tm2: thys/Hoare_gen.thy@457240e42972 (annotated)

0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	1	header {*
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	2	Generic Separation Logic
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	3	*}
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	4
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	5	theory Hoare_gen
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	6	imports Main
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	7	"../Separation_Algebra/Sep_Tactics"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	8	begin
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	9
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	10
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	11	definition
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	12	pasrt :: "bool \<Rightarrow> 'a::sep_algebra \<Rightarrow> bool" ("<_>" [72] 71)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	13	where "pasrt b = (\<lambda> s . s = 0 \<and> b)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	14
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	15
5 6c722e960f2e minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 3 diff changeset	16	(* same as sep.mult.left_commute *)
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	17	lemma sep_conj_cond1:
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	18	"(p \<and>* <cond> \<and>* q) = (<cond> \<and>* p \<and>* q)"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	19	by (rule sep.mult.left_commute)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	20
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	21	(* same as sep.mult.commute *)
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	22	lemma sep_conj_cond2:
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	23	"(p \<and>* <cond>) = (<cond> \<and>* p)"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	24	by(rule sep.mult.commute)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	25
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	26	(* same as sep.mult_assoc *)
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	27	lemma sep_conj_cond3:
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	28	"((<cond> \<and>* p) \<and>* r) = (<cond> \<and>* p \<and>* r)"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	29	by (rule sep.mult_assoc)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	30
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	31	lemmas sep_conj_cond = sep_conj_cond1 sep_conj_cond2 sep_conj_cond3
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	32
12 457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	33	lemma cond_true_eq [simp]:
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	34	"<True> = \<box>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	35	by(unfold sep_empty_def pasrt_def, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	36
12 457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	37	lemma cond_true_eq1:
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	38	"(<True> \<and>* p) = p"
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	39	by (simp)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	40
12 457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	41	lemma cond_true_eq2:
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	42	"(p \<and>* <True>) = p"
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	43	by simp
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	44
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	45	lemma false_simp [simp]:
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	46	"<False> = sep_false" (* move *)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	47	by (simp add:pasrt_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	48
12 457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	49	lemma condD:
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	50	"(<b> \<and>* r) s \<Longrightarrow> b \<and> r s"
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	51	unfolding sep_conj_def pasrt_def
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	52	by auto
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	53
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	54	locale sep_exec =
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	55	fixes step :: "'conf \<Rightarrow> 'conf"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	56	and recse:: "'conf \<Rightarrow> 'a::sep_algebra"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	57	begin
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	58
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	59	definition "run n = step ^^ n"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	60
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	61	lemma run_add: "run (n1 + n2) s = run n1 (run n2 s)"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	62	unfolding run_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	63	by (simp add: funpow_add)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	64
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	65	(* separation Hoare tripple *)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	66	definition
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	67	Hoare_gen :: "('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> bool" ("(\<lbrace>(1_)\<rbrace>/ (_)/ \<lbrace>(1_)\<rbrace>)" 50)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	68	where
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	69	"\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace> \<equiv>
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	70	\<forall>s r. (p \<and>* c \<and>* r) (recse s) \<longrightarrow> (\<exists>k. (q \<and>* c \<and>* r) (recse (run (Suc k) s)))"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	71
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	72	lemma HoareI [case_names Pre]:
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	73	assumes h: "\<And> r s. (p \<and>* c \<and>* r) (recse s) \<Longrightarrow> \<exists>k. (q \<and>* c \<and>* r) (recse (run (Suc k) s))"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	74	shows "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	75	using h
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	76	unfolding Hoare_gen_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	77	by simp
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	78
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	79	lemma frame_rule:
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	80	assumes "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	81	shows "\<lbrace>p \<and>* r\<rbrace> c \<lbrace>q \<and>* r\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	82	using assms
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	83	unfolding Hoare_gen_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	84	by (metis sep_conj_assoc sep_conj_left_commute)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	85
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	86	lemma sequencing:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	87	assumes h1: "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	88	and h2: "\<lbrace>q\<rbrace> c \<lbrace>r\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	89	shows "\<lbrace>p\<rbrace> c \<lbrace>r\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	90	proof(induct rule: HoareI)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	91	case (Pre r' s')
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	92	have "(p \<and>* c \<and>* r') (recse s')" by fact
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	93	with h1[unfolded Hoare_gen_def]
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	94	obtain k1 where "(q \<and>* c \<and>* r') (recse (run (Suc k1) s'))" by auto
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	95	with h2[unfolded Hoare_gen_def]
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	96	obtain k2 where "(r \<and>* c \<and>* r') (recse (run (Suc k2) (run (Suc k1) s')))" by auto
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	97	thus "\<exists>k. (r \<and>* c \<and>* r') (recse (run (Suc k) s'))"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	98	by (auto simp add: run_add[symmetric])
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	99	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	100
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	101	lemma pre_stren:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	102	assumes h1: "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	103	and h2: "\<And>s. r s \<Longrightarrow> p s"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	104	shows "\<lbrace>r\<rbrace> c \<lbrace>q\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	105	using assms
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	106	unfolding Hoare_gen_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	107	by (metis sep_globalise)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	108
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	109	lemma post_weaken:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	110	assumes h1: "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	111	and h2: "\<And> s. q s \<Longrightarrow> r s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	112	shows "\<lbrace>p\<rbrace> c \<lbrace>r\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	113	using assms
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	114	unfolding Hoare_gen_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	115	by (metis sep_globalise)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	116
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	117	lemma hoare_adjust:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	118	assumes h1: "\<lbrace>p1\<rbrace> c \<lbrace>q1\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	119	and h2: "\<And>s. p s \<Longrightarrow> p1 s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	120	and h3: "\<And>s. q1 s \<Longrightarrow> q s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	121	shows "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	122	using h1 h2 h3 post_weaken pre_stren
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	123	by (blast)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	124
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	125	lemma code_exI:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	126	assumes h: "\<And> k. \<lbrace>p\<rbrace> c(k) \<lbrace>q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	127	shows "\<lbrace>p\<rbrace> EXS k. c(k) \<lbrace>q\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	128	unfolding pred_ex_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	129	proof(induct rule:HoareI)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	130	case (Pre r' s')
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	131	then obtain k where "(p \<and>* (\<lambda> s. c k s) \<and>* r') (recse s')"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	132	by (auto elim!: sep_conjE intro!: sep_conjI)
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	133	with h[unfolded Hoare_gen_def]
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	134	show "\<exists>k. (q \<and>* (\<lambda>s. \<exists>x. c x s) \<and>* r') (recse (run (Suc k) s'))"
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	135	by (blast elim!: sep_conjE intro!: sep_conjI)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	136	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	137
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	138	lemma code_extension:
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	139	assumes "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	140	shows "\<lbrace>p\<rbrace> c \<and>* e \<lbrace>q\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	141	using assms
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	142	unfolding Hoare_gen_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	143	by (metis sep_conj_assoc)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	144
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	145	lemma code_extension1:
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	146	assumes "\<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	147	shows "\<lbrace>p\<rbrace> e \<and>* c \<lbrace>q\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	148	using assms
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	149	unfolding Hoare_gen_def
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	150	by (metis sep_conj_commute sep_conj_left_commute)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	151
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	152	lemma composition:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	153	assumes h1: "\<lbrace>p\<rbrace> c1 \<lbrace>q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	154	and h2: "\<lbrace>q\<rbrace> c2 \<lbrace>r\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	155	shows "\<lbrace>p\<rbrace> c1 \<and>* c2 \<lbrace>r\<rbrace>"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	156	using assms
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	157	by (auto intro: sequencing code_extension code_extension1)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	158
11 f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	159	lemma pre_condI:
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	160	assumes h: "cond \<Longrightarrow> \<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	161	shows "\<lbrace><cond> \<and>* p\<rbrace> c \<lbrace>q\<rbrace>"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	162	proof(induct rule:HoareI)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	163	case (Pre r s)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	164	hence "cond" "(p \<and>* c \<and>* r) (recse s)"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	165	apply (metis pasrt_def sep_conjD)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	166	by (smt Pre.hyps pasrt_def sep_add_zero sep_conj_commute sep_conj_def)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	167	from h[OF this(1), unfolded Hoare_gen_def, rule_format, OF this(2)]
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	168	show ?case .
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	169	qed
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	170
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	171	lemma code_condI:
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	172	assumes h: "b \<Longrightarrow> \<lbrace>p\<rbrace> c \<lbrace>q\<rbrace>"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	173	shows "\<lbrace>p\<rbrace> <b> \<and>* c \<lbrace>q\<rbrace>"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	174	proof(induct rule: HoareI)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	175	case (Pre r s)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	176	hence h1: "b" "(p \<and>* c \<and>* r) (recse s)"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	177	apply (metis condD sep_conjD sep_conj_assoc)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	178	by (smt Pre.hyps condD sep_conj_impl)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	179	from h[OF h1(1), unfolded Hoare_gen_def, rule_format, OF h1(2)]
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	180	and h1(1)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	181	show ?case
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	182	by (metis (full_types) cond_true_eq1)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	183	qed
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	184
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	185	lemma precond_exI:
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	186	assumes h:"\<And>x. \<lbrace>p x\<rbrace> c \<lbrace>q\<rbrace>"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	187	shows "\<lbrace>EXS x. p x\<rbrace> c \<lbrace>q\<rbrace>"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	188	proof(induct rule: HoareI)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	189	case (Pre r s)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	190	then obtain x where "(p x \<and>* c \<and>* r) (recse s)"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	191	by (unfold pred_ex_def, auto elim!:sep_conjE intro!:sep_conjI)
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	192	from h[of x, unfolded Hoare_gen_def, rule_format, OF this]
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	193	show ?case .
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	194	qed
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	195
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	196	lemma hoare_sep_false:
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	197	"\<lbrace>sep_false\<rbrace> c \<lbrace>q\<rbrace>"
12 457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	198	unfolding Hoare_gen_def
457240e42972 some minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 11 diff changeset	199	by auto
11 f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	200
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	201	lemma pred_exI:
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	202	assumes "(P(x) \<and>* r) s"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	203	shows "((EXS x. P(x)) \<and>* r) s"
f8b2bf858caf moved some lemmas Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 8 diff changeset	204	by (metis assms pred_ex_def sep_globalise)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	205
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	206	definition
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	207	IHoare :: "('b::sep_algebra \<Rightarrow> 'a \<Rightarrow> bool) \<Rightarrow> ('b \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> ('b \<Rightarrow> bool) \<Rightarrow> bool"
545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	208	("(1_).(\<lbrace>(1_)\<rbrace>/ (_)/ \<lbrace>(1_)\<rbrace>)" 50)
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	209	where
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	210	"I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace> = (\<forall>s'. \<lbrace>EXS s. <P s> \<and>* <(s ## s')> \<and>* I(s + s')\<rbrace> c
dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	211	\<lbrace>EXS s. <Q s> \<and>* <(s ## s')> \<and>* I(s + s')\<rbrace>)"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	212
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	213	lemma IHoareI [case_names IPre]:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	214	assumes h: "\<And>s' s r cnf . (<P s> \<and>* <(s ## s')> \<and>* I(s + s') \<and>* c \<and>* r) (recse cnf) \<Longrightarrow>
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	215	\<exists>k t. (<Q t> \<and>* <(t ## s')> \<and>* I(t + s') \<and>* c \<and>* r) (recse (run (Suc k) cnf))"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	216	shows "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
3 545fef826fa9 some tiny changes (does not affect anything else) Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 2 diff changeset	217	unfolding IHoare_def
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	218	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	219	fix s'
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	220	show " \<lbrace>EXS s. <P s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace> c
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	221	\<lbrace>EXS s. <Q s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	222	proof(unfold pred_ex_def, induct rule:HoareI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	223	case (Pre r s)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	224	then obtain sa where "(<P sa> \<and>* <(sa ## s')> \<and>* I (sa + s') \<and>* c \<and>* r) (recse s)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	225	by (auto elim!:sep_conjE intro!:sep_conjI simp:sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	226	hence " (\<exists>k t. (<Q t> \<and>* <(t##s')> \<and>* I(t + s') \<and>* c \<and>* r) (recse (run (Suc k) s)))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	227	by (rule h)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	228	then obtain k t where h2: "(<Q t> \<and>* <(t ## s')> \<and>* I(t + s') \<and>* c \<and>* r) (recse (run (Suc k) s))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	229	by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	230	thus "\<exists>k. ((\<lambda>s. \<exists>sa. (<Q sa> \<and>* <(sa ## s')> \<and>* I (sa + s')) s) \<and>* c \<and>* r) (recse (run (Suc k) s))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	231	apply (rule_tac x = k in exI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	232	by (auto intro!:sep_conjI elim!:sep_conjE simp:sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	233	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	234	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	235
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	236	lemma I_frame_rule:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	237	assumes h: "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	238	shows "I. \<lbrace>P \<and>* R\<rbrace> c \<lbrace>Q \<and>* R\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	239	proof(induct rule:IHoareI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	240	case (IPre s' s r cnf)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	241	hence "((<(P \<and>* R) s> \<and>* <(s##s')> \<and>* I (s + s')) \<and>* c \<and>* r) (recse cnf)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	242	by (auto simp:sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	243	then obtain s1 s2
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	244	where h1: "((<P s1> \<and>* <((s1 + s2) ## s')> \<and>I (s1 + s2 + s')) \<and> c \<and>* r) (recse cnf)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	245	"s1 ## s2" "s1 + s2 ## s'" "P s1" "R s2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	246	by (unfold pasrt_def, auto elim!:sep_conjE intro!:sep_conjI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	247	hence "((EXS s. <P s> \<and>* <(s ## s2 +s')> \<and>I (s + (s2 + s'))) \<and> c \<and>* r) (recse cnf)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	248	apply (sep_cancel, unfold pred_ex_def, auto intro!:sep_conjI sep_disj_addI3 elim!:sep_conjE)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	249	apply (rule_tac x = s1 in exI, unfold pasrt_def,
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	250	auto intro!:sep_conjI sep_disj_addI3 elim!:sep_conjE simp:sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	251	by (metis sep_add_assoc sep_add_disjD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	252	from h[unfolded IHoare_def Hoare_gen_def, rule_format, OF this]
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	253	obtain k s where
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	254	"((<Q s> \<and>* <(s ## s2 + s')> \<and>* I (s + (s2 + s'))) \<and>* c \<and>* r) (recse (run (Suc k) cnf))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	255	by (unfold pasrt_def pred_ex_def, auto elim!:sep_conjE intro!:sep_conjI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	256	thus ?case
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	257	proof(rule_tac x = k in exI, rule_tac x = "s + s2" in exI, sep_cancel+)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	258	fix h ha
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	259	assume hh: "(<Q s> \<and>* <(s ## s2 + s')> \<and>* I (s + (s2 + s'))) ha"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	260	show " (<(Q \<and>* R) (s + s2)> \<and>* <(s + s2 ## s')> \<and>* I (s + s2 + s')) ha"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	261	proof -
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	262	from hh have h0: "s ## s2 + s'"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	263	by (metis pasrt_def sep_conjD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	264	with h1(2, 3)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	265	have h2: "s + s2 ## s'"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	266	by (metis sep_add_disjD sep_disj_addI1)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	267	moreover from h1(2, 3) h2 have h3: "(s + (s2 + s')) = (s + s2 + s')"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	268	by (metis `s ## s2 + s'` sep_add_assoc sep_add_disjD sep_disj_addD1)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	269	moreover from hh have "Q s" by (metis pasrt_def sep_conjD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	270	moreover from h0 h1(2) h1(3) have "s ## s2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	271	by (metis sep_add_disjD sep_disj_addD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	272	moreover note h1(5)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	273	ultimately show ?thesis
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	274	by (smt h0 hh sep_conjI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	275	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	276	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	277	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	278
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	279	lemma I_sequencing:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	280	assumes h1: "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	281	and h2: "I. \<lbrace>Q\<rbrace> c \<lbrace>R\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	282	shows "I. \<lbrace>P\<rbrace> c \<lbrace>R\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	283	using h1 h2 sequencing
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	284	by (smt IHoare_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	285
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	286	lemma I_pre_stren:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	287	assumes h1: "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	288	and h2: "\<And>s. R s \<Longrightarrow> P s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	289	shows "I. \<lbrace>R\<rbrace> c \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	290	proof(unfold IHoare_def, default)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	291	fix s'
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	292	show "\<lbrace>EXS s. <R s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace> c
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	293	\<lbrace>EXS s. <Q s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	294	proof(rule pre_stren)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	295	from h1[unfolded IHoare_def, rule_format, of s']
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	296	show "\<lbrace>EXS s. <P s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace> c
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	297	\<lbrace>EXS s. <Q s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace>" .
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	298	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	299	fix s
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	300	show "(EXS s. <R s> \<and>* <(s ## s')> \<and>* I (s + s')) s \<Longrightarrow>
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	301	(EXS s. <P s> \<and>* <(s ## s')> \<and>* I (s + s')) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	302	apply (unfold pred_ex_def, clarify)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	303	apply (rule_tac x = sa in exI, sep_cancel+)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	304	by (insert h2, auto simp:pasrt_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	305	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	306	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	307
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	308	lemma I_post_weaken:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	309	assumes h1: "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	310	and h2: "\<And> s. Q s \<Longrightarrow> R s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	311	shows "I. \<lbrace>P\<rbrace> c \<lbrace>R\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	312	proof(unfold IHoare_def, default)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	313	fix s'
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	314	show "\<lbrace>EXS s. <P s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace> c
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	315	\<lbrace>EXS s. <R s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	316	proof(rule post_weaken)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	317	from h1[unfolded IHoare_def, rule_format, of s']
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	318	show "\<lbrace>EXS s. <P s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace> c
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	319	\<lbrace>EXS s. <Q s> \<and>* <(s ## s')> \<and>* I (s + s')\<rbrace>" .
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	320	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	321	fix s
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	322	show "(EXS s. <Q s> \<and>* <(s ## s')> \<and>* I (s + s')) s \<Longrightarrow>
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	323	(EXS s. <R s> \<and>* <(s ## s')> \<and>* I (s + s')) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	324	apply (unfold pred_ex_def, clarify)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	325	apply (rule_tac x = sa in exI, sep_cancel+)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	326	by (insert h2, auto simp:pasrt_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	327	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	328	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	329
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	330	lemma I_hoare_adjust:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	331	assumes h1: "I. \<lbrace>P1\<rbrace> c \<lbrace>Q1\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	332	and h2: "\<And>s. P s \<Longrightarrow> P1 s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	333	and h3: "\<And>s. Q1 s \<Longrightarrow> Q s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	334	shows "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	335	using h1 h2 h3 I_post_weaken I_pre_stren
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	336	by (metis)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	337
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	338	lemma I_code_exI:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	339	assumes h: "\<And> k. I. \<lbrace>P\<rbrace> c(k) \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	340	shows "I. \<lbrace>P\<rbrace> EXS k. c(k) \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	341	using h
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	342	by (smt IHoare_def code_exI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	343
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	344	lemma I_code_extension:
5 6c722e960f2e minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 3 diff changeset	345	assumes h: "I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
6c722e960f2e minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 3 diff changeset	346	shows "I. \<lbrace>P\<rbrace> c \<and>* e \<lbrace>Q\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	347	using h
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	348	by (smt IHoare_def sep_exec.code_extension)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	349
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	350	lemma I_composition:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	351	assumes h1: "I. \<lbrace>P\<rbrace> c1 \<lbrace>Q\<rbrace>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	352	and h2: "I. \<lbrace>Q\<rbrace> c2 \<lbrace>R\<rbrace>"
5 6c722e960f2e minor changes Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 3 diff changeset	353	shows "I. \<lbrace>P\<rbrace> c1 \<and>* c2 \<lbrace>R\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	354	using h1 h2
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	355	by (smt IHoare_def sep_exec.composition)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	356
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	357	lemma I_pre_condI:
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	358	assumes h: "cond \<Longrightarrow> I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	359	shows "I. \<lbrace><cond> \<and>* P\<rbrace> c \<lbrace>Q\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	360	using h
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	361	by (smt IHoareI condD cond_true_eq2 sep.mult_commute)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	362
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	363	lemma I_code_condI:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	364	assumes h: "b \<Longrightarrow> I. \<lbrace>P\<rbrace> c \<lbrace>Q\<rbrace>"
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	365	shows "I. \<lbrace>P\<rbrace> <b> \<and>* c \<lbrace>Q\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	366	using h
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	367	by (smt IHoareI condD cond_true_eq2 sep.mult_commute sep_conj_cond1)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	368
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	369
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	370	lemma I_precond_exI:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	371	assumes h:"\<And>x. I. \<lbrace>P x\<rbrace> c \<lbrace>Q\<rbrace>"
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	372	shows "I. \<lbrace>EXS x. P x\<rbrace> c \<lbrace>Q\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	373	proof(induct rule:IHoareI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	374	case (IPre s' s r cnf)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	375	then obtain x
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	376	where "((EXS s. <P x s> \<and>* <(s ## s')> \<and>* I (s + s')) \<and>* c \<and>* r) (recse cnf)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	377	by ( auto elim!:sep_conjE intro!:sep_conjI simp:pred_ex_def pasrt_def sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	378	from h[unfolded IHoare_def Hoare_gen_def, rule_format, OF this]
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	379	obtain k t
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	380	where "((<Q t> \<and>* <(t ## s')> \<and>* I (t + s')) \<and>* c \<and>* r) (recse (run (Suc k) cnf))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	381	by (unfold pred_ex_def, auto elim!:sep_conjE intro!:sep_conjI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	382	thus ?case
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	383	by (auto simp:sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	384	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	385
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	386	lemma I_hoare_sep_false:
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	387	"I. \<lbrace>sep_false\<rbrace> c \<lbrace>Q\<rbrace>"
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	388	by (smt IHoareI condD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	389
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	390	end
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	391
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	392	instantiation set :: (type)sep_algebra
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	393	begin
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	394
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	395	definition set_zero_def: "0 = {}"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	396
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	397	definition plus_set_def: "s1 + s2 = s1 \<union> s2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	398
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	399	definition sep_disj_set_def: "sep_disj s1 s2 = (s1 \<inter> s2 = {})"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	400
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	401	lemmas set_ins_def = sep_disj_set_def plus_set_def set_zero_def
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	402
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	403	instance
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	404	apply(default)
8 dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	405	apply(auto simp: set_ins_def)
dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	406	done
dcbf7888a070 some small modifications Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 5 diff changeset	407
0 1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	408	end
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	409
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	410	section {* A big operator of infinite separation conjunction *}
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	411
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	412	definition "fam_conj I cpt s = (\<exists> p. (s = (\<Union> i \<in> I. p(i))) \<and>
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	413	(\<forall> i \<in> I. cpt i (p i)) \<and>
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	414	(\<forall> i \<in> I. \<forall> j \<in> I. i \<noteq> j \<longrightarrow> p(i) ## p(j)))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	415
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	416	lemma fam_conj_zero_simp: "fam_conj {} cpt = <True>"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	417	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	418	fix s
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	419	show "fam_conj {} cpt s = (<True>) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	420	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	421	assume "fam_conj {} cpt s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	422	then obtain p where "s = (\<Union> i \<in> {}. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	423	by (unfold fam_conj_def, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	424	hence "s = {}" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	425	thus "(<True>) s" by (metis pasrt_def set_zero_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	426	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	427	assume "(<True>) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	428	hence eq_s: "s = {}" by (metis pasrt_def set_zero_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	429	let ?p = "\<lambda> i. {}"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	430	have "(s = (\<Union> i \<in> {}. ?p(i)))" by (unfold eq_s, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	431	moreover have "(\<forall> i \<in> {}. cpt i (?p i))" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	432	moreover have "(\<forall> i \<in> {}. \<forall> j \<in> {}. i \<noteq> j \<longrightarrow> ?p(i) ## ?p(j))" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	433	ultimately show "fam_conj {} cpt s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	434	by (unfold eq_s fam_conj_def, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	435	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	436	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	437
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	438	lemma fam_conj_disj_simp_pre:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	439	assumes h1: "I = I1 + I2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	440	and h2: "I1 ## I2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	441	shows "fam_conj I cpt = (fam_conj I1 cpt \<and>* fam_conj I2 cpt)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	442	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	443	fix s
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	444	let ?fm = "fam_conj I cpt" and ?fm1 = "fam_conj I1 cpt" and ?fm2 = "fam_conj I2 cpt"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	445	show "?fm s = (?fm1 \<and>* ?fm2) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	446	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	447	assume "?fm s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	448	then obtain p where pre:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	449	"s = (\<Union> i \<in> I. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	450	"(\<forall> i \<in> I. cpt i (p i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	451	"(\<forall> i \<in> I. \<forall> j \<in> I. i \<noteq> j \<longrightarrow> p(i) ## p(j))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	452	unfolding fam_conj_def by metis
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	453	from pre(1) h1 h2 have "s = (\<Union> i \<in> I1. p(i)) + (\<Union> i \<in> I2. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	454	by (auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	455	moreover from pre h1 have "?fm1 (\<Union> i \<in> I1. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	456	by (unfold fam_conj_def, rule_tac x = p in exI, auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	457	moreover from pre h1 have "?fm2 (\<Union> i \<in> I2. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	458	by (unfold fam_conj_def, rule_tac x = p in exI, auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	459	moreover have "(\<Union> i \<in> I1. p(i)) ## (\<Union> i \<in> I2. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	460	proof -
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	461	{ fix x xa xb
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	462	assume h: "I1 \<inter> I2 = {}"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	463	"\<forall>i\<in>I1 \<union> I2. \<forall>j\<in>I1 \<union> I2. i \<noteq> j \<longrightarrow> p i \<inter> p j = {}"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	464	"xa \<in> I1" "x \<in> p xa" "xb \<in> I2" "x \<in> p xb"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	465	have "p xa \<inter> p xb = {}"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	466	proof(rule h(2)[rule_format])
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	467	from h(1, 3, 5) show "xa \<in> I1 \<union> I2" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	468	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	469	from h(1, 3, 5) show "xb \<in> I1 \<union> I2" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	470	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	471	from h(1, 3, 5) show "xa \<noteq> xb" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	472	qed with h(4, 6) have False by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	473	} with h1 h2 pre(3) show ?thesis by (auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	474	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	475	ultimately show "(?fm1 \<and>* ?fm2) s" by (auto intro!:sep_conjI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	476	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	477	assume "(?fm1 \<and>* ?fm2) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	478	then obtain s1 s2 where pre:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	479	"s = s1 + s2" "s1 ## s2" "?fm1 s1" "?fm2 s2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	480	by (auto dest!:sep_conjD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	481	from pre(3) obtain p1 where pre1:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	482	"s1 = (\<Union> i \<in> I1. p1(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	483	"(\<forall> i \<in> I1. cpt i (p1 i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	484	"(\<forall> i \<in> I1. \<forall> j \<in> I1. i \<noteq> j \<longrightarrow> p1(i) ## p1(j))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	485	unfolding fam_conj_def by metis
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	486	from pre(4) obtain p2 where pre2:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	487	"s2 = (\<Union> i \<in> I2. p2(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	488	"(\<forall> i \<in> I2. cpt i (p2 i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	489	"(\<forall> i \<in> I2. \<forall> j \<in> I2. i \<noteq> j \<longrightarrow> p2(i) ## p2(j))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	490	unfolding fam_conj_def by metis
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	491	let ?p = "\<lambda> i. if i \<in> I1 then p1 i else p2 i"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	492	from h2 pre(2)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	493	have "s = (\<Union> i \<in> I. ?p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	494	apply (unfold h1 pre(1) pre1(1) pre2(1) set_ins_def, auto split:if_splits)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	495	by (metis disjoint_iff_not_equal)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	496	moreover from h2 pre1(2) pre2(2) have "(\<forall> i \<in> I. cpt i (?p i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	497	by (unfold h1 set_ins_def, auto split:if_splits)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	498	moreover from pre1(1, 3) pre2(1, 3) pre(2) h2
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	499	have "(\<forall> i \<in> I. \<forall> j \<in> I. i \<noteq> j \<longrightarrow> ?p(i) ## ?p(j))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	500	apply (unfold h1 set_ins_def, auto split:if_splits)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	501	by (metis IntI empty_iff)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	502	ultimately show "?fm s" by (unfold fam_conj_def, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	503	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	504	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	505
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	506	lemma fam_conj_disj_simp:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	507	assumes h: "I1 ## I2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	508	shows "fam_conj (I1 + I2) cpt = (fam_conj I1 cpt \<and>* fam_conj I2 cpt)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	509	proof -
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	510	from fam_conj_disj_simp_pre[OF _ h, of "I1 + I2"]
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	511	show ?thesis by simp
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	512	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	513
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	514	lemma fam_conj_elm_simp:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	515	assumes h: "i \<in> I"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	516	shows "fam_conj I cpt = (cpt(i) \<and>* fam_conj (I - {i}) cpt)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	517	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	518	fix s
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	519	show "fam_conj I cpt s = (cpt i \<and>* fam_conj (I - {i}) cpt) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	520	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	521	assume pre: "fam_conj I cpt s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	522	show "(cpt i \<and>* fam_conj (I - {i}) cpt) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	523	proof -
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	524	from pre obtain p where pres:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	525	"s = (\<Union> i \<in> I. p(i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	526	"(\<forall> i \<in> I. cpt i (p i))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	527	"(\<forall> i \<in> I. \<forall> j \<in> I. i \<noteq> j \<longrightarrow> p(i) ## p(j))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	528	unfolding fam_conj_def by metis
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	529	let ?s = "(\<Union>i\<in>(I - {i}). p i)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	530	from pres(3) h have disj: "(p i) ## ?s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	531	by (auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	532	moreover from pres(1) h have eq_s: "s = (p i) + ?s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	533	by (auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	534	moreover from pres(2) h have "cpt i (p i)" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	535	moreover from pres have "(fam_conj (I - {i}) cpt) ?s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	536	by (unfold fam_conj_def, rule_tac x = p in exI, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	537	ultimately show ?thesis by (auto intro!:sep_conjI)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	538	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	539	next
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	540	let ?fam = "fam_conj (I - {i}) cpt"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	541	assume "(cpt i \<and>* ?fam) s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	542	then obtain s1 s2 where pre:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	543	"s = s1 + s2" "s1 ## s2" "cpt i s1" "?fam s2"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	544	by (auto dest!:sep_conjD)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	545	from pre(4) obtain p where pres:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	546	"s2 = (\<Union> ia \<in> I - {i}. p(ia))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	547	"(\<forall> ia \<in> I - {i}. cpt ia (p ia))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	548	"(\<forall> ia \<in> I - {i}. \<forall> j \<in> I - {i}. ia \<noteq> j \<longrightarrow> p(ia) ## p(j))"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	549	unfolding fam_conj_def by metis
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	550	let ?p = "p(i:=s1)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	551	from h pres(3) pre(2)[unfolded pres(1)]
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	552	have " \<forall>ia\<in>I. \<forall>j\<in>I. ia \<noteq> j \<longrightarrow> ?p ia ## ?p j" by (auto simp:set_ins_def)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	553	moreover from pres(1) pre(1) h pre(2)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	554	have "(s = (\<Union> i \<in> I. ?p(i)))" by (auto simp:set_ins_def split:if_splits)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	555	moreover from pre(3) pres(2) h
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	556	have "(\<forall> i \<in> I. cpt i (?p i))" by (auto simp:set_ins_def split:if_splits)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	557	ultimately show "fam_conj I cpt s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	558	by (unfold fam_conj_def, auto)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	559	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	560	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	561
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	562	lemma fam_conj_insert_simp:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	563	assumes h:"i \<notin> I"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	564	shows "fam_conj (insert i I) cpt = (cpt(i) \<and>* fam_conj I cpt)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	565	proof -
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	566	have "i \<in> insert i I" by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	567	from fam_conj_elm_simp[OF this] and h
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	568	show ?thesis by auto
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	569	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	570
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	571	lemmas fam_conj_simps = fam_conj_insert_simp fam_conj_zero_simp
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	572
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	573	lemma "fam_conj {0, 2, 3} cpt = (cpt 2 \<and>* cpt (0::int) \<and>* cpt 3)"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	574	by (simp add:fam_conj_simps sep_conj_ac)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	575
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	576	lemma fam_conj_ext_eq:
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	577	assumes h: "\<And> i . i \<in> I \<Longrightarrow> f i = g i"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	578	shows "fam_conj I f = fam_conj I g"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	579	proof
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	580	fix s
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	581	show "fam_conj I f s = fam_conj I g s"
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	582	by (unfold fam_conj_def, auto simp:h)
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	583	qed
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	584
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	585	end
1378b654acde initial commit for Isabelle 2013-1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	586

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Thu, 27 Mar 2014 13:06:27 +0000
changeset 12	457240e42972
parent 11	f8b2bf858caf
child 13	e6e412406a2d
permissions	-rwxr-xr-x