Theory itree

Parents

Contents

Type operators

Constants

Definitions

ibind_defiflat_defimap_defitree_TY_DEFitree_el_case_defitree_el_size_defitree_next_case_defitree_next_size_def

Theorems

Ret_11Vis_11at_path_casesat_path_implies_isetat_path_indat_path_retat_path_rulesat_path_strongindat_path_thmat_path_visdatatype_itreedatatype_itree_eldatatype_itree_nextibind_associbind_eq_divibind_eq_retibind_eq_visibind_left_idibind_right_idievery_casesievery_coindievery_divievery_retievery_rulesievery_setievery_thmievery_visiexists_casesiexists_indiexists_retiexists_rulesiexists_setiexists_strongindiexists_thmiexists_visifinite_casesifinite_divifinite_indifinite_retifinite_rulesifinite_strongindifinite_visiflat_diviflat_eq_diviflat_eq_retiflat_eq_visiflat_retiflat_visimap_compositionimap_divimap_eq_divimap_eq_retimap_eq_visimap_idimap_retimap_visiset_casesiset_flatiset_flat_1iset_flat_2iset_iff_exists_pathiset_indiset_mapiset_map_1iset_map_2iset_retiset_rulesiset_strongindiset_thmiset_truncateiset_visitree_11itree_CASEitree_CASE_congitree_CASE_elimitree_CASE_eqitree_bisimulationitree_casesitree_distinctitree_el_11itree_el_Axiomitree_el_case_congitree_el_case_eqitree_el_defitree_el_distinctitree_el_eqvitree_el_inductionitree_el_nchotomyitree_next_11itree_next_Axiomitree_next_case_congitree_next_case_eqitree_next_distinctitree_next_inductionitree_next_nchotomyitree_unfolditree_unfold_erritruncate_computeitruncate_defitruncate_implies_ifiniteitruncate_inditruncate_retnot_ievery_exists

Definitions

ibind_def
⊢ ∀itr f. ibind itr f = iflat (imap f itr)
iflat_def
⊢ ∀itr.
    iflat itr =
    itree_unfold
      (λx.
           case x of
             INL (ireturn (ireturn r0)) => Ret' r0
           | INL (ireturn Div) => Div'
           | INL (ireturn (Vis e f)) => Vis' e (λi. INR (f i))
           | INL Div => Div'
           | INL (Vis e f) => Vis' e (λi. INL (f i))
           | INR (ireturn r) => Ret' r
           | INR Div => Div'
           | INR (Vis e' f') => Vis' e' (λi. INR (f' i))) (INL itr)
imap_def
⊢ ∀g itr.
    imap g itr =
    itree_unfold (λx. itree_CASE x (λr. Ret' (g r)) Div' (λe f. Vis' e f))
      itr
itree_TY_DEF
⊢ ∃rep. TYPE_DEFINITION itree_rep_ok rep
itree_el_case_def
⊢ (∀a f f1 v. itree_el_CASE (Event a) f f1 v = f a) ∧
  (∀a f f1 v. itree_el_CASE (Return a) f f1 v = f1 a) ∧
  ∀f f1 v. itree_el_CASE Stuck f f1 v = v
itree_el_size_def
⊢ (∀f f1 a. itree_el_size f f1 (Event a) = 1 + f a) ∧
  (∀f f1 a. itree_el_size f f1 (Return a) = 1 + f1 a) ∧
  ∀f f1. itree_el_size f f1 Stuck = 0
itree_next_case_def
⊢ (∀a f v f1. itree_next_CASE (Ret' a) f v f1 = f a) ∧
  (∀f v f1. itree_next_CASE Div' f v f1 = v) ∧
  ∀a0 a1 f v f1. itree_next_CASE (Vis' a0 a1) f v f1 = f1 a0 a1
itree_next_size_def
⊢ (∀f f1 f2 f3 a. itree_next_size f f1 f2 f3 (Ret' a) = 1 + f2 a) ∧
  (∀f f1 f2 f3. itree_next_size f f1 f2 f3 Div' = 0) ∧
  ∀f f1 f2 f3 a0 a1. itree_next_size f f1 f2 f3 (Vis' a0 a1) = 1 + f1 a0

Theorems

Ret_11
⊢ ∀x y. ireturn x = ireturn y ⇔ x = y
Vis_11
⊢ ∀x f y g. Vis x f = Vis y g ⇔ x = y ∧ f = g
at_path_cases
⊢ ∀a0 a1 a2.
    at_path a0 a1 a2 ⇔
    a0 = ireturn a2 ∧ a1 = [] ∨
    ∃f i ov p. a0 = Vis ov f ∧ a1 = (ov,i)::p ∧ at_path (f i) p a2
at_path_implies_iset
⊢ at_path itree p e ⇒ iset itree e
at_path_ind
⊢ ∀at_path'.
    (∀e. at_path' (ireturn e) [] e) ∧
    (∀e f i ov p. at_path' (f i) p e ⇒ at_path' (Vis ov f) ((ov,i)::p) e) ⇒
    ∀a0 a1 a2. at_path a0 a1 a2 ⇒ at_path' a0 a1 a2
at_path_ret
⊢ ∀e. at_path (ireturn e) [] e
at_path_rules
⊢ (∀e. at_path (ireturn e) [] e) ∧
  ∀e f i ov p. at_path (f i) p e ⇒ at_path (Vis ov f) ((ov,i)::p) e
at_path_strongind
⊢ ∀at_path'.
    (∀e. at_path' (ireturn e) [] e) ∧
    (∀e f i ov p.
       at_path (f i) p e ∧ at_path' (f i) p e ⇒
       at_path' (Vis ov f) ((ov,i)::p) e) ⇒
    ∀a0 a1 a2. at_path a0 a1 a2 ⇒ at_path' a0 a1 a2
at_path_thm
⊢ (at_path Div p e ⇔ F) ∧ (at_path (ireturn e) p a ⇔ p = [] ∧ a = e) ∧
  (at_path (Vis ov f) p e ⇔ ∃i l. p = (ov,i)::l ∧ at_path (f i) l e)
at_path_vis
⊢ ∀e f i ov p. at_path (f i) p e ⇒ at_path (Vis ov f) ((ov,i)::p) e
datatype_itree
⊢ DATATYPE (itree ireturn Div Vis)
datatype_itree_el
⊢ DATATYPE (itree_el Event Return Stuck)
datatype_itree_next
⊢ DATATYPE (itree_next Ret' Div' Vis')
ibind_assoc
⊢ ibind itr (λx. ibind (f x) g) = ibind (ibind itr f) g
ibind_eq_div
⊢ ibind itr f = Div ⇔ itr = Div ∨ ∃x. itr = ireturn x ∧ f x = Div
ibind_eq_ret
⊢ ibind itr f = ireturn v ⇔ ∃v'. itr = ireturn v' ∧ f v' = ireturn v
ibind_eq_vis
⊢ ibind itr f = Vis rv g ⇔
  (∃h. itr = Vis rv h ∧ iflat ∘ imap f ∘ h = g) ∨
  ∃x. itr = ireturn x ∧ f x = Vis rv g
ibind_left_id
⊢ ibind (ireturn itr) f = f itr
ibind_right_id
⊢ ibind itr ireturn = itr
ievery_cases
⊢ ∀P a0.
    ievery P a0 ⇔
    a0 = Div ∨ (∃e. a0 = ireturn e ∧ P e) ∨
    ∃f ov. a0 = Vis ov f ∧ ∀iv. ievery P (f iv)
ievery_coind
⊢ ∀P ievery'.
    (∀a0.
       ievery' a0 ⇒
       a0 = Div ∨ (∃e. a0 = ireturn e ∧ P e) ∨
       ∃f ov. a0 = Vis ov f ∧ ∀iv. ievery' (f iv)) ⇒
    ∀a0. ievery' a0 ⇒ ievery P a0
ievery_div
⊢ ∀P. ievery P Div
ievery_ret
⊢ ∀P e. P e ⇒ ievery P (ireturn e)
ievery_rules
⊢ ∀P. ievery P Div ∧ (∀e. P e ⇒ ievery P (ireturn e)) ∧
      ∀f ov. (∀iv. ievery P (f iv)) ⇒ ievery P (Vis ov f)
ievery_set
⊢ ∀itr. ievery P itr ⇔ ∀rv. iset itr rv ⇒ P rv
ievery_thm
⊢ (ievery P Div ⇔ T) ∧ (ievery P (ireturn e) ⇔ P e) ∧
  (ievery P (Vis ov f) ⇔ ∀iv. ievery P (f iv))
ievery_vis
⊢ ∀P f ov. (∀iv. ievery P (f iv)) ⇒ ievery P (Vis ov f)
iexists_cases
⊢ ∀P a0.
    iexists P a0 ⇔
    (∃e. a0 = ireturn e ∧ P e) ∨
    ∃f ov. a0 = Vis ov f ∧ ∃iv. iexists P (f iv)
iexists_ind
⊢ ∀P iexists'.
    (∀e. P e ⇒ iexists' (ireturn e)) ∧
    (∀f ov. (∃iv. iexists' (f iv)) ⇒ iexists' (Vis ov f)) ⇒
    ∀a0. iexists P a0 ⇒ iexists' a0
iexists_ret
⊢ ∀P e. P e ⇒ iexists P (ireturn e)
iexists_rules
⊢ ∀P. (∀e. P e ⇒ iexists P (ireturn e)) ∧
      ∀f ov. (∃iv. iexists P (f iv)) ⇒ iexists P (Vis ov f)
iexists_set
⊢ iexists P itr ⇔ ∃x. iset itr x ∧ P x
iexists_strongind
⊢ ∀P iexists'.
    (∀e. P e ⇒ iexists' (ireturn e)) ∧
    (∀f ov. (∃iv. iexists P (f iv) ∧ iexists' (f iv)) ⇒ iexists' (Vis ov f)) ⇒
    ∀a0. iexists P a0 ⇒ iexists' a0
iexists_thm
⊢ (iexists P Div ⇔ F) ∧ (iexists P (ireturn e) ⇔ P e) ∧
  (iexists P (Vis ov f) ⇔ ∃iv. iexists P (f iv))
iexists_vis
⊢ ∀P f ov. (∃iv. iexists P (f iv)) ⇒ iexists P (Vis ov f)
ifinite_cases
⊢ ∀a0.
    ifinite a0 ⇔
    (∃e. a0 = ireturn e) ∨ a0 = Div ∨
    ∃f ov. a0 = Vis ov f ∧ ∀iv. ifinite (f iv)
ifinite_div
⊢ ifinite Div
ifinite_ind
⊢ ∀ifinite'.
    (∀e. ifinite' (ireturn e)) ∧ ifinite' Div ∧
    (∀f ov. (∀iv. ifinite' (f iv)) ⇒ ifinite' (Vis ov f)) ⇒
    ∀a0. ifinite a0 ⇒ ifinite' a0
ifinite_ret
⊢ ∀e. ifinite (ireturn e)
ifinite_rules
⊢ (∀e. ifinite (ireturn e)) ∧ ifinite Div ∧
  ∀f ov. (∀iv. ifinite (f iv)) ⇒ ifinite (Vis ov f)
ifinite_strongind
⊢ ∀ifinite'.
    (∀e. ifinite' (ireturn e)) ∧ ifinite' Div ∧
    (∀f ov. (∀iv. ifinite (f iv) ∧ ifinite' (f iv)) ⇒ ifinite' (Vis ov f)) ⇒
    ∀a0. ifinite a0 ⇒ ifinite' a0
ifinite_vis
⊢ ∀f ov. (∀iv. ifinite (f iv)) ⇒ ifinite (Vis ov f)
iflat_div
⊢ iflat Div = Div
iflat_eq_div
⊢ iflat itr = Div ⇔ itr = Div ∨ itr = ireturn Div
iflat_eq_ret
⊢ (iflat itr = ireturn rv ⇔ itr = ireturn (ireturn rv)) ∧
  (ireturn rv = iflat itr ⇔ itr = ireturn (ireturn rv))
iflat_eq_vis
⊢ iflat itr = Vis ov f ⇔
  (∃g. itr = Vis ov g ∧ iflat ∘ g = f) ∨ itr = ireturn (Vis ov f)
iflat_ret
⊢ iflat (ireturn r) = r
iflat_vis
⊢ iflat (Vis ov f) = Vis ov (iflat ∘ f)
imap_composition
⊢ imap (f ∘ g) itr = imap f (imap g itr)
imap_div
⊢ imap g Div = Div
imap_eq_div
⊢ (imap g itr = Div ⇔ itr = Div) ∧ (Div = imap g itr ⇔ itr = Div)
imap_eq_ret
⊢ ireturn r = imap g itr ⇔ ∃x. itr = ireturn x ∧ g x = r
imap_eq_vis
⊢ Vis rv f = imap g itr ⇔ ∃h. itr = Vis rv h ∧ imap g ∘ h = f
imap_id
⊢ imap (λx. x) itr = itr
imap_ret
⊢ imap g (ireturn rv) = ireturn (g rv)
imap_vis
⊢ imap f (Vis ov g) = Vis ov (imap f ∘ g)
iset_cases
⊢ ∀a0 a1.
    iset a0 a1 ⇔ a0 = ireturn a1 ∨ ∃f i ov. a0 = Vis ov f ∧ iset (f i) a1
iset_flat
⊢ ∀itr e. iset (iflat itr) e ⇔ ∃t0. iset itr t0 ∧ iset t0 e
iset_flat_1
⊢ ∀itr e. iset (iflat itr) e ⇒ ∃t0. iset itr t0 ∧ iset t0 e
iset_flat_2
⊢ ∀itr t0 e. iset itr t0 ∧ iset t0 e ⇒ iset (iflat itr) e
iset_iff_exists_path
⊢ iset itree e ⇔ ∃p. at_path itree p e
iset_ind
⊢ ∀iset'.
    (∀e. iset' (ireturn e) e) ∧
    (∀e f i ov. iset' (f i) e ⇒ iset' (Vis ov f) e) ⇒
    ∀a0 a1. iset a0 a1 ⇒ iset' a0 a1
iset_map
⊢ iset (imap f itr) = IMAGE f (iset itr)
iset_map_1
⊢ ∀itr x. iset (imap f itr) x ⇒ ∃y. x = f y ∧ iset itr y
iset_map_2
⊢ ∀itr. iset itr y ⇒ iset (imap f itr) (f y)
iset_ret
⊢ ∀e. iset (ireturn e) e
iset_rules
⊢ (∀e. iset (ireturn e) e) ∧ ∀e f i ov. iset (f i) e ⇒ iset (Vis ov f) e
iset_strongind
⊢ ∀iset'.
    (∀e. iset' (ireturn e) e) ∧
    (∀e f i ov. iset (f i) e ∧ iset' (f i) e ⇒ iset' (Vis ov f) e) ⇒
    ∀a0 a1. iset a0 a1 ⇒ iset' a0 a1
iset_thm
⊢ (iset (ireturn e) e' ⇔ e = e') ∧ (iset Div e ⇔ F) ∧
  (iset (Vis ov f) e ⇔ ∃i. iset (f i) e)
iset_truncate
⊢ iset itr elem ⇒ ∃n. iset (itruncate n itr) elem
iset_vis
⊢ ∀e f i ov. iset (f i) e ⇒ iset (Vis ov f) e
itree_11
⊢ (∀x y. ireturn x = ireturn y ⇔ x = y) ∧
  ∀x f y g. Vis x f = Vis y g ⇔ x = y ∧ f = g
itree_CASE
⊢ itree_CASE (ireturn r) ret div vis = ret r ∧
  itree_CASE Div ret div vis = div ∧
  itree_CASE (Vis a g) ret div vis = vis a g
itree_CASE_cong
⊢ ∀M M' ret div vis ret' div' vis'.
    M = M' ∧ (∀x. M' = ireturn x ⇒ ret x = ret' x) ∧
    (M' = Div ⇒ div = div') ∧ (∀a g. M' = Vis a g ⇒ vis a g = vis' a g) ⇒
    itree_CASE M ret div vis = itree_CASE M' ret' div' vis'
itree_CASE_elim
⊢ ∀f. f (itree_CASE t ret div vis) ⇔
      (∃r. t = ireturn r ∧ f (ret r)) ∨ t = Div ∧ f div ∨
      ∃a g. t = Vis a g ∧ f (vis a g)
itree_CASE_eq
⊢ itree_CASE t ret div vis = v ⇔
  (∃r. t = ireturn r ∧ ret r = v) ∨ t = Div ∧ div = v ∨
  ∃a g. t = Vis a g ∧ vis a g = v
itree_bisimulation
⊢ ∀t1 t2.
    t1 = t2 ⇔
    ∃R. R t1 t2 ∧ (∀x t. R (ireturn x) t ⇒ t = ireturn x) ∧
        (∀t. R Div t ⇒ t = Div) ∧
        ∀a f t. R (Vis a f) t ⇒ ∃b g. t = Vis a g ∧ ∀s. R (f s) (g s)
itree_cases
⊢ ∀t. (∃x. t = ireturn x) ∨ t = Div ∨ ∃a g. t = Vis a g
itree_distinct
⊢ (∀x. ireturn x ≠ Div) ∧ (∀x g e. ireturn x ≠ Vis e g) ∧
  ∀g e. Div ≠ Vis e g
itree_el_11
⊢ (∀a a'. Event a = Event a' ⇔ a = a') ∧
  ∀a a'. Return a = Return a' ⇔ a = a'
itree_el_Axiom
⊢ ∀f0 f1 f2. ∃fn.
    (∀a. fn (Event a) = f0 a) ∧ (∀a. fn (Return a) = f1 a) ∧ fn Stuck = f2
itree_el_case_cong
⊢ ∀M M' f f1 v.
    M = M' ∧ (∀a. M' = Event a ⇒ f a = f' a) ∧
    (∀a. M' = Return a ⇒ f1 a = f1' a) ∧ (M' = Stuck ⇒ v = v') ⇒
    itree_el_CASE M f f1 v = itree_el_CASE M' f' f1' v'
itree_el_case_eq
⊢ itree_el_CASE x f f1 v = v' ⇔
  (∃e. x = Event e ∧ f e = v') ∨ (∃r. x = Return r ∧ f1 r = v') ∨
  x = Stuck ∧ v = v'
itree_el_def
⊢ itree_el (ireturn r) [] = Return r ∧ itree_el Div [] = Stuck ∧
  itree_el (Vis e g) [] = Event e ∧
  itree_el (ireturn r) (a::ns) = Return ARB ∧
  itree_el Div (a::ns) = Return ARB ∧
  itree_el (Vis e g) (a::ns) = itree_el (g a) ns
itree_el_distinct
⊢ (∀a' a. Event a ≠ Return a') ∧ (∀a. Event a ≠ Stuck) ∧
  ∀a. Return a ≠ Stuck
itree_el_eqv
⊢ ∀t1 t2. t1 = t2 ⇔ ∀path. itree_el t1 path = itree_el t2 path
itree_el_induction
⊢ ∀P. (∀e. P (Event e)) ∧ (∀r. P (Return r)) ∧ P Stuck ⇒ ∀i. P i
itree_el_nchotomy
⊢ ∀ii. (∃e. ii = Event e) ∨ (∃r. ii = Return r) ∨ ii = Stuck
itree_next_11
⊢ (∀a a'. Ret' a = Ret' a' ⇔ a = a') ∧
  ∀a0 a1 a0' a1'. Vis' a0 a1 = Vis' a0' a1' ⇔ a0 = a0' ∧ a1 = a1'
itree_next_Axiom
⊢ ∀f0 f1 f2. ∃fn.
    (∀a. fn (Ret' a) = f0 a) ∧ fn Div' = f1 ∧
    ∀a0 a1. fn (Vis' a0 a1) = f2 a0 a1
itree_next_case_cong
⊢ ∀M M' f v f1.
    M = M' ∧ (∀a. M' = Ret' a ⇒ f a = f' a) ∧ (M' = Div' ⇒ v = v') ∧
    (∀a0 a1. M' = Vis' a0 a1 ⇒ f1 a0 a1 = f1' a0 a1) ⇒
    itree_next_CASE M f v f1 = itree_next_CASE M' f' v' f1'
itree_next_case_eq
⊢ itree_next_CASE x f v f1 = v' ⇔
  (∃r. x = Ret' r ∧ f r = v') ∨ x = Div' ∧ v = v' ∨
  ∃e f'. x = Vis' e f' ∧ f1 e f' = v'
itree_next_distinct
⊢ (∀a. Ret' a ≠ Div') ∧ (∀a1 a0 a. Ret' a ≠ Vis' a0 a1) ∧
  ∀a1 a0. Div' ≠ Vis' a0 a1
itree_next_induction
⊢ ∀P. (∀r. P (Ret' r)) ∧ P Div' ∧ (∀e f. P (Vis' e f)) ⇒ ∀i. P i
itree_next_nchotomy
⊢ ∀ii. (∃r. ii = Ret' r) ∨ ii = Div' ∨ ∃e f. ii = Vis' e f
itree_unfold
⊢ itree_unfold f seed =
  case f seed of
    Ret' r => ireturn r
  | Div' => Div
  | Vis' e g => Vis e (itree_unfold f ∘ g)
itree_unfold_err
⊢ itree_unfold_err f (rel,err_f,err) seed =
  case f seed of
    Ret' r => ireturn r
  | Div' => Div
  | Vis' e g =>
    Vis e
      (λa.
           case a of
             INL x => ireturn (err_f e x)
           | INR y =>
             if rel e y then itree_unfold_err f (rel,err_f,err) (g y)
             else ireturn (err e))
itruncate_compute
⊢ (∀itr. itruncate 0 itr = Div) ∧
  (∀v2. itruncate (NUMERAL (BIT1 v2)) Div = Div) ∧
  (∀v2. itruncate (NUMERAL (BIT2 v2)) Div = Div) ∧
  (∀v3 rv. itruncate (NUMERAL (BIT1 v3)) (ireturn rv) = ireturn rv) ∧
  (∀v3 rv. itruncate (NUMERAL (BIT2 v3)) (ireturn rv) = ireturn rv) ∧
  (∀v4 ov f.
     itruncate (NUMERAL (BIT1 v4)) (Vis ov f) =
     Vis ov (λx. itruncate (NUMERAL (BIT1 v4) − 1) (f x))) ∧
  ∀v4 ov f.
    itruncate (NUMERAL (BIT2 v4)) (Vis ov f) =
    Vis ov (λx. itruncate (NUMERAL (BIT2 v4) − 1) (f x))
itruncate_def
⊢ (∀itr. itruncate 0 itr = Div) ∧ (∀v2. itruncate (SUC v2) Div = Div) ∧
  (∀v3 rv. itruncate (SUC v3) (ireturn rv) = ireturn rv) ∧
  ∀v4 ov f.
    itruncate (SUC v4) (Vis ov f) =
    Vis ov (λx. itruncate (SUC v4 − 1) (f x))
itruncate_implies_ifinite
⊢ ∀itr. itruncate n itr = itr ⇒ ifinite itr
itruncate_ind
⊢ ∀P. (∀itr. P 0 itr) ∧ (∀v2. P (SUC v2) Div) ∧
      (∀v3 rv. P (SUC v3) (ireturn rv)) ∧
      (∀v4 ov f. (∀x. P (SUC v4 − 1) (f x)) ⇒ P (SUC v4) (Vis ov f)) ⇒
      ∀v v1. P v v1
itruncate_ret
⊢ ∀n. itruncate n itr = ireturn r ⇔ itr = ireturn r ∧ n ≠ 0
not_ievery_exists
⊢ ¬ievery P itr ⇔ iexists (λx. ¬P x) itr