(* * Copyright 2020, Data61, CSIRO (ABN 41 687 119 230) * * SPDX-License-Identifier: BSD-2-Clause *) theory Sep_Forward imports Extended_Separation_Algebra Sep_Util begin lemma sep_conj_sep_impl_spec: "\((Q -* R) \* P) h; \h. (Q -* R) h \ (P \* R') h\ \ R' h" by (metis (full_types) sep_conj_sep_impl2) method sep_invert = ((erule sep_septraction_snake | sep_erule (direct) sep_conj_sep_impl_spec), sep_flatten?; sep_invert?) lemma sep_conj_coimpl_cancel: "(P \* R) s \ (\s. Q s \ P s) \ precise P \ (\s. R s \ R' s) \ (Q \* R') s" apply (clarsimp simp: sep_conj_def sep_coimpl_def pred_neg_def) apply (clarsimp simp: precise_def) apply (erule_tac x=s in allE) apply (erule_tac x=x in allE) apply (erule_tac x=xa in allE) apply (clarsimp, drule mp) apply (intro conjI) apply (fastforce simp: sep_substate_def) apply (fastforce simp: sep_substate_def) apply (clarsimp) by (metis sep_add_cancelD sep_add_commute sep_disj_commuteI) lemma sep_conj_coimpl_cancel': "(P \* R) s \ (\s. P s \ Q s) \ precise Q \ (\s. R s \ R' s) \ (Q \* R') s" apply (clarsimp simp: sep_conj_def sep_coimpl_def pred_neg_def) apply (clarsimp simp: precise_def) apply (erule_tac x=s in allE) apply (erule_tac x=x in allE) apply (erule_tac x=xa in allE) apply (clarsimp, drule mp) apply (intro conjI) apply (fastforce simp: sep_substate_def) apply (fastforce simp: sep_substate_def) apply (clarsimp) by (metis sep_add_cancelD sep_add_commute sep_disj_commuteI) lemma sep_conj_coimpl_cancel'': "(\s. pred_imp P Q s) \ (P \* R) s \ precise Q \ (\s. R s \ R' s) \ (Q \* R') s" by (simp add: sep_conj_coimpl_cancel') lemma sep_conj_coimpl_cancel''': "(\s. pred_imp Q P s) \ (P \* R) s \ precise P \ (\s. R s \ R' s) \ (Q \* R') s" by (simp add: sep_conj_coimpl_cancel) lemma sep_coimpl_cancel': "(\s. pred_imp Q P s) \ (P \* R) s \ (\s. R s \ R' s) \ (Q \* R') s" by (metis pred_neg_def sep_coimpl_def sep_conj_def) definition "pointer P \ (\x y. \s R. (P x \* R) s \ (P y \* R and (\s. x = y)) s)" lemma sep_conj_pointer_coimpl_cancel: "(P x \* R) s \ pointer P \ (\s. R s \ y = x \ R' s) \ (P y \* R') s" apply (clarsimp simp: pointer_def) apply (erule_tac x=x in allE) apply (erule_tac x=y in allE) apply (erule_tac x=s in allE) apply (erule_tac x=R in allE) apply (clarsimp simp: pred_conj_def) apply (erule sep_coimpl_cancel'[rotated]; simp) done named_theorems precise method septract_cancel declares precise = ((sep_erule (direct) sep_cancel[simplified atomize_imp, THEN sep_conj_coimpl_cancel''], rule precise) | (sep_erule (direct) sep_cancel[simplified atomize_imp, THEN sep_conj_coimpl_cancel'''], rule precise) | erule sep_cancel[simplified atomize_imp, THEN sep_coimpl_cancel'] | (sep_erule (direct) sep_conj_pointer_coimpl_cancel , rule precise)) method abs_used for P = (match (P) in "\s. ?P" \ \fail\ \ _ \ \-\) method sep_lift = match conclusion in "(_ \* _) s" for s :: "_ :: sep_algebra" \ \((match premises in I[thin]: "P s" for P \ \abs_used P, rule sep_curry[where h=s and P=P, rotated, OF I]\))\ method sep_snake_uncurry = match conclusion in "(_ \* _) s" for s :: "_ :: sep_algebra" \ \((match premises in I[thin]: "P s" for P \ \abs_used P, rule sep_snake_septraction[where s=s and Q=P, OF I]\))\ lemma septract_impl_cancel: "(P -* Q) s \ (\s. Q s \ Q' s) \ strictly_exact P \ (P \* Q') s" apply (clarsimp simp: septraction_def sep_impl_def pred_neg_def strictly_exact_def) by (fastforce) method sep_forward = (sep_cancel | septract_cancel | sep_lift | sep_snake_uncurry ) method sep_forward_solve = (solves \sep_invert; (sep_forward) +\) method sep_cancel uses add = (Sep_Cancel.sep_cancel add: add | sep_lift) lemma septract_mp: "\(R' \* (R' -* R)) s; \s. R s \ (R' \* (R' \* R)) s; precise R'\ \ R s" apply (sep_invert) apply (atomize, erule allE, drule (1) mp) using precise_conj_coimpl by blast end