Theory FOR_Check_Impl
theory FOR_Check_Impl
imports FOR_Check
Regular_Tree_Relations.Regular_Relation_Impl
NF_Impl
begin
section βΉInference checking implementationβΊ
definition "ftrancl_eps_free_closures π = eps_free_automata (eps π) π"
abbreviation "ftrancl_eps_free_reg π β‘ Reg (fin π) (ftrancl_eps_free_closures (ta π))"
lemma ftrancl_eps_free_ta_derI:
"(eps π)|β§+| = eps π βΉ ta_der (ftrancl_eps_free_closures π) (term_of_gterm t) = ta_der π (term_of_gterm t)"
using eps_free[of π] ta_res_eps_free[of π]
by (auto simp add: ftrancl_eps_free_closures_def)
lemma β_ftrancl_eps_free_closuresI:
"(eps (ta π))|β§+| = eps (ta π) βΉ β (ftrancl_eps_free_reg π) = β π"
using ftrancl_eps_free_ta_derI[of "ta π"]
unfolding β_def by (auto simp: gta_lang_def gta_der_def)
definition "root_step R β± β‘ (let (TA1, TA2) = agtt_grrstep R β± in
(ftrancl_eps_free_closures TA1, TA2))"
definition AGTT_trancl_eps_free :: "('q, 'f) gtt β ('q + 'q, 'f) gtt" where
"AGTT_trancl_eps_free π’ = (let (π, β¬) = AGTT_trancl π’ in
(ftrancl_eps_free_closures π, β¬))"
definition GTT_trancl_eps_free where
"GTT_trancl_eps_free π’ = (let (π, β¬) = GTT_trancl π’ in
(ftrancl_eps_free_closures π,
ftrancl_eps_free_closures β¬))"
definition AGTT_comp_eps_free where
"AGTT_comp_eps_free π’β©1 π’β©2 = (let (π, β¬) = AGTT_comp' π’β©1 π’β©2 in
(ftrancl_eps_free_closures π, β¬))"
definition GTT_comp_eps_free where
"GTT_comp_eps_free π’β©1 π’β©2 =(let (π, β¬) = GTT_comp' π’β©1 π’β©2 in
(ftrancl_eps_free_closures π, ftrancl_eps_free_closures β¬))"
lemma eps_free_relable [simp]:
"is_gtt_eps_free (relabel_gtt π’) = is_gtt_eps_free π’"
by (auto simp: is_gtt_eps_free_def relabel_gtt_def fmap_states_gtt_def fmap_states_ta_def)
lemma eps_free_prod_swap:
"is_gtt_eps_free (π, β¬) βΉ is_gtt_eps_free (β¬, π)"
by (auto simp: is_gtt_eps_free_def)
lemma eps_free_root_step:
"is_gtt_eps_free (root_step R β±)"
by (auto simp add: case_prod_beta is_gtt_eps_free_def root_step_def pair_at_to_agtt'_def ftrancl_eps_free_closures_def)
lemma eps_free_AGTT_trancl_eps_free:
"is_gtt_eps_free π’ βΉ is_gtt_eps_free (AGTT_trancl_eps_free π’)"
by (auto simp: case_prod_beta is_gtt_eps_free_def AGTT_trancl_def Let_def
AGTT_trancl_eps_free_def ftrancl_eps_free_closures_def)
lemma eps_free_GTT_trancl_eps_free:
"is_gtt_eps_free π’ βΉ is_gtt_eps_free (GTT_trancl_eps_free π’)"
by (auto simp: case_prod_beta is_gtt_eps_free_def GTT_trancl_eps_free_def ftrancl_eps_free_closures_def)
lemma eps_free_AGTT_comp_eps_free:
"is_gtt_eps_free π’β©2 βΉ is_gtt_eps_free (AGTT_comp_eps_free π’β©1 π’β©2)"
by (auto simp: case_prod_beta is_gtt_eps_free_def AGTT_comp_eps_free_def
ftrancl_eps_free_closures_def AGTT_comp_def fmap_states_gtt_def fmap_states_ta_def)
lemma eps_free_GTT_comp_eps_free:
"is_gtt_eps_free (GTT_comp_eps_free π’β©1 π’β©2)"
by (auto simp: case_prod_beta is_gtt_eps_free_def GTT_comp_eps_free_def ftrancl_eps_free_closures_def)
lemmas eps_free_const =
eps_free_prod_swap
eps_free_root_step
eps_free_AGTT_trancl_eps_free
eps_free_GTT_trancl_eps_free
eps_free_AGTT_comp_eps_free
eps_free_GTT_comp_eps_free
lemma agtt_lang_derI:
assumes "β t. ta_der (fst π) (term_of_gterm t) = ta_der (fst β¬) (term_of_gterm t)"
and "β t. ta_der (snd π) (term_of_gterm t) = ta_der (snd β¬) (term_of_gterm t)"
shows "agtt_lang π = agtt_lang β¬" using assms
by (auto simp: agtt_lang_def gta_der_def)
lemma agtt_lang_root_step_conv:
"agtt_lang (root_step R β±) = agtt_lang (agtt_grrstep R β±)"
using ftrancl_eps_free_ta_derI[OF agtt_grrstep_eps_trancl(1), of R β±]
by (auto simp: case_prod_beta root_step_def intro!: agtt_lang_derI)
lemma agtt_lang_AGTT_trancl_eps_free_conv:
assumes "is_gtt_eps_free π’"
shows "agtt_lang (AGTT_trancl_eps_free π’) = agtt_lang (AGTT_trancl π’)"
proof -
let ?eps = "eps (fst (AGTT_trancl π’))"
have "?eps |O| ?eps = {||}" using assms
by (auto simp: AGTT_trancl_def is_gtt_eps_free_def Let_def fmap_states_ta_def)
from ftrancl_eps_free_ta_derI[OF frelcomp_empty_ftrancl_simp[OF this]]
show ?thesis
by (auto simp: case_prod_beta AGTT_trancl_eps_free_def intro!: agtt_lang_derI)
qed
lemma agtt_lang_GTT_trancl_eps_free_conv:
assumes "is_gtt_eps_free π’"
shows "agtt_lang (GTT_trancl_eps_free π’) = agtt_lang (GTT_trancl π’)"
proof -
have "(eps (fst (GTT_trancl π’)))|β§+| = eps (fst (GTT_trancl π’))"
"(eps (snd (GTT_trancl π’)))|β§+| = eps (snd (GTT_trancl π’))" using assms
by (auto simp: GTT_trancl_def Let_def is_gtt_eps_free_def Ξ_trancl_inv)
from ftrancl_eps_free_ta_derI[OF this(1)] ftrancl_eps_free_ta_derI[OF this(2)]
show ?thesis
by (auto simp: case_prod_beta GTT_trancl_eps_free_def intro!: agtt_lang_derI)
qed
lemma agtt_lang_AGTT_comp_eps_free_conv:
assumes "is_gtt_eps_free π’β©1" "is_gtt_eps_free π’β©2"
shows "agtt_lang (AGTT_comp_eps_free π’β©1 π’β©2) = agtt_lang (AGTT_comp' π’β©1 π’β©2)"
proof -
have "(eps (fst (AGTT_comp' π’β©1 π’β©2)))|β§+| = eps (fst (AGTT_comp' π’β©1 π’β©2))" using assms
by (auto simp: is_gtt_eps_free_def fmap_states_gtt_def fmap_states_ta_def
case_prod_beta AGTT_comp_def gtt_interface_def π¬_def intro!: frelcomp_empty_ftrancl_simp)
from ftrancl_eps_free_ta_derI[OF this] show ?thesis
by (auto simp: case_prod_beta AGTT_comp_eps_free_def intro!: agtt_lang_derI)
qed
lemma agtt_lang_GTT_comp_eps_free_conv:
assumes "is_gtt_eps_free π’β©1" "is_gtt_eps_free π’β©2"
shows "agtt_lang (GTT_comp_eps_free π’β©1 π’β©2) = agtt_lang (GTT_comp' π’β©1 π’β©2)"
proof -
have "(eps (fst (GTT_comp' π’β©1 π’β©2)))|β§+| = eps (fst (GTT_comp' π’β©1 π’β©2))"
"(eps (snd (GTT_comp' π’β©1 π’β©2)))|β§+| = eps (snd (GTT_comp' π’β©1 π’β©2))" using assms
by (auto simp: is_gtt_eps_free_def fmap_states_gtt_def fmap_states_ta_def Ξβ©Ξ΅_fmember
case_prod_beta GTT_comp_def gtt_interface_def π¬_def dest!: ground_ta_der_statesD
intro!: frelcomp_empty_ftrancl_simp)
from ftrancl_eps_free_ta_derI[OF this(1)] ftrancl_eps_free_ta_derI[OF this(2)]
show ?thesis
by (auto simp: case_prod_beta GTT_comp_eps_free_def intro!: agtt_lang_derI)
qed
fun gtt_of_gtt_rel_impl :: "('f Γ nat) fset β ('f :: linorder, 'v) fin_trs list β ftrs gtt_rel β (nat, 'f) gtt option" where
"gtt_of_gtt_rel_impl β± Rs (ARoot is) = liftO1 (Ξ»R. relabel_gtt (root_step R β±)) (is_to_trs' Rs is)"
| "gtt_of_gtt_rel_impl β± Rs (GInv g) = liftO1 prod.swap (gtt_of_gtt_rel_impl β± Rs g)"
| "gtt_of_gtt_rel_impl β± Rs (AUnion g1 g2) = liftO2 (Ξ»g1 g2. relabel_gtt (AGTT_union' g1 g2)) (gtt_of_gtt_rel_impl β± Rs g1) (gtt_of_gtt_rel_impl β± Rs g2)"
| "gtt_of_gtt_rel_impl β± Rs (ATrancl g) = liftO1 (relabel_gtt β AGTT_trancl_eps_free) (gtt_of_gtt_rel_impl β± Rs g)"
| "gtt_of_gtt_rel_impl β± Rs (GTrancl g) = liftO1 GTT_trancl_eps_free (gtt_of_gtt_rel_impl β± Rs g)"
| "gtt_of_gtt_rel_impl β± Rs (AComp g1 g2) = liftO2 (Ξ»g1 g2. relabel_gtt (AGTT_comp_eps_free g1 g2)) (gtt_of_gtt_rel_impl β± Rs g1) (gtt_of_gtt_rel_impl β± Rs g2)"
| "gtt_of_gtt_rel_impl β± Rs (GComp g1 g2) = liftO2 (Ξ»g1 g2. relabel_gtt (GTT_comp_eps_free g1 g2)) (gtt_of_gtt_rel_impl β± Rs g1) (gtt_of_gtt_rel_impl β± Rs g2)"
lemma gtt_of_gtt_rel_impl_is_gtt_eps_free:
"gtt_of_gtt_rel_impl β± Rs g = Some g' βΉ is_gtt_eps_free g'"
proof (induct g arbitrary: g')
case (AUnion g1 g2)
then show ?case
by (auto simp: is_gtt_eps_free_def AGTT_union_def fmap_states_gtt_def fmap_states_ta_def ta_union_def relabel_gtt_def)
qed (auto simp: eps_free_const)
lemma gtt_of_gtt_rel_impl_gtt_of_gtt_rel:
"gtt_of_gtt_rel_impl β± Rs g β None β· gtt_of_gtt_rel β± Rs g β None" (is "?Ls β· ?Rs")
proof -
have "?Ls βΉ ?Rs" by (induct g) auto
moreover have "?Rs βΉ ?Ls" by (induct g) auto
ultimately show ?thesis by blast
qed
lemma gtt_of_gtt_rel_impl_sound:
"gtt_of_gtt_rel_impl β± Rs g = Some g' βΉ gtt_of_gtt_rel β± Rs g = Some g'' βΉ agtt_lang g' = agtt_lang g''"
proof (induct g arbitrary: g' g'')
case (ARoot x)
then show ?case by (simp add: agtt_lang_root_step_conv)
next
case (GInv g)
then have "agtt_lang (prod.swap g') = agtt_lang (prod.swap g'')" by auto
then show ?case
by (metis converse_agtt_lang converse_converse)
next
case (AUnion g1 g2)
then show ?case
by simp (metis AGTT_union'_sound option.sel)
next
case (ATrancl g)
then show ?case
using agtt_lang_AGTT_trancl_eps_free_conv[OF gtt_of_gtt_rel_impl_is_gtt_eps_free, of β± Rs g]
by simp (metis AGTT_trancl_sound option.sel)
next
case (GTrancl g)
then show ?case
using agtt_lang_GTT_trancl_eps_free_conv[OF gtt_of_gtt_rel_impl_is_gtt_eps_free, of β± Rs g]
by simp (metis GTT_trancl_alang option.sel)
next
case (AComp g1 g2)
then show ?case
using agtt_lang_AGTT_comp_eps_free_conv[OF gtt_of_gtt_rel_impl_is_gtt_eps_free, of β± Rs g
"the (gtt_of_gtt_rel_impl β± Rs g1)" "the (gtt_of_gtt_rel_impl β± Rs g2)"]
by simp (metis AGTT_comp'_sound agtt_lang_AGTT_comp_eps_free_conv gtt_of_gtt_rel_impl_is_gtt_eps_free option.sel)
next
case (GComp g1 g2)
then show ?case
using agtt_lang_GTT_comp_eps_free_conv[OF gtt_of_gtt_rel_impl_is_gtt_eps_free, of β± Rs g
"the (gtt_of_gtt_rel_impl β± Rs g1)" "the (gtt_of_gtt_rel_impl β± Rs g2)"]
by simp (metis agtt_lang_GTT_comp_eps_free_conv gtt_comp'_alang gtt_of_gtt_rel_impl_is_gtt_eps_free option.sel)
qed
lemma β_eps_free_nhole_ctxt_closure_reg:
assumes "is_ta_eps_free (ta π)"
shows "β (ftrancl_eps_free_reg (nhole_ctxt_closure_reg β± π)) = β (nhole_ctxt_closure_reg β± π)"
proof -
have "eps (ta (nhole_ctxt_closure_reg β± π)) |O| eps (ta (nhole_ctxt_closure_reg β± π)) = {||}" using assms
by (auto simp: nhole_ctxt_closure_reg_def gen_nhole_ctxt_closure_reg_def
gen_nhole_ctxt_closure_automaton_def ta_union_def reflcl_over_nhole_ctxt_ta_def
fmap_states_reg_def is_ta_eps_free_def fmap_states_ta_def reg_Restr_Qβ©f_def)
from frelcomp_empty_ftrancl_simp[OF this] show ?thesis
by (intro β_ftrancl_eps_free_closuresI) simp
qed
lemma β_eps_free_ctxt_closure_reg:
assumes "is_ta_eps_free (ta π)"
shows "β (ftrancl_eps_free_reg (ctxt_closure_reg β± π)) = β (ctxt_closure_reg β± π)"
proof -
have "eps (ta (ctxt_closure_reg β± π)) |O| eps (ta (ctxt_closure_reg β± π)) = {||}" using assms
by (auto simp: ctxt_closure_reg_def gen_ctxt_closure_reg_def Let_def
gen_ctxt_closure_automaton_def ta_union_def reflcl_over_single_ta_def
fmap_states_reg_def is_ta_eps_free_def fmap_states_ta_def reg_Restr_Qβ©f_def)
from frelcomp_empty_ftrancl_simp[OF this] show ?thesis
by (intro β_ftrancl_eps_free_closuresI) simp
qed
lemma β_eps_free_parallel_closure_reg:
assumes "is_ta_eps_free (ta π)"
shows "β (ftrancl_eps_free_reg (parallel_closure_reg β± π)) = β (parallel_closure_reg β± π)"
proof -
have "eps (ta (parallel_closure_reg β± π)) |O| eps (ta (parallel_closure_reg β± π)) = {||}" using assms
by (auto simp: parallel_closure_reg_def gen_parallel_closure_automaton_def Let_def ta_union_def
refl_over_states_ta_def fmap_states_reg_def is_ta_eps_free_def fmap_states_ta_def reg_Restr_Qβ©f_def)
from frelcomp_empty_ftrancl_simp[OF this] show ?thesis
by (intro β_ftrancl_eps_free_closuresI) simp
qed
abbreviation "eps_free_reg' S R β‘ Reg (fin R) (eps_free_automata S (ta R))"
definition "eps_free_mctxt_closure_reg β± π =
(let β¬ = mctxt_closure_reg β± π in
eps_free_reg' ((Ξ» p. (fst p, Inr cl_state)) |`| (eps (ta β¬)) |βͺ| eps (ta β¬)) β¬)"
definition "eps_free_nhole_mctxt_reflcl_reg β± π =
(let β¬ = nhole_mctxt_reflcl_reg β± π in
eps_free_reg' ((Ξ» p. (fst p, Inl (Inr cl_state))) |`| (eps (ta β¬)) |βͺ| eps (ta β¬)) β¬)"
definition "eps_free_nhole_mctxt_closure_reg β± π =
(let β¬ = nhole_mctxt_closure_reg β± π in
eps_free_reg' ((Ξ» p. (fst p, (Inr cl_state))) |`| (eps (ta β¬)) |βͺ| eps (ta β¬)) β¬)"
lemma β_eps_free_reg'I:
"(eps (ta π))|β§+| = S βΉ β (eps_free_reg' S π) = β π"
by (auto simp: β_def gta_lang_def gta_der_def ta_res_eps_free simp flip: eps_free)
lemma β_eps_free_mctxt_closure_reg:
assumes "is_ta_eps_free (ta π)"
shows "β (eps_free_mctxt_closure_reg β± π) = β (mctxt_closure_reg β± π)" using assms
unfolding eps_free_mctxt_closure_reg_def Let_def
apply (intro β_eps_free_reg'I)
apply (auto simp: comp_def mctxt_closure_reg_def is_ta_eps_free_def Let_def
gen_nhole_mctxt_closure_automaton_def reflcl_over_nhole_mctxt_ta_def ta_union_def
reflcl_over_nhole_ctxt_ta_def gen_mctxt_closure_reg_def reg_Restr_Qβ©f_def
fmap_states_reg_def fmap_states_ta_def dest: ftranclD ftranclD2)
by (meson fimageI finsert_iff finterI fr_into_trancl ftrancl_into_trancl)
lemma β_eps_free_nhole_mctxt_reflcl_reg:
assumes "is_ta_eps_free (ta π)"
shows "β (eps_free_nhole_mctxt_reflcl_reg β± π) = β (nhole_mctxt_reflcl_reg β± π)" using assms
unfolding eps_free_nhole_mctxt_reflcl_reg_def Let_def
apply (intro β_eps_free_reg'I)
apply (auto simp: comp_def nhole_mctxt_reflcl_reg_def is_ta_eps_free_def Let_def
nhole_mctxt_closure_reg_def gen_nhole_mctxt_closure_reg_def reg_union_def ta_union_def
gen_nhole_mctxt_closure_automaton_def reflcl_over_nhole_mctxt_ta_def
reflcl_over_nhole_ctxt_ta_def reg_Restr_Qβ©f_def fmap_states_reg_def fmap_states_ta_def dest: ftranclD ftranclD2)
by (meson fimageI finsert_iff finterI fr_into_trancl ftrancl_into_trancl)
lemma β_eps_free_nhole_mctxt_closure_reg:
assumes "is_ta_eps_free (ta π)"
shows "β (eps_free_nhole_mctxt_closure_reg β± π) = β (nhole_mctxt_closure_reg β± π)" using assms
unfolding eps_free_nhole_mctxt_closure_reg_def Let_def
apply (intro β_eps_free_reg'I)
apply (auto simp: comp_def nhole_mctxt_closure_reg_def is_ta_eps_free_def Let_def
gen_nhole_mctxt_closure_reg_def reg_Restr_Qβ©f_def fmap_states_reg_def fmap_states_ta_def
gen_nhole_mctxt_closure_automaton_def reflcl_over_nhole_mctxt_ta_def ta_union_def
reflcl_over_nhole_ctxt_ta_def dest: ftranclD ftranclD2)
by (meson fimageI finsert_iff finterI fr_into_trancl ftrancl_into_trancl)
fun rr1_of_rr1_rel_impl :: "('f Γ nat) fset β ('f :: linorder, 'v) fin_trs list β ftrs rr1_rel β (nat, 'f) reg option"
and rr2_of_rr2_rel_impl :: "('f Γ nat) fset β ('f, 'v) fin_trs list β ftrs rr2_rel β (nat, 'f option Γ 'f option) reg option" where
"rr1_of_rr1_rel_impl β± Rs R1Terms = Some (relabel_reg (term_reg β±))"
| "rr1_of_rr1_rel_impl β± Rs (R1NF is) = liftO1 (Ξ»R. (simplify_reg (nf_reg (fst |`| R) β±))) (is_to_trs' Rs is)"
| "rr1_of_rr1_rel_impl β± Rs (R1Inf r) = liftO1 (Ξ»R.
let π = trim_reg R in
simplify_reg (proj_1_reg (Inf_reg_impl π))
) (rr2_of_rr2_rel_impl β± Rs r)"
| "rr1_of_rr1_rel_impl β± Rs (R1Proj i r) = (case i of 0 β
liftO1 (trim_reg β proj_1_reg) (rr2_of_rr2_rel_impl β± Rs r)
| _ β liftO1 (trim_reg β proj_2_reg) (rr2_of_rr2_rel_impl β± Rs r))"
| "rr1_of_rr1_rel_impl β± Rs (R1Union s1 s2) =
liftO2 (Ξ» x y. relabel_reg (reg_union x y)) (rr1_of_rr1_rel_impl β± Rs s1) (rr1_of_rr1_rel_impl β± Rs s2)"
| "rr1_of_rr1_rel_impl β± Rs (R1Inter s1 s2) =
liftO2 (Ξ» x y. simplify_reg (reg_intersect x y)) (rr1_of_rr1_rel_impl β± Rs s1) (rr1_of_rr1_rel_impl β± Rs s2)"
| "rr1_of_rr1_rel_impl β± Rs (R1Diff s1 s2) = liftO2 (Ξ» x y. relabel_reg (trim_reg (difference_reg x y))) (rr1_of_rr1_rel_impl β± Rs s1) (rr1_of_rr1_rel_impl β± Rs s2)"
| "rr2_of_rr2_rel_impl β± Rs (R2GTT_Rel g w x) =
(case w of PRoot β
(case x of ESingle β liftO1 (simplify_reg β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)
| EParallel β liftO1 (simplify_reg β reflcl_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)
| EStrictParallel β liftO1 (simplify_reg β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g))
| PNonRoot β
(case x of ESingle β liftO1 (simplify_reg β ftrancl_eps_free_reg β nhole_ctxt_closure_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)
| EParallel β liftO1 (simplify_reg β eps_free_nhole_mctxt_reflcl_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)
| EStrictParallel β liftO1 (simplify_reg β eps_free_nhole_mctxt_closure_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g))
| PAny β
(case x of ESingle β liftO1 (simplify_reg β ftrancl_eps_free_reg β ctxt_closure_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)
| EParallel β liftO1 (simplify_reg β ftrancl_eps_free_reg β parallel_closure_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)
| EStrictParallel β liftO1 (simplify_reg β eps_free_mctxt_closure_reg (lift_sig_RR2 |`| β±) β GTT_to_RR2_root_reg) (gtt_of_gtt_rel_impl β± Rs g)))"
| "rr2_of_rr2_rel_impl β± Rs (R2Diag s) =
liftO1 (Ξ» x. fmap_funs_reg (Ξ»f. (Some f, Some f)) x) (rr1_of_rr1_rel_impl β± Rs s)"
| "rr2_of_rr2_rel_impl β± Rs (R2Prod s1 s2) =
liftO2 (Ξ» x y. simplify_reg (pair_automaton_reg x y)) (rr1_of_rr1_rel_impl β± Rs s1) (rr1_of_rr1_rel_impl β± Rs s2)"
| "rr2_of_rr2_rel_impl β± Rs (R2Inv r) = liftO1 (fmap_funs_reg prod.swap) (rr2_of_rr2_rel_impl β± Rs r)"
| "rr2_of_rr2_rel_impl β± Rs (R2Union r1 r2) =
liftO2 (Ξ» x y. relabel_reg (reg_union x y)) (rr2_of_rr2_rel_impl β± Rs r1) (rr2_of_rr2_rel_impl β± Rs r2)"
| "rr2_of_rr2_rel_impl β± Rs (R2Inter r1 r2) =
liftO2 (Ξ» x y. simplify_reg (reg_intersect x y)) (rr2_of_rr2_rel_impl β± Rs r1) (rr2_of_rr2_rel_impl β± Rs r2)"
| "rr2_of_rr2_rel_impl β± Rs (R2Diff r1 r2) = liftO2 (Ξ» x y. simplify_reg (difference_reg x y)) (rr2_of_rr2_rel_impl β± Rs r1) (rr2_of_rr2_rel_impl β± Rs r2)"
| "rr2_of_rr2_rel_impl β± Rs (R2Comp r1 r2) = liftO2 (Ξ» x y. simplify_reg (rr2_compositon β± x y))
(rr2_of_rr2_rel_impl β± Rs r1) (rr2_of_rr2_rel_impl β± Rs r2)"
lemmas ta_simp_unfold = simplify_reg_def relabel_reg_def trim_reg_def relabel_ta_def term_reg_def
lemma is_ta_eps_free_trim_reg [intro!]:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (trim_reg R))"
by (simp add: is_ta_eps_free_def trim_reg_def trim_ta_def ta_restrict_def)
lemma is_ta_eps_free_relabel_reg [intro!]:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (relabel_reg R))"
by (simp add: is_ta_eps_free_def relabel_reg_def relabel_ta_def fmap_states_ta_def)
lemma is_ta_eps_free_simplify_reg [intro!]:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (simplify_reg R))"
by (simp add: is_ta_eps_free_def ta_simp_unfold fmap_states_ta_def trim_ta_def ta_restrict_def)
lemma is_ta_emptyI [simp]:
"is_ta_eps_free (TA R {||}) β· True"
by (simp add: is_ta_eps_free_def)
lemma is_ta_empty_trim_reg:
"is_ta_eps_free (ta A) βΉ eps (ta (trim_reg A)) = {||}"
by (auto simp: is_ta_eps_free_def trim_reg_def trim_ta_def ta_restrict_def)
lemma is_proj_ta_eps_empty:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (proj_1_reg R))"
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (proj_2_reg R))"
by (auto simp: is_ta_eps_free_def proj_1_reg_def proj_2_reg_def collapse_automaton_reg_def collapse_automaton_def
fmap_funs_reg_def fmap_funs_ta_def trim_reg_def trim_ta_def ta_restrict_def)
lemma is_pod_ta_eps_empty:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta L) βΉ is_ta_eps_free (ta (reg_intersect R L))"
by (auto simp: reg_intersect_def prod_ta_def prod_epsRp_def prod_epsLp_def is_ta_eps_free_def)
lemma is_fmap_funs_reg_eps_empty:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (fmap_funs_reg f R))"
by (auto simp: fmap_funs_reg_def fmap_funs_ta_def is_ta_eps_free_def)
lemma is_collapse_automaton_reg_eps_empty:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta (collapse_automaton_reg R))"
by (auto simp: collapse_automaton_reg_def collapse_automaton_def is_ta_eps_free_def)
lemma is_pair_automaton_reg_eps_empty:
"is_ta_eps_free (ta R) βΉ is_ta_eps_free (ta L) βΉ is_ta_eps_free (ta (pair_automaton_reg R L))"
by (auto simp: pair_automaton_reg_def pair_automaton_def is_ta_eps_free_def)
lemma is_reflcl_automaton_eps_free:
"is_ta_eps_free A βΉ is_ta_eps_free (reflcl_automaton (lift_sig_RR2 |`| β±) A)"
by (auto simp: is_ta_eps_free_def reflcl_automaton_def ta_union_def gen_reflcl_automaton_def Let_def fmap_states_ta_def)
lemma is_GTT_to_RR2_root_eps_empty:
"is_gtt_eps_free π’ βΉ is_ta_eps_free (GTT_to_RR2_root π’)"
by (auto simp: is_gtt_eps_free_def GTT_to_RR2_root_def pair_automaton_def is_ta_eps_free_def)
lemma is_term_automata_eps_empty:
"is_ta_eps_free (ta (term_reg β±)) β· True"
by (auto simp: is_ta_eps_free_def term_reg_def term_automaton_def)
lemma is_ta_eps_free_eps_free_automata [simp]:
" is_ta_eps_free (eps_free_automata S R) β· True"
by (auto simp: eps_free_automata_def is_ta_eps_free_def)
lemma rr2_of_rr2_rel_impl_eps_free:
shows "β A. rr1_of_rr1_rel_impl β± Rs r1 = Some A βΆ is_ta_eps_free (ta A)"
"β A. rr2_of_rr2_rel_impl β± Rs r2 = Some A βΆ is_ta_eps_free (ta A)"
proof (induct r1 and r2)
case R1Terms
then show ?case
by (auto simp: is_ta_eps_free_def term_automaton_def fmap_states_ta_def ta_simp_unfold)
next
case (R1NF x)
then show ?case
by (auto simp: nf_reg_def nf_ta_def)
next
case (R1Inf x)
then show ?case
by (auto simp: Inf_reg_impl_def Let_def Inf_reg_def Inf_automata_def is_ta_empty_trim_reg intro!: is_proj_ta_eps_empty)
next
case (R1Proj n x2)
then show ?case
by (cases n) (auto intro!: is_proj_ta_eps_empty)
next
case (R1Union x1 x2)
then show ?case
by (simp add: reg_union_def ta_union_def fmap_states_ta_def is_ta_eps_free_def relabel_reg_def relabel_ta_def)
next
case (R1Inter x1 x2)
then show ?case
by (auto intro: is_pod_ta_eps_empty)
next
case (R1Diff x1 x2)
then show ?case
by (auto simp: difference_reg_def Let_def complement_reg_def ps_reg_def ps_ta_def intro!: is_pod_ta_eps_empty)
next
case (R2GTT_Rel x1 x2 x3)
then show ?case
by (cases x2; cases x3) (auto simp: GTT_to_RR2_root_reg_def ftrancl_eps_free_closures_def
eps_free_nhole_mctxt_closure_reg_def eps_free_nhole_mctxt_reflcl_reg_def Let_def
eps_free_mctxt_closure_reg_def reflcl_reg_def
dest: gtt_of_gtt_rel_impl_is_gtt_eps_free
intro!: is_GTT_to_RR2_root_eps_empty is_reflcl_automaton_eps_free)
next
case (R2Diag x)
then show ?case by (auto simp: fmap_funs_reg_def fmap_funs_ta_def is_ta_eps_free_def)
next
case (R2Prod x1 x2)
then show ?case by (auto intro: is_pair_automaton_reg_eps_empty)
next
case (R2Inv x)
then show ?case by (auto simp: fmap_funs_reg_def fmap_funs_ta_def is_ta_eps_free_def)
next
case (R2Union x1 x2)
then show ?case by (simp add: reg_union_def ta_union_def fmap_states_ta_def is_ta_eps_free_def relabel_reg_def relabel_ta_def)
next
case (R2Inter x1 x2)
then show ?case by (auto intro: is_pod_ta_eps_empty)
next
case (R2Diff x1 x2)
then show ?case by (auto simp: difference_reg_def Let_def complement_reg_def ps_reg_def ps_ta_def intro!: is_pod_ta_eps_empty)
next
case (R2Comp x1 x2)
then show ?case by (auto simp: is_term_automata_eps_empty rr2_compositon_def Let_def
intro!: is_pod_ta_eps_empty is_fmap_funs_reg_eps_empty is_collapse_automaton_reg_eps_empty is_pair_automaton_reg_eps_empty)
qed
lemma rr_of_rr_rel_impl_complete:
"rr1_of_rr1_rel_impl β± Rs r1 β None β· rr1_of_rr1_rel β± Rs r1 β None"
"rr2_of_rr2_rel_impl β± Rs r2 β None β· rr2_of_rr2_rel β± Rs r2 β None"
proof (induct r1 and r2)
case (R1Proj n x2)
then show ?case by (cases n) auto
next
case (R2GTT_Rel x1 n p)
then show ?case using gtt_of_gtt_rel_impl_gtt_of_gtt_rel[of β± Rs]
by (cases p; cases n) auto
qed auto
lemma π¬_fmap_funs_reg [simp]:
"π¬β©r (fmap_funs_reg f π) = π¬β©r π"
by (auto simp: fmap_funs_reg_def)
lemma ta_reachable_fmap_funs_reg [simp]:
"ta_reachable (ta (fmap_funs_reg f π)) = ta_reachable (ta π)"
by (auto simp: fmap_funs_reg_def)
lemma collapse_reg_cong:
"π¬β©r π |β| ta_reachable (ta π) βΉ π¬β©r β¬ |β| ta_reachable (ta β¬) βΉ β π = β β¬ βΉ β (collapse_automaton_reg π) = β (collapse_automaton_reg β¬)"
by (auto simp: collapse_automaton_reg_def β_def collapse_automaton')
lemma β_fmap_funs_reg_cong:
"β π = β β¬ βΉ β (fmap_funs_reg h π) = β (fmap_funs_reg h β¬)"
by (auto simp: fmap_funs_β)
lemma β_pair_automaton_reg_cong:
"β π = β β¬ βΉ β π = β π βΉ β (pair_automaton_reg π π) = β (pair_automaton_reg β¬ π)"
by (auto simp: pair_automaton')
lemma β_nhole_ctxt_closure_reg_cong:
"β π = β β¬ βΉ β± = π’ βΉ β (nhole_ctxt_closure_reg β± π) = β (nhole_ctxt_closure_reg π’ β¬)"
by (auto simp: nhole_ctxtcl_lang)
lemma β_nhole_mctxt_closure_reg_cong:
"β π = β β¬ βΉ β± = π’ βΉ β (nhole_mctxt_closure_reg β± π) = β (nhole_mctxt_closure_reg π’ β¬)"
by (auto simp: nhole_gmctxt_closure_lang)
lemma β_ctxt_closure_reg_cong:
"β π = β β¬ βΉ β± = π’ βΉ β (ctxt_closure_reg β± π) = β (ctxt_closure_reg π’ β¬)"
by (auto simp: gctxt_closure_lang)
lemma β_parallel_closure_reg_cong:
"β π = β β¬ βΉ β± = π’ βΉ β (parallel_closure_reg β± π) = β (parallel_closure_reg π’ β¬)"
by (auto simp: parallelcl_gmctxt_lang)
lemma β_mctxt_closure_reg_cong:
"β π = β β¬ βΉ β± = π’ βΉ β (mctxt_closure_reg β± π) = β (mctxt_closure_reg π’ β¬)"
by (auto simp: gmctxt_closure_lang)
lemma β_nhole_mctxt_reflcl_reg_cong:
"β π = β β¬ βΉ β± = π’ βΉ β (nhole_mctxt_reflcl_reg β± π) = β (nhole_mctxt_reflcl_reg π’ β¬)"
unfolding nhole_mctxt_reflcl_lang
by (intro arg_cong2[where ?f = "(βͺ)"] β_nhole_mctxt_closure_reg_cong) auto
declare equalityI[rule del]
declare fsubsetI[rule del]
lemma β_proj_1_reg_cong:
"β π = β β¬ βΉ β (proj_1_reg π) = β (proj_1_reg β¬)"
by (auto simp: proj_1_reg_def β_trim intro!: collapse_reg_cong β_fmap_funs_reg_cong)
lemma β_proj_2_reg_cong:
"β π = β β¬ βΉ β (proj_2_reg π) = β (proj_2_reg β¬)"
by (auto simp: proj_2_reg_def β_trim intro!: collapse_reg_cong β_fmap_funs_reg_cong)
lemma rr2_of_rr2_rel_impl_sound:
assumes "βR β set Rs. lv_trs (fset R) β§ ffunas_trs R |β| β±"
shows "β A B. rr1_of_rr1_rel_impl β± Rs r1 = Some A βΉ rr1_of_rr1_rel β± Rs r1 = Some B βΉ β A = β B"
"β A B. rr2_of_rr2_rel_impl β± Rs r2 = Some A βΉ rr2_of_rr2_rel β± Rs r2 = Some B βΉ β A = β B"
proof (induct r1 and r2)
case (R1Inf r)
then obtain C D where inf: "rr2_of_rr2_rel_impl β± Rs r = Some C" "rr2_of_rr2_rel β± Rs r = Some D"
"β C = β D" by auto
have spec: "RR2_spec C (eval_rr2_rel (fset β±) (map fset Rs) r)" "RR2_spec D (eval_rr2_rel (fset β±) (map fset Rs) r)"
using rr12_of_rr12_rel_correct(2)[OF assms, rule_format, OF inf(2)] inf(3)
by (auto simp: RR2_spec_def)
then have trim_spec: "RR2_spec (trim_reg C) (eval_rr2_rel (fset β±) (map fset Rs) r)"
"RR2_spec (trim_reg D) (eval_rr2_rel (fset β±) (map fset Rs) r)"
by (auto simp: RR2_spec_def β_trim)
let ?C = "Inf_reg (trim_reg C) (Q_infty (ta (trim_reg C)) β±)" let ?D = "Inf_reg (trim_reg D) (Q_infty (ta (trim_reg D)) β±)"
from spec have *: "β (Inf_reg_impl (trim_reg C)) = β ?C"
using eval_rr12_rel_sig(2)[of "fset β±" "map fset Rs" r]
by (intro Inf_reg_impl_sound) (auto simp: RR2_spec_def β_trim π―β©G_equivalent_def)
from spec have **: "β (Inf_reg_impl (trim_reg D)) = β ?D"
using eval_rr12_rel_sig(2)[of "fset β±" "map fset Rs" r]
by (intro Inf_reg_impl_sound) (auto simp: RR2_spec_def β_trim π―β©G_equivalent_def)
then have C: "RR2_spec ?C {(s, t) | s t. gpair s t β β ?C}" and
D: "RR2_spec ?D {(s, t) | s t. gpair s t β β ?D}"
using subset_trans[OF Inf_automata_subseteq[of "trim_reg C" β±], of "β C"] spec
using subset_trans[OF Inf_automata_subseteq[of "trim_reg D" β±], of "β D"]
using eval_rr12_rel_sig(2)[of "fset β±" "map fset Rs" r]
by (auto simp: RR2_spec_def β_trim π―β©G_equivalent_def intro!: equalityI fsubsetI)
from * ** have r: "β (proj_1_reg (Inf_reg_impl (trim_reg C))) = β (proj_1_reg ?C)"
"β (proj_1_reg (Inf_reg_impl (trim_reg D))) = β (proj_1_reg ?D)"
by (auto intro: β_proj_1_reg_cong)
from β_Inf_reg[OF trim_spec(1), of β±] β_Inf_reg[OF trim_spec(2), of β±]
show ?case using R1Inf eval_rr12_rel_sig(2)[of "fset β±" "map fset Rs" r]
by (auto simp: liftO1_def r inf π―β©G_equivalent_def β_proj(1)[OF C] β_proj(1)[OF D])
next
case (R1Proj n x2)
then show ?case by (cases n)
(auto simp: liftO1_def β_trim proj_1_reg_def proj_2_reg_def intro!: fsubsetI β_fmap_funs_reg_cong collapse_reg_cong, (meson fin_mono trim_reg_reach)+)
next
case (R2GTT_Rel g p n) note IH = this
note ass = R2GTT_Rel
consider (a) "β A. gtt_of_gtt_rel_impl β± Rs g = Some A" | (b) "gtt_of_gtt_rel_impl β± Rs g = None" by blast
then show ?case
proof cases
case a then obtain C D where gtt [simp]: "gtt_of_gtt_rel_impl β± Rs g = Some C"
"gtt_of_gtt_rel β± Rs g = Some D" using gtt_of_gtt_rel_impl_gtt_of_gtt_rel by blast
from gtt_of_gtt_rel_impl_sound[OF this]
have spec [simp]: "agtt_lang C = agtt_lang D" by auto
have eps [simp]: "is_ta_eps_free (ta (GTT_to_RR2_root_reg C))"
using gtt_of_gtt_rel_impl_is_gtt_eps_free[OF gtt(1)]
by (auto simp: GTT_to_RR2_root_reg_def GTT_to_RR2_root_def pair_automaton_def is_ta_eps_free_def is_gtt_eps_free_def)
have lang: "β (GTT_to_RR2_root_reg C) = β (GTT_to_RR2_root_reg D)"
by (metis (no_types, lifting) GTT_to_RR2_root RR2_spec_def spec)
show ?thesis
proof (cases p)
case PRoot
then show ?thesis using IH spec lang
by (cases n) (auto simp: β_eps_free β_reflcl_reg)
next
case PNonRoot
then show ?thesis using IH
by (cases n) (auto simp: β_eps_free β_eps_free_nhole_ctxt_closure_reg[OF eps]
β_eps_free_nhole_mctxt_reflcl_reg[OF eps] β_eps_free_nhole_mctxt_closure_reg[OF eps]
lang intro: β_nhole_ctxt_closure_reg_cong β_nhole_mctxt_reflcl_reg_cong β_nhole_mctxt_closure_reg_cong)
next
case PAny
then show ?thesis using IH
by (cases n) (auto simp: β_eps_free β_eps_free_ctxt_closure_reg[OF eps]
β_eps_free_parallel_closure_reg[OF eps] β_eps_free_mctxt_closure_reg[OF eps] lang
intro!: β_ctxt_closure_reg_cong β_parallel_closure_reg_cong β_mctxt_closure_reg_cong)
qed
next
case b then show ?thesis using IH
by (cases p; cases n) auto
qed
next
case (R2Comp x1 x2)
then show ?case
by (auto simp: liftO1_def rr2_compositon_def β_trim β_intersect Let_def
intro!: β_pair_automaton_reg_cong β_fmap_funs_reg_cong collapse_reg_cong arg_cong2[where ?f = "(β©)"])
qed (auto simp: liftO1_def β_intersect β_union β_trim β_difference_reg intro!: β_fmap_funs_reg_cong β_pair_automaton_reg_cong)
declare equalityI[intro!]
declare fsubsetI[intro!]
lemma rr12_of_rr12_rel_impl_correct:
assumes "βR β set Rs. lv_trs (fset R) β§ ffunas_trs R |β| β±"
shows "βta1. rr1_of_rr1_rel_impl β± Rs r1 = Some ta1 βΆ RR1_spec ta1 (eval_rr1_rel (fset β±) (map fset Rs) r1)"
"βta2. rr2_of_rr2_rel_impl β± Rs r2 = Some ta2 βΆ RR2_spec ta2 (eval_rr2_rel (fset β±) (map fset Rs) r2)"
using rr12_of_rr12_rel_correct(1)[OF assms, of r1]
using rr12_of_rr12_rel_correct(2)[OF assms, of r2]
using rr2_of_rr2_rel_impl_sound(1)[OF assms, of r1]
using rr2_of_rr2_rel_impl_sound(2)[OF assms, of r2]
using rr_of_rr_rel_impl_complete(1)[of β± Rs r1]
using rr_of_rr_rel_impl_complete(2)[of β± Rs r2]
by (force simp: RR1_spec_def RR2_spec_def)+
lemma check_inference_rrn_impl_correct:
assumes sig: "π―β©G (fset β±) β {}" and Rs: "βR β set Rs. lv_trs (fset R) β§ ffunas_trs R |β| β±"
assumes infs: "βfvA. fvA β set infs βΉ formula_spec (fset β±) (map fset Rs) (fst (snd fvA)) (snd (snd fvA)) (fst fvA)"
assumes inf: "check_inference rr1_of_rr1_rel_impl rr2_of_rr2_rel_impl β± Rs infs (l, step, fm, is) = Some (fm', vs, A')"
shows "l = length infs β§ fm = fm' β§ formula_spec (fset β±) (map fset Rs) vs A' fm'"
using check_inference_correct[where ?rr1c = rr1_of_rr1_rel_impl and ?rr2c = rr2_of_rr2_rel_impl, OF assms]
using rr12_of_rr12_rel_impl_correct[OF Rs]
by auto
definition check_sig_nempty where
"check_sig_nempty β± = (0 |β| snd |`| β±)"
where
"check_trss β β± = list_all (Ξ» R. lv_trs (fset R) β§ funas_trs (fset R) β fset β±) β"
lemma check_sig_nempty:
"check_sig_nempty β± β· π―β©G (fset β±) β {}" (is "?Ls β· ?Rs")
proof -
{assume ?Ls then obtain a where "(a, 0) |β| β±" by (auto simp: check_sig_nempty_def)
then have "GFun a [] β π―β©G (fset β±)"
by (intro const) simp
then have ?Rs by blast}
moreover
{assume ?Rs then obtain s where "s β π―β©G (fset β±)" by blast
then obtain a where "(a, 0) |β| β±"
by (induct s) (auto, force)
then have ?Ls unfolding check_sig_nempty_def
by (auto simp: image_iff Bex_def)}
ultimately show ?thesis by blast
qed
lemma :
"check_trss β β± β· (β R β set β. lv_trs (fset R) β§ ffunas_trs R |β| β±)"
unfolding check_trss_def list_all_iff
by (auto simp: ffunas_trs.rep_eq less_eq_fset.rep_eq)
fun check_inference_list :: "('f Γ nat) fset β ('f :: {compare,linorder}, 'v) fin_trs list
β (nat Γ ftrs inference Γ ftrs formula Γ info list) list
β (ftrs formula Γ nat list Γ (nat, 'f option list) reg) list option" where
"check_inference_list β± Rs infs = do {
guard (check_sig_nempty β±);
guard (check_trss Rs β±);
foldl (Ξ» tas inf. do {
tas' β tas;
r β check_inference rr1_of_rr1_rel_impl rr2_of_rr2_rel_impl β± Rs tas' inf;
Some (tas' @ [r])
})
(Some []) infs
}"
lemma check_inference_list_correct:
assumes "check_inference_list β± Rs infs = Some fvAs"
shows "length infs = length fvAs β§ (β i < length fvAs. fst (snd (snd (infs ! i))) = fst (fvAs ! i)) β§
(β i < length fvAs. formula_spec (fset β±) (map fset Rs) (fst (snd (fvAs ! i))) (snd (snd (fvAs ! i))) (fst (fvAs ! i)))"
using assms
proof (induct infs arbitrary: fvAs rule: rev_induct)
note [simp] = bind_eq_Some_conv guard_simps
{case Nil
then show ?case by auto
next
case (snoc a infs)
have inv: "π―β©G (fset β±) β {}" "βRβset Rs. lv_trs (fset R) β§ ffunas_trs R |β| β±"
using snoc(2) by (auto simp: check_sig_nempty check_trss)
from snoc(2) obtain fvAs' l steps fm fm' is' vs A' where
ch: "check_inference_list β± Rs infs = Some fvAs'" "a = (l, steps, fm, is')"
"check_inference rr1_of_rr1_rel_impl rr2_of_rr2_rel_impl β± Rs fvAs' (l, steps, fm, is') = Some (fm', vs, A')" "fvAs = fvAs' @ [(fm', vs, A')]"
by (auto simp del: check_inference.simps) (metis prod_cases4)
from snoc(1)[OF ch(1)] have "fvA β set fvAs' βΉ formula_spec (fset β±) (map fset Rs) (fst (snd fvA)) (snd (snd fvA)) (fst fvA)" for fvA
by (auto dest: in_set_idx)
from check_inference_rrn_impl_correct[OF inv this, of fvAs'] this
show ?case using snoc(1)[OF ch(1)] ch
by (auto simp del: check_inference.simps simp: nth_append)
}
qed
fun check_certificate where
"check_certificate β± Rs A fm (Certificate infs claim n) = do {
guard (n < length infs);
guard (A β· claim = Nonempty);
guard (fm = fst (snd (snd (infs ! n))));
fvA β check_inference_list β± Rs (take (Suc n) infs);
(let E = reg_empty (snd (snd (last fvA))) in
case claim of Empty β Some E
| _ β Some (Β¬ E))
}"
definition formula_unsatisfiable where
"formula_unsatisfiable β± Rs fm β· (formula_satisfiable β± Rs fm = False)"
definition correct_certificate where
"correct_certificate β± Rs claim infs n β‘
(claim = Empty β· (formula_unsatisfiable (fset β±) (map fset Rs) (fst (snd (snd (infs ! n))))) β§
claim = Nonempty β· formula_satisfiable (fset β±) (map fset Rs) (fst (snd (snd (infs ! n)))))"
lemma check_certificate_sound:
assumes "check_certificate β± Rs A fm (Certificate infs claim n) = Some B"
shows "fm = fst (snd (snd (infs ! n)))" "A β· claim = Nonempty"
using assms by (auto simp: bind_eq_Some_conv guard_simps)
lemma check_certificate_correct:
assumes "check_certificate β± Rs A fm (Certificate infs claim n) = Some B"
shows "(B = True βΆ correct_certificate β± Rs claim infs n) β§
(B = False βΆ correct_certificate β± Rs (case_claim Nonempty Empty claim) infs n)"
proof -
note [simp] = bind_eq_Some_conv guard_simps
from assms obtain fvAs where inf: "check_inference_list β± Rs (take (Suc n) infs) = Some fvAs"
by auto
from assms have len: "n < length infs" by auto
from check_inference_list_correct[OF inf] have
inv: "length fvAs = n + 1"
"fst (snd (snd (infs ! n))) = fst (fvAs ! n)"
"formula_spec (fset β±) (map fset Rs) (fst (snd (last fvAs))) (snd (snd (last fvAs))) (fst (last fvAs))"
using len last_conv_nth[of fvAs] by force+
have nth: "fst (last fvAs) = fst (fvAs ! n)" using inv(1)
using len last_conv_nth[of fvAs] by force
note spec = formula_spec_empty[OF _ inv(3)] formula_spec_nt_empty_form_sat[OF _ inv(3)]
consider (a) "claim = Empty" | (b) "claim = Nonempty" using claim.exhaust by blast
then show ?thesis
proof cases
case a
then have *: "B = reg_empty (snd (snd (last fvAs)))" using inv
using assms len last_conv_nth[of fvAs]
by (auto simp: inf simp del: check_inference_list.simps)
show ?thesis using a inv spec unfolding *
by (auto simp: formula_satisfiable_def nth correct_certificate_def formula_unsatisfiable_def simp del: reg_empty)
next
case b
then have *: "B β· Β¬ (reg_empty (snd (snd (last fvAs))))" using inv
using assms len last_conv_nth[of fvAs]
by (auto simp: inf simp del: check_inference_list.simps)
show ?thesis using b inv spec unfolding *
by (auto simp: formula_satisfiable_def nth formula_unsatisfiable_def correct_certificate_def simp del: reg_empty)
qed
qed
definition check_certificate_string ::
"(integer list Γ fvar) fset β
((integer list, integer list) Term.term Γ (integer list, integer list) Term.term) fset list β
bool β ftrs formula β ftrs certificate β bool option"
where "check_certificate_string = check_certificate"
export_code check_certificate_string Var Fun fset_of_list nat_of_integer Certificate
R2GTT_Rel R2Eq R2Reflc R2Step R2StepEq R2Steps R2StepsEq R2StepsNF R2ParStep R2RootStep
R2RootStepEq R2RootSteps R2RootStepsEq R2NonRootStep R2NonRootStepEq R2NonRootSteps
R2NonRootStepsEq R2Meet R2Join
ARoot GSteps PRoot ESingle Empty Size EDistribAndOr
R1Terms R1Fin
FRR1 FRestrict FTrue FFalse
IRR1 Fwd in Haskell module_name FOR
end