# HG changeset patch # User huffman # Date 1257864475 28800 # Node ID 51091e1041a7506ea3a3497113ac28f847970bc1 # Parent 1806f58a365156372a44f26763d2c30b87d03e3c HOLCF example: domain package proofs done manually diff -r 1806f58a3651 -r 51091e1041a7 src/HOLCF/ex/Domain_Proofs.thy --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/HOLCF/ex/Domain_Proofs.thy Tue Nov 10 06:47:55 2009 -0800 @@ -0,0 +1,375 @@ +(* Title: HOLCF/ex/Domain_Proofs.thy + Author: Brian Huffman +*) + +header {* Internal domain package proofs done manually *} + +theory Domain_Proofs +imports HOLCF +begin + +defaultsort rep + +(* + +The definitions and proofs below are for the following recursive +datatypes: + +domain 'a foo = Foo1 | Foo2 (lazy 'a) (lazy "'a bar") + and 'a bar = Bar (lazy 'a) (lazy "'a baz") + and 'a baz = Baz (lazy 'a) (lazy "'a foo convex_pd") + +*) + +(********************************************************************) + +subsection {* Step 1: Define the new type combinators *} + +text {* Start with the one-step non-recursive version *} + +definition + foo_bar_baz_typF :: + "TypeRep \ TypeRep \ TypeRep \ TypeRep \ TypeRep \ TypeRep \ TypeRep" +where + "foo_bar_baz_typF = (\ a (t1, t2, t3). + ( ssum_typ\one_typ\(sprod_typ\(u_typ\a)\(u_typ\t2)) + , sprod_typ\(u_typ\a)\(u_typ\t3) + , sprod_typ\(u_typ\a)\(u_typ\(convex_typ\t1))))" + +lemma foo_bar_baz_typF_beta: + "foo_bar_baz_typF\a\t = + ( ssum_typ\one_typ\(sprod_typ\(u_typ\a)\(u_typ\(fst (snd t)))) + , sprod_typ\(u_typ\a)\(u_typ\(snd (snd t))) + , sprod_typ\(u_typ\a)\(u_typ\(convex_typ\(fst t))))" +unfolding foo_bar_baz_typF_def +by (simp add: csplit_def cfst_def csnd_def) + +text {* Individual type combinators are projected from the fixed point. *} + +definition foo_typ :: "TypeRep \ TypeRep" +where "foo_typ = (\ a. fst (fix\(foo_bar_baz_typF\a)))" + +definition bar_typ :: "TypeRep \ TypeRep" +where "bar_typ = (\ a. fst (snd (fix\(foo_bar_baz_typF\a))))" + +definition baz_typ :: "TypeRep \ TypeRep" +where "baz_typ = (\ a. snd (snd (fix\(foo_bar_baz_typF\a))))" + +text {* Unfold rules for each combinator. *} + +lemma foo_typ_unfold: + "foo_typ\a = ssum_typ\one_typ\(sprod_typ\(u_typ\a)\(u_typ\(bar_typ\a)))" +unfolding foo_typ_def bar_typ_def baz_typ_def +by (subst fix_eq, simp add: foo_bar_baz_typF_beta) + +lemma bar_typ_unfold: "bar_typ\a = sprod_typ\(u_typ\a)\(u_typ\(baz_typ\a))" +unfolding foo_typ_def bar_typ_def baz_typ_def +by (subst fix_eq, simp add: foo_bar_baz_typF_beta) + +lemma baz_typ_unfold: "baz_typ\a = sprod_typ\(u_typ\a)\(u_typ\(convex_typ\(foo_typ\a)))" +unfolding foo_typ_def bar_typ_def baz_typ_def +by (subst fix_eq, simp add: foo_bar_baz_typF_beta) + +text "The automation for the previous steps will be quite similar to +how the fixrec package works." + +(********************************************************************) + +subsection {* Step 2: Define types, prove class instances *} + +text {* Use @{text pcpodef} with the appropriate type combinator. *} + +pcpodef (open) 'a foo = "{x. x ::: foo_typ\REP('a)}" +by (simp_all add: adm_in_deflation) + +pcpodef (open) 'a bar = "{x. x ::: bar_typ\REP('a)}" +by (simp_all add: adm_in_deflation) + +pcpodef (open) 'a baz = "{x. x ::: baz_typ\REP('a)}" +by (simp_all add: adm_in_deflation) + +text {* Prove rep instance using lemma @{text typedef_rep_class}. *} + +instantiation foo :: (rep) rep +begin + +definition emb_foo :: "'a foo \ udom" +where "emb_foo = (\ x. Rep_foo x)" + +definition prj_foo :: "udom \ 'a foo" +where "prj_foo = (\ y. Abs_foo (cast\(foo_typ\REP('a))\y))" + +definition approx_foo :: "nat \ 'a foo \ 'a foo" +where "approx_foo = (\i. prj oo cast\(approx i\(foo_typ\REP('a))) oo emb)" + +instance +apply (rule typedef_rep_class) +apply (rule type_definition_foo) +apply (rule below_foo_def) +apply (rule emb_foo_def) +apply (rule prj_foo_def) +apply (rule approx_foo_def) +done + +end + +instantiation bar :: (rep) rep +begin + +definition emb_bar :: "'a bar \ udom" +where "emb_bar = (\ x. Rep_bar x)" + +definition prj_bar :: "udom \ 'a bar" +where "prj_bar = (\ y. Abs_bar (cast\(bar_typ\REP('a))\y))" + +definition approx_bar :: "nat \ 'a bar \ 'a bar" +where "approx_bar = (\i. prj oo cast\(approx i\(bar_typ\REP('a))) oo emb)" + +instance +apply (rule typedef_rep_class) +apply (rule type_definition_bar) +apply (rule below_bar_def) +apply (rule emb_bar_def) +apply (rule prj_bar_def) +apply (rule approx_bar_def) +done + +end + +instantiation baz :: (rep) rep +begin + +definition emb_baz :: "'a baz \ udom" +where "emb_baz = (\ x. Rep_baz x)" + +definition prj_baz :: "udom \ 'a baz" +where "prj_baz = (\ y. Abs_baz (cast\(baz_typ\REP('a))\y))" + +definition approx_baz :: "nat \ 'a baz \ 'a baz" +where "approx_baz = (\i. prj oo cast\(approx i\(baz_typ\REP('a))) oo emb)" + +instance +apply (rule typedef_rep_class) +apply (rule type_definition_baz) +apply (rule below_baz_def) +apply (rule emb_baz_def) +apply (rule prj_baz_def) +apply (rule approx_baz_def) +done + +end + +text {* Prove REP rules using lemma @{text typedef_REP}. *} + +lemma REP_foo: "REP('a foo) = foo_typ\REP('a)" +apply (rule typedef_REP) +apply (rule type_definition_foo) +apply (rule below_foo_def) +apply (rule emb_foo_def) +apply (rule prj_foo_def) +done + +lemma REP_bar: "REP('a bar) = bar_typ\REP('a)" +apply (rule typedef_REP) +apply (rule type_definition_bar) +apply (rule below_bar_def) +apply (rule emb_bar_def) +apply (rule prj_bar_def) +done + +lemma REP_baz: "REP('a baz) = baz_typ\REP('a)" +apply (rule typedef_REP) +apply (rule type_definition_baz) +apply (rule below_baz_def) +apply (rule emb_baz_def) +apply (rule prj_baz_def) +done + +text {* Prove REP equations using type combinator unfold lemmas. *} + +lemma REP_foo': "REP('a foo) = REP(one \ 'a\<^sub>\ \ ('a bar)\<^sub>\)" +unfolding REP_foo REP_bar REP_baz REP_simps +by (rule foo_typ_unfold) + +lemma REP_bar': "REP('a bar) = REP('a\<^sub>\ \ ('a baz)\<^sub>\)" +unfolding REP_foo REP_bar REP_baz REP_simps +by (rule bar_typ_unfold) + +lemma REP_baz': "REP('a baz) = REP('a\<^sub>\ \ ('a foo convex_pd)\<^sub>\)" +unfolding REP_foo REP_bar REP_baz REP_simps +by (rule baz_typ_unfold) + +(********************************************************************) + +subsection {* Step 3: Define rep and abs functions *} + +text {* Define them all using @{text coerce}! *} + +definition foo_rep :: "'a foo \ one \ ('a\<^sub>\ \ ('a bar)\<^sub>\)" +where "foo_rep = coerce" + +definition foo_abs :: "one \ ('a\<^sub>\ \ ('a bar)\<^sub>\) \ 'a foo" +where "foo_abs = coerce" + +definition bar_rep :: "'a bar \ 'a\<^sub>\ \ ('a baz)\<^sub>\" +where "bar_rep = coerce" + +definition bar_abs :: "'a\<^sub>\ \ ('a baz)\<^sub>\ \ 'a bar" +where "bar_abs = coerce" + +definition baz_rep :: "'a baz \ 'a\<^sub>\ \ ('a foo convex_pd)\<^sub>\" +where "baz_rep = coerce" + +definition baz_abs :: "'a\<^sub>\ \ ('a foo convex_pd)\<^sub>\ \ 'a baz" +where "baz_abs = coerce" + +text {* Prove isodefl rules using @{text isodefl_coerce}. *} + +lemma isodefl_foo_abs: + "isodefl d t \ isodefl (foo_abs oo d oo foo_rep) t" +unfolding foo_abs_def foo_rep_def +by (rule isodefl_coerce [OF REP_foo']) + +lemma isodefl_bar_abs: + "isodefl d t \ isodefl (bar_abs oo d oo bar_rep) t" +unfolding bar_abs_def bar_rep_def +by (rule isodefl_coerce [OF REP_bar']) + +lemma isodefl_baz_abs: + "isodefl d t \ isodefl (baz_abs oo d oo baz_rep) t" +unfolding baz_abs_def baz_rep_def +by (rule isodefl_coerce [OF REP_baz']) + +text {* TODO: prove iso predicate for rep and abs. *} + +(********************************************************************) + +subsection {* Step 4: Define map functions, prove isodefl property *} + +text {* Start with the one-step non-recursive version. *} + +text {* Note that the type of the map function depends on which +variables are used in positive and negative positions. *} + +definition + foo_bar_baz_mapF :: + "('a \ 'b) + \ ('a foo \ 'b foo) \ ('a bar \ 'b bar) \ ('a baz \ 'b baz) + \ ('a foo \ 'b foo) \ ('a bar \ 'b bar) \ ('a baz \ 'b baz)" +where + "foo_bar_baz_mapF = (\ f (d1, d2, d3). + ( + foo_abs oo + ssum_map\ID\(sprod_map\(u_map\f)\(u_map\d2)) + oo foo_rep + , + bar_abs oo sprod_map\(u_map\f)\(u_map\d3) oo bar_rep + , + baz_abs oo sprod_map\(u_map\f)\(u_map\(convex_map\d1)) oo baz_rep + ))" + +lemma foo_bar_baz_mapF_beta: + "foo_bar_baz_mapF\f\d = + ( + foo_abs oo + ssum_map\ID\(sprod_map\(u_map\f)\(u_map\(fst (snd d)))) + oo foo_rep + , + bar_abs oo sprod_map\(u_map\f)\(u_map\(snd (snd d))) oo bar_rep + , + baz_abs oo sprod_map\(u_map\f)\(u_map\(convex_map\(fst d))) oo baz_rep + )" +unfolding foo_bar_baz_mapF_def +by (simp add: csplit_def cfst_def csnd_def) + +text {* Individual map functions are projected from the fixed point. *} + +definition foo_map :: "('a \ 'b) \ ('a foo \ 'b foo)" +where "foo_map = (\ f. fst (fix\(foo_bar_baz_mapF\f)))" + +definition bar_map :: "('a \ 'b) \ ('a bar \ 'b bar)" +where "bar_map = (\ f. fst (snd (fix\(foo_bar_baz_mapF\f))))" + +definition baz_map :: "('a \ 'b) \ ('a baz \ 'b baz)" +where "baz_map = (\ f. snd (snd (fix\(foo_bar_baz_mapF\f))))" + +text {* Prove isodefl rules for all map functions simultaneously. *} + +lemma isodefl_foo_bar_baz: + assumes isodefl_d: "isodefl d t" + shows + "isodefl (foo_map\d) (foo_typ\t) \ + isodefl (bar_map\d) (bar_typ\t) \ + isodefl (baz_map\d) (baz_typ\t)" + apply (simp add: foo_map_def bar_map_def baz_map_def) + apply (simp add: foo_typ_def bar_typ_def baz_typ_def) + apply (rule parallel_fix_ind + [where F="foo_bar_baz_typF\t" and G="foo_bar_baz_mapF\d"]) + apply (intro adm_conj adm_isodefl cont2cont_fst cont2cont_snd cont_id) + apply (simp only: fst_strict snd_strict isodefl_bottom simp_thms) + apply (simp only: foo_bar_baz_mapF_beta + foo_bar_baz_typF_beta + fst_conv snd_conv) + apply (elim conjE) + apply (intro + conjI + isodefl_foo_abs + isodefl_bar_abs + isodefl_baz_abs + isodefl_ssum isodefl_sprod isodefl_one isodefl_u isodefl_convex + isodefl_d + ) + apply assumption+ +done + +lemmas isodefl_foo = isodefl_foo_bar_baz [THEN conjunct1] +lemmas isodefl_bar = isodefl_foo_bar_baz [THEN conjunct2, THEN conjunct1] +lemmas isodefl_baz = isodefl_foo_bar_baz [THEN conjunct2, THEN conjunct2] + +text {* Prove map ID lemmas, using isodefl_REP_imp_ID *} + +lemma foo_map_ID: "foo_map\ID = ID" +apply (rule isodefl_REP_imp_ID) +apply (subst REP_foo) +apply (rule isodefl_foo) +apply (rule isodefl_ID_REP) +done + +lemma bar_map_ID: "bar_map\ID = ID" +apply (rule isodefl_REP_imp_ID) +apply (subst REP_bar) +apply (rule isodefl_bar) +apply (rule isodefl_ID_REP) +done + +lemma baz_map_ID: "baz_map\ID = ID" +apply (rule isodefl_REP_imp_ID) +apply (subst REP_baz) +apply (rule isodefl_baz) +apply (rule isodefl_ID_REP) +done + +(********************************************************************) + +subsection {* Step 5: Define copy functions, prove reach lemmas *} + +definition "foo_bar_baz_copy = foo_bar_baz_mapF\ID" +definition "foo_copy = (\ f. fst (foo_bar_baz_copy\f))" +definition "bar_copy = (\ f. fst (snd (foo_bar_baz_copy\f)))" +definition "baz_copy = (\ f. snd (snd (foo_bar_baz_copy\f)))" + +lemma fix_foo_bar_baz_copy: + "fix\foo_bar_baz_copy = (foo_map\ID, bar_map\ID, baz_map\ID)" +unfolding foo_bar_baz_copy_def foo_map_def bar_map_def baz_map_def +by simp + +lemma foo_reach: "fst (fix\foo_bar_baz_copy)\x = x" +unfolding fix_foo_bar_baz_copy by (simp add: foo_map_ID) + +lemma bar_reach: "fst (snd (fix\foo_bar_baz_copy))\x = x" +unfolding fix_foo_bar_baz_copy by (simp add: bar_map_ID) + +lemma baz_reach: "snd (snd (fix\foo_bar_baz_copy))\x = x" +unfolding fix_foo_bar_baz_copy by (simp add: baz_map_ID) + +end diff -r 1806f58a3651 -r 51091e1041a7 src/HOLCF/ex/ROOT.ML --- a/src/HOLCF/ex/ROOT.ML Tue Nov 10 06:30:19 2009 -0800 +++ b/src/HOLCF/ex/ROOT.ML Tue Nov 10 06:47:55 2009 -0800 @@ -4,4 +4,4 @@ *) use_thys ["Dnat", "Stream", "Dagstuhl", "Focus_ex", "Fix2", "Hoare", - "Loop", "Fixrec_ex", "Powerdomain_ex", "Domain_ex"]; + "Loop", "Fixrec_ex", "Powerdomain_ex", "Domain_ex", "Domain_Proofs"];