1600
+ − 1 theory ExLet
+ − 2 imports "Parser"
+ − 3 begin
+ − 4
+ − 5 text {* example 3 or example 5 from Terms.thy *}
+ − 6
+ − 7 atom_decl name
+ − 8
+ − 9 ML {* val _ = recursive := false *}
1650
4b949985cf57
Gathering things to prove by induction together; removed cheat_bn_eqvt.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 10
4b949985cf57
Gathering things to prove by induction together; removed cheat_bn_eqvt.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 11
1600
+ − 12 nominal_datatype trm =
+ − 13 Vr "name"
+ − 14 | Ap "trm" "trm"
+ − 15 | Lm x::"name" t::"trm" bind x in t
1602
+ − 16 | Lt a::"lts" t::"trm" bind "bn a" in t
1600
+ − 17 and lts =
1602
+ − 18 Lnil
+ − 19 | Lcons "name" "trm" "lts"
1600
+ − 20 binder
+ − 21 bn
+ − 22 where
1602
+ − 23 "bn Lnil = {}"
+ − 24 | "bn (Lcons x t l) = {atom x} \<union> (bn l)"
1600
+ − 25
+ − 26 thm trm_lts.fv
+ − 27 thm trm_lts.eq_iff
+ − 28 thm trm_lts.bn
+ − 29 thm trm_lts.perm
1638
+ − 30 thm trm_lts.induct[no_vars]
+ − 31 thm trm_lts.inducts[no_vars]
1600
+ − 32 thm trm_lts.distinct
+ − 33 thm trm_lts.fv[simplified trm_lts.supp]
+ − 34
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 35 primrec
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 36 permute_bn_raw
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 37 where
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 38 "permute_bn_raw pi (Lnil_raw) = Lnil_raw"
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 39 | "permute_bn_raw pi (Lcons_raw a t l) = Lcons_raw (pi \<bullet> a) t (permute_bn_raw pi l)"
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 40
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 41 quotient_definition
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 42 "permute_bn :: perm \<Rightarrow> lts \<Rightarrow> lts"
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 43 is
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 44 "permute_bn_raw"
1639
+ − 45
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 46 lemma [quot_respect]: "((op =) ===> alpha_lts_raw ===> alpha_lts_raw) permute_bn_raw permute_bn_raw"
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 47 apply simp
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 48 apply clarify
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 49 apply (erule alpha_trm_raw_alpha_lts_raw_alpha_bn_raw.inducts)
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 50 apply simp_all
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 51 apply (rule alpha_trm_raw_alpha_lts_raw_alpha_bn_raw.intros)
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 52 apply simp
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 53 apply (rule alpha_trm_raw_alpha_lts_raw_alpha_bn_raw.intros)
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 54 apply simp
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 55 done
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 56
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 57 lemmas permute_bn = permute_bn_raw.simps[quot_lifted]
1639
+ − 58
1642
+ − 59 lemma permute_bn_zero:
+ − 60 "permute_bn 0 a = a"
+ − 61 apply(induct a rule: trm_lts.inducts(2))
+ − 62 apply(rule TrueI)
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 63 apply(simp_all add:permute_bn eqvts)
1642
+ − 64 done
+ − 65
1640
+ − 66 lemma permute_bn_add:
+ − 67 "permute_bn (p + q) a = permute_bn p (permute_bn q a)"
+ − 68 oops
+ − 69
1643
+ − 70 lemma permute_bn_alpha_bn: "alpha_bn lts (permute_bn q lts)"
+ − 71 apply(induct lts rule: trm_lts.inducts(2))
+ − 72 apply(rule TrueI)
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 73 apply(simp_all add:permute_bn eqvts trm_lts.eq_iff)
1643
+ − 74 done
1641
+ − 75
1642
+ − 76 lemma perm_bn:
+ − 77 "p \<bullet> bn l = bn(permute_bn p l)"
+ − 78 apply(induct l rule: trm_lts.inducts(2))
+ − 79 apply(rule TrueI)
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 80 apply(simp_all add:permute_bn eqvts)
1642
+ − 81 done
+ − 82
1643
+ − 83 lemma Lt_subst:
+ − 84 "supp (Abs (bn lts) trm) \<sharp>* q \<Longrightarrow> (Lt lts trm) = Lt (permute_bn q lts) (q \<bullet> trm)"
+ − 85 apply (simp only: trm_lts.eq_iff)
+ − 86 apply (rule_tac x="q" in exI)
+ − 87 apply (simp add: alphas)
+ − 88 apply (simp add: permute_bn_alpha_bn)
+ − 89 apply (simp add: perm_bn[symmetric])
+ − 90 apply (simp add: eqvts[symmetric])
+ − 91 apply (simp add: supp_Abs)
+ − 92 apply (simp add: trm_lts.supp)
+ − 93 apply (rule supp_perm_eq[symmetric])
+ − 94 apply (subst supp_finite_atom_set)
+ − 95 apply (rule finite_Diff)
+ − 96 apply (simp add: finite_supp)
+ − 97 apply (assumption)
+ − 98 done
+ − 99
+ − 100
1642
+ − 101 lemma fin_bn:
+ − 102 "finite (bn l)"
+ − 103 apply(induct l rule: trm_lts.inducts(2))
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 104 apply(simp_all add:permute_bn eqvts)
1642
+ − 105 done
+ − 106
1638
+ − 107 lemma
+ − 108 fixes t::trm
+ − 109 and l::lts
+ − 110 and c::"'a::fs"
1640
+ − 111 assumes a1: "\<And>name c. P1 c (Vr name)"
1638
+ − 112 and a2: "\<And>trm1 trm2 c. \<lbrakk>\<And>d. P1 d trm1; \<And>d. P1 d trm2\<rbrakk> \<Longrightarrow> P1 c (Ap trm1 trm2)"
1640
+ − 113 and a3: "\<And>name trm c. \<lbrakk>atom name \<sharp> c; \<And>d. P1 d trm\<rbrakk> \<Longrightarrow> P1 c (Lm name trm)"
1641
+ − 114 and a4: "\<And>lts trm c. \<lbrakk>bn lts \<sharp>* c; \<And>d. P2 d lts; \<And>d. P1 d trm\<rbrakk> \<Longrightarrow> P1 c (Lt lts trm)"
1638
+ − 115 and a5: "\<And>c. P2 c Lnil"
+ − 116 and a6: "\<And>name trm lts c. \<lbrakk>\<And>d. P1 d trm; \<And>d. P2 d lts\<rbrakk> \<Longrightarrow> P2 c (Lcons name trm lts)"
+ − 117 shows "P1 c t" and "P2 c l"
+ − 118 proof -
+ − 119 have "(\<And>(p::perm) (c::'a::fs). P1 c (p \<bullet> t))" and
1642
+ − 120 b': "(\<And>(p::perm) (q::perm) (c::'a::fs). P2 c (permute_bn p (q \<bullet> l)))"
1638
+ − 121 apply(induct rule: trm_lts.inducts)
+ − 122 apply(simp)
+ − 123 apply(rule a1)
+ − 124 apply(simp)
+ − 125 apply(rule a2)
+ − 126 apply(simp)
+ − 127 apply(simp)
+ − 128 apply(simp)
+ − 129 apply(subgoal_tac "\<exists>q. (q \<bullet> (atom (p \<bullet> name))) \<sharp> c \<and> supp (Lm (p \<bullet> name) (p \<bullet> trm)) \<sharp>* q")
+ − 130 apply(erule exE)
+ − 131 apply(rule_tac t="Lm (p \<bullet> name) (p \<bullet> trm)"
+ − 132 and s="q\<bullet> Lm (p \<bullet> name) (p \<bullet> trm)" in subst)
+ − 133 apply(rule supp_perm_eq)
+ − 134 apply(simp)
+ − 135 apply(simp)
+ − 136 apply(rule a3)
+ − 137 apply(simp add: atom_eqvt)
+ − 138 apply(subst permute_plus[symmetric])
+ − 139 apply(blast)
+ − 140 apply(rule at_set_avoiding2_atom)
+ − 141 apply(simp add: finite_supp)
+ − 142 apply(simp add: finite_supp)
+ − 143 apply(simp add: fresh_def)
+ − 144 apply(simp add: trm_lts.fv[simplified trm_lts.supp])
+ − 145 apply(simp)
1642
+ − 146 apply(subgoal_tac "\<exists>q. (q \<bullet> bn (p \<bullet> lts)) \<sharp>* c \<and> supp (Abs (bn (p \<bullet> lts)) (p \<bullet> trm)) \<sharp>* q")
1638
+ − 147 apply(erule exE)
1641
+ − 148 apply(erule conjE)
+ − 149 apply(subst Lt_subst)
+ − 150 apply assumption
1638
+ − 151 apply(rule a4)
1642
+ − 152 apply(simp add:perm_bn)
1641
+ − 153 apply assumption
+ − 154 apply (simp add: fresh_star_def fresh_def)
1640
+ − 155 apply(rotate_tac 1)
+ − 156 apply(drule_tac x="q + p" in meta_spec)
+ − 157 apply(simp)
1642
+ − 158 apply(rule at_set_avoiding2)
+ − 159 apply(rule fin_bn)
1641
+ − 160 apply(simp add: finite_supp)
+ − 161 apply(simp add: supp_Abs)
+ − 162 apply(rule finite_Diff)
+ − 163 apply(simp add: finite_supp)
1642
+ − 164 apply(simp add: fresh_star_def fresh_def supp_Abs)
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 165 apply(simp add: eqvts permute_bn)
1640
+ − 166 apply(rule a5)
1644
0e705352bcef
Properly defined permute_bn. No more sorry's in Let strong induction.
Cezary Kaliszyk <kaliszyk@in.tum.de>
diff
changeset
+ − 167 apply(simp add: permute_bn)
1640
+ − 168 apply(rule a6)
+ − 169 apply simp
+ − 170 apply simp
1642
+ − 171 done
+ − 172 then have a: "P1 c (0 \<bullet> t)" by blast
+ − 173 have "P2 c (permute_bn 0 (0 \<bullet> l))" using b' by blast
+ − 174 then show "P1 c t" and "P2 c l" using a permute_bn_zero by simp_all
+ − 175 qed
+ − 176
1638
+ − 177
+ − 178
1602
+ − 179 lemma lets_bla:
+ − 180 "x \<noteq> z \<Longrightarrow> y \<noteq> z \<Longrightarrow> x \<noteq> y \<Longrightarrow>(Lt (Lcons x (Vr y) Lnil) (Vr x)) \<noteq> (Lt (Lcons x (Vr z) Lnil) (Vr x))"
+ − 181 by (simp add: trm_lts.eq_iff)
+ − 182
+ − 183 lemma lets_ok:
+ − 184 "(Lt (Lcons x (Vr y) Lnil) (Vr x)) = (Lt (Lcons y (Vr y) Lnil) (Vr y))"
+ − 185 apply (simp add: trm_lts.eq_iff)
+ − 186 apply (rule_tac x="(x \<leftrightarrow> y)" in exI)
+ − 187 apply (simp_all add: alphas)
+ − 188 apply (simp add: fresh_star_def eqvts)
+ − 189 done
+ − 190
+ − 191 lemma lets_ok3:
+ − 192 "x \<noteq> y \<Longrightarrow>
+ − 193 (Lt (Lcons x (Ap (Vr y) (Vr x)) (Lcons y (Vr y) Lnil)) (Ap (Vr x) (Vr y))) \<noteq>
+ − 194 (Lt (Lcons y (Ap (Vr x) (Vr y)) (Lcons x (Vr x) Lnil)) (Ap (Vr x) (Vr y)))"
+ − 195 apply (simp add: alphas trm_lts.eq_iff)
+ − 196 done
+ − 197
+ − 198
+ − 199 lemma lets_not_ok1:
+ − 200 "(Lt (Lcons x (Vr x) (Lcons y (Vr y) Lnil)) (Ap (Vr x) (Vr y))) =
+ − 201 (Lt (Lcons y (Vr x) (Lcons x (Vr y) Lnil)) (Ap (Vr x) (Vr y)))"
+ − 202 apply (simp add: alphas trm_lts.eq_iff)
+ − 203 apply (rule_tac x="0::perm" in exI)
+ − 204 apply (simp add: fresh_star_def eqvts)
+ − 205 apply blast
+ − 206 done
+ − 207
+ − 208 lemma lets_nok:
+ − 209 "x \<noteq> y \<Longrightarrow> x \<noteq> z \<Longrightarrow> z \<noteq> y \<Longrightarrow>
+ − 210 (Lt (Lcons x (Ap (Vr z) (Vr z)) (Lcons y (Vr z) Lnil)) (Ap (Vr x) (Vr y))) \<noteq>
+ − 211 (Lt (Lcons y (Vr z) (Lcons x (Ap (Vr z) (Vr z)) Lnil)) (Ap (Vr x) (Vr y)))"
+ − 212 apply (simp add: alphas trm_lts.eq_iff fresh_star_def)
+ − 213 done
+ − 214
+ − 215
1600
+ − 216 end
+ − 217
+ − 218
+ − 219