more porting to machines that can move without writing

[helm.git] / matita / matita / lib / turing / multi_universal / match.ma

(**************************************************************************)
(*       ___                                                              *)
(*      ||M||                                                             *)
(*      ||A||       A project by Andrea Asperti                           *)
(*      ||T||                                                             *)
(*      ||I||       Developers:                                           *)
(*      ||T||         The HELM team.                                      *)
(*      ||A||         http://helm.cs.unibo.it                             *)
(*      \   /                                                             *)
(*       \ /        This file is distributed under the terms of the       *)
(*        v         GNU General Public License Version 2                  *)
(*                                                                        *)
(**************************************************************************)

include "turing/multi_universal/compare.ma".
include "turing/multi_universal/par_test.ma".
include "turing/multi_universal/moves_2.ma".

definition Rtc_multi_true ≝ 
  λalpha,test,n,i.λt1,t2:Vector ? (S n).
   (∃c. current alpha (nth i ? t1 (niltape ?)) = Some ? c ∧ test c = true) ∧ t2 = t1.
   
definition Rtc_multi_false ≝ 
  λalpha,test,n,i.λt1,t2:Vector ? (S n).
    (∀c. current alpha (nth i ? t1 (niltape ?)) = Some ? c → test c = false) ∧ t2 = t1.

lemma sem_test_char_multi :
  ∀alpha,test,n,i.i ≤ n → 
  inject_TM ? (test_char ? test) n i ⊨ 
  [ tc_true : Rtc_multi_true alpha test n i, Rtc_multi_false alpha test n i ].
#alpha #test #n #i #Hin #int
cases (acc_sem_inject … Hin (sem_test_char alpha test) int)
#k * #outc * * #Hloop #Htrue #Hfalse %{k} %{outc} % [ %
[ @Hloop
| #Hqtrue lapply (Htrue Hqtrue) * * * #c *
  #Hcur #Htestc #Hnth_i #Hnth_j %
  [ %{c} % //
  | @(eq_vec … (niltape ?)) #i0 #Hi0
    cases (decidable_eq_nat i0 i) #Hi0i
    [ >Hi0i @Hnth_i
    | @sym_eq @Hnth_j @sym_not_eq // ] ] ]
| #Hqfalse lapply (Hfalse Hqfalse) * * #Htestc #Hnth_i #Hnth_j %
  [ @Htestc
  | @(eq_vec … (niltape ?)) #i0 #Hi0
    cases (decidable_eq_nat i0 i) #Hi0i
    [ >Hi0i @Hnth_i
    | @sym_eq @Hnth_j @sym_not_eq // ] ] ]
qed.

definition Rm_test_null_true ≝ 
  λalpha,n,i.λt1,t2:Vector ? (S n).
   current alpha (nth i ? t1 (niltape ?)) ≠ None ? ∧ t2 = t1.
   
definition Rm_test_null_false ≝ 
  λalpha,n,i.λt1,t2:Vector ? (S n).
    current alpha (nth i ? t1 (niltape ?)) = None ? ∧ t2 = t1.

lemma sem_test_null_multi : ∀alpha,n,i.i ≤ n → 
  inject_TM ? (test_null ?) n i ⊨ 
    [ tc_true : Rm_test_null_true alpha n i, Rm_test_null_false alpha n i ].
#alpha #n #i #Hin #int
cases (acc_sem_inject … Hin (sem_test_null alpha) int)
#k * #outc * * #Hloop #Htrue #Hfalse %{k} %{outc} % [ %
[ @Hloop
| #Hqtrue lapply (Htrue Hqtrue) * * #Hcur #Hnth_i #Hnth_j % //
  @(eq_vec … (niltape ?)) #i0 #Hi0 cases (decidable_eq_nat i0 i) #Hi0i
  [ >Hi0i @sym_eq @Hnth_i | @sym_eq @Hnth_j @sym_not_eq // ] ] 
| #Hqfalse lapply (Hfalse Hqfalse) * * #Hcur #Hnth_i #Hnth_j %
  [ @Hcur
  | @(eq_vec … (niltape ?)) #i0 #Hi0 cases (decidable_eq_nat i0 i) // 
    #Hi0i @sym_eq @Hnth_j @sym_not_eq // ] ] 
qed.

definition match_test ≝ λsrc,dst.λsig:DeqSet.λn.λv:Vector ? n.
  match (nth src (option sig) v (None ?)) with 
  [ None ⇒  false 
  | Some x ⇒  notb (nth dst (DeqOption sig) v (None ?) == None ?) ].

definition mmove_states ≝ initN 2.

definition mmove0 : mmove_states ≝ mk_Sig ?? 0 (leb_true_to_le 1 2 (refl …)).
definition mmove1 : mmove_states ≝ mk_Sig ?? 1 (leb_true_to_le 2 2 (refl …)).

definition trans_mmove ≝ 
 λi,sig,n,D.
 λp:mmove_states × (Vector (option sig) (S n)).
 let 〈q,a〉 ≝ p in match (pi1 … q) with
 [ O ⇒ 〈mmove1,change_vec ? (S n) (null_action ? n) (〈None ?,D〉) i〉
 | S _ ⇒ 〈mmove1,null_action sig n〉 ].

definition mmove ≝ 
  λi,sig,n,D.
  mk_mTM sig n mmove_states (trans_mmove i sig n D) 
    mmove0 (λq.q == mmove1).
    
definition Rm_multi ≝ 
  λalpha,n,i,D.λt1,t2:Vector ? (S n).
  t2 = change_vec ? (S n) t1 (tape_move alpha (nth i ? t1 (niltape ?)) D) i.
   
lemma sem_move_multi :
  ∀alpha,n,i,D.i ≤ n → 
  mmove i alpha n D ⊨ Rm_multi alpha n i D.
#alpha #n #i #D #Hin #int %{2}
%{(mk_mconfig ? mmove_states n mmove1 ?)} 
[| %
 [ whd in ⊢ (??%?); @eq_f whd in ⊢ (??%?); @eq_f %
 | whd >tape_move_multi_def
   <(change_vec_same … (ctapes …) i (niltape ?))
   >pmap_change <tape_move_multi_def >tape_move_null_action % ] ]
 qed.
  
definition rewind ≝ λsrc,dst,sig,n.
  parmove src dst sig n L · mmove src sig n R · mmove dst sig n R.

definition R_rewind ≝ λsrc,dst,sig,n.λint,outt: Vector (tape sig) (S n).
  (∀x,x0,xs,rs.
    nth src ? int (niltape ?) = midtape sig (xs@[x0]) x rs → 
    ∀ls0,y,y0,target,rs0.|xs| = |target| → 
    nth dst ? int (niltape ?) = midtape sig (target@y0::ls0) y rs0 → 
    outt = change_vec ?? 
           (change_vec ?? int (midtape sig [] x0 (reverse ? xs@x::rs)) src)
           (midtape sig ls0 y0 (reverse ? target@y::rs0)) dst).
           
theorem accRealize_to_Realize :
  ∀sig,n.∀M:mTM sig n.∀Rtrue,Rfalse,acc.
  M ⊨ [ acc: Rtrue, Rfalse ] →  M ⊨ Rtrue ∪ Rfalse.
#sig #n #M #Rtrue #Rfalse #acc #HR #t
cases (HR t) #k * #outc * * #Hloop
#Htrue #Hfalse %{k} %{outc} % // 
cases (true_or_false (cstate sig (states sig n M) n outc == acc)) #Hcase
[ % @Htrue @(\P Hcase) | %2 @Hfalse @(\Pf Hcase) ]
qed. 
           
lemma sem_rewind : ∀src,dst,sig,n.
  src ≠ dst → src < S n → dst < S n → 
  rewind src dst sig n ⊨ R_rewind src dst sig n.
#src #dst #sig #n #Hneq #Hsrc #Hdst
@(sem_seq_app sig n ????? (sem_parmoveL src dst sig n Hneq Hsrc Hdst) ?)
[| @(sem_seq_app sig n ????? (sem_move_r_multi …) (sem_move_r_multi …)) //
 @le_S_S_to_le // ]
#ta #tb * #tc * * #Htc #_ * #td * whd in ⊢ (%→%→?); #Htd #Htb
#x #x0 #xs #rs #Hmidta_src #ls0 #y #y0 #target #rs0 #Hlen #Hmidta_dst
>(Htc ??? Hmidta_src ls0 y (target@[y0]) rs0 ??) in Htd;
[|>Hmidta_dst //
|>length_append >length_append >Hlen % ] * #_
[ whd in ⊢ (%→?); * #x1 * #x2 * *
  >change_vec_commute in ⊢ (%→?); // >nth_change_vec //
  cases (reverse sig (xs@[x0])@x::rs)
  [|#z #zs] normalize in ⊢ (%→?); #H destruct (H)
| whd in ⊢ (%→?); * #_ #Htb >Htb -Htb FAIL
  
   normalize in ⊢ (%→?);
    (sem_parmove_step src dst sig n R Hneq Hsrc Hdst))
    (acc_sem_if ? n … (sem_partest sig n (match_test src dst sig ?))
      (sem_seq … 
        (sem_parmoveL ???? Hneq Hsrc Hdst) 
        (sem_inject … dst (le_S_S_to_le … Hdst) (sem_move_r ? )))
      (sem_nop …)))
  

definition match_step ≝ λsrc,dst,sig,n.
  compare src dst sig n ·
     (ifTM ?? (partest sig n (match_test src dst sig ?))
      (single_finalTM ??
        (rewind src dst sig n · (inject_TM ? (move_r ?) n dst)))
      (nop …)
      partest1).
      
definition R_match_step_false ≝ 
  λsrc,dst,sig,n.λint,outt: Vector (tape sig) (S n).
  ∀ls,x,xs.
  nth src ? int (niltape ?) = midtape sig ls x xs →
  ((current sig (nth dst (tape sig) int (niltape sig)) = None ?) ∧ outt = int) ∨
    (∃ls0,rs0,xs0. nth dst ? int (niltape ?) = midtape sig ls0 x rs0 ∧
      xs = rs0@xs0 ∧
      current sig (nth dst (tape sig) outt (niltape sig)) = None ?) ∨
    (∃ls0,rs0. 
     nth dst ? int (niltape ?) = midtape sig ls0 x (xs@rs0) ∧
     (* ∀rsj,c. 
     rs0 = c::rsj → *)
     outt = change_vec ??
            (change_vec ?? int (mk_tape sig (reverse ? xs@x::ls) (None ?) [ ]) src)
            (mk_tape sig (reverse ? xs@x::ls0) (option_hd ? rs0) (tail ? rs0)) dst).

(*definition R_match_step_true ≝ 
  λsrc,dst,sig,n.λint,outt: Vector (tape sig) (S n).
  ∀s,rs.current sig (nth src (tape sig) int (niltape sig)) = Some ? s → 
  current sig (nth dst (tape sig) int (niltape sig)) ≠ None ? ∧
  (∀s1.current sig (nth dst (tape sig) int (niltape sig)) = Some ? s1 → s ≠ s1 →  
   outt = change_vec ?? int 
          (tape_move_mono … (nth dst ? int (niltape ?)) (〈Some ? s1,R〉)) dst) ∧  
  (∀ls,x,xs,ci,rs,ls0,rs0. 
    nth src ? int (niltape ?) = midtape sig ls x (xs@ci::rs) →
    nth dst ? int (niltape ?) = midtape sig ls0 x (xs@rs0) →
    rs0 ≠ [] ∧
    ∀cj,rs1.rs0 = cj::rs1 → 
    ci ≠ cj →
    (outt = change_vec ?? int 
        (tape_move_mono … (nth dst ? int (niltape ?)) (〈None ?,R〉)) dst)). 
*)
definition R_match_step_true ≝ 
  λsrc,dst,sig,n.λint,outt: Vector (tape sig) (S n).
  ∀s.current sig (nth src (tape sig) int (niltape sig)) = Some ? s → 
  ∃s1.current sig (nth dst (tape sig) int (niltape sig)) = Some ? s1 ∧
  (left ? (nth src ? int (niltape ?)) = [ ] → 
   (s ≠ s1 →  
    outt = change_vec ?? int 
          (tape_move_mono … (nth dst ? int (niltape ?)) (〈None ?,R〉)) dst) ∧
   (∀xs,ci,rs,ls0,rs0. 
    nth src ? int (niltape ?) = midtape sig [] s (xs@ci::rs) →
    nth dst ? int (niltape ?) = midtape sig ls0 s (xs@rs0) →
    rs0 ≠ [] ∧
    ∀cj,rs1.rs0 = cj::rs1 → 
    ci ≠ cj →
    (outt = change_vec ?? int 
        (tape_move_mono … (nth dst ? int (niltape ?)) (〈None ?,R〉)) dst))). 
         
lemma sem_match_step :
  ∀src,dst,sig,n.src ≠ dst → src < S n → dst < S n → 
  match_step src dst sig n ⊨ 
    [ inr ?? (inr ?? (inl … (inr ?? start_nop))) : 
      R_match_step_true src dst sig n, 
      R_match_step_false src dst sig n ].
#src #dst #sig #n #Hneq #Hsrc #Hdst 
@(acc_sem_seq_app sig n … (sem_compare src dst sig n Hneq Hsrc Hdst)
    (acc_sem_if ? n … (sem_partest sig n (match_test src dst sig ?))
      (sem_seq … 
        (sem_parmoveL ???? Hneq Hsrc Hdst) 
        (sem_inject … dst (le_S_S_to_le … Hdst) (sem_move_r ? )))
      (sem_nop …)))
[#ta #tb #tc * #Hcomp1 #Hcomp2 * #td * #Htest
 * #te * #Hte #Htb #s #Hcurta_src whd
 cut (∃s1.current sig (nth dst (tape sig) ta (niltape sig))=Some sig s1)
 [ lapply Hcomp1 -Hcomp1 
   lapply (refl ? (current ? (nth dst ? ta (niltape ?))))
   cases (current ? (nth dst ? ta (niltape ?))) in ⊢ (???%→%);
   [ #Hcurta_dst #Hcomp1 >Hcomp1 in Htest; // *
     change with (vec_map ?????) in match (current_chars ???); whd in ⊢ (??%?→?);
     <(nth_vec_map ?? (current ?) src ? ta (niltape ?))      
     <(nth_vec_map ?? (current ?) dst ? ta (niltape ?))
     >Hcurta_src >Hcurta_dst whd in ⊢ (??%?→?); #H destruct (H)
   | #s1 #_ #_ %{s1} % ] ]
 * #s1 #Hcurta_dst %{s1} % // #Hleftta %
 [ #Hneqss1 -Hcomp2 cut (tc = ta) 
   [@Hcomp1 %1 %1 >Hcurta_src >Hcurta_dst @(not_to_not … Hneqss1) #H destruct (H) //] 
    #H destruct (H) -Hcomp1 cut (td = ta)
    [ cases Htest -Htest // ] #Htdta destruct (Htdta)
    cases Hte -Hte #Hte #_
    cases (current_to_midtape … Hcurta_src) #ls * #rs #Hmidta_src
    cases (current_to_midtape … Hcurta_dst) #ls0 * #rs0 #Hmidta_dst
    >Hmidta_src in Hleftta; normalize in ⊢ (%→?); #Hls destruct (Hls)
    >(Hte s [ ] rs Hmidta_src ls0 s1 [ ] rs0 (refl ??) Hmidta_dst) in Htb;
    * whd in ⊢ (%→?);
    mid
    
      in Htb;
    cut (te = ta) 
    [ cases Htest -Htest #Htest #Htdta <Htdta @Hte %1 >Htdta @Hcurta_src %{s} % //] 
    -Hte #H destruct (H) %
    [cases Htb * #_ #Hmove #Hmove1 @(eq_vec … (niltape … ))
     #i #Hi cases (decidable_eq_nat i dst) #Hidst
      [ >Hidst >nth_change_vec // cases (current_to_midtape … Hcurta_dst)
        #ls * #rs #Hta_mid >(Hmove … Hta_mid) >Hta_mid cases rs //
      | >nth_change_vec_neq [|@sym_not_eq //] @sym_eq @Hmove1 @sym_not_eq // ]
    | whd in Htest:(??%?); >(nth_vec_map ?? (current sig)) in Hcurta_src; #Hcurta_src
      >Hcurta_src in Htest; whd in ⊢ (??%?→?);
      cases (is_endc s) // whd in ⊢ (??%?→?); #H @sym_eq // 
    ]
   <(nth_vec_map ?? (current ?) dst ? tc (niltape ?))   
    >Hcurta_src normalize
   lapply (refl ? (current ? (nth dst ? ta (niltape ?)))) 
   cases (current ? (nth dst ? ta (niltape ?))) in ⊢ (???%→%);
   [| #s1 #Hcurta_dst %
     [ % #Hfalse destruct (Hfalse)
     | #s1' #Hs1 destruct (Hs1) #Hneqss1 -Hcomp2 
       cut (tc = ta) 
       [@Hcomp1 %1 %1 >Hcurta_src >Hcurta_dst @(not_to_not … Hneqss1) #H destruct (H) //] 
       #H destruct (H) -Hcomp1 cases Hte -Hte #_ #Hte
       cut (te = ta) [ cases Htest -Htest #Htest #Htdta <Htdta @Hte %1 %{s} % //] -Hte #H destruct (H) %
       [cases Htb * #_ #Hmove #Hmove1 @(eq_vec … (niltape … ))
        #i #Hi cases (decidable_eq_nat i dst) #Hidst
         [ >Hidst >nth_change_vec // cases (current_to_midtape … Hcurta_dst)
           #ls * #rs #Hta_mid >(Hmove … Hta_mid) >Hta_mid cases rs //
         | >nth_change_vec_neq [|@sym_not_eq //] @sym_eq @Hmove1 @sym_not_eq // ]
       | whd in Htest:(??%?); >(nth_vec_map ?? (current sig)) in Hcurta_src; #Hcurta_src
         >Hcurta_src in Htest; whd in ⊢ (??%?→?);
         cases (is_endc s) // whd in ⊢ (??%?→?); #H @sym_eq // 
       ]
     
      ]
   #Hcurta_dst >Hcomp1 in Htest; [| %2 %2 //]
   whd in ⊢ (??%?→?); change with (current ? (niltape ?)) in match (None ?);
    <nth_vec_map >Hcurta_src whd in ⊢ (??%?→?); <nth_vec_map
    >Hcurta_dst cases (is_endc s) normalize in ⊢ (%→?); #H destruct (H)
 | #Hstart #Hnotstart %
   [ #s1 #Hcurta_dst #Hneqss1 -Hcomp2
     cut (tc = ta) 
     [@Hcomp1 %2 %1 %1 >Hcurta_src >Hcurta_dst @(not_to_not … Hneqss1) #H destruct (H) //] 
     #H destruct (H) -Hcomp1 cases Hte #_ -Hte #Hte
     cut (te = ta) [@Hte %1 %1 %{s} % //] -Hte #H destruct (H) %
     [cases Htb * #_ #Hmove #Hmove1 @(eq_vec … (niltape … ))
      #i #Hi cases (decidable_eq_nat i dst) #Hidst
       [ >Hidst >nth_change_vec // cases (current_to_midtape … Hcurta_dst)
         #ls * #rs #Hta_mid >(Hmove … Hta_mid) >Hta_mid cases rs //
       | >nth_change_vec_neq [|@sym_not_eq //] @sym_eq @Hmove1 @sym_not_eq // ]
     | whd in Htest:(??%?); >(nth_vec_map ?? (current sig)) in Hcurta_src; #Hcurta_src
       >Hcurta_src in Htest; whd in ⊢ (??%?→?);
       cases (is_endc s) // whd in ⊢ (??%?→?); #H @sym_eq // 
     ]
   |#ls #x #xs #ci #rs #ls0 #rs00 #Htasrc_mid #Htadst_mid #Hnotendc
    cases (Hcomp2 … Htasrc_mid Htadst_mid Hnotendc)
    [ * #Hrs00 #Htc >Htc in Htest; whd in ⊢ (??%?→?);
      <(nth_vec_map ?? (current sig) ??? (niltape ?))
      >change_vec_commute // >nth_change_vec // whd in ⊢ (??%?→?);
      cases (is_endc ci)
      [ whd in ⊢ (??%?→?); #H destruct (H)
      | <(nth_vec_map ?? (current sig) ??? (niltape ?))
        >change_vec_commute [| @sym_not_eq // ] >nth_change_vec //
        >(?:current ? (mk_tape ?? (None ?) ?) = None ?)
        [ whd in ⊢ (??%?→?); #H destruct (H)
        | cases (reverse sig xs@x::ls0) normalize // ] ] ]
    * #cj' * #rs0' * #Hcjrs0 destruct (Hcjrs0) -Hcomp2 #Hcomp2 % [ % 
    [ cases (true_or_false (is_endc ci)) //
      #Hendci >(Hcomp2 (or_introl … Hendci)) in Htest;
      whd in ⊢ (??%?→?); <(nth_vec_map ?? (current sig) ??? (niltape ?))
        >change_vec_commute // >nth_change_vec // whd in ⊢ (??%?→?);
        >Hendci normalize //
    | % #H destruct (H) ] ] #cj #rs1 #H destruct (H) #Hcicj
    lapply (Hcomp2 (or_intror ?? Hcicj)) -Hcomp2 #Htc %
    [ cases Hte -Hte #Hte #_ whd in Hte;
      >Htasrc_mid in Hcurta_src; whd in ⊢ (??%?→?); #H destruct (H) 
      lapply (Hte ls ci (reverse ? xs) rs s ??? ls0 cj (reverse ? xs) s rs1 (refl ??) ?) //
      [ >Htc >nth_change_vec //
      | #c0 #Hc0 @(Hnotstart c0) >Htasrc_mid cases (orb_true_l … Hc0) -Hc0 #Hc0
        [@memb_append_l2 >(\P Hc0) @memb_hd
        |@memb_append_l1 <(reverse_reverse …xs) @memb_reverse //
        ]
      | >Htc >change_vec_commute // >nth_change_vec // ] -Hte
      >Htc >change_vec_commute // >change_vec_change_vec 
      >change_vec_commute [|@sym_not_eq //] >change_vec_change_vec #Hte
      >Hte in Htb; * * #_ >reverse_reverse #Htbdst1 #Htbdst2 -Hte @(eq_vec … (niltape ?))
      #i #Hi cases (decidable_eq_nat i dst) #Hidst
      [ >Hidst >nth_change_vec // >(Htbdst1 ls0 s (xs@cj::rs1))
        [| >nth_change_vec // ]
        >Htadst_mid cases xs //
      | >nth_change_vec_neq [|@sym_not_eq // ]
        <Htbdst2 [| @sym_not_eq // ] >nth_change_vec_neq [| @sym_not_eq // ]
        <Htasrc_mid >change_vec_same % ]
    | >Hcurta_src in Htest; whd in ⊢(??%?→?);
      >Htc >change_vec_commute //
      change with (current ? (niltape ?)) in match (None ?);
      <nth_vec_map >nth_change_vec // whd in ⊢ (??%?→?);
      cases (is_endc ci) whd in ⊢ (??%?→?); #H destruct (H) % 
    ]
   ]
  ]
|#intape #outtape #ta * #Hcomp1 #Hcomp2 * #tb * * #Hc #Htb 
 whd in ⊢ (%→?); #Hout >Hout >Htb whd
 #ls #c_src #xs #end #rs #Hmid_src #Hnotend #Hend
 lapply (current_to_midtape sig (nth dst ? intape (niltape ?)))
 cases (current … (nth dst ? intape (niltape ?))) in Hcomp1;
  [#Hcomp1 #_ %1 % % [% | @Hcomp1 %2 %2 % ]
  |#c_dst cases (true_or_false (c_src == c_dst)) #Hceq
    [#_ #Hmid_dst cases (Hmid_dst c_dst (refl …)) -Hmid_dst
     #ls_dst * #rs_dst #Hmid_dst
     cases (comp_list … (xs@end::rs) rs_dst is_endc) #xs1 * #rsi * #rsj * * * 
     #Hrs_src #Hrs_dst #Hnotendxs1 #Hneq >Hrs_dst in Hmid_dst; #Hmid_dst
     cut (∃r1,rs1.rsi = r1::rs1) 
     [cases rsi in Hrs_src;
       [ >append_nil #H <H in Hnotendxs1; #Hnotendxs1
         >(Hnotendxs1 end) in Hend; [ #H1 destruct (H1) ]
         @memb_append_l2 @memb_hd
       | #r1 #rs1 #_ %{r1} %{rs1} % ] ]
     * #r1 * #rs1 #Hrs1 >Hrs1 in Hrs_src;
     #Hrs_src >Hrs_src in Hmid_src; #Hmid_src <(\P Hceq) in Hmid_dst; #Hmid_dst
     lapply (Hcomp2 ??????? Hmid_src Hmid_dst ?) 
     [ #c0 #Hc0 cases (orb_true_l … Hc0) -Hc0 #Hc0
       [ >(\P Hc0) @Hnotend @memb_hd | @Hnotendxs1 //] ] 
     *
     [ * #Hrsj >Hrsj #Hta % %2 >Hta >nth_change_vec //
       %{ls_dst} %{xs1} cut (∃xs0.xs = xs1@xs0)
       [lapply Hnotendxs1 -Hnotendxs1 lapply Hrs_src lapply xs elim xs1
         [ #l #_ #_ %{l} %
         | #x2 #xs2 #IH * 
           [ whd in ⊢ (??%%→?); #H destruct (H) #Hnotendxs2
             >Hnotendxs2 in Hend; [ #H destruct (H) |@memb_hd ]
           | #x2' #xs2' whd in ⊢ (??%%→?); #H destruct (H)
             #Hnotendxs2 cases (IH xs2' e0 ?)
             [ #xs0 #Hxs2 %{xs0} @eq_f //
             |#c #Hc @Hnotendxs2 @memb_cons // ]
           ]
         ] 
       ] * #xs0 #Hxs0 %{xs0} % [ %
       [ >Hmid_dst >Hrsj >append_nil %
       | @Hxs0 ]
       | cases (reverse ? xs1) // ]
     | * #cj * #rs2 * #Hrsj #Hta lapply (Hta ?)
       [ cases (Hneq ?? Hrs1) /2/ * #_ #Hr1 %2 @(Hr1 ?? Hrsj) ] -Hta #Hta
       %2 >Hta in Hc; whd in ⊢ (??%?→?);
       change with (current ? (niltape ?)) in match (None ?);
       <nth_vec_map >nth_change_vec_neq [|@sym_not_eq //] >nth_change_vec //
       whd in ⊢ (??%?→?); #Hc cut (is_endc r1 = true)
       [ cases (is_endc r1) in Hc; whd in ⊢ (??%?→?); //
         change with (current ? (niltape ?)) in match (None ?);
         <nth_vec_map >nth_change_vec // normalize #H destruct (H) ]
       #Hendr1 cut (xs = xs1)
       [ lapply Hnotendxs1 lapply Hnotend lapply Hrs_src lapply xs1
         -Hnotendxs1 -Hnotend -Hrs_src -xs1 elim xs
         [ * normalize in ⊢ (%→?); //
           #x2 #xs2 normalize in ⊢ (%→?); #Heq destruct (Heq) #_ #Hnotendxs1
           lapply (Hnotendxs1 ? (memb_hd …)) >Hend #H destruct (H)
         | #x2 #xs2 #IH *
           [ normalize in ⊢ (%→?); #Heq destruct (Heq) #Hnotendc
             >Hnotendc in Hendr1; [| @memb_cons @memb_hd ]
             normalize in ⊢ (%→?); #H destruct (H)
           | #x3 #xs3 normalize in ⊢ (%→?); #Heq destruct (Heq)
             #Hnotendc #Hnotendcxs1 @eq_f @IH
             [ @(cons_injective_r … Heq)
             | #c0 #Hc0 @Hnotendc cases (orb_true_l … Hc0) -Hc0 #Hc0
               [ >(\P Hc0) @memb_hd
               | @memb_cons @memb_cons // ]
             | #c #Hc @Hnotendcxs1 @memb_cons // ]
           ]
         ]
       | #Hxsxs1 destruct (Hxsxs1) >Hmid_dst %{ls_dst} %{rsj} % //
         #rsj0 #c >Hrsj #Hrsj0 destruct (Hrsj0) 
         lapply (append_l2_injective … Hrs_src) // #Hrs' destruct (Hrs') %
       ]
     ]
    |#Hcomp1 #Hsrc cases (Hsrc ? (refl ??)) -Hsrc #ls0 * #rs0 #Hdst 
     @False_ind lapply (Hcomp1 ?) [%2 %1 %1 >Hmid_src normalize
     @(not_to_not ??? (\Pf Hceq)) #H destruct //] #Hintape >Hintape in Hc;
     whd in ⊢(??%?→?); >Hmid_src  
     change with (current ? (niltape ?)) in match (None ?);
     <nth_vec_map >Hmid_src whd in ⊢ (??%?→?);
     >(Hnotend c_src) [|@memb_hd]
     change with (current ? (niltape ?)) in match (None ?);
     <nth_vec_map >Hmid_src whd in ⊢ (??%?→?); >Hdst normalize #H destruct (H)
   ]
  ]
]
qed.

definition match_m ≝ λsrc,dst,sig,n,is_startc,is_endc.
  whileTM … (match_step src dst sig n is_startc is_endc) 
    (inr ?? (inr ?? (inl … (inr ?? start_nop)))).

definition R_match_m ≝ 
  λsrc,dst,sig,n,is_startc,is_endc.λint,outt: Vector (tape sig) (S n).
  ∀ls,x,xs,end,rs.
  nth src ? int (niltape ?) = midtape sig ls x (xs@end::rs) →
  (∀c0. memb ? c0 (x::xs) = true → is_endc c0 = false) → is_endc end = true →
  (∀c0. memb ? c0 (xs@end::rs) = true → is_startc c0 = false) → 
  (current sig (nth dst (tape sig) int (niltape sig)) = None ? → outt = int) ∧
  (is_startc x = true →
   (∀ls0,x0,rs0.
    nth dst ? int (niltape ?) = midtape sig ls0 x0 rs0 →
    (∃l,l1.x0::rs0 = l@x::xs@l1 ∧
     ∀cj,l2.l1=cj::l2 →
     outt = change_vec ?? 
            (change_vec ?? int (midtape sig (reverse ? xs@x::ls) end rs) src)
            (midtape sig ((reverse ? (l@x::xs))@ls0) cj l2) dst) ∨
    ∀l,l1.x0::rs0 ≠ l@x::xs@l1)).

lemma not_sub_list_merge : 
  ∀T.∀a,b:list T. (∀l1.a ≠ b@l1) → (∀t,l,l1.a ≠ t::l@b@l1) → ∀l,l1.a ≠ l@b@l1.
#T #a #b #H1 #H2 #l elim l normalize //
qed.

lemma not_sub_list_merge_2 : 
  ∀T:DeqSet.∀a,b:list T.∀t. (∀l1.t::a ≠ b@l1) → (∀l,l1.a ≠ l@b@l1) → ∀l,l1.t::a ≠ l@b@l1.
#T #a #b #t #H1 #H2 #l elim l //
#t0 #l1 #IH #l2 cases (true_or_false (t == t0)) #Htt0
[ >(\P Htt0) % normalize #H destruct (H) cases (H2 l1 l2) /2/
| normalize % #H destruct (H) cases (\Pf Htt0) /2/ ]
qed.


lemma wsem_match_m : ∀src,dst,sig,n,is_startc,is_endc.
src ≠ dst → src < S n → dst < S n → 
  match_m src dst sig n is_startc is_endc ⊫ R_match_m src dst sig n is_startc is_endc.
#src #dst #sig #n #is_startc #is_endc #Hneq #Hsrc #Hdst #ta #k #outc #Hloop
lapply (sem_while … (sem_match_step src dst sig n is_startc is_endc Hneq Hsrc Hdst) … Hloop) //
-Hloop * #tb * #Hstar @(star_ind_l ??????? Hstar) -Hstar
[ #Hfalse #ls #x #xs #end #rs #Hmid_src #Hnotend #Hend #Hnotstart
  cases (Hfalse … Hmid_src Hnotend Hend) -Hfalse 
  [(* current dest = None *) *
    [ * #Hcur_dst #Houtc %
      [#_ >Houtc //
      |#Hstart #ls0 #x0 #rs0 #Hmid_dst >Hmid_dst in Hcur_dst; 
       normalize in ⊢ (%→?); #H destruct (H)
      ]
    | * #ls0 * #rs0 * #xs0 * * #Htc_dst #Hrs0 #HNone %
      [ >Htc_dst normalize in ⊢ (%→?); #H destruct (H)
      | #Hstart #ls1 #x1 #rs1 >Htc_dst #H destruct (H)
        >Hrs0 cases xs0
        [ % %{[ ]} %{[ ]} % [ >append_nil >append_nil %]
          #cj #ls2 #H destruct (H)
        | #x2 #xs2 %2 #l #l1 % #Habs lapply (eq_f ?? (length ?) ?? Habs)
          >length_append whd in ⊢ (??%(??%)→?); >length_append
          >length_append normalize >commutative_plus whd in ⊢ (???%→?);
          #H destruct (H) lapply e0 >(plus_n_O (|rs1|)) in ⊢ (??%?→?);
          >associative_plus >associative_plus 
          #e1 lapply (injective_plus_r ??? e1) whd in ⊢ (???%→?);
          #e2 destruct (e2)
        ]
      ]
    ]
  |* #ls0 * #rs0 * #Hmid_dst #HFalse %
    [ >Hmid_dst normalize in ⊢ (%→?); #H destruct (H)
    | #Hstart #ls1 #x1 #rs1 >Hmid_dst #H destruct (H)
     %1 %{[ ]} %{rs0} % [%] #cj #l2 #Hnotnil 
     >reverse_cons >associative_append @(HFalse ?? Hnotnil)
    ]
  ]
|-ta #ta #tc #Htrue #Hstar #IH #Hout lapply (IH Hout) -IH -Hout #IH whd
 #ls #x #xs #end #rs #Hmid_src #Hnotend #Hend #Hnotstart 
 lapply (refl ? (current ? (nth dst ? ta (niltape ?))))
 cases (current ? (nth dst ? ta (niltape ?))) in ⊢ (???%→?); 
  [#Hmid_dst % 
    [#_ whd in Htrue; >Hmid_src in Htrue; #Htrue
     cases (Htrue x (refl … )) -Htrue * #Htaneq #_
     @False_ind >Hmid_dst in Htaneq; /2/
    |#Hstart #ls0 #x0 #rs0 #Hmid_dst2 >Hmid_dst2 in Hmid_dst; normalize in ⊢ (%→?); 
     #H destruct (H)
    ]
  | #c #Hcurta_dst % [ >Hcurta_dst #H destruct (H) ]
    #Hstart #ls0 #x0 #rs0 #Hmid_dst >Hmid_dst in Hcurta_dst; normalize in ⊢ (%→?);
    #H destruct (H) whd in Htrue; >Hmid_src in Htrue; #Htrue
    cases (Htrue x (refl …)) -Htrue #_ #Htrue cases (Htrue Hstart Hnotstart) -Htrue
    cases (true_or_false (x==c)) #eqx
    [ lapply (\P eqx) -eqx #eqx destruct (eqx)
      #_ #Htrue cases (comp_list ? (xs@end::rs) rs0 is_endc)
      #x1 * #tl1 * #tl2 * * * #Hxs #Hrs0 #Hnotendx1
      cases tl1 in Hxs; 
      [>append_nil #Hx1 <Hx1 in Hnotendx1; #Hnotendx1
       lapply (Hnotendx1 end ?) [ @memb_append_l2 @memb_hd ]
       >Hend #H destruct (H) ]
      #ci -tl1 #tl1 #Hxs #H cases (H … (refl … )) -H
      [ #Hendci % >Hrs0 in Hmid_dst; cut (ci = end ∧ x1 = xs) 
        [ lapply Hxs lapply Hnotendx1 lapply x1 elim xs in Hnotend;
          [ #_ *
            [ #_ normalize #H destruct (H) /2/ 
            | #x2 #xs2 #Hnotendx2 normalize #H destruct (H)
              >(Hnotendx2 ? (memb_hd …)) in Hend; #H destruct (H) ]
          | #x2 #xs2 #IH #Hnotendx2 *
            [ #_ normalize #H destruct (H) >(Hnotendx2 ci ?) in Hendci;
              [ #H destruct (H)
              | @memb_cons @memb_hd ]
            | #x3 #xs3 #Hnotendx3 normalize #H destruct (H)
              cases (IH … e0)
              [ #H1 #H2 /2/
              | #c0 #Hc0 @Hnotendx2 cases (orb_true_l … Hc0) -Hc0 #Hc0
                [ >(\P Hc0) @memb_hd
                | @memb_cons @memb_cons @Hc0 ]
              | #c0 #Hc0 @Hnotendx3 @memb_cons @Hc0 ]
            ]
          ]
        | * #Hcieq #Hx1eq >Hx1eq #Hmid_dst 
          cases (Htrue ??????? (refl ??) Hmid_dst Hnotend)
          <Hcieq >Hendci * #H destruct (H) ]
      |cases tl2 in Hrs0;
        [ >append_nil #Hrs0 destruct (Hrs0) * #Hcifalse#_ %2
          cut (∃l.xs = x1@ci::l) 
          [lapply Hxs lapply Hnotendx1 lapply Hnotend lapply xs 
           -Hxs -xs -Hnotendx1 elim x1
            [ *
              [ #_ #_ normalize #H1 destruct (H1) >Hend in Hcifalse;
                #H1 destruct (H1)
              | #x2 #xs2 #_ #_ normalize #H >(cons_injective_l ????? H) %{xs2} % ]
            | #x2 #xs2 #IHin *
              [ #_ #Hnotendxs2 normalize #H destruct (H) 
                >(Hnotendxs2 ? (memb_hd …)) in Hend; #H destruct (H)
              | #x3 #xs3 #Hnotendxs3 #Hnotendxs2 normalize #H destruct (H)
                cases (IHin ??? e0)
                [ #xs4 #Hxs4 >Hxs4 %{xs4} %
                | #c0 #Hc0 cases (orb_true_l … Hc0) -Hc0 #Hc0
                  [ >(\P Hc0) @Hnotendxs3 @memb_hd
                  | @Hnotendxs3 @memb_cons @memb_cons @Hc0 ]
                | #c0 #Hc0 @Hnotendxs2 @memb_cons @Hc0 ]
              ]
            ]
          ] * #l #Hxs' >Hxs'
          #l0 #l1 % #H lapply (eq_f ?? (length ?) ?? H) -H
          >length_append normalize >length_append >length_append
          normalize >commutative_plus normalize #H destruct (H) -H
          >associative_plus in e0; >associative_plus
          >(plus_n_O (|x1|)) in ⊢(??%?→?); #H lapply (injective_plus_r … H)
          -H normalize #H destruct (H)
        | #cj #tl2' #Hrs0 * #Hcifalse #Hcomp 
          lapply (Htrue ls c x1 ci tl1 ls0 (cj::tl2') ???)
          [ #c0 #Hc0 cases (orb_true_l … Hc0) #Hc0
            [ @Hnotend >(\P Hc0) @memb_hd
            | @Hnotendx1 // ]
          | >Hmid_dst >Hrs0 %
          | >Hxs %
          | * * #_ #_ -Htrue #Htrue lapply (Htrue ?? (refl ??) ?) [  @(Hcomp ?? (refl ??)) ]
            * #Htb >Htb #Hendci >Hrs0 >Hxs
            cases (IH ls c xs end rs ? Hnotend Hend Hnotstart) -IH 
            [| >Htb >nth_change_vec_neq [|@sym_not_eq //] @Hmid_src ]
            #_ #IH lapply Hxs lapply Hnotendx1 -Hxs -Hnotendx1 cases x1 in Hrs0;
            [ #Hrs0 #_ whd in ⊢ (???%→?); #Hxs
              cases (IH Hstart (c::ls0) cj tl2' ?)
              [ -IH * #l * #l1 * #Hll1 #IH % %{(c::l)} %{l1} 
                % [ @eq_f @Hll1 ]
                #cj0 #l2 #Hcj0 >(IH … Hcj0) >Htb
                >change_vec_commute // >change_vec_change_vec
                >change_vec_commute [|@sym_not_eq // ] @eq_f3 //
                >reverse_cons >associative_append %
              | #IH %2 #l #l1 >(?:l@c::xs@l1 = l@(c::xs)@l1) [|%]
                @not_sub_list_merge
                [ #l2 cut (∃xs'.xs = ci::xs')
                  [ cases xs in Hxs;
                    [ normalize #H destruct (H) >Hend in Hendci; #H destruct (H)
                    | #ci' #xs' normalize #H lapply (cons_injective_l ????? H)
                      #H1 >H1 %{xs'} % ]
                  ]
                  * #xs' #Hxs' >Hxs' normalize % #H destruct (H)
                  lapply (Hcomp … (refl ??)) * /2/
                |#t #l2 #l3 % normalize #H lapply (cons_injective_r ????? H)
                 -H #H >H in IH; #IH cases (IH l2 l3) -IH #IH @IH % ] 
              | >Htb >nth_change_vec // >Hmid_dst >Hrs0 % ]
            | #x2 #xs2 normalize in ⊢ (%→?); #Hrs0 #Hnotendxs2 normalize in ⊢ (%→?);
              #Hxs cases (IH Hstart (c::ls0) x2 (xs2@cj::tl2') ?)
              [ -IH * #l * #l1 * #Hll1 #IH % %{(c::l)} %{l1} 
                % [ @eq_f @Hll1 ]
                #cj0 #l2 #Hcj0 >(IH … Hcj0) >Htb
                >change_vec_commute // >change_vec_change_vec
                >change_vec_commute [|@sym_not_eq // ] @eq_f3 //
                >reverse_cons >associative_append %
              | -IH #IH %2 #l #l1 >(?:l@c::xs@l1 = l@(c::xs)@l1) [|%] 
                @not_sub_list_merge_2 [| @IH]
                cut (∃l2.xs = (x2::xs2)@ci::l2)
                [lapply Hnotendxs2
                 lapply Hnotend -Hnotend lapply Hxs
                 >(?:x2::xs2@ci::tl1 = (x2::xs2)@ci::tl1) [|%]
                 lapply (x2::xs2) elim xs
                  [ *
                    [ normalize in ⊢ (%→?); #H1 destruct (H1) 
                      >Hendci in Hend; #Hend destruct (Hend)
                    | #x3 #xs3 normalize in ⊢ (%→?); #H1 destruct (H1)
                      #_ #Hnotendx3 >(Hnotendx3 ? (memb_hd …)) in Hend;
                      #Hend destruct (Hend)
                    ]
                  | #x3 #xs3 #IHin *
                    [ normalize in ⊢ (%→?); #Hxs3 destruct (Hxs3) #_ #_
                      %{xs3} %
                    | #x4 #xs4 normalize in ⊢ (%→?); #Hxs3xs4 #Hnotend
                      #Hnotendxs4 destruct (Hxs3xs4) cases (IHin ? e0 ??)
                      [ #l0 #Hxs3 >Hxs3 %{l0} %
                      | #c0 #Hc0 @Hnotend cases (orb_true_l … Hc0) -Hc0 #Hc0
                        [ >(\P Hc0) @memb_hd
                        | @memb_cons @memb_cons @Hc0 ]
                      | #c0 #Hc0 @Hnotendxs4 @memb_cons //
                      ]
                    ]
                  ]
                ] * #l2 #Hxs'
                >Hxs' #l3 normalize >associative_append normalize % #H
                destruct (H) lapply (append_l2_injective ?????? e1) //
                #H1 destruct (H1) cases (Hcomp ?? (refl ??)) /2/
              | >Htb >nth_change_vec // >Hmid_dst >Hrs0 % ]
            ]
          ]
        ]
      ]
    |lapply (\Pf eqx) -eqx #eqx >Hmid_dst #Htrue 
     cases (Htrue ? (refl ??) eqx) -Htrue #Htb #Hendcx #_
     cases rs0 in Htb;
     [ #_ %2 #l #l1 cases l
       [ normalize cases xs
         [ cases l1
           [ normalize % #H destruct (H) cases eqx /2/
           | #tmp1 #l2 normalize % #H destruct (H) ]
         | #tmp1 #l2 normalize % #H destruct (H) ]
       | #tmp1 #l2 normalize % #H destruct (H)cases l2 in e0;
         [ normalize #H1 destruct (H1)
         | #tmp2 #l3 normalize #H1 destruct (H1) ]
       ]
     | #r1 #rs1 normalize in ⊢ (???(????%?)→?); #Htb >Htb in IH; #IH
       cases (IH ls x xs end rs ? Hnotend Hend Hnotstart) 
       [| >Htb >nth_change_vec_neq [|@sym_not_eq //] @Hmid_src ] -IH
       #_ #IH cases (IH Hstart (c::ls0) r1 rs1 ?)
       [|| >nth_change_vec // ] -IH
       [ * #l * #l1 * #Hll1 #Hout % %{(c::l)} %{l1} % >Hll1 //
         >reverse_cons >associative_append #cj0 #ls #Hl1 >(Hout ?? Hl1)
         >change_vec_commute in ⊢ (??(???%??)?); // @sym_not_eq //
       | #IH %2 @(not_sub_list_merge_2 ?? (x::xs)) normalize [|@IH]
         #l1 % #H destruct (H) cases eqx /2/
       ] 
    ]
  ]
]
qed.

definition Pre_match_m ≝ 
  λsrc,sig,n,is_startc,is_endc.λt: Vector (tape sig) (S n).
  ∃start,xs,end.
  nth src (tape sig) t (niltape sig) = midtape ? [] start (xs@[end]) ∧
  is_startc start = true ∧
  (∀c.c ∈ (xs@[end]) = true → is_startc c = false) ∧
  (∀c.c ∈ (start::xs) = true → is_endc c = false) ∧
  is_endc end = true.
  
lemma terminate_match_m :
  ∀src,dst,sig,n,is_startc,is_endc,t.
  src ≠ dst → src < S n → dst < S n → 
  Pre_match_m src sig n is_startc is_endc t → 
  match_m src dst sig n is_startc is_endc ↓ t.
#src #dst #sig #n #is_startc #is_endc #t #Hneq #Hsrc #Hdst * #start * #xs * #end
* * * * #Hmid_src #Hstart #Hnotstart #Hnotend #Hend
@(terminate_while … (sem_match_step src dst sig n is_startc is_endc Hneq Hsrc Hdst)) //
<(change_vec_same … t dst (niltape ?))
lapply (refl ? (nth dst (tape sig) t (niltape ?))) 
cases (nth dst (tape sig) t (niltape ?)) in ⊢ (???%→?);
[ #Htape_dst % #t1 whd in ⊢ (%→?); >nth_change_vec_neq [|@sym_not_eq //]
  >Hmid_src #HR cases (HR ? (refl ??)) -HR
  >nth_change_vec // >Htape_dst normalize in ⊢ (%→?);
  * #H @False_ind @H %
| #x0 #xs0 #Htape_dst % #t1 whd in ⊢ (%→?); >nth_change_vec_neq [|@sym_not_eq //]
  >Hmid_src #HR cases (HR ? (refl ??)) -HR
  >nth_change_vec // >Htape_dst normalize in ⊢ (%→?);
  * #H @False_ind @H %
| #x0 #xs0 #Htape_dst % #t1 whd in ⊢ (%→?); >nth_change_vec_neq [|@sym_not_eq //]
  >Hmid_src #HR cases (HR ? (refl ??)) -HR
  >nth_change_vec // >Htape_dst normalize in ⊢ (%→?);
  * #H @False_ind @H %
| #ls #s #rs lapply s -s lapply ls -ls lapply Hmid_src lapply t -t elim rs
  [#t #Hmid_src #ls #s #Hmid_dst % #t1 whd in ⊢ (%→?); >nth_change_vec_neq [|@sym_not_eq //]
   >Hmid_src >nth_change_vec // >Hmid_dst #HR cases (HR ? (refl ??)) -HR #_
   #HR cases (HR Hstart Hnotstart)
   cases (true_or_false (start == s)) #Hs
   [ lapply (\P Hs) -Hs #Hs <Hs #_ #Htrue
     cut (∃ci,xs1.xs@[end] = ci::xs1)
     [ cases xs
       [ %{end} %{[]} %
       | #x1 #xs1 %{x1} %{(xs1@[end])} % ] ] * #ci * #xs1 #Hxs
     >Hxs in Htrue; #Htrue
     cases (Htrue [ ] start [ ] ? xs1 ? [ ] (refl ??) (refl ??) ?)
     [ * #_ * #H @False_ind @H % ]
     #c0 #Hc0 @Hnotend >(memb_single … Hc0) @memb_hd
   | lapply (\Pf Hs) -Hs #Hs #Htrue #_
     cases (Htrue ? (refl ??) Hs) -Htrue #Ht1 #_ %
     #t2 whd in ⊢ (%→?); #HR cases (HR start ?)
     [ >Ht1 >nth_change_vec // normalize in ⊢ (%→?); * #H @False_ind @H %
     | >Ht1 >nth_change_vec_neq [|@sym_not_eq //]
       >nth_change_vec_neq [|@sym_not_eq //] >Hmid_src % ]
   ]
  |#r0 #rs0 #IH #t #Hmid_src #ls #s #Hmid_dst % #t1 whd in ⊢ (%→?);
   >nth_change_vec_neq [|@sym_not_eq //] >Hmid_src
   #Htrue cases (Htrue ? (refl ??)) -Htrue #_ #Htrue
   <(change_vec_same … t1 dst (niltape ?))
   cases (Htrue Hstart Hnotstart) -Htrue
   cases (true_or_false (start == s)) #Hs
   [ lapply (\P Hs) -Hs #Hs <Hs #_ #Htrue
    cut (∃ls0,xs0,ci,rs,rs0.
      nth src ? t (niltape ?) = midtape sig [ ] start (xs0@ci::rs) ∧
      nth dst ? t (niltape ?) = midtape sig ls0 s (xs0@rs0) ∧
      (is_endc ci = true ∨ (is_endc ci = false ∧ (∀b,tlb.rs0 = b::tlb → ci ≠ b))))
    [cases (comp_list ? (xs@[end]) (r0::rs0) is_endc) #xs0 * #xs1 * #xs2
      * * * #Hxs #Hrs #Hxs0notend #Hcomp >Hrs
      cut (∃y,ys. xs1 = y::ys)
      [ lapply Hxs0notend lapply Hxs lapply xs0 elim xs
        [ *
          [ normalize #Hxs1 <Hxs1 #_ %{end} %{[]} %
          | #z #zs normalize in ⊢ (%→?); #H destruct (H) #H
            lapply (H ? (memb_hd …)) -H >Hend #H1 destruct (H1)
          ]
        | #y #ys #IH0 * 
          [ normalize in ⊢ (%→?); #Hxs1 <Hxs1 #_ %{y} %{(ys@[end])} %
          | #z #zs normalize in ⊢ (%→?); #H destruct (H) #Hmemb
            @(IH0 ? e0 ?) #c #Hc @Hmemb @memb_cons // ] ] ] * #y * #ys #Hxs1
      >Hxs1 in Hxs; #Hxs >Hmid_src >Hmid_dst >Hxs >Hrs
      %{ls} %{xs0} %{y} %{ys} %{xs2}
      % [ % // | @Hcomp // ] ]
    * #ls0 * #xs0 * #ci * #rs * #rs0 * * #Hmid_src' #Hmid_dst' #Hcomp
    <Hmid_src in Htrue; >nth_change_vec // >Hs #Htrue destruct (Hs)
    lapply (Htrue ??????? Hmid_src' Hmid_dst' ?) -Htrue
    [ #c0 #Hc0 @Hnotend cases (orb_true_l … Hc0) -Hc0 #Hc0
      [ whd in ⊢ (??%?); >Hc0 %
      | @memb_cons >Hmid_src in Hmid_src'; #Hmid_src' destruct (Hmid_src')
        lapply e0 -e0 @(list_elim_left … rs)
        [ #e0 destruct (e0) lapply (append_l1_injective_r ?????? e0) //
        | #x1 #xs1 #_ >append_cons in ⊢ (???%→?);
          <associative_append #e0 lapply (append_l1_injective_r ?????? e0) //
          #e1 >e1 @memb_append_l1 @memb_append_l1 // ] ]
    | * * #Hciendc cases rs0 in Hcomp;
      [ #_ * #H @False_ind @H %
      | #r1 #rs1 * [ >Hciendc #H destruct (H) ]
        * #_ #Hcomp lapply (Hcomp ?? (refl ??)) -Hcomp #Hcomp #_ #Htrue
        cases (Htrue ?? (refl ??) Hcomp) #Ht1 #_ >Ht1 @(IH ?? (s::ls) r0)
        [ >nth_change_vec_neq [|@sym_not_eq //]
          >nth_change_vec_neq [|@sym_not_eq //] @Hmid_src
        | >nth_change_vec // >Hmid_dst % ] ] ]
  | >Hmid_dst >nth_change_vec // lapply (\Pf Hs) -Hs #Hs #Htrue #_
    cases (Htrue ? (refl ??) Hs) #Ht1 #_ >Ht1 @(IH ?? (s::ls) r0)
    [ >nth_change_vec_neq [|@sym_not_eq //]
      >nth_change_vec_neq [|@sym_not_eq //] @Hmid_src
    | >nth_change_vec // ] ] ] ]
qed.