tm2: Separation_Algebra/Separation_Algebra.thy~@a5f5b9336007 (annotated)

25 a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1	(* Authors: Gerwin Klein and Rafal Kolanski, 2012
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2	Maintainers: Gerwin Klein <kleing at cse.unsw.edu.au>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	3	Rafal Kolanski <rafal.kolanski at nicta.com.au>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	4	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	5
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	6	header "Abstract Separation Algebra"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	7
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	8	theory Separation_Algebra
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	9	imports Main
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	10	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	11
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	12
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	13	text {* This theory is the main abstract separation algebra development *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	14
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	15
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	16	section {* Input syntax for lifting boolean predicates to separation predicates *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	17
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	18	abbreviation (input)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	19	pred_and :: "('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> bool" (infixr "and" 35) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	20	"a and b \<equiv> \<lambda>s. a s \<and> b s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	21
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	22	abbreviation (input)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	23	pred_or :: "('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> bool" (infixr "or" 30) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	24	"a or b \<equiv> \<lambda>s. a s \<or> b s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	25
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	26	abbreviation (input)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	27	pred_not :: "('a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> bool" ("not _" [40] 40) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	28	"not a \<equiv> \<lambda>s. \<not>a s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	29
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	30	abbreviation (input)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	31	pred_imp :: "('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> bool" (infixr "imp" 25) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	32	"a imp b \<equiv> \<lambda>s. a s \<longrightarrow> b s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	33
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	34	abbreviation (input)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	35	pred_K :: "'b \<Rightarrow> 'a \<Rightarrow> 'b" ("\<langle>_\<rangle>") where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	36	"\<langle>f\<rangle> \<equiv> \<lambda>s. f"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	37
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	38	(* abbreviation *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	39	definition pred_ex :: "('b \<Rightarrow> 'a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> bool" (binder "EXS " 10) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	40	"EXS x. P x \<equiv> \<lambda>s. \<exists>x. P x s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	41
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	42	abbreviation (input)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	43	pred_all :: "('b \<Rightarrow> 'a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> bool" (binder "ALLS " 10) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	44	"ALLS x. P x \<equiv> \<lambda>s. \<forall>x. P x s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	45
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	46
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	47	section {* Associative/Commutative Monoid Basis of Separation Algebras *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	48
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	49	class pre_sep_algebra = zero + plus +
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	50	fixes sep_disj :: "'a => 'a => bool" (infix "##" 60)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	51
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	52	assumes sep_disj_zero [simp]: "x ## 0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	53	assumes sep_disj_commuteI: "x ## y \<Longrightarrow> y ## x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	54
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	55	assumes sep_add_zero [simp]: "x + 0 = x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	56	assumes sep_add_commute: "x ## y \<Longrightarrow> x + y = y + x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	57
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	58	assumes sep_add_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	59	"\<lbrakk> x ## y; y ## z; x ## z \<rbrakk> \<Longrightarrow> (x + y) + z = x + (y + z)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	60	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	61
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	62	lemma sep_disj_commute: "x ## y = y ## x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	63	by (blast intro: sep_disj_commuteI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	64
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	65	lemma sep_add_left_commute:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	66	assumes a: "a ## b" "b ## c" "a ## c"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	67	shows "b + (a + c) = a + (b + c)" (is "?lhs = ?rhs")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	68	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	69	have "?lhs = b + a + c" using a
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	70	by (simp add: sep_add_assoc[symmetric] sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	71	also have "... = a + b + c" using a
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	72	by (simp add: sep_add_commute sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	73	also have "... = ?rhs" using a
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	74	by (simp add: sep_add_assoc sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	75	finally show ?thesis .
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	76	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	77
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	78	lemmas sep_add_ac = sep_add_assoc sep_add_commute sep_add_left_commute
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	79	sep_disj_commute (* nearly always necessary *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	80
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	81	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	82
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	83
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	84	section {* Separation Algebra as Defined by Calcagno et al. *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	85
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	86	class sep_algebra = pre_sep_algebra +
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	87	assumes sep_disj_addD1: "\<lbrakk> x ## y + z; y ## z \<rbrakk> \<Longrightarrow> x ## y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	88	assumes sep_disj_addI1: "\<lbrakk> x ## y + z; y ## z \<rbrakk> \<Longrightarrow> x + y ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	89	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	90
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	91	subsection {* Basic Construct Definitions and Abbreviations *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	92
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	93	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	94	sep_conj :: "('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool)" (infixr "**" 35)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	95	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	96	"P ** Q \<equiv> \<lambda>h. \<exists>x y. x ## y \<and> h = x + y \<and> P x \<and> Q y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	97
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	98	notation
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	99	sep_conj (infixr "\<and>*" 35)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	100
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	101	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	102	sep_empty :: "'a \<Rightarrow> bool" ("\<box>") where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	103	"\<box> \<equiv> \<lambda>h. h = 0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	104
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	105	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	106	sep_impl :: "('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool) \<Rightarrow> ('a \<Rightarrow> bool)" (infixr "\<longrightarrow>*" 25)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	107	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	108	"P \<longrightarrow>* Q \<equiv> \<lambda>h. \<forall>h'. h ## h' \<and> P h' \<longrightarrow> Q (h + h')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	109
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	110	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	111	sep_substate :: "'a => 'a => bool" (infix "\<preceq>" 60) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	112	"x \<preceq> y \<equiv> \<exists>z. x ## z \<and> x + z = y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	113
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	114	(* We want these to be abbreviations not definitions, because basic True and
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	115	False will occur by simplification in sep_conj terms *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	116	abbreviation
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	117	"sep_true \<equiv> \<langle>True\<rangle>"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	118
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	119	abbreviation
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	120	"sep_false \<equiv> \<langle>False\<rangle>"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	121
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	122	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	123	sep_list_conj :: "('a \<Rightarrow> bool) list \<Rightarrow> ('a \<Rightarrow> bool)" ("\<And>* _" [60] 90) where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	124	"sep_list_conj Ps \<equiv> foldl (op **) \<box> Ps"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	125
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	126
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	127	subsection {* Disjunction/Addition Properties *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	128
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	129	lemma disjoint_zero_sym [simp]: "0 ## x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	130	by (simp add: sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	131
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	132	lemma sep_add_zero_sym [simp]: "0 + x = x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	133	by (simp add: sep_add_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	134
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	135	lemma sep_disj_addD2: "\<lbrakk> x ## y + z; y ## z \<rbrakk> \<Longrightarrow> x ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	136	by (metis sep_disj_addD1 sep_add_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	137
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	138	lemma sep_disj_addD: "\<lbrakk> x ## y + z; y ## z \<rbrakk> \<Longrightarrow> x ## y \<and> x ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	139	by (metis sep_disj_addD1 sep_disj_addD2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	140
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	141	lemma sep_add_disjD: "\<lbrakk> x + y ## z; x ## y \<rbrakk> \<Longrightarrow> x ## z \<and> y ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	142	by (metis sep_disj_addD sep_disj_commuteI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	143
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	144	lemma sep_disj_addI2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	145	"\<lbrakk> x ## y + z; y ## z \<rbrakk> \<Longrightarrow> x + z ## y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	146	by (metis sep_add_ac sep_disj_addI1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	147
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	148	lemma sep_add_disjI1:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	149	"\<lbrakk> x + y ## z; x ## y \<rbrakk> \<Longrightarrow> x + z ## y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	150	by (metis sep_add_ac sep_add_disjD sep_disj_addI2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	151
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	152	lemma sep_add_disjI2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	153	"\<lbrakk> x + y ## z; x ## y \<rbrakk> \<Longrightarrow> z + y ## x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	154	by (metis sep_add_ac sep_add_disjD sep_disj_addI2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	155
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	156	lemma sep_disj_addI3:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	157	"x + y ## z \<Longrightarrow> x ## y \<Longrightarrow> x ## y + z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	158	by (metis sep_add_ac sep_add_disjD sep_add_disjI2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	159
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	160	lemma sep_disj_add:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	161	"\<lbrakk> y ## z; x ## y \<rbrakk> \<Longrightarrow> x ## y + z = x + y ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	162	by (metis sep_disj_addI1 sep_disj_addI3)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	163
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	164
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	165	subsection {* Substate Properties *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	166
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	167	lemma sep_substate_disj_add:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	168	"x ## y \<Longrightarrow> x \<preceq> x + y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	169	unfolding sep_substate_def by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	170
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	171	lemma sep_substate_disj_add':
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	172	"x ## y \<Longrightarrow> x \<preceq> y + x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	173	by (simp add: sep_add_ac sep_substate_disj_add)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	174
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	175
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	176	subsection {* Separating Conjunction Properties *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	177
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	178	lemma sep_conjD:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	179	"(P \<and>* Q) h \<Longrightarrow> \<exists>x y. x ## y \<and> h = x + y \<and> P x \<and> Q y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	180	by (simp add: sep_conj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	181
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	182	lemma sep_conjE:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	183	"\<lbrakk> (P ** Q) h; \<And>x y. \<lbrakk> P x; Q y; x ## y; h = x + y \<rbrakk> \<Longrightarrow> X \<rbrakk> \<Longrightarrow> X"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	184	by (auto simp: sep_conj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	185
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	186	lemma sep_conjI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	187	"\<lbrakk> P x; Q y; x ## y; h = x + y \<rbrakk> \<Longrightarrow> (P ** Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	188	by (auto simp: sep_conj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	189
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	190	lemma sep_conj_commuteI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	191	"(P Q) h \<Longrightarrow> (Q P) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	192	by (auto intro!: sep_conjI elim!: sep_conjE simp: sep_add_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	193
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	194	lemma sep_conj_commute:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	195	"(P Q) = (Q P)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	196	by (rule ext) (auto intro: sep_conj_commuteI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	197
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	198	lemma sep_conj_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	199	"((P Q) R) = (P Q R)" (is "?lhs = ?rhs")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	200	proof (rule ext, rule iffI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	201	fix h
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	202	assume a: "?lhs h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	203	then obtain x y z where "P x" and "Q y" and "R z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	204	and "x ## y" and "x ## z" and "y ## z" and "x + y ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	205	and "h = x + y + z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	206	by (auto dest!: sep_conjD dest: sep_add_disjD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	207	moreover
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	208	then have "x ## y + z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	209	by (simp add: sep_disj_add)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	210	ultimately
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	211	show "?rhs h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	212	by (auto simp: sep_add_ac intro!: sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	213	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	214	fix h
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	215	assume a: "?rhs h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	216	then obtain x y z where "P x" and "Q y" and "R z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	217	and "x ## y" and "x ## z" and "y ## z" and "x ## y + z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	218	and "h = x + y + z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	219	by (fastforce elim!: sep_conjE simp: sep_add_ac dest: sep_disj_addD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	220	thus "?lhs h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	221	by (metis sep_conj_def sep_disj_addI1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	222	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	223
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	224	lemma sep_conj_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	225	"\<lbrakk> (P Q) h; \<And>h. P h \<Longrightarrow> P' h; \<And>h. Q h \<Longrightarrow> Q' h \<rbrakk> \<Longrightarrow> (P' Q') h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	226	by (erule sep_conjE, auto intro!: sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	227
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	228	lemma sep_conj_impl1:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	229	assumes P: "\<And>h. P h \<Longrightarrow> I h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	230	shows "(P R) h \<Longrightarrow> (I R) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	231	by (auto intro: sep_conj_impl P)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	232
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	233	lemma sep_globalise:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	234	"\<lbrakk> (P R) h; (\<And>h. P h \<Longrightarrow> Q h) \<rbrakk> \<Longrightarrow> (Q R) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	235	by (fast elim: sep_conj_impl)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	236
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	237	lemma sep_conj_trivial_strip2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	238	"Q = R \<Longrightarrow> (Q P) = (R P)" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	239
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	240	lemma disjoint_subheaps_exist:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	241	"\<exists>x y. x ## y \<and> h = x + y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	242	by (rule_tac x=0 in exI, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	243
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	244	lemma sep_conj_left_commute: (* for permutative rewriting *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	245	"(P (Q R)) = (Q (P R))" (is "?x = ?y")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	246	proof -
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	247	have "?x = ((Q R) P)" by (simp add: sep_conj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	248	also have "\<dots> = (Q (R P))" by (subst sep_conj_assoc, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	249	finally show ?thesis by (simp add: sep_conj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	250	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	251
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	252	lemmas sep_conj_ac = sep_conj_commute sep_conj_assoc sep_conj_left_commute
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	253
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	254	lemma ab_semigroup_mult_sep_conj: "class.ab_semigroup_mult op **"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	255	by (unfold_locales)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	256	(auto simp: sep_conj_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	257
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	258	lemma sep_empty_zero [simp,intro!]: "\<box> 0"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	259	by (simp add: sep_empty_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	260
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	261
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	262	subsection {* Properties of @{text sep_true} and @{text sep_false} *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	263
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	264	lemma sep_conj_sep_true:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	265	"P h \<Longrightarrow> (P ** sep_true) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	266	by (simp add: sep_conjI[where y=0])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	267
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	268	lemma sep_conj_sep_true':
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	269	"P h \<Longrightarrow> (sep_true ** P) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	270	by (simp add: sep_conjI[where x=0])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	271
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	272	lemma sep_conj_true [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	273	"(sep_true ** sep_true) = sep_true"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	274	unfolding sep_conj_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	275	by (auto intro!: ext intro: disjoint_subheaps_exist)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	276
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	277	lemma sep_conj_false_right [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	278	"(P ** sep_false) = sep_false"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	279	by (force elim: sep_conjE intro!: ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	280
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	281	lemma sep_conj_false_left [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	282	"(sep_false ** P) = sep_false"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	283	by (subst sep_conj_commute) (rule sep_conj_false_right)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	284
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	285
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	286
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	287	subsection {* Properties of zero (@{const sep_empty}) *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	288
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	289	lemma sep_conj_empty [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	290	"(P ** \<box>) = P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	291	by (simp add: sep_conj_def sep_empty_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	292
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	293	lemma sep_conj_empty'[simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	294	"(\<box> ** P) = P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	295	by (subst sep_conj_commute, rule sep_conj_empty)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	296
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	297	lemma sep_conj_sep_emptyI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	298	"P h \<Longrightarrow> (P ** \<box>) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	299	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	300
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	301	lemma sep_conj_sep_emptyE:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	302	"\<lbrakk> P s; (P \<box>) s \<Longrightarrow> (Q R) s \<rbrakk> \<Longrightarrow> (Q ** R) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	303	by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	304
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	305	lemma monoid_add: "class.monoid_add (op **) \<box>"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	306	by (unfold_locales) (auto simp: sep_conj_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	307
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	308	lemma comm_monoid_add: "class.comm_monoid_add op ** \<box>"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	309	by (unfold_locales) (auto simp: sep_conj_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	310
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	311
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	312	subsection {* Properties of top (@{text sep_true}) *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	313
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	314	lemma sep_conj_true_P [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	315	"(sep_true (sep_true P)) = (sep_true ** P)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	316	by (simp add: sep_conj_assoc[symmetric])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	317
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	318	lemma sep_conj_disj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	319	"((P or Q) R) = ((P R) or (Q ** R))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	320	by (auto simp: sep_conj_def intro!: ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	321
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	322	lemma sep_conj_sep_true_left:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	323	"(P Q) h \<Longrightarrow> (sep_true Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	324	by (erule sep_conj_impl, simp+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	325
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	326	lemma sep_conj_sep_true_right:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	327	"(P Q) h \<Longrightarrow> (P sep_true) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	328	by (subst (asm) sep_conj_commute, drule sep_conj_sep_true_left,
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	329	simp add: sep_conj_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	330
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	331
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	332	subsection {* Separating Conjunction with Quantifiers *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	333
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	334	lemma sep_conj_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	335	"((P and Q) R) h \<Longrightarrow> ((P R) and (Q ** R)) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	336	by (force intro: sep_conjI elim!: sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	337
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	338	lemma sep_conj_exists1:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	339	"((EXS x. P x) Q) = (EXS x. (P x Q))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	340	by (unfold pred_ex_def, force intro!: ext intro: sep_conjI elim: sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	341
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	342	lemma sep_conj_exists2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	343	"(P (EXS x. Q x)) = (EXS x. P Q x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	344	by (unfold pred_ex_def, force intro!: sep_conjI ext elim!: sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	345
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	346	lemmas sep_conj_exists = sep_conj_exists1 sep_conj_exists2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	347
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	348	lemma sep_conj_spec:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	349	"((ALLS x. P x) Q) h \<Longrightarrow> (P x Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	350	by (force intro: sep_conjI elim: sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	351
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	352
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	353	subsection {* Properties of Separating Implication *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	354
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	355	lemma sep_implI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	356	assumes a: "\<And>h'. \<lbrakk> h ## h'; P h' \<rbrakk> \<Longrightarrow> Q (h + h')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	357	shows "(P \<longrightarrow>* Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	358	unfolding sep_impl_def by (auto elim: a)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	359
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	360	lemma sep_implD:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	361	"(x \<longrightarrow>* y) h \<Longrightarrow> \<forall>h'. h ## h' \<and> x h' \<longrightarrow> y (h + h')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	362	by (force simp: sep_impl_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	363
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	364	lemma sep_implE:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	365	"(x \<longrightarrow>* y) h \<Longrightarrow> (\<forall>h'. h ## h' \<and> x h' \<longrightarrow> y (h + h') \<Longrightarrow> Q) \<Longrightarrow> Q"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	366	by (auto dest: sep_implD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	367
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	368	lemma sep_impl_sep_true [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	369	"(P \<longrightarrow>* sep_true) = sep_true"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	370	by (force intro!: sep_implI ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	371
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	372	lemma sep_impl_sep_false [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	373	"(sep_false \<longrightarrow>* P) = sep_true"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	374	by (force intro!: sep_implI ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	375
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	376	lemma sep_impl_sep_true_P:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	377	"(sep_true \<longrightarrow>* P) h \<Longrightarrow> P h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	378	by (clarsimp dest!: sep_implD elim!: allE[where x=0])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	379
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	380	lemma sep_impl_sep_true_false [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	381	"(sep_true \<longrightarrow>* sep_false) = sep_false"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	382	by (force intro!: ext dest: sep_impl_sep_true_P)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	383
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	384	lemma sep_conj_sep_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	385	"\<lbrakk> P h; \<And>h. (P ** Q) h \<Longrightarrow> R h \<rbrakk> \<Longrightarrow> (Q \<longrightarrow>* R) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	386	proof (rule sep_implI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	387	fix h' h
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	388	assume "P h" and "h ## h'" and "Q h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	389	hence "(P ** Q) (h + h')" by (force intro: sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	390	moreover assume "\<And>h. (P ** Q) h \<Longrightarrow> R h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	391	ultimately show "R (h + h')" by simp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	392	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	393
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	394	lemma sep_conj_sep_impl2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	395	"\<lbrakk> (P ** Q) h; \<And>h. P h \<Longrightarrow> (Q \<longrightarrow>* R) h \<rbrakk> \<Longrightarrow> R h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	396	by (force dest: sep_implD elim: sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	397
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	398	lemma sep_conj_sep_impl_sep_conj2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	399	"(P R) h \<Longrightarrow> (P (Q \<longrightarrow>* (Q ** R))) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	400	by (erule (1) sep_conj_impl, erule sep_conj_sep_impl, simp add: sep_conj_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	401
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	402
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	403	subsection {* Pure assertions *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	404
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	405	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	406	pure :: "('a \<Rightarrow> bool) \<Rightarrow> bool" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	407	"pure P \<equiv> \<forall>h h'. P h = P h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	408
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	409	lemma pure_sep_true:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	410	"pure sep_true"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	411	by (simp add: pure_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	412
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	413	lemma pure_sep_false:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	414	"pure sep_true"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	415	by (simp add: pure_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	416
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	417	lemma pure_split:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	418	"pure P = (P = sep_true \<or> P = sep_false)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	419	by (force simp: pure_def intro!: ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	420
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	421	lemma pure_sep_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	422	"\<lbrakk> pure P; pure Q \<rbrakk> \<Longrightarrow> pure (P \<and>* Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	423	by (force simp: pure_split)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	424
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	425	lemma pure_sep_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	426	"\<lbrakk> pure P; pure Q \<rbrakk> \<Longrightarrow> pure (P \<longrightarrow>* Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	427	by (force simp: pure_split)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	428
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	429	lemma pure_conj_sep_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	430	"\<lbrakk> (P and Q) h; pure P \<or> pure Q \<rbrakk> \<Longrightarrow> (P \<and>* Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	431	by (metis pure_def sep_add_zero sep_conjI sep_conj_commute sep_disj_zero)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	432
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	433	lemma pure_sep_conj_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	434	"\<lbrakk> (P \<and>* Q) h; pure P; pure Q \<rbrakk> \<Longrightarrow> (P and Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	435	by (force simp: pure_split)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	436
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	437	lemma pure_conj_sep_conj_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	438	"pure P \<Longrightarrow> ((P and Q) \<and>* R) = (P and (Q \<and>* R))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	439	by (auto simp: pure_split)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	440
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	441	lemma pure_sep_impl_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	442	"\<lbrakk> (P \<longrightarrow>* Q) h; pure P \<rbrakk> \<Longrightarrow> P h \<longrightarrow> Q h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	443	by (force simp: pure_split dest: sep_impl_sep_true_P)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	444
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	445	lemma pure_impl_sep_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	446	"\<lbrakk> P h \<longrightarrow> Q h; pure P; pure Q \<rbrakk> \<Longrightarrow> (P \<longrightarrow>* Q) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	447	by (force simp: pure_split)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	448
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	449	lemma pure_conj_right: "(Q \<and>* (\<langle>P'\<rangle> and Q')) = (\<langle>P'\<rangle> and (Q \<and>* Q'))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	450	by (rule ext, rule, rule, clarsimp elim!: sep_conjE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	451	(erule sep_conj_impl, auto)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	452
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	453	lemma pure_conj_right': "(Q \<and>* (P' and \<langle>Q'\<rangle>)) = (\<langle>Q'\<rangle> and (Q \<and>* P'))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	454	by (simp add: conj_comms pure_conj_right)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	455
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	456	lemma pure_conj_left: "((\<langle>P'\<rangle> and Q') \<and>* Q) = (\<langle>P'\<rangle> and (Q' \<and>* Q))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	457	by (simp add: pure_conj_right sep_conj_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	458
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	459	lemma pure_conj_left': "((P' and \<langle>Q'\<rangle>) \<and>* Q) = (\<langle>Q'\<rangle> and (P' \<and>* Q))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	460	by (subst conj_comms, subst pure_conj_left, simp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	461
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	462	lemmas pure_conj = pure_conj_right pure_conj_right' pure_conj_left
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	463	pure_conj_left'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	464
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	465	declare pure_conj[simp add]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	466
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	467
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	468	subsection {* Intuitionistic assertions *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	469
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	470	definition intuitionistic :: "('a \<Rightarrow> bool) \<Rightarrow> bool" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	471	"intuitionistic P \<equiv> \<forall>h h'. P h \<and> h \<preceq> h' \<longrightarrow> P h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	472
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	473	lemma intuitionisticI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	474	"(\<And>h h'. \<lbrakk> P h; h \<preceq> h' \<rbrakk> \<Longrightarrow> P h') \<Longrightarrow> intuitionistic P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	475	by (unfold intuitionistic_def, fast)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	476
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	477	lemma intuitionisticD:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	478	"\<lbrakk> intuitionistic P; P h; h \<preceq> h' \<rbrakk> \<Longrightarrow> P h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	479	by (unfold intuitionistic_def, fast)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	480
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	481	lemma pure_intuitionistic:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	482	"pure P \<Longrightarrow> intuitionistic P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	483	by (clarsimp simp: intuitionistic_def pure_def, fast)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	484
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	485	lemma intuitionistic_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	486	"\<lbrakk> intuitionistic P; intuitionistic Q \<rbrakk> \<Longrightarrow> intuitionistic (P and Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	487	by (force intro: intuitionisticI dest: intuitionisticD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	488
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	489	lemma intuitionistic_disj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	490	"\<lbrakk> intuitionistic P; intuitionistic Q \<rbrakk> \<Longrightarrow> intuitionistic (P or Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	491	by (force intro: intuitionisticI dest: intuitionisticD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	492
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	493	lemma intuitionistic_forall:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	494	"(\<And>x. intuitionistic (P x)) \<Longrightarrow> intuitionistic (ALLS x. P x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	495	by (force intro: intuitionisticI dest: intuitionisticD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	496
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	497	lemma intuitionistic_exists:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	498	"(\<And>x. intuitionistic (P x)) \<Longrightarrow> intuitionistic (EXS x. P x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	499	by (unfold pred_ex_def, force intro: intuitionisticI dest: intuitionisticD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	500
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	501	lemma intuitionistic_sep_conj_sep_true:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	502	"intuitionistic (sep_true \<and>* P)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	503	proof (rule intuitionisticI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	504	fix h h' r
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	505	assume a: "(sep_true \<and>* P) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	506	then obtain x y where P: "P y" and h: "h = x + y" and xyd: "x ## y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	507	by - (drule sep_conjD, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	508	moreover assume a2: "h \<preceq> h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	509	then obtain z where h': "h' = h + z" and hzd: "h ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	510	by (clarsimp simp: sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	511
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	512	moreover have "(P \<and>* sep_true) (y + (x + z))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	513	using P h hzd xyd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	514	by (metis sep_add_disjI1 sep_disj_commute sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	515	ultimately show "(sep_true \<and>* P) h'" using hzd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	516	by (auto simp: sep_conj_commute sep_add_ac dest!: sep_disj_addD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	517	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	518
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	519	lemma intuitionistic_sep_impl_sep_true:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	520	"intuitionistic (sep_true \<longrightarrow>* P)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	521	proof (rule intuitionisticI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	522	fix h h'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	523	assume imp: "(sep_true \<longrightarrow>* P) h" and hh': "h \<preceq> h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	524
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	525	from hh' obtain z where h': "h' = h + z" and hzd: "h ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	526	by (clarsimp simp: sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	527	show "(sep_true \<longrightarrow>* P) h'" using imp h' hzd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	528	apply (clarsimp dest!: sep_implD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	529	apply (metis sep_add_assoc sep_add_disjD sep_disj_addI3 sep_implI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	530	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	531	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	532
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	533	lemma intuitionistic_sep_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	534	assumes ip: "intuitionistic (P::('a \<Rightarrow> bool))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	535	shows "intuitionistic (P \<and>* Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	536	proof (rule intuitionisticI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	537	fix h h'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	538	assume sc: "(P \<and>* Q) h" and hh': "h \<preceq> h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	539
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	540	from hh' obtain z where h': "h' = h + z" and hzd: "h ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	541	by (clarsimp simp: sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	542
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	543	from sc obtain x y where px: "P x" and qy: "Q y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	544	and h: "h = x + y" and xyd: "x ## y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	545	by (clarsimp simp: sep_conj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	546
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	547	have "x ## z" using hzd h xyd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	548	by (metis sep_add_disjD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	549
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	550	with ip px have "P (x + z)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	551	by (fastforce elim: intuitionisticD sep_substate_disj_add)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	552
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	553	thus "(P \<and>* Q) h'" using h' h hzd qy xyd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	554	by (metis (full_types) sep_add_commute sep_add_disjD sep_add_disjI2
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	555	sep_add_left_commute sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	556	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	557
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	558	lemma intuitionistic_sep_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	559	assumes iq: "intuitionistic Q"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	560	shows "intuitionistic (P \<longrightarrow>* Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	561	proof (rule intuitionisticI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	562	fix h h'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	563	assume imp: "(P \<longrightarrow>* Q) h" and hh': "h \<preceq> h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	564
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	565	from hh' obtain z where h': "h' = h + z" and hzd: "h ## z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	566	by (clarsimp simp: sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	567
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	568	{
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	569	fix x
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	570	assume px: "P x" and hzx: "h + z ## x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	571
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	572	have "h + x \<preceq> h + x + z" using hzx hzd
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	573	by (metis sep_add_disjI1 sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	574
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	575	with imp hzd iq px hzx
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	576	have "Q (h + z + x)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	577	by (metis intuitionisticD sep_add_assoc sep_add_ac sep_add_disjD sep_implE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	578	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	579
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	580	with imp h' hzd iq show "(P \<longrightarrow>* Q) h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	581	by (fastforce intro: sep_implI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	582	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	583
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	584	lemma strongest_intuitionistic:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	585	"\<not> (\<exists>Q. (\<forall>h. (Q h \<longrightarrow> (P \<and>* sep_true) h)) \<and> intuitionistic Q \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	586	Q \<noteq> (P \<and>* sep_true) \<and> (\<forall>h. P h \<longrightarrow> Q h))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	587	by (fastforce intro!: ext sep_substate_disj_add
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	588	dest!: sep_conjD intuitionisticD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	589
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	590	lemma weakest_intuitionistic:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	591	"\<not> (\<exists>Q. (\<forall>h. ((sep_true \<longrightarrow>* P) h \<longrightarrow> Q h)) \<and> intuitionistic Q \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	592	Q \<noteq> (sep_true \<longrightarrow>* P) \<and> (\<forall>h. Q h \<longrightarrow> P h))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	593	apply (clarsimp intro!: ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	594	apply (rule iffI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	595	apply (rule sep_implI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	596	apply (drule_tac h="x" and h'="x + h'" in intuitionisticD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	597	apply (clarsimp simp: sep_add_ac sep_substate_disj_add)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	598	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	599
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	600	lemma intuitionistic_sep_conj_sep_true_P:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	601	"\<lbrakk> (P \<and>* sep_true) s; intuitionistic P \<rbrakk> \<Longrightarrow> P s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	602	by (force dest: intuitionisticD elim: sep_conjE sep_substate_disj_add)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	603
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	604	lemma intuitionistic_sep_conj_sep_true_simp:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	605	"intuitionistic P \<Longrightarrow> (P \<and>* sep_true) = P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	606	by (fast intro!: sep_conj_sep_true ext
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	607	elim: intuitionistic_sep_conj_sep_true_P)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	608
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	609	lemma intuitionistic_sep_impl_sep_true_P:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	610	"\<lbrakk> P h; intuitionistic P \<rbrakk> \<Longrightarrow> (sep_true \<longrightarrow>* P) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	611	by (force intro!: sep_implI dest: intuitionisticD
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	612	intro: sep_substate_disj_add)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	613
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	614	lemma intuitionistic_sep_impl_sep_true_simp:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	615	"intuitionistic P \<Longrightarrow> (sep_true \<longrightarrow>* P) = P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	616	by (fast intro!: ext
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	617	elim: sep_impl_sep_true_P intuitionistic_sep_impl_sep_true_P)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	618
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	619
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	620	subsection {* Strictly exact assertions *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	621
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	622	definition strictly_exact :: "('a \<Rightarrow> bool) \<Rightarrow> bool" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	623	"strictly_exact P \<equiv> \<forall>h h'. P h \<and> P h' \<longrightarrow> h = h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	624
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	625	lemma strictly_exactD:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	626	"\<lbrakk> strictly_exact P; P h; P h' \<rbrakk> \<Longrightarrow> h = h'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	627	by (unfold strictly_exact_def, fast)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	628
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	629	lemma strictly_exactI:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	630	"(\<And>h h'. \<lbrakk> P h; P h' \<rbrakk> \<Longrightarrow> h = h') \<Longrightarrow> strictly_exact P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	631	by (unfold strictly_exact_def, fast)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	632
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	633	lemma strictly_exact_sep_conj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	634	"\<lbrakk> strictly_exact P; strictly_exact Q \<rbrakk> \<Longrightarrow> strictly_exact (P \<and>* Q)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	635	apply (rule strictly_exactI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	636	apply (erule sep_conjE)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	637	apply (drule_tac h="x" and h'="xa" in strictly_exactD, assumption+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	638	apply (drule_tac h="y" and h'="ya" in strictly_exactD, assumption+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	639	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	640	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	641
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	642	lemma strictly_exact_conj_impl:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	643	"\<lbrakk> (Q \<and>* sep_true) h; P h; strictly_exact Q \<rbrakk> \<Longrightarrow> (Q \<and>* (Q \<longrightarrow>* P)) h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	644	by (force intro: sep_conjI sep_implI dest: strictly_exactD elim!: sep_conjE
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	645	simp: sep_add_commute sep_add_assoc)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	646
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	647	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	648
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	649	interpretation sep: ab_semigroup_mult "op **"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	650	by (rule ab_semigroup_mult_sep_conj)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	651
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	652	interpretation sep: comm_monoid_add "op **" \<box>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	653	by (rule comm_monoid_add)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	654
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	655
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	656	section {* Separation Algebra with Stronger, but More Intuitive Disjunction Axiom *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	657
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	658	class stronger_sep_algebra = pre_sep_algebra +
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	659	assumes sep_add_disj_eq [simp]: "y ## z \<Longrightarrow> x ## y + z = (x ## y \<and> x ## z)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	660	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	661
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	662	lemma sep_disj_add_eq [simp]: "x ## y \<Longrightarrow> x + y ## z = (x ## z \<and> y ## z)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	663	by (metis sep_add_disj_eq sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	664
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	665	subclass sep_algebra by default auto
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	666
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	667	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	668
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	669
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	670	section {* Folding separating conjunction over lists of predicates *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	671
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	672	lemma sep_list_conj_Nil [simp]: "\<And>* [] = \<box>"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	673	by (simp add: sep_list_conj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	674
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	675	(* apparently these two are rarely used and had to be removed from List.thy *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	676	lemma (in semigroup_add) foldl_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	677	shows "foldl op+ (x+y) zs = x + (foldl op+ y zs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	678	by (induct zs arbitrary: y) (simp_all add:add_assoc)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	679
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	680	lemma (in monoid_add) foldl_absorb0:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	681	shows "x + (foldl op+ 0 zs) = foldl op+ x zs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	682	by (induct zs) (simp_all add:foldl_assoc)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	683
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	684	lemma sep_list_conj_Cons [simp]: "\<And>* (x#xs) = (x ** \<And>* xs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	685	by (simp add: sep_list_conj_def sep.foldl_absorb0)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	686
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	687	lemma sep_list_conj_append [simp]: "\<And>* (xs @ ys) = (\<And>* xs ** \<And>* ys)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	688	by (simp add: sep_list_conj_def sep.foldl_absorb0)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	689
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	690	lemma (in comm_monoid_add) foldl_map_filter:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	691	"foldl op + 0 (map f (filter P xs)) +
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	692	foldl op + 0 (map f (filter (not P) xs))
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	693	= foldl op + 0 (map f xs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	694	proof (induct xs)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	695	case Nil thus ?case by clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	696	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	697	case (Cons x xs)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	698	hence IH: "foldl op + 0 (map f xs) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	699	foldl op + 0 (map f (filter P xs)) +
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	700	foldl op + 0 (map f [x\<leftarrow>xs . \<not> P x])"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	701	by (simp only: eq_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	702
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	703	have foldl_Cons':
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	704	"\<And>x xs. foldl op + 0 (x # xs) = x + (foldl op + 0 xs)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	705	by (simp, subst foldl_absorb0[symmetric], rule refl)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	706
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	707	{ assume "P x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	708	hence ?case by (auto simp del: foldl_Cons simp add: foldl_Cons' IH add_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	709	} moreover {
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	710	assume "\<not> P x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	711	hence ?case by (auto simp del: foldl_Cons simp add: foldl_Cons' IH add_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	712	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	713	ultimately show ?case by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	714	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	715
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	716
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	717	section {* Separation Algebra with a Cancellative Monoid (for completeness) *}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	718
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	719	text {*
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	720	Separation algebra with a cancellative monoid. The results of being a precise
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	721	assertion (distributivity over separating conjunction) require this.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	722	although we never actually use this property in our developments, we keep
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	723	it here for completeness.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	724	*}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	725	class cancellative_sep_algebra = sep_algebra +
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	726	assumes sep_add_cancelD: "\<lbrakk> x + z = y + z ; x ## z ; y ## z \<rbrakk> \<Longrightarrow> x = y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	727	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	728
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	729	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	730	(* In any heap, there exists at most one subheap for which P holds *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	731	precise :: "('a \<Rightarrow> bool) \<Rightarrow> bool" where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	732	"precise P = (\<forall>h hp hp'. hp \<preceq> h \<and> P hp \<and> hp' \<preceq> h \<and> P hp' \<longrightarrow> hp = hp')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	733
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	734	lemma "precise (op = s)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	735	by (metis (full_types) precise_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	736
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	737	lemma sep_add_cancel:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	738	"x ## z \<Longrightarrow> y ## z \<Longrightarrow> (x + z = y + z) = (x = y)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	739	by (metis sep_add_cancelD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	740
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	741	lemma precise_distribute:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	742	"precise P = (\<forall>Q R. ((Q and R) \<and>* P) = ((Q \<and>* P) and (R \<and>* P)))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	743	proof (rule iffI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	744	assume pp: "precise P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	745	{
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	746	fix Q R
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	747	fix h hp hp' s
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	748
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	749	{ assume a: "((Q and R) \<and>* P) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	750	hence "((Q \<and>* P) and (R \<and>* P)) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	751	by (fastforce dest!: sep_conjD elim: sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	752	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	753	moreover
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	754	{ assume qs: "(Q \<and>* P) s" and qr: "(R \<and>* P) s"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	755
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	756	from qs obtain x y where sxy: "s = x + y" and xy: "x ## y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	757	and x: "Q x" and y: "P y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	758	by (fastforce dest!: sep_conjD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	759	from qr obtain x' y' where sxy': "s = x' + y'" and xy': "x' ## y'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	760	and x': "R x'" and y': "P y'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	761	by (fastforce dest!: sep_conjD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	762
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	763	from sxy have ys: "y \<preceq> x + y" using xy
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	764	by (fastforce simp: sep_substate_disj_add' sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	765	from sxy' have ys': "y' \<preceq> x' + y'" using xy'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	766	by (fastforce simp: sep_substate_disj_add' sep_disj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	767
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	768	from pp have yy: "y = y'" using sxy sxy' xy xy' y y' ys ys'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	769	by (fastforce simp: precise_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	770
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	771	hence "x = x'" using sxy sxy' xy xy'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	772	by (fastforce dest!: sep_add_cancelD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	773
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	774	hence "((Q and R) \<and>* P) s" using sxy x x' yy y' xy'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	775	by (fastforce intro: sep_conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	776	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	777	ultimately
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	778	have "((Q and R) \<and>* P) s = ((Q \<and>* P) and (R \<and>* P)) s" using pp by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	779	}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	780	thus "\<forall>Q R. ((Q and R) \<and>* P) = ((Q \<and>* P) and (R \<and>* P))" by (blast intro!: ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	781
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	782	next
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	783	assume a: "\<forall>Q R. ((Q and R) \<and>* P) = ((Q \<and>* P) and (R \<and>* P))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	784	thus "precise P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	785	proof (clarsimp simp: precise_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	786	fix h hp hp' Q R
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	787	assume hp: "hp \<preceq> h" and hp': "hp' \<preceq> h" and php: "P hp" and php': "P hp'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	788
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	789	obtain z where hhp: "h = hp + z" and hpz: "hp ## z" using hp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	790	by (clarsimp simp: sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	791	obtain z' where hhp': "h = hp' + z'" and hpz': "hp' ## z'" using hp'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	792	by (clarsimp simp: sep_substate_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	793
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	794	have h_eq: "z' + hp' = z + hp" using hhp hhp' hpz hpz'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	795	by (fastforce simp: sep_add_ac)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	796
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	797	from hhp hhp' a hpz hpz' h_eq
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	798	have "\<forall>Q R. ((Q and R) \<and>* P) (z + hp) = ((Q \<and>* P) and (R \<and>* P)) (z' + hp')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	799	by (fastforce simp: h_eq sep_add_ac sep_conj_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	800
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	801	hence "((op = z and op = z') \<and>* P) (z + hp) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	802	((op = z \<and>* P) and (op = z' \<and>* P)) (z' + hp')" by blast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	803
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	804	thus "hp = hp'" using php php' hpz hpz' h_eq
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	805	by (fastforce dest!: iffD2 cong: conj_cong
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	806	simp: sep_add_ac sep_add_cancel sep_conj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	807	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	808	qed
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	809
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	810	lemma strictly_precise: "strictly_exact P \<Longrightarrow> precise P"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	811	by (metis precise_def strictly_exactD)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	812
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	813	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	814
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	815	end

author	Xingyuan Zhang <xingyuanzhang@126.com>
	Sat, 13 Sep 2014 10:07:14 +0800
changeset 25	a5f5b9336007
permissions	-rw-r--r--