public_html: Nominal/activities/cas09/Lec2.thy@f1be8028a4a9 (annotated)

415 f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	1	(*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	2
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	3	Isabelle Tutorial
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	4	-----------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	5
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	6	1st June 2009, Beijing
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	7
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	8	*)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	9
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	10	theory Lec2
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	11	imports "Main"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	12	begin
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	13
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	14	text {***********************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	15
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	16	Automatic proofs again:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	17
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	18	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	19
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	20	inductive
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	21	even :: "nat \<Rightarrow> bool"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	22	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	23	eZ[intro]: "even 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	24	\| eSS[intro]: "even n \<Longrightarrow> even (Suc (Suc n))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	25
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	26	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	27	In the following two lemmas we have to indicate the induction,
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	28	but the routine calculations can be done completely automatically
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	29	by Isabelle's internal tools.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	30	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	31
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	32	lemma even_twice:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	33	shows "even (n + n)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	34	by (induct n) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	35
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	36	lemma even_add:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	37	assumes a: "even n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	38	and b: "even m"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	39	shows "even (n + m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	40	using a b by (induct) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	41
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	42	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	43	In the next proof it was crucial that we introduced
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	44	the equation
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	45
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	46	(Suc (Suc n) * m) = (m + m) + (n * m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	47
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	48	because this allowed us to use the induction hypothesis
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	49	and the previous two lemmas. *}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	50
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	51	lemma even_mul:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	52	assumes a: "even n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	53	shows "even (n * m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	54	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	55	proof (induct)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	56	case eZ
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	57	show "even (0 * m)" by auto
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	58	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	59	case (eSS n)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	60	have as: "even n" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	61	have ih: "even (n * m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	62	have "(Suc (Suc n) * m) = (m + m) + (n * m)" by simp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	63	moreover
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	64	have "even (m + m)" using even_twice by simp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	65	ultimately
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	66	show "even (Suc (Suc n) * m)" using ih even_add by (simp only:)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	67	qed
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	68
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	69	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	70	This proof cannot be found by the internal tools, but
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	71	Isabelle has an interface to external provers. This
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	72	interface is called sledgehammer and it finds the
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	73	proof more or less automatically.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	74
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	75	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	76
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	77
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	78	lemma even_mul_auto:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	79	assumes a: "even n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	80	shows "even (n * m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	81	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	82	apply(induct)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	83	apply(metis eZ mult_is_0)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	84	apply(metis even_add even_twice mult_Suc_right nat_add_assoc nat_mult_commute)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	85	done
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	86
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	87	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	88	The disadvantage of such proofs is that you do
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	89	not know why they are true.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	90	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	91
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	92
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	93	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	94
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	95	Function Definitions
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	96	--------------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	97
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	98	Many functions over datatypes can be defined by recursion on the
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	99	structure. For this purpose, Isabelle provides "fun". To use it one needs
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	100	to give a name for the function, its type, optionally some pretty-syntax
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	101	and then some equations defining the function. Like in "inductive",
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	102	"fun" expects that more than one such equation is separated by "\|".
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	103
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	104	The Fibonacci function:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	105
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	106	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	107
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	108	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	109	fib :: "nat \<Rightarrow> nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	110	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	111	"fib 0 = 1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	112	\| "fib (Suc 0) = 1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	113	\| "fib (Suc (Suc n)) = fib n + fib (Suc n)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	114
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	115	text {* The Ackermann function: *}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	116
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	117	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	118	ack :: "nat \<Rightarrow> nat \<Rightarrow> nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	119	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	120	"ack 0 m = Suc m"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	121	\| "ack (Suc n) 0 = ack n (Suc 0)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	122	\| "ack (Suc n) (Suc m) = ack n (ack (Suc n) m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	123
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	124	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	125	Non-terminating functions can lead to inconsistencies.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	126	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	127
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	128	lemma
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	129	assumes a: "f x = f x + (1::nat)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	130	shows "False"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	131	proof -
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	132	from a have "0 = (1::nat)" by simp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	133	then show "False" by simp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	134	qed
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	135
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	136	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	137	If Isabelle cannot automatically prove termination,
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	138	then you can give an explicit measure that establishes
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	139	termination. For example a generalisation of the
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	140	Fibonacci function to integers can be shown terminating
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	141
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	142	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	143
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	144	function
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	145	fib' :: "int \<Rightarrow> int"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	146	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	147	"n< -1 \<Longrightarrow> fib' n = fib' (n + 2) - fib' (n + 1)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	148	\| "fib' -1 = (1::int)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	149	\| "fib' 0 = (0::int)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	150	\| "fib' 1 = (1::int)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	151	\| "n > 1 \<Longrightarrow> fib' n = fib' (n - 1) + fib' (n - 2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	152	by (atomize_elim, presburger) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	153
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	154	termination
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	155	by (relation "measure (\<lambda>x. nat (\<bar>x\<bar>))")
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	156	(simp_all add: zabs_def)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	157
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	158
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	159	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	160
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	161	Datatypes
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	162	---------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	163
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	164	Datatypes can be defined in Isabelle as follows: we have to provide the name
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	165	of the datatype and list its type-constructors. Each type-constructor needs
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	166	to have the information about the types of its arguments, and optionally
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	167	can also contain some information about pretty syntax. For example, we write
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	168	"[]" for Nil and ":::" for Cons.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	169
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	170	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	171
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	172	datatype 'a mylist =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	173	MyNil ("[]")
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	174	\| MyCons "'a" "'a mylist" ("_ ::: _" 65)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	175
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	176	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	177	You can easily define functions over the structure of datatypes.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	178	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	179
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	180	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	181	myappend :: "'a mylist \<Rightarrow> 'a mylist \<Rightarrow> 'a mylist" ("_ @@ _" 65)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	182	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	183	"[] @@ xs = xs"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	184	\| "(y:::ys) @@ xs = y:::(ys @@ xs)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	185
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	186	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	187	myrev :: "'a mylist \<Rightarrow> 'a mylist"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	188	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	189	"myrev [] = []"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	190	\| "myrev (x:::xs) = (myrev xs) @@ (x:::[])"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	191
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	192	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	193
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	194	Exercise: Prove the following fact about append and reversal.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	195
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	196	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	197
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	198	lemma myrev_append:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	199	shows "myrev (xs @@ ys) = (myrev ys) @@ (myrev xs)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	200	proof (induct xs)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	201	case MyNil
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	202	show "myrev ([] @@ ys) = myrev ys @@ myrev []" sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	203	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	204	case (MyCons x xs)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	205	have ih: "myrev (xs @@ ys) = myrev ys @@ myrev xs" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	206
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	207	show "myrev ((x:::xs) @@ ys) = myrev ys @@ myrev (x:::xs)" sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	208	qed
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	209
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	210
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	211
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	212
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	213
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	214
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	215
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	216
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	217
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	218
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	219
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	220
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	221
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	222
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	223
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	224
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	225	text {* auxiliary lemmas *}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	226
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	227	lemma mynil_append[simp]:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	228	shows "xs @@ [] = xs"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	229	by (induct xs) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	230
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	231	lemma myappend_assoc[simp]:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	232	"(xs @@ ys) @@ zs = xs @@ (ys @@ zs)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	233	by (induct xs) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	234
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	235	lemma
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	236	shows "myrev (xs @@ ys) = (myrev ys) @@ (myrev xs)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	237	by (induct xs) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	238
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	239	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	240
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	241	A WHILE Language:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	242
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	243	Arithmetic Expressions, Boolean Expressions, Commands
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	244	-----------------------------------------------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	245
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	246	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	247
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	248	types memory = "nat \<Rightarrow> nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	249
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	250	datatype aexp =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	251	C nat
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	252	\| X nat
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	253	\| Op1 "nat \<Rightarrow> nat" aexp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	254	\| Op2 "nat \<Rightarrow> nat \<Rightarrow> nat" aexp aexp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	255
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	256	datatype bexp =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	257	TRUE
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	258	\| FALSE
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	259	\| ROp "nat \<Rightarrow> nat \<Rightarrow> bool" aexp aexp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	260	\| NOT bexp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	261	\| AND bexp bexp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	262	\| OR bexp bexp
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	263
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	264	datatype cmd =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	265	SKIP
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	266	\| ASSIGN nat aexp ("_ ::= _ " 60)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	267	\| SEQ cmd cmd ("_; _" [60, 60] 10)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	268	\| COND bexp cmd cmd ("IF _ THEN _ ELSE _" 60)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	269	\| WHILE bexp cmd ("WHILE _ DO _" 60)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	270
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	271	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	272
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	273	Big-step Evaluation Semantics
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	274	-----------------------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	275
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	276	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	277
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	278	inductive
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	279	evala :: "aexp \<Rightarrow> memory \<Rightarrow> nat \<Rightarrow> bool" ("'(_,_') \<longrightarrow>a _" [100,100] 50)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	280	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	281	C: "(C n, m) \<longrightarrow>a n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	282	\| X: "(X i, m) \<longrightarrow>a m i"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	283	\| Op1: "(e, m) \<longrightarrow>a n \<Longrightarrow> (Op1 f e, m) \<longrightarrow>a (f n)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	284	\| Op2: "\<lbrakk>(e0, m) \<longrightarrow>a n0; (e1, m) \<longrightarrow>a n1\<rbrakk> \<Longrightarrow> (Op2 f e0 e1, m) \<longrightarrow>a f n0 n1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	285
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	286	inductive
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	287	evalb :: "bexp \<Rightarrow> memory \<Rightarrow> bool \<Rightarrow> bool" ("'(_,_') \<longrightarrow>b _" [100,100] 50)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	288	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	289	TRUE: "(TRUE, m) \<longrightarrow>b True"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	290	\| FALSE: "(FALSE, m) \<longrightarrow>b False"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	291	\| ROp: "\<lbrakk>(e1, m) \<longrightarrow>a n1; (e2, m) \<longrightarrow>a n2\<rbrakk> \<Longrightarrow> (ROp f e1 e2, m) \<longrightarrow>b (f n1 n2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	292	\| NOT: "(e, m) \<longrightarrow>b b \<Longrightarrow> (NOT e, m) \<longrightarrow>b (Not b)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	293	\| AND: "\<lbrakk>(e1, m) \<longrightarrow>b b1; (e2, m) \<longrightarrow>b b2\<rbrakk> \<Longrightarrow> (AND e1 e2, m) \<longrightarrow>b (b1 \<and> b2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	294	\| OR: "\<lbrakk>(e1, m) \<longrightarrow>b b1; (e2, m) \<longrightarrow>b b2\<rbrakk> \<Longrightarrow> (OR e1 e2, m) \<longrightarrow>b (b1 \<or> b2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	295
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	296	inductive
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	297	evalc :: "cmd \<Rightarrow> memory \<Rightarrow> memory \<Rightarrow> bool" ("'(_,_') \<longrightarrow>c _" [0,0,60] 60)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	298	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	299	SKIP: "(SKIP, m) \<longrightarrow>c m"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	300	\| ASSIGN: "(a, m) \<longrightarrow>a n \<Longrightarrow> (x::=a, m) \<longrightarrow>c m(x:=n)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	301	\| SEQ: "\<lbrakk>(c0, m) \<longrightarrow>c m'; (c1, m') \<longrightarrow>c m''\<rbrakk> \<Longrightarrow> (c0; c1, m) \<longrightarrow>c m''"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	302	\| IFTrue: "\<lbrakk>(e, m) \<longrightarrow>b True; (c0, m) \<longrightarrow>c m'\<rbrakk> \<Longrightarrow> (IF e THEN c0 ELSE c1, m) \<longrightarrow>c m'"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	303	\| IFFalse: "\<lbrakk>(e, m) \<longrightarrow>b False; (c1, m) \<longrightarrow>c m'\<rbrakk> \<Longrightarrow> (IF e THEN c0 ELSE c1, m) \<longrightarrow>c m'"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	304	\| WHILEFalse: "(e, m) \<longrightarrow>b False \<Longrightarrow> (WHILE e DO c,m) \<longrightarrow>c m"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	305	\| WHILETrue: "\<lbrakk>(e, m) \<longrightarrow>b True; (c,m) \<longrightarrow>c m'; (WHILE e DO c, m') \<longrightarrow>c m''\<rbrakk>
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	306	\<Longrightarrow> (WHILE e DO c, m) \<longrightarrow>c m''"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	307
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	308	lemmas evala.intros[intro] evalb.intros[intro] evalc.intros[intro]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	309
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	310	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	311
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	312	Machine Instructions
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	313	--------------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	314
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	315	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	316
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	317	datatype instr =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	318	JPFZ "nat" (* JUMP forward n steps, if top of stack is False *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	319	\| JPB "nat" (* JUMP backward n steps *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	320	\| FETCH "nat" (* move memory to top of stack *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	321	\| STORE "nat" (* move top of stack to memory *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	322	\| PUSH "nat" (* push to stack *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	323	\| OPU "nat \<Rightarrow> nat" (* pop one from stack and apply f *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	324	\| OPB "nat \<Rightarrow> nat \<Rightarrow> nat" (* pop two from stack and apply f *)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	325
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	326	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	327
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	328	Booleans 'as' Zero and One
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	329	--------------------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	330
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	331	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	332
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	333	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	334	WRAP::"bool\<Rightarrow>nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	335	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	336	"WRAP True = Suc 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	337	\| "WRAP False = 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	338
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	339	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	340	MNot::"nat \<Rightarrow> nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	341	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	342	"MNot 0 = 1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	343	\| "MNot (Suc 0) = 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	344
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	345	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	346	MAnd::"nat \<Rightarrow> nat \<Rightarrow> nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	347	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	348	"MAnd 0 x = 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	349	\| "MAnd x 0 = 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	350	\| "MAnd (Suc 0) (Suc 0) = 1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	351
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	352	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	353	MOr::"nat \<Rightarrow> nat \<Rightarrow> nat"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	354	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	355	"MOr 0 0 = 0"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	356	\| "MOr (Suc 0) x = 1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	357	\| "MOr x (Suc 0) = 1"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	358
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	359	lemma MNot_WRAP:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	360	"MNot (WRAP b) = WRAP (Not b)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	361	by (cases b) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	362
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	363	lemma MAnd_WRAP:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	364	"MAnd (WRAP b1) (WRAP b2) = WRAP (b1 \<and> b2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	365	by (cases b1, auto) (cases b2, simp_all)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	366
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	367
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	368	lemma MOr_WRAP:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	369	"MOr (WRAP b1) (WRAP b2) = WRAP (b1 \<or> b2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	370	by (cases b1, auto) (cases b2, simp_all)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	371
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	372	lemmas WRAP_lems = MNot_WRAP MAnd_WRAP MOr_WRAP
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	373
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	374	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	375
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	376	Compiler Functions
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	377	------------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	378
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	379	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	380
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	381	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	382	compa
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	383	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	384	"compa (C n) = [PUSH n]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	385	\| "compa (X l) = [FETCH l]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	386	\| "compa (Op1 f e) = (compa e) @ [OPU f]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	387	\| "compa (Op2 f e1 e2) = (compa e1) @ (compa e2) @ [OPB f]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	388
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	389	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	390	compb
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	391	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	392	"compb (TRUE) = [PUSH 1]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	393	\| "compb (FALSE) = [PUSH 0]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	394	\| "compb (ROp f e1 e2) = (compa e1) @ (compa e2) @ [OPB (\<lambda>x y. WRAP (f x y))]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	395	\| "compb (NOT e) = (compb e) @ [OPU MNot]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	396	\| "compb (AND e1 e2) = (compb e1) @ (compb e2) @ [OPB MAnd]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	397	\| "compb (OR e1 e2) = (compb e1) @ (compb e2) @ [OPB MOr]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	398
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	399	fun
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	400	compc :: "cmd \<Rightarrow> instr list"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	401	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	402	"compc SKIP = []"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	403	\| "compc (x::=a) = (compa a) @ [STORE x]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	404	\| "compc (c1;c2) = compc c1 @ compc c2"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	405	\| "compc (IF b THEN c1 ELSE c2) =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	406	(compb b) @ [JPFZ (length(compc c1) + 2)] @ compc c1 @
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	407	[PUSH 0, JPFZ (length(compc c2))] @ compc c2"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	408	\| "compc (WHILE b DO c) =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	409	(compb b) @
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	410	[JPFZ (length(compc c) + 1)] @ compc c @
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	411	[JPB (length(compc c) + length(compb b)+1)]"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	412
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	413	value "compc SKIP"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	414	value "compc (SKIP; SKIP)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	415	value "compa (Op2 (op +) (C 2) (C 3))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	416	value "compb (ROp (op <) (C 2) (C 3))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	417	value "compc (IF (ROp (op <) (C 2) (C 3)) THEN SKIP ELSE SKIP)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	418	value "compc (WHILE (ROp (op <) (C 2) (C 3)) DO SKIP)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	419	value "compc (x::= C 0; WHILE (ROp (op <) (X x) (C 3)) DO (x::= (Op2 (op +) (X x) (C 1))))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	420
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	421	text {*****************************************************************
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	422
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	423	Machine Execution
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	424	-----------------
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	425
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	426	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	427
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	428	types instrs = "instr list"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	429	types stack = "nat list"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	430
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	431	abbreviation
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	432	"rtake i xs \<equiv> rev (take i xs)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	433
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	434	inductive
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	435	step :: "instrs \<Rightarrow> instrs \<Rightarrow> stack \<Rightarrow> memory \<Rightarrow>
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	436	instrs \<Rightarrow> instrs \<Rightarrow> stack \<Rightarrow> memory \<Rightarrow> bool" ("'(_,_,_,_') \<longrightarrow>m '(_,_,_,_')")
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	437	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	438	"(PUSH n#p, q, s, m) \<longrightarrow>m (p, PUSH n#q, n#s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	439	\| "(FETCH i#p, q, s, m) \<longrightarrow>m (p, FETCH i#q, m i#s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	440	\| "(OPU f#p, q, n#s, m) \<longrightarrow>m (p, OPU f#q, f n#s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	441	\| "(OPB f#p, q, n1#n2#s, m) \<longrightarrow>m (p, OPB f#q, f n2 n1#s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	442	\| "(STORE i#p, q, n#s, m) \<longrightarrow>m (p, STORE i#q, s, m(i:=n))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	443	\| "(JPFZ i#p, q, Suc 0#s, m) \<longrightarrow>m (p, JPFZ i#q, s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	444	\| "i\<le>length p\<Longrightarrow>(JPFZ i#p, q, 0#s, m) \<longrightarrow>m (drop i p, (rtake i p) @ (JPFZ i#q), s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	445	\| "i\<le>length q\<Longrightarrow>(JPB i#p, q, s, m) \<longrightarrow>m ((rtake i q) @ (JPB i#p), drop i q, s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	446
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	447	lemmas step.intros[intro]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	448
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	449	inductive_cases step_elim[elim]:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	450	"(p,q,s,m) \<longrightarrow>m (p',q',s',m')"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	451
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	452	lemma exec_simp:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	453	shows "(instr#p, q, s, m) \<longrightarrow>m (p', q', s', m') =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	454	(case instr of
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	455	PUSH n \<Rightarrow> (p' = p \<and> q' = instr#q \<and> s' = n#s \<and> m' = m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	456	\| FETCH i \<Rightarrow> (p' = p \<and> q' = instr#q \<and> s' = m i#s \<and> m' = m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	457	\| OPU f \<Rightarrow> (\<exists>n si. p' = p \<and> q' = instr#q \<and> s = n#si \<and> s' = f n#si \<and> m' = m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	458	\| OPB f \<Rightarrow> (\<exists>n1 n2 si. p' = p \<and> q' = instr#q \<and> s = n1#n2#si \<and> s' = f n2 n1#si \<and> m' = m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	459	\| STORE i \<Rightarrow> (\<exists>n si. p' = p \<and> q' = instr#q \<and> s = n#si \<and> s' = si \<and> m' = m(i:=n))
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	460	\| JPFZ i \<Rightarrow> (\<exists>si. (p' = p \<and> q' = instr#q \<and> s = Suc 0#si \<and> s' = si \<and> m' = m) \<or>
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	461	(i\<le> length p \<and> p' = (drop i p) \<and> q' = (rev (take i p))@(instr#q)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	462	\<and> s = 0#si \<and> s' = si \<and> m' = m ))
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	463	\| JPB i \<Rightarrow> (i \<le> length q \<and> p' = (rtake i q)@(JPB i#p) \<and> q' = drop i q \<and> s' = s \<and> m' = m))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	464	by (auto split: instr.split_asm split_if_asm)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	465
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	466	inductive
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	467	steps :: "instrs \<Rightarrow> instrs \<Rightarrow> stack \<Rightarrow> memory \<Rightarrow>
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	468	instrs \<Rightarrow> instrs \<Rightarrow> stack \<Rightarrow> memory \<Rightarrow> bool" ("'(_,_,_,_') \<longrightarrow>m* '(_,_,_,_')")
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	469	where
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	470	refl: "(p,q,s,m) \<longrightarrow>m* (p,q,s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	471	\| step: "\<lbrakk>(p1,q1,s1,m1) \<longrightarrow>m (p2,q2,s2,m2); (p2,q2,s2,m2) \<longrightarrow>m* (p3,q3,s3,m3)\<rbrakk>
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	472	\<Longrightarrow> (p1,q1,s1,m1) \<longrightarrow>m* (p3,q3,s3,m3)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	473
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	474	lemmas steps.step[intro]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	475	lemmas steps.refl[simp]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	476
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	477	inductive_cases steps_elim[elim]:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	478	"(p,q,s,m) \<longrightarrow>m* (p',q',s',m')"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	479
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	480	lemma steps_trans:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	481	assumes a: "(p1,q1,s1,m1) \<longrightarrow>m* (p2,q2,s2,m2)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	482	and b: "(p2,q2,s2,m2) \<longrightarrow>m* (p3,q3,s3,m3)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	483	shows "(p1,q1,s1,m1) \<longrightarrow>m* (p3,q3,s3,m3)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	484	using a b by (induct) (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	485
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	486	lemma steps_simp:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	487	shows "(i#p,q,s,m) \<longrightarrow>m* (p',q',s',m') =
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	488	((i#p,q,s,m) = (p',q',s',m') \<or>
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	489	(\<exists>pi qi si mi. (i#p,q,s,m) \<longrightarrow>m (pi,qi,si,mi) \<and> (pi,qi,si,mi) \<longrightarrow>m* (p',q',s',m')))"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	490	by (auto)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	491
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	492	lemma compa_first_attempt:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	493	assumes a: "(e, m) \<longrightarrow>a n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	494	shows "(compa e, [], [], m) \<longrightarrow>m* ([], rev (compa e), [n], m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	495	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	496	proof (induct)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	497	case (C n m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	498	show "(compa (C n),[],[],m) \<longrightarrow>m* ([],rev (compa (C n)),[n],m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	499	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	500	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	501	case (X i m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	502	show "(compa (X i),[],[],m) \<longrightarrow>m* ([],rev (compa (X i)),[m i],m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	503	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	504	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	505	case (Op1 e m n f)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	506	have as: "(e, m) \<longrightarrow>a n" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	507	have ih: "(compa e,[],[],m) \<longrightarrow>m* ([],rev (compa e),[n],m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	508	show "(compa (Op1 f e),[],[],m) \<longrightarrow>m* ([],rev (compa (Op1 f e)),[f n],m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	509	using ih sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	510	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	511	case (Op2 e0 m n0 e1 n1 f)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	512	have as1: "(e0, m) \<longrightarrow>a n0" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	513	have as2: "(e1, m) \<longrightarrow>a n1" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	514	have ih1: "(compa e0,[],[],m) \<longrightarrow>m* ([],rev (compa e0),[n0],m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	515	have ih2: "(compa e1,[],[],m) \<longrightarrow>m* ([],rev (compa e1),[n1],m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	516	show "(compa (Op2 f e0 e1),[],[],m) \<longrightarrow>m* ([],rev (compa (Op2 f e0 e1)),[f n0 n1],m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	517	using ih1[THEN steps_trans] ih2[THEN steps_trans]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	518	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	519	qed
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	520
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	521
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	522
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	523
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	524
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	525
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	526
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	527
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	528
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	529
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	530
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	531
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	532
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	533
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	534
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	535	lemma compa_aux:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	536	assumes a: "(e, m) \<longrightarrow>a n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	537	shows "(compa e@p, q, s, m) \<longrightarrow>m* (p, rev (compa e)@q, n#s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	538	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	539	proof (induct arbitrary: p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	540	case (C n m p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	541	show "(compa (C n)@p,q,s,m) \<longrightarrow>m* (p,rev (compa (C n))@q,n#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	542	by (simp add: steps_simp exec_simp)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	543	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	544	case (X i m p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	545	show "(compa (X i)@p,q,s,m) \<longrightarrow>m* (p,rev (compa (X i))@q,m i#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	546	by (simp add: steps_simp exec_simp)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	547	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	548	case (Op1 e m n f p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	549	have as: "(e, m) \<longrightarrow>a n" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	550	have ih: "\<And>p q s. (compa e@p,q,s,m) \<longrightarrow>m* (p,rev (compa e)@q,n#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	551	show "(compa (Op1 f e)@p,q,s,m) \<longrightarrow>m* (p,rev (compa (Op1 f e))@q,f n#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	552	using ih[THEN steps_trans] by (simp add: steps_simp exec_simp)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	553	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	554	case (Op2 e0 m n0 e1 n1 f p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	555	have as1: "(e0, m) \<longrightarrow>a n0" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	556	have as2: "(e1, m) \<longrightarrow>a n1" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	557	have ih1: "\<And>p q s. (compa e0@p,q,s,m) \<longrightarrow>m* (p,rev (compa e0)@q,n0#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	558	have ih2: "\<And>p q s. (compa e1@p,q,s,m) \<longrightarrow>m* (p,rev (compa e1)@q,n1#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	559	show "(compa (Op2 f e0 e1)@p,q,s,m) \<longrightarrow>m* (p,rev (compa (Op2 f e0 e1))@q,f n0 n1#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	560	using ih1[THEN steps_trans] ih2[THEN steps_trans]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	561	by (simp add: steps_simp exec_simp)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	562	qed
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	563
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	564
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	565	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	566	After the fact I constructed the detailed proof, I
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	567	could guide Isabelle to find the proof automatically.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	568
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	569	B U T T H A T I S C H E A T I N G!!!
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	570	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	571
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	572	lemma compa_aux_cheating:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	573	assumes a: "(e,m) \<longrightarrow>a n"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	574	shows "(compa e@p,q,s,m) \<longrightarrow>m* (p,rev (compa e)@q,n#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	575	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	576	by (induct arbitrary: p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	577	(force intro: steps_trans simp add: steps_simp exec_simp)+
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	578
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	579
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	580	lemma compb_aux_cheating:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	581	assumes a: "(e,m) \<longrightarrow>b b"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	582	shows "(compb e@p,q,s,m) \<longrightarrow>m* (p,rev (compb e)@q,(WRAP b)#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	583	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	584	by (induct arbitrary: p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	585	(force intro: compa_aux steps_trans
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	586	simp add: steps_simp exec_simp WRAP_lems)+
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	587
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	588	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	589
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	590	Exercise: After you know the lemma is provable,
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	591	try to give all details.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	592
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	593	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	594
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	595	lemma compb_aux:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	596	assumes a: "(e, m) \<longrightarrow>b b"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	597	shows "(compb e@p, q, s, m) \<longrightarrow>m* (p, rev (compb e)@q, WRAP b#s, m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	598	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	599	proof (induct arbitrary: p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	600	case (TRUE m p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	601	show "(compb TRUE@p,q,s,m) \<longrightarrow>m* (p,rev (compb TRUE)@q,WRAP True#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	602	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	603	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	604	case (FALSE m p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	605	show "(compb FALSE@p,q,s,m) \<longrightarrow>m* (p,rev (compb FALSE)@q,WRAP False#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	606	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	607	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	608	case (ROp e1 m n1 e2 n2 f p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	609	have as1: "(e1, m) \<longrightarrow>a n1" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	610	have as2: "(e2, m) \<longrightarrow>a n2" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	611	show "(compb (ROp f e1 e2)@p,q,s,m)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	612	\<longrightarrow>m* (p,rev (compb (ROp f e1 e2))@q,WRAP (f n1 n2)#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	613	using as1 as2 sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	614	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	615	case (NOT e m b p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	616	have ih: "\<And>p q s. (compb e@p,q,s,m) \<longrightarrow>m* (p,rev (compb e)@q,WRAP b#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	617	show "(compb (NOT e)@p,q,s,m) \<longrightarrow>m* (p,rev (compb (NOT e))@q,WRAP (\<not>b)#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	618	using ih[THEN steps_trans]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	619	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	620	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	621	case (AND e1 m b1 e2 b2 p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	622	have ih1: "\<And>p q s. (compb e1@p,q,s,m) \<longrightarrow>m* (p,rev (compb e1)@q,WRAP b1#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	623	have ih2: "\<And>p q s. (compb e2@p,q,s,m) \<longrightarrow>m* (p,rev (compb e2)@q,WRAP b2#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	624	show "(compb (AND e1 e2)@p,q,s,m) \<longrightarrow>m* (p,rev (compb (AND e1 e2))@q,WRAP (b1 \<and> b2)#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	625	using ih1[THEN steps_trans] ih2[THEN steps_trans]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	626	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	627	next
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	628	case (OR e1 m b1 e2 b2 p q s)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	629	have ih1: "\<And>p q s. (compb e1@p,q,s,m) \<longrightarrow>m* (p,rev (compb e1)@q,WRAP b1#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	630	have ih2: "\<And>p q s. (compb e2@p,q,s,m) \<longrightarrow>m* (p,rev (compb e2)@q,WRAP b2#s,m)" by fact
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	631	show "(compb (OR e1 e2)@p,q,s,m) \<longrightarrow>m* (p,rev (compb (OR e1 e2))@q,WRAP (b1 \<or> b2)#s,m)"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	632	using ih1[THEN steps_trans] ih2[THEN steps_trans]
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	633	sorry
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	634	qed
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	635
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	636	text {*
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	637
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	638	Also the detailed proof of this lemma is left as an exercise.
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	639
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	640	*}
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	641
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	642	lemma compc_aux_cheating:
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	643	assumes a: "(c,m) \<longrightarrow>c m'"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	644	shows "(compc c@p,q,s,m) \<longrightarrow>m* (p,rev (compc c)@q,s,m')"
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	645	using a
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	646	by (induct arbitrary: p q)
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	647	(force intro: compa_aux compb_aux_cheating steps_trans
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	648	simp add: steps_simp exec_simp)+
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	649
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	650	end
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	651
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	652
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	653
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	654
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	655
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	656
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	657
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	658
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	659
f1be8028a4a9 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	660

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Wed, 30 Mar 2016 17:27:34 +0100
changeset 415	f1be8028a4a9
permissions	-rw-r--r--