diff --git a/thys/Public_Announcement_Logic/PAL.thy b/thys/Public_Announcement_Logic/PAL.thy --- a/thys/Public_Announcement_Logic/PAL.thy +++ b/thys/Public_Announcement_Logic/PAL.thy @@ -1,479 +1,479 @@ (* File: PAL.thy Author: Asta Halkjær From This work is a formalization of public announcement logic with countably many agents. It includes proofs of soundness and completeness for a variant of the axiom system PA + DIST! + NEC!. The completeness proof builds on the Epistemic Logic theory. *) theory PAL imports "Epistemic_Logic.Epistemic_Logic" begin section \Syntax\ datatype 'i pfm = FF ("\<^bold>\\<^sub>!") | Pro' id ("Pro\<^sub>!") | Dis \'i pfm\ \'i pfm\ (infixr "\<^bold>\\<^sub>!" 30) | Con \'i pfm\ \'i pfm\ (infixr "\<^bold>\\<^sub>!" 35) | Imp \'i pfm\ \'i pfm\ (infixr "\<^bold>\\<^sub>!" 25) | K' 'i \'i pfm\ ("K\<^sub>!") | Ann \'i pfm\ \'i pfm\ ("[_]\<^sub>! _" [50, 50] 50) abbreviation PIff :: \'i pfm \ 'i pfm \ 'i pfm\ (infixr "\<^bold>\\<^sub>!" 25) where \p \<^bold>\\<^sub>! q \ (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (q \<^bold>\\<^sub>! p)\ section \Semantics\ fun psemantics :: \('i, 'w) kripke \ 'w \ 'i pfm \ bool\ ("_, _ \\<^sub>! _" [50, 50] 50) and restrict :: \('i, 'w) kripke \ 'i pfm \ ('i, 'w) kripke\ where \(M, w \\<^sub>! \<^bold>\\<^sub>!) = False\ | \(M, w \\<^sub>! Pro\<^sub>! x) = \ M w x\ | \(M, w \\<^sub>! (p \<^bold>\\<^sub>! q)) = ((M, w \\<^sub>! p) \ (M, w \\<^sub>! q))\ | \(M, w \\<^sub>! (p \<^bold>\\<^sub>! q)) = ((M, w \\<^sub>! p) \ (M, w \\<^sub>! q))\ | \(M, w \\<^sub>! (p \<^bold>\\<^sub>! q)) = ((M, w \\<^sub>! p) \ (M, w \\<^sub>! q))\ -| \(M, w \\<^sub>! K\<^sub>! i p) = (\v \ \ M i w. M, v \\<^sub>! p)\ +| \(M, w \\<^sub>! K\<^sub>! i p) = (\v \ \ M \ \ M i w. M, v \\<^sub>! p)\ | \(M, w \\<^sub>! [r]\<^sub>! p) = ((M, w \\<^sub>! r) \ (restrict M r, w \\<^sub>! p))\ -| \restrict M p = Kripke (\ M) (\i w. {v. v \ \ M i w \ (M, v \\<^sub>! p)})\ +| \restrict M p = Kripke {w |w. w \ \ M \ M, w \\<^sub>! p} (\ M) (\ M)\ primrec static :: \'i pfm \ bool\ where \static \<^bold>\\<^sub>! = True\ | \static (Pro\<^sub>! _) = True\ | \static (p \<^bold>\\<^sub>! q) = (static p \ static q)\ | \static (p \<^bold>\\<^sub>! q) = (static p \ static q)\ | \static (p \<^bold>\\<^sub>! q) = (static p \ static q)\ | \static (K\<^sub>! i p) = static p\ | \static ([r]\<^sub>! p) = False\ primrec lower :: \'i pfm \ 'i fm\ where \lower \<^bold>\\<^sub>! = \<^bold>\\ | \lower (Pro\<^sub>! x) = Pro x\ | \lower (p \<^bold>\\<^sub>! q) = (lower p \<^bold>\ lower q)\ | \lower (p \<^bold>\\<^sub>! q) = (lower p \<^bold>\ lower q)\ | \lower (p \<^bold>\\<^sub>! q) = (lower p \<^bold>\ lower q)\ | \lower (K\<^sub>! i p) = K i (lower p)\ | \lower ([r]\<^sub>! p) = undefined\ primrec lift :: \'i fm \ 'i pfm\ where \lift \<^bold>\ = \<^bold>\\<^sub>!\ | \lift (Pro x) = Pro\<^sub>! x\ | \lift (p \<^bold>\ q) = (lift p \<^bold>\\<^sub>! lift q)\ | \lift (p \<^bold>\ q) = (lift p \<^bold>\\<^sub>! lift q)\ | \lift (p \<^bold>\ q) = (lift p \<^bold>\\<^sub>! lift q)\ | \lift (K i p) = K\<^sub>! i (lift p)\ lemma lower_semantics: assumes \static p\ shows \(M, w \ lower p) \ (M, w \\<^sub>! p)\ using assms by (induct p arbitrary: w) simp_all lemma lift_semantics: \(M, w \ p) \ (M, w \\<^sub>! lift p)\ by (induct p arbitrary: w) simp_all lemma lower_lift: \lower (lift p) = p\ by (induct p) simp_all lemma lift_lower: \static p \ lift (lower p) = p\ by (induct p) simp_all section \Soundness of Reduction\ primrec reduce' :: \'i pfm \ 'i pfm \ 'i pfm\ where \reduce' r \<^bold>\\<^sub>! = (r \<^bold>\\<^sub>! \<^bold>\\<^sub>!)\ | \reduce' r (Pro\<^sub>! x) = (r \<^bold>\\<^sub>! Pro\<^sub>! x)\ | \reduce' r (p \<^bold>\\<^sub>! q) = (reduce' r p \<^bold>\\<^sub>! reduce' r q)\ | \reduce' r (p \<^bold>\\<^sub>! q) = (reduce' r p \<^bold>\\<^sub>! reduce' r q)\ | \reduce' r (p \<^bold>\\<^sub>! q) = (reduce' r p \<^bold>\\<^sub>! reduce' r q)\ | \reduce' r (K\<^sub>! i p) = (r \<^bold>\\<^sub>! K\<^sub>! i (reduce' r p))\ | \reduce' r ([p]\<^sub>! q) = undefined\ primrec reduce :: \'i pfm \ 'i pfm\ where \reduce \<^bold>\\<^sub>! = \<^bold>\\<^sub>!\ | \reduce (Pro\<^sub>! x) = Pro\<^sub>! x\ | \reduce (p \<^bold>\\<^sub>! q) = (reduce p \<^bold>\\<^sub>! reduce q)\ | \reduce (p \<^bold>\\<^sub>! q) = (reduce p \<^bold>\\<^sub>! reduce q)\ | \reduce (p \<^bold>\\<^sub>! q) = (reduce p \<^bold>\\<^sub>! reduce q)\ | \reduce (K\<^sub>! i p) = K\<^sub>! i (reduce p)\ | \reduce ([r]\<^sub>! p) = reduce' (reduce r) (reduce p)\ lemma static_reduce': \static p \ static r \ static (reduce' r p)\ by (induct p) simp_all lemma static_reduce: \static (reduce p)\ by (induct p) (simp_all add: static_reduce') lemma reduce'_semantics: assumes \static q\ shows \((M, w \\<^sub>! [p]\<^sub>! (q))) = (M, w \\<^sub>! reduce' p q)\ using assms by (induct q arbitrary: w) auto lemma reduce_semantics: \(M, w \\<^sub>! p) = (M, w \\<^sub>! reduce p)\ proof (induct p arbitrary: M w) case (Ann p q) then show ?case using reduce'_semantics static_reduce by fastforce qed simp_all section \Proof System\ primrec peval :: \(id \ bool) \ ('i pfm \ bool) \ 'i pfm \ bool\ where \peval _ _ \<^bold>\\<^sub>! = False\ | \peval g _ (Pro\<^sub>! x) = g x\ | \peval g h (p \<^bold>\\<^sub>! q) = (peval g h p \ peval g h q)\ | \peval g h (p \<^bold>\\<^sub>! q) = (peval g h p \ peval g h q)\ | \peval g h (p \<^bold>\\<^sub>! q) = (peval g h p \ peval g h q)\ | \peval _ h (K\<^sub>! i p) = h (K\<^sub>! i p)\ | \peval _ h ([r]\<^sub>! p) = h ([r]\<^sub>! p)\ abbreviation \ptautology p \ \g h. peval g h p\ inductive PAK :: \('i pfm \ bool) \ 'i pfm \ bool\ ("_ \\<^sub>! _" [50, 50] 50) for A :: \'i pfm \ bool\ where PA1: \ptautology p \ A \\<^sub>! p\ | PA2: \A \\<^sub>! (K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! K\<^sub>! i q)\ | PAx: \A p \ A \\<^sub>! p\ | PR1: \A \\<^sub>! p \ A \\<^sub>! (p \<^bold>\\<^sub>! q) \ A \\<^sub>! q\ | PR2: \A \\<^sub>! p \ A \\<^sub>! K\<^sub>! i p\ | PFF: \A \\<^sub>! ([r]\<^sub>! \<^bold>\\<^sub>! \<^bold>\\<^sub>! (r \<^bold>\\<^sub>! \<^bold>\\<^sub>!))\ | PPro: \A \\<^sub>! ([r]\<^sub>! Pro\<^sub>! x \<^bold>\\<^sub>! (r \<^bold>\\<^sub>! Pro\<^sub>! x))\ | PDis: \A \\<^sub>! ([r]\<^sub>! (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! [r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q)\ | PCon: \A \\<^sub>! ([r]\<^sub>! (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! [r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q)\ | PImp: \A \\<^sub>! (([r]\<^sub>! (p \<^bold>\\<^sub>! q)) \<^bold>\\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q))\ | PK: \A \\<^sub>! (([r]\<^sub>! K\<^sub>! i p) \<^bold>\\<^sub>! (r \<^bold>\\<^sub>! K\<^sub>! i ([r]\<^sub>! p)))\ | PAnn: \A \\<^sub>! p \ A \\<^sub>! [r]\<^sub>! p\ lemma eval_peval: \eval h (g o lift) p = peval h g (lift p)\ by (induct p) simp_all lemma tautology_ptautology: \tautology p \ ptautology (lift p)\ using eval_peval by blast lemma peval_eval: assumes \static p\ shows \eval h g (lower p) = peval h (g o lower) p\ using assms by (induct p) simp_all lemma ptautology_tautology: assumes \static p\ shows \ptautology p \ tautology (lower p)\ using assms peval_eval by blast theorem AK_PAK: \A o lift \ p \ A \\<^sub>! lift p\ by (induct p rule: AK.induct) (auto intro: PAK.intros(1-5) simp: tautology_ptautology) theorem static_completeness: assumes \static p\ \\(M :: ('i :: countable, 'i fm set) kripke) w. M, w \\<^sub>! p\ shows \A \\<^sub>! p\ proof - have \\(M :: ('i :: countable, 'i fm set) kripke) w. M, w \ lower p\ using assms by (simp add: lower_semantics) then have \A o lift \ lower p\ by (simp add: completeness) then have \A \\<^sub>! lift (lower p)\ using AK_PAK by fast then show ?thesis using assms(1) lift_lower by metis qed section \Soundness\ -lemma peval_semantics: \peval (val w) (\q. Kripke val r, w \\<^sub>! q) p = (Kripke val r, w \\<^sub>! p)\ +lemma peval_semantics: \peval (val w) (\q. Kripke W val r, w \\<^sub>! q) p = (Kripke W val r, w \\<^sub>! p)\ by (induct p) simp_all lemma ptautology: assumes \ptautology p\ shows \M, w \\<^sub>! p\ proof - - from assms have \peval (g w) (\q. Kripke g r, w \\<^sub>! q) p\ for g r + from assms have \peval (g w) (\q. Kripke W g r, w \\<^sub>! q) p\ for W g r by simp - then have \Kripke g r, w \\<^sub>! p\ for g r + then have \Kripke W g r, w \\<^sub>! p\ for W g r using peval_semantics by fast then show \M, w \\<^sub>! p\ by (metis kripke.collapse) qed theorem soundness: fixes M :: \('i, 'w) kripke\ assumes \\(M :: ('i, 'w) kripke) w p. A p \ P M \ M, w \\<^sub>! p\ \\(M :: ('i, 'w) kripke) p. P M \ P (restrict M p)\ shows \A \\<^sub>! p \ P M \ M, w \\<^sub>! p\ proof (induct p arbitrary: M w rule: PAK.induct) case (PAnn p r) moreover have \P (restrict M r)\ using PAnn(3) assms(2) by simp ultimately show ?case by simp qed (simp_all add: assms ptautology) corollary \(\_. False) \\<^sub>! p \ M, w \\<^sub>! p\ using soundness[where P=\\_. True\] by metis section \Completeness\ lemma ConE: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! q)\ shows \A \\<^sub>! p\ \A \\<^sub>! q\ using assms by (metis PA1 PR1 peval.simps(4-5))+ lemma Iff_Dis: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! p')\ \A \\<^sub>! (q \<^bold>\\<^sub>! q')\ shows \A \\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q'))\ proof - have \A \\<^sub>! ((p \<^bold>\\<^sub>! p') \<^bold>\\<^sub>! (q \<^bold>\\<^sub>! q') \<^bold>\\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q')))\ by (simp add: PA1) then show ?thesis using assms PR1 by blast qed lemma Iff_Con: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! p')\ \A \\<^sub>! (q \<^bold>\\<^sub>! q')\ shows \A \\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q'))\ proof - have \A \\<^sub>! ((p \<^bold>\\<^sub>! p') \<^bold>\\<^sub>! (q \<^bold>\\<^sub>! q') \<^bold>\\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q')))\ by (simp add: PA1) then show ?thesis using assms PR1 by blast qed lemma Iff_Imp: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! p')\ \A \\<^sub>! (q \<^bold>\\<^sub>! q')\ shows \A \\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q'))\ proof - have \A \\<^sub>! ((p \<^bold>\\<^sub>! p') \<^bold>\\<^sub>! (q \<^bold>\\<^sub>! q') \<^bold>\\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q')))\ by (simp add: PA1) then show ?thesis using assms PR1 by blast qed lemma Iff_sym: \(A \\<^sub>! (p \<^bold>\\<^sub>! q)) = (A \\<^sub>! (q \<^bold>\\<^sub>! p))\ proof - have \A \\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (q \<^bold>\\<^sub>! p))\ by (simp add: PA1) then show ?thesis using PR1 ConE by blast qed lemma Iff_Iff: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! p')\ \A \\<^sub>! (p \<^bold>\\<^sub>! q)\ shows \A \\<^sub>! (p' \<^bold>\\<^sub>! q)\ proof - have \ptautology ((p \<^bold>\\<^sub>! p') \<^bold>\\<^sub>! (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q))\ by (metis peval.simps(4-5)) with PA1 have \A \\<^sub>! ((p \<^bold>\\<^sub>! p') \<^bold>\\<^sub>! (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! (p' \<^bold>\\<^sub>! q))\ . then show ?thesis using assms PR1 by blast qed lemma K'_A2': \A \\<^sub>! (K\<^sub>! i (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i q)\ proof - have \A \\<^sub>! (K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! K\<^sub>! i q)\ using PA2 by fast moreover have \A \\<^sub>! ((P \<^bold>\\<^sub>! Q \<^bold>\\<^sub>! R) \<^bold>\\<^sub>! (Q \<^bold>\\<^sub>! P \<^bold>\\<^sub>! R))\ for P Q R by (simp add: PA1) ultimately show ?thesis using PR1 by fast qed lemma K'_map: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! q)\ shows \A \\<^sub>! (K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i q)\ proof - note \A \\<^sub>! (p \<^bold>\\<^sub>! q)\ then have \A \\<^sub>! K\<^sub>! i (p \<^bold>\\<^sub>! q)\ using PR2 by fast moreover have \A \\<^sub>! (K\<^sub>! i (p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i q)\ using K'_A2' by fast ultimately show ?thesis using PR1 by fast qed lemma ConI: assumes \A \\<^sub>! p\ \A \\<^sub>! q\ shows \A \\<^sub>! (p \<^bold>\\<^sub>! q)\ proof - have \A \\<^sub>! (p \<^bold>\\<^sub>! q \<^bold>\\<^sub>! p \<^bold>\\<^sub>! q)\ by (simp add: PA1) then show ?thesis using assms PR1 by blast qed lemma Iff_wk: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! q)\ shows \A \\<^sub>! ((r \<^bold>\\<^sub>! p) \<^bold>\\<^sub>! (r \<^bold>\\<^sub>! q))\ proof - have \A \\<^sub>! ((p \<^bold>\\<^sub>! q) \<^bold>\\<^sub>! ((r \<^bold>\\<^sub>! p) \<^bold>\\<^sub>! (r \<^bold>\\<^sub>! q)))\ by (simp add: PA1) then show ?thesis using assms PR1 by blast qed lemma Iff_reduce': assumes \static p\ shows \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! reduce' r p)\ using assms proof (induct p rule: pfm.induct) case FF then show ?case by (simp add: PFF) next case (Pro' x) then show ?case by (simp add: PPro) next case (Dis p q) then have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q \<^bold>\\<^sub>! reduce' r (p \<^bold>\\<^sub>! q))\ using Iff_Dis by force moreover have \A \\<^sub>! (([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q) \<^bold>\\<^sub>! ([r]\<^sub>! (p \<^bold>\\<^sub>! q)))\ using PDis Iff_sym by fastforce ultimately show ?case using PA1 PR1 Iff_Iff by blast next case (Con p q) then have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q \<^bold>\\<^sub>! reduce' r (p \<^bold>\\<^sub>! q))\ using Iff_Con by force moreover have \A \\<^sub>! (([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q) \<^bold>\\<^sub>! ([r]\<^sub>! (p \<^bold>\\<^sub>! q)))\ using PCon Iff_sym by fastforce ultimately show ?case using PA1 PR1 Iff_Iff by blast next case (Imp p q) then have \A \\<^sub>! (([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q) \<^bold>\\<^sub>! reduce' r (p \<^bold>\\<^sub>! q))\ using Iff_Imp by force moreover have \A \\<^sub>! (([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q) \<^bold>\\<^sub>! ([r]\<^sub>! (p \<^bold>\\<^sub>! q)))\ using PImp Iff_sym by fastforce ultimately show ?case using PA1 PR1 Iff_Iff by blast next case (K' i p) then have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! reduce' r p)\ by simp then have \A \\<^sub>! (K\<^sub>! i ([r]\<^sub>! p) \<^bold>\\<^sub>! K\<^sub>! i (reduce' r p))\ using K'_map ConE ConI by metis moreover have \A \\<^sub>! ([r]\<^sub>! K\<^sub>! i p \<^bold>\\<^sub>! r \<^bold>\\<^sub>! K\<^sub>! i ([r]\<^sub>! p))\ using PK . ultimately have \A \\<^sub>! ([r]\<^sub>! K\<^sub>! i p \<^bold>\\<^sub>! r \<^bold>\\<^sub>! K\<^sub>! i (reduce' r p))\ by (meson Iff_Iff Iff_sym Iff_wk) then show ?case by simp next case (Ann r p) then show ?case by simp qed lemma Iff_Ann1: assumes r: \A \\<^sub>! (r \<^bold>\\<^sub>! r')\ and \static p\ shows \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r']\<^sub>! p)\ using assms(2-) proof (induct p) case FF have \A \\<^sub>! ((r \<^bold>\\<^sub>! r') \<^bold>\\<^sub>! ((r \<^bold>\\<^sub>! \<^bold>\\<^sub>!) \<^bold>\\<^sub>! (r' \<^bold>\\<^sub>! \<^bold>\\<^sub>!)))\ by (auto intro: PA1) then have \A \\<^sub>! ((r \<^bold>\\<^sub>! \<^bold>\\<^sub>!) \<^bold>\\<^sub>! (r' \<^bold>\\<^sub>! \<^bold>\\<^sub>!))\ using r PR1 by blast then show ?case by (meson PFF Iff_Iff Iff_sym) next case (Pro' x) have \A \\<^sub>! ((r \<^bold>\\<^sub>! r') \<^bold>\\<^sub>! ((r \<^bold>\\<^sub>! Pro\<^sub>! x) \<^bold>\\<^sub>! (r' \<^bold>\\<^sub>! Pro\<^sub>! x)))\ by (auto intro: PA1) then have \A \\<^sub>! ((r \<^bold>\\<^sub>! Pro\<^sub>! x) \<^bold>\\<^sub>! (r' \<^bold>\\<^sub>! Pro\<^sub>! x))\ using r PR1 by blast then show ?case by (meson PPro Iff_Iff Iff_sym) next case (Dis p q) then have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q \<^bold>\\<^sub>! [r']\<^sub>! p \<^bold>\\<^sub>! [r']\<^sub>! q)\ by (simp add: Iff_Dis) then show ?case by (meson PDis Iff_Iff Iff_sym) next case (Con p q) then have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q \<^bold>\\<^sub>! [r']\<^sub>! p \<^bold>\\<^sub>! [r']\<^sub>! q)\ by (simp add: Iff_Con) then show ?case by (meson PCon Iff_Iff Iff_sym) next case (Imp p q) then have \A \\<^sub>! (([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! q) \<^bold>\\<^sub>! ([r']\<^sub>! p \<^bold>\\<^sub>! [r']\<^sub>! q))\ by (simp add: Iff_Imp) then show ?case by (meson PImp Iff_Iff Iff_sym) next case (K' i p) then have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r']\<^sub>! p)\ by simp then have \A \\<^sub>! (K\<^sub>! i ([r]\<^sub>! p) \<^bold>\\<^sub>! K\<^sub>! i ([r']\<^sub>! p))\ using K'_map ConE ConI by metis then show ?case by (meson Iff_Iff Iff_Imp Iff_sym PK r) next case (Ann s p) then show ?case by simp qed lemma Iff_Ann2: assumes \A \\<^sub>! (p \<^bold>\\<^sub>! p')\ shows \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! [r]\<^sub>! p')\ using assms PAnn ConE ConI PImp PR1 by metis lemma Iff_reduce: \A \\<^sub>! (p \<^bold>\\<^sub>! reduce p)\ proof (induct p) case (Dis p q) then show ?case by (simp add: Iff_Dis) next case (Con p q) then show ?case by (simp add: Iff_Con) next case (Imp p q) then show ?case by (simp add: Iff_Imp) next case (K' i p) have \A \\<^sub>! (K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i (reduce p))\ \A \\<^sub>! (K\<^sub>! i (reduce p) \<^bold>\\<^sub>! K\<^sub>! i p)\ using K' K'_map ConE by fast+ then have \A \\<^sub>! (K\<^sub>! i p \<^bold>\\<^sub>! K\<^sub>! i (reduce p))\ using ConI by blast then show ?case by simp next case (Ann r p) have \A \\<^sub>! ([reduce r]\<^sub>! reduce p \<^bold>\\<^sub>! reduce' (reduce r) (reduce p))\ using Iff_reduce' static_reduce by blast moreover have \A \\<^sub>! ([r]\<^sub>! reduce p \<^bold>\\<^sub>! [reduce r]\<^sub>! reduce p)\ using Ann(1) Iff_Ann1 static_reduce by blast ultimately have \A \\<^sub>! ([r]\<^sub>! reduce p \<^bold>\\<^sub>! reduce' (reduce r) (reduce p))\ using Iff_Iff Iff_sym by blast moreover have \A \\<^sub>! ([r]\<^sub>! reduce p \<^bold>\\<^sub>! [r]\<^sub>! p)\ by (meson Ann(2) static_reduce Iff_Ann2 Iff_sym) ultimately have \A \\<^sub>! ([r]\<^sub>! p \<^bold>\\<^sub>! reduce' (reduce r) (reduce p))\ using Iff_Iff by blast then show ?case by simp qed (simp_all add: PA1) theorem completeness: assumes \\(M :: ('i :: countable, 'i fm set) kripke) w. M, w \\<^sub>! p\ shows \A \\<^sub>! p\ proof - have \\(M :: ('i :: countable, 'i fm set) kripke) w. M, w \\<^sub>! reduce p\ using assms reduce_semantics by fast moreover have \static (reduce p)\ using static_reduce by fast ultimately have \A \\<^sub>! reduce p\ using static_completeness by blast moreover have \A \\<^sub>! (p \<^bold>\\<^sub>! reduce p)\ using Iff_reduce by blast ultimately show ?thesis using ConE(2) PR1 by blast qed end