<^isub>1\T\<^isub>2" using algorithmic_path_type_unicity by simp - then have "T\<^isub>1' = T\<^isub>1" by (simp add: ty.inject) - then have "\ \ s \ v : T\<^isub>1" "\ \ p \ r : T\<^isub>1\T\<^isub>2" using ih1 ih2 ha hb by auto - then show "\ \ App p s \ u : T\<^isub>2" using eq by auto + have ih1: "\ \ q \ r : T\<^sub>1\T\<^sub>2 \ \ \ p \ r : T\<^sub>1\T\<^sub>2" by fact + have ih2:"\ \ t \ v : T\<^sub>1 \ \ \ s \ v : T\<^sub>1" by fact + have "\ \ p \ q : T\<^sub>1\T\<^sub>2" by fact + then have "\ \ q \ p : T\<^sub>1\T\<^sub>2" by (simp add: algorithmic_symmetry) + with ha have "T\<^sub>1'\T\<^sub>2 = T\<^sub>1\T\<^sub>2" using algorithmic_path_type_unicity by simp + then have "T\<^sub>1' = T\<^sub>1" by (simp add: ty.inject) + then have "\ \ s \ v : T\<^sub>1" "\ \ p \ r : T\<^sub>1\T\<^sub>2" using ih1 ih2 ha hb by auto + then show "\ \ App p s \ u : T\<^sub>2" using eq by auto qed (auto) lemma algorithmic_weak_head_closure: @@ -587,16 +587,16 @@ shows "\ \ s \ t : T \ \ \ \' \ valid \' \ \' \ s \ t : T" and "\ \ s \ t : T \ \ \ \' \ valid \' \ \' \ s \ t : T" proof (nominal_induct \ s t T and \ s t T avoiding: \' rule: alg_equiv_alg_path_equiv.strong_inducts) - case (QAT_Arrow x \ s t T\<^isub>1 T\<^isub>2 \') + case (QAT_Arrow x \ s t T\<^sub>1 T\<^sub>2 \') have fs:"x\\" "x\s" "x\t" "x\\'" by fact+ have h2:"\ \ \'" by fact - have ih:"\\'. \(x,T\<^isub>1)#\ \ \'; valid \'\ \ \' \ App s (Var x) \ App t (Var x) : T\<^isub>2" by fact + have ih:"\\'. \(x,T\<^sub>1)#\ \ \'; valid \'\ \ \' \ App s (Var x) \ App t (Var x) : T\<^sub>2" by fact have "valid \'" by fact - then have "valid ((x,T\<^isub>1)#\')" using fs by auto + then have "valid ((x,T\<^sub>1)#\')" using fs by auto moreover - have sub: "(x,T\<^isub>1)#\ \ (x,T\<^isub>1)#\'" using h2 by auto - ultimately have "(x,T\<^isub>1)#\' \ App s (Var x) \ App t (Var x) : T\<^isub>2" using ih by simp - then show "\' \ s \ t : T\<^isub>1\T\<^isub>2" using fs by (auto simp add: fresh_prod) + have sub: "(x,T\<^sub>1)#\ \ (x,T\<^sub>1)#\'" using h2 by auto + ultimately have "(x,T\<^sub>1)#\' \ App s (Var x) \ App t (Var x) : T\<^sub>2" using ih by simp + then show "\' \ s \ t : T\<^sub>1\T\<^sub>2" using fs by (auto simp add: fresh_prod) qed (auto) lemma path_equiv_implies_nf: @@ -611,10 +611,10 @@ where "\ \ s is t : TUnit = True" | "\ \ s is t : TBase = \ \ s \ t : TBase" - | "\ \ s is t : (T\<^isub>1 \ T\<^isub>2) = - (\\' s' t'. \\\' \ valid \' \ \' \ s' is t' : T\<^isub>1 \ (\' \ (App s s') is (App t t') : T\<^isub>2))" + | "\ \ s is t : (T\<^sub>1 \ T\<^sub>2) = + (\\' s' t'. \\\' \ valid \' \ \' \ s' is t' : T\<^sub>1 \ (\' \ (App s s') is (App t t') : T\<^sub>2))" apply (auto simp add: ty.inject) -apply (subgoal_tac "(\T\<^isub>1 T\<^isub>2. b=T\<^isub>1 \ T\<^isub>2) \ b=TUnit \ b=TBase" ) +apply (subgoal_tac "(\T\<^sub>1 T\<^sub>2. b=T\<^sub>1 \ T\<^sub>2) \ b=TUnit \ b=TBase" ) apply (force) apply (rule ty_cases) done @@ -632,45 +632,45 @@ case (2 \ s t \') then show "\' \ s is t : TBase" using algorithmic_monotonicity by auto next - case (3 \ s t T\<^isub>1 T\<^isub>2 \') - have "\ \ s is t : T\<^isub>1\T\<^isub>2" + case (3 \ s t T\<^sub>1 T\<^sub>2 \') + have "\ \ s is t : T\<^sub>1\T\<^sub>2" and "\ \ \'" and "valid \'" by fact+ - then show "\' \ s is t : T\<^isub>1\T\<^isub>2" by simp + then show "\' \ s is t : T\<^sub>1\T\<^sub>2" by simp qed (auto) lemma main_lemma: shows "\ \ s is t : T \ valid \ \ \ \ s \ t : T" and "\ \ p \ q : T \ \ \ p is q : T" proof (nominal_induct T arbitrary: \ s t p q rule: ty.strong_induct) - case (Arrow T\<^isub>1 T\<^isub>2) + case (Arrow T\<^sub>1 T\<^sub>2) { case (1 \ s t) - have ih1:"\\ s t. \\ \ s is t : T\<^isub>2; valid \\ \ \ \ s \ t : T\<^isub>2" by fact - have ih2:"\\ s t. \ \ s \ t : T\<^isub>1 \ \ \ s is t : T\<^isub>1" by fact - have h:"\ \ s is t : T\<^isub>1\T\<^isub>2" by fact + have ih1:"\\ s t. \\ \ s is t : T\<^sub>2; valid \\ \ \ \ s \ t : T\<^sub>2" by fact + have ih2:"\\ s t. \ \ s \ t : T\<^sub>1 \ \ \ s is t : T\<^sub>1" by fact + have h:"\ \ s is t : T\<^sub>1\T\<^sub>2" by fact obtain x::name where fs:"x\(\,s,t)" by (erule exists_fresh[OF fs_name1]) have "valid \" by fact - then have v: "valid ((x,T\<^isub>1)#\)" using fs by auto - then have "(x,T\<^isub>1)#\ \ Var x \ Var x : T\<^isub>1" by auto - then have "(x,T\<^isub>1)#\ \ Var x is Var x : T\<^isub>1" using ih2 by auto - then have "(x,T\<^isub>1)#\ \ App s (Var x) is App t (Var x) : T\<^isub>2" using h v by auto - then have "(x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2" using ih1 v by auto - then show "\ \ s \ t : T\<^isub>1\T\<^isub>2" using fs by (auto simp add: fresh_prod) + then have v: "valid ((x,T\<^sub>1)#\)" using fs by auto + then have "(x,T\<^sub>1)#\ \ Var x \ Var x : T\<^sub>1" by auto + then have "(x,T\<^sub>1)#\ \ Var x is Var x : T\<^sub>1" using ih2 by auto + then have "(x,T\<^sub>1)#\ \ App s (Var x) is App t (Var x) : T\<^sub>2" using h v by auto + then have "(x,T\<^sub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^sub>2" using ih1 v by auto + then show "\ \ s \ t : T\<^sub>1\T\<^sub>2" using fs by (auto simp add: fresh_prod) next case (2 \ p q) - have h: "\ \ p \ q : T\<^isub>1\T\<^isub>2" by fact - have ih1:"\\ s t. \ \ s \ t : T\<^isub>2 \ \ \ s is t : T\<^isub>2" by fact - have ih2:"\\ s t. \\ \ s is t : T\<^isub>1; valid \\ \ \ \ s \ t : T\<^isub>1" by fact + have h: "\ \ p \ q : T\<^sub>1\T\<^sub>2" by fact + have ih1:"\\ s t. \ \ s \ t : T\<^sub>2 \ \ \ s is t : T\<^sub>2" by fact + have ih2:"\\ s t. \\ \ s is t : T\<^sub>1; valid \\ \ \ \ s \ t : T\<^sub>1" by fact { fix \' s t - assume "\ \ \'" and hl:"\' \ s is t : T\<^isub>1" and hk: "valid \'" - then have "\' \ p \ q : T\<^isub>1 \ T\<^isub>2" using h algorithmic_monotonicity by auto - moreover have "\' \ s \ t : T\<^isub>1" using ih2 hl hk by auto - ultimately have "\' \ App p s \ App q t : T\<^isub>2" by auto - then have "\' \ App p s is App q t : T\<^isub>2" using ih1 by auto + assume "\ \ \'" and hl:"\' \ s is t : T\<^sub>1" and hk: "valid \'" + then have "\' \ p \ q : T\<^sub>1 \ T\<^sub>2" using h algorithmic_monotonicity by auto + moreover have "\' \ s \ t : T\<^sub>1" using ih2 hl hk by auto + ultimately have "\' \ App p s \ App q t : T\<^sub>2" by auto + then have "\' \ App p s is App q t : T\<^sub>2" using ih1 by auto } - then show "\ \ p is q : T\<^isub>1\T\<^isub>2" by simp + then show "\ \ p is q : T\<^sub>1\T\<^sub>2" by simp } next case TBase @@ -703,21 +703,21 @@ case TBase then show "\ \ s is u : TBase" by (auto elim: algorithmic_transitivity) next - case (Arrow T\<^isub>1 T\<^isub>2 \ s t u) - have h1:"\ \ s is t : T\<^isub>1 \ T\<^isub>2" by fact - have h2:"\ \ t is u : T\<^isub>1 \ T\<^isub>2" by fact - have ih1:"\\ s t u. \\ \ s is t : T\<^isub>1; \ \ t is u : T\<^isub>1\ \ \ \ s is u : T\<^isub>1" by fact - have ih2:"\\ s t u. \\ \ s is t : T\<^isub>2; \ \ t is u : T\<^isub>2\ \ \ \ s is u : T\<^isub>2" by fact + case (Arrow T\<^sub>1 T\<^sub>2 \ s t u) + have h1:"\ \ s is t : T\<^sub>1 \ T\<^sub>2" by fact + have h2:"\ \ t is u : T\<^sub>1 \ T\<^sub>2" by fact + have ih1:"\\ s t u. \\ \ s is t : T\<^sub>1; \ \ t is u : T\<^sub>1\ \ \ \ s is u : T\<^sub>1" by fact + have ih2:"\\ s t u. \\ \ s is t : T\<^sub>2; \ \ t is u : T\<^sub>2\ \ \ \ s is u : T\<^sub>2" by fact { fix \' s' u' - assume hsub:"\ \ \'" and hl:"\' \ s' is u' : T\<^isub>1" and hk: "valid \'" - then have "\' \ u' is s' : T\<^isub>1" using logical_symmetry by blast - then have "\' \ u' is u' : T\<^isub>1" using ih1 hl by blast - then have "\' \ App t u' is App u u' : T\<^isub>2" using h2 hsub hk by auto - moreover have "\' \ App s s' is App t u' : T\<^isub>2" using h1 hsub hl hk by auto - ultimately have "\' \ App s s' is App u u' : T\<^isub>2" using ih2 by blast + assume hsub:"\ \ \'" and hl:"\' \ s' is u' : T\<^sub>1" and hk: "valid \'" + then have "\' \ u' is s' : T\<^sub>1" using logical_symmetry by blast + then have "\' \ u' is u' : T\<^sub>1" using ih1 hl by blast + then have "\' \ App t u' is App u u' : T\<^sub>2" using h2 hsub hk by auto + moreover have "\' \ App s s' is App t u' : T\<^sub>2" using h1 hsub hl hk by auto + ultimately have "\' \ App s s' is App u u' : T\<^sub>2" using ih2 by blast } - then show "\ \ s is u : T\<^isub>1 \ T\<^isub>2" by auto + then show "\ \ s is u : T\<^sub>1 \ T\<^sub>2" by auto qed (auto) lemma logical_weak_head_closure: @@ -740,21 +740,21 @@ case (TUnit \ s t s') then show ?case by auto next - case (Arrow T\<^isub>1 T\<^isub>2 \ s t s') + case (Arrow T\<^sub>1 T\<^sub>2 \ s t s') have h1:"s' \ s" by fact - have ih:"\\ s t s'. \\ \ s is t : T\<^isub>2; s' \ s\ \ \ \ s' is t : T\<^isub>2" by fact - have h2:"\ \ s is t : T\<^isub>1\T\<^isub>2" by fact + have ih:"\\ s t s'. \\ \ s is t : T\<^sub>2; s' \ s\ \ \ \ s' is t : T\<^sub>2" by fact + have h2:"\ \ s is t : T\<^sub>1\T\<^sub>2" by fact then - have hb:"\\' s' t'. \\\' \ valid \' \ \' \ s' is t' : T\<^isub>1 \ (\' \ (App s s') is (App t t') : T\<^isub>2)" + have hb:"\\' s' t'. \\\' \ valid \' \ \' \ s' is t' : T\<^sub>1 \ (\' \ (App s s') is (App t t') : T\<^sub>2)" by auto { - fix \' s\<^isub>2 t\<^isub>2 - assume "\ \ \'" and "\' \ s\<^isub>2 is t\<^isub>2 : T\<^isub>1" and "valid \'" - then have "\' \ (App s s\<^isub>2) is (App t t\<^isub>2) : T\<^isub>2" using hb by auto - moreover have "(App s' s\<^isub>2) \ (App s s\<^isub>2)" using h1 by auto - ultimately have "\' \ App s' s\<^isub>2 is App t t\<^isub>2 : T\<^isub>2" using ih by auto + fix \' s\<^sub>2 t\<^sub>2 + assume "\ \ \'" and "\' \ s\<^sub>2 is t\<^sub>2 : T\<^sub>1" and "valid \'" + then have "\' \ (App s s\<^sub>2) is (App t t\<^sub>2) : T\<^sub>2" using hb by auto + moreover have "(App s' s\<^sub>2) \ (App s s\<^sub>2)" using h1 by auto + ultimately have "\' \ App s' s\<^sub>2 is App t t\<^sub>2 : T\<^sub>2" using ih by auto } - then show "\ \ s' is t : T\<^isub>1\T\<^isub>2" by auto + then show "\ \ s' is t : T\<^sub>1\T\<^sub>2" by auto qed abbreviation @@ -816,25 +816,25 @@ shows "\' \ \ is \' : T" using a1 a2 a3 proof (nominal_induct \ t T avoiding: \ \' arbitrary: \' rule: typing.strong_induct) - case (T_Lam x \ T\<^isub>1 t\<^isub>2 T\<^isub>2 \ \' \') + case (T_Lam x \ T\<^sub>1 t\<^sub>2 T\<^sub>2 \ \' \') have vc: "x\\" "x\\'" "x\\" by fact+ have asm1: "\' \ \ is \' over \" by fact - have ih:"\\ \' \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^isub>2" by fact - show "\' \ \2> is \'2> : T\<^isub>1\T\<^isub>2" using vc + have ih:"\\ \' \'. \\' \ \ is \' over (x,T\<^sub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^sub>2" by fact + show "\' \ \2> is \'2> : T\<^sub>1\T\<^sub>2" using vc proof (simp, intro strip) fix \'' s' t' assume sub: "\' \ \''" - and asm2: "\''\ s' is t' : T\<^isub>1" + and asm2: "\''\ s' is t' : T\<^sub>1" and val: "valid \''" from asm1 val sub have "\'' \ \ is \' over \" using logical_subst_monotonicity by blast - with asm2 vc have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext by blast - with ih val have "\'' \ ((x,s')#\)2> is ((x,t')#\')2> : T\<^isub>2" by auto - with vc have "\''\\2>[x::=s'] is \'2>[x::=t'] : T\<^isub>2" by (simp add: psubst_subst_psubst) + with asm2 vc have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^sub>1)#\" using equiv_subst_ext by blast + with ih val have "\'' \ ((x,s')#\)2> is ((x,t')#\')2> : T\<^sub>2" by auto + with vc have "\''\\2>[x::=s'] is \'2>[x::=t'] : T\<^sub>2" by (simp add: psubst_subst_psubst) moreover - have "App (Lam [x].\2>) s' \ \2>[x::=s']" by auto + have "App (Lam [x].\2>) s' \ \2>[x::=s']" by auto moreover - have "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto - ultimately show "\''\ App (Lam [x].\2>) s' is App (Lam [x].\'2>) t' : T\<^isub>2" + have "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto + ultimately show "\''\ App (Lam [x].\2>) s' is App (Lam [x].\'2>) t' : T\<^sub>2" using logical_weak_head_closure by auto qed qed (auto) @@ -871,68 +871,68 @@ moreover have "\' \ \ is \' : T" using ih1 h v by auto ultimately show "\' \ \ is \' : T" using logical_transitivity by blast next - case (Q_Abs x \ T\<^isub>1 s\<^isub>2 t\<^isub>2 T\<^isub>2 \' \ \') + case (Q_Abs x \ T\<^sub>1 s\<^sub>2 t\<^sub>2 T\<^sub>2 \' \ \') have fs:"x\\" by fact have fs2: "x\\" "x\\'" by fact+ have h2: "\' \ \ is \' over \" and h3: "valid \'" by fact+ - have ih:"\\' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^isub>2" by fact + have ih:"\\' \ \'. \\' \ \ is \' over (x,T\<^sub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^sub>2" by fact { fix \'' s' t' - assume "\' \ \''" and hl:"\''\ s' is t' : T\<^isub>1" and hk: "valid \''" + assume "\' \ \''" and hl:"\''\ s' is t' : T\<^sub>1" and hk: "valid \''" then have "\'' \ \ is \' over \" using h2 logical_subst_monotonicity by blast - then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext hl fs by blast - then have "\'' \ ((x,s')#\)2> is ((x,t')#\')2> : T\<^isub>2" using ih hk by blast - then have "\''\ \2>[x::=s'] is \'2>[x::=t'] : T\<^isub>2" using fs2 psubst_subst_psubst by auto - moreover have "App (Lam [x]. \2>) s' \ \2>[x::=s']" - and "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto - ultimately have "\'' \ App (Lam [x]. \2>) s' is App (Lam [x].\'2>) t' : T\<^isub>2" + then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^sub>1)#\" using equiv_subst_ext hl fs by blast + then have "\'' \ ((x,s')#\)2> is ((x,t')#\')2> : T\<^sub>2" using ih hk by blast + then have "\''\ \2>[x::=s'] is \'2>[x::=t'] : T\<^sub>2" using fs2 psubst_subst_psubst by auto + moreover have "App (Lam [x]. \2>) s' \ \2>[x::=s']" + and "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto + ultimately have "\'' \ App (Lam [x]. \2>) s' is App (Lam [x].\'2>) t' : T\<^sub>2" using logical_weak_head_closure by auto } moreover have "valid \'" by fact - ultimately have "\' \ Lam [x].\2> is Lam [x].\'2> : T\<^isub>1\T\<^isub>2" by auto - then show "\' \ \2> is \'2> : T\<^isub>1\T\<^isub>2" using fs2 by auto + ultimately have "\' \ Lam [x].\2> is Lam [x].\'2> : T\<^sub>1\T\<^sub>2" by auto + then show "\' \ \2> is \'2> : T\<^sub>1\T\<^sub>2" using fs2 by auto next - case (Q_App \ s\<^isub>1 t\<^isub>1 T\<^isub>1 T\<^isub>2 s\<^isub>2 t\<^isub>2 \' \ \') - then show "\' \ \1 s\<^isub>2> is \'1 t\<^isub>2> : T\<^isub>2" by auto + case (Q_App \ s\<^sub>1 t\<^sub>1 T\<^sub>1 T\<^sub>2 s\<^sub>2 t\<^sub>2 \' \ \') + then show "\' \ \1 s\<^sub>2> is \'1 t\<^sub>2> : T\<^sub>2" by auto next - case (Q_Beta x \ s\<^isub>2 t\<^isub>2 T\<^isub>1 s12 t12 T\<^isub>2 \' \ \') + case (Q_Beta x \ s\<^sub>2 t\<^sub>2 T\<^sub>1 s12 t12 T\<^sub>2 \' \ \') have h: "\' \ \ is \' over \" and h': "valid \'" by fact+ have fs: "x\\" by fact have fs2: " x\\" "x\\'" by fact+ - have ih1: "\\' \ \'. \\' \ \ is \' over \; valid \'\ \ \' \ \2> is \'2> : T\<^isub>1" by fact - have ih2: "\\' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \ is \' : T\<^isub>2" by fact - have "\' \ \2> is \'2> : T\<^isub>1" using ih1 h' h by auto - then have "\' \ (x,\2>)#\ is (x,\'2>)#\' over (x,T\<^isub>1)#\" using equiv_subst_ext h fs by blast - then have "\' \ ((x,\2>)#\) is ((x,\'2>)#\') : T\<^isub>2" using ih2 h' by auto - then have "\' \ \[x::=\2>] is \'[x::=\'2>] : T\<^isub>2" using fs2 psubst_subst_psubst by auto - then have "\' \ \[x::=\2>] is \'2]> : T\<^isub>2" using fs2 psubst_subst_propagate by auto - moreover have "App (Lam [x].\) (\2>) \ \[x::=\2>]" by auto - ultimately have "\' \ App (Lam [x].\) (\2>) is \'2]> : T\<^isub>2" + have ih1: "\\' \ \'. \\' \ \ is \' over \; valid \'\ \ \' \ \2> is \'2> : T\<^sub>1" by fact + have ih2: "\\' \ \'. \\' \ \ is \' over (x,T\<^sub>1)#\; valid \'\ \ \' \ \ is \' : T\<^sub>2" by fact + have "\' \ \2> is \'2> : T\<^sub>1" using ih1 h' h by auto + then have "\' \ (x,\2>)#\ is (x,\'2>)#\' over (x,T\<^sub>1)#\" using equiv_subst_ext h fs by blast + then have "\' \ ((x,\2>)#\) is ((x,\'2>)#\') : T\<^sub>2" using ih2 h' by auto + then have "\' \ \[x::=\2>] is \'[x::=\'2>] : T\<^sub>2" using fs2 psubst_subst_psubst by auto + then have "\' \ \[x::=\2>] is \'2]> : T\<^sub>2" using fs2 psubst_subst_propagate by auto + moreover have "App (Lam [x].\) (\2>) \ \[x::=\2>]" by auto + ultimately have "\' \ App (Lam [x].\) (\2>) is \'2]> : T\<^sub>2" using logical_weak_head_closure' by auto - then show "\' \ \2> is \'2]> : T\<^isub>2" using fs2 by simp + then show "\' \ \2> is \'2]> : T\<^sub>2" using fs2 by simp next - case (Q_Ext x \ s t T\<^isub>1 T\<^isub>2 \' \ \') + case (Q_Ext x \ s t T\<^sub>1 T\<^sub>2 \' \ \') have h2: "\' \ \ is \' over \" and h2': "valid \'" by fact+ have fs:"x\\" "x\s" "x\t" by fact+ - have ih:"\\' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ - \ \' \ \ is \' : T\<^isub>2" by fact + have ih:"\\' \ \'. \\' \ \ is \' over (x,T\<^sub>1)#\; valid \'\ + \ \' \ \ is \' : T\<^sub>2" by fact { fix \'' s' t' - assume hsub: "\' \ \''" and hl: "\''\ s' is t' : T\<^isub>1" and hk: "valid \''" + assume hsub: "\' \ \''" and hl: "\''\ s' is t' : T\<^sub>1" and hk: "valid \''" then have "\'' \ \ is \' over \" using h2 logical_subst_monotonicity by blast - then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext hl fs by blast - then have "\'' \ ((x,s')#\) is ((x,t')#\') : T\<^isub>2" using ih hk by blast + then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^sub>1)#\" using equiv_subst_ext hl fs by blast + then have "\'' \ ((x,s')#\) is ((x,t')#\') : T\<^sub>2" using ih hk by blast then - have "\'' \ App (((x,s')#\)) (((x,s')#\)<(Var x)>) is App (((x,t')#\')) (((x,t')#\')<(Var x)>) : T\<^isub>2" + have "\'' \ App (((x,s')#\)) (((x,s')#\)<(Var x)>) is App (((x,t')#\')) (((x,t')#\')<(Var x)>) : T\<^sub>2" by auto - then have "\'' \ App ((x,s')#\) s' is App ((x,t')#\') t' : T\<^isub>2" by auto - then have "\'' \ App (\) s' is App (\') t' : T\<^isub>2" using fs fresh_psubst_simp by auto + then have "\'' \ App ((x,s')#\) s' is App ((x,t')#\') t' : T\<^sub>2" by auto + then have "\'' \ App (\) s' is App (\') t' : T\<^sub>2" using fs fresh_psubst_simp by auto } moreover have "valid \'" by fact - ultimately show "\' \ \ is \' : T\<^isub>1\T\<^isub>2" by auto + ultimately show "\' \ \ is \' : T\<^sub>1\T\<^sub>2" by auto next case (Q_Unit \ s t \' \ \') then show "\' \ \ is \' : TUnit" by auto