Refactor and split Soundness.thy

Author: jvanbruegge

BetaEquivalence.thy

@@ -0,0 +1,85 @@
+theory BetaEquivalence
+  imports Semantics
+begin
+
+lemma beta_same[simp]: "\<lbrakk> e1 \<longrightarrow>* e1' ; beta_nf e1 \<rbrakk> \<Longrightarrow> e1 = e1'"
+  by (induction e1 e1' rule: Steps.induct) (auto simp: beta_nf_def)
+
+fun path :: "term \<Rightarrow> term list \<Rightarrow> term \<Rightarrow> bool" where
+  "path a [] b \<longleftrightarrow> a = b \<or> Step a b"
+| "path a (x#xs) b \<longleftrightarrow> Step a x \<and> path x xs b"
+
+lemma path_snoc: "\<lbrakk> path a xs b ; Step b c \<rbrakk> \<Longrightarrow> path a (xs@[b]) c \<or> path a xs c"
+  by (induction a xs b arbitrary: c rule: path.induct) auto
+
+lemma Steps_concat: "\<lbrakk> e2 \<longrightarrow>* e3 ; e1 \<longrightarrow>* e2 \<rbrakk> \<Longrightarrow> e1 \<longrightarrow>* e3"
+  apply (induction e2 e3 arbitrary: e1 rule: Steps.induct)
+  using Steps.simps by blast+
+
+lemma Steps_path: "a \<longrightarrow>* b \<longleftrightarrow> (\<exists>p. path a p b)"
+proof
+  assume "a \<longrightarrow>* b"
+  then show "\<exists>p. path a p b"
+  proof (induction a b rule: Steps.induct)
+    case (refl e)
+    then have "path e [] e" by simp
+    then show ?case by blast
+  next
+    case (trans e1 e2 e3)
+    then obtain xs where "path e1 xs e2" by blast
+    then have "path e1 (xs@[e2]) e3 \<or> path e1 xs e3" using trans(2) path_snoc by simp
+    then show ?case by blast
+  qed
+next
+  assume "\<exists>p. path a p b"
+  then obtain p where "path a p b" by blast
+  then show "a \<longrightarrow>* b"
+  proof (induction a p b rule: path.induct)
+    case (1 a b)
+    then show ?case using Steps.intros by auto
+  next
+    case (2 a x xs b)
+    then have a: "a \<longrightarrow>* x" using Steps.intros by auto
+    from 2 have b: "x \<longrightarrow>* b" by simp
+    show ?case using Steps_concat[OF b a] .
+  qed
+qed
+
+lemma Steps_fwd_induct[consumes 1, case_names refl trans]:
+  assumes "a \<longrightarrow>* b"
+    and "\<And>x. P x x" "\<And>x y z. y \<longrightarrow>* z \<Longrightarrow> P y z \<Longrightarrow> Step x y \<Longrightarrow> P x z"
+  shows "P a b"
+proof -
+  from assms(1) obtain p where P: "path a p b" using Steps_path by blast
+  then show ?thesis
+  proof (induction a p b rule: path.induct)
+    case (1 a b)
+    then show ?case
+    proof (cases "a = b")
+      case True
+      then show ?thesis using assms(2) by simp
+    next
+      case False
+      then have 1: "Step a b" using 1 by simp
+      have 2: "b \<longrightarrow>* b" using Steps.refl by simp
+      show ?thesis using assms(3)[OF 2 assms(2) 1] .
+    qed
+  next
+    case (2 a x xs b)
+    then have 1: "P x b" by simp
+    from 2 have 3: "x \<longrightarrow>* b" using Steps_path by auto
+    from 2 have 4: "Step a x" by simp
+    show ?case using assms(3)[OF 3 1 4] .
+  qed
+qed
+
+lemma beta_equivalence: "\<lbrakk> e1 \<longrightarrow>* e1' ; e2 \<longrightarrow>* e2' ; e1 = e2 ; beta_nf e1' ; beta_nf e2' \<rbrakk> \<Longrightarrow> e1' = e2'"
+proof (induction e1 e1' arbitrary: e2 e2' rule: Steps_fwd_induct)
+  case (refl x)
+  then show ?case by simp
+next
+  case (trans x y z)
+  then show ?case by (metis Steps.simps Steps_path beta_same path.elims(2) Step_deterministic)
+qed
+
+end

Defs.thy

@@ -114,4 +114,4 @@ next
 qed (auto simp: eqvt_def subst_term_type_graph_aux_def)
 nominal_termination (eqvt) by lexicographic_order
 
-end
+end

Lemmas.thy

@@ -3,12 +3,12 @@ theory Lemmas
 begin
 
 (* atom x \<sharp> t' \<Longrightarrow> atom x \<sharp> subst t' x t *)
-lemma fresh_after_subst_term: "atom x \<sharp> e' \<Longrightarrow> atom x \<sharp> subst_term e' x e"
+lemma fresh_subst_term: "atom x \<sharp> e' \<Longrightarrow> atom x \<sharp> subst_term e' x e"
   by (nominal_induct e avoiding: x e' rule: term.strong_induct) auto
-lemma fresh_after_subst_type: "atom a \<sharp> \<tau> \<Longrightarrow> atom a \<sharp> subst_type \<tau> a \<sigma>"
+lemma fresh_subst_type: "atom a \<sharp> \<tau> \<Longrightarrow> atom a \<sharp> subst_type \<tau> a \<sigma>"
   by (nominal_induct \<sigma> avoiding: a \<tau> rule: \<tau>.strong_induct) auto
-lemma fresh_after_subst_term_type: "atom a \<sharp> \<tau> \<Longrightarrow> atom a \<sharp> subst_term_type \<tau> a e"
-  by (nominal_induct e avoiding: a \<tau> rule: term.strong_induct) (auto simp: fresh_after_subst_type)
+lemma fresh_subst_term_type: "atom a \<sharp> \<tau> \<Longrightarrow> atom a \<sharp> subst_term_type \<tau> a e"
+  by (nominal_induct e avoiding: a \<tau> rule: term.strong_induct) (auto simp: fresh_subst_type)
 
 (* atom c \<sharp> t \<Longrightarrow> subst t' x t = subst t' c ((x \<leftrightarrow> c) \<bullet> t) *)
 lemma subst_term_var_name: "atom c \<sharp> e \<Longrightarrow> subst_term e' x e = subst_term e' c ((x \<leftrightarrow> c) \<bullet> e)"
@@ -26,7 +26,7 @@ proof (nominal_induct e avoiding: c a \<tau> rule: term.strong_induct)
 next
   case (Let x \<tau>1 e1 e2)
   then show ?case
-    by (smt flip_def fresh_Pair fresh_at_base(2) list.set(1) list.set(2) singletonD subst_term_type.simps(7) subst_type_var_name swap_fresh_fresh term.fresh(7) term.perm_simps(7)) 
+    by (smt flip_def fresh_Pair fresh_at_base(2) list.set(1) list.set(2) singletonD subst_term_type.simps(7) subst_type_var_name swap_fresh_fresh term.fresh(7) term.perm_simps(7))
 qed (auto simp: flip_fresh_fresh fresh_at_base subst_type_var_name)
 
 (* [[atom a]]lst. t = [[atom a2]]lst. t2 \<Longrightarrow> subst t' a t = subst t' a2 t2 *)
@@ -45,4 +45,42 @@ lemma fresh_not_isin_var: "atom x \<sharp> \<Gamma> \<Longrightarrow> \<not>isin
   apply (induction \<Gamma>) apply simp
   by (metis (mono_tags, lifting) binder.fresh(1) binder.strong_exhaust fresh_Cons fresh_at_base(2) isin.simps(2) isin.simps(3))
 
-end
+(* atom x \<sharp> t \<Longrightarrow> subst t' x t = t *)
+lemma fresh_subst_term_same: "atom x \<sharp> e \<Longrightarrow> subst_term e' x e = e"
+proof (induction e' x e rule: subst_term.induct)
+  case (2 y e x \<tau> e2)
+  then show ?case using fresh_PairD(2) fresh_at_base(2) by fastforce
+next
+  case (7 y e x \<tau> e1 e2)
+  then show ?case using fresh_PairD(2) fresh_at_base(2) by fastforce
+qed auto
+
+lemma fresh_subst_type_same: "atom a \<sharp> \<sigma> \<Longrightarrow> subst_type \<tau> a \<sigma> = \<sigma>"
+proof (induction \<tau> a \<sigma> rule: subst_type.induct)
+  case (4 b \<tau> a \<sigma>)
+  then show ?case
+    using fresh_Pair fresh_at_base(2) fresh_def list.set(1) list.set(2) subst_type.simps(4) by fastforce
+qed auto
+
+lemma fresh_subst_term_type_same: "atom a \<sharp> e \<Longrightarrow> subst_term_type \<tau> a e = e"
+proof (induction \<tau> a e rule: subst_term_type.induct)
+  case (4 b \<tau> a e2)
+  then show ?case
+    by (simp add: "4.hyps" fresh_Pair fresh_at_base(2))
+qed (auto simp: fresh_subst_type_same)
+
+(* misc *)
+lemma fv_supp_subset: "fv_\<tau> \<tau> \<subseteq> supp \<tau>"
+  by (induction \<tau> rule: \<tau>.induct) (auto simp: \<tau>.supp \<tau>.fv_defs)
+
+lemma subst_type_order: "\<lbrakk> atom b \<sharp> \<tau>' ; atom b \<sharp> a \<rbrakk> \<Longrightarrow> subst_type \<tau>' a (subst_type \<tau> b \<sigma>') = subst_type (subst_type \<tau>' a \<tau>) b (subst_type \<tau>' a \<sigma>')"
+proof (nominal_induct \<sigma>' avoiding: a b \<tau> \<tau>' rule: \<tau>.strong_induct)
+case (TyVar x)
+  then show ?case using fresh_at_base(2) fresh_subst_type_same by auto
+next
+  case (TyForall x1 x2a)
+  then show ?case
+    by (smt flip_at_simps(1) flip_at_simps(2) flip_commute fresh_Pair fresh_subst_type fresh_subst_type_same subst_type.eqvt subst_type.simps(4) subst_type_var_name)
+qed (auto simp: fresh_subst_type)
+
+end

Nominal2_Lemmas.thy

@@ -62,4 +62,4 @@ proof -
   show ?thesis using 1 2 3 equal by argo
 qed
 
-end
+end

Semantics.thy

@@ -21,9 +21,16 @@ inductive Step :: "term \<Rightarrow> term \<Rightarrow> bool" ("_ \<longrightar
 equivariance Step
 nominal_inductive Step .
 
+inductive Steps :: "term \<Rightarrow> term \<Rightarrow> bool" (infix "\<longrightarrow>*" 70) where
+  refl: "e \<longrightarrow>* e"
+| trans: "\<lbrakk> e1 \<longrightarrow>* e2 ; e2 \<longrightarrow> e3 \<rbrakk> \<Longrightarrow> Steps e1 e3"
+
 definition beta_nf :: "term \<Rightarrow> bool" where
   "beta_nf e \<equiv> \<nexists>e'. e \<longrightarrow> e'"
 
+definition stuck :: "term \<Rightarrow> bool" where
+  "stuck e \<equiv> \<not>is_value e \<and> beta_nf e"
+
 lemma value_beta_nf: "is_value v \<Longrightarrow> beta_nf v"
   apply (cases v rule: term.exhaust)
   using Step.cases beta_nf_def by fastforce+
@@ -86,4 +93,4 @@ next
     using ST_AppTI value_beta_nf beta_nf_def by auto
 qed
 
-end
+end