src/ZF/ex/PropLog.ML
author lcp
Tue Aug 16 18:58:42 1994 +0200 (1994-08-16)
changeset 532 851df239ac8b
parent 515 abcc438e7c27
child 760 f0200e91b272
permissions -rw-r--r--
ZF/Makefile,ROOT.ML, ZF/ex/Integ.thy: updated for EquivClass
clasohm@0
     1
(*  Title: 	ZF/ex/prop-log.ML
clasohm@0
     2
    ID:         $Id$
clasohm@0
     3
    Author: 	Tobias Nipkow & Lawrence C Paulson
clasohm@0
     4
    Copyright   1992  University of Cambridge
clasohm@0
     5
clasohm@0
     6
For ex/prop-log.thy.  Inductive definition of propositional logic.
clasohm@0
     7
Soundness and completeness w.r.t. truth-tables.
clasohm@0
     8
clasohm@0
     9
Prove: If H|=p then G|=p where G:Fin(H)
clasohm@0
    10
*)
clasohm@0
    11
clasohm@0
    12
open PropLog;
clasohm@0
    13
clasohm@0
    14
(*** prop_rec -- by Vset recursion ***)
clasohm@0
    15
clasohm@0
    16
(** conversion rules **)
clasohm@0
    17
clasohm@0
    18
goal PropLog.thy "prop_rec(Fls,b,c,d) = b";
clasohm@0
    19
by (rtac (prop_rec_def RS def_Vrec RS trans) 1);
lcp@515
    20
by (rewrite_goals_tac prop.con_defs);
lcp@7
    21
by (simp_tac rank_ss 1);
clasohm@0
    22
val prop_rec_Fls = result();
clasohm@0
    23
clasohm@0
    24
goal PropLog.thy "prop_rec(#v,b,c,d) = c(v)";
clasohm@0
    25
by (rtac (prop_rec_def RS def_Vrec RS trans) 1);
lcp@515
    26
by (rewrite_goals_tac prop.con_defs);
lcp@7
    27
by (simp_tac rank_ss 1);
clasohm@0
    28
val prop_rec_Var = result();
clasohm@0
    29
clasohm@0
    30
goal PropLog.thy "prop_rec(p=>q,b,c,d) = \
clasohm@0
    31
\      d(p, q, prop_rec(p,b,c,d), prop_rec(q,b,c,d))";
clasohm@0
    32
by (rtac (prop_rec_def RS def_Vrec RS trans) 1);
lcp@515
    33
by (rewrite_goals_tac prop.con_defs);
lcp@7
    34
by (simp_tac rank_ss 1);
clasohm@0
    35
val prop_rec_Imp = result();
clasohm@0
    36
clasohm@0
    37
val prop_rec_ss = 
lcp@7
    38
    arith_ss addsimps [prop_rec_Fls, prop_rec_Var, prop_rec_Imp];
clasohm@0
    39
clasohm@0
    40
(*** Semantics of propositional logic ***)
clasohm@0
    41
clasohm@0
    42
(** The function is_true **)
clasohm@0
    43
clasohm@0
    44
goalw PropLog.thy [is_true_def] "is_true(Fls,t) <-> False";
lcp@7
    45
by (simp_tac (prop_rec_ss addsimps [one_not_0 RS not_sym]) 1);
clasohm@0
    46
val is_true_Fls = result();
clasohm@0
    47
clasohm@0
    48
goalw PropLog.thy [is_true_def] "is_true(#v,t) <-> v:t";
lcp@7
    49
by (simp_tac (prop_rec_ss addsimps [one_not_0 RS not_sym] 
lcp@7
    50
	      setloop (split_tac [expand_if])) 1);
clasohm@0
    51
val is_true_Var = result();
clasohm@0
    52
clasohm@0
    53
goalw PropLog.thy [is_true_def]
clasohm@0
    54
    "is_true(p=>q,t) <-> (is_true(p,t)-->is_true(q,t))";
lcp@7
    55
by (simp_tac (prop_rec_ss setloop (split_tac [expand_if])) 1);
clasohm@0
    56
val is_true_Imp = result();
clasohm@0
    57
clasohm@0
    58
(** The function hyps **)
clasohm@0
    59
clasohm@0
    60
goalw PropLog.thy [hyps_def] "hyps(Fls,t) = 0";
lcp@7
    61
by (simp_tac prop_rec_ss 1);
clasohm@0
    62
val hyps_Fls = result();
clasohm@0
    63
clasohm@0
    64
goalw PropLog.thy [hyps_def] "hyps(#v,t) = {if(v:t, #v, #v=>Fls)}";
lcp@7
    65
by (simp_tac prop_rec_ss 1);
clasohm@0
    66
val hyps_Var = result();
clasohm@0
    67
clasohm@0
    68
goalw PropLog.thy [hyps_def] "hyps(p=>q,t) = hyps(p,t) Un hyps(q,t)";
lcp@7
    69
by (simp_tac prop_rec_ss 1);
clasohm@0
    70
val hyps_Imp = result();
clasohm@0
    71
clasohm@0
    72
val prop_ss = prop_rec_ss 
lcp@515
    73
    addsimps prop.intrs
lcp@7
    74
    addsimps [is_true_Fls, is_true_Var, is_true_Imp,
lcp@7
    75
	      hyps_Fls, hyps_Var, hyps_Imp];
clasohm@0
    76
clasohm@0
    77
(*** Proof theory of propositional logic ***)
clasohm@0
    78
lcp@515
    79
goalw PropLog.thy thms.defs "!!G H. G<=H ==> thms(G) <= thms(H)";
clasohm@0
    80
by (rtac lfp_mono 1);
lcp@515
    81
by (REPEAT (rtac thms.bnd_mono 1));
clasohm@0
    82
by (REPEAT (ares_tac (univ_mono::basic_monos) 1));
clasohm@0
    83
val thms_mono = result();
clasohm@0
    84
lcp@515
    85
val thms_in_pl = thms.dom_subset RS subsetD;
clasohm@0
    86
lcp@515
    87
val ImpE = prop.mk_cases prop.con_defs "p=>q : prop";
clasohm@0
    88
lcp@515
    89
(*Stronger Modus Ponens rule: no typechecking!*)
lcp@515
    90
goal PropLog.thy "!!p q H. [| H |- p=>q;  H |- p |] ==> H |- q";
lcp@515
    91
by (rtac thms.MP 1);
clasohm@0
    92
by (REPEAT (eresolve_tac [asm_rl, thms_in_pl, thms_in_pl RS ImpE] 1));
clasohm@0
    93
val thms_MP = result();
clasohm@0
    94
clasohm@0
    95
(*Rule is called I for Identity Combinator, not for Introduction*)
lcp@515
    96
goal PropLog.thy "!!p H. p:prop ==> H |- p=>p";
lcp@515
    97
by (rtac (thms.S RS thms_MP RS thms_MP) 1);
lcp@515
    98
by (rtac thms.K 5);
lcp@515
    99
by (rtac thms.K 4);
lcp@515
   100
by (REPEAT (ares_tac prop.intrs 1));
clasohm@0
   101
val thms_I = result();
clasohm@0
   102
clasohm@0
   103
(** Weakening, left and right **)
clasohm@0
   104
clasohm@0
   105
(* [| G<=H;  G|-p |] ==> H|-p   Order of premises is convenient with RS*)
clasohm@0
   106
val weaken_left = standard (thms_mono RS subsetD);
clasohm@0
   107
clasohm@0
   108
(* H |- p ==> cons(a,H) |- p *)
clasohm@0
   109
val weaken_left_cons = subset_consI RS weaken_left;
clasohm@0
   110
clasohm@0
   111
val weaken_left_Un1  = Un_upper1 RS weaken_left;
clasohm@0
   112
val weaken_left_Un2  = Un_upper2 RS weaken_left;
clasohm@0
   113
lcp@515
   114
goal PropLog.thy "!!H p q. [| H |- q;  p:prop |] ==> H |- p=>q";
lcp@515
   115
by (rtac (thms.K RS thms_MP) 1);
clasohm@0
   116
by (REPEAT (ares_tac [thms_in_pl] 1));
clasohm@0
   117
val weaken_right = result();
clasohm@0
   118
clasohm@0
   119
(*The deduction theorem*)
lcp@515
   120
goal PropLog.thy "!!p q H. [| cons(p,H) |- q;  p:prop |] ==>  H |- p=>q";
lcp@515
   121
by (etac thms.induct 1);
lcp@515
   122
by (fast_tac (ZF_cs addIs [thms_I, thms.H RS weaken_right]) 1);
lcp@515
   123
by (fast_tac (ZF_cs addIs [thms.K RS weaken_right]) 1);
lcp@515
   124
by (fast_tac (ZF_cs addIs [thms.S RS weaken_right]) 1);
lcp@515
   125
by (fast_tac (ZF_cs addIs [thms.DN RS weaken_right]) 1);
lcp@515
   126
by (fast_tac (ZF_cs addIs [thms.S RS thms_MP RS thms_MP]) 1);
clasohm@0
   127
val deduction = result();
clasohm@0
   128
clasohm@0
   129
clasohm@0
   130
(*The cut rule*)
lcp@515
   131
goal PropLog.thy "!!H p q. [| H|-p;  cons(p,H) |- q |] ==>  H |- q";
clasohm@0
   132
by (rtac (deduction RS thms_MP) 1);
clasohm@0
   133
by (REPEAT (ares_tac [thms_in_pl] 1));
clasohm@0
   134
val cut = result();
clasohm@0
   135
lcp@515
   136
goal PropLog.thy "!!H p. [| H |- Fls; p:prop |] ==> H |- p";
lcp@515
   137
by (rtac (thms.DN RS thms_MP) 1);
clasohm@0
   138
by (rtac weaken_right 2);
lcp@515
   139
by (REPEAT (ares_tac (prop.intrs@[consI1]) 1));
clasohm@0
   140
val thms_FlsE = result();
clasohm@0
   141
clasohm@0
   142
(* [| H |- p=>Fls;  H |- p;  q: prop |] ==> H |- q *)
clasohm@0
   143
val thms_notE = standard (thms_MP RS thms_FlsE);
clasohm@0
   144
clasohm@0
   145
(*Soundness of the rules wrt truth-table semantics*)
lcp@515
   146
goalw PropLog.thy [logcon_def] "!!H. H |- p ==> H |= p";
lcp@515
   147
by (etac thms.induct 1);
clasohm@0
   148
by (fast_tac (ZF_cs addSDs [is_true_Imp RS iffD1 RS mp]) 5);
lcp@7
   149
by (ALLGOALS (asm_simp_tac prop_ss));
clasohm@0
   150
val soundness = result();
clasohm@0
   151
clasohm@0
   152
(*** Towards the completeness proof ***)
clasohm@0
   153
lcp@515
   154
val [premf,premq] = goal PropLog.thy
clasohm@0
   155
    "[| H |- p=>Fls; q: prop |] ==> H |- p=>q";
clasohm@0
   156
by (rtac (premf RS thms_in_pl RS ImpE) 1);
clasohm@0
   157
by (rtac deduction 1);
clasohm@0
   158
by (rtac (premf RS weaken_left_cons RS thms_notE) 1);
lcp@515
   159
by (REPEAT (ares_tac [premq, consI1, thms.H] 1));
clasohm@0
   160
val Fls_Imp = result();
clasohm@0
   161
lcp@515
   162
val [premp,premq] = goal PropLog.thy
clasohm@0
   163
    "[| H |- p;  H |- q=>Fls |] ==> H |- (p=>q)=>Fls";
clasohm@0
   164
by (cut_facts_tac ([premp,premq] RL [thms_in_pl]) 1);
clasohm@0
   165
by (etac ImpE 1);
clasohm@0
   166
by (rtac deduction 1);
clasohm@0
   167
by (rtac (premq RS weaken_left_cons RS thms_MP) 1);
lcp@515
   168
by (rtac (consI1 RS thms.H RS thms_MP) 1);
clasohm@0
   169
by (rtac (premp RS weaken_left_cons) 2);
lcp@515
   170
by (REPEAT (ares_tac prop.intrs 1));
clasohm@0
   171
val Imp_Fls = result();
clasohm@0
   172
clasohm@0
   173
(*Typical example of strengthening the induction formula*)
lcp@515
   174
val [major] = goal PropLog.thy 
clasohm@0
   175
    "p: prop ==> hyps(p,t) |- if(is_true(p,t), p, p=>Fls)";
clasohm@0
   176
by (rtac (expand_if RS iffD2) 1);
lcp@515
   177
by (rtac (major RS prop.induct) 1);
lcp@515
   178
by (ALLGOALS (asm_simp_tac (prop_ss addsimps [thms_I, thms.H])));
lcp@16
   179
by (safe_tac (ZF_cs addSEs [Fls_Imp RS weaken_left_Un1, 
lcp@16
   180
			    Fls_Imp RS weaken_left_Un2]));
lcp@16
   181
by (ALLGOALS (fast_tac (ZF_cs addIs [weaken_left_Un1, weaken_left_Un2, 
lcp@16
   182
				     weaken_right, Imp_Fls])));
clasohm@0
   183
val hyps_thms_if = result();
clasohm@0
   184
clasohm@0
   185
(*Key lemma for completeness; yields a set of assumptions satisfying p*)
lcp@515
   186
val [premp,sat] = goalw PropLog.thy [logcon_def]
clasohm@0
   187
    "[| p: prop;  0 |= p |] ==> hyps(p,t) |- p";
clasohm@0
   188
by (rtac (sat RS spec RS mp RS if_P RS subst) 1 THEN
clasohm@0
   189
    rtac (premp RS hyps_thms_if) 2);
clasohm@0
   190
by (fast_tac ZF_cs 1);
lcp@501
   191
val logcon_thms_p = result();
clasohm@0
   192
clasohm@0
   193
(*For proving certain theorems in our new propositional logic*)
clasohm@0
   194
val thms_cs = 
lcp@515
   195
    ZF_cs addSIs (prop.intrs @ [deduction])
lcp@515
   196
          addIs [thms_in_pl, thms.H, thms.H RS thms_MP];
clasohm@0
   197
clasohm@0
   198
(*The excluded middle in the form of an elimination rule*)
lcp@515
   199
val prems = goal PropLog.thy
clasohm@0
   200
    "[| p: prop;  q: prop |] ==> H |- (p=>q) => ((p=>Fls)=>q) => q";
clasohm@0
   201
by (rtac (deduction RS deduction) 1);
lcp@515
   202
by (rtac (thms.DN RS thms_MP) 1);
clasohm@0
   203
by (ALLGOALS (best_tac (thms_cs addSIs prems)));
clasohm@0
   204
val thms_excluded_middle = result();
clasohm@0
   205
clasohm@0
   206
(*Hard to prove directly because it requires cuts*)
lcp@515
   207
val prems = goal PropLog.thy
clasohm@0
   208
    "[| cons(p,H) |- q;  cons(p=>Fls,H) |- q;  p: prop |] ==> H |- q";
clasohm@0
   209
by (rtac (thms_excluded_middle RS thms_MP RS thms_MP) 1);
lcp@515
   210
by (REPEAT (resolve_tac (prems@prop.intrs@[deduction,thms_in_pl]) 1));
clasohm@0
   211
val thms_excluded_middle_rule = result();
clasohm@0
   212
clasohm@0
   213
(*** Completeness -- lemmas for reducing the set of assumptions ***)
clasohm@0
   214
clasohm@0
   215
(*For the case hyps(p,t)-cons(#v,Y) |- p;
clasohm@0
   216
  we also have hyps(p,t)-{#v} <= hyps(p, t-{v}) *)
lcp@515
   217
val [major] = goal PropLog.thy
clasohm@0
   218
    "p: prop ==> hyps(p, t-{v}) <= cons(#v=>Fls, hyps(p,t)-{#v})";
lcp@515
   219
by (rtac (major RS prop.induct) 1);
lcp@7
   220
by (simp_tac prop_ss 1);
lcp@7
   221
by (asm_simp_tac (prop_ss setloop (split_tac [expand_if])) 1);
lcp@515
   222
by (fast_tac (ZF_cs addSEs prop.free_SEs) 1);
lcp@7
   223
by (asm_simp_tac prop_ss 1);
clasohm@0
   224
by (fast_tac ZF_cs 1);
clasohm@0
   225
val hyps_Diff = result();
clasohm@0
   226
clasohm@0
   227
(*For the case hyps(p,t)-cons(#v => Fls,Y) |- p;
clasohm@0
   228
  we also have hyps(p,t)-{#v=>Fls} <= hyps(p, cons(v,t)) *)
lcp@515
   229
val [major] = goal PropLog.thy
clasohm@0
   230
    "p: prop ==> hyps(p, cons(v,t)) <= cons(#v, hyps(p,t)-{#v=>Fls})";
lcp@515
   231
by (rtac (major RS prop.induct) 1);
lcp@7
   232
by (simp_tac prop_ss 1);
lcp@7
   233
by (asm_simp_tac (prop_ss setloop (split_tac [expand_if])) 1);
lcp@515
   234
by (fast_tac (ZF_cs addSEs prop.free_SEs) 1);
lcp@7
   235
by (asm_simp_tac prop_ss 1);
clasohm@0
   236
by (fast_tac ZF_cs 1);
clasohm@0
   237
val hyps_cons = result();
clasohm@0
   238
clasohm@0
   239
(** Two lemmas for use with weaken_left **)
clasohm@0
   240
clasohm@0
   241
goal ZF.thy "B-C <= cons(a, B-cons(a,C))";
clasohm@0
   242
by (fast_tac ZF_cs 1);
clasohm@0
   243
val cons_Diff_same = result();
clasohm@0
   244
clasohm@0
   245
goal ZF.thy "cons(a, B-{c}) - D <= cons(a, B-cons(c,D))";
clasohm@0
   246
by (fast_tac ZF_cs 1);
clasohm@0
   247
val cons_Diff_subset2 = result();
clasohm@0
   248
clasohm@0
   249
(*The set hyps(p,t) is finite, and elements have the form #v or #v=>Fls;
clasohm@0
   250
 could probably prove the stronger hyps(p,t) : Fin(hyps(p,0) Un hyps(p,nat))*)
lcp@515
   251
val [major] = goal PropLog.thy
clasohm@0
   252
    "p: prop ==> hyps(p,t) : Fin(UN v:nat. {#v, #v=>Fls})";
lcp@515
   253
by (rtac (major RS prop.induct) 1);
lcp@515
   254
by (asm_simp_tac (prop_ss addsimps (Fin.intrs @ [UN_I, cons_iff])
lcp@7
   255
		  setloop (split_tac [expand_if])) 2);
lcp@515
   256
by (ALLGOALS (asm_simp_tac (prop_ss addsimps [Un_0, Fin.emptyI, Fin_UnI])));
clasohm@0
   257
val hyps_finite = result();
clasohm@0
   258
clasohm@0
   259
val Diff_weaken_left = subset_refl RSN (2, Diff_mono) RS weaken_left;
clasohm@0
   260
clasohm@0
   261
(*Induction on the finite set of assumptions hyps(p,t0).
clasohm@0
   262
  We may repeatedly subtract assumptions until none are left!*)
lcp@515
   263
val [premp,sat] = goal PropLog.thy
clasohm@0
   264
    "[| p: prop;  0 |= p |] ==> ALL t. hyps(p,t) - hyps(p,t0) |- p";
clasohm@0
   265
by (rtac (premp RS hyps_finite RS Fin_induct) 1);
lcp@501
   266
by (simp_tac (prop_ss addsimps [premp, sat, logcon_thms_p, Diff_0]) 1);
clasohm@0
   267
by (safe_tac ZF_cs);
clasohm@0
   268
(*Case hyps(p,t)-cons(#v,Y) |- p *)
clasohm@0
   269
by (rtac thms_excluded_middle_rule 1);
lcp@515
   270
by (etac prop.Var_I 3);
clasohm@0
   271
by (rtac (cons_Diff_same RS weaken_left) 1);
clasohm@0
   272
by (etac spec 1);
clasohm@0
   273
by (rtac (cons_Diff_subset2 RS weaken_left) 1);
clasohm@0
   274
by (rtac (premp RS hyps_Diff RS Diff_weaken_left) 1);
clasohm@0
   275
by (etac spec 1);
clasohm@0
   276
(*Case hyps(p,t)-cons(#v => Fls,Y) |- p *)
clasohm@0
   277
by (rtac thms_excluded_middle_rule 1);
lcp@515
   278
by (etac prop.Var_I 3);
clasohm@0
   279
by (rtac (cons_Diff_same RS weaken_left) 2);
clasohm@0
   280
by (etac spec 2);
clasohm@0
   281
by (rtac (cons_Diff_subset2 RS weaken_left) 1);
clasohm@0
   282
by (rtac (premp RS hyps_cons RS Diff_weaken_left) 1);
clasohm@0
   283
by (etac spec 1);
clasohm@0
   284
val completeness_0_lemma = result();
clasohm@0
   285
clasohm@0
   286
(*The base case for completeness*)
lcp@515
   287
val [premp,sat] = goal PropLog.thy "[| p: prop;  0 |= p |] ==> 0 |- p";
clasohm@0
   288
by (rtac (Diff_cancel RS subst) 1);
clasohm@0
   289
by (rtac (sat RS (premp RS completeness_0_lemma RS spec)) 1);
clasohm@0
   290
val completeness_0 = result();
clasohm@0
   291
clasohm@0
   292
(*A semantic analogue of the Deduction Theorem*)
lcp@515
   293
goalw PropLog.thy [logcon_def] "!!H p q. [| cons(p,H) |= q |] ==> H |= p=>q";
lcp@7
   294
by (simp_tac prop_ss 1);
clasohm@0
   295
by (fast_tac ZF_cs 1);
lcp@501
   296
val logcon_Imp = result();
clasohm@0
   297
lcp@515
   298
goal PropLog.thy "!!H. H: Fin(prop) ==> ALL p:prop. H |= p --> H |- p";
clasohm@0
   299
by (etac Fin_induct 1);
clasohm@0
   300
by (safe_tac (ZF_cs addSIs [completeness_0]));
clasohm@0
   301
by (rtac (weaken_left_cons RS thms_MP) 1);
lcp@515
   302
by (fast_tac (ZF_cs addSIs (logcon_Imp::prop.intrs)) 1);
clasohm@0
   303
by (fast_tac thms_cs 1);
clasohm@0
   304
val completeness_lemma = result();
clasohm@0
   305
clasohm@0
   306
val completeness = completeness_lemma RS bspec RS mp;
clasohm@0
   307
lcp@515
   308
val [finite] = goal PropLog.thy "H: Fin(prop) ==> H |- p <-> H |= p & p:prop";
clasohm@0
   309
by (fast_tac (ZF_cs addSEs [soundness, finite RS completeness, 
clasohm@0
   310
			    thms_in_pl]) 1);
clasohm@0
   311
val thms_iff = result();
clasohm@0
   312
clasohm@0
   313
writeln"Reached end of file.";