Theory Combining_Sequential_Composition_Generalized

(***********************************************************************************
 * Copyright (c) 2025 Université Paris-Saclay
 *
 * Author: Benoît Ballenghien, Université Paris-Saclay,
 *         CNRS, ENS Paris-Saclay, LMF
 * Author: Burkhart Wolff, Université Paris-Saclay,
 *         CNRS, ENS Paris-Saclay, LMF
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice, this
 *
 * * Redistributions in binary form must reproduce the above copyright notice,
 *   this list of conditions and the following disclaimer in the documentation
 *   and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 * SPDX-License-Identifier: BSD-2-Clause
 ***********************************************************************************)


chapter ‹Combining Automata for Sequential Composition Generalized›

(*<*)
theory Combining_Sequential_Composition_Generalized 
  imports Process_Normalization
begin
  (*>*)


section ‹Definitions›

section ‹General Patterns›

definition combine⇩d_Seq_ε ::
  ‹[('σ⇩0, 'a, 'r, 'α⇩0) A⇩d_scheme, 'r ⇒ ('σ⇩1, 'a, 's, 'α⇩1) A⇩d_scheme, 'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ] ⇒ 'a set›
  where ‹combine⇩d_Seq_ε A⇩0 A⇩1 i⇩0 i⇩1 σs ≡
           if i⇩0 σs ∈ ρ A⇩0
         then   if i⇩1 σs ∈ ρ (A⇩1 ⌈ω A⇩0 (i⇩0 σs)⌉)
              then {}
              else ε (A⇩1 ⌈ω A⇩0 (i⇩0 σs)⌉) (i⇩1 σs)
         else ε A⇩0 (i⇩0 σs)›

definition combine⇩n⇩d_Seq_ε ::
  ‹[('σ⇩0, 'a, 'r, 'α⇩0) A⇩n⇩d_scheme, 'r ⇒ ('σ⇩1, 'a, 's, 'α⇩1) A⇩n⇩d_scheme, 'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ] ⇒ 'a set›
  where ‹combine⇩n⇩d_Seq_ε A⇩0 A⇩1 i⇩0 i⇩1 σs ≡
           if i⇩0 σs ∈ ρ A⇩0
         then   if i⇩1 σs ∈ (⋃r∈ω A⇩0 (i⇩0 σs). ρ (A⇩1 r))
              then {}
              else (⋃r ∈ ω A⇩0 (i⇩0 σs). ε (A⇩1 r) (i⇩1 σs))
         else ε A⇩0 (i⇩0 σs)›

lemmas combine_Seq_ε_defs = combine⇩d_Seq_ε_def combine⇩n⇩d_Seq_ε_def


fun combine⇩d_Seq :: 
  ‹[('σ⇩0, 'e, 'r, 'α⇩0) A⇩d_scheme, 'r ⇒ ('σ⇩1, 'e, 's, 'α⇩1) A⇩d_scheme,
    'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ⇩0 ⇒ 'σ⇩1 ⇒ 'σ] ⇒ ('σ, 'e, 's) A⇩d›
  and combine⇩n⇩d_Seq ::
  ‹[('σ⇩0, 'e, 'r, 'α⇩0) A⇩n⇩d_scheme, 'r ⇒ ('σ⇩1, 'e, 's, 'α⇩1) A⇩n⇩d_scheme,
     'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ⇩0 ⇒ 'σ⇩1 ⇒ 'σ] ⇒ ('σ, 'e, 's) A⇩n⇩d›
  where ‹combine⇩d_Seq A⇩0 A⇩1 i⇩0 i⇩1 f =
         ⦇τ = λσs e.  if i⇩0 σs ∈ ρ A⇩0
                    then   if i⇩1 σs ∈ ρ (A⇩1 ⌈ω A⇩0 (i⇩0 σs)⌉)
                         then ◇
                          else update_right (A⇩1 ⌈ω A⇩0 (i⇩0 σs)⌉) (i⇩0 σs) (i⇩1 σs) e (f_up_opt f) (λσ. ⌊σ⌋)
                    else update_left  A⇩0 (i⇩0 σs) (i⇩1 σs) e (f_up_opt f) (λσ. ⌊σ⌋),
          ω = λσs. case ω A⇩0 (i⇩0 σs) of ◇ ⇒ ◇ | ⌊r⌋ ⇒ ω (A⇩1 r) (i⇩1 σs)⦈›
  |     ‹combine⇩n⇩d_Seq A⇩0 A⇩1 i⇩0 i⇩1 f = 
         ⦇τ = λσs e. if i⇩0 σs ∈ ρ A⇩0
                    then   if i⇩1 σs ∈ (⋃r∈ω A⇩0 (i⇩0 σs). ρ (A⇩1 r))
                         then {}
                         else (⋃r∈ω A⇩0 (i⇩0 σs). update_right (A⇩1 r) (i⇩0 σs) (i⇩1 σs) e (f_up_set f) (λσ. {σ}))
                    else      update_left A⇩0 (i⇩0 σs) (i⇩1 σs) e (f_up_set f) (λσ. {σ}),
          ω = λσs. ⋃r∈ω A⇩0 (i⇩0 σs). ω (A⇩1 r) (i⇩1 σs)⦈›



section ‹Specializations› 

definition combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ, 'e, 'r, 'α) A⇩d_scheme, 'r ⇒ ('σ, 'e, 's, 'β) A⇩d_scheme] ⇒ ('σ list, 'e, 's) A⇩d›
  where ‹combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 A⇩1 ≡ combine⇩d_Seq A⇩0 A⇩1 hd (λσs. hd (tl σs)) (λs t. [s, t])›
definition combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ, 'e, 'r, 'α) A⇩n⇩d_scheme, 'r ⇒ ('σ, 'e, 's, 'β) A⇩n⇩d_scheme] ⇒ ('σ list, 'e, 's) A⇩n⇩d› 
  where ‹combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 A⇩1 ≡ combine⇩n⇩d_Seq A⇩0 A⇩1 hd (λσs. hd (tl σs)) (λs t. [s, t])›

definition combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ⇩0, 'e, 'r, 'α) A⇩d_scheme, 'r ⇒ ('σ⇩1, 'e, 's, 'β) A⇩d_scheme] ⇒ ('σ⇩0 × 'σ⇩1, 'e, 's) A⇩d› 
  where ‹combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 A⇩1 ≡ combine⇩d_Seq A⇩0 A⇩1 fst snd Pair›
definition combine⇩n⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ⇩0, 'e, 'r, 'α) A⇩n⇩d_scheme, 'r ⇒ ('σ⇩1, 'e, 's, 'β) A⇩n⇩d_scheme] ⇒ ('σ⇩0 × 'σ⇩1, 'e, 's) A⇩n⇩d› 
  where ‹combine⇩n⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 A⇩1 ≡ combine⇩n⇩d_Seq A⇩0 A⇩1 fst snd Pair›

definition combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ list, 'e, 'r, 'α) A⇩d_scheme, nat, 'r ⇒ ('σ list, 'e, 's, 'β) A⇩d_scheme] ⇒ ('σ list, 'e, 's) A⇩d› 
  where ‹combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 len⇩0 A⇩1 ≡ combine⇩d_Seq A⇩0 A⇩1 (take len⇩0) (drop len⇩0) (@)›
definition combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ list, 'e, 'r, 'α) A⇩n⇩d_scheme, nat, 'r ⇒ ('σ list, 'e, 's, 'β) A⇩n⇩d_scheme] ⇒ ('σ list, 'e, 's) A⇩n⇩d› 
  where ‹combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 len⇩0 A⇩1 ≡ combine⇩n⇩d_Seq A⇩0 A⇩1 (take len⇩0) (drop len⇩0) (@)›

definition combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ, 'e, 'r, 'α) A⇩d_scheme, 'r ⇒ ('σ list, 'e, 's, 'β) A⇩d_scheme] ⇒ ('σ list, 'e, 's) A⇩d› 
  where ‹combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 A⇩1 ≡ combine⇩d_Seq A⇩0 A⇩1 hd tl (#)›
definition combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k ::
  ‹[('σ, 'e, 'r, 'α) A⇩n⇩d_scheme, 'r ⇒ ('σ list, 'e, 's, 'β) A⇩n⇩d_scheme]  ⇒ ('σ list, 'e, 's) A⇩n⇩d› 
  where ‹combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k A⇩0 A⇩1 ≡ combine⇩n⇩d_Seq A⇩0 A⇩1 hd tl (#)›


lemmas combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs = combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_def combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_def
  and combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs = combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_def combine⇩n⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_def
  and combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k = combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_def combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_def
  and combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs = combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_def combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_def

lemmas combine_Seq_defs =
  combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs


bundle combine_Seq_syntax begin

notation combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t _⟫› [0, 0])
notation combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t _⟫› [0, 0])
notation combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r _⟫› [0, 0])
notation combine⇩n⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r _⟫› [0, 0])
notation combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩d⊗_❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L _⟫› [0, 0, 0])
notation combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩n⇩d⊗_❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L _⟫› [0, 0, 0])
notation combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t _⟫› [0, 0])
notation combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k (‹⟪_ ⇩n⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t _⟫› [0, 0])

end


unbundle combine_Seq_syntax



section ‹First Properties›

lemma ε_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k :
  ‹ε ⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫ σs = combine⇩d_Seq_ε A⇩0 A⇩1 hd (hd ∘ tl) σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t B⇩1⟫ σs = combine⇩n⇩d_Seq_ε B⇩0 B⇩1 hd (hd ∘ tl) σs›
  by (auto simp add: combine_Seq_ε_defs combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs
      ε_simps ρ_simps option.case_eq_if)

lemma ε_combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k : 
  ‹ε ⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r A⇩1⟫ σs = combine⇩d_Seq_ε A⇩0 A⇩1 fst snd σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r B⇩1⟫ σs = combine⇩n⇩d_Seq_ε B⇩0 B⇩1 fst snd σs›
  by (auto simp add: combine_Seq_ε_defs combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs
      ε_simps ρ_simps option.case_eq_if)

lemma ε_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k : 
  ‹ε ⟪A⇩0 ⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫ σs = combine⇩d_Seq_ε A⇩0 A⇩1 (take len⇩0) (drop len⇩0) σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L B⇩1⟫ σs = combine⇩n⇩d_Seq_ε B⇩0 B⇩1 (take len⇩0) (drop len⇩0) σs›
  by (auto simp add: combine_Seq_ε_defs combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k
      ε_simps ρ_simps option.case_eq_if)

lemma ε_combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k :
  ‹ε ⟪A⇩0 ⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t A⇩1⟫ σs = combine⇩d_Seq_ε A⇩0 A⇩1 hd tl σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t B⇩1⟫ σs = combine⇩n⇩d_Seq_ε B⇩0 B⇩1 hd tl σs›
  by (auto simp add: combine_Seq_ε_defs combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs
      ε_simps ρ_simps option.case_eq_if)



subsection ‹Reachability›

lemma ℛ⇩d_combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫ (s⇩0 @ s⇩1) ⊆ {t⇩0 @ t⇩1 |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
  if same_length_ℛ⇩d: ‹⋀t⇩0. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ⟹ length t⇩0 = len⇩0›
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = t⇩0 @ t⇩1 ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0› for t
  proof (induct rule: ℛ⇩d.induct)
    case init show ?case by (metis ℛ⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) same_length_ℛ⇩d obtain t⇩0 t⇩1
      where ‹σ' = t⇩0 @ t⇩1› ‹t⇩0 ∈ ℛ⇩d A⇩0 s⇩0› ‹length t⇩0 = len⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k map_option_case
          split: if_split_asm option.splits) (metis ℛ⇩d.step)
  qed
qed

lemma ℛ⇩n⇩d_combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩n⇩d ⟪A⇩0 ⇩n⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫ (s⇩0 @ s⇩1) ⊆ {t⇩0 @ t⇩1 |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
  if same_length_ℛ⇩n⇩d: ‹⋀t⇩0. t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0 ⟹ length t⇩0 = len⇩0›
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = t⇩0 @ t⇩1 ∧ t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0› for t
  proof (induct rule: ℛ⇩n⇩d.induct)
    case init show ?case by (metis ℛ⇩n⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) same_length_ℛ⇩n⇩d obtain t⇩0 t⇩1
      where ‹σ' = t⇩0 @ t⇩1› ‹t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0› ‹length t⇩0 = len⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k split: if_split_asm) (metis ℛ⇩n⇩d.step)
  qed
qed


lemma ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫ [s⇩0, s⇩1] ⊆ {[t⇩0, t⇩1] |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = [t⇩0, t⇩1] ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 › for t
  proof (induct rule: ℛ⇩d.induct)
    case init show ?case by (metis ℛ⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) obtain t⇩0 t⇩1 where ‹σ' = [t⇩0, t⇩1]› ‹t⇩0 ∈ ℛ⇩d A⇩0 s⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs map_option_case
          split: if_split_asm option.split_asm) (metis ℛ⇩d.step)
  qed
qed

lemma ℛ⇩n⇩d_combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩n⇩d ⟪A⇩0 ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫ [s⇩0, s⇩1] ⊆ {[t⇩0, t⇩1] |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = [t⇩0, t⇩1] ∧ t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0 › for t
  proof (induct rule: ℛ⇩n⇩d.induct)
    case init show ?case by (metis ℛ⇩n⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) obtain t⇩0 t⇩1 where ‹σ' = [t⇩0, t⇩1]› ‹t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs split: if_split_asm) (metis ℛ⇩n⇩d.step)
  qed
qed


lemma ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r A⇩1⟫ (s⇩0, s⇩1) ⊆ {(t⇩0, t⇩1) |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = (t⇩0, t⇩1) ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 › for t
  proof (induct rule: ℛ⇩d.induct)
    case init show ?case by (metis ℛ⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) obtain t⇩0 t⇩1 where ‹σ' = (t⇩0, t⇩1)› ‹t⇩0 ∈ ℛ⇩d A⇩0 s⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs map_option_case
          split: if_split_asm option.split_asm) (metis ℛ⇩d.step)
  qed
qed

lemma ℛ⇩n⇩d_combine⇩n⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩n⇩d ⟪A⇩0 ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r A⇩1⟫ (s⇩0, s⇩1) ⊆ {(t⇩0, t⇩1) |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = (t⇩0, t⇩1) ∧ t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0 › for t
  proof (induct rule: ℛ⇩n⇩d.induct)
    case init show ?case by (metis ℛ⇩n⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) obtain t⇩0 t⇩1 where ‹σ' = (t⇩0, t⇩1)› ‹t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs split: if_split_asm) (metis ℛ⇩n⇩d.step)
  qed
qed


lemma ℛ⇩d_combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t A⇩1⟫ (s⇩0 # s⇩1) ⊆ {t⇩0 # t⇩1 |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = t⇩0 # t⇩1 ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 › for t
  proof (induct rule: ℛ⇩d.induct)
    case init show ?case by (metis ℛ⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) obtain t⇩0 t⇩1 where ‹σ' = t⇩0 # t⇩1› ‹t⇩0 ∈ ℛ⇩d A⇩0 s⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs map_option_case
          split: if_split_asm option.split_asm) (metis ℛ⇩d.step)
  qed
qed

lemma ℛ⇩n⇩d_combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset: 
  ‹ℛ⇩n⇩d ⟪A⇩0 ⇩n⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t A⇩1⟫ (s⇩0 # s⇩1) ⊆ {t⇩0 # t⇩1 |t⇩0 t⇩1. t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0}› (is ‹?S⇩A ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = t⇩0 # t⇩1 ∧ t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0 › for t
  proof (induct rule: ℛ⇩n⇩d.induct)
    case init show ?case by (metis ℛ⇩n⇩d.init)
  next
    case (step σ' σ'' a)
    from step.hyps(2) obtain t⇩0 t⇩1 where ‹σ' = t⇩0 # t⇩1› ‹t⇩0 ∈ ℛ⇩n⇩d A⇩0 s⇩0› by blast
    with step.hyps(3) show ?case
      by (auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs split: if_split_asm) (metis ℛ⇩n⇩d.step)
  qed
qed



section ‹Normalization› 

lemma τ_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹τ ⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d⇩↪⇩n⇩d [s⇩0, s⇩1] e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫ [s⇩0, s⇩1] e›
  by (auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs det_ndet_conv_defs option.case_eq_if ε_simps ρ_simps)

lemma τ_combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹τ ⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d⇩↪⇩n⇩d (s⇩0, s⇩1) e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫ (s⇩0, s⇩1) e›
  by (auto simp add: combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs det_ndet_conv_defs option.case_eq_if ε_simps ρ_simps)

lemma τ_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹τ ⟪⟪A⇩0 ⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d⇩↪⇩n⇩d (σs⇩0 @ σs⇩1) e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫ (σs⇩0 @ σs⇩1) e›
  by (auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k det_ndet_conv_defs option.case_eq_if ε_simps ρ_simps)

lemma τ_combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹τ ⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d⇩↪⇩n⇩d (s⇩0 # σs⇩1) e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫ (s⇩0 # σs⇩1) e›
  by (auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs det_ndet_conv_defs option.case_eq_if ε_simps ρ_simps)


text ‹Behaviour of normalisations›

lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d [s⇩0, s⇩1] = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d [s⇩0, s⇩1]›
  by (fold P⇩S⇩K⇩I⇩P⇩S_nd_from_det_to_ndet_is_P⇩S⇩K⇩I⇩P⇩S_d,
      rule P⇩S⇩K⇩I⇩P⇩S_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (all ‹drule set_mp[OF ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset]›,
      auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs from_det_to_ndet_def ρ_simps split: option.split)

lemma P_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d [s⇩0, s⇩1] = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d [s⇩0, s⇩1]›
  by (fold P_nd_from_det_to_ndet_is_P_d,
      rule P_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (drule set_mp[OF ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset],
      auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs from_det_to_ndet_def ρ_simps split: option.split)


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d (s⇩0, s⇩1) = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d (s⇩0, s⇩1)›
  by (fold P⇩S⇩K⇩I⇩P⇩S_nd_from_det_to_ndet_is_P⇩S⇩K⇩I⇩P⇩S_d,
      rule P⇩S⇩K⇩I⇩P⇩S_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (all ‹drule set_mp[OF ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_subset]›,
      auto simp add: combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs from_det_to_ndet_def ρ_simps split: option.split)

lemma P_combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d (s⇩0, s⇩1) = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩P⇩a⇩i⇩r (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d (s⇩0, s⇩1)›
  by (fold P_nd_from_det_to_ndet_is_P_d,
      rule P_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (drule set_mp[OF ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_subset],
      auto simp add: combine⇩P⇩a⇩i⇩r_Seq⇩p⇩t⇩i⇩c⇩k_defs from_det_to_ndet_def ρ_simps split: option.split)


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d (s⇩0 # s⇩1) = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d (s⇩0 # s⇩1)›
  by (fold P⇩S⇩K⇩I⇩P⇩S_nd_from_det_to_ndet_is_P⇩S⇩K⇩I⇩P⇩S_d,
      rule P⇩S⇩K⇩I⇩P⇩S_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (all ‹drule set_mp[OF ℛ⇩d_combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset]›,
      auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs from_det_to_ndet_def ρ_simps split: option.split)

lemma P_combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⟪⟪A⇩0 ⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d (s⇩0 # s⇩1) = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗❙;⇩✓⇩R⇩l⇩i⇩s⇩t (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d (s⇩0 # s⇩1)›
  by (fold P_nd_from_det_to_ndet_is_P_d,
      rule P_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (drule set_mp[OF ℛ⇩d_combine⇩d⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_subset],
      auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Seq⇩p⇩t⇩i⇩c⇩k_defs from_det_to_ndet_def ρ_simps split: option.split)


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d (σs⇩0 @ σs⇩1) = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d (σs⇩0 @ σs⇩1)›
  if ‹⋀σs⇩0'. σs⇩0' ∈ ℛ⇩d A⇩0 σs⇩0 ⟹ length σs⇩0' = len⇩0›
  by (fold P⇩S⇩K⇩I⇩P⇩S_nd_from_det_to_ndet_is_P⇩S⇩K⇩I⇩P⇩S_d,
      rule P⇩S⇩K⇩I⇩P⇩S_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (all ‹drule set_mp[OF ℛ⇩d_combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_subset[OF that], rotated]›,
      auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k from_det_to_ndet_def ρ_simps split: option.split)

lemma P_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_behaviour:
  ‹P⟪⟪A⇩0 ⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d (σs⇩0 @ σs⇩1) = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗len⇩0❙;⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L (λr. ⟪A⇩1 r⟫⇩d⇩↪⇩n⇩d)⟫⟫⇩n⇩d (σs⇩0 @ σs⇩1)›
  if ‹⋀σt⇩0. σt⇩0 ∈ ℛ⇩d A⇩0 σs⇩0 ⟹ length σt⇩0 = len⇩0›
  by (fold P_nd_from_det_to_ndet_is_P_d,
      rule P_nd_eqI_strong_id, unfold ℛ⇩n⇩d_from_det_to_ndet)
    (drule set_mp[OF ℛ⇩d_combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k_subset[OF that], rotated],
      auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Seq⇩p⇩t⇩i⇩c⇩k from_det_to_ndet_def ρ_simps split: option.split)



(*<*)
end
  (*>*)