SE 500
Textual Substitution in Quantification

Gries's and Schneider's definition of textual substitution as applied to a quantification, (8.11), is incomplete. Here is a complete definition:

(*x | R : Q)[y:=E]  =  { (*x | R : Q) if 'x'='y'
(1)
(*x | R[y:=E] : Q[y:=E]) if 'x'≠'y' ∧ ¬occurs.'x'.'E' (2)
(*z | R[x:=z] : Q[x:=z])[y:=E] otherwise (3)

In the case of (3), z is is chosen to be a fresh variable satisfying 'z'≠'x' ∧ ¬occurs.'z'.'E'. To be explicit, the otherwise condition of (3) is 'x'≠'y' ∧ occurs.'x'.'E'.


Notes:

By 'x'='y' is meant that x and y are the same variable, whereas 'x'≠'y' means that they are distinct variables.

By occurs.'x'.'E' is meant that there is at least one free occurrence of x in E.


Examples

Example 1:
   (★x | 0 ≤ x ≤ r : (★y | 0 ≤ y < n: r·x + y))[r := y]

=    < (2) >

   (★x | (0 ≤ x ≤ r)[r := y] : (★y | 0 ≤ y < n : r·x + y)[r := y])

=    < textual substitution >

   (★x | 0 ≤ x ≤ y : (★y | 0 ≤ y < n : r·x + y)[r := y])

=    < (3), choosing z as new dummy >

   (★x | 0 ≤ x ≤ y : (★z | (0 ≤ y < n)[y := z] : (r·x + y)[y := z])[r := y])

=    < textual substitution (twice) >

   (★x | 0 ≤ x ≤ y : (★z | 0 ≤ z < n : r·x + z)[r := y])

=    < (2) >

   (★x | 0 ≤ x ≤ y : (★z | (0 ≤ z < n)[r := y] : (r·x + z)[r := y]))

=    < textual substitution (twice) >

   (★x | 0 ≤ x ≤ y : (★z | 0 ≤ z < n : y·x + z))

Example 2:
   (★x | 0 ≤ x ≤ y : (★y | 0 ≤ y < n : x + y))[y := s]

=    < (2) >

   (★x | (0 ≤ x ≤ y)[y := s] : (★y | 0 ≤ y < n : x + y)[y := s])

=    < textual substitution >

   (★x | 0 ≤ x ≤ s : (★y | 0 ≤ y < n : x + y)[y := s])

=    < (1) >

   (★x | 0 ≤ x ≤ s : (★y | 0 ≤ y < n : x + y))