# HG changeset patch # User urbanc # Date 1185784752 -7200 # Node ID ff4c715a11cd2f0e9d7ecff5f95a3eb05434ba0b # Parent 8a15a04e36f68985d59685d2c96c17cfca42e392 updated some of the definitions and proofs diff -r 8a15a04e36f6 -r ff4c715a11cd src/HOL/Nominal/Examples/Crary.thy --- a/src/HOL/Nominal/Examples/Crary.thy Sun Jul 29 23:27:40 2007 +0200 +++ b/src/HOL/Nominal/Examples/Crary.thy Mon Jul 30 10:39:12 2007 +0200 @@ -21,9 +21,9 @@ nominal_datatype trm = Unit - | Var "name" + | Var "name" ("Var _" [100] 100) | Lam "\name\trm" ("Lam [_]._" [100,100] 100) - | App "trm" "trm" + | App "trm" "trm" ("App _ _" [110,110] 100) | Const "nat" types Ctxt = "(name\ty) list" @@ -42,6 +42,8 @@ shows "x\T" by (simp add: fresh_def supp_def) + + lemma ty_cases: fixes T::ty shows "(\ T\<^isub>1 T\<^isub>2. T=T\<^isub>1\T\<^isub>2) \ T=TUnit \ T=TBase" @@ -89,11 +91,11 @@ (auto simp add: fresh_list_cons fresh_prod fresh_atm) consts - psubst :: "Subst \ trm \ trm" ("_<_>" [60,100] 100) + psubst :: "Subst \ trm \ trm" ("_<_>" [100,100] 130) nominal_primrec "\<(Var x)> = (lookup \ x)" - "\<(App t\<^isub>1 t\<^isub>2)> = App (\1>) (\2>)" + "\<(App t\<^isub>1 t\<^isub>2)> = App \1> \2>" "x\\ \ \<(Lam [x].t)> = Lam [x].(\)" "\<(Const n)> = Const n" "\<(Unit)> = Unit" @@ -164,19 +166,19 @@ lemma fresh_psubst_simp: assumes "x\t" - shows "(x,u)#\ = \" + shows "((x,u)#\) = \" using assms proof (nominal_induct t avoiding: x u \ rule: trm.induct) case (Lam y t x u) - have fs: "y\\" "y\x" "y\u" by fact+ + have fs: "y\\" "y\x" "y\u" by fact moreover have "x\ Lam [y].t" by fact ultimately have "x\t" by (simp add: abs_fresh fresh_atm) moreover have ih:"\n T. n\t \ ((n,T)#\) = \" by fact - ultimately have "(x,u)#\ = \" by auto - moreover have "(x,u)#\ = Lam [y]. ((x,u)#\)" using fs + ultimately have "((x,u)#\) = \" by auto + moreover have "((x,u)#\) = Lam [y].(((x,u)#\))" using fs by (simp add: fresh_list_cons fresh_prod) moreover have " \ = Lam [y]. (\)" using fs by simp - ultimately show "(x,u)#\ = \" by auto + ultimately show "((x,u)#\) = \" by auto qed (auto simp add: fresh_atm abs_fresh) lemma forget: @@ -212,7 +214,7 @@ lemma psubst_subst_psubst: assumes h:"c\\" - shows "\[c::=s] = (c,s)#\" + shows "\[c::=s] = ((c,s)#\)" using h by (nominal_induct t avoiding: \ c s rule: trm.induct) (auto simp add: fresh_list_cons fresh_atm forget lookup_fresh lookup_fresh' fresh_psubst) @@ -244,7 +246,7 @@ ultimately show ?case by auto next case (Lam n t x u \) - have fs:"n\x" "n\u" "n\\" "x\\" by fact+ + have fs:"n\x" "n\u" "n\\" "x\\" by fact have ih:"\ y s \. y\\ \ ((\<(t[y::=s])>) = ((\)[y::=(\)]))" by fact have "\ <(Lam [n].t)[x::=u]> = \" using fs by auto then have "\ <(Lam [n].t)[x::=u]> = Lam [n]. \" using fs by auto @@ -265,7 +267,7 @@ equivariance valid -inductive_cases +inductive_cases valid_cons_elim_auto[elim]:"valid ((x,T)#\)" abbreviation @@ -300,11 +302,11 @@ inductive typing :: "Ctxt\trm\ty\bool" (" _ \ _ : _ " [60,60,60] 60) where - t_Var[intro]: "\valid \; (x,T)\set \\ \ \ \ Var x : T" -| t_App[intro]: "\\ \ e\<^isub>1 : T\<^isub>1\T\<^isub>2; \ \ e\<^isub>2 : T\<^isub>1\ \ \ \ App e\<^isub>1 e\<^isub>2 : T\<^isub>2" -| t_Lam[intro]: "\x\\; (x,T\<^isub>1)#\ \ t : T\<^isub>2\ \ \ \ Lam [x].t : T\<^isub>1\T\<^isub>2" -| t_Const[intro]: "valid \ \ \ \ Const n : TBase" -| t_Unit[intro]: "valid \ \ \ \ Unit : TUnit" + T_Var[intro]: "\valid \; (x,T)\set \\ \ \ \ Var x : T" +| T_App[intro]: "\\ \ e\<^isub>1 : T\<^isub>1\T\<^isub>2; \ \ e\<^isub>2 : T\<^isub>1\ \ \ \ App e\<^isub>1 e\<^isub>2 : T\<^isub>2" +| T_Lam[intro]: "\x\\; (x,T\<^isub>1)#\ \ t : T\<^isub>2\ \ \ \ Lam [x].t : T\<^isub>1\T\<^isub>2" +| T_Const[intro]: "valid \ \ \ \ Const n : TBase" +| T_Unit[intro]: "valid \ \ \ \ Unit : TUnit" equivariance typing @@ -316,19 +318,20 @@ shows "valid \" using a by (induct) (auto) +(* declare trm.inject [simp add] declare ty.inject [simp add] -inductive_cases t_inv_auto[elim]: - "\ \ Lam [x].t : T" - "\ \ Var x : T" - "\ \ App x y : T" - "\ \ Const n : T" - "\ \ Unit : TUnit" - "\ \ s : TUnit" +inductive_cases2 t_Lam_elim_auto[elim]: "\ \ Lam [x].t : T" +inductive_cases2 t_Var_elim_auto[elim]: "\ \ Var x : T" +inductive_cases2 t_App_elim_auto[elim]: "\ \ App x y : T" +inductive_cases2 t_Const_elim_auto[elim]: "\ \ Const n : T" +inductive_cases2 t_Unit_elim_auto[elim]: "\ \ Unit : TUnit" +inductive_cases2 t_Unit_elim_auto'[elim]: "\ \ s : TUnit" declare trm.inject [simp del] declare ty.inject [simp del] +*) section {* Definitional Equivalence *} @@ -356,6 +359,126 @@ shows "valid \" using a by (induct) (auto elim: typing_implies_valid) +lemma test30: + fixes x::"name" + assumes a: "(x,T) \ set \" + shows "x\supp \" +using a +apply(induct \) +apply(auto simp add: supp_list_cons supp_prod supp_atm) +done + +lemma supp_ty[simp]: + fixes T::"ty" + shows "(supp T) = ({}::name set)" +apply(simp add: supp_def) +done + +lemma test3a: + assumes a: "\ \ t : T" + shows "(supp t) \ ((supp \)::name set)" +using a +apply(induct) +apply(auto simp add: trm.supp supp_atm supp_list_cons abs_supp supp_prod) +apply(simp add: test30) +apply(simp add: supp_def perm_nat_def) +done + +lemma test3b: + shows "supp (t\<^isub>1[x::=t\<^isub>2]) \ ((supp ([x].t\<^isub>1,t\<^isub>2))::name set)" +apply(nominal_induct t\<^isub>1 avoiding: x t\<^isub>2 rule: trm.induct) +apply(auto simp add: trm.supp supp_prod abs_supp supp_atm) +apply(blast) +apply(blast) +apply(simp add: supp_def perm_nat_def) +done + +lemma test3: + assumes a: "\ \ s \ t : T" + shows "(supp (s,t)) \ ((supp \)::name set)" +using a +apply(induct) +apply(auto simp add: supp_prod supp_list_cons trm.supp abs_supp supp_atm) +apply(drule test3a) +apply(blast) +apply(subgoal_tac "supp (t\<^isub>1[x::=t\<^isub>2]) \ ((supp ([x].t\<^isub>1,t\<^isub>2))::name set)") +apply(auto simp add: supp_prod abs_supp)[1] +apply(rule test3b) +apply(case_tac "x=xa") +apply(simp add: fresh_def supp_prod) +apply(blast) +apply(case_tac "x=xa") +apply(simp add: fresh_def supp_prod) +apply(blast) +apply(drule test3a) +apply(blast) +apply(drule test3a)+ +apply(blast) +done + +lemma test0: + assumes a: "(x,T\<^isub>1)#\ \ s\<^isub>1 \ t\<^isub>1 : T\<^isub>2" + and b: "\ \ s\<^isub>2 \ t\<^isub>2 : T\<^isub>1" + shows "\ \ App (Lam [x]. s\<^isub>1) s\<^isub>2 \ t\<^isub>1[x::=t\<^isub>2] : T\<^isub>2" +using a b +apply(rule_tac Q_Beta) +apply(auto) +apply(drule def_equiv_implies_valid) +apply(drule valid.cases) +apply(auto) +apply(drule test3) +apply(auto simp add: fresh_def supp_prod) +done + +lemma test1: + assumes a: "\x. x\\ \ (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2" + shows "\ \ s \ t : T\<^isub>1 \ T\<^isub>2" +using a +apply - +apply(generate_fresh "name") +apply(rule_tac x="c" in Q_Ext) +apply(simp) +apply(simp add: fresh_prod) +done + +lemma test2: + assumes a: "x\(\,s,t) \ (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2" + shows "\x. x\(\,s,t) \ (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2" +using a +apply - +apply(rule allI) +apply(case_tac "xa=x") +apply(simp) +apply(rule impI) +apply(erule conjE) +apply(drule_tac pi="[(x,xa)]" in def_equiv.eqvt) +apply(simp add: eqvts) +apply(simp add: calc_atm) +apply(perm_simp) +done + +lemma test2: + assumes a: "x\(\,s,t) \ (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2" + shows "\x. x\\ \ (x,T\<^isub>1)#\ \ App s (Var x) \ App t (Var x) : T\<^isub>2" +using a +apply - +apply(rule allI) +apply(case_tac "xa=x") +apply(simp) +apply(rule impI) +apply(erule conjE) +apply(frule test3) +apply(simp add: supp_prod supp_list_cons supp_atm trm.supp) +apply(subgoal_tac "xa\(s,t)") +apply(drule_tac pi="[(x,xa)]" in def_equiv.eqvt) +apply(simp add: eqvts) +apply(simp add: calc_atm) +apply(perm_simp) +apply(simp add: fresh_def supp_prod) +apply(auto) +done + + section {* Weak Head Reduction *} inductive @@ -367,16 +490,15 @@ declare trm.inject [simp add] declare ty.inject [simp add] -inductive_cases whr_inv_auto[elim]: - "t \ t'" - "Lam [x].t \ t'" - "App (Lam [x].t12) t2 \ t" - "Var x \ t" - "Const n \ t" - "App p q \ t" - "t \ Const n" - "t \ Var x" - "t \ App p q" +inductive_cases whr_Gen[elim]: "t \ t'" +inductive_cases whr_Lam[elim]: "Lam [x].t \ t'" +inductive_cases whr_App_Lam[elim]: "App (Lam [x].t12) t2 \ t" +inductive_cases whr_Var[elim]: "Var x \ t" +inductive_cases whr_Const[elim]: "Const n \ t" +inductive_cases whr_App[elim]: "App p q \ t" +inductive_cases whr_Const_Right[elim]: "t \ Const n" +inductive_cases whr_Var_Right[elim]: "t \ Var x" +inductive_cases whr_App_Right[elim]: "t \ App p q" declare trm.inject [simp del] declare ty.inject [simp del] @@ -423,12 +545,12 @@ shows "a=b" using a b apply (induct arbitrary: b) -apply (erule whr_inv_auto(3)) +apply (erule whr_App_Lam) apply (clarify) apply (rule subst_fun_eq) apply (simp) apply (force) -apply (erule whr_inv_auto(6)) +apply (erule whr_App) apply (blast)+ done @@ -438,7 +560,7 @@ using assms proof (induct arbitrary: b) case (QAN_Reduce x t a b) - have h:"x \ t" "t \ a" by fact+ + have h:"x \ t" "t \ a" by fact have ih:"\b. t \ b \ a = b" by fact have "x \ b" by fact then obtain t' where "x \ t'" and hl:"t' \ b" using h by auto @@ -446,6 +568,20 @@ then show "a=b" using ih hl by auto qed (auto) +lemma test4a: + shows "s \ t \ (supp t) \ ((supp s)::name set)" +apply(induct s t rule: whr_def.induct) +apply(insert test3b) +apply(simp add: trm.supp supp_prod abs_supp) +apply(auto simp add: trm.supp) +done + +lemma test4b: + shows "s \ t \ (supp t) \ ((supp s)::name set)" +apply(induct s t rule: whn_def.induct) +apply(auto dest: test4a) +done + section {* Algorithmic Term Equivalence and Algorithmic Path Equivalence *} inductive @@ -467,27 +603,27 @@ avoids QAT_Arrow: x by simp_all + declare trm.inject [simp add] declare ty.inject [simp add] -inductive_cases alg_equiv_inv_auto[elim]: - "\ \ s\t : TBase" - "\ \ s\t : T\<^isub>1 \ T\<^isub>2" +inductive_cases alg_equiv_Base_inv_auto[elim]: "\ \ s\t : TBase" +inductive_cases alg_equiv_Arrow_inv_auto[elim]: "\ \ s\t : T\<^isub>1 \ T\<^isub>2" + +inductive_cases alg_path_equiv_Base_inv_auto[elim]: "\ \ s\t : TBase" +inductive_cases alg_path_equiv_Unit_inv_auto[elim]: "\ \ s\t : TUnit" +inductive_cases alg_path_equiv_Arrow_inv_auto[elim]: "\ \ s\t : T\<^isub>1 \ T\<^isub>2" -inductive_cases alg_path_equiv_inv_auto[elim]: - "\ \ s\t : TBase" - "\ \ s\t : TUnit" - "\ \ s\t : T\<^isub>1 \ T\<^isub>2" - "\ \ Var x \ t : T" - "\ \ Var x \ t : T'" - "\ \ s \ Var x : T" - "\ \ s \ Var x : T'" - "\ \ Const n \ t : T" - "\ \ s \ Const n : T" - "\ \ App p s \ t : T" - "\ \ s \ App q t : T" - "\ \ Lam[x].s \ t : T" - "\ \ t \ Lam[x].s : T" +inductive_cases alg_path_equiv_Var_left_inv_auto[elim]: "\ \ Var x \ t : T" +inductive_cases alg_path_equiv_Var_left_inv_auto'[elim]: "\ \ Var x \ t : T'" +inductive_cases alg_path_equiv_Var_right_inv_auto[elim]: "\ \ s \ Var x : T" +inductive_cases alg_path_equiv_Var_right_inv_auto'[elim]: "\ \ s \ Var x : T'" +inductive_cases alg_path_equiv_Const_left_inv_auto[elim]: "\ \ Const n \ t : T" +inductive_cases alg_path_equiv_Const_right_inv_auto[elim]: "\ \ s \ Const n : T" +inductive_cases alg_path_equiv_App_left_inv_auto[elim]: "\ \ App p s \ t : T" +inductive_cases alg_path_equiv_App_right_inv_auto[elim]: "\ \ s \ App q t : T" +inductive_cases alg_path_equiv_Lam_left_inv_auto[elim]: "\ \ Lam[x].s \ t : T" +inductive_cases alg_path_equiv_Lam_right_inv_auto[elim]: "\ \ t \ Lam[x].s : T" declare trm.inject [simp del] declare ty.inject [simp del] @@ -522,14 +658,14 @@ case (QAP_Var \ x T u T') have "\ \ Var x \ u : T'" by fact then have "u=Var x" and "(x,T') \ set \" by auto - moreover have "valid \" "(x,T) \ set \" by fact+ + moreover have "valid \" "(x,T) \ set \" by fact ultimately show "T=T'" using type_unicity_in_context by auto next case (QAP_App \ p q T\<^isub>1 T\<^isub>2 s t u T\<^isub>2') - have ih: "\u T. \ \ p \ u : T \ T\<^isub>1\T\<^isub>2 = T" by fact + have ih:"\u T. \ \ p \ u : T \ T\<^isub>1\T\<^isub>2 = T" by fact have "\ \ App p s \ u : T\<^isub>2'" by fact then obtain r t T\<^isub>1' where "u = App r t" "\ \ p \ r : T\<^isub>1' \ T\<^isub>2'" by auto - with ih have "T\<^isub>1\T\<^isub>2 = T\<^isub>1' \ T\<^isub>2'" by auto + then have "T\<^isub>1\T\<^isub>2 = T\<^isub>1' \ T\<^isub>2'" by auto then show "T\<^isub>2=T\<^isub>2'" using ty.inject by auto qed (auto) @@ -562,7 +698,7 @@ case (QAT_Arrow x \ s t T\<^isub>1 T\<^isub>2 u) have ih:"(x,T\<^isub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^isub>2 \ (x,T\<^isub>1)#\ \ App s (Var x) \ App u (Var x) : T\<^isub>2" by fact - have fs: "x\\" "x\s" "x\t" "x\u" by fact+ + have fs: "x\\" "x\s" "x\t" "x\u" by fact have "\ \ t \ u : T\<^isub>1\T\<^isub>2" by fact then have "(x,T\<^isub>1)#\ \ App t (Var x) \ App u (Var x) : T\<^isub>2" using fs by (simp add: Q_Arrow_strong_inversion) @@ -595,7 +731,7 @@ and "\ \ s \ t : T \ \ \ \' \ valid \' \ \' \ s \ t : T" proof (nominal_induct \ s t T and \ s t T avoiding: \' rule: alg_equiv_alg_path_equiv.strong_inducts) case (QAT_Arrow x \ s t T\<^isub>1 T\<^isub>2 \') - have fs:"x\\" "x\s" "x\t" "x\\'"by fact+ + have fs:"x\\" "x\s" "x\t" "x\\'"by fact have h2:"\ \ \'" by fact have ih:"\\'. \(x,T\<^isub>1)#\ \ \'; valid \'\ \ \' \ App s (Var x) \ App t (Var x) : T\<^isub>2" by fact have "valid \'" by fact @@ -643,8 +779,8 @@ next case (3 \ s t T\<^isub>1 T\<^isub>2 \') have "\ \ s is t : T\<^isub>1\T\<^isub>2" - and "\ \ \'" - and "valid \'" by fact+ + and "\ \ \'" + and "valid \'" by fact then show "\' \ s is t : T\<^isub>1\T\<^isub>2" by simp qed (auto) @@ -781,10 +917,10 @@ qed lemma logical_subst_monotonicity : - assumes a: "\' \ s is t over \" + assumes a: "\' \ \ is \' over \" and b: "\' \ \''" and c: "valid \''" - shows "\'' \ s is t over \" + shows "\'' \ \ is \' over \" using a b c logical_monotonicity by blast lemma equiv_subst_ext : @@ -800,48 +936,54 @@ moreover { assume "(y,U) \ set [(x,T)]" - with h2 have "\' \ (x,s)#\is (x,t)#\' : U" by auto + then have "\' \ ((x,s)#\) is ((x,t)#\') : U" by auto } moreover { assume hl:"(y,U) \ set \" then have "\ y\\" by (induct \) (auto simp add: fresh_list_cons fresh_atm fresh_prod) then have hf:"x\ Var y" using fs by (auto simp add: fresh_atm) - then have "(x,s)#\ = \" "(x,t)#\' = \'" using fresh_psubst_simp by blast+ + then have "((x,s)#\) = \" "((x,t)#\') = \'" + using fresh_psubst_simp by blast+ moreover have "\' \ \ is \' : U" using h1 hl by auto - ultimately have "\' \ (x,s)#\ is (x,t)#\' : U" by auto + ultimately have "\' \ ((x,s)#\) is ((x,t)#\') : U" by auto } - ultimately have "\' \ (x,s)#\ is (x,t)#\' : U" by auto + ultimately have "\' \ ((x,s)#\) is ((x,t)#\') : U" by auto } then show "\' \ (x,s)#\ is (x,t)#\' over (x,T)#\" by auto qed theorem fundamental_theorem_1: - assumes h1: "\ \ t : T" - and h2: "\' \ \ is \' over \" - and h3: "valid \'" + assumes a1: "\ \ t : T" + and a2: "\' \ \ is \' over \" + and a3: "valid \'" shows "\' \ \ is \' : T" -using h1 h2 h3 -proof (nominal_induct \ t T avoiding: \' \ \' rule: typing.strong_induct) - case (t_Lam x \ T\<^isub>1 t\<^isub>2 T\<^isub>2 \' \ \') - have fs:"x\\" "x\\'" "x\\" by fact+ - have h:"\' \ \ is \' over \" by fact - have ih:"\ \' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^isub>2" by fact - { +using a1 a2 a3 +proof (nominal_induct \ t T avoiding: \ \' arbitrary: \' rule: typing.strong_induct) + case (T_Lam x \ T\<^isub>1 t\<^isub>2 T\<^isub>2 \ \' \') + have vc: "x\\" "x\\'" "x\\" by fact + have asm1: "\' \ \ is \' over \" by fact + have ih:"\\ \' \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^isub>2" by fact + show "\' \ \2> is \'2> : T\<^isub>1\T\<^isub>2" using vc + proof (simp, intro strip) fix \'' s' t' - assume "\' \ \''" and hl:"\''\ s' is t' : T\<^isub>1" and v: "valid \''" - then have "\'' \ \ is \' over \" using logical_subst_monotonicity h by blast - then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext hl fs by blast - then have "\'' \ (x,s')#\2> is (x,t')#\'2> : T\<^isub>2" using ih v by auto - then have "\''\\2>[x::=s'] is \'2>[x::=t'] : T\<^isub>2" using psubst_subst_psubst fs by simp - moreover have "App (Lam [x].\2>) s' \ \2>[x::=s']" by auto - moreover have "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto - ultimately have "\''\ App (Lam [x].\2>) s' is App (Lam [x].\'2>) t' : T\<^isub>2" + assume sub: "\' \ \''" + and asm2: "\''\ s' is t' : T\<^isub>1" + and val: "valid \''" + from asm1 val sub have "\'' \ \ is \' over \" using logical_subst_monotonicity by blast + with asm2 vc have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext by blast + with ih val have "\'' \ ((x,s')#\)2> is ((x,t')#\')2> : T\<^isub>2" by auto + with vc have "\''\\2>[x::=s'] is \'2>[x::=t'] : T\<^isub>2" by (simp add: psubst_subst_psubst) + moreover + have "App (Lam [x].\2>) s' \ \2>[x::=s']" by auto + moreover + have "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto + ultimately show "\''\ App (Lam [x].\2>) s' is App (Lam [x].\'2>) t' : T\<^isub>2" using logical_weak_head_closure by auto - } - then show "\' \ \2> is \'2> : T\<^isub>1\T\<^isub>2" using fs by simp + qed qed (auto) + theorem fundamental_theorem_2: assumes h1: "\ \ s \ t : T" and h2: "\' \ \ is \' over \" @@ -851,14 +993,14 @@ proof (nominal_induct \ s t T avoiding: \' \ \' rule: def_equiv.strong_induct) case (Q_Refl \ t T \' \ \') have "\ \ t : T" - and "valid \'" by fact+ + and "valid \'" by fact moreover have "\' \ \ is \' over \" by fact ultimately show "\' \ \ is \' : T" using fundamental_theorem_1 by blast next case (Q_Symm \ t s T \' \ \') have "\' \ \ is \' over \" - and "valid \'" by fact+ + and "valid \'" by fact moreover have ih: "\ \' \ \'. \\' \ \ is \' over \; valid \'\ \ \' \ \ is \' : T" by fact ultimately show "\' \ \ is \' : T" using logical_symmetry by blast @@ -867,7 +1009,7 @@ have ih1: "\ \' \ \'. \\' \ \ is \' over \; valid \'\ \ \' \ \ is \' : T" by fact have ih2: "\ \' \ \'. \\' \ \ is \' over \; valid \'\ \ \' \ \ is \' : T" by fact have h: "\' \ \ is \' over \" - and v: "valid \'" by fact+ + and v: "valid \'" by fact then have "\' \ \' is \' over \" using logical_pseudo_reflexivity by auto then have "\' \ \' is \' : T" using ih2 v by auto moreover have "\' \ \ is \' : T" using ih1 h v by auto @@ -875,23 +1017,23 @@ next case (Q_Abs x \ T\<^isub>1 s\<^isub>2 t\<^isub>2 T\<^isub>2 \' \ \') have fs:"x\\" by fact - have fs2: "x\\" "x\\'" by fact+ + have fs2: "x\\" "x\\'" by fact have h2: "\' \ \ is \' over \" - and h3: "valid \'" by fact+ + and h3: "valid \'" by fact have ih:"\\' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \2> is \'2> : T\<^isub>2" by fact { fix \'' s' t' assume "\' \ \''" and hl:"\''\ s' is t' : T\<^isub>1" and hk: "valid \''" then have "\'' \ \ is \' over \" using h2 logical_subst_monotonicity by blast then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext hl fs by blast - then have "\'' \ (x,s')#\2> is (x,t')#\'2> : T\<^isub>2" using ih hk by blast + then have "\'' \ ((x,s')#\)2> is ((x,t')#\')2> : T\<^isub>2" using ih hk by blast then have "\''\ \2>[x::=s'] is \'2>[x::=t'] : T\<^isub>2" using fs2 psubst_subst_psubst by auto moreover have "App (Lam [x]. \2>) s' \ \2>[x::=s']" and "App (Lam [x].\'2>) t' \ \'2>[x::=t']" by auto ultimately have "\'' \ App (Lam [x]. \2>) s' is App (Lam [x].\'2>) t' : T\<^isub>2" using logical_weak_head_closure by auto } - moreover have "valid \'" using h3 by auto + moreover have "valid \'" using h2 by auto ultimately have "\' \ Lam [x].\2> is Lam [x].\'2> : T\<^isub>1\T\<^isub>2" by auto then show "\' \ \2> is \'2> : T\<^isub>1\T\<^isub>2" using fs2 by auto next @@ -900,14 +1042,14 @@ next case (Q_Beta x \ s\<^isub>2 t\<^isub>2 T\<^isub>1 s12 t12 T\<^isub>2 \' \ \') have h: "\' \ \ is \' over \" - and h': "valid \'" by fact+ + and h': "valid \'" by fact have fs: "x\\" by fact - have fs2: " x\\" "x\\'" by fact+ + have fs2: " x\\" "x\\'" by fact have ih1: "\\' \ \'. \\' \ \ is \' over \; valid \'\ \ \' \ \2> is \'2> : T\<^isub>1" by fact have ih2: "\\' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \ is \' : T\<^isub>2" by fact have "\' \ \2> is \'2> : T\<^isub>1" using ih1 h' h by auto then have "\' \ (x,\2>)#\ is (x,\'2>)#\' over (x,T\<^isub>1)#\" using equiv_subst_ext h fs by blast - then have "\' \ (x,\2>)#\ is (x,\'2>)#\' : T\<^isub>2" using ih2 h' by auto + then have "\' \ ((x,\2>)#\) is ((x,\'2>)#\') : T\<^isub>2" using ih2 h' by auto then have "\' \ \[x::=\2>] is \'[x::=\'2>] : T\<^isub>2" using fs2 psubst_subst_psubst by auto then have "\' \ \[x::=\2>] is \'2]> : T\<^isub>2" using fs2 psubst_subst_propagate by auto moreover have "App (Lam [x].\) (\2>) \ \[x::=\2>]" by auto @@ -917,8 +1059,8 @@ next case (Q_Ext x \ s t T\<^isub>1 T\<^isub>2 \' \ \') have h2: "\' \ \ is \' over \" - and h2': "valid \'" by fact+ - have fs:"x\\" "x\s" "x\t" by fact+ + and h2': "valid \'" by fact + have fs:"x\\" "x\s" "x\t" by fact have ih:"\\' \ \'. \\' \ \ is \' over (x,T\<^isub>1)#\; valid \'\ \ \' \ \ is \' : T\<^isub>2" by fact { @@ -926,14 +1068,14 @@ assume hsub: "\' \ \''" and hl: "\''\ s' is t' : T\<^isub>1" and hk: "valid \''" then have "\'' \ \ is \' over \" using h2 logical_subst_monotonicity by blast then have "\'' \ (x,s')#\ is (x,t')#\' over (x,T\<^isub>1)#\" using equiv_subst_ext hl fs by blast - then have "\'' \ (x,s')#\ is (x,t')#\' : T\<^isub>2" using ih hk by blast + then have "\'' \ ((x,s')#\) is ((x,t')#\') : T\<^isub>2" using ih hk by blast then - have "\'' \ App (((x,s')#\)) (((x,s')#\)<(Var x)>) is App ((x,t')#\') ((x,t')#\'<(Var x)>) : T\<^isub>2" + have "\'' \ App (((x,s')#\)) (((x,s')#\)<(Var x)>) is App (((x,t')#\')) (((x,t')#\')<(Var x)>) : T\<^isub>2" by auto - then have "\'' \ App ((x,s')#\) s' is App ((x,t')#\') t' : T\<^isub>2" by auto + then have "\'' \ App ((x,s')#\) s' is App ((x,t')#\') t' : T\<^isub>2" by auto then have "\'' \ App (\) s' is App (\') t' : T\<^isub>2" using fs fresh_psubst_simp by auto } - moreover have "valid \'" using h2' by auto + moreover have "valid \'" using h2 by auto ultimately show "\' \ \ is \' : T\<^isub>1\T\<^isub>2" by auto next case (Q_Unit \ s t \' \ \')