(*<*)

theory Paper

imports 

   "../Lexer"

   "../Simplifying" 

   "../Positions" 

   "~~/src/HOL/Library/LaTeXsugar"

begin

lemma Suc_0_fold:

  "Suc 0 = 1"

by simp

declare [[show_question_marks = false]]

syntax (latex output)

  "_Collect" :: "pttrn => bool => 'a set"              ("(1{_ \<^latex>\<open>\\mbox{\\boldmath$\\mid$}\<close> _})")

  "_CollectIn" :: "pttrn => 'a set => bool => 'a set"   ("(1{_ \<in> _ |e _})")

syntax

  "_Not_Ex" :: "idts \<Rightarrow> bool \<Rightarrow> bool"  ("(3\<nexists>_.a./ _)" [0, 10] 10)

  "_Not_Ex1" :: "pttrn \<Rightarrow> bool \<Rightarrow> bool"  ("(3\<nexists>!_.a./ _)" [0, 10] 10)

abbreviation 

  "der_syn r c \<equiv> der c r"

abbreviation 

  "ders_syn r s \<equiv> ders s r"

abbreviation

  "nprec v1 v2 \<equiv> \<not>(v1 :\<sqsubset>val v2)"

notation (latex output)

  If  ("(\<^latex>\<open>\\textrm{\<close>if\<^latex>\<open>}\<close> (_)/ \<^latex>\<open>\\textrm{\<close>then\<^latex>\<open>}\<close> (_)/ \<^latex>\<open>\\textrm{\<close>else\<^latex>\<open>}\<close> (_))" 10) and

  Cons ("_\<^latex>\<open>\\mbox{$\\,$}\<close>::\<^latex>\<open>\\mbox{$\\,$}\<close>_" [75,73] 73) and  

  ZERO ("\<^bold>0" 81) and 

  ONE ("\<^bold>1" 81) and 

  CHAR ("_" [1000] 80) and

  ALT ("_ + _" [77,77] 78) and

  SEQ ("_ \<cdot> _" [77,77] 78) and

  STAR ("_\<^sup>\<star>" [78] 78) and

  val.Void ("Empty" 78) and

  val.Char ("Char _" [1000] 78) and

  val.Left ("Left _" [79] 78) and

  val.Right ("Right _" [1000] 78) and

  val.Seq ("Seq _ _" [79,79] 78) and

  val.Stars ("Stars _" [79] 78) and

  L ("L'(_')" [10] 78) and

  LV ("LV _ _" [80,73] 78) and

  der_syn ("_\\_" [79, 1000] 76) and  

  ders_syn ("_\\_" [79, 1000] 76) and

  flat ("|_|" [75] 74) and

  flats ("|_|" [72] 74) and

  Sequ ("_ @ _" [78,77] 63) and

  injval ("inj _ _ _" [79,77,79] 76) and 

  mkeps ("mkeps _" [79] 76) and 

  length ("len _" [73] 73) and

  intlen ("len _" [73] 73) and

  set ("_" [73] 73) and

  Prf ("_ : _" [75,75] 75) and

  Posix ("'(_, _') \<rightarrow> _" [63,75,75] 75) and

  lexer ("lexer _ _" [78,78] 77) and 

  F_RIGHT ("F\<^bsub>Right\<^esub> _") and

  F_LEFT ("F\<^bsub>Left\<^esub> _") and  

  F_ALT ("F\<^bsub>Alt\<^esub> _ _") and

  F_SEQ1 ("F\<^bsub>Seq1\<^esub> _ _") and

  F_SEQ2 ("F\<^bsub>Seq2\<^esub> _ _") and

  F_SEQ ("F\<^bsub>Seq\<^esub> _ _") and

  simp_SEQ ("simp\<^bsub>Seq\<^esub> _ _" [1000, 1000] 1) and

  simp_ALT ("simp\<^bsub>Alt\<^esub> _ _" [1000, 1000] 1) and

  slexer ("lexer\<^sup>+" 1000) and

  at ("_\<^latex>\<open>\\mbox{$\\downharpoonleft$}\<close>\<^bsub>_\<^esub>") and

  lex_list ("_ \<prec>\<^bsub>lex\<^esub> _") and

  PosOrd ("_ \<prec>\<^bsub>_\<^esub> _" [77,77,77] 77) and

  PosOrd_ex ("_ \<prec> _" [77,77] 77) and

  PosOrd_ex_eq ("_ \<^latex>\<open>\\mbox{$\\preccurlyeq$}\<close> _" [77,77] 77) and

  pflat_len ("\<parallel>_\<parallel>\<^bsub>_\<^esub>") and

  nprec ("_ \<^latex>\<open>\\mbox{$\\not\\prec$}\<close> _" [77,77] 77) and

  DUMMY ("\<^latex>\<open>\\underline{\\hspace{2mm}}\<close>")

definition 

  "match r s \<equiv> nullable (ders s r)"

lemma LV_STAR_ONE_empty: 

  shows "LV (STAR ONE) [] = {Stars []}"

by(auto simp add: LV_def elim: Prf.cases intro: Prf.intros)

(*

comments not implemented

p9. The condition "not exists s3 s4..." appears often enough (in particular in

the proof of Lemma 3) to warrant a definition.

*)

(*>*)

section {* Introduction *}

text {*

Brzozowski \cite{Brzozowski1964} introduced the notion of the {\em

derivative} @{term "der c r"} of a regular expression @{text r} w.r.t.\ a

character~@{text c}, and showed that it gave a simple solution to the

problem of matching a string @{term s} with a regular expression @{term r}:

if the derivative of @{term r} w.r.t.\ (in succession) all the characters of

the string matches the empty string, then @{term r} matches @{term s} (and

{\em vice versa}). The derivative has the property (which may almost be

regarded as its specification) that, for every string @{term s} and regular

expression @{term r} and character @{term c}, one has @{term "cs \<in> L(r)"} if

and only if \mbox{@{term "s \<in> L(der c r)"}}. The beauty of Brzozowski's

derivatives is that they are neatly expressible in any functional language,

and easily definable and reasoned about in theorem provers---the definitions

just consist of inductive datatypes and simple recursive functions. A

mechanised correctness proof of Brzozowski's matcher in for example HOL4

has been mentioned by Owens and Slind~\cite{Owens2008}. Another one in Isabelle/HOL is part

of the work by Krauss and Nipkow \cite{Krauss2011}. And another one in Coq is given

by Coquand and Siles \cite{Coquand2012}.

If a regular expression matches a string, then in general there is more than

one way of how the string is matched. There are two commonly used

disambiguation strategies to generate a unique answer: one is called GREEDY

matching \cite{Frisch2004} and the other is POSIX

matching~\cite{POSIX,Kuklewicz,OkuiSuzuki2010,Sulzmann2014,Vansummeren2006}. For example consider

the string @{term xy} and the regular expression \mbox{@{term "STAR (ALT

(ALT x y) xy)"}}. Either the string can be matched in two `iterations' by

the single letter-regular expressions @{term x} and @{term y}, or directly

in one iteration by @{term xy}. The first case corresponds to GREEDY

matching, which first matches with the left-most symbol and only matches the

next symbol in case of a mismatch (this is greedy in the sense of preferring

instant gratification to delayed repletion). The second case is POSIX

matching, which prefers the longest match.

In the context of lexing, where an input string needs to be split up

into a sequence of tokens, POSIX is the more natural disambiguation

strategy for what programmers consider basic syntactic building blocks

in their programs.  These building blocks are often specified by some

regular expressions, say @{text "r\<^bsub>key\<^esub>"} and @{text

"r\<^bsub>id\<^esub>"} for recognising keywords and identifiers,

respectively. There are a few underlying (informal) rules behind

tokenising a string in a POSIX \cite{POSIX} fashion according to a

collection of regular expressions:

\begin{itemize} 

\item[$\bullet$] \emph{The Longest Match Rule} (or \emph{``{M}aximal {M}unch {R}ule''}):

The longest initial substring matched by any regular expression is taken as

next token.\smallskip

\item[$\bullet$] \emph{Priority Rule:}

For a particular longest initial substring, the first (leftmost) regular expression

that can match determines the token.\smallskip

\item[$\bullet$] \emph{Star Rule:} A subexpression repeated by ${}^\star$ shall 

not match an empty string unless this is the only match for the repetition.\smallskip

\item[$\bullet$] \emph{Empty String Rule:} An empty string shall be considered to 

be longer than no match at all.

\end{itemize}

\noindent Consider for example a regular expression @{text

"r\<^bsub>key\<^esub>"} for recognising keywords such as @{text "if"},

@{text "then"} and so on; and @{text "r\<^bsub>id\<^esub>"}

recognising identifiers (say, a single character followed by

characters or numbers).  Then we can form the regular expression

@{text "(r\<^bsub>key\<^esub> + r\<^bsub>id\<^esub>)\<^sup>\<star>"}

and use POSIX matching to tokenise strings, say @{text "iffoo"} and

@{text "if"}.  For @{text "iffoo"} we obtain by the Longest Match Rule

a single identifier token, not a keyword followed by an

identifier. For @{text "if"} we obtain by the Priority Rule a keyword

token, not an identifier token---even if @{text "r\<^bsub>id\<^esub>"}

matches also. By the Star Rule we know @{text "(r\<^bsub>key\<^esub> +

r\<^bsub>id\<^esub>)\<^sup>\<star>"} matches @{text "iffoo"},

respectively @{text "if"}, in exactly one `iteration' of the star. The

Empty String Rule is for cases where, for example, the regular expression 

@{text "(a\<^sup>\<star>)\<^sup>\<star>"} matches against the

string @{text "bc"}. Then the longest initial matched substring is the

empty string, which is matched by both the whole regular expression

and the parenthesised subexpression.

One limitation of Brzozowski's matcher is that it only generates a

YES/NO answer for whether a string is being matched by a regular

expression.  Sulzmann and Lu~\cite{Sulzmann2014} extended this matcher

to allow generation not just of a YES/NO answer but of an actual

matching, called a [lexical] {\em value}. Assuming a regular

expression matches a string, values encode the information of

\emph{how} the string is matched by the regular expression---that is,

which part of the string is matched by which part of the regular

expression. For this consider again the string @{text "xy"} and

the regular expression \mbox{@{text "(x + (y + xy))\<^sup>\<star>"}}

(this time fully parenthesised). We can view this regular expression

as tree and if the string @{text xy} is matched by two Star

`iterations', then the @{text x} is matched by the left-most

alternative in this tree and the @{text y} by the right-left alternative. This

suggests to record this matching as

\begin{center}

@{term "Stars [Left(Char x), Right(Left(Char y))]"}

\end{center}

\noindent where @{const Stars}, @{text Left}, @{text Right} and @{text

Char} are constructors for values. @{text Stars} records how many

iterations were used; @{text Left}, respectively @{text Right}, which

\begin{center}

@{term "Stars [Seq (Char x) (Char y)]"}

\end{center}

\noindent where @{const Stars} has only a single-element list for the

single iteration and @{const Seq} indicates that @{term xy} is matched 

by a sequence regular expression, which we will in what follows 

write more formally as @{term "SEQ x y"}.

Sulzmann and Lu give a simple algorithm to calculate a value that

appears to be the value associated with POSIX matching.  The challenge

then is to specify that value, in an algorithm-independent fashion,

and to show that Sulzmann and Lu's derivative-based algorithm does

indeed calculate a value that is correct according to the

specification.  The answer given by Sulzmann and Lu

\cite{Sulzmann2014} is to define a relation (called an ``order

relation'') on the set of values of @{term r}, and to show that (once

a string to be matched is chosen) there is a maximum element and that

it is computed by their derivative-based algorithm. This proof idea is

inspired by work of Frisch and Cardelli \cite{Frisch2004} on a GREEDY

regular expression matching algorithm. However, we were not able to

establish transitivity and totality for the ``order relation'' by

Sulzmann and Lu.  There are some inherent problems with their approach

(of which some of the proofs are not published in

\cite{Sulzmann2014}); perhaps more importantly, we give in this paper

a simple inductive (and algorithm-independent) definition of what we

call being a {\em POSIX value} for a regular expression @{term r} and

a string @{term s}; we show that the algorithm by Sulzmann and Lu

computes such a value and that such a value is unique. Our proofs are

both done by hand and checked in Isabelle/HOL.  The experience of

doing our proofs has been that this mechanical checking was absolutely

essential: this subject area has hidden snares. This was also noted by

Kuklewicz \cite{Kuklewicz} who found that nearly all POSIX matching

implementations are ``buggy'' \cite[Page 203]{Sulzmann2014} and by

Grathwohl et al \cite[Page 36]{CrashCourse2014} who wrote:

\begin{quote}

\it{}``The POSIX strategy is more complicated than the greedy because of 

the dependence on information about the length of matched strings in the 

various subexpressions.''

\end{quote}

%\footnote{The relation @{text "\<ge>\<^bsub>r\<^esub>"} defined by Sulzmann and Lu \cite{Sulzmann2014} 

%is a relation on the

%values for the regular expression @{term r}; but it only holds between

%@{term "v\<^sub>1"} and @{term "v\<^sub>2"} in cases where @{term "v\<^sub>1"} and @{term "v\<^sub>2"} have

%the same flattening (underlying string). So a counterexample to totality is

%given by taking two values @{term "v\<^sub>1"} and @{term "v\<^sub>2"} for @{term r} that

%have different flattenings (see Section~\ref{posixsec}). A different

%relation @{text "\<ge>\<^bsub>r,s\<^esub>"} on the set of values for @{term r}

%with flattening @{term s} is definable by the same approach, and is indeed

%total; but that is not what Proposition 1 of \cite{Sulzmann2014} does.}

\noindent {\bf Contributions:} We have implemented in Isabelle/HOL the

derivative-based regular expression matching algorithm of

Sulzmann and Lu \cite{Sulzmann2014}. We have proved the correctness of this

algorithm according to our specification of what a POSIX value is (inspired

by work of Vansummeren \cite{Vansummeren2006}). Sulzmann

and Lu sketch in \cite{Sulzmann2014} an informal correctness proof: but to

us it contains unfillable gaps.\footnote{An extended version of

\cite{Sulzmann2014} is available at the website of its first author; this

extended version already includes remarks in the appendix that their

informal proof contains gaps, and possible fixes are not fully worked out.}

Our specification of a POSIX value consists of a simple inductive definition

that given a string and a regular expression uniquely determines this value.

We also show that our definition is equivalent to an ordering 

of values based on positions by Okui and Suzuki \cite{OkuiSuzuki2010}.

Derivatives as calculated by Brzozowski's method are usually more complex

regular expressions than the initial one; various optimisations are

possible. We prove the correctness when simplifications of @{term "ALT ZERO

r"}, @{term "ALT r ZERO"}, @{term "SEQ ONE r"} and @{term "SEQ r ONE"} to

@{term r} are applied. We extend our results to ???

*}

section {* Preliminaries *}

text {* \noindent Strings in Isabelle/HOL are lists of characters with

the empty string being represented by the empty list, written @{term

"[]"}, and list-cons being written as @{term "DUMMY # DUMMY"}. Often

we use the usual bracket notation for lists also for strings; for

example a string consisting of just a single character @{term c} is

written @{term "[c]"}. We use the usual definitions for 

\emph{prefixes} and \emph{strict prefixes} of strings.  By using the

type @{type char} for characters we have a supply of finitely many

characters roughly corresponding to the ASCII character set. Regular

expressions are defined as usual as the elements of the following

inductive datatype:

  \begin{center}

  @{text "r :="}

  @{const "ZERO"} $\mid$

  @{const "ONE"} $\mid$

  @{term "CHAR c"} $\mid$

  @{term "ALT r\<^sub>1 r\<^sub>2"} $\mid$

  @{term "SEQ r\<^sub>1 r\<^sub>2"} $\mid$

  @{term "STAR r"} 

  \end{center}

  \noindent where @{const ZERO} stands for the regular expression that does

  not match any string, @{const ONE} for the regular expression that matches

  only the empty string and @{term c} for matching a character literal. The

  language of a regular expression is also defined as usual by the

  recursive function @{term L} with the six clauses:

  \begin{center}

  \begin{tabular}{l@ {\hspace{4mm}}rcl}

  \textit{(1)} & @{thm (lhs) L.simps(1)} & $\dn$ & @{thm (rhs) L.simps(1)}\\

  \textit{(2)} & @{thm (lhs) L.simps(2)} & $\dn$ & @{thm (rhs) L.simps(2)}\\

  \textit{(3)} & @{thm (lhs) L.simps(3)} & $\dn$ & @{thm (rhs) L.simps(3)}\\

  \textit{(4)} & @{thm (lhs) L.simps(4)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & 

        @{thm (rhs) L.simps(4)[of "r\<^sub>1" "r\<^sub>2"]}\\

  \textit{(5)} & @{thm (lhs) L.simps(5)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & 

        @{thm (rhs) L.simps(5)[of "r\<^sub>1" "r\<^sub>2"]}\\

  \textit{(6)} & @{thm (lhs) L.simps(6)} & $\dn$ & @{thm (rhs) L.simps(6)}\\

  \end{tabular}

  \end{center}

  \noindent In clause \textit{(4)} we use the operation @{term "DUMMY ;;

  DUMMY"} for the concatenation of two languages (it is also list-append for

  strings). We use the star-notation for regular expressions and for

  languages (in the last clause above). The star for languages is defined

  inductively by two clauses: @{text "(i)"} the empty string being in

  the star of a language and @{text "(ii)"} if @{term "s\<^sub>1"} is in a

  language and @{term "s\<^sub>2"} in the star of this language, then also @{term

  "s\<^sub>1 @ s\<^sub>2"} is in the star of this language. It will also be convenient

  to use the following notion of a \emph{semantic derivative} (or \emph{left

  quotient}) of a language defined as

  %

  \begin{center}

  @{thm Der_def}\;.

  \end{center}

  \noindent

  For semantic derivatives we have the following equations (for example

  mechanically proved in \cite{Krauss2011}):

  %

  \begin{equation}\label{SemDer}

  \begin{array}{lcl}

  @{thm (lhs) Der_null}  & \dn & @{thm (rhs) Der_null}\\

  @{thm (lhs) Der_empty}  & \dn & @{thm (rhs) Der_empty}\\

  @{thm (lhs) Der_char}  & \dn & @{thm (rhs) Der_char}\\

  @{thm (lhs) Der_union}  & \dn & @{thm (rhs) Der_union}\\

  @{thm (lhs) Der_Sequ}  & \dn & @{thm (rhs) Der_Sequ}\\

  @{thm (lhs) Der_star}  & \dn & @{thm (rhs) Der_star}

  \end{array}

  \end{equation}

  \noindent \emph{\Brz's derivatives} of regular expressions

  \cite{Brzozowski1964} can be easily defined by two recursive functions:

  the first is from regular expressions to booleans (implementing a test

  when a regular expression can match the empty string), and the second

  takes a regular expression and a character to a (derivative) regular

  expression:

  \begin{center}

  \begin{tabular}{lcl}

  @{thm (lhs) nullable.simps(1)} & $\dn$ & @{thm (rhs) nullable.simps(1)}\\

  @{thm (lhs) nullable.simps(2)} & $\dn$ & @{thm (rhs) nullable.simps(2)}\\

  @{thm (lhs) nullable.simps(3)} & $\dn$ & @{thm (rhs) nullable.simps(3)}\\

  @{thm (lhs) nullable.simps(4)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) nullable.simps(4)[of "r\<^sub>1" "r\<^sub>2"]}\\

  @{thm (lhs) nullable.simps(5)[of "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) nullable.simps(5)[of "r\<^sub>1" "r\<^sub>2"]}\\

  @{thm (lhs) nullable.simps(6)} & $\dn$ & @{thm (rhs) nullable.simps(6)}\medskip\\

%  \end{tabular}

%  \end{center}

%  \begin{center}

%  \begin{tabular}{lcl}

  @{thm (lhs) der.simps(1)} & $\dn$ & @{thm (rhs) der.simps(1)}\\

  @{thm (lhs) der.simps(2)} & $\dn$ & @{thm (rhs) der.simps(2)}\\

  @{thm (lhs) der.simps(3)} & $\dn$ & @{thm (rhs) der.simps(3)}\\

  @{thm (lhs) der.simps(4)[of c "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) der.simps(4)[of c "r\<^sub>1" "r\<^sub>2"]}\\

  @{thm (lhs) der.simps(5)[of c "r\<^sub>1" "r\<^sub>2"]} & $\dn$ & @{thm (rhs) der.simps(5)[of c "r\<^sub>1" "r\<^sub>2"]}\\

  @{thm (lhs) der.simps(6)} & $\dn$ & @{thm (rhs) der.simps(6)}

  \end{tabular}

  \end{center}

  \noindent

  We may extend this definition to give derivatives w.r.t.~strings:

  \begin{center}

  \begin{tabular}{lcl}

  @{thm (lhs) ders.simps(1)} & $\dn$ & @{thm (rhs) ders.simps(1)}\\

  @{thm (lhs) ders.simps(2)} & $\dn$ & @{thm (rhs) ders.simps(2)}\\

  \end{tabular}

  \end{center}

  \noindent Given the equations in \eqref{SemDer}, it is a relatively easy

  exercise in mechanical reasoning to establish that

  \begin{proposition}\label{derprop}\mbox{}\\ 

  \begin{tabular}{ll}

  \textit{(1)} & @{thm (lhs) nullable_correctness} if and only if

  @{thm (rhs) nullable_correctness}, and \\ 

  \textit{(2)} & @{thm[mode=IfThen] der_correctness}.

  \end{tabular}

  \end{proposition}

  \noindent With this in place it is also very routine to prove that the

  regular expression matcher defined as

  %

  \begin{center}

  @{thm match_def}

  \end{center}

  \noindent gives a positive answer if and only if @{term "s \<in> L r"}.

  Consequently, this regular expression matching algorithm satisfies the

  usual specification for regular expression matching. While the matcher

  above calculates a provably correct YES/NO answer for whether a regular

  expression matches a string or not, the novel idea of Sulzmann and Lu

  \cite{Sulzmann2014} is to append another phase to this algorithm in order

  to calculate a [lexical] value. We will explain the details next.

*}

section {* POSIX Regular Expression Matching\label{posixsec} *}

text {* 

  There have been many previous works that use values for encoding 

  \emph{how} a regular expression matches a string.

  The clever idea by Sulzmann and Lu \cite{Sulzmann2014} is to 

  define a function on values that mirrors (but inverts) the

  construction of the derivative on regular expressions. \emph{Values}

  are defined as the inductive datatype

  \begin{center}

  @{text "v :="}

  @{const "Void"} $\mid$

  @{term "val.Char c"} $\mid$

  @{term "Left v"} $\mid$

  @{term "Right v"} $\mid$

  @{term "Seq v\<^sub>1 v\<^sub>2"} $\mid$ 

  @{term "Stars vs"} 

  \end{center}  

  \noindent where we use @{term vs} to stand for a list of

  values. (This is similar to the approach taken by Frisch and

  Cardelli for GREEDY matching \cite{Frisch2004}, and Sulzmann and Lu

  for POSIX matching \cite{Sulzmann2014}). The string underlying a

  value can be calculated by the @{const flat} function, written

  @{term "flat DUMMY"} and defined as:

  \begin{center}

  \begin{tabular}[t]{lcl}

  @{thm (lhs) flat.simps(1)} & $\dn$ & @{thm (rhs) flat.simps(1)}\\

  @{thm (lhs) flat.simps(2)} & $\dn$ & @{thm (rhs) flat.simps(2)}\\

  @{thm (lhs) flat.simps(3)} & $\dn$ & @{thm (rhs) flat.simps(3)}\\

  @{thm (lhs) flat.simps(4)} & $\dn$ & @{thm (rhs) flat.simps(4)}

  \end{tabular}\hspace{14mm}

  \begin{tabular}[t]{lcl}

  @{thm (lhs) flat.simps(5)[of "v\<^sub>1" "v\<^sub>2"]} & $\dn$ & @{thm (rhs) flat.simps(5)[of "v\<^sub>1" "v\<^sub>2"]}\\

  @{thm (lhs) flat.simps(6)} & $\dn$ & @{thm (rhs) flat.simps(6)}\\

  @{thm (lhs) flat.simps(7)} & $\dn$ & @{thm (rhs) flat.simps(7)}\\

  \end{tabular}

  \end{center}

  \noindent We will sometimes refer to the underlying string of a

  value as \emph{flattened value}.  We will also overload our notation and 

  use @{term "flats vs"} for flattening a list of values and concatenating

  the resulting strings.

  Sulzmann and Lu define

  inductively an \emph{inhabitation relation} that associates values to

  regular expressions. We define this relation as

  follows:\footnote{Note that the rule for @{term Stars} differs from

  our earlier paper \cite{AusafDyckhoffUrban2016}. There we used the

  original definition by Sulzmann and Lu which does not require that

  the values @{term "v \<in> set vs"} flatten to a non-empty

  string. The reason for introducing the more restricted version of

  lexical values is convenience later on when reasoning about an

  ordering relation for values.}