merged
authorhaftmann
Tue Mar 03 19:21:10 2009 +0100 (2009-03-03)
changeset 302282aaf339fb7c1
parent 30224 79136ce06bdb
parent 30227 853abb4853cc
child 30229 9861257b18e6
child 30243 09d5944e224e
merged
doc-src/IsarAdvanced/Classes/IsaMakefile
doc-src/IsarAdvanced/Classes/Makefile
doc-src/IsarAdvanced/Classes/Thy/Classes.thy
doc-src/IsarAdvanced/Classes/Thy/ROOT.ML
doc-src/IsarAdvanced/Classes/Thy/Setup.thy
doc-src/IsarAdvanced/Classes/Thy/document/Classes.tex
doc-src/IsarAdvanced/Classes/classes.tex
doc-src/IsarAdvanced/Classes/style.sty
doc-src/IsarAdvanced/Codegen/IsaMakefile
doc-src/IsarAdvanced/Codegen/Makefile
doc-src/IsarAdvanced/Codegen/Thy/Adaption.thy
doc-src/IsarAdvanced/Codegen/Thy/Codegen.thy
doc-src/IsarAdvanced/Codegen/Thy/Further.thy
doc-src/IsarAdvanced/Codegen/Thy/Introduction.thy
doc-src/IsarAdvanced/Codegen/Thy/ML.thy
doc-src/IsarAdvanced/Codegen/Thy/Program.thy
doc-src/IsarAdvanced/Codegen/Thy/ROOT.ML
doc-src/IsarAdvanced/Codegen/Thy/Setup.thy
doc-src/IsarAdvanced/Codegen/Thy/document/Adaption.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Codegen.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Further.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Introduction.tex
doc-src/IsarAdvanced/Codegen/Thy/document/ML.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Program.tex
doc-src/IsarAdvanced/Codegen/Thy/examples/Codegen.hs
doc-src/IsarAdvanced/Codegen/Thy/examples/Example.hs
doc-src/IsarAdvanced/Codegen/Thy/examples/arbitrary.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/bool_infix.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/bool_literal.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/bool_mlbool.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/class.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/class.ocaml
doc-src/IsarAdvanced/Codegen/Thy/examples/collect_duplicates.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/dirty_set.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/example.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/fac.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/integers.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/lexicographic.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/lookup.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/monotype.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/nat_binary.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/pick1.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/tree.ML
doc-src/IsarAdvanced/Codegen/codegen.tex
doc-src/IsarAdvanced/Codegen/codegen_process.pdf
doc-src/IsarAdvanced/Codegen/codegen_process.ps
doc-src/IsarAdvanced/Codegen/style.sty
doc-src/IsarAdvanced/Functions/IsaMakefile
doc-src/IsarAdvanced/Functions/Makefile
doc-src/IsarAdvanced/Functions/Thy/Functions.thy
doc-src/IsarAdvanced/Functions/Thy/ROOT.ML
doc-src/IsarAdvanced/Functions/Thy/document/Functions.tex
doc-src/IsarAdvanced/Functions/Thy/document/session.tex
doc-src/IsarAdvanced/Functions/conclusion.tex
doc-src/IsarAdvanced/Functions/functions.tex
doc-src/IsarAdvanced/Functions/intro.tex
doc-src/IsarAdvanced/Functions/isabelle_isar.eps
doc-src/IsarAdvanced/Functions/isabelle_isar.pdf
doc-src/IsarAdvanced/Functions/mathpartir.sty
doc-src/IsarAdvanced/Functions/style.sty
doc-src/IsarAdvanced/Makefile.in
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/doc-src/Classes/IsaMakefile	Tue Mar 03 19:21:10 2009 +0100
     1.3 @@ -0,0 +1,33 @@
     1.4 +
     1.5 +## targets
     1.6 +
     1.7 +default: Thy
     1.8 +images: 
     1.9 +test: Thy
    1.10 +
    1.11 +all: images test
    1.12 +
    1.13 +
    1.14 +## global settings
    1.15 +
    1.16 +SRC = $(ISABELLE_HOME)/src
    1.17 +OUT = $(ISABELLE_OUTPUT)
    1.18 +LOG = $(OUT)/log
    1.19 +
    1.20 +USEDIR = $(ISABELLE_TOOL) usedir -v true -i false -d false -C false -D document
    1.21 +
    1.22 +
    1.23 +## Thy
    1.24 +
    1.25 +THY = $(LOG)/HOL-Thy.gz
    1.26 +
    1.27 +Thy: $(THY)
    1.28 +
    1.29 +$(THY): Thy/ROOT.ML Thy/Setup.thy Thy/Classes.thy ../antiquote_setup.ML ../more_antiquote.ML
    1.30 +	@$(USEDIR) HOL Thy
    1.31 +
    1.32 +
    1.33 +## clean
    1.34 +
    1.35 +clean:
    1.36 +	@rm -f $(THY)
     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/doc-src/Classes/Makefile	Tue Mar 03 19:21:10 2009 +0100
     2.3 @@ -0,0 +1,35 @@
     2.4 +
     2.5 +## targets
     2.6 +
     2.7 +default: dvi
     2.8 +
     2.9 +
    2.10 +## dependencies
    2.11 +
    2.12 +include ../Makefile.in
    2.13 +
    2.14 +NAME = classes
    2.15 +
    2.16 +FILES = $(NAME).tex classes.tex Thy/document/Classes.tex \
    2.17 +  style.sty ../iman.sty ../extra.sty ../isar.sty \
    2.18 +  ../isabelle.sty ../isabellesym.sty ../pdfsetup.sty \
    2.19 +  ../manual.bib ../proof.sty
    2.20 +
    2.21 +dvi: $(NAME).dvi
    2.22 +
    2.23 +$(NAME).dvi: $(FILES) isabelle_isar.eps
    2.24 +	$(LATEX) $(NAME)
    2.25 +	$(BIBTEX) $(NAME)
    2.26 +	$(LATEX) $(NAME)
    2.27 +	$(LATEX) $(NAME)
    2.28 +
    2.29 +pdf: $(NAME).pdf
    2.30 +
    2.31 +$(NAME).pdf: $(FILES) isabelle_isar.pdf
    2.32 +	$(PDFLATEX) $(NAME)
    2.33 +	$(BIBTEX) $(NAME)
    2.34 +	$(PDFLATEX) $(NAME)
    2.35 +	$(PDFLATEX) $(NAME)
    2.36 +	$(FIXBOOKMARKS) $(NAME).out
    2.37 +	$(PDFLATEX) $(NAME)
    2.38 +	$(PDFLATEX) $(NAME)
     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/doc-src/Classes/Thy/Classes.thy	Tue Mar 03 19:21:10 2009 +0100
     3.3 @@ -0,0 +1,634 @@
     3.4 +theory Classes
     3.5 +imports Main Setup
     3.6 +begin
     3.7 +
     3.8 +section {* Introduction *}
     3.9 +
    3.10 +text {*
    3.11 +  Type classes were introduces by Wadler and Blott \cite{wadler89how}
    3.12 +  into the Haskell language, to allow for a reasonable implementation
    3.13 +  of overloading\footnote{throughout this tutorial, we are referring
    3.14 +  to classical Haskell 1.0 type classes, not considering
    3.15 +  later additions in expressiveness}.
    3.16 +  As a canonical example, a polymorphic equality function
    3.17 +  @{text "eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"} which is overloaded on different
    3.18 +  types for @{text "\<alpha>"}, which is achieved by splitting introduction
    3.19 +  of the @{text eq} function from its overloaded definitions by means
    3.20 +  of @{text class} and @{text instance} declarations:
    3.21 +  \footnote{syntax here is a kind of isabellized Haskell}
    3.22 +
    3.23 +  \begin{quote}
    3.24 +
    3.25 +  \noindent@{text "class eq where"} \\
    3.26 +  \hspace*{2ex}@{text "eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"}
    3.27 +
    3.28 +  \medskip\noindent@{text "instance nat \<Colon> eq where"} \\
    3.29 +  \hspace*{2ex}@{text "eq 0 0 = True"} \\
    3.30 +  \hspace*{2ex}@{text "eq 0 _ = False"} \\
    3.31 +  \hspace*{2ex}@{text "eq _ 0 = False"} \\
    3.32 +  \hspace*{2ex}@{text "eq (Suc n) (Suc m) = eq n m"}
    3.33 +
    3.34 +  \medskip\noindent@{text "instance (\<alpha>\<Colon>eq, \<beta>\<Colon>eq) pair \<Colon> eq where"} \\
    3.35 +  \hspace*{2ex}@{text "eq (x1, y1) (x2, y2) = eq x1 x2 \<and> eq y1 y2"}
    3.36 +
    3.37 +  \medskip\noindent@{text "class ord extends eq where"} \\
    3.38 +  \hspace*{2ex}@{text "less_eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"} \\
    3.39 +  \hspace*{2ex}@{text "less \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"}
    3.40 +
    3.41 +  \end{quote}
    3.42 +
    3.43 +  \noindent Type variables are annotated with (finitely many) classes;
    3.44 +  these annotations are assertions that a particular polymorphic type
    3.45 +  provides definitions for overloaded functions.
    3.46 +
    3.47 +  Indeed, type classes not only allow for simple overloading
    3.48 +  but form a generic calculus, an instance of order-sorted
    3.49 +  algebra \cite{Nipkow-Prehofer:1993,nipkow-sorts93,Wenzel:1997:TPHOL}.
    3.50 +
    3.51 +  From a software engeneering point of view, type classes
    3.52 +  roughly correspond to interfaces in object-oriented languages like Java;
    3.53 +  so, it is naturally desirable that type classes do not only
    3.54 +  provide functions (class parameters) but also state specifications
    3.55 +  implementations must obey.  For example, the @{text "class eq"}
    3.56 +  above could be given the following specification, demanding that
    3.57 +  @{text "class eq"} is an equivalence relation obeying reflexivity,
    3.58 +  symmetry and transitivity:
    3.59 +
    3.60 +  \begin{quote}
    3.61 +
    3.62 +  \noindent@{text "class eq where"} \\
    3.63 +  \hspace*{2ex}@{text "eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"} \\
    3.64 +  @{text "satisfying"} \\
    3.65 +  \hspace*{2ex}@{text "refl: eq x x"} \\
    3.66 +  \hspace*{2ex}@{text "sym: eq x y \<longleftrightarrow> eq x y"} \\
    3.67 +  \hspace*{2ex}@{text "trans: eq x y \<and> eq y z \<longrightarrow> eq x z"}
    3.68 +
    3.69 +  \end{quote}
    3.70 +
    3.71 +  \noindent From a theoretic point of view, type classes are lightweight
    3.72 +  modules; Haskell type classes may be emulated by
    3.73 +  SML functors \cite{classes_modules}. 
    3.74 +  Isabelle/Isar offers a discipline of type classes which brings
    3.75 +  all those aspects together:
    3.76 +
    3.77 +  \begin{enumerate}
    3.78 +    \item specifying abstract parameters together with
    3.79 +       corresponding specifications,
    3.80 +    \item instantiating those abstract parameters by a particular
    3.81 +       type
    3.82 +    \item in connection with a ``less ad-hoc'' approach to overloading,
    3.83 +    \item with a direct link to the Isabelle module system
    3.84 +      (aka locales \cite{kammueller-locales}).
    3.85 +  \end{enumerate}
    3.86 +
    3.87 +  \noindent Isar type classes also directly support code generation
    3.88 +  in a Haskell like fashion.
    3.89 +
    3.90 +  This tutorial demonstrates common elements of structured specifications
    3.91 +  and abstract reasoning with type classes by the algebraic hierarchy of
    3.92 +  semigroups, monoids and groups.  Our background theory is that of
    3.93 +  Isabelle/HOL \cite{isa-tutorial}, for which some
    3.94 +  familiarity is assumed.
    3.95 +
    3.96 +  Here we merely present the look-and-feel for end users.
    3.97 +  Internally, those are mapped to more primitive Isabelle concepts.
    3.98 +  See \cite{Haftmann-Wenzel:2006:classes} for more detail.
    3.99 +*}
   3.100 +
   3.101 +section {* A simple algebra example \label{sec:example} *}
   3.102 +
   3.103 +subsection {* Class definition *}
   3.104 +
   3.105 +text {*
   3.106 +  Depending on an arbitrary type @{text "\<alpha>"}, class @{text
   3.107 +  "semigroup"} introduces a binary operator @{text "(\<otimes>)"} that is
   3.108 +  assumed to be associative:
   3.109 +*}
   3.110 +
   3.111 +class %quote semigroup =
   3.112 +  fixes mult :: "\<alpha> \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>"    (infixl "\<otimes>" 70)
   3.113 +  assumes assoc: "(x \<otimes> y) \<otimes> z = x \<otimes> (y \<otimes> z)"
   3.114 +
   3.115 +text {*
   3.116 +  \noindent This @{command class} specification consists of two
   3.117 +  parts: the \qn{operational} part names the class parameter
   3.118 +  (@{element "fixes"}), the \qn{logical} part specifies properties on them
   3.119 +  (@{element "assumes"}).  The local @{element "fixes"} and
   3.120 +  @{element "assumes"} are lifted to the theory toplevel,
   3.121 +  yielding the global
   3.122 +  parameter @{term [source] "mult \<Colon> \<alpha>\<Colon>semigroup \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>"} and the
   3.123 +  global theorem @{fact "semigroup.assoc:"}~@{prop [source] "\<And>x y
   3.124 +  z \<Colon> \<alpha>\<Colon>semigroup. (x \<otimes> y) \<otimes> z = x \<otimes> (y \<otimes> z)"}.
   3.125 +*}
   3.126 +
   3.127 +
   3.128 +subsection {* Class instantiation \label{sec:class_inst} *}
   3.129 +
   3.130 +text {*
   3.131 +  The concrete type @{typ int} is made a @{class semigroup}
   3.132 +  instance by providing a suitable definition for the class parameter
   3.133 +  @{text "(\<otimes>)"} and a proof for the specification of @{fact assoc}.
   3.134 +  This is accomplished by the @{command instantiation} target:
   3.135 +*}
   3.136 +
   3.137 +instantiation %quote int :: semigroup
   3.138 +begin
   3.139 +
   3.140 +definition %quote
   3.141 +  mult_int_def: "i \<otimes> j = i + (j\<Colon>int)"
   3.142 +
   3.143 +instance %quote proof
   3.144 +  fix i j k :: int have "(i + j) + k = i + (j + k)" by simp
   3.145 +  then show "(i \<otimes> j) \<otimes> k = i \<otimes> (j \<otimes> k)"
   3.146 +    unfolding mult_int_def .
   3.147 +qed
   3.148 +
   3.149 +end %quote
   3.150 +
   3.151 +text {*
   3.152 +  \noindent @{command instantiation} allows to define class parameters
   3.153 +  at a particular instance using common specification tools (here,
   3.154 +  @{command definition}).  The concluding @{command instance}
   3.155 +  opens a proof that the given parameters actually conform
   3.156 +  to the class specification.  Note that the first proof step
   3.157 +  is the @{method default} method,
   3.158 +  which for such instance proofs maps to the @{method intro_classes} method.
   3.159 +  This boils down an instance judgement to the relevant primitive
   3.160 +  proof goals and should conveniently always be the first method applied
   3.161 +  in an instantiation proof.
   3.162 +
   3.163 +  From now on, the type-checker will consider @{typ int}
   3.164 +  as a @{class semigroup} automatically, i.e.\ any general results
   3.165 +  are immediately available on concrete instances.
   3.166 +
   3.167 +  \medskip Another instance of @{class semigroup} are the natural numbers:
   3.168 +*}
   3.169 +
   3.170 +instantiation %quote nat :: semigroup
   3.171 +begin
   3.172 +
   3.173 +primrec %quote mult_nat where
   3.174 +  "(0\<Colon>nat) \<otimes> n = n"
   3.175 +  | "Suc m \<otimes> n = Suc (m \<otimes> n)"
   3.176 +
   3.177 +instance %quote proof
   3.178 +  fix m n q :: nat 
   3.179 +  show "m \<otimes> n \<otimes> q = m \<otimes> (n \<otimes> q)"
   3.180 +    by (induct m) auto
   3.181 +qed
   3.182 +
   3.183 +end %quote
   3.184 +
   3.185 +text {*
   3.186 +  \noindent Note the occurence of the name @{text mult_nat}
   3.187 +  in the primrec declaration;  by default, the local name of
   3.188 +  a class operation @{text f} to instantiate on type constructor
   3.189 +  @{text \<kappa>} are mangled as @{text f_\<kappa>}.  In case of uncertainty,
   3.190 +  these names may be inspected using the @{command "print_context"} command
   3.191 +  or the corresponding ProofGeneral button.
   3.192 +*}
   3.193 +
   3.194 +subsection {* Lifting and parametric types *}
   3.195 +
   3.196 +text {*
   3.197 +  Overloaded definitions giving on class instantiation
   3.198 +  may include recursion over the syntactic structure of types.
   3.199 +  As a canonical example, we model product semigroups
   3.200 +  using our simple algebra:
   3.201 +*}
   3.202 +
   3.203 +instantiation %quote * :: (semigroup, semigroup) semigroup
   3.204 +begin
   3.205 +
   3.206 +definition %quote
   3.207 +  mult_prod_def: "p\<^isub>1 \<otimes> p\<^isub>2 = (fst p\<^isub>1 \<otimes> fst p\<^isub>2, snd p\<^isub>1 \<otimes> snd p\<^isub>2)"
   3.208 +
   3.209 +instance %quote proof
   3.210 +  fix p\<^isub>1 p\<^isub>2 p\<^isub>3 :: "\<alpha>\<Colon>semigroup \<times> \<beta>\<Colon>semigroup"
   3.211 +  show "p\<^isub>1 \<otimes> p\<^isub>2 \<otimes> p\<^isub>3 = p\<^isub>1 \<otimes> (p\<^isub>2 \<otimes> p\<^isub>3)"
   3.212 +    unfolding mult_prod_def by (simp add: assoc)
   3.213 +qed      
   3.214 +
   3.215 +end %quote
   3.216 +
   3.217 +text {*
   3.218 +  \noindent Associativity from product semigroups is
   3.219 +  established using
   3.220 +  the definition of @{text "(\<otimes>)"} on products and the hypothetical
   3.221 +  associativity of the type components;  these hypotheses
   3.222 +  are facts due to the @{class semigroup} constraints imposed
   3.223 +  on the type components by the @{command instance} proposition.
   3.224 +  Indeed, this pattern often occurs with parametric types
   3.225 +  and type classes.
   3.226 +*}
   3.227 +
   3.228 +
   3.229 +subsection {* Subclassing *}
   3.230 +
   3.231 +text {*
   3.232 +  We define a subclass @{text monoidl} (a semigroup with a left-hand neutral)
   3.233 +  by extending @{class semigroup}
   3.234 +  with one additional parameter @{text neutral} together
   3.235 +  with its property:
   3.236 +*}
   3.237 +
   3.238 +class %quote monoidl = semigroup +
   3.239 +  fixes neutral :: "\<alpha>" ("\<one>")
   3.240 +  assumes neutl: "\<one> \<otimes> x = x"
   3.241 +
   3.242 +text {*
   3.243 +  \noindent Again, we prove some instances, by
   3.244 +  providing suitable parameter definitions and proofs for the
   3.245 +  additional specifications.  Observe that instantiations
   3.246 +  for types with the same arity may be simultaneous:
   3.247 +*}
   3.248 +
   3.249 +instantiation %quote nat and int :: monoidl
   3.250 +begin
   3.251 +
   3.252 +definition %quote
   3.253 +  neutral_nat_def: "\<one> = (0\<Colon>nat)"
   3.254 +
   3.255 +definition %quote
   3.256 +  neutral_int_def: "\<one> = (0\<Colon>int)"
   3.257 +
   3.258 +instance %quote proof
   3.259 +  fix n :: nat
   3.260 +  show "\<one> \<otimes> n = n"
   3.261 +    unfolding neutral_nat_def by simp
   3.262 +next
   3.263 +  fix k :: int
   3.264 +  show "\<one> \<otimes> k = k"
   3.265 +    unfolding neutral_int_def mult_int_def by simp
   3.266 +qed
   3.267 +
   3.268 +end %quote
   3.269 +
   3.270 +instantiation %quote * :: (monoidl, monoidl) monoidl
   3.271 +begin
   3.272 +
   3.273 +definition %quote
   3.274 +  neutral_prod_def: "\<one> = (\<one>, \<one>)"
   3.275 +
   3.276 +instance %quote proof
   3.277 +  fix p :: "\<alpha>\<Colon>monoidl \<times> \<beta>\<Colon>monoidl"
   3.278 +  show "\<one> \<otimes> p = p"
   3.279 +    unfolding neutral_prod_def mult_prod_def by (simp add: neutl)
   3.280 +qed
   3.281 +
   3.282 +end %quote
   3.283 +
   3.284 +text {*
   3.285 +  \noindent Fully-fledged monoids are modelled by another subclass
   3.286 +  which does not add new parameters but tightens the specification:
   3.287 +*}
   3.288 +
   3.289 +class %quote monoid = monoidl +
   3.290 +  assumes neutr: "x \<otimes> \<one> = x"
   3.291 +
   3.292 +instantiation %quote nat and int :: monoid 
   3.293 +begin
   3.294 +
   3.295 +instance %quote proof
   3.296 +  fix n :: nat
   3.297 +  show "n \<otimes> \<one> = n"
   3.298 +    unfolding neutral_nat_def by (induct n) simp_all
   3.299 +next
   3.300 +  fix k :: int
   3.301 +  show "k \<otimes> \<one> = k"
   3.302 +    unfolding neutral_int_def mult_int_def by simp
   3.303 +qed
   3.304 +
   3.305 +end %quote
   3.306 +
   3.307 +instantiation %quote * :: (monoid, monoid) monoid
   3.308 +begin
   3.309 +
   3.310 +instance %quote proof 
   3.311 +  fix p :: "\<alpha>\<Colon>monoid \<times> \<beta>\<Colon>monoid"
   3.312 +  show "p \<otimes> \<one> = p"
   3.313 +    unfolding neutral_prod_def mult_prod_def by (simp add: neutr)
   3.314 +qed
   3.315 +
   3.316 +end %quote
   3.317 +
   3.318 +text {*
   3.319 +  \noindent To finish our small algebra example, we add a @{text group} class
   3.320 +  with a corresponding instance:
   3.321 +*}
   3.322 +
   3.323 +class %quote group = monoidl +
   3.324 +  fixes inverse :: "\<alpha> \<Rightarrow> \<alpha>"    ("(_\<div>)" [1000] 999)
   3.325 +  assumes invl: "x\<div> \<otimes> x = \<one>"
   3.326 +
   3.327 +instantiation %quote int :: group
   3.328 +begin
   3.329 +
   3.330 +definition %quote
   3.331 +  inverse_int_def: "i\<div> = - (i\<Colon>int)"
   3.332 +
   3.333 +instance %quote proof
   3.334 +  fix i :: int
   3.335 +  have "-i + i = 0" by simp
   3.336 +  then show "i\<div> \<otimes> i = \<one>"
   3.337 +    unfolding mult_int_def neutral_int_def inverse_int_def .
   3.338 +qed
   3.339 +
   3.340 +end %quote
   3.341 +
   3.342 +
   3.343 +section {* Type classes as locales *}
   3.344 +
   3.345 +subsection {* A look behind the scene *}
   3.346 +
   3.347 +text {*
   3.348 +  The example above gives an impression how Isar type classes work
   3.349 +  in practice.  As stated in the introduction, classes also provide
   3.350 +  a link to Isar's locale system.  Indeed, the logical core of a class
   3.351 +  is nothing else than a locale:
   3.352 +*}
   3.353 +
   3.354 +class %quote idem =
   3.355 +  fixes f :: "\<alpha> \<Rightarrow> \<alpha>"
   3.356 +  assumes idem: "f (f x) = f x"
   3.357 +
   3.358 +text {*
   3.359 +  \noindent essentially introduces the locale
   3.360 +*} (*<*)setup %invisible {* Sign.add_path "foo" *}
   3.361 +(*>*)
   3.362 +locale %quote idem =
   3.363 +  fixes f :: "\<alpha> \<Rightarrow> \<alpha>"
   3.364 +  assumes idem: "f (f x) = f x"
   3.365 +
   3.366 +text {* \noindent together with corresponding constant(s): *}
   3.367 +
   3.368 +consts %quote f :: "\<alpha> \<Rightarrow> \<alpha>"
   3.369 +
   3.370 +text {*
   3.371 +  \noindent The connection to the type system is done by means
   3.372 +  of a primitive axclass
   3.373 +*} (*<*)setup %invisible {* Sign.add_path "foo" *}
   3.374 +(*>*)
   3.375 +axclass %quote idem < type
   3.376 +  idem: "f (f x) = f x" (*<*)setup %invisible {* Sign.parent_path *}(*>*)
   3.377 +
   3.378 +text {* \noindent together with a corresponding interpretation: *}
   3.379 +
   3.380 +interpretation %quote idem_class:
   3.381 +  idem "f \<Colon> (\<alpha>\<Colon>idem) \<Rightarrow> \<alpha>"
   3.382 +proof qed (rule idem)
   3.383 +
   3.384 +text {*
   3.385 +  \noindent This gives you at hand the full power of the Isabelle module system;
   3.386 +  conclusions in locale @{text idem} are implicitly propagated
   3.387 +  to class @{text idem}.
   3.388 +*} (*<*)setup %invisible {* Sign.parent_path *}
   3.389 +(*>*)
   3.390 +subsection {* Abstract reasoning *}
   3.391 +
   3.392 +text {*
   3.393 +  Isabelle locales enable reasoning at a general level, while results
   3.394 +  are implicitly transferred to all instances.  For example, we can
   3.395 +  now establish the @{text "left_cancel"} lemma for groups, which
   3.396 +  states that the function @{text "(x \<otimes>)"} is injective:
   3.397 +*}
   3.398 +
   3.399 +lemma %quote (in group) left_cancel: "x \<otimes> y = x \<otimes> z \<longleftrightarrow> y = z"
   3.400 +proof
   3.401 +  assume "x \<otimes> y = x \<otimes> z"
   3.402 +  then have "x\<div> \<otimes> (x \<otimes> y) = x\<div> \<otimes> (x \<otimes> z)" by simp
   3.403 +  then have "(x\<div> \<otimes> x) \<otimes> y = (x\<div> \<otimes> x) \<otimes> z" using assoc by simp
   3.404 +  then show "y = z" using neutl and invl by simp
   3.405 +next
   3.406 +  assume "y = z"
   3.407 +  then show "x \<otimes> y = x \<otimes> z" by simp
   3.408 +qed
   3.409 +
   3.410 +text {*
   3.411 +  \noindent Here the \qt{@{keyword "in"} @{class group}} target specification
   3.412 +  indicates that the result is recorded within that context for later
   3.413 +  use.  This local theorem is also lifted to the global one @{fact
   3.414 +  "group.left_cancel:"} @{prop [source] "\<And>x y z \<Colon> \<alpha>\<Colon>group. x \<otimes> y = x \<otimes>
   3.415 +  z \<longleftrightarrow> y = z"}.  Since type @{text "int"} has been made an instance of
   3.416 +  @{text "group"} before, we may refer to that fact as well: @{prop
   3.417 +  [source] "\<And>x y z \<Colon> int. x \<otimes> y = x \<otimes> z \<longleftrightarrow> y = z"}.
   3.418 +*}
   3.419 +
   3.420 +
   3.421 +subsection {* Derived definitions *}
   3.422 +
   3.423 +text {*
   3.424 +  Isabelle locales support a concept of local definitions
   3.425 +  in locales:
   3.426 +*}
   3.427 +
   3.428 +primrec %quote (in monoid) pow_nat :: "nat \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>" where
   3.429 +  "pow_nat 0 x = \<one>"
   3.430 +  | "pow_nat (Suc n) x = x \<otimes> pow_nat n x"
   3.431 +
   3.432 +text {*
   3.433 +  \noindent If the locale @{text group} is also a class, this local
   3.434 +  definition is propagated onto a global definition of
   3.435 +  @{term [source] "pow_nat \<Colon> nat \<Rightarrow> \<alpha>\<Colon>monoid \<Rightarrow> \<alpha>\<Colon>monoid"}
   3.436 +  with corresponding theorems
   3.437 +
   3.438 +  @{thm pow_nat.simps [no_vars]}.
   3.439 +
   3.440 +  \noindent As you can see from this example, for local
   3.441 +  definitions you may use any specification tool
   3.442 +  which works together with locales (e.g. \cite{krauss2006}).
   3.443 +*}
   3.444 +
   3.445 +
   3.446 +subsection {* A functor analogy *}
   3.447 +
   3.448 +text {*
   3.449 +  We introduced Isar classes by analogy to type classes
   3.450 +  functional programming;  if we reconsider this in the
   3.451 +  context of what has been said about type classes and locales,
   3.452 +  we can drive this analogy further by stating that type
   3.453 +  classes essentially correspond to functors which have
   3.454 +  a canonical interpretation as type classes.
   3.455 +  Anyway, there is also the possibility of other interpretations.
   3.456 +  For example, also @{text list}s form a monoid with
   3.457 +  @{text append} and @{term "[]"} as operations, but it
   3.458 +  seems inappropriate to apply to lists
   3.459 +  the same operations as for genuinely algebraic types.
   3.460 +  In such a case, we simply can do a particular interpretation
   3.461 +  of monoids for lists:
   3.462 +*}
   3.463 +
   3.464 +interpretation %quote list_monoid!: monoid append "[]"
   3.465 +  proof qed auto
   3.466 +
   3.467 +text {*
   3.468 +  \noindent This enables us to apply facts on monoids
   3.469 +  to lists, e.g. @{thm list_monoid.neutl [no_vars]}.
   3.470 +
   3.471 +  When using this interpretation pattern, it may also
   3.472 +  be appropriate to map derived definitions accordingly:
   3.473 +*}
   3.474 +
   3.475 +primrec %quote replicate :: "nat \<Rightarrow> \<alpha> list \<Rightarrow> \<alpha> list" where
   3.476 +  "replicate 0 _ = []"
   3.477 +  | "replicate (Suc n) xs = xs @ replicate n xs"
   3.478 +
   3.479 +interpretation %quote list_monoid!: monoid append "[]" where
   3.480 +  "monoid.pow_nat append [] = replicate"
   3.481 +proof -
   3.482 +  interpret monoid append "[]" ..
   3.483 +  show "monoid.pow_nat append [] = replicate"
   3.484 +  proof
   3.485 +    fix n
   3.486 +    show "monoid.pow_nat append [] n = replicate n"
   3.487 +      by (induct n) auto
   3.488 +  qed
   3.489 +qed intro_locales
   3.490 +
   3.491 +
   3.492 +subsection {* Additional subclass relations *}
   3.493 +
   3.494 +text {*
   3.495 +  Any @{text "group"} is also a @{text "monoid"};  this
   3.496 +  can be made explicit by claiming an additional
   3.497 +  subclass relation,
   3.498 +  together with a proof of the logical difference:
   3.499 +*}
   3.500 +
   3.501 +subclass %quote (in group) monoid
   3.502 +proof
   3.503 +  fix x
   3.504 +  from invl have "x\<div> \<otimes> x = \<one>" by simp
   3.505 +  with assoc [symmetric] neutl invl have "x\<div> \<otimes> (x \<otimes> \<one>) = x\<div> \<otimes> x" by simp
   3.506 +  with left_cancel show "x \<otimes> \<one> = x" by simp
   3.507 +qed
   3.508 +
   3.509 +text {*
   3.510 +  The logical proof is carried out on the locale level.
   3.511 +  Afterwards it is propagated
   3.512 +  to the type system, making @{text group} an instance of
   3.513 +  @{text monoid} by adding an additional edge
   3.514 +  to the graph of subclass relations
   3.515 +  (cf.\ \figref{fig:subclass}).
   3.516 +
   3.517 +  \begin{figure}[htbp]
   3.518 +   \begin{center}
   3.519 +     \small
   3.520 +     \unitlength 0.6mm
   3.521 +     \begin{picture}(40,60)(0,0)
   3.522 +       \put(20,60){\makebox(0,0){@{text semigroup}}}
   3.523 +       \put(20,40){\makebox(0,0){@{text monoidl}}}
   3.524 +       \put(00,20){\makebox(0,0){@{text monoid}}}
   3.525 +       \put(40,00){\makebox(0,0){@{text group}}}
   3.526 +       \put(20,55){\vector(0,-1){10}}
   3.527 +       \put(15,35){\vector(-1,-1){10}}
   3.528 +       \put(25,35){\vector(1,-3){10}}
   3.529 +     \end{picture}
   3.530 +     \hspace{8em}
   3.531 +     \begin{picture}(40,60)(0,0)
   3.532 +       \put(20,60){\makebox(0,0){@{text semigroup}}}
   3.533 +       \put(20,40){\makebox(0,0){@{text monoidl}}}
   3.534 +       \put(00,20){\makebox(0,0){@{text monoid}}}
   3.535 +       \put(40,00){\makebox(0,0){@{text group}}}
   3.536 +       \put(20,55){\vector(0,-1){10}}
   3.537 +       \put(15,35){\vector(-1,-1){10}}
   3.538 +       \put(05,15){\vector(3,-1){30}}
   3.539 +     \end{picture}
   3.540 +     \caption{Subclass relationship of monoids and groups:
   3.541 +        before and after establishing the relationship
   3.542 +        @{text "group \<subseteq> monoid"};  transitive edges are left out.}
   3.543 +     \label{fig:subclass}
   3.544 +   \end{center}
   3.545 +  \end{figure}
   3.546 +
   3.547 +  For illustration, a derived definition
   3.548 +  in @{text group} which uses @{text pow_nat}:
   3.549 +*}
   3.550 +
   3.551 +definition %quote (in group) pow_int :: "int \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>" where
   3.552 +  "pow_int k x = (if k >= 0
   3.553 +    then pow_nat (nat k) x
   3.554 +    else (pow_nat (nat (- k)) x)\<div>)"
   3.555 +
   3.556 +text {*
   3.557 +  \noindent yields the global definition of
   3.558 +  @{term [source] "pow_int \<Colon> int \<Rightarrow> \<alpha>\<Colon>group \<Rightarrow> \<alpha>\<Colon>group"}
   3.559 +  with the corresponding theorem @{thm pow_int_def [no_vars]}.
   3.560 +*}
   3.561 +
   3.562 +subsection {* A note on syntax *}
   3.563 +
   3.564 +text {*
   3.565 +  As a commodity, class context syntax allows to refer
   3.566 +  to local class operations and their global counterparts
   3.567 +  uniformly;  type inference resolves ambiguities.  For example:
   3.568 +*}
   3.569 +
   3.570 +context %quote semigroup
   3.571 +begin
   3.572 +
   3.573 +term %quote "x \<otimes> y" -- {* example 1 *}
   3.574 +term %quote "(x\<Colon>nat) \<otimes> y" -- {* example 2 *}
   3.575 +
   3.576 +end  %quote
   3.577 +
   3.578 +term %quote "x \<otimes> y" -- {* example 3 *}
   3.579 +
   3.580 +text {*
   3.581 +  \noindent Here in example 1, the term refers to the local class operation
   3.582 +  @{text "mult [\<alpha>]"}, whereas in example 2 the type constraint
   3.583 +  enforces the global class operation @{text "mult [nat]"}.
   3.584 +  In the global context in example 3, the reference is
   3.585 +  to the polymorphic global class operation @{text "mult [?\<alpha> \<Colon> semigroup]"}.
   3.586 +*}
   3.587 +
   3.588 +section {* Further issues *}
   3.589 +
   3.590 +subsection {* Type classes and code generation *}
   3.591 +
   3.592 +text {*
   3.593 +  Turning back to the first motivation for type classes,
   3.594 +  namely overloading, it is obvious that overloading
   3.595 +  stemming from @{command class} statements and
   3.596 +  @{command instantiation}
   3.597 +  targets naturally maps to Haskell type classes.
   3.598 +  The code generator framework \cite{isabelle-codegen} 
   3.599 +  takes this into account.  Concerning target languages
   3.600 +  lacking type classes (e.g.~SML), type classes
   3.601 +  are implemented by explicit dictionary construction.
   3.602 +  As example, let's go back to the power function:
   3.603 +*}
   3.604 +
   3.605 +definition %quote example :: int where
   3.606 +  "example = pow_int 10 (-2)"
   3.607 +
   3.608 +text {*
   3.609 +  \noindent This maps to Haskell as:
   3.610 +*}
   3.611 +
   3.612 +text %quote {*@{code_stmts example (Haskell)}*}
   3.613 +
   3.614 +text {*
   3.615 +  \noindent The whole code in SML with explicit dictionary passing:
   3.616 +*}
   3.617 +
   3.618 +text %quote {*@{code_stmts example (SML)}*}
   3.619 +
   3.620 +subsection {* Inspecting the type class universe *}
   3.621 +
   3.622 +text {*
   3.623 +  To facilitate orientation in complex subclass structures,
   3.624 +  two diagnostics commands are provided:
   3.625 +
   3.626 +  \begin{description}
   3.627 +
   3.628 +    \item[@{command "print_classes"}] print a list of all classes
   3.629 +      together with associated operations etc.
   3.630 +
   3.631 +    \item[@{command "class_deps"}] visualizes the subclass relation
   3.632 +      between all classes as a Hasse diagram.
   3.633 +
   3.634 +  \end{description}
   3.635 +*}
   3.636 +
   3.637 +end
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/doc-src/Classes/Thy/ROOT.ML	Tue Mar 03 19:21:10 2009 +0100
     4.3 @@ -0,0 +1,6 @@
     4.4 +
     4.5 +(* $Id$ *)
     4.6 +
     4.7 +no_document use_thy "Setup";
     4.8 +
     4.9 +use_thy "Classes";
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/doc-src/Classes/Thy/Setup.thy	Tue Mar 03 19:21:10 2009 +0100
     5.3 @@ -0,0 +1,34 @@
     5.4 +theory Setup
     5.5 +imports Main Code_Integer
     5.6 +uses
     5.7 +  "../../antiquote_setup"
     5.8 +  "../../more_antiquote"
     5.9 +begin
    5.10 +
    5.11 +ML {* Code_Target.code_width := 74 *}
    5.12 +
    5.13 +syntax
    5.14 +  "_alpha" :: "type"  ("\<alpha>")
    5.15 +  "_alpha_ofsort" :: "sort \<Rightarrow> type"  ("\<alpha>()\<Colon>_" [0] 1000)
    5.16 +  "_beta" :: "type"  ("\<beta>")
    5.17 +  "_beta_ofsort" :: "sort \<Rightarrow> type"  ("\<beta>()\<Colon>_" [0] 1000)
    5.18 +
    5.19 +parse_ast_translation {*
    5.20 +  let
    5.21 +    fun alpha_ast_tr [] = Syntax.Variable "'a"
    5.22 +      | alpha_ast_tr asts = raise Syntax.AST ("alpha_ast_tr", asts);
    5.23 +    fun alpha_ofsort_ast_tr [ast] =
    5.24 +      Syntax.Appl [Syntax.Constant "_ofsort", Syntax.Variable "'a", ast]
    5.25 +      | alpha_ofsort_ast_tr asts = raise Syntax.AST ("alpha_ast_tr", asts);
    5.26 +    fun beta_ast_tr [] = Syntax.Variable "'b"
    5.27 +      | beta_ast_tr asts = raise Syntax.AST ("beta_ast_tr", asts);
    5.28 +    fun beta_ofsort_ast_tr [ast] =
    5.29 +      Syntax.Appl [Syntax.Constant "_ofsort", Syntax.Variable "'b", ast]
    5.30 +      | beta_ofsort_ast_tr asts = raise Syntax.AST ("beta_ast_tr", asts);
    5.31 +  in [
    5.32 +    ("_alpha", alpha_ast_tr), ("_alpha_ofsort", alpha_ofsort_ast_tr),
    5.33 +    ("_beta", beta_ast_tr), ("_beta_ofsort", beta_ofsort_ast_tr)
    5.34 +  ] end
    5.35 +*}
    5.36 +
    5.37 +end
    5.38 \ No newline at end of file
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/doc-src/Classes/Thy/document/Classes.tex	Tue Mar 03 19:21:10 2009 +0100
     6.3 @@ -0,0 +1,1335 @@
     6.4 +%
     6.5 +\begin{isabellebody}%
     6.6 +\def\isabellecontext{Classes}%
     6.7 +%
     6.8 +\isadelimtheory
     6.9 +%
    6.10 +\endisadelimtheory
    6.11 +%
    6.12 +\isatagtheory
    6.13 +\isacommand{theory}\isamarkupfalse%
    6.14 +\ Classes\isanewline
    6.15 +\isakeyword{imports}\ Main\ Setup\isanewline
    6.16 +\isakeyword{begin}%
    6.17 +\endisatagtheory
    6.18 +{\isafoldtheory}%
    6.19 +%
    6.20 +\isadelimtheory
    6.21 +%
    6.22 +\endisadelimtheory
    6.23 +%
    6.24 +\isamarkupsection{Introduction%
    6.25 +}
    6.26 +\isamarkuptrue%
    6.27 +%
    6.28 +\begin{isamarkuptext}%
    6.29 +Type classes were introduces by Wadler and Blott \cite{wadler89how}
    6.30 +  into the Haskell language, to allow for a reasonable implementation
    6.31 +  of overloading\footnote{throughout this tutorial, we are referring
    6.32 +  to classical Haskell 1.0 type classes, not considering
    6.33 +  later additions in expressiveness}.
    6.34 +  As a canonical example, a polymorphic equality function
    6.35 +  \isa{eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool} which is overloaded on different
    6.36 +  types for \isa{{\isasymalpha}}, which is achieved by splitting introduction
    6.37 +  of the \isa{eq} function from its overloaded definitions by means
    6.38 +  of \isa{class} and \isa{instance} declarations:
    6.39 +  \footnote{syntax here is a kind of isabellized Haskell}
    6.40 +
    6.41 +  \begin{quote}
    6.42 +
    6.43 +  \noindent\isa{class\ eq\ where} \\
    6.44 +  \hspace*{2ex}\isa{eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool}
    6.45 +
    6.46 +  \medskip\noindent\isa{instance\ nat\ {\isasymColon}\ eq\ where} \\
    6.47 +  \hspace*{2ex}\isa{eq\ {\isadigit{0}}\ {\isadigit{0}}\ {\isacharequal}\ True} \\
    6.48 +  \hspace*{2ex}\isa{eq\ {\isadigit{0}}\ {\isacharunderscore}\ {\isacharequal}\ False} \\
    6.49 +  \hspace*{2ex}\isa{eq\ {\isacharunderscore}\ {\isadigit{0}}\ {\isacharequal}\ False} \\
    6.50 +  \hspace*{2ex}\isa{eq\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isacharparenleft}Suc\ m{\isacharparenright}\ {\isacharequal}\ eq\ n\ m}
    6.51 +
    6.52 +  \medskip\noindent\isa{instance\ {\isacharparenleft}{\isasymalpha}{\isasymColon}eq{\isacharcomma}\ {\isasymbeta}{\isasymColon}eq{\isacharparenright}\ pair\ {\isasymColon}\ eq\ where} \\
    6.53 +  \hspace*{2ex}\isa{eq\ {\isacharparenleft}x{\isadigit{1}}{\isacharcomma}\ y{\isadigit{1}}{\isacharparenright}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isacharequal}\ eq\ x{\isadigit{1}}\ x{\isadigit{2}}\ {\isasymand}\ eq\ y{\isadigit{1}}\ y{\isadigit{2}}}
    6.54 +
    6.55 +  \medskip\noindent\isa{class\ ord\ extends\ eq\ where} \\
    6.56 +  \hspace*{2ex}\isa{less{\isacharunderscore}eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool} \\
    6.57 +  \hspace*{2ex}\isa{less\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool}
    6.58 +
    6.59 +  \end{quote}
    6.60 +
    6.61 +  \noindent Type variables are annotated with (finitely many) classes;
    6.62 +  these annotations are assertions that a particular polymorphic type
    6.63 +  provides definitions for overloaded functions.
    6.64 +
    6.65 +  Indeed, type classes not only allow for simple overloading
    6.66 +  but form a generic calculus, an instance of order-sorted
    6.67 +  algebra \cite{Nipkow-Prehofer:1993,nipkow-sorts93,Wenzel:1997:TPHOL}.
    6.68 +
    6.69 +  From a software engeneering point of view, type classes
    6.70 +  roughly correspond to interfaces in object-oriented languages like Java;
    6.71 +  so, it is naturally desirable that type classes do not only
    6.72 +  provide functions (class parameters) but also state specifications
    6.73 +  implementations must obey.  For example, the \isa{class\ eq}
    6.74 +  above could be given the following specification, demanding that
    6.75 +  \isa{class\ eq} is an equivalence relation obeying reflexivity,
    6.76 +  symmetry and transitivity:
    6.77 +
    6.78 +  \begin{quote}
    6.79 +
    6.80 +  \noindent\isa{class\ eq\ where} \\
    6.81 +  \hspace*{2ex}\isa{eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool} \\
    6.82 +  \isa{satisfying} \\
    6.83 +  \hspace*{2ex}\isa{refl{\isacharcolon}\ eq\ x\ x} \\
    6.84 +  \hspace*{2ex}\isa{sym{\isacharcolon}\ eq\ x\ y\ {\isasymlongleftrightarrow}\ eq\ x\ y} \\
    6.85 +  \hspace*{2ex}\isa{trans{\isacharcolon}\ eq\ x\ y\ {\isasymand}\ eq\ y\ z\ {\isasymlongrightarrow}\ eq\ x\ z}
    6.86 +
    6.87 +  \end{quote}
    6.88 +
    6.89 +  \noindent From a theoretic point of view, type classes are lightweight
    6.90 +  modules; Haskell type classes may be emulated by
    6.91 +  SML functors \cite{classes_modules}. 
    6.92 +  Isabelle/Isar offers a discipline of type classes which brings
    6.93 +  all those aspects together:
    6.94 +
    6.95 +  \begin{enumerate}
    6.96 +    \item specifying abstract parameters together with
    6.97 +       corresponding specifications,
    6.98 +    \item instantiating those abstract parameters by a particular
    6.99 +       type
   6.100 +    \item in connection with a ``less ad-hoc'' approach to overloading,
   6.101 +    \item with a direct link to the Isabelle module system
   6.102 +      (aka locales \cite{kammueller-locales}).
   6.103 +  \end{enumerate}
   6.104 +
   6.105 +  \noindent Isar type classes also directly support code generation
   6.106 +  in a Haskell like fashion.
   6.107 +
   6.108 +  This tutorial demonstrates common elements of structured specifications
   6.109 +  and abstract reasoning with type classes by the algebraic hierarchy of
   6.110 +  semigroups, monoids and groups.  Our background theory is that of
   6.111 +  Isabelle/HOL \cite{isa-tutorial}, for which some
   6.112 +  familiarity is assumed.
   6.113 +
   6.114 +  Here we merely present the look-and-feel for end users.
   6.115 +  Internally, those are mapped to more primitive Isabelle concepts.
   6.116 +  See \cite{Haftmann-Wenzel:2006:classes} for more detail.%
   6.117 +\end{isamarkuptext}%
   6.118 +\isamarkuptrue%
   6.119 +%
   6.120 +\isamarkupsection{A simple algebra example \label{sec:example}%
   6.121 +}
   6.122 +\isamarkuptrue%
   6.123 +%
   6.124 +\isamarkupsubsection{Class definition%
   6.125 +}
   6.126 +\isamarkuptrue%
   6.127 +%
   6.128 +\begin{isamarkuptext}%
   6.129 +Depending on an arbitrary type \isa{{\isasymalpha}}, class \isa{semigroup} introduces a binary operator \isa{{\isacharparenleft}{\isasymotimes}{\isacharparenright}} that is
   6.130 +  assumed to be associative:%
   6.131 +\end{isamarkuptext}%
   6.132 +\isamarkuptrue%
   6.133 +%
   6.134 +\isadelimquote
   6.135 +%
   6.136 +\endisadelimquote
   6.137 +%
   6.138 +\isatagquote
   6.139 +\isacommand{class}\isamarkupfalse%
   6.140 +\ semigroup\ {\isacharequal}\isanewline
   6.141 +\ \ \isakeyword{fixes}\ mult\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymotimes}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
   6.142 +\ \ \isakeyword{assumes}\ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isasymotimes}\ z\ {\isacharequal}\ x\ {\isasymotimes}\ {\isacharparenleft}y\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequoteclose}%
   6.143 +\endisatagquote
   6.144 +{\isafoldquote}%
   6.145 +%
   6.146 +\isadelimquote
   6.147 +%
   6.148 +\endisadelimquote
   6.149 +%
   6.150 +\begin{isamarkuptext}%
   6.151 +\noindent This \hyperlink{command.class}{\mbox{\isa{\isacommand{class}}}} specification consists of two
   6.152 +  parts: the \qn{operational} part names the class parameter
   6.153 +  (\hyperlink{element.fixes}{\mbox{\isa{\isakeyword{fixes}}}}), the \qn{logical} part specifies properties on them
   6.154 +  (\hyperlink{element.assumes}{\mbox{\isa{\isakeyword{assumes}}}}).  The local \hyperlink{element.fixes}{\mbox{\isa{\isakeyword{fixes}}}} and
   6.155 +  \hyperlink{element.assumes}{\mbox{\isa{\isakeyword{assumes}}}} are lifted to the theory toplevel,
   6.156 +  yielding the global
   6.157 +  parameter \isa{{\isachardoublequote}mult\ {\isasymColon}\ {\isasymalpha}{\isasymColon}semigroup\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequote}} and the
   6.158 +  global theorem \hyperlink{fact.semigroup.assoc:}{\mbox{\isa{semigroup{\isachardot}assoc{\isacharcolon}}}}~\isa{{\isachardoublequote}{\isasymAnd}x\ y\ z\ {\isasymColon}\ {\isasymalpha}{\isasymColon}semigroup{\isachardot}\ {\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isasymotimes}\ z\ {\isacharequal}\ x\ {\isasymotimes}\ {\isacharparenleft}y\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequote}}.%
   6.159 +\end{isamarkuptext}%
   6.160 +\isamarkuptrue%
   6.161 +%
   6.162 +\isamarkupsubsection{Class instantiation \label{sec:class_inst}%
   6.163 +}
   6.164 +\isamarkuptrue%
   6.165 +%
   6.166 +\begin{isamarkuptext}%
   6.167 +The concrete type \isa{int} is made a \isa{semigroup}
   6.168 +  instance by providing a suitable definition for the class parameter
   6.169 +  \isa{{\isacharparenleft}{\isasymotimes}{\isacharparenright}} and a proof for the specification of \hyperlink{fact.assoc}{\mbox{\isa{assoc}}}.
   6.170 +  This is accomplished by the \hyperlink{command.instantiation}{\mbox{\isa{\isacommand{instantiation}}}} target:%
   6.171 +\end{isamarkuptext}%
   6.172 +\isamarkuptrue%
   6.173 +%
   6.174 +\isadelimquote
   6.175 +%
   6.176 +\endisadelimquote
   6.177 +%
   6.178 +\isatagquote
   6.179 +\isacommand{instantiation}\isamarkupfalse%
   6.180 +\ int\ {\isacharcolon}{\isacharcolon}\ semigroup\isanewline
   6.181 +\isakeyword{begin}\isanewline
   6.182 +\isanewline
   6.183 +\isacommand{definition}\isamarkupfalse%
   6.184 +\isanewline
   6.185 +\ \ mult{\isacharunderscore}int{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}i\ {\isasymotimes}\ j\ {\isacharequal}\ i\ {\isacharplus}\ {\isacharparenleft}j{\isasymColon}int{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.186 +\isanewline
   6.187 +\isacommand{instance}\isamarkupfalse%
   6.188 +\ \isacommand{proof}\isamarkupfalse%
   6.189 +\isanewline
   6.190 +\ \ \isacommand{fix}\isamarkupfalse%
   6.191 +\ i\ j\ k\ {\isacharcolon}{\isacharcolon}\ int\ \isacommand{have}\isamarkupfalse%
   6.192 +\ {\isachardoublequoteopen}{\isacharparenleft}i\ {\isacharplus}\ j{\isacharparenright}\ {\isacharplus}\ k\ {\isacharequal}\ i\ {\isacharplus}\ {\isacharparenleft}j\ {\isacharplus}\ k{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.193 +\ simp\isanewline
   6.194 +\ \ \isacommand{then}\isamarkupfalse%
   6.195 +\ \isacommand{show}\isamarkupfalse%
   6.196 +\ {\isachardoublequoteopen}{\isacharparenleft}i\ {\isasymotimes}\ j{\isacharparenright}\ {\isasymotimes}\ k\ {\isacharequal}\ i\ {\isasymotimes}\ {\isacharparenleft}j\ {\isasymotimes}\ k{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.197 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.198 +\ mult{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{{\isachardot}}\isamarkupfalse%
   6.199 +\isanewline
   6.200 +\isacommand{qed}\isamarkupfalse%
   6.201 +\isanewline
   6.202 +\isanewline
   6.203 +\isacommand{end}\isamarkupfalse%
   6.204 +%
   6.205 +\endisatagquote
   6.206 +{\isafoldquote}%
   6.207 +%
   6.208 +\isadelimquote
   6.209 +%
   6.210 +\endisadelimquote
   6.211 +%
   6.212 +\begin{isamarkuptext}%
   6.213 +\noindent \hyperlink{command.instantiation}{\mbox{\isa{\isacommand{instantiation}}}} allows to define class parameters
   6.214 +  at a particular instance using common specification tools (here,
   6.215 +  \hyperlink{command.definition}{\mbox{\isa{\isacommand{definition}}}}).  The concluding \hyperlink{command.instance}{\mbox{\isa{\isacommand{instance}}}}
   6.216 +  opens a proof that the given parameters actually conform
   6.217 +  to the class specification.  Note that the first proof step
   6.218 +  is the \hyperlink{method.default}{\mbox{\isa{default}}} method,
   6.219 +  which for such instance proofs maps to the \hyperlink{method.intro-classes}{\mbox{\isa{intro{\isacharunderscore}classes}}} method.
   6.220 +  This boils down an instance judgement to the relevant primitive
   6.221 +  proof goals and should conveniently always be the first method applied
   6.222 +  in an instantiation proof.
   6.223 +
   6.224 +  From now on, the type-checker will consider \isa{int}
   6.225 +  as a \isa{semigroup} automatically, i.e.\ any general results
   6.226 +  are immediately available on concrete instances.
   6.227 +
   6.228 +  \medskip Another instance of \isa{semigroup} are the natural numbers:%
   6.229 +\end{isamarkuptext}%
   6.230 +\isamarkuptrue%
   6.231 +%
   6.232 +\isadelimquote
   6.233 +%
   6.234 +\endisadelimquote
   6.235 +%
   6.236 +\isatagquote
   6.237 +\isacommand{instantiation}\isamarkupfalse%
   6.238 +\ nat\ {\isacharcolon}{\isacharcolon}\ semigroup\isanewline
   6.239 +\isakeyword{begin}\isanewline
   6.240 +\isanewline
   6.241 +\isacommand{primrec}\isamarkupfalse%
   6.242 +\ mult{\isacharunderscore}nat\ \isakeyword{where}\isanewline
   6.243 +\ \ {\isachardoublequoteopen}{\isacharparenleft}{\isadigit{0}}{\isasymColon}nat{\isacharparenright}\ {\isasymotimes}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
   6.244 +\ \ {\isacharbar}\ {\isachardoublequoteopen}Suc\ m\ {\isasymotimes}\ n\ {\isacharequal}\ Suc\ {\isacharparenleft}m\ {\isasymotimes}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.245 +\isanewline
   6.246 +\isacommand{instance}\isamarkupfalse%
   6.247 +\ \isacommand{proof}\isamarkupfalse%
   6.248 +\isanewline
   6.249 +\ \ \isacommand{fix}\isamarkupfalse%
   6.250 +\ m\ n\ q\ {\isacharcolon}{\isacharcolon}\ nat\ \isanewline
   6.251 +\ \ \isacommand{show}\isamarkupfalse%
   6.252 +\ {\isachardoublequoteopen}m\ {\isasymotimes}\ n\ {\isasymotimes}\ q\ {\isacharequal}\ m\ {\isasymotimes}\ {\isacharparenleft}n\ {\isasymotimes}\ q{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.253 +\ \ \ \ \isacommand{by}\isamarkupfalse%
   6.254 +\ {\isacharparenleft}induct\ m{\isacharparenright}\ auto\isanewline
   6.255 +\isacommand{qed}\isamarkupfalse%
   6.256 +\isanewline
   6.257 +\isanewline
   6.258 +\isacommand{end}\isamarkupfalse%
   6.259 +%
   6.260 +\endisatagquote
   6.261 +{\isafoldquote}%
   6.262 +%
   6.263 +\isadelimquote
   6.264 +%
   6.265 +\endisadelimquote
   6.266 +%
   6.267 +\begin{isamarkuptext}%
   6.268 +\noindent Note the occurence of the name \isa{mult{\isacharunderscore}nat}
   6.269 +  in the primrec declaration;  by default, the local name of
   6.270 +  a class operation \isa{f} to instantiate on type constructor
   6.271 +  \isa{{\isasymkappa}} are mangled as \isa{f{\isacharunderscore}{\isasymkappa}}.  In case of uncertainty,
   6.272 +  these names may be inspected using the \hyperlink{command.print-context}{\mbox{\isa{\isacommand{print{\isacharunderscore}context}}}} command
   6.273 +  or the corresponding ProofGeneral button.%
   6.274 +\end{isamarkuptext}%
   6.275 +\isamarkuptrue%
   6.276 +%
   6.277 +\isamarkupsubsection{Lifting and parametric types%
   6.278 +}
   6.279 +\isamarkuptrue%
   6.280 +%
   6.281 +\begin{isamarkuptext}%
   6.282 +Overloaded definitions giving on class instantiation
   6.283 +  may include recursion over the syntactic structure of types.
   6.284 +  As a canonical example, we model product semigroups
   6.285 +  using our simple algebra:%
   6.286 +\end{isamarkuptext}%
   6.287 +\isamarkuptrue%
   6.288 +%
   6.289 +\isadelimquote
   6.290 +%
   6.291 +\endisadelimquote
   6.292 +%
   6.293 +\isatagquote
   6.294 +\isacommand{instantiation}\isamarkupfalse%
   6.295 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}semigroup{\isacharcomma}\ semigroup{\isacharparenright}\ semigroup\isanewline
   6.296 +\isakeyword{begin}\isanewline
   6.297 +\isanewline
   6.298 +\isacommand{definition}\isamarkupfalse%
   6.299 +\isanewline
   6.300 +\ \ mult{\isacharunderscore}prod{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{2}}\ {\isacharequal}\ {\isacharparenleft}fst\ p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ fst\ p\isactrlisub {\isadigit{2}}{\isacharcomma}\ snd\ p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ snd\ p\isactrlisub {\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.301 +\isanewline
   6.302 +\isacommand{instance}\isamarkupfalse%
   6.303 +\ \isacommand{proof}\isamarkupfalse%
   6.304 +\isanewline
   6.305 +\ \ \isacommand{fix}\isamarkupfalse%
   6.306 +\ p\isactrlisub {\isadigit{1}}\ p\isactrlisub {\isadigit{2}}\ p\isactrlisub {\isadigit{3}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isasymColon}semigroup\ {\isasymtimes}\ {\isasymbeta}{\isasymColon}semigroup{\isachardoublequoteclose}\isanewline
   6.307 +\ \ \isacommand{show}\isamarkupfalse%
   6.308 +\ {\isachardoublequoteopen}p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{2}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{3}}\ {\isacharequal}\ p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ {\isacharparenleft}p\isactrlisub {\isadigit{2}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{3}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.309 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.310 +\ mult{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.311 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ assoc{\isacharparenright}\isanewline
   6.312 +\isacommand{qed}\isamarkupfalse%
   6.313 +\ \ \ \ \ \ \isanewline
   6.314 +\isanewline
   6.315 +\isacommand{end}\isamarkupfalse%
   6.316 +%
   6.317 +\endisatagquote
   6.318 +{\isafoldquote}%
   6.319 +%
   6.320 +\isadelimquote
   6.321 +%
   6.322 +\endisadelimquote
   6.323 +%
   6.324 +\begin{isamarkuptext}%
   6.325 +\noindent Associativity from product semigroups is
   6.326 +  established using
   6.327 +  the definition of \isa{{\isacharparenleft}{\isasymotimes}{\isacharparenright}} on products and the hypothetical
   6.328 +  associativity of the type components;  these hypotheses
   6.329 +  are facts due to the \isa{semigroup} constraints imposed
   6.330 +  on the type components by the \hyperlink{command.instance}{\mbox{\isa{\isacommand{instance}}}} proposition.
   6.331 +  Indeed, this pattern often occurs with parametric types
   6.332 +  and type classes.%
   6.333 +\end{isamarkuptext}%
   6.334 +\isamarkuptrue%
   6.335 +%
   6.336 +\isamarkupsubsection{Subclassing%
   6.337 +}
   6.338 +\isamarkuptrue%
   6.339 +%
   6.340 +\begin{isamarkuptext}%
   6.341 +We define a subclass \isa{monoidl} (a semigroup with a left-hand neutral)
   6.342 +  by extending \isa{semigroup}
   6.343 +  with one additional parameter \isa{neutral} together
   6.344 +  with its property:%
   6.345 +\end{isamarkuptext}%
   6.346 +\isamarkuptrue%
   6.347 +%
   6.348 +\isadelimquote
   6.349 +%
   6.350 +\endisadelimquote
   6.351 +%
   6.352 +\isatagquote
   6.353 +\isacommand{class}\isamarkupfalse%
   6.354 +\ monoidl\ {\isacharequal}\ semigroup\ {\isacharplus}\isanewline
   6.355 +\ \ \isakeyword{fixes}\ neutral\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isachardoublequoteclose}\ {\isacharparenleft}{\isachardoublequoteopen}{\isasymone}{\isachardoublequoteclose}{\isacharparenright}\isanewline
   6.356 +\ \ \isakeyword{assumes}\ neutl{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}%
   6.357 +\endisatagquote
   6.358 +{\isafoldquote}%
   6.359 +%
   6.360 +\isadelimquote
   6.361 +%
   6.362 +\endisadelimquote
   6.363 +%
   6.364 +\begin{isamarkuptext}%
   6.365 +\noindent Again, we prove some instances, by
   6.366 +  providing suitable parameter definitions and proofs for the
   6.367 +  additional specifications.  Observe that instantiations
   6.368 +  for types with the same arity may be simultaneous:%
   6.369 +\end{isamarkuptext}%
   6.370 +\isamarkuptrue%
   6.371 +%
   6.372 +\isadelimquote
   6.373 +%
   6.374 +\endisadelimquote
   6.375 +%
   6.376 +\isatagquote
   6.377 +\isacommand{instantiation}\isamarkupfalse%
   6.378 +\ nat\ \isakeyword{and}\ int\ {\isacharcolon}{\isacharcolon}\ monoidl\isanewline
   6.379 +\isakeyword{begin}\isanewline
   6.380 +\isanewline
   6.381 +\isacommand{definition}\isamarkupfalse%
   6.382 +\isanewline
   6.383 +\ \ neutral{\isacharunderscore}nat{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ {\isacharparenleft}{\isadigit{0}}{\isasymColon}nat{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.384 +\isanewline
   6.385 +\isacommand{definition}\isamarkupfalse%
   6.386 +\isanewline
   6.387 +\ \ neutral{\isacharunderscore}int{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ {\isacharparenleft}{\isadigit{0}}{\isasymColon}int{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.388 +\isanewline
   6.389 +\isacommand{instance}\isamarkupfalse%
   6.390 +\ \isacommand{proof}\isamarkupfalse%
   6.391 +\isanewline
   6.392 +\ \ \isacommand{fix}\isamarkupfalse%
   6.393 +\ n\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
   6.394 +\ \ \isacommand{show}\isamarkupfalse%
   6.395 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
   6.396 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.397 +\ neutral{\isacharunderscore}nat{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.398 +\ simp\isanewline
   6.399 +\isacommand{next}\isamarkupfalse%
   6.400 +\isanewline
   6.401 +\ \ \isacommand{fix}\isamarkupfalse%
   6.402 +\ k\ {\isacharcolon}{\isacharcolon}\ int\isanewline
   6.403 +\ \ \isacommand{show}\isamarkupfalse%
   6.404 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ k\ {\isacharequal}\ k{\isachardoublequoteclose}\isanewline
   6.405 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.406 +\ neutral{\isacharunderscore}int{\isacharunderscore}def\ mult{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.407 +\ simp\isanewline
   6.408 +\isacommand{qed}\isamarkupfalse%
   6.409 +\isanewline
   6.410 +\isanewline
   6.411 +\isacommand{end}\isamarkupfalse%
   6.412 +\isanewline
   6.413 +\isanewline
   6.414 +\isacommand{instantiation}\isamarkupfalse%
   6.415 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}monoidl{\isacharcomma}\ monoidl{\isacharparenright}\ monoidl\isanewline
   6.416 +\isakeyword{begin}\isanewline
   6.417 +\isanewline
   6.418 +\isacommand{definition}\isamarkupfalse%
   6.419 +\isanewline
   6.420 +\ \ neutral{\isacharunderscore}prod{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ {\isacharparenleft}{\isasymone}{\isacharcomma}\ {\isasymone}{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.421 +\isanewline
   6.422 +\isacommand{instance}\isamarkupfalse%
   6.423 +\ \isacommand{proof}\isamarkupfalse%
   6.424 +\isanewline
   6.425 +\ \ \isacommand{fix}\isamarkupfalse%
   6.426 +\ p\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isasymColon}monoidl\ {\isasymtimes}\ {\isasymbeta}{\isasymColon}monoidl{\isachardoublequoteclose}\isanewline
   6.427 +\ \ \isacommand{show}\isamarkupfalse%
   6.428 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ p\ {\isacharequal}\ p{\isachardoublequoteclose}\isanewline
   6.429 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.430 +\ neutral{\isacharunderscore}prod{\isacharunderscore}def\ mult{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.431 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ neutl{\isacharparenright}\isanewline
   6.432 +\isacommand{qed}\isamarkupfalse%
   6.433 +\isanewline
   6.434 +\isanewline
   6.435 +\isacommand{end}\isamarkupfalse%
   6.436 +%
   6.437 +\endisatagquote
   6.438 +{\isafoldquote}%
   6.439 +%
   6.440 +\isadelimquote
   6.441 +%
   6.442 +\endisadelimquote
   6.443 +%
   6.444 +\begin{isamarkuptext}%
   6.445 +\noindent Fully-fledged monoids are modelled by another subclass
   6.446 +  which does not add new parameters but tightens the specification:%
   6.447 +\end{isamarkuptext}%
   6.448 +\isamarkuptrue%
   6.449 +%
   6.450 +\isadelimquote
   6.451 +%
   6.452 +\endisadelimquote
   6.453 +%
   6.454 +\isatagquote
   6.455 +\isacommand{class}\isamarkupfalse%
   6.456 +\ monoid\ {\isacharequal}\ monoidl\ {\isacharplus}\isanewline
   6.457 +\ \ \isakeyword{assumes}\ neutr{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
   6.458 +\isanewline
   6.459 +\isacommand{instantiation}\isamarkupfalse%
   6.460 +\ nat\ \isakeyword{and}\ int\ {\isacharcolon}{\isacharcolon}\ monoid\ \isanewline
   6.461 +\isakeyword{begin}\isanewline
   6.462 +\isanewline
   6.463 +\isacommand{instance}\isamarkupfalse%
   6.464 +\ \isacommand{proof}\isamarkupfalse%
   6.465 +\isanewline
   6.466 +\ \ \isacommand{fix}\isamarkupfalse%
   6.467 +\ n\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
   6.468 +\ \ \isacommand{show}\isamarkupfalse%
   6.469 +\ {\isachardoublequoteopen}n\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
   6.470 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.471 +\ neutral{\isacharunderscore}nat{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.472 +\ {\isacharparenleft}induct\ n{\isacharparenright}\ simp{\isacharunderscore}all\isanewline
   6.473 +\isacommand{next}\isamarkupfalse%
   6.474 +\isanewline
   6.475 +\ \ \isacommand{fix}\isamarkupfalse%
   6.476 +\ k\ {\isacharcolon}{\isacharcolon}\ int\isanewline
   6.477 +\ \ \isacommand{show}\isamarkupfalse%
   6.478 +\ {\isachardoublequoteopen}k\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ k{\isachardoublequoteclose}\isanewline
   6.479 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.480 +\ neutral{\isacharunderscore}int{\isacharunderscore}def\ mult{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.481 +\ simp\isanewline
   6.482 +\isacommand{qed}\isamarkupfalse%
   6.483 +\isanewline
   6.484 +\isanewline
   6.485 +\isacommand{end}\isamarkupfalse%
   6.486 +\isanewline
   6.487 +\isanewline
   6.488 +\isacommand{instantiation}\isamarkupfalse%
   6.489 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}monoid{\isacharcomma}\ monoid{\isacharparenright}\ monoid\isanewline
   6.490 +\isakeyword{begin}\isanewline
   6.491 +\isanewline
   6.492 +\isacommand{instance}\isamarkupfalse%
   6.493 +\ \isacommand{proof}\isamarkupfalse%
   6.494 +\ \isanewline
   6.495 +\ \ \isacommand{fix}\isamarkupfalse%
   6.496 +\ p\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isasymColon}monoid\ {\isasymtimes}\ {\isasymbeta}{\isasymColon}monoid{\isachardoublequoteclose}\isanewline
   6.497 +\ \ \isacommand{show}\isamarkupfalse%
   6.498 +\ {\isachardoublequoteopen}p\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ p{\isachardoublequoteclose}\isanewline
   6.499 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.500 +\ neutral{\isacharunderscore}prod{\isacharunderscore}def\ mult{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
   6.501 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ neutr{\isacharparenright}\isanewline
   6.502 +\isacommand{qed}\isamarkupfalse%
   6.503 +\isanewline
   6.504 +\isanewline
   6.505 +\isacommand{end}\isamarkupfalse%
   6.506 +%
   6.507 +\endisatagquote
   6.508 +{\isafoldquote}%
   6.509 +%
   6.510 +\isadelimquote
   6.511 +%
   6.512 +\endisadelimquote
   6.513 +%
   6.514 +\begin{isamarkuptext}%
   6.515 +\noindent To finish our small algebra example, we add a \isa{group} class
   6.516 +  with a corresponding instance:%
   6.517 +\end{isamarkuptext}%
   6.518 +\isamarkuptrue%
   6.519 +%
   6.520 +\isadelimquote
   6.521 +%
   6.522 +\endisadelimquote
   6.523 +%
   6.524 +\isatagquote
   6.525 +\isacommand{class}\isamarkupfalse%
   6.526 +\ group\ {\isacharequal}\ monoidl\ {\isacharplus}\isanewline
   6.527 +\ \ \isakeyword{fixes}\ inverse\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isacharparenleft}{\isacharunderscore}{\isasymdiv}{\isacharparenright}{\isachardoublequoteclose}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
   6.528 +\ \ \isakeyword{assumes}\ invl{\isacharcolon}\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
   6.529 +\isanewline
   6.530 +\isacommand{instantiation}\isamarkupfalse%
   6.531 +\ int\ {\isacharcolon}{\isacharcolon}\ group\isanewline
   6.532 +\isakeyword{begin}\isanewline
   6.533 +\isanewline
   6.534 +\isacommand{definition}\isamarkupfalse%
   6.535 +\isanewline
   6.536 +\ \ inverse{\isacharunderscore}int{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}i{\isasymdiv}\ {\isacharequal}\ {\isacharminus}\ {\isacharparenleft}i{\isasymColon}int{\isacharparenright}{\isachardoublequoteclose}\isanewline
   6.537 +\isanewline
   6.538 +\isacommand{instance}\isamarkupfalse%
   6.539 +\ \isacommand{proof}\isamarkupfalse%
   6.540 +\isanewline
   6.541 +\ \ \isacommand{fix}\isamarkupfalse%
   6.542 +\ i\ {\isacharcolon}{\isacharcolon}\ int\isanewline
   6.543 +\ \ \isacommand{have}\isamarkupfalse%
   6.544 +\ {\isachardoublequoteopen}{\isacharminus}i\ {\isacharplus}\ i\ {\isacharequal}\ {\isadigit{0}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.545 +\ simp\isanewline
   6.546 +\ \ \isacommand{then}\isamarkupfalse%
   6.547 +\ \isacommand{show}\isamarkupfalse%
   6.548 +\ {\isachardoublequoteopen}i{\isasymdiv}\ {\isasymotimes}\ i\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
   6.549 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
   6.550 +\ mult{\isacharunderscore}int{\isacharunderscore}def\ neutral{\isacharunderscore}int{\isacharunderscore}def\ inverse{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{{\isachardot}}\isamarkupfalse%
   6.551 +\isanewline
   6.552 +\isacommand{qed}\isamarkupfalse%
   6.553 +\isanewline
   6.554 +\isanewline
   6.555 +\isacommand{end}\isamarkupfalse%
   6.556 +%
   6.557 +\endisatagquote
   6.558 +{\isafoldquote}%
   6.559 +%
   6.560 +\isadelimquote
   6.561 +%
   6.562 +\endisadelimquote
   6.563 +%
   6.564 +\isamarkupsection{Type classes as locales%
   6.565 +}
   6.566 +\isamarkuptrue%
   6.567 +%
   6.568 +\isamarkupsubsection{A look behind the scene%
   6.569 +}
   6.570 +\isamarkuptrue%
   6.571 +%
   6.572 +\begin{isamarkuptext}%
   6.573 +The example above gives an impression how Isar type classes work
   6.574 +  in practice.  As stated in the introduction, classes also provide
   6.575 +  a link to Isar's locale system.  Indeed, the logical core of a class
   6.576 +  is nothing else than a locale:%
   6.577 +\end{isamarkuptext}%
   6.578 +\isamarkuptrue%
   6.579 +%
   6.580 +\isadelimquote
   6.581 +%
   6.582 +\endisadelimquote
   6.583 +%
   6.584 +\isatagquote
   6.585 +\isacommand{class}\isamarkupfalse%
   6.586 +\ idem\ {\isacharequal}\isanewline
   6.587 +\ \ \isakeyword{fixes}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\isanewline
   6.588 +\ \ \isakeyword{assumes}\ idem{\isacharcolon}\ {\isachardoublequoteopen}f\ {\isacharparenleft}f\ x{\isacharparenright}\ {\isacharequal}\ f\ x{\isachardoublequoteclose}%
   6.589 +\endisatagquote
   6.590 +{\isafoldquote}%
   6.591 +%
   6.592 +\isadelimquote
   6.593 +%
   6.594 +\endisadelimquote
   6.595 +%
   6.596 +\begin{isamarkuptext}%
   6.597 +\noindent essentially introduces the locale%
   6.598 +\end{isamarkuptext}%
   6.599 +\isamarkuptrue%
   6.600 +\ %
   6.601 +\isadeliminvisible
   6.602 +%
   6.603 +\endisadeliminvisible
   6.604 +%
   6.605 +\isataginvisible
   6.606 +%
   6.607 +\endisataginvisible
   6.608 +{\isafoldinvisible}%
   6.609 +%
   6.610 +\isadeliminvisible
   6.611 +%
   6.612 +\endisadeliminvisible
   6.613 +%
   6.614 +\isadelimquote
   6.615 +%
   6.616 +\endisadelimquote
   6.617 +%
   6.618 +\isatagquote
   6.619 +\isacommand{locale}\isamarkupfalse%
   6.620 +\ idem\ {\isacharequal}\isanewline
   6.621 +\ \ \isakeyword{fixes}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\isanewline
   6.622 +\ \ \isakeyword{assumes}\ idem{\isacharcolon}\ {\isachardoublequoteopen}f\ {\isacharparenleft}f\ x{\isacharparenright}\ {\isacharequal}\ f\ x{\isachardoublequoteclose}%
   6.623 +\endisatagquote
   6.624 +{\isafoldquote}%
   6.625 +%
   6.626 +\isadelimquote
   6.627 +%
   6.628 +\endisadelimquote
   6.629 +%
   6.630 +\begin{isamarkuptext}%
   6.631 +\noindent together with corresponding constant(s):%
   6.632 +\end{isamarkuptext}%
   6.633 +\isamarkuptrue%
   6.634 +%
   6.635 +\isadelimquote
   6.636 +%
   6.637 +\endisadelimquote
   6.638 +%
   6.639 +\isatagquote
   6.640 +\isacommand{consts}\isamarkupfalse%
   6.641 +\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}%
   6.642 +\endisatagquote
   6.643 +{\isafoldquote}%
   6.644 +%
   6.645 +\isadelimquote
   6.646 +%
   6.647 +\endisadelimquote
   6.648 +%
   6.649 +\begin{isamarkuptext}%
   6.650 +\noindent The connection to the type system is done by means
   6.651 +  of a primitive axclass%
   6.652 +\end{isamarkuptext}%
   6.653 +\isamarkuptrue%
   6.654 +\ %
   6.655 +\isadeliminvisible
   6.656 +%
   6.657 +\endisadeliminvisible
   6.658 +%
   6.659 +\isataginvisible
   6.660 +%
   6.661 +\endisataginvisible
   6.662 +{\isafoldinvisible}%
   6.663 +%
   6.664 +\isadeliminvisible
   6.665 +%
   6.666 +\endisadeliminvisible
   6.667 +%
   6.668 +\isadelimquote
   6.669 +%
   6.670 +\endisadelimquote
   6.671 +%
   6.672 +\isatagquote
   6.673 +\isacommand{axclass}\isamarkupfalse%
   6.674 +\ idem\ {\isacharless}\ type\isanewline
   6.675 +\ \ idem{\isacharcolon}\ {\isachardoublequoteopen}f\ {\isacharparenleft}f\ x{\isacharparenright}\ {\isacharequal}\ f\ x{\isachardoublequoteclose}\ %
   6.676 +\endisatagquote
   6.677 +{\isafoldquote}%
   6.678 +%
   6.679 +\isadelimquote
   6.680 +%
   6.681 +\endisadelimquote
   6.682 +%
   6.683 +\isadeliminvisible
   6.684 +%
   6.685 +\endisadeliminvisible
   6.686 +%
   6.687 +\isataginvisible
   6.688 +%
   6.689 +\endisataginvisible
   6.690 +{\isafoldinvisible}%
   6.691 +%
   6.692 +\isadeliminvisible
   6.693 +%
   6.694 +\endisadeliminvisible
   6.695 +%
   6.696 +\begin{isamarkuptext}%
   6.697 +\noindent together with a corresponding interpretation:%
   6.698 +\end{isamarkuptext}%
   6.699 +\isamarkuptrue%
   6.700 +%
   6.701 +\isadelimquote
   6.702 +%
   6.703 +\endisadelimquote
   6.704 +%
   6.705 +\isatagquote
   6.706 +\isacommand{interpretation}\isamarkupfalse%
   6.707 +\ idem{\isacharunderscore}class{\isacharcolon}\isanewline
   6.708 +\ \ idem\ {\isachardoublequoteopen}f\ {\isasymColon}\ {\isacharparenleft}{\isasymalpha}{\isasymColon}idem{\isacharparenright}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\isanewline
   6.709 +\isacommand{proof}\isamarkupfalse%
   6.710 +\ \isacommand{qed}\isamarkupfalse%
   6.711 +\ {\isacharparenleft}rule\ idem{\isacharparenright}%
   6.712 +\endisatagquote
   6.713 +{\isafoldquote}%
   6.714 +%
   6.715 +\isadelimquote
   6.716 +%
   6.717 +\endisadelimquote
   6.718 +%
   6.719 +\begin{isamarkuptext}%
   6.720 +\noindent This gives you at hand the full power of the Isabelle module system;
   6.721 +  conclusions in locale \isa{idem} are implicitly propagated
   6.722 +  to class \isa{idem}.%
   6.723 +\end{isamarkuptext}%
   6.724 +\isamarkuptrue%
   6.725 +\ %
   6.726 +\isadeliminvisible
   6.727 +%
   6.728 +\endisadeliminvisible
   6.729 +%
   6.730 +\isataginvisible
   6.731 +%
   6.732 +\endisataginvisible
   6.733 +{\isafoldinvisible}%
   6.734 +%
   6.735 +\isadeliminvisible
   6.736 +%
   6.737 +\endisadeliminvisible
   6.738 +%
   6.739 +\isamarkupsubsection{Abstract reasoning%
   6.740 +}
   6.741 +\isamarkuptrue%
   6.742 +%
   6.743 +\begin{isamarkuptext}%
   6.744 +Isabelle locales enable reasoning at a general level, while results
   6.745 +  are implicitly transferred to all instances.  For example, we can
   6.746 +  now establish the \isa{left{\isacharunderscore}cancel} lemma for groups, which
   6.747 +  states that the function \isa{{\isacharparenleft}x\ {\isasymotimes}{\isacharparenright}} is injective:%
   6.748 +\end{isamarkuptext}%
   6.749 +\isamarkuptrue%
   6.750 +%
   6.751 +\isadelimquote
   6.752 +%
   6.753 +\endisadelimquote
   6.754 +%
   6.755 +\isatagquote
   6.756 +\isacommand{lemma}\isamarkupfalse%
   6.757 +\ {\isacharparenleft}\isakeyword{in}\ group{\isacharparenright}\ left{\isacharunderscore}cancel{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z\ {\isasymlongleftrightarrow}\ y\ {\isacharequal}\ z{\isachardoublequoteclose}\isanewline
   6.758 +\isacommand{proof}\isamarkupfalse%
   6.759 +\isanewline
   6.760 +\ \ \isacommand{assume}\isamarkupfalse%
   6.761 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z{\isachardoublequoteclose}\isanewline
   6.762 +\ \ \isacommand{then}\isamarkupfalse%
   6.763 +\ \isacommand{have}\isamarkupfalse%
   6.764 +\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ {\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isacharequal}\ x{\isasymdiv}\ {\isasymotimes}\ {\isacharparenleft}x\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.765 +\ simp\isanewline
   6.766 +\ \ \isacommand{then}\isamarkupfalse%
   6.767 +\ \isacommand{have}\isamarkupfalse%
   6.768 +\ {\isachardoublequoteopen}{\isacharparenleft}x{\isasymdiv}\ {\isasymotimes}\ x{\isacharparenright}\ {\isasymotimes}\ y\ {\isacharequal}\ {\isacharparenleft}x{\isasymdiv}\ {\isasymotimes}\ x{\isacharparenright}\ {\isasymotimes}\ z{\isachardoublequoteclose}\ \isacommand{using}\isamarkupfalse%
   6.769 +\ assoc\ \isacommand{by}\isamarkupfalse%
   6.770 +\ simp\isanewline
   6.771 +\ \ \isacommand{then}\isamarkupfalse%
   6.772 +\ \isacommand{show}\isamarkupfalse%
   6.773 +\ {\isachardoublequoteopen}y\ {\isacharequal}\ z{\isachardoublequoteclose}\ \isacommand{using}\isamarkupfalse%
   6.774 +\ neutl\ \isakeyword{and}\ invl\ \isacommand{by}\isamarkupfalse%
   6.775 +\ simp\isanewline
   6.776 +\isacommand{next}\isamarkupfalse%
   6.777 +\isanewline
   6.778 +\ \ \isacommand{assume}\isamarkupfalse%
   6.779 +\ {\isachardoublequoteopen}y\ {\isacharequal}\ z{\isachardoublequoteclose}\isanewline
   6.780 +\ \ \isacommand{then}\isamarkupfalse%
   6.781 +\ \isacommand{show}\isamarkupfalse%
   6.782 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.783 +\ simp\isanewline
   6.784 +\isacommand{qed}\isamarkupfalse%
   6.785 +%
   6.786 +\endisatagquote
   6.787 +{\isafoldquote}%
   6.788 +%
   6.789 +\isadelimquote
   6.790 +%
   6.791 +\endisadelimquote
   6.792 +%
   6.793 +\begin{isamarkuptext}%
   6.794 +\noindent Here the \qt{\hyperlink{keyword.in}{\mbox{\isa{\isakeyword{in}}}} \isa{group}} target specification
   6.795 +  indicates that the result is recorded within that context for later
   6.796 +  use.  This local theorem is also lifted to the global one \hyperlink{fact.group.left-cancel:}{\mbox{\isa{group{\isachardot}left{\isacharunderscore}cancel{\isacharcolon}}}} \isa{{\isachardoublequote}{\isasymAnd}x\ y\ z\ {\isasymColon}\ {\isasymalpha}{\isasymColon}group{\isachardot}\ x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z\ {\isasymlongleftrightarrow}\ y\ {\isacharequal}\ z{\isachardoublequote}}.  Since type \isa{int} has been made an instance of
   6.797 +  \isa{group} before, we may refer to that fact as well: \isa{{\isachardoublequote}{\isasymAnd}x\ y\ z\ {\isasymColon}\ int{\isachardot}\ x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z\ {\isasymlongleftrightarrow}\ y\ {\isacharequal}\ z{\isachardoublequote}}.%
   6.798 +\end{isamarkuptext}%
   6.799 +\isamarkuptrue%
   6.800 +%
   6.801 +\isamarkupsubsection{Derived definitions%
   6.802 +}
   6.803 +\isamarkuptrue%
   6.804 +%
   6.805 +\begin{isamarkuptext}%
   6.806 +Isabelle locales support a concept of local definitions
   6.807 +  in locales:%
   6.808 +\end{isamarkuptext}%
   6.809 +\isamarkuptrue%
   6.810 +%
   6.811 +\isadelimquote
   6.812 +%
   6.813 +\endisadelimquote
   6.814 +%
   6.815 +\isatagquote
   6.816 +\isacommand{primrec}\isamarkupfalse%
   6.817 +\ {\isacharparenleft}\isakeyword{in}\ monoid{\isacharparenright}\ pow{\isacharunderscore}nat\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
   6.818 +\ \ {\isachardoublequoteopen}pow{\isacharunderscore}nat\ {\isadigit{0}}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
   6.819 +\ \ {\isacharbar}\ {\isachardoublequoteopen}pow{\isacharunderscore}nat\ {\isacharparenleft}Suc\ n{\isacharparenright}\ x\ {\isacharequal}\ x\ {\isasymotimes}\ pow{\isacharunderscore}nat\ n\ x{\isachardoublequoteclose}%
   6.820 +\endisatagquote
   6.821 +{\isafoldquote}%
   6.822 +%
   6.823 +\isadelimquote
   6.824 +%
   6.825 +\endisadelimquote
   6.826 +%
   6.827 +\begin{isamarkuptext}%
   6.828 +\noindent If the locale \isa{group} is also a class, this local
   6.829 +  definition is propagated onto a global definition of
   6.830 +  \isa{{\isachardoublequote}pow{\isacharunderscore}nat\ {\isasymColon}\ nat\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}monoid\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}monoid{\isachardoublequote}}
   6.831 +  with corresponding theorems
   6.832 +
   6.833 +  \isa{pow{\isacharunderscore}nat\ {\isadigit{0}}\ x\ {\isacharequal}\ {\isasymone}\isasep\isanewline%
   6.834 +pow{\isacharunderscore}nat\ {\isacharparenleft}Suc\ n{\isacharparenright}\ x\ {\isacharequal}\ x\ {\isasymotimes}\ pow{\isacharunderscore}nat\ n\ x}.
   6.835 +
   6.836 +  \noindent As you can see from this example, for local
   6.837 +  definitions you may use any specification tool
   6.838 +  which works together with locales (e.g. \cite{krauss2006}).%
   6.839 +\end{isamarkuptext}%
   6.840 +\isamarkuptrue%
   6.841 +%
   6.842 +\isamarkupsubsection{A functor analogy%
   6.843 +}
   6.844 +\isamarkuptrue%
   6.845 +%
   6.846 +\begin{isamarkuptext}%
   6.847 +We introduced Isar classes by analogy to type classes
   6.848 +  functional programming;  if we reconsider this in the
   6.849 +  context of what has been said about type classes and locales,
   6.850 +  we can drive this analogy further by stating that type
   6.851 +  classes essentially correspond to functors which have
   6.852 +  a canonical interpretation as type classes.
   6.853 +  Anyway, there is also the possibility of other interpretations.
   6.854 +  For example, also \isa{list}s form a monoid with
   6.855 +  \isa{append} and \isa{{\isacharbrackleft}{\isacharbrackright}} as operations, but it
   6.856 +  seems inappropriate to apply to lists
   6.857 +  the same operations as for genuinely algebraic types.
   6.858 +  In such a case, we simply can do a particular interpretation
   6.859 +  of monoids for lists:%
   6.860 +\end{isamarkuptext}%
   6.861 +\isamarkuptrue%
   6.862 +%
   6.863 +\isadelimquote
   6.864 +%
   6.865 +\endisadelimquote
   6.866 +%
   6.867 +\isatagquote
   6.868 +\isacommand{interpretation}\isamarkupfalse%
   6.869 +\ list{\isacharunderscore}monoid{\isacharbang}{\isacharcolon}\ monoid\ append\ {\isachardoublequoteopen}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
   6.870 +\ \ \isacommand{proof}\isamarkupfalse%
   6.871 +\ \isacommand{qed}\isamarkupfalse%
   6.872 +\ auto%
   6.873 +\endisatagquote
   6.874 +{\isafoldquote}%
   6.875 +%
   6.876 +\isadelimquote
   6.877 +%
   6.878 +\endisadelimquote
   6.879 +%
   6.880 +\begin{isamarkuptext}%
   6.881 +\noindent This enables us to apply facts on monoids
   6.882 +  to lists, e.g. \isa{{\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ x\ {\isacharequal}\ x}.
   6.883 +
   6.884 +  When using this interpretation pattern, it may also
   6.885 +  be appropriate to map derived definitions accordingly:%
   6.886 +\end{isamarkuptext}%
   6.887 +\isamarkuptrue%
   6.888 +%
   6.889 +\isadelimquote
   6.890 +%
   6.891 +\endisadelimquote
   6.892 +%
   6.893 +\isatagquote
   6.894 +\isacommand{primrec}\isamarkupfalse%
   6.895 +\ replicate\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ {\isasymalpha}\ list\ {\isasymRightarrow}\ {\isasymalpha}\ list{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
   6.896 +\ \ {\isachardoublequoteopen}replicate\ {\isadigit{0}}\ {\isacharunderscore}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
   6.897 +\ \ {\isacharbar}\ {\isachardoublequoteopen}replicate\ {\isacharparenleft}Suc\ n{\isacharparenright}\ xs\ {\isacharequal}\ xs\ {\isacharat}\ replicate\ n\ xs{\isachardoublequoteclose}\isanewline
   6.898 +\isanewline
   6.899 +\isacommand{interpretation}\isamarkupfalse%
   6.900 +\ list{\isacharunderscore}monoid{\isacharbang}{\isacharcolon}\ monoid\ append\ {\isachardoublequoteopen}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
   6.901 +\ \ {\isachardoublequoteopen}monoid{\isachardot}pow{\isacharunderscore}nat\ append\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ replicate{\isachardoublequoteclose}\isanewline
   6.902 +\isacommand{proof}\isamarkupfalse%
   6.903 +\ {\isacharminus}\isanewline
   6.904 +\ \ \isacommand{interpret}\isamarkupfalse%
   6.905 +\ monoid\ append\ {\isachardoublequoteopen}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
   6.906 +\isanewline
   6.907 +\ \ \isacommand{show}\isamarkupfalse%
   6.908 +\ {\isachardoublequoteopen}monoid{\isachardot}pow{\isacharunderscore}nat\ append\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ replicate{\isachardoublequoteclose}\isanewline
   6.909 +\ \ \isacommand{proof}\isamarkupfalse%
   6.910 +\isanewline
   6.911 +\ \ \ \ \isacommand{fix}\isamarkupfalse%
   6.912 +\ n\isanewline
   6.913 +\ \ \ \ \isacommand{show}\isamarkupfalse%
   6.914 +\ {\isachardoublequoteopen}monoid{\isachardot}pow{\isacharunderscore}nat\ append\ {\isacharbrackleft}{\isacharbrackright}\ n\ {\isacharequal}\ replicate\ n{\isachardoublequoteclose}\isanewline
   6.915 +\ \ \ \ \ \ \isacommand{by}\isamarkupfalse%
   6.916 +\ {\isacharparenleft}induct\ n{\isacharparenright}\ auto\isanewline
   6.917 +\ \ \isacommand{qed}\isamarkupfalse%
   6.918 +\isanewline
   6.919 +\isacommand{qed}\isamarkupfalse%
   6.920 +\ intro{\isacharunderscore}locales%
   6.921 +\endisatagquote
   6.922 +{\isafoldquote}%
   6.923 +%
   6.924 +\isadelimquote
   6.925 +%
   6.926 +\endisadelimquote
   6.927 +%
   6.928 +\isamarkupsubsection{Additional subclass relations%
   6.929 +}
   6.930 +\isamarkuptrue%
   6.931 +%
   6.932 +\begin{isamarkuptext}%
   6.933 +Any \isa{group} is also a \isa{monoid};  this
   6.934 +  can be made explicit by claiming an additional
   6.935 +  subclass relation,
   6.936 +  together with a proof of the logical difference:%
   6.937 +\end{isamarkuptext}%
   6.938 +\isamarkuptrue%
   6.939 +%
   6.940 +\isadelimquote
   6.941 +%
   6.942 +\endisadelimquote
   6.943 +%
   6.944 +\isatagquote
   6.945 +\isacommand{subclass}\isamarkupfalse%
   6.946 +\ {\isacharparenleft}\isakeyword{in}\ group{\isacharparenright}\ monoid\isanewline
   6.947 +\isacommand{proof}\isamarkupfalse%
   6.948 +\isanewline
   6.949 +\ \ \isacommand{fix}\isamarkupfalse%
   6.950 +\ x\isanewline
   6.951 +\ \ \isacommand{from}\isamarkupfalse%
   6.952 +\ invl\ \isacommand{have}\isamarkupfalse%
   6.953 +\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.954 +\ simp\isanewline
   6.955 +\ \ \isacommand{with}\isamarkupfalse%
   6.956 +\ assoc\ {\isacharbrackleft}symmetric{\isacharbrackright}\ neutl\ invl\ \isacommand{have}\isamarkupfalse%
   6.957 +\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ {\isacharparenleft}x\ {\isasymotimes}\ {\isasymone}{\isacharparenright}\ {\isacharequal}\ x{\isasymdiv}\ {\isasymotimes}\ x{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.958 +\ simp\isanewline
   6.959 +\ \ \isacommand{with}\isamarkupfalse%
   6.960 +\ left{\isacharunderscore}cancel\ \isacommand{show}\isamarkupfalse%
   6.961 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
   6.962 +\ simp\isanewline
   6.963 +\isacommand{qed}\isamarkupfalse%
   6.964 +%
   6.965 +\endisatagquote
   6.966 +{\isafoldquote}%
   6.967 +%
   6.968 +\isadelimquote
   6.969 +%
   6.970 +\endisadelimquote
   6.971 +%
   6.972 +\begin{isamarkuptext}%
   6.973 +The logical proof is carried out on the locale level.
   6.974 +  Afterwards it is propagated
   6.975 +  to the type system, making \isa{group} an instance of
   6.976 +  \isa{monoid} by adding an additional edge
   6.977 +  to the graph of subclass relations
   6.978 +  (cf.\ \figref{fig:subclass}).
   6.979 +
   6.980 +  \begin{figure}[htbp]
   6.981 +   \begin{center}
   6.982 +     \small
   6.983 +     \unitlength 0.6mm
   6.984 +     \begin{picture}(40,60)(0,0)
   6.985 +       \put(20,60){\makebox(0,0){\isa{semigroup}}}
   6.986 +       \put(20,40){\makebox(0,0){\isa{monoidl}}}
   6.987 +       \put(00,20){\makebox(0,0){\isa{monoid}}}
   6.988 +       \put(40,00){\makebox(0,0){\isa{group}}}
   6.989 +       \put(20,55){\vector(0,-1){10}}
   6.990 +       \put(15,35){\vector(-1,-1){10}}
   6.991 +       \put(25,35){\vector(1,-3){10}}
   6.992 +     \end{picture}
   6.993 +     \hspace{8em}
   6.994 +     \begin{picture}(40,60)(0,0)
   6.995 +       \put(20,60){\makebox(0,0){\isa{semigroup}}}
   6.996 +       \put(20,40){\makebox(0,0){\isa{monoidl}}}
   6.997 +       \put(00,20){\makebox(0,0){\isa{monoid}}}
   6.998 +       \put(40,00){\makebox(0,0){\isa{group}}}
   6.999 +       \put(20,55){\vector(0,-1){10}}
  6.1000 +       \put(15,35){\vector(-1,-1){10}}
  6.1001 +       \put(05,15){\vector(3,-1){30}}
  6.1002 +     \end{picture}
  6.1003 +     \caption{Subclass relationship of monoids and groups:
  6.1004 +        before and after establishing the relationship
  6.1005 +        \isa{group\ {\isasymsubseteq}\ monoid};  transitive edges are left out.}
  6.1006 +     \label{fig:subclass}
  6.1007 +   \end{center}
  6.1008 +  \end{figure}
  6.1009 +
  6.1010 +  For illustration, a derived definition
  6.1011 +  in \isa{group} which uses \isa{pow{\isacharunderscore}nat}:%
  6.1012 +\end{isamarkuptext}%
  6.1013 +\isamarkuptrue%
  6.1014 +%
  6.1015 +\isadelimquote
  6.1016 +%
  6.1017 +\endisadelimquote
  6.1018 +%
  6.1019 +\isatagquote
  6.1020 +\isacommand{definition}\isamarkupfalse%
  6.1021 +\ {\isacharparenleft}\isakeyword{in}\ group{\isacharparenright}\ pow{\isacharunderscore}int\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}int\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  6.1022 +\ \ {\isachardoublequoteopen}pow{\isacharunderscore}int\ k\ x\ {\isacharequal}\ {\isacharparenleft}if\ k\ {\isachargreater}{\isacharequal}\ {\isadigit{0}}\isanewline
  6.1023 +\ \ \ \ then\ pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ k{\isacharparenright}\ x\isanewline
  6.1024 +\ \ \ \ else\ {\isacharparenleft}pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ {\isacharparenleft}{\isacharminus}\ k{\isacharparenright}{\isacharparenright}\ x{\isacharparenright}{\isasymdiv}{\isacharparenright}{\isachardoublequoteclose}%
  6.1025 +\endisatagquote
  6.1026 +{\isafoldquote}%
  6.1027 +%
  6.1028 +\isadelimquote
  6.1029 +%
  6.1030 +\endisadelimquote
  6.1031 +%
  6.1032 +\begin{isamarkuptext}%
  6.1033 +\noindent yields the global definition of
  6.1034 +  \isa{{\isachardoublequote}pow{\isacharunderscore}int\ {\isasymColon}\ int\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}group\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}group{\isachardoublequote}}
  6.1035 +  with the corresponding theorem \isa{pow{\isacharunderscore}int\ k\ x\ {\isacharequal}\ {\isacharparenleft}if\ {\isadigit{0}}\ {\isasymle}\ k\ then\ pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ k{\isacharparenright}\ x\ else\ {\isacharparenleft}pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ {\isacharparenleft}{\isacharminus}\ k{\isacharparenright}{\isacharparenright}\ x{\isacharparenright}{\isasymdiv}{\isacharparenright}}.%
  6.1036 +\end{isamarkuptext}%
  6.1037 +\isamarkuptrue%
  6.1038 +%
  6.1039 +\isamarkupsubsection{A note on syntax%
  6.1040 +}
  6.1041 +\isamarkuptrue%
  6.1042 +%
  6.1043 +\begin{isamarkuptext}%
  6.1044 +As a commodity, class context syntax allows to refer
  6.1045 +  to local class operations and their global counterparts
  6.1046 +  uniformly;  type inference resolves ambiguities.  For example:%
  6.1047 +\end{isamarkuptext}%
  6.1048 +\isamarkuptrue%
  6.1049 +%
  6.1050 +\isadelimquote
  6.1051 +%
  6.1052 +\endisadelimquote
  6.1053 +%
  6.1054 +\isatagquote
  6.1055 +\isacommand{context}\isamarkupfalse%
  6.1056 +\ semigroup\isanewline
  6.1057 +\isakeyword{begin}\isanewline
  6.1058 +\isanewline
  6.1059 +\isacommand{term}\isamarkupfalse%
  6.1060 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y{\isachardoublequoteclose}\ %
  6.1061 +\isamarkupcmt{example 1%
  6.1062 +}
  6.1063 +\isanewline
  6.1064 +\isacommand{term}\isamarkupfalse%
  6.1065 +\ {\isachardoublequoteopen}{\isacharparenleft}x{\isasymColon}nat{\isacharparenright}\ {\isasymotimes}\ y{\isachardoublequoteclose}\ %
  6.1066 +\isamarkupcmt{example 2%
  6.1067 +}
  6.1068 +\isanewline
  6.1069 +\isanewline
  6.1070 +\isacommand{end}\isamarkupfalse%
  6.1071 +\isanewline
  6.1072 +\isanewline
  6.1073 +\isacommand{term}\isamarkupfalse%
  6.1074 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y{\isachardoublequoteclose}\ %
  6.1075 +\isamarkupcmt{example 3%
  6.1076 +}
  6.1077 +%
  6.1078 +\endisatagquote
  6.1079 +{\isafoldquote}%
  6.1080 +%
  6.1081 +\isadelimquote
  6.1082 +%
  6.1083 +\endisadelimquote
  6.1084 +%
  6.1085 +\begin{isamarkuptext}%
  6.1086 +\noindent Here in example 1, the term refers to the local class operation
  6.1087 +  \isa{mult\ {\isacharbrackleft}{\isasymalpha}{\isacharbrackright}}, whereas in example 2 the type constraint
  6.1088 +  enforces the global class operation \isa{mult\ {\isacharbrackleft}nat{\isacharbrackright}}.
  6.1089 +  In the global context in example 3, the reference is
  6.1090 +  to the polymorphic global class operation \isa{mult\ {\isacharbrackleft}{\isacharquery}{\isasymalpha}\ {\isasymColon}\ semigroup{\isacharbrackright}}.%
  6.1091 +\end{isamarkuptext}%
  6.1092 +\isamarkuptrue%
  6.1093 +%
  6.1094 +\isamarkupsection{Further issues%
  6.1095 +}
  6.1096 +\isamarkuptrue%
  6.1097 +%
  6.1098 +\isamarkupsubsection{Type classes and code generation%
  6.1099 +}
  6.1100 +\isamarkuptrue%
  6.1101 +%
  6.1102 +\begin{isamarkuptext}%
  6.1103 +Turning back to the first motivation for type classes,
  6.1104 +  namely overloading, it is obvious that overloading
  6.1105 +  stemming from \hyperlink{command.class}{\mbox{\isa{\isacommand{class}}}} statements and
  6.1106 +  \hyperlink{command.instantiation}{\mbox{\isa{\isacommand{instantiation}}}}
  6.1107 +  targets naturally maps to Haskell type classes.
  6.1108 +  The code generator framework \cite{isabelle-codegen} 
  6.1109 +  takes this into account.  Concerning target languages
  6.1110 +  lacking type classes (e.g.~SML), type classes
  6.1111 +  are implemented by explicit dictionary construction.
  6.1112 +  As example, let's go back to the power function:%
  6.1113 +\end{isamarkuptext}%
  6.1114 +\isamarkuptrue%
  6.1115 +%
  6.1116 +\isadelimquote
  6.1117 +%
  6.1118 +\endisadelimquote
  6.1119 +%
  6.1120 +\isatagquote
  6.1121 +\isacommand{definition}\isamarkupfalse%
  6.1122 +\ example\ {\isacharcolon}{\isacharcolon}\ int\ \isakeyword{where}\isanewline
  6.1123 +\ \ {\isachardoublequoteopen}example\ {\isacharequal}\ pow{\isacharunderscore}int\ {\isadigit{1}}{\isadigit{0}}\ {\isacharparenleft}{\isacharminus}{\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}%
  6.1124 +\endisatagquote
  6.1125 +{\isafoldquote}%
  6.1126 +%
  6.1127 +\isadelimquote
  6.1128 +%
  6.1129 +\endisadelimquote
  6.1130 +%
  6.1131 +\begin{isamarkuptext}%
  6.1132 +\noindent This maps to Haskell as:%
  6.1133 +\end{isamarkuptext}%
  6.1134 +\isamarkuptrue%
  6.1135 +%
  6.1136 +\isadelimquote
  6.1137 +%
  6.1138 +\endisadelimquote
  6.1139 +%
  6.1140 +\isatagquote
  6.1141 +%
  6.1142 +\begin{isamarkuptext}%
  6.1143 +\isatypewriter%
  6.1144 +\noindent%
  6.1145 +\hspace*{0pt}module Example where {\char123}\\
  6.1146 +\hspace*{0pt}\\
  6.1147 +\hspace*{0pt}\\
  6.1148 +\hspace*{0pt}data Nat = Zero{\char95}nat | Suc Nat;\\
  6.1149 +\hspace*{0pt}\\
  6.1150 +\hspace*{0pt}nat{\char95}aux ::~Integer -> Nat -> Nat;\\
  6.1151 +\hspace*{0pt}nat{\char95}aux i n = (if i <= 0 then n else nat{\char95}aux (i - 1) (Suc n));\\
  6.1152 +\hspace*{0pt}\\
  6.1153 +\hspace*{0pt}nat ::~Integer -> Nat;\\
  6.1154 +\hspace*{0pt}nat i = nat{\char95}aux i Zero{\char95}nat;\\
  6.1155 +\hspace*{0pt}\\
  6.1156 +\hspace*{0pt}class Semigroup a where {\char123}\\
  6.1157 +\hspace*{0pt} ~mult ::~a -> a -> a;\\
  6.1158 +\hspace*{0pt}{\char125};\\
  6.1159 +\hspace*{0pt}\\
  6.1160 +\hspace*{0pt}class (Semigroup a) => Monoidl a where {\char123}\\
  6.1161 +\hspace*{0pt} ~neutral ::~a;\\
  6.1162 +\hspace*{0pt}{\char125};\\
  6.1163 +\hspace*{0pt}\\
  6.1164 +\hspace*{0pt}class (Monoidl a) => Monoid a where {\char123}\\
  6.1165 +\hspace*{0pt}{\char125};\\
  6.1166 +\hspace*{0pt}\\
  6.1167 +\hspace*{0pt}class (Monoid a) => Group a where {\char123}\\
  6.1168 +\hspace*{0pt} ~inverse ::~a -> a;\\
  6.1169 +\hspace*{0pt}{\char125};\\
  6.1170 +\hspace*{0pt}\\
  6.1171 +\hspace*{0pt}inverse{\char95}int ::~Integer -> Integer;\\
  6.1172 +\hspace*{0pt}inverse{\char95}int i = negate i;\\
  6.1173 +\hspace*{0pt}\\
  6.1174 +\hspace*{0pt}neutral{\char95}int ::~Integer;\\
  6.1175 +\hspace*{0pt}neutral{\char95}int = 0;\\
  6.1176 +\hspace*{0pt}\\
  6.1177 +\hspace*{0pt}mult{\char95}int ::~Integer -> Integer -> Integer;\\
  6.1178 +\hspace*{0pt}mult{\char95}int i j = i + j;\\
  6.1179 +\hspace*{0pt}\\
  6.1180 +\hspace*{0pt}instance Semigroup Integer where {\char123}\\
  6.1181 +\hspace*{0pt} ~mult = mult{\char95}int;\\
  6.1182 +\hspace*{0pt}{\char125};\\
  6.1183 +\hspace*{0pt}\\
  6.1184 +\hspace*{0pt}instance Monoidl Integer where {\char123}\\
  6.1185 +\hspace*{0pt} ~neutral = neutral{\char95}int;\\
  6.1186 +\hspace*{0pt}{\char125};\\
  6.1187 +\hspace*{0pt}\\
  6.1188 +\hspace*{0pt}instance Monoid Integer where {\char123}\\
  6.1189 +\hspace*{0pt}{\char125};\\
  6.1190 +\hspace*{0pt}\\
  6.1191 +\hspace*{0pt}instance Group Integer where {\char123}\\
  6.1192 +\hspace*{0pt} ~inverse = inverse{\char95}int;\\
  6.1193 +\hspace*{0pt}{\char125};\\
  6.1194 +\hspace*{0pt}\\
  6.1195 +\hspace*{0pt}pow{\char95}nat ::~forall a.~(Monoid a) => Nat -> a -> a;\\
  6.1196 +\hspace*{0pt}pow{\char95}nat Zero{\char95}nat x = neutral;\\
  6.1197 +\hspace*{0pt}pow{\char95}nat (Suc n) x = mult x (pow{\char95}nat n x);\\
  6.1198 +\hspace*{0pt}\\
  6.1199 +\hspace*{0pt}pow{\char95}int ::~forall a.~(Group a) => Integer -> a -> a;\\
  6.1200 +\hspace*{0pt}pow{\char95}int k x =\\
  6.1201 +\hspace*{0pt} ~(if 0 <= k then pow{\char95}nat (nat k) x\\
  6.1202 +\hspace*{0pt} ~~~else inverse (pow{\char95}nat (nat (negate k)) x));\\
  6.1203 +\hspace*{0pt}\\
  6.1204 +\hspace*{0pt}example ::~Integer;\\
  6.1205 +\hspace*{0pt}example = pow{\char95}int 10 (-2);\\
  6.1206 +\hspace*{0pt}\\
  6.1207 +\hspace*{0pt}{\char125}%
  6.1208 +\end{isamarkuptext}%
  6.1209 +\isamarkuptrue%
  6.1210 +%
  6.1211 +\endisatagquote
  6.1212 +{\isafoldquote}%
  6.1213 +%
  6.1214 +\isadelimquote
  6.1215 +%
  6.1216 +\endisadelimquote
  6.1217 +%
  6.1218 +\begin{isamarkuptext}%
  6.1219 +\noindent The whole code in SML with explicit dictionary passing:%
  6.1220 +\end{isamarkuptext}%
  6.1221 +\isamarkuptrue%
  6.1222 +%
  6.1223 +\isadelimquote
  6.1224 +%
  6.1225 +\endisadelimquote
  6.1226 +%
  6.1227 +\isatagquote
  6.1228 +%
  6.1229 +\begin{isamarkuptext}%
  6.1230 +\isatypewriter%
  6.1231 +\noindent%
  6.1232 +\hspace*{0pt}structure Example = \\
  6.1233 +\hspace*{0pt}struct\\
  6.1234 +\hspace*{0pt}\\
  6.1235 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  6.1236 +\hspace*{0pt}\\
  6.1237 +\hspace*{0pt}fun nat{\char95}aux i n =\\
  6.1238 +\hspace*{0pt} ~(if IntInf.<= (i,~(0 :~IntInf.int)) then n\\
  6.1239 +\hspace*{0pt} ~~~else nat{\char95}aux (IntInf.- (i,~(1 :~IntInf.int))) (Suc n));\\
  6.1240 +\hspace*{0pt}\\
  6.1241 +\hspace*{0pt}fun nat i = nat{\char95}aux i Zero{\char95}nat;\\
  6.1242 +\hspace*{0pt}\\
  6.1243 +\hspace*{0pt}type 'a semigroup = {\char123}mult :~'a -> 'a -> 'a{\char125};\\
  6.1244 +\hspace*{0pt}fun mult (A{\char95}:'a semigroup) = {\char35}mult A{\char95};\\
  6.1245 +\hspace*{0pt}\\
  6.1246 +\hspace*{0pt}type 'a monoidl =\\
  6.1247 +\hspace*{0pt} ~{\char123}Classes{\char95}{\char95}semigroup{\char95}monoidl :~'a semigroup,~neutral :~'a{\char125};\\
  6.1248 +\hspace*{0pt}fun semigroup{\char95}monoidl (A{\char95}:'a monoidl) = {\char35}Classes{\char95}{\char95}semigroup{\char95}monoidl A{\char95};\\
  6.1249 +\hspace*{0pt}fun neutral (A{\char95}:'a monoidl) = {\char35}neutral A{\char95};\\
  6.1250 +\hspace*{0pt}\\
  6.1251 +\hspace*{0pt}type 'a monoid = {\char123}Classes{\char95}{\char95}monoidl{\char95}monoid :~'a monoidl{\char125};\\
  6.1252 +\hspace*{0pt}fun monoidl{\char95}monoid (A{\char95}:'a monoid) = {\char35}Classes{\char95}{\char95}monoidl{\char95}monoid A{\char95};\\
  6.1253 +\hspace*{0pt}\\
  6.1254 +\hspace*{0pt}type 'a group = {\char123}Classes{\char95}{\char95}monoid{\char95}group :~'a monoid,~inverse :~'a -> 'a{\char125};\\
  6.1255 +\hspace*{0pt}fun monoid{\char95}group (A{\char95}:'a group) = {\char35}Classes{\char95}{\char95}monoid{\char95}group A{\char95};\\
  6.1256 +\hspace*{0pt}fun inverse (A{\char95}:'a group) = {\char35}inverse A{\char95};\\
  6.1257 +\hspace*{0pt}\\
  6.1258 +\hspace*{0pt}fun inverse{\char95}int i = IntInf.{\char126}~i;\\
  6.1259 +\hspace*{0pt}\\
  6.1260 +\hspace*{0pt}val neutral{\char95}int :~IntInf.int = (0 :~IntInf.int)\\
  6.1261 +\hspace*{0pt}\\
  6.1262 +\hspace*{0pt}fun mult{\char95}int i j = IntInf.+ (i,~j);\\
  6.1263 +\hspace*{0pt}\\
  6.1264 +\hspace*{0pt}val semigroup{\char95}int = {\char123}mult = mult{\char95}int{\char125}~:~IntInf.int semigroup;\\
  6.1265 +\hspace*{0pt}\\
  6.1266 +\hspace*{0pt}val monoidl{\char95}int =\\
  6.1267 +\hspace*{0pt} ~{\char123}Classes{\char95}{\char95}semigroup{\char95}monoidl = semigroup{\char95}int,~neutral = neutral{\char95}int{\char125}~:\\
  6.1268 +\hspace*{0pt} ~IntInf.int monoidl;\\
  6.1269 +\hspace*{0pt}\\
  6.1270 +\hspace*{0pt}val monoid{\char95}int = {\char123}Classes{\char95}{\char95}monoidl{\char95}monoid = monoidl{\char95}int{\char125}~:\\
  6.1271 +\hspace*{0pt} ~IntInf.int monoid;\\
  6.1272 +\hspace*{0pt}\\
  6.1273 +\hspace*{0pt}val group{\char95}int =\\
  6.1274 +\hspace*{0pt} ~{\char123}Classes{\char95}{\char95}monoid{\char95}group = monoid{\char95}int,~inverse = inverse{\char95}int{\char125}~:\\
  6.1275 +\hspace*{0pt} ~IntInf.int group;\\
  6.1276 +\hspace*{0pt}\\
  6.1277 +\hspace*{0pt}fun pow{\char95}nat A{\char95}~Zero{\char95}nat x = neutral (monoidl{\char95}monoid A{\char95})\\
  6.1278 +\hspace*{0pt} ~| pow{\char95}nat A{\char95}~(Suc n) x =\\
  6.1279 +\hspace*{0pt} ~~~mult ((semigroup{\char95}monoidl o monoidl{\char95}monoid) A{\char95}) x (pow{\char95}nat A{\char95}~n x);\\
  6.1280 +\hspace*{0pt}\\
  6.1281 +\hspace*{0pt}fun pow{\char95}int A{\char95}~k x =\\
  6.1282 +\hspace*{0pt} ~(if IntInf.<= ((0 :~IntInf.int),~k)\\
  6.1283 +\hspace*{0pt} ~~~then pow{\char95}nat (monoid{\char95}group A{\char95}) (nat k) x\\
  6.1284 +\hspace*{0pt} ~~~else inverse A{\char95}~(pow{\char95}nat (monoid{\char95}group A{\char95}) (nat (IntInf.{\char126}~k)) x));\\
  6.1285 +\hspace*{0pt}\\
  6.1286 +\hspace*{0pt}val example :~IntInf.int =\\
  6.1287 +\hspace*{0pt} ~pow{\char95}int group{\char95}int (10 :~IntInf.int) ({\char126}2 :~IntInf.int)\\
  6.1288 +\hspace*{0pt}\\
  6.1289 +\hspace*{0pt}end;~(*struct Example*)%
  6.1290 +\end{isamarkuptext}%
  6.1291 +\isamarkuptrue%
  6.1292 +%
  6.1293 +\endisatagquote
  6.1294 +{\isafoldquote}%
  6.1295 +%
  6.1296 +\isadelimquote
  6.1297 +%
  6.1298 +\endisadelimquote
  6.1299 +%
  6.1300 +\isamarkupsubsection{Inspecting the type class universe%
  6.1301 +}
  6.1302 +\isamarkuptrue%
  6.1303 +%
  6.1304 +\begin{isamarkuptext}%
  6.1305 +To facilitate orientation in complex subclass structures,
  6.1306 +  two diagnostics commands are provided:
  6.1307 +
  6.1308 +  \begin{description}
  6.1309 +
  6.1310 +    \item[\hyperlink{command.print-classes}{\mbox{\isa{\isacommand{print{\isacharunderscore}classes}}}}] print a list of all classes
  6.1311 +      together with associated operations etc.
  6.1312 +
  6.1313 +    \item[\hyperlink{command.class-deps}{\mbox{\isa{\isacommand{class{\isacharunderscore}deps}}}}] visualizes the subclass relation
  6.1314 +      between all classes as a Hasse diagram.
  6.1315 +
  6.1316 +  \end{description}%
  6.1317 +\end{isamarkuptext}%
  6.1318 +\isamarkuptrue%
  6.1319 +%
  6.1320 +\isadelimtheory
  6.1321 +%
  6.1322 +\endisadelimtheory
  6.1323 +%
  6.1324 +\isatagtheory
  6.1325 +\isacommand{end}\isamarkupfalse%
  6.1326 +%
  6.1327 +\endisatagtheory
  6.1328 +{\isafoldtheory}%
  6.1329 +%
  6.1330 +\isadelimtheory
  6.1331 +%
  6.1332 +\endisadelimtheory
  6.1333 +\isanewline
  6.1334 +\end{isabellebody}%
  6.1335 +%%% Local Variables:
  6.1336 +%%% mode: latex
  6.1337 +%%% TeX-master: "root"
  6.1338 +%%% End:
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/doc-src/Classes/classes.tex	Tue Mar 03 19:21:10 2009 +0100
     7.3 @@ -0,0 +1,50 @@
     7.4 +
     7.5 +\documentclass[12pt,a4paper,fleqn]{article}
     7.6 +\usepackage{latexsym,graphicx}
     7.7 +\usepackage[refpage]{nomencl}
     7.8 +\usepackage{../iman,../extra,../isar,../proof}
     7.9 +\usepackage{../isabelle,../isabellesym}
    7.10 +\usepackage{style}
    7.11 +\usepackage{../pdfsetup}
    7.12 +
    7.13 +
    7.14 +\hyphenation{Isabelle}
    7.15 +\hyphenation{Isar}
    7.16 +\isadroptag{theory}
    7.17 +
    7.18 +\title{\includegraphics[scale=0.5]{isabelle_isar}
    7.19 +  \\[4ex] Haskell-style type classes with Isabelle/Isar}
    7.20 +\author{\emph{Florian Haftmann}}
    7.21 +
    7.22 +\begin{document}
    7.23 +
    7.24 +\maketitle
    7.25 +
    7.26 +\begin{abstract}
    7.27 +  \noindent This tutorial introduces the look-and-feel of Isar type classes
    7.28 +  to the end-user; Isar type classes are a convenient mechanism
    7.29 +  for organizing specifications, overcoming some drawbacks
    7.30 +  of raw axiomatic type classes. Essentially, they combine
    7.31 +  an operational aspect (in the manner of Haskell) with
    7.32 +  a logical aspect, both managed uniformly.
    7.33 +\end{abstract}
    7.34 +
    7.35 +\thispagestyle{empty}\clearpage
    7.36 +
    7.37 +\pagenumbering{roman}
    7.38 +\clearfirst
    7.39 +
    7.40 +\input{Thy/document/Classes.tex}
    7.41 +
    7.42 +\begingroup
    7.43 +\bibliographystyle{plain} \small\raggedright\frenchspacing
    7.44 +\bibliography{../manual}
    7.45 +\endgroup
    7.46 +
    7.47 +\end{document}
    7.48 +
    7.49 +
    7.50 +%%% Local Variables: 
    7.51 +%%% mode: latex
    7.52 +%%% TeX-master: t
    7.53 +%%% End: 
     8.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.2 +++ b/doc-src/Classes/style.sty	Tue Mar 03 19:21:10 2009 +0100
     8.3 @@ -0,0 +1,48 @@
     8.4 +
     8.5 +%% toc
     8.6 +\newcommand{\tocentry}[1]{\cleardoublepage\phantomsection\addcontentsline{toc}{chapter}{#1}
     8.7 +\@mkboth{\MakeUppercase{#1}}{\MakeUppercase{#1}}}
     8.8 +
     8.9 +%% paragraphs
    8.10 +\setlength{\parindent}{1em}
    8.11 +
    8.12 +%% references
    8.13 +\newcommand{\secref}[1]{\S\ref{#1}}
    8.14 +\newcommand{\figref}[1]{figure~\ref{#1}}
    8.15 +
    8.16 +%% logical markup
    8.17 +\newcommand{\strong}[1]{{\bfseries {#1}}}
    8.18 +\newcommand{\qn}[1]{\emph{#1}}
    8.19 +
    8.20 +%% typographic conventions
    8.21 +\newcommand{\qt}[1]{``{#1}''}
    8.22 +
    8.23 +%% verbatim text
    8.24 +\newcommand{\isatypewriter}{\fontsize{9pt}{0pt}\tt\renewcommand{\baselinestretch}{1}\setlength{\baselineskip}{9pt}}
    8.25 +
    8.26 +%% quote environment
    8.27 +\isakeeptag{quote}
    8.28 +\renewenvironment{quote}
    8.29 +  {\list{}{\leftmargin2em\rightmargin0pt}\parindent0pt\parskip0pt\item\relax}
    8.30 +  {\endlist}
    8.31 +\renewcommand{\isatagquote}{\begin{quote}}
    8.32 +\renewcommand{\endisatagquote}{\end{quote}}
    8.33 +\newcommand{\quotebreak}{\\[1.2ex]}
    8.34 +
    8.35 +%% presentation
    8.36 +\setcounter{secnumdepth}{2} \setcounter{tocdepth}{2}
    8.37 +
    8.38 +%% character detail
    8.39 +\renewcommand{\isadigit}[1]{\isamath{#1}}
    8.40 +\binperiod
    8.41 +\underscoreoff
    8.42 +
    8.43 +%% format
    8.44 +\pagestyle{headings}
    8.45 +\isabellestyle{it}
    8.46 +
    8.47 +
    8.48 +%%% Local Variables: 
    8.49 +%%% mode: latex
    8.50 +%%% TeX-master: "implementation"
    8.51 +%%% End: 
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/doc-src/Codegen/IsaMakefile	Tue Mar 03 19:21:10 2009 +0100
     9.3 @@ -0,0 +1,33 @@
     9.4 +
     9.5 +## targets
     9.6 +
     9.7 +default: Thy
     9.8 +images: 
     9.9 +test: Thy
    9.10 +
    9.11 +all: images test
    9.12 +
    9.13 +
    9.14 +## global settings
    9.15 +
    9.16 +SRC = $(ISABELLE_HOME)/src
    9.17 +OUT = $(ISABELLE_OUTPUT)
    9.18 +LOG = $(OUT)/log
    9.19 +
    9.20 +USEDIR = $(ISABELLE_TOOL) usedir -v true -i false -d false -C false -D document
    9.21 +
    9.22 +
    9.23 +## Thy
    9.24 +
    9.25 +THY = $(LOG)/HOL-Thy.gz
    9.26 +
    9.27 +Thy: $(THY)
    9.28 +
    9.29 +$(THY): Thy/ROOT.ML Thy/*.thy ../antiquote_setup.ML ../more_antiquote.ML
    9.30 +	@$(USEDIR) HOL Thy
    9.31 +
    9.32 +
    9.33 +## clean
    9.34 +
    9.35 +clean:
    9.36 +	@rm -f $(THY)
    10.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.2 +++ b/doc-src/Codegen/Makefile	Tue Mar 03 19:21:10 2009 +0100
    10.3 @@ -0,0 +1,35 @@
    10.4 +
    10.5 +## targets
    10.6 +
    10.7 +default: dvi
    10.8 +
    10.9 +
   10.10 +## dependencies
   10.11 +
   10.12 +include ../Makefile.in
   10.13 +
   10.14 +NAME = codegen
   10.15 +
   10.16 +FILES = $(NAME).tex Thy/document/*.tex \
   10.17 +  style.sty ../iman.sty ../extra.sty ../isar.sty \
   10.18 +  ../isabelle.sty ../isabellesym.sty ../pdfsetup.sty \
   10.19 +  ../manual.bib ../proof.sty
   10.20 +
   10.21 +dvi: $(NAME).dvi
   10.22 +
   10.23 +$(NAME).dvi: $(FILES) isabelle_isar.eps codegen_process.ps
   10.24 +	$(LATEX) $(NAME)
   10.25 +	$(BIBTEX) $(NAME)
   10.26 +	$(LATEX) $(NAME)
   10.27 +	$(LATEX) $(NAME)
   10.28 +
   10.29 +pdf: $(NAME).pdf
   10.30 +
   10.31 +$(NAME).pdf: $(FILES) isabelle_isar.pdf codegen_process.pdf
   10.32 +	$(PDFLATEX) $(NAME)
   10.33 +	$(BIBTEX) $(NAME)
   10.34 +	$(PDFLATEX) $(NAME)
   10.35 +	$(PDFLATEX) $(NAME)
   10.36 +	$(FIXBOOKMARKS) $(NAME).out
   10.37 +	$(PDFLATEX) $(NAME)
   10.38 +	$(PDFLATEX) $(NAME)
    11.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.2 +++ b/doc-src/Codegen/Thy/Adaption.thy	Tue Mar 03 19:21:10 2009 +0100
    11.3 @@ -0,0 +1,360 @@
    11.4 +theory Adaption
    11.5 +imports Setup
    11.6 +begin
    11.7 +
    11.8 +setup %invisible {* Code_Target.extend_target ("\<SML>", ("SML", K I)) *}
    11.9 +
   11.10 +section {* Adaption to target languages \label{sec:adaption} *}
   11.11 +
   11.12 +subsection {* Adapting code generation *}
   11.13 +
   11.14 +text {*
   11.15 +  The aspects of code generation introduced so far have two aspects
   11.16 +  in common:
   11.17 +
   11.18 +  \begin{itemize}
   11.19 +    \item They act uniformly, without reference to a specific
   11.20 +       target language.
   11.21 +    \item They are \emph{safe} in the sense that as long as you trust
   11.22 +       the code generator meta theory and implementation, you cannot
   11.23 +       produce programs that yield results which are not derivable
   11.24 +       in the logic.
   11.25 +  \end{itemize}
   11.26 +
   11.27 +  \noindent In this section we will introduce means to \emph{adapt} the serialiser
   11.28 +  to a specific target language, i.e.~to print program fragments
   11.29 +  in a way which accommodates \qt{already existing} ingredients of
   11.30 +  a target language environment, for three reasons:
   11.31 +
   11.32 +  \begin{itemize}
   11.33 +    \item improving readability and aesthetics of generated code
   11.34 +    \item gaining efficiency
   11.35 +    \item interface with language parts which have no direct counterpart
   11.36 +      in @{text "HOL"} (say, imperative data structures)
   11.37 +  \end{itemize}
   11.38 +
   11.39 +  \noindent Generally, you should avoid using those features yourself
   11.40 +  \emph{at any cost}:
   11.41 +
   11.42 +  \begin{itemize}
   11.43 +    \item The safe configuration methods act uniformly on every target language,
   11.44 +      whereas for adaption you have to treat each target language separate.
   11.45 +    \item Application is extremely tedious since there is no abstraction
   11.46 +      which would allow for a static check, making it easy to produce garbage.
   11.47 +    \item More or less subtle errors can be introduced unconsciously.
   11.48 +  \end{itemize}
   11.49 +
   11.50 +  \noindent However, even if you ought refrain from setting up adaption
   11.51 +  yourself, already the @{text "HOL"} comes with some reasonable default
   11.52 +  adaptions (say, using target language list syntax).  There also some
   11.53 +  common adaption cases which you can setup by importing particular
   11.54 +  library theories.  In order to understand these, we provide some clues here;
   11.55 +  these however are not supposed to replace a careful study of the sources.
   11.56 +*}
   11.57 +
   11.58 +subsection {* The adaption principle *}
   11.59 +
   11.60 +text {*
   11.61 +  The following figure illustrates what \qt{adaption} is conceptually
   11.62 +  supposed to be:
   11.63 +
   11.64 +  \begin{figure}[here]
   11.65 +    \begin{tikzpicture}[scale = 0.5]
   11.66 +      \tikzstyle water=[color = blue, thick]
   11.67 +      \tikzstyle ice=[color = black, very thick, cap = round, join = round, fill = white]
   11.68 +      \tikzstyle process=[color = green, semithick, ->]
   11.69 +      \tikzstyle adaption=[color = red, semithick, ->]
   11.70 +      \tikzstyle target=[color = black]
   11.71 +      \foreach \x in {0, ..., 24}
   11.72 +        \draw[style=water] (\x, 0.25) sin + (0.25, 0.25) cos + (0.25, -0.25) sin
   11.73 +          + (0.25, -0.25) cos + (0.25, 0.25);
   11.74 +      \draw[style=ice] (1, 0) --
   11.75 +        (3, 6) node[above, fill=white] {logic} -- (5, 0) -- cycle;
   11.76 +      \draw[style=ice] (9, 0) --
   11.77 +        (11, 6) node[above, fill=white] {intermediate language} -- (13, 0) -- cycle;
   11.78 +      \draw[style=ice] (15, -6) --
   11.79 +        (19, 6) node[above, fill=white] {target language} -- (23, -6) -- cycle;
   11.80 +      \draw[style=process]
   11.81 +        (3.5, 3) .. controls (7, 5) .. node[fill=white] {translation} (10.5, 3);
   11.82 +      \draw[style=process]
   11.83 +        (11.5, 3) .. controls (15, 5) .. node[fill=white] (serialisation) {serialisation} (18.5, 3);
   11.84 +      \node (adaption) at (11, -2) [style=adaption] {adaption};
   11.85 +      \node at (19, 3) [rotate=90] {generated};
   11.86 +      \node at (19.5, -5) {language};
   11.87 +      \node at (19.5, -3) {library};
   11.88 +      \node (includes) at (19.5, -1) {includes};
   11.89 +      \node (reserved) at (16.5, -3) [rotate=72] {reserved}; % proper 71.57
   11.90 +      \draw[style=process]
   11.91 +        (includes) -- (serialisation);
   11.92 +      \draw[style=process]
   11.93 +        (reserved) -- (serialisation);
   11.94 +      \draw[style=adaption]
   11.95 +        (adaption) -- (serialisation);
   11.96 +      \draw[style=adaption]
   11.97 +        (adaption) -- (includes);
   11.98 +      \draw[style=adaption]
   11.99 +        (adaption) -- (reserved);
  11.100 +    \end{tikzpicture}
  11.101 +    \caption{The adaption principle}
  11.102 +    \label{fig:adaption}
  11.103 +  \end{figure}
  11.104 +
  11.105 +  \noindent In the tame view, code generation acts as broker between
  11.106 +  @{text logic}, @{text "intermediate language"} and
  11.107 +  @{text "target language"} by means of @{text translation} and
  11.108 +  @{text serialisation};  for the latter, the serialiser has to observe
  11.109 +  the structure of the @{text language} itself plus some @{text reserved}
  11.110 +  keywords which have to be avoided for generated code.
  11.111 +  However, if you consider @{text adaption} mechanisms, the code generated
  11.112 +  by the serializer is just the tip of the iceberg:
  11.113 +
  11.114 +  \begin{itemize}
  11.115 +    \item @{text serialisation} can be \emph{parametrised} such that
  11.116 +      logical entities are mapped to target-specific ones
  11.117 +      (e.g. target-specific list syntax,
  11.118 +        see also \secref{sec:adaption_mechanisms})
  11.119 +    \item Such parametrisations can involve references to a
  11.120 +      target-specific standard @{text library} (e.g. using
  11.121 +      the @{text Haskell} @{verbatim Maybe} type instead
  11.122 +      of the @{text HOL} @{type "option"} type);
  11.123 +      if such are used, the corresponding identifiers
  11.124 +      (in our example, @{verbatim Maybe}, @{verbatim Nothing}
  11.125 +      and @{verbatim Just}) also have to be considered @{text reserved}.
  11.126 +    \item Even more, the user can enrich the library of the
  11.127 +      target-language by providing code snippets
  11.128 +      (\qt{@{text "includes"}}) which are prepended to
  11.129 +      any generated code (see \secref{sec:include});  this typically
  11.130 +      also involves further @{text reserved} identifiers.
  11.131 +  \end{itemize}
  11.132 +
  11.133 +  \noindent As figure \ref{fig:adaption} illustrates, all these adaption mechanisms
  11.134 +  have to act consistently;  it is at the discretion of the user
  11.135 +  to take care for this.
  11.136 +*}
  11.137 +
  11.138 +subsection {* Common adaption patterns *}
  11.139 +
  11.140 +text {*
  11.141 +  The @{theory HOL} @{theory Main} theory already provides a code
  11.142 +  generator setup
  11.143 +  which should be suitable for most applications.  Common extensions
  11.144 +  and modifications are available by certain theories of the @{text HOL}
  11.145 +  library; beside being useful in applications, they may serve
  11.146 +  as a tutorial for customising the code generator setup (see below
  11.147 +  \secref{sec:adaption_mechanisms}).
  11.148 +
  11.149 +  \begin{description}
  11.150 +
  11.151 +    \item[@{theory "Code_Integer"}] represents @{text HOL} integers by big
  11.152 +       integer literals in target languages.
  11.153 +    \item[@{theory "Code_Char"}] represents @{text HOL} characters by 
  11.154 +       character literals in target languages.
  11.155 +    \item[@{theory "Code_Char_chr"}] like @{text "Code_Char"},
  11.156 +       but also offers treatment of character codes; includes
  11.157 +       @{theory "Code_Char"}.
  11.158 +    \item[@{theory "Efficient_Nat"}] \label{eff_nat} implements natural numbers by integers,
  11.159 +       which in general will result in higher efficiency; pattern
  11.160 +       matching with @{term "0\<Colon>nat"} / @{const "Suc"}
  11.161 +       is eliminated;  includes @{theory "Code_Integer"}
  11.162 +       and @{theory "Code_Index"}.
  11.163 +    \item[@{theory "Code_Index"}] provides an additional datatype
  11.164 +       @{typ index} which is mapped to target-language built-in integers.
  11.165 +       Useful for code setups which involve e.g. indexing of
  11.166 +       target-language arrays.
  11.167 +    \item[@{theory "Code_Message"}] provides an additional datatype
  11.168 +       @{typ message_string} which is isomorphic to strings;
  11.169 +       @{typ message_string}s are mapped to target-language strings.
  11.170 +       Useful for code setups which involve e.g. printing (error) messages.
  11.171 +
  11.172 +  \end{description}
  11.173 +
  11.174 +  \begin{warn}
  11.175 +    When importing any of these theories, they should form the last
  11.176 +    items in an import list.  Since these theories adapt the
  11.177 +    code generator setup in a non-conservative fashion,
  11.178 +    strange effects may occur otherwise.
  11.179 +  \end{warn}
  11.180 +*}
  11.181 +
  11.182 +
  11.183 +subsection {* Parametrising serialisation \label{sec:adaption_mechanisms} *}
  11.184 +
  11.185 +text {*
  11.186 +  Consider the following function and its corresponding
  11.187 +  SML code:
  11.188 +*}
  11.189 +
  11.190 +primrec %quote in_interval :: "nat \<times> nat \<Rightarrow> nat \<Rightarrow> bool" where
  11.191 +  "in_interval (k, l) n \<longleftrightarrow> k \<le> n \<and> n \<le> l"
  11.192 +(*<*)
  11.193 +code_type %invisible bool
  11.194 +  (SML)
  11.195 +code_const %invisible True and False and "op \<and>" and Not
  11.196 +  (SML and and and)
  11.197 +(*>*)
  11.198 +text %quote {*@{code_stmts in_interval (SML)}*}
  11.199 +
  11.200 +text {*
  11.201 +  \noindent Though this is correct code, it is a little bit unsatisfactory:
  11.202 +  boolean values and operators are materialised as distinguished
  11.203 +  entities with have nothing to do with the SML-built-in notion
  11.204 +  of \qt{bool}.  This results in less readable code;
  11.205 +  additionally, eager evaluation may cause programs to
  11.206 +  loop or break which would perfectly terminate when
  11.207 +  the existing SML @{verbatim "bool"} would be used.  To map
  11.208 +  the HOL @{typ bool} on SML @{verbatim "bool"}, we may use
  11.209 +  \qn{custom serialisations}:
  11.210 +*}
  11.211 +
  11.212 +code_type %quotett bool
  11.213 +  (SML "bool")
  11.214 +code_const %quotett True and False and "op \<and>"
  11.215 +  (SML "true" and "false" and "_ andalso _")
  11.216 +
  11.217 +text {*
  11.218 +  \noindent The @{command code_type} command takes a type constructor
  11.219 +  as arguments together with a list of custom serialisations.
  11.220 +  Each custom serialisation starts with a target language
  11.221 +  identifier followed by an expression, which during
  11.222 +  code serialisation is inserted whenever the type constructor
  11.223 +  would occur.  For constants, @{command code_const} implements
  11.224 +  the corresponding mechanism.  Each ``@{verbatim "_"}'' in
  11.225 +  a serialisation expression is treated as a placeholder
  11.226 +  for the type constructor's (the constant's) arguments.
  11.227 +*}
  11.228 +
  11.229 +text %quote {*@{code_stmts in_interval (SML)}*}
  11.230 +
  11.231 +text {*
  11.232 +  \noindent This still is not perfect: the parentheses
  11.233 +  around the \qt{andalso} expression are superfluous.
  11.234 +  Though the serialiser
  11.235 +  by no means attempts to imitate the rich Isabelle syntax
  11.236 +  framework, it provides some common idioms, notably
  11.237 +  associative infixes with precedences which may be used here:
  11.238 +*}
  11.239 +
  11.240 +code_const %quotett "op \<and>"
  11.241 +  (SML infixl 1 "andalso")
  11.242 +
  11.243 +text %quote {*@{code_stmts in_interval (SML)}*}
  11.244 +
  11.245 +text {*
  11.246 +  \noindent The attentive reader may ask how we assert that no generated
  11.247 +  code will accidentally overwrite.  For this reason the serialiser has
  11.248 +  an internal table of identifiers which have to be avoided to be used
  11.249 +  for new declarations.  Initially, this table typically contains the
  11.250 +  keywords of the target language.  It can be extended manually, thus avoiding
  11.251 +  accidental overwrites, using the @{command "code_reserved"} command:
  11.252 +*}
  11.253 +
  11.254 +code_reserved %quote "\<SML>" bool true false andalso
  11.255 +
  11.256 +text {*
  11.257 +  \noindent Next, we try to map HOL pairs to SML pairs, using the
  11.258 +  infix ``@{verbatim "*"}'' type constructor and parentheses:
  11.259 +*}
  11.260 +(*<*)
  11.261 +code_type %invisible *
  11.262 +  (SML)
  11.263 +code_const %invisible Pair
  11.264 +  (SML)
  11.265 +(*>*)
  11.266 +code_type %quotett *
  11.267 +  (SML infix 2 "*")
  11.268 +code_const %quotett Pair
  11.269 +  (SML "!((_),/ (_))")
  11.270 +
  11.271 +text {*
  11.272 +  \noindent The initial bang ``@{verbatim "!"}'' tells the serialiser
  11.273 +  never to put
  11.274 +  parentheses around the whole expression (they are already present),
  11.275 +  while the parentheses around argument place holders
  11.276 +  tell not to put parentheses around the arguments.
  11.277 +  The slash ``@{verbatim "/"}'' (followed by arbitrary white space)
  11.278 +  inserts a space which may be used as a break if necessary
  11.279 +  during pretty printing.
  11.280 +
  11.281 +  These examples give a glimpse what mechanisms
  11.282 +  custom serialisations provide; however their usage
  11.283 +  requires careful thinking in order not to introduce
  11.284 +  inconsistencies -- or, in other words:
  11.285 +  custom serialisations are completely axiomatic.
  11.286 +
  11.287 +  A further noteworthy details is that any special
  11.288 +  character in a custom serialisation may be quoted
  11.289 +  using ``@{verbatim "'"}''; thus, in
  11.290 +  ``@{verbatim "fn '_ => _"}'' the first
  11.291 +  ``@{verbatim "_"}'' is a proper underscore while the
  11.292 +  second ``@{verbatim "_"}'' is a placeholder.
  11.293 +*}
  11.294 +
  11.295 +
  11.296 +subsection {* @{text Haskell} serialisation *}
  11.297 +
  11.298 +text {*
  11.299 +  For convenience, the default
  11.300 +  @{text HOL} setup for @{text Haskell} maps the @{class eq} class to
  11.301 +  its counterpart in @{text Haskell}, giving custom serialisations
  11.302 +  for the class @{class eq} (by command @{command code_class}) and its operation
  11.303 +  @{const HOL.eq}
  11.304 +*}
  11.305 +
  11.306 +code_class %quotett eq
  11.307 +  (Haskell "Eq")
  11.308 +
  11.309 +code_const %quotett "op ="
  11.310 +  (Haskell infixl 4 "==")
  11.311 +
  11.312 +text {*
  11.313 +  \noindent A problem now occurs whenever a type which
  11.314 +  is an instance of @{class eq} in @{text HOL} is mapped
  11.315 +  on a @{text Haskell}-built-in type which is also an instance
  11.316 +  of @{text Haskell} @{text Eq}:
  11.317 +*}
  11.318 +
  11.319 +typedecl %quote bar
  11.320 +
  11.321 +instantiation %quote bar :: eq
  11.322 +begin
  11.323 +
  11.324 +definition %quote "eq_class.eq (x\<Colon>bar) y \<longleftrightarrow> x = y"
  11.325 +
  11.326 +instance %quote by default (simp add: eq_bar_def)
  11.327 +
  11.328 +end %quote
  11.329 +code_type %quotett bar
  11.330 +  (Haskell "Integer")
  11.331 +
  11.332 +text {*
  11.333 +  \noindent The code generator would produce
  11.334 +  an additional instance, which of course is rejected by the @{text Haskell}
  11.335 +  compiler.
  11.336 +  To suppress this additional instance, use
  11.337 +  @{text "code_instance"}:
  11.338 +*}
  11.339 +
  11.340 +code_instance %quotett bar :: eq
  11.341 +  (Haskell -)
  11.342 +
  11.343 +
  11.344 +subsection {* Enhancing the target language context \label{sec:include} *}
  11.345 +
  11.346 +text {*
  11.347 +  In rare cases it is necessary to \emph{enrich} the context of a
  11.348 +  target language;  this is accomplished using the @{command "code_include"}
  11.349 +  command:
  11.350 +*}
  11.351 +
  11.352 +code_include %quotett Haskell "Errno"
  11.353 +{*errno i = error ("Error number: " ++ show i)*}
  11.354 +
  11.355 +code_reserved %quotett Haskell Errno
  11.356 +
  11.357 +text {*
  11.358 +  \noindent Such named @{text include}s are then prepended to every generated code.
  11.359 +  Inspect such code in order to find out how @{command "code_include"} behaves
  11.360 +  with respect to a particular target language.
  11.361 +*}
  11.362 +
  11.363 +end
    12.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    12.2 +++ b/doc-src/Codegen/Thy/Further.thy	Tue Mar 03 19:21:10 2009 +0100
    12.3 @@ -0,0 +1,112 @@
    12.4 +theory Further
    12.5 +imports Setup
    12.6 +begin
    12.7 +
    12.8 +section {* Further issues \label{sec:further} *}
    12.9 +
   12.10 +subsection {* Further reading *}
   12.11 +
   12.12 +text {*
   12.13 +  Do dive deeper into the issue of code generation, you should visit
   12.14 +  the Isabelle/Isar Reference Manual \cite{isabelle-isar-ref} which
   12.15 +  contains exhaustive syntax diagrams.
   12.16 +*}
   12.17 +
   12.18 +subsection {* Modules *}
   12.19 +
   12.20 +text {*
   12.21 +  When invoking the @{command export_code} command it is possible to leave
   12.22 +  out the @{keyword "module_name"} part;  then code is distributed over
   12.23 +  different modules, where the module name space roughly is induced
   12.24 +  by the @{text Isabelle} theory name space.
   12.25 +
   12.26 +  Then sometimes the awkward situation occurs that dependencies between
   12.27 +  definitions introduce cyclic dependencies between modules, which in the
   12.28 +  @{text Haskell} world leaves you to the mercy of the @{text Haskell} implementation
   12.29 +  you are using,  while for @{text SML}/@{text OCaml} code generation is not possible.
   12.30 +
   12.31 +  A solution is to declare module names explicitly.
   12.32 +  Let use assume the three cyclically dependent
   12.33 +  modules are named \emph{A}, \emph{B} and \emph{C}.
   12.34 +  Then, by stating
   12.35 +*}
   12.36 +
   12.37 +code_modulename %quote SML
   12.38 +  A ABC
   12.39 +  B ABC
   12.40 +  C ABC
   12.41 +
   12.42 +text {*
   12.43 +  we explicitly map all those modules on \emph{ABC},
   12.44 +  resulting in an ad-hoc merge of this three modules
   12.45 +  at serialisation time.
   12.46 +*}
   12.47 +
   12.48 +subsection {* Evaluation oracle *}
   12.49 +
   12.50 +text {*
   12.51 +  Code generation may also be used to \emph{evaluate} expressions
   12.52 +  (using @{text SML} as target language of course).
   12.53 +  For instance, the @{command value} allows to reduce an expression to a
   12.54 +  normal form with respect to the underlying code equations:
   12.55 +*}
   12.56 +
   12.57 +value %quote "42 / (12 :: rat)"
   12.58 +
   12.59 +text {*
   12.60 +  \noindent will display @{term "7 / (2 :: rat)"}.
   12.61 +
   12.62 +  The @{method eval} method tries to reduce a goal by code generation to @{term True}
   12.63 +  and solves it in that case, but fails otherwise:
   12.64 +*}
   12.65 +
   12.66 +lemma %quote "42 / (12 :: rat) = 7 / 2"
   12.67 +  by %quote eval
   12.68 +
   12.69 +text {*
   12.70 +  \noindent The soundness of the @{method eval} method depends crucially 
   12.71 +  on the correctness of the code generator;  this is one of the reasons
   12.72 +  why you should not use adaption (see \secref{sec:adaption}) frivolously.
   12.73 +*}
   12.74 +
   12.75 +subsection {* Code antiquotation *}
   12.76 +
   12.77 +text {*
   12.78 +  In scenarios involving techniques like reflection it is quite common
   12.79 +  that code generated from a theory forms the basis for implementing
   12.80 +  a proof procedure in @{text SML}.  To facilitate interfacing of generated code
   12.81 +  with system code, the code generator provides a @{text code} antiquotation:
   12.82 +*}
   12.83 +
   12.84 +datatype %quote form = T | F | And form form | Or form form
   12.85 +ML %quotett {*
   12.86 +  fun eval_form @{code T} = true
   12.87 +    | eval_form @{code F} = false
   12.88 +    | eval_form (@{code And} (p, q)) =
   12.89 +        eval_form p andalso eval_form q
   12.90 +    | eval_form (@{code Or} (p, q)) =
   12.91 +        eval_form p orelse eval_form q;
   12.92 +*}
   12.93 +
   12.94 +text {*
   12.95 +  \noindent @{text code} takes as argument the name of a constant;  after the
   12.96 +  whole @{text SML} is read, the necessary code is generated transparently
   12.97 +  and the corresponding constant names are inserted.  This technique also
   12.98 +  allows to use pattern matching on constructors stemming from compiled
   12.99 +  @{text datatypes}.
  12.100 +
  12.101 +  For a less simplistic example, theory @{theory Ferrack} is
  12.102 +  a good reference.
  12.103 +*}
  12.104 +
  12.105 +subsection {* Imperative data structures *}
  12.106 +
  12.107 +text {*
  12.108 +  If you consider imperative data structures as inevitable for a specific
  12.109 +  application, you should consider
  12.110 +  \emph{Imperative Functional Programming with Isabelle/HOL}
  12.111 +  (\cite{bulwahn-et-al:2008:imperative});
  12.112 +  the framework described there is available in theory @{theory Imperative_HOL}.
  12.113 +*}
  12.114 +
  12.115 +end
    13.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.2 +++ b/doc-src/Codegen/Thy/Introduction.thy	Tue Mar 03 19:21:10 2009 +0100
    13.3 @@ -0,0 +1,204 @@
    13.4 +theory Introduction
    13.5 +imports Setup
    13.6 +begin
    13.7 +
    13.8 +section {* Introduction and Overview *}
    13.9 +
   13.10 +text {*
   13.11 +  This tutorial introduces a generic code generator for the
   13.12 +  @{text Isabelle} system.
   13.13 +  Generic in the sense that the
   13.14 +  \qn{target language} for which code shall ultimately be
   13.15 +  generated is not fixed but may be an arbitrary state-of-the-art
   13.16 +  functional programming language (currently, the implementation
   13.17 +  supports @{text SML} \cite{SML}, @{text OCaml} \cite{OCaml} and @{text Haskell}
   13.18 +  \cite{haskell-revised-report}).
   13.19 +
   13.20 +  Conceptually the code generator framework is part
   13.21 +  of Isabelle's @{theory Pure} meta logic framework; the logic
   13.22 +  @{theory HOL} which is an extension of @{theory Pure}
   13.23 +  already comes with a reasonable framework setup and thus provides
   13.24 +  a good working horse for raising code-generation-driven
   13.25 +  applications.  So, we assume some familiarity and experience
   13.26 +  with the ingredients of the @{theory HOL} distribution theories.
   13.27 +  (see also \cite{isa-tutorial}).
   13.28 +
   13.29 +  The code generator aims to be usable with no further ado
   13.30 +  in most cases while allowing for detailed customisation.
   13.31 +  This manifests in the structure of this tutorial: after a short
   13.32 +  conceptual introduction with an example (\secref{sec:intro}),
   13.33 +  we discuss the generic customisation facilities (\secref{sec:program}).
   13.34 +  A further section (\secref{sec:adaption}) is dedicated to the matter of
   13.35 +  \qn{adaption} to specific target language environments.  After some
   13.36 +  further issues (\secref{sec:further}) we conclude with an overview
   13.37 +  of some ML programming interfaces (\secref{sec:ml}).
   13.38 +
   13.39 +  \begin{warn}
   13.40 +    Ultimately, the code generator which this tutorial deals with
   13.41 +    is supposed to replace the existing code generator
   13.42 +    by Stefan Berghofer \cite{Berghofer-Nipkow:2002}.
   13.43 +    So, for the moment, there are two distinct code generators
   13.44 +    in Isabelle.  In case of ambiguity, we will refer to the framework
   13.45 +    described here as @{text "generic code generator"}, to the
   13.46 +    other as @{text "SML code generator"}.
   13.47 +    Also note that while the framework itself is
   13.48 +    object-logic independent, only @{theory HOL} provides a reasonable
   13.49 +    framework setup.    
   13.50 +  \end{warn}
   13.51 +
   13.52 +*}
   13.53 +
   13.54 +subsection {* Code generation via shallow embedding \label{sec:intro} *}
   13.55 +
   13.56 +text {*
   13.57 +  The key concept for understanding @{text Isabelle}'s code generation is
   13.58 +  \emph{shallow embedding}, i.e.~logical entities like constants, types and
   13.59 +  classes are identified with corresponding concepts in the target language.
   13.60 +
   13.61 +  Inside @{theory HOL}, the @{command datatype} and
   13.62 +  @{command definition}/@{command primrec}/@{command fun} declarations form
   13.63 +  the core of a functional programming language.  The default code generator setup
   13.64 +  allows to turn those into functional programs immediately.
   13.65 +  This means that \qt{naive} code generation can proceed without further ado.
   13.66 +  For example, here a simple \qt{implementation} of amortised queues:
   13.67 +*}
   13.68 +
   13.69 +datatype %quote 'a queue = AQueue "'a list" "'a list"
   13.70 +
   13.71 +definition %quote empty :: "'a queue" where
   13.72 +  "empty = AQueue [] []"
   13.73 +
   13.74 +primrec %quote enqueue :: "'a \<Rightarrow> 'a queue \<Rightarrow> 'a queue" where
   13.75 +  "enqueue x (AQueue xs ys) = AQueue (x # xs) ys"
   13.76 +
   13.77 +fun %quote dequeue :: "'a queue \<Rightarrow> 'a option \<times> 'a queue" where
   13.78 +    "dequeue (AQueue [] []) = (None, AQueue [] [])"
   13.79 +  | "dequeue (AQueue xs (y # ys)) = (Some y, AQueue xs ys)"
   13.80 +  | "dequeue (AQueue xs []) =
   13.81 +      (case rev xs of y # ys \<Rightarrow> (Some y, AQueue [] ys))"
   13.82 +
   13.83 +text {* \noindent Then we can generate code e.g.~for @{text SML} as follows: *}
   13.84 +
   13.85 +export_code %quote empty dequeue enqueue in SML
   13.86 +  module_name Example file "examples/example.ML"
   13.87 +
   13.88 +text {* \noindent resulting in the following code: *}
   13.89 +
   13.90 +text %quote {*@{code_stmts empty enqueue dequeue (SML)}*}
   13.91 +
   13.92 +text {*
   13.93 +  \noindent The @{command export_code} command takes a space-separated list of
   13.94 +  constants for which code shall be generated;  anything else needed for those
   13.95 +  is added implicitly.  Then follows a target language identifier
   13.96 +  (@{text SML}, @{text OCaml} or @{text Haskell}) and a freely chosen module name.
   13.97 +  A file name denotes the destination to store the generated code.  Note that
   13.98 +  the semantics of the destination depends on the target language:  for
   13.99 +  @{text SML} and @{text OCaml} it denotes a \emph{file}, for @{text Haskell}
  13.100 +  it denotes a \emph{directory} where a file named as the module name
  13.101 +  (with extension @{text ".hs"}) is written:
  13.102 +*}
  13.103 +
  13.104 +export_code %quote empty dequeue enqueue in Haskell
  13.105 +  module_name Example file "examples/"
  13.106 +
  13.107 +text {*
  13.108 +  \noindent This is how the corresponding code in @{text Haskell} looks like:
  13.109 +*}
  13.110 +
  13.111 +text %quote {*@{code_stmts empty enqueue dequeue (Haskell)}*}
  13.112 +
  13.113 +text {*
  13.114 +  \noindent This demonstrates the basic usage of the @{command export_code} command;
  13.115 +  for more details see \secref{sec:further}.
  13.116 +*}
  13.117 +
  13.118 +subsection {* Code generator architecture \label{sec:concept} *}
  13.119 +
  13.120 +text {*
  13.121 +  What you have seen so far should be already enough in a lot of cases.  If you
  13.122 +  are content with this, you can quit reading here.  Anyway, in order to customise
  13.123 +  and adapt the code generator, it is inevitable to gain some understanding
  13.124 +  how it works.
  13.125 +
  13.126 +  \begin{figure}[h]
  13.127 +    \begin{tikzpicture}[x = 4.2cm, y = 1cm]
  13.128 +      \tikzstyle entity=[rounded corners, draw, thick, color = black, fill = white];
  13.129 +      \tikzstyle process=[ellipse, draw, thick, color = green, fill = white];
  13.130 +      \tikzstyle process_arrow=[->, semithick, color = green];
  13.131 +      \node (HOL) at (0, 4) [style=entity] {@{text "Isabelle/HOL"} theory};
  13.132 +      \node (eqn) at (2, 2) [style=entity] {code equations};
  13.133 +      \node (iml) at (2, 0) [style=entity] {intermediate language};
  13.134 +      \node (seri) at (1, 0) [style=process] {serialisation};
  13.135 +      \node (SML) at (0, 3) [style=entity] {@{text SML}};
  13.136 +      \node (OCaml) at (0, 2) [style=entity] {@{text OCaml}};
  13.137 +      \node (further) at (0, 1) [style=entity] {@{text "\<dots>"}};
  13.138 +      \node (Haskell) at (0, 0) [style=entity] {@{text Haskell}};
  13.139 +      \draw [style=process_arrow] (HOL) .. controls (2, 4) ..
  13.140 +        node [style=process, near start] {selection}
  13.141 +        node [style=process, near end] {preprocessing}
  13.142 +        (eqn);
  13.143 +      \draw [style=process_arrow] (eqn) -- node (transl) [style=process] {translation} (iml);
  13.144 +      \draw [style=process_arrow] (iml) -- (seri);
  13.145 +      \draw [style=process_arrow] (seri) -- (SML);
  13.146 +      \draw [style=process_arrow] (seri) -- (OCaml);
  13.147 +      \draw [style=process_arrow, dashed] (seri) -- (further);
  13.148 +      \draw [style=process_arrow] (seri) -- (Haskell);
  13.149 +    \end{tikzpicture}
  13.150 +    \caption{Code generator architecture}
  13.151 +    \label{fig:arch}
  13.152 +  \end{figure}
  13.153 +
  13.154 +  The code generator employs a notion of executability
  13.155 +  for three foundational executable ingredients known
  13.156 +  from functional programming:
  13.157 +  \emph{code equations}, \emph{datatypes}, and
  13.158 +  \emph{type classes}.  A code equation as a first approximation
  13.159 +  is a theorem of the form @{text "f t\<^isub>1 t\<^isub>2 \<dots> t\<^isub>n \<equiv> t"}
  13.160 +  (an equation headed by a constant @{text f} with arguments
  13.161 +  @{text "t\<^isub>1 t\<^isub>2 \<dots> t\<^isub>n"} and right hand side @{text t}).
  13.162 +  Code generation aims to turn code equations
  13.163 +  into a functional program.  This is achieved by three major
  13.164 +  components which operate sequentially, i.e. the result of one is
  13.165 +  the input
  13.166 +  of the next in the chain,  see diagram \ref{fig:arch}:
  13.167 +
  13.168 +  \begin{itemize}
  13.169 +
  13.170 +    \item Out of the vast collection of theorems proven in a
  13.171 +      \qn{theory}, a reasonable subset modelling
  13.172 +      code equations is \qn{selected}.
  13.173 +
  13.174 +    \item On those selected theorems, certain
  13.175 +      transformations are carried out
  13.176 +      (\qn{preprocessing}).  Their purpose is to turn theorems
  13.177 +      representing non- or badly executable
  13.178 +      specifications into equivalent but executable counterparts.
  13.179 +      The result is a structured collection of \qn{code theorems}.
  13.180 +
  13.181 +    \item Before the selected code equations are continued with,
  13.182 +      they can be \qn{preprocessed}, i.e. subjected to theorem
  13.183 +      transformations.  This \qn{preprocessor} is an interface which
  13.184 +      allows to apply
  13.185 +      the full expressiveness of ML-based theorem transformations
  13.186 +      to code generation;  motivating examples are shown below, see
  13.187 +      \secref{sec:preproc}.
  13.188 +      The result of the preprocessing step is a structured collection
  13.189 +      of code equations.
  13.190 +
  13.191 +    \item These code equations are \qn{translated} to a program
  13.192 +      in an abstract intermediate language.  Think of it as a kind
  13.193 +      of \qt{Mini-Haskell} with four \qn{statements}: @{text data}
  13.194 +      (for datatypes), @{text fun} (stemming from code equations),
  13.195 +      also @{text class} and @{text inst} (for type classes).
  13.196 +
  13.197 +    \item Finally, the abstract program is \qn{serialised} into concrete
  13.198 +      source code of a target language.
  13.199 +
  13.200 +  \end{itemize}
  13.201 +
  13.202 +  \noindent From these steps, only the two last are carried out outside the logic;  by
  13.203 +  keeping this layer as thin as possible, the amount of code to trust is
  13.204 +  kept to a minimum.
  13.205 +*}
  13.206 +
  13.207 +end
    14.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    14.2 +++ b/doc-src/Codegen/Thy/ML.thy	Tue Mar 03 19:21:10 2009 +0100
    14.3 @@ -0,0 +1,177 @@
    14.4 +theory "ML"
    14.5 +imports Setup
    14.6 +begin
    14.7 +
    14.8 +section {* ML system interfaces \label{sec:ml} *}
    14.9 +
   14.10 +text {*
   14.11 +  Since the code generator framework not only aims to provide
   14.12 +  a nice Isar interface but also to form a base for
   14.13 +  code-generation-based applications, here a short
   14.14 +  description of the most important ML interfaces.
   14.15 +*}
   14.16 +
   14.17 +subsection {* Executable theory content: @{text Code} *}
   14.18 +
   14.19 +text {*
   14.20 +  This Pure module implements the core notions of
   14.21 +  executable content of a theory.
   14.22 +*}
   14.23 +
   14.24 +subsubsection {* Managing executable content *}
   14.25 +
   14.26 +text %mlref {*
   14.27 +  \begin{mldecls}
   14.28 +  @{index_ML Code.add_eqn: "thm -> theory -> theory"} \\
   14.29 +  @{index_ML Code.del_eqn: "thm -> theory -> theory"} \\
   14.30 +  @{index_ML Code.add_eqnl: "string * (thm * bool) list lazy -> theory -> theory"} \\
   14.31 +  @{index_ML Code.map_pre: "(simpset -> simpset) -> theory -> theory"} \\
   14.32 +  @{index_ML Code.map_post: "(simpset -> simpset) -> theory -> theory"} \\
   14.33 +  @{index_ML Code.add_functrans: "string * (theory -> (thm * bool) list -> (thm * bool) list option)
   14.34 +    -> theory -> theory"} \\
   14.35 +  @{index_ML Code.del_functrans: "string -> theory -> theory"} \\
   14.36 +  @{index_ML Code.add_datatype: "(string * typ) list -> theory -> theory"} \\
   14.37 +  @{index_ML Code.get_datatype: "theory -> string
   14.38 +    -> (string * sort) list * (string * typ list) list"} \\
   14.39 +  @{index_ML Code.get_datatype_of_constr: "theory -> string -> string option"}
   14.40 +  \end{mldecls}
   14.41 +
   14.42 +  \begin{description}
   14.43 +
   14.44 +  \item @{ML Code.add_eqn}~@{text "thm"}~@{text "thy"} adds function
   14.45 +     theorem @{text "thm"} to executable content.
   14.46 +
   14.47 +  \item @{ML Code.del_eqn}~@{text "thm"}~@{text "thy"} removes function
   14.48 +     theorem @{text "thm"} from executable content, if present.
   14.49 +
   14.50 +  \item @{ML Code.add_eqnl}~@{text "(const, lthms)"}~@{text "thy"} adds
   14.51 +     suspended code equations @{text lthms} for constant
   14.52 +     @{text const} to executable content.
   14.53 +
   14.54 +  \item @{ML Code.map_pre}~@{text "f"}~@{text "thy"} changes
   14.55 +     the preprocessor simpset.
   14.56 +
   14.57 +  \item @{ML Code.add_functrans}~@{text "(name, f)"}~@{text "thy"} adds
   14.58 +     function transformer @{text f} (named @{text name}) to executable content;
   14.59 +     @{text f} is a transformer of the code equations belonging
   14.60 +     to a certain function definition, depending on the
   14.61 +     current theory context.  Returning @{text NONE} indicates that no
   14.62 +     transformation took place;  otherwise, the whole process will be iterated
   14.63 +     with the new code equations.
   14.64 +
   14.65 +  \item @{ML Code.del_functrans}~@{text "name"}~@{text "thy"} removes
   14.66 +     function transformer named @{text name} from executable content.
   14.67 +
   14.68 +  \item @{ML Code.add_datatype}~@{text cs}~@{text thy} adds
   14.69 +     a datatype to executable content, with generation
   14.70 +     set @{text cs}.
   14.71 +
   14.72 +  \item @{ML Code.get_datatype_of_constr}~@{text "thy"}~@{text "const"}
   14.73 +     returns type constructor corresponding to
   14.74 +     constructor @{text const}; returns @{text NONE}
   14.75 +     if @{text const} is no constructor.
   14.76 +
   14.77 +  \end{description}
   14.78 +*}
   14.79 +
   14.80 +subsection {* Auxiliary *}
   14.81 +
   14.82 +text %mlref {*
   14.83 +  \begin{mldecls}
   14.84 +  @{index_ML Code_Unit.read_const: "theory -> string -> string"} \\
   14.85 +  @{index_ML Code_Unit.head_eqn: "theory -> thm -> string * ((string * sort) list * typ)"} \\
   14.86 +  @{index_ML Code_Unit.rewrite_eqn: "simpset -> thm -> thm"} \\
   14.87 +  \end{mldecls}
   14.88 +
   14.89 +  \begin{description}
   14.90 +
   14.91 +  \item @{ML Code_Unit.read_const}~@{text thy}~@{text s}
   14.92 +     reads a constant as a concrete term expression @{text s}.
   14.93 +
   14.94 +  \item @{ML Code_Unit.head_eqn}~@{text thy}~@{text thm}
   14.95 +     extracts the constant and its type from a code equation @{text thm}.
   14.96 +
   14.97 +  \item @{ML Code_Unit.rewrite_eqn}~@{text ss}~@{text thm}
   14.98 +     rewrites a code equation @{text thm} with a simpset @{text ss};
   14.99 +     only arguments and right hand side are rewritten,
  14.100 +     not the head of the code equation.
  14.101 +
  14.102 +  \end{description}
  14.103 +
  14.104 +*}
  14.105 +
  14.106 +subsection {* Implementing code generator applications *}
  14.107 +
  14.108 +text {*
  14.109 +  Implementing code generator applications on top
  14.110 +  of the framework set out so far usually not only
  14.111 +  involves using those primitive interfaces
  14.112 +  but also storing code-dependent data and various
  14.113 +  other things.
  14.114 +*}
  14.115 +
  14.116 +subsubsection {* Data depending on the theory's executable content *}
  14.117 +
  14.118 +text {*
  14.119 +  Due to incrementality of code generation, changes in the
  14.120 +  theory's executable content have to be propagated in a
  14.121 +  certain fashion.  Additionally, such changes may occur
  14.122 +  not only during theory extension but also during theory
  14.123 +  merge, which is a little bit nasty from an implementation
  14.124 +  point of view.  The framework provides a solution
  14.125 +  to this technical challenge by providing a functorial
  14.126 +  data slot @{ML_functor CodeDataFun}; on instantiation
  14.127 +  of this functor, the following types and operations
  14.128 +  are required:
  14.129 +
  14.130 +  \medskip
  14.131 +  \begin{tabular}{l}
  14.132 +  @{text "type T"} \\
  14.133 +  @{text "val empty: T"} \\
  14.134 +  @{text "val purge: theory \<rightarrow> string list option \<rightarrow> T \<rightarrow> T"}
  14.135 +  \end{tabular}
  14.136 +
  14.137 +  \begin{description}
  14.138 +
  14.139 +  \item @{text T} the type of data to store.
  14.140 +
  14.141 +  \item @{text empty} initial (empty) data.
  14.142 +
  14.143 +  \item @{text purge}~@{text thy}~@{text consts} propagates changes in executable content;
  14.144 +    @{text consts} indicates the kind
  14.145 +    of change: @{ML NONE} stands for a fundamental change
  14.146 +    which invalidates any existing code, @{text "SOME consts"}
  14.147 +    hints that executable content for constants @{text consts}
  14.148 +    has changed.
  14.149 +
  14.150 +  \end{description}
  14.151 +
  14.152 +  \noindent An instance of @{ML_functor CodeDataFun} provides the following
  14.153 +  interface:
  14.154 +
  14.155 +  \medskip
  14.156 +  \begin{tabular}{l}
  14.157 +  @{text "get: theory \<rightarrow> T"} \\
  14.158 +  @{text "change: theory \<rightarrow> (T \<rightarrow> T) \<rightarrow> T"} \\
  14.159 +  @{text "change_yield: theory \<rightarrow> (T \<rightarrow> 'a * T) \<rightarrow> 'a * T"}
  14.160 +  \end{tabular}
  14.161 +
  14.162 +  \begin{description}
  14.163 +
  14.164 +  \item @{text get} retrieval of the current data.
  14.165 +
  14.166 +  \item @{text change} update of current data (cached!)
  14.167 +    by giving a continuation.
  14.168 +
  14.169 +  \item @{text change_yield} update with side result.
  14.170 +
  14.171 +  \end{description}
  14.172 +*}
  14.173 +
  14.174 +text {*
  14.175 +  \bigskip
  14.176 +
  14.177 +  \emph{Happy proving, happy hacking!}
  14.178 +*}
  14.179 +
  14.180 +end
    15.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    15.2 +++ b/doc-src/Codegen/Thy/Program.thy	Tue Mar 03 19:21:10 2009 +0100
    15.3 @@ -0,0 +1,526 @@
    15.4 +theory Program
    15.5 +imports Introduction
    15.6 +begin
    15.7 +
    15.8 +section {* Turning Theories into Programs \label{sec:program} *}
    15.9 +
   15.10 +subsection {* The @{text "Isabelle/HOL"} default setup *}
   15.11 +
   15.12 +text {*
   15.13 +  We have already seen how by default equations stemming from
   15.14 +  @{command definition}/@{command primrec}/@{command fun}
   15.15 +  statements are used for code generation.  This default behaviour
   15.16 +  can be changed, e.g. by providing different code equations.
   15.17 +  All kinds of customisation shown in this section is \emph{safe}
   15.18 +  in the sense that the user does not have to worry about
   15.19 +  correctness -- all programs generatable that way are partially
   15.20 +  correct.
   15.21 +*}
   15.22 +
   15.23 +subsection {* Selecting code equations *}
   15.24 +
   15.25 +text {*
   15.26 +  Coming back to our introductory example, we
   15.27 +  could provide an alternative code equations for @{const dequeue}
   15.28 +  explicitly:
   15.29 +*}
   15.30 +
   15.31 +lemma %quote [code]:
   15.32 +  "dequeue (AQueue xs []) =
   15.33 +     (if xs = [] then (None, AQueue [] [])
   15.34 +       else dequeue (AQueue [] (rev xs)))"
   15.35 +  "dequeue (AQueue xs (y # ys)) =
   15.36 +     (Some y, AQueue xs ys)"
   15.37 +  by (cases xs, simp_all) (cases "rev xs", simp_all)
   15.38 +
   15.39 +text {*
   15.40 +  \noindent The annotation @{text "[code]"} is an @{text Isar}
   15.41 +  @{text attribute} which states that the given theorems should be
   15.42 +  considered as code equations for a @{text fun} statement --
   15.43 +  the corresponding constant is determined syntactically.  The resulting code:
   15.44 +*}
   15.45 +
   15.46 +text %quote {*@{code_stmts dequeue (consts) dequeue (Haskell)}*}
   15.47 +
   15.48 +text {*
   15.49 +  \noindent You may note that the equality test @{term "xs = []"} has been
   15.50 +  replaced by the predicate @{term "null xs"}.  This is due to the default
   15.51 +  setup in the \qn{preprocessor} to be discussed further below (\secref{sec:preproc}).
   15.52 +
   15.53 +  Changing the default constructor set of datatypes is also
   15.54 +  possible.  See \secref{sec:datatypes} for an example.
   15.55 +
   15.56 +  As told in \secref{sec:concept}, code generation is based
   15.57 +  on a structured collection of code theorems.
   15.58 +  For explorative purpose, this collection
   15.59 +  may be inspected using the @{command code_thms} command:
   15.60 +*}
   15.61 +
   15.62 +code_thms %quote dequeue
   15.63 +
   15.64 +text {*
   15.65 +  \noindent prints a table with \emph{all} code equations
   15.66 +  for @{const dequeue}, including
   15.67 +  \emph{all} code equations those equations depend
   15.68 +  on recursively.
   15.69 +  
   15.70 +  Similarly, the @{command code_deps} command shows a graph
   15.71 +  visualising dependencies between code equations.
   15.72 +*}
   15.73 +
   15.74 +subsection {* @{text class} and @{text instantiation} *}
   15.75 +
   15.76 +text {*
   15.77 +  Concerning type classes and code generation, let us examine an example
   15.78 +  from abstract algebra:
   15.79 +*}
   15.80 +
   15.81 +class %quote semigroup =
   15.82 +  fixes mult :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "\<otimes>" 70)
   15.83 +  assumes assoc: "(x \<otimes> y) \<otimes> z = x \<otimes> (y \<otimes> z)"
   15.84 +
   15.85 +class %quote monoid = semigroup +
   15.86 +  fixes neutral :: 'a ("\<one>")
   15.87 +  assumes neutl: "\<one> \<otimes> x = x"
   15.88 +    and neutr: "x \<otimes> \<one> = x"
   15.89 +
   15.90 +instantiation %quote nat :: monoid
   15.91 +begin
   15.92 +
   15.93 +primrec %quote mult_nat where
   15.94 +    "0 \<otimes> n = (0\<Colon>nat)"
   15.95 +  | "Suc m \<otimes> n = n + m \<otimes> n"
   15.96 +
   15.97 +definition %quote neutral_nat where
   15.98 +  "\<one> = Suc 0"
   15.99 +
  15.100 +lemma %quote add_mult_distrib:
  15.101 +  fixes n m q :: nat
  15.102 +  shows "(n + m) \<otimes> q = n \<otimes> q + m \<otimes> q"
  15.103 +  by (induct n) simp_all
  15.104 +
  15.105 +instance %quote proof
  15.106 +  fix m n q :: nat
  15.107 +  show "m \<otimes> n \<otimes> q = m \<otimes> (n \<otimes> q)"
  15.108 +    by (induct m) (simp_all add: add_mult_distrib)
  15.109 +  show "\<one> \<otimes> n = n"
  15.110 +    by (simp add: neutral_nat_def)
  15.111 +  show "m \<otimes> \<one> = m"
  15.112 +    by (induct m) (simp_all add: neutral_nat_def)
  15.113 +qed
  15.114 +
  15.115 +end %quote
  15.116 +
  15.117 +text {*
  15.118 +  \noindent We define the natural operation of the natural numbers
  15.119 +  on monoids:
  15.120 +*}
  15.121 +
  15.122 +primrec %quote (in monoid) pow :: "nat \<Rightarrow> 'a \<Rightarrow> 'a" where
  15.123 +    "pow 0 a = \<one>"
  15.124 +  | "pow (Suc n) a = a \<otimes> pow n a"
  15.125 +
  15.126 +text {*
  15.127 +  \noindent This we use to define the discrete exponentiation function:
  15.128 +*}
  15.129 +
  15.130 +definition %quote bexp :: "nat \<Rightarrow> nat" where
  15.131 +  "bexp n = pow n (Suc (Suc 0))"
  15.132 +
  15.133 +text {*
  15.134 +  \noindent The corresponding code:
  15.135 +*}
  15.136 +
  15.137 +text %quote {*@{code_stmts bexp (Haskell)}*}
  15.138 +
  15.139 +text {*
  15.140 +  \noindent This is a convenient place to show how explicit dictionary construction
  15.141 +  manifests in generated code (here, the same example in @{text SML}):
  15.142 +*}
  15.143 +
  15.144 +text %quote {*@{code_stmts bexp (SML)}*}
  15.145 +
  15.146 +text {*
  15.147 +  \noindent Note the parameters with trailing underscore (@{verbatim "A_"})
  15.148 +    which are the dictionary parameters.
  15.149 +*}
  15.150 +
  15.151 +subsection {* The preprocessor \label{sec:preproc} *}
  15.152 +
  15.153 +text {*
  15.154 +  Before selected function theorems are turned into abstract
  15.155 +  code, a chain of definitional transformation steps is carried
  15.156 +  out: \emph{preprocessing}.  In essence, the preprocessor
  15.157 +  consists of two components: a \emph{simpset} and \emph{function transformers}.
  15.158 +
  15.159 +  The \emph{simpset} allows to employ the full generality of the Isabelle
  15.160 +  simplifier.  Due to the interpretation of theorems
  15.161 +  as code equations, rewrites are applied to the right
  15.162 +  hand side and the arguments of the left hand side of an
  15.163 +  equation, but never to the constant heading the left hand side.
  15.164 +  An important special case are \emph{inline theorems} which may be
  15.165 +  declared and undeclared using the
  15.166 +  \emph{code inline} or \emph{code inline del} attribute respectively.
  15.167 +
  15.168 +  Some common applications:
  15.169 +*}
  15.170 +
  15.171 +text_raw {*
  15.172 +  \begin{itemize}
  15.173 +*}
  15.174 +
  15.175 +text {*
  15.176 +     \item replacing non-executable constructs by executable ones:
  15.177 +*}     
  15.178 +
  15.179 +lemma %quote [code inline]:
  15.180 +  "x \<in> set xs \<longleftrightarrow> x mem xs" by (induct xs) simp_all
  15.181 +
  15.182 +text {*
  15.183 +     \item eliminating superfluous constants:
  15.184 +*}
  15.185 +
  15.186 +lemma %quote [code inline]:
  15.187 +  "1 = Suc 0" by simp
  15.188 +
  15.189 +text {*
  15.190 +     \item replacing executable but inconvenient constructs:
  15.191 +*}
  15.192 +
  15.193 +lemma %quote [code inline]:
  15.194 +  "xs = [] \<longleftrightarrow> List.null xs" by (induct xs) simp_all
  15.195 +
  15.196 +text_raw {*
  15.197 +  \end{itemize}
  15.198 +*}
  15.199 +
  15.200 +text {*
  15.201 +  \noindent \emph{Function transformers} provide a very general interface,
  15.202 +  transforming a list of function theorems to another
  15.203 +  list of function theorems, provided that neither the heading
  15.204 +  constant nor its type change.  The @{term "0\<Colon>nat"} / @{const Suc}
  15.205 +  pattern elimination implemented in
  15.206 +  theory @{text Efficient_Nat} (see \secref{eff_nat}) uses this
  15.207 +  interface.
  15.208 +
  15.209 +  \noindent The current setup of the preprocessor may be inspected using
  15.210 +  the @{command print_codesetup} command.
  15.211 +  @{command code_thms} provides a convenient
  15.212 +  mechanism to inspect the impact of a preprocessor setup
  15.213 +  on code equations.
  15.214 +
  15.215 +  \begin{warn}
  15.216 +    The attribute \emph{code unfold}
  15.217 +    associated with the @{text "SML code generator"} also applies to
  15.218 +    the @{text "generic code generator"}:
  15.219 +    \emph{code unfold} implies \emph{code inline}.
  15.220 +  \end{warn}
  15.221 +*}
  15.222 +
  15.223 +subsection {* Datatypes \label{sec:datatypes} *}
  15.224 +
  15.225 +text {*
  15.226 +  Conceptually, any datatype is spanned by a set of
  15.227 +  \emph{constructors} of type @{text "\<tau> = \<dots> \<Rightarrow> \<kappa> \<alpha>\<^isub>1 \<dots> \<alpha>\<^isub>n"} where @{text
  15.228 +  "{\<alpha>\<^isub>1, \<dots>, \<alpha>\<^isub>n}"} is exactly the set of \emph{all} type variables in
  15.229 +  @{text "\<tau>"}.  The HOL datatype package by default registers any new
  15.230 +  datatype in the table of datatypes, which may be inspected using the
  15.231 +  @{command print_codesetup} command.
  15.232 +
  15.233 +  In some cases, it is appropriate to alter or extend this table.  As
  15.234 +  an example, we will develop an alternative representation of the
  15.235 +  queue example given in \secref{sec:intro}.  The amortised
  15.236 +  representation is convenient for generating code but exposes its
  15.237 +  \qt{implementation} details, which may be cumbersome when proving
  15.238 +  theorems about it.  Therefore, here a simple, straightforward
  15.239 +  representation of queues:
  15.240 +*}
  15.241 +
  15.242 +datatype %quote 'a queue = Queue "'a list"
  15.243 +
  15.244 +definition %quote empty :: "'a queue" where
  15.245 +  "empty = Queue []"
  15.246 +
  15.247 +primrec %quote enqueue :: "'a \<Rightarrow> 'a queue \<Rightarrow> 'a queue" where
  15.248 +  "enqueue x (Queue xs) = Queue (xs @ [x])"
  15.249 +
  15.250 +fun %quote dequeue :: "'a queue \<Rightarrow> 'a option \<times> 'a queue" where
  15.251 +    "dequeue (Queue []) = (None, Queue [])"
  15.252 +  | "dequeue (Queue (x # xs)) = (Some x, Queue xs)"
  15.253 +
  15.254 +text {*
  15.255 +  \noindent This we can use directly for proving;  for executing,
  15.256 +  we provide an alternative characterisation:
  15.257 +*}
  15.258 +
  15.259 +definition %quote AQueue :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a queue" where
  15.260 +  "AQueue xs ys = Queue (ys @ rev xs)"
  15.261 +
  15.262 +code_datatype %quote AQueue
  15.263 +
  15.264 +text {*
  15.265 +  \noindent Here we define a \qt{constructor} @{const "AQueue"} which
  15.266 +  is defined in terms of @{text "Queue"} and interprets its arguments
  15.267 +  according to what the \emph{content} of an amortised queue is supposed
  15.268 +  to be.  Equipped with this, we are able to prove the following equations
  15.269 +  for our primitive queue operations which \qt{implement} the simple
  15.270 +  queues in an amortised fashion:
  15.271 +*}
  15.272 +
  15.273 +lemma %quote empty_AQueue [code]:
  15.274 +  "empty = AQueue [] []"
  15.275 +  unfolding AQueue_def empty_def by simp
  15.276 +
  15.277 +lemma %quote enqueue_AQueue [code]:
  15.278 +  "enqueue x (AQueue xs ys) = AQueue (x # xs) ys"
  15.279 +  unfolding AQueue_def by simp
  15.280 +
  15.281 +lemma %quote dequeue_AQueue [code]:
  15.282 +  "dequeue (AQueue xs []) =
  15.283 +    (if xs = [] then (None, AQueue [] [])
  15.284 +    else dequeue (AQueue [] (rev xs)))"
  15.285 +  "dequeue (AQueue xs (y # ys)) = (Some y, AQueue xs ys)"
  15.286 +  unfolding AQueue_def by simp_all
  15.287 +
  15.288 +text {*
  15.289 +  \noindent For completeness, we provide a substitute for the
  15.290 +  @{text case} combinator on queues:
  15.291 +*}
  15.292 +
  15.293 +lemma %quote queue_case_AQueue [code]:
  15.294 +  "queue_case f (AQueue xs ys) = f (ys @ rev xs)"
  15.295 +  unfolding AQueue_def by simp
  15.296 +
  15.297 +text {*
  15.298 +  \noindent The resulting code looks as expected:
  15.299 +*}
  15.300 +
  15.301 +text %quote {*@{code_stmts empty enqueue dequeue (SML)}*}
  15.302 +
  15.303 +text {*
  15.304 +  \noindent From this example, it can be glimpsed that using own
  15.305 +  constructor sets is a little delicate since it changes the set of
  15.306 +  valid patterns for values of that type.  Without going into much
  15.307 +  detail, here some practical hints:
  15.308 +
  15.309 +  \begin{itemize}
  15.310 +
  15.311 +    \item When changing the constructor set for datatypes, take care
  15.312 +      to provide alternative equations for the @{text case} combinator.
  15.313 +
  15.314 +    \item Values in the target language need not to be normalised --
  15.315 +      different values in the target language may represent the same
  15.316 +      value in the logic.
  15.317 +
  15.318 +    \item Usually, a good methodology to deal with the subtleties of
  15.319 +      pattern matching is to see the type as an abstract type: provide
  15.320 +      a set of operations which operate on the concrete representation
  15.321 +      of the type, and derive further operations by combinations of
  15.322 +      these primitive ones, without relying on a particular
  15.323 +      representation.
  15.324 +
  15.325 +  \end{itemize}
  15.326 +*}
  15.327 +
  15.328 +
  15.329 +subsection {* Equality and wellsortedness *}
  15.330 +
  15.331 +text {*
  15.332 +  Surely you have already noticed how equality is treated
  15.333 +  by the code generator:
  15.334 +*}
  15.335 +
  15.336 +primrec %quote collect_duplicates :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" where
  15.337 +  "collect_duplicates xs ys [] = xs"
  15.338 +  | "collect_duplicates xs ys (z#zs) = (if z \<in> set xs
  15.339 +      then if z \<in> set ys
  15.340 +        then collect_duplicates xs ys zs
  15.341 +        else collect_duplicates xs (z#ys) zs
  15.342 +      else collect_duplicates (z#xs) (z#ys) zs)"
  15.343 +
  15.344 +text {*
  15.345 +  \noindent The membership test during preprocessing is rewritten,
  15.346 +  resulting in @{const List.member}, which itself
  15.347 +  performs an explicit equality check.
  15.348 +*}
  15.349 +
  15.350 +text %quote {*@{code_stmts collect_duplicates (SML)}*}
  15.351 +
  15.352 +text {*
  15.353 +  \noindent Obviously, polymorphic equality is implemented the Haskell
  15.354 +  way using a type class.  How is this achieved?  HOL introduces
  15.355 +  an explicit class @{class eq} with a corresponding operation
  15.356 +  @{const eq_class.eq} such that @{thm eq [no_vars]}.
  15.357 +  The preprocessing framework does the rest by propagating the
  15.358 +  @{class eq} constraints through all dependent code equations.
  15.359 +  For datatypes, instances of @{class eq} are implicitly derived
  15.360 +  when possible.  For other types, you may instantiate @{text eq}
  15.361 +  manually like any other type class.
  15.362 +
  15.363 +  Though this @{text eq} class is designed to get rarely in
  15.364 +  the way, a subtlety
  15.365 +  enters the stage when definitions of overloaded constants
  15.366 +  are dependent on operational equality.  For example, let
  15.367 +  us define a lexicographic ordering on tuples
  15.368 +  (also see theory @{theory Product_ord}):
  15.369 +*}
  15.370 +
  15.371 +instantiation %quote "*" :: (order, order) order
  15.372 +begin
  15.373 +
  15.374 +definition %quote [code del]:
  15.375 +  "x \<le> y \<longleftrightarrow> fst x < fst y \<or> fst x = fst y \<and> snd x \<le> snd y"
  15.376 +
  15.377 +definition %quote [code del]:
  15.378 +  "x < y \<longleftrightarrow> fst x < fst y \<or> fst x = fst y \<and> snd x < snd y"
  15.379 +
  15.380 +instance %quote proof
  15.381 +qed (auto simp: less_eq_prod_def less_prod_def intro: order_less_trans)
  15.382 +
  15.383 +end %quote
  15.384 +
  15.385 +lemma %quote order_prod [code]:
  15.386 +  "(x1 \<Colon> 'a\<Colon>order, y1 \<Colon> 'b\<Colon>order) < (x2, y2) \<longleftrightarrow>
  15.387 +     x1 < x2 \<or> x1 = x2 \<and> y1 < y2"
  15.388 +  "(x1 \<Colon> 'a\<Colon>order, y1 \<Colon> 'b\<Colon>order) \<le> (x2, y2) \<longleftrightarrow>
  15.389 +     x1 < x2 \<or> x1 = x2 \<and> y1 \<le> y2"
  15.390 +  by (simp_all add: less_prod_def less_eq_prod_def)
  15.391 +
  15.392 +text {*
  15.393 +  \noindent Then code generation will fail.  Why?  The definition
  15.394 +  of @{term "op \<le>"} depends on equality on both arguments,
  15.395 +  which are polymorphic and impose an additional @{class eq}
  15.396 +  class constraint, which the preprocessor does not propagate
  15.397 +  (for technical reasons).
  15.398 +
  15.399 +  The solution is to add @{class eq} explicitly to the first sort arguments in the
  15.400 +  code theorems:
  15.401 +*}
  15.402 +
  15.403 +lemma %quote order_prod_code [code]:
  15.404 +  "(x1 \<Colon> 'a\<Colon>{order, eq}, y1 \<Colon> 'b\<Colon>order) < (x2, y2) \<longleftrightarrow>
  15.405 +     x1 < x2 \<or> x1 = x2 \<and> y1 < y2"
  15.406 +  "(x1 \<Colon> 'a\<Colon>{order, eq}, y1 \<Colon> 'b\<Colon>order) \<le> (x2, y2) \<longleftrightarrow>
  15.407 +     x1 < x2 \<or> x1 = x2 \<and> y1 \<le> y2"
  15.408 +  by (simp_all add: less_prod_def less_eq_prod_def)
  15.409 +
  15.410 +text {*
  15.411 +  \noindent Then code generation succeeds:
  15.412 +*}
  15.413 +
  15.414 +text %quote {*@{code_stmts "op \<le> \<Colon> _ \<times> _ \<Rightarrow> _ \<times> _ \<Rightarrow> bool" (SML)}*}
  15.415 +
  15.416 +text {*
  15.417 +  In some cases, the automatically derived code equations
  15.418 +  for equality on a particular type may not be appropriate.
  15.419 +  As example, watch the following datatype representing
  15.420 +  monomorphic parametric types (where type constructors
  15.421 +  are referred to by natural numbers):
  15.422 +*}
  15.423 +
  15.424 +datatype %quote monotype = Mono nat "monotype list"
  15.425 +(*<*)
  15.426 +lemma monotype_eq:
  15.427 +  "eq_class.eq (Mono tyco1 typargs1) (Mono tyco2 typargs2) \<equiv> 
  15.428 +     eq_class.eq tyco1 tyco2 \<and> eq_class.eq typargs1 typargs2" by (simp add: eq)
  15.429 +(*>*)
  15.430 +
  15.431 +text {*
  15.432 +  \noindent Then code generation for SML would fail with a message
  15.433 +  that the generated code contains illegal mutual dependencies:
  15.434 +  the theorem @{thm monotype_eq [no_vars]} already requires the
  15.435 +  instance @{text "monotype \<Colon> eq"}, which itself requires
  15.436 +  @{thm monotype_eq [no_vars]};  Haskell has no problem with mutually
  15.437 +  recursive @{text instance} and @{text function} definitions,
  15.438 +  but the SML serialiser does not support this.
  15.439 +
  15.440 +  In such cases, you have to provide your own equality equations
  15.441 +  involving auxiliary constants.  In our case,
  15.442 +  @{const [show_types] list_all2} can do the job:
  15.443 +*}
  15.444 +
  15.445 +lemma %quote monotype_eq_list_all2 [code]:
  15.446 +  "eq_class.eq (Mono tyco1 typargs1) (Mono tyco2 typargs2) \<longleftrightarrow>
  15.447 +     eq_class.eq tyco1 tyco2 \<and> list_all2 eq_class.eq typargs1 typargs2"
  15.448 +  by (simp add: eq list_all2_eq [symmetric])
  15.449 +
  15.450 +text {*
  15.451 +  \noindent does not depend on instance @{text "monotype \<Colon> eq"}:
  15.452 +*}
  15.453 +
  15.454 +text %quote {*@{code_stmts "eq_class.eq :: monotype \<Rightarrow> monotype \<Rightarrow> bool" (SML)}*}
  15.455 +
  15.456 +
  15.457 +subsection {* Explicit partiality *}
  15.458 +
  15.459 +text {*
  15.460 +  Partiality usually enters the game by partial patterns, as
  15.461 +  in the following example, again for amortised queues:
  15.462 +*}
  15.463 +
  15.464 +definition %quote strict_dequeue :: "'a queue \<Rightarrow> 'a \<times> 'a queue" where
  15.465 +  "strict_dequeue q = (case dequeue q
  15.466 +    of (Some x, q') \<Rightarrow> (x, q'))"
  15.467 +
  15.468 +lemma %quote strict_dequeue_AQueue [code]:
  15.469 +  "strict_dequeue (AQueue xs (y # ys)) = (y, AQueue xs ys)"
  15.470 +  "strict_dequeue (AQueue xs []) =
  15.471 +    (case rev xs of y # ys \<Rightarrow> (y, AQueue [] ys))"
  15.472 +  by (simp_all add: strict_dequeue_def dequeue_AQueue split: list.splits)
  15.473 +
  15.474 +text {*
  15.475 +  \noindent In the corresponding code, there is no equation
  15.476 +  for the pattern @{term "AQueue [] []"}:
  15.477 +*}
  15.478 +
  15.479 +text %quote {*@{code_stmts strict_dequeue (consts) strict_dequeue (Haskell)}*}
  15.480 +
  15.481 +text {*
  15.482 +  \noindent In some cases it is desirable to have this
  15.483 +  pseudo-\qt{partiality} more explicitly, e.g.~as follows:
  15.484 +*}
  15.485 +
  15.486 +axiomatization %quote empty_queue :: 'a
  15.487 +
  15.488 +definition %quote strict_dequeue' :: "'a queue \<Rightarrow> 'a \<times> 'a queue" where
  15.489 +  "strict_dequeue' q = (case dequeue q of (Some x, q') \<Rightarrow> (x, q') | _ \<Rightarrow> empty_queue)"
  15.490 +
  15.491 +lemma %quote strict_dequeue'_AQueue [code]:
  15.492 +  "strict_dequeue' (AQueue xs []) = (if xs = [] then empty_queue
  15.493 +     else strict_dequeue' (AQueue [] (rev xs)))"
  15.494 +  "strict_dequeue' (AQueue xs (y # ys)) =
  15.495 +     (y, AQueue xs ys)"
  15.496 +  by (simp_all add: strict_dequeue'_def dequeue_AQueue split: list.splits)
  15.497 +
  15.498 +text {*
  15.499 +  Observe that on the right hand side of the definition of @{const
  15.500 +  "strict_dequeue'"} the constant @{const empty_queue} occurs
  15.501 +  which is unspecified.
  15.502 +
  15.503 +  Normally, if constants without any code equations occur in a
  15.504 +  program, the code generator complains (since in most cases this is
  15.505 +  not what the user expects).  But such constants can also be thought
  15.506 +  of as function definitions with no equations which always fail,
  15.507 +  since there is never a successful pattern match on the left hand
  15.508 +  side.  In order to categorise a constant into that category
  15.509 +  explicitly, use @{command "code_abort"}:
  15.510 +*}
  15.511 +
  15.512 +code_abort %quote empty_queue
  15.513 +
  15.514 +text {*
  15.515 +  \noindent Then the code generator will just insert an error or
  15.516 +  exception at the appropriate position:
  15.517 +*}
  15.518 +
  15.519 +text %quote {*@{code_stmts strict_dequeue' (consts) empty_queue strict_dequeue' (Haskell)}*}
  15.520 +
  15.521 +text {*
  15.522 +  \noindent This feature however is rarely needed in practice.
  15.523 +  Note also that the @{text HOL} default setup already declares
  15.524 +  @{const undefined} as @{command "code_abort"}, which is most
  15.525 +  likely to be used in such situations.
  15.526 +*}
  15.527 +
  15.528 +end
  15.529 + 
  15.530 \ No newline at end of file
    16.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    16.2 +++ b/doc-src/Codegen/Thy/ROOT.ML	Tue Mar 03 19:21:10 2009 +0100
    16.3 @@ -0,0 +1,11 @@
    16.4 +
    16.5 +(* $Id$ *)
    16.6 +
    16.7 +no_document use_thy "Setup";
    16.8 +no_document use_thys ["Efficient_Nat"];
    16.9 +
   16.10 +use_thy "Introduction";
   16.11 +use_thy "Program";
   16.12 +use_thy "Adaption";
   16.13 +use_thy "Further";
   16.14 +use_thy "ML";
    17.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    17.2 +++ b/doc-src/Codegen/Thy/Setup.thy	Tue Mar 03 19:21:10 2009 +0100
    17.3 @@ -0,0 +1,15 @@
    17.4 +theory Setup
    17.5 +imports Complex_Main
    17.6 +uses
    17.7 +  "../../antiquote_setup.ML"
    17.8 +  "../../more_antiquote.ML"
    17.9 +begin
   17.10 +
   17.11 +ML {* no_document use_thys
   17.12 +  ["Efficient_Nat", "Code_Char_chr", "Product_ord", "~~/src/HOL/Imperative_HOL/Imperative_HOL",
   17.13 +   "~~/src/HOL/Decision_Procs/Ferrack"] *}
   17.14 +
   17.15 +ML_command {* Code_Target.code_width := 74 *}
   17.16 +ML_command {* reset unique_names *}
   17.17 +
   17.18 +end
    18.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    18.2 +++ b/doc-src/Codegen/Thy/document/Adaption.tex	Tue Mar 03 19:21:10 2009 +0100
    18.3 @@ -0,0 +1,678 @@
    18.4 +%
    18.5 +\begin{isabellebody}%
    18.6 +\def\isabellecontext{Adaption}%
    18.7 +%
    18.8 +\isadelimtheory
    18.9 +%
   18.10 +\endisadelimtheory
   18.11 +%
   18.12 +\isatagtheory
   18.13 +\isacommand{theory}\isamarkupfalse%
   18.14 +\ Adaption\isanewline
   18.15 +\isakeyword{imports}\ Setup\isanewline
   18.16 +\isakeyword{begin}%
   18.17 +\endisatagtheory
   18.18 +{\isafoldtheory}%
   18.19 +%
   18.20 +\isadelimtheory
   18.21 +\isanewline
   18.22 +%
   18.23 +\endisadelimtheory
   18.24 +%
   18.25 +\isadeliminvisible
   18.26 +\isanewline
   18.27 +%
   18.28 +\endisadeliminvisible
   18.29 +%
   18.30 +\isataginvisible
   18.31 +\isacommand{setup}\isamarkupfalse%
   18.32 +\ {\isacharverbatimopen}\ Code{\isacharunderscore}Target{\isachardot}extend{\isacharunderscore}target\ {\isacharparenleft}{\isachardoublequote}{\isasymSML}{\isachardoublequote}{\isacharcomma}\ {\isacharparenleft}{\isachardoublequote}SML{\isachardoublequote}{\isacharcomma}\ K\ I{\isacharparenright}{\isacharparenright}\ {\isacharverbatimclose}%
   18.33 +\endisataginvisible
   18.34 +{\isafoldinvisible}%
   18.35 +%
   18.36 +\isadeliminvisible
   18.37 +%
   18.38 +\endisadeliminvisible
   18.39 +%
   18.40 +\isamarkupsection{Adaption to target languages \label{sec:adaption}%
   18.41 +}
   18.42 +\isamarkuptrue%
   18.43 +%
   18.44 +\isamarkupsubsection{Adapting code generation%
   18.45 +}
   18.46 +\isamarkuptrue%
   18.47 +%
   18.48 +\begin{isamarkuptext}%
   18.49 +The aspects of code generation introduced so far have two aspects
   18.50 +  in common:
   18.51 +
   18.52 +  \begin{itemize}
   18.53 +    \item They act uniformly, without reference to a specific
   18.54 +       target language.
   18.55 +    \item They are \emph{safe} in the sense that as long as you trust
   18.56 +       the code generator meta theory and implementation, you cannot
   18.57 +       produce programs that yield results which are not derivable
   18.58 +       in the logic.
   18.59 +  \end{itemize}
   18.60 +
   18.61 +  \noindent In this section we will introduce means to \emph{adapt} the serialiser
   18.62 +  to a specific target language, i.e.~to print program fragments
   18.63 +  in a way which accommodates \qt{already existing} ingredients of
   18.64 +  a target language environment, for three reasons:
   18.65 +
   18.66 +  \begin{itemize}
   18.67 +    \item improving readability and aesthetics of generated code
   18.68 +    \item gaining efficiency
   18.69 +    \item interface with language parts which have no direct counterpart
   18.70 +      in \isa{HOL} (say, imperative data structures)
   18.71 +  \end{itemize}
   18.72 +
   18.73 +  \noindent Generally, you should avoid using those features yourself
   18.74 +  \emph{at any cost}:
   18.75 +
   18.76 +  \begin{itemize}
   18.77 +    \item The safe configuration methods act uniformly on every target language,
   18.78 +      whereas for adaption you have to treat each target language separate.
   18.79 +    \item Application is extremely tedious since there is no abstraction
   18.80 +      which would allow for a static check, making it easy to produce garbage.
   18.81 +    \item More or less subtle errors can be introduced unconsciously.
   18.82 +  \end{itemize}
   18.83 +
   18.84 +  \noindent However, even if you ought refrain from setting up adaption
   18.85 +  yourself, already the \isa{HOL} comes with some reasonable default
   18.86 +  adaptions (say, using target language list syntax).  There also some
   18.87 +  common adaption cases which you can setup by importing particular
   18.88 +  library theories.  In order to understand these, we provide some clues here;
   18.89 +  these however are not supposed to replace a careful study of the sources.%
   18.90 +\end{isamarkuptext}%
   18.91 +\isamarkuptrue%
   18.92 +%
   18.93 +\isamarkupsubsection{The adaption principle%
   18.94 +}
   18.95 +\isamarkuptrue%
   18.96 +%
   18.97 +\begin{isamarkuptext}%
   18.98 +The following figure illustrates what \qt{adaption} is conceptually
   18.99 +  supposed to be:
  18.100 +
  18.101 +  \begin{figure}[here]
  18.102 +    \begin{tikzpicture}[scale = 0.5]
  18.103 +      \tikzstyle water=[color = blue, thick]
  18.104 +      \tikzstyle ice=[color = black, very thick, cap = round, join = round, fill = white]
  18.105 +      \tikzstyle process=[color = green, semithick, ->]
  18.106 +      \tikzstyle adaption=[color = red, semithick, ->]
  18.107 +      \tikzstyle target=[color = black]
  18.108 +      \foreach \x in {0, ..., 24}
  18.109 +        \draw[style=water] (\x, 0.25) sin + (0.25, 0.25) cos + (0.25, -0.25) sin
  18.110 +          + (0.25, -0.25) cos + (0.25, 0.25);
  18.111 +      \draw[style=ice] (1, 0) --
  18.112 +        (3, 6) node[above, fill=white] {logic} -- (5, 0) -- cycle;
  18.113 +      \draw[style=ice] (9, 0) --
  18.114 +        (11, 6) node[above, fill=white] {intermediate language} -- (13, 0) -- cycle;
  18.115 +      \draw[style=ice] (15, -6) --
  18.116 +        (19, 6) node[above, fill=white] {target language} -- (23, -6) -- cycle;
  18.117 +      \draw[style=process]
  18.118 +        (3.5, 3) .. controls (7, 5) .. node[fill=white] {translation} (10.5, 3);
  18.119 +      \draw[style=process]
  18.120 +        (11.5, 3) .. controls (15, 5) .. node[fill=white] (serialisation) {serialisation} (18.5, 3);
  18.121 +      \node (adaption) at (11, -2) [style=adaption] {adaption};
  18.122 +      \node at (19, 3) [rotate=90] {generated};
  18.123 +      \node at (19.5, -5) {language};
  18.124 +      \node at (19.5, -3) {library};
  18.125 +      \node (includes) at (19.5, -1) {includes};
  18.126 +      \node (reserved) at (16.5, -3) [rotate=72] {reserved}; % proper 71.57
  18.127 +      \draw[style=process]
  18.128 +        (includes) -- (serialisation);
  18.129 +      \draw[style=process]
  18.130 +        (reserved) -- (serialisation);
  18.131 +      \draw[style=adaption]
  18.132 +        (adaption) -- (serialisation);
  18.133 +      \draw[style=adaption]
  18.134 +        (adaption) -- (includes);
  18.135 +      \draw[style=adaption]
  18.136 +        (adaption) -- (reserved);
  18.137 +    \end{tikzpicture}
  18.138 +    \caption{The adaption principle}
  18.139 +    \label{fig:adaption}
  18.140 +  \end{figure}
  18.141 +
  18.142 +  \noindent In the tame view, code generation acts as broker between
  18.143 +  \isa{logic}, \isa{intermediate\ language} and
  18.144 +  \isa{target\ language} by means of \isa{translation} and
  18.145 +  \isa{serialisation};  for the latter, the serialiser has to observe
  18.146 +  the structure of the \isa{language} itself plus some \isa{reserved}
  18.147 +  keywords which have to be avoided for generated code.
  18.148 +  However, if you consider \isa{adaption} mechanisms, the code generated
  18.149 +  by the serializer is just the tip of the iceberg:
  18.150 +
  18.151 +  \begin{itemize}
  18.152 +    \item \isa{serialisation} can be \emph{parametrised} such that
  18.153 +      logical entities are mapped to target-specific ones
  18.154 +      (e.g. target-specific list syntax,
  18.155 +        see also \secref{sec:adaption_mechanisms})
  18.156 +    \item Such parametrisations can involve references to a
  18.157 +      target-specific standard \isa{library} (e.g. using
  18.158 +      the \isa{Haskell} \verb|Maybe| type instead
  18.159 +      of the \isa{HOL} \isa{option} type);
  18.160 +      if such are used, the corresponding identifiers
  18.161 +      (in our example, \verb|Maybe|, \verb|Nothing|
  18.162 +      and \verb|Just|) also have to be considered \isa{reserved}.
  18.163 +    \item Even more, the user can enrich the library of the
  18.164 +      target-language by providing code snippets
  18.165 +      (\qt{\isa{includes}}) which are prepended to
  18.166 +      any generated code (see \secref{sec:include});  this typically
  18.167 +      also involves further \isa{reserved} identifiers.
  18.168 +  \end{itemize}
  18.169 +
  18.170 +  \noindent As figure \ref{fig:adaption} illustrates, all these adaption mechanisms
  18.171 +  have to act consistently;  it is at the discretion of the user
  18.172 +  to take care for this.%
  18.173 +\end{isamarkuptext}%
  18.174 +\isamarkuptrue%
  18.175 +%
  18.176 +\isamarkupsubsection{Common adaption patterns%
  18.177 +}
  18.178 +\isamarkuptrue%
  18.179 +%
  18.180 +\begin{isamarkuptext}%
  18.181 +The \hyperlink{theory.HOL}{\mbox{\isa{HOL}}} \hyperlink{theory.Main}{\mbox{\isa{Main}}} theory already provides a code
  18.182 +  generator setup
  18.183 +  which should be suitable for most applications.  Common extensions
  18.184 +  and modifications are available by certain theories of the \isa{HOL}
  18.185 +  library; beside being useful in applications, they may serve
  18.186 +  as a tutorial for customising the code generator setup (see below
  18.187 +  \secref{sec:adaption_mechanisms}).
  18.188 +
  18.189 +  \begin{description}
  18.190 +
  18.191 +    \item[\hyperlink{theory.Code-Integer}{\mbox{\isa{Code{\isacharunderscore}Integer}}}] represents \isa{HOL} integers by big
  18.192 +       integer literals in target languages.
  18.193 +    \item[\hyperlink{theory.Code-Char}{\mbox{\isa{Code{\isacharunderscore}Char}}}] represents \isa{HOL} characters by 
  18.194 +       character literals in target languages.
  18.195 +    \item[\hyperlink{theory.Code-Char-chr}{\mbox{\isa{Code{\isacharunderscore}Char{\isacharunderscore}chr}}}] like \isa{Code{\isacharunderscore}Char},
  18.196 +       but also offers treatment of character codes; includes
  18.197 +       \hyperlink{theory.Code-Char}{\mbox{\isa{Code{\isacharunderscore}Char}}}.
  18.198 +    \item[\hyperlink{theory.Efficient-Nat}{\mbox{\isa{Efficient{\isacharunderscore}Nat}}}] \label{eff_nat} implements natural numbers by integers,
  18.199 +       which in general will result in higher efficiency; pattern
  18.200 +       matching with \isa{{\isadigit{0}}} / \isa{Suc}
  18.201 +       is eliminated;  includes \hyperlink{theory.Code-Integer}{\mbox{\isa{Code{\isacharunderscore}Integer}}}
  18.202 +       and \hyperlink{theory.Code-Index}{\mbox{\isa{Code{\isacharunderscore}Index}}}.
  18.203 +    \item[\hyperlink{theory.Code-Index}{\mbox{\isa{Code{\isacharunderscore}Index}}}] provides an additional datatype
  18.204 +       \isa{index} which is mapped to target-language built-in integers.
  18.205 +       Useful for code setups which involve e.g. indexing of
  18.206 +       target-language arrays.
  18.207 +    \item[\hyperlink{theory.Code-Message}{\mbox{\isa{Code{\isacharunderscore}Message}}}] provides an additional datatype
  18.208 +       \isa{message{\isacharunderscore}string} which is isomorphic to strings;
  18.209 +       \isa{message{\isacharunderscore}string}s are mapped to target-language strings.
  18.210 +       Useful for code setups which involve e.g. printing (error) messages.
  18.211 +
  18.212 +  \end{description}
  18.213 +
  18.214 +  \begin{warn}
  18.215 +    When importing any of these theories, they should form the last
  18.216 +    items in an import list.  Since these theories adapt the
  18.217 +    code generator setup in a non-conservative fashion,
  18.218 +    strange effects may occur otherwise.
  18.219 +  \end{warn}%
  18.220 +\end{isamarkuptext}%
  18.221 +\isamarkuptrue%
  18.222 +%
  18.223 +\isamarkupsubsection{Parametrising serialisation \label{sec:adaption_mechanisms}%
  18.224 +}
  18.225 +\isamarkuptrue%
  18.226 +%
  18.227 +\begin{isamarkuptext}%
  18.228 +Consider the following function and its corresponding
  18.229 +  SML code:%
  18.230 +\end{isamarkuptext}%
  18.231 +\isamarkuptrue%
  18.232 +%
  18.233 +\isadelimquote
  18.234 +%
  18.235 +\endisadelimquote
  18.236 +%
  18.237 +\isatagquote
  18.238 +\isacommand{primrec}\isamarkupfalse%
  18.239 +\ in{\isacharunderscore}interval\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymtimes}\ nat\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ bool{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  18.240 +\ \ {\isachardoublequoteopen}in{\isacharunderscore}interval\ {\isacharparenleft}k{\isacharcomma}\ l{\isacharparenright}\ n\ {\isasymlongleftrightarrow}\ k\ {\isasymle}\ n\ {\isasymand}\ n\ {\isasymle}\ l{\isachardoublequoteclose}%
  18.241 +\endisatagquote
  18.242 +{\isafoldquote}%
  18.243 +%
  18.244 +\isadelimquote
  18.245 +%
  18.246 +\endisadelimquote
  18.247 +%
  18.248 +\isadeliminvisible
  18.249 +%
  18.250 +\endisadeliminvisible
  18.251 +%
  18.252 +\isataginvisible
  18.253 +%
  18.254 +\endisataginvisible
  18.255 +{\isafoldinvisible}%
  18.256 +%
  18.257 +\isadeliminvisible
  18.258 +%
  18.259 +\endisadeliminvisible
  18.260 +%
  18.261 +\isadelimquote
  18.262 +%
  18.263 +\endisadelimquote
  18.264 +%
  18.265 +\isatagquote
  18.266 +%
  18.267 +\begin{isamarkuptext}%
  18.268 +\isatypewriter%
  18.269 +\noindent%
  18.270 +\hspace*{0pt}structure Example = \\
  18.271 +\hspace*{0pt}struct\\
  18.272 +\hspace*{0pt}\\
  18.273 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  18.274 +\hspace*{0pt}\\
  18.275 +\hspace*{0pt}datatype boola = True | False;\\
  18.276 +\hspace*{0pt}\\
  18.277 +\hspace*{0pt}fun anda x True = x\\
  18.278 +\hspace*{0pt} ~| anda x False = False\\
  18.279 +\hspace*{0pt} ~| anda True x = x\\
  18.280 +\hspace*{0pt} ~| anda False x = False;\\
  18.281 +\hspace*{0pt}\\
  18.282 +\hspace*{0pt}fun less{\char95}nat m (Suc n) = less{\char95}eq{\char95}nat m n\\
  18.283 +\hspace*{0pt} ~| less{\char95}nat n Zero{\char95}nat = False\\
  18.284 +\hspace*{0pt}and less{\char95}eq{\char95}nat (Suc m) n = less{\char95}nat m n\\
  18.285 +\hspace*{0pt} ~| less{\char95}eq{\char95}nat Zero{\char95}nat n = True;\\
  18.286 +\hspace*{0pt}\\
  18.287 +\hspace*{0pt}fun in{\char95}interval (k,~l) n = anda (less{\char95}eq{\char95}nat k n) (less{\char95}eq{\char95}nat n l);\\
  18.288 +\hspace*{0pt}\\
  18.289 +\hspace*{0pt}end;~(*struct Example*)%
  18.290 +\end{isamarkuptext}%
  18.291 +\isamarkuptrue%
  18.292 +%
  18.293 +\endisatagquote
  18.294 +{\isafoldquote}%
  18.295 +%
  18.296 +\isadelimquote
  18.297 +%
  18.298 +\endisadelimquote
  18.299 +%
  18.300 +\begin{isamarkuptext}%
  18.301 +\noindent Though this is correct code, it is a little bit unsatisfactory:
  18.302 +  boolean values and operators are materialised as distinguished
  18.303 +  entities with have nothing to do with the SML-built-in notion
  18.304 +  of \qt{bool}.  This results in less readable code;
  18.305 +  additionally, eager evaluation may cause programs to
  18.306 +  loop or break which would perfectly terminate when
  18.307 +  the existing SML \verb|bool| would be used.  To map
  18.308 +  the HOL \isa{bool} on SML \verb|bool|, we may use
  18.309 +  \qn{custom serialisations}:%
  18.310 +\end{isamarkuptext}%
  18.311 +\isamarkuptrue%
  18.312 +%
  18.313 +\isadelimquotett
  18.314 +%
  18.315 +\endisadelimquotett
  18.316 +%
  18.317 +\isatagquotett
  18.318 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
  18.319 +\ bool\isanewline
  18.320 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}bool{\isachardoublequoteclose}{\isacharparenright}\isanewline
  18.321 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  18.322 +\ True\ \isakeyword{and}\ False\ \isakeyword{and}\ {\isachardoublequoteopen}op\ {\isasymand}{\isachardoublequoteclose}\isanewline
  18.323 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}true{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}false{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}{\isacharunderscore}\ andalso\ {\isacharunderscore}{\isachardoublequoteclose}{\isacharparenright}%
  18.324 +\endisatagquotett
  18.325 +{\isafoldquotett}%
  18.326 +%
  18.327 +\isadelimquotett
  18.328 +%
  18.329 +\endisadelimquotett
  18.330 +%
  18.331 +\begin{isamarkuptext}%
  18.332 +\noindent The \hyperlink{command.code-type}{\mbox{\isa{\isacommand{code{\isacharunderscore}type}}}} command takes a type constructor
  18.333 +  as arguments together with a list of custom serialisations.
  18.334 +  Each custom serialisation starts with a target language
  18.335 +  identifier followed by an expression, which during
  18.336 +  code serialisation is inserted whenever the type constructor
  18.337 +  would occur.  For constants, \hyperlink{command.code-const}{\mbox{\isa{\isacommand{code{\isacharunderscore}const}}}} implements
  18.338 +  the corresponding mechanism.  Each ``\verb|_|'' in
  18.339 +  a serialisation expression is treated as a placeholder
  18.340 +  for the type constructor's (the constant's) arguments.%
  18.341 +\end{isamarkuptext}%
  18.342 +\isamarkuptrue%
  18.343 +%
  18.344 +\isadelimquote
  18.345 +%
  18.346 +\endisadelimquote
  18.347 +%
  18.348 +\isatagquote
  18.349 +%
  18.350 +\begin{isamarkuptext}%
  18.351 +\isatypewriter%
  18.352 +\noindent%
  18.353 +\hspace*{0pt}structure Example = \\
  18.354 +\hspace*{0pt}struct\\
  18.355 +\hspace*{0pt}\\
  18.356 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  18.357 +\hspace*{0pt}\\
  18.358 +\hspace*{0pt}fun less{\char95}nat m (Suc n) = less{\char95}eq{\char95}nat m n\\
  18.359 +\hspace*{0pt} ~| less{\char95}nat n Zero{\char95}nat = false\\
  18.360 +\hspace*{0pt}and less{\char95}eq{\char95}nat (Suc m) n = less{\char95}nat m n\\
  18.361 +\hspace*{0pt} ~| less{\char95}eq{\char95}nat Zero{\char95}nat n = true;\\
  18.362 +\hspace*{0pt}\\
  18.363 +\hspace*{0pt}fun in{\char95}interval (k,~l) n = (less{\char95}eq{\char95}nat k n) andalso (less{\char95}eq{\char95}nat n l);\\
  18.364 +\hspace*{0pt}\\
  18.365 +\hspace*{0pt}end;~(*struct Example*)%
  18.366 +\end{isamarkuptext}%
  18.367 +\isamarkuptrue%
  18.368 +%
  18.369 +\endisatagquote
  18.370 +{\isafoldquote}%
  18.371 +%
  18.372 +\isadelimquote
  18.373 +%
  18.374 +\endisadelimquote
  18.375 +%
  18.376 +\begin{isamarkuptext}%
  18.377 +\noindent This still is not perfect: the parentheses
  18.378 +  around the \qt{andalso} expression are superfluous.
  18.379 +  Though the serialiser
  18.380 +  by no means attempts to imitate the rich Isabelle syntax
  18.381 +  framework, it provides some common idioms, notably
  18.382 +  associative infixes with precedences which may be used here:%
  18.383 +\end{isamarkuptext}%
  18.384 +\isamarkuptrue%
  18.385 +%
  18.386 +\isadelimquotett
  18.387 +%
  18.388 +\endisadelimquotett
  18.389 +%
  18.390 +\isatagquotett
  18.391 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  18.392 +\ {\isachardoublequoteopen}op\ {\isasymand}{\isachardoublequoteclose}\isanewline
  18.393 +\ \ {\isacharparenleft}SML\ \isakeyword{infixl}\ {\isadigit{1}}\ {\isachardoublequoteopen}andalso{\isachardoublequoteclose}{\isacharparenright}%
  18.394 +\endisatagquotett
  18.395 +{\isafoldquotett}%
  18.396 +%
  18.397 +\isadelimquotett
  18.398 +%
  18.399 +\endisadelimquotett
  18.400 +%
  18.401 +\isadelimquote
  18.402 +%
  18.403 +\endisadelimquote
  18.404 +%
  18.405 +\isatagquote
  18.406 +%
  18.407 +\begin{isamarkuptext}%
  18.408 +\isatypewriter%
  18.409 +\noindent%
  18.410 +\hspace*{0pt}structure Example = \\
  18.411 +\hspace*{0pt}struct\\
  18.412 +\hspace*{0pt}\\
  18.413 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  18.414 +\hspace*{0pt}\\
  18.415 +\hspace*{0pt}fun less{\char95}nat m (Suc n) = less{\char95}eq{\char95}nat m n\\
  18.416 +\hspace*{0pt} ~| less{\char95}nat n Zero{\char95}nat = false\\
  18.417 +\hspace*{0pt}and less{\char95}eq{\char95}nat (Suc m) n = less{\char95}nat m n\\
  18.418 +\hspace*{0pt} ~| less{\char95}eq{\char95}nat Zero{\char95}nat n = true;\\
  18.419 +\hspace*{0pt}\\
  18.420 +\hspace*{0pt}fun in{\char95}interval (k,~l) n = less{\char95}eq{\char95}nat k n andalso less{\char95}eq{\char95}nat n l;\\
  18.421 +\hspace*{0pt}\\
  18.422 +\hspace*{0pt}end;~(*struct Example*)%
  18.423 +\end{isamarkuptext}%
  18.424 +\isamarkuptrue%
  18.425 +%
  18.426 +\endisatagquote
  18.427 +{\isafoldquote}%
  18.428 +%
  18.429 +\isadelimquote
  18.430 +%
  18.431 +\endisadelimquote
  18.432 +%
  18.433 +\begin{isamarkuptext}%
  18.434 +\noindent The attentive reader may ask how we assert that no generated
  18.435 +  code will accidentally overwrite.  For this reason the serialiser has
  18.436 +  an internal table of identifiers which have to be avoided to be used
  18.437 +  for new declarations.  Initially, this table typically contains the
  18.438 +  keywords of the target language.  It can be extended manually, thus avoiding
  18.439 +  accidental overwrites, using the \hyperlink{command.code-reserved}{\mbox{\isa{\isacommand{code{\isacharunderscore}reserved}}}} command:%
  18.440 +\end{isamarkuptext}%
  18.441 +\isamarkuptrue%
  18.442 +%
  18.443 +\isadelimquote
  18.444 +%
  18.445 +\endisadelimquote
  18.446 +%
  18.447 +\isatagquote
  18.448 +\isacommand{code{\isacharunderscore}reserved}\isamarkupfalse%
  18.449 +\ {\isachardoublequoteopen}{\isasymSML}{\isachardoublequoteclose}\ bool\ true\ false\ andalso%
  18.450 +\endisatagquote
  18.451 +{\isafoldquote}%
  18.452 +%
  18.453 +\isadelimquote
  18.454 +%
  18.455 +\endisadelimquote
  18.456 +%
  18.457 +\begin{isamarkuptext}%
  18.458 +\noindent Next, we try to map HOL pairs to SML pairs, using the
  18.459 +  infix ``\verb|*|'' type constructor and parentheses:%
  18.460 +\end{isamarkuptext}%
  18.461 +\isamarkuptrue%
  18.462 +%
  18.463 +\isadeliminvisible
  18.464 +%
  18.465 +\endisadeliminvisible
  18.466 +%
  18.467 +\isataginvisible
  18.468 +%
  18.469 +\endisataginvisible
  18.470 +{\isafoldinvisible}%
  18.471 +%
  18.472 +\isadeliminvisible
  18.473 +%
  18.474 +\endisadeliminvisible
  18.475 +%
  18.476 +\isadelimquotett
  18.477 +%
  18.478 +\endisadelimquotett
  18.479 +%
  18.480 +\isatagquotett
  18.481 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
  18.482 +\ {\isacharasterisk}\isanewline
  18.483 +\ \ {\isacharparenleft}SML\ \isakeyword{infix}\ {\isadigit{2}}\ {\isachardoublequoteopen}{\isacharasterisk}{\isachardoublequoteclose}{\isacharparenright}\isanewline
  18.484 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  18.485 +\ Pair\isanewline
  18.486 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}{\isacharbang}{\isacharparenleft}{\isacharparenleft}{\isacharunderscore}{\isacharparenright}{\isacharcomma}{\isacharslash}\ {\isacharparenleft}{\isacharunderscore}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}{\isacharparenright}%
  18.487 +\endisatagquotett
  18.488 +{\isafoldquotett}%
  18.489 +%
  18.490 +\isadelimquotett
  18.491 +%
  18.492 +\endisadelimquotett
  18.493 +%
  18.494 +\begin{isamarkuptext}%
  18.495 +\noindent The initial bang ``\verb|!|'' tells the serialiser
  18.496 +  never to put
  18.497 +  parentheses around the whole expression (they are already present),
  18.498 +  while the parentheses around argument place holders
  18.499 +  tell not to put parentheses around the arguments.
  18.500 +  The slash ``\verb|/|'' (followed by arbitrary white space)
  18.501 +  inserts a space which may be used as a break if necessary
  18.502 +  during pretty printing.
  18.503 +
  18.504 +  These examples give a glimpse what mechanisms
  18.505 +  custom serialisations provide; however their usage
  18.506 +  requires careful thinking in order not to introduce
  18.507 +  inconsistencies -- or, in other words:
  18.508 +  custom serialisations are completely axiomatic.
  18.509 +
  18.510 +  A further noteworthy details is that any special
  18.511 +  character in a custom serialisation may be quoted
  18.512 +  using ``\verb|'|''; thus, in
  18.513 +  ``\verb|fn '_ => _|'' the first
  18.514 +  ``\verb|_|'' is a proper underscore while the
  18.515 +  second ``\verb|_|'' is a placeholder.%
  18.516 +\end{isamarkuptext}%
  18.517 +\isamarkuptrue%
  18.518 +%
  18.519 +\isamarkupsubsection{\isa{Haskell} serialisation%
  18.520 +}
  18.521 +\isamarkuptrue%
  18.522 +%
  18.523 +\begin{isamarkuptext}%
  18.524 +For convenience, the default
  18.525 +  \isa{HOL} setup for \isa{Haskell} maps the \isa{eq} class to
  18.526 +  its counterpart in \isa{Haskell}, giving custom serialisations
  18.527 +  for the class \isa{eq} (by command \hyperlink{command.code-class}{\mbox{\isa{\isacommand{code{\isacharunderscore}class}}}}) and its operation
  18.528 +  \isa{eq{\isacharunderscore}class{\isachardot}eq}%
  18.529 +\end{isamarkuptext}%
  18.530 +\isamarkuptrue%
  18.531 +%
  18.532 +\isadelimquotett
  18.533 +%
  18.534 +\endisadelimquotett
  18.535 +%
  18.536 +\isatagquotett
  18.537 +\isacommand{code{\isacharunderscore}class}\isamarkupfalse%
  18.538 +\ eq\isanewline
  18.539 +\ \ {\isacharparenleft}Haskell\ {\isachardoublequoteopen}Eq{\isachardoublequoteclose}{\isacharparenright}\isanewline
  18.540 +\isanewline
  18.541 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  18.542 +\ {\isachardoublequoteopen}op\ {\isacharequal}{\isachardoublequoteclose}\isanewline
  18.543 +\ \ {\isacharparenleft}Haskell\ \isakeyword{infixl}\ {\isadigit{4}}\ {\isachardoublequoteopen}{\isacharequal}{\isacharequal}{\isachardoublequoteclose}{\isacharparenright}%
  18.544 +\endisatagquotett
  18.545 +{\isafoldquotett}%
  18.546 +%
  18.547 +\isadelimquotett
  18.548 +%
  18.549 +\endisadelimquotett
  18.550 +%
  18.551 +\begin{isamarkuptext}%
  18.552 +\noindent A problem now occurs whenever a type which
  18.553 +  is an instance of \isa{eq} in \isa{HOL} is mapped
  18.554 +  on a \isa{Haskell}-built-in type which is also an instance
  18.555 +  of \isa{Haskell} \isa{Eq}:%
  18.556 +\end{isamarkuptext}%
  18.557 +\isamarkuptrue%
  18.558 +%
  18.559 +\isadelimquote
  18.560 +%
  18.561 +\endisadelimquote
  18.562 +%
  18.563 +\isatagquote
  18.564 +\isacommand{typedecl}\isamarkupfalse%
  18.565 +\ bar\isanewline
  18.566 +\isanewline
  18.567 +\isacommand{instantiation}\isamarkupfalse%
  18.568 +\ bar\ {\isacharcolon}{\isacharcolon}\ eq\isanewline
  18.569 +\isakeyword{begin}\isanewline
  18.570 +\isanewline
  18.571 +\isacommand{definition}\isamarkupfalse%
  18.572 +\ {\isachardoublequoteopen}eq{\isacharunderscore}class{\isachardot}eq\ {\isacharparenleft}x{\isasymColon}bar{\isacharparenright}\ y\ {\isasymlongleftrightarrow}\ x\ {\isacharequal}\ y{\isachardoublequoteclose}\isanewline
  18.573 +\isanewline
  18.574 +\isacommand{instance}\isamarkupfalse%
  18.575 +\ \isacommand{by}\isamarkupfalse%
  18.576 +\ default\ {\isacharparenleft}simp\ add{\isacharcolon}\ eq{\isacharunderscore}bar{\isacharunderscore}def{\isacharparenright}\isanewline
  18.577 +\isanewline
  18.578 +\isacommand{end}\isamarkupfalse%
  18.579 +%
  18.580 +\endisatagquote
  18.581 +{\isafoldquote}%
  18.582 +%
  18.583 +\isadelimquote
  18.584 +%
  18.585 +\endisadelimquote
  18.586 +\isanewline
  18.587 +%
  18.588 +\isadelimquotett
  18.589 +%
  18.590 +\endisadelimquotett
  18.591 +%
  18.592 +\isatagquotett
  18.593 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
  18.594 +\ bar\isanewline
  18.595 +\ \ {\isacharparenleft}Haskell\ {\isachardoublequoteopen}Integer{\isachardoublequoteclose}{\isacharparenright}%
  18.596 +\endisatagquotett
  18.597 +{\isafoldquotett}%
  18.598 +%
  18.599 +\isadelimquotett
  18.600 +%
  18.601 +\endisadelimquotett
  18.602 +%
  18.603 +\begin{isamarkuptext}%
  18.604 +\noindent The code generator would produce
  18.605 +  an additional instance, which of course is rejected by the \isa{Haskell}
  18.606 +  compiler.
  18.607 +  To suppress this additional instance, use
  18.608 +  \isa{code{\isacharunderscore}instance}:%
  18.609 +\end{isamarkuptext}%
  18.610 +\isamarkuptrue%
  18.611 +%
  18.612 +\isadelimquotett
  18.613 +%
  18.614 +\endisadelimquotett
  18.615 +%
  18.616 +\isatagquotett
  18.617 +\isacommand{code{\isacharunderscore}instance}\isamarkupfalse%
  18.618 +\ bar\ {\isacharcolon}{\isacharcolon}\ eq\isanewline
  18.619 +\ \ {\isacharparenleft}Haskell\ {\isacharminus}{\isacharparenright}%
  18.620 +\endisatagquotett
  18.621 +{\isafoldquotett}%
  18.622 +%
  18.623 +\isadelimquotett
  18.624 +%
  18.625 +\endisadelimquotett
  18.626 +%
  18.627 +\isamarkupsubsection{Enhancing the target language context \label{sec:include}%
  18.628 +}
  18.629 +\isamarkuptrue%
  18.630 +%
  18.631 +\begin{isamarkuptext}%
  18.632 +In rare cases it is necessary to \emph{enrich} the context of a
  18.633 +  target language;  this is accomplished using the \hyperlink{command.code-include}{\mbox{\isa{\isacommand{code{\isacharunderscore}include}}}}
  18.634 +  command:%
  18.635 +\end{isamarkuptext}%
  18.636 +\isamarkuptrue%
  18.637 +%
  18.638 +\isadelimquotett
  18.639 +%
  18.640 +\endisadelimquotett
  18.641 +%
  18.642 +\isatagquotett
  18.643 +\isacommand{code{\isacharunderscore}include}\isamarkupfalse%
  18.644 +\ Haskell\ {\isachardoublequoteopen}Errno{\isachardoublequoteclose}\isanewline
  18.645 +{\isacharverbatimopen}errno\ i\ {\isacharequal}\ error\ {\isacharparenleft}{\isachardoublequote}Error\ number{\isacharcolon}\ {\isachardoublequote}\ {\isacharplus}{\isacharplus}\ show\ i{\isacharparenright}{\isacharverbatimclose}\isanewline
  18.646 +\isanewline
  18.647 +\isacommand{code{\isacharunderscore}reserved}\isamarkupfalse%
  18.648 +\ Haskell\ Errno%
  18.649 +\endisatagquotett
  18.650 +{\isafoldquotett}%
  18.651 +%
  18.652 +\isadelimquotett
  18.653 +%
  18.654 +\endisadelimquotett
  18.655 +%
  18.656 +\begin{isamarkuptext}%
  18.657 +\noindent Such named \isa{include}s are then prepended to every generated code.
  18.658 +  Inspect such code in order to find out how \hyperlink{command.code-include}{\mbox{\isa{\isacommand{code{\isacharunderscore}include}}}} behaves
  18.659 +  with respect to a particular target language.%
  18.660 +\end{isamarkuptext}%
  18.661 +\isamarkuptrue%
  18.662 +%
  18.663 +\isadelimtheory
  18.664 +%
  18.665 +\endisadelimtheory
  18.666 +%
  18.667 +\isatagtheory
  18.668 +\isacommand{end}\isamarkupfalse%
  18.669 +%
  18.670 +\endisatagtheory
  18.671 +{\isafoldtheory}%
  18.672 +%
  18.673 +\isadelimtheory
  18.674 +%
  18.675 +\endisadelimtheory
  18.676 +\isanewline
  18.677 +\end{isabellebody}%
  18.678 +%%% Local Variables:
  18.679 +%%% mode: latex
  18.680 +%%% TeX-master: "root"
  18.681 +%%% End:
    19.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    19.2 +++ b/doc-src/Codegen/Thy/document/Codegen.tex	Tue Mar 03 19:21:10 2009 +0100
    19.3 @@ -0,0 +1,1690 @@
    19.4 +%
    19.5 +\begin{isabellebody}%
    19.6 +\def\isabellecontext{Codegen}%
    19.7 +%
    19.8 +\isadelimtheory
    19.9 +\isanewline
   19.10 +\isanewline
   19.11 +%
   19.12 +\endisadelimtheory
   19.13 +%
   19.14 +\isatagtheory
   19.15 +%
   19.16 +\endisatagtheory
   19.17 +{\isafoldtheory}%
   19.18 +%
   19.19 +\isadelimtheory
   19.20 +%
   19.21 +\endisadelimtheory
   19.22 +%
   19.23 +\isadelimML
   19.24 +%
   19.25 +\endisadelimML
   19.26 +%
   19.27 +\isatagML
   19.28 +%
   19.29 +\endisatagML
   19.30 +{\isafoldML}%
   19.31 +%
   19.32 +\isadelimML
   19.33 +%
   19.34 +\endisadelimML
   19.35 +%
   19.36 +\isamarkupchapter{Code generation from Isabelle theories%
   19.37 +}
   19.38 +\isamarkuptrue%
   19.39 +%
   19.40 +\isamarkupsection{Introduction%
   19.41 +}
   19.42 +\isamarkuptrue%
   19.43 +%
   19.44 +\isamarkupsubsection{Motivation%
   19.45 +}
   19.46 +\isamarkuptrue%
   19.47 +%
   19.48 +\begin{isamarkuptext}%
   19.49 +Executing formal specifications as programs is a well-established
   19.50 +  topic in the theorem proving community.  With increasing
   19.51 +  application of theorem proving systems in the area of
   19.52 +  software development and verification, its relevance manifests
   19.53 +  for running test cases and rapid prototyping.  In logical
   19.54 +  calculi like constructive type theory,
   19.55 +  a notion of executability is implicit due to the nature
   19.56 +  of the calculus.  In contrast, specifications in Isabelle
   19.57 +  can be highly non-executable.  In order to bridge
   19.58 +  the gap between logic and executable specifications,
   19.59 +  an explicit non-trivial transformation has to be applied:
   19.60 +  code generation.
   19.61 +
   19.62 +  This tutorial introduces a generic code generator for the
   19.63 +  Isabelle system \cite{isa-tutorial}.
   19.64 +  Generic in the sense that the
   19.65 +  \qn{target language} for which code shall ultimately be
   19.66 +  generated is not fixed but may be an arbitrary state-of-the-art
   19.67 +  functional programming language (currently, the implementation
   19.68 +  supports SML \cite{SML}, OCaml \cite{OCaml} and Haskell
   19.69 +  \cite{haskell-revised-report}).
   19.70 +  We aim to provide a
   19.71 +  versatile environment
   19.72 +  suitable for software development and verification,
   19.73 +  structuring the process
   19.74 +  of code generation into a small set of orthogonal principles
   19.75 +  while achieving a big coverage of application areas
   19.76 +  with maximum flexibility.
   19.77 +
   19.78 +  Conceptually the code generator framework is part
   19.79 +  of Isabelle's \isa{Pure} meta logic; the object logic
   19.80 +  \isa{HOL} which is an extension of \isa{Pure}
   19.81 +  already comes with a reasonable framework setup and thus provides
   19.82 +  a good working horse for raising code-generation-driven
   19.83 +  applications.  So, we assume some familiarity and experience
   19.84 +  with the ingredients of the \isa{HOL} \emph{Main} theory
   19.85 +  (see also \cite{isa-tutorial}).%
   19.86 +\end{isamarkuptext}%
   19.87 +\isamarkuptrue%
   19.88 +%
   19.89 +\isamarkupsubsection{Overview%
   19.90 +}
   19.91 +\isamarkuptrue%
   19.92 +%
   19.93 +\begin{isamarkuptext}%
   19.94 +The code generator aims to be usable with no further ado
   19.95 +  in most cases while allowing for detailed customization.
   19.96 +  This manifests in the structure of this tutorial:
   19.97 +  we start with a generic example \secref{sec:example}
   19.98 +  and introduce code generation concepts \secref{sec:concept}.
   19.99 +  Section
  19.100 +  \secref{sec:basics} explains how to use the framework naively,
  19.101 +  presuming a reasonable default setup.  Then, section
  19.102 +  \secref{sec:advanced} deals with advanced topics,
  19.103 +  introducing further aspects of the code generator framework
  19.104 +  in a motivation-driven manner.  Last, section \secref{sec:ml}
  19.105 +  introduces the framework's internal programming interfaces.
  19.106 +
  19.107 +  \begin{warn}
  19.108 +    Ultimately, the code generator which this tutorial deals with
  19.109 +    is supposed to replace the already established code generator
  19.110 +    by Stefan Berghofer \cite{Berghofer-Nipkow:2002}.
  19.111 +    So, for the moment, there are two distinct code generators
  19.112 +    in Isabelle.
  19.113 +    Also note that while the framework itself is
  19.114 +    object-logic independent, only \isa{HOL} provides a reasonable
  19.115 +    framework setup.    
  19.116 +  \end{warn}%
  19.117 +\end{isamarkuptext}%
  19.118 +\isamarkuptrue%
  19.119 +%
  19.120 +\isamarkupsection{An example: a simple theory of search trees \label{sec:example}%
  19.121 +}
  19.122 +\isamarkuptrue%
  19.123 +%
  19.124 +\begin{isamarkuptext}%
  19.125 +When writing executable specifications using \isa{HOL},
  19.126 +  it is convenient to use
  19.127 +  three existing packages: the datatype package for defining
  19.128 +  datatypes, the function package for (recursive) functions,
  19.129 +  and the class package for overloaded definitions.
  19.130 +
  19.131 +  We develope a small theory of search trees; trees are represented
  19.132 +  as a datatype with key type \isa{{\isacharprime}a} and value type \isa{{\isacharprime}b}:%
  19.133 +\end{isamarkuptext}%
  19.134 +\isamarkuptrue%
  19.135 +\isacommand{datatype}\isamarkupfalse%
  19.136 +\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree\ {\isacharequal}\ Leaf\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}linorder{\isachardoublequoteclose}\ {\isacharprime}b\isanewline
  19.137 +\ \ {\isacharbar}\ Branch\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isacharprime}a{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree{\isachardoublequoteclose}%
  19.138 +\begin{isamarkuptext}%
  19.139 +\noindent Note that we have constrained the type of keys
  19.140 +  to the class of total orders, \isa{linorder}.
  19.141 +
  19.142 +  We define \isa{find} and \isa{update} functions:%
  19.143 +\end{isamarkuptext}%
  19.144 +\isamarkuptrue%
  19.145 +\isacommand{primrec}\isamarkupfalse%
  19.146 +\isanewline
  19.147 +\ \ find\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a{\isasymColon}linorder{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}b\ option{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.148 +\ \ {\isachardoublequoteopen}find\ {\isacharparenleft}Leaf\ key\ val{\isacharparenright}\ it\ {\isacharequal}\ {\isacharparenleft}if\ it\ {\isacharequal}\ key\ then\ Some\ val\ else\ None{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.149 +\ \ {\isacharbar}\ {\isachardoublequoteopen}find\ {\isacharparenleft}Branch\ t{\isadigit{1}}\ key\ t{\isadigit{2}}{\isacharparenright}\ it\ {\isacharequal}\ {\isacharparenleft}if\ it\ {\isasymle}\ key\ then\ find\ t{\isadigit{1}}\ it\ else\ find\ t{\isadigit{2}}\ it{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.150 +\isanewline
  19.151 +\isacommand{fun}\isamarkupfalse%
  19.152 +\isanewline
  19.153 +\ \ update\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}linorder\ {\isasymtimes}\ {\isacharprime}b\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.154 +\ \ {\isachardoublequoteopen}update\ {\isacharparenleft}it{\isacharcomma}\ entry{\isacharparenright}\ {\isacharparenleft}Leaf\ key\ val{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}\isanewline
  19.155 +\ \ \ \ if\ it\ {\isacharequal}\ key\ then\ Leaf\ key\ entry\isanewline
  19.156 +\ \ \ \ \ \ else\ if\ it\ {\isasymle}\ key\isanewline
  19.157 +\ \ \ \ \ \ then\ Branch\ {\isacharparenleft}Leaf\ it\ entry{\isacharparenright}\ it\ {\isacharparenleft}Leaf\ key\ val{\isacharparenright}\isanewline
  19.158 +\ \ \ \ \ \ else\ Branch\ {\isacharparenleft}Leaf\ key\ val{\isacharparenright}\ it\ {\isacharparenleft}Leaf\ it\ entry{\isacharparenright}\isanewline
  19.159 +\ \ \ {\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.160 +\ \ {\isacharbar}\ {\isachardoublequoteopen}update\ {\isacharparenleft}it{\isacharcomma}\ entry{\isacharparenright}\ {\isacharparenleft}Branch\ t{\isadigit{1}}\ key\ t{\isadigit{2}}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}\isanewline
  19.161 +\ \ \ \ if\ it\ {\isasymle}\ key\isanewline
  19.162 +\ \ \ \ \ \ then\ {\isacharparenleft}Branch\ {\isacharparenleft}update\ {\isacharparenleft}it{\isacharcomma}\ entry{\isacharparenright}\ t{\isadigit{1}}{\isacharparenright}\ key\ t{\isadigit{2}}{\isacharparenright}\isanewline
  19.163 +\ \ \ \ \ \ else\ {\isacharparenleft}Branch\ t{\isadigit{1}}\ key\ {\isacharparenleft}update\ {\isacharparenleft}it{\isacharcomma}\ entry{\isacharparenright}\ t{\isadigit{2}}{\isacharparenright}{\isacharparenright}\isanewline
  19.164 +\ \ \ {\isacharparenright}{\isachardoublequoteclose}%
  19.165 +\begin{isamarkuptext}%
  19.166 +\noindent For testing purpose, we define a small example
  19.167 +  using natural numbers \isa{nat} (which are a \isa{linorder})
  19.168 +  as keys and list of nats as values:%
  19.169 +\end{isamarkuptext}%
  19.170 +\isamarkuptrue%
  19.171 +\isacommand{definition}\isamarkupfalse%
  19.172 +\isanewline
  19.173 +\ \ example\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}nat{\isacharcomma}\ nat\ list{\isacharparenright}\ searchtree{\isachardoublequoteclose}\isanewline
  19.174 +\isakeyword{where}\isanewline
  19.175 +\ \ {\isachardoublequoteopen}example\ {\isacharequal}\ update\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isacharcomma}\ {\isacharbrackleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharcomma}\ Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharbrackright}{\isacharparenright}\ {\isacharparenleft}update\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharparenright}{\isacharcomma}\ {\isacharbrackleft}Suc\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharparenright}{\isacharbrackright}{\isacharparenright}\isanewline
  19.176 +\ \ \ \ {\isacharparenleft}update\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharcomma}\ {\isacharbrackleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharbrackright}{\isacharparenright}\ {\isacharparenleft}Leaf\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
  19.177 +\begin{isamarkuptext}%
  19.178 +\noindent Then we generate code%
  19.179 +\end{isamarkuptext}%
  19.180 +\isamarkuptrue%
  19.181 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.182 +\ example\ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}tree{\isachardot}ML{\isachardoublequoteclose}%
  19.183 +\begin{isamarkuptext}%
  19.184 +\noindent which looks like:
  19.185 +  \lstsml{Thy/examples/tree.ML}%
  19.186 +\end{isamarkuptext}%
  19.187 +\isamarkuptrue%
  19.188 +%
  19.189 +\isamarkupsection{Code generation concepts and process \label{sec:concept}%
  19.190 +}
  19.191 +\isamarkuptrue%
  19.192 +%
  19.193 +\begin{isamarkuptext}%
  19.194 +\begin{figure}[h]
  19.195 +  \centering
  19.196 +  \includegraphics[width=0.7\textwidth]{codegen_process}
  19.197 +  \caption{code generator -- processing overview}
  19.198 +  \label{fig:process}
  19.199 +  \end{figure}
  19.200 +
  19.201 +  The code generator employs a notion of executability
  19.202 +  for three foundational executable ingredients known
  19.203 +  from functional programming:
  19.204 +  \emph{defining equations}, \emph{datatypes}, and
  19.205 +  \emph{type classes}. A defining equation as a first approximation
  19.206 +  is a theorem of the form \isa{f\ t\isactrlisub {\isadigit{1}}\ t\isactrlisub {\isadigit{2}}\ {\isasymdots}\ t\isactrlisub n\ {\isasymequiv}\ t}
  19.207 +  (an equation headed by a constant \isa{f} with arguments
  19.208 +  \isa{t\isactrlisub {\isadigit{1}}\ t\isactrlisub {\isadigit{2}}\ {\isasymdots}\ t\isactrlisub n} and right hand side \isa{t}).
  19.209 +  Code generation aims to turn defining equations
  19.210 +  into a functional program by running through
  19.211 +  a process (see figure \ref{fig:process}):
  19.212 +
  19.213 +  \begin{itemize}
  19.214 +
  19.215 +    \item Out of the vast collection of theorems proven in a
  19.216 +      \qn{theory}, a reasonable subset modeling
  19.217 +      defining equations is \qn{selected}.
  19.218 +
  19.219 +    \item On those selected theorems, certain
  19.220 +      transformations are carried out
  19.221 +      (\qn{preprocessing}).  Their purpose is to turn theorems
  19.222 +      representing non- or badly executable
  19.223 +      specifications into equivalent but executable counterparts.
  19.224 +      The result is a structured collection of \qn{code theorems}.
  19.225 +
  19.226 +    \item These \qn{code theorems} then are \qn{translated}
  19.227 +      into an Haskell-like intermediate
  19.228 +      language.
  19.229 +
  19.230 +    \item Finally, out of the intermediate language the final
  19.231 +      code in the desired \qn{target language} is \qn{serialized}.
  19.232 +
  19.233 +  \end{itemize}
  19.234 +
  19.235 +  From these steps, only the two last are carried out
  19.236 +  outside the logic; by keeping this layer as
  19.237 +  thin as possible, the amount of code to trust is
  19.238 +  kept to a minimum.%
  19.239 +\end{isamarkuptext}%
  19.240 +\isamarkuptrue%
  19.241 +%
  19.242 +\isamarkupsection{Basics \label{sec:basics}%
  19.243 +}
  19.244 +\isamarkuptrue%
  19.245 +%
  19.246 +\isamarkupsubsection{Invoking the code generator%
  19.247 +}
  19.248 +\isamarkuptrue%
  19.249 +%
  19.250 +\begin{isamarkuptext}%
  19.251 +Thanks to a reasonable setup of the \isa{HOL} theories, in
  19.252 +  most cases code generation proceeds without further ado:%
  19.253 +\end{isamarkuptext}%
  19.254 +\isamarkuptrue%
  19.255 +\isacommand{primrec}\isamarkupfalse%
  19.256 +\isanewline
  19.257 +\ \ fac\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.258 +\ \ \ \ {\isachardoublequoteopen}fac\ {\isadigit{0}}\ {\isacharequal}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
  19.259 +\ \ {\isacharbar}\ {\isachardoublequoteopen}fac\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isacharequal}\ Suc\ n\ {\isacharasterisk}\ fac\ n{\isachardoublequoteclose}%
  19.260 +\begin{isamarkuptext}%
  19.261 +\noindent This executable specification is now turned to SML code:%
  19.262 +\end{isamarkuptext}%
  19.263 +\isamarkuptrue%
  19.264 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.265 +\ fac\ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}fac{\isachardot}ML{\isachardoublequoteclose}%
  19.266 +\begin{isamarkuptext}%
  19.267 +\noindent  The \isa{{\isasymEXPORTCODE}} command takes a space-separated list of
  19.268 +  constants together with \qn{serialization directives}
  19.269 +  These start with a \qn{target language}
  19.270 +  identifier, followed by a file specification
  19.271 +  where to write the generated code to.
  19.272 +
  19.273 +  Internally, the defining equations for all selected
  19.274 +  constants are taken, including any transitively required
  19.275 +  constants, datatypes and classes, resulting in the following
  19.276 +  code:
  19.277 +
  19.278 +  \lstsml{Thy/examples/fac.ML}
  19.279 +
  19.280 +  The code generator will complain when a required
  19.281 +  ingredient does not provide a executable counterpart,
  19.282 +  e.g.~generating code
  19.283 +  for constants not yielding
  19.284 +  a defining equation (e.g.~the Hilbert choice
  19.285 +  operation \isa{SOME}):%
  19.286 +\end{isamarkuptext}%
  19.287 +\isamarkuptrue%
  19.288 +%
  19.289 +\isadelimML
  19.290 +%
  19.291 +\endisadelimML
  19.292 +%
  19.293 +\isatagML
  19.294 +%
  19.295 +\endisatagML
  19.296 +{\isafoldML}%
  19.297 +%
  19.298 +\isadelimML
  19.299 +%
  19.300 +\endisadelimML
  19.301 +\isacommand{definition}\isamarkupfalse%
  19.302 +\isanewline
  19.303 +\ \ pick{\isacharunderscore}some\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.304 +\ \ {\isachardoublequoteopen}pick{\isacharunderscore}some\ xs\ {\isacharequal}\ {\isacharparenleft}SOME\ x{\isachardot}\ x\ {\isasymin}\ set\ xs{\isacharparenright}{\isachardoublequoteclose}%
  19.305 +\isadelimML
  19.306 +%
  19.307 +\endisadelimML
  19.308 +%
  19.309 +\isatagML
  19.310 +%
  19.311 +\endisatagML
  19.312 +{\isafoldML}%
  19.313 +%
  19.314 +\isadelimML
  19.315 +%
  19.316 +\endisadelimML
  19.317 +\isanewline
  19.318 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.319 +\ pick{\isacharunderscore}some\ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}fail{\isacharunderscore}const{\isachardot}ML{\isachardoublequoteclose}%
  19.320 +\begin{isamarkuptext}%
  19.321 +\noindent will fail.%
  19.322 +\end{isamarkuptext}%
  19.323 +\isamarkuptrue%
  19.324 +%
  19.325 +\isamarkupsubsection{Theorem selection%
  19.326 +}
  19.327 +\isamarkuptrue%
  19.328 +%
  19.329 +\begin{isamarkuptext}%
  19.330 +The list of all defining equations in a theory may be inspected
  19.331 +  using the \isa{{\isasymPRINTCODESETUP}} command:%
  19.332 +\end{isamarkuptext}%
  19.333 +\isamarkuptrue%
  19.334 +\isacommand{print{\isacharunderscore}codesetup}\isamarkupfalse%
  19.335 +%
  19.336 +\begin{isamarkuptext}%
  19.337 +\noindent which displays a table of constant with corresponding
  19.338 +  defining equations (the additional stuff displayed
  19.339 +  shall not bother us for the moment).
  19.340 +
  19.341 +  The typical \isa{HOL} tools are already set up in a way that
  19.342 +  function definitions introduced by \isa{{\isasymDEFINITION}},
  19.343 +  \isa{{\isasymPRIMREC}}, \isa{{\isasymFUN}},
  19.344 +  \isa{{\isasymFUNCTION}}, \isa{{\isasymCONSTDEFS}},
  19.345 +  \isa{{\isasymRECDEF}} are implicitly propagated
  19.346 +  to this defining equation table. Specific theorems may be
  19.347 +  selected using an attribute: \emph{code func}. As example,
  19.348 +  a weight selector function:%
  19.349 +\end{isamarkuptext}%
  19.350 +\isamarkuptrue%
  19.351 +\isacommand{primrec}\isamarkupfalse%
  19.352 +\isanewline
  19.353 +\ \ pick\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}nat\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}\ list\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.354 +\ \ {\isachardoublequoteopen}pick\ {\isacharparenleft}x{\isacharhash}xs{\isacharparenright}\ n\ {\isacharequal}\ {\isacharparenleft}let\ {\isacharparenleft}k{\isacharcomma}\ v{\isacharparenright}\ {\isacharequal}\ x\ in\isanewline
  19.355 +\ \ \ \ if\ n\ {\isacharless}\ k\ then\ v\ else\ pick\ xs\ {\isacharparenleft}n\ {\isacharminus}\ k{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
  19.356 +\begin{isamarkuptext}%
  19.357 +\noindent We want to eliminate the explicit destruction
  19.358 +  of \isa{x} to \isa{{\isacharparenleft}k{\isacharcomma}\ v{\isacharparenright}}:%
  19.359 +\end{isamarkuptext}%
  19.360 +\isamarkuptrue%
  19.361 +\isacommand{lemma}\isamarkupfalse%
  19.362 +\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\isanewline
  19.363 +\ \ {\isachardoublequoteopen}pick\ {\isacharparenleft}{\isacharparenleft}k{\isacharcomma}\ v{\isacharparenright}{\isacharhash}xs{\isacharparenright}\ n\ {\isacharequal}\ {\isacharparenleft}if\ n\ {\isacharless}\ k\ then\ v\ else\ pick\ xs\ {\isacharparenleft}n\ {\isacharminus}\ k{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.364 +%
  19.365 +\isadelimproof
  19.366 +\ \ %
  19.367 +\endisadelimproof
  19.368 +%
  19.369 +\isatagproof
  19.370 +\isacommand{by}\isamarkupfalse%
  19.371 +\ simp%
  19.372 +\endisatagproof
  19.373 +{\isafoldproof}%
  19.374 +%
  19.375 +\isadelimproof
  19.376 +\isanewline
  19.377 +%
  19.378 +\endisadelimproof
  19.379 +\isanewline
  19.380 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.381 +\ pick\ \ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}pick{\isadigit{1}}{\isachardot}ML{\isachardoublequoteclose}%
  19.382 +\begin{isamarkuptext}%
  19.383 +\noindent This theorem now is used for generating code:
  19.384 +
  19.385 +  \lstsml{Thy/examples/pick1.ML}
  19.386 +
  19.387 +  \noindent The policy is that \emph{default equations} stemming from
  19.388 +  \isa{{\isasymDEFINITION}},
  19.389 +  \isa{{\isasymPRIMREC}}, \isa{{\isasymFUN}},
  19.390 +  \isa{{\isasymFUNCTION}}, \isa{{\isasymCONSTDEFS}},
  19.391 +  \isa{{\isasymRECDEF}} statements are discarded as soon as an
  19.392 +  equation is explicitly selected by means of \emph{code func}.
  19.393 +  Further applications of \emph{code func} add theorems incrementally,
  19.394 +  but syntactic redundancies are implicitly dropped.  For example,
  19.395 +  using a modified version of the \isa{fac} function
  19.396 +  as defining equation, the then redundant (since
  19.397 +  syntactically subsumed) original defining equations
  19.398 +  are dropped.
  19.399 +
  19.400 +  \begin{warn}
  19.401 +    The attributes \emph{code} and \emph{code del}
  19.402 +    associated with the existing code generator also apply to
  19.403 +    the new one: \emph{code} implies \emph{code func},
  19.404 +    and \emph{code del} implies \emph{code func del}.
  19.405 +  \end{warn}%
  19.406 +\end{isamarkuptext}%
  19.407 +\isamarkuptrue%
  19.408 +%
  19.409 +\isamarkupsubsection{Type classes%
  19.410 +}
  19.411 +\isamarkuptrue%
  19.412 +%
  19.413 +\begin{isamarkuptext}%
  19.414 +Type classes enter the game via the Isar class package.
  19.415 +  For a short introduction how to use it, see \cite{isabelle-classes};
  19.416 +  here we just illustrate its impact on code generation.
  19.417 +
  19.418 +  In a target language, type classes may be represented
  19.419 +  natively (as in the case of Haskell).  For languages
  19.420 +  like SML, they are implemented using \emph{dictionaries}.
  19.421 +  Our following example specifies a class \qt{null},
  19.422 +  assigning to each of its inhabitants a \qt{null} value:%
  19.423 +\end{isamarkuptext}%
  19.424 +\isamarkuptrue%
  19.425 +\isacommand{class}\isamarkupfalse%
  19.426 +\ null\ {\isacharequal}\ type\ {\isacharplus}\isanewline
  19.427 +\ \ \isakeyword{fixes}\ null\ {\isacharcolon}{\isacharcolon}\ {\isacharprime}a\isanewline
  19.428 +\isanewline
  19.429 +\isacommand{primrec}\isamarkupfalse%
  19.430 +\isanewline
  19.431 +\ \ head\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}null\ list\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.432 +\ \ {\isachardoublequoteopen}head\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ null{\isachardoublequoteclose}\isanewline
  19.433 +\ \ {\isacharbar}\ {\isachardoublequoteopen}head\ {\isacharparenleft}x{\isacharhash}xs{\isacharparenright}\ {\isacharequal}\ x{\isachardoublequoteclose}%
  19.434 +\begin{isamarkuptext}%
  19.435 +\noindent  We provide some instances for our \isa{null}:%
  19.436 +\end{isamarkuptext}%
  19.437 +\isamarkuptrue%
  19.438 +\isacommand{instantiation}\isamarkupfalse%
  19.439 +\ option\ \isakeyword{and}\ list\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}type{\isacharparenright}\ null\isanewline
  19.440 +\isakeyword{begin}\isanewline
  19.441 +\isanewline
  19.442 +\isacommand{definition}\isamarkupfalse%
  19.443 +\isanewline
  19.444 +\ \ {\isachardoublequoteopen}null\ {\isacharequal}\ None{\isachardoublequoteclose}\isanewline
  19.445 +\isanewline
  19.446 +\isacommand{definition}\isamarkupfalse%
  19.447 +\isanewline
  19.448 +\ \ {\isachardoublequoteopen}null\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
  19.449 +\isanewline
  19.450 +\isacommand{instance}\isamarkupfalse%
  19.451 +%
  19.452 +\isadelimproof
  19.453 +\ %
  19.454 +\endisadelimproof
  19.455 +%
  19.456 +\isatagproof
  19.457 +\isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
  19.458 +%
  19.459 +\endisatagproof
  19.460 +{\isafoldproof}%
  19.461 +%
  19.462 +\isadelimproof
  19.463 +%
  19.464 +\endisadelimproof
  19.465 +\isanewline
  19.466 +\isanewline
  19.467 +\isacommand{end}\isamarkupfalse%
  19.468 +%
  19.469 +\begin{isamarkuptext}%
  19.470 +\noindent Constructing a dummy example:%
  19.471 +\end{isamarkuptext}%
  19.472 +\isamarkuptrue%
  19.473 +\isacommand{definition}\isamarkupfalse%
  19.474 +\isanewline
  19.475 +\ \ {\isachardoublequoteopen}dummy\ {\isacharequal}\ head\ {\isacharbrackleft}Some\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharcomma}\ None{\isacharbrackright}{\isachardoublequoteclose}%
  19.476 +\begin{isamarkuptext}%
  19.477 +Type classes offer a suitable occasion to introduce
  19.478 +  the Haskell serializer.  Its usage is almost the same
  19.479 +  as SML, but, in accordance with conventions
  19.480 +  some Haskell systems enforce, each module ends
  19.481 +  up in a single file. The module hierarchy is reflected in
  19.482 +  the file system, with root directory given as file specification.%
  19.483 +\end{isamarkuptext}%
  19.484 +\isamarkuptrue%
  19.485 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.486 +\ dummy\ \isakeyword{in}\ Haskell\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}{\isachardoublequoteclose}%
  19.487 +\begin{isamarkuptext}%
  19.488 +\lsthaskell{Thy/examples/Codegen.hs}
  19.489 +  \noindent (we have left out all other modules).
  19.490 +
  19.491 +  \medskip
  19.492 +
  19.493 +  The whole code in SML with explicit dictionary passing:%
  19.494 +\end{isamarkuptext}%
  19.495 +\isamarkuptrue%
  19.496 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.497 +\ dummy\ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}class{\isachardot}ML{\isachardoublequoteclose}%
  19.498 +\begin{isamarkuptext}%
  19.499 +\lstsml{Thy/examples/class.ML}
  19.500 +
  19.501 +  \medskip
  19.502 +
  19.503 +  \noindent or in OCaml:%
  19.504 +\end{isamarkuptext}%
  19.505 +\isamarkuptrue%
  19.506 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.507 +\ dummy\ \isakeyword{in}\ OCaml\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}class{\isachardot}ocaml{\isachardoublequoteclose}%
  19.508 +\begin{isamarkuptext}%
  19.509 +\lstsml{Thy/examples/class.ocaml}
  19.510 +
  19.511 +  \medskip The explicit association of constants
  19.512 +  to classes can be inspected using the \isa{{\isasymPRINTCLASSES}}
  19.513 +  command.%
  19.514 +\end{isamarkuptext}%
  19.515 +\isamarkuptrue%
  19.516 +%
  19.517 +\isamarkupsection{Recipes and advanced topics \label{sec:advanced}%
  19.518 +}
  19.519 +\isamarkuptrue%
  19.520 +%
  19.521 +\begin{isamarkuptext}%
  19.522 +In this tutorial, we do not attempt to give an exhaustive
  19.523 +  description of the code generator framework; instead,
  19.524 +  we cast a light on advanced topics by introducing
  19.525 +  them together with practically motivated examples.  Concerning
  19.526 +  further reading, see
  19.527 +
  19.528 +  \begin{itemize}
  19.529 +
  19.530 +  \item the Isabelle/Isar Reference Manual \cite{isabelle-isar-ref}
  19.531 +    for exhaustive syntax diagrams.
  19.532 +  \item or \cite{Haftmann-Nipkow:2007:codegen} which deals with foundational issues
  19.533 +    of the code generator framework.
  19.534 +
  19.535 +  \end{itemize}%
  19.536 +\end{isamarkuptext}%
  19.537 +\isamarkuptrue%
  19.538 +%
  19.539 +\isamarkupsubsection{Library theories \label{sec:library}%
  19.540 +}
  19.541 +\isamarkuptrue%
  19.542 +%
  19.543 +\begin{isamarkuptext}%
  19.544 +The \isa{HOL} \isa{Main} theory already provides a code
  19.545 +  generator setup
  19.546 +  which should be suitable for most applications. Common extensions
  19.547 +  and modifications are available by certain theories of the \isa{HOL}
  19.548 +  library; beside being useful in applications, they may serve
  19.549 +  as a tutorial for customizing the code generator setup.
  19.550 +
  19.551 +  \begin{description}
  19.552 +
  19.553 +    \item[\isa{Code{\isacharunderscore}Integer}] represents \isa{HOL} integers by big
  19.554 +       integer literals in target languages.
  19.555 +    \item[\isa{Code{\isacharunderscore}Char}] represents \isa{HOL} characters by 
  19.556 +       character literals in target languages.
  19.557 +    \item[\isa{Code{\isacharunderscore}Char{\isacharunderscore}chr}] like \isa{Code{\isacharunderscore}Char},
  19.558 +       but also offers treatment of character codes; includes
  19.559 +       \isa{Code{\isacharunderscore}Integer}.
  19.560 +    \item[\isa{Efficient{\isacharunderscore}Nat}] \label{eff_nat} implements natural numbers by integers,
  19.561 +       which in general will result in higher efficency; pattern
  19.562 +       matching with \isa{{\isadigit{0}}} / \isa{Suc}
  19.563 +       is eliminated;  includes \isa{Code{\isacharunderscore}Integer}.
  19.564 +    \item[\isa{Code{\isacharunderscore}Index}] provides an additional datatype
  19.565 +       \isa{index} which is mapped to target-language built-in integers.
  19.566 +       Useful for code setups which involve e.g. indexing of
  19.567 +       target-language arrays.
  19.568 +    \item[\isa{Code{\isacharunderscore}Message}] provides an additional datatype
  19.569 +       \isa{message{\isacharunderscore}string} which is isomorphic to strings;
  19.570 +       \isa{message{\isacharunderscore}string}s are mapped to target-language strings.
  19.571 +       Useful for code setups which involve e.g. printing (error) messages.
  19.572 +
  19.573 +  \end{description}
  19.574 +
  19.575 +  \begin{warn}
  19.576 +    When importing any of these theories, they should form the last
  19.577 +    items in an import list.  Since these theories adapt the
  19.578 +    code generator setup in a non-conservative fashion,
  19.579 +    strange effects may occur otherwise.
  19.580 +  \end{warn}%
  19.581 +\end{isamarkuptext}%
  19.582 +\isamarkuptrue%
  19.583 +%
  19.584 +\isamarkupsubsection{Preprocessing%
  19.585 +}
  19.586 +\isamarkuptrue%
  19.587 +%
  19.588 +\begin{isamarkuptext}%
  19.589 +Before selected function theorems are turned into abstract
  19.590 +  code, a chain of definitional transformation steps is carried
  19.591 +  out: \emph{preprocessing}.  In essence, the preprocessor
  19.592 +  consists of two components: a \emph{simpset} and \emph{function transformers}.
  19.593 +
  19.594 +  The \emph{simpset} allows to employ the full generality of the Isabelle
  19.595 +  simplifier.  Due to the interpretation of theorems
  19.596 +  as defining equations, rewrites are applied to the right
  19.597 +  hand side and the arguments of the left hand side of an
  19.598 +  equation, but never to the constant heading the left hand side.
  19.599 +  An important special case are \emph{inline theorems} which may be
  19.600 +  declared an undeclared using the
  19.601 +  \emph{code inline} or \emph{code inline del} attribute respectively.
  19.602 +  Some common applications:%
  19.603 +\end{isamarkuptext}%
  19.604 +\isamarkuptrue%
  19.605 +%
  19.606 +\begin{itemize}
  19.607 +%
  19.608 +\begin{isamarkuptext}%
  19.609 +\item replacing non-executable constructs by executable ones:%
  19.610 +\end{isamarkuptext}%
  19.611 +\isamarkuptrue%
  19.612 +\ \ \isacommand{lemma}\isamarkupfalse%
  19.613 +\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
  19.614 +\ \ \ \ {\isachardoublequoteopen}x\ {\isasymin}\ set\ xs\ {\isasymlongleftrightarrow}\ x\ mem\ xs{\isachardoublequoteclose}%
  19.615 +\isadelimproof
  19.616 +\ %
  19.617 +\endisadelimproof
  19.618 +%
  19.619 +\isatagproof
  19.620 +\isacommand{by}\isamarkupfalse%
  19.621 +\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
  19.622 +\endisatagproof
  19.623 +{\isafoldproof}%
  19.624 +%
  19.625 +\isadelimproof
  19.626 +%
  19.627 +\endisadelimproof
  19.628 +%
  19.629 +\begin{isamarkuptext}%
  19.630 +\item eliminating superfluous constants:%
  19.631 +\end{isamarkuptext}%
  19.632 +\isamarkuptrue%
  19.633 +\ \ \isacommand{lemma}\isamarkupfalse%
  19.634 +\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
  19.635 +\ \ \ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharequal}\ Suc\ {\isadigit{0}}{\isachardoublequoteclose}%
  19.636 +\isadelimproof
  19.637 +\ %
  19.638 +\endisadelimproof
  19.639 +%
  19.640 +\isatagproof
  19.641 +\isacommand{by}\isamarkupfalse%
  19.642 +\ simp%
  19.643 +\endisatagproof
  19.644 +{\isafoldproof}%
  19.645 +%
  19.646 +\isadelimproof
  19.647 +%
  19.648 +\endisadelimproof
  19.649 +%
  19.650 +\begin{isamarkuptext}%
  19.651 +\item replacing executable but inconvenient constructs:%
  19.652 +\end{isamarkuptext}%
  19.653 +\isamarkuptrue%
  19.654 +\ \ \isacommand{lemma}\isamarkupfalse%
  19.655 +\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
  19.656 +\ \ \ \ {\isachardoublequoteopen}xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongleftrightarrow}\ List{\isachardot}null\ xs{\isachardoublequoteclose}%
  19.657 +\isadelimproof
  19.658 +\ %
  19.659 +\endisadelimproof
  19.660 +%
  19.661 +\isatagproof
  19.662 +\isacommand{by}\isamarkupfalse%
  19.663 +\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
  19.664 +\endisatagproof
  19.665 +{\isafoldproof}%
  19.666 +%
  19.667 +\isadelimproof
  19.668 +%
  19.669 +\endisadelimproof
  19.670 +%
  19.671 +\end{itemize}
  19.672 +%
  19.673 +\begin{isamarkuptext}%
  19.674 +\emph{Function transformers} provide a very general interface,
  19.675 +  transforming a list of function theorems to another
  19.676 +  list of function theorems, provided that neither the heading
  19.677 +  constant nor its type change.  The \isa{{\isadigit{0}}} / \isa{Suc}
  19.678 +  pattern elimination implemented in
  19.679 +  theory \isa{Efficient{\isacharunderscore}Nat} (see \secref{eff_nat}) uses this
  19.680 +  interface.
  19.681 +
  19.682 +  \noindent The current setup of the preprocessor may be inspected using
  19.683 +  the \isa{{\isasymPRINTCODESETUP}} command.
  19.684 +
  19.685 +  \begin{warn}
  19.686 +    The attribute \emph{code unfold}
  19.687 +    associated with the existing code generator also applies to
  19.688 +    the new one: \emph{code unfold} implies \emph{code inline}.
  19.689 +  \end{warn}%
  19.690 +\end{isamarkuptext}%
  19.691 +\isamarkuptrue%
  19.692 +%
  19.693 +\isamarkupsubsection{Concerning operational equality%
  19.694 +}
  19.695 +\isamarkuptrue%
  19.696 +%
  19.697 +\begin{isamarkuptext}%
  19.698 +Surely you have already noticed how equality is treated
  19.699 +  by the code generator:%
  19.700 +\end{isamarkuptext}%
  19.701 +\isamarkuptrue%
  19.702 +\isacommand{primrec}\isamarkupfalse%
  19.703 +\isanewline
  19.704 +\ \ collect{\isacharunderscore}duplicates\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.705 +\ \ \ \ {\isachardoublequoteopen}collect{\isacharunderscore}duplicates\ xs\ ys\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs{\isachardoublequoteclose}\isanewline
  19.706 +\ \ {\isacharbar}\ {\isachardoublequoteopen}collect{\isacharunderscore}duplicates\ xs\ ys\ {\isacharparenleft}z{\isacharhash}zs{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}if\ z\ {\isasymin}\ set\ xs\isanewline
  19.707 +\ \ \ \ \ \ then\ if\ z\ {\isasymin}\ set\ ys\isanewline
  19.708 +\ \ \ \ \ \ \ \ then\ collect{\isacharunderscore}duplicates\ xs\ ys\ zs\isanewline
  19.709 +\ \ \ \ \ \ \ \ else\ collect{\isacharunderscore}duplicates\ xs\ {\isacharparenleft}z{\isacharhash}ys{\isacharparenright}\ zs\isanewline
  19.710 +\ \ \ \ \ \ else\ collect{\isacharunderscore}duplicates\ {\isacharparenleft}z{\isacharhash}xs{\isacharparenright}\ {\isacharparenleft}z{\isacharhash}ys{\isacharparenright}\ zs{\isacharparenright}{\isachardoublequoteclose}%
  19.711 +\begin{isamarkuptext}%
  19.712 +The membership test during preprocessing is rewritten,
  19.713 +  resulting in \isa{op\ mem}, which itself
  19.714 +  performs an explicit equality check.%
  19.715 +\end{isamarkuptext}%
  19.716 +\isamarkuptrue%
  19.717 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.718 +\ collect{\isacharunderscore}duplicates\ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}collect{\isacharunderscore}duplicates{\isachardot}ML{\isachardoublequoteclose}%
  19.719 +\begin{isamarkuptext}%
  19.720 +\lstsml{Thy/examples/collect_duplicates.ML}%
  19.721 +\end{isamarkuptext}%
  19.722 +\isamarkuptrue%
  19.723 +%
  19.724 +\begin{isamarkuptext}%
  19.725 +Obviously, polymorphic equality is implemented the Haskell
  19.726 +  way using a type class.  How is this achieved?  HOL introduces
  19.727 +  an explicit class \isa{eq} with a corresponding operation
  19.728 +  \isa{eq{\isacharunderscore}class{\isachardot}eq} such that \isa{eq{\isacharunderscore}class{\isachardot}eq\ x\ y\ {\isacharequal}\ {\isacharparenleft}x\ {\isacharequal}\ y{\isacharparenright}}.
  19.729 +  The preprocessing framework does the rest.
  19.730 +  For datatypes, instances of \isa{eq} are implicitly derived
  19.731 +  when possible.  For other types, you may instantiate \isa{eq}
  19.732 +  manually like any other type class.
  19.733 +
  19.734 +  Though this \isa{eq} class is designed to get rarely in
  19.735 +  the way, a subtlety
  19.736 +  enters the stage when definitions of overloaded constants
  19.737 +  are dependent on operational equality.  For example, let
  19.738 +  us define a lexicographic ordering on tuples:%
  19.739 +\end{isamarkuptext}%
  19.740 +\isamarkuptrue%
  19.741 +\isacommand{instantiation}\isamarkupfalse%
  19.742 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}ord{\isacharcomma}\ ord{\isacharparenright}\ ord\isanewline
  19.743 +\isakeyword{begin}\isanewline
  19.744 +\isanewline
  19.745 +\isacommand{definition}\isamarkupfalse%
  19.746 +\isanewline
  19.747 +\ \ {\isacharbrackleft}code\ func\ del{\isacharbrackright}{\isacharcolon}\ {\isachardoublequoteopen}p{\isadigit{1}}\ {\isacharless}\ p{\isadigit{2}}\ {\isasymlongleftrightarrow}\ {\isacharparenleft}let\ {\isacharparenleft}x{\isadigit{1}}{\isacharcomma}\ y{\isadigit{1}}{\isacharparenright}\ {\isacharequal}\ p{\isadigit{1}}{\isacharsemicolon}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isacharequal}\ p{\isadigit{2}}\ in\isanewline
  19.748 +\ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ {\isacharparenleft}x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isacharless}\ y{\isadigit{2}}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.749 +\isanewline
  19.750 +\isacommand{definition}\isamarkupfalse%
  19.751 +\isanewline
  19.752 +\ \ {\isacharbrackleft}code\ func\ del{\isacharbrackright}{\isacharcolon}\ {\isachardoublequoteopen}p{\isadigit{1}}\ {\isasymle}\ p{\isadigit{2}}\ {\isasymlongleftrightarrow}\ {\isacharparenleft}let\ {\isacharparenleft}x{\isadigit{1}}{\isacharcomma}\ y{\isadigit{1}}{\isacharparenright}\ {\isacharequal}\ p{\isadigit{1}}{\isacharsemicolon}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isacharequal}\ p{\isadigit{2}}\ in\isanewline
  19.753 +\ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ {\isacharparenleft}x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isasymle}\ y{\isadigit{2}}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.754 +\isanewline
  19.755 +\isacommand{instance}\isamarkupfalse%
  19.756 +%
  19.757 +\isadelimproof
  19.758 +\ %
  19.759 +\endisadelimproof
  19.760 +%
  19.761 +\isatagproof
  19.762 +\isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
  19.763 +%
  19.764 +\endisatagproof
  19.765 +{\isafoldproof}%
  19.766 +%
  19.767 +\isadelimproof
  19.768 +%
  19.769 +\endisadelimproof
  19.770 +\isanewline
  19.771 +\isanewline
  19.772 +\isacommand{end}\isamarkupfalse%
  19.773 +\isanewline
  19.774 +\isanewline
  19.775 +\isacommand{lemma}\isamarkupfalse%
  19.776 +\ ord{\isacharunderscore}prod\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\isanewline
  19.777 +\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}ord{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}ord{\isacharparenright}\ {\isacharless}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ {\isacharparenleft}x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isacharless}\ y{\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.778 +\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}ord{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}ord{\isacharparenright}\ {\isasymle}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ {\isacharparenleft}x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isasymle}\ y{\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.779 +%
  19.780 +\isadelimproof
  19.781 +\ \ %
  19.782 +\endisadelimproof
  19.783 +%
  19.784 +\isatagproof
  19.785 +\isacommand{unfolding}\isamarkupfalse%
  19.786 +\ less{\isacharunderscore}prod{\isacharunderscore}def\ less{\isacharunderscore}eq{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  19.787 +\ simp{\isacharunderscore}all%
  19.788 +\endisatagproof
  19.789 +{\isafoldproof}%
  19.790 +%
  19.791 +\isadelimproof
  19.792 +%
  19.793 +\endisadelimproof
  19.794 +%
  19.795 +\begin{isamarkuptext}%
  19.796 +Then code generation will fail.  Why?  The definition
  19.797 +  of \isa{op\ {\isasymle}} depends on equality on both arguments,
  19.798 +  which are polymorphic and impose an additional \isa{eq}
  19.799 +  class constraint, thus violating the type discipline
  19.800 +  for class operations.
  19.801 +
  19.802 +  The solution is to add \isa{eq} explicitly to the first sort arguments in the
  19.803 +  code theorems:%
  19.804 +\end{isamarkuptext}%
  19.805 +\isamarkuptrue%
  19.806 +\isacommand{lemma}\isamarkupfalse%
  19.807 +\ ord{\isacharunderscore}prod{\isacharunderscore}code\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\isanewline
  19.808 +\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}{\isacharbraceleft}ord{\isacharcomma}\ eq{\isacharbraceright}{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}ord{\isacharparenright}\ {\isacharless}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
  19.809 +\ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ {\isacharparenleft}x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isacharless}\ y{\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.810 +\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}{\isacharbraceleft}ord{\isacharcomma}\ eq{\isacharbraceright}{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}ord{\isacharparenright}\ {\isasymle}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
  19.811 +\ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ {\isacharparenleft}x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isasymle}\ y{\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.812 +%
  19.813 +\isadelimproof
  19.814 +\ \ %
  19.815 +\endisadelimproof
  19.816 +%
  19.817 +\isatagproof
  19.818 +\isacommand{unfolding}\isamarkupfalse%
  19.819 +\ ord{\isacharunderscore}prod\ \isacommand{by}\isamarkupfalse%
  19.820 +\ rule{\isacharplus}%
  19.821 +\endisatagproof
  19.822 +{\isafoldproof}%
  19.823 +%
  19.824 +\isadelimproof
  19.825 +%
  19.826 +\endisadelimproof
  19.827 +%
  19.828 +\begin{isamarkuptext}%
  19.829 +\noindent Then code generation succeeds:%
  19.830 +\end{isamarkuptext}%
  19.831 +\isamarkuptrue%
  19.832 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.833 +\ {\isachardoublequoteopen}op\ {\isasymle}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}{\isacharbraceleft}eq{\isacharcomma}\ ord{\isacharbraceright}\ {\isasymtimes}\ {\isacharprime}b{\isasymColon}ord\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymtimes}\ {\isacharprime}b\ {\isasymRightarrow}\ bool{\isachardoublequoteclose}\isanewline
  19.834 +\ \ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}lexicographic{\isachardot}ML{\isachardoublequoteclose}%
  19.835 +\begin{isamarkuptext}%
  19.836 +\lstsml{Thy/examples/lexicographic.ML}%
  19.837 +\end{isamarkuptext}%
  19.838 +\isamarkuptrue%
  19.839 +%
  19.840 +\begin{isamarkuptext}%
  19.841 +In general, code theorems for overloaded constants may have more
  19.842 +  restrictive sort constraints than the underlying instance relation
  19.843 +  between class and type constructor as long as the whole system of
  19.844 +  constraints is coregular; code theorems violating coregularity
  19.845 +  are rejected immediately.  Consequently, it might be necessary
  19.846 +  to delete disturbing theorems in the code theorem table,
  19.847 +  as we have done here with the original definitions \isa{less{\isacharunderscore}prod{\isacharunderscore}def}
  19.848 +  and \isa{less{\isacharunderscore}eq{\isacharunderscore}prod{\isacharunderscore}def}.
  19.849 +
  19.850 +  In some cases, the automatically derived defining equations
  19.851 +  for equality on a particular type may not be appropriate.
  19.852 +  As example, watch the following datatype representing
  19.853 +  monomorphic parametric types (where type constructors
  19.854 +  are referred to by natural numbers):%
  19.855 +\end{isamarkuptext}%
  19.856 +\isamarkuptrue%
  19.857 +\isacommand{datatype}\isamarkupfalse%
  19.858 +\ monotype\ {\isacharequal}\ Mono\ nat\ {\isachardoublequoteopen}monotype\ list{\isachardoublequoteclose}%
  19.859 +\isadelimproof
  19.860 +%
  19.861 +\endisadelimproof
  19.862 +%
  19.863 +\isatagproof
  19.864 +%
  19.865 +\endisatagproof
  19.866 +{\isafoldproof}%
  19.867 +%
  19.868 +\isadelimproof
  19.869 +%
  19.870 +\endisadelimproof
  19.871 +%
  19.872 +\begin{isamarkuptext}%
  19.873 +Then code generation for SML would fail with a message
  19.874 +  that the generated code conains illegal mutual dependencies:
  19.875 +  the theorem \isa{Mono\ tyco{\isadigit{1}}\ typargs{\isadigit{1}}\ {\isacharequal}\ Mono\ tyco{\isadigit{2}}\ typargs{\isadigit{2}}\ {\isasymequiv}\ tyco{\isadigit{1}}\ {\isacharequal}\ tyco{\isadigit{2}}\ {\isasymand}\ typargs{\isadigit{1}}\ {\isacharequal}\ typargs{\isadigit{2}}} already requires the
  19.876 +  instance \isa{monotype\ {\isasymColon}\ eq}, which itself requires
  19.877 +  \isa{Mono\ tyco{\isadigit{1}}\ typargs{\isadigit{1}}\ {\isacharequal}\ Mono\ tyco{\isadigit{2}}\ typargs{\isadigit{2}}\ {\isasymequiv}\ tyco{\isadigit{1}}\ {\isacharequal}\ tyco{\isadigit{2}}\ {\isasymand}\ typargs{\isadigit{1}}\ {\isacharequal}\ typargs{\isadigit{2}}};  Haskell has no problem with mutually
  19.878 +  recursive \isa{instance} and \isa{function} definitions,
  19.879 +  but the SML serializer does not support this.
  19.880 +
  19.881 +  In such cases, you have to provide you own equality equations
  19.882 +  involving auxiliary constants.  In our case,
  19.883 +  \isa{list{\isacharunderscore}all{\isadigit{2}}} can do the job:%
  19.884 +\end{isamarkuptext}%
  19.885 +\isamarkuptrue%
  19.886 +\isacommand{lemma}\isamarkupfalse%
  19.887 +\ monotype{\isacharunderscore}eq{\isacharunderscore}list{\isacharunderscore}all{\isadigit{2}}\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\isanewline
  19.888 +\ \ {\isachardoublequoteopen}Mono\ tyco{\isadigit{1}}\ typargs{\isadigit{1}}\ {\isacharequal}\ Mono\ tyco{\isadigit{2}}\ typargs{\isadigit{2}}\ {\isasymlongleftrightarrow}\isanewline
  19.889 +\ \ \ \ \ tyco{\isadigit{1}}\ {\isacharequal}\ tyco{\isadigit{2}}\ {\isasymand}\ list{\isacharunderscore}all{\isadigit{2}}\ {\isacharparenleft}op\ {\isacharequal}{\isacharparenright}\ typargs{\isadigit{1}}\ typargs{\isadigit{2}}{\isachardoublequoteclose}\isanewline
  19.890 +%
  19.891 +\isadelimproof
  19.892 +\ \ %
  19.893 +\endisadelimproof
  19.894 +%
  19.895 +\isatagproof
  19.896 +\isacommand{by}\isamarkupfalse%
  19.897 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ list{\isacharunderscore}all{\isadigit{2}}{\isacharunderscore}eq\ {\isacharbrackleft}symmetric{\isacharbrackright}{\isacharparenright}%
  19.898 +\endisatagproof
  19.899 +{\isafoldproof}%
  19.900 +%
  19.901 +\isadelimproof
  19.902 +%
  19.903 +\endisadelimproof
  19.904 +%
  19.905 +\begin{isamarkuptext}%
  19.906 +does not depend on instance \isa{monotype\ {\isasymColon}\ eq}:%
  19.907 +\end{isamarkuptext}%
  19.908 +\isamarkuptrue%
  19.909 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  19.910 +\ {\isachardoublequoteopen}op\ {\isacharequal}\ {\isacharcolon}{\isacharcolon}\ monotype\ {\isasymRightarrow}\ monotype\ {\isasymRightarrow}\ bool{\isachardoublequoteclose}\isanewline
  19.911 +\ \ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}monotype{\isachardot}ML{\isachardoublequoteclose}%
  19.912 +\begin{isamarkuptext}%
  19.913 +\lstsml{Thy/examples/monotype.ML}%
  19.914 +\end{isamarkuptext}%
  19.915 +\isamarkuptrue%
  19.916 +%
  19.917 +\isamarkupsubsection{Programs as sets of theorems%
  19.918 +}
  19.919 +\isamarkuptrue%
  19.920 +%
  19.921 +\begin{isamarkuptext}%
  19.922 +As told in \secref{sec:concept}, code generation is based
  19.923 +  on a structured collection of code theorems.
  19.924 +  For explorative purpose, this collection
  19.925 +  may be inspected using the \isa{{\isasymCODETHMS}} command:%
  19.926 +\end{isamarkuptext}%
  19.927 +\isamarkuptrue%
  19.928 +\isacommand{code{\isacharunderscore}thms}\isamarkupfalse%
  19.929 +\ {\isachardoublequoteopen}op\ mod\ {\isacharcolon}{\isacharcolon}\ nat\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}%
  19.930 +\begin{isamarkuptext}%
  19.931 +\noindent prints a table with \emph{all} defining equations
  19.932 +  for \isa{op\ mod}, including
  19.933 +  \emph{all} defining equations those equations depend
  19.934 +  on recursivly.  \isa{{\isasymCODETHMS}} provides a convenient
  19.935 +  mechanism to inspect the impact of a preprocessor setup
  19.936 +  on defining equations.
  19.937 +  
  19.938 +  Similarly, the \isa{{\isasymCODEDEPS}} command shows a graph
  19.939 +  visualizing dependencies between defining equations.%
  19.940 +\end{isamarkuptext}%
  19.941 +\isamarkuptrue%
  19.942 +%
  19.943 +\isamarkupsubsection{Constructor sets for datatypes%
  19.944 +}
  19.945 +\isamarkuptrue%
  19.946 +%
  19.947 +\begin{isamarkuptext}%
  19.948 +Conceptually, any datatype is spanned by a set of
  19.949 +  \emph{constructors} of type \isa{{\isasymtau}\ {\isacharequal}\ {\isasymdots}\ {\isasymRightarrow}\ {\isasymkappa}\ {\isasymalpha}\isactrlisub {\isadigit{1}}\ {\isasymdots}\ {\isasymalpha}\isactrlisub n}
  19.950 +  where \isa{{\isacharbraceleft}{\isasymalpha}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymalpha}\isactrlisub n{\isacharbraceright}} is excactly the set of \emph{all}
  19.951 +  type variables in \isa{{\isasymtau}}.  The HOL datatype package
  19.952 +  by default registers any new datatype in the table
  19.953 +  of datatypes, which may be inspected using
  19.954 +  the \isa{{\isasymPRINTCODESETUP}} command.
  19.955 +
  19.956 +  In some cases, it may be convenient to alter or
  19.957 +  extend this table;  as an example, we will develope an alternative
  19.958 +  representation of natural numbers as binary digits, whose
  19.959 +  size does increase logarithmically with its value, not linear
  19.960 +  \footnote{Indeed, the \isa{Efficient{\isacharunderscore}Nat} theory (see \ref{eff_nat})
  19.961 +    does something similar}.  First, the digit representation:%
  19.962 +\end{isamarkuptext}%
  19.963 +\isamarkuptrue%
  19.964 +\isacommand{definition}\isamarkupfalse%
  19.965 +\ Dig{\isadigit{0}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.966 +\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ n\ {\isacharequal}\ {\isadigit{2}}\ {\isacharasterisk}\ n{\isachardoublequoteclose}\isanewline
  19.967 +\isanewline
  19.968 +\isacommand{definition}\isamarkupfalse%
  19.969 +\ Dig{\isadigit{1}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  19.970 +\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ n\ {\isacharequal}\ Suc\ {\isacharparenleft}{\isadigit{2}}\ {\isacharasterisk}\ n{\isacharparenright}{\isachardoublequoteclose}%
  19.971 +\begin{isamarkuptext}%
  19.972 +\noindent We will use these two ">digits"< to represent natural numbers
  19.973 +  in binary digits, e.g.:%
  19.974 +\end{isamarkuptext}%
  19.975 +\isamarkuptrue%
  19.976 +\isacommand{lemma}\isamarkupfalse%
  19.977 +\ {\isadigit{4}}{\isadigit{2}}{\isacharcolon}\ {\isachardoublequoteopen}{\isadigit{4}}{\isadigit{2}}\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}Dig{\isadigit{1}}\ {\isacharparenleft}Dig{\isadigit{0}}\ {\isacharparenleft}Dig{\isadigit{1}}\ {\isacharparenleft}Dig{\isadigit{0}}\ {\isadigit{1}}{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  19.978 +%
  19.979 +\isadelimproof
  19.980 +\ \ %
  19.981 +\endisadelimproof
  19.982 +%
  19.983 +\isatagproof
  19.984 +\isacommand{by}\isamarkupfalse%
  19.985 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ Dig{\isadigit{0}}{\isacharunderscore}def\ Dig{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}%
  19.986 +\endisatagproof
  19.987 +{\isafoldproof}%
  19.988 +%
  19.989 +\isadelimproof
  19.990 +%
  19.991 +\endisadelimproof
  19.992 +%
  19.993 +\begin{isamarkuptext}%
  19.994 +\noindent Of course we also have to provide proper code equations for
  19.995 +  the operations, e.g. \isa{op\ {\isacharplus}}:%
  19.996 +\end{isamarkuptext}%
  19.997 +\isamarkuptrue%
  19.998 +\isacommand{lemma}\isamarkupfalse%
  19.999 +\ plus{\isacharunderscore}Dig\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\isanewline
 19.1000 +\ \ {\isachardoublequoteopen}{\isadigit{0}}\ {\isacharplus}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
 19.1001 +\ \ {\isachardoublequoteopen}m\ {\isacharplus}\ {\isadigit{0}}\ {\isacharequal}\ m{\isachardoublequoteclose}\isanewline
 19.1002 +\ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharplus}\ Dig{\isadigit{0}}\ n\ {\isacharequal}\ Dig{\isadigit{1}}\ n{\isachardoublequoteclose}\isanewline
 19.1003 +\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ m\ {\isacharplus}\ {\isadigit{1}}\ {\isacharequal}\ Dig{\isadigit{1}}\ m{\isachardoublequoteclose}\isanewline
 19.1004 +\ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharplus}\ Dig{\isadigit{1}}\ n\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}n\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
 19.1005 +\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ m\ {\isacharplus}\ {\isadigit{1}}\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}m\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
 19.1006 +\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ m\ {\isacharplus}\ Dig{\isadigit{0}}\ n\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}m\ {\isacharplus}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
 19.1007 +\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ m\ {\isacharplus}\ Dig{\isadigit{1}}\ n\ {\isacharequal}\ Dig{\isadigit{1}}\ {\isacharparenleft}m\ {\isacharplus}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
 19.1008 +\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ m\ {\isacharplus}\ Dig{\isadigit{0}}\ n\ {\isacharequal}\ Dig{\isadigit{1}}\ {\isacharparenleft}m\ {\isacharplus}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
 19.1009 +\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ m\ {\isacharplus}\ Dig{\isadigit{1}}\ n\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}m\ {\isacharplus}\ n\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
 19.1010 +%
 19.1011 +\isadelimproof
 19.1012 +\ \ %
 19.1013 +\endisadelimproof
 19.1014 +%
 19.1015 +\isatagproof
 19.1016 +\isacommand{by}\isamarkupfalse%
 19.1017 +\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ Dig{\isadigit{0}}{\isacharunderscore}def\ Dig{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}%
 19.1018 +\endisatagproof
 19.1019 +{\isafoldproof}%
 19.1020 +%
 19.1021 +\isadelimproof
 19.1022 +%
 19.1023 +\endisadelimproof
 19.1024 +%
 19.1025 +\begin{isamarkuptext}%
 19.1026 +\noindent We then instruct the code generator to view \isa{{\isadigit{0}}},
 19.1027 +  \isa{{\isadigit{1}}}, \isa{Dig{\isadigit{0}}} and \isa{Dig{\isadigit{1}}} as
 19.1028 +  datatype constructors:%
 19.1029 +\end{isamarkuptext}%
 19.1030 +\isamarkuptrue%
 19.1031 +\isacommand{code{\isacharunderscore}datatype}\isamarkupfalse%
 19.1032 +\ {\isachardoublequoteopen}{\isadigit{0}}{\isasymColon}nat{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isadigit{1}}{\isasymColon}nat{\isachardoublequoteclose}\ Dig{\isadigit{0}}\ Dig{\isadigit{1}}%
 19.1033 +\begin{isamarkuptext}%
 19.1034 +\noindent For the former constructor \isa{Suc}, we provide a code
 19.1035 +  equation and remove some parts of the default code generator setup
 19.1036 +  which are an obstacle here:%
 19.1037 +\end{isamarkuptext}%
 19.1038 +\isamarkuptrue%
 19.1039 +\isacommand{lemma}\isamarkupfalse%
 19.1040 +\ Suc{\isacharunderscore}Dig\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\isanewline
 19.1041 +\ \ {\isachardoublequoteopen}Suc\ n\ {\isacharequal}\ n\ {\isacharplus}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
 19.1042 +%
 19.1043 +\isadelimproof
 19.1044 +\ \ %
 19.1045 +\endisadelimproof
 19.1046 +%
 19.1047 +\isatagproof
 19.1048 +\isacommand{by}\isamarkupfalse%
 19.1049 +\ simp%
 19.1050 +\endisatagproof
 19.1051 +{\isafoldproof}%
 19.1052 +%
 19.1053 +\isadelimproof
 19.1054 +\isanewline
 19.1055 +%
 19.1056 +\endisadelimproof
 19.1057 +\isanewline
 19.1058 +\isacommand{declare}\isamarkupfalse%
 19.1059 +\ One{\isacharunderscore}nat{\isacharunderscore}def\ {\isacharbrackleft}code\ inline\ del{\isacharbrackright}\isanewline
 19.1060 +\isacommand{declare}\isamarkupfalse%
 19.1061 +\ add{\isacharunderscore}Suc{\isacharunderscore}shift\ {\isacharbrackleft}code\ func\ del{\isacharbrackright}%
 19.1062 +\begin{isamarkuptext}%
 19.1063 +\noindent This yields the following code:%
 19.1064 +\end{isamarkuptext}%
 19.1065 +\isamarkuptrue%
 19.1066 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
 19.1067 +\ {\isachardoublequoteopen}op\ {\isacharplus}\ {\isasymColon}\ nat\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}nat{\isacharunderscore}binary{\isachardot}ML{\isachardoublequoteclose}%
 19.1068 +\begin{isamarkuptext}%
 19.1069 +\lstsml{Thy/examples/nat_binary.ML}%
 19.1070 +\end{isamarkuptext}%
 19.1071 +\isamarkuptrue%
 19.1072 +%
 19.1073 +\begin{isamarkuptext}%
 19.1074 +\medskip
 19.1075 +
 19.1076 +  From this example, it can be easily glimpsed that using own constructor sets
 19.1077 +  is a little delicate since it changes the set of valid patterns for values
 19.1078 +  of that type.  Without going into much detail, here some practical hints:
 19.1079 +
 19.1080 +  \begin{itemize}
 19.1081 +    \item When changing the constuctor set for datatypes, take care to
 19.1082 +      provide an alternative for the \isa{case} combinator (e.g. by replacing
 19.1083 +      it using the preprocessor).
 19.1084 +    \item Values in the target language need not to be normalized -- different
 19.1085 +      values in the target language may represent the same value in the
 19.1086 +      logic (e.g. \isa{Dig{\isadigit{1}}\ {\isadigit{0}}\ {\isacharequal}\ {\isadigit{1}}}).
 19.1087 +    \item Usually, a good methodology to deal with the subleties of pattern
 19.1088 +      matching is to see the type as an abstract type: provide a set
 19.1089 +      of operations which operate on the concrete representation of the type,
 19.1090 +      and derive further operations by combinations of these primitive ones,
 19.1091 +      without relying on a particular representation.
 19.1092 +  \end{itemize}%
 19.1093 +\end{isamarkuptext}%
 19.1094 +\isamarkuptrue%
 19.1095 +%
 19.1096 +\isadeliminvisible
 19.1097 +%
 19.1098 +\endisadeliminvisible
 19.1099 +%
 19.1100 +\isataginvisible
 19.1101 +\isacommand{code{\isacharunderscore}datatype}\isamarkupfalse%
 19.1102 +\ {\isachardoublequoteopen}{\isadigit{0}}{\isacharcolon}{\isacharcolon}nat{\isachardoublequoteclose}\ Suc\isanewline
 19.1103 +\isacommand{declare}\isamarkupfalse%
 19.1104 +\ plus{\isacharunderscore}Dig\ {\isacharbrackleft}code\ func\ del{\isacharbrackright}\isanewline
 19.1105 +\isacommand{declare}\isamarkupfalse%
 19.1106 +\ One{\isacharunderscore}nat{\isacharunderscore}def\ {\isacharbrackleft}code\ inline{\isacharbrackright}\isanewline
 19.1107 +\isacommand{declare}\isamarkupfalse%
 19.1108 +\ add{\isacharunderscore}Suc{\isacharunderscore}shift\ {\isacharbrackleft}code\ func{\isacharbrackright}\ \isanewline
 19.1109 +\isacommand{lemma}\isamarkupfalse%
 19.1110 +\ {\isacharbrackleft}code\ func{\isacharbrackright}{\isacharcolon}\ {\isachardoublequoteopen}{\isadigit{0}}\ {\isacharplus}\ n\ {\isacharequal}\ {\isacharparenleft}n\ {\isasymColon}\ nat{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
 19.1111 +\ simp%
 19.1112 +\endisataginvisible
 19.1113 +{\isafoldinvisible}%
 19.1114 +%
 19.1115 +\isadeliminvisible
 19.1116 +%
 19.1117 +\endisadeliminvisible
 19.1118 +%
 19.1119 +\isamarkupsubsection{Customizing serialization%
 19.1120 +}
 19.1121 +\isamarkuptrue%
 19.1122 +%
 19.1123 +\isamarkupsubsubsection{Basics%
 19.1124 +}
 19.1125 +\isamarkuptrue%
 19.1126 +%
 19.1127 +\begin{isamarkuptext}%
 19.1128 +Consider the following function and its corresponding
 19.1129 +  SML code:%
 19.1130 +\end{isamarkuptext}%
 19.1131 +\isamarkuptrue%
 19.1132 +\isacommand{primrec}\isamarkupfalse%
 19.1133 +\isanewline
 19.1134 +\ \ in{\isacharunderscore}interval\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymtimes}\ nat\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ bool{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
 19.1135 +\ \ {\isachardoublequoteopen}in{\isacharunderscore}interval\ {\isacharparenleft}k{\isacharcomma}\ l{\isacharparenright}\ n\ {\isasymlongleftrightarrow}\ k\ {\isasymle}\ n\ {\isasymand}\ n\ {\isasymle}\ l{\isachardoublequoteclose}%
 19.1136 +\isadelimtt
 19.1137 +%
 19.1138 +\endisadelimtt
 19.1139 +%
 19.1140 +\isatagtt
 19.1141 +%
 19.1142 +\endisatagtt
 19.1143 +{\isafoldtt}%
 19.1144 +%
 19.1145 +\isadelimtt
 19.1146 +%
 19.1147 +\endisadelimtt
 19.1148 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
 19.1149 +\ in{\isacharunderscore}interval\ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}bool{\isacharunderscore}literal{\isachardot}ML{\isachardoublequoteclose}%
 19.1150 +\begin{isamarkuptext}%
 19.1151 +\lstsml{Thy/examples/bool_literal.ML}
 19.1152 +
 19.1153 +  \noindent Though this is correct code, it is a little bit unsatisfactory:
 19.1154 +  boolean values and operators are materialized as distinguished
 19.1155 +  entities with have nothing to do with the SML-builtin notion
 19.1156 +  of \qt{bool}.  This results in less readable code;
 19.1157 +  additionally, eager evaluation may cause programs to
 19.1158 +  loop or break which would perfectly terminate when
 19.1159 +  the existing SML \qt{bool} would be used.  To map
 19.1160 +  the HOL \qt{bool} on SML \qt{bool}, we may use
 19.1161 +  \qn{custom serializations}:%
 19.1162 +\end{isamarkuptext}%
 19.1163 +\isamarkuptrue%
 19.1164 +%
 19.1165 +\isadelimtt
 19.1166 +%
 19.1167 +\endisadelimtt
 19.1168 +%
 19.1169 +\isatagtt
 19.1170 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
 19.1171 +\ bool\isanewline
 19.1172 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}bool{\isachardoublequoteclose}{\isacharparenright}\isanewline
 19.1173 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
 19.1174 +\ True\ \isakeyword{and}\ False\ \isakeyword{and}\ {\isachardoublequoteopen}op\ {\isasymand}{\isachardoublequoteclose}\isanewline
 19.1175 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}true{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}false{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}{\isacharunderscore}\ andalso\ {\isacharunderscore}{\isachardoublequoteclose}{\isacharparenright}%
 19.1176 +\endisatagtt
 19.1177 +{\isafoldtt}%
 19.1178 +%
 19.1179 +\isadelimtt
 19.1180 +%
 19.1181 +\endisadelimtt
 19.1182 +%
 19.1183 +\begin{isamarkuptext}%
 19.1184 +The \isa{{\isasymCODETYPE}} commad takes a type constructor
 19.1185 +  as arguments together with a list of custom serializations.
 19.1186 +  Each custom serialization starts with a target language
 19.1187 +  identifier followed by an expression, which during
 19.1188 +  code serialization is inserted whenever the type constructor
 19.1189 +  would occur.  For constants, \isa{{\isasymCODECONST}} implements
 19.1190 +  the corresponding mechanism.  Each ``\verb|_|'' in
 19.1191 +  a serialization expression is treated as a placeholder
 19.1192 +  for the type constructor's (the constant's) arguments.%
 19.1193 +\end{isamarkuptext}%
 19.1194 +\isamarkuptrue%
 19.1195 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
 19.1196 +\ in{\isacharunderscore}interval\ \ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}bool{\isacharunderscore}mlbool{\isachardot}ML{\isachardoublequoteclose}%
 19.1197 +\begin{isamarkuptext}%
 19.1198 +\lstsml{Thy/examples/bool_mlbool.ML}
 19.1199 +
 19.1200 +  \noindent This still is not perfect: the parentheses
 19.1201 +  around the \qt{andalso} expression are superfluous.
 19.1202 +  Though the serializer
 19.1203 +  by no means attempts to imitate the rich Isabelle syntax
 19.1204 +  framework, it provides some common idioms, notably
 19.1205 +  associative infixes with precedences which may be used here:%
 19.1206 +\end{isamarkuptext}%
 19.1207 +\isamarkuptrue%
 19.1208 +%
 19.1209 +\isadelimtt
 19.1210 +%
 19.1211 +\endisadelimtt
 19.1212 +%
 19.1213 +\isatagtt
 19.1214 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
 19.1215 +\ {\isachardoublequoteopen}op\ {\isasymand}{\isachardoublequoteclose}\isanewline
 19.1216 +\ \ {\isacharparenleft}SML\ \isakeyword{infixl}\ {\isadigit{1}}\ {\isachardoublequoteopen}andalso{\isachardoublequoteclose}{\isacharparenright}%
 19.1217 +\endisatagtt
 19.1218 +{\isafoldtt}%
 19.1219 +%
 19.1220 +\isadelimtt
 19.1221 +%
 19.1222 +\endisadelimtt
 19.1223 +\isanewline
 19.1224 +\isanewline
 19.1225 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
 19.1226 +\ in{\isacharunderscore}interval\ \ \isakeyword{in}\ SML\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}bool{\isacharunderscore}infix{\isachardot}ML{\isachardoublequoteclose}%
 19.1227 +\begin{isamarkuptext}%
 19.1228 +\lstsml{Thy/examples/bool_infix.ML}
 19.1229 +
 19.1230 +  \medskip
 19.1231 +
 19.1232 +  Next, we try to map HOL pairs to SML pairs, using the
 19.1233 +  infix ``\verb|*|'' type constructor and parentheses:%
 19.1234 +\end{isamarkuptext}%
 19.1235 +\isamarkuptrue%
 19.1236 +%
 19.1237 +\isadelimtt
 19.1238 +%
 19.1239 +\endisadelimtt
 19.1240 +%
 19.1241 +\isatagtt
 19.1242 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
 19.1243 +\ {\isacharasterisk}\isanewline
 19.1244 +\ \ {\isacharparenleft}SML\ \isakeyword{infix}\ {\isadigit{2}}\ {\isachardoublequoteopen}{\isacharasterisk}{\isachardoublequoteclose}{\isacharparenright}\isanewline
 19.1245 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
 19.1246 +\ Pair\isanewline
 19.1247 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}{\isacharbang}{\isacharparenleft}{\isacharparenleft}{\isacharunderscore}{\isacharparenright}{\isacharcomma}{\isacharslash}\ {\isacharparenleft}{\isacharunderscore}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}{\isacharparenright}%
 19.1248 +\endisatagtt
 19.1249 +{\isafoldtt}%
 19.1250 +%
 19.1251 +\isadelimtt
 19.1252 +%
 19.1253 +\endisadelimtt
 19.1254 +%
 19.1255 +\begin{isamarkuptext}%
 19.1256 +The initial bang ``\verb|!|'' tells the serializer to never put
 19.1257 +  parentheses around the whole expression (they are already present),
 19.1258 +  while the parentheses around argument place holders
 19.1259 +  tell not to put parentheses around the arguments.
 19.1260 +  The slash ``\verb|/|'' (followed by arbitrary white space)
 19.1261 +  inserts a space which may be used as a break if necessary
 19.1262 +  during pretty printing.
 19.1263 +
 19.1264 +  These examples give a glimpse what mechanisms
 19.1265 +  custom serializations provide; however their usage
 19.1266 +  requires careful thinking in order not to introduce
 19.1267 +  inconsistencies -- or, in other words:
 19.1268 +  custom serializations are completely axiomatic.
 19.1269 +
 19.1270 +  A further noteworthy details is that any special
 19.1271 +  character in a custom serialization may be quoted
 19.1272 +  using ``\verb|'|''; thus, in
 19.1273 +  ``\verb|fn '_ => _|'' the first
 19.1274 +  ``\verb|_|'' is a proper underscore while the
 19.1275 +  second ``\verb|_|'' is a placeholder.
 19.1276 +
 19.1277 +  The HOL theories provide further
 19.1278 +  examples for custom serializations.%
 19.1279 +\end{isamarkuptext}%
 19.1280 +\isamarkuptrue%
 19.1281 +%
 19.1282 +\isamarkupsubsubsection{Haskell serialization%
 19.1283 +}
 19.1284 +\isamarkuptrue%
 19.1285 +%
 19.1286 +\begin{isamarkuptext}%
 19.1287 +For convenience, the default
 19.1288 +  HOL setup for Haskell maps the \isa{eq} class to
 19.1289 +  its counterpart in Haskell, giving custom serializations
 19.1290 +  for the class (\isa{{\isasymCODECLASS}}) and its operation:%
 19.1291 +\end{isamarkuptext}%
 19.1292 +\isamarkuptrue%
 19.1293 +%
 19.1294 +\isadelimtt
 19.1295 +%
 19.1296 +\endisadelimtt
 19.1297 +%
 19.1298 +\isatagtt
 19.1299 +\isacommand{code{\isacharunderscore}class}\isamarkupfalse%
 19.1300 +\ eq\isanewline
 19.1301 +\ \ {\isacharparenleft}Haskell\ {\isachardoublequoteopen}Eq{\isachardoublequoteclose}\ \isakeyword{where}\ {\isachardoublequoteopen}op\ {\isacharequal}{\isachardoublequoteclose}\ {\isasymequiv}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharequal}{\isacharequal}{\isacharparenright}{\isachardoublequoteclose}{\isacharparenright}\isanewline
 19.1302 +\isanewline
 19.1303 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
 19.1304 +\ {\isachardoublequoteopen}op\ {\isacharequal}{\isachardoublequoteclose}\isanewline
 19.1305 +\ \ {\isacharparenleft}Haskell\ \isakeyword{infixl}\ {\isadigit{4}}\ {\isachardoublequoteopen}{\isacharequal}{\isacharequal}{\isachardoublequoteclose}{\isacharparenright}%
 19.1306 +\endisatagtt
 19.1307 +{\isafoldtt}%
 19.1308 +%
 19.1309 +\isadelimtt
 19.1310 +%
 19.1311 +\endisadelimtt
 19.1312 +%
 19.1313 +\begin{isamarkuptext}%
 19.1314 +A problem now occurs whenever a type which
 19.1315 +  is an instance of \isa{eq} in HOL is mapped
 19.1316 +  on a Haskell-builtin type which is also an instance
 19.1317 +  of Haskell \isa{Eq}:%
 19.1318 +\end{isamarkuptext}%
 19.1319 +\isamarkuptrue%
 19.1320 +\isacommand{typedecl}\isamarkupfalse%
 19.1321 +\ bar\isanewline
 19.1322 +\isanewline
 19.1323 +\isacommand{instantiation}\isamarkupfalse%
 19.1324 +\ bar\ {\isacharcolon}{\isacharcolon}\ eq\isanewline
 19.1325 +\isakeyword{begin}\isanewline
 19.1326 +\isanewline
 19.1327 +\isacommand{definition}\isamarkupfalse%
 19.1328 +\ {\isachardoublequoteopen}eq{\isacharunderscore}class{\isachardot}eq\ {\isacharparenleft}x{\isasymColon}bar{\isacharparenright}\ y\ {\isasymlongleftrightarrow}\ x\ {\isacharequal}\ y{\isachardoublequoteclose}\isanewline
 19.1329 +\isanewline
 19.1330 +\isacommand{instance}\isamarkupfalse%
 19.1331 +%
 19.1332 +\isadelimproof
 19.1333 +\ %
 19.1334 +\endisadelimproof
 19.1335 +%
 19.1336 +\isatagproof
 19.1337 +\isacommand{by}\isamarkupfalse%
 19.1338 +\ default\ {\isacharparenleft}simp\ add{\isacharcolon}\ eq{\isacharunderscore}bar{\isacharunderscore}def{\isacharparenright}%
 19.1339 +\endisatagproof
 19.1340 +{\isafoldproof}%
 19.1341 +%
 19.1342 +\isadelimproof
 19.1343 +%
 19.1344 +\endisadelimproof
 19.1345 +\isanewline
 19.1346 +\isanewline
 19.1347 +\isacommand{end}\isamarkupfalse%
 19.1348 +\isanewline
 19.1349 +%
 19.1350 +\isadelimtt
 19.1351 +\isanewline
 19.1352 +%
 19.1353 +\endisadelimtt
 19.1354 +%
 19.1355 +\isatagtt
 19.1356 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
 19.1357 +\ bar\isanewline
 19.1358 +\ \ {\isacharparenleft}Haskell\ {\isachardoublequoteopen}Integer{\isachardoublequoteclose}{\isacharparenright}%
 19.1359 +\endisatagtt
 19.1360 +{\isafoldtt}%
 19.1361 +%
 19.1362 +\isadelimtt
 19.1363 +%
 19.1364 +\endisadelimtt
 19.1365 +%
 19.1366 +\begin{isamarkuptext}%
 19.1367 +The code generator would produce
 19.1368 +  an additional instance, which of course is rejected.
 19.1369 +  To suppress this additional instance, use
 19.1370 +  \isa{{\isasymCODEINSTANCE}}:%
 19.1371 +\end{isamarkuptext}%
 19.1372 +\isamarkuptrue%
 19.1373 +%
 19.1374 +\isadelimtt
 19.1375 +%
 19.1376 +\endisadelimtt
 19.1377 +%
 19.1378 +\isatagtt
 19.1379 +\isacommand{code{\isacharunderscore}instance}\isamarkupfalse%
 19.1380 +\ bar\ {\isacharcolon}{\isacharcolon}\ eq\isanewline
 19.1381 +\ \ {\isacharparenleft}Haskell\ {\isacharminus}{\isacharparenright}%
 19.1382 +\endisatagtt
 19.1383 +{\isafoldtt}%
 19.1384 +%
 19.1385 +\isadelimtt
 19.1386 +%
 19.1387 +\endisadelimtt
 19.1388 +%
 19.1389 +\isamarkupsubsubsection{Pretty printing%
 19.1390 +}
 19.1391 +\isamarkuptrue%
 19.1392 +%
 19.1393 +\begin{isamarkuptext}%
 19.1394 +The serializer provides ML interfaces to set up
 19.1395 +  pretty serializations for expressions like lists, numerals
 19.1396 +  and characters;  these are
 19.1397 +  monolithic stubs and should only be used with the
 19.1398 +  theories introduced in \secref{sec:library}.%
 19.1399 +\end{isamarkuptext}%
 19.1400 +\isamarkuptrue%
 19.1401 +%
 19.1402 +\isamarkupsubsection{Cyclic module dependencies%
 19.1403 +}
 19.1404 +\isamarkuptrue%
 19.1405 +%
 19.1406 +\begin{isamarkuptext}%
 19.1407 +Sometimes the awkward situation occurs that dependencies
 19.1408 +  between definitions introduce cyclic dependencies
 19.1409 +  between modules, which in the Haskell world leaves
 19.1410 +  you to the mercy of the Haskell implementation you are using,
 19.1411 +  while for SML code generation is not possible.
 19.1412 +
 19.1413 +  A solution is to declare module names explicitly.
 19.1414 +  Let use assume the three cyclically dependent
 19.1415 +  modules are named \emph{A}, \emph{B} and \emph{C}.
 19.1416 +  Then, by stating%
 19.1417 +\end{isamarkuptext}%
 19.1418 +\isamarkuptrue%
 19.1419 +\isacommand{code{\isacharunderscore}modulename}\isamarkupfalse%
 19.1420 +\ SML\isanewline
 19.1421 +\ \ A\ ABC\isanewline
 19.1422 +\ \ B\ ABC\isanewline
 19.1423 +\ \ C\ ABC%
 19.1424 +\begin{isamarkuptext}%
 19.1425 +we explicitly map all those modules on \emph{ABC},
 19.1426 +  resulting in an ad-hoc merge of this three modules
 19.1427 +  at serialization time.%
 19.1428 +\end{isamarkuptext}%
 19.1429 +\isamarkuptrue%
 19.1430 +%
 19.1431 +\isamarkupsubsection{Incremental code generation%
 19.1432 +}
 19.1433 +\isamarkuptrue%
 19.1434 +%
 19.1435 +\begin{isamarkuptext}%
 19.1436 +Code generation is \emph{incremental}: theorems
 19.1437 +  and abstract intermediate code are cached and extended on demand.
 19.1438 +  The cache may be partially or fully dropped if the underlying
 19.1439 +  executable content of the theory changes.
 19.1440 +  Implementation of caching is supposed to transparently
 19.1441 +  hid away the details from the user.  Anyway, caching
 19.1442 +  reaches the surface by using a slightly more general form
 19.1443 +  of the \isa{{\isasymCODETHMS}}, \isa{{\isasymCODEDEPS}}
 19.1444 +  and \isa{{\isasymEXPORTCODE}} commands: the list of constants
 19.1445 +  may be omitted.  Then, all constants with code theorems
 19.1446 +  in the current cache are referred to.%
 19.1447 +\end{isamarkuptext}%
 19.1448 +\isamarkuptrue%
 19.1449 +%
 19.1450 +\isamarkupsection{ML interfaces \label{sec:ml}%
 19.1451 +}
 19.1452 +\isamarkuptrue%
 19.1453 +%
 19.1454 +\begin{isamarkuptext}%
 19.1455 +Since the code generator framework not only aims to provide
 19.1456 +  a nice Isar interface but also to form a base for
 19.1457 +  code-generation-based applications, here a short
 19.1458 +  description of the most important ML interfaces.%
 19.1459 +\end{isamarkuptext}%
 19.1460 +\isamarkuptrue%
 19.1461 +%
 19.1462 +\isamarkupsubsection{Executable theory content: \isa{Code}%
 19.1463 +}
 19.1464 +\isamarkuptrue%
 19.1465 +%
 19.1466 +\begin{isamarkuptext}%
 19.1467 +This Pure module implements the core notions of
 19.1468 +  executable content of a theory.%
 19.1469 +\end{isamarkuptext}%
 19.1470 +\isamarkuptrue%
 19.1471 +%
 19.1472 +\isamarkupsubsubsection{Managing executable content%
 19.1473 +}
 19.1474 +\isamarkuptrue%
 19.1475 +%
 19.1476 +\isadelimmlref
 19.1477 +%
 19.1478 +\endisadelimmlref
 19.1479 +%
 19.1480 +\isatagmlref
 19.1481 +%
 19.1482 +\begin{isamarkuptext}%
 19.1483 +\begin{mldecls}
 19.1484 +  \indexml{Code.add\_func}\verb|Code.add_func: thm -> theory -> theory| \\
 19.1485 +  \indexml{Code.del\_func}\verb|Code.del_func: thm -> theory -> theory| \\
 19.1486 +  \indexml{Code.add\_funcl}\verb|Code.add_funcl: string * thm list Susp.T -> theory -> theory| \\
 19.1487 +  \indexml{Code.map\_pre}\verb|Code.map_pre: (MetaSimplifier.simpset -> MetaSimplifier.simpset) -> theory -> theory| \\
 19.1488 +  \indexml{Code.map\_post}\verb|Code.map_post: (MetaSimplifier.simpset -> MetaSimplifier.simpset) -> theory -> theory| \\
 19.1489 +  \indexml{Code.add\_functrans}\verb|Code.add_functrans: string * (theory -> thm list -> thm list option)|\isasep\isanewline%
 19.1490 +\verb|    -> theory -> theory| \\
 19.1491 +  \indexml{Code.del\_functrans}\verb|Code.del_functrans: string -> theory -> theory| \\
 19.1492 +  \indexml{Code.add\_datatype}\verb|Code.add_datatype: (string * typ) list -> theory -> theory| \\
 19.1493 +  \indexml{Code.get\_datatype}\verb|Code.get_datatype: theory -> string|\isasep\isanewline%
 19.1494 +\verb|    -> (string * sort) list * (string * typ list) list| \\
 19.1495 +  \indexml{Code.get\_datatype\_of\_constr}\verb|Code.get_datatype_of_constr: theory -> string -> string option|
 19.1496 +  \end{mldecls}
 19.1497 +
 19.1498 +  \begin{description}
 19.1499 +
 19.1500 +  \item \verb|Code.add_func|~\isa{thm}~\isa{thy} adds function
 19.1501 +     theorem \isa{thm} to executable content.
 19.1502 +
 19.1503 +  \item \verb|Code.del_func|~\isa{thm}~\isa{thy} removes function
 19.1504 +     theorem \isa{thm} from executable content, if present.
 19.1505 +
 19.1506 +  \item \verb|Code.add_funcl|~\isa{{\isacharparenleft}const{\isacharcomma}\ lthms{\isacharparenright}}~\isa{thy} adds
 19.1507 +     suspended defining equations \isa{lthms} for constant
 19.1508 +     \isa{const} to executable content.
 19.1509 +
 19.1510 +  \item \verb|Code.map_pre|~\isa{f}~\isa{thy} changes
 19.1511 +     the preprocessor simpset.
 19.1512 +
 19.1513 +  \item \verb|Code.add_functrans|~\isa{{\isacharparenleft}name{\isacharcomma}\ f{\isacharparenright}}~\isa{thy} adds
 19.1514 +     function transformer \isa{f} (named \isa{name}) to executable content;
 19.1515 +     \isa{f} is a transformer of the defining equations belonging
 19.1516 +     to a certain function definition, depending on the
 19.1517 +     current theory context.  Returning \isa{NONE} indicates that no
 19.1518 +     transformation took place;  otherwise, the whole process will be iterated
 19.1519 +     with the new defining equations.
 19.1520 +
 19.1521 +  \item \verb|Code.del_functrans|~\isa{name}~\isa{thy} removes
 19.1522 +     function transformer named \isa{name} from executable content.
 19.1523 +
 19.1524 +  \item \verb|Code.add_datatype|~\isa{cs}~\isa{thy} adds
 19.1525 +     a datatype to executable content, with generation
 19.1526 +     set \isa{cs}.
 19.1527 +
 19.1528 +  \item \verb|Code.get_datatype_of_constr|~\isa{thy}~\isa{const}
 19.1529 +     returns type constructor corresponding to
 19.1530 +     constructor \isa{const}; returns \isa{NONE}
 19.1531 +     if \isa{const} is no constructor.
 19.1532 +
 19.1533 +  \end{description}%
 19.1534 +\end{isamarkuptext}%
 19.1535 +\isamarkuptrue%
 19.1536 +%
 19.1537 +\endisatagmlref
 19.1538 +{\isafoldmlref}%
 19.1539 +%
 19.1540 +\isadelimmlref
 19.1541 +%
 19.1542 +\endisadelimmlref
 19.1543 +%
 19.1544 +\isamarkupsubsection{Auxiliary%
 19.1545 +}
 19.1546 +\isamarkuptrue%
 19.1547 +%
 19.1548 +\isadelimmlref
 19.1549 +%
 19.1550 +\endisadelimmlref
 19.1551 +%
 19.1552 +\isatagmlref
 19.1553 +%
 19.1554 +\begin{isamarkuptext}%
 19.1555 +\begin{mldecls}
 19.1556 +  \indexml{Code\_Unit.read\_const}\verb|Code_Unit.read_const: theory -> string -> string| \\
 19.1557 +  \indexml{Code\_Unit.head\_func}\verb|Code_Unit.head_func: thm -> string * ((string * sort) list * typ)| \\
 19.1558 +  \indexml{Code\_Unit.rewrite\_func}\verb|Code_Unit.rewrite_func: MetaSimplifier.simpset -> thm -> thm| \\
 19.1559 +  \end{mldecls}
 19.1560 +
 19.1561 +  \begin{description}
 19.1562 +
 19.1563 +  \item \verb|Code_Unit.read_const|~\isa{thy}~\isa{s}
 19.1564 +     reads a constant as a concrete term expression \isa{s}.
 19.1565 +
 19.1566 +  \item \verb|Code_Unit.head_func|~\isa{thm}
 19.1567 +     extracts the constant and its type from a defining equation \isa{thm}.
 19.1568 +
 19.1569 +  \item \verb|Code_Unit.rewrite_func|~\isa{ss}~\isa{thm}
 19.1570 +     rewrites a defining equation \isa{thm} with a simpset \isa{ss};
 19.1571 +     only arguments and right hand side are rewritten,
 19.1572 +     not the head of the defining equation.
 19.1573 +
 19.1574 +  \end{description}%
 19.1575 +\end{isamarkuptext}%
 19.1576 +\isamarkuptrue%
 19.1577 +%
 19.1578 +\endisatagmlref
 19.1579 +{\isafoldmlref}%
 19.1580 +%
 19.1581 +\isadelimmlref
 19.1582 +%
 19.1583 +\endisadelimmlref
 19.1584 +%
 19.1585 +\isamarkupsubsection{Implementing code generator applications%
 19.1586 +}
 19.1587 +\isamarkuptrue%
 19.1588 +%
 19.1589 +\begin{isamarkuptext}%
 19.1590 +Implementing code generator applications on top
 19.1591 +  of the framework set out so far usually not only
 19.1592 +  involves using those primitive interfaces
 19.1593 +  but also storing code-dependent data and various
 19.1594 +  other things.
 19.1595 +
 19.1596 +  \begin{warn}
 19.1597 +    Some interfaces discussed here have not reached
 19.1598 +    a final state yet.
 19.1599 +    Changes likely to occur in future.
 19.1600 +  \end{warn}%
 19.1601 +\end{isamarkuptext}%
 19.1602 +\isamarkuptrue%
 19.1603 +%
 19.1604 +\isamarkupsubsubsection{Data depending on the theory's executable content%
 19.1605 +}
 19.1606 +\isamarkuptrue%
 19.1607 +%
 19.1608 +\begin{isamarkuptext}%
 19.1609 +Due to incrementality of code generation, changes in the
 19.1610 +  theory's executable content have to be propagated in a
 19.1611 +  certain fashion.  Additionally, such changes may occur
 19.1612 +  not only during theory extension but also during theory
 19.1613 +  merge, which is a little bit nasty from an implementation
 19.1614 +  point of view.  The framework provides a solution
 19.1615 +  to this technical challenge by providing a functorial
 19.1616 +  data slot \verb|CodeDataFun|; on instantiation
 19.1617 +  of this functor, the following types and operations
 19.1618 +  are required:
 19.1619 +
 19.1620 +  \medskip
 19.1621 +  \begin{tabular}{l}
 19.1622 +  \isa{type\ T} \\
 19.1623 +  \isa{val\ empty{\isacharcolon}\ T} \\
 19.1624 +  \isa{val\ merge{\isacharcolon}\ Pretty{\isachardot}pp\ {\isasymrightarrow}\ T\ {\isacharasterisk}\ T\ {\isasymrightarrow}\ T} \\
 19.1625 +  \isa{val\ purge{\isacharcolon}\ theory\ option\ {\isasymrightarrow}\ CodeUnit{\isachardot}const\ list\ option\ {\isasymrightarrow}\ T\ {\isasymrightarrow}\ T}
 19.1626 +  \end{tabular}
 19.1627 +
 19.1628 +  \begin{description}
 19.1629 +
 19.1630 +  \item \isa{T} the type of data to store.
 19.1631 +
 19.1632 +  \item \isa{empty} initial (empty) data.
 19.1633 +
 19.1634 +  \item \isa{merge} merging two data slots.
 19.1635 +
 19.1636 +  \item \isa{purge}~\isa{thy}~\isa{consts} propagates changes in executable content;
 19.1637 +    if possible, the current theory context is handed over
 19.1638 +    as argument \isa{thy} (if there is no current theory context (e.g.~during
 19.1639 +    theory merge, \verb|NONE|); \isa{consts} indicates the kind
 19.1640 +    of change: \verb|NONE| stands for a fundamental change
 19.1641 +    which invalidates any existing code, \isa{SOME\ consts}
 19.1642 +    hints that executable content for constants \isa{consts}
 19.1643 +    has changed.
 19.1644 +
 19.1645 +  \end{description}
 19.1646 +
 19.1647 +  An instance of \verb|CodeDataFun| provides the following
 19.1648 +  interface:
 19.1649 +
 19.1650 +  \medskip
 19.1651 +  \begin{tabular}{l}
 19.1652 +  \isa{get{\isacharcolon}\ theory\ {\isasymrightarrow}\ T} \\
 19.1653 +  \isa{change{\isacharcolon}\ theory\ {\isasymrightarrow}\ {\isacharparenleft}T\ {\isasymrightarrow}\ T{\isacharparenright}\ {\isasymrightarrow}\ T} \\
 19.1654 +  \isa{change{\isacharunderscore}yield{\isacharcolon}\ theory\ {\isasymrightarrow}\ {\isacharparenleft}T\ {\isasymrightarrow}\ {\isacharprime}a\ {\isacharasterisk}\ T{\isacharparenright}\ {\isasymrightarrow}\ {\isacharprime}a\ {\isacharasterisk}\ T}
 19.1655 +  \end{tabular}
 19.1656 +
 19.1657 +  \begin{description}
 19.1658 +
 19.1659 +  \item \isa{get} retrieval of the current data.
 19.1660 +
 19.1661 +  \item \isa{change} update of current data (cached!)
 19.1662 +    by giving a continuation.
 19.1663 +
 19.1664 +  \item \isa{change{\isacharunderscore}yield} update with side result.
 19.1665 +
 19.1666 +  \end{description}%
 19.1667 +\end{isamarkuptext}%
 19.1668 +\isamarkuptrue%
 19.1669 +%
 19.1670 +\begin{isamarkuptext}%
 19.1671 +\emph{Happy proving, happy hacking!}%
 19.1672 +\end{isamarkuptext}%
 19.1673 +\isamarkuptrue%
 19.1674 +%
 19.1675 +\isadelimtheory
 19.1676 +%
 19.1677 +\endisadelimtheory
 19.1678 +%
 19.1679 +\isatagtheory
 19.1680 +\isacommand{end}\isamarkupfalse%
 19.1681 +%
 19.1682 +\endisatagtheory
 19.1683 +{\isafoldtheory}%
 19.1684 +%
 19.1685 +\isadelimtheory
 19.1686 +%
 19.1687 +\endisadelimtheory
 19.1688 +\isanewline
 19.1689 +\end{isabellebody}%
 19.1690 +%%% Local Variables:
 19.1691 +%%% mode: latex
 19.1692 +%%% TeX-master: "root"
 19.1693 +%%% End:
    20.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    20.2 +++ b/doc-src/Codegen/Thy/document/Further.tex	Tue Mar 03 19:21:10 2009 +0100
    20.3 @@ -0,0 +1,246 @@
    20.4 +%
    20.5 +\begin{isabellebody}%
    20.6 +\def\isabellecontext{Further}%
    20.7 +%
    20.8 +\isadelimtheory
    20.9 +%
   20.10 +\endisadelimtheory
   20.11 +%
   20.12 +\isatagtheory
   20.13 +\isacommand{theory}\isamarkupfalse%
   20.14 +\ Further\isanewline
   20.15 +\isakeyword{imports}\ Setup\isanewline
   20.16 +\isakeyword{begin}%
   20.17 +\endisatagtheory
   20.18 +{\isafoldtheory}%
   20.19 +%
   20.20 +\isadelimtheory
   20.21 +%
   20.22 +\endisadelimtheory
   20.23 +%
   20.24 +\isamarkupsection{Further issues \label{sec:further}%
   20.25 +}
   20.26 +\isamarkuptrue%
   20.27 +%
   20.28 +\isamarkupsubsection{Further reading%
   20.29 +}
   20.30 +\isamarkuptrue%
   20.31 +%
   20.32 +\begin{isamarkuptext}%
   20.33 +Do dive deeper into the issue of code generation, you should visit
   20.34 +  the Isabelle/Isar Reference Manual \cite{isabelle-isar-ref} which
   20.35 +  contains exhaustive syntax diagrams.%
   20.36 +\end{isamarkuptext}%
   20.37 +\isamarkuptrue%
   20.38 +%
   20.39 +\isamarkupsubsection{Modules%
   20.40 +}
   20.41 +\isamarkuptrue%
   20.42 +%
   20.43 +\begin{isamarkuptext}%
   20.44 +When invoking the \hyperlink{command.export-code}{\mbox{\isa{\isacommand{export{\isacharunderscore}code}}}} command it is possible to leave
   20.45 +  out the \hyperlink{keyword.module-name}{\mbox{\isa{\isakeyword{module{\isacharunderscore}name}}}} part;  then code is distributed over
   20.46 +  different modules, where the module name space roughly is induced
   20.47 +  by the \isa{Isabelle} theory name space.
   20.48 +
   20.49 +  Then sometimes the awkward situation occurs that dependencies between
   20.50 +  definitions introduce cyclic dependencies between modules, which in the
   20.51 +  \isa{Haskell} world leaves you to the mercy of the \isa{Haskell} implementation
   20.52 +  you are using,  while for \isa{SML}/\isa{OCaml} code generation is not possible.
   20.53 +
   20.54 +  A solution is to declare module names explicitly.
   20.55 +  Let use assume the three cyclically dependent
   20.56 +  modules are named \emph{A}, \emph{B} and \emph{C}.
   20.57 +  Then, by stating%
   20.58 +\end{isamarkuptext}%
   20.59 +\isamarkuptrue%
   20.60 +%
   20.61 +\isadelimquote
   20.62 +%
   20.63 +\endisadelimquote
   20.64 +%
   20.65 +\isatagquote
   20.66 +\isacommand{code{\isacharunderscore}modulename}\isamarkupfalse%
   20.67 +\ SML\isanewline
   20.68 +\ \ A\ ABC\isanewline
   20.69 +\ \ B\ ABC\isanewline
   20.70 +\ \ C\ ABC%
   20.71 +\endisatagquote
   20.72 +{\isafoldquote}%
   20.73 +%
   20.74 +\isadelimquote
   20.75 +%
   20.76 +\endisadelimquote
   20.77 +%
   20.78 +\begin{isamarkuptext}%
   20.79 +we explicitly map all those modules on \emph{ABC},
   20.80 +  resulting in an ad-hoc merge of this three modules
   20.81 +  at serialisation time.%
   20.82 +\end{isamarkuptext}%
   20.83 +\isamarkuptrue%
   20.84 +%
   20.85 +\isamarkupsubsection{Evaluation oracle%
   20.86 +}
   20.87 +\isamarkuptrue%
   20.88 +%
   20.89 +\begin{isamarkuptext}%
   20.90 +Code generation may also be used to \emph{evaluate} expressions
   20.91 +  (using \isa{SML} as target language of course).
   20.92 +  For instance, the \hyperlink{command.value}{\mbox{\isa{\isacommand{value}}}} allows to reduce an expression to a
   20.93 +  normal form with respect to the underlying code equations:%
   20.94 +\end{isamarkuptext}%
   20.95 +\isamarkuptrue%
   20.96 +%
   20.97 +\isadelimquote
   20.98 +%
   20.99 +\endisadelimquote
  20.100 +%
  20.101 +\isatagquote
  20.102 +\isacommand{value}\isamarkupfalse%
  20.103 +\ {\isachardoublequoteopen}{\isadigit{4}}{\isadigit{2}}\ {\isacharslash}\ {\isacharparenleft}{\isadigit{1}}{\isadigit{2}}\ {\isacharcolon}{\isacharcolon}\ rat{\isacharparenright}{\isachardoublequoteclose}%
  20.104 +\endisatagquote
  20.105 +{\isafoldquote}%
  20.106 +%
  20.107 +\isadelimquote
  20.108 +%
  20.109 +\endisadelimquote
  20.110 +%
  20.111 +\begin{isamarkuptext}%
  20.112 +\noindent will display \isa{{\isadigit{7}}\ {\isacharslash}\ {\isadigit{2}}}.
  20.113 +
  20.114 +  The \hyperlink{method.eval}{\mbox{\isa{eval}}} method tries to reduce a goal by code generation to \isa{True}
  20.115 +  and solves it in that case, but fails otherwise:%
  20.116 +\end{isamarkuptext}%
  20.117 +\isamarkuptrue%
  20.118 +%
  20.119 +\isadelimquote
  20.120 +%
  20.121 +\endisadelimquote
  20.122 +%
  20.123 +\isatagquote
  20.124 +\isacommand{lemma}\isamarkupfalse%
  20.125 +\ {\isachardoublequoteopen}{\isadigit{4}}{\isadigit{2}}\ {\isacharslash}\ {\isacharparenleft}{\isadigit{1}}{\isadigit{2}}\ {\isacharcolon}{\isacharcolon}\ rat{\isacharparenright}\ {\isacharequal}\ {\isadigit{7}}\ {\isacharslash}\ {\isadigit{2}}{\isachardoublequoteclose}\isanewline
  20.126 +\ \ \isacommand{by}\isamarkupfalse%
  20.127 +\ eval%
  20.128 +\endisatagquote
  20.129 +{\isafoldquote}%
  20.130 +%
  20.131 +\isadelimquote
  20.132 +%
  20.133 +\endisadelimquote
  20.134 +%
  20.135 +\begin{isamarkuptext}%
  20.136 +\noindent The soundness of the \hyperlink{method.eval}{\mbox{\isa{eval}}} method depends crucially 
  20.137 +  on the correctness of the code generator;  this is one of the reasons
  20.138 +  why you should not use adaption (see \secref{sec:adaption}) frivolously.%
  20.139 +\end{isamarkuptext}%
  20.140 +\isamarkuptrue%
  20.141 +%
  20.142 +\isamarkupsubsection{Code antiquotation%
  20.143 +}
  20.144 +\isamarkuptrue%
  20.145 +%
  20.146 +\begin{isamarkuptext}%
  20.147 +In scenarios involving techniques like reflection it is quite common
  20.148 +  that code generated from a theory forms the basis for implementing
  20.149 +  a proof procedure in \isa{SML}.  To facilitate interfacing of generated code
  20.150 +  with system code, the code generator provides a \isa{code} antiquotation:%
  20.151 +\end{isamarkuptext}%
  20.152 +\isamarkuptrue%
  20.153 +%
  20.154 +\isadelimquote
  20.155 +%
  20.156 +\endisadelimquote
  20.157 +%
  20.158 +\isatagquote
  20.159 +\isacommand{datatype}\isamarkupfalse%
  20.160 +\ form\ {\isacharequal}\ T\ {\isacharbar}\ F\ {\isacharbar}\ And\ form\ form\ {\isacharbar}\ Or\ form\ form%
  20.161 +\endisatagquote
  20.162 +{\isafoldquote}%
  20.163 +%
  20.164 +\isadelimquote
  20.165 +%
  20.166 +\endisadelimquote
  20.167 +\isanewline
  20.168 +%
  20.169 +\isadelimquotett
  20.170 +%
  20.171 +\endisadelimquotett
  20.172 +%
  20.173 +\isatagquotett
  20.174 +\isacommand{ML}\isamarkupfalse%
  20.175 +\ {\isacharverbatimopen}\isanewline
  20.176 +\ \ fun\ eval{\isacharunderscore}form\ %
  20.177 +\isaantiq
  20.178 +code\ T%
  20.179 +\endisaantiq
  20.180 +\ {\isacharequal}\ true\isanewline
  20.181 +\ \ \ \ {\isacharbar}\ eval{\isacharunderscore}form\ %
  20.182 +\isaantiq
  20.183 +code\ F%
  20.184 +\endisaantiq
  20.185 +\ {\isacharequal}\ false\isanewline
  20.186 +\ \ \ \ {\isacharbar}\ eval{\isacharunderscore}form\ {\isacharparenleft}%
  20.187 +\isaantiq
  20.188 +code\ And%
  20.189 +\endisaantiq
  20.190 +\ {\isacharparenleft}p{\isacharcomma}\ q{\isacharparenright}{\isacharparenright}\ {\isacharequal}\isanewline
  20.191 +\ \ \ \ \ \ \ \ eval{\isacharunderscore}form\ p\ andalso\ eval{\isacharunderscore}form\ q\isanewline
  20.192 +\ \ \ \ {\isacharbar}\ eval{\isacharunderscore}form\ {\isacharparenleft}%
  20.193 +\isaantiq
  20.194 +code\ Or%
  20.195 +\endisaantiq
  20.196 +\ {\isacharparenleft}p{\isacharcomma}\ q{\isacharparenright}{\isacharparenright}\ {\isacharequal}\isanewline
  20.197 +\ \ \ \ \ \ \ \ eval{\isacharunderscore}form\ p\ orelse\ eval{\isacharunderscore}form\ q{\isacharsemicolon}\isanewline
  20.198 +{\isacharverbatimclose}%
  20.199 +\endisatagquotett
  20.200 +{\isafoldquotett}%
  20.201 +%
  20.202 +\isadelimquotett
  20.203 +%
  20.204 +\endisadelimquotett
  20.205 +%
  20.206 +\begin{isamarkuptext}%
  20.207 +\noindent \isa{code} takes as argument the name of a constant;  after the
  20.208 +  whole \isa{SML} is read, the necessary code is generated transparently
  20.209 +  and the corresponding constant names are inserted.  This technique also
  20.210 +  allows to use pattern matching on constructors stemming from compiled
  20.211 +  \isa{datatypes}.
  20.212 +
  20.213 +  For a less simplistic example, theory \hyperlink{theory.Ferrack}{\mbox{\isa{Ferrack}}} is
  20.214 +  a good reference.%
  20.215 +\end{isamarkuptext}%
  20.216 +\isamarkuptrue%
  20.217 +%
  20.218 +\isamarkupsubsection{Imperative data structures%
  20.219 +}
  20.220 +\isamarkuptrue%
  20.221 +%
  20.222 +\begin{isamarkuptext}%
  20.223 +If you consider imperative data structures as inevitable for a specific
  20.224 +  application, you should consider
  20.225 +  \emph{Imperative Functional Programming with Isabelle/HOL}
  20.226 +  (\cite{bulwahn-et-al:2008:imperative});
  20.227 +  the framework described there is available in theory \hyperlink{theory.Imperative-HOL}{\mbox{\isa{Imperative{\isacharunderscore}HOL}}}.%
  20.228 +\end{isamarkuptext}%
  20.229 +\isamarkuptrue%
  20.230 +%
  20.231 +\isadelimtheory
  20.232 +%
  20.233 +\endisadelimtheory
  20.234 +%
  20.235 +\isatagtheory
  20.236 +\isacommand{end}\isamarkupfalse%
  20.237 +%
  20.238 +\endisatagtheory
  20.239 +{\isafoldtheory}%
  20.240 +%
  20.241 +\isadelimtheory
  20.242 +%
  20.243 +\endisadelimtheory
  20.244 +\isanewline
  20.245 +\end{isabellebody}%
  20.246 +%%% Local Variables:
  20.247 +%%% mode: latex
  20.248 +%%% TeX-master: "root"
  20.249 +%%% End:
    21.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    21.2 +++ b/doc-src/Codegen/Thy/document/Introduction.tex	Tue Mar 03 19:21:10 2009 +0100
    21.3 @@ -0,0 +1,386 @@
    21.4 +%
    21.5 +\begin{isabellebody}%
    21.6 +\def\isabellecontext{Introduction}%
    21.7 +%
    21.8 +\isadelimtheory
    21.9 +%
   21.10 +\endisadelimtheory
   21.11 +%
   21.12 +\isatagtheory
   21.13 +\isacommand{theory}\isamarkupfalse%
   21.14 +\ Introduction\isanewline
   21.15 +\isakeyword{imports}\ Setup\isanewline
   21.16 +\isakeyword{begin}%
   21.17 +\endisatagtheory
   21.18 +{\isafoldtheory}%
   21.19 +%
   21.20 +\isadelimtheory
   21.21 +%
   21.22 +\endisadelimtheory
   21.23 +%
   21.24 +\isamarkupsection{Introduction and Overview%
   21.25 +}
   21.26 +\isamarkuptrue%
   21.27 +%
   21.28 +\begin{isamarkuptext}%
   21.29 +This tutorial introduces a generic code generator for the
   21.30 +  \isa{Isabelle} system.
   21.31 +  Generic in the sense that the
   21.32 +  \qn{target language} for which code shall ultimately be
   21.33 +  generated is not fixed but may be an arbitrary state-of-the-art
   21.34 +  functional programming language (currently, the implementation
   21.35 +  supports \isa{SML} \cite{SML}, \isa{OCaml} \cite{OCaml} and \isa{Haskell}
   21.36 +  \cite{haskell-revised-report}).
   21.37 +
   21.38 +  Conceptually the code generator framework is part
   21.39 +  of Isabelle's \hyperlink{theory.Pure}{\mbox{\isa{Pure}}} meta logic framework; the logic
   21.40 +  \hyperlink{theory.HOL}{\mbox{\isa{HOL}}} which is an extension of \hyperlink{theory.Pure}{\mbox{\isa{Pure}}}
   21.41 +  already comes with a reasonable framework setup and thus provides
   21.42 +  a good working horse for raising code-generation-driven
   21.43 +  applications.  So, we assume some familiarity and experience
   21.44 +  with the ingredients of the \hyperlink{theory.HOL}{\mbox{\isa{HOL}}} distribution theories.
   21.45 +  (see also \cite{isa-tutorial}).
   21.46 +
   21.47 +  The code generator aims to be usable with no further ado
   21.48 +  in most cases while allowing for detailed customisation.
   21.49 +  This manifests in the structure of this tutorial: after a short
   21.50 +  conceptual introduction with an example (\secref{sec:intro}),
   21.51 +  we discuss the generic customisation facilities (\secref{sec:program}).
   21.52 +  A further section (\secref{sec:adaption}) is dedicated to the matter of
   21.53 +  \qn{adaption} to specific target language environments.  After some
   21.54 +  further issues (\secref{sec:further}) we conclude with an overview
   21.55 +  of some ML programming interfaces (\secref{sec:ml}).
   21.56 +
   21.57 +  \begin{warn}
   21.58 +    Ultimately, the code generator which this tutorial deals with
   21.59 +    is supposed to replace the existing code generator
   21.60 +    by Stefan Berghofer \cite{Berghofer-Nipkow:2002}.
   21.61 +    So, for the moment, there are two distinct code generators
   21.62 +    in Isabelle.  In case of ambiguity, we will refer to the framework
   21.63 +    described here as \isa{generic\ code\ generator}, to the
   21.64 +    other as \isa{SML\ code\ generator}.
   21.65 +    Also note that while the framework itself is
   21.66 +    object-logic independent, only \hyperlink{theory.HOL}{\mbox{\isa{HOL}}} provides a reasonable
   21.67 +    framework setup.    
   21.68 +  \end{warn}%
   21.69 +\end{isamarkuptext}%
   21.70 +\isamarkuptrue%
   21.71 +%
   21.72 +\isamarkupsubsection{Code generation via shallow embedding \label{sec:intro}%
   21.73 +}
   21.74 +\isamarkuptrue%
   21.75 +%
   21.76 +\begin{isamarkuptext}%
   21.77 +The key concept for understanding \isa{Isabelle}'s code generation is
   21.78 +  \emph{shallow embedding}, i.e.~logical entities like constants, types and
   21.79 +  classes are identified with corresponding concepts in the target language.
   21.80 +
   21.81 +  Inside \hyperlink{theory.HOL}{\mbox{\isa{HOL}}}, the \hyperlink{command.datatype}{\mbox{\isa{\isacommand{datatype}}}} and
   21.82 +  \hyperlink{command.definition}{\mbox{\isa{\isacommand{definition}}}}/\hyperlink{command.primrec}{\mbox{\isa{\isacommand{primrec}}}}/\hyperlink{command.fun}{\mbox{\isa{\isacommand{fun}}}} declarations form
   21.83 +  the core of a functional programming language.  The default code generator setup
   21.84 +  allows to turn those into functional programs immediately.
   21.85 +  This means that \qt{naive} code generation can proceed without further ado.
   21.86 +  For example, here a simple \qt{implementation} of amortised queues:%
   21.87 +\end{isamarkuptext}%
   21.88 +\isamarkuptrue%
   21.89 +%
   21.90 +\isadelimquote
   21.91 +%
   21.92 +\endisadelimquote
   21.93 +%
   21.94 +\isatagquote
   21.95 +\isacommand{datatype}\isamarkupfalse%
   21.96 +\ {\isacharprime}a\ queue\ {\isacharequal}\ AQueue\ {\isachardoublequoteopen}{\isacharprime}a\ list{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isacharprime}a\ list{\isachardoublequoteclose}\isanewline
   21.97 +\isanewline
   21.98 +\isacommand{definition}\isamarkupfalse%
   21.99 +\ empty\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  21.100 +\ \ {\isachardoublequoteopen}empty\ {\isacharequal}\ AQueue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
  21.101 +\isanewline
  21.102 +\isacommand{primrec}\isamarkupfalse%
  21.103 +\ enqueue\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ queue\ {\isasymRightarrow}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  21.104 +\ \ {\isachardoublequoteopen}enqueue\ x\ {\isacharparenleft}AQueue\ xs\ ys{\isacharparenright}\ {\isacharequal}\ AQueue\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ ys{\isachardoublequoteclose}\isanewline
  21.105 +\isanewline
  21.106 +\isacommand{fun}\isamarkupfalse%
  21.107 +\ dequeue\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ queue\ {\isasymRightarrow}\ {\isacharprime}a\ option\ {\isasymtimes}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  21.108 +\ \ \ \ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}AQueue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}None{\isacharcomma}\ AQueue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  21.109 +\ \ {\isacharbar}\ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}AQueue\ xs\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}Some\ y{\isacharcomma}\ AQueue\ xs\ ys{\isacharparenright}{\isachardoublequoteclose}\isanewline
  21.110 +\ \ {\isacharbar}\ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}AQueue\ xs\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\isanewline
  21.111 +\ \ \ \ \ \ {\isacharparenleft}case\ rev\ xs\ of\ y\ {\isacharhash}\ ys\ {\isasymRightarrow}\ {\isacharparenleft}Some\ y{\isacharcomma}\ AQueue\ {\isacharbrackleft}{\isacharbrackright}\ ys{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
  21.112 +\endisatagquote
  21.113 +{\isafoldquote}%
  21.114 +%
  21.115 +\isadelimquote
  21.116 +%
  21.117 +\endisadelimquote
  21.118 +%
  21.119 +\begin{isamarkuptext}%
  21.120 +\noindent Then we can generate code e.g.~for \isa{SML} as follows:%
  21.121 +\end{isamarkuptext}%
  21.122 +\isamarkuptrue%
  21.123 +%
  21.124 +\isadelimquote
  21.125 +%
  21.126 +\endisadelimquote
  21.127 +%
  21.128 +\isatagquote
  21.129 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  21.130 +\ empty\ dequeue\ enqueue\ \isakeyword{in}\ SML\isanewline
  21.131 +\ \ \isakeyword{module{\isacharunderscore}name}\ Example\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}example{\isachardot}ML{\isachardoublequoteclose}%
  21.132 +\endisatagquote
  21.133 +{\isafoldquote}%
  21.134 +%
  21.135 +\isadelimquote
  21.136 +%
  21.137 +\endisadelimquote
  21.138 +%
  21.139 +\begin{isamarkuptext}%
  21.140 +\noindent resulting in the following code:%
  21.141 +\end{isamarkuptext}%
  21.142 +\isamarkuptrue%
  21.143 +%
  21.144 +\isadelimquote
  21.145 +%
  21.146 +\endisadelimquote
  21.147 +%
  21.148 +\isatagquote
  21.149 +%
  21.150 +\begin{isamarkuptext}%
  21.151 +\isatypewriter%
  21.152 +\noindent%
  21.153 +\hspace*{0pt}structure Example = \\
  21.154 +\hspace*{0pt}struct\\
  21.155 +\hspace*{0pt}\\
  21.156 +\hspace*{0pt}fun foldl f a [] = a\\
  21.157 +\hspace*{0pt} ~| foldl f a (x ::~xs) = foldl f (f a x) xs;\\
  21.158 +\hspace*{0pt}\\
  21.159 +\hspace*{0pt}fun rev xs = foldl (fn xsa => fn x => x ::~xsa) [] xs;\\
  21.160 +\hspace*{0pt}\\
  21.161 +\hspace*{0pt}fun list{\char95}case f1 f2 (a ::~lista) = f2 a lista\\
  21.162 +\hspace*{0pt} ~| list{\char95}case f1 f2 [] = f1;\\
  21.163 +\hspace*{0pt}\\
  21.164 +\hspace*{0pt}datatype 'a queue = AQueue of 'a list * 'a list;\\
  21.165 +\hspace*{0pt}\\
  21.166 +\hspace*{0pt}val empty :~'a queue = AQueue ([],~[])\\
  21.167 +\hspace*{0pt}\\
  21.168 +\hspace*{0pt}fun dequeue (AQueue ([],~[])) = (NONE,~AQueue ([],~[]))\\
  21.169 +\hspace*{0pt} ~| dequeue (AQueue (xs,~y ::~ys)) = (SOME y,~AQueue (xs,~ys))\\
  21.170 +\hspace*{0pt} ~| dequeue (AQueue (v ::~va,~[])) =\\
  21.171 +\hspace*{0pt} ~~~let\\
  21.172 +\hspace*{0pt} ~~~~~val y ::~ys = rev (v ::~va);\\
  21.173 +\hspace*{0pt} ~~~in\\
  21.174 +\hspace*{0pt} ~~~~~(SOME y,~AQueue ([],~ys))\\
  21.175 +\hspace*{0pt} ~~~end;\\
  21.176 +\hspace*{0pt}\\
  21.177 +\hspace*{0pt}fun enqueue x (AQueue (xs,~ys)) = AQueue (x ::~xs,~ys);\\
  21.178 +\hspace*{0pt}\\
  21.179 +\hspace*{0pt}end;~(*struct Example*)%
  21.180 +\end{isamarkuptext}%
  21.181 +\isamarkuptrue%
  21.182 +%
  21.183 +\endisatagquote
  21.184 +{\isafoldquote}%
  21.185 +%
  21.186 +\isadelimquote
  21.187 +%
  21.188 +\endisadelimquote
  21.189 +%
  21.190 +\begin{isamarkuptext}%
  21.191 +\noindent The \hyperlink{command.export-code}{\mbox{\isa{\isacommand{export{\isacharunderscore}code}}}} command takes a space-separated list of
  21.192 +  constants for which code shall be generated;  anything else needed for those
  21.193 +  is added implicitly.  Then follows a target language identifier
  21.194 +  (\isa{SML}, \isa{OCaml} or \isa{Haskell}) and a freely chosen module name.
  21.195 +  A file name denotes the destination to store the generated code.  Note that
  21.196 +  the semantics of the destination depends on the target language:  for
  21.197 +  \isa{SML} and \isa{OCaml} it denotes a \emph{file}, for \isa{Haskell}
  21.198 +  it denotes a \emph{directory} where a file named as the module name
  21.199 +  (with extension \isa{{\isachardot}hs}) is written:%
  21.200 +\end{isamarkuptext}%
  21.201 +\isamarkuptrue%
  21.202 +%
  21.203 +\isadelimquote
  21.204 +%
  21.205 +\endisadelimquote
  21.206 +%
  21.207 +\isatagquote
  21.208 +\isacommand{export{\isacharunderscore}code}\isamarkupfalse%
  21.209 +\ empty\ dequeue\ enqueue\ \isakeyword{in}\ Haskell\isanewline
  21.210 +\ \ \isakeyword{module{\isacharunderscore}name}\ Example\ \isakeyword{file}\ {\isachardoublequoteopen}examples{\isacharslash}{\isachardoublequoteclose}%
  21.211 +\endisatagquote
  21.212 +{\isafoldquote}%
  21.213 +%
  21.214 +\isadelimquote
  21.215 +%
  21.216 +\endisadelimquote
  21.217 +%
  21.218 +\begin{isamarkuptext}%
  21.219 +\noindent This is how the corresponding code in \isa{Haskell} looks like:%
  21.220 +\end{isamarkuptext}%
  21.221 +\isamarkuptrue%
  21.222 +%
  21.223 +\isadelimquote
  21.224 +%
  21.225 +\endisadelimquote
  21.226 +%
  21.227 +\isatagquote
  21.228 +%
  21.229 +\begin{isamarkuptext}%
  21.230 +\isatypewriter%
  21.231 +\noindent%
  21.232 +\hspace*{0pt}module Example where {\char123}\\
  21.233 +\hspace*{0pt}\\
  21.234 +\hspace*{0pt}\\
  21.235 +\hspace*{0pt}foldla ::~forall a b.~(a -> b -> a) -> a -> [b] -> a;\\
  21.236 +\hspace*{0pt}foldla f a [] = a;\\
  21.237 +\hspace*{0pt}foldla f a (x :~xs) = foldla f (f a x) xs;\\
  21.238 +\hspace*{0pt}\\
  21.239 +\hspace*{0pt}rev ::~forall a.~[a] -> [a];\\
  21.240 +\hspace*{0pt}rev xs = foldla ({\char92}~xsa x -> x :~xsa) [] xs;\\
  21.241 +\hspace*{0pt}\\
  21.242 +\hspace*{0pt}list{\char95}case ::~forall t a.~t -> (a -> [a] -> t) -> [a] -> t;\\
  21.243 +\hspace*{0pt}list{\char95}case f1 f2 (a :~list) = f2 a list;\\
  21.244 +\hspace*{0pt}list{\char95}case f1 f2 [] = f1;\\
  21.245 +\hspace*{0pt}\\
  21.246 +\hspace*{0pt}data Queue a = AQueue [a] [a];\\
  21.247 +\hspace*{0pt}\\
  21.248 +\hspace*{0pt}empty ::~forall a.~Queue a;\\
  21.249 +\hspace*{0pt}empty = AQueue [] [];\\
  21.250 +\hspace*{0pt}\\
  21.251 +\hspace*{0pt}dequeue ::~forall a.~Queue a -> (Maybe a,~Queue a);\\
  21.252 +\hspace*{0pt}dequeue (AQueue [] []) = (Nothing,~AQueue [] []);\\
  21.253 +\hspace*{0pt}dequeue (AQueue xs (y :~ys)) = (Just y,~AQueue xs ys);\\
  21.254 +\hspace*{0pt}dequeue (AQueue (v :~va) []) =\\
  21.255 +\hspace*{0pt} ~let {\char123}\\
  21.256 +\hspace*{0pt} ~~~(y :~ys) = rev (v :~va);\\
  21.257 +\hspace*{0pt} ~{\char125}~in (Just y,~AQueue [] ys);\\
  21.258 +\hspace*{0pt}\\
  21.259 +\hspace*{0pt}enqueue ::~forall a.~a -> Queue a -> Queue a;\\
  21.260 +\hspace*{0pt}enqueue x (AQueue xs ys) = AQueue (x :~xs) ys;\\
  21.261 +\hspace*{0pt}\\
  21.262 +\hspace*{0pt}{\char125}%
  21.263 +\end{isamarkuptext}%
  21.264 +\isamarkuptrue%
  21.265 +%
  21.266 +\endisatagquote
  21.267 +{\isafoldquote}%
  21.268 +%
  21.269 +\isadelimquote
  21.270 +%
  21.271 +\endisadelimquote
  21.272 +%
  21.273 +\begin{isamarkuptext}%
  21.274 +\noindent This demonstrates the basic usage of the \hyperlink{command.export-code}{\mbox{\isa{\isacommand{export{\isacharunderscore}code}}}} command;
  21.275 +  for more details see \secref{sec:further}.%
  21.276 +\end{isamarkuptext}%
  21.277 +\isamarkuptrue%
  21.278 +%
  21.279 +\isamarkupsubsection{Code generator architecture \label{sec:concept}%
  21.280 +}
  21.281 +\isamarkuptrue%
  21.282 +%
  21.283 +\begin{isamarkuptext}%
  21.284 +What you have seen so far should be already enough in a lot of cases.  If you
  21.285 +  are content with this, you can quit reading here.  Anyway, in order to customise
  21.286 +  and adapt the code generator, it is inevitable to gain some understanding
  21.287 +  how it works.
  21.288 +
  21.289 +  \begin{figure}[h]
  21.290 +    \begin{tikzpicture}[x = 4.2cm, y = 1cm]
  21.291 +      \tikzstyle entity=[rounded corners, draw, thick, color = black, fill = white];
  21.292 +      \tikzstyle process=[ellipse, draw, thick, color = green, fill = white];
  21.293 +      \tikzstyle process_arrow=[->, semithick, color = green];
  21.294 +      \node (HOL) at (0, 4) [style=entity] {\isa{Isabelle{\isacharslash}HOL} theory};
  21.295 +      \node (eqn) at (2, 2) [style=entity] {code equations};
  21.296 +      \node (iml) at (2, 0) [style=entity] {intermediate language};
  21.297 +      \node (seri) at (1, 0) [style=process] {serialisation};
  21.298 +      \node (SML) at (0, 3) [style=entity] {\isa{SML}};
  21.299 +      \node (OCaml) at (0, 2) [style=entity] {\isa{OCaml}};
  21.300 +      \node (further) at (0, 1) [style=entity] {\isa{{\isasymdots}}};
  21.301 +      \node (Haskell) at (0, 0) [style=entity] {\isa{Haskell}};
  21.302 +      \draw [style=process_arrow] (HOL) .. controls (2, 4) ..
  21.303 +        node [style=process, near start] {selection}
  21.304 +        node [style=process, near end] {preprocessing}
  21.305 +        (eqn);
  21.306 +      \draw [style=process_arrow] (eqn) -- node (transl) [style=process] {translation} (iml);
  21.307 +      \draw [style=process_arrow] (iml) -- (seri);
  21.308 +      \draw [style=process_arrow] (seri) -- (SML);
  21.309 +      \draw [style=process_arrow] (seri) -- (OCaml);
  21.310 +      \draw [style=process_arrow, dashed] (seri) -- (further);
  21.311 +      \draw [style=process_arrow] (seri) -- (Haskell);
  21.312 +    \end{tikzpicture}
  21.313 +    \caption{Code generator architecture}
  21.314 +    \label{fig:arch}
  21.315 +  \end{figure}
  21.316 +
  21.317 +  The code generator employs a notion of executability
  21.318 +  for three foundational executable ingredients known
  21.319 +  from functional programming:
  21.320 +  \emph{code equations}, \emph{datatypes}, and
  21.321 +  \emph{type classes}.  A code equation as a first approximation
  21.322 +  is a theorem of the form \isa{f\ t\isactrlisub {\isadigit{1}}\ t\isactrlisub {\isadigit{2}}\ {\isasymdots}\ t\isactrlisub n\ {\isasymequiv}\ t}
  21.323 +  (an equation headed by a constant \isa{f} with arguments
  21.324 +  \isa{t\isactrlisub {\isadigit{1}}\ t\isactrlisub {\isadigit{2}}\ {\isasymdots}\ t\isactrlisub n} and right hand side \isa{t}).
  21.325 +  Code generation aims to turn code equations
  21.326 +  into a functional program.  This is achieved by three major
  21.327 +  components which operate sequentially, i.e. the result of one is
  21.328 +  the input
  21.329 +  of the next in the chain,  see diagram \ref{fig:arch}:
  21.330 +
  21.331 +  \begin{itemize}
  21.332 +
  21.333 +    \item Out of the vast collection of theorems proven in a
  21.334 +      \qn{theory}, a reasonable subset modelling
  21.335 +      code equations is \qn{selected}.
  21.336 +
  21.337 +    \item On those selected theorems, certain
  21.338 +      transformations are carried out
  21.339 +      (\qn{preprocessing}).  Their purpose is to turn theorems
  21.340 +      representing non- or badly executable
  21.341 +      specifications into equivalent but executable counterparts.
  21.342 +      The result is a structured collection of \qn{code theorems}.
  21.343 +
  21.344 +    \item Before the selected code equations are continued with,
  21.345 +      they can be \qn{preprocessed}, i.e. subjected to theorem
  21.346 +      transformations.  This \qn{preprocessor} is an interface which
  21.347 +      allows to apply
  21.348 +      the full expressiveness of ML-based theorem transformations
  21.349 +      to code generation;  motivating examples are shown below, see
  21.350 +      \secref{sec:preproc}.
  21.351 +      The result of the preprocessing step is a structured collection
  21.352 +      of code equations.
  21.353 +
  21.354 +    \item These code equations are \qn{translated} to a program
  21.355 +      in an abstract intermediate language.  Think of it as a kind
  21.356 +      of \qt{Mini-Haskell} with four \qn{statements}: \isa{data}
  21.357 +      (for datatypes), \isa{fun} (stemming from code equations),
  21.358 +      also \isa{class} and \isa{inst} (for type classes).
  21.359 +
  21.360 +    \item Finally, the abstract program is \qn{serialised} into concrete
  21.361 +      source code of a target language.
  21.362 +
  21.363 +  \end{itemize}
  21.364 +
  21.365 +  \noindent From these steps, only the two last are carried out outside the logic;  by
  21.366 +  keeping this layer as thin as possible, the amount of code to trust is
  21.367 +  kept to a minimum.%
  21.368 +\end{isamarkuptext}%
  21.369 +\isamarkuptrue%
  21.370 +%
  21.371 +\isadelimtheory
  21.372 +%
  21.373 +\endisadelimtheory
  21.374 +%
  21.375 +\isatagtheory
  21.376 +\isacommand{end}\isamarkupfalse%
  21.377 +%
  21.378 +\endisatagtheory
  21.379 +{\isafoldtheory}%
  21.380 +%
  21.381 +\isadelimtheory
  21.382 +%
  21.383 +\endisadelimtheory
  21.384 +\isanewline
  21.385 +\end{isabellebody}%
  21.386 +%%% Local Variables:
  21.387 +%%% mode: latex
  21.388 +%%% TeX-master: "root"
  21.389 +%%% End:
    22.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    22.2 +++ b/doc-src/Codegen/Thy/document/ML.tex	Tue Mar 03 19:21:10 2009 +0100
    22.3 @@ -0,0 +1,255 @@
    22.4 +%
    22.5 +\begin{isabellebody}%
    22.6 +\def\isabellecontext{ML}%
    22.7 +%
    22.8 +\isadelimtheory
    22.9 +%
   22.10 +\endisadelimtheory
   22.11 +%
   22.12 +\isatagtheory
   22.13 +\isacommand{theory}\isamarkupfalse%
   22.14 +\ {\isachardoublequoteopen}ML{\isachardoublequoteclose}\isanewline
   22.15 +\isakeyword{imports}\ Setup\isanewline
   22.16 +\isakeyword{begin}%
   22.17 +\endisatagtheory
   22.18 +{\isafoldtheory}%
   22.19 +%
   22.20 +\isadelimtheory
   22.21 +%
   22.22 +\endisadelimtheory
   22.23 +%
   22.24 +\isamarkupsection{ML system interfaces \label{sec:ml}%
   22.25 +}
   22.26 +\isamarkuptrue%
   22.27 +%
   22.28 +\begin{isamarkuptext}%
   22.29 +Since the code generator framework not only aims to provide
   22.30 +  a nice Isar interface but also to form a base for
   22.31 +  code-generation-based applications, here a short
   22.32 +  description of the most important ML interfaces.%
   22.33 +\end{isamarkuptext}%
   22.34 +\isamarkuptrue%
   22.35 +%
   22.36 +\isamarkupsubsection{Executable theory content: \isa{Code}%
   22.37 +}
   22.38 +\isamarkuptrue%
   22.39 +%
   22.40 +\begin{isamarkuptext}%
   22.41 +This Pure module implements the core notions of
   22.42 +  executable content of a theory.%
   22.43 +\end{isamarkuptext}%
   22.44 +\isamarkuptrue%
   22.45 +%
   22.46 +\isamarkupsubsubsection{Managing executable content%
   22.47 +}
   22.48 +\isamarkuptrue%
   22.49 +%
   22.50 +\isadelimmlref
   22.51 +%
   22.52 +\endisadelimmlref
   22.53 +%
   22.54 +\isatagmlref
   22.55 +%
   22.56 +\begin{isamarkuptext}%
   22.57 +\begin{mldecls}
   22.58 +  \indexdef{}{ML}{Code.add\_eqn}\verb|Code.add_eqn: thm -> theory -> theory| \\
   22.59 +  \indexdef{}{ML}{Code.del\_eqn}\verb|Code.del_eqn: thm -> theory -> theory| \\
   22.60 +  \indexdef{}{ML}{Code.add\_eqnl}\verb|Code.add_eqnl: string * (thm * bool) list lazy -> theory -> theory| \\
   22.61 +  \indexdef{}{ML}{Code.map\_pre}\verb|Code.map_pre: (simpset -> simpset) -> theory -> theory| \\
   22.62 +  \indexdef{}{ML}{Code.map\_post}\verb|Code.map_post: (simpset -> simpset) -> theory -> theory| \\
   22.63 +  \indexdef{}{ML}{Code.add\_functrans}\verb|Code.add_functrans: string * (theory -> (thm * bool) list -> (thm * bool) list option)|\isasep\isanewline%
   22.64 +\verb|    -> theory -> theory| \\
   22.65 +  \indexdef{}{ML}{Code.del\_functrans}\verb|Code.del_functrans: string -> theory -> theory| \\
   22.66 +  \indexdef{}{ML}{Code.add\_datatype}\verb|Code.add_datatype: (string * typ) list -> theory -> theory| \\
   22.67 +  \indexdef{}{ML}{Code.get\_datatype}\verb|Code.get_datatype: theory -> string|\isasep\isanewline%
   22.68 +\verb|    -> (string * sort) list * (string * typ list) list| \\
   22.69 +  \indexdef{}{ML}{Code.get\_datatype\_of\_constr}\verb|Code.get_datatype_of_constr: theory -> string -> string option|
   22.70 +  \end{mldecls}
   22.71 +
   22.72 +  \begin{description}
   22.73 +
   22.74 +  \item \verb|Code.add_eqn|~\isa{thm}~\isa{thy} adds function
   22.75 +     theorem \isa{thm} to executable content.
   22.76 +
   22.77 +  \item \verb|Code.del_eqn|~\isa{thm}~\isa{thy} removes function
   22.78 +     theorem \isa{thm} from executable content, if present.
   22.79 +
   22.80 +  \item \verb|Code.add_eqnl|~\isa{{\isacharparenleft}const{\isacharcomma}\ lthms{\isacharparenright}}~\isa{thy} adds
   22.81 +     suspended code equations \isa{lthms} for constant
   22.82 +     \isa{const} to executable content.
   22.83 +
   22.84 +  \item \verb|Code.map_pre|~\isa{f}~\isa{thy} changes
   22.85 +     the preprocessor simpset.
   22.86 +
   22.87 +  \item \verb|Code.add_functrans|~\isa{{\isacharparenleft}name{\isacharcomma}\ f{\isacharparenright}}~\isa{thy} adds
   22.88 +     function transformer \isa{f} (named \isa{name}) to executable content;
   22.89 +     \isa{f} is a transformer of the code equations belonging
   22.90 +     to a certain function definition, depending on the
   22.91 +     current theory context.  Returning \isa{NONE} indicates that no
   22.92 +     transformation took place;  otherwise, the whole process will be iterated
   22.93 +     with the new code equations.
   22.94 +
   22.95 +  \item \verb|Code.del_functrans|~\isa{name}~\isa{thy} removes
   22.96 +     function transformer named \isa{name} from executable content.
   22.97 +
   22.98 +  \item \verb|Code.add_datatype|~\isa{cs}~\isa{thy} adds
   22.99 +     a datatype to executable content, with generation
  22.100 +     set \isa{cs}.
  22.101 +
  22.102 +  \item \verb|Code.get_datatype_of_constr|~\isa{thy}~\isa{const}
  22.103 +     returns type constructor corresponding to
  22.104 +     constructor \isa{const}; returns \isa{NONE}
  22.105 +     if \isa{const} is no constructor.
  22.106 +
  22.107 +  \end{description}%
  22.108 +\end{isamarkuptext}%
  22.109 +\isamarkuptrue%
  22.110 +%
  22.111 +\endisatagmlref
  22.112 +{\isafoldmlref}%
  22.113 +%
  22.114 +\isadelimmlref
  22.115 +%
  22.116 +\endisadelimmlref
  22.117 +%
  22.118 +\isamarkupsubsection{Auxiliary%
  22.119 +}
  22.120 +\isamarkuptrue%
  22.121 +%
  22.122 +\isadelimmlref
  22.123 +%
  22.124 +\endisadelimmlref
  22.125 +%
  22.126 +\isatagmlref
  22.127 +%
  22.128 +\begin{isamarkuptext}%
  22.129 +\begin{mldecls}
  22.130 +  \indexdef{}{ML}{Code\_Unit.read\_const}\verb|Code_Unit.read_const: theory -> string -> string| \\
  22.131 +  \indexdef{}{ML}{Code\_Unit.head\_eqn}\verb|Code_Unit.head_eqn: theory -> thm -> string * ((string * sort) list * typ)| \\
  22.132 +  \indexdef{}{ML}{Code\_Unit.rewrite\_eqn}\verb|Code_Unit.rewrite_eqn: simpset -> thm -> thm| \\
  22.133 +  \end{mldecls}
  22.134 +
  22.135 +  \begin{description}
  22.136 +
  22.137 +  \item \verb|Code_Unit.read_const|~\isa{thy}~\isa{s}
  22.138 +     reads a constant as a concrete term expression \isa{s}.
  22.139 +
  22.140 +  \item \verb|Code_Unit.head_eqn|~\isa{thy}~\isa{thm}
  22.141 +     extracts the constant and its type from a code equation \isa{thm}.
  22.142 +
  22.143 +  \item \verb|Code_Unit.rewrite_eqn|~\isa{ss}~\isa{thm}
  22.144 +     rewrites a code equation \isa{thm} with a simpset \isa{ss};
  22.145 +     only arguments and right hand side are rewritten,
  22.146 +     not the head of the code equation.
  22.147 +
  22.148 +  \end{description}%
  22.149 +\end{isamarkuptext}%
  22.150 +\isamarkuptrue%
  22.151 +%
  22.152 +\endisatagmlref
  22.153 +{\isafoldmlref}%
  22.154 +%
  22.155 +\isadelimmlref
  22.156 +%
  22.157 +\endisadelimmlref
  22.158 +%
  22.159 +\isamarkupsubsection{Implementing code generator applications%
  22.160 +}
  22.161 +\isamarkuptrue%
  22.162 +%
  22.163 +\begin{isamarkuptext}%
  22.164 +Implementing code generator applications on top
  22.165 +  of the framework set out so far usually not only
  22.166 +  involves using those primitive interfaces
  22.167 +  but also storing code-dependent data and various
  22.168 +  other things.%
  22.169 +\end{isamarkuptext}%
  22.170 +\isamarkuptrue%
  22.171 +%
  22.172 +\isamarkupsubsubsection{Data depending on the theory's executable content%
  22.173 +}
  22.174 +\isamarkuptrue%
  22.175 +%
  22.176 +\begin{isamarkuptext}%
  22.177 +Due to incrementality of code generation, changes in the
  22.178 +  theory's executable content have to be propagated in a
  22.179 +  certain fashion.  Additionally, such changes may occur
  22.180 +  not only during theory extension but also during theory
  22.181 +  merge, which is a little bit nasty from an implementation
  22.182 +  point of view.  The framework provides a solution
  22.183 +  to this technical challenge by providing a functorial
  22.184 +  data slot \verb|CodeDataFun|; on instantiation
  22.185 +  of this functor, the following types and operations
  22.186 +  are required:
  22.187 +
  22.188 +  \medskip
  22.189 +  \begin{tabular}{l}
  22.190 +  \isa{type\ T} \\
  22.191 +  \isa{val\ empty{\isacharcolon}\ T} \\
  22.192 +  \isa{val\ purge{\isacharcolon}\ theory\ {\isasymrightarrow}\ string\ list\ option\ {\isasymrightarrow}\ T\ {\isasymrightarrow}\ T}
  22.193 +  \end{tabular}
  22.194 +
  22.195 +  \begin{description}
  22.196 +
  22.197 +  \item \isa{T} the type of data to store.
  22.198 +
  22.199 +  \item \isa{empty} initial (empty) data.
  22.200 +
  22.201 +  \item \isa{purge}~\isa{thy}~\isa{consts} propagates changes in executable content;
  22.202 +    \isa{consts} indicates the kind
  22.203 +    of change: \verb|NONE| stands for a fundamental change
  22.204 +    which invalidates any existing code, \isa{SOME\ consts}
  22.205 +    hints that executable content for constants \isa{consts}
  22.206 +    has changed.
  22.207 +
  22.208 +  \end{description}
  22.209 +
  22.210 +  \noindent An instance of \verb|CodeDataFun| provides the following
  22.211 +  interface:
  22.212 +
  22.213 +  \medskip
  22.214 +  \begin{tabular}{l}
  22.215 +  \isa{get{\isacharcolon}\ theory\ {\isasymrightarrow}\ T} \\
  22.216 +  \isa{change{\isacharcolon}\ theory\ {\isasymrightarrow}\ {\isacharparenleft}T\ {\isasymrightarrow}\ T{\isacharparenright}\ {\isasymrightarrow}\ T} \\
  22.217 +  \isa{change{\isacharunderscore}yield{\isacharcolon}\ theory\ {\isasymrightarrow}\ {\isacharparenleft}T\ {\isasymrightarrow}\ {\isacharprime}a\ {\isacharasterisk}\ T{\isacharparenright}\ {\isasymrightarrow}\ {\isacharprime}a\ {\isacharasterisk}\ T}
  22.218 +  \end{tabular}
  22.219 +
  22.220 +  \begin{description}
  22.221 +
  22.222 +  \item \isa{get} retrieval of the current data.
  22.223 +
  22.224 +  \item \isa{change} update of current data (cached!)
  22.225 +    by giving a continuation.
  22.226 +
  22.227 +  \item \isa{change{\isacharunderscore}yield} update with side result.
  22.228 +
  22.229 +  \end{description}%
  22.230 +\end{isamarkuptext}%
  22.231 +\isamarkuptrue%
  22.232 +%
  22.233 +\begin{isamarkuptext}%
  22.234 +\bigskip
  22.235 +
  22.236 +  \emph{Happy proving, happy hacking!}%
  22.237 +\end{isamarkuptext}%
  22.238 +\isamarkuptrue%
  22.239 +%
  22.240 +\isadelimtheory
  22.241 +%
  22.242 +\endisadelimtheory
  22.243 +%
  22.244 +\isatagtheory
  22.245 +\isacommand{end}\isamarkupfalse%
  22.246 +%
  22.247 +\endisatagtheory
  22.248 +{\isafoldtheory}%
  22.249 +%
  22.250 +\isadelimtheory
  22.251 +%
  22.252 +\endisadelimtheory
  22.253 +\isanewline
  22.254 +\end{isabellebody}%
  22.255 +%%% Local Variables:
  22.256 +%%% mode: latex
  22.257 +%%% TeX-master: "root"
  22.258 +%%% End:
    23.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    23.2 +++ b/doc-src/Codegen/Thy/document/Program.tex	Tue Mar 03 19:21:10 2009 +0100
    23.3 @@ -0,0 +1,1238 @@
    23.4 +%
    23.5 +\begin{isabellebody}%
    23.6 +\def\isabellecontext{Program}%
    23.7 +%
    23.8 +\isadelimtheory
    23.9 +%
   23.10 +\endisadelimtheory
   23.11 +%
   23.12 +\isatagtheory
   23.13 +\isacommand{theory}\isamarkupfalse%
   23.14 +\ Program\isanewline
   23.15 +\isakeyword{imports}\ Introduction\isanewline
   23.16 +\isakeyword{begin}%
   23.17 +\endisatagtheory
   23.18 +{\isafoldtheory}%
   23.19 +%
   23.20 +\isadelimtheory
   23.21 +%
   23.22 +\endisadelimtheory
   23.23 +%
   23.24 +\isamarkupsection{Turning Theories into Programs \label{sec:program}%
   23.25 +}
   23.26 +\isamarkuptrue%
   23.27 +%
   23.28 +\isamarkupsubsection{The \isa{Isabelle{\isacharslash}HOL} default setup%
   23.29 +}
   23.30 +\isamarkuptrue%
   23.31 +%
   23.32 +\begin{isamarkuptext}%
   23.33 +We have already seen how by default equations stemming from
   23.34 +  \hyperlink{command.definition}{\mbox{\isa{\isacommand{definition}}}}/\hyperlink{command.primrec}{\mbox{\isa{\isacommand{primrec}}}}/\hyperlink{command.fun}{\mbox{\isa{\isacommand{fun}}}}
   23.35 +  statements are used for code generation.  This default behaviour
   23.36 +  can be changed, e.g. by providing different code equations.
   23.37 +  All kinds of customisation shown in this section is \emph{safe}
   23.38 +  in the sense that the user does not have to worry about
   23.39 +  correctness -- all programs generatable that way are partially
   23.40 +  correct.%
   23.41 +\end{isamarkuptext}%
   23.42 +\isamarkuptrue%
   23.43 +%
   23.44 +\isamarkupsubsection{Selecting code equations%
   23.45 +}
   23.46 +\isamarkuptrue%
   23.47 +%
   23.48 +\begin{isamarkuptext}%
   23.49 +Coming back to our introductory example, we
   23.50 +  could provide an alternative code equations for \isa{dequeue}
   23.51 +  explicitly:%
   23.52 +\end{isamarkuptext}%
   23.53 +\isamarkuptrue%
   23.54 +%
   23.55 +\isadelimquote
   23.56 +%
   23.57 +\endisadelimquote
   23.58 +%
   23.59 +\isatagquote
   23.60 +\isacommand{lemma}\isamarkupfalse%
   23.61 +\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
   23.62 +\ \ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}AQueue\ xs\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\isanewline
   23.63 +\ \ \ \ \ {\isacharparenleft}if\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ then\ {\isacharparenleft}None{\isacharcomma}\ AQueue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\isanewline
   23.64 +\ \ \ \ \ \ \ else\ dequeue\ {\isacharparenleft}AQueue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
   23.65 +\ \ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}AQueue\ xs\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}{\isacharparenright}\ {\isacharequal}\isanewline
   23.66 +\ \ \ \ \ {\isacharparenleft}Some\ y{\isacharcomma}\ AQueue\ xs\ ys{\isacharparenright}{\isachardoublequoteclose}\isanewline
   23.67 +\ \ \isacommand{by}\isamarkupfalse%
   23.68 +\ {\isacharparenleft}cases\ xs{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\ {\isacharparenleft}cases\ {\isachardoublequoteopen}rev\ xs{\isachardoublequoteclose}{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}%
   23.69 +\endisatagquote
   23.70 +{\isafoldquote}%
   23.71 +%
   23.72 +\isadelimquote
   23.73 +%
   23.74 +\endisadelimquote
   23.75 +%
   23.76 +\begin{isamarkuptext}%
   23.77 +\noindent The annotation \isa{{\isacharbrackleft}code{\isacharbrackright}} is an \isa{Isar}
   23.78 +  \isa{attribute} which states that the given theorems should be
   23.79 +  considered as code equations for a \isa{fun} statement --
   23.80 +  the corresponding constant is determined syntactically.  The resulting code:%
   23.81 +\end{isamarkuptext}%
   23.82 +\isamarkuptrue%
   23.83 +%
   23.84 +\isadelimquote
   23.85 +%
   23.86 +\endisadelimquote
   23.87 +%
   23.88 +\isatagquote
   23.89 +%
   23.90 +\begin{isamarkuptext}%
   23.91 +\isatypewriter%
   23.92 +\noindent%
   23.93 +\hspace*{0pt}dequeue ::~forall a.~Queue a -> (Maybe a,~Queue a);\\
   23.94 +\hspace*{0pt}dequeue (AQueue xs (y :~ys)) = (Just y,~AQueue xs ys);\\
   23.95 +\hspace*{0pt}dequeue (AQueue xs []) =\\
   23.96 +\hspace*{0pt} ~(if nulla xs then (Nothing,~AQueue [] [])\\
   23.97 +\hspace*{0pt} ~~~else dequeue (AQueue [] (rev xs)));%
   23.98 +\end{isamarkuptext}%
   23.99 +\isamarkuptrue%
  23.100 +%
  23.101 +\endisatagquote
  23.102 +{\isafoldquote}%
  23.103 +%
  23.104 +\isadelimquote
  23.105 +%
  23.106 +\endisadelimquote
  23.107 +%
  23.108 +\begin{isamarkuptext}%
  23.109 +\noindent You may note that the equality test \isa{xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}} has been
  23.110 +  replaced by the predicate \isa{null\ xs}.  This is due to the default
  23.111 +  setup in the \qn{preprocessor} to be discussed further below (\secref{sec:preproc}).
  23.112 +
  23.113 +  Changing the default constructor set of datatypes is also
  23.114 +  possible.  See \secref{sec:datatypes} for an example.
  23.115 +
  23.116 +  As told in \secref{sec:concept}, code generation is based
  23.117 +  on a structured collection of code theorems.
  23.118 +  For explorative purpose, this collection
  23.119 +  may be inspected using the \hyperlink{command.code-thms}{\mbox{\isa{\isacommand{code{\isacharunderscore}thms}}}} command:%
  23.120 +\end{isamarkuptext}%
  23.121 +\isamarkuptrue%
  23.122 +%
  23.123 +\isadelimquote
  23.124 +%
  23.125 +\endisadelimquote
  23.126 +%
  23.127 +\isatagquote
  23.128 +\isacommand{code{\isacharunderscore}thms}\isamarkupfalse%
  23.129 +\ dequeue%
  23.130 +\endisatagquote
  23.131 +{\isafoldquote}%
  23.132 +%
  23.133 +\isadelimquote
  23.134 +%
  23.135 +\endisadelimquote
  23.136 +%
  23.137 +\begin{isamarkuptext}%
  23.138 +\noindent prints a table with \emph{all} code equations
  23.139 +  for \isa{dequeue}, including
  23.140 +  \emph{all} code equations those equations depend
  23.141 +  on recursively.
  23.142 +  
  23.143 +  Similarly, the \hyperlink{command.code-deps}{\mbox{\isa{\isacommand{code{\isacharunderscore}deps}}}} command shows a graph
  23.144 +  visualising dependencies between code equations.%
  23.145 +\end{isamarkuptext}%
  23.146 +\isamarkuptrue%
  23.147 +%
  23.148 +\isamarkupsubsection{\isa{class} and \isa{instantiation}%
  23.149 +}
  23.150 +\isamarkuptrue%
  23.151 +%
  23.152 +\begin{isamarkuptext}%
  23.153 +Concerning type classes and code generation, let us examine an example
  23.154 +  from abstract algebra:%
  23.155 +\end{isamarkuptext}%
  23.156 +\isamarkuptrue%
  23.157 +%
  23.158 +\isadelimquote
  23.159 +%
  23.160 +\endisadelimquote
  23.161 +%
  23.162 +\isatagquote
  23.163 +\isacommand{class}\isamarkupfalse%
  23.164 +\ semigroup\ {\isacharequal}\isanewline
  23.165 +\ \ \isakeyword{fixes}\ mult\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymotimes}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
  23.166 +\ \ \isakeyword{assumes}\ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isasymotimes}\ z\ {\isacharequal}\ x\ {\isasymotimes}\ {\isacharparenleft}y\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequoteclose}\isanewline
  23.167 +\isanewline
  23.168 +\isacommand{class}\isamarkupfalse%
  23.169 +\ monoid\ {\isacharequal}\ semigroup\ {\isacharplus}\isanewline
  23.170 +\ \ \isakeyword{fixes}\ neutral\ {\isacharcolon}{\isacharcolon}\ {\isacharprime}a\ {\isacharparenleft}{\isachardoublequoteopen}{\isasymone}{\isachardoublequoteclose}{\isacharparenright}\isanewline
  23.171 +\ \ \isakeyword{assumes}\ neutl{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
  23.172 +\ \ \ \ \isakeyword{and}\ neutr{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
  23.173 +\isanewline
  23.174 +\isacommand{instantiation}\isamarkupfalse%
  23.175 +\ nat\ {\isacharcolon}{\isacharcolon}\ monoid\isanewline
  23.176 +\isakeyword{begin}\isanewline
  23.177 +\isanewline
  23.178 +\isacommand{primrec}\isamarkupfalse%
  23.179 +\ mult{\isacharunderscore}nat\ \isakeyword{where}\isanewline
  23.180 +\ \ \ \ {\isachardoublequoteopen}{\isadigit{0}}\ {\isasymotimes}\ n\ {\isacharequal}\ {\isacharparenleft}{\isadigit{0}}{\isasymColon}nat{\isacharparenright}{\isachardoublequoteclose}\isanewline
  23.181 +\ \ {\isacharbar}\ {\isachardoublequoteopen}Suc\ m\ {\isasymotimes}\ n\ {\isacharequal}\ n\ {\isacharplus}\ m\ {\isasymotimes}\ n{\isachardoublequoteclose}\isanewline
  23.182 +\isanewline
  23.183 +\isacommand{definition}\isamarkupfalse%
  23.184 +\ neutral{\isacharunderscore}nat\ \isakeyword{where}\isanewline
  23.185 +\ \ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ Suc\ {\isadigit{0}}{\isachardoublequoteclose}\isanewline
  23.186 +\isanewline
  23.187 +\isacommand{lemma}\isamarkupfalse%
  23.188 +\ add{\isacharunderscore}mult{\isacharunderscore}distrib{\isacharcolon}\isanewline
  23.189 +\ \ \isakeyword{fixes}\ n\ m\ q\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
  23.190 +\ \ \isakeyword{shows}\ {\isachardoublequoteopen}{\isacharparenleft}n\ {\isacharplus}\ m{\isacharparenright}\ {\isasymotimes}\ q\ {\isacharequal}\ n\ {\isasymotimes}\ q\ {\isacharplus}\ m\ {\isasymotimes}\ q{\isachardoublequoteclose}\isanewline
  23.191 +\ \ \isacommand{by}\isamarkupfalse%
  23.192 +\ {\isacharparenleft}induct\ n{\isacharparenright}\ simp{\isacharunderscore}all\isanewline
  23.193 +\isanewline
  23.194 +\isacommand{instance}\isamarkupfalse%
  23.195 +\ \isacommand{proof}\isamarkupfalse%
  23.196 +\isanewline
  23.197 +\ \ \isacommand{fix}\isamarkupfalse%
  23.198 +\ m\ n\ q\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
  23.199 +\ \ \isacommand{show}\isamarkupfalse%
  23.200 +\ {\isachardoublequoteopen}m\ {\isasymotimes}\ n\ {\isasymotimes}\ q\ {\isacharequal}\ m\ {\isasymotimes}\ {\isacharparenleft}n\ {\isasymotimes}\ q{\isacharparenright}{\isachardoublequoteclose}\isanewline
  23.201 +\ \ \ \ \isacommand{by}\isamarkupfalse%
  23.202 +\ {\isacharparenleft}induct\ m{\isacharparenright}\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ add{\isacharunderscore}mult{\isacharunderscore}distrib{\isacharparenright}\isanewline
  23.203 +\ \ \isacommand{show}\isamarkupfalse%
  23.204 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
  23.205 +\ \ \ \ \isacommand{by}\isamarkupfalse%
  23.206 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ neutral{\isacharunderscore}nat{\isacharunderscore}def{\isacharparenright}\isanewline
  23.207 +\ \ \isacommand{show}\isamarkupfalse%
  23.208 +\ {\isachardoublequoteopen}m\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ m{\isachardoublequoteclose}\isanewline
  23.209 +\ \ \ \ \isacommand{by}\isamarkupfalse%
  23.210 +\ {\isacharparenleft}induct\ m{\isacharparenright}\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ neutral{\isacharunderscore}nat{\isacharunderscore}def{\isacharparenright}\isanewline
  23.211 +\isacommand{qed}\isamarkupfalse%
  23.212 +\isanewline
  23.213 +\isanewline
  23.214 +\isacommand{end}\isamarkupfalse%
  23.215 +%
  23.216 +\endisatagquote
  23.217 +{\isafoldquote}%
  23.218 +%
  23.219 +\isadelimquote
  23.220 +%
  23.221 +\endisadelimquote
  23.222 +%
  23.223 +\begin{isamarkuptext}%
  23.224 +\noindent We define the natural operation of the natural numbers
  23.225 +  on monoids:%
  23.226 +\end{isamarkuptext}%
  23.227 +\isamarkuptrue%
  23.228 +%
  23.229 +\isadelimquote
  23.230 +%
  23.231 +\endisadelimquote
  23.232 +%
  23.233 +\isatagquote
  23.234 +\isacommand{primrec}\isamarkupfalse%
  23.235 +\ {\isacharparenleft}\isakeyword{in}\ monoid{\isacharparenright}\ pow\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  23.236 +\ \ \ \ {\isachardoublequoteopen}pow\ {\isadigit{0}}\ a\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
  23.237 +\ \ {\isacharbar}\ {\isachardoublequoteopen}pow\ {\isacharparenleft}Suc\ n{\isacharparenright}\ a\ {\isacharequal}\ a\ {\isasymotimes}\ pow\ n\ a{\isachardoublequoteclose}%
  23.238 +\endisatagquote
  23.239 +{\isafoldquote}%
  23.240 +%
  23.241 +\isadelimquote
  23.242 +%
  23.243 +\endisadelimquote
  23.244 +%
  23.245 +\begin{isamarkuptext}%
  23.246 +\noindent This we use to define the discrete exponentiation function:%
  23.247 +\end{isamarkuptext}%
  23.248 +\isamarkuptrue%
  23.249 +%
  23.250 +\isadelimquote
  23.251 +%
  23.252 +\endisadelimquote
  23.253 +%
  23.254 +\isatagquote
  23.255 +\isacommand{definition}\isamarkupfalse%
  23.256 +\ bexp\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  23.257 +\ \ {\isachardoublequoteopen}bexp\ n\ {\isacharequal}\ pow\ n\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
  23.258 +\endisatagquote
  23.259 +{\isafoldquote}%
  23.260 +%
  23.261 +\isadelimquote
  23.262 +%
  23.263 +\endisadelimquote
  23.264 +%
  23.265 +\begin{isamarkuptext}%
  23.266 +\noindent The corresponding code:%
  23.267 +\end{isamarkuptext}%
  23.268 +\isamarkuptrue%
  23.269 +%
  23.270 +\isadelimquote
  23.271 +%
  23.272 +\endisadelimquote
  23.273 +%
  23.274 +\isatagquote
  23.275 +%
  23.276 +\begin{isamarkuptext}%
  23.277 +\isatypewriter%
  23.278 +\noindent%
  23.279 +\hspace*{0pt}module Example where {\char123}\\
  23.280 +\hspace*{0pt}\\
  23.281 +\hspace*{0pt}\\
  23.282 +\hspace*{0pt}data Nat = Zero{\char95}nat | Suc Nat;\\
  23.283 +\hspace*{0pt}\\
  23.284 +\hspace*{0pt}class Semigroup a where {\char123}\\
  23.285 +\hspace*{0pt} ~mult ::~a -> a -> a;\\
  23.286 +\hspace*{0pt}{\char125};\\
  23.287 +\hspace*{0pt}\\
  23.288 +\hspace*{0pt}class (Semigroup a) => Monoid a where {\char123}\\
  23.289 +\hspace*{0pt} ~neutral ::~a;\\
  23.290 +\hspace*{0pt}{\char125};\\
  23.291 +\hspace*{0pt}\\
  23.292 +\hspace*{0pt}pow ::~forall a.~(Monoid a) => Nat -> a -> a;\\
  23.293 +\hspace*{0pt}pow Zero{\char95}nat a = neutral;\\
  23.294 +\hspace*{0pt}pow (Suc n) a = mult a (pow n a);\\
  23.295 +\hspace*{0pt}\\
  23.296 +\hspace*{0pt}plus{\char95}nat ::~Nat -> Nat -> Nat;\\
  23.297 +\hspace*{0pt}plus{\char95}nat (Suc m) n = plus{\char95}nat m (Suc n);\\
  23.298 +\hspace*{0pt}plus{\char95}nat Zero{\char95}nat n = n;\\
  23.299 +\hspace*{0pt}\\
  23.300 +\hspace*{0pt}neutral{\char95}nat ::~Nat;\\
  23.301 +\hspace*{0pt}neutral{\char95}nat = Suc Zero{\char95}nat;\\
  23.302 +\hspace*{0pt}\\
  23.303 +\hspace*{0pt}mult{\char95}nat ::~Nat -> Nat -> Nat;\\
  23.304 +\hspace*{0pt}mult{\char95}nat Zero{\char95}nat n = Zero{\char95}nat;\\
  23.305 +\hspace*{0pt}mult{\char95}nat (Suc m) n = plus{\char95}nat n (mult{\char95}nat m n);\\
  23.306 +\hspace*{0pt}\\
  23.307 +\hspace*{0pt}instance Semigroup Nat where {\char123}\\
  23.308 +\hspace*{0pt} ~mult = mult{\char95}nat;\\
  23.309 +\hspace*{0pt}{\char125};\\
  23.310 +\hspace*{0pt}\\
  23.311 +\hspace*{0pt}instance Monoid Nat where {\char123}\\
  23.312 +\hspace*{0pt} ~neutral = neutral{\char95}nat;\\
  23.313 +\hspace*{0pt}{\char125};\\
  23.314 +\hspace*{0pt}\\
  23.315 +\hspace*{0pt}bexp ::~Nat -> Nat;\\
  23.316 +\hspace*{0pt}bexp n = pow n (Suc (Suc Zero{\char95}nat));\\
  23.317 +\hspace*{0pt}\\
  23.318 +\hspace*{0pt}{\char125}%
  23.319 +\end{isamarkuptext}%
  23.320 +\isamarkuptrue%
  23.321 +%
  23.322 +\endisatagquote
  23.323 +{\isafoldquote}%
  23.324 +%
  23.325 +\isadelimquote
  23.326 +%
  23.327 +\endisadelimquote
  23.328 +%
  23.329 +\begin{isamarkuptext}%
  23.330 +\noindent This is a convenient place to show how explicit dictionary construction
  23.331 +  manifests in generated code (here, the same example in \isa{SML}):%
  23.332 +\end{isamarkuptext}%
  23.333 +\isamarkuptrue%
  23.334 +%
  23.335 +\isadelimquote
  23.336 +%
  23.337 +\endisadelimquote
  23.338 +%
  23.339 +\isatagquote
  23.340 +%
  23.341 +\begin{isamarkuptext}%
  23.342 +\isatypewriter%
  23.343 +\noindent%
  23.344 +\hspace*{0pt}structure Example = \\
  23.345 +\hspace*{0pt}struct\\
  23.346 +\hspace*{0pt}\\
  23.347 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  23.348 +\hspace*{0pt}\\
  23.349 +\hspace*{0pt}type 'a semigroup = {\char123}mult :~'a -> 'a -> 'a{\char125};\\
  23.350 +\hspace*{0pt}fun mult (A{\char95}:'a semigroup) = {\char35}mult A{\char95};\\
  23.351 +\hspace*{0pt}\\
  23.352 +\hspace*{0pt}type 'a monoid = {\char123}Program{\char95}{\char95}semigroup{\char95}monoid :~'a semigroup,~neutral :~'a{\char125};\\
  23.353 +\hspace*{0pt}fun semigroup{\char95}monoid (A{\char95}:'a monoid) = {\char35}Program{\char95}{\char95}semigroup{\char95}monoid A{\char95};\\
  23.354 +\hspace*{0pt}fun neutral (A{\char95}:'a monoid) = {\char35}neutral A{\char95};\\
  23.355 +\hspace*{0pt}\\
  23.356 +\hspace*{0pt}fun pow A{\char95}~Zero{\char95}nat a = neutral A{\char95}\\
  23.357 +\hspace*{0pt} ~| pow A{\char95}~(Suc n) a = mult (semigroup{\char95}monoid A{\char95}) a (pow A{\char95}~n a);\\
  23.358 +\hspace*{0pt}\\
  23.359 +\hspace*{0pt}fun plus{\char95}nat (Suc m) n = plus{\char95}nat m (Suc n)\\
  23.360 +\hspace*{0pt} ~| plus{\char95}nat Zero{\char95}nat n = n;\\
  23.361 +\hspace*{0pt}\\
  23.362 +\hspace*{0pt}val neutral{\char95}nat :~nat = Suc Zero{\char95}nat\\
  23.363 +\hspace*{0pt}\\
  23.364 +\hspace*{0pt}fun mult{\char95}nat Zero{\char95}nat n = Zero{\char95}nat\\
  23.365 +\hspace*{0pt} ~| mult{\char95}nat (Suc m) n = plus{\char95}nat n (mult{\char95}nat m n);\\
  23.366 +\hspace*{0pt}\\
  23.367 +\hspace*{0pt}val semigroup{\char95}nat = {\char123}mult = mult{\char95}nat{\char125}~:~nat semigroup;\\
  23.368 +\hspace*{0pt}\\
  23.369 +\hspace*{0pt}val monoid{\char95}nat =\\
  23.370 +\hspace*{0pt} ~{\char123}Program{\char95}{\char95}semigroup{\char95}monoid = semigroup{\char95}nat,~neutral = neutral{\char95}nat{\char125}~:\\
  23.371 +\hspace*{0pt} ~nat monoid;\\
  23.372 +\hspace*{0pt}\\
  23.373 +\hspace*{0pt}fun bexp n = pow monoid{\char95}nat n (Suc (Suc Zero{\char95}nat));\\
  23.374 +\hspace*{0pt}\\
  23.375 +\hspace*{0pt}end;~(*struct Example*)%
  23.376 +\end{isamarkuptext}%
  23.377 +\isamarkuptrue%
  23.378 +%
  23.379 +\endisatagquote
  23.380 +{\isafoldquote}%
  23.381 +%
  23.382 +\isadelimquote
  23.383 +%
  23.384 +\endisadelimquote
  23.385 +%
  23.386 +\begin{isamarkuptext}%
  23.387 +\noindent Note the parameters with trailing underscore (\verb|A_|)
  23.388 +    which are the dictionary parameters.%
  23.389 +\end{isamarkuptext}%
  23.390 +\isamarkuptrue%
  23.391 +%
  23.392 +\isamarkupsubsection{The preprocessor \label{sec:preproc}%
  23.393 +}
  23.394 +\isamarkuptrue%
  23.395 +%
  23.396 +\begin{isamarkuptext}%
  23.397 +Before selected function theorems are turned into abstract
  23.398 +  code, a chain of definitional transformation steps is carried
  23.399 +  out: \emph{preprocessing}.  In essence, the preprocessor
  23.400 +  consists of two components: a \emph{simpset} and \emph{function transformers}.
  23.401 +
  23.402 +  The \emph{simpset} allows to employ the full generality of the Isabelle
  23.403 +  simplifier.  Due to the interpretation of theorems
  23.404 +  as code equations, rewrites are applied to the right
  23.405 +  hand side and the arguments of the left hand side of an
  23.406 +  equation, but never to the constant heading the left hand side.
  23.407 +  An important special case are \emph{inline theorems} which may be
  23.408 +  declared and undeclared using the
  23.409 +  \emph{code inline} or \emph{code inline del} attribute respectively.
  23.410 +
  23.411 +  Some common applications:%
  23.412 +\end{isamarkuptext}%
  23.413 +\isamarkuptrue%
  23.414 +%
  23.415 +\begin{itemize}
  23.416 +%
  23.417 +\begin{isamarkuptext}%
  23.418 +\item replacing non-executable constructs by executable ones:%
  23.419 +\end{isamarkuptext}%
  23.420 +\isamarkuptrue%
  23.421 +%
  23.422 +\isadelimquote
  23.423 +%
  23.424 +\endisadelimquote
  23.425 +%
  23.426 +\isatagquote
  23.427 +\isacommand{lemma}\isamarkupfalse%
  23.428 +\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
  23.429 +\ \ {\isachardoublequoteopen}x\ {\isasymin}\ set\ xs\ {\isasymlongleftrightarrow}\ x\ mem\ xs{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  23.430 +\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
  23.431 +\endisatagquote
  23.432 +{\isafoldquote}%
  23.433 +%
  23.434 +\isadelimquote
  23.435 +%
  23.436 +\endisadelimquote
  23.437 +%
  23.438 +\begin{isamarkuptext}%
  23.439 +\item eliminating superfluous constants:%
  23.440 +\end{isamarkuptext}%
  23.441 +\isamarkuptrue%
  23.442 +%
  23.443 +\isadelimquote
  23.444 +%
  23.445 +\endisadelimquote
  23.446 +%
  23.447 +\isatagquote
  23.448 +\isacommand{lemma}\isamarkupfalse%
  23.449 +\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
  23.450 +\ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharequal}\ Suc\ {\isadigit{0}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  23.451 +\ simp%
  23.452 +\endisatagquote
  23.453 +{\isafoldquote}%
  23.454 +%
  23.455 +\isadelimquote
  23.456 +%
  23.457 +\endisadelimquote
  23.458 +%
  23.459 +\begin{isamarkuptext}%
  23.460 +\item replacing executable but inconvenient constructs:%
  23.461 +\end{isamarkuptext}%
  23.462 +\isamarkuptrue%
  23.463 +%
  23.464 +\isadelimquote
  23.465 +%
  23.466 +\endisadelimquote
  23.467 +%
  23.468 +\isatagquote
  23.469 +\isacommand{lemma}\isamarkupfalse%
  23.470 +\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
  23.471 +\ \ {\isachardoublequoteopen}xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongleftrightarrow}\ List{\isachardot}null\ xs{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  23.472 +\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
  23.473 +\endisatagquote
  23.474 +{\isafoldquote}%
  23.475 +%
  23.476 +\isadelimquote
  23.477 +%
  23.478 +\endisadelimquote
  23.479 +%
  23.480 +\end{itemize}
  23.481 +%
  23.482 +\begin{isamarkuptext}%
  23.483 +\noindent \emph{Function transformers} provide a very general interface,
  23.484 +  transforming a list of function theorems to another
  23.485 +  list of function theorems, provided that neither the heading
  23.486 +  constant nor its type change.  The \isa{{\isadigit{0}}} / \isa{Suc}
  23.487 +  pattern elimination implemented in
  23.488 +  theory \isa{Efficient{\isacharunderscore}Nat} (see \secref{eff_nat}) uses this
  23.489 +  interface.
  23.490 +
  23.491 +  \noindent The current setup of the preprocessor may be inspected using
  23.492 +  the \hyperlink{command.print-codesetup}{\mbox{\isa{\isacommand{print{\isacharunderscore}codesetup}}}} command.
  23.493 +  \hyperlink{command.code-thms}{\mbox{\isa{\isacommand{code{\isacharunderscore}thms}}}} provides a convenient
  23.494 +  mechanism to inspect the impact of a preprocessor setup
  23.495 +  on code equations.
  23.496 +
  23.497 +  \begin{warn}
  23.498 +    The attribute \emph{code unfold}
  23.499 +    associated with the \isa{SML\ code\ generator} also applies to
  23.500 +    the \isa{generic\ code\ generator}:
  23.501 +    \emph{code unfold} implies \emph{code inline}.
  23.502 +  \end{warn}%
  23.503 +\end{isamarkuptext}%
  23.504 +\isamarkuptrue%
  23.505 +%
  23.506 +\isamarkupsubsection{Datatypes \label{sec:datatypes}%
  23.507 +}
  23.508 +\isamarkuptrue%
  23.509 +%
  23.510 +\begin{isamarkuptext}%
  23.511 +Conceptually, any datatype is spanned by a set of
  23.512 +  \emph{constructors} of type \isa{{\isasymtau}\ {\isacharequal}\ {\isasymdots}\ {\isasymRightarrow}\ {\isasymkappa}\ {\isasymalpha}\isactrlisub {\isadigit{1}}\ {\isasymdots}\ {\isasymalpha}\isactrlisub n} where \isa{{\isacharbraceleft}{\isasymalpha}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymalpha}\isactrlisub n{\isacharbraceright}} is exactly the set of \emph{all} type variables in
  23.513 +  \isa{{\isasymtau}}.  The HOL datatype package by default registers any new
  23.514 +  datatype in the table of datatypes, which may be inspected using the
  23.515 +  \hyperlink{command.print-codesetup}{\mbox{\isa{\isacommand{print{\isacharunderscore}codesetup}}}} command.
  23.516 +
  23.517 +  In some cases, it is appropriate to alter or extend this table.  As
  23.518 +  an example, we will develop an alternative representation of the
  23.519 +  queue example given in \secref{sec:intro}.  The amortised
  23.520 +  representation is convenient for generating code but exposes its
  23.521 +  \qt{implementation} details, which may be cumbersome when proving
  23.522 +  theorems about it.  Therefore, here a simple, straightforward
  23.523 +  representation of queues:%
  23.524 +\end{isamarkuptext}%
  23.525 +\isamarkuptrue%
  23.526 +%
  23.527 +\isadelimquote
  23.528 +%
  23.529 +\endisadelimquote
  23.530 +%
  23.531 +\isatagquote
  23.532 +\isacommand{datatype}\isamarkupfalse%
  23.533 +\ {\isacharprime}a\ queue\ {\isacharequal}\ Queue\ {\isachardoublequoteopen}{\isacharprime}a\ list{\isachardoublequoteclose}\isanewline
  23.534 +\isanewline
  23.535 +\isacommand{definition}\isamarkupfalse%
  23.536 +\ empty\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  23.537 +\ \ {\isachardoublequoteopen}empty\ {\isacharequal}\ Queue\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
  23.538 +\isanewline
  23.539 +\isacommand{primrec}\isamarkupfalse%
  23.540 +\ enqueue\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ queue\ {\isasymRightarrow}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  23.541 +\ \ {\isachardoublequoteopen}enqueue\ x\ {\isacharparenleft}Queue\ xs{\isacharparenright}\ {\isacharequal}\ Queue\ {\isacharparenleft}xs\ {\isacharat}\ {\isacharbrackleft}x{\isacharbrackright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  23.542 +\isanewline
  23.543 +\isacommand{fun}\isamarkupfalse%
  23.544 +\ dequeue\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ queue\ {\isasymRightarrow}\ {\isacharprime}a\ option\ {\isasymtimes}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  23.545 +\ \ \ \ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}Queue\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}None{\isacharcomma}\ Queue\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  23.546 +\ \ {\isacharbar}\ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}Queue\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}Some\ x{\isacharcomma}\ Queue\ xs{\isacharparenright}{\isachardoublequoteclose}%
  23.547 +\endisatagquote
  23.548 +{\isafoldquote}%
  23.549 +%
  23.550 +\isadelimquote
  23.551 +%
  23.552 +\endisadelimquote
  23.553 +%
  23.554 +\begin{isamarkuptext}%
  23.555 +\noindent This we can use directly for proving;  for executing,
  23.556 +  we provide an alternative characterisation:%
  23.557 +\end{isamarkuptext}%
  23.558 +\isamarkuptrue%
  23.559 +%
  23.560 +\isadelimquote
  23.561 +%
  23.562 +\endisadelimquote
  23.563 +%
  23.564 +\isatagquote
  23.565 +\isacommand{definition}\isamarkupfalse%
  23.566 +\ AQueue\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  23.567 +\ \ {\isachardoublequoteopen}AQueue\ xs\ ys\ {\isacharequal}\ Queue\ {\isacharparenleft}ys\ {\isacharat}\ rev\ xs{\isacharparenright}{\isachardoublequoteclose}\isanewline
  23.568 +\isanewline
  23.569 +\isacommand{code{\isacharunderscore}datatype}\isamarkupfalse%
  23.570 +\ AQueue%
  23.571 +\endisatagquote
  23.572 +{\isafoldquote}%
  23.573 +%
  23.574 +\isadelimquote
  23.575 +%
<