some more work to factorize out uninteresting parts of the proof...

[helm.git] / helm / software / matita / contribs / dama / dama / models / q_function.ma

(**************************************************************************)
(*       ___                                                              *)
(*      ||M||                                                             *)
(*      ||A||       A project by Andrea Asperti                           *)
(*      ||T||                                                             *)
(*      ||I||       Developers:                                           *)
(*      ||T||         The HELM team.                                      *)
(*      ||A||         http://helm.cs.unibo.it                             *)
(*      \   /                                                             *)
(*       \ /        This file is distributed under the terms of the       *)
(*        v         GNU General Public License Version 2                  *)
(*                                                                        *)
(**************************************************************************)

include "nat_ordered_set.ma".
include "models/q_bars.ma".

axiom le_le_eq: ∀x,y:Q. x ≤ y → y ≤ x → x = y.

lemma initial_shift_same_values:
  ∀l1:q_f.∀init.init < start l1 →
   same_values l1 
     (mk_q_f init (〈\fst (unpos (start l1 - init) ?),OQ〉:: bars l1)).  
[apply hide; apply q_lt_minus; rewrite > q_plus_sym; rewrite > q_plus_OQ; assumption]
intros; generalize in ⊢ (? ? (? ? (? ? (? ? ? (? ? ? (? ? %)) ?) ?))); intro;
cases (unpos (start l1-init) H1); intro input;
simplify in ⊢ (? ? ? (? ? ? (? ? ? (? (? ? (? ? (? ? ? % ?) ?)) ?))));
cases (value (mk_q_f init (〈w,OQ〉::bars l1)) input);
simplify in ⊢ (? ? ? (? ? ? %));
cases (q_cmp input (start (mk_q_f init (〈w,OQ〉::bars l1)))) in H3;
whd in ⊢ (% → ?); simplify in H3;
[1: intro; cases H4; clear H4; rewrite > H3;
    cases (value l1 init); simplify; cases (q_cmp init (start l1)) in H4;
    [1: cases (?:False); apply (q_lt_corefl init); rewrite > H4 in ⊢ (?? %); apply H;
    |3: cases (?:False); apply (q_lt_antisym init (start l1)); assumption;
    |2: whd in ⊢ (% → ?); intro; rewrite > H8; clear H8 H4;
        rewrite > H7; clear H7; rewrite > (?:\fst w1 = O); [reflexivity]
        symmetry; apply le_n_O_to_eq;
        rewrite > (sum_bases_O (〈w,OQ〉::bars l1) (\fst w1)); [apply le_n]   
        clear H6 w2; simplify in H5:(? ? (? ? %));  
        destruct H3; rewrite > q_d_x_x in H5; assumption;]
|2: intros; cases (value l1 input); simplify in ⊢ (? ? (? ? ? %) ?);
    cases (q_cmp input (start l1)) in H5; whd in ⊢ (% → ?);
    [1: cases (?:False); clear w2 H4 w1 H2 w H1; 
        apply (q_lt_antisym init (start l1)); [assumption] rewrite < H5; assumption
    |2: intros; rewrite > H6; clear H6; rewrite > H4; reflexivity;
    |3: cases (?:False); apply (q_lt_antisym input (start l1)); [2: assumption]
        apply (q_lt_trans ??? H3 H);]
|3: intro; cases H4; clear H4;   
    cases (value l1 input); simplify; cases (q_cmp input (start l1)) in H4; whd in ⊢ (% → ?);
    [1: intro; cases H8; clear H8; rewrite > H11; rewrite > H7; clear H11 H7;
        simplify in ⊢ (? ? ? (? ? ? (? ? % ? ?)));
        cut (\fst w1 = S (\fst w2)) as Key; [rewrite > Key; reflexivity;]
        cut (\fst w2 = O); [2: clear H10;
          symmetry; apply le_n_O_to_eq; rewrite > (sum_bases_O (bars l1) (\fst w2)); [apply le_n]
          apply (q_le_trans ??? H9); rewrite < H4; rewrite > q_d_x_x; 
          apply q_eq_to_le; reflexivity;]
        rewrite > Hcut; clear Hcut H10 H9; simplify in H5 H6;
        cut (ⅆ[input,init] = Qpos w) as E; [2:
          rewrite > H2; rewrite < H4; rewrite > q_d_sym; 
          rewrite > q_d_noabs; [reflexivity] apply q_lt_to_le; assumption;]
        cases (\fst w1) in H5 H6; intros;
        [1: cases (?:False); clear H5; simplify in H6;
            apply (q_lt_corefl ⅆ[input,init]);
            rewrite > E in ⊢ (??%); rewrite < q_plus_OQ in ⊢ (??%);
            rewrite > q_plus_sym; assumption;
        |2: cases n in H5 H6; [intros; reflexivity] intros;
            cases (?:False); clear H6; cases (bars l1) in H5; simplify; intros;
            [apply (q_pos_OQ one);|apply (q_pos_OQ (\fst b));] 
            apply (q_le_S ??? (sum_bases_ge_OQ ? n1));[apply []|3:apply l]
            simplify in ⊢ (? (? (? % ?) ?) ?); rewrite < (q_plus_minus (Qpos w));
            rewrite > q_elim_minus; apply q_le_minus_r; 
            rewrite > q_elim_opp; rewrite < E in ⊢ (??%); assumption;]
    |2: intros; rewrite > H8; rewrite > H7; clear H8 H7;
        simplify in H5 H6 ⊢ %; 
        cases (\fst w1) in H5 H6; [intros; reflexivity]
        cases (bars l1);
        [1: intros; simplify; elim n [reflexivity] simplify; assumption;
        |2: simplify; intros; cases (?:False); clear H6;
            apply (q_lt_le_incompat (input - init) (Qpos w) );
            [1: rewrite > H2; do 2 rewrite > q_elim_minus;
                apply q_lt_plus; rewrite > q_elim_minus;
                rewrite < q_plus_assoc; rewrite < q_elim_minus;
                rewrite > q_plus_minus;rewrite > q_plus_OQ; assumption;
            |2: rewrite < q_d_noabs; [2: apply q_lt_to_le; assumption]
                rewrite > q_d_sym
                
                ; apply (q_le_S ???? H5);apply sum_bases_ge_OQ;]]
    |3: intro; cases H8; clear H8; rewrite > H11; rewrite > H7; clear H11 H7;
        simplify in H5 H6 ⊢ (? ? ? (? ? ? (? ? % ? ?)));

axiom nth_nil: ∀T,n.∀d:T. nth [] d n = d.


lemma case1 : 
  ∀init,st,input,l. 
  init<st → st<input → 
     ⅆ[input,init] < sum_bases l O + (st-init) → False.
intros 6; rewrite > q_d_sym; rewrite > q_d_noabs; [2:
  apply (q_le_trans ? st); apply q_lt_to_le; assumption]
do 2 rewrite > q_elim_minus; rewrite > q_plus_assoc;
intro X; lapply (q_lt_canc_plus_r ??? X) as Y;
simplify in Y; cases (?:False); 
apply (q_lt_corefl st); apply (q_lt_trans ??? H1);
apply (q_lt_le_trans ??? Y); rewrite > q_plus_sym; rewrite > q_plus_OQ;
apply q_eq_to_le; reflexivity;
qed.    

lemma case2:
 ∀a,l1,init,st,input,n. 
  init < st → st < input → 
  sum_bases (a::l1) n + (st-init) ≤ ⅆ[input,init] →
    ⅆ[input,st] < sum_bases l1 O + Qpos (\fst a) →
  n = O.
intros; cut (input - st < Qpos (\fst a)) as H6';[2:
  rewrite < q_d_noabs;[2:apply q_lt_to_le; assumption]
  rewrite > q_d_sym; apply (q_lt_le_trans ??? H3);
  rewrite > q_plus_sym; rewrite > q_plus_OQ; 
  apply q_eq_to_le; reflexivity] clear H3;
generalize in match H2; rewrite > q_d_sym; rewrite > q_d_noabs;
  [2: apply (q_le_trans ? st); apply q_lt_to_le; assumption]  
do 2 rewrite > q_elim_minus; rewrite > q_plus_assoc; intro X;
lapply (q_le_canc_plus_r ??? X) as Y; clear X;
lapply (q_le_inj_plus_r ?? (Qopp st) Y) as X; clear Y;
cut (input + Qopp st < Qpos (\fst a)) as H6'';
  [2: rewrite < q_elim_minus; assumption;] clear H6';
generalize in match (q_le_lt_trans ??? X H6''); clear X H6''; 
rewrite < q_plus_assoc; rewrite < q_elim_minus;
rewrite > q_plus_minus; rewrite > q_plus_OQ; cases n; intro X; [reflexivity]
cases (?:False);
apply (q_lt_le_incompat (sum_bases l1 n1) OQ);[2: apply sum_bases_ge_OQ;] 
apply (q_lt_canc_plus_r ?? (Qpos (\fst a)));
rewrite >(q_plus_sym OQ); rewrite > q_plus_OQ; apply X;
qed.

lemma case3:
 ∀init,st,input,l1,a,n.
 init<st → st<input →
  ⅆ[input,init]<OQ+Qpos a+(st-init) →
  sum_bases l1 n+Qpos a≤ⅆ[input,st] → False.
intros;
cut (sum_bases l1 n - ⅆ[input,st] < Qopp ⅆ[input,init] + (st - init)); [2:
  cut (sum_bases l1 n≤ⅆ[input,st]-Qpos a) as H7';[2:
    apply (q_le_canc_plus_r ?? (Qpos a));
    apply (q_le_trans ??? H3); rewrite > q_elim_minus;
    rewrite < q_plus_assoc; rewrite > (q_plus_sym (Qopp ?));
    rewrite < q_elim_minus; rewrite > q_plus_minus; rewrite > q_plus_OQ;
    apply q_eq_to_le; reflexivity;] clear H3;
  rewrite > q_elim_minus; apply (q_lt_canc_plus_r ?? ⅆ[input,st]);
  rewrite < q_plus_assoc; rewrite > (q_plus_sym (Qopp ?));
  rewrite < q_elim_minus; rewrite > q_plus_minus; rewrite > q_plus_OQ;
  apply (q_le_lt_trans ??? H7'); clear H7'; rewrite > q_elim_minus;
  rewrite > q_plus_sym; apply q_lt_inj_plus_r;
  rewrite > q_plus_sym; apply q_lt_plus; rewrite > q_elim_opp;
  rewrite > q_plus_sym; apply (q_lt_canc_plus_r ?? (Qpos a)); 
  rewrite < q_plus_assoc; rewrite > (q_plus_sym (Qopp ?));
  rewrite < q_elim_minus; rewrite > q_plus_minus; rewrite > q_plus_OQ;
  apply (q_lt_le_trans ??? H2); rewrite > (q_plus_sym OQ); rewrite > q_plus_OQ;
  rewrite > q_plus_sym; apply q_eq_to_le; reflexivity;] 
generalize in match Hcut; clear H2 H3 Hcut;
rewrite > q_d_sym; rewrite > q_d_noabs; [2:apply q_lt_to_le; assumption]
rewrite > q_d_sym; rewrite > q_d_noabs; [2: apply (q_le_trans ? st); apply q_lt_to_le; assumption] 
rewrite < q_plus_sym; rewrite < q_elim_minus;
rewrite > (q_elim_minus input init);
rewrite >  q_minus_distrib; rewrite > q_elim_opp;
rewrite > (q_elim_minus input st);
rewrite >  q_minus_distrib; rewrite > q_elim_opp;
repeat rewrite > q_elim_minus;
rewrite < q_plus_assoc in ⊢ (??% → ?);
rewrite > (q_plus_sym  (Qopp input) init);
rewrite > q_plus_assoc;
rewrite < q_plus_assoc in ⊢ (??(?%?) → ?);
rewrite > (q_plus_sym  (Qopp init) init);
rewrite < (q_elim_minus init); rewrite >q_plus_minus;
rewrite > q_plus_OQ; rewrite > (q_plus_sym st);
rewrite < q_plus_assoc; 
rewrite < (q_plus_OQ (Qopp input + st)) in ⊢ (??% → ?);
rewrite > (q_plus_sym ? OQ); intro X;
lapply (q_lt_canc_plus_r ??? X) as Y; clear X;
apply (q_lt_le_incompat ?? Y); apply sum_bases_ge_OQ;
qed.

lemma key:
  ∀init,input,l1,w1,w2,w.
  Qpos w = start l1 - init →   
  init < start l1 → 
  start l1 < input →
  sum_bases (〈w,OQ〉::bars l1) w1 ≤ ⅆ[input,init] →
    ⅆ[input,init] < sum_bases (bars l1) w1 + (start l1-init) →
  sum_bases (bars l1) w2 ≤ ⅆ[input,start l1] →
    ⅆ[input,start l1] < sum_bases (bars l1) (S w2) →
    \snd (nth (bars l1) ▭ w2) = \snd (nth (〈w,OQ〉::bars l1) ▭ w1).
intros 3 (init input l); cases l (st l);
change in match (start (mk_q_f st l)) with st;
change in match (bars (mk_q_f st l)) with l;
elim l; clear l;
[1: rewrite > nth_nil; cases w1 in H4;
    [1: intro X; cases (case1 ?????? X); assumption;
    |2: intros; simplify; rewrite > nth_nil; reflexivity;]       
|2: cases w1 in H4 H5; clear w1;
    [1: intros (Y X); cases (case1 ?????? X); assumption;
    |2: intros; simplify in H4 H5 H7 ⊢ %;
        generalize in match H6; generalize in match H7;
        generalize in match H4; generalize in match H5; clear H4 H5 H6 H7;
        apply (nat_elim2 ???? w2 n); clear w2 n; intros;
        [1: rewrite > (case2 a l1 init st input n); [reflexivity]
            try rewrite < H1; assumption;
        |2: simplify in H4 H7; cases (case3 ???????? H4 H7); assumption;
        |3: (* dipende se vanno oltre la lunghezza di l1,
               forse dovevo gestire il caso prima dell'induzione *)         
            simplify in ⊢ (? ? (? ? ? %) ?);
            rewrite > (H (S m) ? w); [reflexivity] try assumption;
STOP               

qed.

            
        
alias symbol "pi2" = "pair pi2".
alias symbol "pi1" = "pair pi1".
definition rebase_spec ≝ 
 ∀l1,l2:q_f.∃p:q_f × q_f.
   And4
    (*len (bars (\fst p)) = len (bars (\snd p))*)
    (start (\fst p) = start (\snd p))
    (same_bases (\fst p) (\snd p))
    (same_values l1 (\fst p)) 
    (same_values l2 (\snd p)).

definition rebase_spec_simpl ≝ 
 λstart.λl1,l2:list bar.λp:(list bar) × (list bar).
   And3
    (same_bases (mk_q_f start (\fst p)) (mk_q_f start (\snd p)))
    (same_values (mk_q_f start l1) (mk_q_f start (\fst p))) 
    (same_values (mk_q_f start l2) (mk_q_f start (\snd p))).

(* a local letin makes russell fail *)
definition cb0h : list bar → list bar ≝ 
  λl.mk_list (λi.〈\fst (nth l ▭ i),OQ〉) (len l).

definition eject ≝
  λP.λp:∃x:(list bar) × (list bar).P x.match p with [ex_introT p _ ⇒ p].
coercion eject.
definition inject ≝ λP.λp:(list bar) × (list bar).λh:P p. ex_introT ? P p h.
coercion inject with 0 1 nocomposites.
        
definition rebase: rebase_spec.
intros 2 (f1 f2); cases f1 (s1 l1); cases f2 (s2 l2); clear f1 f2;
letin spec ≝ (
  λs.λl1,l2.λm.λz.len l1 + len l2 < m → rebase_spec_simpl s l1 l2 z);
alias symbol "pi1" (instance 34) = "exT \fst".
alias symbol "pi1" (instance 21) = "exT \fst".
letin aux ≝ ( 
let rec aux (l1,l2:list bar) (n:nat) on n : (list bar) × (list bar) ≝
match n with
[ O ⇒ 〈 nil ? , nil ? 〉
| S m ⇒ 
  match l1 with
  [ nil ⇒ 〈cb0h l2, l2〉
  | cons he1 tl1 ⇒
     match l2 with
     [ nil ⇒ 〈l1, cb0h l1〉
     | cons he2 tl2 ⇒  
         let base1 ≝ Qpos (\fst he1) in
         let base2 ≝ Qpos (\fst he2) in
         let height1 ≝ (\snd he1) in
         let height2 ≝ (\snd he2) in
         match q_cmp base1 base2 with
         [ q_eq _ ⇒ 
             let rc ≝ aux tl1 tl2 m in 
             〈he1 :: \fst rc,he2 :: \snd rc〉 
         | q_lt Hp ⇒
             let rest ≝ base2 - base1 in
             let rc ≝ aux tl1 (〈\fst (unpos rest ?),height2〉 :: tl2) m in
             〈〈\fst he1,height1〉 :: \fst rc,〈\fst he1,height2〉 :: \snd rc〉 
         | q_gt Hp ⇒ 
             let rest ≝ base1 - base2 in
             let rc ≝ aux (〈\fst (unpos rest ?),height1〉 :: tl1) tl2 m in
             〈〈\fst he2,height1〉 :: \fst rc,〈\fst he2,height2〉 :: \snd rc〉
]]]]
in aux : ∀l1,l2,m.∃z.∀s.spec s l1 l2 m z); unfold spec;
[9: clearbody aux; unfold spec in aux; clear spec;
    cases (q_cmp s1 s2);
    [1: cases (aux l1 l2 (S (len l1 + len l2)));
        cases (H1 s1 (le_n ?)); clear H1;
        exists [apply 〈mk_q_f s1 (\fst w), mk_q_f s2 (\snd w)〉] split;
        [1,2: assumption;
        |3: intro; apply (H3 input);
        |4: intro; rewrite > H in H4; 
            rewrite > (H4 input); reflexivity;]
    |2: letin l2' ≝ (〈\fst (unpos (s2-s1) ?),OQ〉::l2);[
          apply q_lt_minus; rewrite > q_plus_sym; rewrite > q_plus_OQ;
          assumption]
        cases (aux l1 l2' (S (len l1 + len l2')));
        cases (H1 s1 (le_n ?)); clear H1 aux;
        exists [apply 〈mk_q_f s1 (\fst w), mk_q_f s1 (\snd w)〉] split;
        [1: reflexivity
        |2: assumption;
        |3: assumption;
        |4: intro; rewrite < (H4 input); clear H3 H4 H2 w;
            cases (value (mk_q_f s1 l2') input);
            cases (q_cmp input (start (mk_q_f s1 l2'))) in H1;
            whd in ⊢ (% → ?);
            [1: intros; cases H2; clear H2; whd in ⊢ (??? %);
                cases (value (mk_q_f s2 l2) input);
                cases (q_cmp input (start (mk_q_f s2 l2))) in H2;
                whd in ⊢ (% → ?);
                [1: intros; cases H6; clear H6; change with (w1 = w);
                          
            (* TODO *) ]]    
|1,2: unfold rest; apply q_lt_minus; rewrite > q_plus_sym; rewrite > q_plus_OQ;
      assumption;        
|3:(* TODO *)
|4:(* TODO *)
|5:(* TODO *)
|6:(* TODO *)
|7:(* TODO *)
|8: intros; cases (?:False); apply (not_le_Sn_O ? H1);]
qed.