diff --git a/thys/Decreasing-Diagrams/Decreasing_Diagrams.thy b/thys/Decreasing-Diagrams/Decreasing_Diagrams.thy --- a/thys/Decreasing-Diagrams/Decreasing_Diagrams.thy +++ b/thys/Decreasing-Diagrams/Decreasing_Diagrams.thy @@ -1,1753 +1,1753 @@ (* Title: Formalization of Decreasing Diagrams Author: Harald Zankl , 2012 Maintainer: Harald Zankl , 2013 *) (* Copyright 2012 Harald Zankl This formalization is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This formalization is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with the formalization. If not, see . *) section "Decreasing Diagrams" theory Decreasing_Diagrams imports "HOL-Library.Multiset" "Abstract-Rewriting.Abstract_Rewriting" begin subsection \Valley Version\ text \This section follows~\cite{vO94}.\ subsubsection \Appendix\ text \interaction of multisets with sets\ definition diff :: "'a multiset \ 'a set \ 'a multiset" where "diff M S = filter_mset (\x. x \ S) M" definition intersect :: "'a multiset \ 'a set \ 'a multiset" where "intersect M S = filter_mset (\x. x \ S) M" notation diff (infixl "-s" 800) and intersect (infixl "\s" 800) lemma count_diff [simp]: "count (M -s A) a = count M a * of_bool (a \ A)" by (simp add: diff_def) lemma set_mset_diff [simp]: "set_mset (M -s A) = set_mset M - A" by (auto simp add: diff_def) lemma diff_eq_singleton_imp: "M -s A = {#a#} \ a \ (set_mset M - A)" unfolding diff_def filter_mset_eq_conv by auto lemma count_intersect [simp]: "count (M \s A) a = count M a * of_bool (a \ A)" by (simp add: intersect_def) lemma set_mset_intersect [simp]: "set_mset (M \s A) = set_mset M \ A" by (auto simp add: intersect_def) lemma diff_from_empty: "{#}-s S = {#}" unfolding diff_def by auto lemma diff_empty: "M -s {} = M" unfolding diff_def by (rule multiset_eqI) simp lemma submultiset_implies_subset: assumes "M \# N" shows "set_mset M \ set_mset N" using assms mset_subset_eqD by auto lemma subset_implies_remove_empty: assumes "set_mset M \ S" shows "M -s S = {#}" unfolding diff_def using assms by (induct M) auto lemma remove_empty_implies_subset: assumes "M -s S = {#}" shows "set_mset M \ S" proof fix x assume A: "x \ set_mset M" have "x \ set_mset (M -s S)" using assms by auto thus "x \ S" using A unfolding diff_def by auto qed lemma lemmaA_3_8: "(M + N) -s S = (M -s S) + (N -s S)" unfolding diff_def by (rule multiset_eqI) simp lemma lemmaA_3_9: "(M -s S) -s T = M -s (S \ T)" unfolding diff_def by (rule multiset_eqI) simp lemma lemmaA_3_10: "M = (M \s S) + (M -s S)" unfolding diff_def intersect_def by auto lemma lemmaA_3_11: "(M -s T) \s S = (M \s S) -s T" unfolding diff_def intersect_def by (rule multiset_eqI) simp subsubsection \Multisets\ text \Definition 2.5(1)\ definition ds :: "'a rel \ 'a set \ 'a set" where "ds r S = {y . \x \ S. (y,x) \ r}" definition dm :: "'a rel \ 'a multiset \ 'a set" where "dm r M = ds r (set_mset M)" definition dl :: "'a rel \ 'a list \ 'a set" where "dl r \ = ds r (set \)" notation ds (infixl "\s" 900) and dm (infixl "\m" 900) and dl (infixl "\l" 900) text \missing but useful\ lemma ds_ds_subseteq_ds: assumes t: "trans r" shows "ds r (ds r S) \ ds r S" proof fix x assume A: "x \ ds r (ds r S)" show "x \ ds r S" proof - from A obtain y z where "(x,y) \ r" and "(y,z) \ r" and mem: "z \ S" unfolding ds_def by auto thus ?thesis using mem t trans_def unfolding ds_def by fast qed qed text \from PhD thesis of van Oostrom\ lemma ds_monotone: assumes "S \ T" shows "ds r S \ ds r T" using assms unfolding ds_def by auto lemma subset_imp_ds_subset: assumes "trans r" and "S \ ds r T" shows "ds r S \ ds r T" using assms ds_monotone ds_ds_subseteq_ds by blast text \Definition 2.5(2)\ text \strict order (mult) is used from Multiset.thy\ definition mult_eq :: "'a rel \ 'a multiset rel" where "mult_eq r = (mult1 r)\<^sup>*" definition mul :: "'a rel \ 'a multiset rel" where "mul r = {(M,N).\I J K. M = I + K \ N = I + J \ set_mset K \ dm r J \ J \ {#}}" definition mul_eq :: "'a rel \ 'a multiset rel" where "mul_eq r = {(M,N).\I J K. M = I + K \ N = I + J \ set_mset K \ dm r J}" lemma in_mul_eqI: assumes "M = I + K" "N = I + J" "set_mset K \ r \m J" shows "(M, N) \ mul_eq r" using assms by (auto simp add: mul_eq_def) lemma downset_intro: assumes "\k\set_mset K.\j\set_mset J.(k,j)\r" shows "set_mset K \ dm r J" proof fix x assume "x\set_mset K" thus "x \ dm r J" using assms unfolding dm_def ds_def by fast qed lemma downset_elim: assumes "set_mset K \ dm r J" shows "\k\set_mset K.\j\set_mset J.(k,j)\r" proof fix k assume "k\ set_mset K" thus "\j\set_mset J.(k,j)\ r" using assms unfolding dm_def ds_def by fast qed text \to closure-free representation\ lemma mult_eq_implies_one_or_zero_step: assumes "trans r" and "(M,N) \ mult_eq r" shows "\I J K. N = I + J \ M = I + K \ set_mset K \ dm r J" proof (cases "(M,N) \ mult r") case True thus ?thesis using mult_implies_one_step[OF assms(1)] downset_intro by blast next case False hence A: "M = N" using assms rtrancl_eq_or_trancl unfolding mult_eq_def mult_def by metis hence "N = N + {#} \ M = M + {#} \ set_mset {#} \ dm r{#}" by auto thus ?thesis unfolding A by fast qed text \from closure-free representation\ lemma one_step_implies_mult_eq: assumes "trans r" and "set_mset K \ dm r J" shows "(I+K,I+J)\mult_eq r" proof (cases "set_mset J = {}") case True hence "set_mset K = {}" using assms downset_elim by (metis all_not_in_conv emptyE) thus ?thesis using True unfolding mult_eq_def by auto next case False hence h:"J \ {#}" using set_mset_eq_empty_iff by auto hence "(I+K,I+J)\ mult r" using set_mset_eq_empty_iff assms one_step_implies_mult downset_elim by auto blast thus ?thesis unfolding mult_eq_def mult_def by auto qed lemma mult_is_mul: assumes "trans r" shows "mult r = mul r" proof show "mult r \ mul r" proof fix N M assume A: "(N,M) \ mult r" show "(N,M) \ mul r" proof - obtain I J K where "M = I + J" and "N = I + K" and "J \ {#}" and "set_mset K \ dm r J" using mult_implies_one_step[OF assms A] downset_intro by metis thus ?thesis unfolding mul_def by auto qed qed next show "mul r \ mult r" proof fix N M assume A: "(N,M) \ mul r" show "(N,M) \ mult r" proof - obtain I J K where "M = I + J" and "N = I + K" and "J \ {#}" and "set_mset K \ dm r J" using A unfolding mul_def by auto thus ?thesis using one_step_implies_mult assms downset_elim by metis qed qed qed lemma mult_eq_is_mul_eq: assumes "trans r" shows "mult_eq r = mul_eq r" proof show "mult_eq r \ mul_eq r" proof fix N M assume A: "(N,M) \ mult_eq r" show "(N,M) \ mul_eq r" proof (cases "(N,M) \ mult r") case True thus ?thesis unfolding mult_is_mul[OF assms] mul_def mul_eq_def by auto next case False hence eq: "N = M" using A rtranclD unfolding mult_def mult_eq_def by metis hence "M = M + {#} \ N = N + {#} \ set_mset {#} \ dm r {#}" by auto thus ?thesis unfolding eq unfolding mul_eq_def by fast qed qed show "mul_eq r \ mult_eq r" using one_step_implies_mult_eq[OF assms] unfolding mul_eq_def by auto qed lemma "mul_eq r = (mul r)\<^sup>=" proof show "mul_eq r \ (mul r)\<^sup>=" proof fix M N assume A:"(M,N) \ mul_eq r" show "(M,N) \ (mul r)\<^sup>=" proof - from A obtain I J K where 1: "M = I + K" and 2: "N = I + J" and 3: "set_mset K \ dm r J" unfolding mul_eq_def by auto show ?thesis proof (cases "J = {#}") case True hence "K = {#}" using 3 unfolding dm_def ds_def by auto hence "M = N" using True 1 2 by auto thus ?thesis by auto next case False thus ?thesis using 1 2 3 unfolding mul_def mul_eq_def by auto qed qed qed show "mul_eq r \ (mul r)\<^sup>=" proof fix M N assume A:"(M,N) \ (mul r)\<^sup>=" show "(M,N) \ mul_eq r" proof (cases "M = N") case True hence "M = M + {#}" and "N = M + {#}" and "set_mset {#} \ dm r {#}" by auto thus ?thesis unfolding mul_eq_def by fast next case False hence "(M,N) \ mul r" using A by auto thus ?thesis unfolding mul_def mul_eq_def by auto qed qed qed text\useful properties on multisets\ lemma mul_eq_reflexive: "(M,M) \ mul_eq r" proof - have "M = M + {#}" and "set_mset {#} \ dm r {#}" by auto thus ?thesis unfolding mul_eq_def by fast qed lemma mul_eq_trans: assumes "trans r" and "(M,N) \ mul_eq r" and "(N,P) \ mul_eq r" shows "(M,P) \ mul_eq r" using assms unfolding mult_eq_is_mul_eq[symmetric,OF assms(1)] mult_eq_def by auto lemma mul_eq_singleton: assumes "(M, {#\#}) \ mul_eq r" shows "M = {#\#} \ set_mset M \ dm r {#\#}" proof - from assms obtain I J K where 1:"M = I + K" and 2:"{#\#} = I + J" and 3:"set_mset K \ dm r J" unfolding mul_eq_def by auto thus ?thesis proof (cases "I = {#}") case True hence "J = {#\#}" using 2 by auto thus ?thesis using 1 3 True by auto next case False hence i: "I = {#\#}" using 2 union_is_single by metis hence "J = {#}" using 2 union_is_single by metis thus ?thesis using 1 i 3 unfolding dm_def ds_def by auto qed qed lemma mul_and_mul_eq_imp_mul: assumes "trans r" and "(M,N) \ mul r" and "(N,P) \ mul_eq r" shows "(M,P) \ mul r" using assms unfolding mult_is_mul[symmetric,OF assms(1)] mult_eq_is_mul_eq[symmetric,OF assms(1)] mult_def mult_eq_def by auto lemma mul_eq_and_mul_imp_mul: assumes "trans r" and "(M,N) \ mul_eq r" and "(N,P) \ mul r" shows "(M,P) \ mul r" using assms unfolding mult_is_mul[symmetric,OF assms(1)] mult_eq_is_mul_eq[symmetric,OF assms(1)] mult_def mult_eq_def by auto lemma wf_mul: assumes "trans r" and "wf r" shows "wf (mul r)" unfolding mult_is_mul[symmetric,OF assms(1)] using wf_mult[OF assms(2)] by auto lemma remove_is_empty_imp_mul: assumes "M -s dm r {#\#} = {#}" shows "(M,{#\#}) \ mul r" proof - from assms have C: "set_mset M \ dm r {#\#}" by (metis remove_empty_implies_subset) have "M = {#}+M" and "{#\#}={#}+{#\#}" and "{#\#} \ {#}" by auto thus ?thesis using C unfolding mul_def by fast qed text \Lemma 2.6\ lemma lemma2_6_1_set: "ds r (S \ T) = ds r S \ ds r T" unfolding set_mset_union ds_def by auto lemma lemma2_6_1_list: "dl r (\@\) = dl r \ \ dl r \" unfolding dl_def ds_def set_append by auto lemma lemma2_6_1_multiset: "dm r (M + N) = dm r M \ dm r N" unfolding dm_def set_mset_union ds_def by auto lemma lemma2_6_1_diff: "(dm r M) - ds r S \ dm r (M -s S)" unfolding diff_def dm_def ds_def by (rule subsetI) auto text \missing but useful\ lemma dl_monotone: "dl r (\@\) \ dl r (\@\'@\)" unfolding lemma2_6_1_list by auto text \Lemma 2.6.2\ lemma lemma2_6_2_a: assumes t: "trans r" and "M \# N" shows "(M,N) \ mul_eq r" proof - from assms(2) obtain J where "N=M+J" by (metis assms(2) mset_subset_eq_exists_conv) hence "M = M + {#}" and "N = M + J" and "set_mset {#} \ dm r J" by auto thus ?thesis unfolding mul_eq_def by fast qed lemma mul_eq_not_equal_imp_elt: assumes "(M,N)\mul_eq r" and "y\set_mset M - set_mset N" shows "\z\set_mset N.(y,z)\r" proof - from assms obtain I J K where "N=I+J" and "M=I+K" and F3:"set_mset K \ dm r J" unfolding mul_eq_def by auto thus ?thesis using assms(2) downset_elim[OF F3] by auto qed lemma lemma2_6_2_b: assumes "trans r" and "(M,N) \ mul_eq r" shows "dm r M \ dm r N" proof fix x assume A: "x \ dm r M" show "x \ dm r N" proof - from A obtain y where F2:"y\set_mset M" and F3:"(x,y)\r" unfolding dm_def ds_def by auto hence "\ z \ set_mset N. (x,z)\r" proof (cases "y\set_mset N") case True thus ?thesis using F3 unfolding ds_def by auto next case False thus ?thesis using mul_eq_not_equal_imp_elt assms F2 F3 trans_def by fast qed thus ?thesis unfolding dm_def ds_def by auto qed qed text \Lemma 2.6.3\ lemma ds_trans_contrapos: assumes t: "trans r" and "x \ ds r S" and "(x,y) \ r" shows "y \ ds r S" using assms unfolding ds_def trans_def by fast lemma dm_max_elt: assumes i: "irrefl r" and t: "trans r" shows "x \ dm r M \ \ y \ set_mset (M -s dm r M). (x,y) \ r" proof (induct M arbitrary: x) case empty thus ?case unfolding dm_def ds_def by auto next case (add p P) hence mem: "x \ (dm r P \ dm r {#p#})" unfolding dm_def ds_def by auto from i t have not_mem_dm: "p \ dm r {#p#}" unfolding dm_def ds_def irrefl_def by auto thus ?case proof (cases "x \ dm r P") case False hence relp: "(x,p) \ r" using mem unfolding dm_def ds_def by auto show ?thesis proof (cases "p \ dm r P") case True thus ?thesis using relp t ds_trans_contrapos False unfolding dm_def by fast next case False thus ?thesis using not_mem_dm relp unfolding dm_def ds_def diff_def by auto qed next case True obtain y where key: "y \ set_mset P" "y \ dm r P" "(x,y) \ r" using add(1)[OF True] unfolding diff_def by auto thus ?thesis proof (cases "y \ dm r {#p#}") case True hence rely: "(y,p) \ r" unfolding dm_def ds_def by auto hence relp: "(x,p) \ r" using rely t key trans_def by metis have not_memp: "p \ set_mset P" using rely key unfolding dm_def ds_def by auto have memp: "p \ set_mset (P + {#p#})" by auto have "p \ dm r P" using ds_trans_contrapos[OF t] key(2) rely unfolding dm_def by auto hence "p \ dm r (P + {#p#})" using not_mem_dm unfolding dm_def ds_def by auto thus ?thesis using relp unfolding diff_def by auto next case False thus ?thesis using key unfolding dm_def ds_def diff_def by auto qed qed qed lemma dm_subset: assumes i:"irrefl r" and t: "trans r" shows "dm r M \ dm r (M -s dm r M)" using assms dm_max_elt unfolding dm_def ds_def by fast lemma dm_eq: assumes i:"irrefl r" and t: "trans r" shows "dm r M = dm r (M -s dm r M)" using dm_subset[OF assms] unfolding dm_def ds_def diff_def by auto lemma lemma2_6_3: assumes t:"trans r" and i:"irrefl r" and "(M,N) \ mul_eq r" shows "\ I' J' K' . N = I' + J' \ M = I' + K' \ J' \# K' = {#} \ set_mset K' \ dm r J'" proof - from assms obtain I J K where 1:"N = I + J" and 2:"M = I + K" and 3:"set_mset K \ dm r J" unfolding mul_eq_def by auto have "set_mset (J \# K) \ r \m J" using 3 by auto then obtain A where "r \m J = set_mset (J \# K) \ A" by blast then have key: "set_mset (J -s dm r J) \ set_mset (J - (J \# K))" by clarsimp (metis Multiset.count_diff add.left_neutral add_diff_cancel_left' mem_Collect_eq not_gr0 set_mset_def) from 1 2 3 have "N = (I + (J \# K)) + (J - (J \# K))" by (metis diff_union_cancelL subset_mset.inf_le2 multiset_diff_union_assoc multiset_inter_commute union_commute union_lcomm) moreover have "M = (I + (J \# K)) + (K - (J \# K))" by (rule multiset_eqI) (simp add: 2) moreover have "set_mset (K-(J\#K)) \ dm r (J-(J\#K))" proof - have "set_mset (K-(J\#K)) \ dm r J" using 3 by (meson Multiset.diff_subset_eq_self mset_subset_eqD subset_eq) moreover have "... = dm r (J -s dm r J)" using dm_eq[OF i t] by auto moreover have "... \ dm r (J - (J \# K))" using ds_monotone[OF key] unfolding dm_def by auto ultimately show ?thesis by auto qed moreover have "(J-(J\#K)) \# (K-(J\#K)) = {#}" by (rule multiset_eqI) auto ultimately show ?thesis by auto qed (* (* initial proof by Bertram Felgenhauer *) lemma lemma2_6_3_step: assumes t:"trans r" and i:"irrefl r" and P:"set_mset K \ dm r J" shows "set_mset (K-(J\#K)) \ dm r (J-(J\#K))" proof fix k assume K: "k \ set_mset (K - (J\#K))" show "k \ dm r (J - (J\#K))" proof - have k: "k \# K" using K by simp have step: "k \ dm r (J-K)" proof - { fix P have "P \ K \ k \ dm r (J-P)" using k proof (induct P arbitrary:k rule:multiset_induct) case empty thus ?case using P by auto next case (add Q q) have h1: "q \# K" and h2: "Q \ K" using mset_subset_eq_insertD[OF add(2)] by auto obtain j where mem1: "j\set_mset (J - Q)" and rel1: "(k, j) \ r" using add(1)[OF h2 add(3)] unfolding dm_def ds_def by auto show ?case proof (cases "j \# J - (Q + {#q#})") case True thus ?thesis using rel1 unfolding dm_def ds_def by force next case False hence eq: "q = j" using mem1 by (cases "q = j") auto obtain j2 where mem2: "j2\set_mset (J - Q)" and rel2: "(j, j2) \ r" using eq add(1)[OF h2 h1] unfolding dm_def ds_def by auto have rel: "(k,j2) \ r" using transD[OF assms(1) rel1 rel2] by auto have "j2 \ q" using rel2 eq i irrefl_def by fast thus ?thesis using rel mem2 unfolding dm_def ds_def by (cases "j2=k") auto qed qed } thus ?thesis by auto qed have eq: "J - K = J - (J \# K)" by (rule multiset_eqI) auto show ?thesis using step unfolding eq dm_def ds_def by auto qed qed lemma lemma2_6_3: assumes t: "trans r" and i: "irrefl r" and "(M,N) \ mul_eq r" shows "\ I J K. N = I + J \ M = I + K \ J\#K = {#} \ set_mset K \ dm r J" proof - from assms(1,3) obtain I J K where f1:"N = I + J" and f2:"M = I + K" and f3:"set_mset K \ dm r J" unfolding mul_eq_def by fast hence "N = (I + (J \# K)) + (J - (J \# K))" by (metis diff_union_cancelL inf_le2 multiset_diff_union_assoc multiset_inter_commute union_commute union_lcomm) moreover have "M = (I + (J \# K)) + (K - (J \# K))" by (metis diff_le_self diff_union_cancelL f1 f2 f3 multiset_diff_union_assoc multiset_inter_commute multiset_inter_def union_assoc) moreover have "(J-(J\#K)) \# (K-(J\#K)) = {#}" by (rule multiset_eqI) auto ultimately show ?thesis using lemma2_6_3_step[OF t i f3] by auto qed *) text \Lemma 2.6.4\ lemma lemma2_6_4: assumes t: "trans r" and "N \ {#}" and "set_mset M \ dm r N" shows "(M,N) \ mul r" proof - have "M = {#} + M" and "N = {#} + N" using assms by auto thus ?thesis using assms(2,3) unfolding mul_def by fast qed lemma lemma2_6_5_a: assumes t: "trans r" and "ds r S \ S" and "(M,N) \ mul_eq r" shows "(M -s S, N -s S) \ mul_eq r" proof - from assms(1,3) obtain I J K where a: "N=I+J" and b:"M=I+K" and c:"set_mset K \ dm r J" unfolding mul_eq_def by best from a b have "M -s S = I -s S + K -s S" "N -s S = I -s S + J -s S" by (auto simp add: lemmaA_3_8) moreover have "set_mset (K-sS) \ dm r (J-sS)" proof - have "set_mset (K-sS) \ set_mset (K-s (ds r S))" using assms(2) unfolding diff_def by auto moreover have "set_mset(K-s (ds r S)) \ (dm r J) - (ds r S)" using c unfolding diff_def by auto moreover have "(dm r J) - (ds r S) \ dm r (J -s S)" using lemma2_6_1_diff by fast ultimately show ?thesis by auto qed ultimately show ?thesis by (rule in_mul_eqI) qed lemma lemma2_6_5_a': assumes t:"trans r" and "(M,N) \ mul_eq r" shows "(M -s ds r S, N -s ds r S) \ mul_eq r" using assms lemma2_6_5_a[OF t] ds_ds_subseteq_ds[OF t] by auto text \Lemma 2.6.6\ lemma lemma2_6_6_a: assumes t: "trans r" and "(M,N) \ mul_eq r" shows "(Q + M,Q + N) \ mul_eq r" proof - obtain I J K where A:"Q+N=(Q+I)+J" and B:"Q+M=(Q+I)+K" and C:"set_mset K \ dm r J" using assms(2) unfolding mul_eq_def by auto thus ?thesis using C unfolding mul_eq_def by blast qed lemma add_left_one: assumes "\ I J K. add_mset q N = I + J \ add_mset q M = I + K \ (J\#K={#}) \ set_mset K \ dm r J" shows "\ I2 J K. N = I2 + J \ M = I2 + K \ set_mset K \ dm r J" proof - from assms obtain I J K where A: "{#q#} + N = I + J" and B:"{#q#} + M = I + K" and C:"(J \# K = {#})" and D:"set_mset K \ dm r J" by auto have "q\#I" proof (cases "q \# I") case True thus ?thesis by auto next case False have "q \# J" using False A by (metis UnE multi_member_this set_mset_union) moreover have "q \# K" using False B by (metis UnE multi_member_this set_mset_union) moreover have "\ q \# (J \# K)" using C by auto ultimately show ?thesis by auto qed hence "\ I2. I = add_mset q I2" by (metis multi_member_split) hence "\ I2. add_mset q N = (add_mset q I2) + J \ add_mset q M = (add_mset q I2) + K" using A B by auto thus ?thesis using D by auto qed lemma lemma2_6_6_b_one : assumes "trans r" and "irrefl r" and "(add_mset q M, add_mset q N) \ mul_eq r" shows "(M,N) \ mul_eq r" using add_left_one[OF lemma2_6_3[OF assms]] unfolding mul_eq_def by auto lemma lemma2_6_6_b' : assumes "trans r" and i: "irrefl r" and "(Q + M, Q + N) \ mul_eq r" shows "(M,N) \ mul_eq r" using assms(3) proof (induct Q arbitrary: M N) case empty thus ?case by auto next case (add q Q) thus ?case unfolding union_assoc using lemma2_6_6_b_one[OF assms(1,2)] by (metis union_mset_add_mset_left) qed lemma lemma2_6_9: assumes t: "trans r" and "(M,N) \ mul r" shows "(Q+M,Q+N) \ mul r" proof - obtain I J K where F1:"N = I + J" and F2:"M = I + K"and F3:"set_mset K \ dm r J" and F4:"J \ {#}" using assms unfolding mul_def by auto have "Q+N=Q+I+J" and "Q+M=Q+I+K" by (auto simp: F1 F2 union_commute union_lcomm) thus ?thesis using assms(1) F3 F4 unfolding mul_def by blast qed text \Lemma 2.6.7\ lemma lemma2_6_7_a: assumes t: "trans r" and "set_mset Q \ dm r N - dm r M" and "(M,N) \ mul_eq r" shows "(Q+M,N) \ mul_eq r" proof - obtain I J K where A: "N=I+J" and B:"M=I+K" and C:"set_mset K \ dm r J" using assms unfolding mul_eq_def by auto hence "set_mset(Q+K) \ dm r J" using assms lemma2_6_1_diff unfolding dm_def ds_def by auto hence "(I+(Q+K),I+J) \ mul_eq r" unfolding mul_eq_def by fast thus ?thesis using A B C union_assoc union_commute by metis qed text \missing?; similar to lemma\_2.6.2?\ lemma lemma2_6_8: assumes t: "trans r" and "S \ T" shows "(M -s T,M -s S) \ mul_eq r" proof - from assms(2) have "(M -s T) \# (M -s S)" by (metis Un_absorb2 Un_commute lemmaA_3_10 lemmaA_3_9 mset_subset_eq_add_right) thus ?thesis using lemma2_6_2_a[OF t] by auto qed subsubsection \Lexicographic maximum measure\ text \Def 3.1: lexicographic maximum measure\ fun lexmax :: "'a rel \ 'a list \ 'a multiset" where "lexmax r [] = {#}" | "lexmax r (\#\) = {#\#} + (lexmax r \ -s ds r {\})" notation lexmax ("_|_|" [1000] 1000) lemma lexmax_singleton: "r|[\]| = {#\#}" unfolding lexmax.simps diff_def by simp text \Lemma 3.2\ text \Lemma 3.2(1)\ lemma lemma3_2_1: assumes t: "trans r" shows "r \m r|\| = r \l \" proof (induct \) case Nil show ?case unfolding dm_def dl_def by auto next case (Cons \ \) have "dm r {#\#} \ dm r (r|\| -s ds r {\}) = dm r {#\#} \ dl r \" (is "?L = ?R") proof - have "?L \ ?R" unfolding Cons[symmetric] diff_def dm_def ds_def by auto moreover have "?R \ ?L" proof fix x assume A: "x \ ?R" show "x \ ?L" proof (cases "x \ dm r {#\#}") case True thus ?thesis by auto next case False hence mem: "x \ dm r (lexmax r \)" using A Cons by auto have "x \ (ds r (ds r {\}))" using False ds_ds_subseteq_ds[OF t] unfolding dm_def by auto thus ?thesis using mem lemma2_6_1_diff by fast qed qed ultimately show ?thesis by auto qed thus ?case unfolding lemma2_6_1_multiset lexmax.simps dl_def dm_def ds_def by auto qed text \Lemma 3.2(2)\ lemma lemma3_2_2: "r|\@\| = r|\| + (r|\| -s r \l \)" proof(induct \) case Nil thus ?case unfolding dl_def ds_def lexmax.simps apply auto unfolding diff_empty by auto next case (Cons \ \) have "lexmax r (\#\@\) = {#\#} + ((lexmax r (\@\)) -s (ds r {\}))" by auto moreover have "\ = {#\#} + ((lexmax r \ + ((lexmax r \) -s (dl r \))) -s (ds r {\}))" using Cons by auto moreover have "\ = {#\#} + ((lexmax r \) -s (ds r {\})) + (((lexmax r \) -s (dl r \)) -s (ds r {\}))" unfolding lemmaA_3_8 unfolding union_assoc by auto moreover have "\ = lexmax r (\#\) + (((lexmax r \) -s (dl r \)) -s (ds r {\}))" by simp moreover have "\ = lexmax r (\#\) + ((lexmax r \) -s (dl r (\#\)))" unfolding lemmaA_3_9 dl_def dm_def lemma2_6_1_set[symmetric] by auto ultimately show ?case unfolding diff_def by simp qed text \Definition 3.3\ definition D :: "'a rel \ 'a list \ 'a list \ 'a list \ 'a list \ bool" where "D r \ \ \' \' = ((r|\@\'|, r|\| + r|\| ) \ mul_eq r \ (r|\@\'|, r|\| + r|\| ) \ mul_eq r)" lemma D_eq: assumes "trans r" and "irrefl r" and "D r \ \ \' \'" shows "(r|\'| -s dl r \,r|\| ) \ mul_eq r" and "(r|\'| -s dl r \,r|\| ) \ mul_eq r" using assms unfolding D_def lemma3_2_2 using union_commute lemma2_6_6_b' apply metis using assms unfolding D_def lemma3_2_2 using union_commute lemma2_6_6_b' by metis lemma D_inv: assumes "trans r" and "irrefl r" and "(r|\'| -s dl r \,r|\| ) \ mul_eq r" and "(r|\'| -s dl r \,r|\| ) \ mul_eq r" shows "D r \ \ \' \'" using assms unfolding D_def lemma3_2_2 using lemma2_6_6_a[OF assms(1)] union_commute by metis lemma D: assumes "trans r" and "irrefl r" shows "D r \ \ \' \' = ((r|\'| -s dl r \,r|\| ) \ mul_eq r \ (r|\'| -s dl r \,r|\| ) \ mul_eq r)" using assms D_eq D_inv by auto lemma mirror_D: assumes "trans r" and "irrefl r" and "D r \ \ \' \'" shows "D r \ \ \' \'" using assms D by metis text \Proposition 3.4\ definition LD_1' :: "'a rel \ 'a \ 'a \ 'a list \ 'a list \ 'a list \ bool" where "LD_1' r \ \ \1 \2 \3 = (set \1 \ ds r {\} \ length \2 \ 1 \ set \2 \ {\} \ set \3 \ ds r {\,\})" definition LD' :: "'a rel \ 'a \ 'a \ 'a list \ 'a list \ 'a list \ 'a list \ 'a list \ 'a list \ bool" where "LD' r \ \ \1 \2 \3 \1 \2 \3 = (LD_1' r \ \ \1 \2 \3 \ LD_1' r \ \ \1 \2 \3)" text \auxiliary properties on multisets\ lemma lexmax_le_multiset: assumes t:"trans r" shows "r|\| \# mset \" proof (induct "\") case Nil thus ?case unfolding lexmax.simps by auto next case (Cons s \) hence "lexmax r \ -s ds r {s} \# mset \" using lemmaA_3_10 mset_subset_eq_add_right subset_mset.order_trans by metis thus ?case by simp qed lemma split: assumes "LD_1' r \ \ \1 \2 \3" shows "\2 = [] \ \2 = [\]" using assms unfolding LD_1'_def by (cases \2) auto lemma proposition3_4_step: assumes "trans r" and "irrefl r" and "LD_1' r \ \ \1 \2 \3" shows "(r|\1@\2@\3| -s (dm r {#\#}), r|[\]| ) \ mul_eq r" proof - from assms have "set \1 \ dm r {#\#}" unfolding LD'_def LD_1'_def dm_def by auto hence "set_mset (lexmax r \1) \ dm r {#\#}" using submultiset_implies_subset[OF lexmax_le_multiset[OF assms(1)]] by auto hence one: "lexmax r \1 -s dm r {#\#} = {#}" using subset_implies_remove_empty by auto from assms have "set \3 \ dl r \2 \ dl r \1 \ dm r {#\#} \ dm r {#\#}" (is "?l \ ?r") unfolding LD'_def LD_1'_def dm_def ds_def by auto hence "set_mset (lexmax r \3) \ ?r " using submultiset_implies_subset[OF lexmax_le_multiset[OF assms(1)]] by auto hence pre3: "lexmax r \3 -s ?r = {#}" using subset_implies_remove_empty by auto show ?thesis proof (cases "\2 = []") case True hence two:"(lexmax r \2 -s dl r \1) -s dm r {#\#} = {#}" unfolding diff_def by auto from pre3 have "(((lexmax r \3 -s dl r \2) -s dl r \1) -s dm r {#\#}) -s dm r {#\#} = {#}" unfolding True dl_def lemmaA_3_9 by auto hence three:"(((lexmax r \3 -s dl r \2) -s dl r \1) -s dm r {#\#},{#\#}) \ mul r" using remove_is_empty_imp_mul by metis show ?thesis using three unfolding lemma3_2_2 lexmax_singleton lemmaA_3_8 one two mul_def mul_eq_def by auto next case False hence eq: "\2 = [\]" using split[OF assms(3)] by fast have two: "((lexmax r \2 -s dl r \1) -s dm r {#\#},{#\#}) \ mul_eq r" using lemma2_6_8[OF assms(1) empty_subsetI] unfolding eq lexmax.simps diff_from_empty lemmaA_3_9 diff_empty by auto from pre3 have "lexmax r \3 -s ((dl r \2 \ dm r {#\#}) \ dl r \1 \ dm r {#\#}) = {#}" unfolding eq lemmaA_3_9 using Un_assoc Un_commute by metis hence three: "((lexmax r \3 -s dl r \2) -s dl r \1) -s dm r {#\#} = {#}" using Un_absorb unfolding lemmaA_3_9 eq dm_def dl_def by auto show ?thesis unfolding lemma3_2_2 lexmax_singleton lemmaA_3_8 one three using two by auto qed qed lemma proposition3_4: assumes t: "trans r" and i: "irrefl r" and ld: "LD' r \ \ \1 \2 \3 \1 \2 \3" shows "D r [\] [\] (\1@\2@\3) (\1@\2@\3)" using proposition3_4_step[OF t i] ld unfolding LD'_def D[OF assms(1,2)] dl_def dm_def by auto (*reverse direction*) lemma lexmax_decompose: assumes "\ \# r|\|" shows "\\1 \3. (\=\1@[\]@\3 \ \ \ dl r \1)" using assms proof (induct \) case Nil thus ?case by auto next case (Cons \ as) thus ?case proof (cases "\=\") case True from this obtain \1 \3 where dec: "\#as = \1@[\]@\3" and empty: "\1 = []" by auto hence "\ \ dl r \1" unfolding dl_def ds_def by auto thus ?thesis using dec by auto next case False hence "\ \# r|as|-s ds r {\}" using Cons(2) by auto hence x: "\ \# r|as| \ \ \ ds r {\}" by simp from this obtain \1 \3 where "as = \1 @ [\] @ \3" and w: "\ \ dl r \1" using Cons(1) by auto hence "\#as = (\#\1) @ [\] @ \3" and "\ \ dl r (\#\1)" using x w unfolding dm_def dl_def ds_def by auto thus ?thesis by fast qed qed lemma lexmax_elt: assumes "trans r" and "x \ (set \)" and "x \ set_mset r|\|" shows "\y. (x,y) \ r \ y \ set_mset r|\|" using assms(2,3) proof (induct \) case Nil thus ?case by auto next case (Cons a as) thus ?case proof (cases "x \ set_mset r|as|") case True from Cons True obtain y where s: "(x, y) \ r \ y \ set_mset r|as|" by auto thus ?thesis proof (cases "y \ ds r {a}") case True thus ?thesis using transD[OF assms(1)] s unfolding dm_def ds_def by auto next case False thus ?thesis using s unfolding lexmax.simps diff_def by auto qed next case False thus ?thesis using Cons unfolding diff_def dm_def ds_def lexmax.simps by auto qed qed lemma lexmax_set: assumes "trans r" and "set_mset r|\| \ r \s S" shows "set \ \ r \s S" proof fix x assume A: "x \ set \" show "x \ ds r S" proof (cases "x \ set_mset r|\|") case True thus ?thesis using assms by auto next case False from lexmax_elt[OF assms(1) A False] obtain y where rel: "(x,y) \ r \ y \ set_mset r|\|" by auto hence "y \ ds r S" using assms by auto thus ?thesis using rel assms transD unfolding dm_def ds_def by fast qed qed lemma drop_left_mult_eq: assumes "trans r" and "irrefl r" and "(N+M,M) \ mul_eq r" shows "N = {#}" proof - have "(M+N,M+{#}) \ mul_eq r" using assms(3) apply auto using union_commute by metis hence k:"(N,{#}) \ mul_eq r" using lemma2_6_6_b'[OF assms(1,2)] by fast from this obtain I J K where "{#} = I + J \ N = I + K \ set_mset K \ dm r J" unfolding mul_eq_def by fast thus ?thesis unfolding dm_def ds_def by auto qed text \generalized to lists\ lemma proposition3_4_inv_lists: assumes t: "trans r" and i: "irrefl r" and k:"(r|\| -s r \l \, {#\#}) \ mul_eq r" (is "(?M,_) \ _") shows "\ \1 \2 \3. ((\ = \1@\2@\3) \ set \1 \ dl r \ \ length \2 \ 1 \ set \2 \ {\}) \ set \3 \ dl r (\#\)" proof (cases "\ \# ?M") case True hence "\ \# r|\|" by simp from this obtain \1 \3 where sigma: "\=\1@[\]@\3" and alpha: "\ \ dl r \1" using lexmax_decompose by metis hence dec: "((r|\1|-sdl r \) + (r|[\]|-s (dl r \1 \ dl r \)) + (r|\3| -s (dl r [\] \ dl r \1 \ dl r \)), {#\#}) \ mul_eq r" (is "(?M1 + ?M2 + ?M3,_) \ _") using k unfolding sigma lemma3_2_2 lemmaA_3_8 lemmaA_3_9 LD_1'_def union_assoc by auto from True have key: "\ \ dl r \" by simp hence "?M2 = {#\#}" unfolding lexmax_singleton diff_def using alpha by auto hence "(?M1+?M3 + {#\#},{#\#}) \ mul_eq r" using dec union_assoc union_commute by metis hence w: "?M1+?M3 = {#}" using drop_left_mult_eq assms(1,2) by blast from w have "(r|\1|-sdl r \) = {#}" by auto hence "set_mset r|\1| \ ds r (set \)" using remove_empty_implies_subset unfolding dl_def dm_def by auto hence sigma1: "set \1 \ ds r (set \)" using lexmax_set[OF assms(1)] by auto have sigma2: "length [\] \ 1 \ set [\] \ {\}" by auto have sub:"dl r \1 \ dl r \" using subset_imp_ds_subset[OF assms(1) sigma1] unfolding dm_def dl_def by auto hence sub2: "dl r \1 \ dl r \ = dl r \" by auto from w have "?M3 = {#}" by auto hence "r|\3|-s (ds r {\} \ ds r (set \)) = {#}" unfolding Un_assoc sub2 unfolding dl_def by auto hence "r|\3|-s (ds r ({\} \ (set \))) = {#}" unfolding lemma2_6_1_set[symmetric] by metis hence "set_mset r|\3| \ ds r ({\} \ (set \))" using remove_empty_implies_subset by auto hence sigma3: "set \3 \ ds r ({\} \ (set \))" using lexmax_set[OF assms(1)] by auto show ?thesis using sigma sigma1 sigma2 sigma3 unfolding dl_def apply auto by (metis One_nat_def append_Cons append_Nil sigma2) next case False hence "set_mset ?M \ dm r {#\#}" using mul_eq_singleton[OF k] by (auto dest: diff_eq_singleton_imp) hence "set_mset r|\| \ ds r ({\} \ (set \))" unfolding diff_def dm_def dl_def ds_def by auto hence "set \ \ ds r ({\} \ (set \))" using lexmax_set[OF assms(1)] by auto thus ?thesis unfolding dl_def apply auto by (metis append_Nil bot_least empty_set le0 length_0_conv) qed lemma proposition3_4_inv_step: assumes t: "trans r" and i: "irrefl r" and k:"(r|\| -s r \l [\], {#\#}) \ mul_eq r" (is "(?M,_) \ _") shows "\ \1 \2 \3. ((\ = \1@\2@\3) \ LD_1' r \ \ \1 \2 \3)" using proposition3_4_inv_lists[OF assms] unfolding LD_1'_def dl_def by auto lemma proposition3_4_inv: assumes t: "trans r" and i: "irrefl r" and "D r [\] [\] \ \" shows "\ \1 \2 \3 \1 \2 \3. (\ = \1@\2@\3 \ \ = \1@\2@\3 \ LD' r \ \ \1 \2 \3 \1 \2 \3)" using proposition3_4_inv_step[OF assms(1,2)] D_eq[OF assms] unfolding lexmax_singleton LD'_def by metis text \Lemma 3.5\ lemma lemma3_5_1: assumes t: "trans r" and "irrefl r" and "D r \ \ \' \'" and "D r \ \' \'' \'" shows "(lexmax r (\ @ \ @ \''), lexmax r (\ @ \) + lexmax r \) \ mul_eq r" proof - have "lexmax r (\ @ \ @ \'') = (lexmax r (\ @ \) + ((lexmax r \'') -s (dl r (\@\))))" unfolding append_assoc[symmetric] using lemma3_2_2 by fast moreover have x:"\ = lexmax r (\@\) + (((lexmax r \'') -s dl r \) -s dl r \)" by (auto simp: lemma2_6_1_list lemmaA_3_9 Un_commute) moreover have "(\,lexmax r (\@\) + (lexmax r \' -s dl r \)) \ mul_eq r" (is "(_,?R) \ _") using lemma2_6_6_a[OF t lemma2_6_5_a'[OF t D_eq(2)[OF assms(1,2,4)]]] unfolding dl_def by auto moreover have "(?R,lexmax r (\@\) + lexmax r \) \ mul_eq r" using lemma2_6_6_a[OF t D_eq(2)[OF assms(1-3)]] by auto ultimately show ?thesis using mul_eq_trans[OF t] by metis qed lemma claim1: assumes t: "trans r" and "D r \ \ \' \'" shows "(r|\@\'| + ((r|\'| -s r \l (\@\')) \s r \l \),r|\| + r|\| ) \ mul_eq r" (is "(?F+?H,?G) \ _") proof - have 1: "(?F,?G) \ mul_eq r" using assms(2) unfolding D_def by (auto simp: union_commute) have 2: "set_mset ?H \ (dm r ?G) - (dm r ?F)" (is "(?L \ _)") proof - have "set_mset ?H = set_mset ((lexmax r \' \s dl r \) -s dl r (\@\'))" unfolding lemmaA_3_11 by auto moreover have "\ \ (dl r \ - dl r (\@\'))" unfolding diff_def intersect_def by auto moreover have "... \ ((dl r \ \ dl r \) - dl r (\@\'))" by auto ultimately show ?thesis unfolding lemma2_6_1_multiset lemma3_2_1[OF t] by auto qed show ?thesis using lemma2_6_7_a[OF t 2 1] by (auto simp: union_commute) qed lemma step3: assumes t:"trans r" and "D r \ \ \' \'" shows "r \l (\@\) \ (r \m (r|\'| + r|\| ))" proof - have a: "dl r (\@\) = dm r (lexmax r \ + lexmax r \)" and b: "dl r (\@\') = dm r (lexmax r \' + lexmax r \)" unfolding lemma2_6_1_list lemma3_2_1[OF t,symmetric] lemma2_6_1_multiset by auto show ?thesis using assms(2) lemma2_6_2_b[OF t] lemma3_2_1[OF t,symmetric] unfolding D_def a b[symmetric] by auto qed lemma claim2: assumes t: "trans r" and "D r \ \ \' \'" shows "((r|\'| -s r \l (\@\')) -s r \l \, (r|\'| -s r \l \') -s r \l \) \ mul_eq r" (is "(?L,?R) \ _") proof - have "?L = lexmax r \' -s (dl r (\@\'@\))" unfolding lemmaA_3_9 append_assoc[symmetric] lemma2_6_1_list by auto moreover have "(\,lexmax r \' -s dl r (\@\)) \ mul_eq r" (is "(_,?R) \ _") using lemma2_6_8[OF t dl_monotone] by auto moreover have "(?R,lexmax r \' -s dm r (lexmax r \' + lexmax r \)) \ mul_eq r" (is "(_,?R) \ _") using lemma2_6_8[OF t step3[OF assms]] by auto moreover have "?R = (lexmax r \' -s dl r \') -s dl r \" unfolding lemma3_2_1[OF t,symmetric] lemma2_6_1_multiset lemmaA_3_9[symmetric] by auto ultimately show ?thesis using mul_eq_trans[OF t] by metis qed lemma lemma3_5_2: assumes "trans r" and "irrefl r" and "D r \ \ \' \'" and "D r \ \' \'' \'" shows "(r|(\ @ \' @ \')|, r|\| + r|(\@\)| ) \ mul_eq r" proof - have 0: "lexmax r (\@\'@\') = lexmax r (\@\') + (lexmax r \' -s dl r (\@\'))" (is "?L = _") unfolding append_assoc[symmetric] lemma3_2_2 by auto moreover have "\ = lexmax r (\@\') + ((lexmax r \' -s dl r (\@\')) \s dl r \) + ((lexmax r \' -s dl r (\@\')) -s dl r \)" using lemmaA_3_10 unfolding union_assoc by auto moreover have "(\, lexmax r \ + lexmax r \ + ((lexmax r \' -s dl r (\@\')) -s dl r \)) \ mul_eq r" (is "(_,?R) \ _") using assms claim1 lemma2_6_6_a union_commute by metis moreover have "(?R, lexmax r \ + lexmax r \ + (((lexmax r \' -s dl r \') -s dl r \))) \ mul_eq r" (is "(_,?R) \ _") using lemma2_6_6_a[OF assms(1) claim2[OF assms(1,3)]] by auto moreover have "(?R, lexmax r \ + lexmax r \ + lexmax r \ -s dl r \) \ mul_eq r" (is "(_,?R) \ _") using lemma2_6_6_a[OF assms(1) lemma2_6_5_a'[OF assms(1) D_eq(1)[OF assms(1,2,4)]]] unfolding dl_def by auto moreover have "?R = lexmax r \ + lexmax r (\@\)" unfolding union_assoc lemma3_2_2 by auto ultimately show ?thesis using mul_eq_trans[OF assms(1)] by metis qed lemma lemma3_5: assumes "trans r" and "irrefl r" and "D r \ \ \' \'" and "D r \ \' \'' \'" shows "D r (\@\) \ \'' (\'@\')" unfolding D_def append_assoc using assms lemma3_5_1 lemma3_5_2 union_commute by metis lemma step2: assumes "trans r" and "\ \ []" shows "(M \s dl r \,lexmax r \) \ mul r" proof - from assms obtain x xs where "\=x#xs" using list.exhaust by auto hence x: "lexmax r \ \ {#}" by auto from assms(2) have y: "set_mset (M \sdl r \) \ dm r (lexmax r \)" unfolding lemma3_2_1[OF assms(1)] intersect_def by auto show ?thesis using lemma2_6_4[OF assms(1) x y] by auto qed text \Lemma 3.6\ lemma lemma3_6: assumes t: "trans r" and ne: "\ \ []" and D: "D r \ \ \' \'" shows "(r|\'| + r|\|, r|\| + r|\@\| ) \ mul r" (is "(?L,?R) \ _") proof - have "?L = ((lexmax r \' + lexmax r \) \s dl r \) + ((lexmax r \' + lexmax r \) -s dl r \)" unfolding lemmaA_3_10[symmetric] by auto moreover have "(\,lexmax r \ + ((lexmax r \' + lexmax r \) -s dl r \)) \ mul r" (is "(_,?R2) \ _") using lemma2_6_9[OF t step2[OF t ne]] union_commute by metis moreover have "?R2 = lexmax r \ + (lexmax r \' -s dl r \) + (lexmax r \ -s dl r \)" unfolding lemmaA_3_8 union_assoc[symmetric] by auto moreover have "\ = lexmax r (\@\') + (lexmax r \ -s dl r \)" unfolding lemma3_2_2 by auto moreover have "(\,lexmax r \ + lexmax r \ + (lexmax r \ -s dl r \)) \ mul_eq r" (is "(_,?R5) \ _") using D unfolding D_def using lemma2_6_6_a[OF t] union_commute by metis moreover have "?R5 = ?R" unfolding lemma3_2_2 union_assoc by auto ultimately show ?thesis using mul_and_mul_eq_imp_mul t by metis qed lemma lemma3_6_v: assumes "trans r" and "irrefl r" and "\ \ []" and "D r \ \ \' \'" shows "(r|\'| + r|\|, r|\| + r|\@\| ) \ mul r" using assms lemma3_6 mirror_D by fast subsubsection \Labeled Rewriting\ text \Theorem 3.7\ type_synonym ('a,'b) lars = "('a\'b\'a) set" type_synonym ('a,'b) seq = "('a\('b\'a)list)" inductive_set seq :: "('a,'b) lars \ ('a,'b) seq set" for ars where "(a,[]) \ seq ars" | "(a,\,b) \ ars \ (b,ss) \ seq ars \ (a,(\,b) # ss) \ seq ars" definition lst :: "('a,'b) seq \ 'a" where "lst ss = (if snd ss = [] then fst ss else snd (last (snd ss)))" text \results on seqs\ lemma seq_tail1: assumes seq: "(s,x#xs) \ seq lars" shows "(snd x,xs) \ seq lars" and "(s,fst x,snd x) \ lars" and "lst (s,x#xs) = lst (snd x,xs)" proof - show "(snd x,xs)\ seq lars" using assms by (cases) auto next show "(s,fst x,snd x) \ lars" using assms by (cases) auto next show "lst (s,x#xs) = lst (snd x,xs)" using assms unfolding lst_def by (cases) auto qed lemma seq_chop: assumes "(s,ss@ts) \ seq ars" shows "(s,ss) \ seq ars" "(lst(s,ss),ts) \ seq ars" proof - show "(s,ss) \ seq ars" using assms proof (induct ss arbitrary: s) case Nil show ?case using seq.intros(1) by fast next case (Cons x xs) hence k:"(s,x#(xs@ts)) \ seq ars" by auto from Cons have "(snd x,xs) \ seq ars" using seq_tail1(1) unfolding append.simps by fast thus ?case using seq.intros(2)[OF seq_tail1(2)[OF k]] by auto qed next show "(lst(s,ss),ts) \ seq ars" using assms proof (induct ss arbitrary:s) case Nil thus ?case unfolding lst_def by auto next case (Cons x xs) hence "(lst (snd x,xs),ts) \ seq ars" using seq_tail1(1) unfolding append.simps by fast thus ?case unfolding lst_def by auto qed qed lemma seq_concat_helper: assumes "(s,ls) \ seq ars" and "ss2 \ seq ars" and "lst (s,ls) = fst ss2" shows "(s,ls@snd ss2) \ seq ars \ (lst (s,ls@snd ss2) = lst ss2)" using assms proof (induct ls arbitrary: s ss2 rule:list.induct) case Nil thus ?case unfolding lst_def by auto next case (Cons x xs) hence "(snd x,xs) \ seq ars" and mem:"(s,fst x,snd x) \ ars" and "lst (snd x,xs) = fst ss2" using seq_tail1[OF Cons(2)] Cons(4) by auto thus ?case using Cons seq.intros(2)[OF mem] unfolding lst_def by auto qed lemma seq_concat: assumes "ss1 \ seq ars" and "ss2 \ seq ars" and "lst ss1 = fst ss2" shows "(fst ss1,snd ss1@snd ss2) \ seq ars" and "(lst (fst ss1,snd ss1@snd ss2) = lst ss2)" proof - show "(fst ss1,snd ss1@snd ss2) \ seq ars" using seq_concat_helper assms by force next show "(lst (fst ss1,snd ss1@snd ss2) = lst ss2)" using assms surjective_pairing seq_concat_helper by metis qed text \diagrams\ definition diagram :: "('a,'b) lars \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ bool" where "diagram ars d = (let (\,\,\',\') = d in {\,\,\',\'} \ seq ars \ fst \ = fst \ \ lst \ = fst \' \ lst \ = fst \' \ lst \' = lst \')" definition labels :: "('a,'b) seq \ 'b list" where "labels ss = map fst (snd ss)" definition D2 :: "'b rel \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ bool" where "D2 r d = (let (\,\,\',\') = d in D r (labels \) (labels \) (labels \') (labels \'))" lemma lemma3_5_d: assumes "diagram ars (\,\,\',\')" and "diagram ars (\,\',\'',\')" shows "diagram ars ((fst \,snd \@snd \),\,\'',(fst \'),snd \'@snd \')" proof - from assms have tau: "\ \ seq ars" and upsilon: "\ \ seq ars" and o: "lst \ = fst \" and tau': "\' \ seq ars" and upsilon': "\' \ seq ars" and l: "lst \' = fst \'" unfolding diagram_def by auto show ?thesis using assms seq_concat[OF tau' upsilon' l] seq_concat[OF tau upsilon o] unfolding diagram_def by auto qed lemma lemma3_5_d_v: assumes "diagram ars (\,\,\',\')" and "diagram ars (\',\,\',\'')" shows "diagram ars (\,(fst \,snd \@snd \),(fst \',snd \'@snd \'),\'')" proof - from assms have d1: "diagram ars (\,\,\',\')" and d2: "diagram ars (\,\',\'',\')" unfolding diagram_def by auto show ?thesis using lemma3_5_d[OF d1 d2] unfolding diagram_def by auto qed lemma lemma3_5': assumes "trans r" and "irrefl r" and "D2 r (\,\,\',\')" and "D2 r (\,\',\'',\')" shows "D2 r ((fst \,snd \@snd \),\,\'',(fst \'),snd \'@snd \')" using assms lemma3_5[OF assms(1,2)] unfolding labels_def D2_def by auto lemma lemma3_5'_v: assumes "trans r" and "irrefl r" and "D2 r (\,\,\',\')" and "D2 r (\',\,\',\'')" shows "D2 r (\, (fst \,snd \@snd \),(fst \',snd \'@snd \'),\'')" proof - from assms(3,4) have D1:"D2 r (\,\,\',\')" and D2: "D2 r (\,\',\'',\')" unfolding D2_def using mirror_D[OF assms(1,2)] by auto show ?thesis using lemma3_5'[OF assms(1,2) D1 D2] mirror_D[OF assms(1,2)] unfolding D2_def by auto qed lemma trivial_diagram: assumes "\ \ seq ars" shows "diagram ars (\,(fst \,[]),(lst \,[]),\)" using assms seq.intros(1) unfolding diagram_def Let_def lst_def by auto lemma trivial_D2: assumes "\ \ seq ars" shows "D2 r (\,(fst \,[]),(lst \,[]),\)" using assms unfolding D2_def D_def labels_def using mul_eq_reflexive by auto (* lift to combined concept *) definition DD :: "('a,'b) lars \ 'b rel \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ bool" where "DD ars r d = (diagram ars d \ D2 r d)" lemma lemma3_5_DD: assumes "trans r" and "irrefl r" and "DD ars r (\,\,\',\')" and "DD ars r (\,\',\'',\')" shows "DD ars r ((fst \,snd \@snd \),\,\'',(fst \'),snd \'@snd \')" using assms lemma3_5_d lemma3_5'[OF assms(1,2)] unfolding DD_def by fast lemma lemma3_5_DD_v: assumes "trans r" and "irrefl r" and "DD ars r (\,\,\',\')" and "DD ars r (\',\,\',\'')" shows "DD ars r (\, (fst \,snd \@snd \),(fst \',snd \'@snd \'),\'')" using assms lemma3_5_d_v lemma3_5'_v unfolding DD_def by fast lemma trivial_DD: assumes "\ \ seq ars" shows "DD ars r (\,(fst \,[]),(lst \,[]),\)" using assms trivial_diagram trivial_D2 unfolding DD_def by fast lemma mirror_DD: assumes "trans r" and "irrefl r" and "DD ars r (\,\,\',\')" shows "DD ars r (\,\,\',\')" using assms mirror_D unfolding DD_def D2_def diagram_def by auto text \well-foundedness of rel r\ definition measure :: "'b rel \ ('a,'b) seq \ ('a,'b) seq \ 'b multiset" where "measure r P = r|labels (fst P)| + r|labels (snd P)|" definition pex :: "'b rel \ (('a,'b) seq \ ('a,'b) seq) rel" where "pex r = {(P1,P2). (measure r P1,measure r P2) \ mul r}" lemma wfi: assumes "relr = pex r" and "\ wf (relr)" shows "\ wf (mul r)" proof - have "\ SN ((relr)\)" using assms unfolding SN_iff_wf converse_converse by auto from this obtain s where "\i. (s i, s (Suc i)) \ relr\" unfolding SN_def SN_on_def by auto hence fact:"\i. (measure r (s i), measure r (s (Suc i))) \ (mul r)\" unfolding assms(1) pex_def by auto have "\ SN ((mul r)\)" using chain_imp_not_SN_on[OF fact] unfolding SN_on_def by auto thus ?thesis unfolding SN_iff_wf converse_converse by auto qed lemma wf: assumes "trans r" and "wf r" shows "wf (pex r)" using wf_mul[OF assms] wfi by auto text \main result\ definition peak :: "('a,'b) lars \ ('a,'b) seq \ ('a,'b) seq \ bool" where "peak ars p = (let (\,\) = p in {\,\} \ seq ars \ fst \ = fst \)" definition local_peak :: "('a,'b) lars \ ('a,'b) seq \ ('a,'b) seq \ bool" where "local_peak ars p = (let (\,\) = p in peak ars p \ length (snd \) = 1 \ length (snd \) = 1)" text \proof of Theorem 3.7\ lemma LD_imp_D: assumes "trans r" and "wf r" and "\P. (local_peak ars P \ (\ \' \'. DD ars r (fst P,snd P,\',\')))" and "peak ars P" shows "(\ \' \'. DD ars r (fst P,snd P,\',\'))" proof - have i: "irrefl r" using assms(1,2) acyclic_irrefl trancl_id wf_acyclic by metis have wf: "wf (pex r)" using wf[OF assms(1,2)] . show ?thesis using assms(4) proof (induct rule:wf_induct_rule[OF wf]) case (1 P) obtain s \ \ where decompose:"P = (\,\)" and tau:"\ \ seq ars" and sigma:"\ \ seq ars" and tau_s: "fst \ = s" and sigma_s: "fst \ = s" using 1 unfolding peak_def by auto show ?case proof (cases "snd \") case Nil from mirror_DD[OF assms(1) i trivial_DD[OF sigma]] show ?thesis using tau_s sigma_s Nil surjective_pairing unfolding decompose fst_conv snd_conv DD_def by metis next case (Cons \_step \_step) hence tau_dec: "\ = (s,[\_step]@\_step)" apply auto using tau_s surjective_pairing by metis hence tau2:" (s,[\_step]@\_step) \ seq ars" using tau by auto show ?thesis proof (cases "snd \") case Nil from trivial_DD[OF tau] show ?thesis using tau_s sigma_s Nil surjective_pairing unfolding decompose fst_conv snd_conv DD_def by metis next case (Cons \_step \_step) hence sigma_dec: "\ = (s,[\_step]@\_step)" apply auto using sigma_s surjective_pairing by metis hence sigma2:"(s,[\_step]@\_step) \ seq ars" using sigma by auto have alpha:"(s,[\_step]) \ seq ars" (is "?\ \ _") and rho: "(lst (s,[\_step]),\_step) \ seq ars" (is "?\ \ _") using seq_chop[OF sigma2] by auto have beta:"(s,[\_step]) \ seq ars" (is "?\ \ _") and upsilon: "(lst (s,[\_step]),\_step) \ seq ars" (is "?\ \ _") using seq_chop[OF tau2] by auto have "local_peak ars (?\,?\)" using alpha beta unfolding local_peak_def peak_def by auto from this obtain \ \ where D:"DD ars r (?\,?\,\,\)" using assms(3) apply auto by metis hence kappa: "\\seq ars" and mu: "\\seq ars" unfolding DD_def diagram_def by auto have P_IH1: " peak ars (?\,\)" using upsilon kappa D unfolding DD_def diagram_def peak_def by auto have beta_ne: "labels ?\ \ []" unfolding labels_def by auto have dec: "D r (labels ?\) (labels ?\) (labels \) (labels \)" using D unfolding DD_def D2_def by auto have x1:"((?\,\), (\,?\)) \ pex r" using lemma3_6[OF assms(1) beta_ne dec] unfolding pex_def measure_def decompose labels_def tau_dec by (simp add: add.commute) have "(lexmax r (labels \) + lexmax r (labels (?\)), lexmax r (labels \) + lexmax r (labels \)) \ mul_eq r" (is "(?l,?r) \ _") unfolding sigma_dec labels_def snd_conv list.map lexmax.simps diff_from_empty using assms(1) by (simp add: lemma2_6_2_a) hence "((?\,\),P) \ pex r" using x1 unfolding sigma_s pex_def measure_def decompose using mul_and_mul_eq_imp_mul[OF assms(1)] by auto from this obtain \' \' where IH1: "DD ars r (?\,\,\',\')" using 1(1)[OF _ P_IH1] unfolding decompose by auto hence kappa':"\'\seq ars" and upsilon': "\'\seq ars" using D unfolding DD_def diagram_def by auto have tau': "(fst \,snd \@(snd \')) \ seq ars" (is "?\' \ _") using seq_concat(1)[OF mu upsilon'] D IH1 unfolding DD_def diagram_def by auto have DIH1: "DD ars r (\,?\,\',?\')" using lemma3_5_DD[OF assms(1) i D IH1] tau_dec by auto hence dec_dih1: "D r (labels \) (labels ?\) (labels \') (labels ?\')" using DIH1 unfolding DD_def D2_def by simp have P_IH2: "peak ars (?\',?\)" using tau' rho D unfolding DD_def diagram_def peak_def by auto have alpha_ne: "labels ?\ \ []" unfolding labels_def by simp have "((?\',?\),P) \ pex r" using lemma3_6_v[OF assms(1) i alpha_ne dec_dih1] unfolding pex_def measure_def decompose labels_def sigma_dec by auto from this obtain \' \'' where IH2: "DD ars r (?\',?\,\',\'')" using 1(1)[OF _ P_IH2] by auto show ?thesis using lemma3_5_DD_v[OF assms(1) i DIH1 IH2] unfolding decompose fst_conv snd_conv sigma_dec by fast qed qed qed qed text \CR with unlabeling\ definition unlabel :: "('a,'b) lars \ 'a rel" where "unlabel ars = {(a,c). \b. (a,b,c) \ ars}" lemma step_imp_seq: assumes "(a,b) \ (unlabel ars)" shows "\ss \ seq ars. fst ss = a \ lst ss = b" proof - obtain \ where step:"(a,\,b) \ ars" using assms unfolding unlabel_def by auto hence ss: "(a,[(\,b)]) \ seq ars" (is "?ss \ _") using seq.intros by fast have "fst ?ss = a" and "lst ?ss = b" unfolding lst_def by auto thus ?thesis using ss unfolding lst_def by fast qed lemma steps_imp_seq: assumes "(a,b) \ (unlabel ars)^*" shows "\ss \ seq ars. fst ss = a \ lst ss = b" using assms(1) proof fix n assume A: "(a,b) \ (unlabel ars)^^n" thus ?thesis proof (induct n arbitrary: a b ars) case 0 hence eq: "a = b" by auto have "(a,[]) \ seq ars" using seq.intros(1) by fast thus ?case using fst_eqD snd_conv lst_def eq by metis next case (Suc m) obtain c where steps: "(a,c) \ (unlabel ars)^^m" and step: "(c,b) \ (unlabel ars)" using Suc by auto obtain ss ts where ss1: "ss \ seq ars" and ss2:"fst ss = a" and ts1: "ts \ seq ars" and ts3:"lst ts = b" and eq: "lst ss = fst ts" using Suc steps step_imp_seq[OF step] by metis show ?case using seq_concat[OF ss1 ts1 eq] unfolding ss2 ts3 by force qed qed lemma step_imp_unlabeled_step: assumes "(a,b,c) \ ars" shows "(a,c) \ (unlabel ars)" using assms unfolding unlabel_def by auto lemma seq_imp_steps: assumes "ss \ seq ars" and "fst ss = a" and "lst ss = b" shows "(a,b) \ (unlabel ars)^*" proof - from assms surjective_pairing obtain ls where "(a,ls) \ seq (ars)" and "lst (a,ls) = b" by metis thus ?thesis proof (induct ls arbitrary: a b rule:list.induct) case Nil thus ?case unfolding lst_def by auto next case (Cons x xs) have fst:"(a,fst x,snd x) \ ars" using Cons seq_tail1(2) surjective_pairing by metis have "(snd x,b) \ (unlabel ars)^*" using Cons seq_tail1(1,3) by metis thus ?case using step_imp_unlabeled_step[OF fst] by auto qed qed lemma seq_vs_steps: shows "(a,b) \ (unlabel ars)^* = (\ss. fst ss = a \ lst ss = b \ ss \ seq ars)" using seq_imp_steps steps_imp_seq by metis lemma D_imp_CR: assumes "\P. (peak ars P \ (\ \' \'. DD ars r (fst P,snd P,\',\')))" shows "CR (unlabel ars)" proof fix a b c assume A: "(a,b) \ (unlabel ars)^*" and B: "(a,c) \ (unlabel ars)^*" show "(b,c) \ (unlabel ars)\<^sup>\" proof - obtain ss1 ss2 where " peak ars (ss1,ss2)" and b: "lst ss1 = b" and c: "lst ss2 = c" unfolding peak_def using A B unfolding seq_vs_steps by auto from this obtain ss3 ss4 where dia: "diagram ars (ss1,ss2,ss3,ss4)" using assms(1) unfolding DD_def apply auto using surjective_pairing by metis from dia obtain d where ss3: "ss3 \ seq ars" and ss4: "ss4 \ seq ars" and ss3_1: "fst ss3 = b" and ss3_2: "lst ss3 = d" and ss4_1: "fst ss4 = c" and ss4_2:"lst ss4 = d" using b c unfolding diagram_def by auto show ?thesis using seq_imp_steps[OF ss3 ss3_1 ss3_2] seq_imp_steps[OF ss4 ss4_1 ss4_2] by auto qed qed definition LD :: "'b set \ 'a rel \ bool" where "LD L ars = (\ (r:: ('b rel)) (lrs::('a,'b) lars). (ars = unlabel lrs) \ trans r \ wf r \ (\P. (local_peak lrs P \ (\ \' \'. (DD lrs r (fst P,snd P,\',\'))))))" lemma sound: assumes "LD L ars" shows "CR ars" using assms LD_imp_D D_imp_CR unfolding LD_def by metis subsubsection \Application: Newman's Lemma\ lemma measure: assumes lab_eq: "lrs = {(a,c,b). c = a \ (a,b) \ ars}" and "(s,(\,t) # ss) \ seq lrs" shows "set (labels (t,ss)) \ ds ((ars^+)\) {\}" using assms(2) proof (induct ss arbitrary: s \ t ) case Nil thus ?case unfolding labels_def by auto next case (Cons x xs) from this obtain \ u where x:"x = (\,u)" using surjective_pairing by metis - have t: "trans ((ars^+)\)" by (metis trans_converse trans_trancl) + have t: "trans ((ars\<^sup>+)\)" by (metis trans_on_converse trans_trancl) from Cons(1) x have s0: "(s, \, t) \ lrs" and cs:"(t,(\,u)#xs) \ seq lrs" using Cons.prems seq_tail1(1) snd_conv fst_conv seq_tail1(2) by auto have ih: "set (labels (u, xs)) \ ds ((ars^+)\) {\}" using Cons(1)[OF cs] by auto have key: "{\} \ ds ((ars^+)\) {\}" using s0 cs seq_tail1(2)[OF cs] unfolding ds_def lab_eq by auto show ?case using ih subset_imp_ds_subset[OF t key] key unfolding x labels_def by auto qed lemma newman: assumes "WCR ars" and "SN ars" shows "CR ars" proof - from assms obtain L where "L = {a . \ b. (a,b) \ ars}" by auto from assms obtain lrs where lab_eq: "(lrs = {(a,c,b). c = a \ (a,b) \ ars})" by auto have lab: "ars = unlabel lrs" unfolding unlabel_def lab_eq by auto - have t: "trans ((ars^+)\)" using trans_converse trans_trancl by auto + have t: "trans ((ars\<^sup>+)\)" using trans_on_converse trans_trancl by auto have w: "wf ((ars^+)\)" using assms(2) wf_trancl trancl_converse unfolding SN_iff_wf by metis have ps: "\P. (local_peak lrs P --> (\ \' \'. DD lrs ((ars^+)\) (fst P,snd P,\',\')))" proof fix P show "local_peak lrs P --> (\ \' \'. DD lrs ((ars^+)\) (fst P,snd P,\',\'))" proof assume A: "local_peak lrs P" show "(\ \' \'. DD lrs ((ars^+)\) (fst P,snd P,\',\'))" (is "?DD") proof - from lab_eq have lab: "ars = unlabel lrs" unfolding unlabel_def by auto from A obtain \ \ where ts: "{\,\} \ seq lrs" and l1: "length (snd \) = 1" and l2: "length (snd \) = 1" and P: "P = (\,\)" and p: "fst \ = fst \" unfolding local_peak_def peak_def by auto from l1 obtain \ b where 1: "snd \ = [(\,b)]" by(auto simp add: length_Suc_conv) from this obtain a where tau: "\ = (a,[(\,b)])" by (metis surjective_pairing) hence alb: "(a,\,b) \ lrs" using ts by (metis fst_conv insert_subset seq_tail1(2) snd_conv) have ab: "(a,b) \ ars" and a_eq: "a = \" using alb unfolding lab_eq by auto from l2 obtain \ c where 2: "snd \ = [(\,c)]" by(auto simp add: length_Suc_conv) hence sigma: "\ = (a,[(\,c)])" using ts by (metis fst_conv p prod.collapse tau) hence alc: "(a,\,c) \ lrs" using ts by (metis fst_conv insert_subset seq_tail1(2) snd_conv) hence ac: "(a,c) \ ars" and a_eq: "a = \" using alb unfolding lab_eq by auto from tau sigma have fl: "fst \ = a \ fst \ = a \ lst \ = b \ lst \ = c" unfolding lst_def by auto from ab ac obtain d where "(b,d) \ ars^*" and "(c,d) \ ars^*" using assms(1) by auto from this obtain \' \' where sigma': "\' \ seq lrs" and sigma'1: "fst \' = b" and "lst \' = d" and tau':"\' \ seq lrs" and "fst \' = c" and "lst \' = d" using steps_imp_seq unfolding lab by metis hence d:"diagram lrs (fst P, snd P, \', \')" using P A ts fl unfolding local_peak_def peak_def diagram_def by auto have s1:"(a,(\,b)# snd \') \ seq lrs" using \fst \' = b\ seq.intros(2)[OF alb] sigma' by auto have vv: "set (labels \') \ ds ((ars^+)\) {\}" using measure[OF lab_eq s1] by (metis \fst \' = b\ surjective_pairing) have s2:"(a,(\,c)# snd \') \ seq lrs" using \fst \' = c\ seq.intros(2)[OF alc] tau' by auto hence ww: "set (labels \') \ ds ((ars^+)\) {\}" using measure[OF lab_eq] s2 by (metis \fst \' = c\ surjective_pairing) from w have i: "irrefl ((ars^+)\)" by (metis SN_imp_acyclic acyclic_converse acyclic_irrefl assms(2) trancl_converse) from vv ww have ld: "LD' ((ars^+)\) \ \ (labels \') [] [] (labels \') [] []" unfolding LD'_def LD_1'_def by auto have D: "D ((ars^+)\) (labels (fst P)) (labels (snd P)) (labels \') (labels \')" using proposition3_4[OF t i ld] unfolding P sigma tau lst_def labels_def by auto from d D have "DD lrs ((ars^+)\) (fst P, snd P, \', \')" unfolding DD_def D2_def by auto thus ?thesis by fast qed qed qed have "LD L ars" using lab t w ps unfolding LD_def by fast thus ?thesis using sound by auto qed subsection \Conversion Version\ text \This section follows~\cite{vO08a}.\ text \auxiliary results on multisets\ lemma mul_eq_add_right: "(M,M+P) \ mul_eq r" proof - have "M = M + {#}" "set_mset {#} \ dm r P" by auto thus ?thesis unfolding mul_eq_def by fast qed lemma mul_add_right: assumes "(M,N) \ mul r" shows "(M,N+P) \ mul r" proof - from assms obtain I J K where "M = I + K" "N = I + J" "set_mset K \ dm r J" "J \ {#}" unfolding mul_def by auto hence b: "M = I + K" "N + P = I + (J + P)" "set_mset K \ ds r (set_mset J \ set_mset P)" "J+P \ {#}" unfolding dm_def lemma2_6_1_set using union_assoc by auto hence "set_mset K \ ds r (set_mset (J+P ))" by auto thus ?thesis using b unfolding mul_def unfolding dm_def by fast qed lemma mul_eq_and_ds_imp_ds: assumes t: "trans r" and "(M,N) \ mul_eq r" and "set_mset N \ ds r S" shows "set_mset M \ ds r S" proof - from assms obtain I J K where a: "M = I + K" and "N = I + J" and c: "set_mset K \ dm r J" unfolding mul_eq_def by auto hence k1:"set_mset I \ ds r S" "set_mset J \ ds r S" using assms by auto hence "ds r (set_mset J) \ ds r S" using subset_imp_ds_subset[OF t] by auto thus ?thesis using k1 a c unfolding dm_def by auto qed lemma lemma2_6_2_set: assumes "S \ T" shows "ds r S \ ds r T" using assms unfolding ds_def by auto lemma leq_imp_subseteq: assumes "M \# N" shows "set_mset M \ set_mset N" using assms mset_subset_eqD by auto lemma mul_add_mul_eq_imp_mul: assumes "(M,N) \ mul r" and "(P,Q) \ mul_eq r" shows "(M+P,N+Q) \ mul r" proof - from assms(1) obtain I J K where a:"M = I + K" "N = I + J" "set_mset K \ dm r J" "J \ {#}" unfolding mul_def by auto from assms(2) obtain I2 J2 K2 where b:"P = I2 + K2" "Q = I2 + J2" "set_mset K2 \ dm r J2" unfolding mul_eq_def by auto have "M + P = (I + I2) + (K + K2)" using a b union_commute union_assoc by metis moreover have "N + Q = (I + I2) + (J + J2)" using a b union_commute union_assoc by metis moreover have "set_mset (K + K2) \ dm r (J + J2)" using a b unfolding lemma2_6_1_multiset by auto ultimately show ?thesis using a b unfolding mul_def by fast qed text \labeled conversion\ type_synonym ('a,'b) conv = "('a \ ((bool \ 'b \ 'a) list))" inductive_set conv :: "('a,'b) lars \ ('a,'b) conv set" for ars where "(a,[]) \ conv ars" | "(a,\,b) \ ars \ (b,ss) \ conv ars \ (a,(True,\,b) # ss) \ conv ars" | "(b,\,a) \ ars \ (b,ss) \ conv ars \ (a,(False,\,b) # ss) \ conv ars" definition labels_conv :: "('a,'b) conv \ 'b list" where "labels_conv c = map (\q. (fst (snd q))) (snd c)" definition measure_conv :: "'b rel \ ('a,'b) conv \ 'b multiset" where "measure_conv r c = lexmax r (labels_conv c)" fun lst_conv :: "('a,'b) conv \ 'a" where "lst_conv (s,[]) = s" | "lst_conv (s,(d,\,t) # ss) = lst_conv (t,ss)" definition local_diagram1 :: "('a,'b) lars \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ bool" where "local_diagram1 ars \ \ \1 \2 \3 = (local_peak ars (\,\) \ {\1,\2,\3} \ seq ars \ lst \ = fst \1 \ lst \1 = fst \2 \ lst \2 = fst \3)" definition LDD1 :: "('a,'b) lars \ 'b rel \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ bool" where "LDD1 ars r \ \ \1 \2 \3 = (local_diagram1 ars \ \ \1 \2 \3 \ LD_1' r (hd (labels \)) (hd (labels \)) (labels \1) (labels \2) (labels \3))" definition LDD :: "('a,'b) lars \ 'b rel \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) seq \ bool" where "LDD ars r d = (let (\,\,\1,\2,\3,\1,\2,\3) = d in LDD1 ars r \ \ \1 \2 \3 \ LDD1 ars r \ \ \1 \2 \3 \ lst \3 = lst \3)" definition local_triangle1 :: "('a,'b) lars \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) conv \ ('a,'b) seq \ ('a,'b) conv \ bool" where "local_triangle1 ars \ \ \1 \2 \3 = (local_peak ars (\,\) \ \2 \ seq ars \ {\1,\3} \ conv ars \ lst \ = fst \1 \ lst_conv \1 = fst \2 \ lst \2 = fst \3)" definition LT1 :: "('a,'b) lars \ 'b rel \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) conv \ ('a,'b) seq \ ('a,'b) conv \ bool" where "LT1 ars r \ \ \1 \2 \3 = (local_triangle1 ars \ \ \1 \2 \3 \ LD_1' r (hd (labels \)) (hd (labels \)) (labels_conv \1) (labels \2) (labels_conv \3))" definition LT :: "('a,'b) lars \ 'b rel \ ('a,'b) seq \ ('a,'b) seq \ ('a,'b) conv \ ('a,'b) seq \ ('a,'b) conv \ ('a,'b) conv \ ('a,'b) seq \ ('a,'b) conv \ bool" where "LT ars r t = (let (\,\,\1,\2,\3,\1,\2,\3) = t in LT1 ars r \ \ \1 \2 \3 \ LT1 ars r \ \ \1 \2 \3 \ lst_conv \3 = lst_conv \3)" lemma conv_tail1: assumes conv: "(s,(d,\,t)#xs) \ conv ars" shows "(t,xs) \ conv ars" and "d \ (s,\,t) \ ars" and "\d \ (t,\,s) \ ars" and "lst_conv (s,(d,\,t)#xs) = lst_conv (t,xs)" proof - show "(t,xs) \ conv ars" using assms by (cases) auto show "d \ (s,\,t) \ ars" using assms by (cases) auto show "\d \ (t,\,s) \ ars" using assms by (cases) auto show "lst_conv (s,(d,\,t)#xs) = lst_conv (t,xs)" unfolding lst_conv.simps by auto qed lemma conv_chop: assumes "(s,ss1@ss2) \ conv ars" shows "(s,ss1) \ conv ars" "(lst_conv (s,ss1),ss2) \ conv ars" proof - show "(s,ss1) \ conv ars" using assms proof (induct ss1 arbitrary: s) case Nil thus ?case using conv.intros by fast next case (Cons t' ts) from this obtain d \ t where dec: "t' = (d,\,t)" using prod_cases3 by metis from Cons have "(s, t' # ts @ ss2) \ conv ars" by auto hence "(t, ts @ ss2) \ conv ars" and d1: "d \ (s,\,t) \ ars" and d2:"\d \ (t,\,s) \ ars" using conv_tail1(1-3) unfolding dec by auto hence "(t, ts) \ conv ars" using Cons by auto thus ?case unfolding dec using Cons conv.intros d1 d2 by (cases d) auto qed show "(lst_conv (s,ss1),ss2) \ conv ars" using assms proof (induct ss1 arbitrary:s) case Nil thus ?case using conv.intros unfolding last.simps by auto next case (Cons t' ts) from this obtain d \ t where dec: "t' = (d,\,t)" using prod_cases3 by metis from Cons have "(s, t' # ts @ ss2) \ conv ars" by auto hence "(snd (snd t'), ts @ ss2) \ conv ars" using conv_tail1(1) unfolding dec by auto thus ?case using Cons(1) unfolding dec last.simps by auto qed qed lemma conv_concat_helper: assumes "(s,ls) \ conv ars" and "ss2 \ conv ars" and "lst_conv (s,ls) = fst ss2" shows "(s,ls@snd ss2) \ conv ars \ (lst_conv (s,ls@snd ss2) = lst_conv ss2)" using assms proof (induct ls arbitrary: s ss2 rule:list.induct) case Nil thus ?case unfolding lst_def by auto next case (Cons x xs) from this obtain d \ t where dec: "x = (d,\,t)" using prod_cases3 by metis hence tl: "(t,xs) \ conv ars" and d1:"d \ (s,\,t) \ ars" and d2: "\d \ (t,\,s) \ ars" and lst:"lst_conv (t,xs) = fst ss2" using conv_tail1 Cons(2) Cons(4) by auto have "(t,xs@snd ss2) \ conv ars" and lst: "lst_conv (t,xs@snd ss2) = lst_conv ss2" using Cons(1)[OF tl Cons(3) lst] by auto thus ?case using conv.intros d1 d2 unfolding dec lst_conv.simps by (cases d) auto qed lemma conv_concat: assumes "ss1 \ conv ars" and "ss2 \ conv ars" and "lst_conv ss1 = fst ss2" shows "(fst ss1,snd ss1@snd ss2) \ conv ars" and "(lst_conv (fst ss1,snd ss1@snd ss2) = lst_conv ss2)" proof - show "(fst ss1,snd ss1@snd ss2) \ conv ars" using conv_concat_helper assms by force next show "(lst_conv (fst ss1,snd ss1@snd ss2) = lst_conv ss2)" using assms surjective_pairing conv_concat_helper by metis qed lemma conv_concat_labels: assumes "ss1 \ conv ars" and "ss2 \ conv ars" and "set (labels_conv ss1) \ S" and "set (labels_conv ss2) \ T" shows "set (labels_conv (fst ss1,snd ss1@snd ss2)) \ S \ T" using assms unfolding labels_conv_def by auto lemma seq_decompose: assumes "\ \ seq ars" and "labels \ = \1'@\2'" shows "\ \1 \2. ({\1,\2} \ seq ars \ \ = (fst \1,snd \1@snd \2) \ lst \1 = fst \2 \ lst \2 = lst \ \ labels \1 = \1' \ labels \2 = \2')" proof - obtain s ss where \_dec: "\ = (s,ss)" using assms(1) surjective_pairing by metis show ?thesis using assms unfolding \_dec proof (induct ss arbitrary: s \1' \2' rule:list.induct) case Nil thus ?case unfolding labels_def lst_def by auto next case (Cons x xs) have step: "(s,x) \ ars" and x:"(snd x,xs) \ seq ars" using seq_tail1[OF Cons(2)] surjective_pairing by auto hence steps: "(s,[x]) \ seq ars" by (metis Cons(2) append_Cons append_Nil seq_chop(1)) from Cons(3) have a:"fst x#labels (snd x,xs) = \1'@\2'" unfolding labels_def snd_conv by auto show ?case proof (cases "\1'=[]") case True from a True obtain l ls where \2'_dec: "\2' = l#ls" and y1:"fst x = l" and y2:"labels (snd x,xs) = []@ls" by auto obtain \1 \2 where ih: "\1 \ seq ars" "\2 \ seq ars" "(snd x, xs) = (fst \1, snd \1 @ snd \2)" "lst \1 = fst \2" "labels \1 = []" "labels \2 = ls" using Cons(1)[OF x y2] by blast hence c:"fst (snd x,xs) = fst \1" by auto have 1: "\1 = (snd x,[])" using ih unfolding labels_def apply auto by (metis surjective_pairing) hence 2: "snd x = fst \1" "xs = snd \2" using ih by auto have 3: "snd x = fst \2" using ih 1 unfolding lst_def by auto have "\2 = (snd x,xs)" using x 1 2 3 surjective_pairing by metis hence l:"lst (s, [x]) = fst \2" unfolding lst_def by auto have m:"{(s,[]), (s,x# snd \2)} \ seq ars" (is "{?\1,?\2} \ _") using seq.intros(1) seq_concat(1)[OF steps _ l] ih by auto moreover have "(s, x # xs) = (fst ?\1, snd ?\1 @ snd ?\2)" using m 2 by auto moreover have "lst ?\1 = fst ?\2" using m unfolding lst_def by auto moreover have "lst ?\2 = lst (s,x#xs)" unfolding lst_def using 2 3 by auto moreover have "labels (s,[]) = \1'" unfolding labels_def using True by auto moreover have "labels ?\2 = \2'" using ih y1 unfolding \2'_dec labels_def by auto ultimately show ?thesis by metis next case False from False obtain l ls where \1'_dec:"\1' = l#ls" using list.exhaust by auto hence y1:"fst x = l" and y2:"labels (snd x,xs) = ls @ \2'" using a by auto obtain \1 \2 where ih: "\1 \ seq ars" "\2 \ seq ars" "(snd x, xs) = (fst \1, snd \1 @ snd \2)" "lst \1 = fst \2" "lst \2 = lst (snd x, xs)" "labels \1 = ls" "labels \2 = \2'" using Cons(1)[OF x y2] by blast hence "{(s,x# snd \1),\2} \ seq ars" (is "{?\1,_} \ seq ars") using seq_concat(1)[OF steps] ih unfolding lst_def by auto moreover have "(s,x#xs) = (fst ?\1,snd ?\1@snd \2)" using ih by auto moreover have "lst ?\1 = fst \2" using ih unfolding lst_def by auto moreover have "lst \2 = lst (s, x # xs)" using ih unfolding lst_def by auto moreover have "labels ?\1 = \1'" using ih \1'_dec y1 unfolding labels_def by auto moreover have "labels \2 = \2'" using ih by auto ultimately show ?thesis by blast qed qed qed lemma seq_imp_conv: assumes "(s,ss) \ seq ars" shows "(s,map (\step. (True,step)) ss) \ conv ars \ lst_conv (s,map (\step.(True,step)) ss) = lst (s,ss) \ labels (s,ss) = labels_conv (s,map (\step.(True,step)) ss)" using assms proof (induct ss arbitrary: s rule:list.induct ) case Nil show ?case unfolding lst_def labels_def labels_conv_def apply auto using conv.intros by fast next case (Cons t' ts) have t'_dec: "t' = (fst t',snd t')" using surjective_pairing by auto have step: "(s,fst t',snd t') \ ars" and x:"(snd t',ts) \ seq ars" using seq_tail1[OF Cons(2)] by auto have y1:"(snd t', map (Pair True) ts) \ conv ars" and y2: "lst (snd t', ts) = lst_conv (snd t', map (Pair True) ts)" and y3: "labels (snd t', ts) = labels_conv (snd t', map (Pair True) ts)" using Cons(1)[OF x] by auto have k: "(s,(True,fst t',snd t')#map (Pair True) ts) \ conv ars" using step y1 conv.intros by fast moreover have "lst (s,(fst t',snd t')#ts) = lst_conv (s, map (Pair True) ((fst t',snd t')#ts))" using y2 unfolding list.map lst_def lst_conv.simps by auto moreover have "labels (s,(fst t',snd t')#ts) = labels_conv (s,map (Pair True) ((fst t',snd t')#ts))" using y3 unfolding list.map labels_def labels_conv_def by auto ultimately show ?case by auto qed fun conv_mirror :: "('a,'b) conv \ ('a,'b) conv" where "conv_mirror \ = (let (s,ss) = \ in case ss of [] \ (s,ss) | x#xs \ let (d,\,t) = x in (fst (conv_mirror (t,xs)),snd (conv_mirror (t,xs))@[(\d,\,s)]))" lemma conv_mirror: assumes "\ \ conv ars" shows "conv_mirror \ \ conv ars \ set (labels_conv (conv_mirror \)) = set (labels_conv \) \ fst \ = lst_conv (conv_mirror \) \ lst_conv \ = fst (conv_mirror \)" proof - from assms obtain s ss where \_dec: "\ = (s,ss)" using surjective_pairing by metis show ?thesis using assms unfolding \_dec proof (induct ss arbitrary:s rule:list.induct) case Nil thus ?case using conv.intros conv_mirror.simps by auto next case (Cons t' ts) from this obtain d \ t where t'_dec: "t' = (d,\,t)" by (metis prod_cases3) have 1:"(t, ts) \ conv ars" and 2: "d \ (s,\,t) \ ars" and 3: "\d \ (t,\,s) \ ars" and 4:"lst_conv (s,t'#ts) = lst_conv (t,ts)" using Cons(2) conv_tail1 unfolding t'_dec by auto have r: "(t,[(\d,\,s)]) \ conv ars" using 2 3 conv.intros(3)[OF _ conv.intros(1)] conv.intros(2)[OF _ conv.intros(1)] by (cases d) auto have "conv_mirror (s,t'#ts) \ conv ars" using conv_concat[OF _ r ] Cons(1)[OF 1] t'_dec by auto moreover have "set (labels_conv (conv_mirror (s, t' # ts))) = set (labels_conv (s, t' # ts))" using Cons(1)[OF 1] unfolding labels_conv_def t'_dec by auto moreover have "fst (s, t' # ts) = lst_conv (conv_mirror (s, t' # ts))" using t'_dec Cons(1)[OF 1] conv_concat(2)[OF _ r] by auto moreover have "lst_conv (s, t' # ts) = fst (conv_mirror (s, t' # ts))" using t'_dec 4 Cons(1)[OF 1] by auto ultimately show ?case by auto qed qed lemma DD_subset_helper: assumes t:"trans r" and "(r|\@\'|, r|\| + r|\| ) \ mul_eq r" and "set_mset (r|\| + r|\| ) \ ds r S" shows "set_mset r|\'| \ ds r S" proof - from assms have d: "(r|\| + r|\'| -s dl r (\) , r|\| + r|\| ) \ mul_eq r" unfolding lemma3_2_2 by auto from assms have assm:"set_mset (r|\| + r|\| ) \ ds r S" unfolding measure_def by auto hence tau:"ds r (set_mset r|\| ) \ ds r S" using subset_imp_ds_subset[OF t] by auto have "set_mset (r|\| + (r|\'| -s dl r \)) \ ds r S" using mul_eq_and_ds_imp_ds[OF t d assm] by auto hence "set_mset (r|\'| -s ds r (set \)) \ ds r S" unfolding dl_def by auto hence "set_mset (r|\'| -s ds r (set \)) \ ds r (set \) \ ds r S" using tau by (metis t dl_def dm_def le_sup_iff lemma3_2_1) thus ?thesis unfolding diff_def by auto qed lemma DD_subset_ds: assumes t:"trans r" and DD: "DD ars r (\,\,\',\')" and "set_mset (measure r (\,\)) \ ds r S" shows "set_mset (measure r (\',\')) \ ds r S" proof - have d1:"(r|labels \ @ labels \'|, r|labels \| + r|labels \| ) \ mul_eq r" using DD unfolding DD_def D2_def D_def by auto have d2:"(r|labels \ @ labels \'|, r|labels \| + r|labels \| ) \ mul_eq r" using DD unfolding DD_def D2_def D_def by (auto simp: union_commute) show ?thesis using DD_subset_helper[OF t d1] DD_subset_helper[OF t d2] assms(3) unfolding measure_def by auto qed lemma conv_imp_valley: assumes t: "trans r" and IH: "!!y . ((y,((s,[\_step]@\_step),(s,[\_step]@\_step))) \ pex r \ peak ars y \ \\' \'. DD ars r (fst y, snd y, \', \'))" (is "!!y. ((y,?P) \ _ \ _ \ _)") and "\1 \ conv ars" and "set_mset (measure_conv r \1) \ dm r M" and "(M,{#fst \_step,fst \_step#}) \ mul_eq r" shows "\ \ \. ({\,\} \ seq ars \ fst \ = fst \1 \ fst \ = lst_conv \1 \ lst \ = lst \ \ set_mset (measure r (\,\)) \ dm r M)" proof - from assms obtain s ss where sigma1: "\1 = (s,ss)" using surjective_pairing by metis show ?thesis using assms(3,4) unfolding sigma1 proof (induct ss arbitrary: s rule:list.induct) case Nil hence "(s,[]) \ seq ars" using seq.intros(1) by fast moreover have "set_mset (measure r ((s,[]),(s,[]))) \ dm r M" unfolding measure_def labels_def by auto ultimately show ?case by auto next case (Cons t' ts) obtain d \ t where dec: "t' = (d,\,t)" using surjective_pairing by metis hence dic: "{\} \ ds r (set_mset M)" using Cons(3) unfolding dec measure_conv_def labels_conv_def dm_def by auto have one:"ds r {\} \ dm r M " unfolding dm_def using subset_imp_ds_subset[OF t dic] by auto have "set_mset (measure_conv r (t,ts) -s ds r {\}) \ dm r M" using Cons(3) unfolding measure_conv_def labels_conv_def dec by auto hence "set_mset (measure_conv r (t,ts)) \ dm r M \ ds r {\}" unfolding set_mset_def diff_def by auto hence ts2: "set_mset (measure_conv r (t,ts)) \ dm r M" using dic one by auto from Cons(2) have ts: "(t,ts) \ conv ars" unfolding dec using conv_tail1(1) by fast from Cons(1)[OF ts ts2] obtain \' \ where ih:"{\', \} \ seq ars \ fst \' = fst (t,ts) \ fst \ = lst_conv (t, ts) \ lst \' = lst \ \ set_mset (measure r (\',\)) \ dm r M" by metis have diff:"!!x. x \# r|map fst (snd \')|-sds r {\} \ x \# r|map fst (snd \')|" by simp show ?case proof (cases d) case True hence step:"(s,\,t) \ ars" using conv_tail1(2) Cons(2) unfolding dec by auto have "(s,(\,t)# snd \') \ seq ars" (is "?\ \ _") using seq.intros(2)[OF step] using ih(1) by auto hence "{?\,\} \ seq ars" using ih by auto moreover have "(fst ?\) = fst (s, t' # ts)" by auto moreover have "fst \ = lst_conv (s, t' # ts)" using ih unfolding dec lst_conv.simps by auto moreover have "lst ?\ = lst \" by (metis \(s, (\, t) # snd \') \ seq ars\ fst_conv ih seq_tail1(3) snd_conv surjective_pairing) moreover have "set_mset (measure r (?\,\)) \ dm r M" using diff ih dic unfolding measure_def labels_def dm_def by auto ultimately show ?thesis by blast next case False hence step:"(t,\,s) \ ars" using conv_tail1(3) Cons(2) unfolding dec by auto hence "(t,[(\,s)]) \ seq ars" using seq.intros by metis hence p:"peak ars ((t,[(\,s)]),\')" (is "peak ars ?y") using seq.intros unfolding peak_def using ih by auto hence mp: "set_mset (measure r ?y) \ ds r (set_mset M)" using ih dic unfolding measure_def labels_def dm_def by simp hence ne: "M \ {#}" using dec dic unfolding dm_def ds_def by auto hence x:"(measure r ?y,M) \ mul r" using mp unfolding dm_def mul_def apply auto by (metis add_0) have "({#fst \_step#}+{#fst \_step#},measure r ?P) \ mul_eq r" unfolding assms(2) measure_def labels_def apply auto unfolding union_lcomm union_assoc[symmetric] using mul_eq_add_right[where M="{#fst \_step#}+{#fst \_step#}"] unfolding union_assoc by auto hence "(M,measure r ?P) \ mul_eq r" using assms(5) mul_eq_trans t by (auto simp: add_mset_commute) hence w:"(?y,?P) \ pex r" unfolding assms(1) pex_def using mul_and_mul_eq_imp_mul[OF t x] by auto obtain \'' \'' where DD:"DD ars r ((t,[(\,s)]),\',\'',\'')" using IH[OF w p] by auto have sigma: "\'' \ seq ars" "fst \'' = fst (s, t' # ts)" "lst \'' = lst \''" using DD unfolding DD_def diagram_def lst_def by auto have tau'': "\'' \ seq ars" and eq: "lst \ = fst \''" using DD unfolding DD_def diagram_def using ih by auto have tau:"(fst \,snd \ @ snd \'') \ seq ars" (is "?\''' \ _") and "lst \'' = lst (fst \,snd \@ snd \'')" using seq_concat[OF _ tau'' eq] ih by auto hence tau2: "fst ?\''' = lst_conv (s,t'#ts)" "lst \'' = lst ?\'''" using DD ih unfolding DD_def diagram_def dec lst_conv.simps by auto have "set_mset (measure r (\'',\'')) \ ds r (set_mset M)" using DD_subset_ds[OF t DD mp] unfolding measure_def by auto hence "set_mset (r|labels \''| + r|labels \| + (r|labels \''| -s (dl r (labels \)) )) \ dm r M" using ih unfolding measure_def dm_def diff_def by auto hence fin: "set_mset (measure r (\'',?\''')) \ dm r M" unfolding measure_def labels_def apply auto unfolding lemma3_2_2 by auto show ?thesis using sigma tau tau2 fin by blast qed qed qed lemma labels_multiset: assumes "length (labels \) \ 1" and "set (labels \) \ {\}" shows "(r|labels \|, {#\#}) \ mul_eq r" proof (cases "snd \") case Nil hence "r|labels \| = {#}" unfolding labels_def by auto thus ?thesis unfolding mul_eq_def by auto next case (Cons x xs) hence l:"length (labels \) = 1" using assms(1) unfolding labels_def by auto from this have "labels \ \ []" by auto from this obtain a as where "labels \ = a#as" using neq_Nil_conv by metis hence leq: "labels \ = [a]" using l by auto hence "set (labels \) = {\}" using assms(2) by auto hence "(r|labels \| ) = {#\#}" unfolding leq lexmax.simps diff_def by auto thus ?thesis using mul_eq_reflexive by auto qed lemma decreasing_imp_local_decreasing: assumes t:"trans r" and i:"irrefl r" and DD: "DD ars r (\,\,\',\')" and "set (labels \) \ ds r {\}" and "length (labels \) \ 1" and "set (labels \) \ {\}" shows "\\1 \2 \3. (\'=(fst \1,snd \1@snd \2@snd \3) \ lst \1=fst \2 \ lst \2 = fst \3 \ lst \3 = lst \' \ LD_1' r \ \ (labels \1) (labels \2) (labels \3))" "set (labels \') \ ds r ({\,\})" proof - show "\ \1 \2 \3. (\' = (fst \1,snd \1@snd \2@snd \3) \ lst \1 = fst \2 \ lst \2 = fst \3 \ lst \3 = lst \' \ LD_1' r \ \ (labels \1) (labels \2) (labels \3))" proof - from DD have \':"\' \ seq ars" using assms unfolding DD_def diagram_def by auto from DD have x: "(r|labels \'| -s dl r (labels \),r|labels \| ) \ mul_eq r" unfolding DD_def D2_def using D_eq(2)[OF t i] by auto have "dl r (labels \) \ ds r (ds r {\})" using assms(4) unfolding dl_def ds_def by auto hence "dl r (labels \) \ ds r {\}" using ds_ds_subseteq_ds[OF t] by auto hence x:"(r|labels \'| -s ds r {\},r|labels \| ) \ mul_eq r" using x unfolding diff_def by (metis diff_def lemma2_6_8 mul_eq_trans t) hence x:"(r|labels \'| -s dl r [\],{#\#}) \ mul_eq r" using labels_multiset[OF assms(5,6)] unfolding dl_def using mul_eq_trans[OF t x] by auto obtain \1' \2' \3' where l:"labels \' = \1'@(\2'@\3')" and \1'l: "set \1' \ ds r {\}" and \2'l: "length \2' \ 1 \ set \2' \ {\}" and \3'l: "set \3' \ ds r {\,\}" using proposition3_4_inv_lists[OF t i x] unfolding dl_def by auto obtain \1 \23 where \1:"\1 \ seq ars" and \23: "\23 \ seq ars" and lf1: "lst \1 = fst \23" and lf1b: "lst \' = lst \23" and \'_eq:"\' = (fst \1,snd \1@snd \23)" and \1l:"labels \1 = \1'" and l2:"labels \23 = \2'@\3'" using seq_decompose[OF \' l] by auto obtain \2 \3 where \2:"\2 \ seq ars" and \3:"\3 \ seq ars" and lf2:"lst \2 = fst \3" and lf2b:"lst \23 = lst \3" and \23_eq:"\23 = (fst \2,snd \2@snd \3)" and \2l: "labels \2 = \2'" and \3l: "labels \3 = \3'" using seq_decompose[OF \23 l2] by auto have "\' = (fst \1, snd \1 @ snd \2 @ snd \3)" using \1 \2 \3 \'_eq \23_eq by auto moreover have "lst \1 = fst \2" using lf1 \23_eq by auto moreover have "lst \2 = fst \3" using lf2 by auto moreover have "lst \3 = lst \'" using lf1b lf2b by auto moreover have "set (labels \1) \ ds r {\}" using \1l \1'l by auto moreover have "length (labels \2) \ 1 \ set (labels \2) \ {\}" using \2l \2'l by auto moreover have "set (labels \3) \ ds r {\, \}" using \3l \3'l by auto ultimately show ?thesis unfolding LD_1'_def by fast qed show "set (labels \') \ ds r ({\,\})" proof - have x:"(r|labels \'| -s dl r (labels \),r|labels \| ) \ mul_eq r" using DD D_eq[OF t i] unfolding DD_def D2_def by auto have y:"set_mset r|labels \| \ ds r {\}" using leq_imp_subseteq[OF lexmax_le_multiset[OF t]] assms(4) by auto hence "set_mset (r|labels \'|-s ds r (set (labels \))) \ ds r {\}" using mul_eq_and_ds_imp_ds[OF t x y] unfolding dl_def by auto hence "set_mset (r|labels \'| ) \ ds r {\} \ ds r (set (labels \))" unfolding diff_def by auto hence "set_mset (r|labels \'| ) \ ds r {\,\}" using assms(6) unfolding ds_def by auto thus ?thesis using lexmax_set[OF t] by auto qed qed lemma local_decreasing_extended_imp_decreasing: assumes "LT1 ars r (s,[\_step]) (s,[\_step]) \1 \2 \3" and t: "trans r" and i: "irrefl r" and IH:"!!y . ((y,((s,[\_step]@\_step),(s,[\_step]@\_step))) \ pex r \ peak ars y \ \\' \'. DD ars r (fst y, snd y, \', \'))" (is "!!y. ((y,?P) \ _ \ _ \ _)") shows "\ \1 \2 \3' \1'''. ({\1,\2,\3',\1'''} \ seq ars \ set (labels \1) \ ds r {fst \_step} \ length (labels \2) \ 1 \ set (labels \2) \ {fst \_step} \ set (labels \3') \ ds r {fst \_step,fst \_step}) \ set (labels \1''') \ ds r {fst \_step,fst \_step} \ snd \_step = fst \1 \ lst \1 = fst \2 \ lst \2 = fst \3' \ lst \3' = lst \1''' \ fst \1''' = fst \3" proof - from assms labels_multiset have s2:"(r|labels \2|,{#fst \_step#}) \ mul_eq r" unfolding LT1_def local_triangle1_def LD_1'_def labels_def by auto from assms have \1: "\1 \ conv ars" and \3: "\3 \ conv ars" and \2_l: "length (labels \2) \ 1" and \2_s: "set (labels \2) \ {fst \_step}" and \3_s: "set (labels_conv \3) \ ds r {fst \_step,fst \_step}" and "set (labels_conv \1) \ ds r {fst \_step}" unfolding LT_def LD'_def LT1_def LD_1'_def labels_def local_triangle1_def by auto hence "set_mset (measure_conv r \1) \ ds r {fst \_step}" unfolding measure_conv_def using lexmax_le_multiset[OF t] by (metis set_mset_mset submultiset_implies_subset subset_trans) hence \1_s: "set_mset (measure_conv r \1) \ dm r {#fst \_step#}" unfolding dm_def by auto have x: "({#fst \_step#}, {#fst \_step, fst \_step#}) \ mul_eq r" using mul_eq_add_right[of "{#_#}"] by auto obtain \1' \1'' where \1': "\1' \ seq ars" and \1'': "\1'' \ seq ars" and eqx:"fst \1' = fst \1" and "fst \1'' = lst_conv \1" and \1'_eq: "lst \1' = lst \1''" and m2: "set_mset (measure r (\1',\1'')) \ dm r {#fst \_step#}" using conv_imp_valley[OF t IH \1 \1_s x] apply auto by fast hence Q:"peak ars (\1'',\2)" (is "peak ars ?Q") unfolding peak_def using assms(1) unfolding LT_def LD'_def LT1_def local_triangle1_def by auto from m2 have \1's: "set (labels \1') \ ds r {fst \_step}" and \1''s: "set (labels \1'') \ ds r {fst \_step}" unfolding measure_def dm_def using lexmax_set[OF t] by auto from m2 have \1'_m:"(r|labels \1''|,{#fst \_step#}) \ mul r" unfolding measure_def mul_def apply auto by (metis dm_def empty_neutral(1) set_mset_single add_mset_not_empty) hence y:"(r|labels \1''| + r|labels \2|,{#fst \_step#}+{#fst \_step#}) \ mul r" using mul_add_mul_eq_imp_mul[OF \1'_m s2] union_commute by metis have "(r|labels \1''| + r|labels \2|, {#fst \_step,fst \_step#} + (r|map fst \_step|-sds r {fst \_step} + r|map fst \_step|-sds r {fst \_step})) \ mul r" using mul_add_right[OF y] by (auto simp: add_mset_commute) hence q:"(?Q,?P) \ pex r" unfolding pex_def measure_def labels_def apply auto by (metis union_assoc union_commute union_lcomm) obtain \1''' \' where DD:"DD ars r (\1'',\2,\',\1''')" using IH[OF q Q] by auto from DD have \': "\' \ seq ars" and \1''':"\1''' \ seq ars" unfolding DD_def diagram_def by auto from decreasing_imp_local_decreasing[OF t i DD \1''s \2_l \2_s] obtain \1' \2' \3' where \'_dec: "\' = (fst \1', snd \1' @ snd \2' @ snd \3')" and eq1: "lst \1' = fst \2'" "lst \2' = fst \3'" "lst \3' = lst \'" and \1s: "set (labels \1') \ ds r {fst \_step}" and \2l: "length (labels \2') \ 1" and \2's: "set (labels \2') \ {fst \_step}" and "set (labels \3') \ ds r {fst \_step,fst \_step}" and \3's: "set (labels \3') \ ds r {fst \_step,fst \_step}" and \1'''s: "set (labels \1''') \ ds r {fst \_step,fst \_step}" unfolding LD_1'_def by blast have \'_ds: "(fst \1', snd \1' @ snd \2' @ snd \3') \ seq ars" using \' \'_dec by auto have \1':"\1' \ seq ars" and tmp: "(fst \2',snd \2'@snd \3') \ seq ars" using seq_chop[OF \'_ds] surjective_pairing eq1 by auto have \2': "\2' \ seq ars" and \3': "\3' \ seq ars" using seq_chop[OF tmp] using surjective_pairing eq1 by auto have eq:"lst \1' = fst \1'" using DD \1'_eq unfolding DD_def diagram_def apply auto unfolding \'_dec by auto have \1: "(fst \1',snd \1'@snd \1') \ seq ars" (is "?\1 \ _") and eq0:"lst (fst \1', snd \1' @ snd \1') = lst \1'" using seq_concat[OF \1' \1' eq] by auto moreover have "set (labels ?\1) \ ds r {fst \_step}" using \1s \1's unfolding labels_def dm_def by auto moreover have "snd \_step = fst ?\1" using assms(1) unfolding LT1_def local_triangle1_def lst_def \'_dec eqx by auto moreover have "lst ?\1 = fst \2'" unfolding eq0 eq1 by auto moreover have "lst \3' = lst \1'''" unfolding eq1 using DD unfolding DD_def diagram_def by auto moreover have "fst \1''' = fst \3" using DD assms(1) unfolding DD_def diagram_def LT1_def local_triangle1_def by auto ultimately show ?thesis using \2' \2's \3' \3's \1''' \1'''s eq1 surjective_pairing \2l by blast qed lemma LDD_imp_DD: assumes t:"trans r" and i:"irrefl r" and "LDD ars r (\,\,\1,\2,\3,\1,\2,\3)" shows "\ \' \'. DD ars r (\,\,\',\')" proof - from assms have "length (labels \) = 1" unfolding LDD_def LDD1_def local_diagram1_def local_peak_def unfolding labels_def by auto from this obtain \ where l: "labels \ = [\]" by (metis append_Nil append_butlast_last_id butlast_conv_take diff_self_eq_0 length_0_conv take_0 zero_neq_one) hence \l: "labels \ = [hd (labels \)]" by auto from assms have "length (labels \) = 1" unfolding LDD_def LDD1_def local_diagram1_def local_peak_def unfolding labels_def by auto from this obtain \ where l: "labels \ = [\]" by (metis append_Nil append_butlast_last_id butlast_conv_take diff_self_eq_0 length_0_conv take_0 zero_neq_one) hence \l: "labels \ = [hd (labels \)]" by auto from assms have \':"(fst \1,snd \1@snd \2@snd \3) \ seq ars" (is "?\' \ _") and \':"(fst \1,snd \1@snd \2@snd \3) \ seq ars" (is "?\' \ _") unfolding LDD_def LDD1_def local_diagram1_def local_peak_def peak_def apply auto apply (metis fst_eqD seq_concat(1) snd_eqD) by (metis fst_eqD seq_concat(1) snd_eqD) from assms have sigmas: "fst ?\' = fst \1" "lst ?\' = lst \3" unfolding LDD_def LDD1_def local_diagram1_def local_peak_def peak_def apply auto by (metis (opaque_lifting, no_types) \' append_assoc seq_chop(1) seq_concat(2) seq_concat_helper) from assms have taus: "fst ?\' = fst \1" "lst ?\' = lst \3" unfolding LDD_def LDD1_def local_diagram1_def local_peak_def peak_def apply auto by (metis (opaque_lifting, no_types) \' append_assoc seq_chop(1) seq_concat(2) seq_concat_helper) have "diagram ars (\,\,?\',?\')" using assms unfolding LDD_def LDD1_def local_diagram1_def diagram_def local_peak_def apply auto unfolding peak_def apply auto using sigmas taus \' \' by auto moreover have "D2 r (\,\,?\',?\')" using assms proposition3_4[OF t i] \l \l unfolding LDD_def LDD1_def D2_def LD'_def labels_def by auto ultimately show ?thesis unfolding DD_def by auto qed lemma LT_imp_DD: assumes t:"trans r" and i:"irrefl r" and IH:"!!y . ((y,((s,[\_step]@\_step),(s,[\_step]@\_step))) \ pex r \ peak ars y \ \\' \'. DD ars r (fst y, snd y, \', \'))" (is "!!y. ((y,?P) \ _ \ _ \ _)") and LT: "LT ars r ((s,[\_step]),(s,[\_step]),\1,\2,\3,\1,\2,\3)" shows "\ \ \. DD ars r ((s,[\_step]),(s,[\_step]),\,\)" proof - from LT have LTa: "LT1 ars r (s,[\_step]) (s,[\_step]) \1 \2 \3" and LTb: "LT1 ars r (s,[\_step]) (s,[\_step]) \1 \2 \3" unfolding LT_def by auto from local_decreasing_extended_imp_decreasing[OF LTa t i IH] obtain \1 \2 \3' \1''' where sigmas:"{\1,\2,\3',\1'''} \ seq ars" and onetwo1: "set (labels \1) \ ds r {fst \_step} \ length (labels \2) \ 1 \ set (labels \2) \ {fst \_step} \ set (labels \3') \ ds r {fst \_step, fst \_step} \ set (labels \1''') \ ds r {fst \_step,fst \_step} \ snd \_step = fst \1 \ lst \1 = fst \2 \ lst \2 = fst \3' \ lst \3' = lst \1''' \ fst \1''' = fst \3" by metis have ih2: "!!y. (y, (s, [\_step] @ \_step),(s,[\_step] @ \_step)) \ pex r \ peak ars y \ \\' \'. DD ars r (fst y, snd y, \', \')" using IH unfolding pex_def measure_def by (auto simp: union_commute) from local_decreasing_extended_imp_decreasing[OF LTb t i ih2] obtain \1 \2 \3' \1''' where taus:"{\1,\2,\3',\1'''} \ seq ars" and onetwo2: "set (labels \1) \ ds r {fst \_step} \ length (labels \2) \ 1 \ set (labels \2) \ {fst \_step} \ set (labels \3') \ ds r {fst \_step,fst \_step} \ set (labels \1''') \ ds r {fst \_step,fst \_step} \ snd \_step = fst \1 \ lst \1 = fst \2 \ lst \2 = fst \3' \ lst \3' = lst \1''' \ fst \1''' = fst \3" by metis have \3: "\3 \ conv ars" and \3m:"set (labels_conv \3) \ ds r {fst \_step,fst \_step}" and \3: "\3 \ conv ars" (is "?c2 \ _") and \3m: "set (labels_conv \3) \ ds r {fst \_step,fst \_step}" and eq: "lst_conv \3 = lst_conv \3" using LT unfolding LT_def LT1_def local_triangle1_def LD_1'_def labels_def by auto hence \3m: "set (labels_conv \3) \ ds r {fst \_step, fst \_step}" using insert_commute by metis (*concat*) have \1''': "\1''' \ seq ars" using taus by auto have \1''': "\1''' \ seq ars" using sigmas by auto have c1: "(fst \1''',map (Pair True) (snd \1''')) \ conv ars" (is "?c0 \ _") using seq_imp_conv \1''' surjective_pairing by metis have c11: "lst \1''' = lst_conv ?c0" using seq_imp_conv \1''' surjective_pairing by metis have c1l: "set (labels_conv ?c0) \ ds r {fst \_step,fst \_step}" using onetwo2 seq_imp_conv \1''' surjective_pairing by metis hence c1l:"set (labels_conv ?c0) \ ds r {fst \_step,fst \_step}" using insert_commute by metis have c1: "conv_mirror ?c0 \ conv ars" (is "?c1 \ _") "set (labels_conv (conv_mirror ?c0)) \ ds r {fst \_step,fst \_step}" "fst (conv_mirror ?c0) = lst \3'" "lst_conv (conv_mirror ?c0) = fst \3" using conv_mirror[OF c1] c11 c1l c1 onetwo2 by auto have c2: "?c2 \ conv ars" "set (labels_conv ?c2) \ ds r {fst \_step, fst \_step}" "fst ?c2 = fst \3" "lst_conv ?c2 = lst_conv \3" using \3 eq \3m by auto have "conv_mirror \3 \ conv ars" (is "?c3 \ _") "set (labels_conv (conv_mirror \3)) = set (labels_conv \3)" using conv_mirror[OF \3] by auto hence c3: "?c3 \ conv ars" "set (labels_conv ?c3) \ ds r {fst \_step, fst \_step}" "fst ?c3 = lst_conv \3" "lst_conv ?c3 = fst \1'''" using conv_mirror[OF \3] eq onetwo1 \3m by auto have c4: "(fst \1''',map (Pair True) (snd \1''')) \ conv ars" (is "?c4 \ _") "set (labels_conv (fst \1''',map (Pair True) (snd \1'''))) = set (labels \1''')" using seq_imp_conv \1''' surjective_pairing apply metis using seq_imp_conv \1''' surjective_pairing by metis have c4: "?c4 \ conv ars" "lst_conv ?c4 = lst \1'''" "set (labels_conv ?c4) \ ds r {fst \_step,fst \_step}" using seq_imp_conv \1''' surjective_pairing apply metis using seq_imp_conv \1''' surjective_pairing apply metis using c4(2) onetwo1 by auto have eq: "lst_conv ?c1 = fst ?c2" using c1 c2 by auto have c12: "(fst ?c1,snd ?c1@snd ?c2) \ conv ars" (is "?c12 \ _") "fst (fst ?c1,snd ?c1@snd ?c2) = fst ?c1" "lst_conv (fst ?c1,snd ?c1@snd ?c2) = lst_conv ?c2" using conv_concat[OF c1(1) c2(1) eq] by auto have eq: "lst_conv ?c12 = fst ?c3" using c12 c3 by auto have c123: "(fst ?c12,snd ?c12@snd ?c3) \ conv ars" (is "?c123 \ _") "fst (fst ?c12,snd ?c12@snd ?c3) = fst ?c12" "lst_conv (fst ?c12,snd ?c12@snd ?c3) = lst_conv ?c3" using conv_concat[OF c12(1) c3(1) eq] by auto have eq: "lst_conv ?c123 = fst ?c4" using c123 c2 c4 onetwo1 onetwo2 apply auto unfolding Let_def using c3(4) apply auto by metis have c1234: "(fst ?c123,snd ?c123@snd ?c4) \ conv ars" (is "?c1234 \ _") "fst (fst ?c123,snd ?c123@snd ?c4) = fst ?c123" "lst_conv (fst ?c123,snd ?c123@snd ?c4) = lst_conv ?c4" using conv_concat[OF c123(1) c4(1) eq] by auto hence c1234: "?c1234 \ conv ars" (is "?c1234 \ _") "fst (?c1234) = lst \3'" "lst_conv ?c1234 = lst \3'" apply auto unfolding Let_def using c1(3) apply auto apply metis using c4(2) onetwo1 by metis have c12l: "set (labels_conv ?c12) \ ds r {fst \_step, fst \_step}" using conv_concat_labels[OF c1(1) c2(1)] c1 c2 by auto have c123l: "set (labels_conv ?c123) \ ds r {fst \_step,fst \_step}" using conv_concat_labels[OF c12(1) c3(1)] c12l c3 by auto have c1234l:"set (labels_conv ?c1234) \ ds r {fst \_step,fst \_step}" using conv_concat_labels[OF c123(1) c4(1)] c123l c4 by auto hence "set_mset (r|labels_conv ?c1234| ) \ ds r {fst \_step,fst \_step}" using submultiset_implies_subset[OF lexmax_le_multiset[OF t]] by auto hence "set_mset (measure_conv r ?c1234) \ dm r {#fst \_step, fst \_step#}" unfolding measure_conv_def dm_def by (auto simp: add_mset_commute) hence m: "set_mset (measure_conv r ?c1234) \ dm r {#fst \_step, fst \_step#}" by (auto simp: add_mset_commute) from c1234 m obtain \ where \:"\ \ conv ars" and \m:"set_mset (measure_conv r \) \ dm r {# fst \_step, fst \_step#}" and eq1: "fst \ = lst \3'" and eq2: "lst_conv \ = lst \3'" by auto have M:"({#fst \_step,fst \_step#},{#fst \_step,fst \_step#}) \ mul_eq r" using mul_eq_reflexive add_mset_commute by metis from conv_imp_valley[OF t IH \ \m M] obtain \3'' \3'' where \3'':"\3'' \ seq ars" and \3'': "\3'' \ seq ars" and eq:"fst \3'' = fst \ \ fst \3'' = lst_conv \ \ lst \3'' = lst \3'' \ set_mset (measure r (\3'', \3'')) \ dm r {#fst \_step, fst \_step#}" apply auto by fast have s1: "set (labels \3'') \ ds r {fst \_step, fst \_step}" using eq unfolding dm_def measure_def apply auto by (metis (opaque_lifting, no_types) insert_commute lexmax_set subsetD t) have s2: "set (labels \3'') \ ds r {fst \_step, fst \_step}" using eq unfolding dm_def measure_def apply auto by (metis (opaque_lifting, no_types) insert_commute lexmax_set subsetD t) have \1_eq: "lst (s, [\_step]) = fst \1" and \1_eq: "lst (s, [\_step]) = fst \1" using onetwo1 onetwo2 surjective_pairing unfolding lst_def by auto have eqn: " lst \3'' = lst \3''" and \_eq: "lst \3' = fst \3''" and \_eq: "lst \3' = fst \3''" using eq eq1 eq2 by auto have \3':"(fst \3',snd \3'@snd \3'') \ seq ars" (is "?\3 \ _") using seq_concat[OF _ \3'' \_eq] sigmas by blast have \3':"(fst \3',snd \3'@snd \3'') \ seq ars" (is "?\3 \ _") using seq_concat[OF _ \3'' \_eq] taus by blast have "fst ?\3 = lst \2" and "fst ?\3 = lst \2" using onetwo1 onetwo2 by auto have lst:"lst ?\3 = lst ?\3" using eqn \3'' \3' \_eq \3'' \_eq \3' seq_chop(1) seq_concat(2) surjective_pairing by metis have "local_diagram1 ars (s, [\_step]) (s, [\_step]) \1 \2 (fst \3', snd \3' @ snd \3'')" using sigmas \3' onetwo1 \1_eq LT unfolding local_diagram1_def LT_def LT1_def local_triangle1_def by auto moreover have "local_diagram1 ars (s,[\_step]) (s,[\_step]) \1 \2 (fst \3',snd \3'@snd \3'')" using taus \3' onetwo2 \1_eq LT unfolding local_diagram1_def LT_def LT1_def local_triangle1_def by auto moreover have "LD_1' r (hd (labels (s, [\_step]))) (hd (labels (s, [\_step]))) (labels \1) (labels \2) (labels (fst \3', snd \3' @ snd \3''))" using onetwo1 s1 unfolding LD_1'_def labels_def by auto moreover have "LD_1' r (hd (labels (s, [\_step]))) (hd (labels (s, [\_step]))) (labels \1) (labels \2) (labels (fst \3', snd \3' @ snd \3''))" using onetwo2 s2 unfolding LD_1'_def labels_def by auto ultimately have LDD: "LDD ars r ((s,[\_step]),(s,[\_step]),\1,\2,?\3,\1,\2,?\3)" using lst unfolding LDD_def LDD1_def local_diagram1_def by auto from LDD_imp_DD[OF t i LDD] show ?thesis by auto qed lemma LT_imp_D: assumes t:"trans r" and "wf r" and "\p. (local_peak ars p \ (\ \1 \2 \3 \1 \2 \3. LT ars r (fst p,snd p,\1,\2,\3,\1,\2,\3)))" and "peak ars P" shows "(\ \' \'. DD ars r (fst P,snd P,\',\'))" proof - have i: "irrefl r" using assms(1,2) acyclic_irrefl trancl_id wf_acyclic by metis have wf: "wf (pex r)" using wf[OF assms(1,2)] . show ?thesis using assms(4) proof (induct rule:wf_induct_rule[OF wf]) case (1 P) obtain s \ \ where decompose:"P = (\,\)" and tau:"\ \ seq ars" and sigma:"\ \ seq ars" and tau_s: "fst \ = s" and sigma_s: "fst \ = s" using 1 unfolding peak_def by auto show ?case proof (cases "snd \") case Nil from mirror_DD[OF assms(1) i trivial_DD[OF sigma]] show ?thesis using tau_s sigma_s Nil surjective_pairing unfolding decompose fst_conv snd_conv DD_def by metis next case (Cons \_step \_step) hence tau_dec: "\ = (s,[\_step]@\_step)" apply auto using tau_s surjective_pairing by metis hence tau2:" (s,[\_step]@\_step) \ seq ars" using tau by auto show ?thesis proof (cases "snd \") case Nil from trivial_DD[OF tau] show ?thesis using tau_s sigma_s Nil surjective_pairing unfolding decompose fst_conv snd_conv DD_def by metis next case (Cons \_step \_step) hence sigma_dec: "\ = (s,[\_step]@\_step)" apply auto using sigma_s surjective_pairing by metis hence sigma2:"(s,[\_step]@\_step) \ seq ars" using sigma by auto have alpha:"(s,[\_step]) \ seq ars" (is "?\ \ _") and rho: "(lst (s,[\_step]),\_step) \ seq ars" (is "?\ \ _") using seq_chop[OF sigma2] by auto hence alpha': "(s,fst \_step, snd \_step) \ ars" by (metis seq_tail1(2)) have beta:"(s,[\_step]) \ seq ars" (is "?\ \ _") and upsilon: "(lst (s,[\_step]),\_step) \ seq ars" (is "?\ \ _") using seq_chop[OF tau2] by auto have lp:"local_peak ars (?\,?\)" using alpha beta unfolding local_peak_def peak_def by auto (* difference begin*) from this obtain \1 \2 \3 \1 \2 \3 where LT: "LT ars r (?\, ?\, \1, \2, \3, \1, \2, \3)" using assms(3) apply auto by metis have P:"P = ((s,[\_step]@\_step),(s,[\_step]@\_step))" (is "P = ?P") using decompose unfolding tau_dec sigma_dec by auto obtain \ \ where D:"DD ars r (?\,?\,\,\)" using LT_imp_DD[OF t i 1(1) LT] unfolding P by fast (*difference end*) hence kappa: "\\seq ars" and mu: "\\seq ars" unfolding DD_def diagram_def by auto have P_IH1: " peak ars (?\,\)" using upsilon kappa D unfolding DD_def diagram_def peak_def by auto have beta_ne: "labels ?\ \ []" unfolding labels_def by auto have dec: "D r (labels ?\) (labels ?\) (labels \) (labels \)" using D unfolding DD_def D2_def by auto have x1:"((?\,\), (\,?\)) \ pex r" using lemma3_6[OF assms(1) beta_ne dec] unfolding pex_def measure_def decompose labels_def tau_dec apply (auto simp: add_mset_commute) using union_commute by metis have "(lexmax r (labels \) + lexmax r (labels (?\)), lexmax r (labels \) + lexmax r (labels \)) \ mul_eq r" (is "(?l,?r) \ _") unfolding sigma_dec labels_def snd_conv list.map lexmax.simps diff_from_empty by (simp add: lemma2_6_2_a t) hence "((?\,\),P) \ pex r" using x1 unfolding sigma_s pex_def measure_def decompose using mul_and_mul_eq_imp_mul[OF assms(1)] by auto from this obtain \' \' where IH1: "DD ars r (?\,\,\',\')" using 1(1)[OF _ P_IH1] unfolding decompose by auto hence kappa':"\'\seq ars" and upsilon': "\'\seq ars" using D unfolding DD_def diagram_def by auto have tau': "(fst \,snd \@(snd \')) \ seq ars" (is "?\' \ _") using seq_concat(1)[OF mu upsilon'] D IH1 unfolding DD_def diagram_def by auto have DIH1: "DD ars r (\,?\,\',?\')" using lemma3_5_DD[OF assms(1) i D IH1] tau_dec by auto hence dec_dih1: "D r (labels \) (labels ?\) (labels \') (labels ?\')" using DIH1 unfolding DD_def D2_def by simp have P_IH2: "peak ars (?\',?\)" using tau' rho D unfolding DD_def diagram_def peak_def by auto have alpha_ne: "labels ?\ \ []" unfolding labels_def by simp have "((?\',?\),P) \ pex r" using lemma3_6_v[OF assms(1) i alpha_ne dec_dih1] unfolding pex_def measure_def decompose labels_def sigma_dec by auto from this obtain \' \'' where IH2: "DD ars r (?\',?\,\',\'')" using 1(1)[OF _ P_IH2] by auto show ?thesis using lemma3_5_DD_v[OF assms(1) i DIH1 IH2] unfolding decompose fst_conv snd_conv sigma_dec by fast qed qed qed qed definition LD_conv :: "'b set \ 'a rel \ bool" where "LD_conv L ars = (\ (r:: ('b rel)) (lrs::('a,'b) lars). (ars = unlabel lrs) \ trans r \ wf r \ (\p. (local_peak lrs p \ (\ \1 \2 \3 \1 \2 \3. LT lrs r (fst p,snd p,\1,\2,\3,\1,\2,\3)))))" lemma sound_conv: assumes "LD_conv L ars" shows "CR ars" using assms LT_imp_D D_imp_CR unfolding LD_conv_def by metis hide_const (open) D hide_const (open) seq hide_const (open) measure hide_fact (open) split end